polkit-0.116-150200.3.12.1<>,\erp9|INNd,-i^MVOl\^s;eXwUՆhcl0j~C>/D| 1P9ă 5k(ED<)JFu et?ź\qC)y% ~Sd)yfM&`?nL,JPo2\3Y{h򗓔Zm@yiA~'^'bش(۸@*KB\ޒ]$}Ғ&Z>NL?Ld   ?"4 J[  .. . `. . . ....\%%!o%(!7!8"x9":$|=8>8?8@8C8F8G8.H9.I:8.X:Y:\:.];.^=#bAAcAdBkeBpfBslBuuB.vC@wI.xJ.yKh;zLTLdLhLpLtLxLLLLLCpolkit0.116150200.3.12.1PolicyKit Authorization FrameworkPolicyKit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes.ernebbiolo SUSE Linux Enterprise 15SUSE LLC LGPL-2.1-or-laterhttps://www.suse.com/System/Librarieshttp://www.freedesktop.org/wiki/Software/polkit/linuxppc64legetent group polkitd > /dev/null || groupadd -r polkitd getent passwd polkitd > /dev/null || useradd -r -g polkitd -d /var/lib/polkit -s /sbin/nologin -c "User for polkitd" polkitd if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : for service in polkit.service ; do sysv_service=${service%.*} if [ ! -e /usr/lib/systemd/system/$service ] && [ ! -e /etc/init.d/$sysv_service ]; then mkdir -p /run/systemd/rpm/needs-preset touch /run/systemd/rpm/needs-preset/$service elif [ -e /etc/init.d/$sysv_service ] && [ ! -e /var/lib/systemd/migrated/$sysv_service ]; then /usr/sbin/systemd-sysv-convert --save $sysv_service || : mkdir -p /run/systemd/rpm/needs-sysv-convert touch /run/systemd/rpm/needs-sysv-convert/$service fi done fi exit 0 if [ -x /usr/bin/chkstat ]; then /usr/bin/chkstat -n --set --system /usr/bin/pkexec fi if [ -x /usr/bin/chkstat ]; then /usr/bin/chkstat -n --set --system /usr/lib/polkit-1/polkit-agent-helper-1 fi if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$YAST_IS_RUNNING" != "instsys" ]; then /usr/bin/systemctl daemon-reload || : fi for service in polkit.service ; do sysv_service=${service%.*} if [ -e /run/systemd/rpm/needs-preset/$service ]; then /usr/bin/systemctl preset $service || : rm "/run/systemd/rpm/needs-preset/$service" || : elif [ -e /run/systemd/rpm/needs-sysv-convert/$service ]; then /usr/sbin/systemd-sysv-convert --apply $sysv_service || : rm "/run/systemd/rpm/needs-sysv-convert/$service" || : touch /var/lib/systemd/migrated/$sysv_service || : fi done fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -eq 0 -a -x /usr/bin/systemctl ]; then # Package removal, not upgrade /usr/bin/systemctl --no-reload disable polkit.service || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_STOP_ON_REMOVAL" && . /etc/sysconfig/services test "$DISABLE_STOP_ON_REMOVAL" = yes -o \ "$DISABLE_STOP_ON_REMOVAL" = 1 && exit 0 /usr/bin/systemctl stop polkit.service ) || : fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ $1 -eq 0 ]; then # Package removal for service in polkit.service ; do sysv_service="${service%.