polkit-0.116-150200.3.12.1<>,|Derlp9|'nynJ>QR  1]#HHSfӧ|-Ќ>_)ftҙ3 -c$;Ik|~ WNji]?&Iu!Tې ͶmK3}.S940f$4'YP5IQr'I_K6,/ch:ău,3pQ>m/Ws>ޟNL?Ld   ?"4 J[  .. . \. . . ...}.X''!'("7"8"9#:$=8>8?8@8C8F8G9.H9.I:t.X:Y:\;.];.^>#bA}cB&dBeBfBlBuB.vC|wI.xJh.yK BzL(L8L<LDLHLLLTLXL\LbLCpolkit0.116150200.3.12.1PolicyKit Authorization FrameworkPolicyKit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes.erls390zl33SUSE Linux Enterprise 15SUSE LLC LGPL-2.1-or-laterhttps://www.suse.com/System/Librarieshttp://www.freedesktop.org/wiki/Software/polkit/linuxs390xgetent group polkitd > /dev/null || groupadd -r polkitd getent passwd polkitd > /dev/null || useradd -r -g polkitd -d /var/lib/polkit -s /sbin/nologin -c "User for polkitd" polkitd if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : for service in polkit.service ; do sysv_service=${service%.*} if [ ! -e /usr/lib/systemd/system/$service ] && [ ! -e /etc/init.d/$sysv_service ]; then mkdir -p /run/systemd/rpm/needs-preset touch /run/systemd/rpm/needs-preset/$service elif [ -e /etc/init.d/$sysv_service ] && [ ! -e /var/lib/systemd/migrated/$sysv_service ]; then /usr/sbin/systemd-sysv-convert --save $sysv_service || : mkdir -p /run/systemd/rpm/needs-sysv-convert touch /run/systemd/rpm/needs-sysv-convert/$service fi done fi exit 0 if [ -x /usr/bin/chkstat ]; then /usr/bin/chkstat -n --set --system /usr/bin/pkexec fi if [ -x /usr/bin/chkstat ]; then /usr/bin/chkstat -n --set --system /usr/lib/polkit-1/polkit-agent-helper-1 fi if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$YAST_IS_RUNNING" != "instsys" ]; then /usr/bin/systemctl daemon-reload || : fi for service in polkit.service ; do sysv_service=${service%.*} if [ -e /run/systemd/rpm/needs-preset/$service ]; then /usr/bin/systemctl preset $service || : rm "/run/systemd/rpm/needs-preset/$service" || : elif [ -e /run/systemd/rpm/needs-sysv-convert/$service ]; then /usr/sbin/systemd-sysv-convert --apply $sysv_service || : rm "/run/systemd/rpm/needs-sysv-convert/$service" || : touch /var/lib/systemd/migrated/$sysv_service || : fi done fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -eq 0 -a -x /usr/bin/systemctl ]; then # Package removal, not upgrade /usr/bin/systemctl --no-reload disable polkit.service || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_STOP_ON_REMOVAL" && . /etc/sysconfig/services test "$DISABLE_STOP_ON_REMOVAL" = yes -o \ "$DISABLE_STOP_ON_REMOVAL" = 1 && exit 0 /usr/bin/systemctl stop polkit.service ) || : fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ $1 -eq 0 ]; then # Package removal for service in polkit.service ; do sysv_service="${service%.