ctdb-tests-4.11.14+git.313.d4e302805e1-lp152.3.31.2<>,\aĄ/=„xLwD[ ys4"|K)fnÇwbpG3~Jrs2b}! 1](l>qΠh[d75ն)^C"fXjc`ieRdח"9Edq4vJy MvhẌ*D,Օ]A(tފZ>Zs+U,w,%+3C26Њ+֞S,L:ߣGO#%hY/j.>>t?dd ) 6 Y    | H #  ׬D@x  40 00(C8L9:);FաGոHPIXY\,]^.0b5Ec5d6e6f6l6u6vB85wixty05z`Cctdb-tests4.11.14+git.313.d4e302805e1lp152.3.31.2CTDB clustered database test suiteTest suite for clustered database (CTDB).aĄobs-arm-6QopenSUSE Leap 15.2openSUSEGPL-3.0-or-laterhttp://bugs.opensuse.orgDevelopment/Toolshttps://www.samba.org/linuxarmv7hlxuuVe(0VDHHLDDeU@DeffVxV@8'@88V%u&whve8HDDHP j <LbvbJ  GL Ok~MN{{@Q K ; J X(D-??D-&F/Oi\a b,,0:uHbe E)JEtlbJ8*8HD!`i+qi9}QG_izd~|}g*"y?_e[,1B &|~{}^}^G}n<9So@o:oRS i3K#OZ.$'&J f6,=%% ./u {[JkEh=U=8 ?XD;sM-^z^%^GV> @ 0sZ3q-Rk x x  I  z?T&z1-meIj?V<}g%BIFlW>]k#<A2Fkk46G !Y+W w`<\MJeZ7iu1&)Q+KlFg^[\]M{y -Q?Q~$LCLzkZ!-t<&AAAAA큤A큤AAAAA큤A큤AA큤A큤AA큤큤AAAA큤A큤큤A큤A큤AA큤AA큤A큤A큤AAA큤A큤AA큤큤AA큤A큤A큤A큤A큤AA큤A큤A큤aăOaăSaăOaăOaăPaăPaăPaăPaăPaăPaăPaăPaăPaăPaăPaăPaăPaăPaăPaăQaăQaăQaăQaăQaăQaăQaăQaăQaăQaăQaăQaăRaăRaăRaăRaăRaăRaăRaăRaăRaăRaăSaăRaăRaăSaăSaăSaăSaăSaăSa{aĂaĂa6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6aĂa6aĂa6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6aĂaĂaĂa6aĂa6aĂa6a6aĂaĂa6a6aĂa6aĂa6a6a6aĂa6a6a6a6aĂaĂaĂa6a6aĂa6aĂa6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6aĂa6aĂa6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6aĂaĂa6a6aĂa6a6aĂa6aĂa6aĂa6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6aĂa6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6aĂa6a6a6a6a6a6a6a6a6a6a6a6aĂa6aĂa6aĂa6a6aĂa6a6auaua6aĂa6a6a6a6a6a6aĂa6a6aĂa6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6aĂa6a6aĂa6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6aĂa6aĂa6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6aĂa6aĂa6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6a6aĂa65103b5c1be40b06a58023fc0a029204c2706ac8aa0fd0ff8c6f731fddf932fdfb3a8d3d74e97699fdb8c93eb33d44d3235d9886227cc0daa3b425a9672527527d58136b3a07c81b85977bc89bbb3ecc2d1bad7bdb426ed946ce4f9fdbde75df2638a54824389d7368f77acbd88c799574d43ad6ed01d83a1048b44ef07a9055607c214a2ff19f9b14543896da00a0f10f75104ea8e4387640d293b738235c21d8f0d73308ddecd618e891e69c16ffe91ff004092f7db10cee946be2650872ed4f6e5803d897743ad23eaf102e586eb7f9988386c49ed074addfe983f7c5f5253f20f23db5b7c8208e03631b653bdd0978304db611c9f65ad3785d9bf5695270344cd86b59fc0be56ebe29029ea3d63ab886524e710b560b3ecfdf74af3e3b596cbf5dd87f1ae953981b0f8a34c2d12f0d24be79b6b1db15a68c2a9abc12b012c129f7b4b5705d914a28e57b86abe9b1570974946cc5de021b1ec04e0ad0251839169b0e86e2e9d3de960848a3cf056bffbaee409f0a3a8954638f6d11b48b8eb3e1be2995352bc353264f39e5ecaf4376db1ed2617133eda76ac96c2e86edd03fbbc49bc26d9cd6612ec5371caf130ecc4d1bd72b9039cf47176f35aebf52fd1bf3a48ab5dab7903dc6ecdce1861d31f2bf4c44421e0cf37a740c3b3666933bfac445d321302f53a4c9a889acaddf4ef820d5240a810c2b653a71b0995bcd751e679f5cff02008a7daa4c2551fea79a2809ba78df6cd93b0c378fe61753e2d1d53e459a0664ff3e1784fd65937bfc6f377533b4129f27afad18d20b6e4d09bf916f2534dec54cda671d96c35269fd54ef9b01e1ada0e9690d47811654d8b0f267396cb2e5fb0a27321d83249f65c57eb0a8d12ae4c34e013e020dc0984cc17da5105db1cccb7955aaf44f257d95a2d613de7a40a6e8b142825043a4cb518d8f6fbe9a1f18d6c7b16078a0906abfc1398d1804e7354bbaaaa8300f552ff855bc36569aa7a68752e672c31e82ffd395c16712c33ccc0b0cee0902c267d2efedd1d5c8f042bfdc0e1284b51d09d309e76e700fb0334354071b9aed4509a63b600ce86ee56643c2c86440af282226568e9f42dca67d2eb63fd8cd551a25a67df5035267370a1ab4aacc34576497545029c66a2a8c99e1f9d32d16e3b9715d74bf755e31de3f38ea07fd48203820ca95df26f8cf128003b19c5adce54ecb73264fda3de3c033b9e63cc49659bc2dd07044e4ef4c8cfe8631798a2b68558c950781d212a6fb22c03c85196d7234f36d8d43a5fa8bd4a0af5d5545f85bd6283e496743e97c0a6178a8442d524bd11d73429615a80e8d93391a49d0b1d88ad638d3d7d6fa9ca0d14a7eee612a346fdd9c542359299a275a413fc44100dd25f3eb8b896a94eb7a729b599e9712211a3472de7d2fea95f398ca00b09379d4c663bb33237b198810ed7f3a803ac05e515c26ba45c5c28571e5c35e807284f8e7d5c384a07f226bbb8b3e71467a36e9199b3b4227c8004916625779f2b2fc6516eba47f59cb09fefce139b5e90ad62800435f1b8035e0d69474766d4a10ceebcb82fe108facfc3432077a69698698bc7fe4b730b99698ca2535cd93a14dc1044c943d69138df720cd14ecb42a2858a7c12ad0ad8005b7c3c8399e96bbe93baa230fb80cf07dcad23085e36aebefdde605bdb4096f10d7e1eac20e49d0f6a9527091dc66d9cff2e0f441be8f9e14fda37f50fa51d04a1bd08dc385a333b2fc8f9d38dce3129142c735a9b13a474f40d3e669e125d16d21633278593aeb422b36299bec6f0a06682e616eab830cb065d4bab8057294426251e68b3b4ebf4e608968ee7d65c754f46e60c37a64cf291675c1569f8f212ec037fa90f70bba49655c7926909b060f61ae2c9efb32cc9f80171b59182561463bfda5b69be1818c23e765ec9c4dbf4cc466ad9e3607009f5fd959ed2600138e0e854d2069b2d59b6b72bfa72e4a6d4a9cdfc1e55ae7debab6e43669884a3a7b0a2202e2db7ce90d543024873d137c71a53f7dca0549c1150dd411211204dee133ea22a6f559c98b0e2b2c4bad9a361bf413428b6acb6cd62d6e26a16d89d13d2a05cac13cbf873a2adf36c2bf610e1bfbdf8a1b14c845a28e04ad428a5d8b8d7de8ea81b7a7d19e90e18c2b766ea35fb3f020683dcc52dab0a424a3d8433fb015dcecd64487057a3dcd9bc594f2d61bcf4e0a2f4da66b84dfdce40676dcb1e0527e41f34d0b83680fa8a59b487565506e12c1ac68f3fb9b8d4dd09c3d3256f3abf776a35a0690b97e941baa8000488a6e9e3ceac9d74562c7e091787c7e8714aa6ebe83623d1aa384ba08493ed485ded7851acdedce56187324ed0193b98737b2cb567bd5485c833172e871b335e37d18b0064df750285ea967c13b2ddf3cbd06d8fd676bb9e1ca79b2b8dd648871c043d0547f04d84159ce6b5fadd98760afddc3623c19cf37affbbe5198b9d5ffd08a3ce51bcfde43dcbfaa7c807a188db3b85c27e8854842bac2f911088f61f8100568006ce32313acf4b8fc019926e4fa2e4e66174e74d9b918b7167eca81198bf06b5661fda7fc631892c366f2ae9e39afb0735d1eefc9c1b3971e966c63031b89e2689ba28f584cb7e84a7d82b8ba1bceb94c20ffb448ccb0606ff9995b53612eef4601f770c1c23cc8a175c69b9de7f354f9ac1b2eeeadaec5af5654b304f3af7a00594e2fe1b08ae1dda4995b3baeef4d42c6f3dd9ad19b5bea8f6cdae31f75631f79fe853d9253271cba1413a58e7b4a2ae9f420b96d5f8bb63e0a425131ed5ca626578d15f3a136c7072647c7b070fabdb9d1bc05f46d6390e308c6860866a793db400c08ff5c3c2c6ca8424f0f5611ecae5994d5d5a78e2a9a2d47b6fc712a8c507537ee4fd41ef6719f2112b0fcb893a0df8eb45ae84f0e73a61fb521d790753fb25412d5638a91b3a19a8a09bcf783bf5845aba89e792e221501d477ba3f1c5eb8edb62666dc0490e5dfbc20ee9012feae00d90fb3af56a06bf2a1909ac875510318b686db24c7b3248bd36d8eb670b48c2f7e90ebb49f7db311d4c34a423248b7ac8f0ced24ea5d1e32f332a4d4375a20376144d2be2949ce891565d0cb0efa7a81c94c56e9d0d4e2ae03abff4bfe0dcfba96b659ff798572cacef1536f04a5acf96e55eaaacb9d3f197ea24b8c21ecfb0b20880cf1ccba87ae8b6321ce1f15105448d8854e7fed81d5d3aa8f2919771eaca5a339629fe7048b25f40ca838050b048177701fc2e20ebe33e95344eb12896c31c3369e84674850524ab3f6a016b77c95e53292f14481d6235791ea04a77426615deff06e57b68d2c551b1b685b3ac4cf13652dd1b2e0df5f3da7090bdcb0a36a90d6fd6a8968764c7dd528a1fbcd54e5eac7c63579bd9d8eaf21d1a342fdfd9cd1c97ac559c017d24e9655d4ea823269dff935a0a29fafe05eee58b522d3dfcb08c94fb2691b1fecc506132e944ccd7f91994f041d92eb7faac6b421f85bd6c7d0acef4e5836be246e56ef77c985a7bc04fdf3a3f3130d5bf165f4e309720f49d6ecf821da601da255dd74873ec0c6bc63f15cac1a81dc249703a215f4600180078287184104599248aca1fdcc11864c922fa3ce69e3d406f7219f40a49bb03b73c8d9fe41f9697f640b8b6966bc93898c318a4c3d9156243b5ad0a7d16c457a7c3b7c82674c4d80bd7814d70f61107c19f2cd0bd21edef04cbef26b50e54f177baa65cd091a20a60cf1da79ab9fddeda78110a8b41bd8d9b24ab5e65b39eb90f3bb06b9d7569af79b359403a2a667b99d2eac45c5a96f7fe1543a378ef96345fb98db099c0153ba6bcedd78e803f7047b2fbe727f7a32f87c88da271bbf814d6feb1fa45df859695265095e7d24d4d0ff74dc92ec07d36bb8bcccf56d618adfaba71a0f1d284c12e8d17988549db4a50d8d7b247781a3edcdfe789ebfcc23a85019f684eb06d97b7232a59b9ece4072667bc8bcbbb29ce4abb2a5016e0b1c0ea8e2529d14c30b812fdf8c136f6fbccd3d44552a293a5cd223309d6d497db26321360b03ef718f2db2132e18ad7ba83e81a155b21a1e7b7617da667d525afb419b9ebf8b2bc92661602e43d55d6b55f8baf4ab787cf180cf90ea67dbca7d120e5d4ffa56e25f94e3287f517d321342a6072f97b795d7cc134a615d8d098db2583ab8b9309d1f5e7972fe2b47e753638358d2d48185817c561d70f1daf84c9652ae4dfcca4e091aece0786de81663654fdb032de8fcbce1e5d4d25c83fbdaf323d5bec4860d652227f37aa80aab29e0dc276e6152ece4c0f5f49fab4417285fbb167b64a60aa1b6f9a88cf2f7bc25c31154b1c990b2b9a724614afa417c613a250ed0e3754aa4e8c0b550b7a3d5e1ce3c82c3bac2f7bad549fbc9e474b98d910882965dfa2137a21524961038aecd2185d3bcd651c58491c4ce255136dc2e07f9b57f48f08b20ae4ab89740a0567096a9bec86f8470383af5cb6721a38bb6651e5476f1c866011cc774100152987bb5d17b6575286ea4a6ae32f1246f66f435523c81d11987d3075a8cf9cac2f16dccf951a575f26641b5b31d6734ec33353f6a0c0e5963f849a578d2ef64f995e1200dc0fab632aa9109a2bd61cb27073ae6b7e32eaa3aa2da5fdc5360279cb4ac59613d480d55d641ba5c4d206ff7318a21ec2641111544662d95445c123a1895f3e2df39564a543a0e0b79a7a1c254873b36034bb66d6bd364a33ea2294d4d46102504a5b893a8f75e40e5af820a4ef762b78ed0f634c1d06f72680306c6ca7407560340797866e077e053627ad409277d1b9da58106fce4cf717cbc82ee8fbec4e8e2e0620b5545f61bb68f0d9dd34b7c574325f25a8a36bbe9ba442fd04cf040dcc7ec0465941ad48bec0cefc89836a2b43465f3cbccca1a629687c06eda540e9c72bb4c547b361dca3eaf023dc569f20f36b108803aa27da3dd9f36b430942a88e954f7d4c7b568e614203ab28cd64158354f5f8b712615d87dedcbe89b6a34eb2cdecd0cf8c422bbb9c5efedb424108b30b6047e14e3354cbeea22b39ba67059f012c3964439401939238cbea01b166aa3c1268105039e246d7c299f1129a0927ecd1c4aa6a21bab011727ba894208da70f342c35955be713777f9c230729551880025233cc5cda6c83ea84b3d2f57fffa31475a3a26b098a26e42a781459f7222aa48cb0d139aa57903884c72521e919619a1990d8e4a35998e2598a06a5280e184197608b82e7d731b8cde56ef2c73bdba12abceec57f4ab5e2598a06a5280e184197608b82e7d731b8cde56ef2c73bdba12abceec57f4ab542fd04cf040dcc7ec0465941ad48bec0cefc89836a2b43465f3cbccca1a62968a22b39ba67059f012c3964439401939238cbea01b166aa3c1268105039e246d7c299f1129a0927ecd1c4aa6a21bab011727ba894208da70f342c35955be713777f9c230729551880025233cc5cda6c83ea84b3d2f57fffa31475a3a26b098a26e42a781459f7222aa48cb0d139aa57903884c72521e919619a1990d8e4a359982b5e77f48d66a80d57c70c8a9640f7f4a453555b2335e376eeb1b60bc5e6f2a91346c4c2bb6c48eaa3ddf6d7358c5b9652e8e07b5546072f83cd53cb8fccde1e52948ccc544b7075d26a60ca7607155155625d7ccc207729c8a185fb99432d3c2e28245de4dd4608a0f48b3a034428c9bc3b2a757cf93d3e1f45b896f39b2a286bb9bfa178f09af4defd9487bfded05d6607bda588e60d1f876a9ddf85dd14096dd91a31cd269260e7107f48b468568b794b650c5352f27d9f50c3721aa4a4bc5b90fba675e6893f8ba32e0eb84ede6b1731496622484cc1a8e77f9e08ca83b3b11a4529b04adb0595aba48c26395eb923a6ecb8816089c0cb1d9a78df8ce688cff5e9a8a59239d88c49f89995e048c09cc76bbbd7e0ab968ba3ea60097abb4f14989a9fb63758afc0598099c505819683e2342fae5b5a3cb2c9c703891797b35e6f950ab958a24c7569a0c7ff9791e48d35214cc01281dbf750bd1e21dd9caae9d58600eb29d750307fd75a78113365504f707b05b5812c91fd3db621f7653336ff0606f17570d7fd18f5697baf9bd248a2f3a4b8b3c068437f0f70674b6d20ab62257f16e68fb18706f5b543054438dc9b16b20ffcf9062edc9cd5cc9ded1d2646b60d3a25e6b58961ed34a52588c3c786f9564308ec01a2b093eae6fc1a752281b19d71f985b2676d74a0a3eaed2031abd006819f401b308707d765bbbedaeb779c5fe58f018486b01e563c3cf666567abc847dbbf74624ab4d762b5aa9a7b338fbcdca745581bfbc24819467503981545de3a512aa3c71a8031db18a072f9c48c4f12e883f7337a855f024a3f64becf30158cb9d555cef9190437bb20556f2f8e6eec79ba2f6f1796e2090ee6a0ad82066b84c2ea6a2581d27fdb6a0afe771d35132eb08a5a3c80ffe01ef323f75ff8e5dcd8b219a0f89ce08e2a7db01b8af87b35beaf4353e2fbba7df7193bf4d15f9b281e87fdc79710d720ff7d75c106d1bb2b7f0d8fee224869ca32f721bfe8959f72ba2ddc993a66344a04b4ab5ec8ff0c6f17f3092979eb33b6291c1c99e7955cab0fa1c91bcb6decadb0780662dd9a46cf4790b181bd41dff32362debee8a61e10ecf39269683a4e387b7e5244464f1af3275e7be9ba5e996e613ea9ec06a76c01b367de6524dc6d91864bbc55a35df528dbd3cbc031b76ac818fd6c0c036e885af369031af30835ebe46c0e2b88ccaa657a01b5f1916e543be783a11d916f9aa86ab4175dbd05046bbd58d37baea762f762abf84f8bc00be7b2f226be3601acd31e88caadfdab5d7818ea2129403f9e965c41b852ac0ce22f49dfe436030a24d67f9783a02cc89860f90a7646dd5d4dfe24d9ea20a9465427395454e497ac93107a447a7f7d1691e852734849d9724c447bfc3876b602c2dd18ae5e2b5b7f016353e37c21856422fae41a25dd2fc0679939667cb2f5afd7c14cf5c4dd9f5d8abb615ab39020b7eaafd7d50b3e205764aa1672d815f6e2c797c0fb2cb7fb1fab683d239f633e32d0d514a8cfcb0bc3a5e3dba04fd137520d445ae453963ea2baceaa753614ad46aac52b1cf491f7bafbcfe8c6494dd89d9d3b8afcab510e238be2a865ab273afdf39e0309644cb3d7761c048ad701a81d72b00704f65f9984fee6dc6988c78038c73dfa391f700f4129b86ebea1919c1cd314a6d2d4527969776cd2f1d4c023a09b3e88ef87e9fde99d0370cc27cd4914079d042ea9acb85cee0831d3de09e5c3ee2287a9b477b3c829c9c38f0e2c01acac4866928af89f4aafa1b236f095032b4d317c8e074123492d0f1f0353b64c57c8c1f84651d37431a207bd7265198d0cbc86b53bf66c74a67b01143a4dcbc200d8019fd9f71be17b884b5a0e94922dbddaacb91388166ace3a1ca990ac298464e98c4642b036e67962ea809027f0c3ba745f8229131ca618a6e18ef0be3bf41e2978573d7a411d3eca6ab03322ea361a91b9706785c45f664a3028dd8a3b23688dae3b2c87ff3f3664fb875365fb4111099dc9b98a41f9248ef938c24108f636c29b77d7662ab7b007d76f3f684a797e98b022c212be853d4d3bb8fe0cab009111e871dc6e82be7e52d79c6c40910bdc6bc07aebfed1e6a2a75ce9c265eec6b07991168ceafc096029a45bfca6d2e7a17665ee2bcc195252cfb0f0ef6b226696c67bee05bf9ecf28c6b23c48a153fabce2d209e5a914034882668ec61fd3ae9cf0ef0a6b811a1651b42a9d77f9ab92b2e6ce36a53b1a46e4a7d30309b0c7ff097fa5bed848be2e089bbf947810de1a4b650a3d0e978e84845c3c8441e8f2367c4964c6ccba7d2b0c663f21205671637fc7aa3fd561d92e210303f4e2a8b439f7c1df2826a8bec1fafaa012f1ff958caca97afc47547e73d0baba8d22677d6ccb466c4559bf342585ecdcb61e81db291bd0d1ece16f586021ced7578416c0ece2f5eff0ade5b0ffc59f66c10d1b124d3020cece3cd00ec9fa9846ad48c60abf56dbd4ebf8cd79cae4249e8b70375ab55e8855148b88ef96d5b9e6f0963d628af5fe04438cd020ef55eaf1259499530b855aef54c3b887e9ffd5dd5d7d5f0a4bdfc2b6ffd52f233a1e6ec650548e8b4b52a360e8673f5ddfe62a3543bfea71f4fcd1bbeb0b4dd51e1bb3fe72563a019c471d8f091ae258e0cb1c83efb4028ec09994788265abbf7c8a67d2625eb0670d9eea938f89f6fe8fe62a3543bfea71f4fcd1bbeb0b4dd51e1bb3fe72563a019c471d8f091ae258e612d1cc22643c4c7f98538ee7f778c58c6d2425409a2feac4b0c43a7e3f8b17319d6cccb7becd8c80d17d518981b5cfdbd41fd2e5e6daa46c5c9fffd1c3f9231605a4e64a09812e5b2f1687f34edfe5df77fcd2e1f3f0dbee207644a3b882fbfda2633ee6bad3234b8ec07796430baf5b082095da053e0479bfe12731f556813c7259ad24eabead4018b1397034c18a2838729c81d162ef761b6c07230d9dd2a6a62ba49ec82fcf55aba947f4e97e65c3691a4f4f5d21cf35d20e8c1d1b6a268e2bbda099bf466c0f8bbc3cc14907560f43de3920e60e07086006361f7e852734a7fc093fbdf934f30908a470ae9ef0f9feb887c165e8a4c6ee9e30168f6e1d67d23d06ca8bda24f4a4cbf5515e4b6cce4ab26b78759fca0efad4ae5956b797c322a842c892fd15efdd19fb660d3fa8bb8631b7fd14807895618f5c0b246ed2ff89b3271bfc16eb49f8effd0d879a77a97ea35fdfc29e97a2fd2312e40302defe2bbda099bf466c0f8bbc3cc14907560f43de3920e60e07086006361f7e85273890fba3e0bd2d348b886d80671f92a5fdec75ad61451c735f237f3884794eb01ce7fcdd47991508019c2e0128f156ddd2867cb4eff1609c6bb9ac181158b8d6ecef608bccfdb9ff10b5ca1353e3caaee788682f788b7d5760b926188dd24fc9459a3f506f8a04c1487a9a6cd5c048b0c5c994c1d51b6e7413bdf48c81dd5a22c0010e44a582d6ae1f46a430190f607dde9e90c85c1f3918082cc290dc635825fe42cd5b7fbaa210e5f4bed58da656beeebae73b3bf86118f2f6b9eebfcbac970b75536d7788985bb00de90747608cb71f81b45f81d96e5fb51a369aec18f4e57d5bbb096c7a5ca279ac5431da009cc13235e2d500953cd243a5959de69ea97fd721771dcdf440b014ed1bc2bb57010311cc3fe01ba239b8878fc9aba7560d2c9a174b02cc76bf0f0e3580225651fe807111196add4b25f3fbeff02fe52df073230749f471d2e8c45d9bc0ec3ebcc2eab470c81664ae3f36819d75069ec4225e021a80401e321e7f833745ee4861c7afbe02b1ef8edbd684a007a7ee271ee43cf3d6c690d78f4608235b5e0cb2a81b20a7f9ba3ce3ff9f316288b9c06c53a8709cabdcdd0c5fb0ec668d2db50c2a20d68e4903159364556f8e4650d8733fb13819fe0475737dfdee2e2b33f098239b0b46540c8445e85ae216a37f3a9e31c2b4a78bd776fc0f9b19509357765fd26e58e45385c12a3251566838bd478426dce2f896df86d2480688fbb608b766842a8f7c320dec85c777e5985df35e5332c6b6df89b3271bfc16eb49f8effd0d879a77a97ea35fdfc29e97a2fd2312e40302defe2bbda099bf466c0f8bbc3cc14907560f43de3920e60e07086006361f7e8527378bd776fc0f9b19509357765fd26e58e45385c12a3251566838bd478426dce2f2574cd10c6fa140044bdfcdac918a341c9960c68432e5d91fba05ee3d4cfb3b8f452219381732f807fd62b6ad367de5b09fd81174eb32b65a0a9b3fe508431b09f5c9c9f75f1705f40ab5237a583d07a45d067912b73745482ba77fbf5cd571eaa8b27793bb3e87e9966926affadbdf1b639c9f52dc201df99c3740cce5c90de04040763c6657709a432e47b7d753b01a47e50e8225314b14cc67cafb4a39e8a1b0c738dccc877d189172c247c7f19bfcbec8ceab0a467aaab0b6907ad872bbdca773db30f5d4b531adba46b5293eadbb132ccf170e1149e89f0ed37d5d2bb3d22e46be03995f322e67619f66ea15ccc32559c5cd670397ebf1802746b9e7a32e8f7f9e7d6b83de3891d220eb915a5c304dd1c44c0af65bf985049bcf0745f8f26b2fcaa04b717b5418a753b2ceaa222da2bbdccfc91b3bd213806c98833037194057d6d56af5510c7272d86a4c5f18e89b71242864db7122083b8d797c1f70ba8c62a07f2dd93fbc70a38dfdb7b22bb921420454a1e7d5fa75da1c89880edeca10aa2aa7aa95cd62ba1640c888223f8ad180ac5e8e0b94e8e5becd402ba7e2b1318bbb06e5026e902af55c7a43b0bc0e08910165df6806c0f296fa6da689cbf6ea2e79911807481b2a3e6372bd454cc5a20f96455f1793e9d61a6f31baf689f77a62880284fb266c05e241b908c77ba5b1aea33d5b53a05512452ce668ba44d080af1db8e59d775f531a3d2ee742e7de6ef4ffbbe0384c3b027395c80eeef07f0261add889d76543892b410db4d710b0da7375f30045a37dee2c6ff1ec3398175f1e193f6b5b563bb304da7cf623693458d89bdd94d6c8a45141869e0ce33636fd753ea03933ad6b5b60609e0c55e8665d863e5f78a809c6e542cee18ee498a8075c6e882bb1accc1d145ad7fdce3c09132ee99e403bff6d4095340c88161b8c3380616a70bce8cd3f486b7f9059e9712dc968ee41ff33f456b15b47526eb402330a195e61862302925b1782a54a6fc59a491cd0f4788bea17e7b83905a5f33b2c95997b2fe1f495fee291ad6f604b880693b0208849ed122b36e84c295b52048e0c4e7babd0789d1eb9471c9a3284658358d39ea6d26148e3af19bc5c9f298aa7ae7c2091f69e36b47b68dfb30cb1a2ce5d21fd1f1f2e302b7a1b778a929f28bfb7511d7980b70ffc9548e3690a5960f5715a321ce01c0badb5d8db188968d8644085f6659cd4776541a7fb7add94077fe1080746267bd84d487cd597b76a339233d3be770b7f051050e1f6515e6432dc6e79f08d484a7f16c47234bd29c741eb0e2a93baf084b583b3b607749efbe87c90323120773700c08a0a06f9e833540f9c3aed5b4b2fb2c3ee15d8912fc8757772cc5654cd970e17449cc202631661a6b83ce5f95bc65f01ce4a53ac27725ea48d02a790acaf324f1b5b516851bbf0df2b7eba3dfd19ac422b715b9e8f42f8011bb7aac43d307bd9cb2e9d8792df3724fb755af6656de265149c0aeffd6f81c1b91f2939159f443f5cc44a66422a3cb958dddc55cdd7c0c71a834b3566478a9387ace9de70ed706f697c9eea4a11918df5b04498377b389a72f18b1bc9049d8c04f249a524ffe4f86f1d8c34e2fa5698fa3337fccd8a8f7580831dfa3492921c49e0eeb29762d9fb12292cf388f513a40468abf9812ecb2044f3a4d4e8c2f4b9069a187df597f79e4f10e3a976e9d0dc3e5493db44409c9070ad8242d74bbb922debbfcdd09a4fcb24d2ac4601174b7c2e971b93f5b090ebac36b9ba2d90c2eb33accce634d0d8a8004b2ee3eced9b70c850a22f70b4e6ac2c674c648777c459a397c542c26a2795e3871123c4c873a0bd714b9fd25b7340b00e0931b2e770c9c79cea1468588ff33edfccef62f7046b83316cfad3d1daeed5cdef3aa3f53bc15881bb2a75f3496c636affbe0c8883a792b913fcaee8dc76cffa9b3779e06679cdb64590e3428d07a7a3c54a6c07eebde6f9093611012bb075664f09c160eb49ddfeec26a1597a323d0bf4cd274c5749be10cde9e67bddc25222254528eb09c4e4abc10f30af4377a7e093aa5a1477bfb51d988a0a72eb440e7f896527409d9935d1143d9a01c5d498ac430fc8891f2cc08f548e2169a25c93fbf9c5c3971ea397272830a3e961698bdd7e5b09e7db49cda9c0119fa33a7dae47b5919534b903f0646a0e479df0d65dcebb699318bfc05f39f8f1d0102209887abef25cb26195fc15190fda918828e2fc16a06c8793548924ce41aa4b6991dc433990ee5695edbc65dda9ebb223f2eba02db06a12f549bb32186e662620d970aae073120e91d8abf251b859134fe9e08961eb852c9ce2bf9662ff6d35dc4bd44282afce2ed727c69cc07bc3a5ce0131e71e51db1faa41383b747c8e9c48b3ddae914a320eb0f743480881a660c1bf353a10488d0a2ae8e6294f88c840372d3e38d1d3f4951aa0ef9f576a0362390586831b7de78573a524f6cb6d1308c36f808d38fa328c5c6eb3eff653e42958ed0aa12910fef9c34b0a1b12ecfbe2640c10ed758eba4a27d793b8091d634745383c6f1edb3e29b253a0c30ce5d209194023f2e39fdd4585819536f3d936d1b9187aab1f372d58ec868f694bd91a240b76b83a5be25ce1cdcb87d82f8653e86234101a6ecccf7998af007fe4e0d6fde76bb9a679b382d928e9aca757b879ea99c078627131bd4d124d23f291791347491e17b04f2cfbb6f40808b9014440a3f551599aebecf207cdb2668d1b8d8100101b4cfb6566b2bc71b1ef944523d7ff6a6951aec260a08dec868f694bd91a240b76b83a5be25ce1cdcb87d82f8653e86234101a6ecccf7991096a6652b99816dd5766dc124ef4ec6d0959cdd34a794d4ded558637a5175aa999fc371598d7322468c718c50a2360db7b599cfe1bc01e8706a3ea2441baa280fba5ccbca1408f625c044bbfdda6c1031ddb3278cdc2be6879beee6aeb94a6a965226d82ab6b0de772f59842b1065a8658f4d28871d80f52351829da5c6f46005bcbef1f33bcc687fe614e7b0e028ad6f43a2695d559d9e85fdc53658d02f4a172e72d729f8731cb6d9525e2e607988af115ebfebd5e1d7fc96aed841afc23eae4d8b47d906e164bc1f318e2cf65b4fcc11322191992490a7016362fba1c58af8bf0449e275851797a83c0be581c36dace7d115239d057b2db888e1c897efd2b5d708f9d313ad164e4adc939d4e5de77c8067d52e7505e9fbdaa7dd5759ea51152947bdf9233bd7c7cc8f26b953aab949a3548b039f014080ff744d49162dc79783c8fda14660433b9e3518074e3472b7619f8ce614df6a8a42741373c869ccfa9d978cc18d0958e745492d6391f3927603b65e5fb7a10c30cdc49e1e0e1bbb6e1cd91cdeb800072f35e750b12107ea44c96d261e556c9c093c61989c38b2dc4f00712aff70a4d7956cfe45c3572b74f316c96b463e76d1d0d38ddc85585ab5734f5a9ff90861c38d0131bc0a1c964ebaba75b21499189c6cc8afe07d5356a935e865bb3be620ba541656508f9efc017c3f65b4395b72dd68cf24a6c291a50e1fcea188724968081d725b06c47f395ee301c8d1851a1d27b1c58bd262fc1afed71c444969b98bc0d985f0c90b588e2548b1f4cea1cade323c80bfa76ed90a3ccd0ece94a14ebfec938aaec4b193ad8d388af153017dc4e500071886a8aa1cbd1574f8b7e016917ab754fecb1948baafbd573cfa4db25cc4137cfbb8b1c69177a51343204ee98355b2164868d0d283acd529ddb3aa9a2d48c925b717d9d46dc78ea73e6569faf0190c9af391e3602166fe700ee2cdb9b2eed2de450abba69be4ab2a5001e4f9483998da44868fb3306ced183dd9f569e48f7fbdc00b5c470d3c1e601908bfb3864490ef945213ed3ecaec51aec736e697a99230a25205cd09490d72eed868f61b784d476b665f2607e2306fa079508e1af0a825c216f730783b6fba572e1efd5acce615d936c4f39b40129603f0e1bc8b9e33cd047a58e7a819979f84d7dd2a5fb80e2a2d26986d9143612d904b6e7a46b58ebc3018b21e6f07f9917e2d2d77ed0a220f8aecda744a08ba564a44017d3c3b56e13f3e9e8123b7e8f0b20174de9e80adf29c24c45a458bcbc6c6c5e8d6b1e3387aab860696fdfd482ed3fff73e6b9760014859116a93b0fd0b02fdedf46b000d01bec057cc6d9c329dba2af7f7fdf6a6568bc340127ad6708e1922bf283a77262ab122604aa1356d47093f6dd3403a4895df678b4d10bc10e921c8517ab002ac45e91265109a4a482ed3fff73e6b9760014859116a93b0fd0b02fdedf46b000d01bec057cc6d9c92743d6d3cf1b6babba1e018929ece70535ac4befe2fd2f141ac5199fc01be37858981873e5c6579f7006480c6414eaa9a09ca0349bca00cfa7f5bc972efb5620abc86e24ca06c9f1f6a3274e2b15a72df8135ebdf215c80907cbd693818eb008f98e0e4b3230a764b6c14d9cf5cb6fdffa5d1a4df9366013f4fc475a70bd932146d56d0ad04de917f0fbf293b46beabe5b1e2d6ba69ba87c1e06a109601194eea1174e3f0a41697963774e27500bf950427dcb7fe99b563839580b6744b8d18a87c42cd6f3355a95ace630c3b5a1297a49befb7c8d7cbbef019d29fedc5d883cd0ece94a14ebfec938aaec4b193ad8d388af153017dc4e500071886a8aa1cbd6d9261131dc34077e742f0bda15969dbfbf0454afc894bdc9b152950a4e2c1d1cd0ece94a14ebfec938aaec4b193ad8d388af153017dc4e500071886a8aa1cbd8d01290dbb9f94144d3cbb121a4511408a504b9d20b21f225ef948b733e510facd0ece94a14ebfec938aaec4b193ad8d388af153017dc4e500071886a8aa1cbdfde7c1b38bad9cfb6b642276742a1cc638256eed888b14cb0043e22e3d78ea1ecd0ece94a14ebfec938aaec4b193ad8d388af153017dc4e500071886a8aa1cbd0bc49d86fb4dc1bc5ce08fce1f15d67088d817ee3b7a5894d4299d0baea29e0b82854413123b577c5defd0ef08b449da150b1269da46484ee2d3089301f6555abfc9aa12679d95a204992f4c01d13c53ec4359830a84cd812dfc9bd0a7593395a5a3fe09559275579ad380a4a173fc2d03aa48232aa8fe030b3a1a0722f13eaae2218d5985b66be8a8228741b7af5eb31a9cf016fa2f608a2d08503d4e0bb7acf7f3a022e048344089a7551aef3ebfd8a238763fdc0245ff5fe6e041f2a41ed5f92d23b8c8d6f75e3a4fcbd173872ec7a035998c59421acaf925e18b2334ea152bf94f6115be39093d461176a578f7f0710a8eaf85a8e4e591012d22306025e8b7997d4119f03af670b874b7bad3c8432bcb5b65302b795b37b500fa85d64568f92d23b8c8d6f75e3a4fcbd173872ec7a035998c59421acaf925e18b2334ea15c77e02f530e059f49b15b7e5a1b74e75fd75c00110705b3dbcaa3e174823720bf92d23b8c8d6f75e3a4fcbd173872ec7a035998c59421acaf925e18b2334ea15d60f6dc0b1e3e49d3bdc2d75e5fa1d624fe70702234b578f41bc37bfb624041b7df49940219a297d571c29c8a57de8b06bbacff779d25caf8a2deef5237a53aaf2d61b041ce3eab58c27a62bdfa5161cc7dc2169c2dd7feabc4e282bf7361af1afa6a682a6104d286405b5bd374242e24c3a3d30638f56ee7358a10f2787c3700268ca6e7822ae86b6b566d19a9782dfd4a9500b3fa4657b7752a60a2af743f30268ca6e7822ae86b6b566d19a9782dfd4a9500b3fa4657b7752a60a2af743f3baa3424166d50d50b7caf7459b6a2b56872b7063c77a593b08f91a7354ba63e8cba251dc2911791935446ffa6e2995d4ef480e84b080529d924bf659dbc9712a7eca4cc51cffc74769fc9829e51d4eed4dfe3d8a70036d698c34265044390f4df63904b68530e6bb87521e9d500d8e3d08691f9ee52221a1d9caaca41b7ae638e7c4170d075249c7f6d1d01c341f71426ec9346113c0d6d7d55bb3f0415d98dbd3eb07d915e613f9da20e178c24d0dc60a051820019ce8604881c9497b4b74dfebafedd63093aba347b61c5ac93f9567ee691fccf17991225351916615b8ca1909520e6a6847ae45ff6e26e092a6b9ab71dc9d4e9c323cbee8ab61b8c236eda5947c2068e896f9f1aaf59eb54a1129c2ce8c516ee0e61116eb1b886f8d0049b9598a2965bb620327f0e99c5e9ebcd0e92f01466713ac1b8f528e87b5a9941cf7c64b2f17f15ffefea33d87b835f2613bc8dc9dec44a4455fd3d6240b2ddaab1080d99e99023697146feb392662cb8fe5ae931a2a205ccbc3739abb068addc26358c43cc32109e8ebfd0ac1323a36b6c27f73fca9d206ad752a9b492810eff5e3e76ce18e5df219d5f36ff1519ecbc68aab24b6fe240421db993dcf3e89b37ddd6eebf5a1883c8ddc9298004be05221f5fd18359255770a151402cde0f4bb6e6976d75bbc17ce22ac5a81da532b241bb035720b4f287226b1c69fcf104d8bcfd8e28921c574aa7b02c4d6dba7e8148347210c8f5860017495847824b63607e00b560133c6f8a84ded8658fbcbbeedb4b8ef8d6b40422ac2b3ce73c4404375b0deed3b9eeba2d1b301a7158fd6446d6444dfeb7191c504fd333e923f42ed05127fb476a9952331252cac8b4b9265a911e3c98c9ed675c0cf30274fe12d26b3262e808a42b9b57611e6680e891ac5db06cd17e039efc84e937e85aa83fb813adb91b1946417197f65185259f544e092f99aa0b68f7da4bdd147f7d111851ddede868e67cc8a13e4d4d7283c64f5c43c9aa40d7ecaa013d435e83ecb9a2bcb82c29e268fd1ca165aec2103ab622c193d992493930be99b9ddffa11cba86434bea79ce56fb156b02957d29cbc9885afabc670223304aa6653e2c184f205868ca999d56a0e4e896524087a236d16e440a218270a9920136fa32d9bc1cf933ab01de59fc392abb4c19a13f0ab0ddfb73481e1df94d1f48d154e6f75b9bcc0fb58623ef7818f921e63f0ac27b7b51b2fc45d0492008dd535d6f45f5bdba3250ceaf5a86ee31e915a2f06b08c105334d2ecebf746d913dc10e926b9d02142bb491cffc4934b7808f81b71a819b4d0ec1e0551f337deccc15979be058fb77de597c1f76ff298be4d5f3f0862b597db6dc32fe22c1e9dc928636b46330a54cad2592c8e0e1d5c5a2f2fa2dbe7438582db0938aa8fc441f3950335ebcf2c1f2c59e508a19a68710c1c3b569fb5aa625aeb7ab4220c2fa83c5d6fb9e1c8fae0aee796c152d978509e654fbc1f06d5f726eef515cd0f0e81ba00fc85462b520bd5db83d38a3c568eff4af101bdd7c17935537cbff59fb55f3cb6951f858a803188b71364ef3191d7470cdfaa8db4f4466ca30f9c40bac4a90249deaa987dbcab6bb16b460bbb56ab71627fc9aef85c52cbca9542da87e747821da1c563120dce2a1e8f74c6ce32af9af80c806d38d6cc94faf2b31e0ae3b832203a90b367d730446d2e72d3b471af9af80c806d38d6cc94faf2b31e0ae3b832203a90b367d730446d2e72d3b471259843fdf40da946be023fb7d8c947e03570343ca9cd7f9d72da5f423b93e18fb869729fbf03c315e5c14a6abc43abfaccc2ca35098d4428ffd8805268a8f6dcef3d8d7d36f65cf465d976f4092eb6daef1d2c4775b2e392717ef7252e806a87ca1d110e436c9f9e51e6150966027d72bd1bd1ae316a76b1dd6e8a4275885422aa577e7fd3efe06a8c24ebd48b2d5786ec4ccb26943814036d5c7a5738ac084cd19db50bbed4980465753051a7d078dd457f99c68eb87631657e306e41237caaf4a2327aac55d35feadadbc7d4e37cba67bc77e88ab56f9951e0500ecb945e160259db5fbb88b1e5679d0e2ea9c0eb9995414ca2f55f4ea53fcf615a1f4085eef15b59278471954a3d2d29af67f614cc95ce0eb4d74a96f8e42d55afc6d716e37f847a92edccbf187b498bb7b2bff617243a1f7d74f69f35cb6ec9c756932ff17f847a92edccbf187b498bb7b2bff617243a1f7d74f69f35cb6ec9c756932ff17f847a92edccbf187b498bb7b2bff617243a1f7d74f69f35cb6ec9c756932ff17f847a92edccbf187b498bb7b2bff617243a1f7d74f69f35cb6ec9c756932ff152d3b17c168fe96dd25cb21a1ef88e9a6e8b2902326b2fe713d41fe006d2d0196df4a206f07b1f2e264c43baa51feda8b951814d42ae56c8de71f3a66e2beccb22cc169a6e3a2e48085fcd17bd6e287d24a35255290b507b3ee031f4aae522e8ae1e2dba225ac48fb4ee75747f246e0419be12da2a200d1e445098cf67f0c20ca47af350bca3e4f708d96a7f5f19310793221aef6f39e382adfa90ad2bb1300db97ec1dee39963b033f604cba3473b50e1aca16e44c25b9104848bec5b9b0febfbfda8cb8be9c552d445b7bf13ea9832e034ae137321e2f01314bc30ef6d2bbc61eb60403a64a7b3c5af8d714b52e99e13f48538962036485dcd0e8a5a171f6bbcc49353640989b13f5ca105b2f7824d99e2d2f74a68ef8a692e9448805ce6a7ac7376f7983de66bea68173d0d0c69377310295c3656e8c49c8f18367452e84253503e4852027477130161c492c856781d3730bbb1c1d1bb421b666a61b300a20c856599f602b87b3f6e0f237291fb1299325c691117fea0fa91f7139a0be8d2eb675dafa20440113f2e585b2be04b344283e9ba8dd225dfb9170f48224f1ad3a5b8c40e10e60697c26307d35a54ec8eade883a76fe86b6e88ef7982318a57af630fbfced8ca4e0f942ec016ab35d7312989c4ae934442b5b5c4c05b176abb090b5aaceefba3ecc25d65d648307570e44d9b9aceb75e90ec7f8204195f48315788e7b2908acad521deadc0f59525d2dbed508d520c04e9e6454f42218cb020006b0282460a99d80ab6c0dfe1a861ee730f9a74dbdcdb311fa76df9dd8082c901c936f1c69155baa97d19f9f66caf1bfd3236773d4f2b88579f0f1ca8494a8efaad4958f97c4d00f1c05d33c65d27c414e2973e1168d5df357d42a9058099f787c5b8235681ccfa9bdabce500fe1e71711087bcaf5701d154cb6a04632d3f753723206b588fb21c28f35a65197bf13267b028e1ad3ed5428294b8f8d819526fab68b24651f46a03861273ec14f3aa852a5b2a7a953f424775ee8e8aac43038d5e1ebb8a57dd5e514d25d008e183bfdcd5341972037f43195c26ce1e3817422b0fe74790e0045206b9fc7a1e93f3d188aeaca7b5fa02902e002f29ae9b40916fa725a29633063dcbbb8c968361cdd2ceedd8b2b70c33480f8dba1ee23e67e46ad4038ae4d871d644a8ccac611ad3657b9b15ce8eba5fc406db8af3ed9176ce236bfec9e9eb76d56685b686964159b81aa663e81a667af0b00f3302924b4911d30b72c5ce5bf09ec19190a6899387f47b97539a9de0e99bc504255263d84b340ce0358c134c5648b5b59f928dac939d97d0b27f8bf73e88870beead79212953a80963d959224d4a4e71d2df137c803c4b3c7299318a40fae6f617b9ca0661b0739b416850b0a3923a3fdc16966fc65be6868140172e7d65786eaf5faa95ea5c94046300e927f0f1228d2eba0832e6145fc9a152ce8b01dbf453e610013c0c5393aa1f5446e2bf4703c82cf2ef4e186d8ed3669002225a3c0932ad6c1962b26ef4d5767fe29dbc1f175c288d26ee203415339af91e860c727585ee2c7cca284751d6257639c275d23fab54c28bd254b5d02a864e6e8b0f1b06a736e64cf14eb5016e311179ef25bc14fb0b60896c4bd01c10b30482b94bf77d14ee7ebe35ce059a358f3aa2a7b622e221102f8ae4186b36a29304bfe27adc03c7a0ada23df7c550132f24210924811c616f80d5136f32a9e9778341a045034f074c8905f2f9bdef9151504753bf7b36c3a69f2db3a4d2df08c345a03ac5cab73fa163f0dff91485d3b21c71358583d77d113059de896e9a7195961af7b17d67e58092b92c8c889f522d09105a024a02a8b3aa383a316ee26e9a3332fe55afc00044164af356157fbf055a67f4e405653fbd71e94bcd61b3f9357f7492e45ed196f157689e6be24a821b008e8454126a180e387a43d8c5e7db589449480ebbcd97898f374b6803f433d12e71ec1493e8e44c64a569383b7b29213234917e9f89b1d7636ebd9ae332668c298a8900d4daed62ee4536c4027714fa9100af165ba690ee68e7d2948284a5c37085970eb88fe32c91e08da278c58ff88363a449e2f7c2ef2e840113d34082a88906df9c77f8079190fec1f7582db3cf19106cc64799827a8bbea2169d38a29a84c767c438617a8ca43fc3da86df8ed08c09c4b09ac1284aceff7ba2b147616ea145f8a340327591603c9033c68e550f7840fac6ecbc33a50b49e5c4d3f6f702d28c08c6c15fb823db356b0aecab2aeffbcfd523f6bd010903974d5e16ee55f54b7d66d05edf3807008b6699248ea09ea4b83c0893db2c1eeecd8d436c8bb6a83bf0df147e6d16f9a4660f758529d0b364997c797e7259dfca3327c96d6d13b8392330d946e86a644f1b7529fde7dbcf5a730929951b4a88d1fb9a42bf3a98c3630e9afb97d9ec53fa8e75e0506b8120afcb961911761ee48043abc4aead71f056178221659193b66fb64b4314e5c27e88553f9de93a3d97a7c25c8a324d6cba571471a9fbe383cd751cc9c2a7e3f0789d8b33fee8c60ab6c13f431304b6d875d21a196b222a85f021fbbdc514c765152552721ad0aa4583439c2857ace32f3ad639c0df7301b7193dd0b4e9952d540642049ab954b2ee878d4e7f6649bfa415f73ec828a2e99108801f113733996b50efcc92ba6fb688687f255ab9c7f24da934fc37f7285ea6bf5f16360fdf3abb8621c9ba47e2dd7a1343dd9ccf8558bcf79190a0475806cdc862dba1fb47e8a96ffb81f78b132d7963b78defe410f2731d60a7dfa0482d36a446a58c72f736d7364c2f6fdb239f57a78b8e8615bc332cdf06aca651e00ebe6fc82287912a8722c682784278c679297d02a0f3f5a85a22358a3c1fd49d6eae63303c849db2efc484f40e653f5e39a99b1d55cbbace2fafd5a966696b7fb39efe3d02e528d1c3ee9ca5bbda21053171ff6d5653ce92ec32a47201b6f56864df8ca59b7bdf0bde093690a0438003645a6895af9a28dc92f604db667b35a611c3d78498ea4f87b0d043bcb909c789c8598a3833fd58cef00ddbd714f915df496f0e0953c9eef5114e8583f16fcd48e327474d4a921de7d3dff7dd08ac51e97523d9ed00abc7b1226f5dc3704ec596d16809869fd10b95a45733edc30e2f2a1098131beb00463bd5e4c68de7d2642c60f3c05828db5d19bfac6d2c32bff75c873ab62d0950b517f911ed17e2e0c5a02e28e39309f6c3f0c1cfa654ddfcc709228e26ef4d55df15f021820500c7be4d8f4895d413f71478ee0c8be92be77cd3e09cea8e29d0c4808ab4d4c5550794ca7b001ba2a37488e1a4dc1066cc7b5b6624758d4fd95a36ec75da2bbdd94a8a2868da6c5c0cc40bf52c8536825598b6437c108b25462dc99ef73a53711ae889a29ac664f76c224155c62ebe2931071d139b967d90bb814f7e08b2f5a6251a4031505f0c3f8563cca36588abe3dbb4aebe261dcba1bb6576dcf9f0ec3310bd03d80e377601c2cb25d8fb3352f18c76cc30e31f339934c8d4b4e9b4c7a3a5122282801466266176c68efada0295baad2a5f28083ea3b419370d21e9f6df39219193ccfe019dd3435ee1b366b8f6ed8ff508570092dc60518de68bdb328f5a3e71fa7a5fc148a7d69450f9fa1a12d183f73624da53685b9646a47fdebb9d200d5d07cb8bd51a90dea8f74d2a8e55880b2b049c21527d0c3a653e08f46babdf1d0d98555baf754135bd1b7fff321cb23a7fb4ee70272357a796a3358cd4fccd3795f87de59668d1053b536802deb409052b420055dd2149c03518e42534f0aa24cc826359a496aab492980c982d2ff0e58929b6c92c30552093f20ac304fcd8a5416b59fe06df9f7a159fe70892f586d7de80a076123230f5a497a97330aa670e3a41c5d7516422719a2a23a51452813ad93e93a070b7fd3a85e1cf5d23ec445e16a61976e2b8d290cbced53e19d2717361f77ecd4afb1ba4f7706b04c62b5e62e0045f381524e7cfce6056813325c6a2a0dc8d75f61a7e116d0309f8e2e1629679f961f9655d3f184c49db67b7358d1fe2b8eb0379824af44088aae32a1ef23567f855deecd42c7644511c98586f3447bb070155cc5dedbad9cfbb34393b5251963c6fe770b4f12fa2230f56eb9a88f8fd4f3343d5954b56e8edca953d1974523e431cd28b9cd9b12932f1b90a53e70e1828b226310be537715e6ee461a0cd86d1e45ae6f6100639906dc132fae151fdbc609c3e9002bae3e37937bdf34bf990c7eab60002812d0e934793d9e07cc8c9cc3a9eb53694198555006ab491cebc791bdf4ada01d3c4d64c7cf3b4cf5b2a9cc503b75c95aa547836a87a43ae3aeb7f6bbe2d0e4301f076809c8c278d4c75669d5ab273061245896e6cd6d9f12e0cd6f8bd89c8205aa9180a049ce4ae01b2e6780b9309987e17069f080054a2bd4e3c281bb0f317fd89dbdf427347d485e10b2de59a7db7d73b7b9eba45868d0d1fc82d96b654772f5eec7f3b72b37f8ab40688a183db1032c76ad87337e9b5ee8a9d1c31398b24362a8d518c22a61cba01a054c8f6bc6c93cec5533d54abd3291363f3eddc577e357dfe3ade3c37b7507a405a0a16acd3f2c9aca4d631f94884274037ae1c6d6518efa540774460c39a418cb76101558a9fcb85f4da5e8d85f0993e8d852215885d47616c98782dc1d5a3cc0c9584b76bfe51c8b1143281d45586cb06441fa0ba17daa8f36db0e295f347f936ee8d936acdecb5a660c52d4fad00daf4a09fb7cbbfac5bd211af651632abdd7a23b40d498d49855634bdbc2e95fda07e066dc272e5fc5474328823be4920795ba97027988603fc4d3721f7e1ec26906d8f2b79a0107551324856750deb4c3119982cfa6c67b40b854dbbd4b002783e4508363ab1ba1014e2f67ed2837ba1c6b47b7220b83d93e9144125260699a1da72cfb8ceecc733899a410490b2a2bf89c60f5f3a5514c0425d8b5c7a46d6feb5aae30520c97a2451f87b2715d80213c1bc495a65882de98292438f4384c24e6ed09fc54d483eb6558109fb3724de1bfa72c118fa16d4345d107d5f6963cb2b9a4acb05afc177502c3f311ac9521071f90b93797fbce89f4176e0d338860944d09814235c68b266f09f3af698055798ff1761745630f4580f5ff66bd4298ef243c16559b813ff8f32d3fd4bd38e0f66e18fc6a22c2cb88fa9ed381900e3768ef84733c27fc678be1e5c13e5c7cd8fb8b08ca2b9697932c9b26a96ec66541bec9e292012d6092b737c02ba74c083e5eb430a7e00fb9beb4c10987d0c246cdc5c029d21df38554b1e61461406178c3a41caf18c215713b42ca48760badb1e3ce7eac4a30e7ff3112d629161bd1f85019c60bd426e1552af04ef2c7533ecd5dc0719386dd43124f8f4d13238e4e4f71c33fc03cffb59c7e3dd2d440a137f251a5ab677600450c3c7e9e3466ab9fba7a5aabd5d18b99d3739fa41c280f14a0b762705aa2a374d80297df8399247f5a01a39212929a8d0ba6113ecf843337a79ee72c6359e20306c2e2ee5bbd333f7ac689b796fd7d3044581ecb33f5ec9c7f8d39b49b042b10eb6bb79eabc800bdb537e84391e960e6d1949e59139c67a653478e987b9169d395d53efea7fe0909c1143d19bc7a9ee12f2dd14f0b212f10875696f544311d07d4643d77f36d367ac2343af31b6814bb572a03ce95c138e6d113c8fc324f3e6db4cc9f954476fbb5eff29263cf46251f62e2944dfc1d78d7877ede7c55af48418a9f8277bfccbdbf23c97a5bee9b7e950b8576898c0a9700e21b72ddc0361597cb6e62c62db43e16c8bf8093635c580f1e12334af5e68d2e627ee857bb1262e6ae4f121563007e8fba2204c831261b02c9e1b6d084db62b4a53c11b165e8680e8ebf550e5a14c7d646c7676f9dc22308dcbac8c0563857107cd308422912278be283aff93f8fd2ae311a5c3a39408a8f127c7970ed1337aa932ffbe6a30f14655f61552ab7778b1ec8a5929741f1a96aa51718dcab8d413c2ec03ffcdf1bc79120a761c49262b51b68534ac5a7c21c32267d05f6b94dd44fac1452bc54a6f37dff892a33adf776cbf2478a044d6b4dc085f568f13ac71a42fc2f69ae93d459f956eb70f31f4c4c95a07a1d6e272d0ced9a73a30f94998ae969c337eb9910f6c1232f34ee8392ed01939713ba44793f92514d8ea280e57b83830438fe4e08fc0535a01aa383d0bb8a50dcadc528507640d84cf2bbd467e9250fc75ac1bd4fe7991b4c436d412d01550e25f5db203c448439534c41d3e265c49bc14c04949518b1bc1c2acfae5e2d32feea07337aef22d9c4a4275e58b15fbd9e1e72eb987673f0d1ccc6811a8a6b93df8fae05aa781c4d8d8cfb64ab239679270d4e76e178da4ecbfe0b21c35ecad0af5bba6228b503691c0bf1f5e77849a63cc6cb51fc16c8cd9277b5ffc9b8e8137d3b1ef3760e17dcf6cd35f50231abb02d01012375a20d1a6d4964e8fb66ee1db0ad46b435c1c542b50403da8ab1777abf1ed30ea83dbc0e75d2daa7f62c9b5a4ff1b1bae173d09c71106a7ba62312441cd8a879e9d3acb20f2fac85225eef15b81dadb6ed143b527a8744925cfe49dc48e87b4338e108a8282d35ff894fa00c137f3ef44efe62a85c1293f192de3b11709d5402c41ba4a5dca76f5ee2456408c48c65fe6d7d894f1ef2fc921519a0f89680f2d26871192ae12d1b2b5c4171999e134a30a7929f776ecfb69c4e36f0bd7f209521eec441f81a963677ea23664dc53c3f550a94349e80f87ff680f3996dc8ee01dbf790d34c3b471b1821f15512967597e81048838fbe2c176a5c110f56962bcdaf07784f5c0c8806c3adb8daff203b1efaac1f79402c668c8861c22b49b3113f4ccbffd67cd499a3ded6b8c77dcfa708e5dc74a2345936b9fa14f7920c37fdbdad86a50e9d63b20500b6c63ed6512cfb5af6c279e8bcc264e3fbc36e6e4dbc62e00a6cc1d35a657eba58145a7a4885323846b33079bd20c112ad6efbf8c4c26f4e14dfada7809184331d7adf5c36af776aa6c92630de27fd51fdbdb4b5832b360821e1e2f62b4d10bc9e22c97aa5721abea54d9ad59696415c8a9ce529b24e649f7ade172bddab38918a8f96cbf279f64e6a7ea4ebf5490fad046021d416d100468e6d69321916b1307f395df3f96d31ff37d720b2a14fbacf35288616ca67ec8aae835e92004e4c1eafc2ad9f6d75bbfa73addcaab0c735ad2537ad67a2678ee4dd8607c2f38a825636cf2f5f70d1645a7201ea46d4dfc3b37042db3ca6a0980c48753ed3d9c85049ed6f576b0071bf00c7bdaf3c3135e18c54a6f9606a6930fdbd17c18b5bdbe5c8c07419a2c72418713c80076b1c383e631748e9e1b242b8be4f939b75b969cc0424abd586d54167d4e37f4294e44b0892e2a029411516e11a417ad503f116a9032566bbeb2c3c2be88b99e7d129d3c6f9bff20de5d1d7d11df90434c91a946b4e6a19f8e01a1756f31815b5f38afe4bd8aaed8f1a26cd45c353bc06813c1878d01af9540460038d5dddd79cac4dd883425283bfab2605ffa2f23f23d718aa11c400730d86d2f36561a386962ba9a836539b9910022cd270f01721aa23197ce98db7978b9f476a418a5123b16136b32f0996a35600fe36b7f796875253e83406c9127ed0f5ed2b4eeeab5347470d74f6add5a9d245ce95c5f122528c19906b0a1d39fd7e913192049519c3d0c52bca6836101135a988b72487a5f51b0b9769eddc355ec8f01eb1b4e28c7a3a6780b5800a26ced4c9aec4f1343571f588a20e821ecffb391f466ca165cad44ae069680d8f67ac75d0465abe93e34797d31d626efe88c5b2889a73c1c05c36feb24d021e34dd69ea423c5991e9b631e78986ac0c1a314813ca9d4e375cdb2b88cc9e061995c55943f7c8648e99606fc48dfa0a53d3f9792299dbc80d26d5ecc0636b9b6137baaa3229f0a193f2b9d983bedeaed48e4c6b2ff57a5d386fdb122c6ae95ce96cbce2751eb75620227fe53b933fb408d9d488110c3539cc24a263c1d6a2439f45b80944a60fca31faebb93f62dcf7c00e569f0db5904e46823710926b7928468f7e71a592094c75aaa0fc9cab0d5f6a55fc3e2f9f7c9122d22b9d90b45d16d0b29ef059fbac4eaba95fc635f0634128e6c344a01b6369578dd2aa6e536fe65395a82b184db0ae9e4e2068d81c19b7d0eda7e208082fb2f84491e74d509ed63e36e479c6bb46db378a3ace0e0645425f4ce0e783a2a736bcbbbc75de8684cdb3fe2de49943b6183e8e09a8f59f6e3589567d3ded3c379f463591f8caa0b1570a68e59f00c363dd27de09c4468c0ea3c5814ad1d02e4a1e1d39e79dde07f48584c8728d34e92dc461091bcad1ff81646aedf5354d4daa08b155801a191c896e98a0a54607af368ad22da39f411c0ab17bceaf18b024f280ae6164988bd340f30c6be633f93458dc69e190b63e45d848f80e9c00990a6d061fb0814bb56832030370246ed57962550f9118fc99fd09619fa5423054f37db8d448777a24082c7c225892de193100489b8b2487aa10d1688fef2f392e434f445612f88a1384dc47df9188cb4280cdba22da45eef1a61307df6fc6cd327c7cc1597e25a7ab7c2a3c4650bd7641bda005028c68d53402b4a2955c58f603a8a4fc550a32acf23edff3187c4ecc41eb7b27bf140e681319b76faaea16bc490bbd9212d91f32f5575638b8d196aff154aa87cbd9b9a09992ac2b169992dee1f8e5d3c79156039775ab6d2277c5618ae817827433af5a2934ebfad1fdf530d0f094886fe47814b123b48764756c9c0815e27e69b52dbb32edfc30ea2a2545a62e2c7c4ac473bc2eb5c450775dfe37f2c607f4f2ab3696bd21154153cae6bd62c9e4120601294082173fe2576d5765d6c915f577e3f8a9b22a8dc035818f3e4a594eefc80b806c15b4eab88aceb135c7b3ab70fb8896eb1a46ea0a4d9bd1a3d622597bdd507a2fb7bf83262c41ee7ffd14cbc02adf65e0619659ac77f355fb16b66c0d34a578b983eb68e6ccc68c1c7d36a438156e01f4f4781d84bb1517caec55795fc2b35a64b73fa211d2cb07c8a7215cb499a6f93454320fe007b37d5d48713afe959d8e406be6590816f75fb983ab647edf3abcb363bf971359ed641a32a9b16da3e9971d321e8575291c6840b38ad4346792f3e1988646df6cce7e8b6dd8e9e32112c43a6eebbb8e0a1cbdb38f00b4e674ea0cfac3dd45b9888ddf98ffadf5b0adf41f6d889b2817a479cde76e560e6d75ded4c799a27cf17f67a4fa119a21afd8cd69d6ad121dd5c41603981b6f025720ef0ba0284fb7e4901621c9b24d22c04bdff4484270c3f370c319c8f8dd9b705331f0b0607cffef6c154702d3368b6a8579cd7a47bebabcca068a9599d1547b5cf871aab3e2314ae5e8a116f2583bc266bfa78dda7f39f98feeaf9210e16e46626c914f42e4ef60bb60dc83f7d7483e1fd8f4b9fbd5fdde095b1017a384b8d8aad9a63842b7f4d4e26fc9f55f091a4f9cae24755cdbb364f78a40cee68b288d2037e52090978b2aec741e664cc339d20e06c6d935666ac8457e70566de1e540bbe446c00d9aef23f5d9e130773ac9dd85ee761900fd31e629ae06d0aca97e81f408e1f93b46daad05c6a4597d4dd79aea7568b249b5d7d7b3ce87d6ee9a4aa94c2d39b2b828f845175cb03f46e715e007f08ee48452de634b22199452295b644a14449ba4404a868dc8bb0744a28043343478bbb6625dbac8db8cb882da382d9a7a7db0e0a58d5ac9ffc1e45046a2615b6b4755a40f5bcfed30d479b29a41dd8337844a28131e67b5e3b58adc70152086e257517a4502d115ca6532309f3ded6d70edfab174981ce483466432b48bcaceae13f7fe4bbe0527ccd1f52682d02634a4476b68dc579c0114a493b2460722f49a236d1a5c3bfa3d2234499d51a937b0a5e2aeaf906f149a8806aba76e7c81d4c574a1c76a235c5563387ea162a58b687efb759101de6585bf08bc500c5d6f7cc9c590ba74d69b80a71731e8c82099703fe44aa0e4503be61d4cfaab132b1c4eff7ed240d5ec965a1da982cd991c61769bd3b33febedd340865d570a2240b3a54661c72441b801825bf93357596a31c1b7369ea1d30354f32cbee37c6a09e3df259ce7d51458aef19b9ce0b8a00c72bffbffffd97652ff1cd8900b2239524a06700092a5afb72882922697339df16456f0272c0884d6ebe5311b9222de800ea461661671d5a53478d3ed0d6f0503e491116778afdbff5f48573b421157381e9ddfaded85cca5bb88178d98d113472f2ca609b6d93aea6bee0f9c079171c6e2e02d34671d4caa936fa0287aa636e310425b988c598afa35b2bcbdd40f2b34473cafbe4c2a1d021107ad8e4d5d690b30bff4adeebcd6e862e5302831b96cdca9ca82ee9d948592bec5b6b1bf3f1c9309349c6c2f032a46ff9e6e7eebafe62d0ea375e5baf0084ef2f282d615ae033ca6e050bd21ef9fbec21583f3a72d319f339a2c291b1e367cbbd8b6b10ceec80243f0aa5bf57f32ea055e796aa2b3fb2dcaf96f945fe2c3042d95b47be226708d1165064dac21d63917f612e650477f955f4bcd435de977b70e8fed017fe4e67b95ad427d6f2043bc9f0d3773dc474c7be93c460cfac270eabfddfde14b447dadc10ac2f70ae7b6b54bf443ca1b890cc918c32419f8daa4492a345d158c1440dd05a28422eb38b70d9f32180ca31e8b3f9f249bd633004b07a6ac5a1dfaa73a0fb5c2b710afcbfe6998023513b1c8a9cf1ad7fc2914f8966bf5382f8faaaeea9e999df7eef1dafe3d47da20813790df3f9e2da4f3145e11abcba20f193efcc7cf3a155a4ba15786a80c55a28df2452ab854b56bdfca3ca059754d06b933a19c6f5cf875db6651903bf28a2df9edfad4bb0b8d0848d0a8603418ee492af12a9f2818f47e4350034d36aec580f1c35d389e4f9fcd75cf034d3b34e9e09265720cbd22f05078977b3fedac92e2126ac3671a8e5a7745de928899d75afbca761e216a298c2f9d57932d4ecd808df992e96ce7410a13b39b6333a3bd7581736ec1bd1923bdbbef9844aa67dcb1a28c36d21d9e26d79c8bcf92ef7b51876190b970206c600d6ba9b00449b31d9fd668817332259582fd5f578475108fe0dc50f91a533372de2dfa6184058e7caaa2b827e8ee1163a903c3a32cc3466a6b759157507c7d587bc7f1d9c43f803f30c683f556ecb4fc4bd1cfd6f1360520e0b6655e2e45988fb5a308074d31843853cb86cd608ae41aa373646dd8045365a08defe834eb183430068db4909ed9252296b3700969dee782a209c50e873b1758e15217a916b452ab7d3da006631dcbe88f2800b95360d3c8937cbfa7ec20a54641c45b9fea4fd8c3564a1e17d0cd68942eb02cee17c6b4d1112fe3a2fa79c830f8c94762ab86c0ea786b3bf3d6c8a250083f836ddc2a106a5c025112365d33bb70954da33f58a6f19c47f2ffbfc18cc22756dc840f05a05b381c1ff25e6655854b92752a705ec1790910e668cb30bbc5886c7da31e917fc5384aceeb041b4ad581daaa0acf27ebc72f7ae734d1ca0094bc868e0db63272ee026040653aee27c1b503b9eea955a4427edd2c72882c4bfacc92a43da4113b2566a8d6f3e8e1399eb8992ad4edcc9d0970e80e1bda8093c142a659c093ea009169c30fd75c9c2926a89857b6a2a7f27f49eba6adcb60257131320012df6ab3f74c305ba3d15967fd9f73774b38b71800a8ea61d4ec567287881f5f1f7aa12f1c19942342552e1833a0a09d0458ab8e51988f13c8cab017dfd920aaa9b9c95b0ae5ae9e53f86d531278c4978a5606aa5151eb37043df829dcbeed3db4bb6de332ed46a0e5238953ee983dd52fb92d804c45104cca01e973a784ae7e91e78ae1f8dd4da4d5e4d537ff2fcb4396f204fa7f4201c81c606f76c1b30818b75280e964a43172ac4c6e9513dd45215f7bc5121578bb8c5cea5fcde181ca21d5bac1ed1b63766977cffe4e29894cf184acd6337bea843479f1174041693940056854543f13b3a1334bfceadfc71e171fc4e957f1fc264916ece5d958ecacc0bd46c1a1256e1a028f18fa78e20ffdf93f1bbbf3c23ee0af9bffdfbcd51d1f0b30db184cb30eb5cbf11fad1bf836b74c7e690d8f6bc58bc67dd51ba45b50045cfe164f8794f96e40c67a32250383267aa9527bda65ffd3f1e3b01b49d6123b46ab9f2b802a6acde75c6e440951e795ce0e2bb5dd0d8a7f1ef0fb30876855fe8e37c3aa8c0cdf6bd644a3b2c41a2ff7a849e97fa87f866da8ff7b85dd8758191fab46efd2d035ec80b3fbeea49db1e28accf35a18518e46c78acd2263b1b7f49d0a570d7151cd211844c800374c0653a7cfabe37f3d947bdebc9d978a783a03377fcc14ccf9b66dc2553814b489450dd9e475f58000c0fd3bb06f569760f00a36bae1d00a35b9f28e99d7baee08a2ae589062a3a2a23990a29da9a2b089766120c07910c9471baebd1a38d8a3b6a814a01d08d34f32cec3117557e619ba92de4250000a8fde3441b40179fee0d045cc4219657e5c62912360fc1507d1958f360a413eab7f70ba6b4638d7e4547ef3de1ea8d99e718ee7db36b27c10fcd4186ba7f44a45ce40ee1cb808d32aef89e595148d5614e7bde7a1182300b790a14acc224140184a773969a4e1d4be1af4513abe31f66bfa32fb8f4e85c8f0b34e99aded86bbfa9cedf89372598cabc3f304fb0072085cecd2aae2d8cb961abb0c67c083e07d2041e758439d8ab5528f8840af6b1fd2bd3b57e6b78505696de34b9bd62b81b684d986909223b031c66e53cf88ce9cb9396b5cc6c540a15c70a54e642e36a4e76bcc21c2634111af1810ac5c9ca13625e1263a8fcf697c90a17cc30f33302483bfaa05a65e9e5bfa01271814883c35d2256d7708ef7ab84a1964bdd96f43d78ab0c149df4dad886a72ec135a1c0a36710fd139aadb85ba7cb95acedb9aa98843a9bf25adc7fefaa1acd26a4a673d69fb83f283758f89c56bbd0db4e3a4a52b2b47c0ac07d4ce704c272e3085e60efd4a5c387b9f366b7c63c63d8b2941a58c9506acc2c4900f6bd319488df9059ff917a84bd7f03404658e8b94be13d08b6ebc910056509e6077bd971fae196f25c3d291d86b3649d4d74cfbde9a930168bf112a6dc9bd8b48fee4860e488bfd9027fc369b09c43b19b4eeb222f987fbc30bfdd7a9460a3ecccd943ba0b94f87b998ee6601b2f6635b9641c01ac13fdd039cea6478f4389310eccba4127d19f7f97bdbcc6a1c379b80df615833a5522726a2894e68d5157768ae7eca58389c35ca6eb75b32730cef01ee419a88423a0f599f8b1c8a1e546684eab2ff4de39eb57a00f346dd25030e9f50d9d9ea8d8936700ebfedc710b6448bcb8e9856bd719349ae5906479947756c6452ee0a8b8bee4bfa949e7db61690b8e5509957d88f2a96987f87456aec07abb5ff9bb984bdd92f81f0e285d6b86ea66366a83ec51d78545055f4aa811ca5eadfaf55a0737c7649a287drootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootsamba-4.11.14+git.313.d4e302805e1-lp152.3.31.2.src.rpmctdb-testsctdb-tests(armv7hl-32)@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@     /bin/bash/bin/shld-linux-armhf.so.3ld-linux-armhf.so.3(GLIBC_2.4)libc.so.6libc.so.6(GLIBC_2.4)libgcc_s.so.1libgcc_s.so.1(GCC_3.5)libiov-buf-samba4.solibiov-buf-samba4.so(SAMBA_4.11.14_GIT.313.D4E302805E1LP152.3.31.2_SUSE_OS15.0_ARM)libpopt.so.0libpopt.so.0(LIBPOPT_0)libpthread.so.0libpthread.so.0(GLIBC_2.4)libreplace-samba4.solibreplace-samba4.so(SAMBA_4.11.14_GIT.313.D4E302805E1LP152.3.31.2_SUSE_OS15.0_ARM)libsamba-debug-samba4.solibsamba-debug-samba4.so(SAMBA_4.11.14_GIT.313.D4E302805E1LP152.3.31.2_SUSE_OS15.0_ARM)libsamba-util.so.0libsamba-util.so.0(SAMBA_UTIL_0.0.1)libsocket-blocking-samba4.solibsocket-blocking-samba4.so(SAMBA_4.11.14_GIT.313.D4E302805E1LP152.3.31.2_SUSE_OS15.0_ARM)libsys-rw-samba4.solibsys-rw-samba4.so(SAMBA_4.11.14_GIT.313.D4E302805E1LP152.3.31.2_SUSE_OS15.0_ARM)libtalloc.so.2libtalloc.so.2(TALLOC_2.0.2)libtalloc.so.2(TALLOC_2.1.0)libtdb-wrap-samba4.solibtdb-wrap-samba4.so(SAMBA_4.11.14_GIT.313.D4E302805E1LP152.3.31.2_SUSE_OS15.0_ARM)libtdb.so.1libtdb.so.1(TDB_1.2.1)libtdb.so.1(TDB_1.2.2)libtdb.so.1(TDB_1.2.5)libtdb.so.1(TDB_1.3.11)libtevent-util.so.0libtevent-util.so.0(TEVENT_UTIL_0.0.1)libtevent.so.0libtevent.so.0(TEVENT_0.9.13)libtevent.so.0(TEVENT_0.9.14)libtevent.so.0(TEVENT_0.9.21)libtevent.so.0(TEVENT_0.9.9)libtime-basic-samba4.solibtime-basic-samba4.so(SAMBA_4.11.14_GIT.313.D4E302805E1LP152.3.31.2_SUSE_OS15.0_ARM)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PartialHardlinkSets)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0.4-14.0-15.2-14.14.1a@@a(@a&0``v@`]`P`_@__d@__ @^@^^2^2^^1^^Y^J@^2@^&^&]]]])]@]@]]@]nU]nU]i]e@]_@]J@]B@] #]:\ڭ\\@\@\ \N\e\e\}@\o@\\\\\4\ @[[@[[%@[@[ @[[t[#@[[Q@[Q@[\[[[{[z@[r@[ @[WZZZZZZ`@Z@Z@ZZ@ZZ}@Z'Z@ZOZ@Z ,@Z@YY@Yo@Yo@Yo@Y@Y3YYu@Yg`Yf@Y7Y7Y, @Y"X:@X:@XXsX@X9@X@X@Xg@X,XƉX@XYXe@XX@X@X@XWXAb@X-W Wv@W$W;Wu@W#WW W@W~D@Wj}W_WYZ@WYZ@W=W(W!