*}" rm -f "/var/lib/systemd/migrated/$sysv_service" || : done fi if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi if [ "$FIRST_ARG" -ge 1 ]; then # Package upgrade, not uninstall if [ -x /usr/bin/systemctl ]; then ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_RESTART_ON_UPDATE" && . /etc/sysconfig/services test "$DISABLE_RESTART_ON_UPDATE" = yes -o \ "$DISABLE_RESTART_ON_UPDATE" = 1 && exit 0 /usr/bin/systemctl try-restart polkit.service ) || : fi fi~A  x Pc+)VJihP BAA큤AA聠A큤AA큤A큤AA큤AAerererererererererererererererererererZ.erererererererererererererererererererererererererer28067ad27702251ba38d9794738cb81e18ce2151d26b3d103a33b4107c2f9877af4292db23ff017727a86c35067121354c63911f32caa09e0b9e42d6b4252133aea3041de2c15db8683620de8533206e50241c309eb27893605d5ead17e5e75f74f4a01c22f72873d22754cc1c25b584783cb981de0ff0bab49d49ee0f7d139e6ccfa01ab526be1ab05be7cd2764b21037299294cec74679f624c71d662cb9a6e38a9bfb7c2f7a52352782a4d4ee84cc02cbc3fa91a38f3987c15194b333aeba067c867f8e91a18e5534bd4a2dc68037c84732d506e3ecd130b517c67d10021bef09daab31a8c7c023371ee9ab6fac273400c7c9be58d36912967fb298f77a85217393fef1b2e7b6a7dd94969218faa050d781a0495892e3f5568a5780ac75a76dac9df426bbaec2bd79b1e71ad2a30d01e40c0c6e1c0d94150f762c7890b8ffbaed12288339ed4b1df90f017beb8af07b56eba1b2edc4a60914880c13617af1d2e2aa973e29c75e1b492e67ea7b7da9de2d501d49a934657971fd74f9a0b0a8561b4b59f36d6e34af024d07ef8a80457559736138ec9e9e4d14f8e926c17512725f7541bf0703006687192fa4eab464b4e91797794e0fec5e705d2c66808a1a1d862c3977460da9e096a5267d4989d977f9e4eeff7781639b80a138fcb7ddbb86a99df215a09ec829e81f8b6d99e8d88950630a3fb319cf837c3d0506b17ba6a632e2e392c367b48cbc844b0ed41cc2287126dbac51fb7d1a64f40211ca0589c888d46402d2bf113d5859a57569c53ab68a179bc2fc084b36c13fb45020eecd73c95abb890de9cb72fbee8947befb6f489bac6f50dd7325a553b1c3cfda9e0c77ec4e0353f78877f22fa4575ae21fe371584a041b3e0f3b3c96042e030352e82735b902d88a25d4a74135d82696c544658237ecc659cd90560b88103eab1393d5c9b88e431a17804f869b4320fd642bd6c40230c4085c0b6949820a20e9a3c7dfdb5e050f3a7140479dfe7636813c4fd071b20d5034e8c7a83ed65e4fb1977ac6d17b84ef6c4a9e966850ec833c4bfc17e15da6131723f22fc0d38902082503a21c5947e9731f3558bbb979b7bfb65422961ef2b6108ad6177f29c6e8deb62899a0a2a2e36dca2a54c89ea06d695156b518e02b52883e93b70ba63e3768298a19529a141086b5d46de37fc95895360c379d49563d5b513323e73f0f5750436a885304c3e892e3e6e167676ecc691c6736c7116bd1157a1201495e0556f31381669a20fdc713af31cedf7272d21db31b5aa85423df8a845e4b7c8034ad697d4076a8600153d9159a0c37901560f168f01b5cac61e19dac08186a5f5e5238c1f816f452baa3077f54a5b66861913d097eb2b094e3da19f8af2426f951b4c22701d3fbc5b432d9fdf0de1499e9b29504f8f6e9d313b519d64c43af35a906bddfe09035f887c526aacec04bc44b5376dabf82c4a0f6c955ea3650eb4c416b3d7a66c3bef7b57d54d7c9cdf02ccacd53a5d630d1ffa76114cfe0bbc5889fdad5dd6drootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootpolkitdpolkitdrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootpolkitdrootpolkit-0.116-150200.3.12.1.src.rpmconfig(polkit)polkitpolkit(ppc-64) !