xorg-x11-server-wayland-1.20.3-150200.22.5.63.1<>,dckp9|GЇXAI:G%ϣ Ӄ^Q- {8eL(. 9X=3e,nP:A ^x:AHwo4x189fy ]hE5ƏJSxhE*P- xƻbIAGD:o2 0;?$Y2x)0MQʜЊÇ"?N|g0Զ"Z$SO ݟWy -` {:nSrEVG:-o>Ah?Xd! 2 C  '-48 : < @  ((((89 :XFGHIXY\]^!b+cd^ecfflhu|vwLxPyT"z TCxorg-x11-server-wayland1.20.3150200.22.5.63.1Xwayland XserverThis package contains the Xserver running on the Wayland Display Server.cksheep24"{HSUSE Linux Enterprise 15SUSE LLC MIThttps://www.suse.com/System/X11/Servers/XF86_4http://xorg.freedesktop.org/linuxx86_64"{Hcjf5240561fad8ea85123c3bebe24c50294f80e03f06cc44fa5114c4790fc622b2rootrootxorg-x11-server-1.20.3-150200.22.5.63.1.src.rpmxorg-x11-server-waylandxorg-x11-server-wayland(x86-64)@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@    libGL.so.1()(64bit)libXau.so.6()(64bit)libXdmcp.so.6()(64bit)libXfont2.so.2()(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.17)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.25)(64bit)libc.so.6(GLIBC_2.26)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.2)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.7)(64bit)libc.so.6(GLIBC_2.8)(64bit)libc.so.6(GLIBC_2.9)(64bit)libcrypto.so.1.1()(64bit)libcrypto.so.1.1(OPENSSL_1_1_0)(64bit)libdl.so.2()(64bit)libdl.so.2(GLIBC_2.2.5)(64bit)libdrm.so.2()(64bit)libepoxy.so.0()(64bit)libgbm.so.1()(64bit)libm.so.6()(64bit)libm.so.6(GLIBC_2.2.5)(64bit)libpixman-1.so.0()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.12)(64bit)libpthread.so.0(GLIBC_2.2.5)(64bit)libsystemd.so.0()(64bit)libsystemd.so.0(LIBSYSTEMD_209)(64bit)libwayland-client.so.0()(64bit)libxshmfence.so.1()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)xkbcompxkeyboard-config3.0.4-14.6.0-14.0-15.2-14.14.1c.cEcOby@b4t@b-b+9b!@b a@az`D`@`v@`v@`t6@`@`<@_^@_^@_@_O@_D@_*@_"@^^W@]@]m@\A\,[@[@[@[ā@[t[i[\Z[Xf@[P}@[D[:[2*[*A[@Z@ZZԐ@ZJ@Z2@ZZ Z}@ZTZ?Z/Z@Z YY@YY@Yh@Yg`Y_wY[@Y;@Y:Y6@XX @X+X@XpXXwoXN@X,J@XW@W@W@WDB@W9@W/*@W'A@W#LW @W @W @WKWW@V@Vn@V3VVm@VxVVV&@VV@V@VV@VGVVVUVA@V0V0V7@UU@U@UUzUuUn@Ui@U0U:T!TTTԬT[@T[@Tk4T`TN3sndirsch@suse.comsndirsch@suse.comsndirsch@suse.comsndirsch@suse.comsndirsch@suse.comsndirsch@suse.comsndirsch@suse.comsndirsch@suse.comtzimmermann@suse.desndirsch@suse.comsndirsch@suse.compatrik.jakobsson@suse.comyu.daike@suse.comsndirsch@suse.comyu.daike@suse.comsndirsch@suse.comsndirsch@suse.comdmueller@suse.comsndirsch@suse.comsndirsch@suse.comsndirsch@suse.comsndirsch@suse.comsndirsch@suse.comtiwai@suse.desndirsch@suse.comsndirsch@suse.comsndirsch@suse.comfcrozat@suse.comsndirsch@suse.comsndirsch@suse.commsrb@suse.comsndirsch@suse.commsrb@suse.comsndirsch@suse.comtobias.johannes.klausmann@mni.thm.demsrb@suse.comtobias.johannes.klausmann@mni.thm.dejdelvare@suse.desndirsch@suse.comtiwai@suse.defcrozat@suse.comsndirsch@suse.commsrb@suse.comsndirsch@suse.commsrb@suse.comtobias.johannes.klausmann@mni.thm.demsrb@suse.commsrb@suse.commsrb@suse.commsrb@suse.comfcrozat@suse.combwiedemann@suse.comsndirsch@suse.commwilck@suse.comtobias.johannes.klausmann@mni.thm.demsrb@suse.comrbrown@suse.commsrb@suse.comtobias.johannes.klausmann@mni.thm.detobias.johannes.klausmann@mni.thm.deilya@ilya.pp.uasndirsch@suse.comsndirsch@suse.commsrb@suse.comsndirsch@suse.comsndirsch@suse.comopensuse@dstoecker.desndirsch@suse.comtobias.johannes.klausmann@mni.thm.detobias.johannes.klausmann@mni.thm.dedenis.kondratenko@suse.comsndirsch@suse.comsndirsch@suse.comsndirsch@suse.comtobias.johannes.klausmann@mni.thm.defbui@suse.comtobias.johannes.klausmann@mni.thm.dezaitor@opensuse.orgtobias.johannes.klausmann@mni.thm.detobias.johannes.klausmann@mni.thm.demstaudt@suse.comeich@suse.comeich@suse.comeich@suse.comsndirsch@suse.comsndirsch@suse.comeich@suse.comeich@suse.comeich@suse.comeich@suse.comtobias.johannes.klausmann@mni.thm.detobias.johannes.klausmann@mni.thm.deeich@suse.comeich@suse.comtobias.johannes.klausmann@mni.thm.delbsousajr@gmail.comeich@suse.comeich@suse.comeich@suse.comeich@suse.comtobias.johannes.klausmann@mni.thm.deeich@suse.comeich@suse.comfcrozat@suse.comeich@suse.comeich@suse.comeich@suse.comhrvoje.senjan@gmail.comeich@suse.comsndirsch@suse.comsndirsch@suse.comsndirsch@suse.comeich@suse.comtiwai@suse.deeich@suse.comtobias.johannes.klausmann@mni.thm.detobias.johannes.klausmann@mni.thm.demsrb@suse.comantoine.belvire@laposte.netmsrb@suse.comeich@suse.comnormand@linux.vnet.ibm.commsrb@suse.comdimstar@opensuse.orgsndirsch@suse.comtobias.johannes.klausmann@mni.thm.deeich@suse.comtobias.johannes.klausmann@mni.thm.demsrb@suse.comsndirsch@suse.comledest@gmail.comsndirsch@suse.com- U_0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch * XkbGetKbdByName use-after-free (ZDI-CAN-19530, CVE-2022-4283, bsc#1206017)- U_0001-Xtest-disallow-GenericEvents-in-XTestSwapFakeInput.patch * Server XTestSwapFakeInput stack overflow (ZDI-CAN 19265, CVE-2022-46340, bsc#1205874) - U_0002-Xi-return-an-error-from-XI-property-changes-if-verif.patch * Xi: return an error from XI property changes if verification failed (no ZDI-CAN id, no CVE id, bsc#1205875) - U_0003-Xi-avoid-integer-truncation-in-length-check-of-ProcX.patch * Server XIChangeProperty out-of-bounds access (ZDI-CAN 19405, CVE-2022-46344, bsc#1205876) - U_0004-Xi-disallow-passive-grabs-with-a-detail-255.patch * Server XIPassiveUngrabDevice out-of-bounds access (ZDI-CAN 19381, CVE-2022-46341, bsc#1205877) - U_0005-Xext-free-the-screen-saver-resource-when-replacing-i.patch * Server ScreenSaverSetAttributes use-after-free (ZDI-CAN 19404, CVE-2022-46343, bsc#1205878) - U_0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch * Server XvdiSelectVideoNotify use-after-free (ZDI-CAN 19400, CVE-2022-46342, bsc#1205879)- U_xkb-proof-GetCountedString-against-request-length-at.patch * security update for CVE-2022-3550 (bsc#1204412) - U_xkb-fix-some-possible-memleaks-in-XkbGetKbdByName.patch * security update for CVE-2022-3551 (bsc#1204416)- U_boo1194181-001-xkb-swap-XkbSetDeviceInfo-and-XkbSetDeviceInfoCheck.patch * Out-Of-Bounds Access in CheckSetDeviceIndicators() (CVE-2022-2320, ZDI-CAN-16070, bsc#1194181) - U_boo1194179-001-xkb-rename-xkb_h-to-xkb-procs_h.patch, U_boo1194179-002-xkb-add-request-length-validation-for-XkbSetGeometry.patch * Out-Of-Bounds Access in _CheckSetSections() (CVE-2022-2319, ZDI-CAN-16062, bsc#1194179)- U_glamor-Make-pixmap-exportable-from-gbm_bo_from_pixma.patch * avoid consequently failing page flip (boo#1197269)- u_sync-pci-ids-with-Mesa-20.2.4.patch * sync pci ids with Mesa 20.2.4 (related to boo#1197046)- U_0002-DRI2-Add-another-Coffeelake-PCI-ID.patch U_0003-dri2-Sync-i965_pci_ids.h-from-mesa.patch