python3-apparmor-3.0.4-150500.11.9.1<>,e%p9|Q(ס]r<:znOhߟz%g4@-k}d+Ҭ~F;uf8S`prE#B@\4 @8YIjcR!AUJsX*sS $ϭT]D4Z޲L4,hhFQ>t?dd ' T= SpUU U DU U -U UUU*PU 4"("8#9%:.xFGUHUIXUXY\U]4U^ bcÊd eflu,Uvŀ wUxXUyɬVz`Cpython3-apparmor3.0.4150500.11.9.1Python 3 interface for libapparmor functionsThis package provides the python interface to AppArmor. It is used for python applications interfacing with AppArmor.e%h03-ch2c SUSE Linux Enterprise 15SUSE LLC GPL-2.0-only AND LGPL-2.1-or-laterhttps://www.suse.com/Development/Libraries/Pythonhttps://launchpad.net/apparmorlinuxx86_64/S }((&_g47wJ\90QL ,b2 5,(k#)<Q>p1 @ 6<tq B;?b[&'%Ui $3)E/Px0AA큤A큤A큤A큤AA큤큤A큤eeeeeeb`%eeeeeeeeeeeeeeeeeeeeb`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%eb`%eeeeeeeeeeeeeeb`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%eeeeeeev@eb`%eee103aaf985b7ee6570e8410caefeb8c900d5c46626cac08e13bec6476a4661e2044b2a8c30469873aebfe44bd3909bddbfc178df5078fa7a2a81a1d913c5b569e01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b2cc671fcc9d1ec75313b7eda5bcfb6024a389a90a86027d6a60afc0a06a20e766b7a19cacb0807dedd0ad9b166df085e2d323058172289ba401a19560dd4c64943278942f1939ac5492e15e846b019661e35c62a54411c80857420b6e0053c3fe2014fa7be316b8660de8253e2a37f33b26d131d89dc5cb3c60a96b72f87f09479c99ee85443030093ea9bb6344262746a82f5744dbb27fff8ab94acf4d6559cef9f47cc7c171c4a9b4909c702edb17fef4615041bbe94345448d993fc7a505f95e7e2006197af3c8660f9afa84426b0b9f6201bb59041b48524e0b0884a7e487eff10e4b1d26e36c2f9491794fce4d3c3effd54b11ebe1c247928a34ebf89006293e6b1e3116c6c9a6748f3d348af4308316ce8b8bf35d1a2d2f8653463ce02778cef18bb1206ce11366e37a9199a30d6454a52f52ca38c13067921348b73ad06c37642e6fcec6bf9f73444345b04463fb1908f52295a9fe3e59db866787a82817127f4102f3b08becc2a3269d8885f247c6a9b99f663482008929652f78df04e2a84f789fb7d889933792666836ccf3721ae4e0677e07ebf0b3e2a01b24f24ca5ccde44a784714cdf4fa33d20883335d22c002682f44876a653a5eb333ec9b131d47338b97093a2945a3c79c2aad86022282fa9b7eb76fb7c2bf494ae34d50dff215fb0bbbf5a8438945bb4f1aae8dc8a6c104382fc22841f9da106c658c4f0a7dfe77a1b05bee05eca7d4d2c7076ff3aff6148c41803797b9af21bfca77b390538551a7c3c46a8f1200402b94eaa7195a42d57f45d572880d075271e2d1bbd3418bab341905c0ba825add5cd1a4c009525befbe1fd4871afc04a186a10bfa40de1422ce69a7d59905a7ef3f9fa9cd474e1df5aa858fa99c9a8c181a8ad94b91ec320bb6f29456273036379e6ba0538d2f0d40a9957b93af9262faf020fab6026e7f316b7602597992eda5443ef6838e11dc790065a037ede90b97f49a39d9e87fa4fdae84740fd8c33710c616c9f119e230b57b48e19596d7764a79452afa07768616c2507877627ae91ad58dd98ef1c75598bfa23ed3cb7b52520feda84b1f8511e7aa8329c0343faa417d6f49d11fb2480f56b9d93587d494e73154a7d63443caaea741b1ad32459a870850c37e24b54f2a5cd1d1db195a6186954511155cea99a231b3c8a28382f6d33e4ea8a82253a3720e71e755fdf47a265b0f81a6e48ef1f72d06410e37225968640b28cfceb343074d895a6fa54684173e5b6abc8fd00305283cf4a6b8c3f24214fb6bcd8e3abb985a2544df3c59ba3bb3bf92d98987f49062ec5e62b2e91f36d014f9e2c0663c771b61b730fdbca9fcc6e61a72302bf49f902be3b31381234f7fd7537112dbcf58c669dbc42fa17afdf3720d9b0a0075fd343f00ee9fcc7b7fae09f8f281e808c8f5a050e89759957399a1ed7b0c8bf56e440a4aa90a83677f5285096e97458874fe9c3bdaeb4d2ae40cf502c721203a91f18f498f5ad91ead044f7556942446060726421d7bc3586516ae19f4847069e6d43ed07ff533f4b2259f590d75a5a4b2185efac3cc04d118b60f11a988d7b6032e8f4549737a25ce5b4c3d13d28faecb3d88cf1184908b0c378b3a80beb18dd18ae69aea286f2647ff2c4a74c2eafa270f3ee952bd057b2d3db84624efd350da354948af26e8d7aa73147867e02f53c35d81252500601912473c8e8c47fdc5fefe08e945af99883ee269416abe471aa36c4b650f8d078389f1228e1873154338182919a0e4142575a16a438abda2f8d492701efba4ac1129e8e3259e5863be25bd3db945cf65d7aeec18b43b2b54089eb0a0367c6d30f5d002153f935874779a8d2b84e1d582cbbe163349216193a4fe2722effae7fa54d06d7f95120817bba02a54ade1d6a15da5d8b3f5c75327fdd2a80c6c078f0f78263596c7dce8ce4077b456eb35e64cd6eed5c262028b54af5d16f85faffb43bc428ea1fc4a021ae37487b885ca4c8983bd6bdf5d6f2e00a60c3f08306c9076832b7966ce51e0c4eddcf554959459b23e0a8e2c352b5565da25a908f321eb9e141bc77fbce7cebbecfd995eb39012a844c06c1f26e904de9ea3a0a382383050bbe78341677c525cbb9294840b1807f8fced7657494f0356f2a74423373317256d103d29ed441f65109168e07526aa85d23e56cd76de93f1ac36e7d86e9e05f771f29d1bb4b14ea6f288ac8125172ae1a3e1b74b407957f702dad5e5480df705a785c1aa1592b90cc2182376954585c70aa8bae67f7814e09537c848de84a7c4cfe0566113dab77c29741187249bbff3930127122aa8a9694cd2ad2ad254c2bed67840f837ea51953e6c05d3a104d7e2263adc6296f679dac88e52631c9cf8f86eda441b1f54ad8d16fd0183d6921b50eb58b41610bed9168734bb105c03b4357bb56e9e1d77e9f0d4f5a562ab934418a01c902d327970cb6edcf17c58c94117247cd463d5b4aca05006a3a4fc32599fe6dc4f47d2a668cabe7f9b8b6ae409900c922e8d217840ad79040864987b7523111128252163e639e1eb932ddf161c4c56caecbdbdb922f7815f2f65b80c739f0518dee431ab029e119546ab2af5053b743b3bb4edc383e1eb201c5d5553ebe3b50c91a7d8015e0e48bc30c30e68fb1d7bb9393985eb5be0f096af15dadcf19e4499ae6c2d59d0ded25464e56241c75baf5b94cab456ebd49ac8c240526456014b084005cd7da7f8edea9e7edfa11701b399487623773ab7221a9a936d42d3e1e0061c5057f2a33f95754934a7ce2265b2cb0b16b451085bfbfec18866efde61dfad50c4016b136852dc8b4a4fc1b182a02a3e47d0d951d36561949259c10848b14f2a69e3f9475c1bac12c6f31d9749ce0a81e5a04e2d306b3b115ff3111e4fc204d55bb2b9ed73160684b1d9581350c4984b9c8b3482cf9ebaeb6bc5e77a9d572fb928dba6d4c5db21a47fd6172f7ef698f4a05b18a9475fe3a701c50bfdd4ba5f491ccae4a8c395d56c2f97549930aead3488505701ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546baac39bb57b937e104c1375b745d15e0609ebfb00dbbd14546119699d511cf68056386fa2f5e2de5845ae5e81d7de1f92c452d70ed17dc7c5bed1901d341d618125338a5b63d02343cc8ee55add5c2857938bc28f057ed5a3cec6596fe45c21759f50c49cf90b7050a3c75116ce5e903af13823f0fb7a8e07803af337e4be04c054742f56fd7bd6387cb47f2a6b19110187c9e7af40fd753594287ad0a4cd55ae8fd7ed51da6f34bcb0454bcf123e77211818431d4aa9f10faf4e1fd63642c1d0rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootapparmor-3.0.4-150500.11.9.1.src.rpmpython3-apparmorpython3-apparmor(x86-64)@@@@@@@@@@@@@@@@@@    libapparmor.so.1()(64bit)libapparmor.so.1(APPARMOR_1.0)(64bit)libapparmor.so.1(APPARMOR_1.1)(64bit)libapparmor.so.1(APPARMOR_2.10)(64bit)libapparmor.so.1(APPARMOR_2.11)(64bit)libapparmor.so.1(APPARMOR_2.9)(64bit)libapparmor.so.1(PRIVATE)(64bit)libapparmor1libc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libdl.so.2()(64bit)libm.so.6()(64bit)libpthread.so.0()(64bit)libpython3.6m.so.1.0()(64bit)libutil.so.1()(64bit)python(abi)python(abi)python3rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.43.63.63.0.4-14.6.0-14.0-15.2-14.14.3ev@d@d@c@cbk@bi0@bZbV@bT@bRbBb<]@b@a7aZ@ap@aabaim@aEaaua $@`#@` @````_@`%@`!'