exim-4.94.2-bp153.5.1<>,氉cO&!M@eeeȰ%Q^\\Z~ì)>Shcbk~5n,ˍyrl>%@uA6*cL'#tew/,|b IUj)ArPڪ-H*MPji)N5XPwߠŏ 9{:P,g-f`PW;\v h NT6tV'*t^_K5:|c*1&Ԍ"MG*,vvkT-pedD CÇ"ҏǀ[ J>M`?Pd  Q $04MVg @ZZ \Z Z xZ (RZ )DZ*Z,nZ.0.PZ//B0B6rB667(77787X0980:<.0=D>L?T@\CdFlGZHZITZXY\Z]\Z^b&cdpeufxlzuZvwZxTZyǼWz( LCexim4.94.2bp153.5.1The Exim Mail Transfer Agent, a Replacement for sendmailExim is a mail transport agent (MTA) developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style, it is similar to Smail 3, but its facilities are more extensive. In particular, it has options for verifying incoming sender and recipient addresses, for refusing mail from specified hosts, networks, or senders, and for controlling mail relaying.cO&hurricane36,SUSE Linux Enterprise 15openSUSEGPL-2.0-or-laterhttp://bugs.opensuse.orgProductivity/Networking/Email/Servershttp://www.exim.org/linuxx86_64 if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : for service in exim.service ; do sysv_service=${service%.*} if [ ! -e /usr/lib/systemd/system/$service ] && [ ! -e /etc/init.d/$sysv_service ]; then mkdir -p /run/systemd/rpm/needs-preset touch /run/systemd/rpm/needs-preset/$service elif [ -e /etc/init.d/$sysv_service ] && [ ! -e /var/lib/systemd/migrated/$sysv_service ]; then /usr/sbin/systemd-sysv-convert --save $sysv_service || : mkdir -p /run/systemd/rpm/needs-sysv-convert touch /run/systemd/rpm/needs-sysv-convert/$service fi done fi if [ -x /usr/bin/chkstat ]; then /usr/bin/chkstat -n --set --system /usr/sbin/exim fi if ! test -s etc/exim/exim.conf; then if test -s etc/exim.conf; then mv etc/exim.conf etc/exim/ echo moving exim.conf to /etc/exim/ else cp -p usr/share/doc/packages/exim/configure.default etc/exim/exim.conf echo copying default config file to /etc/exim/exim.conf fi fi PNAME=exim SUBPNAME= SYSC_TEMPLATE=/usr/share/fillup-templates/sysconfig.$PNAME$SUBPNAME # If template not in new /usr/share/fillup-templates, fallback to old TEMPLATE_DIR if [ ! -f $SYSC_TEMPLATE ] ; then TEMPLATE_DIR=/var/adm/fillup-templates SYSC_TEMPLATE=$TEMPLATE_DIR/sysconfig.$PNAME$SUBPNAME fi SD_NAME="" if [ -x /bin/fillup ] ; then if [ -f $SYSC_TEMPLATE ] ; then echo "Updating /etc/sysconfig/$SD_NAME$PNAME ..." mkdir -p /etc/sysconfig/$SD_NAME touch /etc/sysconfig/$SD_NAME$PNAME /bin/fillup -q /etc/sysconfig/$SD_NAME$PNAME $SYSC_TEMPLATE fi else echo "ERROR: fillup not found. This should not happen. Please compare" echo "/etc/sysconfig/$PNAME and $TEMPLATE_DIR/sysconfig.$PNAME and" echo "update by hand." fi if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$YAST_IS_RUNNING" != "instsys" ]; then /usr/bin/systemctl daemon-reload || : fi for service in exim.service ; do sysv_service=${service%.*} if [ -e /run/systemd/rpm/needs-preset/$service ]; then /usr/bin/systemctl preset $service || : rm "/run/systemd/rpm/needs-preset/$service" || : elif [ -e /run/systemd/rpm/needs-sysv-convert/$service ]; then /usr/sbin/systemd-sysv-convert --apply $sysv_service || : rm "/run/systemd/rpm/needs-sysv-convert/$service" || : touch /var/lib/systemd/migrated/$sysv_service || : fi done fi exit 0 test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -eq 0 -a -x /usr/bin/systemctl ]; then # Package removal, not upgrade /usr/bin/systemctl --no-reload disable exim.service || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_STOP_ON_REMOVAL" && . /etc/sysconfig/services test "$DISABLE_STOP_ON_REMOVAL" = yes -o \ "$DISABLE_STOP_ON_REMOVAL" = 1 && exit 0 /usr/bin/systemctl stop exim.service ) || : fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ $1 -eq 0 ]; then # Package removal for service in exim.service ; do sysv_service="${service%.*}" rm "/var/lib/systemd/migrated/$sysv_service" || : done fi if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi if [ "$FIRST_ARG" -ge 1 ]; then # Package upgrade, not uninstall if [ -x /usr/bin/systemctl ]; then ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_RESTART_ON_UPDATE" && . /etc/sysconfig/services test "$DISABLE_RESTART_ON_UPDATE" = yes -o \ "$DISABLE_RESTART_ON_UPDATE" = 1 && exit 0 /usr/bin/systemctl try-restart exim.service ) || : fi fiP  , )En(V`oPO )Ml[FX?@)kr.%< J0  51 D4.R[   Wf  A큤AA큤A큤A큤A큤A큤AcO#cO#cO#cO#cO#cO#cO#cO#cO#cO#cO#cO#cO#cO#cO#cO#cO#cO#cO#cO#cO#cO#cO#cO#cO#cO$cO$cO$cO%`5`5`5`5`5`5cO#cO!cO!cO$`5`5`5`5`5`5`5`5`5`5`5cO%`5`5`5`5`5`5`5`5`5`5``5``5`5`5`5`5`5`5`5`5`5`5`5`5D1cO$cO$cO$cO$cO$cO$cO$cO$cO$cO$cO$cO!4e5bf0b036ce23f99478aa20e92929a8b5e59e38773e2ca266c85764fa8adf13595d927f607f3c9a5a1a5d188adb8627be8f91472e7d9d2992c9c2ffcc4729431470b903b8bf9b320b4d481511ea2ab5878652a382ac07a0ffef67c865a107e5707110d01e2c60a67a15b7c0a8b0ce70fc68e4cb30302fbb9435dc96313391d54112b7ecb2010d4e1f7282acf6322f1cf7725cce8581a9fbbc5148b8efa604e7e115e67f6328e49d86ef3733a54b13f96fb8aaed40436e92d6706b25c29040d3651c0addda26dcfa6542174bd51f337bb232ee2ddb139deaf3d69c224d86c2680dc08f40cc4b9089858c19e76202b57a3fd9b01c27b62eed91641b5b6f9e104798bfcd93fa9fa6a8926b4774025c575a70d2425148723dd8f40fc2691d44041299222bb11ba1258e1ef8553becbc65539a9759ffa88a042030b2564c34a121b9d5b6bd48ae99effab2c6eecce55eb6653fe530ca6f234c720a6328b5f8310f012a7099757f0c9580cb644ecd3e861f1f81fc0bd110f12a4890f09062a78a372f5c65a02b1fec949ba4cfd661c922ae6fbdca095601a5d224d3a0b3f2e25f3823a754c3d28dbdaf8cccc98222e69a0059acdaba25daa9008ad749a6dfb0b6341c014363b65ee78679a8e255efd4e9f6508b1dc2e13517d681f53f4db7533445bb34ac95c657a34c23acce73eb8c79dc33f2da3f2fddb289cfba506e7fa61715bf088eab0453de9c22f17cc8ec58ecda3ac932285f86590685b7dca7c2caf6832f1b45e2694180664a70d215cdc7e11a599cb4f22d38bf0c562a0d069e30fac9b83fe1eb689a877a98407afb8cb459f47ad50e38d5052d4db6afbb6656d5adcd36e1a1f2d494f26d2e09bbc6451a46eff0cfeeacc381e14ab0b8105d6c01bbb9fd49240db527b7e55b312a46fc59794fde5dd006422e422257f4f057bfd27b3c8f3babfedf2ea580004c7c1b1447208c9f7826a767c34a7e34b66c0284fd1b543fe3701e9fbf86457d4183dd0980ec7d68171167f33a96ff45f6613de4beba110fd85a4cd80eafc18f182199bfe61f67f44a7a65bee4e8c424467ae13d40b633361ec5185c1004e83c6d22aa24a27d2e3a58f1e0537311ba52796c02138aec30ec4e14e11095020617decbb28b0e08f7d7ef2ed4a3b69c0d904bfce645bc7294432c13f7c6c6c99d4bf0bab773750aa41556e63b31898a28f1b40e27383125ab2d5e3051535b2c8e77f36167a037df8584ed96df5681031e492976d1934d19c1e52d885b1930d2582649fb587750faa74e6d4c1c8e6092722007b9d9cd07cdaec8ab98e1ebe329d8159ca9f14842dcaaf785c6dc51b0c420457d1c4edc0189ba4d3520b617bff01fff563e79091f987ff196e039f14553dfcf4046397643d9a79f390790b31e6e6ae5239a16d5687c47a23939273b7d3243bd96092027dbb79f5ce433f900eaf4e3a574012f907000af451a6006a179e93c00e5d226f78b776b7cacf6dd4410ac4fa953bcd41acdb6ed481a4c0fea6a89e4acc749fc4a466798afc46e23ec48041b88770d022817aa85865f950754e3d6073688deb8946b5cae70ff8d2a3e6737067fd3e9c6e6b1e88ec797fc6863ac6a0d49a10a07af4f114aa9f1dee4762a9d31f2fc813edbba4a34b9c9a56600d7b9e12bb64cae6af9ea18fdaadc32970f32d2f968eba37601c7e8f085b50d907e14cbe7844d8a983ec3633109df4dced66b74f2b40bf6aafbcdd69c114dbcfdadae075709fd901a2cf2cfc95bc348619699e8bb3bce1b8c97d023640b909c05279322a32ead034e4e9facb4a268db5b2082077bfa31f09bf9e86ca99768763e5810e6d5cfa9d4f26725786dd6622df45f453860c3066628610783410d73ca4e9c11bea45cb920d57de2d86d35c51e8cbad532bb21e9aa3986ffd8576e70562c160c118b7851fbb4bc6a45851fe532fed6e21071cd4678172cc17ca6596d98493ad5871636e80d92e50e0a10f91f294a7e9be6c3465e3ccb82267dbeb259ba0bbb029402bcb2659379ce28eca724ce56a0fbc73fc0bf0b44f232417bdd0c04e62256287e9e8c5520f58d91d1c507225baed812b19f038a40908e0305b1e9a6d7e509aa2163a75123b5f503e3eae92b15680df30664cb3e27a9f8cffa45bafb35a10dc36edb653c06c1d6cbd2b0d967a5154ec905f80f109d15e8264cbf74b95603b5b9dc2360c380a8fa55bf069aa3b79c0c298d62b900eaa4f41d844a33e8285bad726c3b1c5a868ba864d66f82bffe5852be0bdc4a967a175a1b227027e7d4b3c0c1089cfc9f8a8544c59d2592d073af0fc6a196f9671a378876f6329d321e6e07c708c1c5f6ebff562fea4d97ba9a7279433862d7d1568a373607d09903b877e6943de54696e947aedc40bb8a1243126a84edccac9b770a2ac757f0fcb01ce60f8f57a98c73d3339966d0651769cc7a3da31c45ed9b3784c3a499fc6b3ed631b5c6ad7ae48cdef37e1a90ceaffbdd129fc82803965bddcc085655bbd4e9fecca87d1ac3bdfb5971d8662c5502ae53f46b74f94f8d6724cb42563b90cc374f77fc7fcfc21e907662f42eb533a05c364463e4a22dac281f7c4fb640e61724f396bd08a287b258bd3844df9ce6ac79713aa15eeeea531dda1fa68f3e7c5a540b70e5e4049003d978c7df2c072fd4cbf22d4cf35d8be1a32071c8d7b89fdc827c6ba1992beec0008a8e6b5e789a805f6c151562d1fbb90004dfe9d323a172aebe3004b17f88ac2c5c7a42118f9bc32a6e0b85a2cf5b0a84140443a6a1ca50368f142866dbe00ccaa19247841ceeae37e026b32384997baa185db985bcade15ea61f740050c6ede77f674f8daa649552e6b7fba86dce16dd74432f44141aae42fc4b362c23e4e49ca0d12cb9cf24e6de97da5e346849c0c158711670bd4d0cc3d25b43db09d42da354964705bd9e4cee044b0cd46883293456510424eb9ed07d4397b2ba50cc0cfaba0a8524b8../sbin/exim../sbin/exim../sbin/exim../sbin/exim../sbin/eximserviceeximexim_db.8.gzexim_db.8.gzexim_db.8.gzexim.8.gzexim.8.gzexim.8.gzexim.8.gzexim.8.gzBrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootmailrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootmailexim-4.94.2-bp153.5.1.src.rpmconfig(exim)eximexim(x86-64)smtp_daemon !