*}" rm -f "/var/lib/systemd/migrated/$sysv_service" || : done fi if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi if [ "$FIRST_ARG" -ge 1 ]; then # Package upgrade, not uninstall if [ -x /usr/bin/systemctl ]; then ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_RESTART_ON_UPDATE" && . /etc/sysconfig/services test "$DISABLE_RESTART_ON_UPDATE" = yes -o \ "$DISABLE_RESTART_ON_UPDATE" = 1 && exit 0 /usr/bin/systemctl try-restart polkit.service ) || : fi fi~A9hZXhpIH6 c+)VJihP BAA큤AA聠A큤AA큤A큤AA큤AAer^er^er^er^er^er^er^erberberberberberberber^er^er^er^erdZ.eraeraeraeraeraeraeraeraeraeraeraeraeraeraerber`er`er`er`er`er`er^er`er^er^erb28067ad27702251ba38d9794738cb81e18ce2151d26b3d103a33b4107c2f9877af4292db23ff017727a86c35067121354c63911f32caa09e0b9e42d6b4252133aea3041de2c15db8683620de8533206e50241c309eb27893605d5ead17e5e75f3bb8ace02fcafec449f7873b54c35b1d5de194084c2eb7c8665e40aacebce23257408417f081f0fa86228ae8726c47b2c17759a0e59956b139523b0fb6f53f2202d99a1e6862b4c4c3a7cd6363b8309c24889dd4a96c38a36dc03340c17be0b513c2eeb44b3ce264a53cf5497c17d28930ff4c20dc85c8c5d18c9761a6c535951668a3e38de77c4d49dba603bd1d71b9eb06eb379565bfd8a1c45648536d5719328204ff0b31d750a5b95fe01dabb50f86c12c659e7176d90945c89d50859eba6dac9df426bbaec2bd79b1e71ad2a30d01e40c0c6e1c0d94150f762c7890b8ffbaed12288339ed4b1df90f017beb8af07b56eba1b2edc4a60914880c13617af1d2e2aa973e29c75e1b492e67ea7b7da9de2d501d49a934657971fd74f9a0b0a8561b4b59f36d6e34af024d07ef8a80457559736138ec9e9e4d14f8e926c17512725f7541bf0703006687192fa4eab464b4e91797794e0fec5e705d2c66808a1a1d862c3977460da9e096a5267d4989d977f9e4eeff7781639b80a138fcb7ddbb86a99df215a09ec829e81f8b6d99e8d88950630a3fb319cf837c3d0506b17ba6a632e2e392c367b48cbc844b0ed41cc2287126dbac51fb7d1a64f40211ca0589c888d46402d2bf113d5859a57569c53ab68a179bc2fc084b36c13fb45020eecd73c95abb890de9cb72fbee8947befb6f489bac6f50dd7325a553b1c3cfda9e0c77ec4e0353f78877f22fa4575ae21fe371584a041b3e0f3b3c96042e030352e82735b902d88a25d4a74135d82696c544658237ecc659cd90560b88103eab1393d5c9b88e431a17804f869b4320fd642bd6c40230c4085c0b6949820a20e9a3c7dfdb5e050f3a7140479dfe7636813c4fd071b20d5034e8c7a83ed65e4fb1977ac6d17b84ef6c4a9e966850ec833c4bfc17e15da6131723f22fc0d38902082503a21c5947e9731f3558bbb979b7bfb65422961ef2b6108ad6177f29c6e8deb62899a0a2a2e36dca2a54c89ea06d695156b518e02b52883e93b70ba63e3768298a19529a141086b5d46de37fc95895360c379d49563d5b513323e73f0f5750436a885304c3e892e3e6e167676ecc691c6736c7116bd1157a1201495e0556f31381669a20fdc713af31cedf7272d21db31b5aa85423df8a845e4b7c8034ad697d4076a8600153d9159a0c37901560f168f01b5cac61e19dac08186a5f5e5238c1f816f452baa3077f54a5b66861913d097eb2b094e3da19f8af2426f951b4c22701d3fbc5b432d9fdf0de1499e9b29504f8f6e9d313b519d64c43af35a906bddfe09035f887c526aacec04bc44b5376dabf82c4a0f6c955ea3650eb4c416b3d7a66c3bef7b57d54d7c9cdf02ccacd53a5d630d1ffa76114cfe0bbc5889fdad5dd6drootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootpolkitdpolkitdrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootpolkitdrootpolkit-0.116-150200.3.12.1.src.rpmconfig(polkit)polkitpolkit(s390-64) !