pdns-backend-ldap-4.1.8-bp151.3.9.2<>, _l֜!M@eee5lqGk>]?]d & <  8\v|       9RtH(8292: 2FXGX,HX@IXTXX\YXh\X]X^XbYFcYdZeZfZlZuZvZw\x\y\&z]T]d]h]n]Cpdns-backend-ldap4.1.8bp151.3.9.2LDAP backend for pdnsThe PowerDNS Nameserver is a authoritative-only nameserver. It conforms to contemporary DNS standards documents. This package holds the LDAP backend for pdns._lobs-arm-1CSUSE Linux Enterprise 15openSUSEGPL-2.0-onlyhttp://bugs.opensuse.orgProductivity/Networking/DNS/Servershttps://www.powerdns.com/linuxaarch64  %/큤_l_l_l_l_l3c35a646e682dbee7350fb9479fffb39114bf6f14f5a87350f48d0f7128dddf6afc3002cf292b6344ee05b3db62eadaa59a6c7d195e4f81fcf867d49bdf705868ff3bf3f9096115b164f10835aff799914b65f4d651e9fa84f0bbbefde316db994d36c21e56b2096d83db548c399f287966ff082fada65f9a5d1bb72fcd51cf2f67b2ec28e45bd8ee0af5e35fca358e7c6521b81a591803814a20635fb64592arootrootrootrootrootrootrootrootrootrootpdns-4.1.8-bp151.3.9.2.src.rpmlibldapbackend.so()(64bit)pdns-backend-ldappdns-backend-ldap(aarch-64)@@@@@@@@@@@@@@@@@@@@@@@@    ld-linux-aarch64.so.1()(64bit)ld-linux-aarch64.so.1(GLIBC_2.17)(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libcrypto.so.1.1()(64bit)libcrypto.so.1.1(OPENSSL_1_1_0)(64bit)libgcc_s.so.1()(64bit)libgcc_s.so.1(GCC_3.0)(64bit)libkrb5.so.3()(64bit)libkrb5.so.3(krb5_3_MIT)(64bit)liblber-2.4.so.2()(64bit)libldap_r-2.4.so.2()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.17)(64bit)libstdc++.so.6()(64bit)libstdc++.so.6(CXXABI_1.3)(64bit)libstdc++.so.6(CXXABI_1.3.9)(64bit)libstdc++.so.6(GLIBCXX_3.4)(64bit)libstdc++.so.6(GLIBCXX_3.4.11)(64bit)libstdc++.so.6(GLIBCXX_3.4.14)(64bit)libstdc++.so.6(GLIBCXX_3.4.15)(64bit)libstdc++.so.6(GLIBCXX_3.4.20)(64bit)libstdc++.so.6(GLIBCXX_3.4.21)(64bit)libstdc++.so.6(GLIBCXX_3.4.9)(64bit)pdnsrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)4.1.83.0.4-14.6.0-14.0-15.2-14.14.1_k8^%@^`]A\@\@\@\[[[@ZZZЛZZZ@Z@YeYY5Y}@YMYMXDX@X~@Xx@Xx@XN@WW@WJVV8UUv@U>$U8TPTи@Tи@Tи@Tto@Ta@T_W@TR(@TO@TO@TO@Adam Majer Adam Majer Vítězslav Čížek Adam Majer Michael Ströder Michael Ströder Michael Ströder Dirk Mueller Michael Ströder amajer@suse.commichael@stroeder.comkbabioch@suse.commrueckert@suse.deadam.majer@suse.demichael@stroeder.comadam.majer@suse.demrueckert@suse.deadam.majer@suse.dejengelh@inai.deadam.majer@suse.devcizek@suse.comwr@rosenauer.orgmichael@stroeder.commichael@stroeder.commrueckert@suse.deadam.majer@suse.demichael@stroeder.comadam.majer@suse.deadam.majer@suse.dedimstar@opensuse.orgmichael@stroeder.commrueckert@suse.demichael@stroeder.commichael@stroeder.commichael@stroeder.commichael@stroeder.commichael@stroeder.commrueckert@suse.demichael@stroeder.commrueckert@suse.demrueckert@suse.demrueckert@suse.demrueckert@suse.demrueckert@suse.demichael@stroeder.comLed michael@stroeder.commrueckert@suse.demrueckert@suse.demrueckert@suse.de- CVE-2020-17482.patch: fixed an error that can result in leaking of uninitialised memory through crafted zone records (CVE-2020-17482, bsc#1176535)- pdns_maxmind.patch: backport support for MaxMindDB- Build with libmaxminddb instead of the obsolete GeoIP (bsc#1156196)- CVE-2019-10162.patch: fixes a denial of service but when authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. (bsc#1138582, CVE-2019-10162) - CVE-2019-10163.patch: fixes a denial of service of slave server when an authorized master server sends large number of NOTIFY messages (bsc#1138582, CVE-2019-10163) - CVE-2019-10203.patch: update postgresql schema to address a possible denial of service by an authorized user by inserting a crafted record in a MASTER