@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@     /bin/sh/bin/sh/bin/sh/bin/sh/bin/sh/bin/sh/usr/bin/perlconfig(exim)coreutilsdiffutilsfileutilsfillupgrepgroup(mail)libc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.15)(64bit)libc.so.6(GLIBC_2.16)(64bit)libc.so.6(GLIBC_2.17)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.28)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.6)(64bit)libc.so.6(GLIBC_2.7)(64bit)libc.so.6(GLIBC_2.8)(64bit)libcrypt.so.1()(64bit)libcrypt.so.1(XCRYPT_2.0)(64bit)libcrypto.so.1.1()(64bit)libcrypto.so.1.1(OPENSSL_1_1_0)(64bit)libcrypto.so.1.1(OPENSSL_1_1_1)(64bit)libdb-4.8.so()(64bit)liblber-2.4.so.2()(64bit)libldap_r-2.4.so.2()(64bit)libm.so.6()(64bit)libm.so.6(GLIBC_2.29)(64bit)libmariadb.so.3()(64bit)libmariadb.so.3(libmysqlclient_18)(64bit)libnsl.so.2()(64bit)libnsl.so.2(LIBNSL_1.0)(64bit)libpam.so.0()(64bit)libpam.so.0(LIBPAM_1.0)(64bit)libpcre.so.1()(64bit)libpq.so.5()(64bit)libresolv.so.2()(64bit)libresolv.so.2(GLIBC_2.2.5)(64bit)libsasl2.so.3()(64bit)libspf2.so.2()(64bit)libsqlite3.so.0()(64bit)libssl.so.1.1()(64bit)libssl.so.1.1(OPENSSL_1_1_0)(64bit)libssl.so.1.1(OPENSSL_1_1_1)(64bit)logrotatepermissionsrpmlib(BuiltinLuaScripts)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)systemdsystemdsystemdsystemdtextutilsuser(mail)4.94.2-bp153.5.14.2.2-13.0.4-14.6.0-14.0-15.2-1postfixsendmailsendmail-tls4.14.3 /usr/bin/chkstat -n --warn --system -e /usr/sbin/exim 1>&2cN@`7@`N@_C^(@^?@^@^^@^[^r^ @]7@]@]s]9\\ZԐ@Z`@Z@ZZ@Z@Z@Z@YdY[@YGXWW@VV2VVjVqUJ@U0U@TÉ@TÉ@TÉ@TÉ@T@T@T@TuTuPeter Wullinger wullinger@rz.uni-kiel.dewullinger@rz.uni-kiel.dewullinger@rz.uni-kiel.dewullinger@rz.uni-kiel.dewullinger@rz.uni-kiel.dewullinger@rz.uni-kiel.dewullinger@rz.uni-kiel.dewullinger@rz.uni-kiel.dewullinger@rz.uni-kiel.dewullinger@rz.uni-kiel.dewullinger@rz.uni-kiel.dewullinger@rz.uni-kiel.depoeml@cmdline.netpoeml@cmdline.netalex wullinger@rz.uni-kiel.deseanlew@opensuse.org wullinger@rz.uni-kiel.decrrodriguez@opensuse.orgkbabioch@suse.comwullinger@rz.uni-kiel.dedmueller@suse.comkstreitova@suse.commeissner@suse.comrbrown@suse.comdimstar@opensuse.orgmeissner@suse.commeissner@suse.comwullinger@rz.uni-kiel.dee.istomin@edss.eelmuelle@suse.comlmuelle@suse.comopensuse@cboltz.delmuelle@suse.commichal.hrusecky@opensuse.orglmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.comlmuelle@suse.commichal.hrusecky@opensuse.orgmichal.hrusecky@opensuse.orglmuelle@suse.comlmuelle@suse.comlmuelle@suse.com- add patch-cve-2022-3559 (fixes CVE-2022-3559, bsc#1204427, Bug 2915)- update to exim-4.94.2 security update (bsc#1185631) * CVE-2020-28007: Link attack in Exim's log directory * CVE-2020-28008: Assorted attacks in Exim's spool directory * CVE-2020-28014: Arbitrary PID file creation * CVE-2020-28011: Heap buffer overflow in queue_run() * CVE-2020-28010: Heap out-of-bounds write in main() * CVE-2020-28013: Heap buffer overflow in parse_fix_phrase() * CVE-2020-28016: Heap out-of-bounds write in parse_fix_phrase() * CVE-2020-28015: New-line injection into spool header file (local) * CVE-2020-28012: Missing close-on-exec flag for privileged pipe * CVE-2020-28009: Integer overflow in get_stdinput() * CVE-2020-28017: Integer overflow in receive_add_recipient() * CVE-2020-28020: Integer overflow in receive_msg() * CVE-2020-28023: Out-of-bounds read in smtp_setup_msg() * CVE-2020-28021: New-line injection into spool header file (remote) * CVE-2020-28022: Heap out-of-bounds read and write in extract_option() * CVE-2020-28026: Line truncation and injection in spool_read_header() * CVE-2020-28019: Failure to reset function pointer after BDAT error * CVE-2020-28024: Heap buffer underflow in smtp_ungetc() * CVE-2020-28018: Use-after-free in tls-openssl.c * CVE-2020-28025: Heap out-of-bounds read in pdkim_finish_bodyhash()- update to exim-4.94.1 * Fix security issue in BDAT state confusion. Ensure we reset known-good where we know we need to not be reading BDAT data, as a general case fix, and move the places where we switch to BDAT mode until after various protocol state checks. Fixes CVE-2020-BDATA reported by Qualys. * Fix security issue in SMTP verb option parsing (CVE-2020-EXOPT) * Fix security issue with too many recipients on a message (to remove a known security problem if someone does set recipients_max to unlimited, or if local additions add to the recipient list). Fixes CVE-2020-RCPTL reported by Qualys. * Fix CVE-2020-28016 (PFPZA): Heap out-of-bounds write in parse_fix_phrase() * Fix security issue CVE-2020-PFPSN and guard against cmdline invoker providing a particularly obnoxious sender full name. * Fix Linux security issue CVE-2020-SLCWD and guard against PATH_MAX better.- bring back missing exim_db.8 manual page (fixes bsc#1173693)- bring in changes from current +fixes (lots of taint check fixes) * Bug 1329: Fix format of Maildir-format filenames to match other mail- related applications. Previously an "H" was used where available info says that "M" should be, so change to match. * Bug 2587: Fix pam expansion condition. Tainted values are commonly used as arguments, so an implementation trying to copy these into a local buffer was taking a taint-enforcement trap. Fix by using dynamically created buffers. * Bug 2586: Fix listcount expansion operator. Using tainted arguments is reasonable, eg. to count headers. Fix by using dynamically created buffers rather than a local. Do similar fixes for ACL actions "dcc", "log_reject_target", "malware" and "spam"; the arguments are expanded so could be handling tainted values. * Bug 2590: Fix -bi (newaliases). A previous code rearrangement had broken the (no-op) support for this sendmail command. Restore it to doing nothing, silently, and returning good status.- update to exim 4.94 * some transports now refuse to use tainted data in constructing their delivery location this WILL BREAK configurations which are not updated accordingly. In particular: any Transport use of $local_user which has been relying upon check_local_user far away in the Router to make it safe, should be updated to replace $local_user with $local_part_data. * Attempting to remove, in router or transport, a header name that ends with an asterisk (which is a standards-legal name) will now result in all headers named starting with the string before the asterisk being removed.- switch pretrans to use lua (fixes bsc#1171877)- bring changes from current in +fixes branch (patch-exim-fixes-ee83de04d3087efaf808d1f2235a988275c2ee94) * fixes CVE-2020-12783 (bsc#1171490) * Regard command-line recipients as tainted. * Bug 2489: Fix crash in the "pam" expansion condition. * Use tainted buffers for the transport smtp context. * Bug 2493: Harden ARC verify against Outlook, which has been seen to mix the ordering of its ARC headers. This caused a crash. * Bug 2492: Use tainted memory for retry record when needed. Previously when a new record was being constructed with information from the peer, a trap was taken. * Bug 2494: Unset the default for dmarc_tld_file. * Fix an uninitialised flag in early-pipelining. Previously connections could, depending on the platform, hang at the STARTTLS response. * Bug 2498: Reset a counter used for ARC verify before handling another message on a connection. Previously if one message had ARC headers and the following one did not, a crash could result when adding an Authentication-Results: header. * Bug 2500: Rewind some of the common-coding in string handling between the Exim main code and Exim-related utities. * Fix the variables set by the gsasl authenticator. * Bug 2507: Modules: on handling a dynamic-module (lookups) open failure, only retrieve the errormessage once. * Bug 2501: Fix init call in the heimdal authenticator. Previously it adjusted the size of a major service buffer; this failed because the buffer was in use at the time. Change to a compile-time increase in the buffer size, when this authenticator is compiled into exim.