nss-3.19.1-19.el7_2$>qb"qGl>>?մd   0hl k\         G   S;;c;(8090:W0>m@uGŀHIX,SYxS\]D^"bid8e=f@lBtXuʤv wxxyէհCnss3.19.119.el7_2Network Security ServicesNetwork Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards.Vworker1.bsys.centos.org%,CentOSMPLv2.0CentOS BuildSystem System Environment/Librarieshttp://www.mozilla.org/projects/security/pki/nss/linuxi686# If we upgrade, and the shared filename is a regular file, then we must # remove it, before we can install the alternatives symbolic link. if [ $1 -gt 1 ] ; then # when upgrading or downgrading if ! test -L /usr/lib/libnssckbi.so; then rm -f /usr/lib/libnssckbi.so fi fi # Install the symbolic link # FYI: Certain other packages use alternatives --set to enforce that the first # installed package is preferred. We don't do that. Highest priority wins. /usr/sbin/update-alternatives --install /usr/lib/libnssckbi.so \ libnssckbi.so /usr/lib/nss/libnssckbi.so 10 /sbin/ldconfigif [ $1 -eq 0 ] ; then # package removal /usr/sbin/update-alternatives --remove libnssckbi.so /usr/lib/nss/libnssckbi.so else # upgrade or downgrade # If the new installed package uses a regular file (not a symblic link), # then cleanup the alternatives link. if ! test -L /usr/lib/libnssckbi.so; then /usr/sbin/update-alternatives --remove libnssckbi.so /usr/lib/nss/libnssckbi.so fi fi /sbin/ldconfig$@,@ih`TR=A큤큤큤VVrVrVsVtV^VuVVVVVVVVVVVVe45105a21696a26c834cfaa3f664c42426c99546094e22fbe3a5e1dd3fbc1f336bda6ce59a46dea427681cc8a76295e34c7c2f17f4a2f265b39cfe258ab65ded6115cab6d646a05dd6b63e21c488da6bc36975f6e5ad8d6371c30a166c41cddca2fa0ba8e20d1aee355a0f45266eb3e53fb5720ace9fe4c9bcc964f6d4fdf87dc56e10dfe5ea38b882421ef0c8c2ad445274c6a4db1dc1a9a6dcdc930d2a98483790a5404f6b7edb652544eb75bfaa8f1c515f41ef14369248151d7c52cd249edbadc94c2c771fc351fb0a01bc464a194c6a5c0f68db9a0cc7924468c22604fae3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b85521839d2290d0f25ae4006ca2aee7e422707afa69eb171f72a4f7fe290cd19bc5d75c57ce9f1f9b46aafbf29851daa0a9faa85839d027dafb899e542124560ab7ba8c6cc4a7a3070842306df3384896d6ba017a382554ce9cadc97eb558a610dcf2041d64f03e8fd1a60e377b8da1b77aa4ef0d81a0723491e4348a6dc042f6b1b98fc79911e72d8fc665534adb26b13b30e2c226b0d8d26d55cab244364f98f6c4e3ae98e5a8977a5e582593cd32022cca907819f11bade639f1fe71e53cb523d9974930c2266b49c745b379bb46238e2250f72b74f2392ebfba461306623403663e3ae2deaaaee8ae47e272a18dd7d27b59019117f85910ddda1866916ca72732f0a37c4b14339bf5cf020fd54839c2e835282ad2bc3e1e07a4c0ab417d36effa8501f681f995a990c98a4812a7173af66b9aa9f8096174280ea59c762d9ac1@rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootnss-3.19.1-19.el7_2.src.rpmconfig(nss)libnss3.solibnss3.so(NSS_3.10)libnss3.so(NSS_3.10.2)libnss3.so(NSS_3.11)libnss3.so(NSS_3.11.1)libnss3.so(NSS_3.11.2)libnss3.so(NSS_3.11.7)libnss3.so(NSS_3.11.9)libnss3.so(NSS_3.12)libnss3.so(NSS_3.12.1)libnss3.so(NSS_3.12.10)libnss3.so(NSS_3.12.3)libnss3.so(NSS_3.12.4)libnss3.so(NSS_3.12.5)libnss3.so(NSS_3.12.6)libnss3.so(NSS_3.12.7)libnss3.so(NSS_3.12.9)libnss3.so(NSS_3.13)libnss3.so(NSS_3.13.2)libnss3.so(NSS_3.14)libnss3.so(NSS_3.14.1)libnss3.so(NSS_3.14.3)libnss3.so(NSS_3.15)libnss3.so(NSS_3.15.4)libnss3.so(NSS_3.16.1)libnss3.so(NSS_3.16.2)libnss3.so(NSS_3.18)libnss3.so(NSS_3.19)libnss3.so(NSS_3.19.1)libnss3.so(NSS_3.2)libnss3.so(NSS_3.2.1)libnss3.so(NSS_3.3)libnss3.so(NSS_3.3.1)libnss3.so(NSS_3.4)libnss3.so(NSS_3.5)libnss3.so(NSS_3.6)libnss3.so(NSS_3.7)libnss3.so(NSS_3.7.1)libnss3.so(NSS_3.8)libnss3.so(NSS_3.9)libnss3.so(NSS_3.9.2)libnss3.so(NSS_3.9.3)libnssckbi.solibnssckbi.so(NSS_3.1)libnsspem.solibnsspem.so(NSS_3.1)libsmime3.solibsmime3.so(NSS_3.10)libsmime3.so(NSS_3.12.10)libsmime3.so(NSS_3.12.2)libsmime3.so(NSS_3.13)libsmime3.so(NSS_3.15)libsmime3.so(NSS_3.16)libsmime3.so(NSS_3.18)libsmime3.so(NSS_3.2)libsmime3.so(NSS_3.2.1)libsmime3.so(NSS_3.3)libsmime3.so(NSS_3.4)libsmime3.so(NSS_3.4.1)libsmime3.so(NSS_3.6)libsmime3.so(NSS_3.7)libsmime3.so(NSS_3.7.2)libsmime3.so(NSS_3.8)libsmime3.so(NSS_3.9)libsmime3.so(NSS_3.9.3)libssl3.solibssl3.so(NSS_3.11.4)libssl3.so(NSS_3.11.8)libssl3.so(NSS_3.12.10)libssl3.so(NSS_3.12.6)libssl3.so(NSS_3.13)libssl3.so(NSS_3.13.2)libssl3.so(NSS_3.14)libssl3.so(NSS_3.15)libssl3.so(NSS_3.15.4)libssl3.so(NSS_3.2)libssl3.so(NSS_3.2.1)libssl3.so(NSS_3.20)libssl3.so(NSS_3.4)libssl3.so(NSS_3.7.4)nssnss(x86-32) @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@    @ /bin/sh/bin/sh/bin/sh/usr/sbin/update-alternatives/usr/sbin/update-alternativesconfig(nss)libc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.3)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.4)libdl.so.2libfreebl3.solibnspr4.solibnss3.solibnss3.so(NSS_3.10)libnss3.so(NSS_3.11)libnss3.so(NSS_3.11.1)libnss3.so(NSS_3.11.2)libnss3.so(NSS_3.12)libnss3.so(NSS_3.12.6)libnss3.so(NSS_3.14)libnss3.so(NSS_3.14.3)libnss3.so(NSS_3.15)libnss3.so(NSS_3.19.1)libnss3.so(NSS_3.2)libnss3.so(NSS_3.3)libnss3.so(NSS_3.3.1)libnss3.so(NSS_3.4)libnss3.so(NSS_3.6)libnss3.so(NSS_3.7)libnss3.so(NSS_3.8)libnss3.so(NSS_3.9)libnssdbm3.solibnssutil3.solibnssutil3.so(NSSUTIL_3.12)libnssutil3.so(NSSUTIL_3.12.3)libnssutil3.so(NSSUTIL_3.12.5)libnssutil3.so(NSSUTIL_3.13)libnssutil3.so(NSSUTIL_3.14)libnssutil3.so(NSSUTIL_3.15)libnssutil3.so(NSSUTIL_3.17.1)libplc4.solibplds4.solibpthread.so.0libpthread.so.0(GLIBC_2.0)libsoftokn3.solibz.so.1nsprnss-softokn(x86-32)nss-system-initnss-utilrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rtld(GNU_HASH)rpmlib(PayloadIsXz)3.19.1-19.el7_24.10.83.16.2.3-133.19.13.0.4-14.6.0-14.0-15.2-14.11.3VpV'~@U6@U6@UAU@UUUݪ@UUȒ@UU@U'U3@UUx&Ux&Uq@U?v@U8U0U-@U'@U:TTq@TTto@Td@T)IS@S@Sہ@S@SnS@RJ@RRUR۾@R۾@R@R@Rx@RΏ@RkR@R;RiR@Rz/@Rv:Rt@RrF@Ro@Ro@RnQRe@RW@RSR@QQQ@QKQ@QQW@Q'@Qq1QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.19.1-19Kai Engert - 3.19.1-18Elio Maldonado - 3.19.1-17Elio Maldonado - 3.19.1-16Elio Maldonado - 3.19.1-15Elio Maldonado - 3.19.1-14Elio Maldonado - 3.19.1-13Elio Maldonado - 3.19.1-12Elio Maldonado - 3.19.1-11Elio Maldonado - 3.19.1-10Elio Maldonado - 3.19.1-9Elio Maldonado - 3.19.1-8Elio Maldonado - 3.19.1-7Elio Maldonado - 3.19.1-6Kai Engert - 3.19.1-5Elio Maldonado - 3.19.1-4Elio Maldonado - 3.19.1-3Elio Maldonado - 3.19.1-2Elio Maldonado - 3.19.1-1Kai Engert - 3.18.0-6Kai Engert - 3.18.0-5Elio Maldonado - 3.18.0-4Elio Maldonado - 3.18.0-3Elio Maldonado - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.16.2.3-5Elio Maldonado - 3.16.2.3-4Elio Maldonado - 3.16.2.3-3Elio Maldonado - 3.16.2.3-2Elio Maldonado - 3.16.2-10Elio Maldonado - 3.16.2-9Elio Maldonado - 3.16.2-4Elio Maldonado 3.16.2-3Elio Maldonado - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.15.4-6Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Daniel Mach - 3.15.4-2Elio Maldonado - 3.15.3-9Elio Maldonado - 3.15.3-8Elio Maldonado - 3.15.3-7Elio Maldonado - 3.15.3-6Elio Maldonado - 3.15.3-5Elio Maldonado - 3.15.3-4Daniel Mach - 3.15.3-3Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-10Elio Maldonado - 3.15.2-9Elio Maldonado - 3.15.2-8Elio Maldonado - 3.15.2-7Elio Maldonado - 3.15.2-6Elio Maldonado - 3.15.2-5Elio Maldonado - 3.15.2-4Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15-6Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.14.3-13.0Kai Engert - 3.14.3-12.0Kai Engert - 3.14.3-11Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- Prevent TLS 1.2 Transcript Collision attacks against MD5 in key exchange protocol - Resolves: Bug 1289883- Rebuild against updated NSPR- Change the required_softokn_build_version back to -13 - Ensure we use nss-softokn-3.16.2.3-13.el7_1- Fix check for public key size of DSA certificates - Use size of prime P not the size of dsa.publicValue- Reorder the cipher suites and enable two more by default- Update the required_softokn_build_version to -14 - Add references to bugs filed upstream for new patches - Merge ocsp stapling and sslauth sni tests patches into one- Reorder the cipher suites and enable two more by default - Fix some of the ssauth sni and ocsp stapling tests- Support TLS > 1.0 by support while still allowing to connect to SSL3 only servers - Enable ECDSA cipher suites by default, a subset of the ones requested- Support TLS > 1.0 by support while still allowing to connect to SSL3 only servers- Fix to correctly report integrity mechanism for TLS_RSA_WITH_AES_256_GCM_SHA384- Fix checks to skip ssl2/export cipher suites tests to not skip needed tests - Fix libssl ssl2/export disabling patch to handle NULL cipher cases - Enable additional cipher suites by default- Add links to filed upstream bugs to better track patches in spec file- Package listsuites as part of the unsupported tools- Bump the release tag- Incremental patches to fix SSL/TLS test suite execution, fix the earlier SHA384 patch, and inform clients to use SHA384 with certificate_verify if required by NSS.