python3-apparmor-3.0.4-150500.11.9.1<>,dep9|o }.19m5T6'iN/[.UI[NVpKܸIlVj5j=iGi5J#⾶=)dzU.i /͎*907$%kAAz{Ф#0_b׌2RcEЮr[~z$<j\[-f6C8l Y2G~,::cv$m̈&$8PØh$Hf_'2h}== pmy= J31lCktI {V >>d?Td ' T= SpUU U HU U 1U UUU.TU 4"("8"9$:.hFGUHUIHUXY\U]$U^ bc{defluUvp wUxLUyɠUzPCpython3-apparmor3.0.4150500.11.9.1Python 3 interface for libapparmor functionsThis package provides the python interface to AppArmor. It is used for python applications interfacing with AppArmor.eh02-armsrv2 fSUSE Linux Enterprise 15SUSE LLC GPL-2.0-only AND LGPL-2.1-or-laterhttps://www.suse.com/Development/Libraries/Pythonhttps://launchpad.net/apparmorlinuxaarch64/S }((&_g47wJ\90QL ,b2 5,(k#)<Q>p1 @ 6<tq B;?b[&'%Ui $3)E/Px0AA큤A큤A큤A큤AA큤큤A큤eeeeeeb`%eeeeeeeeeeeeeeeeeeeeb`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%eb`%eeeeeeeeeeeeeeb`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%b`%eeeeeeev@eb`%eee103aaf985b7ee6570e8410caefeb8c900d5c46626cac08e13bec6476a4661e2044b2a8c30469873aebfe44bd3909bddbfc178df5078fa7a2a81a1d913c5b569e01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b2cc671fcc9d1ec75313b7eda5bcfb6024a389a90a86027d6a60afc0a06a20e766b7a19cacb0807dedd0ad9b166df085e2d323058172289ba401a19560dd4c64943278942f1939ac5492e15e846b019661e35c62a54411c80857420b6e0053c3fe2014fa7be316b8660de8253e2a37f33b26d131d89dc5cb3c60a96b72f87f09479c99ee85443030093ea9bb6344262746a82f5744dbb27fff8ab94acf4d6559cef9f47cc7c171c4a9b4909c702edb17fef4615041bbe94345448d993fc7a505f95e7e2006197af3c8660f9afa84426b0b9f6201bb59041b48524e0b0884a7e487eff10e4b1d26e36c2f9491794fce4d3c3effd54b11ebe1c247928a34ebf89006293e6b1e3116c6c9a6748f3d348af4308316ce8b8bf35d1a2d2f8653463ce02778cef18bb1206ce11366e37a9199a30d6454a52f52ca38c13067921348b73ad06c37642e6fcec6bf9f73444345b04463fb1908f52295a9fe3e59db866787a82817127f4102f3b08becc2a3269d8885f247c6a9b99f663482008929652f78df04e2a84f789fb7d889933792666836ccf3721ae4e0677e07ebf0b3e2a01b24f24ca5ccde44a784714cdf4fa33d20883335d22c002682f44876a653a5eb333ec9b131d47338b97093a2945a3c79c2aad86022282fa9b7eb76fb7c2bf494ae34d50dff215fb0bbbf5a8438945bb4f1aae8dc8a6c104382fc22841f9da106c658c4f0a7dfe77a1b05bee05eca7d4d2c7076ff3aff6148c41803797b9af21bfca77b390538551a7c3c46a8f1200402b94eaa7195a42d57f45d572880d075271e2d1bbd3418bab341905c0ba825add5cd1a4c009525befbe1fd4871afc04a186a10bfa40de1422ce69a7d59905a7ef3f9fa9cd474e1df5aa858fa99c9a8c181a8ad94b91ec320bb6f29456273036379e6ba0538d2f0d40a9957b93af9262faf020fab6026e7f316b7602597992eda5443ef6838e11dc790065a037ede90b97f49a39d9e87fa4fdae84740fd8c33710c616c9f119e230b57b48e19596d7764a79452afa07768616c2507877627ae91ad58dd98ef1c75598bfa23ed3cb7b52520feda84b1f8511e7aa8329c0343faa417d6f49d11fb2480f56b9d93587d494e73154a7d63443caaea741b1ad32459a870850c37e24b54f2a5cd1d1db195a6186954511155cea99a231b3c8a28382f6d33e4ea8a82253a3720e71e755fdf47a265b0f81a6e48ef1f72d06410e37225968640b28cfceb343074d895a6fa54684173e5b6abc8fd00305283cf4a6b8c3f24214fb6bcd8e3abb985a2544df3c59ba3bb3bf92d98987f49062ec5e62b2e91f36d014f9e2c0663c771b61b730fdbca9fcc6e61a72302bf49f902be3b31381234f7fd7537112dbcf58c669dbc42fa17afdf3720d9b0a0075fd343f00ee9fcc7b7fae09f8f281e808c8f5a050e89759957399a1ed7b0c8bf56e440a4aa90a83677f5285096e97458874fe9c3bdaeb4d2ae40cf502c721203a91f18f498f5ad91ead044f7556942446060726421d7bc3586516ae19f4847069e6d43ed07ff533f4b2259f590d75a5a4b2185efac3cc04d118b60f11a988d7b6032e8f4549737a25ce5b4c3d13d28faecb3d88cf1184908b0c378b3a80beb18dd18ae69aea286f2647ff2c4a74c2eafa270f3ee952