lib389-2.2.8~git65.347aae6-150600.8.3.1<>,ϘfYp9|L YZMMk3k' ÕZ70iy[KSB߇Y' !Ns~(S֝z4(袕t#Lki:A*vweX2dГivpY?ﮫ,ۮ)fC S^%$GҦEwsbŊz#YB#F )W*L G2ǛUjrOug@?,9:OA`D*,mV4<6O\6+>Dp?`d  * `7 Mj  @ x     ͐ڜHpo(8l9ll:lBSFpGHIdXY Zp[x\],^.b?cdienfqlsuv w4xy iz\Clib3892.2.8~git65.347aae6150600.8.3.1389 Directory Server administration tools and libraryPython library for interacting with and administering 389 Directory Server instances locally or remotely.fYh01-ch3aTSUSE Linux Enterprise 15SUSE LLC GPL-3.0-or-later AND MPL-2.0https://www.suse.com/Development/Languages/Pythonhttps://pagure.io/389-ds-baselinuxx86_64Gntt''DDggjj""55xxNNEEB\B\33 00llbb""LL _ _ BB33kk3e3eAAss 9 9[[FFXX..''((1-1-"l"l z z  eejj ??vvKK::LLŬŬ- xXcBk=2H2H Cmm f f+y+y__mm""//88WW 5> Az 83ss(/(/11"" i i$$PPii    3\+ h1 (Y/ 7@RiLp FF11JJ,,(q(q  mFI wNO0_ l&&'N'NhhyyBBVV  2.A0MDN2  R&__gg&&ggHE_b9@ rB[S62222zzvv AABB ** @ @> K* 7o 3 #EaEa@@hhU"/A QC ~~, , *<"P=| .3SN84JK5m+ .2 z ""++OO  @ @** N N--$$ J JSS ,#,#    vvAA 8V/ DD&&@@77-- 00;2!2@66  TTH4)NG ) ( z 33"6 | g  : A|K  m SSpp \ \0 r)6n , N '$hEudwL5{AAA큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤fYfYfYfYfYfYfYfYfYeofYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYeoeoeoeoeoeoeoeoeoeoeofYeofYfYfYfYfYeofYeofYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYeoeoeoeoeoeoeoeofYeofYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYeoeoeoeoeoeoeoeoeoeoeoeoeoeoeoeoeoeoeoeoeofYeofYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYeoeoeoeoeoeoeoeoeofYeofYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYeoeoeoeoeoeoeoeoeoeofYeofYfYfYeofYeofYfYfYfYfYfYfYfYfYfYfYfYfYeoeoeoeoeoeoeoeoeoeoeoeoeoeoeofYeofYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYeoeoeoeoeoeoeoeoeoeoeoeoeoeoeofYeofYfYfYfYfYfYfYfYfYeoeoeoeoeoeoeoeofYeofYfYfYfYfYfYfYeofYeofYfYfYfYfYfYfYeoeoeoeoeoeoeoeoeoeoeoeoeoeoeoeoeoeoeoeoeoeoeofYeofYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYeoeoeoeofYeofYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYfYeoeoeoeoeoeoeofYeofYfYfYfYfYfYfYfYfYfYfYfYfYeoeoeoeoeoeoeoeoeoeoeoeoeoeofYeofYfYfYfYfYfYfYeoeoeoeoeoeoeoeoeoeoeofYeofYfYfYfYfYfYfYfYfYeoeoeoeoeoeoeoeoeoeoeofYeofYfYfYfYfYfYfYfYfYfYfYeoeoeoeoeoeoeoeoeoeoeoeoeoeoeoeofYfYfYfYfYeofYeofYxfYxfYxfYxe5365629ab89b37176a4e56de93a6a29ca6d15127968d6638c74f3de5109f1a0c044b68bedb6570192a5d6c769e46a9ee6439a74d4d2dfc26d5a13b4e31b603f5acf92dc10a8fa72bd3620ea13da440e3c3f181b2d400e85c8483cfa599a5ad401ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b38ec2ffc2eda52942e866cf9bd036773252745563f9ff5fcb46804f62b881f311ba384aa6b082ac458896500b19e07444bd9963db05422d7baf118d3e8d0f827cfb257a7b18714f255e560eb8d7f25efa3793165040e79e40f7983769a2a2ea5285d71b2313a7ba2669e5329c5914aa3f5c4e51a24d431ebaa0f11385b5ba5d116cea2490336a29eed05372bd8eec1d3070cd4d17ad81f4c5f1b7f02656670edb9f06aaafb8603c92a2389564039a788020bd317f3c628285bf0d17a73dc64b39e6d6289aa6795985edffdb708edc606f173357be85fa241f93aeb195b9ab7e0a83ae94ab723041c4d01f97913bcc24e0b994cdad28c7164714cabff7b2f42c359ee09dcc3cb7705b92c317ad8d6dc43a28c8708ad269ca1a89dcb164e4324a40aa27bb71cb6af62e6a93b4e152bf74b283a16d42780e67223693dda9f0c26cb91f494563ed6932b49de545ba1b915caffde28f84271ffe950d47606633c89136d644de1dc7fe688d860a320424c1eb4b517921527ed9efc33629fbc6cb69b446d644de1dc7fe688d860a320424c1eb4b517921527ed9efc33629fbc6cb69b444651726c7400a65bd2490a2c5190a6772eab19b07f1cd9b212ed0adb5b34df9fb41a326ef7a1d289073aa2b8da6c4e9280fc2d04e2ee5e731c5f1435c8e6b917f57c6275ede71dc8b82071f30cf3d72f9b10bc0def295a9946053b99d8b12f2e3de2764771837a18a6f338424470d38241cf75653143c1c8ff546bac952f067b78972ffb3126c32544ccf097e275679ad903e6d86ae59e1ef852f3482da5a975ea265d20d036804501211abdc6ebfd21945d2b2b2cad330321c5e8613dde9098ed3fdff52ede971090624af40723e94f493623e027eac8f72b4f0823598a9e78d2f1c4354c2f96ad3aa84d218bba1e26e959d9567ed343343a45a548f18e50739978be04c5b86f4d1e6d289d1cc6597608810d9aec7c095555cea9f758ba80c0fb7bc0c5b588d596bc39574f1a261f2ee0b471be32a4917b1bda2dba00877d2d56e26b66ae76e7a8f086e115c6e5c4393bbfdc17474911acc0fdce5c6369fddfe5ea452ef36d4e246bc6041faf191f6430455480ac673aa881400af3898908359cad94cb3bf8e97fd7a8bbe795968e70ac9a88395a725ad6fd3a7e4586197a4c4deba6f0b259c34ba308547f99128e398e38b5f8484d4fd6530e8a1bf41d26b9ef77119c15994a67cec7e4b6a85355cc0be53c4a00ce736454417e8ffc4e205b3af5df9e23d0304d9f54422a97dab722be3ad24075b2ef6606f3790de72cce06ef2d886b1756beeaa8745e35eef305f16deaaab31a3542c02f0515171b765b3d11c33a8635440a3dfaa64f0fef877b28c1704905e901bd93e9073c343d74fe9a019a529e1b2ee5b9184a7fa5208901e42e6fb44d59951728cd29bbb72375b255019a529e1b2ee5b9184a7fa5208901e42e6fb44d59951728cd29bbb72375b255792786506b150fa4687daf3058a7c8de96329e71e564ba8f7d3d9170990d8c0b3433e4d38acdb14e7148529fc14117b8e7e267bec399498c5742dc70f107cfd0e0c0a31e5ca03a731c797e4654c525315b5adc48cb36eb1da244538dff472c729f71b7634649df910b1557ae6f90c2f8d412ab4c47e91d8bd567fd4d74c62d8a54b519a33468d968ee16955ff85eaaae7426c5b87dff41997ff45e1ff55e9fa84882d2896659b06b76beeb3d27027a8de3282771a7aed4b5f38047216d4616ee6f472a9421f1e8aed30dee3b0361f8cc3500cffb53a67ad94ff480d752f078b5cd12ff8c0df1548e7071ffb13672352ba75b6175790b330f753693cd39fd0dec665c7a7d4e0a106ab910dc273a63759c867895301250676c45b37c1bf59bfe58ecd74d396a2ecc930aefd66d863dc4160aeb9e53d33846319192d3b75de19cdb81f68c5482bcea2d369774e0224b9b55b6ce77298af8ac1d8dd5785b1026851081f68c5482bcea2d369774e0224b9b55b6ce77298af8ac1d8dd5785b1026851018825942256f72b7673df39deb5e111c016ee32e7e2f5a6b56a9d23619ebf6a018825942256f72b7673df39deb5e111c016ee32e7e2f5a6b56a9d23619ebf6a0890dbc4db7cf971a1b7a105958077ff08fec0b79c547db2d8a3ded5ede7941545623464d3c4bb6fccef4163c5a134216e7653fc2ad66d03086fbe3c46d4ef961ed82c5a606a9bce04fb6377fc18082984f041b5e833465514b389ba8f8daa52249068ea4e3eccdb73f60563dd7bee8367f9d76a579b23b084f89d334f84e9d0777130b4529e164e6fe9b166447bd8ab356e3ad407f97e26f685f65fecb5f57b9937b869fc75b7a032268ddbe0975e32cca45d78ceaa682168ff30f2cf6f0d6025ca694f26b9a71e798f9df8ad0bf6aad765cdbd8f6956f938e7f8eb8f599713084f4eca934eb568de5c19e27c905f2aacd59668f367325d0b3d9516ecad2083e529839e1dd49a425b9c5c08a9df8199e20b03949711ddfaa05cd99c998d1e60d50eea99a97a93d102ddf7d0e324d4f83f53b1f8011081ebd357f55a0f625664a8f882c1f323c387ab2e0edd5a16fabf94d470f617fd27a3f755fa3498c9c116fdc6eba4341afbd800aa50da56f225778f688292b6f35585dee5a6441d2b225dd4b10a094104b369dd85dc2645c79a79f32f6cc9167aab4e4fcd322797502c648f224ca52c3c19bedf490fccdb350a20f7a8c63d87cd264717649adfcf412591ed42530c7839abc5b693660e2c479de7593a90db65160bfbb6378b0103b3e39507b70c03081dcda9313a77dda91a59151ded73defd0a35f1aad32e504e32f6108bca5f5efa6f52f8198283d788b17519f1260025aec53e890f456929d66d9c60da38998a4308bfcaad7e487ff4c9db987ef97088fd410cd74c6f5695ef1a4059dd10a0ac5ca837a127b687f8482713187c4adb141b96eb5c8ec8d5e03a43988e34161607c962b718f2cec7c13a27b56a082a9b405d794ad27ad8cdb65623652a8366606176cc331df6342e8986ade913a5ddb290c5265191978d630559b124b2fda01907f2069d78b7c03dd5ccb1b3b840ca4d03e9b0c15c358c59e028b8ffa44f36926505eb3eaf5eae657aeca088ff80e061ee2a1efbc370f605f897c70c5abf36926505eb3eaf5eae657aeca088ff80e061ee2a1efbc370f605f897c70c5abf3879af5c0bb8782e1823095cbcd042941f9caec197e1bea23310267f705024a4a97f7396cfd96530afb53458c2a697fa0a288c1ddf7a88317148d70e7dc3e1fe3cea237cca4ead2828143b60e9e40d702be231626263ab2232c7a40c922cdfcef2de3b941f4a2aa6e4e1d0bab67e83fdffb12c04ae484d5f52a65b706f573bc589a13cfbf5194fab3db6e1a50ea74d3a98b84617dc443281b256fd980ffae8f2b04110c0d2f98089ef57441067a3555069509f994a83dd84ce4ad36ef5bc054e8ac7e64d91c7c82197030f1e043f2d7a7348d599f19048338ac8ce0977134c6c2087d95dc424f9cf7e43db0c40d9c443ca64a5165c8971e6dd904f9c87079ed52ca0a522992df616fbe332552b6bdd5aadd541bd1a7b0a571c1f73522b595f6f743b0b3fe120b6755f9fe67dd3a12d2741bc88faf4276a8fc9ccc35d5374af430798b93f4bc627ea6c37ced553b020f6ac31952d35bb529102e53c77db82b1e8d3a43767d299af9b0688b15872dd8a307a86daffa4ed0aca99a4b7f05f60621b1432503866d9166974551c11be8e15e8c1e6a1c4f59e476c3f04b6ee8167754376add6f298fbe732af13df16ccc15b6fad15b848870681d4a1256dea9250c3e1e461323d897fc1b79de4982be7bb3ae3ca62aa78d27e5ba9f1b8546f2fedd100443bc496de3545c24ef88b9cde168fe56b7513c365f19ecb4c9f00352fef0934c71a2a9b457a984cf9b385f4d13844a02741c5493fa83430f54f241c443a9ce9c2d3c8761586aad37a030bbc219fe27e4b0c38acfedd7bc9e06c5e0e26ccda3e88a3675484cf1cd61f71a4ec367e2aca8fdc4426ccc9ad2f7b7a7634a8ad643e88a3675484cf1cd61f71a4ec367e2aca8fdc4426ccc9ad2f7b7a7634a8ad643bdd0789fb1a4eb43e12fe42ae680c13bbbfd80cea8fd0d3fd9cc56ad38f2d1fb3713bb2a9600c6b29f8b13acfc5109f1a21acc6474d0053a70e0b813ba82209851cc9bbbeaa592d123916a5ac279fe709d06d7987185f9f657112c69b2f6af7351cc9bbbeaa592d123916a5ac279fe709d06d7987185f9f657112c69b2f6af739de52a2416bb2fbeb5457979baa2c84f6a9353c6ff47fe8f9f2b4481d3200caeb4086dfac6198d4a945a29392a05e26192f94c3b37aed2059af7d4bf70b8eb22765730e74c859faafe138b80f7c0bfc388ca220acd8ce03259912d118104a7fb6d0a93a6351145cffa9a6c9462200d0ba9605263a6078f718bbde8e027a20583ac17ee639180f32ee070ffb3e94d4c2d4f32a9e143489db546c7a259865b43c83af2b9792d8156560e900dd2cb5013d553cafb2e7b36a2f3fdc5d9b4a896618c957acf8ccf18abff00af5279bab1586437af509af4a1034eea33d1fb9837fcfa0d30cb3e8183377572627493cf56a48ccba4df41be5f78373b6e4367b33e80826b0e36b3b8fec95f9565c4b61273f4934f8e870f46a7d5d0b7a547274195be4149919b0a7655854507b6047d1acee3f13675600d40aa5d5425c40b35b807db1124b746efbeed5e3a0b6201c78075fc6b4104253e9e22f6fbb4c4477dc34bfd59f39ae3e382c51c358eb7ba40a41612221b4b25fc84d3735e10661d213a6e53ecd0e49c5b3855ac184ab36bfbc1df5c5465ffc003ff18b31aa475d96f7042bf93a2a4318e024bd9023f8e5ac8d7f0a17129cd4e19e458a2f9c299774e0235d5bc9fdfc7b4da81a74eef8d49c2672940703ff2aed11b3c6166e62ec5fc60421ff7eb840628e112959e5096c764c6e5fe5dade70863d2635ab378011751588e1501bd39f30135c343d2d93f768210bfb9815467cebd0e07756af1d1f2776565600e3875b74bfea1606368ae7fd5e6c70c2cfb44ab62a7b7e3ead5df54f23578d8d594085cd9a0a0be97b94339d17d8ba395d93590df392d03ea6fe9029deb2a7b1d07aeb75bdef82567a8e11595b37eb10c1888048c07b68c388d4f0fb60c6b71418e6f685c68960986d6a46dcc5932f08db669b17dec4c01aa8112d8a534a45c117c6c1f0e0efa45fef72e543da216d2e9233a5c8722ffbe8638f453e98b3f7b48385be8fae23f3fade87363b1ebd4db3d71204cf0f10b79c22d5e1bfbab3b549c4b1d117b9f9a784dfad78d9e1e72cb5a1b4136df609e305f0c33c3da6c441f1c506c78d6129a19aa1b4a53e8388a55a6c042a053002bdef16f31100b586c998200fd3244ba160368fa1b1c6fd046d60d6e48ce7d1dfe92d940e882ccc0f971631707b36abbdc3af5f2fbc4c9cc4431dceefc598ee007a4c5c8111374d3e026bbe9874d38d731b055d0920e1aa10bbd8ddc8e6a40e67925fe3d4410de40012b8a4cd9fcbdfcfb5e8954eaef9c37d9d414a7f5de2503a405b561e6dec1c25e1767d291c6250c89de422ad977679ee05e15cd60255b55ff3a0d631601f0aa5dbffc607f4138092b36c27b35e05d20a8ba89b20dd534ba875d7aa9544ee70d36c82914e2a617d84ef8777834dd5fb16fd335c491cc4bf37244de596fbfae5f168b415bdd45c4f08da871d2c99851dec78dc73d7c56437cefe6dafa31d1e999d5520eb6676095cc6a78f72bd927d0fe12fb311e7315536a4fc01e1f77a2518a710a44520bc18b54e4b92d2c4ab39526a4a675ea0c43739c8e52275caf33359541177930684845ab598412c873d5262fa3e4c581ff27fa1003f445c2d595991d01005440f893e741fc652b2fdb94aa8961fbd308017f8f95189c30e0c71a5509c5347066c97975281043af091e21febed95cd5ea399271a84aefda0f5dc923579597bfcc102f17fe637fdbe5824f8c4ea68c5426c1c2f7e4d842a2ff22916300fdbf73f153962e83092d364748bc1815e3f705bcb1300991d935e903a96d4f3a6619d5b4cc29a768ad0cf8ec8efa6c249a9ea859dd74a495d9b5fb9b37b77fbce67cd300989c7d16c23c43919b976a2d5eab898d7f8bd52b47c44df4f92e6534978a4cdd9bcb0871b1015a574aaf266cbdd6010e82e53cd1b4be7b4e60aab3456404fe792b7ed4ee89576dadf46cb72c6ccacb0baffa6d9d9fb87659031f0fe5b7a7b159ac5eafe7b1774e8f0633ac77e68250540eebbd093d6b585b99b7697127ea96011f27b8906eeba6bfdd03ea3ee3f79be453d1ffe29e13e6544a1b2c5ade8489eee825ce9eb0d976fd19ca3c09ff482f5bef9f0987702de4013febe193c503068ac94eb335cfa38d4223649c70f184e9d0ca5da0d6df47458fd1e90cc9e908a981e901575d50b6d94678dd23eeb252946bc877e6f88bbb14eb195d1ea79589bea765378986e7ed1b3414a4b195ad68b91b9898be546a9af0c66b61fed020a0ac42681c74008ef6e414cd298d65ce9e86f563d59c493bdb2533fe65b3f7b99edd840450b51b561b43504eebd1e63b54d895b0fb90c5ee1767163be4e5edc127ec6db351d8f34d894568996a3e477830af00497599f669b6142d8b48eb3a0a8be477d08d150ad61fd8805a9fc3351c099b2aba21a3f7bd1b4bf4fb9ce3b8328f7cf1a782f823c9db06f150f6f745a3db4307d78c192d291bcc8422c746c699c53ac53c25fcb3239d0f9f7d22482c38dc632bc45b5536036ea1e47bba4e51b8d53ea12cba514f658ab64157d7a18a140e96d26708991ae00196ea288f337c0566d01e75bab706bd1bc973b13efeb12ecc226ecc063591383c5f791e3f9d75860e61cf0c4ec804fc1669bd53024bcb9e4563b6d9b018f3da78140336db834de2534191b81ecf39804333bd0baf4ca4b8f06d34882f9c00a11c8af9a576fcf8789faeb78cdd9a376e4a33d76d550aae13094c86b1a4e8963b7d41d9d70f0f40068889ca5eb36272a8766daef34e6f8fc3cc724c37ebc5ead4f5f8d21b3fb911c7916df9e8d0d9a66472ad7f5e2bb03a761969a24f23a9b901bdcc1c7fee8d619b883d6971077de266cb2fac2ee6f4d5181572be2467ac31dcdee91ba00164f77a85e8f08f76ae768a92fc5d9e1187fdce2b9855be958106c72f96c7381db1efc95e815737eb70b36f4d4e56f68bc5846dc06bf270b66b774a996d7c6926474c416e90063eff4e106dd01ae2774cf1b8cbdd72551c359543c92c0132099d6796d484e3d8550e869f848df0185a73bb916e08f0a73323888d7f93f20afb6c9ea933d6820dfa171446c6320f8ccc486a1b7865106af66fc13234325950c75b6d2138a48bf45cc000b504bcb2123c61cd6833f1ea2845b8deabfc88fb835f8f7122ec81c2e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855e750244eac7dd97099c867499144c6c7f90cbbd7d16feff8e918e3cf867be117e750244eac7dd97099c867499144c6c7f90cbbd7d16feff8e918e3cf867be11794c5607872e1ad0e679b7d430f24cb1c2df1199aee7f053f279aac9452d651cccbd756d29f8641d22e60974574c54f9d48c5396f0f83081f703fb00b7ac69f3d5210e72c6d86cf6610815c6c5f1b1137741c9466d8780a1d0646fad65f3f5e5a1b604e9247dd0d19696b17c6a7aeac742f5869ca3e9089f8cbc554bb89398721d619738e641d738a7050719662656858d8de35b14d0b5fa3e6a921a7752f2712965dc70585c539d55cbe749148e79bfaa1370a7919aef4af2af36c5d43f1397374ced77001a960401fd88ed5caff8de56e5980666668482ce3e237775647a143697031ad306044c5d16d20309fb7c895cd4d628fb72fcd06720cf96503808d2a2b82c8d3abc7d15124d327ebcb3493272fe9b74b1f4d38913e651d00f1640199eb14baaa23d9c9d4c6e7a2533953300a7f2db80b47d6b9661345188416e09b2551916011ef1db10c9be126a5c7006d2f929e3b3e84db762a432aad944a85d8ebcebb6b7e9dd5941db6a597cae99ddab83b91f3785eb4f349f295e48778e40a7a3ad6c23c8878bb5518b444449543f5ce741795c2b4feda0ac325eefbeb6824fea451c55e2da747b44c0740ea7c1c4b84ab6cd3dbeb5de151fa2e6e11092c7ac74057a024ac624ee3510beba01eb2b4ab883deda456abcd23348a14bee390b86a99416932e7e2fbefbc3dddea5de2248374fdebab98d34db1dcee5e368b65492c707037d888da9a875f19d91813e6e0a9f4f135309d87e62ca834f2e8cf35a64a21c85ee13e146ecbd55c953d662f60e42c5b96ffb8a532136b4e1c2b21b45b915f673854665f0a7570bc84914f681e31b0f1c6fb55c83f069cf40a79fdd7860fc18b469967a125132c4579ee5b9de833f33a56724474c23e9ee1db72fee6d0bf8d70cfa68b236da1fde9f00c7bf7954105878ee7cf51d2b709d169d8071247f3307e28f79cbaeb9f7a44d6bc777b682f3d4dfd439575f0ea71c6355df2fc487d1ee58311b7d593f5b630b2a4a5ac6cc705cf9950e4b4ebc0752c885f4a09bab4d45059bab034f3a95691f5ef4cee071355a8b4e5ca699eba8d511ea0696ed3b158440120b398070cb18930933b6b1754479706a75d37f2b339229a0d5ede69a3608f1833ea715cb9a0e112b874d87e73e9962f81038dc151292dcb5eaa39e396fdbcc07e33b9cabbf07f195c64199f07958878cd7b591510cb39af75c95340726eaddf1156174a016ef90b0e62902e785b6260a924fe029a40bb777eaa62b819fb64231f1d04971269c37d8eba4973b103b847605374cc0f3e945f3231408ca587db742cf6871fbb4a4022bebbeff0697617b05e1600e10e5a99a38a888acc3d061875dea72f6b94911b36b70631065804361fdab6e6bc1708b0e1a052ab09e9ac88a2ac2b120626ae9bdace65356b9e554ba1edf4c053450a290cc1a5efaca4e90ae7ef576fb4bc071cc61607ee6bc07b09eff34388e53bbbca2b700ec08ea9fcc8774d97b3a1494d06b7051bc6d9c07302274a4823ebe23731acc4ddd8f32de2f166b4751bbaeaf011e4da32d36c5f9ddad6e58338db5c08e7d35564ac7adf7433b8bdc68779604fe0071fb9f90f24e8d0ef4fc636ed87ad5365f8dd91e8116fc1b8f40a30f49d890b25c6dfec23a5162d4846b499089ec6c80555e3db47c106088c64aa1f8c31c25c2f1f31d7134a0c3bd51619ab99cccafd603f3285da24329224ff3c3505743a2a5576bb5d8628c095943fce11f5f171949d2e891cb7979bc44cde39d7cdc0c731f18349f19c0f99a7cf3e04a83dc96f1786e37b72fdd0cec2ed662afb0a27f8d57f651caedf16f381e8cd7626d67b33128054be0a95fa11ae7d136cc16d117120d050caa59f3354a087fec27149a50118169a426b6d0f32adb9b578292e97575fec40f9f3e854ad22683511ce08ccb7915516997ec19ea980377309f9caa0255322341a8b5a28344ed7e1f07e9e96d471aa4ecb728d20ccafd8d05836feb7e90c14367fb691da48a71f34ca42eda4c1ec4e51cfa7e002bb0047f9c0ec2721906899451681c838c8963f2e9489205347b06abd0b0429b334c0fa5c123c388cae3f2a1b20f37cef7d3be09783a868d822f7232cb6ffb429c336bf00dbcd028bf9bc5077afa8f597fe80d1cf0f82b8717c160b2793a2eee8248d1c240d2b20b963ea42b6ff6e9028c52b60c8ae6127eef331a2bd3fa82bbeacf8ea7378520c16938b8ead3963be015b0782b8c3a6465bf9339b72d9e9f3511d2dbb2e2cdccc8ed5d16111e6cd3a27f1b0ba340f741d8ea309c767a184c36f49b5b7b9186167c8c15a65bdae678d3863206f7be05d55b5857d77a9bfcd6ad8134181f5a7f7cc5ff2331ca1fb108ee205b2ce5bf29ae2447f3e7b0ee90e3333e9964142a09cc42d9697a9da1edcb49141020f66a6e424c702dc3c49ec183cc5001883bf35cd71440d3eda3f7204f5e8aafc543e863eab6aa71b7e7bf32e4968001883bf35cd71440d3eda3f7204f5e8aafc543e863eab6aa71b7e7bf32e4968f53521754c2371312228c536c137814e039d14bf6185b4a3f75dd6f02ab7e677c6aa62b7ffd9c73dd1f1d6a4313eb9b65cc7434f70112324ebe6b282df18855eb9fd78bb83f9c017464e7652a8ad68e57d6edac4a1c7bc57252fa9cd8a5e095c40fb80059e000269145cd6f49e6f894dd3c390a8de2c005efb74d4ee750ccc7e75f605514e8bc63184e1cfade487d2ccbaa6ee3d9060f9dae65f83b518450c892922f64b1261fe81f1df63ef2318715338442632e35243af6566d7ba073b2446ef2d62a280441fa862a6efd53b1aaa4ce61eb3dba7ef0e7e43bd5b3435f372793fc71f976dc65686704abe2a0b0427898b8b4cccc9abc1ba1e05545ebe3cdd567465b52109f9b9ea365188fe91985a2310b6624d879542bbd1a598efaacdd7a984bcbb7458b9592734fdea2bdf78b09d1e16c26783939cbf250c07f4a96fbbfac9bb8e751349305d74ff5f2f5501e800185cac9d5c6fa4484010e00c0fdd8da0bc259ec8057ca1d031e42066401637fb803cdff160f78312548164ac9dc1de19df22e22ad42f9aaaaeacf413568d80bf2475abd27ace0af4441a7e26ff7889aed249ec6104b04ab92a03609c497e900cd06f40825760dce03fe21b82f6004cc1980e0bafc32cda94bddbb2f780b8390eb3702eb2d92d2aac9d1ddc2eb1e9a4cabd00016b9e4c063300ad268d2b8fb54f94cd42cdc15d358275efad04ac9bcf751f035449a5bb5e33ffe495fa7a0713a0999e211985fe93962c16aacf3ec6daabc13072bdf20d4f546abe805123ef07fa9b02d3d927f3b8d3a27e071ea36f57789806f03b6ee0fa9db14fc345266f56e2368b7ecdd92c3bfe853fca990d7449cd4520e8466ec8010a9eb6150d58fa81cafae2039d6c290840b075e39b2b4ae84526e71d6997335a717f279d9f884e509f2b49a4db4d6f962430d33fb1d2840131dc661f1f86857c04c69a90a6440da81e32f79de170771c32afa5e11c598a8fc2392f59db94575697f08afe2452c987e19dc0e3e1098e61ea63b27c6a387bcfda72bfaa9600572a6acfca28df253a8426dcae3aca34e564e41602d9a6550cf329a144a947be3fd5253835751f8060b0b61286dc0d9b522aa2433e46f1aedffac6c071f4160b22c67ef27118cde855933515511d87c5d8d8d97320895023c49a9b1b0e80f4e2a6e7260934ed1b37aef0e304643e19f134c87373c84bd8f093a63262ce66a5c6938c0c84d76ea3a90357df8f64795e2aa886fe2bdc9866c2172f67691907afa1aa6a6662f66eccf18e179e01d386f8b1c3f7913a6d06b6a5c76264c0bbfec4ec102105f6e288b1607dc53211fe5a0a8d09b6523079394a103c8f4ac064c9e24828d70c3bd1ce1852ebc1297bf2915bf1f775ae8d39c9c2e4c221cb5c9527977dc681bfd154d88422e61f3c7dd9979542f61de6520f487c5170c3f6cffe0c1c1059bcbc77e5c897fb342c102eede638a506bca3424a6425b29e486daa23f8eb7eeb1ab11e54d82141d90ee9993ac132956b9baa28cc6ae217cc19aafcbacb8154cf6da4f7174b46602d8f70aae76b3c35f2ac48b9b3d3c93df645a7ef13729027648c5482c7841b082408ee9d48c7e4900d7f96d9a35eab72d5f15a7c90c3f3d154fafbe703d2c0ec7ebb1740020c3725a429e7ef7575f985f0733c18602c651421157005ce4f9273b903819f926b03f7536e2338a5ff2400d3a72c5b08af81814d0e6baaf40a4140063589a9d6e5a42ff899622c1316f5903e5ccd52df19abc04b5a5dcf40e765fc77ef931128b23fffa0bac2f1118b2f3c9f08746d1170df37147ffa92931021d519ab93e96ab342ef2d66ce84617d9cf9f7892b16fff14fabf76680388faab80c2f1f4c1dd09b69c95564387259e460190c7f11599a697a3c73776bac427ab56985a6b8cbc1c1982995b6ef64331b1a35880f620523c42a5e97fd33d0dacdd1a7c477129e0301b0792954341c2feb077d1bd4c4cb484b95596e09c1f8dd427c0ee6f4038a9a6a07d6865d6aabf96dddb415a6ac316b5bed5e5512bd6680e9d47a5d5ab8304181e84936b65d1017a08d52aad30de8785aa4d93f435caae3fc8fce04396a7f3c4566a38582d757b04be104e52f9491448cfb7c7ff6ce4d2c54c7d96186cf5785fd20222681ffdf5ce1d5e05a6e80795d4ec77306c18f9d48952ad341f2529be969bba4d1c4be953f234047bb990a83fa84f762c18f1a280056cd73379744a40ad1b3bcb9c6b381a71901ed22567a10fc484e48575d6ea3b1beb7054ff92e98e8b0c91bb5c3f17afcff1d8f4bdac9f7ccc66897d9a73f57bb341635f81e928c2aa1fb68e430fa59ef32e5d60d0b03a3a9d62d82ce3eeb906c9fbe5cccdc4098a70ab701458cbe655b076a20e0c2abeeab7717796cc25a7e517941729c7d71857dbcfaf12a126a004708825beebebeb4e95b3c82624d29fc6654dcb67771e5984dd8b801c524cd628eea399078d45ab68fb5ee63589f0cd09e0ad362e1ea6147a62bee6e3dc48b42967b6e63eb4da315c2b2cc7c0922636d63797da6ac07f4956be3a9107a7cad1294f868a7dfa306d28a39fefc157588a5a90062c60197687b9a366b9ff455dfa3ae3f31cfd1e8f9bc6966e3f2fc215c5ab56bf263ed5d96c605c5071afaa9d91ffc59efb345010c8db67cbc3493b6ae86e040014a2b7fc0685cfda68db72a65d61f44f146433abf657f21ed85713881feae69ee384a48c1c5a3df5ccd4d78834fadcd03b33dca80ab9b2bcc19dd1f2cfe667921d4b59d9fb64f4e04f392726e4e4d52d56209e83bce30b9dd6eba154aa2fbd48e20eb541774193a81ee5f95a5e43ca8fbb12f5b7584039e15c95a15733e5ba202a551f42b3f10f399cbd3bc7c94e75f00b57e56fcef17e381846603689fd94e4ec879cb44f2181afcfc3ca74dde57ef444a712bd02810830a66812d551498dce8d99f0e4e363c4affe41fea89e7f69fcb19f829472810830a66812d551498dce8d99f0e4e363c4affe41fea89e7f69fcb19f829478a112bce50df8da76823845063e4bb033de5fde5b4dd99311eaa221934de959b00a58ae3f1c5b1de07f705df4e0ea68d3f6cea71345bba4e424631ee821f4bac5a44ba9db35dd79e59f753dfa3392233cb448e54860b9238bd9a1742a007a4befe751ab25f3bd63148e849bf640f3fd7c1feceac6ae469a8a1db0f21cf4f85474ca4e8ea38afd69a0e54b69aa332a2d354f78b9ea2a2a5ac7a145add23147d69e0235ac8d2f739b0ab0ed018dc64ee9c8661f01809624fcb2aee3a957b795e070f65dc53c409807a0ccb84ef2fe3a9d186da27410a3d84b917c85ec8938c79526eec58ff7f7bd0c2a48f9860ccf05667c9beae4936b7221afcf098c40adcc0d88adedf7ea3fa656a32ae8fc16432d8ac20ad11793f726437e3a8f374c66a5e5f8adedf7ea3fa656a32ae8fc16432d8ac20ad11793f726437e3a8f374c66a5e5f1e5c2c9b8a320b69b61748f01e53f72cc73e41a3fe216239e716bf6d4abc75b1a64b8541db983099f28fbd5edff3165ebb668ccdf5542dedf9ee104daa39b493f59aaec430910b25b46d162ed2c53d5a3547379df487af4d0771c1053fe7e43b368f983a8c4088eb0900aab5f4d91764ce9ab9dfd67ddb7797bb4d012130694a44d2d3cf391cae7b65e9320f17030392316638d17fd6a97d73244aed7fd092e8cfe25a6e6587a81acbf46785ab19ed9933e80f9ade97e751cbf66bc451a082885ca246030360dc004c4e40a567c6e43ea641925be8f0858d961591efdeb73bd55990148a33c423eadeceb4e3089ec7733595205edb9bd7a7bc38d7b5504c198e7bb9dd9996cca11f2a696c96a1819ea6bf3b4e676bd95463426a653b3db59b7e9af95ad6b86c23acd33ebccee2772a75b0b33fe8917e300772f58673f1db4d820a7c3537ea8450c48430a4d0299f6d503a0d66799a31b1ba6e48d8cbbe1aec8e81a1a98fb298f3ef0f598bed948a5a595ab0ab6b421fbd25f185655a84b9d51ec4112a747827149195929d17307c1d09cda575ae60cf4e5afad975bb0900a098971b1dd880999b861acc42697e3db9b2412d6c6ab717615312f548eb3b0197c0f765f04d5df0f77a0d6108daca67aaf3360de00622c4aa4039b86482c137296fe3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855526449b790a46c263dfb5f99aaa9f9526d7d061d9014f56ac7fe49b3a27a8e49526449b790a46c263dfb5f99aaa9f9526d7d061d9014f56ac7fe49b3a27a8e49e77238163baff4267f32ea79b3c2a667c73ef259010cc8d15ea348e0ba30b6fc1de3deaa07b942892b1d997d001566921116a9a25eb7711eabcc2589b05f7cde4ae2a6bdd0fba9483c66422ba0f578e4b916632f481c322e2540c629ddb73dbef3c19a2edf9942a16861610f03a82241c662ea034338f0580ec6290541be75142f56f64fd31240349c37a38b03c14197184d8c27f31d7d7e8cbb44111e8c6c462f56f64fd31240349c37a38b03c14197184d8c27f31d7d7e8cbb44111e8c6c467ce1c633305f50f9256c5d90f6bf375c846461ec1a972310a89b29476607620380d815dd5c3c4f38aae20cf420c6e864b0abf760455fa0edd2957e3d6fa6456d8c8efbe5691a9bd314ff20159359defb9e1ee921bff18a1a8183be2f2d905a6b8c8efbe5691a9bd314ff20159359defb9e1ee921bff18a1a8183be2f2d905a6b01235eb7f2ce7484493f6ad33b42702a9656999f4d25b4c2b1c344df14780eeaab1f322245fbba2105b13654fb84778c3be1288b87dbc75bea42402c730aa8982a6b7fc4cb2a305a047a4f600a97667c9a0326b240d989c4c4b934daac343f552a6b7fc4cb2a305a047a4f600a97667c9a0326b240d989c4c4b934daac343f55a46772385d153852f286f44d49f7310be1db020454beb22fda29e267dd7fd71aec4af86aa95762806f3b3bc33718abf90356040fac95ab5e4873d585ccfef894339514c730208994876996787069eeb030c4c996f7734128af2c62135a1862f1222dd656b578b44ca80ea2fefca26112476c5186151d90f90519850a8855948cceb7e98a7e76f1153f390b17bab4f97a1d222181d2c987216c051848d88a9c02e4cb4e70e7d4e83471174af4bfbf8d7d8c26a74a4be7042c5707580d8ba7d8f6c570a4150e9a7e2299bfac4aa0d3303a56aba011e86c39067e82d5c199d59933c570a4150e9a7e2299bfac4aa0d3303a56aba011e86c39067e82d5c199d5993360faeb8b6d0617a007a108765f3b0e29514368074bc66651c60e7fd07cbd8eb25977f49301b79cb23582a72f7c3c7bb8111e2dc75701bc11a23dee20fda28e5fab2ae7299417e9fb6467b0a6d5453f1abb44c51a6e46d26d76e79f1127a9238ab025e4fbe75b2f2b53d35196484506fe9059d48111f351673ad32ccb99c84e69668cd64ae0d48a75fac649637562c37b039dd3e2af12d99cd5f8209854bdd3989125ca48cfb09a167708dcc34cf6f2e8a3241fcf3cbcb44f7c188887c996e1c55f54e9cfa77c5ac0c1cdf31663fd0937b262d8cfffdcc690d9ca6cfb281ff8b0cef5ba01727cf08be652a850b1a7214b8fcb5ebe6154b6948036324c29ac2eccbe2be96eede05c6dd533b23257f8e42eb71c91607bc8ccc5e16e8cfbeb88ea0aae2442af330da52fb1ae77826edcc434fd4f7cffdd9abf40ff591fd84aca5f7cd5cfc6507f8963e4aad13d138c7994c86d5e81091f6a59a41fdbeb1cfc5a5e60d54ca51906d7b5a4019366bfbf464c8701afb5ecc5ba5eed0cc57a073b17ecf57c26e768b3b6b3bdc81db38c1c60ffe8f12da890524fb017adf5e0a144a871d335e5568db03edc684214ce4023044dd788c9275b09464fa96971f7f6e9ef03adac8a6f44f8321b673b8917c991230106140fb4378cd3a356da04cc5cd907392991367e398a4a1bf701eb385abba7df1826aff1f761d3bed1c73936e19fe2118a4b689beacc5b212345e9e9c71835b9f16cb7fac851378056738b4ddb1bca595310fc8e8a971418ac53b050d25ef72edf4cb5f10f31a5db941428d1832fde998c7be36b71b4861ec9169e6b3ced443026124532b36317ee50ae290c09bb571a7a27517be929c5c7922ce5792e6ee8e470f92d1d079bec395070625335ba46c65577042a3cdb26e43e4120a6aa755a3562ffb8193107d45af3147b2f989441b7f056a12c6f57bde70a207c34ddc54c5f381d4567d45db6bf2d730d4d9bf16fabd95eccc3fe90fc5c6e63aa4363073937f1f06cd0fce23c58b4314f3412f83ada245eccc3fe90fc5c6e63aa4363073937f1f06cd0fce23c58b4314f3412f83ada244c0e2ca238ff0b490a9b1bde539c290d02b20886078d28d9b21014744a541f1e3e10e62afe73737761e2d0e28a3b1d6ee652b477786554f285de01ce6486468a818a6ab04d6d051f339bc764d86a448441cac26e95fa8cf5bfc485fc9666e6e7eb0f2fb665bc7b4797ad0499602b1e767a2030d545884152ba47c3eb5c993914268aa624a0d9b7508dd512b3f2ded2b2739c305c3b69a89b1c4e259424e6b74049fb80eccac5912790a6c919305ecf6f6ed65f29ad783f94e1ae5fe0491fe49cd984f3ec3756f530054e482928e3075692a22987202b44e825e743bc02c5d29b069e00223add81ca68ddcbfb6925af0fa72662f4a524a0ea1e7f33180d4a5b11cba46335e9735bff39676665fcf1537d819a5d232c7dd05c32eaecd6574813bbf8a75167e7b74cf5b16800df2d2928c82df69e94bbd1c72372a0afdef20263df67ad67e58ae9ec2dcc2ac3c5d41b4aa9cc59578e252ac5e79970b979445ed8264e7654993b555a7146afddfb9d7a9b0dae35b335a6079b77085128f96617bae07a2f0170775e7418548407aa65cf06f5d34ddcd118903378eb94f7c0e14bd3c5782a3f05d63e397e2638539012beb624b3edac7a24f3f17c7eabb4b65dd1a549e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b8555a97f46c30a0042a034138dc020579ef3c0153da3bdc910820b2fce028e346ff5a97f46c30a0042a034138dc020579ef3c0153da3bdc910820b2fce028e346ffda9a513fcb183cb8d19b9498beee522b210141a77ebb62f286a5422c03fbaf718459ecb87d2eabe743a0a16816a99ba5370b83000f8e75c346db26c90fe862c36da8d3a2e9f3fa711de983acabaa94898b02ddd4551e215a6a077190049b4de05a6786413629baaa2768a48f05e53fcc8922a2583e874d3426c1eb59d2c4e12c3e5cc1b9bac6ebbd8953041d41f74d9fc822867ca0799ac7ef7231d2584e8991e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b8551f9e351e9acbb9fd516f2752b56fd6b228f31c4c03796632f3e1abcf93b6a52a1f9e351e9acbb9fd516f2752b56fd6b228f31c4c03796632f3e1abcf93b6a52a9cd6dce0ac0022794a1003b19929c2ccf4d12e75b74c219ad5ce4502f32a7af85efaf019f485bd08000473aaef8edb08bb1476b54b4d935f39f46b77b3966f2ef56a69708587ac32442ad5a4163449dbf35013a2d5aea7fdfaf3fef0c9814a06f56a69708587ac32442ad5a4163449dbf35013a2d5aea7fdfaf3fef0c9814a06b57120b0742eb2444122d538176073b458e41de90299a93fba67dfe2161c891d850091d2599bdf12d19edeafdfc51f4810b02adec211a6ff5d046ba80b57157ec2e11242ce219c149364f15ff345776d919ac9d77960d8cb19e62f502bd53bf80f41854fc8e27545d1ae999229fcfd452d44f37ae2e730775865a9c69d92087053396e9fb302eba8c9e0aa73099955031b8cab0699dd5e21942d9ac15770b18cff52b01bd2d76f705269916a8065ae8b60616960137257b5718501abccc3383482aa10f7f6c69d8c67332e79d2042d2e1857913a017b8a36ced2de15f8988d7fc64baca157069fa15186ce572801a1c37a16ae2b516f19864a5b234d37512275b8b1e50a2c95b8fa8bf614c16a45d7d8954e0c4ba44a14901d3a91ff43d9ebd8e17d54b514e7f128acbf165e7f6c0f70fc033c7471f26b23e54498d118b9a4e940392de170b8e9020ce31a0ecf92491632b5e4ee59dfd274e6323df0b97de41adc325d197376842c57446ba4b911cce2642020ed99c9b42ea2630cf59b93a5530366f302f9008e5cefa77f51ebf92aec71d9a7d331eaa06df24e6b4c40751f4530e2f39cd2f6926e93915f160769dff899b4bf557b4bec09fda963a2f61a82b04c5bf1d7d244c932d5ddcb20e6f668167ec47e2a7cfad19140303b483be80967107708dce48af3000aa611ee44a95b0bfb3799b115a12ad4b4a1e8b6a07e53121446e9dcfa0635d8cac67182da419e02a7d3da38d84c9224a51003bae3ac122f938cf97db96fccb6f2f1811fe981c5693e57a224be2b6df1424709078c1af4bd1c94d826536771441819aabe4feee0567a318c0d91ac7e211f66842ea7eff23b1dcf3df4fff42abc4315053dfea1f34d59fa2318e2272e7746f3ce306167928cda54879f7b1c9ab763a31307f4c022707a002a9dc5d5b651d8a13a24373e6dfba60686f2eebc44f475538497dc7fd6a6444a21997c29b2add943c4e099af50415600a224d241f679ed0bbd61a133dce27dc0cdb7cc797a790f4b72bd16203d75ba5f30f7831490ca4c259839816aa8e2aecb0de68cef57bafb2ec8f8597f658969d536126273a6ef7e6024bd766103979cebfaa5af9b36ab2b64d70525a249f269d536126273a6ef7e6024bd766103979cebfaa5af9b36ab2b64d70525a249f256fb5605f33ba75f3ff482688225797b7158314534f18c02a1031f776522b0f26b1fca4f25bf1ee9f089472cca31461823bd8361991c2455df7790a5b5b969ec322181a0c035ca2af085c1ef2eef76f4e4a54b93a00be00d3bd05ba060e0be2a4bedf8d9322daea2dd3316dbaf7479f31993331996505b95a876e0add35fd37f3f2f80b145f4e040f6eb8fcda3c7dca86e1008ff12a829045fbab4c28188bacbefdfca22a3773b1def9e34533400a8d30eff471f6dacd69f1d3cc2b6986208a4c63beaa31b49f887c40ba7f86d6996d9a970f15f305b93e2d6880754bd0bafe6ddbb20b43885d40839979217da38c7f2cf7a510184f6b24aadd3a36d2a66dbe1b5142fc8ff626d9593f8d6e7fb73c66e7d183113f121aed5dfa6037268bb3126b6edcbfcc592cda5b4922772fe7e893a7a207e72fb0a8349204bf2dfab83b1a5054b54cc64e7afe177fb5a78aa47810ace97ed49d874199d8b45d95bb3de8e264771198306226a98dd0f3cbdc671283ce75e22826d8cf821fa08ee87a224d8bd9c997b05044220ee08e38d563a0d93dc5d109b88f2722eaea34281abc16398528bd1096e9347305994724c3b0ef6609e0b91067852ce032197a8babe22cf616aa40a98c15db9ec926ed669eeb98377086622f9d9745c4e3754ccf53c3244d1964770552b66638a9197ada18b35793df78693e370d11223618cf80fe083d61e899c5f783da0fed80cbce2b9cfbec53d360470684c67920c124a6dba915237a690ecb170acaa906a134a57100df3954aad568040284631cb26c7ecd409bfa2be067c1fb3177eb62b4baaa7166d4bde6cca1dbbc0bde69924dc9984fd4024f99b42a3db0b189e790b76c1f2a3c53feb3af6e5a18311763267e0f5f61a52316d9d341ff32457964e63d716e58f7b6c05176379dfcdec105a88cd58573d35da7712638b2203ef3f4249d988dcb93ec7240f616d54ed394cabd2b7e06dacbb5da3b803cdb36adfe0a812a3be28359a54c7e62182b510b328616e312d856ac292679c1ccdb36adfe0a812a3be28359a54c7e62182b510b328616e312d856ac292679c1cb1b15abc90455070f52db92cb7e30f496bcea47e2f1079117e02f3aeac098da7f68fdc2b7f19693a3d97a34354efe33ebe4d23af6255d069f347bda930c376d9ff080460ba9b78718b9a5d5b666552969b043b10aa123e29ffad2e8da60edc5336ecfd96a131bb7faf3511788faaecc5edb4bd45b723e0b2afbd0878de7a54eed19f779fccbc2b38b1638ac81726b930e225b4e188b299bfd6d43cddcc75b70edcdcb0ea9d692c8cf3d437d9546d61b3f08314092f6b41d3a3cb394a9283355d6bc4c9499c151219ce150d95f97e89298f045828f40205955ae298d1a8e8f7626bc4c9499c151219ce150d95f97e89298f045828f40205955ae298d1a8e8f7627ffbc3c1a5d3b3818fb10547c7453caf51c4907d98b0ebe2739a17b7f8d3dd6c87e111410f78da043ba48d4046e60cc4e6d36e68e40ce9afcfb295c58793f224139fbd47ffe35a73aa5b9c5ad266f35afbc0875c3cc0e496ab62f63a9eddddecef7f56cbf1ea908709129d0ab93b91429422f3a1df63cf2b28a397c8d82b7b46c84f5c4fad68b2dcbb6a9de8746cffea48d2e4f4e01890abe3012482564a24ff8b699db5d6830eb8ee036bb1c03da9051c6d37ad83e403af398b43bb425598b6b0f3cae0dc5d643743c1fc81a5ac30380fc81bbfddc398