@@@@@@@@@@@@@@@@@@@@@@@    /bin/sh/bin/sh/bin/sh/bin/sh/bin/shconfig(polkit)dbus-1libc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libexpat.so.1()(64bit)libgcc_s.so.1()(64bit)libgcc_s.so.1(GCC_3.0)(64bit)libgio-2.0.so.0()(64bit)libglib-2.0.so.0()(64bit)libgobject-2.0.so.0()(64bit)libmozjs-60.so()(64bit)libmozjs-60.so(js)(64bit)libpam.so.0()(64bit)libpam.so.0(LIBPAM_1.0)(64bit)libpolkit-agent-1.so.0()(64bit)libpolkit-gobject-1.so.0()(64bit)libpolkit0libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.17)(64bit)libstdc++.so.6()(64bit)libstdc++.so.6(CXXABI_1.3)(64bit)libstdc++.so.6(CXXABI_1.3.9)(64bit)libstdc++.so.6(GLIBCXX_3.4)(64bit)libsystemd.so.0()(64bit)libsystemd.so.0(LIBSYSTEMD_209)(64bit)libsystemd.so.0(LIBSYSTEMD_213)(64bit)permissionsrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)shadow0.116-150200.3.12.10.116-150200.3.12.13.0.4-14.6.0-14.0-15.2-14.14.1 /usr/bin/chkstat -n --warn --system -e /usr/bin/pkexec 1>&2 /usr/bin/chkstat -n --warn --system -e /usr/lib/polkit-1/polkit-agent-helper-1 1>&2d$(@b a@`]@]z@\t@\g\\@[v[E@ZUZ@ZY@Y?WXWV@VV@UL@T@T@jsegitz@suse.comrfrohl@suse.commeissner@suse.commeissner@suse.combjorn.lie@gmail.commeissner@suse.combjorn.lie@gmail.comdimstar@opensuse.orgmvetter@suse.commeissner@suse.combjorn.lie@gmail.commeissner@suse.combjorn.lie@gmail.comschwab@suse.dedimstar@opensuse.orgdimstar@opensuse.orglnussel@suse.defbui@suse.comfbui@suse.commeissner@suse.comantoine.belvire@laposte.nettchvatal@suse.commeissner@suse.com- Change permissions for rules folders (bsc#1209282)- CVE-2021-4115: fixed a denial of service via file descriptor leak (bsc#1195542) added CVE-2021-4115.patch- CVE-2021-4034: fixed a local privilege escalation in pkexec (bsc#1194568) added CVE-2021-4034-pkexec-fix.patch- CVE-2021-3560: fixed a local privilege escalation using polkit_system_bus_name_get_creds_sync() (bsc#1186497) CVE-2021-3560.patch- Fix usage of libexecdir instead of prefix/lib where applicable.- polkit-keyinit.patch: add pam_keyinit to the polkit configuration (bsc#1144053)- Update to version 0.116: + Leaking zombie child processes. + Possible resource leak found by static analyzer. + Output messages tuneup. + Sanity fixes. + pkttyagent tty echo disabled on SIGINT. + HACKING: add link to Code of Conduct. + polkitbackend: comment typos fix. + configure.ac: fix detection of systemd with cgroups v2. + CVE-2018-19788 High UIDs overflow fix. + CVE-2019-6133 Slowfork vulnerability fix. + Allow unset process-uid. + Port the JS authority to mozjs-60. + Use JS_EncodeStringToUTF8. + Updated translations. - Replace pkgconfig(mozjs-52) with pkgconfig(mozjs-60) BuildRequires following upstreams changes. - Drop patches fixed upstream: + polkit-fix-possible-resource-leak.patch + polkit-fix-leaking-zombie-child-processes.patch + polkit-CVE-2018-19788.patch - Refresh patches with quilt.