trousers-0.3.14-lp151.4.7.1<>,oԉ^\O/=„Eu=<"# w谜,_"XOjjQcdۀNLQsY4cV+\qxE9S<RQQ*;mP\ AIL\H5X?5Hd   T - F\} $ P |  j M8d(8 90 : =)>)!?))@)1F)9G)PH)I*X*Y*$\*`]*^+ b,c-Wd-e-f-l-u.v.\w/x0(y0z0044455DCtrousers0.3.14lp151.4.7.1TSS (TCG Software Stack) access daemon for a TPM chipThe trousers package provides a TSS implementation through the help of a user-space daemon, the tcsd, and a library Trousers aims to be compliant to the 1.1b and 1.2 TSS specifications as available from the Trusted Computing website http://www.trustedcomputinggroup.org/. The package needs the /dev/tpm device file to be present on your system. It is a character device file major 10 minor 224, 0600 tss:tss.^\Ocloud113=openSUSE Leap 15.1openSUSEBSD-3-Clausehttp://bugs.opensuse.orgProductivity/Securityhttp://trousers.sourceforge.net/linuxi586/usr/bin/getent group tss >/dev/null || /usr/sbin/groupadd -g 98 tss || : /usr/bin/getent passwd tss >/dev/null || \ /usr/sbin/useradd -u 98 -o -g tss -s /bin/false -c "TSS daemon" \ -d /var/lib/tpm tss || : test -n "$FIRST_ARG" || FIRST_ARG="$1" # disable migration if initial install under systemd [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$FIRST_ARG" -eq 1 ]; then for service in tcsd.service ; do sysv_service="${service%.*}" touch "/var/lib/systemd/migrated/$sysv_service" || : done else for service in tcsd.service ; do # The tag file might have been left by a preceding # update (see 1059627) rm -f "/run/rpm-trousers-update-$service-new-in-upgrade" if [ ! -e "/usr/lib/systemd/system/$service" ]; then touch "/run/rpm-trousers-update-$service-new-in-upgrade" fi done for service in tcsd.service ; do sysv_service="${service%.*}" if [ -e /var/lib/systemd/migrated/$sysv_service ]; then continue fi if [ ! -x /usr/sbin/systemd-sysv-convert ]; then continue fi /usr/sbin/systemd-sysv-convert --save $sysv_service || : done fi test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$YAST_IS_RUNNING" != "instsys" -a -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi if [ "$FIRST_ARG" -eq 1 ]; then if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl preset tcsd.service || : fi elif [ "$FIRST_ARG" -gt 1 ]; then for service in tcsd.service ; do if [ ! -e "/run/rpm-trousers-update-$service-new-in-upgrade" ]; then continue fi rm -f "/run/rpm-trousers-update-$service-new-in-upgrade" if [ ! -x /usr/bin/systemctl ]; then continue fi /usr/bin/systemctl preset "$service" || : done for service in tcsd.service ; do sysv_service=${service%.