python3-apparmor-3.0.4-150500.11.9.1<>,ԉep9|4\n"0^mEXp*IgoC!,_E^.vy zZ[hWJBeůc@'O%Jn::iq/u܉.Jȵ(Y2n=9r7 "ah|]%8C ok8ɂaI(f89)_;b=Ma{,'qVua$ `=>jDm4Uln R"{6>>d?Td ' T= SpUU U HU U 1U UUU.TU 4"("8"9$:.hFGUHUIHUXY\U]$U^ bc{defluUvp wUxLUyɠUzPCpython3-apparmor3.0.4150500.11.9.1Python 3 interface for libapparmor functionsThis package provides the python interface to AppArmor. It is used for python applications interfacing with AppArmor.eh02-armsrv2 fSUSE Linux Enterprise 15SUSE LLC GPL-2.0-only AND LGPL-2.1-or-laterhttps://www.suse.com/Development/Libraries/Pythonhttps://launchpad.net/apparmorlinuxaarch64/S }((&_g47wJ\90QL ,b2 5,(k#)<Q>p1 @ 6<tq B;?b[&'%Ui $3)E/Px0AA큤A큤A큤A큤AA큤큤A큤eeeeeeb`%eeeeeeeeeeeeeeeeeeeeb`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%eb`%eeeeeeeeeeeeeeb`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%eeeeeeev@eb`%eee103aaf985b7ee6570e8410caefeb8c900d5c46626cac08e13bec6476a4661e2044b2a8c30469873aebfe44bd3909bddbfc178df5078fa7a2a81a1d913c5b569e01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b2cc671fcc9d1ec75313b7eda5bcfb6024a389a90a86027d6a60afc0a06a20e766b7a19cacb0807dedd0ad9b166df085e2d323058172289ba401a19560dd4c64943278942f1939ac5492e15e846b019661e35c62a54411c80857420b6e0053c3fe2014fa7be316b8660de8253e2a37f33b26d131d89dc5cb3c60a96b72f87f09479c99ee85443030093ea9bb6344262746a82f5744dbb27fff8ab94acf4d6559cef9f47cc7c171c4a9b4909c702edb17fef4615041bbe94345448d993fc7a505f95e7e2006197af3c8660f9afa84426b0b9f6201bb59041b48524e0b0884a7e487eff10e4b1d26e36c2f9491794fce4d3c3effd54b11ebe1c247928a34ebf89006293e6b1e3116c6c9a6748f3d348af4308316ce8b8bf35d1a2d2f8653463ce02778cef18bb1206ce11366e37a9199a30d6454a52f52ca38c13067921348b73ad06c37642e6fcec6bf9f73444345b04463fb1908f52295a9fe3e59db866787a82817127f4102f3b08becc2a3269d8885f247c6a9b99f663482008929652f78df04e2a84f789fb7d889933792666836ccf3721ae4e0677e07ebf0b3e2a01b24f24ca5ccde44a784714cdf4fa33d20883335d22c002682f44876a653a5eb333ec9b131d47338b97093a2945a3c79c2aad86022282fa9b7eb76fb7c2bf494ae34d50dff215fb0bbbf5a8438945bb4f1aae8dc8a6c104382fc22841f9da106c658c4f0a7dfe77a1b05bee05eca7d4d2c7076ff3aff6148c41803797b9af21bfca77b390538551a7c3c46a8f1200402b94eaa7195a42d57f45d572880d075271e2d1bbd3418bab341905c0ba825add5cd1a4c009525befbe1fd4871afc04a186a10bfa40de1422ce69a7d59905a7ef3f9fa9cd474e1df5aa858fa99c9a8c181a8ad94b91ec320bb6f29456273036379e6ba0538d2f0d40a9957b93af9262faf020fab6026e7f316b7602597992eda5443ef6838e11dc790065a037ede90b97f49a39d9e87fa4fdae84740fd8c33710c616c9f119e230b57b48e19596d7764a79452afa07768616c2507877627ae91ad58dd98ef1c75598bfa23ed3cb7b52520feda84b1f8511e7aa8329c0343faa417d6f49d11fb2480f56b9d93587d494e73154a7d63443caaea741b1ad32459a870850c37e24b54f2a5cd1d1db195a6186954511155cea99a231b3c8a28382f6d33e4ea8a82253a3720e71e755fdf47a265b0f81a6e48ef1f72d06410e37225968640b28cfceb343074d895a6fa54684173e5b6abc8fd00305283cf4a6b8c3f24214fb6bcd8e3abb985a2544df3c59ba3bb3bf92d98987f49062ec5e62b2e91f36d014f9e2c0663c771b61b730fdbca9fcc6e61a72302bf49f902be3b31381234f7fd7537112dbcf58c669dbc42fa17afdf3720d9b0a0075fd343f00ee9fcc7b7fae09f8f281e808c8f5a050e89759957399a1ed7b0c8bf56e440a4aa90a83677f5285096e97458874fe9c3bdaeb4d2ae40cf502c721203a91f18f498f5ad91ead044f7556942446060726421d7bc3586516ae19f4847069e6d43ed07ff533f4b2259f590d75a5a4b2185efac3cc04d118b60f11a988d7b6032e8f4549737a25ce5b4c3d13d28faecb3d88cf1184908b0c378b3a80beb18dd18ae69aea286f2647ff2c4a74c2eafa270f3ee952bd057b2d3db84624efd350da354948af26e8d7aa73147867e02f53c35d81252500601912473c8e8c47fdc5fefe08e945af99883ee269416abe471aa36c4b650f8d078389f1228e1873154338182919a0e4142575a16a438abda2f8d492701efba4ac1129e8e3259e5863be25bd3db945cf65d7aeec18b43b2b54089eb0a0367c6d30f5d002153f935874779a8d2b84e1d582cbbe163349216193a4fe2722effae7fa54d06d7f95120817bba02a54ade1d6a15da5d8b3f5c75327fdd2a80c6c078f0f78263596c7dce8ce4077b456eb35e64cd6eed5c262028b54af5d16f85faffb43bc428ea1fc4a021ae37487b885ca4c8983bd6bdf5d6f2e00a60c3f08306c9076832b7966ce51e0c4eddcf554959459b23e0a8e2c352b5565da25a908f321eb9e141bc77fbce7cebbecfd995eb39012a844c06c1f26e904de9ea3a0a382383050bbe78341677c525cbb9294840b1807f8fced7657494f0356f2a74423373317256d103d29ed441f65109168e07526aa85d23e56cd76de93f1ac36e7d86e9e05f771f29d1bb4b14ea6f288ac8125172ae1a3e1b74b407957f702dad5e5480df705a785c1aa1592b90cc2182376954585c70aa8bae67f7814e09537c848de84a7c4cfe0566113dab77c29741187249bbff3930127122aa8a9694cd2ad2ad254c2bed67840f837ea51953e6c05d3a104d7e2263adc6296f679dac88e52631c9cf8f86eda441b1f54ad8d16fd0183d6921b50eb58b41610bed9168734bb105c03b4357bb56e9e1d77e9f0d4f5a562ab934418a01c902d327970cb6edcf17c58c94117247cd463d5b4aca05006a3a4fc32599fe6dc4f47d2a668cabe7f9b8b6ae409900c922e8d217840ad79040864987b7523111128252163e639e1eb932ddf161c4c56caecbdbdb922f7815f2f65b80c739f0518dee431ab029e119546ab2af5053b743b3bb4edc383e1eb201c5d5553ebe3b50c91a7d8015e0e48bc30c30e68fb1d7bb9393985eb5be0f096af15dadcf19e4499ae6c2d59d0ded25464e56241c75baf5b94cab456ebd49ac8c240526456014b084005cd7da7f8edea9e7edfa11701b399487623773ab7221a9a936d42d3e1e0061c5057f2a33f95754934a7ce2265b2cb0b16b451085bfbfec18866efde61dfad50c4016b136852dc8b4a4fc1b182a02a3e47d0d951d36561949259c10848b14f2a69e3f9475c1bac12c6f31d9749ce0a81e5a04e2d306b3b115ff3111e4fc204d55bb2b9ed73160684b1d9581350c4984b9c8b3482cf9ebaeb6bc5e77a9d572fb928dba6d4c5db21a47fd6172f7ef698f4a05b18a9475fe3a701c50bfdd4ba5f491ccae4a8c395d56c2f97549930aead3488505701ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546baac39bb57b937e104c1375b745d15e0609ebfb00dbbd14546119699d511cf68056386fa2f5e2de5845ae5e81d7de1f92c452d70ed17dc7c5bed1901d341d6181d80e229f19d8d48ecd950058516b02422a9b568f1ed91940a6ebc9205e28505b9f50c49cf90b7050a3c75116ce5e903af13823f0fb7a8e07803af337e4be04c054742f56fd7bd6387cb47f2a6b19110187c9e7af40fd753594287ad0a4cd55ae8fd7ed51da6f34bcb0454bcf123e77211818431d4aa9f10faf4e1fd63642c1d0rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootapparmor-3.0.4-150500.11.9.1.src.rpmpython3-apparmorpython3-apparmor(aarch-64)@@@@@@@@@@@@@@@@@    