libjasper4-2.0.14-150000.3.34.1<>,8f&'zp9|VΤfGH u'-^YVZg=R,/2^% `  \" ~!\ :p.a?Me^a,G[n ' kO)fBN&" |b^CS?Sd  " 4 8`fpx |     (h   (8$9l$:$>O@OBOFOGOHOIOXOYOZP4[P8\PP]PX^PzbPcQ/dQeQfQlQuQvQwRtxR|yRzRRRRRClibjasper42.0.14150000.3.34.1JPEG-2000 libraryThis package contains libjasper, a library implementing the JPEG-2000 image compression standard Part 1.f&'zxinomavro8SUSE Linux Enterprise 15SUSE LLC SUSE-Public-Domainhttps://www.suse.com/Productivity/Graphics/Convertorshttp://www.ece.uvic.ca/~mdadams/jasper/linuxppc64le8f&'wf&'x698793ffae5b4a4d5c4f7c2ef92ad23da1ebf3f367dde57bd5d1d631d115be54libjasper.so.4.0.0rootrootrootrootjasper-2.0.14-150000.3.34.1.src.rpmlibjasperlibjasper.so.4()(64bit)libjasper4libjasper4(ppc-64)@@@@@@    /sbin/ldconfig/sbin/ldconfiglibc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libjpeg.so.8()(64bit)libjpeg.so.8(LIBJPEG_8.0)(64bit)libm.so.6()(64bit)libm.so.6(GLIBC_2.17)(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.1f"\e@c$e@baG@ar@`!'_FN_:q@_5+@^p]@\@\\@Z@Z@Yf@YdYdX@Xg@XX~@XO@XZnXOX=XX V@VVUVT7T@T@mvetter@suse.commvetter@suse.commvetter@suse.commvetter@suse.commvetter@suse.commvetter@suse.commvetter@suse.commvetter@suse.commvetter@suse.commvetter@suse.comadam.majer@suse.demvetter@suse.commvetter@suse.commvetter@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comsbrabec@suse.comfstrba@suse.comfstrba@suse.comjengelh@inai.defstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.combadshah400@gmail.comnadvornik@suse.comnadvornik@suse.comnadvornik@suse.com- bsc#1223155 CVE-2024-31744: Add missing check to jpc_dec_process_sod() Add jasper-CVE-2024-31744.patch- bsc#1218802 CVE-2023-51257: Fix invalid memory write on jas_icctxt_input() Add jasper-CVE-CVE-2023-51257.patch- security update: * CVE-2022-2963 [bsc#1202642] + jasper-CVE-2022-2963.patch- bsc#1184757 CVE-2021-3467: Fix NULL pointer deref in jp2_decode() Add jasper-CVE-2021-3467.patch - bsc#1184798 CVE-2021-3443: Fix NULL pointer derefin jp2_decode() Add jasper-CVE-2021-3443.patch - bsc#1182104 CVE-2021-26927: Fix NULL pointer deref in jp2_decode() bsc#1182105 CVE-2021-26926: Fix Out of bounds read in jp2_decode() Add jasper-CVE-2021-26926-CVE-2021-26927.patch- bsc#1188437 CVE-2021-27845: Fix divide-by-zery in cp_create() Add jasper-CVE-2021-27845.patch- bsc#1179748 CVE-2020-27828: Fix heap overflow by checking maxrlvls Add jasper-CVE-2020-27828.patch - bsc#1181483 CVE-2021-3272: Fix heap overflow by ensuring number of channels matches image components Add jasper-CVE-2021-3272.patch- bsc#1010979 CVE-2016-9398: Use new fix from upstream where we actually check for allowed value range instead of just negating Add jasper-CVE-2016-9398-upstream.patch- bsc#1120807 CVE-2018-20570: Fix heap based buffer over-read in jp2_encode Add jasper-CVE-2018-20570.patch - bsc#1120805 CVE-2018-20622: Fix memory leak in jas_malloc.c Add jasper-CVE-2018-20622.patch - bsc#1117328 CVE-2018-19543, bsc#1045450 CVE-2017-9782: Fix numchans mixup Add jasper-CVE-2018-19543-CVE-2017-9782.patch - bsc#1115637 CVE-2018-19139: Fix mem leaks by registering jpc_unk_destroyparms Add jasper-CVE-2018-19139.patch - bsc#1114498 CVE-2018-18873: Fix null pointer deref in ras_putdatastd Add jasper-CVE-2018-18873.patch - bsc#1088278 CVE-2018-9252: Fix reachable assertion in jpc_abstorelstepsize Add jasper-CVE-2018-9252.patch - bsc#1057152 CVE-2017-14132: Fix heap base overflow in by checking components Add jasper-CVE-2017-14132.patch- bsc#1010980 CVE-2016-9399: Fix assert in calcstepsizes Add jasper-CVE-2016-9399.patch - bsc#1020451 CVE-2017-5499: Validate component depth bit Add jasper-CVE-2017-5499.patch - bsc#1020456 CVE-2017-5503, bsc#1020458 