tomcat-docs-webapp-9.0.91-150200.68.1<>,ЉfG)p9|hD`}k# 6}{o-$V<ؿ΋$3]vFnv},t-O;vR ixF[e1}62X`,%.$nՑa sS b$ :_u]v3h XfZPZQjL@ygF?k GIY][T$cYEXpCՊz^&bX 6(:U:xZl Q;m/$'>hu4u>=J?Jd ( U #=CJ|     . /2,5t88;; ; <_ (<8<p9>`p:Fp>*F+G+H-I0XX1Y1\1]3^=TbBcCndCeCfClCuD vFzJJJJJCtomcat-docs-webapp9.0.91150200.68.1The "docs" web application for Apache TomcatThe documentation of web application for Apache Tomcat.fG)h01-ch3b6SUSE Linux Enterprise 15SUSE LLC Apache-2.0https://www.suse.com/Productivity/Networking/Web/Servershttps://tomcat.apache.orglinuxnoarchchown -R tomcat:tomcat /usr/share/tomcat/tomcat-webapps/docs/META-INF runuser -u tomcat -g tomcat -- xsltproc --output /usr/share/tomcat/tomcat-webapps/docs/META-INF/context.xml /etc/tomcat/allowLinking.xslt /usr/share/tomcat/tomcat-webapps/docs/META-INF/context.xml if [ ! -e /usr/share/tomcat/webapps/docs ]; then ln -sf /usr/share/tomcat/tomcat-webapps/docs /usr/share/tomcat/webapps/docs fiQ@yA@l5 8I@lH L>i*   x_!T 2+T- HQ' fO_U497 ::Q409(:=]PF+#X-'N(Pu$YK GFPy48/m PR`YURdXLSXRs+:=\ }Vz\'*'&+*o~1FX R ZBM R p B N'6AQd2A큤A큤AA큤A큤A큤A큤A큤A큤AA큤AA큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤fGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfGfG5278de5f3beac707d1e5c05d351f27ca4b94a48f8ff9eec86c817f067676beb7539ad0b2450e83e306f9e54b4a40c00aee470cbda377451026345655e1a1033eeeb47c0a22e0245c34334f27269a099267072e7130e8aa31a872a662b9a714a64da999e0db4e50e944915188b1ed4bbd4b3f843768bb27340ea28e80b9db8f4418ae0f6852f87a9f6a9720b19ed633a67d38caf7dfaea2fcd0ff2f1c7efc75763fdc9027fcf3d363d3e563da8a3dc0d514a957021cf72f389040a97ffc5dad04a83451d55361185875e9699a9e6c3919636de6ce5e02c62426befe30a3e90b34f40071254ce811e75e90b4416c834d0b6da2f7e6d9804322a9f55c1660563a0ab191581414009ac8efb486df8aed81ab9828ef4eaab4e826c49230241f73889bff7fdb1c70875875216ee3a18630a52140eab628d9cce7bcd7f69f56b5e4d094578d61045b51f4700ade58a0becd088c2327d874a54701d763bdff242f6facf19f4b9db59cc0ef31327eb88b1652d1d2b71b3d4fbc6ad8fb4f06e3c7f363dd9d0063b3ca0e4898b6365fbbba3937819244c18c817f4364e159ec36cbad8923861c74cd0a04b1f57f11efe5dc0cc1b534b9c8acdbb827b587215bf454ed90ef5db2cd6d35f6f1521736682fa080b58608655451d9f0b11595581a6e3e62124122ff7fdb1c70875875216ee3a18630a52140eab628d9cce7bcd7f69f56b5e4d09477f84b68ac01984d8566203b324eae905f1883f5dcffd6d8c7a6342a76547458d4825ba7885174a0632cf2a30c124a3900cea0f044a3e1b42550658cefee7ce491c5d006427e6b15a0abb444afd59c50e4a943b0422b01a566c636b62fc20067db1562deabb7b81f1f0f52882bbeaf1332f7c20bca3f771233cbf9db4226d9a57b8134b028f5b8c206e18075b05790d27cc29c431bb9575033b37319751036f8dc5d18af5aebf5ad183db10b5d17d0caabb65a1b5371af6d4c2e1160c16649d6d9fdacbd36cf39f746e789faee0d09e629b6051395bae804fc88d309fdc8d50def1a54314ffb542dfa079a0357573a9eb9483a019ae7be89e66fd137b67bef0f64924c65f06bbed78297991638d5c7e20274427a75727623bfb2516cf0028bb605a970d5f204c5901a0033203c35b14752f69a523df8cc6248704cf5fa00b1e6b5167a13d96610921a50babdca9b51067de446ab72c8dfdeb6b52cb881919bb24c6ddb50d8df627a416ff7346f0091a5216dcafada75ac1adaf8b4299bcbe33043d340f3ff5b830ec787543b89f6a3efb219527fea666b50612475e0f76c7dfadb692e24785f79099a558d554c83ca452afbf731dbe3f1d8d8e3d9a6136cf571a1f77a86b92cc872ba86a4ac538720debe5a075f56cf6ede6a52c1b1ec91b741ab2831a52b621106a695a68049fffc3457a0b6868439d8eda6d393f86948a6feba2f4c6806ed4a3e2ca487b25b66d6cdb3f7869a9c724950c2c8a8b9ed1e2b03558e9400ae513fce8ea9ec4afaec9ead16c9ae918b5c8e8b5d4ead351f7c5fae1d8bcf6b2f674a6ce272bbb818d835e6e431dbde60601e10abf5cd0a1ffc260308189afb9cb455866ae82da5c1627c6d1f7a048bacd063ca041677fba051bdb7b1e1cab56e9aa1e4bd5e88c1ee2cd98dc23e5941aabf6fc5adda0351f152d8afd185ad31cb2551e2a9f41ad83c4208090c13f527996c2d2bcabe9dddecf91a2771e96a424577f6fea0d7ea99fc21c4c7cc19692679eafc072987fd0fbacea163d4353ebf1dee5a54f7f4a7de20e31970d495a17863a9d2d28808f6eeee7d0a3efc093c9af8dc2324c299188af36cae86d813c795e47e4efecb3eef2c08c8eb5af110f7b62619849e1217f8362bd965cd407761cdaf23b7d7f19bfef00abe8d7fe8cba8e877951bde3f1978a1be67917d41cb0cf2986a6778309f74d208bb0af0a3bc0e4884d7f288a21079d62d2c8c2cb541288577688bc8d945734ceb88779316ebd913d91d69397920a3e36fd924105a9c9a4f00c07bbdb1229d725356fd693fbda706ba2a8644399b925136a7bd8265236c0df9c97db6455b1caadddd831046bf364eadeaecbcd1689872279e167c11b7a48ca927e2c55410be57ce10ca147bb25a1a55bfae10e3adc8f1cbb545c7ff40ec9e6554497ec7404c2ea6eeb06b25eb28332a50cee14d8171b55885640dbbb70b0880f53881002e8f7916f40b1a5fcdb2e1a19af04240bc997f1090032bd8ee68c2060b931300dc053fa67dd1d8bcc87b238e6594150b32a9cee6854986754468716ed7e5fe2a31617313c7cd3294261d2553c80bcc727e7e8465072d71d7c21a9b23799626c223c9ab9d378246ba09cb5c2b3289d84aae68d2a0564adb915421988096d7f8b6bf0548e9f31603dee7dacb1ab82e7cc9625bcf25eb699448eb7d0234c9d13c6b30896ed4f498f8c233da71ef3315626f64b79868fc0c7cc5129aa41d038eaa119efdde07c8b59b792f807f29a8e5a3fa90b92fe1c7d8ba5c2e33cdd8bfeca3e97e02acaf986cb62554837a5a13a45a732add3dc0e4b371b1691c1086fb15c39bd91b29cc4746ec8b4a85f0f6ecaf3feab91bbb65bce2e61baf1d223b966d6ed3afc02f260b7298411ce42db7ae55412a0c0cfc21f5c8e0681987b526fd953c4691c04ab0b0cf007e4cd72a46839626cbc8a9d56f2648825a38c8ed61434751012dde0eba9359604a5357ce1de5a50b10e20add5a895593d3bb4906d533b86bf600551b73527a9e738f3453d5cefb37198cd1fc13b421743d1bb4cf22dfd280c1b7c751129c6c050f626cb0401a4a576db9f74882129a14e950659a4a431d857698e9b79e2ca56f22e6cca27f505c6c4f0158fa2c87e5a175b23e71864a1bb0a5fdbc77a91e3e0638fce1821aa11489607cca4e2fb3f9ca10f60bdf44f1235c03553d637f3a8c2f15311273a2d624151ee93c1ca3965125826929e0e7df765d90d4721ff3d4d41bc9661ae8126ee0ef837dd255428b8f492d6d4b52d7b3604ab18219467a51fb6f5bba702c425143058648e20d53d32f27ac0a270cbc8c4fdffd9dc6278cd88122ab70f2485a5922e2bc89b6e6095d9710c788188c6b2c09aa95762aae9117aa43f7e637acdf9703a27c29ee1672444440635ec8f80320462c0f10dcd77543d9d7b8cc47d8af59aff2b701a4ba3d159fb32040be5418f51795f30fd7e412bcd69b6c9f615a0e2ee3d1f9dfea23f5efa9eca33d8a559bc610d673320610bd3128550dff0631733706b2ea0cbf8bd83df49030cdea6397b73d38899bc722e0609fa795a920dd718bcba1f461cc97585eee21e14123a4ea958ceff84b5bd01fa1398ffbf5802b6c1384fab2b968f4a3c3ac9825fb5ca73be399ad5ba162fdb59e4fb147b45ea1c2ec7d697131864746fe54b479a3a50d241dc36c75eb81850ebbaac62108e2acc91917db2e8847e9b385026b612318320790985c4aab34284515aabca309ee52bfe4e85ebce03b43e250417db4b4bc6eb2cecf664d96b38ab5f094e6dabe2c85713faf303e1234cfe1808c1e18c16d44dce508ab27e1a14af9451f8f63bd01b3a31034c4d3f81fa0c02951eec968650a369b2152933eceab3062f2dcceb07ed8851c12fc417761f4648aafc216c45805962d30d2f07c679b6c2fafcf0ba2ce471b45fcad2914b160bbb55b93526576283cf766cdf85c58a9fb63a7628b0cd100a3b6079a735cfa125beabac45635f96f9c5426a6b6f11be03d9aa3bc78ed1fc968f42da2be8d6281af398e3c0cb4ed6ca144d7233c115624b70d6da7ebcd8c052a22558b899f94a111d73eef39fe8a3e877988904bc5501c3ff5ee745353bf28de0929ef2b7e5bbd88113edbb97042e8779e01db5f00c200366560bdbbb797f62b2cf1457e2add4bb1680f87811d9e7a29f4e4aca898bd80527c5b6ad52112c36fa422d381aec5ffb57c31912b60ca0e47b56634beaae1a4eb8c826f1329a1d49820814f018ba95a5b2ae5c8e349d57c6663aa87559d4b6c86b1b6a0cac0dba2ac0d6abdb2d037f07499a84df7f9a949e5e76a4d89dd3913b96e3ec691568f1581537f57b4e62863524bd1511017e7f252f23ac6c125160c39b14a2a0410d16b47d3901eee99d0090e19fdb28ab78e3fff49f571c5ece6cca5eaa4ca9bff421ce09b2021f4e4bc64a8264732de30b162cb05943d9b2e92bf27138de083e056ba73609403a3ef0ac82395a4fccae251ecef1878c569a3a5ee2f4e94f2b56e19054224482be0aa7b444ab8324ed0b0c25e3abacbd87be29732356c9bb890556675373ea9ed1d0e9b5678426d69296b6801c906ca378bb426aa3d6acdc3ba392abf7aa1d006749331fa8e97ac2202596a819dd382b46d051a28dca74875a851d97fcc71c78ca279754fabc2289a600aabecec4d9e4387cab9c7400aa2d0868a21c493df0e5da1622b319e915303b1aa2b72f3cb836057eed5699f522693cd0e6f9fbe497b6a0346fde3934cbcbd7c557a334c27bb34e69c7ed430ed4a4588c27f2a933b428f5a13403157e395a9d869d176c8dd256a5f28a042e4f863b42117f27a13e776a0e6ee6d54739b08b35741f43f5776bf51a193810b51d60285dc5d18af5aebf5ad183db10b5d17d0caabb65a1b5371af6d4c2e1160c16649d65d4dbfc82ee715a653291fb987dd565b6fc567ffee828d9e4c5f181c75eca0be63b93e248018e9520b508c50c9f61fb190bb7ed7c057598111baf79d07c3ad14afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f2775e504e4155b526c645f69e4e7f73adf86840072511dc56cade8c65a279e856d2853e254df996b4cb48c1dd963706f6e3504294e440265bfcdbb1f72a56f4eac81e5625a5514ec5bdf5a0a1deaf78978fdfe9b1db74edc46ef708af6dbb586a75946c15c016ada6c6a3a5f766a91bf8a27f7aedf01b70070dd8da60b53ae4fba411b34e1b47510180328b2392e2cb7d88eb5927f72836baf2204f30a11334f5f0c553dcf354c37fc3c5331ef8ed32c5fb046403355bd99be61df1f6a2e7dedb8f594e1b7c8c114b3316f4ff92dd3ae776426187b31a59d523d232b5c5c4a7d47176950a94d43ffee2e85c43dc121d152f50b39156c12aae4feaa9211e29f07569f18c98af027152dfd0eb8c54774d5285b46f98a48ff2e24727859d18f73e9f0652db28d77621dfffbdbb792d0150e8ffb3c4c671ffeb9fb4321ca4e9ce22bdc6ddd1206c2cd691339c7baf8d098437fab442471f11156ca5bddd985fc16fec0305d8f3e03b2e7f6c10a2ff106ccb9d7a5db39e4f63f82b6d8d5e7665f88517355ddbd3c1ac87bcf2df87bc93c0dd903a2467ced795dcd5c0d746f5c133a8123e208cdf881f0d7aee0701486a0c710fdd2e42a0855223911a0cac9d2446c46b4814eb30a85c47623cb16e506462178a358bcb4a55e6ec87ddd8dc628d0636166c37997f45a97ea40268d856d81fa41bf978fff93c3c084b5a47fd4abb89d7380ea44c9f34c11b35bb819caced36a5909f7c42caaaf13c243fa57a99b0764c653005126e09d0acf6f68fe7b48708f1476352fdb80433bc4d228e34ea81738b5fcbacd162ea2cf139a33543a42e16f960ed95675643e9c46e8c40c7c90afcbb50746458316305365d75524ee414588f9bd52eedc4895db85dd87a80335712e3b3f144bbe06c4b391fe9082755789d5589d6db531edc1b3d550a6b11d38d5f66192e8249a532a48e4e377fccefa5b24694c445cc058738bae2c2653dc95481ffbe9ccc92986884fea417786e6ecacef9e419bc68ffbc4c9a3de5b29d640cae63cc578ce80340ae2089f183514fda43673c1804c4e9849764b5daf957f370b39c3d37aab4e00c708fb47ee453cc498557bf75bb9ba16f093fb2766dd0f25fb40d731f6c1babfbce26ef4e5e0808b7bd20d5da66a56e1d1ccc73abc6bcc8e0c4a770aaa1cb1883c6c28b7e0f306342d26546fcd2e95c0ae2efa71207731a19c89d2b200c4cc2a84b01d9ee8b1533316fe2c2e8bf449276305136753cfd473535b3fff12d3847d4104c9e783530e45f8d4ba65995d06b88fc67b3a8a60a05979b88979e1b41a950f0ff3ccbd42f98e8abdc6044b3c872c5f1edab3d1efd95b10a4b6f82b7923d845fd8c056b3f7bbf2f52971d67ef5dab79c77112bc197bf8d3e63ed59812d03cbb5b5ff315ebb18f123b3d1614ec1eec922cc6bdf3a458b99873100333dd3bd47ccc1386f493044f0c7a8a9e3d722db256a8f9932de7699c595bfbd337404ffc3dea4290fe66178e407fe8176a045aca8e5b666a8c42b66f5e61fd0fd1306c4f64dc4f5993e8090b9f96793d4b7cc932ddfd2a60ac0fa4e1907a5d57dacaa06dbb98bff08a1b701edb4acf1b7cdc80bb32e2c2ebcd6bdeff9d19cc307rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootroottomcat-9.0.91-150200.68.1.src.rpmtomcat-docs-webapp     /bin/shlibxslt-toolsrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PartialHardlinkSets)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)tomcatutil-linux3.0.4-14.6.0-14.0.4-14.0-15.2-19.0.91-150200.68.14.14.1f&@feZeeПe@ee@e@e)e_>e)1@e 0@e 0@e;eRdld0d?@cc@c@c{h@cQ8@bγbbN@b!b@aaaA@a@a{@azamaamaama`X`Q@`OL@`OL@`3__F@_@___FN_!d^@^^_^@^Y^U @^1s^%@^!^@]҇]Γ@]4@]?]V]@\\\r@\k\j@\Yz\X)@\LK\?\8@\'a\[v[u[@[@[ug@ZZ_:Z!D@Z@YYYY:Y@Y@XZnW@WiW|W'A@WWKV@V2V`VA@UlI@UlI@UlI@UQU hU hTTи@ricardo.mestre@suse.comricardo.mestre@suse.comdcermak@suse.comfstrba@suse.comfstrba@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.comricardo.mestre@suse.comfstrba@suse.comfstrba@suse.commichele.bussolotto@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.comfstrba@suse.comfstrba@suse.commichele.bussolotto@suse.comfstrba@suse.comfstrba@suse.commichele.bussolotto@suse.comolaf@aepfle.demichele.bussolotto@suse.comfstrba@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.comwittemar@googlemail.comwittemar@googlemail.comwittemar@googlemail.comamehmood@suse.comamehmood@suse.comwittemar@googlemail.comwittemar@googlemail.comwittemar@googlemail.comamehmood@suse.commalbu@suse.commalbu@suse.commalbu@suse.comjengelh@inai.defstrba@suse.commalbu@suse.comfstrba@suse.commalbu@suse.comjavier@opensuse.orgmalbu@suse.commalbu@suse.comfstrba@suse.commalbu@suse.comfstrba@suse.commalbu@suse.commalbu@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comdimstar@opensuse.orgmalbu@suse.commalbu@suse.comfstrba@suse.commalbu@suse.commalbu@suse.commalbu@suse.commalbu@suse.comfstrba@suse.commalbu@suse.commalbu@suse.comecsos@opensuse.orgfstrba@suse.comsean@suspend.netmalbu@suse.comecsos@opensuse.orgmalbu@suse.commalbu@suse.commalbu@suse.defstrba@suse.commalbu@suse.comrbrown@suse.commalbu@suse.comecsos@opensuse.orgfstrba@suse.comecsos@opensuse.orgdziolkowski@suse.commalbu@suse.comastieger@suse.comtchvatal@suse.commalbu@suse.commalbu@suse.comdmacvicar@suse.dejcnengel@gmail.comtchvatal@suse.comdmacvicar@suse.dedmacvicar@suse.detchvatal@suse.comdmacvicar@suse.detchvatal@suse.comtchvatal@suse.comtchvatal@suse.comtchvatal@suse.comtchvatal@suse.comtchvatal@suse.comwittemar@googlemail.combmaryniuk@suse.com- Update to Tomcat 9.0.91 * Fixed CVEs: + CVE-2024-34750: Improper handling of exceptional conditions (bsc#1227399) * Catalina + Fix: Allow JAASRealm to use the configuration source to load a configured configFile, for easier use with testing. (remm) + Fix: Add missing algorithm callback to the JAASCallbackHandler. (remm) + Fix: 69131: Expand the implementation of the filter value of the Authenticator attribute allowCorsPreflight, so that it applies to all requests that match the configured URL patterns for the CORS filter, rather than only applying if the CORS filter is mapped to /*. (markt) + Add: Add support for shallow copies when using WebDAV. (markt) + Code: Deprecate the WebdavFixFilter as it is no longer required. (markt) + Fix: 69066: Fix regression in SPNEGO authenticator when processing Base64. Submitted by Daniel Lyko. (remm) + Update: Update minimum recommended version of Tomcat Native to 1.3.0. Pull request #728 provided by Dimitrios Soumis. (markt) + Update: The system property org.apache.catalina.connector.RECYCLE_FACADES will now default to true if not specified, which will in turn set the default value for the discardFacades connector attribute, thus causing facade objects to be discarded by default. (remm) + Add: Add RealmBase.getPrincipal(GSSName, GSSCredential, GSSContext) for retrieving extended/additional information from an established GSS context. (michaelo) + Fix: Correct a regression in the fix for 68721 that caused some instances of LinkageError to be reported as ClassNotFoundException. (markt) + Fix: Ensure that static resources deployed via a JAR file remain accessible when the context is configured to use a bloom filter. Based on pull request #730 provided by bergander. (markt) + Add: Introduce reference counting so the AprLifecycleListener is more robust. This particularly targets more complex embedded configurations with multiple server instances with independent lifecycles where more than one server instance requires the AprLifecycleListener. (markt) + Update: Deprecate and remove sessionCounter (replaced by the addition of the active session count and the expired session count, as a reasonable