389-ds-base-libs-1.2.11.15-97.el6_10$> ՛SJv5T>8P$?Pd ' O<@X\cy   $ D  @`+D+v+(89 :@yGL4HLTILtXL|YL\L]L^MCbMdN7eN<fN?lNAtNXuNxvNwO0xOPyOp(PC389-ds-base-libs1.2.11.1597.el6_10Core libraries for 389 Directory ServerCore libraries for the 389 Directory Server base package. These libraries are used by the main package and the -devel package. This allows the -devel package to be installed with just the -libs package and without the main package.[tx86-01.bsys.centos.org7CentOSGPLv2 with exceptionsCentOS BuildSystem System Environment/Daemonshttp://www.port389.org/linuxi6868&FLAA큤[t[t[t[tPaPaPa[t240ab1a9fdcd76c55af4b1461ec1554721cc5aef1f1a0846670e2f3c29841a4c18c4bed873d4b37ca369819056cf9cbef47021eee1e9bfea01e8bb6b2779705d2edbdd4febc24cda9b14c335dd2ddfc2e07ec19a362a7e7b222afa69f6674f42a76f3347f8e2221d9b6550078ac57a0a2c4e8b1da6ce1a1a8aacab93be7e8e231525d7a597353477148023386f1f4ed0905ca6d31766a4a9608d1e090838711blibslapd.so.0.0.0rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootroot389-ds-base-1.2.11.15-97.el6_10.src.rpmlibslapd.so.0389-ds-base-libs389-ds-base-libs(x86-32)@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@   @ libc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.2)libc.so.6(GLIBC_2.3)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.4)libcom_err.so.2libk5crypto.so.3libkrb5.so.3libkrb5.so.3(krb5_3_MIT)liblber-2.4.so.2libldap_r-2.4.so.2libldif-2.4.so.2libnspr4.solibnss3.solibnss3.so(NSS_3.10.2)libnss3.so(NSS_3.12)libnss3.so(NSS_3.2)libnss3.so(NSS_3.3)libnss3.so(NSS_3.6)libnss3.so(NSS_3.9)libpcre.so.0libplc4.solibplds4.solibpthread.so.0libpthread.so.0(GLIBC_2.0)libpthread.so.0(GLIBC_2.1)libpthread.so.0(GLIBC_2.1.1)libsasl2.so.2libslapd.so.0libssl3.solibssl3.so(NSS_3.14)libssl3.so(NSS_3.2)libssl3.so(NSS_3.20)libssl3.so(NSS_3.4)libsvrcore.so.0rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rtld(GNU_HASH)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.8.0[b@[b@[{@X9@XӸXX*X~@Xs{@X lX@W - 1.2.11.15-97Mark Reynolds - 1.2.11.15-96Mark Reynolds - 1.2.11.15-95Mark Reynolds - 1.2.11.15-91Mark Reynolds - 1.2.11.15-90Mark Reynolds - 1.2.11.15-89Noriko Hosoi - 1.2.11.15-88Noriko Hosoi - 1.2.11.15-87Noriko Hosoi - 1.2.11.15-86Noriko Hosoi - 1.2.11.15-85Noriko Hosoi - 1.2.11.15-84Noriko Hosoi - 1.2.11.15-83Noriko Hosoi - 1.2.11.15-82Noriko Hosoi - 1.2.11.15-81Noriko Hosoi - 1.2.11.15-80Noriko Hosoi - 1.2.11.15-79Noriko Hosoi - 1.2.11.15-78Noriko Hosoi - 1.2.11.15-77Noriko Hosoi - 1.2.11.15-76Noriko Hosoi - 1.2.11.15-75Noriko Hosoi - 1.2.11.15-74Noriko Hosoi - 1.2.11.15-73Noriko Hosoi - 1.2.11.15-72Noriko Hosoi - 1.2.11.15-71Noriko Hosoi - 1.2.11.15-70Noriko Hosoi - 1.2.11.15-69Noriko Hosoi - 1.2.11.15-68Noriko Hosoi - 1.2.11.15-67Noriko Hosoi - 1.2.11.15-66Noriko Hosoi - 1.2.11.15-65Noriko Hosoi - 1.2.11.15-64Noriko Hosoi - 1.2.11.15-63Noriko Hosoi - 1.2.11.15-62Noriko Hosoi - 1.2.11.15-61Noriko Hosoi - 1.2.11.15-60Noriko Hosoi - 1.2.11.15-59Noriko Hosoi - 1.2.11.15-58Noriko Hosoi - 1.2.11.15-57Noriko Hosoi - 1.2.11.15-56Noriko Hosoi - 1.2.11.15-55Noriko Hosoi - 1.2.11.15-54Noriko Hosoi - 1.2.11.15-53Noriko Hosoi - 1.2.11.15-52Noriko Hosoi - 1.2.11.15-51Noriko Hosoi - 1.2.11.15-50Noriko Hosoi - 1.2.11.15-49Noriko Hosoi - 1.2.11.15-48Noriko Hosoi - 1.2.11.15-47Nathan Kinder - 1.2.11.15-46Noriko Hosoi - 1.2.11.15-45Noriko Hosoi - 1.2.11.15-44Noriko Hosoi - 1.2.11.15-43Noriko Hosoi - 1.2.11.15-42Noriko Hosoi - 1.2.11.15-41Noriko Hosoi - 1.2.11.15-40Noriko Hosoi - 1.2.11.15-39Noriko Hosoi - 1.2.11.15-38Noriko Hosoi - 1.2.11.15-37Noriko Hosoi - 1.2.11.15-36Noriko Hosoi - 1.2.11.15-35Noriko Hosoi - 1.2.11.15-34Noriko Hosoi - 1.2.11.15-33Noriko Hosoi - 1.2.11.15-32Rich Megginson - 1.2.11.15-31Rich Megginson - 1.2.11.15-30Rich Megginson - 1.2.11.15-29Noriko Hosoi - 1.2.11.15-28Noriko Hosoi - 1.2.11.15-27Noriko Hosoi - 1.2.11.15-26Noriko Hosoi - 1.2.11.15-25Noriko Hosoi - 1.2.11.15-24Noriko Hosoi - 1.2.11.15-23Noriko Hosoi - 1.2.11.15-22Noriko Hosoi - 1.2.11.15-21Mark Reynolds - 1.2.11.15-20Mark Reynolds - 1.2.11.15-19Mark Reynolds - 1.2.11.15-19Mark Reynolds - 1.2.11.15-19Mark Reynolds - 1.2.11.15-18Noriko Hosoi - 1.2.11.15-14Noriko Hosoi - 1.2.11.15-13Noriko Hosoi - 1.2.11.15-12Noriko Hosoi - 1.2.11.15-11Noriko Hosoi - 1.2.11.15-10Noriko Hosoi - 1.2.11.15-9Rich Megginson - 1.2.11.15-8Noriko Hosoi - 1.2.11.15-7Rich Megginson - 1.2.11.15-6Rich Megginson - 1.2.11.15-5Noriko Hosoi - 1.2.11.15-4Rich Megginson - 1.2.11.15-3Noriko Hosoi - 1.2.11.15-2Rich Megginson - 1.2.11.15-1Rich Megginson - 1.2.11.14-1Rich Megginson - 1.2.11.13-1Rich Megginson - 1.2.11.12-1Noriko Hosoi - 1.2.10.2-20Noriko Hosoi - 1.2.10.2-19Noriko Hosoi - 1.2.10.2-18Noriko Hosoi - 1.2.10.2-17Noriko Hosoi - 1.2.10.2-16Rich Megginson - 1.2.10.2-15Rich Megginson - 1.2.10.2-14Rich Megginson - 1.2.10.2-13Noriko Hosoi - 1.2.10.2-12Noriko Hosoi - 1.2.10.2-11Noriko Hosoi - 1.2.10.2-10Rich Megginson - 1.2.10.2-9Rich Megginson - 1.2.10.2-8Rich Megginson - 1.2.10.2-7Rich Megginson - 1.2.10.2-6Rich Megginson - 1.2.10.2-5Rich Megginson - 1.2.10.2-4Rich Megginson - 1.2.10.2-3Rich Megginson - 1.2.10.2-2Rich Megginson - 1.2.10.2-1Rich Megginson - 1.2.10.1-1Rich Megginson - 1.2.10.0-1Rich Megginson - 1.2.10-0.11.rc2Rich Megginson - 1.2.9.16-1Rich Megginson - 1.2.9.15-1Rich Megginson - 1.2.9.14-1Rich Megginson - 1.2.9.13-1Rich Megginson - 1.2.9.12-2Rich Megginson - 1.2.9.12-1Rich Megginson - 1.2.9.11-1Nathan Kinder - 1.2.9.10-1Rich Megginson - 1.2.9.9-1Rich Megginson - 1.2.9.8-1Rich Megginson - 1.2.9.7-1Rich Megginson - 1.2.9.6-1Rich Megginson - 1.2.9.5-1Rich Megginson - 1.2.9.4-1Rich Megginson - 1.2.9.3-1Rich Megginson - 1.2.9.2-1Rich Megginson - 1.2.9.1-2Rich Megginson - 1.2.9.1-1Nathan Kinder - 1.2.8.7-1Rich Megginson - 1.2.8.6-1Rich Megginson - 1.2.8.5-1Rich Megginson - 1.2.8.4-3Rich Megginson - 1.2.8.4-2Rich Megginson - 1.2.8.4-1Rich Megginson - 1.2.8.3-4Rich Megginson - 1.2.8.3-3Rich Megginson - 1.2.8.3-2Rich Megginson - 1.2.8.3-1Rich Megginson - 1.2.8.2-1Rich Megginson - 1.2.8.1-1Rich Megginson - 1.2.8.0-2Rich Megginson - 1.2.8.0-1Rich Megginson - 1.2.8-0.9.rc4Rich Megginson - 1.2.8-0.8.rc2Rich Megginson - 1.2.8-0.7.rc2Rich Megginson - 1.2.8-0.6.rc1Rich Megginson - 1.2.8-0.5.a3Rich Megginson - 1.2.8-0.4.a3Rich Megginson - 1.2.8-0.3.a3Rich Megginson - 1.2.8-0.2.a2Nathan Kinder - 1.2.8-0.1.a1Rich Megginson - 1.2.7.5-1Rich Megginson - 1.2.7.4-1Rich Megginson - 1.2.7.3-1Rich Megginson - 1.2.7.2-1Rich Megginson - 1.2.7.1-1Rich Megginson - 1.2.7-1Rich Megginson - 1.2.7-0.7.a5Kevin Wright - 1.2.7-0.6.a4Rich Megginson - 1.2.7-0.5.a4Rich Megginson - 1.2.7-0.4.a3Rich Megginson - 1.2.7-0.3.a3Rich Megginson - 1.2.7-0.2.a2Rich Megginson - 1.2.7-0.1.a1Rich Megginson - 1.2.6.1-3Rich Megginson - 1.2.6.1-2Rich Megginson - 1.2.6.1-1Rich Megginson - 1.2.6-1Rich Megginson - 1.2.6-0.11.rc7Rich Megginson - 1.2.6-0.10.rc6Rich Megginson - 1.2.6-0.9.rc3Rich Megginson - 1.2.6-0.8.rc3Rich Megginson - 1.2.6-0.7.rc2Nathan Kinder - 1.2.6-0.6.rc1Rich Megginson - 1.2.6-0.5.rc1Marcela Maslanova - 1.2.6-0.4.a4.1Rich Megginson - 1.2.6-0.4.a4Nathan Kinder - 1.2.6-0.4.a3Caolán McNamara - 1.2.6-0.3.a2Rich Megginson - 1.2.6-0.2.a2Nathan Kinder - 1.2.6-0.1.a1Rich Megginson - 1.2.5-1Rich Megginson - 1.2.5-0.5.rc4Rich Megginson - 1.2.5-0.4.rc3Rich Megginson - 1.2.5-0.3.rc2Rich Megginson - 1.2.5-0.2.rc1Rich Megginson - 1.2.5-0.1.a1Rich Megginson - 1.2.4-1Rich Megginson - 1.2.3-1Caolán McNamara - 1.2.2-2Rich Megginson - 1.2.2-1Tomas Mraz - 1.2.1-5Noriko Hosoi - 1.2.1-4Rich Megginson - 1.2.1-3Fedora Release Engineering - 1.2.1-2Rich Megginson - 1.2.1-1Rich Megginson - 1.2.0-4Rich Megginson - 1.2.0-3Rich Megginson - 1.2.0-2Rich Megginson - 1.2.0-1Noriko Hosoi - 1.1.3-7Noriko Hosoi - 1.1.3-6Rich Megginson - 1.1.3-5Rich Megginson - 1.1.3-4Rich Megginson - 1.1.3-3Rich Megginson - 1.1.3-2Rich Megginson - 1.1.3-1Rich Megginson - 1.1.2-1Rich Megginson - 1.1.1-2Rich Megginson - 1.1.1-1Rich Megginson - 1.1.0.1-4Tom "spot" Callaway - 1.1.0.1-3Tom "spot" Callaway - 1.1.0.1-3Rich Megginson - 1.1.0.1-2Rich Megginson - 1.1.0.1-1Fedora Release Engineering - 1.1.0-5Rich Megginson - 1.1.0-4Release Engineering - 1.1.0-3Rich Megginson - 1.1.0-2.0Rich Megginson - 1.1.0-1.2Rich Megginson - 1.1.0-1.1Rich Megginson - 1.1.0-0.3.20070720Nathan Kinder - 1.1.0-0.2.20070320Rich Megginson - 1.1.0-0.1.20070320Rich Megginson - 1.1.0-0.1.20070223Rich Megginson - 1.1.0-0.1.20070213Rich Megginson - 1.1.0-1.el4.20070209Rich Megginson - 1.1.0-1.el4.20070207Rich Megginson - 1.1.0-1.el4.20070129Rich Megginson - 1.1.0-8.el4.20070125Rich Megginson - 1.1.0-7.el4.20070125Rich Megginson - 1.1.0-6.el4.20070125Rich Megginson - 1.1.0-5.el4.20070125Rich Megginson - 1.1.0-4.el4.20070119Rich Megginson - 1.1.0-3.el4.20070119Rich Megginson - 1.1.0-2.el4.20070119Rich Megginson - 1.1.0-1.el4.cvs20070119Rich Megginson - 1.1-0.1.cvs20070115Dennis Gilmore - 1.1-0.1.cvs20070108Rich Megginson - 1.0.99-16Rich Megginson - 1.0.99-15Rich Megginson - 1.0.99-14Rich Megginson - 1.0.99-13Rich Megginson - 1.0.99-12Rich Megginson - 1.0.99-11Rich Megginson - 1.0.99-10Rich Megginson - 1.0.99-9Rich Megginson - 1.0.99-8Rich Megginson - 1.0.99-7Rich Megginson - 1.0.99-6Rich Megginson - 1.0.99-5Rich Megginson - 1.0.99-4Rich Megginson - 1.0.99-3Rich Megginson - 1.0.99-2Rich Megginson - 1.0.99-1- Bump version to 1.2.11.15-97 - Resolves: Bug 1563539 - acl_copyEval_context double free (fix spec file patch)- Bump version to 1.2.11.15-96 - Resolves: Bug 1563539 - acl_copyEval_context double free- Release 1.2.11.15-95 - Resolves: Bug 1562152 - EMBARGOED CVE-2018-1089 389-ds-base: ns-slapd crash via large filter value in ldapsearch - Resolves: Bug 1544415 - CVE-2017-15135 389-ds-base: Authentication bypass due to lack of size check in slapi_ct_memcmp function in ch_malloc.c (fix cherry-pick error) - Resolves: Bug 1543798 - EMBARGOED CVE-2018-1054 389-ds-base: remote Denial of Service (DoS) via search filters in SetUnicodeStringFromUTF_8 in collate.c- Release 1.2.11.15-91 - Resolves: bug 1437776 - EMBARGOED CVE-2017-2668 389-ds-base: Remote crash via crafted LDAP messages- Release 1.2.11.15-90 - Resovles: #1435365 - Unable to dereference unqiemember attribute because it is dn [#UID] not dn syntax- Release 1.2.11.15-89 - Resolves: #1421512 - ns-slapd crashes in ldif_sput due to the output buf size is less than the real size.- Release 1.2.11.15-88 - Resolves: #1413692 - custom schema is registered in small caps after schema reload (DS 47973) - Resolves: #1408976 - dbscan-bin crashing due to a segmentation fault. (DS 49104)- Release 1.2.11.15-87 - Resolves: #1391701 - do not treat missing csn as fatal (DS 49020) - Resolves: #1406835 - memberOf fixup task does not validate args (DS 49072)- Release 1.2.11.15-86 - Resolves: #1380435 - Backport request of ticket 48983 to RHEL6.9 (DS 49049) - Resolves: #1400997 - ldif2db.pl script shows wrong usage for -n as instance, instead of database (DS 49070) - Resolves: #1403754 - ns-slapd crashes during tickets/ticket48665_test.py (DS 48665) - Resolves: #1410645 - The "repl-monitor" web page does not display "year" in date. (DS 48220) - Resolves: #1399600 - ns-slapd segfaults during execution of tickets/ticket47966_test.py (DS 47966, DS 48987) - Resolves: #1402012 - Importing big ldif file with duplicate DNs throwing "unable to flush" error - Resolves: #1406835 - memberOf fixup task does not validate args (DS 49072)- Release 1.2.11.15-85 - Resolves: #1372420 - DES to AES backport issues (DS 47462) - Resolves: #1391324 - ds9 backport 47411 - Replace substring search with plain search in referint plugin (DS 47411)- Release 1.2.11.15-84 - Resolves: #1352109 - Replication stops working only when fips mode is set to true (DS 48909) - Resolves: #1372420 - DES to AES backport issues (DS 47462) - Resolves: #1380435 - Backport request of ticket 48983 to RHEL6.9 (DS 48983) - Resolves: #1382386 - Directory Server accepts a wrong userdn macro ACI (DS 449) - Resolves: #1382519 - 1.2.11 only -- coverity fixes (DS 49004) - Resolves: #1387022 - specific search with sizelimit=1 sometimes returns no entry (DS 47703) - Resolves: #1387772 - trace args debug logging must be more restrictive (DS 49009)- Release 1.2.11.15-83 - Resolves: #1327065 - After updating server, component nss-3.21.0-0.3.el6_7.x86_64, some client applications cannot connect to server (DS 48798) - Resolves: #1266920 - invalid message about write_changelog_and_ruv on consumers (DS 47801) - Resolves: #1330758 - add a nsTLS1.0 on or off new configuration parameter to cn=encryption,cn=config in RHEL 6 389-ds-base (DS 48816) - Resolves: #1369572 - cleanallruv changelog cleaning incorrectly impacts all backends (DS 48964) - Resolves: #1371706 - Server Side Sorting crashes the server. (DS 48970) - Resolves: #1371678 - Disabling