CVE-2017-5504, bsc#1020460 CVE-2017-5505: Check bounds in jas_seq2d_bindsub() Add jasper-CVE-2017-5503-CVE-2017-5504-CVE-2017-5505.patch- bsc#1092115 CVE-2018-9154: Fix possible denial of service Add jasper-CVE-2018-9154.patch: dont abort in jpc_dec_process_sot()- jasper-CVE-2018-19541.patch: verify color palette information in j2 files when it's read from the file as per specifications of JPEG2000. (bsc#1117507)- bsc#1117508 CVE-2018-19540: Fix heap based overflow in jas_icctxtdesc_input Add jasper-CVE-2018-19540.patch: Make sure asclen is at least 1 - bsc#1117507 CVE-2018-19541: Fix heap based overread in jas_image_depalettize Add jasper-CVE-2018-19541.patch: Check number of lutents- bsc#1117505 CVE-2018-19542 Fix NULL pointer dereference jp2_decode: Add jasper-CVE-2018-19542.patch - bsc#1010783 CVE-2016-9396 Fix reachable assertion in jpc_cox_getcompparms: * Rename 0001-jpc_cs-reject-all-but-JPC_COX_INS-and-JPC_COX_RFT.patch to jasper-CVE-2016-9396.patch- bsc#1117511 CVE-2018-19539 Fix access violation in jas_image_readcmpt: * Add jasper-CVE-2018-19539.patch- Added patch: * jasper-CVE-2018-9055.patch + fix CVE-2018-9055, bsc#1087020: jasper: denial of service via a reachable assertion in the function jpc_firstone in libjasper/jpc/jpc_math.c.- Upgrade to 2.0.14 * Soname and package name change libjasper1 to libjasper4 * Security fixes: + CVE-2016-9557 jasper: Signed integer overflow in jas_image.c - Removed patches: * jasper-1.900.1-uninitialized.patch + not needed any more * jasper-CVE-2016-10251.patch * jasper-CVE-2016-8654.patch * jasper-CVE-2016-9262.patch * jasper-CVE-2016-9395.patch * jasper-CVE-2016-9560.patch * jasper-CVE-2016-9583.patch * jasper-CVE-2016-9591.patch * jasper-CVE-2016-9600.patch * jasper-CVE-2017-1000050.patch * jasper-CVE-2017-5498.patch * jasper-CVE-2017-6850.patch + Fixed upstream - Added patches: * 0001-jpc_cs-reject-all-but-JPC_COX_INS-and-JPC_COX_RFT.patch + fix assertion failure JPC_NOMINALGAIN() which can be caused by a crafted JP2 file. * 0001-Added-a-fix-from-nrusch-to-allow-JasPer-to-be-build-.patch + allow JasPer to be build with CMake 2.x as well as CMake 3.x.- Other bugs fixed by existing patches: * jasper-CVE-2016-9395.patch - bsc#1010756, CVE-2016-9394: assertion in jas_matrix_t * jas_seq2d_create(int, int, int, int): Assertion `xstart <= xend && ystart <= yend' - bsc#1010757, CVE-2016-9392: pc_dec.c:1637: void calcstepsizes(uint_fast16_t, int, uint_fast16_t *): Assertion `!((expn + (numrlvls - 1) - (numrlvls - 1 - ((bandno > 0) ? ((bandno + 2) / 3) : (0)))) & (~0x1f))' failed. - bsc#1010766, CVE-2016-9393: jpc_t2cod.c:297: int jpc_pi_nextrpcl(jpc_pi_t *): Assertion `pi->prcno pirlvl->numprcs' failed. - bsc#1010977, CVE-2016-9395: jas_seq.c:90: jas_matrix_t * jas_seq2d_create(int, int, int, int): Assertion `xstart <= xend && ystart <= yend' failed. - Other bugs fixed in current version: * bsc#1010774, CVE-2016-9390: jas_seq.c:90: jas_matrix_t * jas_seq2d_create(int, int, int, int): Assertion `xstart <= xend && ystart <= yend' failed. * bsc#1010782, CVE-2016-9391: jpc_bs.c:197: long jpc_bitstream_getbits(jpc_bitstream_t *, int): Assertion `n >= 0 && n < 32' failed. * bsc#1010968, CVE-2016-9389: Assertion `((c1)->numcols_) == numcols && ((c2)->numcols_) == numcols' failed. * bsc#1010975, CVE-2016-9388: ras_dec.c:330: int ras_getcmap(jas_stream_t *, ras_hdr_t *, ras_cmap_t *): Assertion `numcolors <= 256' failed. * bsc#1010960, CVE-2016-9387: jas_seq.c:90: jas_matrix<= yend' failed.