samba-client-libs-32bit-4.19.8+git.404.38b26805d4-150600.3.12.2<>, ܉g/p9|E[67۶@|xqݻeKj~=%|jj>-EᘤwPfpDk.VMCܕؾ|g ([N3XFA͇R0u]v;*k`1 AW% TGЃ-9 =1nI3b<(+~~ ]VJn!9EXCӒc6P/eUPG?gmۈOgУíwIСsrkY>A?d4 B Y =TZapwLw :w (w w w "w#w&Gw((w*X]0(E8L%9%:_%>=B=G>wH@wIBwXC YGZJ,[J\Lw]Nw^XbYcYdZQeZVfZYlZ[uZpwv\Ldw<wxwy *ȜȠȦCsamba-client-libs-32bit4.19.8+git.404.38b26805d4150600.3.12.2Samba client librariesThe samba-libs package contains the libraries needed by samba client programs.g/h03-ch2d^JdSUSE Linux Enterprise 15SUSE LLC GPL-3.0-or-laterhttps://www.suse.com/Development/Libraries/C and C++https://www.samba.org/linuxx86_64/sbin/ldconfigU5C %eΤv Px itEx55x%|6Text|5textUt%mXxt%| |ett%|5tW85t5xtxExt|LD&%ExEtմDe$%|FհEx5|U|$HHL%x%t%xxexH5xlllAAg/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/g/223b7317ae8b0bae055b549732bc9362d1b651f9f4eaa832391688641e9ff6f61eb7051ac94009b12bf323456258b942d1f1ff7af629edf0d61764d01749da5e2503d7141227a78b204583255e4717ffe7b1864484bd55917ece179f91c72bd37296be203f9774d6fc916e089253dddbdd6fb80fd5a876da0b846ea511ed1aed194387261531368eff65b40676d78b7aae2f6b16f9eff976ab18439027b48814ce0f9a0af8e44f3aea5fd4e620c6a42c809341951fafbd2ec9bb29628161ee51466f8a1692bd78764a5ae5ef40676de51673937461265f43247613047f495965bbd5fff5d94a978fa9c509c5138c113d755d837a10444d23b7cf1b1606fc3ba272189f8ad7fef908c9cbdfda18c7afa020720812cfeecdd9cfd8a9b061734f99661d66518fba2cdae20401e9f7b23c5932eb657900a5b289d8d3cb3117a604968bb7e3f6aa3570a5cb65e334b89e1430110086f61e689f85c7ef235dc908b128a9b8aa4ab024368e335632543b2ef4df49d031fb5a6f829136b82152889980d9d92638d02bc44319de9e961572c0fa57b157086c80426ddcfe1f30eeaca9ad23b47d91df9b0f7d9d264f3952f3a8c9658bef3e3a41c531b1627f343361237f872866bbe42538a541c2e3a92a2dc5dbe0236cb8946e3962dfa9e0238b90fe4173500bb9f91e4f5daf968f7adab91f5a7cebe555e0fef45440b40703cb207fc755c331bc073aac0f9501f076c11004fe41953742f037a96a0bf3309f9878961a8e9acba33faaed8b9f7cc3fab2d3e91fc677cc8f7f831088e502b066c90021b04a0c499b5a061f56d882cbe9e1169cb9be269ffdaba860e269678af62cee503cc264e84dff1fa758fcb822f49a4748a5645a1f1a89ca48adfe329550ba7482f3740850235e596a4c2cb9098d0afe799ea28853de606ab40d83b4f54a26c1121c16e9efaf8da7be7220dce44db87ee10d4751432627504991fbdf733b862d4d51068babd51a47543e1d0987fcc4de8acfd0576167f68b486c2b023f088366a45a7ba765ff7e87394a27f1e6777d05cc83ef956864b8e8bfb14e9fe1d16479728cb5c82fe102494778112ba78b4dbc709ec23d6e1d56c3e10fa449548c65ac30ce7c480390bf76cde9f665460d9355441ee3c3a7539e4c8d840752ce296e7f37b954fe038189d39128cbbf32ac99d1e3e49059578876099ae72a7fee19e996998981f0daa532379675d58bd778d519b3642671e20d4f64feec8d4508a5a239bb51115be86e8912c82f11c407a787d1fd43f8f589584bf7fbc968f3f9fefaaa1ed7163aaa7c70609890d1ff67493d836d2ff613618d2fe251176100a7044352a6713a3ffb64ab6e0fd1a9271b2f2de13844cd53e45c6623f936a33d220c6ed87a38e226904d870e2f1ad0dc3a16b0ed91314f653e7f470fb011f98298c81be54baa5700d43d5bf711d550887ff8e9159f531b4d2edcd1950fe750e4a1095e53cdb9c3ef22fa55ae4f59ee2c8fb826fbcb7e6488895f8a62879754aa08e8a7691a887513d7e1bb76cea452fb7ffdd18507de88a92e839ff1e22dae9c6f5a4e530c8561deda1f9aea906fe48f08c2f5e10d8a8d3bcc865f37a6b7d7b60ecb5fd3ec587fafe24f6a89b24d0a69b058ccfe4d97c2af4981b3270265a53cd2b7079b4803aa4c68349da3ec99d6c95157b82fe202f13b86690bed36f5408c62c4e9466d858f0e4a91c094bb199e31fb223c3fc2adb2be8dedd897da95c49b8821d8b8d4b865d4b7c7821bd44b506ba67171ccbb920773889b19ed04cb85ab4bc7a7e7d869ee0abd7b846ebfc698de9e94a4175cb7adde1d4555ee475c905df6140728209b6ed4d1c8af8f1ba756f4185c1f43c6b200a4847fe64b05f5fd5ea44fd4a710e01240e6a80274d84eba12e7283f457ae68a3c41923b332e57d83c9ec645b0da65498703093e189f4810f1d29f9bf441bdc480b63a61d52f27865607f1023aecb12a22fd46ac89b9f13d285c0358e136c568102890337afda914780e30e7b00dcef910516c8f79ff07e2ee9033915242d9cef502f295280a4eee6abd3c309627143e64dd375a87b9d7a6c8b3b5199d513a111c85d5c364d5eaf5e5d53f5b3adc53be9af65f11de636ab9ef355c4370ef88337ba796229b58e9b50b3fc00b063f6992e4fbbf42e6253b8c263d4dccf3bfbe9a590574340518a19b5b97a167fa1ab2899c45b9afe37c7747e967983bb93e2ff5535a7d75f8db274e15d9c2180e79d839e434b36c6986e3593a45fc0aa107c3969d648e1b05edc6c4c131e001743aefe4760b11dfc097c09dd9fbd06af888a02653ecd23f603a5e39fdb2b6238f509eb5d3d77a99a55a1aaa1506193020353ba3f4e6cb37948905b8385aaadc386686356931ec6f030f939b9555bd44de8d17bb7c707d89e13954021e3530265e0a875130d098d8747abc7e1ac7deca699597d65fdab0659ee7e41a5002f3acc3ea4b8c08d8472b2d2e925b1610c6b2bb9ff40ea0fe19539e8b7b5c7e9c5c17a2893214587622782b02bb58e521472e55913a54f16bd97716a9382795b2e0ce356c846ea59f5fa673d987ddf0626975b0ac5b401e5f3dd9f37f891bfc2686ae347cbb55541bf1bad178d373c296826ca8407cf24f4bc783049afd9cf0093783d0810f2efe973d555bad42bf473ea4c609786c929824297d93591a6048614bff7dac0ea46a35936303f2087be8714a6a7862d2cd3b1c506e5f00e040360e10961f488baefab1f4b682a209c4fa363108ae6d011b070944a6ac4cfd899aca7984ff871b6a214cc5a7675f3be45d856d728af6fd17c0da6d51d9ab04ea29af728189a0d38d9d3dad90b7bc806383d764f61d224b99473ccf3cecc2ee5a9b74bf01f4cfecf375bfa90a006b0cb9662797b0945e957a40450fa0c1512dbb313b8f009388698e6b76ec66efd1699e070b02fc660dbaa793dd96c6457fa44a860b1d10b16aebf75f0cf714ae73968fdbcdd633e076691fb723f0c115328af6e6c7ef0cf57256063bc0c400143b60559fcde023f7457e2ed8ee5c5e4be23cf44aecd399994f143c302dde746e10c276d127777605daf6916180bca4f7c5f302cdd22d2dadaf6dc50ddcb02f5ef63054e2753dc5d5b3bbce2f768381b2dcea78169b343aa530e17295fcc690a06ac58e3ee42caef17a0bb984d520a1c6b58d3c7fb6613ba19da3b6f44e18d24fd22d93a22dbe5be5769f3cc840bf601913ffb122c89b93ba151df0fb17fae25435344e3e0371193b0feab19c24834d0ac656e95dfa5af2972809681f6cd35ee8211bb0eace292fc5263a07db6df2bc168f2367feef36ed3aac89c90ef8078e50d40dd45277b43ff5e13adc446e55c00890e497d93a3c05091c6f87cea7ee6e2f2df4a7e7d551a1fe12119babbc805b339c783d1f30c183d054e7969ec26319032e93e70b64bf20ec7fe453fe5e3dfaf70a894371f390c2b32119253718a82e04ee3cd7e47b33ff6c5493e38f90d47684743e71ef825aeb3b211994a0c0d5e20e852b7b396cc54f70454a42661fc5d9d4c9503736fb2e10d1e98df2fa412eba68e22f98b7a7c05253af7015267ceff304f53a8bbc29886c20d0fe46c5ffcc8d676bba9165b2b2720184de40c4a52c28a25f902e0b2a30a401e21cdc5b4231db0e8dbb27039371070f806eca9a3f93a61ddfda4c4fe31d75683a7e43506d3c3c51f9046df34188cdca540f0e9b669ac927fe6d6c73f96370cc19634a3717b765a02eef8e31ecaa8581f4995dcdc1c1ad112bebf94df939f0505679d4e6e414fb816ad1a41e5ec90765a494dc4157323e39e82e8b1aa0e60eda8fa0f0df01e7da83db6476d887b586832288133d1cc9f9c849384e7e1af02f3a1b8c6d3ebb099f447a09cd4742cd809d39229fa87f7683425410c85c18486603e724809188f451ad668f2ff62cf869192725524547d792f1177844f8442c847531eaeca306a2b6af5cdec6b197d4b73a0991ba23e57ab3326c6bc1d409ef1deca728b0d31dc5e3ef03887a496f9749cb3f4d934c6043135c641c21fb5e065160f325b5282a085cd12cd283100d5c4c59fcbadb07a7527e3bbeb82eceb1277b522b20d2f1710a092b18310ddc74c1206bcbbadf2ba8a5907e24c976b91ae7813f8f83577851f4914dcd86ca2e9c5a539ee2a5fe09ff6395bfff8772e80d50a5cbb7bb9309e1968e75341e0f2c0475731790fc9ef4d35d7172c7d5e21adf9a1c53961eb4d823d75ef21da9254c30a21fffffbf785686d0cab13c8dc1ec5899b72e68c49eb72ad007545cf0100959841135153fccf3570a2a2d039cf06cc82e1bd15b76044cb2d551a3420976e86a02d843d8293098de313bb852d52b5222ed326edf758e8cbb18445e7d303dd6f3ecad9c2c38670243baee637cbfeb17d94010f89d5248libdcerpc-binding.so.0.0.1libdcerpc-server-core.so.0.0.1libdcerpc.so.0.0.1libndr-krb5pac.so.0.0.1libndr-nbt.so.0.0.1libndr-standard.so.0.0.1libndr.so.3.0.1libnetapi.so.1.0.0libsamba-credentials.so.1.0.0libsamba-errors.so.1.0.0libsamba-hostconfig.so.0.0.1libsamba-passdb.so.0.28.0libsamba-util.so.0.0.1libsamdb.so.0.0.1libsmbclient.so.0.7.0libsmbconf.so.0.0.1libsmbldap.so.2.1.0libtevent-util.so.0.0.1libwbclient.so.0.16rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootsamba-4.19.8+git.404.38b26805d4-150600.3.12.2.src.rpmlibCHARSET3-samba4.solibCHARSET3-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libMESSAGING-SEND-samba4.solibMESSAGING-SEND-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libMESSAGING-samba4.solibMESSAGING-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libaddns-samba4.solibaddns-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libads-samba4.solibads-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libasn1util-samba4.solibasn1util-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libauth-samba4.solibauth-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libauthkrb5-samba4.solibauthkrb5-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libcli-cldap-samba4.solibcli-cldap-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libcli-ldap-common-samba4.solibcli-ldap-common-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libcli-ldap-samba4.solibcli-ldap-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libcli-nbt-samba4.solibcli-nbt-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libcli-smb-common-samba4.solibcli-smb-common-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libcli-spoolss-samba4.solibcli-spoolss-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libcliauth-samba4.solibcliauth-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libclidns-samba4.solibclidns-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libcluster-samba4.solibcluster-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libcmdline-contexts-samba4.solibcmdline-contexts-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libcmdline-samba4.solibcmdline-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libcommon-auth-samba4.solibcommon-auth-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libdbwrap-samba4.solibdbwrap-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libdcerpc-binding.so.0libdcerpc-binding.so.0(DCERPC_BINDING_0.0.1)libdcerpc-binding0-32bitlibdcerpc-pkt-auth-samba4.solibdcerpc-pkt-auth-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libdcerpc-samba-samba4.solibdcerpc-samba-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libdcerpc-samba4.solibdcerpc-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libdcerpc-server-core.so.0libdcerpc-server-core.so.0(DCERPC_SERVER_CORE_0.0.1)libdcerpc.so.0libdcerpc.so.0(DCERPC_0.0.1)libdcerpc0-32bitlibevents-samba4.solibevents-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libflag-mapping-samba4.solibflag-mapping-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libgenrand-samba4.solibgenrand-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libgensec-samba4.solibgensec-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libgpo-samba4.solibgpo-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libgse-samba4.solibgse-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libhttp-samba4.solibhttp-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libinterfaces-samba4.solibinterfaces-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libiov-buf-samba4.solibiov-buf-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libkrb5samba-samba4.solibkrb5samba-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libldbsamba-samba4.solibldbsamba-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)liblibcli-lsa3-samba4.soliblibcli-lsa3-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)liblibcli-netlogon3-samba4.soliblibcli-netlogon3-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)liblibsmb-samba4.soliblibsmb-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libmessages-dgm-samba4.solibmessages-dgm-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libmessages-util-samba4.solibmessages-util-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libmscat-samba4.solibmscat-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libmsghdr-samba4.solibmsghdr-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libmsrpc3-samba4.solibmsrpc3-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libndr-krb5pac.so.0libndr-krb5pac.so.0(NDR_KRB5PAC_0.0.1)libndr-krb5pac0-32bitlibndr-nbt.so.0libndr-nbt.so.0(NDR_NBT_0.0.1)libndr-nbt0-32bitlibndr-samba-samba4.solibndr-samba-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libndr-samba4.solibndr-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libndr-standard.so.0libndr-standard.so.0(NDR_STANDARD_0.0.1)libndr-standard0-32bitlibndr.so.3libndr.so.3(NDR_0.0.1)libndr.so.3(NDR_0.0.2)libndr.so.3(NDR_0.0.3)libndr.so.3(NDR_0.0.4)libndr.so.3(NDR_0.0.5)libndr.so.3(NDR_0.0.6)libndr.so.3(NDR_0.0.7)libndr.so.3(NDR_0.0.8)libndr.so.3(NDR_0.0.9)libndr.so.3(NDR_0.1.0)libndr.so.3(NDR_0.1.1)libndr.so.3(NDR_0.1.2)libndr.so.3(NDR_0.2.0)libndr.so.3(NDR_0.2.1)libndr.so.3(NDR_1.0.0)libndr.so.3(NDR_1.0.1)libndr.so.3(NDR_1.0.2)libndr.so.3(NDR_2.0.0)libndr.so.3(NDR_3.0.0)libndr.so.3(NDR_3.0.1)libndr2-32bitlibnet-keytab-samba4.solibnet-keytab-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libnetapi.so.1libnetapi.so.1(NETAPI_1.0.0)libnetapi0-32bitlibnetif-samba4.solibnetif-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libnpa-tstream-samba4.solibnpa-tstream-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libprinting-migrate-samba4.solibprinting-migrate-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libregistry-samba4.solibregistry-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libreplace-samba4.solibreplace-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsamba-cluster-support-samba4.solibsamba-cluster-support-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsamba-credentials.so.1libsamba-credentials.so.1(SAMBA_CREDENTIALS_1.0.0)libsamba-credentials1-32bitlibsamba-debug-samba4.solibsamba-debug-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsamba-errors.so.1libsamba-errors.so.1(SAMBA_ERRORS_1.0.0)libsamba-errors0-32bitlibsamba-hostconfig.so.0libsamba-hostconfig.so.0(SAMBA_HOSTCONFIG_0.0.1)libsamba-hostconfig0-32bitlibsamba-modules-samba4.solibsamba-modules-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsamba-passdb.so.0libsamba-passdb.so.0(SAMBA_PASSDB_0.2.0)libsamba-passdb.so.0(SAMBA_PASSDB_0.24.1)libsamba-passdb.so.0(SAMBA_PASSDB_0.24.2)libsamba-passdb.so.0(SAMBA_PASSDB_0.25.0)libsamba-passdb.so.0(SAMBA_PASSDB_0.26.0)libsamba-passdb.so.0(SAMBA_PASSDB_0.27.0)libsamba-passdb.so.0(SAMBA_PASSDB_0.27.1)libsamba-passdb.so.0(SAMBA_PASSDB_0.27.2)libsamba-passdb.so.0(SAMBA_PASSDB_0.28.0)libsamba-passdb0-32bitlibsamba-security-samba4.solibsamba-security-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsamba-sockets-samba4.solibsamba-sockets-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsamba-util.so.0libsamba-util.so.0(SAMBA_UTIL_0.0.1)libsamba-util0-32bitlibsamba3-util-samba4.solibsamba3-util-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsamdb-common-samba4.solibsamdb-common-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsamdb.so.0libsamdb.so.0(SAMDB_0.0.1)libsamdb0-32bitlibsecrets3-samba4.solibsecrets3-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libserver-id-db-samba4.solibserver-id-db-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libserver-role-samba4.solibserver-role-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsmb-transport-samba4.solibsmb-transport-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsmbclient-raw-samba4.solibsmbclient-raw-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsmbclient.so.0libsmbclient.so.0(SMBCLIENT_0.1.0)libsmbclient.so.0(SMBCLIENT_0.2.0)libsmbclient.so.0(SMBCLIENT_0.2.1)libsmbclient.so.0(SMBCLIENT_0.2.2)libsmbclient.so.0(SMBCLIENT_0.2.3)libsmbclient.so.0(SMBCLIENT_0.3.0)libsmbclient.so.0(SMBCLIENT_0.3.1)libsmbclient.so.0(SMBCLIENT_0.3.2)libsmbclient.so.0(SMBCLIENT_0.3.3)libsmbclient.so.0(SMBCLIENT_0.4.0)libsmbclient.so.0(SMBCLIENT_0.5.0)libsmbclient.so.0(SMBCLIENT_0.6.0)libsmbclient.so.0(SMBCLIENT_0.7.0)libsmbclient0-32bitlibsmbconf.so.0libsmbconf.so.0(SMBCONF_0.0.1)libsmbconf0-32bitlibsmbd-base-samba4.solibsmbd-base-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsmbd-shim-samba4.solibsmbd-shim-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsmbldap.so.2libsmbldap.so.2(SMBLDAP_0)libsmbldap.so.2(SMBLDAP_1)libsmbldap.so.2(SMBLDAP_2)libsmbldap.so.2(SMBLDAP_2.1.0)libsmbldap2-32bitlibsmbldaphelper-samba4.solibsmbldaphelper-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsocket-blocking-samba4.solibsocket-blocking-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libstable-sort-samba4.solibstable-sort-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsys-rw-samba4.solibsys-rw-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libtalloc-report-printf-samba4.solibtalloc-report-printf-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libtdb-wrap-samba4.solibtdb-wrap-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libtevent-util.so.0libtevent-util.so.0(TEVENT_UTIL_0.0.1)libtevent-util0-32bitlibtime-basic-samba4.solibtime-basic-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libtrusts-util-samba4.solibtrusts-util-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libutil-reg-samba4.solibutil-reg-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libutil-setid-samba4.solibutil-setid-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libutil-tdb-samba4.solibutil-tdb-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libwbclient.so.0libwbclient.so.0(WBCLIENT_0.10)libwbclient.so.0(WBCLIENT_0.11)libwbclient.so.0(WBCLIENT_0.12)libwbclient.so.0(WBCLIENT_0.13)libwbclient.so.0(WBCLIENT_0.14)libwbclient.so.0(WBCLIENT_0.15)libwbclient.so.0(WBCLIENT_0.16)libwbclient.so.0(WBCLIENT_0.9)libwbclient0-32bitsamba-client-libs-32bitsamba-client-libs-32bit(x86-32)@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@    /bin/shld-linux.so.2ld-linux.so.2(GLIBC_2.3)libCHARSET3-samba4.solibCHARSET3-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libMESSAGING-SEND-samba4.solibMESSAGING-SEND-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libMESSAGING-samba4.solibMESSAGING-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libacl.so.1libacl.so.1(ACL_1.0)libaddns-samba4.solibaddns-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libads-samba4.solibads-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libasn1util-samba4.solibasn1util-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libauth-samba4.solibauth-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libauthkrb5-samba4.solibauthkrb5-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libavahi-client.so.3libavahi-common.so.3libc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1)libc.so.6(GLIBC_2.1.1)libc.so.6(GLIBC_2.1.2)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.11)libc.so.6(GLIBC_2.15)libc.so.6(GLIBC_2.17)libc.so.6(GLIBC_2.2)libc.so.6(GLIBC_2.2.3)libc.so.6(GLIBC_2.2.4)libc.so.6(GLIBC_2.27)libc.so.6(GLIBC_2.28)libc.so.6(GLIBC_2.3)libc.so.6(GLIBC_2.3.2)libc.so.6(GLIBC_2.3.3)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.32)libc.so.6(GLIBC_2.33)libc.so.6(GLIBC_2.34)libc.so.6(GLIBC_2.38)libc.so.6(GLIBC_2.4)libc.so.6(GLIBC_2.5)libc.so.6(GLIBC_2.6)libc.so.6(GLIBC_2.8)libcli-cldap-samba4.solibcli-cldap-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libcli-ldap-common-samba4.solibcli-ldap-common-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libcli-ldap-samba4.solibcli-ldap-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libcli-nbt-samba4.solibcli-nbt-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libcli-smb-common-samba4.solibcli-smb-common-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libcli-spoolss-samba4.solibcli-spoolss-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libcliauth-samba4.solibcliauth-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libclidns-samba4.solibclidns-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libcluster-samba4.solibcluster-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libcom_err.so.2libcommon-auth-samba4.solibcommon-auth-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libdbwrap-samba4.solibdbwrap-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libdcerpc-binding.so.0libdcerpc-binding.so.0(DCERPC_BINDING_0.0.1)libdcerpc-pkt-auth-samba4.solibdcerpc-pkt-auth-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libdcerpc-samba-samba4.solibdcerpc-samba-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libdcerpc.so.0libdcerpc.so.0(DCERPC_0.0.1)libflag-mapping-samba4.solibflag-mapping-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libgenrand-samba4.solibgenrand-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libgensec-samba4.solibgensec-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libgnutls.so.30libgnutls.so.30(GNUTLS_3_4)libgnutls.so.30(GNUTLS_3_6_10)libgnutls.so.30(GNUTLS_3_6_13)libgnutls.so.30(GNUTLS_3_6_3)libgse-samba4.solibgse-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libgssapi_krb5.so.2libgssapi_krb5.so.2(gssapi_krb5_2_MIT)libhttp-samba4.solibhttp-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libinterfaces-samba4.solibinterfaces-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libiov-buf-samba4.solibiov-buf-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libk5crypto.so.3libk5crypto.so.3(k5crypto_3_MIT)libkrb5.so.3libkrb5.so.3(krb5_3_MIT)libkrb5samba-samba4.solibkrb5samba-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)liblber-2.4.so.2libldap_r-2.4.so.2libldb.so.2libldb.so.2(LDB_0.9.10)libldb.so.2(LDB_0.9.15)libldb.so.2(LDB_0.9.16)libldb.so.2(LDB_0.9.23)libldb.so.2(LDB_1.1.1)libldb.so.2(LDB_1.1.19)libldb.so.2(LDB_1.1.30)libldb.so.2(LDB_1.3.0)libldb.so.2(LDB_2.6.1)libldb.so.2(LDB_2.8.0)libldbsamba-samba4.solibldbsamba-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)liblibcli-lsa3-samba4.soliblibcli-lsa3-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)liblibcli-netlogon3-samba4.soliblibcli-netlogon3-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)liblibsmb-samba4.soliblibsmb-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libmessages-dgm-samba4.solibmessages-dgm-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libmessages-util-samba4.solibmessages-util-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libmsghdr-samba4.solibmsghdr-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libmsrpc3-samba4.solibmsrpc3-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libndr-krb5pac.so.0libndr-krb5pac.so.0(NDR_KRB5PAC_0.0.1)libndr-nbt.so.0libndr-nbt.so.0(NDR_NBT_0.0.1)libndr-samba-samba4.solibndr-samba-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libndr-samba4.solibndr-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libndr-standard.so.0libndr-standard.so.0(NDR_STANDARD_0.0.1)libndr.so.3libndr.so.3(NDR_0.0.1)libndr.so.3(NDR_0.0.3)libndr.so.3(NDR_0.0.4)libndr.so.3(NDR_0.0.5)libndr.so.3(NDR_0.0.6)libndr.so.3(NDR_0.0.7)libndr.so.3(NDR_0.0.8)libndr.so.3(NDR_0.0.9)libndr.so.3(NDR_0.1.1)libndr.so.3(NDR_0.1.2)libndr.so.3(NDR_0.2.0)libndr.so.3(NDR_0.2.1)libndr.so.3(NDR_1.0.0)libndr.so.3(NDR_1.0.1)libndr.so.3(NDR_1.0.2)libndr.so.3(NDR_2.0.0)libndr.so.3(NDR_3.0.1)libnetif-samba4.solibnetif-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libnpa-tstream-samba4.solibnpa-tstream-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libnscd.so.1libnscd.so.1(LIBNSCD_1.0)libpam.so.0libpam.so.0(LIBPAM_1.0)libpopt.so.0libpopt.so.0(LIBPOPT_0)libreplace-samba4.solibreplace-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsamba-cluster-support-samba4.solibsamba-cluster-support-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsamba-credentials.so.1libsamba-credentials.so.1(SAMBA_CREDENTIALS_1.0.0)libsamba-debug-samba4.solibsamba-debug-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsamba-errors.so.1libsamba-errors.so.1(SAMBA_ERRORS_1.0.0)libsamba-hostconfig.so.0libsamba-hostconfig.so.0(SAMBA_HOSTCONFIG_0.0.1)libsamba-modules-samba4.solibsamba-modules-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsamba-passdb.so.0libsamba-passdb.so.0(SAMBA_PASSDB_0.2.0)libsamba-passdb.so.0(SAMBA_PASSDB_0.27.1)libsamba-security-samba4.solibsamba-security-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsamba-sockets-samba4.solibsamba-sockets-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsamba-util.so.0libsamba-util.so.0(SAMBA_UTIL_0.0.1)libsamba3-util-samba4.solibsamba3-util-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsamdb-common-samba4.solibsamdb-common-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsamdb.so.0libsamdb.so.0(SAMDB_0.0.1)libsecrets3-samba4.solibsecrets3-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libserver-id-db-samba4.solibserver-id-db-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libserver-role-samba4.solibserver-role-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsmb-transport-samba4.solibsmb-transport-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsmbclient-raw-samba4.solibsmbclient-raw-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsmbconf.so.0libsmbconf.so.0(SMBCONF_0.0.1)libsmbd-shim-samba4.solibsmbd-shim-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsmbldap.so.2libsmbldap.so.2(SMBLDAP_0)libsmbldap.so.2(SMBLDAP_1)libsmbldaphelper-samba4.solibsmbldaphelper-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsocket-blocking-samba4.solibsocket-blocking-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libstable-sort-samba4.solibstable-sort-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsys-rw-samba4.solibsys-rw-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libsystemd.so.0libsystemd.so.0(LIBSYSTEMD_209)libtalloc-report-printf-samba4.solibtalloc-report-printf-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libtalloc.so.2libtalloc.so.2(TALLOC_2.0.2)libtalloc.so.2(TALLOC_2.1.0)libtalloc.so.2(TALLOC_2.3.5)libtasn1.so.6libtasn1.so.6(LIBTASN1_0_3)libtdb-wrap-samba4.solibtdb-wrap-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libtdb.so.1libtdb.so.1(TDB_1.2.1)libtdb.so.1(TDB_1.2.2)libtdb.so.1(TDB_1.2.5)libtdb.so.1(TDB_1.3.0)libtdb.so.1(TDB_1.3.11)libtdb.so.1(TDB_1.3.17)libtevent-util.so.0libtevent-util.so.0(TEVENT_UTIL_0.0.1)libtevent.so.0libtevent.so.0(TEVENT_0.11.0)libtevent.so.0(TEVENT_0.12.0)libtevent.so.0(TEVENT_0.13.0)libtevent.so.0(TEVENT_0.15.0)libtevent.so.0(TEVENT_0.9.12)libtevent.so.0(TEVENT_0.9.13)libtevent.so.0(TEVENT_0.9.16)libtevent.so.0(TEVENT_0.9.20)libtevent.so.0(TEVENT_0.9.30)libtevent.so.0(TEVENT_0.9.31)libtevent.so.0(TEVENT_0.9.37)libtevent.so.0(TEVENT_0.9.9)libtime-basic-samba4.solibtime-basic-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libtrusts-util-samba4.solibtrusts-util-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libutil-reg-samba4.solibutil-reg-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libutil-setid-samba4.solibutil-setid-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libutil-tdb-samba4.solibutil-tdb-samba4.so(SAMBA_4.19.9_GIT.404.38B26805D4150600.3.12.2SUSE_OS15.0_I386_SAMBA4)libwbclient.so.0libwbclient.so.0(WBCLIENT_0.13)libwbclient.so.0(WBCLIENT_0.9)libz.so.1rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.3gRgR@gMgp@fٝ@fxfteԔ@ee5@ede6`@e-%e'e%ascabrero@suse.denopower@suse.comnopower@suse.comnopower@suse.comddiss@suse.comscabrero@suse.denopower@suse.comnopower@suse.comnopower@suse.comnopower@suse.comnopower@suse.comdmulder@suse.comnopower@suse.comnopower@suse.comnopower@suse.comnopower@suse.comscabrero@suse.descabrero@suse.descabrero@suse.denopower@suse.comnopower@suse.comnopower@suse.comnopower@suse.comnopower@suse.comnopower@suse.comnopower@suse.comnopower@suse.comnopower@suse.comnopower@suse.comnopower@suse.comscabrero@suse.dedmulder@suse.comscabrero@suse.denopower@suse.comnopower@suse.comscabrero@suse.denopower@suse.comnopower@suse.comscabrero@suse.denopower@suse.comscabrero@suse.descabrero@suse.descabrero@suse.descabrero@suse.descabrero@suse.descabrero@suse.descabrero@suse.dedmulder@suse.comddiss@suse.comnopower@suse.comdmulder@suse.comdmulder@suse.comnopower@suse.comscabrero@suse.descabrero@suse.dedimstar@opensuse.orgscabrero@suse.descabrero@suse.descabrero@suse.descabrero@suse.dedmulder@suse.comnopower@suse.comnopower@suse.comscabrero@suse.descabrero@suse.descabrero@suse.dedmulder@suse.comnopower@suse.comscabrero@suse.descabrero@suse.descabrero@suse.descabrero@suse.descabrero@suse.descabrero@suse.denopower@suse.comscabrero@suse.deddiss@suse.comddiss@suse.comddiss@suse.comscabrero@suse.descabrero@suse.dedmulder@suse.comnopower@suse.comscabrero@suse.descabrero@suse.dedmulder@suse.comscabrero@suse.descabrero@suse.denopower@suse.comnopower@suse.comnopower@suse.comdmulder@suse.comscabrero@suse.denopower@suse.comddiss@suse.comnopower@suse.comnopower@suse.comjmcdonough@suse.comnopower@suse.comnopower@suse.comjmcdonough@suse.comnopower@suse.comnopower@suse.comscabrero@suse.denopower@suse.comnopower@suse.comjmcdonough@suse.comnopower@suse.comscabrero@suse.denopower@suse.comnopower@suse.comddiss@suse.comddiss@suse.comnopower@suse.comnopower@suse.comddiss@suse.comnopower@suse.comdmulder@suse.comdmulder@suse.comddiss@suse.comscabrero@suse.dedmulder@suse.comddiss@suse.comnopower@suse.comjengelh@inai.dedmulder@suse.comscabrero@suse.descabrero@suse.descabrero@suse.dedmulder@suse.comdmulder@suse.comdmulder@suse.comjmcdonough@suse.comdmulder@suse.comscabrero@suse.dedmulder@suse.comscabrero@suse.dedmulder@suse.comdmulder@suse.comvcizek@suse.comdmulder@suse.comdmulder@suse.comnopower@suse.comscabrero@suse.dejmcdonough@suse.comscabrero@suse.deaaptel@suse.comjengelh@inai.dedimstar@opensuse.orgdmulder@suse.comjmcdonough@suse.comdavid.mulder@suse.comjmcdonough@suse.comaaptel@suse.comdmulder@suse.comscabrero@suse.comscabrero@suse.comkukuk@suse.dedavid.mulder@suse.comscabrero@suse.comrbrown@suse.comdmulder@suse.comscabrero@suse.comdimstar@opensuse.orgscabrero@suse.comaaptel@suse.comnopower@suse.comnopower@suse.comaaptel@suse.comddiss@suse.comdmulder@suse.comddiss@suse.comdmulder@suse.comddiss@suse.comddiss@suse.comnopower@suse.comddiss@suse.comddiss@suse.comddiss@suse.comddiss@suse.comddiss@suse.comddiss@suse.comddiss@suse.comddiss@suse.comdmulder@suse.comnopower@suse.comjmcdonough@suse.comaaptel@suse.comkukuk@suse.comkukuk@suse.denopower@suse.comaaptel@suse.comdmulder@suse.comddiss@suse.comdmulder@suse.comddiss@suse.comjmcdonough@suse.comnopower@suse.comnopower@suse.comnopower@suse.comnopower@suse.comjmcdonough@suse.comjmcdonough@suse.comnopower@suse.comnopower@suse.comddiss@suse.comjmcdonough@suse.comddiss@suse.comjmcdonough@suse.comjmcdonough@suse.comjmcdonough@suse.comjmcdonough@suse.comjmcdonough@suse.comjmcdonough@suse.comjmcdonough@suse.comjmcdonough@suse.comjmcdonough@suse.comnopower@suse.comlmuelle@suse.comlmuelle@suse.comjmcdonough@suse.comnopower@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comnopower@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comtchvatal@suse.comlmuelle@suse.comnopower@suse.comcrrodriguez@opensuse.orglmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comnoel.power@suse.comddiss@suse.comddiss@suse.comlmuelle@suse.comddiss@suse.comlmuelle@suse.comlmuelle@suse.comnopower@suse.comddiss@suse.comddiss@suse.comlmuelle@suse.comlmuelle@suse.comddiss@suse.comlmuelle@suse.commpluskal@suse.comlmuelle@suse.comnopower@suse.deddiss@suse.comddiss@suse.comddiss@suse.comlmuelle@suse.denopower@suse.delmuelle@suse.comnopower@suse.deddiss@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.com- Fix crossing automounter mount points; (bsc#1215212); (bsc#1236803);- Update shipped /etc/samba/smb.conf to point to smb.conf man page;(bsc#1233880).- Update to 4.19.9 * libldb: performance issue with indexes (ldb 2.8.2 is already released); (bso#15590). * DH reconnect error handling can lead to stale sharemode entries; (bso#15624). * Incorrect FSCTL_QUERY_ALLOCATED_RANGES response when truncated; (bso#15699). * irpc_destructor may crash during shutdown; (bso#15280). * Compound SMB2 requests don't return NT_STATUS_NETWORK_SESSION_EXPIRED for all requests, confuses MacOSX clients; (bso#15696). * Crash when readlinkat fails; (bso#15700).- Adjust spec to split out rpcd_* binaries into a separate sub package; (bsc#1231414).- Incorrect FSCTL_QUERY_ALLOCATED_RANGES response when truncated; (bso#15699); (bsc#1229684). - Update to 4.19.8 * Invalid client warning about command line passwords; (bso#15671); * Version string is truncated in manpages; (bso#15672); * --version-* options are still not ergonomic, and they reject tilde characters; (bso#15673); * cmdline_burn does not always burn secrets; (bso#15674); * Samba doesn't parse SDDL found in defaultSecurityDescriptor in AD_DS_Classes_Windows_Server_v1903.ldf; (bso#15685); * We have added new options --vendor-name and --vendor-patch- revision arguments to ./configure to allow distributions and packagers to put their name in the Samba version string so that when debugging Samba the source of the binary is obvious; (bso#15654); * When claims enabled with heimdal kerberos, unable to log on to a Windows computer when user account need to change their own password; (bso#15655); * Fix clock skew error message and memory cache clock skew recovery; (bso#15676); * CTDB RADOS mutex helper misses namespace support; (bso#15665); * The images don't build after the git security release and CentOS 8 Stream is EOL; (bso#15660); * Fix unnecessary delays in CTDB while processing requests under high load; (bso#15678); * Dynamic DNS updates with the internal DNS are not working; (bso#13019); * s4:nbt_server: does not provide unexpected handling, so winbindd can't use nmb requests instead cldap; (bso#15620); * Panic in vfs_offload_token_db_fetch_fsp(); (bso#15664); * "client use kerberos" and --use-kerberos is ignored for the machine account; (bso#15666); * Regression DFS not working with widelinks = true; (bso#15435); * ntlm_auth make logs more consistent with length check; (bso#15677);- Fix a crash when joining offline and 'kerberos method' includes keytab; (bsc#1228732); - Fix reading the password from STDIN or environment vars if it was already given in the command line; (bsc#1228732);- Update to 4.19.7 * ldb qsort might r/w out of bounds with an intransitive compare function (ldb 2.8.1 is already released); (bso#15569). * Many qsort() comparison functions are non-transitive, which can lead to out-of-bounds access in some circumstances (ldb 2.8.1 is already released); (bso#15625). * Need to change gitlab-ci.yml tags in all branches to avoid CI bill; (bso#15638). * netr_LogonSamLogonEx returns NR_STATUS_ACCESS_DENIED with SysvolReady=0; (bso#14981). * Anonymous smb3 signing/encryption should be allowed (similar to Windows Server 2022); (bso#15412). * Panic in dreplsrv_op_pull_source_apply_changes_trigger; (bso#15573). * winbindd, net ads join and other things don't work on an ipv6 only host; (bso#15642). * Smbcacls incorrectly propagates inheritance with Inherit-Only flag; (bso#15636). * http library doesn't support 'chunked transfer encoding'; (bso#15611). - Update to 4.19.6 * fd_handle_destructor() panics within an smbd_smb2_close() if vfs_stat_fsp() fails in fd_close(); (bso#15527). * samba-gpupdate: Correctly implement site support; (bso#15588). * libgpo: Segfault in python bindings; (bso#15599). * Packet marshalling push support missing for CTDB_CONTROL_TCP_CLIENT_DISCONNECTED and CTDB_CONTROL_TCP_CLIENT_PASSED; (bso#15580).- Update to 4.19.5 * Windows 2016 fails to restore previous version of a file from a shadow_copy2 snapshot; (bso#13688). * Symlinks on AIX are broken in 4.19 (and a few version before that); (bso#15549). * Fake directory create times has no effect; (bso#12421). * ctime mixed up with mtime by smbd; (bso#15550). * samba-gpupdate --rsop fails if machine is not in a site; (bso#15548). * gpupdate: The root cert import when NDES is not available is broken; (bso#15557). * samba-gpupdate should print a useful message if cepces-submit can't be found; (bso#15552). * samba-gpupdate logging doesn't work; (bso#15558). * smbpasswd reset permissions only if not 0600; (bso#15555).- Remove -x from bash shebang update-apparmor-samba-profile; (bsc#1218431).- Update to 4.19.4 * net changesecretpw cannot set the machine account password if secrets.tdb is empty; (bso#13577). * For generating doc, take, if defined, env XML_CATALOG_FILES; (bso#15540). * Trivial C typo in nsswitch/winbind_nss_netbsd.c; (bso#15541). * vfs_linux_xfs is incorrectly named; (bso#15542). * systemd stumbled over copyright-message at smbd startup; (bso#15377). * Following intermediate abolute share-local symlinks is broken; (bso#15505). * ctdb RELEASE_IP causes a crash in release_ip if a connection to a non-public address disconnects first; (bso#15523). * shadow_copy2 broken when current fileset's directories are removed; (bso#15544). * smbd does not detect ctdb public ipv6 addresses for multichannel exclusion; (bso#15534). * 'force user = localunixuser' doesn't work if 'allow trusted domains = no' is set; (bso#15469). * smbget debug logging doesn't work; (bso#15525). * smget: username in the smburl and interactive password entry doesn't work; (bso#15532). * smbget auth function doesn't set values for password prompt correctly; (bso#15538). * Unable to copy and write files from clients to Ceph cluster via SMB Linux gateway with Ceph VFS module; (bso#15440). * Multichannel refresh network information; (bso#15547).- Update to 4.19.3 * sid_strings test broken by unix epoch > 1700000000; (bso#15520). * smbd crashes if asked to return full information on close of a stream handle with delete on close disposition set; (bso#15487). * smbd: fix close order of base_fsp and stream_fsp in smb_fname_fsp_destructor(); (bso#15521). * Improve logging for failover scenarios; (bso#15499). * Files without "read attributes" NFS4 ACL permission are not listed in directories; (bso#15093). * CVE-2018-14628 [SECURITY] Deleted Object tombstones visible in AD LDAP to normal users; (bso#13595). * Kerberos TGS-REQ with User2User does not work for normal accounts; (bso#15492). * vfs_gpfs stat calls fail due to file system permissions; (bso#15507). * Samba doesn't build with Python 3.12; (bso#15513).- packaging: samba-tool domain provision requires python3-Markdown; (bsc#1216519).- Update to 4.19.2 * Use-after-free in aio_del_req_from_fsp during smbd shutdown after failed IPC FSCTL_PIPE_TRANSCEIVE; (bso#15423). * clidfs.c do_connect() missing a "return" after a cli_shutdown() call; (bso#15426). * macOS mdfind returns only 50 results; (bso#15463). * GETREALFILENAME_CACHE can modify incoming new filename with previous cache entry value; (bso#15481). * libnss_winbind causes memory corruption since samba-4.18, impacts sendmail, zabbix, potentially more; (bso#15464). * ctdbd: setproctitle not initialized messages flooding logs; (bso#15479). * CVE-2023-5568 Heap buffer overflow with freshness tokens in the Heimdal KDC in Samba 4.19; (bso#15491). * The heimdal KDC doesn't detect s4u2self correctly when fast is in use; (bso#15477).- use systemd-logind rather than utmp for y2038 safety; (bsc#1216159).- CVE-2023-4091: samba: Client can truncate file with read-only permissions; (bsc#1215904); (bso#15439). - CVE-2023-42669: samba: rpcecho, enabled and running in AD DC, allows blocking sleep on request; (bso#1215905); (bso#15474). - CVE-2023-42670: samba: The procedure number is out of range when starting Active Directory Users and Computers; (bsc#1215906); (bso#15473). - CVE-2023-3961: samba: Unsanitized client pipe name passed to local_np_connect(); (bsc#1215907); (bso#15422). - CVE-2023-4154: samba: dirsync allows SYSTEM access with only "GUID_DRS_GET_CHANGES" right, not "GUID_DRS_GET_ALL_CHANGES; (bsc#1215908); (bso#15424).