*} if [ -e /var/lib/systemd/migrated/$sysv_service ]; then continue fi if [ ! -x /usr/sbin/systemd-sysv-convert ]; then continue fi /usr/sbin/systemd-sysv-convert --apply $sysv_service || : touch /var/lib/systemd/migrated/$sysv_service || : done fi /usr/bin/udevadm trigger -s tpm || : # bsc#1164472: adjust potential root ownership to allow tcsd to open the file # as unprivileged user. Be careful not to follow a symlink target. system_data=/var/lib/tpm/system.data if [ -e "${system_data}" ]; then chown --no-dereference tss:tss /var/lib/tpm/system.data fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -eq 0 -a -x /usr/bin/systemctl ]; then # Package removal, not upgrade /usr/bin/systemctl --no-reload disable tcsd.service || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_STOP_ON_REMOVAL" && . /etc/sysconfig/services test "$DISABLE_STOP_ON_REMOVAL" = yes -o \ "$DISABLE_STOP_ON_REMOVAL" = 1 && exit 0 /usr/bin/systemctl stop tcsd.service ) || : fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -ge 1 ]; then # Package upgrade, not uninstall if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_RESTART_ON_UPDATE" && . /etc/sysconfig/services test "$DISABLE_RESTART_ON_UPDATE" = yes -o \ "$DISABLE_RESTART_ON_UPDATE" = 1 && exit 0 /usr/bin/systemctl try-restart tcsd.service ) || : fi else # package uninstall for service in tcsd.service ; do sysv_service="${service%.*}" rm -f "/var/lib/systemd/migrated/$sysv_service" || : done if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi fi.݌W"#]~^^A큤A큤A^\H^\H^\H^\J^\H^\KX<X<S4S4S4S4X<S4S4S4^\H^\H^\HS4S4^\Heb009b7d1132ac33411e8f838c7e272606c8dd1d8944bc8b82ee28f9114e82fcc56f762ff401646eae0b25769c79234e22cabea3e3b4f4c7bc581a23787b36f44b635e9ae00264cd370fc62921814265679e2a15fa6d6ebbd468e40f00af48f4a6b578ad2902969079db0cf751ef5c4a582f8c600f992ebfeefa218b820d9b18044545f25f9cee244dbe733e6209e3dca1ed294a34558faca16a6a0205e72f00147cdd6c7565a7684abab41d23ad7e5867a5e8a2f9f28b3f20c1c5ee1a41ead41ad596d12e7471549663c03e280b5b5d084a2e853fb86e4d766109818f9d7dae4a6bf595610b97b05728f4615d54faf290fac3f8bef836a5d919de070f3cecc4842cff0de213dbcbe03bdcc03c3dcfaa48e03bf45eea9d18e970cef4411f4458686e9d62dea2df5433d4a435602c3e0522b3bb68a2e75c39c80552d6bdddd948e10fd3096b3fca327b01803d91959817028371fe8d9e1970256bc56aeb1bdc1138547b7d669844a1d7d5b9075872b6f5117996c0a21d78e383e79ce7eaedb8c07ef598700d70a9cd14ba28950c7b048cf21ec2ac2297013e5789830b58ffe8baf09355ad0bc2e91d802c18654c2b9219ac1a26cab805879a784eb8a030e02c437cef9d8224b158378505c02b77fcdaa05a2f9ecc1552e95ad6d71b5ea96b690219a