- Added patch: * jasper-CVE-2016-9262.patch + Fix for Multiple overflow vulnerabilities leading to use after free (bsc#1009994, CVE-2016-9262)- Added patch: * jasper-CVE-2017-1000050.patch + Upstream fix for NULL Pointer Dereference jp2_encode (bsc#1047958, CVE-2017-1000050)- Modified patch: * jasper-CVE-2016-9583.patch + integrate upstream change 99a50593254d1b53002719bbecfc946c84b23d27, which fixed a null pointer dereferencing crash.- Added patches: * jasper-CVE-2016-9583.patch - Out of bounds heap read in jpc_pi_nextpcrl() (bsc#1015400, CVE-2016-9583) * jasper-CVE-2017-6850.patch - NULL pointer dereference in jp2_cdef_destroy (jp2_cod.c) (bsc#1021868, CVE-2017-6850)- Added patches: * jasper-CVE-2017-5498.patch - Upstream changes putting braces and belts around CVE-2017-5498, bsc#1020353, left-shift undefined behaviour * jasper-CVE-2016-9600.patch - Upstream fix for "Null Pointer Dereference due to missing check for UNKNOWN color space in JP2 encoder" (CVE-2016-9600, bsc#1018088)- Added patch: * jasper-CVE-2016-10251.patch - Upstream fix for bsc#1029497, CVE-2016-10251: Use of uninitialized value in jpc_pi_nextcprl (jpc_t2cod.c)- Add -D_BSD_SOURCE to fix redefinition of system types in jas_config.h and breakage in ppc64le, s390 and s390x (bsc#1028070).- Added patch: * jasper-CVE-2016-9591.patch - Fix for bsc#1015993, CVE-2016-9591: Use-after-free on heap in jas_matrix_destroy- Added patches: * jasper-CVE-2016-8654.patch - Upstream fix for bsc#1012530, CVE-2016-8654: Heap-based buffer overflow in QMFB code in JPC codec * jasper-CVE-2016-9395.patch - Upstream fix for bsc#1010977, CVE-2016-9395: jas_seq.c:90: jas_matrix_t *jas_seq2d_create(int, int, int, int): Assertion 'xstart <= xend && ystart <= yend' failed * jasper-CVE-2016-9398.patch - Fix for bsc#1010979, CVE-2016-9398: jpc_math.c:94: int jpc_floorlog2(int): Assertion 'x > 0' failed * jasper-CVE-2016-9560.patch - Upstream fix for bsc#1011830, CVE-2016-9560: stack-based buffer overflow in jpc_tsfb_getbands2 (jpc_tsfb.c)- Update summaries. Use %_smp_mflags for parallel build.- Updated to bugfix release 1.900.14 * Security fixes + bsc#941919, CVE-2015-5203 + bsc#1006591, CVE-2016-8880 + bsc#1006593, CVE-2016-8881 + bsc#1006597, CVE-2016-8882 + bsc#1006598, CVE-2016-8883 + bsc#1007009, CVE-2016-8884, CVE-2016-8885 + bsc#1006599, CVE-2016-8886 + bsc#1006836, bsc#1006839, CVE-2016-8887 * Changes + Add another data file for testing (Michael Adams) + Ensure that not all tiles lie outside the image area (Michael Adams) + Added a note on sanitizer options (Michael Adams) + Added a simple test script (Michael Adams) + Added an --enable-memory-limit configure option (Michael Adams) + Manually merged and edited a few changes from Bob Friesenhahn (GraphicsMagick Maintainer) for Windows (Michael Adams) + Added some new mostly small image files (many of which are corrupt/invalid) that are useful for testing purposes (Michael Adams) + The debugging function jpc_dec_dump did not consider the case that a band can have a null data pointer (when a band contains no samples). This caused a null pointer to be dereferenced (Michael Adams) + Changed the JPC bitstream code to more gracefully handle a request for a larger sized integer than what can be handled (i.e., return with an error instead of failing an assert). (Michael Adams) + The component domains must be the same for the ICT/RCT in the JPC codec. This was previously enforced with an assertion. Now, it is handled in a more graceful manner (Michael Adams) + Fixed a few bugs in the RAS encoder and decoder where errors were tested with assertions instead of being gracefully handled (Michael Adams)- Updated to bugfix release 1.900.13 * Changes + Fixed another problem with incorrect cleanup of JP2 box data upon error. (Michael Adams) + Fixed another integer overflow problem. (Michael