fd9f81fda42e092e929be84f42f0ccaedd1c6fbdcdc5198eed8949a2bdcfa7997086358d10087f80736350390eb8908394d8ef91161a1087b19217058d8ecdec7c4b82d9a6cb8a94634959478ac466fec00a0c412bb2930a322066bd34b304b16d5439eada6a774be9a0170254a65c2e5a4bfa72a8147c971e6ee08e092a5bef5577fa539236f28ea3a0170254a65c2e5a4bfa72a8147c971e6ee08e092a5bef5577fa539236f28ea3c2b438e2607b8607a20908cbefa4c9f96e11c3eff9953c5d427dd4226c3db7dcf1b6b88f4f8f4e6497d34538fa770de401d7ee4bef4fdf4a274cc14edc4898df8397c1e4626b347f99f8f2fe8889ce4bb91b75b1f4839b1254f5a4cb72d018eda38383d6a7132ab8f5625e59408b3ff7e57369c045fc6afbd3c5f5309d0b796b236ede466ff8d2cab9486ca89320a31bf0f7c842949bbf5193007a8a0d5439a6371d045de1c319d7eda3492f2c1b6793dd73b6003c2234670cdfb1ad4e61e62bcac5b565ae2f20e18ea6f5bd9175e1c7bf5820097b146b7fa2ba8f05f2be74dab2eac5f2f02ad3604c95d387606c4a32ee663c5388cddfb295a4e04ae66f6e7fed1e819a63ae752d5b47f796bb096f9950a51889a57d4e94739f5f6e7343d947daedd9df48c7d51119b04c9cb4e813d4b16f7b882fd97b7d7981039eb17d2bd0728cdcbccdb6c4d20adae410c652d633ab4781d6682c5c5dc3cba5db0c62b392728cdcbccdb6c4d20adae410c652d633ab4781d6682c5c5dc3cba5db0c62b392eae4d716b479aac8e1c2c8b0fc02f869502998405642825040ac9e10692937eb5e4543b2ef0a280a2d882daf55364d137f5dea95a1b329c1c5f5db9f4e59aaefa21589850740b17c2c3f5588ef28c6e0732cfbe21e7f81b2ff97cb32acf5783610b153a5f1d6f2d32b6e9ed11efe25c67c86e30182bfa55585aa341ac8d4070a3343c8a84afd5833fd18586f371a7dd3f0a3314255ffcf9926a388e2d7389bc7293bc30f98cd403ca6270e3e13722c905707aad6c47f5abec5383719435d2a0a278650a67cc38d2e1df69135b7e12f7b0dee4f76ebd69592c806c67882853178b793021603758ebec0ca54282e22d8180a3907ac58745f85e969a8b0f27237358b82260f271c7c3805adf6daeec65ce2dffb985b612c9e0d6eb03742f9bf50dffa6a00776034761f3caf943d842c0b4422265743084232d6ec001129a6cb57abe9d5a45c711f25ae124cc24295aa58696bde06cf0d177556ac6364a542089f708ca42786ed6419c84446f5536e2abb6f93f34138021e32dc692d0cc7fd015201e889094e820f829e2e1d9e32be754594d7cfde25e305306ec935e86b35fe00f43169a46d5b548dc4356888bb6bb3d849e7f07dfab78da85cd3621c7427bbec4c3f3a9f08717f8ba23f0d88765939544a6e1913f0430438af55b46372f29339d9129a7ee0bec926093b646c7c1620eb50f4ae74045c4c87309b59d42e49f529595f623f283051ce41942d4ff5d67a7c44572889df46a71abe54af589facc67b2b3de00202995dfb5af107fc1ffdc9c4bf1862207f2357a2ef3317de5cd9cd07a8759636c58913171086d3b3b0019e0cac636d7e97fbff8a2306e7f0131d99f29fe2c09f356df0b9e6ee9ff1aa71d3d01b67bfadcb710dc8006376923827b7d1487f16058918bdd35cb9cd17576205160729444970ec9d75a07d2f938c09221ee343e7bc7f235fed21d50d679c59c73f96acf722f701a5cd7db4b6e808cb8e7eaa43e7bc7f235fed21d50d679c59c73f96acf722f701a5cd7db4b6e808cb8e7eaa1c0e164e4b416ccfe9647655f6a1eef7b46db1b8ae889b8c0d5063c2b73c1bcee00c2296fe5f862413fc34568a98d7404d56213da1c096c87bec6be4d0565acee35fdad43c4cd2448792d8a773e85ea35af92c61a46c3b0f380fc53cec5a94ea702ed083c043e38819009162ceb7d1e3c210cae11b906a73826e0ce90ba5392cb3b06561686b15a3745547e2238502233ac8f1c580a09400b98b81e74791d1b9b3b06561686b15a3745547e2238502233ac8f1c580a09400b98b81e74791d1b9495f962c1e4bc8ca9316ba672b23a2c33c01c5ef05e223f109b9c9a0b2f09177495f962c1e4bc8ca9316ba672b23a2c33c01c5ef05e223f109b9c9a0b2f09177d44589dcee06ca8a1d43281375dafac05563fc4a193d04e5edd59301b25af985fe737d3af0865e1548dc9df009dfa11111e50decba3c73a0e34dd34cf6e99325bd3eaa8fc0dab21d5c8397b920d167db1829637ccb581bdf971a956b08392cdb1caee1ee56a101a5926b719fe039229da68551af786d774f53cd4138176bf545ab633c8bcdc48b083779f81164a91c5b8eea36fe998cedfd74f21867daaf688dadca97581d2a7fdd2733aa64322d49e24289fb0857b34f2321d9722acdac6c15695e394bbc3581a85ca24a033c3cf412fcf616205c5986d8d3720d93160d22f70d2be147f90da90eb3130657e044ac39ed143eb94e082b42c4c91fd72f91a395161f34d89555832d933b53722f32361c12243ff5fd62ce96b1983f2ab482bb58691a24704a75dd5b3197500074f6c9a5732e2b7d50ab352e291b2196e0db0a3799b458ae4bc946ad44b44125d305ce35414d87b4f3dced52497ad9e01567d3db424f7d9c0325afc9a9699fab9afd4accc3bed380bdf639f14b066cd75b53fe05e13646748744fb4e2aa2511d4eafa76ad96de773d624f8f63f1e7701796f992ea0a43f3383ec4e9a945c0a5720a4df5109acbd79c8e0bc1a2bddb65c8b4157c8377f29f304db467066166e410ebaa781a67c017f0f4e1aa530d7a38082cbe792e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855bff1aee536ae276ea9e532bc6d977293922ad98af9465a2c3505a9cd91d71c10bff1aee536ae276ea9e532bc6d977293922ad98af9465a2c3505a9cd91d71c10f4571230dbbc02d1eabaa565fce790d73d813fec361f67a7c6329d8d4b33bc55308eee51229d9e357b49b407ce20448167e6ed0d7d4dfef3d907938f5799df48077718bb0129d48197e7c465f11a86821054e5680300e423c8c7812090856bbd85a9c0c41ed13071cd5a167851e0dca9ac328ca8195be46f3d6b0f24065c6f9618065edc77f2748d6dbaa8e069a6e0ec2e3c905c890ad9c17cf3d3ac22686568a29d903b4fe95cc94de10aa3971bff0f8abacb8aba339e5b75d0bcdf53331094067ef9804da0bbb1e1eae623542ac880f0d510b1715472868c1268dd7c93975f89698c0129ee0d296cf79c4dcaa8de2e8704e7a2aa00ee631f4e440135668c2161199136ea7d01802388b04e036798da21c2106c4a37036092f9a8086af4e98a9664259932f8fe551d764f4441989949ba2e5c25e7eef028b9803efb858f8fca65e4312d3ba8631c2cbb965d014a435c8077220534db81700225c5d4555260be2451e072fc3984d8b33cb29882302dbe729325f33b5ed65226046722601355968e74c04ab0755a9e1f33890a637ce73c831bb4c208dd89dd37d17126d35668eaf2035f61da6a6f015e1f1435c9d09d4460eea30d1caf81a4f0e2138a00953aea958b66b5c6f14ec577d8d30207059c0b4c055e4269142f47e2629e7b923ef7001efb9c0f60cc2055a416c4ffa9a2024aa24b501e5921207f32815d123b5a4f8a8b084a9f378124b2b1a51563bf3c22444eb7ff33692017da28b2136ae56987ed5a19fdb460a5e1454eed0a4357f9fb13acb79d0c44849feeb295906b2a90d09433e22277ff92f4f247450d2cd38c3635be6da3b7799528c2aded873cbf17d7ad969269547ece0383450172a09fe13cdbbab9d690c8aabc55f4894d0ef766191fdddf13520d702247dbb83bfb055b539c94b184cee246b63557db512021739836314ccd73226e7544cef8736029d0740b531a2bc2b676172511fa93819aff0e5bb2d6ccd164feec1de26fb4ed5e54684272fe73b64bb50801906aadd7b2cc9cf3f9e6465621d06d2366b36ef060608a13679fb8aca647ff1618a553c13f1a7a69e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855eb99375a5485445fc93165907f9c5f423da89a7b885a6a12910bc8e9ca13597deb99375a5485445fc93165907f9c5f423da89a7b885a6a12910bc8e9ca13597d04f26b52f0415697786969c4dbd2f59711da10cccad0dba56484e99a3e28cc4a74de58ae017e1394ea359e737feb4de2682a24acead1ca02e83075d9c5770ad693b999ce7356b45f8097ce714b179524eb17852abbaac686aa14e97b34506d7fae9a7c2c6c1005b760d0fefb92c731d7b196f63bf3997537809c7e7fd85078123456d52980f0abe2a4820bfc584b0143b5c3877ca2d8de1442b07f356e53d6339264c05d805a0fbfea38448c8f8876d56b6f049d427df8a1af6277784624f0a18e275ce269e36deab3eeeeb8806b0ba4cc1abc47be452b9618d740558402df54cc9756cea4c02eb33ec7aff5628ac1047e0d0f746369fdbbe11f21c15b7e74c372c4b829633c5d3d5fa394cff06ee476507581f5e15fc030e09d5f64c24494c935b7049ab605a1cc9344b5aba16ab1c14906e5632791d75685d1be818a5e76fc83e19d4c1c226bf58c46e6bb363d2db05b3f1fbcd81bf6a535fc4c8e47eabcd30998616462118c24916ba56fa01844d68620d552220862952c2254045704dd430d5fd62b8258a5425306c5f3af85ff3bd1175a4729ba829b083ab235813a8c53ea2120e0fbb7bdb4049722a82eb0458c236aa91a6ec05e7390e4e65bbbad0cf540c1969d2ad9514feb83c5529ce8624d18a2f63d0ead6ff73ace7bf9b5f5ea10e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b85587300dd6ecf6dcbc4fa12c1bf88c75537a8ff7f41ce7f99097b6341249fae6f487300dd6ecf6dcbc4fa12c1bf88c75537a8ff7f41ce7f99097b6341249fae6f48188621386dc2db018434fe609433dc9690c14b7e8d0bf969d3209647ae0a53da7053d18b22a36caff348cd34df4d5756e7fdcc8519cdb2ae7ec290d5b0b5854af8fdcf12ccf2c3a7bbdbeedc1fca56d4d0061aa483f8aac0bb00cd0692dfb91ba041db530a90f790c97c9a85e72cdcbd1021cc00198503f2e2592e32cd4c8e2720fcdd2074bc27fc409182a0fd295109138a614492e0a834d9f71863c0ddb02c1044ce1e0fc60b64fa65e71e9ef7e1d10e4a8a2d5034ea6b113eb2087a471ee4dcad68b961de522c1170495cb9576e61479cccda0b2ad64cac0c2c23af4d9b45368f8bfb3886a305ff44894563e472afbb7039f5479c506d0fd043f76bad124ef62434afbc5d3a210866931992b7eb6f50943d9ca47d44962fb51271bc4c0807218fe93a9296dcb4b20912181ba945a8bb3e92d2139d7b14dcfc1edf437bcfd39e5aaf8defd77f40d6f24843978dcd56c6aa4ab6dc159e8b6011100a4571d57b36231a15a41d3b774fffa3ebaf01ee11066c8a11a03356b590e2fcde60cb325422543c75971679594825fe628a61fd86ceef067f964cd079707fa53f1e6914a8b4d0eaf0ddaa922c0fe8a1f2623e2fcc8bd6c1faa739c13de96d5788880fa91fd8e796c8496b8528f2e3ff9701e85a7142f18509b33e00cf9a5164445169e871307f3882069b3b20fc654beef21a40d1f09bca1cc30dd4b91291c3a283b471c9ad10740d0868b8d9faa83fce666194c2cb071875aea37080845b85ebe120eb7e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855dcafa433879529e282643724c23cfe9fe55f6639391ed78ab44928e14b072577dcafa433879529e282643724c23cfe9fe55f6639391ed78ab44928e14b07257781725b142e5cb8ba305132b972a1bdb91fe4ff471106e901b32a1a5cd9cb9258b7c04367ee3af9df687169ca3599837e383e55f7f5d9ee4da8f8bca4ac86cbeba07a9a726954205bddaa2e9e5fdd0bc689910bd36f354f9d8e7dd00aa13f81145dab3863e807e3471d47b42f2c4d18031318af202ec4a82865148ab5a16a5a1dcaabced30adfc2afeeafd3c5b80da95c5a26fae946ba52010e0273f49be6d5adab1261a1927c56de9c418c25505492351549a1dbb59e1f91753a051bb53cf773eaf0faeecde7983cf801f772d1357d423d8a42cca78d7ef22eeebd9223b9b48d468b9fb5a7baf14e8536efdebe6303322845c3f6497e5669f5a352d73469629d23ea9429ac3b4c58f277221f70e17a24e11a899eff257d1f87d6ee51634b61e8365bcc6ad9cbcf62e8801ef9c159f92e92baec6ab7374ba626ebbae9e5bbe93320c57c17c857ce6a29cd1decca6f8b3e9b909c7e61e592955b798f8832eeabcdfde410cb747aef6046adfb22f11186bdc2d087f6bf58e012c6304351156bb742d2c89bd47e632d8ec308d7faa180fae1ce736fb3d4bdc35924899824c4d1841597f8df5e744d1d1762d1f471641e5eaa9311a2a1025ee40327b197c1370312b3f6b04759ae8715fabe8b2ed8414ac5775c2a04d4cdb5ccfbb130d6153645eff31e6124f7b93585bfd5b339f30ac47abe29d1daba4ffda90622dd4c78715657c605e16cfc22a984a1213653c6d9262da9f715c335ee22637819accef7ec5aacaa1e4912d142cddb7d04405dc2af407c24fb65b26f82df343937f98692214eb0553a262e697d9a486cdc7dc77f141205f34f0d2155d25fd4d94e90d018b1add22e12d0ccd589b4c22460499177f21059b7e05b046a8efb7fbf63a29517ef0cfc852ba676c9ff4ffc31d9287a8411a291ca986a622eae1c2d133d12979578fca7c9055ff24f3bb04dec544c1253286ebe353b0b2b676e0b4166c75608023b7fc8c74b86df206020a32ac491d72274c4ecbcc92ebf85ff2c23c9db455b76074dd3dadcf03dc56b1027f29e34a98dfd0e39a77547bb0e3ce3a23471c8281f29233affbedc9955524669c7b50dafcd1dc9676fba392b76406cb45516fb306b745682d24d88dba537c19c2f0fe5585a0d7a940d3fa8737099e7ede064a18457aa1b71f1958a4fce96b3d8b536a4ea9407e9cae0ab1bc6ec343a9890fdb98b770d0cca1ac6a55331054d1de3d5a6d380d519b5fe9740f781aaec889496f4a5016754293f1d43ab9105eb469740d31265d2459f73dbb734b2ba46f4db1e7cb1e53bfc8b690ae0485a5bd37a63e63603596417e4eb0e653334fa6c7f932ca3a0e85d4af227b3f646295811f9cc75b484d4e291a029b5b53860d2b192d38bf89c426f0012f84f1239f991596e65f280a6604f1890d3661b91921eacef0ed59be4571149a18c7fd83c293380ff74ea54b5149f5553accbaa85580bb7723091032e6e7ba7ef6f4a8b860fba244dfca936d43c3c91d88755c175fe8ebc2c8e50fbe381251b9bc7rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootroot389-ds-2.2.8~git65.347aae6-150600.8.3.1.src.rpmlib389lib389(x86-64)python3-lib389@@       /usr/bin/python3iproute2krb5-clientmozilla-nss-toolsopenssl(cli)python(abi)python3-argcompletepython3-argparse-manpagepython3-cryptographypython3-distropython3-ldappython3-pyasn1python3-pyasn1-modulespython3-python-dateutilpython3-python-slugifypython3-sixrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PartialHardlinkSets)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rpmlib(TildeInVersions)3.63.03.0.4-14.6.0-14.0.4-14.0-15.2-14.10.0-14.14.3eYeg'dhds@dD@du@dBzcc @c.c~ @cRcRc1@c@bb@b@bq@bEb9@b@b@a@aaaaI@`:@`:@`n@`n@`c`*b@`@`x@_0@_#_~@_&_^^^^k@^J@^0"@^&]z@]R@]M`@]B@\[@[}P@[`O@Z@ZtRZqZqZp^@Zo ZiZ[F@Z&@ZZZ@ZZY+@YB@Yܶ@Y5Y@Y˒Y˒YYYY@YY)j@Y@YR@Y@X @X@XZnX0>W^@Ws@W#LW#LW@W@W@VՄ@VO @UU@Ua@U@U.RU+UTT@william.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwbrown@suse.dewbrown@suse.dewbrown@suse.dewilliam.brown@suse.comwbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.dewilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.com389-ds-maintainer@suse.de389-ds-maintainer@suse.de389-ds-maintainer@suse.de389-ds-maintainer@suse.de389-ds-maintainer@suse.dewilliam.brown@suse.comwilliam.brown@suse.com389-ds-maintainer@suse.de389-ds-maintainer@suse.devarkoly@suse.comvarkoly@suse.comdakechi@suse.comhguo@suse.commrueckert@suse.dehguo@suse.comdimstar@opensuse.orghguo@suse.comhguo@suse.comhguo@suse.commrueckert@suse.derbrown@suse.commrueckert@suse.demrueckert@suse.demrueckert@suse.demrueckert@suse.demrueckert@suse.dejengelh@inai.demrueckert@suse.demrueckert@suse.demrueckert@suse.demrueckert@suse.demrueckert@suse.demrueckert@suse.dekukuk@suse.demrueckert@suse.debwiedemann@suse.comhguo@suse.comhguo@suse.commrueckert@suse.demrueckert@suse.dejengelh@inai.demrueckert@suse.demrueckert@suse.demrueckert@suse.demrueckert@suse.deaj@ajaissle.demrueckert@suse.demrueckert@suse.demrueckert@suse.demrueckert@suse.demrueckert@suse.demrueckert@suse.demrueckert@suse.declaes.backstrom@opensuse.orgaj@ajaissle.dehguo@suse.comaj@ajaissle.deaj@ajaissle.deaj@ajaissle.dejengelh@inai.deaj@ajaissle.deaj@ajaissle.deaj@ajaissle.deaj@ajaissle.de- bsc#1219836 - CVE-2024-1062 - #5647 - resolve possible denial of service when audit logging is enabled - Update to version 2.2.8~git65.347aae6: * Issue 6052 - Paged results test sets hostname to `localhost` on test collection * Issue 6061 - Certificate lifetime displayed as NaN * Issue 6043, 6044 - Enhance Rust and JS bundling and add SPDX licenses for both (#6045) * Issue 3555 - Remove audit-ci from dependencies (#6056) * Issue 5647 - Fix unused variable warning from previous commit (#5670) * issue 5647 - covscan: memory leak in audit log when adding entries (#5650) * Issue 6047 - Add a check for tagged commits * Issue 6041 - dscreate ds-root - accepts relative path (#6042) * Issue 6034 - Change replica_id from str to int * Issue 5938 - Attribute Names changed to lowercase after adding the Attributes (#5940) * Issue 5870 - ns-slapd crashes at startup if a backend has no suffix (#5871) * Issue 5939 - During an update, if the target entry is reverted in the entry cache, the server should not retry to lock it (#6007) * Issue 5944 - Reversion of the entry cache should be limited to BETXN plugin failures (#5994) * Issue 5954 - Disable Transparent Huge Pages- bsc#1217581 - Replica ID cannot be specified for consumer and hub roles - Update to version 2.2.8~git51.3688d68: * Issue 5984 - Crash when paged result search are abandoned - fix2 (#5987) * Issue 5984 - Crash when paged result search are abandoned (#5985) * Issue 5971 - CLI - Fix password prompt for repl status (#5972) * Issue 5956 - After an upgrade the server won't start - nsslapd-connta… …blesize (#5963) * Issue 3555 - UI - Fix audit issue with npm - babel/traverse (#5959) * Issue 5966 - CLI - Custom schema object is removed on a failed edit (#5967) * Issue 5956 - After an upgrade the server won't start - nsslapd-conntablesize (#5957) * issue 5924 - ASAN server build crash when looping opening/closing connections (#5926) * Issue 5848 - Fix condition and add a CI test (#5916) * Issue 5909 - Multi listener hang with 20k connections (#5917) * Issue 5853 - Revert MSRV check (#5908) * Issue 5722 - improve testcase (#5904) * Bug Description: * Issue 5858 - WebUI monitoring test fails to run- bsc#1212726 - SSSD client performance improvements - Update to version 2.2.8~git37.fdb3bae: * Issue 5082 - slugify: ModuleNotFoundError when running test cases * Issue 4551 - Part 2 - Fix build warning of previous PR (#5888) * Issue 5834 - AccountPolicyPlugin erroring for some users (#5866) * Issue 5872 - part 2 - fix is_dbi regression (#5887) * Issue 5804 - dtablesize being set to soft maxfiledescriptor limit (#5806) * Issue 5848 - dsconf should prevent setting the replicaID for hub and consumer roles (#5849) * Issue 5883 - Remove connection mutex contention risk on autobind (#5886) * Issue 5872 - `dbscan()` in lib389 can return bytes * Bump version to 2.2.9 * Issue 5729 - Memory leak in factory_create_extension (#5814) * Issue 5877 - test_basic_ldapagent breaks test_setup_ds_as_non_root* tests * Issue 5853 - Update Cargo.lock and fix minor warning (#5854) * Issue 5867 - lib389 should use filter for tarfile as recommended by PEP 706 (#5868) * Issue 5864 - Server fails to start after reboot because it's unable to access nsslapd-rundir * Issue 5856 - SyntaxWarning: invalid escape sequence '\,' * Issue 5859 - dbscan fails with AttributeError: 'list' object has no attribute 'extends'- bsc#1212726 - SSSD client performance improvements - Update to version 2.2.8~git21.c11e86f: * Issue 4551 - Paged search impacts performance (#5838) * Issue 4169 - UI - Fix retrochangelog and schema Typeaheads (#5837) * issue 5833 - dsconf monitor backend fails on lmdb (#5835) * Issue 3555 - UI - Fix audit issue with npm - semver and word-wrap- bsc#1213190 - update for stability patches - Update to version 2.2.8~git17.48834f1: * Issue 5752 - RFE - Provide a history for LastLoginTime (#5807) * Issue 5793 - UI - fix suffix selection in export modal * Issue 5825 - healthcheck - password storage scheme warning needs more info * Issue #5822 - Allow empty export path for db2ldif * Issue 5755 - Massive memory leaking on update operations (#5824) * Issue 5551 - Almost empty and not loaded ns-slapd high cpu load * Issue 5722 - RFE When a filter contains 'nsrole', improve response time by rewriting the filter (#5723) * Issue 5755 - The Massive memory leaking on update operations (#5803) * Issue 5752 - CI - Add more tests for lastLoginHistorySize RFE (#5802) * Issue 2375 - CLI - Healthcheck - revise and add new checks * Issue 5781 - Bug handling return code of pre-extended operation plugin. * Issue 5646 - Various memory leaks (#5725) * Issue 5789 - Improve ds-replcheck error handling- bsc#1211812 - update for stability patches - Update to version 2.2.8~git4.1eeaedf: * Issue 5642 - Build fails against setuptools 67.0.0 * Issue 5778 - UI - Remove error message if .dsrc is missing * Issue 5751 - Cleanallruv task crashes on consumer (#5775) * Issue 5743 - Disabling replica crashes the server (#5746) * Bump version to 2.2.8 * Issue 5752 - RFE - Provide a history for LastLoginTime (#5753) * Issue 5770 - RFE - Extend Password Adminstrators to allow skipping password info updates * Issue 5768 - CLI/UI - cert checks are too strict, and other issues * Issue 5765 - Improve installer selinux handling * Issue 5643 - Memory leak in entryrdn during delete (#5717) * Issue 152 - RFE - Add support for LDAP alias entries * Issue 5052 - BUG - Custom filters prevented entry deletion (#5060) * Issue 5704 - crash in sync_refresh_initial_content (#5720) * Issue 5738 - RFE - UI - Read/write replication monitor info to .dsrc file * Issue 5749 - RFE - Allow Account Policy Plugin to handle inactivity and expiration at the same time * Bump version to 2.2.7- bsc#1210462 - OpenLDAP to 389-ds migration - exclude some unsupported attributes. - Update to version 2.2.6~git40.002a0ca: * Issue 5734 - RFE - Exclude pwdFailureTime and ContextCSN (#5735) * Issue 5726 - ns-slapd crashing in ldbm_back_upgradednformat (#5727) * Issue 5714 - UI - fix typo, db settings, log settings, and LDAP editor paginations * Issue 5710 - subtree search statistics for index lookup does not report ancestorid/entryrdn lookups (#5711) * Issue 1081 - Stop schema replication from overwriting x-origin * Bump webpack from 5.75.0 to 5.76.0 in /src/cockpit/389-console (#5699) * Issue 5598 - (3rd) In 2.x, SRCH throughput drops by 10% because of handling of referral (#5692) * Issue 5598 - (2nd) In 2.x, SRCH throughput drops by 10% because of handling of referral (#5691) * Issue 5687 - UI - sensitive information disclosure * Issue 4583 - Update specfile to skip checks of ASAN builds * Issue 5550 - dsconf monitor crashes with Error math domain error (#5553) * Issue 3604 - UI - Add support for Subject Alternative Names in CSR * Issue 5600 - buffer overflow when enabling sync repl plugin when dynamic plugins is enabled * Fix build break * Issue 5640 - Update logconv for new logging format * Issue 5545 - A random crash in import over lmdb (#5546) * Issue 5490 - tombstone in entryrdn index with lmdb but not with bdb (#5498) * Issue 5408: lmdb import is slow (#5481) * Issue 5162 - CI - fix error message for invalid pem file * Issue 5598 - In 2.x, SRCH throughput drops by 10% because of handling of referral (#5604) * Issue 5671 - covscan - clang warning (#5672) * Issue 5267 - CI - Fix issues with nsslapd-return-original-entrydn * Issue 5666 - CLI - Add timeout parameter for tasks * Issue 5567 - CLI - make ldifgen use the same default ldif name for all options * Issue 5162 - Lib389 - verify certificate type before adding * Issue 5630 - CLI - need to add logging filter for stdout * Issue 5646 - CLI/UI - do not hardcode password storage schemes * Issue 5640 - Update logconv for new logging format * Issue 5652 - Libasan crash in replication/cascading_test (#5659) * Issue 5658 - CLI - unable to add attribute with matching rule * Issue 5653 - covscan - fix invalid dereference * Issue 5648 - Covscan - Compiler warnings (#5651) * Issue 5630 - CLI - error messages should goto stderr * Issue 2435 - RFE - Raise IDL Scan Limit to INT_MAX (#5639) * Issue 5632 - CLI - improve error handling with db2ldif * Issue 5578 - dscreate ds-root does not normaile paths (#5613) * Issue 5560 - dscreate run by non superuser set defaults requiring superuser privilege (#5579) * Issue 5624 - RFE - UI - export certificates, and import text base64 encoded certificates * Issue 4293 - RFE - CLI - add dsrc options for setting user and group subtrees * Issue 5497 - boolean attributes should be case insensitive * Bump version to 2.2.6 * Issue 5607, 5351, 5611 - UI/CLI - fix various issues * Issue 5608 - UI - need to replace some "const" with "let" * Issue 3604 - Create a private key/CSR with dsconf/Cockpit (#5584) * Issue 5602 - UI - browser crash when trying to modify read-only variable * Issue 5581 - UI - Support cockpit dark theme- bsc#1205996 - prevent segfault in cl5configtrim - Update to version 2.2.4~git25.c81ee34: * Issue 5593 - CLI - dsidm account subtree-status fails with TypeError * Issue 5591 - BUG - Segfault in cl5configtrim with invalid confi (#5592) * Fix latest npm audit failures * Issue 5599 - CI - webui tests randomly fail * Issue 5348 - RFE - CLI - add functionality to do bulk updates to entries- bsc#1206563 - improve pam_saslauthd migration handling from openldap - Update to version 2.2.4~git20.7eba9b9: * Issue 5526 - RFE - Improve saslauthd migration options (#5528) * Issue 5588 - Fix CI tests * Issue 5585 - lib389 password policy DN handling is incorrect (#5587) * Issue 5521 - UI - Update plugins for new split PAM and LDAP pass thru auth * Bump version to 2.2.5 * Issue 5236 - UI add specialized group edit modal * Issue 5278 - CLI - dsidm asks for the old password on password reset * Issue 5531 - CI - use universal_lines in capture_output * Issue 5505 - Fix compiler warning (#5506) * Issue 3615 - CLI - prevent virtual attribute indexing * Issue 5413 - Allow mutliple MemberOf fixup tasks with different bases/filters * Issue 5561 - Nightly tests are failing- bsc#1205974 - support pam_saslauthd for authentication pass through requirements. See also jsc#PED-2701 - Update to version 2.2.4~git8.8a6e7be: * Issue 5521 - RFE - split pass through auth cli * Issue 5521 - BUG - Pam PTA multiple issues * Issue 5544 - Increase default task TTL- Update to version 2.2.4~git5.d25f9eb: * Issue 5541 - Fix typo in `lib389.cli_conf.backend._get_backend` (#5542) * Issue 5539 - Make logger's parameter name unified (#5540) * Issue 3729 - (cont) RFE Extend log of operations statistics in access log (#5538) * Issue 5534 - Fix a rebase typo (#5537) * Issue 5534 - Add copyright text to the repository files * Bump version to 2.2.4 * Issue 5532 - Make db compaction TOD day more robust. * Issue 3729 - RFE Extend log of operations statistics in access log (#5508) * Issue 5529 - UI - Fix npm vulnerability in loader-utils * Issue 3555 - UI - fix audit issue with npm loader-utils (#5514) * Issue 5162 - Fix dsctl tls ca-certfiicate add-cert arg requirement * Issue 5510 - remove twalk_r dependency to build on RHEL8 (#5516) * Issue 5162 - RFE - CLI allow adding CA certificate bundles * Issue 5440 - memberof is slow on update/fixup if there are several 'groupattr' (#5455) * Issue 5512 - BUG - skip pwdPolicyChecker OC in migration (#5513) * Issue 5429 - healthcheck - add checks for MemberOf group attrs being indexed * Issue 5502 - RFE - Add option to display entry attributes in audit log * Issue 5495 - BUG - Minor fix to dds skip, inconsistent attrs caused errors (#5501) * Issue 5367 - RFE - store full DN in database record- Update to version 2.2.3~git20.b1ed566: * Issue 5495 - RFE - skip dds during migration. (#5496) * Issue 5491 - UI - Add rework and finish jpegPhoto functionality (#5492) * Issue 5368 - Retro Changelog trimming does not work (#5486) * Issue 5487 - Fix various issues with logconv.pl * Issue 5482 - lib389 - Can not enable replication with a mixed case suffix * Issue 5478 - Random crash in connection code during server shutdown (#5479) * Issue 3061 - RFE - Add password policy debug log level * Issue 4324 - Revert recursive pthread mutex usage in factory.c * Issue 5262 - high contention in find_entry_internal_dn on mixed load (#5264) * Issue 4324 - Revert recursive pthread mutex change (#5463)- bsc#1204493 - Improve reliability of migrations from openldap when dynamic directory services is configured. - Update to version 2.0.16~git52.76ecbe1: * Issue 5495 - RFE - skip dds during migration. (#5496) * Issue 5491 - UI - Add rework and finish jpegPhoto functionality (#5492) * Issue 5368 - Retro Changelog trimming does not work (#5486) * Issue 5487 - Fix various issues with logconv.pl * Issue 5482 - lib389 - Can not enable replication with a mixed case suffix * Issue 4776 - Fix entryuuid fixup task (#5483) * Issue 5356 - Update Cargo.lock and bootstrap PBKDF2-SHA512 (#5480) * Issue 3061 - RFE - Add password policy debug log level * Issue 5462 - RFE - add missing default indexes (#5464) * Issue 4324 - Revert recursive pthread mutex usage in factory.c- bsc#1194119 - CVE-2021-45710 - tokio data race with memory corruption - Update to version 2.0.16~git37.9a47b3d2: * Revert "Issue 5446 - Fix some covscan issues (#5451)" * Issue 5254 - dscreate create-template regression due to 5a3bdc336 (#5255) * Issue 5271 - Serialization of pam_passthrough causing high etimes (#5272) * Issue 5453 - UI/CLI - Changing Root DN breaks UI * Issue 5446 - Fix some covscan issues (#5451) * Issue 5294: Report Portal 5 is not processing an XML file with (#5358) * Issue 4588 - Gost yescrypt may fail to build on some older versions of glibc * Issue 4308 - checking if an entry is a referral is expensive * Issue 5447 - UI - add NDN max cache size to UI * Issue 5443 - UI - disable save button while saving * Issue 5077 - UI - Add retrocl exclude attribute functionality (#5078)- bsc#1202470 - CVE-2022-2850 - Resolve sync repl crash during invalid cookie handling - Update to version 2.0.16~git20.219f047ae: * Issue #5423 - Fix missing 'not' in description * Issue 5421 - CI - makes replication/acceptance_test.py::test_modify_entry more robust (#5422) * Issue 3903 - fix repl keep alive event interval * Issue 5418 - Sync_repl may crash while managing invalid cookie (#5420) * Issue 5415 - Hostname when set to localhost causing failures in other tests * Issue 5412 - lib389 - do not set backend name to lowercase * Issue 3903 - keep alive update event starts too soon * Issue 5397 - Fix various memory leaks * Issue 5399 - UI - LDAP Editor is not updated when we switch instances (#5400) * Issue 3903 - Supplier should do periodic updates- bsc#1197998 - Update sudoers schema to support UTF-8 - Update to version 2.0.16~git9.e2a858a86: * Issue 5386 - BUG - Update sudoers schema to correctly support UTF-8 (#5387) * Issue 5383 - UI - Various fixes and RFE's for UI * Issue 4656 - Remove problematic language from source code * Issue 5380 - Separate cleanAllRUV code into new file * Issue 5322 - optime & wtime on rejected connections is not properly set * Issue 5375 - CI - disable TLS hostname checking * Issue 5373 - dsidm user get_dn fails with search_ext() argument 1 must be str, not function * Issue 5371 - Update npm and cargo packages * Issue 3069 - Support ECDSA private keys for TLS (#5365) * Bump version to 2.0.16- Changelog fix - bsc#1195324 - CVE-2021-4091 - double free in psearch- bsc#1199889 - CVE-2022-1949 - full access control bypass with simple crafted query, resolved by Issue 5170. - Update to version 2.0.15~git26.1ea6a6803: * Issue 5302 - Release tarballs don't contain cockpit webapp * Issue 5237 - audit-ci: Cannot convert undefined or null to object * Issue 5170 - BUG - ldapsubentries were incorrectly returned (#5285) * Issue 4970 - Add support for recursively deleting subentries * Issue 5284 - Replication broken after password change (#5286) * Issue 5291 - Harden ReplicationManager.wait_for_replication (#5292) * Issue 5279 - dscontainer: TypeError: unsupported operand type(s) for /: 'str' and 'int' * Issue 5170 - RFE - Filter optimiser (#5171) * Issue 5276 - CLI - improve task handling * Issue 5273 - CLI - add arg completer for instance name- Resolve bsc#1199008 - An incorrectly backported fix would cause dscontainer not to start due to a missing function definition - Update to version 2.0.15~git17.498ec3e93: * Issue 5273 - CLI - add arg completer for instance name * Issue 2893 - CLI - dscreate - add options for setting up replication * Issue 4866 - CLI - when enabling replication set changelog trimming by default * Issue 5241 - UI - Add account locking missing functionality (#5251) * Issue 5180 - snmp_collator tries to unlock NULL mutex (#5266) * Issue 5098 - Fix cherry-pick error * Fix cherry-pick error * Issue 4904 - Fix various small issues * Issue 5260 - BUG - OpenLDAP allows multiple names of memberof overlay (#5261) * Issue 5252 - During DEL, vlv search can erroneously return NULL candidate (#5256) * Issue 5210 - Python undefined names in lib389 * Issue 4959 - BUG - Invalid /etc/hosts setup can cause isLocalHost (#4960) * Issue 5249 - dscontainer: ImportError: cannot import name 'get_default_db_lib' from 'lib389.utils'- Resolve bsc#1197275 - CVE-2022-0918 - Crafted message may cause DoS - Update to version 2.0.15~git4.f46ab49c9: * Issue 5242- Craft message may crash the server (#5243) * Issue 5234 - UI - rename Users and Groups tab * Issue 5217 - Simplify instance creation and administration by non root user (#5224) * Issue 5227 - UI - No way to move back to Get Started step (#5233) * Bump version to 2.0.15 * Issue 5230 - Race condition in RHDS disk monitoring functions * Issue 4299 - UI - Add CoS funtionality (#5196) * Issue 5225 - UI - impossible to manually set entry cache * Issue 5186 - UI - Fix SASL Mapping regex test feature * Issue 5221 - User with expired password can still login with full privledges- Resolve bsc#1197345 - CVE-2022-0996 - Mishandling of password expiry - Update to version 2.0.14~git25.e6431d959: * Issue 5221 - User with expired password can still login with full privledges * Issue 5218 - double-free of the virtual attribute context in persistent search (#5219) * Issue 5200 - dscontainer should use environment variables with DS_ prefix * Issue 5193 - Incomplete ruv occasionally returned from ruv search (#5194) * Issue 5189 - memberOf plugin exclude subtree not cleaning up groups on modrdn * Issue 5188 - UI - LDAP editor - add entry and group types * Issue 5184 - memberOf does not work correctly with multiple include scopes * Issue 5162 - BUG - error on importing chain files (#5164) * Issue 5186 - UI - Fix SASL Mapping regex validation and other minor improvements * Issue 5048 - Support for nsslapd-tcp-fin-timeout and nsslapd-tcp-keepalive-time (#5179)- fixes bsc#1196425 - jsc#SLE-22585 - Support running with bare uid/gid (non-root) in containers. - Update to version 2.0.14~git12.d04ffd4b6: * Issue 5102 - BUG - container may fail with bare uid/gid (#5140) * Issue 5137 - RFE - improve sssd conf output (#5138) * Issue 5145 - Fix covscan errors * Issue 4721 - UI - attribute uniqueness crashes UI when there are no configs * Issue 5155 - RFE - Provide an option to abort an Auto Member rebuild task * Issue 4299 - UI - Add Role funtionality (#5163) * Issue 5050 - bdb bulk op fails if fs page size > 8K (#5150) * Issue 4775 - Add entryuuid CLI and Fixup (#4776) * Issue 5142 - CLI - dsctl dbgen is broken * Issue 4299 - UI - fix minor issues with ldap editor (table view)- jsc#SLE-22585 - Support running with bare uid/gid (non-root) in containers. - Update to version 2.0.14~git12.d04ffd4b6: * Issue 5102 - BUG - container may fail with bare uid/gid (#5140) * Issue 5137 - RFE - improve sssd conf output (#5138) * Issue 5145 - Fix covscan errors * Issue 4721 - UI - attribute uniqueness crashes UI when there are no configs * Issue 5155 - RFE - Provide an option to abort an Auto Member rebuild task * Issue 4299 - UI - Add Role funtionality (#5163) * Issue 5050 - bdb bulk op fails if fs page size > 8K (#5150) * Issue 4775 - Add entryuuid CLI and Fixup (#4776) * Issue 5142 - CLI - dsctl dbgen is broken * Issue 4299 - UI - fix minor issues with ldap editor (table view)- Update to version 2.0.13~git1.72eb93ac9: * Issue 5129 - BUG - Incorrect fn signature in add_index (#5130) * Bump version to 2.0.13 * Issue 5132 - Update Rust crate lru to fix CVE * Issue 3555 - UI - fix audit issue with npm nanoid * Issue 4299 - UI - Add ACI editing features * Issue 4299 - UI LDAP editor - add "edit" and "rename" functionality * Issue 5127 - run restorecon on /dev/shm at server startup * Issue 5124 - dscontainer fails to create an instance * Issue 4312 - fix compiler warning * Issue 5115 - AttributeError: type object 'build_manpages' has no attribute 'build_manpages'- Resolve boo#1194068 by adding required schema - Add missing support utils plugin- Update to version 2.0.11~git13.e14935725: * Issue 5080 - BUG - multiple index types not handled in openldap migration (#5094) * Issue 5079 - BUG - multiple ways to specific primary (#5087) * Issue 4992 - BUG - slapd.socket container fix (#4993) * Issue 5037 - in OpenQA changelog trimming can crashes (#5070) * Issue 4299 - UI LDAP editor - add "edit" and "rename" functionality * Issue 4962 - Fix various UI bugs - Database and Backups (#5044) * Issue 5046 - BUG - update concread (#5047) * Issue 5043 - BUG - Result must be used compiler warning (#5045) * Issue 4165 - Don't apply RootDN access control restrictions to UNIX connections * Issue 4931 - RFE: dsidm - add creation of service accounts * Issue 5024 - BUG - windows ro replica sigsegv (#5027) * Issue 5020 - BUG - improve clarity of posix win sync logging (#5021) * Issue 5008 - If a non critical plugin can not be loaded/initialized, bootstrap should succeeds (#5009) * Issue 4962 - Fix various UI bugs - Settings and Monitor (#5016) * Issue 5014 - UI - Add group creation to LDAP editor * Issue 5006 - UI - LDAP editor tree not being properly updated * Issue 5001 - Update CI test for new availableSASLMechs attribute * Issue 4959 - Invalid /etc/hosts setup can cause isLocalHost to fail. * Issue 5001 - Fix next round of UI bugs: * Issue 4962 - Fix various UI bugs - dsctl and ciphers (#5000) * Issue 4978 - use more portable python command for checking containers * Issue 4678 - RFE automatique disable of virtual attribute checking (#4918) * Issue 4972 - gecos with IA5 introduces a compatibility issue with previous (#4981) * Issue 4978 - make installer robust * Issue 4976 - Failure in suites/import/import_test.py::test_fast_slow_import * Issue 4973 - update snmp to use /run/dirsrv for PID file * Issue 4962 - Fix various UI bugs - Plugins (#4969) * Issue 4973 - installer changes permissions on /run * Issue 4092 - systemd-tmpfiles warnings * Issue 4956 - Automember allows invalid regex, and does not log proper error * Issue 4731 - Promoting/demoting a replica can crash the server * Issue 4962 - Fix various UI bugs part 1 * Issue 3584 - Fix PBKDF2_SHA256 hashing in FIPS mode (#4949) * Issue 4943 - Fix csn generator to limit time skew drift (#4946) * Issue 2790 - Set db home directory by default * Bump github contianer shm size to 4 gigs * Issue 4299 - Merge LDAP editor code into Cockpit UI * Issue 4938 - max_failure_count can be reached in dscontainer on slow machine with missing debug exception trace * Issue 4921 - logconv.pl -j: Use of uninitialized value (#4922) * Issue 4847 - BUG - potential deadlock in replica (#4936) * Issue 4513 - fix ACI CI tests involving ip/hostname rules * Issue 4925 - Performance ACI: targetfilter evaluation result can be reused (#4926) * Issue 4916 - Memory leak in ldap-agent- jsc#SLE-22962 - submit 2.x version in preparation for BDB to LMDB transition - Add missing dependency on iproute2 for lib389 - Update to version 2.0.10~git0.21dd2802c: * Bump version to 2.0.10 * Issue 4908 - Updated several dsconf --help entries (typos, wrong descriptions, etc.) * Issue 4912 - Account Policy plugin does not set the config entry DN * Issue 4863 - typoes in logconv.pl * Issue 4796 - Add support for nsslapd-state to CLI & UI * Issue 4894 - IPA failure in ipa user-del --preserve (#4907) * Issue 4912 - dsidm command crashing when account policy plugin is enabled * Issue 4910 - db reindex corrupts RUV tombstone nsuiqueid index * Issue 4869 - Fix retro cl trimming misuse of monotonic/realtime clocks * Issue 4887 - UI - fix minor regression from camelCase fixup * Bump version to 2.0.9 * Issue 4887 - UI - Update webpack.config.js and package.json * Issue 4149 - UI - Migrate the remaining components to PF4 * Issue 4875 - CLI - Add some verbosity to installer * Issue 4884 - server crashes when dnaInterval attribute is set to zero - Update to version 2.0.8~git0.553f26c87: * Bump version to 2.0.8 * Issue 4877 - RFE - EntryUUID to validate UUIDs on fixup (#4878) * Issue 4872 - BUG - entryuuid enabled by default causes replication issues (#4876) * Issue 4851 - Typos in "dsconf pwpolicy set --help" (#4867) * Issue 4763 - Attribute Uniqueness Plugin uses wrong subtree on ModRDN (#4871) * Issue 4736 - lib389 - fix regression in certutil error checking * Issue 4861 - Improve instructions in custom.conf for memory leak detection * Issue 4859 - Don't version libns-dshttpd * Issue 4169 - Migrate Replication & Schema tabs to PF4 * Issue 4623 - RFE - Monitor the current DB locks ( nsslapd-db-current-locks ) * Issue 4736 - CLI - Errors from certutil are not propagated * Issue 4460 - Fix isLocal and TLS paths discovery (#4850) * Issue 4848 - Force to require nss version greater or equal as the version available at the build time * Issue - 4696 - Password hash upgrade on bind (#4840) * Bump version to 2.0.7 * Issue 4443 - Internal unindexed searches in syncrepl/retro changelog * Issue 4603 - Reindexing a single backend (#4831) * Issue 4169 - UI - migrate Server Tab forms to PF4 * Issue 4817 - BUG - locked crypt accounts on import may allow all passwords (#4819) * Issue 4820 - RFE - control flow integrity (#4821) * Issue 4706 - negative wtime for compare operations (#4780) * Issue 4414 - SIGFPE crash in rhds disk monitoring routine (#4829) * Issue 4262 - Fix Index out of bound in fractional test (#4828) * Issue 4826 - Filter argparse-manpage from autogenerated requires * Issue 4822 - Fix CI temporary password: fixture leftover breaks them (#4823) * Issue 2820 - Fix CI test suite issues * Bump version to 2.0.6 - Remove unneeded shadow dependency, no longer required due to systemd-sysusers - Update to version 2.0.6~git0.d81dc6c90: * Bump version to 2.0.6 * Issue 4803 - Improve DB Locks Monitoring Feature Descriptions * Issue 4803 - Improve DB Locks Monitoring Feature Descriptions (#4810) * Issue 4169 - UI - Migrate Typeaheads to PF4 (#4808) * Issue 4414 - disk monitoring - prevent division by zero crash * Issue 4788 - CLI should support Temporary Password Rules attributes (#4793) * Issue 4656 - Fix replication plugin rename dependency issues * Issue 4656 - replication name change upgrade code causes crash with dynamic plugins * Issue 4506 - Improve SASL logging * Issue 4709 - Fix double free in dbscan * Issue 4093 - Fix MEP test case * Issue 4747 - Remove unstable/unstatus tests (followup) (#4809) * Issue 4791 - Missing dependency for RetroCL RFE (#4792) * Issue 4794 - BUG - don't capture container output (#4798) * Issue 4593 - Log an additional message if the server certificate nickname doesn't match nsSSLPersonalitySSL value * Issue 4797 - ACL IP ADDRESS evaluation may corrupt c_isreplication_session connection flags (#4799) * Issue 4169 - UI Migrate checkbox to PF4 (#4769) * Issue 4447 - Crash when the Referential Integrity log is manually edited * Issue 4773 - Add CI test for DNA interval assignment * Issue 4789 - Temporary password rules are not enforce with local password policy (#4790) * Issue 4379 - fixing regression in test_info_disclosure * Issue 4379 - Allow more than 1 empty AttributeDescription for ldapsearch, without the risk of denial of service * Issue 4379 - Allow more than 1 empty AttributeDescription for ldapsearch, without the risk of denial of service * Issue 4575 Update test docstrings metadata * Issue 4753 - Adjust our tests to 389-ds-base-snmp missing in RHEL 9 Appstream * removed the snmp_present() from utils.py as we have get_rpm_version() in conftest.py * Issue 4753 - Adjust our tests to 389-ds-base-snmp missing in RHEL 9 Appstream - Fix requires as openssl cli is required by 389-ds now. - Add now working CONFIG parameter to sysusers generator - Update to version 2.0.5~git0.607bfbf16: * Bump version to 2.0.5 * Issue 4778 - RFE - Allow setting TOD for db compaction and add task * Issue 4169 - UI - Port plugin tables to PF4 * Issue 4656 - Allow backward compatilbity for replication plugin name change * Issue 4764 - replicated operation sometime checks ACI (#4783) * Issue 2820 - Fix CI test suite issues * Issue 4781 - There are some typos in man-pages * Issue 4773 - Enable interval feature of DNA plugin * Issue 4623 - RFE - Monitor the current DB locks (#4762) * Issue 3555 - Fix UI audit issue * Issue 4725 - Fix compiler warnings * Issue 4770 - Lower FIPS logging severity * Issue 4765 - database suffix unexpectdly changed from .db to .db4 (#4766) * Issue 4725 - [RFE] DS - Update the password policy to support a Temporary Password Rules (#4727) * Issue 4747 - Remove unstable/unstatus tests from PRCI (#4748) * Issue 4759 - Fix coverity issue (#4760) * Issue 4169 - UI - Migrate Buttons to PF4 (#4745) * Issue 4714 - dscontainer fails with rootless podman * Issue 4750 - Fix compiler warning in retrocl (#4751) * Issue 4742 - UI - should always use LDAPI path when calling CLI * Issue 4169 - UI - Migrate Server, Security, and Schema tables to PF4 * Issue 4667 - incorrect accounting of readers in vattr rwlock (#4732) * Issue 4701 - RFE - Exclude attributes from retro changelog (#4723) * Issue 4740 - Fix CI lib389 userPwdPolicy and subtreePwdPolicy (#4741) * Issue 4711 - SIGSEV with sync_repl (#4738) * Issue 4734 - import of entry with no parent warning (#4735) * Issue 4729 - GitHub Actions fails to run pytest tests * Issue 4656 - Remove problematic language from source code * Issue 4632 - dscontainer: SyntaxWarning: "is" with a literal. * Issue 4169 - UI - migrate replication tables to PF4 * Issue 4637 - ndn cache leak (#4724) * Issue 4577 - Fix ASAN flags in specfile * Issue 4169 - UI - PF4 migration - database tables * issue 4653: refactor ldbm backend to allow replacement of BDB - phase 3e - dbscan (#4709) - Recommend openssl(cli) by lib389: admin tools like dscreate can call out to /usr/bin/openssl to manage certificates. As the admin could decide to manage the certificates differently, we only recommend openssl here. - Update to version 389-ds-base-2.0.4~git0.7f6ba5a37: * Bump version to 2.0.4 * Issue 4680 - 389ds coredump (@389ds/389-ds-base-nightly) in replica install with CA (#4715) * Issue 3965 - RFE - Implement the Password Policy attribute "pwdReset" (#4713) * Issue 4700 - Regression in winsync replication agreement (#4712) * Issue 3965 - RFE - Implement the Password Policy attribute "pwdReset" (#4710) * Issue 4169 - UI - migrate monitor tables to PF4 * issue 4585 - backend redesign phase 3c - dbregion test removal (#4665) * Issue 2736 - remove remaining perl references * Issue 2736 - https://github.com/389ds/389-ds-base/issues/2736 * Issue 4706 - negative wtime in access log for CMP operations * Issue 3585 - LDAP server returning controltype in different sequence * Issue 4127 - With Accounts/Account module delete fuction is not working (#4697) * Issue 4666 - BUG - cb_ping_farm can fail with anonymous binds disabled (#4669) * Issue 4671 - UI - Fix browser crashes * Issue 4169 - UI - Add PF4 charts for server stats * Issue 4648 - Fix some issues and improvement around CI tests (#4651) * Issue 4654 Updates to tickets/ticket48234_test.py (#4654) * Issue 4229 - Fix Rust linking * Issue 4673 - Update Rust crates * Issue 4658 - monitor - connection start date is incorrect * Issue 4169 - UI - migrate modals to PF4 * Issue 4656 - remove problematic language from ds-replcheck * Issue 4459 - lib389 - Default paths should use dse.ldif if the server is down * Issue 4656 - Remove problematic language from UI/CLI/lib389 * Issue 4661 - RFE - allow importing openldap schemas (#4662) * Issue 4659 - restart after openldap migration to enable plugins (#4660) * Merge pull request #4664 from mreynolds389/issue4663 * issue 4552 - Backup Redesign phase 3b - use dbimpl in replicatin plugin (#4622) * Issue 4643 - Add a tool that generates Rust dependencies for a specfile (#4645) * Issue 4646 - CLI/UI - revise DNA plugin management * Issue 4644 - Large updates can reset the CLcache to the beginning of the changelog (#4647) * Issue 4649 - crash in sync_repl when a MODRDN create a cenotaph (#4652) * Issue 4169 - UI - Migrate alerts to PF4 * Issue 4169 - UI - Migrate Accordians to PF4 ExpandableSection * Issue 4595 - Paged search lookthroughlimit bug (#4602) * Issue 4169 - UI - port charts to PF4 * Issue 2820 - Fix CI test suite issues * Issue 4513 - CI - make acl ip address tests more robust * Bump version to 2.0.3 * Issue 4619 - remove pytest requirement from lib389 * Issue 4615 - log message when psearch first exceeds max threads per conn * Issue 4469 - Backend redesing phase 3a - implement dbimpl API and use it in back-ldbm (#4618) * Issue 4324 - Some architectures the cache line size file does not exist * Issue 4593 - RFE - Print help when nsSSLPersonalitySSL is not found (#4614) * Issue 4469 - Backend redesign phase 3a - bdb dependency removal from back-ldbm * Update dscontainer (#4564) * Issue 4149 - UI - port TreeView and opther components to PF4 * Issue 4577 - Add GitHub actions * Issue 4591 - RFE - improve openldap_to_ds help and features (#4607) * issue 4612 - Fix pytest fourwaymmr_test for non root user (#4613) * Issue 4609 - CVE - info disclosure when authenticating * Issue 4348 - Add tests for dsidm * Issue 4571 - Stale libdb-utils dependency * Issue 4600 - performance modify rate: reduce lock contention on the object extension factory (#4601) * Issue 4577 - Add GitHub actions * Issue 4588 - BUG - unable to compile without xcrypt (#4589) * Issue 4579 - libasan detects heap-use-after-free in URP test (#4584) * Issue 4581 - A failed re-indexing leaves the database in broken state (#4582) * Issue 4348 - Add tests for dsidm * Issue 4577 - Add GitHub actions * Issue 4563 - Failure on s390x: 'Fails to split RDN "o=pki-tomcat-CA" into components' (#4573) * Issue 4093 - fix compiler warnings and update doxygen * Issue 4575 - Update test docstrings metadata * Issue 4526 - sync_repl: when completing an operation in the pending list, it can select the wrong operation (#4553) * Issue 4324 - Performance search rate: change entry cache monitor to recursive pthread mutex (#4569) * Issue 4513 - Add DS version check to SSL version test (#4570) * Issue 5442 - Search results are different between RHDS10 and RHDS11 * Issue 4396 - Minor memory leak in backend (#4558) * Revert "Update metadata for customerscenario in test docstring" * Update metadata for customerscenario in test docstring * Issue 4513 - Fix replication CI test failures (#4557) * Issue 4513 - Fix replication CI test failures (#4557) * Issue 4153 - Added a CI test (#4556) * Issue 4506 - BUG - fix oob alloc for fds (#4555) * Issue 4548 - CLI - dsconf needs better root DN access control plugin validation * Issue 4506 - Temporary fix for io issues (#4516) * Issue 4535 - lib389 - Fix log function in backends.py * Issue 4534 - libasan read buffer overflow in filtercmp (#4541) * Issue 4544 - Compiler warnings on krb5 functions (#4545) * Update rpm.mk for RUST tarballs - small spec cleanup - As there is no python-* package, the direct use of singlespec seems unapplicable. So do not build for all python3.x flavors, but only for the main one: + Use releavant %python3_ macros. + Do not use %python_module, as this pulls in all python versions. - Update to version 2.0.2~git0.6d17ca7df: * Bump version to 2.0.2 * Issue 4539 - BUG - no such file if no overlays in openldap during migration (#4540) * Issue 4528 - Fix cn=monitor SCOPE_ONE search (#4529) * Issue 4535 - lib389 - healthcheck throws exception if backend is not replicated * Issue 4537 - Use KRB5_CLIENT_KTNAME for client keytabs (#4523) * Issue 4513 - CI Tests - fix test failures * Issue 4504 - insure that repl_monitor_test use ldapi (for RHEL) - fix merge issue (#4533) * Issue 4315 - performance search rate: nagle triggers high rate of setsocketopt * Issue 4504 - Insure ldapi is enabled in repl_monitor_test.py (Needed on RHEL) (#4527) * Issue 4506 - BUG - Fix bounds on fd table population (#4520) * Issue 4521 - DS crash in deref plugin if dereferenced entry exists but is not returned by internal search (#4525) * Issue 4219 - Log internal unindexed searches (notes=A) * Issue 4384 - Separate eventq into REALTIME and MONOTONIC * Issue 4381 - RFE - LDAPI authentication DN rewritter * Issue 4513 - Fix schema test and lib389 task module (#4514) * Issue 4414 - disk monitoring - prevent division by zero crash * Issue 4517 - BUG: Multiple systemd pin warnings (#4518) * Issue 4507 - Improve csngen testing task (#4508) * Issue 4498 - BUG - entryuuid replication may not work (#4503) * Issue 4480 - Unexpected info returned to ldap request (#4491) * Issue #4504 - Fix pytest test_dsconf_replication_monitor (#4505) * Issue 4373 - BUG - one line cleanup, free results in mt if ent 0 (#4502) * Merge pull request #4501 from mreynolds389/issue4500 * Issue 4272 RFE - add support for gost-yescrypt for hashing passwords (#4497) * Issue 1795 - RFE - Enable logging for libldap and libber in error log (#4481) * Issue 3522 - Remove DES to AES conversion code * Issue 4492 - Changelog cache can upload updates from a wrong starting point (CSN) (#4493) * Issue 4373 - BUG - calloc of size 0 in MT build (#4496) * Issue 4483 - heap-use-after-free in slapi_be_getsuffix * Issue 4486 - Remove random ldif file generation from import test (#4487) * Issue 4224 - cleanup specfile after libsds removal * Issue 4421 - Unable to build with Rust enabled in closed environment * Issue 4489 - Remove return statement from a void function (#4490) * Issue 4229 - RFE - Improve rust linking and build performance (#4474) * Ticket 4224 - openldap can become confused with entryuuid * Ticket 4313 - improve tests and improve readme re refdel * Ticket 4313 - fix potential syncrepl data corruption * Issue 4419 - Warn users of skipped entries during ldif2db online import (#4476) * Issue 4243 - Fix test (4th): SyncRepl plugin provides a wrong (#4475) * Issue 4315: performance search rate: nagle triggers high rate of setsocketopt (#4437) * Issue 4460 - BUG - add machine name to subject alt names in SSCA (#4472) * Issue 4446 RFE - openldap password hashers * Issue 4284 - dsidm fails to delete an organizationalUnit entry * Issue 4243 - Fix test: SyncRepl plugin provides a wrong cookie (#4466) (#4466) * Issue 4464 - RFE - clang with ds+asan+rust * Issue 4105 - Remove python.six (fix regression) * Issue 4384 - Use MONOTONIC clock for all timing events and conditions * Issue 4418 - ldif2db - offline. Warn the user of skipped entries * Issue 4243 - Fix test: SyncRepl plugin provides a wrong cookie (#4467) * Issue 4460 - BUG - lib389 should use system tls policy * Issue 3657 - Add options to dsctl for dsrc file * Issue 4454 - RFE - fix version numbers to allow object caching * Issue 3986 - UI - Handle objectclasses that do not have X-ORIGIN set * Issue 4297 - 2nd fix for on ADD replication URP issue internal searches with filter containing unescaped chars (#4439) * Issue 4112 - Added a CI test (#4441) * Issue 4449 - dsconf replication monitor fails to retrieve database RUV - consumer (Unavailable) (#4451) * Issue 4105 - Remove python.six from lib389 (#4456) * Fix pytest test collection * Issue 4440 - BUG - ldifgen with --start-idx option fails with unsupported operand (#4444) * Issue 4410 RFE - ndn cache with arc in rust * Issue 4373 - BUG - Mapping Tree nodes can be created that are invalid * Issue 4428 - BUG Paged Results with critical false causes sigsegv in chaining * Issue 4428 - Paged Results with Chaining Test Case * do not add referrals for masters with different data generation #2054 (#4427) * Issue 4383 - Do not normalize escaped spaces in a DN * Issue 4432 - After a failed online import the next imports are very slow * Issue 4316 - performance search rate: useless poll on network send callback (#4424) * Issue 4281 - dsidm user status fails with Error: 'nsUserAccount' object has no attribute 'is_locked' * Issue 4429 - NULL dereference in revert_cache() * Issue 4412 - Fix CLI repl-agmt requirement for parameters (#4422) * Issue 4407 RFE - remove http client and presence plugin (#4409) * build problems at alpine linux * Issue 4415 - unable to query schema if there are extra parenthesis - Rust is a hard-requirement of 2.0.0 series, so enable-rust flags removed - Perl has been completly removed in 2.0.0, enable-perl removed and lib389 is the default. Perl tools have not been included in SUSE since 1.4.1.x - Update to version 2.0.1~git0.b557f5daa: * Bump version to 2.0.1 * Issue 4420 - change NVR to use X.X.X instead of X.X.X.X * Issue 4391 - DSE config modify does not call be_postop (#4394) * Issue 4218 - Verify the new wtime and optime access log keywords (#4397) * Issue 4176 - CL trimming causes high CPU * ticket 2058: Add keep alive entry after on-line initialization - second version (#4399) * Issue 4403 RFE - OpenLDAP pw hash migration tests (#4408) * Bump version to 2.0.0- Update to version 1.4.4.17~git0.5e1e392ae: * Bump version to 1.4.4.17 * Issue 4927 - rebase lib389 and cockpit in 1.4.4 * Issue 4908 - Updated several dsconf --help entries (typos, wrong descriptions, etc.) * Issue 4912 - Account Policy plugin does not set the config entry DN * Issue 4796 - Add support for nsslapd-state to CLI & UI * Issue 4894 - IPA failure in ipa user-del --preserve (#4907) * Issue 4169 - backport lib389 cert list fix * Issue 4912 - dsidm command crashing when account policy plugin is enabled * Issue 4910 - db reindex corrupts RUV tombstone nsuiqueid index * Issue 4869 - Fix retro cl trimming misuse of monotonic/realtime clocks- bsc#1188151 - Update to 1.4.4.16 patch release - bsc#1188455 - CVE-2021-3652 - fix crypt handling of locked accounts - Update to version 389dsbase1.4.4.16~git16.c1926dfc6: * Issue 4817 - BUG - locked crypt accounts on import may allow all passwords (#4819) * Issue 4656 - (2nd) Remove problematic language from UI/CLI/lib389 * Issue 4262 - Fix Index out of bound in fractional test (#4828) * Issue 4822 - Fix CI temporary password: fixture leftover breaks them (#4823) * Issue 4656 - remove problematic language from ds-replcheck * Issue 4803 - Improve DB Locks Monitoring Feature Descriptions * Issue 4803 - Improve DB Locks Monitoring Feature Descriptions (#4810) * Issue 4788 - CLI should support Temporary Password Rules attributes (#4793) * Issue 4506 - Improve SASL logging * Issue 4093 - Fix MEP test case * Issue 4747 - Remove unstable/unstatus tests (followup) (#4809) * Issue 4789 - Temporary password rules are not enforce with local password policy (#4790) * Issue 4797 - ACL IP ADDRESS evaluation may corrupt c_isreplication_session connection flags (#4799) * Issue 4447 - Crash when the Referential Integrity log is manually edited * Issue 4773 - Add CI test for DNA interval assignment * Issue 4750 - Fix compiler warning in retrocl (#4751)- Update to version 1.4.4.16~git0.3d31c6c71: * Bump version to 1.4.4.16 * Update npm packages * Issue 4719 - lib389 - fix dsconf passthrough auth bugs * Issue 4778 - RFE - Allow setting TOD for db compaction and add task * Issue 4764 - replicated operation sometime checks ACI (#4783) * Issue 4623 - RFE - Monitor the current DB locks (#4762) * Issue 4781 - There are some typos in man-pages * Issue 4773 - Enable interval feature of DNA plugin * Issue 3555 - Fix UI audit issue * Issue 4747 - Remove unstable/unstatus tests from PRCI (#4748)- bsc#1184476 - Add supportconfig utility for customer services to capture 389-ds support information.- Update to version 1.4.4.14~git0.37dc95673: * Bump version to 1.4.4.14 * Issue 4671 - UI - Fix browser crashes * Issue 4229 - Fix Rust linking * Issue 4658 - monitor - connection start date is incorrect * Issue 4656 - Make replication CLI backwards compatible with role name change * Issue 4656 - Remove problematic language from UI/CLI/lib389 * Issue 4459 - lib389 - Default paths should use dse.ldif if the server is down * Issue 4661 - RFE - allow importing openldap schemas (#4662) * Issue 4659 - restart after openldap migration to enable plugins (#4660) * Issue 4663 - CLI - unable to add objectclass/attribute without x-origin- bsc#1184142 - restart after openldap migration so that plugins can correctly perform data fix ups. - Update to version 1.4.4.14~git0.37dc95673: * Bump version to 1.4.4.14 * Issue 4671 - UI - Fix browser crashes * Issue 4229 - Fix Rust linking * Issue 4658 - monitor - connection start date is incorrect * Issue 4656 - Make replication CLI backwards compatible with role name change * Issue 4656 - Remove problematic language from UI/CLI/lib389 * Issue 4459 - lib389 - Default paths should use dse.ldif if the server is down * Issue 4661 - RFE - allow importing openldap schemas (#4662) * Issue 4659 - restart after openldap migration to enable plugins (#4660) * Issue 4663 - CLI - unable to add objectclass/attribute without x-origin- Update to version 389-ds-base-1.4.4.13~git0.6841d693f: * Bump version to 1.4.4.13 * Update dscontainer (#4564) * Issue 4591 - RFE - improve openldap_to_ds help and features (#4607) * Issue 4324 - Some architectures the cache line size file does not exist * Issue 4593 - RFE - Print help when nsSSLPersonalitySSL is not found (#4614) * Issue 4609 - CVE - info disclosure when authenticating * Bump version to 1.4.4.12 * Issue 4579 - libasan detects heap-use-after-free in URP test (#4584) * Issue 4563 - Failure on s390x: 'Fails to split RDN "o=pki-tomcat-CA" into components' (#4573) * Issue 4526 - sync_repl: when completing an operation in the pending list, it can select the wrong operation (#4553)- Update to version 1.4.4.12~git0.7b681e1da: * Bump version to 1.4.4.12 * Issue 4579 - libasan detects heap-use-after-free in URP test (#4584) * Issue 4563 - Failure on s390x: 'Fails to split RDN "o=pki-tomcat-CA" into components' (#4573) * Issue 4526 - sync_repl: when completing an operation in the pending list, it can select the wrong operation (#4553) * Issue 4396 - Minor memory leak in backend (#4558) (#4572) * Issue 4324 - Performance search rate: change entry cache monitor to recursive pthread mutex (#4569) * Issue 5442 - Search results are different between RHDS10 and RHDS11 * Bump version to 1.4.4.11 * Issue 4548 - CLI - dsconf needs better root DN access control plugin validation * Issue 4513 - Fix schema test and lib389 task module (#4514)- Upstream fix for bsc#1180847 - openldap_to_ds can fail if the backend has no overlays or indexes. - Remove patches now merged upstream. * 0001-Ticket-51260-fix-potential-syncrepl-data-corruption.patch * 0002-Ticket-51260-improve-tests-and-improve-readme-re-ref.patch * 0003-Ticket-4224-openldap-can-become-confused-with-entryu.patch * 0004-Issue-4410-RFE-ndn-cache-with-arc-in-rust.patch * 0005-Issue-4403-RFE-OpenLDAP-pw-hash-migration-tests-4408.patch * 0006-Issue-4446-RFE-openldap-password-hashers.patch * 0007-Issue-4464-RFE-clang-with-ds-asan-rust.patch * 0008-Issue-4229-RFE-Improve-rust-linking-and-build-perfor.patch - Update to version 1.4.4.10~git0.ebdf25251: * Bump version to 1.4.4.10 * Issue 4418 - fix cherry-pick error * Issue 4381 - RFE - LDAPI authentication DN rewritter * Issue 4539 - BUG - no such file if no overlays in openldap during migration (#4540) * Issue 4513 - CI Tests - fix test failures * Issue 4528 - Fix cn=monitor SCOPE_ONE search (#4529) * Issue 4535 - lib389 - healthcheck throws exception if backend is not replicated * Issue 4504 - insure that repl_monitor_test use ldapi (for RHEL) - fix merge issue (#4533) * Issue 4504 - Insure ldapi is enabled in repl_monitor_test.py (Needed on RHEL) (#4527) * Issue 4506 - BUG - Fix bounds on fd table population (#4520)- Lib389 is a hard requirement in 1.4.4, and perl has been completely removed. Reflect this in our spec file. - Add rebased patches for SUSE Feature Completion: jsc#SLE-11501 * 0001-Ticket-51260-fix-potential-syncrepl-data-corruption.patch * 0002-Ticket-51260-improve-tests-and-improve-readme-re-ref.patch * 0003-Ticket-4224-openldap-can-become-confused-with-entryu.patch * 0004-Issue-4410-RFE-ndn-cache-with-arc-in-rust.patch * 0005-Issue-4403-RFE-OpenLDAP-pw-hash-migration-tests-4408.patch * 0006-Issue-4446-RFE-openldap-password-hashers.patch * 0007-Issue-4464-RFE-clang-with-ds-asan-rust.patch * 0008-Issue-4229-RFE-Improve-rust-linking-and-build-perfor.patch - Update to version 1.4.4.9~git0.b09e60339: * Bump version to 1.4.4.9 * Issue 4105 - Remove python.six (fix regression) * Issue 4384 - Use MONOTONIC clock for all timing events and conditions * Issue 4243 - Fix test: SyncRepl plugin provides a wrong cookie (#4467) * Issue 4460 - BUG - lib389 should use system tls policy * Issue 3657 - Add options to dsctl for dsrc file * Issue 3986 - UI - Handle objectclasses that do not have X-ORIGIN set * Issue 4297 - 2nd fix for on ADD replication URP issue internal searches with filter containing unescaped chars (#4439) * Issue 4449 - dsconf replication monitor fails to retrieve database RUV - consumer (Unavailable) (#4451) * Issue 4105 - Remove python.six from lib389 (#4456)- Update to version 1.4.4.8~git0.bf454ad07: * Bump version to 1.4.4.8 * Issue 4415 - unable to query schema if there are extra parenthesis * Issue 4176 - CL trimming causes high CPU * Bump version to 1.4.4.7 * Issue 2526 - revert backend validation check * Issue 4262 - more perl removal cleanup * Issue 2526 - retrocl backend created out of order * Bump version to 1.4.4.6 * Issue 4262 - Remove legacy tools subpackage (final cleanup) * Issue 4262 - Remove legacy tools subpackage (restart instances after rpm install)- Update to version 1.4.4.4~git0.318a3ce0c: * Bump version to 1.4.4.4 * Ticket 51175 - resolve plugin name leaking * Issue 51187 - UI - stop importing Cockpit's PF css * Issue 51192 - Add option to reject internal unindexed searches * Issue 50840 - Fix test docstrings metadata-1 * Issue 50840 - Fix test docstrings metadata * Ticket 50980 - fix foo_filter_rewrite * Issue 51165 - add more logconv stats for the new access log keywords * Issue 50928 - Unable to create a suffix with countryName either via dscreate or the admin console * Issue 51188 - db2ldif crashes when LDIF file can't be accessed * Issue 50545 - Port remaining legacy tools to new