type zone under their control. (bsc#1142810, CVE-2019-10203) To fix the issue, run the following command against your PostgreSQL pdns database: ALTER TABLE domains ALTER notified_serial TYPE bigint USING CASE WHEN notified_serial >= 0 THEN notified_serial::bigint END;- Update to 4.1.8 * #7604: Correctly interpret an empty AXFR response to an IXFR query, * #7610: Fix replying from ANY address for non-standard port, * #7609: Fix rectify for ENT records in narrow zones, * #7607: Do not compress the root, * #7608: Fix dot stripping in `setcontent()`, * #7605: Fix invalid SOA record in MySQL which prevented the authoritative server from starting, * #7603: Prevent leak of file descriptor if running out of ports for incoming AXFR, * #7602: Fix API search failed with “Commands out of sync; you can’t run this command now”, * #7509: Plug `mysql_thread_init` memory leak, * #7567: EL6: fix `CXXFLAGS` to build with compiler optimizations.- Update to 4.1.7 with a security fix: * Insufficient validation in the HTTP remote backend (bsc#1129734, CVE-2019-3871)- Update to 4.1.6 * Prevent more than one CNAME/SOA record in the same RRset- adjust buildrequires for mariadb 10.2.x on SLES- Update to 4.1.5 * Improvements - Apply alias scopemask after chasing - Release memory in case of error in the openssl ecdsa constructor - Switch to devtoolset 7 for el6 * Bug Fixes - Crafted zone record can cause a denial of service (bsc#1114157, CVE-2018-10851) - Packet cache pollution via crafted query (bsc#1114169, CVE-2018-14626) - Fix compilation with libressl 2.7.0+ - Actually truncate truncated responses- Update to 4.1.4 - Improvements * #6590: Fix warnings reported by gcc 8.1.0. * #6632, #6844, #6842, #6848: Make the gmysql backend future-proof * #6685, #6686: Initialize some missed qtypes. - Bug Fixes * #6780: Avoid concurrent records/comments iteration from running out of sync. * #6816: Fix a crash in the API when adding records. * #4457, #6691: pdns_control notify: handle slave without renotify properly. * #6736, #6738: Reset the TSIG state between queries. * #6857: Remove SOA-check backoff on incoming notify and fix lock handling. * #6858: Fix an issue where updating a record via DNS-UPDATE in a child zone that also exists in the parent zone, we would incorrectly apply the update to the parent zone. * #6676, #6677: Geoipbackend: check geoip_id_by_addr_gl and geoip_id_by_addr_v6_gl return value. (Aki Tuomi)- Use HTTPS links in .spec file like mentioned in PowerDNS announcements - removed obsolete 6370.patch - Update to 4.1.3 - Improvements * #6239, #6559: pdnsutil: use new domain in b2bmigrate (Aki Tuomi) * #6130: Update copyright years to 2018 (Matt Nordhoff) * #6312, #6545: Lower ‘packet too short’ loglevel - Bug Fixes * #6441, #6614: Restrict creation of OPT and TSIG RRsets * #6228, #6370: Fix handling of user-defined axfr filters return values * #6584, #6585, #6608: Prevent the GeoIP backend from copying NetMaskTrees around, fixes slow-downs in certain configurations (Aki Tuomi) * #6654, #6659: Ensure alias answers over TCP have correct name- Update to 4.1.2 - Improvements * API: increase serial after dnssec related updates * Auth: lower ‘packet too short’ loglevel * Make check-zone error on rows that have content but shouldn’t * Auth: avoid an isane amount of new backend connections during an axfr * Report unparseable data in stoul invalid_argument exception * Backport: recheck serial when axfr is done * Backport: add tcp support for alias - Bug Fixes * Auth: allocate new statements after reconnecting to