- Update to 4.19.0 * File doesn't show when user doesn't have permission if aio_pthread is loaded; (bso#15453). * ctdb_killtcp fails to work with --enable-pcap and libpcap ≥ 1.9.1; (bso#15451). * Logging to stdout/stderr with DEBUG_SYSLOG_FORMAT_ALWAYS can log to syslog; (bso#15460). * ‘samba-tool domain level raise’ fails unless given a URL; (bso#15458). * reply_sesssetup_and_X() can dereference uninitialized tmp pointer; (bso#15420). * missing return in reply_exit_done(); (bso#15430). * TREE_CONNECT without SETUP causes smbd to use uninitialized pointer; (bso#15432). * Avoid infinite loop in initial user sync with Azure AD Connect when synchronising a large Samba AD domain; (bso#15401). * Samba replication logs show (null) DN; (bso#15407). * 2-3min delays at reconnect with smb2_validate_sequence_number: bad message_id 2; (bso#15346). * DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED can't be parsed; (bso#15446). * CID 1539212 causes real issue when output contains only newlines; (bso#15438). * KDC encodes INT64 claims incorrectly; (bso#15452). * mdssvc: Do an early talloc_free() in _mdssvc_open(); (bso#15449). * Windows client join fails if a second container CN=System exists somewhere; (bso#9959). * regression DFS not working with widelinks = true; (bso#15435). * Heimdal fails to build on 32-bit FreeBSD; (bso#15443). * samba-tool ntacl get segfault if aio_pthread appended; (bso#15441). - Update to 4.18.6 * reply_sesssetup_and_X() can dereference uninitialized tmp pointer; (bso#15420); * Missing return in reply_exit_done(); (bso#15430); * post-exec password redaction for samba-tool is more reliable for fully random passwords as it no longer uses regular expressions containing the password value itself; (bso#15289); * Windows client join fails if a second container CN=System exists somewhere; (bso#9959); * Spotlight sometimes returns no results on latest macOS; (bso#15342); * Renaming results in NT_STATUS_SHARING_VIOLATION if previously attempted to remove the destination; (bso#15417); * Spotlight results return wrong date in result list; (bso#15427); * "net offlinejoin provision" does not work as non-root user; (bso#15414); * rpcserver no longer accepts double backslash in dfs pathname; (bso#15400); * cm_prepare_connection() calls close(fd) for the second time; (bso#15433); * 2-3min delays at reconnect with smb2_validate_sequence_number: bad message_id 2; (bso#15346); * samba-tool ntacl get segfault if aio_pthread appended; (bso#15441); * DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED can't be parsed; (bso#15446); * Python tarfile extraction needs change to avoid a warning (CVE-2007-4559 mitigation); (bso#15390); * Regression DFS not working with widelinks = true; (bso#15435); * mdssvc: Do an early talloc_free() in _mdssvc_open(); (bso#15449); - Update to 4.18.5 * CVE-2022-2127: lm_resp_len not checked properly in winbindd_pam_auth_crap_send; (bso#15072); (bsc#1213174). * CVE-2023-34966: Samba Spotlight mdssvc RPC Request Infinite Loop Denial-of-Service Vulnerability; (bso#15340); (bsc#1213173). * CVE-2023-34967: Samba Spotlight mdssvc RPC Request Type Confusion Denial-of-Service Vulnerability; (bso#15341); (bsc#1213172). * CVE-2023-34968: Spotlight server-side Share Path Disclosure; (bso#15388); (bsc#1213171). * CVE-2023-3347: Samba doesn't require SMB2+ signing if `server signing = mandatory` is set; (bso#15397); (bsc#1213170). * secure channel faulty since Windows 10/11 update 07/2023; (bso#15418); (bsc#1213384). - Update to 4.18.4 * Backport --pidl-developer fixes; (bso#15404). * Named crashes on DLZ zone update; (bso#14030). * smbcacls and smbcquotas do not check // before the server; (bso#2312). * cli_list loops 100% CPU against pre-lanman2 servers; (bso#15382). * smbclient leaks fds with showacls; (bso#15391). * smbd returns NOT_FOUND when creating files on a r/o filesystem; (bso#15402). * NSS_WRAPPER_HOSTNAME doesn't match NSS_WRAPPER_HOSTS entry and causes test timeouts; (bso#15355). * net ads lookup (with unspecified realm) fails; (bso#15384). * Register Samba processes with GPFS; (bso#15381). * Python tarfile extraction needs change to avoid a warning (CVE-2007-4559 mitigation); (bso#15390). * The winbind child segfaults when listing users with `winbind scan trusted domains = yes`; (bso#15398). * Remove comments about deprecated 'write cache size'; (bso#15383). * smbget memory leak if failed to download files recursively; (bso#15403). - Update to 4.18.3 * Symlinks to files can have random DOS mode information in a directory listing; (bso#15375). * vfs_fruit might cause a failing open for delete; (bso#15378). * winbind recurses into itself via rpcd_lsad; (bso#15361). * wbinfo -u fails on ad dc with >1000 users; (bso#15366). * DS ACEs might be inherited to unrelated object classes; (bso#15338). * a lot of messages: get_static_share_mode_data: get_static_share_mode_data_fn failed: NT_STATUS_NOT_FOUND; (bso#15362). * aes256 smb3 encryption algorithms are not allowed in smb3_sid_parse(); (bso#15374). * Setting veto files = /.*/ break listing directories; (bso#15360). * "samba-tool domain provision" does not run interactive mode if no arguments are given; (bso#15363). * dsgetdcname: assumes local system uses IPv4; (bso#15325). - Update to 4.18.2 * Log flood: smbd_calculate_access_mask_fsp: Access denied: message level should be lower; (bso#15302). * Floating point exception (FPE) via cli_pull_send at source3/libsmb/clireadwrite.c; (bso#15306). * test_tstream_more_tcp_user_timeout_spin fails intermittently on Rackspace GitLab runners; (bso#15328). * Reduce flapping of ridalloc test; (bso#15329). * large_ldap test is unreliable; (bso#15351). * New filename parser doesn't check veto files smb.conf parameter; (bso#15143). * mdssvc may crash when initializing; (bso#15354). * large directory optimization broken for non-lcomp path elements; (bso#15313). * streams_depot fails to create streams; (bso#15357). * shadow_copy2 and streams_depot don't play well together; (bso#15358). * Flapping tests in samba_tool_drs_show_repl.py; (bso#15316). * winbindd idmap child contacts the domain controller without a need; (bso#15317). * idmap_autorid may fail to map sids of trusted domains for the first time; (bso#15318). * idmap_hash doesn't use ID_TYPE_BOTH for reverse mappings; (bso#15319). * net ads search -P doesn't work against servers in other domains; (bso#15323). * Temporary smbXsrv_tcon_global.tdb can't be parsed; (bso#15353). * Tests use depricated and removed methods like assertRegexpMatches; (bso#15343). - Update to 4.18.1 * CVE-2023-0225: AD DC "dnsHostname" attribute can be deleted by unprivileged authenticated users. (bso#15276);(bsc#1209483). * CVE-2023-0614: Access controlled AD LDAP attributes can be discovered (bso#15270); (bsc#1209485). * CVE-2023-0922: Samba AD DC admin tool samba-tool sends passwords in cleartext(bso#15315);(bsc#1209481). * ldb wildcard matching makes excessive allocations; (bso#15331). * large_ldap test is inefficient; (bso#15332). - Update to 4.18.0 * SMB server performance improvements * More succinct samba-tool error messages * Color output with samba-tool --color The NO_COLOR environment variable will disable colour output * New samba-tool dsacl subcommand for deleting ACEs * New wbinfo option --change-secret-at * Net option to change the NT ACL default location * Azure AD / Office365 synchronization improvements- Fix DFS not working with widelinks enabled; (bsc#1213607); (bso#15435);- Move libcluster-samba4.so from samba-libs to samba-client-libs; (bsc#1213940);- net ads lookup with unspecified realm fails; (bso#15384); (bsc#1213826);- secure channel faulty since Windows 10/11 update 07/2023; (bso#15418); (bsc#1213384).- CVE-2022-2127: lm_resp_len not checked properly in winbindd_pam_auth_crap_send; (bso#15072); (bsc#1213174). - CVE-2023-34966: Samba Spotlight mdssvc RPC Request Infinite Loop Denial-of-Service Vulnerability; (bso#15340); (bsc#1213173). - CVE-2023-34967: Samba Spotlight mdssvc RPC Request Type Confusion Denial-of-Service Vulnerability; (bso#15341); (bsc#1213172). - CVE-2023-34968: Spotlight server-side Share Path Disclosure; (bso#15388); (bsc#1213171). - CVE-2023-3347: Samba doesn't require SMB2+ signing if `server signing = mandatory` is set; (bso#15397); (bsc#1213170).- Update to 4.17.9 * Backport --pidl-developer fixes; (bso#15404). * smbd_scavenger crashes when service smbd is stopped; (bso#15275). * vfs_fruit might cause a failing open for delete; (bso#15378). * named crashes on DLZ zone update; (bso#14030). * winbind recurses into itself via rpcd_lsad; (bso#15361). * cli_list loops 100% CPU against pre-lanman2 servers; (bso#15382). * smbclient leaks fds with showacls; (bso#15391). * aes256 smb3 encryption algorithms are not allowed in smb3_sid_parse(); (bso#15374). * winbindd gets stuck on NT_STATUS_RPC_SEC_PKG_ERROR; (bso#15413). * smbget memory leak if failed to download files recursively; (bso#15403).- Update to 4.17.8 * log flood: smbd_calculate_access_mask_fsp: Access denied: message level should be lower; (bso#15302). * Floating point exception (FPE) via cli_pull_send at source3/libsmb/clireadwrite.c; (bso#15306). * test_tstream_more_tcp_user_timeout_spin fails intermittently on Rackspace GitLab runners; (bso#15328). * Reduce flapping of ridalloc test; (bso#15329). * large_ldap test is unreliable; (bso#15351). * New filename parser doesn't check veto files smb.conf parameter; (bso#15143). * mdssvc may crash when initializing; (bso#15354). * Large directory optimization broken for non-lcomp path elements; (bso#15313). * streams_depot fails to create streams; (bso#15357). * shadow_copy2 and streams_depot don't play well together; (bso#15358). * wbinfo -u fails on ad dc with >1000 users; (bso#15366). * winbindd idmap child contacts the domain controller without a need; (bso#15317). * idmap_autorid may fail to map sids of trusted domains for the first time; (bso#15318). * idmap_hash doesn't use ID_TYPE_BOTH for reverse mappings; (bso#15319). * net ads search -P doesn't work against servers in other domains; (bso#15323). * DS ACEs might be inherited to unrelated object classes; (bso#15338). * Temporary smbXsrv_tcon_global.tdb can't be parsed; (bso#15353). * Setting veto files = /.*/ break listing directories; (bso#15360); (bsc#1212375). * CVE-2020-25720 [SECURITY] Create Child permission should not allow full write to all attributes (additional changes); (bso#14810). * dsgetdcname: assumes local system uses IPv4; (bso#15325).- Update to 4.17.7 * CVE-2023-0922: Samba AD DC admin tool samba-tool sends passwords in cleartext; (bso#15315); (bsc#1209481). * CVE-2023-0225: Samba AD DC "dnsHostname" attribute can be deleted by unprivileged authenticated users; (bso#15276); (bsc#1209483). * CVE-2023-0614: samba: Access controlled AD LDAP attributes can be discovered; (bso#15270); (bsc#1209485). * large_ldap test is inefficient; (bso#15332). * CVE-2020-25720 [SECURITY] Create Child permission should not allow full write to all attributes (additional changes); (bso#14810). - Update to 4.17.6 * streams_xattr is creating unexpected locks on folders; (bso#15314). * Use of the Azure AD Connect cloud sync tool is now supported for password hash synchronisation, allowing Samba AD Domains to synchronise passwords with this popular cloud environment; (bso#10635). * Spotlight doesn't work with latest macOS Ventura; (bso#15299). * New samba-dcerpc architecture does not scale gracefully; (bso#15310). * vfs_ceph incorrectly uses fsp_get_io_fd() instead of fsp_get_pathref_fd() in close and fstat; (bso#15307). * With clustering enabled samba-bgqd can core dump due to use after free; (bso#15293). * fd_load() function implicitly closes the fd where it should not; (bso#15311). - Update to 4.17.5 * smbc_getxattr() return value is incorrect; (bso#14808). * Compound SMB2 FLUSH+CLOSE requests from MacOSX are not handled correctly; (bso#15172). * synthetic_pathref AFP_AfpInfo failed errors; (bso#15210). * samba-tool gpo listall fails IPv6 only - finddcs() fails to find DC when there is only an AAAA record for the DC in DNS; (bso#15226). * smbd crashes if an FSCTL request is done on a stream handle; (bso#15236). * DFS links don't work anymore on Mac clients since 4.17; (bso#15277). * vfs_virusfilter segfault on access, directory edgecase (accessing NULL value); (bso#15283). * CVE-2022-38023 [SECURITY] Samba should refuse RC4 (aka md5) based SChannel on NETLOGON (additional changes); (bso#15240). * %U for include directive doesn't work for share listing (netshareenum); (bso#15243). * Shares missing from netshareenum response in samba 4.17.4; (bso#15266). * ctdb: use-after-free in run_proc; (bso#15269). * irpc_destructor may crash during shutdown; (bso#15280). * auth3_generate_session_info_pac leaks wbcAuthUserInfo; (bso#15286). * smbclient segfaults with use after free on an optimized build; (bso#15268). * smbstatus leaking files in msg.sock and msg.lock; (bso#15282). * Leak in wbcCtxPingDc2; (bso#15164). * Access based share enum does not work in Samba 4.16+; (bso#15265). * Crash during share enumeration; (bso#15267). * rep_listxattr on FreeBSD does not properly check for reads off end of returned buffer; (bso#15271). * Avoid relying on C89 features in a few places; (bso#15281).- Make (32bit) samba-libs conflict with old samba-ad-dc-libs package to satisfy installcheck.- Make samba-libs conflict with old samba-ad-dc-libs package to satisfy installcheck.- Remove non functioning ifup/ifdown samba-winbindd scripts; (bsc#1207414).- libdsdb-module-samba4 should be packaged as part of samba-libs and not samba-ad-dc-libs. Additionally no need for it to be removed conditionally.- Clean up logic for PAM migration settings in spec file.- Change with_dc default to 0 (for non TW builds), ADDC feature is deprecated and will no longer be included in >= SLE15-SP5; (jsc#PED-1122).- Update to 4.17.4 * CVE-2022-44640 Upstream Heimdal free of user-controlled pointer in FAST; (bsc#14929); * CVE-2021-20251 Bad password count not incremented atomically; (bsc#14611); * CVE-2022-42898 krb5_pac_parse() buffer parsing vulnerability; (bsc#15203); * CVE-2022-37966 rc4-hmac Kerberos session keys issued to modern servers; (bso#15237); * CVE-2022-37967 Kerberos constrained delegation ticket forgery possible against Samba AD DC; (bso#15231); * CVE-2022-38023 RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided; (bso#15240); * pam_winbind uses time_t and pointers assuming they are of the same size; (bso#15224); * Heimdal session key selection in AS-REQ examines wrong entry; (bso#15219); * filter-subunit is inefficient with large numbers of knownfails; (bso#15258); * smbd allows setting FILE_ATTRIBUTE_TEMPORARY on directories; (bso#15252); * The KDC logic arround msDs-supportedEncryptionTypes differs from Windows; (bso#13135); * libnet: change_password() doesn't work with dcerpc_samr_ChangePasswordUser4(); (bso#15206); * Heimdal session key selection in AS-REQ examines wrong entry; (bso#15219); * Memory leak in snprintf replacement functions; (bso#15230); * RODC doesn't reset badPwdCount reliable via an RWDC (CVE-2021-20251 regression); (bso#15253); * Prevent EBADF errors with vfs_glusterfs; (bso#15198); * %U for include directive doesn't work for share listing (netshareenum); (bso#15243); * Stack smashing in net offlinejoin requestodj; (bso#15257); * Windows 11 22H2 and Samba-AD 4.15 Kerberos login issue; (bso#15197); * Heimdal session key selection in AS-REQ examines wrong entry; (bso#15219); - Remove deprecated if-{down,up} scripts; (bsc#1206444); - Adjust the systemd drop-in file for named service; (bsc#1201689); * Paths are additive so do not repeat paths from named.service * Prefix the samba DLZ directory with "-" to ignore this path if it does not exists- Introduce without-smb1-server spec flag; (bsc#1205104); - Update to 4.17.3 * CVE-2022-42898: Samba buffer overflow vulnerabilities on 32-bit systems; (bsc#1205126); (bso#15203); - Replace obsolete python-gpgme with python-gpg * Upstream replaced it in v4.9.5 -- bso#13728 - Update to 4.17.2 * CVE-2022-3592 [SECURITY] samba: Wide links protection broken; (bso#15207); (bsc#1204499). * CVE-2022-3437 [SECURITY] samba: Buffer overflow in Heimdal unwrap_des3();(bso#15134); (bsc#1204254). - Update to 4.17.1 * CVE-2021-20251 [SECURITY] Bad password count not incremented atomically; (bso#14611). * smbXsrv_connection_shutdown_send result leaked; (bso#15174). * Flush on a named stream never completes; (bso#15182). * Permission denied calling SMBC_getatr when file not exists; (bso#15195). * Samba 4.5 sometimes cannot be upgraded to Samba 4.6 or later over DRS: WERROR_DS_DRA_MISSING_PARENT due to faulty GET_ANC; (bso#15189). * pytest: add file removal helpers for TestCaseInTempDir; (bso#15191). * CVE-2021-20251 [SECURITY] Bad password count not incremented atomically; (bso#14611). * Samba 4.5 sometimes cannot be upgraded to Samba 4.6 or later over DRS: WERROR_DS_DRA_MISSING_PARENT due to faulty GET_ANC; (bso#15189). * Flush on a named stream never completes; (bso#15182). * vfs_gpfs silently garbles timestamps > year 2106; (bso#15151). * CVE-2021-20251 [SECURITY] Bad password count not incremented atomically; (bso#14611). * multi-channel socket passing may hit a race if one of the involved processes already existed; (bso#15200). * memory leak on temporary of struct imessaging_post_state and struct tevent_immediate on struct imessaging_context (in rpcd_spoolss and maybe others); (bso#15201). * Since popt1.19 various use after free errors using result of poptGetArg are now exposed; (bso#15205); (boo#1204279). * Remove special case for O_CREAT in SMB_VFS_OPENAT from vfs_glusterfs; (bso#15192). * GETPWSID in memory cache grows indefinetly with each NTLM auth; (bso#15169). * CVE-2021-20251 [SECURITY] Bad password count not incremented atomically; (bso#14611). - Install a systemd drop-in file for named service to allow read/write access to the DLZ directory; (bsc#1201689); - Fix use after free errors resulting from using return of poptGetArg exposed since popt-1.19; (boo#1204279); (bso#15205). - s3: smbd: Fix memory leak in smbd_server_connection_terminate_done(); (bso#15174). - Disable SMB1 for tumbleweed builds. - Update to 4.17.0 * acl_xattr VFS module may unintentionally use filesystem permissions instead of ACL from xattr; (bso#15126). * Missing SMB2-GETINFO access checks from MS-SMB2 3.3.5.20.1; (bso#15153). * assert failed: !is_named_stream(smb_fname)") at ../../lib/util/fault.c:197; (bso#15161). * acl_xattr VFS module may unintentionally use filesystem permissions instead of ACL from xattr; (bso#15126). * assert failed: !is_named_stream(smb_fname)") at ../../lib/util/fault.c:197; (bso#15161). * Cross-node multi-channel reconnects result in SMB2 Negotiate returning NT_STATUS_NOT_SUPPORTED; (bso#15159). * winbind at info level debug can coredump when processing wb_lookupusergroups; (bso#15160). * Make use of glfs_*at() API calls in vfs_glusterfs; (bso#15157). * Possible use after free of connection_struct when iterating smbd_server_connection->connections; (bso#15128). * `net usershare add` fails with flag works with --long but fails with -l; (bso#15145). * acl_xattr VFS module may unintentionally use filesystem permissions instead of ACL from xattr; (bso#15126). * Performance regression on contended path based operations; (bso#15125). * Missing READ_LEASE break could cause data corruption; (bso#15148). * libsamba-errors uses a wrong version number; (bso#15141). * SMB1 negotiation can fail to handle connection errors; (bso#15152). * New filename parser doesn't check veto files smb.conf parameter; (bso#15143). * 4.17.rc1 still uses symlink-race prone unix_convert(); (bso#15144). * Backport fileserver related changed to 4.17.0rc2; (bso#15146). * Manpage for smbstatus json is missing; (bso#15147). * Backport fileserver related changed to 4.17.0rc2; (bso#15146). * Performance regression on contended path based operations; (bso#15125). * Backport fileserver related changed to 4.17.0rc2; (bso#15146). * Fix issues found by coverity in smbstatus json code; (bso#15140). * Backport fileserver related changed to 4.17.0rc2; (bso#15146). - Migration to /usr/etc: Saving user changed configuration files in /etc and restoring them while an RPM update. - Update to 4.16.4 * CVE-2022-2031: Samba AD users can bypass certain restrictions associated with changing passwords; (bsc#1201495); (bso#15047); * CVE-2022-32744: Samba AD users can forge password change requests for any user; (bsc#1201493); (bso#15074); * CVE-2022-32745: Samba AD users can crash the server process with an LDAP add or modify request; (bsc#1201492); (bso#15008); * CVE-2022-32746: Samba AD users can induce a use-after-free in the server process with an LDAP add or modify request; (bsc#1201490); (bso#15009); * CVE-2022-32742: Server memory information leak via SMB1; (bsc#1201496); (bso#15085); - Update to 4.16.3 * Using vfs_streams_xattr and deleting a file causes a panic; (bso#15099); * Add support for bind 9.18; (bso#14986); * logging dsdb audit to specific files does not work; (bso#15076); * Problem when winbind renews Kerberos; (bso#14979); (bsc#1196224); * Samba with new lorikeet-heimdal fails to build on gcc 12.1 in developer mode; (bso#15095); * Crash in streams_xattr because fsp->base_fsp->fsp_name is NULL; (bso#15105); * Crash in rpcd_classic - NULL pointer deference in mangle_is_mangled(); (bso#15118); * smbclient commands del & deltree fail with NT_STATUS_OBJECT_PATH_NOT_FOUND with DFS; (bso#15100); (bsc#1200556); * Fix check for chown when processing NFSv4 ACL; (bso#15120); * The pcap background queue process should not be stopped; (bso#15082); * testparm: Fix typo in idmap rangesize check; (bso#15097); * net ads info returns LDAP server and LDAP server name as null; (bso#15106); * ldconfig: /lib64/libsmbconf.so.0 is not a symbolic link; (bso#15108); * CTDB child process logging does not work as expected; (bso#15090); - Update spec file to fix the optional Heimdal DC build - Fix external trusts with MIT Kerberos 1.20 - Add missing samba-client requirement to samba-winbind package; (bsc#1198255); - Move pdb backends from package samba-libs to package samba-client-libs and remove samba-libs requirement from samba-winbind; (bsc#1200964); (bsc#1198255); - Add sysuser-shadow requirement for packages using systemd-sysusers - Use the canonical realm name to refresh the Kerberos tickets; (bsc#1196224); (bso#14979); - Moved logrotate files from user specific directory /etc/logrotate.d to vendor specific directory /usr/etc/logrotate.d. - Update to 4.16.2 * Use pathref fd instead of io fd in vfs_default_durable_cookie; (bso#15042); * vfs_gpfs with vfs_shadowcopy2 fail to restore file if original file had been deleted; (bso#15069); * Reintroduce netgroups support; (bso#15087); * net ads info shows LDAP Server: 0.0.0.0 depending on contacted server; (bso#14674); * Update from 4.15 to 4.16 breaks discovery of [homes] on standalone server from Win and IOS; (bso#15062); * waf produces incorrect names for python extensions with Python 3.11; (bso#15071); * smbclient -E doesn't work as advertised; (bso#15075); * The samba background daemon doesn't refresh the printcap cache on startup; (bso#15081); * Out-by-4 error in smbd read reply max_send clamp; (bso#14443); - Fix samba4.blackbox.net_ads_dns_async test with bind9 >= 9.17.7 - Support building with MIT Kerberos 1.20 - Bronze bit and S4U support with MIT Kerberos 1.20 for Samba AD DC; (CVE-2020-17049); - Resource Based Constrained Delegation (RBCD) for Samba AD DC - Support building with gcc 12.1 - Use requires_eq macro to require the libldb2 version available at samba-dsdb-modules build time; (bsc#1199362); - Update to 4.16.1 * Share and server swapped in smbget password prompt; (bso#14831); * Durable handles won't reconnect if the leased file is written to; (bso#15022); * rmdir silently fails if directory contains unreadable files and hide unreadable is yes; (bso#15023); * SMB2_CLOSE_FLAGS_FULL_INFORMATION fails to return information on renamed file handle; (bso#15038); * Need to describe --builtin-libraries= better (compare with - -bundled-libraries); (bso#8731); * vfs_shadow_copy2 breaks "smbd async dosmode" sync fallback; (bso#14957); * shadow_copy2 fails listing snapshotted dirs with shadow:fixinodes; (bso#15035); * PAM Kerberos authentication incorrectly fails with a clock skew error; (bso#15046); * Username map - samba erroneously applies unix group memberships to user account entries; (bso#15041); * KVNO off by 100000; (bso#14951); * Uninitialized litemask in variable in vfs_gpfs module; (bso#15027); * vfs_gpfs recalls=no option prevents listing files; (bso#15055); * smbd doesn't handle UPNs for looking up names; (bso#15054); - Update update-apparmor-samba-profile script, replace non-printable delimiter with more human readable separator as sed can accept separators that can appear in the input data. - Fix update-apparmor-samba-profile script, sed doesn't like multibyte separators; (bsc#1198309). - Update to 4.16.0 * New samba-dcerpcd binary to provide DCERPC in the member server setup * Certificate Auto Enrollment * Ability to add ports to dns forwarder addresses in internal DNS backend * No longer using Linux mandatory locks for sharemodes * SMB1 protocol has been deprecated, particularly older dialects * SMB1 protocol SMBCopy command removed * SMB1 server-side wildcard expansion removed - Add python3-dnspython to samba-ad-dc recommens; (bsc#1187101); - Use systemd-sysusers to create system users; (bsc#1182847);- Install a systemd drop-in file for named service to allow read/write access to the DLZ directory; (bsc#1201689);- Update to 4.15.12 * CVE-2022-42898: samba: heimdal: Samba buffer overflow vulnerabilities on 32-bit systems; (bso#15203); (bsc#1205126). - Update to 4.15.11 * Allow rebuild of Centos 8 images after move to vault for Samba 4.15; (bso#15193). * CVE-2022-3437: samba: Buffer overflow in Heimdal unwrap_des3(); (bso#15134); (bsc#1204254)- Update to 4.15.10 * Possible use after free of connection_struct when iterating smbd_server_connection->connections; (bso#15128); (bsc#1200102). * smbXsrv_connection_shutdown_send result leaked; (bso#15174). * Spotlight RPC service returns wrong response when Spotlight is disabled on a share; (bso#15086). * acl_xattr VFS module may unintentionally use filesystem permissions instead of ACL from xattr; (bso#15126). * Missing SMB2-GETINFO access checks from MS-SMB2 3.3.5.20.1; (bso#15153). * assert failed: !is_named_stream(smb_fname)") at ../../lib/util/fault.c:197; (bso#15161). * Missing READ_LEASE break could cause data corruption; (bso#15148). * rpcclient can crash using setuserinfo(2); (bso#15124). * Samba fails to build with glibc 2.36 caused by including in libreplace; (bso#15132). * SMB1 negotiation can fail to handle connection errors; (bso#15152). * samba-tool domain join segfault when joining a samba ad domain; (bso#15078). - Update to 4.15.9 * CVE-2022-32742:SMB1 code does not correct verify SMB1write, SMB1write_and_close, SMB1write_and_unlock lengths; (bso#15085); (bsc#1201496). * CVE-2022-32746: samba: Use-after-free occurring in database audit logging; (bso#15009); (bso#15096); (bsc#1201490). * CVE-2022-2031: samba, ldb: AD users can bypass certain restrictions associated with changing passwords; (bso#15047); (bsc#1201495); * CVE-2022-32745: samba: ldb: AD users can crash the server process with an LDAP add or modify request; (bso#15008); (bso#15096); (bsc#1201492). * CVE-2022-2031: samba, ldb: AD users can bypass certain restrictions associated with changing passwords; (bso#15047); (bsc#1201495); * CVE-2022-32744: samba, ldb: AD users can forge password change requests for any user; (bso#15074); (bso#15047); (bsc#1201493).- CVE-2022-1615: Do not ignore errors in random number generation; (bso#15103); (bsc#1202976); - CVE-2022-32743: Implement validated dnsHostName write rights; (bso#14833); (bsc#1202803);- Fix Use after free when iterating smbd_server_connection->connections after tree disconnect failure; (bso#15128); (bsc#1200102).- CVE-2022-32746: samba: Use-after-free occurring in database audit logging; (bso#15009); (bso#15096); (bsc#1201490). - CVE-2022-32745: samba: ldb: AD users can crash the server process with an LDAP add or modify request; (bso#15008); (bso#15096); (bsc#1201492). - CVE-2022-2031: samba, ldb: AD users can bypass certain restrictions associated with changing passwords; (bso#15047); (bsc#1201495); - CVE-2022-32742:SMB1 code does not correct verify SMB1write, SMB1write_and_close, SMB1write_and_unlock lengths; (bso#15085); (bsc#1201496). - CVE-2022-32744: samba, ldb: AD users can forge password change requests for any user; (bso#15074); (bso#15047); (bsc#1201493).- Update to 4.15.8 * Use pathref fd instead of io fd in vfs_default_durable_cookie; (bso#15042); * Setting fruit:resource = stream in vfs_fruit causes a panic; (bso#15099); * Add support for bind 9.18; (bso#14986); * logging dsdb audit to specific files does not work; (bso#15076); * vfs_gpfs with vfs_shadowcopy2 fail to restore file if original file had been deleted; (bso#15069); * netgroups support removed; (bso#15087); (bsc#1199247); * net ads info shows LDAP Server: 0.0.0.0 depending on contacted server; (bso#14674); (bsc#1199734); * waf produces incorrect names for python extensions with Python 3.11; (bso#15071); * smbclient commands del & deltree fail with NT_STATUS_OBJECT_PATH_NOT_FOUND with DFS; (bso#15100); (bsc#1200556); * vfs_gpfs recalls=no option prevents listing files; (bso#15055); * waf produces incorrect names for python extensions with Python 3.11; (bso#15071); * Compile error in source3/utils/regedit_hexedit.c; (bso#15091); * ldconfig: /lib64/libsmbconf.so.0 is not a symbolic link; (bso#15108); * smbd doesn't handle UPNs for looking up names; (bso#15054); * Out-by-4 error in smbd read reply max_send clamp; (bso#14443); - Move pdb backends from package samba-libs to package samba-client-libs and remove samba-libs requirement from samba-winbind; (bsc#1200964); (bsc#1198255); - Use the canonical realm name to refresh the Kerberos tickets; (bsc#1196224); (bso#14979);- Fix smbclient commands del & deltree failing with NT_STATUS_OBJECT_PATH_NOT_FOUND with DFS; (bso#15100); (bsc#1200556).- Revert NIS support removal; (bsc#1199247);- Use requires_eq macro to require the libldb2 version available at samba-dsdb-modules build time; (bsc#1199362);- Add missing samba-client requirement to samba-winbind package; (bsc#1198255);- Update to 4.15.7 * Share and server swapped in smbget password prompt; (bso#14831); * Durable handles won't reconnect if the leased file is written to; (bso#15022); * rmdir silently fails if directory contains unreadable files and hide unreadable is yes; (bso#15023); * SMB2_CLOSE_FLAGS_FULL_INFORMATION fails to return information on renamed file handle; (bso#15038); * vfs_shadow_copy2 breaks "smbd async dosmode" sync fallback; (bso#14957); * shadow_copy2 fails listing snapshotted dirs with shadow:fixinodes; (bso#15035); * PAM Kerberos authentication incorrectly fails with a clock skew error; (bso#15046); * username map - samba erroneously applies unix group memberships to user account entries; (bso#15041); * NT_STATUS_ACCESS_DENIED translates into EPERM instead of EACCES in SMBC_server_internal; (bso#14983); * Simple bind doesn't work against an RODC (with non-preloaded users); (bso#13879); * Crash of winbind on RODC; (bso#14641); * uncached logon on RODC always fails once; (bso#14865); * KVNO off by 100000; (bso#14951); * LDAP simple binds should honour "old password allowed period"; (bso#15001); * wbinfo -a doesn't work reliable with upn names; (bso#15003); * Simple bind doesn't work against an RODC (with non-preloaded users); (bso#13879); * Uninitialized litemask in variable in vfs_gpfs module; (bso#15027); * Regression: create krb5 conf = yes doesn't work with a single KDC; (bso#15016);- Add provides to samba-client-libs package to fix upgrades from previous versions; (bsc#1197995);- Add missing samba-libs requirement to samba-winbind package; (bsc#1198255);- Update to 4.15.6 * Renaming file on DFS root fails with NT_STATUS_OBJECT_PATH_NOT_FOUND; (bso#14169); * Samba does not response STATUS_INVALID_PARAMETER when opening 2 objects with same lease key; (bso#14737); * NT error code is not set when overwriting a file during rename in libsmbclient; (bso#14938); * Fix ldap simple bind with TLS auditing; (bso#14996); * net ads info shows LDAP Server: 0.0.0.0 depending on contacted server; (bso#14674); * Problem when winbind renews Kerberos; (bso#14979); (bsc#1196224); * pam_winbind will not allow gdm login if password about to expire; (bso#8691); * virusfilter_vfs_openat: Not scanned: Directory or special file; (bso#14971); * DFS fix for AIX broken; (bso#13631); * Solaris and AIX acl modules: wrong function arguments; (bso#14974); * Function aixacl_sys_acl_get_file not declared / coredump; (bso#7239); * Regression: Samba 4.15.2 on macOS segfaults intermittently during strcpy in tdbsam_getsampwnam; (bso#14900); * Fix a use-after-free in SMB1 server; (bso#14989); * smb2_signing_decrypt_pdu() may not decrypt with gnutls_aead_cipher_decrypt() from gnutls before 3.5.2; (bso#14968); * Changing the machine password against an RODC likely destroys the domain join; (bso#14984); * authsam_make_user_info_dc() steals memory from its struct ldb_message *msg argument; (bso#14993); * Use Heimdal 8.0 (pre) rather than an earlier snapshot; (bso#14995); * Samba autorid fails to map AD users if id rangesize fits in the id range only once; (bso#14967);- Fix mismatched version of libldb2; (bsc#1196788). - Drop obsolete SuSEfirewall2 service files.- Drop obsolete Samba fsrvp v0->v1 state upgrade functionality; (bsc#1080338).- Fix ntlm authentications with "winbind use default domain = yes"; (bso#13126); (bsc#1173429); (bsc#1196308).- Fix samba-ad-dc status warning notification message by disabling systemd notifications in bgqd; (bsc#1195896); (bso#14947).- libldb version mismatch in Samba dsdb component; (bsc#1118508);- Update to 4.15.5 * CVE-2021-44141: UNIX extensions in SMB1 disclose whether the outside target of a symlink exists; (bso#14911); (bsc#1193690). * CVE-2021-44142: Out-of-Bound Read/Write on Samba vfs_fruit module; (bso#14914); (bsc#1194859). * CVE-2022-0336: Re-adding an SPN skips subsequent SPN conflict checks; bso#14950); (bsc#1195048).- CVE-2021-44141: Information leak via symlinks of existance of files or directories outside of the exported share; (bso#14911); (bsc#1193690); - CVE-2021-44142: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution; (bso#14914); (bsc#1194859); - CVE-2022-0336: Samba AD users with permission to write to an account can impersonate arbitrary services; (bso#14950); (bsc#1195048);- Update to 4.15.4 * Duplicate SMB file_ids leading to Windows client cache poisoning; (bso#14928); * Failed to parse NTLMv2_RESPONSE length 95 - Buffer Size Error - NT_STATUS_BUFFER_TOO_SMALL; (bso#14932); * kill_tcp_connections does not work; (bso#14934); * Can't connect to Windows shares not requiring authentication using KDE/Gnome; (bso#14935); * smbclient -L doesn't set "client max protocol" to NT1 before calling the "Reconnecting with SMB1 for workgroup listing" path; (bso#14939); * Cross device copy of the crossrename module always fails; (bso#14940); * symlinkat function from VFS cap module always fails with an error; (bso#14941); * Fix possible fsp pointer deference; (bso#14942); * Missing pop_sec_ctx() in error path inside close_directory(); (bso#14944); * "smbd --build-options" no longer works without an smb.conf file; (bso#14945);- Use pkgconfig(krb5) as dependency for the -devel package: allow OBS to pick the right flavor of krb5-devel (full vs mini). - Do not require the 'krb5' symbol by samba-client-libs: this package has an automatic dependency due to linkage on libgssapi_krb5.so.2. Automatic deps are always better. - Do not require the 'krb5' symbol from samba-libs: samba-libs requires samba-client-libs, which in turn requires krb5 libraries. Samba-libs itself has no need for krb5 (but get it indirectly anyway).- Reorganize libs packages. Split samba-libs into samba-client-libs, samba-libs, samba-winbind-libs and samba-ad-dc-libs, merging samba public libraries depending on internal samba libraries into these packages as there were dependency problems everytime one of these public libraries changed its version (bsc#1192684). The devel packages are merged into samba-devel. - Rename package samba-core-devel to samba-devel - Add python-rpm-macros to build requirements - Update the symlink create by samba-dsdb-modules to private samba ldb modules following libldb2 changes from /usr/lib64/ldb/samba to /usr/lib64/ldb2/modules/ldb/samba- Update to 4.15.3 * Recursive directory delete with veto files is broken in 4.15.0; (bso#14878); * A directory containing dangling symlinks cannot be deleted by SMB2 alone when they are the only entry in the directory; (bso#14879); * SIGSEGV in rmdir_internals/synthetic_pathref - dirfsp is used uninitialized in rmdir_internals(); (bso#14892); * MaxQueryDuration not honoured in Samba AD DC LDAP; (bso#14694); * The CVE-2020-25717 username map [script] advice has undesired side effects for the local nt token; (bso#14901); (bsc#1192849); * User with multiple spaces (eg FredNurk) become un-deletable; (bso#14902); * Avoid storing NTTIME_THAW (-2) as value on disk; (bso#14127); * smbXsrv_client_global record validation leads to crash if existing record points at non-existing process; (bso#14882); * Crash in vfs_fruit asking for fsp_get_io_fd() for an XATTR call; (bso#14890); * Samba process doesn't log to logfile; (bso#14897); * set_ea_dos_attribute() fallback calling get_file_handle_for_metadata() triggers locking.tdb assert; (bso#14907); * Kerberos authentication on standalone server in MIT realm broken; (bso#14922); * Segmentation fault when joining the domain; (bso#14923); * Support for ROLE_IPA_DC is incomplete; (bso#14903); * rpcclient cannot connect to ncacn_ip_tcp services anymore; (bso#14767); * winexe crashes since 4.15.0 after popt parsing; (bso#14893); * net ads status -P broken in a clustered environment; (bso#14908); * Memory leak if ioctl(FSCTL_VALIDATE_NEGOTIATE_INFO) fails before smbd_smb2_ioctl_send; (bso#14788); * winbindd doesn't start when "allow trusted domains" is off; (bso#14899); * smbclient login without password using '-N' fails with NT_STATUS_INVALID_PARAMETER on Samba AD DC; (bso#14883); * A schannel client incorrectly detects a downgrade connecting to an AES only server; (bso#14912); * Possible null pointer dereference in winbind; (bso#14921); * Fix -k legacy option for client tools like smbclient, rpcclient, net, etc.; (bso#14846); * Add Debian 11 CI bootstrap support; (bso#14872); * Crash in recycle_unlink_internal(); (bso#14888);- Fix dependency problem upgrading from libndr0 to libndr2 and from libsamba-credentials0 to libsamba-credentials1; (bsc#1192684);- Fix regression introduced by CVE-2020-25717 patches, winbindd does not start when 'allow trusted domains' is off; (bso#14899); - Update to 4.15.2 * CVE-2016-2124: SMB1 client connections can be downgraded to plaintext authentication; (bso#12444); (bsc#1014440); * CVE-2020-25717: A user on the domain can become root on domain members; (bso#14556); (bsc#1192284); * CVE-2020-25718: Samba AD DC did not correctly sandbox Kerberos tickets issued by an RODC; (bso#14558); (bsc#1192246); * CVE-2020-25719: Samba AD DC did not always rely on the SID and PAC in Kerberos tickets; (bso#14561); (bsc#1192247); * CVE-2020-25721: Kerberos acceptors need easy access to stable AD identifiers (eg objectSid); (bso#14557); (bsc#1192505); * CVE-2020-25722: Samba AD DC did not do suffienct access and conformance checking of data stored; (bso#14564); (bsc#1192283); * CVE-2021-3738: Use after free in Samba AD DC RPC server; (bso#14468); (bsc#1192215); * CVE-2021-23192: Subsequent DCE/RPC fragment injection vulnerability; (bso#14875); (bsc#1192214); - Update to 4.15.1 * vfs_shadow_copy2: core dump in make_relative_path; (bso#14682); * Log clutter from filename_convert_internal; (bso#14685); * MacOSX compilation fixes; (bso#14862); * rodc_rwdc test flaps; (bso#14868); * Provide a fix for MS CVE-2020-17049 in Samba [SECURITY] 'Bronze bit' S4U2Proxy Constrained Delegation bypass in Samba with embedded Heimdal; (bso#14642); * Python ldb.msg_diff() memory handling failure; (bso#14836); * "in" operator on ldb.Message is case sensitive; (bso#14845); * Release LDB 2.4.1 for Samba 4.15.1; (bso#14848); * samldb_krbtgtnumber_available() looks for incorrect string; (bso#14854); * Fix Samba support for UF_NO_AUTH_DATA_REQUIRED; (bso#14871); * Allow special chars like "@" in samAccountName when generating the salt; (bso#14874); * Correctly ignore comments in CTDB public addresses file; (bso#14826); * Fix transit path validation; (bso#12998); * Fix that child winbindd logs to log.winbindd instead of log.wb-; (bso#14852); * SMB3 cancel requests should only include the MID together with AsyncID when AES-128-GMAC is used; (bso#14855); * Prepare to operate with MIT krb5 >= 1.20; (bso#14870); * Heimdal prefers RC4 over AES for machine accounts; (bso#14864);- Enable samba-tool without ad dc.- Adjust spec to use pam macros; (bsc#1191046).