- don't create logfiles during install * fixes CVE-2020-8015 (bsc#1154183)- add a spec-file workaround for bsc#1160726- update to exim 4.93.0.4 (+fixes release) * Avoid costly startup code when not strictly needed. This reduces time for some exim process initialisations. It does mean that the logging of TLS configuration problems is only done for the daemon startup. * Early-pipelining support code is now included unless disabled in Makefile. * DKIM verification defaults no long accept sha1 hashes, to conform to RFC 8301. They can still be enabled, using the dkim_verify_hashes main option. * Support CHUNKING from an smtp transport using a transport_filter, when DKIM signing is being done. Previously a transport_filter would always disable CHUNKING, falling back to traditional DATA. * Regard command-line receipients as tainted. * Bug 340: Remove the daemon pid file on exit, whe due to SIGTERM. * Bug 2489: Fix crash in the "pam" expansion condition. It seems that the PAM library frees one of the arguments given to it, despite the documentation. Therefore a plain malloc must be used. * Bug 2491: Use tainted buffers for the transport smtp context. Previously on-stack buffers were used, resulting in a taint trap when DSN information copied from a received message was written into the buffer. * Bug 2493: Harden ARC verify against Outlook, whick has been seen to mix the ordering of its ARC headers. This caused a crash. * Bug 2492: Use tainted memory for retry record when needed. Previously when a new record was being constructed with information from the peer, a trap was taken. * Bug 2494: Unset the default for dmarc_tld_file. Previously a naiive installation would get error messages from DMARC verify, when it hit the nonexistent file indicated by the default. Distros wanting DMARC enabled should both provide the file and set the option. Also enforce no DMARC verification for command-line sourced messages. * Fix an uninitialised flag in early-pipelining. Previously connections could, depending on the platform, hang at the STARTTLS response. * Bug 2498: Reset a counter used for ARC verify before handling another message on a connection. Previously if one message had ARC headers and the following one did not, a crash could result when adding an Authentication-Results: header. * Bug 2500: Rewind some of the common-coding in string handling between the Exim main code and Exim-related utities. The introduction of taint tracking also did many adjustments to string handling. Since then, eximon frequently terminated with an assert failure. * When PIPELINING, synch after every hundred or so RCPT commands sent and check for 452 responses. This slightly helps the inefficieny of doing a large alias-expansion into a recipient-limited target. The max_rcpt transport option still applies (and at the current default, will override the new feature). The check is done for either cause of synch, and forces a fast-retry of all 452'd recipients using a new MAIL FROM on the same connection. The new facility is not tunable at this time. * Fix the variables set by the gsasl authenticator. Previously a pointer to library live data was being used, so the results became garbage. Make copies while it is still usable. * Logging: when the deliver_time selector ise set, include the DT= field on delivery deferred (==) and failed (**) lines (if a delivery was attemtped). Previously it was only on completion (=>) lines. * Authentication: the gsasl driver not provides the $authN variables in time for the expansion of the server_scram_iter and server_scram_salt options.spec file cleanup to make update work - add docdir to spec- update to exim 4.93 * SUPPORT_DMARC replaces EXPERIMENTAL_DMARC * DISABLE_TLS replaces SUPPORT_TLS * Bump the version for the local_scan API. * smtp transport option hosts_try_fastopen defaults to "*". * DNSSec is requested (not required) for all queries. (This seemes to ask for trouble if your resolver is a systemd-resolved.) * Generic router option retry_use_local_part defaults to "true" under specific pre-conditions. * Introduce a tainting mechanism for values read from untrusted sources. * Use longer file names for temporary spool files (this avoids name conflicts with spool on a shared file system). * Use dsn_from main config option (was ignored previously).- update to exim 4.92.3 * CVE-2019-16928: fix against Heap-based buffer overflow in string_vformat, remote code execution seems to be possible- update to exim 4.92.2 * CVE-2019-15846: fix against remote attackers executing arbitrary code as root via a trailing backslash- update to exim 4.92.1 * CVE-2019-13917: Fixed an issue with ${sort} expansion which could allow remote attackers to execute other programs with root privileges (boo#1142207)- spec file cleanup * fix DANE inclusion guard condition * re-enable i18n and remove misleading comment * EXPERIMENTAL_SPF is now SUPPORT_SPF * DANE is now SUPPORT_DANE- update to exim 4.92 * ${l_header:} expansion * ${readsocket} now supports TLS * "utf8_downconvert" option (if built with SUPPORT_I18N) * "pipelining" log_selector * JSON variants for ${extract } expansion * "noutf8" debug option * TCP Fast Open support on MacOS * CVE-2019-10149: Fixed a Remote Command Execution (bsc#1136587) - add workaround patch for compile time error on missing printf format annotation (gnu_printf.patch)- update to 4.91 * DEFER rather than ERROR on redis cluster MOVED response. * Catch and remove uninitialized value warning in exiqsumm * Disallow '/' characters in queue names specified for the "queue=" ACL modifier. This matches the restriction on the commandline. * Fix pgsql lookup for multiple result-tuples with a single column. Previously only the last row was returned. * Bug 2217: Tighten up the parsing of DKIM signature headers. * Bug 2215: Fix crash associated with dnsdb lookup done from DKIM ACL. * Fix issue with continued-connections when the DNS shifts unreliably. * Bug 2214: Fix SMTP responses resulting from non-accept result of MIME ACL. * The "support for" informational output now, which built with Content Scanning support, has a line for the malware scanner interfaces compiled in. Interface can be individually included or not at build time. * The "aveserver", "kavdaemon" and "mksd" interfaces are now not included by the template makefile "src/EDITME". The "STREAM" support for an older ClamAV interface method is removed. * Bug 2223: Fix mysql lookup returns for the no-data case (when the number of rows affected is given instead). * The runtime Berkeley DB library version is now additionally output by "exim -d -bV". Previously only the compile-time version was shown. * Bug 2230: Fix cutthrough routing for nonfirst messages in an initiating SMTP connection. * Bug 2229: Fix cutthrough routing for nonstandard port numbers defined by routers. * Bug 2174: A timeout on connect for a callout was also erroneously seen as a timeout on read on a GnuTLS initiating connection, resulting in the initiating connection being dropped. * Relax results from ACL control request to enable cutthrough, in unsupported situations, from error to silently (except under debug) ignoring. * Fix Buffer overflow in base64d() (CVE-2018-6789) * Fix bug in DKIM verify: a