postgresql * Auth-bindbackend: only compare ips in ismaster() (Kees Monshouwer) * Rather than crash, sheepishly report no file/linenum * Document undocumented config vars * Backport #6276 (auth 4.1.x): prevent cname + other data with dnsupdate - misc * Move includes around to avoid boost L conflict * Backport: update edns option code list * Auth: link dnspcap2protobuf against librt when needed * Fix a warning on botan >= 2.5.0 * Auth 4.1.x: unbreak build * Dnsreplay: bail out on a too small outgoing buffer (CVE-2018-1046 bsc#1092540)- add patch for upstream issue #6228 https://patch-diff.githubusercontent.com/raw/PowerDNS/pdns/pull/6370.patch- geoip not available on SLE15 but protobuf support is available.- Update to version 4.1.1: bug-fix only release, with fixes to the LDAP and MySQL backends, the pdnsutil tool, and PDNS internals- Update to version 4.1.0: + Recursor passthrough removal. Migration plans for users of recursor passthrough are in documentation and available at, https://doc.powerdns.com/authoritative/guides/recursion.html + Improved performance: 4x speedup in some scenarios + Crypto API: DNSSEC fully configurable via RESTful API + Database: enhanced reconnection logic solving problems associated with idle disonnection from database servers. + Documentation improvements + Support for TCP Fast Open + Removed deprecated SOA-EDIT values: INCEPTION and INCEPTION-WEEK - pkgconfig(krb5) is now always required for building LDAP backend - pdns-4.0.4_mysql-schema-mariadb.patch: removed, upstreamed- package schema files in ldap subpackage- Update to version 4.0.5: + fixes CVE-2017-15091: Missing check on API operations + Bindbackend: do not corrupt data supplied by other backends in getAllDomains + For create-slave-zone, actually add all slaves, and not only first n times + Check return value for all getTSIGKey calls. + Publish inactive KSK/CSK as CDNSKEY/CDS + Treat requestor’s payload size lower than 512 as equal to 512 + Correctly purge entries from the caches after a transfer + LuaWrapper: Allow embedded NULs in strings received from Lua + Stubresolver: Use only recursor setting if given + mydnsbackend: Add getAllDomains + LuaJIT 2.1: Lua fallback functionality no longer uses Lua namespace + gpgsql: make statement names actually unique + API: prevent sending nameservers list and zone-level NS in rrsets- Ensure descriptions are neutral. Remove ineffective --with-pic. - Do not ignore errors from useradd. - Trim idempotent %if..%endif around %package.- Added pdns.keyring linked from https://dnsdist.org/install.html- Don't BuildRequire Botan 1.x which will be dropped (bsc#1055322) * upstream support for Botan was dropped in favor of OpenSSL, see https://blog.powerdns.com/2016/07/11/powerdns-authoritative-server-4-0-0-released- This makes the schema fit storage requirements of various mysql/mariadb versions. pdns-4.0.4_mysql-schema-mariadb.patch - preset uid and gid in configuration- fixed use of pdns_protobuf- update to 4.0.4 - fixes ed25519 signer. This signer hashed the message before signing, resulting in unverifiable signatures. - send a notification to all slave servers after every dnsupdate for complete list of changes, see https://blog.powerdns.com/2017/06/23/powerdns-authoritative-server-4-0-4-released/- added pdns-4.0.3_allow_dacoverride_in_capset.patch: Adding CAP_DAC_OVERRIDE to fix startup problems with sqlite3 backend- use individual libboost-*-devel packages instead of boost-devel- update to 4.0.3 which obsoletes b854d9f.diff- b854d9f.diff: revert upstream change that