- Adjust spec for size * allow some Recommends instead Requires to be configured for cifs-utils, samba-libs-python3 & samba-gpupdate; (bsc#1182847). * remove fam, undocumented and unneeded.- Add missing build dependency on bison when building with the embedded Heimdal Kerberos- Update to 4.15.0 * Removed SMB development dialects SMB2_22, SMB2_24 and SMB3_10 * VFS layer modernized. * Add the ability to set allow/deny lists for zone transfer clients in Bind DLZ plugin * Server multi-channel support no longer experimental * Improved command line user experience, unifying the options in different commands * Winbindd no longer scans trusted domains on startup and will use enterprise principals by default. * The net utility is now able to support the offline domain join feature * New options for 'samba-tool dns zoneoptions' for aging control and to mark old records as static or dynamic * DNS tombstones are now deleted as appropriate and use a consistent timestamp format * The 'samba-tool dns update' command validates and rejects now malformed IPv4 and IPv6 addresses * The 'samba-tool domain backup' command correctly takes out locks against concurrent modification during backup when using the LMDB backend * TruACL support has been removed * NIS support has been removed- Fix 'net rpc' authentication when using the machine account; (bsc#1189017); (bso#14796);- Fix dependency problem upgrading from libndr0 to libndr1; (bsc#1189875); - Fix dependency problem upgrading from libsmbldap0 to libsmbldap2; (bsc#1189875); - Fix wrong kvno exported to keytab after net ads changetrustpw due to replication delay; (bsc#1188727); - Add Certificate Auto Enrollment Policy; (jsc#SLE-18456). - Update to 4.13.10 * s3: smbd: Ensure POSIX default ACL is mapped into returned Windows ACL for directory handles; (bso#14708); * Take a copy to make sure we don't reference free'd memory; (bso#14721); * s3: lib: Fix talloc heirarcy error in parent_smb_fname(); (bso#14722); * s3: smbd: Remove erroneous TALLOC_FREE(smb_fname_parent) in change_file_owner_to_parent() error path; (bso#14736); * samba-tool: Give better error information when the 'domain backup restore' fails with a duplicate SID; (bso#14575); * smbd: Correctly initialize close timestamp fields; (bso#14714); * Spotlight RPC service doesn't work with vfs_glusterfs; (bso#14740); * ctdb: Fix a crash in run_proc_signal_handler(); (bso#14475); * gensec_krb5: Restore ipv6 support for kpasswd; (bso#14750); * smbXsrv_{open,session,tcon}: Protect smbXsrv_{open,session,tcon}_global_traverse_fn against invalid records; (bso#14752); * samba-tool domain backup offline doesn't work against bind DLZ backend; (bso#14027); * netcmd: Use next_free_rid() function to calculate a SID for restoring a backup; (bso#14669); - Update to 4.13.9 * s3: smbd: SMB1 SMBsplwr doesn't send a reply packet on success; (bso#14696); * Add documentation for dsdb_group_audit and dsdb_group_json_audit to "log level", synchronise "log level" in smb.conf with the code; (bso#14689); * Fix smbd panic when two clients open same file; (bso#14672); * Fix memory leak in the RPC server; (bso#14675); * s3: smbd: Fix deferred renames; (bso#14679); * s3-iremotewinspool: Set the per-request memory context; (bso#14675); * rpc_server3: Fix a memleak for internal pipes; (bso#14675); * third_party: Update socket_wrapper to version 1.3.2; (bso#11899); * third_party: Update socket_wrapper to version 1.3.3; (bso#14639); * idmap_rfc2307 and idmap_nss return wrong mapping for uid/gid conflict; (bso#14663); * Fix the build on OmniOS; (bso#14288); - Update to 4.13.8 * CVE-2021-20254: Fix buffer overrun in sids_to_unixids(); (bso#14571 - Update to 4.13.7 * Release with dependency on ldb version 2.2.1.- CVE-2021-20254 Buffer overrun in sids_to_unixids(); (bnc#14571); (bsc#1184677).- Fix offline domain backup not possible using lmdb version >= 0.9.26; (bso#14676); - Require libldb >= 2.2.1; (bsc#1183572); (bsc#1183574); - Update to 4.13.6 * CVE-2020-27840: samba: Unauthenticated remote heap corruption via bad DNs; (bso#14595); (bsc#1183572). * CVE-2021-20277: samba: out of bounds read in ldb_handler_fold; (bso#14655); (bsc#1183574). - Update to 4.13.5 * s3:modules:vfs_virusfilter: Recent talloc changes cause infinite start-up failure; (bso#14634); * s3: libsmb: Add missing cli_tdis() in error path if encryption setup failed on temp proxy connection; (bso#13992); * smbd: In conn_force_tdis_done() when forcing a connection closed force a full reload of services; (bso#14604); * dbcheck: Check Deleted Objects and reduce noise in reports about expired tombstones (bso#14593); * s3: Fix fcntl waf configure check; (bso#14503); * s3/auth: Implement "winbind:ignore domains"; (bso#14602); * smbd: Use fsp->conn->session_info for the initial delete-on-close token; (bso#14617); * s3: VFS: nfs4_acls. Add missing TALLOC_FREE(frame) in error path; (bso#14648); * classicupgrade: Treat old never expires value right; (bso#14624); * g_lock: Fix uninitalized variable reads; (bso#14636); * s3:pysmbd: Fix fd leak in py_smbd_create_file(); (bso#13898); * lib:util: Avoid free'ing our own pointer; (bso#14625); * HEIMDAL: krb5_storage_free(NULL) should work; (bso#12505);- Spec file fixes around systemd and requires; (bsc#1182830); - Align systemd service unit files with upstream provided ones.- Update to 4.13.4 * Work around special SMB2 IOCTL response behavior of NetApp Ontap 7.3.7; (bso#14607); * Temporary DFS share setup doesn't set case parameters in the same way as a regular share definition does; (bso#14612); * lib: Avoid declaring zero-length VLAs in various messaging functions; (bso#14605); * Do not create an empty DB when accessing a sam.ldb; (bso#14579); * vfs_fruit may close wrong backend fd; (bso#14596); * Temporary DFS share setup doesn't set case parameters in the same way as a regular share definition does; (bso#14612); * vfs_virusfilter: Allocate separate memory for config char*; (bso#14606); * vfs_fruit may close wrong backend fd; (bso#14596); * Work around special SMB2 IOCTL response behavior of NetApp Ontap 7.3.7; (bso#14607); * The cache directory for the user gencache should be created recursively; (bso#14601); * Be more flexible with repository names in CentOS 8 test environments; (bso#14594);- Uninstalling samba-client: Failed to disable unit, cifs.service does not exists; (bsc#1180388);- Update to 4.13.3 + libcli: smb2: Never print length if smb2_signing_key_valid() fails for crypto blob; (bso#14210); + s3: modules: gluster. Fix the error I made in preventing talloc leaks from a function; (bso#14486); + s3: smbd: Don't overwrite contents of fsp->aio_requests[0] with NULL via TALLOC_FREE(); (bso#14515); + s3: spoolss: Make parameters in call to user_ok_token() match all other uses; (bso#14568); + s3: smbd: Quiet log messages from usershares for an unknown share; (bso#14590); + samba process does not honor max log size; (bso#14248); + vfs_zfsacl: Add missing inherited flag on hidden "magic" everyone@ ACE; (bso#14587); + s3-libads: Pass timeout to open_socket_out in ms; (bso#13124); + s3-vfs_glusterfs: Always disable write-behind translator; (bso#14486); + smbclient: Fix recursive mget; (bso#14517); + clitar: Use do_list()'s recursion in clitar.c; (bso#14581); + manpages/vfs_glusterfs: Mention silent skipping of write-behind translator; (bso#14486); + vfs_shadow_copy2: Preserve all open flags assuming ROFS; (bso#14573); + interface: Fix if_index is not parsed correctly; (bso#14514);- Update to 4.13.2 + s3: modules: vfs_glusterfs: Fix leak of char **lines onto mem_ctx on return; (bso#14486); + RN: vfs_zfsacl: Only grant DELETE_CHILD if ACL tag is special; (bso#14471); + smb.conf.5: Add clarification how configuration changes reflected by Samba; (bso#14538); + daemons: Report status to systemd even when running in foreground; (bso#14552); + DNS Resolver: Support both dnspython before and after 2.0.0; (bso#14553); + s3-vfs_glusterfs: Refuse connection when write-behind xlator is present; (bso#14486); + provision: Add support for BIND 9.16.x; (bso#14487); + ctdb-common: Avoid aliasing errors during code optimization; (bso#14537); + libndr: Avoid assigning duplicate versions to symbols; (bso#14541); + docs: Fix default value of spoolss:architecture; (bso#14522); + winbind: Fix a memleak; (bso#14388); + s4:dsdb:acl_read: Implement "List Object" mode feature; (bso#14531); + docs-xml/manpages: Add warning about write-behind translator for vfs_glusterfs; (bso#14486); + nsswitch/nsstest.c: Avoid nss function conflicts with glibc nss.h. + vfs_shadow_copy2: Avoid closing snapsdir twice; (bso#14530); + third_party: Update resolv_wrapper to version 1.1.7; (bso#14547); + examples:auth: Do not install example plugin; (bso#14550); + ctdb-recoverd: Drop unnecessary and broken code; (bso#14513); + RN: vfs_zfsacl: Only grant DELETE_CHILD if ACL tag is special; (bso#14471);- Adjust smbcacls '--propagate-inheritance' feature to align with upstream; (bsc#1178469).- Update to samba 4.13.1 + CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records; (bsc#1177613); (bso#14472); + CVE-2020-14323: Unprivileged user can crash winbind; (bsc#1173994); (bso#14436); + CVE-2020-14318: Missing handle permissions check in SMB1/2/3 ChangeNotify; (bsc#1173902); (bso#14434); - Adjust systemd tmpfiles.d configuration, use /run/samba instead of /var/run/samba; (bsc#1177355);- Fix vfs_ceph query_directory regression; (bso#14519) - Drop liburing-devel for SLE15-SP2; (bsc#1177245)- Register CTDB recovery lock holder with ceph-mgr - Add liburing-devel dependency- Update to samba 4.13.0 + Require Python 3.6 + Move wide links functionality into VFS module + Deprecate NT4-like 'classic' Samba domain controllers + Deprecate SMBv1 only protocol options + Remove deprecated "ldap ssl ads" option + Unify asynchronous DCE-RPC server; (jsc#SES-645) + Replay multichannel lease break requests; (bso#11897); (jsc#SES-655) + Drop internal byteorder.h header from util-devel package + Remove final code for the AD DC LDAP backend + Add AD DC Group Policy Scripts + Only use gnutls_aead_cipher_encryptv2() for GnuTLS > 3.6.14; (bso#14399) + Fix %U substitutions if it contains a domain name; (bso#14467) + Fix krb5.conf creation for 'net ads join'; (bso#14479) + Fix build problem if libbsd-dev is not installed; (bso#14482) + Toggle vfs_snapper using "--with-shared-modules"; (bso#14437) + Fix idmap_ad RFC4511 response handling; (bso#14465) + Fix panic in get_lease_type(); (bso#14428)- Update to samba 4.11.13 + CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: Protect netr_ServerPasswordSet2 against unencrypted passwords; (bsc#1176579); (bso#14497); + CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: Support "server require schannel:WORKSTATION$ = no" about unsecure configurations; (bsc#1176579); (bso#14497); + CVE-2020-1472(ZeroLogon): s4 torture rpc: repeated bytes in client challenge; (bsc#1176579); (bso#14497); + CVE-2020-1472(ZeroLogon): libcli/auth: Reject weak client challenges in netlogon_creds_server_init() "server require schannel:WORKSTATION$ = no"; (bsc#1176579); (bso#14497); - Update to samba 4.11.12 + s3: libsmb: Fix SMB2 client rename bug to a Windows server; (bso#14403); + dsdb: Allow "password hash userPassword schemes = CryptSHA256" to work on RHEL7; (bso#14424); + dbcheck: Allow a dangling forward link outside our known NCs; (bso#14450); + lib/debug: Set the correct default backend loglevel to MAX_DEBUG_LEVEL; (bso#14426); + s3:smbd: PANIC: assert failed in get_lease_type(); (bso#14428); + lib/util: do not install "test_util_paths"; (bso#14370); + lib:util: Fix smbclient -l basename dir; (bso#14345); + s3:smbd: PANIC: assert failed in get_lease_type(); (bso#14428); + util: Allow symlinks in directory_create_or_exist; (bso#14166); + docs: Fix documentation for require_membership_of of pam_winbind; (bso#14358); + s3:winbind:idmap_ad: Make failure to get attrnames for schema mode fatal; (bso#14425);- Add obsoletes to libsmbldap2 package to fix upgrades from previous versions; (bsc#1172810);- Fix net command unable to negotiate SMB2; (bsc#1174120);- Update to samba 4.11.11 + CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and VLV combined; (bso#14364); (bsc#1173159] + CVE-2020-10745: invalid DNS or NBT queries containing dots use several seconds of CPU each; (bso#14378); (bsc#1173160). + CVE-2020-10760: Use-after-free in AD DC Global Catalog LDAP server with paged_result or VLV; (bso#14402); (bsc#1173161) + CVE-2020-14303: Endless loop from empty UDP packet sent to AD DC nbt_server; (bso#14417); (bsc#1173359). - Update to samba 4.11.10 + Fix segfault when using SMBC_opendir_ctx() routine for share folder that contains incorrect symbols in any file name; (bso#14374). + vfs_shadow_copy2 doesn't fail case looking in snapdirseverywhere mode; (bso#14350) + ldb_ldap: Fix off-by-one increment in lldb_add_msg_attr; (bso#14413). + Malicous SMB1 server can crash libsmbclient; (bso#14366) + winbindd: Fix a use-after-free when winbind clients exit; (bso#14382) + ldb: Bump version to 2.0.11, LMDB databases can grow without bounds. (bso#14330) - Update to samba 4.11.9 + nmblib: Avoid undefined behaviour in handle_name_ptrs(); (bso#14242). + 'samba-tool group' commands do not handle group names with special chars correctly; (bso#14296). + smbd: avoid calling vfs_file_id_from_sbuf() if statinfo is not valid; (bso#14237). + Missing check for DMAPI offline status in async DOS attributes; (bso#14293). + smbd: Ignore set NTACL requests which contain S-1-5-88 NFS ACEs; (bso#14307). + vfs_recycle: Prevent flooding the log if we're called on non-existant paths; (bso#14316) + smbd mistakenly updates a file's write-time on close; (bso#14320). + RPC handles cannot be differentiated in source3 RPC server; (bso#14359). + librpc: Fix IDL for svcctl_ChangeServiceConfigW; (bso#14313). + nsswitch: Fix use-after-free causing segfault in _pam_delete_cred; (bso#14327). + Fix fruit:time machine max size on arm; (bso#13622) + CTDB recovery corner cases can cause record resurrection and node banning; (bso#14294). + ctdb: Fix a memleak; (bso#14348). + libsmb: Don't try to find posix stat info in SMBC_getatr(). + ctdb-tcp: Move free of inbound queue to TCP restart; (bso#14295); (bsc#1162680). + s3/librpc/crypto: Fix double free with unresolved credential cache; (bso#14344); (bsc#1169095) + s3:libads: Fix ads_get_upn(); (bso#14336). + CTDB recovery corner cases can cause record resurrection and node banning; (bso#14294) + Starting ctdb node that was powered off hard before results in recovery loop; (bso#14295); (bsc#1162680). + ctdb-recoverd: Avoid dereferencing NULL rec->nodemap; (bso#14324) - Update to samba 4.11.8 + CVE-2020-10700: Use-after-free in Samba AD DC LDAP Server with ASQ; (bso#14331); (bsc#1169850); + CVE-2020-10704: LDAP Denial of Service (stack overflow) in Samba AD DC; (bso#14334); (bsc#1169851); - Update to samba 4.11.7 + s3: lib: nmblib. Clean up and harden nmb packet processing; (bso#14239). + s3: VFS: full_audit. Use system session_info if called from a temporary share definition; (bso#14283) + dsdb: Correctly handle memory in objectclass_attrs; (bso#14258). + ldb: version 2.0.9, Samba 4.11 and later give incorrect results for SCOPE_ONE searches; (bso#14270) + auth: Fix CIDs 1458418 and 1458420 Null pointer dereferences; (bso#14247). + smbd: Handle EINTR from open(2) properly; (bso#14285) + winbind member (source3) fails local SAM auth with empty domain name; (bso#14247) + winbindd: Handling missing idmap in getgrgid(); (bso#14265). + lib:util: Log mkdir error on correct debug levels; (bso#14253). + wafsamba: Do not use 'rU' as the 'U' is deprecated in Python 3.9; (bso#14266). + ctdb-tcp: Make error handling for outbound connection consistent; (bso#14274). - Update to samba 4.11.6 + pygpo: Use correct method flags; (bso#14209). + vfs_ceph_snapshots: Fix root relative path handling; (bso#14216); (bsc#1141320). + Avoiding bad call flags with python 3.8, using METH_NOARGS instead of zero; (bso#14209). + source4/utils/oLschema2ldif: Include stdint.h before cmocka.h; (bso#14218). + docs-xml/winbindnssinfo: Clarify interaction with idmap_ad etc; (bso#14122). + smbd: Fix the build with clang; (bso#14251). + upgradedns: Ensure lmdb lock files linked; (bso#14199). + s3: VFS: glusterfs: Reset nlinks for symlink entries during readdir; (bso#14182). + smbc_stat() doesn't return the correct st_mode and also the uid/gid is not filled (SMBv1) file; (bso#14101). + librpc: Fix string length checking in ndr_pull_charset_to_null(); (bso#14219). + ctdb-scripts: Strip square brackets when gathering connection info; (bso#14227).- Add libnetapi-devel to baselibs conf, for wine usage; (bsc#1172307);- Installing: samba - samba-ad-dc.service does not exist and unit not found; (bsc#1171437);- Fix samba_winbind package is installing python3-base without python3 package; (bsc#1169521);- Require libldb2 >= 2.0.10 after security release.- CVE-2020-10704: LDAP Denial of Service (stack overflow) in Samba AD DC; (bso#14334); (bsc#1169851); - CVE-2020-10700: Use-after-free in Samba AD DC LDAP Server with ASQ; (bso#14331); (bsc#1169850);- Fix smbclient crash with double free (with unresolved krb5 credential cache); (bso#14344); (bsc#1169095).- Starting ctdb node that was powered off hard before results in recovery loop; (bso#14295); (bsc#1162680).- CTDB doesn't retry outgoing connections on bind (and some other) failures; (bso#14274); (bsc#1162680).- Revert: Allow idmap_rid to have primary group other than "Domain Users"; (bsc#1087931).- Fix nmbstatus not reporting detailed information about workgroups; (bsc#1159464); - Fix querying all names registered within broadcast area; (bso#8927);- Update to samab 4.11.5 + CVE-2019-14902: Replication of ACLs down subtree on AD Directory is not automatic; (bso#12497); (bsc#1160850). + CVE-2019-19344: Fix server crash with dns zone scavenging = yes; (bso#14050); (bsc#1160852). + CVE-2019-14907: server-side crash after charset conversion failure (eg during NTLMSSP processing); (bso#14208); (bsc#1160888). - Update to samba 4.11.4 + Ensure SMB1 cli_qpathinfo2() doesn't return an inode number; (bso#14161). + Ensure we don't call cli_RNetShareEnum() on an SMB1 connection; (bso#14174). + NT_STATUS_ACCESS_DENIED becomes EINVAL when using SMB2 in SMBC_opendir_ctx; (bso#14176). + SMB2 - Ensure we use the correct session_id if encrypting an interim response; (bso#14189). + Prevent smbd crash after invalid SMB1 negprot; (bso#14205). + printing: Fix %J substition; (bso#13745). + Remove now unneeded call to cmdline_messaging_context(); (bso#13925). + Fix incomplete conversion of former parametric options; (bso#14069). + Fix sync dosmode fallback in async dosmode codepath; (bso#14070). + vfs_fruit returns capped resource fork length; (bso#14171). + libnet_join: Add SPNs for additional-dns-hostnames entries; (bso#14116). + smbd: Increase a debug level; (bso#14211). + Prevent azure ad connect from reporting discovery errors reference-value-not-ldap-conformant; (bso#14153). + krb5_plugin: Fix developer build with newer heimdal system library; (bso#14179). + replace: Only link libnsl and libsocket if required; (bso#14168); + ctdb: Incoming queue can be orphaned causing communication; breakdown; (bso#14175). + ldb: Release ldb 2.0.8. Cross-compile will not take cross-answers or cross-execute; (bso#13846). + heimdal-build: Avoid hard-coded /usr/include/heimdal in asn1_compile-generated code; (bso#13856).- Fix Ceph snapshot root relative path handling; (bso#14216); (bsc#1141320).- Update to samba 4.11.3 + CVE-2019-14861: DNSServer RPC server crash, an authenticated user can crash the DCE/RPC DNS management server by creating records with matching the zone name; (bso#14138); (bsc#1158108). + CVE-2019-14870: DelegationNotAllowed not being enforced, the DelegationNotAllowed Kerberos feature restriction was not being applied when processing protocol transition requests (S4U2Self), in the AD DC KDC; (bso#14187); (bsc#1158109).- CVE-2019-14861: DNSServer RPC server crash, an authenticated user can crash the DCE/RPC DNS management server by creating records with matching the zone name; (bso#14138); (bsc#1158108). - CVE-2019-14870: DelegationNotAllowed not being enforced, the DelegationNotAllowed Kerberos feature restriction was not being applied when processing protocol transition requests (S4U2Self), in the AD DC KDC; (bso#14187); (bsc#1158109).- Update to samba 4.11.2 + CVE-2019-10218: Client code can return filenames containing path separators; (bsc#1144902); (bso#14071). + CVE-2019-14833: Samba AD DC check password script does not receive the full password; (bso#12438). + CVE-2019-14847: User with "get changes" permission can crash AD DC LDAP server via dirsync; (bso#14040). - Fixes from 4.11.1 + Overlinking libreplace against librt and pthread against every binary or library causes issues; (bso#14140); + kpasswd fails when built with MIT Kerberos; (bso#14155); + Fix spnego fallback from kerberos to ntlmssp in smbd server; (bso#14106); + Stale file handle error when using mkstemp on a share; (bso#14137); + non-AES schannel broken; (bso#14134); + Joining Active Directory should not use SAMR to set the password; (bso#13884); + smbclient can blunder into the SMB1 specific cli_RNetShareEnum() call on an SMB2 connection; (bso#14152); + Deleted records can be resurrected during recovery; (bso#14147); + getpwnam and getpwuid need to return data for ID_TYPE_BOTH group; (bso#14141); + winbind does not list forest trusts with additional trust attributes; (bso#14130); + fault report points to outdated documentation; (bso#14139); + pam_winbind with krb5_auth or wbinfo -K doesn't work for users of trusted domains/forests; (bso#14124); + classicupgrade results in uncaught exception - a bytes-like object is required, not 'str'; (bso#14136); + pod2man is not longer required, stop checking at build time; (bso#14131); + Exit code of ctdb nodestatus should not be influenced by deleted nodes; (bso#14129); + username/password authentication doesn't work with CUPS and smbspool; (bso#14128); + smbc_readdirplus() is incompatible with smbc_telldir() and smbc_lseekdir(); (bso#14094);- CVE-2019-14847: User with "get changes" permission can crash AD DC LDAP server via dirsync; (bso#14040); (bsc#1154598); - CVE-2019-10218: Client code can return filenames containing path separators; (bso#14071); (bsc#1144902);- CVE-2019-14833: samba: Accent with "check script password" Samba AD DC check password script does not receive the full password; (bso#12438); (bsc#1154289).- Update to samba 4.11.0 + For details on all items see WHATSNEW.txt in samba-doc package + Python2 runtime support removed; python 3.4 or later required + Security improvements: - SMB1 disabled by default - lanman and plaintext authentication deprecated - winbind: PAM_AUTH and NTLM_AUTH events logged - GnuTLS 3.2 required; system FIPS mode setting honored + CephFS Snapshot integration, exposed as previous file versions + ctdb changes: - onnode -o option removed - ctdbd logs when using more than 90% of a CPU thread - CTDB_MONITOR_SWAP_USAGE variable removed + AD Domain controller improvements: - Upgrade AD databse format - BIND9_FLATFILE deprecated - default process model chagned to prefork - bind9 dns operation duration logging - Default schema updated to 2012_R2; function level is unchanged - many performance improvements + Configuration webserver support removed- Fix broken username/password authentication with CUPS and smbspool; (bsc#1152143); (bso#14128).- Fix auth problems when printing via smbspool backend with kerberos; (bnc#1148539); (bso#13832).- Update to samba 4.10.8 + CVE-2019-10197: user escape from share path definition; (bso#14035); (bsc#1141267);- Fix build on newer systems by modifying samba.spec to use consistent non-relative paths for pammodules in configure line and specification of pam_winbind.so library to package.- Update to samba 4.10.7 + Unable to create or rename file/directory inside shares configured with vfs_glusterfs_fuse module; (bso#14010). + build: Allow build when '--disable-gnutls' is set; (bso#13844) + samba-tool: Add 'import samba.drs_utils' to fsmo.py; (bso#13973). + Fix 'Error 32 determining PSOs in system' message on old DB with FL upgrade; (bso#14008). + s4/libnet: Fix joining a Windows pre-2008R2 DC; (bso#14021) + join: Use a specific attribute order for the DsAddEntry nTDSDSA object; (bso#14046). + vfs_catia: Pass stat info to synthetic_smb_fname(); (bso#14015). + lookup_name: Allow own domain lookup when flags == 0; (bso#14091). + s4 librpc rpc pyrpc: Ensure tevent_context deleted last; (bso#13932). + DEBUGC and DEBUGADDC doesn't print into a class specific log file; (bso#13915). + Request to keep deprecated option "server schannel", VMWare Quickprep requires "auto"; (bso#13949). + dbcheck: Fallback to the default tombstoneLifetime of 180 days; (bso#13967). + dnsProperty fails to decode values from older Windows versions; (bso#13969). + samba-tool: Use only one LDAP modify for dns partition fsmo role transfer; (bso#13973). + third_party: Update waf to version 2.0.17; (bso#13960). + netcmd: Allow 'drs replicate --local' to create partitions; (bso#14051). + ctdb-config: Depend on /etc/ctdb/nodes file; (bso#14017).- CVE-2019-10197: user escape from share path definition; (bso#14035); (bsc#1141267).- Prepare for use future use of kernel keyrings, modify /etc/pam.d/samba to include pam_keyinit.so; (bsc#1144059).- Update samba-winbind script to work with systemd; (bsc#1132739); - Drop samba dhcpcd hook scripts - Update to samba 4.10.6 + s3: winbind: Fix crash when invoking winbind idmap scripts; (bso#13956). + smbd does not correctly parse arguments passed to dfree and quota scripts; (bso#13964). + samba-tool dns: use bytes for inet_ntop; (bso#13965). + samba-tool domain provision: Fix --interactive module in python3; (bso#13828). + ldb_kv: Skip @ records early in a search full scan; (bso#13893). + docs: Improve documentation of "lanman auth" and "ntlm auth" connection; (bso#13981). + python/ntacls: Use correct "state directory" smb.conf option instead of "state dir"; (bso#14002). + registry: Add a missing include; (bso#13840). + Fix SMB guest authentication; (bso#13944). + AppleDouble conversion breaks Resourceforks; (bso#13958). + vfs_fruit makes direct use of syscalls like mmap() and pread(); (bso#13968). + s3:mdssvc: Fix flex compilation error; (bso#13987). + s3/vfs_glusterfs[_fuse]: Avoid using NAME_MAX directly; (bso#13872). + dsdb:samdb: schemainfo update with relax control; (bso#13799). + s3:util: Move static file_pload() function to lib/util; (bso#13964). + smbd: Fix a panic; (bso#13957). + ldap server: Generate correct referral schemes; (bso#12478). + s4 dsdb/repl_meta_data: fix use after free in dsdb_audit_add_ldb_value; (bso#13941). + s4 dsdb: Fix use after free in samldb_rename_search_base_callback; (bso#13942). + dsdb/repl: we need to replicate the whole schema before we can apply it; (bso#12204). + ldb: Release ldb 1.5.5; (bso#12478). + Schema replication fails if link crosses chunk boundary backwards; (bso#13713). + 'samba-tool domain schemaupgrade' uses relax control and skips the schemaInfo update provision; (bso#13799). + dsdb_audit: avoid printing "... remote host [Unknown] SID [(NULL SID)] ..."; (bso#13916). + python/ntacls: We only need security.SEC_STD_READ_CONTROL in order to get the ACL; (bso#13917). + s3:loadparm: Ensure to truncate FS Volume Label at multibyte boundary; (bso#13947). + Using Kerberos credentials to print using spoolss doesn't work; (bso#13939). + wafsamba: Use native waf timer; (bso#13998). + ctdb-scripts: Fix tcp_tw_recycle existence check; (bso#13984).- Update to samba-4.10.5 (including updates for 4.10.4, 4.10.3) + CVE-2019-12435 rpc/dns: Avoid NULL deference if zone not found in DnssrvOperation2; (bso#13922); (bsc#1137815). + CVE-2019-12436 dsdb/paged_results: Ignore successful results without messages; (bso#13951); (bsc#1137816). - Update to samba-4.10.4 + s3: SMB1: Don't allow recvfile on stream fsp's; (bso#13938). + py/provision: Fix for Python 2.6; (bso#13882). + netcmd: Fix 'passwordsettings --max-pwd-age' command; (bso#13873). + s3-libnet_join: 'net ads join' to child domain fails when using "-U admin@forestroot"; (bso#13861). + vfs_ceph: Explicitly enable libcephfs POSIX ACL support; (bso#13896); (bsc#1130245). + vfs_ceph: Fix cephwrap_flistxattr() debug message; (bso#13940); (bsc#1134697). + ctdb-common: Avoid race between fd and signal events; (bso#13895). + ctdb-common: Fix memory leak in run_proc; (bso#13943). + lib: Initialize getline() arguments; (bso#13892). + winbind: Fix overlapping id ranges; (bco#13903). + lib util debug: Increase format buffer to 4KiB; (bso#13902). + nsswitch pam_winbind: Fix Asan use after free; (bso#13927). + s4 lib socket: Ensure address string owned by parent struct; (bso#13929). + s3 rpc_client: Fix Asan stack use after scope; (bso#13936). + s3:smbd: Handle IO_REPARSE_TAG_DFS in SMB_FIND_FILE_FULL_DIRECTORY_INFO; (bso#10097). + smb2_tcon: Avoid STATUS_PENDING completely on tdis; (bso#10344). + smb2_sesssetup: avoid STATUS_PENDING responses for session setup; (bso#12845). + smb2_tcon: Avoid STATUS_PENDING completely on tdis; (bso#13698). + smb2_sesssetup: avoid STATUS_PENDING responses for session setup; (bso#13796). + dbcheck: Fix the err_empty_attribute() check; (bso#13843). + vfs_snapper: Drop unneeded fstat handler; (bso#13858). + vfs_default: Fix vfswrap_offload_write_send() NT_STATUS_INVALID_VIEW_SIZE check; (bso#13862). + smb2_server: Grant all 8192 credits to clients; (bso#13863). + smbd: Implement SMB_FILE_NORMALIZED_NAME_INFORMATION handling; (bso#13919). + s3/vfs_glusterfs: Dynamically determine NAME_MAX; (bso#13872). + s3: modules: ceph: Use current working directory instead of share path; (bso#13918); (bsc#1134452). + winbind: Use domain name from lsa query for sid_to_name cache entry; (bso#13831). + memcache: Increase size of default memcache to 512k; (bso#13865). + docs: Update smbclient manpage for "--max-protocol"; (bso#13857). + s3:utils: If share is NULL in smbcacls, don't print it; (bso#13937). + s3:smbspool: Fix regression printing with Kerberos credentials; (bso#13939). + ctdb-scripts: CTDB restarts failed NFS RPC services by hand, which is incompatible with systemd; (bso#13860). + ctdb-daemon: Revert "We can not assume that just because we could complete a TCP handshake"; (bso#13888). + ctdb-daemon: Never use 0 as a client ID; (bso#13930). + ctdb-common: Fix memory leak; (bso#13943). + s3:debug: Enable logging for early startup failures; (bso#13904) - Update to samba-4.10.3 + CVE-2018-16860: Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum; (bso#13685); (bsc#1134024).- CVE-2019-12435: zone operations can crash rpc server; (bso#13922); (bsc#1137815).- Fix cephwrap_flistxattr() debug message; (bso#13940); (bsc#1134697). - Add ceph_snapshots VFS module; (jsc#SES-183).- Fix vfs_ceph realpath; (bso#13918); (bsc#1134452).- Update to samba-4.10.2: + CVE-2019-3870 (World writable files in Samba AD DC private/ dir); (bso#13834). + CVE-2019-3880 (Save registry file outside share as unprivileged user); (bso#13851). + py/kcc_utils: py2.6 compatibility; (bso#13837). + libcli: permit larger values of DataLength in SMB2_ENCRYPTION_CAPABILITIES of negotiate response; (bso#13869). + regfio: Improve handling of malformed registry hive files; (bso#13840). + ctdb-version: Simplify version string usage; (bso#13789). + lib: Make fd_load work for non-regular files; (bso#13859). + dbcheck: in the middle of the tombstone garbage collection causes replication failures, dbcheck: add --selftest-check-expired-tombstones cmdline option; (bso#13816). + ndr_spoolss_buf: Fix out of scope use of stack variable in NDR_SPOOLSS_PUSH_ENUM_OUT(); (bso#13818). + s4/messaging: Fix undefined reference in linking libMESSAGING-samba4.so; (bso#13854). + acl_read: Fix regression for empty lists; (bso#13836). + s4:dlz make b9_has_soa check dc=@ node; (bso#13841). + s3:client: Fix printing via smbspool backend with kerberos auth; (bso#13832). + s4:librpc: Fix installation of Samba; (bso#13847). + s3:lib: Fix the debug message for adding cache entries; (bso#13848). + s3:utils: Add 'smbstatus -L --resolve-uids' to show username; (bso#13793). + s3:lib: Fix the debug message for adding cache entries; (bso#13848). + s3:waf: Fix the detection of makdev() macro on Linux; (bso#13853). * ctdb-build: Drop creation of .distversion in tarball; (bso#13789). * ctdb-packaging: Test package requires tcpdump, ctdb package should not own system library directory; (bso#13838). - Update to samba-4.10.1: + py/kcc_utils: py2.6 compatibility; (bso#13837); + libcli: permit larger values of DataLength in SMB2_ENCRYPTION_CAPABILITIES of negotiate response; (bso#13869); + regfio: Improve handling of malformed registry hive files; (bso#13840); + ctdb-version: Simplify version string usage; (bso#13789); + lib: Make fd_load work for non-regular files; (bso#13859); + dbcheck in the middle of the tombstone garbage collection causes replication failures, dbcheck: add --selftest-check-expired-tombstones cmdline option; (bso#13816); + ndr_spoolss_buf: Fix out of scope use of stack variable in NDR_SPOOLSS_PUSH_ENUM_OUT(); (bso#13818); + s4/messaging: Fix undefined reference in linking libMESSAGING-samba4.so; (bso#13854); + acl_read: Fix regression for empty lists; (bso#13836); + s4:dlz make b9_has_soa check dc=@ node; (bso#13841); + s3:client: Fix printing via smbspool backend with kerberos auth; (bso#13832); + s4:librpc: Fix installation of Samba; (bso#13847); + s3:lib: Fix the debug message for adding cache entries; (bso#13848); + s3:utils: Add 'smbstatus -L --resolve-uids' to show username; (bso#13793); + s3:lib: Fix the debug message for adding cache entries; (bso#13848); + s3:waf: Fix the detection of makdev() macro on Linux; (bso#13853); + ctdb-build: Drop creation of .distversion in tarball; (bso#13789); + ctdb-packaging: Test package requires tcpdump, ctdb package should not own system library directory; (bso#13838); - Update to samba-4.10.0: + s4-server: Open and close a transaction on sam.ldb at startup; (bso#13760); + access_check_max_allowed() doesn't process "Owner Rights" ACEs; (bso#13812); + s4/scripting/bin: Open unicode files with utf8 encoding and write + unicode string. + sambaundoguididx: Use the right escaped oder unescaped sam ldb files; (bso#13759); + Fix idmap cache pollution with S-1-22- IDs on winbind hickup; (bso#13813); + passdb: Update ABI to 0.27.2. + lib/winbind_util: Add winbind_xid_to_sid for --without-winbind; (bso#13813); + lib:util: Move debug message for mkdir failing to log level 1; (bso#13823);- MacOS credit accounting breaks with async SESSION SETUP; (bsc#1125601); (bso#13796). - Mac OS X SMB2 implmenetation sees Input/output error or Resource temporarily unavailable and drops connection; (bso#13698)- Explicitly enable libcephfs POSIX ACL support; (bso#13896); (bsc#1130245).- CVE-2019-3880: Save registry file outside share as unprivileged user; (bso#13851); (bsc#1131060 ).- CVE-2019-3870 pysmbd: missing restoration of original umask after umask(0); (bso#13834); (bsc#1130703);- Update to samba-4.9.5 + audit_logging: Remove debug log header and JSON Authentication: prefix; (bso#13714); + Fix upgrade from 4.7 (or earlier) to 4.9; (bso#13760); + s3: lib: nmbname: Ensure we limit the NetBIOS name correctly; (bso# CID: 1433607; (bso#11495); + smbd: uid: Don't crash if 'force group' is added to an existing share connection; (bso#13690); + s3: VFS: vfs_fruit. Fix the NetAtalk deny mode compatibility code; (bso#13770); + s3: SMB1 POSIX mkdir does case insensitive name lookup; (bso#13803); + s3:utils/smbget fix recursive download with empty source directories; (bso#13199); + samba-tool drs showrepl: Do not crash if no dnsHostName found; (bso#13716); + s3:libsmb: cli_smb2_list() can sometimes fail initially on a connection; (bso#13736); + join: Throw CommandError instead of Exception for simple errors; (bso#13747); + ldb: Avoid inefficient one-level searches; (bso#13762); + s3: libsmb: use smb2cli_conn_max_trans_size() in cli_smb2_list(); (bso#13736); + tldap: Avoid use after free errors; (bso#13776); + Fix idmap xid2sid cache churn; (bso#13802); + access_check_max_allowed() doesn't process "Owner Rights" ACEs; (bso#13812); + s3-smbd: Avoid assuming fsp is always intact after close_file call; (bso#13720); + s3-vfs-fruit: Add close call; (bso#13725); + s3-smbd: Use fruit:model string for mDNS registration; (bso#13746); + s3-vfs: add glusterfs_fuse vfs module; (bso#13774); + printing: Check lp_load_printers() prior to pcap cache update; (bso#13766); + vfs_ceph: vfs_ceph strict_allocate_ftruncate calls (local FS) ftruncate and fallocate; (bso#13807); + lib/audit_logging: Actually create talloc; (bso#13737); + netcmd/user: python[3]-gpgme unsupported and replaced by python[3]-gpg; (bso#13728); + dns: Changing onelevel search for wildcard to subtree; (bso#13738); + samba-tool: Don't print backtrace on simple DNS errors; (bso#13721); + sambaundoguididx: Use the right escaped oder unescaped sam ldb files; (bso#13759); + ctdb: Print locks latency in machinereadable stats; (bso#13742); + messages_dgm: Messaging gets stuck when pids are recycled; (bso#13786); + audit_logging: auth_json_audit required auth_json; (bso#13715); + man pages: Document prefork process model; (bso#13765); + CVE-2019-3824 ldb: Release ldb 1.4.6; (bso#13773); + s3:auth: ignore create_builtin_guests() failing without a valid idmap configuration; (bso#13697); + s3:auth_winbind: Ignore a missing winbindd as NT4 PDC/BDC without trusts; (bso#13722); + s3:auth_winbind: return NT_STATUS_NO_LOGON_SERVERS if winbindd is not available; (bso#13723); + s4:server: Add support for 'smbcontrol samba shutdown' and 'smbcontrol debug/debuglevel'; (bso#13752); + Python: Ensure ldb.Dn can doesn't rencoded str with py2; (bso#13616); + vfs_glusterfs: Adapt to changes in libgfapi signatures; (bso#13330); + s3-vfs: Use ENOATTR in errno comparison for getxattr; (bso#13774); + notifyd: Fix SIGBUS on sparc; (bso#13704); + waf: Check for libnscd; (bso#13787); + s3:vfs: Correctly check if OFD locks should be enabled or not; (bso#13770); + lib/util: Count a trailing line that doesn't end in a newline; (bso#13717); + Recovery lock bug fixes; (bso#13800); + s3: net: Do not set NET_FLAGS_ANONYMOUS with -k; (bso#13726); + s3:libsmb: Honor disable_netbios option in smbsock_connect_send; (bso#13727); + vfs_fileid: Fix get_connectpath_ino; (bso#13741); + vfs_fileid: Fix fsname_norootdir algorithm; (bso#13744);- Fix vfs_ceph ftruncate and fallocate handling; (bso#13807); (bsc#1127153).- Fix update-apparmor-samba-profile script after apparmor switched to using named profiles. The change is backwards compatible; (bsc#1126377);- LoadParm().load_default() fails with "Unable to load default file"; (bsc#1089758);- Abide by load_printers smb.conf parameter; (bso#13766); (bsc#1124223);- Update to samba-4.9.4 + libcli/smb: Don't overwrite status code; (bso#9175). + wbinfo --group-info 'NT AUTHORITY\System' does not work; (bso#12164). + Session setup reauth fails to sign response; (bso#13661). + vfs_fruit: Validation of writes on AFP_AfpInfo stream; (bso#13677). + vfs_shadow_copy2: Nicely deal with attempts to open previous version for writing; (bso#13688). + Restoring previous version of stream with vfs_shadow_copy2 fails with NT_STATUS_OBJECT_NAME_INVALID fsp->base_fsp->fsp_name; (bso#13455). + CVE-2018-16853: Fix S4U2Self crash with MIT KDC build; (bso#13571). + s3-vfs: Prevent NULL pointer dereference in vfs_glusterfs; (bso#13708) + PEP8: fix E231: missing whitespace after ','. + winbindd: Fix crash when taking profiles;(bso#13629) + CVE-2018-14629 dns: Fix CNAME loop prevention using counter regression; (bso#13600) + 'samba-tool user syscpasswords' fails on a domain with many DCs; (bso#13686). + CVE-2018-16853: Do not segfault if client is not set; (bso#13571). + lib:util: Fix DEBUGCLASS pointer initializiation; (bso#13679) + ctdb-daemon: Exit with error if a database directory does not exist; (bso#13696). + s3:libads: Add net ads leave keep-account option; (bso#13498).- Drop more %if..%endif guards which are idempotent. - Drop requires on ldconfig which are already auto-discovered. - Do not ignore errors from useradd/groupadd.