ld-linux-aarch64.so.1()(64bit)ld-linux-aarch64.so.1(GLIBC_2.17)(64bit)libapparmor.so.1()(64bit)libapparmor.so.1(APPARMOR_1.0)(64bit)libapparmor.so.1(APPARMOR_1.1)(64bit)libapparmor.so.1(APPARMOR_2.10)(64bit)libapparmor.so.1(APPARMOR_2.11)(64bit)libapparmor.so.1(APPARMOR_2.9)(64bit)libapparmor.so.1(PRIVATE)(64bit)libapparmor1libc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libdl.so.2()(64bit)libm.so.6()(64bit)libpthread.so.0()(64bit)libpython3.6m.so.1.0()(64bit)libutil.so.1()(64bit)python(abi)python(abi)python3rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.43.63.63.0.4-14.6.0-14.0-15.2-14.14.3ev@d@d@c@cbk@bi0@bZbV@bT@bRbBb<]@b@a7aZ@ap@aabaim@aEaaua $@`#@` @````_@`%@`!'`>` @__ǁ_ǁ_Q_h__@_~@_[f_P_-B@_@^m@^@^<@^j$@^,-]҇]o](]K@]]@\\@\ \\v{\I\ include in apache extra profile optional to avoid problems with empty profile directory (boo#1178527)- prepare usrmerge (boo#1029961) * use %_pamdir- update to AppArmor 3.0.1 - minor additions to profiles and abstractions - some bugfixes in libapparmor, apparmor_parser and the aa-* utils - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.1 for the detailed upstream changelog - removed upstream(ed) patches: - changes-since-3.0.0.diff - extra-profiles-fix-Pux.diff - utils-fix-hotkey-conflict.diff- Use apache provided variables for the module_directry: + Use %apache_libexecdir + Add apache-rpm-macros BuildRequires- add utils-fix-hotkey-conflict.diff to fix a hotkey conflict in de, id and sv translations (and fix the test) (MR 675) - add extra-profiles-fix-Pux.diff to fix an inactive profile - prevents a crash in aa-logprof and aa-genprof when creating a new profile (MR 676)- update to AppArmor 3.0.0 - introduce feature abi declaration in profiles to enable use of new rule types (for openSUSE: dbus and unix rules) - support xattr attachment conditionals - experimental support for kill and unconfined profile modes - rewritten aa-status (in C), including support for new profile modes - rewritten aa-notify (in python), finally dropping the perl requirement at runtime - new tool aa-features-abi for extracting feature abis from the kernel - update profiles to have profile names and to use 3.0 feature abi - introduce @{etc_ro} and @{etc_rw} profile variables - new profile for php-fpm - several updates to profiles and abstractions (including boo#1166007) - fully support 'include if exists' in the aa-* tools - rewrite handling of alias, include, link and variable rules in the aa-* tools - rewrite and simplify log handling in the aa-logprof and aa-genprof - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0 for the detailed upstream changelog - patches: - add changes-since-3.0.0.diff with upstream fixes since the 3.0.0 release up to 3e18c0785abc03ee42a022a67a27a085516a7921 - drop upstreamed usr-etc-abstractions-base-nameservice.diff - drop 2.13-only libapparmor-so-number.diff - refresh apparmor-enable-profile-cache.diff - partially upstreamed - update apparmor-samba-include-permissions-for-shares.diff and apparmor-lessopen-profile.patch - switch to "include if exists" - apparmor-lessopen-profile.patch: add abi rule to lessopen profile - refresh apparmor-lessopen-nfs-workaround.diff - move away very loose apache profile that doesn't even match the apache2 binary path in openSUSE to avoid confusion (boo#872984) - move rewritten aa-status from utils to parser subpackage - add aa-features-abi to parser subpackage - replace perl and libnotify-tools requires with requiring python3-notify2 and python3-psutil (needed by the rewritten aa-notify) - drop ancient cleanup for /etc/init.d/subdomain from parser %pre - drop (never enabled) conditionals to build with python2 and to build the python-apparmor subpackage (upstream dropped python2 support) - drop setting PYTHON and PYTHON_VERSIONS env variable, no longer needed - set PYFLAKES path for utils check - add precompiled_cache build conditional to allow faster local builds without using kvm - remove duplicated BuildRequires: swig- update to AppArmor 2.13.5 - add missing permissions to several profiles and abstractions - bugfixes in parser and tools - fix two potential build failures in libapparmor - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_2.13.5 for the detailed upstream changelog - remove upstream(ed) patches - changes-since-2.13.4.diff - abstractions-X-xauth-mr582.diff - sevdb-caps-mr589.diff - libvirt-leaseshelper.patch - cap_checkpoint_restore.diff - add libapparmor-so-number.diff to fix libapparmor so version (!658)- add CAP_CHECKPOINT_RESTORE to severity.db (MR 656, cap_checkpoint_restore.diff)- %service_del_postun_without_restart only works for Tumbleweed, keep using DISABLE_RESTART_ON_UPDATE for Leap 15.x- Make use of %service_del_postun_without_restart And stop using DISABLE_RESTART_ON_UPDATE as this interface is obsolete.