tomcat-servlet-4_0-api-9.0.82-150200.46.1<>,oe,9p9|m՘mV1awQs(tmE "{;`E ?d  , ]  /IOV/ 4  F  X  |      1 ^     ( 8 e9 `e:e>@BF>GT Hx I X Y Z [,\4 ]X ^bcBdeflu vw8 x\ yzCtomcat-servlet-4_0-api9.0.82150200.46.1Apache Tomcat Servlet API implementation classesApache Tomcat Servlet API implementation classes version 3.1e,9h04-ch1bFSUSE Linux Enterprise 15SUSE LLC Apache-2.0https://www.suse.com/Productivity/Networking/Web/Servershttps://tomcat.apache.orglinuxnoarchupdate-alternatives --install /usr/share/java/servlet.jar servlet \ /usr/share/java/tomcat-servlet-4.0-api.jar 30000 # Fix for bsc#1092163. # Keep the /usr/share/java/tomcat-servlet.jar symlink for compatibility. # In case of update from an older version where /usr/share/java/tomcat-servlet.jar is an alternatives symlink # the update-alternatives in the new version will cause a rename tomcat-servlet.jar -> servlet.jar. # This makes sure the tomcat-servlet.jar is recreated if it's missing because of the rename. if [ ! -f /usr/share/java/tomcat-servlet.jar ]; then echo "Recreating symlink /usr/share/java/tomcat-servlet.jar" ln -s /usr/share/java/tomcat-servlet-4.0-api.jar /usr/share/java/tomcat-servlet.jar fiif [ $1 -eq 0 ] ; then if [ ! -f /etc/alternatives/servlet ]; then # /etc/alternatives/servlet was removed on uninstall. # Create a broken symlink to make sure update-alternatives works correctly and falls back # to servletapi5 or servletapi4 if they're installed. ln -s /usr/share/java/tomcat-servlet-4.0-api.jar /etc/alternatives/servlet fi update-alternatives --remove servlet \ /usr/share/java/tomcat-servlet-4.0-api.jar fiY A큤e,7e,)e,(e,'e,'e,7e&e,(e,'59a034359a329fd4243286bffe63eb15f6d767a0fef2be203f634f3e196996ba6f939fc48667e2ddb1ed62e9902ff4e6780b1c4d72543b9175d22609484a88addd39330a0e8372cd8d826a838bb5539fed7b523bcb665bff7eb2a838799dfa0c74b03fe1ce0e54a9dff187e44239468c071be7a5f43629f6a8b3f495c0d05f59/etc/alternatives/servlet.jartomcat-servlet-4.0-api.jartomcat-servlet-4.0-api.jar@rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootroottomcat-9.0.82-150200.46.1.src.rpmmvn(org.apache.tomcat:tomcat-servlet-api)mvn(org.apache.tomcat:tomcat-servlet-api:pom:)mvn(org.mortbay.jetty:servlet-api)mvn(org.mortbay.jetty:servlet-api:pom:)osgi(org.apache.tomcat-servlet-api)servletservlet31servlet7tomcat-servlet-4.0-apitomcat-servlet-4_0-api@@    /bin/sh/bin/shjava-headlessjavapackages-filesystemrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)update-alternativesupdate-alternatives3.0.4-14.6.0-14.0-15.2-14.14.1e)1@e 0@e 0@e;eRdld0d?@cc@c@c{h@cQ8@bγbbN@b!b@aaaA@a@a{@azamaamaama`X`Q@`OL@`OL@`3__F@_@___FN_!d^@^^_^@^Y^U @^1s^%@^!^@]҇]Γ@]4@]?]V]@\\\r@\k\j@\Yz\X)@\LK\?\8@\'a\[v[u[@[@[ug@ZZ_:Z!D@Z@YYYY:Y@Y@XZnW@WiW|W'A@WWKV@V2V`VA@UlI@UlI@UlI@UQU hU hTTи@fstrba@suse.comfstrba@suse.commichele.bussolotto@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.comfstrba@suse.comfstrba@suse.commichele.bussolotto@suse.comfstrba@suse.comfstrba@suse.commichele.bussolotto@suse.comolaf@aepfle.demichele.bussolotto@suse.comfstrba@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.comwittemar@googlemail.comwittemar@googlemail.comwittemar@googlemail.comamehmood@suse.comamehmood@suse.comwittemar@googlemail.comwittemar@googlemail.comwittemar@googlemail.comamehmood@suse.commalbu@suse.commalbu@suse.commalbu@suse.comjengelh@inai.defstrba@suse.commalbu@suse.comfstrba@suse.commalbu@suse.comjavier@opensuse.orgmalbu@suse.commalbu@suse.comfstrba@suse.commalbu@suse.comfstrba@suse.commalbu@suse.commalbu@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comdimstar@opensuse.orgmalbu@suse.commalbu@suse.comfstrba@suse.commalbu@suse.commalbu@suse.commalbu@suse.commalbu@suse.comfstrba@suse.commalbu@suse.commalbu@suse.comecsos@opensuse.orgfstrba@suse.comsean@suspend.netmalbu@suse.comecsos@opensuse.orgmalbu@suse.commalbu@suse.commalbu@suse.defstrba@suse.commalbu@suse.comrbrown@suse.commalbu@suse.comecsos@opensuse.orgfstrba@suse.comecsos@opensuse.orgdziolkowski@suse.commalbu@suse.comastieger@suse.comtchvatal@suse.commalbu@suse.commalbu@suse.comdmacvicar@suse.dejcnengel@gmail.comtchvatal@suse.comdmacvicar@suse.dedmacvicar@suse.detchvatal@suse.comdmacvicar@suse.detchvatal@suse.comtchvatal@suse.comtchvatal@suse.comtchvatal@suse.comtchvatal@suse.comtchvatal@suse.comwittemar@googlemail.combmaryniuk@suse.com- Update to Tomcat 9.0.82 * Catalina + Add: 65770: Provide a lifecycle listener that will automatically reload TLS configurations a set time before the certificate is due to expire. This is intended to be used with third-party tools that regularly renew TLS certificates. + Fix: Fix handling of an error reading a context descriptor on deployment. + Fix: Fix rewrite rule qsd (query string discard) being ignored if qsa was also use, while it should instead take precedence. + Fix: 67472: Send fewer CORS-related headers when CORS is not actually being engaged. + Add: Improve handling of failures within recycle() methods. * Coyote + Fix: 67670: Fix regression with HTTP compression after code refactoring. + Fix: 67198: Ensure that the AJP connector attribute tomcatAuthorization takes precedence over the tomcatAuthentication attribute when processing an auth_type attribute received from a proxy server. + Fix: 67235: Fix a NullPointerException when an AsyncListener handles an error with a dispatch rather than a complete. + Fix: When an error occurs during asynchronous processing, ensure that the error handling process is only triggered once per asynchronous cycle. + Fix: Fix logic issue trying to match no argument method in IntropectionUtil. + Fix: Improve thread safety around readNotify and writeNotify in the NIO2 endpoint. + Fix: Avoid rare thread safety issue accessing message digest map. + Fix: Improve statistics collection for upgraded connections under load. + Fix: Align validation of HTTP trailer fields with standard fields. + Fix: Improvements to HTTP/2 overhead protection (bsc#1216182, CVE-2023-44487) * jdbc-pool + Fix: 67664: Correct a regression in the clean-up of unnecessary use of fully qualified class names in 9.0.81 that broke the jdbc-pool. * Jasper + Fix: 67080: Improve performance of EL expressions in JSPs that use implicit objects- Update to Tomcat 9.0.80 * Catalina + Add