@WW@V3V3VV'@VՄ@VՄ@VVIV@V`Vl@V@V@V<@V<@V@VjV]VI@VG"@VG"@VG"@VG"@V(V'~@V V7@VBUYU@U@UUAUĝU@UU@Uy@UUrUq@UhTU_@USaNoel Power Noel Power Samuel Cabrero Samuel Cabrero Noel Power David Mulder Noel Power Noel Power Noel Power Samuel Cabrero Samuel Cabrero Samuel Cabrero David Mulder Noel Power Samuel Cabrero Samuel Cabrero David Mulder Samuel Cabrero Samuel Cabrero Noel Power Noel Power Noel Power David Mulder Samuel Cabrero Noel Power David Disseldorp Noel Power Noel Power Jim McDonough Noel Power Noel Power James McDonough Noel Power Noel Power Samuel Cabrero Noel Power Noel Power James McDonough npower Samuel Cabrero Noel Power npower David Disseldorp David Disseldorp npower npower David Disseldorp npower David Mulder David Mulder David Disseldorp Samuel Cabrero David Mulder ddiss@suse.comnopower@suse.comJan Engelhardt David Mulder Samuel Cabrero Samuel Cabrero Samuel Cabrero dmulder@suse.comdmulder@suse.comdmulder@suse.comjmcdonough@suse.comdmulder@suse.comSamuel Cabrero dmulder@suse.comSamuel Cabrero dmulder@suse.comdmulder@suse.comvcizek@suse.comdmulder@suse.comdmulder@suse.comnopower@suse.comscabrero@suse.dejmcdonough@suse.comscabrero@suse.deaaptel@suse.comjengelh@inai.dedimstar@opensuse.orgdmulder@suse.comjmcdonough@suse.comdavid.mulder@suse.comjmcdonough@suse.comaaptel@suse.comdmulder@suse.comscabrero@suse.comscabrero@suse.comkukuk@suse.dedavid.mulder@suse.comscabrero@suse.comrbrown@suse.comdmulder@suse.comscabrero@suse.comdimstar@opensuse.orgscabrero@suse.comaaptel@suse.comnopower@suse.comnopower@suse.comaaptel@suse.comddiss@suse.comdmulder@suse.comddiss@suse.comdmulder@suse.comddiss@suse.comddiss@suse.comnopower@suse.comddiss@suse.comddiss@suse.comddiss@suse.comddiss@suse.comddiss@suse.comddiss@suse.comddiss@suse.comddiss@suse.comdmulder@suse.comnopower@suse.comjmcdonough@suse.comaaptel@suse.comkukuk@suse.comkukuk@suse.denopower@suse.comaaptel@suse.comdmulder@suse.comddiss@suse.comdmulder@suse.comddiss@suse.comjmcdonough@suse.comnopower@suse.comnopower@suse.comnopower@suse.comnopower@suse.comjmcdonough@suse.comjmcdonough@suse.comnopower@suse.comnopower@suse.comddiss@suse.comjmcdonough@suse.comddiss@suse.comjmcdonough@suse.comjmcdonough@suse.comjmcdonough@suse.comjmcdonough@suse.comjmcdonough@suse.comjmcdonough@suse.comjmcdonough@suse.comjmcdonough@suse.comjmcdonough@suse.comnopower@suse.comlmuelle@suse.comlmuelle@suse.comjmcdonough@suse.comnopower@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comnopower@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comtchvatal@suse.comlmuelle@suse.comnopower@suse.comcrrodriguez@opensuse.orglmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comnoel.power@suse.comddiss@suse.comddiss@suse.comlmuelle@suse.comddiss@suse.comlmuelle@suse.comlmuelle@suse.comnopower@suse.comddiss@suse.comddiss@suse.comlmuelle@suse.comlmuelle@suse.comddiss@suse.comlmuelle@suse.commpluskal@suse.comlmuelle@suse.comnopower@suse.deddiss@suse.comddiss@suse.comddiss@suse.comlmuelle@suse.denopower@suse.delmuelle@suse.comnopower@suse.deddiss@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.com- The username map [script] advice from CVE-2020-25717 advisory note has undesired side effects for the local nt token. Fallback to a SID/UID based mapping if the name based lookup fails; (bsc#1192849); (bso#14901).- CVE-2016-2124: SMB1 client connections can be downgraded to plaintext authentication (bsc#1014440); (bso#12444); - CVE-2020-25717: A user in an AD Domain could become root on domain members; (bsc#1192284); (bso#14556); - CVE-2021-23192: Subsequent DCE/RPC fragment injection vulnerability; (bsc#1192214); (bso#14875);- Fix wrong kvno exported to keytab after net ads changetrustpw due to replication delay; (bsc#1188727);- Add msDS-AdditionalDnsHostName to the keytab; (bso#14396); (bsc#1185420); - Add net-ads-join dnshostname option; (bso#14396); (bsc#1185420); - Fix adding msDS-AdditionalDnsHostName to keytab with Windows DC; (bso#14406); (bsc#1185420);- CVE-2021-20254 Buffer overrun in sids_to_unixids(); (bnc#14571); (bsc#1184677).- s3-libads: use dns name to open a ldap session; (bso#13124); (bsc#1184310).- CVE-2020-27840: samba: Unauthenticated remote heap corruption via bad DNs; (bso#14595); (bsc#1183572). - CVE-2021-20277: samba: out of bounds read in ldb_handler_fold; (bso#14655); (bsc#1183574).- Avoid free'ing our own pointer in memcache when memcache_trim attempts to reduce cache size; (bso#14625); (bnc#1179156).- Adjust smbcacls '--propagate-inheritance' feature to align with upstream; (bsc#1178469).- CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records; (bsc#1177613); (bso#14472); - CVE-2020-14323: Unprivileged user can crash winbind; (bsc#1173994); (bso#14436); - CVE-2020-14318: Missing handle permissions check in SMB1/2/3 ChangeNotify; (bsc#1173902); (bso#14434); - Update to samba 4.11.14 + lib/util: Do not install /usr/bin/test_util; (bso#14166); + smbd: don't log success as error; (bso#14490); + idmap_ad does not deal properly with a RFC4511 section 4.4.1 response; (bso#14465); + winbind: Fix a memleak; (bso#14388); + idmap_ad: Pass tldap debug messages on to DEBUG(); (bso#14465); + lib/replace: Move lib/replace/closefrom.c from ROKEN_HOSTCC_SOURCE to REPLACE_HOSTCC_SOURCE; (bso#14482); + ctdb disable/enable can fail due to race condition; (bso#14466);- Update to samba 4.11.13 + CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: Protect netr_ServerPasswordSet2 against unencrypted passwords; (bsc#1176579); (bso#14497); + CVE-2020-1472(ZeroLogon): s3:rpc_server/netlogon: Support "server require schannel:WORKSTATION$ = no" about unsecure configurations; (bsc#1176579); (bso#14497); + CVE-2020-1472(ZeroLogon): s4 torture rpc: repeated bytes in client challenge; (bsc#1176579); (bso#14497); + CVE-2020-1472(ZeroLogon): libcli/auth: Reject weak client challenges in netlogon_creds_server_init() "server require schannel:WORKSTATION$ = no"; (bsc#1176579); (bso#14497); - Update to samba 4.11.12 + s3: libsmb: Fix SMB2 client rename bug to a Windows server; (bso#14403); + dsdb: Allow "password hash userPassword schemes = CryptSHA256" to work on RHEL7; (bso#14424); + dbcheck: Allow a dangling forward link outside our known NCs; (bso#14450); + lib/debug: Set the correct default backend loglevel to MAX_DEBUG_LEVEL; (bso#14426); + s3:smbd: PANIC: assert failed in get_lease_type(); (bso#14428); + lib/util: do not install "test_util_paths"; (bso#14370); + lib:util: Fix smbclient -l basename dir; (bso#14345); + s3:smbd: PANIC: assert failed in get_lease_type(); (bso#14428); + util: Allow symlinks in directory_create_or_exist; (bso#14166); + docs: Fix documentation for require_membership_of of pam_winbind; (bso#14358); + s3:winbind:idmap_ad: Make failure to get attrnames for schema mode fatal; (bso#14425);- Add obsoletes to libsmbldap2 package to fix upgrades from previous versions; (bsc#1172810);- Fix net command unable to negotiate SMB2; (bsc#1174120);- Update to samba 4.11.11 + CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and VLV combined; (bso#14364); (bsc#1173159] + CVE-2020-10745: invalid DNS or NBT queries containing dots use several seconds of CPU each; (bso#14378); (bsc#1173160). + CVE-2020-10760: Use-after-free in AD DC Global Catalog LDAP server with paged_result or VLV; (bso#14402); (bsc#1173161) + CVE-2020-14303: Endless loop from empty UDP packet sent to AD DC nbt_server; (bso#14417); (bsc#1173359). - Update to samba 4.11.10 + Fix segfault when using SMBC_opendir_ctx() routine for share folder that contains incorrect symbols in any file name; (bso#14374). + vfs_shadow_copy2 doesn't fail case looking in snapdirseverywhere mode; (bso#14350) + ldb_ldap: Fix off-by-one increment in lldb_add_msg_attr; (bso#14413). + Malicous SMB1 server can crash libsmbclient; (bso#14366) + winbindd: Fix a use-after-free when winbind clients exit; (bso#14382) + ldb: Bump version to 2.0.11, LMDB databases can grow without bounds. (bso#14330) - Update to samba 4.11.9 + nmblib: Avoid undefined behaviour in handle_name_ptrs(); (bso#14242). + 'samba-tool group' commands do not handle group names with special chars correctly; (bso#14296). + smbd: avoid calling vfs_file_id_from_sbuf() if statinfo is not valid; (bso#14237). + Missing check for DMAPI offline status in async DOS attributes; (bso#14293). + smbd: Ignore set NTACL requests which contain S-1-5-88 NFS ACEs; (bso#14307). + vfs_recycle: Prevent flooding the log if we're called on non-existant paths; (bso#14316) + smbd mistakenly updates a file's write-time on close; (bso#14320). + RPC handles cannot be differentiated in source3 RPC server; (bso#14359). + librpc: Fix IDL for svcctl_ChangeServiceConfigW; (bso#14313). + nsswitch: Fix use-after-free causing segfault in _pam_delete_cred; (bso#14327). + Fix fruit:time machine max size on arm; (bso#13622) + CTDB recovery corner cases can cause record resurrection and node banning; (bso#14294). + ctdb: Fix a memleak; (bso#14348). + libsmb: Don't try to find posix stat info in SMBC_getatr(). + ctdb-tcp: Move free of inbound queue to TCP restart; (bso#14295); (bsc#1162680). + s3/librpc/crypto: Fix double free with unresolved credential cache; (bso#14344); (bsc#1169095) + s3:libads: Fix ads_get_upn(); (bso#14336). + CTDB recovery corner cases can cause record resurrection and node banning; (bso#14294) + Starting ctdb node that was powered off hard before results in recovery loop; (bso#14295); (bsc#1162680). + ctdb-recoverd: Avoid dereferencing NULL rec->nodemap; (bso#14324) - Update to samba 4.11.8 + CVE-2020-10700: Use-after-free in Samba AD DC LDAP Server with ASQ; (bso#14331); (bsc#1169850); + CVE-2020-10704: LDAP Denial of Service (stack overflow) in Samba AD DC; (bso#14334); (bsc#1169851); - Update to samba 4.11.7 + s3: lib: nmblib. Clean up and harden nmb packet processing; (bso#14239). + s3: VFS: full_audit. Use system session_info if called from a temporary share definition; (bso#14283) + dsdb: Correctly handle memory in objectclass_attrs; (bso#14258). + ldb: version 2.0.9, Samba 4.11 and later give incorrect results for SCOPE_ONE searches; (bso#14270) + auth: Fix CIDs 1458418 and 1458420 Null pointer dereferences; (bso#14247). + smbd: Handle EINTR from open(2) properly; (bso#14285) + winbind member (source3) fails local SAM auth with empty domain name; (bso#14247) + winbindd: Handling missing idmap in getgrgid(); (bso#14265). + lib:util: Log mkdir error on correct debug levels; (bso#14253). + wafsamba: Do not use 'rU' as the 'U' is deprecated in Python 3.9; (bso#14266). + ctdb-tcp: Make error handling for outbound connection consistent; (bso#14274). - Update to samba 4.11.6 + pygpo: Use correct method flags; (bso#14209). + vfs_ceph_snapshots: Fix root relative path handling; (bso#14216); (bsc#1141320). + Avoiding bad call flags with python 3.8, using METH_NOARGS instead of zero; (bso#14209). + source4/utils/oLschema2ldif: Include stdint.h before cmocka.h; (bso#14218). + docs-xml/winbindnssinfo: Clarify interaction with idmap_ad etc; (bso#14122). + smbd: Fix the build with clang; (bso#14251). + upgradedns: Ensure lmdb lock files linked; (bso#14199). + s3: VFS: glusterfs: Reset nlinks for symlink entries during readdir; (bso#14182). + smbc_stat() doesn't return the correct st_mode and also the uid/gid is not filled (SMBv1) file; (bso#14101). + librpc: Fix string length checking in ndr_pull_charset_to_null(); (bso#14219). + ctdb-scripts: Strip square brackets when gathering connection info; (bso#14227).- Add libnetapi-devel to baselibs conf, for wine usage; (bsc#1172307);- Installing: samba - samba-ad-dc.service does not exist and unit not found; (bsc#1171437);- Fix samba_winbind package is installing python3-base without python3 package; (bsc#1169521);- Require libldb2 >= 2.0.10 after security release.- CVE-2020-10704: LDAP Denial of Service (stack overflow) in Samba AD DC; (bso#14334); (bsc#1169851); - CVE-2020-10700: Use-after-free in Samba AD DC LDAP Server with ASQ; (bso#14331); (bsc#1169850);- Fix smbclient crash with double free (with unresolved krb5 credential cache); (bso#14344); (bsc#1169095).- Starting ctdb node that was powered off hard before results in recovery loop; (bso#14295); (bsc#1162680).- CTDB doesn't retry outgoing connections on bind (and some other) failures; (bso#14274); (bsc#1162680).- Revert: Allow idmap_rid to have primary group other than "Domain Users"; (bsc#1087931).- Fix nmbstatus not reporting detailed information about workgroups; (bsc#1159464); - Fix querying all names registered within broadcast area; (bso#8927);- Update to samab 4.11.5 + CVE-2019-14902: Replication of ACLs down subtree on AD Directory is not automatic; (bso#12497); (bsc#1160850). + CVE-2019-19344: Fix server crash with dns zone scavenging = yes; (bso#14050); (bsc#1160852). + CVE-2019-14907: server-side crash after charset conversion failure (eg during NTLMSSP processing); (bso#14208); (bsc#1160888). - Update to samba 4.11.4 + Ensure SMB1 cli_qpathinfo2() doesn't return an inode number; (bso#14161). + Ensure we don't call cli_RNetShareEnum() on an SMB1 connection; (bso#14174). + NT_STATUS_ACCESS_DENIED becomes EINVAL when using SMB2 in SMBC_opendir_ctx; (bso#14176). + SMB2 - Ensure we use the correct session_id if encrypting an interim response; (bso#14189). + Prevent smbd crash after invalid SMB1 negprot; (bso#14205). + printing: Fix %J substition; (bso#13745). + Remove now unneeded call to cmdline_messaging_context(); (bso#13925). + Fix incomplete conversion of former parametric options; (bso#14069). + Fix sync dosmode fallback in async dosmode codepath; (bso#14070). + vfs_fruit returns capped resource fork length; (bso#14171). + libnet_join: Add SPNs for additional-dns-hostnames entries; (bso#14116). + smbd: Increase a debug level; (bso#14211). + Prevent azure ad connect from reporting discovery errors reference-value-not-ldap-conformant; (bso#14153). + krb5_plugin: Fix developer build with newer heimdal system library; (bso#14179). + replace: Only link libnsl and libsocket if required; (bso#14168); + ctdb: Incoming queue can be orphaned causing communication; breakdown; (bso#14175). + ldb: Release ldb 2.0.8. Cross-compile will not take cross-answers or cross-execute; (bso#13846). + heimdal-build: Avoid hard-coded /usr/include/heimdal in asn1_compile-generated code; (bso#13856).- Fix Ceph snapshot root relative path handling; (bso#14216); (bsc#1141320).- Update to samba 4.11.3 + CVE-2019-14861: DNSServer RPC server crash, an authenticated user can crash the DCE/RPC DNS management server by creating records with matching the zone name; (bso#14138); (bsc#1158108). + CVE-2019-14870: DelegationNotAllowed not being enforced, the DelegationNotAllowed Kerberos feature restriction was not being applied when processing protocol transition requests (S4U2Self), in the AD DC KDC; (bso#14187); (bsc#1158109).- CVE-2019-14861: DNSServer RPC server crash, an authenticated user can crash the DCE/RPC DNS management server by creating records with matching the zone name; (bso#14138); (bsc#1158108). - CVE-2019-14870: DelegationNotAllowed not being enforced, the DelegationNotAllowed Kerberos feature restriction was not being applied when processing protocol transition requests (S4U2Self), in the AD DC KDC; (bso#14187); (bsc#1158109).- Update to samba 4.11.2 + CVE-2019-10218: Client code can return filenames containing path separators; (bsc#1144902); (bso#14071). + CVE-2019-14833: Samba AD DC check password script does not receive the full password; (bso#12438). + CVE-2019-14847: User with "get changes" permission can crash AD DC LDAP server via dirsync; (bso#14040). - Fixes from 4.11.1 + Overlinking libreplace against librt and pthread against every binary or library causes issues; (bso#14140); + kpasswd fails when built with MIT Kerberos; (bso#14155); + Fix spnego fallback from kerberos to ntlmssp in smbd server; (bso#14106); + Stale file handle error when using mkstemp on a share; (bso#14137); + non-AES schannel broken; (bso#14134); + Joining Active Directory should not use SAMR to set the password; (bso#13884); + smbclient can blunder into the SMB1 specific cli_RNetShareEnum() call on an SMB2 connection; (bso#14152); + Deleted records can be resurrected during recovery; (bso#14147); + getpwnam and getpwuid need to return data for ID_TYPE_BOTH group; (bso#14141); + winbind does not list forest trusts with additional trust attributes; (bso#14130); + fault report points to outdated documentation; (bso#14139); + pam_winbind with krb5_auth or wbinfo -K doesn't work for users of trusted domains/forests; (bso#14124); + classicupgrade results in uncaught exception - a bytes-like object is required, not 'str'; (bso#14136); + pod2man is not longer required, stop checking at build time; (bso#14131); + Exit code of ctdb nodestatus should not be influenced by deleted nodes; (bso#14129); + username/password authentication doesn't work with CUPS and smbspool; (bso#14128); + smbc_readdirplus() is incompatible with smbc_telldir() and smbc_lseekdir(); (bso#14094);- CVE-2019-14847: User with "get changes" permission can crash AD DC LDAP server via dirsync; (bso#14040); (bsc#1154598); - CVE-2019-10218: Client code can return filenames containing path separators; (bso#14071); (bsc#1144902);- CVE-2019-14833: samba: Accent with "check script password" Samba AD DC check password script does not receive the full password; (bso#12438); (bsc#1154289).- Update to samba 4.11.0 + For details on all items see WHATSNEW.txt in samba-doc package + Python2 runtime support removed; python 3.4 or later required + Security improvements: - SMB1 disabled by default - lanman and plaintext authentication deprecated - winbind: PAM_AUTH and NTLM_AUTH events logged - GnuTLS 3.2 required; system FIPS mode setting honored + CephFS Snapshot integration, exposed as previous file versions + ctdb changes: - onnode -o option removed - ctdbd logs when using more than 90% of a CPU thread - CTDB_MONITOR_SWAP_USAGE variable removed + AD Domain controller improvements: - Upgrade AD databse format - BIND9_FLATFILE deprecated - default process model chagned to prefork - bind9 dns operation duration logging - Default schema updated to 2012_R2; function level is unchanged - many performance improvements + Configuration webserver support removed- Fix broken username/password authentication with CUPS and smbspool; (bsc#1152143); (bso#14128).- Fix auth problems when printing via smbspool backend with kerberos; (bnc#1148539); (bso#13832).- Update to samba 4.10.8 + CVE-2019-10197: user escape from share path definition; (bso#14035); (bsc#1141267);- Fix build on newer systems by modifying samba.spec to use consistent non-relative paths for pammodules in configure line and specification of pam_winbind.so library to package.- Update to samba 4.10.7 + Unable to create or rename file/directory inside shares configured with vfs_glusterfs_fuse module; (bso#14010). + build: Allow build when '--disable-gnutls' is set; (bso#13844) + samba-tool: Add 'import samba.drs_utils' to fsmo.py; (bso#13973). + Fix 'Error 32 determining PSOs in system' message on old DB with FL upgrade; (bso#14008). + s4/libnet: Fix joining a Windows pre-2008R2 DC; (bso#14021) + join: Use a specific attribute order for the DsAddEntry nTDSDSA object; (bso#14046). + vfs_catia: Pass stat info to synthetic_smb_fname(); (bso#14015). + lookup_name: Allow own domain lookup when flags == 0; (bso#14091). + s4 librpc rpc pyrpc: Ensure tevent_context deleted last; (bso#13932). + DEBUGC and DEBUGADDC doesn't print into a class specific log file; (bso#13915). + Request to keep deprecated option "server schannel", VMWare Quickprep requires "auto"; (bso#13949). + dbcheck: Fallback to the default tombstoneLifetime of 180 days; (bso#13967). + dnsProperty fails to decode values from older Windows versions; (bso#13969). + samba-tool: Use only one LDAP modify for dns partition fsmo role transfer; (bso#13973). + third_party: Update waf to version 2.0.17; (bso#13960). + netcmd: Allow 'drs replicate --local' to create partitions; (bso#14051). + ctdb-config: Depend on /etc/ctdb/nodes file; (bso#14017).- CVE-2019-10197: user escape from share path definition; (bso#14035); (bsc#1141267).- Prepare for use future use of kernel keyrings, modify /etc/pam.d/samba to include pam_keyinit.so; (bsc#1144059).- Update samba-winbind script to work with systemd; (bsc#1132739); - Drop samba dhcpcd hook scripts - Update to samba 4.10.6 + s3: winbind: Fix crash when invoking winbind idmap scripts; (bso#13956). + smbd does not correctly parse arguments passed to dfree and quota scripts; (bso#13964). + samba-tool dns: use bytes for inet_ntop; (bso#13965). + samba-tool domain provision: Fix --interactive module in python3; (bso#13828). + ldb_kv: Skip @ records early in a search full scan; (bso#13893). + docs: Improve documentation of "lanman auth" and "ntlm auth" connection; (bso#13981). + python/ntacls: Use correct "state directory" smb.conf option instead of "state dir"; (bso#14002). + registry: Add a missing include; (bso#13840). + Fix SMB guest authentication; (bso#13944). + AppleDouble conversion breaks Resourceforks; (bso#13958). + vfs_fruit makes direct use of syscalls like mmap() and pread(); (bso#13968). + s3:mdssvc: Fix flex compilation error; (bso#13987). + s3/vfs_glusterfs[_fuse]: Avoid using NAME_MAX directly; (bso#13872). + dsdb:samdb: schemainfo update with relax control; (bso#13799). + s3:util: Move static file_pload() function to lib/util; (bso#13964). + smbd: Fix a panic; (bso#13957). + ldap server: Generate correct referral schemes; (bso#12478). + s4 dsdb/repl_meta_data: fix use after free in dsdb_audit_add_ldb_value; (bso#13941). + s4 dsdb: Fix use after free in samldb_rename_search_base_callback; (bso#13942). + dsdb/repl: we need to replicate the whole schema before we can apply it; (bso#12204). + ldb: Release ldb 1.5.5; (bso#12478). + Schema replication fails if link crosses chunk boundary backwards; (bso#13713). + 'samba-tool domain schemaupgrade' uses relax control and skips the schemaInfo update provision; (bso#13799). + dsdb_audit: avoid printing "... remote host [Unknown] SID [(NULL SID)] ..."; (bso#13916). + python/ntacls: We only need security.SEC_STD_READ_CONTROL in order to get the ACL; (bso#13917). + s3:loadparm: Ensure to truncate FS Volume Label at multibyte boundary; (bso#13947). + Using Kerberos credentials to print using spoolss doesn't work; (bso#13939). + wafsamba: Use native waf timer; (bso#13998). + ctdb-scripts: Fix tcp_tw_recycle existence check; (bso#13984).