- libvirt-leaseshelper.patch: add /usr/libexec as a path to the libvirt leaseshelper script (jsc#SLE-14253)- sevdb-caps-mr589.diff: add new capabilities CAP_BPF and CAP_PERFMON to severity.db (lp#1890547)- add abstractions-X-xauth-mr582.diff to allow reading the xauth file from its new sddm location (boo#1174290, boo#1174293)- add changes-since-2.13.4.diff with upstream changes and fixes since 2.13.4 up to 5f61bd4c: - add several abstractions related to xdg-open: dbus-network-manager-strict, exo-open, gio-open, gvfs-open, kde-open5, xdg-open - introduce @{run} variable - update dnsmasq and winbindd profile - update mdns, mesa and nameservice abstraction - some bugfixes in the aa-* tools, including a remote bugfix in the YaST AppArmor module (boo#1171315) - drop upstream(ed) patches (now part of changes-since-2.13.4.diff): - make-4.3-capabilities.diff - make-4.3-capabilities-vim.diff - make-4.3-fix-utils-network-test.diff - make-4.3-network.diff - abstractions-add-etc-mdns.allow-to-etc-apparmor.d-abstractions-mdns.patch - apply usr-etc-abstractions-base-nameservice.diff only for Tumbleweed, but not for Leap 15.x where it's not needed - refresh usr-etc-abstractions-base-nameservice.diff- Add abstractions-add-etc-mdns.allow-to-etc-apparmor.d-abstractions-mdns.patch (bsc#1168306)- fix build with make 4.3 by backporting some commits from upstream master (boo#1167953): - make-4.3-capabilities.diff - make-4.3-capabilities-vim.diff - make-4.3-network.diff - make-4.3-fix-utils-network-test.diff- update to AppArmor 2.13.4 - several abstraction updates (including boo#1153162) - disallow writing to fontconfig cache in abstractions/fonts - some bugfixes in the aa-* tools - fix log parsing for logs with an embedded newline - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_2.13.4 for the detailed upstream changelog - drop upstreamed patches: - abstractions-ssl-certbot-paths.diff - apparmor-krb5-conf-d.diff - libapparmor-python3.8.diff - usr-etc-abstractions-authentification.diff - refresh usr-etc-abstractions-base-nameservice.diff- add usr-etc-abstractions-base-nameservice.diff to adjust abstractions/base and nameservice for /usr/etc/ (boo#1161756)- Properly pull in full python3 interpreter- add libapparmor-python3.8.diff to fix building the libapparmor python bindings (deb#943657)- add usr-etc-abstractions-authentification.diff to allow reading /usr/etc/pam.d/* and some other authentification-related files (boo#1153162)- add abstractions-ssl-certbot-paths.diff - add certbot paths to abstractions/ssl_certs and abstractions/ssl_keys- add apparmor-krb5-conf-d.diff for kerberos client- update to 2.13.3 - profile updates for dnsmasq, dovecot, identd, syslog-ng - new "lsb_release" profile (only used when using "Px -> lsb_release") - fix buggy syntax in tunables/share - several abstraction updates - parser: fix "Px -> foo-bar" (the "-" was rejected before) - several bugfixes in aa-genprof and aa-logprof - some fixes in cache handling - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.13.3 for the detailed upstream changelog - drop upstream(ed) patches: - apparmor-nameservice-resolv-conf-link.patch - profile_filename_cornercase.diff - dnsmasq-libvirtd.diff - dnsmasq-revert-alternation.diff - usrmerge-fixes.diff - libapparmor-swig-4.diff - re-number remaining patches- add upstream libapparmor-swig-4.diff: fix libapparmor tests with swig 4.0 (boo#1135751)- Disable LTO (boo#1133091).- update lessopen.sh profile for usrMerge (bash and tar) (boo#1132350)- add usrmerge-fixes.diff: fix test failures when /bin/sh is handled by update-alternatives (boo#1127877)- add dnsmasq-revert-alternation.diff: revert path alternation in dnsmasq profile and re-add peer=/usr/sbin/libvirtd rules to avoid breaking libvirtd (boo#1127073)- add dnsmasq-libvirtd.diff: allow peer=libvirtd in the dnsmasq profile to match the newly added libvirtd profile name (boo#1118952#c3)- Use %license instead of %doc [bsc#1082318]- add apparmor-lessopen-nfs-workaround.diff: allow network access in lessopen.sh for reading files on NFS (workaround for boo#1119937 / lp#1784499)- add profile_filename_cornercase.diff: drop check that lets aa-logprof error out in a corner-case (log event for a non-existing profile while a profile file with the default filename for that non-existing profile exists) (boo#1120472)- netconfig: write resolv.conf to /run with link to /etc (fate#325872, boo#1097370) [patch apparmor-nameservice-resolv-conf-link.patch]- update to AppArmor 2.13.2 - add profile names to most profiles - update dnsmasq profile (pid file and logfile path) (boo#1111342) - add vulkan abstraction - add letsencrypt certificate path to abstractions/ssl_* - ignore *.orig and *.rej files when loading profiles - fix aa-complain etc. to handle named profiles - several bugfixes and small profile improvements - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.13.2 for the detailed upstream changelog - remove upstreamed fix-syntax-error-in-rc.apparmor.functions.patch- update to 2.13.1 - add qt5 and qt5-compose-cache-write abstractions - add @{uid} and @{uids} kernel var placeholders - several profile and abstraction updates - ignore "abi" rules in parser and tools (instead of erroring out) - utils: fix overwriting of child profile flags if they differ from the main profile - several bugfixes (including boo#1100779) - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.13.1 for the detailed upstream changelog - remove upstream(ed) patches: - aa-teardown-path.diff - fix-apparmor-systemd-perms.diff - logprof-skip-cache-d.diff - fix-samba-profiles.patch - make-pyflakes-happy.diff - dnsmasq-Add-permission-to-open-log-files.patch - refresh apparmor-samba-include-permissions-for-shares.diff - add fix-syntax-error-in-rc.apparmor.functions.patch- update rpmlintrc: - whitelist .features file which is part of the pre-compiled cache - comment out filters for the disabled tomcat_apparmor subpackage- Backport dnsmasq fix: 025c7dc6 - dnsmasq-Add-permission-to-open-log-files.patch (boo#1111342)- add