- Add support for sha384 tls cipher suites - Add support for server-side hde key exchange - Add support for DSS+SHA256 ciphersuites- Reenable a patch that had been mistakenly disabled- Build against nss-softokn-3.16.2.3-9- Rebase to nss-3.19.1 - Resolves: Bug 1228913 - Rebase to nss-3.19.1 for CVE-2015-4000 [RHEL-7.1]- Backport mozbz#1155922 to support SHA512 signatures with TLS 1.2- Update to CKBI 2.4 from NSS 3.18.1 (the only change in NSS 3.18.1)- Update and reeneable nss-646045.patch on account of the rebase - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Fix shell syntax error on nss/tests/all.sh - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Replace expired PayPal test certificate that breaks the build - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Reverse the sense of a test in patch to fix pk12util segfault - Resolves: Bug 1174527 - Segfault in pk12util when using -l option with certain .p12 files- Fix race condition - Resolves: Bug 1094468 - 389-ds-base server reported crash in stan_GetCERTCertificate - under the replication replay failure condition- Resolves: Bug 1174527 - Segfault in pk12util when using -l option with certain .p12 files- Restore patch for certutil man page - supply missing options descriptions - Resolves: Bug 1158161 - Upgrade to NSS 3.16.2.3 for Firefox 31.3- Resolves: Bug 1158161 - Upgrade to NSS 3.16.2.3 for Firefox 31.3 - Support TLS_FALLBACK_SCSV in tstclnt and ssltap- Resolves: Bug 1145434 - CVE-2014-1568 - Using a release number higher than on rhel-7.0 branch- Fix crash in stan_GetCERTCertificate - Resolves: Bug 1094468- Generic 32/64 bit platform detection (fix ppc64le build) - Resolves: Bug 1125619 - nss fails to build on arch: ppc64le (missing dependencies) - Fix contributed by Peter Robinson - Fix libssl and test patches that disable ssl2 support - Resolves: Bug 1123435 - Replace expired PayPal test certificate with current one- Rebase to nss-3.16.2 - Resolves: Bug 1103252 - Rebase RHEL 7.1 to at least NSS 3.16.1 (FF 31) - Fix test failure detection in the %check section - Move removal of unwanted source directories to the end of the %prep section - Update various patches on account of the rebase - Remove unused patches rendered obsolete by the rebase- Disallow disabling the internal module - Resolves: Bug 1056036 - nss segfaults with opencryptoki module- Pick up a fix from rhel-6 and fix an rpm conflict - Don't hold issuer cert handles in crl cache - Resolves: Bug 1034409 - deadlock in trust domain and object lock - Move nss shared db files to the main package - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Update pem sources to latest from nss-pem upstream - Pick up pem module fixes verified on RHEL and applied upstream - Remove no loger needed pem patches on acccount on this update - Add comments documenting the iquote.patch - Resolves: Bug 1054457 - CVE-2013-1740- Remove spurious man5 wildcard entry as all manpages are listed by name - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Mass rebuild 2014-01-24- Rebase to nss-3.15.4 - Resolves: Bug 1054457 - CVE-2013-1740 nss: false start PR_Recv information disclosure security issue - Remove no longer needed patches for manpages that were applied upstream - Remove no longer needed patch to disable ocsp stapling tests - Update iquote.patch on account of upstream changes - Update and rename patch to pem/rsawrapr.c on account of upstream changes - Use the pristine upstream sources for nss without repackaging - Avoid unneeded manual step which may introduce errors- Fix the spec file to apply the nss ecc