python CLI * Issue 51165 - add new access log keywords for wtime and optime * Issue : 49761 - Fix CI test suite issues ( Port remaning acceptance test suit part 1) * Issue: 51070 - Port Import TET module to python3 part2 * Issue:51142 - Port manage Entry TET suit to python 3 part 1 * Issue: 50860 - Port Password Policy test cases from TET to python3 final * Issue 50696 - Fix Allowed and Denied Ciphers lists - WebUI * Issue 51169 - UI - attr uniqueness - selecting empty subtree crashes cockpit * Issue 49256 - log warning when thread number is very different from autotuned value * Issue 51157 - Reindex task may create abandoned index file * Issue 50873 - Fix issues with healthcheck tool * Issue:50860 - Port Password Policy test cases from TET to python3 part2 * Issue 51166 - Log an error when a search is fully unindexed * Ticket 50544 - OpenLDAP syncrepl compatability * Ticket 51161 - fix SLE15.2 install issps * Issue 49999 - rpm.mk build-cockpit should clean cockpit_dist first * Issue 51144 - dsctl fails with instance names that contain slapd- * Issue 51155 - Fix OID for sambaConfig objectclass * Ticket 51159 - dsidm ou delete fails * Issue 50984 - Memory leaks in disk monitoring * Ticket 51131 - improve mutex alloc in conntable * Issue 49761 - Fix CI tests * Ticket 49859 - A distinguished value can be missing in an entry * Issue 50791 - Healthcheck should look for notes=A/F in access log * Issue 51072 - Set the default minimum worker threads * Ticket 51140 - missing ifdef * Issue 50912 - pwdReset can be modified by a user * Issue 50781 - Make building cockpit plugin optional * Issue 51100 - Correct numSubordinates value for cn=monitor * Issue 51136 - dsctl and dsidm do not errors correctly when using JSON * Ticket 137 - fix compiler warning * Issue 50781 - Make building cockpit plugin optional * Issue 51132 - Winsync setting winSyncWindowsFilter not working as expected * Ticket 51034 - labeledURIObject * Issue 50545 - Port remaining legacy tools to new python CLI * Issue 50889 - Extract pem files into a private namespace * Ticket 137 - Implement EntryUUID plugin * Ticket 51072 - improve autotune defaults * Ticket 51115 - enable samba3.ldif by default * Issue 51118 - UI - improve modal validation when creating an instance * Issue 50746 - Add option to healthcheck to list all the lint reports * Bump version to 1.4.4.3 * Issue 50931 - RFE AD filter rewriter for ObjectCategory * Issue: 50860 - Port Password Policy test cases from TET to python3 part1 * Issue 51113 - Allow using uid for replication manager entry * Issue 51095 - abort operation if CSN can not be generated * Issue 51110 - Fix ASAN ODR warnings * Issue 49850 -ldbm_get_nonleaf_ids() painfully slow for databases with many non-leaf entries * Issue 51102 - RFE - ds-replcheck - make online timeout configurable * Issue 51076 - remove unnecessary slapi entry dups * Issue 51086 - Improve dscreate instance name validation * Issue:51070 - Port Import TET module to python3 part1 * Ticket 51037 - compiler warning * Ticket 50989 - ignore pid when it is ourself in protect_db * Ticket 51037 - RFE AD filter rewriter for ObjectSID * Issue 50499 - Fix some npm audit issues * Issue 51091 - healthcheck json report fails when mapping tree is deleted * Ticket 51079 - container pid start and stop issues * Revert "Issue 51017 - Implement dynamic ds/bz pytest markers" * Issue 49761 - Fix CI tests * Issue 50610 - Fix return code when it's nothing to free * Issue 50610 - memory leaks in dbscan and changelog encryption * Issue 51076 - prevent unnecessarily duplication of the target entry * Issue 50940 - Permissions of some shipped directories may change over time * Issue 50873 - Fix issues with healthcheck tool * Issue 51017 - Implement dynamic ds/bz pytest markers * Ticket 51082 - abort when a empty valueset is freed * Issue:CI test - automember_plugin (Long Duration test) * Issue 50201 - nsIndexIDListScanLimit accepts any value * Bump version to 1.4.4.2 * Issue 51078 - Add nsslapd-enable-upgrade-hash to the schema * Issue 51054 - Revise ACI target syntax checking * Ticket 51068 - deadlock when updating the schema * Issue 51042 - try to use both c_rehash and openssl rehash * Issue 51042 - switch from c_rehash to openssl rehash * Issue 50992 - Bump jemalloc version and enable profiling * Issue 51060 - unable to set sslVersionMin to TLS1.0 * Issue 51064 - Unable to install server where IPv6 is disabled * Issue 51051 - CLI fix consistency issues with confirmations * Issue 50655 - etime displayed has an order of magnitude 10 times smaller than it should be * Issue 49731 - undo db_home_dir under /dev/shm/dirsrv for now * Issue 51054 - AddressSanitizer: heap-buffer-overflow in ldap_utf8prev * Issue 49761 - Fix CI tests * Issue 51047 - React deprecating ComponentWillMount * Issue 50499 - fix npm audit issues * Issue 50545 - Port dbgen.pl to dsctl * Issue 51027 - Test passwordHistory is not rewritten on a fail attempt * Bump version to 1.4.4.1 * Ticket 51024 - syncrepl_entry callback does not contain attributes added by postoperation plugins * Ticket 50877 - task to run tests of csn generator * Issue 49731 - undo db_home_dir under /dev/shm/dirsrv for now * Issue: 48055 - CI test - automember_plugin(part3) * Ticket 51035 - Heavy StartTLS connection load can randomly fail with err=1 * Issue 51031 UI - transition between two instances needs improvement * Bump version to 1.4.4- Update to version 1.4.3.12~git0.9bc042902: * Bump version to 1.4.3.12 * Issue 51222 - It should not be allowed to delete Managed Entry manually * Issue 51129 - SSL alert: The value of sslVersionMax "TLS1.3" is higher than the supported version * Issue 51086 - Fix instance name length for interactive install * Issue 51136 - JSON Error output has redundant messages * Issue 51059 - If dbhome directory is set online backup fails * Issue 51000 - Separate the BDB backend monitors * Issue 49300 - entryUSN is duplicated after memberOf operation * Issue 50984 - Fix disk_mon_check_diskspace types- Remove patch that is now included in latest release: 0001-Ticket-51161-fix-SLE15.2-install-issps.patch - Resolve bsc#1174057 upstream stability and fix rollup. - Update to version 1.4.3.11~git0.82796f172: * Bump version to 1.4.3.11 * Issue 51192 - Add option to reject internal unindexed searches * Ticket 51159 - dsidm ou delete fails * Issue 51165 - add more logconv stats for the new access log keywords * Issue 51188 - db2ldif crashes when LDIF file can't be accessed * Issue 51165 - add new access log keywords for wtime and optime * Issue 50696 - Fix Allowed and Denied Ciphers lists - WebUI * Issue 51169 - UI - attr uniqueness - selecting empty subtree crashes cockpit * Issue 49256 - log warning when thread number is very different from autotuned value * Issue 51157 - Reindex task may create abandoned index file * Issue 51166 - Log an error when a search is fully unindexed * Ticket 51161 - fix SLE15.2 install issps * Issue 51144 - dsctl fails with instance names that contain slapd- * Issue 50984 - Memory leaks in disk monitoring * Issue 50201 - nsIndexIDListScanLimit accepts any value * Bump version to 1.4.3.10 * Ticket 49859 - A distinguished value can be missing in an entry * Issue 50791 - Healthcheck should look for notes=A/F in access log * Issue 51072 - Set the default minimum worker threads * Issue 50912 - pwdReset can be modified by a user * Issue 51100 - Correct numSubordinates value for cn=monitor * Issue 51136 - dsctl and dsidm do not errors correctly when using JSON * Issue 51132 - Winsync setting winSyncWindowsFilter not working as expected * Ticket 51072 - improve autotune defaults * Issue 50746 - Add option to healthcheck to list all the lint reports * Issue 51118 - UI - improve modal validation when creating an instance- Add 0001-Ticket-51161-fix-SLE15.2-install-issps.patch to resolve bsc#1172328 This corrects a failure to install on SUSE due to incorrect hostname generation, and a python 3 utf8 issue that is triggered by systemd.- Update to version 1.4.3.9~git0.3eb8617f6: * Bump version to 1.4.3.9 * Issue 50931 - RFE AD filter rewriter for ObjectCategory * Issue 51113 - Allow using uid for replication manager entry * Issue 51095 - abort operation if CSN can not be generated * Issue 51110 - Fix ASAN ODR warnings * Issue 51102 - RFE - ds-replcheck - make online timeout configurable * Issue 51076 - remove unnecessary slapi entry dups * Issue 51086 - Improve dscreate instance name validation * Ticket 50989 - ignore pid when it is ourself in protect_db * Issue 50499 - Fix some npm audit issues * Issue 51091 - healthcheck json report fails when mapping tree is deleted * Ticket 51079 - container pid start and stop issues * Issue 50610 - Fix return code when it's nothing to free * Ticket 51082 - abort when a empty valueset is freed * Issue 50610 - memory leaks in dbscan and changelog encryption * Issue 51076 - prevent unnecessarily duplication of the target entry * Bump version to 1.4.3.8 * Issue 51078 - Add nsslapd-enable-upgrade-hash to the schema * Issue 51054 - Revise ACI target syntax checking * Ticket 51068 - deadlock when updating the schema * Issue 51060 - unable to set sslVersionMin to TLS1.0 * Issue 51064 - Unable to install server where IPv6 is disabled * Issue 51051 - CLI fix consistency issues with confirmations * Issue 49731 - undo db_home_dir under /dev/shm/dirsrv for now * Issue 51054 - AddressSanitizer: heap-buffer-overflow in ldap_utf8prev * Issue 51047 - React deprecating ComponentWillMount * Issue 50499 - fix npm audit issues * Issue 50545 - Port dbgen.pl to dsctl * Bump version to 1.4.3.7 * Ticket 51024 - syncrepl_entry callback does not contain attributes added by postoperation plugins * Ticket 51035 - Heavy StartTLS connection load can randomly fail with err=1 * Issue 49731 - undo db_home_dir under /dev/shm/dirsrv for now * Issue 51031 UI - transition between two instances needs improvement * Bump version to 1.4.3.6 * Issue 50933 - 10rfc2307compat.ldif is not ready to set used by default * Ticket 50931 - RFE AD filter rewriter for ObjectCategory * Issue 51016 - Fix memory leaks in changelog5_init and perfctrs_init * Ticket 50980 - RFE extend usability for slapi_compute_add_search_rewriter and slapi_compute_add_evaluator * Ticket 51008 - dbhome in containers * Issue 50875 - Refactor passwordUserAttributes's and passwordBadWords's code * Ticket 51014 - slapi_pal.c possible static buffer overflow * Issue 50545 - remove dbmon "incr" option from arg parser * Issue 50545 - Port dbmon.sh to dsconf * Issue 51005 - AttributeUniqueness plugin's DN parameter should not have a default value * Issue 49731 - Fix additional issues with setting db home directory by default * Issue 50337 - Replace exec() with setattr() * Ticket 50905 - intermittent SSL hang with rhds * Issue 50952 - SSCA lacks basicConstraint:CA * Issue 50640 - Database links: get_monitor() takes 1 positional argument but 2 were given * Issue 50869 - Setting nsslapd-allowed-sasl-mechanisms truncates the value * Bump version to 1.4.3.5 * Issue 50994 - Fix latest UI bugs found by QE * Ticket 50933 - rfc2307compat.ldif * Issue 50337 - Replace exec() with setattr() * Issue 50984 - Memory leaks in disk monitoring * Issue 50984 - Memory leaks in disk monitoring * Issue 49731 - dscreate fails in silent mode because of db_home_dir * Issue 50975 - Revise UI branding with new minimized build * Issue 49437 - Fix memory leak with indirect COS * Issue 49731 - Do not add db_home_dir to template-dse.ldif * Issue 49731 - set and use db_home_directory by default * Ticket 50971 - fix BSD_SOURCE * -n option of dbverify does not work * Issue 50952- SSCA lacks basicConstraint:CA * Issue 50976 - Clean up Web UI source directory from unused files * Issue 50955 - Fix memory leaks in chaining plugin(part 2) * Issue 50966 - UI - Database indexes not using typeAhead correctly * Issue 50974 - UI - wrong title in "Delete Suffix" popup * Issue 50972 - Fix cockpit plugin build * Issue 49761 - Fix CI test suite issues * Issue 50971 - Support building on FreeBSD. * Issue 50960 - [RFE] Advance options in RHDS Disk Monitoring Framework * Issue 50800 - wildcards in rootdn-allow-ip attribute are not accepted * Issue 50963 - We should bundle *.min.js files of Console * Issue: 50860 - Port Password Policy test cases from TET to python3 Password grace limit section. * Issue: 50860 - Port Password Policy test cases from TET to python3 series of bugs Port final * Issue 50954 - buildnum.py - fix date formatting issue * Bump version to 1.4.3.4 * Issue 50954 - Port buildnum.pl to python(part 2) * Issue 50955 - Fix memory leaks in chaining plugin * Issue 50954 - Port buildnum.pl to python * Ticket 50947 - change 00core.ldif objectClasses for openldap migration * Ticket: 50755 - setting nsslapd-db-home-directory is overriding db_directory * Issue 50937 - Update CLI for new backend split configuration * Issue: 50860 - Port Password Policy test cases from TET to python3 pwp.sh * Ticket 50945 - givenname alias of gn from openldap * Ticket 50935 - systemd override in lib389 for dscontainer * Issue 50499 - Fix npm audit issues * Issue 49761 - Fix CI test suite issues * Ticket 50618 - clean compiler warning and log level * Ticket 50889 - fix compiler issues * Issue 50884 - Health check tool DSEldif check fails * Issue 50926 - Remove dual spinner and other UI fixes * Issue 50928 - Unable to create a suffix with countryName * Issue 50758 - Only Recommend bash-completion, not Require * Issue 50923 - Fix a test regression * Issue 50904 - Connect All React Components And Refactor the Main Navigation Tab Code * Issue 50920 - cl-dump exit code is 0 even if command fails with invalid arguments * Issue 50923 - Add test - dsctl fails to remove instances with dashes in the name * Issue 50919 - Backend delete fails using dsconf * Issue 50872 - dsconf can't create GSSAPI replication agreements * Issue 50912 - RFE - add password policy attribute pwdReset * Ticket 50914 - No error returned when adding an entry matching filters for a non existing automember group * Ticket 50889 - Extract pem files into a private namespace * Issue 50909 - nsDS5ReplicaId cant be set to the old value it had before * Issue: 50686 - Port fractional replication test cases from TET to python3 final * Issue 49845 - Remove pkgconfig check for libasan * Issue:50860 - Port Password Policy test cases from TET to python3 bug624080 * Issue:50860 - Port Password Policy test cases from TET to python3 series of bugs * Ticket 50786 - connection table freelist * Ticket 50618 - support cgroupv2 * Ticket 50900 - Fix cargo offline build * Ticket 50898 - ldclt core dumped when run with -e genldif option * Bump version to 1.4.3.3 * Issue 50855 - remove unused file from UI * Issue 50855 - UI: Port Server Tab to React * Issue 49845 - README does not contain complete information on building * Issue: 50686 - Port fractional replication test cases from TET to python3 part 1 * Ticket - 49623-cont cenotaph errors on modrdn operations * Issue 50882 - Fix healthcheck errors for instances that do not have TLS enabled * Issue 50886 - Typo in the replication debug message * Issue 50873 - Fix healthcheck and virtual attr check * Issue 50873 - Fix issues with healthcheck tool * Issue 50028 - Add a new CI test case * Issue 49946 - Add a new CI test case * Issue 50117 - Add a new CI test case * Ticket 50787 - fix implementation of attr unique * Ticket 50859 - support running only with ldaps socket * Issue 50823 - dsctl doesn't work with 'slapd-' in the instance name * Ticket 49624 cont - DB Deadlock on modrdn appears to corrupt database and entry cache * Issue 50867 - Fix minor buildsys issues * Issue 50737 - Allow building with rust online without vendoring * Ticket 50831 add cargo.lock to allow offline builds * Ticket 50694 - import PEM certs on startup * Ticket 50857 - Memory leak in ACI using IP subject * Issue 49761 - Fix CI test suite issues * Issue 50853 - Fix NULL pointer deref in config setting * Issue 50850 - Fix dsctl healthcheck for python36 * Issue 49990 - Need to enforce a hard maximum limit for file descriptors * Ticket 48707 - ldapssotoken for authentication * Bump version to 1.4.3.2 * Issue 49254 - Fix compiler failures and warnings * Ticket 50741-cont bdb_start - Detected Disorderly Shutdown * Issue 50836 - Port Schema UI tab to React * Issue 50842 - Decrease 389-console Cockpit component size * Ticket 50790 - Add result text when filter is invalid * Issue 50627 - Add ASAN logs to HTML report * Issue 50834 - Incorrectly setting the NSS default SSL version max * Issue 50829 - Disk monitoring rotated log cleanup causes heap-use-after-free * Ticket 50709 - (cont) Several memory leaks reported by Valgrind for 389-ds 1.3.9.1-10 * Ticket 50784 - performance testing scripts * Issue 50599 - Fix memory leak when removing db region files * Issue 49395 - Set the default TLS version min to TLS1.2 * Issue 50818 - dsconf pwdpolicy get error * Issue 50824 - dsctl remove fails with "name 'ensure_str' is not defined" * Issue 50599 - Remove db region files prior to db recovery * Issue 50812 - dscontainer executable should be placed under /usr/libexec/dirsrv/ * Issue 50816 - dsconf allows the root password to be set to nothing * Issue 50798 - incorrect bytes in format string(fix import issue) * Bump version to 1.4.3.1 * Ticket 50798 - incorrect bytes in format string * Issue 50545 - Add the new replication monitor functionality to UI * Issue 50806 - Fix minor issues in lib389 health checks * Issue: 50690 - Port Password Storage test cases from TET to python3 part 1 * Issue 49761 - Fix CI test suite issues * Issue 49761 - Fix CI test suite issues * Issue 50754 - Add Restore Change Log option to CLI * Issue: 48055 - CI test - automember_plugin(part2) * Ticket 50667 - dsctl -l did not respect PREFIX * Issue 50780 - More CLI fixes * Ticket 50649 - lib389 without defaults.inf * Issue 50780 - Fix UI issues * Ticket 50727 - correct mistaken options in filter validation patch * Issue 50779 - lib389 - conflict compare fails for DN's with spaces * Set branch version to 1.4.3.0- Remove 0001-Ticket-51014-slapi_pal.c-possible-static-buffer-over.patch as it is part of 1.4.2.14 - Update to version 1.4.2.14~git0.5ac5b02ce: * Bump version to 1.4.2.14 * Issue 51113 - Allow using uid for replication manager entry * Issue 51095 - abort operation if CSN can not be generated * Issue 51110 - Fix ASAN ODR warnings * Issue 51102 - RFE - ds-replcheck - make online timeout configurable * Issue 51076 - remove unnecessary slapi entry dups * Issue 51086 - Improve dscreate instance name validation * Ticket 50989 - ignore pid when it is ourself in protect_db * Issue 50499 - Fix some npm audit issues * Issue 51091 - healthcheck json report fails when mapping tree is deleted * Ticket 51079 - container pid start and stop issues * Issue 50610 - Fix return code when it's nothing to free * Ticket 51082 - abort when a empty valueset is freed * Issue 50610 - memory leaks in dbscan and changelog encryption * Issue 51076 - prevent unnecessarily duplication of the target entry * Issue 50940 - Permissions of some shipped directories may change over time * Bump version to 1.4.2.13 * Ticket 50787 - fix implementation of attr unique * Issue 51078 - Add nsslapd-enable-upgrade-hash to the schema * Ticket 51068 - deadlock when updating the schema * Issue 51060 - unable to set sslVersionMin to TLS1.0 * Issue 51064 - Unable to install server where IPv6 is disabled * Issue 51051 - CLI fix consistency issues with confirmations * Issue 51047 - React deprecating ComponentWillMount * Issue 50499 - fix npm audit issues * Ticket 51035 - Heavy StartTLS connection load can randomly fail with err=1 * Issue 51031 UI - transition between two instances needs improvement * Bump version to 1.4.2.12 * Issue 50337 - Replace exec() with setattr() * Issue 50545 - the check for the ds version for the backend config was broken * Issue 50875 - Refactor passwordUserAttributes's and passwordBadWords's code * Ticket 51014 - slapi_pal.c possible static buffer overflow * Issue 50545 - remove dbmon "incr" option from arg parser * Issue 50545 - Port dbmon.sh to dsconf * Ticket 50905 - intermittent SSL hang with rhds * Issue 50952 - SSCA lacks basicConstraint:CA * Issue 50640 - Database links: get_monitor() takes 1 positional argument but 2 were given * Issue 50869 - Setting nsslapd-allowed-sasl-mechanisms truncates the value- Patch rollup as described in bsc#1169364 - Add rust vendor.tar.gz as a source - rust is still an optional build and will be enabled in the future. - Update ns-slapd ownership to remove dirsrv as an owner as dirsrv will not exist in containers with systemd users. - Add 0001-Ticket-51014-slapi_pal.c-possible-static-buffer-over.patch to resolve a warning found in static analysis in OBS (upstream #51014) - Update to version 1.4.2.11~git0.aff1a2831: * Bump version to 1.4.2.11 * Issue 50994 - Fix latest UI bugs found by QE * Issue 50337 - Replace exec() with setattr() * Issue 50984 - Memory leaks in disk monitoring * Issue 50975 - Revise UI branding with new minimized build * Issue 49437 - Fix memory leak with indirect COS * Issue 50976 - Clean up Web UI source directory from unused files * Issue 50744 - -n option of dbverify does not work * Issue 50952- SSCA lacks basicConstraint:CA * Bump version to 1.4.2.10 * Issue 50966 - UI - Database indexes not using typeAhead correctly * Issue 50974 - UI - wrong title in "Delete Suffix" popup * Issue 50972 - Fix cockpit plugin build * Issue 50800 - wildcards in rootdn-allow-ip attribute are not accepted * Issue 50963 - We should bundle *.min.js files of Console * Bump version to 1.4.2.9 * Ticket: 50755 - setting nsslapd-db-home-directory is overriding db_directory * Issue 50937 - Update CLI for new backend split configuration * Issue 50499 - Fix npm audit issues * Issue 50884 - Health check tool DSEldif check fails * Issue 50926 - Remove dual spinner and other UI fixes * Issue 49845 - Remove pkgconfig check for libasan * Issue 50758 - Only Recommend bash-completion, not Require * Issue 50928 - Unable to create a suffix with countryName * Issue 50904 - Connect All React Components And Refactor the Main Navigation Tab Code * Issue 50919 - Backend delete fails using dsconf * Issue 50872 - dsconf can't create GSSAPI replication agreements * Ticket 50914 - No error returned when adding an entry matching filters for a non existing automember group * Issue 50909 - nsDS5ReplicaId cant be set to the old value it had before * Ticket 50618 - support cgroupv2 * Ticket 50898 - ldclt core dumped when run with -e genldif option- Update to version 1.4.2.8~git0.3aaa3e820: * Bump version to 1.4.2.8 * Issue 50855 - remove unused file from UI * Issue 50855 - UI: Port Server Tab to React * Issue 49845 - README does not contain complete information on building * Ticket - 49623-cont cenotaph errors on modrdn operations * Issue 50882 - Fix healthcheck errors for instances that do not have TLS enabled * Issue 50886 - Typo in the replication debug message * Issue 50873 - Fix healthcheck and virtual attr check * Issue 50873 - Fix issues with healthcheck tool * Ticket 50857 - Memory leak in ACI using IP subject * Issue 50823 - dsctl doesn't work with 'slapd-' in the instance name * Ticket 49624 cont - DB Deadlock on modrdn appears to corrupt database and entry cache * Issue 50850 - Fix dsctl healthcheck for python36 * Issue 49990 - Need to enforce a hard maximum limit for file descriptors- Update to version 1.4.2.7~git0.202953d28: * Bump version to 1.4.2.7 * Issue 49254 - Fix compiler failures and warnings * Ticket 50741-cont bdb_start - Detected Disorderly Shutdown * Issue 50836 - Port Schema UI tab to React * Issue 50842 - Decrease 389-console Cockpit component size * Ticket 50790 - Add result text when filter is invalid * Issue 50834 - Incorrectly setting the NSS default SSL version max * Issue 50829 - Disk monitoring rotated log cleanup causes heap-use-after-free * Ticket 50709 - (cont) Several memory leaks reported by Valgrind for 389-ds 1.3.9.1-10 * Issue 50599 - Fix memory leak when removing db region files * Issue 49395 - Set the default TLS version min to TLS1.2 * Issue 50818 - dsconf pwdpolicy get error * Issue 50824 - dsctl remove fails with "name 'ensure_str' is not defined" * Issue 50599 - Remove db region files prior to db recovery * Issue 50812 - dscontainer executable should be placed under /usr/libexec/dirsrv/ * Issue 50816 - dsconf allows the root password to be set to nothing * Issue 50798 - incorrect bytes in format string(fix import issue)- Update to version 1.4.2.6~git0.e84bbce3f: * Bump version to 1.4.2.6 * Ticket 50798 - incorrect bytes in format string * Issue 50545 - Add the new replication monitor functionality to UI * Issue 50806 - Fix minor issues in lib389 health checks * Issue 50754 - Add Restore Change Log option to CLI * Ticket 50727 - change syntax validate by default in 1.4.2 * Ticket 50667 - dsctl -l did not respect PREFIX * Issue 50780 - More CLI fixes * Issue 50780 - Fix UI issues * Ticket 50727 - correct mistaken options in filter validation patch * Issue 50779 - lib389 - conflict compare fails for DN's with spaces * Ticket #49761 - Fix CI test suite issues * Issue 50499 - Fix npm audit issues * Issue 50774 - Account.enroll_certificate() should not check for DS version * Issue 50771 - 1.4.2.5 doesn't compile due to error ModuleNotFoundError: No module named 'pkg_resources.extern' * Issue 50758 - Need to enable CLI arg completion * Ticket 50709: Several memory leaks reported by Valgrind for 389-ds 1.3.9.1-10 * Issue: 50690 - Port Password Storage test cases from TET to python3(create required types in password_plugins) * Issue: 48851 - Investigate and port TET matching rules filter tests(last test cases for match index) * Issue 50761 - Parametrized tests are missing ':parametrized' value * Bump version to 1.4.2.5 * Issue 50747 - Port readnsstate to dsctl * Issue 50758 - Enable CLI arg completion * Issue 50753 - Dumping the changelog to a file doesn't work * Ticket 50745: ns-slapd hangs during CleanAllRUV tests * Issue 50734 - lib389 creates non-SSCA cert DBs with misleading README.txt * Issue: 48851 - investigate and port TET matching rules filter tests(cert) * Issue: 50443 - Create a module in lib389 to Convert a byte sequence to a properly escaped for LDAP * Ticket 50664 - DS can fail to recover if an empty directory exists in db * Ticket 50736 - RetroCL trimming may crash at shutdown if trimming configuration is invalid * Ticket 50741 - bdb_start - Detected Disorderly Shutdown last time Directory Server was running * Issue 50572 - After running cl-dump dbdir/cldb/*ldif.done are not deleted * Issue 50701 - Fix type in lint report * Ticket 50729 - add support for gssapi tests on suse * Issue 50701 - Add additional healthchecks to dsconf * Issue 50711 - `dsconf security` lacks option for setting nsTLSAllowClientRenegotiation attribute * Issue 50439 - Update docker integration for Fedora * Issue: 48851 - Investigate and port TET matching rules filter tests(last test cases for match) * Issue 50499 - Fix npm audit issues * Issue 50722 - Test IDs are not unique * Issue 50712 - Version comparison doesn't work correctly on git builds * Issue 50499 - Fix npm audit issues * Issue 50706 - Missing lib389 dependency - packaging * Bump version to 1.4.2.4 * Issue 49761 - Fix CI test suite issues * Issue 50634 - Fix CLI error parsing for non-string values * Ticket 50659 AddressSanitizer: SEGV ... in bdb_pre_close * Issue 50716 - CVE-2019-14824 (BZ#1748199) - deref plugin displays restricted attributes * Issue 50644 - fix regression with creating sample entries * Issue 50699 - Add Disk Monitor to CLI and UI * Issue 50716 - CVE-2019-14824 (BZ#1748199) - deref plugin displays restricted attributes * Issue 50536 - After audit log file is rotated, DS version string is logged after each update * Issue #50712 - Version comparison doesn't work correctly on git builds * Issue 50706 - Missing lib389 dependency - packaging * Issue 49761 - Fix CI test suite issues * Issue #50683 - Makefile.am contains unused RPM-related targets * Issue 50696 - Fix various UI bugs * Update based on Marks feedback * Update to mark as skipif * Ticket 50641 - Update default aci to allows users to change their own password * Ticket 50007, 50648 - improve x509 handling. * Issue 50689 - Failed db restore task does not report an error * Issue 50199 - Disable perl by default * Ticket 50633 - Add cargo vendor support for offline builds * Issue 50499 - Fix npm audit issues * Bump version to 1.4.2.3 * Issue 50592 - Port Replication Tab to ReactJS * Issue 50680 - Remove branding from upstream spec file * Issue 50669 - Remove nunc-stans in favour of reworking current conn code (add.) * Issue: 48055 - CI test - automember_plugin(part1) * Issue 50677 - Map subtree searches with NULL base to default naming context * Issue 50669 - Fix RPM build * Ticket 50669 - remove nunc-stans * Ticket 49850 cont -fix crash in ldbm_non_leaf * Issue 50634 - Clean up CLI errors output - Fix wrong exception * Issue 50660 - Build failure on Fedora 31 * Issue 50634 - Clean up CLI errors output * Issue: 48851 - Investigate and port TET matching rules filter tests(match more test cases) * Ticket 50428 - Log the actual base DN when the search fails with "invalid attribute request" * Issue 49850 - ldbm_get_nonleaf_ids() slow for databases with many non-leaf entries * Issue 50655 - access log etime is not properly formatted * Issue 50653 - objectclass parsing fails to log error message text * Issue 50646 - Improve task handling during shutdowns * Add new test suite to test migration between RHDS versions * Ticket 50627 - Support platforms without pytest_html * Ticket 49476 - backend refactoring phase1, fix failing tests * Ticket 49476 - refactor ldbm backend to allow replacement of BDB * Ticket - 50349 - additional fix: filter schema check must handle subtypes * Issue: 48851 - investigate and port TET matching rules filter tests(indexing more test cases) * Issue 50638 - RecursionError: maximum recursion depth exceeded while calling a Python object * Ticket 50636 - Crash during sasl bind * Ticket 50632 - Add ensure attr state so that diffs are easier from 389-ds-portal * Ticket 50619 - extend commands to have more modify options * Issue 50499 - Fix npm audit issues * bump version to 1.4.2.2- Update to version 1.4.2.2~git0.d41ef935b: * Issue 50627 - Add ASAN logs to HTML report * Issue 50545 - Port repl-monitor.pl to lib389 CLI * Ticket 50622 - ds_selinux_enabled may crash on suse * Ticket 50595 - remove syslog.target requirement * Ticket 50617 - disable cargo lock * Issue 50620 - Fix regressions from 50506 (slapi_enry_attr_get_ref) * Issue 50615 - Log current test name to journald * Ticket: 50610 memory leak in dbscan * Bump version to 1.4.2.1 * Ticket 50581 - ns-slapd crashes during ldapi search * Issue 50604 - Fix UI validation * ticket 50510 - etime can contain invalid nanosecond value * Ticket 50593 Investigate URP handling on standalone instance * Issue 50506 - Fix regression for relication stripattrs * Issue 50580 - Perl can't be disabled in configure * Ticket 50584, 49212 - docker healthcheck and configuration * Issue 50546 - fix more UI issues(part 2) * Do not use comparision with "is" for empty value * Issue 50546 - fix more UI issues * Issue 50586 - lib389 - Fix DSEldif long line processing * Issue 50173 - Add the validate-syntax task to the dsconf schema * Issue 50546 - Fix various issues in UI * Bump version to 1.4.2.0 * Ticket 50576 - Same proc uid/gid maps to rootdn for ldapi sasl * Ticket 50567, 50568 - strict host check disable and display container version * Issue 50550 - DS installer debug messages leaking to ipa-server-install * Issue 50545 - Port fixup-memberuid and add the functionality to CLI and UI * Issue 50572 - After running cl-dump