make-pyflakes-happy.diff to fix an unused variable (SR 629206)- add fix-samba-profiles.patch - smbd loads new shared libraries. Allow winbindd to access new kerberos credential cache location (boo#1092099)- exclude the /etc/apparmor.d/cache.d/ directory from aa-logprof parsing (logprof-skip-cache-d.diff)- add fix-apparmor-systemd-perms.diff - fix permissions of /lib/apparmor/apparmor.systemd (boo#1090545)- create and package precompiled cache (/usr/share/apparmor/cache, read-only) (boo#1069906, boo#1074429) - change (writeable) cache directory to /var/cache/apparmor/ - with the new btrfs layout, the only reason for using /var/lib/apparmor/cache/ (which was "it's part of the / subvolume") is gone, and /var/cache makes more sense for the cache - adjust parser.conf (via apparmor-enable-profile-cache.diff) to use both cache locations - clear cache also in %post of abstractions package- update to AppArmor 2.13 - add support for multiple cache directories and cache overlays (boo#1069906, boo#1074429) - add support for conditional includes in policy - remove group restrictions from aa-notify (boo#1058787) - aa-complain etc.: set flags for profiles represented by a glob - aa-status: split profile from exec name - several profile and abstraction updates - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.13 for the detailed upstream changelog - drop upstreamed patches and files: - aa-teardown - apparmor.service - apparmor.systemd - 32-bit-no-uid.diff - disable-cache-on-ro-fs.diff - dovecot-stats.diff - parser-write-cache-warn-only.diff - set-flags-for-profiles-represented-by-glob.patch - fix-regression-in-set-flags.patch - drop spec code that handled installing aa-teardown, apparmor.service and apparmor.systemd (now part of upstream Makefile) - simplify "make -C profiles parser-check" call (upstream Makefile bug that required to call "cd" was fixed) - add aa-teardown-path.diff - install aa-teardown in /usr/sbin/ - move 'exec' symlink to parser package (belongs to aa-exec)- Set flags for profiles represented by glob (bsc#1086154) set-flags-for-profiles-represented-by-glob.patch fix-regression-in-set-flags.patch- add dovecot-stats.diff: - add dovecot/stats profile and allow dovecot to run it (boo#1088161) - allow dovecot/auth to write /run/dovecot/old-stats-user (part of boo#1087753) - update 32-bit-no-uid.diff with upstream fix- Change of path of rpm in lessopen.sh (boo#1082956)- add disable-cache-on-ro-fs.diff - disable write cache if filesystem is read-only and don't bail out (bsc#1069906, bsc#1074429)- add parser-write-cache-warn-only.diff to make cache write failures a warning instead of an error (boo#1069906, boo#1074429) - reduce dependeny on libnotify-tools (used by aa-notify -p) to "Suggests" to avoid pulling in several Gnome packages on servers (boo#1067477)- update to AppArmor 2.12 - add support for 'owner' rules in aa-logprof and aa-genprof - add support for includes with absolute path in aa-logprof etc. (lp#1733700) - update aa-decode to also decode PROCTITLE (lp#1736841) - several profile and abstraction updates, including boo#1069470 - preserve errno across aa_*_unref() functions - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.12 for the detailed upstream changelog - drop upstreamed patches: - read_inactive_profile-exactly-once.patch - utils-fix-sorted-save_profiles-regression.diff - lessopen profile: change all 'rix' rules to 'mrix' - add 32-bit-no-uid.diff to fix handling of log events without ouid on 32 bit systems - no longer package static libapparmor.a- update to AppArmor 2.11.95 aka 2.12 beta1 - add JSON interface to aa-logprof and aa-genprof (used by YaST) - drop old YaST interface code - update audio, base and nameservice abstractions - allow @{pid} to match 7-digit pids - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_11_95 for the detailed upstream changelog - drop upstreamed patches - apparmor-yast-cleanup.patch - apparmor-json-support.patch - nameservice-libtirpc.diff - drop obsolete perl modules (YaST no longer needs them) - drop patches that were only needed by the obsolete perl modules: - apparmor-utils-string-split - apparmor-abstractions-no-multiline.diff - drop profiles-sockets-temporary-fix.patch - obsoleted by a fix in apparmor_parser - refresh utils-fix-sorted-save_profiles-regression.diff - add aa-teardown (new script to unload all profiles) - make ExecStop in apparmor.service a no-op (workaround for a systemd restriction, see boo#996520 and boo#853019 for details) - lessopen profile: allow capability dac_read_search and dac_override, allow groff to execute several helpers (boo#1065388)- read_inactive_profile-exactly-once.patch (bsc#1069346) Perform reading of inactive profiles exactly once.- update to AppArmor 2.11.1 - add permissions to several profiles and abstractions (including lp#1650827 and boo#1057900) - several fixes in the aa-* tools (including lp#1689667, lp#1628286, lp#1661766 and boo#1062667) - fix downgrading/converting of 'unix' rules (will be supported in kernel 4.15) to 'network unix' rules in apparmor_parser (boo#1061195) - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_11_1 for upstream changelog - remove upstream(ed) patches - upstream-changes-r3616..3628.diff - upstream-changes-r3629..3648.diff - parser-tests-dbus-duplicated-conditionals.diff - apparmor-fix-podsyntax.patch - sshd-profile-drop-local-include-r3615.diff - refresh apparmor-yast-cleanup.patch - add utils-fix-sorted-save_profiles-regression.diff to fix a regression in displaying the "changed profiles" list in aa-logprof- add nameservice-libtirpc.diff to fix NIS/YP