3b32565147e2a9d085f67d3c83fd4b93dad037fb966cb0cc5499d8fa6a568d7c26f86aeb0e601cd2358475047161b619bb46872f84569448031f3649619e35e3194d734c81d99d6cb679ed5c24ac97652b068ff12eed215e1ce382a4fb7dcservicerootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootroottsstssrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootroottsstrousers-0.3.14-lp151.4.7.1.src.rpmconfig(trousers)trouserstrousers(x86-32) @@@@@@@@@@@@@@@    /bin/sh/bin/sh/bin/sh/bin/sh/bin/shconfig(trousers)libc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.15)libc.so.6(GLIBC_2.3)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.4)libc.so.6(GLIBC_2.7)libcrypto.so.1.1libcrypto.so.1.1(OPENSSL_1_1_0)libpthread.so.0libpthread.so.0(GLIBC_2.0)libpthread.so.0(GLIBC_2.1)libpthread.so.0(GLIBC_2.3.2)pwdutilsrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)0.3.14-lp151.4.7.13.0.4-14.6.0-14.0-15.2-14.14.1^˳@][GXh@W,@U@U/@SS)R&Matthias Gerstner matthias.gerstner@suse.commatthias.gerstner@suse.commailaender@opensuse.orgjengelh@inai.decrrodriguez@opensuse.orgmpluskal@suse.commeissner@suse.commeissner@suse.commeissner@suse.com- fix a potential tss user to root privilege escalation when running tcsd (bsc#1164472). To do this run tcsd as the 'tss' user right away to prevent badly designed privilege drop and initialization code to run. - add bsc1164472.patch: additionally harden operation of tcsd when running as root. No longer follow symlinks in /var/lib/tpm. Drop gid to tss main group. require /etc/tcsd.conf to be owned by root:tss mode 0640.- Fix a local symlink attack problem with the %posttrans scriptlet (bsc#1157651, CVE-2019-18898). A rogue tss user could have used this attack to gain ownership of arbitrary files in the system during installation/update of the trousers package.- fix wrong installation of system.data.{auth,noauth} into /var/lib/tpm. These files are only sample files that *can* be used to fake that ownership was already taken by trousers, when other TPM stacks did that already. These files should not be there by default. Therefore install them into /usr/share/trousers instead, to allow the user to use them at his own discretion (fixes bsc#1111381). - implement a backup and restore logic for /var/lib/tpm/system.data.* to prevent removal of validly stored trousers state during update.- Update to version 0.3.14 (see ChangeLog) (FATE#321450)- Check for user/group existence before attempting to add them, and remove error suppression from these calls. - Avoid runtime dependency on systemd, the macros can all deal with its absence.