approximation) and duplicates (which does not represent a possible event in current implementations) statistics from the session manager. (remm) + Fix: 68890 Align output encoding of JSPs in the Manager webapp with the XML declarations in those same files. (schultz) + Fix: Update Basic authentication to implement the requirements of RFC 7617 including the changing of the trimCredentials setting which is now defaults to false. Note that the trimCredentials setting will be removed in Tomcat 11. (markt) + Add: Small performance optimization when logging cookies with no values. (schultz) + Fix: Correct error handling for asynchronous requests. If the application performs an dispatch during AsyncListener.onError() the dispatch is now performed rather than completing the request using the error page mechanism. (markt) + Fix: Fix WebDAV lock null (locks for non existing resources) thread safety and removal. (remm) + Fix: Add periodic checking for WebDAV locks expiration. (remm) + Fix: Extend Asn1Parser to parse UTF8Strings. (michaelo) + Update: Add highConcurrencyStatus attribute to the SemaphoreValve to optionally allow the valve to return an error status code to the client when a permit cannot be acquired from the semaphore. (remm) + Add: Add checking of the "age" of the running Tomcat instance since its build-date to the SecurityListener, and log a warning if the server is old. (schultz) + Fix: When using the AsyncContext, throw an IllegalStateException, rather than allowing an NullPointerException, if an attempt is made to use the AsyncContext after it has been recycled. (markt) + Fix: Change the thread-safety mechanism for protecting StandardServer.services from a simple synchronized lock to a ReentrantReadWriteLock to allow multiple readers to operate simultaneously. Based upon a suggestion by Markus Wolfe. (schultz) + Fix: Improve Service connectors, Container children and Service executors access sync using a ReentrantReadWriteLock. (remm) + Fix: Improve handling of integer overflow if an attempt is made to upload a file via the Servlet API and the file is larger than Integer.MAX_VALUE. (markt) + Fix: 68862: Handle possible response commit when processing read errors. (remm) * Jasper + Fix: Update the optimisation in jakarta.el.ImportHandler so it is aware of new classes added to the java.lang package in Java 23. (markt) + Fix: Ensure that an exception in toString() still results in an ELException when an object is coerced to a String using ExpressionFactory.coerceToType(). (markt) + Add: Add support for specifying Java 24 (with the value 24) as the compiler source and/or compiler target for JSP compilation. If used with an Eclipse JDT compiler version that does not support these values, a warning will be logged and the default will used. (markt) + Fix: 69135: When using include directives in a tag file packaged in a JAR file, ensure that context relative includes are processed correctly. ( markt) + Fix: 69135: When using include directives in a tag file packaged in a JAR file, ensure that file relative includes are processed correctly. (markt) + Fix: 69135: When using include directives in a tag file packaged in a JAR file, ensure that file relative includes are are not permitted to access files outside of the /META_INF/tags/ directory nor outside of the JAR file. (markt) + Fix: 68546: Small additional optimisation for initial loading of Servlet code generated for JSPs. Based on a suggestion by Dan Armstrong. (markt) + Add: Add support for specifying Java 23 (with the value 23) as the compiler source and/or compiler target for JSP compilation. If used with an Eclipse JDT compiler version that does not support these values, a warning will be logged and the default will used. (markt) + Fix: Handle the case where the JSP engine forwards a request/response to a Servlet that uses an OutputStream rather than a Writer. This was triggering an IllegalStateException on code paths where there was a subsequent attempt to obtain a Writer. (markt) + Fix: Correctly handle the case where a tag library is packaged in a JAR file and the web application is deployed as a WAR file rather than an unpacked directory. (markt) + Fix: Prevent the web application's ClassLoader from being pinned by the JSP compiler if an application uses a custom XMLInputFactory. Based upon a suggestion from Simon Niederberger. (schultz) * Web applications + Fix: Fix status servlet detailed view of the connectors when using automatic port. (remm) + Add: Add the ability to set a sub-title for the Manager web application main page. This is intended to allow users with lots of instances to easily distinguish them. Based on pull request #724 by Simon Arame. (markt) + Fix: Examples: Improve performance of WebSocket chat application when multiple clients disconnect at the same time. (markt) + Update: Examples: Increase the number of previous messages displayed when using the WebSocket chat application. (markt) + Fix: Examples: Improve performance of WebSocket snake application when multiple clients disconnect at the same time. (markt) * Coyote + Fix: Improve the algorithm used to identify the IP address to use to unlock the acceptor thread when a Connector is listening on all local addresses. Interfaces that are configured for point to point connections or are not currently up are now skipped. (markt) + Fix: 69121: Ensure that the onComplete() event is triggered if AsyncListener.onError() dispatches to a target that throws an exception. (markt) + Fix: Following the trailer header field refactoring, -1 is no longer an allowed value for maxTrailerSize. Adjust documentation accordingly. (remm) + Fix: 69068: Ensure read timouts are triggered for asynchronous, non-blocking reads when using HTTP/2. (markt) + Update: 69133: Add task queue size configuration on the Connector element, similar to the Executor element, for consistency. (remm) + Fix: Make counting of active HTTP/2 streams per connection more robust. (markt) + Add: Add support for TLS 1.3 client initiated re-keying. (markt) + Fix: Align non-secure and secure writes with NIO and skip the write attempt when there are no bytes to be written. (markt) + Fix: Allow any positive value for socket.unlockTimeout. If a negative or zero value is configured, the default of 250ms will be used. (mark) + Fix: Reduce the time spent waiting for the connector to unlock. The previous default of 10s was noticeably too long for cases where the unlock has failed. The wait time is now 100ms plus twice socket.unlockTimeout. (markt) + Fix: Ensure that the onAllDataRead() event is triggered when the request body uses chunked encoding and is read using non-blocking IO. (markt) + Fix: 68934: Add debug logging in the latch object when exceeding maxConnections. (remm) + Fix: Refactor trailer field handling to use a MimeHeaders instance to store trailer fields. (markt) + Fix: Ensure that multiple instances of the same trailer field are handled correctly. (markt) + Fix: Fix non-blocking reads of chunked request bodies. (markt) + Fix: When an invalid HTTP response header was dropped, an off-by-one error meant that the first header in the response was also dropped. Fix based on pull request #710 by foremans. (markt) + Fix: Add threadsMaxIdleTime attribute to the endpoint, to allow configuring the amount of time before an internal executor will scale back to the configured minSpareThreads size. (remm) * WebSocket + Fix: 68884: Reduce the write timeout when writing WebSocket close messages for abnormal closes. The timeout defaults to 50 milliseconds and may be controlled using the org.apache.tomcat.websocket.ABNORMAL_SESSION_CLOSE_SEND_TIMEOUT property in the user properties collection associated with the WebSocket session. (markt) * Other + Update: Add test-only build target to allow running only the testsuite, supporting Java versions down to the minimum supported to run Tomcat. (rjung) + Update: Update UnboundID to 7.0.1. (markt) + Update: Update to SpotBugs 4.8.6. (markt) + Update: Remove cglib dependency as it is not required by the version of EasyMock used by the unit tests. (markt) + Update: Update EasyMock to 5.3.0. This adds a test dependency on Byte-Buddy 1.14.17. (markt) + Add: Improvements to Czech translations by Vladimír Chlup. (markt) + Add: Improvements to French translations. (remm) + Add: Improvements to Japanese translations by tak7iji. (markt) + Add: Improvements to Chinese translations by fangzheng. (markt) + Update: Revert Derby to 10.16.1.1 as that is the latest version of Derby that runs on Java 17. (markt) + Update: Update to Commons Daemon 1.4.0. (markt) + Update: Update to Objenesis 3.4. (markt) + Update: Update to Checkstyle 10.17.0. (markt) + Update: Update to SpotBugs 4.8.5. (markt) + Add: Improvements to French translations. (remm) + Add: Improvements to Japanese translations by tak7iji. (markt) + Update: Switch to using the Base64 encoder and decoder provided by the JRE rather than the version provided by Commons Codec. The internal fork of Commons Codec has been deprecated and will be removed in Tomcat 11. (markt) + Update: Update NSIS to 3.10. (mark0t) + Update: Update UnboundID to 7.0.0. (markt) + Update: Update Checkstyle to 10.16.0. (markt) + Update: Update JaCoCo to 0.8.12. (markt) + Update: Update SpotBugs to 4.8.4. (markt) + Update: Update the internal fork of Apache Commons BCEL to 6.9.0. (markt) + Update: Update the internal fork of Apache Commons DBCP to 2.12.0. (markt) + Add: Improvements to Japanese translations by tak7iji. (markt) + Update: Update Checkstyle to 10.14.1. (markt) + Update: Update the internal fork of Apache Commons BCEL to 6.8.2. (markt) + Update: Update the internal fork of Apache Commons Codec to 1.16.1. (markt) + Add: Improvements to French translations. (remm) + Add: Improvements to Japanese translations by tak7iji. (remm) + Add: Improvements to Chinese translations by leeyazhou. (remm) - Modified patch: * tomcat-9.0-build-with-java-11.patch + rediff to changed context * tomcat-9.0-osgi-build.patch + move the definition of bnd.classpath out of the setup-bnd task since it is one component in build.classpath- Update to Tomcat 9.0.87 * Fixed CVEs: + CVE-2024-24549: Improved request header validation for HTTP/2 stream (bsc#1221386) + CVE-2024-23672: Ensure that WebSocket connection closure completes if the connection is closed when the server side has used the proprietary suspend/resume feature to suspend the connection (bsc#1221385) * Catalina + Fix: Minor performance improvement for building filter chains. Based on ideas from #702 by Luke Miao. (remm) + Fix: Align error handling for Writer and OutputStream. Ensure use of either once the response has been recycled triggers a NullPointerException provided that discardFacades is configured with the default value of true. (markt) + Fix: 68692: The standard thread pool implementations that are configured using the Executor element now implement ExecutorService for better support NIO2. (remm) + Fix: 68495: When restoring a saved POST request after a successful FORM authentication, ensure that neither the URI, the query string nor the protocol are corrupted when restoring the request body. (markt) + Fix: 68721: Workaround a possible cause of duplicate class definitions when using ClassFileTransformers and the transformation of a class also triggers the loading of the same class. (markt) + Fix: The rewrite valve should not do a rewrite if the output is identical to the input. (remm) + Update: Add a new valveSkip (or VS) rule flag to the rewrite valve to allow skipping over the next valve in the Catalina pipeline. (remm) + Fix: Correct JPMS and OSGi meta-data for tomcat-enbed-core.jar by removing reference to org.apache.catalina.ssi package that is no longer included in the JAR. Based on pull request #684 by Jendrik Johannes. (markt) + Fix: Fix ServiceBindingPropertySource so that trailing \r\n sequences are correctly removed from files containing property values when configured to do so. Bug identified by Coverity Scan. (markt) + Add: Add improvements to the CSRF prevention filter including the ability to skip adding nonces for resource name and subtree URL patterns. (schultz) + Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. (remm) + Fix: 68089: Further improve the performance of request attribute access for ApplicationHttpRequest and ApplicationRequest. (markt) + Fix: 68559: Allow asynchronous error handling to write to the response after an error during asynchronous processing. (markt) * Coyote + Fix: Improve the HTTP/2 stream prioritisation process. If a stream uses all of the connection windows and still has content to write, it will now be added to the backlog immediately rather than waiting until the write attempt for the remaining content. (markt) + Fix: Make asynchronous error handling more robust. Ensure that once a connection is marked to be closed, further asynchronous processing cannot change that. (markt) + Fix: Make asynchronous error handling more robust. Ensure that once the call to AsyncListener.onError() has returned to the container, only container threads can access the AsyncContext. This protects against various race conditions that woudl otherwise occur if application threads continued to access the AsyncContext. + Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. In particular, most of the HTTP/2 debug logging has been changed to trace level. (remm) + Fix: Add support for user provided SSLContext instances configured on SSLHostConfigCertificate instances. Based on pull request #673 provided by Hakan Altındağ. (markt) + Fix: Improve the Tomcat Native shutdown process to reduce the likelihood of a JVM crash during Tomcat shutdown. (markt) + Fix: Partial fix for 68558: Cache the result of converting to String for request URI, HTTP header names and the request Content-Type value to improve performance by reducing repeated byte[] to String conversions. (markt) + Fix: Improve error reporting to HTTP/2 clients for header processing errors by reporting problems at the end of the frame where the error was detected rather than at the end of the headers. (markt) + Fix: Remove the remaining reference to a stream once the stream has been recycled. This makes the stream eligible for garbage collection earlier and thereby improves scalability. (markt) * Jasper + Add: Add support for specifying Java 22 (with the value 22) as the compiler source and/or compiler target for JSP compilation. If used with an Eclipse JDT compiler version that does not support these values, a warning will be logged and the default will used. (markt) + Fix: 68546: Generate optimal size and types for JSP imports maps, as suggested by John Engebretson. (remm) + Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. (remm) * Cluster + Fix: Avoid updating request count stats on async. (remm) * WebSocket + Fix: Correct a regression in the fix for 66508 that could cause an UpgradeProcessor leak in some circumstances. (markt) + Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. (remm) + Fix: Ensure that WebSocket connection closure completes if the connection is closed when the server side has used the proprietary suspend/resume feature to suspend the connection. (markt) * Web applications + Add: Add support for responses in JSON format from the examples application RequestHeaderExample. (schultz) * Other + Add: Improvements to French translations. (remm) + Add: Improvements to Japanese translations by tak7iji. (markt) + Update: Update Checkstyle to 10.13.0. (markt) + Update: Update JSign to 6.0. (markt) + Update: Add strings for debug level messages. (remm) + Update: Update Tomcat Native to 1.3.0. (markt) + Add: Improvements to French translations. (remm) + Add: Improvements to Japanese translations by tak7iji. (markt)- Add missing Requires(post): util-linux to have runuser into post- Add %%systemd_ordering to packages with systemd unit files, so that the order is the right one if those packages find themselves in the same transaction with systemd- Link ecj.jar into the install instead of copying it- rpm 4.19 requires dependencies on tomcat user and group (bsc#1219530)- Fixed CVEs: * CVE-2024-22029: run xsltproc as tomcat group (bsc#1219208)- Update to Tomcat 9.0.85 * Fixed CVEs: + CVE-2023-46589: Apache Tomcat: HTTP request smuggling due to incorrect headers parsing (bsc#1217649) * Catalina + Update: 68378: Align extension to MIME type mappings in the global web.xml with those in httpd by adding application/vnd.geogebra.slides for ggs, text/javascript for mjs and audio/ogg for opus. (markt) + Fix: Background processes should not be run concurrently with lifecycle operations of a container. (remm) + Fix: Correct unintended escaping of XML in some WebDAV responses. The XML list of support locks when provided in response to a PROPFIND request was incorrectly XML escaped. (markt) + Fix: 68227: Ensure that AsyncListener.onComplete() is called if AsyncListener.onError() calls AsyncContext.dispatch(). (markt) + Fix: 68228: Use a 408 status code if a read timeout occurs during HTTP request processing. Includes a test case based on code provided by adwsingh. (markt) + Fix: 67667: TLSCertificateReloadListener prints unreadable rendering of X509Certificate#getNotAfter(). (michaelo) + Update: The status servlet included in the manager webapp can now output statistics as JSON, using the JSON=true URL parameter. (remm) + Update: Optionally allow ServiceBindingPropertySource to trim a trailing newline from a file containing a property-value. (schultz) + Fix: 67793: Ensure the original session timeout is restored after FORM authentication if the user refreshes a page during the FORM authentication process. Based on a suggestion by Mircea Butmalai. (markt) + Update: 67926: PEMFile prints unidentifiable string representation of ASN.1 OIDs. (michaelo) + Fix: 66875: Ensure that setting the request attribute jakarta.servlet.error.exception is not sufficient to trigger error handling for the current request and response. (markt) + Fix: 68054: Avoid some file canonicalization calls introduced by the fix for 65433. (remm) + Fix: 68089: Improve performance of request attribute access for ApplicationHttpRequest and ApplicationRequest. (markt) + Fix: Use a 400 status code to report an error due to a bad request (e.g. an invalid trailer header) rather than a 500 status code. (markt) + Fix: Ensure that an IOException during the reading of the request triggers always error handling, regardless of whether the application swallows the exception. (markt) * Coyote + Fix: Refactor the VirtualThreadExecutor so that it can be used by the NIO2 connector which was using platform threads even when configured to use virtual threads. (markt) + Fix: Correct a regression in the fix for 67675 that broke TLS key file parsing for PKCS#8 format keys that do not specify an explicit pseudo-random function and rely on the default. This typically affects keys generated by OpenSSL 1.0.2. (markt) + Fix: Allow multiple operations with the same name on introspected mbeans, fixing a regression caused by the introduction of a second addSslHostConfig method. (remm) + Fix: Relax the check that the HTTP Host header is consistent with the host used in the request line, if any, to make the check case insensitive since host names are case insensitive. (markt) + Add: 68348: Add support for the partitioned attribute for cookies. (markt) + Add: 66670: Add SSLHostConfig#certificateKeyPasswordFile and SSLHostConfig#certificateKeystorePasswordFile. (michaelo) + Add: When calling SSLHostConfigCertificate.setCertificateKeystore(ks), automatically call setCertificateKeystoreType(ks.getType()). (markt) + Fix: 67628: Clarify how the ciphers attribute of the SSLHostConfig is used. (markt) + Fix: 67666: Ensure TLS connectors using PEM files either work with the TLSCertificateReloadListener or, in the rare case that they do not, log a warning on Connector start. (markt) + Fix: 67675: Support a wider range of KDF and ciphers for PEM files than the combinations supported by the JVM by default. Specifically, support the OpenSSL default of HmacSHA256 and DES-EDE3-CBC. (markt) + Fix: 67927: Reloading TLS configuration can cause the Connector to refuse new connections or the JVM to crash. (markt) + Fix: 67934: If both Tomcat Native 1.2.x and 2.0.x are available, prefer 1.2.x since it supports the APR/Native connector whereas 2.0.x does not. (markt) + Fix: 67938: Correct handling of large TLS client hello messages that were causing the TLS handshake to fail. (markt) + Fix: 68026: Convert selected MessageByte values to String when first accessed to speed up subsequent accesses and reduce garbage collection. (markt) * Jasper + Code: 68119: Refactor the CompositeELResolver to improve performance during type conversion operations. (markt) + Fix: 68068: Performance improvement for EL. Based on a suggestion by John Engebretson. (markt) * Web Applications + Fix: 68035: Additional fix to the Manager application to enable the deployment of a web application located in a Host's appBase where the web application is specified by a bare (no path) WAR or directory name as shown in the documentation. (markt) + Fix: Examples. Improve the error handling so snakes associated with a user that drops from the network are removed from the game. (markt) + Fix: 68035: Correct a regression in the fix for 56248 that prevented deployment via the Manager of a WAR or directory that was already present in the appBase or a context file that was already present in the xmlBase. (markt) * Other + Update: Update Checkstyle to 10.12.7. (markt) + Update: Update SpotBugs to 4.8.3. (markt) + Add: Improvements to French translations. (remm) + Add: Improvements to Japanese translations by tak7iji. (markt) + Update: Update UnboundID to 6.0.11. (markt) + Update: Update Checkstyle to 10.12.5. (markt) + Update: Update SpotBugs to 4.8.2. (markt) + Update: Update Derby to 10.17.1. (markt) + Add: Improvements to French translations. (remm) + Add: Improvements to Japanese translations by tak7iji. (markt) + Add: Improvements to Brazilian Portuguese translations by John William Vicente. (markt) + Add: Improvements to Russian translations by usmazat and remm. (markt) + Add: 67538: Make use of Ant's task to enfore the mininum Java build version. (michaelo) + Update: Update Checkstyle to 10.12.4. (markt) + Update: Update JaCoCo to 0.8.11. (markt) + Update: Update SpotBugs to 4.8.0. (markt) + Update: Update BND to 7.0.0. (markt) + Update: The minimum Java version required to build Tomcat has been raised to Java 17. (markt) - Added patches: * tomcat-9.0-build-with-java-11.patch- change server.xml during %post instead of %posttrans- Fix server.xml permission (bsc#1217768, bsc#1217402) - remove serverxmltool and use xsltproc- replace prep setup and patches macro with autosetup- Update to Tomcat 9.0.82 * Fixed CVEs: + CVE-2023-45648: Improve trailer header parsing (bsc#1216118) + CVE-2023-42794: FileUpload: remove tmp files to avoid DoS on Windows (bsc#1216120) + CVE-2023-42795: Improve handling of failures during recycle() methods (bsc#1216119) * Catalina + Add: 65770: Provide a lifecycle listener that will automatically reload TLS configurations a set time before the certificate is due to expire. This is intended to be used with third-party tools that regularly renew TLS certificates. + Fix: Fix handling of an error reading a context descriptor on deployment. + Fix: Fix rewrite rule qsd (query string discard) being ignored if qsa was also use, while it should instead take precedence. + Fix: 67472: Send fewer CORS-related headers when CORS is not actually being engaged. + Add: Improve handling of failures within recycle() methods. * Coyote + Fix: 67670: Fix regression with HTTP compression after code refactoring. + Fix: 67198: Ensure that the AJP connector attribute tomcatAuthorization takes precedence over the tomcatAuthentication attribute when processing an auth_type attribute received from a proxy server. + Fix: 67235: Fix a NullPointerException when an AsyncListener handles an error with a dispatch rather than a complete. + Fix: When an error occurs during asynchronous processing, ensure that the error handling process is only triggered once per asynchronous cycle. + Fix: Fix logic issue trying to match no argument method in IntropectionUtil. + Fix: Improve thread safety around readNotify and writeNotify in the NIO2 endpoint. + Fix: Avoid rare thread safety issue accessing message digest map. + Fix: Improve statistics collection for upgraded connections under load. + Fix: Align validation of HTTP trailer fields with standard fields. + Fix: Improvements to HTTP/2 overhead protection (bsc#1216182, CVE-2023-44487) * jdbc-pool + Fix: 67664: Correct a regression in the clean-up of unnecessary use of fully qualified class names in 9.0.81 that broke the jdbc-pool. * Jasper + Fix: 67080: Improve performance of EL expressions in JSPs that use implicit objects- Update to Tomcat 9.0.80 * Catalina + Add RateLimitFilter which can be used to mitigate DoS and Brute Force attacks + Move the management of the utility executor from the init()/destroy() methods of components to the start()/stop() methods. + Add org.apache.catalina.core.StandardVirtualThreadExecutor, a virtual thread based executor that may be used with one or more Connectors to process requests received by those Connectors using virtual threads. This Executor requires a minimum Java version of Java 21. + 66513: Add a per session Semaphore to the PersistentValve that ensures that, within a single Tomcat instance, there is no more than one concurrent request per session. Also expand the debug logging to include whether a request bypasses the Valve and the reason if a request fails to obtain the per session Semaphore. + 66609: Ensure that the default servlet correctly escapes file names in directory listings when using XML output. + 66618: Add a numeric last modified field to the XML directory listings produced by the default servlet to enable sorting in the XSLT. + 66621: Attempts to lock a collection with WebDAV may incorrectly fail if a child collection has an expired lock. + 66622: Deprecate the xssProtectionEnabled setting from the HttpHeaderSecurityFilter and change the default value to false as support for the associated HTTP header has been removed from all major browsers. + 59232: Add org.apache.catalina.core.ContextNamingInfoListener, a listener which creates context naming information environment entries. + 66665: Add org.apache.catalina.core.PropertiesRoleMappingListener, a listener which populates the context's role mapping from a properties file. + Fix an edge case where intra-web application symlinks would be followed if the web applications were deliberately crafted to allow it even when allowLinking was set to false. + Add utility config file resource lookup on Context to allow looking up resources from the webapp (prefixed with webapp:) and make the resource lookup API more visible. + Fix potential database connection leaks in DataSourceUserDatabase identified by Coverity Scan. + Make parsing of ExtendedAccessLogValve patterns more robust. + Fix failure trying to persist configuration for an internal credential handler. + 66680: When serializing a session during the session presistence process, do not log a warning that null Principals are not serializable. + Catch NamingException in JNDIRealm#getPrincipal. It is used in Java up to 17 to signal closed connections. + 66822: Use the same naming format in log messages for Connector instances as the associated ProtocolHandler instance. + The parts count should also lower the actual maxParameterCount used for parsing parameters if parts are parsed first. + If an application or library sets both a non-500 error code and the javax.servlet.error.exception request attribute, use the provided error code during error page processing rather than assuming an error code of 500. + Update code comments and Tomcat output to use MiB for 1024 * 1024 bytes and KiB for 1024 bytes rather than MB and kB. + Avoid protocol relative redirects in FORM authentication (CVE-2023-41080, bsc#1214666). * Coyote + Update the HTTP/2 implementation to use the prioritization scheme defined in RFC 9218 rather than the one defined in RFC 7540. + 66602: not sending WINDOW_UPDATE when dataLength is ZERO on call SwallowedDataFramePayload. + 66627: Restore the documented behaviour of MessageBytes.getType() that it returns the type of the original content rather than reflecting the most recent conversion. + 66635: Correct certificate logging on start-up so it differentiates between keystore based keys/certificates and PEM file based keys/certificates and logs the relevant information for each. + Refactor blocking reads and writes for the NIO connector to remove code paths that could allow a notification from the Poller to be missed resuting in a timeout rather than the expected read or write. + Refactor waiting for an HTTP/2 stream or connection window update to handle spurious wake-ups during the wait. + Correct a regression introduced in 9.0.78 and use the correct constant when constructing the default value for the certificateKeystoreFile attribute of an SSLHostConfigCertificate instance. + Refactor HTTP/2 implementation to reduce pinning when using virtual threads. + Pass through ciphers referring to an OpenSSL profile, such as PROFILE=SYSTEM instead of producing an error trying to parse it. + 66841: Ensure that AsyncListener.onError() is called after an error during