Adams) + Replaced the remaining left and right shifts in the QMFB/MCT code that can result in undefined behavior (due to shifting negative values) with call to inline functions. These functions collect all of the undefined behavior in one place and also allow code sanitizers to ignore this ugliness (via function attributes). (Michael Adams) + Fixed a bug in the row/column split operations for QMFBs. (Michael Adams) + Made the PNM decoder more gracefully handle the not-fully- supported feature of signed sample data. (Michael Adams) + The PNM decoder did not gracefully handle an invalid magic number in the PNM header. (Michael Adams) + Fixed a MIF decoder bug. (Michael Adams) + The imginfo command did not correctly handle an image with zero components. (Michael Adams) + Fixed an integer overflow problem. (Michael Adams) + A new experimental memory allocator has been introduced. The allocator is experimental in the sense that its API is not considered stable and the allocator may change or disappear entirely in future versions of the code. This new allocator tracks how much memory is being used by jas_malloc and friends. A maximum upper bound on the memory usage can be set via the experimental API provided and a default value can be set at build time as well. Such functionality may be useful in run-time environments where the user wants to be able to limit the amount of memory used by JasPer. This allocator is not used by default. (Michael Adams) + Changed the configure setup so that if GCC is used warnings and pedantic errors are enabled. (Michael Adams) + Fixed a bug that resulted in the destruction of JP2 box data that had never been constructed in the first place. (Michael Adams) + The memory stream interface allows for a buffer size of zero. The case of a zero-sized buffer was not handled correctly, as it could lead to a double free (bsc#1005242, CVE-2016-8693). (Michael Adams) + Fixed a small memory leak for CRG marker segments. (Michael Adams) + Fixed a problem with a null pointer dereference in the BMP decoder. (Michael Adams) + Introduced jas_fast32_asl, jas_fast32_asr, and friends in order to pull all undefined behavior for left and right shift of (negative) integers into a small number of places and provide a means to have UBSAN ignore this ugliness. (Michael Adams) + Fixed an integral type promotion problem by adding a JAS_CAST. Modified the jpc_tsfb_synthesize function so that it will be a noop for an empty sequence (in order to avoid dereferencing a null pointer). (Michael Adams) + Added some extra debugging log messages for memory allocation/deallocation. (Michael Adams) + The RCT and ICT require at least three components. Previously, this was enforced with an assertion. Now, the assertion has been replaced with a proper error check. (Michael Adams) + The member (pi) in tiles was not properly initialized. This is now corrected. Also, each tile is now only cleaned up once. (Michael Adams) + Initialize uninitialized variable. (Michael Adams) + Added some options to configure for enabling various code sanitizers. (Michael Adams) + Added some range checks on parameters in some JPC marker segments. (Michael Adams) + Fixed potential integer overflow problem. (Michael Adams) + Added some functions for safe integer arithmetic (for size_t) in jas_math.h. (Michael Adams) + Fixed some indentation issues. (Michael Adams) + Converted a few raw mallocs to use jas_alloc2. Added code in the jas_* memory allocation/deallocation functions to generate debugging log messages. Only disable JAS_DBGLOG message if NDEBUG is defined. (Michael Adams) + Added more error/log messages for debugging in the