CLEAR password storage scheme will crash server when setting a password (DS 48975) - Resolves: #1370145 - cannot reindex retrochangelog (DS 47619)- Release 1.2.11.15-82 - Resolves: #1380435 - Backport request of ticket 48983 to RHEL6.9 (DS 48983)- Release 1.2.11.15-81 - Resolves: #1368209 - Crash in import_wait_for_space_in_fifo(). (DS 48960)- Release 1.2.11.15-80 - Resolves: #1316869 - ns-slapd general protection ip:7f570c56afd5 sp:7f56dc7edce0 error:0 in libc-2.12.so (DS 48944)- Release 1.2.11.15-79 - Resolves: #1358560 - CVE-2016-4992 389-ds-base: Information disclosure via repeated use of LDAP ADD operation - Resolves: #1372420 - Backport AES storage scheme plugin (DS 47462, 48862, 48243, 48777) - Resolves: #1321126 - Replication changelog can incorrectly skip over updates - Resolves: #1373734 - EASY FIX : dereferencing a NULL sr_candidates pointer in ldbm_back_next_search_entry_ext resulted a segfault (DS 47858)- Release 1.2.11.15-78 - Resolves: #1321126 - Replication changelog can incorrectly skip over updates (DS 48954) - Resolves: #1361422 - CVE-2016-5416 389-ds-base: ACI readable by anonymous user (DS 48354) - Resolves: #1360975 - CVE-2016-5405 389-ds-base: Password verification vulnerable to timing attack- Release 1.2.11.15-77 - Resolves: #1157799 - replication delay when server is configured with multiple replication agreements. (DS 48636) fixing a backport error- Release 1.2.11.15-76 - Resolves: #1321126 - Replication changelog can incorrectly skip over updates (DS 48766) - Resolves: #1157799 - replication delay when server is configured with multiple replication agreements. (DS 48636)- Release 1.2.11.15-75 - Resolves: #1331599 - Paged results search returns the blank list of entries (DS 48808) - Resolves: #1332710 - password history is not updated when an admin resets the password (DS 48813) - Resolves: #1150817 - Running db2index with no options breaks replication (DS 48854)- Release 1.2.11.15-74 - Resolves: #1313258 - change severity of some messages related to "keep alive" entries (DS 48420)- Release 1.2.11.15-73 - Resolves: #1294770 - Supplier can skip a failing update, although it should retry (DS 47788) - Resolves: #1298496 - slapd process crashes on entry modification (DS 47964) - Resolves: #1307152 - keep alive entries can break replication (DS 48445)- Release 1.2.11.15-72 - Resolves: #1292649 - allow users to specify to relax the FQDN constraint (DS 48332) - Resolves: #1294770 - Supplier can skip a failing update, although it should retry (DS 47788) - Resolves: #1296694 - ns-slapd crash in ipa context - c_mutex lock memory corruption and self locks (DS 48406, DS 48338 reverted) - Resolves: #1297385 - Interpret IPV6 addresses for ACIs, replication, and chaining (DS 196)- Release 1.2.11.15-71 - Resolves: #1284791 - 389-ds-base: ldclt -e randomauthid Segmentation fault. (DS 48289) - Resolves: #1290243 - SimplePagedResults -- in the search error case, simple paged results slot was not released (DS 48375)- Release 1.2.11.15-70 - Resolves: #1259959 - perl module conditional test is not conditional when checking SELinux policies - fixing a regression (DS 48305) - Resolves: #1282457 - The 'eq' index does not get updated properly when deleting and re-adding attributes in the same ldapmodify operation (DS 48370)- Release 1.2.11.15-69 - Resolves: #1247792 - SimplePagedResults -- abandon could happen between the abandon check and sending results -- Fixing a regression introduced in 1.2.11.15-68 (DS 48338)- Release 1.2.11.15-68 - Resolves: #1278585 - deadlock in mep delete post op (DS 47976) - Resolves: #1247792 - SimplePagedResults -- abandon could happen between the abandon check and sending results (DS 48338)- Release 1.2.11.15-67 - Resolves: #1234431 - Man pages and help for remove-ds.pl doesn't display "-a" option (DS 48245) - Resolves: #1236148 - Slow replication when deleting large quantities of multi-valued attributes (DS 48195) - Resolves: #1236156 - Avoid using regex in ACL if possible (DS 48175) - Resolves: #1236656 - Dynamic nsMatchingRule changes had no effect on the attrinfo thus following reindexing, as well. (DS 48212) - Resolves: #1240451 - Individual abandoned simple paged results request has no chance to be cleaned up (DS 48192) - Resolves: #1244970 - Crash during retro changelog trimming (DS 48206) - Resolves: #1245237 - winsync lastlogon attribute not syncing between DS and AD. (DS 48232) - Resolves: #1246165 - verify_db.pl doesn't verify DB specified by -a option (DS 48215) - Resolves: #1247812 - logconv autobind handling regression caused by 47446 (DS 48231) - Resolves: #1253406 - wrong password check if passwordInHistory is decreased. (DS 48228) - Resolves: #1255290 - db2index creates index entry from deleted records (DS 48252) - Resolves: #1259959 - perl module conditional test is not conditional when checking SELinux policies (DS 48305) - Resolves: #1260622 - ns-slapd - LOGINFO:Unable to remove file (DS 48304) - Resolves: #1265851 - Double free while adding entries (1.2.11 only) (DS 48287) - Resolves: #1273552 - Deadlock between two MODs on the same entry between entry cache and backend lock (DS 47978)- Release 1.2.11.15-66 - Resolves: #1270002 - cleanallruv should completely clean changelog (DS 48208) - Resolves: #1267405 - many attrlist_replace errors in connection with cleanallruv (DS 48283)- Release 1.2.11.15-65 - Resolves: #1259383 - Fractional replication evaluates several times the same CSN (DS 48266)- Release 1.2.11.15-64 - Resolves: #1247792 - ns-slapd crashing frequently cause is unknown (DS 48192) - Resolves: #1267296 - pagedresults - when timed out, search results could have been already freed. (DS 48299)- Release 1.2.11.15-63 - Resolves: #1247792 - ns-slapd crashing frequently cause is unknown (DS 48192) - Resolves: #1259383 - Fractional replication evaluates several times the same CSN (DS 48266 48284)- Release 1.2.11.15-62 - Resolves: #1259546 - regression - COS cache doesn't properly mark vattr cache as invalid when there are multiple suffixes (DS 47981)- Release 1.2.11.15-61 - Resolves: #1251288 - Replication not working for "delete: attr"- Release 1.2.11.15-60 - Resolves: #1228402 - Individual abandoned simple paged results request has no chance to be cleaned up (DS 48192)- Release 1.2.11.15-59 - Resolves: #1211006 - start/stop/restart-dirsrv utilities should ignore admin-serv directory (DS 48148) - Resolves: #1203338 - ns-slapd double free or corruption crash (DS 48149) - Resolves: #1228402 - Individual abandoned simple paged results request has no chance to be cleaned up (DS 48192)- Release 1.2.11.15-58 - Resolves: #1223068 - Regression introduced by the simple paged results fixes. (DS 48146) - Resolves: #1203338 - ns-slapd double free or corruption crash (DS 48149)- Release 1.2.11.15-57 - Resolves: #1223068 - ldapdelete fails with -r option to delete a sub suffix (DS 48146) - Resolves: #1219990 - bind on db chained to AD returns err=32 (DS 48183) - Resolves: #1219208 - cleanAllRUV task limit not being enforced correctly (DS 48158)- Release 1.2.11.15-56 - Resolves: #1219218 - fix coverity issues (DS 48151)- Release 1.2.11.15-55 - Resolves: #1118285 - Lowering the log level of "Configured SSL version range" message (1.2.11 only) (DS 48180) - Resolves: #1211006 - start/stop/restart-dirsrv utilities should ignore admin-serv directory (DS 48148) - Resolves: #1219208 - Remove cleanAllRUV task limit of 4 (DS 48158) - Resolves: #1219218 - Improve CleanAllRUV logging (DS 48151)- Release 1.2.11.15-54 - Resolves: #1207983 - disable writing unhashed#user#password to changelog (DS 561) - Resolves: #1207024 - IPA Replicate creation fails with error "Update failed! Status: [10 Total update abortedLDAP error: Referral]" (DS 47942) - Resolves: #1211077 - nsslapd-ndn-cache-enabled returns 1 or 0 instead of "on" or "off" (DS 408) - Resolves: #1211006 - start/stop/restart-dirsrv utilities should ignore admin-serv directory (DS 48148) - Resolves: #1210996 - Disable SSL v3, by default [389-ds-base-1.2.11 only] (DS 47928) - Resolves: #1214074 - Need a way to abort a cleanallruv abort task (DS 48154) - Resolves: #1212657 - Password is not correctly passed to perl command line tools if it contains shell special characters. (DS 48143) - Resolves: #1218341 - ns-slapd crash related to paged results (DS 48146)- Release 1.2.11.15-53 - Resolves: #1202502 - memory leak in new_passwdPolicy (1.2.11 only) (DS 48135) - Resolves: #1202062 - Non tombstone entry which dn starting with "nsuniqueid=...," cannot be deleted (DS 48133)- Release 1.2.11.15-52 - Resolves: #1193235 - Fix coverity issues and compiler warnings - 2014/12/16, 2014/11/24, 2015/2/18 (DS 47965)- Release 1.2.11.15-51 - Resolves: #1193235 - Fix coverity issues and compiler warnings - 2014/12/16, 2014/11/24, 2015/2/18 (DS 47965) - Resolves: #1171308 - Don't add unhashed password mod if we don't have an unhashed value (DS 47752) - Resolves: #1167976 - memberof skip nested groups breaks the plugin (DS 47963) - Resolves: #1185025 - ldclt needs to support SSL Version range (DS 47996) - Resolves: #1183820 - Windows Sync accidentally cleared raw_entry (DS 47989) - Resolves: #1155569 - nsslapd-db-locks modify not taking into account. (DS 47934) - Resolves: #1145072 - Bad manipulation of passwordhistory (DS 47905) - Resolves: #1144092 - During schema reload sometimes the search returns no results (DS 47973) - Resolves: #1145374 - WinSync - manual replica refresh removes AD-only member values from DS and AD in groups (DS 47884) - Resolves: #1193243 - ldbm_usn_init: Valgrind reports Invalid read / SIGSEGV (DS 47659) - Resolves: #1150368 - provide enabled ciphers as search result (DS 47880) - Resolves: #1153739 - Add SSL/TLS version info to the access log (DS 47945) - Resolves: #1118285 - Disable SSL v3, by default [389-ds-base-1.2.11 only] (DS 47928) - Resolves: #1193241 - logconv.pl -- support parsing/showing/reporting different protocol versions (DS 47949) - Resolves: #1179763 - COS cache doesn't properly mark vattr cache as invalid when there are multiple suffixes (DS 47981) - Resolves: #1175868 - Incorrect assumption in ndn cache (DS 547) - Resolves: #1159124 - perl scripts not returning expected error code (DS 47962) - Resolves: #1115960 - Nested COS definitions can be incorrectly processed (DS 47980) - Resolves: #1175868 - Backport of Normalized DN Cache (DS 408) - Resolves: #1174892 - During delete operation do not refresh cache entry if it is a tombstone (DS 47750) - Resolves: #1174892 - Need to refresh cache entry after called betxn postop plugins (DS 47750) - Resolves: #1193235 - Fix coverity issues (2014/12/16) (DS 47965) - Resolves: #1193235 - Fix coverity issues (2014/11/24) (DS 47965) - Resolves: #1169974 - Account lockout attributes incorrectly updated after failed SASL Bind (DS 47970) - Resolves: #1169975 - Fix coverity issue (DS 47969) - Resolves: #1169975 - COS memory leak when rebuilding the cache (DS 47969) - Resolves: #1170706 - cos_cache_build_definition_list does not stop during server shutdown (DS 47967) - Resolves: #1167976 - skip nested groups breaks memberof fixup task (DS 47963) - Resolves: #1167976 - RFE - memberOf - add option to skip nested group lookups during delete operations (DS 47963) - Resolves: #1171357 - Bind DN tracking unable to write to internalModifiersName without special permissions (DS 47950) - Resolves: #1162704 - Memory leak in password admin if the admin entry does not exist (DS 47958) - Resolves: #1162704 - PasswordAdminDN attribute is not properly returned to client (DS 47952) - Resolves: #1145379 - Fix backport issue to 1.2.11 (DS 47900) - Resolves: #1145379 - Server fails to start if password admin is set (DS 47900) - Resolves: #1145379 - Adding an entry with an invalid password as rootDN is incorrectly rejected (DS 47900) - Resolves: #1141735 - ldclt: assertion failure with -e "add,counteach" -e "object=,rdn=uid:test[A=INCRNNOLOOP(0;24 (DS 47907)- Release 1.2.11.15-50 - Resolves: #1130990 - Problem with single value attribute MMR replication (DS 47915, DS 569)- Release 1.2.11.15-49 - Resolves: #1168150 - CVE-2014-8105: information disclosure through 'cn=changelog' subtree - Resolves: #1130990 - Problem with single value attribute MMR replication (DS 47915) - Resolves: #1136882 - default nsslapd-sasl-max-buffer-size should be 2MB (DS 47457) - Resolves: #1161909 - ACI's are replaced by "ACI_ALL" after editing goup of ACI's including invalid one (DS 47953)- Release 1.2.11.15-48 - Resolves: #1154766 - ns-slapd segfault in libslapd.so.0.0.0 (#47889)- Release 1.2.11.15-47 - Resolves: #1138745 - Memory leak during Reliab15 execution (#47750)- Release 1.2.11.15-46 - Resolves: #1138745 - Memory leak during Reliab15 execution- Release 1.2.11.15-45 - Resolves: #1112702 - Broken dereference control with the FreeIPA 4.0 ACIs (#47885)- Release 1.2.11.15-44 - Resolves: #1079098 - Simultaneous adding a user and binding as the user could fail in the password policy check (DS 47748) - Simple bind hangs after enabling password policy- Release 1.2.11.15-43 - Resolves: #1112702 - Broken dereference control with the FreeIPA 4.0 ACIs (#47885)- Release 1.2.11.15-42 - Resolves: #1129660 - Adding users to user group throws Internal server error.