U_0004-dri2-Set-fallback-driver-names-for-Intel-and-AMD-chi.patch U_0005-dri2-Sync-i965_pci_ids.h-from-mesa-iris_pci_ids.h.patch * sync GL driver PCI IDs with Mesa (boo#1197045)- U_xfree86-Fix-NULL-pointer-dereference-crash.patch * Fix a regression in u_xfree86-Change-displays-array-to-pointers-array-to-f.patch (boo#1196577) * Credits go to Simon Lees (sflees@suse.de) for finding the fix! - renamed u_xfree86-Change-displays-array-to-pointers-array-to-f.patch to U_xfree86-Change-displays-array-to-pointers-array-to-f.patch since it's a backport from an upstream patch- u_xfree86-Change-displays-array-to-pointers-array-to-f.patch Fix segmentation fault during terminal switches with multiple attached displays (bsc#1188970)- U_xfixes-Fix-out-of-bounds-access-in-ProcXFixesCreateP.patch * CVE-2021-4009/ZDI-CAN-14950 (bsc#1190487) The handler for the CreatePointerBarrier request of the XFixes extension does not properly validate the request length leading to out of bounds memory write. - U_Xext-Fix-out-of-bounds-access-in-SProcScreenSaverSus.patch * CVE-2021-4010/ZDI-CAN-14951 (bsc#1190488) The handler for the Suspend request of the Screen Saver extension does not properly validate the request length leading to out of bounds memory write. - U_record-Fix-out-of-bounds-access-in-SwapCreateRegiste.patch * CVE-2021-4011/ZDI-CAN-14952 (bsc#1190489) The handlers for the RecordCreateContext and RecordRegisterClients requests of the Record extension do not properly validate the request length leading to out of bounds memory write.- U_rendercompositeglyphs.patch * X.Org Server SProcRenderCompositeGlyphs Out-Of-Bounds Access Privilege Escalation Vulnerability [CVE-2021-4008, ZDI-CAN-14192] (boo#1193030)- u_modesetting-Fix-dirty-updates-for-sw-rotation.patch * Fixes broken rotation support for DRM drivers without hardware rotation support or direct vram access (bsc#1182955)- U_xwayland-glamor-gbm-Handle-DRM_FORMAT_MOD_INVALID-gracefully.patch * xwayland: Fix invisible window produced by Xwayland (boo#1186092, boo#1184906)- U_build-glx-Lower-gl-version-to-work-with-libglvnd.patch, U_meson-Fix-another-reference-to-gl-9.2.0.patch * fix build on sle15-sp3 with updated libglvnd/Mesa and their new pkgconfig files (https://gitlab.freedesktop.org/xorg/xserver/-/issues/893)- U_xwayland-Do-not-crash-if-gbm_bo_create-fails.patch * xwayland: Do not crash if gbm_bo_create() fails (boo#1184072) (boo#1184543)- U_Fix-XChangeFeedbackControl-request-underflow.patch * Fix XChangeFeedbackControl() request underflow (CVE-2021-3472, ZDI-CAN-1259, bsc#1180128)- U_modesetting-Fix-broken-manpage-in-autoconf-build.patch * modesetting: Fix broken manpage in autoconf build (boo#1182510)- add U_hw_do-not-include-sys-io-with-glibc.patch (bsc#1182884)- u_xkb-CVE-2020-14360.patch * Avoid out of bounds memory accesses on too short request (ZDI-CAN-11572/CVE-2020-14360, bsc#1174908)- update U_xkbsetdeviceinfo.patch * fixed broken patch (bsc#1177596, comment#18, ZDI-CAN-11839/CVE-2020-25712)- U_xkbsetdeviceinfo.patch (bsc#1177596, ZDI-CAN-11839/CVE-2020-25712) * fix for Heap-based Buffer Overflow Privilege Escalation Vulnerability- U_present-wnmd-Fix-use-after-free-on-CRTC-removal.patch * fix crash in XWayland when undocking laptop (bsc#1176015) - U_present-wnmd-Relax-assertion-on-CRTC-on-abort_vblank.patch * fix for Xwayland abort in Present code (bsc#1176015) - U_xwayland-Avoid-a-crash-on-pointer-enter-with-a-grab.patch, U_xwayland-Check-status-in-GBM-pixmap-creation.patch, U_xwayland-Do-not-free-a-NULL-GBM-bo.patch, U_xwayland-Update-screen-pixmap-on-output-resize.patch * various xwayland crashes fixes from 1.20 branch (bsc#1176015)- U_0003-Fix-XkbSelectEvents-integer-underflow.patch * Fix XkbSelectEvents() integer underflow [CVE-2020-14361 / ZDI-CAN 11573, boo#1174910] - U_0004-Fix-XRecordRegisterClients-Integer-underflow.patch * Fix XRecordRegisterClients() Integer underflow [CVE-2020-14362 / ZDI-CAN-11574, boo#1174913]- u_xkb-CVE-2020-14345.patch: * Fix XKB out-of-bounds access privilege escalation vulnerability (CVE-2020-14345, bsc#1174635, ZDI-CAN-11428) - u_xichangehierarchy-CVE-2020-14346.patch: * Fix XIChangeHierarchy integer underflow privilege escalation vulnerability (CVE-2020-14346, bsc#1174638, ZDI-CAN-11429)- U_FixForZDI-11426.patch * Leak of uninitialized heap memory form the X server to clients on pixmap allocation (ZDI-CAN-11426, CVE-2020-14347, bsc#1174633)- provide/obsoletes cirrus and ast usermode driver also on openSUSE (jsc#SLE-12127)- specfile: reenabled XFree86-VidModeExtension (boo#1164020)- Build XWayland also on s390.- added patches required for NVIDIA's PRIME render offload support, which is available since release 435.xx (jira#SLE-8470) 0001-xsync-Add-resource-inside-of-SyncCreate-export-SyncC.patch, 0002-GLX-Add-a-per-client-vendor-mapping.patch, 0003-GLX-Use-the-sending-client-for-looking-up-XID-s.patch, 0004-GLX-Add-a-function-to-change-a-clients-vendor-list.patch, 0005-GLX-Set-GlxServerExports-major-minor-Version.patch- provide/obsolete no longer existing xf86-video-ast, xf86-video-cirrus on sle15 (bsc#1120282)- u_xfree86-Do-not-claim-pci-slots-if-fb-slot-is-already.patch * X server does not support mixing fbdev with other drivers, so claiming pci slots when a fb slot is already claimed only leads to quiting with fatal error. (bsc#1119431)- xorg-server 1.20.3 (see changelog below) superseded the following patch we used in sle15 before (bsc#1112020, CVE-2018-14665): - U_Disable-logfile-and-modulepath-when-running-with-ele.patch- U_dix-window-Use-ConfigureWindow-instead-of-MoveWindow.patch * Fix abort triggered by some uses of screensaver. (bsc#1114822)- Update to version 1.20.3 * Disable -logfile and -modulepath when running with elevated privileges (bsc#1112020) * LogFilePrep: add a comment to the unsafe format string. * xfree86: fix readlink call- Update to version 1.20.2: Lots of bugfixes all over the map especially for modesetting, glamor and xwayland!- Update n_xserver-optimus-autoconfig-hack.patch to v5. * Fixes provider auto-configuration with nvidia proprietary driver. (bsc#1103816)- Update to version 1.20.1: This bugfix release fixes several issues in RANDR, Xwayland, glamor, the modesetting driver, and elsewhere. - Packaging changes: + Adapt patch N_Install-Avoid-failure-on-wrapper-installation.patch to work with the new version + Remove patch U_Xext-shm-Refuse-to-work-for-remote-clients.patch + Remove patch U_modesetting-use-drmmode_bo_import-for-rotate_fb.patch + Remove patch u_modesetting-Fix-cirrus-24bpp-breakage.patch + Remove patch U_exa-use-picturematchformat.patch- U_exa-use-picturematchformat.patch * Fix breakage of Xfce (bsc#1102979)- fixed build on s390(x)- u_modesetting-Fix-cirrus-24bpp-breakage.patch * Fix breakage of cirrus 24bpp support on modesetting driver (bsc#1101699)- Remove /var/lib/X11 and its symlink, it is no longer needed and doesn't work with transaction-updates (FATE#325524). - Move README.compiled to another location and use tmpfiles to copy it at runtime.