- Update to samba-4.10.5 (including updates for 4.10.4, 4.10.3) + CVE-2019-12435 rpc/dns: Avoid NULL deference if zone not found in DnssrvOperation2; (bso#13922); (bsc#1137815). + CVE-2019-12436 dsdb/paged_results: Ignore successful results without messages; (bso#13951); (bsc#1137816). - Update to samba-4.10.4 + s3: SMB1: Don't allow recvfile on stream fsp's; (bso#13938). + py/provision: Fix for Python 2.6; (bso#13882). + netcmd: Fix 'passwordsettings --max-pwd-age' command; (bso#13873). + s3-libnet_join: 'net ads join' to child domain fails when using "-U admin@forestroot"; (bso#13861). + vfs_ceph: Explicitly enable libcephfs POSIX ACL support; (bso#13896); (bsc#1130245). + vfs_ceph: Fix cephwrap_flistxattr() debug message; (bso#13940); (bsc#1134697). + ctdb-common: Avoid race between fd and signal events; (bso#13895). + ctdb-common: Fix memory leak in run_proc; (bso#13943). + lib: Initialize getline() arguments; (bso#13892). + winbind: Fix overlapping id ranges; (bco#13903). + lib util debug: Increase format buffer to 4KiB; (bso#13902). + nsswitch pam_winbind: Fix Asan use after free; (bso#13927). + s4 lib socket: Ensure address string owned by parent struct; (bso#13929). + s3 rpc_client: Fix Asan stack use after scope; (bso#13936). + s3:smbd: Handle IO_REPARSE_TAG_DFS in SMB_FIND_FILE_FULL_DIRECTORY_INFO; (bso#10097). + smb2_tcon: Avoid STATUS_PENDING completely on tdis; (bso#10344). + smb2_sesssetup: avoid STATUS_PENDING responses for session setup; (bso#12845). + smb2_tcon: Avoid STATUS_PENDING completely on tdis; (bso#13698). + smb2_sesssetup: avoid STATUS_PENDING responses for session setup; (bso#13796). + dbcheck: Fix the err_empty_attribute() check; (bso#13843). + vfs_snapper: Drop unneeded fstat handler; (bso#13858). + vfs_default: Fix vfswrap_offload_write_send() NT_STATUS_INVALID_VIEW_SIZE check; (bso#13862). + smb2_server: Grant all 8192 credits to clients; (bso#13863). + smbd: Implement SMB_FILE_NORMALIZED_NAME_INFORMATION handling; (bso#13919). + s3/vfs_glusterfs: Dynamically determine NAME_MAX; (bso#13872). + s3: modules: ceph: Use current working directory instead of share path; (bso#13918); (bsc#1134452). + winbind: Use domain name from lsa query for sid_to_name cache entry; (bso#13831). + memcache: Increase size of default memcache to 512k; (bso#13865). + docs: Update smbclient manpage for "--max-protocol"; (bso#13857). + s3:utils: If share is NULL in smbcacls, don't print it; (bso#13937). + s3:smbspool: Fix regression printing with Kerberos credentials; (bso#13939). + ctdb-scripts: CTDB restarts failed NFS RPC services by hand, which is incompatible with systemd; (bso#13860). + ctdb-daemon: Revert "We can not assume that just because we could complete a TCP handshake"; (bso#13888). + ctdb-daemon: Never use 0 as a client ID; (bso#13930). + ctdb-common: Fix memory leak; (bso#13943). + s3:debug: Enable logging for early startup failures; (bso#13904) - Update to samba-4.10.3 + CVE-2018-16860: Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum; (bso#13685); (bsc#1134024).- CVE-2019-12435: zone operations can crash rpc server; (bso#13922); (bsc#1137815).- Fix cephwrap_flistxattr() debug message; (bso#13940); (bsc#1134697). - Add ceph_snapshots VFS module; (jsc#SES-183).- Fix vfs_ceph realpath; (bso#13918); (bsc#1134452).- Update to samba-4.10.2: + CVE-2019-3870 (World writable files in Samba AD DC private/ dir); (bso#13834). + CVE-2019-3880 (Save registry file outside share as unprivileged user); (bso#13851). + py/kcc_utils: py2.6 compatibility; (bso#13837). + libcli: permit larger values of DataLength in SMB2_ENCRYPTION_CAPABILITIES of negotiate response; (bso#13869). + regfio: Improve handling of malformed registry hive files; (bso#13840). + ctdb-version: Simplify version string usage; (bso#13789). + lib: Make fd_load work for non-regular files; (bso#13859). + dbcheck: in the middle of the tombstone garbage collection causes replication failures, dbcheck: add --selftest-check-expired-tombstones cmdline option; (bso#13816). + ndr_spoolss_buf: Fix out of scope use of stack variable in NDR_SPOOLSS_PUSH_ENUM_OUT(); (bso#13818). + s4/messaging: Fix undefined reference in linking libMESSAGING-samba4.so; (bso#13854). + acl_read: Fix regression for empty lists; (bso#13836). + s4:dlz make b9_has_soa check dc=@ node; (bso#13841). + s3:client: Fix printing via smbspool backend with kerberos auth; (bso#13832). + s4:librpc: Fix installation of Samba; (bso#13847). + s3:lib: Fix the debug message for adding cache entries; (bso#13848). + s3:utils: Add 'smbstatus -L --resolve-uids' to show username; (bso#13793). + s3:lib: Fix the debug message for adding cache entries; (bso#13848). + s3:waf: Fix the detection of makdev() macro on Linux; (bso#13853). * ctdb-build: Drop creation of .distversion in tarball; (bso#13789). * ctdb-packaging: Test package requires tcpdump, ctdb package should not own system library directory; (bso#13838). - Update to samba-4.10.1: + py/kcc_utils: py2.6 compatibility; (bso#13837); + libcli: permit larger values of DataLength in SMB2_ENCRYPTION_CAPABILITIES of negotiate response; (bso#13869); + regfio: Improve handling of malformed registry hive files; (bso#13840); + ctdb-version: Simplify version string usage; (bso#13789); + lib: Make fd_load work for non-regular files; (bso#13859); + dbcheck in the middle of the tombstone garbage collection causes replication failures, dbcheck: add --selftest-check-expired-tombstones cmdline option; (bso#13816); + ndr_spoolss_buf: Fix out of scope use of stack variable in NDR_SPOOLSS_PUSH_ENUM_OUT(); (bso#13818); + s4/messaging: Fix undefined reference in linking libMESSAGING-samba4.so; (bso#13854); + acl_read: Fix regression for empty lists; (bso#13836); + s4:dlz make b9_has_soa check dc=@ node; (bso#13841); + s3:client: Fix printing via smbspool backend with kerberos auth; (bso#13832); + s4:librpc: Fix installation of Samba; (bso#13847); + s3:lib: Fix the debug message for adding cache entries; (bso#13848); + s3:utils: Add 'smbstatus -L --resolve-uids' to show username; (bso#13793); + s3:lib: Fix the debug message for adding cache entries; (bso#13848); + s3:waf: Fix the detection of makdev() macro on Linux; (bso#13853); + ctdb-build: Drop creation of .distversion in tarball; (bso#13789); + ctdb-packaging: Test package requires tcpdump, ctdb package should not own system library directory; (bso#13838); - Update to samba-4.10.0: + s4-server: Open and close a transaction on sam.ldb at startup; (bso#13760); + access_check_max_allowed() doesn't process "Owner Rights" ACEs; (bso#13812); + s4/scripting/bin: Open unicode files with utf8 encoding and write + unicode string. + sambaundoguididx: Use the right escaped oder unescaped sam ldb files; (bso#13759); + Fix idmap cache pollution with S-1-22- IDs on winbind hickup; (bso#13813); + passdb: Update ABI to 0.27.2. + lib/winbind_util: Add winbind_xid_to_sid for --without-winbind; (bso#13813); + lib:util: Move debug message for mkdir failing to log level 1; (bso#13823);- MacOS credit accounting breaks with async SESSION SETUP; (bsc#1125601); (bso#13796). - Mac OS X SMB2 implmenetation sees Input/output error or Resource temporarily unavailable and drops connection; (bso#13698)- Explicitly enable libcephfs POSIX ACL support; (bso#13896); (bsc#1130245).- CVE-2019-3880: Save registry file outside share as unprivileged user; (bso#13851); (bsc#1131060 ).- CVE-2019-3870 pysmbd: missing restoration of original umask after umask(0); (bso#13834); (bsc#1130703);- Update to samba-4.9.5 + audit_logging: Remove debug log header and JSON Authentication: prefix; (bso#13714); + Fix upgrade from 4.7 (or earlier) to 4.9; (bso#13760); + s3: lib: nmbname: Ensure we limit the NetBIOS name correctly; (bso# CID: 1433607; (bso#11495); + smbd: uid: Don't crash if 'force group' is added to an existing share connection; (bso#13690); + s3: VFS: vfs_fruit. Fix the NetAtalk deny mode compatibility code; (bso#13770); + s3: SMB1 POSIX mkdir does case insensitive name lookup; (bso#13803); + s3:utils/smbget fix recursive download with empty source directories; (bso#13199); + samba-tool drs showrepl: Do not crash if no dnsHostName found; (bso#13716); + s3:libsmb: cli_smb2_list() can sometimes fail initially on a connection; (bso#13736); + join: Throw CommandError instead of Exception for simple errors; (bso#13747); + ldb: Avoid inefficient one-level searches; (bso#13762); + s3: libsmb: use smb2cli_conn_max_trans_size() in cli_smb2_list(); (bso#13736); + tldap: Avoid use after free errors; (bso#13776); + Fix idmap xid2sid cache churn; (bso#13802); + access_check_max_allowed() doesn't process "Owner Rights" ACEs; (bso#13812); + s3-smbd: Avoid assuming fsp is always intact after close_file call; (bso#13720); + s3-vfs-fruit: Add close call; (bso#13725); + s3-smbd: Use fruit:model string for mDNS registration; (bso#13746); + s3-vfs: add glusterfs_fuse vfs module; (bso#13774); + printing: Check lp_load_printers() prior to pcap cache update; (bso#13766); + vfs_ceph: vfs_ceph strict_allocate_ftruncate calls (local FS) ftruncate and fallocate; (bso#13807); + lib/audit_logging: Actually create talloc; (bso#13737); + netcmd/user: python[3]-gpgme unsupported and replaced by python[3]-gpg; (bso#13728); + dns: Changing onelevel search for wildcard to subtree; (bso#13738); + samba-tool: Don't print backtrace on simple DNS errors; (bso#13721); + sambaundoguididx: Use the right escaped oder unescaped sam ldb files; (bso#13759); + ctdb: Print locks latency in machinereadable stats; (bso#13742); + messages_dgm: Messaging gets stuck when pids are recycled; (bso#13786); + audit_logging: auth_json_audit required auth_json; (bso#13715); + man pages: Document prefork process model; (bso#13765); + CVE-2019-3824 ldb: Release ldb 1.4.6; (bso#13773); + s3:auth: ignore create_builtin_guests() failing without a valid idmap configuration; (bso#13697); + s3:auth_winbind: Ignore a missing winbindd as NT4 PDC/BDC without trusts; (bso#13722); + s3:auth_winbind: return NT_STATUS_NO_LOGON_SERVERS if winbindd is not available; (bso#13723); + s4:server: Add support for 'smbcontrol samba shutdown' and 'smbcontrol debug/debuglevel'; (bso#13752); + Python: Ensure ldb.Dn can doesn't rencoded str with py2; (bso#13616); + vfs_glusterfs: Adapt to changes in libgfapi signatures; (bso#13330); + s3-vfs: Use ENOATTR in errno comparison for getxattr; (bso#13774); + notifyd: Fix SIGBUS on sparc; (bso#13704); + waf: Check for libnscd; (bso#13787); + s3:vfs: Correctly check if OFD locks should be enabled or not; (bso#13770); + lib/util: Count a trailing line that doesn't end in a newline; (bso#13717); + Recovery lock bug fixes; (bso#13800); + s3: net: Do not set NET_FLAGS_ANONYMOUS with -k; (bso#13726); + s3:libsmb: Honor disable_netbios option in smbsock_connect_send; (bso#13727); + vfs_fileid: Fix get_connectpath_ino; (bso#13741); + vfs_fileid: Fix fsname_norootdir algorithm; (bso#13744);- Fix vfs_ceph ftruncate and fallocate handling; (bso#13807); (bsc#1127153).- Fix update-apparmor-samba-profile script after apparmor switched to using named profiles. The change is backwards compatible; (bsc#1126377);- LoadParm().load_default() fails with "Unable to load default file"; (bsc#1089758);- Abide by load_printers smb.conf parameter; (bso#13766); (bsc#1124223);- Update to samba-4.9.4 + libcli/smb: Don't overwrite status code; (bso#9175). + wbinfo --group-info 'NT AUTHORITY\System' does not work; (bso#12164). + Session setup reauth fails to sign response; (bso#13661). + vfs_fruit: Validation of writes on AFP_AfpInfo stream; (bso#13677). + vfs_shadow_copy2: Nicely deal with attempts to open previous version for writing; (bso#13688). + Restoring previous version of stream with vfs_shadow_copy2 fails with NT_STATUS_OBJECT_NAME_INVALID fsp->base_fsp->fsp_name; (bso#13455). + CVE-2018-16853: Fix S4U2Self crash with MIT KDC build; (bso#13571). + s3-vfs: Prevent NULL pointer dereference in vfs_glusterfs; (bso#13708) + PEP8: fix E231: missing whitespace after ','. + winbindd: Fix crash when taking profiles;(bso#13629) + CVE-2018-14629 dns: Fix CNAME loop prevention using counter regression; (bso#13600) + 'samba-tool user syscpasswords' fails on a domain with many DCs; (bso#13686). + CVE-2018-16853: Do not segfault if client is not set; (bso#13571). + lib:util: Fix DEBUGCLASS pointer initializiation; (bso#13679) + ctdb-daemon: Exit with error if a database directory does not exist; (bso#13696). + s3:libads: Add net ads leave keep-account option; (bso#13498).- Drop more %if..%endif guards which are idempotent. - Drop requires on ldconfig which are already auto-discovered. - Do not ignore errors from useradd/groupadd.- Remove python2 build dependency from samba-libs; (bsc#1116900);- Update update-apparmor-samba-profile script to ignore the shares's paths containing substitution variables in any place, not only at the beginning of the path.- Update to samba-4.9.3 + CVE-2018-14629: Unprivileged adding of CNAME record causing loop in AD Internal DNS server; (bso#13600); (bsc#1116319); + CVE-2018-16841: Double-free in Samba AD DC KDC with PKINIT; (bso#13628); (bsc#1116320); + CVE-2018-16851: NULL pointer de-reference in Samba AD DC LDAP server; (bso#13674); (bsc#1116322); + CVE-2018-16852: NULL pointer de-reference in Samba AD DC DNS servers; (bso#13669); (bsc#1116321); + CVE-2018-16853: Samba AD DC S4U2Self crash in experimental MIT Kerberos configuration (unsupported); (bso#13678); (bsc#1116324); + CVE-2018-16857: Bad password count in AD DC not always effective; window; (bso#13683); (bsc#1116323);- Update to samba-4.9.2 + dsdb: Add comments explaining the limitations of our current backlink behaviour; (bso#13418); + Fix problems running domain backups (handling SMBv2, sites); (bso#13621); + testparm: Fix crashes with PANIC: Messaging not initialized on SLES 12 SP3; (bso#13465); + Make vfs_fruit able to cleanup AppleDouble files; (bso#13642); + File saving issues with vfs_fruit on samba >= 4.8.5; (bso#13646); + Enabling vfs_fruit looses FinderInfo; (bso#13649); + Cancelling of SMB2 aio reads and writes returns wrong error NT_STATUS_INTERNAL_ERROR; (bso#13667); + Fix CTDB recovery record resurrection from inactive nodes and simplify vacuuming; (bso#13641); + examples: Fix the smb2mount build; (bso#13465); + libtevent: Fix build due to missing open_memstream on Illiumos; (bso#13629); + winbindd_cache: Fix timeout calculation for sid<->name cache; (bso#13662); + dsdb encrypted_secrets: Allow "ldb:// and "mdb://" in file path; (bso#13653); + Extended DN SID component missing for member after switching group membership; (bso#13418); + Return STATUS_SESSION_EXPIRED error encrypted, if the request was encrypted; (bso#13624); + python: Allow forced signing via smb.SMB(); (bso#13621); + lib:socket: If returning early, set ifaces; (bso#13665); + ldb: Bump ldb version to 1.4.3, Python: Ensure ldb.Dn can accept utf8 encoded unicode; (bso#13616); + smbd: Fix DELETE_ON_CLOSE behaviour on files with READ_ONLY attribute; (bso#13673); + waf: Add -fstack-clash-protection; (bso#13601); + winbind: Fix segfault if an invalid passdb backend is configured; (bso#13668); + Fix bugs in CTDB event handling; (bso#13659); + Misbehaving nodes are sometimes not banned; (bso#13670);- lib:socket: If returning early, set ifaces; (bso#13665); (bsc#1111373);- winbind requires latest version of libtevent-util0 to start- Backport latest gpo code from master + Read policy from local gpt cache + Offline policy application + Make group policy extensible via register/unregister gpext + gpext's run via a process_group_policy method- Enable profiling data collection- Change samba-kdc package name to samba-ad-dc - Move samba-ad-dc.service to the samba-ad-dc package- Update to samba-4.9.1 + s3: nmbd: Stop nmbd network announce storm; (bso#13620); + s3-rpcclient: Use spoolss_init_spoolss_UserLevel1 in winspool cmds; (bso#13597); + CTDB recovery lock has some race conditions; (bso#13617); + s3-rpc_client: Advertise Windows 7 client info; (bso#13597); + ctdb-doc: Remove PIDFILE option from ctdbd_wrapper man page; (bso#13610);- Tumbleweed doesn't define the sle_version macro, so we must include a check for suse_version also. Otherwise python3 is disabled on Tumbleweed.- Update to samba-4.9.0 + samba_dnsupdate: Honor 'dns zone scavenging' option, only update if needed; (bso#13605); + wafsamba: Fix 'make -j'; (bso#13606);- Update to samba-4.9.0rc5 + s3: VFS: vfs_full_audit: Ensure smb_fname_str_do_log() only returns absolute pathnames; (bso#13565); + s3: util: Do not take over stderr when there is no log file; (bso#13578); + Durable Reconnect fails because cookie.allow_reconnect is not set; (bso#13549); + krb5-samba: Interdomain trust uses different salt principal; (bso#13539); + vfs_fruit: Don't unlink the main file; (bso#13441); + smbd: Fix a memleak in async search ask sharemode; (bso#13602); + Fix Samba GPO issue when Trust is enabled; (bso#11517); + samba-tool: Add "virtualKerberosSalt" attribute to 'user getpassword/syncpasswords'; (bso#13539); + Fix CTDB configuration issues; (bso#13589); + ctdbd logs an error until it can successfully connect to eventd; (bso#13592);- Update to samba-4.9.0rc4 + s3: smbd: Ensure get_real_filename() copes with empty pathnames; (bso#13585); + samba domain backup online/rename commands force user to specify password on CLI; (bso#13566); + wafsamba/samba_abi: Always hide ABI symbols which must be local; (bso#13579); + Fix a panic if fruit_access_check detects a locking conflict; (bso#13584); + Fix memory and resource leaks; (bso#13567); + python: Fix print in dns_invalid.py; (bso#13580); + Aliasing issue causes incorrect IPv6 checksum; (bso#13588); + Fix CTDB configuration issues; (bso#13589); + s3: vfs: time_audit: fix handling of token_blob in smb_time_audit_offload_read_recv(); (bso#13568);- Add missing zlib-devel dependency which was previously pulled in by libopenssl-devel- Update to samba-4.9.0rc3+git.22.3fff23ae36e + CVE-2018-10858: libsmb: Harden smbc_readdir_internal() against returns from malicious servers; (bso#13453); + CVE-2018-1140: ldbsearch '(distinguishedName=abc)' and DNS query with escapes crashes, ldb: Release LDB 1.3.5 for CVE-2018-1140; (bso#13374); + CVE-2018-10918: cracknames: Fix DoS (NULL pointer de-ref) when not servicePrincipalName is set on a user; (bso#13552); + CVE-2018-10919: acl_read: Fix unauthorized attribute access via searches; (bso#13434); + ctdb_mutex_ceph_rados_helper: Set SIGINT signal handler; (bso#13540); + CVE-2018-1139 libcli/auth: Do not allow ntlmv1 over SMB1 when it is disabled via "ntlm auth"; (bso#13360); + s3-tldap: do not install test_tldap; (bso#13529); + ctdb_mutex_ceph_rados_helper: Fix deadlock via lock renewals; (bso#13540); + CVE-2018-1140 Add NULL check for ldb_dn_get_casefold() in ltdb_index_dn_attr(); (bso#13374); + ctdb-eventd: Fix CID 1438155; (bso#13554); + Fix CIDs 1438243, (Unchecked return value) 1438244 (Unsigned compared against 0), 1438245 (Dereference before null check) and 1438246 (Unchecked return value); (bso#13553); + ctdb: Fix a cut&paste error; (bso#13554); + systemd: Only start smb when network interfaces are up; (bso#13559); + Fix quotas don't work with SMB2; (bso#13553); + s3/smbd: Ensure quota code is only called when quota support detected; (bso#13563); + s3/libsmb: Explicitly set delete_on_close token for rmdir; (bso#13204); + s3:waf: Install eventlogadm to /usr/sbin; (bso#13561); + Shorten description in vfs_linux_xfs_sgid manual; (bso#13562);- Update to samba-4.9.0rc2+git.21.a1069afb007 + s3: smbd: Using "sendfile = yes" with SMB2 can cause CPU spin; (bso#13537); + s3: smbd: Fix path check in smbd_smb2_create_durable_lease_check(); (bso#13535); + samba-tool trust: Support discovery via netr_GetDcName; (bso#13538); + s4-dsdb: Only build dsdb Python modules for AD DC; (bso#13542); + Fix portability issues on freebsd; (bso#13520); + DNS wildcard search does not handle multiple labels correctly; (bso#13536); + samba-tool domain trust: Fix trust compatibility to Windows Server 1709 and FreeIPA; (bso#13308); + Fix portability issues on freebsd; (bso#13520); + ctdb-protocol: Fix CTDB compilation issues; (bso#13545); + ctdb-docs: Replace obsolete reference to CTDB_DEBUG_HUNG_SCRIPT option; (bso#13546); + ctdb-doc: Provide an example script for migrating old configuration; (bso#13550); + ctdb-event: Implement event tool "script list" command; (bso#13551);- Update to samba-4.8.4+git.37.a7a861d7982; + CVE-2018-1139: Weak authentication protocol allowed; (bsc#1095048); (bsc#13360); + CVE-2018-1140: Denial of Service Attack on DNS and LDAP server; (bsc#1095056); (bso#13466); (bso#13374); + CVE-2018-10858: Insufficient input validation on client directory listing in libsmbclient; (bsc#1103411); (bso#13453); + CVE-2018-10918: Denial of Service Attack on AD DC DRSUAPI server; (bsc#1103414); (bso#13552); + CVE-2018-10919: Confidential attribute disclosure from the AD LDAP server; (bsc#1095057); (bso#13434); + s3:winbind: winbind normalize names' doesn't work for users; (bso#12851); + winbind: Fix UPN handling in canonicalize_username(); (bso#13369); + s3: smbd: Fix SMB2-FLUSH against directories; (bso#13428); + samdb: Fix building Samba with gcc 8.1; (bso#13437); + s3:utils: Do not segfault on error in DoDNSUpdate(); (bso#13440); + smbd: Flush dfree memcache on service reload; (bso#13446); + ldb: Save a copy of the index result before calling the + lib/util: No Backtrace given by Samba's AD DC by default; (bso#13454). + s3: smbd: printing: Re-implement delete-on-close semantics for print files missing since 3.5.x; (bso#13457). + python: Fix talloc frame use in make_simple_acl(); (bso#13474). + krb5_wrap: Fix keep_old_entries logic for older Kerberos libraries;(bso#13478). + krb5_plugin: Add winbind localauth plugin for MIT Kerberos; (bso#13480).- Add missing package descriptions; (bsc#1093864); - Fix dependency issue between samba-python and samba-kdc; (bsc#1062876); - Call update-apparmor-samba-profile when running samba-ad-dc; (bsc#1092099);- Update to 4.8.2 + After update to 4.8.0 DC failed with "Failed to find our own NTDS Settings objectGUID" (bso#13335). + fix incorrect reporting of stream dos attributes on a directory (bso#13380). + vfs_ceph: add asynchronous fsync; fake synchronous call (bso#13412). + vfs_ceph: add fake async pwrite/pread send/recv hooks; (bso#13425) + vfs_ceph: Fix memory leak; (bso#13424). + libsmbclient: Fix hard-coded connection error return of ETIMEDOUT; (bso#13419). + s4-lsa: Fix use-after-free in LSA server; (bso#13420). + winbindd: Do re-connect if the RPC call fails in the passdb case; (bso#13430). + cleanupd: Sends MSG_SMB_UNLOCK twice to interested peers; (bso#13416). + cleanupd: Use MSG_SMB_BRL_VALIDATE to signal cleanupd unclean process shutdown; (bso#13414). + ctdb-client: Remove ununsed functions from old client code; (bso#13411). + printing: Return the same error code as windows does on upload failures; (bso#13395). + nsswitch: Fix memory leak in winbind_open_pipe_sock() when the privileged pipe is not accessable; (bso#13400). + s4:lsa_lookup: remove TALLOC_FREE(state) after all dcesrv_lsa_Lookup{Names,Sids}_base_map() calls; (bso#13420). + rpc_server: Fix NetSessEnum with stale sessions; (bso#13407). + s3:smbspool: Fix cmdline argument handling; (bso#13417).- Move libdfs-server-ad-samba4.so library from kdc to libs package, as it is required by some client libs; (bsc#1074135); - Update to 4.8.1; (bsc#1091179); + s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on error, we don't own it here; (bso#13244); + s3: smbd: Fix possible directory fd leak if the underlying OS doesn't support fdopendir(); (bso#13270); + Round-tripping ACL get/set through vfs_fruit will increase the number of ACE entries without limit; (bso#13319); + s3: smbd: SMB2: Add DBGC_SMB2_CREDITS class to specifically debug credit issues; (bso#13347); + s3: smbd: Files or directories can't be opened DELETE_ON_CLOSE without delete access; (bso#13358); + s3: smbd: Fix memory leak in vfswrap_getwd(); (bso#13372); + s3: smbd: Unix extensions attempts to change wrong field in fchown call; (bso#13375); + ms_schema/samba-tool visualize: Fix python2.6 incompatibility; (bso#13337); + Fix invocation of gnutls_aead_cipher_encrypt(); (bso#13352); + Windows 10 cannot logon on Samba NT4 domain; (bso#13328); + winbindd: Recover loss of netlogon secure channel in case the peer DC is rebooted; (bso#13332); + s3:smbd: Don't use the directory cache for SMB2/3; (bso#13363); + ctdb-client: Fix bugs in client code; (bso#13356); + ctdb-scripts: Drop "net serverid wipe" from 50.samba event script; (bso#13359); + s3: lib: messages: Don't use the result of sec_init() before calling sec_init(); (bso#13368); + libads: Fix the build '--without-ads'; (bso#13273); + winbind: Keep "force_reauth" in invalidate_cm_connection, add 'smbcontrol disconnect-dc'; (bso#13332); + vfs_virusfilter: Fix CIDs 1428738-1428740; (bso#13343); + dsdb: Fix CID 1034966 Uninitialized scalar variable; (bso#13367); + rpc_server: Fix core dump in dfsgetinfo; (bso#13370); + smbclient: Fix notify; (bso#13382); + Fix smbd panic if the client-supplied channel sequence number wraps; (bso#13215); + Windows 10 cannot logon on Samba NT4 domain; (bso#13328); + lib/util: Remove unused '#include ' from tests/tfork.c; (bso#13342); + Fix build errors with cc from developerstudio 12.5 on Solaris; (bso#13343); + Fix the picky-developer build on FreeBSD 11; (bso#13344); + s3:modules: Fix the build of vfs_aixacl2.c; (bso#13345); + s3:smbd: map nterror on smb2_flush errorpath; (bso#13338); + lib:replace: Fix linking when libtirpc-devel overwrites system headers; (bso#13341); + winbindd: 'wbinfo --name-to-sid' returns misleading result on invalid query; (bso#13312); + s3:passdb: Do not return OK if we don't have pinfo set up; (bso#13376); + Allow AESNI to be used on all processor supporting AESNI; (bso#13302);- Use new foreground execution flags for systemd samba daemons; (bsc#1088574); (bsc#1071090); (bsc#1065551); + Add %post scriptlet to clear old sysconfig flags - Update vendor-files to commit 880b3e7. + Set samba sysconfig template variables to "" + Add required daemon flags directly to systemd unit- Specfile cleanup + Remove %if..