- Force GNU inline semantics, fixes build with GCC5- Cleanup spec-file with spec-cleaner - Update prerequires - Use systemd unit file * replace tcsd.init with tcsd.service- updated to trousers 0.3.13 (bnc#881095 LTC#111124) - Changed exported functions which had a name too common, to avoid collision - Assessed daemon security using manual techniques and coverity - Fixed major security bugs and memory leaks - Added debug support to run tcsd with a different user/group - Daemon now properly closes sockets before shutting down * TROUSERS_0_3_12 - Added new network code for RPC, which supports IPv6 - Users of client applications can configure the hostname of the tcsd server they want to connect through the TSS_TCSD_HOSTNAME env var (only works if application didn't set a hostname in the context) - Added disable_ipv4 and disable_ipv6 config options for server - removed trousers-wrap_large_key_overflow.patch: upstream - removed trousers-0.3.11.2.diff: solved upstream now- trousers-wrap_large_key_overflow.patch: Do not wrap keys larger than 2048 bit, as the space on the TPM is limited to that amount. (bnc#868933)- Updated to trousers 0.3.11.2 - license changed to BSD-3-Clause - various bug and manpage fixes - trousers-0.3.10.diff renamed and rebased to trousers-0.3.11.2.diff/bin/sh/bin/sh/bin/sh/bin/shcloud113 1590516815 0.3.14-lp151.4.7.10.3.14-lp151.4.7.10.3.14-lp151.4.7.1 tcsd.conftcsd.service91-trousers.rulesrctcsdtcsdtrousersAUTHORSChangeLogLICENSELTC-TSS_LLD_08_r2.pdfLTC-TSS_LLD_08_r2.sxwNICETOHAVESREADMEREADME.selinuxTODOTSS_programming_SNAFUs.txttcsd.conf.5.gztcsd.8.gztrouserssystem.data.authsystem.data.noauthtpm/etc//usr/lib/systemd/system//usr/lib/udev/rules.d//usr/sbin//usr/share/doc/packages//usr/share/doc/packages/trousers//usr/share/man/man5//usr/share/man/man8//usr/share//usr/share/trousers//var/lib/-fomit-frame-pointer -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:12745/openSUSE_Leap_15.1_Update/fb94ca4801ea98fa0f7c90ff96835d65-trousers.openSUSE_Leap_15.1_Updatedrpmxz5i586-suse-linuxASCII textELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib, BuildID[sha1]=89d8dcbd1c19a7b93d912942eef4353c6660882a, for GNU/Linux 3.2.0, strippeddirectoryASCII text, with no line terminators (OpenOffice.org 1.x Writer document)troff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)RR R RR R R RRRRRRRR_MU?b# this scriplet and the counterpart in %posttrans work around a packaging bug # that was present in all trousers packages since around 2008 until 2018. # /var/lib/tpm/system.data.