- Use systemd_ordering instead of systemd_requires: strictly speaking, polkit does not require systemd to be present. Just that when we install on a system with systemd (e.g outside containers) we would want systemd to be present before installing polkit. Help also reduce a cycle without special hacks in systemd.spec.- bsc#1130588: Require shadow instead of old pwdutils - User proper Requires(pre)/Requires(post) for permissions and shadow- polkit-CVE-2018-19788.patch: Fixed handling of UIDs over MAX_UINT (bsc#1118277 CVE-2018-19788)- Add polkit-fix-possible-resource-leak.patch: Fix possible resource leak found by static analyzer. - Add polkit-fix-leaking-zombie-child-processes.patch: polkitd: fix zombie not reaped when js spawned process timed out (fdo#106021).- Update to version 0.115: - Fix CVE-2018-1116: Trusting client-supplied UID (bsc#1099031) - jsauthority: pass "%s" format string to remaining report function (obsoletes polkit-jsauthority-pass-format-string.patch)- Update to version 0.114: + Port to mozjs 52, the latest version of the firefox JavaScript engine. + Add gettext support for policy files. + Fixes for various memory leaks. + Updated translations. - Update keyring with Ray Strode public key. - Drop with_systemd define and all conditionals and polkit-no-systemd.patch and ConsoleKit BuildRequires, we only support systemd now. - Drop upstream fixed polkit-itstools.patch. - Rebase pkexec.patch with quilt. - Add gcc-c++ and pkgconfig(mozjs-52) BuildRequires: New dependencies. - Drop conditional pkgconfig(mozjs-17.0) and pkgconfig(mozjs185): no longer supported. - Drop autoconf and automake BuildRequires: They are implicit via libtool BuildRequires. - Replace glib2-devel and gobject-introspection-devel with their pkgconfig counterparts: pkgconfig(gio-unix-2.0), pkgconfig(gmodule-2.0) and pkgconfig(gobject-introspection-1.0). - Add polkit-jsauthority-pass-format-string.patch: jsauthority: pass "%s" format string to remaining report function, patch from upstream git, adding missed commit (bgo#105865). - Drop polkit-revert-session-magic.patch: Upstream systemd bug is since a long time fixed (gh#systemd#58) (boo#954139).- pkexec.patch: pkexec: allow --version and --help even if not setuid- Modernize spec-file by calling spec-cleaner- Add polkit-itstools.patch: Add gettext support for .policy files.