dbdir/cldb/*ldif.done are not deleted * Issue 50578 - Add SKIP_AUDIT_CI flag for Cockpit builds * Ticket 50349 - filter schema validation * Issue: 48055 - CI test-(Plugin configuration should throw proper error messages if not configured properly) * Issue 49324 - idl_new fix assert * Ticket 50564 - Fix rust libraries by default and improve docker * Issue 50206 - Refactor lock, unlock and status of dsidm account/role * Issue 49324 - idl_new report index name in error conditions * Issue 49761 - Fix CI test suite issues * Issue 50506 - Fix regression from slapi_entry_attr_get_ref refactor * Issue 50499 - Audit fix - Update npm 'eslint-utils' version * Issue 49624 - modrdn silently fails if DB deadlock occurs * fix for 50542 crashes in filter tests * Issue 49761 - Fix CI test suite issues * Ticket 50542 - Entry cache contention during base search * Issue 50462 - Fix CI tests * Ticket 50490 objects and memory leaks * Issue 50538 - Move CI test to individual file * Issue 50538 - cleanAllRUV task limit is not enforced for replicated tasks * Issue 50536 - Audit log heading written to log after every update * Issue 50525 - nsslapd-defaultnamingcontext does not change when the assigned suffix gets deleted * Issue 50534 - CLI change schema edit subcommand to replace * Issue 50506 - cont Fix invalid frees from pointer reference calls * Issue 50507 - Fix Cockpit UI styling for PF4 * Issue: 48851 - investigate and port TET matching rules filter tests(indexing final) * Issue: 48851 - Add more test cases to the match test suite(mode replace) * Issue 50530 - Directory Server not RFC 4511 compliant with requested attr "1.1" * Issue 50529 - LDAP server returning PWP controls in different sequence * Issue 50506 - Fix invalid frees from pointer reference calls. * Issue 50506 - Replace slapi_entry_attr_get_charptr() with slapi_entry_attr_get_ref() * Issue 50521 - Add regressions in CI tests * Ticket 50510 - etime can contain invalid nanosecond value * Issue 50488 - Create a monitor for disk space usagedisk-space-mon * Issue 50511 - lib389 PosixGroups type can not handle rdn properly * Issue 50508 - UI - fix local password policy form- Fix spec file discrepencies from SLE - Update to correct license issue in spec file - Update to simplify rust option selection - Update to version 1.4.1.6~git0.5ac5a8aad: * Bump version to 1.4.1.6 * Issue 50355 - SSL version min and max not correctly applied * Issue 50497 - Port cl-dump.pl tool to Python using lib389 * Issue: 48851 - investigate and port TET matching rules filter tests(Final) * correction to fix for #50417 * Issue 50425 - Add jemalloc LD_PRELOAD to systemd drop-in file * Issue 50425 - Add jemalloc LD_PRELOAD to systemd drop-in file * Issue 50325 - Add Security tab to UI * Ticket 49789 - By default, do not manage unhashed password * Ticket 49421 - Implement password hash upgrade on bind. * Ticket 49421 - on bind password upgrade proof of concept * Ticket 50493 - connection_is_free to trylock * Ticket 50459 - Correct issue with allocation state * Issue 50499 - Fix audit issues and remove jquery from the whitelist * Ticket 50459 - c_mutex to use pthread_mutex to allow ns sharing * Ticket 50484 - Add a release build dockerfile and dscontainer improvements * Issue 50486 - Update jemalloc to 5.2.0 - Update to version 1.4.1.5~git0.748334143: * Bump version to 1.4.1.5 * Issue 50431 - Fix regression from coverity fix * Issue 49239 - Add a new CI test case * Issue 49997 - Add a new CI test case * Issue 50177 - Add a new CI test case, also added fixes in lib389 * Issue 49761 - Fix CI test suite issues * Issue 50474 - Unify result codes for add and modify of repl5 config * Ticket 50472 - memory leak with encryption * Issue 50462 - Fix Root DN access control plugin CI tests * Issue 50462 - Fix CI tests * Ticket 50217 - Implement dsconf security section * Issue: 48851 - Add more test cases to the match test suite. * Issue 50378 - ACI's with IPv4 and IPv6 bind rules do not work for IPv6 clients * Ticket 50439 - fix waitpid issue when pid does not exist * Issue 50454 - Fix Cockpit UI branding * Issue: 48851 - investigate and port TET matching rules filter tests(index) * Issue 49232 - Truncate the message when buffer capacity is exceeded * Bump version to 1.4.1.4 * Ticket 49361 - Use IPv6 friendly network functions * Issue: 48851 - Investigate and port TET matching rules filter tests(bug772777) * Issue: 50446 - NameError: name 'ds_is_older' is not defined * Issue 49602 - Revise replication status messages * Ticket 50439 - Update docker integration to work out of source directory * Ticket 50037 - revert path changes as it breaks prefix/rpm builds * Issue 50431 - Fix regression from coverity fix * Issue 50370 - CleanAllRUV task crashing during server shutdown * Issue: 48851 - investigate and port TET matching rules filter tests(match) * Issue 50417 - Fix missing quote in some legacy tools * Ticket 50431 - Fix covscan warnings * Revert "Issue 49960 - Core schema contains strings instead of numer oids" * Issue 50426 - nsSSL3Ciphers is limited to 1024 characters * Issue 50052 - Fix rpm.mk according to audit-ci change * Issue 50365 - PIDFile= references path below legacy directory /var/run/ * Ticket 50428 - Log the actual base DN when the search fails with "invalid attribute request" * Ticket 50329 - (2nd) Possible Security Issue: DOS due to ioblocktimeout not applying to TLS * Ticket 50417 - Revise legacy tool scripts to work with new systemd changes * Issue: 48851 - Add more search filters to vfilter_simple test suite * Issue 49761 - Fix CI test suite issues * Issue 49875 - Move SystemD service config to a drop-in file * Ticket 50413 - ds-replcheck - Always display the Result Summary * Issue 50052 - Add package-lock.json and use "npm ci" * Issue: 48851 - investigate and port TET matching rules filter tests(vfilter simple) * Ticket 50355 - NSS can change the requested SSL min and max versions * Issue: 48851 - investigate and port TET matching rules filter tests(vfilter_ld) * Issue 50390 - Add Managed Entries Plug-in Config Entry schema * Ticket 49730 - Remove unused Mozilla ldapsdk variables - Update to version 1.4.1.3~git0.1f1119d4b: * Bump version to 1.4.1.3 * Issue 49761 - Fix CI test suite issues * Issue 50041 - Add the rest UI Plugin tabs - Part 2 * Ticket 50340 - 2nd try - structs for diabled plugins will not be freed * Issue 50403 - Instance creation fails on 1.3.9 using perl utils and latest lib389 * Ticket 50389 - ns-slapd craches while two threads are polling the same connection * Issue: 48851 - investigate and port TET matching rules filter tests(scanlimit) * Issue 50037 - lib389 fails to install in venv under non-root user * Issue: 50112 - Port ACI test suit from TET to python3(userattr) * Ticket 50393 - maxlogsperdir accepting negative values * Issue: 50112 - Port ACI test suit from TET to python3(roledn) * Issue 49960 - Core schema contains strings instead of numer oids * Ticket 50396 - Crash in PAM plugin when user does not exist * Issue 50387 - enable_tls() should label ports with ldap_port_t * Issue 50390 - Add Managed Entries Plug-in Config Entry schema * Ticket 50306 - Fix regression with maxbersize * Issue 50384 - Missing dependency: cracklib-dicts * Issue 49029 - [RFE] improve internal operations logging * Issue 49761 - Fix CI test suite issues * Issue - 50374 dsdim posixgroup create fails with ERROR * Ticket 50251 - clear text passwords visable in CLI verbose mode logging * Ticket 50378 - ACI's with IPv4 and IPv6 bind rules do not work for IPv6 clients * Issue:48851 - investigate and port TET matching rules filter tests * Issue 50220 - attr_encryption test suite failing * Ticket 50370 - CleanAllRUV task crashing during server shutdown * Ticket 50340 cont - structs for disabled plugins will not be freed * Fix missing import * Issue 50164 - Add test for dscreate to basic test suite * Ticket 50363 - ds-replcheck incorrectly reports error out of order multi-valued attributes * Issue 49730 - MozLDAP bindings have been unsupported for a while * Issue #50353 - Categorize tests by tiers * Issue 50303 - Add creation date to task data * Issue: 50358 - Create a Bitwise Plugin class in plugins.py * Remove the nss3 path prefix from the cert.h C preprocessor source file inclusion * Ticket 50329 - revert fix * Issue: 50112 - Port ACI test suit from TET to python3(keyaci) * Ticket 50344 - tidy rpm vs build systemd flag handling * Issue #50067 - Fix krb5 dependency in a specfile * Ticket 50340 - structs for diabled plugins will not be freed * Ticket 50327 - Add replication conflict support to UI * Ticket 50327 - Add replication conflict entry support to lib389/CLI * Ticket 50329 - improve connection default parameters * Issue: 50313 - Add a NestedRole type to lib389 * Issue:50112 - Port ACI test suit from TET to python3(Delete and Add) * Ticket 49390, 50019 - support cn=config compare operations * Issue 50041 - Add the rest UI Plugin tabs - Part 1 * Ticket 50329 - Possible Security Issue: DOS due to ioblocktimeout not applying to TLS * Ticket 49990 - Increase the default FD limits * Ticket 50306 - (cont typo) Move connection config inside struct * Ticket 50291 - Add monitor tab functionality to Cockpit UI * Fix cockpit console AppStream data * Ticket 50317 - fix ds-backtrace issue on latest gdb * Ticket 50305 - Revise CleanAllRUV task restart process * Fix typo from: Issue 49915 - Add regression test * Issue 50026 - Audit log does not capture the operation where nsslapd-lookthroughlimit is modified * Ticket 49899 - fix pin.txt and pwdfile permissions * Issue 49915 - Add regression test * Ticket 50303 - Add task creation date to task data * Ticket 50306 - Move connection config inside struct * Ticket 50240 - Improve task logging * Issue 50032 - Fix deprecation warnings in tests * Ticket 50310 - fix sasl header include * Ticket 49390 - improve compare and cn=config compare tests - fix permissions handling (boo#1120189) - Update to version 1.4.1.2~git0.9a126614a: * Removes sysconfig from RPM as we no longer create it to detect instance existance or settings. Older installs will still have their sysconfig parsed, but new installs should use systemd environment variables. * Bump version to 1.4.1.2 * Ticket 50308 - Revise memory leak fix * Ticket 50308 - Fix memory leaks for repeat binds and replication * Use PKG_CHECK_MODULES to detect the systemd library * Use PKG_CHECK_MODULES to detect the kerberos library * Use pkg-config from the host system to better support cross-compiling * Use PKG_CHECK_MODULES to detect the libsasl2 library * configure.ac: Add missing comma to an AC_ARG_ENABLE macro * configure.ac: Remove unpaired parentheses from two help strings * m4/doxygen.m4: Fix spelling of Doxygen in a message * Use PKG_CHECK_MODULES to detect the pcre library * Use PKG_CHECK_MODULES to detect the cmocka library * Use PKG_CHECK_MODULES to detect the nss library * Use PKG_CHECK_MODULES to detect the nspr library * Use PKG_CHECK_MODULES to detect the event library * Ticket 49873 - (cont 3rd) cleanup debug log * Ticket 49873 - (cont 2nd) Contention on virtual attribute lookup * Issue 50292 - Fix Plugin CLI and UI issues * Issue:50112 - Port ACI test suit from TET to python3(misc and syntax) * Ticket 50289 - Fix various database UI issues * Ticket 49463 After cleanALLruv, replication is looping on keep alive DEL * Ticket 50300 - Fix memory leak in automember plugin * Ticket 50265: the warning about skew time could last forever * Ticket 50260 - Invalid cache flushing improvements * Ticket 49561 - MEP plugin, upon direct op failure, will delete twice the same managed entry * Ticket 50077 - Do not automatically turn automember postop modifies on * Ticket 50282 - OPERATIONS ERROR when trying to delete a group with automember members * Ticket 49715 - extend account functionality * Ticket 49873: (cont) Contention on virtual attribute lookup * Ticket 50260 - backend txn plugins can corrupt entry cache * Ticket 50255 - Port password policy test to use DSLdapObject * Ticket 49667 - 49668 - remove old spec files * Issue 50276 - 389-ds-console is not built on RHEL8 if cockpit_dist is already present * Issue: 50112 - Port ACI test suit from TET to python3(Search) * Ticket 50259 - implement dn construction test * Ticket 50273 - reduce default replicaton agmt timeout * Ticket 50208 - lib389- Fix issue with list all instances * Issue: 50112 - Port ACI test suit from TET to python3(Global Group) * Issue 50041 - Add CLI functionality for special plugins * Issue 50263 - LDAPS port not listening after installation * Ticket 49575 - Indicate autosize value errors and corrective actions * Ticket 50137 - create should not check in non-stateful mode for exist * Ticket 49655 - remove doap file * Issue 50197 - Fix dscreate regression * Ticket 50234 - one level search returns not matching entry * Ticket 50257 - lib389 - password policy user vs subtree checks are broken * Issue: 50253 - Making an nsManagedRoleDefinition type in src/lib389/lib389/idm/nsrole.py * Issue 49029 - [RFE] improve internal operations logging * Ticket 50230 - improve ioerror msg when not root/dirsrv * Issue 50246 - Fix the regression in old control tools * Ticket 50197 - Container integration part 2 * Ticket 50197 - Container init tools * Ticket 50232 - export creates not importable ldif file * Ticket 50215 - UI - implement Database Tab in reachJS * Ticket 50243 - refint modrdn stress test * Ticket 50238 - Failed modrdn can corrupt entry cache * Ticket 50236 - memberOf should be more robust * Ticket 50213 - fix list instance issue * Issue: 50219 - Add generic filter to DSLdapObjects * Issue: 50227 - Making an cosClassicDefinition type in src/lib389/lib389/cos.py * Issue: 50112 - Port ACI test suit from TET to python3(modify) * Ticket 50224 - warnings on deprecated API usage * Issue:50112 - Port ACI test suit from TET to python3(valueaci) * Issue: 50112 Port ACI test suit from TET to python3(Aci Atter) * Ticket 50208 - make instances mark off based on dse.ldif not sysconfig * Issue: 50170 - composable object types for nsRole in lib389 * Ticket 50199 - disable perl by default * Issue:50211 - Making an actual Anonymous type in lib389/idm/account.py * Ticket 50155 - password history check has no way to just check the current password * Ticket 49873 - Contention on virtual attribute lookup * Ticket 50197 - Container integration improvements * Ticket 50195 - improve selinux error messages in interactive * Ticket 49658 - In replicated topology a single-valued attribute can diverge * Ticket 50111: Use pkg-config to detect icu * Ticket 50165 - Fix issues with dscreate * Ticket 50177 - import task should not be deleted too rapidely after import finishes to be able to query the status * Ticket 50140 - Use high ports in container installs * Ticket 50184 - Add cli tool parity to dsconf/dsctl * Ticket 50159 - sssd and config display - Remove a pair of %if..%endif guards that do not affect the build. - Updates to 389-ds.spec - Make lib389 a requirement of 389-ds installs - Disable shell script wrappers that have be replaced by dsctl/dsconf - Disable perl in spec file build. For replacement tools see: http://www.port389.org/docs/389ds/FAQ/legacy-command-changes.html - Remove patches that have been merged by upstream - Removed: 0001-init_fhs.patch - merged by upstream - Removed: 0002-use-python2-for-selinux-detection.patch - merged by upstream - Removed: drop-caps.patch - merged by upstream - Commented requires and recommendes in 389-ds.spec - cyrus-sasl-plain added as a requirement as it is the only plaintext or start TLS secure method for password auth (LDAPS is always secure) - cyrus-sasl-gssapi moved to recommends as it is not always required - cyrus-sasl-digestmd5 moved to recommends, as it is insecure and not always required - openldap2-client moved to recommends on lib389 as a supplement to ldap command line tools that we provide, but not necessary - python3-selinux and python3-policycoreutils moved to recommends as they are not required, and only give "nice to have" features during install of an instance - Update to version 1.4.1.1~git0.af9bb7206: * Bump version to 1.4.1.1 * Ticket 50151 - lib389 support cli add/replace/delete on objects * Issue 50041 - CLI and WebUI - Add memberOf plugin functionality * Bump version to 1.4.1.0 * Ticket 50125 - perl fix ups for tmpfiles * Ticket 50164 - Add test for dscreate * Fix for ticket 50059: If an object is nsds5replica, it must be cn=replica * Ticket 50169 - lib389 changed hardcoded systemctl path * Ticket 50165 - Fix dscreate issues * Issue 50152 - Replace os.getenv('HOME') with os.path.expanduser * Fix compiler warning in snmp main() * Ticket - Fix compiler warning in init.c * Ticket 49540 - FIx compiler warning in ldif2ldbm * Ticket 50169 - lib389 changed hardcoded systemctl path * Ticket 50165 - Fix dscreate issues * Issue 50152 - Replace os.getenv('HOME') with os.path.expanduser * Ticket 49540 - FIx compiler warning in ldif2ldbm * Ticket 50077 - Fix compiler warnings in automember rebuild task * Ticket 49972 - use-after-free in case of several parallel krb * authentication * Ticket 50161 - Fixed some descriptions in "dsconf backend --help" * Ticket 50153 - Increase default max logs * Ticket 50123 - with_tmpfiles_d is associated to systemd * Ticket 49984 - python installer add option to create suffix entry * Ticket 49984 - python installer add option to create suffix entry * Ticket 50077 - RFE - improve automember plugin to work with * modify ops * Ticket 50136 - Allow resetting passwords on the CLI * Ticket 49994 - Adjust dsconf backend usage * Ticket 50138 - db2bak.pl -P LDAPS does not work when * nsslapd-securePort is missing * Ticket 50122 - Fix incorrect path spec * Issue 50145 - Add a verbose option to the backup tools * Ticket 50056 - dsctl db2ldif throws an exception * Ticket 50078 - cannot add cenotaph in read only consumer * Ticket 50126 - Incorrect usage of sudo in test * Issue 50130 - Building RPMs on RHEL8 fails * Ticket 50134 - fixup-memberof.pl does not respect protocol requested * Issue 50122 - Selinux test for presence * Issue 50101 - Port fourwaymmr Test TET suit to python3 * Issue 50091 - shadowWarning is not generated if passwordWarning * is lower than 86400 seconds (1 day). * Ticket 50128 - NS Stress fails without ipv6 * Issue 49618 - Set nsslapd-cachememsize to custom value * Ticket 50117 - after certain failed import operation, impossible * to replay an import operation * Ticket 49999 - rpm.mk dist-bz2 should clean cockpit_dist first * Issue 48064 - Fix various issues in disk monitoring test suite * Issue 49938 - lib389 - Clean up CLI logging * Issue 49761 - Fix CI test suite issues * Ticket 50056 - Fix UI bugs (part 2) * Issue: 48064 - CI test - disk_monitoring * Ticket 50099 - extend error messages * Ticket 50099 - In FIPS mode, the server can select an unsupported * password storage scheme * Issue 50041 - Add basic plugin UI/CLI wrappers * Issue 50082 - Port state test suite * Ticket 49574 - remove index subsystem * Issue 49588 - Add py3 support for tickets : part-5 * Ticket 50095 - cleanup deprecated key.h includes - use lib389 on 15.0 and up. now that we do not hardrequire the python selinux bindings anymore- Update specfile to be inline with the OpenSUSE spec file * include future-configurations in the spec which are not active until 15.2 * lib389 (upstream requirement from 1.4.0) * rust (upstream requirement from 1.4.2) * removal of perl (upstream has not supported perl in any 1.4.x release) * resolve missing svrcore obsoletes statement and pkg configuration (bsc#1144797)- Update to version 1.4.0.26~git0.8a2d3de6f: * Bump version to 1.4.0.26 * Issue 50499 - Fix audit issues and remove jquery from the whitelist * Issue 50355 - SSL version min and max not correctly applied * Issue 50325 - Add Security tab to UI * Issue 50177 - Add a new CI test case, also added fixes in lib389 * Bump version to 1.4.0.25 * Issue 50431 - Fix regression from coverity fix * Bump version to 389-ds-base-1.4.0.24 * Fix cherry-pick error from last commit * Issue 50052 - Fix rpm.mk according to audit-ci change * Issue 50276 - 389-ds-console is not built on RHEL8 if cockpit_dist is already present * Issue 50041 - Add the rest UI Plugin tabs - Part 1 * Ticket 50217 - Implement dsconf security section * Issue 49602 - Revise replication status messages * Issue 50431 - Fix regression from coverity fix * Ticket 50431 - Fix covscan warnings * Issue 50426 - nsSSL3Ciphers is limited to 1024 characters * Ticket 50428 - Log the actual base DN when the search fails with "invalid attribute request" * Ticket 50329 - (2nd) Possible Security Issue: DOS due to ioblocktimeout not applying to TLS * Ticket 50413 - ds-replcheck - Always display the Result Summary * Ticket 50355 - NSS can change the requested SSL min and max versions * Bump version to 1.4.0.23 * Issue 50041 - Add the rest UI Plugin tabs - Part 2 * Ticket 50340 - 2nd try - structs for diabled plugins will not be freed * Ticket 50393 - maxlogsperdir accepting negative values * Ticket 50396 - Crash in PAM plugin when user does not exist * Issue 50390 - Add Managed Entries Plug-in Config Entry schema * Ticket 50251 - clear text passwords visable in CLI verbose mode logging * Ticket 50378 - ACI's with IPv4 and IPv6 bind rules do not work for IPv6 clients * Ticket 50370 - CleanAllRUV task crashing during server shutdown * Ticket 50340 cont - structs for disabled plugins will not be freed * Ticket 50363 - ds-replcheck incorrectly reports error out of order multi-valued attributes * Ticket 50329 - revert fix * Ticket 50340 - structs for diabled plugins will not be freed * Ticket 50327 - Add replication conflict support to UI * Ticket 50327 - Add replication conflict entry support to lib389/CLI * Ticket 50329 - Possible Security Issue: DOS due to ioblocktimeout not applying to TLS * Ticket 49990 - Increase the default FD limits * Ticket 50291 - Add monitor tab functionality to Cockpit UI * Fix cockpit console AppStream data * Ticket 50305 - Revise CleanAllRUV task restart process * Ticket 50303 - Add task creation date to task data * Ticket 50240 - Improve task logging- Update to version 1.4.0.22~git0.9d84a40dd: * Bump version to 1.4.0.22 which resolves: * (bsc#1120189) * (bsc#991201, CVE-2016-5416) * (bsc#1083689, CVE-2018-1054) * (bsc#1092187, CVE-2018-1089) * (bsc#1099465, CVE-2018-10871) * (bsc#1108674, CVE-2018-14638) * (bsc#1109609, CVE-2018-14648) * (bsc#1132385, CVE-2019-3883) * (bsc#1105606, CVE-2018-10935) * Ticket 50308 - Revise memory leak fix * Ticket 50308 - Fix memory leaks for repeat binds and replication * Ticket 49873 - (cont 3rd) cleanup debug log * Ticket 49873 - (cont 2nd) Contention on virtual attribute lookup * Issue 50292 - Fix Plugin CLI and UI issues * Ticket 50289 - Fix various database UI issues * Ticket 50300 - Fix memory leak in automember plugin * Ticket 50265: the warning about skew time could last forever * Ticket 50260 - Invalid cache flushing improvements * Remove obsolete patch 0001-init_fhs.patch * Remove obsolete patch 0002-use-python2-for-selinux-detection.patch * Remove obsolete patch 0003-fix-rm-non-existent-man-pages.patch * Remove obsolete patch simplify-lib389-setup-py.patch * Remove obsolete patch tw.patch * Remove obsolete patch 0006-under-network-load-ps-can-decrease-connection-refcnt.patch * Remove obsolete patch 0007-fix-remote-dos-via-search-filters-in-slapi_filter_sprintf.patch * Remove obsolete patch 0008-invalid-password-migration-causes-unauth-bind.patch * Remove obsolete patch 0009-ldapsearch-with-server-side-sort-crashes-the-server.patch * Remove obsolete patch 0010-Log-buffer-exceeded-emergency-logging-msg-is-not-thread-safe.patch- Introduce patch: 0010-Log-buffer-exceeded-emergency-logging-msg-is-not-thread-safe.patch to fix the issue "389-ds: Server crash through modify command with large DN" (bsc#1106699, CVE-2018-14624)- Introduce patch: 0009-ldapsearch-with-server-side-sort-crashes-the-server.patch to fix the issue that ldapsearch with server side sort allows users to cause a crash (bsc#1105606, CVE-2018-10935)- Introduce patches: * 0006-under-network-load-ps-can-decrease-connection-refcnt.patch to fix the race condition on reference counter (bsc#1096368, CVE-2018-10850) * 0007-fix-remote-dos-via-search-filters-in-slapi_filter_sprintf.patch (bsc#1076530, CVE-2017-15134) * 0008-invalid-password-migration-causes-unauth-bind.patch (bsc#1076530, CVE-2017-15135)- Explicitly generate dirsrv sysconfig file as it is necessary for SLES 15 (bsc#1081324).- switch lib389 to use the python3-ldap subpackage- For SLES 15 schedule, do not build lib389 programmable extension for now.- BuildRequire python3-ldap instead of python3-pyldap: pyldap is deprecated in favor of python-ldap.- Rename dependency package python-pyldap into python3-pyldap.- Correct name to dependency package "python-pyldap".- Introduce patch 0003-fix-rm-non-existent-man-pages.patch to remove a faulty rm statement from makefile.- add tw.patch to fix potential buffer overflow- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- added simplify-lib389-setup-py.patch seems the python3 setuptools on leap 42.3 do not like this fancy syntax. kill it and always use the python 3 way.- update to 1.4.0.3 - Ticket 49457 - Fix spal_meminfo_get function prototype - Ticket 49455 - Add tests to monitor test suit. - Ticket 49448 - dynamic default pw scheme based on environment. - Ticket 49298 - fix complier warn - Ticket 49298 - Correct error codes with config restore. - Ticket 49454 - SSL Client Authentication breaks in FIPS mode - Ticket 49453 - passwd.py to use pwdhash defaults. - Ticket 49427 - whitespace in fedse.c - Ticket 49410 - opened connection can remain no longer poll, like hanging - Ticket 48118 - fix compiler warning for incorrect return type - Ticket 49451 - Add environment markers to lib389 dependencies - Ticket 49325 - Proof of concept rust tqueue in sds - Ticket 49443 - scope one searches in 1.3.7 give incorrect results - Ticket 48118 - At startup, changelog can be erronously rebuilt after a normal shutdown - Ticket 49412 - SIGSEV when setting invalid changelog config value - Ticket 49441 - Import crashes - oneline fix - Ticket 49377 - Incoming BER too large with TLS on plain port - Ticket 49441 - Import crashes with large indexed binary attributes - Ticket 49435 - Fix NS race condition on loaded test systems - Ticket 77 - lib389 - Refactor docstrings in rST format - part 2 - Ticket 17 - lib389 - dsremove support - Ticket 3 - lib389 - python 3 compat for paged results test - Ticket 3 - lib389 - Python 3 support for memberof plugin test suit - Ticket 3 - lib389 - config test - Ticket 3 - lib389 - python 3 support ds_logs tests - Ticket 3 - lib389 - python 3 support for betxn test- we actually need pyldap- lib389 is merged into this tarball now. move the subpackage here.- update to 1.4.0.2 - Ticket 48393 - fix copy and paste error - Ticket 49439 - cleanallruv is not logging information - Ticket 48393 - Improve replication config validation - Ticket lib389 3 - Python 3 support for ACL test suite - Ticket 103 - sysconfig not found - Ticket 49436 - double free in COS in some conditions - Ticket 48007 - CI test to test changelog trimming interval - Ticket 49424 - Resolve csiphash alignment issues - Ticket lib389 3 - Python 3 support for pwdPolicy_controls_test.py - Ticket 3 - python 3 support - filter test - Ticket 49434 - RPM build errors - Ticket 49432 - filter optimise crash - Ticket 49432 - Add complex fliter CI test - Ticket 48894 - harden valueset_array_to_sorted_quick valueset access - Ticket 49401 - Fix compiler incompatible-pointer-types warnings - Ticket 48681 - Use of uninitialized value in string ne at /usr/bin/logconv.pl - Ticket 49409 - Update lib389 requirements - Ticket 49401 - improve valueset sorted performance on delete - Ticket 49374 - server fails to start because maxdisksize is recognized incorrectly - Ticket 49408 - Server allows to set any nsds5replicaid in the existing replica entry - Ticket 49407 - status-dirsrv shows ellipsed lines - Ticket 48681 - Use of uninitialized value in string ne at /usr/bin/logconv.pl - Ticket 49386 - Memberof should be ignore MODRDN when the pre/post entry are identical - Ticket 48006 - Missing warning for invalid replica backoff configuration - Ticket 49064 - testcase hardening - Ticket 49064 - RFE allow to enable MemberOf plugin in dedicated consumer - Ticket lib389 3 - python 3 support - Ticket 49402 - Adding a database entry with the same database name that was deleted hangs server at shutdown - Ticket 48235 - remove memberof lock (cherry-pick error) - Ticket 49394 - build warning - Ticket 49381 - Refactor numerous suite docstrings - Part 2 - Ticket 49394 - slapi_pblock_get may leave unchanged the provided variable - Ticket 49403 - tidy ns logging - Ticket 49381 - Refactor filter test suite docstrings - Ticket 48235 - Remove memberOf global lock - Ticket 103 - Make sysconfig where it is expected to exist - Ticket 49400 - Add clang support to rpm builds - Ticket 49381 - Refactor ACL test suite docstrings - Ticket 49363 - Merge lib389 - Ticket 101 - BaseException.message has been deprecated in Python3 - Ticket 102 - referral support - Ticket 99 - Fix typo in create_topology - Ticket #98 - Fix dbscan output - Ticket #77 - Fix changelogdb param issue - Ticket #77 - Refactor docstrings in rST format - part 1 - Ticket 96 - Change binaries’ names - Ticket 77 - Add sphinx documentation - Ticket 43 - Add support for Referential Integrity plugin - Ticket 45 - Add support for Rootdn Access Control plugin - Ticket 46 - dsconf support for dynamic schema reload - Ticket 74 - Advice users to set referint-update-delay to 0 - Ticket 92 - display_attr() should return str not bytes in py3 - Ticket 93 - Fix test cases in ctl_dbtasks_test.py - Ticket 88 - python install and remove for tests - Ticket 85 - Remove legacy replication attribute - Ticket 91 - Fix replication topology - Ticket 89 - Fix inconsistency with serverid - Ticket 79 - Fix replica.py and add tests - Ticket 86 - add build dir to gitignore - Ticket 83 - Add an util for generating instance parameters - Ticket 87 - Update accesslog regec for HR etimes - Ticket 49 - Add support for whoami plugin - Ticket 48 - Add support for USN plugin - Ticket 78 - Add exists() method to DSLdapObject - Ticket 31 - Allow complete removal of some memberOf attrs - Ticket31 - Add memberOf fix-up task - Ticket 67 - Add ensure_int function - Ticket 59 - lib389 support for index management. - Ticket 67 - get attr by type - Ticket 70 - Improve repl tools - Ticket 50 - typo in db2* in dsctl - Ticket 31 - Add status command and SkipNested support for MemberOf - Ticket 31 - Add functional tests for MemberOf plugin - Ticket 66 - expand healthcheck for Directory Server - Ticket 69 - add specfile requires - Ticket 31 - Initial MemberOf plugin support - Ticket 50 - Add db2* tasks to dsctl - Ticket 65 - Add m2c2 topology - Ticket 63 - part 2, agreement test - Ticket 63 - lib389 python 3 fix - Ticket 62 - dirsrv offline log - Ticket 60 - add dsrc to dsconf and dsidm - Ticket 32 - Add TLS external bind support for testing - Ticket 27 - Fix get function in tests - Ticket 28 - userAccount for older versions without nsmemberof - Ticket 27 - Improve dseldif API - Ticket 30 - Add initial support for account lock and unlock. - Ticket 29 - fix incorrect format in tools - Ticket 28 - Change default objectClasses for users and groups - Ticket 1 - Fix missing dn / rdn on config. - Ticket 27 - Add a module for working with dse.ldif file - Ticket 1 - cn=config comparison - Ticket 21 - Missing serverid in dirsrv_test due to incorrect allocation - Ticket 26 - improve lib389 sasl support - Ticket 24 - Join paths using os.path.join instead of string concatenation - Ticket 25 - Fix RUV repr function - Ticket 23 - Use