asynchronous processing with HTTP/2. + 66842: When using asynchronous I/O (the default for NIO and NIO2), include DATA frames when calculating the HTTP/2 overhead count to ensure that connections are not prematurely terminated. + Correct a race condition that could cause spurious RST messages to be sent after the response had been written to an HTTP/2 stream. * WebSocket + 66548: Expand the validation of the value of the Sec-Websocket-Key header in the HTTP upgrade request that initiates a WebSocket connection. The value is not decoded but it is checked for the correct length and that only valid characters from the base64 alphabet are used. + Improve handling of error conditions for the WebSocket server, particularly during Tomcat shutdown. + Correct a regression in the fix for 66574 that meant the WebSocket session could return false for onOpen() before the onClose() event had been completed. + 66681: Fix a NullPointerException when flushing batched messages with compression enabled using permessage-deflate. * Web applications + Documentation. Expand the security guidance to cover the embedded use case and add notes on the uses made of the java.io.tmpdir system property. + 66662: Documentation. Fix a typo in the name of the algorithms attribute in the configuration section for the Digest authentication value. + Documentation. Update documentation to use MiB for 1024 * 1024 bytes and KiB for 1024 bytes rather than MB and kB. * jdbc-pool + Fix the releaseIdleCounter does not increment when testAllIdle releases them. + Fix the ConnectionState state will be inconsistent with actual state on the connection when an exception occurs while writing. * Other + Update to Commons Daemon 1.3.4. + Improvements to French translations. + Update Checkstyle to 10.12.0. + Update the packaged version of the Apache Tomcat Native Library to 1.2.37 to pick up the Windows binaries built with with OpenSSL 1.1.1u. + Include the Windows specific binary distributions in the files uploaded to Maven Central. + Improvements to French translations. + Improvements to Japanese translations. + Update UnboundID to 6.0.9. + Update Checkstyle to 10.12.1. + Update BND to 6.4.1. + Update JSign to 5.0. + Correct properties for JSign dependency. + Align documentation for maxParameterCount to match hard-coded defaults. + Update NSIS to 3.0.9. + Update Checkstyle to 10.12.2. + Improvements to French translations. + Improvements to Japanese translations. + 66829: Fix quoting so users can use the _RUNJAVA environment variable as intended on Windows when the path to the Java executable contains spaces. + Update Tomcat Native to 1.2.38 to pick up Windows binaries built with OpenSSL 1.1.1v. + Improvements to Chinese translations. + Improvements to French translations. + Improvements to Japanese translations - Removed patch: * tomcat-9.0.75-CVE-2023-41080.patch + integrated in this version- Fixed CVEs: * CVE-2023-41080: Avoid protocol relative redirects in FORM authentication. (bsc#1214666) - Added patches: * tomcat-9.0.75-CVE-2023-41080.patch- Modified patch: * tomcat-9.0-osgi-build.patch + make it more robust to change in number of artifacts in bnd + do not enumerate jars, just take all jars from the aqute-bnd directory into the classpath- Require(pre) shadow because groupadd is needed early- Update to Tomcat 9.0.75. * See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.75_(markt) * Fixes: + bsc#1211608, CVE-2023-28709 + bsc#1208513, CVE-2023-24998 (previous incomplete fix) - Remove patches: * tomcat-9.0-CVE-2021-30640.patch * tomcat-9.0-CVE-2021-33037.patch * tomcat-9.0-CVE-2021-41079.patch * tomcat-9.0-CVE-2022-23181.patch * tomcat-9.0-NPE-JNDIRealm.patch * tomcat-9.0-hardening_getResources.patch * tomcat-9.0.43-CVE-2021-43980.patch * tomcat-9.0.43-CVE-2022-42252.patch * tomcat-9.0.43-CVE-2022-45143.patch * tomcat-9.0.43-CVE-2023-24998.patch * tomcat-9.0.43-CVE-2023-28708.patch + integrated in this version * tomcat-9.0.43-java8compat.patch + problem with Java 8 compatibility solved in this version - Modified patch: * tomcat-9.0.31-secretRequired-default.patch - > tomcat-9.0.75-secretRequired-default.patch + rediffed to changed context * tomcat-9.0-javadoc.patch + drop integrated hunks * tomcat-9.0-osgi-build.patch + fix to work with current version - Added patch: * tomcat-9.0-jdt.patch + fix build against our ecj- Fixed CVEs: * CVE-2022-45143: JsonErrorReportValve: add escape for type, message or description (bsc#1206840) - Added patches: * tomcat-9.0.43-CVE-2022-45143.patch- Fixed CVEs: * CVE-2023-28708: tomcat: not including the secure attribute causes information disclosure (bsc#1209622) - Added patches: * tomcat-9.0.43-CVE-2023-28708.patch- Fixed CVEs: * CVE-2023-24998: tomcat,tomcat6: FileUpload DoS with excessive parts (bsc#1208513) - Added patches: * tomcat-9.0.43-CVE-2023-24998.patch- set logrotate for localhost.log, manager.log, host-manager.log and localhost_access_log.txt - use logrotate for catalina.out * update tomcat-serverxml-tool and spec to configure server.xml - Added patch: * tomcat-9.0-logrotate_everything.patch * tomcat-serverxml-tool.tar.gz - Removed: * tomcat-serverxml-tool-1.0.tar.gz- Use catalina.out for logging (bsc#1205647) - Added patches: * tomcat-9.0-fix_catalina.patch- Fixed CVEs: * CVE-2022-42252: reject invalid content-length requests. (bsc#1204918) - Added patches: * tomcat-9.0.43-CVE-2022-42252.patch- Fixed CVEs: * CVE-2021-43980: Improve the recycling of Processor objects to make it more robust. (bsc#1203868) - Added patches: * tomcat-9.0.43-CVE-2021-43980.patch- Do not hardcode /usr/libexec but use %%_libexecdir during the build * Fixes for platforms, where /usr/libexec and %%_libexecdir are different- Fix bsc#1201081 by building with release=8 all files that can be built this way. The one file remaining, build it with source=8 and target=8 - Modified patch: * tomcat-9.0.43-java8compat.patch + Do not cast ByteBuffer to Buffer to call the Java 8 compatible methods. Build with release=8 instead- Security hardening. Deprecate getResources() and always return null. (bsc#1198136) - Added patch: tomcat-9.0-hardening_getResources.patch- Remove dependency on log4j/reload4j completely (bsc#1196137)- Do not build against the log4j12 packages, use the new reload4j- Fixed CVEs: * CVE-2022-23181: Make calculation of session storage location more robust (bsc#1195255) - Added patches: * tomcat-9.0-CVE-2022-23181.patch- remove instance units from post scripts, they can not be reloaded- Fix NPE in JNDIRealm, when userRoleAttribute is not set (bsc#1193569) - Added patch: * tomcat-9.0-NPE-JNDIRealm.patch- Modified patch: * tomcat-9.0-osgi-build.patch + account for biz.aQute.bnd.ant artifact in aqute-bnd >= 5.2.0- Fixed CVEs: * CVE-2021-30640: Escape parameters in JNDI Realm queries (bsc#1188279) * CVE-2021-33037: Process T-E header from both HTTP 1.0 and HTTP 1.1. clients (bsc#1188278) - Added patches: * tomcat-9.0-CVE-2021-30640.patch * tomcat-9.0-CVE-2021-33037.patch- Fixed CVEs: * CVE-2021-41079: Validate incoming TLS packet (bsc#1190558) - Added patches: * tomcat-9.0-CVE-2021-41079.patch- Update to Tomcat 9.0.43. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.43_(markt) - Removed Patches because fixed upstream now: * tomcat-9.0-CVE-2021-25122.patch * tomcat-9.0-CVE-2021-25329.patch - Rebased patch: tomcat-9.0.39-java8compat.patch -> tomcat-9.0.43-java8compat.patch- Update to Tomcat 9.0.41. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.41_(markt)- Update to Tomcat 9.0.40. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.40_(markt) - Removed Patches because fixed upstream now: * tomcat-9.0-CVE-2020-17527.patch * tomcat-9.0-CVE-2021-24122.patch- Fixed CVEs: * CVE-2021-25122: Apache Tomcat h2c request mix-up (bsc#1182912) * CVE-2021-25329: Complete fix for CVE-2020-9484 (bsc#1182909) - Added patches: * tomcat-9.0-CVE-2021-25122.patch * tomcat-9.0-CVE-2021-25329.patch- Log if file access is blocked due to symlinks: CVE-2021-24122 (bsc#1180947) - Added patch: * tomcat-9.0-CVE-2021-24122.patch- Update to Tomcat 9.0.39. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.39_(markt) - Rebased patches: * tomcat-9.0.38-java8compat.patch -> tomcat-9.0.39-java8compat.patch- Update to Tomcat 9.0.38. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.38_(markt) - Rebased patches: * tomcat-9.0.37-java8compat.patch -> tomcat-9.0.38-java8compat.patch - Removed tomcat-9.0-CVE-2020-13943.patch because that fix is upstream now- Update to Tomcat 9.0.37. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.37_(markt) - Fixed CVEs: * CVE-2020-13934 (bsc#1174121) * CVE-2020-13935 (bsc#1174117) - Rebased patches: * tomcat-9.0-osgi-build.patch * tomcat-9.0.31-java8compat.patch -> tomcat-9.0.37-java8compat.patch- Fix HTTP/2 request header mix-up: CVE-2020-17527 (bsc#1179602) - Added patch: * tomcat-9.0-CVE-2020-17527.patch- Add source url for tomcat-serverxml-tool - Fix typo in tomcat-webapps %postun that caused /examples context to remain in server.xml when package was removed - Remove tomcat-9.0.init and /usr/lib/tmpfiles.d/tomcat.conf from package. They're not used anymore becuse of systemd (bsc#1178396)- Fix tomcat-servlet-4_0-api package alternatives to use /usr/share/java/servlet.jar instead of /usr/share/java/tomcat-servlet.jar. Keep /usr/share/java/tomcat-servlet.jar symlink for compatibility. (bsc#1092163) - Change default file ownership in tomcat-webapps from tomcat:tomcat to root:tomcat- Fix CVE-2020-13943 (bsc#1177582) - Added patch: * tomcat-9.0-CVE-2020-13943.patch - Change /usr/lib/tomcat to /usr/libexec/tomcat in startup scripts (bsc#1177601)- Replace old specfile constructs. Remove support for SUSE 11.x. - Drop %systemd_requires, which is considered a no-op. - Trim redundant license mention from description. - Make documentation noarch. - Do not suppress errors from useradd.- Avoid hardcoding /usr/lib as libexecdir- Don't give write permissions for the tomcat group on files and directories where it's not needed (bsc#1172562) - Change tomcat.pid location from /var/run to /run (bsc#1173103) - Use the /sbin/nologin shell when creating the tomcat user - Use %tmpfiles_create macro in %post instead of calling systemd-tmpfiles directly- Update to Tomcat 9.0.36. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.36_(markt) - Fixed CVEs: CVE-2020-11996 (bsc#1173389)- Update to Tomcat 9.0.35. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.35_(markt) - Fixed CVEs: - CVE-2020-9484 (bsc#1171928) - Rebased patches: * tomcat-9.0-javadoc.patch * tomcat-9.0-osgi-build.patch * tomcat-9.0.31-java8compat.patch- Update to Tomcat 9.0.34. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.34_(markt) - Notable changes: * Add support for default values when using ${...} property replacement in configuration files. Based on a pull request provided by Bernd Bohmann. * When configuring an HTTP Connector, warn if the encoding specified for URIEncoding is not a superset of US-ASCII as required by RFC 7230. * Replace the system property org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH with the Connector attribute encodedSolidusHandling that adds an additional option to pass the %2f sequence through to the application without decoding it in addition to rejecting such sequences and decoding such sequences.- Update to Tomcat 9.0.33. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.33_(markt) - Notable fix: corrected a regression in the improvements to HTTP header parsing (bsc#1167438) - Rebased patches: * tomcat-9.0-javadoc.patch * tomcat-9.0-osgi-build.patch * tomcat-9.0.31-java8compat.patch- Change default value of AJP connector secretRequired to false - Added patch: * tomcat-9.0.31-secretRequired-default.patch- Update to Tomcat 9.0.31. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.30_(markt) - Fixed CVEs: * CVE-2019-17569 (bsc#1164825) * CVE-2020-1935 (bsc#1164860) * CVE-2020-1938 (bsc#1164692) - Modified patch * tomcat-9.0.30-java8compat.patch - > tomcat-9.0.31-java8compat.patch + Adapt to changed context- Modified patch: * tomcat-9.0.30-java8compat.patch + add missing casts (bsc#1162081)- Change back the build to build with any Java >= 1.8 - Added patch: * tomcat-9.0.30-java8compat.patch + Cast java.nio.ByteBuffer and java.nio.CharBuffer to java.nio.Buffer in order to avoid calling Java 9+ APIs (functions with co-variant return types) - Renamed patch: * tomcat-9.0-disable-osgi-build.patch - > tomcat-9.0-osgi-build.patch + Do not disable, but fix OSGi build since we have now aqute-bnd- Change build to always use Java 1.8 (bsc#1161025).- Update to Tomcat 9.0.30. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.30_(markt) - Fixed CVEs: - CVE-2019-0221 (bsc#1136085) - CVE-2019-10072 (bsc#1139924) - CVE-2019-12418 (bsc#1159723) - CVE-2019-17563 (bsc#1159729) - Removed patch: * tomcat-9.0-JDTCompiler-java.patch + It was not applied- Update to Tomcat 9.0.27. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.27_(markt) - Uset aqute-bnd to generate OSGi manifest, since we have that package now in openSUSE:Factory - Removed patch: * tomcat-9.0-disable-osgi-build.patch + not needed- Add maven pom files for tomcat-jni and tomcat-jaspic-api- Distribute the pom file also for tomcat-util-scan artifact- Build against compatibility log4j12 package- Adapt to the new ecj directory layout- BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to shortcut the build queues by allowing usage of systemd-mini- Update to Tomcat 9.0.20. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.20_(markt) - increase maximum number of threads and open files for tomcat (bsc#1111966)- Update to Tomcat 9.0.19. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.19_(markt) Notable packaging changes: - File /usr/share/java/tomcat/catalina-jmx-remote.jar was removed. The classes contained in this jar were merged into /usr/share/java/tomcat/catalina.jar. - Fixed CVEs: - CVE-2019-0199 (bsc#1131055) - Rebased patch: - tomcat-9.0-JDTCompiler-java.patch - tomcat-9.0-javadoc.patch- Build classpath directly with the geronimo jars instead of with symlinks to them- Don't overwrite changes made to server.xml contexts when updating bundled webapps.- Set javac target to 1.8 when building docs samples and serverxmltool- Move webapps bundled with Tomcat to /usr/share/tomcat/tomcat-webapps (bsc#1092341). Affected packages: - tomcat-webapps - tomcat-admin-webapps - tomcat-docs-webapp - Remove %doc directive from tomcat-docs-webapps files section so that zypper installs files even if rpm.install.excludedocs is set to yes.- Require Java 1.8 or later (bsc#1123407)- Clean up OSGi manifest injection - Put embed maven metadata into embed subpackage - Use the .mfiles* lists generated by %%add_maven_depmap macro- Fix tomcat-tool-wrapper classpath error (bsc#1120745)- Fix tomcat-digest classpath error (bsc#1120745)- Update to Tomcat 9.0.14. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.14_(markt)- Add pom files for tomcat-jdbc and tomcat-dbcp - Add org.eclipse.jetty.orbit* aliases to correspondant artifacts- Update to Tomcat 9.0.13. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.13_(markt)- Update to Tomcat 9.0.12. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.12_(markt) - Fixed CVEs: - CVE-2018-11784 (bsc#1110850) - Rebased patches: - tomcat-9.0-disable-osgi-build.patch - tomcat-9.0-javadoc.patch - tomcat-9.0-sle.catalina.policy.patch - tomcat-9.0-tomcat-users-webapp.patch- Declare following files to config(noreplace) to prevent override access rights: - host-manager/META-INF/context.xml - manager/META-INF/context.xml- Empty tomcat-9.0.sysconfig to avoid overwriting of customer's configuration during update (bsc#1067720)- Update to Tomcat 9.0.10. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.10_(markt) - Fixed CVEs: - CVE-2018-1336 (bsc#1102400) - CVE-2018-8014 (bsc#1093697) - CVE-2018-8034 (bsc#1102379) - CVE-2018-8037 (bsc#1102410) - Rebased patch tomcat-9.0-JDTCompiler-java.patch - Added patch tomcat-9.0-disable-osgi-build.patch to disable adding OSGi metadata to JAR files- Update to Tomcat 9.0.5. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.5_(markt)- Modified patch: * tomcat-9.0-javadoc.patch + Don't append to javadoc --add-modules since we are building with source=8 + Avoid accessing Internet URLs from build environment- Update to Tomcat 9.0.2: * Major update for tomcat8 from tomcat9 * For full changelog please read upstream changes at: + http://tomcat.apache.org/tomcat-9.0-doc/changelog.html * Rename all tomcat-8.0-* files to tomcat-9.0-* - Changed patches: * Deleted: tomcat-8.0-bootstrap-MANIFEST.MF.patch * Deleted: tomcat-8.0-sle.catalina.policy.patch * Deleted: tomcat-8.0-tomcat-users-webapp.patch * Deleted: tomcat-8.0.33-JDTCompiler-java.patch * Deleted: tomcat-8.0.44-javadoc.patch * Deleted: tomcat-8.0.9-property-build.windows.patch * Added: tomcat-9.0-JDTCompiler-java.patch * Added: tomcat-9.0-bootstrap-MANIFEST.MF.patch * Added: tomcat-9.0-javadoc.patch * Added: tomcat-9.0-sle.catalina.policy.patch * Added: tomcat-9.0-tomcat-users-webapp.patch - Renamed subpackage tomcat-3_1-api to tomcat-4_0-api to reflect the new Servlet API version. - Commented out JAVA_HOME in /etc/tomcat/tomcat.conf - Added "tomcat-" prefix to lib symlinks under /usr/share/java to avoid file conflicts with servletapi5 and geronimo-specs - Fixed wrong %ghost file paths for alternatives symlinks- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- Build with JDK 8 to fix runtime errors when running with JDK 7 and 8 - Fix tomcat-digest classpath error (bsc#977410) - Fix packaged /etc/alternatives symlinks for api libs that caused rpm -V to report link mismatch (bsc#1019016)- update to 8.0.47 http://tomcat.apache.org/tomcat-8.0-doc/changelog.html * Fixed CVE: - CVE-2017-12617 - rebase tomcat-8.0-sle.catalina.policy.patch- Added patch: * tomcat-8.0.44-javadoc.patch - generate documentation with the same source level as class files - fixes build with jdk9- Version update to 8.0.44: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html * Fixed CVE: - CVE-2017-5664 (bsc#1042910)- New build dependency: javapackages-local- Version update to 8.0.43: * Another bugfix release, for full details see: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html * Fixed CVEs: - CVE-2017-5647 (bnc#1033448) - CVE-2017-5648 (bnc#1033447) - CVE-2016-8745 - Renamed and rebased patches: * tomcat-7.0-sle.catalina.policy.patch -> tomcat-8.0-sle.catalina.policy.patch - Enable optional setenv.sh script. See section "(3.4) Using the "setenv" script (optional, recommended)" in http://tomcat.apache.org/tomcat-8.0-doc/RUNNING.txt (bnc#1002662) - Fix file conflicts when upgrading from SLES 12 to SLES 12 SP1 (bnc#1023412). Added explicit obsoletes for tomcat-el-2_2-api, tomcat-jsp-2_2-api, tomcat-servlet-3_0-api- update to 8.0.39: (boo#1003911) * Improve handling of I/O errors with async processing * Fail earlier on invalid HTTP request - includes changes from 8.0.38: * Refactoring the non-container thread Async complete()/dispatch() handling to remove the possibility of deadlock * Improved UTF-8 handling for the RewriteValve - includes changes from 8.0.37: * Treat paths used to obtain a request dispatcher as encoded (configurable) * Various jdbc-pool fixes - drop tomcat-8.0.36-jar-scanner-loop.patch, upstream- Switch to commons-dbcp2 fate#321029- Backport fix for inifinite loop in the jar scanner for 8.0.36. (bnc#993862) Added: tomcat-8.0.36-jar-scanner-loop.patch- Version update to 8.0.36: * Another bugfix release for the 8.0 series. Full details: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.36_(markt) - CVE fixed by the version update: - CVE-2016-3092 (bnc#986359) - Fixed a deployment error in the examples webapp by changing the context.xml format to the new one introduced by Tomcat 8. See http://tomcat.apache.org/migration-8.html#Web_application_resources- fix maven fragments paths to build in multiple distribution versions- Version update to 8.0.33: * Another bugfix release for 8.0 series, full details: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.33_(markt) - Rebase tomcat-8.0-tomcat-users-webapp.patch - Rebase tomcat-7.0.53-JDTCompiler-java.patch to tomcat-8.0.33-JDTCompiler-java.patch- Fix fixme for the prereq preamble value - It seems systemd prints error on adding the @ services to macros so do not do that- package was partly merged with the scripts used in the Fedora distribution - support running multiple tomcat instances on the same server (fate#317783) - add catalina-jmx-remote.jar (fate#318403) - remove sysvinit support: systemd is required- update changes file for CVE information - Fixed CVEs: - CVE-2015-5346 (bnc#967814) in 8.0.32 - CVE-2015-5351 (bnc#967812) in 8.0.32 - CVE-2016-0706 (bnc#967815) in 8.0.32 - CVE-2016-0714 (bnc#967964) in 8.0.32 - CVE-2016-0763 (bnc#967966) in 8.0.32 - CVE-2015-5345 (bnc#967965) in 8.0.30 - CVE-2015-5174 (bnc#967967) in 8.0.27- Version update to 8.0.32: * Another bugfix release for 8.0 series, full details: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.32_(markt) - Rebase patch: * tomcat-8.0.9-property-build.windows.patch- update to Tomcat 8.0.28 * Multiple fixes, read upstream changelog at: https://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.28_(markt)- Some whitespace cleanups- Remove pointless conflicts on provide/obsolete symbols- Version bump to 8.0.23 fate#318913: * Multiple testfixes all around, read upstream changelog at: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.23_(markt)- Fix previous commit. Fix one rpmlint warning- Drop gpg verification from spec, it is done by obs- Fix build with new jpackage-tools- update to Tomcat 8.0.18: * Major update for tomcat8 from tomcat7 * For full changelog please read upstream changes at: + http://tomcat.apache.org/tomcat-8.0-doc/changelog.html * Rename all tomcat-7.0-* files to tomcat-8.0-* * Update keyring file - Update windows patch to apply again: * Deleted: tomcat-7.0.52-property-build.windows.patch * Added: tomcat-8.0.9-property-build.windows.patch * Added:tomcat-8.0-tomcat-users-webapp.patch * Deleted: tomcat-7.0-tomcat-users-webapp.patch * Added: tomcat-8.0-bootstrap-MANIFEST.MF.patch * Deleted: tomcat-7.0-bootstrap-MANIFEST.MF.patch- Version 1.1.30 or higher is required for APR listener (bnc#914725)/bin/shh01-ch3b 1720534825  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{$}~9.0.91-150200.68.1    docsBUILDING.txtMETA-INFcontext.xmlRELEASE-NOTES.txtRUNNING.txtWEB-INFjsp403.jspweb.xmlaio.htmlannotationapiindex.htmlapiindex.htmlappdevbuild.xml.txtdeployment.htmlindex.htmlinstallation.htmlintroduction.htmlprocesses.htmlsamplebuild.xmldocsREADME.txtindex.htmlsrcmypackageHello.javawebWEB-INFweb.xmlhello.jspimagestomcat.gifindex.htmlsource.htmlweb.xml.txtapr.htmlarchitectureindex.htmloverview.htmlrequestProcessrequestProcess.htmlauthentication-process.pngrequest-process.pngstartupstartup.htmlserverStartup.pdfserverStartup.txtbalancer-howto.htmlbuilding.htmlcdi.htmlcgi-howto.htmlchangelog.htmlclass-loader-howto.htmlcluster-howto.htmlcomments.htmlconfigajp.htmlautomatic-deployment.htmlcluster-channel.htmlcluster-deployer.htmlcluster-interceptor.htmlcluster-listener.htmlcluster-manager.htmlcluster-membership.htmlcluster-receiver.htmlcluster-sender.htmlcluster-valve.htmlcluster.htmlcontext.htmlcookie-processor.htmlcredentialhandler.htmlengine.htmlexecutor.htmlfilter.htmlglobalresources.htmlhost.htmlhttp.htmlhttp2.htmlindex.htmljar-scan-filter.htmljar-scanner.htmljaspic.htmllisteners.htmlloader.htmlmanager.htmlrealm.htmlresources.htmlserver.htmlservice.htmlsessionidgenerator.htmlsystemprops.htmlvalve.htmlconnectors.htmldefault-servlet.htmldeployer-howto.htmldevelopers.htmlelapiindex.htmlgraal.htmlhost-manager-howto.htmlhtml-host-manager-howto.htmlhtml-manager-howto.htmlimagesadd.gifasf-logo.svgcode.gifcors-flowchart.pngdesign.gifdocs-stylesheet.cssdocs.giffix.giffontsOpenSans400.woffOpenSans400italic.woffOpenSans600.woffOpenSans600italic.woffOpenSans700.woffOpenSans700italic.wofffonts.csstomcat.giftomcat.pngupdate.gifvoid.gifindex.htmlintroduction.htmljasper-howto.htmljaspicapiindex.htmljdbc-pool.htmljndi-datasource-examples-howto.htmljndi-resources-howto.htmljspapiindex.htmllogging.htmlmanager-howto.htmlmaven-jars.htmlmbeans-descriptors-howto.htmlmbeans-descriptors.dtdmonitoring.htmlproxy-howto.htmlrealm-howto.htmlrewrite.htmlsecurity-howto.htmlsecurity-manager-howto.htmlservletapiindex.htmlsetup.htmlssi-howto.htmlssl-howto.htmltribesdevelopers.htmlfaq.htmlinterceptors.htmlintroduction.htmlmembership.htmlsetup.htmlstatus.htmltransport.htmlvirtual-hosting-howto.htmlweb-socket-howto.htmlwebsocketapiindex.htmlwindows-auth-howto.htmlwindows-service-howto.html/usr/share/tomcat/tomcat-webapps//usr/share/tomcat/tomcat-webapps/docs//usr/share/tomcat/tomcat-webapps/docs/META-INF//usr/share/tomcat/tomcat-webapps/docs/WEB-INF//usr/share/tomcat/tomcat-webapps/docs/WEB-INF/jsp//usr/share/tomcat/tomcat-webapps/docs/annotationapi//usr/share/tomcat/tomcat-webapps/docs/api//usr/share/tomcat/tomcat-webapps/docs/appdev//usr/share/tomcat/tomcat-webapps/docs/appdev/sample//usr/share/tomcat/tomcat-webapps/docs/appdev/sample/docs//usr/share/tomcat/tomcat-webapps/docs/appdev/sample/src//usr/share/tomcat/tomcat-webapps/docs/appdev/sample/src/mypackage//usr/share/tomcat/tomcat-webapps/docs/appdev/sample/web//usr/share/tomcat/tomcat-webapps/docs/appdev/sample/web/WEB-INF//usr/share/tomcat/tomcat-webapps/docs/appdev/sample/web/images//usr/share/tomcat/tomcat-webapps/docs/architecture//usr/share/tomcat/tomcat-webapps/docs/architecture/requestProcess//usr/share/tomcat/tomcat-webapps/docs/architecture/startup//usr/share/tomcat/tomcat-webapps/docs/config//usr/share/tomcat/tomcat-webapps/docs/elapi//usr/share/tomcat/tomcat-webapps/docs/images//usr/share/tomcat/tomcat-webapps/docs/images/fonts//usr/share/tomcat/tomcat-webapps/docs/jaspicapi//usr/share/tomcat/tomcat-webapps/docs/jspapi//usr/share/tomcat/tomcat-webapps/docs/servletapi//usr/share/tomcat/tomcat-webapps/docs/tribes//usr/share/tomcat/tomcat-webapps/docs/websocketapi/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:34708/SUSE_SLE-15-SP2_Update/56ff2ab83dbfb246ba18314b4b496edc-tomcat.SUSE_SLE-15-SP2_Updatedrpmxz5noarch-suse-linux       directoryASCII textXML 1.0 document, ASCII textHTML document, ASCII textHTML document, ASCII text, with very long linesexported SGML document, ASCII textPerl5 module source, ASCII textGIF image data, version 89a, 146 x 92PNG image data, 1873 x 846, 8-bit/color RGB, non-interlacedPNG image data, 2901 x 1431, 8-bit/color RGB, non-interlacedHTML document, UTF-8 Unicode text, with very long linesGIF image data, version 89a, 20 x 20SVG Scalable Vector Graphics imagePNG image data, 976 x 756, 8-bit/color RGB, non-interlacedWeb Open Font Format, TrueType, length 21956, version 1.1Web Open Font Format, TrueType, length 21092, version 1.1Web Open Font Format, TrueType, length 22604, version 1.1Web Open Font Format, TrueType, length 21252, version 1.1Web Open Font Format, TrueType, length 22748, version 1.1Web Open Font Format, TrueType, length 21184, version 1.1PNG image data, 146 x 92, 8-bit/color RGBA, non-interlacedGIF image data, version 89a, 1 x 1 Autf-81fdd4eb47112867e6567cc310e06522249bf510325a07bf9be9ffe8464277e33?07zXZ !t/:]"k%1Աq `ȇ D8/>25Yڥu6.WT,HϡvqByز-G$ɏRg^VSE|x`Cn|bA{M,5K?3Ӷ>4g9\ IF1*vX; s}>Ҏ;xcA31H>סbZD_@xwݘsD-a;`đx5%.O¹*ͩId$\a@xT6>&yŽsPC7޴HbWiw5@iwYAԚ? nAoL%rvi|\qmIFd!!6N^@k`\E7Юpⰾs qrihz4fNsbdbJk)B>Ycne71d~h:79VeJYl'סfRa`Ϙ15OyS .5)RȖ>ѫGT n+7hJA^X.i_ZlmRҏܿsH z=>Y8%8|yfKvӋK.zaA򶦞ɥ #^;aNV&G* o@YuFWKu1'yh}n:eG4ւئ#2S+Їcf5'Cj4+Jd5oyh@G@$;t6}yVgdAf6gcC>؍hI~Qi.[1ct_CwLs!qm,0V Gu&}S%yEP'6&f_[2uZ4J>IL!5;CφS}oKҺvYR Hqu#uu^BfKO歼Lqg?i QNQ~,)%:Tnn.x6&'swn8(aR>۵>p:2;mL $fs3f7 Wu 1x7rGTün̆[冷@"$Ka%#)e;PJ$ncKER Q5{ 9ߞ/5[i-m).J<\Dt u⌐kgyyҵ  *^IPytᨒVE&M+Z*g ӌ53m'ۭ+5;ķ09&3襲cK:^6qv(K:b!ZT!Ţ/^Bt<)$-T&\pfR=ZB[\JG z[M{'9L#951:DKm1\liYa]<R %(οPӍ4;tM]:?U%hG::#9^=ƙvmm'.(,)>&Mؤk z 4C˯ Q9->Ɍ:5.8`WN]-#Bpj,쎉C ܄|Y@3i9/l5Ue~[6!}oAW7f6ܥӌ彁Ck.KE5] *yRD51hgo>@{9 K.P. @{-ff@YEZ̚$ 60^D a1Ij: TE;W=yw^c69dzx+_)(۹B4-y`c`_5R<kM螱 H)[~4g> /~i^JA⪎0لS-bjXϨw[[lEEёՁ;prmv+Sk&7׈4*%Hո [9HيgNv$!*Fx#St}jтqFd; tCu^* vHa`bf^ ZR%c _`paL:5}\ _hQJ0ûҪdU - ۻf .ԘE壑yB(MPr@o,hJžls4)M>)-8;5Qn> >06*?g`$pG!K~` A%9~⁒ߕ |˥e>e;`fp:3y Z̸?t̥A~iO}c(`]d㷑r'Qk-@HWx9hw FCalvA8p|c~/dZlx C_ʳ6J A 7.,P11)Gd7EXNMC1r.[U~WQPƳ8=qFk>)$X ҩ/u5ciN6 k"@YF/IK5~KtN藧ٟ١ZH)NP;+`R pN#|z0wg%dHaadog$*Xҍ`>f=q CErS]mbYdG1A;Ь,K`ݗ};+ 3Y>S\rUE%/6}nSN_> W y_ q3!9ԩ…NpF f1Fh^od&2drrBeCXọe/? |>"ks{66ذ#趡gܵZh"˩Qxp'Cӛ'/FN'Ahַ4;'4 r-!mpR$4 N9Auh{q>ۡN,{9/IX_2r ?ZC71g4'=0s'EsgYúw8RZ;ЏzH "M?A)K KDePU'VB&\FZN=7b_GvCƐ<Zil[6#C:]aÚzʽUK~25z^./gH/k %M%Dv+ͧ5-tJWQ/ Rcop.pv ~n(P!0,$IXu6c-:rV ?Z p 3#<vOBkJMoҸ^dDKFpФ3`+U UT$g^c)pC~[&b/9 EIWB'# KVOnn5c@( xH|;^)z:>IRI+e!0:޹)xξu><&}&hz;2DH-4jm_6_טqJg_y(K%5nN54j^)V aUߺZƈfL~UE>ݜe5\r3{w-Xy9%,dX8Rl8S45A߇"qE !Y#D],T;/oN:z\P}Iָc&[P˟ؤrKm™]]w6i5cs3i#GEe2#fmaibSG! $Yfl1(&0T}!L vl5Fօgb\DVV%+Vl}WCp:ocхSdH:^ H:+ Y4H0ܶGvNT;kTd©ކs\%1` ^P?HhkLshYoZj/d ۧw>ʽKWx {i3#utE('I[_\t;rA6&R/ I :zft:>ByG0rq̸I(y7cE>y-C)df+{wJq4&X 6\ٯ #9u24<5PNOB39PC1̲^!s+"S"|oZӻ@t+%$J㡰^ 0.ο-EEqK"ۘ}^16GJr (aDGD5հ: sWmcu~ f%$u/\LE>vJm`* o mf]#R0<!曌,h_˓" ,tvQI_Tr>yeS5`a[3|Y@%^uՂ|]_ &:{[x4Izv6=qO=w z!jГ _-$̚-ȁy 4ٝx;_HKQk|) |_4s!-o/& N:3o7-v8B_ Eɩ3Vڟ%yGl̚VqS"]P+R-5N욜U gfgo̜{=U!1lq20Wn /F\|,3u)_fGE:RɌkdu4tŷd{X-_! 3S8ޑ!]Aˊ,B;zBsyUH 2ٺhdۡ`<*]hX(TbRՋ\]8qL ӖvW"̆<6T?5=!+q~|«u$;k-CAρ{~:-Cw+y KuH%Kov">*-d0LqG_tb)Qt\#i^#X]-Ӳb R_}6ʦktl\,2.?ypmNFnYtۂ17GyKVxYEJ%o _F_Bj z) z҅*pZA;Mʭ!{ދc?!G-%-q"Um&D !<ٕrg eT@t׹4Q3bG[s<m?