- Use gettext as fallback to get potential distro translations for polkit actions. Similar mechnism as used for desktop file translations. That way it's possible to use weblate to add additional translations that are not provided by upstream (polkit-gettext.patch).- Use pkgconfig() instead of requiring systemd package names directly.- systemd.pc is shipped by systemd main package (bsc#983167) Strangely polkit wants systemd.pc to detect that the target system is running systemd even if its configured to build systemd support...- polkit-revert-session-magic.patch: revert a session detection change that could lead to sessions not being detected as active due to a systemd bug. bsc#954139- Update to 0.113: * Fix CVE-2015-4625 * Fix CVE-2015-3256 * Fix CVE-2015-3255 * Fix CVE-2015-3218 * On systemd-213 and later, the “active” state is shared across all sessions of an user, instead of being tracked separately * pkexec: when not given a program to execute, runs the users’ shell by default - Remove polkit-no-kded-leak.patch (upstreamed)- Try to fix kded leaking due to powerdevil exposing this issue in polkit: (bsc#912889) * polkit-no-kded-leak.patch- Added gpg signature and keyring with David Zeuthen and Miloslav Trmac ids./bin/sh/bin/sh/bin/sh/bin/sh/bin/shnebbiolo 1702022619  !"#$%&'()*+,-.csdadehrhuiditplptsksvtrukzhzh0.116-150200.3.12.10.116-150200.3.12.10.116-150200.3.12.1  ! "dbus-1system.dorg.freedesktop.PolicyKit1.confpolkit-1polkit-1rules.d50-default.rulespkactionpkcheckpkexecpkttyagentpolkit-1polkit-agent-helper-1polkitdpolkit.servicedbus-1system-servicesorg.freedesktop.PolicyKit1.servicepolkitCOPYINGpolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopkaction.1.gzpkcheck.1.gzpkexec.1.gzpkttyagent.1.gzpolkit.8.gzpolkitd.8.gzpolkit-1actionsorg.freedesktop.policykit.policyrules.dpolkit/etc//etc/dbus-1//etc/dbus-1/system.d//etc/pam.d//etc/polkit-1//etc/polkit-1/rules.d//usr/bin//usr/lib//usr/lib/polkit-1//usr/lib/systemd/system//usr/share//usr/share/dbus-1//usr/share/dbus-1/system-services//usr/share/licenses//usr/share/licenses/polkit//usr/share/locale/cs/LC_MESSAGES//usr/share/locale/da/LC_MESSAGES//usr/share/locale/de/LC_MESSAGES//usr/share/locale/hr/LC_MESSAGES//usr/share/locale/hu/LC_MESSAGES//usr/share/locale/id/LC_MESSAGES//usr/share/locale/it/LC_MESSAGES//usr/share/locale/pl/LC_MESSAGES//usr/share/locale/pt_BR/LC_MESSAGES//usr/share/locale/sk/LC_MESSAGES//usr/share/locale/sv/LC_MESSAGES//usr/share/locale/tr/LC_MESSAGES//usr/share/locale/uk/LC_MESSAGES//usr/share/locale/zh_CN/LC_MESSAGES//usr/share/locale/zh_TW/LC_MESSAGES//usr/share/man/man1//usr/share/man/man8//usr/share/polkit-1//usr/share/polkit-1/actions//var/lib/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:31767/SUSE_SLE-15-SP2_Update/2e03c4d362f8d370476985f1f4c3e35f-polkit.SUSE_SLE-15-SP2_Updatedrpmxz5ppc64le-suse-linux