caused a regression with multiple-backends- update to 4.0.2: The following security issues were fixed: - 2016-02: Crafted queries can cause abnormal CPU usage (CVE-2016-7068, boo#1018326) - 2016-03: Denial of service via the web server (CVE-2016-7072, boo#1018327) - 2016-04: Insufficient validation of TSIG signatures (CVE-2016-7073, CVE-2016-7074, boo#1018328) - 2016-05: Crafted zone record can cause a denial of service (CVE-2016-2120, boo#1018329) For complete changelog, see https://doc.powerdns.com/md/changelog/#powerdns-authoritative-server-402- BuildRequire pkgconfig(libsystemd) instead of pkgconfig(libsystemd-daemon): these libs were merged in systemd 209 times. The build system is capable of finding either one.- update to 4.0.1 Bug fixes - #4126 Wait for the connection to the carbon server to be established - #4206 Don't try to deallocate empty PG statements - #4245 Send the correct response when queried for an NSEC directly (Kees Monshouwer) - #4252 Don't include bind files if length <= 2 or > sizeof(filename) - #4255 Catch runtime_error when parsing a broken MNAME Improvements - #4044 Make DNSPacket return a ComboAddress for local and remote (Aki Tuomi) - #4056 OpenSSL 1.1.0 support (Christian Hofstaedtler) - #4169 Fix typos in a logmessage and exception (Christian Hofsteadtler) - #4183 pdnsutil: Remove checking of ctime and always diff the changes (Hannu Ylitalo) - #4192 dnsreplay: Only add Client Subnet stamp when asked - #4250 Use toLogString() for ringAccount (Kees Monshouwer) Additions - #4133 Add limits to the size of received {A,I}XFR (CVE-2016-6172) - #4142 Add used filedescriptor statistic (Kees Monshouwer)- update to 4.0.0 https://blog.powerdns.com/2016/07/11/powerdns-authoritative-server-4-0-0-released/ https://blog.powerdns.com/2016/07/11/welcome-to-powerdns-4-0-0/ - packaging changes: - remotebackend split out now - enabled experimental_gss_tsig support - enabled protobuf based stats support - no more xdb and lmdb backend - added odbc backend where supported - drop pdns-3.4.0-no_date_time.patch: replaced with - -enable-reproducible- update to 3.4.9 * use OpenSSL for ECDSA signing where available * allow common signing key * Add a disable-syslog setting * fix SOA caching with multiple backends * whitespace-related zone parsing fixes [ticket #3568] * bindbackend: fix, set domain in list()- update to 3.4.8 * Use AC_SEARCH_LIBS (Ruben Kerkhof) * Check for inet_aton in libresolv (Ruben Kerkhof) * Remove hardcoded -lresolv, -lnsl and -lsocket (Ruben Kerkhof) * pdnssec: don't check disabled records (Pieter Lexis) * pdnssec: check all records (including disabled ones) only in verbose mode (Kees Monshouwer) * traling dot in DNAME content (Kees Monshouwer) * Fix luabackend compilation on FreeBSD i386 (RvdE) * silence g++ 6.0 warnings and error (Kees Monshouwer) * add gcc 5.3 and 6.0 support to boost.m4 (Kees Monshouwer)- update to 3.4.7 Bug fixes: * Ignore invalid/empty TKEY and TSIG records (Christian Hofstaedtler) * Don't reply to truncated queries (Christian Hofstaedtler) * don't log out-of-zone ents during AXFR in (Kees Monshouwer) * Prevent XSS by escaping user input. Thanks to Pierre Jaury and Damien Cauquil at Sysdream for pointing this out. * Handle NULL and boolean properly in gPGSql (Aki Tuomi) * Improve negative caching (Kees Monshouwer) * Do not divide timeout twice (Aki Tuomi) * Correctly sort records with a priority. Improvements: * Direct query answers and correct zone-rectification in the GeoIP backend (Aki Tuomi) * Use token names to identify PKCS#11 keys (Aki Tuomi) * Fix typo in an error message (Arjen Zonneveld) * limit NSEC3 iterations in bindbackend (Kees Monshouwer) * Initialize minbody (Aki Tuomi) New features: * OPENPGPKEY record-type (James Cloos and Kees Monshouwer) * add global soa-edit settings (Kees Monshouwer)- update to 3.4.6 [boo#943078] CVE-2015-5230 Bug fixes: * Avoid superfluous backend recycling * Removal of dnsdist from the authoritative server distribution * Add EDNS unknown version handling and tests EDNS unknown version handling Improvements: * Update YaHTTP to v0.1.7 * Make trailing/leading spaces stand out in pdnssec check_zone * GCC 5.2 support and sync boost.m4 macro with upstream * Log answer packets only if log-dns-details is enabled- update to 3.4.5 Bug fixes: * be careful reading empty lines in our config parser and prevent integer overflow. * prevent crash after --list-modules (Ruben Kerkhof) * Limit the maximum length of a qname Improvements: * Support /etc/default for our debian/ubuntu packages (Aki Tuomi) * Our Boost check doesn't recognize gcc 5.1 yet (Ruben Kerkhof) * Various PKCS#11 fixes and improvements (Aki Tuomi) * Several fixes for building on OpenBSD (Florian Obser) * Fix several issues found by Coverity (Aki Tuomi) * Look for mbedtls before polarssl (Ruben Kerkhof) * Detect Lua on OpenBSD (Ruben Kerkhof) * Let pkg-config determine botan dependency libs (Ruben Kerkhof) * kill some further mallocs and add note to remind us not to add them back * Move remotebackend-unix test socket to testsdir (Aki Tuomi) * Defer launch of coprocess until first question (Aki Tuomi) * pdnssec: check for glue and delegations in parent zones (Kees Monshouwer)- no longer ship dnsdist here, we will ship a new package based on the snapshots from http://dnsdist.org/- update to 3.4.4 with a fix for CVE-2015-1868 (boo# 927569) Bug fixes: - commit ac3ae09: fix rectify-(all)-zones for mixed case domain names - commit 2dea55e, commit 032d565, commit 55f2dbf: fix CVE-2015-1868 - commit 21cdbe5: Blocking IO in busy-wait for remote backend (Wieger Opmeer) - commit cc7b2ac: fix double dot for root MX/SRV in bind slave zone files (Kees Monshouwer) - commit c40307b: Properly lock lmdb database, fixes ticket #1954 (Aki Tuomi) - commit 662e76d: Fix segfault in zone2lmdb (Ruben Kerkhof) New Features: - commit 5ae212e: pdnssec: warn for insecure wildcards in opt-out zones - commits cd3f21c, 8b582f6, 0b7e766, f743af9, dcde3c8 and f12fcf7: TKEY record type (Aki Tuomi) - commits 0fda1d9, 3dd139d, ba146ce, 25109e2, c011a01, 0600350, fc96b5e, 4414468, c163d41, f52c7f6, 8d56a31, 7821417, ea62bd9, c5ababd, 91c8351 and 073ac49: Many PKCS#11 improvements (Aki Tuomi) - commits 6f0d4f1 and 5eb33cb: Introduce xfrBlobNoSpaces and use them for TSIG (Aki Tuomi) Improvements: - commit e4f48ab: allow "pdnssec set-nsec3 ZONE" for insecure zones; this saves on one rectify when securing a NSEC3 zone - commits cce95b9, e2e9243 and e82da97: Improvements to the config-file parsing (Aki Tuomi) - commit 2180e21: postgresql check should not touch LDFLAGS (Ruben Kerkhof) - commit 0481021: Log error when remote cannot do AXFR (Aki Tuomi) - commit 1ecc3a5: Speed improvements when AXFR is disabled (Christian Hofstaedtler) - commits 1f7334e and b17799a: NSEC3 and related RRSIGS are not part of the dnstree (Kees Monshouwer) - commits dd943dd and 58c4834: Change ifdef to check for __GLIBC__ instead of __linux__ to prevent errors with other libc's (James Taylor) - commit c929d50: Try to raise open files before dropping privileges (Aki Tuomi) - commit 69fd3dc: Add