- Release 1.2.11.15-41 - Resolves: #1130252 - dirsrv not running with old openldap (DS 47875)- Release 1.2.11.15-40 - Resolves: #1130252 - dirsrv not running with old openldap (DS 47875) - Resolves: #1103287 - logconv.pl memory continually grows (DS 47446) - Resolves: #1121596 - Deleting attribute present in nsslapd-allowed-to-delete-attrs returns Operations error (DS 443) - Resolves: #1109381 - winsync doesn't sync DN valued attributes if DS DN value doesn't exist (DS 415) - Resolves: #1128759 - Performance degradation with scope ONE after some load (DS 47874) - Resolves: #1127612 - Filter AND with only one clause should be optimized (DS 47872) - Resolves: #1014111 - repl-monitor fails to convert "*" to default values (DS 47862)- Release 1.2.11.15-39 - Resolves: #1123863 EMBARGOED CVE-2014-3562 - unauthenticated information disclosure (Bug 1123477) - Resolves: #1123863 High contention on computed attribute lock (DS 616) - Resolves: #1062763 single valued attribute replicated ADD does not work (DS 47692) - Resolves: #1121596 Deleting attribute present in nsslapd-allowed-to-delete-attrs returns Operations error (DS 443) - Resolves: #1014111 Repl-monitor.pl ignores the provided connection parameters (DS 47862) - Resolves: #1115281 New defects found in 389-ds-base-1.2.11 (DS 47863) - Resolves: #1112729 paged results control is not working in some cases when we have a subsuffix. (DS 47824)- Release 1.2.11.15-38 - Resolves: bug 1080185 - revert - Creating a glue fails if one above level is a conflict or missing (DS 47750;Patch233)- Release 1.2.11.15-37 - Resolves: bug 1113606 - server restart wipes out index config if there is a default index (DS 47831) - Resolves: bug 1112702 - Broken dereference control with the FreeIPA 4.0 ACIs (DS 47821) - Resolves: bug 1080185 - Creating a glue fails if one above level is a conflict or missing (DS 47750)- Release 1.2.11.15-36 - Resolves: bug 1088171 - revert - 7-bit check plugin does not work for userpassword attribute (DS 47423)- Release 1.2.11.15-35 - Resolves: Bug 1111404 - 1.2.11 branch: coverity errors (DS 47820)- Release 1.2.11.15-34 - Resolves: bug 1109952 - memory leak in ldapsearch filter objectclass=* (DS 47780) - Resolves: bug 1109443 - Server hangs in cos_cache when adding a user entry (DS 47649) - Resolves: bug 1109333 - 389 Server crashes if uniqueMember is invalid syntax and memberOf plugin is enabled. (DS 47793) - Resolves: bug 1109335 - Parent numsubordinate count can be incorrectly updated if an error occurs (DS 47782) - Resolves: bug 1109337 - Nested tombstones become orphaned after purge (DS 47767) - Resolves: bug 1109352 - Tombstone purging can crash the server if the backend is stopped/disabled (DS 47766) - Resolves: bug 1109356 - Coverity issue in 1.3.3 (DS 47740) - Resolves: bug 1109358 - A tombstone entry is deleted by ldapdelete (DS 47731) - Resolves: bug 1109361 - rsa_null_sha should not be enabled by default (DS 47637) - Resolves: bug 1109363 - valgrind - value mem leaks, uninit mem usage (DS 47455) - Resolves: bug 1109373 - provide default syntax plugin (DS 47369) - Resolves: bug 1109377 - Environment variables are not passed when DS is started via service (DS 47693) - Resolves: bug 1109379 - changelog iteration should ignore cleaned rids when getting the minCSN (DS 47627) - Resolves: bug 1109381 - winsync doesn't sync DN valued attributes if DS DN value doesn't exist (DS 415) - Resolves: bug 1109384 - logconv.pl man page missing -m,-M,-B,-D (DS 47447) - Resolves: bug 1109387 - IDL-style can become mismatched during partial restoration - Resolves: bug 1028344 - Slow ldapmodify operation time for large quantities of multi-valued attribute values (DS 346) - Resolves: bug 985270 - [RFE] Add Password adminstrators to RHDS 9 as in http://directory.fedoraproject.org/wiki/Password_Administrator (DS 417, 458, 47522) - Resolves: bug 1070720 - rsearch filter error on any search filter (DS 47722) - Resolves: bug 1095847 - CoS cache re-scanning severely impacts performance (DS 47762) - Resolves: bug 1103287 - logconv.pl memory continually grows (DS 47446) - Resolves: bug 1106917 - managed entry plugin fails to update member pointer on modrdn operation (DS 47813) - Resolves: bug 1048987 - memory leak in ldapsearch filter objectclass=* (DS 47780) - Resolves: bug 1077895 - Memory leak with proxy auth control (DS 47743) - Resolves: bug 1079098 - Simultaneous adding a user and binding as the user could fail in the password policy check (DS 47748) - Resolves: bug 1080185 - Creating a glue fails if one above level is a conflict or missing (DS 47750) - Resolves: bug 1083272 - RHEL6.6 389-ds-base slapd segfault during ipa-replica-instal (DS 47448) - Resolves: bug 1086454 - ACI warnings in error log (DS 47670) - Resolves: bug 1086889 - empty modify returns LDAP_INVALID_DN_SYNTAX (DS 47772) - Resolves: bug 1086901 - mem leak in do_bind when there is an error (DS 47773) - Resolves: bug 1086903 - mem leak in do_search - rawbase not freed upon certain error (DS 47774) - Resolves: bug 1086907 - Performing deletes during tombstone purging results in operation errors (DS 47771) - Resolves: bug 1088171 - 7-bit check plugin does not work for userpassword attribute (DS 47423) - Resolves: bug 1090176 - #481 breaks possibility to reassemble memberuid list (DS 47770) - Resolves: bug 1092097 - A replicated MOD fails (Unwilling to perform) if it targets a tombstone (DS 47787) - Resolves: bug 1094277 - IPA Server Slow Performance, high CPU usage of ns-slapd (DS 47426) - Resolves: bug 1097002 - Problem with deletion while replicated (DS 47764) - Resolves: bug 1098653 - db2bak.pl error with changelogdb (DS 47804) - Resolves: bug 1103337 - find a way to remove replication plugin errors messages "changelog iteration code returned a dummy entry with csn %s, skipping ..." (DS 47809) - Resolves: bug 1001037 - WinSync removes User must change password flag on the Window side (DS 47492) - Resolves: bug 1004876 - idlistscanlimit per index/type/value (DS 47504) - Resolves: bug 1008021 - Self entry access ACI not working properly (DS 47331) - Resolves: bug 1009122 - replication stops with excessive clock skew (DS 47516) - Resolves: bug 1012699 - DSUtil.pm needs to check $res variable (DS 422) - Resolves: bug 1013133 - logconv.pl - RFE - track bind info (DS 356) - Resolves: bug 1013134 - Improve memory management in logconv.pl (DS 419) - Resolves: bug 1013135 - logconv.pl tool removes the access logs contents if "-M" is is not correctly used (DS 471) - Resolves: bug 1013138 - logconv.pl should handle microsecond timing (DS 539) - Resolves: bug 1013140 - logconv.pl -m not working for all stats (DS 47336) - Resolves: bug 1013141 - logconv.pl missing stats for starttls, ldapi, and autobind (DS 611) - Resolves: bug 1013142 - logconv.pl -m time calculation is wrong (DS 47341) - Resolves: bug 1013152 - add etimes to per second/minute stats (DS 47348) - Resolves: bug 1013160 - Indexed search are logged with 'notes=U' in the access logs (DS 47354) - Resolves: bug 1013161 - improve logconv.pl performance with large access logs (DS 47387) - Resolves: bug 1013162 - logconv warning - Use of comma-less variable list is deprecated (DS 47461) - Resolves: bug 1013163 - logconv.pl uses /var/tmp for BDB temp files (DS 47501) - Resolves: bug 1013164 - Fix various issues with logconv.pl (DS 47520) - Resolves: bug 1013165 - logconv: some stats do not work across server restarts (DS 47533) - Resolves: bug 1014111 - [RFE - RHDS9] CLI report to monitor replication (DS 47538) - Resolves: bug 1014351 - Coverity fixes - 12023, 12024, and 12025 (DS 47540) - Resolves: bug 1016717 - memory leak in range searches (DS 47517) - Resolves: bug 1022500 - Winsync plugin segfault during incremental backoff (DS 47581) - Resolves: bug 1024337 - Overflow in nsslapd-disk-monitoring-threshold on i686 (DS 47638) - Resolves: bug 1026956 - 1.2.11.29 crash when removing entries from cache (DS 47577) - Resolves: bug 1027496 - Replication Failures related to skipped entries due to cleaned rids (DS 47585) - Resolves: bug 1031222 - hard coded limit of 64 masters in agreement and changelog code (DS 47587) - Resolves: bug 1032315 - attrcrypt fails to find unlocked key (DS 47596) - Resolves: bug 1032317 - entries with empty objectclass attribute value can be hidden (DS 47591) - Resolves: bug 1034265 - 7-bit check plugin not checking MODRDN operation (DS 47641) - Resolves: bug 1044106 - logconv: failed logins: Use of uninitialized value in numeric comparison at logconv.pl line 949 (DS 47550) - Resolves: bug 1044108 - logconv: -V does not produce unindexed search report (DS 47551) - Resolves: bug 1049029 - Windows Sync group issues (DS 47642) - Resolves: bug 1053232 - modify-delete userpassword (DS 47678) - Resolves: bug 1053766 - ldapdelete returns non-leaf entry error while trying to remove a leaf entry (DS 47736) - Resolves: bug 1057805 - Size returned by slapi_entry_size is not accurate (DS 47677) - Resolves: bug 1060385 - Logconv.pl with an empty access log gives lots of errors (DS 47713) - Resolves: bug 1062763 - single valued attribute replicated ADD does not work (DS 47692) - Resolves: bug 1070583 - rhds91 389-ds-base-1.2.11.15-31.el6_5.x86_64 crash in db4 _ (DS 47729) - Resolves: bug 1073530 - Enrolling a host into IdM/IPA always takes two attempts (IPA 3377, DS 47704) - Resolves: bug 1074076 - e_uniqueid fails to set if an entry is a conflict entry (DS 47735) - Resolves: bug 1074305 - Under heavy stress, failure of turning a tombstone into glue (DS 47737)- Release 1.2.11.15-33 - Resolves: bug 1044218 - fix memleak caused by 47347 (DS 47623) - Resolves: bug 1071707 - rhds91 389-ds-base-1.2.11.15-31.el6_5 crash on paged searches followed by simple srch (DS 47707)- Release 1.2.11.15-32 - Resolves: bug 1074848 - EMBARGOED CVE-2014-0132 389-ds-base: 389-ds: flaw in parsing authzid can lead to privilege escalation [rhel-6.6] (Ticket 47739 - directory server is insecurely misinterpreting authzid on a SASL/GSSAPI bind)- Resolves: bug 1033405 - regression in ipa due to patch for ns-slapd stuck in DS_Sleep- Resolves: bug 1024977 CVE-2013-4485 389-ds-base: DoS due to improper handling of ger attr searches- Bump version to 1.2.11.15-29 - Resolves: bug 1008013: DS91: ns-slapd stuck in DS_Sleep- Bump version to 1.2.11.15-28 - Resolves: Bug 1016038 - Users from AD sub OU does not sync to IPA (ticket 47488)- Bump version to 1.2.11.15-27 - Resolves: Bug 1013735 - CLEANALLRUV doesnt run across all replicas (ticket 47509)- Bump version to 1.2.11.15-26 - Resolves: Bug 947583 - ldapdelete returns non-leaf entry error while trying to remove a leaf entry (ticket 47534)- Bump version to 1.2.11.15-25 - Resolves: Bug 1006846 - 2Master replication with SASL/GSSAPI auth broken (ticket 47523) - Resolves: Bug 1007452 - Under specific values of nsDS5ReplicaName, replication may get broken or updates (ticket 47489)- Bump version to 1.2.11.15-24 - Resolves: Bug 982325 - Overflow in nsslapd-disk-monitoring-threshold; Changed CONFIG_INT to CONFIG_LONG for nsslapd-disk-monioring-threshold (ticket 47427)- Bump version to 1.2.11.15-23 - Resolves: Bug 1000632 - CVE-2013-4283 389-ds-base: ns-slapd crash due to bogus DN - Resolves: Bug 1002260 - server fails to start after upgrade(schema error) (ticket 47318)- Bump version to 1.2.11.15-22 - Resolves: Bug 923909 - 389-ds-base cannot handle Kerberos tickets with PAC (ticket 632) - Resolves: Bug 928159 - CVE-2013-1897 389-ds: unintended information exposure when rootdse is enabled - Resolves: Bug 947583 - ldapdelete returns non-leaf entry error while trying to remove a leaf entry (ticket 47367) - Resolves: Bug 951616 - error syncing group if group member user is not synced (ticket 47327) - Resolves: Bug 953052 - DESC should not be empty as per RFC 2252 (ldapv3) (ticket 47376) - Resolves: Bug 957305 - DS instance crashes under a high load (ticket 47349) - Resolves: Bug 957864 - Simple paged results should support async search (ticket 47347) - Resolves: Bug 958522 - loading an entry from the database should use str2entry_fast (ticket 531) - Resolves: Bug 962885 - RHEL 6.2 to 6.4 ipa upgrade selinuxusermap data not replicating (ticket 47362) - Resolves: Bug 963234 - When integrating with Red Hat IDM/DS, an LDAP protocol error is thrown (ticket 47361) - Resolves: Bug 966781 - new ldap connections can block ldaps and ldapi connections (ticket 47359) - Resolves: Bug 968383 - Wrong error code return when using EXTERNAL SASL and untrusted certificate (ticket 580) - Resolves: Bug 968503 - flush_ber error sending back start_tls response will deadlock (ticket 47375) - Resolves: Bug 969210 - make listen backlog size configurable (ticket 47377) - Resolves: Bug 970995 - RHDS not shutting down when disk monitoring threshold is reached to half. (ticket 47385) - Resolves: Bug 971033 - connections attribute in cn=snmp,cn=monitor is counted twice (ticket 47383) - Resolves: Bug 971966 - 389 DS Replication failures due to Fractional updates (ticket 47386) - Resolves: Bug 972976 - ldbm errors when adding/modifying/deleting entries (ticket 47392) - Resolves: Bug 973583 - ns-slapd instance crashed with signal 11 SIGSEGV (ticket 47391) - Resolves: Bug 974361 - Account policy plugin fails to lock user when policy is created for individual users to lock based to createtimestamp. (ticket 47397) - Resolves: Bug 974719 - rhds90 crash on tombstone modrdn (ticket 47396) - Resolves: Bug 974875 - Attributes fail to be encrypted/decrypted properly when replicated (ticket 47393) - Resolves: Bug 975243 - DS9 still observes altStateAttrName as createTimestamp when attribute is removed from the account policy (ticket 47395) - Resolves: Bug 975250 - Changelog deadlock replication failures with DNA (ticket 47410) - Resolves: Bug 976546 - Attribute names are incorrect in search results (ticket 47402) - Resolves: Bug 979169 - allow setting db deadlock rejection policy (ticket 47409) - Resolves: Bug 979435 - Replication problem with add-delete requests on single-value (ticket 47424) - Resolves: Bug 979515 - CVE-2013-2219 Directory Server: ACLs inoperative in some search scenarios - Resolves: Bug 982325 - Overflow in nsslapd-disk-monitoring-threshold (ticket 47427) - Resolves: Bug 983091 - Memory leak in 389-ds-base 1.2.11.15 (ticket 47428) - Resolves: Bug 986131 - Very large entryusn values after enabling the USN plugin and the lastusn value is negative. (ticket 47435) - Resolves: Bug 986424 - fix recent compiler warnings (ticket 47378) - Resolves: Bug 986857 - Disk Monitoring not checking filesystem with logs (ticket 47441) - Resolves: Bug 987703 - memleaks in set_krb5_creds (ticket 47421) - Resolves: Bug 988562 - deadlock after adding and deleting entries (ticket 47449) - Resolves: Bug 989692 - Sorting with attributes in ldapsearch gives incorrect result (ticket 543)This patch is found broken and duplicated. Getting rid of it in 1.2.11.15-22. commit 2b3a50d55707ffa281c922ec188850576b757934 Author: Mark Reynolds Date: Tue Jul 23 10:28:45 2013 -0400 Add patch 0049 for Tickets-47427-47441- Resolves: Bug 984970 - Overflow in nsslapd-disk-monitoring-threshold(part 5 limits not displayed correctly). (ticket 47427)- Resolves: Bug 984970 - Overflow in nsslapd-disk-monitoring-threshold(part 4). (ticket 47427)- Bump version to 1.2.11.15-19 - Resolves: Bug 984970 - Overflow in nsslapd-disk-monitoring-threshold(part 3). (ticket 47427)- Bump version to 1.2.11.15-19 - Resolves: Bug 982325 - Overflow in nsslapd-disk-monitoring-threshold(part 2). (ticket 47427) - Resolves: Bug 986857 - Disk Monitoring not checking filesystem with logs (ticket 47741)- Bump version to 1.2.11.15-18 - Resolves: Bug 970995 - DS not shutting down when disk monitoring threshold is reached to half. (Ticket 47385) - Resolves: Bug 982325 - Overflow in nsslapd-disk-monitoring-threshold. (ticket 47427)- Resolves: Bug 921937 - ns-slapd crashes sporadically with segmentation fault in libslapd.so (ticket 627) - Resolves: Bug 923503 - cleanAllRUV task fails to cleanup config upon completion (ticket 623)bump version to 1.2.11.15-13 - Resolves: Bug 923503 - cleanAllRUV task fails to cleanup config upon completion (ticket 623) - Resolves: Bug 923502 - Coverity issue 13091 - Resolves: Bug 923407 - Deadlock in DNA plug-in (ticket 634) - Resolves: Bug 921937 - ns-slapd crashes sporadically with segmentation fault in libslapd.so (ticket 627) - Resolves: Bug 923504 - crash in aci evaluation (ticket 628) - Resolves: Bug 928159 - unintended information exposure when anonymous access is set to rootdse (ticket 47308)- Resolves: Bug 910581 - dse.ldif is 0 length after server kill or machine kill - Resolves: Bug 908861 - Error messages encountered when using POSIX winsync - Resolves: Bug 907985 - DNA: use event queue for config update only at the start up - Resolves: Bug 830334 - Invalid chaining config triggers a disk full error and shutdown - Resolves: Bug 906583 - DS returns error 20 when replacing values of a multi-valued attribute (only when replication is enabled) - Resolves: Bug 906005 - Valgrind reports memleak in modify_update_last_modified_attr - Resolves: Bug 905825 - PamConfig schema not updated during upgrade - Resolves: Bug 913215 - ns-slapd segfaults while trying to delete a tombstone entry - Resolves: Bug 913229 - unauthenticated denial of service vulnerability in handling of LDAPv3 control data- Resolves: Bug 896256 - updating package touches configuration files- Resolves: Bug 889083 - For modifiersName/internalModifiersName feature, internalModifiersname is not working for DNA plugin- Resolves: Bug 891930 - DNA plugin no longer reports additional info when range is depleted- Resolves: Bug 887855 - RootDN Access Control plugin is missing after upgrade from RHEL63 to RHEL64- Resolves: Bug 830355 - [RFE] improve cleanruv functionality - Resolves: Bug 876650 - Coverity revealed defects - Ticket #20 - [RFE] Allow automember to work on entries that have already been added (Bug 768084) - Resolves: Bug 834074 - [RFE] Disable replication agreements - Resolves: Bug 878111 - ns-slapd segfaults if it cannot rename the logs- Resolves: Bug 880305 - spec file missing dependencies for x86_64 6ComputeNode - use perl-Socket6 on RHEL6- Resolves: Bug 880305 - spec file missing dependencies for x86_64 6ComputeNode- Resolves: Bug 868841 - Newly created users with organizationalPerson objectClass fails to sync from AD to DS with missing attribute error - Resolves: Bug 868853 - Winsync: DS error logs report wrong version of Windows AD when winsync is configured. - Resolves: Bug 875862 - crash in DNA if no dnamagicregen is specified - Resolves: Bug 876694 - RedHat Directory Server crashes (segfaults) when moving ldap entry - Resolves: Bug 876727 - Search with a complex filter including range search is slow - Ticket #495 - internalModifiersname not updated by DNA plugin (Bug 834053)- Resolves: Bug 870158 - slapd entered to infinite loop during new index addition - Resolves: Bug 870162 - Cannot abandon simple paged result search - c970af0 Coverity defects - 1ac087a Fixing compiler warnings in the posix-winsync plugin - 2f960e4 Coverity defects - Ticket #491 - multimaster_extop_cleanruv returns wrong error codes- Resolves: Bug 834063 [RFE] enable attribute that tracks when a password was last set on an entry in the LDAP store; Ticket #478 passwordTrackUpdateTime stops working with subtree password policies - Resolves: Bug 847868 [RFE] support posix schema for user and group sync; Ticket #481 expand nested posix groups - Resolves: Bug 860772 Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in acl - Resolves: Bug 863576 Dirsrv deadlock locking up IPA - Resolves: Bug 864594 anonymous limits are being applied to directory manager- Resolves: Bug 856657 dirsrv init script returns 0 even when few or all instances fail to start - Resolves: Bug 858580 389 prevents from adding a posixaccount with userpassword after schema reload- Resolves: Bug 852202 Ipa master system initiated more than a dozen simultaneous replication sessions, shut itself down and wiped out its db - Resolves: Bug 855438 CLEANALLRUV task gets stuck on winsync replication agreement- Resolves: Bug 847868 [RFE] support posix schema for user and group sync - fix upgrade issue with plugin config schema - posix winsync has default plugin precedence of 25- Resolves: Bug 800051 Rebase 389-ds-base to 1.2.11 - Resolves: Bug 742054 SASL/PLAIN binds do not work - Resolves: Bug 742381 MOD operations with chained delete/add get back error 53 on backend config - Resolves: Bug 746642 [RFE] define pam_passthru service per subtree - Resolves: Bug 757836 logconv.pl restarts count on conn=0 instead of conn=1 - Resolves: Bug 768084 [RFE] Allow automember to work on entries that have already been added - Resolves: Bug 782975 krbExtraData is being null modified and replicated on each ssh login - Resolves: Bug 803873 Sync with group attribute containing () fails - Resolves: Bug 818762 winsync should not delete entry that appears to be out of scope - Resolves: Bug 830001 unhashed#user#password visible after changing password [rhel-6.4] - Resolves: Bug 830256 Audit log - clear text password in user changes - Resolves: Bug 830331 ns-slapd exits/crashes if /var fills up - Resolves: Bug 830334 Invalid chaining config triggers a disk full error and shutdown - Resolves: Bug 830335 restore of replica ldif file on second master after deleting two records shows only 1 deletion - Resolves: Bug 830336 db deadlock return should not log error - Resolves: Bug 830337 usn + mmr = deletions are not replicated - Resolves: Bug 830338 Change DS to purge ticket from krb cache in case of authentication error - Resolves: Bug 830340 Make the CLEANALLRUV task one step - Resolves: Bug 830343 managed entry sometimes doesn't delete the managed entry - Resolves: Bug 830344 [RFE] Improve replication agreement status messages - Resolves: Bug 830346 ADD operations not in audit log - Resolves: Bug 830347 389 DS does not support multiple paging controls on a single connection - Resolves: Bug 830348 Slow shutdown when you have 100+ replication agreements - Resolves: Bug 830349 cannot use & in a sasl map search filter - Resolves: Bug 830353 valgrind reported memleaks and mem errors - Resolves: Bug 830355 [RFE] improve cleanruv functionality - Resolves: Bug 830356 coverity 12625-12629 - leaks, dead code, unchecked return - Resolves: Bug 832560 [abrt] 389-ds-base-1.2.10.6-1.fc16: slapi_attr_value_cmp: Process /usr/sbin/ns-slapd was killed by signal 11 (SIGSEGV) - Resolves: Bug 833202 transaction retries need to be cache aware - Resolves: Bug 833218 ldapmodify returns Operations error - Resolves: Bug 833222 memberOf attribute and plugin behaviour between sub-suffixes - Resolves: Bug 834046 [RFE] Add nsTLS1 attribute to schema and objectclass nsEncryptionConfig - Resolves: Bug 834047 Fine Grained Password policy: if passwordHistory is on, deleting the password fails. - Resolves: Bug 834049 [RFE] Add schema for DNA plugin - Resolves: Bug 834052 [RFE] limiting Directory Manager (nsslapd-rootdn) bind access by source host (e.g. 127.0.0.1) - Resolves: Bug 834053 [RFE] Plugins - ability to control behavior of modifyTimestamp/modifiersName - Resolves: Bug 834054 Should only update modifyTimestamp/modifiersName on MODIFY ops - Resolves: Bug 834056 Automembership plugin fails in a MMR setup, if data and config area mixed in the plugin configuration - Resolves: Bug 834057 ldap-agent crashes on start with signal SIGSEGV - Resolves: Bug 834058 [RFE] logconv.pl : use of getopts to parse commandline options - Resolves: Bug 834060 passwordMaxFailure should lockout password one sooner - and should be configurable to avoid regressions - Resolves: Bug 834061 [RFE] RHDS: Implement SO_KEEPALIVE in network calls. - Resolves: Bug 834063 [RFE] enable attribute that tracks when a password was last set on an entry in the LDAP store - Resolves: Bug 834064 dnaNextValue gets incremented even if the user addition fails - Resolves: Bug 834065 Adding Replication agreement should complain if required nsds5ReplicaCredentials not supplied - Resolves: Bug 834074 [RFE] Disable replication agreements - Resolves: Bug 834075 logconv.pl reporting unindexed search with different search base than shown in access logs - Resolves: Bug 835238 Account Usability Control Not Working - Resolves: Bug 836386 slapi_ldap_bind() doesn't check bind results - Resolves: Bug 838706 referint modrdn not working if case is different - Resolves: Bug 840153 Impossible to rename entry (modrdn) with Attribute Uniqueness plugin enabled - Resolves: Bug 841600 Referential integrity plug-in does not work when update interval is not zero - Resolves: Bug 842437 dna memleak reported by valgrind - Resolves: Bug 842438 Report during startup if nsslapd-cachememsize is too small - Resolves: Bug 842440 memberof performance enhancement - Resolves: Bug 842441 "Server is unwilling to perform" when running ldapmodify on nsds5ReplicaStripAttrs - Resolves: Bug 847868 [RFE] support posix schema for user and group sync - Resolves: Bug 850683 nsds5ReplicaEnabled can be set with any invalid values. - Resolves: Bug 852087 [RFE] add attribute nsslapd-readonly so we can reference it in acis - Resolves: Bug 852088 server to server ssl client auth broken with latest openldap - Resolves: Bug 852839 variable dn should not be used in ldbm_back_delete- Resolves: Bug 835238 - Account Usability Control Not Working- Resolves: Bug 834096 - slapi_attr_value_cmp: Process /usr/sbin/ns-slapd was killed by signal 11 (SIGSEGV)- Resolves: Bug 830001 - unhashed#user#password visible after changing password -- patch 0020 disallows users' direct modify on unhashed#user#password- Resolves: Bug 830001 - unhashed#user#password visible after changing password -- patch 0019 fixes deref issue.