list patch for bug 752980 - Resolves: Bug 752980 - Support ECDSA algorithm in the nss package via puggable ecc- Move several nss-sysinit manpages tar archives to the %files - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Fix a coverity scan compile time warning for the pem module - Resolves: Bug 1002271 - NSS pem module should not require unique base file names- Resolves: Bug 1002271 - NSS pem module should not require unique base file names- Improve pluggable ECC support for ECDSA - Resolves: Bug 752980 - [7.0 FEAT] Support ECDSA algorithm in the nss package- Mass rebuild 2013-12-27- Revoke trust in one mis-issued anssi certificate - Resolves: Bug 1040284 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) [rhel-7.0]- Update to NSS_3_15_3_RTM - Resolves: Bug 1031463 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741- Fix path to script and remove -- from some options in nss-sysinit man page - Resolves: rhbz#982723 - man page of nss-sysinit worong path and other flaws- Fix certutil man page options names to be consistent with help - Resolves: rhbz#948495 - man page scan results for nss - Remove incorrect count argument in status description in nss-sysinit man page - Resolves: rhbz#982723 - man page of nss-sysinit incorrect option descriptions- Fix patch for disabling ssl2 in ssl to correctly set error code - Fix syntax error reported in the build.log even tough it succeeds - Add patch top ignore setpolicy result - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites - Resolves: rhbz#1026677 - Attempt to run ipa-client-install fails- Fix bash syntax error in patch for disabling ssl2 tests - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Fix errors in ssl disabling patches for both library and tests - Add s390x to the multilib_arches definition used for alt_ckbi - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Fix errors in nss-sysinit manpage options descriptions - Resolves: rhbz#982723- Enable fips when system is in fips mode - Resolves: rhbz#852023 - FIPS mode detection does not work- Remove unused and obsoleted patches - Related: rhbz#1012656- Add description of the certutil's --email option to it's manpage - Resolves: rhbz#Bug 948495 - Man page scan results for nss- Rebase to nss-3.15.2 - Resolves: rhbz#1012656 - pick up NSS 3.15.2 to fix CVE-2013-1739 and disable MD5 in OCSP/CRL- Install symlink to nss-sysinit.sh without the .sh suffix - Resolves: rhbz#982723 - nss-sysinit man page has wrong path for the script- Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Add upstream bug URL for a patch subitted upstream and remove obsolete script- Update to NSS_3_15_1_RTM - Apply various fixes to the man pages and add new ones - Enable the iquote.patch to access newly introduced types - Add man page for pkcs11.txt configuration file and cert and key databases - Add missing option descriptions for {cert|cms|crl}util - Resolves: rhbz#948495 - Man page scan results for nss - Resolves: rhbz#982723 - Fix path to script in man page for nss-sysinit- Use the unstripped source tar ball- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Reactivate nss-ssl-cbc-random-iv-off-by-default.patch- Add upstream patch to fix rhbz#872761- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build/bin/sh/bin/sh 3.19.1-19.el7_23.19.1-19.el7_23.19.1-19.el7_2nssdbcert8.dbcert9.dbkey3.dbkey4.dbpkcs11.txtsecmod.dblibnss3.solibnssckbi.solibnsspem.solibsmime3.solibssl3.solibnssckbi.socert8.db.5.gzcert9.db.5.gzkey3.db.5.gzkey4.db.5.gzpkcs11.txt.5.gzsecmod.db.5.gz/etc/pki//etc/pki/nssdb//usr/lib//usr/lib/nss//usr/share/man/man5/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m32 -march=x86-64 -mtune=generic -mfpmath=sse -fasynchronous-unwind-tablesdrpmxz2i686-redhat-linux-gnu directoryBerkeley DB 1.85 (Hash, version 2, native byte-order)ASCII textELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=f22e94652c9b5e6d53656f26bd73125916ab016d, strippedemptyELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=46751698342ac4b535a10bb9069713aa154455d6, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=7e36a18fcbdeb5fcb4ee7d636258ab5101aafd4d, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=2bedca426d0bf95a66ed61a854ab22c3b9c7ee7e, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=55136a597ee11ae4e446f506ce7539a6f3078a4f, strippedtroff