buffer overflow could corrupt the malloc metadata, resulting in a crash in free(). * Fix broken Heimdal GSSAPI authenticator integration. * Bug 2113: Fix conversation closedown with the Avast malware scanner. * Bug 2239: Enforce non-usability of control=utf8_downconvert in the mail ACL. * Speed up macro lookups during configuration file read, by skipping non- macro text after a replacement (previously it was only once per line) and by skipping builtin macros when searching for an uppercase lead character. * DANE support moved from Experimental to mainline. The Makefile control for the build is renamed. * Fix memory leak during multi-message connections using STARTTLS. * Bug 2236: When a DKIM verification result is overridden by ACL, DMARC reported the original. Fix to report (as far as possible) the ACL result replacing the original. * Fix memory leak during multi-message connections using STARTTLS under OpenSSL * Bug 2242: Fix exim_dbmbuild to permit directoryless filenames. * Fix utf8_downconvert propagation through a redirect router. * Bug 2253: For logging delivery lines under PRDR, append the overall DATA response info to the (existing) per-recipient response info for the "C=" log element. * Bug 2251: Fix ldap lookups that return a single attribute having zero- length value. * Support Avast multiline protocol, this allows passing flags to newer versions of the scanner. * Ensure that variables possibly set during message acceptance are marked dead before release of memory in the daemon loop. * Bug 2250: Fix a longstanding bug in heavily-pipelined SMTP input (such as a multi-recipient message from a mailinglist manager). * The (EXPERIMENTAL_DMARC) variable $dmarc_ar_header is withdrawn, being replaced by the ${authresults } expansion. * Bug 2257: Fix pipe transport to not use a socket-only syscall. * Set a handler for SIGTERM and call exit(3) if running as PID 1. This allows proper process termination in container environments. * Bug 2258: Fix spool_wireformat in combination with LMTP transport. Previously the "final dot" had a newline after it; ensure it is CR,LF. * SPF: remove support for the "spf" ACL condition outcome values "err_temp" and "err_perm", deprecated since 4.83 when the RFC-defined words " temperror" and "permerror" were introduced. * Re-introduce enforcement of no cutthrough delivery on transports having transport-filters or DKIM-signing. * Cutthrough: for a final-dot response timeout (and nonunderstood responses) in defer=pass mode supply a 450 to the initiator. Previously the message would be spooled. * DANE: add dane_require_tls_ciphers SMTP Transport option; if unset, tls_require_ciphers is used as before. * Malware Avast: Better match the Avast multiline protocol. * Fix reinitialisation of DKIM logging variable between messages. * Bug 2255: Revert the disable of the OpenSSL session caching. * Add util/renew-opendmarc-tlds.sh script for safe renewal of public suffix list. * DKIM: accept Ed25519 pubkeys in SubjectPublicKeyInfo-wrapped form, since the IETF WG has not yet settled on that versus the original "bare" representation. * Fix syslog logging for syslog_timestamp=no and log_selector +millisec. Previously the millisecond value corrupted the output. Fix also for syslog_pid=no and log_selector +pid, for which the pid corrupted the output.- Replace xorg-x11-devel by individual pkgconfig() buildrequires.- update to 4.90.1 * Allow PKG_CONFIG_PATH to be set in Local/Makefile and use it correctly during configuration. Wildcards are allowed and expanded. * Shorten the log line for daemon startup by collapsing adjacent sets of identical IP addresses on different listening ports. Will also affect "exiwhat" output. * Tighten up the checking in isip4 (et al): dotted-quad components larger than 255 are no longer allowed. * Default openssl_options to include +no_ticket, to reduce load on peers. Disable the session-cache too, which might reduce our load. Since we currrectly use a new context for every connection, both as server and client, there is no benefit for these. * Add $SOURCE_DATE_EPOCH support for reproducible builds, per spec at . * Fix smtp transport use of limited max_rcpt under mua_wrapper. Previously the check for any unsuccessful recipients did not notice the limit, and erroneously found still-pending ones. * Pipeline CHUNKING command and data together, on kernels that support MSG_MORE. Only in-clear (not on TLS connections). * Avoid using a temporary file during transport using dkim. Unless a transport-filter is involved we can buffer the headers in memory for creating the signature, and read the spool data file once for the signature and again for transmission. * Enable use of sendfile in Linux builds as default. It was disabled in 4.77 as the kernel support then wasn't solid, having issues in 64bit mode. Now, it's been long enough. Add support for FreeBSD also. * Add commandline_checks_require_admin option. * Do pipelining under TLS. * For the "sock" variant of the malware scanner interface, accept an empty cmdline element to get the documented default one. Previously it was inaccessible. * Prevent repeated use of -p/-oMr * DKIM: enforce the DNS pubkey record "h" permitted-hashes optional field, if present. * DKIM: when a message has multiple signatures matching an identity given in dkim_verify_signers, run the dkim acl once for each. * Support IDNA2008. * The path option on a pipe transport is now expanded before use * Have the EHLO response advertise VRFY, if there is a vrfy ACL defined. - Several bug fixes - Fix for buffer overflow in base64decode() (bsc#1079832 CVE-2018-6789) - removed patches (included upstream now): * exim-CVE-2017-1000369.patch * exim-CVE-2017-16943.patch * exim-CVE-2017-16944.patch * exim-4.86.2-mariadb_102_compile_fix.patch- add exim-CVE-2017-16944.patch: backport of commit 178ecb70987f024f0e775d87c2f8b2cf587dd542 fix for CVE-2017-16944 (#bsc1069859)- update to 4.88: drops fix-CVE-2016-9963-31c02defdc5118834e801d4fe8f11c1d9b5ebadf.patch, exim-4.86.2+fixes-867e8fe25dbfb1e31493488ad695bde55b890397.patch - remove exim4-manpages.tar.bz2: upstream does not exist anymore - update keyring- add exim-4.86.2-mariadb_102_compile_fix.patch to fix compilation with the mariadb 10.2 (in our case the build with libmariadb library from the mariadb-connector-c package) * upstream commits: a12400fd4493b676e71613ab429e731f777ebd1e and 31beb7972466a33a88770eacbce13490f2ddadc2- exim-CVE-2017-16943.patch: fixed possible code execution (CVE-2017-16943 bsc#1069857)- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- Explicitly buildrequire libnsl-devel on suse_version >= 1330: libnsl used to be an integrated part of glibc. Since the build system / makefiles explicitly reference libnsl, it is our own duty to ensure we have our deps in place.- specify users with ref:mail, to make them dynamic. bsc#1046971- exim-CVE-2017-1000369.patch: Fixed memory leaks that could be exploited to "stack crash" local privilege escalation (bsc#1044692) - Require user(mail) group(mail) to meet new users handling in TW. - Prerequire permissions (fixes rpmlint).- conditionally disable DANE on SuSE versions with OpenSSL < 1.0 - exim-4.86.2+fixes-867e8fe25dbfb1e31493488ad695bde55b890397.patch: import exim-4_86_2+fixes branch + fix CVE-2016-1531 when installed setuid root, allows local users to gain privileges via the perl_startup argument. + fix Bug 1805: store the initial working directory, expand $initial_cwd + fix Bug 1671: segfault after delivery (https://bugs.exim.org/show_bug.cgi?id=1671) + Don't issue env warning if env is empty - fix-CVE-2016-9963-31c02defdc5118834e801d4fe8f11c1d9b5ebadf.patch: DKIM information leakage- Makefile tuning: + add sqlite support + disable WITH_OLD_DEMIME + enable AUTH_CYRUS_SASL + enable AUTH_TLS + enable SYSLOG_LONG_LINES + enable SUPPORT_PAM + MAX_NAMED_LIST=64 + enable EXPERIMENTAL_DMARC + enable EXPERIMENTAL_EVENT + enable EXPERIMENTAL_PROXY + enable EXPERIMENTAL_CERTNAMES + enable EXPERIMENTAL_DSN + enable EXPERIMENTAL_DANE + enable EXPERIMENTAL_SOCKS + enable EXPERIMENTAL_INTERNATIONAL- Update to 4.86.2 + Fix minor portability issues for *BSD and OS/X.