- Resolves: Bug 830001 - unhashed#user#password visible after changing password - Resolves: Bug 830256 - Audit log - clear text password in user changes- Resolves: Bug 824014 - DS Shuts down intermittently- Resolves: Bug 819643 - Database RUV could mismatch the one in changelog under the stress -- patch 0015 fixes a small memleak in previous patch- Resolves: Bug 822700 - Bad DNs in ACIs can segfault ns-slapd- Resolves: Bug 819643 - Database RUV could mismatch the one in changelog under the stress - Resolves: Bug 821542 - letters in object's cn get converted to lowercase when renaming object- Resolves: Bug 819643 - Database RUV could mismatch the one in changelog under the stress - 1.2.10.2-10 was built from the private branch- Resolves: Bug 819643 - Database RUV could mismatch the one in changelog under the stress- Resolves: Bug 815991 - crash in ldap_initialize with multiple threads - previous fix was still crashing in ldclt- Resolves: Bug 815991 - crash in ldap_initialize with multiple threads- Resolves: Bug 813964 - IPA dirsvr seg-fault during system longevity test- Resolves: Bug 811291 - [abrt] 389-ds-base-1.2.10.4-2.fc16: index_range_read_ext: Process /usr/sbin/ns-slapd was killed by signal 11 (SIGSEGV) - typo in previous patch- Resolves: Bug 811291 - [abrt] 389-ds-base-1.2.10.4-2.fc16: index_range_read_ext: Process /usr/sbin/ns-slapd was killed by signal 11 (SIGSEGV)- Resolves: Bug 803930 - ipa not starting after upgade because of missing data - get rid of posttrans - move update code to post- Resolves: Bug 800215 - Certain CMP operations hang or cause ns-slapd to crash- Resolves: Bug 800215 - Certain CMP operations hang or cause ns-slapd to crash - Resolves: Bug 800217 - fix valgrind reported issues- Resolves: Bug 766989 - Rebase 389-ds-base to 1.2.10 - Resolves: Bug 796770 - crash when replicating orphaned tombstone entry- Resolves: Bug 766989 - Rebase 389-ds-base to 1.2.10 - Resolves: Bug 790491 - 389 DS Segfaults during replica install in FreeIPA- Resolves: Bug 766989 - Rebase 389-ds-base to 1.2.10- Resolves: Bug 766989 - Rebase 389-ds-base to 1.2.10- Bug 759301 - Incorrect entryUSN index under high load in replicated environment - Bug 743979 - Add slapi_rwlock API and use POSIX rwlocks - WARNING - patches 0030 and 0031 remove and add back the file configure - this is necessary because the merge commit to "rebase" RHEL-6 to 1.2.9.6 - seriously messed up configure - so in order to add the patch for 743979 - which also touched configure, the file had to be removed and added back - also note that the commit for the RHEL-6 branch to remove configure does - not work - the way patch works, it has to match every line exactly in - order to remove the file, and because the merge commit messed things - up, it doesn't work - So, DO NOT TOUCH 0030-remove-configure-to-get-rid-of-merge-conflict.patch - BECAUSE IT IS HAND CRAFTED and not generated by git format-patch - if you must regenerate this file, - git format-patch ...args... to generate a file in patch format - remove all of the patch matches (all the lines beginning with -) - get the 1.2.9.6 version of configure from the source tarball - wc -l configure to get the number of lines in the file - sed 's/^/-/' configure >> thefile.patch - edit thefile.patch to have the right number of lines and have the - patch commands in the correct place - PROFIT!!!- Bug 752577 - crash when simple paged fails to send entry to client - Bug 757897 - rhds81 modrn operation and 100% cpu use in replication - Bug 757898 - Fix Coverity (11104) Resource leak: ids_sasl_user_to_entry (slapd/saslbind.c)- Bug 752155 - Use restorecon after creating init script lock file- Bug 742381 - part3 - MOD operations with chained delete/add get - back error 53 on backend config- add the actual patch commands for the new patch files- Bug 742661 - allow resource limits to be set for paged searches - independently of limits for other searches/operations - Bug 742381 - part2 - MOD operations with chained delete/add get - back error 53 on backend config - Bug 742382 - allow nsslapd-idlistscanlimit to be set dynamically and per-user - Bug 742381 - MOD operations with chained delete/add get back - error 53 on backend config - Bug 739959 - Allow separate fractional attrs for incremental and total protocols- Bug 739196 - Consolidate DS and DS replication bits in one package in RHEL 6.2 - There were two patches in ds-replication for RHEL 6.2 that were added post - rebase - the two patches for 722292 - these are now in the 389-ds-base package - and have been cherry-picked to the RHEL-6 internal branch- Bug 736137 - renaming a managed entry does not update mepmanagedby- Bug 735217 - simple paged search + ip/dns based ACI hangs server- Bug 733443 - large targetattr list with syntax errors cause server to crash or hang - Bug 734267 - upgradednformat failed to add RDN value - subtree and user account lockout policies implemented? - Bug 733434 - passwordisglobalpolicy attribute brakes TLS chaining - Bug 733442 - Ignore an error 32 in this case since we're adding a new AutoMember definition - Bug 733440 - RFE: add option to allow server to start with an expired certificate- not released internally- Bug 728510 - Run dirsync after sending updates to AD - Bug 729717 - Fatal error messages when syncing deletes from AD - Bug 729369 - upgrade DB to upgrade from entrydn to entryrdn format is not working. - Bug 729378 - delete user subtree container in AD + modify password in DS == DS crash - Bug 723937 - Slapi_Counter API broken on 32-bit F15 - fixed again - separate tests for atomic ops and atomic bool cas- Bug 727511 - ldclt SSL search requests are failing with "illegal error number -1" error - Fix another coverity NULL deref in previous patch- Bug 727511 - ldclt SSL search requests are failing with "illegal error number -1" error - Fix coverity NULL deref in previous patch- Bug 727511 - ldclt SSL search requests are failing with "illegal error number -1" error - previous patch broke build on el5- Bug 727511 - ldclt SSL search requests are failing with "illegal error number -1" error- Bug 723937 - Slapi_Counter API broken on 32-bit F15 - fixed to use configure test for GCC provided 64-bit atomic functions- Bug 663752 - Cert renewal for attrcrypt and encchangelog - this was "re-fixed" due to a deadlock condition with cl2ldif task cancel - Bug 725953 - Winsync: DS entries fail to sync to AD, if the User's CN entry contains a comma - Bug 725743 - Make memberOf use PRMonitor for it's operation lock - Bug 725542 - Instance upgrade fails when upgrading 389-ds-base package - Bug 723937 - Slapi_Counter API broken on 32-bit F15 - look for separate openldap ldif library - Split automember regex rules into separate entries - writing Inf file shows SchemaFile = ARRAY(0xhexnum) - add support for ldif files with changetype: add - Bug 703703 - setup-ds-admin.pl asks for legal agreement to a non-existant file - Bug 713209 - Update sudo schema - Bug 719069 - clean up compiler warnings in 389-ds-base 1.2.9- Bug 726136 - memberOf plug-in can deadlock when used with other plug-ins - Bug 725912 - Instance upgrade fails when upgrading 389-ds-base package- Bug 720452 - RDN with % can cause crashes or missing entries - Bug 720051 - RSA Authentication Server timeouts when using simple paged results on RHDS 8.2. - Bug 720458 - Directory Server 8.2 logs "Netscape Portable Runtime error -5961 (TCP connection reset by peer.)" to error log whereas Directory Server 8.1 did not - Bug 720459 - Update sudo schema- Bug 718351 - Intensive updates on masters could break the consumer's cache - Bug 714298 - unresponsive LDAP service when deleting vlv on replica- Bug 714298 - unresponsive LDAP service when deleting vlv on replica - memleak in previous patch- Bug 714298 - unresponsive LDAP service when deleting vlv on replica- Bug 706209 - LEGAL: RHEL6.1 License issue for 389-ds-base package - Bug 713317 - Cert renewal for attrcrypt and encchangelog - Bug 711266 - DS can not restart after create a new objectClass has entryusn attribute - Bug 712167 - ns-slapd segfaults using suffix referrals - Bug 709868 - only allow FIPS approved cipher suites in FIPS mode - Bug 711516 - Support upgrade from Red Hat Directory Server - Bug 711241 - memory leak found by reliab12 - Bug 711265 - Cannot disable SSLv3 and use TLS only - Bug 711513 - slapd stops responding- Resolves: Bug 705172 - 389-ds should only be supported and supplied in channels for i386 and x86_64 Server distributions - RHEL 6.1 0day Advisory - use ix86 macro instead of hardcoded i386 etc.- Resolves: Bug 705172 - 389-ds should only be supported and supplied in channels for i386 and x86_64 Server distributions - RHEL 6.1 0day Advisory - cannot use wildcard in ExclusiveArch- Resolves: Bug 705172 - 389-ds should only be supported and supplied in channels for i386 and x86_64 Server distributions - RHEL 6.1 0day Advisory- Resolves: Bug 697663 - memory leak: entryusn value is leaked when an entry is deleted - Resolves: Bug 699458 - windows sync can lose old multi-valued attribute values when a new value is added - Resolves: Bug 700215 - ldclt core dumps - Resolves: Bug 700665 - Linked attributes callbacks access free'd pointers after close - Resolves: Bug 701057 - userpasswd not replicating- 389-ds-base-1.2.8.2 - Bug 696407 - If an entry with a mixed case RDN is turned to be - a tombstone, it fails to assemble DN from entryrdn- 389-ds-base-1.2.8.1 - Bug 693962 - Full replica push loses some entries with multi-valued RDNs- added srcver because the version from the source is now - different than the source in the package- 389-ds-base-1.2.8.0 - Bug 693523 - Unable to change schema online - Bug 693520 - matching rules do not inherit from superior attribute type - Bug 693522 - nsMatchingRule does not work with multiple values - Bug 693519 - cannot use localized matching rules - Bug 693516 - Segfault on index update during full replication push on 1.2.7.5- Bug 668385 - DS pipe log script is executed as many times as the dirsrv service is restarted - bump version to 1.2.8.rc4 - bump ds console version to 1.2.5- Bug 690536 - Double free in dse_add()- 389-ds-base-1.2.8 release candidate 2 - git tag 389-ds-base-1.2.8.rc2 - Bug 689908 - (cov#10610) Fix Coverity NULL pointer dereferences - Bug 689895 - ns-newpwpolicy.pl needs to use the new DN format - Bug 689889 - RFE: allow fine grained password policy duration attributes - in days, hours, minutes, as well - Bug 688730 - Exported tombstone cannot be imported correctly - Bug 684349 - slapd crashing when traffic replayed - Bug 682897 - Allow maxlogsize to be set if logmaxdiskspace is -1 - introduce the concept of the srcprerel - with rc2, we did not rebase - the source, we are still using the .rc1 source tarball, so we use - srcprerel of .rc1 but package pre-release is .rc2- 389-ds-base-1.2.8 release candidate 1 - git tag 389-ds-base-1.2.8.rc1 - Resolves: Bug 680575 - Rebase 389-ds-base to pick the latest features and fixes - Resolves: Bug 681720 - setup-ds-admin.pl - improve hostname validation - Resolves: Bug 681611 - RFE: allow fine grained password policy duration attributes in - days, hours, minutes, as well - Resolves: Bug 681550 - setup-ds-admin.pl --debug does not log to file - Resolves: Bug 681379 - ns-slapd segfaults if I have more than 100 DBs - Resolves: Bug 680290 - setup-ds.pl should set SuiteSpotGroup automatically - Resolves: Bug 681351 - crash in ldap-agent when using OpenLDAP - Resolves: Bug 681332 - modifying attr value crashes the server, which is supposed to - be indexed as substring type, but has octetstring syntax - Resolves: Bug 680305 - ds-logpipe.py script is failing to validate "-s" and - "--serverpid" options with "-t".