or preprocessor input, ASCII text (gzip compressed data, from Unix, max compression)>Q}>,2 PPP P!P"P#P$P%P&P'P(P)P*PPPPPPPP P P P PPPPP PPPPPPPPPPPPPR R R R RRR'R&R(R+R)R%R$R,R-RR.R RR9P.P-R%R R R RR R,R-RR$RR0R.R RR#R9P7P8P9P:P;PP?P@PAP0P2P1P3P4P5P6P/R R RR%RRR RRRR!R"RRRRRR$R,R-RR.R RR9PLPMPOPPPCPDPFPEPGPHPIPJPKPNPBR/R'R*R%RR R R RRRRRRRR!RRR"RRRRRRRR$R,R-RR.R RR1R9P,P+R R RR,R-RR.R RR9# An earlier version of this package had an incorrect %postun script (3.14.3-9). # (The incorrect %postun always called "update-alternatives --remove", # because it incorrectly assumed that test -f returns false for symbolic links.) # The only possible remedy to fix the mistake that "always removes on upgrade" # made by the older %postun script, is to repair it in %posttrans of the new package. # Strategy: # %posttrans is never called when uninstalling. # %posttrans is only called when installing or upgrading a package. # Because %posttrans is the very last action of a package install, # %{_libdir}/libnssckbi.so must exist. # If it does not, it's the result of the incorrect removal from a broken %postun. # In this case, we repeat installation of the alternatives link. if ! test -e /usr/lib/libnssckbi.so; then /usr/sbin/update-alternatives --install /usr/lib/libnssckbi.so \ libnssckbi.so /usr/lib/nss/libnssckbi.so 10 fi/bin/sh? 7zXZ !PH6]"k%QÍv4t R1'#httDžk?V7֭JldmaOmX~ӕ>ؘkѳȣ 00z]lXdI?4*MMO^VsQ$tTq fBQ^OaEZ>CM uuN<䇄]1Fh tsSZG_RQHޫiw[->e76oA~|M9Q,q?#Qid*eçYk/OE:GIKYuoF]vNr7|GЪVvrW+p\ -5if_R$OwID| gwZtb"RNJ ZAf7[BF3 +@"9n_ܤ9^q.('%,h/#kGI=C tk}@|CndQ:{  ųFVb,h(~&mb0XQ`+8r&ܥmy M!w7.@b u\7I%n =C:Ju_Ώ7H5e#c{& ިH]YHztU;ᑐI$Up^|@ &0.Jk9w}d%LB« hh(ʐjqL[$7_F|_4D3J Œ KѬHgb&fԎ}{YOf}p8 En3]O^AI7RىO~8d3Ԃht xc!$ 4S Oh` 쇼=MRl4s;df D^_'&es"v?:A՛kS̥塦h6Һ+ˉ1PWc0.b`4 C }&gĝ0W%.|xt^̝^{ U$H(0@#o,Z&3:Ck1R)ѐx܆|S 8x@+Q*gR^  ;9{1uyf[e=@7/X_Bl~]FRw%CN/vKΪ:D;Hο&@ L=d)##F)(;⌊W(pmrҞԘ_HlP 4/*1"娀r7цVTBGyZύ=$^ig+0 pjK5ÆgT`w3goEZ&+:zw2EmآL xxc̛TҾ*B,GDϏ/@ "YmJӗAhY|duoWuc 1m(jcZ*`:VF 7@/iQ 烶[N߼RhfQ q҉#(\ Ӛ);"~h-nVYa}*7BJ\6'A]Xw~@ ;Z3hFB=n=/e׀5+yD`maɘ vlhsM PQwz)F +n2hzČ=_BCLbhqlIwֆ $b uゥ(hJ؀P<-I d9HO]O!#qQkTf< J1_=g5䰲46*o?yXvEc||3X =rWRlA;W?D{%a+O}37DNmP. ;T(e/sPwv.4L;%ΐqS:BLq#mtj?d,")rf)Opk۰W9#e}LqoZQ/lU 6L #[SQN(2&"#F~Mo:ei@P&Œ|>Jv  BZX.D;?a:hӡp3%e4 0Yx6X-n$ȁA?ps;hNTV:TB$0({>UKbUD7I{$0{bObVXg{$rgp h*tz\'Tjeꃧ{ 5n,-5#F?ix} 񄅘:U:J>rgx R&E1iբ9-{9z7x m\G" <]KfƝ+ BŐ V0tf sV|ْ*99.cI;Cn-O򚐳 ǚ6%peLLT.Xn։nh<^: ^jQ۱迬ݿ EJ*n3u_3`ِ6ba L#ͣ'e<2JoCpfށ՞ G!Un3eON)k*vH!g7'O|eDw#DK~:ZQuF=sa󰊒;h\Vڼ+z1hC9HM= *?͜%`~PM;D3S ;Q! /aGL]mvp<>1 w߁(o_D.E.ȴYLTM*qawbmtU>K; 9giqp^nGE1x6?i6c8&VA`^,슃ƭ(,ZXK'a(ì m\2%ۍ,`YiC?o_coݱVc0L\+\LC®rd6aUs v׈PZ!RBTSa;<)l2+IJuE;Cj,)`Iۘ(ep}9 ߇.,,E9hijYk7 y#G48N G>+;jtҾ'i rhXiF.zB51@Q_,- ̴F&;9+`yTW=~[(q#1Gz]DZaS_5 X$4AP?܇aKORmP6Ll36 vi @CNk2H8evƈ%#N4׃y |r,{N;_G)2#U8pX.Awq~z,= 3c#W\;T=(읳eTyt7퇕ahы]&8gRfynAT;y3 RE+Xռ[Sth9͕mIQx]-%(zlJ,J8UqtoJ>Cͱ5D}_$qc?lA0!JDz;D,dzj(#X6.RKo ,! OC9TNi<0$'!v iXGC Won\VXdF>"zҒr- t^ nL3?F(^>2zoE .ذ/k]ԉ{9t4bթͰũ-h$#6P<@WU p[2!Ҩςϥrn ׾nE,C"u+h!NlP9/̐5^x+\8882bhI2$+Rú󥜪BЇlh_MYXN·JWݿfq\.A+?/-`l0&+09[Gɜ/9To\:Q Q~zH\5S|d'YVzYNnf@f(&mƋZLY:1U&V)^AW@wVϸ[H2 P(Jp@5ԲpвJpFWUpV> ~V,#,`Mp 1rX 25TI~ r7?Yi8pm<Bba $ R+$: ѕعo{zzCK@MX?,Qά)Δ𒝨c!IoL%*p 0Щ˞V0HET]`HB|J+%*y:\#`;#{Yp Z+{Fz>²%sJ\jʏZ'Iޢ"bUeSPg@"Yʶ4dK9A4"#_bA!N}3*N_́-4sn}iM5:"\lyTtWfv8 ju>( =;J[ڏDJ|),?1TyaR=|74f& ld/Kd]']M#͒opwI"b,;m.z%NVb 7̿Ƶi壼Z2)n @png6lM2͹d6Ezvlx% =v;u0>ӄG> /aQgOJԅ-{h.{XŌQ9t/)qýPwm$Ot>g[N%6k'Ir,F%}txMbS.=1# ~+x,@Ez**$_"T?{Wqfh{wieYX5[Aׁe̖ ߠq 3rYƫhzj>-a 9/"%:,= 0kyO@R ^?G7q(Ag nvSD,Yڇ.Ӿ%EF)T!*B VHriԤHE%/z3+yh4)ˆ2GXWt8eLy,옞36ϡ/{p~ }^Z: !^aMO2 5.0'8m( r{Wbj -/Mw)׌Ծ2M6Hs%*.$%0GsL˽p:wAuy,u:U , yi(ꮩC}i%rAr51Ụ .\4e)!)8nG|gg?goɦN\G '"3X!Yeɵ1& 옸7oWu\4 [9!`ٟ::X,& zK7 &0=BƂ{yVg-wS8+&t~|c&/1"k:gUh<9-M֞쯊{dw _P1pٯ/;#YeAD!{2BM*ۧ7hUdߖ59Ōpm.o\AJH>cX)=9xwȷ-0x07OEVnԬ뻹>O !h{;kz.s12nD>,C=lmm|G) o7ʇ:"9].?Hτ5Ddf)zs j#P0O[QUmr{RhKly1@u4G]) S$0קa`S3@C167/~f{l]MRƎp`FэHQL+ogHZb5ySz`{ ̳w9&- #@.O JF)_^C)YV LDTᰂ>N~=$J, =[6;!'fJLr3r?x\r2ʤ B ߇ n&|DmNMp9I總-gc& } sC+,mbwЅ *GvV+~U⬩C_0ƞ x*a_[ _!