`>` @__ǁ_ǁ_Q_h__@_~@_[f_P_-B@_@^m@^@^<@^j$@^,-]҇]o](]K@]]@\\@\ \\v{\I\ include in apache extra profile optional to avoid problems with empty profile directory (boo#1178527)- prepare usrmerge (boo#1029961) * use %_pamdir- update to AppArmor 3.0.1 - minor additions to profiles and abstractions - some bugfixes in libapparmor, apparmor_parser and the aa-* utils - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.1 for the detailed upstream changelog - removed upstream(ed) patches: - changes-since-3.0.0.diff - extra-profiles-fix-Pux.diff - utils-fix-hotkey-conflict.diff- Use apache provided variables for the module_directry: + Use %apache_libexecdir + Add apache-rpm-macros BuildRequires- add utils-fix-hotkey-conflict.diff to fix a hotkey conflict in de, id and sv translations (and fix the test) (MR 675) - add extra-profiles-fix-Pux.diff to fix an inactive profile - prevents a crash in aa-logprof and aa-genprof when creating a new profile (MR 676)- update to AppArmor 3.0.0 - introduce feature abi declaration in profiles to enable use of new rule types (for openSUSE: dbus and unix rules) - support xattr attachment conditionals - experimental support for kill and unconfined profile modes - rewritten aa-status (in C), including support for new profile modes - rewritten aa-notify (in python), finally dropping the perl requirement at runtime - new tool aa-features-abi for extracting feature abis from the kernel - update profiles to have profile names and to use 3.0 feature abi - introduce @{etc_ro} and @{etc_rw} profile variables - new profile for php-fpm - several updates to profiles and abstractions (including boo#1166007) - fully support 'include if exists' in the aa-* tools - rewrite handling of alias, include, link and variable rules in the aa-* tools - rewrite and simplify log handling in the aa-logprof and aa-genprof - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0 for the detailed upstream changelog - patches: - add changes-since-3.0.0.diff with upstream fixes since the 3.0.0 release up to 3e18c0785abc03ee42a022a67a27a085516a7921 - drop upstreamed usr-etc-abstractions-base-nameservice.diff - drop 2.13-only libapparmor-so-number.diff - refresh apparmor-enable-profile-cache.diff - partially upstreamed - update apparmor-samba-include-permissions-for-shares.diff and apparmor-lessopen-profile.patch - switch to "include if exists" - apparmor-lessopen-profile.patch: add abi rule to lessopen profile - refresh apparmor-lessopen-nfs-workaround.diff - move away very loose apache profile that doesn't even match the apache2 binary path in openSUSE to avoid confusion (boo#872984) - move rewritten aa-status from utils to parser subpackage - add aa-features-abi to parser subpackage - replace perl and libnotify-tools requires with requiring python3-notify2 and python3-psutil (needed by the rewritten aa-notify) - drop ancient cleanup for /etc/init.d/subdomain from parser %pre - drop (never enabled) conditionals to build with python2 and to build the python-apparmor subpackage (upstream dropped python2 support) - drop setting PYTHON and PYTHON_VERSIONS env variable, no longer needed - set PYFLAKES path for utils check - add precompiled_cache build conditional to allow faster local builds without using kvm - remove duplicated BuildRequires: swig- update to AppArmor 2.13.5 - add missing permissions to several profiles and abstractions - bugfixes in parser and tools - fix two potential build failures in libapparmor - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_2.13.5 for the detailed upstream changelog - remove upstream(ed) patches - changes-since-2.13.4.diff - abstractions-X-xauth-mr582.diff - sevdb-caps-mr589.diff - libvirt-leaseshelper.patch - cap_checkpoint_restore.diff - add libapparmor-so-number.diff to fix libapparmor so version (!658)- add CAP_CHECKPOINT_RESTORE to severity.db (MR 656, cap_checkpoint_restore.diff)- %service_del_postun_without_restart only works for Tumbleweed, keep using DISABLE_RESTART_ON_UPDATE for Leap 15.x- Make use of %service_del_postun_without_restart And stop using DISABLE_RESTART_ON_UPDATE as this interface is obsolete.- libvirt-leaseshelper.patch: add /usr/libexec as a path to the libvirt leaseshelper script (jsc#SLE-14253)- sevdb-caps-mr589.diff: add new capabilities CAP_BPF and CAP_PERFMON to severity.db (lp#1890547)- add abstractions-X-xauth-mr582.diff to allow reading the xauth file from its new sddm location (boo#1174290, boo#1174293)- add changes-since-2.13.4.diff with upstream changes and fixes since 2.13.4 up to 5f61bd4c: - add several abstractions related to xdg-open: dbus-network-manager-strict, exo-open, gio-open, gvfs-open, kde-open5, xdg-open - introduce @{run} variable - update dnsmasq and winbindd profile - update mdns, mesa and nameservice abstraction - some bugfixes in the aa-* tools, including a remote bugfix in the YaST AppArmor module (boo#1171315) - drop upstream(ed) patches (now part of changes-since-2.13.4.diff): - make-4.3-capabilities.diff - make-4.3-capabilities-vim.diff - make-4.3-fix-utils-network-test.diff - make-4.3-network.diff - abstractions-add-etc-mdns.allow-to-etc-apparmor.d-abstractions-mdns.patch - apply usr-etc-abstractions-base-nameservice.diff only for Tumbleweed, but not for Leap 15.x where it's not needed - refresh usr-etc-abstractions-base-nameservice.diff- Add abstractions-add-etc-mdns.allow-to-etc-apparmor.d-abstractions-mdns.patch (bsc#1168306)- fix build with make 4.3 by backporting some commits from upstream master (boo#1167953): - make-4.3-capabilities.diff - make-4.3-capabilities-vim.diff - make-4.3-network.diff - make-4.3-fix-utils-network-test.diff- update to AppArmor 2.13.4 - several abstraction updates (including boo#1153162) - disallow writing to fontconfig cache in abstractions/fonts - some bugfixes in the aa-* tools - fix log parsing for logs with an embedded newline - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_2.13.4 for the detailed upstream changelog - drop upstreamed patches: - abstractions-ssl-certbot-paths.diff - apparmor-krb5-conf-d.diff - libapparmor-python3.8.diff - usr-etc-abstractions-authentification.diff - refresh usr-etc-abstractions-base-nameservice.diff- add usr-etc-abstractions-base-nameservice.diff to adjust abstractions/base and nameservice for /usr/etc/ (boo#1161756)- Properly pull in full python3 interpreter- add libapparmor-python3.8.diff to fix building the libapparmor python bindings (deb#943657)- add usr-etc-abstractions-authentification.diff to allow reading /usr/etc/pam.d/* and some other authentification-related files (boo#1153162)- add abstractions-ssl-certbot-paths.diff - add certbot paths to abstractions/ssl_certs and abstractions/ssl_keys- add apparmor-krb5-conf-d.diff for kerberos client- update to 2.13.3 - profile updates for dnsmasq, dovecot, identd, syslog-ng - new "lsb_release" profile (only used when using "Px -> lsb_release") - fix buggy syntax in tunables/share - several abstraction updates - parser: fix "Px -> foo-bar" (the "-" was rejected before) - several bugfixes in aa-genprof and aa-logprof - some fixes in cache handling - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.13.3 for the detailed upstream changelog - drop upstream(ed) patches: - apparmor-nameservice-resolv-conf-link.patch - profile_filename_cornercase.diff - dnsmasq-libvirtd.diff - dnsmasq-revert-alternation.diff - usrmerge-fixes.diff - libapparmor-swig-4.diff - re-number remaining patches- add upstream libapparmor-swig-4.diff: fix libapparmor tests with swig 4.0 (boo#1135751)- Disable LTO (boo#1133091).