%endif guards which don't affect the build + Remove redundant %clean section + Replace old $RPM_* shell vars with macros- BuildRequire pkgconfig(systemd) and pkgconfig(libsystemd) in place of systemd and systemd-devel: Allow OBS to optimize the workload by allowing the usage of the 'build-optimized' systemd packages.- Enable building samba with python3, and create a samba-python3 package.- Update to 4.8 + New GUID Index mode in sam.ldb for the AD DC + GPO support for samba KDC + Time machine support with vfs_fruit + Encrypted secrets + AD Replication visualization + Improved trust support - ability to not scan global trust list - AD external trusts have limited support - verbose trusted domain listing + VirusFilter VFS module + NT4-style replication removed + vfs_aio_linux removed- Disable samba-pidl package, due to the removal of dependency perl-Parse-Yapp; (bsc#1085150);- Update to 4.7.6; + CVE-2018-1050: DOS vulnerability when SPOOLSS is run externally; (bso#11343); (bsc#1081741); + CVE-2018-1057: Authenticated users can change other users' password; (bso#13272); (bsc#1081024).- Disable python until full python3 port is done; (bsc#1082139); + Remove contents of package samba-python + Remove contents of package libsamba-policy0 + Remove contents of package libsamba-policy-devel + Remove library libsamba-python-samba4.so from samba-libs package + Remove library libsamba-net-samba4.so from samba-libs package + Remove smbtorture binary and manpage from samba-test- samba fails to build with glibc2.27; (bsc#1081042);- Update to 4.7.5; (bsc#1080545); + smbd tries to release not leased oplock during oplock II downgrade; (bso#13193); + Fix copying file with empty FinderInfo from Windows client to Samba share with fruit; (bso#13181); + build: Deal with recent glibc sunrpc header removal; (bso#10976); + Make Samba work with tirpc and libnsl2; (bso#13238); + vfs_ceph: Add fs_capabilities hook to avoid local statvfs; (bso#13208); (bsc#1075206); + Kerberos: PKINIT: Can't decode algorithm parameters in clientPublicValue; (bso#12986); + ctdb-recovery-helper: Deregister message handler in error paths; (bso#13188); + samba: Only use async signal-safe functions in signal handler; (bso#13240); + Kerberos: PKINIT: Can't decode algorithm parameters in clientPublicValue; (bso#12986); + repl_meta_data: Fix linked attribute corruption on databases with unsorted links on expunge. dbcheck: Add functionality to fix the corrupt database; (bso#13228); + Fix smbd panic when chdir returns error during exit; (bso#13189); + Make Samba work with tirpc and libnsl2; (bso#13238); + Fix POSIX ACL support on HPUX and possibly other big-endian OSs; (bso#13176);- Update to 4.7.4; (bsc#1080545); + s3: smbclient: Implement 'volume' command over SMB2; (bso#13140); + s3: libsmb: Fix valgrind read-after-free error in cli_smb2_close_fnum_recv(); (bso#13171); + s3: libsmb: Fix reversing of oldname/newname paths when creating a reparse point symlink on Windows from smbclient; (bso#13172); + Build man page for vfs_zfsacl.8 with Samba; (bso#12934); + repl_meta_data: Allow delete of an object with dangling backlinks; (bso#13095); + s4:samba: Fix default to be running samba as a deamon; (bso#13129); + Performance regression in DNS server with introduction of DNS wildcard, ldb: Release 1.2.3; (bso#13191); + vfs_zfsacl: Fix compilation error; (bso#6133); + "smb encrypt" setting changes are not fully applied until full smbd restart; (bso#13051); + winbindd: Fix idmap_rid dependency on trusted domain list; (bso#13052); + vfs_fruit: Proper VFS-stackable conversion of FinderInfo; (bso#13155); + winbindd: Dependency on trusted-domain list in winbindd in critical auth codepath; (bso#13173); + repl_meta_data: Fix removing of backlink on deleted objects; (bso#13120); + ctdb: sock_daemon leaks memory; (bso#13153); + TCP tickles not getting synchronised on CTDB restart; (bso#13154); + winbindd: winbind parent and child share a ctdb connection; (bso#13150); + pthreadpool: Fix deadlock; (bso#13170); + pthreadpool: Fix starvation after fork; (bso#13179); + messaging: Always register the unique id; (bso#13180); + s4/smbd: set the process group; (bso#13129); + Fix broken linked attribute handling; (bso#13095); + The KDC on an RWDC doesn't send error replies in some situations; (bso#13132); + libnet_join: Fix 'net rpc oldjoin'; (bso#13149); + g_lock conflict detection broken when processing stale entries; (bso#13195); + s3:smb2_server: allow logoff, close, unlock, cancel and echo on expired sessions; (bso#13197); + s3:libads: net ads keytab list fails with "Key table name malformed"; (bso#13166); (bsc#1067700); + Fix crash in pthreadpool thread after failure from pthread_create; (bso#13170); + s4:samba: Allow samba daemon to run in foreground; (bso#13129); (bsc#1065551); + third_party: Link the aesni-intel library with "-z noexecstack"; (bso#13174); + vfs_glusterfs: include glusterfs/api/glfs.h without relying on "-I" options; (bso#13125);- Re-enable usage of libnsl (did got lost with glibc change) - Use TI-RPC (sunrpc is deprecated and will be removed soon from glibc)- smbc_opendir should not return EEXIST with invalid login credentials; (bnc#1065868).- Update to 4.7.3; (bsc#1069666); + Non-smbd processes using kernel oplocks can hang smbd; (bso#13121); + python: use communicate to fix Popen deadlock; (bso#13127); + smbd on disk file corruption bug under heavy threaded load; (bso#13130); + tevent: version 0.9.34; (bso#13130); + s3: smbd: Fix delete-on-close after smb2_find; (bso#13118); + CVE-2017-14746: s3: smbd: Fix SMB1 use-after-free crash bug; (bsc#1060427);(bso#13041); + CVE-2017-15275: s3: smbd: Chain code can return uninitialized memory when talloc buffer is grown; (bsc#1063008); (bso#13077); - Build with AD DC support only in openSUSE.- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- samba-tool requires samba-python; (bnc#1067771).- Run all daemons in the foreground and let systemd handle it; (bsc#1065551). - Update to 4.7.1; + Fix exporting subdirs with shadow_copy2; (bso#13091); + Currently if getwd() fails after a chdir(), we panic; (bso#13027); + Ensure default SMB_VFS_GETWD() call can't return a partially completed struct smb_filename; (bso#13068); + sys_getwd() can leak memory or possibly return the wrong errno on older systems; (bso#13069); + smbclient doesn't correctly canonicalize all local names before use; (bso#13093); + Fix broken linked attribute handling; (bso#13095); + Missing LDAP query escapes in DNS rpc server; (bso#12994); + Link to -lbsd when building replace.c by hand; (bso#13087); + Cannot delete non-ACL files on Solaris/ZFS/NFSv4 ACL filesystem; (bso#6133); + Map SYNCHRONIZE acl permission statically in zfs_acl vfs module; (bso#7909); + Samba fails to honor SEC_STD_WRITE_OWNER bit with the acl_xattr module; (bso#7933); + Missing assignment in sl_pack_float; (bso#12991); + Wrong Samba access checks when changing DOS attributes; (bso#12995); + samba_runcmd_send() leaves zombie processes on timeout; (bso#13062); + groupmap cleanup should not delete BUILTIN mappings; (bso#13065); + Enabling vfs_fruit results in loss of Finder tags and other xattrs; (bso#13076); + man pages: Properly ident lists; (bso#9613); + smb.conf.5: Sort parameters alphabetically; (bso#13081); + Fix GUID string format on GetPrinter info; (bso#12993); + Remote serverid check doesn't check for the unique id; (bso#13042); + CTDB starts consuming memory if there are dead nodes in the cluster; (bso#13056); + ctdb-common: Ignore event scripts with multiple '.'s; (bso#13070); + libgpo doesn't sort the GPOs in the correct order; (bso#13046); + Remote serverid check doesn't check for the unique id; (bso#13042); + vfs_catia: Fix a potential memleak; (bso#13090); + Fix file change notification for renames; (bso#12903); + Samba DNS server does not honour wildcards; (bso#12952); + Can't change password in samba from a Windows client if Samba runs on IPv6 only interface; (bso#13079); + vfs_fruit: Replace closedir() by SMB_VFS_CLOSEDIR; (bso#13086); + Apple client can't cope with SMB2 async replies when creating symlinks; (bso#13047); + s4:rpc_server:backupkey: Move variable into scope; (bso#12959); + Fix ntstatus_gen.h generation on 32bit; (bso#13099); + Fix a double free in vfs_gluster_getwd(); (bso#13100); + Fix resouce leaks and pointer issues; (bso#13101); + vfs_solarisacl: Fix build for samba 4.7 and up; (bso#13049);- Add samba-kdc to baselibs.conf. - Do not wrap samba-kdc's package definition into if/endif: the package won't be generated simply based on the fact that there is no files section for the package. Allows the source validator to ensure samba-kdc is a built package.- Update to 4.7.0; + Whole DB read locks: Improved LDAP and replication consistency; (bso#12858). + Samba AD with MIT Kerberos + Dynamic RPC port range: Default range changed from "1024-1300" to "49152-65535". + Authentication and Authorization audit support: New auth_audit debug class. + Multi-process LDAP Server: The LDAP server in the AD DC now honours the process model used for the rest of the 'samba' process. + Improved Read-Only Domain Controller (RODC) Support; (bso#12977). + Additional password hashes stored in supplementalCredentials. + Improvements to DNS during Active Directory domain join. + Significant AD performance and replication improvements. + Query record for open file or directory. + Removal of lpcfg_register_defaults_hook(). + Change of loadable module interface. + SHA256 LDAPS Certificates: The self-signed certificate generated for use on LDAPS will now be generated with a SHA256 self-signature, not a SHA1 self-signature. + CTDB no longer allows mixed minor versions in a cluster. + CTDB now ignores hints from Samba about TDB flags when attaching to databases. + New configuration variable CTDB_NFS_CHECKS_DIR. + The CTDB_SERVICE_AUTOSTARTSTOP configuration has been removed. + The CTDB_SCRIPT_DEBUGLEVEL configuration variable has been removed. + The example NFS Ganesha call-out has been improved. + A new "replicated" database type is available.- CVE-2017-12163: Prevent client short SMB1 write from writing server memory to file; (bso#13020); (bsc#1058624).- CVE-2017-12150: Some code path don't enforce smb signing, when they should; (bso#12997); (bsc#1058622).- CVE-2017-12151: Keep required encryption across SMB3 dfs redirects; (bso#12996); (bsc#1058565).- Clean specfile assuming SUSE-only system and product >=SLE11 + %{ul_version}, %{rhel_version}, %{mandriva_version}, %{centos_version} are always undefined + %{_vendor} is "suse" and %{suse_version} is at least 1100- Update to 4.6.7; (bsc#1054017) + Joining a Huawai storage fails: empty CLDAP ping answer; (bso#11392). + smbcacls can fail against a directory on Windows using SMB2.; (bso#12937). + vfs_ceph provides inconsistent directory listings; (bso#12911). + Misused talloc context can cause a user to crash their smbd by chaining SMB1 commands.; (bso#12836). + Use-after free can crash libsmbclient code.; (bso#12927). + Server exit with active AIO can crash.; (bso#12925). + Ensure notifyd doesn't return from smbd_notifyd_init; (bso#12910). + fd leak to ctdb sub-processes leads to SELinux AVC denial in audit logs; (bso#12898). + vfs_fruit shouldn't send MS NFS ACEs to Windows clients; (bso#12897). + smbspool_krb5_wrapper does not tell CUPS that it requires negotiate for authentication; (bso#12886). + finder sidebar showing question mark instead of icon when using ip to connect with vfs_fruit; (bso#12840). + Winbind stops obtaining the 'unixHomeDirectory' & 'loginShell' attributes from AD.; (bso#12720). + KCC run at selftest startup can fail spuriously due to a race; (bso#12869). + winbindd changes the local password and gets NT_STATUS_WRONG_PASSWORD for the remote change; (bso#12782). + rpc_pipe_client memory leaks due to long term memory context passed to rpc_pipe_open_interface(); (bso#12890). + CVE-2017-2619 breaks accessing previous versions of directories with snapshots in subdirectories of the share; (bso#12885). + dns_name_equal doing OOB read; (bso#12813). + replica_sync tests flap; (bso#12753). + Selftest should not call 'net cache flush' and wipe important winbind entries; (bso#12868). + Old Samba versions don't support using recent ldb versions (>=1.1.30); (bso#12859). + pam_winbind fails with kerberos method = secrets and keytab; (bso#10490). + race starting winbindd against posixacl test; (bso#12843). + Crash in the reentrant smbd_smb2_create_send() if the something fails in the subsequent try; (bso#12832). + spnego.c passes the wrong argument order to gensec_update_ev() for the FALLBACK case; (bso#12788). + Clients with SMB3 support can't connect with "server max protocol = SMB2_02"; (bso#12772). + A log message of samb-tool user syncpasswords reverses string arguments in a debug message "Call Popen[...".; (bso#12768). + The smb tarmode tests kills the share dir contents; (bso#12867). + Fix for a bug in MacOS X Sierra NTLMv2 processing; (bso#12862). + CVE-2017-2619 regression with non-wide symlinks to directories; (bso#12860). + manpage/index.html lists links not in alphabetical order; (bso#12854). + smbcacls got error NT_STATUS_NETWORK_NAME_DELETED; (bso#12831). + If a record is locked in a database, then recovery does not complete; (bso#12857). + debug_locks.sh script does not log any information; (bso#12856). + SIGSEGV in cm_connect_lsa_tcp dereferencing conn->lsa_tcp_pipe->transport after error; (bso#12852). + smbclient can't parse DOMAIN+username if a different winbind separator is used; (bso#12849). + Related requests with SessionSetup fail with INTERNAL_ERROR; (bso#12845). + Related requests with TreeConnect fail with NETWORK_NAME_DELETED; (bso#12844). + cli->server_os not filled correctly; (bso#12779). + REGRESSION: smbclient doesn't print the session setup anymore; (bso#12824). + smblcient doesn't handle STATUS_NOT_SUPPORTED gracefully for FSCTL_VALIDATE_NEGOTIATE_INFO; (bso#12808). + CTDB NFS call-out failures do not cause event failures; (bso#12837). + net command fails due to incorrectly return code; (bso#12828). + Fix building Samba with GCC 7.1; (bso#12827).- Fix duplicate CTDB_LOGGING params when downgraded and upgraded again; (bsc#1048339).- fix cephwrap_chdir(); (bsc#1048790). - Update to 4.6.6 + CVE-2017-11103: Orpheus' Lyre KDC-REP service name validation; (bsc#1048278).- Fix ctdb logs to /var/log/log.ctdb instead of /var/log/ctdb; (bsc#1048339).- Fix inconsistent ctdb socket path; (bsc#1048352). - Fix non-admin cephx authentication; (bsc#1048387).- Update to 4.6.5; (bsc#1040157) + Specifying CTDB_LOGGING=syslog:nonblocking causes ctdbd to crash at startup; (bso#12814). + vfs_expand_msdfs tries to open the remote address as a file path; (bso#12687). + PANIC (pid 1096): assert failed: lease_type_is_exclusive(e_lease_type); (bso#12798). + With clustering get update_num_read_oplocks failed and PANIC: num_share_modes == 1 assertion failure; (bso#11844). + contend_level2_oplocks_begin_default oplock optimisation doesn't carry over to leases; (bso#12766). + `ctdb nodestatus` incorrectly displays status for all nodes with wrong exit code; (bso#12802). + CTDB can spin hard on revoking readonly delegations if a node becomes disconnected; (bso#12697). + Printing a share mode entry with leases can crash in the ndr code; (bso#12793). + Fix flakey unit tests for eventd; (bso#12792). + CTDB daemon crashes if built with clang; (bso#12770). + smbcacls fails if no password is specified; (bso#12765). + idmap_rfc2307: Lookup of more than two SIDs fails; (bso#12757). + samba-tool user syncpasswords doesn't trigger the script when a user gets removed; (bso#12767). + systemd: fix detection of libsystemd; (bso#12764). + Notify subsystem only maps first inotify mask to Windows notify filter; (bso#12760). + Allow passing trusted domain password as plain-text to PASSDB layer; (bso#12751). + Can't case-rename files with vfs_fruit; (bso#12749). + wrong sid->uid mapping for SIDs residing in sIDHistory; (bso#12702). + vfs_acl_common should force "create mask = 0777", not 0666; (bso#12562). + Ordering of notify responses broken; (bso#12756).- s3: libsmb: Fix error where short name length was read as 2 bytes, should be 1; (bso#11822); (bsc#1042419).- Revert explicit winbind %{version}-%{release} dependency. + The ABI has stabilized since (bsc#936909), so remove to fix cross-media dependencies; (bsc#1037899).- Fix CVE-2017-7494 remote code execution from a writable share; (bso#12780); (bsc#1038231).- Update to 4.6.3; (bsc#1036011) + s3:vfs:shadow_copy2: vfs_shadow_copy2 fails to list snapshots from shares with GlusterFS backend; (bso#12743). + Fix for Solaris C compiler; (bso#12559). + s3: locking: Update oplock optimization for the leases era; (bso#12628). + Make the Solaris C compiler happy; (bso#12693). + s3: libgpo: Allow skipping GPO objects that don't have the expected LDAP attributes; (bso#12695). + Fix buffer overflow caused by wrong use of getgroups; (bso#12747). + lib: debug: Avoid negative array access; (bso#12746). + cleanupdb: Fix a memory read error; (bso#12748). + streams_xattr and kernel oplocks results in NT_STATUS_NETWORK_BUSY; (bso#7537). + winbindd: idmap_autorid allocates ids for unknown SIDs from other backends; (bso#11961). + vfs_fruit: Resource fork open request with flags=O_CREAT|O_RDONLY; (bso#12565). + manpages/vfs_fruit: Document global options; (bso#12615). + lib/pthreadpool: Fix a memory leak; (bso#12624). + Lookup-domain for well-known SIDs on a DC; (bso#12727). + winbindd: Fix error handling in rpc_lookup_sids(); (bso#12728). + winbindd: Trigger possible passdb_dsdb initialisation; (bso#12729). + credentials_krb5: use gss_acquire_cred for client-side GSSAPI use case; (bso#12611). + lib/crypto: Implement samba.crypto Python module for RC4; (bso#12690). + ctdb-readonly: Avoid a tight loop waiting for revoke to complete; (bso#12697). + ctdb_event monitor command crashes if event is not specified; (bso#12723). + ctdb-docs: Fix documentation of "-n" option to 'ctdb tool'; (bso#12733). + smbd: Fix smb1 findfirst with DFS; (bso#12558). + smbd: Do an early exit on negprot failure; (bso#12610). + winbindd: Fix substitution for 'template homedir'; (bso#12699). + s4:kdc: Disable principal based autodetected referral detection; (bso#12554). + idmap_autorid: Allocate new domain range if the callers knows the sid is valid; (bso#12613). + LINKFLAGS_PYEMBED should not contain -L/some/path; (bso#12724). + PAM auth with WBFLAG_PAM_GET_PWD_POLICY returns wrong policy for trusted domain; (bso#12725). + rpcclient: Allow -U'OTHERDOMAIN\user' again; (bso#12731). + winbindd: Fix password policy for pam authentication; (bso#12725). + s3:gse: Correctly handle external trusts with MIT; (bso#12554). + auth/credentials: Always set the realm if we set the principal from the ccache; (bso#12611). + replace: Include sysmacros.h; (bso#12686). + s3:vfs_expand_msdfs: Do not open the remote address as a file; (bso#12687). + s3:libsmb: Only print error message if kerberos use is forced; (bso#12704). + winbindd: Child process crashes when kerberos-authenticating a user with wrong password; (bso#12708). + vfs_fruit: Office document opens as read-only on macOS due to CNID semantics; (bso#12715). + vfs_acl_xattr: Fix failure to get ACL on Linux if memory is fragmented; (bso#12737).- Generate and update vendor-files tarball from Git + SuSEfirewall2 service samba-client only setup IPv4 rule; (bsc#1034416).- Generate source tarball directly from Git using OBS tar_scm + use version string derived from parent Git tag and commit hash - remove obsolete vendor-files/tools/package-data version ID + explicitly generate ctdb manpages, needed without "make dist"- Update to 4.6.2 + remove bso#12721 patches now upstream- Enable samba-ceph build for openSUSE and SLE12SP3+; (fate#321622). + x86-64 and aarch64- Enable librados CTDB lock helper for samba-ceph package; (fate#321622).- Build and install the html man pages (bsc#1021907).- Fix CVE-2017-2619 regression with "follow symlinks = no"; (bso#12721).- Update to 4.6.1 + symlink race permits opening files outside share directory; CVE-2017-2619; (bso#12496); (bsc#1027147) + testparm checks for valid idmap parameters + add new krb client encryption types + support for printer driver upload from windows 10 + inherit owner = 'unix only' for improved quota support + improved CTDB event support + new primary group support for idmap_ad + idmap_hash deprecated + mvxattr added to recursively rename extended attributes- Remove chkconfig requirements for systemd systems- Don't call insserv if systemd is used- Fix check if we need to require insserv- async_req: make async_connect_send() "reentrant"; (bso#12105); (bsc#1024416).- Force usage of ncurses6-config thru NCURSES_CONFIG env var; (bsc#1023847).- add missing patch for libnss_wins segfault; (bsc#995730).- Fix vfs_ceph builds against recent Ceph versions; (bsc#1021933).- Document "winbind: ignore domains" parameter; (bsc#1019416).- Add base Samba dependency to samba-ceph package.- Update to 4.5.3 + Heap-based Buffer Overflow Remote Code Execution Vulnerability; CVE-2016-2123; (bso#12409); (bsc#1014437). + Don't send delegated credentials to all servers; CVE-2016-2125; (bso#12445); (bsc#1014441). + denial of service due to a client triggered crash in the winbindd parent process; CVE-2016-2126; (bso#12446); (bsc#1014442). - 4.5.1 and 4.5.2 updates + various streams vfs fixes + various printing fixes + ntlm_auth: do not map explicitly empty domain + various stability fixes in smbd + match file compression ReFS behavior- Add missing ldb module directory; (bnc#1012092).- s3/client: obey 'disable netbios' smb.conf param, don't connect via NBT port; (bsc#1009085); (bso#12418).- Include vfstest in samba-test; (bsc#1001203).- s3/winbindd: using default domain with user@domain.com format fails; (bsc#997833).- Fix segfault in libnss_wins; (bso#12277); (bso#12269); (bsc#995730).- Update to 4.5.0 + NTLM1 Authentication disabled by default + SMB2.1 leases enabled by default + Support for OFD locks + ctdb tool rewritten + Added shadow copy snapshot prefix parameter- Fix illegal memory access after memory has been deleted; (bso#11836); (bsc#975299).- Prevent core, make sure response->extra_data.data is always cleared out; (bsc#993692).- Don't package man pages for VFS modules that aren't built; (boo#993707).- Fix population of ctdb sysconfig after source merge; (bsc#981566).- Enable vfs_ceph builds for Factory (x86-64) + Package as samba-ceph to avoid Ceph dependency in base package.- Update to 4.4.5 + Prevent client-side SMB2 signing downgrade; CVE-2016-2119; (bso#11860); (bsc#986869).- Remove obsolete syslog.target; (bsc#983938).- Honor smb.conf socket options in winbind; (bsc#975131).- Don't use htons() with IP_PROTO_RAW; (bso#11705); (bsc#969522).- Update to 4.4.4 + SMB3 multichannel: Add implementation of missing channel sequence number verification; (bso#11809). + smbd:close: Only remove kernel share modes if they had been taken at open; (bso#11919). + notifyd: Prevent NULL deref segfault in notifyd_peer_destructor; (bso#11930). + s3:rpcclient: Make '--pw-nt-hash' option work; (bso#10796). + Fix case sensitivity issues over SMB2 or above; (bso#11438). + s3:smbd: Fix anonymous authentication if signing is mandatory. (bso#11910) + Fix NTLM Authentication issue with squid; (bso#11914). + pdb: Fix segfault in pdb_ldap for missing gecos; (bso#11530). + Fix memory leak in share mode locking; (bso#11934).