ЄYR>uC5R<8XwZ+{n[XdYBk'8"-U Qh1_m&EbՖZv%:zǧƏB1¸8;3@"|/}kZEw#w7.i?O苃O{1rU޻)wAwz ?F4  9X)-LD*oI)aqKbؗWUxvVAvKs!=it1HxkP.[(ysK#*nۚD+1m4rѡE(НStz0PjW[C_l)iظy=_eIVbH2(, 5"mo󷹞<8Ƃ-ܗm2D1vʂV )E`,MnKjh13a|gI l3{3MS"A؎6 ΏD²2qD]HE9ܮaTODi:9J1ʢߓu-%H],Gcmn^h"TKФ?XJ.o ćyTH* t>Q{dDҭ97]؞j*cN!5GZN m+M >܋wjESKJB7m-e*Yo-Kw;1`9IXr١ m~pS">-> xY5d7]v&u LXu헀V.A‡NKlo L"̬7̾y C>HYȪQ^-N,gY9a߇AcB=oW5r{yUw)LR7&Vt[=աgGR.}_䵔Z ׶UޗVPO %RC?_/؉G'Xł(Run3p2mKSW)GLQ6ܭI 9D[a`Xu cZ}n_ ->\d˘ ^뼻eQ(;O5&ìTGݠ>Sw5- ח'k:3}$s<ɥm@#5ؐ5i@bl<odcpw %. }<0>A`Bx7q~r"ZnMH&mMǑ=pybyݴ;- 6(tkE~EayӰ*ى.eD$h2g"V=ɀB; \/wB̈>DLXf[JG峁%KW:޿ڇ6"٭jLԊNtiLpc}?q[c/B[b/7)sٞ6Fh݂3<lMM [S OJ5R<,Ũ9]6&zs`PaT4(a6YHv pI Do̕*v푖Z' <OwZXoF/ƟpWϸCGF7) }g1]ηob79Xc`[]eT̽y(Z!xUom:= \WfW|k7,Z/!^!}&yOKJxo4/(Ѝi2NUw'unp Ƭu:t͐Jrں}uW<[,2T13IavpefiӽMfӬ(Mö׍TR \_?NA`3=;*m N|TobJAP[rJI^qXrX}S)CfTDσڼ( ?X{T&."׽o`hU"RӮ0GfAW/ %ovaS&.õNG}J˴+@ G3H]nzreisFvԆ;/y2ՓEf6`]hcWl֞ 3Hڂ' bl&O bDU/]i4LjH;6[}FL='ema' *% >!ѕ %=N09MC$v/~o%6eH@E\ONL{ ڊnfc%Ysg>yf Xƈ:nyt_Ro"$(,z/ &9,\jlG730oli04ffn$T1%N3>𚢡' Eed@4QyR;:` "9]SVr;('O7U-zHV=?g-ES_@JGE`E{$)$ժfE!n]$Ee6ַp(+x{?z}eU:鷺>kп%y{]78;7l(1!=t:^ oDRbn[S 4HsSa*%ָiii̿% '۾ y[Z,-ItGG{E\(`<W?e9HIΖ;F=~7i Z! do.wHEs\" #g="O~H |2ЃRsM ] m"jMg=xv)YUjt؝{ht!~!?͞ 4!a($ {Hp{+9 i.'VR705{1 ޥ6VHNsRـtIG5~iP›.Mrr|]9o>wq7 WcoY@wRGMx ̊e^ jXY` m?'Y(jv ;J} ^AB- %|A$a Eu,Ό:l*Ha> $ΐ䔙`&IK^6 nV mbuı,Cbɋ=NOcaxۓA$k:jYPN찹=$.`f44NQ*yX(>(kڟBϯkzNVe 椐yk3sP1CfiCs+f^3/"m1ʂ|PrȄZ<#̜`oY4wYZdq>żztIzK )E+SIAǐ)͘*+`(Z#xnx9'Y?i#.Z+B/MdM|S/XQ~pkun8z;h?s|Z( Uv&n#m+7 CG6bX`Jݔevw˞I:[MDX3+Y5"F`#n`-!:bK&#ߖm`&ZWJf2wT4ϭXD#Ax}<)T6Tџ>j`Ʒ0M/];K&@ƫԢ~ڬѻ/a.U=r+> Ft._i*aP|5zJb֠8±@\ԑv~|Cd\8'+FP]K)Ce*-/~#T(dup ŽbNO|pR r6=3 ^ErRg'<oDZ-~,fb9;̉pSg#^z*`#g_csd+y$qiuhCu0AN ݵ+ݗ9Wj NҫN@!txbZpJmXA΄sT fG"6AgEsg7 =fs{97&1UinO/c_Hd)Mbէ}$;P&M:8 mTH\aiUç? =VL- MhwKAP(M?̊Tю̠Yӊ}r .g*L$d9 zu5xt=,F _*%347J 򑪙XɿQݢ7#ujEM--HeJ3AX4u@C $lI=#΁K.iL$2E61C1$ӿ3w8hPYVrm@ᘮuaB9$RsEG"Yf:UYQD ɻX4+-z4)銔[՘a+L'ڌ̨jz& TN͏SS%%! M72*3Wp;±M5xpa ⇶2y1,`m%+d3'%ՠ㾡PeG_T:QG<|=YnSOELF^L's~K*j ,pPy, y-< r(4Zi\tCXJ_`S Hyh#;84R] Rzދ)1lHT_qȜ}e>@vyCHo=c-\X_Ilvez 0GToy4bNM7unŝĶmRrKAT?Ր>%RP~t702+؉.pŧݟoSam*<&uBZ+2C-Nic߈>/Xu# Api_;4vʌK_՚B\zqgT,U&ދЫ$ITO#A&[իAG|G/3 ̼¯|U̐<Nl5 ԳF':)A{ZN{e!Sb ?&Z:lVPr`d,UF] -×(4{# $/֯1l!0 ;yNl[|ء}d4ks˖&_>VnV GЫi I! k{Ժ F7hBfLh# wx6xWhr.^gLBwpR蘰XOm`_WBfk?)Qڽq|"Vbh?IgX8ޞRҪ)a]BL]MqƦGSn›fWə}#t8ut&܅X r`gq|SI \/X&jț0lR9">.ME ]uT'֛e֡ߍ︅LL)rJGxT!j{3OuxA(OΏ3 7S')_օ3F%edNQ -aO uK$]zwhyi$)FePŒφتhI{gOLOptX^%Gn rkc ?&`Hs'A!+nA ԘL#oZ3[Ս`{Q)Z-_^'I#}!Ĵx~Q+4c*2LV3+߮V!gw֢S'ص>hxsrZz m޽s5fpAb׷9g*n d&W+L6z& a.|ezSyTCIDGUO%qVk=ӋVгぢ/3a6s뮆xLnFvu SO5;N̹#FX^sn2@ 8u~J!X# A鏄{wyW^$N\;T'Ofs9"M6; n3,«FA[r?<|Sn`OYu1`ΝGqȷ2뱛\$+m۶{$WH7z`C@8rRy8PN@.Ȯz[f"f6/ L [8!Tq6E3͗!J#e ,yRtΐ-~2>1gae-mAL[ǟk*nA-!Za/;u]=V::dPc)U 5($aTs&L6S7 ^Grߥxw>t;9d1֔x+ i9EiYUvLfR2$H͐øҿƜ [pi &Tw4!̍b3V2L肌6bXkvDd!KEMҍW>1T@k)fJ >;<(CdxIӓb`6,*[1#K6Y!h[7c☋z*VfV.ӆ~]vVC_|Cgo$qAL%+Ժ޺pdEm"&;h(Z?[r昰iŐW=og]\aUxT8x~+iFvV;%4vJ#m -p9u_ +ҕp.fR9$B)h"8)jC 'qZzN5e`xc%VM@"~rF{8ORDZF97s:Cb`+8,czT(F;އf|/Еh0tWWTX=E2PDwift̫X:2JU)'I?9-b.j~9 n*4sĒ$#W!rM;E@j"]1{)()Xvr-/'복JS{"JoYuZ# F CYָĘ"27痷; LL5+N$:נOYKC LiMsԻE~KՃxE%8[lǼJeC26P6-IM'yxU:LB=}*d7e^Cu$k Ñ7mJ߆'C𤾚 a~cr1\_L3x@ |NTD?#d$(d& 9v:({9\YU dVDm;3U~Ms9g 1LJ'TMc,6r# '.EDmF-"ONAP@fJFXǰ. T% U>6s)Tu%`-ϓw͍59SkE|BlJ=1c(;ڔɳ(m1ϜFf5ӱtxB}-f9W5Y']NȂ1i 914j 4Tv*mW[ҍ^ۗ:`ʵrL\NQsաŻ`lKmhl`g~Tî@2Gm_^6.9v{q+nL#HNHNwժӎT+I<(wukUMkV| ;-w*3= 00w^^a"dt叆v=*6Tx7w3gbV"do0׊g*t;fВ72\:qT%HjE8Kt}N+4T03VbjP(V}gJBZ ߒw TJŎxѭYTҊ #͢)vpÇ}x9-0-']]B0* ]XCUфk2N[ErfZXjfqiƒOn_r{^_'X ?|Bay`fs4N3,Sn6,`zb,K<@9p0Ӻ[6QW"p/(5E&1΢/\` ]!êykz+Ȧ:JD*a Ysߎ{W Ҧ!r %RN:_p[ty.qڿlEf_ W^-5|t8`Z+T4mZ)dN>YŒ]0 P&/1)}Y˄!E۳w<qķљVIOb:bS,-NWlTpRW"j~Ksw+O71/RdyiݓF|Zp~KPڳTð/5"=:At' &qcʞz06oЈ I&M5Njnj^zB L:$@fnWEMңܯ,53P<_TH'p8IofIg>q܁4j˨mĝ(iHȘI2T<nkf 2zB;H G0ԯ#[(d7 ]Qb w\PuB>Kӥ)0(CC1ξГܰ4SD{X^%ǔˆIk1#O W+neƵh]cW yYnW1wfZn51 ̬O.l- : ̰q}50"L>+@EMC,?ؙgF*u풇e]Ga>@b NeRH54DGj%HrlX)aF:,P|EF4m萋 pMu_ŔStg,7!^$u"ůh z!*IyȧG9v!da w9r #oPb\O kA &HO,A#O9.=Pvq$P璛&fo2ɻT ӣO,~@ sT䞞12.Ѷ]-Y念T;çO{i770<+`q@)ә+,TWܔ`;ӥMPh^x_sR߫l{09 *3"dPrYHI 6b' \p"18uMIy\At"o!Cm2]q9Xv%/` ([tV{q5bZ|7V3K'PA]Ĉ9#4F6І5V&$Fhv`1ICghoYT6\[΂_"d meX&3U1k0򝶾wԵun L2 rQ2g7hV_dr!R7zߑYwTf#,&o}$oU$-0!a<_,3М\tiS+aC3/G- caҽ 0([R~/X†:x|' P'6#x;5M[B,hn=mn_R+ /,p!BY_E> It}aR{v ᭲:%]=ÕrNvwB;/`Q~p.4j@& aRتIxN]a^lqBp9qo8$]&-1k]Ia{Cb3 n=FB{τՇ 6vIL\U_1ԴBS^w1p}=4+٠j("…3ݚ5a[ٞt~οw1Yb!㟹ÔM1ӎ&Ќ*yV*y->> F:Hb%kΥydi-){s!Q$E5ܞLLr {D-. p))_CNG#rx96UP}=_Ҍ`]t: {MvXI,G,#ݢipz늙,iyp˘g-+ ~r3V xOJ]qQiL,V?pOx 6+>CQ3 FEn$`Ҡ*`jeZ$wʔԃ2W6k:vZkJBD(_2Y՟_ţjqiXcm[t v׆}R!U䁼y4n^jܫ~g /JF.K(A$zo1RG 7OGA[oPy.#"0âRxs7qLuڻ1sC@!qăN*LD +cY .T2NQadL8Hڻuv2r&qPROx$+ 1%<Q&tj}59~DZTP5_g0>LBhs3,4Opwډ,:kY)?=83ZϸqʘRA.AAnČV}]0j':U얾ξx={gT^wS1*5s߁3U/߇?'V  Op Fe_r7k {Gz#$p\'I'&2`xT'@AG8B%{BEX1{! o3:"Qe ~C6opK)_EN~ٙCv?ƩdG4jAGs8 9P87MÀi4)}gז{ h 1)jt?Ƶ!sRV1g=T@Yfbm7[zg7 僓dȱU&V3W_>E8*1rqUOvl)dE&Кbα(DdƒY &eB,Kf_ED{T\.p96uE_y*f؞)F*Myd=>n,J!Mucl*te-ۮ %z>J4 rF.=!^U%,GNmBa(w:h҂Y>XXyyM\d)NrRGQB%8lhu~A2!Ne?ޡC92y>r=EJrgOg9>x\(|cS>g~"Ƥ&?%am-j(-fD?P˼gf<8"EU`8gQArC2P1vmITm9 B§dؾjɶ@/+xa{Ibr¨U` CXOȆc[}'i36>A7@,JI^B1$ 4 TOdscA(q]4VĤE2#{c$hn=l*<, gS: 9 4`"8[Ֆ>RZڦ wfGM=ȷ통fp*;shL  ՘wՎnwetesn"d8%۟lXC}YY<%:‹CQhxC'cfHw܅Br?xQϲ3ZvrCK2xkL> gkJ#3C7f(>(ʘ ߛ} 0'^V\w[抁bV[I!.TG@U*;reRR,}]Œ07BFƢ DC?$‰E>s,^RU!z!2eͷx3q Oye x..`WŢ4Lm?:WDㆬC6%hB#qf9 QR!E>s (H^,a8P U>[7i\s ގjbቨ)Fjh!E4}*ڄ:/7K3»fト1Z4dYYI/[:!zo<VύR /m_0?Yھ}(lA[ٱG[VPJΪN&6<22U?obi(ҿ<&GɠwRPQ_$\m,}:&J剮BXΞK. L2ϡ SZ3fKIu/j3zfq ͠ɔx1!btE"@{hjS5[],k<6O qٖIC/98 ^b]}Ʒ$[c7\ogGc vg(nz!qD'цf/D2fa/@t<3l`z*(qy}%7dFB%+6fb&jb],mPp X_lq[ D}}$xR!820╪"uF:!8|4t;63{{Ks&E cbKʵ+{*wX~]5 '&j(޿z`ГV*,-{3Vծs:0ǟǎ-#= S#9SΦ)ߠ~N8Me\w -s9`~\b]c8!-7ϥ=L㬘]qVb{ 74/2R1vn{= 3.LgY89r-H1yȀ2's1%7DPB`MyhXTV$]D | rt7q~]( Ls Z,G˨wjc@S'4%|No9Bos 0`N1qv xBY+匿_Ҭ6 6">݋ T5F|~gu; 9= C KR:ZJp릭O(M @tkR4j7{^a͠sh#4K|d;kwq`3kQVP ?: !,'߈r{l62s@ѬlQUGVDGxt gf@$ގ{^Xk .8*_M h.%x(aq=꧳ k+бj4aFLL1"{,cf-%.tOaY'oB曆WXDA"wٛAr]{'G0j)s-(*O=4.\0t^" 'Jc㔋;0ѽ`|bKM3EZc4sM֓`M` ?PEYS-c 4TIΚiCŕq u4Dx.UupZf;ealYޟRj2(rwף;/Obh8U 2 {c~3YgiH;F*U7^6i#bko۲lQ\ۥ<$XNDjƂ#y0AQz}D9kIMeu_ӌ +3hu"ue.*- tNc..9͋@`% XSJ=tI- k B.F~Z0 qe{E2L!=˼R|_ J@xVX̐7M ̰cMi>obg:kH'w-7@.5}/H4' ieKVf4ˮW۠n>mT5,-QbpUxn}Q+[ I)aͨguWc7$ӓ+ڣ~nKߤyҶ/9l'Ud jlVt|/pFk(2+w_DyEbҧkqZahB͘EG>[x1mλi r7J5$Y@ cNj%r _UNo嵎z(XMm&Io-Ɩy"XZ\bvmڑXQP x.Zlŀ$!e+EBm_$O?XF[e[Txn&5"MI1ܗ*?za 흪+zw 9-!ңt+WvVy-YNfyPvՈm:qWe3]6M7sB#tzp]cP~EXW (c1,_ ]b@HHotp- >t0{,FrTPO@ Dn/]\ kv pJ ɾ՟llkMɎ:Y0;zc8- eE4׮Ԍh32i Upa9щ,>僌(W y x|7j5 >I qɴ))Sb݄5IVۡr*cX $V~, Q)H4?H +H`$^U.Hp||tb)%}u|9a=s~1[20'=O]ά+ \HSw-s4+BNxNMĮT1# p;>ћ!گ M$Ib:L]AU(,\wD1]-d_*K?dDQ@V&sdLr{ξX2.F1vHLO+%קR 5vʆM yG"ԥ^WI5y$FB#gI"A|9OKZ.M2}(B9/" #jb tp_Ơ*@-; )l P|okvɚKWEܢF~ .ɴl5 |[_םnk#H_p'0db;Zw897,Zxv/D2ho]^ea5\Е*cwL{4c mrZs}iSv KYKfe(U)8hѪZiIJVn7-=&9;DV[~5tn,c-_*r[BoȈѧtGf-jmOIM IyH3@x]˵R?h}D{U9Gu2YmV衘H,++ܶS*t,_JWn/rx0Ic.9r;#/Py1%9p̠Oo+rZ?nڡuPN킗CغNS2^ɑ~pqQS-T.AΣI.ɾ*':Rp2QjwPqg+ ?"EVĻfyf^2}IP.OI3Wcѣ6NMJ eζe0a,FS?CWATK Xm)q;P()B)DPo+8Z ԳO.ۜw&|%p<& K,]9U EYv/yvJchBJyT*wv[9[UXUT\/Obdt( k1I>J*fĸoY @6ѷXJfS6iyZ~mG`rD se#W/2{nҬy>8FL(Sk5t,Un(h~[+prJW< P PU9ՠ#3^+ιgI`]kZ\ȽmuwPpS )F/ұ]ʀ!/ʬ݌ BVѻsSpv>Vdro!$$TM+!%lm͙5wvCXj`v3vtRG+ -B-ߓpjjpMBTv}bP -)8Pd2pح}8 h͍wv!07 ~l.F7`X2^j X S $ GnQedAy;eƚHT׸rMٵԨ*ɛ''n7;A`B,@+P))zeͪWW=\)~ŏ|ͼW'^]4>#IƔce*SvU3æS)p4#ZlwݢM=$3IށTclz^Hb1ʄ n_ 0y $Cp[qܬrtҨN*mLJ4=x}L% R"֨xs~F*W$`Q\a1WT 6S 4g-|mϱ$~,RS? P68 d ',z b~qp$Ô/Ѕk jXvQP9./Os`U lz5HØ#,rc,y`IU(B)ö&kaH"QsY.MQ/c˜8 *ug{ M[(~0\ zf/60  #l=U4OgI&vKFw6hjP?|eBߎPӪy1Aȡm|ږ@3"پ/~zÇW?mN7̳,/=V&t|`S P^qaCE}WrՎ/Jq9]ɰ2&oRGg7vF p<13PZAb<#4ef?,\>yd7e ;Yy 6@q~p{[ If!W$jX6C$tmVUT%F,T< 8I e_ Ge={? ?9cv=z1qd2}OGm+=F|Eܿyv%;KHoBp4)L"ɿ[r ekh,{lOla򢗃qmm^U/۱+jKXڧa [ Y< :'׸U2-@[X[%J`"*B)_DIQyB&\2[ Աm43h X = l(2€35|>s\6daX'Ճsx p TLG̡Mӟ}`ᷛQKJk^FBczíE G6W өhsL$Qm2x1M O>J$;lU).jW"2pS _ Pb9EoӾ@4tZ(|L'JۯVٟy&=eç1:I]ga1(K$ &>/z1&yOU bIbѻO d\N?ZOiz]d1ˇUzq?mIX$-kKvs14>xOzσk}`S)".?E,2G鬤fol&-[cٷ'} `Fȡj4 y71B;]oNXJ !P*#ᆯw}*:&, j>fqc4ʾ_R$_5cQ&ZՍR]P}?.iIwZ!+Qn1]#\TR@.3[ U\ir2Qh, JhzPѯ63%bAX ghbUfIq}<&1/rݫ=]gP'zy[a9D UWۂ bY㉑0P,(M]Ӫ!JKKnH(]yFU+x3O;&A[?s`pQ4Zp݄2L4DL[|/&[[J#Hcɇ^R{[hjP&b[|l>cV?Zy |$o" aOFK&QA2H, (jYgp( .Ep`h$K`\BfTUB!XXɸj5;3<2VNsF3zR+#9&C1[uOyFP@)vAb*Ԓnn-S{4^xHh57I ɅZdrnFɀ x+X0ȥWlPI W+|yCDr%@*(ҝCՏL]Yy+YxݢbP`|+t* (< 73iInG7qeZ%_VJ/40:ԦSVt.ޱ'CXl3B#dS3,WC$ze%4~Aڸ`'Q&\No%K=QHu\#TD'" L

X4dP?\X擨 5|ucg^sis6~>dcy|߲RUj_3ЃK7]&GжO^EJ,ݥA{9kiKd`oLO-+TT^&DVƿEh:TnL6NѢ^Eg҆xNeгbM؃"/#ѝ@} u; ϛBo xq,}a%PY-{b=bl[!c5!.,Ҷ(TiLg9lҢI|Id$+p%6BDIʺ;9^$i0-2Ž1Pm^N0+T"ď2lJJnP+laZ͉Yߘ3PDi,~]t(Rv*CpU,1 1q1|:{pnf}'?ZthbM Hl_#Vӫ\KXY̋ӵ&kJ eyԁM/D;^:]P09,[5Exj}=~Oa<<(r2v'~.98;ӽE> r˕A`Jca1a|1B)^)SA]f1}:|;3 H}J-Lᾠ;x.huikh C&l<(NXVsvf76OT׹ax溬褍rح]DE60nhc2[eNb gfdpMht~&X ]r&9X[kZnWhv^[6WH{κUxD>i(byZ$N2vL.|(E@@ O{H0` dRf&XNu3HAV9X [V~)>FQlWb%nE1dx9a Ji[ yC evax$ZD+&-Y`l惦&yI6g2Yj›QVє4}M OՓI%JK;wմz2nP=9Q\5tVjyd[5ANr,Ⱦ=3`bhWb߲Ŏ)KL 6.R~kK)HM(Vp0>APN ڕSu'Y`. e+,o&ClʜҦ1 |v9eP_hdQc^&,Fҗ{$Yu[ɸ % ccher5!sF=z_[Y.Xrڦ=a>*]k Gq[;BUKG J22*5&'w6 L3Dc) n$2VxCL4[-s g-jlǓ)0 9X-"(9;&Q $wCآ "[ҕTO.}[Yx%vqCUH+f e ނSC竤6(%+VEo+?^<~OGh[:EQŜwq2%1\*+zDƱF f։G}YѪ _"~XQ#X-*KDf:ZWxlb[g'o/ ˛t>K@^-$x搃`#n'm!XIb?N ?@襞 }fK2D9I^1- PؚlY+ɯ~lIz.~jd.m ?VٗܛPz|p;έU a[01os/Nbjƚ hW5' 3چ|H@3&)Z~Îr)ddiq {St[QEI]ߨ_=B) ؛JomK W!>trF,鈱=J }Cgbߜ}J,t(wt+P9az^q.qgˁW`†0Ҽ:yKg = 딢vw^SoN덝^}x&"vN6Χ70 UWmzӵ$8_AM-.9d t|0`Zpw!2zf!w0DrW?\+Ժ]v5!]'@r\k@\)L<}2Jhe R*,\B}ڛ$7Ƀ<+wD|]ʄX򑠖b~/9kq9dofUJ夃>۔,쒵"ʆ! CgczwAb'J7S'kou!3O͔,.ri~h`2hr'M A٘Ts〒\=8䬕f0cdI%TU2^M'le; :ACrCM-sHv!wדdÁyh SJK(J!?婛ck{9InQu>Ch##2Ʌ0?_@RՍ < yPtn ]=DjY2czJ쀄/>RȀ8|[2\ҳA ucο^t[ВNc[/~.mwEJ++ m$noŵh} k.D[T0_ `oL-sY7e[qa`3bF ‘? }jũ:nQ&E ];7$fCfZ&R,b|U*ف %m]IOrR֎ٳ>@8Ļ> ?.}PC?[(rܠ#fڧFwX2VfzvO͋_|Zם$q8j㐰.bJV+HO?/*J-7?vGU ïD>EkRS̼wlJm;y_;4B饱,k`6Nu87XBCTԢOe@ Ykg 'jnpafΰ52_mU9כCf8NsC2vO|AD6.Jqel;sG'?Nr`!{MkH&ǖw.vpEsOM=u/t)T 󚅯ų+aZR!=,X64ZcwS{Ϭ5mS Dߣx,w?7'AM"*KSpOmA,8[lNkd!O"mժ,\Hh$y|@-ݿ*9,au YC]3!pht`.Nc@rPsT욥x,3ebA]YX!L p> `Fu:ˢ;-,%Oi ds#SJ{JBc߃$'GPU&67"]շ8yX_ҥp_IXkt 絻UAxuO$P:1 6hLAO/#??Lgns+9KP$zP4%3N"ŸY6jqHCS*hm'Ja=P/㟧2dv(œ}Qo\-a~aZ /[o4A~n͗Y3 M6bas(zDYVM&OO/7Ta0B}? ]\}تyfK؇.ҵ*TFzuFՒ@ ]bE3@TpɎΚ'Eۥ$zEr~z *铦B>̭iz! }ؖӎQʓ=f_sb\_!t,b&v;OpԼ:rZA%/8*@j?^{B/˽5z~t/ ]w?c ՜ӭf˙^vj !{=@Z$N¨&;Y 9:Z8Go߅7? *I8QH*Nr@:?y_"j"cmJf3*+/ܥJHZwC["NfϢ./CKyj +1{o-Su7AB]=B"Դ&Y!g8QP&@@#ћS\bkJ K W!*cM g>)buw[KJkl'J܀sV+J%ٕ41{pT`7D/C"}N?H@WO;(h%jv*rBѼj =8ž|ӿf#\pԎtXa riΗ(7/zav4HtT?36_AFR7fucU ͓.RX\3'@W¤O9kY~upfoU2zFj{0n6hF\Tƾ < 0? *=yE9xU{= (Vt0weCR²iH7 [˶ *H<{*ܼw ,'{?hYF^eԛ+~m ,[mj~3_M/\ؼ@iMM-ۗ]՝Fm&`Q։xuXgYoySqLN: >#\Z9*M&M=; P gyrڑk;*Bc PxbYTs툄cҹo?5~Gl0 .Ecҗ[} V8GH)r)o?:@]؁kwb6_ BN"k(ZL5/bfZWD1+di§B]eR*D !ܟ:U]_H #U7xz^Uci￾2ky Zvlw᫷"2>S==AD$.iG'Zik nC5&47{ '8s>=3b)JmHvM  +8a!+$sn l[j=-fH&΍J\EꪦсE~5Z+f%7#S<20:xݖХE<0OQƅqۺ$0b<ҭ׀O' AeL4 ¢XI.ЀL| 'vnO-8; \tMnF.$fW_H@DV w;nK,0)>ceIJ/_o4A57<@ҵ4t6Nt,MF:\ⱝT>o$tF˷4E8NJuL=b[N~9TQ M^%%(-', 1]mEtr@OOa00M6-OGLX@00m YQ\#&F?4'^B+7Ea-[h|Bkf?FP^u;Ć.f6 !u<>VQZT+un21Vf;m}g)ApUOCBoX)*B$/3e;L d@URm+PpO_CQ< <-+L2 f?)nGu ̕;e1w ),5Fh&pW-I ي>"EmB:G:8dȢF&)QM, 2]M3Xr2 Rm#~k5lJJ5# ;ebE|;=^/ -s,fͦ}$^I0yt„U G݋jh邴Qa}H/Δ Mh@XO 6KBq*o%}{G T#I4ʖkb kX* 5ZXr.tpcB3 CC07BL% 8ni?]6^Es9{yZڥ*_p򣔿eX2aPo3"7ޏ<}=+uC*=ֹGN-F~N^o(zHO:s)~ň(dmklkߵ]vx{TP20zNʌ^5&.?d$$W$p-XBOПH }M~us:gBHbpEL=vd` r6,g,:gD[ԘjDos?֎)x68E}䱏sE04}?tcSnn xƀ,Zv㾢9̺"Hwµ/ɗ }k@:MZ}*^ɰ#P )VRF܉K[,y!ӫQ{s"&h^l2ybz0-W(l=zy1Uq\WPaa@a u ina)5'C͙Z;( (JL*vՓP, !TB 9ˢ8O(z \ yLewtĒ)hQSY|z̴{y'rk' FL̑PDz| 7H|>|?${xɻtg(7yPc_=0Jąħ{xQeB|0Zi7U#[OLbyt ?%k&<ϭHydm R,aǸXy_J7F?IiGV`C<@Č|K٨p2N_QC27.f]RyrIOɣ[UmSthRPEOO:cy[&m_-3$q<%&Y>Hn0A`=YPy_VB[E af+ʰՋb<_oT[胳Rkf=δRcGjnFD\[mc<)dA#W&VG??VeD*+.lߍlZ\ܧ @K&0dG7:@p< ).FWSmT>ҀrmЊdY hvz?&>_7e/ye%CkqR/Qi`navfy CLF{s0DydIq–] FAW-RyY?$k黏k]cPmX?p>m@"Y&=iJ$U{dcs5w/'60$Z)ȹE[O!ab[%V֩Sy,G8%$4CP::%N+t@_h$<`^ y Ǻ )D$wwadb+ўqJ-KFh ǚ(c1wġ cȎ_޾n:QbtI;}~^8)R.͸D#pW!1BO̧͢)AMoEjUAp.~u# "`TtZ1'nA4& Jkx_#Bdg#pR{[CW@;9{lU9=ƒsس3)` 2sIcn D jʏ6*kq5st(QZ-K@]Bw)mv.%2%Q|&-vPn-9/ug9ZTXE`#9$b=7g.pqVڽC%0&sWH3y4{AW^w֒hԺzΕ2J9(+F-`Q% ب;3VH} ?7aN$}9Eo;a'qY)Rw0|o5Dr)O§ UsGh3DUA!ZX.nI<:JG:[S0|=7 &:PxGN Ayױ1Iv9= fe!&CQf~#ΞZ_V W5:'[dIp4`Fwd"hl8sm1Q$O7Ҩu 2;Ff/" 5e <ư=1[[8O+ SUu.سiǦ^ˊ~ƻ\ժ* *>M >^.lvD.aa rP+t݊QWaDsϧ7ځUy^Ҏ'bg8s^&m0=2Ɨ4q>1h|"-5cNn%}x¼[5}xxkA.;2S5Tx0>ʘH] hG:=R:WW~Ҕ@?r餪LELΘy(Θx yN:Jpm.)*rr;z+T#3\F=6?;~QM%\7A҉tu z^C׵7|Tۯg@V77չtO#yӰyw`qq,}"nœ-G:"ΌW9ReS]!!-K-M & 2xML^m(QS}7* g,x* Eњqc- Lx7cֈߍ^>K|z_Cp,П๡oR 1C~ ьъ)CÇ\#&q^[p$Ir\ᣝ+"Am:XsZN0R.!&x_5y&=/v=xMyR?iwcbͷ Q) Og8Src?g<5Hǣy>3<輸M4R_MX4~pDONȳlyJ }U `9rH+ $Qp͒VafK՗ލ"؁[m*dyVJ/"V r8pq퉈$Q%j|6ܒ߅?a}tamksnFo]22^|%*$]QʫZg'b :aav-G YzHb toqsr]"7RLaajن|e<=N5k3T!|#r,'hEy?ղi\z(g~㫔a-)S0b} !%e# &+ Z tƯA}/e #PD4\9fE`94W<{e+tѿ?VƵLuBfh*[,y鍶пjTZu jl \wO&=s a@bIb@kg$4F 0H!aI-z\׼˶J"TցC ~Pe8q9:xjk퐴FvQܳ(ǻ -ا60S|Ժ8{-q7.!vç]ݕo%"l_;vl88yr`{`腔 υnZ v5nTf߳i>M Ć ң`0 o'?⫝ib){RXMfhʜf,kLRJj̣dZ$KL;mKd~Ѝ ^(`e8Q_ƻg"lUC` /V_]qґ.ְv5͋ap^u Ug0BC nMo}Wo-Sƻ<=9O&<7cQ"2`Q0d9g4y_*MU÷NHq8;[,M1r-" Tt]?~9͈ *+:SU)óEBCv/sҎ#+m:=h-imz?E K@[~3l+wYc*m+1v0Ze>}Z>e\S@ ps2`ovu1DS:BLaA є%F6ylUj%!aqBScDÁsP(ƙrPJRD ϡA5zzu_ ݸs5ge^ͶWϛ,6=4pS|7R,;^,vtjp0׻u91iX Ia(ޫ/C0[P4c> flU7gخ[ Ncz>諒5ΩZgJ"5MX7k4&T:t[k8=vvOBk$gP.˽>ck4F}beA 9iE+15[|+Ԅۜ[|7UͲLIĵ dBvxeit{B W69 JՔvs#v~-ń|re%'OLXt%GԱ8ai=#æ 1l8 /(|zTeBn d&˟& h+gEJ>2 \e>,9vAȽ! ,$w 70>:6Nq\2m}6УS`9[XB(V%3|ѕk ۿe TIvgfxdMt% D:bw=ޝΦ&x/ժ>\} ^XjqYǿѿ[`2S{%N,Chfύ9Ѥ 7![h*?TdрYyꈳGwd"RXO.4GTLdMqh2,\;[ž m% (4Y*Rq}h\'Agu2Lw)Ù]*(Ø.B4))N#ZZzD67#킼u}# gm5$j`^fJ㼸Vx.ƮPfM#gY"|?݌"ydNne?*ayO-wۧ459˕n"%Nuz*)J}S *Vk Ph~vі/\vSU<:a_u 3+1!tIf#VG)`j5 3m =bUraRF$3L݀6tvxq4Ìt%.0K]mbLMi`1}@yЬ)ZPUXд\r{uO{k"Cv Pv^%0(MN C0]s 6 }ZmnuX5ۓ{N;S y0eEf @Q2]]߃xSs`80N=פ?a5B0}GŹ^冒# -YñƸhQ ;2 Q &(#\!>=MPW)FWs]ᙴ{Gxp麽U&榲JqC8ўj_E ;f5GD$j2 FU\ p>Gj?)x./ [vܤ~46c%."NQF2a^N@/Qh B8T㔶RMwڢj8# z <K*wG xS˦X zrOQ hE6, '9aȈ(|:Gv \h2h1Tka#m ]HKFf@*xȋJL(H!PiŸps!+wEX+#1uYu¤µ qV̧aH6f>8Ed9 jz[Mn#:|ǯS+pFkZ37?Y'_ _9&uPI8V,/MB:-L9N_;cEY-q^&Dָ{lWu*)P[J7&F cM3p >bxKEJaz) &0Ľ/B3 ɢ]ƋP+ 7-O ġanGFZ>o~480CkBЪ)/*u _̯}=O0R!,ΏZoݭ^D0Wߩ83])\饯F| JHбOk%&:s4@1sIy&^[3lB, s56O ٙQ4%*IPl2R;sv׀g%jtohK}}cE9v{r^Ay$$y%`#CfssW Lt_~D|s#s)_=0΀5&v3hscpᡟ,Č? f0sՃ}VFYԅ\Ϛ@i o!;+!-.TYIW'o&:&Kv<O4{n& S_\#Q/>ڶEkUy2r6~:h|2K IZq;èMY_lހU~H.%woM{®\ *,.d;@sA ysӸ@ hG _ Q ䷪ uuz@3l_yF^iT V]q__ kn.:D½z&#m:CIy2@4A4mSr^kggT٭_[/e hbf=ֱFMwhcNioB!irKH(X 7LC%  B/]ꄹEԏ\ +s ]ʺЈjWj[3H߶=nx &ќ8/]6<8wx-Hl3>U\ ;:T̒ [we#(A~Ksq>7}ea;k=C.﫶IkTa;.'8jdIR- B٘twM%t*&a/~#ht*͒K:A*7%1ym;y8QW/._[ #veD|ȡ:qO9>m!vZ,2 mI ~ d-j1 P+6$@0.?܅>lVN YnL}S͌mz/l̘]Z ?{[9M<丂U} ==Pnf3wki/eJwDː:y{_f%s2 b:4`:o޴zc5JHܥb%U>"g5ثX2p\ܛ ..8Pk^; W)/7z X1YΧQ{^\I6#'UQEw14}Q<VH#b IʆMlpHM s4.HmЬPt Z0^V9ЗcGT:_<|+'K1;Ebdox3.t>JzOyDC/+UTdЋ /}ihȰ)Q4S5vڎL#URIrpE:#ekT?kTYOPy){eY&Uz![Opz<*8| ۀ?ES]>:DYk,uvEXnWoZL:W%VF5|N9}U~|.o CrJT5V/~w a}xlG9P]au}^%ڽ;uԸUpZɦd ԡU QQ8n:p}b6~Ț@}%kRxdRnMH6c2-5*Ns>j׺5ЫdSJYB"Dheʒ2eX(<;0"\?alȓ}8VBuj 4!`Z8$E=0vN2F<<m ȟ8tº1,s fЩQEk /T#pj g& 2C2EFg<3X] P{MYGH³ЎtN6TwoV~`O PW{+HegCݏẄa^wZ7I5(bn6A-rLsNQ[z,mk4V :w%t`l>(f< MuVHR.ݒYIY/sbth/s5+FLVXdzdKY.Ǿs/X$V me*9z{uS}(ya8Vyfo Vz#BƃcKF3̕(K+n/!V!såerfT)^@PY/Y]YR=;yOO?7N  " C]ԫLv 3/qX&)oMˏ&4'd@SDM0$OFFsZW ԌPT",?e,`c3xmf#)pO>w;ؗ[e87#UPEM SDMa/YpfQj8;2 T`OGH͆PklmjBGv XbIx-0[BtDt-&ujɪu$ٓ8rWiP(o.bp8>kg&$1npv*v gg hO]esA5vHSc$[dg s4f-#xk`tPm[#M(T8_BjIzoa:Kv4a_˳8rUz%O}jl8Q /}vk>ab]a -Hޅh2$Ebot0m9!qU*~;kh״їC f9F+q#X|j{a 4zm t™,O[6Y.!fx7=ZM4O@jaTzSTD5)x@z{8G Ϙ  J=KKAQGPkÏ_zdkqɝn`݀ge%~> ޑM-z\wjhcV76z&6c6( FHʈI'nsZjkKAN(h<]e,O#ǫbc_t%.