DirSrv.exists() instead of manually checking for instance’s existence - Ticket 1 - cn=config comparison - Ticket 22 - Specify a basedn parameter for IDM modules - Ticket 19 - missing readme.md in python3 - Ticket 20 - Use the DN_DM constant instead of hard coding its value - Ticket 19 - Missing file and improve make - Ticket 14 - Remane dsadm to dsctl - Ticket 16 - Reset InstScriptsEnabled argument during the init - Ticket 14 - Remane dsadm to dsctl - Ticket 13 - Add init function to create new domain entries - Ticket 15 - Improve instance configuration ability - Ticket 10 - Improve command line tool arguments - Ticket 9 - Convert readme to MD - Ticket 7 - Add pause and resume methods to topology fixtures - Ticket 49172 - Allow lib389 to read system schema and instance - Ticket 49172 - Allow lib389 to read system schema and instance - Ticket 6 - Bump lib389 version 1.0.4 - Ticket 5 - Fix container build on fedora - Ticket 4 - Cert detection breaks some tests - Ticket 49137 - Add sasl plain tests, lib389 support - Ticket 2 - pytest mark with version relies on root - Ticket 49126 - DIT management tool - Ticket 49101 - Python 2 generate example entries - Ticket 49103 - python 2 support for installer - Ticket 47747 - Add topology_i2 and topology_i3 - Ticket 49087 - lib389 resolve jenkins issues - Ticket 48413 - Improvements to lib389 for rest - Ticket 49083 - Support prefix for discovery of the defaults.inf file. - Ticket 49055 - Fix debugging mode issue - Ticket 49060 - Increase number of masters, hubs and consumers in topology - Ticket 47747 - Add more topology fixtures - Ticket 47840 - Add InstScriptsEnabled argument - Ticket 47747 - Add topology fixtures module - Ticket 48707 - Implement draft-wibrown-ldapssotoken-01 - Ticket 49022 - Lib389, py3 installer cannot create entries in backend - Ticket 49024 - Fix paths to the dbdir parent - Ticket 49024 - Fix db_dir paths - Ticket 49024 - Fix paths in tools module - Ticket 48961 - Fix lib389 minor issues shown by 48961 test - Ticket 49010 - Lib389 fails to start with systemctl changes - Ticket 49007 - lib389 fixes for paths to use online values - Ticket 49005 - Update lib389 to work in containers correctly. - Ticket 48991 - Fix lib389 spec for python2 and python3 - Ticket 48984 - Add lib389 paths module - Ticket 48951 - dsadm dsconfig status and plugin - Ticket 47957 - Update the replication “idle” status string - Ticket 48951 - dsadm and dsconf base files - Ticket 48952 - Restart command needs a sleep - Ticket 48949 - Fix ups for style and correctness - Ticket 48949 - added copying slapd-collations.conf - Ticket 48949 - change default file path generation - use os.path.join - Ticket 48949 - os.makedirs() exist_ok not python2 compatible, added try/except - Ticket 48949 - configparser fallback not python2 compatible - Ticket 48946 - openConnection should not fully popluate DirSrv object - Ticket 48832 - Add DirSrvTools.getLocalhost() function - Ticket 48382 - Fix serverCmd to get sbin dir properly - Bug 1347760 - Information disclosure via repeated use of LDAP ADD operation, etc. - Ticket 48937 - Cleanup valgrind wrapper script - Ticket 48923 - Fix additional issue with serverCmd - Ticket 48923 - serverCmd timeout not working as expected - Ticket 48917 - Attribute presence - Ticket 48911 - Plugin improvements for lib389 - Ticket 48911 - Improve plugin support based on new mapped objects - Ticket 48910 - Fixes for backend tests and lib389 reliability. - Ticket 48860 - Add replication tools - Ticket 48888 - Correction to create of dsldapobject - Ticket 48886 - Fix NSS SSL library in lib389 - Ticket 48885 - Fix spec file requires - Ticket 48884 - Bugfixes for mapped object and new connections - Ticket 48878 - better style for backend in backend_test.py - Ticket 48878 - pep8 fixes part 2 - Ticket 48878 - pep8 fixes and fix rpm to build - Ticket 48853 - Prerelease installer - Ticket 48820 - Begin to test compatability with py.test3, and the new orm - Ticket 48434 - Fix for negative tz offsets - Ticket 48857 - Remove python-krbV from lib389 - Ticket 48820 - Fix tests to ensure they work with the new object types - Ticket 48820 - Move Encryption and RSA to the new object types - Ticket 48820 - Proof of concept of orm style mapping of configs and objects - Ticket 48820 - Clitool rename - Ticket 48431 - lib389 integrate ldclt - Ticket 48434 - lib389 logging tools - Ticket 48796 - add function to remove logs - Ticket 48771 - lib389 - get ns-slapd version - Ticket 48830 - Convert lib389 to ip route tools - Ticket 48763 - backup should run regardless of existing backups. - Ticket 48434 - lib389 logging tools - Ticket 48798 - EL6 compat for lib389 tests for DH params - Ticket 48798 - lib389 add ability to create nss ca and certificate - Ticket 48433 - Aci linting tools - Ticket 48791 - format args in server tools - Ticket 48399 - Helper makefile is missing mkdir dist - Ticket 48399 - Helper makefile is missing mkdir dist - Ticket 48794 - lib389 build requires are on a single line - Ticket 48660 - Add function to convert binary values in an entry to base64 - Ticket 48764 - Fix mit krb password to be random. - Ticket 48765 - Change default ports for standalone topology - Ticket 48750 - Clean up logging to improve command experience - Ticket 48751 - Improve lib389 ldapi support - Ticket 48399 - Add helper makefile to lib389 to build and install - Ticket 48661 - Agreement test suite fails at the test_changes case - Ticket 48407 - Add test coverage module for lib389 repo - Ticket 48357 - clitools should standarise their args - Ticket 48560 - Make verbose handling consistent - Ticket 48419 - getadminport() should not a be a static method - Ticket 48408 - RFE escaped default suffix for tests - Ticket 48401 - Revert typecheck - Ticket 48401 - lib389 Entry hasAttr returs dict instead of false - Ticket 48390 - RFE Improvements to lib389 monitor features for rest389 - Ticket 48358 - Add new spec file - Ticket 48371 - weaker host check on localhost.localdomain - Ticket 58358 - Update spec file with pre-release versioning - Ticket 48358 - Make Fedora packaging changes to the spec file - Ticket 48358 - Prepare lib389 for Fedora Packaging - Ticket 48364 - Fix test failures - Ticket 48360 - Refactor the delete agreement function - Ticket 48361 - Expand 389ds monitoring capabilities - Ticket 48246 - Adding license/copyright to lib389 files - Ticket 48340 - Add basic monitor support to lib389 https://fedorahosted.org/389/ticket/48340 - Ticket 48353 - Add Replication REST support to lib389 - Ticket 47840 - Fix regression - Ticket 48343 - lib389 krb5 realm management https://fedorahosted.org/389/ticket/48343 - Ticket 47840 - fix lib389 to use sbin scripts https://fedorahosted.org/389/ticket/47840 - Ticket 48335 - Add SASL support to lib389 - Ticket 48329 - Fix case-senstive scyheam comparisions - Ticket 48303 - Fix lib389 broken tests - Ticket 48329 - add matching rule functions to schema module - Ticket 48324 - fix boolean capitalisation (one line) https://fedorahosted.org/389/ticket/48324 - Ticket 48321 - Improve is_a_dn check to prevent mistakes with lib389 auth https://fedorahosted.org/389/ticket/48321 - Ticket 48322 - Allow reindex function to reindex all attributes - Ticket 48319 - Fix ldap.LDAPError exception processing - Ticket 48318 - Do not delete a changelog while disabling a replication by suffix - Ticket 48308 - Add eq and ne to Entry to allow fast comparison https://fedorahosted.org/389/ticket/48308 - Ticket 48303 - Fix lib389 broken tests - backend_test - Ticket 48309 - Fix lib389 lib imports - Ticket 48303 - Fix lib389 broken tests - agreement_test - Ticket 48303 - Fix lib389 broken tests - aci_parse_test - Ticket 48301 - add tox support - Ticket 48204 - update lib389 for python3 - Ticket 48273 - Improve valgrind functions - Ticket 48271 - Fix for self.prefix being none when SER_DEPLOYED_DIR is none https://fedorahosted.org/389/ticket/48271 - Ticket 48259 - Add aci parsing utilities to lib389 - Ticket 48252 - (lib389) adding get_bin_dir and dbscan - Ticket 48247 - Change the default user to ‘dirsrv’ - Ticket 47848 - Add new function to create ldif files - Ticket 48239 - Fix for prefix allocation of un-initialised dirsrv objects - Ticket 48237 - Add lib389 helper to enable and disable logging services. - Ticket 48236 - Add get effective rights helper to lib389 - Ticket 48238 - Add objectclass and attribute type query mechanisms - Ticket 48029 - Add missing replication related functions - Ticket 48028 - add valgrind wrapper for ns-slapd - Ticket 48028 - lib389 - add valgrind functions - Ticket 48022 - lib389 - Add all the server tasks - Ticket 48023 - create function to test replication between servers - Ticket 48020 - lib389 - need to reset args_instance with every DirSrv init - Ticket 48000 - Repl agmts need more time to stop - Ticket 48004 - Fix various issues - Ticket 48000 - replica agreement pause/resume should have a short sleep - Ticket 47990 - Add check for “.removed” instances when doing an upgrade - Ticket 47990 - Add “upgrade” function to lib389 - Ticket 47691 - using lib389 with RPMs - Ticket 47848 - Add support for setuptools. - Ticket 47855 - Add function to clear tmp directory - Ticket 47851 - Need to retrieve tmp directory path - Ticket 47845 - add stripcsn option to tombstone fixup task - Ticket 47851 - Add function to retrieve dirsrvtests data directory - Ticket 47845 - Add backup/restore/fixup tombstone tasks to lib389 - Ticket 47819 - Add the new precise tombstone purging config attribute - Ticket 47695 - Add plugins/tasks/Index - Ticket 47648 - lib389 - add schema classes, methods - Ticket 47671 - CI lib389: allow to open a DirSrv without having to create the instance - Ticket 47600 - Replica/Agreement/Changelog not conform to the design - Ticket 47652 - replica add fails: MT.list return a list not an entry - Ticket 47635 - MT/Backend/Suffix to be conform with the design - Ticket 47625 - CI lib389: DirSrv not conform to the design - Ticket 47595 - fail to detect/reinit already existing instance/backup - Ticket 47590 - CI tests: add/split functions around replication - Ticket 47584 - CI tests: add backup/restore of an instance - Ticket 47578 - CI tests: removal of ‘sudo’ and absolute path in lib389 - Ticket 47568 - Rename DSAdmin class - Ticket 47566 - Initial import of DSadmin into 389-test repos- Use openSUSE rpm group classifications. - Remove removal of .a files that do not exist to begin with (because of --disable-static). - Remove double removal of .la files. - Do not suppress errors from useradd.- update to 1.4.0.1 - Ticket 49038 - remove legacy replication - change cleanup script precedence - Ticket 49392 - memavailable not available - Ticket 49235 - pbkdf2 by default - Ticket 49279 - remove dsktune - Ticket 49372 - filter optimisation improvements for common queries - Ticket 49320 - Activating already active role returns error 16 - Ticket 49389 - unable to retrieve specific cosAttribute when subtree password policy is configured - Ticket 49092 - Add CI test for schema-reload - Ticket 49388 - repl-monitor - matches null string many times in regex - Ticket 49387 - pbkdf2 settings were too aggressive - Ticket 49385 - Fix coverity warnings - Ticket 49305 - Need to wrap atomic calls - Ticket 48973 - Indexing a ExactIA5Match attribute with a IgnoreIA5Match matching rule triggers a warning - Ticket 49378 - server init fails - Ticket 49305 - Need to wrap atomic calls - Ticket 49180 - add CI test - Ticket 49180 - errors log filled with attrlist_replace - attr_replace- drop 389-ds-reproducible.patch: applied upstream- move upgrade and restart code to postun- make sure we stop before uninstall - build require gdb for directory ownership- sync requires with fedora spec file - build with tcmalloc - add missing requires for things like bind-utils, db-utils - add requires to the devel package - split out the snmp agent - upgrade all databases on update- update to 1.4.0.0 - Ticket 49327 - Add CI test for password expiration controls - Ticket 48085 - CI tests - replication ruvstore - Ticket 49381 - Refactor numerous suite docstrings - Ticket 48085 - CI tests - replication cl5 - Ticket 49379 - Allowed sasl mapping requires restart - Ticket 49327 - password expired control not sent during grace logins - Ticket 49380 - Add CI test - Ticket 83 - Fix create_test.py imports - Ticket 49381 - Add docstrings to ds_logs, gssapi_repl, betxn - Ticket 49380 - Crash when adding invalid replication agreement - Ticket 48081 - CI test - password - Ticket 49295 - Fix CI tests - Ticket 49295 - Fix CI test for account policy - Ticket 49373 - remove unused header file - changes from 1.3.7.4 - Ticket 49371 - Cleanup update script - Ticket 48831 - Autotune dncache with entry cache. - Ticket 49312 - pwdhash -D used default hash algo - Ticket 49043 - make replication conflicts transparent to clients - Ticket 49371 - Fix rpm build - Ticket 49371 - Template dse.ldif did not contain all needed plugins - Ticket 49295 - Fix CI Tests - Ticket 49050 - make objectclass ldapsubentry effective immediately - changes from 1.3.7.3 - Ticket 49354 - fix regression in total init due to mistake in range fetch - Ticket 49370 - local password policies should use the same defaults as the global policy - Ticket 48989 - Delete slow lib389 test - Ticket 49367 - missing braces in idsktune - Ticket 49364 - incorrect function declaration. - Ticket 49275 - fix tls auth regression - Ticket 49038 - Revise creation of cn=replication,cn=config - Ticket 49368 - Fix typo in log message - Ticket 48059 - Add docstrings to CLU tests - Ticket 47840 - Add docstrings to setup tests - Ticket 49348 - support perlless and wrapperless install- Remove unnecessary ldconfig calls- update to 1.3.7.2 - Ticket 49038 - Fix regression from legacy code cleanup - Ticket 49295 - Fix CI tests - Ticket 48067 - Add bugzilla tests for ds_logs - Ticket 49356 - mapping tree crash can occur during tot init - Ticket 49275 - fix compiler warns for gcc 7 - Ticket 49248 - Add a docstring to account locking test case - Ticket 49445 - remove dead code - Ticket 48081 - Add regression tests for pwpolicy - Ticket 48056 - Add docstrings to basic test suite - Ticket 49349 - global name ‘imap’ is not defined - Ticket 83 - lib389 - Fix tests and create_test.py - Ticket 48185 - Remove referint-logchanges attr from referint’s config - Ticket 48081 - Add regression tests for pwpolicy - Ticket 83 - lib389 - Replace topology agmt objects - Ticket 49331 - change autoscaling defaults - Ticket 49330 - Improve ndn cache performance. - Ticket 49347 - reproducable build numbers - Ticket 39344 - changelog ldif import fails - Ticket 49337 - Add regression tests for import tests - Ticket 49309 - syntax checking on referint’s delay attr - Ticket 49336 - SECURITY: Locked account provides different return code - Ticket 49332 - Event queue is not working - Ticket 49313 - Change the retrochangelog default cache size - Ticket 49329 - Descriptive error msg for USN cleanup task - Ticket 49328 - Cleanup source code - Ticket 49299 - Add normalized dn cache stats to dbmon.sh - Ticket 49290 - improve idl handling in complex searches - Ticket 49328 - Update clang-format config file - Ticket 49091 - remove usage of changelog semaphore - Ticket 49275 - shadow warnings for gcc7 - pass 1 - Ticket 49316 - fix missing not condition in clock cleanu - Ticket 49038 - Remove legacy replication - Ticket 49287 - v3 extend csnpl handling to multiple backends - Ticket 49310 - remove sds logging in debug builds - Ticket 49031 - Improve memberof with a cache of group parents - Ticket 49316 - Fix clock unsafety in DS - Ticket 48210 - Add IP addr and connid to monitor output - Ticket 49295 - Fix CI tests and compiler warnings - Ticket 49295 - Fix CI tests - Ticket 49305 - Improve atomic behaviours in 389-ds - Ticket 49298 - fix missing header - Ticket 49314 - Add untracked files to the .gitignore - Ticket 49303 - Fix error in CI test - Ticket 49302 - fix dirsrv importst due to lib389 change - Ticket 49303 - Add option to disable TLS client-initiated renegotiation - Ticket 49298 - force sync() on shutdown - Ticket 49306 - make -f rpm.mk rpms produces build without tcmalloc enabled - Ticket 49297 - improve search perf in bpt by removing a deref - Ticket 49284 - resolve crash in memberof when deleting attrs - Ticket 49290 - unindexed range searches don’t provide notes=U - Ticket 49301 - Add one logpipe test case - changes from 1.3.6.8 - Ticket 49356 - mapping tree crash can occur during tot init - changes from 1.3.6.7 - Ticket 49330 - Improve ndn cache performance - Ticket 49298 - fix missing header - Ticket 49298 - force sync() on shutdown - Ticket 49336 - SECURITY: Locked account provides different return code - Ticket 49334 - fix backup restore if changelog exists - Ticket 49313 - Change the retrochangelog default cache size - Fix error log format in add.c - Ticket 49287 - fix compiler warning for patch 49287 - Ticket 49287 - v3 extend csnpl handling to multiple backends - Ticket 49288 - RootDN Access wrong plugin path in template-dse.ldif.in - Ticket 49291 - slapi_search_internal_callback_pb may SIGSEV if related pblock has not operation set - Ticket 49008 - Fix MO plugin betxn test - Ticket 49227 - ldapsearch does not return the expected Error log level - Ticket 49028 - Add autotuning test suite - Ticket 49273 - bak2db doesn’t operate with dbversion - Ticket 49184 - adjust logging level in MO plugin - Ticket 49257 - only register modify callbacks - Ticket 49257 - Update CI script - Ticket 49008 - Adjust CI test for new memberOf behavior - Ticket 49273 - crash when DBVERSION is corrupt. - Ticket 49268 - master branch fails on big endian systems - Ticket 49241 - add symblic link location to db2bak.pl output - Ticket 49257 - Reject nsslapd-cachememsize & nsslapd-cachesize when nsslapd-cache-autosize is set - Ticket 48538 - Failed to delete old semaphore - Ticket 49231 - force EXTERNAL always - Ticket 49267 - autosize split of 0 results in dbcache of 0- Add 389-ds-reproducible.patch not use build date in build num to make build reproducible (boo#1047218)- Introduce acl as mandatory runtime dependency.- Rename patch 389-ds-base-1.3.2.11_init_fhs.patch -> 0001-init_fhs.patch - Fix faulty python module import with patch 0002-use-python2-for-selinux-detection.patch - Conduct a major clean-up of spec file to remove all outdated macros - Introduce extra schema files from OpenLDAP distribution with extra-schema.tgz and LICENSE.openldap- update to 1.3.6.6 - Ticket 49157 - fix error in ds-logpipe.py - Ticket 48864 - remove config.h from spal header. - Ticket 48681 - logconv.pl - Fix SASL Bind stats and rework report format - Ticket 49261 - Fix script usage and man pages - Ticket 49238 - AddressSanitizer: heap-use-after-free in libreplication - Ticket 48864 - Fix FreeIPA build - Ticket 49257 - Reject dbcachesize updates while auto cache sizing is enabled - Ticket 49249 - cos_cache is erroneously logging schema checking failure - Ticket 49258 - Allow nsslapd-cache-autosize to be modified while the server is running - Ticket 49247 - resolve build issues on debian - Ticket 49246 - ns-slapd crashes in role cache creation - Ticket 49157 - ds-logpipe.py crashes for non-existing users - Ticket 49241 - Update man page and usage for db2bak.pl - Ticket 49075 - Adjust logging severity levels - Ticket 47662 - db2index not properly evaluating arguments - Ticket 48989 - fix perf counters - changes from 1.3.6.5 - Ticket 49231 - fix sasl mech handling - Ticket 49233 - Fix crash in persistent search - Ticket 49230 - slapi_register_plugin creates config entry where it should not - Ticket 49135 - PBKDF2 should determine rounds at startup - Ticket 49236 - Fix CI Tests - Ticket 48310 - entry distribution should be case insensitive - Ticket 49224 - without –prefix, $prefixdir would be NONE in defaults. - drop 9563d299.patch: included upstream- added 9563d299.patch to fix building slapi-nis and freeipa- Do not suppress errors from user/group creation. Add some safety quoting here and there.- update to 1.3.6.4 - Ticket 49228 - Fix SSE4.2 detection. - Ticket 49229 - Correct issues in latest commits - Ticket 49226 - Memory leak in ldap-agent-bin - Ticket 49214 - Implement htree concept - Ticket 49119 - Cleanup configure.ac options and defines - Ticket 49097 - whitespace fixes for pblock change - Ticket 49097 - Pblock get/set cleanup - Ticket 49222 - Resolve various test issues on rawhide - Issue 48978 - Fix the emergency logging functions severity levels - Issue 49227 - ldapsearch for nsslapd-errorlog-level returns incorrect values - Ticket 49041 - nss won’t start if sql db type set - Ticket 49223 - Fix sds queue locking - Issue 49204 - Fix 32bit arch build failures - Issue 49204 - Need to update function declaration - Ticket 49204 - Fix lower bounds on import autosize + On small VM, autotune breaks the access of the suffixes - Issue 49221 - During an upgrade the provided localhost name is ignored - Issue 49220 - Remote crash via crafted LDAP messages (SECURITY FIX) - Ticket 49184 - Overflow in memberof - Ticket 48050 - Add account policy tests to plugins test suite - Ticket 49207 - Supply docker POC build for DS. - Issue 47662 - CLI args get removed - Issue 49210 - Fix regression when checking is password min age should be checked - Ticket 48864 - Add cgroup memory limit detection to 389-ds - Issue 48085 - Expand the repl acceptance test suite - Ticket 49209 - Hang due to omitted replica lock release - Ticket 48864 - Cleanup memory detection before we add cgroup support - Ticket 48864 - Cleanup up broken format macros and imports - Ticket 49153 - Remove vacuum lock on transaction cleanup - Ticket 49200 - provide minimal dse.ldif for python installer - Issue 49205 - Fix logconv.pl man page - Issue 49177 - Fix pkg-config file - Issue 49035 - dbmon.sh shows pages-in-use that exceeds the cache size - Ticket 48432 - Linux capabilities on ns-slapd - Ticket 49196 - Autotune generates crit messages - Ticket 49194 - Lower default ioblock timeout - Ticket 49193 - gcc7 warning fixes - Issue 49039 - password min age should be ignored if password needs to be reset - Ticket 48989 - Re-implement lock counter - Issue 49192 - Deleting suffix can hang server - Issue 49156 - Modify token :assert: to :expectedresults: - Ticket 48989 - missing return in counter - Ticket 48989 - Improve counter overflow fix - Ticket 49190 - Upgrade lfds to 7.1.1 - Ticket 49187 - Fix attribute definition - Ticket 49185 - Fix memleak in compute init- update to 1.3.6.3 This release contains security and bug fixes and a few enhancements. - Issue 49177 - rpm would not create valid pkgconfig files(pt2) - Issue 49186 - Fix NS to improve shutdown relability - Issue 49174 - nunc-stans can not use negative timeout - Issue 49076 - To debug DB_DEADLOCK condition, allow to reset DB_TXN_NOWAIT flag on txn_begin - Issue 49188 - retrocl can crash server at shutdown - Issue 47840 - Add setup_ds test suite - Fix srvcore version dependancy - Issue 48989 - Overflow in counters and monitor - Issue 49095 - targetattr wildcard evaluation is incorrectly case sensitive - Issue 49177 - rpm would not create valid pkgconfig files - Issue 49176 - Remove tcmalloc restriction from s390x - Issue 49157 - ds-logpipe.py crashes for non-existing users - Issue 49065 - dbmon.sh fails if you have nsslapd-require-secure-binds enabled - Issue 49095 - Fix double-free in _cl5NewDBFile() error path - Issue 49169 - Fix covscan errors(regression) - Issue 49172 - Fix test schema files - Issue 49171 - Nunc Stans incorrectly reports a timeout - Issue 49169 - Fix covscan errors - Issue 49164 - Change NS to acq-rel semantics for atomics - Issue 49154 - Nunc Stans stress should assert it has 95% success rate - Issue 49165 - pw_verify did not handle external auth - Issue 49062 - Reset agmt update staus and total init - Issue 49151 - Remove defunct selinux policy - add BR for autoconf, autotool, libtool as upstream doesn't ship a prebuilt configure anymore - import BR from nunc-stans as it is intree now: libtevent-devel libtalloc-devel libevent-devel - added BR for doxygen to build doxygen - enable auto-dn-suffix feature- fix build on factory: libsystemd-* libs got merged into libsystemd.- update to 1.3.5.15 - bz1358565 - Clear and unsalted password types are vulnerable to timing attack (SECURITY FIX) - Ticket 49016 - (un)register/migration/remove may fail if there is no suffix on ‘userRoot’ backend - Ticket 48328 - Add missing dependency - Ticket 49009 - args debug logging must be more restrictive - Ticket 49014 - ns-accountstatus.pl shows wrong status for accounts inactivated by Account policy plugin - Ticket 47703 - remove search limit for aci group evaluation - Ticket 48909 - Replication stops working in FIPS mode - changes in 1.3.5.14 - Ticket 48992 - Total init may fail if the pushed schema is rejected - Ticket 48832 - Fix CI test suite for password min age - Ticket 48983 - Configure and Makefile.in from new default paths work. - Ticket 48983 - Configure and Makefile.in from new default paths work. - Ticket 48983 - generate install path info from autotools scripts - Ticket 48944 - on a read only replica invalid state info can accumulate - Ticket 48766 - use a consumer maxcsn only as anchor if supplier is more advanced - Ticket 48921 - CI Replication stress tests have limits set too low - Ticket 48969 - nsslapd-auditfaillog always has an explicit path - Ticket 48957 - Update repl-monitor to handle new status messages - Ticket 48832 - Fix CI tests - Ticket 48975 - Disabling CLEAR password storage scheme will crash server when setting a password - Ticket 48369 - Add CI test suite - Ticket 48970 - Serverside sorting crashes the server - Ticket 48972 - remove old pwp code that adds/removes ACIs - Ticket 48957 - set proper update status to replication agreement in case of failure - Ticket 48950 - Add systemd warning to the LD_PRELOAD example in /etc/sysconfig/dirsrv - provide backend dir in suffix template - Ticket 48953 - Skip labelling and unlabelling ports during the test - Ticket 48967 - Add CI test and refactor test suite - Ticket 48967 - passwordMinAge attribute doesn’t limit the minimum age of the password - Fix jenkins warnings about unused vars - Ticket 48402 - v3 allow plugins to detect a restore or import - Ticket #48969 - nsslapd-auditfaillog always has an explicit path - Ticket 48964 - cleanAllRUV changelog purging incorrectly processes all backends - Ticket 48965 - Fix building rpms using rpm.mk - Ticket 48965 - Fix generation of the pre-release version - Bugzilla 1368956 - man page of ns-accountstatus.pl shows redundant entries for -p port option - Ticket 48960 - Crash in import_wait_for_space_in_fifo(). - Ticket 48832 - Fix more CI test failures - Ticket 48958 - Audit fail log doesn’t work if audit log disabled. - Ticket 48956 - ns-accountstatus.pl showing “activated” user even if it is inactivated - Ticket 48954 - replication fails because anchorcsn cannot be found - Ticket 48832 - Fix CI tests failures from jenkins server - Ticket 48950 - Change example in /etc/sysconfig/dirsrv to use tcmalloc- New upstream release 1.3.4.14- update to 1.3.5.13 - CVE-2016-4992 389-ds-base: Information disclosure via repeated use of LDAP ADD operation, etc. - Ticket 47538 - Fix repl-monitor color and lag times - Ticket 47538 - repl-monitor.pl legend not properly sorted - Ticket 47538 - repl-monitor.pl not displaying correct color code for lag time - Ticket 47664 - Move CI test to the pr suite and refactor - Ticket 47824 - Remove CI test from tickets and add logging - Ticket 47911 - split out snmp agent into a subpackage - Ticket 47976 - Add fixed CI test case - Ticket 47982 - Fix log hr timestamps when invalid value is set in cn=config - Ticket 48109 - substring index with nssubstrbegin: 1 is not being used with filters like (attr=x*) - Ticket 48144 - Add /usr/sbin/status-dirsrv script to get the status of the directory server instance. - Ticket 48191 - Move CI test to the pr suite and refactor - Ticket 48234 - “matching rules” in ACI’s “bind rules not fully evaluated - Ticket 48234 - CI test: test case for ticket 48234 - Ticket 48275 - search returns no entry when OR filter component contains non readable attribute - Ticket 48326 - Move CI test to config test suite and refactor - Ticket 48336 - Missing semanage dependency - Ticket 48336 - setup-ds should detect if port is already defined - Ticket 48346 - ldaputil code cleanup - Ticket 48346 - log too verbose when re-acquiring expired ticket - Ticket 48354 - Review of default ACI in the directory server - Ticket 48363 - CI test - add test suite - Ticket 48366 - proxyauth does not work bound as directory manager - Ticket 48404 - libslapd owned by libs and devel - Ticket 48449 - Import readNSState from richm’s repo - Ticket 48449 - Import readNSState.py from RichM’s repo - Ticket 48450 - Add prestart work around for systemd ask password - Ticket 48450 - Autotools components for ds_systemd_ask_password_acl - Ticket 48617 - Coverity fixes - Ticket 48636 - Fix config validation check - Ticket 48636 - Improve replication convergence - Ticket 48637 - DN cache is not always updated when ADD operation fails - Ticket 48743 - If a cipher is disabled do not attempt to look it up - Ticket 48745 - Matching Rule caseExactIA5Match indexes incorrectly values with upper cases - Ticket 48745 - Matching Rule caseExactIA5Match indexes incorrectly values with upper cases - Ticket 48747 - dirsrv service fails to start when nsslapd-listenhost is configured - Ticket 48752 - Page result search should return empty cookie if there is no returned entry - Ticket 48752 - Add CI test - Ticket 48754 - ldclt should support -H - Ticket 48755 - moving an entry could make the online init fail - Ticket 48755 - CI test: test case for ticket 48755 - Ticket 48766 - Replication changelog can incorrectly skip over updates - Ticket 48767 - flow control in replication also blocks receiving results - Ticket 48795 - Make various improvements to create_test.py - Ticket 48799 - Test cases for objectClass values being dropped. - Ticket 48815 - ns-accountstatus.pl - fix DN normalization - Ticket 48832 - Fix timing and localhost issues - Ticket 48832 - CI tests - Ticket 48833 - 389 showing inconsistent values for shadowMax and shadowWarning in 1.3.5.1 - Ticket 48834 - Fix jenkins: discared qualifier on auditlog.c - Ticket 48834 - Modifier’s name is not recorded in the audit log with modrdn and moddn operations - Ticket 48844 - Regression introduced in matching rules by DS 48746 - Ticket 48846 - 32 bit systems set low vmsize - Ticket 48846 - Older kernels do not expose memavailable - Ticket 48846 - Rlimit checks should detect RLIM_INFINITY - Ticket 48848 - modrdn deleteoldrdn can fail to find old attribute value, perhaps due to case folding - Ticket 48849 - Systemd introduced incompatible changes that breaks ds build - Ticket 48850 - Correct memory leaks in pwdhash-bin and ns-slapd - Ticket 48854 - Running db2index with no options breaks replication - Ticket 48855 - Add basic pwdPolicy tests - Ticket 48858 - Segfault changing nsslapd-rootpw - Ticket 48862 - At startup DES to AES password conversion causes timeout in start script - Ticket 48863 - remove check for vmsize from util_info_sys_pages - Ticket 48870 - Correct plugin execution order due to changes in exop - Ticket 48872 - Fix segfault and use after free in plugin shutdown - Ticket 48873 - Backend should accept the reduced cache allocation when issane == 1 - Ticket 48877 - Fixes for RPM spec with spectool - Ticket 48880 - adding pre/post extop ability - Ticket 48882 - server can hang in connection list processing - Ticket 48889 - ldclt - fix man page and usage info - Ticket 48891 - ns-slapd crashes during the shutdown after adding attribute with a matching rule - Ticket 48892 - Wrong result code display in audit-failure log - Ticket 48893 - cn=config should not have readable components to anonymous - Ticket 48895 - tests package should be noarch - Ticket 48898 - Crash during shutdown if nunc-stans is enabled - Ticket 48899 - Values of dbcachetries/dbcachehits in cn=monitor could overflow. - Ticket 48900 - Add connection perf stats to logconv.pl - Ticket 48902 - Strdup pwdstoragescheme name to prevent misbehaving plugins - Ticket 48904 - syncrepl search returning error 329; plugin sending a bad error code - Ticket 48905 - coverity defects - Ticket 48912 - ntUserNtPassword schema - Ticket 48914 - db2bak.pl task enters infinitive loop when bak fs is almost full - Ticket 48916 - DNA Threshold set to 0 causes SIGFPE - Ticket 48918 - Upgrade to 389-ds-base >= 1.3.5.5 doesn’t install 389-ds-base-snmp - Ticket 48919 - Compiler warnings while building 389-ds-base on RHEL7 - Ticket 48920 - Memory leak in pwdhash-bin - Ticket 48921 - Adding replication and reliability tests - Ticket 48922 - Fix crash when deleting backend while import is running - Ticket 48924 - Fixup tombstone task needs to set proper flag when updating tombstones - Ticket 48925 - slapd crash with SIGILL: Dsktune should detect lack of CMPXCHG16B - Ticket 48928 - log of page result cookie should log empty cookie with a different value than 0 - Ticket 48930 - Paged result search can hang the server - Ticket 48934 - remove-ds.pl deletes an instance even if wrong prefix was specified - Ticket 48935 - Update dirsrv.systemd file - Ticket 48936 - Duplicate collation entries - Ticket 48939 - nsslapd-workingdir is empty when ns-slapd is started by systemd - Ticket 48940 - DS logs have warning:ancestorid not indexed - Ticket 48943 - When fine-grained policy is applied, a sub-tree has a priority over a user while changing password - Ticket 48943 - Add CI Test for the password test suite- update to 1.3.5.4 - Ticket 48836 - replication session fails because of permission denied - Ticket 48837 - Replication: total init aborted - Ticket 48617 - Server ram checks work in isolation - Ticket 48220 - The “repl-monitor” web page does not display “year” in date. - Ticket 48829 - Add gssapi sasl replication bind test - Ticket 48497 - uncomment pytest from CI test - Ticket 48828 - db2ldif is not taking into account multiple suffixes or backends - Ticket 48818 - Fix case where return code is always -1 - Ticket 48826 - 52updateAESplugin.pl may fail on older versions of perl - Ticket 48825 - Configure make generate invalid makefile - changes from 1.3.5.3 - Ticket 47536 - Allow usage of OpenLDAP libraries that don’t use NSS for crypto - Ticket 47536 - CI test: added test cases for ticket 47536 - Ticket 47840 - default instance scripts if undefined. - Ticket 47888 - Add CI test - Ticket 47888 - DES to AES password conversion fails if a backend is empty - Ticket 47951 - Fix startpid from altering dev/null - Ticket 47968 - Disable journald logs by default - Ticket 47982 - HR Log timers, regression fix for subsystem logging - Ticket 48078 - CI test - paged_results - TET part - Ticket 48144 - Add /usr/sbin/status-dirsrv script to get the status of the directory server instance. - Ticket 48269 - ns-accountstatus status message improvement - Ticket 48342 - DNA: deadlock during DNA_EXTEND_EXOP_REQUEST_OID - Ticket 48342 - DNA Deadlock test cases - Ticket 48342 - Prevent transaction abort if a transaction has not begun - Ticket 48350 - Integrate ASAN into our rpm build process - Ticket 48374 - entry cache locks not released in error conditions - Ticket 48410 - 389-ds-base - Unable to remove / unregister a DS instance from admin server - Ticket 48447 - with-initddir should accept no - Ticket 48450 - Systemd password agent support - Ticket 48492 - heap corruption at schema replication. - Ticket 48597 - Deadlock when rebuilding the group of authorized replication managers - Ticket 48662 - db2index with no attribute args fail. - Ticket 48710 - auto-dn-suffix unrecognized option - Ticket 48769 - Fix white space in extendedop.c - Ticket 48769 - RFE: Be_txn extended operation plugin type - Ticket 48770 - Improve extended op plugin handling - Ticket 48775 - If nsSSL3 is on, even if SSL v3 is not really enabled, a confusing message is logged. - Ticket 48779 - Remove startpidfile check in start-dirsrv - Ticket 48781 - Vague error message: setup_ol_tls_conn - failed: unable to create new TLS context - Ticket 48782 - Make sure that when LDAP_OPT_X_TLS_NEWCTX is set, the value is set to zero. - Ticket 48783 - Fix ns-accountstatus.pl syntax error - Ticket 48784 - CI test: added test cases for ticket 48784 - Ticket 48784 - Make the SSL version set to the client library configurable. - Ticket 48798 - Enable DS to offer weaker DH params in NSS - Ticket 48799 - objectclass values could be dropped on the consumer - Ticket 48800 - Cleaning up error buffers - Ticket 48801 - ASAN errors during tests - Ticket 48802 - Compilation warnings from clang - Ticket 48808 - Add test case - Ticket 48808 - Paged results search returns the blank list of entries - Ticket 48813 - password history is not updated when an admin resets the password - Ticket 48815 - ns-accountstatus.sh does handle DN’s with single quotes - Ticket 48818 - In docker, no one can hear your process hang. - Ticket 48822 - (389-ds-base-1.3.5) Fixing coverity issues. - Ticket 48824 - Cleanup rpm.mk and 389 specfile - enable nunc-stans- should also define the username- fix building systemd stuff - create user and home directory for it- limit gcc_security to TW. it enables compiler options not supported on leap e.g.- enable more gcc security features - enable selinux - fix the systemd options to actually pass some variable and also set the tmpfiles path- update to 1.3.5.1 - Ticket 47982 - improve timestamp resolution in logs - Ticket 48759 - no plugin calls in tombstone purging - Ticket 48665 - Prevent sefault in ldbm_instance_modify_config_entry - Ticket 48757 - License tag does not match actual license of code - Ticket 48746 - Crash when indexing an attribute with a matching rule - Ticket 48497 - extended search without MR indexed attribute prevents later indexing with that MR - Ticket 48368 - Resolve the py.test conflicts with the create_test.py issue - Ticket 48748 - Fix memory_leaks test suite teardown failure - Ticket 48383 - import tasks with dynamic buffer sizes - Ticket 48420 - change severity of some messages related to "keep alive" entries - Ticket 48386 - Clean up dsktune code - Ticket 48537 - undefined reference to `abstraction_increment' - Ticket 48747 - dirsrv service fails to start when nsslapd-listenhost is configured - changes from 1.3.5.0 - Ticket 132 - Makefile.am must include header files and template scripts - Ticket 142 - [RFE] Default password syntax settings don't work with fine-grained policies - Ticket 548 - RFE: Allow AD password sync to update shadowLastChange - Ticket 47788 - Only check postop result if its a replication operation - Ticket 47840 - add configure option to disable instance specific scripts - Ticket 47968 - [RFE] Send logs to journald - Ticket 47977 - [RFE] Implement sd_notify mechanism - Ticket 48016 - search, matching rules and filter error "unsupported type 0xA9" - Ticket 48144 - Add /usr/sbin/status-dirsrv script to get the status of the directory server instance. - Ticket 48145 - RFE Add log file for rejected changes - Ticket 48147 - Unable to enable DS service for auto start - Ticket 48151 - Improve CleanAllRUV task logging - Ticket 48218 - cleanAllRUV - modify the existing "force" option to bypass the "replica online" checks - Ticket 48244 - No validation check for the value for nsslapd-db-locks. - Ticket 48257 - Fix coverity issues - 08/24/2015 - Ticket 48263 - allow plugins to detect tombstone operations - Ticket 48269 - RFE: need an easy way to detect locked accounts locked by inactivity. - Ticket 48270 - fail to index an attribute with a specific matching rule/48269 - Ticket 48280 - enable logging of internal ops in the audit log - Ticket 48285 - The dirsrv user/group should be created in rpm %pre, and ideally with fixed uid/gid - Ticket 48289 - 389-ds-base: ldclt-bin killed by SIGSEGV - Ticket 48290 - No man page entry for - option '-u' of dbgen.pl for adding group entries with uniquemembers - Ticket 48294 - Linked Attributes plug-in - won't update links after MODRDN operation - Ticket 48295 - Entry cache is not rolled back -- Linked Attributes plug-in - wrong behaviour when adding valid and broken links - Ticket 48311 - nunc-stans: Attempt to release connection that is not acquired - Ticket 48317 - SELinux port labeling retry attempts are excessive - Ticket 48326 - [RFE] it could be nice to have nsslapd-maxbersize default to bigger than 2Mb - Ticket 48350 - configure.ac add options for debbuging and security analysis / hardening. - Ticket 48351 - Fix buffer overflow error when reading url with len 0 - Ticket 48363 - Support for rfc3673 '+' to return operational attributes - Ticket 48369 - [RFE] response control for password age should be sent by default by RHDS - Ticket 48384 - Server startup should warn about values consuming too much ram - Ticket 48387 - ASAN invalid read in cos_cache.c - Ticket 48394 - lower password history minimum to 1 - Ticket 48395 - ASAN - Use after free in uiduniq 7bit.c - Ticket 48398 - Coverity defect 13352 - Resource leak in auditlog.c - Ticket 48400 - ldclt - segmentation fault error while binding - Ticket 48445 - keep alive entries can break replication - Ticket 48446 - logconv.pl displays negative operation speeds - Ticket 48566 - acl.c attrFilterArray maybe uninitialised. - Ticket 48662 - db2index with no attribute args fail.- Update to new upstream release 1.3.4.8 * Various bugs are fixed- Update to new upstream release 1.3.4.5 * Various bugs are fixed- Upgrade from 1.3.3.13 to 1.3.4.4 with accumulated bugfixes.- Update to new upstream release 1.3.3.13 - Removed 389-ds-1.3.3.11-CVE-2015-3230.patch (included upstream)- Update to new upstream release 1.3.3.11 - Added 389-ds-1.3.3.11-CVE-2015-3230.patch: nsSSL3Ciphers preference not enforced on server side [boo#934934] [CVE-2015-3230]- Update to new upstream release 1.3.3.10 * One important security bug was fixed: Bug 1216203 - CVE-2015-1854 389ds-base: access control bypass with modrdn- Simplify filelist- Move bin/ and sbin/ to /usr/lib/389-ds/bin resp. sbin/ - Removed conflict with atheme- Update to new upstream release 1.3.3.9 * Several bugs are fixed including 2 security bugs Bug 1199675 - CVE-2014-8112 CVE-2014-8105 389-ds-base: various flaws [fedora-all] Ticket 47431 - Duplicate values for the attribute nsslapd-pluginarg are not handled correctly Ticket 47451 - dynamic plugins - fix crash caused by invalid plugin config Ticket 47728 - compilation failed with ' incomplete struct/union/enum' if not set USE_POSIX_RWLOCKS Ticket 47742 - 64bit problem on big endian: auth method not supported Ticket 47801 - RHDS keeps on logging write_changelog_and_ruv: failed to update RUV for unknown Ticket 47828 - DNA scope: allow to exlude some subtrees Ticket 47836 - Do not return '0' as empty fallback value of nsds5replicalastupdatestart and nsds5replicalastupdatestart Ticket 47901 - After total init, nsds5replicaLastInitStatus can report an erroneous error status (like 'Referral') Ticket 47936 - Create a global lock to serialize write operations over several backends Ticket 47957 - Make ReplicaWaitForAsyncResults configurable Ticket 48001 - ns-activate.pl fails to activate account if it was disabled on AD Ticket 48003 - add template scripts Ticket 48003 - build "suite" framework Ticket 48005 - ns-slapd crash in shutdown phase Ticket 48021 - nsDS5ReplicaBindDNGroup checkinterval not working properly Ticket 48027 - revise the rootdn plugin configuration validation Ticket 48030 - spec file should run "systemctl stop" against each running instance instead of dirsrv.target Ticket 48048 - Fix coverity issues - 2015/2/24 Ticket 48048 - Fix coverity issues - 2015/3/1 Ticket 48109 - substring index with nssubstrbegin: 1 is not being used with filters like (attr=x*)- Conflicts with atheme -- /usr/sbin/dbverify- Update to new upstream release 1.3.3.5 * Several bugs are fixed.python-lib389python3-lib389h01-ch3a 1717150352  !"#$%&'((*+,-./0123446689:;<=>?@ABCDEFGHIJKLMNNPQRSTUVWXYZ[\]^_`abbdeffhijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456788:;<=>?@ABBDEFGHIJKLMNOPQRSTUVVXYZ[\\^_``bcddfghijkllnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0023456789:;<=>?@ABCDEFGHIJKLMMOPQRSTUVWXYZ[\]^_`aacdefghijklmnopqrstuvwwyz{|}~2.2.8~git65.347aae6-150600.8.3.12.2.8~git65.347aae6-150600.8.3.12.2.8~git65.347aae6-150600.8.3.12.2.8~git65.347aae6-150600.8.3.12.2.8~git65.347aae6-150600.8.3.1    !!!!!!!!!!!! ""######""$$%%%%%%%%$$$&&''''''''''&&&&(((()*+,----dirsrvdscontainerlib389lib389-1.4.0.1-py3.6.egg-infoPKG-INFOSOURCES.txtdependency_links.txtrequires.txttop_level.txt__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pyc_constants.cpython-36.opt-1.pyc_constants.cpython-36.pyc_controls.cpython-36.opt-1.pyc_controls.cpython-36.pyc_entry.cpython-36.opt-1.pyc_entry.cpython-36.pyc_ldifconn.cpython-36.opt-1.pyc_ldifconn.cpython-36.pyc_mapped_object.cpython-36.opt-1.pyc_mapped_object.cpython-36.pyc_mapped_object_lint.cpython-36.opt-1.pyc_mapped_object_lint.cpython-36.pyc_replication.cpython-36.opt-1.pyc_replication.cpython-36.pycaci.cpython-36.opt-1.pycaci.cpython-36.pycagreement.cpython-36.opt-1.pycagreement.cpython-36.pycbackend.cpython-36.opt-1.pycbackend.cpython-36.pycchaining.cpython-36.opt-1.pycchaining.cpython-36.pycconfig.cpython-36.opt-1.pycconfig.cpython-36.pycconflicts.cpython-36.opt-1.pycconflicts.cpython-36.pyccos.cpython-36.opt-1.pyccos.cpython-36.pycdbgen.cpython-36.opt-1.pycdbgen.cpython-36.pycdirsrv_log.cpython-36.opt-1.pycdirsrv_log.cpython-36.pycds_instance.cpython-36.opt-1.pycds_instance.cpython-36.pycdseldif.cpython-36.opt-1.pycdseldif.cpython-36.pycencrypted_attributes.cpython-36.opt-1.pycencrypted_attributes.cpython-36.pycexceptions.cpython-36.opt-1.pycexceptions.cpython-36.pycextended_operations.cpython-36.opt-1.pycextended_operations.cpython-36.pycextensibleobject.cpython-36.opt-1.pycextensibleobject.cpython-36.pycindex.cpython-36.opt-1.pycindex.cpython-36.pycldap_objs.cpython-36.opt-1.pycldap_objs.cpython-36.pycldapi.cpython-36.opt-1.pycldapi.cpython-36.pycldclt.cpython-36.opt-1.pycldclt.cpython-36.pyclint.cpython-36.opt-1.pyclint.cpython-36.pycmappingTree.cpython-36.opt-1.pycmappingTree.cpython-36.pycmit_krb5.cpython-36.opt-1.pycmit_krb5.cpython-36.pycmonitor.cpython-36.opt-1.pycmonitor.cpython-36.pycnss_ssl.cpython-36.opt-1.pycnss_ssl.cpython-36.pycpasswd.cpython-36.opt-1.pycpasswd.cpython-36.pycpassword_plugins.cpython-36.opt-1.pycpassword_plugins.cpython-36.pycpaths.cpython-36.opt-1.pycpaths.cpython-36.pycperftools.cpython-36.opt-1.pycperftools.cpython-36.pycplugins.cpython-36.opt-1.pycplugins.cpython-36.pycproperties.cpython-36.opt-1.pycproperties.cpython-36.pycpwpolicy.cpython-36.opt-1.pycpwpolicy.cpython-36.pycreferral.cpython-36.opt-1.pycreferral.cpython-36.pycreplica.cpython-36.opt-1.pycreplica.cpython-36.pycrepltools.cpython-36.opt-1.pycrepltools.cpython-36.pycrewriters.cpython-36.opt-1.pycrewriters.cpython-36.pycrootdse.cpython-36.opt-1.pycrootdse.cpython-36.pycsasl.cpython-36.opt-1.pycsasl.cpython-36.pycsaslmap.cpython-36.opt-1.pycsaslmap.cpython-36.pycschema.cpython-36.opt-1.pycschema.cpython-36.pycsuffix.cpython-36.opt-1.pycsuffix.cpython-36.pyctasks.cpython-36.opt-1.pyctasks.cpython-36.pyctombstone.cpython-36.opt-1.pyctombstone.cpython-36.pyctools.cpython-36.opt-1.pyctools.cpython-36.pyctopologies.cpython-36.opt-1.pyctopologies.cpython-36.pyctunables.cpython-36.opt-1.pyctunables.cpython-36.pycutils.cpython-36.opt-1.pycutils.cpython-36.pyc_constants.py_controls.py_entry.py_ldifconn.py_mapped_object.py_mapped_object_lint.py_replication.pyaci.pyagreement.pybackend.pychaining.pycli_base__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycdsrc.cpython-36.opt-1.pycdsrc.cpython-36.pycdsrc.pycli_conf__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycbackend.cpython-36.opt-1.pycbackend.cpython-36.pycbackup.cpython-36.opt-1.pycbackup.cpython-36.pycchaining.cpython-36.opt-1.pycchaining.cpython-36.pycconfig.cpython-36.opt-1.pycconfig.cpython-36.pycconflicts.cpython-36.opt-1.pycconflicts.cpython-36.pycdirectory_manager.cpython-36.opt-1.pycdirectory_manager.cpython-36.pycmonitor.cpython-36.opt-1.pycmonitor.cpython-36.pycplugin.cpython-36.opt-1.pycplugin.cpython-36.pycpwpolicy.cpython-36.opt-1.pycpwpolicy.cpython-36.pycreplication.cpython-36.opt-1.pycreplication.cpython-36.pycsaslmappings.cpython-36.opt-1.pycsaslmappings.cpython-36.pycschema.cpython-36.opt-1.pycschema.cpython-36.pycsecurity.cpython-36.opt-1.pycsecurity.cpython-36.pycbackend.pybackup.pychaining.pyconfig.pyconflicts.pydirectory_manager.pymonitor.pyplugin.pyplugins__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycaccountpolicy.cpython-36.opt-1.pycaccountpolicy.cpython-36.pycattruniq.cpython-36.opt-1.pycattruniq.cpython-36.pycautomember.cpython-36.opt-1.pycautomember.cpython-36.pyccontentsync.cpython-36.opt-1.pyccontentsync.cpython-36.pycdna.cpython-36.opt-1.pycdna.cpython-36.pycentryuuid.cpython-36.opt-1.pycentryuuid.cpython-36.pycldappassthrough.cpython-36.opt-1.pycldappassthrough.cpython-36.pyclinkedattr.cpython-36.opt-1.pyclinkedattr.cpython-36.pycmanagedentries.cpython-36.opt-1.pycmanagedentries.cpython-36.pycmemberof.cpython-36.opt-1.pycmemberof.cpython-36.pycpampassthrough.cpython-36.opt-1.pycpampassthrough.cpython-36.pycposix_winsync.cpython-36.opt-1.pycposix_winsync.cpython-36.pycreferint.cpython-36.opt-1.pycreferint.cpython-36.pycretrochangelog.cpython-36.opt-1.pycretrochangelog.cpython-36.pycrootdn_ac.cpython-36.opt-1.pycrootdn_ac.cpython-36.pycusn.cpython-36.opt-1.pycusn.cpython-36.pycaccountpolicy.pyattruniq.pyautomember.pycontentsync.pydna.pyentryuuid.pyldappassthrough.pylinkedattr.pymanagedentries.pymemberof.pypampassthrough.pyposix_winsync.pyreferint.pyretrochangelog.pyrootdn_ac.pyusn.pypwpolicy.pyreplication.pysaslmappings.pyschema.pysecurity.pycli_ctl__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pyccockpit.cpython-36.opt-1.pyccockpit.cpython-36.pycdbgen.cpython-36.opt-1.pycdbgen.cpython-36.pycdblib.cpython-36.opt-1.pycdblib.cpython-36.pycdbtasks.cpython-36.opt-1.pycdbtasks.cpython-36.pycdsrc.cpython-36.opt-1.pycdsrc.cpython-36.pychealth.cpython-36.opt-1.pychealth.cpython-36.pycinstance.cpython-36.opt-1.pycinstance.cpython-36.pycnsstate.cpython-36.opt-1.pycnsstate.cpython-36.pyctls.cpython-36.opt-1.pyctls.cpython-36.pyccockpit.pydbgen.pydblib.pydbtasks.pydsrc.pyhealth.pyinstance.pynsstate.pytls.pycli_idm__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycaccount.cpython-36.opt-1.pycaccount.cpython-36.pycclient_config.cpython-36.opt-1.pycclient_config.cpython-36.pycgroup.cpython-36.opt-1.pycgroup.cpython-36.pycinitialise.cpython-36.opt-1.pycinitialise.cpython-36.pycorganizationalunit.cpython-36.opt-1.pycorganizationalunit.cpython-36.pycposixgroup.cpython-36.opt-1.pycposixgroup.cpython-36.pycrole.cpython-36.opt-1.pycrole.cpython-36.pycservice.cpython-36.opt-1.pycservice.cpython-36.pycuniquegroup.cpython-36.opt-1.pycuniquegroup.cpython-36.pycuser.cpython-36.opt-1.pycuser.cpython-36.pycaccount.pyclient_config.pygroup.pyinitialise.pyorganizationalunit.pyposixgroup.pyrole.pyservice.pyuniquegroup.pyuser.pyclitools__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycconfig.pyconfigurations__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycconfig.cpython-36.opt-1.pycconfig.cpython-36.pycconfig_001003006.cpython-36.opt-1.pycconfig_001003006.cpython-36.pycconfig_001004000.cpython-36.opt-1.pycconfig_001004000.cpython-36.pycconfig_001004002.cpython-36.opt-1.pycconfig_001004002.cpython-36.pycsample.cpython-36.opt-1.pycsample.cpython-36.pycconfig.pyconfig_001003006.pyconfig_001004000.pyconfig_001004002.pysample.pyconflicts.pycos.pydbgen.pydirsrv_log.pyds_instance.pydseldif.pyencrypted_attributes.pyexceptions.pyextended_operations.pyextensibleobject.pyidm__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycaccount.cpython-36.opt-1.pycaccount.cpython-36.pyccountry.cpython-36.opt-1.pyccountry.cpython-36.pycdirectorymanager.cpython-36.opt-1.pycdirectorymanager.cpython-36.pycdomain.cpython-36.opt-1.pycdomain.cpython-36.pycgroup.cpython-36.opt-1.pycgroup.cpython-36.pycipadomain.cpython-36.opt-1.pycipadomain.cpython-36.pycnscontainer.cpython-36.opt-1.pycnscontainer.cpython-36.pycorganization.cpython-36.opt-1.pycorganization.cpython-36.pycorganizationalrole.cpython-36.opt-1.pycorganizationalrole.cpython-36.pycorganizationalunit.cpython-36.opt-1.pycorganizationalunit.cpython-36.pycposixgroup.cpython-36.opt-1.pycposixgroup.cpython-36.pycrole.cpython-36.opt-1.pycrole.cpython-36.pycservices.cpython-36.opt-1.pycservices.cpython-36.pycuser.cpython-36.opt-1.pycuser.cpython-36.pycaccount.pycountry.pydirectorymanager.pydomain.pygroup.pyipadomain.pynscontainer.pyorganization.pyorganizationalrole.pyorganizationalunit.pyposixgroup.pyrole.pyservices.pyuser.pyindex.pyinstance__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycoptions.cpython-36.opt-1.pycoptions.cpython-36.pycremove.cpython-36.opt-1.pycremove.cpython-36.pycsetup.cpython-36.opt-1.pycsetup.cpython-36.pycoptions.pyremove.pysetup.pyldap_objs.pyldapi.pyldclt.pylint.pymappingTree.pymigrate__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycldif.cpython-36.opt-1.pycldif.cpython-36.pycplan.cpython-36.opt-1.pycplan.cpython-36.pycldif.pyopenldap__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycconfig.cpython-36.opt-1.pycconfig.cpython-36.pycschema.cpython-36.opt-1.pycschema.cpython-36.pycconfig.pyschema.pyplan.pymit_krb5.pymonitor.pynss_ssl.pypasswd.pypassword_plugins.pypaths.pyperftools.pyplugins.pyproperties.pypwpolicy.pyreferral.pyreplica.pyrepltools.pyrewriters.pyrootdse.pysasl.pysaslmap.pyschema.pysuffix.pytasks.pytests__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycaci_parse_test.cpython-36.opt-1.pycaci_parse_test.cpython-36.pycaci_test.cpython-36.opt-1.pycaci_test.cpython-36.pycagreement_test.cpython-36.opt-1.pycagreement_test.cpython-36.pycbackend_test.cpython-36.opt-1.pycbackend_test.cpython-36.pycconfig.cpython-36.opt-1.pycconfig.cpython-36.pycconfig_test.cpython-36.opt-1.pycconfig_test.cpython-36.pycconftest.cpython-36.opt-1.pycconftest.cpython-36.pycdereference_test.cpython-36.opt-1.pycdereference_test.cpython-36.pycdirsrv_log_test.cpython-36.opt-1.pycdirsrv_log_test.cpython-36.pycdirsrv_test.cpython-36.opt-1.pycdirsrv_test.cpython-36.pycdseldif_test.cpython-36.opt-1.pycdseldif_test.cpython-36.pycdsversion_test.cpython-36.opt-1.pycdsversion_test.cpython-36.pyceffective_rights_test.cpython-36.opt-1.pyceffective_rights_test.cpython-36.pycentry_test.cpython-36.opt-1.pycentry_test.cpython-36.pychealthcheck_test.cpython-36.opt-1.pychealthcheck_test.cpython-36.pycindex_test.cpython-36.opt-1.pycindex_test.cpython-36.pycldclt_test.cpython-36.opt-1.pycldclt_test.cpython-36.pycmapped_object_lint_test.cpython-36.opt-1.pycmapped_object_lint_test.cpython-36.pycmapped_object_test.cpython-36.opt-1.pycmapped_object_test.cpython-36.pycmappingtree_test.cpython-36.opt-1.pycmappingtree_test.cpython-36.pycnss_ssl_test.cpython-36.opt-1.pycnss_ssl_test.cpython-36.pycpaths_test.cpython-36.opt-1.pycpaths_test.cpython-36.pycplugin_test.cpython-36.opt-1.pycplugin_test.cpython-36.pycreferral_test.cpython-36.opt-1.pycreferral_test.cpython-36.pycreplica_test.cpython-36.opt-1.pycreplica_test.cpython-36.pycschema_test.cpython-36.opt-1.pycschema_test.cpython-36.pycsuffix_test.cpython-36.opt-1.pycsuffix_test.cpython-36.pyctest_module_proxy.cpython-36.opt-1.pyctest_module_proxy.cpython-36.pyctls_external_test.cpython-36.opt-1.pyctls_external_test.cpython-36.pycutils_test.cpython-36.opt-1.pycutils_test.cpython-36.pycaci_parse_test.pyaci_test.pyagreement_test.pybackend_test.pycli__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycadm_instance_test.cpython-36.opt-1.pycadm_instance_test.cpython-36.pycconf_backend_test.cpython-36.opt-1.pycconf_backend_test.cpython-36.pycconf_backup_test.cpython-36.opt-1.pycconf_backup_test.cpython-36.pycconf_chaining_test.cpython-36.opt-1.pycconf_chaining_test.cpython-36.pycconf_conflicts_test.cpython-36.opt-1.pycconf_conflicts_test.cpython-36.pycconf_directory_manager_test.cpython-36.opt-1.pycconf_directory_manager_test.cpython-36.pycconf_plugin_test.cpython-36.opt-1.pycconf_plugin_test.cpython-36.pycconf_pwpolicy_test.cpython-36.opt-1.pycconf_pwpolicy_test.cpython-36.pycconf_schema_test.cpython-36.opt-1.pycconf_schema_test.cpython-36.pycctl_dbtasks_test.cpython-36.opt-1.pycctl_dbtasks_test.cpython-36.pycdsrc_test.cpython-36.opt-1.pycdsrc_test.cpython-36.pycidm_group_test.cpython-36.opt-1.pycidm_group_test.cpython-36.pycidm_user_modify_test.cpython-36.opt-1.pycidm_user_modify_test.cpython-36.pycidm_user_test.cpython-36.opt-1.pycidm_user_test.cpython-36.pycadm_instance_test.pyconf_backend_test.pyconf_backup_test.pyconf_chaining_test.pyconf_conflicts_test.pyconf_directory_manager_test.pyconf_plugin_test.pyconf_plugins__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycautomember_test.cpython-36.opt-1.pycautomember_test.cpython-36.pycmemberof_test.cpython-36.opt-1.pycmemberof_test.cpython-36.pycreferint_test.cpython-36.opt-1.pycreferint_test.cpython-36.pycrootdn_ac_test.cpython-36.opt-1.pycrootdn_ac_test.cpython-36.pycusn_test.cpython-36.opt-1.pycusn_test.cpython-36.pycautomember_test.pymemberof_test.pyreferint_test.pyrootdn_ac_test.pyusn_test.pyconf_pwpolicy_test.pyconf_schema_test.pyctl_dbtasks_test.pydsrc_test.pyidm_group_test.pyidm_user_modify_test.pyidm_user_test.pyconfig.pyconfig_test.pyconfigurations__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycconfig_001003006_test.cpython-36.opt-1.pycconfig_001003006_test.cpython-36.pycconfig_001004000_test.cpython-36.opt-1.pycconfig_001004000_test.cpython-36.pycconfig_001003006_test.pyconfig_001004000_test.pyconftest.pydereference_test.pydirsrv_log_test.pydirsrv_test.pydseldif_test.pydsversion_test.pyeffective_rights_test.pyentry_test.pyhealthcheck_test.pyidm__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycaccount_test.cpython-36.opt-1.pycaccount_test.cpython-36.pycservices_test.cpython-36.opt-1.pycservices_test.cpython-36.pycuser_and_group_test.cpython-36.opt-1.pycuser_and_group_test.cpython-36.pycaccount_test.pyservices_test.pyuser_and_group_test.pyindex_test.pyldclt_test.pymapped_object_lint_test.pymapped_object_test.pymappingtree_test.pynss_ssl_test.pypaths_test.pyplugin_test.pyplugins__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycmemberof_test.cpython-36.opt-1.pycmemberof_test.cpython-36.pycreferint_test.cpython-36.opt-1.pycreferint_test.cpython-36.pycusn_test.cpython-36.opt-1.pycusn_test.cpython-36.pycutils.cpython-36.opt-1.pycutils.cpython-36.pycmemberof_test.pyreferint_test.pyusn_test.pyutils.pyreferral_test.pyreplica_test.pyschema_test.pysuffix_test.pytest_module_proxy.pytls_external_test.pyutils_test.pytombstone.pytools.pytopologies.pytunables.pyutils.pydsconfdscreatedsctldsidmlib389README.mdlib389LICENSEdsconf.8.gzdscreate.8.gzdsctl.8.gzdsidm.8.gz/usr/lib//usr/lib/dirsrv//usr/lib/python3.6/site-packages//usr/lib/python3.6/site-packages/lib389-1.4.0.1-py3.6.egg-info//usr/lib/python3.6/site-packages/lib389//usr/lib/python3.6/site-packages/lib389/__pycache__//usr/lib/python3.6/site-packages/lib389/cli_base//usr/lib/python3.6/site-packages/lib389/cli_base/__pycache__//usr/lib/python3.6/site-packages/lib389/cli_conf//usr/lib/python3.6/site-packages/lib389/cli_conf/__pycache__//usr/lib/python3.6/site-packages/lib389/cli_conf/plugins//usr/lib/python3.6/site-packages/lib389/cli_conf/plugins/__pycache__//usr/lib/python3.6/site-packages/lib389/cli_ctl//usr/lib/python3.6/site-packages/lib389/cli_ctl/__pycache__//usr/lib/python3.6/site-packages/lib389/cli_idm//usr/lib/python3.6/site-packages/lib389/cli_idm/__pycache__//usr/lib/python3.6/site-packages/lib389/clitools//usr/lib/python3.6/site-packages/lib389/clitools/__pycache__//usr/lib/python3.6/site-packages/lib389/configurations//usr/lib/python3.6/site-packages/lib389/configurations/__pycache__//usr/lib/python3.6/site-packages/lib389/idm//usr/lib/python3.6/site-packages/lib389/idm/__pycache__//usr/lib/python3.6/site-packages/lib389/instance//usr/lib/python3.6/site-packages/lib389/instance/__pycache__//usr/lib/python3.6/site-packages/lib389/migrate//usr/lib/python3.6/site-packages/lib389/migrate/__pycache__//usr/lib/python3.6/site-packages/lib389/migrate/openldap//usr/lib/python3.6/site-packages/lib389/migrate/openldap/__pycache__//usr/lib/python3.6/site-packages/lib389/tests//usr/lib/python3.6/site-packages/lib389/tests/__pycache__//usr/lib/python3.6/site-packages/lib389/tests/cli//usr/lib/python3.6/site-packages/lib389/tests/cli/__pycache__//usr/lib/python3.6/site-packages/lib389/tests/cli/conf_plugins//usr/lib/python3.6/site-packages/lib389/tests/cli/conf_plugins/__pycache__//usr/lib/python3.6/site-packages/lib389/tests/configurations//usr/lib/python3.6/site-packages/lib389/tests/configurations/__pycache__//usr/lib/python3.6/site-packages/lib389/tests/idm//usr/lib/python3.6/site-packages/lib389/tests/idm/__pycache__//usr/lib/python3.6/site-packages/lib389/tests/plugins//usr/lib/python3.6/site-packages/lib389/tests/plugins/__pycache__//usr/sbin//usr/share/doc/packages//usr/share/doc/packages/lib389//usr/share/licenses//usr/share/licenses/lib389//usr/share/man/man8/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:34117/SUSE_SLE-15-SP6_Update/054f5fb460d587a5559b69f975347f36-389-ds.SUSE_SLE-15-SP6_Updatedrpmxz5x86_64-suse-linux directoryPython script, ASCII text executableASCII textpython 3.6 byte-compiledemptyPython script, UTF-8 Unicode text executablePython script, ASCII text executable, with very long linesAlgol 68 source, ASCII texttroff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRH%U Q2v< openldap2-clientpython3-policycoreutilspython3-selinuxutf-87c49e86134a376efdf712151d1aaefade759316d4ba658ed45bb870eee20fd34?7zXZ !t/]"k%ְxszTu<`Y95RoŠo8 FBF]o穞(sÕ  ZT.x֓Vb8`/3Q<(^*?Jnqpo#YL9/x 7*N8W Ck`!,j FC^9 N%40{I5ۃc) zV 0Pj;/e?=zcCöFey^/Ϡ(&~|ʲ}5+phM=؃pXrXO*|w<,[N Ei (/er[lPv;@R/HWtctZp=B^NVCˡl8R`Րr {A,%Qsߐ,DX I2,,^w.|x|$RdK[<^P C}yYm|lYJ*F~Ϛu(H37\ {,?fקh|KnR7:X}qʣsK5cqs.'2> {!hY}r6P7>E=KS>"evEhaUaKkf7جU}ujʀg!JMߛ/p:`qޱtT72 oz p`Wi:5~ C՟/^CT` %BV( (q()Ť?vp_oЉ8b}q_6j(vPL99|uF hU=nBI۩: "Lt-`V4<4=}@Pj^b]O#|rd;˞ɽK+!V:B]Hs1Gc/A6c` ꦝhf ar ) 8B#?zjĄȄ/ ³ sU=3]d[q^ܳ~`ׂ}J0iVyij ?ɔ!;x<ɚW$gO:B#O]VWP.}UA7>@tgpL蒆u`"fo U΍xjvmd+ں 8r%ut`)x^}[j(d'gJt{gעI_'GW&۽(m2Q;+kySt޿RZ`S7 >3~†kT]}̾ 6H儆Nc|_Q>yOGMjUN-? ~jYѱL 7AKO"`頽?q~l8NCwzڟ]/*78-ѨB:0?v_ Pi#)ZQ>PuC%H88C A]4oY!貣-M7zӔIkEΦۥao?mb  }ܠ5],pV=b;u-=pU᫽ZC]W<N7P2-}ЧjJ+^_\P"_/m !lYp{vEֆm\a.˖/t7P1%.8nN r La"T@73+Ne*b (Ak~I=_ yIs8g1߇Vg%bLj1H5rg?/~T)n5k﬘_ @) ]E˿zz# GY\>FY'bE_c̨ fq{ʒ5e fbQjW IonKwiu -XnU<[RvK3D (!x%%ƏU=$jL8@ZeK磶o\@RJU14P@5q3Lk:[Ly11rCWI9v+[Z`Gh῿03D&*y|r]{OƠM)|, G9bxĕ:'0lHsjUBRmX"b:^{,xR~"uO 3AFl_*8)];NGx߸4Z؇ M5̹;ʬ ^4;hAs,P\N h*={E2 >bϯh 1'2f^igw ԋҮpcDny,KK׺⨀&_F9yqR+B1 ?lMDs'.b?dL>+P[w)+%6'ݱ6% &)8`payKh?Z rhζ}WTl53upL˦ȴTnb7k7 ,HI+d@VޓBPٹ@Ͽ7 oA$[Hfw{ɵR\ڏȲĪ>͞L IxڜbɈ.F}Q Xa783s̸bߪg:Yπ$?:VA[g: ah$ 0Vtۚ9:__Qe|w^[M=IY1G DA", pg}sK,R>b`bϲ劙 px d}ۼp[#"y|8%I`w@[<2Z@Y:ay2$&S9_h;i/]8~7➝!d!Ji<*v; Q['፥bw!)AW$9ݕSy6OlZ̥} ^jG .΀$K 4dXOAQ 4ylp R#燕Gx@RڞTy{|2ۿPԵ4<4zJUx E#sߊơ1guBcɮp&cz ;g;:IO0]UjaX("w+BӏKXG}י#BMZ{O@(:z FN%?bK#i1U!k+j0PWJah/1ϊʳS{5BC"]]y"YD#O7P~FK蝯ߔ& :|'ӝlSN² zV^t@W1 5j;;Hu y1;K~&q|0ݤ6/z:mlOѰE ΢yp$_\:!VG0m:8jXe _]ɺ1-?!Wke_#ZpOE0dB,?6~v[0@Fk>\=m{9/'xrVE~νgvGgH(|v"vαZRIkK8=P(E'd((zܶ;CFQhh2qḱU0/i#U:;Ӗt-xP^ 質--f\YRdpgJ'E ]١>侒yb89n i1LFC# /,{?v7[q()%Ul201I'Zr\z, М񊢐Uؐ5% 5fUc kO AAG莆1E(7 2$ЖY{^91cyq[$%MgZ;C'4jQWVĠ%gHayn@Y9Ca*D P#4|XSbYZ:nA<{ߒ?mŒ\S씮ȝ-"iIDvA-7Պ\N )X9` .4^+p+X\ve h4i<Tnp,lUr, fۀ[DSe|<nDoX_p0A/ڔ)FTwa[0"ن,a{T ox ,P[(1囔s}|nQ[.