- Update to 4.86.1 + Add support for keep_environment and add_environment options; CVE-2016-1531; (boo#968844).- Move AppArmor profile to /usr/share/apparmor/extra-profiles/, which is the directory for inactive profiles since AppArmor 2.9- Update the Exim Maintainers Keyring file 'exim.keyring'. - Use URL for the source line of the main tar ball.- Update to 4.86 * Support for using the system standard CA bundle. * New expansion items $config_file, $config_dir, containing the file and directory name of the main configuration file. Also $exim_version. * New "malware=" support for Avast. * New "spam=" variant option for Rspamd. * Assorted options on malware= and spam= scanners. * A commandline option to write a comment into the logfile. * If built with EXPERIMENTAL_SOCKS feature enabled, the smtp transport can be configured to make connections via socks5 proxies. * If built with EXPERIMENTAL_INTERNATIONAL, support is included for the transmission of UTF-8 envelope addresses. * If built with EXPERIMENTAL_INTERNATIONAL, an expansion item for a commonly used encoding of Maildir folder names. * A logging option for slow DNS lookups. * New ${env {}} expansion. * A non-SMTP authenticator using information from TLS client certificates. * Main option "tls_eccurve" for selecting an Elliptic Curve for TLS. Patch originally by Wolfgang Breyha. * Main option "dns_trust_aa" for trusting your local nameserver at the same level as DNSSEC. - Dropped exim-enable_ecdh_openssl.patch as included in upstream- Fix the systemd service file by not passing EXIM_ARGS as one single argument by removing the curly brackets (shell syntax).- Install fitting eximstats.conf depending on SUSE version; (bsc#926861). - Add attribute dir to /etc/apache2 and /etc/apache2/conf.d in the file list.- Replace the fixed ExecStart arguments by ${EXIM_ARGS} as defined in /etc/sysconfig/exim; (bsc#922145).- Set CFLAGS_OPT_WERROR only on post-5 CentOS and RHEL systems.- Drop BuildRequires xorg-x11-server-sdk for non SUSE systems in particular to build on RHEL 6 again.- Let ld know the path to mysqlclient.- update to 4.85 + When running the test suite, the README says that variables such as no_msglog_check are global and can be placed anywhere in a specific test's script, however it was observed that placement needed to be near the beginning for it to behave that way. Changed the runtest perl script to read through the entire script once to detect and set these variables, reset to the beginning of the script, and then run through the script parsing/test process like normal. + Expand the EXPERIMENTAL_TPDA feature. Several different events now cause callback expansion. + Bugzilla 1518: Clarify "condition" processing in routers; that syntax errors in an expansion can be treated as a string instead of logging or causing an error, due to the internal use of bool_lax instead of bool when processing it. + Add EXPERIMENTAL_DANE, allowing for using the DNS as trust-anchor for server certificates when making smtp deliveries. + Support secondary-separator specifier for MX, SRV, TLSA lookups. + Add ${sort {list}{condition}{extractor}} expansion item. + Bugzilla 1216: Add -M (related messages) option to exigrep. + GitHub Issue 18: Adjust logic testing for true/false in redis lookups. Merged patch from Sebastian Wiedenroth. + Fix results-pipe from transport process. Several recipients, combined with certificate use, exposed issues where response data items split over buffer boundaries were not parsed properly. This eventually resulted in duplicates being sent. This issue only became common enough to notice due to the introduction of conection certificate information, the item size being so much larger. Found and fixed by Wolfgang Breyha. + Bug 1533: Fix truncation of items in headers_remove lists. A fixed size buffer was used, resulting in syntax errors when an expansion exceeded it. + Add support for directories of certificates when compiled with a GnuTLS version 3.3.6 or later. + Rename the TPDA expermimental facility to Event Actions. The #ifdef is EXPERIMENTAL_EVENT, the main-configuration and transport options both become "event_action", the variables become $event_name, $event_data and $event_defer_errno. There is a new variable $verify_mode, usable in routers, transports and related events. The tls:cert event is now also raised for inbound connections, if the main configuration event_action option is defined. + In test suite, disable OCSP for old versions of openssl which contained early OCSP support, but no stapling (appears to be less than 1.0.0). + When compiled with OpenSSL and EXPERIMENTAL_CERTNAMES, the checks on server certificate names available under the smtp transport option "tls_verify_cert_hostname" now do not permit multi-component wildcard matches. + Time-related extraction expansions from certificates now use the main option "timezone" setting for output formatting, and are consistent between OpenSSL and GnuTLS compilations. Bug 1541. + Fix a crash in mime ACL when meeting a zero-length, quoted or RFC2047- encoded parameter in the incoming message. Bug 1558. + Bug 1527: Autogrow buffer used in reading spool files. Since they now include certificate info, eximon was claiming there were spoolfile syntax errors. + Bug 1521: Fix ldap lookup for single-attr request, multiple-attr return. + Log delivery-related information more consistently, using the sequence "H= []" wherever possible. + Bug 1547: Omit RFCs from release. Draft and RFCs have licenses which are problematic for Debian distribution, omit them from the release tarball. + Updates and fixes to the EXPERIMENTAL_DSN feature. + Fix string representation of time values on 64bit time_t anchitectures. Bug 1561. + Fix a null-indirection in certextract expansions when a nondefault output list separator was used.- Enable SPF- Fix service file; (boo#935601) - Using bcond for mysql, pgsql and ldap - mysql, pgsql and ldap enabled by default- Removed executable permission bits from exim.service file; (boo#935601).- Remove dependency on gpg-offline as signature checking is implemented in the source validator.- update to 4.84 + Re-add a 'return NULL' to silence complaints from static checkers that were complaining about end of non-void function with no return; (beo#1506); obsoletes silence-static-checkers.patch. + Fix parsing of quoted parameter values in MIME headers. This was a regression intruduced in 4.83 by another bugfix; (beo#1513). + Fix broken compilation when EXPERIMENTAL_DSN is enabled. + Fix exipick for enhanced spoolfile specification used when EXPERIMENTAL_DNS is enabled; (beo#1509)./bin/sh/bin/sh/bin/sh/bin/sh/bin/shhurricane3 1666168358  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ4.94.2-bp153.5.14.94.2-bp153.5.14.94.2-bp153.5.1 eximeximmailqnewaliasesrsmtprunqsendmailexim.serviceexicyclogexigrepeximexim_checkaccessexim_dbmbuildexim_dumpdbexim_fixdbexim_lockexim_tidydbeximstatsexinextexipickexiqgrepexiqsummexiwhatrceximsendmailapparmorextra-profilesusr.sbin.eximeximACKNOWLEDGMENTSCHANGESLICENCENOTICEREADMEREADME.UPDATINGconfigure.defaultconvert4r3convert4r4docChangeLogDANE-draft-notesExim3.upgradeExim4.upgradeGnuTLS-FAQ.txt.gzNewStuffOptionLists.txt.gzREADMEREADME.SIEVEcve-2016-9663cve-2019-13917cve-2019-13917.rpmmovedcve-2019-15846cve.txtmitre.mbxposting-0.txtposting-1.txtposting-2.txtqualys.mbxcve-2020-qualysdbm.discuss.txt.gzexperimental-spec.txt.gzfilter.txt.gzopenssl.txt.gzspec.txt.gzutil.gitignoreREADMEchunking_fixqueue_finalnewlines.plcramtest.plgen_pkcs3.clogargs.shmkcdb.plocsp_fetch.plproxy_protocol_client.plratelimit.plrenew-opendmarc-tlds.shunknownuser.shsysconfig.eximexim.8.gzexim_db.8.gzexim_dumpdb.8.gzexim_fixdb.8.gzexim_tidydb.8.gzeximstats.8.gzmailq.8.gznewaliases.8.gzrsmtp.8.gzrunq.8.gzsendmail.8.gzexim/etc//etc/logrotate.d//usr/bin//usr/lib//usr/lib/systemd/system//usr/sbin//usr/share//usr/share/apparmor//usr/share/apparmor/extra-profiles//usr/share/doc/packages//usr/share/doc/packages/exim//usr/share/doc/packages/exim/doc//usr/share/doc/packages/exim/doc/cve-2019-15846//usr/share/doc/packages/exim/util//usr/share/fillup-templates//usr/share/man/man8//var/log/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protectionobs://build.opensuse.org/openSUSE:Maintenance:17709/openSUSE_Backports_SLE-15-SP3_Update/413796d525d321f9b03942c9ac7b9bd9-exim.openSUSE_Backports_SLE-15-SP3_Updatedrpmxz5x86_64-suse-linux     