JPEG decoder. (Michael Adams) + Added some extra log messages for debugging. Added check of value returned by jas_matrix_create. (Michael Adams) + Applied fix for VPATH builds (Michael Adams) + Did some configure.ac cleanup (Michael Adams) + Fixed 'inline' for older version of Visual Studio. (dirk) + Fix a potential double fclose of a FILE* in the JPEG decoder. (Michael Adams) + Changed jas_types.h to assume that header files required by the C99 standard are present. (Michael Adams) + Incorporated changes from patch jasper-1.900.3-libjasper-stepsizes-overflow.patch (Michael Adams) + Incorporated changes from patch jasper-1.900.3-CVE-2011-4516-CVE-2011-4517-CERT-VU-887409.patch (Michael Adams) + Incorporated changes from patch jasper-1.900.3-Coverity-RESOURCE_LEAK.patch (Michael Adams) + Incorporated patch jasper-1.900.3-Coverity-NULL_RETURNS.patch (Michael Adams) + Fixed memory leak in jiv. (Michael Adams) + Fixed a sanitizer failure in the BMP codec (bsc#1005084, CVE-2016-8690). Also, added a --debug-level command line option to the imginfo command for debugging purposes. (Michael Adams) + Added some missing type casts to ensure promotion to the correct unsigned type to avoid undefined behavior (and stop warnings from USAN). (Michael Adams) + Fixed a linking problem with newer versions of GCC. (Michael Adams) + Changed --enable-debug configure option to enable some GCC sanitizers. (Michael Adams) + Added range check on XRsiz and YRsiz fields of SIZ marker segment (bsc#1005090, CVE-2016-8691, CVE-2016-8692). (Michael Adams) + At many places in the code, jas_malloc or jas_recalloc was being invoked with the size argument being computed in a manner that would not allow integer overflow to be detected. Now, these places in the code have been modified to use special-purpose memory allocation functions (e.g., jas_alloc2, jas_alloc3, jas_realloc2) that check for overflow. (Michael Adams) + Add fixes for CVE-2014-8137. (Michael Adams) + Added fix for CVE-2016-2089. (Michael Adams) + Moved abort into default case of switch statement. (Michael Adams) + Remove auto-generated file aclocal.m4 from repository. (Michael Adams) + Removed HAVE_VLA stuff from various configuration and build files. Also, changed a few INCLUDES to AM_CPPFLAGS in automake files (since INCLUDES is deprecated). (Michael Adams) + 1.701.0-GL (Richard Hughes) + pkgconfig (Richard Hughes) + Coverity-UNREACHABLE (Richard Hughes) + CVE-2016-1867 (Richard Hughes) + CVE-2014-9029 (Richard Hughes) + CVE-2014-8158 (Richard Hughes) + CVE-2014-8157 (Richard Hughes) + CVE-2014-8138 (Richard Hughes) + CVE-2015-5221 (Richard Hughes) + CVE-2016-2116 (Richard Hughes) + Coverity-FORWARD_NULL (Richard Hughes) + jpc_dec.c (Richard Hughes) + Coverity-CHECKED_RETURN (Richard Hughes) + CVE-2016-1577 (Richard Hughes) + Coverity-UNUSED_VALUE (Richard Hughes) + Coverity-BAD_SIZEOF (Richard Hughes) + CVE-2008-3522 (Richard Hughes) - Removed patches: * jasper-1.900.1-bug258253.patch * jasper-1.900.1-bug392410.patch * jasper-1.900.1-no-undef-true-false.patch * jasper-1.900.1-bug725758.patch * jasper-overflow-bnc906364.patch * jasper-CVE-2014-8137.patch * jasper-CVE-2014-8138.patch * jasper-CVE-2014-8157.patch * jasper-CVE-2014-8158.patch * jasper-jpc_dec.patch * jasper-CVE-2016-1867.patch * jasper-CVE-2016-2089.patch + Fixed upstream - Force -std=c99, since the upstream sources assume C99- Modified patch * jasper-CVE-2016-2089.patch + Use the new version of patch from https://bugzilla.redhat.com/show_bug.cgi?id=1302636 with more targetted checks. - Version the Obsoletes/Provides so that the package does not obsolete itself- Add jasper-CVE-2016-2089.patch * CVE-2016-2089: invalid read in the JasPer's jas_matrix_clip() function (bsc#963983)- Add jasper-CVE-2016-1867.patch * CVE-2016-1867: Out-of-bounds Read in the JasPer's jpc_pi_nextcprl() function (bsc#961886)- Add jasper-jpc_dec.patch to fix failure when manipulating images with 4 component color using reversible color translation (deb#469786); patch taken from Fedora.