newline to carbon error message on auth (Aki Tuomi) - commit 3064f80: Make sure we send servfail on error (Aki Tuomi) - commit b004529: Ship lmdb-example.pl in tarball (Ruben Kerkhof) - commit 9e6b24f: Allocate TCP buffer dynamically, decreasing stack usage - commit 267fdde: throw if getSOA gets non-SOA record- update to 3.4.3 Bug fixes: - [commit ceb49ce] pdns_control: exit 1 on unknown command (Ruben Kerkhof) - [commit 1406891]: evaluate KSK ZSK pairs per algorithm (Kees Monshouwer) - [commit 3ca050f]: always set di.notified_serial in getAllDomains (Kees Monshouwer) - [commit d9d09e1]: pdns_control: don't open socket in /tmp (Ruben Kerkhof) New features: - [commit 2f67952]: Limit who can send us AXFR notify queries (Ruben Kerkhof) Improvements: - [commit d7bec64]: respond REFUSED instead of NOERROR for "unknown zone" situations - [commit ebeb9d7]: Check for Lua 5.3 (Ruben Kerkhof) - [commit d09931d]: Check compiler for relro support instead of linker (Ruben Kerkhof) - [commit c4b0d0c]: Replace PacketHandler with UeberBackend where possible (Christian Hofstaedtler) - [commit 5a85152]: PacketHandler: Share UeberBackend with DNSSECKeeper (Christian Hofstaedtler) - [commit 97bd444]: fix building with GCC 5 Experimental API changes (Christian Hofstaedtler): - [commit ca44706]: API: move shared DomainInfo reader into it's own function - [commit 102602f]: API: allow writing to domains.account field - [commit d82f632]: API: read and expose domain account field - [commit 2b06977]: API: be more strict when parsing record contents - [commit 2f72b7c]: API: Reject unknown types (TYPE0) - [commit d82f632]: API: read and expose domain account field- set $LD for now. this fixes the configure check for relro,now.- remove custom PIE handling. upstream does it for us now.- update to 3.4.2 This is a performance and bugfix update to 3.4.1 and any earlier version. For high traffic setups, including those using DNSSEC, upgrading to 3.4.2 may show tremendous performance increases. A list of changes since 3.4.1 follows. Please see the full clickable changelog at https://doc.powerdns.com/md/changelog/#powerdns-authoritative-server-342 - move man pages to section 1 to follow upstream change- disable botan and geoip on SLE_12 because of missing dependencies.- Fixed broken _localstatedir- fix bashisms in pre script- update to version 3.4.1 Changes since 3.4.0: * commit dcd6524, commit a8750a5, commit 7dc86bf, commit 2fda71f: PowerDNS now polls the security status of a release at startup and periodically. More detail on this feature, and how to turn it off, can be found in Section 2, “Security polling”. * commit 5fe6dc0: API: Replace HTTP Basic auth with static key in custom header (X-API-Key) * commit 4a95ab4: Use transaction for pdnssec increase-serial * commit 6e82a23: Don't empty ordername during pdnssec increase-serial * commit 535f4e3: honor SOA-EDIT while considering "empty IXFR" fallback, fixes ticket 1835. This fixes slaving of signed zones to IXFR-aware slaves like NSD or BIND.- only enable geoip backend on distros newer than 12.3 before the package lacks the pkg-config file and there is no fallback to finding geoip without it.