* was wrongly packaged as runtime state data # instead of package resource data in /usr/share. After removal of these files # from packaging, during updating they will be deleted. Since users could have # created their own versions of the files already (by taking ownership of a # TPM) we want to keep those files in place. # # to achieve this we use the ownership of /var/lib/tpm as an indicator. # Versions that still wrongly package those files also had the ownership of # the directory wrong. Therefore if the directory is not owned by the tss user # we apply a backup and restore logic. [ ! -d "/var/lib/tpm" ] && exit 0 OWNER=`/usr/bin/stat -c "%U" "/var/lib/tpm"` [ "$OWNER" = "tss" ] && exit 0 for data in system.data.auth system.data.noauth; do file="/var/lib/tpm/${data}" [ ! -e "$file" ] && continue cp -p $file ${file}.rpmsave echo "saving backup of $file" done/bin/shutf-831367f3969773b5234fc56c0fcaf2cb5d629c4099e7dce9af0524436791ef7c8?7zXZ !t/`5]"k%r60c>ͱ8e-Zy,G'p!C9NgC/TphYt{/ *2%GB@ ,5rz6^&*KNsM8]?`] reJy )~ߘ=ybfIA$5b@p\ӫ"D-ɬggM9(v ־PЛ^R`/l,څy>Yunfkۆuknp {'y)̓ LMSQyNƎ-D"8'VT-/}AW 0N] ~E@xt}ȿP_ [,[fnya=Pߑ`\ϭLٴ:`~6brfп d2ujLpA3qtc`#,&sT/# ;gVjCJde%%N [)\uxۑ}c㊤&n'6\2:7;<"o=`39)ό:Zbuf/_la5S 73DQN/U qW۟ꨜ>#5Vs,YE0c]ޝ[=ۺ΃*I4x>V|K+_Mȉk% +IaCrd()֟D ɭ$ca|\ed]vS̭"HLrk5RC/~da^X'ND SFb [A!@ v4ȫ;$vOvCPb9#|gFRGy'gd~@awj&BrdlpC:m8776[% <x5CLX-.u6b 8x}q$$ӰqTڠy? AʼnG$,Vȃi^! %j%Sj>p+W03 uM i\\ Ee,#mF彯+R0bbjH%n[(Cwtsi=Ȑgf?1k:-1Y:«1mlN\hO>Jl4+iRpULDǜX>Oz~RYP'?|z8>VЍhi6 ~%q3K<~D3=!U_ hQ ŸK!+ +[ndu척^quƍ<`V#s\k.&Meߑ9h;9)b,RR(pLeM:rL5özmXJ&:U,M)|:)p,8,B0'hbY'b+rAk|l'rFIkMIFOχ }Qq:cә9JGdжdNqΣdIݟʘE]mqϜA&,O9>O0bAv疸d/V%JȥB'zWl`j vt9v5BJNIཀྵ[R׆N3}bٍjvKU2oJX܏1]$5V'w[ Py$A'NS~*ƽWfaF9 a*SK%is:U;wQţÚ3'BM!oLqh .MtIg}p Ђ`#Hiw KeЖjMMΉ-񗓺FΤb]\ Ԙ-w#t}C8;&SMDߘDi?G[DBXʀ#0H,zǜ(1+˴6e#]{^vbWš"VLI)|d#e$MOHeuu͹)renZR5Vvu灶%ϥn6|̌[#p< &CRܥ TC[-OAi"#$G0uc M(u&?N==y <@mߝ/Ms)tQrxma1ԳPqïkt D`\'Z|b7ؖ5RL~w>MVq,WJ> |3#!ԵӭYB!i p(? FNbDq^?ײIfY=D7@I m*d!I' Ftx'.Ӈ;(|ȇ?/-7'm #)(/ʕ¿CB: F֘&_u_Dlg`z_8Xvj[vz![!לTwmZ# e˽|׻={|D#AIS=fЗxܽw IB,$WG{NgI 9b8QCM`a"*!lDqgmڻpw=P5 B 1 tZ&l b n{^ic97*Op JFeDXF%b\qX Ѻ_ݿ&LNQN89X/AQ)c%,zxWƀMt*&F7!Tls7')TwzyXn6Ӿef$BY/ ., @?k-0K=_W3؛"/(xb>؜:z0n+o`trF[3 >Og}AqU0NL3M}$em] 4ֻyi(sٚ1 ̾,9ixaR-0 a6WT XXl R vpԬ;\cFdl2b.G3.I+p v~R:}I. Gܭ7S]VD]՚e'QĚU]ZU,֭>H)<XpK7K+5DNDe.ȿkv:l| 4s4 X:HMwψXC왮=a(%h7J"]GYpum>K)$e3 @䛍U M`i*efmtC3eJ0QriJSZ# jvGPO*hyEN)N߮)_԰Pa+N5WKQkwcKيC.* >jG`;GB;K!ͳ-33f4 u]ut.LD7MhRPfL &d } Pà̰DJ^q3-A”N3)MyVRT@N;KQ do˜b6]i.NO  %F"}gfL`o$>hItAz:i'7kᜣ?