bd057b2d3db84624efd350da354948af26e8d7aa73147867e02f53c35d81252500601912473c8e8c47fdc5fefe08e945af99883ee269416abe471aa36c4b650f8d078389f1228e1873154338182919a0e4142575a16a438abda2f8d492701efba4ac1129e8e3259e5863be25bd3db945cf65d7aeec18b43b2b54089eb0a0367c6d30f5d002153f935874779a8d2b84e1d582cbbe163349216193a4fe2722effae7fa54d06d7f95120817bba02a54ade1d6a15da5d8b3f5c75327fdd2a80c6c078f0f78263596c7dce8ce4077b456eb35e64cd6eed5c262028b54af5d16f85faffb43bc428ea1fc4a021ae37487b885ca4c8983bd6bdf5d6f2e00a60c3f08306c9076832b7966ce51e0c4eddcf554959459b23e0a8e2c352b5565da25a908f321eb9e141bc77fbce7cebbecfd995eb39012a844c06c1f26e904de9ea3a0a382383050bbe78341677c525cbb9294840b1807f8fced7657494f0356f2a74423373317256d103d29ed441f65109168e07526aa85d23e56cd76de93f1ac36e7d86e9e05f771f29d1bb4b14ea6f288ac8125172ae1a3e1b74b407957f702dad5e5480df705a785c1aa1592b90cc2182376954585c70aa8bae67f7814e09537c848de84a7c4cfe0566113dab77c29741187249bbff3930127122aa8a9694cd2ad2ad254c2bed67840f837ea51953e6c05d3a104d7e2263adc6296f679dac88e52631c9cf8f86eda441b1f54ad8d16fd0183d6921b50eb58b41610bed9168734bb105c03b4357bb56e9e1d77e9f0d4f5a562ab934418a01c902d327970cb6edcf17c58c94117247cd463d5b4aca05006a3a4fc32599fe6dc4f47d2a668cabe7f9b8b6ae409900c922e8d217840ad79040864987b7523111128252163e639e1eb932ddf161c4c56caecbdbdb922f7815f2f65b80c739f0518dee431ab029e119546ab2af5053b743b3bb4edc383e1eb201c5d5553ebe3b50c91a7d8015e0e48bc30c30e68fb1d7bb9393985eb5be0f096af15dadcf19e4499ae6c2d59d0ded25464e56241c75baf5b94cab456ebd49ac8c240526456014b084005cd7da7f8edea9e7edfa11701b399487623773ab7221a9a936d42d3e1e0061c5057f2a33f95754934a7ce2265b2cb0b16b451085bfbfec18866efde61dfad50c4016b136852dc8b4a4fc1b182a02a3e47d0d951d36561949259c10848b14f2a69e3f9475c1bac12c6f31d9749ce0a81e5a04e2d306b3b115ff3111e4fc204d55bb2b9ed73160684b1d9581350c4984b9c8b3482cf9ebaeb6bc5e77a9d572fb928dba6d4c5db21a47fd6172f7ef698f4a05b18a9475fe3a701c50bfdd4ba5f491ccae4a8c395d56c2f97549930aead3488505701ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546baac39bb57b937e104c1375b745d15e0609ebfb00dbbd14546119699d511cf68056386fa2f5e2de5845ae5e81d7de1f92c452d70ed17dc7c5bed1901d341d6181d80e229f19d8d48ecd950058516b02422a9b568f1ed91940a6ebc9205e28505b9f50c49cf90b7050a3c75116ce5e903af13823f0fb7a8e07803af337e4be04c054742f56fd7bd6387cb47f2a6b19110187c9e7af40fd753594287ad0a4cd55ae8fd7ed51da6f34bcb0454bcf123e77211818431d4aa9f10faf4e1fd63642c1d0rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootapparmor-3.0.4-150500.11.9.1.src.rpmpython3-apparmorpython3-apparmor(aarch-64)@@@@@@@@@@@@@@@@@    ld-linux-aarch64.so.1()(64bit)ld-linux-aarch64.so.1(GLIBC_2.17)(64bit)libapparmor.so.1()(64bit)libapparmor.so.1(APPARMOR_1.0)(64bit)libapparmor.so.1(APPARMOR_1.1)(64bit)libapparmor.so.1(APPARMOR_2.10)(64bit)libapparmor.so.1(APPARMOR_2.11)(64bit)libapparmor.so.1(APPARMOR_2.9)(64bit)libapparmor.so.1(PRIVATE)(64bit)libapparmor1libc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libdl.so.2()(64bit)libm.so.6()(64bit)libpthread.so.0()(64bit)libpython3.6m.so.1.0()(64bit)libutil.so.1()(64bit)python(abi)python(abi)python3rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.43.63.63.0.4-14.6.0-14.0-15.2-14.14.3ev@d@d@c@cbk@bi0@bZbV@bT@bRbBb<]@b@a7aZ@ap@aabaim@aEaaua $@`#@` @````_@`%@`!'