- update lessopen.sh profile for usrMerge (bash and tar) (boo#1132350)- add usrmerge-fixes.diff: fix test failures when /bin/sh is handled by update-alternatives (boo#1127877)- add dnsmasq-revert-alternation.diff: revert path alternation in dnsmasq profile and re-add peer=/usr/sbin/libvirtd rules to avoid breaking libvirtd (boo#1127073)- add dnsmasq-libvirtd.diff: allow peer=libvirtd in the dnsmasq profile to match the newly added libvirtd profile name (boo#1118952#c3)- Use %license instead of %doc [bsc#1082318]- add apparmor-lessopen-nfs-workaround.diff: allow network access in lessopen.sh for reading files on NFS (workaround for boo#1119937 / lp#1784499)- add profile_filename_cornercase.diff: drop check that lets aa-logprof error out in a corner-case (log event for a non-existing profile while a profile file with the default filename for that non-existing profile exists) (boo#1120472)- netconfig: write resolv.conf to /run with link to /etc (fate#325872, boo#1097370) [patch apparmor-nameservice-resolv-conf-link.patch]- update to AppArmor 2.13.2 - add profile names to most profiles - update dnsmasq profile (pid file and logfile path) (boo#1111342) - add vulkan abstraction - add letsencrypt certificate path to abstractions/ssl_* - ignore *.orig and *.rej files when loading profiles - fix aa-complain etc. to handle named profiles - several bugfixes and small profile improvements - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.13.2 for the detailed upstream changelog - remove upstreamed fix-syntax-error-in-rc.apparmor.functions.patch- update to 2.13.1 - add qt5 and qt5-compose-cache-write abstractions - add @{uid} and @{uids} kernel var placeholders - several profile and abstraction updates - ignore "abi" rules in parser and tools (instead of erroring out) - utils: fix overwriting of child profile flags if they differ from the main profile - several bugfixes (including boo#1100779) - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.13.1 for the detailed upstream changelog - remove upstream(ed) patches: - aa-teardown-path.diff - fix-apparmor-systemd-perms.diff - logprof-skip-cache-d.diff - fix-samba-profiles.patch - make-pyflakes-happy.diff - dnsmasq-Add-permission-to-open-log-files.patch - refresh apparmor-samba-include-permissions-for-shares.diff - add fix-syntax-error-in-rc.apparmor.functions.patch- update rpmlintrc: - whitelist .features file which is part of the pre-compiled cache - comment out filters for the disabled tomcat_apparmor subpackage- Backport dnsmasq fix: 025c7dc6 - dnsmasq-Add-permission-to-open-log-files.patch (boo#1111342)- add make-pyflakes-happy.diff to fix an unused variable (SR 629206)- add fix-samba-profiles.patch - smbd loads new shared libraries. Allow winbindd to access new kerberos credential cache location (boo#1092099)- exclude the /etc/apparmor.d/cache.d/ directory from aa-logprof parsing (logprof-skip-cache-d.diff)- add fix-apparmor-systemd-perms.diff - fix permissions of /lib/apparmor/apparmor.systemd (boo#1090545)- create and package precompiled cache (/usr/share/apparmor/cache, read-only) (boo#1069906, boo#1074429) - change (writeable) cache directory to /var/cache/apparmor/ - with the new btrfs layout, the only reason for using /var/lib/apparmor/cache/ (which was "it's part of the / subvolume") is gone, and /var/cache makes more sense for the cache - adjust parser.conf (via apparmor-enable-profile-cache.diff) to use both cache locations - clear cache also in %post of abstractions package- update to AppArmor 2.13 - add support for multiple cache directories and cache overlays (boo#1069906, boo#1074429) - add support for conditional includes in policy - remove group restrictions from aa-notify (boo#1058787) - aa-complain etc.: set flags for profiles represented by a glob - aa-status: split profile from exec name - several profile and abstraction updates - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.13 for the detailed upstream changelog - drop upstreamed patches and files: - aa-teardown - apparmor.service - apparmor.systemd - 32-bit-no-uid.diff - disable-cache-on-ro-fs.diff - dovecot-stats.diff - parser-write-cache-warn-only.diff - set-flags-for-profiles-represented-by-glob.patch - fix-regression-in-set-flags.patch - drop spec code that handled installing aa-teardown, apparmor.service and apparmor.systemd (now part of upstream Makefile) - simplify "make -C profiles parser-check" call (upstream Makefile bug that required to call "cd" was fixed) - add aa-teardown-path.diff - install aa-teardown in /usr/sbin/ - move 'exec' symlink to parser package (belongs to aa-exec)- Set flags for profiles represented by glob (bsc#1086154) set-flags-for-profiles-represented-by-glob.patch fix-regression-in-set-flags.patch- add dovecot-stats.diff: - add dovecot/stats profile and allow dovecot to run it (boo#1088161) - allow dovecot/auth to write /run/dovecot/old-stats-user (part of boo#1087753) - update 32-bit-no-uid.diff with upstream fix- Change of path of rpm in lessopen.sh (boo#1082956)- add disable-cache-on-ro-fs.diff - disable write cache if filesystem is read-only and don't bail out (bsc#1069906, bsc#1074429)- add parser-write-cache-warn-only.diff to make cache write failures a warning instead of an error (boo#1069906, boo#1074429) - reduce dependeny on libnotify-tools (used by aa-notify -p) to "Suggests" to avoid pulling in several Gnome packages on servers (boo#1067477)- update to AppArmor 2.12 - add support for 'owner' rules in aa-logprof and aa-genprof - add support for includes with absolute path in aa-logprof etc. (lp#1733700) - update aa-decode to also decode PROCTITLE (lp#1736841) - several profile and abstraction updates, including boo#1069470 - preserve errno across aa_*_unref() functions - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.12 for the detailed upstream changelog - drop upstreamed patches: - read_inactive_profile-exactly-once.patch - utils-fix-sorted-save_profiles-regression.diff - lessopen profile: change all 'rix' rules to 'mrix' - add 32-bit-no-uid.diff to fix handling of log events without ouid on 32 bit systems - no longer package static libapparmor.a- update to AppArmor 2.11.95 aka 2.12 beta1 - add JSON interface to aa-logprof and