- Remove python2 build dependency from samba-libs; (bsc#1116900);- Update update-apparmor-samba-profile script to ignore the shares's paths containing substitution variables in any place, not only at the beginning of the path.- Update to samba-4.9.3 + CVE-2018-14629: Unprivileged adding of CNAME record causing loop in AD Internal DNS server; (bso#13600); (bsc#1116319); + CVE-2018-16841: Double-free in Samba AD DC KDC with PKINIT; (bso#13628); (bsc#1116320); + CVE-2018-16851: NULL pointer de-reference in Samba AD DC LDAP server; (bso#13674); (bsc#1116322); + CVE-2018-16852: NULL pointer de-reference in Samba AD DC DNS servers; (bso#13669); (bsc#1116321); + CVE-2018-16853: Samba AD DC S4U2Self crash in experimental MIT Kerberos configuration (unsupported); (bso#13678); (bsc#1116324); + CVE-2018-16857: Bad password count in AD DC not always effective; window; (bso#13683); (bsc#1116323);- Update to samba-4.9.2 + dsdb: Add comments explaining the limitations of our current backlink behaviour; (bso#13418); + Fix problems running domain backups (handling SMBv2, sites); (bso#13621); + testparm: Fix crashes with PANIC: Messaging not initialized on SLES 12 SP3; (bso#13465); + Make vfs_fruit able to cleanup AppleDouble files; (bso#13642); + File saving issues with vfs_fruit on samba >= 4.8.5; (bso#13646); + Enabling vfs_fruit looses FinderInfo; (bso#13649); + Cancelling of SMB2 aio reads and writes returns wrong error NT_STATUS_INTERNAL_ERROR; (bso#13667); + Fix CTDB recovery record resurrection from inactive nodes and simplify vacuuming; (bso#13641); + examples: Fix the smb2mount build; (bso#13465); + libtevent: Fix build due to missing open_memstream on Illiumos; (bso#13629); + winbindd_cache: Fix timeout calculation for sid<->name cache; (bso#13662); + dsdb encrypted_secrets: Allow "ldb:// and "mdb://" in file path; (bso#13653); + Extended DN SID component missing for member after switching group membership; (bso#13418); + Return STATUS_SESSION_EXPIRED error encrypted, if the request was encrypted; (bso#13624); + python: Allow forced signing via smb.SMB(); (bso#13621); + lib:socket: If returning early, set ifaces; (bso#13665); + ldb: Bump ldb version to 1.4.3, Python: Ensure ldb.Dn can accept utf8 encoded unicode; (bso#13616); + smbd: Fix DELETE_ON_CLOSE behaviour on files with READ_ONLY attribute; (bso#13673); + waf: Add -fstack-clash-protection; (bso#13601); + winbind: Fix segfault if an invalid passdb backend is configured; (bso#13668); + Fix bugs in CTDB event handling; (bso#13659); + Misbehaving nodes are sometimes not banned; (bso#13670);- lib:socket: If returning early, set ifaces; (bso#13665); (bsc#1111373);- winbind requires latest version of libtevent-util0 to start- Backport latest gpo code from master + Read policy from local gpt cache + Offline policy application + Make group policy extensible via register/unregister gpext + gpext's run via a process_group_policy method- Enable profiling data collection- Change samba-kdc package name to samba-ad-dc - Move samba-ad-dc.service to the samba-ad-dc package- Update to samba-4.9.1 + s3: nmbd: Stop nmbd network announce storm; (bso#13620); + s3-rpcclient: Use spoolss_init_spoolss_UserLevel1 in winspool cmds; (bso#13597); + CTDB recovery lock has some race conditions; (bso#13617); + s3-rpc_client: Advertise Windows 7 client info; (bso#13597); + ctdb-doc: Remove PIDFILE option from ctdbd_wrapper man page; (bso#13610);- Tumbleweed doesn't define the sle_version macro, so we must include a check for suse_version also. Otherwise python3 is disabled on Tumbleweed.- Update to samba-4.9.0 + samba_dnsupdate: Honor 'dns zone scavenging' option, only update if needed; (bso#13605); + wafsamba: Fix 'make -j'; (bso#13606);- Update to samba-4.9.0rc5 + s3: VFS: vfs_full_audit: Ensure smb_fname_str_do_log() only returns absolute pathnames; (bso#13565); + s3: util: Do not take over stderr when there is no log file; (bso#13578); + Durable Reconnect fails because cookie.allow_reconnect is not set; (bso#13549); + krb5-samba: Interdomain trust uses different salt principal; (bso#13539); + vfs_fruit: Don't unlink the main file; (bso#13441); + smbd: Fix a memleak in async search ask sharemode; (bso#13602); + Fix Samba GPO issue when Trust is enabled; (bso#11517); + samba-tool: Add "virtualKerberosSalt" attribute to 'user getpassword/syncpasswords'; (bso#13539); + Fix CTDB configuration issues; (bso#13589); + ctdbd logs an error until it can successfully connect to eventd; (bso#13592);- Update to samba-4.9.0rc4 + s3: smbd: Ensure get_real_filename() copes with empty pathnames; (bso#13585); + samba domain backup online/rename commands force user to specify password on CLI; (bso#13566); + wafsamba/samba_abi: Always hide ABI symbols which must be local; (bso#13579); + Fix a panic if fruit_access_check detects a locking conflict; (bso#13584); + Fix memory and resource leaks; (bso#13567); + python: Fix print in dns_invalid.py; (bso#13580); + Aliasing issue causes incorrect IPv6 checksum; (bso#13588); + Fix CTDB configuration issues; (bso#13589); + s3: vfs: time_audit: fix handling of token_blob in smb_time_audit_offload_read_recv(); (bso#13568);- Add missing zlib-devel dependency which was previously pulled in by libopenssl-devel- Update to samba-4.9.0rc3+git.22.3fff23ae36e + CVE-2018-10858: libsmb: Harden smbc_readdir_internal() against returns from malicious servers; (bso#13453); + CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with escapes crashes, ldb: Release LDB 1.3.5 for CVE-2018-1140; (bso#13374); + CVE-2018-10918: cracknames: Fix DoS (NULL pointer de-ref) when not servicePrincipalName is set on a user; (bso#13552); + CVE-2018-10919: acl_read: Fix unauthorized attribute access via searches; (bso#13434); + ctdb_mutex_ceph_rados_helper: Set SIGINT signal handler; (bso#13540); + CVE-2018-1139 libcli/auth: Do not allow ntlmv1 over SMB1 when it is disabled via "ntlm auth"; (bso#13360); + s3-tldap: do not install test_tldap; (bso#13529); + ctdb_mutex_ceph_rados_helper: Fix deadlock via lock renewals; (bso#13540); + CVE-2018-1140 Add NULL check for ldb_dn_get_casefold() in ltdb_index_dn_attr(); (bso#13374); + ctdb-eventd: Fix CID 1438155; (bso#13554); + Fix CIDs 1438243, (Unchecked return value) 1438244 (Unsigned compared against 0), 1438245 (Dereference before null check) and 1438246 (Unchecked return value); (bso#13553); + ctdb: Fix a cut&paste error; (bso#13554); + systemd: Only start smb when network interfaces are up; (bso#13559); + Fix quotas don't work with SMB2; (bso#13553); + s3/smbd: Ensure quota code is only called when quota support detected; (bso#13563); + s3/libsmb: Explicitly set delete_on_close token for rmdir; (bso#13204); + s3:waf: Install eventlogadm to /usr/sbin; (bso#13561); + Shorten description in vfs_linux_xfs_sgid manual; (bso#13562);- Update to samba-4.9.0rc2+git.21.a1069afb007 + s3: smbd: Using "sendfile = yes" with SMB2 can cause CPU spin; (bso#13537); + s3: smbd: Fix path check in smbd_smb2_create_durable_lease_check(); (bso#13535); + samba-tool trust: Support discovery via netr_GetDcName; (bso#13538); + s4-dsdb: Only build dsdb Python modules for AD DC; (bso#13542); + Fix portability issues on freebsd; (bso#13520); + DNS wildcard search does not handle multiple labels correctly; (bso#13536); + samba-tool domain trust: Fix trust compatibility to Windows Server 1709 and FreeIPA; (bso#13308); + Fix portability issues on freebsd; (bso#13520); + ctdb-protocol: Fix CTDB compilation issues; (bso#13545); + ctdb-docs: Replace obsolete reference to CTDB_DEBUG_HUNG_SCRIPT option; (bso#13546); + ctdb-doc: Provide an example script for migrating old configuration; (bso#13550); + ctdb-event: Implement event tool "script list" command; (bso#13551);- Update to samba-4.8.4+git.37.a7a861d7982; + CVE-2018-1139: Weak authentication protocol allowed; (bsc#1095048); (bsc#13360); + CVE-2018-1140: Denial of Service Attack on DNS and LDAP server; (bsc#1095056); (bso#13466); (bso#13374); + CVE-2018-10858: Insufficient input validation on client directory listing in libsmbclient; (bsc#1103411); (bso#13453); + CVE-2018-10918: Denial of Service Attack on AD DC DRSUAPI server; (bsc#1103414); (bso#13552); + CVE-2018-10919: Confidential attribute disclosure from the AD LDAP server; (bsc#1095057); (bso#13434); + s3:winbind: winbind normalize names' doesn't work for users; (bso#12851); + winbind: Fix UPN handling in canonicalize_username(); (bso#13369); + s3: smbd: Fix SMB2-FLUSH against directories; (bso#13428); + samdb: Fix building Samba with gcc 8.1; (bso#13437); + s3:utils: Do not segfault on error in DoDNSUpdate(); (bso#13440); + smbd: Flush dfree memcache on service reload; (bso#13446); + ldb: Save a copy of the index result before calling the + lib/util: No Backtrace given by Samba's AD DC by default; (bso#13454). + s3: smbd: printing: Re-implement delete-on-close semantics for print files missing since 3.5.x; (bso#13457). + python: Fix talloc frame use in make_simple_acl(); (bso#13474). + krb5_wrap: Fix keep_old_entries logic for older Kerberos libraries;(bso#13478). + krb5_plugin: Add winbind localauth plugin for MIT Kerberos; (bso#13480).- Add missing package descriptions; (bsc#1093864); - Fix dependency issue between samba-python and samba-kdc; (bsc#1062876); - Call update-apparmor-samba-profile when running samba-ad-dc; (bsc#1092099);- Update to 4.8.2 + After update to 4.8.0 DC failed with "Failed to find our own NTDS Settings objectGUID" (bso#13335). + fix incorrect reporting of stream dos attributes on a directory (bso#13380). + vfs_ceph: add asynchronous fsync; fake synchronous call (bso#13412). + vfs_ceph: add fake async pwrite/pread send/recv hooks; (bso#13425) + vfs_ceph: Fix memory leak; (bso#13424). + libsmbclient: Fix hard-coded connection error return of ETIMEDOUT; (bso#13419). + s4-lsa: Fix use-after-free in LSA server; (bso#13420). + winbindd: Do re-connect if the RPC call fails in the passdb case; (bso#13430). + cleanupd: Sends MSG_SMB_UNLOCK twice to interested peers; (bso#13416). + cleanupd: Use MSG_SMB_BRL_VALIDATE to signal cleanupd unclean process shutdown; (bso#13414). + ctdb-client: Remove ununsed functions from old client code; (bso#13411). + printing: Return the same error code as windows does on upload failures; (bso#13395). + nsswitch: Fix memory leak in winbind_open_pipe_sock() when the privileged pipe is not accessable; (bso#13400). + s4:lsa_lookup: remove TALLOC_FREE(state) after all dcesrv_lsa_Lookup{Names,Sids}_base_map() calls; (bso#13420). + rpc_server: Fix NetSessEnum with stale sessions; (bso#13407). + s3:smbspool: Fix cmdline argument handling; (bso#13417).- Move libdfs-server-ad-samba4.so library from kdc to libs package, as it is required by some client libs; (bsc#1074135); - Update to 4.8.1; (bsc#1091179); + s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on error, we don't own it here; (bso#13244); + s3: smbd: Fix possible directory fd leak if the underlying OS doesn't support fdopendir(); (bso#13270); + Round-tripping ACL get/set through vfs_fruit will increase the number of ACE entries without limit; (bso#13319); + s3: smbd: SMB2: Add DBGC_SMB2_CREDITS class to specifically debug credit issues; (bso#13347); + s3: smbd: Files or directories can't be opened DELETE_ON_CLOSE without delete access; (bso#13358); + s3: smbd: Fix memory leak in vfswrap_getwd(); (bso#13372); + s3: smbd: Unix extensions attempts to change wrong field in fchown call; (bso#13375); + ms_schema/samba-tool visualize: Fix python2.6 incompatibility; (bso#13337); + Fix invocation of gnutls_aead_cipher_encrypt(); (bso#13352); + Windows 10 cannot logon on Samba NT4 domain; (bso#13328); + winbindd: Recover loss of netlogon secure channel in case the peer DC is rebooted; (bso#13332); + s3:smbd: Don't use the directory cache for SMB2/3; (bso#13363); + ctdb-client: Fix bugs in client code; (bso#13356); + ctdb-scripts: Drop "net serverid wipe" from 50.samba event script; (bso#13359); + s3: lib: messages: Don't use the result of sec_init() before calling sec_init(); (bso#13368); + libads: Fix the build '--without-ads'; (bso#13273); + winbind: Keep "force_reauth" in invalidate_cm_connection, add 'smbcontrol disconnect-dc'; (bso#13332); + vfs_virusfilter: Fix CIDs 1428738-1428740; (bso#13343); + dsdb: Fix CID 1034966 Uninitialized scalar variable; (bso#13367); + rpc_server: Fix core dump in dfsgetinfo; (bso#13370); + smbclient: Fix notify; (bso#13382); + Fix smbd panic if the client-supplied channel sequence number wraps; (bso#13215); + Windows 10 cannot logon on Samba NT4 domain; (bso#13328); + lib/util: Remove unused '#include ' from tests/tfork.c; (bso#13342); + Fix build errors with cc from developerstudio 12.5 on Solaris; (bso#13343); + Fix the picky-developer build on FreeBSD 11; (bso#13344); + s3:modules: Fix the build of vfs_aixacl2.c; (bso#13345); + s3:smbd: map nterror on smb2_flush errorpath; (bso#13338); + lib:replace: Fix linking when libtirpc-devel overwrites system headers; (bso#13341); + winbindd: 'wbinfo --name-to-sid' returns misleading result on invalid query; (bso#13312); + s3:passdb: Do not return OK if we don't have pinfo set up; (bso#13376); + Allow AESNI to be used on all processor supporting AESNI; (bso#13302);- Use new foreground execution flags for systemd samba daemons; (bsc#1088574); (bsc#1071090); (bsc#1065551); + Add %post scriptlet to clear old sysconfig flags - Update vendor-files to commit 880b3e7. + Set samba sysconfig template variables to "" + Add required daemon flags directly to systemd unit- Specfile cleanup + Remove %if..%endif guards which don't affect the build + Remove redundant %clean section + Replace old $RPM_* shell vars with macros- BuildRequire pkgconfig(systemd) and pkgconfig(libsystemd) in place of systemd and systemd-devel: Allow OBS to optimize the workload by allowing the usage of the 'build-optimized' systemd packages.- Enable building samba with python3, and create a samba-python3 package.- Update to 4.8 + New GUID Index mode in sam.ldb for the AD DC + GPO support for samba KDC + Time machine support with vfs_fruit + Encrypted secrets + AD Replication visualization + Improved trust support - ability to not scan global trust list - AD external trusts have limited support - verbose trusted domain listing + VirusFilter VFS module + NT4-style replication removed + vfs_aio_linux removed- Disable samba-pidl package, due to the removal of dependency perl-Parse-Yapp; (bsc#1085150);- Update to 4.7.6; + CVE-2018-1050: DOS vulnerability when SPOOLSS is run externally; (bso#11343); (bsc#1081741); + CVE-2018-1057: Authenticated users can change other users' password; (bso#13272); (bsc#1081024).- Disable python until full python3 port is done; (bsc#1082139); + Remove contents of package samba-python + Remove contents of package libsamba-policy0 + Remove contents of package libsamba-policy-devel + Remove library libsamba-python-samba4.so from samba-libs package + Remove library libsamba-net-samba4.so from samba-libs package + Remove smbtorture binary and manpage from samba-test- samba fails to build with glibc2.27; (bsc#1081042);- Update to 4.7.5; (bsc#1080545); + smbd tries to release not leased oplock during oplock II downgrade; (bso#13193); + Fix copying file with empty FinderInfo from Windows client to Samba share with fruit; (bso#13181); + build: Deal with recent glibc sunrpc header removal; (bso#10976); + Make Samba work with tirpc and libnsl2; (bso#13238); + vfs_ceph: Add fs_capabilities hook to avoid local statvfs; (bso#13208); (bsc#1075206); + Kerberos: PKINIT: Can't decode algorithm parameters in clientPublicValue; (bso#12986); + ctdb-recovery-helper: Deregister message handler in error paths; (bso#13188); + samba: Only use async signal-safe functions in signal handler; (bso#13240); + Kerberos: PKINIT: Can't decode algorithm parameters in clientPublicValue; (bso#12986); + repl_meta_data: Fix linked attribute corruption on databases with unsorted links on expunge. dbcheck: Add functionality to fix the corrupt database; (bso#13228); + Fix smbd panic when chdir returns error during exit; (bso#13189); + Make Samba work with tirpc and libnsl2; (bso#13238); + Fix POSIX ACL support on HPUX and possibly other big-endian OSs; (bso#13176);- Update to 4.7.4; (bsc#1080545); + s3: smbclient: Implement 'volume' command over SMB2; (bso#13140); + s3: libsmb: Fix valgrind read-after-free error in cli_smb2_close_fnum_recv(); (bso#13171); + s3: libsmb: Fix reversing of oldname/newname paths when creating a reparse point symlink on Windows from smbclient; (bso#13172); + Build man page for vfs_zfsacl.8 with Samba; (bso#12934); + repl_meta_data: Allow delete of an object with dangling backlinks; (bso#13095); + s4:samba: Fix default to be running samba as a deamon; (bso#13129); + Performance regression in DNS server with introduction of DNS wildcard, ldb: Release 1.2.3; (bso#13191); + vfs_zfsacl: Fix compilation error; (bso#6133); + "smb encrypt" setting changes are not fully applied until full smbd restart; (bso#13051); + winbindd: Fix idmap_rid dependency on trusted domain list; (bso#13052); + vfs_fruit: Proper VFS-stackable conversion of FinderInfo; (bso#13155); + winbindd: Dependency on trusted-domain list in winbindd in critical auth codepath; (bso#13173); + repl_meta_data: Fix removing of backlink on deleted objects; (bso#13120); + ctdb: sock_daemon leaks memory; (bso#13153); + TCP tickles not getting synchronised on CTDB restart; (bso#13154); + winbindd: winbind parent and child share a ctdb connection; (bso#13150); + pthreadpool: Fix deadlock; (bso#13170); + pthreadpool: Fix starvation after fork; (bso#13179); + messaging: Always register the unique id; (bso#13180); + s4/smbd: set the process group; (bso#13129); + Fix broken linked attribute handling; (bso#13095); + The KDC on an RWDC doesn't send error replies in some situations; (bso#13132); + libnet_join: Fix 'net rpc oldjoin'; (bso#13149); + g_lock conflict detection broken when processing stale entries; (bso#13195); + s3:smb2_server: allow logoff, close, unlock, cancel and echo on expired sessions; (bso#13197); + s3:libads: net ads keytab list fails with "Key table name malformed"; (bso#13166); (bsc#1067700); + Fix crash in pthreadpool thread after failure from pthread_create; (bso#13170); + s4:samba: Allow samba daemon to run in foreground; (bso#13129); (bsc#1065551); + third_party: Link the aesni-intel library with "-z noexecstack"; (bso#13174); + vfs_glusterfs: include glusterfs/api/glfs.h without relying on "-I" options; (bso#13125);- Re-enable usage of libnsl (did got lost with glibc change) - Use TI-RPC (sunrpc is deprecated and will be removed soon from glibc)- smbc_opendir should not return EEXIST with invalid login credentials; (bnc#1065868).- Update to 4.7.3; (bsc#1069666); + Non-smbd processes using kernel oplocks can hang smbd; (bso#13121); + python: use communicate to fix Popen deadlock; (bso#13127); + smbd on disk file corruption bug under heavy threaded load; (bso#13130); + tevent: version 0.9.34; (bso#13130); + s3: smbd: Fix delete-on-close after smb2_find; (bso#13118); + CVE-2017-14746: s3: smbd: Fix SMB1 use-after-free crash bug; (bsc#1060427);(bso#13041); + CVE-2017-15275: s3: smbd: Chain code can return uninitialized memory when talloc buffer is grown; (bsc#1063008); (bso#13077); - Build with AD DC support only in openSUSE.- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- samba-tool requires samba-python; (bnc#1067771).- Run all daemons in the foreground and let systemd handle it; (bsc#1065551). - Update to 4.7.1; + Fix exporting subdirs with shadow_copy2; (bso#13091); + Currently if getwd() fails after a chdir(), we panic; (bso#13027); + Ensure default SMB_VFS_GETWD() call can't return a partially completed struct smb_filename; (bso#13068); + sys_getwd() can leak memory or possibly return the wrong errno on older systems; (bso#13069); + smbclient doesn't correctly canonicalize all local names before use; (bso#13093); + Fix broken linked attribute handling; (bso#13095); + Missing LDAP query escapes in DNS rpc server; (bso#12994); + Link to -lbsd when building replace.c by hand; (bso#13087); + Cannot delete non-ACL files on Solaris/ZFS/NFSv4 ACL filesystem; (bso#6133); + Map SYNCHRONIZE acl permission statically in zfs_acl vfs module; (bso#7909); + Samba fails to honor SEC_STD_WRITE_OWNER bit with the acl_xattr module; (bso#7933); + Missing assignment in sl_pack_float; (bso#12991); + Wrong Samba access checks when changing DOS attributes; (bso#12995); + samba_runcmd_send() leaves zombie processes on timeout; (bso#13062); + groupmap cleanup should not delete BUILTIN mappings; (bso#13065); + Enabling vfs_fruit results in loss of Finder tags and other xattrs; (bso#13076); + man pages: Properly ident lists; (bso#9613); + smb.conf.5: Sort parameters alphabetically; (bso#13081); + Fix GUID string format on GetPrinter info; (bso#12993); + Remote serverid check doesn't check for the unique id; (bso#13042); + CTDB starts consuming memory if there are dead nodes in the cluster; (bso#13056); + ctdb-common: Ignore event scripts with multiple '.'s; (bso#13070); + libgpo doesn't sort the GPOs in the correct order; (bso#13046); + Remote serverid check doesn't check for the unique id; (bso#13042); + vfs_catia: Fix a potential memleak; (bso#13090); + Fix file change notification for renames; (bso#12903); + Samba DNS server does not honour wildcards; (bso#12952); + Can't change password in samba from a Windows client if Samba runs on IPv6 only interface; (bso#13079); + vfs_fruit: Replace closedir() by SMB_VFS_CLOSEDIR; (bso#13086); + Apple client can't cope with SMB2 async replies when creating symlinks; (bso#13047); + s4:rpc_server:backupkey: Move variable into scope; (bso#12959); + Fix ntstatus_gen.h generation on 32bit; (bso#13099); + Fix a double free in vfs_gluster_getwd(); (bso#13100); + Fix resouce leaks and pointer issues; (bso#13101); + vfs_solarisacl: Fix build for samba 4.7 and up; (bso#13049);- Add samba-kdc to baselibs.conf. - Do not wrap samba-kdc's package definition into if/endif: the package won't be generated simply based on the fact that there is no files section for the package. Allows the source validator to ensure samba-kdc is a built package.- Update to 4.7.0; + Whole DB read locks: Improved LDAP and replication consistency; (bso#12858). + Samba AD with MIT Kerberos + Dynamic RPC port range: Default range changed from "1024-1300" to "49152-65535". + Authentication and Authorization audit support: New auth_audit debug class. + Multi-process LDAP Server: The LDAP server in the AD DC now honours the process model used for the rest of the 'samba' process. + Improved Read-Only Domain Controller (RODC) Support; (bso#12977). + Additional password hashes stored in supplementalCredentials. + Improvements to DNS during Active Directory domain join. + Significant AD performance and replication improvements. + Query record for open file or directory. + Removal of lpcfg_register_defaults_hook(). + Change of loadable module interface. + SHA256 LDAPS Certificates: The self-signed certificate generated for use on LDAPS will now be generated with a SHA256 self-signature, not a SHA1 self-signature. + CTDB no longer allows mixed minor versions in a cluster. + CTDB now ignores hints from Samba about TDB flags when attaching to databases. + New configuration variable CTDB_NFS_CHECKS_DIR. + The CTDB_SERVICE_AUTOSTARTSTOP configuration has been removed. + The CTDB_SCRIPT_DEBUGLEVEL configuration variable has been removed. + The example NFS Ganesha call-out has been improved. + A new "replicated" database type is available.- CVE-2017-12163: Prevent client short SMB1 write from writing server memory to file; (bso#13020); (bsc#1058624).- CVE-2017-12150: Some code path don't enforce smb signing, when they should; (bso#12997); (bsc#1058622).- CVE-2017-12151: Keep required encryption across SMB3 dfs redirects; (bso#12996); (bsc#1058565).- Clean specfile assuming SUSE-only system and product >=SLE11 + %{ul_version}, %{rhel_version}, %{mandriva_version}, %{centos_version} are always undefined + %{_vendor} is "suse" and %{suse_version} is at least 1100- Update to 4.6.7; (bsc#1054017) + Joining a Huawai storage fails: empty CLDAP ping answer; (bso#11392). + smbcacls can fail against a directory on Windows using SMB2.; (bso#12937). + vfs_ceph provides inconsistent directory listings; (bso#12911). + Misused talloc context can cause a user to crash their smbd by chaining SMB1 commands.; (bso#12836). + Use-after free can crash libsmbclient code.; (bso#12927). + Server exit with active AIO can crash.; (bso#12925). + Ensure notifyd doesn't return from smbd_notifyd_init; (bso#12910). + fd leak to ctdb sub-processes leads to SELinux AVC denial in audit logs; (bso#12898). + vfs_fruit shouldn't send MS NFS ACEs to Windows clients; (bso#12897). + smbspool_krb5_wrapper does not tell CUPS that it requires negotiate for authentication; (bso#12886). + finder sidebar showing question mark instead of icon when using ip to connect with vfs_fruit; (bso#12840). + Winbind stops obtaining the 'unixHomeDirectory' & 'loginShell' attributes from AD.; (bso#12720). + KCC run at selftest startup can fail spuriously due to a race; (bso#12869). + winbindd changes the local password and gets NT_STATUS_WRONG_PASSWORD for the remote change; (bso#12782). + rpc_pipe_client memory leaks due to long term memory context passed to rpc_pipe_open_interface(); (bso#12890). + CVE-2017-2619 breaks accessing previous versions of directories with snapshots in subdirectories of the share; (bso#12885). + dns_name_equal doing OOB read; (bso#12813). + replica_sync tests flap; (bso#12753). + Selftest should not call 'net cache flush' and wipe important winbind entries; (bso#12868). + Old Samba versions don't support using recent ldb versions (>=1.1.30); (bso#12859). + pam_winbind fails with kerberos method = secrets and keytab; (bso#10490). + race starting winbindd against posixacl test; (bso#12843). + Crash in the reentrant smbd_smb2_create_send() if the something fails in the subsequent try; (bso#12832). + spnego.c passes the wrong argument order to gensec_update_ev() for the FALLBACK case; (bso#12788). + Clients with SMB3 support can't connect with "server max protocol = SMB2_02"; (bso#12772). + A log message of samb-tool user syncpasswords reverses string arguments in a debug message "Call Popen[...".; (bso#12768). + The smb tarmode tests kills the share dir contents; (bso#12867). + Fix for a bug in MacOS X Sierra NTLMv2 processing; (bso#12862). + CVE-2017-2619 regression with non-wide symlinks to directories; (bso#12860). + manpage/index.html lists links not in alphabetical order; (bso#12854). + smbcacls got error NT_STATUS_NETWORK_NAME_DELETED; (bso#12831). + If a record is locked in a database, then recovery does not complete; (bso#12857). + debug_locks.sh script does not log any information; (bso#12856). + SIGSEGV in cm_connect_lsa_tcp dereferencing conn->lsa_tcp_pipe->transport after error; (bso#12852). + smbclient can't parse DOMAIN+username if a different winbind separator is used; (bso#12849). + Related requests with SessionSetup fail with INTERNAL_ERROR; (bso#12845). + Related requests with TreeConnect fail with NETWORK_NAME_DELETED; (bso#12844). + cli->server_os not filled correctly; (bso#12779). + REGRESSION: smbclient doesn't print the session setup anymore; (bso#12824). + smblcient doesn't handle STATUS_NOT_SUPPORTED gracefully for FSCTL_VALIDATE_NEGOTIATE_INFO; (bso#12808). + CTDB NFS call-out failures do not cause event failures; (bso#12837). + net command fails due to incorrectly return code; (bso#12828). + Fix building Samba with GCC 7.1; (bso#12827).- Fix duplicate CTDB_LOGGING params when downgraded and upgraded again; (bsc#1048339).- fix cephwrap_chdir(); (bsc#1048790). - Update to 4.6.6 + CVE-2017-11103: Orpheus' Lyre KDC-REP service name validation; (bsc#1048278).- Fix ctdb logs to /var/log/log.ctdb instead of /var/log/ctdb; (bsc#1048339).- Fix inconsistent ctdb socket path; (bsc#1048352). - Fix non-admin cephx authentication; (bsc#1048387).- Update to 4.6.5; (bsc#1040157) + Specifying CTDB_LOGGING=syslog:nonblocking causes ctdbd to crash at startup; (bso#12814). + vfs_expand_msdfs tries to open the remote address as a file path; (bso#12687). + PANIC (pid 1096): assert failed: lease_type_is_exclusive(e_lease_type); (bso#12798). + With clustering get update_num_read_oplocks failed and PANIC: num_share_modes == 1 assertion failure; (bso#11844). + contend_level2_oplocks_begin_default oplock optimisation doesn't carry over to leases; (bso#12766). + `ctdb nodestatus` incorrectly displays status for all nodes with wrong exit code; (bso#12802). + CTDB can spin hard on revoking readonly delegations if a node becomes disconnected; (bso#12697). + Printing a share mode entry with leases can crash in the ndr code; (bso#12793). + Fix flakey unit tests for eventd; (bso#12792). + CTDB daemon crashes if built with clang; (bso#12770). + smbcacls fails if no password is specified; (bso#12765). + idmap_rfc2307: Lookup of more than two SIDs fails; (bso#12757). + samba-tool user syncpasswords doesn't trigger the script when a user gets removed; (bso#12767). + systemd: fix detection of libsystemd; (bso#12764). + Notify subsystem only maps first inotify mask to Windows notify filter; (bso#12760). + Allow passing trusted domain password as plain-text to PASSDB layer; (bso#12751). + Can't case-rename files with vfs_fruit; (bso#12749). + wrong sid->uid mapping for SIDs residing in sIDHistory; (bso#12702). + vfs_acl_common should force "create mask = 0777", not 0666; (bso#12562). + Ordering of notify responses broken; (bso#12756).- s3: libsmb: Fix error where short name length was read as 2 bytes, should be 1; (bso#11822); (bsc#1042419).- Revert explicit winbind %{version}-%{release} dependency. + The ABI has stabilized since (bsc#936909), so remove to fix cross-media dependencies; (bsc#1037899).- Fix CVE-2017-7494 remote code execution from a writable share; (bso#12780); (bsc#1038231).- Update to 4.6.3; (bsc#1036011) + s3:vfs:shadow_copy2: vfs_shadow_copy2 fails to list snapshots from shares with GlusterFS backend; (bso#12743). + Fix for Solaris C compiler; (bso#12559). + s3: locking: Update oplock optimization for the leases era; (bso#12628). + Make the Solaris C compiler happy; (bso#12693). + s3: libgpo: Allow skipping GPO objects that don't have the expected LDAP attributes; (bso#12695). + Fix buffer overflow caused by wrong use of getgroups; (bso#12747). + lib: debug: Avoid negative array access; (bso#12746). + cleanupdb: Fix a memory read error; (bso#12748). + streams_xattr and kernel oplocks results in NT_STATUS_NETWORK_BUSY; (bso#7537). + winbindd: idmap_autorid allocates ids for unknown SIDs from other backends; (bso#11961). + vfs_fruit: Resource fork open request with flags=O_CREAT|O_RDONLY; (bso#12565). + manpages/vfs_fruit: Document global options; (bso#12615). + lib/pthreadpool: Fix a memory leak; (bso#12624). + Lookup-domain for well-known SIDs on a DC; (bso#12727). + winbindd: Fix error handling in rpc_lookup_sids(); (bso#12728). + winbindd: Trigger possible passdb_dsdb initialisation; (bso#12729). + credentials_krb5: use gss_acquire_cred for client-side GSSAPI use case; (bso#12611). + lib/crypto: Implement samba.crypto Python module for RC4; (bso#12690). + ctdb-readonly: Avoid a tight loop waiting for revoke to complete; (bso#12697). + ctdb_event monitor command crashes if event is not specified; (bso#12723). + ctdb-docs: Fix documentation of "-n" option to 'ctdb tool'; (bso#12733). + smbd: Fix smb1 findfirst with DFS; (bso#12558). + smbd: Do an early exit on negprot failure; (bso#12610). + winbindd: Fix substitution for 'template homedir'; (bso#12699). + s4:kdc: Disable principal based autodetected referral detection; (bso#12554). + idmap_autorid: Allocate new domain range if the callers knows the sid is valid; (bso#12613). + LINKFLAGS_PYEMBED should not contain -L/some/path; (bso#12724). + PAM auth with WBFLAG_PAM_GET_PWD_POLICY returns wrong policy for trusted domain; (bso#12725). + rpcclient: Allow -U'OTHERDOMAIN\user' again; (bso#12731). + winbindd: Fix password policy for pam authentication; (bso#12725). + s3:gse: Correctly handle external trusts with MIT; (bso#12554). + auth/credentials: Always set the realm if we set the principal from the ccache; (bso#12611). + replace: Include sysmacros.h; (bso#12686). + s3:vfs_expand_msdfs: Do not open the remote address as a file; (bso#12687). + s3:libsmb: Only print error message if kerberos use is forced; (bso#12704). + winbindd: Child process crashes when kerberos-authenticating a user with wrong password; (bso#12708). + vfs_fruit: Office document opens as read-only on macOS due to CNID semantics; (bso#12715). + vfs_acl_xattr: Fix failure to get ACL on Linux if memory is fragmented; (bso#12737).- Generate and update vendor-files tarball from Git + SuSEfirewall2 service samba-client only setup IPv4 rule; (bsc#1034416).- Generate source tarball directly from Git using OBS tar_scm + use version string derived from parent Git tag and commit hash - remove obsolete vendor-files/tools/package-data version ID + explicitly generate ctdb manpages, needed without "make dist"- Update to 4.6.2 + remove bso#12721 patches now upstream- Enable samba-ceph build for openSUSE and SLE12SP3+; (fate#321622). + x86-64 and aarch64- Enable librados CTDB lock helper for samba-ceph package; (fate#321622).- Build and install the html man pages (bsc#1021907).- Fix CVE-2017-2619 regression with "follow symlinks = no"; (bso#12721).- Update to 4.6.1 + symlink race permits opening files outside share directory; CVE-2017-2619; (bso#12496); (bsc#1027147) + testparm checks for valid idmap parameters + add new krb client encryption types + support for printer driver upload from windows 10 + inherit owner = 'unix only' for improved quota support + improved CTDB event support + new primary group support for idmap_ad + idmap_hash deprecated + mvxattr added to recursively rename extended attributes- Remove chkconfig requirements for systemd systems- Don't call insserv if systemd is used- Fix check if we need to require insserv- async_req: make async_connect_send() "reentrant"; (bso#12105); (bsc#1024416).- Force usage of ncurses6-config thru NCURSES_CONFIG env var; (bsc#1023847).- add missing patch for libnss_wins segfault; (bsc#995730).- Fix vfs_ceph builds against recent Ceph versions; (bsc#1021933).- Document "winbind: ignore domains" parameter; (bsc#1019416).- Add base Samba dependency to samba-ceph package.- Update to 4.5.3 + Heap-based Buffer Overflow Remote Code Execution Vulnerability; CVE-2016-2123; (bso#12409); (bsc#1014437). + Don't send delegated credentials to all servers; CVE-2016-2125; (bso#12445); (bsc#1014441). + denial of service due to a client triggered crash in the winbindd parent process; CVE-2016-2126; (bso#12446); (bsc#1014442). - 4.5.1 and 4.5.2 updates + various streams vfs fixes + various printing fixes + ntlm_auth: do not map explicitly empty domain + various stability fixes in smbd + match file compression ReFS behavior- Add missing ldb module directory; (bnc#1012092).- s3/client: obey 'disable netbios' smb.conf param, don't connect via NBT port; (bsc#1009085); (bso#12418).- Include vfstest in samba-test; (bsc#1001203).- s3/winbindd: using default domain with user@domain.com format fails; (bsc#997833).- Fix segfault in libnss_wins; (bso#12277); (bso#12269); (bsc#995730).- Update to 4.5.0 + NTLM1 Authentication disabled by default + SMB2.1 leases enabled by default + Support for OFD locks + ctdb tool rewritten + Added shadow copy snapshot prefix parameter- Fix illegal memory access after memory has been deleted; (bso#11836); (bsc#975299).- Prevent core, make sure response->extra_data.data is always cleared out; (bsc#993692).- Don't package man pages for VFS modules that aren't built; (boo#993707).- Fix population of ctdb sysconfig after source merge; (bsc#981566).- Enable vfs_ceph builds for Factory (x86-64) + Package as samba-ceph to avoid Ceph dependency in base package.- Update to 4.4.5 + Prevent client-side SMB2 signing downgrade; CVE-2016-2119; (bso#11860); (bsc#986869).- Remove obsolete syslog.target; (bsc#983938).- Honor smb.conf socket options in winbind; (bsc#975131).- Don't use htons() with IP_PROTO_RAW; (bso#11705); (bsc#969522).- Update to 4.4.4 + SMB3 multichannel: Add implementation of missing channel sequence number verification; (bso#11809). + smbd:close: Only remove kernel share modes if they had been taken at open; (bso#11919). + notifyd: Prevent NULL deref segfault in notifyd_peer_destructor; (bso#11930). + s3:rpcclient: Make '--pw-nt-hash' option work; (bso#10796). + Fix case sensitivity issues over SMB2 or above; (bso#11438). + s3:smbd: Fix anonymous authentication if signing is mandatory. (bso#11910) + Fix NTLM Authentication issue with squid; (bso#11914). + pdb: Fix segfault in pdb_ldap for missing gecos; (bso#11530). + Fix memory leak in share mode locking; (bso#11934).- Update to 4.4.3 + Various post-badlock regressions; (bso#11841); (bso#11850); (bso#11858); (bso#11870); (bso#11872). + Only allow idmap_hash for default idmap config (bso#11786). + smbd: Avoid large reads beyond EOF; (bso#11878). + vfs_acl_common: Avoid setting POSIX ACLs if "ignore system acls" is set; (bso#11806). + libads: Record session expiry for spnego sasl binds; (bso#11852).- Fix NTLMSSP regressions caused by previous CVE fixes; (bso#11849); (bsc#975962); (bsc#979268), (bsc#977669).- Revert shared library packaging to comply with SLPP- Update to 4.4.2 + A man-in-the-middle can downgrade NTLMSSP authentication; CVE-2016-2110; (bso#11688); (bsc#973031). + Domain controller netlogon member computer can be spoofed; CVE-2016-2111; (bso#11749); (bsc#973032). + LDAP conenctions vulnerable to downgrade and MITM attack; CVE-2016-2112; (bso#11644); (bsc#973033). + TLS certificate validation missing; CVE-2016-2113; (bso#11752); (bsc#973034). + Named pipe IPC vulnerable to MITM attacks; CVE-2016-2115; (bso#11756); (bsc#973036). + "Badlock" DCERPC impersonation of authenticated account possible; CVE-2016-2118; (bso#11804); (bsc#971965). + DCERPC server and client vulnerable to DOS and MITM attacks; CVE-2015-5370; (bso#11344); (bsc#936862).- Fix samba.tests.messaging test and prevent potential tdb corruption by removing obsolete now invalid tdb_close call; (bsc#974629).- Obsolete libsmbclient from libsmbclient0 while not providing it; (bsc#972197).