- Bug 676598 - 389-ds-base multilib: file conflicts - split off libs into a separate -libs package - remove old crufty fedora-ds stuff- do not create /var/run/dirsrv - setup will create it instead - remove the fedora-ds initscript upgrade stuff - we do not support that anymore - convert the remaining lua stuff to plain old shell script- 1.2.8.a3 release - git tag 389-ds-base-1.2.8.a3 - Bug 675320 - empty modify operation with repl on or lastmod off will crash server - Bug 675265 - preventryusn gets added to entries on a failed delete - Bug 677774 - added support for tmpfiles.d - Bug 666076 - dirsrv crash (1.2.7.5) with multiple simple paged result search es - Bug 672468 - Don't use empty path elements in LD_LIBRARY_PATH - Bug 671199 - Don't allow other to write to rundir - Bug 678646 - Ignore tombstone operations in managed entry plug-in - Bug 676053 - export task followed by import task causes cache assertion - Bug 677440 - clean up compiler warnings in 389-ds-base 1.2.8 - Bug 675113 - ns-slapd core dump in windows_tot_run if oneway sync is used - Bug 676689 - crash while adding a new user to be synced to windows - Bug 604881 - admin server log files have incorrect permissions/ownerships - Bug 668385 - DS pipe log script is executed as many times as the dirsrv serv ice is restarted - Bug 675853 - dirsrv crash segfault in need_new_pw()- 1.2.8.a2 release - git tag 389-ds-base-1.2.8.a2 - Errata Patches in patch files - Bug 666076 - dirsrv crash (1.2.7.5) with multiple simple paged result searches - Bug 671199 - Don't allow other to write to rundir - Bug 672468 - Don't use empty path elements in LD_LIBRARY_PATH - bugs fixed in released code - Bug 674430 - Improve error messages for attribute uniqueness - Bug 616213 - insufficient stack size for HP-UX on PA-RISC - Bug 615052 - intrinsics and 64-bit atomics code fails to compile - on PA-RISC - Bug 151705 - Need to update Console Cipher Preferences with new ciphers - Bug 668862 - init scripts return wrong error code - Bug 670616 - Allow SSF to be set for local (ldapi) connections - Bug 667935 - DS pipe log script's logregex.py plugin is not redirecting the - log output to the text file - Bug 668619 - slapd stops responding - Bug 624547 - attrcrypt should query the given slot/token for - supported ciphers - Bug 646381 - Faulty password for nsmultiplexorcredentials does not give any - error message in logs- 1.2.8-0.1.a1 release - many bug fixes- 1.2.7.5 release - git tag 389-ds-base-1.2.7.5 - Bug 663597 - Memory leaks in normalization code- 1.2.7.4 release - git tag 389-ds-base-1.2.7.4 - Bug 661792 - Valid managed entry config rejected- 1.2.7.3 release - git tag 389-ds-base-1.2.7.3 - Bug 658312 - Invalid free in Managed Entry plug-in - Bug 641944 - Don't normalize non-DN RDN values- 1.2.7.2 release - git tag 389-ds-base-1.2.7.2 - Bug 659456 - Incorrect usage of ber_printf() in winsync code - Bug 658309 - Process escaped characters in managed entry mappings - Bug 197886 - Initialize return value for UUID generation code - Bug 658312 - Allow mapped attribute types to be quoted - Bug 197886 - Avoid overflow of UUID generator- 1.2.7.1 release - git tag 389-ds-base-1.2.7.1 - Bug 656515 - Allow Name and Optional UID syntax for grouping attributes - Bug 656392 - Remove calls to ber_err_print() - Bug 625950 - hash nsslapd-rootpw changes in audit log- the 1.2.7 release - remove the ds-replication sub-package - there will be a new package for it - remove the selinux policy - dirsrv policy will be provided by the base OS- create ds-replication sub package- bumped the version to get it to build in brew- 1.2.7.a4 release - git tag 389-ds-base-1.2.7.a4 - Bug 647932 - multiple memberOf configuration adding memberOf where there is no member - Bug 491733 - dbtest crashes - Bug 606545 - core schema should include numSubordinates - Bug 638773 - permissions too loose on pid and lock files - Bug 189985 - Improve attribute uniqueness error message - Bug 619623 - attr-unique-plugin ignores requiredObjectClass on modrdn operat ions - Bug 619633 - Make attribute uniqueness obey requiredObjectClass- 1.2.7.a3 release - a2 was never released - this is a rebuild to pick up - Bug 644608 - RHDS 8.1->8.2 upgrade fails to properly migrate ACIs - Adding the ancestorid fix code to ##upgradednformat.pl.- 1.2.7.a3 release - a2 was never released - Bug 644608 - RHDS 8.1->8.2 upgrade fails to properly migrate ACIs - Bug 629681 - Retro Changelog trimming does not behave as expected - Bug 645061 - Upgrade: 06inetorgperson.ldif and 05rfc4524.ldif - are not upgraded in the server instance schema dir- 1.2.7.a2 release - a1 was the OpenLDAP testday release - git tag 389-ds-base-1.2.7.a2 - added openldap support on platforms that use openldap with moznss - for crypto (F-14 and later) - many bug fixes - Account Policy Plugin (keep track of last login, disable old accounts)- added openldap support- bump rel to rebuild again- bump rel to rebuild- This is the 1.2.6.1 release - git tag 389-ds-base-1.2.6.1 - Bug 634561 - Server crushes when using Windows Sync Agreement - Bug 635987 - Incorrect sub scope search result with ACL containing ldap:///self - Bug 612264 - ACI issue with (targetattr='userPassword') - Bug 606920 - anonymous resource limit- nstimelimit - also applied to "cn=directory manager" - Bug 631862 - crash - delete entries not in cache + referint- This is the final 1.2.6 release- 1.2.6 release candidate 7 - git tag 389-ds-base-1.2.6.rc7 - Bug 621928 - Unable to enable replica (rdn problem?) on 1.2.6 rc6- 1.2.6 release candidate 6 - git tag 389-ds-base-1.2.6.rc6 - Bug 617013 - repl-monitor.pl use cpu upto 90% - Bug 616618 - 389 v1.2.5 accepts 2 identical entries with different DN formats - Bug 547503 - replication broken again, with 389 MMR replication and TCP errors - Bug 613833 - Allow dirsrv_t to bind to rpc ports - Bug 612242 - membership change on DS does not show on AD - Bug 617629 - Missing aliases in new schema files - Bug 619595 - Upgrading sub suffix under non-normalized suffix disappears - Bug 616608 - SIGBUS in RDN index reads on platforms with strict alignments - Bug 617862 - Replication: Unable to delete tombstone errors - Bug 594745 - Get rid of dirsrv_lib_t label- make selinux-devel explicit Require the base package in order - to comply with Fedora Licensing Guidelines- 1.2.6 release candidate 3 - git tag 389-ds-base-1.2.6.rc3 - Bug 603942 - null deref in _ger_parse_control() for subjectdn - 609256 - Selinux: pwdhash fails if called via Admin Server CGI - 578296 - Attribute type entrydn needs to be added when subtree rename switch is on - 605827 - In-place upgrade: upgrade dn format should not run in setup-ds-admin.pl - Bug 604453 - SASL Stress and Server crash: Program quits with the assertion failure in PR_Poll - Bug 604453 - SASL Stress and Server crash: Program quits with the assertion failure in PR_Poll - 606920 - anonymous resource limit - nstimelimit - also applied to "cn=directory manager"- 1.2.6 release candidate 2- install replication session plugin header with devel package- 1.2.6 release candidate 1- Mass rebuild with perl-5.12.0- 1.2.6.a4 release- 1.2.6.a3 release - add managed entries plug-in - many bug fixes - moved selinux subpackage into base package- rebuild for icu 4.4- 1.2.6.a2 release - add support for matching rules - many bug fixes- 1.2.6.a1 release - Added SELinux policy and subpackages- 1.2.5 final release- 1.2.5.rc4 release- 1.2.5.rc3 release- 1.2.5.rc2 release- 1.2.5.rc1 release- 1.2.5.a1 release- 1.2.4 release - resolves bug 221905 - added support for Salted MD5 (SMD5) passwords - primarily for migration - resolves bug 529258 - Make upgrade remove obsolete schema from 99user.ldif- 1.2.3 release - added template-initconfig to %files - %posttrans now runs update to update the server instances - servers are shutdown, then restarted if running before install - scriptlets mostly use lua now to pass data among scriptlet phases- rebuild with new openssl to fix dependencies- backed out - added template-initconfig to %files - this change is for the next major release - bump version to 1.2.2 - fix reopened 509472 db2index all does not reindex all the db backends correctly - fix 518520 - pre hashed salted passwords do not work - see https://bugzilla.redhat.com/show_bug.cgi?id=518519 for the list of - bugs fixed in 1.2.2- rebuilt with new openssl- added template-initconfig to %files- added BuildRequires pcre- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- change name to 389 - change version to 1.2.1 - added initial support for numeric string syntax - added initial support for syntax validation - added initial support for paged results including sorting- final release 1.2.0 - Resolves: bug 475338 - LOG: the intenal type of maxlogsize, maxdiskspace and minfreespace should be 64-bit integer - Resolves: bug 496836 - SNMP ldap-agent on Solaris: Unable to open semaphore for server: 389 - CVS tag: FedoraDirSvr_1_2_0 FedoraDirSvr_1_2_0_20090428- re-enable ppc builds- exclude ppc builds - needs extensive porting work- new release 1.2.0 - Made devel package depend on mozldap-devel - only create run dir if it does not exist - CVS tag: FedoraDirSvr_1_2_0_RC1 FedoraDirSvr_1_2_0_RC1_20090330- added db4-utils to Requires for verify-db.pl- Enabled LDAPI autobind- updated update to patch bug463991-bdb47.patch- updated patch bug463991-bdb47.patch- added patch bug463991-bdb47.patch - make ds work with bdb 4.7- rolled back bogus winsync memory leak fix- winsync api improvements for modify operations- This is the 1.1.2 release. The bugs fixed can be found here - https://bugzilla.redhat.com/showdependencytree.cgi?id=452721 - Added winsync-plugin.h to the devel subpackage- bump rev to rebuild and pick up new version of ICU- 1.1.1 release candidate - several bug fixes- fix bugzilla 439829 - patch to allow working with NSS 3.11.99 and later- add patch to allow server to work with NSS 3.11.99 and later - do NSS_Init after fork but before detaching from console- add Requires for versioned perl (libperl.so)- previous fix for 434403 used the wrong patch - this is the right one- Resolves bug 434403 - GCC 4.3 build fails - Rolled new source tarball which includes Nathan's fix for the struct ucred - NOTE: Change version back to 1.1.1 for next release - this release was pulled from CVS tag FedoraDirSvr110_gcc43- Autorebuild for GCC 4.3- This is the GA release of Fedora DS 1.1 - Removed version numbers for BuildRequires and Requires - Added full URL to source tarball- Rebuild for deps- This is the beta2 release - new file added to package - /etc/sysconfig/dirsrv - for setting - daemon environment as is usual in other linux daemons- fix build breakage due to open() - mock could not find BuildRequires: db4-devel >= 4.2.52 - mock works if >= version is removed - it correctly finds db4.6- Change pathnames to use the pkgname macro which is dirsrv - get rid of cvsdate in source name- Added Requires for perldap, cyrus sasl plugins - Removed template-migrate* files - Added perl module directory - Removed install.inf - setup-ds.pl can now easily generate one- added requires for mozldap-tools- update to latest sources - added migrateTo11 to allow migrating instances from 1.0.x to 1.1 - ldapi support - fixed pam passthru plugin ENTRY method- Renamed package to fedora-ds-base, but keep names of paths/files/services the same - use the shortname macro (fedora-ds) for names of paths, files, and services instead - of name, so that way we can continue to use e.g. /etc/fedora-ds instead of /etc/fedora-ds-base - updated to latest sources- More cleanup suggested by Dennis Gilmore - This is the fedora extras candidate based on cvs tag FedoraDirSvr110a1- latest sources - added init scripts - use /etc as instconfigdir- latest sources - moved all executables to _bindir- latest sources - added /var/tmp/fedora-ds to dirs- added logconv.pl - added slapi-plugin.h to devel package - added explicit dirs for /var/log/fedora-ds et. al.- just move all .so files into the base package from the devel package- Move the plugin *.so files into the main package instead of the devel - package because they are loaded directly by name via dlopen- Move the script-templates directory to datadir/fedora-ds- change mozldap to mozldap6- remove . from cvsdate define- Having a problem building in Brew - may be Release format- Changed version to 1.1.0 and added Release 1.el4.cvs20070119 - merged in changes from Fedora Extras candidate spec file- Bump component versions (nspr, nss, svrcore, mozldap) to their latest - remove unneeded patches- update to a cvs snapshot - fedorafy the spec - create -devel subpackage - apply a patch to use mozldap not mozldap6 - apply a patch to allow --prefix to work correctly- Fixed the problem where the server would crash upon shutdown in dblayer - due to a race condition among the database housekeeping threads - Fix a problem with normalized absolute paths for db directories- Touch all of the ldap/admin/src/scripts/*.in files so that they - will be newer than their corresponding script template files, so - that make will rebuild them.