_{Kgscݺ19S[=2U uh&_ktO4GjUXyae` 90K-O5{3uȥR˙5Vd%Rm|1?؊Btslj>? ȮCN=Ӽ3zc}MgisfHI2X+Ia&lZo)hQ?$w^[OjՇ#3Wۚ&C.=u0"6kDQ 9e+M',z.cudsWoEVvN(1Z>!)1Ma@ϫjwNǴ~#2SvB,#lJR8 PtZ3="Dц'iPhrIXѦQ+:@bE6K_zy#kFĢ|ƈ] A}U(>~3?¾pĬ{ou|oʖ>Y?%A鴳. s(2e3/ImI9]Jk(@hM.saBUn$@t$tge(n&&/*D .I_`ы=>u )u@ySɈRKIP*U=&#,#1) \yU,A[cS1761‚biꓰc2evrjG(AS1Es:'Z}Q\۔uU1EvY/Uy<ur֐"|sl1)#Әsk,EM3?s&KpƈH Q*Kê ؈ (/* K=T*or6ﲅNTng2Xvums7k`DLdK`y. N,y }j፯-?|>m7\nC4Mnyz$UERG_qS(XgpƊu^ȺN)d9 0Qܐ띊gjkViBYjnĢ&(ȑ}wp%`wyG}6.SI} qU:|t0D[B@(6/+ lŽ$ < ҢIgkeIhv (i͐GQ]LYgjM{f<%-6zm![&y|u}rL*8hѬmYDן/[+er>?&!У\c6`AmMzW^̸$|oj"1c*/`U[//-į0̥̺Ӊ1|0\LȲ AGJߣlk(-ZNNēM9̞Šx1y%%@BT 5fAoI!bxݜYOCsZʠA=m ٱޒWs0čvh%cz ?MOۡI N4. {ԑq43=>s)]Q~gX<^eLnDhsOkkV:%=>î-s8FY3EI38\SaEvnVQ/H?k0=ZWL]}wf-_FS%TߒVdڕgkc&EԚ&xoJ`#q.˔0;d):_ W!j^˓vSbtEA;EL1j\,vp@_5vRTY$,;Z)umt.ZaOGnrc=}pۭ>ȕڌ{n 5.hx 3.gfҧY1܍}= ?T"J6i H#YX&j!ȸĶ{y &X}LBaϘ3OGxSD/=~-mt ꌸm3Kﻘ'. SbEDW_!Rzm4VzZZ2d-eOVZ4sQ ss{IWץEQ4ErQw[mɯE3Њ?\RޟfO+:o C)_Ls>5MAT.x?n0vhbVX-hvt٬dA_b3Nc KFPpvg!UɂzpjR.;,ZͿ,UFuN("Xo &3)uW 3{mHGP0Yh2KD2ύ#֘if2QȌ'bs9Ga h %~t@E8*P:ڪ,RSnlhEX߁Ny((55[{ZN4_%K;l*sT;V>)?cB7L) VF)9P/' kK="ڒyvjvѕ$}Zc~3[:MqKL DlۙG͞Ybbɗ,X3CӯCFu3}l&LxtNp-9[iwC|>TI}Dt#t,@ZijQWAd43U̙#a]4gVtپPڽ6 wF>_R}H+wdʹ$ḽHGjs|(x  G/~LƼleȪV Ä6+@hSV$1G()w) !ߖ:K&*U4lc׬9t杛}f®wQYl~uob[.J 1 =ǂ8rJ)gibP+)t#oLNOqNL6k\)IA1 B3?8hC$F dTu}؞fzZDRdmB5{sR.Q)0E-lɎu}PDpB-#6›ey3+lfϧ,x!(a 1W<mLلPnpkS 7ք.}:xM?B U:,Ųec jh.=Gc?N5D[FEg?[}kNrlkrN! &6!KbE"%a+! en 1r3`ooO]ʋHBhAb]}m?޽7v[ҋ>+E.ū~ϳ:L _e f, e"ɋB`N0P?"%>a :ܙn+ӏ)x7: M޴k~7əф;7fcojW}(\`6.!mk2uAYR)%ۍK0aHDԱ,z<=L˅!tQ|~ΞayHhpD7ǿ"E()@"5kffعݡaJb!M(CjJEC#p͙N˵ 1);(PL`,|~^B(! ]DW1!yn$waoIDNI2ݙ >j2L)ˁmp,Kpn?ir-a1u6 "|L~r4*=}/*+I/jr%Qݣ~NI@<SMH)DnYΓϡqKTǁDDސzDUf>]ңs;os~D?眢so d0g7;]R7 DUNtgNsv?mo!ۯB7R\wI#>I[}hasZsa]B!I.ש#_#q}E@+p0/MBWQ*ֲY$ȗ)"2ڎ[Q7 [95N5otYALXC|eܦ1sP9#E3yN_%#~*dCR<bȒ+C??]iyЬ#iW@kV@`C8aMx$;-oR~vlt|[X8\]`$ !/sfy KV0ly](Ɛ+EQejg f'FlLiQr!?S^`r`$D Mg˶& S g[ZuWuy[|<, ؼ @!P4Uavԛnj;-Pq<{lh62<)p6 \WqGF4ynA[Y%l(qҍ8g>m>e^<.hqC< n~<=&:8:I;ʱJt_Kȫ~͉ H74WBpWh j89b]yljrQlQPe^,G>\t mx0}ƱA"wOT< CϚ`WㅢF\uibE7Qug;WD.*-Fտ#͍4>o3s}`bgt|$ | 0 C (M %'탣}hcX2&X$c^ܔVyT~TT54l`@ ;=lJtfbihp%R1! nz0t. Իx&eLk*8i?3? ai?!Ti܇*Tk○B]MĐQƟu28zfwvBn#cf;rwRb%{ fyibo 1Yڍ%!...n'/XP(_Ӿ',RՌNv lX;3c;ŎO%?ePW1845a(L;3%eKxqR!-W|hU݊z1sv;'nM-jӺ`8i]eoe;v+>hskmntB\ͩWZV` kz~gE7G-#TQO4 HLJxe3 `nZ>`m,xt|ODF؆ŲoqXxKKWNbmig䀶:U5NnseRZ8}/:RP~D8FXZi˾V<&b,[epejJ72 <U{>t}%9sODk;Vr,j6VA|FqעCQ+@ui)>dYHdjp g8fvnUL|4ՂtP4 HW8>e;~bmJui%ĥu{领~;۾I䍳^1-'l3\5Uh$w+ b0$.$rvͼQf bZܕ%)i7$R$ݺCr M4#㋼KZr tҹ!c4ӶΩڋ˛2!5syd;/mbƦs* 54"kh n6*θYjANfM@U#rPfAJ@kݫ"!1*a GeQ&g\8 (5]hPWii)Q$]؂0HpRh S捌r>Vt\:-9NJN&uƷ$ۘ>)<JjVM^(LV<].>j4k5Ud_]3؄#[q *To/kxഎ̧⭂%a =VP;|$/X3stڊ{)1nN6YyP ޢdO 3vX ΛCLWLp/=B0dwSNd-;xl\ؖwF]DmU6rۇ:PlcG{H0FĠ:Y`ZU/0smOPIp+ef]>疠BD?ooaxH*]Is[^lgER80o]*Ô19⺛ʁ%}d)9QC!&dr=`v`S albezsD}LGm͔hUt1DsY'G~:b"I 0P•{XdrW>P`TDq4(mOg]yC$=Q/O>aF"将9mj㼩W5!m P.{+cӈufYJD^O"  !:W{#>ySS1VJ˅-]M *̧pj+'43aFS2 #)m]60}w '"%0ޛb}nEꋒ`Z \Bk˒dПkI[1#k'ݺ[FT*B~G:^B`:,BIkO#ndf_iqa^Bn `%P{p>F$!bxHSCT}srrrx,jaH*(P^'lQ<0NVt'}\e'jcACE#H_XK3eWhF8gNJ{lT"_%}1;>9V(xZأ"㠯wdM99<*J\.wc1`$kUCzVWrܞYy?R ÷^Ad+ZC6"հخU^wmrzC,.||_ޞ8vpz0U $E dU{QqO< `(c\2rꮌWoSr0o_s&~a4'{SƵh%䩏{ĺ O2P/om$6~Gx %J~x~(;.^*kN9U {> (>G=m.kNw}2JLQk* MI/&g ]kSw BtuZS4d݇vEZ h&XU)nך>TiA۱`orS_s;~-iDKމ6{4…1F "ȶ~VƾGs}'h.K)N$A]o^rP4W!/u߹R~=X9Ul 1HNErީQ(͝&Hl&p%ԝlw`AcTRj4g[AHzҍ]~e`EDrpEش1Pi(P퐨6poB[\^Cˌ0gxlT\eZxW.2cܸ}UU>#R蓥k@b4Q-q2!X):EE8fiq쯄;ke+AT\#m%iTe7Dx`12_Hڕʟ0N n-\f'K̮ln/V|&`)}kĈb&A.9XG>G]1_)XZ ^7B|NVۇz>דzï6\vf&S1-~ :v֭fI##Tm=l%=ےuN3(|_i+2iaVE)}D{ns@Pm/N HV\m,jausZ *;L툩Um+Q]t#3STړY,~Hl|۠czS9X=;=z{KnHwWg܅A3Zj;ٸ|ɉ\FKɂA @[*Dl|Nb1)f woXbV!/*S>O"ÌfPOd+ˢxl!PE}I?Y%'v$tc Cps{TDb=C5ru. *dV@XU8u|,j8 bJU=!pFEWx暭ܺ˿jM7N۷!?#ۿMύδ>}gl7- $tkGt4n}q_)P Oh ZGDjO$Ccn(Ĺ᫮]GCu&N0O00W>3g3J"x$S!DR"Sd pI b;̿_o$EXQ"{|>J؝Fv4XT$ˍ @Ew,Wh`0U^!EѾbR ZA$e,`Cϻ=h6wS%]w `#aU ^2غ: DEY8约=U!o-rӱƬP|LZa-#Yj&057ξN@$5Xk s3ݙ\#wY!W|f 1y[JpaĐs=z% ":U͚/b-LжƋ+xH)H̬+[!q(_M m:_괜/Q.^ q\~"UeHXeIjە(#D"Te6x v%YI|ne`& ؝^1pw#$RH YtvMg-nߔ#¼_#/q,^L9ߝmNTC ?m.P#T*|Q^4_ٱ6q&4$? y7e<p|mʨnfk_pyWJeyu?>E@ə9[&U!}rRly’-pj?#>ŒhP~w)jYSt$ \Y '/&)eֹ \n25Jm ́#f#7[7ij牃9J3\* ܙ4tͭ}ۚ1SBYB3;T]2A$o*rl1^6*Pn]o殘tކi,7[ԋMem.wL[pƫHC;UG VpڃFc̒CEv}J$_pۄ_.3M4~@nIua4KBE9Q忺򄳽a e G8D6_y|%f@lds[5ˆZ1cOcxSmӥ o"ɰ46;$5.