directoryASCII textPOSIX shell script, ASCII text executablePerl script text executablesetuid ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=45273b278a036ca011e51f6bb64f65b16b92ed25, for GNU/Linux 3.2.0, with debug_info, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=308c8736fb1eb5be000921507404d110195547a3, for GNU/Linux 3.2.0, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=b1d25858c1e54fc091aa7f3bd6103c00d1a4fa43, for GNU/Linux 3.2.0, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=92ba1fadfc369dccd3c9f46974e122d870028d25, for GNU/Linux 3.2.0, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=760eff66c289d845d12141bc7b10243e4de73228, for GNU/Linux 3.2.0, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=e8dbd3aadec3d29c2502deb554e274254eae8c51, for GNU/Linux 3.2.0, not strippedC source, ASCII textUTF-8 Unicode textASCII text (gzip compressed data, was "GnuTLS-FAQ.txt", last modified: Fri Apr 30 12:08:21 2021, max compression, from Unix)ASCII text (gzip compressed data, was "OptionLists.txt", last modified: Fri Apr 30 12:08:21 2021, max compression, from Unix)ASCII text, with very long linescannot open `/home/abuild/rpmbuild/BUILDROOT/exim-4.94.2-bp153.5.1.x86_64/usr/share/doc/packages/exim/doc/cve-2019-13917.rpmmoved' (No such file or directory)ASCII text (gzip compressed data, was "dbm.discuss.txt", last modified: Fri Apr 30 12:08:21 2021, max compression, from Unix)ASCII text (gzip compressed data, was "experimental-spec.txt", last modified: Fri Apr 30 12:08:21 2021, max compression, from Unix)ASCII text (gzip compressed data, was "filter.txt", last modified: Fri Apr 30 12:12:05 2021, max compression, from Unix)ASCII text (gzip compressed data, was "openssl.txt", last modified: Fri Apr 30 12:08:21 2021, max compression, from Unix)ASCII text (gzip compressed data, was "spec.txt", last modified: Fri Apr 30 12:12:05 2021, max compression, from Unix)troff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)'(.7AGQRSTUV%  RRR$RR.R(R*R&R4R3RRRRRRRRRRRRR-RR#R)R R!R'R"R%R,R1R0R/R2RR+RRRRRRR RRRRRRRRR RRRRRRRRRR RRRRRRRRRRRRRRRR RRRRRRR3Ŗ5xC4)docdir = rpm.expand('/usr/share/doc/packages') pkgname = rpm.expand('exim') path = docdir .. '/' .. pkgname .. '/doc/cve-2019-13917' st = posix.stat(path) if st and st.type == "directory" then status = os.rename(path, path .. ".rpmmoved") if not status then suffix = 0 while not status do suffix = suffix + 1 status = os.rename(path .. ".rpmmoved", path .. ".rpmmoved." .. suffix) end os.rename(path, path .. ".rpmmoved") end endutf-8717f2c4a2a895259ed937cc8335d9fc1e685cc15c6faeb074ca2dd0dd3f18701?07zXZ !t/]"k%a捯 6ƙ`'!Z [ +8UFQ<۵uͦ{e' z2υ|HYzcie~[s"r 0HDE4}ZιyuzonzؓHLjg8#&A:*^ '"$>E >`7 üyNI?س|, Z_1(ϗNrOG\%FS-p~}Iyuؠ _‥֯gB&A"{{,|-(14ANa_37V[h El `44bVnqԝVC'I]%4JOA@jDTTu?_6*K<Tzq$+ ʿPKNd"/;,l<7G돖ٌ)-F';vN:V.Z|q&r ~U^~0[TǶS x+a@;V58n̸Ёbޒ*|Z:2:'h:ì{ DCCX%A^'ޫ<S#e>oUv|䠂m" dfȹpm/+3֑ }|*xͼn鉑*-y-Lq,4y*O#<`]:ps.D+'؄l-.O+㴼lzKj=HQ͝vvJт~C9XO šKN L3h2kL_t0@[P+Z18rԦQMWln8(σ3L "B uoDhX%i Bp H[ NtM^e!(L;!#9>?=tě_cpD33Q}u#/òS3]n :1U4lOO}\q>//C^Kzwh!BC"(X>{"뎡$z64ާiW=aa d6~$l\x#r8 IS0iz„6gC@'5;Ld!<%a!6|%@Ionk$Ǔ.05>rx. ƥPO{Cs$ZaA<"w/cNT4 pvsie[ 3B]&KDbTlc<4/rGAlw܏S+&%T fFm a#2"SysI"KɩU[BPW@4*҈@3,f!0MddS$[/I@wQ;or_{m IDdyp=wVQ4m;EvwZ,iᇣi|R V l1'uTr( J犯s?g ̙0A#u?f nAYT6:! nr2ߝ,aE3` p+wTJS~/wlw-iLZ!?kG3 y:US;1,\f̲+׏ePo5#s4{OqDoʾ]EDE"-۪V Wŧ]DlbhP+4op1ұf1iř#W p~$) 5<5zJk0[׽`xVE1͊'A9)aN5烏ⰇrT\Gݥb|>u^WQ+q\?w0N;,lNJg*"h&rK]iOy*$f<1ajRuh5++Y]B>= N*DRK~)#*K @/a])-m"0Z]G}B߮5=y;"Da fusS*) aT1E1LpYkDzIđdo"Ӝgw'΅έ` Kv6dWwtxVR;-h0l3}0S!|?Q_ –^K0K;R Zjp. ѕaDucwDiy:U`71*BɝLBbپ*2vub=?ȥi*A(~%`k1ɝcd'`ɞZ{PG6rNI6GW1q䡗AGr4>\դuǪ=Y߫|3fqF-!Zk iV\*RW#D5aJ͋[ wA(=Ϡ1in:CyW'-`ZxR' X>MeAQP{@ nR5B]Ħ͎D8k( pȡ7D$_>/q2`:5ed"P96߻`JwRfB!j]YG7tbSMqrTrjܑꨎiwWoh H{BRmr'jYx P08f陽t IͽwzZ$`#׍)`{j? A5&ur cwSʬQ8ȖGވ ȦylnLpB~A0 M =aE5VkAu8V(ss-{DRxKypӬ\nrJ;,sX'{hbP_Qr+|%a-0=8zphw0gxo-͇ѠϺߖS`؉ ILP K*ƖZq 2E|kCofW9t"5i,diwlmbZ0B-m; sep+kO+`˪["kO hnsY%֯2}JLaXֿ],kdd!}FQch$m"Dr.&Vٳ#>FF)4 AqS¸aC˿r4A6ysg *4̤M&_݋=kt\Zd͈+J0gdZuW^@0pq,Q 89⻁!9;{/ kM^ɏ$;^j v̀9uD51U@%D)HZVkDiؕTi30#VHI%+ iVx[%'o\sQ{ه}*l6#0SY鎙>7^^ǘyk'qO+[ےJ6ag/֔}yÌx /#0+/Zl.͔bH cNXn7(}71%]: ʤMt];9cn;@N T8O{x;8&z3`0?2"c~MmZhW`F%&!.SOy.U9o~_5W.d'2lF[TZ1E!ulNW3\]ogxs|@,. AvFXCQG cGw*9'rUxdޞ ixl ?҇\&JMң=}f5CCD6E'pNbp/ EdQXw w\޸<TnCO97Hw.yU髁"G mlX(dWP:Bq<Q7JCb ~RDy H!?G`wmE+Ryl|Ҽ c[bH嘔^Ac"X߼? B &ZKmKv(/5.㌖\"@g"8HfVSJx@Rd&nƋ6~zȫj]ޱUЙS!q߃֙A6ӚA֯SB*EoZ!QN< .؈`I%PeϖjyT1t vօ!NS"_J:!"a^3lM f RȣFePGfEzoIe^29[yDZzlf 4CS6PP/XfGhsrA,aVY-DmG?r r¥*u.DT)Dlj~- -TI Obo7z -\1fYW4yp5F9>ݽ(9r(~xpd ,RVy[PBKZ2O\}k÷%)FМ}:L,,By&X,9۔/? FZ|E>݁)5r ɹ̞2 ^8|Q8=r, tϬQbd#վ3qWK %%v$l.% 8V?] gJZdLX48lgSV /S5Pw&Mv\lpЌj+^> JEBH9E; 'l W1f.ϭ\! I}>.W$KHZt1x%ʄ}$C*@>ŝAu.Aԏ[4R(e4!֔kr9!LK~y'Dy:]ҰG5<t<]V2KnA{VVx11C0@ݬԎJ|;`RMӣ{ 2̜-g ?`V̶6PT(?K:b:99CUQHvdή #鸜`BIXp5`+qX%#5D-ᐲ]{{ ',#3`6]B]t ?^dd2%#Αըŕ T THfl瀇Q؇F "pc~]D9c."?˾؆aTޥu˔8."\8+6b[,N}ݩOg*dٕ Dۏa\DR"j|%n),2ݰR*P*F]0K`fiKOn;twj"]Yvt ¯N^W#1o4*r%f]XxeVvl`CvL ib}Q%ĸȢpFVke1gK%iN3KԣE(GS֡FyE&zZf=T/4x$F,| Qpc+a]=m'!SD8".47]L AXט&q}Ir_VqÈLɷo vU0J@TZ.2=4z'zc3"vY0K>=g6﵉%Խ ]'c#:ź ͛cc zzWP2`iFT5py Cq7ZBXCVXj G|5#aa kSZ'GUb%sc^Ů$6 H69v*Ԥ!$耉qkN'ޢՄ䒹nG)n4t+.}nb9t!G萇+:^~bcղtgi<箬id1t$oo̬x{\`aࡾO}o/,& )CST9=nkAR#M[dnbeK~s8Cl5qN5E7 /s'˷} ?P!8 ȃEyQ䀔 bẤpuj[LM͙sDu2z Y8 萖0QwSA qyTš[XМ@$j9+ ߆tumb] o,x7o iY^a1[t%%LgUڀ{?9yʴlУ;_oP CMR*oNa}8&\S@D]=8D[Œ1c+M6@Ң*\+= M 뇛$ PZ|UWfD8`p~g:4Eӳ& wor@yƪ/[X"w=-Y{o@F$~T *DL߲27ȹÖuED%‹tMYS\.qcCD R7TVUn ERIJpÇS1^Fr\. *@FGTm1f,}j?4<s`O;"öA׍~s?pigGa2;HnD0@ m\: ]c5&9@y2*{ShgxI2C=2rJCk3 ~F}?5 &[pfT $e@v'\- =4N3{j:Y<03 ~l1z5$1Hw}HlK׍Kf0jυg:@ϴ۲2i r@RAMI8}0cjEۀP`h2 (\RT.>/Վ[q-iAbK^ZkSCv"gS]B[fz+T: F?Wf&K/7+" S6R2Z&!ȼg740Oa]qJQYEDZ~N9岀 cL$=D/*@2{X&=i as'6I=?t>1)aqɏ;VQK:>-5!Oó[2qY~!37?ԏOG`ҿÉ ?T&7k)6hY,DY/ Wy\4VY K,pUi55 Աo,Љ| +)<#*k Hp\U~FiP%/HI}ac~)!:@ip˟Qn뵅O.ix8/9Z_gֿzdfWy 8#[AQMA)άuuH)p]qch<4i'ӮhB ZKyE:EFHCP(AxHAUE5bW/^ֺ(qG-J7_c$g_:4GT-)Wso)K Zpyc{g֐l亩c li |lt㡧b`+}&gSK$6SѥXG9Z{1l,!nk.E[o@mrMmퟘ{ l! XJ.У]Pjfkt^Y#WjDg/@;VM0Nҿ *kzh,vl<Ο$xY[Ew@,gw5? hE7>aAA= Qf7$>CiUJ<_,bf~ig6YݝΜ8L<'}" t?M\r{%*u1(kת$s!ܐ ]ɖhx=K'`Yؗs\]c?O D2Z8Yl_tj) DlIc#!Bx:V \Wh lrèֿz&QG-1)fKIĤBޔ4P"3JE6ldL<+u BA[UQ0Ql*EŁw&_t nO)$%0RH}Ez4 ZhY 繐ftꨌ暸lOQ[/EuӧI'C`8p¿~4|1GLȥN?O;(?!ir_Բjin'E%zJ{T VQqzɴJvk},, ^=1H@kN+t<]|R`;@~79x-nZ!a4Sس!Ƨ3D[9NOf9Y$j>I<I2}慠WJ Cv$,\kͽj՜AJ`cm5ܬG'W<ϕiEygw04<%h!yrmorA^@1YrO^;=eGU PJ:?Ш,2g~5AܛҁTuDL=[ҁ1$j)uefƂQ`D[$dJB :?or Nmc)f A$#t61/οE;.XB>&(J4:2QM1UV#iG$I4s`$㬵~XY=$,w24K:q#Vj+]AH}0n7G'~!2T7juOoo޺Ou[qDĐ܎,I X*I*'{E " E+^89?9І&2٤=~UA30o6,eO[n%6"rL#&YD~e]R>ZOL PVv=q0}plj W2C܁%.PB_Lcv"2mBY8 ͘LTRq݆mΘۦɻ[.rw\VQ' -mMoHQQ(a@s̢ux1l()]dqM" %vgZ"MţʼnY'{Ig+ʳ߻n:&+v%o[D{nTD moy p;SI|,5s͍AGU`3pO.~%^ ѻ{|Lq/$D߫G3[4 Tͷ|:(w|? իZ2Av0ƪØ+cG&6.?gE\IfD~K"sfʇ8܌FctO~ n@z?O%ccmp>1[kj`3LbXJ~r)Rا}ݺGaqgk_XC?Hin^GeIÛ+y+h7a׀%NJDi!|&*-q2+H3n@V i6-v"wKFhjhF2|j0 PFM?&1aZldpu$zrVe= . +P&i⢙ 2-ˣyɫc:*s j򪥵gZYq1"!ۛ8.Jnݕł*R~4ՙMM>3(GgY-xFˠϭ$Ɵ)LTlOx|D5K'yw/9Zn|k *ԓD*+UW@vv=!8&!w2ń~C-Öo?|L;h~&/[skpvRIx̭jh)Ì2O!uz71SwX*eWBeq$DPQ16)LQ=t,ɒt5ʴ X`w;8i.yX]'HKaփHanK܁݊-rueQI8J_ d&Km;[?9 v+O}.nG-s֫U{Z ('%xB <h11ȟPY qkaG&e^f(__ثzݎ^(N8 hV6S1]3N 0<#t}bpo^^j[ ,.I Ln]Ỷ``}@}%YmdSiX= נFckgD}$s.!"BB`0"ElW4$4ⅭG'FWR3sM3v7!0C0Ywo'< |h1UԿ4ЎxS_T$gWˬzALwo2L'jvIJuAu@L$k}g&V-8w0|an*#>zzIblN78:|-vb ?*`XB`]xHhUSm~t%TJK"~qfDnk,Ճu a \V0Nn'  [ib_j(xߧZ9 icEd9:FPw L |\/;-6Z DXoLo'|wc+9'_)>Zy)HVa5N #{Fc*.V& *. gpG c_ƌjyMdV -7;nGa'GZ 0h7rnO+MʉXD":}]uuJ{^ &HÕO g8A=珓%ˌdI_#i'u-(@DqO[x_Xr)Q)5m.wI{v=Xn3B!wniDs=X@D?D4gJT0Pԅ3Ѐ{ٻDnlAEhaLi&V:f~Y@]vvJl͜ma.ldzwC] 76]=rQ0ZK Us]BQ!1UY96dm^N'O/!?1Mt+g&yÀtfCt{RHF2{.vXWDvW ̇xL:*Fk BHtcG*L/cwS~Lrn.&O*k=2MPNQD|Uܲ12 +P:7)J9 BP|?._Q9ӏd}I1!4fOw׬IY&޴ׇ v&Eb+ڣ0ۭY~ω8C131 :+?QȌs{}bX0@=ōJm_F;" 1GuzsV~gtU.!3 cd5X'j3T(>Vx3V.