@@@@@@@@@@@@@@@@@@@@@@@@@    /bin/sh/bin/sh/bin/sh/bin/sh/bin/shconfig(polkit)dbus-1libc.so.6()(64bit)libc.so.6(GLIBC_2.2)(64bit)libc.so.6(GLIBC_2.2.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libexpat.so.1()(64bit)libgcc_s.so.1()(64bit)libgcc_s.so.1(GCC_3.0)(64bit)libgio-2.0.so.0()(64bit)libglib-2.0.so.0()(64bit)libgobject-2.0.so.0()(64bit)libmozjs-60.so()(64bit)libmozjs-60.so(js)(64bit)libpam.so.0()(64bit)libpam.so.0(LIBPAM_1.0)(64bit)libpolkit-agent-1.so.0()(64bit)libpolkit-gobject-1.so.0()(64bit)libpolkit0libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.2)(64bit)libstdc++.so.6()(64bit)libstdc++.so.6(CXXABI_1.3)(64bit)libstdc++.so.6(CXXABI_1.3.9)(64bit)libstdc++.so.6(GLIBCXX_3.4)(64bit)libsystemd.so.0()(64bit)libsystemd.so.0(LIBSYSTEMD_209)(64bit)libsystemd.so.0(LIBSYSTEMD_213)(64bit)permissionsrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)shadow0.116-150200.3.12.10.116-150200.3.12.13.0.4-14.6.0-14.0-15.2-14.14.1 /usr/bin/chkstat -n --warn --system -e /usr/bin/pkexec 1>&2 /usr/bin/chkstat -n --warn --system -e /usr/lib/polkit-1/polkit-agent-helper-1 1>&2d$(@b a@`]@]z@\t@\g\\@[v[E@ZUZ@ZY@Y?WXWV@VV@UL@T@T@jsegitz@suse.comrfrohl@suse.commeissner@suse.commeissner@suse.combjorn.lie@gmail.commeissner@suse.combjorn.lie@gmail.comdimstar@opensuse.orgmvetter@suse.commeissner@suse.combjorn.lie@gmail.commeissner@suse.combjorn.lie@gmail.comschwab@suse.dedimstar@opensuse.orgdimstar@opensuse.orglnussel@suse.defbui@suse.comfbui@suse.commeissner@suse.comantoine.belvire@laposte.nettchvatal@suse.commeissner@suse.com- Change permissions for rules folders (bsc#1209282)- CVE-2021-4115: fixed a denial of service via file descriptor leak (bsc#1195542) added CVE-2021-4115.patch- CVE-2021-4034: fixed a local privilege escalation in pkexec (bsc#1194568) added CVE-2021-4034-pkexec-fix.patch- CVE-2021-3560: fixed a local privilege escalation using polkit_system_bus_name_get_creds_sync() (bsc#1186497) CVE-2021-3560.patch- Fix usage of libexecdir instead of prefix/lib where applicable.- polkit-keyinit.patch: add pam_keyinit to the polkit configuration (bsc#1144053)- Update to version 0.116: + Leaking zombie child processes. + Possible resource leak found by static analyzer. + Output messages tuneup. + Sanity fixes. + pkttyagent tty echo disabled on SIGINT. + HACKING: add link to Code of Conduct. + polkitbackend: comment typos fix. + configure.ac: fix detection of systemd with cgroups v2. + CVE-2018-19788 High