- fix permissions of the home directory- enable some backends that we had forgotten: - pipe (main package) - random (main package) - geoip (new subpackage) - new BR: yaml-cpp-devel and GeoIP-develobs-arm-1 16009535584.1.8-bp151.3.9.24.1.8-bp151.3.9.2zone2ldaplibldapbackend.sodnsdomain2.schemapdns-domaininfo.schemazone2ldap.1.gz/usr/bin//usr/lib64/pdns//usr/share/doc/packages/pdns//usr/share/man/man1/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:13121/openSUSE_Backports_SLE-15-SP1_Update/800bb5e90984cb5e1dd903a4d61773d3-pdns.openSUSE_Backports_SLE-15-SP1_Updatedrpmxz5aarch64-suse-linuxELF 64-bit LSB shared object, ARM aarch64, version 1 (GNU/Linux), dynamically linked, interpreter /lib/ld-, BuildID[sha1]=4c1cdc0f4a2fe9266383cc83c790694cb881c5ca, for GNU/Linux 3.7.0, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=e3eaa3d477f56cb8cac626651bc9dc99fccbb1a2, strippedASCII textUTF-8 Unicode texttroff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)RRR RRRRRRRRRRRRRRR RRPRRR RRRRRRRR R RRRRR Xh̤Iutf-85478d2d4fa800bf577cb4e358a441c17999a421d66a943b7ad2b6be0867dc792? 7zXZ !t/4V]"k%4960E<$#]! L)- 7׊`)~`HQNKZ;#,o ! S607I@3E>ŁAwrOѥ#S5 iR1dCuk[MYB>Ns8KxkwώqA<J}.#7%^k&4F#$QRٲ Fx zuC-)M~Y pCFZ/m6z\XQ (+AFr.є{e!p:K*'(dpZU=x3 xo!opL&L8*p>-h3?Ѫpp&#Lo!)Joca}Q5$%ΒzOz`m/8H4dK 5z-J 0SWt#H^'j޼["v. hȂrTr$;xԁX`ݩ,^Ugtxw_&ndS?5c(fr906xe-H' Zqut[[]0!TJJiÜ& /ۄ6>qx»֬ZB%L˘GRb}NDFUPW9%Wq/$9KAs!'R<[:c'%[5yX,Б.N2yBx.>.ZWFhހ4Rɉ-e, jvG~Ahh ,nŭt&0NJeo-ϓc%PRy#942 F?H81 E@p#vFr\e@n-8XS yʁ[4vmNz3ё@N76azo`ܩˬT-i#4oYJ$  oʆC[%g& 1~$QV#d&qM q:|'K`cvMHDLY{0o9&FJ6nI>Uߡ(r]± /hp{z+*Ik1$vҺV$_vDeJ&]n5A)N I#DݥPhm1VqĶYYEq/|E ]HڙwTfzx$ϖkE.Ib |)%Wÿ4a{:9~ =xq\ކs )hQQz |a5wtFq[sC vݽ)!kW) p GR~cTsTrgvơ@q]$:wr,ciE} y@?< x 7_%bˉzLA :MyǏ j\ŀͲRdG2!8pk{cDM58UБ% ћ+wF WN*2;:mrJCyQtmIڂ)T\[R$gacdo97xN뎮%_J+1ʳ4 :r;tqR/_;y+!X叶pa"`hQv9}/_ݴmĝ(*(ثMH=SDznB_RW)dJd_$nd^kyIˉĖ%$dB[3(fnS4&8"{&v78w~kN림F,z=wd!z=֒Ĺ| N7OtNv=6ƑLjObwPO$&?79oN3r *Bt'5C}A7N~f ȗ$;U.~ t Fl۳ I5(?cHCe%voX.Ǯo)E4984-"ӚؠCfZ nk9۠HL'.vuFfSb6ۂ?\G8˔sՏ\܇W6/޿FVPEi13IHd=ŇH93xZH]c:sKIw7 09!ef&hBw,@̿g*Hy^ $H'SrvWPMGr]}{w}'U2ss+b/u[]O}FمNu`99Ι/&:.u`_f4݉?p\bP</ufi0m:T ֽH'J&1qkOfym(p=ǸZo=UFWm4:G m2_^UX~^,898Z~E 3-.d /~^fYlI\K?V@8?a beFtQcpp@ dz"ΥiPADXPX3"r]lPӓeF0ߑ4Տ#scם>!~2j.*cxDJʍ(.y PTtLu=NAczTc~IZ %U .x 9iOlxgi^; h :.t-eݝNU j9=/:OH̽pq9$7fulU*N`JBItj\ɯrmNL:rfkE_V.$|Tt&0LN8ei(aN,PPǷЉ#5EC\!6h@xmwIpeaF߹{! mY?uۙYhN]v̯WU)D |їvEA|h̜3Kr\-)× 1d3Rm5u_|찣33^&d]#u-w/Ș 4 HUw̟ Co)+I͋f WqT) 7!YLMhZ :^HV/ @}AFmbH1|W! uhH^StrI#X\ }cQziAO'HvdGBQM_)2\$QO3=|YpsBO"RtV{6+At ~iziHd4-2 qSj`3#N+ygU֯8)x=o$6kcEͧWw+HAϤE:6#_p0 B׏]+=vHݘCwl'ļ#ݿ -XIQ10̾ɿ+/K&\CfS<)|2ՄR|-}lAO~̷zء <@QC9RV^? ~8(M%E2XAwnpGݠ&Tӧ0Pczl+zI$ϕ qV=HR)n6 %f呹l[ul=층;m1TtINӞ S)`ZqI/NomlA%Wm&=ᴙAJ!wt2sؤL@I¦OA?LzNnO0B;I{`GUuUl!4kv?疠sG[a'S~Bvd!k#|\+2e[ 2]f֔~x*0}A uQyۋ(^z7У }<72)*>\.6>rTd<pGX?ʎVω _h8QǺ"n~c;`ת!|FCohlocJ!֊Cc ]eSE{,` ~`c}q棸78 Tڹ(ꢍ(1!HAUi~3`%){CXDyJ3aGە:0y~4=]apJLQ> V:kYWE; 94n=+DC %y``DR_Z 7[bjH&Fas\ivB}h˰[qGUm dPgMqį7"Be잟) 'ۧƌ(AYG7woGW8ȕLSD(weS#5\N Hƒ#ZXY Z$]}'j!%CN[xg ^%B[x؊$"I'Cۯ$I9,X o9-j2@)Befe^䷂Chp*,WE񇡞8VtI!"I:pdYҭqE:e ča\Q\ޭYɱUbDFLtRə D;ҩ X5.8Al+'`VWt~kx .Ujʯ ]u_,5KNv7Lvn)\=PtDž8ljs'?G?Zc}Cݓ+i|a01;<$ CaV| zJwQ1IDFX_5qUga}lܿ!ѺUWGJiۭ=8'Qu#++sK`&e1V&YtnIf#òX=5te"-YywI| 3S58ZYdIIKXi`L;8s^4XѥsbwDaGRȥBk?ױz꒢Jq7~uzoEc`*6v Q=^ҟ1ϕ5$w x~47dʵ)c$f+]^Tv~3%0Lu 5$i#76pF_JLq95(KĊIZv) HT@obi~x_dJ 2m7b{3Tj eanϞ["`ўE̱W9ڞ%YCܷ"|N]mݍUӒ\CD2$@ xpT3pKlHjӡvH)Ba j&i22V*e >cH*F[PEqP mҐqӘf"&%ppLr@]ǀqV?,/*qSTѳ퇢86N,+%u*G; Jx:UY& _8F˼ޮu"+d̡R 7@lӿ6&J%ߘ1vg8繲/RY?~ >!w<6؁0*j6@3 ˜xUo6m]~2ֿ́)T B+40{EKƛ`m}*6erW)k bkH%|ơPӠ3(b-7Ҵ2ƠA8͌aQrfBLd.t"p) fGTJ&6Y~X<΃?xS2ෝEUTi`%ȁ.V)x+.VRYӥpC*-tJ\U vT<]^ WoU1Ч&5\- doPhp gJ,>n90!K\'jn =PwדWIgxL dWgcqQ E'suTDm<_ĊutL-=xNNm|lSӼ7ңFW)cMlI޴&-ڜ5eyOqI\ :ضXtjXj(S\r&<#co䷓N)GbRu\ӴzCT h#̌q\ՖE)p]Ł_VV^x+-$dK,Y=VPyhTjEQHJ2::pGg(Q=d1XL5c13 X Ə=UN_$YI<~YtWHNݟ'F t=ǽYӔif^ 3L7M!6Pn"ItSs5WU8.,wj胊`ȦЦS؛ϒUЃVWRǞ᳎+"BgϜؾ|EhFȇ},|k\rRg^RAo ZymWa= X6PIJ(,Xf]WfziRֺ P[ݔ FV3c'"RxcDŽ8IStcbR##Eē "3w<  LBx}V%niq>Waq ye$F5ICzHrMWsԷm։~;_ =1Z2r-$7.PN)ܾXm 0!oQ NdA.]