directoryXML 1.0 document, ASCII textASCII textELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, interpreter /lib64/ld64.so.2, BuildID[sha1]=7233f360ffff16203916a95dd708acfe35f016a6, for GNU/Linux 3.10.0, strippedELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, interpreter /lib64/ld64.so.2, BuildID[sha1]=3bc9c256bc3ab5df0ae36cd37ae4738bd973f73c, for GNU/Linux 3.10.0, strippedsetuid ELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, interpreter /lib64/ld64.so.2, BuildID[sha1]=0ed082e6f0e0fc81a116ee66a71ec7c135031c64, for GNU/Linux 3.10.0, strippedELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, interpreter /lib64/ld64.so.2, BuildID[sha1]=d516bb0ee706e21f963cf1fc1b55b4f8d72f6add, for GNU/Linux 3.10.0, strippedsetuid ELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, interpreter /lib64/ld64.so.2, BuildID[sha1]=1737b9878bd2581226fe49ba081f32ca875f4866, for GNU/Linux 3.10.0, strippedELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, interpreter /lib64/ld64.so.2, BuildID[sha1]=46d0680b9fd8c10a09ca4a61c0f86d16b0a68cfd, for GNU/Linux 3.10.0, strippedtroff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)troff or preprocessor input, UTF-8 Unicode text, with very long lines (gzip compressed data, max compression, from Unix)troff or preprocessor input, ASCII text, with very long lines (gzip compressed data, max compression, from Unix)XML 1.0 document, UTF-8 Unicode text ' RRRR RRRRRRR RRRRRRRRRR RRRRRRRR RRRRRRRR RRR RRRRRRRRRR RR RR RRR RRvI? rZ#=\systemdsystemdutf-849cf0b75e20bc851bf220b49a3946ac0bdb5178bfd492732e650b757b3cfe90e? 7zXZ !t/K/-]"k%Q0wD8j-;+3aŗUiZh >␘? bt =>}/o26(C59S U ”Eؠ$QՈx(s_ dU"){$%hYot:$Q5] x}?+_ VHAoOs@5azMT^3?XツI70M-DW ?Q[}*UDޣ%‰ Xt{+B| yJ;囲Ah""߇@(Vu$9gZ –'F6АHЊhAfwGK+s^6D(VAuK !C&_]ZxO mܞ勵"͟\> Lmny)PO̻7a2K9":NxHSQ{-8DzttMVaA59&}>&H ިN!$B\Y*@ A.U_Ni~^]BReQ`82xF ~~g ,3s0/c+lal&S & 18LO-7{ht-zDMKA+yF! .$7w5%;sB#lbY /:ߜ)O'HMPzQߌ?{K-=kQGH{]v'Q4ԠEk׳w?TN d>k5l{L~9x47{"+AUT,CwdAׂHX=nY $zyL?;S.Zuf>l+++^VɽZaIVX&:d~ x 3Bl _\hJ(95qX ތij]Qr˭Iɘ$Do2֍̀b1#t]j$RY̅y|I qGW|jV u4ۺ]; N*;zNڥ]ӵ (͸H!M>^zс ΂H&˽vz q JweK1hs'WJ) Y-z>*JEr@эKkm ]=4I\ٛ/nFK JOX %\(hm-놋syVX;_K,);L aG8hHgKq|?k[p%T}+h`vaxZ^DhkN Tok{მz#yǜP%Q<9Q_.FP<([2{['uet"S4UtMQ|Úg[ƲV}:#U"h*bal[o_gUHUn~'6Dt1_ Rn3N+7$ɸ Au0ȹ5Gd J <9R- ᵗPq'UTA)i<E&'ФF5QxJ;.uNݤZO)r2 s6yqWy@"``jϠ\u@T |l,,1s7G gNIۗN%⺶Bw.`U8&m^&ptje&Sbl]d!.yb[ -u@}U#'^!Me4ߩRxaN.BV0~W)z$lK(dݮz>{$d":vtNy CP2i13 4dʕ0mx݊>ay ;)1p(uXH}T}f2hT XM/W"{R̬ #nhm ^l瘛C^'dqZ΅Sq[Z1alVZݳ|lcӨ؇;Gz_Bt0uK6w z['Qq $l"bYmEFՓ$Z)3v"q 5B{ZLif$' nw)Vwn^|ޜ <.H(ݤsO!30CfTϻV,=/>{8werup>cű7s0%5  <9e!IP3Z;ķۉ;c=x. 5Am6BLkD7;F5=Xq #Zrד"HP[v~:墎kݽ]чZN&J|!fB_܍ɤ^в'Ox`WfzVe=F$Ơ-5Oe[mCL3ru6Y`t=E/Қ>.