- fixed CVE-2014-8157, CVE-2014-8158 (bnc#911837) + jasper-CVE-2014-8157.patch + jasper-CVE-2014-8158.patch- fixed CVE-2014-8137, CVE-2014-8138 (bnc#909474, bnc#909475) + jasper-CVE-2014-8137.patch + jasper-CVE-2014-8138.patch- fixed possible overflow CVE-2014-9029 (bnc#906364) + jasper-overflow-bnc906364.patch/sbin/ldconfig/sbin/ldconfiglibjasperxinomavro 17137765062.0.14-150000.3.34.12.0.14-150000.3.34.12.0.14-150000.3.34.12.0.14-150000.3.34.1libjasper.so.4libjasper.so.4.0.0/usr/lib64/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:33539/SUSE_SLE-15_Update/d2a2045f9483a3df7cee26a6283e16f1-jasper.SUSE_SLE-15_Updatedrpmxz5ppc64le-suse-linuxELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, BuildID[sha1]=c3ff0cc4b37d15d86b10810f3e8f08558bbd264d, strippedPRRRRRR5 C۰{ utf-8c03c74019355657d00de863ca70a3ee2c379119aa0f60d8312925e4e0473488b?7zXZ !t/]"k%f0]d y*QЯ}te;\_֙ɾyᦧ,Mtl\I(C7 ^l uh f^)-5 Ful +dHϡ]64snjD+✟;A?u^hҗ>S#p۰g{҇uZe^T`fn|< e>CzÞ6VQa4'{8ZGjA|4ƍ҂eğV Ӣm;K"[hF5+DiaԮѴ?W p|F8lJ|IfʓFxdsp}PC\׸9UO-9|3!nyLVH/$5>/-?݂ }x|owd/@G`XSR[K.T{|*$aJC*z,NVm<  b-@[k2_ͬOOxCl!]7#hMgQ_SI[m5v98#jtB3-U(1vɪ`*K2OqI,kM;;tO9 ҁǸZj\UTxLnO5~mYhpYg7՝z}a7&A2I#~ʆƲAX묦eK z$-ˣ'_l O_-If+%R3m*v+{\4k$gR5jlJqu|DCP= !{GhZVlL3,V0s܎VqHNEwNI,}#8;Jm R8偈*g>{QLmXp{Ffϙ]BG##%!.N&{eW]߆Tzug: qƐ麦d3A]TBor=ŢPnr7x'U9%u7i ɿkEvHK6m%nm o|6;!T>-΢QrO~|- $F5Y?Ra x'Br) Mk\"̒R1sBWy#4M\:ΨaE晫цv%c5vfK@2BTS6&j ;48Sv+"q>fsZ'<LLG,{T4/)1εwX9 \kҐdXR~y:lnM,<sVj܀tOGD4Ea ( ]7;rPҺ1 f"6}4c@Bbqb깤9 UEa0MU8wX?Ԉ=!kKų #LL}#x .e tվX)j֎:mí vJdtrGܰWoS. T 9 xЙ1fŷ*edV@e~"BwbzUy&];X`Jzc@[<GDQti8K`c VݷDސj'n:F>x_ӀN:bvFA2 ' X #\Suœ.zEcVF S/sr,5BxL{RC<[K6\)[r*F!:| a/i%ol]UQs D=CZ?֎@~٩,c@TIxmׯ0v^^@ u¼}{vdšm7K`저65Q!6iWa\UUBFr3GwI.ِ^D\eqvpC0 ,C^{˧{$$f^`Ӱ4Sr"%3մ.q;EӁ{3ao.0somԬ7?$jݹ5EGba\@`m:\ؿ9e-SR""cr sgXzՠр\)j3Vw<1ƻc/M;AnvcH-3_ЬYH!3NQH7CW`6nWcBgMUYo?VbB>IHvR6Ih2ԉŰY_ʗ B =U~jFZzZ` /0;˽b:Čmc:e&OB̆ԖsL0bDZ}=FYF_VP3)iqNg{֔e), \y|gKqӶqu3]4W?ūwںmF욁tLva/!(%ҹP3<>O 7'ýwF! Ll)i\@VW%^0+[+vrPĉGp;0=Lr ۮ{GFU1fPYr"PJƢFii 8pwڭ{64!Zʊfƌ~jΓkT0~:B 97\ eBgx]5Kw1NZwn=Q'3Z!#lف ̓3ޘ #t0 Μ.8>v%q瑆LAZltN2`c}bDUP3ϒ XIG[ޯ@wK" &."$nA MDƱQylgg8 ޾*y ѝ3U?s2P~OnnT`rM6Fϩ3I3| DM!3 4àn(ݨ.o0DO,cX'p6c&d̴|,5C~B0`oLn_8kg=X[^N˨s并YCEbx; f 'RJzƦܥ~ee-CTM $M C@%*,r&}lGWڙhܦF"\ӝj}0b_ F%844 25$ltd'Reۻw242T$$ܿ嬁W ,R_8%=pw>mCC#! ?Y#`ny0_&U_anX4!慖q!R )-fIJu|f (ᱽ/>t$}˜p Ơ`4ײT7ʾ$X DMPOÞ΢Ϲlޏ~, {6(HaD NysQQ{SjsԌe=(O2y'o{AV)׻@,~ߚB"XO<{h1yk;N?C? B{ NfXns6ZYfۚ #2Xn-bq4zػO}(DW*[AۀD[v=ْ;SvbDYă/3Y*o54Srmq@-F׻m @@9FС5%Ob«_q]ga왷%5 5W 3gKuP9x$[7E[#mU0 ׷MOmߛȈ4ʵ+jX~o~Go;5CKDaq Rm9A:^dhmy|ey/UW ޕ<t˔Z#VZgUx:e-bm}S"kDTHmg8YtQ$'7T8O a嗎3`vWzL Sh;io B楢0+M~ةLaR18Ssu-fG}5'I|,hNvb]Us._[y1`&M9j՚C24C5ἣi2 Nl+jLj/'YܲwE5`6yWi`ȿJ! bM' ;B$E GUk v ++y YJ+V6űH]ahj-9[5b'6Ik6sGJKRۉ6.<\or+cg1<;bg&:KTOܹ%|YDۑH.݋&A45ۉ$/wbM?zh`Ƅ8L 8v̯WA„3Ւ)dlFtn~Qj `kvSvLI?k4hmvyB2,&NXaڞڪ=҉kX/lg֙U uq> 6޻S!͖Wa ;9 A"I{wmc:/Qz$v߁8Ep]B6E"wg;ώe*oCJtZ= *Lzf@,Ċ26ΰ0æaaku![u 2ج>Il+sDlL=T (Z 5%f7YggߎfaʆkםR3h|C_ Sh.gn줩.fLW5 X"^zS͊rKH{@^ڴD.J&/nNfz n0hX6 Vki20}P>~GQf[J!*t؄2)jV铋\^ESp o;06"[z#WNq;G&pU u5(ķO]HB<"Ȇl֟630Ǜ ȩMZWiEY)h'(Q *3 ƙ'CFڏ:A^'Z_^!g^X!?EݗKDUBDFb칉g#7 Zf&QN37S0jt~N bW9e沯]U3 ÿUyx6KC0`f==oS'VI$IpzR*sԻXUrOC;9Qª[2 &)z a0+el5 !SkQoRV.@bRu¡tTNA`Dfߪ=*f=jqW3eMx oJ_@q(4|幮_Qp%BAzjRWuTd]L>wUenIȊwƨ;&͉IǤ"ἁoq`/,sf.RO~Fȷ`?2>Fd?QpYoa BX^T,z=v|wP̲up"w3%UW?8C}aDBo`{2k (saŘYGNȦ`}j'a"}/ŎNPU"Nn۴*<ǣOQ*\|[4M:)qlQ5O\k]: PKBίEW&߰o͒)'Gx!h0!U`4$%TNV>cy#SӜhvFtshffѽp(!x%]4D2&}GЂC\+$b1@*e:]PB,h& ABbPdmX&$Ah|  R]n |2pD~V7稄NVuoKc5mV$i(gK13{P zD5 |1 Fݗ;n~ʠB.