aa-genprof (used by YaST) - drop old YaST interface code - update audio, base and nameservice abstractions - allow @{pid} to match 7-digit pids - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_11_95 for the detailed upstream changelog - drop upstreamed patches - apparmor-yast-cleanup.patch - apparmor-json-support.patch - nameservice-libtirpc.diff - drop obsolete perl modules (YaST no longer needs them) - drop patches that were only needed by the obsolete perl modules: - apparmor-utils-string-split - apparmor-abstractions-no-multiline.diff - drop profiles-sockets-temporary-fix.patch - obsoleted by a fix in apparmor_parser - refresh utils-fix-sorted-save_profiles-regression.diff - add aa-teardown (new script to unload all profiles) - make ExecStop in apparmor.service a no-op (workaround for a systemd restriction, see boo#996520 and boo#853019 for details) - lessopen profile: allow capability dac_read_search and dac_override, allow groff to execute several helpers (boo#1065388)- read_inactive_profile-exactly-once.patch (bsc#1069346) Perform reading of inactive profiles exactly once.- update to AppArmor 2.11.1 - add permissions to several profiles and abstractions (including lp#1650827 and boo#1057900) - several fixes in the aa-* tools (including lp#1689667, lp#1628286, lp#1661766 and boo#1062667) - fix downgrading/converting of 'unix' rules (will be supported in kernel 4.15) to 'network unix' rules in apparmor_parser (boo#1061195) - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_11_1 for upstream changelog - remove upstream(ed) patches - upstream-changes-r3616..3628.diff - upstream-changes-r3629..3648.diff - parser-tests-dbus-duplicated-conditionals.diff - apparmor-fix-podsyntax.patch - sshd-profile-drop-local-include-r3615.diff - refresh apparmor-yast-cleanup.patch - add utils-fix-sorted-save_profiles-regression.diff to fix a regression in displaying the "changed profiles" list in aa-logprof- add nameservice-libtirpc.diff to fix NIS/YP logins (boo#1062244)- profiles-sockets-temporary-fix.patch to cater to nameservices with the new sockets mediation, until unix rules are upstreamed (boo#1061195)- add apparmor-fix-podsyntax.patch from mailing list to fix compilation with perl 5.26- do not require exact X.Y version of "python3" - require also matching python(abi) which is arguably more important- don't rely on implementation details for reload in %post- add JSON support. Required for FATE#323380. (apparmor-yast-cleanup.patch, apparmor-json-support.patch)- add upstream-changes-r3629..3648.diff: - preserve unknown profiles when reloading apparmor.service (CVE-2017-6507, lp#1668892, boo#1029696) - add aa-remove-unknown utility to unload unknown profiles (lp#1668892) - update nvidia abstraction for newer nvidia drivers - don't enforce ordering of dbus rule attributes in utils (lp#1628286) - add --parser, --base and --Include option to aa-easyprof to allow non-standard paths (useful for tests) (lp#1521031) - move initialization code in apparmor.aa to init_aa(). This allows to run all utils tests even if /etc/apparmor.d/ or /sbin/apparmor_parser don't exist. - several improvements in the utils tests - drop upstreamed python3-drop-re-locale.patch - no longer delete/skip some of the utils tests (to allow this, add parser-tests-dbus-duplicated-conditionals.diff) - add var.mount dependeny to apparmor.service (boo#1016259#c34)- Cleanup spec file: - don't use insserv if we afterwards call systemd, this can have bad side effects - remove dead code - remove now obsolete 'distro' checks - Replace init.d script with new wrapper working with systemd- add python3-drop-re-locale.patch: remove deprecated re.LOCALE flag in Python UI as it was dropped from Python 3.6 (lp#1661766)- Fix RPM groups- add upstream-changes-r3616..3628.diff: - update abstractions/base, abstractions/apache2-common and dovecot profiles - merge ask_the_questions() of aa-logprof and aa-mergeprof - pass LDFLAGS when building parser, libapparmor perl bindings and pam_apparmor - adjust deleting the cache in profiles %post to the new cache location - silence errors when deleting the cache (boo#976914)- split libapparmor into separate spec to get rid of build loop involving mariadb, systemd, apparmor, libapr and mariadb again (see the discussion in SR 448871 for details) - libapparmor.spec is based on the AppArmor 2.11 apparmor.spec, but with minimum BuildRequires- update to AppArmor 2.11.0 - apparmor_parser now supports parallel compiles and loads - add full support for dbus, ptrace and signal rules and events to the utils - full rewrite of the file rule handling in the utils - lots of improvements and fixes - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_11 for the detailed changelog - patches: - add sshd-profile-drop-local-include-r3615.diff to fix 'make check' - drop aa-unconfined-fix-netstat-call-2.10r3380.diff, no longer needed - refresh apparmor-abstractions-no-multiline.diff - refresh apparmor-samba-include-permissions-for-shares.diff - spec changes: - aa-unconfined switched to using ss (from iproute2), adjust Recommends: - move libapparmor to /usr/lib*/ - drop %if %suse_version checks for 12.x - change several Obsoletes from %version to < 2.9. Those package names weren't used since years, and 2.9 is still a careful choice - include apparmor.service independent of %suse_version - techdoc.pdf is now shipped in upstream tarball to reduce BuildRequires - drop latex2html, texlive-* and w3m BuildRequires - techdoc.txt and techdoc.html not included, drop them from the package - run most of utils/ make check (some tests expect /etc/apparmor.d/ and /sbin/apparmor_parser to exist, skip them) - BuildRequires python3-pyflakes (utils tests) and dejagnu (libapparmor tests) - drop sed'ing python3 into aa-* shebang (upstreamed) - build binutils - aa-exec is now written in C and lives in /usr/bin/, move it to the apparmor_parser package and create a compability symlink in /usr/sbin/ - aa-exec manpage moved to section 1 - aa-enabled is a small new tool to find out if AppArmor is enabled - package new aa_stack_profile(2) manpage- change /etc/apparmor.d/cache symlink to /var/lib/apparmor/cache/. This is part of the root partition (at least with default partitioning) and should be available earlier than /var/cache/apparmor/ (boo#1015249, boo#980081, bsc#1016259) - add dependency on var-lib.mount to apparmor.service as safety net- update to AppArmor 2.10.2 maintenance release - lots of bugfixes and profile updates (including boo#1000201, boo#1009964, boo#1014463) - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_10_2 for details - add aa-unconfined-fix-netstat-call-2.10r3380.diff to fix a regression in aa-unconfined - drop upstream(ed) patches: - changes-since-2.10.1--r3326..3346.diff - changes-since-2.10.1--r3347..3353.diff - libapparmor-fix-import-path.diff (upstream fix is slightly different) - nscd-var-lib.diff - refresh apparmor-abstractions-no-multiline.diff- add nscd-var-lib.diff to allow /var/lib/nscd/ in the nscd profile and abstractions/nameservice (path changed in latest nscd in Tumbleweed)- add changes-since-2.10.1--r3347..3353.diff with upstream changes and fixes in the 2.10 branch, including - allow writing *.qf files (for disk-based buffering) in syslog-ng profile - add several permissions to the dovecot profiles (deb#835826) - add a missing path in the traceroute profile- add changes-since-2.10.1--r3326..3346.diff with upstream changes and fixes since the 2.10.1 release, including - allow dac_override in winbindd profile (boo#990006#c5) - allow mr for /usr/lib*/ldb/*.so in samba abstractions (needed since Samba 4.4.x, boo#990006) - abstractions/nameservice: also support ConnMan-managed resolv.conf - let aa-genprof ask about profiles in extra dir (again) - fix aa-logprof "add hat" endless loop (lp#1538306) - honor 'chown' file events in logparser.py - ignore log file events with a request mask of 'send' or 'receive' because they are actually network events (lp#1577051, lp#1582374) - accept hostname with dots when parsing logs (lp#1453300 comments #1 and #2) - fix python LibAppArmor import failures with swig > 3.0.8 (boo#987607) (libapparmor-fix-import-path.diff) - refresh apparmor-abstractions-no-multiline.diff - drop upstreamed profiles-ping-inet6-r3449.diff - add %check section - runs libapparmor (including swig bindings), parser and profiles tests - add BuildRequires: perl(Locale::gettext) - needed for parser tests- add profiles-ping-inet6-r3449.diff - latest ping also does IPv6 (boo#980596)- update to AppArmor 2.10.1 (2.10 branch r3326): - fix incorrect output of child profile names (apparmor_parser -N) which caused 'rcapparmor reload' to remove child profiles and hats (lp#1551950) - fix a crash in aa-logprof / logparser.py for change_hat log events (lp#1523297) and log events that look like file events, but aren't (lp#1540562, lp#1525119, lp#1466812) - write unix rules when saving a profile (lp#1522938, boo#954104#c3) - several fixes for variable handling in aa-logprof - map c (create) log events to w instead of a - add python to the "no Px rule" list in logprof.conf - let aa-logprof check for duplicate profiles - let aa-status work without the apparmor.fail python module (boo#971917, lp#1480492) - add permissions in several profiles (including boo#948584, boo#948753, boo#954959, boo#954958, boo#971790, boo#964971, boo#921098, boo#923201 and boo#921098#c15). - and many more fixes, see the full changelog at http://wiki.apparmor.net/index.php/ReleaseNotes_2_10_1 - drop upstream(ed) patches: - fix-initscript-aa_log_end_msg.diff - syslog-ng-profile-boo948584.diff - upstream-profile-updates-r3205-3241.diff - refresh patches: - apparmor-abstractions-no-multiline.diff - apparmor-samba-include-permissions-for-shares.diff - drop libapparmor autogen.sh call (broke the build) and remove libtool BR- add syslog-ng-profile-boo948584.diff - add several permissions needed by latest syslog-ng (boo#948584, boo#948753) - add upstream-profile-updates-r3205-3241.diff with several profile updates: - add /usr/share/locale-bundle/** to abstractions/base - allow dnsmask to use /bin/sh (boo#940749) and /bin/dash - allow dovecot imap to read /run/dovecot/mounts - allow avahi-daemon to write to /run/systemd/notify - allow ntpd to read $PATH directory listings (boo#945592, boo#948752) - update dhclient profile - allow skype to read @{PROC}/@{pid}/net/dev (boo#939568) - and some other small updates - drop upstreamed apparmor-winbindd-r3213.diff (included in the upstream-profile-updates patch)- netstat moved to net-tools-deprecated in Tumbleweed (boo#944904)- add apparmor-winbindd-r3213.diff - add missing k permissions for /etc/samba/smbd.tmp/msg/* in winbindd profile (boo#921098 #c15..19)- add fix-initscript-aa_log_end_msg.diff - fixes ugly initscript output (boo#862170)- update to AppArmor 2.10 (trunk r3205) - profile names can now contain variables - improved profile compile time in apparmor_parser - lots of improvements, refactoring and bugfixes in the aa-* tools - new apis for managing and loading profile caches into the kernel in libapparmor - lots of profile updates - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_10 for the complete changelog with more details - add new apparmor_private.h and the aa_query_label(2), aa_features(3), aa_kernel_interface(3), aa_policy_cache(3), aa_splitcon(3) manpages to libapparmor-devel - drop apparmor-2.5.1-edirectory-profile patch - it's most probably no longer needed (see boo#621394 for details) - drop upstreamed samba-4.2-profiles.diff - refresh apparmor-samba-include-permissions-for-shares.diff- systemd-rpm-macros and %systemd_requires were at the wrong place, move them to the parser package (boo#931792)- update to AppArmor 2.9.2 (2.9 branch r2911) - lots of bugfixes in the parser and the aa-* tools (including boo#918787) - update dovecot and dnsmasq profiles and several abstractions (including boo#911001) - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_9_2 for the full changelog - remove upstream(ed) patches apparmor-changes-since-2.9.1.diff and apparmor-fix-stl-ostream.diff - replace GPG key with new AppArmor GPG signing key, see https://launchpad.net/apparmor/+announcement/13404- make sure %service_del_postun doesn't call systemctl try-restart (boo#853019, bare systemd edition) - add samba-4.2-profiles.diff: update samba (winbindd and nmb) profiles for samba 4.2 (boo#921098, boo#923201)- only install apparmor.service for openSUSE > 13.2- Add a native systemd unit which *at the moment* only wraps/masks the early boot script.- add apparmor-fix-stl-ostream.diff which fixes odd uses of std::ostream which are not valid. Fixes build with GCC 5- allow lessopen.sh to run /usr/bin/unzip-plain (boo#906858)- add Requires: python3 to python3-apparmor package - readline isn't part of python3-base (boo#917577)- add apparmor-changes-since-2.9.1.diff with upstream fixes since the 2.9.1 release - update logparser.py to support changed syslog format (lp#1399027) - update usr.sbin.dovecot and usr.lib.dovecot.imap{, -login} profiles (lp#1296667) - update the mysqld profile - fix network rule description in apparmor.d(5) manpage - drop upstreamed dnsmasq-profile-fixes.patch - update expired GPG key- update to AppArmor 2.9.1 (2.9 branch r2831) - fix log parsing for 3.16 kernels and syslog-style logs (boo#905368) - several fixes and performance improvements in the aa-* utils - profile updates for dnsmasq (boo#907870), nscd (boo#904620#c14 and bnc#908856), useradd, sendmail, man and passwd - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_9_1 for full release notes - refresh dnsmasq-profile-fixes.patch- Fix dnsmasq profile to allow executing bash to run the --dhcp-script argument. Also fixed /usr/lib -> /usr/{lib,lib64} to get libvirt leasehealper script to run even on x86_64. dnsmasq-profile-fixes.patch. boo#911001- rename lessopen.sh profile file to usr.bin.lessopen.sh to match the script filename- add apparmor-lessopen-profile.patch: /usr/bin/lessopen.sh needs confinement. bnc#906858- delete cache in apparmor-profiles %post (workaround for bnc#904620#c8 / lp#1392042)- No longer perform gpg validation; osc source_validator does it implicit: + Drop gpg-offline BuildRequires. + No longer execute gpg_verify.