- Update to 4.4.0. + Read of uninitialized memory DNS TXT handling; (bso#11128); (bso#11686); CVE-2016-0771. + Getting and setting Windows ACLs on symlinks can change permissions on link target; (bso#11648); CVE-2015-7560. + Sockets with htons(IPPROTO_RAW); (bso#11705); CVE-2015-8543. + s3: smbd: posix_acls: Fix check for setting u:g:o entry on a filesystem with no ACL support; (bso#10489). + docs: Add example for domain logins to smbspool man page; (bso#11643). + smbd: Show correct disk size for different quota and dfree block sizes; (bso#11681). + docs: Add smbspool_krb5_wrapper manpage; (bso#11690). + winbindd: Return trust parameters when listing trusts; (bso#11691). + ctdb: Do not provide a useless pkgconfig file for ctdb; (bso#11696). + Crypto.Cipher.ARC4 is not available on some platforms, fallback to M2Crypto.RC4.RC4 then; (bso#11699). + s3:utils/smbget: Set default blocksize; (bso#11700). + Streamline 'smbget' options with the rest of the Samba utils; (bso#11700). + s3:clispnego: Fix confusing warning in spnego_gen_krb5_wrap(); (bso#11702). + s3: smbd: Fix timestamp rounding inside SMB2 create; (bso#11703). + loadparm: Fix memory leak issue; (bso#11708). + lib/tsocket: Work around sockets not supporting FIONREAD; (bso#11714). + s3:vfs:glusterfs: Fix build after quota changes; (bso#11715). + ctdb-scripts: Drop use of "smbcontrol winbindd ip-dropped ..."; (bso#11719). + lib:socket: Fix CID 1350010: Integer OVERFLOW_BEFORE_WIDEN; (bso#11723). + smbd: Fix CID 1351215 Improper use of negative value; (bso#11724). + smbd: Fix CID 1351216 Dereference null return value; (bso#11725). + s3:smbd:open: Skip redundant call to file_set_dosmode when creating a new file; (bso#11727). + docs: Add manpage for cifsdd; (bso#11730). + param: Fix str_list_v3 to accept ; again; (bso#11732). + lib/socket: Fix improper use of default interface speed; (bso#11734). + lib:socket: Fix CID 1350009: Fix illegal memory accesses (BUFFER_SIZE_WARNING); (bso#11735). + libcli: Fix debug message, print sid string for new_ace trustee; (bso#11738). + Fix installation path of Samba helper binaries; (bso#11739). + Fix memory leak in loadparm; (bso#11740). + tevent: version 0.9.28: Fix memory leak when old signal action restored; (bso#11742). + smbd: Ignore SVHDX create context; (bso#11753). + Fix net join; (bso#11755). + s3:libads: setup the msDS-SupportedEncryptionTypes attribute on ldap_add; (bso#11755). + passdb: Add linefeed to debug message; (bso#11763). + s3:utils/smbget: Fix option parsing; (bso#11767). + libnet: Make Kerberos domain join site-aware; (bso#11769). + Reset TCP Connections during IP failover; (bso#11770). + ldb: Version 1.1.26; (bso#11772). + s3:smbd: Add negprot remote arch detection for OSX; (bso#11773). + vfs_glusterfs: Fix use after free in AIO callback; (bso#11774). + mkdir can return ACCESS_DENIED incorrectly on create race; (bso#11780). + "trustdom_list_done: Got invalid trustdom response" message should be avoided; (bso#11782). + Mismatch between local and remote attribute ids lets replication fail with custom schema; (bso#11783). + Quota is not supported on Solaris 10; (bso#11788). + Talloc: Version 2.1.6; (bso#11789). + smbd: Enable multi-channel if 'server multi channel support = yes' in the config; (bso#11796). + build: Fix build when '--without-quota' specified; (bso#11798). + lib/socket/interfaces: Fix some uninitialied bytes; (bso#11802). + Access based share enum: handle permission set in configuration files; (bso#8093). + See also WHATSNEW.txt from the samba-doc package.- Update to 4.3.6. + Getting and setting Windows ACLs on symlinks can change permissions on link target; CVE-2015-7560; (bso#11648); (bsc#968222). + Fix Out-of-bounds read in internal DNS server; CVE-2016-0771; (bso#11128); (bso#11686); (bsc#968223).- Upgrade on-disk FSRVP server state to new version; (bsc#924519).- Only obsolete but do not provide gplv2/3 package names; (bsc#968973).- Relocate existing lock files to /var/lib/samba/lock; (bsc#968963).- Obsolete no longer existing samba-32bit package; (bsc#967625).- Update to 4.3.5. + s3:utils/smbget: Fix recursive download; (bso#6482). + s3: smbd: posix_acls: Fix check for setting u:g:o entry on a filesystemi with no ACL support; (bso#10489). + s3:smbd/oplock: Obey kernel oplock setting when releasing oplocks; (bso#11400). + vfs_shadow_copy2: Fix case where snapshots are outside the share; (bso#11580). + smbclient: Query disk usage relative to current directory; (bso#11662). + winbindd: Handle expired sessions correctly; (bso#11670). + smbd: Show correct disk size for different quota and dfree block sizes; (bso#11681). + smbcacls: Fix uninitialized variable; (bso#11682). + s3:smbd: Ignore initial allocation size for directory creation; (bso#11684). + s3-client: Add a KRB5 wrapper for smbspool; (bso#11690). + s3-parm: Clean up defaults when removing global parameters; (bso#11693). + Use M2Crypto.RC4.RC4 on platforms without Crypto.Cipher.ARC4; (bso#11699). + s3: smbd: Fix timestamp rounding inside SMB2 create; (bso#11703). + ctdb: Remove error messages after kernel security update; CVE-2015-8543; (bso#11705). + loadparm: Fix memory leak issue; (bso#11708). + lib/tsocket: Work around sockets not supporting FIONREAD; (bso#11714). + ctdb-scripts: Drop use of "smbcontrol winbindd ip-dropped ..."; (bso#11719). + s3:smbd:open: Skip redundant call to file_set_dosmode when creating a new file; (bso#11727). + param: Fix str_list_v3 to accept ";" again; (bso#11732).- Shift samba-client sysconfig data into samba and samba-winbind; (bsc#947361).- Simplify shared library packaging; (bsc#966956).- Enable clustering (CTDB) support; (bsc#966271).- s3: smbd: Fix timestamp rounding inside SMB2 create; (bso#11703); (bsc#964023).- Add quotes around path of update-apparmor-samba-profile; (bnc#962177).- Remove autoconf build-time requirement.- Update to 4.3.4. + vfs_fruit: Enable POSIX directory rename semantics; (bso#11065). + Crash: Bad talloc magic value - access after free; (bso#11394). + Copying files with vfs_fruit fails when using vfs_streams_xattr without stream prefix and type suffix; (bso#11466). + samba-tool: Fix uncaught exception if no fSMORoleOwner attribute is given; (bso#11613). + Fix a typo in the smb.conf manpage, explanation of idmap config; (bso#11619). + Correctly initialize the list head when keeping a list of primary followed by DFS connections; (bso#11624). + Reduce the memory footprint of empty string options; (bso#11625). + lib/async_req: Do not install async_connect_send_test; (bso#11639). + Fix typos in man vfs_gpfs; (bso#11641). + Make "hide dot files" option work with "store dos attributes = yes"; (bso#11645). + Fix a corner case of the symlink verification; (bso#11647); (bnc#960249). + Do not disable "store dos attributes" on-the-fly; (bso#11649). + Update lastLogon and lastLogonTimestamp; (bso#11659).- Prevent access denied if the share path is "/"; (bso#11647); (bnc#960249).- Update to 4.3.3. + Malicious request can cause Samba LDAP server to hang, spinning using CPU; CVE-2015-3223; (bso#11325); (bnc#958581). + Remote read memory exploit in LDB; CVE-2015-5330; (bso#11599); (bnc#958586). + Insufficient symlink verification (file access outside the share); CVE-2015-5252; (bso#11395); (bnc#958582). + No man in the middle protection when forcing smb encryption on the client side; CVE-2015-5296; (bso#11536); (bnc#958584). + Currently the snapshot browsing is not secure thru windows previous version (shadow_copy2); CVE-2015-5299; (bso#11529); (bnc#958583). + Fix Microsoft MS15-096 to prevent machine accounts from being changed into user accounts; CVE-2015-8467; (bso#11552); (bnc#958585).- Update to 4.3.2. + vfs_gpfs: Re-enable share modes; (bso#11243). + dcerpc.idl: Accept invalid dcerpc_bind_nak pdus; (bso#11327). + s3-smbd: Fix old DOS client doing wildcard delete - gives an attribute type of zero; (bso#11452). + Add libreplace dependency to texpect, fixes a linking error on Solaris; (bso#11511). + s4: Fix linking of 'smbtorture' on Solaris; (bso#11512). + s4:lib/messaging: Use correct path for names.tdb; (bso#11562). + Fix segfault of 'net ads (join|leave) -S INVALID' with nss_wins; (bso#11563). + async_req: Fix non-blocking connect(); (bso#11564). + auth: gensec: Fix a memory leak; (bso#11565). + lib: util: Make non-critical message a warning; (bso#11566). + Fix winbindd crashes with samlogon for trusted domain user; (bso#11569); (bnc#949022). + smbd: Send SMB2 oplock breaks unencrypted; (bso#11570). + ctdb: Open the RO tracking db with perms 0600 instead of 0000; (bso#11577). + s3:smb2_server: Make the logic of SMB2_CANCEL DLIST_REMOVE() clearer; (bso#11581). + s3-smbd: Fix use after issue in smbd_smb2_request_dispatch(); (bso#11581). + manpage: Correct small typo error; (bso#11584). + s3: smbd: If EAs are turned off on a share don't allow an SMB2 create containing them; (bso#11589). + Backport some valgrind fixes from upstream master; (bso#11597). + auth: Consistent handling of well-known alias as primary gid; (bso#11608). + winbind: Fix crash on invalid idmap configs; (bso#11612). + s3: smbd: have_file_open_below() fails to enumerate open files below an open directory handle; (bso#11615). + Changing log level of two entries to DBG_NOTICE; (bso#9912).- Ensure samlogon fallback requests are rerouted after kerberos failure; (bnc#953382); (bnc#953972).- Ensure to link with --as-needed flag by removing SUSE_ASNEEDED=0. - Always use the default optimization even on pre-9.2 systems.- Remove redundant configure options while adding with-relro.- Relocate the lockdir to the /var/lib/samba/lock directory.- Cleanup and enhance the pidl sub package.- Require renamed python-ldb-devel and python-talloc-devel at build-time. - Requires python-ldb and python-talloc from the python subpackage.- Update to 4.3.1. + s3: smbd: Fix our access-based enumeration on "hide unreadable" to match Windows; (bso#10252). + nss_winbind: Fix hang on Solaris on big groups; (bso#10365). + smbd: Fix file name buflen and padding in notify repsonse; (bso#10634). + kerberos: Make sure we only use prompter type when available; winbind: Fix 100% loop; (bso#11038). + source3/lib/msghdr.c: Fix compiling error on Solaris; (bso#11053). + s3:ctdbd_conn: make sure we destroy tevent_fd before closing the socket; (bso#11316). + s3: smbd: Fix mkdir race condition; (bso#11486). + pam_winbind: Fix a segfault if initialization fails; (bso#11502). + s3: dfs: Fix a crash when the dfs targets are disabled; (bso#11509). + s4:lib/messaging: Use 'msg.lock' and 'msg.sock' for messaging related subdirs; (bso#11515). + s3: smbd: Fix opening/creating :stream files on the root share directory; (bso#11522). + lib/param: Fix hiding of FLAG_SYNONYM values; (bso#11526). + net: Fix a crash with 'net ads keytab create'; (bso#11528). + s3: smbd: Fix a crash in unix_convert(); (bso#11535). + s3: smbd: Fix NULL pointer bug introduced by previous 'raw' stream fix (bso#11522); (bso#11535). + vfs_fruit: Return value of ad_pack in vfs_fruit.c; (bso#11543). + vfs_commit: set the fd on open before calling SMB_VFS_FSTAT; (bso#11547). + s3:locking: Initialize lease pointer in share_mode_traverse_fn(); (bso#11549). + s3:smbstatus: Add stream name to share_entry_forall(); (bso#11550). + s3:lib: Validate domain name in lookup_wellknown_name(); (bso#11555). + s3: lsa: lookup_name() logic for unqualified (no DOMAIN component) names is incorrect; (bso#11555).- Fix 100% CPU in winbindd when logging in with "user must change password on next logon"; (bso#11038).- Relocate the tmpfiles.d directory to the client package; (bnc#947552).- Do not provide libpdb0 from libsamba-passdb0 but add it to baselibs.conf instead; (bnc#942716).- Package /var/lib/samba/private/sock with 0700 permissions; (bnc#946051).- Package /var/lib/samba/msg with 0755 permissions; (bso#11515); (bnc#945502).- Require to install libfam0-gamin from samba-libs on post-12.1 and pre-13.15 systems; (bnc#945013).- Update to 4.3.0. + Samba "map to guest = Bad uid" doesn't work; (bso#9862). + revert LDAP extended rule 1.2.840.113556.1.4.1941 LDAP_MATCHING_RULE_IN_CHAIN changes; (bso#10493). + No objectClass found in replPropertyMetaData on ordinary objects (non-deleted); (bso#10973). + Stream names with colon don't work with fruit:encoding = native; (bso#11278). + NetApp joined to a Samba/ADDC cannot resolve SIDs; (bso#11291). + tevent_fd needs to be destroyed before closing the fd; (bso#11316). + "force group" with local group not working; (bso#11320). + strsep is not available on Solaris; (bso#11359). + smbtorture does not build when configured --with-system-mitkrb5; (bso#11411). + Build with GPFS support is broken; (bso#11421). + Build broken with --disable-python; (bso#11424). + net share allowedusers crashes; (bso#11426). + nmbd incorrectly matches netbios names as own name; (bso#11427). + Python bindings don't check integer types; (bso#11429). + Python bindings don't check array sizes; (bso#11430). + CTDB's eventscript error handling is broken; (bso#11431). + Fix crash in nested ctdb banning; (bso#11432). + Cannot build ctdbpmda; (bso#11434). + samba-tool uncaught exception error; (bso#11436). + Crash in notify_remove caused by change notify = no; (bso#11444). + Poor SMB3 encryption performance with AES-GCM; (bso#11451). + Poor SMB3 encryption performance with AES-GCM (part1); (bso#11451). + fix recursion problem in rep_strtoll in lib/replace/replace.c; (bso#11455). + --bundled-libraries=!ldb,!pyldb,!pyldb-util doesn't disable ldb build and install; (bso#11458). + xid2sid gives inconsistent results; (bso#11464). + ctdb: Fix the build on FreeBSD 10.1; (bso#11465). + Handling of 0 byte resource fork stream; (bso#11467). + AD samr GetGroupsForUser fails for users with "()" in their name; (bso#11488).- Configure with --bundled-libraries=NONE; (bso#11458).- Adapt net-kdc-lookup patch for post-3.3 Samba versions; (bnc#295284).- Remove libiniparser-devel build-time requirement.- Update to 4.2.3. + s4:lib/tls: Fix build with gnutls 3.4; (bso#8780). + s4.2/fsmo.py: Fixed fsmo transfer exception; (bso#10924). + winbindd: Sync secrets.ldb into secrets.tdb on startup; (bso#10991). + Logon via MS Remote Desktop hangs; (bso#11061). + s3: lib: util: Ensure we read a hex number as %x, not %u; (bso#11068). + tevent: Add a note to tevent_add_fd(); (bso#11141). + s3:param/loadparm: Fix 'testparm --show-all-parameters'; (bso#11170). + s3-unix_msg: Remove socket file after closing socket fd; (bso#11217). + smbd: Fix a use-after-free; (bso#11218); (bnc#919309). + s3-rpc_server: Fix rpc_create_tcpip_sockets() processing of interfaces; (bso#11245). + s3:smb2: Add padding to last command in compound requests; (bso#11277). + Add IPv6 support to ADS client side LDAP connects; (bso#11281). + Add IPv6 support for determining FQDN during ADS join; (bso#11282). + s3: IPv6 enabled DNS connections for ADS client; (bso#11283). + Fix invalid write in ctdb_lock_context_destructor; (bso#11293). + Excessive cli_resolve_path() usage can slow down transmission; (bso#11295). + vfs_fruit: Add option "veto_appledouble"; (bso#11305). + tstream: Make socketpair nonblocking; (bso#11312). + idmap_rfc2307: Fix wbinfo '--gid-to-sid' query; (bso#11313). + Group creation: Add msSFU30Name only when --nis-domain was given; (bso#11315). + tevent_fd needs to be destroyed before closing the fd; (bso#11316). + Build fails on Solaris 11 with "‘PTHREAD_MUTEX_ROBUST’ undeclared"; (bso#11319). + smbd/trans2: Add a useful diagnostic for files with bad encoding; (bso#11323). + Change sharesec output back to previous format; (bso#11324). + Robust mutex support broken in 1.3.5; (bso#11326). + Kerberos auth info3 should contain resource group ids available from pac_logon; winbindd: winbindd_raw_kerberos_login - ensure logon_info exists in PAC; (bso#11328); (bnc#912457). + s3:smb2_setinfo: Fix memory leak in the defer_rename case; (bso#11329). + tevent: Fix CID 1035381 Unchecked return value; (bso#11330). + tdb: Fix CID 1034842 and 1034841 Resource leaks; (bso#11331). + s3: smbd: Use separate flag to track become_root()/unbecome_root() state; (bso#11339). + s3: smbd: Codenomicon crash in do_smb_load_module(); (bso#11342). + pidl: Make the compilation of PIDL producing the same results if the content hasn't change; (bso#11356). + winbindd: Disconnect child process if request is cancelled at main process; (bso#11358). + vfs_fruit: Check offset and length for AFP_AfpInfo read requests; (bso#11363). + docs: Overhaul the description of "smb encrypt" to include SMB3 encryption; (bso#11366). + s3:auth_domain: Fix talloc problem in connect_to_domain_password_server(); (bso#11367). + ncacn_http: Fix GNUism; (bso#11371).- Disable rpath usage; (bnc#902421).- Make the winbind package depend on the matching libwbclient version and vice versa; (bnc#936909).- Backport changes to use resource group sids obtained from pac logon_info; (bso#11328); (bnc#912457).- Order winbind.service Before and Want nss-user-lookup target.- Remove fam-devel build-time dependency for post-6 RHEL systems.- Update to 4.2.2. + s3:smbXsrv: refactor duplicate code into smbXsrv_session_clear_and_logoff(); (bso#11182). + gencache: don't fail gencache_stabilize if there were records to delete; (bso#11260). + s3: libsmbclient: After getting attribute server, ensure main srv pointer is still valid; (bso#11186). + s4: rpc: Refactor dcesrv_alter() function into setup and send steps; (bso#11236). + s3: smbd: Incorrect file size returned in the response of "FILE_SUPERSEDE Create"; (bso#11240). + Mangled names do not work with acl_xattr; (bso#11249). + nmbd rewrites browse.dat when not required; (bso#11254). + vfs_fruit: add option "nfs_aces" that controls the NFS ACEs stuff; (bso#11213). + s3:smbd: Add missing tevent_req_nterror; (bso#11224). + vfs: kernel_flock and named streams; (bso#11243). + vfs_gpfs: Error code path doesn't call END_PROFILE; (bso#11244). + s4: libcli/finddcs_cldap: continue processing CLDAP until all addresses are used; (bso#11284). + ctdb: check for talloc_asprintf() failure; (bso#11201). + spoolss: purge the printer name cache on name change; (bso#11210); (bnc#901813). + CTDB statd-callout does not scale; (bso#11204). + vfs_fruit: also map characters below 0x20; (bso#11221). + ctdb: Coverity fix for CID 1291643; (bso#11201). + Multiplexed RPC connections are not handled by DCERPC server; (bso#11225). + Fix terminate connection behavior for asynchronous endpoint with PUSH notification flavors; (bso#11226). + ctdb-scripts: Fix bashism in ctdbd_wrapper script; (bso#11007). + ctdb: Fix CIDs 1125615, 1125634, 1125613, 1288201 and 1125553; (bso#11201). + SMB2 should cancel pending NOTIFY calls with DELETE_PENDING if the directory is deleted; (bso#11257). + s3:winbindd: make sure we remove pending io requests before closing client sockets; (bso#11141); (bnc#931854). + Fix panic triggered by smbd_smb2_request_notify_done() -> smbXsrv_session_find_channel() in smbd; (bso#11182). + 'sharesec' output no longer matches input format; (bso#11237). + waf: Fix systemd detection; (bso#11200). + CTDB: Fix portability issues; (bso#11202). + CTDB: Fix some IPv6-related issues; (bso#11203). + CTDB statd-callout does not scale; (bso#11204). + 'net ads dns gethostbyname' crashes with an error in TALLOC_FREE if you enter invalid values; (bso#11234). + libads: record service ticket endtime for sealed ldap connections; (bso#11267). + lib/util: Include DEBUG macro in internal header files before samba_util.h; (bso#11033).- Avoid a crash inside the tevent epoll backend; (bso#11141); (bnc#931854).- Remove the independently built libraries ldb, talloc, tdn, and tevent and the post-10.3 renamed libsmbclient from baselibs.conf.- Drop redundant doc attribute from man pages.- Update to 4.2.1. + s3:winbind:grent: Don't stop group enumeration when a group has no gid; (bso#8905). + Initialize dwFlags field of DNS_RPC_NODE structure; (bso#9791). + s3: lib: ntlmssp: If NTLMSSP_NEGOTIATE_TARGET_INFO isn't set, cope with servers that don't send the 2 unused fields; (bso#10016). + build:wafadmin: Fix use of spaces instead of tabs; (bso#10476). + waf: Fix the build on openbsd; (bso#10476). + s3: client: "client use spnego principal = yes" code checks wrong name; (bso#10888). + spoolss: Retrieve published printer GUID if not in registry; (bso#11018). + s3: lib: libsmbclient: If reusing a server struct, check every cli->timout miliseconds if it's still valid before use; (bso#11079). + vfs_fruit: Enhance handling of malformed AppleDouble files; (bso#11125). + backupkey: Explicitly link to gnutls and gcrypt; (bso#11135). + replace: Remove superfluous check for gcrypt header; (bso#11135). + Backport subunit changes; (bso#11137). + libcli/auth: Match Declaration of netlogon_creds_cli_context_tmp with implementation; (bso#11140). + s3-winbind: Fix cached user group lookup of trusted domains; (bso#11143). + talloc: Version 2.1.2; (bso#11144). + Update libwbclient version to 0.12; (bso#11149). + brlock: Use 0 instead of empty initializer list; (bso#11153). + s4:auth/gensec_gssapi: Let gensec_gssapi_update() return NT_STATUS_LOGON_FAILURE for unknown errors; (bso#11164). + docs/idmap_rid: Remove deprecated base_rid from example; (bso#11169); (bnc#913304). + s3: libcli: smb1: Ensure we correctly finish a tevent req if the writev fails in the SMB1 case; (bso#11173). + backupkey: Use ndr_pull_struct_blob_all(); (bso#11174). + Fix lots of winbindd zombie processes on Solaris platform; (bso#11175). + s3: libsmbclient: Add missing talloc stackframe; (bso#11177). + s4-process_model: Do not close random fds while forking; (bso#11180). + s3-passdb: Fix 'force user' with winbind default domain; (bso#11185).- Prevent samba package updates from disabling samba kerberos printing.- Add sparse file support for samba; (fate#318424).- Purge printer name cache on spoolss SetPrinter change; (bso#11210); (bnc#901813).- Correctly retain errno from Btrfs snapshot ioctls; (bnc#923374).- Simplify libxslt build requirement and README.SUSE install. - Remove no longer required cleanup steps while populating the build root.- Remove deprecated base_rid example from idmap_rid manpage; (bso#11169); (bnc#913304).- Update to 4.2.0. + smbd: Stop using vfs_Chdir after SMB_VFS_DISCONNECT; (bso#1115). + pam_winbind: fix warn_pwd_expire implementation; (bso#9056). + nsswitch: Fix soname of linux nss_*.so.2 modules; (bso#9299). + Make 'profiles' work again; (bso#9629). + s3:smb2_server: protect against integer wrap with "smb2 max credits = 65535"; (bso#9702). + Make validate_ldb of String(Generalized-Time) accept millisecond format ".000Z"; (bso#9810). + Use -R linker flag on Solaris, not -rpath; (bso#10112). + vfs: Add glusterfs manpage; (bso#10240). + Make 'smbclient' use cached creds; (bso#10279). + pdb: Fix build issues with shared modules; (bso#10355). + s4-dns: Add support for BIND 9.10; (bso#10620). + idmap: Return the correct id type to *id_to_sid methods; (bso#10720). + printing/cups: Pack requested-attributes with IPP_TAG_KEYWORD; (bso#10808). + Don't build vfs_snapper on FreeBSD; (bso#10834). + nss_winbind: Add getgroupmembership for FreeBSD; (bso#10835). + idmap_rfc2307: Fix a crash after connection problem to DC; (bso#10837). + s3: smb2cli: query info return length check was reversed; (bso#10848). + s3: lib, s3: modules: Fix compilation on Solaris; (bso#10849). + lib: uid_wrapper: Fix setgroups and syscall detection on a system without native uid_wrapper library; (bso#10851). + winbind3: Fix pwent variable substitution; (bso#10852). + Improve samba-regedit; (bso#10859). + registry: Don't leave dangling transactions; (bso#10860). + Fix build of socket_wrapper on systems without SO_PROTOCOL; (bso#10861). + build: Do not install 'texpect' binary anymore; (bso#10862). + Fix testparm to show hidden share defaults; (bso#10864). + libcli/smb: Fix smb2cli_validate_negotiate_info with min=PROTOCOL_NT1 max=PROTOCOL_SMB2_02; (bso#10866). + Integrate CTDB into top-level Samba build; (bso#10892). + samba-tool group add: Add option '--nis-domain' and '--gid'; (bso#10895). + s3-nmbd: Fix netbios name truncation; (bso#10896). + spoolss: Fix handling of bad EnumJobs levels; (bso#10898). + Fix smbclient loops doing a directory listing against Mac OS X 10 server with a non-wildcard path; (bso#10904). + Fix print job enumeration; (bso#10905); (bnc#898031). + samba-tool: Create NIS enabled users and unixHomeDirectory attribute; (bso#10909). + Add support for SMB2 leases; (bso#10911). + btrfs: Don't leak opened directory handle; (bso#10918). + s3: nmbd: Ensure NetBIOS names are only 15 characters stored; (bso#10920). + s3:smbd: Fix file corruption using "write cache size != 0"; (bso#10921). + pdb_tdb: Fix a TALLOC/SAFE_FREE mixup; (bso#10932). + s3-keytab: fix keytab array NULL termination; (bso#10933). + s3:passdb: fix logic in pdb_set_pw_history(); (bso#10940). + Cleanup add_string_to_array and usage; (bso#10942). + dbwrap_ctdb: Pass on mutex flags to tdb_open; (bso#10942). + Fix RootDSE search with extended dn control; (bso#10949). + Fix 'samba-tool dns serverinfo ' for IPv6; (bso#10952). + libcli/smb: only force signing of smb2 session setups when binding a new session; (bso#10958). + s3-smbclient: Return success if we listed the shares; (bso#10960). + s3-smbstatus: Fix exit code of profile output; (bso#10961). + socket_wrapper: Add missing prototype check for eventfd; (bso#10965). + libcli: SMB2: Pure SMB2-only negprot fix to make us behave as a Windows client does; (bso#10966). + vfs_streams_xattr: Check stream type; (bso#10971). + s3: smbd: Fix *allocate* calls to follow POSIX error return convention; (bso#10982). + vfs_fruit: Add support for AAPL; (bso#10983). + Fix spoolss IDL response marshalling when returning error without clearing info; (bso#10984). + dsdb-samldb: Check for extended access rights before we allow changes to userAccountControl; (bso#10993); CVE-2014-8143; (boo#914279). + Fix IPv6 support in CTDB; (bso#10996). + ctdb-daemon: Use correct tdb flags when enabling robust mutex support; (bso#11000). + vfs_streams_xattr: Add missing call to SMB_VFS_NEXT_CONNECT; (bso#11005). + s3-util: Fix authentication with long hostnames; (bso#11008). + ctdb-build: Fix build without xsltproc; (bso#11014). + packaging: Include CTDB man pages in the tarball; (bso#11014). + pdb_get_trusteddom_pw() fails with non valid UTF16 random passwords; (bso#11016). + Make Sharepoint search show user documents; (bso#11022). + nss_wrapper: check for nss.h; (bso#11026). + Enable mutexes in gencache_notrans.tdb; (bso#11032). + tdb_wrap: Make mutexes easier to use; (bso#11032). + lib/util: Avoid collision which alread defined consumer DEBUG macro; (bso#11033). + winbind: Retry after SESSION_EXPIRED error in ping-dc; (bso#11034). + s3-libads: Fix a possible segfault in kerberos_fetch_pac(); (bso#11037). + vfs_fruit: Fix base_fsp name conversion; (bso#11039). + vfs_fruit: mmap under FreeBSD needs PROT_READ; (bso#11040). + Fix authentication using Kerberos (not AD); (bso#11044). + net: Fix sam addgroupmem; (bso#11051). + vfs_snapper: Correctly handles multi-byte DBus strings; (bso#11055); (bnc#913238). + cli_connect_nb_send: Don't segfault on host == NULL; (bso#11058). + utils: Fix 'net time' segfault; (bso#11058). + libsmb: Provide authinfo domain for encrypted session referrals; (bso#11059). + s3-pam_smbpass: Fix memory leak in pam_sm_authenticate(); (bso#11066). + vfs_glusterfs: Add comments to the pipe(2) code; (bso#11069). + vfs/glusterfs: Change xattr key to match gluster key; (bso#11069). + vfs_glusterfs: Implement AIO support; (bso#11069). + s3-vfs: Fix developer build of vfs_ceph module; (bso#11070). + s3: netlogon: Ensure we don't call talloc_free on an uninitialized pointer; (bso#11077); CVE-2015-0240; (bnc#917376). + vfs: Add a brief vfs_ceph manpage; (bso#11088). + s3: smbclient: Allinfo leaves the file handle open; (bso#11094). + Fix Win8.1 Credentials Manager issue after KB2992611 on Samba domain; (bso#11097). + debug: Set close-on-exec for the main log file FD; (bso#11100). + s3: smbd: leases - losen paranoia check. Stat opens can grant leases; (bso#11102). + s3: smbd: SMB2 close. If a file has delete on close, store the return info before deleting; (bso#11104). + doc:man:vfs_glusterfs: improve the configuration section; (bso#11117). + snprintf: Try to support %j; (bso#11119). + ctdb-io: Do not use sys_write to write to client sockets; (bso#11124). + doc-xml: Add 'sharesec' reference to 'access based share enum'; (bso#11127).- Update to 4.2.0rc5. + Ensure we don't call talloc_free on an uninitialized pointer; CVE-2015-0240; (bso#11077); (bnc#917376).- Fix usage of freed memory on server exit; (bso#11218); (bnc#919309).- Fix tdb_store_flag_to_ntdb() gcc5 build failure.- Fix vfs_snapper DBus string handling; (bso#11055); (bnc#913238).- Update to 4.1.16. + dsdb-samldb: Check for extended access rights before we allow changes to userAccountControl; (bso#10993); CVE-2014-8143; (boo#914279).- Adjust baselibs.conf due to libpdb0 package rename to libsamba-passdb0.- Fix libsmbclient DFS referral handling. + Reuse connections derived from DFS referrals; (bso#10123); (fate#316512). + Set domain/workgroup based on authentication callback value; (bso#11059).- Update to 4.2.0rc4. - Add libsamba-debug, libsocket-blocking, libsamba-cluster-support, and libhttp to the libs package; (boo#913547). - Rename libpdb packages to libsamba-passdb. - Drop libsmbsharemodes packages.- Enable avahi support on post-12.2 systems.- Update to 4.1.15. + pam_winbind: Fix warn_pwd_expire implementation; (bso#9056). + nsswitch: Fix soname of linux nss_*.so.2 modules; (bso#9299). + Fix profiles tool; (bso#9629). + s3-lib: Do not require a password with --use-ccache; (bso#10279). + s4:dsdb/rootdse: Expand extended dn values with the AS_SYSTEM control; (bso#10949). + s4-rpc: dnsserver: Fix enumeration of IPv4 and IPv6 addresses; (bso#10952). + s3:smb2_server: Allow reauthentication without signing; (bso#10958). + s3-smbclient: Return success if we listed the shares; (bso#10960). + s3-smbstatus: Fix exit code of profile output; (bso#10961). + libcli: SMB2: Pure SMB2-only negprot fix to make us behave as a Windows client does; (bso#10966). + s3: smbd/modules: Fix *allocate* calls to follow POSIX error return convention; (bso#10982). + Fix 'domain join' by adding 'drsuapi.DsBindInfoFallBack' attribute 'supported_extensions'; (bso#11006). + idl:drsuapi: Manage all possible lengths of drsuapi_DsBindInfo; (bso#11006). + winbind: Retry LogonControl RPC in ping-dc after session expiration; (bso#11034).- yast2-samba-client should be able to specify osName and osVer on AD domain join; (bnc#873922).- Lookup FSRVP share snums at runtime rather than storing them persistently; (bnc#908627).- Specify soft dependency for network-online.target in Winbind systemd service file; (bnc#889175).- Fix spoolss error response marshalling; (bso#10984).- Update to 4.1.14. + pidl/wscript: Remove --with-perl-* options; revert buildtools/wafadmin/ Tools/perl.py back to upstream state; (bso#10472). + s4-dns: Add support for BIND 9.10; (bso#10620). + nmbd fails to accept "--piddir" option; (bso#10711). + nss_winbind: Add getgroupmembership for FreeBSD; (bso#10835). + S3: source3/smbd/process.c::srv_send_smb() returns true on the error path; (bso#10880). + vfs_glusterfs: Remove "integer fd" code and store the glfs pointers; (bso#10889). + s3-nmbd: Fix netbios name truncation; (bso#10896). + spoolss: Fix handling of bad EnumJobs levels; (bso#10898). + s3: libsmbclient-smb2. MacOSX 10 SMB2 server doesn't set STATUS_NO_MORE_FILES when handed a non-wildcard path; (bso#10904). + spoolss: Fix jobid in level 3 EnumJobs response; (bso#10905). + s3: nmbd: Ensure NetBIOS names are only 15 characters stored; (bso#10920). + s3:smbd: Fix file corruption using "write cache size != 0"; (bso#10921). + pdb_tdb: Fix a TALLOC/SAFE_FREE mixup; (bso#10932). + s3-keytab: Fix keytab array NULL termination; (bso#10933). + Cleanup add_string_to_array and usage; (bso#10942).- Remove and cleanup shares and registry state associated with externally deleted snaphots exposed as shadow copies; (bnc#876312).- Use the upstream tar ball, as signature verification is now able to handle compressed archives.- Fix leak when closing file descriptor returned from dirfd; (bso#10918).- Fix spoolss EnumJobs and GetJob responses; (bso#10905); (bnc#898031). + Fix handling of bad EnumJobs levels; (bso#10898).- Remove dependency on gpg-offline as signature checking is implemented in the source validator.- Update to 4.1.13. + s3-libnet: Add libnet_join_get_machine_spns(); (bso#9984). + s3-libnet: Make sure we do not overwrite precreated SPNs; (bso#9984). + s3-libads: Add all machine account principals to the keytab; (bso#9985). + s3: winbindd: Old NT Domain code sets struct winbind_domain->alt_name to be NULL. Ensure this is safe with modern AD-DCs; (bso#10717). + Fix unstrcpy; (bso#10735). + pthreadpool: Slightly serialize jobs; (bso#10779). + s3: smbd: streams - Ensure share mode validation ignores internal opens (op_mid == 0); (bso#10797). + s3: smbd:open_file: Open logic fix; Use a more natural check; (bso#10809). + vfs_media_harmony: Fix a crash bug; (bso#10813). + docs: Mention incompatibility between kernel oplocks and streams_xattr; (bso#10814). + nmbd: Send waiting status to systemd; (bso#10816). + libcli: Fix a segfault calling smbXcli_req_set_pending() on NULL; (bso#10817). + nsswitch: Skip groups we were not able to map; (bso#10824). + s3-winbindd: Use correct realm for trusted domains in idmap child; (bso#10826). + s3: nmbd: Ensure the main nmbd process doesn't create zombies; (bso#10830). + s3: lib: Signal handling - ensure smbrun and change password code save and restore existing SIGCHLD handlers; (bso#10831). + idmap_rfc2307: Fix a crash after connection problem to DC; (bso#10837). + s3-winbindd: Do not use domain SID from LookupSids for Sids2UnixIDs call; (bso#10838). + s3: smb2cli: Query info return length check was reversed; (bso#10848). + registry: Don't leave dangling transactions; (bso#10860).- Update to 4.2.0rc2./bin/shlibdcerpc-binding0-32bitlibdcerpc0-32bitlibndr-krb5pac0-32bitlibndr-nbt0-32bitlibndr-standard0-32bitlibndr0-32bitlibndr1-32bitlibndr2-32bitlibnetapi0-32bitlibsamba-credentials0-32bitlibsamba-credentials1-32bitlibsamba-errors0-32bitlibsamba-hostconfig0-32bitlibsamba-passdb0-32bitlibsamba-util0-32bitlibsamdb0-32bitlibsmbclient0-32bitlibsmbconf0-32bitlibsmbldap0-32bitlibsmbldap2-32bitlibtevent-util0-32bitlibwbclient0-32bit  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvw4.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d4-150600.3.12.24.19.8+git.404.38b26805d4-150600.3.12.24.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d44.19.8+git.404.38b26805d4libdcerpc-binding.so.0libdcerpc-binding.so.0.0.1libdcerpc-server-core.so.0libdcerpc-server-core.so.0.0.1libdcerpc.so.0libdcerpc.so.0.0.1libndr-krb5pac.so.0libndr-krb5pac.so.0.0.1libndr-nbt.so.0libndr-nbt.so.0.0.1libndr-standard.so.0libndr-standard.so.0.0.1libndr.so.3libndr.so.3.0.1libnetapi.so.1libnetapi.so.1.0.0libsamba-credentials.so.1libsamba-credentials.so.1.0.0libsamba-errors.so.1libsamba-errors.so.1.0.0libsamba-hostconfig.so.0libsamba-hostconfig.so.0.0.1libsamba-passdb.so.0libsamba-passdb.so.0.28.0libsamba-util.so.0libsamba-util.so.0.0.1libsamdb.so.0libsamdb.so.0.0.1libsmbclient.so.0libsmbclient.so.0.7.0libsmbconf.so.0libsmbconf.so.0.0.1libsmbldap.so.2libsmbldap.so.2.1.0libtevent-util.so.0libtevent-util.so.0.0.1libwbclient.so.0libwbclient.so.0.16sambalibCHARSET3-samba4.solibMESSAGING-SEND-samba4.solibMESSAGING-samba4.solibaddns-samba4.solibads-samba4.solibasn1util-samba4.solibauth-samba4.solibauthkrb5-samba4.solibcli-cldap-samba4.solibcli-ldap-common-samba4.solibcli-ldap-samba4.solibcli-nbt-samba4.solibcli-smb-common-samba4.solibcli-spoolss-samba4.solibcliauth-samba4.solibclidns-samba4.solibcluster-samba4.solibcmdline-contexts-samba4.solibcmdline-samba4.solibcommon-auth-samba4.solibdbwrap-samba4.solibdcerpc-pkt-auth-samba4.solibdcerpc-samba-samba4.solibdcerpc-samba4.solibevents-samba4.solibflag-mapping-samba4.solibgenrand-samba4.solibgensec-samba4.solibgpo-samba4.solibgse-samba4.solibhttp-samba4.solibinterfaces-samba4.solibiov-buf-samba4.solibkrb5samba-samba4.solibldbsamba-samba4.soliblibcli-lsa3-samba4.soliblibcli-netlogon3-samba4.soliblibsmb-samba4.solibmessages-dgm-samba4.solibmessages-util-samba4.solibmscat-samba4.solibmsghdr-samba4.solibmsrpc3-samba4.solibndr-samba-samba4.solibndr-samba4.solibnet-keytab-samba4.solibnetif-samba4.solibnpa-tstream-samba4.solibprinting-migrate-samba4.solibregistry-samba4.solibreplace-samba4.solibsamba-cluster-support-samba4.solibsamba-debug-samba4.solibsamba-modules-samba4.solibsamba-security-samba4.solibsamba-sockets-samba4.solibsamba3-util-samba4.solibsamdb-common-samba4.solibsecrets3-samba4.solibserver-id-db-samba4.solibserver-role-samba4.solibsmb-transport-samba4.solibsmbclient-raw-samba4.solibsmbd-base-samba4.solibsmbd-shim-samba4.solibsmbldaphelper-samba4.solibsocket-blocking-samba4.solibstable-sort-samba4.solibsys-rw-samba4.solibtalloc-report-printf-samba4.solibtdb-wrap-samba4.solibtime-basic-samba4.solibtrusts-util-samba4.solibutil-reg-samba4.solibutil-setid-samba4.solibutil-tdb-samba4.sopdbldapsam.sosmbpasswd.sotdbsam.so/usr/lib//usr/lib/samba//usr/lib/samba/pdb/-fomit-frame-pointer -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:37359/SUSE_SLE-15-SP6_Update/b6fb6fd06a0afae1f83ba160476a0246-samba.SUSE_SLE-15-SP6_Updatedrpmxz5x86_64-suse-linux  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=b03bf39df604ee8e34fbf6f050abf0b74437bbb2, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=67907a4889571defc3a6e9d7d0d64ed59e5ae1e3, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=0eb66fe5c59899ebdec0d2cb80a2f09edd4dc2cc, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=6284886434f206b2f78ba5f1eb0582dd1e5c4251, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=728c0652418e66c0eefd3ec5813bb69348c680dc, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=fb0d0c09dc297a5b7293a810a26a02abec6730be, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=fce47901717f4b00bab367a29079ca5016549075, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=a6af325608769dca5db4ab366c3d6edcd8907aad, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=67f34ae2701a6eb72e123a9ed4a27297daa2a345, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=e10ac68b92d75bbec6f986a4146d6bddf5a55544, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=9e1ec8e0e293280e0dd0be3b8f7dd3e0419aa8d5, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=25a4f0819a8914c6052c757d6746a65689d8b698, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=2d591b943b424f5b5de9f903dda21a492493c880, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=f00a736b8fdd1ffa9683b42fde8cba8f9f26b401, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=cfbaea6c9c30cf17bb62b91410354a1de8ec158f, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=b323f5fb7eb37acb39ea6f496676e4a89afcb058, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=55153d44e734b22cc18ddc83095af4792caab431, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=b517b698dd7f964c184de5d500ad0a66df48c628, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=8f1a27b282ff9d216dbc2852581156ddcb90f31a, strippeddirectoryELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=026602046116b9996f83f76c1a5f1bb53e13e96d, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=51e6a341a31083cee57c62b75fafa7ad64f5dc31, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=eac2203cdb79fb9159924c06ce6ab461ab7ea73c, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=fb4b9828b6cf77f3e568ff1335c80ee5c30b9724, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=7ab3bc95c3e2573fce14a8c4723e072afa1cca7b, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=e869e01035bfbabec12298b4545820578439976a, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=0f91d43f131f63e4f77abfb53213f275138531e5, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=cd0dab2a00247bb6ab65708bf6003cd51f5f1903, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=d257827aaabec56fb011c2ffaa1e99fb5c148b06, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=be8974aa63f768cfc3b424453c9f67cafd7999ee, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=ba1074bdb918aab8d86bb0ea2938441278dd2d31, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=b2a30eb2867b01bf1b4b2de85ffafc293560ed76, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=58195824ca00a55b6a02c80f19c5e7f19f8e5c20, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=006ffe640bce84b080a18d4f9475f586c84b2987, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=6d0ee6927c9f97f1d0ee14ba26ad5e70dd1e2144, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=965f314294d6e7777d989b1f49511a44892165d7, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=66ab8da09f7e0ed8cf5cbab68ec8355bedcf7a36, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=5c75f249f0e05776ea965f35ccddbaa312f82f91, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=09a2809fcc86b718bb3c6a489d45cebc964b335f, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=8e36035f56207b75a48f2f5cb34f5332ed6cd846, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=d7dab8350cf4ad4e8f86414779ef39cd0d86a799, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=9a262c3d6041d5d42d30b8456544df424f091181, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=adfd9d357ed4e7c2cc04c35c28ca08d750dcb95a, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=f2a45cafcd040bf465e9daa57923d99518803e62, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=a1ccd9a62ffc44d5486959190fda2f5e8395637f, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=6f6895129917f4b7fbec98c3adccc8a8d834aaed, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=d356d68f344e88776dc1d00edb1c7842444dd1c7, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=f1e9bfeff1227a5b89d587a24f4d8d50c6fbab99, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=58693d4951348e69697b145cb3bba28fe80b4a01, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=2430a7740972812987ce1ae66b1d87bb37e93556, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=676dd48e2f468ad1b220a4e194bf8fa7d842fb0a, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=0773609ae9c68c28475f0c377fc0e2b970a39008, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=4fa141b5a877b38c7c64fd0896c15e7a810fd089, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=6c460a7acab34397003cb3866fbe9abbf72014b6, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=247d49216059f0e884e1571583f165b935268844, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=c808fe77b6f843f714d3b0c9d374b9bdf0e89cbe, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=4c039b32f341f5d377e04ef4536461c307c31759, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=18f235b3f1bafd3c69bd254c9a0108af756ed183, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=24941f0d1747e996b47c0180fe624f882255bfd3, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=e83044e4c3eacde2b0d98403a0ce4db4ead10c54, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=f68ddac862ab5c2d63bee3acc54b213a66118b25, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=13f1b93c4f1aa61e6f2f57a7c8a9545996c0e130, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=41f6b5618539590a8232f8d8ae9ca0acf4c5ae0d, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=a2d1e531546b2c5ffaf22e0d3e0c14079015c689, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=73cd42655083d028519878547858cd0bf7dd2905, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=f451d14085888e48c3e49b10e9b74f4a6e83e059, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=7774c11b24d42a5639a75bb763d3e0ca15a4e755, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=fe755d9c2a9987e7d55f41ff31d56f62a4095784, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=b4773fb3974584e1fdcd8c58a4d77f78d29fe8f3, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=2504393f9955b033d7ccd8212ba6f80310bc351a, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=7468d792ab737945dcbd02b6ec0a65811761dfa0, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=28f7824c64e3ee2808cd45276e1aa11432a8fe8f, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=c54caa478da1e908916ae37928615acb4bfbb9d7, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=49a553cf4d934f8d5adee99caddcf9bf203fb2d0, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=0506a5518e59844712b8d1392a78398af0e8c18b, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=d1a674816ac9ab7fd5f19a59a1720cc629d06f9e, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=edee990f275c4d69a88487a871bab65a81b6aeec, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=ddb14b03c343b0bbca4be20337368612d7ade8f2, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=7e262e5c55f9552c3854d851bec85c5f5e79dae2, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=238608eeed077cea3569a9cdd3da905aa1ea0522, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=727e71868c8786f8b5016a8624126f57430b0e00, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=7435c941636220794637d254e985d9ac672040c2, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=3efe1129dd243eaeaf1d7689f57d8bf2fb243f81, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=ed25a4fcf9eba16cd2fd76bbd130f278e9b0b21d, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=71589b369627ce9e1733abe4cf3e6c135a11148f, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=5c19f8a8062a204d0634481c298ca457bf6927a2, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=9069011812dcb85d2842c4f5f41f5b0af1eb7657, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=ad8d2dfc9a4b88cd0791b7c1ad86d84b27d02a18, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=e0f106aacf9bdf5075ec40539b22030f2ae294f9, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=f69babd929642d7241b93108a8113dcb10d9dc6d, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=5a73e3c6231f04c97e815d196420dc81d0d4923b, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=545f0acd3cadd8dd65662f1696e30d5d4af39bb5, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=be97c4291d846bb9280680cb537c0629265263c5, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=1b7dd6594195611314bd9d3b6b9d7e1d2e6e0c9e, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=6dee6fc44258d5d9dfd51b0d1c918c50b582cdf4, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=07d4c616867966e7b348344f491cb56fd0c96155, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=7a1292d159e852618c398e0f127d8dc640a6804d, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=3cb530682e42bda8a4f8db57c13562eeb9e7d1d0, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=bbaa48dc3ccf044905f4e05b357f1ffd3a0bd6fc, stripped$NW#W ,=XfzdGh#9LTZi0?F^#);B  7 b i  - Y j p ; @ \ a h q z $*C9E2 I*4Nh+"AK*&3,!