- U_modesetting-use-drmmode_bo_import-for-rotate_fb.patch * fixes rotation in modesetting driver (regression with xorg-server 1.20.0, fdo#106715) * might also fix boo#1099812 ...- U_xkb-Fix-heap-overflow-caused-by-optimized-away-min.patch * Fix heap overflow caused by unexpected optimization, which was possible because of relying on undefined behavior. (boo#1099113)- U_Xext-shm-Refuse-to-work-for-remote-clients.patch * Avoid access to System V shared memory segment on the X server side for clients forwarded via SSH. Also prevent them from hanging while waiting for the reply from the ShmCreateSegment request. (boo#1097227)- Remove n_add-dummy-xf86DisableRandR.patch * After upgrade to 1.20.0 the API officially no longer includes xf86DisableRandR, so there is no need to add it back.- Update to version 1.20.0: New features: + RANDR 1.6, which enables leasing RANDR resources to a client for its exclusive use (e.g. head mounted displays) + Depth 30 support in glamor and the modesetting driver + A meson-based build system, parallel to autotools + Pageflipping support for PRIME output sinks + OutputClass device matching for xorg.conf + Input grab and tablet support in Xwayland - Remove upstream patches: + u_xorg-x11-server-reproducible.patch Solved slightly different + u_os-inputthread-Force-unlock-when-stopping-thread.patch + u_xfree86-add-default-modes-for-16-9-and-16-10.patch + U_xwayland-Don-t-process-cursor-warping-without-an-xwl.patch + U_xwayland-Give-up-cleanly-on-Wayland-socket-errors.patch + U_xwayland-avoid-race-condition-on-new-keymap.patch + U_xwayland-remove-dirty-window-unconditionally-on-unre.patch + U_0001-animcur-Use-fixed-size-screen-private.patch + U_0002-animcur-Return-the-next-interval-directly-from-the-t.patch + U_0003-animcur-Run-the-timer-from-the-device-not-the-screen.patch + U_0004-animcur-Fix-transitions-between-animated-cursors.patch + U_xfree86-Remove-broken-RANDR-disabling-logic-v4.patch + U_glx-Do-not-call-into-Composite-if-it-is-disabled.patch - Adapt patches to work with the new release: + N_zap_warning_xserver.diff + N_fix_fglrx_screendepth_issue.patch + n_xserver-optimus-autoconfig-hack.patch + u_Use-better-fallbacks-to-generate-cookies-if-arc4rand.patch + u_xorg-wrapper-build-Build-position-independent-code.patch- U_glx-Do-not-call-into-Composite-if-it-is-disabled.patch * Fixes crash when GLX is enabled and Composite disabled. (bnc#1079607)- n_add-dummy-xf86DisableRandR.patch * Add dummy xf86DisableRandR to fix linking with drivers that still call it. See explanation inside the patch. (bnc#1089601)- U_xfree86-Remove-broken-RANDR-disabling-logic-v4.patch * Fix crash on initialization when fbdev and modesetting are used together. (bnc#1068961) - u_randr-Do-not-crash-if-slave-screen-does-not-have-pro.patch * Fix crash when using randr when fbdev and modesetting are used together. (bnc#1068961)- Update and re-enable n_xserver-optimus-autoconfig-hack.patch. (bnc#1084411)- U_xwayland-Don-t-process-cursor-warping-without-an-xwl.patch, U_xwayland-Give-up-cleanly-on-Wayland-socket-errors.patch, U_xwayland-avoid-race-condition-on-new-keymap.patch, U_xwayland-remove-dirty-window-unconditionally-on-unre.patch: * Various crash and bug fixes in XWayland server (bgo#791383, bgo#790502).- Add u_xorg-x11-server-reproducible.patch to make build reproducible (boo#1047218)- U_0001-animcur-Use-fixed-size-screen-private.patch, U_0002-animcur-Return-the-next-interval-directly-from-the-t.patch, U_0003-animcur-Run-the-timer-from-the-device-not-the-screen.patch, U_0004-animcur-Fix-transitions-between-animated-cursors.patch * There is a bug in version 1.19 of the X.org X server that can cause an infinite recursion in the animated cursor code, which has been fixed by these patches (boo#1080312) - supersedes u_cursors-animation.patch (boo#1020061)- Added u_xfree86-add-default-modes-for-16-9-and-16-10.patch (boo#1075249) Improve user experience for users with 16:9 or 16:10 screens- Update to version 1.19.6: Another collection of fixes from master. There will likely be at east one more 1.19.x release in 2018.- Depend on pkgconfig's gl, egl and gbm instead of Mesa-devel. * Those dependencies are what xorg-x11-server really needs. Mesa-devel is too general and is a bottleneck in distribution build. (bnc#1071297)- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- u_os-inputthread-Force-unlock-when-stopping-thread.patch * Prevent dead lock if terminating while on inactive VT. (bnc#1062977)- Update to version 1.19.5: One regression fix since 1.19.4, and fixes for CVE-2017-12176 through CVE-2017-12187.- Update to version 1.19.4: A collection of stability fixes from the development branch, including two minor CVEs (CVE-2017-13721, CVE-2017-13723). - Remove upstream patches: + U_Xi-Do-not-try-to-swap-GenericEvent.patch + U_Xi-Verify-all-events-in-ProcXSendExtensionEvent.patch + U_Xi-Zero-target-buffer-in-SProcXSendExtensionEvent.patch + U_dix-Disallow-GenericEvent-in-SendEvent-request.patch - Adapt patches to work with the new release: + u_Use-better-fallbacks-to-generate-cookies-if-arc4rand.patch- u_cursors-animation.patch fix cursors animation (boo#1020061)- disable Xwayland for s390x again; it was wrong to enable it; there is no Wayland on s390x and will most likely never exist, since there is no gfx card on such systems and no gfx emulation either (bsc#1047173)- u_Use-better-fallbacks-to-generate-cookies-if-arc4rand.patch If arc4random_buf() is not available for generating cookies: * use getentropy(), if available (which was only recently added to glibc) * use getrandom() via syscall(), if available (there was no glibc wrapper for this syscall for a long time) * if all else fails, directly read from /dev/urandom as before, but employ O_CLOEXEC, do an OsAbort() in case the random data couldn't be read to avoid unsecure situations. Don't know if that's too hard a measure but it shouldn't actually occur except on maximum number of FDs reached (bsc#1025084)- U_Xi-Do-not-try-to-swap-GenericEvent.patch, U_Xi-Verify-all-events-in-ProcXSendExtensionEvent.patch, U_Xi-Zero-target-buffer-in-SProcXSendExtensionEvent.patch, U_dix-Disallow-GenericEvent-in-SendEvent-request.patch * Fix security issues in event handling. (bnc#1035283, CVE-2017-10971, CVE-2017-10972)- enable Xwayland also for s390x (bsc#1047173)- includes everything needed for additional sle issue entries: CVE-2017-2624, bnc#1025029, bnc#1025084, bnc#1025035- update build requirements- modesetting.ids: no longer hardcode Intel's Skylake, Broxton, and Kabylake IDs to modesetting driver; xf86-video-intel is no longer installed by default on these, so it will fallback to modesetting driver anyway; still you now can easily switch back to intel driver by installing xf86-video-intel package (boo#1042873)- Update to version 1.19.3: A couple more minor fixes, most notably a revert of a page-flipping change that regressed some drivers. - Remove upstreamd patches: + u_busfault_sigaction-Only-initialize-pointer-when-matched.patch- Update to version 1.19.2: A collection of stability fixes here across glamor, Xwayland, input, and Prime support. Also a security fix for CVE-2017-2624, a timing attack which can brute-force MIT-MAGIC-COOKIE authentication. - Remove upstream patches: + U_xfree86-Take-the-input-lock-for-xf86RecolorCursor.patch + U_xfree86-Take-the-input-lock-for-xf86ScreenCheckHWCursor.patch + U_xfree86-Take-the-input-lock-for-xf86TransparentCursor.patch- U_xfree86-Take-the-input-lock-for-xf86ScreenCheckHWCursor.patch * Add the missing input_lock() around the call into the driver's UseHWCursor() callback (bnc #1023845). - U_xfree86-Take-the-input-lock-for-xf86TransparentCursor.patch * The new input lock is missing for the xf86TransparentCursor() entry point (bnc #1023845).- U_xfree86-Take-the-input-lock-for-xf86RecolorCursor.patch * fixes random crashes in X in multihead mode if one of the monitors is vertically oriented (bnc #1023845)- N_driver-autoconfig.diff: No longer try to load "amdgpu" DDX by default for all GPUs with ATI vendor ID; this is now handled instead by an "OutputClass" section via kernel driver match, which has been added as config file to xf86-video-amdgpu driver package (bnc#1023385)- N_driver-autoconfig.diff: FGLRX does not support new x-server. This change fixes bad behavior(with empty config) when radeon ddx loads with amdgpu kernel module on SI and CIK cards, and x-server cannot start. Radeon ddx with radeon kernel module loads without any problem.- Update to version 1.19.1: First stable 1.19 release, including a few regression fixes.- Replace pkgconfig(libsystemd-*) with pkgconfig(libsystemd) Nowadays pkgconfig(libsystemd) replaces all libsystemd-* libs, which are obsolete.- Update to final 1.19.0- Exchange xorg-x11-fonts-core Requires for Recommends. The corefonts and cursors are not strickly required as long as one have a substitute such as Adwaita installed.- Update to version 1.18.99.901: - Remove upstream pachtes: + U_glamor-Remove-the-FBO-cache.patch + U_kdrive-fix-up-NewInputDeviceRequest-implementation.patch + U_kdrive-set-evdev-driver-for-input-devices-automatica.patch + U_ephyr-don-t-load-ephyr-input-driver-if-seat-option-i.patch + U_kdrive-don-t-let-evdev-driver-overwrite-existing-dev.patch + U_ephyr-ignore-Xorg-multiseat-command-line-options.patch + U_ephyr-enable-option-sw-cursor-by-default-in-multi-se.patch + U_kdrive-introduce-input-hot-plugging-support-for-udev.patch + U_kdrive-add-options-to-set-default-XKB-properties.patch + U_config-udev-distinguish-between-real-keyboards-and-o.patch - Disable u_os-connections-Check-for-stale-FDs.patch (not applicable anymore) - Adapt patches to work with the new release: + n_xserver-optimus-autoconfig-hack.patch (disabled for now as it causes problems) - Remove X.org stack version prefix. We are already atleast at verion 7.7. Plus we are updating individual components anyway. So the stack version is misleading.- Update to version 1.18.4: Another pile of backports from the devel branch, primarily in glamor, xwayland, and the modesetting driver. - Remove included patches: + u_x86emu-include-order.patch + U_modesetting-set-driverPrivate-to-NULL-after-closing-fd.patch - Update patches to reflect upstream changes: + U_glamor-Remove-the-FBO-cache.patch- U_glamor-Remove-the-FBO-cache.patch Fixes (bsc#983743) by not keeping >1 GB of VRAM busy.- U_modesetting-set-driverPrivate-to-NULL-after-closing-fd.patch: modesetting: Avoid crash in FreeRec() by NULLing a pointer which may still be used (boo#981268).- Replace N_Force-swcursor-for-KMS-drivers-without-hw-cursor-sup.patch by N_Disable-HW-Cursor-for-cirrus-and-mgag200-kernel-modules.patch Only disable HW cursor for cirrus and mgag200. This should fix a regression introduced by using modesetting for Intel gen9+ (boo#980124).- modesetting.ids: Add file for PCI IDs of ASICs which the modesetting rather than the native driver should be used for. This includes all Intel Gen9+ hardware (boo#978954).- removed u_exa-only-draw-valid-trapezoids.patch; no longer needed since pixman 0.32.0- removed no longer needed patch u_ad-hoc-fix-for-mmap-s-truncated-offset-parameter-on-.patch, see https://lists.x.org/archives/xorg-devel/2016-April/049493.html for upstream discussion; obsoleted by upstream patch https://cgit.freedesktop.org/xorg/xserver/commit/?id=4962c8c08842d9d3ca66d254b1ce4cacc4fb3756, which is already in xorg-server 1.18.3- Add permission verification for SUID wrapper - Disable SUID wrapper per default until reviewed- n_Install-Avoid-failure-on-wrapper-installation.patch: rename to: N_Install-Avoid-failure-on-wrapper-installation.patch - u_xorg-wrapper-Drop-supplemental-group-IDs.patch: Drop supplementary group privileges. - u_xorg-wrapper-build-Build-position-independent-code.patch: Build position independent.- n_Install-Avoid-failure-on-wrapper-installation.patch: Fix up build for wrapper. - Place SUID wrapper into a separate package: xorg-x11-server-wrapper- Set configure option --enable-suid-wrapper for TW: This way, the SUID wrapper is built which allows to run the Xserver as root even though the the DM instance runs as user. This allows to support drivers which require direct HW access.- Update to version 1.18.3: A few fixes relative to 1.18.2, including one fairly important performance fix to the Present extension. - Remove U_present-Only-requeue-for-next-MSC-after-flip-failure.patch The patch is included in this release.