ȄEM_A<bdlm lv3X^Be{`J:cܶ֒d^tFGTc%#IŮ7z(QvI.+wlL7P%VKYX/[!!Yga)+Yd <_AS? $ LTfhExKy¿ˈOHcYV,-ݦ I B-5fE'bC9R \7I4y`e mX)h9[2Jy=]F9rZ8bU2tEzpˊjSDݝ=ܗފ&u߅su{$Xڮ,q<p#IBʆ{D\]|1y[C+jD{:CK!yԻ0LgJXZdrfLƅ6,lWB^Nnj6y3p2vncx3.fRrG8ZC21R <|â;k ^r(*'_׫7KXW̥D2D.pKYzڲMN T,!pq( mk0U;à?d jC=x.*n7zӃ82dAW}ȎD&.p']9] R*W`m}x;4^C3l6E{ۏ^쏦6֖|IV Ak4bE;tR䛎eS@D]I jhpv4u]bs N!2 ѦG<#ox5 4+NQ`f<6};ذ<5(]~ f'1mOCTO(5xgx\]l;r%Ք"sfH4Ƈ]G'fJe"dqV?Q#3'ߒ[ߠ=',V= FbtmU?/vXjS[S ;y^?ɣ׌DAv_4 psm9SFprHsM4v):+S4Y:&gw&G cЃ8Qɰː3dwTq:"g9WWeR)dBp\;J5j<{I7b|ܵZ 򙔿 eۃI۞̈sܡ1ni\xwXCZϙ4&{o([PIyr * łG";ϵbY*5bE@K| "Ѓl>"cO_ҚV6}&b1ϧ`󬦪HڈՏ@2v\%r0;n`˭Uǚu'j7-ŔM;mz i+Pz?>r-?E; TS2 rf,VjxݦAp0jр* D7iޕ. hpU./Cg.H;[lQcܡ$in뚿&0&|ІGJP' s 1_,ZOYR8S>{.yWEC?3vٲމ=mEƤb_ߐh,Ӗ%XSӐь0WpZG.8筟={r]ylSH:J 2(sټ]ɀ|@pvR?Ǫ;dYp~rGԷIWJOAִ(cRdP{ ౢMPTZVx=,Q[y(`R\ԿF㖹]Up&ٮ9$ fFeٕgQ1B+p{/?b"v@ژ""[E>W?-H&+Heؕ6_2EjcJk|9(Κ4 : `PJљ{ȟ!"j*)V} :6۝]l[8.t@ MY 5 (z*) gF x6(>7((/@ߤJRO\MHc%l3T c0 g_ʨW -6bq}JqA{jTO0RFqvkEG3Ր~DNjIzw# zNkp|!B]D0)gJ7N 7Щ9Q~2\ګ,4h*pI/f 9pH4Y5m`IIX/隔@P G&rve'mԷ}V=~xiFaXM2ʠsq5h$Xo;T` 6ͨKF+z SOFa2F/2wm12f: ёLjhNDS˨Q@Ia‡ zV^D! sk)Ꚙ.<a`Uou2HuVIOŅ ɰ ^:'$S#{D1̋Ǎ4PȄoaWY@HPj<6>mXJ/li里e`zy+ ުݵ h8+2Ao,kٰ7T b|ed;l^AMɗj`HfOҌOItJ@ Q(GqGPG)%"n >Kr9N,9!0{t/se@tb8{(4oNsԵT|@A>VI7ՂD|Ð;4V${Yu-XG M9킵Ȗ%FĺqǞJvH_H<{:'hiG7 mwecm=sr's|ՕB3iHs~;%:*rZ Q7%/ؘ.׬3J3vX oP/2>(1Ů \Zy$U w\ƔKHMS)A_ÓGUZ^Vt c(k)dH>i`ĕ(JDiCPUȩgcWۡڬ"SK+{hP(!{2-OV_?R[(%|Z'1px<^sG{Igo1ur=r )f_Ra¡@1i6-3& NT R͂T$)7Pؗtd%>p %A)iH6my?U1 Dͳ]S#)N:ӯ59t_wv?q8ni-ghJ OJ׆臿VZ6RqdHrH 'Rk+'APeŌ`/eD装Yٽ+Ԇ@ORSC)&QhWcKy#ƎmjG:TGX/zU!(2k=<`xY$ ҸQ#bBTTV0S /VSb?,~pNJ%},ՎH=6h y˥ϛdI|)O;oә4OrI2V11pQ)& bl>bEH19G7{QKIg.*NL礗Y W8}G  `lǧsUɖoo 8G@:/ Dzij&?%0cX pl𙒢fWՓ4d˪-V/?]"$3blN0ɥU0^`=SҦ@Fu79YB6p~y:zJY4|wRyj<~yE@8@؏"s4*YDS䒞6Υ{l+N~̦ci`09٘7iѼ+Dtkq׮Bkќid(R=rѵC >@M.Frk8e8`i7|CTC5µhY~xѵEcK=ܵj/*,ĝg"ڙm1f,뤉 RK܅.@1A~FԎ8yvی< fSm2z娠2y~##5!#)M38R&l(ȻDfmHDf ԱxV|ur@ jqOfFzhDJ3lUG`g=Q0鵺嬔tNeI6(M|u@@a5O˖Ewgu32xeܸG弦d%jҠ栋* T?2p@ʉkyO=>ĚJܯ#)[ttf]T8-l**AF6~ ގ˕|-(攴텫mAX69YV,eP\fȔJS5W?mƘu֪Xm|s슏@vd (0˷Ep[,_W2~JC8ٕ`ܮH1, 9EKڶvt26^e^7jW{Z;\EB?Oanܲ(g:E; ʎxn;M/PI@-r{,/丂]ф2y#p螭uOv}ӆ$_2ڻf]Z jj0%䪖]eS*o'%+Qۘ[F7aw.BUc9DRQr>"OEi! 2.~+p2\֟asl~OG.|F3)^8)E@^P!{&,>y&Kec;z+\GJQɐ$1YʺK#~09hwu+TV0uq{ )X/K*nٞGǻw? jg/%DniT.7 Ɩ)!+Є+7"19r@&dYz,|MCGִgp6XnLq`B8(x2)kQm^v}=Of*^^- 4&;P䃌*ܮ/؛Pcu%sqW;:gFJ '^Wq!O,sq`iAYBktO*Jm[;A;~ǻӊ(~=-| ޠ1)Mo K~ !23E7鰤fJڢC-1xuVͷDZuӝ`)MUe2A;+˭))ܥV)3tI,ߨpIxטOVE"Vp'?;KqˇE%@w Qө`Ζޏ9v˥#z"$ " 1Jg ~}q:&3K{VXCq[߽O8&m\B } 9^4tU8v}rK **Op95Aw}kMAcؚp.;Dʏ;'a 0l%jfG}-r9v'lEҙsYRrJ?z.`/XQb."?'\bx*\㒙t #Ny ctEFۭo!S=+Tϝj02GNDl'L>IWnּ \TC C.X|^"Y[B~!;ge@ zS4~MJmx)Ž-hAݗWL\,9=MS' ?t7iN7XZ e5 }GK吠LJ2_wD'ނ\6gxpya( $.`fbBURZǙsWAwLc9G/8=_=pi[GB{ݝ0U1ӮZ01~vx8ulԈrv .H#j8J'iZI~)P\Ik5npqiݡicwQ%j;Aڬ㺮<ӠV#^EqusgFI]:wvy2FpoGITGsn`8MQ:Z(c W}x,s๸d{3ݰU\ν:5@"MY`L'|=DE$/\u xzif\ǽQk-N6+IKѿC:i"őmfrQ_fKtx:bȄz+wS" N2idh|z#$g s`ۭz \ϸj~ h(Ye*΢5U{slұMǘ HĚe>0iF[eAnda\Im8\j6INzǍ˄;qȒ9Ҕf.+͠[W)_%|(0,5wI*1%M5Me!թR4H=*MCc@rw-K[xh"GGgZ[slk?[/}Q]thgxG3"ىd ffPB+{}W /'+U|' 83ki~`L!ȯӔIV -a&; ?EVט1kGy7t=}pVXoᜌ$g[yuop~/+DNF1$4 +ACGFe ು|^g䖢ZQRϧLq~Krxd:x?í;<呜EFt,}c Y R܃Fq@ ! o8zdk{8gz˼Pu+R裡AF*ue3B̷? ̱KIYTU"QUz 2^>#`%5!z%!hbӝz;k*. ʿ͏> _ش 8CQeXNq6ysbC+uvE5LvtWS,$2OΫF8Gnka55V—`N~)P Ub=iWO%޸zc_: lXz"T CY8ŒB$ K~+n !AXⰾQ K"XHwG Ic@nW1UNZ1kxť/ (vküi\B Knĉ늮rJSALhy_Ovҍ,S˫[N%OۘЍ[ƀֱ[w¯>i,Պ? S+Nai!r]zl{'>,F+(zy>m-!t V]5C{=vs{0~\1^ځ%gJ GS NVE@i!e,NY=KpgagUP#*Ьc[``t/.a{"N]R5u*ӇIЄCMl'Nq dfb)h~P}Jg>cY:@ZhBvAl⊿M0"*ĥ2*sE{bprֈ0R2(t")O DCf7Yq5/ߑ8ܨ"-k!rrGmqxGCs=)}(Io3ܒizQZR"{:N jYɚ)P %HadM1ʎ`XBFh7\1bx"z./Ye‡DQ̽\@=wx2+m rIeKˆ{?w>=w@1w(0p>7Dv#_˕Z,7x䆢 `z&F,(:&,X|\"{r&};u6B_orMxeyDØS OwIf-v';/Osi'մI*M|a Fi?I/|࿥OG'R&"qC5[ݫTx *+9|A> 7Wʢ gļċnI)UmJbBK y+&{&`(A w.y6ke`pAcMH(> vf7hpK\e#E=p?\4fi{ȹL6w[00`O:%.sw`#LkOv_,IU6-ht4ex VEU a"%,[5B1R&&!bG%\D@Tm[ʴ.Ir)WV -d?X)C ,?kr y]|X[I9Ԗw^4zc@8b?N8*7q>OgIUs4ln:F_JP@'$J`csL\Nh0,]~Ǎ3X[Z;Qvw+nu41Ⱥ)Y SG eՎ> ;! L~uZrzgI.7LmT~X4nW$2U+0 EP ?lzA$SPp`>Z![y= WUa#;b@ PCPDT0ow6;OH_æb?B#2Nߟ&N7V5&`rdXV,%l: GD*'tI&]: \FD'C4}GzްQp^SSm=`@ .psuq0*ƹ=0 [ZXS\kmRX{.~ i+ƕ?@7H!Csjz+N+NcA^L\OpH6|e>Do> GW6OY/䳣ܧth@˷}?v*,ʽ9rG? f?ELUZQ[Ĺ˯Pʰ2\6ì*eGWdYCrxN-Pn{㺀rNAK_5B1!ڵ9/]ҙrd}RtnkrXqCfsL]ۋ:u4%?]}:NM བr=hynAu;7߸q@c}'f1`"VZ)"Srh϶Mb*CRqG[`CY#֍.^'M7֒Thw`x#Hu_=;)4W2g 5Z%D8V:L]uoLxA6s/=d`Rk+/g*{?