RateLimitFilter which can be used to mitigate DoS and Brute Force attacks + Move the management of the utility executor from the init()/destroy() methods of components to the start()/stop() methods. + Add org.apache.catalina.core.StandardVirtualThreadExecutor, a virtual thread based executor that may be used with one or more Connectors to process requests received by those Connectors using virtual threads. This Executor requires a minimum Java version of Java 21. + 66513: Add a per session Semaphore to the PersistentValve that ensures that, within a single Tomcat instance, there is no more than one concurrent request per session. Also expand the debug logging to include whether a request bypasses the Valve and the reason if a request fails to obtain the per session Semaphore. + 66609: Ensure that the default servlet correctly escapes file names in directory listings when using XML output. + 66618: Add a numeric last modified field to the XML directory listings produced by the default servlet to enable sorting in the XSLT. + 66621: Attempts to lock a collection with WebDAV may incorrectly fail if a child collection has an expired lock. + 66622: Deprecate the xssProtectionEnabled setting from the HttpHeaderSecurityFilter and change the default value to false as support for the associated HTTP header has been removed from all major browsers. + 59232: Add org.apache.catalina.core.ContextNamingInfoListener, a listener which creates context naming information environment entries. + 66665: Add org.apache.catalina.core.PropertiesRoleMappingListener, a listener which populates the context's role mapping from a properties file. + Fix an edge case where intra-web application symlinks would be followed if the web applications were deliberately crafted to allow it even when allowLinking was set to false. + Add utility config file resource lookup on Context to allow looking up resources from the webapp (prefixed with webapp:) and make the resource lookup API more visible. + Fix potential database connection leaks in DataSourceUserDatabase identified by Coverity Scan. + Make parsing of ExtendedAccessLogValve patterns more robust. + Fix failure trying to persist configuration for an internal credential handler. + 66680: When serializing a session during the session presistence process, do not log a warning that null Principals are not serializable. + Catch NamingException in JNDIRealm#getPrincipal. It is used in Java up to 17 to signal closed connections. + 66822: Use the same naming format in log messages for Connector instances as the associated ProtocolHandler instance. + The parts count should also lower the actual maxParameterCount used for parsing parameters if parts are parsed first. + If an application or library sets both a non-500 error code and the javax.servlet.error.exception request attribute, use the provided error code during error page processing rather than assuming an error code of 500. + Update code comments and Tomcat output to use MiB for 1024 * 1024 bytes and KiB for 1024 bytes rather than MB and kB. + Avoid protocol relative redirects in FORM authentication (CVE-2023-41080, bsc#1214666). * Coyote + Update the HTTP/2 implementation to use the prioritization scheme defined in RFC 9218 rather than the one defined in RFC 7540. + 66602: not sending WINDOW_UPDATE when dataLength is ZERO on call SwallowedDataFramePayload. + 66627: Restore the documented behaviour of MessageBytes.getType() that it returns the type of the original content rather than reflecting the most recent conversion. + 66635: Correct certificate logging on start-up so it differentiates between keystore based keys/certificates and PEM file based keys/certificates and logs the relevant information for each. + Refactor blocking reads and writes for the NIO connector to remove code paths that could allow a notification from the Poller to be missed resuting in a timeout rather than the expected read or write. + Refactor waiting for an HTTP/2 stream or connection window update to handle spurious wake-ups during the wait. + Correct a regression introduced in 9.0.78 and use the correct constant when constructing the default value for the certificateKeystoreFile attribute of an SSLHostConfigCertificate instance. + Refactor HTTP/2 implementation to reduce pinning when using virtual threads. + Pass through ciphers referring to an OpenSSL profile, such as PROFILE=SYSTEM instead of producing an error trying to parse it. + 66841: Ensure that AsyncListener.onError() is called after an error during asynchronous processing with HTTP/2. + 66842: When using asynchronous I/O (the default for NIO and NIO2), include DATA frames when calculating the HTTP/2 overhead count to ensure that connections are not prematurely terminated. + Correct a race condition that could cause spurious RST messages to be sent after the response had been written to an HTTP/2 stream. * WebSocket + 66548: Expand the validation of the value of the Sec-Websocket-Key header in the HTTP upgrade request that initiates a WebSocket connection. The value is not decoded but it is checked for the correct length and that only valid characters from the base64 alphabet are used. + Improve handling of error conditions for the WebSocket server, particularly during Tomcat shutdown. + Correct a regression in the fix for 66574 that meant the WebSocket session could return false for onOpen() before the onClose() event had been completed. + 66681: Fix a NullPointerException when flushing batched messages with compression enabled using permessage-deflate. * Web applications + Documentation. Expand the security guidance to cover the embedded use case and add notes on the uses made of the java.io.tmpdir system property. + 66662: Documentation. Fix a typo in the name of the algorithms attribute in the configuration section for the Digest authentication value. + Documentation. Update documentation to use MiB for 1024 * 1024 bytes and KiB for 1024 bytes rather than MB and kB. * jdbc-pool + Fix the releaseIdleCounter does not increment when testAllIdle releases them. + Fix the ConnectionState state will be inconsistent with actual state on the connection when an exception occurs while writing. * Other + Update to Commons Daemon 1.3.4. + Improvements to French translations. + Update Checkstyle to 10.12.0. + Update the packaged version of the Apache Tomcat Native Library to 1.2.37 to pick up the Windows binaries built with with OpenSSL 1.1.1u. + Include the Windows specific binary distributions in the files uploaded to Maven Central. + Improvements to French translations. + Improvements to Japanese translations. + Update UnboundID to 6.0.9. + Update Checkstyle to 10.12.1. + Update BND to 6.4.1. + Update JSign to 5.0. + Correct properties for JSign dependency. + Align documentation for maxParameterCount to match hard-coded defaults. + Update NSIS to 3.0.9. + Update Checkstyle to 10.12.2. + Improvements to French translations. + Improvements to Japanese translations. + 66829: Fix quoting so users can use the _RUNJAVA environment variable as intended on Windows when the path to the Java executable contains spaces. + Update Tomcat Native to 1.2.38 to pick up Windows binaries built with OpenSSL 1.1.1v. + Improvements to Chinese translations. + Improvements to French translations. + Improvements to Japanese translations - Removed patch: * tomcat-9.0.75-CVE-2023-41080.patch + integrated in this version- Fixed CVEs: * CVE-2023-41080: Avoid protocol relative redirects in FORM authentication. (bsc#1214666) - Added patches: * tomcat-9.0.75-CVE-2023-41080.patch- Modified patch: * tomcat-9.0-osgi-build.patch + make it more robust to change in number of artifacts in bnd + do not enumerate jars, just take all jars from the aqute-bnd directory into the classpath- Require(pre) shadow because groupadd is needed early- Update to Tomcat 9.0.75. * See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.75_(markt) * Fixes: + bsc#1211608, CVE-2023-28709 + bsc#1208513, CVE-2023-24998 (previous incomplete fix) - Remove patches: * tomcat-9.0-CVE-2021-30640.patch * tomcat-9.0-CVE-2021-33037.patch * tomcat-9.0-CVE-2021-41079.patch * tomcat-9.0-CVE-2022-23181.patch * tomcat-9.0-NPE-JNDIRealm.patch * tomcat-9.0-hardening_getResources.patch * tomcat-9.0.43-CVE-2021-43980.patch * tomcat-9.0.43-CVE-2022-42252.patch * tomcat-9.0.43-CVE-2022-45143.patch * tomcat-9.0.43-CVE-2023-24998.patch * tomcat-9.0.43-CVE-2023-28708.patch + integrated in this version * tomcat-9.0.43-java8compat.patch + problem with Java 8 compatibility solved in this version - Modified patch: * tomcat-9.0.31-secretRequired-default.patch - > tomcat-9.0.75-secretRequired-default.patch + rediffed to changed context * tomcat-9.0-javadoc.patch + drop integrated hunks * tomcat-9.0-osgi-build.patch + fix to work with current version - Added patch: * tomcat-9.0-jdt.patch + fix build against our ecj- Fixed CVEs: * CVE-2022-45143: JsonErrorReportValve: add escape for type, message or description (bsc#1206840) - Added patches: * tomcat-9.0.43-CVE-2022-45143.patch- Fixed CVEs: * CVE-2023-28708: tomcat: not including the secure attribute causes information disclosure (bsc#1209622) - Added patches: * tomcat-9.0.43-CVE-2023-28708.patch- Fixed CVEs: * CVE-2023-24998: tomcat,tomcat6: FileUpload DoS with excessive parts (bsc#1208513) - Added patches: * tomcat-9.0.43-CVE-2023-24998.patch- set logrotate for localhost.log, manager.log, host-manager.log and localhost_access_log.txt - use logrotate for catalina.out * update tomcat-serverxml-tool and spec to configure server.xml - Added patch: * tomcat-9.0-logrotate_everything.patch * tomcat-serverxml-tool.tar.gz - Removed: * tomcat-serverxml-tool-1.0.tar.gz- Use catalina.out for logging (bsc#1205647) - Added patches: * tomcat-9.0-fix_catalina.patch- Fixed CVEs: * CVE-2022-42252: reject invalid content-length requests. (bsc#1204918) - Added patches: * tomcat-9.0.43-CVE-2022-42252.patch- Fixed CVEs: * CVE-2021-43980: Improve the recycling of Processor objects to make it more robust. (bsc#1203868) - Added patches: * tomcat-9.0.43-CVE-2021-43980.patch- Do not hardcode /usr/libexec but use %%_libexecdir during the build * Fixes for platforms, where /usr/libexec and %%_libexecdir are different- Fix bsc#1201081 by building with release=8 all files that can be built this way. The one file remaining, build it with source=8 and target=8 - Modified patch: * tomcat-9.0.43-java8compat.patch + Do not cast ByteBuffer to Buffer to call the Java 8 compatible methods. Build with release=8 instead- Security hardening. Deprecate getResources() and always return null. (bsc#1198136) - Added patch: tomcat-9.0-hardening_getResources.patch- Remove dependency on log4j/reload4j completely (bsc#1196137)- Do not build against the log4j12 packages, use the new reload4j- Fixed CVEs: * CVE-2022-23181: Make calculation of session storage location more robust (bsc#1195255) - Added patches: * tomcat-9.0-CVE-2022-23181.patch- remove instance units from post scripts, they can not be reloaded- Fix NPE in JNDIRealm, when userRoleAttribute is not set (bsc#1193569) - Added patch: * tomcat-9.0-NPE-JNDIRealm.patch- Modified patch: * tomcat-9.0-osgi-build.patch + account for biz.aQute.bnd.ant artifact in aqute-bnd >= 5.2.0- Fixed CVEs: * CVE-2021-30640: Escape parameters in JNDI Realm queries (bsc#1188279) * CVE-2021-33037: Process T-E header from both HTTP 1.0 and HTTP 1.1. clients (bsc#1188278) - Added patches: * tomcat-9.0-CVE-2021-30640.patch * tomcat-9.0-CVE-2021-33037.patch- Fixed CVEs: * CVE-2021-41079: Validate incoming TLS packet (bsc#1190558) - Added patches: * tomcat-9.0-CVE-2021-41079.patch- Update to Tomcat 9.0.43. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.43_(markt) - Removed Patches because fixed upstream now: * tomcat-9.0-CVE-2021-25122.patch * tomcat-9.0-CVE-2021-25329.patch - Rebased patch: tomcat-9.0.39-java8compat.patch -> tomcat-9.0.43-java8compat.patch- Update to Tomcat 9.0.41. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.41_(markt)- Update to Tomcat 9.0.40. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.40_(markt) - Removed Patches because fixed upstream now: * tomcat-9.0-CVE-2020-17527.patch * tomcat-9.0-CVE-2021-24122.patch- Fixed CVEs: * CVE-2021-25122: Apache Tomcat h2c request mix-up (bsc#1182912) * CVE-2021-25329: Complete fix for CVE-2020-9484 (bsc#1182909) - Added patches: * tomcat-9.0-CVE-2021-25122.patch * tomcat-9.0-CVE-2021-25329.patch- Log if file access is blocked due to symlinks: CVE-2021-24122 (bsc#1180947) - Added patch: * tomcat-9.0-CVE-2021-24122.patch- Update to Tomcat 9.0.39. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.39_(markt) - Rebased patches: * tomcat-9.0.38-java8compat.patch -> tomcat-9.0.39-java8compat.patch- Update to Tomcat 9.0.38. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.38_(markt) - Rebased patches: * tomcat-9.0.37-java8compat.patch -> tomcat-9.0.38-java8compat.patch - Removed tomcat-9.0-CVE-2020-13943.patch because that fix is upstream now- Update to Tomcat 9.0.37. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.37_(markt) - Fixed CVEs: * CVE-2020-13934 (bsc#1174121) * CVE-2020-13935 (bsc#1174117) - Rebased patches: * tomcat-9.0-osgi-build.patch * tomcat-9.0.31-java8compat.patch -> tomcat-9.0.37-java8compat.patch- Fix HTTP/2 request header mix-up: CVE-2020-17527 (bsc#1179602) - Added patch: * tomcat-9.0-CVE-2020-17527.patch- Add source url for tomcat-serverxml-tool - Fix typo in tomcat-webapps %postun that caused /examples context to remain in server.xml when package was removed - Remove tomcat-9.0.init and /usr/lib/tmpfiles.d/tomcat.conf from package. They're not used anymore becuse of systemd (bsc#1178396)- Fix tomcat-servlet-4_0-api package alternatives to use /usr/share/java/servlet.jar instead of /usr/share/java/tomcat-servlet.jar. Keep /usr/share/java/tomcat-servlet.jar symlink for compatibility. (bsc#1092163) - Change default file ownership in tomcat-webapps from tomcat:tomcat to root:tomcat- Fix CVE-2020-13943 (bsc#1177582) - Added patch: * tomcat-9.0-CVE-2020-13943.patch - Change /usr/lib/tomcat to /usr/libexec/tomcat in startup scripts (bsc#1177601)- Replace old specfile constructs. Remove support for SUSE 11.x. - Drop %systemd_requires, which is considered a no-op. - Trim redundant license mention from description. - Make documentation noarch. - Do not suppress errors from useradd.- Avoid hardcoding /usr/lib as libexecdir- Don't give write permissions for the tomcat group on files and directories where it's not needed (bsc#1172562) - Change tomcat.pid location from /var/run to /run (bsc#1173103) - Use the /sbin/nologin shell when creating the tomcat user - Use %tmpfiles_create macro in %post instead of calling systemd-tmpfiles directly- Update to Tomcat 9.0.36. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.36_(markt) - Fixed CVEs: CVE-2020-11996 (bsc#1173389)- Update to Tomcat 9.0.35. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.35_(markt) - Fixed CVEs: - CVE-2020-9484 (bsc#1171928) - Rebased patches: * tomcat-9.0-javadoc.patch * tomcat-9.0-osgi-build.patch * tomcat-9.0.31-java8compat.patch- Update to Tomcat 9.0.34. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.34_(markt) - Notable changes: * Add support for default values when using ${...} property replacement in configuration files. Based on a pull request provided by Bernd Bohmann. * When configuring an HTTP Connector, warn if the encoding specified for URIEncoding is not a superset of US-ASCII as required by RFC 7230. * Replace the system property org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH with the Connector attribute encodedSolidusHandling that adds an additional option to pass the %2f sequence through to the application without decoding it in addition to rejecting such sequences and decoding such sequences.- Update to Tomcat 9.0.33. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.33_(markt) - Notable fix: corrected a regression in the improvements to HTTP header parsing (bsc#1167438) - Rebased patches: * tomcat-9.0-javadoc.patch * tomcat-9.0-osgi-build.patch * tomcat-9.0.31-java8compat.patch- Change default value of AJP connector secretRequired to false - Added patch: * tomcat-9.0.31-secretRequired-default.patch- Update to Tomcat 9.0.31. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.30_(markt) - Fixed CVEs: * CVE-2019-17569 (bsc#1164825) * CVE-2020-1935 (bsc#1164860) * CVE-2020-1938 (bsc#1164692) - Modified patch * tomcat-9.0.30-java8compat.patch - > tomcat-9.0.31-java8compat.patch + Adapt to changed context- Modified patch: * tomcat-9.0.30-java8compat.patch + add missing casts (bsc#1162081)- Change back the build to build with any Java >= 1.8 - Added patch: * tomcat-9.0.30-java8compat.patch + Cast java.nio.ByteBuffer and java.nio.CharBuffer to java.nio.Buffer in order to avoid calling Java 9+ APIs (functions with co-variant return types) - Renamed patch: * tomcat-9.0-disable-osgi-build.patch - > tomcat-9.0-osgi-build.patch + Do not disable, but fix OSGi build since we have now aqute-bnd- Change build to always use Java 1.8 (bsc#1161025).- Update to Tomcat 9.0.30. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.30_(markt) - Fixed CVEs: - CVE-2019-0221 (bsc#1136085) - CVE-2019-10072 (bsc#1139924) - CVE-2019-12418 (bsc#1159723) - CVE-2019-17563 (bsc#1159729) - Removed patch: * tomcat-9.0-JDTCompiler-java.patch + It was not applied- Update to Tomcat 9.0.27. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.27_(markt) - Uset aqute-bnd to generate OSGi manifest, since we have that package now in openSUSE:Factory - Removed patch: * tomcat-9.0-disable-osgi-build.patch + not needed- Add maven pom files for tomcat-jni and tomcat-jaspic-api- Distribute the pom file also for tomcat-util-scan artifact- Build against compatibility log4j12 package- Adapt to the new ecj directory layout- BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to shortcut the build queues by allowing usage of systemd-mini- Update to Tomcat 9.0.20. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.20_(markt) - increase maximum number of threads and open files for tomcat (bsc#1111966)- Update to Tomcat 9.0.19. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.19_(markt) Notable packaging changes: - File /usr/share/java/tomcat/catalina-jmx-remote.jar was removed. The classes contained in this jar were merged into /usr/share/java/tomcat/catalina.jar. - Fixed CVEs: - CVE-2019-0199 (bsc#1131055) - Rebased patch: - tomcat-9.0-JDTCompiler-java.patch - tomcat-9.0-javadoc.patch- Build classpath directly with the geronimo jars instead of with symlinks to them- Don't overwrite changes made to server.xml contexts when updating bundled webapps.