- Add patch U_present-Only-requeue-for-next-MSC-after-flip-failure.patch Fix a hang while using the present extension Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=94515 https://bugs.freedesktop.org/show_bug.cgi?id=94596- Add automake, autoconf, libtool, c_compiler, pkgconfig(xorg-macros), pkgconfig(libudev), pkgconfig(libevdev), pkgconfig(mtdev) to Requires: of the SDK. This simplifies the build of Xserver modules.- Add support for a driver specific PCI IDs files supplementing what's in xf86VideoPtrToDriverList(). PCI ID lists may be held in /etc/X11/xorg_pci_ids (boo#972126).- Update version to 1.18.2: A big pile of updates in this one. Highlights include: * glamor is updated to use OpenGL core profiles if available, which should improve memory usage and performance on modern hardware, and got some other performance improvements for rpi and other GLES platforms * DRI2, DRI3, and Present all received correctness fixes for hangs, crashes, and other weirdness * Xwayland server has been updated to support the Xv and the xf86vidmode extensions for better compatibility, and fixed some bugs with output hotplug and pointer updates * Xwin saw improvements to window and clipboard management, and a few new keyboard layouts - Remove upstreamed patches: + U_kdrive-evdev-update-keyboard-LEDs-22302.patch- Backport upstream patches for Xephyr input hot-plugging / single-GPU multi-seat support: * U_kdrive-fix-up-NewInputDeviceRequest-implementation.patch * U_kdrive-set-evdev-driver-for-input-devices-automatica.patch * U_ephyr-don-t-load-ephyr-input-driver-if-seat-option-i.patch * U_kdrive-don-t-let-evdev-driver-overwrite-existing-dev.patch * U_ephyr-ignore-Xorg-multiseat-command-line-options.patch * U_ephyr-enable-option-sw-cursor-by-default-in-multi-se.patch * U_kdrive-introduce-input-hot-plugging-support-for-udev.patch * U_kdrive-add-options-to-set-default-XKB-properties.patch * U_kdrive-evdev-update-keyboard-LEDs-22302.patch * U_config-udev-distinguish-between-real-keyboards-and-o.patch- u_os-connections-Check-for-stale-FDs.patch Ignore file descriptor if socket or devices dies. This prevents the Xserver to loop at 100% when dbus dies (boo#954433).- Add 50-extensions.conf Disable the DGA extension by default (boo#947695).- Replaced u_confine_to_shape.diff by u_01-Improved-ConfineToShape.patch and u_02-DIX-ConfineTo-Don-t-bother-about-the-bounding-box-when-grabbing-a-shaped-window.patch.- u_pci-primary-Fix-up-primary-PCI-device-detection-for-the-platfrom-bus.patch Fix up primary device detection for the platform bus to fix the Xserver on older iMacs (boo#835975).- Update to version 1.18.1: First release in the 1.18 stable branch. Major themes are bugfixes in glamor, the modesetting driver, and the Present extension. Xwayland users may want to apply the following pair of patches in addition to this release: https://patchwork.freedesktop.org/patch/72945/raw/ https://patchwork.freedesktop.org/patch/72951/raw/ which combined fix an input issue when hotplugging monitors. Both are likely to be included in a future release unless testing discovers further problems. - Remove upstreamed patches: + ux_xserver_xvfb-randr.patch + U_systemd-logind-do-not-rely-on-directed-signals.patch + U_kdrive-UnregisterFd-Fix-off-by-one.patch + U_modesetting-should-not-reference-gbm-when-it-s-not-d.patch- u_Panning-Set-panning-state-in-xf86RandR12ScreenSetSize.patch Fix panning when configured in xorg.conf* (boo#771521).- Handle source-file-list in build not prep - N_xorg-x11-server-rpmmacros.patch: Delete: Process xorg-x11-server.macros in install- U_modesetting-should-not-reference-gbm-when-it-s-not-d.patch: fix build when gbm is not defined.- u_busfault_sigaction-Only-initialize-pointer-when-matched.patch Only initialize pointer when matched (boo#961439). - u_kdrive-UnregisterFd-Fix-off-by-one.patch -> U_kdrive-UnregisterFd-Fix-off-by-one.patch- Add test for defined macro %build_xwayland This can be used to enable the build of Xwayland and the package xorg-x11-server-wayland using a macro in projconf (boo#960487).- Split out Xwayland: * Build a package xorg-x11-server-wayland * Limit build to Factory (boo#960487).- Enable XWayland on Leap also (boo#960487)- u_kdrive-UnregisterFd-Fix-off-by-one.patch * Copy open file table correctly by avoiding an off-by-one error (boo#867483).- Update to version 1.18.0 - refreshed N_zap_warning_xserver.diff, N_Force-swcursor-for-KMS-drivers-without-hw-cursor-sup.patch - supersedes u_fbdevhw.diff, U_linux-Add-linux_parse_vt_settings-and-linux_get_keep.patch, U_linux-Add-a-may_fail-paramter-to-linux_parse_vt_sett.patch, U_systemd-logind-Only-use-systemd-logind-integration-t.patch- Update to version 1.17.4: Minor brown-bag release. The important fix here is Martin's clientsWritable change which fixes a crash when built against xproto 7.0.28. - supersedes u_0001-os-make-sure-the-clientsWritable-fd_set-is-initializ.patch- Update to version 1.17.3: Various bugfixes across the board.  The most visible changes include fixing GLX extension setup under Xwayland and other non-Xorg servers (enabling core contexts in more scenarios), and various stability fixes to glamor and the Present extension. - supersededs the following patches: * u_randr_allow_rrselectinput_for_providerchange_and_resourcechange_events.patch * u_CloseConsole-Don-t-report-FatalError-when-shutting-down.patch - removed evdev xorg.conf.d snippet since it's meanwhile shipped with evdev driver itself (since version 2.10.0)- u_vesa-Add-VBEDPMSGetCapabilities-VBEDPMSGet.patch Add VBEDPMSGetCapabilities() and VBEDPMSGet() functions (bsc#947356, boo#947493).- Backport a few upstream fixes for systemd/VT handling (boo#939838): U_linux-Add-linux_parse_vt_settings-and-linux_get_keep.patch U_linux-Add-a-may_fail-paramter-to-linux_parse_vt_sett.patch U_systemd-logind-Only-use-systemd-logind-integration-t.patch U_systemd-logind-do-not-rely-on-directed-signals.patch- Improve conditional enablement of XWayland.