UIDs overflow fix. + CVE-2019-6133 Slowfork vulnerability fix. + Allow unset process-uid. + Port the JS authority to mozjs-60. + Use JS_EncodeStringToUTF8. + Updated translations. - Replace pkgconfig(mozjs-52) with pkgconfig(mozjs-60) BuildRequires following upstreams changes. - Drop patches fixed upstream: + polkit-fix-possible-resource-leak.patch + polkit-fix-leaking-zombie-child-processes.patch + polkit-CVE-2018-19788.patch - Refresh patches with quilt.- Use systemd_ordering instead of systemd_requires: strictly speaking, polkit does not require systemd to be present. Just that when we install on a system with systemd (e.g outside containers) we would want systemd to be present before installing polkit. Help also reduce a cycle without special hacks in systemd.spec.- bsc#1130588: Require shadow instead of old pwdutils - User proper Requires(pre)/Requires(post) for permissions and shadow- polkit-CVE-2018-19788.patch: Fixed handling of UIDs over MAX_UINT (bsc#1118277 CVE-2018-19788)- Add polkit-fix-possible-resource-leak.patch: Fix possible resource leak found by static analyzer. - Add polkit-fix-leaking-zombie-child-processes.patch: polkitd: fix zombie not reaped when js spawned process timed out (fdo#106021).- Update to version 0.115: - Fix CVE-2018-1116: Trusting client-supplied UID (bsc#1099031) - jsauthority: pass "%s" format string to remaining report function (obsoletes polkit-jsauthority-pass-format-string.patch)- Update to version 0.114: + Port to mozjs 52, the latest version of the firefox JavaScript engine. + Add gettext support for policy files. + Fixes for various memory leaks. + Updated translations. - Update keyring with Ray Strode public key. - Drop with_systemd define and all conditionals and polkit-no-systemd.patch and ConsoleKit BuildRequires, we only support systemd now. - Drop upstream fixed polkit-itstools.patch. - Rebase pkexec.patch with quilt. - Add gcc-c++ and pkgconfig(mozjs-52) BuildRequires: New dependencies. - Drop conditional pkgconfig(mozjs-17.0) and pkgconfig(mozjs185): no longer supported. - Drop autoconf and automake BuildRequires: They are implicit via libtool BuildRequires. - Replace glib2-devel and gobject-introspection-devel with their pkgconfig counterparts: pkgconfig(gio-unix-2.0), pkgconfig(gmodule-2.0) and pkgconfig(gobject-introspection-1.0). - Add polkit-jsauthority-pass-format-string.patch: jsauthority: pass "%s" format string to remaining report function, patch from upstream git, adding missed commit (bgo#105865). - Drop polkit-revert-session-magic.patch: Upstream systemd bug is since a long time fixed (gh#systemd#58) (boo#954139).