- fix bashism in post script- update to AppArmor 2.9.0 (r2759) - change aa-mergeprof to the final commandline syntax - lots of bugfixes in the aa-* tools (bnc#900163, lp#1328707 and several bugs without a formal bugreport) - small additions to gnome, freedesktop.org, ubuntu-browsers.d/java and user-mail abstractions - fix mod_apparmor to not break basic auth - update perl modules to support signal, unix and ptrace rules (bnc#900013) - don't warn about rules not supported by the kernel - fix logging of "audit capability" (lp#1378091) - add support for the "hat" keyword in apparmor.vim - build html version of apparmor.vim manpage again (lp#1366572) - see also http://wiki.apparmor.net/index.php/ReleaseNotes_2_9_0 - update apparmor-abstractions-no-multiline.diff - remove upstreamed apparmor-profiles-ntpd-pid-location.diffh03-ch2c 1696247589  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTU3.0.4-150500.11.9.13.0.4-150500.11.9.1 apparmorapparmor-3.0.4-py3.6.egg-infoPKG-INFOSOURCES.txtdependency_links.txttop_level.txt__init__.py__pycache____init__.cpython-36.pycaa.cpython-36.pycaare.cpython-36.pyccleanprofile.cpython-36.pyccommon.cpython-36.pycconfig.cpython-36.pyceasyprof.cpython-36.pycfail.cpython-36.pyclogparser.cpython-36.pycnotify.cpython-36.pycprofile_list.cpython-36.pycprofile_storage.cpython-36.pycregex.cpython-36.pycrules.cpython-36.pycsandbox.cpython-36.pycseverity.cpython-36.pyctools.cpython-36.pyctranslations.cpython-36.pycui.cpython-36.pycaa.pyaare.pycleanprofile.pycommon.pyconfig.pyeasyprof.pyfail.pylogparser.pynotify.pyprofile_list.pyprofile_storage.pyregex.pyrule__init__.py__pycache____init__.cpython-36.pycabi.cpython-36.pycalias.cpython-36.pyccapability.cpython-36.pycchange_profile.cpython-36.pycdbus.cpython-36.pycfile.cpython-36.pycinclude.cpython-36.pycnetwork.cpython-36.pycptrace.cpython-36.pycrlimit.cpython-36.pycsignal.cpython-36.pycvariable.cpython-36.pycabi.pyalias.pycapability.pychange_profile.pydbus.pyfile.pyinclude.pynetwork.pyptrace.pyrlimit.pysignal.pyvariable.pyrules.pysandbox.pyseverity.pytools.pytranslations.pyui.pyLibAppArmorLibAppArmor-3.0.4-py3.6.egg-infoPKG-INFOSOURCES.txtdependency_links.txttop_level.txtLibAppArmor.py_LibAppArmor.cpython-36m-x86_64-linux-gnu.so__init__.py__pycache__LibAppArmor.cpython-36.pyc__init__.cpython-36.pyc/usr/lib/python3.6/site-packages//usr/lib/python3.6/site-packages/apparmor-3.0.4-py3.6.egg-info//usr/lib/python3.6/site-packages/apparmor//usr/lib/python3.6/site-packages/apparmor/__pycache__//usr/lib/python3.6/site-packages/apparmor/rule//usr/lib/python3.6/site-packages/apparmor/rule/__pycache__//usr/lib64/python3.6/site-packages//usr/lib64/python3.6/site-packages/LibAppArmor-3.0.4-py3.6.egg-info//usr/lib64/python3.6/site-packages/LibAppArmor//usr/lib64/python3.6/site-packages/LibAppArmor/__pycache__/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:30900/SUSE_SLE-15-SP5_Update/bf7fc34cc3d034d75e6790157f5ae668-apparmor.SUSE_SLE-15-SP5_Updatedrpmxz5x86_64-suse-linuxdirectoryASCII textpython 3.6 byte-compiledPython script, ASCII text executable, with very long linesPython script, ASCII text executablePython script, UTF-8 Unicode text executablea /usr/bin/python3 script, UTF-8 Unicode text executableELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=d4acfa4e449ac6720014bec7850e8f0e0406857e, stripped  !"#$%&'()*+,-./0123456789:;<=>?@ASTURRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR R R R RRRRRRRRR RRRRRRR!TN^CLA;utf-8f706ac215f7e64bcaeec79c1a3d43ebc8af0c8ae0286b75e641797760cf9a566? 7zXZ !t/#]"k%{^E) `=l.Xt`g T'Fm[E⧍ gkbq+91 mk5j%!E_HjÊ. N10]Yf}u>͓/E:ӞBcz~S jh6;ig s[ЈbP~b̘)σP~Qxu"WE2d'(͠/fý,[c`H)l(L#T㩚?1WQ8*fɔ3S suaԄ$&)% GzXLF':3J_ ЖOl&ú͘b:@v9m%G{0 eT{ZSY1B >g,l s#[Q& 47_5729K>M*YUa.mN9KbDyKȾ~~\(-PrN Xs4)c\9.*FwgY&зbeIa=&Ln|/g&N " |^l4ҤȲZe5;z{;g)J\ÞBBPέ_B^NA #4^ۄk]4kirLxi-N*?\7#cSu[7ZZ7ظ*D5NG§ ߯/_V3+OF wJZ>h1 8~\s|v=m.a4tar@z`t0wg{Ծj ddQ!@iwEع(>ooR "Fa&7曝َ#!ft[٥gc' \:FQ ?ZٓdGOF(gZ_&x^rʞzG[`m^ϊ|EkUu@rStß|?|hC{Wkr+^r&/d1T_ z*5z*͆#cT523e ]4injC~-Wq98Ў Ysy?[@N|g"S2^wK.2#9Ѽv=V<Ȇ\q :I BƜgZ&?.`()/4y#áijEF< ?E-GTfGȑH;1Q|2!I-6p ~ 'h9h1NfΤ{3$'+n@xQA`Zn1Dd>yC|(1܎iQ;?IV 2;Nj1TUT" ;E^8(\d\_yp ?D>K?=ߍO3jBM?4͉d`8EΌU"B &k%IA@_7;9%F8^ކ #[ǎSjh@ vϾ&F?2Xr]"I`2i/̣o3Ga޵CA9Ϟcq:u0NaFL4L-+T̝7'\2%;i(ǞW&R] rSnZ+ҙ]# &E9=:k N+?{z,OC/oSm33K@ |lZةD?fXJfz,椊'/sjβYhl#: )o bԉ h"KX}}9q+՚;{d&pc"stW;2IRq '\nc ABqˎpŵ|f3xd.7v}A=$Bcgȁ;`ξf<[Qu`k+P0mu}vh $MTNfB]mC/bpkPHZ꣠*D/!Øg[vC/PooR?ik?WsI[ |q=ZWSTEI7k9ckL"42rJ|UN-(ə o_ HL.S E{0]^x qFL1mGKI0.-zQfrяIzJsÚArĉMfdW`.P#<.}j/>G2鱅f=-8=5p9&ӓvNҶ>n.H²C䞶J57rugr ܐM+j:X%<Ȕw>>q4 c/ 1m(Ogf}#lc9Sk{ ;-h #.q U[ Z}I7PmC%P$v@oW_I3UHh(9۟E<ZY Şą!]q"d<QDošރ'Lc}¤mҩW[9YSn,a7/6r Hd:7wʬP=8!wGt_Z[Vo)( ryn*<aӮkj'\N ΎW0\{m`8rzK'C7bsE)3y!ېu8czs)rg ,ꮝF!Y֭;f%}1;}nA[HoU$WfeG}q"__6!--2)A-hk!}(C_N5b-dG/ѠE*?+yGX-!cD LO9JP!Uϋݷ<+xAԺMHsOǝ`ȑK<2KxbM]:+cY?xLCf&lOF77 ,IXNS4ʸƢ0 gdoIJeKF.~Vړx^\Evfhᯐ"B7xƟ%g4.!iQD;/?'7Uu}!UbMTJ5{*OJ9Xfs2R:N=|hrбD V>ƇAN"Ͼκ v-RuyN^|ވMCc>vK`PWDԉҎ}3Ka9\# X4=P˽+Ht?ߜRl/фiQ=$jxIQ!bU&h%ɢz*IqhUF!np` %"`x4wֵ4dEDAN MཛY4k IIs5S*ܢw/zgYfr#_ 9nmzX} '8Yj&)T@H2lZ ŧלMZ ئl,M-tM#]ѲO؆7KY#U!4Iu_SKVX9ݗjj줩ZI~b9t 5?N*ku&tRvXDSI7`hƾހɼ3^ .Azi<"F =n֫^axg8z?fzٖQ JWӕW켫[(Y?AYB#dQcL/IjCFe&F@ ,48 dIJ6/t Oef>JÓ`"D|Y,bQD* ؎܀=W!1a>$ 6A؂B:qoCaDzPKUz=ω- wӅgUΦew.N1y &X7J2ĩ=y[}Pgİ0tAO d0VM"m_/|m7CQ-ן{B$"Ncm^Ͼ́ǰPa%jZxH[.ɀR"pKXm$#LdX LӴ#Ċ#ָpnp r-Z庈(56_k٠9QP:ËeӅX,dX+v^QjKygC:5DcWJH!7oYgjfUEP="9{#YKR#17;WǽԄ+=r#֕:N,|; < )u`9c/oNbilGxaOܒVdeִr8m}5&RhٞCǷLR\D#_O*T7h)@g X4Ǻ48ɻ!F F8p%wUEʐ,"X᠅^0Kۥpqu i iB ]"dC=:ps] $[a⋣MKEzWiCQB:Mn:Y,0 74C@ )%nmb|4sv(la\,H{3HYA jw"*{?qdq;@.gMo5;Wr ~i[1b(XN֟I\!_q Dtq<1Ձ!-9Kz Oq!Qsg5a4C,Mgj~qtE&R.Ga@;N7$}DH̦ 1237YԒUXXC}z [nSZKCYugfVP8xl'~R*DmZ|I  NXεnëmVws,/,$Ԏ*-!l["Q_P8C2@ÕG0.},iDvgj#!,>0- ^T(>KGOOW09?*p~dITT9jcR852O '4 {m.L Owo[>+H Z, L6>dm#׉"-Vq!&5-ޕ^D7M3JІD6>!NsYs5`A@vPzy_ZV|V(3$*@aS3B!ªhQ.9}O|[\!bD2S@c6f]Qtŝ` OK Tԗ.O^{F>⬔_M?^l{*R.u8DeME2lb_%[w:iU(3gࠛ7[y%GI:͜& [ ̐dT|Aa@i~6{u[?~+7ao1xːexp!0@@\y|,_ttbKX'cjИ9&WhQ<7As~uAR`RBO"$8;rx3{ 9>lKFٺX!ڇL/9Rqm@6>۶> `!