Ɉȱ?E }-dg]bY@D%GAU9SnS{҂vBRq&}EqJILQG i HJ] Ŏ4% j5QVRCM`yn@BA?Pkmn˹ Ƒ*DT$WgP0DJUo6ceH 鷭'U~#qß谷4vX%p46ޒ?2hUFENNxs2je.Ί;oÕ` +' Y%mp !~iVnZ NʤS`{m-C.xE-ȧC4a?vn¢R:dz35cA (0:$(u` EGq-\۠v{e26 Gg].߀u:1d\'^;Jltwt}Mຘ4O8k|ҋ.Qm|_Z]a[Oq"ީ?hP}̇&{?d@%< yԚG,(wܦs%]`|bv`U62'[ކ| d-2>V#Q1QGt?ЙK }ZpߵG ̐rԴlKhiTs _C7zz--l~tipa42٢?c=d# rR"iE\>Ys_]Xwax19-Ide&ZRD,@!ۑ|NS&۱!gv^*Uc(R=Ͻ!ǵ*,'&'8Ym)^ sՕMh"| CZeC%|\Wh‰ Dr\3$Tc -STq==)8wt;u\RX:Jq`nL>Pư랷NR;-3e{qwA誁T3_"%*:L[ԹU8uuF+[ R "O;HvA$ /~Y&~k'gg܊CEGDi ڇ%nH,D\e!O-b>q;oAe{"G B.y[^.EdQSR_$j#q-xm_ jl]Ue5<̎u.jE=, =~"Z?J` z]ucPȨ8 +.щt 5uڞMQY 笑3}$A`:D+[u1QtuGJzK3SEtDYU3՞?1H#?)QJZ?2!6^vJ"+x%*?,ҢjrBWbuqJ$ ڡE[O7(x TJ1;l|x77*-876+ 52:_:0r4n9u4 cVVtF םp!Ś}g<$B-{]9CzhQVX [W.4-tʥ`>N6rs>͹⥷̓4>[Z*Fbsbd+bt fe@tvmρe :("7M&5iRw} cΜ1vd6+`cv5^;l"ߦsЂX֐MB{`Z 'ßgI0  x5|nȓkNϧ*ˋ}B_SQ1 k  S HEV#i3Ij`1# C;h4'׃eU{&gVQպ{1TmmEX=<Ł6L#pOa,aVΕa?.mVKuN,S5=N jB-`;J.@7t2jUOg/T6Op;)WNN:Ye>7Hh{sܣrhU&S|2P#7U%m؍DEIv;Aݷ Lt1$@B?d(d^˩ ZTm6oݢM[}R2/ZAd]߬%Y'kn;ۘ4Oq@1ԞV 3mDy_N!(F, kBzWt\%:}sd٣a*MM -:N"ӏHi2e=GR JϬav#E¯KK4?Ȍ5)CxQԩMV;oRڔHJs!?~1uƒƋuFXu6o Q.!g<ʀ`-aOyB2cА]:FMT4I@鹓]xwCtSX*_ٴ|^KX}wD5'j6‘:)eWP(mVdK{c~ *=#~By4jw$CzTA!CoML|vo@t-^ ni狉M炷M+]MqpCnFi`0) k.$fRGρxl 6~HA[OGz,-q/iwwc&Z؀ O_*(YXޣBw/I|Fl- D b Jp$:^qrm̧֭eljܲ~MT!,c1.3'^]K6B!j(x9Z-َT!ۼ٢ ›+d DS&b 5$ݤ>eǦ1K]lV%r_om%E90f8M't]蜋d7twJvV1ݛXn]W-o4Eҁf%of=WS刀kx_u?lQ& ")Z\[bs+wȾEa|wނf$wӒAFGl㦾bQWooZy^}U|1nP{.#h#C퇴;єe޺;G⡟F:'+/ŎC%`VyvWMb-] S!iuWZ.3&z %Ϝb^+ "j}ݴ{ PJ\uV-a #L*1]T(yD PC$ԑv !)5ht1ݶMDOh@jrP~q 3#Xh< enR'ږۅ.N1/ @-_&u5|P">l8^Ve}tYIvgY!hI3q;sG|hY/ϳh598Vs͈ GH%K;.joxd9"yy58SE9ip΁JiX*j~+>D?F3 `;Uɛ$:ߕtKv ]:v$m[jLCRUh2u l^A9fx]~FY&oTp۠c? aŋX/^R*howì:Š^N-%{|_l=$.LF6*s7y[e`W.eS wPǰ;QȧJv4quW"xN:xUc7'ScH[}d ~*i @t`_. FҦx ֦4?5"g!>uA @,;,ySgyRm I)lM+~$"tw{,K7lܺ}2Y>t6`CNO[ǃ 2ǔqvNZWGfoל(",WU8V*7vS[Zy(xoD#,Y?I'M*kѥܩ z):k86ޘ,U 2DϽ[lNN;Ӓˏ =iz8a(68-?ZⱎabxJ{ = ѴM^XLoR_g2d++\s_3RbI'tʭ(6QB mmGZ?hSĿ_Ycd幗cHq4( hXJYhPғ6 t sF2(~G~/؆O7VauG 4]^*"G ܟ!\g$`O$廝^K[T+o00i4`+|G(wVW;[ؔ9&=dtz.64^m= )uO.wbV=!<rm̈́N]Rk\=أ2+T8Сɼ *{0DvϚ̓sљTrf<Ջ/&S^4L\|H*;* -X}k3VY{vv /*I2{gu"3ל٥{J_v DSG <" 2%7fd<|7UE_hd'v 8ZZ2Ϣ#b2 ݨAuZox4o7*}DWE3O]s|0Wh3!A:$n9ʆɤt;M|6s]GӾό}VnWz'k2d{9 PcnN?RT5c~SѰ7 md1+E{ʷ/> 9Eȵ+5͓o0 @ {;WI@͞GEoagt$(fx+ԓ1^ ur>ێ$w!\!tK,_J]tK{>·h͙C :mj ОkWUc6O? ϻ(M蓆44(_;W57%jnK{B@s #P]^&SαrZ/c}9ӧXshU'~#lEv{n>* u>cߖ"Ze"ɇ*GwMYT> ^Jp(fҪVQQc#q 6vpv:A;b~0 }5P~҆H%|!#"OLÓvvCЂVL?3%IlzpKs8XΌgc#i?VGv6~aB޷Byu uOGr`h4Nr*_'Uŀ67ޘ~eN=i/*'5&&TmZm/rx GBOq0ב(oH%EQ&՟?HwЛ;.ė, '|S ^2׉QDRu ǰ=;zeqHլQ4dz,qbE 9`mś/^Ģ uW-Nt^ /n04nGV6A F&<3SJcj|x-3G^'qpKTJ2"SϒB#_Č|H1Ƽ_4B0\=+Xv-1_kJő4,L1My СÝdV[psX'8O6f.?؁\ bwLߍg*GSR53zE[k"2G]<7<2] Ty6CM*>S!;D_l3g9.7|W<˧mNI.\a.C@Ip@Vș٦DD6rZbD" kX%@Ĺ7Řy4h 7AB'Xp ~JqY]sP{lշ ѬLrRS_$m]97FF`"2#M\UP3?v@BʽU~iS yQQdK- @-GW6ʣ!|uWE Jmhf6h| 耖;e"Uҹ~軓@jwp+ r jEw 2~?X3 !jt9jnÿG %RV~6" o3!0̈HrRe.vQZʝOYF,@ok+!zS#sK~UW!{ ?Guy6QO`MQLpi$┾Xs3IiJ0'U`\o25*$EMm/@\܏G=a1Zl.󘔢=x O)S/# 1U[@o{1:~#yKqi'X^"Yw'_'`^}acD!TENU*ANDJ>O|5J6u,qh4 wsẈBVra?v`wy! Z]hfDu.M!}qy nLcJ jDW8`Fto1-"RoYڃ;Z|"$6; XxjfF>޾owsrto%_uz{ӝL[gsfc_dŒexݯ\猸:I~ٺ`؉\mr {>4S1$sl墺\VdsC:-0p3IR-큌͍{k`[5da Tգ60J:o LW#KlJE~F Zta" u7vZx|R\ n4NLgKk4t3E ր ly"Q%p?)7zͤs!_O D{C,jP/6H측Tmۭt70a舁Pg ڌ Y>- qg%q- Yk(6̌UЖv#.YVӡ e1޼[q->FCڴ`D+ӹ3/HDTcX3j͸Ff#شNׂ┇PLv{ͤx2g. R 5_4W77R*uguBII|ϲeH@(gRl,5z'ۓ/ X/yV ·p8Ҋka٢jiQE+"moa$+jKe*؂ʹ9"?= `#5tf;y7jQ DlTW`GABr}L%L'ķ+%vR: (n!VŘƨU틫MKsWg#G`&Xذ~I2o׻+é q6]_F$P\};aLs8=cThl9F1=E'cЈfA4~0LUKy@؋qWbPg{ NIEvLל-:}oXW!(6U|j'OIJ/S5-y\#U@xͼ¡7ghfC5֞&.-c{6) a3IHumR>Gnh.i!^T(U%CМ/te"%?C~Jwnqӌrm:ڱ/C?%eFY30`r&DG0MzoW;k۬ a|}t'2m]a/fLZa=XZbslj&HPֺm9P`K, sy | .!r-JO}|ec = vOmaȃ>vS@wQJOkq]+a^BAg GIyn k-"T r4ǢB$!.cp5> rV/nOi;44v}zdY@ok.( <ז,7ZN&Bd~lH*hVNE)މ"Njw}Nyϑ #A=SE# @@]Fw%4q׿Htv3+݆Zᄃ (-Z2[{GY!,| <9}< n|1!=^38h]kiox!ffù&i"*S_GKi}JT0`Z}qN0f]v(,aM6"Iѿ0%S$WuvD߮uh7TuWeP:br@:W}g!)4ʖ0,5wSٳF3DN ޿W_9* $wַ+'|{2T S>>Zu%вVV9N! - zNMt~KmIɈRL.1v9>p7R5~JRE:_<v Tr u3mIR:czfv;F?ƕ5M4@)kjs>+D{ǕӔbjqi,3KK2/Zyp"$fƪA`$Q('bnrOܴ9v bZ ihb^=)=CcŔ3yRθVsR&C\80%fB44+eE!YGLy~?ӆC'ƃX+TT5:R2b!m } ꔎy۬`ݺ19E%7A׆͛P1l~ɛ񏎭Sa|wR@TNb~M=Șo ٵOYjwJ{b9VER͖ xެWgK$?Ga-{\0*p?h5KE}56h'ڊ< Kc3X#^4? t">8WGG.Gj˳5{ =\|"񹆡Y ;9,{('CByMKiu9؁ pxX‡-K^y}Jt܍P: wDDqBXR3ģ}7׽,WSv oݴgvR}>? E)vSS}W0A#,![ t]7IFl:/+ulwU~OJrʆǥ2$)FLC ,RNUcgfFKhidfX|8b`@emQ ɰel\0!G{Rey|H'W5q\__!yCkE9'ê~0=0zQcL'w;`~!hc:ZW S N?iq;o ]j 6z"-}Qӡ{t|bY5З;Zx@gBZtL&jj2V3Y4` Y / A48}#8/)U[=riDA7[3ڪvF=B#--;JY֌p7Wu ` FMLCw;b^A/Sn"7YJh)'D>HB@o"AL4tQeJfxHS<%v^:TP8|Rd 2ǖcoBb9oe8K۟rbp+o\ H\Zѐ"*sWCzrbMG!R|o^ۯu@YsɴhܫG}.O"Xw(=䨗~)Xޑph5'dio 4.90%eWj+8<& }I 3לŅujn=> ,|=aZʁ]D[N;ܖ&W?(ʗgf6yigaQ,[,. 䯘0E>6 UO1nTG&=ЭTyH`Ÿ[M磂2?ni(ؘ.>H8,+6ZTM#%㎤Bqui {ڍ6>!5ߙ~0 w-#6{3t5<|cxV,LzŭTC0`l0T,q:\Skz8YU*Lk/}|8,5T[UU ,4=}ٿz˷O OV֍3̒EP?-c31VF@sŴCZ ٯ+h/Pu\y/v -Ei FMp3Q{4g;WB*ف=yvl>%꨹P\h}\d,@g懮47o6${m%x͛+j/xXwAWEpDbSVKj)%A0.n c uּTEԤKsy/C*e#Qh,Rsm&u(sᓧ"Gm!zPXORV?h]i&%EsY{ e$WgCbG}愻6")hR!q{]C($m`A]W񵶴>Kˡ2yh(x#"gq+rEōHtmT U^4%js>ҁepڄ;>3b= ɾ gd;w#) {DSdQ2LbPhbV DԴJ 3f.[ן}_~9M3uf'q&nQT, χ} ln#.ܿ&q0ǯV8kTc#>h܇C/_Ar|ˇZ'VtUp3?'3*|vL~X?KӒM3J Z Ҥ&W!s,K]*'YP4jЮIOnrU=GΠ".ʡw:J~KF`T,5}*o%P l*G"t`8D>P/vҨ4 x@n&l'21te{yg9-?,Vt8?( 3"&ʢ] "DbH '"QcS9/|+AqMeY<|R_6e!K5n>~ɸ4$5䣆5XZ0w%@)EWFAcqZ6.ljo=((1ͫO'ED.O0]DA3.Mk*<.4^tM0~_mw+N &cԿ2%_(rMJacܳAպ3{NQGO{)bnIuR!H%o eJL)$_%qKJ4#$G>$x<W*0ؼL/"{Sm@aQFUʭ{^w1O 7[Jw 8) 4İ| .ߣL7FP0Vf5r^7dIIYXtCSIYBN!B&̩V#$Қg{#\/;G J"f¬.FZiɩJ}_6V$)n@GZd"FgL fߵ=3Z`][ZMxaΚ&6FQz)EK胣L`R6} qg>lo&lm^8Zn S5ś\Z@M}~ˈ0$ս.-W A VOǔ*LэûqYHF"&~ >b^dmnOJB.`"} j(CQeН!v{l&*%zpXs@PTϬK4Is4 *3T=9WN:r @To*HWtSg/eE7W<%[70_qXiΒ''g(S͋|ž" Q2U1 (^OɏZ* ))}x' Xs< ' YsPA~Qp5 6[qdу;o3*RеQ8bZӖxIL}j-"kzCWU1Fl1alo( ( ת/}j2' #fn#KCd.Ĭ]_!*\s,0(=ǤզvusہR%x1|( &k{M ܩ%{V}}_\z*a1}٤CHydaMv'ľ%j^DO& p7D3i>ĺ+Juޢg@UD)uW3;';po -`͕?Kr5"z66Fzn_fu'x8׾3K$aU1xە}x\Ӓ+@f[>&>\`ɜT 8/p=O j/& tsPFd¹zFˋm0`KcVYᷲǥ6vH8>=[je_X| >.;,+4Z-6s jވJBc5^8rUh@K9klLy>ThBrTXC]kFr톖-Gډ r*UݥuZwv{2 9|\rTK5C@_ܒ3R;lPZ';dף"g[@x12ԘC_ /Tm䯢\FJWx?n 3v;H^؋nW A]>1m=*ѽл9]҇6: *s&՜^si^x_=W%(yE;6J`S[%ӕ6"Yu pU$U\ޣgBPmɾQǩ_0"(uPfʹov> UmDxhyp_i(P9ꦄ'ht'.JI&H}6w/,R!+)RAR9!.F\ZAMߔsx4l(ͲYsT?ˉO2\Z^JOJB < B^],}IpPr4V^Iۖy7}tj"U\UAZM\LK-)-1P+ew}2[ DB}CōddQKNH~hpo(f N]&"}~ P½32b7Fkla_3\IX Q:Ј E|Ra;cZ#pC)}.VfE0W:!rJ]ǵg!fp<Кt޲Ϟ1&M=VqT#=AQ]Rap(ȷ?a\MJnS:'su6TI7nXY GYYr% !p-ē1òl^fQ:vl$B8†uC Y2Mtspo4]qh5-ꅭ~o.0ATb[č826G՟R"[&xUpp;QϝMqP4v_L6)5ɧ'P튝j^,$gR:}Lk6dgvz>>$K)zzAgč\p%pi#䍸cVa=Ya/g+x@gBGuG?~0* @$j9Ҷ=D*%4 Z#o]98Ϗewd)҄ ^V4޿t%6eJ Gi>pT Lqʃ**[[6+nVTVH']J= :eb k>[%<٠θ3ݩkwm^q=To-Jk쵁/~U 1- L9z|u=&oTtVQUB!eǠ8AMҨEa;rٕip&ҏ_u鮀6U0ˊo9ymq'x"u[/vrS-MNvUEOn5+gR[1V2$$ޱjcbӋ@JTۼ\$H_{ϱo*h"gA_W,:z3cߦAxø&6ì$fV:iHikj'u4V\LO*Rg g}㫓-p* tܣyN[g5DŽgM:J%Z nB:DlU-wI1ڎQ6Q[>[ܜZ; `{k`2F 7)i/ūz ;run+5dnj2˓|h oDpʹkH6K~7LqV<܋3}x;x8M"Ew3޲}=m  @1$CT^Ax /u9VX*x( kRzy:qXKMՠ82!9) ǁz-^ve"V'NΔEh*xhfmYYg|c *s[b)lhVΖ-EtVr6"n/̡p|FX[4R#QX8!=KniV^mr tLjkUgåwfR a g9́7^dÖwIJ?STqz_Ƅ[?UTp:WӶJLna|XYPa_фFGQpn:#Ͱ 'C@ l[b5Ѿ;?<)ox&eX %IKOF iዀG& 5aev#d~<u*)|)/@&b&HYsy&d{HqT>U=ϙPTP7FqW ~mkThP%*Q/oΝlVggb 1ŹTo !*RPZ7td1"a.5!ў}h(ں?9V2&;F @4rTq4Y&bzOR1 tx`3(R/UH;hxZ6#/2CC'Eji8u mrY iV{S~-냁'(뫷."QS}Mue}Tڎ/Ǎy撩M>$< Pϊ@JdϖRlI8e:0fc/XQz"'JGMa$riG:€ek; sFfBՌw>YX?\,!-4JdO_ bܮ?%S\rp#fn9e=b`xS|9e(ܱOZ #={ĕ+`6vaMPXl(CWڠ!ɱPu'iD,| e"Fҏg_ 8]b-e +eQ Q-(=PPztad>GWdxdmY@vu,ZGG<+Iw4  Lof. t y}8Ʀ,{zBe +:^{K5ȥN'SpoO.F?uhO0$N¨+Oke& @g05&117YBp^NE` ?nn .մ܂e%Av(Uh;&f? juv '; 9Ԝ\lĆ%FAJ!í"0d,V P+wS Boylm~*ǔ.3L_Nr***xXqWWۼx4hKJ0*D uXovTk]3? 0>amR+mccQ"\Ǝ;읎!dKo{-ԧ)I1Rx/\L0Z}0N5qFA$ \#b4Zm;ǏΕŲ Wjn6[uk!C iHjd-HQEڦ-szW4^wE, JNCCB-VɈ @wfԯuUZa/8 菑_^mꫛM嫱?qm <zA@"710'j$dXoIn%,c6\)E*XDs'f ~25,fd9?&$LWdcIګ7FӴ;~nUUL]XY_ׇ1x\YKlC O"rZSRme6>Ҷ/^d`Pр`g#Y➢_N`S]Gآ=)Օ֖'YP8e l_zci@/NC Z/h,RUOmnTLiKp0N}7%T@4Qo1,:9iīDm"PkİjGFw!5敀FKs<ͫ]_-RȪ8_/3zٓ*Jy 3CC-cYZL#u=G.8[ُUFeKz@Vߏޖ/5R7NČ:9:Π(%n+2+<**y{H*VzZG&С-F،B_II+&O Cԥ}L!$g*Nf4E( Cc"'O'wf\0 `&hLclrA%}bf/|{֩nB68mMV@2-i`$.@ԷMl&cjgA}~\Y8;:8"nlu@(ӆXnlԘR v"\Q:X$O%$ԭO:Uȭ qV{ԋH²Ej,@?H@re.2R+ɽ?%M=&p]eaNCh"H4ɭ7~擕2|De'&3Eѽ8皰 d%}ޑUw0XWH@SxH`9W]gKw%+h?n?u6#]i5dtDA4dѩ2Qk M'YBy$ _ $J1ٕW=G<ϖ5vi[ooMw*0ZYnyL͈p^ϬC"/7ij)ڨ<0P9ׁm5"aJz+Q4P+a3'mj?gQo86ڑ#epVy,ZJφ ,(p.v hAc,Oo@|7 5|J@8A pEA#wՒΦEϘK];_A~4iJ28>; !Qj3P#_W*QGQC.a됭ט l}sO0wf@Q;_.'kiƶ3_E`)3("?&TY16y-Yz_$y._pvԞRA3O&y%A!p:yawB%q+a,:i%Xho꿹h4OMsu7*UZe0>y\WID{V& =;.GkWRxqUJKT[mhc+w'&:Y $ԩ6"̪2d224>:?B,Hk׀[ 8׸X^ӾC-;+.q6Udue/t+IG}BlM3dd`8Gq68޵C(;*H(C5֋ɗ~JuBJi`꣫&W-He"\m%bK: ج5|.'~DkqqR8qCW@8!gҌ|Nc452ߏm;eTӃ'İJw)PcIVPV3zlF 7! ʬ1ǖwϳ <9ps^UPC Oz)B7wX0RIQ&*",wH9ʽb~HO'iWb4^ĩ 0B*bex\AGCና*9zg ֕{c{1嶌0tv:,+ f0i-J'@{_7d-Mq;jiHWHnUcd@RGl~W|$Q/6BFaz[l$ˉĠ{Qf!