݄)wX?O8cuI,7_{i˟M+Z$8R 7!GdgF좌p^%se{~Jy29#$,'./b:Z7v OlqҚs1'~%Zw ,-߹-E 6 @V(O44\[yAdN7 ѩ)"hL&D 7\ T3IJj & 5k9hL#Nr@PS(a\ѷZūc;f b#snc6<U WuTd35!+5Lj6l=JfQv}K`WS]n1KLjć2q{hr?hr(|h8ػi8 zD@5ژll<~[[d/{Z]`!q~]C4̒gqq\j3@ icըY1b`M`q5 ve8P-r_`>:$G25ޒ}{  Ae6 :4,|Y ف*pl]G|aFo#`ǵVo(^zGVA֠JnCgS,#~iw vsw@[EL, b2Qv;iʴcSK/%'Pq/&'w6xW;xi-3F,6z'nl /J:Мֈ:7i!aw>08 k2-p^VsF_qEpsS :' 0U>4ݠ!cZ,?+= Ol WdLz>巌8,gof?`3AohBjSIMĢI6ҚtP×;%ӝ>yj-aW[&]}58yԅrVCX'ƳG#GrMMREJAHCC #?ɽ¶!zA8dݖc"áw-8Rɛ|pV?Q\F#(d)AjP,^w6! ]grqZKslзep]S\T6?7s b}H2k4>0݉y(ZF>W579%ЋhkĹ |~~(TQZ)z^zu\[*ԂS 2S6{QXE y>wlUDbh` -1(D-m_ײ_´U<~.޹&M4n" Z< Yӯӛc!ܟK&VVo>[nJ7v8[0/K5kTΆܾ5S6~Y+ 7@-fV|&"JI =(Z;"&KYEiF^8bV1m+[PZ7<Ϭ,3 ѐAU;EsHGA&)1:=@ζmV>ݥlJ"vj7xHqWԿ֎}IȯP.͐!%_u50&2".~M QNef1{75rNG G"4Kgɧbwiq?2˙ap׻RHlUbz)Wem؅m>|_LI靚'E>3 G >%L~tyFPj=b D.j b_{%O%_Nn<>  efjϠ'=#$5T*=6n;{vCBoYUքD__,PO  U`a$S\ԩJ7["JDQj@?8}"j]7!1"݇ɉ_@ݛl0(.mH֎i [+T8#H$z_şFvTMXzĬ.}؎'73<Kq—y 'C-5?Z-E>[4:`6} 6]KD\pUPO$dmVe^ zdI 42N Z7HB`ŗ(J5tN :sO7eȣP6s6./rj( 3tw;^0S _h[0FҦk|"nP2~IM}K_G6|"(Q7Dow*W|䕧].`Hl-yu%26y&d>EuL7V}Y£xTʽ_DNw~ի>8|_nAFD1x?`63/t@GZ .|jD]l[$~Y%0OF 鰑YYzAj&@4nyf«,VNIL }#h jԱD: YN0՘L44n 5=gz,S}sbRiL1-jWCbt$HY8Ew央MqkJ?wjXz6~B~8~n4mlqWBk!u)sUR^G)F+n&'zz$c(`Av SxfPJ;ڱ8>BCEVy L+C-:5nHtq^-g7% R)8?eؑ[*?yaށKGˆ~{ <}%QϰP9JRJ֡f"XQ?_H6k(5 ټL<3I,3ւV ] ({k]6&*(~`AփOENj៥An)Y.k' d3imؽ`h |N,)S}GHu(Ų ,_?~Ս0irG!mla.i eN%$ EM#o ˑ~/DtBP֪ZI.UE`#@\QJ2y_퍡 eܜmؘZY?%iz|5-c-跊XoU],;&}("eۼnU(KȓzQKpگ7(IZ ;+թҥrrBIa(Zkt#ؐ9 nt"M~`rFC6i)'Z&M]GP >ޓ[13wԻKF±zfM|Ұp.瓯,Bb[c pSм&IHfĜˈd _:d.-㛊EU*? C€9fW%JQg0#97`b2;G>ƐܤGɢ,.\ݟN'?@\&`f+jF ı2]ixؔ]-Uh} E7C+WI=r//XDVe%E.OR~kk(q'_TUM$='(I%TS-ʵMYGœ(# -V.2gzZۺ2rrnukCޜֱg?Q@ y2 |ix;2:z 2(Fa`A"TFؐ`m=NP8YPLƻoEg0 '$47JPAgk5 ;mY"pțۿa7U43r*`W=ZxzioyGkK=C{n6%#92kTf{@U9$k7msܻ ńk:xSD}rp]l4!d 4A`)Ш_*F׭^[Wau8n 1 25 Fp`eZ :WC[hPE%qD-  %=SK8Ti?C)j1nK).~:iAdQK6%9vkDgka⫨JsƏՇTE#nE0Tq۬Q 퍠H{ } ħGE˘LRt,.Bɭ⯒A껹-d> .zWϨ +7pN )r]=`N3Id4.K, Yqw#U맵P3ӻNĩ4;0 c5xo d0%hwlTԥNWDM}R _HM >]~|jJ~[}9\Ehiãnb=YV1:2 1W q(P5A}}&y'|Vk#n_YPY,l5b#Gv=xTS (\,Q&@kѿ^^ yѭMnyĞ}F>4JAT6p)gDʸ#t܋9`OH62:]<^}WnvI? ࿦Fm\x~@TnG 3Jc'qu !V0 RXg6\@S.ð ?2u9R<2v|l&볯|ά .>/oj"gҭ̐s30hFn̻1qf:'Um< 2"סDSBpRvj߯ (eeLMh]a)DGQ.fn(W'^Hra@ "B,z4h٦&7HsGȍ-H}Μv+ 'ܪޟF1ňLvlAZ1|_%s5fA)\=L{\kYSM~w{]39ؙe/N_VTr $ǀ,D),I[6juKV:Q>8{:+񙨂9Je5i#" 01y5iY?ϬEݍLuzs*7Aބ*Mi9KՈeTŖpml=lub@fW7`lRA3Me/n$pb[ >W~.퍋 yӏܿU4)BΆ YR'JňNP9/NY}uVt }ӂO8A ]Z.,ejo( TE֟jj'z l\N"ś.sW ȉ.9h<4RL6aGB}[ \ِewlJ4X'E‹Xvط9 Unt"ƙ{F@(T<7*6 Zݎ4+kEL-79e|h2H#,0a.J! )Jrcb#gxɇzܽDv$ %-RR#P'*CSڭ FC _(v-7ƞN5eɄ;_드 .Աb`_w1Np#_8eXvY{^PG#(0y)FlTmcmB gOJC%be~c>}l,@wu7Լ+?,;pJYB? RQ?j[iV)(ۅɎ[ycVRjd_Zfv<&r]`X5d}{`>2;Mgd^~* }[V{TeQNƔ*$acc_QK\|/L11 E\﻾FGzo5ZҏT1Z%q(9[zwNbד` 1,A8/d>ծCdMֆ|cl\w_5bgaxHTZc3^= YZ