&  <+@ 1!;%I##+!5,0   & P+P*RSRRRRRRRRRRRR(R-R,R0RRRRRRRRRRRRRRRRRRRP4P3RSRRRRKRRRRRRR+R(R-RRRRRIRURRRRRRJRHRRRRTRRRRRRRRRRP6P5RRRKRRR6R>RSR2RRMRR`RRRRRR:RRRRRRRRURRRRR,R0R-RRRIRRJRHRRRRR9RRRR=RRRR_RTRLRR1RRRRRR5RRRP_P^RRRRRR-RR(RRRRRRRRRRRRRRRRRRPbPaRRRR(R-R%RRRRRRRRRRRRPiPhRRRR-RRRRRRRRRRRRRRRRRRPlPmPmPnPnPoPoPpPpPqPqPrPrPsPsPtPtPuPuPvPvPwPwPxPxPyPyPzPzP{P{P|P|P}P}P~P~PPkRSRRRR0RR-RR(RRRRRRRRRRPPRRR\RWRYRSRQRR RRR}RRR>RRRRRRR:RMR{RR,R(R-RRRRRRRRRRR|RRRR RRRRLRRRR=RzRRPRR~RRR[RRRRRR9RRVRPPRSRRRWRyRRRGRRRRR^RnRjRRRR>RR,R-R(RRRhRRRxRFRRRRiRRRRR=RRRRgRCRR]RVRmRPPRRRRR-R(RRRPPRSRRRRRRRWRRRR-R,R%R(RRRRRRRRRRRVRPPPPPPPPPPPPPPPPPRRRRRRRSRRRRR>RRRRRRRRGR0R,R-R(RRRRRRRRRRRRR=RRRRFRRRRRRRRRRRRRRRRPPRRSRRRRRRRRRRWRRRR-R$R,R R%R0R*R&RR+R(R)RRRRRRRRRRVRRRRPPRSR4R^R>RRRGRRRjRRR(R-RRRRRnRRRRBRhRRRyRRRxRRRiRRRRRR3R=RFRRRRARgRR]RmRRPPPPPPPPPPPPPPPPPPPPPPPPPRRRMR{RRSRRRRRRRRRR:RRR0R-R(R,RRRR\RRRRRR~RzRRRRRRR[R9RLRRRRRRRRRRRRPPRRRRdRSRRRRRRRRR RRRRRRRRRRRRRRbR RRRRRRRRRRRRGRRRRRR+RR!R'R-R$R,R R0R%R*R"R(R.RRRRRRRR RRRRFRRRRRRRcRRRaRRRRRRRRRRRRR RRlRRRRkRRPPPPPPPRSRRRRRRRRRR-RRRRRRRRRRlRkRRRPPRRRRR,RR-RR(RRRRRRPPPPPPPPPPPPPPPRR$R&RR-R*R+R(R,RRRPPRSRRRR-RRRRRRRRPPRSRRRR RRRR-RRRRRRRR RRPPRRSRRRRRRIRRRRRRRRRRRRR-RRRRRRRRRRRHRRRRRRRRRRPPRSR^R@RRRRRRRRRRRRR(R-R%RRRRR?RRRRRRRRR]RP PR2RRSRRR RjRRRRRhRRRRRURRRR\RRRR4R RR0R-R,RRR(RR1R~RRRRRRiR RRRR3RR[RTRRRRRRRRRlRgRCRRkRP P RSRRRR%RR-RRRRRRRRRP P RR}RRSR{R\RRRRRRERRR>RRRURRRRRRRRRRRRR,RR-R%RRRRRRRR|RRDR=RzRRRRRRRRRRRTRRRRRR[RRRRRRRRRRRPPRSRfRRRRERRRjRRRRRR^RRhRR-RRWRRDRRiRRRRRRRRRgReRCRRR]RVRPPRnRRRRRRRRRRRRRRRRR-RRR4RRRRRRRRRR3RRmRRRPPRR-RRRnRRRRRRRRRRRRRRRRRmRPPRnRRRRR RRRRUR8RRRRRRRRRRR-R,R+RRR4RRR RR7RRTRR3RRRRRRRRRRRRmRPPRRRRRRRRRRRR,R-RRRRRRRRRRRRPPRdRSRRRRRRRXRWRRRRRRRRRURRRR-R(RRRRRRTRRcRRRRRRRRRRVRPPRURRRRRRRMRRRR-RR,RRRRRTRLRRRRRRRRRRRPPRSRRRRRRWRRRRRRGRRR,RR(R-RRRRRFRRRRRRRRRRRRVRPPRRSRRRRRRRRRR-RRRRRRRRRRRRRP!P RRGRRRR-RRRFRRP#P"RRRRRRRP%P$RRRRRRSRRRR+RR-R(RRRRRRRRRRRRP'P&RRRRRRRRRRR(R-RRRRRRRRRRRRRP)P(RSRRRRRRRR*RR-RRRRRRRRRRRRRRRRRRRRP.P-RR-RRRIRRURRTRHRRRRP0P/RRRR-RRRRRRIRRRRHRRRRRRP2P1RRRRR-RRRRRIRRRHRRRRP9P8RRRRRRP;P:RRRRP=PRERRSRRRRRR^RRRjRRRRRRRRRRWR(R-RRRRR>RRRRRRRRRRRRRRRR=RRDRiRRRRRCRRR]RVRRPAP@RRRRRRRR\RRRRR RRRRR,R-R R*R(RRRRRRR RRRRRR~RR[R RRRPCPBRSRRRRRRRRRRRRRR RUR^RR2RjRR8RRRRR-R R,RR0R(RRhRRRRRiR RRRRTRR1RRRRRRRRRR7RlRgRCRRR]RPEPDR@RRRURRRRRRRRRRR-R,RRRTR?RRRRRRRRRRPGPFRRRR,R%RRR-RRRRRPIPHRRRRRPKPJRSRRRRRfRR-R(RRhR^RRRRRRR]RgReRCRPMPLRSRRRRRRRRRRRRsRrRuRwRoRtRnRRRRRR0RR-R,R%R(RRRRRRRRRRRRRRRRRmRPOPNRR-RRRRRRRMRRLRRRRRRPQPPRRSRRRR>RRRRRR:R-RRRRRRRR=RRRRRRRRR9RRPSPRRjRWRSRRRRRRRRRR>RRRURR,R-RRRR\RRRRRRRR:RRRR[RiRR9RRRTRR=RRRRRRRRRRRCRRRVRPUPTRSRRRRRRRRRRRRdR R$R+R)R,RR-RR&RR(RRRRRRRRcRRRRPWPVRRRRPYPXRRRRWRRR-R*RRRRRRRVRP[PZRRRdRcRP]P\RRRERRR\RSRRRRGRRRRRRRRRR>RRRRRRR:RUR,R-R(RRRRRIRMRRRRHR~RFRRR[RRRRR=RRRRRTRLRRRR9RRRRRRRDRRRPePdRR-R,R0RRRRRRRRRRRRRRRRRRRRRRRPgPfRRR(R-RRRRRRRRRRRRRRRRRRRRRRRRRRRRRPPRSRRR-RRRjR\RRRRhRiRRR[RRRRRRgRCRPPRR,RR-RRRRRRbRaRRRRRRPPRSRRRRRRRRRRRRR-RRRRRRRRRRRRRRPPRR RRRRRRRWRRURRRRRRRRRRR:RR,R-R(RRRRRRRRRRR9RRRTRRR=RRRRRVRRPPRR RR>RRERjRRRRdRR{RRRRR\RRURRRRZRWRRRRRRRRRRRRRRRR(R,R-R0RRRRRR=RRRRRRRRRRRRlRkRRRSRRRRRRRRR,R-R$R*R%RR(RRRRRRRRRRRRRRRRSRRRRRRRRRRRGR,RR-R0RRRFRRRRRRRRRRRRRutf-80fb2215ad5100ef1ecaf03b139b4d5a62a901c23ce6cb4eebaaea7426a880110?7zXZ !t/]"k&Vhv,y4e ݹՌ?&븝2hEπ AܨvFJϏcE]RLK\i(ʼn+\TZ=Z*a E_#,E%w/"Diz9d%y~'z=ѠifG"b-t͟+-я쫡Ciu0aA`*E+R+.F|yl& $?k!}Q:a mDgg>ɏ*$Dp7jd4ɮ]%eڤQzH~C俘e+ڍ3.~ ߰^$*8ZS҄XD(*lEPU^W5g=i<{=*" \|qY5EzR2%2G,ེwӟE)#7pHͭd-D2roa2.GGz|anCRA6W2U@hPyZWe]#0_WA]}izyUb?qtl (ojFD@dvʼg*(:ܬ@ye_됨K@{8nP;1 _Eqj*5/`whS:tZ[I=&S}8.z<6B SX р)U8 ?hp[g|օst!RwI0h 67 'BڇC%HU$bL3ArWU_/Ny[o5ReI뇨A ?n `-:ue_U?Hm15msy˔a@c1P^3aXƌBHOG0UTPq\95ru,gG@" GB¢VGO0)z .pR8xC-d\ d)%z@}ah"C?~] 1͌jKEE^ȡ |nѣ=4.-_ ڐ;= ϩ;S>2nulF\ G, hvIYL?If{ O;,x[ Y;>n^&L UXN"(~B遝4㽌cu2ɾCtEӚ//~ٸ3- 6QUhbZ6@O @%0i.pmڽZiDsI45ԧXKi65Gi'X0_itbt-! 3X 8NI>ɐӐڂF>Da4ΛGc*H@ b>?]J41RJr覷p_F%G}> [튁-"ˢ#.}Dj`"7Ʃ&E[*']áO%A?R "BmLĻI  +Huϛ߆{_?J03(᫾jFK+S q8 X$ tvwي]iVtdF2TB#(_ yUvKH~L>6 QDڷ[v#*Y@86 4Il$1Ȯo$VziĶ FN'j'/J,h-ܑw $E!lO =8Eؘ%wHB݇H1D5~;3LaH?b*ny)l:SH]vq7hE<6g;Dk={Tgmtֻwq+bYk']mE.{I֧~DV9/&|N:)<]c ;;˹>|); EOğmܣL|i -$%H6Ǽk"$UkbihQƱkW҅c/SzlZ$hMP3pk$oKaV5/2;Gt8jjӭ!5}B: oש1:@:E .f/lH=d_/c=MdɣOu:E ]rC%VGz(WéAHl^؂#AWeHeWEz>&ݡYĿ=s^ґQ8#+M Xs >EԶ('ğD0247HycٰJv@?bߛ K[swQz _f\ &ф@GUp̹HĎbIi&GUP3K>zdԪY 9Q&{AA(>Wɖ` nˮs @v5HIx< !;6})qJ+d&'~rrV,@{:xbW!R| GIo)QLPsEne6kL8kNځOg61 !Bib~yΘTg[%^Z-=PB9A,RZΛ KfF ~\^?rfB5ԨM{ "yEЈ XMy?h2L^pA!C4?݇ǦFf?A &7SzAsscM~q)ʸ-ef; -LQЬAPpZl,&|u@&9We7:0v{VU4m}ER m^y\*\H{):-(A`j;á8@Dl&^cn0uG 8e2ϸle?qo|v[}d@!bʵ40]Kzi_M?%|zZRWvN0PAyc=# wpN`}dA""Zz2vz}>0@W h۶tN]0,ݏA><v+بt\_3/ L !hdsoF3HAr׍\ijTdmE<`yƁNꅂ =!l|)ʕ֨oȂ}^Ց!X,sul3\ʬiϧ{^D] iѝlN}. |N&?I}88CUc#2~N`3E4CA"=Mg͙ܣSڎk,!SY~EXA+c㇁fFAoZ&㎰yWTlؗ+n[<߮ؓJ3YjU6Чt̛K慞^kT\qL3/V XJ ߞcسGQ"m,S5o?"H7zU 9+|@5y<f\@9~{EfsvwDqzY ?O,ɹ (#޺:ߔ2wc?<-i"JuY. k-<(N-'uE@U%^0f;jrX6ʑ3Ϸ*G Qv/:jCK{.WTc!CAoڌEYUa?6gbT7 tLWt`ܧZ=mC.X"KSKA݁ğo, C]2r?bM+9j2 5~-5KcZT L2Z]/!8 $$dy5޷rQ"d^Jxdq,iJ게aԎbȢe5-} `e͟jLL^ qC|:8ߔl!w=11aǂ)HcJ@q]bүZ?ƝER,6zS7L A8E^O(2~(mdr-{Iu೹B0 (>Y.ꗊW- Fp2&Ub+ƵG#$ z5tT^ӻ+YB8s [aoY NyeE"-7%g^OIjW%`j>hnY9`PLP=>2<5WJ(ᔙx{lfQP>FgL9Tl<&;5xu1\ ^黉O$:hiW>%'3hK#Plp{Ita؀oʇ;ju]|(9ЗKi>H*5KfDM؉q;4bdv)gsg`}G5Rդs; {r/c,06:OAӤ>SNqݩ-*hB~}gy|vmŁgYi"68*.#y=nHG)-?Y()ZUȇ_`p f6MUMFGY2 cf ܟZr4TEo><~BqWޓH&mz~- SoV-ū'b2fD T& sWy>VPz ڙBQ[>{F*d߂1-A&LLǶB;("h6 kǾ %5|=q˭nɧWN<8eMI:3@Ueǒ(D".^u r{yIx;m5&[0E yDžږYq`ptD/t)(=)zcu.قˇVK<ȁeJ3OleG]<(H8]ũ;'P;aP.ѹlb"_Ex &";/2.?`J,ZFyB&o!V~Ÿb3v~Zys3\Y׼[>cw0IQ,y8F0 {uyqe4loIև=#tAqcdj:D>ѵ?$lJQ+ sE*%l9p>U^yaPc(MQ׶~Z6C8咶BHQ[Rm-!W66k\"߶"a#RD*)^*羻Tv5E Zic{z\W/"_R(~QP'+[ʍ`{EM'n3ǣ88.IND:0Xi 8==[yRX`?}P tm e(rdxCq /ƣpTah]̰b~0RcIRcg_onEYJ}.~`_LWXVwʯ {gc}-_Ru VtH螈,8=?ghG>6%v>L`S%D/yMwx+{5assƒ 'hיɢT@vO՛<%5?X7M:-"z;>UnR k>WϾɓJGZ{&WZWW]wZ$7!E7tBOp  />I%p@GJbC6rtƉpaMy)pi)N=,}ZpT@qvzӞ KYp|Do&Lyǃ ^{cfJd%O'cNmY}>Zj|;SWfƞjR٫$S̄0iǬjZwV(+L-ԓ3ɯ{fBI<6+1>D }%EO/syQPF>_NڣP5X.%Hu8 ɩG~ʈ|[$7ZXԩ) V?^w?wH½͝r}b\0`s{r@NRNTt|K -+Sc{wb*!iK6lUhZGxخv@iƦ{E=WXy·k;Ջ*aAa27-cHsE2cfH3βliwiA m[9E-F Df.b EoQy,@N+`[obןy̩]\u(^(bQgݰxc>h9cA*(ޡU5{Lav!/eHaQBT@ledrRl9!:jw4ӶĒe!쏜ϥw 5xjej׷%KZx[bf(ޘ,t/aaIJqDD,wFQI2ޙ[RbWʌ;$GqTҌ`p ӭBRبݢfl;!B|.]NfCJ 0qԅKmRܘV^݆Vcʪ^U*yefv}@*g!T4eXt" BvZ` ?E, -Y{Vj͊fN?7H8G ~5]H)=n:Hzi^R2nA<7:.Y u2 R3}gnjƄj 9=jt2GHS']b,uӐWٻ'/PsjGΆ l5^5jg091E E f 13? Ҿ?"X_Lys9 eW "LW=8í'$E.8lLPs?|z$} ,X32;[xUڗ6SSڲ $n~)S݌ uMr:tј7}n"gYPGA|_Fo@թ`rm#0Sa$;{[AaߢeS;U`|'6Lqzu ̀ll?kQ\[syhKF)jb2GҪ;tj#gz#C5egNW%؈|B'{b1:XRLsgC\)<̒cWG/,]95=I)*o8?p 3wa/.gkQVC㒒C9` 7M:35f*2da4DXkCSCv%wE_. Ղbx-v*Y FlR*?`IulWm\V~`u'E҂H ƶBaFfڐ+}ǨqP6OlCCYP.>%[ Й4iJ| 3oz1Ɋ34}]º{<"@+0͐ P rQFhynT&5UʃnbݔBkX;aa\R HNv% i^Zx QJ@]y` bn˼#\B?ǵIT,o2++'제6s+"f&9΁c}@1,NvogiB]%,9b5g[t8>%y9*3l&sÖwF]uɅ@)X6vi/lS-2촎LMԙ!6RQ$C*&ǟ͕S:R]oP)^3R$ uŸO'$NG (V֒)vqCbv5Vh3 n+?iESaƈU ԧÙ,?Us)Q2NIS({&nj*5>63K)Lu_<%so1G RYl@d>moWZ"So[8\m&Y,=MC*fkܶ)ѪUp ww>Cь`w.=-XEUwԾ?BqA|HHk_#s Zd!gHgS#/aBN4QPk]ɱyi+LY:KhdP.ÖC h EM:隼[7̃Jm[0؉,V,=oOr cGx=|TPL)J+PArfYi(CD Tb^;ORK僚9HjS?YZ=ٙ3mڽ[UrU5l[7YO:4@ ǜp{S/=1/z^ՀuBEieúZPR ZM^.9_X@ZʄR@\]5)HU&9X}wMAi0ڛBd5ίwxw"+(_:2b(+XyW6zKniys{MM"r٠\0rÏ06zkGgߡ7Xq1/F;B`c9 .jJil0aWњs {̽%S#U AcY?~ZEN;B= Yt {0:=SywQp EJE$=~XA;X'TެyǼW(h7w…*WZ Ћ`&lCo\&jwrpl7s^w C?,]/5SmA4pUnkԡK1^ݥM6tKܖ]Œ6vO^[;Z2 mwnDO*g V'MN@Ys0z7J&*~϶]Er=!RW)h_yyojɷ'it @94t?C{};CMV1hyoO~ KJI#ʺpM0ukױKYrLkFkMp~ţQ1l4k_ '}>-JHIQmċc€xF"voH8MwQ35B"E=zŮVT@ @eXdq-͎hK,  Ųְ.%#uEr6]U_\lRJsXֶ(=ڥ\BoE̥2 ,8p$6DhsQ#;0Xп<ȏqxyL#:ou)nu`mf̓ODM\/O.wT2 vN5˼l?vyq@0$e :W Se52Q#-/Fvntn7;-nK3Eu/n)JxOSFFm6:?Uy.,znE=^LOӏ;wt(frwQi%7G*\Xl 2u EW Bi`^-Ic+M$=0㷑jq/|rjIꯎbw{_d 7X.MYjX;\Nig3R6[twϸs58&(C Sg3#4-<=rTr/A  `W*.DhtƯ*(=(#vPpGUh۶]/0hHȄbFv^|2Boh]A Ham=pGd`A]xzTz3S#DL:!= mIf Q"IG}5FhS{a]7xE3a/:*y{x]35"Y=-].gߣr,ͼJ\4gPW(=z$;?>Î}Um۹'uUJ` ٚ$! r&PI&I&22s(evLKEn9^MK.\ h>F8,=Fpn$2!ׂy|CĠ>WI*"JD;QJN+kmK9\'q?OAf(c:u PvGȖ+~jcE8U%Ӏi|*V>YXQt꜡*s1K|84E9L*x$_d ZtSvOc+ctZr#{[?,LV[wS5Li~a6Q {*(?3c2}3$oHv=aA^,oHȽ<⛎y$b@c' g:.{+6BbףT:R0(lDL)`=uKi}r +vE E*PrYE~,C4"2Յ,)0H\ aX#rߘ&w՘\G $]B1QH3ذ j⭪3zt+(! M$Tg0:ĄO'̝udPkrҠ̻IS _ -HxmcWmkC2oGޠ~ȧ^řY¿ιQwNlOޤ\T]a<32߯MItoO`#^ef8uhI>otmkGt9]M\:^e'+&_j)@L-Ôks#)<84 Jn1'bY M@l)D v_ji"D\Kq5edCgUx~S[A!AZZ'1D^xS(9r9SƝ &jdEP01ڄNָ؃W-LM1XVcTす,`[ 6L) K1G&ø$(%L+چEW7\뺙jEJ 4޺ _%HӣFvtauՕ{rWz âlu$] Hf0\:0 u#LmhDPS慛DnLD'O4B^Ao't-LfO6]&,)KL6w;M!CRjk-$,25ug#^՟|Ǚw*mUf䢧he] "P?`d[vjw?rC/i؀cdyw>)+_xCe:k^`x'X.#`JMD5=@rmKԟt;__\2D7HyEA /|KZ dM'dckK*F\Q'vHfiȿJVL&B~>on*%+(g‰;~Xvs> G~;Ɋ7;Kfh1U)/8B IU׋jXI~!j~&uaf:'!pLhql["3̧EziNĠ%l y8T3c*N 6t+ҲGñMUlsOOH`sjMD0;[n'-uKMl mZXv")RnoNnuY kE?>B 덁Lnۢ{"U:vYiaQP[2yDZ T'R'ϽCl%FQqFb|jב3h{(Um_ێS~['q;1a !c}ܙ,;Hz"eLc>">\(@pEt{0y%G,CXK#1'=/Vy^x)UnJURí }M5qZǗ2+Ed pYtc+^鄐zxɾ^v1 C~:խ.Q0'y2O7*4iƲCE5 +NLo`whHobm𤶑 rf]}!m8 Ը~J}eoߕ|hY5i)hɧC )qm} nk6;oS= !U.pEoo%Л͢176f^3'_X-.B[ˡ@p]5 ^3 u}ɷzS]r/]N; V4 k9~gU9U=$52:pW'½6vm$E=%ZT5-FŅK>$_*hX#eeÝH7^_`шWto=1uNb`= 3tmM)2B|WyŽ_O~b85}|t2,lJBhlZcbV.$u,NJ}OC]tV2"IcpRmi(@BJ )YcZ\N|% <hO;箫sP-8U &/E a+.8_@HۦNq47Fѣ] {Q_+`|Qt~q'a]Z(f?jh࣫--F\A|RCwiY,.ETH6˚ozT'>3x2[b'm(G=dM.$ Bv4 v+nbRrmhM:=:c*ƻyS[i \a*[r7 8{!2sW Z7vDqVF,9e&Z2$:4I霏oLe%)Ȕ=tk%D'nR'A>nnyvPvB;@I{IJ(R"ZZ%nۃjk"IpQiDP _uLa]yÔVT0RyGB,|E}o;&ĎL\7,upV 9ɞͷ4!fc<~;-GBP|4ގ)f_dw!e6(ZGU9xQko¢4KgK_E@9)`xs#4r1vT{ g~6ZKRGfu3qB-9j0gε&ץ֨+~h54ByZβn;w%nN7!5r[;7:!:q$IVh4y5oCƀYq L\tᦻm'͝gbkl]`Шf]{aCxgZHT$.>fKH UGܫpJ=vAn;CB(9&~GnQgf,gXY#pa{ *w7C"(DyV xrܳe-,ct0b>6ж0WA]6C64ҎQ`Єʤuf~:)\/S!`>cϩ@qC{o$CF3$#7XCy &Ȍ -ENqM;peZxVo! `qGgs״w6XD.('%pI\H3Zn/ZLXWeFP?Ca ]#믻 0#bU.ƿSILYL; ({mt).=Vl0G-΄DPI_@]6vYZ<BGRR `d<.1xRUR`>޾Ô"88mR!NQMsGUGJw:\q.g30t} p_\;4j[BJ(ed^-XMhk8ѿЙ+D$sD%$У[d%_:ž BeMaq/]+R[d޼r7p09k8 n<s&!M:@m܃cVODx- {O!أb)3Xq83yj,aE7bڊnsV'~\/1k)\UK|[Q}m ;oJm<9g~&m<)9 NQV#ry:aHKO0xӕ3 ̌?5봊2# e!h; % K:Xa~s|bmb32h6ޏlCɂZ9D p6'{ªBaci/:}`Ux.&.@vw{6T"&fV:,1ݽ}n%v;~ܵr9f`#W^HIQBV@[^cT<?]:lT qDէz"Ci7F7Rb}j[ ְܩݴ6y8H b0qRDxQ4o{~ND14B}[9N|rXvCgǩd_EYjad3(?uǥ:d{UTߝSfn^NGf\t~-}3>B vਫATjuV+5wLtPŏ$Zҫ9}h hOaETn/[Qخr[JB YHWmb:{MzLPvovBϣ{u=;0ͫqj3&B?oo?mT{Xu`ƸqgjiuW~+ଡy&Is=p:ޱC 'AAbhnB:¿Mz1hA~~2wp)j, ޢ .Aa}^5TިhgPˮr1'D QoYSO7ǷPf+^6/4Ì^+<} P1n1Y./S چ {Pbح}R?a- qHS-ki|BCOcWx0.?3.K`4Q輲]VCo5ERW zhՐ`i@M3HFAQEI؄{AdBEwޭ-w:"ʔ.AQGG`<) ~ -n‡AL 'o*ѓ Z5ӹKzӘL3IufUfw躾Pc§e *OqëB}d[]]=<@hܿjQANw2S\dBSM_ZӘ(zm'[AKTn;l ]L./=R^X.禑}I))AR$S)B9^xi+M'&H9'c5g'Z\7Wx 2')ef' [Y4JHtLVgqGfqA.>8UmFOY Yh!bɟDZ2xJjВp 7ljҋ@CKw{Ђ 0!_ϥJr*OZ 0*|rI<_OkW^"n  }ק XV\/H~#T,'Fhl}-^QTf=R-Durӯ|9q?Zޣ5mla) o,W+"*E>#_mU!t,Z,^-x_ge j}hqa YoڷqT]ˣZzI軵k`h]F4 V퍠߻Q(8e??ZCh2D]Y 5TEЭ3.E!lChuED] U.\ȭ b#Er#ק2ԪJYّN)T`*|qUDq<\R\W S6 P}RGn k$z _(8e.;\&nNLj)HL; švZ]p)euC4AOqN[Z0Y ԕ<'7po8LmWDCR;Xtw!#-w"qr D~xLM+At>kwe`0Hc6JK%ێsm^Ft>kA$)c_q 1dKG] d Ð'/8Il?Wԝ!R=YDU2(*z| b./-5h&i'"kwG /k?a7(LH(M>DrL?QP=/pN+I$ kE@Os]aQ[Ƃn*`9%g:l o1Kc Hx4@q*dv^jWU D!t`YOf Yw;n8 5Ϭqâ;u |:@k&sFFG'E+Ɛ8E فt,"4H,_L\U)Uh5E29Pv9~Rh-գX9#/5]=߱A~x  c&bŋ׌>zϛ44{8) J<)~ƟoKTKj=KGiţ')+3.!B~67DBiUunceeV1d3F>*"{f) l!W]"puݏ3REK(I7CĹUza;;뼍5sEd:JAȗ I FސKPC-; hnߍD!CAױO/l(϶p,D|׀5 HX&yMQD90{#[~SO YM + c X"Ο~v 3ݰf&8do&S {ish6^:0Xf9D軡KNXuQD{ gZرdʣ)Wv7@lVzcOt'N$%dUD EJinn=`u651zmhʂ#heWW;/>t|D>!dY?n»]3HL)IslE11#(r&8xB+܎j #i*,U`7&y J}xDݩ-504|hMGj*hhY$L4N]ɟ}P[qi8n2W2d_oISe ۨ.O@dD /rqauKA:9 A9GS a\.RT0r.pQx1˕?s]$C޹/1eVnif;RHm] L8O[[t ՠ$̦ G2, OmNR0&O͋zEMuW.z=:PO1CH"ytX| o ש1bxQ*Za9ux`Nⱌ^ȥ|wrQ[ |p$5ECć}*J{1CTWE)ϐ5>Prr,#6#1eHB?!)Ea6U͞:P WEPvPnI 4x8k":\bE1w4NaME떻#Ѿ4'g&RZ[蹬O٥jyh H1IJTy1vzC?яA(?hEcՀǿx™b` B$a+zx L,+e.c_l;Zl2_c*~fpM+H}™.:II>$ 8qs}ڡ7-I},)&lsy5Z1⣽.%DHdv)R4CvTD}o<ċ>un<:]JHP $">:%]%w1wKϹdo밁ҫ#˰WX{O6(W[E9wT\* OgnsN 2hj*f%.XŃ_q9V})ҁ KGq.U^⧸[_j#Yb r;(=a2L,^~c I 22f("˩ mrb%LiXi!XOFg.y8s\8=2X*؀T>*Dr7"nz~ƖY!/fYV>+ 3vTRmcT}WͲ-*+;%$N~.wAUSڠ2ՎȵtZ_d ?Gq@kxMu)=) K˹.ԍzEB˳I }7r<&-g䒌MMdg*tE(kx1kde'y%fJ8{I1$aүwW0/ Aq2wZV\8mXh~_ Ob^-k's~LہO`)]pll./r|@F3?W HO&&Ѹ W3k=O}H&X]iCP̞a#+6[j}n؊;2lYI*%YKnLr%zO\S{nOmTo7,z*>Mo:~J2\ԙLpXi9[.ə|4d # G]|Y+nOq ȥsµa}хTܪgݤHAq_c6t`i0tJz&S*ؗ7A,1̅/G9؎[ eh^@%NgoE#7)6ߘp:n4߆ ?1fflhs?O3V~{4Lṏk 2% $),ٞ~&]f~呄jpzssQWGPHí-R[LCgJRY-ŮԺb7~~ [!w|nbgr $M2-b:2mwHYD.y&|>I -%?&Lؙ+/^/ %$&#=ga૧! Q+P#x)˶!9%b`cp-v^DsƬ,>M>Ǜ. kJXDzgI~y6LuZ|ԛ,-tc1GQ,igaޤ#{֩u`-1-IMʦtp)"FGniIEO7>aYsO&(5pl}ĥ#-Լ-m ɱ^+k%p%BQYA}#X&K=v&lV|]yS%O55x$}=CFKy$("A?J_S.WrddvJ+C/oLqJ"* u"]rx{W6qv30Dp{e!Ut5ځK&f*'WwyaY¹Eeآw@Kpe!veS)gC8㮇h 8B25۰n.*獯ioVMS j(89ܱ6.P˿q=r =Lh u9%(Xr"_օ;H _&WGM@M'g{kgPھ)}F/#$s9 ,ՠ6Pd_Boqk'Oaϧ wb̾UXie li}–`Gt=̂ ~NljQ%.WoV6( 6KvBq?!jdpx}~C)oyr R7Y.@fc{xe) K(Cu#ruU>5%abgt&]`lə]8ddg.{s:|a^=;4H)x2_k]~QC{i^BRf gR+d"3YrEq-ϯt*gd&v[=[-QԻ_j]65:=8o;njawQ:u,[a2K՗ &]J7cDҵ"?Mn@G~q3e4r :dG-(*}_d#c|wZ5%4яk]Vn,/u7/Z]iC%G"Vg4]F%<,)Il#IK9{.xRG1U[ŠAdj.ol5k=mO=Hzt:ddK25VmIW)~ 5 ZBıC@§9cjd OۉQ'^l7?[uZR;RRObneޫK,|Kz8U^^om OF7Vn60x[|)RמK\Q X`#P{|QNvfr%$^-w~q8;2x1f[gy@S A6L7HNsʞuk)XLJ&6UޭpjLĝ"2k˧վ2zP,_;=(^­g>'.h;!O˚~UxL҉ H*4%رbi)p]&cq1v8:-{D!l *h_.ٔ;ӘF^DdbJFx\"EE2m~.9LrLMoPnѸKX:s A VH2 A3qJ "CTj]٩k2'8GQvOye*Г82UtFDjI7uEfE's!SFģ~&-=׻cepĖf-9Y1@N<L8B7YaYev4f^7o$:zIܠFe)D=^M? ˲-L6aT|;L=Re@7e9b/,Ol!'F@T&H{qqf%f2kٯHeOm+w.Z+yVpzRcF76I@e,Ud~į5VOUtcBʣa@gޖ?6z IڴQP:/ǟENFRSR@ՙ b>'k"x=،Jm%XdʪQRShse4qX D.Xo4i3ɰ滟T"%= .xr [`I@z{{5S{g\; ΂aNH1 eY}73!wyw9"v,$ [\HnP;$GIl ma T7Qrx]/Lx?dP~!G׶ͭ1 v, ~NxmLcjH_2Ւ094t",mW_/8x;Z)=x/Ƃ~Ĵӝ>*B7dbߔV"db7,TJ[`8=o0QGGdDOE;ց]2dZSG:r52'sRՃ,APj^͛뚕ʯt&dltFd?ShlG,4?[Vq >.@nR'9 ˖#ven,$fgDM; <.=j|F3`}Ag]j$ `ѠWwBU%=rܤ?vhQQt!8Nkd#O2)zu3 o| 1I/_ߺs:HS`7AO>&tԸpg\gLΔ壸+'s~e:"*2| (Kh[,Q|0%Et@ML/S');an\ϯv!sU35N#tͨ zj`X?pTR5L th=v@sIbdj>}h jF.]4l֢}Rd2͉X.xP>ܦGl8n}/iHԷ3E~y\)8u^(/U`+()FHF_a@fMV'X{5V:9ex=!ߏi"Jٹ9]c$*^[­v1;*C1_4/x^9^_5~Qz`>m@7 vc)nczN{6ϕvBfS]Z36rGEnaUHw_]wPh}bkpg֜kaHOv}^,i-Y[X!}gpkF.mY3ݘ۴ZW:3bɎS+pj4]IA!\"x*aej܍弖|w9>b,b%E1x~k`,PR\m&Ƀs aU VFoh!xcVkpxGM~W ^t̴{jѰk/..4-u+> {vȏq գ(DUy$)y ]>bRѷ< q7aa:y# k qg# H*wgM{Ιߔ\Kէ3Xa7-/QzU$R"|t5+{^H3+ҙ^S~%MºV#8> Fp=:^9UFR~4Y ۱|#z AppMEHcR A((E(,9\jSs{yvT; @pV8V#1y5k0LI@A9!W83ɜⶼ+1_aN20@Z+ug6hjK1[F;%UC]J{RGǀ5ՃY+J*js8 VT@rD! W/SGnGTWz$ z)X"5|M|mmNΤA$W~Fg368u:z s1rճ1: i$鯓\. ZiÝTG̿&)vۯVfr&UޟcSD::WOܾ tIwduɋ}O+FHCw":B qO?JclbJ4"! RT$Prkpʻ% Uw1z1bE$ZUh$$#~ϠtЯxڴɳ4j o¼!  )YWGL,wSS pG%U7pBr3}?A W#K٤-h8FGZ-JCq= Rٚw2A玗ؠP$L]IB6VԗhRq4͙p`*VsN}gIݤ=o$_V.U "/@~R¬rB3>e - yNM˘X,JnFPx=nʾ9FQm8}ǫ%Ү(&GS\#ig== B1Ds:y♱Pm- 灓Ik_WCBѼTG0)w *@D󥽡[[ifY'gI>iDx#d`uƋe n7)L/^Jt "H3֕0 z( dV-QIn禖aOuhkXv e`W%f3)J+;Ԋr5;ҭI’` cL([jBA!\LGߓ nULΕ 5#XZk % ׊XhzК='j)NMoED rZlǽE3>_ߙ>3}wvZP 98GTId*ՈL7.`4 J+S܌s<5m n魀+s Ilhpc|,XuYʮk}< [cg|Al("xP!E i5Pu|V}mE)V/'Amd7qڠ$hE5 {[%)5@9tRgΖ+Y? ݆;@ENG~" 6@CH29˧[toAWKQڲ/J=+K\ZI&I71#WR{! ܆ï`BUo2`fs3PK!{Risq!YSB%E$rᐇ8,vv_&.)ֆ{?Kc{*`bx4dؖ cg@*Sh02!`^" 벎xFz_qx;>nxPcunn^^- {WhxL sѐ=]\}IXe6n^f7O ",VWd *hWD6- ÜI ڴm'\88)ľ_#ʷy)eYX :C%2ܳc :Sm]Vw[W$LoW`9C2o䣧CMovEL8Q_1j3;(vJxe-eK N#5dB OߕP2'*(֪\4>f^lD&=p_)>C@Fwon ~R Ms݌{ypnA q`f|D q2nH1?E"m-'@ nC81[#{_ ``+KRiZusv~%Wz[mH[h^5iGLtT#YHF+db55̰MlgG!6a!jD V wȁPO$Z B<(lA^T_+(i~t4*Oո*.82AKe ^{_K+sbo?_GpCW4rCZ#QZQ[Vmr&+dfJH{Rw)p\P뫃Qx}aأP=sE/!C~ϸacC>!;L}QO& naK+ɟ ~XCa2ѲwbGT(vXKH uE }T7 f_5ȫg60YL{)陓49)"*4:T?#U"3i6`j$qId>ê KÄsw%/r;MbA0REʑ3W-joZ+?ɴ3N B7;>׆a3(L*c19 5\8ViؓFhen`ujZB"o \A*b?Q:kVcdCwe3vp,[ί x\&j3?T1*? ޵_CS$5 ϵi`~C!n{P tn ӃFlԑl~SJ_C`@r$<ڬz{yk{jR1EwGBd_ FJvU|)Dsl&{c$umH.ᚼ3 U!V@Z;9 b}->H9\̚U"/$a9ә#zX_Jw=(wOn>?> %⋊ouj/_¿|ЧS?uddP ^GN`II`D.ãP:|I4 V.xa6gS"] 4!Ts 3ka^Z 3u xޜ??׆zhv[COo'QC-86xi$2wUEHg3Ȓ*$jf .YA{< gNuN R T>gKW'x~I%5֏`4 fK'씖'{)TJRԟI/ܪaz`sJPzzаC|?Mz54{Qz3˦@-a7 ؂ TSN] a|ep &oM=~!fr_Ic4Ns>4hP7 lJqN |@st䝁%7s[hIrLN%mZmmgA.!5K5?r7nB4`&q*FG*v;(o6 E(w d}x_4墘Q4lz`j.AaҡsGy 'w4LHe5wDprR`x>!yGIey (M;g 1b jߛfZ BOP}R;౯,I0i@F|e q]Ŵ8NԊ[D=Y EX-F٦tcbr:!vm݀oih8/ Ĩr}eZqɷums\<YIW @0N\p4kP:5&ﵨJݜ5~`j}~61[16^ּ (0HaP= _ VjrQ8F!B09KڠEҞbt*K{7gGU%fCqs]i҆ -Ґ[jͿ/e)e[}.7rA[taL>E!9Ӎdο߅ AKLÂG2K;2b۵rV5PDEA/iJ28Q?7! uߐwjoj75cؚadKU~-7 ;=Xgqw o~*PQ]J0X@{l6wŰ{ER;a^[lF"^ Ӽ*O=:ZcJ5:;Z&B@fq$D4l2}ZvXRQft^ޯ{Rx`$RzJjq`YBq߸X (ly+tl3N6Z*'cwH[nZC++P?gfQ5 V}vXg=7x;Y,UvU5 z;E/\\kX%u<(UBЏT)40佅lS>tH"[Y̙U&'--kh<*N斔-W >`)=&ZZB*EQGM N(yLTe' 7ķGtz [VQ)AM6G_]V~Rp:  ᔏtY^w 5Wo7{ ʎpɥrw`G>Hb%x{\ !-WքͤhAQ xA_j)AnYȌvx @ݾA{]o^FoFj8me:s5W,\jM&_`HP P(V{厊Oh츒 Un$yS8VQ h{)@d"8MB=TN:F>FV,@S2i*&s&:xB %1@9DWc=w]j C=`0N1 J5k~2ZRlj56pNN̻,S I04; -ރs#Bi9fb[*v =6-@@%yJ \6 4] ~mI/Y ph;_J};5e<&t@6^)266~qU%)pyP]2<˟\KߕJJ~ Y3s"f'q nqzVoхA?lE4tTNt{Ax@L{zϿD剾< [}c5N7. SPt :%j@u+F7Aj")zp}&'2B Os2 U|m<?393V `#.3}#gʜRFյ:T](4dRSWɔ4*;q ,j6F8uytt`zU76jjnOirnJLzrFT W=EԉwcOц?x-~.5\0"CF %A՝!eeImLȲtz`v0C Zjz8T_06?Ћ𺢺O)=t;A~ehlA/,Ŭ-lcwy25s wY[TWlRA.f΀ |;J!%ͣ8UF'wa)!͆\ԐUE\3!};ǽ (Q]C=/T=A|i >L+j<|?ȃYculY CCqI hNwp7}Gf'>>LjWHPQ0-^>0`!]k􅵚 m? պ?Uu͈$/z2N#f@~+.1 UU&8VuهO,HJ0p*0٢AYaƞe3 k9p/|CQ|)PqG٣aI"q0PgToe@qA/[*Bp]?v0x:Z' xu{-2uU?t\'t֕7 x]1k1]>vYߑaWZZ*?hgSJ0hLg˯KU D<+JpH:-[&iVG9msi)^ڤ1HTPo>lƐ<#E#L%QɄxv@43 > !9ۻI}VU8 o@ew:R RO<գگӍ+OG_l +;NH ơ`|8i/5aA#h '4@sT`d o8(;wE`69ƒ3]y Yob*r.k&u& 5S+\OAG.eءLHhz64\GV܏陞hΖP, onvR0JH]͔mt 2zDr98})ؾJ5z3)=pZkF/4)oo{KH7Ⱦd#M< Yꡯ"1H@(ۚǼ,lMJcgIaKU#kVNG)0T (Ъâhݐ]In :A͟ufw.#yFc}C]t1wޓҐ3@ U:Nwj-2v=FӛE%" MjV3Ȧ9^KE/(ȜS/sh^xXuUH4 N \ `#کB@fU bFc,XlТ{0Ms/jXZծBIV QB+9Q}Y6VKvTݹ5ٓ)k?GaBdŒ\[AӟWpWTpj[5MāJLJ`Nzydت|o*$؅=)38kIx6 *Ktʂ\Zg k}Fa2R'BlDAzKEfW8 TިUzlW)3UHH+ѧiVZ@"IMe7cGT`-"YѶ!_X JKp"(u5$ǾX_6} UejA^BbV^}+{e$ κMjb4wGk8HB1B&x[=?:V\ 󘚧ml~պRKƹI}}Č)_O>Ag"8>؂ˏwx}yVQݢjkq&Fd_a\J1¾բ(mw`{\`#Rz7np/E6_\V?Nk aV$KzVZ6=ZgFA0sQ YH)7`wNY$Cd|'T"84ӇP8bgIxE @-?z!E(K&dʑ)a]q"B a³̚[A=4 #u /O^vۚ}<g󐑪\\5gHOFPx>꺻{|1O݈BS~:tQ*2!ڿgdD >;cO*r߆ 7ʢ\)_H3KDY>6Ts&KȮX, 4rDڜEd3;agn+|aEtݙA OopW/]#uχ^#IG 4RX,KDx!ܺ>u۰q"Su?_:%"Ί|bt0!ZZ gW< PE&O-93p[k* )~qUk7^bhMnr[mϒ3LL r}*\RW(]pA@Eiw0 ~6fT8D6݂=qr#Z`} ]b,c,ܦ5wS$u-N) b⪈VStd8sMC,Ћ6Mx/qhwSx/>FgأLQ_P&?f ={IiO2k`OZ^\Ss %xJ&DŒ@s>N/%$6APv:U 0ڻ ȅV ;0ʪU59: XDu,o+\VFV8NH]FP%b,8?N]$)jl*\R8*-ׁbJ2- ݷ+J'7*)V;:%8w3 oYQrNЯ[޾8q -~Qex/o3kR8Cjj[~6QC@ǩgp-%TS7az3IeoZ"In,@x!G'"ƥbSq-S&|H$5ǡ;vGx?S ql佣p1jNv>3}zCgTpQ)Z،QIS6'ļC.v2^`_~.ʰ07M`"F7zh+Kn} B_O_;v )YԲ ]w7عhw(<;WKN]?{B#H;aPASQdCYZ g*akM$Ni}3`{. *z?G5 K- k{.tpNigNJת[`ҝJ|C/kD o[0: C; ])F%97Yʽ|H}*MÇB0;MsHQË羽=E}<p8n:/d1ǃ8MO+I &~TLAIzӖ "s؅h _;YCVkyWhw &E,ZӬSA~#p_rEdW+PyPkO8;;ń%NA rEje,٤vƶA<̎kE_}:4{2 [>&#˾eF7wk0DQM!g\5B[-*-a)Buҗ)jO&o9]]98dž̀e Q1@J 46qG#+ƫ+1aI pժ4JYƤ:%,~߿Pu*nI?/_hdDƫ</O6{moZډJs̚j14,ѻEcjAtQN7"֝񎒳"W=DoDRjFO|y[56B<%Z{*l(iiRKJYN]heXKٹgp$ɜ.W&Bbp 4d\,KSy kNlavξʥA6 uoD:&k(sq:(&_)%\"˩q$Hކ_}&b.sRmNR& .ocB Pu;#7)mnI!.lMbt*>T[NRpWr֓xJ9թU3Q!j q^H^@㸊 CW3^/gyke[5t<$VAjb'~onA)gu.ok]#A B~> /*ayb~i$?Nhz>&2y$}fuWn3>uj込s/j.nYɟ#ElDuLo'lN=Cbo{dw@aO"tO.&0ciؘURl{*YD(ڙ(Y2u++/K@gzXG0 NpPB]oIEmi}Ω26q-H-6gv27Km S9xO6@^LOJ?? ɻ'@xc^݌*W ҦH3!͚(.z Ѹ1] $9 ;lr'0Lţ+%2F5*N)ܥZ[S&DUܿOi-qм _]9QVѾ*Ù zj;4wk/DV~؉j4NmXwgջh-V=8>ڬ2gv@8@pbk=~XH5xe@2jnzs*-Ѳ@n\G}b6-#K1f5R寘˅-a+Beqj& p P$8cH 5Z6ŝz=]5.з$vBYLtq+Q[[%w†&.b}J҈ph)~bGjaƃߧI/Z@լ8ɅU倍r(N^ݞ :y1qij|ԫ 5Q\V=2Yj94jy3zۏFDitiSA T۱y:zQ"\t;$EU)c&bB 6A31x?yl~4ꍆLĒp]"R}zO [Gٹ?? O _H*hNATm7>|dzgb:.lLC#M+Tsyi,Jhp C6K!CtO%: ,Ҷ3@FVZ./"Q^P޹ZWYV;^"j ?#zK P鹴O4im"'\Mcs""hucNT|*.c԰U 8Ёd!"Ȃ1ȳ$9Ϗ?#Bf_"7($ Ҕt@*K<_Kk)~%AG/C~=5=9²{GOU3 rj$$2ivb i.QSV_2M }#b:nF1 3*mŨ)ߘ[dLcPo_OG qy5VX^0sA=<V?u\/ߪ*=qC5g (w n5;N&jgkVpʕ*%Z]!U~k$s"<$Vk zE<!!Kw+~<*q1w6ChPG¶}69=}IvGr&R:u:T42 ) }%i:S{@M(@hs3'+`$1,0v*"7%@cb'O!!)EÇfHڪd7M@1|564 M L,f.9sĬQX4H;?P+NJڪuSXLSCO' _$F:*oUJItvp-,a+POKC1+;̠K`GZ&S@G~XVV6bBn1)+?-m%.olv{1MLx0UIͥ %H '8sEM 5SoG,Ѣ~`6?ԾZCXʚ!t0ґBYmg2v]dR!>o ާ%\7Wx:^*Z~|_:U( L~>,&TWS:$5 E?{>GBfƷ_ IcQZX}K)-qO =53h#{0P, |̮4rYdkVhA${ᒳ iI%c69+;O]ʷcV`aͅy2Kɺi#Yz%E93;QJ"ZW.JT|}v ՛z·ǡF W͆1Mm]r_/c> AKKv*lJc*G2ttrq EW <)@=Z#;>zGӟcAn+W7cxTyRmM8qĢVZ%;Ŷrzqk$Tby*H #NȤoB.:e:]Kx1 &WʧJuG?+/ OF C F}vojjˇSoJ Nf|Zp  d]o#ƑK:D] wW!4k?QCAvD:p%EBm %,9jiaM|!sikWwzrPú:y`5n.)z"&;N("(fg,21me <09u˪3g4)g+.*׌Ow0 2= $-YaÜр.XjTABfV/섀HѪX\ p' @nQN ]=ȇݦS5y%)RNk0NjehhjO{4zs{2M`lcA3H-Hn3nb=[!Aj/r|VfDN$VU%љrDoyT[xm9?ՒKeK([~85Ty+*-fS.[Vhᨩhq:y}~8(LAJp~vRgQ~j&[[K].'6CRIuPɽh_rMs`<:1\}PjlTf~'\" |jÎY}*I멖b dx Iج/2ZDNJQ"a~ڜkxD,Ҋޣ(.y NxpŁrKr#XI.1ksI>rL4:u.O.gQjurYI Bċ2{xVԘ49/bJhsy$XPfAKT`A@Y,iC}1]Z`N-v_}bcA}>OnɄ,ODT|:άtIy /SNQXS#Ӽll&R+lQ Lof3]>p"qPz])U6ζ9(?t <~! t F,;Z\xLJ`("0/74\AvYӭt!-SA ;WnŻI=Hf }osr bB3!-bmC ˉ1JD?"#e fg[ټzUWYw;urVu_.'-r+-dۏr͵s :y &]sztJ\")ÿO7@$ o )/zvߎq;:!%?' cI[/}KwABɕ̲^$}֖sU^{/{R,=)HB 2(oI.37E&M>[fmݘ#Q;>p*>A f5$?$XWC2uJ]=_ƴGSb5NX2eVXwׁ1*IJ#Q@{HoAቑ{s Rjj'3UFJW oO %˫]\TCГ"ƫQFEE!KF1(Seso{0.}y[$%zDh|; D9`>)]]7ApgtBo v]I*^XN~{|-&K8;(lqJdBI"t X#6Ծ_ŻlI$\JW!]!F}, +.zL䋝xmU > WHvEKx)E 6r,؂U='1HoB>-M /,XJ[2QͅnAM| .?($$\;9X47 Qt"|Pbc_>;f~MJ`GYj,.T33P3W - UtTg?Qҕ]{O;P%8aĢ8Źk>he 20og]ͭ$M-'6o4VZyp~ ;ċ5Ocf( V~ at#:O>Z1^DѬVwˣ0Ś G#Pr}Jo&v[u'=Yr} jER(fwYK }8* |cFt?r 43W˸]qg$,?wªj(X8灭',PGThw:D4 ci{poX龏<;Ƚ!1׭EDqp?d,0?G:xs/ɸjTp" (QM(ڄ 1K@g&%ќ. {50EXb{To jvD}T~,w@'(U$R Pm-/ҶW^gbO7DŽ5PUih3ؔT;8h̚w(vjL&ڃn:7AUdp6,b3:*YN'uYmozӕ IڰF0੠1|N/e['X `OEyBfj1҃4TqѭG/)V/5!wF^,- xPw٫eE7ZQ]MgMR2Am VSv lт bP8́x,^؁8q1YrO7Lv[7P'6:Z@6˜MuE3ܮGgiF4LS C##ۣO&ZnQLqeiߩqdXNڊLa@Npk$U4z"E?`Ij#  hG z9^VE^[kXb:5Z^*Ap#}BͶLFdq+1ص$\Lx2ݔ>~p'|0`1AEH8}xW8GUZ-K^j1B0 o]H(^,!usGB aaw7!O.-?6}˭o4Sdu`{Ei~,bi ѬSܠHj Nx4%b–Q&pR'B4HQ"W=qlt4mL~ \OqqB(j⟡/oEGNx(@8@7U#Yj#.Mr^ "sZ '9/ɠFYYk=Tuq/Dbl#oi`C7U]1 FZFpF68^`Jq>CCt|u|r6}Ѓ'Ѧ:?fCY0gTwřX:,"֙UK?gy}uNfIYNeڻЋT^t;Z$di;E0nKZ 09\Ey16EBW l8EWE }U챳^ VV Yrn$dBs K܏c[ ?(mڳd94}, RlU t$-r2{织{h$]Wtn9RL7i͍gjHVV֒ R=B/()&3t[C%7!Yҕ "M/=/,2@XRY,Y2s6`:LJWSc=.2),dLO@jLJ8RS2ʈ6ޝ>2 hBDR% 'QׅO`}śURІ-bЌqsc^GX'r4)70) 8z/zPWAF.q"IB ,9 7s3USJZqХ܁e7 ij*r%A6i?IR,r'-{Hf$DcmI1 24J3Dj# o) 5/'0>(}#yd5lshYg#BKVCyQy@Hz zbH\FxH`E1Eȍ@M@՞O9 dBhʤh/m )-eaHQ;k.JY+3uL|9wD ,bǏ/ LH:]Oj_,$bR'nW9:Ǧ²K?Wu)[|A%CuF  Θr ZCawҿD/і,+fdsmS͒ɸp&>#9SiOsE7X5c(q_5ӵ nEw-Hkn0 QkyFDi" fdÕ${ ."/{-UzWs#[ xcሣ/pZQnGK òyO ץЕYFiw}7i4#0{m|[L:E06iPWJl%c/!Qlpx,ޜ>{Yl tQI8]%{vH'/qs0СBPAAs*/vtQ>ܑG`" ^{h?'\kc绦L׏D}p/Λs Oh漗,(4m#2Dz|RuZ.;B"@3Nhf.wNV^u|w{>dwQ3j_(*CJ>!+hf95+pl?t r#qPA/IY CY(H ؖNG%/^Փ(;,/|O/aER&t2C%Q{:B*F:y&k hH)1(3a@S֜Ʊm>Ч ; V7]u*:N0᪉(H@:[=x_zDf)e;m; $Gsl"b+JAa~c=e_2e}u&w5y#mSl{tcv8}(K -Lp/@),<ѼCPҼ!ZXDDfm tBvV4uקÖ!@k$d5J+:}L9Y8`G|[4Vo3~8/F%ˆo*;\(n1N%>W aKZJ4GnS 'Lxu؜--O'mA0INԢ\A0.gb3{>y]_f h m ZAƳ ]/ԫJ 6#Fg_If}lQ{]VTy}}1`4lGU׺hdzZ]rcЅv0_+hR+_Sw*׀cܚUM$iF(cr/r1z'N!4ƾ7h"> ep(';zhQ R5ako,Ri{ Lԅl&{Ϋdx xoxƗUJ#Nya.'hOܧCpsؖO[_+ 1nPVXԶ4?E#Ѫs$ N尽ܒ[hZb]&W =''lYA=Eq> K CIWdP[l[ AIq_uE-h5^垪lS!U.D:,̷eT쾘^H:mI-!xڀN>tQۛ;ֆ0I*e˜rqsxSz%v'?q^T wSNSZgWy4szA U-̓\g{?퉛X1%`12pEZE]%Tލ~|s eod*H3߄J3b80SުlBjT )k˟in/Db\xbBQy#W!vLtr+$)X4,D \> ދ  G@OX |Zc$ a7mڮ7պKJuI[%lOX g(\YygGky+tKvn]~/ }C^GȂ1`̨CC'g52F}!;ldۊ5g*ck 8>oY 3&X֨TizfM0usYBnpN[$^9WKKgKt ^;X'SK;Rw{X<%s"fiD[9Ք _b,oו Díp"q F-Q2'4cT(B~6̓ZxXPde5$#?`b +TYQAm߄XwY@SeSQ}a@";~7K_ݲ ;ۆ/{Eb."}3> _)@S~k^z Ƕ٘EQbLmYMV0~D B3GDPOfG"^+;]miGA@ b'zm[c$A88#E_ |fgP|Hto9 QzfAx W?OW".oo16G_ݽqE6?q]<ǜh_G~I!H@(J,CIF ! oRc;Q_T 2 -o_~w%(̊o`n s?gMYtvzvO}vu4o6-A/)Q6s' wx* ~uG&=VlTAu)?ҀH1%cRnm8y8fDqOȳ!} E|ӰI R [ @HDB%}8(~H7Cl  .EO:"! 15z~Uңd x[O:`jd|?[_g"u7OTĺjjo{khBi%&~cG@-CHyD$sw˿?D@t+~y؟#"Ih@Gdg yR1y}EVm0!ϣ/ET#ȧ'Oql'Ҩvfi@st)())\S/]RRcݕ5- k'pxX h@:x1|yGr8DB+Ym6Q\FR@ ^^UůD@uk7+"Sq P%T` ii8M Bh+~nݜNk<?cO q3G$3?ƅSGK|G5^#F&gC}*'%Wv~>?AR3ှ|F !6NAzBAHfPj&zјTd!.qGy! 4u]͵~Mfb/2i^W{2)R)s-ՇǣWq H"wJrAL]jN'zNޣ\ $oS'ơ` "&DB"Q  l(PI@Wؾ<['L  xK?ϖ#@ (]"7Md 6!1I\#wƲ3X]7-$>fIR4C8֞j89%X t9Wwf^O㯗p@u28!JIlw"WByH@kYu)vH(a>YY4I6|!)\WK=B86I$/(.> sCW#6PE2]3m<%6(:@'xV1 )M ٷyk=]wEpGQiCAv䣹YPsnHHBWF]lH^$}:)M@eupI$ Tɀ@7=>Mϫh\o@}rz /]Th>I`&WI\n^q E`-2LvCHJ+ jqm #_i[Gk( oœ >'}MG' 6Єx(HAxyDIAHjHZ2-gl$R1 >$\ PZ({F™43M$}Y/Ntuo^gq&g~b~h=+ofNDII"%Ks4מ.o^Au3MAsNjޏ(lQ_zk@  vP]y[2_J.%I)a|LJU!v&V)IEйJVΰ)7MZ1f'84޶ |'%¬bOWT=q/lu3pkmp&2/R:*:!1 gsW' w2MN_7:_u""z""(hsV;~/ߒMp-\=N] W^"iyD %ĝjOt׊BgǦeO2 ! g5Ċ-ٴHE};o(ք;WLN@Tω x,4L`W̆)nW[!ms4`bCQD6' HD"URmñ}n>w>'SS0€_Z31 tB\y?I`\iV t]@UeT۾ɘ6MN%(Q`L!8T9o Ĝvݾx/;_յaFq% #,C1E bFCLzmv}}wŸS-^|zZ/rk6*m lU#h8 qMk[k EJ!cb'6νǞEL}maoh(tE=n,|=$4oN7-3:]``* nLwN(B8w"4T' "k4y5U_S׭3P>BzYqϊo}ƻ m:ꌗ!m !ci$*^"QPqD0HH|o0?Rh)T:(V4jE[U/v@Ĵ[b`2UJVHPẺh8P2k$D!b.6PBa!QDT1G1AQdR(!tjWe EQ[/( Lm+{l#BfA3 (ةdAUjڴ_C[A("*@n"a֠*ARHDQKtd2* uRXS Z\T Z.( !"d dQ @E Z*cWPB)t-3*A.N#ve7I(!iDU !EBzBMA|p|A $**㈊A.I< i TDD@7򉜎 U@gž* h&D 1 ȄtTTT.بoʗU()k鴐\JBf@_s (99 2aJ1ʁ(mR*]Qd0aB@ h@}PjA*Z@LwHMABt(6@\b ̊]]CtP(*E] UUFE@8j/@ΚP S(h7q *) 2_u-5cX,(dB~8E0 V[LUo"ngF"c Q(FVr(6bQ 42L\҂@4yΚsN7gCoC.9cB8Z 2T4*P%ԵRUN B }o.ր(5"Oϒ&8b⾌QUTJ q n++(+D J*HUl"T 5D%l`F%U?UEaGIAB\3$M*@jߛvEd1k &9"iKK@Ŵm-4nDCZ%DKTU@z@hɷT 5j( /%@niB$-> 3U74W)h@ThTd E;]Nm !Q-сY}+ 1!m\$(+F bΧ7@/K[h-n̦5P:Bh*6]-e[^b֘@ 4h- Q(3. UT.UVb%/#T]am^ | }js߃?,~tHUlc A \UL9Q EJ RExrUU)H?cI}ip>Q {@ rOc KyA*!Y/6¬TcJj΄g M"[Hi!fa.4JDžsCua_f1/M{NbB}/t!U!~`X*FSl+5g^>o}.tH[/\x}=4m4Zjeo7o(Q" ~IDuB~*P* zqyNoZB})Lc'e֧=,$P,csza)Q+ha‚~}A%jP= \dQgRv^fHx( NZhߢņ$a+,z7]z" DAɚDТW5EW)Pa21Z{ ebÏ=GC=,tꞛ.M"mE$É* Ȥ G5=:v'D (\ 94*1;uM®ݬiiZvQAq?<XOZ"A3Y,c@笾dydVߡzsQEWa0hR \P&U1vpӭ71{r1Wu/w ##3іjQFf qP :X7Y`eɜNZ^.atwS-1iƝ֌xJm{iy[-|'mZNO+IEebڴhp2U7䔡v<fz 0:wZiAZ^e0%)m,PX#m,/bWGޓxe9ɟЮoL:JDA ݣՠ]YVE9fk6E“C:gˣeS^+WwuۤMq!'DґQzjI]7r!xjv:BX ~|,=\Py67_wD,Pqr}dJM*Ɣ   :3&+1p+ioE&T/n@E!!˙k]$tuyYWl=ݣV @!xDSNjvi|Po|9M,[f, !bZ fR[Q\ ܉xNcLCꀐ U(DtvcYrj: .,@ATAzyL0"K6STϡwZ6n+G_QQA@6?ox7V?W;Q A8,jpˆhv[OwbD]|3xZsfq|F#A2.X[0T{X+ .Xe&V/%v '(ʗ2f\@9Lx:MX56z%E](!Dr +Ҩ⸾ xhlH+DTJД**(;>Z *HED=DT6[͐ QQ@U\$".%tԂ4E΂ E-Ew*x(#blwE.kL5l{/"+Pv /#Q1AP]@77@C2@-&:D|MDUѤT*w8CJ*@u5EO> D^ ( AЊPc6|@2Eߠ Fp +8荢 EQ^0R#@B&8y7 Ԉut&#_+~p5`F;r"S}wQUqAn"dMUy ! #23x"&tL$s MJn [QNN 3w;w+R6؀Jx>cgKj>D< n)`s#a&!&k( Ppǵ:7+E1 $HBM~q&(#ݨvxP1wu9X` B q>5AO{;5~wCD(u{xN,m*uk''-6ʳpZQA,!, "K P [ppZ3&R'=HdsũJJ2!*  !M,ȺEaI'(F%d`鄄&H@8 }rp4V'82TrsiAjrZ{-D&҈#p(w)soFhIYgSFEVzIzf& ؒ@ !vAj dQ;U|dwǷZҺq~F2yXʖit^́^K sj$R$P :EPEKU(YY¼$'*^cӨΛ3;4 qˍPȭ+ Ѓ͐%a Y%%'T Ty,YA36l+"(wg~e+>u 8jSq(Vv+JX=` A@(Q: CzYcm}/oT>Rh[ax3h+mգ:[ڐ T+q3ABW/&盖x1"j ;@4(ֲrgL:f}3rA:lh(VL/Z{`zΪZ PP$$J\"@ Ąe7v:4p;Lҕkk:QuSrv27z6l/Pf6.RYVeN1*--]K&B( VQƛ[ji@ p!ݵjߥQoXu8Ŗ|8fӰf]eJێHfvA6j-ܚCMl-F HP7[ÅVzmqjr/48ao +,y X'Z= Z)_sۮ ]j8zu&jy- ҁbx|Y4Vǡ^/>`5j9nDɮ=8tv>O&6 Da;bq352&[leJ].sY@}*VG5x<ˌ5&'qb~; ڇf{ҷ?(.;{^&jgќoVޚvSꙿ]G1)x={=Bv&8[J_Iпg~H:/k/~oݕc'Zo!Ru{X1zn}1iŝ懖~o+,뽟ȝz^lGX-(SpQgzSƉ pQh?u )J vP4{2h hD~YzR+UY1JU5}_ѶQUF I)̀vRҎ'ԕx"_CDdh|,o%Y/5ɧ!~A ]'ۧ/7GP(%ȹn,DiQ$?iy̳j8s޻? 'MlM͸#A!Jlo[Px8.ȃ&Wc~U"[n]ϝ H)tdv@ oB:|?J["ܯ~}Z4zzFR#9CW$׏x#[Edf "?AQ;UCұ=߮Rpy |>\D1 /ӧE ?\|J,\&і]zTV~QV0vd'rxD-v=߯9i8$q]Wupn礆_}M3QFrlfZYOZ";^;Vv7]o2y9VϚp "armHcm ~/vو3#o/(vada@}[u=\7.x+ck:kc*ɐv ^.)]h찂- fAWM6b,VPyLjT[O<=R${o_#xq(+636b";U_%YXߗju3ґٝaݥ\QcqQscfΗQW.Wl~?b3g bM|$K*˰|UO'pa7O*Y<-ev'߷`2y Wa CکꍖOY33'. gil g sQB`J`L}O] ^zxƁ4 ~!8/֭coNOt/>pTŎ~odDЄ'Ϊ}؅y~Kx e8g\1pjٞ8?DiEi(Ac& $0XmeC +J fDУtahxƇ S)1`TnwG\KUL0{Geuv%7%t?8 95dOVpU "4,j<Ȃ;H(P.Ψ,׌~K" MQS,'&lmͨkc LèFTlIP1n&,Y]Y$B:4kPRί:Җa8䭒 K@BT P Bp(DlʠtJ ^*9Q  qeF8后{gWi)I(6d~cK9)w#3?$&ſ2ּ쪒 ay38P(`FeصJUH }H$ I磇MA /)[twdϳib-˹\@-H`3 L$yAֶ'[1 Jȉ-j\H"D*'`(@:jgi+}q,L("()k(xy̛@[_R9i&Fq(@ȡu&2!UNJĻ!LH%s~47TkH8z!CF_H0uU?g??~3t+V* Ӗ]Tj]ːUD.Z)3YD4ICH#UC#-14of}<hDe _++|"5Pҟ(N ڭ0OU5Ligm.".t=\z(/usUR'E9ԊFF f1505MF݆  eş!f{'YҔ7A0$b_I eY2eʢSyeHÅKMJ%TJBh`b[*P*$Tvq+EڷgRe~*7p((i%%Eus3|A@jtvr@oY(zxZ;b-ޅ "38)E+U'Nv<~׹×mƢپ >-j-cÐA6BgCp`Oc;7AAy՝uVnf/Ŀ2Т|qVb6JVeQJH_=a#nwA- oCIH ZE藈sBy6?t֡pev;9CY,״dlq{^QNۗk!еL snwܔq4^ni}暱^&os|M:t-_Lǹ7G}m9Z'7Bs1-+IH' bK9]yc7olZ(ڈ!ۓS7r[ *-޺8g6(K>"_W I~k3_5s(;F}1Ξ>Wf`E+]<|Nov2Cu߯/$]M>~#+㍳]r?Mn+y`^C}qx%;%sn%=ڋf15/Q묱> 5e2~D-[J[c޽|$p]d}],wG+b|ӑ0"xc5d?Th?  rfuN?_kG!θ ?*A+cy|_W~b]=IICgȉ "}yz_V$VD!QQB+{g//9(g~B7ݤSHϿ'N1'| @@me,ȁ0L"ˆ%-U>KpWy=睯2I Vnٌc~?VoU{̂*ުC}]NE7NSgtMy/y(kM .˝?Wԕ>/n0ڿ5}IFndݿ /۰Ox7#zE||O5(?"lh t?ͽt} VcMO~L5ݧ9='`@ )T2$sv!##2Aiwi굻z|/8OK=eEMF|X"A]Z--)|0[VbA%H1eFVey\^ů},˴>APC<8M?]n]@)'S+EHe/p3~`0I? PdEpB֭y] |enS谚Ffݗ+_ig>`~Z8,Euڹ\1Y=<Ebu.dc;yl< [>n#'9s{Y ϯGO {[j5^湪ՆLsti$z^Ft%֦ iY3`!$cvG9QgC[T8:o[{뮖 E73p1L!LB(A%"T`eu$oAt_]%Nfu OqЍP <B)'i^lO'\}H`.H%D$WGe u{L*@"70U碅1ІRT|hؘ@+kBbžD*)ވD@Q1AtbȌTAb!E8")"AD8X'^@E* H_SxZ[0oh `h$?BM$@_Eȧ9-{:Ầtʯg*Nɞ/4KǾ_fߗ_/dÃ`;kOeeg9S^2K#UpܮZςST#Cp>ľ3&v##Ax~>Mpdʾf0(*д.$?*_}ui!-$QPh4 <@yyϘՑyud%_]Cgtϡ$ȍ P`ܡ4ΘhVpF^>ehcO%w|saH<8m)I'x|)5oi!7X?'ܙr{JL}Tq:"ΓLc|*5voRJ/S='pz2x~:]fCBw7 +*}a?Ş3e%[?e>Yؠ#2evu dP ^ jiT*Lsᰝvh NS<"t|N6l S-gdBmU*R(R۾<1\7G+޵]px#MLKV s("!R@>݊귒^7YZd^}a^NX\=FVUs1-lCbQdo~|+}SˇŮWHW*~,DzN'F 7~Dܮ(k}j<٦ܿ5^g{]Ce7 WpgÜEv+9[=RJ"Хy)FMҳV6̂2 IȗA-a9~"{{Uco?ؘ}@{~Kr򁗜P15EO5I kpg CJCzdBN^~'= .PkB 3^_eԯ?KŠ)Q`-/$%5v}աa8D۔:U|U$u%2`ۢ&$/x@lOQ/ 7t5< Mxzg!DV1sX!.K? !2P: (CizGk3ԓjCD OSuyv{[2).~gX|!KwҮ)[x[z_G=6_ڥCq*[ޝ^Dve?oj oDbOTdOB:gήq>'j> yL8t`pG=WoIn#=~;okG)|_MM_?a`*L@_en9n`Peoǹsڬ|P]f\ jN{$bώۛMqCFWW7`wi‹%x??d`?0wBI6]8Ҷ|*6W܉v?M ǚڃ*8(Ժ3ϖW, zJԬh.!%ΕvA@*k^0骡VPK8(/WO߱X1:)H%?I^ʮ͐D]{4bz v/~WY~l8X 6O  ۗInS]Kk)VHĕJE"~8(洜)D{̈h}Awv?]l][>Grl78)ܛ{aPnFinml;W[˲+0}cM>{^D̛vOBpw fV2XS8 ^fW_tf92K/+Pb2FZcZ O_I+'۽T;Yjk>>+Gm%Cuu|>$w{o_~&%U9n3:*<٫ 3gu]Q)aj:Mŷltt!|U-\|vOс @ֲ2~g`!/܄6XѠ YS- L0yÛIUԩo-peS_&8^&8r^ 1eל (TBDw__Sk' J :"ZKWD2"6 ":PVD@3`*}bkH"E|w|ۏZ2D qaJ#_ots/~)<>/eVi>o Ͽ9=06p"0&0Jb `0(P=UMLubEC25L8b/*)5M0Jr~ζaۗQۺZc>Mw ;s}B}B)f^2>,\֏A=y Js44Y9|Ow`P%K*I e*)1:ѝ\ E&IEo"CS\g:KRGu%ɇ?c/c\͕iOlwM0gҔ a.EXmP99VftS^(DҔ)ɩI@Y *Q$xȇIݠ0V肒(?\aPC\ sGi](t[tZwX=<@?>$?I}~O[n[-\5qH%#JХ!H"#a  0” b'E9dr{wǭ^01^R s3\Wc=o)]x]ʄߏd^Ԫ z \+ҽ?/tn{־QΔ}Zdk.DpewT~h6ߧÙ}(8S5ᐰ:z6"%i|̚h/ㄐP>?]X6{nL JŤ?' W4/\|g'>&WqAk$d ,?g$91A:G>k\ISk(KD՟:k SwosWoJ )z-]ǴeAiцꋱ1=e2zhx6·˻A+J4ιX1h)ЅU}qCH DTx'ׂ}hAV}(s,+rз=_DOLy6J='Kl`qŠ9m)<ڷkGm,y*}ܧ[QJU;֟9l._jRWAm|L;@HGK&#'Ksk)E.t|RGxfA' $1 =*$sըW!c$"d%d8d Kk@VQ)y?KN+)GzQW8} B*zA$Q +" QEGːUh@Tz!⢙" *hh*##b%?0Tdj5e\PQ!"aD&83_HB_wuueHE%)Ir/dJg. \_k?tg~k=dK߉f-O㭔/?i!hZh>!^D :d:Bvnrp]3&tIV/¼LT=!@93(7oɈ)j6&P3@d "Ȩ8k X |G2ajD+P%"2-8J(7NQCFk:,EC=$46^s{Hߓ7my_O*~ǧZIp辋%߳P F@xOS _7*P` 9ҨɥJChe8&E3L"u-Y |}39AI `mIM=4{WSeT" H y(!@]"hQPW!m/kI( UF&IWkZ{.43_#q{'͒IOb+/vkѶ\_YfөCG~O(pp~6&#P8\7*:2D;E0zvbXBU~*Kx{ |s"∸L"q!7;x(R@n Cع@yThBA4@J <]4Zr<8޺?C+)wMaX{/IDOcEqWqaEz+7sWBiB@Q(4wVJg!F+Dd O6T*FQU)EZQFDAh!N60ȢP ^J<%ZE@Q >k*Y@xoG9$Knw.D@LMA*eIQ] fP^#R=j{ɼiF][Lhh  L:Q0Upb,eȜpnakwֆo"aCc}f c"{}%2hAڎA),2foc(cSc:ieD;u5|+~`#[@tb6u)|*aGJqm_#2\tl:m^]8P%4L_#wQm^jRf$/:k#E:Pͬ(AbA81U("BM>(PFE~kV2*UYB|aU`x!,/ }P`!/&u#bc7΢8~N! g dmP7=.#= 6 J2e*4H K_CH~tV|3|3Q~?7u`>b>rFwz??r3`J*='GMu{j+Km>4zՄ;%nxJ_(oJR€2.qZ*aLd]~=֤QCކKVRI'P$ v@UK|MDFRƐ5] pxIxC {w0+3B37xZc .! Z>8}sNK`8l0!Se,,I۪`ϙj4:-aE.6u)yP!G>@Q^ k̾5zn%Z@T=>^r-/!AsSn+ro _x Y{^urm-yg3,}6%4FHPrf+`xA+&-^n2Qyr }@!rm{POK!ĽR%>A1 X L*.(1ȪB `*ZLT:a?_Uz zvty'^$`D gt?*Ǚ2Bx:QәfQ'̋~XA!H5NO! #"H1T Hȫ"HhT F"щA ,( @HWgR5U2: ]ujauSdE^VR6Ά8Q\Ӆx37鋰bLJEYO7 \/홮uy΋y5I(ҽ3vxNI %j ^;p_ lS0KQ#^ga=4(L)`pTzFe}M#KtfU9{G4~Q&`@pfn5)+%Cx?Pbv"Qڠ]nG~za :pZ)"I@ L+PZ=/wj*RE]ʉ^a>֫&'k깞N-״>So(-#B)@RД4 ". w-dWi gIiq/`@&7ӼO<;Kp7q&ϲâ5-Fn DyxTAepI9<p#3ˈE1Tx! Sp-JŋFaQpzI_?PSETg3~f+ cͅPH+U!I<' Jޓ)hoת{T25% \)HW [!HPP'6ЩgȮ-QCln VʬꅇٚP$6qHE6Sy)-VꝆN֚qZ)YdPg O!9*Zn*(@Mp 3[&%|uG >G>~ |]b_ZhB@3y 1ǼҐ0gJppbveS҂![{wrǺ3ݩP:S4- ;2mN(IWc斉KS0/pD~8s'x\A}W_ξ!3(I@ү z.סtfV4&EλLe,-5Q49gU2.ɨ |M;ūX5;SU=lBP8jdgem+;w5sfB/` u9"DZ$oCݹl(FnbЧt1T57!L1cNšUKfo/R%nǐcHx mP&o?T<~FP ȸ-X"ωsyle(L] !W8qcmlg*Zj7_$ 7BMvm#%ߛYe YȦgCL:S3H@k& ;e8@IhP2G&m'Ҽ5{$cϯ?G77}֨]ל#`ۊNC-J C>'wR]*eo}ZLSnLc)]9t!B"e2W&7<ǗUYGp[V0$:[9+mYZtr Y&uCA~> }]yyo-Ѷ%luY5ךIyˆm`'Fjtp˥Kgv3a~'6X))mATKЅr$h9&ktl2L`+akŪ'kT+yt⊋G>˂ŌSFI@ru LfK7 *\A]i0LKsZcݽbL< t-ki(3UY蒖=3=>_o|pئ!}MZ~gtpz2@(Rh3Wo7 wCsr3ts!ҵœ,$) /Xɯ&Y|j`S T|__>=Fr(Tm#4$(A9q9ݘ"iB{\ Wh QNI3 r*/i3smZa2)Cn2 t*Ams)qmIA!+軌l\""]&٪ {K%8jiK DRY1 /xjM1zBq=(y(JZg,Lb!(/I _`L.0۵KqR> }nH{ŷU3K/]6gX;^C(w6c{LYKl "ϵ`=JpD/Z!Պe1r4 !!:KU ٫0Y<Bˆ8~)lnz *5B#HVÍ)BB򪢍[ DnI$`Z)rYlu'aYES 9Ju;)9;C@ nʀdJa4], (A@ eQV*p8Havd|(n2n4Ήi1{w\$ Bd. g8=L6y6D]O.rì#>o( cW 1Rƭ>z '3m N=6/NC+I){ պPTd!ꞟ"%L(6: "̷'{RVggk1z Wd} GcF>"*(w>#̜O˓J}w)onUPoap EcA:c| J#8IUY*؀qi>/uODD$B&gcOӵ:lCam~r''NphOS(a3I煷3lr0#I&BRc `:Pp39)&A}k_/NUxAX\f|Fn-x.FB=Rщ ZOc63ɚ!Qo< L!#ZM] W)DBFZ\Uj r.rwMe̡}6n (3NC/5å).cthNz ھ 0WOS0Byz;*F*`RLDڕ:#({/_CE5ee'ov=Ug8cQҾNqEW':aI,GCRIU$ۧ2.-BM>)=v3e?Ԥ] aܷ\ \9hk$tiA?Iqo$ f H h~A+Lp*/-"abu4h2JºMBtA,uBRL0~Oຎj{Nsa ȄP ixjJ-Z$P%d0ɘ@KacƠ |=2rF"}: hBj5AxZ$ Y@4pɤ"{)k*s a%j K%}Q&BͣwM&(-JD0bQ+IҡEj f) =C*@!Tg i5д bZ!O~* T @@"{IR'feSA7Z2ա÷}|F6ptTJN.Xld\6(MZEp9HX6BC !huu/i3;^^0)r~̿3HZߟog䱩[=Bmbsl@^#!@|ö́ﴌtxdܪhd6 *D,b΍&ܢGJm+ZRȃAHdkPEVaB@e*: )("/\?T;0)1j9O iAF6LnD cW_]!1q^mOK[^߼ǡ\7J))l,k9ln9V˔9?V$V*=u/l@^DD0 lx8Ognq^N'3+Z3껁1iNA?>1@ƭg{3lEa3HyƐrE)vo>m U'i @@ vF;=(R&WߍZ.Knb8ъ ,@%OSF_~EjrGPt! -NigW@GC[UMGrfw'C|Q'MU 9jtr|\:w(T&4jK*qe[edndqe) ՏUOi($@3((AՓJ A;tc8\FK>uxʟ//aj5ltu7āQƒ^},QSP41/u'ժ+6`{q,HAVܲ TY7b6\C f(Uԙ.39:LHf?RmRq MBFk);quW9՗`iuw42Eg55?^vh6꾇ZщQ,4 ͦ] ]v}Tn )ϝtJ=<ᕖTx}kɢNFKV{$m%I'YO3Ð*Qɓ|nn1g=Ǽ%ThMVc92PnHA[J:c;-B&OgykV[@OlXSgΝ:2X4"6f^ x/a(^I#8!HHULJ-ڹ?ѼkB J\w#YY{/s <} ^SeqS1Ut~m< C0kjS<By9 M>e,)8ab4OUF-bU!%#q" 0'-!JxۿV]\ J<V ,"~)`DDqQT7 7UO%-FxSK![~'Ȥ0>)KIzs?4no]a65]4i`R̜Yϒ<>),8?`OAřÖxRMKCi62 HaG!=Wħxj*wTeD#W % Qd$PFFiSqV袯#"8ɀ|DTdD6c0mgQH5 q&)nXV3l!?Ze R4&o#X"F 4¯s48 "d^ߍN$?˶67!iRGxN:(xTj y($0A蓖(Ϟ\{-0{^$_k}cY*:{?ډO)>5 y >밚?'gٺ=utb֫u߄cYk-;AE{oVT#E E\;kQyfUP)0T,4t'fG>s0.z8ǝv'#ZF;9`z,QтB3Rr1:Pε"2,3SBSt]t4GBfi:lir]tV4]rdWCXvG9嶺aF]{7O+̯u`ժK@3kB( "-;t+ޅbqTpuE/jP6!*TeHB@FQ۔#u*'&P織o<lb=G,' v|4f?{(_KF- {; 'q(J""!!1S HPJ ~Xtʴu^+c?t{B*TR!;"!Ew +, tkS$@Aph"$:[ZmjNt6bbdB&%;ā3y|.>$BoU_!|wQy8 2PCAC}\ hHv "qA` L(aPTdrI%tf ,0|=V_MZ{^sah0B4@ 24Bcp](#ITP-*/qh ⪾C5ʢI"Lʩ VmQx'DRacuZmB4o릡gΰHhp#xG$$QI, h-"(!d@ѵPa@ 2XJe;”`[\6AFȊ& S"9nqq@;H(j=*P}Jֱe.dK t='vF<̟WҝW|/?3 "mB!9~x8~W.f6#azIሷ]uGv7&|UP%yd%%ST" 0)ӳ<>9,àһ{TItp-t`AacP Dv_" z v7?@'(:!XĵL{#>L,&wbPIGw$kcQ\qI6/^ϊgSnGE;6WD_`p`?D?ID>!Qp)E-wj;A|*삳OecOou"t G=$7 ʨRikUTz~'ןu;1L)0Hv9N?O}Q.T⡓` 꼖 װ#2grs4CO\dV ׏9Ae ~WIJWࢃ)u>!'fC:rӹȕ ?.J͍[(1cgr}Xn`V,?y:$& cxlAB:H5P٫a" ͓h@39H3@3F%q,95 |̲ĄePMv0O8 y-\5* ;ypN1REu:N( yNo]# - ^va)xBHCu>Tcq_o!^eD 7R* A b4‘?vDxv~&Uax 00bw=U 9(T)+34bEV=HPȊ=N ~B (or.AJ}HP(s߀$=K#E bWVOt y0|ecSg3wǗ8߳JLr_=u1ئ']|L]`rE;+01Vwd ~'c:Q$ +Z5JCgfFęS{/q  45JA5E 0yv{ pg;,Bq);hǔۮ<}${TѴ   K2oQ#QPTLHoP!ՈD}z`@@ADΣN.@  pGEde ϸΧ~xxm8j &ywާ/ Ⱦ$e ̓c2'%h<6FQ_oydcc!ͯ|7>s&7^M09&#{\f$<:yZ>Bx<$$EcrAR8Pt~_a&7]n-?6864 &2k ׄι.0b\o',P;P4Q8YE֗ gnWl@!k`XEhP5΅!(`HY`>9 Uot`hH(0B۔ -# boS R#JMqC{pi<@|*92yP#Ʋ?7ɤH9:`20G)go ?_eӴ vN9B@*5DdkiV(IPwN}[Uh*ҫDJD(5M4 %)DRkW8oD%.@똯$ Q L9&N!×_)?ܙУO<Ln*ԕ eD4MŴ-+_ovdh(hpLy,7ǥK, ߔ %Xf7$YŦ6Tx9 ,_9<94(TN-%XԪd` $,H_u伉JJEQ͍CAҊi|\Р6`M*QBI K">QPΏ=zVQ7ٶ$сIq}|Li%?YL_wv` N'}-]tQt7p Wkܹ2تӍI@?| @%@ 49X~ tN6 `-r T)=]Z =᏶cbRJP% SgWfersi=oq#ID,5NJGe_ l@1ܩz_U> )boNw!_BI]CUUԍvucq)HL5%ՌP>ZU X@mTDZ-w "D19zyM'VU'Qb6;R,򴻐*Zb 3 B?%@8=NrӮUW'a 0L=kFwuhvI$#A_?F46*22G^T2Ii wz"~pFj+2YP;N0 }"cXxMr6woqOq,C|v%^5!OsQ>@\SwnKwϵqX)ḥ|s)%eڞ#-0~/wşǕ%)X| 8 +`y [| }x_;jZ?W󽭪~R8pvVPlJÅ(*D @Q T3+ldtE==]h:pp{],}ku8 @ljaѝ *k: .osYSi6p*BlnsScMצfmz蔪ɗ)_zBod.hkC5IuԵr5^)ZͭyTu?–,(,*Wk#9:R ?FOQ W[>5ߪ臲wϦn~s#ᨷno.ӦXhA}ϋVOEC Mn`]3dHM 09MN%Ώ#sŐ$@FEQ >\v+־CT@>F6G; kzh&H}x~Yiac2Uh hg @Q(y;QNwTN^綇bЭ/u`1pHYE@ @ dEv[9[uxrECEs.<Tn$2(gq8Njva=W9>R+PnK lڠ(/U1ǡ"!WCPܑ-[D1x"!zӪH P0#bL$I;ٺ۝wZ8xC:ᨾTF!~f2!A+"?a o#XŌ @OV{q?{c7{F}thUM[ @D:* ꥙ˑ _woݛ)KU#VKH҂*sĄ"ޖu*?&#/SpZ` &F[^WIc2~M8:RXsmd=8D3/#.yeIy"& '9*-ETC K~, 4r Tn2E*R-. `$L%F4vEYaRUDAOz׮p44 FHJ)JbQJX+ j9ӽIlŬ])D Y-YEfi2!CTRD8˔1o$)D Npl5\[H iz@ ecg5ENpT|Q2r@IB;Q=>c xmTddDV4D SUA*Ƽ&5U%E:e?\v1vYI%7qG3ݺt*#`e&NB@b@ 1맟|=5LBD!m\hE(qgwqH@]8 ww_%Vr [6BTnϣ2r;ޏrwe[d|K_o93 JnH̅Hb^fAcH1A'Zl d\qS0 mgq갊D :U?,&=ZqAAȁ &T$+WF8Y_ˮf~l\r߉͇o[r:;2$Iդ"H]sKeCwe7q&Ik9rH+WuH*0(cJQDB(5i`@Ug&frIpzyod]tx .op+ CYQX"$zru3C[ʛͣU\-yJ{%󯝗{5n"65UMKyTs.9XNY7mӺ.ʝj{ oqgyʘ/^/MQfNo_JEc2IF  i椅[`vݗN'L~z6_+T)U:vM5/iNJS/>IgAs^!SyLndsk ]D YCOuJ.bt*(Z  >={e,A$0:D/ظUcbkD۝(ÆDR4:<@ V̩)3%%#y_8l0XVԉyKC8ʵ*])R]p^'{hٽ|ru@;etj|4"]&-H,#ԥ}ek ^(:XTZ98IL.΂J2j^e- 3cPem'Hp 7HBRmL&lHYbMXz. uv+էcec0 m p$a Ka<"A;tDǗxK3pNLzr#*a012 ,| =)}g'ʹGCbc%u<y'Ey6$rqo7>՗ޡ V/ &|zx= 2ȩ |U[ $vf>Xi\9"d$h'/(+;E C,~X0 5l(F+2DzW=9N[c7 %)m@NuL3`ouQJOŃ6"-eU^L=- }?%mu#~t(P(Rʁ9A|tWݖxt~b8us'˃Ei@Y F*1q 78ʁX⭺5ca;Qi3+)KBw=2YLX'| l+%K72@'RҪI v5!bϠxr|aLh!UW#Tb#7s9HLmHj]|ͻ8-t C x8_[e4Rcy>Xb/GT XڵW8@Zˀ%ϝy'1C8EoR/0΄u{v ̮GCDz@]+]x mlUpt}{Y"dy)F"AcjbhAm(h~gki٠w}W`S6 )$ r  Zl'`Xgh&h+߱D`9FV21 )U:id,r-٤{Ui +N3bj&sEOO@.[No5"6-I :|=zڡӦэOfZ/9 )G չqNlJېu>fmd#'k*JN7VSr(lOuH*8D04aʥ)#w 4g.a6;([ShIAv;0tRJWUFHFq(𽶯)8KWIv괿@p>{$Xg.JB`\JIjxOCsٶnytc+ғ3F?ݟOV${<zKЭDs>y~A.;ec*ViCc=^opD&PSSEm@Ra8sN<nfd7nRAg{ ̎!W!VÐ\4@Z؆[ _pIj6hO|8J/l3l!$% ,y]ui勭r|\S͗72gp!zhfvbiqS"0E3ؐI<⯬Ǎ69S5X3ߣ$ R*#'q\"HµQ}.^C?,tp7PLs8D@dsYw|gay}ÌUeׂRTDo%y.9 !(H;;D L=դq 0fbLi^|01wX. xp gPuMj8 9s K79ǩ>/{0]H4$ (Y5*'q6Ђo~~癗My"hcQYŔ#%`b < p>!ǺD<\)ewݫ s?S4ȏy!楄μ^wJp'n-=;jojXtU{\*ޮC(Ǻ*v [O2PXƨT !=\ՃIK'r-%kㆢUxPP_R"Qw ; w_ΥJRx,3[?y[u{/;o$!aLIzĐ48KdD>T-?O?lY%WG#cA"I$jťIi9z.=WztRgE4;ﵥI  <TTNtSv4'}RT)A!Fo;~{"IK3QhVU ~TQIFIuzA``SER5 WWOlXB+[}*@QdE gt;2*V"=Q_B"jwWֺ:ޣ._o|o3svf&8Xɇ=U{uaD9QO?E}‘A%?mf^v7^O罦߯B m6bb@EU #uCV"<қ Im~}ogw۬sMsڨhBdA:8 E_o ^>j I~ T+F6 :*-1ˉ"HIuxNM~.L-m8wv3XA9lczs8!p`WFЖQ+ӵ?ogW<1u 0 lx$ҮiU)ۊ(-*5삺wvв)hADFy .W8[?9yS iߦNl#*:('a.]`X< !i%CyajE.rQPkq1E@X"PI!&vVk%֪d?W|7޼,FCBqažh@ k< jt@~ Lڴ!ǑyHg'{pN/'<1vWU7,OkLӷ1I6''=DJuC JfMTT`EѼl<׷dbEK p +wWdNj0Qo.؆ʑ j: )dDʆ)-@9k Y#l>֯3_ָ.Zڠ/fkS1z׿'Mb>Cm@#`. gˏc/u 8?kucQG[]p6+x#'`=sҮ*E)J>b% !