̠OJuħxW4h "U)ӒΡ DqMڬC*sB~x> >t1ڷPovP9]OȔ\#G=/E;A.Mw#@S%陀6+i"xC0 fAmg`Yo#|9++dCȓ:y0$z$oY:B`Q!xv;9?M /׶ DcZ\V I>w8HI~X :SHQ9-R?.aׂӇ `\Wsk}ʭY`Kvpz e{k,w@Ȃ}D~9 .3"oh~IF!jOMd-OCH#_&kL2O e=]!;K Kl5 my=0<t542ݶA8<>L6vvwS?%Z ϫ!KdAH/4 1;wgi,m;=GUoIɷL`6/u:!e™Eټ; E)cȓ qbNPq{$36^Ǎ>pb1}W]NlMX>CAlo4}d]څn;g_Y ï ơ,yoP;Z&#Z?m}ީ>VIU S1trzZDy:_"q5hZ@4#Q8>>@CrRۀD;"yUp$"ɘ"Kɧh}8"wpY`9jءLf֧ҏKuԪG.@bg幥`"g-ޚI8Փݏi$6MIwĮ91Hʞ$$ jW{6m %wPcU,cA-z9$Bh'm= `?3z潖ě4iwmI=B|B~VàX~,9,y\+yPZ*\w{l*aKFaB_-TyB=w]x/WOǫ.@}[yQ/JS*-z7Bd8PTĚ L*ЇUSut)4K_pvzkJ'o`k(ą]~~!p*Ji}t@̠Кxe8D0>H¡.Wl0#x/L}|| e~F<`JlVT4@־pOU˪n$d$({mQMj|8Sυ6z[3n\#U;#gmk78;xSIء |<%&a<\KlV@Gn3\M̈́05v{Z[ѕA^10=aQ"c:KuQ,J7uj?(K}קRi1;EDҨՆ 5~ZTC6]LK zss^=}<e}Qn3DȑamJX}{xH`,w. Ә[O"'d머 * $6lFP: ZRl3C$=J\a:{2#:HXU{I ex% 7fL1|7#ž?^V~VyÂ7|ӡ{PpQa5p/LNrW{Ί4I]畜,'z^6#B6rmmPY%54ᰴAY"0*( Oy99Me = '2+5D{j]Q *`S쯢z`H`vi}0M] I܈ϫOa']re|% wr&DZCE݉_`!$lmv/tRrɤ-I9 (Gb`Evvy(ɔO f/cbIOpOZۆ$򤿆!쵭[҈zWg7s6iQL[_?x~>1p 1[e]_-V67m٥UTj a$z_Oϖ6`&'oYy*6M϶$xjZ{ gloS #Jxecn\sigN_U25"n9_@.s^ ?N(b FϘ݂@YS}歊(cGi:my1D͇ #u~7(EckG\(;{7#d/z.Mk4""}lTx;Ly\K1PlF]R^U_flR]f=tD#SOvCm&"hb|Haݛ MɎsy'^qP km?.!m?? v@c{ Ю|OsqN FaS,l,d}3ӓjN&-W7j ZV7[]l ~v&/X@u6؝گz}%D kNū( PD-n3܉=;s0s⠻6!FC N1]-r^0Ӻ2vZGc\2ĬU4|J0Aթ]l_8KbЩZ[[i9U2V1Щ]JM.ƈv9#zHOiJspT|0!2;$ h$?Y$j`>/5p!+CL9q g?J?d2_>[ɫ6Vk1TD!kQFFt$vŽ%q&>?iّ\q@yZ^_~/34%n3#PI9 wJxQ_Ai985->yk irNoӭI))z:mR, 4O KGX\e"![AT |$Ҹ3bh|ۄQxA6 l-Ή1tߓJJߚ+esXRjGh|LJi]v'iR[a. %ܥ$0%lzxHogٯQ Ἇ^W.)揔 iHߟ@% L91Dj 'EsCσx@˟yl@R-YD$*'5s1H,I!GX9yL}Rf+͐aEBLLUv(cyk"͏ PYQvbٹm+%'8+cH !|g|'4ڱWZu ;VsYҕnu7w- r-ު.g_[T fKFAp[oǀ]v)9%YNA+7jay@v)I}vNt3sM*Iَe)e?v"= \"$ޠ8>]C8 J1fο<z*xحB%ee'KZo\1 T/RպnT; d:9x#;'Wf(S守l:SFeXV@@wہYZw(@OU[:kx Lz.D?8 _SjZAW|Z_Qޱn |N9` gLJki[lGH8y̘jYq/ۢ\SNdNY p-Ūk$Xy?%B~E>a e>6o_#!Jê^Nz]pWnb_Y;G };R-G.\r>u)(Խ{,E_C%TٗV rvNDR~ʪ?=W^MPgX08*kU5s|͋C`>$ӣopU-/j /UB0礄yƔ3 `uU_".sCy ưOC}_M&w,蜀BP·B2.@!JMU.eO}x cq f[  r,z=? yk^!F| K.޻ H<;u$Kq?yTޮvgw6!ܢ ?;-.O VI[s.N͔s42faݩKl* uTI2xO_t]画ӱe-6U;t/V0A>@ʙ|m|u6ac1B 1 b*H镳㣼sC3h}{9,B8{Y\)67GЏDB4Y}L@#B\"iw o`r݌.vtN) ]@Ȯ^HR5fm1dOfVLY3PGC#잸IPqQ3‘=T"]U.GMch``d Ɗݣhsf%#} q/ blp+,޺Nb.0*<HGic$v ,aIcY8Cˠh$ ҙ# q.WTY 1&VRw'G2ZeAUu6gxX#y}_[ ܤ#n67GDI|Օ{SK,cu#b{' [8Z9Pk~>i!1WR/,Y8̧j]iJ- pH0"fxKtoD!j3VW E,mc!#_˷j5 :@U LΎW#1,6fh91>׳~95cڨoRc\y{е᪞k}z*Eˡ ?cq2P:IvA&`|0s"PՠaQ -> 0p X0U^=AZ뾐y@Y?:b0ڃyp-zzE`ӕ $|›]wPF?di,p i˚cZ0YL!S8Z*½=ܵp$xʖ{s6_f? s1vENvI3p[;,=PjHDF/y:ԖDMRUgNoR-hաìö"7SBR$zJ}e!&%#HX-157.m=(s<)K@?B]kk8Z[?f u=?P?'Ŝ>s>פ G\NqLK5R`m>{.! G<{ H>&7pNsXiba+6E=>4=8Ie :/t@ҢDZSDOa߀&~ 57z 7e= j|ȷYAJ,a hgi*AMC9LCy>ȸ9l>?`V/A: ~ _/s@i$Mtuf .êw6L6OM*v$riYt3̔>;