logins (boo#1062244)- profiles-sockets-temporary-fix.patch to cater to nameservices with the new sockets mediation, until unix rules are upstreamed (boo#1061195)- add apparmor-fix-podsyntax.patch from mailing list to fix compilation with perl 5.26- do not require exact X.Y version of "python3" - require also matching python(abi) which is arguably more important- don't rely on implementation details for reload in %post- add JSON support. Required for FATE#323380. (apparmor-yast-cleanup.patch, apparmor-json-support.patch)- add upstream-changes-r3629..3648.diff: - preserve unknown profiles when reloading apparmor.service (CVE-2017-6507, lp#1668892, boo#1029696) - add aa-remove-unknown utility to unload unknown profiles (lp#1668892) - update nvidia abstraction for newer nvidia drivers - don't enforce ordering of dbus rule attributes in utils (lp#1628286) - add --parser, --base and --Include option to aa-easyprof to allow non-standard paths (useful for tests) (lp#1521031) - move initialization code in apparmor.aa to init_aa(). This allows to run all utils tests even if /etc/apparmor.d/ or /sbin/apparmor_parser don't exist. - several improvements in the utils tests - drop upstreamed python3-drop-re-locale.patch - no longer delete/skip some of the utils tests (to allow this, add parser-tests-dbus-duplicated-conditionals.diff) - add var.mount dependeny to apparmor.service (boo#1016259#c34)- Cleanup spec file: - don't use insserv if we afterwards call systemd, this can have bad side effects - remove dead code - remove now obsolete 'distro' checks - Replace init.d script with new wrapper working with systemd- add python3-drop-re-locale.patch: remove deprecated re.LOCALE flag in Python UI as it was dropped from Python 3.6 (lp#1661766)- Fix RPM groups- add upstream-changes-r3616..3628.diff: - update abstractions/base, abstractions/apache2-common and dovecot profiles - merge ask_the_questions() of aa-logprof and aa-mergeprof - pass LDFLAGS when building parser, libapparmor perl bindings and pam_apparmor - adjust deleting the cache in profiles %post to the new cache location - silence errors when deleting the cache (boo#976914)- split libapparmor into separate spec to get rid of build loop involving mariadb, systemd, apparmor, libapr and mariadb again (see the discussion in SR 448871 for details) - libapparmor.spec is based on the AppArmor 2.11 apparmor.spec, but with minimum BuildRequires- update to AppArmor 2.11.0 - apparmor_parser now supports parallel compiles and loads - add full support for dbus, ptrace and signal rules and events to the utils - full rewrite of the file rule handling in the utils - lots of improvements and fixes - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_11 for the detailed changelog - patches: - add sshd-profile-drop-local-include-r3615.diff to fix 'make check' - drop aa-unconfined-fix-netstat-call-2.10r3380.diff, no longer needed - refresh apparmor-abstractions-no-multiline.diff - refresh apparmor-samba-include-permissions-for-shares.diff - spec changes: - aa-unconfined switched to using ss (from iproute2), adjust Recommends: - move libapparmor to /usr/lib*/ - drop %if %suse_version checks for 12.x - change several Obsoletes from %version to < 2.9. Those package names weren't used since years, and 2.9 is still a careful choice - include apparmor.service independent of %suse_version - techdoc.pdf is now shipped in upstream tarball to reduce BuildRequires - drop latex2html, texlive-* and w3m BuildRequires - techdoc.txt and techdoc.html not included, drop them from the package - run most of utils/ make check (some tests expect /etc/apparmor.d/ and /sbin/apparmor_parser to exist, skip them) - BuildRequires python3-pyflakes (utils tests) and dejagnu (libapparmor tests) - drop sed'ing python3 into aa-* shebang (upstreamed) - build binutils - aa-exec is now written in C and lives in /usr/bin/, move it to the apparmor_parser package and create a compability symlink in /usr/sbin/ - aa-exec manpage moved to section 1 - aa-enabled is a small new tool to find out if AppArmor is enabled - package new aa_stack_profile(2) manpage- change /etc/apparmor.d/cache symlink to /var/lib/apparmor/cache/. This is part of the root partition (at least with default partitioning) and should be available earlier than /var/cache/apparmor/ (boo#1015249, boo#980081, bsc#1016259) - add dependency on var-lib.mount to apparmor.service as safety net- update to AppArmor 2.10.2 maintenance release - lots of bugfixes and profile updates (including boo#1000201, boo#1009964, boo#1014463) - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_10_2 for details - add aa-unconfined-fix-netstat-call-2.10r3380.diff to fix a regression in aa-unconfined - drop upstream(ed) patches: - changes-since-2.10.1--r3326..3346.diff - changes-since-2.10.1--r3347..3353.diff - libapparmor-fix-import-path.diff (upstream fix is slightly different) - nscd-var-lib.diff - refresh apparmor-abstractions-no-multiline.diff- add nscd-var-lib.diff to allow /var/lib/nscd/ in the nscd profile and abstractions/nameservice (path changed in latest nscd in Tumbleweed)- add changes-since-2.10.1--r3347..3353.diff with upstream changes and fixes in the 2.10 branch, including - allow writing *.qf files (for disk-based buffering) in syslog-ng profile - add several permissions to the dovecot profiles (deb#835826) - add a missing path in the traceroute profile- add changes-since-2.10.1--r3326..3346.diff with upstream changes and fixes since the 2.10.1 release, including - allow dac_override in winbindd profile (boo#990006#c5) - allow mr for /usr/lib*/ldb/*.so in samba abstractions (needed since Samba 4.4.x, boo#990006) - abstractions/nameservice: also support ConnMan-managed resolv.conf - let aa-genprof ask about profiles in extra dir (again) - fix aa-logprof "add hat" endless loop (lp#1538306) - honor 'chown' file events in logparser.py - ignore log file events with a request mask of 'send' or 'receive' because they are actually network events (lp#1577051, lp#1582374) - accept hostname with dots when parsing logs (lp#1453300 comments #1 and #2) - fix python LibAppArmor import failures with swig > 3.0.8 (boo#987607) (libapparmor-fix-import-path.diff) - refresh apparmor-abstractions-no-multiline.diff - drop upstreamed profiles-ping-inet6-r3449.diff - add %check section - runs libapparmor (including swig bindings), parser and profiles tests - add BuildRequires: perl(Locale::gettext) - needed for parser tests- add profiles-ping-inet6-r3449.diff - latest ping also does IPv6 (boo#980596)- update to AppArmor 2.10.1 (2.10 branch r3326): - fix incorrect output of child profile names (apparmor_parser -N) which caused 'rcapparmor reload' to remove child profiles and hats (lp#1551950) - fix a crash in aa-logprof / logparser.py for change_hat log events (lp#1523297) and log events that look like file events, but aren't (lp#1540562, lp#1525119, lp#1466812) - write unix rules when saving a profile (lp#1522938, boo#954104#c3) - several fixes for variable handling in aa-logprof - map c (create) log events to w instead of a - add python to the "no Px rule" list in logprof.conf - let aa-logprof check for duplicate profiles - let aa-status work without the apparmor.fail python module (boo#971917, lp#1480492) - add permissions in several profiles (including boo#948584, boo#948753, boo#954959, boo#954958, boo#971790, boo#964971, boo#921098, boo#923201 and boo#921098#c15). - and many more fixes, see the full changelog at http://wiki.apparmor.net/index.php/ReleaseNotes_2_10_1 - drop upstream(ed) patches: - fix-initscript-aa_log_end_msg.diff - syslog-ng-profile-boo948584.diff - upstream-profile-updates-r3205-3241.diff - refresh patches: - apparmor-abstractions-no-multiline.diff - apparmor-samba-include-permissions-for-shares.diff - drop libapparmor autogen.sh call (broke the build) and remove libtool BR- add syslog-ng-profile-boo948584.diff - add several permissions needed by latest syslog-ng (boo#948584, boo#948753) - add upstream-profile-updates-r3205-3241.diff with several profile updates: - add /usr/share/locale-bundle/** to abstractions/base - allow dnsmask to use /bin/sh (boo#940749) and /bin/dash - allow dovecot imap to read /run/dovecot/mounts - allow avahi-daemon to write to /run/systemd/notify - allow ntpd to read $PATH directory listings (boo#945592, boo#948752) - update dhclient profile - allow skype to read @{PROC}/@{pid}/net/dev (boo#939568) - and some other small updates - drop upstreamed apparmor-winbindd-r3213.diff (included in the upstream-profile-updates patch)- netstat moved to net-tools-deprecated in Tumbleweed (boo#944904)- add apparmor-winbindd-r3213.diff - add missing k permissions for /etc/samba/smbd.tmp/msg/* in winbindd profile (boo#921098 #c15..19)- add fix-initscript-aa_log_end_msg.diff - fixes ugly initscript output (boo#862170)- update to AppArmor 2.10 (trunk r3205) - profile names can now contain variables - improved profile compile time in apparmor_parser - lots of improvements, refactoring and bugfixes in the aa-* tools - new apis for managing and loading profile caches into the kernel in libapparmor - lots of profile updates - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_10 for the complete changelog with more details - add new apparmor_private.h and the aa_query_label(2), aa_features(3), aa_kernel_interface(3), aa_policy_cache(3), aa_splitcon(3) manpages to libapparmor-devel - drop apparmor-2.5.1-edirectory-profile patch - it's most probably no longer needed (see boo#621394 for details) - drop upstreamed samba-4.2-profiles.diff - refresh apparmor-samba-include-permissions-for-shares.diff- systemd-rpm-macros and %systemd_requires were at the wrong place, move them to the parser package (boo#931792)- update to AppArmor 2.9.2 (2.9 branch r2911) - lots of bugfixes in the parser and the aa-* tools (including boo#918787) - update dovecot and dnsmasq profiles and several abstractions (including boo#911001) - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_9_2 for the full changelog - remove upstream(ed) patches apparmor-changes-since-2.9.1.diff and apparmor-fix-stl-ostream.diff - replace GPG key with new AppArmor GPG signing key, see https://launchpad.net/apparmor/+announcement/13404- make sure %service_del_postun doesn't call systemctl try-restart (boo#853019, bare systemd edition) - add samba-4.2-profiles.diff: update samba (winbindd and nmb) profiles for samba 4.2 (boo#921098, boo#923201)- only install apparmor.service for openSUSE > 13.2- Add a native systemd unit which *at the moment* only wraps/masks the early boot script.