- Add patch u_0001-os-make-sure-the-clientsWritable-fd_set-is-initializ.patch Prevent segmentation faults with more than 256 clients (introduced by xproto 7.0.28 increasing the max client count 256 -> 512) Fdo Bug: https://bugs.freedesktop.org/show_bug.cgi?id=91316- Update to version 1.17.2: Pick up a pile of fixes from master. Notable highlights: + Fix for CVE-2015-3164 in Xwayland + Fix int10 setup for vesa + Fix regression in server-interpreted auth + Fix fb setup on big-endian CPUs + Build fix for for gcc5 - Dropped patches: + Patch110: u_connection-avoid-crash-when-CloseWellKnownConnections-gets-called-twice.patch + Patch113: u_symbols-Fix-sdksyms.sh-to-cope-with-gcc5.patch + Patch116: U_os-XDMCP-options-like-query-etc-should-imply-listen.patch + Patch118: U_int10-Fix-error-check-for-pci_device_map_legacy.patch + Patch119: U_xwayland-enable-access-control-on-open-socket.patch + Patch120: U_os-support-new-implicit-local-user-access-mode.patch + Patch121: U_xwayland-default-to-local-user-if-no-xauth-file-given.patch + Patch2000: U_systemd-logind-filter-out-non-signal-messages-from.patch + Patch2001: U_systemd-logind-dont-second-guess-D-Bus-default-tim.patch - Changed patches to work with the new version: + Patch114: u_ad-hoc-fix-for-mmap-s-truncated-offset-parameter-on-.patch- U_os-support-new-implicit-local-user-access-mode.patch, U_xwayland-default-to-local-user-if-no-xauth-file-given.patch, U_xwayland-enable-access-control-on-open-socket.patch * Prevent unauthorized local access. (bnc#934102, CVE-2015-3164)- Fix GNOME X Session for some hybrid graphics (rh#1209347): + add U_systemd-logind-filter-out-non-signal-messages-from.patch + add U_systemd-logind-dont-second-guess-D-Bus-default-tim.patch- Fix build of s390/s390x (bnc#933503)- U_int10-Fix-error-check-for-pci_device_map_legacy.patch * int10: Fix error check for pci_device_map_legacy pci_device_map_legacy returns 0 on success (bsc#932319).- Add xorg-x11-server-byte-order.patch to correctly set X_BYTE_ORDER when compiling tigervnc on ppc64 architecture. Related to bnc#926201- U_os-XDMCP-options-like-query-etc-should-imply-listen.patch * Enable listening on tcp when using -query. (bnc#924914)- Enable systemd-logind integration support: + Add pkgconfig(libsystemd-logind) and pkgconfig(dbus-1) BuildRequires. + Pass --enable-systemd-logind to configure.- u_ad-hoc-fix-for-mmap-s-truncated-offset-parameter-on-.patch * ad hoc fix for mmap's truncated offset parameter on 32bit (bnc#917385) - N_Force-swcursor-for-KMS-drivers-without-hw-cursor-sup.patch * hwcursor still considered broken in cirrus KMS ((bnc#864141, bnc#866152)- Update to version 1.17.1: Fixes for CVE 2015-0255. + xkb: Don't swap XkbSetGeometry data in the input buffer + xkb: Check strings length against request size- u_symbols-Fix-sdksyms.sh-to-cope-with-gcc5.patch Fix sdksyms.sh to work with gcc5 (bnc#916580).- Update to version 1.17.0: + Continued work to strip out stale code and clean up the server. Thousands of lines of unnecessary code have disappeared yet again. + The modesetting driver has been merged into the server code base, simplifying ongoing maintenance by coupling it to the X server ABI/API release schedule. This now includes DRI2 support (so that GLX works correctly) along with Glamor support (which handles DRI3). + Lots of Glamor improvements, including a rewrite of the core protocol rendering functions. - Remove upstream patches: + Patch130: U_BellProc-Send-bell-event-on-core-protocol-bell-when-requested.patch + Patch131: U_fb-Fix-invalid-bpp-for-24bit-depth-window.patch + Patch200: U_kdrive_extend_screen_option_syntax.patch + Patch201: U_ephyr_enable_screen_window_placement.patch + Patch202: U_ephyr_add_output_option_support.patch- Add xorg-x11-server-source package that contains patched xserver sources used to build xorg-x11-Xvnc.- Update to version 1.16.2 - Fix present_pixmap when using present_notify_msc - Fix present_notify to return right away when querying current or past msc.Xext/shm: Detach SHM segment after Pixmap is released - xkb: ignore floating slave devices when updating from master (#81885) - fb: Fix invalid bpp for 24bit depth window - supersedes U_fb-Fix-invalid-bpp-for-24bit-depth-window.patch- fix bashism in post script- XServer looks for dri.pc during configure. dri.pc is currently provided by a Mesa devel package, which is pulled in by other requirements, but it might be better to explicitly require dri.pc.sheep24 16704089751.20.3-150200.22.5.63.11.20.3-150200.22.5.63.1Xwayland/usr/bin/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:27009/SUSE_SLE-15-SP2_Update/27ed255d6c0f42c01e40581e46dbb05d-xorg-x11-server.SUSE_SLE-15-SP2_Updatedrpmxz5x86_64-suse-linuxELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=84603cc4d9086c7087b80b00ac71e7ab8c3591bf, for GNU/Linux 3.2.0, stripped"RRRRRRR RRR RRR RR RRR RRR RRRRRR!RRRRRRR8( Wr]tkxorg-x11-fonts-coreutf-8db77671bb3bda6b7c2fe70e6b59919b69f0b1b6286cbc3df1cc903652ef9424e?7zXZ !t/i]"k%#4ղۼK'l;tP ^S,mM4Ҧ05dLն1٠x)i64aHط5rNү rVed1M W|,d;Sx{a&E?c ]ӽàڅ0T<[2qo?g`p; gw81s_=y/uci =(Vڕ9M1V l!1C:VI=t7CuւΘ3)> cuEZ#iŭ4ߜzqC佾JxHy0N=A%16a#p|?rT^si9犐ID\CM^/ `2~{Byr}@7Js MZ:P2 *5EeVCy 4Ip;\ Mh$ŸE )o!Cβ%u~.&cN^REއi>eЌ6.ZZEj˸bpv8*2΢G9X'NK!'dxCC >+KjXLEζf -Sِ~R\!#b(rl rCxZ ]wXzn*{DkH´`ߊ6*Iҍ& 2đrnDn:{@E x7J?V1'wS)"Փ&8HsC$p$`BO>vD??/+rHqx{ۈpuY~@M>T c92k Gv\s[JD;~٫PO 4 t"hx^ 2_.r{%՚nRQ KkWō{H%-N$R Onw1H4<]dsŤ2 x?jPZ]f?Bb=%[ew :ۗfhſCU>+mffWcvˉ4ZS= #H )cL.*l:)z4,v |ԥzRH3Ek pl #!%?nqȞiޝ:㎢At'M3bAw5qf'8ЊFo :8BdJJƏof+=L ~]gm~lA2b9ţe 7bB߁!|[$&*\dĊO샭W~CcG0i*!\<aOwe7_#b*IV~ߪO&!4@§Iu+ᵆ?nЩ@QVsyb\591 dve2V,Sԥuޛqd ^aPd6P#Ǝ쥉z(ثNhDf6Tk`Yd Bɩ#Exfp}|\8 \D"C Rq/ie݇T6>V]/g^5š0^xD_A1@NU/:hp.io['ynp$B1_M{P0hʚJcDrA\t7g{A?>M E5v BXPlHYr]TnxZLR#%ߦ) a-ZK:޴g'w6y0#Y^z1!Ž6jbTԈ«=AVmD%md|z8Hx>#w¤@'בg{`KOeee:tx" i̙G25> #ղ)M<֊)@Žw ݴ˃P} ^F.# KͼېB,aEx M!t7oN/FO9Z a~0NM/Oф1dQ2fLv67/uixL\u^;d$hCgfd#<"Gy xoewv_uB33ie6 wVlߺ8Ԭ"km6+p }ao]k i: ;I6GwA:cVRFqxvJ443 Vm׳ (G-|'Y^Z$u@T)c-8:!fˤ4;+ڙ䏇ljy:*=\XqT,lDgBTci&NZ2.BgX4۫łfMBq6> "1]~b{Za^_@6L.-8a|=45iu!r0[%\[Q'v@U="{S(^M)*=og2+7e݊0sQI?h=]b(Wv~!]|DT:{fHyeKC7owb/.H6a\6d!j{ =e2> ~'0j#p {YKb%ɱ@%ş1w%;hj>}5M(}g^n'5 (Pl^"MzsaI54{ݝ:6@D'ZCS#Bsٝ&ׁ! `JbcPG40elړ'RlB$cj=DrҎMri͢Q lo=P \*^&y+f5AݖI2tjj;v&_;!oEdgJN;JB)F=$ѤJgZ :~g\rXwړ"lPї38bx!dZd:o!Z2iV+Ma|+qg[]Gr|]:B|wj;-g1 jOs:32gݣf}d x5ůszV|D=fք ya\H{ #:1;6+),h.&Erگz6%8kGOA먀x\WN7řhZA)XP:/8_\FEJEp % Uکޘ{5ErkAx-jP)bmPpMzJǼ-+8~9n'炟nTc,iA Zl[!oJnuFN3Qa_'l0+1ۇ9 u,fUhJh̳FϮ'O: Џ}]Ѿ+mXWvM@mMmTT=?Хk4 :JqtG9c}d|J")w,c;Qqњ؂v:ѩOdu torp, tZHVֻ+q͛R~f՟{. 8Ӛ j.s5{ԫ@ePGٛqGn8M|"czJ^]'q9Szm!ihAbz #FlD`p%iQv@fX"L`,@(ӃӋhq|@Ud()ʚqވRH9f<,5b5F?wx&*:L| ((/7LHcE{ՙ#(O2OrWOX rq)ߛGȄPToLϳI#$+Me! gcZ1,u(*ȿD,y΢IL\D WXQPe^FwL/in!Z筏QeJ{&P 6K#kNr](q/2ѭ|= կQȡϡa_L,RƪE-+/jnJpRipI?6c>xZU΋'N?Jwj߫z(6}NHhGKHa+o~lNmʗbaoͰHw+b` =ylpMHG*I[n~xll"~NZGaW;hp{er:hz DVfېwtuy^ob Zy^y,*zwIO`9(!-m&SeT*[X˿G21NlJy ll(-+^@ƶQ_TMbwB91-tϿkaD5l6wgwi~OWAi/)hؑ1L&">t 9Wp2`=nTi 1Ayޖ\"XGO)MfA32Ӱc{:EOaW#jNPv ZMt>. K|S%&uJg/1HuC DHQ"te~iLk`Ig uc)-ޘT72d1ae 0Ulno4`#'&#_"d.T+uv';1GV^=*58槦D?_9/*]D]I3<$☂G˰QABj5Pu)\\@XR,; LˁfHMxVs m.Mz ʼx0اj f" {@J[jg=Q& P8ߗڔolD՛Im]$o@jR}=W̟ܣX<4E6p0{ Cdҏo%τ/h$̑$,N뀹`1I<33\HyTQ2:񂮦6KZO&`o^]Rq !ߧ?yZs Nte r^lX;ff2"(h\8fr ^J:V?