(/z)-ޚA HIʲۖ ),qQK}(íϨVܸTZYxD*,U#e˰-r(rź҄Tcؖ6& Erh pwE]6uEAk"ka3м jDE1[¢ [<U#^: 噆sG@:7i/A{#{d+TD?7u4V; 'a[ |Tͤ\9e\>ʧi;mDz>_BGן،$IQk_Uv5s~:aPpRi3/1 dozBoRCѩ3;^}yHU6SgYԤ e VbLO9gQn#Đ48(*Ae{HgUU}iakWNɱR*T}NƾnuԎAf(hMWU$byM. [}ɫ$?H\{Ux\Xӿ>So [rI̵D2O!jq!4@ ɄLsP*{Ktm݀ݑURX} ojpPCXV@-J[bٟGhr1t{ylq)礁HS%T˱ָ/ d}ꭳ'2U…԰/g?8lnsf ڃXxZGȳ8Dkn$?_[,dL8Z2ŀIvTח\w_P/<ժؠa =n,g"xM)֋*,X|JpVW7id#F h|IkM4XH`{+U_L;9k`[:jsZN0%#zx'JhzA]Nzʿ* iW &pf!C7!$Jr7;5 # N(-)'֕#"Hq5IveP+IC7ARq?'3*J>SA82 l 44Rl3/qfxаchً݄' s֤n-..<ϒ򢙣~ n| T*B&UwgY[j2T ż}v6e ԰ghTIߧd9sE4.[N=l6TAgщψ59^򶌿E\r-`aT$xxBCF]'cGj8ӱ-u`2XjG",ɩ\tg{y\P|xL:kT6SA)#OixBS-p܉V̼AlP8}0:R v {:]/PՈLŐ.OQJڊ|k!l%ÝS̘!gp;z[0<8-m#LMh5d[b3.:: h$ϻUbܞ?dzWNI/L.H[‹Zf|3YC86G<&l﬷Kzo)@=S]uƍ  uÙgcSrݘH ~ ~so0(˙M>܇x]>nU):ghTw`2X*EFP3_" bŵ{&su^&rM5VaB*>cS+Mrt=^l{ ޲pzw">HT2WV+/WF zUʛ1q ? k=r(EꪓwԱ6$h_%MA.ɛ͌ԛFuV)mݜ1.4tj8݋{'c5 !j.5dnY4n]0a'Icl݅6얭)P3 8ڦQɱ$IϣiXyyT)!|.Tc- _hi>Vcr+O'~*#0KXB+l|/zί!59ƙa=He_89vUv*r 6K q~]G5dtnT:GG㞝ddO-nza/Gxdjr/eEtoYkV! H#SM !*.D%F4(3'h`.lYL+V_~Pdjvn0rcB:iI5={)KQSIо2I{wn 澘^t^9Ftwji-#`Z~m6Fq6D5uuƚ"Er>GDnG韪rыɻ?GE=I}% HiMۀMJ>a0t|Ӹ)C+2>hyʜcroA.Y4o 1lߙR ҩ5Ry“ HZGX*ƜȭZ9$b=79h7G5; U{.EwM'1$]`s7='푯_VoNAN*F>8M2 Dο7i8$Ka-<徕"z;#ןaF:k=V;ΞI$(L¯Gp l3q 18P|o^#trGN m*<ZّR >=W$3[qmLLG+7 Sno A4c~%^iA4{ ̋G˥$-f⬏@ >5ch;}7Ʊ扟viz N37IL3&Ïz (i=۬H79ڰhCp?&bRB|ʍR7ᅚZ<-"Bjwdi|wt۠ҏOJR^wԏMlTGh\q)#Ÿ.sِәbcI9P^<^ E9ߗZo&]KVP!fI*pŊloCZʗa**1L<)BlM;"Fgfq+^8&=l5}fQP̟LN!%u׌qxsACL5of= _87W'Xü2%-_)Ϡ-z7p6k&{&̍pruа[Jkx)1X:Ϡ6!R 8_Ĉl$gP'/=\XRKOMօ3sjH2&>{lK;鬘Cݭ#L,s`e6rxރ֫SDt:^諸R ?fALUF>`b~ebmt8*~|Mn,o8y{O)I:`#|*J?et=1mܶF4q@R2l&d$_*ئv2wtWxiuȐg@A7u\O2qymiW[bOyuÐ%K7i˙Ji\P Fg45kAif{1C?1nprEh'MVV-ψp$x!ORռ﹛F/_&=us(|hjIrwO+{jd{Z/>v$yt*JpHI)tќ|;`/_ ʿV%Hlkj%yNkHz%&v(+HYTDTPZ5"ARfjQpby LJ ,wv:tWBM=(Dun7esL5PqYo´.Ek%j5mWb-"ݳV0o j\E H9=OKN`M) 0J{0MVth9ˍ]1$mG(%^Nr+Xc>ޥ}s$RIoXȅ+vv>٫H ǖZ:τW\Hy8JT*q9,}M{UDM/Z0\6ӓ.M %#0 PԺdk"Tf-ɼ$S@ %-b C% ns?@]g\<+`rwԣ=[feփCh7c:+v#$B {އNXhEvAk/]od2 i¥Cӕ|~8:`u\vo ijZIǙ1F;h ]s掔Ri5Q KU!'1=c㌾8Ah_gOc(Yh?e$L`tP~KȄ֑d9}I5/S W!5eǩl[)?]J1vUޥ|A&kl ?n[~Ăw?q t6(EPb;L0+Q#ރƕ>GCv{oԂ@*?! T8NU6Ar4fޫEac9S3kCN *7a:t<5:%˻;,!Kn]UNc[U</d/̚ͱgUλ5))۟~h;1%k2NL!$b?sn(.:8]Ik8jX83ؑiHA^$|_>u\rH~V:FQ79z#%+nt: ,qta\w`.?$4M~d[f>X,z󬂸8%G.U+0 _z3V$V лL"%wWhk&Dރe Fˈ$I,v:"Í VIk'gsk ) Z XZr``OPi}0v  >c[RVUz@6~E`O& r{%v_S6𡍇yJث/mM UG5ț"c|)AAfҥf  [e TJ.uVYnpR ܃xSV#/+[Kj~(Yu*hhP_?KJIL_^Fe;I"߁QKA.ixԬGߺS^ͺ{挣,Mo,ǝl|Zd*, 8.S=^bψyq(R5џe/Cka$ lqfo*9bL~JQ3N7-D0?`,i ‚0.$["eX%ͥW=s L9qq}#b"3Eg4 ( 61}9Uךw?:9 PNwrkơC*.\o?9逐r;(ӳn"@'Q<9LωfhQ8qʚ5!(GS1Hn8-e1\ωPgnoxSe Jl)O}V6fwt6uGtbLހ3b+VSaO-QkOةB^Z3F:BZ\ޟ.gD3bRq3cu' ft,¥гfc*L[6'Ij|{eyzKh+*((A$_m8鎟RQfYwn)cL6 `B]Ә|*%H[Nn@f"{Mb,?[rwڞ+RE-QdTdG/]sKxN&6Ԅ~a2*#L9' Ϸ L%2@ZM ! k4絙oV@dG!流; $3LLfqH+3^3&IιDvina9;QW,4FT*pO6ԛ6%$Y˜{`{,]jKYNrEE:/9(lU)5 %7E8*5%it~@x1m]6 (auTZ![$1L -urxʇ¤d%}.UjacXq $٤x"]-[9ɠa/[7Aek!4rymĉKyg lqL9Zȁ@>r4lnˢ(zFwAvo T|BLeV-1jtOlPl+lþ< Bn`\\?XKuR^ >%dž9 Tj{^%xϿ0YHA3cceQ'tZa;8/,Qb [[W <36p3" , $AÐ~}ɞ ۣ) }"|ǙYP--ex=ѲQ-bT~vYN(z~Pr/c~5ª5Z+V!C?vo1 69 ^ gsB'%¦(j\Iu)܎Xܲ;ebqL;GCCE蚖qmV`6&?9zz($Tm4Y,!b+ Ǟ45% k٪kMВ b6' mqp;UU[z@DVzZ`XKӷ`)Oɪxx%*!s Z" O=#A ( Wɚ8jiS'q11\gWzSAT/m[bo+>rjh~[ hwy59r=KF{|dvi?+ r<3HK:PPQ$z-S3!lo[e @ yhhpHGA h0?At[/0|=KQ$59Ŧ+n5,l'5mJӤ0 7x̜:OD~.U[m8٨ _7K6a:VN2u p_WІ>1|icodJ76Ls/xINSKqv~I~L"FlEi~ijD?Ɏ3JvJBk$}(zc^*0pll+EԱ+'cbI.!N:ޡE}N|B/.`J,+r$+ >(E$97s/SG>Z&e hr֩ }N0g‡ [.%%Ȼ?jx ۀWZP=vp~3:IwyH&7}IS$EX"y'6z{kIIvMU9!|?v됟Su~ [pwrIo-~C_H@+bOc }֟Nj0c0 W e-%`P Ba%QkP(Q yvW!I~6}Á Fh-w &› \8z45%;b Ǽ=uXV}с]i{mcC@xr2 R1DZYiTabq'w{5@)ݯj.1`:% (p>/ODr!$FcK?2ϊo +GSQDԎ&V[Kk &nH`Mr`XdYgNzB:-SiAlLoL2HҊk} @NAa=[dH'o'yͻӗ,^tx1XfK?C_DbűC 쨁Hw d`y4`Nhò?6G3;X8nIE|76i جsScc-;sU_R9]M6jjBu壗z!#lJh#$LE^XoqC %&u'ƬGޜe˺txss9=Ρ*J`iB|ٷUR"*|P _|Wߞ(g%L4RzbM2\ #DLXÕ-@=O2,m1@JW{$Xj\= ``%"j-*(*'+ɡRHsT KVQXk7 v]q}.Ert$ҾUFāvo Gv}ʖqU񚎺E%_t䵻t&vKGOnXJJuGN*0R4Hk݊a.iN3mhgu&vhj]ckR )ɁZe襜ڒ6ݭ.T Gm;:Ie1]MbPuGCV^Oϔe|#=RYvs !$xd]Ht,/]HM%p6)'AA }mݯ1{~IRm \7z-7xw#dpo cTĐ=}0EwX^:4"Vpve TgQ1HbeyjF`n7Y Po$,9ɰE`GnY쵬{9+]*zmwHne?=vwOJf 3 *L%>[NA[ -lpq2g w|;nξ=6y Xc$/= jćɺwir#秽)lY){ǚb6Zi}UOUԼyϐb3y*F"2k&)<;䂳%Ϋ1&w]e繷GC;Z˚"=0Th ވ 8hI}#Vd&7ˣo˾cvwsޓ }& KpDU~)6aA\P =*2H ?>2\+DG ukcN޷Bysv;?aSlguH%;,{r=X?'p?T¿ ;9p2o)9yVbN@ h;Ö_wiz=g,O0<ʎ:(<>{\ދ ;t' 8W/cٜ/j&7`:-lKԮܕL@H^_ 1} (L&(>g@ >F  YZ