@ Ȓz{A oM6 )(y797{BS QyEq|Rn c,mDߢN7~¼ǑPrSI+|оbyExh,(CO695J/5ߜ :mU& A~͉%$.k81wo$L/񏢥*SaZp00m&΂<40=ҪV.l!LJ8\pM'vQ(õcSC1{@_Ǝ|3\|4wh<>`YFa}E\=e N<~X-A}"#1PHNp理vKjlϸ`5Vx)%~77TnX:OjFU@IG a&ȍaQhI/RJdءmraT9a4 G74 Q lXh:"v0M[#gK~õB>p9AUvZ͸6I255$菂m> o2WkB hew. #X$,+BoLi jdPP+B?Fs9='"Q[1,dLx`#35)< h,0ncoG}1=׵!ut .e%|p&RwK"lT \{l(M2E?;6C7G^~տY^gp!L9`ve7"F׀ߠR;}N oaOzƎ *Ffİ3^r\`]B!QY2i`-jjIz^ݕ*UAv{wݐE7S_ROWS{rva$E\>kF "j7j$n{Kfpɮgh do _k ,,E>$יފ7 D/5U&Ԏ`̫͋'2xDv|2Mnnn(֢#s+ -23XS8~*oU˳OL{yX[#6GԬQ?*9=5彎 [;xxyWѥ{訣ʒvbd g)'Go.pQbc 5@dŝqRڀvdpe]4̓_PT8O. Z{|fW2ϸ[oCX?XqXu8 5`NWh+8W$D29@@_<6㧤r t#; &2>P@`T*Y_0&38{8`:=[;bʆس֯$}i-@q_WNoCs+`y=lhVl߃.A~,T"1_*&6^FuWn1/uEr wr `ln8pTBe\en^3R˨7f yU:˷^]빳թ7OzYœJ=Xk9>s[ \:;}dȖC/Ժ1z5j!h-hw6d}C6C]qY?94^5xuŢ9&ilhSt;Q{,X$ 8vʔ.s,J *MF3GN:c±o2l2wAdSVK˪mQv:^9sd"x~\gWW #rˤbXv)s7 8:aLj-3z{ƫ=I50Uq~"G(5~.U b^Ѩ9x!5196)ݑNlj_Fn$zIo(`^AI@5&A[ $ou!V{ӈBjS ~Qܟ|: N{܅3b+{Vz8Ҍi{ h4e㽗`g{Y BD͍GWւ,TN~L|7MpH}rzW$>J m\#PnKTe8\sת( (*?jg53'vnG{U߿rW<fW_W3h*oSE[kR,˞";7 3t˟/@oOH ,!fB ?oq_m0FZ: _ ܞ6Po#(v*a{ƁZ™AfCtOz[Q)":jb'}E`P%AͲ,O$k6b-~.E}<[-ƌ'TOGQ<нOU4}~Ut{6} /&wʨ/bnM8`)o\9MB1r_qڂXPx8 wEk㮟v {[*DHNT1iXOfCΰs6d d-GJ#G>07x(+>;9dZKdWΒ72HT1T$d?lE<0䓇ާ1#1S׽Ԏmbri d%н]6oѠj]cwd1ݺ J ']ܹ*iquww|Wy:wvtq'M,vvaÅ n srʊ6U3jKHEGk9wֻ(S%08>CqM2|5ٔ74LM~y;5IYoQKsۢ2p~O (8Վ7Lt`Y(iix؍\AX`[o:~MR{5iu^WwuBrLHU;u.[6f^R8K,T@XpZ?Lpɮ߀}Zu[P4CP|o2a̿t;x2|2ND0 2X-SvTǪijNxciɹȲbJޜ&=vՃ+<'~Y|c+v S.%P􍼅%=t7ܯ7?f; OHOcPk;mB,皲 P;]P7`ةl~ճ%!=4P#z^@$4mf',e4 )(:fQI'_o4*y9 + H@^kWͮ=0M mPwP F_w<߈¿/Si_' mǙޕ++`Q>XBZYOv.pZ"e 9m$'nWN- %-7PC̝AO Co-51شȧ|ԡ:G/dt0_ ؁pf*^!.Ia:}#1W!E|TULzM /l(-;8m3,dymE-(\>3Ehm w ɷu80 !_M'a @ C :1{T2*Ѝ:i%4W[>UnK$uZ |϶1ﵮl0M=Dw5NoB !x|ri=xyR`7XeuM]E0h:0xF'ǞIr ,V>5YX,|;I3ү[\ 13Zm`T|XTb}loڿĔ<רRFy<#|aZٮ럌 } 3dIj3H,e@,\Zl^mYcQ i(^q.qmC﷊z_LMux]'b0WN<3`lo.~(G-1 tH ߴ+f*@9kKAywȀnp[hJN(.ӮAĀ`^I;?XO(HpNɤHkJe }y+xDY>Ohns1[:gβh|j~ix%8W1afpѲ06.:`u~MJdvSegʌ/d&‹ n\4ZbB[!zt2)<]hs2$5Fm<~#i;T8U*q ]ŗ\ idtf' *=T~~P*D YKu2C!&UDf_}h{a/qzg}8[:L )b>@˛0(OMJ^⡫~eiG%]/ÊT7s*a_,_C,nnO z@5 >%n+Q=R@PGz阛еRe挸wv;[HA`Ko夝[=4g2!xk @4th&_N`dTktK]vҭ#JИnfUbn1+~KWP=.1m+ hAزL|}NLE21A?[v’Vb=PT&[%󂭈8d[anqMxLela;77;'s%+]wV^0x 1TщuIFH(!Θ1e lY'LMWgf:1A*hӷ2:ʏlH媈7Hϒ-mz>ifI;,8Tcg3?[7W($ ? (@FcCJ_s-`(T'mp'kA<\9jxQP mL uXg&LPAt`q ib}G:KйCx21;mb׌U2uWxl`~sfǝ rp J4(i#5.7RI(Hhhb]+; g鱢9ZVq]$*e袈eL͸ɉFgEaIiޓ&Y \+hm4n"E;IyPb?JQߥ^SL A0"t؋䍼5ؽfO/F(f38@a޺q-52b@{}qQ b>ϺA.=/E>ϜTpyeiRGr=8s'7Tj{Le]5&jJ0M0VXpqt4q@>  @T*<kw0~7*f!Ŕbi#L|3kDVS,˥ɾhb1gwd*/reIykw/z65Ai6N㚇c4 vXQ_n yH Kh[!K_Жk3K'a\>:5n4G#b3gՍ&]S[pz|͟4Tf|E%B8n09 zqЧM<̍ 0P+}\ nY9];>jz 'w69qZM.ai2h=|r!w%d!D=hXUUzXtb[FdD/I?gwɭ&UT~q4}ľOl[\8Wܽ~Z'Ґ*х kjfwd tk| %8TsLf&jV@ eWL?9ݵ;(9u[}H]7ں |MLU03dnD 9F"JUHx={q0]5EW@W~T6 ?Xp1Of? pE&ܒ;R`Co_LMMp쩶ߵdafp$AU;'(hѣ1Z=v_29C_$RaǚLO[D+N2x/K8siQe1ےcG2A\fӶd[~r*q,=l,>bpk܂ Af=a`uD*1:ֿ~=8ߝb(P^9l(hB3 ιz3\jipVS[t&bl`7>pn]K\s<pqJFq?,M@A@rJ2e}kB[JfX@{п8r6   գ9-  (B#f6 F"^(u h[LG1OW$kԶW;`/s>ZP֪\Jv78=x,H)ZYU*w=Oo,l jqxkVb,$ a caI0C8a=fjG[ƽ >OݿjWV*\*=k1Y~Gr h;䳽W&@U@o lj/g~TOӇXk)PJ6ܵ4 Ґ+LhLxx4\t|̹0F\:'PVu^9|kdA\7Y*,hYb}S&$%;%g3㦁:J]27PN^ǽQXбR2h[%%"82!:Չ}蘆@`C᛹T 'eszqШY33]=/!AiTҵzE׿nm+1r;0hVߔqr&xĀ.ŦfiSܕԂrU7o CJLꏙ$ZBGvp2K{]WMvB|ī9 EEsq'|&$._aI^?DY6A9TficckT}ؙ1gl]Kdz-@эTnjB&`UuP 084?w{ɸK6bW֨1D`ZhcB[q)*7ⲆƏ?@ @ȠA0 jӨ -- ñσM1s fQ`t'|^ecHƬ~jf|lEm6P"c3bx޿BEA['*s $05X(|-I39pP&1ƅo(8{GGր̮t|=Z>m^vݠ0>ǯ1`tv􅼃,&&Ӛs'l,(yzls4総r8C pNtr\t1kiz{Ah"D_Pp2<" e.bOko o tU\8K 3#j\14k\RU:)o X@Ul^ސ[>̓L[zANt;闦[*]qXgoek87&`+Az7,g8GH4tr@HEykaތEaIdrWawYĵP*AJ ur #JGjXk|B!+K^DNe$t#VKQ9eTKa*Sjju5Ƭ TLHeCPAKPRݻ;sDZk5oDUsTE!W`ҤWz Bee<9 U̯{$1yo:iPvqrk dUM }H\ƕtJG;qqK!i׎nbgA7M!G4kJ&u6x!vNk'qhrE)Q8^I Q@ZT>K@ٗE6xxt0SJT%`l >ʻUbvcRS*gxJP1P!0< :67?̅5Eԓ|L#3I,lH,} {8_AXc m-L 1&SJLY3AOR1C>#;`1ݹg/^roϟӒ5Cn;+QR~B'f*IW12ZYI:Wh!g0HE!;1]@"Gx1,m#AB8јTƒKſ[M.SwxY(O)5vD씩SW5g_o2d* pf"~o3D]q`2v86SUZiJ\Baf qA#htq04Ew.>H uQLy+@R68F& qW#bOY/f$;G *Viz4FVUedg#x?6E-#m$ȤKG?DZoJ: ?}>ݷ@O=kz:菾ُ\9*:虺Rߛkw] ~A.RtIh?l-t4995h1Cz|:݊/."L-h  ߌ?r O[%)g,p1\\rkytap!iǫ(J+@.lږU2NHr7B.pÙEBlyMHdT l4W]4"ȊQIIa4.H4#v[e<-F(*皯Ld0\Q *NSPbJce]Y.yyѪƍcJhfD gٖ 3yoin>CZpUF@t@XvjA!x#Sq/!PC T`. 5E3O6f"6/0o}>r{vHҨ)x+ރBB̠+\!G3&Bkz۩ê!曢PUAS}C?1=xF%kB[}8ELfw(boEWt󽦽f$$2 Moaz'aq\O3?Y!ʔ2ĺ۽ -D|ab||& gv?y/c"R<~> ptaW5>z2:W,ʎl.8*nx5|}ggu(U>DF{JLFxr>%ÏLM aĨ'H_PZË>C'} APp2eB,B^Y&_B11QumI"1^D6&VӔ4Ğ* ,I\)O%gc`| b*+Lҽ?=xvwȗNYGAPU{sVTZ-&UtnȼKRU 'UiNmKj8]5b1ٵN&>>GmGgy4Q>\ 1djdЃ7= S^a\~AS7mlc8N\X _EM@3-%Y76oX`'gq\bDSs;/\>ssla::휌1I*7O>>S=rژo\ R@)7eNg>9Ύn_'9CV`Uy\;).ۜ1 攂wybT2JG(ĊLugQiYr P*gF84`jH_twv}̾gىOٳXqo% #[ Z Qk#ܱ|ڑlrRc+(~/+WշzA+Qiθ'[~vqfM$~([jCinr(TDa~({fpy@DJ2ENB`zPNoȺhuSWLB1F+IZ4I>f*NSBi (Th kɪ+)a˞G`o{sq &sKbnFl\p[告Օ'п ʜ@d]|ys%Za|]<#ؤ>UW^*,o2M)-nK*kd\29Fo!_6Zҗ`1 `>>33yk]q'9$W?kxa$vnh2I)cs@L$_BRj,Ǥ9Sr;tk 0!hQW=_xm<:q7'"Ml0kILC7o 9?, !*@<N>֕*`F,k5 ؕ0WYe{N! V;Yؙ&A-˜q!MGЍ [ݔ˲焣>5֧ZV;Wc9Q&SC E2*MUD u,w*?yqƶ@*]̓CʼnDQ{uQHEU$ \M558GXM)胍)߀Pe]jjI} }~BZ7 TMzTvxpþb@FO~spObwlki\jKNA22m̱>2ؓ7{Fp`йDG aXל!Oy"l@&ucp3Dd D,1E9W`ۧwc3CyE@m`ȼW(E3ɋZܘ^>~n3{;W~7{9_C^-OOeͿ":4 x-`鎛idH}c7R)xG)̷_t[Ca3C8Bf},Z%T= T^ vm&-rRXL%pfg=No1G$9:r׻ RgW]_mZCڡ={.uw);sLFs|P K+Ēw>rU[75(k8uGdL9_:%>_\V8 ky#[vGSϹ4XuqZ*"8}DFTc795 rHL"KZVK66=&ٛ@QZC6c@#-u&mp9|rGXD ^c*FҕArq~VKy|A݃23Xlu"-#tmvF>OH/}(8LNtޙݗ9κ@8m.Gave 6M2);ᢙ`c`O')& j/AR(Kts,ב3${RX^"-"E Z+L@TxХT"f@]qAbwJvrY(oDX(&MMtJ52ۇS!} bi7fCM$tx(PzӢj{n\H]0Kt} .#x0 iw,&PO`)<Q nF>sng‰ PG/ժ"L?Բ8L|(qAL4q׍܈B1`W U#C~]x B!glGM{Uk~s[Jx29%:L`[v:F nI4͝KSq&g =};.1oA0b#AJ0Tѽ(Wo0E(׋s@rխ 6]ipVv`wFY+n{"%2X Ƃæ͂py<-352%oŋ %P$<3z~OH=Zk^yhؕ{zvN{G->иk^Ư&bli^GӇ/` ߃w!=FAg ^—?fblbǝ/n8j$e ߊ@~&4cV.KWx:7F$VS̱BR۴ Y ira0,|4=5G} k~d-/k$Diђf6v{=o&H>ȩcLqYݧ|? Dleh&mսjEuM|&1nBʰƊ5+i']ѱ"Ȍ2Ğ&8 ZOEBR<12&Jk><*zuI.5.TɄ{lV]NsdVFgYc6J;۝a*o8Sh3%{_^ԃP2BpBesr ӢkۼԗZhr&ur쨾 Rmk olgI)j9rC(rRy$&6tdV D+s|D HKl"=Ǘ^bXs?Zv̂<_]2=LOb;óջ2#BlQPk(" !D/4[NѸN6*`aU@;1.C230nYEmo(u.)zսּU1bm8v^YAH.[dR u2`튅HnGqu{LU:g'}u]#Tp&p+q`+=}@ڨtOvEG5-!Tm(wߔ-&&KLx1&օ3&vjy8x(N];HմQ1O5cOP7Kh0dz V?wilH@rj N>wJ⧌., _l> );BeDT[h\p|jfwKREemkA.v}$ 3{¦[h (ҙjj~TqDs8/#SsǕ'y9 !`P4NHVo A {?yn WQaNOv>/tpD޺fȄctut&~"S'x`P Ģ@ 5^|oZP- *Pz ٽf LJ5 gNzUr]c衷sVoe`>:Z[301ꮲu9upg 2}, f:2̉x]vgvZ%X{ ƺ D@9{ ʍk>?jTsqa"i z} K/+~ ]KtHl 1VxtEGʑ+5Ʌr!G-Ì%{:q1`yk+{xފb8$u0ϖVĘ|?&dS$d(7&Z$6Ib歐Gsd~ Ld8t#cD˳zy0dOg,5A -c$J҇ͅdc0Ox=V8@m3^ӟh}h]Mw`sq'n.OV̻EYQʎx^Q|i[N,ZjCRE|JaӛIAUym' f:'zr Z[X.^y7JRy%*\EeX58?[5dC໕dG5)'7D[5Iӹ$޷>Mz pEMa{"q"2 ɛ*6VZ+e[o'R5-콼:B.트hxI%$o4.R!=qp?ID#=M==cks%jeX* X,`RO\ԏUoyvPȂ:M,G N,}>j5g?ءXcp8OWL)v+:^eq^㚼r8&]Y'vs?-a2kY8A( &t̖ ~zY/LY;Kh@8N :e/[hx `3/#@%E?~m& Ǵl'L+{RuYf<J[QWT½K16Oy N6~Mc70$孵jjwo"CJ|g؛mmz}/|COvH \cWto0ZU3}0p6zO{klI6r@j()!`g9jlHcyF>Nљ*!MG`NB hD..OJZ^!)G_Wibb-#F;Bp9,r%+- x]$Au1˱x8,3ZTUl!a-p;OBioN\^@EUKڟP8Jc% i|ޏGoue#N.ςFqKIT&8!Z +ǖdFS(f=`\IxeWWB`XQb`yd"L]契ণY2ɖP]h([y&{-`/[sfĉ:GL#W`:NYeМO!5Y}綩y_' -w}I[Q )^:S_xpii0q[ACS|0g^q iV%(: AUId@ğ']-V=L!S+t"D-Tާ**L$Cv{ڠެ/yX ڝ{Y첕r]ۋXL`̄`>A )C 9Y2m:FdAܷT9>+fʠօahY4 ؒre{9Tz,`)ᯐ꽬5/B26K+` SPF( "ꇍыBSvg))PTKS47+hm 2sx<-޳FOe8wQi!xՅ /)~v?̿OۂSzh|x8^++幢f9AG1T#wH>\ G Pb:W*j |Tw(E9ca`%7_Pfɝ,.TG~L4WsCq!y `sC?=7Yf)w OBcQ wHP&+QbeKPGtO@lLJmGq>ł w&m?/6| r>(G%A Т U7PrOVi.X,Z*{A*f17]gwڅxHS$%/Zix^8])ȡ0aTY_d2iJNa]r- P7Sl,f(hzF`~!PtEZEYcEM z񊁂ƃ1eFl7ŶMQDSh0%OrM =H_}ERLxZU\z:ȝ4sJRy' pD|bܻ.