- add apparmor-fix-stl-ostream.diff which fixes odd uses of std::ostream which are not valid. Fixes build with GCC 5- allow lessopen.sh to run /usr/bin/unzip-plain (boo#906858)- add Requires: python3 to python3-apparmor package - readline isn't part of python3-base (boo#917577)- add apparmor-changes-since-2.9.1.diff with upstream fixes since the 2.9.1 release - update logparser.py to support changed syslog format (lp#1399027) - update usr.sbin.dovecot and usr.lib.dovecot.imap{, -login} profiles (lp#1296667) - update the mysqld profile - fix network rule description in apparmor.d(5) manpage - drop upstreamed dnsmasq-profile-fixes.patch - update expired GPG key- update to AppArmor 2.9.1 (2.9 branch r2831) - fix log parsing for 3.16 kernels and syslog-style logs (boo#905368) - several fixes and performance improvements in the aa-* utils - profile updates for dnsmasq (boo#907870), nscd (boo#904620#c14 and bnc#908856), useradd, sendmail, man and passwd - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_9_1 for full release notes - refresh dnsmasq-profile-fixes.patch- Fix dnsmasq profile to allow executing bash to run the --dhcp-script argument. Also fixed /usr/lib -> /usr/{lib,lib64} to get libvirt leasehealper script to run even on x86_64. dnsmasq-profile-fixes.patch. boo#911001- rename lessopen.sh profile file to usr.bin.lessopen.sh to match the script filename- add apparmor-lessopen-profile.patch: /usr/bin/lessopen.sh needs confinement. bnc#906858- delete cache in apparmor-profiles %post (workaround for bnc#904620#c8 / lp#1392042)- No longer perform gpg validation; osc source_validator does it implicit: + Drop gpg-offline BuildRequires. + No longer execute gpg_verify.- fix bashism in post script- update to AppArmor 2.9.0 (r2759) - change aa-mergeprof to the final commandline syntax - lots of bugfixes in the aa-* tools (bnc#900163, lp#1328707 and several bugs without a formal bugreport) - small additions to gnome, freedesktop.org, ubuntu-browsers.d/java and user-mail abstractions - fix mod_apparmor to not break basic auth - update perl modules to support signal, unix and ptrace rules (bnc#900013) - don't warn about rules not supported by the kernel - fix logging of "audit capability" (lp#1378091) - add support for the "hat" keyword in apparmor.vim - build html version of apparmor.vim manpage again (lp#1366572) - see also http://wiki.apparmor.net/index.php/ReleaseNotes_2_9_0 - update apparmor-abstractions-no-multiline.diff - remove upstreamed apparmor-profiles-ntpd-pid-location.diffh02-armsrv2 1696247785  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTU3.0.4-150500.11.9.13.0.4-150500.11.9.1 apparmorapparmor-3.0.4-py3.6.egg-infoPKG-INFOSOURCES.txtdependency_links.txttop_level.txt__init__.py__pycache____init__.cpython-36.pycaa.cpython-36.pycaare.cpython-36.pyccleanprofile.cpython-36.pyccommon.cpython-36.pycconfig.cpython-36.pyceasyprof.cpython-36.pycfail.cpython-36.pyclogparser.cpython-36.pycnotify.cpython-36.pycprofile_list.cpython-36.pycprofile_storage.cpython-36.pycregex.cpython-36.pycrules.cpython-36.pycsandbox.cpython-36.pycseverity.cpython-36.pyctools.cpython-36.pyctranslations.cpython-36.pycui.cpython-36.pycaa.pyaare.pycleanprofile.pycommon.pyconfig.pyeasyprof.pyfail.pylogparser.pynotify.pyprofile_list.pyprofile_storage.pyregex.pyrule__init__.py__pycache____init__.cpython-36.pycabi.cpython-36.pycalias.cpython-36.pyccapability.cpython-36.pycchange_profile.cpython-36.pycdbus.cpython-36.pycfile.cpython-36.pycinclude.cpython-36.pycnetwork.cpython-36.pycptrace.cpython-36.pycrlimit.cpython-36.pycsignal.cpython-36.pycvariable.cpython-36.pycabi.pyalias.pycapability.pychange_profile.pydbus.pyfile.pyinclude.pynetwork.pyptrace.pyrlimit.pysignal.pyvariable.pyrules.pysandbox.pyseverity.pytools.pytranslations.pyui.pyLibAppArmorLibAppArmor-3.0.4-py3.6.egg-infoPKG-INFOSOURCES.txtdependency_links.txttop_level.txtLibAppArmor.py_LibAppArmor.cpython-36m-aarch64-linux-gnu.so__init__.py__pycache__LibAppArmor.cpython-36.pyc__init__.cpython-36.pyc/usr/lib/python3.6/site-packages//usr/lib/python3.6/site-packages/apparmor-3.0.4-py3.6.egg-info//usr/lib/python3.6/site-packages/apparmor//usr/lib/python3.6/site-packages/apparmor/__pycache__//usr/lib/python3.6/site-packages/apparmor/rule//usr/lib/python3.6/site-packages/apparmor/rule/__pycache__//usr/lib64/python3.6/site-packages//usr/lib64/python3.6/site-packages/LibAppArmor-3.0.4-py3.6.egg-info//usr/lib64/python3.6/site-packages/LibAppArmor//usr/lib64/python3.6/site-packages/LibAppArmor/__pycache__/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:30900/SUSE_SLE-15-SP5_Update/bf7fc34cc3d034d75e6790157f5ae668-apparmor.SUSE_SLE-15-SP5_Updatedrpmxz5aarch64-suse-linuxdirectoryASCII textpython 3.6 byte-compiledPython script, ASCII text executable, with very long linesPython script, ASCII text executablePython script, UTF-8 Unicode text executablea /usr/bin/python3 script, UTF-8 Unicode text executableELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=5ea2e5d7a1a5843db34cfa5f08614ba461003510, stripped  !"#$%&'()*+,-./0123456789:;<=>?@ARSTRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR RRRRRRRRR RR RR RRRRA1~&futf-8f8591847d85ffecfe06dd6ff3d2e2dcc63f8ad63c1740a8c9284e4a9ac108d2c? 7zXZ !t/ˏM']"k%a D岻NbhI!`Lw]xҙz66Yī? U_i} ?ywm͙AkXϏ}QsQTўV9y ȣ-m;Xqae{u豕ɳaOgF:H܎8ft[ {9x%q-__Mh)?wKnAGf_ѭv, V#T]A+`˅ ó {OJZ/ϥ;Rnml SKBA7Lr2#qZ[aAՒBx?W#G70WO^C`̄|zzX Cs#ô6iu$R;Ṇy!S@C]!HkV_ $> yk"i0q3u5$ؼLb׻f$Ҩ|r{4V3h45tGܹ.D8 />PRi ']6,kW$\%!#:o!#۾^I(-5-I(Xza/'D.BnlSf`ggwɫNt-C&?=skvkA$>Fu#HQW<oZ>a }.%g\o7^Z[_Qgw aYʛ) A{\]Pa'Y1)D 9'{:GsC X,54iXW|g`;uYNv`? {S]r[Ԟ .Dcb tG9*X>aoP[Jt•SȈ{\ fvx7 r䦳D0(Vt"˃^&I_aTt0rYF /~wqpkZ` g(Sb}*暄%BE A <DɮQ!ZdXnӺ8oqX#6W F'5d|ݷũM:boDR+M't5ʘfc ~Qy4ꮺG%ɽ}T3z ݝq;D9!Ժ" ׍Z1sDLQA,|jlˠ q#H}D~-yHTh dYNmeupqze(2 aZD6 SVtv]Į ,7n?KY~?n3 EElcBVLӝʹ(ꁔ^ﻹG&d6'(J>HC`'V`c$hDb\Iq""1S#-CE#~;24!v/ "U7vm)(A5*9U_\oʺ-vțN#:T72\ sWD> F]М{)R"bwM<\][]XF9[1N@shM@b\ G&lcD '1\d8f r y%N4|ΊiL[n 7.ǎBbS7ѸԄcxAmzL\5|+_ZSXw\ql[n,KX3X#[`Ⓐ~. IvdzxCi43 tz0ZK*ᙷM$x) -6lkD_.p0֚lB $TDM؈wXwh1U f(3D|WZWʆAb'k8!އ\/u!⸚]ZmOFϨ붖mKsa$ޕY22Lv{q,xZm,FAVz@3 Rܴgc Ge$= ^EB,%]ɶO\nCooL[}=Y sgGXFz8h۹.^ǁ^z)ϰ#~/VhC6jhy>߁+G$~A8ݣU//;.D>ԇR!F2/!$I<quJ 8'7Վx5rw)*<Ͻ(Vo>m]av;HW l][`fnXIYWd0 i4>:qꤲ5z@Q=^ -ULя]^~.