- pkexec.patch: pkexec: allow --version and --help even if not setuid- Modernize spec-file by calling spec-cleaner- Add polkit-itstools.patch: Add gettext support for .policy files.- Use gettext as fallback to get potential distro translations for polkit actions. Similar mechnism as used for desktop file translations. That way it's possible to use weblate to add additional translations that are not provided by upstream (polkit-gettext.patch).- Use pkgconfig() instead of requiring systemd package names directly.- systemd.pc is shipped by systemd main package (bsc#983167) Strangely polkit wants systemd.pc to detect that the target system is running systemd even if its configured to build systemd support...- polkit-revert-session-magic.patch: revert a session detection change that could lead to sessions not being detected as active due to a systemd bug. bsc#954139- Update to 0.113: * Fix CVE-2015-4625 * Fix CVE-2015-3256 * Fix CVE-2015-3255 * Fix CVE-2015-3218 * On systemd-213 and later, the “active” state is shared across all sessions of an user, instead of being tracked separately * pkexec: when not given a program to execute, runs the users’ shell by default - Remove polkit-no-kded-leak.patch (upstreamed)- Try to fix kded leaking due to powerdevil exposing this issue in polkit: (bsc#912889) * polkit-no-kded-leak.patch- Added gpg signature and keyring with David Zeuthen and Miloslav Trmac ids./bin/sh/bin/sh/bin/sh/bin/sh/bin/shs390zl33 1702022764  !"#$%&'()*+,-.csdadehrhuiditplptsksvtrukzhzh0.116-150200.3.12.10.116-150200.3.12.10.116-150200.3.12.1  ! "dbus-1system.dorg.freedesktop.PolicyKit1.confpolkit-1polkit-1rules.d50-default.rulespkactionpkcheckpkexecpkttyagentpolkit-1polkit-agent-helper-1polkitdpolkit.servicedbus-1system-servicesorg.freedesktop.PolicyKit1.servicepolkitCOPYINGpolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopkaction.1.gzpkcheck.1.gzpkexec.1.gzpkttyagent.1.gzpolkit.8.gzpolkitd.8.gzpolkit-1actionsorg.freedesktop.policykit.policyrules.dpolkit/etc//etc/dbus-1//etc/dbus-1/system.d//etc/pam.d//etc/polkit-1//etc/polkit-1/rules.d//usr/bin//usr/lib//usr/lib/polkit-1//usr/lib/systemd/system//usr/share//usr/share/dbus-1//usr/share/dbus-1/system-services//usr/share/licenses//usr/share/licenses/polkit//usr/share/locale/cs/LC_MESSAGES//usr/share/locale/da/LC_MESSAGES//usr/share/locale/de/LC_MESSAGES//usr/share/locale/hr/LC_MESSAGES//usr/share/locale/hu/LC_MESSAGES//usr/share/locale/id/LC_MESSAGES//usr/share/locale/it/LC_MESSAGES//usr/share/locale/pl/LC_MESSAGES//usr/share/locale/pt_BR/LC_MESSAGES//usr/share/locale/sk/LC_MESSAGES//usr/share/locale/sv/LC_MESSAGES//usr/share/locale/tr/LC_MESSAGES//usr/share/locale/uk/LC_MESSAGES//usr/share/locale/zh_CN/LC_MESSAGES//usr/share/locale/zh_TW/LC_MESSAGES//usr/share/man/man1//usr/share/man/man8//usr/share/polkit-1//usr/share/polkit-1/actions//var/lib/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:31767/SUSE_SLE-15-SP2_Update/2e03c4d362f8d370476985f1f4c3e35f-polkit.SUSE_SLE-15-SP2_Updatedrpmxz5s390x-suse-linux