`>` @__ǁ_ǁ_Q_h__@_~@_[f_P_-B@_@^m@^@^<@^j$@^,-]҇]o](]K@]]@\\@\ \\v{\I\ include in apache extra profile optional to avoid problems with empty profile directory (boo#1178527)- prepare usrmerge (boo#1029961) * use %_pamdir- update to AppArmor 3.0.1 - minor additions to profiles and abstractions - some bugfixes in libapparmor, apparmor_parser and the aa-* utils - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.1 for the detailed upstream changelog - removed upstream(ed) patches: - changes-since-3.0.0.diff - extra-profiles-fix-Pux.diff - utils-fix-hotkey-conflict.diff- Use apache provided variables for the module_directry: + Use %apache_libexecdir + Add apache-rpm-macros BuildRequires- add utils-fix-hotkey-conflict.diff to fix a hotkey conflict in de, id and sv translations (and fix the test) (MR 675) - add extra-profiles-fix-Pux.diff to fix an inactive profile - prevents a crash in aa-logprof and aa-genprof when creating a new profile (MR 676)- update to AppArmor 3.0.0 - introduce feature abi declaration in profiles to enable use of new rule types (for openSUSE: dbus and unix rules) - support xattr attachment conditionals - experimental support for kill and unconfined profile modes - rewritten aa-status (in C), including support for new profile modes - rewritten aa-notify (in python), finally dropping the perl requirement at runtime - new tool aa-features-abi for extracting feature abis from the kernel - update profiles to have profile names and to use 3.0 feature abi - introduce @{etc_ro} and @{etc_rw} profile variables - new profile for php-fpm - several updates to profiles and abstractions (including boo#1166007) - fully support 'include if exists' in the aa-* tools - rewrite handling of alias, include, link and variable rules in the aa-* tools - rewrite and simplify log handling in the aa-logprof and aa-genprof - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0 for the detailed upstream changelog - patches: - add changes-since-3.0.0.diff with upstream fixes since the 3.0.0 release up to 3e18c0785abc03ee42a022a67a27a085516a7921 - drop upstreamed usr-etc-abstractions-base-nameservice.diff - drop 2.13-only libapparmor-so-number.diff - refresh apparmor-enable-profile-cache.diff - partially upstreamed - update apparmor-samba-include-permissions-for-shares.diff and apparmor-lessopen-profile.patch - switch to "include if exists" - apparmor-lessopen-profile.patch: add abi rule to lessopen profile - refresh apparmor-lessopen-nfs-workaround.diff - move away very loose apache profile that doesn't even match the apache2 binary path in openSUSE to avoid confusion (boo#872984) - move rewritten aa-status from utils to parser subpackage - add aa-features-abi to parser subpackage - replace perl and libnotify-tools requires with requiring python3-notify2 and python3-psutil (needed by the rewritten aa-notify) - drop ancient cleanup for /etc/init.d/subdomain from parser %pre - drop (never enabled) conditionals to build with python2 and to build the python-apparmor subpackage (upstream dropped python2 support) - drop setting PYTHON and PYTHON_VERSIONS env variable, no longer needed - set PYFLAKES path for utils check - add precompiled_cache build conditional to allow faster local builds without using kvm - remove duplicated BuildRequires: swig- update to AppArmor 2.13.5 - add missing permissions to several profiles and abstractions - bugfixes in parser and tools - fix two potential build failures in libapparmor - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_2.13.5 for the detailed upstream changelog - remove upstream(ed) patches - changes-since-2.13.4.diff - abstractions-X-xauth-mr582.diff - sevdb-caps-mr589.diff - libvirt-leaseshelper.patch - cap_checkpoint_restore.diff - add libapparmor-so-number.diff to fix libapparmor so version (!658)- add CAP_CHECKPOINT_RESTORE to severity.db (MR 656, cap_checkpoint_restore.diff)- %service_del_postun_without_restart only works for Tumbleweed, keep using DISABLE_RESTART_ON_UPDATE for Leap 15.x- Make use of %service_del_postun_without_restart And stop using DISABLE_RESTART_ON_UPDATE as this interface is obsolete.- libvirt-leaseshelper.patch: add /usr/libexec as a path to the libvirt leaseshelper script (jsc#SLE-14253)- sevdb-caps-mr589.diff: add new capabilities CAP_BPF and CAP_PERFMON to severity.db (lp#1890547)- add abstractions-X-xauth-mr582.diff to allow reading the xauth file from its new sddm location (boo#1174290, boo#1174293)- add changes-since-2.13.4.diff with upstream changes and fixes since 2.13.4 up to 5f61bd4c: - add several abstractions related to xdg-open: dbus-network-manager-strict, exo-open, gio-open, gvfs-open, kde-open5, xdg-open - introduce @{run} variable - update dnsmasq and winbindd profile - update mdns, mesa and nameservice abstraction - some bugfixes in the aa-* tools, including a remote bugfix in the YaST AppArmor module (boo#1171315) - drop upstream(ed) patches (now part of changes-since-2.13.4.diff): - make-4.3-capabilities.diff - make-4.3-capabilities-vim.diff - make-4.3-fix-utils-network-test.diff - make-4.3-network.diff - abstractions-add-etc-mdns.allow-to-etc-apparmor.d-abstractions-mdns.patch - apply usr-etc-abstractions-base-nameservice.diff only for Tumbleweed, but not for Leap 15.x where it's not needed - refresh usr-etc-abstractions-base-nameservice.diff- Add abstractions-add-etc-mdns.allow-to-etc-apparmor.d-abstractions-mdns.patch (bsc#1168306)- fix build with make 4.3 by backporting some commits from upstream master (boo#1167953): - make-4.3-capabilities.diff - make-4.3-capabilities-vim.diff - make-4.3-network.diff - make-4.3-fix-utils-network-test.diff- update to AppArmor 2.13.4 - several abstraction updates (including boo#1153162) - disallow writing to fontconfig cache in abstractions/fonts - some bugfixes in the aa-* tools - fix log parsing for logs with an embedded newline - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_2.13.4 for the detailed upstream changelog - drop upstreamed patches: - abstractions-ssl-certbot-paths.diff - apparmor-krb5-conf-d.diff - libapparmor-python3.8.diff - usr-etc-abstractions-authentification.diff - refresh usr-etc-abstractions-base-nameservice.diff- add usr-etc-abstractions-base-nameservice.diff to adjust abstractions/base and nameservice for /usr/etc/ (boo#1161756)- Properly pull in full python3 interpreter- add libapparmor-python3.8.diff to fix building the libapparmor python bindings (deb#943657)- add usr-etc-abstractions-authentification.diff to allow reading /usr/etc/pam.d/* and some other authentification-related files (boo#1153162)- add abstractions-ssl-certbot-paths.diff - add certbot paths to abstractions/ssl_certs and abstractions/ssl_keys- add apparmor-krb5-conf-d.diff for kerberos client- update to 2.13.3 - profile updates for dnsmasq, dovecot, identd, syslog-ng - new "lsb_release" profile (only used when using "Px -> lsb_release") - fix buggy syntax in tunables/share - several abstraction updates - parser: fix "Px -> foo-bar" (the "-" was rejected before) - several