ӼgVV,$"bZPr04En#s0x|.azǾx3 mBև"szfHuӵ>EM/HĤ|muM3IӸؤ 6p;2K<,SW/ C"X W mGӤyt^q:i OR{ń1}L>NُѠB(MPenyn=6P)3E.Y,ˑP-8K.?/_46LO!a4t\Pe*KխO0WWkILIV cя;3iW| IT;K?6VuL>TAǴ6ihCqyMs*Q~c\ l9>O M=*dk?(b8<avN}j9[ei$}G6el8D#u|>*jeQ<?X9Q9]ّHW9M1YC"h$Y@[͍RF߿秾93a',V2L/w-y.וƝ36`o>`Q@ڋ\3-=Լo..ՇNsBϩ55ZS6GQWKtpJ7'g VKEar+g x>aCbKKB&5^eӟl}sϼhp2'C8qZ‹,j! ||zMbnC3#rPHyl gaxz~넯2Q+z[ӯ[~HI'i@5A7iRihtPhƭS تȳQ(rΧz$LCr= Etc}:$vC.݉f43{v' [ 0K{Cs)=lnp#^2$fЏ=ԏPyȭvo4=+1G9pSBZڀ>uUKL.&ްDJvN-LO?/s2A[es$Scc!U}ar1kn/E%k~LʃP?kof\<Nhy5G#;TQsI,A\uyD߃`ifguh.Oٴb!@ f~sHIPi+W첨W?k۴,r&ɷ q;vYCӿD`k]%7k`Sx kTL 盰箺m3UH|Cj$ pVfeSh9n\tcQCA0,oErf>idߞ8#Nh"b<Lpgj<}ki6pޭ T>5v#/а_3aˮ?'2nSPNk;WV{1bǁҫ mff&s5Ӎ<Q<^4 ֤}ƞ@ {f-ࣹ?~Ju`?"@3^ӝz "J|]Ûrd]YG_cԎgf֓jڅ~T!2p 'Ca;b|=EE tt(fEM%Rpsw %n3-|B!W#.}j)9?L,g!]DWq𜬎6b.'jtxݼ7{eŮio2wB>Y/YTjesQ hPV{$^#dK}#E[o3,,+'uKR+EYnQV_(JG4r :N[pr3u[׏ĉ*.ð`wo?S/4@w1OuI%ق`V( b/?ǖsDSFɘ\AJ+M$Jҁd*>:c;\>^8/c {<ϸBi!ՎZ9V?囹OMnn(T[=7t2-G6Ek έR>#qpTyV+ǣ(P;ΒDYGc9%N "gF!`L{iWfץ4oŖH茟tlu/ddg}jT;D}+zάߚ9lit¥9 #ǂ{+U 0&Rؾk<f?t(~4`ߵxX{F7]];k>8]O8VrԖ)כW춆&1QK]خzs˱~S%2֡W|hнŔKMr"[&]rTʌT-[$:i^^ d 0}FmA{bLTd-FwFR^mIhy)"> ֗{7o :Ju rAh#7uy 7,[`cuOp+?C}te4 H }|HdBĂ9뤬_m&tF3i]2;gytb#D:u8:}_R&!+HWw\rZf8N̰{e^Hy3ɕM .{"c~# yU{ هI~m=d0,eyx/P[C ՓgŃC`M3@zǍˆHoU_h{كZ%~+:RPzz hUIm[PәE)O9idnV}$u"Rh:,HԜbvr(lEhrJVI!A4P Lw˥1޷Ha]?@f~SV(eag4iΫh]gK8 H?$)Q,/D *h?`ɰRr׀d$ ;KϪ-Fp Ӽg 圎gEyof"BXx *$FEWOiT:y) t6Ԯǔ"DxA  )[ń,& k}<n_@V Gׁgm#LhG@.0)i{l< v\u'JW{Xjr!011ZHZ@)5啹wA6qDfC8]_-%eTd;THۇUf)d aW"2r^ $@vQgםVt!J/fd0~n$R Yh\%V&#ʞϝ74]mF ZxXq4eI}BҙJ2+6ɣ!ZaS6Yp5/pCںE_cnzԏh(ݕ^ + 2ْi[';#FJ}l\)9谩W+rs ,RlLJ#0. ъݲc&髨4mՔ&AHřAPAr볪T ߰E"U ɒ()}:9ά(GզWLj#p.t? M)oF&!٢6lTɉUdȯ g3ŪRvE}XU7 α)#Qn˳`uݳ:g,b|"; Muv31nmA 4޴"7UF}}%:!2ۅdpwU񖢑m[8ɗNslm-?Awa#ўBtxhHc2+Jj)x>T6)S xVvL.(Ŭr3 zcnc;Ό0h q?~NB#-@큃0U:u_lcx$7jw)Doȳ{Ɲ@[ esO(k8MHPm(TwxNOTLVl<=E*.N)T/V~FXe4n9 9,Zf(\ȕ:_H4Oa>jm{!@9f\R$Ut۹m:lFPՅ'*x$9[ 26nr`@ 휒f.uL,w8G9TDF1>o"\WTRMC#u|0`aiI/gP<qc am)W2B`o[0K5j&i1 f.2ε n,2wҰ7X]\ /LD 6;'M8aZwnIK'*th wtR7K坂[ Dx>; jVTu~("Nz~ G5E- m@`nBնN-4e?-bOՋ3X(/85-+ܰ_=NqX+w-5Yˁ߉U=f5R:Ev=2>Npzir[|m4v~8{jsz ]?xfw__)6!U^un)b|ĬItfU{%{5@?؀75Mo+i.Q8u@)6R#'x)y3>X48T}MU"!%pZ 0eDXm`u [^L%8MX)9`.mFOh70Ⱦhv5BP.m>853"Bp&d4B:Pf(=\o)$ 7pT7D8aP$#) \;4ZcRKk554fS^-H"b Gļ򅇒ЮowxCIfPzԉ4a#p ,/U1NdƋɞrmcT RĿhEX]3z\)Qc3Sq[w13O+!U1``a>_n+[a S|T嚬VF;Ƌ0 -&DKz]rh@,␤N߲,}%O.d7=2zFR-6 iHCì9Gg}W .7b<=Qkg"pζ$(Ų|~"͠Y "Bb: V/mS6?,~l8$253 G(;/0Lun8}-h\h /ŗ"T^Ͽ j[,Io 9 8Mc?V2$l€ۥG``y$L4]ӪVԈ -tƴs5+ՉR$ĥa=٘r߬J.:%eiERоwQ~|xɊ)֡{'s%U}xU4P;7@' Wz mV6(u8,=D´ 94]׃.MUVP2>q |tu'evRW2<ҴJ2 ǔ ʲZk$DlXm+4)?uݱ 6nb%vpb ~j#S J !D]Ʒ (N20pL©?0ߤQڔM[ ?4.ʱD֐кH*TTS Is@նfuLx , R?4F  JBCdJ9   ,[ [_1-夈AHK{P .d= >C*nH,罾9#G UDknT6gCiedն~Rp;{#;K@y߁+*@]U~qM1 :W]!닰9^ݨ- "VLe;C8i~ɢmz?9(NJޔMaQ~mfeb+ܿz*ZiÓ4].v"s)zNS7L=_Gn /_PA[niӪy)%op ֦ I"9WK\Eڛ=šw4 P=P0?Yuk/|t;h?l34')-Ví2T\C3C+{`vn\!EA#64!=!D3{CC[y0Ѥq k Rѹv p2C,Y@C?%̄Ox A'E)dK5`.>eIj̉0գR&5n _(Bb88_~WW- GQ0ܻȴIjUJQPz<[d , ӷj"O?@oH`g/+ Y U+M=ښ'P@&rtbJSХsLJG-oCMtoN, WjvX(`y\YJ0k@o,` Œ`~;|^9u_\F َRg9~.`;^RurDŽ! N lKsùSF~8KTRAh5d`an=%}nx {Y@ "b8Q\z3oI\qb% 5(@yq: 2|1"Dϧ4t|VRBP5HnM &N }|DyM^G!@shqǓZ ?Nb~$h}-}#9[d[8(ϳuuS(BZ{Z,MWE:8-^) w(z67lRܑ&"(I Tx|iRUm<$MF U+IT T٬1dk\YY=ợ`_âd*mёOAi'Pʋ30 Ϗ{~M+h<ukׇ?_q g`O.=^Фcn\D l{3pU4H dQ{u<@/h*a[J-?x^ >.lp?ҀHuoUeNw2M=f49.ah䓺- WXFM֚|I➢ LpْHxP3gKќCFZy`Զ 3 fl ~AjB&X 8 Ux 鐞nQkvpS7ӧȥfq6 )C)Xq )[h󛿭ll}WHu]X>'yRN]j}~9VA=vp o`E &Z#j}2#??Eu뾏 q\ D#ym5Xx:ցq.e6SLAη4Pר: EՌf :^Pc At%lGY,%SIJߞSbqΗPg " L$klK!ԝ'%T,yY OMνKq5\GQ30P(G[jGuZxF[՞B`U{v`kc s (@F$0a GaީR$!,MϩoiEfun+u%u R< w,6@,牴䊴"bF=d r,O`Ycs 8& XU23moLB1˫5968wފ@&cZE,u\S]C\SW~\ry˘ rgU^ PNף#ሿ! {y9ge'_߉^ "%Ͳ+)R2~30 ufe) 4e9űhm ť+: 9"\7홬ᵮ^j.FNӊb{Cb <^/5?!;׸K`QUpE縉k<Ǡe6P:'jj <'ɘ C?6G<-Y*1;ʻܜsmd Z'wY;uƈC 697ϼJF}!5ETLJ_AkhB,gǚ P4Jtpg_`bc55wbBt7 ghk粛Sx5frW҉utd)rP*O|~lՋtյ9O|WPpK7\(I+ (I6x0LeŸk@^W,ٯKbAE &#t('&lfhꁬd0aSc/ ]7F'յ`"F=v}TV#`"?Iy]5nJ5 \V6Kt.g^G/Eʱ 7lWVxk$8%~W`wko']VX)OnGL/JR/ 1tR<;P;Ul}`=XWՖփ.B% Pu.ў;f%e,n. D(rI 7dm/:[b4_CxMR"Riͮz8H{=eeU=ƺqm1ai3 tq &i+RbǙiI@PȒ应QSq\B)|CKP)g"r:G'٤fWDKmdegL!_7^lhMw5ܬU_QNU>g1U]'g* /K$2PECk,ScOXݛ~_C?or'x[yщsc@āaڅ|Y%d?4+_^0:CJZL' NěR³r reGEhg&O fy^ }Hl̴ܕ.,rMu S$ht b˨ۦ9C^"A=K5 BPqr\3$hh"M<-=~"[\ J wv/Pn<:+U~v&]49c-B'KѬ{;d.Jwo YW"eGmqGI|IuqkxAjŇeЋ4|(n%C(b³/>{JJ6-q_9OqI[ 'Jpttc` ֫&lqp8QHw0É)S֚-GQg}ڀ7 [9ԿFڮ_dZ43T:Xk97ؾ1YW7,!!b0p<z,:9r;nT3 T?;6q;'״tWQ±o*0I|Ip0;aJ Z2sOu!WEՠRjX{k{hG>&`vQOX|rM? _s=<[oGCؠj xn=k̓IHǚ}0 uλiPnj]e-LLe94O F%uVo Zk#۲G2ig)/LJbuBw!\%bFDMD~Y HZoHS$V,me>iPMhɒE k]m֦T՞.iR7 ㌫+k\*J@pC)ũSiK?l/m8.8kj01\/mē%Zw+RM#eīg$*0!h&J<]bRǷ(6Hn"zGVG#P;lo{;z֐r4#.2hJ LJP.wMq=ɬȜ)5-qUBM5y? œ{BOhxx3G3N'߁6uۘȸ}dG+Xl16/^RG }DŽE1yΊbLPvCȡ+]~E 1+V:7D2qz;dCoHհ3z):- S[y->^0mh =#@v_$ӟeiDV{C3:Ȉcګ\De7 1RܦR墒E/F88jVX%o Ww&9 j9>SNoLʯw,b'B/-I9aTk:PLGbOjhTW ŸrRiDW F̗/AA`gQTYf͑A%7S+.TPJV~f!SE! /].fki7n- mG^V,=ɓń$Ђh0_<q%"m ϟ y~YM9!J?mP6e.Ph8IҎRWߎH}~)L%ÚDt:+vǛ[J?Mf.1uj\E=BhHWu06QפwFrِ'& .fuoR. (7XMN x"#K]U"",_#'A3ڶJDʮ1#=9ӭzpeKc2.0qkK6|}Bz5 BTE+q4%~&bvf8cn!6"0{Vř6ou`/|#C=shk_+#f39l{kBC184 l`{_ly7E)S@p 4"cj~#k n0mU=M/`3m)poAXUFwM@h<ėg FfA<2yQ[O~&\4A2@Nk)'{> xEuu5OKv|,+-8|ٷ^JDlc0.Ia.2e/L H*$S5BO<([~u$P|tD!̨ "^1?W/jkU*: ye NSپl [qϑNٻOFC50!l;.ͱ}Zb`9#[7zˆ@Ȟ_jLVR "tK*cCAu0^m3! ~gMJ ߎg3A?x :AȨG8Z!|s+ζ=ʕc5=yFl;+G0@)%7$D_Ka,Ģiy˓`.U<ͱLQ:N v5)x+?'=*^ש끍\V8H", 144q# GW[m3jy&-iGWiTЂx3ޏ}UԔ&6 U!/58zYi=Ãqjb^XE? TQp6IW:?> 쉓$2G{;~KW9 ,jAO. 8ٰ6+JW;ٵ  ;qjhtaK\K`Myޯu @?J@! ֟S\ljZqݾ*m`WB}2يg@@di鹔 Z$3y+7.2@1{ m_jVφ3}+̢p7Y38%ܟi֮`_tǯc-N%d&4D7!pUMa槺sy oJ:Fg,8w4Nxn0{))5v9-LݽzFg |U51i_ɼW OtꋠZ+Dmt cUm`B90qGd {74jd Z)1,7gW5U~Vf`WaJyC_`m enf(q4aGif_Q%@1xn1LcOWzJ;&EC[ \4yFb01P݊a:vH/?q<1:-\qH{;;wdT _S-AԂLzCʌ"hع.7F䈭nԏݢH79[`>w.>4U7+͏VUI 5RB=#}j@8X orU5sGlD}OYp0u3o:Io@7c ɻބ-€̽ʛp*]͊_OdeGєPKYKƹV` Zg3%մM:1:$P<DuePj _sKЏS/sFޏwL_tJNo/PY}<-~>M)OSrl Wi!D\~k2"=䓃RKy"C sBU q*?v1Qbo[( ;'Q7@x.-{IOC0mޅE*ih3BOXn"yVH l{.@"WfrCĭQ ;n]-66MĠr؍X z}OR`(>Cq|-_ m{w#hE N1*8^\*Q &3GLXL /"j@//PX(H/ЮA*o ,3PBSb?P~Zhu }<0"H25elX)o ڦ_QZZ@e.k4\f$@Np,ve_H2ul?J5ҧ~MZuxy9{;Eu @GjPaGȿz ʽ5ΗF@-eK YQ;,ywfWb_) #տzcP݊F8O3~*em}Dޞҝh.^i95՞o#3ɚS#IfDH0Bv2wӵza< p1oX?a4sϭ`!VѤTnUbr-~GXGKVr㰢x8~7h6Xմ\n &C/O -tadq٩ 6x,-m_ssU/GݹǞ\hzQm\TJ=I"<!Jk͎oExh5e Jr==ײ,h0;,_~VtgjTR䫮}mlm$IģwLf&[Aγ' ZsX)]U͚Q,{ubCƷ*`7={LkZ*`}:;stcu,UjjqB7P &}(Gڻޖ9Oe2m%; -I"~e"yەe^)u0PnFC7&1| Bcis^8޲f}5Q7JW ?#aAZvlt I"!K }X[NJ>bOL7saj4v$!bK~.& $2iTC_ cn!)#`H/3UTj ڽ(n /i;BP1曗#9vH`h{}LՊkxa]ci_^w=U7P//aظU*mb跰гcm6SvLrzgBZQ*=_Wub2_ ,BieQ-O Z# a-𜹈wSly.~d&h']Kbp?hϸPDB;{A V# " `-h`\Xඊgnt2zCe=u7'i\Q9LLC^in*8.;=$@!#nbHr$؄1L@gp'vLkX2F- :4vdУv )vQ:}p|퉋r#Al6J_C ۚÐSpxª`8ҴfIuF>\yHVx##:5 -x c#kuG~ĕX>|tz=T4ي}# }u}ҽ,Cx~+&03fvD24DM+^>y 3b20n@O8٫6MNp2vk 7@m_ސ VDNme;KelɔI[ih@:仃w$U4,Oe M؏QY]93>D/^d9(6'G.6ڿo4̻*E/oc׫qdO nP8Jo,e;xdzĉ LFm[!1"  4 >@v23EOg/O^1 J -6)QC|wD+?n ;=)0/B&ekUXB6]ɿbjYP,kg1Wx8g_"M`]O'$'T.[ds{͇׽F2[&))\!K51 MsEp*pJp^梪wAN Lgb$/쩖h VvZeSޑS!(f7>ʄD_ͼ3ø5ka؉vo*7M@}8ާX$g{iMX۱ }gk3\c 7 A+ح|TK4ENtB5YmlŠ,!f Nm*rgKCӿȑ̻Phi*S0eh{ޮOð|fTo6Իy^1X;t~̥/\-;fdQ7b+v]7:~J"v D<3(~gUWjH"-:Cnr㽻tdLz]0֣) oEu3 E !2Y@毻z ;X]ƥh)6Ն2;F'p/}k2M)߬ t˕#P]x-كP~[]r!Kb iCLGָ:˿l3jfW!y"j"3a|B+R9x[F-o,xK( 8ܖ2xl[}"\||9beY "RcaQ(d+"dQ{e]6w&q8 1Cd)ĵME`GdOܴ-=s-X,IaȮGyJ5W~H c|'v]CQ7ef6,Afuچ%Ɵmp6"ecN5kr!`٦0i*f2p{ R CU=m?Ӳֵ (j pEO_{6֩I 9{P'djyL3' |O,#tΞN;%.xk-nۮE72Abrདྷ\z:ҰO/{XC.1F<31~[kdC/kLdc"7&gKɗtH [[xϐe7E>K/]*OObcy!%pQr`UA]DX:huT y%;6Q9eNO\*ym ՙʶ1Q%^~ FҰ^xp-$Xe\x[1(Â%GWBtAοQBSBht$UJ9eeC_ǩKjUbz4\y\3OBˤuС5' ëU H]t,)t[Hnk(,)D3Gh Ƀbr69@2o&c۩X 12ˈ&cI}Wޒ3]Igm AP27kqպRwXc4Y\|ZCa4}7@5&08NaMS/SQs et &3 Iy/.[+aw57W- SЅG=z9 "O>7 n' bI5ubikĝK9 Gn'p \>n&Q6%8|XtM#Gq~,>|j]Jnk$3 l"i -JէLWD yJeɬEh CkUMXDijJ,NH&>hc$@y}4;+b*q[ N(3 >}ψ:A Hퟮ%L KٚY>*)EacFp#S^#M%/c #ޅ΀o GBdlu\Qܲ1WÜmrEL(oo-[[`B%<}?wx^h0mt> C#;wr} g*͏N- XSs?^2G6BFC矅oĘ#pN,LV!aRCkS+zn5X}1-QU8[mJţ3IRA償^, kO]24sXUJ(ֽo鋲*QNi2(ؐٔ+7_Y:bn݈=L;#.[9<5OHӱg +Lwy7.ޢ-x?v hl_wRQS(H׏yxWaiFP:TZuCso~+vMve߿ F¯͖BiAupJ9xK{r!i?buaᰃXח=G[QOT{*`VIt@^(8"(j_W`^1M*ύ:Mc~r6 ;i]!?C6]Wp]ǖ^V #˧G q}=p-*uzϧZχdbrYSl&?8C}j-8}2U.GsWTvzbVgؽ:xp٤.p-%rKăWB%d D`>}MFpu *Q >ӎ %=X˟r'Z7 UCD.JFk2 eiƲ} {vQC mRAYUVB`Z9hٶ,`OAxT'zG**Ji#[ZEJ,]=_.߽rq)U1)ugZFjnMe~-u P[B }}OL!G=+B,N_sOyL,3ڽP?=L WY`*12ft~K0R}n͞opGk]㬦R$#rYϘϔ!\_?M AlͰCltӚ~VT^ WJP*-@E𬌜&ʋB 9Q (CqpPnH;jhr=aܴ-3-]_,QmW7^>2 uaI#펈֊ Etzla FU BTBJg1eN'eE>/.i'%(輆"9ZCGF`\\ r[V _z2Hk5dzvr~{X0H?]7^I- "%6WtU8|K_R/%St sk3/cJYZ:;AfȠFw@Ajߓxe6q~cmB,ei^B!ɢ筌6I q|׿N?B+r`yU-`ҏQ6_V/Az8_қ:ӛ%ЭMOvNۄw~]Ёd9[g Q\܎J&iYޏ ˀDujG"kMt@Z*~s(h_;qp{1BЇ8>$U }F: WonaS7=oc#eĞI&4 ٣^ ~\?#ՠq{wM?'w{ Bd<]sq˛$-1,]C]o{k<:JD&i#'\|4 Gpx)#8 e2{u>-<ie ۙ;'sd~W5pӗCdؔ{c=4Ȁr3+KQ:N W^RV:tN7qx?ljE5az6֞w:=[Z$읎DOzz;T;S& Rw"8)Lv&m%Tc:CϿD{] iPC%v`xAx AWv͹ =9H'BL/KSM9Me5W-$9ng:Wh|*o*pTu6۝9/ Xڠ]piKj%g^wսtQ ĉʰ6bw;oNibLv}dќ]MTwJ׹7*}#&zg$e&+~++2nѵۉLۯyRP~ ΨƂds^nuKMs[/_lHY̴O~viN wQ|h%`( ^BH*GWSv% RQp_ybc@+SeNre\n1=R-ö(]V̨QbAcB$Ln&Yb ><{ÕO1 ۚ_Z*lC&lOZʃh.uÒwe&H}M!17DzRlx %V2o윇|:R#60-ܓ<#_Fn7(bXqv_)o6?N3,G+Xdq6wnFsw' W(0:Y}?u|fW&*PfU|![]1Lkw/⠞A]?A;նQ.ʐLsa~s nJn-o؁>쟌+fzҎSSXfVI$ۇR%z3&trkuW蟑jR#o {y[*x(A;bZ$%)2h0qnՌn%PbTYڒLLaߟ/0fף'uÚHQтLm1kyиK%dIxp6P=ne16W&c'#{I5N,98g3a% UMYO*k᫞#kHc_Ui;kնvfF`GoGUKʟny8i*$O{TDlC"pv8<[ү/J=53@qS>0l^nCn6A;! t go[H(%)AA +IH7ˆJ>nJIK~l=,Qzaʼ:PC]̫Ky1ppWzꟗ' klگ&Ͽul\c$ڱ> [acO)//}8@/m [B_dv#AmyMCwV>`Iji+Eiw*(}dID w" SbՋg=ZDcIxSYR$:-;`R$ϤnfKd l"čgL$ʇ9n;Fi?;\h*iU\cz ] U~Sշh! a?H|Z 2 X%oށ0k^G@4ŗK<` yiLKu 3j&{`%0c^I,@rQLS]R0e&ZFf:ˆ%R_};} f;Y/W aA0|etbGS\mbJ/ŨX9n^W4s$$Ӹt#1 J=qq^S5lHlh!eopMA>P %m.'X#FD[wJ)Gj!kCp'иcPm˟iq"qQUP+c1 `~\"!+CK[.rq3vYCr'Le: t 9c+4^Dh빳T#u.qj^XEh[%ΦipzPbmb,.^= u9qOϊ ^hˌw"~=nZ`II?-b0Y78ݑe^ %l}KciZ^r:~o>/Bܢ̈́vcG6ff/gwsc_jSnRgz)/2=B+ˢ!,NQB!YpCW΀}8hRo.  8;! 0"9w+<$N 0t/(]Q nw1}3l7Vi222j@ ]>b,ui84S_J<oq=g8(Y9-dq}ƭKQwNIwpB6^+ykUZjV: x,dy rs{IA6jmSK$%s5 Q `33L~N Jgڠ~fY*8H⽟` K-;ɦ\қ')&* OdE{5Yttf@nl'`wg嫻]*P%9HIx8WljYrJ-FN.}¦=F]*Fbl(U~N=a*6&y 3Duhe4{~%+k+(mY)׈`9/O_^0bff#q&4-B|K}H9+&6X܈s'Ktx5gC&Id:_@޷4Ek A54z\P$`2-o=ԝM`uCMʼn*F8&vvn)fuTs\2?Ή}ꚞ-#db|@ ϹmtCk*x:+ * F(~7F#0TZ]ƣNLo6Tj(*0O# { a`Tz3.nN" l]o/FZI@&|I0s|:O}j'HΖM XP'}C.e `ڛeTP'E˳>GaMIBݜ-$)7MM7J~Z=qkj)CJa%p}+ʨz|I+zExLCjȱ!=gOckwz+/T[cʁȘV Gx| jn p#$aL[!|$'=]]M԰rkx>?۵Dﱿ94i؂ X ARsh?䷠au 2)d st1rHQ[cɵz1m `5gT= J& _DJid%h`;#&䒆Uϔuw<1l+]ۅfMHB_B$R n_\KP )I h#vGk&D ^L2җ{+t;V;+xt j7 ^-N-`4m# nɩ Ә>[H̗S㮴bN*{]DV<ȟEqkuaIF(1B.J=ˉ.q|Ư1f_թYpB3u!]5{L !(ܵT@cP5&X +Ae6 k-L}[cwk'Scߘ:|()[ ;-.$ѥA_XW|)1Mf$WGOY5.. 5r.u0_ ?$@"u'5ˠy[|>W@ -ܙAS15|,*#:V5. -n)/m^( %=q8p@:?a_C[|ɛRHR"PU䂧 :7QC݁X)@Rv%꭭Je u8UIi-0ڱ|lQ)Sy,X.RD=,6M*bjSJ= { ):s"5-Щ,ڄ6RE<3nIKk,^xY㕈q:cN^(qCufVqv[^X!lhn%Z 3?U2 T`iS,Ӏ@l4 eY.ml\{ix0GjCO=Wʯ:u i+ f6w o#ҹ UX/ UE9 @;PT1zڶO@ؙh.uecN@S@؟ D"G3{ż EHr k+9FO|>}W9edT0LN`.).p98Re軟gl"H.f X驧ec:^yhcEDu!41ސKDɬ3\I5՚r0Eܲll2~)UCf 9$TTw!}τD_-ȓiA1^REO{o6qU[s.~vƑ ># ?%LŞSclt dIKLZSSY+\Se/!UV7-lҏm/z5h|9QU%ӀX0`"ɰ9֓f1a{rT%`%Z;]>K2RLC|U?T^TjnMr闍l`t"^+6;Wڳz1sa~]v!.ͮ=.^ ! ά/Ž(ڕ$oYBi=r{ HGĦO2Qr^9 D Sw΄+/uPlONFgC i {&ԏt,#:P~3YP[lO#dlոqǎ("3ϻj}h_iUanPZiG@ chNP~W,[ӁH-Uopv s勅CHX"B=Q(fؼ]_h`z6luU>N.ccKAhUj Pl~ GvJ}-]!BM5{MW; =QCw=ӴҸU5,xܗFО-RҌeuaZܦ̈2UH晻 yZδ&xLU ';xśY:~}[2#͠urSWvk>(>1ڣXgW8I 5@λCzM* 8eT!cwe;lL OR{3{ׅCU'[d++28%]ٵMoCӄ[,k6f\F3(OV(`OS& SrjSM;ԣh"L_/*A,zЍHg:HUƟq!naOY~!)3MH\'#&)w瓡{85EbPTXp~w"T?A>P]UfƶQE s^w+To8yaZ%{U&F5Vm)hmWޤѭ \}J?nOqMy1@|װ@= >ca:#,|[K?hm!wX͐8.5Y(˳7^lk x H-{u! ~1*i<שY1|wqyL+ 0$uI8eAY:)86\V I\maN`pN HftGH ,Vb ΢!wj.oyen;,Vv~ `w3= &!KKl{JѥqTy2c͊44)q[27(9EOT0p='ZB7Kk;W{䳐&d71N-E/:i_m&}\@4e~3[} Z8 0lC8_*yhʫ42cJ@)b ^+\p3ZwB~pnbˮ #XYҌ@9!Q^Li!k=p|\KeF-|YN3yRk\$.`Z wR>.XŕtP4 H;MJ̕T㧸anif=M0W 4 0MI.)Hllxpͩ4BVYglbD_ل@Fp_t57zT#û0]*} 9ŚD vd&5ĹlOȍ2tQ'SQj)U9 CW9ol,ǡ6}ÿv]4 uq?MKF3ʑU} ]wMÉoԍH 0f̫n䃨͇[ KR](3 {HKshf jJrf{C*^ ˒Hd $ėE~xQnY5 jdb|6 vcuoE[fxs6V/\.pF?OK*ɘ *~s8[Z~l*B?\sW*7KbV_.GZ3S++ʮ-%z@8? 'f3pliDpEmAB wxAA-8-~˚y#A[ykFxFm2![n0vSW(O"#w *2Pǽ/" r6En|PKTr糝!Lu7ItaӞz)5Z}E-[)_Bxeebm@eլ5Me1V>^d#]Vd.⻝":B]6񜢸,^5@ِ3#9XGiY/ tY1?ÎMIpA vc,=6[ͪ\h 0}w4Sc?OsY"Ѱ!.qN,D9cucRC7xN9[l u˽R-.Ns)g_B3Ookw-J1iN5.7:z#hyO vN&Hq/B$qim6h!-U->к_J[R=pn)H ~ų'1Qw7뭮p$'(fL9?.bAk2.2+J/.wr-*i>B[2V瀭W 'ע.31Ed5%JJtPyleȍ`#C=%Q3ϲ0`YeY:ن˪$w/!Il *e۶ȵPj wS>w%fB&z6\jwJ#f36ZalN0C=P[Q#CXK+/s\kEDSNT O+Zk+-_8BBM&0CY%?d~nI7t'bCCF~SujA^%*i4̴`%ւJF~LQmbձW/FBO2ѮڛN w1]C^*sٛ?a].EH"p*gw8YOBp[˦8\X0znŘhU=|!ִ r&ZC$֟+5^5mA" sjh NKi?Lc0&ᜨA{g_q߽6qݬ$Z(wpJnfˆW7S~WBO.fE  \]iH"DZcsR5>M:x.Wҗo8>cZcYSDwU[yVG}جIǘ>ӫvުϸ8&p,C}@3v]w#7 i3  R` RĒx=>٭C8H3JՑ/?cGȜ^-̋m iّEk_޷Q&hyY$wvڡQҠl83*[w^N QUQenTOݦG C]6%'O$z4&0[CO;5f":y97 "' ?DeڈӛfljPXqj1, MM/RTڽt27O%:15nK*v(,.@%Bوc0 F(Di:N*T*lK ˒[d\w^Az};Ƽ0 UNE{Ds9٫xּ\>]*Q|12LgX#I_'oxVFjEL@;vߋԽTmY{9^[B|c޳!ؤ?1qX*g&5rFq:Jn#L}PƷvBŸ`^-WvQa7(WUV+Ey _ep(9Yjf7$6E 5ã>)+S=~yb z+ʛ\ďAb܂~{QҖs,tqx%Kv`1Xl~Ibӊ;n0Qbg؞cl{!C>3q=? O@"EcxG)W;of¼@w5uXBuPYerw9x`iHd-[xi:S#L,YEv[ĩMFo;0 yA&^mQHt%At:7$|hy㝑Pd!< ;(ֵ۵$l"HjF3Krz|拾i".fԵxu_K:qzZ-ȴb^}\2 ^n{,:+$fd6mQ>GEL/x8# ᰌP5? b2 NT"F[<7{@3htF| x1ktVA㍫b}u=ONarie)ij^j"K6paFO㏖"`UX譗)yڛ}hOζqN5 kyGV`:OGG *tPΦ{U=ü ii cI񀉢8v rfF.e?}rURt>Dws1V5&)]kG@D6<=ٶ ;_þͰ._sϋv]<#c>SKF<s,i+ #Z)<.ʦG>͑hgQXOͭ͢8F ]]p ~F6:D)UK5VA RԜ$F7ԦƸu,hN\@'7sد0sV` Q2px9IsZ]Â4q-xXYR$r.|:o fsmMsoɩP`hȀ.,kir]%g9ӽןlx𗯵0#,TĴ-%l(%G~YJ%*bS:G骊yjCCڬ⹳^xT5FY3{)pB`&F oec8X.yrxFEAz%R;ԫ=ź2im l5)n\4а}!{ԦVa €ƿ_kA..8E܀{a#WTkᖎ jU^PNW!7   iMm^*v 1TcjD_ ލV2O$=cduV4)URb_)(4s] ; {ij,h᮹CMTο_]XB׍:9[Phpܓ=&)zL>{IVnSd8蹜Hl@.S/:%(<9k&;[Na&xWۍ]h0\ a#*mdԜu*AЛ)Rnܴm۠M DDaD_+g(fzQ l!Z.eC| \]6p~nn<Ԯ4v؊rj$tc*eɓ7MFi7q ?!ƛUu ve}6HvwtvkpSeX.pLua6Y;s3-8'[B+b#'XG| 5NSL阻dF<_C?WP:ᱧx %NX` zjF?Rh<}#ֈ:iy}o_Tp Nv0dvQjO,(ΞtaJaTNM阽L(ߵȂTecm,<_<O \d 6&|J>xR~^7 u#oO@ǽk͆ZVrsNif?#Fr2Ӽ+mjzJhl %Φ+dHl_m9|LUpb PO1jkۃFYSVۀ3 p͡*^$DuL*,Pd٭pW!b]#L*WsJ%Dry ) ;jE yq\!.k:@^/ANJQ{wܖ9t['KXɸFg-SԼK%b>*bn}`}<%EJ̷. |xp, /  Jl'f\r+gVlk0 -}[* oi($+ rցlz/KtwIgb P/''tWDmVS+,IM$CE ;>kq;oL>!G7XCYdd6iP ~< _2=~XW >''#V;ճ`h3ay_ftSq5`yeZzI?ʐ$hˆ;8˔ eOGSفo*n<\neb;3A<g86l;ݹ~6c<Fmv7~DKɲ|%;7kꃆBjMn!"$}э9*%?sg\Ѡ#_xեM}B*3(c`8k] c| 6v_xC|ŝ# K.0),o;}.= 2(}ǒIhP+lnWwRNƗw C+ :$dLӃY DuMy"87fb/RP٧<u0nGtZX,kg3b,,ERPJLqKydp;qbسRGGgHa/zz;aEECѿ?Q^Ѡv_Qk]Y8JZhI_@`*ƜMxvwzC3_//cPpcj/|b,  ς]8oVL|[Oʼn֛DbjJ|jsW~ԻGq\IZ`M F6x\"*`k(#^SH)R*S2Da`S?) x+V;!+[JwHkJaow>Ѡ%Jy '|y8p[.*0%L抳%9"M31*%]^6'O;a_٤Ti-,,zP_ |У-n`ѐ^Hu}V ^熜<.A@. ޔ^QՍ-DžD5$m ^yXF~:B\G׬k L#USqR\I+B.psVgހD#]/qe ]eK]D7`+1O}dyY)^[]9{u.x\xK+hUol= u3P`#<.Lt>hN~%lnh 7q!lR;Wd2Y㫏ǤHw#eN*L # 햜{X^a)(Ap"*O peɳ,=3+/fbiEhfMKl&>79/ 沄zwnfhN ũzًH@Hc3X>C @QYsf4S1D4Ix.sv[~8eޓű Xjl91Bߜ  += ) `H9G_|Γ/VP\0D8ً[uvDr 3_ &è |йTͦRgaZL7DViE"jLwC B fFmdI~P^WH@( ؆ꈊu0Z T,B'gECMa_j/·E. ͐kU(KG*1_kNu% *"KE 3>NLDgppJZoMwULC#^H)"*YvͨxoHU=KR'Ƕ_mvZ*3|%]>pH|'h;RFܠ*1*7u$s^9DI+b p6CO5/v8ޗg,&[hw܅&66Be[[X8{_<0' Rs+ Jz`_HlУ 2K4,nk÷K2 ]ă_͛ yM[D"RYTN{YQˢtoNܙ_ X$d4 M<5l}JY>z4%lji?WIA@ykeqLC>MfzZY^Gw"ó~A>HW6- 5a3L?rی)̻]ͼQg"&:qRy*PG OJPlwiጽq\KNd-WGBP(5f K`X=Q<!-*l<4{MG.]hHKKT뎟.nhYh;q1B;V:-52IPYZ(g 4TzZLK_?AlnY߽Hۛ|վ@?7z.D}8]T@@TO,Z9/=q*dE:L3_,6\E9HR= zw ^ǂBۮW@:BDBFeŨЎffeIkj_JTx<#S dlS>lVENYɬrE<"& JፕlKXr<]`ͷ8UܷYG^RckѓE۰8<-ʢОauBi|Zͤw% u6 i37 jd| o[eGT3uP֟=Q@CGnIHԈ›Ʈ;z.f/*,!K7a ˺lY+P M2Yo(PmbvI2$:bcm"dgbh7龆p{d;^$ÞGuZr9P;C(x͙R=>=(OY2V=M#slhpapĊ0SF WAɘ p /Ѝ"}$y5Eɤu|PH.YYffou?H z\'rg蛟krYv8˷W-M5aX4 Rt+ьbI%8URB!Sܔ8o=O`-9eKg"fB-h7Q0hF-f$ݨp8F(->6dص\cPQnR\Q,tTJ./jT`AH7BL9pdZTS ;&SԽJY'"e¼CADS2$XNZ⾷p>%z8ST&Z&xV@ }^*Hl2[̃pu[wX[F-_apw)ɚyƮؒÑ0̏(`ͭ'+2ڱR ysW@~O2bʉS[3EHлd7Ϧ^U$Hie^E2drvP8 Ix<b#9.ۆl /uZ߯'"h"'ן F9"zw'pB_^KXL7cܹIM~'$J2vSIZ_eJ@D4 E&)1 V;zC%g^qjѾF-ͲoAI jR1c)(t4e+U,,= 9'm8 .zõ^Xu0XG3@ ;y}?ƙZ_bN 9c4uBǕJހsSp~Ӊm ¦5(AFj㤑|"Gl@o@3=6x;6Z[̿LP'~bb9o=AoS҃fGOkO# A.Θ.VG-g;Tܯɠ<"*pR( ĝ |@+>Ud]Dd+4±uגrjwk\\|F|@P oDr ?