ƑAUlnDHB|*q0Z PMBp*qH`diq ؓMv]W?gjaȤM a~*>/ ^`Go~k#ފ,,!qXI\('+mAopYCEWPc6;&e_Z YMa~|B?0]Dͣa*r@@aWDo~gMP_vj;aȪWgV_i2qx/Yb`-b5-{3:+]qfunؚ9AԣU(7T]V3Ȇ³)&&"u?Q +AX4ДQ-F:p#pLƦ؏Uo2V-HXT`x!:(_ώyJ-{UVs+.tشPJX +bر|E俠0K/nPa/@~Qj؊lWٺQo7bˀK&ժcyฐ}NHql܎N}Z::sEtt1BU}*<0B[!^`/nX:|>#遹чԻgDhXYQz=VJְW}ͪO(^>Dj\wJT!Xyh(sfCJF[C 9֮$h(t,IHe*, _"{UNS"Gts5s_hq;&) /mn[ۤf )ffR16jx]z!?6Ξ-v?X=f|:#YNb?WpMhtVrY5hDp_p@H%L}20Bme \i⦆a7;S44s^1%AK[_Y7*}%Hwxn*Tٴyhl$ci+)۷Y0M"B6gY 0ʹF-ʅj n% SR]UIxb̳~F*̓=%sWqi/T3`|c҃r͘s_tb #͜V.ɿG9}DK+m.\H /B3f\}XhOvY>$BEReR#+:&w Asi#~ܤEƕyTv Uur92PDMi kڟ=-ߥFѠ6b&ݧ~/"q(yii!ќ:! 'ԍ-Öyҫ 9/{#lrN*~E.Ae1v.=fPcZ:],砑 /&#-5;roΟUʷ,5$k"^Ԩ8T.:R B%l"hSJg!^V?kZ<\۰sx7}NXV x#L. sJw̏Ie.fa)TH_QSN\]*56-{Z_#4hZ ~1u~[ ѾgT]J0@$>V<)8%Q.]{,s\)K˖KxmU% tv^p{bWHÒ ;N6 XַKT Es$im6xhtH6Fr ]#IEq/kWbΫ c/|;є@8-2>+`~*+z5_mxV~` P),a^yfH2R TD M b!J1zhƲ zG}X %y/ o%]ۥs^{Eë;0^lo3Z<M-^mw \5ڈ'ʔo1ksenE}9 8'f7r&&pE lxoeΑo>^i bԝPev y7)~Y^f{+I9yk]te%t\WT>3w>w͕G>{SoKʆ/ɢgI#7Neі}n..pFq&Օif5T|d51Aw&#4/8GWɘQ,G:hd|L0c H PƳ#X9\cx AJڦlq`T~$5@ sWc]P>Zf?kh4-:00Wj~TU]4!4n'3 w]},Iq1'ƣx]CN %ʓ$XɬĊNW4>۴AT@{1T9{&))2m۶o+|U2x[桺L6}bl w {> c"`* u<$f&-sݩG4f3Mro]¯`] Fq߂%rU<T FXK3a@DtjrdT IqYQ(f`lֻ=Z0͛qGOX Cd릏lBS{}8Y>5Yb`o<ۢy*4,k螏\:u)dE.Gٔe&aܦy]bdjpsυ l"1FtF\t_,گ*UVh<7km~~ U Y4fc-H d.Id<Q|%'!@<.'C1*u s m!AG |iCŰ/wͶYpyJ.]f6K եN-ubpfS{L/ܣr$E\"8a(Ӂ#zXq@[N\{}DۂDA./j!+QyoM؉NVPqO$irX(#1veZ!oO!a@?u^)iƇLˈgG f~ &ÓnX;嘁RZT2רw+PvYi+>)w'70zw=_Sq$*~RMH?l|F1o |Y;)|_=;Mg {Y%G ^IPֵH#" 5eDQ?"ȗvIWW"wc<#44l`W9iܨ8A$j?3st@,BR"NXBON!jkERf0@\ǎ~L9(>Pbhy"bc-+"*ٞVK 0]:-N(A͑!et\.0 b].%zMPPI>*XT޲b/=\dG}8"m4JFFy8tqy/]!pmJLsޭ[*B1shuulI'xJCXeO'?=闅@Kдy Ŷ2P ) vl_=kQ"Xooyd\!L : ?gBfİ>y׃! ݱ*ɔhTNgM_Ⱥ!7|sSΨGVd[lPn߫oɵmoN.kLÈaIO-1!(c[(7X8_q23PmQBX# A&XLkPH/HM^q1kt<:]Sv[޽=+Oq3i&Dơ]K.o" Da\P|\U-xr (rXQ00(9 p!RrђG$t3V%NdkoN`A&ğHE,9')$^k'`d G^@X|Jwk4YJD$z!.#2\kK-TIk#=i@Yڤ+n_B4t%}#@#V)@^J0&K="ܝ'T D&FG买!|7!YvCKVL~z.?pLD&+èQƈۥ i9,Γ ؾnpӚ5`VU2ŕ?2vU8I1ls Q"Us:z@$5 :Jd_ocov(0 3r\Igō\GThIq41zCH:[{*RwéN)pT^V1B1וs[ k+D:M!l>GtBPMY؇~pv!㓓+=H/Tyjh/_^'{w}w^aX:cM%ri`HPͯw!|79ea 9#_OUlQ1jp=媘CԤ)) #"6Ab5 s,|Yu]"'feIt خ@c0r7d͉{نD~Ui~MxʐaDfjڢY`p9 -?*B ~mr[~bgXU;D+)$/BP]!r6qN<-QQv]sTSv.: k\X ѴkkZ_QqpgQlBAsz24gU&ŷm&? S]Etӕw[~?t,LSG]<(\PQ9s^JY3I ,.bL[bXN5zi<He3k-)mUșT_ȅXF;~mjr9Գ7/l m.XSf@=5}Hy}TC+Oz ֙ܫn>ȱO4~R]Pi擄UAa SW'? C>Ň*.h#3'QDJ:fl602:#'Ci㧕`*՚SKi<$ ߫~P)(j!Jy~zCh(.7(>rx Vj9b1zgIm,ּ#Zȍ41?C@9|˂EORrL`fk|Hn|!y  gd&D|.$UgqRw%U<´ziF54q[[%Sz *W,^4ٞf 3NYsFrȗ#]M(ڪ|{BǙRYNb> xӰDGD<ϔF@,KnݸSi;;2i8ìy_)qW~ SLO(RZXhȐڢwUje̾ 0E1qp|蚢bt1%dɺĺ~(s[8 -E 5:=_ <s2~T0fڹ6 <ծq`5":4ZG(?=Ogs>$bǧcpaFY-.\/#оfU*Ra7n} EFm.Ñ$fgI$֜7M8yyTr, nҀO8RD5I 'D!L9$1 )5r~c](dǩ]̓ұlÃVf"s-_[4[SČ#AYweR/OANx9OӐXÉz6{I>գSXL6R?<BX{nJ؁nD@D`#m ޺$TwZ6 d04?@H6xčL| gˆ"LʌxA9Y396b0O @.V.4b\țH :C?q/v Mz E' S;-%qn86jؐsnА&1Ycm83r HԴI3 ,"߸181g̻itvI<Ў~a7JxI|q|T;BpsSEgaLјZ/RMa~/EfOlW1w7[>K8\\M,lU[4&f <뀼bLei帬$dMpF4`*{%AgX[1]q-*1I5tʅ bC~'YA)4Nk"fPas52RK,m W jTiegE1GF02SԊT<ېȘ;ɝa:XևbW+!Ӻ&rf &ryτNdjȅyuM3F7ZD pK@q"0>y[pc :r7ӽ(`tulp^[AcN"N80Z0Qi[p+H *IHr"Dž+ndHOb͎wcPl Nd!^ѼU٫BrY^Tp W7g=L'G[APh^l絅ܴKgFog$8w[l9:&=x6E>;Z; A$J|X$~CY̯c+Fx' KO ݔBSOȨ~@QST1qL5 H$UH\Y2]I#\L@;"}(·ؾ;_\um]*ϲ4Ȫ~S1`|y_{f_2v.~!6xF{M^L jvNs_q q Fu5W%_T?$J[d68o?[`ppXn$u0bY"A**`8n*t$Q\>7F'u 6(f: I'@:!נ/שKI +^$%=qFj1r-sɏdnc6'q<wp-2h cHU}3oy0{$pS d߲ _YԈJJ^Hfk:tؕ!1ȭƲK.jᓛES$YG/W퍸"Po&sG 4j~\!Ja>hqRTg6JJ7Zu{%nQ,8 0_? r " zKAs;oݎBBѣw{toqZrQ{1i`Ѓ垘n[&O7J "2WHGm0 (!lSпˎyw(eܫCLձEtdhqߌA(Zct9\!UF,4v?꺌h puAnm aBoZb?,ғoqDN˕Z'!_ZNMh(.rv K"Cv"k1!~an}Kb3LP/ eS#z {be׉%ܲ bݙDi :{1 >yMig-6K]:9"0!p/Hm)I 儁;_'DvF,ljkigJioم2.ּ[4p/7ųr#zo =^n#'\դ M"^*11nvO-Xoݸ2wŵ` *90شJPA+Nuۑjwgy;Q0sCp4iԌHK6ua{#O{N~ĴKʃZ5|Khc"҂TV4qǩ޶.gxt k9LcXphm2ޒnn:R3w6f8Ͳ8J@LP AŬ: YZ