- Update to 4.4.3 + Various post-badlock regressions; (bso#11841); (bso#11850); (bso#11858); (bso#11870); (bso#11872). + Only allow idmap_hash for default idmap config (bso#11786). + smbd: Avoid large reads beyond EOF; (bso#11878). + vfs_acl_common: Avoid setting POSIX ACLs if "ignore system acls" is set; (bso#11806). + libads: Record session expiry for spnego sasl binds; (bso#11852).- Fix NTLMSSP regressions caused by previous CVE fixes; (bso#11849); (bsc#975962); (bsc#979268), (bsc#977669).- Revert shared library packaging to comply with SLPP- Update to 4.4.2 + A man-in-the-middle can downgrade NTLMSSP authentication; CVE-2016-2110; (bso#11688); (bsc#973031). + Domain controller netlogon member computer can be spoofed; CVE-2016-2111; (bso#11749); (bsc#973032). + LDAP conenctions vulnerable to downgrade and MITM attack; CVE-2016-2112; (bso#11644); (bsc#973033). + TLS certificate validation missing; CVE-2016-2113; (bso#11752); (bsc#973034). + Named pipe IPC vulnerable to MITM attacks; CVE-2016-2115; (bso#11756); (bsc#973036). + "Badlock" DCERPC impersonation of authenticated account possible; CVE-2016-2118; (bso#11804); (bsc#971965). + DCERPC server and client vulnerable to DOS and MITM attacks; CVE-2015-5370; (bso#11344); (bsc#936862).- Fix samba.tests.messaging test and prevent potential tdb corruption by removing obsolete now invalid tdb_close call; (bsc#974629).- Obsolete libsmbclient from libsmbclient0 while not providing it; (bsc#972197).- Update to 4.4.0. + Read of uninitialized memory DNS TXT handling; (bso#11128); (bso#11686); CVE-2016-0771. + Getting and setting Windows ACLs on symlinks can change permissions on link target; (bso#11648); CVE-2015-7560. + Sockets with htons(IPPROTO_RAW); (bso#11705); CVE-2015-8543. + s3: smbd: posix_acls: Fix check for setting u:g:o entry on a filesystem with no ACL support; (bso#10489). + docs: Add example for domain logins to smbspool man page; (bso#11643). + smbd: Show correct disk size for different quota and dfree block sizes; (bso#11681). + docs: Add smbspool_krb5_wrapper manpage; (bso#11690). + winbindd: Return trust parameters when listing trusts; (bso#11691). + ctdb: Do not provide a useless pkgconfig file for ctdb; (bso#11696). + Crypto.Cipher.ARC4 is not available on some platforms, fallback to M2Crypto.RC4.RC4 then; (bso#11699). + s3:utils/smbget: Set default blocksize; (bso#11700). + Streamline 'smbget' options with the rest of the Samba utils; (bso#11700). + s3:clispnego: Fix confusing warning in spnego_gen_krb5_wrap(); (bso#11702). + s3: smbd: Fix timestamp rounding inside SMB2 create; (bso#11703). + loadparm: Fix memory leak issue; (bso#11708). + lib/tsocket: Work around sockets not supporting FIONREAD; (bso#11714). + s3:vfs:glusterfs: Fix build after quota changes; (bso#11715). + ctdb-scripts: Drop use of "smbcontrol winbindd ip-dropped ..."; (bso#11719). + lib:socket: Fix CID 1350010: Integer OVERFLOW_BEFORE_WIDEN; (bso#11723). + smbd: Fix CID 1351215 Improper use of negative value; (bso#11724). + smbd: Fix CID 1351216 Dereference null return value; (bso#11725). + s3:smbd:open: Skip redundant call to file_set_dosmode when creating a new file; (bso#11727). + docs: Add manpage for cifsdd; (bso#11730). + param: Fix str_list_v3 to accept ; again; (bso#11732). + lib/socket: Fix improper use of default interface speed; (bso#11734). + lib:socket: Fix CID 1350009: Fix illegal memory accesses (BUFFER_SIZE_WARNING); (bso#11735). + libcli: Fix debug message, print sid string for new_ace trustee; (bso#11738). + Fix installation path of Samba helper binaries; (bso#11739). + Fix memory leak in loadparm; (bso#11740). + tevent: version 0.9.28: Fix memory leak when old signal action restored; (bso#11742). + smbd: Ignore SVHDX create context; (bso#11753). + Fix net join; (bso#11755). + s3:libads: setup the msDS-SupportedEncryptionTypes attribute on ldap_add; (bso#11755). + passdb: Add linefeed to debug message; (bso#11763). + s3:utils/smbget: Fix option parsing; (bso#11767). + libnet: Make Kerberos domain join site-aware; (bso#11769). + Reset TCP Connections during IP failover; (bso#11770). + ldb: Version 1.1.26; (bso#11772). + s3:smbd: Add negprot remote arch detection for OSX; (bso#11773). + vfs_glusterfs: Fix use after free in AIO callback; (bso#11774). + mkdir can return ACCESS_DENIED incorrectly on create race; (bso#11780). + "trustdom_list_done: Got invalid trustdom response" message should be avoided; (bso#11782). + Mismatch between local and remote attribute ids lets replication fail with custom schema; (bso#11783). + Quota is not supported on Solaris 10; (bso#11788). + Talloc: Version 2.1.6; (bso#11789). + smbd: Enable multi-channel if 'server multi channel support = yes' in the config; (bso#11796). + build: Fix build when '--without-quota' specified; (bso#11798). + lib/socket/interfaces: Fix some uninitialied bytes; (bso#11802). + Access based share enum: handle permission set in configuration files; (bso#8093). + See also WHATSNEW.txt from the samba-doc package.- Update to 4.3.6. + Getting and setting Windows ACLs on symlinks can change permissions on link target; CVE-2015-7560; (bso#11648); (bsc#968222). + Fix Out-of-bounds read in internal DNS server; CVE-2016-0771; (bso#11128); (bso#11686); (bsc#968223).- Upgrade on-disk FSRVP server state to new version; (bsc#924519).- Only obsolete but do not provide gplv2/3 package names; (bsc#968973).- Relocate existing lock files to /var/lib/samba/lock; (bsc#968963).- Obsolete no longer existing samba-32bit package; (bsc#967625).- Update to 4.3.5. + s3:utils/smbget: Fix recursive download; (bso#6482). + s3: smbd: posix_acls: Fix check for setting u:g:o entry on a filesystemi with no ACL support; (bso#10489). + s3:smbd/oplock: Obey kernel oplock setting when releasing oplocks; (bso#11400). + vfs_shadow_copy2: Fix case where snapshots are outside the share; (bso#11580). + smbclient: Query disk usage relative to current directory; (bso#11662). + winbindd: Handle expired sessions correctly; (bso#11670). + smbd: Show correct disk size for different quota and dfree block sizes; (bso#11681). + smbcacls: Fix uninitialized variable; (bso#11682). + s3:smbd: Ignore initial allocation size for directory creation; (bso#11684). + s3-client: Add a KRB5 wrapper for smbspool; (bso#11690). + s3-parm: Clean up defaults when removing global parameters; (bso#11693). + Use M2Crypto.RC4.RC4 on platforms without Crypto.Cipher.ARC4; (bso#11699). + s3: smbd: Fix timestamp rounding inside SMB2 create; (bso#11703). + ctdb: Remove error messages after kernel security update; CVE-2015-8543; (bso#11705). + loadparm: Fix memory leak issue; (bso#11708). + lib/tsocket: Work around sockets not supporting FIONREAD; (bso#11714). + ctdb-scripts: Drop use of "smbcontrol winbindd ip-dropped ..."; (bso#11719). + s3:smbd:open: Skip redundant call to file_set_dosmode when creating a new file; (bso#11727). + param: Fix str_list_v3 to accept ";" again; (bso#11732).- Shift samba-client sysconfig data into samba and samba-winbind; (bsc#947361).- Simplify shared library packaging; (bsc#966956).- Enable clustering (CTDB) support; (bsc#966271).- s3: smbd: Fix timestamp rounding inside SMB2 create; (bso#11703); (bsc#964023).- Add quotes around path of update-apparmor-samba-profile; (bnc#962177).- Remove autoconf build-time requirement.- Update to 4.3.4. + vfs_fruit: Enable POSIX directory rename semantics; (bso#11065). + Crash: Bad talloc magic value - access after free; (bso#11394). + Copying files with vfs_fruit fails when using vfs_streams_xattr without stream prefix and type suffix; (bso#11466). + samba-tool: Fix uncaught exception if no fSMORoleOwner attribute is given; (bso#11613). + Fix a typo in the smb.conf manpage, explanation of idmap config; (bso#11619). + Correctly initialize the list head when keeping a list of primary followed by DFS connections; (bso#11624). + Reduce the memory footprint of empty string options; (bso#11625). + lib/async_req: Do not install async_connect_send_test; (bso#11639). + Fix typos in man vfs_gpfs; (bso#11641). + Make "hide dot files" option work with "store dos attributes = yes"; (bso#11645). + Fix a corner case of the symlink verification; (bso#11647); (bnc#960249). + Do not disable "store dos attributes" on-the-fly; (bso#11649). + Update lastLogon and lastLogonTimestamp; (bso#11659).- Prevent access denied if the share path is "/"; (bso#11647); (bnc#960249).- Update to 4.3.3. + Malicious request can cause Samba LDAP server to hang, spinning using CPU; CVE-2015-3223; (bso#11325); (bnc#958581). + Remote read memory exploit in LDB; CVE-2015-5330; (bso#11599); (bnc#958586). + Insufficient symlink verification (file access outside the share); CVE-2015-5252; (bso#11395); (bnc#958582). + No man in the middle protection when forcing smb encryption on the client side; CVE-2015-5296; (bso#11536); (bnc#958584). + Currently the snapshot browsing is not secure thru windows previous version (shadow_copy2); CVE-2015-5299; (bso#11529); (bnc#958583). + Fix Microsoft MS15-096 to prevent machine accounts from being changed into user accounts; CVE-2015-8467; (bso#11552); (bnc#958585).- Update to 4.3.2. + vfs_gpfs: Re-enable share modes; (bso#11243). + dcerpc.idl: Accept invalid dcerpc_bind_nak pdus; (bso#11327). + s3-smbd: Fix old DOS client doing wildcard delete - gives an attribute type of zero; (bso#11452). + Add libreplace dependency to texpect, fixes a linking error on Solaris; (bso#11511). + s4: Fix linking of 'smbtorture' on Solaris; (bso#11512). + s4:lib/messaging: Use correct path for names.tdb; (bso#11562). + Fix segfault of 'net ads (join|leave) -S INVALID' with nss_wins; (bso#11563). + async_req: Fix non-blocking connect(); (bso#11564). + auth: gensec: Fix a memory leak; (bso#11565). + lib: util: Make non-critical message a warning; (bso#11566). + Fix winbindd crashes with samlogon for trusted domain user; (bso#11569); (bnc#949022). + smbd: Send SMB2 oplock breaks unencrypted; (bso#11570). + ctdb: Open the RO tracking db with perms 0600 instead of 0000; (bso#11577). + s3:smb2_server: Make the logic of SMB2_CANCEL DLIST_REMOVE() clearer; (bso#11581). + s3-smbd: Fix use after issue in smbd_smb2_request_dispatch(); (bso#11581). + manpage: Correct small typo error; (bso#11584). + s3: smbd: If EAs are turned off on a share don't allow an SMB2 create containing them; (bso#11589). + Backport some valgrind fixes from upstream master; (bso#11597). + auth: Consistent handling of well-known alias as primary gid; (bso#11608). + winbind: Fix crash on invalid idmap configs; (bso#11612). + s3: smbd: have_file_open_below() fails to enumerate open files below an open directory handle; (bso#11615). + Changing log level of two entries to DBG_NOTICE; (bso#9912).- Ensure samlogon fallback requests are rerouted after kerberos failure; (bnc#953382); (bnc#953972).- Ensure to link with --as-needed flag by removing SUSE_ASNEEDED=0. - Always use the default optimization even on pre-9.2 systems.- Remove redundant configure options while adding with-relro.- Relocate the lockdir to the /var/lib/samba/lock directory.- Cleanup and enhance the pidl sub package.- Require renamed python-ldb-devel and python-talloc-devel at build-time. - Requires python-ldb and python-talloc from the python subpackage.- Update to 4.3.1. + s3: smbd: Fix our access-based enumeration on "hide unreadable" to match Windows; (bso#10252). + nss_winbind: Fix hang on Solaris on big groups; (bso#10365). + smbd: Fix file name buflen and padding in notify repsonse; (bso#10634). + kerberos: Make sure we only use prompter type when available; winbind: Fix 100% loop; (bso#11038). + source3/lib/msghdr.c: Fix compiling error on Solaris; (bso#11053). + s3:ctdbd_conn: make sure we destroy tevent_fd before closing the socket; (bso#11316). + s3: smbd: Fix mkdir race condition; (bso#11486). + pam_winbind: Fix a segfault if initialization fails; (bso#11502). + s3: dfs: Fix a crash when the dfs targets are disabled; (bso#11509). + s4:lib/messaging: Use 'msg.lock' and 'msg.sock' for messaging related subdirs; (bso#11515). + s3: smbd: Fix opening/creating :stream files on the root share directory; (bso#11522). + lib/param: Fix hiding of FLAG_SYNONYM values; (bso#11526). + net: Fix a crash with 'net ads keytab create'; (bso#11528). + s3: smbd: Fix a crash in unix_convert(); (bso#11535). + s3: smbd: Fix NULL pointer bug introduced by previous 'raw' stream fix (bso#11522); (bso#11535). + vfs_fruit: Return value of ad_pack in vfs_fruit.c; (bso#11543). + vfs_commit: set the fd on open before calling SMB_VFS_FSTAT; (bso#11547). + s3:locking: Initialize lease pointer in share_mode_traverse_fn(); (bso#11549). + s3:smbstatus: Add stream name to share_entry_forall(); (bso#11550). + s3:lib: Validate domain name in lookup_wellknown_name(); (bso#11555). + s3: lsa: lookup_name() logic for unqualified (no DOMAIN component) names is incorrect; (bso#11555).- Fix 100% CPU in winbindd when logging in with "user must change password on next logon"; (bso#11038).- Relocate the tmpfiles.d directory to the client package; (bnc#947552).- Do not provide libpdb0 from libsamba-passdb0 but add it to baselibs.conf instead; (bnc#942716).- Package /var/lib/samba/private/sock with 0700 permissions; (bnc#946051).- Package /var/lib/samba/msg with 0755 permissions; (bso#11515); (bnc#945502).- Require to install libfam0-gamin from samba-libs on post-12.1 and pre-13.15 systems; (bnc#945013).- Update to 4.3.0. + Samba "map to guest = Bad uid" doesn't work; (bso#9862). + revert LDAP extended rule 1.2.840.113556.1.4.1941 LDAP_MATCHING_RULE_IN_CHAIN changes; (bso#10493). + No objectClass found in replPropertyMetaData on ordinary objects (non-deleted); (bso#10973). + Stream names with colon don't work with fruit:encoding = native; (bso#11278). + NetApp joined to a Samba/ADDC cannot resolve SIDs; (bso#11291). + tevent_fd needs to be destroyed before closing the fd; (bso#11316). + "force group" with local group not working; (bso#11320). + strsep is not available on Solaris; (bso#11359). + smbtorture does not build when configured --with-system-mitkrb5; (bso#11411). + Build with GPFS support is broken; (bso#11421). + Build broken with --disable-python; (bso#11424). + net share allowedusers crashes; (bso#11426). + nmbd incorrectly matches netbios names as own name; (bso#11427). + Python bindings don't check integer types; (bso#11429). + Python bindings don't check array sizes; (bso#11430). + CTDB's eventscript error handling is broken; (bso#11431). + Fix crash in nested ctdb banning; (bso#11432). + Cannot build ctdbpmda; (bso#11434). + samba-tool uncaught exception error; (bso#11436). + Crash in notify_remove caused by change notify = no; (bso#11444). + Poor SMB3 encryption performance with AES-GCM; (bso#11451). + Poor SMB3 encryption performance with AES-GCM (part1); (bso#11451). + fix recursion problem in rep_strtoll in lib/replace/replace.c; (bso#11455). + --bundled-libraries=!ldb,!pyldb,!pyldb-util doesn't disable ldb build and install; (bso#11458). + xid2sid gives inconsistent results; (bso#11464). + ctdb: Fix the build on FreeBSD 10.1; (bso#11465). + Handling of 0 byte resource fork stream; (bso#11467). + AD samr GetGroupsForUser fails for users with "()" in their name; (bso#11488).- Configure with --bundled-libraries=NONE; (bso#11458).- Adapt net-kdc-lookup patch for post-3.3 Samba versions; (bnc#295284).- Remove libiniparser-devel build-time requirement.- Update to 4.2.3. + s4:lib/tls: Fix build with gnutls 3.4; (bso#8780). + s4.2/fsmo.py: Fixed fsmo transfer exception; (bso#10924). + winbindd: Sync secrets.ldb into secrets.tdb on startup; (bso#10991). + Logon via MS Remote Desktop hangs; (bso#11061). + s3: lib: util: Ensure we read a hex number as %x, not %u; (bso#11068). + tevent: Add a note to tevent_add_fd(); (bso#11141). + s3:param/loadparm: Fix 'testparm --show-all-parameters'; (bso#11170). + s3-unix_msg: Remove socket file after closing socket fd; (bso#11217). + smbd: Fix a use-after-free; (bso#11218); (bnc#919309). + s3-rpc_server: Fix rpc_create_tcpip_sockets() processing of interfaces; (bso#11245). + s3:smb2: Add padding to last command in compound requests; (bso#11277). + Add IPv6 support to ADS client side LDAP connects; (bso#11281). + Add IPv6 support for determining FQDN during ADS join; (bso#11282). + s3: IPv6 enabled DNS connections for ADS client; (bso#11283). + Fix invalid write in ctdb_lock_context_destructor; (bso#11293). + Excessive cli_resolve_path() usage can slow down transmission; (bso#11295). + vfs_fruit: Add option "veto_appledouble"; (bso#11305). + tstream: Make socketpair nonblocking; (bso#11312). + idmap_rfc2307: Fix wbinfo '--gid-to-sid' query; (bso#11313). + Group creation: Add msSFU30Name only when --nis-domain was given; (bso#11315). + tevent_fd needs to be destroyed before closing the fd; (bso#11316). + Build fails on Solaris 11 with "‘PTHREAD_MUTEX_ROBUST’ undeclared"; (bso#11319). + smbd/trans2: Add a useful diagnostic for files with bad encoding; (bso#11323). + Change sharesec output back to previous format; (bso#11324). + Robust mutex support broken in 1.3.5; (bso#11326). + Kerberos auth info3 should contain resource group ids available from pac_logon; winbindd: winbindd_raw_kerberos_login - ensure logon_info exists in PAC; (bso#11328); (bnc#912457). + s3:smb2_setinfo: Fix memory leak in the defer_rename case; (bso#11329). + tevent: Fix CID 1035381 Unchecked return value; (bso#11330). + tdb: Fix CID 1034842 and 1034841 Resource leaks; (bso#11331). + s3: smbd: Use separate flag to track become_root()/unbecome_root() state; (bso#11339). + s3: smbd: Codenomicon crash in do_smb_load_module(); (bso#11342). + pidl: Make the compilation of PIDL producing the same results if the content hasn't change; (bso#11356). + winbindd: Disconnect child process if request is cancelled at main process; (bso#11358). + vfs_fruit: Check offset and length for AFP_AfpInfo read requests; (bso#11363). + docs: Overhaul the description of "smb encrypt" to include SMB3 encryption; (bso#11366). + s3:auth_domain: Fix talloc problem in connect_to_domain_password_server(); (bso#11367). + ncacn_http: Fix GNUism; (bso#11371).- Disable rpath usage; (bnc#902421).- Make the winbind package depend on the matching libwbclient version and vice versa; (bnc#936909).- Backport changes to use resource group sids obtained from pac logon_info; (bso#11328); (bnc#912457).- Order winbind.service Before and Want nss-user-lookup target.- Remove fam-devel build-time dependency for post-6 RHEL systems.- Update to 4.2.2. + s3:smbXsrv: refactor duplicate code into smbXsrv_session_clear_and_logoff(); (bso#11182). + gencache: don't fail gencache_stabilize if there were records to delete; (bso#11260). + s3: libsmbclient: After getting attribute server, ensure main srv pointer is still valid; (bso#11186). + s4: rpc: Refactor dcesrv_alter() function into setup and send steps; (bso#11236). + s3: smbd: Incorrect file size returned in the response of "FILE_SUPERSEDE Create"; (bso#11240). + Mangled names do not work with acl_xattr; (bso#11249). + nmbd rewrites browse.dat when not required; (bso#11254). + vfs_fruit: add option "nfs_aces" that controls the NFS ACEs stuff; (bso#11213). + s3:smbd: Add missing tevent_req_nterror; (bso#11224). + vfs: kernel_flock and named streams; (bso#11243). + vfs_gpfs: Error code path doesn't call END_PROFILE; (bso#11244). + s4: libcli/finddcs_cldap: continue processing CLDAP until all addresses are used; (bso#11284). + ctdb: check for talloc_asprintf() failure; (bso#11201). + spoolss: purge the printer name cache on name change; (bso#11210); (bnc#901813). + CTDB statd-callout does not scale; (bso#11204). + vfs_fruit: also map characters below 0x20; (bso#11221). + ctdb: Coverity fix for CID 1291643; (bso#11201). + Multiplexed RPC connections are not handled by DCERPC server; (bso#11225). + Fix terminate connection behavior for asynchronous endpoint with PUSH notification flavors; (bso#11226). + ctdb-scripts: Fix bashism in ctdbd_wrapper script; (bso#11007). + ctdb: Fix CIDs 1125615, 1125634, 1125613, 1288201 and 1125553; (bso#11201). + SMB2 should cancel pending NOTIFY calls with DELETE_PENDING if the directory is deleted; (bso#11257). + s3:winbindd: make sure we remove pending io requests before closing client sockets; (bso#11141); (bnc#931854). + Fix panic triggered by smbd_smb2_request_notify_done() -> smbXsrv_session_find_channel() in smbd; (bso#11182). + 'sharesec' output no longer matches input format; (bso#11237). + waf: Fix systemd detection; (bso#11200). + CTDB: Fix portability issues; (bso#11202). + CTDB: Fix some IPv6-related issues; (bso#11203). + CTDB statd-callout does not scale; (bso#11204). + 'net ads dns gethostbyname' crashes with an error in TALLOC_FREE if you enter invalid values; (bso#11234). + libads: record service ticket endtime for sealed ldap connections; (bso#11267). + lib/util: Include DEBUG macro in internal header files before samba_util.h; (bso#11033).- Avoid a crash inside the tevent epoll backend; (bso#11141); (bnc#931854).- Remove the independently built libraries ldb, talloc, tdn, and tevent and the post-10.3 renamed libsmbclient from baselibs.conf.- Drop redundant doc attribute from man pages.- Update to 4.2.1. + s3:winbind:grent: Don't stop group enumeration when a group has no gid; (bso#8905). + Initialize dwFlags field of DNS_RPC_NODE structure; (bso#9791). + s3: lib: ntlmssp: If NTLMSSP_NEGOTIATE_TARGET_INFO isn't set, cope with servers that don't send the 2 unused fields; (bso#10016). + build:wafadmin: Fix use of spaces instead of tabs; (bso#10476). + waf: Fix the build on openbsd; (bso#10476). + s3: client: "client use spnego principal = yes" code checks wrong name; (bso#10888). + spoolss: Retrieve published printer GUID if not in registry; (bso#11018). + s3: lib: libsmbclient: If reusing a server struct, check every cli->timout miliseconds if it's still valid before use; (bso#11079). + vfs_fruit: Enhance handling of malformed AppleDouble files; (bso#11125). + backupkey: Explicitly link to gnutls and gcrypt; (bso#11135). + replace: Remove superfluous check for gcrypt header; (bso#11135). + Backport subunit changes; (bso#11137). + libcli/auth: Match Declaration of netlogon_creds_cli_context_tmp with implementation; (bso#11140). + s3-winbind: Fix cached user group lookup of trusted domains; (bso#11143). + talloc: Version 2.1.2; (bso#11144). + Update libwbclient version to 0.12; (bso#11149). + brlock: Use 0 instead of empty initializer list; (bso#11153). + s4:auth/gensec_gssapi: Let gensec_gssapi_update() return NT_STATUS_LOGON_FAILURE for unknown errors; (bso#11164). + docs/idmap_rid: Remove deprecated base_rid from example; (bso#11169); (bnc#913304). + s3: libcli: smb1: Ensure we correctly finish a tevent req if the writev fails in the SMB1 case; (bso#11173). + backupkey: Use ndr_pull_struct_blob_all(); (bso#11174). + Fix lots of winbindd zombie processes on Solaris platform; (bso#11175). + s3: libsmbclient: Add missing talloc stackframe; (bso#11177). + s4-process_model: Do not close random fds while forking; (bso#11180). + s3-passdb: Fix 'force user' with winbind default domain; (bso#11185).- Prevent samba package updates from disabling samba kerberos printing.- Add sparse file support for samba; (fate#318424).- Purge printer name cache on spoolss SetPrinter change; (bso#11210); (bnc#901813).- Correctly retain errno from Btrfs snapshot ioctls; (bnc#923374).- Simplify libxslt build requirement and README.SUSE install. - Remove no longer required cleanup steps while populating the build root.- Remove deprecated base_rid example from idmap_rid manpage; (bso#11169); (bnc#913304).