- Set javac target to 1.8 when building docs samples and serverxmltool- Move webapps bundled with Tomcat to /usr/share/tomcat/tomcat-webapps (bsc#1092341). Affected packages: - tomcat-webapps - tomcat-admin-webapps - tomcat-docs-webapp - Remove %doc directive from tomcat-docs-webapps files section so that zypper installs files even if rpm.install.excludedocs is set to yes.- Require Java 1.8 or later (bsc#1123407)- Clean up OSGi manifest injection - Put embed maven metadata into embed subpackage - Use the .mfiles* lists generated by %%add_maven_depmap macro- Fix tomcat-tool-wrapper classpath error (bsc#1120745)- Fix tomcat-digest classpath error (bsc#1120745)- Update to Tomcat 9.0.14. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.14_(markt)- Add pom files for tomcat-jdbc and tomcat-dbcp - Add org.eclipse.jetty.orbit* aliases to correspondant artifacts- Update to Tomcat 9.0.13. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.13_(markt)- Update to Tomcat 9.0.12. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.12_(markt) - Fixed CVEs: - CVE-2018-11784 (bsc#1110850) - Rebased patches: - tomcat-9.0-disable-osgi-build.patch - tomcat-9.0-javadoc.patch - tomcat-9.0-sle.catalina.policy.patch - tomcat-9.0-tomcat-users-webapp.patch- Declare following files to config(noreplace) to prevent override access rights: - host-manager/META-INF/context.xml - manager/META-INF/context.xml- Empty tomcat-9.0.sysconfig to avoid overwriting of customer's configuration during update (bsc#1067720)- Update to Tomcat 9.0.10. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.10_(markt) - Fixed CVEs: - CVE-2018-1336 (bsc#1102400) - CVE-2018-8014 (bsc#1093697) - CVE-2018-8034 (bsc#1102379) - CVE-2018-8037 (bsc#1102410) - Rebased patch tomcat-9.0-JDTCompiler-java.patch - Added patch tomcat-9.0-disable-osgi-build.patch to disable adding OSGi metadata to JAR files- Update to Tomcat 9.0.5. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.5_(markt)- Modified patch: * tomcat-9.0-javadoc.patch + Don't append to javadoc --add-modules since we are building with source=8 + Avoid accessing Internet URLs from build environment- Update to Tomcat 9.0.2: * Major update for tomcat8 from tomcat9 * For full changelog please read upstream changes at: + http://tomcat.apache.org/tomcat-9.0-doc/changelog.html * Rename all tomcat-8.0-* files to tomcat-9.0-* - Changed patches: * Deleted: tomcat-8.0-bootstrap-MANIFEST.MF.patch * Deleted: tomcat-8.0-sle.catalina.policy.patch * Deleted: tomcat-8.0-tomcat-users-webapp.patch * Deleted: tomcat-8.0.33-JDTCompiler-java.patch * Deleted: tomcat-8.0.44-javadoc.patch * Deleted: tomcat-8.0.9-property-build.windows.patch * Added: tomcat-9.0-JDTCompiler-java.patch * Added: tomcat-9.0-bootstrap-MANIFEST.MF.patch * Added: tomcat-9.0-javadoc.patch * Added: tomcat-9.0-sle.catalina.policy.patch * Added: tomcat-9.0-tomcat-users-webapp.patch - Renamed subpackage tomcat-3_1-api to tomcat-4_0-api to reflect the new Servlet API version. - Commented out JAVA_HOME in /etc/tomcat/tomcat.conf - Added "tomcat-" prefix to lib symlinks under /usr/share/java to avoid file conflicts with servletapi5 and geronimo-specs - Fixed wrong %ghost file paths for alternatives symlinks- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- Build with JDK 8 to fix runtime errors when running with JDK 7 and 8 - Fix tomcat-digest classpath error (bsc#977410) - Fix packaged /etc/alternatives symlinks for api libs that caused rpm -V to report link mismatch (bsc#1019016)- update to 8.0.47 http://tomcat.apache.org/tomcat-8.0-doc/changelog.html * Fixed CVE: - CVE-2017-12617 - rebase tomcat-8.0-sle.catalina.policy.patch- Added patch: * tomcat-8.0.44-javadoc.patch - generate documentation with the same source level as class files - fixes build with jdk9- Version update to 8.0.44: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html * Fixed CVE: - CVE-2017-5664 (bsc#1042910)- New build dependency: javapackages-local- Version update to 8.0.43: * Another bugfix release, for full details see: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html * Fixed CVEs: - CVE-2017-5647 (bnc#1033448) - CVE-2017-5648 (bnc#1033447) - CVE-2016-8745 - Renamed and rebased patches: * tomcat-7.0-sle.catalina.policy.patch -> tomcat-8.0-sle.catalina.policy.patch - Enable optional setenv.sh script. See section "(3.4) Using the "setenv" script (optional, recommended)" in http://tomcat.apache.org/tomcat-8.0-doc/RUNNING.txt (bnc#1002662) - Fix file conflicts when upgrading from SLES 12 to SLES 12 SP1 (bnc#1023412). Added explicit obsoletes for tomcat-el-2_2-api, tomcat-jsp-2_2-api, tomcat-servlet-3_0-api- update to 8.0.39: (boo#1003911) * Improve handling of I/O errors with async processing * Fail earlier on invalid HTTP request - includes changes from 8.0.38: * Refactoring the non-container thread Async complete()/dispatch() handling to remove the possibility of deadlock * Improved UTF-8 handling for the RewriteValve - includes changes from 8.0.37: * Treat paths used to obtain a request dispatcher as encoded (configurable) * Various jdbc-pool fixes - drop tomcat-8.0.36-jar-scanner-loop.patch, upstream- Switch to commons-dbcp2 fate#321029- Backport fix for inifinite loop in the jar scanner for 8.0.36. (bnc#993862) Added: tomcat-8.0.36-jar-scanner-loop.patch- Version update to 8.0.36: * Another bugfix release for the 8.0 series. Full details: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.36_(markt) - CVE fixed by the version update: - CVE-2016-3092 (bnc#986359) - Fixed a deployment error in the examples webapp by changing the context.xml format to the new one introduced by Tomcat 8. See http://tomcat.apache.org/migration-8.html#Web_application_resources- fix maven fragments paths to build in multiple distribution versions- Version update to 8.0.33: * Another bugfix release for 8.0 series, full details: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.33_(markt) - Rebase tomcat-8.0-tomcat-users-webapp.patch - Rebase tomcat-7.0.53-JDTCompiler-java.patch to tomcat-8.0.33-JDTCompiler-java.patch- Fix fixme for the prereq preamble value - It seems systemd prints error on adding the @ services to macros so do not do that- package was partly merged with the scripts used in the Fedora distribution - support running multiple tomcat instances on the same server (fate#317783) - add catalina-jmx-remote.jar (fate#318403) - remove sysvinit support: systemd is required- update changes file for CVE information - Fixed CVEs: - CVE-2015-5346 (bnc#967814) in 8.0.32 - CVE-2015-5351 (bnc#967812) in 8.0.32 - CVE-2016-0706 (bnc#967815) in 8.0.32 - CVE-2016-0714 (bnc#967964) in 8.0.32 - CVE-2016-0763 (bnc#967966) in 8.0.32 - CVE-2015-5345 (bnc#967965) in 8.0.30 - CVE-2015-5174 (bnc#967967) in 8.0.27- Version update to 8.0.32: * Another bugfix release for 8.0 series, full details: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.32_(markt) - Rebase patch: * tomcat-8.0.9-property-build.windows.patch- update to Tomcat 8.0.28 * Multiple fixes, read upstream changelog at: https://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.28_(markt)- Some whitespace cleanups- Remove pointless conflicts on provide/obsolete symbols- Version bump to 8.0.23 fate#318913: * Multiple testfixes all around, read upstream changelog at: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.23_(markt)- Fix previous commit. Fix one rpmlint warning- Drop gpg verification from spec, it is done by obs- Fix build with new jpackage-tools- update to Tomcat 8.0.18: * Major update for tomcat8 from tomcat7 * For full changelog please read upstream changes at: + http://tomcat.apache.org/tomcat-8.0-doc/changelog.html * Rename all tomcat-7.0-* files to tomcat-8.0-* * Update keyring file - Update windows patch to apply again: * Deleted: tomcat-7.0.52-property-build.windows.patch * Added: tomcat-8.0.9-property-build.windows.patch * Added:tomcat-8.0-tomcat-users-webapp.patch * Deleted: tomcat-7.0-tomcat-users-webapp.patch * Added: tomcat-8.0-bootstrap-MANIFEST.MF.patch * Deleted: tomcat-7.0-bootstrap-MANIFEST.MF.patch- Version 1.1.30 or higher is required for APR listener (bnc#914725)/bin/sh/bin/shservlettomcat-servlet-3_0-apitomcat-servlet-3_1-apih04-ch1b 1697445433 9.0.829.0.829.0.829.0.829.0.824.09.0.82-150200.46.19.0.82-150200.46.14.0servletservlet.jartomcat-servlet-4.0-api.jartomcat-servlet-api.jartomcat-servlet.jartomcat-servlet-4_0-apiLICENSEtomcat-servlet-api.xmlJPP-tomcat-servlet-api.pom/etc/alternatives//usr/share/java//usr/share/licenses//usr/share/licenses/tomcat-servlet-4_0-api//usr/share/maven-metadata//usr/share/maven-poms/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:30729/SUSE_SLE-15-SP2_Update/1f5b6e9de4003dbcae3fc0bc675fba51-tomcat.SUSE_SLE-15-SP2_Updatedrpmxz5noarch-suse-linuxcannot open `/home/abuild/rpmbuild/BUILDROOT/tomcat-9.0.82-150200.46.1.x86_64/etc/alternatives/servlet' (No such file or directory)gzip ERROR: Stdin has more than one entry--rest ignored (Zip archive data, at least v2.0 to extract Java archive data (JAR))directoryASCII textXML 1.0 document, ASCII textPPPPPRR6+1.x{FzX2!S7wpjmY6FJ=VRz"vj&r('M.j?Sƅ:5iJO: ˀ4hri}Qۏ&жi3}v, sMU?\I尥Y ROk.g@l –2U 7 9?O@`e(uZ [,%JJJnÍ끔p#Ʌ\46VKniiw†BcrY5}o]=%`Xʷ ؏\+C(Tg|uޕGf?++ 1w+odžϜz+kEM:v)*"]1mjRSpAڵ+yܪ!jALbVzFWe3 O Fu;Q,`BPYXD3gG8admqV?~Կ\nh݅B,@rlHcn5U8|its-ӏ t|p?1zƔ }6{riM_1Mhwi#I}kAH^Q펆V{ LqkhIJ ƫ;] &+g"UT:9ʌPӚ|bsᄿ$RFP[8qU#K{>˱(VgG1xUHtifԥ]r!FKC,4X4 z7xBqEZceً@M]!"/vM é Ds#dϬ x?t3r yBoi<2a "(="lt;@[u6;'CCnM3G뢼n㘠`†_|߼ZsKФ{Q| xgQ6U:n4hR!\h `Nd0ZQ/=LQ^9? e15:}jROLPRA]դ)].0$)YD-q B*)/0õb0@,0Ha?qyEutfж V-EJ.ܣDWaMSbw?1_w:42=:tj7nCI:koϿ]*"8/5Fd!LTPmZ5LSDq^A0HlG;^S0Tw p3+?  \ńr4,˘G .z`B|7aʒH""|50?Hf[ *+\ *ʉz3R$oU!Lr!YY֜9f &}%&Xk b_[YS_PP"oQ}Af1ig;}ZoofςpE6Jr9qf X=A&ĩUrkX~gbA%+:oIS(=v p;P),=h:z;T\XҾ-JE2M`yǓw#-NS9%4IHh͞ENI$po1ZI3Ã^7&P#ܯ ژW5f0^z(omUxnuP_y;p(B 8m4=m̖9Ƭ0!|8#m}; c A䖨٣mKbS}oO%X6TņݩJJF1VҜJݥ=N,g=LĘR=Eߚg娕(g9AHͯ&}Os^7,sue%8,ߎPzW))V99t-#f0^5*.T5c|xcc7$H ?W,+dJ˩Ѝ,s.XntCOnVR%I&;h Y 8:) )yi}U#V(5up[Ez+ݹ|b{z ]d0,Pot63w'YA=iZV)2/%%'`$Q =ˡ^!d~Ȳ }>Sڃ/)@[JVx24~_79 ҵts8gXϐDA\RD,\3'6'w%*b(^tP1/EI UdM}a!8FG%QCmmz WrI&Nqjvy,υ~u\cI%)u >?Kr-Z `UR:zW#9:(Yaqw&VC,̹TNk !};6_x>YU0, 803=LP?SÞ{秧c|e&M1V|,#]9f9-yٷAϿUrJ!utʛ9;f%"~7̥t]Șg4j㮮 ݰ@*C!>_tlFڢS(FVٗeL޿_LI[z,u N0ZI;]q%Đ;`/iCߋvoIgl_BJf] h. #S@\7pq07C)g(c,"Eyݰv-P%3dx$-"n)Keˤ IYHj0)Hs W2j|oKӀ~ҳ*ow*X7TB3 .@..Ih\خ:a;|Pvr2s%wھ!?8NH! %sy^I?z L Uzdn[S3}a 4ù=FE-7ռ V֤?Zc1Z*r*_BX/ =ِ_ gf ~6υ''Ũ罷t!C`%>Avnk Ip{u>KO\[4;@} 6{1fa2|X^9cV4ObFŃ̦@ą_;A%T.<Ѫ C=R> 3Ek%%ԩ(r@o3O{F`@I$S j vh|l%(llj+l7xl}X;Oէ$|&)Ѫ\׷.qu[{i{'ˇ\s NF,jrPoR笡,{TJ`B-xqY{l2@}0̫ŽRa_#|nFp i8 ˬ k,W9IbgY`fX~x휸J;_~Gdi0Sv{8s>VUǒtQYjzDjA 4Qok dګ y8l摭D8Srw}%r22IY!dL9CZ6*IHiR76Λ+7t}9|Ek Xa GcؐvZ 4nd<YJO.;:1Ã)* ,oԖx nGr?lVJS~Z ұRqh3jtjoLE7vZHo@G勱2&Αk`֔/nKJnM;9]h/nIc [;3YLu %nٲ׾XWxm\ %F â);Cpt31 _Y,^>16{X4{sprPCA2 L0Y=';f\ESJ!c}0k kR4ӛ 48[k! aߟTK( |[S;ljq}I }Gx/$ЬuӌkNDhn3)bJ"!S4gPPԒ5:=RdQ~)e„r- ڢ\ q"Kyu$i#{=.s [dǹ-o˾I bCyE(R|'4N6ɨ-DEA`u{/S'RPr貐|;Z,tqFBOaT zzͪt|¬_zʮwUCi~pAz7l P?Kӵ=־!t m^DFdskڂ|w.O?4VC&՝ [Gں𭃴LArxQG):O4YL*v-.^<)b-0RV/[/D[Df%h&`aC`~"_'|IXeռmJ V@8n/ET8uqTh/oBaMmWeSNɧ@.N nCr?qn3tz2DJAGL 1KxWh<{mGAMV1h|hDƁi}7y~P;XB(Ʃ5ʇ'P[nR6]븋G1TBuߦ Rf/j^QlV,%Ǝj8;b eHaIZ. 6+zX %/q\~[ox.tT L>ϡ{-w")Oؔ`+\*?)Vw75?SnXIyM4b):r:;*| 3,aC7;iUhejFӌ`FZi>B+f:kxϙ6ճⷘOtA/8#}v 0#N'?RgUOue9;"e|@Y=# . s(ɏ 4=A~  HgF)aR%a[@mlWFf0[~SJ $ؚs, kkLkYҕ~ojصk?ќ$T"Pzz״~BC3]sbJXYEՉ" R1ϯRhejw/|?g\Φ_]q蟆?ABGw یkl\KNuDo'5LVq bjBfE'K;р w㗣;-\?yN ~{]񑤛Od T!i KX4%F#ىYu[Gt4*<#⹖x"䬚sY m֋1GJ4TޔtJ3[OR8 vHdWzus)$qy~cꥰ-XyokϺ!c+cD*9G/*F8 kw&J/_ڞ9]|Dݭzn8_ς7Pے5asw\&N]5'C|S˻ 'f\@M}78{)@c*eFcB8+p2adla&~䊒%w!;вcDWFG+zi3Љ&>bydr&;ga:2Qm,5و7qa<)1ِSbDR0fEHY6'\'+JG)6H"r98γF&"#j o%r0TY(ݫ;ݘdŠ"מ^朴O<82J#PSg~1r'qhAO)v {R\e<%n1?`3ÝMT4.$_woGTC[0 _ U.!ݤ1Kr΢CFCԇ71Ԟ; aGM<{t]}WIffJRz[|N O^P"kdiۢ ׉o>gjHF?.mbJ *7W%3ArzIʤjx=Ahy8q; 1ݚΟ n2ֹIN]-hppUbi~aYJ0`mԈG&4k .` M"^L:4>;oNJ't.iNK&{ *Ҭ\V5ӯ#'/]ն>]G(AUlO#곥r_l_ <r*ę=^Ò@-G%>Nc7aAY+c)/oӆ^`Gd`0ü~r$Q*o[:s C1+5ŚfwsGQOD]jfO- 3,0}ė dwv+!/ }N[Z+ YyAp}KE#ޤǩBAūZgGT_UTGe: `u_{j 5B (Tx]Tz`M3;z1 :CJIrqQ ;N.(Zu񸿧~a_ʨTܖBV/(Fߡm(nH'] 5&Z BYU3Pl[]n|hzIҵkaomV\ _:w;d}*7 Z!nF LL3;R9h`%M+wWKLS6!e!s筝ͅ>7I_T*zj jB(c"^a\}ENаAHpzKRT=o襝U!C}Ey9γ% iZ.:X?beR[nsE!#ri?oG9z[}^䖓N䳷|Kv7&̪~7-/H#han*>_d;nbF 1m.?zm ڝ˰ӳ#>l=?xMI<7#+I0{n:wdE~˱[3"b@'iˮ#Q/Kǃ'OJl8fƾD\1d }56Xtwjq;5SШY?)ޮ(3; eeŋ%[ȲN޳߃Y/U'SUtR\@r&1;{ z [F5cm5R,jgL])ݶ* nc`c򀸺M̻"iB9JMB:7:{VƄBOF?_"?dO--$/ #>b(]!a2()3J?of~.2'IvG0X&~TW {«J6$G g:fG.K׷zJn:dMLc1ă~"C'QӤ;J?2 W^-t٦Ű?x*Gm3 ķ3-2w'P6!Iș⫓MTb'P6I4 @bz:%Y:c* u"<{(x'89&p76"Q[ӂwO,nѶ'߆ V.bȏE?