ІfPd ҉"/̥ˠ2=w-s<>DQ^W;r)Qv@#dQ4$hQ-;rMAe֥vLt($iBdr{9I f>'toѥ [W34qE7wșa1E}]peJC/0ѝ6]ZW8m}hCOL A%g`18Citljkk1h YFZj\;luFP>5lp&! dqU3+\W>XV9Qg%dR%(PT9FV+'.kl$%wH&M,ô e4 c#L*`p :/0ʜ_E,) œT^^6*w!Ò0dZSz\Yki:`I0a^-@D4/WUA3_5r^υdelH")BEd*QQ@P" "HH)"Xc ! 2$#!Fsܼ<%p\m:kl- a:1mTX| o$ (aJ AC~PnpO|=OOGO(oX]6IL27+*MfE.S@ ] ~%կsll{WY(cP$S7a1D<LV8[ɾ`(B5f/Mjܣ4C!ƬtxuV\沋^|kTFW1BOV}^mssW"lA*YVW-7o+yQE=((0m{>g{ve|w$w -gHD_  ,j;qKm.tHc''B]pHY iEl)wݬb$SϜR"J!XHB@bDxS_'k>jޅ67 ax]L~ޯ– vti.U(<'x,b4$% GkYf76혾/ `4Jޞal+&h3==\E :mS@8lZskZ,?sC1;ԑdqts˩0uђe! "f? :FU˗.E*%NːujЪjhUi6TF]<9#868x+ 4\.~L CzAl]@B'/*/QxO,{6mbvkɡVHҨͺlE<G>˗qdk]9{I"x#'FJvZP(UW:e%ms[:Z+)OՓ̝>^JVQп[]5|Dts>gfQ_< @DH kV*(Sz )X5~d\e/v7ߐ@gc:lɲ^lg'M5i A4s*R(sBԵm?Cƽsb)ĢGc(33MG>>k:3ucv C3aL3e'6D ܻn8} /*f :33gھ^߻wiGgÎMbTCrs*|~Ŧ^Mvafd-QZ4t[Nd$'*/tn+`EԁCt<}5Cb?2Ʃk6]FdoL ryN/k?;QLжĝ ӱoU.cû{뤴T(oY%^:->m`|j :F|KߦitpU~MNiLr2]Kex:= )BtBhVxFiRX™ʥ͊_zǤFC{1hW'Bb~VJq}lPSS ]LA:N E)D6޳';$4cnTApU>zl$gBPܝSӰ!ȸ{~u^Zl,--Z,7S>)[7i\5_ _M3x-ZKܻI wK?1Ea˾>z G\=>h_$^rYHK$ݸx2L+O.Re|o4srL*)$3K-&$t(SQ{. LkCp%n8To.{Ôu\AQeRƘIQ:t+Ap@B!/`{~,JT@4 qnga0L *!TD@$= /.kc)&iQFv)|_X\!O B4JqMI$!!bubdz5 DEBI31t9U/OH8$HL ^kߌ(q(=2Q_jΪ`Emo72\͗>pLYj ]8W!Th(D*$" !1ed*Ha~<ʿ'!!BDOpa\po%ceO&uqY_v90K1-M%AjDn B80{IEdC)|5}`}1 !+4=Qs0@^ @n\'*bdԺP)دk=f R<6eӣk 5c.q*` C=DK>(Q$pmLdќa# ?[w`=OWq3O:@6.5P 7DFDD_hYʐ4$**Mf &X(#T=dSwc^~."$_hKoŊneg vpKDDD_?rxk,!%wR{(PсKh T=Vn|Y{y$ v5-i]va*T{M +mWpţjF'Yk2*HH}xza"P<RZ uo3~6 4ݮPE|ufkUUOQAt"cJ8⇓EH?3iOҗǰIvZ;nj5abQɹ|dfYk[{[/1tKP.YI2}tGnK/Sx]bX'2'[1PLM;p\;P4{ôV, HuƖ«+ Bb@ϙKXZY=q `z6c& h˲?ĕ!Bpzd 7')EzlByD+ V4{YϵKBFT7Lf瑳=b2*J}Go/!wsZFV!j|vی4˪5h}WNEџ]=P"YHu,l=^2 Y'wKLzw-NjCsfΓx)k%ro|YoGQM l)5RE6:`h)0jh9vA&7n3LWutc$(PLQO/r߸+gg?Ԭxd;uk $d@ A3܅ 570K+Uue"I3:TcNm[ ZZ; z^M>pέ= ˜\];~i=Vk* 4q`eoz7ƒx;o>;!2](3S3 wRv0UaAl.T0Q=?5Tt].d<3:J2~]辶vWA2@J$E=P ھ ^=Lfobt7iʫc̄*2;J@* w0p@EnZ95 Bk=EuK Ef̜/\pwB bp!<ƭma$ȇ 8HLDB_y^/A57ډIUTlFGM(}Zq/3lӼ-ds1j1&!)((>_[g廢Ǚjңx?u>Gc5o؋ x(DdۄJ$%u n։ 1đ3 CIߓ̝V2_, , >@x='ԡzXc$dFBԉ>Y|}\2oRDh hClPux6Gp 5_U=nS'T'iҠB(gcIo :u?tdcu4X.WGTAdT'6>{Hb+(5AT w7ʋf۫LL^%j Qe>V DI'A**&Y#Sw[LF0JTOⰢ U$*DCX%tEO~X/Of*Xc@OH'% C4%BHA}!ݐ3ck3&Ld&CV&XaR+H ߃bTS,PXneqM:_'=bwa3}w_tmRiBhCTRQ>iR~oiwm? ! ;* ȂC-Ugiz%*mY~iYe1z13v{}LbfB<',&c@ &bg<7{%ۡ]Bvkw-ozZ*KF-ɡ*ږM)(QAs8"yC(|Z)v $oS(T|ׁ/u/='Ż\7t4R!0`{vwaڜyGyyVٲUϠD֝t&(i%pf? _S0hK!Khsq<߼c\x+>>JZ?i<2JU&lXU4y!Xp]ɣ=0/Nጦ%z%LD s{s~-Vݤ+uM /]FYW7G^]Fi7Ͽ.jTX O ЦyE`b1F%6.-ݓ% fN2Py}:jOTğ"!͝ITH(_B2-rNh`7۞u8Gh&AwjxFd'Dt@`m\ .-([ewUu39)Z b0<?]Ƹ !z]S朆zti6±Mܲ#YۈmQvu*,6 HѤDuJ΋/1( 2tK Ⱥ6̯kQ66EkaN_42ijTQ`` D/߾.=Dzl!_'a]T9qJ9E 3"w C%mrS- >;9hpHq&GA:ecqqqB19r=Vv}E E53oO\芚D tC@ƪr]A!ay_ыlPpC|T{(@-R2Q ɁZ3oE?,pS@/zBcv3N]un3!FA/Q蔿~nKb9-c h3UxH;VW_mZE#^21jC[,UðaW $T*PDt@"K6b;\0Z[T#f)# Rwi׳Gq 퓟M<m ŢD[-`RߨVE} g|7qmGTF _0w`OqGv+V'JjY+Rae]axdzTO?o6xYcH~fĦx[q[=L4ZÔG(G)gWevwjˡ. cƟ.4$۴.+i27ԦSIt|e&N(dZ8<:9=rAR14KW8^?M̌Eu6sꍈcFŋ w *wu!{spNͬ]>yƮώpk- /jk#kd;:ײzg,ae{.^˭*/|34t '\´M|W'GLzܟo+R}Ry\߷A̬ʔs}x4-_z&Xbi峞Bt\;tţtpqyxu8\s qqfb[\-: =MR2Ky;(hXܜs=$`@DH ȣ"s#௠IbbK˂cE _H(c5(@HD@ԋ U/r!!i$uЏfl\$]`Z*eO}*"eGY7+1ZTTZD*IpSUo,F F-ֈQ;X}≄D!$I}ҁqZO>~; A>_ H}XA)_/?)c. Hy'!:X 6KsFX5Ya(|Bⷦ 3dX 4sX3K=~Ū5GР*Q˽UbKҍ~ q$y/59ve ?dWM (*EІK]62X jN* P)!iA;dkz "B"~XR$ ϪwRAuLdV.yUYOp :B8zy8t. ='rbHdNGp>^SvhСθЙ<*o>z sq QbL窖'E_+0,z^6aRHͳx3NǴ3ː)V7tDd\Frm4hţ0@x t! v^M+]? 70r w%{g㮅B?ݱ:&RRfP&02] KN)8X Eh NV-:$Oh.\e\CX/܄0 h?0EAK0Y[϶zKwkPW mcV(0V2C7LYʬ)ӗ ]bW5,s-_c:hy1G8Hb&:qLxV59bNZ$o" F.L08]39+fEklat)7SCD+ۋھjbz}u\._6'uJWNMwoPU}||=<=,PKH2FGr#3SQ(/|W,m]sSov5*^eQVdٛ#& ^M nacl7VAqMl:S yZnox\e˫`1OJ|cf?FWUqcvNM^}$yyKX+oo/fƥEC{u wla]1;Ʋ1"VyjFB&5RձӢ`7ۤ흕VZXpŴRyy-#W"A4[O@K7ڹFiFUG)k%P@崅A¥^oPHX;W MkJ|y1YpԲӿqI ȳä ?oȈ:ny)_Orzxjw%^. ұ~7=>iESֻًրDJsLhzmkOC! hr -j~]\jvjm`iJe5);9aTɛV]g]ٰ郣 ^ a8Q\ϮcFq**q38l6|![kdR q,um']tP붼w18n4\zGۿwS \S9Tpi2HW^ D5eso\Ա7W+ӛ}b`,54ؐ޼v:p#(O,L/`)(.^ $meKFuvThLjTI )itl<.H/ҽZsX3Q _8v[o4o%O*l}Xq~Ez&GAМEi)Q+~_+z#irx9)X;ȫf_(g)NV>\.E",`N,]~9o+*`yu7s©('i4U 6q;:pWX ZW^ink!>>@}OjV؆v1ԩY(YSX;3ޯrPWEw5Qhph#&b#fsoέ1&1o d-}g eH'X`Sfr'=ܷIܷa_;VnMSu8g.NX {wqOQb w:k M[w%;r4pmO,`ДM.(aCTyٟW6-s0yUy4%oj^?B|nAHuV~w8 be@? +7O7{~gk UΚzLe|O0 @> SrR{K:+9V%֠:UEΊ/|Izw#E{@[wQ-zŢBU\p7SӠeڭU EQL뀷05-UT~G~;,p:L:t=XQ/ڀ# %tZW՜11cd72i 4DSm}, n:`zߒ;C3*n3_A:(6%Lt겆ʎa)^r"ahN㢩$*NhCJԡ+ 4Zؑ4r# ?m}mj2ӓЃ>*AP6ٖV}U1:p_,#9T y:; HTd@*Q#wMQfA7-чcGXQm'Bp%È-lI:Q+Pʫ&I쯾H_- >}PS*zZ0mZSLҩglh͔DjZ4Z-ZʅTA8enU}\bMNBAXD$| EdGJ_T}q!Byp)D!G E`\/o/|ϞX5=bjJ Iˍ ,IrI7aOEZ+U嚝:C[6[y ^7Wk#99E[uB|Lϲ<QX`ͨ7R7:rO;U(f@rbWWɀ'O-dm⭜&b=|iOr3΅4!l#k.cyWϾ0!UGa\Рib˳Ҫr]LyO_)S %N㙸3Lr(YC;#@ȼ*zTtS {-carsС`u^@V~o\dگAnH=MvAn1 B>W$- rQp湩?ɬ.g^X@Mi3"b:3Oȝ+}&TڎR~&Q=l},c"@P tSR1P2uLW4*!g>2-{..3ەUsũ[4wSE ǛV(,q;@F 0y/ȹ{XCv tM2/ &W{Lڳ`1F ܞ P%+n#K6zk2هJI8T|"U4Ռ?2H26oW98fCJ#9-z7&Fo8L@F xN>1^aԖ[B+S!?SFWܮ\?{SYq|3hޭnIOaG9\($XNEY9if̗Z7-V ȒL=a룐ŢPT@BKEXs$YYÖn+%(s6P_B!n1VuʕV#JpREKNLV2yX`6b1P̺;_R:myc{.yWQs9Eaסł/+k4qKƛ#qS>B7mdqzf{C 1pXNxY5,uU.+[qy[?̜ߔyG-*cJq7cl;J$CR'G#.17DC<%7{1GOR}=37ڞl(<'m@ נ`=gͤ⺍8|ԙwݕċ4 ;,tr, {3;]{Dl mVT\7Y{^ږ)} 6N.+vLV~ @_mb]/GE)ڽ*lCmB^Z N$yš)DBTZt:#WWftԎUQ:ϋWYİRΙ,/Q <*/"wvsE$@y d W2DNFDPl ~tYyC)ѯ&/!M.t.DQཕ~U A x5GoVFRtrLD=]e;>عd+ ArB춡1gؘu`quX'X^(q2~~#tWd`f΅mcwV9E(mo¿ޅP` 3#Rx=[nǍuLB!1Z]qU7ZYڕ,A;H;|K u< P;'3xCsWsC[8!Wnyy]kEgUJ<, ӶOQ(yVu wj {E{o& {G}X@>_ @Q,e)>ģFfԪ2?k'c b1GkU,L3gƢX?o/2d-c!Nz88gIڡc4c\.܈}*{U~I3%Ϻ9w+2yShpL9Y6ZJZF@_?<$<ѷ0x+xv "^6MD=Ė JǬ?} EJ ev=]ϱ_ *cw6Cj_JeQi^)i[5s@2h:!/ M[f3ԕDv΃}ى.1תT"i)~ ,!jg8(Gl`6bp-qVxǛ%$b@\BZ]0vNn3dZ yk)nLj֧̙z\Ypv~AD 3ohw!PmuC'X D$JMoI͇-iFZ)N=md NYkRL{:{y&u+H5V!_xxK0qMxuK]&S܃ Q`ra-0 ͚T L׌鿦zM{W]6;O<۟w]P§{|{wxo)9`okddfgEĨDU&d|HEA(Q|G=;WЮe#Җ+6*#|mK1#!j[߄piiv7q ڍrliӖIza qp‰ bF@K+o_9v=r˯2MeLAWwLq`'X{†*$C1&=kCz7s;,AIh:b|D33f0iy!i,8֝X4p8w!Z y]OA5OX'rm&C(ƺ`ݠœlfU,㨬?մy~.}d__FWGp:3, |䤬y*4@^^j/}X49T{})n2ݹF--KrjW{ZnASqF;YlYE| ^9]7ey=m6NHT\Қcxjfĉ]ه@Ww>LbP > 5U%\P!#TD>C<[ Ƴ>C(xm$ y^O 2wRڜGn#H?G68vZO:*|]:˽fk1c >2d9IhS,37 fZ@$4K읝ׄ$&A-Alm!)u p v{Y-$kD V2feY]f C`:{Wk1`!\_^ܞU8}F $g&D+[)DF"ԩINYCTChI@ Eexnť^-n)I۞cM*U"@`n@ 㒂> Uòv䗳o=}xB\M[hTRTB(hAPk6Z']x/eeseHӌ啓 jXrZ$=^bP.n\ʩQ&çyMI/} ĿPH:5L >oIy4*`rhfQH5KC>`kXy b>$%Hi_`o3>f$p5a-|mjEP11Bi_q!?+ciϖ4z{Yݲ͒$ɤk4y`%U?M0nr͎KVI %";]e#2hZPV * L?Sy5ق̱bC|b֜Dwdk8{d4Bj8?Y liCKgp>a=ɦh?WTJW''ͥ|T }D mByr3ѾC3rd`PQ=|}տZJ;"x {CBNvǛSHQd_w^ͯMP+w\|G kzsZ`ZXq: Ģ),J,Pf?]؋j_$k3*P1!OM;Oh)MeeMap]9B7Vvz}2~w!%ЍOǎu@q`IZ+}n-mjkaOt9~7sLvL>MUP-bYѾZΩEUTpqMr]qeTADk%͠k.ͦ}{> M#74[슦rLpʹʀJ)Pi <`S#tzT)]e^iR }E1U3!W<~]D{4MK?7/ѓ֟&{̼~uiQm~c RPh%xX wYF'-M9҄i/9 ߛsҌ e3f/*d Ic=A#GcPi@-lM'~*]fovz G_I.# Yuq3;:; 2l2:Ke"+Ҹ˸*ޡD[=*g̟qs&e#Z Sˋt?N $gucPfs~H@Ė{J>6(D\ӫLJSXKLxX<5Θ <B@}@jѕBXvό`O3O+b6o7]eE4T P,sA)~,4oYs>h4*3PY85>ow1uLL_~K:9M UҬ ML{ 諸.KDlj2rx:h|Qg:vQQH\pXk fh<eU ɁƳ"]IR,FckT"XyTI2壺't"зR4I|l'ק` ^?>5R^x9>eiQ_]:Z[ %]ۜAg9zܦŸf{:y̖*{sa7OwV:] 3w]|n,w=p۷P<7z8=^`m ^!uFD(3j~Z=|'j}=X:7^;925aFVe:fϟe#l;Tp45!{?OIjͪt&_}޼i/.i ϴ}/[lI!_`x[Jm4 ?`|$cH? $~VVr6&,#{>7ix(TbhP+C E_A1uC6MV(. '»Dj'& 8.g|,!5knLJ S$Cy|<0* ;@&LNadF)Gf#1]?Aآ;#Ob V}2J$&=h㑕rv7,L5^O˳P0`Pc~]Ikr^?rcDJ(I+#.+2anhJ*mSz/knf)2F oh&C.֦ݮQ>Oā4=Tɒl!Stjd_{ 4xwf6!2@RJAo<` Z>'e_\.whqHniαlfDrgFq̊'bObX(Ȇ]aJ=HCA+Z/e= 23R)BRQ]I{ ݕiVQE;m6f/> WY֋rj0:iL#Je9 PI.S{Hˤ#j|R(T`V+v蠠)W婈_կ?zfɤ6?@,vrfhi{Tn^סNOgjvVTp6L>¿ m>>~MŸKU'a(lĵNW NKPXQWɚ 1#fiB<҄Ɖx3Q~/8~ukջx[Ń3qr0.WOAt7i.5w7':BYBBQjotqMuiF,_av: <;?= |DnH#^v daNv}aI[6>^2SOx* +ytm~ UZN 2cB xw Q< EUlJ+/lLF,~N~~Imy䮏]<,(I`۩s}{'"hmf7޼nZ]37gxq0gsU>74%`PUl\YobIK8a6D^hÌPDQhNq彼p6cr*)'/O(gy@PGmO/ _B flҰ-7q }wpZإzlD6|gr7Z{J|:S5PFZzZ%xXg?'Z.VGXɴ~k r-3Ym( $]ҞQ Vj-$Ͻ.ŧ\f[18Z/zft3,vVrt ho(FF@#f`'Cjg;'_.9Xpg=C'"{]ᒍ1/jx=뙘=3+LP ?^m=ut77Z,jtqm>S8$I^`1h ӘY]fT׷ י ~O]kCtqx1==6yzn|-}KoUWc6RZ cHDbq-08݁(Sgĝ!y~cBRlբ_Cl5FvL4G6{7d ^/%ͰP6p,FIFEdP$dÉCT!ƕTg|­|O> v6beC+2L{|M<&HKzQc (XLM[m 8GƐJ? ?RvI!nYc漌ScT=CNogcglŖ/b|P^lUJ6 CYhg&L,J7GA.P\+u̍7mi* v2Vwl$yRpbumF)#~,}'ٍ 5jA}bown=VݤRӛ )j}5ڇ4VMwRmmBiej#|Ԟ<̵#įJ4meʐw/&s. i̜I53$\?F lL|2դբ-b0^u}υzc/ݩ{w Xv(KK*gm *$v#,o*x~Z}]}Nry>s7c0:Mk\r@vP+*S*)#,".uA0RxX=1c@*-QhSW,@qPl,Fa-xWjǎd^xQP  y_u"`X iy|+~5 jibg#0!h'R~n4O0aW;CòCj]I|C=mq >4`0 Ev34^s?:avmܰ 6d^҇}[g/Y~PUC@D|]ԗKqsy|Zݼ A84S;bv||-Xj4+DBPk@Y(E Mi?^>i_:_#^I4OV"7624G烝@ >*{uq> !Azxj8CyI"5f4'b"ƺ'X"!p92z"s6t,UܼeL&]uQ&}!RòBjgm%mJ@Gk*v?/GP~iHHH@r<5VDW$& |]LEi7e/Ha#yoipRѠg@ OzR0l$MA 9%u i+l(?2rAbC]ް ͝}w^=qhX#΢3yKd vU#<v|2|M{8nL#B$.#J~`JǶk.G/#%oׂl\wk$Yq,/8rȿ0J("ho"H9aIwm8&JuF&zC_F6oJp )/ķEzHQgCb]R,k~%z௕>5,_1z.b(X0 Bj:m*oBj!4!"ҿ}ζ> I>A%fYYUIDaR#` C;b:b0AIXY>x 4R3)I)siֽc;ݸ&){)艼vtlcjrF p<` mM2TG{Z R*C~}Gb,GF&2Qr.@>2%bHCc/tAxJE*l3(T䮠4-F.P+R!iG̡2'xgAvTHYS[vl%³=rvy$3V| Ja (1aeFse͊(kE=!(ksUUۉrQR&Ʃ3k4a`,.fCK5ŁAAh:Srx{O?)oZqG sEM1`@}l JT=)5 7; 4ƇnfhYęKj#X)|ɉ9htRZQT#(Oet%^'YP(#|pXݿYt@c#ag)^;9QBi-"MxҢkS]ywVMiuxH z:[?k-)XDp߷c*#̺G@9 fU3Ap|(n?F9bK?_J"nW<Dx2<)yrph?~5"B!@DH[8@P zV-D[c{vgt,{  }#%]y #s"]$uGLuL2srQcG!`4kD1_M~khcTN\Ih!'Mm(_V旒l*\&錅bbO(#rwJ7tіe; %P5VF:ŦB~LkSXWQ]ṱꐓ xϲ>㜛ŕoi7*DY`st GЧta%!Zfw!'|"rZag.{;65hC< ?ȁh-4!0i̱Ѳ6bof [tԘ0>]4C5LC{{`%MRY撈xhYSo+,FZ[h #lْ>C%x?\Q\ x-~G|/9\wƯUt}w~iwͷA#ʑ @>]$.$0]VLGT?~EȌ51MEl*}$ BL0[2:Yn륿%ԭeh^GSY1iT2| j,>>lyIwz\r%~qkE&`ݵoӽ#ŰJo0s՝q=˃gO%C=E49yUC̓`u>Ogo=~On *&Q ZX5ig5 r/Z=Z n1RBs1\$,׼`+w<}Iz%:>SO@&*H{> |4l۠D2.65Ą CaHKO.nj g@";rR8c7W d h[=>w?TD(5#\ HH"O\֢diQ, &u̡Ƌ/ {-:/#i{6Vk*ŦwUrx?Z.}p ɯKZ\j QD<@:GH~JuvV`cy{s4y{Iry:ulf, qӄٖ˽E.<9o.7 ¯KojmҋW՞&~Quӟgg}JfB~jCP^1>N/Xx|zጳ; >gU4MUm[H\UFu`Wc(v.ķ(hwmWh{@᝱aoq2y_'q63?#f3vy>w˱GP"[cyon^-xUM$pT6嫰GREE3__l,E/r,]|•Le[??{qs:f0Nfrh,(o>nl*2_2~̛Hˍ3gHޟfҦd_䧪eD[E5-g)V1%4qX, 6BACͬ_0\4E}*VNov09 I$/hb =ⅶkI{TRb4@EŤOZQS"9ma%֩~}^)V;_T,M >`0GVٷ>;;` (bt ߈&ipן!.f\JKQqpŌϑT |#S?lşn؀O@JQ'6ȫYapr|&hxMgŀ}CR#r_(X6ןt7Yx 1Y ;Rµ}e@N$ qqEs.[x Pt Z~Ki*()zD} o{VX|\ }WTJ>Z/1mɱ"6QӐ.6p[bPދ˟-G")9̃=} EG-'–j1iYyI̖㿒RU|9m ܠRMex,cj`ZbW3*8.B(QP$mmT7!Z, ^D73qU7+tQmR5kϙ)cIc+e[KN@`1b[G_IW 9L*yMF׿Ҿk3ASdm>f^7^̾[aP1>{*?aiA1Ҡ٭" _]4fOcU1)@mĶVl>q=E__r;.A+ȓ_O37̐.k6M/bt= Z.{WS=C^xNOB멢VKxӸi;9Ylʟ#^MxcŤ=6rS@xi1SIMC# W̋?]}XHhcaGes2f H } Y0DZ3DnwOuTX8[3GQ~} ޤw~sOϡExSy7ڏPߺˆHn[g&H \s[1E| \롩Ziu^$)<Մ'?<7sRNfڪh5TmԺ2fO>uKQܑ"8!n7aHЉo?G=~=F_qK֙q!S Cڎ7֥ÿ_uxn6*TPt)V}?̧ލd#\-B~ W|ך'_!^uqq ˸w&HIJ|E&ejM 7H+9ScT)%g;j9uFDmM;lU*KykGp 8-kn[1_V䠍Nttt):)}LABdEF 6|:9Mk(_E,֠4 7QSav=3>5}.qZ@Uǁ`K}/71R01@¡ K{ Cٔ&^7|ȽZBԟ0vfU[J {C͠` j$+@B~ܐ0JN`<5żϤ :Ta]g (4@tNY34=_*p+]\0 h S# -~OWgԕO2Hs[97!;dά25ID]%Bԏ)йEg_|MGs hQo3m)ЖptVZE@j8tK[g%`DI$-E}@Ws,>a&WClm cv9k/cD R義Όy!߈^kcĺC,@f"#nn|ϊaf[ xX'M}q?VN`B ޖXh:bR#f`I0Xme07]5ܺۆH;>Nwޗigd||}V{ Z'(j^?x*g7q5{ܼbEY2N'R( ' #QCYyu^ؿO>[/=]_ @)ەFm?Q 9ww\-L}P 3V],up904; 4$ P̴(E@㹙t9ǡ?#h ˧fR#CRsAnɔmb9UOtnkb \>]HKˑ2Py)G Jٽzwp(b8 5D| @8QW wkuZzt\nKf3D2ƬdAw&=30Z'x4+0%;Y5(n Y: Lõ@tTu *vP4RK%723PJ=MŁod_IJě&~uXuI{ޕ)3 |(tiu5]RL Dt|\@@CJ'&yB NҹHZf𳔦!ϼ5dRf*@< rEm3!|ef@K ;t{ViDA`z@Bwl`LAd?GB/"|*G}J;5.Ljϩ4 9:h6y/~ ՜}́N[٩7O+q!"ΜmCcxjvM(xS @vN@onu[< >3 zy8 K\5ޖ0c܍;HZ .N;g0)U$ |j7x|ۜ NŲ링͗^yL?n DZ^a\Z4ܴ sgHcPO`V̧>IJTgH_Дv11΄ARSwÝް# sX&"z`h(HͿe"οg`SBvo=P}Bp&/@B gN^Y'q0_t& ]l7% hS`w5y,UT1K4%8%t?cA%|{bu(խTƮo$o+ rii鞑`:~>.j@$tf@Ȥ†T*;yN-0X^L~P~P9 KQ.pOP}'\/e^7`O ;*H<8.BOJ"H1Kgԗ,( konnͿNJ_55.B_ݣU-1JK˲ײlg G4X4B.% |Ur juzD̛X)m-qeЄSbPg̝cv/P<)c^A~-s\&(T0PsD^fG.;BZxW1ɬ(0"6,2]A%H X*ҏҔ)#Q'M|ڢpZeVtEg1&XWYӚ NrЄ[Q>/[1m2@h(s\vd.xBd`۠M-e 3k{wS r,u ڈhP`ud҇>5_h#p*KXDʍP\e9䝍Cjj^mW=UFwDž)PАCV55R=@e2OvCe auՋS#Et^Ǭ8| z(5 {[<2ɦ*Flh6t{vp)OqflJPOF>(&/'`kˆ \oG2ʉ3fG||w&qB|>ι"ޣ`}?~=W< A$jUcY?GFϓkSf:qWԖORYnJ6 1i 03Щ{ҍSCY4dGm4mud;Bpd*޼p06CY42*yqwnb^,ѠDt=5%  !DFܥ6hA{~jX&v Bw,2y~m@ l*&oCc}gq~ۡ]Wz~ [/nN`r9Tã| 9s׸ciűnEH)u+^AEFi6[0"p{Oqޜ2q5ّtg ,MRH3Pƻhֺ^=k^\̪up^4_$?~ MhYni@UvMRDȴ?3[|'kQ.\Q 56q" aHH|ZP0S'8Y4 D$b7S09+pzyz6T4rwX6 Mgu0Iiel \=–6)pA^ɬdm] LxdV`,5BS1l8O@PR#~~IN%s$HY{P$18t^bDZgpJX[QFonZ0bRyXt|@@'UVf[`DF=B!\ C@$s]:1y칛#wf G.rPyD7QM˟ڠmЛ.?bt}'xx>֩mjXA:eNbFtx/$u82{]J i6b[Q@"!(aHlv!}|1z_Z !#8Xhc!"rgҾ>v`3"~-CȨ9)t쯯{t|0mʱ__?ʛ.3dnJc-`c\qV~?o~2t 8E'DAv3#Hu0$ PM-#Iϼnp4#_Z\̿Y뽽 \ 66~')gwg8P"*&fqqAd}w!&'G=7;\zPبآք[L z \w L `niPzO*юB:?-ߙ Z]]V L A&C'Zô~uA녳}F9:Jr>~oCUksz\UӕU=ixБ} <'y(X>~}<7sCyKV5¶4OhUG?s7m=^Ta80y.զ/-](c4GUY.^_S?'5Grm2@.%GUp](<@_a;h ccSFbJoe{{L(2Dlδ?Mn<\'Q ݦ9KgEougб٩ߒiww z, f@gŧ9q7oEwGh/Edbw{iA؜H@Ȳ$5[*`L0D@D@EN<MG3͜ciGr' a<.a@r:UE{FI[9p}o"Ud?~Mk/= ,4@Θp!Ks1TJ͉q_ݜ}($1 H[cD)'*B DJ,"Jdlܪ<ӆzݤ& !7f\wV ebM'`a;#wZZ_1iݱ-ڽM+h5>XN ia\4ƫ`L]Wy5[r7^u6{m?ʛq:[v>LJ HA(DEZ;5\~Fνyw4Zĝl(P hLh,'I <}asS/'3&*:|ex_s$8$$6!vR(qP ;l5sq0L/]O;+ @$?=#w3ѿJJ1Ve.JU U##cPe>SB7^(C,J^OD/$z\apOC '!&? TAl1zc~ᯌF.sqV@No.=@'?lw14nB#gk̃ʀWd,gH4B}ؗu9>˂QIrH a)g*A}OӣGa:y,L{:;0*n >R;z}ҏ |=Mc UWq7ifK,ww,x$mW ֣rr._#;/I&|30A5?LObU%VW~zm"8" 0"(s/c s]RI;'X3c#H=3F^ِal(\-!Z>3⥡5UV'ջJpFwl NhZg?٘ȠIt#~f7!\ZD~Qˉd{Q0^ 6pIT8 Ss{[\ } ܞ;V*z`% .aq/\d:%H(>Y3% fMIw]F qw-pPT+@b]?܄U޶lH!!j֚{[:PHY`fmpW̾@( TaaZi)-,Xd"`y_7Ik`T:Ҵ8>coxIp@JmP8["~6Kܷ4*uCWx©#a=N ).~{= y{K?qT  sE;`ftѾֲI$ 2Bť3]mlfI R[*'Hxrx%¤rTIbd5&wl E=2 Jݑ =b vJCΤ! R%z8Gz>duAhbA=[ qv 5Ǔ l|tht'D_66\(z. jɪu;;Ƿ2hyGё0(\n]1): wB(XZ..g팘$q.2 )E`'G28Ew: p9zKp^Pz kkD U `Tvxh Ӫ 20pAB(@hT& kH +-fxTbkr\<=!P Bb')@Ww%8Ŀk%o3P> 1 {_A# $tvx9ӣ9 YROtDTL}՝Ĕ#.r+&!ć D `tN/ql(. νSr0?TԄ u( |7GD<@@!"PPί S+Ě~f=!\!s*r]6#S3ٍUI|>p,ztx 68 Mk2]Ν8<o#~qc>^%oP BU9eD-~~( t!˃eQӪ,ekdu*mO^3[ Ç.z;hWFy"MxM#!% Vc6fG}CՉԋӍIC 5UEE#MB(K%4bRDh(.JTZ-)j"Z-(v=be=:  cD3(ˣ =-NWKY ~|_eY 8P{\_ :m:٠ז;f= 3JV'rOEG}~eXȧGs,(3">t~G3 5tJص7!ex'.hr8p_R#DO|~e(D8Zڅ'SsCWJnwcώFpsҹ ^)PЍ L ͡J '%z79xz ^'@j PGڠ5@UHCd ?0'{7r:cX;_lo_*q|\dP ^.q޹^țNNm&'r6{{Vv(%(@bv*gŸSNY)6'&zf fܹ2NI5" :\Tv>&C`|~]:h7MZ gjk' }aLx0E6d^>jߝnHP^`c}ΪLRO6ô;uEU!2 uuLP@ 9>3}a7pWaڤ8.S^>/K_RS=s Bw B!rZS ;ATF/iwy@lzy$3?0 Qp CyԬλ +iL,އS{Ma HHtJӼpYZ_r:takaT3I 'N8׶CߑSY}քQ*D3Oa b4BO➝ 9DCe?y7$Zy,F>gF]~u3:ŦUKy}-yڮ >W4}?rF@Ϻmwz%94oT{ĎcJ~u|ֿ.YCɈp1gί "7?x^; Tk{zB¦$& $^[K'p8ϴf;3NO O˪"~ BE(T@lp1eM: A/ZK}U v֠# H-=ϕ qqYYuJ*@+8F/PPxژh9:51"Us[ejŴ `1qD-a)KE[8_e'+3\g``Ou(C}'{S7y@-_y_(4$uk^ ;bܘFx 8 D; -= PѲVu^oBQ<R:@-k쪾B%7F4^"UXVƁl Q <|=%6Bx^5 #~XXGNc*0i!RJdBwCoaD UWCfK}4Zn;}^kPNT?hX+n׭/gBk\|:ðl;t {kWLJ,QW,=c n )/wU+F#:aB1hR6vqL뀦Y}wT"Ŷ WV*"a7[\˅jw$!Nfj'w'l:\f$ a}vK% {9y醎pn3+QVĠRֵ| 5D ɽ6XgZBO9ӰI*J!.Rl`H(9C7nb<ٶ iq61$%N!"35 t+ X4itpiŤǼuآƀkf!aͧ{>:CxB`oU %5Ac\2r98M\PP,Î'U,//`'@bѧYw{r_KIIN yn |6/ ,J K0w8H 54D,4OMvLZ^QAܶ/ۇ-Ʋ?Czɛ$TZXyN8ctz*VΏb],3S~b3΢OF޻`!Dly[A;5j]A\m7H `4AyvC4s"5ϯWrXZ6+ōc-=6ri\Nsq9c{D)Bm{ޛ iXSљ΀r5 2J9#u_ֱJan`t[#X\W&Ifo\AoJ*j }4sڽ҅pzeS "]j%0ˆ-1D Sf DaH%sUKl/HQyA4T$Tu^ȜsCaLJ66\8m yx6(*֎Sؿ/m7$Mot6rr_@U-jƸ(BQ+W-k@X'W9HqRĩ`X2R] QS\,!h=0?ys3\/ϯX4\ I~ʒ]b|4bxE҅QyD$O9$[ P) "" 1b˹ i|Fm0ž:o8>b%v<#o˫m5U8тZЫom ϔ69zq+3ڟIEv/kXy)rqK6TK@^{vGZ/nm+4Ь(\qͱ(%+:צp] Qʺ/oe3Dזu,wR[MinelU׬͌|z^[sϧ6K :dTh&CYx鳞Xy|Xc;-tݷש=>dthqʰq4Xuzs?z7ZmKj$;l),Mb35rU \j;j#meSNsE<ɽUTvmѡVlȽ)V'xT]wVZwgTz֗ c0}2YSbKr* d|g7ҿ]Ul'}oD#' ;[x̹Θ|l{ZQEIψ)yv%Hwv|b" >V,Ż,BFH׆1N2ΔjȗQB C ~Fz2j5uwNs=zo/Y0qJBRh8á=~z-J)4o[F(M ش;btKMw9Pj>4ZZ59Is7nk<C0UI6oBkW ۆA"B(P 9"ѠRxr 9J%=>] Eܚ,xgE֔ (Ԩ*=@!r33i fgMDZAƘ>A- @WGiղœ<UP9Ff˻(lVAZGkj'a a ~P:Ӑ Z, W-ho X]nRZX:SL.W[%̑G@ (H0Ή]+{pDƠl&~SC-KŃ Əw֧?`c&JqGUMIZ2x}I1L)3OIjѫS4.Qʌh[(B}2(霠koT=<ُ>r.G*o80#7S$Px|`x3<,q:Ku{KYulNr ve|O;齵;>-hNR Sׂ>9V@ȑ8&}"`y,2a0TJGղ!"'GVIgN[wn_}۱I!C ]s]uĔ~{X4cA3nbHpDD3k{5"bO|mmm*Y3=Q;&I%V\?'s`!Sk!0Pz(D"J q4HrN};}9|Rv\!Àkד_uo$1+b\Lo6ŤUWZ*ZǓA<ΎP{c?6טQ nB,ST\P+0UߛGDVCyDLJ۸~%#@viSQ?V3<oo~4Sa|N'8lCzC".8 eLP=ZS%9[}fF4)x<\"E@6ͳaZ^N$r^;>z+>*Frv1>+D,<ӶnQ-|<$qob+vg|\MW5:~CosbSw0|JP*Z EKi bjQd 87A޳>%1u/D<=_}(=#rеg4:cE}C@Q k(F>Tݖw Vvf#O#$11x/a0"&IHCqhse\OC?XiLߒ-%9o}>B4%e)J`L0*1/ Es{n)}:VU3%LBDQA5Ls吨^uLn/r&CLD,zV A[ipr$Enm읚?hMzq}iѱbOZ"EɉC T7j7FҾ1EߒQwyJ?wq,.7Ǡ{-lCCpz6ZngNlO-B3ZRA罗xn&]}{qKKR_xJ)mWGB 8ߐUQh?7f8%\%|NHUQN <\>waM6M /5xώ%m1v8~|]`$c 5̐H'Ta< 87^$Jgn5N]}85 &GC5Wl7J@~A Oxe=R 3sA4Mj^# `pe[/"ЛJY!%K:ǥK3ʁBtr*1O($!GW@]xvN; !5?/ggwO<\3Kg%IcC[isSz6w*CW[_jʳqC]@ȗc{W?VuL]ǹ^w:ζ4$:g B@ ;!B2;]w%+:+WwK_G_RUwVqf)ƻ  ϿhzQz` ῭'Ss W?{OsΘWOŠdRbwlgq^d5NKBK═=}…Lro b h~kt>XkMN@p0>r$xWpk30`^=òpvg[ t2])PNNK]TE+qVٰY.Z0P|3>Ǖ }gМ X'xuJ)wpi[ŷK%{jb/ޣ{ dPWڞ{\"ywG} 5S4hAhES ΃> ^]>9SmB/6DNT>6_E,ʰ CؼP4d0ay~ɠ؉tlatPy r&`ldCsQ~ ?a54t'I;O &j4msB޿oR:*9ǽϩj5BW; yClZr<,+H !־Ra.9 WMj1qu[qc62ȘFTWdI뤷0pˣ C UOAX} 5 xIn,K:1p`3~2 &Ƈ$1]On {'Q37cK-6]涏{ a;Z+zЃZfb|p)9LR e)ɒm?&)ņ:l,vL4 "] 04f^z MźG,3'P7e&Ōq8+7q|-Rt5VvoA^svד`eםcR/GKRϏH$8.\la9䔬.oY@DŝQ~6Āqya WZģ|BOS5)|B)s=w3$ 覢#甂鰀Nl U)Suᾭ  %gys;`vZde|Q{z";9%Exc[̚@T׿ʊ/^N bٙ=I{FN  J <X4 ":gv4kc]cPiR ~wJГ,οL[/FޜR*4F\9"q3ဖ_b/}Hu r;ٝk$g@@D"*5]?eQҒDUZZX=f̭;aU o r !7=lBXW9|hN9sNޕ4}pXI`) k *T wonj  ी ;x҇M>/o{P]nb awt-N8׬fRkGE#4Zš}YXAWtv `:2WPD))w VStAlTd0<Dž*!qܽ!vre2z竇aҖ99ȳ `!NAZ>~zvA,V*Fb :2 s!VEC394S0ȸnLtff,67V`DQl|+"եݩ￀q6l2XqŰ}u{hm |7wyb3MFsyy3 Nx&^7D  gNa(YIdq,- ӴõB@vʵۜr$!it7]f]#~h JӒ{B&k'8eZY}L]9G{[_>b1u- *$Te\ j7@Or.sE RMAnx!C.kCN0Wf Lgd rÍkDn[pl^dM?[@{x T+:R.: T(B$ X, >#IHicQhދF ,lڧ ^v. >ljLx\#l;ȷ:n&V6T1#@LBPJLb8s2`ɩKbإ6ҳkB:^/$s{w&+g RNte3^fG¶[(tX=^K=Z0&j~ [@uKYƸVU ORa2:Q]fp͜램J(DzkDx+F>{0E }ljHgŀ< /K ݁ rߡt8N9YQZ5f,1H٬(֘Wt448ָVؕ 7)fAH%IӿrD 2PN$ 4Z5_1tlR`tbDR$&M㨳&pGGda_N0jp&>H"~6Z%7{tT ;l+MlܥBmBHw3[4}ot= nB-q \ &F4zhMPʯٿHAHW0HC,XOCIGyÅTRAD&A^7'\|4ZöZ{ c0bȟ t|TvTJ.n?>7)2}䀆j^x1[$p أOAu`6me a?;89{hќeοLtnm0kaR΢bO r3A9h9  !9)dyaΗ}uCQϰvlud!踋)awSTJgm*ȶ980[MRMd|0j'}m=KU1yL+JnB݆ 9J(V]PᘡڧD >+ԺL-1ڬ"{Q{ dν7Lq{= xDc Ba콦PЮ wg,aԕ?-űCuRy6Mϙ-xxM;IzXYq˶w/kZab2_=6*3(2=V>h3wAoPq.PM ?_k^]ٺ~Us9}7`!0ta>ȸaL{HY?'1gwן澙=OO%tApB1U!uR]0$|w⹞w?y~/W[+\AѷBL i[n=Uhݪ9B7Iov gVq+"{?/:(ҏߍ55!mzNs7Ac1 %Y>P,ѱ6I\+{+J%F<̘:$RY?YPW3Ppj VD磌U_d#BĔt&OhFAy,|鳓COZjT.Ic!8go4}:̵[1K x{x*L=wvqG|KA2d_f#sCfЍH;ա5 Wjb3/ػ-xm 4^zƔT3S˞ե^IL16@ "0sȄxql>j v~2!Y[XΏ[8I,!21C{|>'Ύ}[ZhjI`N*ỚM+c׭2q ? 7 lXzyNVEFX{(Au_ljx6Pn{=?_Ժn{gJ 1 |(md\U\oR#c),&ptn IPݛ݂$}O<IGc6# v B fܤD[T yC`D4Cw{gt*7_ EƏCݿdV=yi5F 4 u>Nf(k lW"Dګb DJd h¹h*E1 WS`/wa=Yd(xN]gyh՗#\;#lPX'܂=&>-kGFB{{sҗC7|m7Q33xGF3lqDI-*0k<hҼljEtxRw_H&#@-t Z9EјJ^QS@\$As[pUbk=RDܽr_n[mFF"2UTp; q+ܱLb6$+z$R<"LhGri04Ґ " 'j(מ@$*%-b)p03&A e Ĺ݄,}^vpB"!Cj /Z i:`C0ԹݩJ"q2!jpH#U-$"%)-_ORLJ5Rd3#J .S {u|3VxnzDCH .s1;fԒ?)^GXOy:3$||[l/~~^a]ה9 c'_Mk &|'o=t.O Z!5R\BNz?czmq%޽FPeP݊42_~(W #p?_91D : -X_n4* :=53j(hO?ǂ AX*Ckgf?O^S;)=bJ(^I+.D䄣q3j%n]Ɨ,¢ "RŹTb]0,aԡBOug "P~>-R Ϋ)Qs!by/-xY;>εzgu"ABL"hNbXA!)HoB+^#H.ͰdPI8Rتm1TSYKEǙb'^ Nƽ\X."l^f—@\Hxnp6a_ 9g8,Φȇ x<]uwG^zGd^Bq|"߰=pB"0C0:z :DuI6D?o7?]~%165Wxm4ޟO(~{zY:/'|7tߗᦊ4ܝľ ߿Ǯǿg,'~(~()9!Kn$ˤdrA1L̔3`leô~bX2d|cW[ps@QB:آ}$9MI鯣^mHa۟D0pY=C)h?6yT^LxAL2E j*t2D'!zJ~ /xFd%LXET΃1"0>څ, ³qui3smX(]*#OY-Vf͌VT?Ė<|$q!*fL%e#[ڡ{߃3сUtD# @>^è]}Qr[cS !}t|YA1cB 2ߧ_zwZND@$$L8 %">V>pwT0*5`hR[U﹚5)hQe ͻb,_k:][ФyV0~˫̵W]_rP~Ks?b4̒Nh؃)bsG, TW7Y~?_N?nPg{.KECvr}Ҳ͟W1{FF+\^j "h /R j(Oh';Z(SP~i1J0p} "4Ż}/ƅ7_X>C抳2JO~@S8 '_iA#nE_ HgŨc]nb~ ȚBt|(,,H26k_  _õ7wJUq\&$pduQymtZ"/}~GE?0卖@+^ &- En"$olxX.WxO~Y25w> o*wc=ߝ0~S1}eojs l,}sQ򯸝6#ܿ3x;/\ROrUC~Ĩ~ 㟁n*1QFXRI"@N=(b$A2 ƈ r`a2]1+p~8a(&00EV3B*THEYwRk-B$ 723p4,*"#+JT/"? ZǸqF_ N욱Zj&C 캦ja*njINgP3)DrO&}G%W-1b1u8ʷM[kK='o[QYP}&JTW T޻94׳6<Ó$"N4F>\cU}塜rά?ܱѹο/'ӟ9/Z;:=cVy*Q4-4H`D2M4%a_mmpuo֘ _vy.Gq> kg+}}*}Bpd׿V6}x?T\W+ˇrZSAqcnws ouc&)p.f&Su8OzAߊRxeC;~)\gcCoDȬf H&Am?9& 5~v>D)Fն7~nae_:(HG l6m ~/pԵ0`v)>=:]0*A  $M7$%‹gp4 t6 2ީ rFl5Q6 9.4q.GhDhR20wL Ntϓs' |ᖡAkQ Pk,gFe̓ Ź +[b61 *DK" A"\Q.h F0Yk8֢(XU愈:%R+Mlw+&-Hs@G\k4Q4Za|[.(#B3Ń0ᆼh5F#w B曎`rbe`7MYoX fqVƀ6:#\nN*#yN dm;0`D%Uex(@"Vû;O<R,UʣW"]ҟ)\+!r1-}w,C8⁀!4=WA< Br2"m<w #p`pX]b=K'Ȁҙ?3={(0%,HEP$ (c BD c}>y{SWgTg%GxZiWG>~#=Scuwc3\IF(k멅H@2$]6?MS{3ykD gI^%Ξ[e"aZHkS=V[9ih~wu`'=p[{5y A|лcdRHM @"C(q}Q^Eo'}K@@~Òă<+cW"M&mȘt~Ǽw׸@F~=G3pyLn}a'@)-wGS*\d>"/,}zɑFϹ>@,^FH&g 2RV縤񟢪قo<x4GNk9Ƈ3!CAKu>f2lHH%)D"&N;~/@r>s2K<. 7c_lU=odlAC:έOg~Gՙx|M1|?H|Ed_g=zND+.ihfUE_!gQECz9nkeB#\}&[#!|ӟC,~S$t 54e<@y "9JbP~!C(̉E;|~5b!|Yx8~Mvxq<ܦo)w*v=eWs?մ⬘ˡVj(kab@[l@yfU=OݩkK}{YݧQ0:xk6'莆q;8t8B _|.T>rЪJ C 0Aoೈ~O>_7 S+|؞D, P(yϯVA=$G !4nʘǪ*,:o~蒍H ہh2&ycȥ񩂥"hi 0^+)sZ H(vJ 34@B@ kU1AHZ,"jlma)SxCN Ö`MuH⩜?sZPY{kc*b}VEk(pGFvƮl?i& @$6$&vyF'9 q$B3.ݱ Q 6/B%:.oao? lʏ1R۪ r7glC?/L0Dp`)>s veD.U%UL6Y}YM6RXH?;vnF7m-EO %T3 f7'qif u ȶryr>oZKɎWcCz3=td&2uohN[ϓe1߁rqo w?#c]Hϼ06_yDx b [ Lqaawvm2,ws8,jFV45ƅ$uYcqXJ+::x,Ԓ@֜Q Vk/s~ci0s0;MNq/34 %*#%R$)Az  i""#U&_n,hD L4"L?LoFLGbɮ\ E0 Gr_ꚸ)$vd=_ʏO_.;]/AߧSPV\Vj {!I0~ZLegs`ud~oI,@mKN_y7\f:Ͻ fӵiHM?Wڡqa:-T>!/!AChJ䥲5R}TPһ%Fz#A O9 b@dT ~C`5i]iP!J?@FW@ܓ3_m VC47%nUc{jn1O/@0ĎlK\ Hd[h1ေQn FO@Bᩒ$\RHO}P]%|kӷB8Őqk?q֕ BBԃyY P#j1; Lj/iJEf@ר+<.h` E$wf84Nʰ IgQ 1iՠ.-t\h1&=&,uZxYQ(qk`"2fg LNZ(/"&*j-4_!)aD޲oqAO#9ԐՇ x@qMNO8l+jpAo'x0Q#cW'*:3k6gr/0/oy=w岣dahNRU|v?,ע=Kb[m#OlP6 k'{Bi针V쵥U5zl33k&i3pyc4_]2z99o?7;orho#r9<-_z{# nO&|@qC,0=KI ދ`E )%Lv!⽣VИn4DO{_f3""4.WUZu:ٌؒ߱>msסy_:?' Zٙ,e8 He#Cj;l5kT<،hq;tyNke.C݁==ʹ$ov}gwOE_:ݞs:=Ĝ<6Z](*YGgݞg#k%~gy{fqGR1cqx-';ݳ>̖~a??s> ;ww HPr+A2A& IK3"a*ei+6E8H[b3czyvADqY2hr%AVF>EVwVҊEj"vmcKWNc9x(/w{'{QyE>h!_'~Xow:+3,<):ƙ2$DX.@B,ȊBw0G2,[,ʦ.U7^"? oo/Wߟ*v?pnYI+/1KGF?ɍû #oqvۈ80򷹟~in / w&G!!mf +_ޖ]2gBL8e.|R!@DHFod J IZ=J(Ϩd$0guo%Ȑ)f- tM^jVZ|Y3F@19[T:aS0l " r9. 3x\o0&p %?k|+MZX~i43h£?']i 39[mQE>GE(=WKOPyªV>~W5$4cѭ MlhB 3j#pp &y&hK&0f~J@\\6^BW߷O*:0"ᢒXB[QZ|J^YJC#4?k)UY{)Ũx~$!&^_y)n/2ie{_ 2GK}+'q-!oW21Xz~Oxk=O|ns=QyE{iK|ߛjw;zxYCUtRM`w5;pkw1iVVgyU}tm,nGe*wgyX\ng\5aYUS}qōaA}k9n*|T CuYO1/y/o{e^GP7oqc{;g劘Lp圵?oWp(t2> bc~YL^>YK)Q]1-Dsϡw\+H\;ġ}~hl%>w</_JWq0[Ě2tXfY$=j7<߽x;/O|]{N4C>u;_'?u9jì/aX뫲ϺJi.sxf}cd;u/qID'(cdv _DNSD@GmƓ5A]:mcR?Y뼖c9po\$]9u*64w+sh. =[d󿧜m=̞IhN^N% ?[wɅ gN7] f@QS %˂6xFo8 U<өFlEM=dVk Aidw]P4#"4e")lĈM5DQi2{z5`hlKTE2' ݟnՉF&<]Ҙb4ݶ.d}j-ngoy3{LOH֭tү?تVmAV -*UiU((j19 EDhST(Zc>}ha+zthmh@&ئ:sejakJ-5`Hຓz 4Ln ̎jc62toGlpdתcƄGlwfugx`unڈ70e#)9ٽCSR6]DQUQRcU _ cv@벳QPP|Δ}?J/@% @3/ޟ[պdG*{Qs::\=SޠD+ѳ{;}esTίg9~;˔e8G͌R'σ.z,}q"(O܇/d 9Ad0bAw}6u=ox穉kqgc]sKUow͎.sbե8 ~Y^./T ;b MrCܹ(Զ&wU[nʗk|1ugwq.f?/X{..ٿZ[^?!H`.IQb@v%~(4$g0 @pXL֐Q9*A$"Xaճ0XJoM@Llzg;d ]T)n_9~g8>-wռPO,1ӔݑLlvHD%6'kkA-!Hmwб= 'ZXb6BE=EO'%0qǛxԧuCϻ?㵉vn.W^[+ʼ<ukDžKzM"QEw~(¸X?Eb?{DO}Av)j`j:#fT\`'72 W?1o[;CNomi_1p7QC0K7r9Oi/ʶ-Xvn'X d?o'Nj<(ӅDn_$c Q3BW4iab[B#4\)|1JOM1Qg[&cGH`bGdN{Z!3a]!00YŠcw.!Cbԯs <)/ְ3/c9o̯~?w gdQC0 P9 @iYw$;HM!9 s =mr>8|ỌUZӋWPoq G` .^Gr{Ռx}ieۤ4Zyi^e!0ZqGG>i')\@_h #ˈ0#y0}Vt14IDKPCB& $T ;ĹSH,o,ifo JZ$Dpp+?q3F> r:Too_X`,:q`{G~h~..6NO/a~XA D éL?j(Ac2`:;?ϾTt4=ĶRk &tBKxqsc.Ah5|R[>̾y-WoˌiiO7jROT1ƥONQeO9gx֎|(}V8c2C-w\$\ ZSxe~_cecp;~< O1ݫ2{~h:c{21DjJ8jRfL^%]<?5?1fP9b5Hڀr"ƛ)H00&;&c(mO2=p#O{aJ#E]p.Km (w#]NVw笅lT 4)Et!F;#r*7r=hwQ1 "Ώ 2_{G]Ez8@p)կHfv=Q͂9JJɉ$%@EAM{ QB JesAN_ӻ@Q '~ }ï]tu;q7!a5֮ƛaȢP?*)JTg-@}D5"NHR";/(,~u,?x`$rO%HĊfОU+V^SҲT`W!@80UJ$gLz*w7+w#EE 0  ( )}_Xd0$x>I5ЂhBJ}sOvk6Hp' 5ZFkm=uӉ7=M, \Z}?:N UPz'Y"C/(Y> ȹ㘦'u7YǬvid7]}*N NPR`AU)q' wڗq{$f jaJM5``"ev ZABM`o ~]j8k@ھN~XvtuU,6.qEx 8~y"rc02(d" %9 5%Hl$W[B܇BFzL%0 R ~ʓl܆#1!x4gzqB~m=mY""^_PHo[~g^UjkO>6C5äEw|~:v N-psٔaHg;ٻSq8j1}/I!rYH[It̥Ԕo,d(F˄N>gr!Z#c Az[^8 d5 ?B"~2 <0'u FF=c=1lQ_UmH$ѴLݹ{n]zo\|R0̆C Du%2zg@J@܅[*,삀XIYqP9@(>ڟѶOԒDqbG#zOګF{w/Zl݈Y `jȺetIQ iҜ:~i-:ՔoVUE@LZ\UyDkټZ3>n #ʿ{@0!/y!'ڿTt#˩I_*7{5wS2U( I`D9WcQLSȌ1BHi7!y:^1( R"H pd HPj_Sw.foYsϥBxRi$"(ov:־1"@\p=Bȑ>c<&R jqL=!>yHXGR .bcS{Z&-vՀ%>SDH"=ƭU-@u+s"9[uCFYJgI\^y85o~X#Ϳ+Te8:E.rd.z#Hcmv#zxt`Y}>ʸIA@E9gk2i(t:b_s2=TOxe-",*Uu 86#wg9|oaRUk&cr膾L1͗ߏgWꭤLy Ą[G4:~!ܟg9YW\d9z9_.@v @i.Bvݺj7^n|Zsh?LYđ׶ 6h&DDti=d̆2˱ԁF@5Cblv<AMORTm| üsCh8d1~U-aAbh^(b1@"?P~u5X\K0sķPD0E5A(?!AMT㹽n 4hBLZ+j`]Ĩ.pnlknda:Y)F sV-+Egwhˍ$̇[?|F>O^|;+l/[}R.kMtNıMq}>j%^{}«}s 릳qc'-iNg#KM]c]~n5s3\˜1 ឆ_[Q]=jEe+aGp_!v~WH⟻ *TL7-tpffTyvΤkXq~ѷ1Ygne,\mHgrw7 IrZP`2!h# &TT=_;xz|PN3u7 o 8 ߣwi+Lqd؇?3fA~%.2<svgxgbL&1*\ wPtiWL WZ)8>TM\;hFQZz^=:`w]ݫ|})癥[;m۫];wcNh}@ {[}έlN*=mE&E =gp[ex%aB^'yÒَ۷W=ƅĮW[H-PoMT+j76]t`nN&k"cQXƻwav;U] qj5֝8D^v|.24j)몽Dm JNuR[i{iQ=Iuu:j(I twH:k+m*J)[0+ގ6@Cm-P(%UWaT@ J@(iR42UUHJwU[B` QD l(hPC*@o|kY4=e. y}îpWHֶЬFF+ӠRcE J8>!oHy]}{Պ}WoK4M`w M9ޗyh6{rnCvcûJ7=(>{g^R{m}.miEY(ū4m`Bj]x;Vz{{0X7qX)\9dgVbucA iIk|G*iU-hRDQJTF;KǯVVQyuEwmPL{eQZmr!nٝ[WY%=I+]=Ru&zhmWU@PP@G=bZ7}Ҁ}>@ 6bTO wH C}@ DH)47}Vo;w*@O}  7[ 1cH98=$ RxT*&خzJD{nc<*)HjTMjR@V{jiyQJ^R TC}n҆hjT* 1 _|eHL&ޣﻍ{ TJPH[h@()*#H=kd$((^Šn@JZ2v}ov뻅;SoAwPw[viְN.`Mn ºhyz c:;@R@_F=@!ABh@( ( Ph M@#AF h b@L& &LMdL@ y2zCBc"zOSIh5=  @@4LLhi& 6MJ~OҍɥO zSI)zCM6QB&M4h&4&M14240&{LRyOړ50ziL&OTڞLm؛H*cm4J|`]h̢ 1b!B~q>s}0Oy 6`eJ$!6B$% '[d*M+=;i6$XM 2NkI3n:Y9T½&DƁzj%!8sPs}??]q&p~o5yP>2qo+z3 "*'ɁW$*PaEHH{ ˹ÿc%V ~  \5lWb|D=}PgJbS >5,*` !m V[i 5CZY]ҝ5 wfE7~%)xtzԓ?yO"?Kq$Wi"]qb1W-MUl ! 1F``,0 "* ! 1PD  "X(Y"H,0FȠ( EHTX $b)$ETQPF_OPRAB HQ$@UX*","PD"X1R" * F @Q Rj:[yO{xLJAZ ƴ1ʠI1uW@? /luv:qDF*NAoj}bxq8S(wwMQԔ * yi賴; M"w*#ST5BrsK3w/\'J`ФVFAʳv-m1ZdG4.-&HYEڋ[,'$Qte1,I_ '4Y?b+>09"JPdE$ x8x'Pkg˗d$}t ٰ0 ARŀؕX2dHLb0*w\'_B`:9yޒ6HA}6!7O6ل1`8l]6ߋ @:1 rn0!#c'd֐ ϲTF d^M%YԈsܔ)*L\ZTwHBU)Vj;;I bm;5)G)( 8."JhhH Z0aLftxB%.c*ԊUE=곥yMv F‘hәɶB$^sRє5/ mam}b/\ N0PVV)"η׈SXCZhΕ^MK/VH^TR4i#ڎ(rr-i-Z;eQ$*/g2iŠ)A7&]vQkLhdxOOF[fCg+YFKYʉSWG>+J֛XO.'U (ͰQV,9\Vrl2 TUjcB|8 0S H: Cr)?^R鉁H |mqo#jInme7M國}؉9C\`szRUk%Ij"i#r. 4Gk%E W@REYN/3>R]m9R!pA!m4pg*ΎդDABdR'tw uQtwH5f^F0UrkSw,r3H(ͩ"0#+<;ffFTأN1{W콁' l̜f7UF)!pXeHZn/rx\l"DZVWcȉ,LR˜y" %# ]29%*N*+T,FWԗQh>Z XcI 1UC7m/XyPy`+\ZZ4Ֆe3Jj"VqwcR,mZlfdA*sUU,^Fcyc)#^qd$FLmW5֨>wEy AG(H"cV 4 AtR襟[C O6?6C+qr!L.SX!&%d8HCl/UZٌL[5PLKb$b8%եYcIߘUggSKRHb51bBQf@ &6|I,&)}8wm90@!lxM9 ),ٵ_FK ;M&iZ M)Q.Ed%FLJfU5Xj+0-լ)T'8M 3W9j)5x 츶2f'+^-_JȶccYMZNjg$ShzL<+&%8i{g@Q!Q(d,8Hs*%ڊ'LImC%۾,E(rZO:VN%A%:}R*,IjTz&^57|&@.zT  :&Xr6rζå16t^BDtl U -brZQ[MnEQ(V̈́D&STs_K u j($ĕf\cjK#63hai)X) difEr7‡(k!0& RJD!]5W8/8(C4HJ-VwXWiZVaCbHQ0c)2aS5RLq!PLiUnԈ I,Ɠi7xTRU,UPbs.N%C^qYtEfG ,6I" kZJ=ؼkřZ}:v娛1fWac K ζvkAb\ $ .6ktݳHA=W_PoJ5BRIU0th2sOM k?]o៬-[EzzC!r]t|K1Tøhr]:̦UriU ,%"DEbM!J( EX%'WKݥ2*/Jw |rgg5HD03]VhᘒL]#pJ?un?}ٹl>Vj|IAx .D fvl|]σG8 &S%*}id9y{ЇI1nuQjj-Y_Zd&{/G8ٳ rWt~-ӧJsڮ")pk_2#0j};%m^n 5yn3zKm)B+~TN:dz5huU\qԨ\W^B?tζ*'T뱚Rv+gI綱ne0Eͳrw?iFIc7E482Pc# r^tXbɎS* *'{'FdĨQL/o$}/d Z 饹߃qWkN[^d鴳ŁIzREN ?a"ec>E%%a_hV qG]3){f=Jա뼋bՑ0Ni ޫ˧Iަ?ySۯaL9^&/=7Y=:'DNAkRY̘[x+y"-N7q+Tq%< 3n+vz[];)sGcp&,"dXAQEXK{)*E3-9;JX~jFCJA ¹I/^|uVcbZmzjnoym3@}A+cw6<?B|4!;9*=U=xmG>)~ed.WveI&k>VQ1ȟ#ibB*kC%GGҋGwzXpP~VR;j B$)S n#Ou1d3Y#TT]VL_S!5)&AT}ʦjNQ8e=^"h1NRNz>l󩠠=ϥ^ >I:1n >&?Gy-0|pKp(hsN--,S> >dxf@ˀ{Q抰ƖaBmkM 9w1O"+w ȕR+ trb OWNJ 5 jPtgw5:T\讐l^&eI&4?F87ܤ I$I2V*)UCO$)nԻn23A{_)q\ۜCyǯY?M=yQfCNM#o54YvuhO'ѷ3fj3y{ { s-$M)Z[v^crxwb'6wauW*7?~gR@q%Zh:NS®ܪԻå ml*1ԃn& Ad? eH3t>_R"?F.C@ƪ!Q<\:G"Pȱ#a+%+զ sdه93n1nt GT֥Lܫl_hH,;K%cGd;6t,z3L6(6x{qG 2 $zن5ÊD:@9%vyk#+b'(r/vLVe1vńP Bk֓j(XEET 9Z #n$2Y\Xᖣ<(iI  H` 0dP,H+" DHbE1Q@IF1dQ ŃE+UPHH bD$Db0@HE (F0DF+jӀJ>^Aj Z~'7 $ggw;R AdPTbXF""H # ő` HdQ@EQAQA#$PX(UłD"AADH*׹kSXA^&$K?W @N#$dȷRLL( E7~/n[ԿpmtaؾjR RmrNv8.-[E8bXOFmYRԩ Q#0 D W7lSoau>4b0UE2=I>N$ _ZRKS͸ŘN^$QXpZV S6RnGP'D}K:!m>-/tQ-ب#?N;10A1<_N6dPb"`@`DRa$$X #HPQ,A@O=]F߽tHu̷b`M^Z`HvVB(I@TH @Td2dU$'$m}GxPAMt JI 1b,"A`,H(,"DA I$\|g0تAAA   1o"BZ o 嵄%s:`o9 CTEE50<*_VmمN !7a7hԈbG=Ok%Da {R/箰/dydXI&E7guLۯS:y~L]u^xTvlݗ-~3cW\1nl`IvĮJӺF@ԼU $Y[ ?fGSJT}'Esӕ{§p҇UTؙ+$hZQVFqO#o|会fe!cL  ` D֜yJ6%l\EQZ'Nd 4ڝ\2obn1n &4ؠ2Y;əo3EVb%[*YB0F}0HNB1(I!!+yp0rE DYzѴ"+wn$-QkTSSd<9kQ\EQ]Nj&i,4aBpBC e%ʇũ$Hhv@ƤeIU@7oSs&@X6A))@6AC)U'y|&ng~نj5PbmJKym^(c:템IbҬv1`fh!̸զ`(Q0EA *@%QUHpzBr^CDr ?YA@tu[#FwgQ=s5T%as3WI]&et_Tp0 ̨%;?(LbQQ7}7<`=3prKyRGOK9ϕB'"|ߚ[c>=A+1bTXb }/Gcx0%ٖQEUdUZha|'(LSLOwYwWia)<m46VwzI*QbDülc/$yoN^fh4n^q#qH?> = 9"FCJ 0H V8;')pȥ̖$MbI z{ϻmۡc3.cqV~KMaP9|D;5ЩI"b'TJn͈.pnL&=#NtIlӪe|ЀI $h@>>/=7Zt$/=[JQR#N}~ً *GM`H#*U yUoeNk˶wdhw͚ԹnP Q8ҩ}>.9Ꮿ" B=m_;}94t;>zy&1;H .Y42\A|>]m+rAI@ŏ-M=Z% ݯ+skʵ· qs~QωU4pDPWҐr52FbGӥ o r\HJ܃j@*@Ƣj&׃.(okeEv,T_L5we) 0 筍JhEGI-ч:bM%HRLq_ou; 6AZnaJhFcKfˤik[hB ȉY#zȭ1$: IkK\ KiupVTmZg6EA\̦#YcQҶ\swS/(M"|ʙE""(Ѫq Jcǣ|7VV*~=3`ju?)l-FHA·a8n(+Ѕ(.g!LqB\QfF[ΚpHm${nap#"ʩ&>:C]Տv;`#F_;D2Yd90I?|'/_#  Hހ(,/P^gӘy̞ꔙ3{$/8,)*ez / Ύm^UL=HI[Ƿ t`* &P6 ]"2xrFXn<E̩R ܦi*ԍl)R\zkβ #%J :ռlݯJ{`4 ~'SStqVȈ]]\ngImyh |ke^fNlnErcV=pW]UBI1ql܍6Ϛ3ҏ1:eV+'ǜ&H$`];0=0VH \ 3ZF) eHsTq J=≯a R1q( F9܏ÇAYC/x췟6^f7^%8IK{,Vgw)J^RU(U[z̮ Si:Zo\Mp侏ow^ͮO.zz^5fX~xώ=?YwFجsl $:l}Y9ED$Oݿ֌HO̿\)+Ih#A tQksyy[.+9tvETftY."_tI/z}y\.i%| 5+5|]eG&H<*t}_{9I!ƇF&D*7lg|KDɰi83];?(SNy{7þfávy؀do_?$}Ût\Œd*v\ʩJ,y9<V pgOefa܌jɝTם3Bǖu֞Y8е6p_5,wYb9OOhEJuԴ^_[PVRRZi.qں0K$ Z;=U*=Y|͝Soj>;G@+&͗r̬z+ |OӴ_K3o\*YRS 1 8}T'H[B>tu@5JN7Nx}iCu;ip~5Pսg*NqbW?ۜ皍BS P&V#0]>Z('nVwx6 Ǹ8XY|#L?nD¥`RFw&GMVdzϹ@0c/S&N+ 1)o0W5O}pعX I_>=> uZC`4=3+Tv~W f:O$E"gMW=oBS\Y~sZa)WZm^NfZbPlG"% @ gvT#yv=/o;7u<Ҟ՞uA[7y)SJi"ᏭL"+z$xR"~}7ӧ1Ud5jUW׾C8;7:D7RMqy2+T_'?g>Z̊`?1+ {4 ]ukU n52=*9 /;udwc{>__>KE>P{?S~/9zem4kXT'붹e}53~GOtzVm2h\pԔ(m T8mCi%["3r+?BM (|(&_hw"]\.)q{3jɕhYLu4y%Rk],RǯNo:1e#L{8a@`Jh;_"?qۢ |vRbZG{&ɗ\£5f.Ծ0)I~!2wE`}_w_'f[Btn8yz5/e2|Eҋ<]$iζXxּ]J ̗cJ^^gIK|3*Tz߻BY9ܺ*8VYbY=pKz1x}ēT}ܷM]P7Dn :IyH&{~<XVC/RqC/|=KX6kzĠ+]qqn_S70#3 :*)eh |kOyifUp%w'O #,{_cZuڭU׶{TT[h[Lc>+;MN}[9ƳΉZ^wz\rS C;NZLq |zNW[{ՙ,bժp4}ʇc3:?`WK{IVK_ΨҾ:s,M 0Nc{.~B^*{o/rJB;|f"$ri=w)v&14l_q0Dk2sإ~X q|PeJD@A` A#BEs9Z83UQ m?ewK%Ub(/h}Yvvӧ1 c3N&NxUx?/߮*xj^PhcsZa!Pz<ƉH)Pžb1P~:@P,V@lǂ0h"C1@ 2'+_ؼD*-Cb)(` k s‚tUyGuq+_e֡t1FSfIl)p3Q ,oi5Z{) ^| UO# f{sٴhܸoӯ{,ӷ؍fX:K)dx?;gi{N:8woO9v6Kx}|F ޱ}Fn*ML$jgA-kKx"b5:,aH'dLndR,Sÿ" l#թ$bs2`'v==f6ڟ.Y4-̴&21[)PysE[CLGW{J6-Z.edm~uW'!ZJ}XW>[d!לR{-=`zNq0MJHNҚD2d%"={}NUvJC XeeAkIP碥R HTk`5+szr*xC.-,j:AZw<vXMu$pmE&i(LEF~q+LC#D Pߺwv',QQ70ő]f*׿'IQ<^әIytsKN_Bf'N2ڮ ċ&rIJ%̶-'4C ұI\rc!r'!, @9Y܍rcGRf,ƊiP 7W|:^:`4a|HlR"t8R [5@K˂@I}^G+EF WIKnfka^PG,ZHeg4b.y(-h[&g1Jdk$ lT8oy7.&v߂mNo9@9$!qv6y\ʍ6Rg4km\! 5A K>%b+Ih髈dEŔQ +լ A<40`iQfziz3M `( ]vV#q׭E:5:aйc}MMEB+'ؙ1ʕCw8!(",H+UMڱŊTAR.F2hN WBj} 8u1HCfW)bm!IzM.{hoJ,|S(=t0^U` "- 50 Vg}]Sszq B!/Sp-#6 5~GZxBvd%.x蟥ު *`,)EyJ +/O@+A lpݎ2TEY5z~ w( cp8P`3\* 7u~ky/zkW5seITl`pe>[aQ0ؕ ;q/enM"\q0q z`q/R|G7!%y#()mL`3{ԇzAHhGe:/K7V^^s!ѱ`ڀX;UT/m1]M_ZPDD |$$)zEJGǦ oX!llO)bVTOv=fz|V:3|Q%`ЮB'LsPD <$ Yp$»FscrSK*b@[ NG1t|y []ņQŕzi)MpUXyרsykvOp1\^&m;|aO3! J.ύ< O*Bl2qҝr7ߞYU"tָ˔33e;8WEw6]ӌ 91<[fusEǎ6WA{XֱA9q[5\w;+΂MWEG8@Q[2t6ꉰ!jf@}Xkʫ2A\,TJ8\ 3QCyˢ&9GCcPvœ(đk{z1hBg#d* ͺ̸0i- 6 D|0<#_kE7aW YuPxN9SS›)$ Eb`eC]VTgUiMxq<'7; D(sJwRa.H(= ՑEp2:ў̀[McoaE̫)AFs ^@A]-4ެ Ijbwg}5Lד IK8aM% px/zf¤?)p0ٹjt6`xwx*0?@"Gx~„Lthnq b.fc7ݩi_#^S/O :.pp ze+f?oDNi( 5] %uw@ͯh-vG#>7[>_CD֐@"~BR,@%^(PT=qZ 3xf1(GwC@H*WK7;~R~z]xnsk2{@'o/6-}!b R_nɻ NaWTfr(;MK5a V%'#u~:[T`< S| '0cDs[DZ;Uד^`R, ,H1L5E:uB0c1 {ъ:뺕,E,!Bn;ksm8vW:Ds<綅Fb|JTaṣ,}([ʅ2Ʃ.L/-st XJPǗ(l~<]z7,3qI,˓p]`40e5<'vqWL %b#HO NK!@8>9t?i3{G1) ,WЮj]CbQk4ić 2I6 \,ѻiThS0DőFCl9R_C3Yicu8$SRzDDg1cܢ/`v82Jg S!'# @C{WM`|7<m&cICU0 x5HD`uya1ry=xWQd.zL ٞ 9THQyC!|Zr˛c.ٟ}Pv X +[@S"_ oXk顖 '!D9CJ8߮p$<.-u^b-4$T .2<+'b^id3$L[7@KJ)Bn@7rd‘( sO<I9<, fήvL.1TA/tDj^k=Z==<ʭe7G!E{|EŒTV$(tPQʐ]ȫl!Òbji99 1u6a.9&K6ٜژ&{%N jİs'q"N.=̾Ŗ2p"|NAHXbGD ^U`"P?p2ETnbsNwGq*4a&-V9y3g>Z#zsu9 $pl27>y* +ph'B9!$ΚHr%B݋`YVELKcrbU Á(˙ w+0@}ɘl%Зcv+B\f|iQ-)ǟJB R$<9nDRύ)1lt* Hpq1gӡP.D ^oQhB7USZ3]jWDzH;kߒSr)ED1)).sRfw82uɌ2kj^IbTfjL!R*8h! G3vJ`sWn@Xof3'c :ފk5͘V !qf1zP'DD>T(G{!wk:$㻺und*ayi 4lJp4g@0Mf-`FʾԎ};{/Nxm! 9 *УNF{A}5bs^V `ل8fk ]|_pP*:!Ҋ|E1)v8ۄD„fkǿǝiqvN0d ,xQ@!rR;BP/kZ',-N"Vn>$vH-ܦCwm0#)^Qd0 0dZ$@vh %yi1F3/s8ّFB~~~*2x!a]{ If@,*P;#7w پ*'V)MW@xj'fKa$A@v7a7EH#XE4O{!iμNiUt`w;I4Z$ՐcyCyɺ/+e}xn#kJISptKn*"#堭m;#S ƪ}E͏?Μ"p2 +~tw݃^aU^(Oqp0aE,(ja;ȱgs:A}@ '(MT\65'<9D*UF>jc;<۠ OW0뻪*{ZN, '윚{BCԬ6"!rADEa`X]Ďo&$3!d T ,È8Y4 ĞԻ;~nJNc65:#4dUkret mAL[ڙ ަrn 21!0@ۈ?eEA*A4H@xQv5ǘW~ū\[HE$"y (:/Pnfzζ>{p{v&xusVf̸>2A{ʶ˛]I".!B)v *V'>d.n?_ @]Iw.ա~!R]gJo?61Ƙ4D6|&9"%ZJMyn(B8@J|*FZPk y '̿s}L?C+_YK9{7 %n&CA.ױ5?,"HEQO᦭?VpSɃY&g)$.2ܦl -(zg˂z>RA XQr@hBӷs|cYoٿHz\"޸HB;.Kv1%ցL?NCþ@7b'ݽͥތ23pR=m0@;a=W .jM[X{psJr)@xL8 ?*R Mqqġ9hH B&| +~TfCtܵᐦa |zĎA, %RDž'u{qazڅR manD1 b piDj, z3>a'+҃IhCC3EήƔt4bxX1 9'YE4(WvTiE%H`W`Lv[2 2a"5iͰ$xwēԚC3ΥqDO@CgOM]HtP=G,. 4T/xBYvݟ^ 2CrnrɂĽ ;F|h^?$G6vy. WA m!-FBSK"+zca-y@I H{!,_N#)-Xb^@ poy A) !} P$ C+mُS= 8Ac ckjZ4Nv,(׷FA O[k7 , EYySK׷#2!4B {Ca;׶gGpf\x|D!Y;85xNޟ5==ޔ@9h125i:3^-jC^6m ˁ9QDB;Gc;\3:.kL2Y$퇡$PXd 14Kg()vPP]hL1YG2C\)4-+zX3!dHjdJ] Ry`B\`CԻĶVHKbmn:-+&łj}7rIK԰"y:tıǷS0 I\VdfGMP5jy ~,+t{xvVc3uLu<-p,u&=Tg3TlIkȽ6?#̪F3X;V;>LmHJrQ<)J, N3ȡU\ SO-&=.8@%vD@%$#%#8$ZwgD`6AOtuҲ#9[B>/:JE3-Ǟn|;} E PA%[qz(^]4+ 8=W68gMjm@mytSZY1wۋ?yIqtK=[ag$d>wCI%d.洣"J 9DS[P t[}}8XZ5g$h?!8SjAFMm'rtJ+G4~쨡%mϷ00ヶ4u?Vgl°f"[SU$&V[:͝h \AD"`V[4ity YDG#IS.VX Cc).=vF?UV3c~.#"gڐׇ)zP5CCA'Xywf?5ȐFږ}һڝ a:{t1r{cl=+KCOG(v%ݸR% !SΪtx~.lQTy ;ȩa= >.6GUuü-ƺI' /E~V-4R L+zö%y< `i-rGvЫ , ?M_7KK0'@b KX䜇xd 7֦O. gL@=b7T+>*zKy$`b[J䞄N)|+umZ{ xnU^Ӯǎ_76LG>Gq(NU:*KμyzL?,$1'=G`Y@mJͽ=#֑]ÎA!%ODǃխR`Hx.Yx $2͌m[L~fi}OW$~lx)]ꩆWZYxA(A9oKcK멆҉DL;+P^D?^ K rq8c*'unی" er =L=Y#קn YGXO K7!A$Dqߐ!ʓHH ĆHCE[/fęN:aV;TU ǀtFzLL;GJoNxeWV B$P1 +=/ =qo>;`2@ Ł"q}}rsj!s9AM"lV KhFCڴ>&oӧ-E^7N*ӍL™2{R!iUd<%/ 7VI*"(6ʪ *לQ>/lDl9ʵ [.I[g/9й!QTLje>V joQw|#kKg#lM\4;&WQ@L+ ('uoLw%#DFv^qysxŗmr ph|N KY#jXX.u% D.`6`=q)yLQ 2E.3<#f _-cM:{ S@u#y 7};&4sf"cm7^<9 "[Yޙng$0dI.zL,cH)2v-n-&R TFl{ae$9Ùox՞q *5ϤM euP2Bdu)bs#ETU&_d- c-j ^a5}" )Dol}ک7T jzbHq9ȋ̳#*γMX,,lB"W䘩ZDz=޷ݥ3m6:J092OjnOne3B?mP{q+;uOWAŇl,XϘe.QcY ~C0+G`gX"eyJc"_}AasG2#@g 6Qmz)$ѓeXA#S5BA EU!xԏg>GHmrBLzѾ+;KjQm'A]Ȼg >^ՎJ[Wr ґD!,KS@#ᅵȉkaq쭇506V@eK ;6jC qToY *ffK;HF"VKщat 5.. ( 3 Uů y !ga :M fQ<5`U=Fl$BQO1v ðn4b ʲ9|7f1S> HtIN|WcekGF6Z`\fnVVRs#E] }zp #!.0@IIB茤H_/ q,P>˨D%8%E)A ?.U2)׶'e}лPއ}6@4L*<`BN7*|4&=}vRԺ&’iB0xxVhaqa֎.Ю8)ڔ6zLa4o=_f@& >6rӌHhߊgOc";u.m Nk)Xnhl;Ŭ<%RbL}:m1ֺ>M"#уL4&,қ3w ~خ{{p;5>*;ERZEfyA M$X@3@H+AfA>zqZ2Ck"Q倵~dI׶l{8J!P(yu@N]x8 cPE DCǧov}w5#fڴ}!!i &"c[N"-Ǎk%CVl^rlmœ}_M̷W<\Rlѭtio1Zx?yJ.2Q/~?tEL.<i/;Wx_"oY9i,9E+]\w P(*7U^Kw:`E8 Ny'ӯTa;#y@Uks<ZRϟ47=X$~9N^ݖGw٢F +WLu*ܕ![H8 2Bf.9\""$$%+PY,48W!''Kva$'z2s;Ȼ[vV@ 8aO ,ՖM+6xg)/!7 .]2̓X$SS&MlWxG'H #0#[o3<]Hѹ1fKهmVkMM# L"PJ X%h!v[@n+z KgzQ4EPJj y-`dc#;%0P0JUfxg ˷7^YR]&IG\GX>'aH0bw8+گ"0DI~<`77<2`S :'͇$9sl2Hң)I] 0rAմlDM@a kVSR\ V0,}w0M ;ukoK6 ٣RI?P_i~b<پGsnzamS4]\M$g{Ҭ"B3ߧz6f]ܪoa+|Z$~T-9чT HቃƚO9jeGt_~\oj`+ml%RJ%:,'ۿRaPpcn=_=)LD́-R ˫>LmSV'Ku@Ck>!n:D~@=O-2E.(#}~#"@n>t.C&kڞJ1OHt]SDq߾;) D>1` cAa"QJ"w_ `%h(e(e-]< l%tX ! =^"ܼ^u!o,Ic P Hb <~t,g:E!I }$KW:tCh6:[IKQk')1Ճ @c"(D;xk_BnqnqgXؗs?37P3W;8 D)& \ڶ܉,X\ޔ.oKQ,`V Z8XC)J˙^Tu+),ǒȡȉX9HxU+._ųNy݉[z3+wsxP s>?g6r g1r7WUlؗ1BXhm_iitG߾V+|9xߋ_>Oth'<\K] 8Y KG22rLL*gqLHlb$0~-Z!`XnZȴfu3ɳp=qm ̤!;hz6($ks0 x Dv'fPB-cbB@& HJ+f΄0% ~|7^lo ϸaMB\Jo1,JUg>J5~c@]̗>ބΚW$E .=6۴ê2v?L?Pazu?-ioޣ4_Rxl/`L8rl@ok{Uj0=0=/.|(SJ|RNd!'$UdyM\4Bn  dr[m 1jGЦQ VolojjRJ{)PNq8wf <  )0yNҘdw@\J%&l(P<=tq\ڸoKlD_T/pK)]!"98Ӏk\9l^r8k  +n:˶ʑ,2rWHL, tKE>GaZmIN#@,l *XtFBLF jI'waWA=G|W/ei5/g iE%Wfc֑rynX&of!kTi 7\k􆭅]{*cUuMFnTFw61H *MJQʛ|EgNlg|'B&iD|5J?}fx5ms*Q·rf^d%ABS;DmT1 alMvGߜ3Ԙ43, 4%^1aWQN{#\A߃ 9[Tk"YUG Atd,'h2&ּlPk74 PIyN#f)%a#~蚋7nj~^Jzz9xrs/6wS|m n MI Mn89nӔHBsו s$x2@pQ&4"NwR()iF7\5 quoyzʺnbq;Ix*i#yAI0H6J@$)YӞЊb;c{aëګq&xt쇯ۮv7M1.C2nUJb⎩EG⚮ol$ ,ᓨ/gQ2:j^DKQ lӋ ¯±gKs P\ !|flB.C|^$NJ8¡D[`p`%NĚ.@(_ ^!&J@j=p!wՌҴNLmr(,#EGEAʸ&HUzh!GHvʥ,m45-jV${8s운N`(8)=HEYd6\µ&48eg`Y A2QbGۥcuzY65QPc!W$j+Q^d Љw*>7;e',,~X;lם$Eucɇ*TIS<`.z,œ釨TQWM>K5C` *ι&4 J휉1m%s0 [(Ok4V*ٛW^s t'8; .k# Q-ݛ:ՔJzwI$ #h dz-z,2o ":5yDZ$G/@#t<5Ham2 e_``b$Kvan{38S,z& Ļi.5y3RƁ`b9B++F\ :-sƧ9殴"3ry%rM2¦a:dP0{MqW؋ԅ#ASRǷ;mr@p5O WRmyf$AͶod]P[wVdy6~bL%>},쎺}]ڠcJE lmB]?Bڣ[,QN?v oKÖ7^8כ7L'=nО%5ukG1QT2(K;)~T7z*mUw,<)o>n]@lCY|2` usfm[G/s!d=ς(hBq/öz+wZz3QrR|<Ꮗ(厗TVdD@ZbV@ 'zI͓d! l2˓!a/F )w7WW,.kBnL*QGAdߒ~>#ܢ恑1%ƈ5OKjX0Gmg/Kz1fV;ã/Ǐ*v)!}uE V-*ϋwN[gr<|DZLCn 7q[?wfœ/7l;1V)"]hY_ֶ~-x(*JGD!M6TՄ;`4TmZ! V4 >M!; LYdIfk_&x&2ķ7ݸH`ppCA]\y6^p0rPwVDCR17f2S*9y[(9l%hTbOݟi`{3ٕ;׍P@@Xjtq Oqx^~=(Fbz<.jWb14r+q&cI6A` Df.0e )B(0DA_WP|]IW$9i6}_~߭D=Lra\R?wLU}阙Y` @7rkCEHBG_V}فhG:k,+ӊsVՅBѴyeE aSc(ƥ&J*|GbdkοNZpK-θ$'iDy7%f("; "ò4"㿎훍-/XE++"4'jk6 -BI&4C:m3WjoNnq۪bn#BnGj nH̔"$84ՇLMB@퇛ࣺ.¼ft‰P~X_~Z g&ijbsSp e鿛  :6R.H`K uSv;âDMyChB5۶0 'qM7a!q;|;dw]|~D ɪ}z!md<=H W%Gn%c};,|3|9B=PtOhMUfIA<' ni;BUctՏ8$s)};G.ϟѨ/~}pQFC/'Q\េze4]S|M ζ"]ܢ,BLaZ@Au|Ge˩ϊTF,(auTg$m_ |$ ~Ŝ*t3KL*ӵjip}jwSW{P't~4LָAa"IㄈU_x$^Pȃug]Czn+6$,Pu߃»B,P+1/ Vإ8l6؝Y L 9yݬڃXRE-_(>1/}rT.ui95a7e^{Wb11sbTNEEIQ %KP)%cFc#IALuU:]9xaC=R~tht.mÎ$*"-/"cFgɯa)0<]$ *{ԭ>@AǺدiĞ<Õ(#=yρ#d!Ic<|\x%]MNGwYGS;!J.҂$3ϛx*R_9N;_WG^NN<U`ff@@-γvhu' -eF#" dzwjwp>r>޾&2,rvUNH'Ց,NԤ$?S9{cgXs q9BaW,?- {̇i0&RYy^PGO!v^^os׎[3E IV ]"D%O[=߻[^$`-ݽ~ "lG[dXzOb=%Kiv0o7{]VLZK7"0 Xb! c QJqy%";,|\g;QlvX"-Ze#U0QN8 )N[ ~l@%Sndm_TQQ/Ofh2(OuMf$T2;;~o1ir|/6q<$ }:6||EQВzh\Hy^ =_ ( ,x3z{䑞jxqhX&wj_5l8R0)yxO|;-Oe޺5΂0o ]+:w!ۊnLX|>~=vfՆj򶦢w߹n3 Skup86ojb50̏<%J _ݼlzf fmp4M0 r4(&L{Xtie10XS)`-8zc&7 to(,`0)=j&H"Eqt8a0#CpcD@ƵYz^4veA"jll1˗/fŀidZ>閣СHW1 zee(iD4zT}X \~s(Y ]=V'~HߩN+;FTH 08R0ޜ mYF4MXD*OG#khxx꜏ A`v]mxe*:*:/W}:FвOXr nAꯚ(Dwp׌ EGR "!UfG]ӹ;7 9!R kGs* O= q7!\l5R(iȚ(ΕZI ϫ4rxdfڜ}& 4Z1lHiiLʐ; 7A},F'BUq6?7X4Ct k> it4MB% =6|l F {?,S -ޕr`*y!Rxk$fiaFZ+t `$Ga*?CŽΝanS9g~E N23ql !?֟,UM*/]7BVmEABm1c\;PA%2u<^5ATJJM4SCNۊɞIULέr9=.nQ_+tɺ:'8tJ R)fDžul! |~%vq#|Vߞ=or"VpxE6l3+&<XÎ C 8`ALⶨtXXGuo)bVS3@Ves`#1x@QE4-=S/t}6n@ ^ Vqd x R%U\Ͳӣ!lplņz0Zi;&AJRDG`I-Rzߨp1$h8^DS%Yeiyq9L|M$˹IDHss{cKu{g(lzg[o*:mmD{ͽLUeU(s.kʈ ׸Aj (`F",) 1WR^2"wAP>ce$+z|A=.6uـɿp9O(rX}r/7r9#^п١7>v$4QAH YHǁ* He wyb1a\w&A`A .Z|D s*9:O62ٍ5uzf\7jӵCof4˝{-#ikt-`:f{uUP8wNs^hZ~O,:", Ti90jyT]m u$qz5"0Cpo8RYL;ofآJhk_s\Ezch_:K1i;@1}i^pa_{)EY]{`֓2i%e 4A S%{Q*1'xEw)`缊{tm6$^3iX!뇁ifSGrs.AOvV#!4<ɝf+0 ^ls+dE)RySz nMը,nߍ W-퀵FCqs9vNHNA7}O<{{o0|hفXtq'{8dҨU 5j0[O627]nX܈@V%R/5EUh-JN.תj=F_9$:yH="xMO:Ǻ/!ì=B'`E0t!Q$D $.ot|ԛ=A ȁ~T|oj^pB9u۱o!&_<~ LD,NnD~RdbТ7;ZfޮVfqշaO29pjfDӠ$)cضϖ:Q J@g=A!0Mf$ͣ7LaD -➁#Lbh;BùNvJT!eemC0ɭѸȸ5WXjXLmKo%ϞtyڥYDK z .F-Rw*۾ x=V6k&bs%9w0ѮL9U/&zM0ANf/%+ܢ/ݱBn-<Plti݌:DbY?y@U, \O"Ndz5)o!nBH؞\;[!r= p\LmNV= 8͐Kzx?F]+ҤRtY R:C&A;^ rΝ)w8zbFNx xK#r<Ҽ\ U0%|XkmI^w ,?ֿ=ySϸO[X-k]sYw8puzLf@rOD(ݥ$aRE'J0M RyKp9y+k٘J r[H6c!B 7: TXŷdᥡϪ1_"܏ޑIL«h lvE-Zaabɯ 2"CT|;t^/B7Nk}mxh$Fv\XMFu{:.ۏ$=.|K\akvK5H`9hßp_g7L/*]BFl67k{Gy!ru[[C{e sZFug9| ƜMb-y/h%zFuGqaTԮ3nXI3@VjXZ3,!&w!{i80vw%[%x;Qme9S jrZOqbã* 2s0eJOGD%pQ5b]^$=gnU8$nip7_찺 !ZM"8F|tgA/! "ϦLsE!/VU}Zt1_-uӛ-悝4> 3f #RX0da)8&O8\,ӫʨVR%DE'^)ʃ^g̎@Y/qSx^ _z'BdWs/:ч!lʨ/tϿ8߭uIn'ϰE UB] !.SCs4c l5Unu-̵c0v)鬼{~ֹG3, S3 e:dћvR[ߧ8t{s u2@Xp*yZlqTDµ|yw뭤obݧӲ:LQd9KzEM}\ '\}[Fwz*qHnMv$ lf[("0fۧ"z$~>BFդh:\ʺo/,6*װ;2#i A`&%b(d`k!3cu?YJˎF;gu=yهA4ވfOi+F0 c#"7'I[,rDrG*LA ﶤ[jr:2;& m@;Rz^/!|kLeB\2YI#OF4 i#`S ]ӒLSfAjf}UVGV!>KVɚgvX)ڃO cB"ӷ;@xDr˫kUacɶ@tny62[}d=|}wO~: 6-v.M!z~H]9J;BH8˰ASAi{td9zS/Y];P 6NHL>!dʸc*ϴ4KkDmGs闋h׻sck%.ӬvHfSʃٝgLBY?qO+ Ԙ@|D3bqg:̽4~LmU6]v'~:~KјcDL4kb ۽^ɻK!"<34CR!"# 'AGy;/vTbGf~H*\y @^9*Ac5|^3c7OӸI\ X"%0ƳwQ6# ۛICD~XZcaɂ0WD]9՞Qtl[uQK"*fQ""XY%]`Zl r{Nv:{w7{b q|ZV )ͤ2#D|'^^wzeޒF9|J=߸_Ib\ dgM(U XЇ/I!3y—聱^ 0Ԗ^. {3rb<)R/D A/̡<ӔnGFYahoSu^}Ӫ"{[i-Nzw·S|we_"0ԗSŇQd X ^*C Ѡn p/+<ǿS ŒG\x%C]ˋz_sx 9#+zBs0Jg^UwJ~Mv!Ԝ5#<믁6>񹟘u.};0ǚ2'ۂڕ+EF@ݸѝi:: 7?:a Q]/AzƑ:Oۙ } gd3t-jAXKrra\pxބyzk|4e!Da1Α52⣧?zmvm]r.`'h0i_&I},qA^<Р^VYB] t͊`kmZdY#Y{cGQ}Ny{|?4{Ojg~[ yȕue]ڲDC(ދoY@Rh,oG1ʂ<5Ub7bQaK8qGsg]=Ip,s6F!HJ/Vli~)E5Φǻ4 iei{l"7F_*0n]=ͿԢR~d"ͣ7yGߧ_={[ct:kJY\ޛ47 a~ud;YWK`RE|s'WjV㾞'GzfMU:=@UefkE%Dʜu\ n)4^zjwөh =^yh@2@ɜ*M[?Sc &妜d!H$s?tTP+}ݽLcow_C9&'JP 秔rK XCT5ױ@u"s 9 u"mA5^(ᚥk顭\|:k֤ef. K1lPESDAs/hGH۸,%p/M#)Xc7>Z4nv 5 C̈::qG3+ BaF-(:0b` p*@w+W !Aȅ#Cm{#CY6JԌÙ.sXe)6)Tu/&S7[ՇZ,,>͈}+=JCBn͋򝨿Oo;&=촧GB;.%DFdxnREjUC/y|L@$Մv&< ݫg^=≍axvU]l%aӉt"輄e3`P/F4s=qs/d>fmiݣ-b f36B*YDž#M2ޠI1=[y]8—ܮO2v9 YEFp_:`66CҚZtn{@mBEA?RCV% C1"DVI )0EUKzѺ̓ϣ3jTN\)LZ'wN*}|<b@|{~^))ԍ4{r(OXċ{Ԑt')fq7Q*-{c=N8}-zLĎx}n/? f @b-EC:d"ٚ/?^YPofCDr(H6t|Ċ6q"ߤu>r|F(xk7KqihNqO,*jA"h@UL0qDTWŞ1SoGZos@仈/R5CgO|S@ò5Qna/m5 '5y4E|+'}/tyђQ#}K$yZM2OnN<IykHOMkevB޾R$E<\.9_h,(=qUm2wX]J4zjݾL㛳(#쒼'Ѿ#+qD'}]8颒-%L" _DSU#< z <$Wpt9SYf)h@]SC&w0@Us%g=V)YFe/Ctiz^ܰUx3]?x(* tQ[Y+}HxNq[9NhNVtC}<'Wt}尶XڂD&yK:f"l0usb]r}Pf\"KD)Ad/ǗF]ӘC됀ޕZBF\_ yz`/:zPNS=4΍UiSiZb`gLNMQ!(vHi:Jr K(< =M&v\Ah F5L$c re]ZSE*,35zOdI7f XFmq]VnCίj#8H伸G{v?}aA]h&YH=qOThҙIƜŨ:%mvg! &1NmG'KȇVz.}ԼȬۍ֖4ġn'9 <@CeB+}jxS9PU:an[-| ioUNKڢr bk:d.(_6  RPUvF\4+/)'+ >\5ƲX0x%@)7V/K5==Od`~Q_.30ZdUX4aHlGjSbƝSIv.VKJry#A7SN(8# zLn;|yRnW Wy)lڞ&ߌG|)l檤Wf kpQ:je~eОj9ud&Dzƒ#Hxs2znj/GHj]7 iD:S;Us ưEz"lʒH1pe=7ADBMN"O`IbQNڳ3 ~nc$? :-4w9FvLxc6O[+UpY<Ǔs uTN~}+piQ"/bhqazI 5P/=q0fT5pAXg7ߦuNz7f'Pbp}fNǷFN֊Q.Y?k#а'V;J?ɜBeг3{#:ݷ!!8s"wd.wn2h#k#s^kKZ} <=ZJJ@3k, P@J)NP>烎y,ƹzm% $$'8#ђL/Ч[@@N_/ʻzPBw̚P§}9FgBdCpTR=b{m4FGdJӵj=(RpGRZZ)u{Fz뾝bK|EץZ9F]eQ}w(WV}-I>m̂Z$yoѮͻ%il dL -dp;}&&q$dA@"D2Mc [+ d KMI"=foAƚI\"1eE)Ϭ^A)gA:#DmJtQMi>|r|gBw$zb EI7Df#H)!k|=#VWcϰMb]w9Bow5׆>fzSӞ2H/.$50fhXRfNi鍳#*U__6[&~]:"ґ}{s}UlbqO>% R>@ڽS ׎qxs,wJ!4ކ#I? )/n˖c_/TV#`%`I^g?^pdERfa*uqJ{u 9̓,(g9\ɖeCvd㖚S!%V4c ĥT!8Un/ ,rvy9jS nVo0 g=@Z<<~3~zd9ERfF䈐(IާvQQ!Tj|q3{_E(I#/(6< T..qu)<ߝ3/x|2\m:P !򼐊I]3kpM_)[%Sܥ8™*iUkOF4KG5!@11b ˔)ý)ަWXN'YVQUʖ<kҵ"fdRUĕ!@ws]r=}"Nד*=׀DP2EC-wg,._*kk׽nwl|P)&ɨY8gj yb6Jm1!{g%Ɖ2Dprw<ּFc&ɹ猺cgR$.ڢCSEfjԄ'/j]WĞŠsQ45i+.{y%"rv  &l5]V+AZ[f5a!(C(@;'IIv X۔d ٶ>F2K!ꋉ>_rkߌDa|#1*nVZvWT(dRG2 #8i\<4{C)QZJŴIQh#APFQ.Ql ݴƖ FIC (C.G Hך5]rIpHPNObN|o]ѓGehAWZu_+nz cbHcRdA %留RaS@[5% ]E4p$(`To,X:d0=' aM;1.Ah|0bJWd;O!ֆkƀyFvj |q 40&T pUx8!Ō=ݫ"wcl$iRrnygƳX]2#>aDē ъl4!,ݛ~hdY=:tvOiyWC3Rnv3)t"vHzM&"1m g=GPL}MY<>η7V CכDT^Sd ߬և3He }1_Nbcr$`Gckm6(ZC<:''2mw]>d۝]Of 'a5$RI¤݀D:4CX!fIݡ/B)HAHr,YLYh0 H 3 q 9!O$XH(Bi2c$*H|D@!Hrwd HNQY @B) 1!Ʉ!L$I $K!s t@$! `Nԁ!"L`+ Id$$XHH@݁ 4z$Đ4 $$$B&ne@$1+[>hfuLen wG1[5)WY{/'8~!J.ܢX0W)=2g@1<*9lX OB߅Hڢ;SiF3D06CDםAHTNR2KZdYo2TS|E vg-s ` @$d|3gx$I!sI$ $x$$>w:l$CNCrۗ ,BrBnwo>?s$ za߻"=޸jnB&rOw3@NQ$P s81HCnG;+V @!dOI7y=gaI0P9; $TATE=c$d)BT +׌7,&Rc@Pa R: $d>pI0ԁ u.$L !8OzG:֍HB]kCWo_$&DvTaB&$!Owq BCcUyKy!.lj;H?C^H@ @RV 4N]> $&! aCKl' Cչ\HI!s!!w.w@1I-^Bl@-s,lI0|v $$$ѩ?^x@38;.$-7Xs2nvN:$CIW);BL@'yf߳>B2Uu>GtBdߩi;RI$HBY-}_ # BՐ! OzݐyLjU-d ץ HthY=x !&b^VHC h*B@{27cHؐ ކKt HBr`$➻q}Y nNM{! '!=/ c$'p+k>t12HG$Hs}4IzouCu!Q$)bI _t IM'o$4XLL6 !e0#{ ILyna g'wm>I"s鸞z\W. B mzyxOtv! ,>\'@5}I'K[H7Y]q$P >b )RHy}ĒN$Ȅa?6!3|~HN'a@;ߢ. `P&z$$/>=M_vLVN;cy|z{T!\{Mjwd'.jBx{i!>?6#:~YO+Mi$Eol'I s da!oӗzx@^w @7L`d8[ 7ѾHv?P99?ZIr/d}w}m>B@fj|}ڒg\5 ?kL;$q8X |oOZIdP?L~p_j< ",BiW|w I^kdI C[fڃ`i!7O=pC$O?rHzno8BB0}ݽ\/ 2[а8B΅߇$ xS/ޣ!kKl8l}&`/Y?8 `07۪|]Toy|7Zz{gU/5 6za,4@R!hQȵ@ $tHo'AYHmiH2BQB2N$!ڎ+m~y$ >H{mrWCo|?Cp>Uvqc65|2N\ś??ɰIʸ-WWxレYٙo-How5a.IHt z_9|"K1Akb2WO.\v \"n]TG( FNJsSLH@cZYM" AQTĎ'tv"(OR*cLz7{4ԪRMjЊJ: oSBZfbG.Bbl]Os{*[="BGTkQq*Y!*Fiǝ16u!+K5n!upyڱHvtBJ}so"P@VI TȘ<:̌I!?Bi N|{X( @2O#D?Eu쾆bcZqKڮyt)o6ye䡰vk7>wbZ!C^),46>rc1B$ -R"bF9Qʆh "%'8|f6B3?U}KE23Rذ˳#yi]bv:zDے7h<Hdc  Z0uiI]q$2l'B$U`' $weC7vm@eywV ?S'n/G3{ ¥SߺuX8RPZ*mcP*8sԄ=桳Mms$wc9U - IP ",9lgϙ!AOHuAɨE._IH=ˬ^`z~ʖdDLC_Dl瀋>j;Pb d|~YCC=hYjE9Me߻ئ49ϙbkqɰXE"eYܶ=ZRhFE B2zr_qN"-bw|gR4xs# z>G [(s*ko(g,OQG▒֟p-'ZK Hf\SĴ˓X޿ZBxju=!H6ڢLǔJ7;X le{FnE$INZۺ_t9a;۵2:'>.Y$s!Dd'jCd搁d$*AbDdXHH"Lw$& 7%HQU$HĐ$dN {&H& WCcM h HCjI! Ԙ0BbA|l!:oudua N=+I$4㳞!!ϊg&B~2 HI+Y 2I`Hv>˻ C GʀHO8(F{ - ڇ$ 92la~T󲰐ۭO$u݆'cHJ' <!