ƿlo;Eec"i1Ɨil(\#!p[Fz/_}{E=ugSw]V~Th<ė=k.-<<. rw CxI~D;Q7$OfvN +Imn9{8Dcz=!ҡG᥻!/_T18IR< 3}ntnRm`e0 =9#!L oU$;໾X91}6~$2{l.%#OdhPl+tk?ҁ焯*Q^}/Fz~wI~ʒr Z$K$jAUwǿwvEQ5JPAˋP;q>$DyZh W>8vԠt7({V )aiy)<#p-6t=CE6ZIVɓz`gPLAnHX z&w1ql ]VBA-įE#;J+gc:8#6/h0vktD+sI׼Y}}e/ӳ$`fʮÄ$9lTl*_xfD|1χegDpil?JSr 1jSyd ?:ΌM)>tz<w1M`ͨJ5.'ce*r*Vr?!҉iE }տM{&dkl#S^|j C߻O){$qݗ.'| +ޖσhҎO4\*Un|-fRBpi&g+c˪4!(o/{Û ˞/cŤN\mE&Rn:a6H2۽#d͛.4H'g[yj@_5ՓD5}MsuX.&VH3n+-f%e' %P{xUݺ|ɽʅP2(\rC2csxs:]/sX%~_jt;yz9Z}}d@ ,n8I(OMLQ+9٣rzWnqSV&m&m=✸>CÈ ,vO:|a '#'0`jW 5cMP7qfjzzY*痩FP P4А|Ϳ%d@v sCuVIxz!||]cU,I TdZIwz@h:";+MX]A :>ga=sNbI-_璀Xe~~]9H6N@0̴ǔشݒeBX }M#Ty?kX<]A 61.֢I{!~qZFZU]"ͺ؂ {v1_ k6Rb85M^9&,D#-Ŷ;DZI !? .C6fI`"D\?񇋩=2 |63 re}}YEAAKL8@",Q*aH'onX\*>г?Ia5]q1 ͞ڍfw9O&}E}ìRDI6F^2Ʌ)M2wp:ѽ|ӡ+a Lz~|;C9Vx=LVP[jdq<ӊ]ܕ<<'s~iSQ;- f䶟O"!|a(kk|俟m./FQϣeGW˒3rYI#r]<¹$wa8w,6I, H8А?26 HKlD^Y*놣<~us\+R:?h`٪l2 &֋+ƙ Y\*SZjkMkYRH6L.X#O u V+'|>?dz 7;3ndÐY~-Pz+Nޫ_~zf~;\ظh^ Hd]t+?=ggi 1r$UL D:2 $fܔDZ΀| m"+֕e%ݰzJOS6ZU3 aX,>);OM߄!i0ʢ!WSnt JEڹcnك J&AkǥF7Ԡnn]c{I=k#qw%m1UBhx *ߤzsqF )6P lſ?DCGg ÿ&))wع-CHwh(UWڔ6]l-01fyE7KZ >a*@'^V[n]mb'Sp{FTՁ?JC+VtCs? e9,cEd:8C 3,2&6|ca#PN}c`tdxbΊM'wj>x HAtnSS6?(X$ I6," ,;OgtQ $z.L Id.5kj'` I2F8h0vێR*AJ. \353jDe#jI9۸&IcJj8 ##:NptlwR!ٶ8'{錴iv~UF{b o}l '%L+g ՒY_>DjAg4o8C&$eұlwWRS~͊С6nir&VPY&Cuk: $~V-I0;4 '_6rfɸ?6ȶn`EZcc}W[n#H'"`J ӫjzKlYG!&t-~da@IBJO~?+6#hE]cz.o]%cH1CԎ 2o"-a?K@9z>GR>-aQ,~kvuha?Eyz"dqQth->-9kCIp:l1ȭoЉ=wI äzC6ZDRtFL1IwIyPVHj77pWBFַ%; .8N87&Chw*'Kgf:h_\׽e}P:0µRJ'{Z[kHD)_\Ra;N!9֪GzVA-Xȗ',K(=졮?o o9?GN..bzW 4g `qơSIUa oH8/[fvA\ 6uFxW[rxK>Dwpl?|%t-Pfۘh 8UDZR{ 2fJ\ t1:)͜;fwWe+ woFa^eY2 i3tO$dt)~_L8#=uQ:`E=Guf1խY=$R"fCnG"uRP~f:-k(|W-C5AI.ݐFì Yi? BdCҾ %}#}UćhĆ=|2; >:$xav@08՚#>UX6/ԅĉcqܽpT_ӊ*ʉWlW$_Qu-s~y٨4m޼L,a\,ʣ!)!-C[U`!ħ/iFDsAS̤H:f4dϥg;N$; Y_1J'0KNǑp5B!^F6Z0)e3U/GYE{w0 ʇ"ҷ; &RD*㫒G! pX$tԳ縠 8z& >_fVQLrfHKͥJPlsMgdҫ{qK Ǒy9\x pR;hg'W+zT&gQ룊J,I Iub# ;ke%=ex(þ s- T,,7}!3Oߤ= o~ς{)o+Orx\JI;J+zTQن` s4OW]сZF]rX;Ss#D%"*4%~~_0-?'Y, oZ)8N~0jDz0.xRb0`S$Wԏpfc^fiT_d+eB!#ѥXU=YIVsj2=u( FsYɶ˔/BB5i@fC*oe,T)uhbX CY0JDU# Y*S(£i@tARpD.sm3n5_kв̋R #2ѝ,76iz[S:ZfTDaxy]PJ&UiR#b$§@`d/A7֗cڅ;zFhmP:u?jr#!sτⅭYpFh$`2P z qȾHZ\mMjI`V%d?M.-zY-TRPtc) L?N#P5Nt1f.uTwBE5lk"pt➵g@aSr'H PM )ή˷ %W\"ف7v;zrMJ 4RdCJ-`d~^R->0#-'{uNOCۊ* ,&l_H"L$<ؼYdx0RApi}%.C`$_Q%_j'VkA n58@<2q=wH 1^f!kKX-zBɖ !?XFV' ]ZsCd8SөݬULx6M{H?Gv< z\ voG>qtS a|Vlo-hzd_h}Q(ɟ&D>ͩo% 34>8ln]c0cǚ"8nLș;@W#¯y%tZ VO6J]ߖHFŽ$)'z*Xe;fĸ93D?+ /4zM*Z7¶5URBoj ?)=1w@:#}B$E6:e'u'ӓBJ"Of- T&ܶ4xk+b%ow8$W<5SX܋7"ph|c \+ ZTUX:XuAwSr-Kc]'ˌfg1+8޾J77ScraʑsvzJ,2 wWD+<ہ6P)+JңtQzb%+SzHh "cC2VҺD4W=6oAikj$>D.w<$؀ @m-h(ۖ:m5ܝG!X-9`~}Spdf}_|chh;9F˃Hh$ 1뇽JiiџMYX,Ț hlTI m̟ޛK`J*I3bTGo4 2fW w+ ˵l-LBբ:~ɢ)^`K!luJ2կչXs7GE%s]0Ċc÷Enc={}#7 R ou;lX6^yY$Ǿy/M" DUE%`TB3WerYw1YRS 0̵l!CӒq%rnC]]""lj09?$ :ۡ sY;Kě1m=GOGlYlK@>Žk=63dDw,O\gʬ\v8ᬊLh m%)Ϻg"*^=Xz"e7L5Khu''FDw [XD@Ę'1܊CV>kD).;SI%\ׂbLwWJEFLH{"/VԈiy3'2>_}lyen JqZ/|9!P ="-}kS> &}\s/ȟ,k4$p)cZ\F;R(-gK`Q|Y=דQp,~I.pyym - j E7 ,"8sjp;]l-ƥQb# _!|8E)wH8͔9܃^׾Z'4reyĞNlJ=N7Z5"B濪V=έsޗ;ilikv`dT5J({wʊ5"GzOY Ξ {+RqN~iZ,(ŰaR{r kӡcMPJԮ憌@bȅ1G -b; 3MХӏ.l17@0˗x Nn ;h W@U(@0d^?{o! 02f'(egM٬0ib 1]c[qAB֗鶝j(wl$їaxӋ\l^$[Ph{ͧf8šH y0V8r@1G~Aʶ0@J {9h7y Ѻ|Ti'Ls6#1=eԘ%Y̽wx/'Cz¯P4J@ y`ދ_Aʁ\c!0Y o.Q\2kn1檴&}Y_S(a{0Pl1|um@F]3m.:IJܐL٘Ԯ4@lD0Ix ZTSH)jRl7(=OA  :'sewe!~?b$a'RתD4!%dї>.UǏ8^h7j4J:ik*^Q~J[7;uAaHk]˖/Or.$?ADSelfY 7L}d*<65e3/#8fѷϲ$2h64ki->O:J"\>Y% yrv-J Bw! 6;RȸWn$|WWr`,gjk`)xټj6>o3q4R?^¸~q vƋM@"qb&^`襉͝c5ı87V"yՋ3Zg@ZkP^/'OPP.aڤg;7b3evz vsmJeX}-F(3ݭ)@H>37P@D[$!Z4wJ[{ď/zB  k9,% ؑfDGUan Xԥp&;!:3inRlo8D ]<wCF)}6ƭH,,"FMM#/ú6v+)xt{O'w'ѣ.9 t'4 RHoyblvejy_|9Q.⭡ jpCD@oW_~3Y:N~mOH{a^o ܡnmr2*9'i }}@,T6✈+)A]dlt4`~Cq]Ufa*?x~@s}&#ȳPxl/m]X ϪtDrWT}7dxޛ@Kia)șCl{tm.6q`3cq~ѥ5ۺO)6?/l2x|VDVP_VX.P[*V6+oPQr0&վs @Ƣf@(D J)H`'MScy?n(y<Bq J[+zEp}-rzcQ[vHO@XʡAKG ڷL2~Ӂ:q\s_1^!\u5U PbTCƶ**oKUGߓs}{B kF$C5`[}> )ľ%J̅2oxo+?-q!d7au`ED7_Dtt?#L^}-^ {|1l[<]ռ%QNVc(r`' ˃yzn ޹I"\{“BWI出0>pɰ)G㩹VT(`1LDϵUدLɀ1[-{B "@lxoߢ iz9[EJNV疴 >ھO 􈗠QS={.=^(s\DMl㜹 5%4D{f-?KcEꘓxJઓ9Jt+{"ŴU=/FtAeI W+e5= 3W({ta3)+I,fGUl&1.(4bSr6|~bFZ7YuLaF&+@N5&lX*wa/O09b_rX@ӿxjUU4d UmN<9+Q@wwA麢.3H-*V~4TIW2ݑom|?8´uR( F.QtS htz{jhQ`Gr?;Lt @`Vs>v܉1h^i妚YV!U GppW O *E%#.?5?tW@|YZq>&֟nd8J*eh{=r>6#uqFɾ%v }p^WتrJn@n:I&ǖ+x6Tx[ЦbN{8 Ek ֒U;O>3S v02}CZ|vZU_'dm@Gx}o$Vlme]JHA֯p_P#457\hiG.XIJe@7Z `awXQ%c>cK$"6d^cCPL}P- J?ohn}Y4+Tճ$ōL>g @y mZ.F/ J'?F/?:7锞E1сjRDx$H7z'{R}C3dOt} bKJw%ELBc |G^?q}hi&lYkةh/qKWV>y/< r;@)2P1[9[FQ ߦvzڈZزʿ͕y prs0P_{;qyc o[?S= .>s/Pz>}4̆gJ9 ^- H!qן yV UThO+)M@ᆂ8:R >(ho.LWIn[8lX` +}u>#<`blx0(Jw )z,M;ALf5b<$>}&崓iꊦrC%/xW6MV KCP#b=ڤ9@w7+?5- fa$?*] G/iD |M>SB=I{l7Uv׳qvII)݂>E؅kѳu#E@ҝL†YK2mfpi[nCa?.B%&2W Vzb+6;|ꂻvLrV7~P; QYoQgmsro83|3(ͮMRZEE0wN,mۛshZMc+, żK֧=…Zy qg8ftv~|((8qjɆK"߿X 4#.%jf8אw-9B՛5rhTz[oY^n%ιD-I!)u Tet~ H(൶?PWJ<]X;0eAN}ɋ\y ؎FX9ŨAfwn R!DwO&ZYz*6ӤI0~}׻>1YHQt4fyyIB{ [%zб\; " 6D4dz%xC"&xU'Ee)"ddjO҈chw*Gm>(aGWt04 *22UGڹՊv[Yg[v1|dr)mV}GT=_XMu!^ϋzY;&j;UZE&^ptEYfE+Hki6aESQmPi @-39NuO_(!U,[1HYDi>'xAA|Wӧ[wYqEuCjϘDw9H>ū 5jCQKk]<κứ.zylWTտFey@7q_nʥtآgg_>gŠfEM߻v)ğsdIKnmqlРh]Xw6=T(&# 5 Hb$=K\%`lոװvL(2G# y[Ff(XC2lTsGw9EB3p{K5F h٩O{G L)t_~}((JGXrTO^j^CIKTGvMUȏuD;`Q# `tsرab Z+ e/$Jl*wl E}i[s{M(x^{&OKMMT's;=LzjEE yYD+`%T0Lj (-ȮBIIUo1'R;ѣU՗h^Ңe"y[9vZ:!5δpZ5owJ{pv`쾔?̶2ꨣKwFɝQyN55e:Ɇvm E:n=T0G4,3{)}NNi򦜣.Xx^o`>b5eѤEe a9F.@й?ֲnS<v}`El MhYouVFC3lMoS-V^p߰9 CO"*x[2]?wDJ2*yI8Q`R>Udг/BSd؜L2U]ިSb^uJojl8mġj%q-2b|vTn@I 늏 "1X# !zz6yj !.kZlFuޣeHѩ*mALݐr~bJ|L]/rJh agS-Mox k];s&Z#wRvr<5gdf~roy.4[yJ^Zϔr;8bh1G5(''L'\c|B{ƣ1ݳ.#T5+ Z=vhTLڸׂ~~-ՉK.0lI zIxĦO-ys{6 (툓SFƳGm^j<'N]:{RECi1گrWl[n|%a8ZgLw݄/!V8p NXC1m!On9w74%܏qTUwWl/63eF\ Ӯ /58mK>4g :AjyJ:3r?b}PFn G<~G=zM+";'X}Wb^3zc NfjjVW΂[4Sq4H*f;J(фAHG#hq3z?\lx<V]]&L]ojAp-,_x{^*RCd7Mpjm\2ik؋̐d慮׺Dļ"4[^ 7):ER 8{ /w+~ͧ#ͽHAOG8IuJQ1? YR?Ssta. G,ޔ d@KccOHWqmO:BT/r/ 'y~C_m 4kaLQ@;c1*S;]#Blkۚr¶ YZ