-q^X\.g"L5_Rq?m[=ɂjr==|뿠 `3e؝C& Ùw 喬;-=)U.] eׇю P S^1&ʼn[htnfhk( k-JMw o; O䓰849EGшR9:Ӓ&guJ0zA?n]]5qg?'Ӥ5JC2 <}GD cZ|T/k}IokaZ~+⦂ӏ "49O2dݵ~C]OA N\;Cۓ#< 2@i4^7txo˚_oWnX%HILp"-WGb5u|+-r1__D206z} X/fT\ oLՑ:7{$`Wfbt@i׉|2QKY^#+s)GPFmKτČnp4P}?~7p5l;b?eRrxXhhˤ=g2z%3ՅWcSx)}"jʬDv#Wp p ^0UxII 6{3)'.dEM-(κ_z6twWSX\' s$nW3cNb!蓙w8E cC I 5w˕GdQl8JF>y/ ?-6Pudt$tT7Q[zy̚$?e + ?֔u%ǧٚ]Һ _? Ϡ8/ NȎo7q&=nK <[ewD5QoO^G"X4%*$\STIWX 9diWw˞;Vt TnVX ڠ،XUEew:H]ADXF@dj46]&ko^7ʁ"xjmQv:~zu!@"+@X`4ȻVAhM"ְ5V8չK?|5ykM) `{ǡ]ٍM wX*WM ,3iMhBz820ICF"#k.sz&#j*h1藢D ~SX L|{/G>Njz9"1hn#a!ŧar~m-EƠvv4`(FBȲ) f&HY Dm6/>/[cN,8ΉJQDOl_"ׅe9RO=ى)mT9"~z|I4ȤgH+]q^'a1׋T yU:29_K~E'9!Zr DmF!XΓ'^Ç$k(MY 6#\fwc)'JӪ .~/c.QV5FKxz_A&퉠U#Y n8(Q=?A>C++ե+͕\|FL{/Kc Ln!tʣֵ)tM+,`{3~e994fy;}{N>X2 ~ vЮjdRN>`lWUw#qs/3Vu;TWmj=oT% ]NTb/}i,7DkIYvݳ~:5$w OIFZ1frˏr.֒+;i$o=˲yknrٛY8FIH8a N^4iАAhV8I I)^q`߇b=? 'hLb4rCV2>A]%}(u$T`*.5k%"sPl=dzƦ^@MMd(ȭÔ/\ڛ7T QP?.Qm/3>TV+vkD8xS a KtGڂ7[  ~Ot --9TM-r~j@6@;[;' ۦwPV]*ၐ%A.^%% Y93&uYOyv%݆r6FMPp3˫[q)gNv4.#GQuT ؝xEύ6Dž9- rCKaʦ's ̌B`k}Ѐe[ppuF=ytccT89ŧoH4TJS4Vx16eu2"7MēO_+@s-n>EcgClsHǥbfgM=.@Q}Ђ"[Y 4GRFu`A PF;_+ 8jJ k;&F /6E+gQ1ڐ\zӤЈ?ꋮ#8CYSTa>𶻨B4}Ol=P!xd%Õ3އUڧ@< bRT=9feӻ-JK~dDN27 CӅf:Nq&ExlO,E6EVMNT6g3WE.F KK% %6==&{7yTY_5`_e}r$eWH;zE"˱qI#>,h즄T^ihRy."%śGA:wB,#l堨켙(L[F IwXLY_HhP.#|uK VhoQ1&B%fI// ?fUVCh{{6{vJ] [l#ˬ 3h%}+QBkuҙFALK+1Y嘊y={TSi!:u?KUum YɦK; ֭-7E1\&C5 U-zWhѿ2T858Z[ p0`8u+P4) */wIx&avi[AX̀.c }@titӒoG|12&;l?!KuWr@D=i]bkhV<':hwR' Dew|Y'vr_ w/ {dEu $,ęa/0洼)`WHNQyjλpr"~݄"VUcR9A ϛB5$խ |JIE#.+ҐzV&)Ht?36xYQ9ndbHQDKhA7;X!Zu1_ӧ[4iiP ڏk,#*g`mX}HC@>qrpBb;wb (^Ҋ>?h@+~2:n<+^ȫme$B˶Ax7|x#cn5: ){yUt̮.Ta%}3NͻWB앝l%i0T{Gs8X6pQd5D}{~ՙiY 7 R \LM7vvE;WluaùW,#3՜_ҙdjM] ExfKCQ] M6MVu.vHoU$K0r(䱭DP|>t'X睘KՃ kVJ/'TU%/lrM߶8RR/྽nFDQ?le{ Z`..c(o`jn۞R6[R循^<& EM&4xiֶO a^h]hVϼvmHvWQUw#lbya42˽vQ9,U*`*OHi1tw̛n2*TVtBݱ(Y"Yǝh8u!CK0i%| 񲣀 ym j]{d:n hmP\q޴՛i71/: b!q*Y6zS%,BSCnk4%`Sa$a 8+蠼½9RtW10H 8UdSfٞ u2?KZcƎG4$]ybx9.+>￞*01W1^O|"Mtc}ta\K^h7VTWhh}RՆ'qO* 3Ojh:F"PQ`?1JsV8ECJ zi2a^C =5Kgoaφ>Ᏻ@DDx3\&8^t#MFƭ|kMΑ_?% }:7#Z[B:vp̵$T)'D0Qw^JeTJ|hbt\^~28(}t$gxOC9{7gGg$# B[Pe}' %^d6"M0G%`N3Y CA(#1\t9OzF!{ H9#DmI\yRo?F=~}N#TB?mt[M:"/ k;hbU)KԔ /إf&˝"x ]0xy[oQ}ek?]"'s`DZ)NFB[=Oj|m"aW^՞CP+Ͳ{h ꅏԔ?iX ]NOZea8,t@,e3&gL y#*wH:[+۬ Kl,@R>Y^ 8F l_ t?pLV{7mol[z:d/  B}\kO%cr2Kk:E]\C$ajX䳔34iR6 ! .Й,A?\q:9K0(OjhS;v\>| r$|L66I>l\<8%\lmjKd荞WFܛ -=}}& g}؜#ԅɞŌ\0ҰEnSɾ,xzzf8r:B0oVf% 7ڱl-&&o7aX3+c̑"qB8Ro qv|4m\!=nS8o/Wϓ=KV"Yi3<ɍ˭GTFd{dr)3yHO5?/vq(rk땭E`-‚-A!l@V(-34NMkk#d ,',x dв64sl/Fcq ~|jzHCNdxu =J}Yᣨ gѬijthK{dZOPrhN:|AئN sjK9(LW@#sZzgX])B?^щ?L/K%:(kՂ`!!500}f_SlhF3y#͗/{EAcqF83"/@8$N{F4`/*ow)3hM>ьrPJfW;G75M?~!)]Gq|D􋸦A DGZ7 5cՒ ؛>U/d!h~ǒ$ دFûÍ<~0?cL?C(5֖[2`9;4 ew$ &ky`m&p*ЋgD|X}cf)JyG ,?tUJpKWjR$u(bB[ZlBE DX)h-:sX˺WncQB3d{C݆{1Tc#wz3,IbmkAHn\!HQޞԵ68'M$G9)3=pBE\~/y7 RkesCdL-ZĎm76" :YQBb[h+8{?2*o<>zh|h7MtM6J0M>"|5'%0I0: cK;Jy;QOyhf4jglUv=fo|mg[N3KcqfD6@*_TW,ii&beV&-J{Ԫ&< *S|L\lb oM_|ghc{ߗ& !*NP($:l"Z< E| ( >e`UnՀ4ޕihp!lR%,a>mDIW'\O?^"o%%ӳ@.!Ak#$Y`Sv*qp*^ZB&Dz V_,QZN80u(F)LhLm2٥`ypdm [$`cRП>WHmm|TZq z1FpأFj, 2HS#?+>e5ݩ89+}?H*R[-&#\l?JrwّI]M#IP4RAu`"ħ>Mlq9՚L+O#{;8;QSB<Ԑߖf>XQN|El7y"TWq4!jZ\Nn$T޽:ÇЬ4ʱ5_v0bxfDNޕv_ .\i FD)!y Oobr)'yOJ§2`ژ x W6ye+ t_}\?쁾Mt*>!pjgE6 {X?i989G{zH&Ɵ2{XCuf1½?A(BqpP¦\\*@ZOek0TgX=wߓjCm1Hy9$P )g`ÿyP)Q$n e=k:Ew8Y 2('; k)LB>'uL!ρ0O_y #mgHlxB J"D dE̕Cx)_>+O8&MtٝZ`ɨ̔=0Џh.՘b]UGcMA+waK[&kvЯ_9aʈ~Hc;kq_ex@%z|m㵕 X1JʀEb6 o`izԛlFyAD߰y椘t׫T7L41AD)gROxN<Pv[(3<&GUC?aOrˢO&{Fd4V?%3ncrZd(p:m&] RF,M盏PpTܖͷzG8I}f"B4b"ҨM*x` 3 ܁ L_Eq 4w^ll`%ZB~0ZPE/kE}5 5l;=LzI#LxfQDyL1;p./Υri5|m Ph d٨'10WV?g*n^a +dsw^ľmdܑ :Xk?cGwK˝F ; 8  /A-VjC&`F& |^`.6bO:An9gP%%$m2vK([ve-C}"-&b[.%QuǏ)VƟ>>."IhbLAX?f.$D9gJtnrwזT 8"ŦQA^VE+̂ i'_~Es m.Iip"3Ew9Y H|;j>U瘹y8gnvy}#=[bjȫMʼn]Bl?Ղʤimӓe-6+t9_5tijv<3L ḑ>Q9+2!%=LXa}. `0G[1@$:HA]N$[W].' Lvpٸzʝ3kfnV;.!L2Ku_Y^lg du-qH 4#4MهKk=NBPԤ@?+dϸIF* zq[*T'QpL^"3?PG`{] s=K Y0#_;M#=[ c5^GiY#'1<Ğc-!Dt*d*1^{ir9l,0k+kR]/]= #7X C3Wu҈2}47\B~;(QHWC̒B兊1N% j8 PǞ~N#5{5 [j +kJ(xN0h0@Or+xu`1}4fcz@l/n+b33 fkAyf9Sx\.@t(?ޥC|`6S3'p ҞORRf˚~n12Jsvif+q^zWV͍Okq*T%u΂',za*xX~<`0pάWEMf$:X&,P~z$33BEqEwo, n TY =_u}n(a ](yX'@[J|3+g+SK7`P9uNvfp\yCG!b&w˦5g[}N׻\bjQE]_yG$RCجT7jퟴJLZ#PҚ|c6eԷ9X47^>١{X'$JݯRo<0 LepT޿:8Z!I[[_>Z/ CE!jZiӊ40m퀶&;D-Tܝ:tGc_0| tܐnuR \MwcqY?}eRCW{:HkﱥK$,id IZ}L~P ͎} =2bSя%5PĘ[쉙Y*#Ӡ"NaHse}~#4{ՍIUBdnE9"5+NHysk6 o (e^ɵ BT3%%&/~1(#?X[8\? lDdj*K4SuV%~u=4ђ^9PSf$0N: |o0Ÿ{ȲoψS<oV.͡+O0x#ekSpP1*7#-%BWO/erZΩ˳rc?Mn{F P7dTaRJꁶsEebaxؐ"{[Mn2!2WM+~pُ%h8WsЀ>:^ .v/&s4"|扁=ƵY q 2ii߭;)I65b{IH}'bC`!GP^V<ŜY ~V< HKdd%c< .xw1P TVϞpOTbA%]Cr8"1ib*͖/U _ iF:82Y!N|A섎ο I̬䵕1(i;jYzEDE$2a15;~HjXl'67֊T씆9=sg b>:q|7G,֬?ɓ)mBaU`gd[ȇ+l1VjyΟ/v{*1 ^_ЮH8iYRʎ3mm+"K >*l=>Q#0OxhwٶC^F16 ^fqno] 7 IOZEB~BNN)GnH6H: PosAߕ)ßygr Ɓ㟣WxL2_ӊ;ҧL)} ]r%/- y\oN(ީ"t\kzfJEkfRb5DKI}zڙM O֡z4`'lcwV./Aё]c!g_"GL qO;/4'x1!1EzA B$̕.8SW-}T^n[&Z)Y+\e ɢ/.MQ@Bҩ8[3DI˩+Q1k`z9R8QV)N)_!,yjL;RٞC+YSzg.|^29+YɲOhԚ]6@ Z\i2_"N[q\X&TY8VU,VQ,%@$ƤEJya9;E^8Hׯě^9z@^f% {cLaI"(MSDB+NPKqPrih%L2 # q5x?ctϚ&>ku׫TaIY[K=н~\􉆦FvV]&,Jw4/RuL&AGU/#7fZ`sc r֤<4ja [ 8׋ LȪmB~qĦLQp^e8|,Ԡ1gG60)S&:tjlA.j0GTnniѫQdW"_ NW( hsUsv=e~KOI|tQ"8h*W+5bDy*f, ET#}RcoֺM1"Dif*7 )zkO%Xݭ%6a;As_@]]Z /S ?4?h>u+?^ቒF|ghÌ_/bpQM CߜGNj)4, w@^GjZ6ϊ$s?DA77o5U.T+bSeYT𔲭e E(7j߉5[LPdE=ŐIm ̛k *a25?RnjP'X=gLaWDChm 0z<{T¹93I}<ȸP$ n $nu!d?#A̗a~%Ww>5.})')Ԋץ}8o"^ %\Ä = $+ɇ\Y,p8 b"j 9|l| >FJ[]u& VR;~O/ O 5߶O򯞰H =nY֡9xՊH۽U~J/>4?JN:[%B7D]綨2ztMfmqz<@EwߌIUD(~SK8yÓ2R=.$bfDW mpww"1S_/xJALr~Pg|q<4`|jc'yշ}D?w}=Ca C^wO3NFl].4sSF{/KTn#gSxqk ^*dF==oh?ȝЍy bFحh4{JPCᇬ4"wsd/7Dz'FAdv<+KfzR# *RkJTr r K4y3Ean.>φOغCZ}*!]u|ШQ!@} Ed0拷a,MM <輦!Ӱ@YzkDJ<ڈYn3 ,~- `Oϛw|lVauH\ie- Dn(EW&t$&Z,'?:}[ݠN0%"3pz$;ljZ.~]9N&\@$/r*4n}M qC+pʟ#Vk̐iHBE>.4Nj`vBK-Hތ-q[A^<:5ǒ/˓IhF.ѕ, D yc 1FIf3FǶ3^-v;ƞ9f_Нß!&I?d 1Ex|7(zwYª]Y<"?ALhsN/o4 oFlA_}-kj(#A]|Ai Sp!͏%+%kW!Qq.M~gkuaE)Wf2{7z4 ,xz4˃;Q"ƣa`h1FwRü+4C;l(1ֳP y4Uq@WI/ ={>cI~veTtġ ܂+stL+X /Í"^Ւ0ɇθF0f\MDJVI$TA˧T1 b>Do[O@&g<%B!0f)~r43oP` `QVDob$6JfM1NחyY4Ji-'Lk >Έ &bu$$u`{_6;#jcNIi$BW"~VpCh^*l cGk]?37҂Y!if?eFw؝w^-ɗ{Un%Ay|#D(tڸ3c}e"" 0˭JдȞsa4ɼ4isl+xDBp֦&ޱ=<ޥ-ǑϺ$6|:&PӑbԈnrXUa]+@!͈=D_vy Z(ҷvD=e ]b; Չ=W:_b|?|9ZDckk aקo DG}s)Lr(@(olzűOC})F$9O{nŽ jNٽzr 0N;N|kCW+Z !=YZ7V٩a}lM7 `L3Њ430tI"&Aʀ{%[n-zL7jG ^o!kW z c'P8sZ^C4/DN.O q o^"BSfg/o>3YQlɠ;t[&b΀<f1EffEqK !mmG[PG2Qipm3BDgT>{Բ9=&nqPxQ/~Kmo;V 4H𿋯 wcՏ_JE0+Rt½zO#Qj5Q e0d>&haVyȼ.-ߢW.(9A_`L%Ѩ"jmP>W7, s9о}/lyVhDT %>s6_scT_dtF1ChaZ :<+q1aVQKhNxiNh߳0Ԧv u2l/Gg%?C{ BԺ`$WAKM'Vg@/YtW_pGF|d{β`5 }r Nbܙ֋{|1 mTo4^ FT]d_}AZ p~Cihh?|;sV-N>3zm-et|ک㯑:oYcd f#3hNgѴh'iF^RI3ß\ s R5K?:GN2Õ~'55zO]!&CbeRWlR՘,iQ}eB\cn =wh#zSTl}+٠ApyKWLөD./?JҦQ{U8k4?W6  !N8v*., VMInՋc7G"ޒ>?PCm6+r{GyGbMr¡9 Yݩ!cBBЯbT%AI&= D/tc` ~n?쉗"-f zO{l" PL(㔆ÔktD]|⟒ C03k6#ucm5|.N]]_R*Ӡf-kE٥U Bp?sϲgPX><%q Y V[UJ@xCWiiE-%=nB LNsr eeqN-~f[/噻0j7?,,wߐrmƸq\|}"]Ua?Ij$j&&ZgDb{s8n:-\% (6mb˟*ԗde+Yc4gi zfCmnmy5̉5R* !/k~V6;gT6#yWy]Bc!{ ؒpHzMo;gD(($B|d=#苄 ApTf%}'hOݸN'35ȅ![aWœ!rdGL6,hS2Qx_J b8sp[qm`yĽDHqAׇL)$NR8 3Z5_, ^ Z 6Yl^/[e`8p}&⹻Tɿ(#RKj*R~8Ok]+dtzg#qt  )2`Ph*r] bk~i©:֌M,)E3$%xEE=>e{NS:8$jFĥ'g-!=Z&nNJ#G8\Hcm̴܏ 5L-Ь} E\\7N}Vj8د@v! ?*x+1=7X"U/Z9 j!+3|/FLd )~A \nEv1f9*h,xJeFl333'IJlEBdwKPW +uREkrKj፲] E^y֬GX';ubIӧXb"9'u s mBRQ/?azg`#76N4-i`4JCo;rX(3Wpw5̽Y(K|u>3q1{ =Rˁ @JzH F=YBcDf`C0"PB.'TIaѠf9&B) ?s(1Eg/<#o܉x7`7qAaTې0C~-f/9ehIS{S6Jłk{8%ŪVB E2llu;$r5D^[(Vqwr21XXz߁m%|x~nڏWXOL>}p% \ |? \2%wp0%vDL\~Z|v%Ct1k/5=LS󉬨\Ňjp7dH3 쀬\_GU[2,M+@ǩ f!obPRb e}3a fvjX1’֛M7z˟;]6QGVqԥ~d>8Bn7#uC  ds>PO%]\K_r(~`/l=l[$ć׶?'<yqz;sQ~A PɔV4AIɨd7kC #o"6rfԼ߮ٸ^)`p/75|%E2(s0da-; jAI|ƌf^U(P!i%hSݤ2e(SlW"AVeSsZ_ JJmhѭSxHڎ$L ) Bky8mL&nDO,Su*ЪY£`^ 99TiX{g n=+ wp#x!a.3j}:џu)E5h惽#};8 ЙkΊ=axp?ηhnKZ$t ndWJaw"IuT?D|$Q!eQɊ[W0Icg¢/Ϻ*(5gu51f#(dd3ܝ1*WYB3G*kq7%Iẖ/ i❟.`a7PއKueSk+Ï,Msmb:H$Tp@E`T(T-Ĵ~Y;,r1%}hաJ @}-X7kJ_*UkvU0fG0?f^n@JI{z @ՙ+ eĐ6ny/w8G^_ZZڎR}Ur#v)Ş /F:)UooD̞Shbv"Ú*qH$pyp11[yUI;VĔ=-]ӪHPlnN%zmeF%= F(; 4T۔oMyFm61c F:w&7Q0ʗy/y *ȹ|ݤu°Л䵵YT 3˝W>F-膒EȨ:۫ j)')lDNY?~FԮи^(j=#b$xqtԊ?(j/0ͥշVfdHKʫ g}xN%Qlz\0iNӍ!GqBJY7kq(NMST9!m^&w8CyQ@ rbwJuվ v1m!_}mdʚ k7 Bղ&Kqa4Nbu4g9̮å*Ĥ#GlȀyUSy]5Ue,3u{IĜܧA.1*SԿx`atQ4o+*0Ugs^ֻo!>=dżeW)֖ArRgVOncJic1^0g鳜4X\z _<|r~h(nX/v$o+J{zPߕ {_FΥVY%U_X7j %M(㿑GuhE&[`/>P&a^`:S÷idw/71~*i/cIg,9Pm\TXk#EAD/\.HjJ|H|m &{篔@ fP0` uي՗L"p'brH8,I {L2/G{5/}A`C`DBVN4"(3V%\']۾l=D͉Vya6=wJ+RQQ 1ͩ!g XJ4qHLvh\ z \0 ~uRnل5k謷 c{grRHv !)X?ϼ&݄D6CdeMJ .aXtz;%%_*c*pܮڂBv$niGIaƥ:Jp)tm?1pY'>1*P|YCYm ̻:k ڝU!%ko,xO7fPɘ*^E>pY}䤹 M}-=OJx0qE#X$j:*k F-U!B.8jE~Z5y ]V؍Fl^;VZ 5wBv;x>)m&!qIk"{35#Uv&I~Q|e뽭J L09ͩ뤪38~āq 0GG7=tH7z_ʇ6݂+ʰۭhm㝌G= ,\.('@BtԒލj/6ab}zqʻ|+,.9?a0B@FN;Y.x~IXBVijce#a, )z O7*|T|y1k/3yYe@3/ q^5ʎ)F-?D$iSضRD,ׅܽ#UZuz>c]&u.4)CyrU0hVoUyUg[='(I5)W^꺤Ku7PXe"+eLtΧb_m{1m5˯#/(޴n NEv͔;#[֘8^7/d+LFP?.eYa#6d9{_x ˷фu&TH R.Z7jn2y0ǗH q ̡NCՋ6w?Ì=3B8y~;DP{~✂)~u,kẌ:7` H5%$/Ms~؆,JS{އ$*|B5. j6top2~ԺuvJZgwBKgyKqξ"zqۉ%RK:pzm4Pf,~?uj3$"{r& ny]NR"m^ܞ]- yޯ*8Hn&;, rlpRߣ"K/4_KlXe_l éyDԿ19N B- O'V롛F)Nd?CPl=cIZVpMm20*Ո`T2jcwY uȈuC),ܑ[Rɼ`b3N*Ŭׂ@:hu]BSꂛfDzQ8S4NZw46.K? Zb`47IffK^5O2H/v^]j{ 3qTrx{e)^F8V7֘"$2"}z`DV~~er\ j²ήtFDwǠ)@qOQ U|9 بpCD3‚~Fܲ9dfϱow*JvXE HǵPIoHEґ-T `Ա|TV12R PM{ZF\;}8R4*r]>4 x*'V,H3^Z,([FQL:M$_{{ez-%Ʃ} /Z2@&װaBwgJI;$G^<dzr֥nPy8{`jQ_g)tTY{w?͍"ª|( tĢLtC&x-řhٷ0m}=E E=M}e*'nJ\`1 l{ϙYU\W@jBKKЬEYZnA?G 73thW;q@>i^ČR3Ay/{RY/blū J~GmOFg!ytrHz.?gE^ЀQXȦ!9aF`x6׍DnJHOB?/qY)TҨIkw{m0mck ~&/;Ԡ,U@EѺ=:?.5=,MK ˽*`%[;hV}p]2'c7w5ܭ- ʑ4ft:GTv7c-,2R i2U/!KhE!)h>Hè^}&Kuu(=h;ŽįbSb8Z@ 櫾P~tʏ7R "68Ou{oSJHJE| n oz*C2~֫40sqa?KC:CL+WO,/$HThza4rƢVW]b"eR Bli\k~axokbaA[Q^tgԄVʩJ|yjTOI&\O}\sS_" jRNY^[o(2!K"uI?K[ʦk=%]@8;@įd[t{~ٔyֺѕt`1!qM}~qTW3ork`cƗg% (4~UEE'~fp|8P-E1aRjѲTlczU]owVwb̲倡|E74)`ϥbL8TN+B8ϩcts^v0!ds>SFoMKF_O5sA^4Cvxd"&:C7y!p){ԿKn!\uwTͭ!{}g*RŹP'mDJ>Nt!+ Ce~wP05.p#$ZN-ϫHS=u1;kf+X_%0PZckhm9LvnAcM; bǮG^5K"Hx2~Ki6Uޓ&P~D<M/fkI"Nwዱ 5i U3(MU/|d/Ņ/R6Pj@>A'Iͮ_l~]rK`ʆapS$Q+KIMWIwdrɩVOumWѮѾH4u|KxO[-$ZZ2•I酪y],P֭6a1[sҞTQx 0LڈWF4A38$M:cV Jf#PoH&^ɶlj*OBý/qa(VjBfv$48`#4K$'w6lӳGΒs[D)W4u<so"XpOVl4.;J\ǔJIM%ibB* s)یK.9Ǣ|7-Z>tN\vpVFdH?}"X۪+6Hwt**'< E=@cW#m#Iۿ9VG4j?;q{,қZ (R-͐?"5Т֚Ÿ `r@vsST@UZ?4y&A'ࣼ\9^ltkNYϔ&Cs1[-vg^.\8*;a0&@n^k&L7*g /$(L.]lT[|_ⰀRf JͶH$)c @zUm; c9h:ܧ&{BhDmz+A6Xepât2d\П0'frx 佐vt3R$2w@c=[PQf;:m\ebK!W=>7Q?[g[|\!Es:k=bhsSSXq0ƳV͒99_]`YΘ{औK%FC`n6NboAר ak gRM8%:I{ό듬Z~"r˿y*TaJ M}h<(MQ!ӴO5U3a}gYxPUHM9{ 6/Fj~fa/<OIHÆ[[iv\^)Rݞ]fX 8r;cɓZggZF3`뢏@iB <6=#!\-C( #jw՚A Gv$,;3yꪦzĕ9?$үe|B }ԉMRw'y"8=.G<_o6Jvn֢>sc0֒mNgB+y Ow0Z60hb3VZrQ:pN%7S?9r-;\ **O(wsZ}ŏG#B"Rhv2S/Ra)LSţJ6/) ti3DR9=sz J[Ymt 2  uօFYvh6s-H^k扶Qnjgz=%C]B5Qjmwݴm'gVgN'{>R9mam+KN_M$CJWJC즃;N67ː]Eq)צJ0#ßax^d,f, g5M? }hds |#ȍ|4+o[:!RNݿD)/N_Į}QrDN?{y]]g9b0>\n-Wge143mah31ɖY,Tԋ9g h.D$\dAtH<0-N*I" ø]+ƬLҀ"Nut~}}mCpRw31VI1L-EO.N(>DB 5^w0%—x4=}Q $It.Pŵ~gJqC[m1ƣ:TDPhEĐ< p_ddIn8[a nS?OQoIށ:>PRz8Sb&l{V]szU{r%?4%BPic:`ik\0M >J@jD&"$oب*k҉;=L]/(WvΚW1B uZ(ы|LD 'bvXu" _Sxl,yj\u J>m A }y 7į"@=֞%, E6c#щ nh T2l|,ѢN~>5YD5̐IuETl6_ى9(Sq=i"B_J5)'HH:ƌ)-šFgkT!XΔPOϏ@{+.$27 PޣbKT`lLz^zORVVI}@dFX7|vg[" fr8 }H|m^5c3^!i~ϺmgJxK N \m3YMO@tTT󐏙ȔOQ#ƃq-. ̡Üo(Si]b|oLk2dH]8.@ԗS*39ڔDҦ%^ 6[</3ɠnKg}2*Gn U5u9MH Eƺqis [Z@*X{_7(^*/dgr,كU9q-=Ms -AFChTĆDwN]4Y*Xl~`jer46TT0ea[N|m+K3-WjW0l\+.E9 S".ԷsG;d_%?,jF~GVԛKLNݯ&\Tѝܓ &ht[TG<Ԏmu-6g^kX0n-Uo!kWX"8<ElBjە|r0ҊcA04(XtyeO {a,m,b;-Џ'l{M'f+Rk '\>CÔÈj6HƘbguV.P2X0 2pUd$T\t}=(SC`+W>#€|:89oڎ@5JKYTdF7~r|q?lq/Y4aN)$s"'cbsD"Zn庭Vğq2yn7U@u2/Vt{Zo==L2Yq_ċI[ =u$ٝҲ/}sZnНy~9^%myX"H/1PY1dJծPbڽyE09оۑpfXE( mb𠗌PѷZL҇>I :]YڵSm[(eL+ma7荝pA/I T30ݾk:˭]H"i<hY;,"nFwOl=W^㯷p#07%q,AGF1}2ρf0|2>+rtl'YdRtqھئTF"p`Bըzvc\"p4}ω= 'ϜpRҮy\P(`*xKp/̽'- Нȶ߾׏Jݾ?{)Ar OR~6R^(l(KcF.p wlxy  ,k^F;yƃ($v|BBdo6E)Td'b`}Hm8b-TxTRrٳa/B}&&X]}(QD V,ڗ`i[Aׂ¥}حGu8Qs*ק{:J6T7F%_ˠD*a# !TELG*$D˅ uǐrDR=[>&$hߠSC2 K1B9ofkP!W6,B%M4lj^ ͖ǗYeͨ qF)`l:c3 { <6ݪr HA9 0H¶}w0IE6΍JMVJ=  R 9(ѸجZ`SiO' ,5G^2lN*N- ӰH/ۀ0^('9+ᴧlHթ=9n~|ͽד~E6`-VIڽbk)a6_Թ5) 1Js^U``j͂_u?6d,P[-Ӷ:kg&9KDFd~*˺u<)’ӱLί\ǖH!x" v8fjyp͉ػM3u⻅$pM,=geC#Inҡs&ح(/IHوqEs N9}UGJc7_+ T,RU"SHmG'ZOV=dl B2:+DžM}@Eȴ*Jf}øMhZn$ISS'o*㢳`}kˮRCI:'oY^/C4ʥ <㕼hc,e2q} Ea:>(;BV `IZZ mhrd#emŊwoH(>o69̙[^s66Q$soFBNMsiUKkCg/,f~=lTJ$ƇWpRwfeۓM"wjCQ9ꊖSe>Chr @(K]SDB`vK%e I68ixZqp-~" 63Nͳyu_n~ؓdm7=/RD䙨<8Q_ H&B~Uɚ^HpBP">^@bD6x$DЙ?G[ED'[.tBX \>飢Df*.Di_.h}CBz7;#2W%f`4X6)׼}FG͂ Yc\ȓŁNAպ2Wdț;V6q\!srDv!bϭعiAǗ.@ӺcC zkcS& o-K p:)Z!u_J6mMvJD!Q(R`r_c\ct{lj D&~>[CnAFb]_&ו5̌BCc]ylH1'B})JqHX#Y:R;Vd!e:)>̤z%iq魰ޠK \hKѺ&vZ = 5x`VK xGjNJ&BRyΐAq@vE0yEY-:YJ~AK.54Ѯ}l3Z]>9"̫_O meqeC@VCZUvJ=$(Z@ȥ3hAyf*B0tgAGD|OR](3\30AXE/ 3Q6]/=Ymp&[_r{?p,icp^s=lѿۣGq aUB n'(~?:]@J.eӑf`{9•?e>7n3^b}~gr=uƶk׈YB @<}; "xpMA0/ș:DU8;ؠ*&+v=хGS֟@>k)(_}k9XE8BPߜՍ|֧m|l]gM2N*pnBMm`Zb{mgjX ͝[nR䟬uX+k :4;~&7m=GmC E鸋tQ;ur%G8R* 7 skl7\Ld \ꉚbewg(=BLL!i>j+B&PKd\z `ܵ kHD:6$Tf)i{[%}bNÞ7om&V6Uh7F2"*c|18+":=~fġ|tWVP UCyq&(\àe $,E[ z0l,բeDN%1ྃS!بꩺJO$N %5גwĀ; 5[,ˀMvicH8#USD.GXԒܾ O?YUT 2ջzb ed] G]|a1^y%Qٳ:KJ' ̞Q9|.{ZT/s($D>Dv yfr^jdVнSI0dƷ 8ADƢya|r-\@|Dnq3EϏ8fX&Ԝ[ C]$@\[Z?ϸC њ15w̰HF5V (v& q*L:͎Xv8 W,΁((`Ȋcx{we[ fxKxG v+,ziG t!|5*Ms}롋nA+$-D4rrM\@!"lS誑LCw4p$/e`r$//~lLlm fQuŽ+c'L"r+4~gdc[ ꫰qoh%5M|t(,/vYNf~񙧵1;޷+cʱ|l"vNk^F?{6fY,혛ĽI%]`Դss-%֟4n7[̿K2w &+N POW(qFNiShB[L5 y0_Vu+}_]?6 Z'RzN}~S`UpS!Ov%|YpQu;ݸVkB>  7:\ O2?`(^t4{Q@Ѩw/Otr0 aѣ3 Xoe]4H3DP[A0 T|%EyFd^xt#cҙ`1J4;OKiaa.+0ݟŗQШA;?GwkdlJpR’-\I_v\E\r" /,f2}_ e"Dfw F..uߠc[-%ipv2JWK"<u#q4~0'%wƯu#YL.x_#ĕCƦeA'uWc;d2Vy`6xϗ3:Vc*6`Zg` m5;s ] )&Xv%-6u9Rkj.x"v}~ 16viic1&l]R.?嶺]cA\: w:.+KT(i]>/㗣ŤYF K&2:7eSFBoGEd~X 9٦hk+gK~{*f '' /Q/YNU ٘OCpLJWݬa)ۉTuh?]֠$M])=w}yEF AB)OulF@LFqv9<[o%fjAsۥcvuwcx5C]H# @u0X|yN 'Y"rIA-f**%Xl4i* A9XnИF)]8ʀN1) EF)s-ak߳v_)-T%-|@ ,7)݀@R[G]vUHC alw'#1[r Q q5;"y[?Y49<EeVe6aدrF_C^}x]l2&ߜ3FVM` jwOTŃL9,Fx\ -Dh N sՃI>s{JPř9ES?' \ g]HNJiyͪϠbp&"FW;f3;\p-!r L`[T0>pR%j]; mUF/I<>B1O&J=[ `6D7%kdM'o|ĺ>GM fG_D'ʟ쬰gP{%Wț\JRJ:uk8hNF%UZ<Tp~z֬@] $5sH׾A*Y ^;6"mXqVnik< P!@ *v%@M!/.v'wiq6\>A%łsr|{F{;/ AcXñ6ܢ*gQ}oB*s" KG5?*۝wՅe_oh{l#wŸJ:億7Ğf 1UŖ4*1 vW*Q|P2?@eNk*_7X%Pc)ӫ]lA)JSZ'ǎ9sȟO (p\D/!ZZ|" i",-p'vK'fY7TdB JoeIJ}ټu;oEYGj$ ? uG-)g󌒽?%z(k4`4NȜJ)Ƀld K)޾%WpvX  %vcx$ձ{~U00wmZ%jC%RŅsC[zrfMs/>޽L%j!v 5T,H zʻEEdP^l"ځM@.fϡj'~K#ٿ%!V ẔTMi#D;:ɋI'm{P Wi!&v%o ~M< :YC5K\~#*=>)YMn\|xrb/E^|u^B<'.ta}#yp}ޚ>ٸoR9LWH$Di {ވs`;ǯמl /Sryt@ &檇T1S>E*I?[} Sz~p{5)W?rԣ|î#x/~s%#8WIGHFw[X!A7i &IEQk'8 2h]`9] YCK,U2$T"+ >c !'bn2&5*GS v~f| !ҏyF=F/duU%R]B2ut[ c@ղM'!IMxH?q6YLa9D/^M c&—}1[%. 0]X5}P ۦh,6 o u__$ZZ(8}q7Gy_ 0W*{--pUbnR7 3}8*CjYx'K#QXu?nq R\kcV%ܼ !Q[|1S|!ɖhcG;n1@q(CŪis#xsu񣯤S Ud,M_Wg)+[J᪹.YNnup^fG3Yba絶KIȋD,t9pxr]'D$w[dz(K1ݧ8;j¯v ꬳuI9_6T?dX%X^n\Rz)_-Ҷ1\R@HLp9#|D?%zɔD( Q;J`4@SdGSP%N+.Dެl审Sjڏd4<XgohMBrE3{Z6`|hSYP!k Nsj_S1+$԰e.gԀ1T"`lcf,9\_~*ui4I=>F6ZO|0Ki+`eHL^o0p4$I"sZ B:х[hY]8R/R䙅|!9ryI  _4O4A1$"zfJ~Kn"^XȦwn# w 7 ,? X.w}Oġ.ye1YyKO5ĒW#d:䫋<A4^'5_*"rl|":/R].s2wp8x vGyրT^3 W)cd6jCk+x f7?K'yTNL)Oe^vuYY*CZ:y/pjq{e-;$X8FE\P*=4C@퇍6&R/KK#+z7|qWv{Xu]l8/o6vnK(cAJ_XjUX7' RtPUf5vnknM SsC` *SsgOqlu*B14L Wq֚2D|mJRt2BhΈwmWU !v[֘s:NL~NhV KmѮ{xpmJNG]Q; |l= y],@6\ #~PKH dIB % fQ(ehMuÒ^Yۧ8pM ɩS6HNpooΓ%Emp](eDc oyK.Je۠W9Ct5eomc="b>Nl*F0ٴ72#LuYL+JXUV`Q=^KT?="HݹLRi\0@!Rؑ+7xdȕˬ˻s銋#]RtE [Oh+.S02(Q-sVɦ~Z8фc`Xe_4؝J~=]2]J8?!%Qt|nϧk7ri,Ct)dJTWf\"Vḥ#8pmdd 5SJͶ\ihoCdzL]Vi RL[x5-ѿ࠷.B*Ut\}*,,Q{ʙ^ =50uE)F9C '@e6I) ٛV |t}afi|H"& t wY|4PJtɳ-QtV#c~ְp0dTӉ΄Y?;cnAo`<["\#{60tC@DeNgA P^hf3tA聠}0!`=?r_ ­UB=L/3,r:e:ϳˇ҄@`G.λ UV $P1*OQy3 $.^fZ΁5,Llh!nVcevR֭\M:  TG7p $:ozѓ &$~UlZx ,qݩ+u=yJ~dfvBkd" eY{ìXWlP77w_L9^{C" 8[( Pv&I] W^b#si31QRFA>z!=%(a(QrdpzFx_jW'9DAjT&1ɚ܎6mC>oM-!7 D#Cf5u03ymZ].3C>h}@6]svt-QVIBֿڇSޭVSh R}P42eXodF~\qKuCȅчg}#QSj#Y)$~qmwrCu?~O J95 5Svpk!(u+'ohś :G:4. ĊLkJt6po`8K.]ظ/ڒj-Y1g'Pޞ"m~&m ބ4n8KI# h")9Uc٪`^ɓ>'xZΡ 5b"1 ~)Ȍ\Mf3 4;WI>RWZs|2"Y5_Y"*CW>X%gȗ-ElL"si.Xe$:|b'؜+add`ېFӱ]Nl!uU  ܖ{*1vF ̻.!O5L=C|mR&sk<<0{I ؔCwž`V5>9QN.^N[t_9<ꈥ^5?Ϝ;y3Ѱ8c~g7w064&,o&u/]aTɼ&K3>q `p'NfWA(Nt 7&|M6⪥*2I845Y6^3 VyQDFqgJ!l:PҼN'o~oĔ({)6b,@|c"?d$ $Vrda? {vKﺠGN ipՐN. T,Q.uC DW-x.!}b;? SDH ]~5kjfPD<,OMNܙ_!4 xqQַVUg[01Wu8BI1W"{zY^B;=pv#+MwNHٻ[!> BEC'p>9_W*ZC_PM>蘱vO|)TIX ahmU+d-XU]0@ >݋-w {'6CO^m!l)\;J"T 4\WrȊVizP{ɶ7AUI~7j%KfuhEӔ?gY!Vw5ۃ(T!e-%Z8*F6?:zquRuO{i1 LqD$le}lRzY#{hF\RJ%lO;|!?YO{nB[J"(w  o z.+8!^ܖnLb~c˲7bu;+Roǰ43C0ڝ 5JCiWcPqXZȌ)`xB]ew`i5paf/DԂom ;.1rGP,нXo;=|ؐ }&:r]`Pf;zjr "AٽCQwm2%}YJK |`$fJ5:TtFi FsNSH۴4#Ź>* Zi8㹮S0x / ݻ.j\"qANb-8,Xg{q}5Kyf)7n&D,!Z@6t;ʫ?<luב]* IC\ѧMg;D'ZƆ2 Th[=3Sڲg_ 0=J:s6# nhOɶ50 ?{FT2F&^f>b^"sX_{:wȿC-@F6y_Xem€d-Zp,5qy&Glz##+{}X\JHfQ =ࢍj^Z~Us$Pvgԡ_"=UG鞉p+A$@➱zt" _E';8@ F)G)Ƃ!&w6,t'fF7k0xWbikBz{稷)KːiNnr3U"ylc ˌR-ⶖ`v }Iv6mPYLЁdtoeW羔o}V>nB鮙m_8)as"VF^[{јyGk,dTxQo9EEil'=854=t7u\1K?2M>( IrS?\z],Sy (,åeE E O}H;f@g4w)D4>DH%y$9,dM7]y^usF:敱,IxV4aq;7XF. `E`oT!ms5&\U=eЯٕV{Y2ju,(cF`yc;]FԳzjTV EEQKj.-c$0aЧ`,%-~}n7`OA#0a·R{?rK--PW"I" ְf ޗ5 7#ѩM{[49Qu·@*RCP\cdI_Ϭ@MjN5%W2ޠv\QLކICrE.;1dj ;^)2z+5Mi{!{0| *u' W 0bر&.`yh"GBZeʨm/Ѫ㗮+b\TPfY\$l|X]a:w Rw$t4 .VP$Mo!q~J16oo,jw_o3p$KLZ`[WK| )=ߵ |qjU t~9 l}Yj$4ܔNg`r?m)G| 1:#[]s,s_)Zk[Wxy+_e$! BAz(35z!VZV.c[dZﶘ{ `XƊ# }8VxK E& >iD1k:hELbKa_!7\פzV̂KėM%dSlWۥr3Df2y|oMG-thAigk<+rrWm] +]uqD98F-]4&M=myKƨN7 SndrL>9LxY sw!,]H!"2CG{R~l]rBݲR,tHRjD"QL'1n`+U]mex|*o@RD5\LrڄثQ:UE)ỏW=d7T2r-@4dKbl!6-ӝތyA{q}-xMlCI=E dN^uӴ' @S+_М(PDL{ =gRjbyQ=gU>'(>?JakG$sLY!P^y'_<!0ꮄM>ܧ}o?s[$7CS@}'C>"dRxW[n-vqϠ 67gc g!="%N (^TDo}c4~AMЀa2HKרV4"K;(}6GX~Ħ.Ik*)<T=)VQ 0Z=;W$pOˇJ$z h0֫ y+zܱCC,j)d[$WQp.ToB&9(?XU59"H{7A;kǽeS 1܎ひNkt/d[Y3z!ĺ]lg5{iՙZdUxQ܊pSN %gº}$`cgr7%uUA`(PWdv@.c!omQU Й=<{HPZS92^ )ړ[ZDEb'\R/jIхtD׼<1s_oUZ:nQ[,,t0A>i%S/AwpAIL(4CFΟ2zb]тᲵT֒dʇ7\˼; 0QF?!M|p~:>y?Oо<^}Lr{|OC>KintS[1^JC0HI_pHIIb_Zjq+4N?nO'%_U mj$%o+OUK7tk-,ﳴ0|WxE -aŜG܌(2Z,{/,T>J*/Ќc!Jq 7[Hδ:L/G6]'^R*?DAlM.MՐJX.uL-gut1}"y_GF>OSN5iT4W.2w<5 XKD؊ י^:bf9S{8|)<־YC/0b⪍J,Vt;jv<>w ǶJQjirHDqǕ+gyHx"U[jM&;i)϶`,?M߱!ym!lJ͝7ӯR \r[3a$p$1"Z/tS9-klIpD WJ-5)x_kNY澜53- fV#w\`A.bwW9gѭ ny'<<( E!t?ukz~:%]O.jE8ehY? 3+gC<^M4l%Rϙ^'NQfMxڀQSf8/2?Lx[ڨZ gFLa@ 7VȾ&tÌ~afCx }1p@V#.,_r"Vhb3!$8\]3$')kYt}?$AXlъ>z<1Sff`BN׸;< R@E "{E |@o~޷9@72L~HÙrk6W 8&&":0cHxuF`f\KI Nr}]o{xIjI(,ud\)tÇ ρůL.֍{TVj+gl? 29.Ys7t_+V14)בdaВQJibT}3OD02ϰ V\B*9y:((%|m#oJ|tyEhgI/B10 \_hT4`cvF"61V%yVbei; Շ ɹa*Dj@mWV' M40QKS UMJi(唼u Or(9!6;(9R^i6gNo5J3F e2<vquާ&K(;J@aS_jlmd*r: XQ\ (!/ `Mm,qC tGBޕ 6 3) ]ϯFWnfAr7Ҫ냨>KN[(a͈#irȿsɁo f6D$26*f2}̔:`puXlaqAW`-DD6,+ÛN* $}?\ I:/z=-8J fb$-Wd? \ңAYَ524>X,Уsk=X(8:h:fj-B QFhBQXvF~9zm1[vdw2AGlN12@F!PZ4k̲ddFa@teDcl}a?NO]Y9^X%34ЋAI,ʊV`kY]Xܛ/w{BY($qS_QbMsh)˶0k^gyzYw,tY(6%3lz1g|OՊ,,#( D=G]>@Oo,Kr`k;i1 36 V[9.ƽ^f-کIe? i~H@ѧ׊7SGяm\)^Nf\QuQ^,~WvEY Qδ~eoV{ݠq y,O-R$%'^0ye]uY xsL Sp2b7[aOD-*KN<ܗ͡x#K;J?YJ9ֳp7HLJ2pFKkA_.u-kIÚ%`vYqgHf4.4<6dd=mئ6k_%DBd`bsYyL ѬpΏ50Qq3'y4M؈X>6y"Nm_ؓbJRjڡv ("j].(09s6mL ^NЃqd HJ ,a},\:0o6tQ [V$V(6ֱі0 (YѸvY]7?cr2Ukg/绮+G \s5QvhZL?˽Ŧ0yXԸڏÜ~OoK'^mΰFQmeYwQL Xqc[.ϻb"`y .Db4c*EL֓& z}" 'ު)/AK:sG~ iOD/Ÿ^]=q0Q@6n3nVF~fֻY)4Nj,.[am/RLX Ey)W}dG}EgUyO~ Jxi*zT< CġUw]/9m},+ډ T2 F!bBpW?c_RY ڜ++=Nr1Z?kK3y"Ҁ X!φo( ̞\WD mHUy}Gٽ ΧʘDYrFe#L۲ѳkŤ0L$+k3V%N ޵ l]q'$13(n<hKz"&W63Li{@V`Y!Ԡ6ɶO mW]r; APcja3r_a#A!ȭT笪ߏyNiy4!8x+Qu:f96DC/Ȋ͈4 v>(LN:] >^ ?: 9dQ.C {"I|^!D*I]&B.@=\P )ӵ$h?E!xĪDt][Ÿ6ֹbSЌ}F'O#'D#ac-~_xJ##JyqNN9=?m̪k"!:,|_"n1j~0L4?yh-jww"GlIb+ qVZRJ*Њ zi;fkxPZwnIM+$![eftTV->{Bi*8 ~)ط| 0i9?o%|uC ?7":ׅßsTN}JHp32%W}?ziJPn7|FeX [8Dz7 M`KMsI.,R(~o -zПp4cJ簥Sl;Xfivs 49R Qef1ӺDߓn+'kAOK ^ƣJx2'yTq;7Sts9("iBw%Xei!'ualJӒn4:W@e XE1L>/щ8F, gYKaon `??EǷ1䤕LN|: 1P8~Q9pdIMD$?\ g;Fy p6b2BUq#qu*(ԈE΅!?8SWf4#Xb_umue&=ad.%pjEAWJx &efnLvdS=nQiZ 3 Պ Uf0" M4o+ Yvq\kS QN#_UbBX|AWN>FRb2AM3{*<\ ' ]meiRoKX¥/ =>eYEoT!>mkZ#K"LD+)βZ>SkM IW2_iڡ!1֍5 MhPlW\4Lu(T:,z|O?)yRj; IP=*5BjX{OtE*>7i{!pg`b2H"*}*A_mऺKRЯXϤv j}qË>R 'ž^ gf^l!џD\2'}.D  Lj_.bbARf1Er j8v^*yhec ݁wՠǩ9iJȂ|[SD DcT;J.TC%>06M"җ.P7Sn9ǎ&OnLw|$PcAv  @[f$kG$$XB_"Ydq@mb7E Z)yŎ-=)E 92LvˑeЋT9 vHݐLhũTyCý%=>- 5_U%U }H8$>! )ix.G .W,GKZ K-O0:(_Mvi?vxk:ϸR[26,B "Yض߀WFDQ;-LCA\脥Y-A.s zxj)Xyb ;VsEsz KU85T@\@᣹*򓏊cUMs'k>Ћ6)J~ AMF4,T $)q&heh7Ǩc.Wkl$eC-fhthF@>#PxF%"Ɓ<}'ǢVx7_D7+t_4ve&/wMVKb*+#@KJ.IA}5{\ S}ހo@‚878 Hk;w26 V#Uqc&* ЈG}k"5+ME&N$ӱ|Ѣl-B e&qzӜ.'V] T˭E׈8e0 ~,GȔVwzvgjc;ap,A3fIVpdW)t&vMm-n>x)Gr4ǎ0HK6HY7d"IgA+S.܀OChƻ/4Z"Ww;}jНX? [ dnW+),ꯅGo.ӽ& Uw'Aڳ7]C"{kt0RXýLQilg6BUեKBzKf僺*G5mG*Deg㑵!D<AAƌ|-&چ09"O,ǀ3ǏX~!3<|nvG\VT+ Nv*zc{ WSһS謐6sAaaO4̘q6 AI7 Ud%^CFHI#^JHpҦI/jV&=2m#,S8 "Q%@"l-}m=yVs *p2Q ~U|ʩʝ0_BVbQ|Gp_kv@N&A9\[ٷ-ǿFFrUmG&I0.e9쵪4Ok<|J$Qm5s6S&~aSk o2#s9YۣIѡ]^lX;(Cj}RWtyXFS;oAל+ ;r gE#:F}dJgY  &$|*SSNKHo/DQ;pU6 1g֞9Sb-nkTsV6F,CTw{O°DFwGF3 X(шZхn_-VWfpPhԭR]2v3xЍoAsLh ĜjOygv Յ5QuvIyu@Sxge&J|83̬?)h*gP{(/Pᢼ$A"H7ZcM(:"-\LB9*鯆((:dVծ(&C_ac5Fc$.Q86LI:r#(]Y1ctO$wrRc$I.a /uU5^aڑLhwѓ3՚P.Ȼ7/<\HgԳ1L d@~Dv.|eq\RSA"E:g${88DkƩS)avi_ fJߩ3x,kadkt]8ة&| ^VIǦ~{9s(z!"dyWWgݏ _ WhE' 4m&—潐Ǘ~ozeIF?kVcU_B:ShC@eCM[qaeVyc/P4~^,Έ7{AAA@>j?#ㄨfCZiGa Jy*->vՏ'#FT"ĒZK >'.FTHL>0Zv%/HϡDcwG "gaӣSQzKQ!v04prUU&Efd9ώi`wZȼ) xO xJLBBux 7+ ڳI 7 ᴽ\KUl r> o铄ߑWzfQCMuy] ~'.&937C*;0Q_ՋxH[9O^S*SgM=cØ7*t`gg?!Uv(zq=\X0fa\!5$Ŭ-ռBvO' ]H23{@;;[t9=]s}AΣuAh!P]U`X_3x#aa[V("lSGռWf }LVԒúַ•+-tM@ cƤgebYr@B2˄)!;9?OBǃw7@IB,3|R K NVc`H/m| a[2 ,D Yu(LKq!4צtQt:f ~% y-M DmR9:}E9_ `+#ڷK'H,|p'9}f?' oOi$5'(7ᱻ6џ5wV29sg.e\@BRtG[sQ0DDNaߘY&sa[ r{8KgkB4 T *:G-X_)9&w1_[u5}5mm]WEf |Xv>2|G t/zLL7Ǩ Hzg T2iH>^15*џDsߗ+_,pÎMBz|3p*IP@|pa.V1`F<2 )G<gIu}:umx~k ќ0:gQCv[x@lG:Z5WPߘ/!x8( *z%r'0Mnq4D|c>Q#R=eL_cI]t!LC+&e qJ#{|KI]A̝pG0^Nka>Ϲ[:V}0m8hAM5_ON HT8tO%x]*3]5vRʯP'%̛Bp#Z0vM*hA|ڻYanF-GiGRF\RsPX}>O?jޯ⽽c00s5W|5sj.erC~h=`?H>`'~-[lcxu‚${q7[;"G.bYNJ""(u€/W@ ӌo?"[CCp-WWMmFE%##; -;8;'eU6v:}gZYKyǙp:V'1sz7r֖fK o e*%)_傸Ö ,iYLE>:7mvq0E"M;R`aOmruu9!'2lܛ~e_>U-=MB1&nʓ>\Bg ^d -s/LLdA+U50 ASsEgQpA \mr!>|k1OI<-XGIMɲihVًP|sQly9AO?T݀{H=Ї osO4fDQ$z;jeϒǡy(ꮗ0m< |w S2]>kOҪVA!>;ޏnh"^5B'R#.v[9ER?AKJ3QdGS-.E2"-q}9n8u`mm6AL/^ stp9z7 C_@uf2IH-3B|۟;e g”!o'`Gt" dcxs2n[EQp#~ '762ܲp|/ZXe*MUJVX.OTTa;˖)Lr279%#NKO{ShiXk{ f?U@KZu{'8.#f9b5@sCNʷ>3JG#5qRTBS 𘭖_S\O*<}AsC)7<Fi=".,E.l\<222 HQmb?̈pl4w/X:G(9 $R^XѺ7ϠW/3/>$R|6p}v@Ve ϫݿN!Å4:дi zx1ڔ{dV ;Z"7 Jp2eގ?{uҢס޻jA^dڷo6e-̮վ>!V!8rlF03vkU <҄\Ua^mqb%'6+.ʈjCiW9 ]ŽaӀ37hb2L((Ii*RJOac 7OHW-}!v k;K'Ay*(RwN;/O&((*Yae0e"in4Iν̴xOx {5 U5 4%)Q0:$$U֨AFlor5-Tzke 閏ӹGaShؠ :@|rǼȮL?C?rdR]$Ĝ˗yӠ̼[jjVJt>Ei ; ~b%rFv{=f% .:nG&F4t"X$ J5F$d)p%6Ơi @!#X&u|&hfC6sIUN[,צ^#ynbu]c_,B;h4[[% O^W&wT1qF9iNɾ?Mg3y9m춋_h(G ǚhIc(slcrۆyulh z}7x9k_ ]N=rngvQPRG١IA7GVGzhb8=wuURjdC :3G :S] qt.rJZl%MVMfC%?>(y)n,hEhk-<>L7vG5ʀG^@v~&|<@7͎b\ids6Is*pS 5u{&:ql'5 w)*)(YҐ9 rjo]EDR/z-H8KZߴ=bTu4]]t)dcKR"9ϵ%|ʡbhzSo:\(SV<0<9 3迉 J{Dh=ve}b9c#O Dx1E&M &<ۢ_W^ ľ :]vSZBJ@bk v蠼uE0fJWݵ?JgJǞ\$cZ<%|ąhݴe0oH])".{˄5&X[TjΆ)-RwPJC+!%66ZAc`Nm3 v ρo"uJ*79@o-a;)#$,4Ŝ@{:|ayГ_ :߉C#W#P(R/QCsbV:յGeʚZ]t>qІV/@oQN|n^mb(xoќ1>%KoT)OwV _&u|>pw3 -;?Q8ȝwi{2q,Vy4.Ep,DQǗ&*6U iw霠1e\",}HDdHLSL'6V{Z W )XMR\j SzT9vA:.mG*XܐMj{; 1d>Z閜eXd`5y*L;uhWq" ^\Ni a@UT\!TmPZ[i>pD4 Rr4y1ZfW< 9dğW0OU`PM75U|] IʕD:=aChX5_tTyzSILѾv݃z9Jd~ 1koޯcnѕ=K֥K>RF?Y[hwVD?И D~qxb(ΐF)#O ˋ͊e葎W>|qK6?&Slua]dx}y wI 3:uA#nԿ QVmc1+='/"Xh;9=?xuNgRu\ '}#>7r!Sx[}-HzOEpH.}v4hd0}[eεa{Dq֑&"k??:|UZTocBRhPgOQq1L`\e;?@ NaKke]@y39ڀ}?/p:E1 &VQ[< 8<`ɓKX헇/:о +)iRIK{r!=TW-?kx[lw|jƬSX&\4:u)ҤH[*1xVsXg!d{5dQ[,1ꈕU0|\K/ %^ }'q ʷ,n(<gCv(j ӤuG'#[굯M*տNJ @y mn =>bDgXV Q`(6Gx$9IsK*s:XO ?O? մJ7홬.2\(kTm 6G%7xPgzsv(Wl 0;QHyw3>Axƌ W;VŢu8LczF˼\cP(qKm 1D)؊DN͹>no-IFwI !P5g{̅JÞU(9}:I9g-K]Ŗd&F9,->Zsls9Q'969\0|zӒ7%8M~`6hk3nxL0,wDI Ddnn/;`zw)p+8[: `yQ(@D2iCƤ;iSfF!O{J.2'dq(~2!g}۵SQ} V7m,U0Cg.s~Q+ohS^NT|ǭӃKR"ј,yN3i-Yf/33MG_}vȮVkv.hYW_nHHv>o6—7 ySK2wZЫVac;Q/ n=h@,9'k%Gio"ӿ$ie9ℂY56 ՗ޯMisN-,^maR ϑwć{js߬φI@@t<Dhy_J'y\%z~#Yi&b<ںG>>VnU!A?&iwGx8jdͅY4- $Η8\f$ll:e 'lsDm4v 5p ap܅ '2?'pFr<<YtLq ;̯2weOK9LJ0fAOBM9|uĈ#ɴC^m%c: oJef 3>~>ڭ$8vѹ;Nuw/yr=|p*^u!%ܠvGiydL89C X0J >YU`So^)CRpXFyYM%AR'"/L:t n56'^Fli_ KUuh(890J'3qXߖ:7Z@AtIY5eS-BSF쮄CG045s`|w_ᡟav/n noI:e${WVԦzn5G4/M`ܽj/yҺOk 0KR|o-17V]B;>eB)XXM?;~-?8?_ۍju'"k%6^IR 5SشPk-0Y9-Ε΅z G+QҞ7 P6;ŧA__)۵" 9N/'n32|@C1Q(_z|d4wNͦMwBti Vb7^be;55Q]b) )&Wub0sEwp0G f*KDy[-ْ;X(n(s+D|E;t4ٲ<ĊJS?idQEar2w5hiHH *fk WO_gJXr}+SKrr1x2gߣ,E:]f)YyF(]|),+$mJ/?– ,6ZJ>]a(AaSSeR9bQ)FǜD)"'ve-_6|.rn'k|`EKg`ά݇p/xq鵰QE:k~EtqáCX#WO"у&\3ުÔp?}QwmYPr)WoK eK bmdUIߋ">\N국2 Ote6mo37'ҋӂ-{}ͪ0`r&&%= w{E{_ u+="0Sm2~ura"_Oiʌ.70J\$rp\H(H 2S,l6}sjuGҀI^^/AwZa]&v Lq'2p]}`چC x;`ث'l}貥yz獖aQֶ ػi5P65R(w^υ^a8V4jFj(L&>nwܐ e `)?6hA?VVD7% dgVI@@&!ć4Q.iU~{GIEb;C: Ƨ:|y">6 j\_:Lo(83B3O!m>v٢lf!E*.&{Y{[>aόۈj5{° z3ɟ7iu׏HaOw{F8!.2ƍ+P` >2 @[JSb(N@vp+_FM_p"U1ɒe2o.1*w:F"ϧ4 $TrC⿘`Fag|?@lGi*~+I R,:P}}x>֎5lXRy󸖅c~B43b vDx[_p35j0Ǭ@~wq0߱iΤDR_R,#\fL-ˤPD[UG  ți2IYbpJžfJX>8/g8[20ד{eZn nye I~SmF@(JsekH&&.KH);vډ7cՐ╰>Wh5~ `;<. Er\)vT"ЊF%@C|](ZQh5)bYx#+G"hejjnl'[)]iK[9{}Vމu]Rܴ:i@22rQ~Cڒ4+[Y=$PA")΋ۢe.(P̀ǩS`j(Nt߈1(u#叹֑r_s!ٳqoը7=i!A8,vXO[K3 Fs e2 -4'.' Pa%x,ǩٜ Jݣ>A$J |X=73|q';%B "2˭>[$}`Ix96bRRW.F sz#3VW'Zр+HMʋ# )\LeH>?I 'mlϡ5?z\~.1Q:O N %2UJg2Ոm4aܵq?art$x aDNԓ #]'H`ˣI@Զ~B`T%5Y1N/svks#snPK[:4;k0^Xz68Tf6,{f!31xr^AaIh#fp Q=_z<':2^[L] [_'zsA'Cf~_h \Ϊ.Oܷ`I."Jja2l2SL(YTWHҚV{Jg_upXU~}]0fdՕf fj+"grԫ紶6a`n57řZ]+x#\էiK6O;T\T&-;AZB?֎n{Bļ؟l]SύJ$jo&s#lڂnfɅ&~3rK$(9yE*wLXA딥T*_T>灻Q͈D'ӫqr~ĸ :4,.kU*{zq~`b;ƩTZ?J`󯌆E/\]|(܄Av-ro00Nλg)SءbxSr.ծ4ẺlBM [X{!!ZbZ_q _}"PraWYԶWٽ=^{3n\8** t<+Cu#x!x(Z+o)AVVq.(= udo,C;=Cq0]uNYs;;\G-^GHJ'!}aibڌ'b{S!Jfڭ o)R Cq|5LJ:^DQYġeY%g, ;Svt/=͚CFh1LؿIk(N'[Vx@ִ*Q ! }-  Amp%2du:b@5Ugŵs Y<Ȁz- W;ظ3e` W 0N1"'25ZZ+=ajhDaZoSuzxQnWM9oN^>$G̞`E*a!b-v7+i =lEȳ<2nT_ 'Tcd=˭ֺ$;d6۪0 S[.zŢ-͚ޓyӖ“;HG rIW̪ ,JS67hiiOci\]A$^7m6:oYV~FL!slT< x`IF*{u$J c"liKO.ZwN ~xAj E(8{ח <蟍ytҊ!l3t^ DekR"ɆM '_ڕ4Ξ/eR7p+0{.* vWN /BP.!/pk0YzN42Dk`Mh(MM BBD2'0e^ d6h &%#&h>IFvDX3CA:~1A KhDDG]R|m*LBVCl;Śx$=KH(f.c6,iBZQLztiϾ\s$rKB,]73OYLMIuX'Ϸ0[e̵:FZ{xeZ+Hc^{`q1(]Υp`&eax8|lcnz•ƿ>p[3/"lA ^}W؜lM TTe"M p-T eQMؔ(zSOb5^2dy^**Sg(R_2 ,ag@iW+4&cuܙ9wƆC柀E/~nw ךhRȲU+4uz"UJ|T|oYC{TO+KェJcJ+ͩ5~q|N<%6vu+?-ggDňyƓ?&cXԵlv^`I+CUu?L&V9&/w/J% 67nΓy|Qpkh(@H![lg&Gj@"}E1E뚿;}cR22I~i $2h%}$7Zd@欉C6+m6fHE0L l~0CbIif){*AQk M5:ڶ4sF*&Q'j&qZTH^ryywm'N;HR^]Ѷ]D.tLj)YiJ-b .4o nu7,ƭbʺgT@XOf jŒ9lA7x%(GV[Y5˙lܗG'g:M hQ&{ dL6I1 .^ۀB 냄gk9Q"0y~a)Gp{sELC'RLhANSR !/ 1-GnǝA[na# -*x׵_QKV$OU͔;`wJ A΁b` ұܢN-pY#Ņ+^iSqO{K#a"4l{3~JG՘Qh*]tlU`qɈtԧMZi{r(><x`w(\Lװ÷ vOnCu;6Bzꛛq<<(mO*U5 TwK/]#9t[V̵ٵV?9,]=m`U&@2٣K)2smCR8e0qiQ^v,mRÚ)HolIb|v`Y:Aɮۗ9:f8a9uJlr~ˠ}m#˯#4%-xrX7pfl錰 y!&cDrla(߰qqF!, .%{Ԍ]wx εS[)nQ#3=0*>>.?_[M*"8=I%=si G}sd JAAqki'س_>\e :D Ɵ)U64H55nnVB Y$D hԋ GFCNޝ5zN"Lb+9Ur6 T+q۶/5}?Oū, Q4j;[^nyn*P[х0+cM ١. Q.0pDET,^*L{s&?r +ds'a80((B:MM^`]H5fm fI~>Ok~HPP sV"GAgy38*k~<Ǚ#>JGUu|IXՓ:BoYV6vOո/&I zT~ktXvaý Aɢgˠ0k pQ_IXM-ʳss "TGߐԃ1<6[~Hd8z&=rawj&+7jB0e$3kXApUB;CPwj}dra+gTnL`tڔiAVyOʼxxiTtg uIƒf NXWem[HѧОV:ezYoG鴡d9vxc6)2hi,B/ITAER+jOiA*mDݕUntn誢8`"7toLQW5"P/ sj5i# Zh[4sɞuvz k pGqſnuhIGsZ(\ de8gmRhh^|^{I`rFQF3+F;KNp@qg [VsSޱ'k70+R:+Kb0~?0r%MQ ݛpވ'>BLƲĺ%;L|Ws#Hx7Bw.w L[9 t{7NlP%EҸb6/qzwINM y-He 0REgo ~)ϥ{C F $*ыj0'r͂)B] U;/ _㒍i Uf `)6f' z:%m9^G/QkRpW l軋2З0,XgOZqXZyP^QW5`8dhYEn)Iԑt+[u)#WasY޹V J 4'Ãl k4Z lR*ZJ8%dg@!=ۓ;@+nFg~w=+Wo |ՐjM֋+#~-*|;μ.aY2QÿMCR嫐[hXtLi`R`QHVGio&wFlQ}{׮42D80DQ?~]|,纋Ibk {Q6t]TW.v(>'xtk d0?XLgwC^e3Q Me@cOJl*Maܸxg#D LQ9_ԓ\h@o6`齣uSwq?,ij]KesPYpG[YuBM 1[͔-mBSv8{ހeB4r<ٻ)ext,"uSp,έЍwk-͉W ++={Y7EDp{l}kVO1p]@*}Wzvjy|dc9y,(7wTk Tdgwtuh-F ߶6\)8 ӳ@)\N[},~ÇvjBz{]_{E,*gҀۿQ`L:SN+Xҭˀ XAɌ220O]!OI~DoCȦ 0u&[+H\}8YShڏ q˸7a^2&/u"If]אD8D1)欇fM~fU ^d;1]њ y~"/Bjo%ꃣ~|y vF!tLOT) H"ﵨ<_~O_dX̐M-6`&Cޮ+'Wg..^y%sTn]O.޿g`4wj 1秪5M3A['"\$d}T',&ě KxN I;q\=mt'MH qj\*)y(w3hT$1F-H@ANL ^㜽m!/jJW}∍yBjv'%bbzȐ?C0L&U(uA yX/SjkT~A<Y8s;%b\Fi;=s *ȡ ܟ7Tq;%0D!*Ќ-/ugtP)W!S:ФNʫ3$dx}N=Jnn;:goa̮u5*FZldy (#S䰢 }S> _E7˷W-P)n4aPwo*tLM,[䉧Q-G7l1ś `ݙX袾(r6V0 1\)ՓE뻻DuNja)Fpqz~ӡR' 9SWE62>ު/.@!rW'D+[WLoO2o( ;] r&>:@ՆC?|s>⻑(a^0P.D"yp`L1D!ٞ#}ڹ&şЋe}jNNPXxwS!tSX^uo[7iõ%Gѐa[sE&ΎТ'akjD]J+BH1@T|$7)s^2y^N~[kG= \ u='3-뻏sxRzCP i,SůM]P F6_}9,|ʒk;Ә khUF|'7,?VcJ)1t>d.Y-Y#T}>?fq}&}bu[0DP[e(# (>3*nB)ImU*d8a=J(e?sDrhG BBK{nun'i:  U]v-SqAH>a+Z-ȋj`z@hOe ,E"ɛUh7{w<,)m(>ybxp< )c+0d6VVER 64EȈf2wQ:Pބ0 ^4H;t!;)쁆 ^ÝuMZ$pTj}F]~o;b{ʋ8 Xw&{(3i!QN e`ƙJ\iF)"hom{"+98&Lia5@OB ¯.__wA6BU\UƞCןCQNt5 <9;C=A7yfڨtG*jk`>Zn 聍Yӷ 2|5M )goW4I.Y .6{ώӴ"'K;:4jz Z Or {;~O Hgȕzj,O*8#%}$ɊFI@4g唈=8O7εȦ[QV)bٝļ֭dV~}bbOu+Nq|֙xܡ&Haov1LNmQIhRa8 ${9#IG6n`^Ry]ZLhn=͂Xlllz<[u{=Hi:5`Vl6%ƨ~;0HWrB `<0, ~ 3 FN W.j.1Z~)OMӓ協{+uFw'1q` ]yj$K݌oΠ (w՛:Vh}0֡YvC]uveI ?9 \ZQ]cVx@9 5{4yPoNR *$u OJu- I} 5FEȣna+J+:1Ɲ[֡~@i:^uT,[FAnqvյQf@8| c|T@J&u-ȗH(O\qRt!eIY&@_>'`}ZL~9V K8Ā\ū<;,$G iqR[F(&G=x^2`w}QgƩ|-YgWߋcw/^tՏqGa&'1-0-$O#nᦄ0M "PnхXZOb8p@)l#h[ho7d€&>鯮 r7<`c982(&vơS)ģ ^q+}ˆPYLcCA: ݯx4 |74~|IGb$)Q2DoCbctp{hfU?(d ɸkԧڪ/cfcP{}ENC-5t7Qq0P2z*tEy80[0dA)Ɏc8:ޛfW Bkn3PGyi'罳lyV ́I{)^TCbɣꍟT'A])43-g5&C A6_,h8p̄ˈ𱛣Lv;Z9.Db>_X3OH=sOf}{2;2r[U ;`Hs-XBtƝ΁fr3y_̛`}d wے<|P)H=[nؐ\<ѤΊ!#a>K wgSK{k3f(aJ- b`MvRaj<8n,6G#/"83&L5W HĄ~G} k`z>*6%L]$x3Q5H>d)FŬ(IFhz_0&Ӂ! f&x#@K,lgY:.ko~?SZ;xshI@̃Eݐ+'\mA{9oKirFԭ(sϽs4Щ7h|Fap2̻AJCPs1(TľgrU\s>-/AFNh` b}4ky_a"L!ـo<*\ӌ[72(] (r`9@z z Tibp9fM66A6*aCCti6cJX{&!R:‹2LP( fso\?g:8oOh߭arHL"$9wN3_ HHCۡ?yxXX6Oc춼F#2rt.za|' 6*+&LelzUOPcm |mэ#\ l p96eְ-O|>Vh@=:{ phjGA? VP՗eF̍m 8f=( ܕ\5O:7mS)H 7.u^Gq#Eճ ĉe*_@Y&$lH&X` @hn8qE6)Dn%~fJ$NR ZmmPv &F:tm0|%Cpc>|jt Af EmQ_b# UTRQcn3䜥K1IZ/4:iz|zu#HhY*^o6kTs볞8I܊ʰ4/L5w /N&oӄaw5A`3o̫Z0Aᬔ3ܼ 낰 nKyNzײ EUh` l?X*D$:FomViQs2a;S/Ir?!/*7qPB$fb~\O qVVY)0k̆>eϐj|K/hdxVzrkf%ؿ)t7JS$Wk Z-YڑNFb/;Vg柰L/B) LPk Rx%]a2(o oTdN~k+){p-gӠRlUY"X5T(sEX:R\cL+\k\ͧPj  tܟi!)>C۴cQʴ쫥pÀ[~cO܇=s gvBou &gq=,"މut]^Vs:d;1]1PAoN$8Wa niM®0n"z~UmSN?y ,ZO 6A>!EϝO1e ĸ3:ճ[ g@߄z9ey^JAСxA[F;ߌx ο%zeߖҎbMtmWb PZ`1_?V0GvNfM`Gf6i317լvby3ぬ z'Us*@C)/MJ8~}Ğe܁t]F>XV[)?~5NuǎGG*ot. DOLl3`6P{yI4[w &YҎc.t4?`~#b!Ly#C;7r5I f]GC4܌_'3 P A{Z3 Fnjdj][PfN aʞxý*e-9nQ :L1#JkoXİ~Oq>U -~| ;!r.ۇ̊@Cp/g:~*&5O4_> '[3`Q 51#DC> ֲڐ,Ѩ8LnuߡtR0N߻O'IMN9PV 9Q>jD1i9Ue9WE&E{&Abhs7lʍcxsVd_\{Dq>}#(2 c,a,ݷKOcG)5`}JTo3R҄1uL|Z8,*I2k [mj` &\Π\5mQnrnMAӌ#ExK:kYJLeۗn=!n2C-;_w={H :&mSmPoS~LJj3W`Uznn+4ň^u~cLƵ_ڄ[`XX6t5-T\u3RmsV ӝ\#^RM1ҋ,W"L6$R^DI!v,2I8?M&gۑ=3S-w[S?u[c@X9vy.-/9[vܪy&+2,Wfmĸ7 ^m?`;yٔ`dt~rw0wǴ*WPpSDkk%Qrs* ?K!b$Mohrr.=ކ/pr@$|Ŵ"UM}8zpϕXh$~;捈c MbjW~KГa !˘Igu3"mQ~S=X@LNؐJ}ݣ > yJfC#ԝw28B,wF d:`%@')6"+2Y>5m(XS[Yj"oy(q"}Dfu[eQsmXjǧ|F_>"6-*ԉ41lm>)e9 ?=pY:JʳXS)1/iPXѮ7n {̼}4f9kF_@wxKIVܟaŶiU_sZ&،ዮhe3:@ RAg>mQ[wFk:Ыl./-'[` ޵\/~ԣgM>^n:@0;2"%j+T!-,rҦcaUnp*p2}9G8{YԌ5=q `$ف-{-ECRP8t!f_~te9x?a, J?V /].BnpًTHӐZ5J1(I(m50 Ӻum?M.N; U#|G2s=ud(OIjB[PȒ3=8[0=NKS6[C$,1n]^Do,z\=ȁ@&IdDw*M4w޺#F$)mGm "ַfNM=RRGIr;ݹ/Ṳ5 :..{L&}Gi.WHgo`\+>b yT,/> */jZ.*_jA{Rx54 5}}~HFCcd јSX_\\a v%;{:^:[ VX nǻ]e>ұ yL咮_@!,$i>dYf|q>O-"a ֠=P:HqDч>޺tTv?1EK Ӆ">Y e0<O k|PA ƫi"=8EROq+22(֧TP# FOĵ4CcXht4wê]^k3_9A/Z7{Qp<_ |:@NI{hD_Ӧ<!fuI4ċ׎0i!U~;[fȓ+pt^S ?40|LBTocMaDApIIb2vƾ,BcЩrq (Y f[H{мsRX [Ix"-q4Kѿ~|`I )2 ξrMNeO |bbtF|y]d>8{3 (Ց^-Ԯ>t;#UwrA-Ԋ d-?BSOSsB9'8-i dB$dP42af2,IӘa?I ٵƐVTگLm\(7S=~zRe^S2  0YO|[Ѽ{hfx'_ ,OUrzNt#)8i%gܥz$酲>e.eqe&Z|vÔ,by}qf) ~ne%k,?G 1Dvx>FXln(p x"SDY;C)ת5KȠncf9~Mڬ75FJvj:Û|wV{P%~xU7J85VIZnOJkl:>$ @5Y']cs7\Hp3; .XKAҟz;oE}=e .xM Tq֔&,d̋ŭ;afyye$u 5b@;H6ӥ鹊Oϟ 17᷷>識DkTzBrҐ`KI/ ^0|s_u#0 vW$, %CV1)u Inoy LљVأ<;Pf"%td!pŋ,ޣ" ȡurWT]~]M^e`TqRFB8Mɗ)\=b%L$I+doʿ)ؼ_lq獯@BsHQD v<zI6vF_O 'crfSYdo' R_|X0DNG^\잩1@n oB߻K'4d3tm@w]w6 {)` 蕲]Vi\GpY=J+ˊ G˛L3`&a⌲8{-p+1C~5CV&հ[- VU3{a%^%| Q$3nt ^`~}3S PMmp1Z|O:3Wnh|:QjFԢG:fy@AҘn{'E8YsemJPv67ğc!-ҋ?{4@ۖ‘3n ļ/V#x~>FoY ܢ B. څ fpNa݀xt?`r9Fݱ\q?P0|] Êva!5BLs-Q,WQU#lۈ?1]i\?-4<9616u.U:[y q)am7;)RQ1} .|;%91t~C򔖄 5k[ :GF/[%b Ũ}on`< X@W y3 !H`\k&採2̛(t\sW =)ؽ15N![1=\ENS)F̙ΊJ_C< #GҠ907μ) S)5N__|d\w75_1J՟m=%A @Ȳ s ;334??~Pp?1c6m9wݽAAZk|A-DTQ_Gc%ZWBeL5'7mh5xH$,Q b#]nP:%nsoUi+ jj'];?zS@`AQx~rE6:•39]KH͔9N 1NT$>d>V_Kn&;G]d)YjrPHͱs$\KL~cf} l-fzG&OM{#“ݹ^fVJ~"BPvt^d|%.ߐF0e@*f1$GYa<@oD~Z'dcԏA'ēDG"/U6CE9>"(/'3)z7 Li@7 BݦPm^6hV* r#%Ք2^ nxV &umH$] ʹת:;eUNeI^wÀ;M(R Ć*{0@=>`9,c. B Z:{|1' FDD+$+lH5Qbك~X-yI&P7?q"(\S;u"W8M`(;;3}zT8*,SFB&W>x~/XGd]r8FF= 1)piO&LtǶ>G%$9} MA.q c/-**fz/aRv9CuRӦ$|CU,vIֲZ.JN, ̼bU-sl鉖nܨo#oRWR`d"C7OM4ץq6ۙ/)`DZ1PDKnl;M*AN'%hCsgrU]ݏAy5pmBZA⤱5qC.˾D1Clo2?A:%@ l#hu O,^|χ~}J~EkF%ortExI͟m fȞ8B ;=C`@ڥ_9 X0,>͆N2X QQw\d&E- mVpvA;J<7]mʖS27;Z {kG?GSN-mj[EHx#Qjs?lR-cq|rx` T!`'>R=3}͈px%*DJp5Fy5'qY~䀠d nSصZ!_̇%q^{Fmߎz2oX㌣R?&Cm춝¿'x'[} qK+\"`quMT`w@IZSS/V K[o@S51\M%B,b9лH|aJX` V4ȲeIf{AvjT~E)Iy]BЮp.>qj}J7_yO\|άҿ$ڿ(!h." gS("xͶfѕ˪QWO' yi*t & N+ էU 7˪'40H)*yY4:GZH|wͲ wM-P< c{ӈ$駺=L޽٠u%d9gY  hD2F\5Ip^j1 ~y&OmA} r)5]yWr:C o\p+]y 3vY~o$ͤ~?kt#6/^ D}"tNs'tWɅ$C Sx;eCx82wI;Y@L8nUlca^CVB9c|KhKsPq`1`jǤD܀1J*`gvel0 I) J%9itmDSa\Q F/LqxWʪ:`l0"ULS: D 6x~*~GO'*vt6 X5"hÜ$ɯ~ Hke8jӃE%'pRpԨ!zBJ:L%qj5-D\Rq6vZ;3>8*yr]O G88';LgKL ݟS0HXuW/7'1Pl7=?eERr4P55LSx;p0.O?.v#C9b`y"`L@644C r.F `!y/Oz>bPyd >OI|#yoĦQߓC&ax&/8ľ막jb޿Q$. <-(_d3 4eB/,Vʠ26C YɎU"yEjǾ+aigr;maE7z'XESIFTԛ-l_/p 9L`hٳmrz8~u&9%f)h \Nqëu]z]b&M:؁x{m<ޞ Y.WB&R۫gk -Ǩm^MLXM/UR̀w䛃数%s7oGoR ݬɁV!Tfd_Oo ȁ=r)Ylu?k`Γ`^Ъݻ<<]UAĮh_u2eUM2Ee_['{2}lOσj_,(!,P煨U/ba{nh|+h6:նX xb!!;mOSAOL[=#ɉ1$ rWfSpTӼ&_N{Ks+`zeA&S=X"sFpj"^OW)yo;R"7#>N9vbZ!:* Klr-+1Ndp^굙k}@hbWdLG/UD'/!HESy =7#y&QS~KDOtJ7ꗼ}S֒ E۪R6pIUG)* \ϸ%7iDeA;i[nI7^|{|purlN˻H<!|XƚrA ,+}`{jGzB*˜p1^Z.Vv&^5BڍN:o\Ӹ!# nY}CasĴ`7[%;qegfyrz](h3$t4UAX'f*Ӛحa2wbh]ɕ}Zo$dIy)םIwq~UVq1عLSWfӷlxuœ}2|]ǂ.͇ \4݈f1аNT`}a U nqIO˽/e9mY8͟= 2GUb`єh'H#N8CCڸyTWC4)DO/F+(UeCWPe^QG&g4arD#Sׄtc5kŷTvQs#Ze-WRJ%D>-j{;[pQei ͱ̕&Q{vZ^hD<1yTOHҁ, >0;=)Z E9jǴaDFnBԄ-**1d0[:p7?/ mk jB.Ad >6M.0@P&-Y5g{*% #* ĈՀ49'`}E3N ,El^ su%y͹xW0n뒒?oe/ &*sdƒh1v !68ʶ4מ[qp&$&٥~',f*&SiodOoeAFgTwJIK.o@I Y.O[}mX!ܪgV!L)Ip *Ǔ&;  $r~c3:w5g{e;3u5H'fn ^ CRP5Ke`a1ln&[A34GhՁYu}A%n3¾sЮ!Ly@ ̷z}_ ! d߻$t$f %B4Zɞ&Ѹ ;op=Qs^,e],oP\[L;Mcfgqd+hA3`5^^ ©C@(#N  hlĭd#]SS"Z\7&6/uZ%]LͲ*ۓR%B[ 7/d;][q~o%Rq7k:c9{].f0@l ˬ)3vQǸ7VA+7~4oEP!KHТ6=fꜤkpI+ӭR/؏1 sQJb[H`#`/iec/ B2npgB6i(erXBv뱹[ rfwJ Et9پD<&$ X09H Nj)/ |Y3?ح7ВtId\K2h <Ly8e $l"ĽNrQ`Ge