$fRndžU&7܉@G"זC:녮yA&N6 XcfP oJ/n객MrSBحW]\Tb,̂Ή*Y[Y>{AvF)}k%")+&p,ˁMEq"߭pCØ:=ThIHA ]Wid1Wm-ش];|EN9ƎweM3H .MRvAK9'PP@S0pWKm ^) ˈ1Nc> @SW/ rX pv\5Z@,vNć2r6Ą/|QŭJ`W9QH8N?Iƃnڕ L"C屃v@ֻUpI-?]wP PbxuÌ{%Dk|:EG(X4<\X΄VJZm7)V@)ng05tGR񦞺(TP珏A%t3[= Hcƃ)pf,bCe{xp7n{E&N&˷ͧl:xY+Dٜ֏*wP!;Te,gA /f"N;< X;4ފ]0Sp/qo1bNiϦlCu\K\FA3vMC /b׶į/ \|:Zi06_%&pB(īh2ل7">yst@_d L ƛxCo E[? BfӖU-Z^aoCʑ!Gd筍H-U1Bھ#(ƲSJc|FE x:A9.6l99>ܣ$%y{)h&r*ЉX4l"[o=q'ԃo@#3Ky3@Z5d>H4D!K1> ҇Q΃ :$4Ӝ T't:6zh<|=o)+ 0x٥3(l+/mW≨KWGtg5{yBPG1] >S}S]deqxF 4u\ 8rDr{og |\ QWBRlX6@|ٓI,hǢQR S+KLޢv:p&ýQվ2<r p:>QFreLH$YM'C| &?0G'b:O axHqЧqá)L!K}Ci]xhфN0.n*'|o]CE < S>羚J|ZK .-j@V6ymDvm_Oc/RĀJq$^z2ǟө<H᷏^F@C#Z‚B \BhX%0:BT.B\TORo?/9%;Ѹ:۴⌔!7w̵Z=Eg|dĪtL}f5 O<,9I,թSO0NW~\Ak]v:fGBOL2?`_%c&juɨU{RxVayB}2Iq'7Zox?:b_q,0%0Y /;tŷ"%r@ǻtM gsdDž9P?;oR#O TRs &û>Q*R2F\AQJmO?k&C3ĝJԕrd5w7IZ+ZnW𡂋`M llb\`؉ϖ{@7mE.Vț2h!9E̙Yvf/-;͓䈚VĠ8ӥ;*u6#lYqD7>U8HH 6)u9<_p4;4Lޚ ppEaub@Q?7 z^qLCsOM5Y_lo1g,Wå_[2KW,Z!#&,`ڧ+}>K]EUfW(uԘ'Oi=ʋ(r>46o܇}"*{/iv6#@UVB[R‰?z\f8)RSq^EZ &l.Co2z36310Vwα67l`(MoC '-ZSheu`?ޖ;Vˡ.q"S0OmD>˔l$^v\MnR|eI[ >0Hn2?zLqxsy:f̽Z 鞠75.IҾBB* U%Ccr" Z@m 9 cXݰ0uP_G؏vh΀eWkFFFv@xGhV.R2ȌD6:HhǫA!BsBdO~5z ߔ5tNɥ_2!(Z"TvpSHblv33z 'c#O~LLH(|&gf<ʀ'fPxDcp NJYH'nʻ1=C=(:`Z'W=GEHS]`eƞYR4#B(ĊU:JD;úT ݯƬ8 ] #96;^qDu%luyo9ϱ53X?*m%{WRk9Vm 6$A ŗ+NwVUT"B=`D K1h2jN\s_ٮג0ދ w{Cܢ1 wz?}OUK$!~F䁰(2*]QD=dھcuܦS҆*G;$Pe@||yC pk]k+Lz’bmF!릱iHzxM IL&&$i߰aLsu8vy.Sx f~m8pu՚)pR]Y䡃H# 1 w+}VP%fzw,K*D;~JbE;.̻%\iv9H˟ Dӷv"m%ĒqqZԝ>Qvxe24 t4#A|MMՙWEFB mшdun`&\Ȉ{W~sx: ъ$9`5LR?-ƍ+, .{e^}L|$wgaJ{bA Mf9z٩zN,8#'KȓEɉ q&2uqpD6e+ۭkgBQ *_WMc+9Whur>qB+ݟiUL Szm$G JQ~5p.u/7ʈIH~Ъk[U烨U sD2i EtYAQwDQ;{0lfzݪ?_qC"_=WʵD{OE= 7 1Ltb[&7?jӎ|<"݇370B ,Da͑Q1lo|nWRZNMi;f݈L=! ڹ•,^V?JwR?^%(逦zxeEg*p/k/rI 묉y$u^7p[3^4-[UrCK0ȩfР4-h9Qo(qhzq9[Ͷq԰z_.{ Y5c촛sUՊޅNE5`D?!֙F4 -./jpHE=nK^̢8G@mE&q0^>(s^0zHJ' )* 7 qmVz,S~ivEҪh",3'=&H()M߶/ g9 .-b L25$57\7FTŎodh$D6΢GjvUA7`CiyNTi S &V`brj6LaxHqܓQcf5RW PT}I[2߇C+$QVڠc{t,ñ%&FtWi\b?C~܃"$b({Oͪ=TrkzB~E:z&پ=U ,|6˨0K=ZY\vR6͖W}I:uTbݼy6vCoC+yJ!9;c^ao\fuqQVzE|RS>K1GhXVֻenF&sannPN)O& @yEzh[XҔuW)$/16 =d=}L5?w9r7`w@KTM a,=uIvW~NWc|znaG{4 5gI_i?ICG޶ѓm1 Hν%]?uHi\Dz?rOIMUueT 4gpygUEg;n׍-α+^,{f6Z q (LA9suG+9o:$$ _^܍C4SZF5򮸸6hH*i~õ{Ҹ#|AWݪQ[lv*߂_nJp]Ai̡ H,ZX5$R-Ix9Ä~1Xפi((`<]d7`TLyp 7ѹQ}^o࢑Yjbm=3 OU9Wg^1~#QuZA?ZGTGxh\z'X,Ch>.gesFd7eYQ$1+49hЍӾڰTOCuljډtjc΋2αsG9ʦa(|uKDX씳Y"g9N(ݒmhiHVWb$6v母!YOmHqױ}Iۑ,H2)X7Nh綪GTI󛇞 )qw V?Ž%/uq?KGA{Rpom ȤmpVJ0aTʺ.G-lfJ>Ue|ʠyޖq(j3(l@iD"M(=&2L޶݈ٞm!$^K(+_"RD4RhВ6Ah[c{8\R1W&b, ! K&>|.r|۲H~m{s#^&ܱv{{|lI":bk7 Ɛղ^bZGI1=dJQV[Ƚ䊾wXXtvxQr mI@Y4 wtU8Rmx#_7Itl78UA4[R;<2~2JRǞ(oNJ!5pH#JYb ?0h,2@ܑ@<>}ki%EVia Cjh! .sj W;Wة@GZ)+v{LR3$ ⚷b+_= Dz x!g ޔ[2tAiÓ &/J'WD-ɰz>:Fii.7=.hzAATf2R'h?Zd{- Y%il{@6<ρ33I{5ve:]G/r&fuᲳ,u'-0P$H@Qjv m*pgv.}4do1ļƌ(,HD p>M-Ж?C:YQ֏uv\[2|Pδ= `." ix; gcN(1(~/ y|<&QI ^]}tOq]5/L&Zh MVHfCC`!+,o4;׹H1ROxcOjy%ϠZO"RGGIKV h3فF|O[ݒJNM Aʚޤ.E6\Oٖ-]9X#auKH^M{l.$6a# =:VE |!o-I[<7=]Tv!L+J,3ouOedQQSpܭ]N> Np8+bI%wup}:ܵ؉ .ierh->s9&!hEh%p\{Kq?wWVMug%:. (5`Y_-6Ǹs=f2v&#}P&̈r`oJˌl2TqG;B:D{b+7'4M,wu)Hǘ94fLWal?t֕@Y} 7]I!o2H8kIWe^nY)KQ+:DTc˗Em8Q}Jbh4$cQOZa}ZNQ|v-.*^`rW䂜 ˽]N~3u"HEK\>fNa|UP+VF86{|]zׄţз!",IWkZz ҝdE%"c9_6 @oh=2fe=P#]ޢR+dٖB?֓w*[F|ڴ{Ĵz1w2XAgVv# ]4yjIrzt E#_v}2,iԹ 6IY RA92 н.x-9Q06cB)ű6 (ghG,n}]]ſOPGn8̋k峾+l {D^/6V Ɍd1SZx(Yƺ0[&+N-3̴?=9`2Z=KnZ; 6yqaDDV:ѧ{ d?^ԓ.s7[{#Op$Sm5\?p @eoBhpXKUDc;?j{R:Qw+-:j˛=RCGlՖsLW+zQ-% jujGzőM.C΃U˔D։'WrrnF_0`V\h.;e hBCA+rl˔Ńyj_MYgNZ%ۖdClYY'jHy藁K4#Խih”paFbA[Rd$K=GZmLw-T@!e*&q'.]5G 9QcK+H·ZfsNvu塾'n5p 9y=pdCc1SuDY_j+TGי?{/,E\ٳ)a8:rg0=7W_$) +TTƕBQ]DwXxyXM x=cL ~6eqepʼno^B{kAL)|54u(=et84}u`5v3=e?K5$8%{Nנ79RqlrgFeer|GtD's1Мӳaf|-ҕ;4#f: BhPsZZF56M6jڍT`FJ4q*{6f;eM"^+>>HDb\J(,x w*gAp ,<hIs]t`4ݶ ^y$M9I(]jx9 wrEEv2a`MS `Q>͸u>P~'0@&V{I>1nmz!\(pA! Й6iB'^G,KZfk̔ґyT*R^ZZ RtLHD6qHx>.QK0:J[{| -֟)ٓċӰѫyFǛUz6ǼTR7y(`H3#bY2yDm$Z|@l=;H4xS:mp4N&d| ž)#a{3[ΧyԙFGsC;, KzgP CLτJ=5ZܽK46x1g?= 쁿!8-^Qfu\qv@ b3E8ݧ-Mt+f`xJVjea5U1t`1S  k&ih\8j;,'X_RoZI4p$#`7Lڹi: %rhȽj=H(OVϯE7K%j|}]Q Q½?AjGqz_4eת>Fqo5#(ND*/bd*TWT tcXb}O jm9>o&MA<[~ _c^կ}BDګg;9XL]*봈IHj+q{z~(Dkzix-\Zs5oHPDvaOЕڴ<5?wwSx}QfIsH +~ 79T cZWJ=XIp޶ l5GR3_:ZC"_!JУHK8Roq6W82=HTG}>1rJ<PE&O\G=I;Ը )+HT3G&񯤺VT 1uʧ&{?9uJM:|a:JK}MB^i!7d`Ş`hZ<|mX]T!D65Z.!BB@UkPV? m2i;YeǚMR7BRA ̋HS1LS򾋿}xT#k#HryHw]çG%pz1;8q\\F@pN7NL0- (a{hi7fWɋQLPbO/hc 1*v62ˤ_FeQޢ]-vcoJ|<0u Lj"-ore@O@ (Z f;)1h$Yw_iHLzkXazktJy[[xK jChqurx!y^GYN Xo/I.p%?0ex3v~ViXc,p B@YDP׷'RH*NhyF30v9>"W|jD <Zf% A6%Y^!G`;sJ{<gD\nE>!$' ̭L^5QA*Ν"^ćgTYB%'m(}LX nSaQJʳ%MXF<}X;~`(]5*;˄d0XDMO ǹ.Q[ ?pQ QUk(v67;>}d2gw{G8 S 3s<<M:"W6R7 *g5I2Dmp3te] _qpD`4}f#,o8k0ia])cS`u 7x&}F إ #[=P*l4xhv5CB>h@ s&Tn3Rb9` SapLj؅# 7PHIRg 5JypEK ŵ=N],u( Ց0lm jn^xׇ "=bB|j(?#+f$zwXP|OΩu(T9{[Zd[UP .ٚ$5l{|4q) U| b6)Z|) *ChCbJ#ůA.W/ [ݵ`E.;gVup26&W͓z)D#QüB8cS+3H'{ 9 ?j! z0wCA}`q%w!B[/IoX5 (&_f(D1R rKڣFiWϼ(€dC&'tq "*Y<ɞɺlF }kmEܟ- ;aRmr.t RO_E6_4w{FCt@'KsEʝZJ%' 4>8EYUz4q爮k,7P>_HfNuۅ06B[YL vS| ے6+w0@]֌ ''x?\DĖD_Tf`bE<׾"b }2+ewyˀ"&6C%Si;,=3%F^3u, RٟWaޣ8"ci}rhxm.}7j#IRMv0gYeYH N^Fp"(zYQ[+2ɿּlb :H04G1IA9vcբpa1]ڲCiR[@f7gA.~s'Ԋl4*I{h3;J#OV$e{JyP.E<_9ð|MMH:r@!YM5 $ _fk{5l!J%]$ԾM: zHNRǢTXJOf!~e釧XbA -hA&"H+MZIecQE*G>F1?|6VQzqf)Нa.ZdWbYk,AJ(,=po@!kmJE1ɮPhlD {PW3y(-ޣR W,}}C72C?XW$pӦĊB Dg6:cI9EM*l< T;&ysjabz^Y=C6V.7W pxe_JS*PlgMĈRIREglhe "^\@@^BjK]472C.q(Y|hey{F1PvZ̽):\W3Ӗ3LS!2hiX2j76W_HX\3ƥ޲ԥ=<3M}'˘CƕښG$D^LR2<ozyjr>AƎٍ'w  fu{ io$°HAZW̠ I(,sBRC\Tw~L2-Aw?޸b#!ŷ(HUko7q9}£lU7kʗ5.mX' 1/CuBn/_&,{]oL&aN}f@b)VpkUrD}tśFVO 6fK^r1ԓkM1yZgi~B.s6E%ݸ\"D瞤:A}17U5*vT.Ģ6-JDWMsux&voke 'qZkQA4)62cO>؉LB1V6j p[;-{+8T-њ/57/=x#7=]( i=krǭYA֫|Q-0zVfŊi*oR=,?!_J(!t@B=U-ĉ&0!χAOPe!. L#E0Ƶ(ps:~ ԿՁxtC 7^rzAQ4*l!*x9fo5$G6m[07p{*"Շ9 >#:;#}-p e8/X0r7;cԐsCf2m@8A]\Ԭ A}C)<=<~0u>nUJs;V=(s7Йjv],M>g׮~[zDu@*1Jq> ]quqXFz*ЏAT0 G_0Ŗcx`FP$!~q| D7ɩ32|b1#˫c`ǀ;vĠLI 5΢ƭ,rZ<eK`5^_>8p5K&7^r&~Sw?+!ʭƜ.Zbjo^PgL"tq,N%VSeD"=?<9Bk14/ίpW ,0 =pCl^Nd5RZ_6,9(ѹ6<)Yi|nҏwZ!'r傖&Uc8ϩ0U⑄-YD ͙DM$T$?TZQM mM*&dzP$rq`!DFsZal٩5](ho|ìzCUdͰu;Ҿ.rcxST&zkO\fT֘PbiΘ5ZR[z%rYRSP|@L)~A轰pv@ZyE"hY %;QnޭsmT0LvJ1tNavWb&`U]{jBXn*SRrk 7D(%O 0\nƯL 9@%0hfZ|TEd-8|fZˠr1-E 3<mӿ1YARW_]jſ%HM %u+~5BH~!D;!CjNS1b#DTuY>J=Z;8õn.AlLk $=O Uw-쓨#lVd\ Ow3Uad5}_xOn&˞$AZDz {- ,cIm/{qP;NO7"$~؇;mT;,rE\qr>+E֪MuE`v'\ WCO. esap g%d nhbrLwک<:c2 ĪNEYO&tu v KO-l_RR Q8otWR<.[ /|B7*XЪPZޡ#mP2G xA1ڑ]ޡ 9j"f=+v}7±`rC,(EWtC /5'JDtJ6]ky`ɸ\ѫM ؆eP^MZADwm ܸ]']<%echh1dmB$ _ 8 | K؂u:}:e*3·L7qrӃh^6 x#,[_0Q( pU}*\|Xȟo^s-SD MT?0w(!7( i OYM?ڹ~l=qyӣ@ӄ]ujx4Adb7o6jsݮ k%E9qsRk$u%Zm2-7=91)-PߊeN\v>3ZFr![0l1Lh(pB?mO5I([o*˽a_Erp1^XhACY8 |nުrq 4^x9n \%16 3H&vԹa"d&fˊ!4lx0w0Ӭi}x =50 .л&3b"7N7Dhk}ؑRH6>xjs-Sm̡ VItՈ<7 d6dJ`n5~NxϱSanUm&z sE3fm+ߤ,G`I]2HkU[mV:8C^dv1\Cͤݻt{m:꼦nsߡY2,&r?^v$<]x!fk E(kM\M% 19P`+tO.h /͓`7{רC.2o,gVoykA؟_Ź+"a,q璬dF;at8]}J^QtFPH}z`Mc0GCbn q}i$b3! Y'oUU~lD|S_[if 9faliJ)m|oVnUnDٌ>MHP%S|sԪKaą\RV9 rPXJw:ZT=%F(RNȿ~H Hj/ @meH~㪥cJ Er]8Z,^UW}~i~ ] x9Pֲxzx"Aͭ3FupBiʮ8W`$^bu@R%'\ZǢh̅^=2 PyQ9E+Tm+gAp<-@90/ LG}rEn; Mm·IWpܹEi,ؐ+a,NH$?