- Update to 4.2.0. + smbd: Stop using vfs_Chdir after SMB_VFS_DISCONNECT; (bso#1115). + pam_winbind: fix warn_pwd_expire implementation; (bso#9056). + nsswitch: Fix soname of linux nss_*.so.2 modules; (bso#9299). + Make 'profiles' work again; (bso#9629). + s3:smb2_server: protect against integer wrap with "smb2 max credits = 65535"; (bso#9702). + Make validate_ldb of String(Generalized-Time) accept millisecond format ".000Z"; (bso#9810). + Use -R linker flag on Solaris, not -rpath; (bso#10112). + vfs: Add glusterfs manpage; (bso#10240). + Make 'smbclient' use cached creds; (bso#10279). + pdb: Fix build issues with shared modules; (bso#10355). + s4-dns: Add support for BIND 9.10; (bso#10620). + idmap: Return the correct id type to *id_to_sid methods; (bso#10720). + printing/cups: Pack requested-attributes with IPP_TAG_KEYWORD; (bso#10808). + Don't build vfs_snapper on FreeBSD; (bso#10834). + nss_winbind: Add getgroupmembership for FreeBSD; (bso#10835). + idmap_rfc2307: Fix a crash after connection problem to DC; (bso#10837). + s3: smb2cli: query info return length check was reversed; (bso#10848). + s3: lib, s3: modules: Fix compilation on Solaris; (bso#10849). + lib: uid_wrapper: Fix setgroups and syscall detection on a system without native uid_wrapper library; (bso#10851). + winbind3: Fix pwent variable substitution; (bso#10852). + Improve samba-regedit; (bso#10859). + registry: Don't leave dangling transactions; (bso#10860). + Fix build of socket_wrapper on systems without SO_PROTOCOL; (bso#10861). + build: Do not install 'texpect' binary anymore; (bso#10862). + Fix testparm to show hidden share defaults; (bso#10864). + libcli/smb: Fix smb2cli_validate_negotiate_info with min=PROTOCOL_NT1 max=PROTOCOL_SMB2_02; (bso#10866). + Integrate CTDB into top-level Samba build; (bso#10892). + samba-tool group add: Add option '--nis-domain' and '--gid'; (bso#10895). + s3-nmbd: Fix netbios name truncation; (bso#10896). + spoolss: Fix handling of bad EnumJobs levels; (bso#10898). + Fix smbclient loops doing a directory listing against Mac OS X 10 server with a non-wildcard path; (bso#10904). + Fix print job enumeration; (bso#10905); (bnc#898031). + samba-tool: Create NIS enabled users and unixHomeDirectory attribute; (bso#10909). + Add support for SMB2 leases; (bso#10911). + btrfs: Don't leak opened directory handle; (bso#10918). + s3: nmbd: Ensure NetBIOS names are only 15 characters stored; (bso#10920). + s3:smbd: Fix file corruption using "write cache size != 0"; (bso#10921). + pdb_tdb: Fix a TALLOC/SAFE_FREE mixup; (bso#10932). + s3-keytab: fix keytab array NULL termination; (bso#10933). + s3:passdb: fix logic in pdb_set_pw_history(); (bso#10940). + Cleanup add_string_to_array and usage; (bso#10942). + dbwrap_ctdb: Pass on mutex flags to tdb_open; (bso#10942). + Fix RootDSE search with extended dn control; (bso#10949). + Fix 'samba-tool dns serverinfo ' for IPv6; (bso#10952). + libcli/smb: only force signing of smb2 session setups when binding a new session; (bso#10958). + s3-smbclient: Return success if we listed the shares; (bso#10960). + s3-smbstatus: Fix exit code of profile output; (bso#10961). + socket_wrapper: Add missing prototype check for eventfd; (bso#10965). + libcli: SMB2: Pure SMB2-only negprot fix to make us behave as a Windows client does; (bso#10966). + vfs_streams_xattr: Check stream type; (bso#10971). + s3: smbd: Fix *allocate* calls to follow POSIX error return convention; (bso#10982). + vfs_fruit: Add support for AAPL; (bso#10983). + Fix spoolss IDL response marshalling when returning error without clearing info; (bso#10984). + dsdb-samldb: Check for extended access rights before we allow changes to userAccountControl; (bso#10993); CVE-2014-8143; (boo#914279). + Fix IPv6 support in CTDB; (bso#10996). + ctdb-daemon: Use correct tdb flags when enabling robust mutex support; (bso#11000). + vfs_streams_xattr: Add missing call to SMB_VFS_NEXT_CONNECT; (bso#11005). + s3-util: Fix authentication with long hostnames; (bso#11008). + ctdb-build: Fix build without xsltproc; (bso#11014). + packaging: Include CTDB man pages in the tarball; (bso#11014). + pdb_get_trusteddom_pw() fails with non valid UTF16 random passwords; (bso#11016). + Make Sharepoint search show user documents; (bso#11022). + nss_wrapper: check for nss.h; (bso#11026). + Enable mutexes in gencache_notrans.tdb; (bso#11032). + tdb_wrap: Make mutexes easier to use; (bso#11032). + lib/util: Avoid collision which alread defined consumer DEBUG macro; (bso#11033). + winbind: Retry after SESSION_EXPIRED error in ping-dc; (bso#11034). + s3-libads: Fix a possible segfault in kerberos_fetch_pac(); (bso#11037). + vfs_fruit: Fix base_fsp name conversion; (bso#11039). + vfs_fruit: mmap under FreeBSD needs PROT_READ; (bso#11040). + Fix authentication using Kerberos (not AD); (bso#11044). + net: Fix sam addgroupmem; (bso#11051). + vfs_snapper: Correctly handles multi-byte DBus strings; (bso#11055); (bnc#913238). + cli_connect_nb_send: Don't segfault on host == NULL; (bso#11058). + utils: Fix 'net time' segfault; (bso#11058). + libsmb: Provide authinfo domain for encrypted session referrals; (bso#11059). + s3-pam_smbpass: Fix memory leak in pam_sm_authenticate(); (bso#11066). + vfs_glusterfs: Add comments to the pipe(2) code; (bso#11069). + vfs/glusterfs: Change xattr key to match gluster key; (bso#11069). + vfs_glusterfs: Implement AIO support; (bso#11069). + s3-vfs: Fix developer build of vfs_ceph module; (bso#11070). + s3: netlogon: Ensure we don't call talloc_free on an uninitialized pointer; (bso#11077); CVE-2015-0240; (bnc#917376). + vfs: Add a brief vfs_ceph manpage; (bso#11088). + s3: smbclient: Allinfo leaves the file handle open; (bso#11094). + Fix Win8.1 Credentials Manager issue after KB2992611 on Samba domain; (bso#11097). + debug: Set close-on-exec for the main log file FD; (bso#11100). + s3: smbd: leases - losen paranoia check. Stat opens can grant leases; (bso#11102). + s3: smbd: SMB2 close. If a file has delete on close, store the return info before deleting; (bso#11104). + doc:man:vfs_glusterfs: improve the configuration section; (bso#11117). + snprintf: Try to support %j; (bso#11119). + ctdb-io: Do not use sys_write to write to client sockets; (bso#11124). + doc-xml: Add 'sharesec' reference to 'access based share enum'; (bso#11127).- Update to 4.2.0rc5. + Ensure we don't call talloc_free on an uninitialized pointer; CVE-2015-0240; (bso#11077); (bnc#917376).- Fix usage of freed memory on server exit; (bso#11218); (bnc#919309).- Fix tdb_store_flag_to_ntdb() gcc5 build failure.- Fix vfs_snapper DBus string handling; (bso#11055); (bnc#913238).- Update to 4.1.16. + dsdb-samldb: Check for extended access rights before we allow changes to userAccountControl; (bso#10993); CVE-2014-8143; (boo#914279).- Adjust baselibs.conf due to libpdb0 package rename to libsamba-passdb0.- Fix libsmbclient DFS referral handling. + Reuse connections derived from DFS referrals; (bso#10123); (fate#316512). + Set domain/workgroup based on authentication callback value; (bso#11059).- Update to 4.2.0rc4. - Add libsamba-debug, libsocket-blocking, libsamba-cluster-support, and libhttp to the libs package; (boo#913547). - Rename libpdb packages to libsamba-passdb. - Drop libsmbsharemodes packages.- Enable avahi support on post-12.2 systems.- Update to 4.1.15. + pam_winbind: Fix warn_pwd_expire implementation; (bso#9056). + nsswitch: Fix soname of linux nss_*.so.2 modules; (bso#9299). + Fix profiles tool; (bso#9629). + s3-lib: Do not require a password with --use-ccache; (bso#10279). + s4:dsdb/rootdse: Expand extended dn values with the AS_SYSTEM control; (bso#10949). + s4-rpc: dnsserver: Fix enumeration of IPv4 and IPv6 addresses; (bso#10952). + s3:smb2_server: Allow reauthentication without signing; (bso#10958). + s3-smbclient: Return success if we listed the shares; (bso#10960). + s3-smbstatus: Fix exit code of profile output; (bso#10961). + libcli: SMB2: Pure SMB2-only negprot fix to make us behave as a Windows client does; (bso#10966). + s3: smbd/modules: Fix *allocate* calls to follow POSIX error return convention; (bso#10982). + Fix 'domain join' by adding 'drsuapi.DsBindInfoFallBack' attribute 'supported_extensions'; (bso#11006). + idl:drsuapi: Manage all possible lengths of drsuapi_DsBindInfo; (bso#11006). + winbind: Retry LogonControl RPC in ping-dc after session expiration; (bso#11034).- yast2-samba-client should be able to specify osName and osVer on AD domain join; (bnc#873922).- Lookup FSRVP share snums at runtime rather than storing them persistently; (bnc#908627).- Specify soft dependency for network-online.target in Winbind systemd service file; (bnc#889175).- Fix spoolss error response marshalling; (bso#10984).- Update to 4.1.14. + pidl/wscript: Remove --with-perl-* options; revert buildtools/wafadmin/ Tools/perl.py back to upstream state; (bso#10472). + s4-dns: Add support for BIND 9.10; (bso#10620). + nmbd fails to accept "--piddir" option; (bso#10711). + nss_winbind: Add getgroupmembership for FreeBSD; (bso#10835). + S3: source3/smbd/process.c::srv_send_smb() returns true on the error path; (bso#10880). + vfs_glusterfs: Remove "integer fd" code and store the glfs pointers; (bso#10889). + s3-nmbd: Fix netbios name truncation; (bso#10896). + spoolss: Fix handling of bad EnumJobs levels; (bso#10898). + s3: libsmbclient-smb2. MacOSX 10 SMB2 server doesn't set STATUS_NO_MORE_FILES when handed a non-wildcard path; (bso#10904). + spoolss: Fix jobid in level 3 EnumJobs response; (bso#10905). + s3: nmbd: Ensure NetBIOS names are only 15 characters stored; (bso#10920). + s3:smbd: Fix file corruption using "write cache size != 0"; (bso#10921). + pdb_tdb: Fix a TALLOC/SAFE_FREE mixup; (bso#10932). + s3-keytab: Fix keytab array NULL termination; (bso#10933). + Cleanup add_string_to_array and usage; (bso#10942).- Remove and cleanup shares and registry state associated with externally deleted snaphots exposed as shadow copies; (bnc#876312).- Use the upstream tar ball, as signature verification is now able to handle compressed archives.- Fix leak when closing file descriptor returned from dirfd; (bso#10918).- Fix spoolss EnumJobs and GetJob responses; (bso#10905); (bnc#898031). + Fix handling of bad EnumJobs levels; (bso#10898).- Remove dependency on gpg-offline as signature checking is implemented in the source validator.- Update to 4.1.13. + s3-libnet: Add libnet_join_get_machine_spns(); (bso#9984). + s3-libnet: Make sure we do not overwrite precreated SPNs; (bso#9984). + s3-libads: Add all machine account principals to the keytab; (bso#9985). + s3: winbindd: Old NT Domain code sets struct winbind_domain->alt_name to be NULL. Ensure this is safe with modern AD-DCs; (bso#10717). + Fix unstrcpy; (bso#10735). + pthreadpool: Slightly serialize jobs; (bso#10779). + s3: smbd: streams - Ensure share mode validation ignores internal opens (op_mid == 0); (bso#10797). + s3: smbd:open_file: Open logic fix; Use a more natural check; (bso#10809). + vfs_media_harmony: Fix a crash bug; (bso#10813). + docs: Mention incompatibility between kernel oplocks and streams_xattr; (bso#10814). + nmbd: Send waiting status to systemd; (bso#10816). + libcli: Fix a segfault calling smbXcli_req_set_pending() on NULL; (bso#10817). + nsswitch: Skip groups we were not able to map; (bso#10824). + s3-winbindd: Use correct realm for trusted domains in idmap child; (bso#10826). + s3: nmbd: Ensure the main nmbd process doesn't create zombies; (bso#10830). + s3: lib: Signal handling - ensure smbrun and change password code save and restore existing SIGCHLD handlers; (bso#10831). + idmap_rfc2307: Fix a crash after connection problem to DC; (bso#10837). + s3-winbindd: Do not use domain SID from LookupSids for Sids2UnixIDs call; (bso#10838). + s3: smb2cli: Query info return length check was reversed; (bso#10848). + registry: Don't leave dangling transactions; (bso#10860).- Update to 4.2.0rc2.obs-arm-6 1640268977  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~|      !"#$%&'()*+,-.+0123456789:;<=>?@ABCDEFGHIJKLMNOMQRSTUVWBYB[B]B_`abcdefgeieklmnopqrrtuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~4.11.14+git.313.d4e302805e1-lp152.3.31.24.11.14+git.313.d4e302805e1-lp152.3.31.2     !!!!!!!!!!!!!"!#!$$%%%%%&&&&&&&'&((((((((((((((((((((((((((((((((((((((((((((((((((((())***********************************+,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,-...................................................................................................................................../ctdbtestscmdline_testcomm_client_testcomm_server_testcomm_testconf_testctdb_io_testctdb_packet_parsectdb_takeover_testsdb_hash_testdummy_clienterrcodeevent_protocol_testevent_script_testfake_ctdbdfetch_loopfetch_loop_keyfetch_readonlyfetch_readonly_loopfetch_ringg_lock_loophash_count_testline_testlock_tdbmessage_ringpidfile_testpkt_read_testpkt_write_testporting_testsprotocol_basic_testprotocol_ctdb_compat_testprotocol_ctdb_testprotocol_types_compat_testprotocol_types_testprotocol_util_testrb_testreqid_testrun_event_testrun_proc_testsigcodesock_daemon_testsock_io_testsrvid_testsystem_socket_testtransaction_looptunnel_cmdtunnel_testupdate_recordupdate_record_persistentctdbtestscomplex11_ctdb_delip_removes_ip.sh18_ctdb_reloadips.sh30_nfs_tickle_killtcp.sh31_nfs_tickle.sh32_cifs_tickle.sh33_gratuitous_arp.sh34_nfs_tickle_restart.sh36_smb_reset_server.sh37_nfs_reset_server.sh41_failover_ping_discrete.sh42_failover_ssh_hostname.sh43_failover_nfs_basic.sh44_failover_nfs_oneway.sh45_failover_nfs_kill.sh60_rogueip_releaseip.sh61_rogueip_takeip.shREADMEscriptslocal.bashcunitcmdline_test_001.shcomm_test_001.shcomm_test_002.shconf_test_001.shconfig_test_001.shconfig_test_002.shconfig_test_003.shconfig_test_004.shconfig_test_005.shconfig_test_006.shconfig_test_007.shctdb_io_test_001.shdb_hash_test_001.shevent_protocol_test_001.shevent_script_test_001.shhash_count_test_001.shline_test_001.shpath_tests_001.shpidfile_test_001.shpkt_read_001.shpkt_write_001.shporting_tests_001.shprotocol_test_001.shprotocol_test_002.shprotocol_test_012.shprotocol_test_101.shprotocol_test_111.shprotocol_test_201.shrb_test_001.shreqid_test_001.shrun_event_001.shrun_proc_001.shsock_daemon_test_001.shsock_io_test_001.shsrvid_test_001.shsystem_socket_test_001.shetc-ctdbeventslegacy00.test.scripteventdREADMEetc-ctdbctdb.confdebug-script.sheventsdata03.notalink.scriptREADMEemptyREADMEmulti01.test.script02.test.script03.test.scriptrandom01.disabled.script02.enabled.scriptREADME.scripta.scriptshareeventsdata01.dummy.script02.disabled.scriptemptyREADMErandom01.disabled.script02.enabled.scriptREADME.scripta.scripteventd_001.sheventd_002.sheventd_003.sheventd_004.sheventd_005.sheventd_006.sheventd_007.sheventd_008.sheventd_009.sheventd_011.sheventd_012.sheventd_013.sheventd_014.sheventd_021.sheventd_022.sheventd_023.sheventd_024.sheventd_031.sheventd_032.sheventd_033.sheventd_041.sheventd_042.sheventd_043.sheventd_044.sheventd_051.sheventd_052.shscriptslocal.sheventscripts00.ctdb.init.001.sh00.ctdb.init.002.sh00.ctdb.init.003.sh00.ctdb.init.004.sh00.ctdb.init.005.sh00.ctdb.init.006.sh00.ctdb.init.007.sh00.ctdb.init.008.sh00.ctdb.init.009.sh00.ctdb.setup.001.sh00.ctdb.setup.002.sh00.ctdb.setup.003.sh00.ctdb.setup.004.sh01.reclock.monitor.001.sh01.reclock.monitor.002.sh01.reclock.monitor.003.sh01.reclock.monitor.004.sh01.reclock.monitor.005.sh05.system.monitor.001.sh05.system.monitor.002.sh05.system.monitor.003.sh05.system.monitor.004.sh05.system.monitor.005.sh05.system.monitor.006.sh05.system.monitor.007.sh05.system.monitor.011.sh05.system.monitor.012.sh05.system.monitor.014.sh05.system.monitor.015.sh05.system.monitor.017.sh05.system.monitor.018.sh06.nfs.releaseip.001.sh06.nfs.releaseip.002.sh06.nfs.takeip.001.sh06.nfs.takeip.002.sh10.interface.010.sh10.interface.011.sh10.interface.012.sh10.interface.013.sh10.interface.init.001.sh10.interface.init.002.sh10.interface.init.021.sh10.interface.init.022.sh10.interface.init.023.sh10.interface.monitor.001.sh10.interface.monitor.002.sh10.interface.monitor.003.sh10.interface.monitor.004.sh10.interface.monitor.005.sh10.interface.monitor.006.sh10.interface.monitor.009.sh10.interface.monitor.010.sh10.interface.monitor.011.sh10.interface.monitor.012.sh10.interface.monitor.013.sh10.interface.monitor.014.sh10.interface.monitor.015.sh10.interface.monitor.016.sh10.interface.monitor.017.sh10.interface.monitor.018.sh10.interface.multi.001.sh10.interface.releaseip.001.sh10.interface.releaseip.002.sh10.interface.startup.001.sh10.interface.startup.002.sh10.interface.takeip.001.sh10.interface.takeip.002.sh10.interface.takeip.003.sh11.natgw.001.sh11.natgw.002.sh11.natgw.003.sh11.natgw.004.sh11.natgw.011.sh11.natgw.012.sh11.natgw.013.sh11.natgw.014.sh11.natgw.015.sh11.natgw.021.sh11.natgw.022.sh11.natgw.023.sh11.natgw.024.sh11.natgw.025.sh11.natgw.031.sh11.natgw.041.sh11.natgw.042.sh11.natgw.051.sh11.natgw.052.sh11.natgw.053.sh11.natgw.054.sh13.per_ip_routing.001.sh13.per_ip_routing.002.sh13.per_ip_routing.003.sh13.per_ip_routing.004.sh13.per_ip_routing.005.sh13.per_ip_routing.006.sh13.per_ip_routing.007.sh13.per_ip_routing.008.sh13.per_ip_routing.009.sh13.per_ip_routing.010.sh13.per_ip_routing.011.sh13.per_ip_routing.012.sh13.per_ip_routing.013.sh13.per_ip_routing.014.sh13.per_ip_routing.015.sh13.per_ip_routing.016.sh13.per_ip_routing.017.sh13.per_ip_routing.018.sh13.per_ip_routing.019.sh13.per_ip_routing.021.sh13.per_ip_routing.022.sh13.per_ip_routing.023.sh13.per_ip_routing.024.sh20.multipathd.monitor.001.sh20.multipathd.monitor.002.sh20.multipathd.monitor.003.sh20.multipathd.monitor.004.sh31.clamd.monitor.002.sh31.clamd.monitor.003.sh40.vsftpd.monitor.002.sh40.vsftpd.shutdown.002.sh40.vsftpd.startup.002.sh41.httpd.monitor.002.sh41.httpd.shutdown.002.sh41.httpd.startup.002.sh49.winbind.monitor.101.sh49.winbind.monitor.102.sh49.winbind.shutdown.002.sh49.winbind.startup.002.sh50.samba.monitor.101.sh50.samba.monitor.103.sh50.samba.monitor.104.sh50.samba.monitor.105.sh50.samba.monitor.106.sh50.samba.monitor.110.sh50.samba.monitor.111.sh50.samba.monitor.112.sh50.samba.monitor.113.sh50.samba.shutdown.001.sh50.samba.shutdown.002.sh50.samba.shutdown.011.sh50.samba.startup.011.sh60.nfs.monitor.101.sh60.nfs.monitor.102.sh60.nfs.monitor.103.sh60.nfs.monitor.104.sh60.nfs.monitor.105.sh60.nfs.monitor.106.sh60.nfs.monitor.107.sh60.nfs.monitor.108.sh60.nfs.monitor.109.sh60.nfs.monitor.111.sh60.nfs.monitor.112.sh60.nfs.monitor.113.sh60.nfs.monitor.114.sh60.nfs.monitor.121.sh60.nfs.monitor.122.sh60.nfs.monitor.131.sh60.nfs.monitor.132.sh60.nfs.monitor.141.sh60.nfs.monitor.142.sh60.nfs.monitor.143.sh60.nfs.monitor.144.sh60.nfs.monitor.151.sh60.nfs.monitor.152.sh60.nfs.monitor.153.sh60.nfs.monitor.161.sh60.nfs.monitor.162.sh60.nfs.multi.001.sh60.nfs.multi.002.sh60.nfs.releaseip.001.sh60.nfs.releaseip.002.sh60.nfs.shutdown.001.sh60.nfs.shutdown.002.sh60.nfs.startup.001.sh60.nfs.startup.002.sh60.nfs.takeip.001.sh60.nfs.takeip.002.sh91.lvs.001.sh91.lvs.ipreallocated.011.sh91.lvs.ipreallocated.012.sh91.lvs.ipreallocated.013.sh91.lvs.ipreallocated.014.sh91.lvs.monitor.001.sh91.lvs.monitor.002.sh91.lvs.monitor.003.sh91.lvs.shutdown.001.sh91.lvs.shutdown.002.sh91.lvs.startup.001.sh91.lvs.startup.002.shREADMEetcetc-ctdbpublic_addressesrc.localinit.dnfsnfslocksambasmb.confsysconfignfsscripts00.ctdb.sh01.reclock.sh05.system.sh06.nfs.sh10.interface.sh11.natgw.sh13.per_ip_routing.sh20.multipathd.sh31.clamd.sh40.vsftpd.sh41.httpd.sh49.winbind.sh50.samba.sh60.nfs.sh91.lvs.shlocal.shstatd-callout.shstatd-callout.001.shstatd-callout.002.shstatd-callout.003.shstatd-callout.004.shstatd-callout.005.shstatd-callout.006.shstatd-callout.007.shstubsctdbctdb-configctdb_killtcpctdb_lvsctdb_natgwdatedfethtoolexportfsidipip6tablesiptablesipvsadmkillkillallmultipathnetpidofpkillpsrmrpc.lockdrpc.mountdrpc.rquotadrpc.statdrpcinfoservicesleepsmnotifysstdbdumptdbtooltestparmtimeoutwbinfoonnode0001.sh0002.sh0003.sh0004.sh0005.sh0006.sh0010.sh0011.sh0070.sh0071.sh0072.sh0075.shetc-ctdbnodesscriptslocal.shstubsctdbsshscriptscommon.shintegration.bashscript_install_paths.shtest_wrapunit.shshellcheckbase_scripts.shctdb_helpers.shctdbd_wrapper.shevent_scripts.shfunctions.shinit_script.shscriptslocal.shtools.shsimple00_ctdb_onnode.sh01_ctdb_reclock_command.sh02_ctdb_tunables.sh05_ctdb_listnodes.sh06_ctdb_getpid.sh07_ctdb_process_exists.sh08_ctdb_isnotrecmaster.sh09_ctdb_ping.sh11_ctdb_ip.sh12_ctdb_getdebug.sh13_ctdb_setdebug.sh14_ctdb_statistics.sh15_ctdb_statisticsreset.sh16_ctdb_config_add_ip.sh17_ctdb_config_delete_ip.sh18_ctdb_reloadips.sh19_ip_takeover_noop.sh20_delip_iface_gc.sh21_ctdb_attach.sh23_ctdb_moveip.sh24_ctdb_getdbmap.sh25_dumpmemory.sh26_ctdb_config_check_error_on_unreachable_ctdb.sh27_ctdb_detach.sh28_zero_eventscripts.sh32_ctdb_disable_enable.sh35_ctdb_getreclock.sh42_ctdb_stop_continue.sh43_stop_recmaster_yield.sh51_message_ring.sh52_fetch_ring.sh53_transaction_loop.sh54_transaction_loop_recovery.sh55_ctdb_ptrans.sh56_replicated_transaction_recovery.sh58_ctdb_restoredb.sh60_recoverd_missing_ip.sh69_recovery_resurrect_deleted.sh70_recoverpdbbyseqnum.sh71_ctdb_wipedb.sh72_update_record_persistent.sh73_tunable_NoIPTakeover.sh75_readonly_records_basic.sh76_ctdb_pdb_recovery.sh77_ctdb_db_recovery.sh78_ctdb_large_db_recovery.sh79_volatile_db_traverse.sh80_ctdb_traverse.sh81_tunnel_ring.sh90_debug_hung_script.sh91_version_check.shREADMEscriptslocal.bashlocal_daemons.bashtakeoverREADMEdet.001.shdet.002.shdet.003.shlcp2.001.shlcp2.002.shlcp2.003.shlcp2.004.shlcp2.005.shlcp2.006.shlcp2.007.shlcp2.008.shlcp2.009.shlcp2.010.shlcp2.011.shlcp2.012.shlcp2.013.shlcp2.014.shlcp2.015.shlcp2.016.shlcp2.024.shlcp2.025.shlcp2.027.shlcp2.028.shlcp2.029.shlcp2.030.shlcp2.031.shlcp2.032.shlcp2.033.shlcp2.034.shlcp2.035.shnondet.001.shnondet.002.shnondet.003.shscriptslocal.shtakeover_helper000.sh010.sh011.sh012.sh013.sh014.sh016.sh017.sh018.sh019.sh021.sh022.sh023.sh024.sh025.sh026.sh027.sh028.sh030.sh031.sh110.sh111.sh120.sh121.sh122.sh130.sh131.sh132.sh140.sh150.sh160.sh210.sh211.sh220.sh230.sh240.sh250.sh260.shscriptslocal.shtoolREADMEctdb.attach.001.shctdb.attach.002.shctdb.attach.003.shctdb.ban.001.shctdb.ban.002.shctdb.ban.003.shctdb.catdb.001.shctdb.catdb.002.shctdb.cattdb.001.shctdb.cattdb.002.shctdb.continue.001.shctdb.continue.002.shctdb.continue.003.shctdb.deletekey.001.shctdb.disable.001.shctdb.disable.002.shctdb.disable.003.shctdb.disable.004.shctdb.enable.001.shctdb.enable.002.shctdb.enable.003.shctdb.getcapabilities.001.shctdb.getcapabilities.002.shctdb.getcapabilities.003.shctdb.getcapabilities.004.shctdb.getdbmap.001.shctdb.getdbseqnum.001.shctdb.getdbseqnum.002.shctdb.getdbstatus.001.shctdb.getdbstatus.002.shctdb.getpid.001.shctdb.getreclock.001.shctdb.getreclock.002.shctdb.getvar.001.shctdb.getvar.002.shctdb.ifaces.001.shctdb.ip.001.shctdb.ip.002.shctdb.ip.003.shctdb.ip.004.shctdb.ip.005.shctdb.ip.006.shctdb.ip.007.shctdb.ipinfo.001.shctdb.ipinfo.002.shctdb.ipinfo.003.shctdb.listnodes.001.shctdb.listnodes.002.shctdb.listvars.001.shctdb.lvs.001.shctdb.lvs.002.shctdb.lvs.003.shctdb.lvs.004.shctdb.lvs.005.shctdb.lvs.006.shctdb.lvs.007.shctdb.lvs.008.shctdb.natgw.001.shctdb.natgw.002.shctdb.natgw.003.shctdb.natgw.004.shctdb.natgw.005.shctdb.natgw.006.shctdb.natgw.007.shctdb.natgw.008.shctdb.nodestatus.001.shctdb.nodestatus.002.shctdb.nodestatus.003.shctdb.nodestatus.004.shctdb.nodestatus.005.shctdb.nodestatus.006.shctdb.pdelete.001.shctdb.ping.001.shctdb.pnn.001.shctdb.process-exists.001.shctdb.process-exists.002.shctdb.process-exists.003.shctdb.pstore.001.shctdb.ptrans.001.shctdb.readkey.001.shctdb.recmaster.001.shctdb.recmaster.002.shctdb.recover.001.shctdb.reloadnodes.001.shctdb.reloadnodes.002.shctdb.reloadnodes.003.shctdb.reloadnodes.011.shctdb.reloadnodes.012.shctdb.reloadnodes.013.shctdb.reloadnodes.014.shctdb.reloadnodes.015.shctdb.reloadnodes.016.shctdb.reloadnodes.017.shctdb.reloadnodes.018.shctdb.reloadnodes.019.shctdb.reloadnodes.020.shctdb.reloadnodes.021.shctdb.reloadnodes.023.shctdb.reloadnodes.024.shctdb.runstate.001.shctdb.runstate.002.shctdb.runstate.003.shctdb.runstate.004.shctdb.runstate.005.shctdb.setdbreadonly.001.shctdb.setdbreadonly.002.shctdb.setdbreadonly.003.shctdb.setdbreadonly.004.shctdb.setdbreadonly.005.shctdb.setdbsticky.001.shctdb.setdbsticky.002.shctdb.setdbsticky.003.shctdb.setdbsticky.004.shctdb.setdbsticky.005.shctdb.setdebug.001.shctdb.setdebug.002.shctdb.setdebug.003.shctdb.setifacelink.001.shctdb.setifacelink.002.shctdb.setvar.001.shctdb.setvar.002.shctdb.status.001.shctdb.status.002.shctdb.stop.001.shctdb.stop.002.shctdb.stop.003.shctdb.unban.001.shctdb.unban.002.shctdb.unban.003.shctdb.uptime.001.shctdb.writekey.001.shscriptslocal.sh/usr/lib//usr/lib/ctdb//usr/lib/ctdb/tests//usr/share//usr/share/ctdb//usr/share/ctdb/tests//usr/share/ctdb/tests/complex//usr/share/ctdb/tests/complex/scripts//usr/share/ctdb/tests/cunit//usr/share/ctdb/tests/etc-ctdb//usr/share/ctdb/tests/etc-ctdb/events//usr/share/ctdb/tests/etc-ctdb/events/legacy//usr/share/ctdb/tests/eventd//usr/share/ctdb/tests/eventd/etc-ctdb//usr/share/ctdb/tests/eventd/etc-ctdb/events//usr/share/ctdb/tests/eventd/etc-ctdb/events/data//usr/share/ctdb/tests/eventd/etc-ctdb/events/empty//usr/share/ctdb/tests/eventd/etc-ctdb/events/multi//usr/share/ctdb/tests/eventd/etc-ctdb/events/random//usr/share/ctdb/tests/eventd/etc-ctdb/share//usr/share/ctdb/tests/eventd/etc-ctdb/share/events//usr/share/ctdb/tests/eventd/etc-ctdb/share/events/data//usr/share/ctdb/tests/eventd/etc-ctdb/share/events/empty//usr/share/ctdb/tests/eventd/etc-ctdb/share/events/random//usr/share/ctdb/tests/eventd/scripts//usr/share/ctdb/tests/eventscripts//usr/share/ctdb/tests/eventscripts/etc-ctdb//usr/share/ctdb/tests/eventscripts/etc//usr/share/ctdb/tests/eventscripts/etc/init.d//usr/share/ctdb/tests/eventscripts/etc/samba//usr/share/ctdb/tests/eventscripts/etc/sysconfig//usr/share/ctdb/tests/eventscripts/scripts//usr/share/ctdb/tests/eventscripts/stubs//usr/share/ctdb/tests/onnode//usr/share/ctdb/tests/onnode/etc-ctdb//usr/share/ctdb/tests/onnode/scripts//usr/share/ctdb/tests/onnode/stubs//usr/share/ctdb/tests/scripts//usr/share/ctdb/tests/shellcheck//usr/share/ctdb/tests/shellcheck/scripts//usr/share/ctdb/tests/simple//usr/share/ctdb/tests/simple/scripts//usr/share/ctdb/tests/takeover//usr/share/ctdb/tests/takeover/scripts//usr/share/ctdb/tests/takeover_helper//usr/share/ctdb/tests/takeover_helper/scripts//usr/share/ctdb/tests/tool//usr/share/ctdb/tests/tool/scripts/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:17313/openSUSE_Leap_15.2_Update_ports/9f65dcd956be9fb53589b08a6fb8c740-samba.openSUSE_Leap_15.2_Updatedrpmxz5armv7hl-suse-linux  !"