- Chown new schema files when copying during instance creation- Configure will get ldapsdk_bindir from pkg-config, or $libdir/mozldap6- use eval to sed ./configure into ../configure- jump through hoops to be able to run ../configure- Need to make built dir in setup section- The template scripts needed to use @libdir@ instead of hardcoding - /usr/lib - Use make DESTDIR=$RPM_BUILD_ROOT install instead of % makeinstall - do the actual build in a "built" subdirectory, until we remove - the old script templates- Make replication plugin link with libdb- Have make define LIBDIR, BINDIR, etc. for C code to use - especially for create_instance.h- Forgot to checkin new config.h.in for AC_CONFIG_HEADERS- Add perldap as a Requires; update sources- Fix ds_newinst.pl - Remove obsolete #defines- Update sources; rebuild to populate brew yum repo with dirsec-nss- Update sources- initial revision1.2.11.15-97.el6_101.2.11.15-97.el6_10dirsrvlibslapd.so.0libslapd.so.0.0.0389-ds-base-libs-1.2.11.15EXCEPTIONLICENSELICENSE.GPLv2README.devel/usr/lib//usr/lib/dirsrv//usr/share/doc//usr/share/doc/389-ds-base-libs-1.2.11.15/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tablesdrpmxz2i686-redhat-linux-gnuASCII textELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, strippeddirectorysymbolic link to `libslapd.so.0.0.0''RPRRRRRRRRRR R R R R RRRRRRRRRRRRRRRRRR R!R"R#R$R%R)?7zXZ !PH6]"k%[c7B♶6? Aޏ 7a瓹DU>`#;.' hg`*|<sRk\|bljAC@[;ew[7M OjwJK,9XdOrR\ ]`Ev ~t OkHϝ=ȳO9~͍t}&x>m HQe''XP *;[|Sd/57lkUݽx fHksQ[$O Uސ1Xrز=FÀd]kg5~4Myj23P_J" x,ݝIG_/UBs{Ggc ӓ(ۚrg1A(NYl6yd &KTdu{8:2$>B y#аRb]=*e"PsGl #([~0?й gڀ]۷SZ^oWu]au Ơ<KήC.|jt*wtK<2_>~{ƻ.Nhshg͹lmfO%*B8Gy~"EťZHiὦʳFd %(*rCBk+tLUP d/yy2w6gGpA)BZ+uv8>f*R(}=+k/酊xsZy(e+G0Xϊhf* Μ[_o070^b ##1Y$wЩt낈lS&vV-q ໺zKOd@kA 7$E w@u[aZPjU$m% ]^3݈  B9Wc&0͇"怺ETENǔp{d`Pww~cciG^q8h. ."J4 1}UA@5}V;BNnч{u}]S;&^Fi0>}VkRVd7f @Ƶ@M T͌aBWصZ={DI{L7#b=<χ;p7E;'DS| ^Cvɹd{*O.w).vwԶ +C2`(jzSjAFHaSZFtEf6rp`:kE%:r/M0a{} Wq_%;Vd=_VWOjL);Uٚ|-R!݊uW~/M-:x~/Q3&ƕn& l!L;ҺG_plԖ5Cm\p#['GQ~9:v {jt-#@,yٛ`)43߂?P \#O9whdy?v q  \3TZPF~J.nQ,ݷ7%I'5Њ njB5o#7A 4}I􉞒U 1vCrryϻܶ=Df}ƺp{Y..9ש.Fh_gYd⋆Icp)h8P B|A5(h8K8ޯGxk_ާO'2,cg{ 9/i*8Ĉd-u腟߾nv*Bfz-;F95gpͶ)J 0ߡak8KG5:m+Z92 MJ/SI~pbbO(P)ҠT#>|9 xfL)Oz&"tz٣$c0鎈 ގ(1 &ۺB=rHH% `0= T"!$Fb1,XNp@3A|,PAȝ9If͘VYVJ.ÑAC,Z]jbtsRʸVq4_Ns&;Wt06 Y4'"a!0ܦPSBҋhI!U#̊8G%?z)l'"Pn9 SSR'DI8RS+ad"»L!jl)m0|Fl=c< %}? lq_I Xy&aw!g }.WxqKJ椖Zt>%]^@c,vNn.̄oI0X~i@Rh{#\{EKùrirGP1C~[sr<>xT*dD`5T'5>ۮz4,JY]E0x AV6}/:4sTUr+b-am}Ž]`.1-k==Ւ-uzJ֙T&մ*U ز@~iOX~3Wr{[ `"__jB#=1[ekc5gRZG)^S{#i}dR\ rr>dn *䍳r]|Z8=MMs;~^B^MNMʜ9R_놹7fЧʻ|<s;%Cwo"ỹ,+Iֱb2&`OPM%r/;;dT'YKا2ȠdtFV?t3N+"f|%oCy2 + M̜EJن:o˭AڿN o|(-&k`]oA>{N֮& X&ba\N t*XSEutNjGnhi-ױ&gKwq =y߫LcV,J>-&J7?7Ȧ8>YUyvEh8b }z`Vbk6uwSJfŘE)dviRc Df#Fxiz :8=\@!0(Eԃ%Wyp^%!pM/"II vV  N%(1q@mz>uiW)F8wl@ui&y` DN?qJGBS2S*)쥇osl9lfUAwnE'56׮?hz#BCM|.>,h˂S^khlgN:L@ h:R_7hlO呁I z>=.¸MV;/{dyoh7Ʃl6-ʫ?aI9{,툯Htsg,`B_HqNj&*:~PNcn+Qakt0 Wr;mcU7 u(vԠb(A)pz fW]-$l{b:FVg1 ? ٷ,"{+WW~Ն6&)j9o%j>4%H#aywa CoF#hqae :. 2j@p|9w+gy l J@duӺ7 6#ZE%w#ߣ[CZRݏlx*Nh8iM(׷z#)d# ,oRmB*/Q@;LB :YglPuJَ^֫+Gt{|3ȷ =\$8uXw mfx c+i&\;WL4[q_t:f6Ee V^Y5'䢼9@R;k>;!hprt:+giȳ06/ӑ{ 5AA1lV}tV1.ȉb!^/WdSD!B: 4&'h 6)A M4[D\TM%-ED7^|)v_#qyLCf~ _i[ o9K1N;?2fߘda ɽ_J9`rԶ)iywܼr\LVى_P,"4(RYCۜԤ9gx>!fU!We1DDu+P]IBaT9ch h'2L2J| R.P҅ (A!nfAQ p=c`~DiOo`n+2IX^4A$o}<90,i߃EHFirck 3%\KyZHY5+kUBHZ?* ?jD훀!́?U@gkШA^YS|:ҷȏ |4הzvEj` $TK-Ȁ]{>'XRmޒV={k1YK>TmLNeô]hU >Ns8وۂ/t)UW8[_ a2^ڭ7!>ggrK*uo ]E)񻧥U527 ?_;H^@x2:XݐBsDܐ| a&"N~T{0? n`ţk۵[jLH"{|bSx#ڦ5".)p,4W%LHcStAuCf KYq0{ƖŻfv!<[eծV"t4TDrx(\&E@[Dyc TpO<9&61!%u*0āE #Io\L_0R`OՃٯzج^)&;M {Jsv#8 ahgm6򄗄8jN.Hߚ0>vZ!…7C]e{Be Â/1 ea|JbߪҨ`-1<uz9h) 3Y_6 T \*ILW]Ʈ`1{.!\^`VaL4-YR9TPlH`,~:KfCPW%Gӑ˪n&v&VJ h9,c:.|>.)Λd CPnǎkHCs/*k̼B׎fEHS ?ݖsb?fv3!jJ0V@h gYl{s-JuIF( B;YZ{5ћy) XZv2è"h94J{q0j]B+Jq: ਏdMDĮUoV28:Vȳ-Ȩt*U%EO5|1z XHxϘ9 F S2M7LpMF8bo sC $ĉ~ -W!bx$hi/>alAwN`?euPݙ6AӨe,kge[aroPHbͺUiQ)U0'$@hp*! vm&%\PŨ5WvZ=R$VoK0{i>NõIu ä^Sn{MF]l%pLşYgqi +Ԭf~7w{I_ p9/˳Cb6-ԔB~;zO-&3fp:89/.Fg얪 LyVSB_m@)ĮkN^s  m 25:.# ynu$(;mUh,ȇ1;&*׬ӱX©c:k<9 9 ˣ-v^9`anNAܡހE9S21%x*1dau Yii}w%•9ox6w][???Ut5d:0r ZAET!;l|6=j4sFŰ7R,B$u6xFSEϠUMa9U~nIsԸZ ϒ'éDYxg+Ja8R~c 6X &ѧy:cef8Ov;A:>=M% ]R'=$BA^,pKPHϱט"_l@|<8F}~S}B 90юE\ugTlK7@GNm@lH2O.I^HHOUW2m?/ҏ?s]"ߑ`јh~Z.s}=|#PZ}ڑhMُ}? ?O؏Ud`mj`٨1LC'JBd85^8vx*Wlo^hVkyfCHMPnˤWD#71o[4&LP#J{L.(Q?= IJ>Ah;KWBNAٔHbqQ0"{=L1Rbc%oa^Qh1e1` ƜwnX ;\l ܲτ7(8{Lǟ>}P4ށK1ّ* v֪2CS!y5ү5T=!YXy ,IlhYہR<pt9r YR٨B }L]*`jX&ѨQbk<И;' }zZxz/J'^;/=r|W0D7}WiS8 wj\T]ʝ<#aڜ@]8E`LJ)hՄRl4"pe0); _mL`# 3OED'g;uqc6ZRjW_No'wУbg.f|K;3t>cg~Ɔ;I#<Rg,5Puԡg 8 V\ ;o~ oH4֪Wᓞ$PTO>_XhRijм'ϊm5?GU@ccGK0<$ ͈}2;G$~-n L1MӍ@OgW奚QJ]0X>$GA-7ynUG'Dt_@p~@RR;>Uх;1YѺ|rء+ľ)SE7β0v ={agv4HEbe)%Mfބg",&F>aQ3e'n`bzэ;*֐ZJ~ITzV 37yPa*'"MUlٔ&1.JOLZwIVEwո..b ȆլɥOlL=Z]pb:E_z<-^.fPB4f@@]!-:Uǧbԅ}l#4X,j &mEE+-C-yyEˣDNA,QJڔm&eT .ڿ貉M\9nbzW?B),\#< Ԣk=dl?"С[cj4J{-RMMB{ &&wZfBI|Jo蘴ڈ 4r;{kUrDw@O$ZOMdZ89}x.71@CGx{ql> #d-Md~(8_H0]P /kJ$6U$PHu ѡ_yI֙!Ȕ 3sqxckS$>l.C5EI'nUeyP|YHӧ,o'dg89%}ϟfl}3z?'S2Ғs`Q?&E|πf,=R eu/t==x(5T]Z;ۏdm&\ϡes[jtJ)Wz|,0Li/-&~EQB$m!Ȇ,A( _cF; ` u[\Ƅ-S^B7 V'g-I0 }_8 oLdN}\?j{;Vֆ3/Kf<\U \xw=Ef`1}̚,uk[yz3{j?핡c`C} v\NC@8orRi2t$  ]3[)Xi$fE|g Y`_}|L IQ Nnn֓6#Lk-1yif+T ׻ dP!`c9D)X}!sLGaC0h"'@وQ-H@O[Zd(]q>)pg!a!厲G2! qW&!~7=8Vk(?b ]|\t3>WNw黆GG4$!1nƓ#d=9.SJK Bz9hiC}HG݅1̽!>pey@bmi?V:Z>0\ ?ä*޸MHTD\:a(זnG4@(4{V ةPjf[w4qUGt)$յ"q j\z 8psϾV*od7 F;Vx:"_ u Oʱ%{XՇ0 + z~o:K$ TOP/M99>iX;]Ҙ! bsF:4K ?[9Ȯ4lj :yJ!o{`"LƨXƃ9Hc_Tgx5r)+r ڀ@IFXdN=jBuH7i΄${Iȧz'$s\ ѴV's#W9C P\KSG6m3@0]\ ״Ib8KL҉mJ7E.i[j݃dH-S&Kܙ3YX\w(Sً ׊#ʒ8o؃` %V٣WцktakGG|;L`~j(WumgCr~Hc[y#YVhT쟢VY #%/Ua{Uᥐց(Ðl6LUE >+ SK\l 0 JvJn>ڒnƫoV"*PGf" qc>mԎKnxCM񮸳:AdeD_Ѓpʲh`4،҈ cTfYɂdM ]׈3^lVC3z[>P]l1P@_87}A}QaB(0#s`,Pp^){8f]ІeUL  U|3vk>1lJ"4ޞAW(Vjx^;p9+Z{|"sL)n۝:{2V 'O^CrҍZ\L% M/ K6uӦUg#`XyRD6Z ėmi1#9c'`46{/P:B>0SUh3?#< l`$fn*_Xrme1KB*Q N'~ ?ḣ# ZH۾ RNt}~5Қ:{3 Wm( K@=PqwbkV23{'GS, *2ugb"mHu1:|qF!ۃ5<,|F<Iv žz}D1# M)i޿92L~4@JiGEEu-Coe<;H7 Lk9ۙBk{ޗɧ[t!s)%^Xս~$AM%fHYak&(4@XxQ#$-p#",\Vʮ`h |O q'4EVlR8Mϳ69iofFx1˵YhGwfр.G ɪioUCF4 2b #Se97 9<#\Lynkvj׷/ۈsꨅ>]%Ue^Mf^%P GA#4~cPY|PVM]hȥw,Y x8$܉j*ZJ!3lO)7q)^6Jp. b e߄220y`@ዉՒ@bߵ(%Jw`)ыW b)fGY%%A^->"i'AotKR WksVF ^܉_OJi3fV.!E zFGwg?&ﲀʽ'FNV>@閌uYU0'kLz\>pfr:AJBg 0W25\%GHHZ%kh%hE >Q҈HT!ڷ0d ;\@QNz!oLMNjdM3v%6-ѿ2g.E]0()W6s&7$}b'%]hIE  ˜ua.z+GrRj( 獀,}B~x ޳wԳ9a ձ. X&g=Y9DZj1g[(hW8wj%-aV'-x%&h"[FvmB(TEAkBAp /]q %0uZrv%lp Td-i%Rwn/"Ɍr{r%-VG] H䯧ovJm ;pOsA(/)eEfoEgpfOك/ aɊ5@^o>%]lA!kߔT~?Ԩf@Ť5- PLd:|c.$ WVYNFI#M汎7[δ4gʽ/>ւb"aVeWD WȮ5򼸣oy ÷[6YjuaN^ANea/بoxtKD:"r?zISč@Ry3t.^C5us%e<"K,gwեfFI(y}!7Z=X"rFv:+9TO*$gUZřW Ľn9F>n!Iw;#ɟu|d&MC*3:~_影w  ;p mC1+ċ]ĸJK,`⹩ M'%gpwՕ |r5?J1Sn*u;:tW9"}D|bXn?~'"à:b~;EG'~t^-Sܣ'8MEi]!XB`oKn3M{2J&Ҷ%[X4w ¢@zKKPќԑh+Ê%bC~c^2 @*KʵP@\N>v r^qH-4:/H*Cg~|{-'C/d9`o9} ei9q6;6-dOA -׬Ck>(Yчj3}~ !+P>k; tYr&8AU$MҐ4,|dn~O ts2@F4Xul6 4$-Nt6w5?d[ȀcÙ,I< X`( N׵$l;7ĝ@8pSyÐ*S&5#3Yt% \- >ʊ ['Z/ԫ\UgAM &jE{z-FvO%2 iRZ[Z94>f  8x Q |c <0Z/qsшUu4D~Fpkϡ+68cN-ZU\Bץm[xsU{ÿdT%#|ҵʸt ]Gy)wӒe63J%Pc6wB,:'Μb2J$%A{t98B{6i}m`XŖmG* XMs_޿/2fgw' V-.Gj(NϮ7#7o}}ˡ3Di,3&o?p0, vm듦CN. #+jfoBXD&w~ лY. Rwnˣ^nBՃ'$&(GiN%AI6|e24 mu蠴~*SL!!E l&[=_ eL)7vrPFs}wrUumծ1Ӛٷtojֿ7o],TU Գ2~vShV( J i?-V2ڒ{~9)QV,dV޼xTO)ɍ0=eA!3C\dp7/D}2]C Ns7tsXp`0.Ye]J󶽼uKԱ!J7A ~Xpeߍ)!; 0l ھ.]4+>Dsǘ5S-R2'LH0.Q8@ )|7M.F&Љ#Wi1ݭhq}1V ov*k%"niEvGY|/`cjص]p/bFU?idu M|U%b6 t`l%WۼRDnҜ]f#1vG:t6YrX%#d/e P7{kNC4C隉74˓ԍW(duy3C4x0.oe2ٛ=ًIs{3a4rʙ-6(* DDV0pJ6\;O 1̒=iVz~}||,${=Q*x=_0+8Tߗ+q8G[ҍ 4sZU.ShiyM*] ɣI7JQbӰǣr-G]K QF ODM=H'ʤ72B0W_q1`ZO9Y`Tyd{ cc䧣݁KyZ`Xks|kW`T[<L67dpI-T'p!7ѼN +!fO8äFuz &O̪'}M17ho+g\KlW{ ]`o;7H=MqT2Ky(1LsQ䚎Q8``ʷq oX )uIHyc7N?|GN]nx~*"`K8/JqwOiX9WP,_^l5.~WImsC?p]y(9)],`EğXZ_Ls_)30p鏺/!95"+l. dkEt[:6:9"]# 0L&7 [F#ƬiZf.+d)si_"To,r$ kҺP|'M =;\= eIfX, w`3)jwpsֶ80+0cy`> Fu#zP"E~H$<W4"@Hñ#=w#e>x‹P都=+\*PN*b[-  Sz8sGdHn)8tJq~dx|d._t4ְ Bcb[jyD .p܊c`H̥~4QT q,k>k[kJD/ăH6*VIf"2M{IgAC#^ ` $\N~U0/XF>Q! ]>Ӗ0.UVd!vf`Shn H sj6KUb7~;_ &s,+Bls"wSđ];-AS2K+C$ZNTCQ",gzOğz`6?n*^\K&s,ی%&_ME[R*0__oÐgSDf.ԙn]ؗpLxr\5 f~d|0Ah;"j].j$yglkeQR0+etρtOd#r6]ҥEd_x+pR(ɥ,RC=PG+T1Rjf\5 7EFR&nϘ_cJhZQ?eiW .$NQ ژ=:*-7mj6"~7vhh6ɉN+ͤU| @v›tgfy2aMT'Kt /&pzQhG>7xr`ލ)msrʎ6#>|"5+:Pp).mZǻ#[d*:غP:IE;Lq?dBfkW7 )ؖ*A? ar31࣌W/w0(q^WĈbk5 Ɏ.V^;TYĸd IF^=-l uSHծQD!ɭ7ks\LP6 R1b<b]&KAa"8p).iN ~M$|z?f|Qg:/IOg;ge#h|},ژJ^}hnY7Lyp2|g**Bl]5^\ P*IfAsփWxف#Y40]#-Gxg֟gZjQkh> iJ2NZ$H E@3`C QI.KZj>&%yc \67[;gfg@ 5،g]ٰcugL|!]*]nJ0*r"o4ב&J ʔܕe2}*sE]ɻD ,_BIA:1F/kEsѹ sQ@#e. ڶ_]\Vvʣ2Ͱt=CϛğNBHƌ u]|ʭ7)VQljf7>zuU wPm=vW&bY3Ȃ! WũRCO-M$s7bsN)e|Vܱx_ž]lB?XI|,־Pv qPOnۍ-yW"$K'Af|%Nz-ҫ;9Vyb(- s&or'aJjnQVʖU!FqԲAߍ??&n:Q! \*Eogq+z82!1-)83A ʒ.P`L~*afKRǞ#Ɋdvĥ~9G\[A25D-ɽ^Fyz;Dθ`ID#WQb U=my>[Y'eD'X=ڀR%=S"xbd|pUp)qW'"y$@cR[#BYUUT7/+IӃCHf<ӈ@4CMOk^z g27 aCVs ti!wҮe\ ዉlW[VDRbEK8FFO]M{˹ts4ټCI>2诪`Dfpa H\8`qͬ\-$w,Nj9C[w:Y'6@Hn,.lr߸CBf'jZ/R4:F Lp9CW a/mdm[$-O1"rR qy#86vy38R)"ݤNj6o fh&? -dMq.D?eCl"c.MfꓞK#%K`H` PYGeR8 $R~ukVOuDV/ei Н6, lGW9aEn'8> 5;b%;{ d[YWuihReO& EnKҺފSFa,H7]g /mjCJH%h&+i|76(?7jr@Ճp< ZQ;PY.6<`q$<ߎW)~?ϕ@sW w<| MHxd"w`f]jn|}3L0y2~'P\ם=}{,bE#(f?0mr,>rilwWTPR8Tg' Im5O5)M;M_WpACV{d8X氐1]f`yz~5DzQA\Y,J41j} A҂WU$x̪j7orp_:Lݐ {ˣſjM/DKu5 !]j4k8kK՜udIX'IY$oF~'7A/eO`pmRkӣ17־xWuDq"_: {K+n Mk)]]d֧1p#7Wϗ@HX>l,F$\[/R"HΑ{/SB1k|iJͺ7$ 0&iZ.H{>z]N Dl:hmڂ|3澝b4#,xM2כlͤ4c^8l"1u>p:#ݟz~#+mj⮩A^ Cզ_\AtNf,ޠwMŚξFNi@TSpX(N"-LįQ\KL$~b+z[#Ƨw3pThHB5\XZp ݾ]Q*E ?yΰOvۉ\x1-NńENɪ;j))IH6 bx~ p#>54튣?gvZ-jy&$, =@B*jN*㞘UgQig_wЄCU7~IZVM چib{+mj>1. {8@JYO"ׅz>RRi/2}?=iqa 3֮ҍvӚ~̓BQJ3ytf./{[;cJA ?@Ư_n6k@\:\模#ۚlk:լ 1Zb˄뉝wCh[) }=`>~1s |5ΦX OM)cX9S.*Ĭ` !QCp눀nζ3PsB EjJemD M|`>M$9ԌUtd 9eg $˛Ӈua!*zodGX^qqh U6^`~E$(HYa dzơٍIg޴QRr/?5/-ʮYֹz xere1X@/FBj2p]Wb%P䥡ʹjj'DBO gSʒeH7pQKO(-/CǛ6" nw iVݱV+%кO4uu*zj4-Tfve'ZF]ϲS_xryVmH:V]xGE@Mh rPyѰEȧD#,hZA[699\d;܃̕nŽ[̘VG 8"4}BUXt*`P5/¦WS44nDq  1< .{V<83qkF}a"hC|" ey SI/4 `S!IrB|hvUNoꉪCޛ-`$ձ K@Q΄O{V×4Sҕᙉ&Lc˕81r8ܩJXJfW4 &&eT&CF`TFI+`[rn1Kv@MI#v\ /$һ>n0Ċ:!8Bw[١2GS?+8Mw! ,oydGk< #uչ:!xq$S0oW4SXFGE)"C5ftD9~SدvWrD~bBX`P !$ᵢ!tz6VD/Uh"9u~DQ$#%5+Չ ǸP)ΣxQŵYDm0O $V RbQ+6 1i_BNX# )V SF ET:QwtX`4nOQldX,(84XM]j]/$i" qY~0wqaCS$)%p!S*OZR]#J̀=;:R,2ͺ Hy/wl͉Vֶ'ލ]tYyZc{; PgyFXC10:HT4=xѐ& \~g5ؤ\7APSrMj:aC2zCV(u-]HtdS&]Kkrޱ ;.EE8+yՕPHyBA y|螑m/W O=H֍")!'byhCTWf~R50T<LH$r0B}`rqNYQߤjs/S"?PAgV_eƠ_.^5AN +6~ٕgud)dLY{oa_HDHAbuk1g[?$G\Ɂk SGfvȯ(*:/c%mus4i=IkA@˛I'GLjX4b+c5G.XІD՛6rj(G۔"m48D@=IK2jX6kh>{Ӿtn gtI}e.+>nL Gծ!:. |-qJڊe&䰚ϒ _.+Ϊv=裇:^68bp uTmc*6WǧJn- /J)_feIskH ί lTԶ4"H|~@On0VXR9emLT!ѓȘ‡A /͟AOJ\lؤ$,GqRk|\PD(H% ǟdm2؛)R|KA^ K%CA 7#;%|bQ'o5AŪD?Yw4$dچwoOh0،0 ާP X7'٠Zj~-VPKLWrjӒ#vjfB׸zUfw? J>l>ڗV@!\&^rǛ֞B3µ>QX+6 #NAn^#^t-ؗ )T-.A뮶 =WDMNoo(͞chK@7E0%._mX Շ28@  4 ÔO^@y%:7MCIo jT ݢhmnqEfLHRםX&I8Lpp~ެ:9'.I(fxRS8P_ex2196?BaGZ4|\]55;wL"*O.|"4V Ϩ*"ɗnmwP52 |ʰJ߽Bm^G-nިW/*(HaDKWJ4|QŐm"\mD E"yOP4z(ݪ7> ev#6rVG,X u =;{kAOڥ5d, @a@[/[M\`rsWa!95%NF o粸1x6 Oka UA(-ckJL864l=[0qul}FF³yAOk }ܻ1$wedK/2/#bz۬"i` ڑ*AN'Ik?T!ua Bm9ZS*,Ϟ:"&\S4r`>s%—> q̧K kYIu8!17_2ŷn.[X%IBQӉCA(n#3'mQ-4P:lMNlE1K= GJJAGu'ɧz߷PS^n3!o5m'g竴7OB!PN䘝t1Z\\\Iopą5M a]7\dӣzk*يiΞ.Go Z1Vs4qx"y/F(@wL5ik!-Lf ГǀgYq,% ؒ\,j(c 9m<8YK3S͐L栛팙9ǾLYS3^"[[\>?g J;f4=X6ږ8~H;w&&j[ɏEY5pR!z k|Ⱥ-M?)];T }a55i-Hd|$)yPPgW>2?MA!Ya218+͡/JaQak5t]W Q-ϰ(U~>iCO@ա G/܁Hs,nK]YNfA ۇoq!j,RTxJQy/}ʈ#ҞmԩӈgGǐZP$ 3pN^8C-bL=Mg Kԫ Wp{{M}}SL C uA.z4vt.ÖIor70 nQ+fJiaiWYD b 21졅@QOESY1iglf$d{@ccl5fo]iPGi}|IVK'OC'_A.kU:}/M-^Agժ̬0t;+eOZ"_ ImQh)Ǿ[;]q $oe<rx%vU @xP2ơ3|}0*8SYB@RYMY<7ʧIј@ĽwqPL[K8\(:Zɹ5 q¾r?MW G 3مXh EȾ"iz wia qŠiO. |$z/  &1m}dKV޾ps xC?[?ټZ8UX("xTm PޮoוIh$SwAwFpT2t< C><*hJ{#oY߆v3rRKa &B.Q9 :؆3Hՙd?7Q[IRǰO[=5+ ,Oܠ{b\pk`49ܰ.*ϕA>#X(-݈;P!Ɠ+H^>g]f[Kmk e6ض[-%fqc~9%M޲os@Kp *ŬjAuAd' ՜VZ ']W' 2) |ØGώqY,nݮ*k"[D`xH5.6G_nY&c3Xu@a8M.2 ;PW'IugZh̵ O?!7T~^&i6d5>& /R^-gr]L4h&z>?~כbr[,F # 6H;]td>@,ϩW*p0Pw^j>ir=$(>)n> n̈́?J;=A~/9/M!&q-/.HZ@V??k }O_2ձ؄'B[gYKy>IwruH7**)S\ן66VT-7^Xh[wyD80y E`hiVzD>VPTn@,㷙T]E2G5-Gl*f),9CT"J(Uq=BA~T$eB n>~}ҾM|| i_y@ {?.9߭j_u1?S@̃l-sHAc1Zeh,[`e63r!G"y ϳ)`~rRfD֙}?X\CL5*1AjQ&òb{5)X4 Q_S^`>b٤?"C4-ӯJ el\0"@B+ ck&uALM}͏ -$X0K=?LbXT}f_c.R\㠮99] >g#g``A=;Iz?ԭa_ ~wVaG,0'TR@Ym`Mc3z r):l@Y10Ei5;uNGc͝4jj%i^.Ev8!4 ,MDv Lic1g#N5[""X4蛪FTu^^w4dGBN~'Ǻp{j͎H2ºp*Q>9~t?= ѧK6^'2.L}]fA[?%+is*Pe#ta[Iډ mCsz$M|hBgٷG;7v앶oɖ7kErwŏT)7~hiþm˝mR PкK Q碁%q">Qq49(Jk3++t 6WJ7}Nu_J(yqaMz/;GA\R5Hhгq~H`j%Ue\:082TTe-~@d"XL_/VC{^@!L l¶dxfh!!om:e0Lku!@'P׳? :<3 :eY| gْ =+i+8򙹉o#}~t5XAn؛g鑤5Js bww:8i`\/q]6*E =ե PCiv*iҢ HP $➠/~ % ,.\ȇ )&iL4.eE{=vy:]~EMIݵдәBP#8Ύ:L>aSTw78iM `#7hxvQW%>~oE`#[.Ȇ;Ekv܊?dzo d⠬#`alxzf |,]qs,l- d쪠eb=0m}S<1ߐ\ga\\*)w:\s @˷ʓ;ܻN%aV[ـtP# @cht2 K2 :x5jttX yWO vB7J @wV޲0vEMu:"AV&J+%x7)Ms޹6bO10\ngR`+ger!ԛ (/l }8uiڲsV,E,0^ yˆ3")gygqmԿ I~XrT7 &'ёlysgu#pK<݆''Vkz`YJڏby-ʎJތ|) Nyb7mISL+[l* rq0U]pTn:^*y`P/۸7Q)u U6o%s`5~4[ghX >#㎬xJ |gaC vw[:=*a" <%W@[ &(Wޑ"D4/\N;DO>9OgH *.-1|X(#rɽ!p X3I?;KN8Rd%Z xu`iӃh~\w}oFY,ߖd1,̖>s'ѓ+iv݌bp 7T~'`˛Ã1#}ڷZo/LZ+f,]?W"S.5Z=1%ud|<BQc:٭ـkK8\P5??Nx8XE2}5DZ|Hh chØ" hZr қDZB ecjl:{AQez1 /3:i +3(>Ngq65EKRGĥi.2ԃO4$?