= Ϲ 3?J<О$ޕn[@6'R;k! 'W}iM@l.qm6ZH|$ 9?}>zFQ/| xʌ5Ky"t֐Y BBy`O ϕwb(0 R*NG}!+sxEQ|hixԄ8ȑruM ,nQY{L/{xaxE!.n8 kUWITiruOׯɹr~Z$D3:h'[u ӳMg`Y|.hrknSQ1x*`9Vwgn"Ļ6Coq2M&sT MSD^$~Wdi ,X5n2`.?p j,,f]ۭX9m^9oZàԓIK_ =C^^wR=OMJZE2i,5NBi+ GuN1/׮ v1w^(~B_r¼BXV[ .l7aƑŁ$:NS&+/v1k#`i~skE鿈c 0l@yZ6u!M3i]>v14圏7.wx+WR@E姘j=k)zPFab7{z?^VlǢhcit,{b ǯ(p!Xvii-mZ =N'lSe5דzH "CKc7oXoxB0]r>uD3!wfkF56iA<(Wz%n0˟NS+_ * 4IQ{fX ,]T,5I8>15S"Z5ϩϷ'b9*ι̒P)k&=+ ؕu۩ ağeX_.CA*ywH쟰|2ڐ{OBŌ13t pa(]mq' ߡ{#{y j*8 ɳ sjS)sEtb$ 8"2sۚ40x`2O{駪 NXM{6*o#Z#\ٱ:@JV"z<$`Y: ۛgڝr9dA0Jy;ZY=uFwe"=޹M롾>跬̓|ںU"0ु,aUz-z-'`-E.jgg, 0H$;f_@)RWN"1SiT`]71SYpfD=dþup|c}%NP[ C4L몟@bm7 Lb:$`盨- CL)g'L'Y~[|I"*V쟢 Z4#p$;wv`JևиJt#KcP:PX|~K|UN_z xu+x'fuaBoυGwduc8:/>>¦%:-~ِ\?/m(eĦX]` :GcJ% 4Irit+-8 UsCu$ %uY9l} 6i8wx#aEnESOZφس ;0 40!")I׼%_hvMn>>VW%{=Z {¥X#g*-59WL`.kY=C'IJ O%Ju lAw~*Wmg˗+H#ܫ] Y_Tg'2ίBG5qJү.!^2()JFn 'K\ =6 ėG""`)4 ۑ`&h#u9e(n'O6cm GI!|34ЯҦ=2m;Nƾ+#Q[I /asG¸ IgQK5JrE> ?nQ|_Cg": w 3*ޑgz{ʰK8&Bs5Xh9X,=Ѡ@{ "ptZId<"_[|Rmο0( 3pPȽ]HC?bwQBsEtqh҆]sk]i^gZGty _ˤ$Bd:~K" &JřGCrD Y<\Ii&,&9/BEOPT x~#)vy+iN#k-ձ^#ONgx X4WJ(gZQri30p_8_Q!뗲&go`}ZE_u zxu#iLTKߴ'rm#VҩL۠&/ ^l[?3r+u5sGn%&Q|*OOlcmj]pDx5Nm|RaeFnR *t[ZvoJG1/,cPblKiL? [a4qWTQ5`mSB6]s7ujm` VU';5]z6ծ|{Gn8jn{"[ala&Os-^Y E>*y7_-v >fc}ـ7z: uiG=ΰK?lqaIkїE׺)>r[|%N{w J #Ů8yt`DW)䜹殚6 ެ,v`F_|^5`(dc38/N47aB)$ƬZR R$a;\XRjHp Ig»B'òa~\_Iٵٸ%tÜKޝhNu(*)v ~Ab lrMz8I2r`T'Ud|9}"cܭ+ŏ:9Ѥ~,&*( (/ z|y/NɃvbmеv”8R+Is i%-^t0y16gkU%Ga k?p,gەm 0M Z+V! ʠ)nHjU``Yр> c@7ufpr~S@;O<" ^,HÝ>BʎeO橗6*LLX҂wo2g 2 3[5,ϸ @|0[T֒Omkk?ϝ:C[YGdmZ &OmJWvM2 ?k(Y -M!Ψl} ;%R9>j4L kY02Pqsr2p FZ-t8{+2m=q1dP|(]*MQ@+$d_>Fu?K9^,д٪+mt%)6`BZuQgOQ51]EE|b(^6 +!U+\> B{I~yev1+0D4RkmՑ O^W /#:+xDv]gᒡv:6dJ:~z-9w*OfS:F:,P7͓l3,fa9V-Rf~Xx;gZW!n!۱5،4|pm{HWu]C yuPb z? Svs"u80`J-1=C{ _gQ#ٶ&Q2 GЪD1_S4t,E( N)tnw̳<.+z]/~ǃx0~C@=D*=!y|c@#ȩ4cwWe=s: k42JsU *J APNW*/K#Tl ~:lTK eKRK@ c`p!qkt^mҥ%d؄-$V,X(u,_uGsXx D8>өAÛZFW"2_`ٱ*djm>A^TZҧ,_.m8V91b|A6'7?j /6l@lk7ρ"P8Z⒊f jD 4)uGE^si )ueJ!<4vYZ3ؓЬhnP{I-!d|>4Ln G0uxRI6(F\:2vn@ d!7V1@.PfJT J]mQJK&Z?$?"bڍt5ş7 'SfoTnd&>׿O`r)䫦~{;q<' nM (%4_ceo>),X39z;i8su1[Erf1a%d2\4Kr@+QWsQ*K"&dNnqs"@ء-.RJP iz3s _u3'g +]dڽ8w9*"D3,1jHq8VâV؝mM=6 \C{i*҅FWy(;g7*ClUeP+!9cJ؏T{@ɦm FC>@l}?s!wu}5*pkW9Cm[Cv>"U\]xptT U̞Ͻ2쬋%G߁D3Ui+fwmb^~Ttl,ZѳmH*H27\:-a?, I^IDBDhWɚ 썅\ڱ):}TtL k`zdrOPV0Mzohv(h^XA&&/?FKk7nsb('V>P)n|$m&VcU/ Y#D=)9Yyٕʆx.ksbϓ<9fz_ٖ#vMv겔)̩(|]v)ʴ[(dd]70{slֻƭR_^ۢ9?scZэ#ncW+PG*]Kc]%afrE6m iU4>6Lȋ_\3ZKPƬe{qLC) MʰHWh3pÃ׳~Ul}?P;Uz_b}YGDJvc'^-@oURsMr&`J^^ڳ|?QMz}Ob{=>eS\`%ߣ3Ҕ-fSZD/Z8xޘ(} Xt^a@",x \Hs[dM$g?v_ezVnKNl uPR+M6F5b%3ChC!6=1jjZsF[W&vQD[}П_>f( 'C<|¸FF֡Қi^+-RS~R/)@wdb'K [շ3C2_3~#'0'_4hrF*̩l+tض+ӿk!t^ҜїENgGLAdz>XׂZ޳bI蝞`e4;IWH!ʼnݙ *u>.5҈@s34䓥 5#l3B&7w ,EC㼆-6I*ANQA8FD1CBS<02Q)JlQ@t]g@"Km z0Q6?[/|+\M?h!kYny[R-@>&LL1N-Irz==26e\\*!GV:3^v||W} oLg^҃ 4ιpSn%3'6O\ebBXCip  }d?Dny9v?[8/@t$#* D=}P'Tz7q34IU*E7 Е~DKHq4S7!n͞IC7rV}H%7OK.r( d4{I J $x޽o}Yu ?rnDN(]oՉWY 8Tһ1wDO8 [<p*5?E а#mў4f~ H3N 3lLH`啰BF!@IsU8W%\ 7q.Mޱ $ z 7o @`ҷցUΌ<ʌOz 2; abUiZ'[qu[M0`VB2LMPyx{9yL\t o=}#lژqÄ/ ׳>/8}OxG 7fO): ֢ -<jU$)2v<Ҫ-_x)*w2RR.2xҫzXBmikb iHrZVQse%( 򈩄7'!*j=#!W_߷mT:cܧ?0%83[~Z#o8xh.Ӭ\CV hi4AnehĹIǪpJ Ʈe+E3 .9Jm8"r.p~"ED :8Y聶ԓKdf(sq YFI[kEy$ J0{ 3d^l@"Z\f?ýЬ-r'I^J$۳MS/b3LnƟ8r7!t3^A"v@8_?i, !V [4%p%e;}u-euGf6)F+ JUfKM%M,KՒ?sNcT ,,LOs2oGkm.^$u̺Y?SG˭ K^ Dt6C)bjX:b [J&!o]kb 7P#ȗa"w~gŠsv i3-)}o0_RsB ^fP$D` osC,䚾࿉1/N2ta^i͍M)K#n/]`qvR,+Vx{kaK[%^>: hN i⟻FR0|cTd?y12՚4Yϋפv|}-k#5~p+Bc~u DR3[G<1yv_L!mZxNs/i7jF ~n@ˡfaiGY5NwF٫f9dQZ* ܅LS`)k@“pȦyn`C:1wP(6$ y6( sI"`ޜޣ8U*\„ &bFZlWY1[74Pel zC;3Qܰ.? Z:Gy8jl u&!54c>)^ }D #q^? ϸ,9]9ΧDȒ@prv'vHN8:7⁈Lr>sI"UޜoЋlŧkUp=wk_? `.;FKjIN&a[*" $8` ]@aDR0mj7dАa8o|w/}qsHw$\uxP34cB=3u=7MƗ]Yqd湴ƋOHܓ@۬cHCj':P2>,#e}]~W0V6eF5RꅠbnP6pf`JK$pUv L,|Xl=i./Ġb*yF={k5SAw_bQHOרVGĚg|)]Zs,4.kv@@{n8B{=& 2t/%SGGDn y]"P5/c\;!;)C/Q P|1rVT_qTF8:s,cxc8MK԰POM!