ّ d!>`UgUٙ+_5T<7^%tDOta]Ji2\ϿI-|++o]n_VU-sY6LK/ETd}=gjF z9|rwƶ} "iQ3|Wү \C Ϳ%.jk jI7=C [ኾQ9tNLLJQ>H%mwPZ L:Zc+2Nfb7!ahiɵ[UfC@(vݍVrt_F+ Svq?1auLYOMqc%cgh$!>/M@c" paI2ɇul3/G1wM?w\h;mbmXf+DT%ش"BUnOCfgJ`tB=P%we h@#)fa3ҎacC YH$#`O 1XrvCFeOPU8N}3@EzNO,ݪRbLTaӶtܵ | üI3>raʋ05V7FC޸1BJw^6fkv@B~!AmYk"z*'K)#3 4pѤ;4еj?˙ngYޱDmߏ1o%)xW^-d8 Qo-k+i-E׀d)ʋc(rIߞ{$i);w*НD_Rr@ BcTD-{]^VR!1bL;Y ؟JBQ#Cf5jLZM|쇜?dLQVW= ܭE=c 4j|*h%UuI'a\rF36ɺ?K6WjFTxҕx1qHX sqxGTݩ6jc|(D6'x 0m=u4JN6Ѩ_tvYA̧`pz0wBpkԖ<NR36vSHNpd~sb9wFL'O',']B'USO~u8)<3f`=A4XG]Ɏ>զk^tD zDPS.9χb!=RIQU{&0XОFJ縴E9Ι 1kaӿ;W{Hgwph_9enm9'B˔Iv?yD ;{'ko|nTL36HGA}jTIqjnfaD0[2@5q7 FjgpOlmoWBs=XlTb9{9l73@^gHc^V!Hűn.vxIМHA#_U ȖWs5Qduκv,ZHD'(XLpYJ)>->\擀zO,%'+`P}eϢfkӣM Z -ѩn&[ߋ D&#J@3ee\z4WXwTSM:WPλY \A bSVT_i~.hl8U4]DhBP34"hQҤ&D(MՓ8!܈{r11hPHnjThHikLD \Ly+(E)/}L,@hA~ kINl&8\pJDeˁ-p[fT@EBe7%>Ҷ >KV0^#WSsiH>s;Pc\[vKxZm̺A˅Q6 CSeB[r#R@GG^^$ )x&LY-r3dͳFN0ji4kp$'[DUf&e:a*dV зQfU<\y>fK ksp?eW.GdGA%UB*iJyx3Bˁ}s t(7b /ȸ~U ͜X Nԓ F.1,;/_WrT+F.nb׈#ILw:P{͸\H-Qro8on>ihe(M a7[:̾t%ql`!;$H _858 OemO{Ț/QjxG@ڞZD"*3羭u[2q[܁ħG@f.h(%}:L d!Vh5"f?w]1PYK|s#s.y8j P sZ%QިFIFo{&5Y,5AmX{V!͖9i+Pgq'*I` ?C%* be.-ڪMцj|M?4 -)lU{!ŵ+Fj:\ÿ;˨=kp7UakMؒFqwcs#9gw'VY>h9'T4)>O p!UY].e$F|q\J=u4Z3zBH֧c ]9 9TC$ٽOZR#?YFMazh〝c>l_ 7?fMO$Tsܝy k^oiiS˅>e9*XCENCQ6ocƵ3 _|}oQ܈C"[%obV/)FJPLjUIۣ(ʕ[m1|v+иwp)7:6YQKP$scW KS5j|q(ިcj(Ic}"5."XtĶ+{>Hjixo?_v=JTAdX;tRL'ZXuiIv=:t8.2v:6GvѬ;o9wlgǂI ʈ}|`u \pjSuKz]a{SolO<۸oSH\V~9H&߬&-M)п|= &D1eeO_?R{6Ƴ=[[fQA`o4D*\CИ229񗣱1I['^% Iu(tdfSFD}^<>w)Kg lq=& \Ȱ :kMqC:-h(ga{5EG/_NML Cܽr*i},_o1:ʠ؁t|J2 `+,TQ{:KHt%H3Xug+e3 D"[/ɷd: ,6))bQ.^<ʤ( '9C\:8 8"fKX.kbY|28K~ &ύsK󙬏>"~0B;ZMBbvׇ )3C=N>ߵn [ `$[ϸ6R QPZZX,8]Z`ItǨ',|F57aWyǍDT|ixM;RRaQ?7p5өȬ{^BecO~Z5qO=k$;>:aRřFh?Ty^r,:Kqk!G }]mo1d7nEi[d@Vwzu9~ylZqAulͽXA>aj:ONQΦ ,%fv8)\*3gzAC`&.6[11j:6O U%!P`ikj71i!'QDW C Hg3Bx Otr!T;fc[T8Gբ:H_mW`iJ( 6w+̂sf+re~' 9"2猣ehX_- ;Y5" -n[ `rJ> & 5K'Gvx"c9Pu`$[9so #[f ;=Jݯ0D-4LdZvMwdkfT u4P),ɻ':pnpY_Jn\IKGY(yMjcR2{Dff4iei0һ8g!w?V -x6 <\ NOAkEw_sU20sq3}։+I#S 3{FJ{9<bIzL!S.h]i(-1Ð[N'C75j2x u"_RE?H7zzXPp~AXݢ- 93tEv0Дɔ4ť <] 2*V:i_T?̓tJ򓂸 ܅ˑ=G:OHiؖ}9, q p-u6'(&-r/ ݆Zwxԙ̈fj{4BqН9"R0 1Vj~c)M* ɋ.vxsp^땫%~61&F|ؤk )Nq tpxٲSadH;^g2@;v*+%يk /{yvAڤiؠrJ#O&=~m< M17W=ja>d}K11K>Уm4FTd2lƿMN_s n;B;~P-- (XR(ͮ#T"P gȾtX S6]#mW3O\ֻS/*zj-*65@(JwmpTLpd~89{-YmunJ %,Ù?0fb4לm u ׄRr5f&|_v ~vt_!Ar99XpYC KˇkaSQQ"n(T.!Y rtD{H]}d A6ko?er/: p+L X?D yE\RpWaf()ýuMwG9_h K\jf4['rQ En|p͛I=+xnnf$r˖7ߧ-Ȇ:F /;iȀW!D UV8]omK8 rחXn V3#18;%-v< 6\n3=N]r> #$OnG ]QTH?Yy645#/iKY^wE&NK7xIpi@0hzVrX;g>یŰÛ|/ӺV;<ټK|SʳyS0B8,?W.,/1\EMy1@h7,=m7$Y\٪Ȕ,ضWjP zԒitpU*3ylTs \ZDºWŇ) !U7{K y#Ve)VR 䭇&v|kEl]QO]d]=p|gASLΙ |KUn[}]l3 _~Qaqׁܷۤ'WKκz s>"ߗ'bI"Lyt X2PMcⶡjD׬MHcrɛ@e6zLP"A% &m B…\A*;a@4'e>w/dhn$N>Қ?GPL )ۋ0Vwy}@`Es9)*fqfGWvg=βκ|[S$;I{uPaA" g 6I~ |WBlf6J &ڡգxyOTlVV3ߛ/_4h悠 kR~9q0Or`qg pn"W|س]̳x+x{,EWhU`&z PSjIcc-Vs'i'lX&BRY7Pc/-Sp`?EcBQ r9Y]x@Xgt%׻cQlN'n(Re.>=S@˚V$iq`Por΀ 7fڻ{ 6/tB@ R'Q I{W(_2Tna'j/@XBƣ%RphI E.z#=\`uvSi7*&<-rI\M˰΄5])X^8g1.rԇ< sG0KcՄ2bl[a5i/(?LzNvgBٗ (.e]m7h L8,/ ) hu|uBg蕏Z4sR2?7|pgm& sAWǯY&A~:/m:-籞&E6| ? `g{j? ߸_ې 8\r6 7E%Uą,UBP?1Ӣ`.hoЛY¹Vse5t _&w@fp@C>Do(\FJe~!ytJ |W[!i&-\YԭYNRza_b颒c- Yqݷ%=i/n>3Ҳ|^zUKrlAl["l6k `(9;_A9Aԃ hѺ.H6Tl/ |OsCF[u& , ]:;aaFV1ºض&cJթejܗZcb `F ecs/kZ;))4~Ha6 xۆRLS, ˙7v٭iK[{HqXz}#~}η=0 Ц8Zx_6e\@ύ.j5N F5g^+P+7f)if.Ʉ7gIo&k:]Uh(n 14z}/"$tlѠ$Wc6dp:aA헜77Wfn}[\J@p7J6 cNk.MY!/Cpu7GL3'Ȅ{L7'e8@T1 rƖ?͠I44 = 廕^QG'qOS'haW&"3dEʂA '`deuL5!Iݼo8.¹AX`Z عe&)K <[̮bCyͱ"??jvg Sm OYCOV+CjTx:YlBG +o({4TzҺ$ܗ^:,Z-b(A'H8 `"[cie, ܈pɚmYuN 1>䇕HAԣ:A=fnEmQ^kBS?2jL[JN)15̱2p4*l@D_4њogea n!9?bQ/>VhEIj *;Ou"e#f3_JHKAN6O Ch(< 2:E圽MWn(k]3 ~Uյ0o1a]3nj=Wry`%#ײvA莽e,}iBJr?*=ZDoؓFJvR\F03c%p/B:o^:L+ +U'k 9w!H\CLD0Bky9Gi5)vxH<(Q8YcsxI+JH C3٫cRz1,E~(e-oۡ;).|E% :" @7j+Yn^ؐ_ЇIGv 6ҙtI zU1 FI+t ?H|2F? G2B<jg?LSDzތQn +rY(0/,^ǃKǙL$7ގdǝ|=nܵ#TX6R|du%@vr[=n=KKC!G!*詐z|eW߶F&@$7H{'NHs=q;=;@;Hx6P ]^+FFSژAQ(I!c JijaMÎ91#Qq~{ a5Lps/IP݇D8M8Ҏ04gTqXK>bZpn91,T„3ý)Vr>.)&͝/Ŝƚ T:z|+1^5x>+G5]&Ġn£bFXF1Qcv}-~҂}y(Kd}6[cXI:F_m)a܋޺^R Otp>Za)zoho u4`)ִ1?/m.)/^09'UU|C9PL̈́u!VsbDaTCa W@]UP$ @de޺l &MnYu rM XΎ A` 0⽮H٦ʸdG)|(GrpV~m'"0pԣA6܏ln=tpI6Z8(2@ўIb{+m{u+4* 'rԮaʷK HʈN8~Xت]6Z?CR[faIFAr!#BT'`EOft?@d oCٝ>:բ0uqt5Q()Rvh3q/Y)fMoh|T*ɣN`R 6 y탴^RN ˠviyaUn)~8AKV3bm h;w\[>޲z-Yʅt;t2ۡ:b3&))3|~#_-+VKF8qDEͤ1f6swsf]9;x Kb@^GԝH%rHO)yO mƺqEzar{ UEzr8[<7Iȱ,'_kiDi*z,݅( |>m(4QtyY{H@e1EMޫxYw0[5{M2o8if$Y0rz0.T*1+@P\cv*E )u$IקK}>sf2g^B+e|QݳgMJ1c7sw?(RqftA[?˺EL!@i:L!F $_&O}@]ލ1y_Z!pD!;~s|Lj.Bz V_#GAC_^KJt%)^")?ْY#A(kY{etuvv8Voc IHjj 'Tez1I{Xe7*UW蝅$"$_jy\j_GY8 zCiâ7Ќ{dK:DFݎ{v#Rou3qсD"=Rc0^MfOYiN 1C%|KnsÞ֓p2d/I|[JtQ6xrd 0aFdQ_ATx_&H$t,X%ubBxR%zfYBv z3'÷K6ݜb e-U,Gt,o@[*S d_:` _R }~NZ@ڶW>n^M^AC56R7,JJsM9DNe6.S<#ZҿOLbp)iGr+?:F.5;t|?P] n#+9坶mfk=uGGt0I)bAde P0$lvwwˢ+3Ya3>r<˙U;OylFr4G,zӣ vZ_t6H5V_Aԗp ߻8:t?R61JJzs)8DG^"(YfCbXRbxN+Ux\dxHխэ(D̞0y{0 d* ISSDqn5"}TV8{ݸM,7X m"j|#qH n+q3$gO P/F&eEn@@=mcP[{z]NظU8hVZmo3Rmh kcQSBsg3y wjDn(6AC̵۪ˤ AݽHYd]$JH@O" Q|56~y9,6J[ +RStgAwlYVy*$ccI1Ȓ=A6W+eq @V%B\"eTd/;RކK'=o [6LKHnv?Ab@$1<60F)mj%ԋҘzт1 /,b4D 5+FZ×G X;*mꓚTSەeI;0RL8N]QF+z˾{574P5Ob?;d`HՃs>q=Pn-@w8BDv|yօj/"+ Gj.!4iO:MR?\4%#0%K`ϳ.GUN*x5}AmKԓcpOiFK[닃ĒDc"C^?aw Lo@xC]1;eoĮ> C͘jP~/n?۲5m ‰ "j;FQEx?[K|םZEmEZY?5;2Yw5pE0~ =A8vg)ǐ绰j?5 ɢa6,W"s'v%6&E RыIC$Ep%zfdh+"H^Izz{;qw혨=E͠bELPLR`Ic7Đd2Ro tVNT]Kii9DA6 >x1A܄VOǢx4[X9\) IL-U /_^W\w]Wص!0P@,x(:<,$ct~aXq"7p!Q1Vy;k8ʿ g3er_XݐMn͏]3hj]ṾK(4*3X326ˈJŜ_L%x-RK0"~KQe!pQQ+JuyD AJ7&]XVj\.}@OJ+bIj8/l--}E^a Jf;~܃n:QCUW53(u*gvAH' (+ۅ_1& 5YAEݻ<Y2$73dKP[6FY"\&Ɂs5oh fH7<> o'ZX`YY|ٍ5xinȏe<J]ɡ@&"K2@O/!wAe9w)6؈$吓~5YV蟘$GWeH SaⅲU˟/i1wf%+JmH`藁K Afk<+D#em,j_4_EQ~F:\  l3| Ǽfj,5C|[[?Q(={{e.$Ffo&"  a\uaE kƼOm> $u߀%V܍l4 BX!3-0 cCw_?mnp֍C{Xп)o=%R*MJg)YΠ@ Qvw@Yy.q j~=uo~4[rɜ-򡆮4xAxAlgY|-!sk-=G9Xq-Ю^jW7RB3.kyhJΒEH(G|i:b{WRYSp_mw/V+*27!,iaXKO)$mGz.iFVC7F^'Y?UI Qlą6])T[dXP3gBb7y brX9-q}@Vhc3ɠ0Z<3)Eq.??|:gR{Y`',D\5$ui2Gڇ -Ŝ(ʛ|:ɑ1mvKv.1 9A\_0va'n"cR8aHy I2k$ŁINilLBHaMF~{[/66gѿ;"p8SOxMZ[yuP@ԢK#}C]4VM> Jha'Zݛq7>IM{O|)ldu7CwA0ȎX6*MmohTh69zh42Y +nQeGǥdli'3-y3>pj=}n+O~g q!>!]Q9 6 kJx5bir' Ԟq)ٞs㽐& ݩK0+#BeYY Hq X<_Qij[m᳴_WC6Ns*^V} ٝt0NRiNeGNĩ "(,%!{-ü7X#ݭg 0\^$Kxn:rcn4Tcw˻CV9!݆y=ޭvSN΁1A;MԻ Re STaTՉQ}XXq0_ѵB2Ji0q`F'2t.hظQ̄@=d>j- 3LޥhSn ;L{ռ)j[a*hUGspe&[/BL 1~ ~#5ӳ> u |!`Tmp]; or\c":s)3q:kB].HMT}/3Ed|cW(M~ 3γ6f3j:|iV C¿V<ǥ I7VZE@%#-5,.7byyzچר%ZӡIv41}\м|p;M NIFA0?e]$yf9|v$ĪЭ B-JD22-cr 6>‰3ե]=R;s 5ÖY5$$P euzIyE􃐮F;T9-\Q0dLχ)?f['#ϸ!