{!Tr LxW;갯3*5"+  }R:M/`OiܣD(i<#btJx2iVpwT0p^ŅͲX:P@Véz ?:*cI.HELiů,5")cݛ( ?E&mRӚA˗yWҖUo)`mxPF &71jkK,dz vR;"T0noK8>l9 [ጀ0K1bD:\PznDk%W)aCU'4l\JyfEEeqpOU #@ &2&/FI"=@7[dwKoݸwfV{gl6΁ %&&O&򭜷 L/#&LFb殡oBBv 8bNRɬA0l L U,zvTW~'x䍴,Mg 2]M|^Ff>( e כfL1<.h+V ;+78>هv k憵ENOkpvTRڏ~/k;gZOevIRQ~uZg}&<_~H@k9mY6GK,]lQsW0s~:w% p|;V# a]}M}lX';ƨ2cSZ<h5E_lE/+u?Cav&|<-[0? ~E!P6q]F~:%[ \^]do'/Mi-ny6Q`RwtsP[ͽqkOtbҦyI0o8vIJdZH@.BC k֡\&dREV_KqY@ξR9;`+ O≏O@~zICYtNP/~9)=(>a#W p Lfs;5F{igke("(ΆcFHk =ª%pVIZ#]ГEաQN$;<vvb3`kq >*ߜ~iP/7t;h}Zfqч}+)4}4}Ԋ oDF]?l6(!UQ3#DjLb͔<KO#8wD\fġu l{M>Ԣ" xrnnUB$IB^8>IwRvO/%P4j85Zba\iAjbNhɊ JZ># =V Q'\} ~ǗI}d~ ӳ|,_/j#4h"[$â[t ˷m%Hmv٦ҋ:,Km(ۛcQg7ٕ }d3\N\`6l!$O4/7;rтOÓ0U)j\MIY1i1RZ$N 5dx`R%4Ύ?&:3 kĭLCѱ cвdv@MM9UBs80 wQ=OHE30O]XzP3ږ@JZt X[aH0=Jgȝ=&'n;$n6PN=EC&%9B^NaevIJSɸj8m_\ l[iԼ)0 ilD=^:!dBuuUO6~Ϫ;bs!]"-rg4uW׀5ɩ.,eu]ؖv7*~i{y\޽ Oe+fZAk[WJ[8M˭Oa0'G@ 6-C^Z2XX6̕K,D/Wi|Eb[q$gsKG jt NOcmb. JKcy)O=gMzʺŵWE(Sa b u}.@ToauחHz<2V"4+bm@=/]q +Q=RY^΍iƲms'%[_L٥ޏ{DXʢ!awS7Znh?(7)gIPqh a՜|ZrZs|*Wr^dN!B|˼V)T"t[GRprit)dA{:vM nЮܯ`pC{;FDBd{;hBn_F> c⊛?!1zNNQgx[o25W. h@dQk јDtGWέ؇Ҧu.sZ;QWu74~"ߛ4Om]g&oJ@| ގN?iuʲYKĵԇ->oẄNbw iiRM?}!v9s[ ɴka5W9K̫Q Rry0Q#m{&h<-T4L0ėg{Ihj~r"br=O{ r|mӪ\ {8BL}Me׃!4nbh QCkG$Ʀ_KQo .,A iN]UDX6Jl{Z`3n? s[8MQQ,8`qbWZ_2ͥq71=Tƨ{An FZ^ z$*h4HmPsr3=U'iv1lQ!qD@~'HZ+ԋx/Y&m 7ֵ7|L㟞(eAG+tRkhLPXgAj_Z W{ۑѪ[ط"b"} 6~+z>"oӐoJBeAɅ){; EYɮ\ nytBK:@%T/WV*뵂Nch 8M߂'98dL#a2:mccvCP=5Y?KQ^}jE ;oHm nޜeZ+1њtĮeSKg|@!6"W3,:Ԓ_ >H>VS!T&#NƧR)5aj)a-$1zԩЖcP[2"+:){ ưU_MSo'D,Mz1PIqɽNe#L*_qHUHc" ]ES6.Kr>$ؤv8ڑw䱼!Ӂoὧ-s;^c1g]'aZ43K<̿C{*і;Xdu+yȼ˺6~D\Y Vfq9tm/ 8v"Ĥ-tߜwTkVm܉O!~54sA~-<<`RhP/eWGO׶lü פC!7 =Zivyp-Ti}GI!=(+@YEe:ݠ^+L蓵k?X c\MKI箌ޒ, )2c)YXܔ .3nba?5^ y:&9Y:am'Db0!j+PEݾ06DVt͟b >RBۣix>w ZBC dD',_b 6Ӭ]tV?dJXB뵍24']}[jmGrRj -mik&YWkB}]tGo~*?lwxڢ|ӀIGƿ圿2xm2gj]wcuFz}T\8%10`]/PljSN"a!P@* zz y[KAKqSUrjaHWЁ#_6|WW=!s+"CqQLߚ S5Yܑ*ʺ>p߹yXjN\)(5 M =>(~ᰊvf-=-|RBUɉU^蠭9(yݍ!?94.Tc2k^P>&#? 9RP 7^^'Z%34%\vXXd^ž9$4K`m_or#;u2ƙ@¥}\W].80 V|NFO-0 EO\Ld-p=ڝ(bΒGvAoVxbllD>RrMK73jq['ےSA*죍{@Х)Ik ```rr.GmBhVUQ%uQ'M+CQHrhbx7_ K $"~ h%!wW5L*#G-MMwmGO~r})rB(:"]_Kmp[ } 9?T)J,z]2My7B F%6BW# n ,Vvb͎m(Pȳ1|-i0$' |XܞC?;/9^\%2Qۃ6 CsDw+k>Iy =BJ,HrP̣#&lKb@%-yDzΞ`w fRE{v>6D)[,tni O7oDQ{g, %VjD 7gRrcnWm+Ĺj `;]؄gF9S&'֒\Lhb]Ks8.@},0p$ʆ]BGt.9.],M[F[&ȷxketwh.mh'A=w(3iz e+6M[(F1ŏ'u6/AGT3˶b`DN,gB/8M <1)Lc#0(W jdrl&™_7N|W5y3zZBu`y((|=ԁP*i@aN >9G|!0 xWɯr4x-!8Y_ uÁ93s |&.T•gfCܩ18eż~'g#RrfKeנ",cҼAA T6@$_ͫChWGpEo >~f [V!yoFXw0MGsѼ&;0:t  j ᡮvxaۍ2e1G`}P |ZFeϓ^2&FEx&E|\˜gNYFgCݨh U$r_wGo>&LO fkG曺ƃ&^^fPD2mXe9'33wɔ/iCj 5=jOt yx+jYߞCQ ~{`qF{?e;s֝ uNcŨů5wݺ %Qc?[Fy+xKꖓ{ Hh۰$"LlrRQGS󇻩 D{MdWĜwFwIzD J!"GG2}H%p+$̤hڭԗUޠ<B6:ք T֩ 8H6MͲs¼*DrA_>ͮ.<ֱAHBr0Uk 0}h^O& q$D/yH "T /ߖ.tbl_@P 5*Z Ơ.ĬKy1Q\ $mE\1MḹkYo]F[o ]-f9g'.>ٚ?<'#Ҡ8{!q_1Fv̌:ceg@ڠuDW~Ӓ>E)NAxMR0nKPXKpC{xFb{LcAK yߨYX;.!R}v7D1OzF?&)W(>=̌Wt I!` $ښwwĶ"^m/ppsX - fK,eW3@!)6y Ñ|!u,C$"52cz "66}6)Zrk }MCC czWx8n馰A})?0A1b6;Yw7 Ć䋄 UBN`{w8 NDg3+†+/:.,OOIN}2}z%`@l4Ne8<;/eZs1Ļ)@ؤAĄ"GQuM V;8s5nAY=^Dhjd0S0o4|zn feN}Pv\PQa#wvD%r"9ѧ'R{lW>ہK_.\"[!Z$ejհE35<}X* ϰЌd[F[Ղ/͙>+S-u#B7e9o(PyF!O=g"2KK;f㬨2}V N%rسߪ{F.W;Al~#BB*tFj&0ĭɲ+N.-sV#1qMźƨ[%*h_Tߘ.aH]S翻??݅dS⎋l]zgoì8]J qҥvI^KwezNU-b4 %Cap_χW[m Jo'̴ҿH|%Ik bge5F_O qXG 88O&*ȼA;CU $}ȭEX%לMLΤd#ӐQa'/Xzq(*yvUG|N9kylS2AM_dPEȢ){b_ ^D/A6o`758r졃ٓdw[x 6 srඦ?7羭a/r<9G Eׁ3'cCgI D_! &shU0.D@/%0׼eV ւ6OU꣯)ѣ׷nA߅-@!њjc~M5A-C`1ɴlO;f:D/>%(vV0?:b]aB#;}19>SIG!f >y -n 1.jA/{=5`>ڟ)Rz3wNdWc*,ݚzݹsZnz\ y. HAXk:]oz&taA>eD;cPpy$ykayԚչoL@sO|3Sϼg &.\rpx A_-xP]lϵͻmIDf"Ҧ%{6kƬ^3@0#SeQez~WRSyſ!4}8pcK3%wfζ؅*i 'ZY) f6:mшq:AmYg\-%a J:A4icssNtm|Di&"8vVgW`~e|h 6؊HU'f$? P :j/Rv}kѡGePZAy$ͪ#0$aAX?!fg8;TDrs}9@[0On /ojA &hyH;w*hhKg0n\i ]i`-`]~b){#zDWMl:p Hkt%f*Ѝ .f0IЇ 㾐b~grsBﲎɦ={RgT>MzJ4b؈(. U{RfjB\F b"a]"ΜMh㧈Pfޤwh05Lѫs/'} t2"XAArug.dYm?(%92!LfBW!Jit"l(~4b\ם}&1APmG6 Uk 62΋̇(ڜpfx(nAX`OD,(z;("CITw{`-# cZ?6GиI_a]%MT|{);.bq3k#q拤|؛țx/``<)){=5Ό)ex؁#T\[!hqxg&Ox9.uCqpg ϤcdYrZLmd\h%?61vU2:Ocofajd3꛷5Yɕ~= "xR$hF{.Pf@)}e1Fe^ \׽/L=\*Y%cƦIo{)R8^F4E z˧ ROqsܺ~Z9E\ᣪ1J>ԇ !F jyy;Ԫ~v-'*АCvW$WT浸Gv-hkJ t,X7- ݅bcX$fK@s1A}gRיsTq){LW{\>TQ- Htċy&&_iN^9ލԎ3n!<^'H rQUcԼ`Cv)棺J &^J1$gEO2O{h?F(x*A!0@1l%!Ӫoփ9@0_:Q m'B&#r6?إ󴃫-T>y|4:][RUhb7 P {2*h_vs %D`KghLrySj&#]7)w)UudqѼCm_q6˿Y".^MaYJ;-rat5xzeF S:$zvIh/(Y|x*Ҡko4a $4GY{K`w8le7Ӗ"y۹_QJ|̈́<(LCpע; UQeh`ը _4'~x'kB^%Ʀ҅tZ{>̙2[uֽ@zp8!V }ʘ=n&-G]Iq2BrԚaby;0Pf _n01.l܃ȀfhSk㮩,K_'"(,R;fJ$S [*_4RѸXKUYi{oPuɡ GtTп^{RKݍ:"'A8\s#Uov]v9tLdhM.f#oލ;}L;c!`)E8s3W`{5bjl-ƌv |FV7&"mXQfضN_Mv\قd<|IY6} <b&q^h(fiF?j40>aG@s:Imbn^8O(T2 P O@уL[_3~itge@pd6x9xj³m@Y6]T":wi] > jA>LhnΉ`w(AO*k8I &úb1qu:RTlBTB?հ be %q'4ڃ>#8`S:7Nb"/E!G!@s#jM{+E3AfRjfQA=EIBUJ#{}&鶺Rq2a_7>n'Kho%XR j8RWS$.%vA'21@Ue\4S=QgRђ_('kZ(MNϡH@T6'Øs-:[3=6ݮs;J:%*T[.78]NP]26g E/$JW<"G'zyHb=Shjy )B;9ʫC\GrY&%RHdԷ0?m2UDlH~櫍W ڊpxY%E;Q\]#(h[\Bf3E˂(ɴ>Wܴ7:licg]q=/2ɵpQ ,=2o]I+]G2k ˽3TR4d"w{.iO1xš[v !-xDUENɊW7M]#()UYyHOp{7%71!c]ſH V:S|# $yP_%x[yybѵ uL\?jW3?{ٶ%JS?$4U,uHyqT>GEg}0/1>|t>0(.b~0&=D3:h[J̄OdvCh@d{.B4$ rE( *3=Q! 'ȅ\#?tY ͪy1^ Wil- F}oFeFh8vDuo>!iXKkwVAL! JN W$@'0rO*tBĈkK~"e<wP&" }MWs~Xp`Q$T̅y5Ep7)[y8?f|W0G ֓r >/0'PCLq 0fbC+{'!{Vs\(}An7n`q)?xzpqB_$DrBPXpgHڹ<;޾U,@a_vH$_@jC }#P]Y|ứ{|:,r}se,$ G͉c9 "ñ@ܦt+zT4sWʙwEmT=qς:ڞQR|B-:f!jJM?lUAZH[lJ H'⺋}7EXp,Z:AIZ4o'h-.Rk3v)rS.67n M#lBܽi={ 9wh0 > ̇I,IFoԠk 1?b vaT[Ō :p< :NC40%|yh,㡶<|fH5mrz;^:R#oy].&gjn>+T 2r[,pD)\UFzqCAT7׍n JSlu@ź1+yFD"^7H}6w2P~`@gayI"|E遴@4 &|mCqb}[Ϲ*\ip"gf+'{" 9Z_C#^o F]-R,}U3Ku3L'%L,n, Phe$Ѭ*}͑2N}\nwu.߂PͨۊŷF(ھ66.W]geHЕoPJ|rDgQiaR5QptƳl2oHp370ebϖkp'8t׼jə\PyN !Kn5P8ja؇"x+&xw |fLV>8/!zuGymS5)A,P$O7B%ș] ttT6S_F*^ Y Q$NvWTk k,W< *n=V a"Q^ӯС<_[Jk9@xM,.0pSRòKbJ!YM{zYtåGKE~558FR$:37ɩD`9`q~I}5+ȡ*{8p|h=Q9N*4@v//Vbf5D!\r Zi~7a(AV:Nv|Së .*eh+LV A&kJyi!.#UxriVA7۾e/t ^De GJӞ/gZNJ;jǎ|I0xyTYjaL$CK0Ez|P!s_Ce,k!E2(qV?#t]^ad[0@>b4C&\/+Wi-5ibPP|7 }8Y䤠'ϩe?P*X~<;†j`E7(ɹe]z"oz#&3!Iv|:ՠ®n$Uu;& > ,/?r\zUmy9aQ(!9|X|!W(DAr`=pEr'싌<|YIJ4^Hq^ 3I"\fi '*M&Y{jz : @Q^u}bX\)ULd?oTh_;#:JWXu`.WI v×Gx-2gbu`>ю; $If)-eat @| qqpr`Uw䢸}IF$4#J? 4Vܪ.uK 5^GI8Hdjj|ƬH^uܔr{gSթHTp((6W[9QNi3&{j^>Ւ6dv!?@=s%60y.d,Q% +u{P [ǣNeut iSO*l87lmނxQ1#0 mem^94krNJ .iDkEޢwFzHϐ_27|Jՠu,p>*2r1*M*-9*yaZ*G s%iy+s*y^(v_R?Fe9 md4}U 9 '% "Y%oJZ)B#AQ ]nn31tcHdN>ѩBDB޺0";TaJweI dۯ40AD%F nOB I*@A͇Ķr/$ ~Ž=uV.o@Xt (#8 oRhkT :gߠ~ݫzm_ <"DzeK3$\1\mxZ{K@ɭ㕍YYxӞ$8ԟrÓM#E-ZA9ʄړ/_V =PL F=1]灺- ]Sv a ቇ~Eך8Aiq' zC=eݾq1X U.X=B.Tܰ^]3sr,it6bx;C( DC.ܧ-4*#꺤St]j;-lፗ$ŝ_ 8Z+R!<ܚEIb]g]ߕ0usVS?f<`ev>kX*_$  ʣ9v '[aܗᝪW H 9,IJNr89gCnfj>A$XxKVJX_>S ̞V'{kBWࡒA{l|G5:38= o̿ď9yQB0MliY ϥ0 k̟'aZѐ귅x7D(ЁP kbt]@4lNfwx hȔ:}گ @V9 #\D|~gÆXU˜Maυu}ddi`Mgfz[طC*"#5ۄn{9ff^^&;T%pX/doaC46oBj$i֋047iVoPJX6ofcD^ScP=Q_t*21-Wy0pq'̅dן`J&h=Aq'3vSˇzÓz [r =ZbjF;80iNbdj{Fv~בP.+a`U`1v :,9~3S&fmv;eϰ4.ui&K=m Bxb1{.nW3~,Oܝt[Zr-sY^+G!WA0dМ5|mkۄ"}NrT}2x1ev+jrɶceVn:mУ)$}NRH1W{VA#KA"${yz[h7tƭ=uHZ=fDCr#. -J_M6ۼkž2"-~ʨPC{}bo*?BSS1cF khJdڽ8VpߵqC[{6~[LdGn t@' ޗ leǃƻ Mܣm8պ/UoeT$n!Z/>asٹbcՕ=кb~#%:3:=!`VTNC3V IBd֦z5+, aQCjԂsʕi*{Bs'vhpDYϯ1Ʊk0 r1U-8z#~NDB3Z}㻈 5ޮDa&o.ۇx;\0E03p] ,gfRd4@p"Rx, ~dgj,\_<.Q9BG|7+)AdibRsršv[* ȟ{3!" v0/>bZeVƷ>emǤ6&&]\+Ơp//]BNkBR$~CʚѬ<3BtVAc2O=txٕA43ChԒy~1olmp̒y#p 'N77`,aoݾ\7s 4EcEXW; NC9E߬69(Ѕb6he2 s45,tY~ߜ'=qԮL_ri#F84t9FTMm{ߞ }DOPA8ADznyb[|O+t_cCLwVz&FNPFg_0Cؕ#Ui V;+p>ܿPTt\ @0WbܛpYTCy禋#s ӟ\UrU6q;ApYG{&pOJdp{i9uJGM!=|)iz7Mz O׈&;c/ ` .2_<e׳YKb :JXM {P RtuU W!.v(hW6 P[05l]|{NHqi/eQV0#+|;&VAt_v,WSP<M"SLl+|3"W{Vee5WAsHSf!ǑS_hK`\&SZLyx ҏ 1%XYh0{\T6Y)`slxwOLifzǗS2HMZbۺ;bc4#B >RŴc-?ՊMe&u ޻^_yY)Q0=ݢ-u{Z&MZy-%B ;c*Cn:9/Wl $iUM$D(j%FF'0qĂHΏ?KRR]PҚȹ@X5n!,ެ!E9V)+2 d!Ӂh,k07 pȩ;{dTY!\"Sװ&L5DTs& *W=41YMFG|=^n̍NUs  &UG~ڏDQұ#"@n2|yڋ6=Qp*t/k[0$uDաS&{8aĨ{=E]ڈcYW0WdMRz}N$aDVמB`Y.#Db6fq- Ȕc;Gwrm"{|lg.A5bnoHRâ NHhr01L6f[媐18C-ZzD0R ?W'yO  #Nd R:ivWa1QUȼ^wB5r> [1v'ѷB qU kA'SHdg#YVtG#`80DC;y!D3_{=Ax{Bk6o@aU LZ? 98w2(^ @W?P&R91~xu1@r8)};DPUEتC~ŝSݙk@˿\||PDe1=-^?2Q<]@ &Loh#òhƁEʩKCBZRh'1$5w!~/Hx#)9iKg* aɒ3 2f%Y^,0MOp .5]@K^0JϽ-r;;`̒x_qA˔ݖOnњ`h[q8r̬P\fmf֬C/($|__3lK\ObK cBt`_ hlFtRp:k%:f7>+be+ f|x}>WU ڿ5@<Nk s}8rcH&2 ^/:z(Z.Mbtfa@w.딂c |B*G݄ӝ@wkê<{R B&\oj=T$}0 I~zU[dV]g2, =m4W0ħHY 椣{1Z~ B1L!uV:} k]ٛGA\-׉bJƻ}{Ñoȩt9b!Lp!@ [ϖqՇ YaKǙGfQyZRU$U,` <.Y^29=D׊LY\!_*Wkd,OD@w Z MXfٻ8M9z[+;KBD]Jb",ӼZ+X_'#g1"ߛvX쑐hP@8Gq(bLa$[!rҤrHfCs+v\l#-*{If3| nsJGhKkbPP`+-cVɛW;H ks}& \6ѥD7JIsi{^WWrͥ#_m D'u6)R55=u]e:G͛@RWW1oXW1͞>E%/ob[#''X##h^-~ ZXeXJr֌ëŠR`U>OpCKs$|uU`Y__E4(^YLe*l.RR JJJ|?$u7G|!=_bɱ}s0&Wg2"7JR5tvKCV&(MR^x8U6bqE+B#`[a1#aDuWv0W`WXc>rXޞɁQ#ߌ.2FV@|e%qb8iJ}MZPΛت*Z{ BS ML֧ipq\$t=79*T@Tgt,F{P߻6>sĞ܃}.쬺 _28xelx{Y{$Х%$xۂMp,0NO=ğ/"?;ug61iov|3;#kb/1}&]3FIg pnlZ+>S_6> $O#Pu5 - 63]@ B-ƛ£3`lPג4rn׮ {g*b>Gc+^Ӥ=6%(Vʼ/nq7I'JjV:.INq*&1[{U_4e[5cPyJ@U똉y6zSS z2GmԥC/|a컕Ҽ ._rÖCͦy!ywTS<1َ0ug2G8 yt7Ms 1a Wʘ7wX*OehԔA^r'y,I\3+3pPTC"bلt\mh{L/\AoEk_ 懤ER*:t 0jo{0@]ۜ+bXNQ胞' 8 70@h[pܔlHELY}D׹2!uE;T5Mwݵۧ2ܘ-JR‹A)BҼνK&+D>/ 'dٮ=*obLr3Cza[ Cv ^QٕȳRLFOڮ~8u[o.)0";.fRU 5 } .l]an^0u,h7kDYgR [9T|tNqJXGd*;Jh~(> &CJ(}ѠDdʼud\^NDw~zWC?Iimn"$*ϊziՆxS=_T{ɶ W/.҆n1o 15|ӥ÷XLA;CE-c 2L\pMת0ub`mUgZb};/WzJ-M%M `$!W04Z0&ш`/)#Q|AE%L q Lf$P@6<+@+1d)QWZE\٭Qw>#Wܴ]p-*Z&ҋ^v'if.RJʻ|GNJt/֔']r6mt4xஸ#s)`Gsf'<\P@Cې:Yŧ f M̟3z#IRR&[bdش@eBꁊnA[Gj9Co\͹= >WYRSg|労U=9@X7a}Kkt|fl`Xy-Cn&v[&|y&B%gHbkv*>lIJδ! ^^~ghSTyв(ZLNI(|ɷn!ݢ|f<2rᭌ' y#}8ߌ"t,ˀv3Cj0Ď)w⽀سr}l`Vf\#/V|ɍ79x>fRvaB<x$/v1 y GC`"W_ sMZɯBl^fDI#gc.h F;*w+:_TYH,;fM$gܻk6; 7@rK5A5#P&eaIޣuJ_^ؐpfZŵ7GYI&Z@;ڷ D\殤F`SromG$F\HZ@^]뇺6ސn^bIơ)| F"rU1"`N3⣏[o`G7(ItC ڵgL ;7 Fk>(-DnI,QoRhFE^si|&7F0$ ݠcc .k_Ã?XOTjKRaxWք*AH *o|3*+#޴(a<1b#dF="I;2~?0 xb cÈD@T_LˆkȤ`]da" v$f-Oǿf;C(3X3zBO/ EW9]HS!#={kdnsyvN9JZ\FvQw"L%$ ϱV> ͞(j4\f%n&%TOķthiUy-X\,;r[E݉\u*Kt1.X:~M< 9DG3.<7wPXWB񤥆qu?j` ܪӥ%PI;d&LQx HZQsJRݴ/፠Z7`tP#l&h39 ='o@(M޸/S/'b4%:R-6O4Uh@3A*Q펛puUoFT!ҸqvGV?V G+GvTjQ)|5GU0v"-&:v$ed'һ _TVRᱠYvJYʇ_o#3߮I92NRΗP>1voO9tl-uf^izީ heC*ёpp-|{$+=?/PD]ިcfh jF7ظt26yl(:NTq-&9.:݆&4&Ɉ2.C@iBidDw4(2O`w`ɘVU53[w?U,5 Gƿ}*{efUfPfSf5dW~HaJpw(EqTV-בc|`G%C5J(vr1_a;HOZʝ'X f);x~;@DXھnpΡ=/[tW)ˑ׌w\pmxN8;OZ }V2  $NxV<شʢ:mc'gʈZA<0F. 6?gCy]+/7IG[mv"zD-,Qݒ鋖6{$b+}#״'e?ԤbnmtCtÕE%]G_}^m3ԫ?em:7K(C ద&n|d6oN\a'seӎL)3Tcajg"^ +#4qd`ň,2v$ (C_۫+ƆW-BmF'yvd:a07]t:TBԶ:؇}~WN[)3.8 $Rzǐ! JxO̓l]1u<'Hy@M]R%[B^ݽ͙tPTZos1EA&=:M0y֫Rg3Ri4ZvWGЏfri K]+ثKo$ޣ=R|?=Ͼ>w<`h¨`/Qf{|`x k(PfY#!LZf&kfH6fglཹ'cw!?J9oܷ`MfVO0{"՗ ~X4bMdLS=M櫕g֛2%F}Lh_:0,r?uӚm cȐV !~ 4mݸtʷ, x9km &a̸M7:^BdvV|+s~;C=ȮDIlX-k+t! #K.R"H'K ĘBrZyc%ɠh9"ck@L<ܗuiՍLΕɋ9817P`V[Z@U 7:IJ:!:jg4+#KzV̎WOzi_mBJ9/AR".Ceim5l"+eT 4ٵj(:*vR)"FӬi.}#H=|Nv EZMyw̓A-yMwJfX0[EIp+EmݪWw60$H|*N.55.,̆/*ꂫI6;XbYcUd̟v0ƟgdKB3PYUd&Wݬ<[TYq>q;-e7<(.;&]t%5rcAqoAXuƙKYT); U)$ciuW7FvȎnsd,#i /Muҷ bg˟AJ ?3l*mcO4$Ԇ71YWLy۲/βg(*Bp_brKa.@]`޾6,zOc\OAš:rI| jNR u/Ų"Yo$9BHVӥ܀iv6 Ϡ<жC)jhxsU9Fvm|^k PbJ9d}tGlGh|?(y8kySSHY5zL n#[#5i'4X f+6tk s-JHUjeKp|Dûz%wpu+8L?-f!y8.;}4L~g*)-ZX!뷾 y0忽υyqk_R_E/`(]kD~Z$22]ʣM$JH=b9\=GEeȘ`=`\x&0zmJzSk&Y>y-tiOV8H\@4R-K;rV;1A\k/% t/Llxm瓎l;NMME53PvRrǗ+sBTS =$Cry˾{OY?ʌmJ ,V(XXi[>M}[C׭C0϶^J0\U`!^:a7̛܈I96KD=n]Ʈ޽Yc8Z쬅J|-Nd/ĹGħ1wYK诊JTvN:UI[E&/DΧdKߖ1_E <;=Hn8ܨpKgYь0F''{mfK=0p)S W2PTb$hѣA1 pMQd:(Y]/7B 12t3 S贝CM(uT)Sq.KpPw|'c<= 8뀃6J%@ЫhƋ~ HaA Qe\} [ =2ڍzZ['tķOƛ3lx( zۼfx,CE'S%4ʓ0R4`'4_.(q曭):w9pk 5UQ K`8Ww*.I&g`Q0nHgEe*=gr)ˇD "kbH=ooz1lR~yٍ^vʀU6Fu+gɻ/wVz$ÇP^] B?BeУ2S;(S"-p T8UйbBM 7vTAZk"n(G_K2-[5r.<9mz\A!Oo \rPa?}y`cr8n#fNx/q+V(tWKQCrFw,=l1YD33K=_H0|%OB\\!/J3d.?zV B!fXZV#}/3#]6OVUu}@#;\`5~)*7M>y^tBlK:u߇*(Y$[ FV 鏳:kڹԆF%ґ$A[b}Lٙ&EѷTGy 5 _<`4qx?Z?Q dFQ*шM=HmK+:Jg0Qs68h2\ 9tDeq&ӿwh7ƹ#Q/y~exuhK2rUQs:z/qyF#ZbKN-(O5 ,cV!D7+ BgvDȯ+(I0 Rd W6ot`vܼ='hb4 l7+p0L(2Ų콨1 ZQUu$X*6q##LE8#$ֻoA >2l.E7F|lyTb5v PjHRv|e@x,j:2ѥ5H5L;|8]J].B'cb 'xXS;f3UȮUBP*(8U>丳r$;olC%;}zM+alp".H1d3mPUgqd0XלuÕIVl9)N&kj_ ;S-PRF) 6 ]FJD H wY8wk#p:,X&;[M{=WzX׭Pp̓Apc'X\) B~1zdإ!R":TvĺY^^!B{[ù*Nbɨ$NFZ4+y,.I_jyǕF_/jѣI4՟GZ.VnW8xجPˍBq shxᶶImV3vz*7{^~UO?t2j/d#T2)1lT@\__YD̡96i6#3RӢ9}2<Ăȭ%/q+"nfmKaΟ{қV%҃k7틹H>vwsXz}VOÃIxЩY{(g{%]c$ dNG_rMU?:FC+} my [Kƞ˹ }0Eh4/w Vq]ݒ+9vhDx_Rk&))bY RQ&A1 ֱJ4>CI*w!aj'*E vC%3cw[1/ dnrbt0fu2CZ~$</Ɠ9/=W  wvNԺF\K򲶻fEp)^6?Z[#U):?+b][ݑ5M/Btۅp* i ULeTӠQ !6k5*{[\룧@57اgO$l'{M-㹜E,@)BMTDz"AX}3ai܎0/PfTζ=j+M dC_p'G6KpP02N QDb{"2 \*0kv. ?TAj;TH{D?.,ْ`I*kwQа&y&.QnVer㐾QJ9>.$y[s ru3޺ͤg%ې/7\j1nI^mENi4~yί.RNkC9]_)1%TČ%O5/_|l&E8NFbfOUϪX|gE̝,ڤå#26E 1A^9O:MIȓƲ$S+xI u= /9,*[OvIЋ_[˶^6%_ r@Ԩg~47Ux/BnkM툜5u'W#9s% 5hub„e =q5`_V܎ٳR2)0$Hڱ@%h4S'>WAW~Vixj3w\Sw6w$$s wB "I]@@zVtf>(:4 VF0qqYCAX[`@2svgstʘö Ɲ0~((#WU^X*AG_ =/"ck}!Wax=4C7X Dc%LȢÁgfH2D⑷657*Y09s3_YyNq(oqUT1D18|}j_<;:ڦ:yb6Ԝ;TDŽ"qHou8 ٻ>d@*K_'V8&}3r HF3q}4iS070'SExhDE<:LFf'҂gwȵt̹V# 2VbC ^-ϸ?}Z])s IIp@eor5.>bD SOa[_jOً.){V(L*L*x -Ɵaw]-"/xez"`e?4ޫHM< ^rRN@uMYJavUt+ߺ'5$:`9-'y܀r  "*I3' רZ㴉Ð4;ƆIJy؈m( 3pk^>ECMgrZ<\ʵ}Ts7>^4;f)qY|Yy:SĿ | ܿgrͫʲ^GGfm|V"8}aZX@wAdf9A:Ƈ/$2\h'a,VQ8ׅxB гB/Bћ3ao'4pV`߲>T/;v#ge4^ۦZ6@8@Glo΃?Y7@4Јwڿ3`vép9T0|״z0m IG;¹dѪZEy2lg˧ӎ8 հʸ_߅j<dfYmȏ/s;|M'1@=\Cv1vݔ8H6w#5>5GT=}b?]nDV2SnUE;pkۑ!ko&J ~ּdEyPسGH|ʳvM(į5*E}y8qx:^wk).%HA\jzS}UyXh^4 V.O`4^jm:mΰ  >tErAqJA76qy$gm%5+@(ԤS8DjVbWN޻JxR@pZȩգcFM妺ܵwcn 0#!71_6?eV/):DL4WP [7`]o?I/dkUstDg;$j͌Mchdi|C T:otx#d #%+=e gCGyWoW$hr*&(2bѡM_p3r/p Ms3h Z؁ GfDr )(J#a1<9NENAy8&.^۵Cj&1o2əUq" =TcOC7%4 KݫcD6gK[Dul*0Q_҇t9zOLrނD'Z~R6tbPyԻ;$ ro$V;X@9h)#^ф_u]$1hkw'ǡ)Ra?ihz5p|ɎD8.$ZgJ|dVRiҍTĥsH 9h)vsIPgq&H^B20+*,;t `QWkWLaRՆtv Q5S~v+z4°?`.ipw^10 2SS!`MJӱoDBF ojk+.xW' =@ *8bA1.-uU69ivĆd:=/ֱ']3)Q8:FU;d"aJKD' ֵaPǦ,cv~8ϸy&ϲSURfJv)fI x&Otj䑅;+E Oޞ +h+PG'@̰K.9v۟  QU+fT~^PxuUN$ g jY8?eTYG6GF5Ng~V>i!%I&bgNe {Eݕ`ǵ֠4)/G@WijJaKojZR}neLgr4# N%2Gҕ9coc҂oA5eU"?E1lg8e+18f1f2- g#}ք^[jXĖkkuw0? d_[KӋ8 ?OQk Cx&-\:EgؚK`3HL#|x%[N&x9f-M:j9wpI7YpxO6(ȓ&*`jL)k1:wST@Ol8+@\ӈHϺ(ȨrAY`yR(M 5!zP'Cmu P4^e}Lj;woOy~ϔ^rn ]W7K:ij&bPɀ ڻL#u[ .|y4"-SsgD} aWdXxNy "*6 0eKU,l#Rx¦BsВ!.Me~&Rc q4𥟆["Cn0}jMCDZς0-qWr#x9o׹9A cJ S}<Xz;;-C끆fx{RQV!NƄ1wmlڬݞM!|rE&xSU8?ܪo^ٜni4M{1tz f1MIRrU;c==4޼a]".ܹmw) mҋQѰq'A^H,% JtOt̳.7q)cOŁ2Ba*ڞ1-mHB33g {iH +>#DF6.S`/\v5p0{a^,̈́~H=RmK/ٍ P9lBs@zqQfL1D 2gXڐ!3D+3>X" {xPlAzO4<u d!LD1,R9Y^(x FԳ>D_TF٣99,~lf7rWrmӦIgWi[F7z4V7n4u Jlzhb0IITăM$|\IDt)`Tj蹒l*Unn"lp °MF!^6GˊuU"kAeQ؁bKp6sn}!f\oĘL9aaܓP+Vq-`\OYs2FiI@$W%@I͍}RÈ͑0$a{o,Wy<(Dl[vG'~J)B%c9^Xe c; 2G:tSl#˂I؅GkH٨]b_ptuxl tƟIJAmua4u53vr2fLy*LA+,z`YNjrPB2vNZw?~j}~\W5ۖ XQ CI{MԮ~ xXe`Ann =1;eQ;;<[ºxNAt`]Iy'Y0CvR濆yڐLn75PH, Z~){oy=8-4X~d^* [@ io"1c$'-7@k/j9^S~(ned I:QY1&_E=[o H}\xgH.canꧭ?4˅u+>M2mѤDTU8ɶ2t9I 򼛔ѝKpE:j Sanj׾5p5Q~-י787x8@V;.wucz*W%T; iSCؤsC2 x?EHZrSk-FH_8*;Pt{DHA"6[:0rStU));oib_~diJD[bb_n#aϐF.MAb s5=VzGNݣ¥, _ (笸,lFp(;Z[{qk` V:H.?hJ,85AS޹oPR=0m`lhQVPfKÆPN!a< )%V\΀Q "ZFhd~ہ$j\=h,܌΃{+ 5> OIZIi ]8g/=_TN=GL]#7@. g#ľH=#"k݁;{z]CWA/z),~9!jk\SI;4MPr=CͥZP00Bv s5c%hz%Bpjj'T$KuL+ߑ5 s . վ=W @_?/;mpZB^DCwrv(im?@{EќUmgSgU&($[><;l$x}ʦ..ye`U,4<2ꗱq of _bXY>} }̞&(N&"E\tu\J29ί4e[8/_PT,X=hy \gn97|J$WxrkN9 A#CŮ]f˟񌪌8 MGVёo&q&폭S! eUcߺI9EAr<;pei`9Z]#,wM>nNJtGo+*md\K6'':TW&=}&vrG_\^[B˓_t.\<+V-֯r3y`b< R%5?WQ34Aq#TYGeYAshL4ONf*-~;%дO"11p.ʂVЎl%Ȓm;DY,+N#FSC@C#X5k2Y Y ]f[XI3S5 a:ڏ!Ȧ[j@ye<†3H{EZ6Cљ&zz  uBw6`]c,rPlvp62cb"yrgtoyO[6Ag ;@/8rNIo_321F`*$Qu5È -^ &$EUMs-Oʁ7h;i)Xt'^_0ǷⲐ,"G蕒nVEeY%W/`R8D5s BSi2}i9suMX\C- 'a'=IyGu-wUĀckg<6 @Y}xئr "Ph_mPVPXKe} h>붨&RlA%}#ǛerY *u2EYCVC!p*u<2RȃWx;,RKAg+\(5% nJKz ر49XǿKk9W]?jƷ,& \AM!L }AS!io h G`i0Mϋi|ɖ}"O*y{AQf+D-uུ\]&,oo6}8ĆS7a>znfk »aK96Sc@WjnZ@k90'L(0EFڈ_ bXgcCfXk8,$r6ǐ)(Wn&}9~S?+f:ܐfNf~ *w ɳ!5:ufNY;׿٫~=BFɱ B Ntlns' <Nj"\;%2p2?n(VEgg|BځobEeɠGHhqln=i -u=@7a+A.L>?U{BՖEH̀1i쪃40Բns^LM`$ m%*c2֬d' !SO= Nz6 M}&"e c;,%Կ1 wI f"V$mH)Z]=:Wi0-(|Q=6C 񂮥,pH'qnisLa^_Ue !U EG%l-̊#JSSb3OսF;J~c`25=FD]U(u/0veb… ~Uq0X? W vnaFo'ZfkW-326uMe|"2̢b`5=|ۣ.h7u: ePE0&X:BRxJz ;eڕ!zDdݦdI=%>mr+e߁8خ+F֪Ҕ矲s`r,5Af!PEiكhƼ/H@Kx1) t^Jg]ZYJ,e/^ICCO~g Q\Y$ס/=uo~Mv'R"H_ * g YZ