*pdwa$&y Mmz)gskA- yqtyRDf>W ]qN} A}Nm+5MaJ 6SI S:z>1@8}UL\CͥᖰQ**:d\:,.Q+9&iĩjWk^$b&qpkn_F9} Q͍Ź0&W-X Dz!)Iy4}%;#HXU$!UU+::Van_S@Y^|:CL{JuO~TP֭ɀz\­E}a[A61g?r*̳Ď·O~_ݦ}ψ\sj(U&L ΂@\ĈX` }ZQxYSUWu9E+,u fa,`WR=aMoóݖ&;n"q73{?dL2 YIQ=)Ok1D]@~cyX,xO6}[GiGOb;fXleC;K,el回Q5j_FMw5P:0r!f у_<DOO.uh/\yt%Btx=Y;tjxwNnLG[ӳz9=5lEh=Py~ i쟩v#شNyd[ Vba vK?&%G mѱ7j嫿hG;RyhE9yS`q70b?>'{}T%KQёzp@ùqY:{"$gv7{%sPcMh Ɣ7A+RatI$iiڦK>Coe\ׄzOpݩ\hL%"8-ox"Z]ֶߧ/F$䕁[^!z@Ͼw03\y$pqn~г5S7`z""uf;|,Gnc鈗2@:Oop^OiæP,=X3ԣ:(Wf3,_yLEܵU_US<؀SQ!oEoMEPygP6yoK&-#[ưsCRfN.# VMcJ:<ޅl]~i"0֑p '{u:lRe\r-x@1Îz"HCUPkS9RmDϟr+(A;x)S ކ M<*, % ibyz<.@.0(0lNZ'/;ܼJ5k#<}ò,OcHEt FHkCO#ۥn !S 0EVH^vRV@N|RJ0u%q!X+ ozXxGn϶v3=I감cz 5O>o] p- a_Xټ+aX!3bTB҆ }4ds QY9/6 t$>HblC1aJ7?FՔ?rH95*w&~c//I-VmMUJK2E=l[f*8q$je/75rA^o&#$u=֨;uid|g圞X4Za Nլ͡M,.h@ ΂kQ5ǜӆy`.>44wEޗx"måDu&Чu 4ci+晸; imw?|.Fkpi&dyVyae.o_NԷܙ>ME3脅fx+a/b0Nq&|dPq*kq8&;/ Jdz>R OJS!hl)&i0A233ccmkt?>a2]'$ R|X'ۼ͒Nc%C@}tJǡ#ˠlE>fդe$Vk(H qf.T@+*F2'&sܝYߥ@dz _|޶iI~*74} K˗4;34\H遤 (=t8V }jF,)2z3o*/x4VMS8ED]nFtXpom 4wֲ+ݫbHgyGs:>ihU]kn9됭&B PdUsJXg KDP#ܱV?3QkϮ" mpfH@ \i=Z27u&L1BGTiX'eY*P,&L,rZLhrW*4|9A1/)e:+0[VO"cy/F0|㝀HGlZpNd@>J ’Up|˟^ <>x QimcCL&IOǢ2*fOF`3$؊ϵzșD= Vq04R|^gWR!/K]d;_>KL{\TŒi5%AwEX %&R#{ɸ?p(@/ F{A5a;?&Y@M,iw5D+:kc7KI0jR_3.>ܧ½`%u(/upcyp:jOz{9NnêYu3iPQD Us@Y#)Qizͯ`ա~#Z^׃5]ߧ; krV1ttH.G[p(R :EbvCF)~#`@-Ȥf]'˯͌g`XlkEanΣquHSѾ-k7P.UW>6-2G]*A}ŷĶp",ZYNkCwVrp?x'[Z\U~.GƶUؕj~*~h>2Źf4 W8훽"a"5MNr OqQ2H8J+W(*'hfaTZ 4%t쨓Fcy6 o^jϏu!f!(liš7ǢgQE7|D˨e6 mutn~[k%}\-0Kqæݐe]ggCHIF/~nN~{i0Zo/̎ԥG2 0|DPQG瀤Y†]f@v&VްmSV2FdN !pLgZd@1yŢuxDf9u=CI6}fXI'Z ;knj#̲Hh D)$Ƴ>7몱ߪV\63rFOH+ POH Apt)_:=^$LۣMhA8V+Orm&gnB-F{lK&ng"?؍IKG~iTkn.gشi 8h[f[꧈Om{+&מӋDMSbbcC 9lpT#J2^*f =d=^20֯&}#{9 z{=Z nq ˝i)¼@EfH~iy :UuQQK%W]8N_FbYjR du@v1"5y[p>;tE@蜆ti*&%İ/&<'Cy'T]0DJ 4NR ro&8ܲ&nkG< wQQ렏"DY %ju5m?]U_.@ma#&(zz\$3cU^hJD"aςJCG+Z?[ۜ&)||5?pG*$*-E?U9/]N:s|[ _Iu&z팇H7d#m,?7gkjp;ǭdY&?s|*9:hOg>ev}4ԤuVu\mԘvE  N'hoZ~bb5guu%ܦ9mW O0 9N]>"cӽkD5nj=E2RTzV@XO)ʑ&(I&~Ôp$1n -Oyw5\Ip;:M32.ٛOb:9ćN'\,eA+$ڇQH+Ϡd*귴q)$s>.[kO̗ 55-y-!BaNRNDУf*ShDvkUA~AԨĉ9ݖ7WO880* W0zpn!IJFFP?34$@y!dC7/jBuX7C_{ =Kfm 'aJ\zgg]n lA^&",Bqu=-]bGV5$_f䈛gdy5cwxFJ^OFc{RuR0:"U.JN<ΖW"̌AС>- WW0FU_Ü~A]OcDlzkGr WZ-zQ;!O$ {wwe%Q{=t#&|VĎKH#)WcG {"/Ǿ4jFv=Ī%W볚>\vd ~Na*L4E*J ]'7TCSwJ XˆֿNS ?rv|TV)0G8_YFjY m0c{O{ɭH%[HF5y`EgɠGkMA$ϑ*Ģ=`6Y .8f[۠ycWpkܞ*P<f!W=gM&BX%K2L 7=/4| k'-AffÔ 0l% uz}qHܨ[jm1+󿬕4eV--_Ӟ:vɹWQ,ۥ Ӕܔb幞#YB'@.nxC +?d^@ [YՈ! )$*)G|>4!;3t΍# pN&{ 1`Q-i,}Ei-'ؼ҃{\3! w2oR3TD[k,{rIr\4ԋimN oAgxFlTĨN\։X2Щ,Y??&UַicV}I)K K3Zfd7|HWQ`:dunaN"~IMz,pS!EH~wCT$uYAg m62d'xj*IN=0k5!o%=WXoX ͩPBW֤%C?nI=-2j#8 ]ch%tWʨ+lR ѰP'J)bC|_y\Xgefƈ"}6⇊j(3qle#qZa(EJ!$] F"J $]Pd]oEF_85")[UoD1\ʛFtdőnHeT)0mL:0{l4mUŪyuG%D =B_~m3#ό!S"؁,pC={ Wbѫ%s95lO D~ Pc!j'wpD{OxPaf( 񛝧8蛲QR>>E9du,!BҐYS<;D?At'WûO)-kdA}uQe^/Vu2NZz Hԕ$^^ ,!T߰)|lfк,`S v=%́FL*]4?aZO5b+ ~#7&%'a4ؿ5D Qޗd|:/7"Y׈JTԔzRaXb4oV>/鈏YQ6%I/ý4ẉuDv8CQfj "@' W\^l|L050Ãl&Tp#M!61I Ư(P65i_fhzXw4B$K,cav#/޳ej`%Ә{%:MwqњngB?~ 3" (+gv-6IzrmCp@۫ی ̵b3Zޤ_O[HER,mTPno^^vΫAs$a^U8/@ǔ<:L`7IARܔVja5f5[5b񔚣愼|uRS&VcʍFݐB<˪ۗ+bmJ8yU{l9+m1Em=Hohhy(m"h@\t..,C)c{kDKCT9ŻRB&90,m.P1Gؓ~M)EjZ*!2ibW\<{k8NȬDK<@|xؤSd Ϋݷu7,u~^la% ,sXs$&Xp +$[SGhI S32?t(Qt=Dd̤JVJC[UY+rv_'u:pI$<&1  T%0WpaނQ|+vS HVI,~#Œ9rMs3E|(Ada] :l@G%l>6+=Uqyy:oZr (ݝg4co Fd$Z*3#n=l_"1$e|a>PCxYohv;\GK[&)H{7$$F-X _}"C]nMK_ڱA{HbnX\?LJetp_š(JN{JiF?te-_r:VΤ_MphfSUT, m!es582"#fc&#5tl+N(h}:hB4L ϵ'n]] ?,EpHOlUkjҡe? 1򮄞RX~zl0jw"nJ:G^I/J%TZVU䚬@i_ :I/}om&fM%? +pHvi4hB{[xe57%"0_lx1Ǟ5>*)T$R#xpq.Fݨ@Auz>5a}F˛DtԦWiHi*JjdTT%f z52g|iNU}Mnӹ ln`JGuwz_) fP&*?y6g%#ïC|8Z Qn:a7p2[wDNHLJ.&06!Y Sce ԥK]z *f,|x-Jp-Cfp{/ʊ_ٜ`b!/1 `FY9/XdˀS>pܒ(R qF=iDg1EY.dGZMq. pG#)uӿWH9Ҝj/V8~i|D:R:$ A+HA0JX#dtn_8ICgnTY%m}DEl3y:R kSUЩY7ifS+!/2dQfMU]eqRUn҉QU7=" h2FJn#ܟ7=@#[5VBSQ4&IBclf[# )ĉ Zg_&, ; v B/ٜAUjc4( }+l=x|<ߦ{~ͷM2 :5*CjKBkM2ǵ>X4R@$z_zFM`Ia'dW"!exp`F=-!YNIw1Mh"EN7Χr8;h}p >J Pn>鉦4Zj&yV`rޭO4e;V["VQ?' */a3:Lmwռ0y8cڕ_]mT}ݝ?ED!@1302q1|9F0i"9Z]|K] 4Wy)uhj~e6Di̕gIW[a"G!v3's<֙qa u7s0f$yBنE+ukݕD9JpuM6OXK(ewe.s*7>1UINdξ)2ȩhû6sPxTFpu(Uy[_Kh971gsA"u- -->58\܂[}^:t|Aa6}.HA9QqպԮ9k~z%a\_4eQ:7KEmil:0/sGnIm&3$*d\WYxSB̹')w|A, Ƙ!6e9;e,*9Q23V.AgzW1 sf0 =9+⧪hᬀuiϰ ?84@VH@7!+ೂ>T2L҂eLƟuL$nq(Ŵ p]V@tcQf(OW [xD40BrQt/EG2J5!۔~vW*:hSx&‘XrPOdؙřfBVo ZMl;>܈*zj38t5SeoZ 9Vo[1%g4BpwYqDW6;Sv! fm) ^ lK'zuyO 2A4G=N;3F? x}@z:? ¢ަmh-]pߙ "ii= m!NTʾO`;rdX`?;Od<ûy>vE9x  1%d៮dR:]QPtPFj :g'gpRl͈:qV?c#7 ~a &Q%%@یyڳm"(PM{CXD~+ n3Ԧ]c-gIgGҽMpNe?*'!t :;1g$BZA[FqPX̠ם JQ`=#/݇ 2Axj6Av>w<^뿼/o "5GwVQA!_ʍOdu)naL#Zeφ0 (D6rjp]` uw% ([`La݂a[P@E5H03 |DhA$Թ`'=%}wĂJԀ-=%_Gtp.̉I;Q 4X:O& `eDǾnyV)sETPq'}̖}VkW끸J]+:g™ H늪}xlz]2yә {e𛔤6S)nỡ]|eÅ8~z'%:<Î"<* mfGHݓB5nWy3FWTo8/>3 T3 mt5ۛx<]ܜfC(xJa:WDm{A:,_.no++h;"Y07|冂L_u8烼ݫZ$9oޠ"P@\arLˎќْ+9d"# )a'y6U!ԟ] ƇyU/7]Ri2fJ i^C5 F&_JwHm""Wgh5Df~by7+FYo&԰7>hҖY\p"ɃYW4I$Uw̽j}΍]v5o.+8g{ TE:4=B],J@]1sa/2QEX?mIdpMq#pdld$ENP~o |S+Q`a _ gJ}nՏYN;FPuլ@ ;a@qX!̓X}T1eT$av,=SMu]_#\5rp꓊?b;u]2䲥āq sET;mJt9ǚ3HP$+]yp3ԗ]NJ)65UQl^-U(S(k /6  sre wjftc0薠m71EU1S($[E Y-X1:Dve>ƔPeܹ元c- ;5OQpq \'A46b8SKb: vZF6z]y> 1(LrPڮ;ULˆ3` MN#*i9R}hRuR,+>2U%Nynf&J)WAMDQQO+LW|0ţ"naI:JI_џQg#M>{;YZ3 u~*U{kMUvVJ̬eזɾ xQ'/Ì`¼A=p622HI_n+R#u_ pݻ^Q)<@LȮL g;}9|Mh\\hv *5Ah
;F~atԔum)Yr Qԙ77iCl,Y?Nx%(|JUJTtA[6AY;?5D:WVe`WA:9(0袿yAMEO$zm{̷y/V~۾YσYQk(*rŊN*4V` =@}ֽ-C6bXI I~yuY rj`#}C|.*qzY rso|ciCT2IkH'­B"3H|+!w-9&ipz[ u)Iȋ;7HvvM &nUtk]>I tLE>=R.'qfO Q:T~h%X?]_peJMQЉv#$}3! GbD/CF@ړi IaKUP3W7U q<N(X>ub;`_7af8eRw2p5bȞoa7|mv"UҿVĚ%$6edćUv&C&yO=yHSmIGG8V /oˑϥevvnwܝ~ ^$4 K w ˯BV4%[3^ס}4v1MѽXfY>MJu*# cM'@y|٦)~{\IӪmJ8Ff\{V x*YK8_¾"}}ؓA)xe+NJyDQhCX=`܉wU[BZ|OAز} )iԊ!W4~zM:U ×ww ՕAr4c57XR𷵡=pԣ4VMzIXT%gFϪ+LY8y_xkK$6K~Tmf7歞wT-Ft%=Znx}~rHdu&eY~hڨg]\y|!LI^c$I?o-jkvX$O>SZ<9{HoU!4(敦9>ی%xL[6͸jpquqB~_v;M& d3-۶}ofhr~]0DTFñh ecW%bGΖtdIE vڠ"d溵i5 >Z 28(]R>:}.kֈgju#ʷO?<>OŶ_|a),PlW]S~y>tsi4PkRg=zڵ=PkQUDN@SDuŠcʅM˴.rq̉ Ze#M ,jv+aޏ(3vglDBxY8̪,-w[ DxVɸ+5B*)zqÚbӾrs2o\{dt[ S؂_ WljDgtQ_=щ&&]a! #9[} Q"nKMfvŬu 0,W%V%΄ʧlcq!wqѺZw`2˃pHMoe$N޵"7=d{8[_zf1RDx59|0{~iсmPUC1s*)?l=Ф,͌# ~ I\DQOfChSw'>Ibے R}\]:B ]Qb:a.3֭ќ3t | gG/W[gl]'v%gM U1ocD 28dY^kYT @aP6C7<4Ͼ B¢ȵ ;\iяB|9jkz5Z_Q7fhŅv>N' @!^q?ġ-̘\ۻԚ" M@*Jq[|ܠƉB۱gWغGC}F F;W\l< .KJs$2]1BH|ݢo:+DJ8ꡤ~d&KI4J;ѢL sV]Tl3ȁϻ7gNn ^]M9Ym¥&xQۨ6Om0k:4/N7k3>w.C^aƛi/u($ Zݸ\/mozxȃJs&{26sk...E|>ɨ?\" _3-|࢟ZپFzDcrRS8-FXeM40sgjg5j/GtCC}c`٠@e'3q /̑G߉u$1 `PLu<xW/"n6g2WFzL ƆX&m`9*0![ZV;ܛ&' ̿vU̟!3xB Zճ K{?k9x.54GNb9jng4VISY >gS>w:B(M~tl4㗇9uDj-.a+vAi[\Bd--*Bo6Y]D)pֻZ)_+Ґ`X\;%,}lu0X "k`)s rjp$LWdIh/ r߲)Q8~M%}lJgFF$r pA0dP!T?}o<<]/PtC$&.< !ٝ,DfO,H%JSACW 彬slUn^M r?KR3#BzW\5%]겎N/g݌6/_}E΅!Rj?G89)+ZGCi1 (6 'Cj3I8c?nN'Wc+8ߕN4ߥqse,La<8&גm=&YocavΘ'P3/;dMN \?*:]OpF*Bf?OG-e+*/{EnS ]Wz2(JLr-Sgt앍9~{ g{vm'8 ( 캉W^GV_vYQyAR@ޗkyc};G Jye0.-BJ{`y'Q;P>XOΔ2SӦh*Ɏȫ\0iF@2JΪr%s6ea1G_A{_ݸE/?mP>} w$krgڧlDq]7n]ls;!AwP&VZKgEE'eMnĜg3w>䟜jZW StB1)izmdOyix4K!`i:z[kB"A't=jȝ>}l]dC~PV z{P&D# S円>-7J aW;:eEHv;f_DAJ#⭡|qc|bfTzhzmgI^F(6quQ9Ӷ jfWK+>5sshNXf-f Raz>OW6 $`fKPEF `h6 1Yqt鳎'oN)g[ksE:T'Ao03".@W߱8P#[젍U2IPF2 T`|"(߅qJb"yKxQm{jR†<[utݢc7́(M}8@-r_Ѓ O\)]3,s]{³vXY&mݳ=6mE{ݏn=(J6"y?0הƽAd0 YZ