#$%&'()*+,-./0111111111111111122333333333333333333333333333333333333322332233333233323323333333333333333333333333332333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333222332222222222222222222333333333333333333333333333333333333333333333333333333322332221233333323111111111114111111111111111111111111111111111111111222233333333333333333333333333333333323333333333333333333333333333333333333322333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333332directoryELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=c7fe1415b58f0ec82ea74998b262083eb6be6484, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=14dd1917305a0a179c54a58d854887ab5567340e, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=084f68701e06aa32035d0bb6a5c93a57cafb5479, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=d3ecc63ee119410c48c0effd00b8174c86a3c023, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=d7b35556270e34280ea07ed84604804ce8a7403e, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=82c6614d3fb2960c563e7743dea945b086ede5d5, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=bf4ca2c3476b3aa855077ffef615fea94999391f, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=7d7ccf630b50b84e850de2809cb76cb1bb5e4e23, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=f41310fb6b177c479d82122ff8677b8ae0a6fd84, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=7935cb9d75a0e0b66b38777ebc30b4485ecf11d1, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=1e698b1b6adae49aef8a514a514f6e8eccf38202, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=c58761fb101621a643adc9b455db57f2c6c9febf, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=f7c4dccb76349aa40465e147aa4a5908d4156f63, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=59f27dbe421bafe07c59f0523413a8b1e92dcf31, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=4edf7a3b186fb34c7610cc7a553756bdf159ffc1, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=129aba84fc308082875e49ece932757779a1fe55, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=3561b5101126a1a00c30e661f8beffa8129440e2, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=505ba2b269b7bad96a086c947704fac1bbad92ca, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=5770e2a51dbe53a0f19495c5ef346bd95f6614a9, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=30c6a65a2f8303d6df881e7ba7ec354596d8b926, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=41deb7cf11aee590ce2bfc48266ceaf610c2b8ef, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=90ecf87cf1f1df4fb209114f5d58e49ea4b05d44, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=e541d3dfe9a85103fafe91b5dd366860c74d6991, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=77a50687a7ff98935f7e97e02a9a2d9f12e4cde2, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=7d632039bfc763f5646ef0f34bac0189d6191986, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=3a9f2697a91f49ca87cce3d53278cd690ddc42a6, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=f2842cd7238902f6b2d04f771d8bd08564e027e7, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=14e3a7b88fa4357846c98b17f56d641a77725830, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=ba44385eed7b2ed1626542e0167b52c33f8f6be5, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=ce6f92fc35876ca955054a5cdd35400338537988, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=4ace32eea100b93f65f4da9d377dd9d56dc98c91, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=4cbfa0d8db1fe0a8fe2f3432a23a84b83b5c3a54, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=c4e01ceeb4c4a232c4ba727d3a158f9f806decef, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=eb0bb08d669039b6dbce71bb41b2ab0f05aad96c, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=c5d3d3f959f999bda187233af0d8b939da4ebf88, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=64b7e98304d16caddde501b224ca2cceedf63d12, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=4d8fcbdd62facbbf7cb747aaf6a9654f27b7c1e6, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=667568d0f6efbd7d06849881074f024e720f1fbf, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=447223a44875b3e1f381b17f077ba0531c064787, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=6524cdabe932d08531b0a4735bce2ea6e63e6e60, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=db4536b7c27e05e24b470bc6d097337a259d6bdb, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=140f17b9f8463d323809a7c8804c55a49b15ccd5, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=45a37f643e904149227c7c5123bf1fa2b5d06b6a, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=c4392407546d6c898ac90746da8ee1f854d323a0, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=e50565f466ef8e5003c02651cb72a19607db5b27, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=efd43cde3d6a3bef8b51698de2820d3e7660117e, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=c528ffadf844a092a96610f60bc0b1a11251617b, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=69b515eefdd727e7a4a4d1dd5005e63c873c14c1, for GNU/Linux 3.2.0, strippedBourne-Again shell script, ASCII text executableASCII textPOSIX shell script, ASCII text executableBourne-Again shell script, ASCII text executable, with very long lines2I^w 3Vy5X{1Poy0Sv      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./01234 #&########  #####RRR#RR'R%R&R(RRR R RR RRR"RRRR RR R$RRRRR#RRR RR%R'R&R(R RRRR"RRRR R$RRRRR#RRR RR%R'R&R(R RRRR"RRRR R$RRRR#RRR RR%R'R&R(R RRRR"RRR R$RRRRRRR#R'R%R&R(RRR RR RRR"RRRRR R$RRRRR RRRRRR(RRRR R$RRRRRRRRRRRRRRR#R*RRR&R(RRRRRR RR RR"RRRRRR)RR RR R$RRRR#RRR RR%R'R&R(R RRRRR"RRRR R$RRRRRR#R*RRR&R(RRRRR!RRRR R RRRRR"RRRR)RR RR R$RRRRRRRRRRRRRRRRRR#RR RRR%R'R&R(R RRRR"RRR R$RRRRR*RR#RR'R%R&R(RRRR!R RRR RR RR RRR"RRRRRR)RR RR R$RRRRRR#R*RRR&R(RRRRR!RRRR R RRRRR"RRRR)RR RR R$RRRRRR#R*RRR&R(RRRRR!RRRR R RRRRR"RRRR)RR RR R$RRRRRR#R*RRR&R(RRRRR!RRRR R RRRRR"RRRR)RR RR R$RRRRRR#R*RRR&R(RRRRR!RRRR R RRRRR"RRRR)RR RR R$RRRRRR#R*RRR&R(RRRRR!RRRR R RRRRR"RRRR)RR RR R$RRRRRR#R*RRR&R(RRRRR!RRRR R RRRRR"RRRR)RR RR R$RRRRRRR#R'R%R&R(RRR RR RRR"RRRRR R$RRRR#RRRR RR%R'R&R(R RRRR"RRRR R$RRRRRR#R*RRR&R(RRRRR!RRRR R RRRRR"RRRR)RR RR R$RRRRRR#R*RRR&R(RRRRR!RRRR R RRRRR"RRRR)RR RR R$RRRRRRR#R'R%R&R(RR RR RRR"RRRR R$RRRR#RRR RR%R'R&R(R RRRR"RRR R$RRRR#RRR RR%R'R&R(R RRRR"RRR R$RRRRRR RRRR RRRRR R RRRRRRRRRRRRR#R*RRR&R(RRRRRRR R RRRR"RRRR)RR RR R$RRRRR#R*RRR&R(RRRRRRR R RRRR"RRRR)RR RR R$RRRRR#R*RRR&R(RRRRRRR R RRRR"RRRR)RR RR R$RRRRR#R*RRR&R(RRRRRRR R RRRR"RRRR)RR RR R$RRRRR#R*RRR&R(RRRRRR RR RRRR"RRRR)RR RR R$RRRRRRRRRRRRRRRRRRRRRRRRRR#R'R%R&R(RRRR RRR RRR"RRRRRR R$RRRR#RRRR RR%R'R&R(R RRRRR"RRRRR R$RRRRRRRRRRRR*RR#RRRR RRRR R'R%R&R(RRR"RRRRRR)RR R$RRRRRR#RRRR RRRR RR'R%R&R(RR"RRRRRR R$RRRR#RRR RR%R'R&R(R RRRRRR"RRRR R$RRRRR#R*RRR&R(RRRRRR RR RRRR"RRRR)RR RR R$RRRRRR#R*RRR&R(RRRRR!RRRR R RRRRR"RRRR)RR RR R$RRRRRR#R*RRR&R(RRRRR!RRRR R RRRRR"RRRR)RR RR R$RRRRRR#R*RRR&R(RRRRR!RRRR R RRRRR"RRRR)RR RR R$RRRRRR#R*RRR&R(RRRRR!RRRR R RRRRR"RRRR)RR RR R$RRRRRR#R*RRR&R(RRRRR!RRRR R RRRRR"RRRR)RR RR R$RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR{,Z*+(:utf-8dd4427bfbaa323afc537cdeff84cd1ee8a4c2227f53e4ca2713139a1b24d8505? 7zXZ !t/ϻF]"k%U ,}\3S}0aPI0S<v&V6Xm'Be`8bp ҪI(G2,[ۗUBӵI'jDLCv˙F땾*sJˢC(]9XN"QAų@Қ򝴔 _K|~<[㬎ٯ(VIq^惌ZƫzBuyإwك5Adž+Df ]#6!kH ^|31 *8i( dND _SkAΏ񻰾0u=BD}] R{agIm=#%X{]E.VaND@CF,z{p3m\N4p'`4oBTh6D:O(oVSPZ^q[bDݕ,dyRxLA];&GLn8T*SW@_abrƃ=qOXhg[@VP1ZPϑh&U=c@.ɽ〞[y3ǁ'`HtEnħ&h*h mHL  TI[o_^2x3A\닆欹=kf)wf%(j:.'TM G`, #B#DӸ I'\ٜ"a:(2:|<8`e(0gcЮn9̀"S6X A+w/ &?S{}ںCcO mut%9jp(|O fTQ\)?{pT)# 8ҽLgFRސxȺ%sa׉>79:! JqrLj4 (hAj3i,iMXL |Q0,PJ3)ɀ36jiV/P6eT*%_0G}!n M˧MF ݩ݅! =_? \C|[pEm[s+M-?؎o.\[m$B1y JzB^*x;t&TcGQexۤ[&L²oՑ` ԪS}l|!Fj{,==Nu5/MdZZucE:[\Ne2dl){ݎ#?]IE#ؙT@?N[OS`5q->~^*zywO43 C${LYF3rۈ1Xv@w1c q6+RlGݙ\aY )T4 2NHƅi!{ ZϜЧ}C#i7P {]j)^!}BE˕U{6;`~Ī1*m8cwcȗxJH 8k}e)w3&5Oj=B]\m$][\Zx`6[HX@΄g9B1"!A Z W <2xjfþ¡RoRɼX=g`m2& ;2 JmhOaTm,^@yVh z;)6qZy+<ɥNOٲגT/Se:m Bhĸl n7;O 6h!ۧqr Lh`$`<70ɭNXVʐj@Y1v|IH]w:K=K~xYKhr|_wd [*L %b 辰P dh]pӖ}*+Q0?چfýܱU5< m:`f d e e9%gL6{\qSdZ, Uhrl+7?w=q%z}^PzYe-0 Daհ r*v_C5ܒ%n1x9\dm8|xF ]T)8W:3ό *"b|&ip)w_;oE2J:g `Iƹv7'-reRCf,\JS #pHe~䲆-cF&xW ؉n764ЀB=,`;DW(*bB@ s2nz BYF"BC0Դ!žPLl/Oޟ:֝us38t! WT:zh:!neh,z~0ZoN-If]}org,Yz4xL]%zY#)xn)҄?;f0 d;œ|^mˋ.-w XrvHeʕw+/1ȟQ ޗI>j<|H,gX72,'M|y.2 9}< !ms q=/#m'8)WU G]pW@F^M4#bcdS3 ;)3T#ӟųЯ,x8U1 Vz͑]OCԭ`tStfGĆNeDɺ|j,&0P)NErx% _ sRo#7'e=0QLV۽2_\=(`eJUq1lT;8{ c 1QO n@(- xs 9d~ޑ BB}LtoCі)T/:{ !#bTIEkS$$96m1cjǼM>VGA - GM% p1A&9I ^|>Bs?yy)L gc$5Y|j#K2y ܱ ާɧ !h^!R91 Gl }EVk3KWkKoWe@+1Ǘ<%}MH@5*!Gb(F]I3d]#V)#T^piʧ.b,$`>\i5>J`h?QR]+poc ^ś/;`'L\N+C[IՑqq-ݥBٔyȦ~-ޞJdL&1v2&%$/51K{#@7oս7[_}>S&C-q@m*>DieRO1c3a.qB n"A4q0o( z7c=ɦ ola=2TJqbM.u.!0] E\zgR2#ՆFIpQ֔:W09GֱbOX'?LŢC-FtFĚuyk#62|ShSТxi "bda_Aq1)0 EP sE-Bm(K2l ) 2szє_ ._kym4g[ ]4vڙMiHgTohQ$2\q@?aĊ>%jX@ލi(:5S[ɥݜ<%@jC; 0AVs ɟT 9 Cz+USl7Zђ"ϫzTzOfsr r w}M/~h\ F1!,>~U|dM7r%=2sEf4\QFȷpʌ]mِsTbaԓͺRXI*vuUw0q'qM+d,v Lh74/v g>n^8 qxAXFzQLЮoe+NPDMh%Hެtqm$H]@ sM8l)8ZU&H은ckaX8j']&]җ"w}LIJeȬ<0ÒwSr<{8G3>k;>1Si@06{Q>ъ 21a{{Y];y@RJKZ#WΥmp`bCPTPł vesjeW4V0՚V`Y T1I7NDCre!\<8gLtw?}{ScHn8gL'mXz!Ifl6fGRp2ٮIMCw.]79gcqqW&+~Wn|ae_R pƸT85/D%e:a5l-'jͣ#@|> zʣ~*gFi;T4h e\`R2㍴d͖~M r74j0'1 -|ݔ#]#5ԫ#φ{Nw{&ZoS|v_FY(&Ԅ*D\D@YFܸ|AG.ha"h Vb {s򠝵d&sc8qaZڒP8fwW;#Qt^nddV֏v?d0C[>ؗyPαurtwc<u;lӵH ̰5~#uB&2 Fv|c( Faz,_>{@tˏ ̟oׄ  Dv<zG<̀|㫀7"|DG3OS 'bUڴX/[=l N@hرyNf?Jk%"`% -Hj>\͛9P!0<%9.e>1v-g>T)"mѽB :W.oAOf/Q>(K2B_lpN Y+Ɓz.]է; @-o%a(\Ybw9*4i`3ǞՏnʍ 0DaZ80TЛ"LL>+ $W()oO3GGB njJ`;nۚW |i>\ZJ UZE|@ Ph|*gPle&&.lWn"8012r5}ؕ.n3$C@ޖH֐c;wn Tj \ *ЉrqvB8=f[iAFo55G9x@ׯCA_5a]r6q͠Eg UKڿ4`K1 Q\Q1}.{C26_j&5цIUi4es6$o4` b4*@\xǘQD)$p]vڦ)5b7Kn<\6fUc1oE_{q-gmU|dUU;?C H g ׋wUoF()tBX>_"!WHPi1&9=#9 aN xVe Bʤa)8Å`\@ ~ez2wFΜY^)i4m !*8#ee6rY{A0Y@Do+V%dOnԯSæCBiC-&ch=뾙L4U<\ nI+i9G@H9=6& O1HT8A<¿3nOK?h [e2rS#]V1:`jlg`]O5_,-AEؕ_uaý}Q?6H{눕ɏ뜟)^ (cLDÑ-LB [;&~fY N(k׶`혴ODWY+dPC*(~ *bj,NeP0Hn>Q~,~H|+nx??gm<-YC_PXk></1VfR.9WdJE9zr>pEG kcGfVՀiWsܘ:gr죝 \-H$;- G5X?٨ mRt<%?o+? =afSSMbU@HS.lɴePc[e^vYSb,@RBksDZz< Fjdw44ReI%^#%cA45iz1lgPҗFft#$3/Vf db^͂1t?y| 3u+cLD#ŲiiEy%5q{ Fa/}~O@vpsLNe?EõG \/_ ݅IW >7Mj@w-#{\aA|޿SZ ,tJst cgCzKXlf ^ekL +$} $>VTA*Pv(W$2*3j/BlpA/$ЪuPO2t{']/8V̲ů4?ڟ6R #ˠ9Y{ !^NsQ7 ^knӕ@AaR^wjՏ.B;Ry^ !vUDЛ_&q% "kU;muGzw|#CX!tkϊ5%0LJCSAEUL.~bϦu*~s2CQ6ԿAReHO5ճoe,+庼ȥ m-46d wEIht w%CzyKZğn)ҍnvߓǮBd,숊ٷ}~6mnⴋ* RB )yW0 P$^V5}&dc8=6_bef)85ȵy$t1D0f_!ǂ 8|դj`iW!M!;J%X+{MU}WO͙9 m1P s=ٲ`Ml1k1t5[ay]\5')NuIA/*ױr}ґ6# |o=Ѿc;dU~Q$*OTSԤ_QGu8T {t'cHpE)5C 5r[VAwn'$Lm(yu{}M!δK/( FBJfX?b{  K",;E|yPR"Sh%`Hnak]^,tSi QX] ( tq@%fyd_͕7:pbym+=KMc* j]u84 LQ v#aGsY ;ck ҁ8O7):C&fiVI?,\ՄzF` aKhL|H*yY t*B߮o仪ИYfyk'Tckkl,J:q%Zo!NllmqCbS}pH?Cpk ƛu57HG?3<.d4n$GA=".22 *Xx>8\EpREˢSR(H {i^9оCvD輭u'y9V#{2B64crH1>,)cSm=lcUUǡֵUmzCa`#J,ݠmD~,pff1o+]~Ml<֔4]bQ[mr?c" `Q6iY{$dK(ـ㦢m(!?O>DtnRHǢJ+{s)!rp%;޻/M-$h5wAxJU| J4 }qՁg'.0+-vڗ3/gk!1lm|E s2wWHyGώVVeǺ/*Lʆ./Hzfs 1x5%.K{7Zf_'pOBtCcFe߼mjQ'Qp^猬T̪j\BjPUB7@rmу< |4fbU.UOM> BaAA!Ř6 O戞~̟ o}m$F p' \;+sY3{j|og=pipuo4f)4-JP׉iGP_뉇ә\ qf`.;qs/qu-nSՆoه h0"7xo6Z[V g%l~QLY͋toYq$u#z[֙-X(,=M( H{OcZ7tm.0 4)5h"\9wߵܧAgĺK!:Ȕ]`՗7mL kKEdvv,{H=1x\^/׈&VI, t[ϯc]>l%dkv!tM-Y8&ispw -Lu\ͅWLIE 餢+u&cBҶ:!0of9acI%Q:ɽbb{{Ssa. eMev#^䴨=i^4f&r7fb.$عbu<T\dT'P so.fѐ2㳐qvIkʚЂɾZuy>> ~ܳTƉ÷@?ݏdQ&`_l_b Tb4M\149+Vg}ؚEAϑiX}EMФC1xyAPPG`j4XߪUu&$S|5( 8Jk,~|1LZ1(b#tm /g^[Td]Nh?IY&@``CUlwcRR}[E<ɗjAQFcr.v`5GoH o i%thR8MAn5 3}è{p.㟎~a[y2yQI}}ĀpE뒄N,C 53s׀Mmr}0hP:|:>\p~3 ,ckiH㍌ ].PZ;mqqAo3*5gVvӭup* {a̫C akPZ>@o"h  l/e1cq;ԓ]\fe[RjB'Yߊf=V@&Zrz}FFB 5h |?էkPsI LD-1<8I I=V/YY3'ҋ_d‡ŌLH(ɼAL=BVt(6VrBL OB5pc=I> cL'J=}- wP+70=N# "g{L ۳SmqxE\Vb~&|1Y$d ޶qh~QVen d>4ӯ)K=ڱx7AD Y-t0Ϗ}+Y!ہɦ.n!qz@%k D*:f*#F&i6KE^ cPJ0 t?SIpfrk`o `6둭Yrk =#Z^7,Yqu[,#K}5~Eu-g[JqkXX#*_Oz%)s:4 '⹁ShaДgc_ݽPlo>nzFCxdp6)rn{xcWY/ td^r/iCyqBiC(_m`/Vx_=2!Y :T]t*⌎ANOE-c@1Σ&O(o$!;puu 4cy+uNF[/\g! 1J8 vuOR 3eJ |*YXg7Yv>$V5o?h]Y_0Ϋؐ׶ pk gW:eE4~^x.1ROn~D"$ѕjB.tCl.A P @cE͞i@Ʉi0[>qwChzi\LL:笉wh%+q~gԌ}^T?a&< P?a?׻QoVz%#[sgޙZeuA8 ƌ貈\ ,C4T.6~u޶idl2{za!x%-fno@i&J]1d.đ<*\h; -CHC3 l <5e9kl:2 q52Rȥ. !&q;퀐;.8,CZE\!vhJM' voI14|Və3aqc#8$2YqӖ? tYvg;Cw\>qH%g%ɖi|LEYfC~[fKBWHP.C߯sV4(@DX0%l`2byw6v|UyO\D̝_´x(O;`}61΄/W}U屦ل5a<)9{F8 *].j)ԫTď$킆.0,L:nP>7,F½`jy:G(ŪQ `8}?u no! #d8͡)n<44 &K& D~WrwI0t q_ |ID{gb`q&J&:3.{|)FJb/jxE7T 6<|:2)x;R8߻vZy< H]X,:zE X% 3jg9~q(@o()l>x!4n66AH<{ߕD:>}&ܜ8)+aonݝAٝr~NͦZ]gc]ށ9' D?-djTbzECrT|ɿD;|5Iƈ tUf=n Ĩu7AZ-+1?j;$ 5Gfy֩Kg5ՏꪌަZs]rq]y@y76} g6|2 L uc}0 Еl zjDoH.z ~Nbdj \t׵٘iT#eɒ\'SPǃ@u}X8h9XgN`K7fpcs$ڪ̵g1B{=o'.F5gHs\zVJ]983{Bm!l\_#ぎ!op>x}6~Ҝ:wPmHS?4L\|<ǡ& WdY@RB)%-#*Y j,(K'=Pcvۼc:=HoV0&e9ۺ,z" Ro }Dܺ: Wcj Q1 xomz7klϊRAN-3mGpB!oH@ eG(B2ܷny!;+ȎcO?C#0|34|zmje˲ևeTdJ0W{^@A]}E*7QфBvuDCQۃi<+OnNfC_ liʘdl17O;odFdyʙ%H~g3ATL1r* 6_/JА/HEuZ&5}M"i^Lŀ@?0_DM_MrM̮ 8~P} G!}c3t<4؄njd vV$exFNR+/f2R j;ނ0cigx|t&> {_ v@]w.[->8ib.IRx@0R {;k5QY=1XPEL}GK>E۰ 8fua!W?oC{{ >o;~֬: o "Ĉw-_"``W9GgDٜ,:QUQlEiG])-|YǀVqܸ.+ rX<dHA|mѨtf_@*s\ƶ΀^i $3^Y`pӑ,WeF3 Æ 01#(%)Y:ޙ4IT#%1jHqQ@a.͘{y}bkQTh/aC}{K!Am&=-ddC*vs:y=|EIEIa/<-S!*H1w&h5ڎ6$u0,-#8$.LvBM #%p8a/'w׳,bȎ]7rygz=B7 ij]@i 6AkE{DVIY3>PiVhvg7.e|ٸj40 C{Q>}o>si(8T#^^K(b?'dµ,s Nl(wF!mg`1ѠWY:ڿt$lDSI5+]"&[ԭsMbMip#ưSmY#<9@TbA%1_p(*3 r܉oaN%fu' )bqQfVdU ÂZtVzk.`i7m6Poi`D/m 9JwGp2% +B}?mՃh py,C/&=a<_cf7%RvHPJ1.l=͟QiEN ŊMou4w%H`tZXT5 xz@쎧ba%u?6\rR֕ |) qܟy A3 '6kO7+ЖJe~4Ii&ɸziR_@MUNQv́HyA<mA?r)]I{ S"S/H%ڢ": ȚI  Z7BLxħlmpl\=fSE .zv260#.l8hPT赘O DXh>Du;72R2ei& B̥|6œ\Fo%Xxcۆr,86o# $wGDn-&ڧ Y= QleS౼<qKfr]˸/{B jn0a_1[zu8$<(*G>>K3Z/B \rU|`8fK RMđEt RR-rN\2z= NkK#m)Ź6U aY#y[J2&L,C2L˨%;[kptt,/`)]cJ5PGZ,WoS܆NHV'*/;eQV+r4OZ]уv&͛5<ƻ>fw1KX}Hf1P¾yG%0;R YO@q*NDcM1 5aTy ېKKbSROL H=Ok sdozWR3 A24/6)ނgoDAwv"&-4 *B^'0f̍>i x(2 f*G^#-8L^3sJq-OnTA(xrx)>[%Fְ|ۘeC tR"fE\ ȗmRPj5E@bEHZ$#UeH^h(o1x_U X c'6DX/^ &?s<ꚰI.< ?\fʸ.rmm6) ~?OkE~m-%FybS:=ӵR1f[ 6TGwg@&yhx(Ю6s>TtL2sQ3{vܝ{Y{P8w. Jt=NΎغZ^nf(򰄰C{Bt #$<6R\g 2йKVt3Qϧji&]"\k_{C1cW]Qm'Nd?PSQgzd93mO'㉴uqʐC[a$f$ )}TUY)_,D*Fv5O2D ;pVF,B'r9UzgRVjtOC99/ SkqdT }^_ߏZɋmC$춅ajZn#o|L蠓wʄ|"jD7#)e`e`ZCXl@!$/ lFW鴖J2 myΗTRθY L/s-' h)2Q;kZxn4tA$F1fY*MS'48O?Ym|i9V"d[l.sU@#\N.6+Lڸyސ ЧO@͆OVd˞Y:?uh֛var,g$tuw!y(O c^22![L~Au/1f V4'WDQ^nݼPJKѸsrɖy-N@}?K=Isʎ<]VQm׎/U1Cξόصv)x)vD"g4]71VDWf5 h& iY2)`}M t_CR+inN'9o X|$~ =`sYD)$&Gj.?KN@92稝_%܊. l⵮6%;S0PgmoÛ=dQfE(5gE*qdB 3fgZl@zVq)޽?0xL7f,w C*"~ V4'S#]gG +|=Skb̉Q ' m רdD?(Ybϸ7Ѭk<ٺ?\Q3Ĵa&/&9Ԩ؀sPDNu-S_uW%ӫb]b:EET4\t&Gd%'g*RҶ)bTr,L:ao];m9 vw"[*H_ԁFmt\;͓0`<9RGИ3Od^;'0`Bz IQah}{J&ž&Y'c7^ЈV [G1tƮBn]=StVdF ZHr  ȱ"zP ~ z~sz Tk & W /}?@qKИx,]kp% bc?ܳ-|؍DzDyqՔdƞF0?>p:]K[="ג/ 16"@g@ICY֠f׽y֡(If]b6pO@_sIqQMVyZF< w9D8wLCP_+. _uݑDZ1vT9ʪWdî20P||̌}W?}0iE|ۍk%GF DeشCyyJ@I+CDO&=xN̔D"FBV}C1s\FJ/|2Y~uKcÓZ/+*(gt'5@#\ENǝb9wu4zԐ$M5Y>p,.wka_gBR]eoE>Xk.Λb&ZW=+ӅRG1@ZoMG Q*2t-X&(M ˛Z9״+͌E`m܇_?zz7QHx"Sdo ^䚵+쟝vKoU$` pbSDDEZrN;լbTZf@ /9 [{Gnb(klVoFm oGH.ר-E@qF@#6!O1\yR.(gU7&9|x;utmUWzb/2Xɷbh8CLqb ;CݙӶ,pl9 8TDC?2y{C$H y8hۤv$#1w~}U?|Y *pfc'\0Q/3D UC.s*'Hf8E߬Ќ/5õ 7qMa!-)*a;eo{ (`ڨNL<2~xؼqP 4NG7-Rxi°H">|\4}tީWi|Ѡ Ʉ.`JtL){71)М=1:eS#Pd^]Z_($9XJ 88~7(7W{Q}p6&N[ t!KQGjIIFeJCZ990qss}RE?qr+XW b}%(H/*9$A.̵#&Jz8̞ cШ2k?@)Os. C,&vbRTOEp]߲F=?HMtq8 շ{o.V!]1@Dʞ]:aͯy?߃Cݨ $ݯAwcnSڤFP "_0$ez4J F¡GpI3bz u-sԘ)zvVGD7&^q`*t X0B (sV w:oH dHUíܺgYr`6~΍~=NON}JukcK.pDO d "պ7,7f:D zi!7b2vd&yJ E,AٴbU Vej60>}G$$荂­)M0!%3v} (!Q*nUċ:Aw5£ނ]R{ G\LMiL uz5;P٤( dh]c8䒇q)_ob4O ♢Ԥ &+(5T*tJƒlՂ'6GV%5njWPoar +q=? OM1zy/N|bZgM_4VWhp\5N iJ 3IL-~=V)OpFbL~)AޜU66Ҏнh)0qtF4q˄;:d)U=E~ 7(zBȐ4qHZ]%of_(라#%N_;U] GCmhA8^wK2#8L2A_0N{xR_P$׮Ƽ'g[za&9@Ypqʥd ڣdyu@MǢ۹Zgov{]#| |_6$\ ؀1n#TJPEBH[!R%$VC՛Pԡ| SDbR=b˶-U $bM{e5Wi_"}xaI|dž hD4޳ii*, *=R!krjL U8ʐ({5:<%(LC!.= jT )2KK_y+Տ>< C U_e[W %VS*868y)V ї+[rA# !tKps7}u8qS>^JyK0؉ hWI9%TI|]TMk /׆׽Y+'RP@uHc!(ٶʌ!i9}"]b}\%Fk |5qhDT>40Wx{$ i~+OLr;v8^"E׈fpm*9Z2emZf,;q@Y9l8Z vQhܞohoުmh "7v #Tu4"b{wHυ75Aj&뺀I :7]$Ӭ= ɭju&0PYE(%#0 ŏY3AFH})i%\A]mdP 3,0Gn<Im0.gB*y;־|H .+)ϧ@;S|AJ چ9 Br" =Ž:q,öã74ۧoO#;..V;F0Iٲ"h^y*S >~/TX]&* jE(zU켿+FL@G7yk܍0Pic;#Fm| elܦة]F ݨO=B_Kr)Ha2$$]m"-iOsUJ?1I(`} g5l %,IE4C{u)WXvdy\>RBZffNLI'扮Q8wMp ߊ/:co<ۧhRl h*eO`, {r<,]8uǖ?O'-sZo0Fnc@\Fv Fj咙=ЙhOa_d/*uJ˻%Aշqʐ D \t椉ϩƷs:s'~#/fç{R*i }*·MC˪d:(*$?~u@?u ]i{&.[k=Qn $27ǖ%8jx58*?_ zf5%axꪃt][5̀Y%LI pgOPW\[(˼jĞOT8>?^JťP4Z3v9#SvSIbb Tč[F}+͜m ]HNi]n%{ޜny̥5l+!ZІ ›)O}xc`5c밼'YPv(>hC C>2̀SΌDC޴"T7(|BўRbFƤ̙7P**d>A^lf.y8Q V=LJjTxͽRy_l8 GG%NFe\ c3nZc"kyr#z砉< dUC"(,L~a׀h'"J2F:y*q!֜q0L*>66kG0E]$>bɁ᮪^&D d4-2VƄI4ޅ5'](ü0qoQRݟFpF1)>a?v1GWJ9u#ף_#RAH*UR-],qכAYe)?9"oUh߿8%8(iqdqN^Ra3ɞU/}2$85d*<ū *T W1g~ k$ |^G1yƘiJ)Ta8M_rd7٭I0Z|}l ޸7YR85ocmd\',̵Ba4y!I}H_7"I-elOc\o-Z=vӄuv N9a@61;K'd5¤SFQ&Ez䲽1ِ,C%9j^:(qۣ_Fdrt0l/m/ O鼷]V}HS1zZ`sbzbC9X.#LR̬B>b%+9*D#|$rZ#r< œ =t8, Y{ G~421c{8LNcFR#3Yy:|1T;Dr9g !%_C]Whe~2- ֧t;TUepZ2!{W8`ȸ)ç4ľ?qku.Kk8l⭚q0ϗ~0 .so$1Z;Ös*@7ld2K_0BTHaN*~tܭph vPQa 1%cmzMB;Hۊ(ZQW4Q[2α.9Ba2떕"k/)ž(}?Z)u{v2dLjfNy{$]2АtbIf$ s_Np,`6x%L.f_1<;G9ZHŨz- _؈³5%DK+>!&:F4؆R|9A4CNY,]pR(ϩo6kG*hV*ҙfB{DzL.z]lzT=,XMjIWֹp)Cm%JLQD#YjBԫZQy ~IAZ&oKՎe'Hit>1Tu$(SFEvAUXԨWyz6qew: eAuE1sr5\m5yR4mgoZfOE6\j;7ӯ36'``%%H^|ZsƄa>Oooi[A0w.9[(+F,X,!6Dwlo^kPX:VXzt6E%KuS&SyOgYHr*=m9ի$:8dw)H$9_rJEyGK QYd0-FԘ"~Ad g5yi:{ rw>@vj P$ֲo##`ˉ瓣,TD!% K3$[+o&ƃ1Sy-dDKe~RQCSz-ZM[6&1ۙsrj^Hf"i!2"Po*.sFm,IݹP,C_,dxdrc d:x*#QbةszD"=t{l3րի:_$(:*50?k3#q6UE_4u {PDEeXbQ @@ibϱkW iZFXA޵~ _/hhqb烠/E(Ʊc ^u.ײjz,7{q:fMbz8U8w3l4@m5;ft]Oʻ534͖S1Bۅ!|{ Or$0\ *=1,4'ϥ=f]E*q#>q[B6@T80.fֺтĄ__BEXYT Q0~l9L&'?MԌ: "#2"oB|zܶ320X0ЯEM>8r@Ӌ0qrӀ5YGt6d"if)\@q@`|7яj~TS; 3nX~XV@,{؝ w?04N3U|Q1x]1F-\1F9b ~}#t&ZP }$ v@ޣL@_zID̥}ci8t9L eLi?{‘ݔ*A:sy0B'qyo# CUu>:[>2hy #_X'(/ˤA~ b9+"e:.knQe.@ *=:=}.bhTuEJRuā_$2>_73oYc ?.*Ɩ ~;I-+,]w;BV_GXe=#- pp:s:d9b`i`Nd2n|LIڌ9q>:f~axCiNͪpP j qVt^٣g03qwih \ՠU Ǻ0+ź\}eƆ/%b #h =\.2͞GD˙0&[lw$Y/GMmGD%Š0j^\UrTE( ?('@5uk%^^GDM6w1*m0lh-n) A(n}I;(BVr6bͬak䓎g*u$'Iml^P=r[ JVU0I?}K *凉&4q$ÿ7i⫎ 8:j^S,-@ci‰2 F?] a$$t}xa[&XS Uڽ'y(ONI Hr68IBO@d֌(f`i%$o`GIZH_{-0nR\*}kM' zڌa%ن9ĮXPDE-3n&O"Ҏ9QFW V4:+͖[@QQ5rD17"HA0QFvuBT< >ӓۤc\ť6ط#@xET:Y#0\ :b]!vi[YPtV-d: [*ԤA[}xyXl-mg1 k;\_tXW*M=="/|5,fIsR~l5jFq Tf5 쬡EVb.)LЇ\0lWm\3u Ԥv^)./]8X\ٝU9DgSY{hrx 3m*?z7 :8@ElhPUVDVLj3Oнv#N"뎟i2sGZK _!!vB&{/}r&s5_\gKh_6ob+c-~G⯱w@5>~Ѐc]˿VPЧ x20W¯&s0]%1#͌׳M<|>Z|t/7}#ŶTn0a]ܽohŮQTxWʂN> *+>UwE2Ul"?RkrcL#B5鿉w} \Pn>Ɋ;so ӫRBPN1Ved5!qb=zbcd%+ 6CTU$'1qvYFH9uEM P1s=Ip@`/ }SYao  ` y>V"_y[yߒJ<\RJ*;9Zo%YOϔO\v3i+<mGCU1ݥ!jiuZponG_5GRk%765~Ht[3YD(:KvEvFM~!KF3b[n WL(\y߭Nx!ZugD Bxgݛ_֋pd.yMٻS}$2tz~>a\LF&h-VHm=z'ļnŞ.7d2-^rXg&c Mʃ L=4Gv;dh=#JSO縌P\ɚՊ+}1xlY6DŽf.BA}-9T:W2jH&\:*^auhX87% qL{#U ( n,t c61EJ X¥ :?.ȒRlb<NiMrl7z>D6{$^I%O[8T ʸԿ0q`&ó-c` i <0۷@ZCi1kIF ' @C{[MYc?4rkp`9Am#!7JyTO );D~M9Ebn' xQZai::VrQyÆ9N_pᤨx[#5>aT){& &f0ZTZgױϢHkz_0铕S{bSmd ԃ²EEL]ED}k`2o(PzR4אCӔm(#_գ[ ܔ9Ȟ1Fe^F*gAw% W!C"e|oZo&A%K=G~'Tkt<T>W VəS `T)UqӓeQ>x!I*(;^w>ZdFe :CSf?9hHuЭ4sn99уd xatdʩo|dZhb[:6 -k\$G UW}|L"K{*:eW^>B80q# ƷHT0%J;-Z'HWϾe'aQg<3,5{^rzx#>4Oس_ͥ'͓\uمm<&\G#Ad5.v0#ٗgY( 'L_9ѧDKK<}Ov~o*8! :/j'z867}trapVz:)$s f!Hq3/,,]jy`+!5+d[w,] iD:{:>6fz2Am 1.S%;Iry.yj-~Yo+X1 t3[ԇ!#(֞21SekVI_`@֝'c ^ t` lo0 C]xZ0}ް$[I58oxR|,gJsP͆_eӸ*.ߜlZ2nqg16>csrqJJ/ſ[/eDZD'A,wVAM ӝ\qy&D&1y6h*1֓p_h"D%I^ Êa l^/N&46|9z"hc$tmv}E`ulVߘUAM$*$ 4~4Ҙo7+y7BEFt#Ev6L61#MP yL<1b/=lw8-]NrР顉UlFwB(JF,"ΓN 6c. V%BҾ堋$ )hJK T8'E\ԦG3bh/$romVC)QJ"eUṞR'2g 'x.zB>=>Ks]ydd6g0Cg ^mt;T UjFQ0OD bZ~rĘD_] &70nxUm*Ki !9NK[ >[kWt |}\ k1}3'+T;>΄Ծiz "VȔ_lF-+EG2Tn?yǙf+eP9w7p+j)hȊCylҊfSYԠ&ZHXe!卖X%{}Ba@n;IBD5ieY* ܒ7$IRxVh?*-fk4+q{ .Il,؆f\tL ҿNh vZvxZ% SR$pp5?ܺ{km( w ߎ 9nA0bYٜڅGn*/lFy(">|]>n nŘh t T5".;amnȮe!IϺ2jf[Ů:8m.6mz%0yK#g]-$4B׊w Knj - SMRrȩ4TauN.Z XQnS9}֦q(<"nd6g{m̿aN:q.1c -sC$@ [췊# %ɤ:i쩜\bb]r! O>u {yF[Xe 2|]XuJ6w*އ;{1ؿ_"9qSjG't iˍ=Ŷ 7xҐ ԁZĊFnĂܤ N R{!:E,hX閉#UFΔmapnoʹsђj΢;J{r.LE3ݵ^ϊ{JKu7b'+p5֑">=^n9oq4Meuk{BMAMJpxld-L@@x|EuѦ޿LLFQKsgքcl9rG5sY4F's9qp"\YK*:btRkmkbEFY= '՚@6i[vHl呚/ y3!H~7;nh4Cx![f1N&V 놱*zhyIg%dmO+bYOVv7)h%l8ͩHq cAP%!=, 6oԄWZgQ%R#L^@H6Ekj(G\$˓j Fp[JY%A`Y gyȻNݾpM-, Ħ$v^B>_H%m<]Ln8H?V툧0( |uC(f#EU~;N;)Ev -Yat טiʼ ]iV8{(H`r)}ne9&H"ńoCu!V?5a/WT-Pe"tG#,M[PA@<`u+7  ~)3</oPC!Z~ǣ?}3d% c>Ci[0;J/现5]TǾztjN4p.œ~b\Ƕ/u ru!`&ed?%D? /5Ž |U.gh*g;JqX>c>@.hNQޛilt^uDn8ڷ{;0Q)L-|&AVn ^v%@A클Nk&q>[DLXGޠ5E施2UGx$N76{"͏?ٝ~So#i<B޷HD=}f~%ý:x#vV, # 8$-^g8UQ{1Y-QR l#F}Z5aR1qgEUfv=?Df *0UIAS7NxxfDqx} ~ { 6ݲ7oWjԂ3c ',Ex/ mؖ$OMB>ߙ;}l 1h枥]&} [w,2 . yJuŻlY6<&p߹jȏ^jR@-'3STuwqRXF:}kcd<NCZ倉2P?F'4s(6K"g$7UzxvcD\En݁XN6jutW;=/^ng#`hҒINBEn,k07iK^|#rV>U[$v8뼐ܞ l9Py؝MLr*Q$^ &qπ&3b^S@85 t 뾅dS`X0p*oGp5wPr1e4|7q9;Ymfmz!}'Q]|Vp;24a|}DWKF'W#HM)>m׵Vb rYwlYoۅj9? Kvo`{ՠ~I.7%f$Lt:s5p q<꘰SE7D;Ǟu˂Msa{TVm7;a#դ=+RP:,dZt߾^iܥO=ciuPܒ ]e [/7EEK?],0hɀ6vşi}$ ?.*s 1d(n9LnOvVuM'<ˬ*ڼK3%WԮ2T6NQ|Mj;²2][9b }^̮I֩S$N͆zQd#gIRrt ׉n۳3<*scxHJQA7<\ }! oYŐ;0VPC*p<2Hj]x j6ilQP%wخHَ1ăVUœn5y DQpoڤ ,f>k64%Q3$*]#KBLYbzqm6xB8 *+DV{^~`>Rɚ]gsrWjrJt5ov{"07:dwKw ?1nK/`gUn|>Jݪ&%k6^)?u7-1fHǁ-$f"`Q'L6C@9Hp`0P P&J3[m^H[L{{ߚ]uuapSPjפC%Ӄ:b,>X{S>kSpt7F K'8!57(~M&PU;^Ԫ*A莂F`2) & -+w+"vBXwӅw}Nm_D"qHM^ɗ5?IbvP~m>oFU6M]T~Y,}Y<Ɋc%pG?N^.1P:qHH .N|Z#x\2'CVXi"KX=o[$ 83zR SO-tFJK:~S!f{e-lf0}|xǽ;3smWMi\> .շwuJPHt 0F7 ۨ0>-q/XK\W0mblԢEvԅ Pm}^Gbs( G*UbUےժnוdT̯S@`]꽵D(͍jZf4\ @kBЏDx96g׵*VpuUt(G{)PQ*[ˑdM:ݮa3y]x# 73;WyKjs}&>tУu!?`dhZruWDpsa5$.!fzbab[&LhAdž-`+x eM2h-V13"Y@b qdԺ1cÑ{E\ʌmR*t[HtZ j5ڒn! *6\'k>xȟj45RG]K9fI=26AO[SY 6%xT@\{ =>q/C4)P12/zMHLMݯ|DpY4zaPUa/ ע`]237vI?\YIRL&Mʌ6 9 v+z|~|)#vz2,۬wH,肹Y5b"2Vifv_U! s] rvQJla?f>:,!̢d"W;9{Aw!*jJCQ5+Nӄ~T<%%:Vy*"/֠# aN:4(ZzQm:;9I,)K_Yt+^aRny<I$K'6Rj9ҮT=D)+ֈ+ $u =FD Xu(:/9H?!|}HyE?C+CQc34o|}EdE>4¢p^{Sct} dӇ˦՗z3"1؞Aڧ=H/~w8;G$fԬσh=zV%zONjwre͊, JO.\N@GxF+IwQkX'5G͢'jiMwVַB'Jn`/BWWۍOݟ|P n@ sS^$U+d;KV nwzl7O197!(VlTfhI_' yc Á r췭05_jh0aNiUԢj&@R{tsJz4<8&q'rG]ac 0G`k'ީ~og_'M#lntJ [C"hF=}|9+ 7mfyk|#ODՌ$ ׋6˪ vG ճjXTZ3ጿUW~б} `w V26NڹN&ZWD]VoSuO U@jG1x ,+8f);P}P'o>-_zp6` U?U=F%#+UŃ{Ա ̛ǻRVPS0ؗ5z4o= Nj3B]0oo!ePvEYn]N? 1$ΠiM\$J)Ӿڇ{kxHTmlt[8[}SIGBAq_5x̠FJdLc2u߫ϞɲuIx.AG8Q]Y4+Җ/ŀD2YkM½eO_ҥgim7oH(?r+t9#U)~K`ku‹}DZ63PZētoҏ9p:Qn8g FgS=Ƙ ;1D]$ !D|m7BbvzыU;\C2ΘǫԖn&Kɀ8{'牤O-whǥ;=,w2 +1PP I闎=S\,dQ( XDWx,Y!7ҥIhs%vzܥĻHJ2-`52a[ͪ>u΃t* 7{ȃxxhpB,y Kr0ysFxr ?.Ou}5|e5N>;fzN i•$XK!÷y&?on}^`ae# m)Pƽޡ-yXXhs v.]ay$Ā@KB]cq.'>Jq۶U"*.N2ڀDžfG"O2fCMb9v߀i^"N=B08QD_P ֝hsNJ\U%mm&gujM-0^J`5zٰ,5n*8= `fO#9 MxPԩczE~S-c$xcosR{qB`>8i'\|`E$쵿κe*&4#gv$.45f`iHPk] yFԨq>.ʥ[)QxCA_闇9ݾA+9 l*iF+`h<2 &Rd򽴛cm`at"R ` zy,.{HyƓWIإO]BKXX)e6,rKEs>Nb{ 4 @Zh'}:}&{) 8eKO07tovbg"j[c9_Qx0]RwiYIc\^[e11NSC-U\罂.шߨcVf7@d6tEV7uԯ8eG*ӝy[JJfqN_.xaջ$CK9Mu'quF oG5'iUHyF*)?Fy~/s)ǟ p`]/=@Lwe8wNǫ*!2 $PU.> r]t k\@)[֙4Ɏ[Ғt q.:7Fg%s뚥YMhKcjN䱜& =fo(@NL ]W;zavef<@j6` Uo=rH#@ŃNj徔mZr䜃Rd;M +\{g4߂~$35oJs~V6yuö YZ