directoryXML 1.0 document, ASCII textASCII textELF 64-bit MSB shared object, IBM S/390, version 1 (SYSV), dynamically linked, interpreter /lib/ld64.so.1, BuildID[sha1]=8f322f5ba6d6b5ab2794b1fbd93db75d62a64d2c, for GNU/Linux 3.2.0, strippedELF 64-bit MSB shared object, IBM S/390, version 1 (SYSV), dynamically linked, interpreter /lib/ld64.so.1, BuildID[sha1]=f7aade26708a67df33059f484545f1223112e900, for GNU/Linux 3.2.0, strippedsetuid ELF 64-bit MSB shared object, IBM S/390, version 1 (SYSV), dynamically linked, interpreter /lib/ld64.so.1, BuildID[sha1]=64003e0444423460e349541371f4d669bf8881ec, for GNU/Linux 3.2.0, strippedELF 64-bit MSB shared object, IBM S/390, version 1 (SYSV), dynamically linked, interpreter /lib/ld64.so.1, BuildID[sha1]=79c10ab1e03767d0d4f95a5611db4a0632c26b1a, for GNU/Linux 3.2.0, strippedsetuid ELF 64-bit MSB shared object, IBM S/390, version 1 (SYSV), dynamically linked, interpreter /lib/ld64.so.1, BuildID[sha1]=93a1aba24f03567cd4b4a0e712be4e34828b1b13, for GNU/Linux 3.2.0, strippedELF 64-bit MSB shared object, IBM S/390, version 1 (SYSV), dynamically linked, interpreter /lib/ld64.so.1, BuildID[sha1]=ddb76045cbfb1748c453caae0438438fbec49087, for GNU/Linux 3.2.0, strippedtroff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)troff or preprocessor input, UTF-8 Unicode text, with very long lines (gzip compressed data, max compression, from Unix)troff or preprocessor input, ASCII text, with very long lines (gzip compressed data, max compression, from Unix)XML 1.0 document, UTF-8 Unicode text#, R RRRRRRR RRRRRRRRRR RRRRRRRRRR RRRRRRRR RRRRRRRRR RR RRRRR R RRRRRRRR RRR RR[8.izzye4vsystemdsystemdutf-8c8eedfd4cf11a706bed6954694342ae551eebf0d8bc050abff4aa3b8b5b652a5? 7zXZ !t/Ku*B]"k%Q0wD8j-;+7sW繡f2W%PD7Wpppl&|}_EO8?)o{,aH<#&չ"|-qL"mȤ_aπ[*hV=;QVO%pv.؛Վ̴ѭ\(ɹYs®H6SN~gJ߁`=(%f]xtd ݱ2qT";)˫ݧ i0BXL.Dqt؄[U$B=E"+UOV8plj8HcH֍0o+?6&0'"ڻ'9y|&O5j*#qŒtRAǏ/D*u==l{ "ݨX&8gǀ[CF8 7=sJ뀤ŸeHr";}X>0Ȣ*Jv IoCJ VYk#Z1WT2H_]HԘ"jS:TV%@{;n=1 dEνժhX33ʟcz jI=DZJS hƓxEav.?܏u %ׯPU=Э[ROLWPɟ(-dk-VERn&edH#G0OTS/h1Ns4}9=U3fc'@b<;( rROݠbyQ&aA%N<&U՚!MkDVbCZݚuJ+KnLB8JmumL8 UʂUtyCrSQ kɕUcJЗ;Q`ꇆ#S G_~Qd$^|,;BLs+rצ;m1\lPID6aYkSuUq~@ B>Dz/l+D~a?r"n4BPE[–T+" ğK**su /)Dڠ4]=d'SӎO1e4,h|XDܼ,/s! a֟zgI] ~s77֣Wf~@"͢dZ(9e+sP%':n2HLN Z >VNeQ ԧ 5u\]S@|5Qt-{1>s֚SeyW3y̑aaEW i5yalR.tZ*Tz+ QQ;<&TDuu`ks0K604tqL FH{}V߽<+f6ºmԻqh@!a|,Wfz%n4 ]~e|mT];TwZd8HIZЈC#AkE|E mAlA`K{p&qM ^.ZD0˻pqMtpS_uk*kv)gg%:,䛇Ji"``{ KF0{gO eYU.cFg_ncf3l:<&M-U&񰂗>A&fILbZTPK7)}XU\9$|6+]mC`5WG%$̸I|8讧e DAHZ~Mc5aIy\-Gg\|zRʖ5qC7k h.0A+U(NCIЇPvx7ۻI2Tw!)