}wS˴my@ou˾+~|UD^G3wbhK{yp-PP" 麕7_ܦ=xHO]3P`n%9:B|寍7.`ƟZco%բ*#| n8**hxkhO[{RGok? ;of TvozD+a pDWfSPpȬN|lR~=ŽDP/D젤Rn_;Z(tz Q(Aɿ4rNM]huϥ*?j)~Z9>ۯP@ xO- Թcvu^D'̥A$=[SwKyBh w5Csy]LViDܨkͱޙK=@k /;ѷK5 ;>K876"1w ?zO 'A:M*Ə:бL[L+cs z{~YFC y.p{s@ܚT)uO CC\ek&Jp4i ӳo}֮ٞҸ @DdNPQ\eƖp\t![q|-Þ+wPja`z] k[qۺ:qvB![JH#Jp Yb:֋A!Z tSqUw~S}¯cb׮ bt/dHb%^JEYZ;Uº& pc ӴÒ-"k<Cp"R~~+8oDNM=%舽rJez6 ^Eoh'>8..Z:өĚ )ح:+DdF5M7qc- kUۢb $FO Fؖ4y~ޛ_<|of9lUfvLYIzT\3 kYbύ &+/"'ҡH3i-O,^i9b/\E+VEޟ^5ɨQHu#[534!osnY`gm/sJkծzg/4O7o/i=2_~& s Tm ug芘|3ΓF1 083(,Bą8R+}ё]zs+0L 0uX\A1ٱ]u*[okJ[muyqf]hJtaQ2X,6N\@u6鱠\)c=R]waJ`*fU\h$#c?HOˏYhqf} 08|889UԶxMh "ㅰxdK(2Uu#ɶm SR3 <;YvάsvCf!(k.zgMݫt/%X)E Ep_k(07b$J) ,2;ND{ Fְ{$mڪ0^H,x 5~RywZe>DE;K^^ KIBkO,H0AR gB%D\g ՘q!߈=YH)!jMf4UDŽă/n4db~ɯʷ~Qg;]|WeJFY`R7ѻ%D'{ DUwRNS%[2%ɉ G' 2"BnٷWOJwڗ v%reݻ_1۬>!y+(̫U)tV+`,s'>+AnW-7#ǔK 5c \(DYt{qxk%*%]8?­[$,#j쉝^k3\l~v`fyuCEc*8CQZnJF ꎖ gg[Z_F"%wsCMs Gz%{[Ff_LIs\yεStCVQ,sqi"VV]SCq+uZcΓv&*NO),\@|$D'_6rZفgCpӴG闊\tJ\qRn 'Ȼ\/>u{cw8:Q^gUNĊPq~BEtfǸ`¿;{_!䣇=}X jiqo+ in}S.vE$/"HEP"Х"s]btg~rHKM+$kx;>5~#i e~/*)0_4w ]]Ad`"䃹ྛ Лw'v1VF?xROu")jP!Mwgw5j@'+?{"~ 7Y>X>(r?={P1{m󉡪)ޥsOIoCEGC3W?  _Vƫvݮ-e|-^\:߉KN1޷le [ʖ9MO;Uߧ "O]SlDy#g0|N`}u#]FqG>܍']^:>.0f p`CtnOM+Th.xvzb_1l,v`hitn W+⍬E7jFtVҵzOA*7ȆP)V.̵;$Dz;fڠY_p XkrF8JI (㛌EJF8y'o D7)f0$y,sFہ6 !cCCG܇J{xO+vXѦT4CKm~j0e eݻwzUt~{щg該EzG 5.@wh_uͬGkGz{k,}M8PEZ#0Gp즕.w@|$3ʱa̿&u>-;ܮvbh֬Pb^y-dg3#r0`4 ` ^E 8;fbWrݺRP-iWǥ^,28mCzZ+knwP'souz>Kx4)bCK~iCRen'%*VWN?,T/nU\!^ʵf@ 1e>dIbV:__KeR[%jЕ w!zɍݛ#ٱyzh&aK[p(f4=WXTWcÏ}3ܠR.'½<ɐ$CW1O56T$>ԡL@K`!ۄWQWIuNDw|oe7H 2ƹrbC"bp4|`яIOf׆-dkSZB'b)Y}lG Ze #bW>u>7(oT%NH-.NރqΐXɴ=3`W>T9.oQT:A^caDH [ED}<O>"'VV#tSJu[uQ};ٛX%ID4mI'l08 V2s >Ҍ&XLR{MRAF[dWcLx[ nEPX<kFyl Lli:ڝEZ @B RY#Ǯ}\BS=LiL31.jF'PV6kjKe:5eKtЪ޼{iO):"Rwݲ@oĩ~GЏDZ2 ($N;kd"w2iJ>y/11.;B&6^yiHxbfH.o翓aRx/X2-BÂ|@C+@nn@usS}v^QeV"zuS$\J5K? ^Xʤ=/(BzPyaGt@5x\ehLl{ZƢ 92@1Ņ hB+t`.手wm2p`JŃztlCe`JSxֿu2 #t27 Ψ$$? G(%_!z6~K}$>_)aH-6s 2 c,1Y9XPw =<)$i#Х&.h@àc1}ISW^+"ח2;@pT[eM`vbu˦axsTnD =4; V2n9 :,H\apljl(-Pw2hs~?cgIԊjպq0Rn?G4bpLZqb\MEtAR&&ޓ?ADj,7x1MF JWVP Ǩ~W96C] %j<(HM q.}g 3"!9Jҏv%7`Z wބ\zgt@CV J}!S>#L &щ?Ӹږ0֜bw]BZϱo0lQDJiJQߵg@'0.W,z>[%"`a_*ds=yY/fr<9ӖjڷIװ~y3e:P^!̋jp\(Z0{q1W:W'E;Wj&V N}ڤ _u_A`|z+3eK/5aa2z:""o¬l1q.ZkraT|’QBl}'hat:  Ⱥjp2L=}&QVX}_^X_z6,D߽a/i"[g'UTmqi*v:딮߽7 ?:iaŸ vR߷YDZX9PH1GY߫"YRp*2v :a): Vm. VSHYa_~ doR6cIK9 Ca5gݷ^$Uњg\ٗ"`s2n*y?A-Rh"IJ, xYvS9aX.ԧywX߼l[jgwb$_mIIY I_'urN<dT10>\ݺV@PtbU4l`{3bY=n&.?"_$j =pv_ ?ZZ1kc|^)0Tn\~/pee;alZ[C65j^)29B9M&ԇ@2|\fG`ʮ[\Zybd [>A)[LCXW{\d W%hġYG_W)A3m:a^\{2">Ua%o+wVx LsF}w3RD; 0 Vzrbo(0Q ƈ8"axn󇸭 -[ɭx&\NzPUk0r!a~$m_mgCCLVYŽ=6% v@3/%oy/$IS#SVnuZ甛6kϬ]rSl%p,OEA ?@9m@0$nAR:\Mi {IABT\Y;:9~BJx/PUO қrru6éNmoF3֞73+-lf)0hn0Y^(][gÖS91~MCQ‚S1x{%xbdI/laR)|^hq0XRVAWb/e$NE_Ċ8]lzv R rc#!SIW__Kj,Ώnk Rs}OݧUVЏm Z`~~%%ݛj*F2-3{` "LUE287>ӓԆ`vIȹ8]N4tq$e- OEg~jT:1Wmc2SWPSIKEaaKh.w+A߅5Q7y Ꚍ}zKn/`JȠ>[hW.{x^aW]/F@ ƱG!vQkͱr:1*>zKGAz ]{Nl]e/-S;,k:@;=n)Bp"S5H f&u,\b9lm7~%#{_F8V/njQ%R ޗ]R{$T敾݌C(N.yɫ!+x&;O jiC#ߨە8ȿaOWh\呸ܨi,xEkyDLynϨ>)~SEW}q^Zض-x'!CŐ7fF+K(DW#*>BIQƒ`+ͩZGpo]xm,U5d&0Ok{$9C]$_KNNot%]g}Xu>tQ.;S⚠h+7؝DpMUD&ּLȖ"rI%B[g^T@68gk2:%9k֦]wu@>uhOG.D[3cPmx G;g;i Ï 9Xh# ˦iAG[*o4֒~'? ? r)UKz)iFD\@ʂ, y><%#d%}22CQuTW_l@+W|=̽\@p]U/n{b_ _h YeAnЅu.8IPb"f "dF=rԾٱ5a+Bӗ[K*Z H7ؽoPmX_Ѡ塩&F4JfDL5Y=Y0KJ* WH=IFC8\t&e^J|i.' &֓$.e(7&)Ftg DlRK-"[xǥP&#e?'`uIwܫM=cyO t ८ :/U 8xå +76e9X6_{)ʂl~Q,zdќ\s>3@qz>2 KR{As$mw24L`If}&#(FгQ ]X2 hlt/:`=e8&q-p !i~!~'}mJ Æ8#{1%Ⱦ.S~n2 X6-mL+f D*"=OfP!Ԅpˠ`%Ty&U wϣ?g&Jse 5PhP I2֮ۀp-jl_l tqIϕZkT+ʟYH ~ҡq:tM9nِP&c1CiC\3~JVc(>ҕrP"2EwW.咠xÙ/ r^{Y0R) k^,{dY?J!M6|H"CS3镂NPlcq*uh YVsW͵"XhN O]S%RKۇ598&*1|{F9k| ڮL3>]2`UYLS[9+5^ 6 uh @|LZ,6-n 57/V`LSZUHbRt+0p 2.(!/(BE uO8T^̦9Pg3'n~8ru u9Ql!RI,kxLs@>C-Œ3Qbh-^ W\p>YESأghL"/3QO@|N̔d1XQJэH΁# ݯ<B`(vǢPmŮ25j2VіnB[x-,x?)5@o_6)P?Gz1QO͹KTқ$f^M D5x{@4U]{/%,E~!(m"DʱDS\ow\ђZ`LV7˧}{Ž?')\ck̤̜ 0y묛jCv|k[ i,o/#ϱjר+D\Ev5HyL_mi>㋎Wێ*% ¼YRϳ BٹbbK}SDe**\E:Bӭ;JP-1C@gQ6$=):.t` ]\XFou,)N6˶5V<ڗG}ND"A6})\I2 Ҏ 3`G `ѦF>T,;>;3٧oKu"2̋u6>@P<#D-u[[ФFMA9)OF2Yl;4$WK@} ӫY =Scf*)؄d  zPMe/栒15> `)H*œWFϑbWW-ZQgtޱ+xMVNFvЊh%wGrCR2z վ 'r[r+&lb/ApB!Ki„B'Jl,$#P nωt/XZôrb`(}\NեnId^[ƋaZv/ 1@(̇wdJ3!0泰@Fޑs>#%F,=3'cktwpQ>o#9N xAyPOX"Ɍh;l5 V[P5R D \{s^b:M\7NblتW5kg& ^7[V(TJnhڜ|~J9tPwFQ7i19Q05FJԺYĻ`!Zlcޤc2ӃV (|$ ]'Ӥ(}<@\V#%yQw _׽.7AZq4#2fbXӼB60=Bb􈵚V>>3ƂD?K mQy~\@ei@T op_L&cgtPzzmDB ]L6eTl"s/>= &d@RI)Ha'%hgmi%к.7׺'VC E4y3CU_)7&(hמDb$q#3&p%)g.xW#jznDAm11=kQ@9ꓐ偈pYkZd2KN-:)~x=T??S ~ZpݤCF 41PԻp* ʹ~ˀ0(yx[Ov[1#\J T݄"Ǩr)* ]UE|վl#hc@aP]2LY+Yk2 pYy$.47`CUCN;u-d/Wr9cGyp Rm+xj *jU: :ceZr8ʚ)X 7;M;W vʚ/vZhQ3EjMҘ Fqڴ. U`,) ^[B$KG6 Fx>-M;l+-ٟ)YaN1mKϥX,hAϥb|yt$o|qZ/*{wnp bUS+ YTf8U 4'nh',oDMu'ږwo9M 9a=*`ɡIΚ^dw'>!%[ ZaׅV9 :t9?@Iixx@i-3N- +I/(F ,3Қ354n"*[%C#t[ѫ߸&74F$ H'=MԴN+eS<UOi$~P_Kx6MChh[Nqvin~ZwQP-(͟^Q-$<怊9",Lt7+G|})6![Kwo\wJF{y/θ6Kvz˛/Fm&I` yZcCr{W8d`ogd tZƾqA:7yQ{kInPn nPxZ&ǀ9 2L~*9|phߘϟR\]~F%#py޲+(hG. ^̰1qZRtPdlA>m0[FN܊qvUVbm2㟬Fd0h14|%#Bw=8j!,(8}e>G 1ak];^8YB*[-zxnet#auZ b _QU3ʷ`NɲqJ3^x 5p-\EN):@80AцiE*n>,8p*6B~&ۇJE@U)[;K_e2@,2ύBP(8#NLeΐDCxuR6+/AJED(Y,U%xuJvf6@]vAhnzXY- b8vihin읔Y v}_D2U7JK#vݾ*:sJ{t!fvqoV4?'"4{ %5>?7!mYժ=1u( Pgm ZŁHY*mlqĎz~Nc&K j:E,@G$->AWi89D:ǻ|*(A*ՙʥ{%ăx?a傘5~a,9,ؿtJG\<~E;:>e鿫TOCQ֎Y\ZP@k9೘ Ҫ=*/SB/,sV ̟Wk{~ʼ!<4 $_c Tr:&MRi|vlkgl.o:+pX9PD#'L_ YHhB\0}_`>tf-,4Ql,e`rYa?e'~t<#+M9} h6mKl8UH ƫ8N3\ҫRGe1&mzv3@Nv[)y2ѡ cn s`em;jL*Q䎗՞hc:9Z/ǹXi`1K=lۂvQ=`o E(Y<^2öEEfsG[U/U[^,yC/&~|1pvw2 HI692 u$(۝Y\̸.-MDw[^䋇?7( ="8Md*_<W#h$8q#< "Z[+_a]r8;U76$|#T} LbovkN),6??yJl)ث~›|yfh=ճ߭dLaXɬdw>?˛ }ֵd5OEEJVn:W +ʺ*32Ej Q\¸Z'_erQᚁ$ wϽ&]=~[>U*s!X=ƔŤ~\`SkQ'R񫈊zr3_$c~IAyCO!20F SgBJ9.Gàhޝ|yi71Dx6̐SG `#H9e_VU\m&G!o L!dfkijxCc*GcV#InVr(mF/IeDIA]h%R#s>KyAЮ /b؟oz % ⋠;U] (F7eUViy3J,T3L!% %{PuCP))(.v|%59P28EͲPϺǩ \}MZ`1PE('R\PJP?X͞=H )ʘeG#X/5y/3?Ľk8[tu<=Ě@bEC}H3V-@aɏ@YM.+ysx?',ļb] OKUD&nW) \"O|.+pJ%~%\#Hqd Ydlְ%\ȴsA?|F|[C7:;UӼ6+xe$wk\Y뗳vX%ˮ) YQj &KK/ݜ^ep0Wjw&A=Ϳr{ YxT>ݪ1 ͆g}bOzgDB kN;K6mR1]@)f;Hs'pg4IhNܦf\hNxxu?IҽUG}k\>DŽ|[{v&m_ÝCFOѼZs6P`)8fɷlpJ)` фA#Rh:_F=d^㔻oQ`OPQ7@jƹ2mnYJϳo_(ljTqzlا}TSO>*Kfu9WX `-RTwioNd1XaYH6C1+u9wـՃ "eڨ~H ڒ"7Vc> ~xk>w_pFj 26c9|m^86h%TjPS*N $81xE y~1{xTE./gz:,Hx8Jafѧr\elSYK lUR0F%Ÿ4H3o EP8|53Dg;Jr*Ѐ'E䂱J3R-3 BIB}?)w3Qol-xtd}|vG"'؛2յg1rtcsq N.l1ž< Y;sLkb <0cyxܦx75^,Y*q)æXB'bD^LIw}ôNi]u\uW0|G"3_Sկc7M'?q`0;,)^I#?=X--**%poSa22XsG-ֆ 7A*OrUJeY~PQg?K?^gz0'#D]-?̒k7+x5t$~L$gRF$ }Zȉz$B\H#{ mW, t-bJbX L/tf%;D - 5ң>-ib~-Wq0s*ˡu-~ 'g=;-aDBb8eUC|'ф6ܛ/!Ip{ȣ]RBC"GWhݛʧ5a 72I>۳T=Wk_|ÒR =s+LvqL?ĪsKmޠeECȅ2TNlR1oZC 3` \[*Pb.j:;* jF!!08XOIKCzW b({*.cRպ3^8^18 Ci΅{e)mArv({ { ܬ'^6!"`PBp9rҶYl%:tli-O|ǁjY:S "Ѽץ l@"Q/>ڽVA>QD<9P~Q'مʯHB:Y`ze6g0^Ta?q~]\WOQDcņ(+g_h T)<[gXո veGoN؜gUN E s1$]DZ,n>*&c̓CJaټ,^* hO_J 9/[׎lsY8ǫbn]qUl2Y\YA&k] >sgm0taGѧ=/R`5r&${3*Z5qEIؽm|-exu;3(=}Px=Նbr >=yFwYsL(Qu+(mI{OROy2>v5|I[ǯr$!fxϸ}}&@ + W ]ė㡬^%5M@u-[хX1a(:!ɈUޘo`M0E6̔ @h5h#*)6TZI0azůdb,0/ܪ5GZ ` UX@S%g6ؗakc1'=֕5JsS OJpѶndn Y+e5ܵ]W$4$l@ܜFB؃? ҧ_-1KCF)Sj!x靔HbTT3՝rHld/.t<פGl.aR&gѧ¢J~3aM QGg q0VR7Z^?+|w2 XmRXG"ʲ,ѷ&[J[e'؋:k,b2,2W?yRďK;sr~V͍>Ճ~?Ȼute#I&)t, 0Z;!:ݹdC ݚ6?kRv|;HGt+'_ep/kw+zSRzFIuU]bZ0M>lC7MPn[ cB.Y Mwsx;$.#w<>ɇLAOgM]&,@0ƫ=p^ "ʞ,(Xf.͔xY1! );dR$4#VTbnJf[-5nBx [9@dvkHB<"VS?zO V$pAY[El1PP腌LJl6(E Jv,MCR~Euy 9z{P!$.̮%Ĝ^ h֕͟͢U|H:Юƍ%dFe 7k(Z!b}j='s= :@ ,.)7:3K7Jɴ.&R/(o,E= ƃ=kϝd?Mwwҡő R)K#@b8tηC}KC3f?sq- Tb-ft% 8vC E# l̈́f/ñq"rhA6rtQSxtLUM G-`hì(N9Ŵ!j;@dD1 -u5neGAa^F嶂Gj렲`f!C k43,NGj{Ly]1h"@{ŐV<6BSAYNҺA,?~.4}EK.ChXFB[<u(` DaFIv!?{|DBEP:8w()8C,fHkPd.Î)-ݘ?/K/Kn)Iw7mDbZ$O~`Z3i\<xS?h$[nBs'oeO"^#Lt 6쌏C:^Mfт̺8c׳^zS,9IK5ҌS AINgsA&!N9Ǟ^+2>ۊےv([ʒz]>ح *ڤ<@Y&eK}GiRI~WCqYL(TƶsˢfWݶBlZUXR&P7G#pnod ZٺrfVV_x+.CwkoMXhkv8Z}VfoЁ!rILv@qpKQ>R HIF? tBZcs}b⾦qRW/;~'N{.p(gn sEiWYA, &OcEP%ΎJ>=]7Ʋ:I}".;öR2b;bmLQhNEӘV(5ρIΖTp;HԮvjuTa80PHS^hJ]<+[1z7CI"s__pnȾl9ғSce$[1B 6X G2θ$(1u{$ʃ VOh*qXځv9b[zNE;b#, I1xz|cӉmr#7r]Z>:}>y b!coR! !;I0'VX:-5v)HkdpKfk̻tK8ek`zFh|/*"cE!jr+z̷.56)* LvPɓ(ȿuITNK^DgqwQc/G3OdQC[5V{3܎cܳ|._oIE J:Jg˓8X{L).:dI@8{X޹%j*;QjĤb~'dfd5ȃ.^LWm!(R9CxQ*d]ma!  _)N0bȥ㍈_no'YT_:>CK/^g2,qv97ļx6Q{]*5I;>fvW9ë~&5;we586 DF c/ 6}YopCȡseawZK }L0jc)]g6ݱ\O)ycX>H19(T@s?}>%A۵jbt]`F%sxмo0v9+h_z,fK1-"'%Zҧ wqExy)$ Ե#5CςWBX} \F.#3)L.8=', E9g尛K!߈*?h,R(LƘՏ4~=؞&)؎,uZkq]Γ%r$M.kRAzAv7zشjYNi\@ VE6E[Hww [{o($g2Ǝ*֟m-H],m#}\Y\5l8*h\ɼt9d{ksS|'^"u`2FȤ{4 OBa\Qp$2Bߜ?H8`,hX9qݵ`%i:sVU ctwgh".+ ?8G˧qԻ8'2l7g򰶌'Boj>Md+?<X#[ Iei}q%WzsC8=[h WIH~t<\m!!QR/IJG "WuݭtRSn&;дqؗQ5 R*V8>a kGA`cFb2NJi%"oڞb(o.6GE{#j(M2658,"j@/j7)gZy_5`ư1EYyN쩀{%%|f9c+pd-l8J B` TJq-~?+!1ȦJl hұ8-T˄bb+&wzJa#Un+4RQ_},Bגb4lC$Ǽs]"5SPQ"-nEzd^3\G,V{HVWew3.ѣ7dEe(b#˼nQ)[E%pFmu\aWTCԳIcT;fd镬l"W@`.h'W%pPʻ)ctZQ4 ू,̟R ԍp tӮ[Dsi(k_TN%)LB+~aGkLsRYm;`{SZmvʰ7%3Z(K 餔NZ;Vds[ Q>xœzsbnN j7s 83G̃WxH8w1<1n,:h\fD>L%[ %*gH PN9;yNDzwh Caށ{0@'pneFUA:5vW-K!|5{tfP%oV"mUв+iP!ﲗՃ nds6Nydu~F=h#uTq#ԗ9 s~*-QO3ܓ8JR9Cz ZC5*hܸ_k}>i<:J5*'C";)$d]:t'^=ĺ((>~n~M=[)ML1i7^ $@en &܉beaP[_HLq|1lx#ȏ5Τe_Z.Ծ*){ʭ*, -)o..~G\%$n7N{!hemL>PW}LN$SŦI=ɓ`9QMq<سlrU/ϴx*#6\<*q["M8rfk2 }?-r@[1Q#_o/lVƃD2|> u{kTӬAQ γg A[gi.+y$T~/qG .}0wm'q"\k,ٲ}!o &J` WM"b wA[{YYMg 3bzx F=Kj-l ʟ☻ר?vl7QY+ { w~:N.Hf["D[ }o^ٳG GWQ1#v=gB&^՞ZPV@,(3ٌ~ By&0B;3[DDJ?X h]iM':X߲)X\99֞Gp}fG|CcFP^EgmXMel'H)iM2?7Vq? v? n}$[5M0ią{َ*@|Dvwxi؍kC^W gPAsy_*#kSfR> &vs~E2'V8BJ(FyU4Z%9c"tn!h3GnI:/e*Δ*9*O$G:#K`,}y:-%Eőg` ]xD Cl!Ԁ>Uù|z t[J >wM0S,VZrYk{,ћ=$@}C(//tʁSest^?L:sl !j0fӺBDþS ҰEcW=!q }wR[sʆOeYE!@n E Sϗ=$k/۳qg C|w,'cVZ-"}UbnD ؞[Zx%я»:o}Tx_KT|ct]35JŴ!ku.CL3 ݣfy3VڅL3d(~9oI}P ~)mm\7ײ|M`q$]3'3KScȒyN2dxxA\6"gzh;m,3qjx#0xfV;sշ,< &9Vn- 9֎Ssv2w/.-dOH1JhR|CEv(:|8,y3SZ`$}Zle8ߝX{%| ֻ5A}]li͢Xެ '/os.2'hmegjS $7~R1 cT^91Y^$O{~̜u@ TdmbqϱRX[$+C$Z RU !N#^ b-.wl4lbWSԃ،Gm]!38ɐ]#ɇł&opH~hS5Qұp˻YL!pSrg EX1^ZQ̞ZAR,&&uGHAh:6yЈW^ X)>Rm3f{&}3wjMOW{K>ӊϸ3E*H1.&&?']-wjmm'e^y N`)>O }'}z.b]繃bqC Be?ܥl({~!x%˫7~Ͳ. ~-/;hA|}qi=NEF8; ;.GzoY-wGI]_QR zUM(R62%V[%j--ԂyW)Aq*8|SKvw͠@ǫ?Qq&1E/L=z(wk$ Wq1Yŷyet6~`}} Z+<ƅD<ӌnt`UDB䐭^>4> jb+Xea $ZFܧfF+/T:.rKƫ7jʳ.ͫ=%Ŭ!}ow\-ǖ6O@+űamg%+ <Xymy]yL=ꀗ>9`䋄Zո5QwCpeZC-!;D>S ZqPWmG=PR%i>IA<DXi= 9 `oytY+#dyXs8^GtG]^]s1}G9`]wj-I!>EUoX{Ho/ɰPU;ɶ^ WxN0CԎ7"͕ ቗smVhW[7<)KpDb:͸ItaZw5*-*>c Mf{s~xt2_RADvEΖ﹫ũ|ˌEZ~"|TүӐF-9kد 0ѥ KLsKCkڷ4Z1w^F(\iVZfnR{s|VB[G1+R^XH e.R'qhGx})F[qq[zM+@km"Y##6X]]m&6TݛV"vKyQ5AT r֩u;ڸ~lGk`. o]SCk ӧ9$?oU.W[xwqۘ ܮM_QAⰇ |U'>E]k٥[] 'S L ZT#Dc[8X/p o%%G*Cc2Qk8(O.umQXkv"tlI6McRS$!Qs,]UÎ^T.bAƜmԟJpmjArZ -I%=zǁoY@A0Qx{<:,Hm< D_N:MtɄt%s3`vO1|Hnmt[$=elSLsZu#G( >1+Q#j*d%2 )F2,цeWxbyqeXZ4"'!'{2p_ ݎr dPNh&]x\ȨcF7i 2Ȁ~8vĜľ 0x[z\6(duuMj^kӲk%@iEpylY}2me\ci:Fl20h *btn}uBxDv*=HyJ9+fKXQcjӎDX3BimD",R}yaX]PMTXYD̳5Bb̉wGNRn~Y0z˞DC$J>fMnXb?l菦ZpSйH1)ö0qS0$"Xt4 w4uƳu1'~9I(r%] 8Z.e 'ct3v} oMw,Lq;$DܔoHV.(>UݣJxNO27.ID~.8j)AEyBtlHR !e?,&q:v\49y#+e9fvMfæMz>+]gE(G0-ųxΧ`xĹ7VX٪y *k)DDjCxpu@`1p; P^^)l_o1~667łx'H,NR[C.+ڹF̈́՚zG[S3|^*=o{JLaeܞ@ٱġ!dK&+MOee}zs_XyOD$\ R M/z+{cGόΐR̾y .Y~Hۮ5Ot1&bƄDowOfСIr$qds~f Pב i`)w#Um+-Sb84-鷚!pgj$?NU`^ӼXjӇ>tL47o4!`WAX* T2ve{1Itk8/,RHU>22u*CL3(lt&.pwáK NY 8bXJwCnN>BО8J؟M^.pY=KtNQ쳺Iԡo%x谆Yaq7< |4V[9-Qe /C! f-ΪWҡǒWτ@n;b?i-txL6r1X}R⑮ <>-H >VpNd<_Vb^t^:6|1؜"U O/‘IL9?f:l,-5VEn̹^ҘJC (bW}4f5|9n S]ʹ,e*z&Z޾!2dyjxU'\8R'J9=8KP/3H yyu8FQ f_4oe Y'96٥Ԇ ˿g4bo'DQH.AD}ȉ+mHD ?'ceI,GNCK?o)AN !]Ixk>|ײ %"p }%~X&[*=2V(LZ *}+bz %'fkiA _ -`m ` QR%~uOc4?mTAt|*wz(j.qwZz0_,6k]J(( B ǐ}? ʁz_3WO)g\7voN6*z@&@dDb Q}<p:Z cɑЭS*5ά-t@qm 2ߘi37Z4xdkR&݀`썸jb/D `łDɿDzLibȚ? D6EWZ{ו-w5h #ۉSn=>~i[FzF=Jv;.EU]nՄϔf^/Q>r國S n('8 T.1\+eRuCVfAM \8g7v}aߴ(3Q턞4!ο|֩# f٦kwr?P88T2.`i cXp'K{"{B^x`Nki!R Ԏa] nU m9`8Si}ވ{(*lդ 189 (q׊8a5&!BR̻<҇$L5H$ ¶Ob|0FXCSx}+g5F"< kwP,-j09AӮ hd$̭\Qh(榮]9tZfA}frWu2WgT|U$x{g,c-^m]3Rx_!Ca^䟋z]&c5yAi tqHTڭ|) >ZYm+)ܦAaao}؎ߦ&܄/{!niӓpm'2@:a2DUe+QϵUw~\ uZx]VSm؉}Y8K Ԧ5muN5Qۃ؍8E+WH&f󐰣E4SD0iG*`@5 D0=Ax'iU )[mѕ+2p܉u%kCmw VPG/i_w-u&rݰ~؝>+nXa zQ%&B>Z!?|b%z [}⦦(yu]Gv![-ڄo]C_Q#j.ܰရ ,9sS=-$qӰ->M jȱOeP|I%DGaFoFPNس!y723. C!'Keg^r`ʖGf"RLu!"N@VoWS43o&PWC}t(=  /Mߍr %G&ӗtj bWO[G骯u;wχ˽vGQc̯)Y$n'G@:0&YHl)O|gf١7@ wq9]N ? )\ ZUS |AQhҔ=,{II<] @0 {P׼8fDq΀9qXQ!mByC1[G_$3UgUXzL@)z[Zl1 {i@H'_ěd\\ bFL$(Eci.:ŸD< c}<x)m Ν7Dӯv)[sh ^☰3b})շɛB5Սh 6lN~4FxN/;P<+ Iq<-p랯&r|^LºnV-EcXm BLh|;z`A&e=8rY"'pY3U_$̲|_D]2Q]2Ƞ|E"44A#F<s]_8#2?Q%!*r3BhJdMC 5p`Hk(]2g'N|[WYSWeBf26" PMpfk|O,THώ@#-tبX8~S>`%lЋ^ ԗOr頄8v8.;;ekSQȦ^.,m%G;%l> ߯>X`!OMP蔞[nN=aI! d1v:}^B$6Mipyn{YyM<֢rZWoapxV$9=2!$IE u6%vm!-^G֡5[-[tMfҔQ f$ ʤoL & 1 yk?LfD5Ԇk k23/i:3W(7Y49S=m8kLށLxuV& < p6!8]=qEN~Klsw.cDS7HIx)` *o\;3%Ѡ%:E4dɼ1B']G2"ݟʛWrTd$i$㕫ߕ`mUXD OZsSi33v;@VN{˭0?xUfZ R陁 fBқ lnH&ԐXyʲcRݩH.@r`r mk,~'Ab /PVy'v*KG+}Def/cBj;",=JYaQv*b,n C *> ^jT/]ަ]k{)&`Hzyvt_.?l6)Z{Lifةj)y䀕h!A Nt6ƃ?2\9M _ .?A#G[%Ä9JM H1)#/Ȓ@Q2_>9Q6 QDET+zD0 >kXҼZ8LRLS_:eԪ{H Lprؖ䳱X2UWilfux;o|xϬJ'"?x#6. 30|h30$+Հ p7TDzs{aN>_o5ރHWii2, "C(Ӷ(hX$ܝYqp7]ɲmzlJFn| "|e$m9 :$`Ff<ܾ9ovo6kĤ .|U 䃇${d@fy ?c5~_\݂Tj NdAGtf K Q:0"uuV?HKRȲo/d 7i(fDU(nM1b`g]@/%ek ̪'|xڅo-k L_i#w,w)XvHYMvՈ#v_ ܔsihVcWÎuroXЎoq"y? P/pW !&?^`G> e_ן+ݩ/4)_޼b\v 8Mn OO^8Wܩ1dMwQpX#sȶ]evbB%,v j쪌2.KFy=7@:ɚP+WK, jw:镩4հj_ A)Xم4M;/ɨ~u(VUt8H|8ZfɁJt%N:8?FGeϞȫ͵! 8ofm!+Ce\ÌV[3\n7x;T}b^ 3ǑDTs'>:-n+35ڛݨ}ƇEHPU.!m{pIW lֆ2D]Vnnojl-k:CR}y* 7gl#nT *A[6yDkֻ;, LRMlIHۆ#.: gHlC/wS1ԻaG!R7:SnTA]^Bb_r.'RP`fXɛ6GE;[9HYbG5m_)HS $uRП I]T}md4&L~-&.7cYU15r1|rƯoԚb@ [t!7GHd K.PW,?oQÄev[X n&JN0ު?_:h╩>EU,6 EC)ii.H/z`oo*l0;I~8L5t PJW U}@9"#%2])OlnѥA'.}/Lg%yfe^sYҙU OiֳB0Dj4l#EX]o/ \x]P*. {!L-SHn񝬵pKsŚC2%lc!ڄ_qEH+ Nx ׿Er"fpdOik}†6 pN| YZ