/O)T<\1mc^Zݺ1k@JtEy\=X_TҚA#":K=\m0 T\;PM 1ˣpЊ0K-vl^.Zj^:ē3y$`Qm]b@@I*<ֈ[ ˺ap썯FL[c" iXGHv M8j (_|l'*,%ek&z?o}RmqvDI}* 1tvfH0v,]LTxcw.-ņ"|Jf9߉77}&Q"`2^/˿9H{8r{ƒ2G=.4ivɭi+QqIW;sO-~h wLى^ݟ:Y"B#[6 Np =16Ⱥ; )4;9iL\ *p,B֘vIf<htfQC91/fyPXtXc*7xlw`Pb@d+䀫MN2kǰ);|VA?i!R1> PS/ brqWȥ:s;gO),<6HZ~='lV _c<~/D]ĭ?_A6BayLp4[yr`=|V3<.GgJGℓbJPǢ4"t.x|thҲ3z`vؔłmmMցmÑ'!VU,ڌYDI(di :E麟0I<EHEutL59lc0[ FPɄqťU ?J Zd4?k-Kc'a7.l+ U5mC^'R[d)efǘSɗ D߻W?wxmn|NPF(J'|38ȫ̷vw4Ǯ$'wib(:].+.&3z62&RËЎt9l%N'gAfFmjQY0XڬsUA4T!r7®w͑,v{25m ^`ULC\vL`>sM l_jC h%kJa_ó L_ۗ)8}T?ʙ/z+1m }{Do4{RH#_rk3U#Ǻ> xfʸ=v?ѦQH˪|9} &K4e I!nW_a⁙Ş'&A8o3N/+H?vd=gzM (܀V*-\N,d  q.cɞ "y]:x ~:=}u$)Xr҄b}RI]A ?eP[fbpYx9=˙u{릌۶os ּ/x}1`~fBiSb%%qA(L{i[#f[i ہ2,'6 m&baI[;KKH&޵JnĺCs<ă sgށ3ܹut]-3y)4 'eJ>g),h@$H[< ~YWNNڥq64 wsCu&qAʴƢ"ȫǤjZYm΅\,ΣK g[Qtb{ߛL*,Vp9Q(~CjBbK0ɱl#;NM>~_݆d 5꾗(ˇb|fVs3K{MK ڣz~H7'|9.""k6n31GQ 9AߵY qvD.;$_R|>v4!ԀK 2c|ǶAkF~7Md28IBFg'wƔ*3Q^YփCØ}IU&`HOԇO=[w+ks߹6]uWt䓒]RP )bcA ά#slLB(+Ew X+m5(+[:߾y z?N Q,˷BS\UV3-YI1w"VCGdgCsǗl Ώ<)PHNZ9 %?I)IUaj|/6R׏N*P#$,ꁩuSk}BV!E/thI <_L4,c>)3gj[ZL?쵂BMV$ic1mo{\\|gR4'G@ Ui *5n1xY0Sx:$t^n{PP :%sL2bAbL%SQq;-OE2ss0dsքRCc`)t݋Q|`S(V'J Zۣ} JJV+Wsv}*z Ars ]7Oi}-&gw(PC:y~h(*F+%:a6T>bE Ytb`pE/.|.%KdMt=K׹y~^rn&{;aSEOAGV`]*B4}3qeDιȶ|&z)@5IazK5kĤlro|&P/|%ܺVǿpS  &h&f7'Ѻ~x˱$))%gfz.ƞ'@|J&dw@- h#PeMbJ֎JTjVky_,jeqIp}\])}TcAw+Sg}M0c$HW:zznΔ4hTсyJufAoCt+N5ț5f k}~E[:\MxY_HpUb̜88p ٧9aWh`Tڤ $q$mNQ]y:N.Ibɕ?=|e_Q|v_J?Ř ̅׏9<7͋D-Ej=^er hzL"Y}b˙{{9 _3aIn#~Ew1frx:*DCZkyZ8*wEq%bdͨC൮SSaFơIˆPt(YX\#~4s0=Lu.*`$ Sh_?s$ |nzg[iè+6T;OXDBP-FE|毘"ù]p|"2*x ,RX?wR45տ[C"+{T{ 5ATz7fɩfʰܬ&VK˸YH֠C| {77a7ݱ`q#uO'=3RN_p@;{gFd4ՏLx:K\CP}l+VBJWPFn=͗QꮜϔZUiCQsI+ #ɬ< Wvt 0tAҋ._]X_"2 [)ִN1 ld _q}!i NT6b`Qזxڹмy8ns񋝾9*4S}_Ĭ:Ϛn6T2nP@pf xf|fVYAJHւxGè5M˟*RbzSUD> Xy`) ct\h:ͣ[7$NBZ~ZsH_`×Zȫ  y83D3X`0qaH U򨞣IucGL 6 AS8"RSknb̯8SCp1Àj@f%SYfJ^`G ɩVPVLDzk݉ؖ)|XTx5ͻjp[_{;| 9В2f 8>/ ~]'v3H2_uUJry͌00?s٤Wp i_co]ɞzރ9K?Sb .UX|olaIdAkRyM q vִLR3ʲцPd Id;XXK/DJ8d+P/&=A]kr>?cŴz9hj0Y8 =WIBԵRmץOM}'<6Jrz8WINqZ_lP残+T"SK2שUk291+6HWB {w4`ķ$'Qςdʭf%XZW>d;nW`Z-,Zo14%x,j]-;ظ¿dM4FBg{zF~W- O ]}+koAY2J>!vkłYw\TV{]TDOz|yuFܘQ`2v5MKU J n66-{`bEo~1(%;LC{ˈY㺹C}sx}R(Yetҳ~RHraIb\r +"Fʏ0H{?N2+y l7E/kc^]NWi~Y]`0"+EԦ!:&U"0g 8:sPFn/#b%?KnUߠGk*|?`[9.p];i5ـ=mlH?Mҍ@pFե Rys)MYRAg}2]<֍a ?<ؔ[8}DxiQD8Ws5ZCuy=zy=yynIܰסh{Tp&'n 1 zh96s K#v.Yj,!aCoC=g)!V&@1R!'dP`.IUnaQXY-ľ IU 1[2U~nofJ (0݀/,a_iyaѺ2/Bxzc Hf(d.OwVM47 15a: yNt!dCo>Hp2GSUeF{8Ui>io׻ 4{[荭!3 yuMH 1 (|a4P%wG$#Jsm6{&'M1'rC@ yGY"Z LjhS~@ںBEoIB>"W|:q?7yU |gOć@r;ƶc6t-mk~ 9yW4I=8mND&+Kf1BnaHG55imgτܘJWtn[@Lt^ OӐ bمR?}]B%fkl}7Ƅ|5ތ] o^,idxD Y Ҋ!v8]q񏜞z7 S}8h'V ujZUxD"S/?Tq_-";IH!C˱_%p=Cgn3[A&Qλ[W(Uo8ו=0Zb &޼\"YbUYMP#tW Mڻq<̘9o=rWۗ77I\K* PhVo(GFa2PB7q*W8ekNLp:b-`8fi!w7e@W탼(zQY$jWdvIob'+6r,sĪWO OInW#nՏ@}L밌I$l]|'8z%${9U-K'wkNxˇ[#VJHpmG(c q~{΁_ClQ׋Ecf+vR0Х.H_Nh}Uh#.X.H'z@%eN.hCxZڧ#C2h蕘9U4rxvEG~S,`\d9I])K, g~&A+1aQK0sU@Qx@[$ ӜIKo7A _d6F*,3Yw Hv0s_ICFZ'{C$i"=i[SUAaD Tj=~:0>q&gllpok8'rx-{vBҎ d<{[&k7<܅W`A*JHN ALuY 荞^Vrg-=QZcM1Dd}˚㏚-m̠$6,odX6׭}qWkj7B$SQ <%U) Ka޼M1y~uˀ; [;I(NaW<od sU9t/jgn揜hdA׍CN.i Y4*>Κpۈk3a6\@2o+d2nYhasƙKQI=B@S#Btuå>&u݃}&עF;@}9QhAQl29T ~RQ _Q4]O++|IG{nx/g=<ty*G [D jܖk8S( <3Pyt%Uxt¿ܚa[iF< uK!m`%n !C\mui";#J5\etZ{MvQ"OZSUb2q8ޝ4€đr?Lx{@wOќҠ$+neAێK GjDFv"A +Ek U MK`* c*Aj:Y?vŃҳHA+ BF%8h3AЅ >PHh;1i\_ʒ&&{&F3xa^hL/\[]\"!=[X)/NV|?u>!j93I& Z>U!`)݈"aQJeACaX:9.a>,!3fݿ5}Y=p:?:2uqynI-O`C5s,DS_dlѩ2ngVk!UϘBZ8ێ' s_Wz ^"[x}l 鎔QQh碉/IS" *54BCclaA4'o6 8k!b]╬z~G &v>^tv˸ ^1JF̎<*4%_խv9`pO92N)Q1KБlьzߝD05B='L=[c퟊V@ ϭ15َ|߈Ȧ, φ 0ok_$Ú ~Fґ 1^ CQqrbT=]g@%%k(XM}dRF%:Ə<8qX)PgV% 'Y賦/*-O%Q0mVT̰sRU#لoĸóFK)OU˨sP*Y(\_KGcFɽ\i w=׌ pttt6ojIZsE‚s@밴i" ~%I99C#1 G9TDY&s8y5/ PavA6EqZdju' h;2l!>y+!lNBV kZ* g0[v,JI0VISe@%I$vv2k-:~GP TYD=B`m$o?b3:*g=lBn*Z$K$7^*t3w(d1XoXB[1T~i[GuAU(~ {?#q͹Ma$װ8 OF0%-"/78*]ãK0 !"2lʇ s&gT.Քb_vA6X]ezSXg1ۗM9p G bQ>)d/ 5KX]dMg"~VǕf _CЋ~g59,y)#)J6bBS5";gK;%%99>n\~̓қґwl'?JIw`!HpLΎ 8HOhpp߯u&X(BK 5 ౼jGG)tD@\).1=mCu!SmB~doc ]?2:n 7o[nIDt ''|)^s^TK-IJaQ5D1ۿzht}mg=l+Mѻ'XNXUx`yüB1f4dEw^2g@xb][q2a3;$iQF*~& »*N!~]W}-_j#YR+lَ|U>Tt{Uj8/VDy{;&lWN(!#X4w[CB(e/ÕyhkBJ1cֈ~:u 8ڶF̊dfd/gQ*H^+h*kX:s`Wb`+BT>uG /Ծr% ԼDuU:BU~0Np Z3`dI3P2DwRo5e0!Z2ʙV[s/…4r_)D4 留ԍ 2=n-?ek%kQ歡:cgl& A` ˜EL |T%G"&PzKiavm~#)nGԸ7j;|#E+7pOl50fRio&:5|&.D܍ZPG"ھxvCvsI!uoe5 'X\j\L\LFJ?sg]yъeyw;BA-߉/3}3PߟN>"RDBݭ-fŃ&ȮH#B2n0}[($]@R--ZSVZʠ4=KcՇ`fl l>: IֻCX%% |&N^) ڤ| ~1)Iz^rbyԖ1dYcoSzOU z!Ɠt6ׇI238r H/,=CAVc,Xn cKvA?0*9#/SUhT :ID|{-(L.]Acz_-fDCDtAK> b Dm.Pp7738$6'-4ڹFyeE}/n g5PIVWVї7$,sҹŹP 3eʰFRD}?TO6xԄ?4P< x-7%\6!]WL%‡Lb]xVz,I=8Q3~ID"y`]JqGdL2JТOR}䷧RJzjh0!ST0'9?q"?_}p6"JH6A<܃5w}HgBШÁ9)Ҕ;)\>{Y*%c܆I>H+cܓXAgBéIϕwXj+=x+ɺX^6'E,iH>#23CNj _&ړF| %K9&;ޔ9~DO%Z% O(.Snm+0('Op]A;T(z%tE1Pw6)f]1 |,U$S5\3y"<\US/l8xFGEs hXSCSU=k>{Iq/HB3a4ߤdZ6yR>॰w?U%Ìפ?^ƂIS.z}!M$mnc^_XL2T+ͽ;ǼEBe쾏,ε\7PR4,8&ՓBQC˷{[eG,=Qpre 1AclJyI8u]E#InZM7H uuu3e ,"" 2ö,<궜P 1mk\ |[3K34q-Qk7HBjfX >(r<ț;; A nL3 c偕P.8m%쏩1}W+2g{ znJzV;p[V }&2r|H0rkcg0mc3 nrc!I~sBU[&I):!WFj!ĶB :-j$Xaޱx=0^ۀcV>Z%XVuj#圤?~^~HekQq:C"%+ҚΪ]R?CNZhQ@d$Wp %Z1УrY*U,UѬl]r$fMc9*"'=k0@J%˹'*0kxV6jxA?^-yq@ɗ% v % =$t7 h C3y4Us߂EB󙷹:OWf+%}GϢqK4CI#DS8 NIfk]Le|/ *,7Xu{ 6 Tτ̹)i~!_&"r;3shx*Y;Or t{NfV6PKTF4gs¢fQK ݘ~IV[$ ۇDkbV|o8pf3[L,do5dICgNdKilK%Pߊ{'\V$[,=~#C9ZIyH4hʹ#ilN,bYר]CΉ1EqEu]+boT.OjFؓAҞf7pGzPSѩ JfAN co7 Y,UB7u>ڦ&95g*^`;s}_Z-UCcR;?|R gˉ fbʦaBKh|ackckmuTx֌&@t τ̠{RM!#C=?Y(z9_o&oz3G9}lS!(R$:'ƌA2>Xތ`!^Wt'y2?s#\媥n.Yow_Uf[גZ .@utPsah|Ftr_!E/oqL?Vz(yoIZ)8pϔ.5 :UaudSF Z8SzoI+^SV8S.@q)S>e12ÚA=߮t/Wtqkʣa[RVM(,ʹ_%Uѷf !1gl8:!Лz"/!:< hr=́=#UT  LM^*Kt']6޳pUsS[7]tG| z|`Fqa o)]+0vG=Mn9]Zomzw/ 2Z\֊+@j2C*>LEL!196CR"*! jn@͔]?fod. Lʹ҄6'Py-FNO{R[IpЅ$oh& Xn0!ٟyFS#_i.^hYvc2A2 &#[4܄\Sp`duD+pFi1)t"C9q\Q<`Qp oo4oew~Z𔺿֦mVyVf;IZzBhs %԰װW (mǑVq f"m֓1%5c{IDp3Y nA<(QJd)JI#GKy&hn8)PU-?cuqMX׹5={2t*Ȋə;(ꅭ<(-ϳ8ͷ|aUQ"*f7Y|~,I2a ލ3pkF/ZZ% +J?)QTQۜz}gNq+a[+DrьA8AKD֝/`Hxk\ZzA jG3_ˆ%v#i"']!{]ѣ.I2tƅ{'޺@K> EՊ@A $4ަQ2!gʏ3l:It6DBz m%[^rFBujǾ!sYLW|=%-ܳSfmNv+wthL)-62I{`yYI.+:lM'jϋ&/Ou5Gi6YN#s9e5X(Y + ('U~ʠ"-<mVASu5DL3ð\J3姟*Y'@U jCb<^h%J2(|aaEmkv_ǯQul/g}U\4klyx(+AЂṠ[n=N*^h^rqDN,"b.NwxPŽ&p}ѤifȕH,՗s3, {,BbQF>W ]tl r ۴p`jnpvTb/3Buɉje Jo{FN6ǀQT!WKihL(6E%IZ?]r.7'J9b!.`PbPɛۘy?dے3Xلhb,?Z39i}UBPQc?PbWB=q`6I[H6t1`?e81:`{wi/"ob/v"e txS܆ &%<,+MtkhAczipg$Kݤ:fzwsӘUb5} /-6>$>Q-v-Uy ^+y\W1qYC~C5lkR;ŗYne0Yi/f;^N/BZl1֕,d7(mf5HۑV1l\ .`s (ty,g%S'$?C|B",Fok x#,ÚZa_MU=A dk;vT M+.Ix:'$= 8w6o+Y> oΫ4XP*RԶB~8=+& .K<:yȡkf4U}G-`sގRq,+!u4ӎ?0ui~p|!\{1ۧcpj0*laiWBFtV1:e|4&w* ۾!0oDQ͹h3SG?+E! >Rp7%";,q˩4 ==[]*ډݠlp/D(w 95\>|՜Uݖ\j둴@sL6d{,Z-*(_$cuMLYxMJz&ndQz0!0N&dNfr) i>#4gPs_\-=/oKDժpD׽5ܴűx[5Bx2 wJKiĜ[N@0 S۬$YXMAŇez9]cB!Y7Hvw:$a,l@ H"xf3귕\؃M$#|S)EBSuňwlmh4_85֝baXh_tTO!=mU{]6H͉m}8B貧9ʏ0f9t Ϗg$'j&r-6+K};x72.ʠ`/\Zj{H&@sdj@Ov՞:a 1/z`V.ebYR9)v{zw2#^l5 .Ps[x.\ U#s+l$e'@& |euXfIo;.=)*b 3TGZU72u#d&8[zDIEQ;t6yJOlopW#o*+=Jg; YZ