+i1;H B@'y7jSyx3pqC I:mAӏf SHj̒/dIВ`DQd~lMw2l$M @d+dg&UPc `xk-, I&m֩l޶@0t۾XwgPz>SI:ff>EZBK0tZ;>vLZzW,`rdloB$D0ʠ(Bq.i=6@$ŵ|Z@I$\RBCYE\J:f1]RHBHr@; ɩ\I gl^ǫ:I.l|Ae{XMH,"kװ` 2>T;L㌐ْ<|SQ{z7fyyu֝XHWd8a$ "&,m;Bo:Nl@5n5+Q I2BN}6]T!,:O@h6:ma~!gVϽ907@ZH?B谒kL$H%q@Ieƒ^!ߗt7a$1ʗ,2@ []O$=v`I(ŤvulI;wH/-h!L]T7m$'2bI`Bt5Xc$݄%.l#l 9kN}Nh<: 9SHd0y8{'n|$9^:5:fIזY"YP,v!aÙ[J I/IHNHHbrO7fM5ځi4؝n}x 4NeɥcS-d qmy0g4jG^69pji2@l#XvMAI-Ec!%I!$VΨVBiտa1 `HcCgd;Pf I!a" Sj"v~5mgcrBNñ9vI!t!kH(;TH 5脛;t}eHNk1M!uV@C|1w&y0NjMj/K5尓ȳY'3r@[e@u 0&=?I4R"e6sD@9P c.gg@:3[ C+In' :IOߗx<̒4ͷdδsF49.d HmwIC&4 Eo2 KZ@\fM;4 4,x'&y83l&e5MN;44 eeCj DzI p˖c&\9骧s7t$P@ BI-B*G;waG׳IX{Wan IP;2M8$XN6V8a$9$I%f$;Ҳ9`NՓ^ ;`LaEbSo !51 Oo}9$'$VNC95"QBE E$r1$X Bb1CL Ri M]/k8f0R59=;l;4'zlL'{ &y/^vvg~nFG,$=t[M;pJC} :{Kr[TYӗtܱ>;rӔ=6h=4/(4"C*fi$[SІ<*ZfGЧɚ4l{sV~/S8!pS},wm:җ,` oG I!!r3+ u@TjU͒T?#ư4  VsҽvITK/N(wkkv{[k|zMy΅ZQʷؿ#At6 U%ܝ>NLa;qҬ {KT?җ8P1@&~ f ŖE!s"s'/}˷fS}kYwX骞] _BqڞTg1Į MiZ'3RQq%pzE:%:*l*u03v,7$! s$juҬ m ӘSpD mZ¤˒%痯ApdaBIހHT &uE&=+ӥqH?Csajb:XT:&`)]p|,үO~N<ſo. om ]WrpQ*ecQĭh5 Fk3M,̧p,UMSց,ѓF0c٦YyWEb-4]q9fi?̫OȪ`KhQ #J@-F4_lnOև=~}kѝfqFG8rAu9,6ljaD*q<8ȶFkǢwС$shGέ;F'#V  &ȡ>eQ/Aq{P: GL `c6 >D2_Cv#y|) O;+9?ilP)YM]ƈ9S0(gݪ\eFVi9I1X:zB@A( •Z KB2ӋCKr~D .z8,0fp9FM  8"Ż1X@8Yw#>yîѭJԈ- SlBa+g}4e)Жj#6ѧ9z Ek{NPY^X04"rT 1#`< ?Zl,`w#dBim\Njޜug~[xTSaٞiHbWrpRJsCl0;F?3@ 4P!$ IL*z֪@!0b! C8gWxoEM3`o-IDUMV؞N"b:z3e})Ω20'+0LA*C䶷/ P{:@^#>ySƓ}UBFQKۜTtm2J#žF{hfҾJ٭>`R^4w6g>y ݤDgުrӏ> c40 l`+΂4P7>jߕ,فz5d9I?ЛN' sw\wg3bywN߻ lq@eg~l X`#eI#\bk˿er>kQ z#>DO#D("#d)R80sndk+OiTO9m~ٖi` l<4tTnG>-;T}m- 38 7 Ưe-zR#D-y{S1ަ e@9k:Vho[6η k[vۥqf>K䥹6K  2B}HWNXp{I@0 !ӧ^~[f'M%'f(֦5$X'Jofw,1a Bg<(Q6Lf9?}y O԰\gr.g| 6g2F07t1q^rb>r@6iOzerשzZid%Kdf3 G_*_mMqfIS>nŕ/vݼvRYh&7hzn}8d+*$[+b?=O?$$դWo丞 @h]LRTI<]_i V HpV!?}ƳUNm]YɟbfocyS)]꽮R[f#}f72rMКּs?Tz$&pH pzzݩ YxG3:]VGvEx[#kfڃ& ? k''X5\r}o+rR鿂6Wӥmue!:~-0|_Zb.3\gٙd1\rYp5+8^xoUf@q$Nc_[,^vW~vUmWSwͫwZ#_)mv}jj_loceSvF]O]e^mwi1n iojr͑Oegp٭+yu{*O+WLGqf[{&Rח/{3={OO}]N{(P1 _=tYfDTo۞IJM@Ykytutnp9F~GG]r\~X,ϑZMje @.B 5'liD۳3ij!_C_mw$/{P$I ԣgUdK 6~doS2ϵ],B`HM9dH =@i$6}]6o|_o7{_%sN2YTdh(.lLG)ڞNo‚(Jj鱁QR (*3>IX&ڦ;rH$7jەX$ ,{N|3\Q!OSkos~V)LN|=C^/f; |[En0b%(mJaVC+""DPF"(QE$VPUV,FjXH~ :oqu!SxL@#$Ib,7Kc6 &q,v.яIӍ_#aPΐ{~'+Ǯ hg?:~1}}v6kkN3V }6}Ḛkt|; f h>?N]v`,%\KѾ>QNzɤ\$Ձo8K1n)l$X}Ƈ9փtqo0ӝ9~ziY;KMJ ̈Sbi$XK1bZ3Z gP`?boVd`.L 7tg-fGgIъ&YTVe%2"z.4 PFX ]eRL/hnlCǕ*g.:o;x,5\Ǣ$`ѥnFyfbI " r s EYY92$K &AR $KI38&/̐" ]o@A2@}wwr?avk}lvt7fm)Urttx8$6 l*~p5gl L3KJ sA7XRة,YbegGxq@y2iOiۈ<Ε+IK(]I[:y;)q.i--%=X] [HPKjȆV]5COpXC ,ԉƊdUՃ@` ,J@9=^e@?|fDdD ЫW=tf˧0s{3pk&u:m˅h3c06!`hIpR0ķ\Ճv֥DZFɒqGwC_}!WۻqhJﳔ d \z M4v`CB[Hry6Hp,!RT$ayRz3 Z%I,ԆP+QgPm 08/|u1gYC/+PĂlr1X_:V_/$YREt(}48p)EPYZҌ8s M U;VOjhj g!yg)|H \}Ud4:ANlXoES|.)zɨٰ-5EHw$Uu$\aC}*2VKi|B`U'20u5J3_dRA'TrzRnڈ@XėT!ַCnӟ.ۙɓ9X)l8<"ϷEYk` li* |H7h ĆDlP3.3P3 4Ÿ^i޴0 jh[1BCRۻrmp:&ZiUD:n`"fV co,0Ɗ0\9kyId|#{8g"j ?P5JQ M66Ѯqc,M=߳RPntmYyiHf2}zZk3i/c?~ ;1A$`n{.O4QfRE0Ag?EiYG8;0EL af 4V,-ṕA^:/6ɜS0&0CfK6y:ܻ;!9c#yE!PCE .FXl Pmf{B6J%2] 򼳁ͩHד] \VNDqj¹m ")M)X\Öv#20VX)V TYD:*& ,I8}N#81(gٱ8lSb5iٵUW{X5J] w ^2X{=XJ6D!Ibe352[1RA"R"*,Ih >3"yR\U^&}l5$f ¢ b 5*(Y y{H`MPv i?eW CCu4*5x4^MD8y0Z(!<6?>AkW̜|L^ːexVqXH.zDNL._KtZY`YxTN"]X1n `镌Pb%jfep Ф9]dŢk 1!zX)+T\BHjTUDHEE d"M“x8\I>bZ2mj`TuO8ՠC1.&ys8QK^䫤XlSBc$ju8L.> /h*H֒!-/J2U`#; 0E>ZVAx$!'XSV2=iHB% Y>$6LؽޞD(kw(̂fB_=)IdD&So>s^rj#Mr,ϽB"ф 2/T! j%.WԨOWܔVuK}DZ_ DU"y 4]j>|3eM>3Hy0Un\5v5џjfAXae`GRUfEwRVv#Re]o.՝x??7.es)f?\6?1OaMe0|OwhT,B4;/?ossٙ//GY^}שlwS>K}qcə{W :Jη4/ӸX'7n[w^A.ߋzۣaJd^oOvD1ֳ?Ykx:kt]jj7]T4}4ٯ'}͇j)(3qj1=^/j|=,uSjrn^ j3U;=ڵ/a^>zz7TiݿHOnCwt-CkhU~VBIlm!<|F^%200 YH{{=3$/n[<nV.E-dF@$*B@$5(@?@$یO<ϕ%RړG.yQu-a Ď9⳻a]~={ a.@0'8 J螢h oGDv]=-T72}+3NLgFlNZoIl"08m䚐࿃0T閳$m *jveU-g68vO_Kd5.|m#_ͨ:6k{k/=Og'cx_g?/Sܽ=jǿs*`@9Ɲm;7u͇2h{==W7z7W^yԟu^֣PM|^nߘ˸2]{qr|JO51XYwW/}ߵʛk:_ߏl|뾭}KjҒeȰ4Dbm"U}'n%%Acf9F#On5"da\\p@!NUQH(3?8 PV?7)5l/]Y(Ւ(y9k)?~|XL9ӏU=U},7cyX\i04ܠG15?]?m˂\RƼ]|$?4[?MA,qhqO4`"0cw@Q%5`WνY)=M|zg{?GŒq=.==~۸>jkQU3[ zv{iާw$ kRC0P,\u Lq|R@S$a ) 'j^I  ,B0BFI%I , I aEX@!JJodT!Z`(a:+{cͧc{"|t!)ɠu?S{n+: WF7k3^[;Nm;Čb㉉O4:*'WܿEZ?>gW ^jz[ޢF}N[;X{7X>eY~֑7yG7]yh;~{I7o:=Q3M6~ۍٝ6/ki;Zŝexr RR9"~{ hm"(*(UE?yne)N1Q~mƿ[H>Ghpј%8!| @=̶.:b^[T?}?{|mN·~=_՝~3?7{r~0//ʯm>7f^ט8FOgxl2<Mv BigGa׭II{`x\2m0Q`f iWսv|}F,ΟMe$vsELҬn)̰>G oʉQI\U`̻3P[?Nڛڮ*GP_GvG?gB,Xܼsum1tGn9/}]NOΞWv=µ.|k'ФR@;4$uI0o*@@БXBN!F@.dI"$!!,@>:HHea!Ha!XI $ 6aY Bc it%TI,lEMn= oWsMWȓK2,X+,Qel:mS~?bnƒLS7q*k=gSݏ31>Sa#w'\O{Nze毕T^W#yߵuSp?hWk1K]bP !TEVhe4b sF"Uxhy[hY1J;>y(j8l}}}g${ c7I䦖}!FpQrm Ovk߱q=Za{s~WGRk>e +hVq\!yD"}odi&VTAD$cw)ۗjJxA<7~oc WʪU"^gU}^&PEV y Jqb6w)wem% ]_"N@1ϓ/#!Ԕ?I-WjOOb_2:4usgXсArg) !䒄 tH"-)Bߺ!4~C~f:hSu)QU. pS6?}-$ߍg o}?kQfX+<4^o;dxH 7\ĉ%yNn_לdn-V7#(@_?QvSJsKJ(( qk}mA.x+HS֜QE 2 _VԧlnW޼LxY} HINKgW|(0uc72 M0i0Z{sxȄiMf؍w_%po$SOyߗ-GeTBj4ӠpD! MqoqP-CLFaY;'}c{ ŰYlt[OWf_5~OOq$~k=Z*HLJI1 2O@BH% L IN  rkI!/dY$H_-?L,DmdmN % }S5bMpd6{w/_E ~}yܯp_?QxUU5d @ApU-M)Q/WKxZ[wgזC{M$Cᰤ~,/w@2vEC˶nWB=S(m !(M v& 1eӇ3=7MsF||}?ᄄ I7>e#F'PH@K̕Hr; ǰJI I0!fBY 8 BE@d LBbHX$n/nj" o¨u>~%k`f4[n xHHWe( @@D@DR@Y2@, E$$~ C"BI%2'H@I Ia IwuY%-muBR ioOY[=xLmIWXHmXe<޵(麪?U n om9aL8 ]}<ҍRKI=s#?~6?]a=sTOъkO[E*_b8Đp55,RfXYEH0JHOa )!( T$`\ب?.qQA5RMMu{}S 6~#H13irr?z|⨹Hb\4?H"" v nnymQDPn9ddC?#)UkA| 2,IZdŤ!8=e hfj04nue2MdsK"Td+wl7Z0KcDe|%;zT[ JT"yx/\b`gub'A<6\e (Wa asY= <?长XӻMPA8$v{QiՉJ+f Jjk'5$+xq]vҡ!q U!:"I'n;ZB$Ր I$c AY&҈@Z=r :A?e7)"&lG$̆惋@K2v $$  H) N5IS6@! R)D6E9 Jxd(0 *RM]ҼHr"ڻ@Uɧ "Ʒh+xN{QM~{kL.Ӈrf_&l $,/@~dg%% GYo% z&3E0u #ZN 1KXeWn4 hLcJ3c^08U]o+Fꡈy(ףOtcơPϪZ&?aK 5Asiy:%j #Hbب?kWBֶV{.puz2>ZtR*6P)F(3F]f)< .*9ݖ0_;LɝrFN=¤F v0$#P"" l$oZbt{GD;gC?*z<т8sLQ A"({GzM )zNԭ8^/O Rj"2.@C+8BSap ӐaCXjx +¹O+dzJ_ #w\3rrFX ;d)G4՚ΝV3Hnŝڋ*dGҤÀg#T$S&-j"xJTqR[uFAZ~_wX1)7"G/Q$HA)>x'إ9'wM~P{,|2*mܺeJ&0i OXc.Ir8p'>EGIzqu%&c]jj9 tuxq(5JUUBXͯ=ӊgZ m $g}>~{42[C7wgy 9+ڒI'ZQH{SL XSrW,ĵϢ@% " B#-bb`ԼnKuLۮ;ix Fy'}}g6_E8S3tH3189f8.-gbc3~]8Ngz1dxabf.JpcDj{\8,d>xD'G-j2CXl9`NW"tv{$^yOϑS!dňowhK `@$R6h+/!ˊ`v7 Xʫ;IS;Ie?-_ 8IX^Pmԫ~^Q-_Ŷڭ8SvFfMHiޫ#3M( 筎+y `zCX1W#zEOHC?E}BL$ ,BU U*Tb,|&ɪ9C*Y3RQ 8%u0#YM!lʗeO=%oF9 'OLNT8|ΕS5}wׁiyy>b1ݑ}/8'W֜()':S?}U)&".V]Y=65pJHHլښ؏&|EJ7 %k@qUr֎YsK=͘^j /+ez\b"d:L_աfngSZDG rO w~c,"i.0пЎ++yv6:oh<1"0XEU(+XdTjzx6</绾aX5д`JYVDA2*jCQg #^JY022,L0;WttڷHVDDVU c /tJi㱇R9b-H-;id$ vCx˹Cfn*[:!oO;W\}|>Ļwˋn'3:uO/-O1 ˋ.!@kr]>W&_my钫oOCd_9C$I!T%ɂ]K _< zʧaOع.\PI=Qkt:)iZt:fiVU+nk^/יo1)JvVr. A"ajDYK*xEnZ]Rlԝ:tNþ y]PŠlѦEUe]mnnwb;g7x Q3/&bDIGR<Ҳ"tL0:-,Gl|!avsD Dm@Q9 (}xu}joM= +KF.9ź0n;nP wYJ*{8ވq^C0we3螜ny!b*~s+1$Air]q͗].IPyU(izgye&MҳI(g+ UvS`9&W{=|_&{ Tj@m./9]`YtcZF.g҆EW-L2iIg5JT#%r{UHڨŨ Kש%'b9äǤUUH]gc?WURݫcQlr_3Co"ɛ++iӌGRʊrIҎ2$Eҕ)o¸H3̤s8TSo$X͋6:᳑ qh) @4Tw2U!eYuN`Bdn(rce|#YJ)R/Y(`?B.K_$u@rR '[naHP 9 f?c@k7N}5kk5p4R{&wa~waio}) n&pg6jXxcF F pZMcĊnt--/C'C~k ЊNck>r6&\Lo{zЭhgɽ(9ϟu#ME5&yYVУQkGnݻ_:<ȳQ-弍!2@4RH ς %b͠]? }+SB%AĚI`_߳LǦhB$9^40k0,rI@*TzuM ;">{•ա()zގM| :H`c_g\\Xlf+t-YMw"[I7o:N3ׯaxziX^S ?_Sl+8y2|լnZ(xzDѢ(m[M`NzW1$-vO0'\ lKg+-Ò|0y ') ȕⳮ)/eBo<8~bLCNV;|Kp@bjy!Q.ۖg- h$Uy`:^ 2-gI+cbrYU$b4J_)NVBį= +`q5ar7M>;. eW6VLJ/>};9:KLYJYW*c:c%kSRŰ}$ +){| rG.?s΍VUűc:w͌tjqk5Zn~I6]f|g|Ca0NƞWvӭ.[@x'5N3guo6'u.>k3@)hG%S.R7ů3k>|ɋz4>%2r@LR c ʀomr#%@ HIX$da!wB@2 d8B.Amn*Z,EU57ڿn\o[~TF`lu7V]EڂIBFRI'iU$ ]JI$?-I&!$kf) <U.~LSQxy#ppr.$MU h JZԆ4@+ȉ`i4| x&kbȰ_!H1H $9[$ ! a<إU"nX@ m\-Ҭu3$.=KXI #!! E@"d )/opmh_Ҝ ?dy7c'Y/(@y= űf,u h sL PX$ %!;;ZI"2j2IL $B9__t=Oud# "w_}rozH#^;8&}ը0`+(2TH)Bjt $`@7d H"L "0z/[=7ާo궄ޤO"gHkE̓fi/@-xˡR#^#$0]/"Jc2}uI d !$$!I? !v0D2# x'by&U:q)|n~Žձ$?m[sF$* !m-@ $H=0԰$g~*D""E, qqHMŋeyik?XqjEn{ݲô_x\.uͶ3BURN'L$%ކII "`$"]G'l! B,AB@?`:tRb \@1AiKd~迓x &Ka2EHa!@i@@AP!HBAH<1`HOzYPC)¬BuW;l!7z_[7o:Tߺ v8NZTahF =9R@RBVBE j?lJ~z}}cnXJ" Į%1@ '~׌t=(bP BIP B@!5 @.6n@p\sz_xmw-ּiK꬇#@1H$+ }H,$Y$HI0RrbˤJcyvkwO)?4u'|Wfn=HqI66ҘYYٰ4aDHHzF!xt>z@=eT dL! RDE ΪJ/>ЗzFߜH8!eߕa_ٹ枕HGfЈBIVщ*W`/%;Af "tWyY^aKtf2z*'QrB6XayQY /, ƀx .1TV.ETj]PXI<┠rQ[p APQݕVqMHJjud}}IO<1[OvʧSmHFgV=cH(ь)ʴ.']?^K=#?WGT-8"=dR=K-ygThSqg2P>>G0kCї nȭ"a7P(UFܩJ 7]S:5$U5RcL%*:jnB^w{y6[mfyoVbw$KB8+k̷(OmRYiTN.5>3E90eM.FWeu%=Vp|6ֶWy)Jm*^)v?%/?y?*ڤ- W33}Cށ6!~^~Pw̐-1tǕr0sQn<wg,*<(4"'Dni,,-~[vj >X9J'"=gZ4Z8.Vz%2{ L/ w4$6^>(,o2ZgakTJ 'p^Sι9Y91[6Dy$[P]S(LCGUo~O^Ɨ 3L 6k/?'F5; bkJn|Ldg=K9Pgi*ȷ9n%r J͋^:1&-* B ~gx^ /CxǽCwND/ٜMudY-~ҟulzFWkS>kaӫsCziKkݵ#*ume2skߝ#Y2>#Ϧ󶈛}cY,f0kឯ QuZyF^ qs SS81Sh;R\~?.tZFݢFyRo.#C9[4~ҽ6_J;OjeY[uPJuUN>Lx8V:&Y (*|%I^wd!dc-UE'ѧ Y^DIתlte=m{㺊 Y( rA9T='IfqB.8܍ x,azr[#Y^_'⿰ɑnw M-e7=г(֜qWGNߺK\2M*iVs#U>Ӱ_}3EG՟ C@H燾N=lN1XQD1p e8ˉ 辬U6d3WBf!,wyk&rOZ2~2VF❑kEqލ;[O)snL2O~_[*~`qAB-$t$BǗM(j{Uɬ. 91#M`O>zHwgrB#{ 'w]7cӥjQ UY攝&i$6>4iʏJ;n8_F,4I4"xT#'Ԧoŏm2$h+Hw'nE˒a;^dI(t+5jY>ٷLbOT4J3HՈRQ #b:hCwn?[qJ,%2!†䔆ݯ Փ)gң#S䜃EBLk#/RƧ]R-J`_IJEe@oI{Uڃ0Zvz62-\Y@'q;:b3O{o˦`쯤ټG^F\P"yRGOy(8$ fVJD|_>k9FPJlXs?G-:T?.VE< >-BYVZSi`{WRلE-Rq얰kHܝ=;{:AO `DsoWB{r̽es=x&R3.$,(UjX5ۍ3.Lp!DJ0%][t{&ڧofc. PWwfpe f)5ZƘaQf$QQ+چoОVNNNj]G";ZMd",Ul@Z# ;:,ѵY$i?__VOϤ\x\ :.q/иODDעTD5cHwBr./J}ݴbXmDjnQkXvoʗ9몥.4J_j|QQ~>ٞh>'ݴ?V8\aK|- س 4ظ"5/ ڄb*E"1@E"XqI)X`to(\:Æ~V)PXIUEX ",9Q,M'y64LJ?6XՁ]VV_z !=y%ܵZ:$wj5\a,g"mcu4#2{ΗËh^vf.'+j 糱E<]vycx][9Iٖ[a`sCuspzv~4(o)(Zz┭UB\ r'od?pfkS^9=E <p8wНn޳ &YonR,OR93~ϝόBtatOEu] ڸ͇pl{ :/ (;Nў#7ab\㥵vu]?4vk]6HvY̰'HS=S(h9;=fosүmHniy]+ՔP s J]ppS1!aWexj[TDy?#&q)xDI k|eйC>秩V̓`9;Jݟ]N,_^ |cԿ|(;ȊlY 壶R%6C S 1`yoU >0_^q4mt~Ĉ~h֟րVZDZ+4c''$U#p7 DL.sW212:%BMR@,@HLӡj&P{͞WgߧJ#=Jeg[VHg{cp~%Wj*zXEF8-HF9.UR^O#Vo3PqֱezQ#'&9)[jWSsz4H"ֵ[RΫ_5?3Y+OZ0kWr 6}G/e֐ӷ-ۯae&lURIܩ~V)9Y$l,U;u(5 /wA.\)G& [? #Zٍ-y'b1*g ZSfW:Uo,B?)Yes37|^]K´F%DF; 8߮q'S[S=!+n [2 ^:QbhC{-83`:,¶ fNۈ!oaRA9x13Ax*S>Ewoퟆ#D38D@0Cqՙ3e(kEk!INm;:|k~7^H:(ATUX H(H2-fljaB,BzϥCLPY1ڥݔХ]6EYhjJصJ0[r톍6K9q0U%9wtd˸2SI.S˛ڂawƱ hXzV=7^5aEry_/oBh̢2e ٧I#!QA[\\06!4ٯ5rVS<(IRuC#+OL(ŝvA-{N<te°ꟜF>- 7wnF:s۞I|,AH/S#Ʈ.D zRw //֤4Z]Nϓoߕg{3|&$e]ɏ{7̱/= -x7]7m[LÎX[h(,"3%QABv qs3V%,K4J%TSײd;ei[ح%x8;4*rMFn.(F1b>QEsFkMꞼs_wDLΖy;\c?l`.d I=Xof7oCÕ_2|Su( %-z0Ǘ/[(MSQa5x5Sc:,Aa#l Ǎfft9-T].l|43e=v 3x"M+_'O7*£]0tS@(%w[?>LP"G,/jo+I(̦9M?FKhd%K8}*r; 9eVdS:Ԛ^~OœEEh' $Fz&{hrigɋy&j5 a <D@4qgdS'f!qp:uDcFe4; aBJ!$5$8q5|Mb*pωlLIw`Qi@sz8SǓҾv{P{TE[WG&w}੐:oZ 97OFyOM?ݿNnb ^[=䞶mzbrsq#uT-+ r67KßkwEB]< MĂH!~KAKsJ lkc*q5w3|禉j7ýtЦخ|9L{r k~ř-z{O: lUbah8]ص{:|_qqq6~Tu ҃2bs Z"#4bzHUAHIT*LԴV[[Ÿa(Ѫ0/KJ!۪.{9i6qPX "" =*m^nEpN eTe̤_М`O!evS2K=Eu=˳x~Y]{;A&r ;9g_[G>4O?}ħFa"K@S|w5,)kb,$ ͢JGI"9$:O s퇒 -LZ5]s3cYACv 9sq䚃2_.~(5T \14>yULė\SF cmUwڦxzH!%@^tW =FA"JEBV#;8gSՃa*!rܫ'M?,HdX^ݮE/l?1O=Lwך=a{Z j Ve$A RH#J< ~nߨ)re'9^zo<5cI|R^{vZy^b <.^wt.9҂^G7b6sLli{!;,76G ;A+{[T/ B;%}jն)|Xtl3ӹ]${S}Yz1|OuA 6iя:okfL\b53v0Өy=ųmb ("o)$ aRPE"kX93')Z<\AbZ9H̐h@"l A9LX:Z]6Nzphqى}Z6N Bv\4o011U']b KӭkVQHcQ+Ʀ)m#XS+YVDâI 3u/TrSr|otba,Jry+,ܱC<氲]wAJ7.^ftv6"(nR1@3ДBAiD>1<*x0Yܵ(oߒ>L%|򙫱%Z|F%0"&ں m \Sltu< #ߓ[ۼ8%]S pIp"gWjȓnDѴ&!A !P5]7 MYwPo™;lwhϑ VY)\]W׹'TTPIJR$C} K1ٿEF ^CJpBwx5`&VjҞ\E=y˯\,qۙ&<(mG_v/H\sK!A4a t6WDHBMZ #$Ӌ?GULC@`WGGx,]FQ'.$m|,bD ˎIۺFhQ5ƬFkK^JI1@ygJs"x(psMFR Ti$76`dRqb4Uzo^ B"R&vTȝ6%$ I"# bk6.}SR:*ȉ9Kz 2 p?p۰f1k>>'nY?<""!!ߟ'RV@ *QRAF95RnX~E$ߴv{Ywێs8p8 yK5Lխ_-zF(J*0Tie\=;G 8gUi-QUmx&ѥ5NqjHIi9j%™䝄>73_ݺ *b;kx)vP.^2/uM&N'#e^: hʉ K+A˴ {F1wjXpQO{zZ9GHK f{;)*МV[؄TH+Kd}/"AQ%w zt46n?ۈN5EGiJI%Pe<ޑOG[Vw^dd .)h+d3txmM<`i[5b4 |#Ƴ$\K N+lhYğ{&q(jBTӢuHQ}yYku:c@4;x|uyk0lΡhrY_vu{Ͳ)znfM(9`8si6QWI)(LF*pͭXD}J*Gxk**Sあ̭ Hfremcrku "+XFbnvƉu{1dUO$f*aj5 YȗwICRV; $D2,8a-{:c7(-`1aEuń54qOӎw?kG6=;/&ٜL6'١K IŜ)PB^)&$ X~ ѝ'1$żql40xBo"Rح+ldaYNq(ᡥgjhRNTrP=OێLy;Xkc<ó 9^ `}hp$LIF42pce0ӼIQIiEX(ĸZH .oz\Wa2( 괙5ؑY|3b΃''Ms|m$֧QTm"N5ɽ~qPqxᢊj/A3|kh=:WzŚʃ?\ n1,!K@yZg4ԭ;`×Ŷ|N&+f~{ގB 4qi/Br{Sr'UWmDf^?USɠ]Q%2\*3iROLJ_-JF羜䘐ggOgKj^l`Y"N6NA)؇E<ⴻeC*lΰh PX[O6_(=ѝ-&? :2{hq|\Tvs: ?w]>8Kc-$zj!KS5G9zk'C24NsӹeQD~ϟlWwzU%7\T >C-]mmuvxN̥,If!T)A2;g2=iX A1zz~ibS'Ys0lrR7VϤD)R/c[ h;c Uʂe?Jbw)ZQ7㓲h4߶2f_x/,f=6T.l ~|OdJСrT0F3l#[]KMf'Y5V* x8rJ Q[ZZ]p[Zpm.b\$psU3瓲CA),f3 **}' Ape x9HpX$Hx5$ٲ@H~O#SO/Z3~ .5_"JCgTmIP$4Ex|C[(%EO'o$ڟ9Ē $\]: Gn?E5D㸇SM #a3N+pTq.IaNE *2ЯzNrfIx+y.1yRDencEXȣiCVljNtˎwcO-ym!;OݍU&\??xiq;CeS>x:~?}u^j Ůa Jzͣi%6{ǎ.ҍ9ȅQϮw:x㔿W$/=Ywyot&^_ţ lY,l(PVץ5)3Ap(  @,hʢ dc+PbE;.WTƯPixL n&AE9|=%Oy 5'f k ؎YLDtux9DE_hHwN8vn )_[/&#6tSt<{oE4ulA}v{ZvJhn{4^}[NPӽ:\3lR3MaJi!g"hr HΝ[zhq@` "BڵYUO?OtoS \BRA)&ȰR(E ,k-y,vӁ4$F*`Ûvm0߾tMrBEܽo:qCX&8 |z=!u: cf_rl4AC .c,6b* n8m̈c j` 왖fR7~i* 96sĆf \eX FX)lti" æ FCwJ۱~{B+䶢b)ѨSe9Pd@0-.g NJ)ZmL2;8f [0]$XBXZɭ2;*V#3*lW5ʛrqbe•S "ȈPx0ddCZޟ./sv5_EmGw`*A```u &[ecaʒaԜ}Ӭp`jR#GûF r{'D3~t(N67j5,_ĎuwYz-_#Xr $A#/pB c&'t<;;EҢ&XKO$.%-#^~B9PI>Xf08+ {u&d#ALJ;{:zZf+ J!G geUAYe܄]UCZiCXylֱޯн2AnLFDD7qf$ApomEڦ7ESjq+Zc\l--XbacFAݩ=[n@ qF!i7 j(3ρV=eq1[PZU@BboH5ؽVYjFN a3EkԚBud(C9~I8cBf^Nv6~ƵfJɅ^5EJ0hc{ * M>PdI1QfŖv6ԓ%XCMo1@a9+w[?1LG&vu4 mNݱroT/s/w+_CÊr졉ŋ8wOj'y:dL|3 BH`75/ɾD< ͭ+!9sC@XAdAEYb DdJ2@,,Yb,R,XE<L's +"QJ$XpmUEdm* "B!keeEn,7`"#;!( D(4th0F((` %uE"r遾Lj8CH* d\`cFE%2i*2OOvA`kC#Ä72 -E&&I޻< b bB)Hn¤X#XEAjV(,,LH «XbϋMY,ewL7AlkҹE ;װRV&ܬs#M,XRG415aGfJLhlĹJ`L֌aXJbDEYEj 1XHX`ȑCBfϖ ;@!= dԄ/aoCJGάTS|#"4100@4@"4a=}RԐg󓗸,yzq*BCF Oj?}&c_hL> =ko*9HT>{;<[1jRH5O]P窩tc~^@k=!cǖ=0H9ɮyyV#j*a-$ Vˎ_cTK3pEqieOvRP0TE)jK:ÖWs{|֧mU:y:נF]XjwXF 5";֪ݗ E k!Rz9^cŪXێ }qvoNJW6[OS2mͩi{%FIb9`j.`fUQ̫d)'NZz$+ yBXSaS͖d֡r팛d@*XJ6lj+Z4IҺ207e@\c垶y<'[^[<5 X.kzT1{9jp#I4`WG&b8Ith~k]gRG;z#+!ֵIpX@'$ 값Y'$1ɥ*K%o+3G _~sy7@ŸAȘ1&PHT>Ph ׷H@ IU|Z!B)AQ!Znpkx-xm~,ea_]F}`uM[&D66PO, A};`I'ѡ1X&9qRb&{-UzyOMs[a}}Q<|uC&dm1?mG"Hrf,*H5I+t$_lhsKS7qs 5Y,&wFRII!B{% df$ J ȸ{7]ogW4P'eC6"YbCJI @d $K6( & %!J.d?'\WZѓN5;_3|\'u< ydѧmؒ8|Ɲ&B$H:{4 4چyv2Hiʔ$2̖|Z#vϱVgC`iݶbSK4ΖGk ~bzqV+dtx01$D$g]KāU$&Q {pϷ0 B}}LϦYgTBO 2# ASN ["DpZE?s3X wO/qQ+TU\OQx7᳟+!H$l=$!1BH @>UWLL*+sm]|q'oc7wv>)?G)k%B0U!$E$ !$ٮ8Rgw=ߩǡ~ƚ:MUնH "Yf@g$2gt:%VnefEI,8nw>!`O<=|uQB@,hU@<\T0wo/8H ܄!A-]!+{ۥAY# w$ 4FI?a 밒bI 5B.ZŦ_}>{V2{Q ci%$ni HI>) XBn D1HRULrBw0tg<(W {bA*y4Wyy,v-YojD;ժɮ@QÀ=3R ?Ȋ%..25$wZ )SjEo"5쌖bJ;*k][5 }U6RԃT^.^f*NQ^5,(*_у 9*!Pu( ':j WeAn2)z$ zP`[U=xa=EP"$!JӥIkB{;;liWNhi&к+gLS: |=GEqwݴCb; n@ 2Jq(9Sߓ 'i6f)M!w_)Io8!opV JF!,N q sE- ci%XZjԔJ-gewc/j,gVVCgN%Qgե"q-|"6wWVSu3*y϶f^C.Nb/"&q{϶N%BN䝲 ~r|dCkJ ! (lk8ςC †2TӘeMɩŪ lZxkp&oe&BeE>{ؘHC;ruFOS6} 2 (|=k1Tf{8m\bQQEU>]汱4m48JeXuBzjHji[@D( 2'eUN V!ee }7x^嵛i-ccg-ӐJ㋹[I:sc-\72ԵTni ]46XƯp}qUs Mu;S/1b""ri%y:c^ޘռ(bdC- @X5Wz:;f}Y!Y]dKI+_]7]L0$ެ:)q(ȘK [9(s8 ,:jN++c,C=?ڨMpd>qۭ@*AX_;lu=i"-\!JtG[9L6@#.M#,)KZNdpEHyr(/8~ٜշ|#{9s6(C ~(y#@H 2'_v[z5;C f0Y#}Ky ^t Nb9Subzh1h#ӵ-Q#e(\XDעej:DMpe!撇qaML,Z+1py x*%#RSxȯuqZY et-pA`=j Kg-W/J2 Ecז 9 4g0+m_})ZGdcAgTISpzZq1E6qX毯Mv>tmY.[k;Ew;Pwu 1z2"GY})KhKD1 ŀ(:l6Kw6cΜs2hBaj~˿Ii>zȒ8?pk{"j[빋aVdcCclA*b Pnx:'?j/9OV}W+ė664@9 `;a#-I*-r^GC@+|޳aOZjGvE  AZO *JuF@aY׾| R3kAyI#E vT$Q[dYB;w̆CSb-WsV "tVgw6U+KŁ"65x>~ d3@ #@!.{xa-ݘ=ZI@"^ HXec؉a)C$~ը N$ B6tT UX9;*'=kם}o[;=:\{I$Bi ?<_J8=:n#.F$@$ !=B@{kATdM $#Ӗ&3d>}].m2pZSM4,R\5U!$H,dRH@@0`vD&wj9*_?~ƷvTHC'4%$1@FHO$d\ v2hIvKXO\[ZFjG0j;PX B|$@N BL DubZEӚ\6RP[e+B|;5+_“hj]^AU2dҲCI RB `?Ed}MQ'ץ } 6{Q^e,PA,RHyYUbH2 # 0rke Us#OC2YFOܞ~ BkvuY| O8HAdQX7OuL_}{̺[*ͫCN=|+H(B*ku{ϕۭxRm ub1R!n 뎤A3Ș )L%j4 #!"f0h\XH1 &**"l|Ӿs]=vC?6ZM P$:/b}0".F6Qa{=S(TXH @' `u) $$=&8s3Px[C>q9W|[Q!XE/d?B#py%3~I]ڿŒ#K3<<,<) sדٺoGC|jB U>olz:I,T6/[ƟVskbfaVR-!RnOG1dq{XyE8͡'.}u/r!X8Q#Ղ2c;iBHH#UmUYR#w3'﹨{V|陎6B!T7HL1~.q "\}9TϿa؇w06t|k_W'ϒPjƮ~H,GL'#2ӭ?նjq%/Yۓ>$ȥ9MKWj2 c(bٖ۬P[gG/D\[X~ӟg:ج$E%-mNgŽ| إ*QtD@ B >ߌ}*U7KUm65Zdb5=>[8l]ԲkRO:`(:Ml$)*W::;;02׊XTHtXsj/ra[XW}m{[܇Y )u_{ߍI"!@M*#5Ģ4~ >u'̾XeOU̴;'1wCtRv9YmБRYm"~I[d/e4K2lji!桌݅M2"fc`d2ybHTHjsY;3v)T">XcCox_ shk*<0oĽHW|j+0@iR1! Ot5/ |Mpm/+O}@lJc#:>?{zGY(L$|ea j2s0HUt@CwMHH{w}:p^M&/M$U@1+_#5۵(D?u')_AAIO-S)N% ,di eIu< vv7`|NI¹z>ރEvoiqWγ=:wJWqNf;0lLqAeG@D) "*_Wgr/.;LE"qo͐T܌}㘷79}#-5̅,%$PJrާ3Y>{VOF=C7t{JE}~5AH# wt-GcFK[-S@))$鯥$kdE-5zWyQY1eL-?d&DHbW/r6ZGX5&,IA=UL(_UKB:|aR*Ow_fD20;]aUR 781$'*%_ɷIi=͎MuW^,2Fp/;gp";`I$H|}SD-z: >NޭA|CTN2Wl1 d53їz7O?Қ=+ԊT+w1.٥=0ʟV]ݟ xbeVS:e- s'y5uriKP3S&2k)rp<}(j" K T:=DAH$*M>ȑ!;N\ 5 Y;Ǿ?8bn3)s$ܡvT+ 8ܥx!R _92]Zvq%\څt|bcYEb9(~FG.@EMnYxMzF7fgPug}PB)n2 n % 6t:s|{*s(~W9YhPϠ`j"/[_켾|n(릭X8ԢDGbvv 0F]*aMeU"u@8;ImBSxe$# !D?D`C('=O|+ul`S*Ȥ j52EJIl[tQl D4 r+Ieh54A`w?@ӂ"EJ:2E! |lVZb̦;OO=_ynAq6S̝yiT%餩d~sdmjૠ^D/*TIwir;J&4_1Rs HlS+Ϩ:7z$ڃ]< w} `>J1g6rʅakH*BV~@ jƾ]kJvz ptϾnoj؞ r u"`ͪ7׷S( ,ư}İfԐQU``BYD ]`/0 Ygj*]tgv&zɡU L̽E%H:b^߲}:%Р@!"G&捬 I8y‰]^b8չ#mؘ܎ ;B?bN<UBNkSAs3J{LU=@~SQ\V~rt\s,g2eO5hH3O.JW!䜁:H+Ih'@J|U90an0ub*K`D@B9 hVTy@O$A #OPX!F4՗(k_kZKIl;6yVMmOGZh`Peda(abE \УSgy&I@(uqˏp*7zE0b:V*@t&F|䕙s OzsO[9S9L:7,cṣAML! C|+n=s+rQ*H{DTЍXuKd@k'+_5hA9$SӞo^pi% . f#N<A)D-z,&cdrXV|'@)WVQ$Ė= #[W V!(,bVL [N'4`gprջAίNw# I= DVEGV(@DBlB|?oyƇsskB(.îa$oؿɆ$OhhP Yā=Q|!ij^bU " R@XD#$ "0P` * *{q  A#F b A3R`E$HRD@XXX" ,FPD ""A(0$"(I PV *X  QH$TXRD( (#"X PD,TAE,U*$@XAH,UDH #H"""QDTYA1(*Ub*ED\F~ vތ@hEI@`EX Y"ET*F"@AFA 0@b(bXT" DX(A@YXY.G A}d!_cgc`E" dFH0 B("$?gB ʼn׍>A@`Db"*bX*# DQF( "#dd,F R$"Eb )"X"1"AE" " ,#"$DF b)"(PA"0X1QbF1UDQ b+" UX1UbV's\A@'*1F"&UUEd,U0QV0`DIiP@EQ@PAUJŒF 1+A APR(UEmt3ONL@ ! O~7mf(f}s50e2%<ŭc0!Q|Ή I5HHR@UmrRzXpPd q!2()P_Jz ?iPn󔈣|h.ж H7HIp\ykeR;o.}F+#]'ێ!V~FiD HCI$O$?1$$qywt_Pb>!(w{Y5V'1<^ THy CRVBDayK:j)X'ɓSWZ. >&rI,% UH"E!cZ2VW#plޯV$Őd"=ݲ@Obth ~i|1 }JCTLH2H ? e*%{>]RT|c忏/ɻ[9<41^Q:UFɆ`=w~O5}BO;BP&vtS =S}o{tK=}McN#=5$オ1T!% #$:HYλN _n5y) <;$.`MI8=@6Ws ?]~ϓL3CgA 4 ?a$݅Ns`/dKj\C!j_'WU4jl(B7w:8%f=C3͹.۶I"H#@tNQ jO(\v6@G?}$y'b~iAT#=p*БL$(xCɿ]˿fJ;1' @F.YqiTysjR 4b_Eʌ]l'8t\fY$z} ~uzPo=<~ 3=021%3˥Ke"eUN=gSw\>Z s-/DW'Be&P !j2{)(bas/g v#jRD |xE)َt] 5.AdDDEvCIXc4stxxU>&(T=2.:g`Ğd#?X{6`vּwg:dOMW}c(YFSN+Rt̬I.Fa/F>F0rq h7V"Jy:-}+˛6B#7͞p#@DIG ń0@"E _Mbiw/xyJ ?8!oC=긥LN2mhBIx0s^d)'h&ux\*G c"c"@KdF!L A(6>#XRPj^=kN)Hj.kddqt2[ԄlS9e[" !0~J?섕1#NID(5weSCh iQ[*k6`3 Q(|/YTC8;UU745UxFngQ`g 2lS+)88wVTm)8e'*GJ0sIGK[*6`)q%K|ng0zŌIڷK;r|Kr'  WDB/K'W?7rE+S˜eV=ffj]&1Y<fur$_vRS5p z[94<#cjSPE%#Cv#i{R}\-W&0 Bpo:i[bD3i,=rY. 3btr6 f^ao=&Y4H.ckQM=ݥp7bO8&[UMd#SD>SGŊFyrן }n>XGa[JvR]m7O վm]|l̊S<;V+g%̼Z<i}?u:)~;$y\%9/='u2wtY>JiP+Ccy>2,gw{X*]?GvgRrɘ౩-^,> xx{6>νʯ~r#Jz[%bLgx`B=NٖFah&qĔ;M#5HHqehNWͼlԔN qV ܘM+iΚ@8)wv$:؀+Ӗldg5ð:}CQh i_zֶ6wxWE[hpܽLjH 5ݡ 'l>ud'd(gC 1U $H3f PmH!d E 0 Q`1 FI$#"bHF@F1cA "$1dc"2!$`ad## "+!+("TIȤX2$0D1 H#$Y`Ƞ5ǀ0B1B *#!IAAd @Y$I0$`=E`* dFH"DT"P",~ -$F `'Q˹6aaB!6Ȉgl?gѣ $H b0 *Abb b(DU!M$X0xw>mFDH"Ay*  ȤYxn]L@VH(HT A$ax1sojjğcOBt_N]6hK5\SZy[[bIݤR@}{(AG߁n9,+Ik`,eR:xނcwoL3>?5T`f D`HAdι/\&^|f2L >_~Ն~}qM9%?{`@ $JJĥ4){v~S|{f[$tOVI>} d(ǡ*F@ϐfwoGd\_1T]0U SƤD ?3!ςOC(Xw>b`eZR5T"; wd 7 $Hy?U!{ Zav1mjk@Azz̐0@HGc ▪ݎ'Ekxu} p W>UN3i#JUϠ~!Xn7`~"= 7)Cr{㭸Q#JőiҭBA70w v},׆6@cx6R'LC|,+o*a@0=ߘ2}:n#e>% LX)<Vqٷaş#u J;?쿂D|{OJ'K*1Z:OPS7W >3C5^kn)-RQ@t %j4t:OA8'GUJr' 5tKsv3#V!TO\PcH껅 7T/Raf9Zl9_{Z]uZK:P35wTV"iw[DoAC@v*5Є K5g!?ݝ+޻^ek g$}Nuʷ^U^cJ3Ml)N{&xD[E 64đcۙ-gߣ5OGm:WLDBAuNpjV8|~q)퓼 0^gX L{^q쭃?ۓmj=쌩q_%_,w,7"cAA|nmS\{.w;I7{\&DQ2QNRj0Z(@H$@OkZ>/E%k/w]-v|e B֎2T?''o)n&DF Y(w:%񑍗3xIb{8-v-oc`A+"C+{'?Y @wyJz'SZXl9Lqi2}"[?yk89Ư#37Z?v N;a`ime6 O0TM%bfo`{pћ_$_O}RV;NȯOЋq5P].9^YUr 31UhaD"c1#"f/"FmIe_үy?3/'ߞ#۫DKlCso~ږg웏%e;"ey>Q9)wn͹7^ykShCjB%F}.tR`(du<5&cMC|L-r5hB(/]w"4h4!b"=IAk .S| >Շj:I+ҋNO{({s˨#ny(&;kWKze2RHsڃqŢfIIA ,Z-pBH#F®fAR{LòFq-ZH;|6.Ao.º苦= 5=bYȧUM{|ɦI$OrzY<+ d/7d](S( ᎒!@.h0ˮeֻ$[uij] iY('A<21 V$Ϡ.R zKBD%+ ޳ǡAf/8ܽv`{q 2HRz*c{S5-7|z- J#{!iA.Xme 0S&@ypJ3U: 0?zQB!D?Ns)fT!4Ǽv^dɀ lF55_Fhh},w$zܞNbAd*1M2Au+)$(%#}!a@ 0\##!*~m=7/ףa=1xO zf}li@O!ѬL&M LA-)>rDzfte+ٲt蕝 ٙ vU,1~jq`:)9Nv(l7ieRjьLkSm\`g\lنvHMRV71c+EGro6J.a{l#uso ѧHIA+d1aVona/%Mh0CJɷ$jyREսYTN0:$7@3/D.vbq}A*+*)# kg-,A/cp/P`، bFDKUbFf&eI&Иa"h[CY҃r4ԉv& q1U" !yHBTnN1,C j]J20ȊRo0Ġe^gq[A[ ^l\)pΑY4+^SSl랦LN1paA8DAe%d  ;6֫擑rܒa;RCDB{$^N\Mj>7 'k{g٤G3#'Ȇ(j 9b 4t(q]ht]ht^]Rtɮ}.Sga^N0FNԪŘ^˦c=*(8 9:kfa YEM%ze 3(fM廑4H ˵ ȗ58Єs)0v ;6kVk2*(A 0wNAA&f&h4,>iWV;jftDm*C]B ֿɹfh@gLhR$~rE-hc"]fK.mXj͘~%<q1ȩG8a؋OhhVJ+T5\>M`9F1'y ё ɅwmEz B^{ JZ\Ds r]J9|K4kGid",1RX"$ΝgU/Q=qUf?vrhF@6'M)"UTtҏrfhX J8<c0gřOq>T3G?6X?eI՛?+e$Ђ74"Atd C8);݈*jX9H>MWk!njWf9"{ld5k~Tr#UiLIݜfo]c>gաӊuf54yi_գ֡3"tMr|:Cܖ4 jDU]XL:d'=tC^~\܁h=S&SSV5shjY?_-zW꠆xI,zRfP#B8A2L`q7㞶V;DYfJY Mj7簚r68𻳠 =+8ިvHD}RI"K%A5`{]y yl 4OIZU׻t^^.?-D3Hh@1ȰNDD9 ūzz+ovU/VFbHM_ BERJ,;b-qNˈyh3~`TJ= d>g>K 6 Q%|?ǿ0m ŲҺM~ ڨ{(B|$ +2׶tQ?Y3f%G1v԰Ka=Wݱ[Ԓ (gv{l; fsKe[ `E !1Z>PW9ߏMiW)BՐ"#WlZypLtSupWy0l2omojL ULA;-)ϯU^ijFLP;ThβH,"0;d C1AvoKG a_w`1 V (]:ţc~0IHw},\ߍ f],~A-T$+`dCpRE??̷bIX `"p NG+?X|ˋT!W¿>!~ Tf((H=SMIG0{E*غғ̪b [ԇg\zIQEwզ{fiWÿF7/ I$$ -R~3k2|uZok]%́Nτ Ԙ#;D9tl9Γ 8ɝ:^m7=*o{L9\P=G؃ _?CnɿH$BB1)6޴A#i n|'wrlJa7STQ%UݾxDZR%WAR(}1PUEٺ'+qZ؜mosEҮs5BT]6/g BS1-{+C`|JyFj*YŵpsyOWݦoƩVNo%0_p'ctLG jѵ`lS PwC}CVGT Z_Y5i_Jmo_x-gE! 5 "(%ܮW> V16wuwj&ym~QnT/M, !LR,@Ӣr]4~Q2|.}~s r1}_Wp*}\4#9vMī[)݃ɌC,#OkBFn ecj;czv4Z.&bĜL ӢΗ9jO5vv*zi Ǖ_RaLֵ.Nr[5p]T RǨ(0KB79t6QS}2tZk5@CΆV:;_QDZ= kn9:S 9Nh=cnsP0J,?v+ =r*Y\+r/,vYj_B9sBKȝ FuULłGS*K1\g{ (k 3Y /ŝ]_%u!ZFs.m_+G̑'Wx{?fUxMV cLg)g Э_f!$hL b!wΩ.JωV`I{~SOGRDziPt'it^jt>(o&+\g=y%PҔ\e坆+ :O5g7~yB%>er )4'r%g0ghj6*1QFӧ*c/mur?";^v%s8G>޺a#_uYxGk9|˜goJYö6! Ot(RX`$}p(q&GESsaQb{HY UwG@^Ovz!w3P35(kTl?y8x[9>gؔwlh_?hh2N @ 0:L%Tt6XH& Tc.o֏p?UlY>6 ߤ*xoY0";+XPDzn,=pYݖlw6Xo&`Sam̓3LT#pFRm8cz~= ֺs8@ @Rz*ɞՒQVnEj-Iz.'II:$ צ)JHFM+x$# }1QW&1^unfY"RZg8S|xeҊkw3^ e"I8hy0x[sP9S.-ƎM#̈Z_7_W!3?Kc4xI1o;Y #wbI̶roi/QpM^H0`,o\xthR`֋8`l͎ %LPe0 H(H)o;NG3c"n~ IA%EJTI8O4BADKWu2x=M09RSKd/?l7F+1w\:pR׼qE;3˷4i7O:=&LQ>qB'J(YkOV_K;OF7fQ ۧNfR"CJǸrʪ8 %6D^FJs4PWF%EIJ]{-=/qND|è.F}-4^E݁Ng |?cfN L\?޳0X?[BKNN=~'˜AaR}EM7 U` Nӫ^/8ݵ[4Р:D{=c+T*.P=Xt?O?<2sKNWEQPA`(dz4lHHv|!`l$P},'Wn'/.;T˘Q} "Dad^:g=OPȰc,suV~kh&'||kofc@ybr5G(Y` Ljhp~O cv3g3qcg}AiRdY$.Ƀyl[ͣ}'eTAw[qtUf rs5@RƴS;f4 #ecډ[pzFtIvWQfot{ ,yݖ69\Al7}~0֖$sЃ@[mj*b$ %2e TވaU9tGO:⾾U_{iGT^a)*fɖ$z3vlXcb+MXJ⣮@hiLZE 0=A "܎w@+c8w+)Wnk h N_ƣ^"L(ĂC 0cidcKի(WaEy9斅u"qqmJMكǟnb1؋oi` XpG"IU(3TwhY b)X>U#U" D @58pw{.;R/9 vy FEMe#SM%xJ-svȂިL(zdu( p7ğ;usy]vODdإ/-D9?ӪuXAH)fЫK;]l9#`7K1P5/ _v{]7+ko}Z5)G X@+a6N#l N=ˍڨYf}@J ^@@`>&Y.ru2&]A&Bo4גpJsuo 3YhmPOC,΂" S>x$N"Pi נ 3MlkbDZj}'j)tRtXMRޝJj}l#RBHI2964cE1%2/j.؞z3>kr}KvN?zv^uYΩ@ӚVC^Ƕ~QF 6Z|/ճg@eE<֛INcoeErOy޼\y"ZɗZ|ӵ|RZ{jXpd @Bi|}>IB(T,JYS%OxH'H6 |+3㞑W?אF8i ~In0 !c2=$w,k_Wc:PpH`3F쏕Q=v LiC}\H c`+ܺFͽF6i#9-#uwY1"&2F@"΅܊adJ%+&P5K0ፂ*.saRln/#E"& H[EPǏB@$)LGwˡ7K R`f.@H K,.DC}Q֕>{Mo}b_# N  8h ~㹧VПIgKaXD{P>CVohהc~F- 3uEQ5hQ'.ө~;L@0I/CU$59嘑FM#xF a0iϳ4hxyu,!W7 ˅(kX@m&j,3NP /ׅ6"t ǔ@uZ4Jl^ˢ(=3ܾqm't(mpaE:m`6y:ڨCNΆVaÈ %4^2f7h[ ̺c'KTDkwV{[MN1bژDUĨKFJd ^uj/}bagh-E OZdHY9 8- LG9U K!QXRB%j\HC Y9ژXw^z ʪD䛸}r˳t=Y^nRT9 bZԀ%uKER[it/zf8qG"hSC"5"Ű'"@anFtN 2Z OFJ30ocYoc7Q£_KE hg%3M;  cnյspXR0NZ{ک[7%+ujԚK[DLбX"ib׽hi cjXFn{prW'Snd S~S9.}3+N[]$Ʃ jmecpb&#qa(Eː\I\V,R%(3b{I9m/4WSԒ@E\[Yڶj.9 )l#Wh<%e`bP'BJIdN6|n"O$LT_ٛL T,wlh5~5rףG[?&vay.ޮ<#,j}4e{*TwСf"p,Uѧ6=G׉SYBGb];j|̢΁),͛u6,ZIss,m"Xf¿*nR6ޯwtC^''v-![VhZ 嵋>HBNZӆ-x.9VmF0X dkوs'u%ɥ=ľcVKLe=6B+9k8^>2\ˬF(|cȸOwk2g KSajL(\0(:!%Ic ʯi_Wi92|̱g "P7f9&>⚬I?x:ٖf:Y8WrL<^gK&&hyg3º;Zox('}1)~%̕eQ&60wċ dCXW yooⰘq_RSvv]t FA.|&-ޑ#k.'"?@ﻺd恢J/׋p1c+#). *SWiu]F =wmP3Rƴk40`_+|.;n!rF1E$P ,%@sTP@boNs|.j÷vz֥ۧtgu[N2rԶӵSIuPU vp)r8Umv?I9O\ʸA\n gߵgvދ'NoRX cSZ5_"a][ Z_`OΗ0i6y͜˨vثUĥVp ʵ7JMC1nu :Tk#BcrU&x"e'QńV#.븘Q ksJŴR0O/O:g^k`E@c˟֩0MgeXɠvQsiw -7w;;>l(lͳMk4H+!;eŲ]twO/3EusJҤ֪h̘8obν+oin}tE/_6h7LϪ ,r.=S;k\OS+7 ۊd˻ (iFY&'TP֏Z^+vҪzXVX%3 )Gu¦Y:צU;Ke\ LPzy-$.|rkSYϦӥ9=@< #K@5}ݴԸ(x(x-GFLjs"?F07%Ԥ5K `ZӢ[osaFg:=q1G[-,H4o$=oq'S`2JWCQWwwR7C)KWJRZzEwgp GbQ+|[p3vmoMx lDb#Fs 'XDaA@TYI3c F D`DyG%_B k\obJT-.Vڮie0+XU'Oŋ=JU$:X(NZAz46f}5_}^씹M7C36wVHC!Ȩ'iT :V.hwǰrݖLL*}Tj'08 r!dS[uxXYk5lUf6n%TT@V u<;,Yu{}g3~'f4 98f a $rըF,Jd%L9*tkٿ~(qj-W2,\jݧ׿lP J,q4y\R>ޛq}#To~i 5[-l7OKpIpbo*hm =aIꈛȥG5Z{\EWURuxOU NaUKxV">g/)T+9y;z.K}v:؉2G-rFNZ>J@PJ`?l>)x7l=fjG:!6w(SodKa*//;ӿLxꚔ居PGNcʥdd)g%ѱUTmz=#y>;(Rb8.DquGFT1'&:y~z^K]ƋE%(i4+X9 ,4"K';b/~Ks1= QPB*y4V2fnywYkG}rvFjۿܓ֌i(h7ܦڗ>UH=eK2qռO\k:tkk٫]JY[mBG yJ]mpTtH,gqd=FP–U`0EW<7C8DoB0)}>-TOyHlLPcl*]^6E{ݫ'O=ZҖ u,jD&UL! L=V(j.a}kZU/I,K:e83J l0IČ].LU>Gfn?lRȪ=6A* eDѵ;iI(TTg+m68p%ٟ-#cGFJ>/"!W6,k3Ƴ #^9#iw];CﳣFm7cS%G•>dQrj%7nbci°6'O:gN'UYJj򲵿Gou18= $9S?dm,9k? 庄~Q%a㛧eQoK60+^wtŭQ\" F1*9ʁ8$OrfCҭ-}s8!4lW=õ3YOS {{ՅVFZELeIg!/BLIg7~smhM":)j{b.J@+Q B3@YÙ`wJù [בWeQbMEpQFYcR&=KwH(ŲpM fh].i]὎#ɵc:Ȝ8Fv%:W<Fl1/``ڴ0PNob71N/mǩ{~%w}.`5/1ZRػ걡M Lr'% ؍%`AvgՋh5-bOE?BP҆4kE8Hr.]lX =WGgGq3i<ݾ|5z\Ϟh,ނ0ǃOJ^cO.—Ɗ4XOG4RzS9|$ s֔<%1$;hجn_̷e|OYt-KwZɝՍaV5G,HT~ p ,0Y:gMV:U.reV)!% }͊6g㣘4'$=h2L,XG<Sail؆]-&` >Ym+Vx>pz.Ff$'_?ϛyv#y#5il(HѲuRrϯàwUi ec+[Qj;N[p0y7=g/*T=EP) ymT,ѵTw:h+~'~zH)w7z* 6Ӗć 'P\&*<=LZȿy_lpc T ?(}1OVՋuJ@qFC Tۉ~Oq\9 ~¡eoS64ڪcopM:^Ve.B[P"Ct`%\cx-snԑ >Rh_2O߳Ccq:k5KS[i1cQR()h`~t֭a;o3?dM%ߏITw A7^Aa<Ku[N3Ih͍_1#xaS:|NIz|Ô3Z7paQUk?{oys2?{+za(,1w4) Mt=حN gP330U;FAELV;JZMUv73t2ʖ^x€Dc@;Ebx"$->u_#<B1ZM+|PQ ]cSd\Δ~\%/ZC] r;< A|iZHF/sT9wlwəc0QGBLG.- 5/ל72;#줬F hN<8iVoӭ ,Žx;$p/j>^W!ۢX? T#viF(aqטn aWm7== Cãs}Us/ 40fѿ)T&G{٫Dg:zO^.ixL\IUFa2BO BSqosfWD0;>Tҙքd5|;+w LuP3B$ߚ67XWTǪ*֔9tCF.A{Aإbc㽳jB_m D8APJLP\_py HS~J><(QrўV,jm[OWh#ѡ'd> G4ysP[xeT0I^m⟀hAŷ 5>4aśn`,U8)^drJ7Z@ϬxG?]mb/F-NZGEڿ;wzϙbD[ 덒=|Wsle d_#6x#03bk")[x}4ܹܭܟ ;3v+i%v lhRU@ѕA ȑwKlօf'ٚ6q:o՚T+L13Oh|N|X쥖B&8uJWd.Qa]x9_.m0Aef&u!E3AI7:_RRˌ?qL2r\˃^n.3 x.F\2ϵ5w^v%`gYREtejPT8-}:uOީ|0QNfC* btT^,E2;R%eXFy7 b D뙁-ַag:_O\ٕ\4(v/Z~&bb笥GXDA24ٜVŽTD Y0F fW*em^M~˚:l1%Fů_$eyS  W JK>?/x>9׭ݽݬÿ lNX'&BEfQ)B.9NAm @&v\"` ܲ߈<#|[JW]/ݍRO1gأ 5ˀق\dB9W(j\$!x2bA&[bT)SШl*caOR\ڽ{Vx?.AӵzZp]Xَ T5^4Hm:~֞9֍=Dz\[MXM,/:KXk-l92ñ{ƽx.;G7!}]e9O?fs`ϱЊ̨=ޅF0Nt9NˆbD&穲FĚ *l҈)KK.ORJg}('6xIEך).t$KD$~@` vY R#Rqf )ԭWX ,JkuVȮ5|Z²US:ڂ9 Wcm!aJq'$qS9\sWmP|!rqӱOȯ$]yoFв)OY*/ I)_ fLT9ފ^Ae-l^69/_IS Mu+#fb$(XCi Ȼ +|QWGO+w Lȳɉ.?3;ߎ0LF 4`#P;|fџk] eX6NНۻ¬ I&z;z[-c E=R@k'xgME1p!P3ȴGY! RzI Bv5}`sW4JA‡.MτqR5h$`^[QWQl]Sڲp{Xr2=[ ֏O6,ձع}$hv '-8:[?TYO-;˺KVolVa-LMFDpl?J$Pj֤.C<896"!tdXPP6 v4L]7kR?_G㷧p̗ ېf՞ڙ|w⿇+?g9<j%`k_P@Bʇ˴P<1)X|^cTɖujJU҅?֥OF0m 1קV]}mqx>?FOn){_񼩱,?[A@S[Zp,VUε(KK>w`ː~ѻi]rOGBUp]~[{u^5V$= 0XIUW ڮKl׈#:88_IփC46VVorUzV`䤙}M-Ɲ1*gSU׼YX5%1=}I4XP` s;PM(u֟~k캮5h6$-l4&',VkensWݬww>s*%+^˯HYܢHKQqӥYoK.ʧWw(1`>+)kuR+jN1./t[+x)l Kg;ybD 83D ʝ!]%\dP4 ŴK {mGYQ{lwis8$H]`ypL%ȩƈ/&$S^U9"O\㡾> Lw0m4Dqi"&Nh>!2G*dÐ\h0M$DS؉05^5Fʼ-$\GerE" {X{N?>4';6t!Nܭ #8gj`_̹_/|vu"qII3:~ f;$,vU< !ҔѝlT9b(&3Vcి- @~Gh9ɩpMW HGFw]{yXZ8Z+S]cTДeSd-}V+Fmb[Mf $˲|}1U>Z%%y%7)[F}K=:ًK= A7J8{FcZe;9Yy{]j=w㵵߄ZiRޞ޼zכ8oiVW3z^[؝Zݤ?M~E1ٚ?+عiGl>+ϝbJVRWjKY'x25(c`qc785wr-G? /ܣQpV?HM4=s^YN hɗm]4|Jj@eN[@GUJv UXxZK(8GWUY.c RRCS+uHƗު$i?9}Y|I~S[da槯ǡ[bD7Y"R_C_YǮtowy8?(M:ECdn8.&rF^1ڍr DD`9dB A:) 'o#@WljN=`WaE@0ڢ& r0_(%Ђ lVz+)ct@A )>J Òb-mEwSua3, YH iItmqA&z.y(5.fkl/PS:qRs>9W4$m蠡pRNE(`&.yd:0V7<.6Ni>Tp(NcЪL-Y{utu]1ݹPVQ$WQP{ʞ߳SpE4i:ݪx} jؕ5*@S\>fxqFn_?v*{B~*bިtbܩs7n~;k [gXMIOį@,/γj&tNyÌEu_P?t,Jo9;8V J/aBtǶNϴQDr"&Un35l]{glMN4Vm8isXlMO$(ZˬZ|!BBӦZ*'d usqmK)r;R>iJLNWc{93Ecv+E*s1pQ4{rnI 6Ny컘4К$ϡ]'̤wTje8}*WrwaD$%fw104?S%nXfi H25y$V'sFZ# J!0<8Gu|̍&gg-,H#YOt*+;.Lf$9ݱU42k\%yޢ2%Fp:啳J--2LU~]*+,\s?"]?¾^+i- ;8$MLz62?Y/OrX?f#ؒǙAEމQm~?>Y>̓jF֌_9Ե< tMs׵Px_N9:hn__(sg{ Tqˉ8uŠ]/S===ߋ3t_iFA2k\k6f#=,Idf<>//6Ni|rI˟z +QJrYinMQgF~FdU15G^;=ZN5s;ٳl,e\J8+4Zlz~"IMu3uHf"o)ޯX$C5zirz\ikQTDi߰oOuLS˴dVIUVXYHT-Sjllt\5zzY FMQƵT\OॄR@߇wyY%NBvAĕ/ݯ$J1OW. hS aD"QOel9qiRW)LG/8GqZk%!$trBbI G rtzN`/NwE~niĴOSMCcՕ5XT6岖U-e|ߐlg_{Ci$PKx,yێ,|WҖ,Pţ.ECa6#*ݎôMZՕq>zU{{'璝kM1T0lIF/QsZ+RmͩܤLaT`D†2 NBങw-ǜapB}ztڞ B3mIJv4"pi!ȷ{0[gC|Lhcn*WP q"xr'J1\:'$-!EGnjLYp?Qǒ^ (K6(E:/Fթ7UVaG@ypRn{oxDk t[.IE^No7ItqaJʵtUб&qlSXﱠ3?%Fv~ġkKTt<}|Y1ڠV^u?P/9GƂ sM Pޕ8h]o~7N9.͸!Gc"J'pxzvV^**[ K7c:6)Y[`*l{:%Q>[/ ϙFyP~ i^.^߇m3ޏUZe[ҏV[m^OK9Y8LHsB5NG3+f,Tْ8lvYv&c7ѰOsyE m 1뻅&ZGEǰ{BaBn(1Uxud"׋uRR@RRSO#)97鯱MnVXi2rSNLW+￷a6'|}ۭC\1 S ߥ_׺nt·kyL~Zßu֞]sjS1x YB`3$ܒ [$)9AFRJAun!LJb}v,F{3Vo )n̼{cb9\,54*rgQDP] Şvmq> z_\Ƭ뮦3>;DBT'wSIWlV&ml&b 5϶ѥt',+~F4nxVR8|{0^bU-+<$W1O-UEQ"õi&ɯ;os;s7Pg:\RD@,D/dAIoT9mB%T%D~U-& ̵nvo͙YZQCQLoj~~/Q3;G#!t(Csn3? (P,o<]? E}KW:~O~|ĺ҄[=Xx4Y"F"qFIB`qs9?d{Yr|޸s}k fQRJx *qe@b_g  Τ:l[13/oS3ssnkEB,CX +{&`R89ism9oHdɪmG- [%NJ/M(S[$$&n o!S4 ] qnbs|GkŒГ_X?WQjvv2z`f{ňF#LFgTԏ 52|4Aа 'zYx %\("цRȺTE$E]SN`Knn Ve^|9W2+G4Ln|UH N[#sc׆UwjN?yA`x ـC̀q~OُiF-MǾӍNژHi"r  jSM6ߵ}@"hJɥT(OeyI sÙ"]dNOM`+ܨaūwtԞIe  ZN+(]e+`Q $P(9[F$5 &y*?Ny7[.Jm~fK )TITR(W(Vۤeu HSV2%?HHeD(.QuuIκE[N O sbԺY Q_~F{gۛsKkM F WQ#2%J42h*̕!ۤ_9{- Bgk-TǻݿKtr~V$YAW)Y{j3& $C^dw^%5ĠEֵX6ŵ, JE&t8z/ j/Yf|!k7?yKW3J~3qor?}2<Se18$8Jy,)~ؓMX/x<5Jݥ-&Ӏ3 Zs~CִiYNSg)rcd;1oriKHӕj2/̐UrP%lfe&F |tԌzQ5mN-4\σq\>աq%ߑΪR8za@lSIOm^vKgP8r7Ӑy桊Wv[f lyJ{~r1bbXw@@`vrjdpg7Ь;ktbqz𞽡*zxi͓ =8g4-A'b9wg9޶yQd-|| Ffv ۿe!D훻t_ũN4^S)r+|CND#tl e3) S3*:b5vׯo{8P%G1wL_82Iˉy kvM* lp >8Zb>&=_7wD R_&{Z[CBߑ.6{!}!,j;hl2 k)ŗȿ%wegu D[d)fu+-*7xtI0‚,-ks0eXlU3j׵濭aR17?tuw?soUZ3zb0 %5vBx;Lg1"_R4EV.EBiUeVJq`;z4*[sh7rXc' eeEP+SQVjqJOJ7ߋۯ)tfl{r81XSqT*/fp3;n%V(mtc_8#mYS}^&`]w0ki XC,&y"jK^J}iOˋeW_MpV[e7*˸ڡu`bT &imhf ܲpOVA^u*<x4WLRS;5\k(sM-\xC (G8VNK}/'hx5]kSch R{[H_"k #.~.rOmi,=Nߥq:S\+[EybĦ !kjwsݭ|b"2 6l)`pSXc/iW. Ԏ eϞm'^TFm_}>ؗ|񂪊\ ،cs4<LݞJV.Pbu poZg3u7ST3t¡F uTkfϛwilbT ˶ƞ~`2/0J B*KY2ۯZ/騅S$(@(mlkm)I `ƷBf˲P_t%رvJJT:Fk^?89g)3حew%yu.'cjc/We} n@_\l ђ{@1[RßN2p \cmo|_bVl/q9sW p]U$Dkd |+fbكHHӝPv.oHK,SչcMSV얱KK楁CPC_wOQ,B"@׾Z6r^RR+jfZiB?]?gKs6WUqCYŞ؃f*HX21TDÛ6aA#& ܤ ^]|Ӗv 5mM$߳5Q#&:8TnT-O~;˅}L@ Wl$KXv}{2BS^ltTs[ϴ}64xq\:A"A2[N_r7sڦDBk^Kc:Z60r1R*&1\_ Xg:xȊҳtt!@9%&-sa:">6i[nk=m__6!bJ:t߯5>{IOv`ٓgњz25vx.r>( JpRTtû9 J5 v\kUrCYD ;5.i:H1_[ڥ)'Ě;T8{?MG*صb+SdF#1 6q:<$lv ZYmvvwyébḧ́JΗpҎFܹYlm`ߴW } $N'Prx~'SƷSC<w6dDW|Y?] gHbD%X5K9l)8vO(e)TzMbIiM$V?Ek}i K\h1Nv,{B{Zf=\t}M6fQuv\i߳WIOG(.O= X/>:obxn$ԝ  Pys{9.+?vӋI}.;rٲxBlf~ (vw^kts:\LmtvhrU#h_%KHInK[؟ߒhOOӭc?ŤF!eRM Ò@ҹ]ګᩌmKhF!,Yih38*ny *lJ"f-gG]5^Ui._}YyҵrQ*'59$ӦQq*Ŋ5glbJ= Ûx*NYܾKu]U QCVUTq [԰Ԋ %MIu+|tC@i-r} %UO8Pf<Նr*~"opV:8OA_77:zNBNBiU0`?Tfopk66La^.O׃tMw`0Pa=Jrٯ>yp4zοl7Qlll!i\S>OK iExLyR.>ZyX뜗}oߢkcۅUW/E@N)T}dchX_ў;(s7uN`!7ӪSY@R@!xfg ÀA6V)qh+*V=߸_-  BY "z?"]eoژ>m!0trWF}eH#xbh~HD?^&4!< Y䵏zw/c[+zxeei4 RH HN$_:=q{0(pTF!b"h RMqP_j_^HgmOg][&mUK"FO,+M6<=9ӈE: qŹyAC(b%6&(){_xiBZK/36wT=V/9˺g)͟4Ubڬw ERew?7[thiHCZtaM%T s(DckWVŹTXs|S 9%'l)%j?~9@btџ?_fcV\Šc[(VRNW ${?Ѡ^2\Dقu#ӭSK8g wѠ:#rICZӺxE*g)%Aҿg oapքnE~/!oc-4DY,!+9~Nv^=?ß@w[ g߿nJ=xߠu.2͸bhdD%My\q?.$1kUbìѡBxyXN?{1Y“g[5 qWȗ3=`s:sOޓܲ$~RNHP专@a"6G^<J3ٷ:?Ov>Bl:A΍ N=N {pp;+n.;/tS< [8  h0<0y0Sob@ Di3+R2Uy>2_א3<%^k]iyx+n,)g8.Z%.-?ye,108;5}ܼG.vL.^E($PEVr;B@Q/ގ[04A }#OfQ^0~'6&^kadk{|T,>n5 iHMW%{={{7?M`9s9ţbe~޾K~w4 "+^z-}+6BGOk=Gߙ eD [S$xi V d %>9ǍMʯK ݟgI=Aw8oWqxqR=pc0KK:@f đCDJ++s:Ie5|<Ҡv4(O3zJ/L6֣957OQH) jӓ=ͷQ`ߡ:!A|atxڕTQ|lDKh54quXqs׋>a#GHku:ݱ6hx?(xڵnQ| n7#11o)^vi*3һmAa>lsp^x+5a^:UʤWA0n E߼Y)RUT!KpzpaHSGW*F3ÞrD 2R,axO9TQp^Ӂ|B@!829 <sr|%5΄gөg$xzgDzGrB2FyP*Ʊݡɐn\7ݸ{z{u85;=νC%, ׈0_t>xx6Fsg +:+ŒDo }7ɣ_Ü")JxM,!g{kV_ =ͼLeJQw Wyg$fd!4AhʐlC}^bP9q z]f {F-Pz"Xbs@(h4NKNZh_W e\# @N3xf r! gAkɗ[5h-d، R|-'_ːգq: s"JGQ_'mP аQ{'BjB0Ft#r\ 7C0A(=V*((! t ^{FeЃ{ꮜNhG8"J}HQ& ;9yn=_HiЛ9CnH9?Z88`F4L'Ke\rȚu*;fE[$ B6Ѹ,j:SxSMJB :u)+;v7yƐS g~  A]윁p 'NS$vC7x|z!+C_3G.2.;zT 8Tc.ZE]7;3MH"/B^{R8" 9Μ_ig fUAHG3*aD.5 i@KkGooNt]T];J,AF/ @VIorUFn6n1#6x,ěH)0mJR(zZLSQGAZOmե+x7+{w ⿧Ak] QmifT Iv m1+17*ԫץ'Ӯ޳O*njB_E;ByLU!t/+B /E"=Ow)jSGk^| R`xCh43Np9[ar-]#ēȳNf^әLo-!vg`uHL;h0|W?KҲ$X^*Vpgv=M;DRIwehANZ0hΨf `$8NRP;I+]m=WaUP6h|9i'=J1B?ǵ`,iTn oC>SqFRH/LD7/RIp+@MsqQFM-Glv~5Ξ0+S< SHuNYm>OOAwϡ.0*T۶a2 ^c)VWgӥ3:X?ݡFsDiƇLȏ?Y }֛5Nԣҁa,}lM%lv3D_JWe?hy " G?)/Gpl8ʀI⦦KaӄhΥ^O&їenַb2gYD[d48Zo7R۳j U=玶8X\~<;7yE <6JMa'}};իEy[3˛nHbusH-ŧyvI= *[Q{Ҫ<{z&sf9R_$0朘i9)[Q(הU;>ng\'&t Dsā I򩎩נZBALD1(JҌӉ]rY\41rn>O.S{?eTFf 7h9mU ZfG/}9{jޭ:Ԃ3lZod Lk[&Rk^nI?F?|Q`#>|:Q"359Ea[Ǝ%03_W괲7\#sS uQ4>{sxn!}oDǕAD`?@DCE |\/"ǡ9ADZIZ3c갍ewtTȨNGoĬ0km/ѕpwb`3\Eb>ߡq(}~Wt,N ;٠]i;MͰ'Qʰ_q)n rSc=R,e4:~H9NygR{L[3oAmY 1w'e h\%}7l3,M)p 4[ϓqK@g=bkݚ"yl'aNdf'{w l'&h0n !>2t2JroQ&f8ص\HhG5~ VI ImS-A[Cܩ/"G%nXz187Kw N}\sU)pPݼ K6Iݤ_vQں4uiW6)aH$Syr^|mj{}}?sSR d [Jp$c:*ytbK)hnIO# .mf5gR<+y_Ҏъ41V<qS"']:Oh#v-HbZT[К^׿?Ǝ7"XE;;fڀqZʧ)]fhcSaO*:ڔgvۺ~̉CR-Ӆ˷ds!b3=2x,+RT{dҚ뿻S~7_AY\T\\kڜnd9;}b`4$< )-]1esG+MMzYŴ MRnr VTю9u[aEe5 gY7zc E?g/&SizF|R8\ͥS_̷Z"M4{FթV&Ǖ\)"gXNLcvKc]^- qI?++G5DI򩌁SەFK+ YPORw4N3p sNeMCeEwK k< CMbY )9u9$hle;vz.[jhag)+e--O^ϖA0r+BmU꺿8M d;YI(xK87Y+EW|N}w`w',U8FPs:9 >$ B!#ѯ. I!TU D0i/O{J_^&{$iH#)j{ղ]wtnC=l5.T ɫ/ Q*^DWgܹw^t?f3,ZB J_%od+;wqɩI؈=k$cxOVaebO3L.bQV˝Eb>3@fK];[b:29jg~ BV(0\L83vͼK}J3(m:W-_ևRbw,wUqXk߱gHƘ>],;7zovIl] 8[M(rta`9x)եޱWQ*yPFDs`0IUG <js)9Nsd7˫jS5tv^aWTӒ9TUQؽR2+>q]*ߴIŝ o>c[vZxqd*#O Z~oj%x*vWfڽ=kt]Omm89lbx=XXisԿBd<1 9SӞSVOj[eC#Eh濧ygwS-# PqoaX;H4|;ܷY'2oMQLn# js;~'pvx?/P'^j @U6ԕӝ!pSzr4؊η zz宰DOIõī;1LKgSeߥYK?0?PQq!ԋHSn:D $gG/IskZU@hlkXjA- SͿmݣ?2*Yhӂ{P C>t/I}ãsmѹrUYb+`ֵJ^rChqDh®t c)xv*r5ZF Ww򟳊v,0ejRvyI^TJ8F?R࿟Bca#wsşVǏL=s<$tO530\:#q 𞻴7^^یo(cMv3QO Eミ,pa'[^w]fIbsoZuMy+dA\8,eoSDj,s=~.({圹yL52ɑ"1%!(x Y'{=ڸ|"d}AVcۏ>oul= A!B$b0D!! ?P¬T_m%"DREdDDdQ$AH*aV 5O,E5lX0E`((X"#F1V$fRAU@MQZEDD Ŋ" V",2QHŴ*QFF!" FAT`(1ł1#bU@DE@A$ȣPAHAEZR5jX*dıc" UcȊ*5A *1` FYX.5PbAmTbPcQE` A0e;pPQiUt}F1 $EԥUQTTH<@)C 8:y~ۗ|X*4r^x>4mOeo_nw0} , -l| "e"HJ"\~wH6J(zn LS+cf+vE!7D-ۇej;DƳM*`Bp|ߥ1g4}.)Dy>fdx߁ȼ7w>IkDžg X!!S+\i `n. `~*Ҿ1&c"q--P[wya[5^)Rh4~6^&"JhVHj'v|.R,9>c} 5߆n!e%9gz%W0ش`D`D"Y,Oop+ wdB" EbK, %"/{f#ME,-/}Fo 5Qdz$mlςYzF#"&SjiihHοpV6QBma1:t6K׹{BH/H]iae<_a#w,×:pX{W1K/ 4 Q0$Y9 =a%|DA 18Vi 0W\O[JK/^ nLwW]9#IO!jјHcNFf-\s$cwq:2e j%}IbEU,^PSQ/Nǝ^&25*?C2O@6Xڨfa_ì;SLT|5,8: CcۨiB6mw\qYYQitRvIE\\A=[(FA'8Qz^W_eo?(^mHtהGA?),2$#ep3%,<b~{($6^ ӥ N lH@6x!5P!f'H %$64xt\>T̡ !W*&,!N=N&z?}uS f3e =̥rxln$SF*lDSMY`a t~^ϑ,dx'TN>>tXVQHе h'΋p0ler0R=Lc TuW^7,SFW _? E_a7f}(AN@.X@! BHU*`YX8{o{M+~P֭E}埔Itcۣ7O퐒>BQnuH.j=@awae3id)DլAxAXi}b҇38l # $:d*Ļjʡ!/Z1ٗ?q2} N#Fe1׆qt;saU)z 6NK:8s[0 >OAJu+TOuR |Iy+ƪIY}93UO 琸Wh8m!8PҨGN@.n\P>/@0˙wP@ z *t %LӀgjnPdUX[=:>(>ϗz4bj 6 NgSoMp?W_nlؘ˙RlRxy7WKQfʛyڋ>l߉dhIz2)wg1eۻOZ8xfl\3͋-* k9Wq le"xM#'%Qs2a:wY`b)+!,Rey5}dqK jb[x6˕z4e(A v5Sm+VOlnn[L҂f)%=L`G{Znl#2X7:qN sY>],tLwܡ3S3v)stm+R(@pP'}~=XŅt~j)̡?PJ=]6P7[D*3x2(lke-`"]flD_<ʸJj@~XʎJ MCH`$ JiL-5.6[f6 a޽z="l!hx*Л |U&s1 Ke"k0#p`[ QھB>#|>2\XJ:ygyQ1k#C_QXPϖU4y7|&ֹ-A' l~مƶzGGa,[3WO</g3y5iV@cZb"${x1\IBjb%*94/;˿ٶRtp)y ~ `?'c:'em _V}e-}+y5<.d:>؂J H)[8hd̖MIȯ!TIfQV2>>b5Y?-s9ڥ}gvaW ~5i0yF0kk$'ri%[7eSL"C@76up']QMe&&[δlj2[&Sjfߤ^ &K xK%whL,ɾIV]mMS!@7| <秴LȻ7Eb+ԩ>/-'4OD$xu'-N3׾N15fB4PHqb϶aYq 4ޚZ=_XQZ,k&'0rf-2 5:̴j Jȅ-F+E6;ҭŭlWfnU:TDiø٫Ce+u8E&7eU"5ueFC̶$jr㍰;q$7k%Mu.S6mf-ʵYlN&$߻m2Jod#?*-t\`z Vȍ>mut +pcx &PE4fK>wAV=[c3-{vurUQE:2~I{v%5:iI׮hG}ɴj2h.Wܟ̡d`[^5IS=vgrBo3W]eM?]N5x%f,r2~^$`.TwTN?rdB׼d:QAH?E}!F7$ !=zt˼^x= ǎ!waUT?W%/\Iwk6ž?,=FK[U?5J_k'0zASEix"?IDED0lؘI ^jfLQsWEm!el]蟖"&1@y*p:H51,vkdѴ?b:^ >NW<^a(lT;mR}1Ig9+ »,\lxN9SV̂N"ZkUv_>>Wc" tf;,v%h@&יcssVTPk+n6,!W~g?oʱd#>/Qg>:[hk0Z֬U$C3nsqO 2Omۂp J*l^]dfnϺNϡKdag#4c\ $8lL1J4FIܯEͩ"yx,T(:_yn(=Ke (};}޽V#Dus/{x3n,r/(FUsh‰[ViFv;HVuԢ:sDVVE1ipfP (ɼ`b/8H/R;^X#r !#$&S_ ëOAp|^zs݉OuLO΍ 3YR8IӠ -{|ExX@J јH3 &IS$yGXtx'ܬ7_(ꎗC4UVL*IO5>djc0"+ɘ+8Sm6+,`?O_Z$\{F.ߞ6yrkQ\nxk3iݳv1Ww/T~=o={aPx^@옔,R@!yĒ;׳z`{~iO2ϐ&}ֈP8dDHF0/~_\ U||M6?ۻ@{O{M~6By8/lirW$i"VPgue(%+N<@ߥy9֙> S?^:ϧlC=n̈́1|kM`^ȉ)g` mAju78K gIfOt,ьe?k﷮\CQm(.W3O_b*=jC͠.<,ɭw֞wzu yE*O_=~#l9JX]ĻEP`qNnk[IM.P5{])Ϟwq' a,.Gjl ]ICK6|5~pŲ&.aF5R#W -:DV *"~]ߑ32YRHĎemᓭ}K\0\8ker4q̬6zV}]+c!%~-Uܟ)`=gj!8kN6PgxFJ79ktwO#)i4M i5w3p@y ރnv9}0҄ё?_, (v䐇APX/(⯐w]AvI;|*XA]ro1ƴg07>5?6]H=-a'Y})KG~ƩГeeuG]vk÷MJxo%m:ϿU"(F~8@f!`AmjI</w*Ж;Zy)+9z 2l$hC/bC< b p)>% ߳fyklJ~u_[5nWwu[ wܼ,xLSX P?§ա S1E۶liOd4"wW:ƶ} ;ӑTh"0 uIUb989 !ۡ7@ )aZŢhU{KȐӘ"k{>;Ga? &CpB`\'QYXiNxg^㱽_ք!8^~r>Mh(m65'Su HѺ6 %E7p~>3H1{\Nq;?[w!J"HIΑ8hשJiPI>? }|ן_b̲S7Ud[YpӕRn>;{^A,1u֏nb>fb}+7>EGk̓h9x{*= ntw?LO[>3_/~X~Ӗ Hnz>oQUM`?߄[mM}4w*}_oyt]Und woKuz;?<_/ղߚ2FTUaoN/MqYfAQQFN4<-pY%y5^}|X L"SfX_6c?>ll~voocmƃή{szRw8#$KgXpM>]]MUl &$BC`#-`[wDJ~0d`"_Hd ֘װk`b ,@RG A^4 ś$=΢@`cpG& @)?R,Nꊈp]k)~!,(m~^mmnC I@ e JHkz~abIImm}!Of5޿][[IJ\ѷ:/5{=OmFYlq7T?Xgt3@R/)H}MA1'`|_u$j~' z^.X+b8*0d w*( Cy0w;?Ey2 =S>~/I浫7>f݇bɿm|&s噇m>KϏO\PQx՝wtmv6 r\/xWﲓo4,2HFAѴܭG%| W!KѭTJƛ2AߜÎ?|{ʎ/y9~Ü?/K(qVqí%~&?)7Š* 30Rr0AE UE ϫKc~?Kxom̦bͦFg+_6Gsw'rPʩF1uj'}]7/?RuOY"{nʧ@n9'DZ^~$Vb3o6ͫ_'*6 d@0i08OA?ý27a،04af \0@ Z`6 Z) Ek%bф_y^)5Z:PΉI='Lq\?u$lsn[VꠤܳcPja~tGH#*8|/ܦv9]r_}~1=V_qt;c{8M, p Y>{rj8N)#}yWZB!`@!0Ä"&QA0]&.l uf=`+d|g3TGk3R[}^?eDhz?}eg_Wr>o/ks䤰ӆ՚{ՙ;r]]i{mQVʒSzY?F侤NwaZ?sOtMcq2;O7;|)oWW-nzvKt=?:V[Qo^ɋyR^%1_Sk3,%ѩkEcm#.?۹o]}ĠMӔSBՎNu,?;S/L,_4;VzΩ?ORY}ʞ~Sh{΄W_!y/;KʘgP57OQa{Ώc 4~ve-{}y.}?wEMӼC85\_Z3-Y.:sC}S[ݦ2=Onqi?\ WWk"(Q+Ia>ab{d!פ)gx"IJ}_ZM6^o;^yt.=)QEE ذXdY /ͻy=12%.'G<}!ԽPdDE}nEKIKLs>Y ܞgyj?&Ou[kΞ{_/|oޖb\^ڟd3޶|:G4P kY=mMr%un{O_/z볙ڶl7jfg9PDF^AaLr_i BDۡll@46[]y@]=rKX@""0 11A$@#֫;9zR(2wS3Ŭ '8‘ 2QZ.ȁݶϐn Ҁ` Rp lP_f}Z /_m>?ghHС0 scNŇ7l4ҳg~w3*uN  =?VܲLX^9(E;C?}yHZn'A 3ȠwMrx\zx7h-!f"x4ȰV#9a8<s`UuaA>K(͛͗EA?Rk+8YYvL+[45CCm٣Q6V3՛%g-d-h/[H i8Z0\Aie5λk֥C,]+UP칥`AFǝ1G88W,7Pf$<*OgwP b+W+6O7{=Jdchæœ~V%3?L7|-6Cא7u  q!Ʋ&,g հŻtwj%8m,t`0S\>}w)f@9) iOx#2Ǚ>_uŞΧN({['/=u;=2\w{K,%ڳBpu'ӳxTUA 19]w~'raEqB?90 $I-$7/w ϹH-Ws\a8(zfwj%ŧ]Eppb:YAfv2ZJ:MmJEld\ }YQM3EM*30| K P^0/x 9+O-w3rJfn]B1kTk\{ꂜ+ s!$"[<t\rl]Qjrݦ=ۊPDc hTC” a7Q%q4BM`@X Ptq][ՍʘЖzH9#ͨ `-ԭ` _ՕmP+xY),7Z붕{^ E+ddf4fi3ZU GFlͤ@C 5aGe[zIJ2'+7 XZ!ËԳ,́ lsw[@>_؞GkH9CADEY ;ެS>~UK &WyI(nsNj{Ճ;3hhqk"1Gyvhk* -`\g9@\"VRwmjf>tNbw)eQaW> cR]̇NY-b?p 4DŽU12ZK[ 销׆+WWнT15*qE[%/3Th7DzVZ j>[! RlJ pCpjrM~l bn/e;ÌşV,5\g_qAr+m&r2m7oATɊ6H-nUas5X.8D 9g/ :j?>[,hg!Dc(uęYK!p~ mbH*FDũT೰3xG-j6311 %y:3熾aǽ.L~KfamH6 &< 6weȁBJ ^Y@ Q[e)9VgsQ l:r^8,׾^e *OUp5T8nBl-# ?2m3)t_:%CsBP9eeruֻSWdq|iY1/,roQZ6z? 1 Ic|lS")]Ck#qL&MEYYB]p fFqA{琠VmA+%cNjs7uZ+xrC4p?\e _F:.~_5.'-n[|`x}u牸]4YmY¡c:%maV?U?᷽radIn%Vۄxn/uQ8+;[/L}>l@*B+qkljop>@yy,.&DiFqjes`>󱦸|[=,S--MIYGɐk-Q|+[V{sPaV$+5`Kk-kMXZؒUh [;Nb*&:I^ъ%df qvZANck$Z٣I/+/kXL<_;./*-E% Bzj39NWސlwcGjYZӽ#xr-E,5V(,I3VӡKd-RNàXQ(30&7H:{LG~Xo{3uC]mP>V\}\P+Juxƍ,^ٿtismFϚ5%*FS|>X:fgtZe!Btn<>B!#[|9JkU A >+E4CG,s4iްFH]w*YCjeo-|9Ut A}U=lOt\%CX7񾷇M~6>_~\YoG1J.mJM ҤM7DqH6A։vB1]؊)?gu{ѭa@@8O;W&"o <7Vo(mJʹ*;(O/Tw-{YFz45YEw˜zRY[(@UC`CN-(J'hCc{))utX5ִwj.%R?--xF*~,IXN- ۄ9r[ 8[93Jբk$?SɷWFvL/&2|W,pN/8VB"xۣǚEϝ+MzHV-|޶)j#DUr㸘`*ؓ|o7ԾK\<ڴ:WWmG:#Jd~x ܀5+g(7% o]3qG=sÈILJĸ4 VYJhᣝ1N kL;_.M\$/whًY푴5Ьގz]le),%"Qw=g#EbRe֏ 袪M'0$Z _9E&3:6D=:xfg_IY3m +A,2{54I;mj_9ֱKVq:&U(Syq[&vR)P;Ռ\}{Eɪ[d߂'kQKn+։}s[X.(SΘ N9NXXaxzUJ|i)8_})J_ߔtlX(/I:p^f-Dw6Dh}#JeAYX*4-SVtVWKIBwt-O#T +]FĤDk3rd Y Wڷ޴cR~_&MK6,N++bq˞/I)JQ*A`zÓk8ڠ+3[ٻ]}x- G,U?oAE%/`LjۿM!DT ;gEYiĪi^[}%*qLp(gdDxBADt_Тk|9w}CHB)ʤYƉEy@H.N&yq'ɒrf|Id8!v*RKh] f'iYaRW3`ʲ@t q>=6Vvob'Ɋ*{W]ȣvupD`j+V,c hTEAVES1T尵ŀV BT ` Fs}>ű='׺43ݶ f3-Ky~ iߺ~Ϊ,05:MCs9R:^ǽiҼHim.?noיmypASb%Fy>a{_Cإ~B3G93}i;yKvgӌs@g:J7V w^oO*|߹: M[ܝ[c7}gnS9#y1=<w<.kJ7uo Cڢ~K{ j&yo:Ķ ?/*Wyv*C.t.-# ~n+V<>i5woI> {Q5bUŞ,S&&{}wk(q2LA8u|.{[Wo$!^%y1AY&SYJ'`,;;jf@Iݟ(@{ﷇӁNq2umSy6}-}=So`yxf@ecO7e%{ ML224 &4`1= 2L$2&i鉂dI4S 2d4O(ɣLM=P#Dz'6SiOSGe0&5E4 (A]!2 b?^-i=$bU~v,[$x s0jR 6// B#w_n]BMKS-թ(B^+zo딱ɳ :qn#!GPo"ey+Pi j˯-<Xw1c=0cx^P\tVசK0Xi1ȓV\xG)򥉭8\E8]̗|27s$h,TBkͷC_w歞N&CxRK?pA̳)ln5EE KN/$@x.6FT#n/=^^\s QZv*s,DXD0;$1kW\ů'F6$' WSt6dK{7byq4J ґdS韉-C |ܟp 8{ŽP(\^x&^cjx*NC_ 0;Z ˘ L{w#Bdzt݅r^xش=fY~BAaVLQ>Yl#y֑FA w'D0py[E$ DjGTcTľAw_~ao˸4Շ7ܣ\;d; @2!HA$D񮷮 ,"s 9!jݘoH&fOO>vAlqfa{ r=N'}%;}PUzUŒ2:8`!˿X `y5*e5\_I89T`EюcwiɅ5_ ǁ'[\% 0NV\ebǫ_jZzg_*Қ6m$Xd 4c9$r]Q lg $VR@(N,)0SXаχ jp"DhFLȖED"r7˩dХcwwj lE XI ` +pqb6H7_T LiΑ#A"ayxR k+geya*GFa\XFQ=er[ID)eggBH! BC ꬮK2B؋%* b\EjΨcX'tb)+1\f,H)hW~2ٵ >N׍u_1|QI&AgwHB;1)vuX>- \2֞mܮr,*Ar<@7 ۏ77犋-8sqzIݳ3͆V"R!Ees  $)=ΠF{31(T 1$TR)#=/]"C gQQ-K $& *./%cyX#r|N(f-DKt"l ڱ4q҄.DѹWjMj@<5xߋҶbiG c͆؃|:mU0f"xPZ+ b+*j.a4-&ƳBJI;B8B1[=U~W'hp_e]HD;+=N/Unwt)u\|^jo3Gj/j.e[1Pz5ڹvŤxW.c \uUj}C^!A@e@j*qyذl`a/+=(& QQ: .$ERqU9~mQ@Ȩ̠n㵞2[آv(Pvehgՠp socQ@m;JTPDK*ÊvPMEEԩQsQYśX/ـGj,A/AC_@\xspC{-;x_GNm ަfjAŋqBx6า:^"fb\zjئv3-m`8_8ׄ5?SuAiP0ӹ'.N1[@A1\ZqJTIX'tvaih^n]xTNhtHj9r I7h;dKd #t^ .5鯘M=*ôLw$v炬"w띀, %}~i HDDDiM&K=8Gqn=_> P` A]cŋ-zR` XE.[+1πqcU8Q TU 9 LH ($dPLFTw@=W;C5D& DTyX{ufDWHiY<1UmEm@Khwn RAA HcD hՀ 2 d.Pp2=;?QjliD7cB"f@!-VDb`wm^)GK73. HDDM/;OV*:O0:왶1<|V e l89@M7 pp %_AHoF̠DI<ƧP]%̥`** v,k!C 0 Bv"p0ﬢaE0!k,PyȊ&,PC5NJ bpPl*W8/E XDq.DXQjP9HՒ2 tnaH ^trDC̢o{nW:aH[1"lρ"HrdR%eoJ|=@lgo&AaT MCivpU9I7]>aW:"Pk(2^݅縻.w^"\ pv7pa5.bݵ11.~͘npSoŅ2Mڨ~fe]شYw't v:c퍛y N&4`A41bx]s9Yxݖ}>n<'WkA{>S(3w(E6JsՃzX5NNك:PF3 ev꙰ٛҕ?8<̰n>xoGv?'> jQBZU!Hx˘Rq\pGWiA4z l9;wH;~= ̉cZJ!*[I/M3T7j͆/qQjn,91Q6 z eb#j m-ǔon~lDc0t#L]u?ʱnXxiut;/I'0@$x iWI̩RWbmD` ,"$ 8J-ACA =6ER1_z*aQL(Lj"s`C?l-leh-*]8x(+g?B_XىC3_P< H(tq[^7ַ-QdBo:<q% AM|_aMT7Dɵ@=7D43qGWl:MXwD25C(4˙^ȸׯ.ip.~YRWy PY:)WjӾ7PXYdbo96ڶܯ3:_r 6{}b,vˮ o;0Q=WK".ƒ["' x(MR*C6Y) 9(U6Quy/kQ1U *b)%ؚNfR[JwN"vnLt\Sdj-DERjzTP/Q?[IJ&Xn5eղ4*YS-.LwVN'2^r]7"o \sNRCB `u'H'ګǍ_y`w^W(f M@43f%R&Hfjgk]jL[;$X;V1(JC~ !&`kCb/Yscs6Q}c'*`Z1kwԸ|9% Rf VLBm*bRz)F W ~Ά&ɥ_o^ 33U\ܛ٠2]2AN[:&ғ0>*\42֫_eض75:km[Bؼ*q-;Bl ,/U" R%ηQ lfKÏq1KӹS)N`%ARBQ@tP{Tvn~ i]-&)ss#qS৲IrnC&!`r(V"5^ugrqb($`y}U~DNQx&6 )6h9h |B"T~!E*b-dկE2K|}GumBP)M5P+Pwhs! No൛)5$4u f3cRwQaI@.T۸._ 'S5$24o'|37E<hHLOVtlpUS zz%Ka^=k\inb^LHБӍ͝ |Ok5cQ3bWUDNi[%5XEsnɱl:,"x1!%`a6g3 \|&:MF=II\'"mL+%/^=fp4[ģ G\$WEj& \x*{J=j|FL ԛm:On8):fG>Ms $Mq\2!ro;fi%ƇK8g⚝uMf ) OO~U2YcLh‘b0]!^{FK قYaR >`3Qg3/I1Z殮JzK>smq(:6+zVQ:q\zUr HKO{R OVWD;_> ËAݸkilX}MG@Y]lk\zm" i^6_Lvȶ1w3Hn&%T@h¶\ŧK7+[:ѝ6<.R 4h!Ḻh^ȞAn1ϼ"ꢎ7CC@鲻LNR ~jF2uABb0ߘX⭫, Fg YN~!虴Nz7:W}+}Ύu?n=o jUD(}egsm+,Õ vo#NvCwPo D89@bqG{a;svgS.`=WWiL؏E߶B<9'1-{wshvef1>"E7ȷ"]g^Dln/!=iYxײ_*߆i)b U$Iw0c*0ItYlTN%k;nF gؒ&8,V}~1aP$$%WK*uuuDz;/F O6ʵvO!Z^̪AZU٣qC* C=ҿgtZ#Bo`9dѳqmfO-UUi`N人fvo6ZTH@qX)#M:ޟ/;/,{Lo}m"OmN|F ywh*N,;9&-S뙦|#Ts%( (}~RA kYq{r$ K|Bs!N HPW~.c"pF :o J&R rtJ-Z&55ps V]/)ri&a#wʁ?Pw77k 3SNjz7mWi:GP)TX(DdX  EEbP Ab"*Ƞ $0  H)RDaA`$,dAb,=; x _렞/ PDB꡹r9%!39EIAQ{N"DdDbH\H7(f7GuG+ԝ7 'Jacħ90ݮ UNW^%biWMp(fk ~F^B'DJ{qHb5З|rD8%M?sO򺎛VOWpLPdb][=&#n(.v oԦm"sQxׄQWNS2~wkІwzl ńJyRJcW8'%໫}O#7po㝊DǏIi?ڼb577n#'>}!-*}Z_,hpoe<[;,'#f?oʓkT3|h_zP\Lt{oy]A%1_0z\L-[+ _\>Q=Xw>.RvحI}^^b@̊Q*)EאH Ed"s76uc-o ;QI9+h+zֶ͑cSמ2U,:|o[&/m}o-F٫x 'y25LcW9LJ:fKI w%?olWW­;qN>a ٙ~G*t ^!o@!1@WXM#3z|vhzƈ6kV.3J)ˬfo3Dˠѻ'43`%_ =G r P9}"'F湖wHճh5z|4R?&t'W{crG0,~ ɂ[-'MOdeIQsH 1 YNj(N<y|GgڰƈQcwDkzTQQ}q.\ŵ0mӜ|lK>+ɯWdoۛȕ$/+t}tX! lmޟ inexԀdFbQ*.`ZxRYT$@ϾVY]WG<(M#| k@xbz9C-ZP)tz=}Rr bO/6ϭcSBdCF3Vt*IR~eT9ziuiDZbc>e-'v]k~ar(nR TQR,@FDaފe!eG'Gc3M9Aql  F+$PP:JDb$Uyp9m:ʬusmm49b=&Rx0ʱ;,^綦&D2 bBD] -#H# E j( XPUD`,qBC#uU\XbK Ws;j>o+;FRF4Z@s#)RJE@HXѐH\U4E))<ߚ9hx1j_} iɞȷatv[.. oIAΖ[0yj4 *6jÛE]E" *QSS jZw"v\o6An ʨdFEPnRWؽ3.ϲq _l'mT} Hdsj10D!&$Ɋ sVLX$D+Yk pK 9(=wu{vlHvr]D%$E 9_uvjPMkj4εDxQQ.`'~Q `ܛ)Ai/)ͮj7)`ˌ8A*P J3_nj$bd)!Q&~[T SDUE3^-wJgf䵅?-)d#}.q3ֲyswbng:hx*fIKN0)ls;\tZo9?_JV\tȓ/>g( I at{XX7"#ӗwLl<ߏ\EB5%` A DŽ6sm89$ :,S<IOWIJl0S,zd:6@3* Jޣ)ewJ2}bk<io~L'ZC6`0T,9N>D Z(UѢ94/`M+Q.Zq 4J7h֮r 0=@ab;6"(HSAMBA_4.19.9_GIT.404.38B26805D4150600.3.12SSSSSSSSSSSSSSSSu j E룐ujM@%=@u |$ RW_D$ D$ VW D$$EEt&D$ VPڵD$ u|WV E;_WPjj'WP>  VZYPP E= Eݷ.Qm,΂P87c>mtɶ YZ