奬hc3fzH'6[cbgȮnAB}!ai+gb{˨L(lJ'?3De3sbJhJ7Ssle(ٳlzR0/ G%va XsB}@F\؋0:{WZXP9L _O1K ǒ 0)6E {R|ٕE;qvB iۜR@k8 tW,EG!K@Y;얯iSBZ^*:*i|d O*|i6>"qǽT?i=_={fՖ7S`;,$4\'32r 4. ϪNE=PZ GSyu Ãפ1&o伪=)TO#3cyFEK1rڣs )ۀkήi%B)SćŪ|5NH֛3dsV -u-J%=LqV#|E?`?nlq( %q+t52,aei4w; *"nO @++x>r >Rv|}\]]!* Eᅊ%өۺ-*:N7# $f;vf=po>@& -Aui*&g2ӴP  |䦀4+JsjZfm%[yYj$ 9R1)@ TppU 8AƋhgCSFh|nr4oɥ|T"ZEZ0Uͣg-Nx]}'cl4qMt-TjH+F/&f$J:Haa WF*Ka\hIwތJ2hgjv7X0ŸsIp٘Zxv=_1t˗8KQ{=FJmjNY2Yb|my} [݄fZY8}do6fOH!dǞE$qlg:=Jy.kJdv ooytp eKH> q,vF VUt `p/V3`g͈Z[hIgJZؼh}VCP6e]*@\UqHUCL/^N0j5O6ؕRO#$ޞ%-Ut'{FC^Z7?9k1Z@F M$AC8fj:"gP\Ya YljaDm rp5;p˂a(Xe+s#PKSx% PūtϛKloAkkcom^/^JQ (z{.1P5 qj#csKnb>bEB/Ƒ AIK ̭>8['~Ω` :o 6_uJKG*Qu4 W/\E53GjΞϞMhhvO8ߩZzK@@.6sQ.ˍgxf@JLzV T6pҿBtbm^˖lS o #wmiuFh#1,V0L7mmO[O~Gv Nm)>%XmG)<(K湞}1=jBgnR\OT>Ȝfwcz ,'3/UNWyW̠v_;)v27TrO|LݍmUJc5Q~sC)G%b<[Y X$LɀľC> թ8j#&a&'ԼL(YҲZ,hgf;7BT 3]@eLz*(GꇠAQeO5X'QC 9AO"ͫM3.˜Oz~9D m*O%ҴN߿lwDuD32-GF_U|B4Rfwyq0в?l-aE2S7(Ɇ 3WV:׽mT٪b0|nFzDq/8ni=%_:JU.H_ܗhXp9j( a6X~kA8Pm"wGAAȵ`r]*qcŬP/)zg2!Z*W#uD 3&frYpN_{six^"BkFw2`fb8f>:gIB#0B2$˹riZ*Rk~Ca|D\D:1РI">+]%{0%WچAvI,$@LA`i<%|APE|٦v{LO20@+ء-6AA@;vpFc6Z˚)\[qg^0K1&),fzF"<KDSY89j t_sx8څ k1Q6K1hV)(g`=Lp^|)1"ޞ\? GsCwٮ)VzO&?eEܴ|Y83@ 6vܓ"-P/_.wՇ΍(\'to'WmN!|EHLFU/*D3Klh*4KkV{+JR*Ɋf`Cw8ϭ &e,VQHӪl vvg?5L!}v&g0Q063?Z-;$c,EhGur+F:ģxg,ӽ#g^k>EeVb,S6re]\U*'.qދ ѧdLH sG.;) ZPln т[Vc1}X.%-/sC *X!gbʘ'R3f)v>,Za`j5)ӗr]"EF>5H#y]S%&\87M-W|{ k9y"Ԑ|,%;|kt/+t ?w Cס@ 0 F'`*po &'**~Aq戨A<*R&,Rg1Ut$# 2\ۛ<' gׄp?)VұR7Ne/80ŒMsg<x݅QD[6p5ߒZ7qh{:Ti zk.w?cw\pkTr+r9|PKw3Hq7{0g5pԿEHܻ{-{-QKpctXH\ arf=&s*)V٭x8Z s75z?4ۉ(AjR i2}s*/]CZ}IO> 3J(zV3t}wY8{.,{V\"@GD*Lpc>{J>q[V UGtۃY]Zz8C.b "(c =$\"[=IR ¾pw&W/E[sS,K4)!+[;Lr,Eφ`$yX7HT6S䄱q@*UI%hl֐gXn4P XAB:FkjtwYuy@#/kʩe܂=HN!|A#|m4nzgE"y`#͋ I0SeQҜ~i<݅+̑4s˻7<ƑtvM-rTƏyձ˰뜅z(,l8&)Ձ~8З7BAmv@9>>ʚfrԟUjl"司T=ykšupFbG~pNƇ-s]ت@ 7!;Ir!KnD\):㑻0H5 7q)k/o)~FnJjXi%:<`ܫGۺh#iUuH[}23٘EA:8UäK\x !F?ev/2%˾ڲ$0@6ANvR$ VQ,ekPSFɹtWI1o 7*8ʴBC]Bʸeֹ HO/$$SkH;۬%e\<Hڇ&_m3{7,Nk?=.x2Xq!X(9{ͪPܪQp*I%V"WM?T-=}=4?C$GCףuq:bu*p([➞`F5a8>cnn_ Yo YJd2얩4Z܍Sk@?v8Aٰ߰' xÑͭ}$֮%11uHY|y:Dӱ1So6Y (ʳ<rSNt'=- Y$HW7tfpbgTh 4Uwo[]D s=UΩRkM 5Gݻ:m E4,^bj)c(UJ]? RqvpQ/{!0 ~+架$vz]Er& :fsRkr%vIk K)Y` -*P &x޼0/j~o/L`x:\Eܪ,7MltPL7OR5"Eb#n Kxբ!oI:KMn]RIJ# CIq-qau`>ψDxn=6wU#!"p]:~5ˆ !.vtuPcx~s$(DN>%7;:ieEGZ:] |[o@?6 d+ݲ%!MCHrH{I+| ^ xzokoSEo=emt;ofRZSE\${?uo'XFŭ.5 .qv^yG)SwA7VNJ ;:W3E N^}o`2"̹М3x,5aB?7uZNE 6 UF!CFgc9;70֋H G~^>w1hQ- z jR?o$s2]Sזj_ZD$ò~\&O\B67#(Z:›& jIKXvð[DJlUhRުN]nAkJ1z]ht=E CF㼮ity؎wzfC(#3>Uy.\VXtHnc(=Bs,$F%Vi{&#􈈉+ΦaqK5r|(]|k;HioIY-Vz[2惍Iz_Ją iS-U:4珿&rApf-H9~H~Rh[dts<AYίRe >`upb Wu6&8g ~ :&-uZ F>aIlxŨ| xhPR>^/8HS*]T Rš|d3h6^|Q+1?9 'ݫ;BҘ_kM.~8knj68iaHkn|yvgR `%R&i给(ɛ[3Pň?JA|F8Ow]K'r9Z QjQLi#uGdKMTst( KqYkц>~D1?4nIBA*hKt%rOjo8Wp1H8PM0 9 `ȷnT'ȽߍTSr%-W}UC'L!H[j¹j 1Ǟ)wJ]ۍwa"}oZ?L{rMi{{ c$֭{k_mK̿;n%`QsۣcұT'[.Z~9f5M,ύ[mWU6cdgQON(qRh(sчwlN6l9I{o W:W4 'UL۞[ yJhYs ZdXS¥BEʩdN ,c*l|$'Jkx+vq G3x3{>^:$y#Jjĸs ;ײ̊;0teAIJv=r5ʹE"%JtoY#_ת_筐7]l(߻v`%q Gt/,"sUɖ{ںRwe#nçq_$}%_NJE mXi-W\LUЁ9qx}ETyCk%J8Z3$z<wf=~4So"&isɄCo(}/jwT ۢ+赁z֌qƩU U[d)v皍Pf-# 6VFf`XMQ&C }qhzlMucn &}wgbd :=I;pvْu(T]MY""㷊OibMFħgLƲ7o2#Ih6íRW{;9=~t}L6b1q9u(ڿ|QKc?:Q, ،H3fNs8[EH- /{9txCK-x&XT ްͻϑ5 Mq)y-~b1\]/3.r1,de'$[.~٦W7J4BMg0,^HHyUG#!?&ܺ0 KDug:OoEO쎚=wBZfט5Tw j9l! lCK<%|ptK@ w^`Skc"Q$XUN>iƉ.Y'{dn=="W܆$@|Wiãf1Ljhd֬/ JS@%imm|}6NORi"niA5Tkp`VDB}hO'VVǸ_ eF껟'<=?u Q( /m+N'X%Ε Gq7kŒX:%)Ę9V@/ͮ^3LLcwJ?8yq2$EޮOXW&6$  ۗ S4D|^Y"]T;vAzt &^;nV])t\ R5c5pk~P3p~ֈ;F*z`e{('7kbͽt͒ev^\lu33dΟq&aeޔLP;\CGvtLNPgrH&>K0QCND4<27#WYˠڡ#_bt Ky]]]=2鸙\kr}Bu'ps NA/wUaٜT8P%[(n?ma%گ@DҦ o!c;YPT~8!9H.l>x[O\U$ܸhRF zD"{x l?Bå0/A]9,cSpEjP"#=ڇ㻍Ji+0ԖqUA$n 6Je5ja׺b!:,z[pKS~mPiYX>'HoԠa4 Z8$jH agkZpy,A1%v5*bЭV"Nf'-p8]%FQs͍\ԹF;>ZFu1*: 59*n_S=,H_)woNГڍB=|ds"^K?I%j#ß- ΐsp'< J1aB\" l[qatB4KH$o dAuPH-$@M)Ӽ>Y\BlПxJy^O"xǪ/NY;m믙8,'5'k/sc4 oiwE^4:Poa@[#ʜ6R{u<#Kk>e${^2&X5^tnf4r ֢b`mdžsN} [pB;PH w12v _|a8bΥi-$Ɉ5 ژې9ZiiTedkthnsPS LvY4]N-GcbZ{pV@˜2/֛bڵu#~ EϩY PƀBl=چ,x&ݘy ө倱Yu#9B)WI"VVrj12,a7L󪪄Ŕ>mv2)n'cYO;-Ǻhf.C52/1v'D j_C#9ҋ6PƀĀQFb0'u2>J-^Qc4TT!ryļln"`n91 bi Z%U]~P=QG3歯Ffk& B$ 2mn䵈fE Y 3iq[ nz{ |J:4[Qr7åOiԳr {=dɈw1tW.IQ`^3;iCkLZ#UIh+ Vg1Ìi+>ő ,]QN(YmOx6)َmH;=|ɢICX , h 2Ibb>p{zr"cl}!k,h%U2F:t&/6 YЂ$&$O[Ӹ[,S>kwHp+ռa| B'[dbw, W)קϝfu"/~YC6affɶ~Fr?'^Z-BMb s=Ѥʼn)>/89te2~N{>V?S'n+?уţ.uLtd>ʯTO-RAyڽdGFAjD'Le涕KJt>ƪ271dDŞ C2Qq]vD[FoYKd<*cK[^4"kޗs73ʆP D,&1S "vjHO ڲc0\W@'"8&;d4/@6v&JGY!E|<~'x-ᶖ#x>9I=1q9v3|aBsQVx6aNgN65n0XDdJtMOaD7TJzaeAUU/cqxv\"OJ V wJ)>_Yd svžw,tuFhb$ XW6[b'rZl'82') T9G>_e6Y4L@N&KܝXNEBUyepES3 :7RP{hYD{6L9CjwNV\.J' ڌ4@SQ1>~&-ue󀁃jOX ._Ҋ1 _m]$^r>nӧnj'N  >LEA;p3ѐЭlu QM[V ȈD*xw*EMdHzʱ]7Ht6`*)q[4F5Z?p{>W=^/߼pgÃD, ЏSq.O')"xёxMIONdNKY9,fvGDG:1-5DM*h0D;)8|zPFAoawjE)6YjV:\ bM@j J锡8:zR'Zir0X7XcF 0NHGP*q7R8J mnb?eRP'老q۽Mm3_Km{QfDvA x9oF}R;A_:t9x`x}( $wäPI͞^dJh)Es5 zSzbݷ{=x[S ;VǕb;RLhZu/S^yq8E6ljKK(Ҋ 9_Yb㠎xsr2Z8 K'BZQ8ZZisXP;QdgN[1 I̡bZ2j" n~ܶ*PįQŊxY9 qAYکX̝55˜Ղv0Xx &2p~7϶b*;54&E1<cJaSx2i1*X-6E,^Gj,R୑OMGfj:pbGE)OcP[+\͝nMR5a0Ȗ;Q`=iE~J旕DW_3U DpV _S?s6}9fjsOc=k:,KNkMs)i)ھO$ 8Pj9KqϜLqHh5 sь kRԓMn{DٙYk|u:GkTWr-`mq?nBFfLV*mXQ[! [}.,~Ϯh =Ԯ _[b{HAW0SL:Mҫwf"|ӫC#'W :&'3ӄSG,|L}g 읠ѯi5+ȩ0A!v~O)xJ&7i6 R[ee^[Xϥ*d1L_6m3IW LXj[]a*$]:4bU?S21@|DhA.d+We5mh|Q.ifg-^b[^ =lm@h݉C)Z>$1nJnfwE+Sq@O;$zs$ Mu7&J8 UcmMe0~샆9HB3$C`yD|:(P[5-O^zx4!N. F҆75 nq㺹Ԯw`tqq3  WƮDBXG=]*S!YR%.Q3^ AD8#Ht-#'4!,Θ!woD& r't?9 zADJR͞B;eQmW51Fs 8=_,;Hs֚RUY6!{2vKgީ[S:c><ِK){eܔ ];sF=CiQ>eō9:0(6&3Oލ0ڗ 7g|qk){ zɄ oƝyOckKFbfd\F8D,ἱ _/gsgѧ- h8XTР//iй:8F2Km.,gr~:m^й!M1%G7* ~{ֆk1;'aL5^a u`.R|O{~Ʒ}r M Q^l )mkxH~Tz⸮˜xXښ^m4tlC_õG &зF` zqw2Z*``L )7669I5(Z8t.u:5"gKdZxؽƔPE{qB ~BNTWpH|(}v첂u/~卧ww$Fer෯ֶдfp^Y}M_ EnzC=BeQbL[tdʨ#;3(ީQw⼡[Q.i=nn}ژV1L*=m`Brgղ=϶lGy< vdbUkBf1D!U?ŕBw'ײp9=i iߊmy+NgR笹Pep)uMk2$ ]lƇKU:tt~+3By[..O"^wrYY@+ޕK oX$ժ~cfGR-) ?N-wY4W xc= miȳ}&&®NW*lH-1fE$<܅Gᚫqg)]LN,&(%Q4ehi7;(օ[O_.K3DS@@ԸQΐs`:-.Gb*>0=4-n_Z A;Y)0F̀q#j Znrjoo!Nz A4f訐{[;K4,[7C@8OjЛĀ06Wm$h ͈MF1\ P?bL*_:(k;"ѩ=WybqеPL?5M!ԻJ~p&$<‘,UH,mHJ3ScOja<)r"Iyɉav^Bq $Dw(&1u`Zf礛N\_@:̣% ~!J֋xAPN΄Nנqe~L7|0T: PRXSwOm_aVo% x 2m۟ޠ5*Oc vN9chYKg '_?CXx]qu_ ȧ9@G23~ w zP6ϣbxإ+ ΙSXK£2(CWR $1)N<0i5,GD d3+nt#ƦZJbȑ*Yt̛) rc\OnJjEJ}́6SAvk}bbSe_֦u& t3>qP><*?r#о!$>۬4á͌!ȏ(Vs@=W;2\ VZ-O$!/BŘ(.r.qk@@8vtBp5c-2 tLoٶQ^֡qHsW" mJ7?7G}$[/ofnYq#E/Rx0w4A3p@f"Z DdtYP`T[) b>NcSQ3! ~LƵ?V5@]^3c)[ -jcUgL}\@5s?&S2mm>XEMTnɏP˨yQx?ASrO3{SUd8Ppb+[ r.dƵ,qwm6U-\Z]b)S7wo" -N"}e:`rխ](ptu {k9I3mCzߐ㮚0fB#f?a1A@i7>` \&Y65$wl۲5)ZOlZYk0,'`F2|b&/joW. A:h43;tA9}RB^a[Q) a}Ts~2bĤB< .$'+\;S \+Gcb?6rᮻ>=y\5<6֧0u\Œpx9KS크M4xA>˪e"zlrP;BQhcа YZ