*1hy|ϓ\NE%B+iZe#ObзڕΪtͨӎTieZ? czd.%?GT[,a5ܳ}@%_sƉd _YjFy37q~~Ȟ f8w.tP ,9Vk ;w-G{gM[@G,wpU Ec%n]R ;"=Ǔ8ՙb |zIZt¬(%DJWZ's E%Md uX2|=`{񾥩a_o2iQ}|' Q?@Hxq7X_}EI@3i?&z=Bo bXdcV( DN諲ÏK. g`t_Dd'͏y~TŹN?ɐΖb㜽p[cK|IkeXb_w}i]4;+k #bog \vA肇OV%*YGε}9%UAI5[Kz. N=< UJ9,é|[֍ ?'-tl hƋ1"_.l}X!:.I nR[ e-5}bG}6;o/cNXT1,T/7_hxO,ٌ mOeAVϺa-ufwNm0!+g"--8`K'KYwTVeBҤ M T#K'),`:ME (ɬ ȊJjgr %od؏.vgr`D:_U£w  m At7]!ZJ \d]o3_eӽ|7VQoG톈~ks&*SsuLguC H'ʽ]h6齄͈ i'g!s&[F5VDzf79Ldd/IFP0:[}=t|UIWe Wsvkh"ΚGgdxҋ$imD:0wКhzDi]сC|;_uIJЍ-NJvЙwkcQ B&&]!.Ȩh 5_rAZGt"nة+ӗ|ȿ9E_TI v׉qWSZlou 6}:B>uk;n%Ő,5H\G;-P1zm=Q6XтpFt-# /8/PzNqb桼DdBq﹄wi DhqB^Zŕ]}|`e cGT]BA8zx{E 15l-8:"gR-7nzA^"{ ."x(gy(zOd_t.fv0o/ i6l::Q='_e7Y~Wuk-wk1CYUt|!wKe+q888^``U0/jpqK#^8>k,P#iqah]ԇcU'\*7n26n><"--dt 9RԓV O7)?i2w8=5ˉڻvjԇ ȓ:bo,;?d\š,5̔YMWܝq4 ːI*>9W wB^Ա^B^7Fߢ# H1 O3U2NkKj`8U1(ZlfE*Zt}w ()L ~52gFt0B$d0ZtfPUD==|,SQŽ ?c,S"3 I @ r!r-ɦᾑBCH N݉B#b>ݮM$F<$_N5ӎrAꂁ#Q-Dz! 3EG%'*=H/8% {1'@ a M+te+TTt \P4Ų{:у *}G^9u= >T-R՘Ix쨥k:Y[^alVaąS3*_؛ű]9FL< "[H$vAzJ^͈c^]s6b1m*e` lw|r"宐U`8%0oO\-9#kSϤa߱톢gzQmtddP2߈2jJ Z4!x 7Sƅ`$E/@-#>,&˕K/ sܶx FҮwXAs!R'ʅNcwUHBatv%Z6.ϼV?h?q)Wʻ}]hEu E^RF|Px|ft#C8A-{y0 xt9n 31=V4#L5t]Llz!;W p鰃Dc6~ uBFٳ5_5gmMuFR۷p~;^ z2Q(xv'FI\%d[Zl]p !v6Jh}Uz/LacሐnC9(Fo:d5GoOߵpU|*\Ƒf ktYhdFGOdo[Qpz&X GG7P~]RxC|߱{y9Rpml|h GF׍sf~SzNG Ɣ k F`3Un ՝ˢqgp.w (*Fx豔a"_9VIQ]K$ p,>d&0o,+G/=@뒛ͻA.lm4O= <u<>vț etXطܥs1k"^ jh, *k/:Pq‚ mu2)#QlEv|2wb/]_ NN/_.25}/P"=PLYt& jnVk>Zܗ[1%iG"a҄BF@ :gI! ~7/T zj>Cp՗x-"0s] e#̢wME.ޠ5xs-k:S%s{y;*l}88Fte85w6n.YMjEHqT9>760IO2CutcSe{P VkQmNP,VRVB,C@gc#GT01^zN;&,'J+&7F=,@ D +[2qD$(JϞ4!rJƲ?}ջ%%K y ּ{ E(;/hJ8r:b8ֿ+8~XEg\qMiy5oBdvKLzwE`r^]ҫ.zr^(,'˰8z?;3u)2+]ͺRP 1{1Q2=2?m|*<ډO) EYِp]tI7wE`S/ |~߬3XDŽJC*aa05 k6POKBTʊ7XPg ^CzZR@mP.?H5h6:I '^E{r.?X_؁M ?J5km&G<H J nJr2$Vŀۉ@^i17in Wu>2גґ^8SZ9Gj0]Oݣ~`;I{ŕs746'^RCmb:5N+xXP+De*k / sh#b!s/)/L(LH .OVdeSt+=逧(R 7,ygk0()XVR*7y|OUZ:"ݍSD$itiUt>A -dՠv%GHؘ{R\*mRf7TUc pP#-pyaZ6[a׌=Joo2Y{,M |%F KuieL >*wѰb}UQ _89a!My_Nӌ3]K7kamj|[fN9hEjijnMV1(rZ5qf.?vŖȒa'J7|Gh* ᐅ NK_\0CXzD f︇usu"kvNJٿЂ!Qнc{ue3%T]y-ه@\pg꾜 F 9pj&5iOuMP$qv=R3]-(dF1460=e `34Lx%5|2q˔ gpOTxH WJh[0.UR,cŗ&hE'`T ,H8e{6ӈIќ)5Prk4z=)0*q-ѿ"O%62făQ5:} hh-1NvM\6+!?oVSq8P0 :*‡^sSh/ӟh޿.վ Q{*`(ljJ%*'" H!k}97 ۍ-UV)?@v%S&ZU셚;[J4H1]JSVytH_5vt:獦 m4C("u?׊7(@њӱAdhD }t{Q2L a<]lt31|BI+߇#+V~SluI&З~RG1N`nILqcg{tr 9'~@=O*{je*f}1~4 yؘ_UO[!ZZ.{Wz|io,) J+fAQǽ6Qs#HF<W ҟйidQe\: QCcM-"ZnQ 5 r }E))ɊAfVY)k2"~+WfH'K.Ax#3r:D?̴j܁b拴ՈDi U.vL%^3)us%y'Hw5RaK E `A4$'R, EdSQ9W!r*#iu 傗}bס&u0XF(mP݀C冒tXz.j}c +"'t?[h(+%c]K.beU@d#..4%Ug[|&d J3F\e,q]@x}gFuJKNIexPPCt Op 1n5W4d 2`P[Ӯ;~n%LF[~~@zGV̔?xA%߸N(W-Kӥo?FaN(Bg_fM,WbIs]_#5ȿMc(+u@X\?5Y2촶J҂ nvt}MI?8W[Xv5b=M-|Tp`<Q0S~A-_pb[@;#±%Bo R >h-AskNhxFp[Z 1WL MNwD?yXk¾^U?N'Q\E4Gٛ y4Km/2u\Om(8י fgV YzV&RT2Zs/MLgwm3IQaWe8ܻit( H߹j+C/T&<ԥxlhh)R^ ERynևMPr\[FK9ݟ”~[<<,}CNL::Bo# v@"L~4,&4pmjABiF#nOeQݔ_RfZ6{wCTOS Opr?ooYoi`U%'hy pv&ӝ25Ly%pOk,7o=ˍ'oҗD]7j0-Vu/-~x()U)3 FPܶ/mp ϙEH'L{p{ tp!?;N^[ 4)8rc#zAU >@^V,D+A׉ngpx\AFHrХnld.ڻMv:S_ [rŜik1fcLH<rgl!!42'_՞GowFA|bsa*[:X([r[hrpɎPwk(d{,.sب$B c^DvۓߘOV`lٯAإ&~ŲZNj PU@F0Tjʫgǀ)4bTg;ߒ}{1ٟ^g;qFz.&m7$S('rvz# 8 KVq.NSRdkl&PClqfd{cǰ8ӀeCn% i{zfiR.NZ.S-؀%j}nsL(.$7mA'LPv4N=Z/,L_aT>ȶlx==9zZgSRi5d<>4<LjHgB9*Qyeu?~Dv{sqB\ ebKtt? bzWJݱe#3y>+\5!a)Ry)"Ύf u ڡ ]:i#S Xsif+&U63-Í,p%1oRw6Nt0XiJXI{ɣw#wv1r,14 =č͐V`Hnɴ_-=.Ҟ3ͣ`7qPp0CǛqy|2g#Mg9$|\8@׳m˼@9XnY mʍ[S}sz6O WBZTZFnܧv?dݲ+#xS fУQۆuLb#\Ʌb`zZFlTF+g&@P73} ^$<(_ OpP_ 1Tu)cJ{0aEo Ku6Gх֕fes8k6' X%'9fWsj&3(VzD_+ot^1s΢RS*DŽMγOb&< ^ <~5"UX/'.O3~ ̓ Ѐh7[/ Mr&·gaNVGřM[d8WtI_' +=ŬԽWvuƙ8Gn&Ij:ğ'89Z g!}tB[yj `z#㑵-`4B2"v૒{E U"[X]?𤳈jJR-N.[v*'r"w̪fM^Cpis87FW B!y!C:4>o+>a(* z#I2j>4Bz #!#"wуN,Z Ye)Cę4e Gti&tC&O+a݅T7{h