_9Y2!!}qQkk!áXJVϼ/3P:V)]?fաUpUu{LђEP;q=OC#q8]oTe9ߑGJ_<,:2#sԝF>GnBp hi?l-5ozu+^UŖa9^fc=avu*l]y<Ueٓ- %=0@ *T¼g$DvGp|д^>+H?cBd*%Cn=qkލtIlLn(a4Yw5JKLI$:pU"c *v6Qk^r\E f+{gS ]N@ qd iM_= Έ[ (L^K// [4bu8t>/}3Tޫ$akA{I$Ec +\խka^!#||h2cͲށ$GUe}^Q/Ma,վ nak(UucޖOhpLF/K`^2яh fiw#?t2f42ob~0\ NK6@P?+C#Y Ȓ`?c^`> -^fǩs_3{(3Ѷ*oNR5 + +-md%.TM. ƫާ#ŸjNl#TzjoD3ZN%wֳIq*:~#хRbkk @(% Inj:. rxk ܕTobf=@  n9#g#Y:ʮ7F.Z˙ϴ?ӣ_" seAAշel3XyƳ寇\ g(yOА̋cU *# _/I#o<'8Iÿk}Hc8&MŪ{wX("pq<l\!3 rpjm.X-+IfE>3%doG\l~6?]XpV6[:M{ka'e<~֔c9osn檵lLq%wlg67iDPvV+ ǮfBf:-үP"naY <  $DƞC3YFw A`n"h{V~}o7&DtL<;J]}| 6/*'YrIC,B2IPNJG4O*|,жGhI̡$=>;9䱫,4Zec÷z{4/vc^K:Ќ\?9bBCxxYOm84UyF376%杻!v>(?|{_Rw' d'JR`@T~~RF3# g&'Xkcջ߳UFdEWhf;V*~_.9~(`v $'!}{,u"jJǍIr3mׯ Dg!q`PZpHjiE1p@Iz^AP2`,o@;kH[BB>М'|BxRE(I!9/@^ÿ`Z_!wPaT}ZH!$؃Xt5$ij$ ݂{"l{ ʿaZ!Ml(lч}ŧYrOJ#c>GѶ/_C5[kҦ ,5nHGZXBFNaq1j=l "˟(l' ŶgLvJr#L_[Tkj\WT~A6L&!A'_6-]S6ɟق^-@͢Sw¼OMcL4}uOglP9(4,d2-*[hz`i._ 0pђnxi ,,Yy*l-x'T=* `۵ QdARҥ˹\;^ּc"Gvw1Sc wS^~4+lWʽ uF3}ԎOiGܔZ.q}%a("ō 5Iof[]ַ%O<9ʩ% ]Z/.6J*TWRl6=A0|#$斳Z$V7^OxSbʾ1J޿,d.d(ussݬVygPeg^b(/nWh C%&v;tp70Ӄ"5sZk1hh~ȶ3:G?V~JƦE[C\ =<џ,]{l=p'vjX w'GkJȴyYɷRkewq]QnO!g'TxEd,/^LfƅI̳SfZ>f(jݶ qh!PTK1unxK.ckzӶ5%0I[r|+xlj(YL3|'\ p0컲wm4$ypzw tF$(K f\*+=K\: ]LKBoϖ:4 5gVßMZaR-%L"xN=~sab/zac?}Nhԏ,wC JlzԎHۛD@YGG;gl[m2=oh}x0sp\|`H 14QrwN:6p{{7RӨ>y,Izgͱm=T@4@[ +VP\ .Q*)]p|*Y]\ yxw S3*R^*urI\Jzn#ʈ ֹ{Ke䁮yf{J BMoZ5/FP:;}/pGwM;fq;.PR*c=/P"gƭbnc{S Cs8NN1]$ݧf-YQ̪vGx DD0H;uT't?HtpVur̃lVAFb"kU Z,εݮjw]ŕ@񠧸vszilU4 jI7Lgh>ހa%=]K~+DÍ9A$x<_WP4^N'#_X&:x`ZWsPAN< CmS@.*hZ IRGY|̼VRM*"3Qaׁ PBK?V>5H4c0˭trM焮kNw"ь9n6d?f.!q-τ4;F uv\(]6Z@5oZ_otε;|-uZ9;faLvG.T 11!_9ةcOB]s@=6v[]jX Çdq,IE1H;@u`5" VW20R'zUi(1'7aN$CuW"7&+A"a9\0.Bj2>Z獨JCB_8-Q`Xv=z$oڣ쒾r#ŽŪEpb"}dB6CYʩ1v?oQbpC[eBT+m%:0It, E  Qy@yN]["0śvvIq6L N }eJPLy>8aAblCuU0$wxxe<}URcKNPIMHz~&7qcÚ]Sijv3D75A!5F%3%5u5 ZWBdCM|NF6/=lg +jW@ ة|@`l:/mtcu#O| @`:֞K*wYLcd=E GJ&%ˮ:`̿r{Ϝ5 ''/eBȽfZo֧'w9PО_ T>[ˋaZmj$ :FU$wgd7P_kL%>uĨ2F=_F|dLӼ;2HTn&4h㇭Z >H+GQ[A* )%X'2LeL_uIҬ؟uN)3f,Y89ntزG.Iճq\s]w>fr`uK~wɚc{Wf̶C\3a֟^odn0f3*׵?mɜ@[4wr<$ sA9l ƭO?K=pU˛[_@\|\ [8YDzXe/"[T%K[ї^%IQ k#o(U<,z$b2ԫm F o    Z'?Ca}\_N/KnjCB /O2`\԰o{=xFݪ4 $uK!5ẛIM"*=8e(];]"O nKWRTNU|Zh]z&U-R0^ QCd}v\3`[_Fp`D(x󻤰0.5乳>3^7S M} w72NLdfR|hM)nPbcՑÿ|{pkgpkF M-iP]iZK$/SM ʆȉge'"q|Cp{ZQn`LUz2svnVt.aOrykg"tZz>V5+e[C! ^Y^Fq/T~'m4:ILe<ݝB3iC!Y:%ݺ3bQ^RNWi҃%X7C~4Ec{bۦ2pѠ@ Q)v K>텭s穊hNɶ`s]|?/}?RxX$|Ga4܉E]gTjm;(⊩bֵ /En@12UFL g%gBwOM؂{ }&LHA9jpwOX2)Ce3*7C,9 Mhb"]ib`]AJ/vı@Nfԩ",J#߫+c͐C wF]m+&[-̕)x6S%6ѪU Vp 3 5scd i'#u8'!(~ N"WN;+EI;1͓-NO+owlBrQ$19~qSTcLJqޫ],^sR7j~Hާd;@\P`(H=|a^մ\mQdwl55/;vůr5U܊jx8R '_MtR|Ʊ`T{-q9ceAY)|R?钬hXAB'a)JGVz,=l!_snx]QEYv80OWk'{w` ud-aϨC{^ˇ&l'=Y/riΉ_=c/YV)gC " \u=9G#ӣ4|<ћ궶]@>L"ϴƌY*KHd.ǣbRs zoX^R;K-aVeZlS>PV}el$"`#hT2z