@!3#G,%S8AU{JtISO)F8fSVBe ԉ<"$K*y`h1RgGK5 {T*k&9,{ 翽h4%nX oh{ 2;]Zcb|#VCx5#>f /h  ՠ4w؍G4xTp5xT[Yr g+x'{^_?[A"'U9 &(]g1c@C-Phz/t((:<=*wB-E暻9'M *1ṘNl qR{epEc1{zδ1&o8E EM<аlP?t#؞ ᭋ^v:WxzCS)k=Rmbb ݟlh_(4=Lr"\Ktvgri؉A6y?Ԁާ[cE˻* P~v1JqW^吶^ x`ȔJ}[ .9#J"T*W5,04!3XvfL͹)Y8 ֑3#LcYV?nk3PIQ܌ :;J%a FfU'r0asPo{g,֧3 ?!dPU!T3~V)|ӫ2 aW\ 0{Ca [ ejCJ(!KOḪl7 wNPy'G7w2Ҡ z\ץ(f7wv2ʪ.>Yۣ=8Bu.4nifApM)XMHٽGNݣ1XbL0j <w-Hx:T"L DiÌqy0Z-/RYtd#G(N^ ՎiSƑp'/n3+t'JjIcJ^003Q& hƦ8f=d8H~~#0^LN@3cs3(y #3ިF.z΁;? ,fWr9g%R9"|";5[d#>^nHV,C{8 %1pۇ~HM2{ip CYwj$@!ԎPY[^bLq=؞,ZRj[!"!hgez3`d f =T{܂}r0AT,69l'ED®&ö}٣P%Q0]nt5_͂~ApS,TcaYvj0'fC*gnm6J=@Ey)~94 j0n_;9`gKL&[4b7G]q+s-](JcǛS,XDa}t K΍*I Va,tkfzl~#lF&ycx鱯?xagZ!T _Ⱦ\Z- ,kHV^2;8{!D`qajhiZ\5'^ખ[G-^[ZEc׀Ngv>%v2o,_5xgL_n(DsV+9n2)hMSQ͊M= 5@(N&mE[ݿ.@ۡ>P%]r@xF2_0y[+Ĕ{ )E=gƬQzVpsto{2$ PO.P{I6Ҳ@H'aԏ:QO 8JF3Y)N6V58,\qVE;<:\p1  ,baD>:f8ָHM^:,@%uA I.{BI$ >փhOpU~.1V9K93)O.ELHXvk͗x'5xlu'?q~o_ O)7La\E\{e կrR4] h-FLQˆau8R =KIO}解5ߊE.X!Y$g#,zqFw53yxBW0 }4ڑOv_P2>@\z))26p~&w-+gP`y%!v΅8|߬2߿AYၥA0( jXy b Q|.>H<9q FS`[L !*o0_P]R@Jk9"g{3"SF5q{ےT'H9:3鑬׻`}{L4Q˝zq[+U-2C4 u}*>mVE[KJ2L G.gV4\KeQEVVilj3E)E r-i5Hpm9X[pR gTdpvot66D6N٨9.b^bͻCe-:&QC ,,Vv e"41IҁMi/k?|91Y(ao~|P%/㆔&}=z 'pU9<; $x.+Y,&4]g e% "`k6 }d/cxv \ɴ¼=/ 6W辁l KEfj 0FC|R/UOCa:eHӕ7 !\2?҅]Fj dBlF)k`[wϞQ7vIRwh/dzrwg$^c=w{\Xe\剦¤vy,]Ų!מ퍕XmFqS Z9g\4='#jB{ofs>HTgŌk0JrxHb׵@$E3dc$&(d(6m82݋0Z[|@OYU`W>BN,7T>J P 38cNq#6 FX:5묈 T,@}|Ϛn1Wܣ]$@DXǼ'f.D`{]QS]H̯slIIXa\žݛN5`95囿Cp#P6>F@P\!b׭ *@;-"5/4ڦJ"wJ2=;FH 0y'_;vU5U7A!^qe#;W3{HHuqz71݃Tp\jOK,F 1'f@sq6rӪc?݋ h{laE@Of&ᧃM}:^t ǽ !Qv$>p 'KϓQ*e4C#vPCU(YgrX1x>@ 4AfZړ]Pb>E=,I5å>/NE+:/pqO9.4F˫Khl/!)[%9mB UunHʆ{5x~wO+.eCTe88ZEi>>>ai!YbGsMU]U+.=e3vEZյSDG6x1,C仾z}}EnjAu=#:`L7+a:ޕH{kRyF=uhh' zú㑃(PuY)qp<;npM#&nȧ>G}zS=۞h7Z&k˥Y;bDU7&N/J,?VfFEr'`saNaۧ4W)o>ܓ jGǂ" .kiqҮMKShT.fDdAp'xKKyyuú瞐,d+:2?䭒Πo6eQ׶<7"9L9=خ0ӛK<Ѫ/B>旍tw>0Np4=!1OuYdQv~aud[Kxߞ$&5G[Ba:;~gȞjRXn]hK_t< 45Qcꦵ1Ld,8C& ߹a#P~r Je#v*ۑ^amAt (rܟpcev;O- H *sQ;>$g8M`W.٠Bg moZ5 @A818Ulg:ZlI&bBK\-$/!o6s]ҹ+M$|I7Wl>?w: O-ЪBgcOTyAw&KXzܓ9?slgHo-ַk&&ޖ hȳh\e U-Ɍwjj  ϼ^@4mzdɖ:3ʗkbYa+Iuh)c4 B.Mj7Q]X?Duw[!䕂]9`Pz]uZg"E_P >2(Vg7NsX!V UzG"wT%[R ^zNݰܦ!t*!h\? 5"nU*L #4@$h# ?= P C;Nl^W _W@󚾓O(Bƴ?V M'zG5L , [(HY?C)S_~eS(7yff@Mς[ʢC_+l ?(̞  gT&:,! jzN[]^%;4TPƤ4A^',G wgІYʈ S @pW+X|FQ-kUΐ8B$qŢ`]a۷p>Ǔ:uݶiu{[|$I-4TaQ|c7z95+; _\e0 >=yᷝ8.q 1L!I]kGXj tguiví:W̗ t>9OiYN_w5zaf5_PRxK'YPY5ݑ2 TF8g9:kLz4RCxPzs);|5?HrEFRK]upDM>!$ g\6 +޻zK]jo-^d08)JCzAJ-fݣ^GVAsUHN7Q)( ֨Z"N/In|]LqbSM_UAgA \9}Qg78i3O͇ک^#xuW'Ocӟ2)D-R˒PhuoZ.9XkRUw@K!F̔ i "Ofbوy@iʁ VX55ûXmqu[GZ,C4ZV>Sri57; ]=z)oS#C¹ӿDo_a7T"/<5GKo@C +}eS02 O+y蛓TZ2*)x2ODRd՚ |M9XIj7?:GHkp -ਮg)ܦ~b|1A-.gZ2σeaå@8#P@ Md ^c ,s)T,qd?o?׺>UA}KGLK!_&7z wW[g/֠!< 8Gշ\ @wɈlΛ!:%Qt/IXe?@mIg2!#Uwa2y/V j^^OfnXwj+,=AINDֵKWA72)d5,Vx ʛT]$](XoZpP}=R:WeE,f9"0׉^F3#akOak :gyz F)Ύ6OcŰ s}mY$ciwuFj CʁncoyL zo_VWuZMucTl\+x€#)c/Y_BvJwjGvbn)bGUE&ls*1ԁ0f(18MQWm8Ae$Ls|CTѭ@VI yuR !x4RvRy*Tn~B %!I4RfEESXJdh׋>9SD6aֲ* J"ދ<7u2\>!\ Wӥa,|pf@ (| 7)o'v5,+HA1D "ϐ(#2cf4WB%9׵;T]]XD ݧ_It.m6(~)m 1ɟ`qnq68h|тso2{+SmIK)Ŷ,.u0_b035qnN/(0Wt6 id{6|d,ؒtXy},%$Fe(Zi)H], @[f5*q'Naؖ(Q^/[T#|f!5/Vz\f]h DaK}oKW{R}FUGRL•I|Em}TCd efdWwHj7IZgxC9~*hi Zse^tBgxrY0B} U,iPZ6A+:lUrʨAkI G\Uf47}Dar=0OB_956m%ɢ |&V@m$_@ؤc Ž滣% '@Zw݋zau:m1Yjqebѯ^xtW+Y$UR(<(3}täMzj_0p l8գu vsQ (_ŌvKuj>Gj&Ռ˖7|v63ijSpllR87Ad SˣOMOyF.(\hm/2tZ\o}]rk P[Ze'V-{5,o7\ͥ|{<nFVYR⚹xU!K/6=ʫN㤑 .F{ 7۳b!4K>ȳAFwMYqQb/G3pu&/4╻Y(us#BҁTcO8Y,l,؎oÈ鶅a:|B,XKO'ddY%;]5o2,'k.Fc+Ph%}]i,ihBF> )S'&zOk w٧At-K(/G \?N&$E:qHa4=U3d!8X( On [ƮBcng\GZ#'kŒ vVҞ!߷' : KPpn][W27LHv*?:%CƔ菏`1f莀[hzWiB5̐ѵx` Z-.X.B7Qr@=v8/^ς]Q)l}$#_GfAso39W;93d:f ֠q\ NR,QzRem{f4Ttl>wrVRu=ҵ{ @@ÿt9EQbPX?ZR)-lՌTch1ҟĹZE ` R=y,:7 <3Ե}™4(Qfµi@\$Qb1Xo:.. ^p]&px@m-KG$0%|VX'y1TNia;M_ZӠ vm_-~0d9(Yc^:^rU OSdrb-ғ'&BmsƐa)"|xMwcݼ#.fiٍ*"Nq`dU/%i3@ݤ7WO{uRQ..5pN@RjR4s˸"zJUwoQ5L͹{Ӎ+@Q+Ww?Ӈ3^,>[;" *g/ 핂? Sd6pxCv43VkqƒюkbuSC%}S*+G'Yta VBS/fIeu\qhe  [W9zlV R$#flTV^p4Kat`.?]ݒ Sƍ"FasF3( N0\t~!{yJƷ|NKXn#^<_JklZ vM?4CȷѪx-cGB5oe^ Y?:(=7t"pZrY h hyQӂBB jg]8[u8F|'uWgvȊtba*M69:B==tƁƒ\x4Cga([aCo ҧtCfVDY[`#(szaIi>6d3%2$n 00s_W3nPD z2u%:룦o0wN oT07U|s:V̑};Np"25eF2y1UOk5Fh7fXi^cLoη,d'Ђ 'g?bz{mPLv'jG%@Xe\ZLŎ-Â{(jYF6ɥX)6Y}NgKHF2ZN"\ /n֑5ͮL7y ^Q!%oZt8_Uei{~MntA] v,=} CɄh|:o`2W^Zo>3h_Ç<_*L5'Dxd{̷7KNFB,fŸJ'8HkJDs9`u DorK2jtH$| /۴N=lҎHߓAϩuJρZm{tjWf:#F 3W]{VD Y+vOΜaF.<˛Lɲq9 "v7h'P)hȱ2P[X wG-'wT'|ZQ| Hzp=oFS : Նp\{ONp='x;쥭>2r -9~+y \]{{mn-}%.M`~; -#@0 Tf0Wc4&ӂ0Lm⑆5i6$0q:#=Qc@ʸJƨS#NYaV &b}9J$.翌 L6PIiji. `G*`'{zSG_r [5{ݭMg++M_ºbRMEȑt<7 iiN|%OSsU0=Ais:gX P n-/N `,1 ! 쮭/Z Xݷط.ghɼp9be*L' d7+.4%}V8&FǢ$LV)XfYQF|?R~{pG$ayEtMD2Hhhl-(ٟׄ\]2ARLԶ A2\X'8;FQR}U@LaK`oI7do<&/Sdcq?Vc`WK">&A iA_vlL=Yx=\[>XcnYׇʿXm! UŲ!̘AӪDQĬ1]0fD(ϡJ>hwOK>As5O:˅ݕUW)AMe4h.ݍVn"0 G^Q;e0e553d=bwiﲍB#JVC ٳUO)o [SB?8z* RCL?sO M}/ŞWiGnUfo20ȸsG*jDgdz9n8[%riC}'ߩKӪXť}*Q֢Mf?w&ڪb'dO(3Mi΂8>zvy$%Is پǮ;8J& ]QxkDeo3_^ge7@ou£L8Mtlx(Re`*)!E uI3w/+ B˲MkvhhPRGE+ff:DMek"&[&r7|)X!2PmqcO5,SX%n⋸gt 4WCs{Nٻk&:\V((͕"#,qc<CQSůC? vK(fx ;9UM[5*E&'7I/޻&ysjd ls[  N/|OmԙVpr87yeދ[k:o-˪\Lv,5-H,W{::jbR|f P}r+ 0=?ULy#q_Yyqɛt HJvŚHY6J-Y4GfUA5, ڙn&K dUj`2݉nfi_I^H /( krEfqwO#5^DmQ!io!WW恫R!U6юn*ȔCH_@D,zK06}mJTǹ Qt?"%"Bi?c7"2a=qݼs| Nۭy"=2ʓA# $x ~%aZx/!؛Xx-~0[D*.Q*w9w,ٽz K g(f);tkv.YS::A@Bn\ flԊEvpvr܁, =2OksKƭ8Pl^য@(h>j:0PҸ4]um*`߈Fz%f֧IVڋW*FVD(8˹&Le z#2>0h ~ib xSl? ַ4VP Ł)j|۷ɗ ai0,}J84(FXI7^9ژNW1s`Z0ukNFJ>;C5uSWΔDNc>U>Pp5U.%ozs$wX+zl@psMcOE|MG8muZ +f74-V9Dz^Qў3'W#`Ew.]xϪ\u4A@k7 FTȀ^|NOh_f O7CGS$ʢiv q&8 deA:xK6+4,.0&]&Gr@N[qIZ!Ghncy`AfL}nq2q$$sfP?EJ\ˆk̳c7c3M~7b2{,ڋZ*WzuduH޽Pkj?\՞|::|0Sj_p);{r`4moRZ<yfMwPJ]d,[QR!;'hwS]N'f.QH%wkFsOo dEizVu!-M~\@}g)P`xL3lrU 8eۅ'R?pdA"q+򇔟& 4P)Qo> ^_ǘ%:HWx}#"FCirvn lo64QrqO(bՂ kdF6NarpƑ=wEk΢rYE67$L-js!}kWvS)P3JpÎ]ѼȮ_ǫUP Qh̲ `r&0xd^. 9yߜm:T ;qOz5/Xџ-# o˸gOzd{k/>/}|~d6 ",ge#<;vW a/-XM@U@$&#ϤQvD}*zCP`&ooZU̳ nc<[=.O9ʘԳ^h$rT7_3)C6 Z-! F܂(cZBĀzpVB^̈ >pW(h;{ }K4&sSH7 5K͈_As@F6W+29@38‹XHh`OcUWhfd7Kg|_漀tlD~,r\0_:-N^6+:9ـk|["۞/d=ܧP+1F^0dsɯN>ۮpX\VXh{̣ܮMDhksC 8Y+F򫚌:N~s*pyX =!L:銙 j^gDnO W/nJ[W c}gK8 j3/X,5:cq~[F7}}ntW "PQ8=à'K^љ)I,zMN-!=k.0A7N1E~5d3_wzJI&[ uT-ԕk\uw?XA( [НY1eǸ;.m{Wtb/BXl0S&Vt':D6J>M4֛5Ii e&$"z]r<;/x+F_tkǧb=ˍIp'*up |0X=ETܢ׏:81xG~(G :l$XO,7˖FجRg\eLݯ%gnxx6e|'WhZ|N~n2r_'^2.{mG2EΣ˧[,R3.;?ĩD:<1w%9aoǢ#}{qD+j^|0m'UGBo_~!OX}[T=MmJT=>z{'`q?_24q}¬ e%}'UN􆿾y@UKZH}uu|*0ЗNIR* BӔg,jLka NzE+|3JEORex>[V]}? V+H!VV3|H\QCxƏe5wwu3+ӎuɪPW}5 $]xpt8W29 /K 3פ&F( }{laOA>l#,#2PD!}{~lhO.dr]kxYkjR;Mߕ|}d<^sǻT k A~dCN8tbAwJK/k4i,Sҕ?JImz(y4S wY}V"@ 4=wˆǭc:߰Oޓ^ A0fKօ>ܓ\Nrl3 856rW)f|a%  8ahgF @EpReWrH:"j~[ P۠E?b_ʣ (;?q\RquKK~g ^zãUb%Z1o5X̺6C͙UlJT)ia}II^l:1ϙ|Gi ➞93C72Nj/=(rYGs˗|yoiiweAnf}9QY}ԼY~$^U]<W;թf9 er/qF'&aԖs l-Zjr:~ӼU0 *&ukJ}!ʹD`Aj.>+R/]'mY-kFlM,V~$[-=H8jfT/NtmQ%Ma/@~"+R,r]r< *eaGĐwb]oH0A'D>1`ݗA-W4޲O\7kg`P.$8;!^KJF?~nY%5P|ʙR^69Xag<_ƏD)X;k7k JjsBlvwj!FB,> xx#g95S⓫7s!yp6Ǣa!a? 7'Q.}5ysfQx4 fg}!M W 8~MUȷ$/]/Qj'Kr:+v j xkCe=mS5_`a"RFp:]t9PM5LW,?HW3#E_,eJXY 䝺[< g?@? biAw/^k3?c[y\z0KchηT.wtBu}=2Kdn3ZAh04%g|8TW +XTzpI^@jBA⚑P)0Sr nL]CNl3:7hj0sbljM``cuY+*䐂I=ǯ^1!ltq_cP!#7a}+~%o{`AT6P^:ed?`k_^"0OLn dk-eo%2Gm}:8/t`p`"SLB f!4=7nrp|V6!QƸT#ERbFuqQ=Bc("qЃ +Vee_~].YZr6ۙV4L,d=).-VXf`M/⊫hxٍ\ҳV3h 雼p*w;n$\ˋ^TG*$AcUawRw–Otc0 / Z4&jxc z9$ rQׇte;Mj ;7wSZX)";K_ܴ +*AQF%֝稶4R L:/򋖝;3IC±M (PSkPHE; Z7~7]c^r^l2"pEg<%^͚@ +18(&]@IIKZ)=  e2 Yeilp[ugZkvp}hΡmE|" "aCchēTefM-|QN\MN߅vz;{ѩE̫P9bgA)s ^ܴhu~:R"Lmu֎i: i+y)Rm28ɍeCXa"L>rc 94@69Sb7MM5;%ZX.wj/8a6nEgeB _tS@MdO/9J|:2ڢ\rKR[|0LVr,( So)p0a{6l]DzݝelJ-S s~zhbֶ?2}o:;R!#X'O4)6!P|htR{ qk6ѲS' ;ݼ^p ,|'GkϞ/s {X(7TwWR f 7LޙYBP8D$}J@ɂIX-:irYY {#K"T .Mltw:Տ$:-WO} AiMѰkٛk9.u@Y\Bq#sXek}>֙r^d$>fx==Dm_qHF BMefiZ9A~MIh4de;0p'1sk`ln!)Vċi:3fR8W28yuۄauGdpbnƶjş5𶨊ombMsa *;X)\XMWiNCGUݎ9<7 R;ZX?[%`|CdgښhKY)/TSpU$󩦕0`;M=z2v*_'!]ƆX?-MfS->L!w.:Ӄ~yu^"O׿aǐ"v#vˊ3:G:&St $;뷈 bTЯiU}޺iQHO6*tfJl.f7A.ME\!쀝#|,$ )QTEz_,Mhj"{͙x 8BM.ԟ{SQf_O6 :)FߴP{f=J=K/<(p,bԱ)#[$l d綈_`-gƙ>h 7+s+YGi Q AЉ2b !dD6;3U1| 2Ą%vD4 ??QE;t| 1;Ə`'--+H{F/Ԕ2p&: K"LBPDC̫]7g_ wD8dv8Dip~=cf?,Grk*DyP%4^|E(kwĂm۴Ypgpy#<iZW,wPb\x X6 B:"AuЯ6^cG޵uI^;,rFEg1K?R^-Zd_PO)]H3N bfӎ2jD'b%0Eh%:aɀP?Ll-l1^ 88e g?hNΫ[ڄj kwxR_Ob=$#N7yo#hD.bC|I].{:&^eb,dFoI"?N>Ջi u{ m#{jW6![Ȏ C"ىY\}Q J R[`qhvbMd7gAYipɧ)X3:6{>R;6̸͐L D@90oD~ ԼF4v`#udG_ ǚ=׃(ȞC΃-y[<#0^rdA{N([0v3TFMyc6q:oiq3:ʹi>XBU xsdHMϠNvX9&x?kkWON68Q7B~y:,I:=mw_*yW1TK(|`OtKw9RVlIֈ#/@cfOhp?eJ =W{cG}g(zHI4f&'-'!oZJk^jv; Cv]3г̬ӪWć4 YZ