bugfixes in aa-genprof and aa-logprof - some fixes in cache handling - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.13.3 for the detailed upstream changelog - drop upstream(ed) patches: - apparmor-nameservice-resolv-conf-link.patch - profile_filename_cornercase.diff - dnsmasq-libvirtd.diff - dnsmasq-revert-alternation.diff - usrmerge-fixes.diff - libapparmor-swig-4.diff - re-number remaining patches- add upstream libapparmor-swig-4.diff: fix libapparmor tests with swig 4.0 (boo#1135751)- Disable LTO (boo#1133091).- update lessopen.sh profile for usrMerge (bash and tar) (boo#1132350)- add usrmerge-fixes.diff: fix test failures when /bin/sh is handled by update-alternatives (boo#1127877)- add dnsmasq-revert-alternation.diff: revert path alternation in dnsmasq profile and re-add peer=/usr/sbin/libvirtd rules to avoid breaking libvirtd (boo#1127073)- add dnsmasq-libvirtd.diff: allow peer=libvirtd in the dnsmasq profile to match the newly added libvirtd profile name (boo#1118952#c3)- Use %license instead of %doc [bsc#1082318]- add apparmor-lessopen-nfs-workaround.diff: allow network access in lessopen.sh for reading files on NFS (workaround for boo#1119937 / lp#1784499)- add profile_filename_cornercase.diff: drop check that lets aa-logprof error out in a corner-case (log event for a non-existing profile while a profile file with the default filename for that non-existing profile exists) (boo#1120472)- netconfig: write resolv.conf to /run with link to /etc (fate#325872, boo#1097370) [patch apparmor-nameservice-resolv-conf-link.patch]- update to AppArmor 2.13.2 - add profile names to most profiles - update dnsmasq profile (pid file and logfile path) (boo#1111342) - add vulkan abstraction - add letsencrypt certificate path to abstractions/ssl_* - ignore *.orig and *.rej files when loading profiles - fix aa-complain etc. to handle named profiles - several bugfixes and small profile improvements - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.13.2 for the detailed upstream changelog - remove upstreamed fix-syntax-error-in-rc.apparmor.functions.patch- update to 2.13.1 - add qt5 and qt5-compose-cache-write abstractions - add @{uid} and @{uids} kernel var placeholders - several profile and abstraction updates - ignore "abi" rules in parser and tools (instead of erroring out) - utils: fix overwriting of child profile flags if they differ from the main profile - several bugfixes (including boo#1100779) - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.13.1 for the detailed upstream changelog - remove upstream(ed) patches: - aa-teardown-path.diff - fix-apparmor-systemd-perms.diff - logprof-skip-cache-d.diff - fix-samba-profiles.patch - make-pyflakes-happy.diff - dnsmasq-Add-permission-to-open-log-files.patch - refresh apparmor-samba-include-permissions-for-shares.diff - add fix-syntax-error-in-rc.apparmor.functions.patch- update rpmlintrc: - whitelist .features file which is part of the pre-compiled cache - comment out filters for the disabled tomcat_apparmor subpackage- Backport dnsmasq fix: 025c7dc6 - dnsmasq-Add-permission-to-open-log-files.patch (boo#1111342)- add make-pyflakes-happy.diff to fix an unused variable (SR 629206)- add fix-samba-profiles.patch - smbd loads new shared libraries. Allow winbindd to access new kerberos credential cache location (boo#1092099)- exclude the /etc/apparmor.d/cache.d/ directory from aa-logprof parsing (logprof-skip-cache-d.diff)- add fix-apparmor-systemd-perms.diff - fix permissions of /lib/apparmor/apparmor.systemd (boo#1090545)- create and package precompiled cache (/usr/share/apparmor/cache, read-only) (boo#1069906, boo#1074429) - change (writeable) cache directory to /var/cache/apparmor/ - with the new btrfs layout, the only reason for using /var/lib/apparmor/cache/ (which was "it's part of the / subvolume") is gone, and /var/cache makes more sense for the cache - adjust parser.conf (via apparmor-enable-profile-cache.diff) to use both cache locations - clear cache also in %post of abstractions package- update to AppArmor 2.13 - add support for multiple cache directories and cache overlays (boo#1069906, boo#1074429) - add support for conditional includes in policy - remove group restrictions from aa-notify (boo#1058787) - aa-complain etc.: set flags for profiles represented by a glob - aa-status: split profile from exec name - several profile and abstraction updates - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.13 for the detailed upstream changelog - drop upstreamed patches and files: - aa-teardown - apparmor.service - apparmor.systemd - 32-bit-no-uid.diff - disable-cache-on-ro-fs.diff - dovecot-stats.diff - parser-write-cache-warn-only.diff - set-flags-for-profiles-represented-by-glob.patch - fix-regression-in-set-flags.patch - drop spec code that handled installing aa-teardown, apparmor.service and apparmor.systemd (now part of upstream Makefile) - simplify "make -C profiles parser-check" call (upstream Makefile bug that required to call "cd" was fixed) - add aa-teardown-path.diff - install aa-teardown in /usr/sbin/ - move 'exec' symlink to parser package (belongs to aa-exec)- Set flags for profiles represented by glob (bsc#1086154) set-flags-for-profiles-represented-by-glob.patch fix-regression-in-set-flags.patch- add dovecot-stats.diff: - add dovecot/stats profile and allow dovecot to run it (boo#1088161) - allow dovecot/auth to write /run/dovecot/old-stats-user (part of boo#1087753) - update 32-bit-no-uid.diff with upstream fix- Change of path of rpm in lessopen.sh (boo#1082956)- add disable-cache-on-ro-fs.diff - disable write cache if filesystem is read-only and don't bail out (bsc#1069906, bsc#1074429)- add parser-write-cache-warn-only.diff to make cache write failures a warning instead of an error (boo#1069906, boo#1074429) - reduce dependeny on libnotify-tools (used by aa-notify -p) to "Suggests" to avoid pulling in several Gnome packages on servers (boo#1067477)- update to AppArmor 2.12 - add support for 'owner' rules in aa-logprof and aa-genprof - add support for includes with absolute path in aa-logprof etc. (lp#1733700) - update aa-decode to also decode PROCTITLE (lp#1736841) - several profile and abstraction updates, including boo#1069470 - preserve errno across aa_*_unref() functions - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.12 for the detailed upstream changelog - drop upstreamed patches: - read_inactive_profile-exactly-once.patch - utils-fix-sorted-save_profiles-regression.diff - lessopen profile: change all 'rix' rules to 'mrix' - add 32-bit-no-uid.diff to fix handling of log events without ouid on 32 bit systems - no longer package static libapparmor.a- update to AppArmor 2.11.95 aka 2.12 beta1 - add JSON interface to aa-logprof and aa-genprof (used by YaST) - drop old YaST interface code - update audio, base and nameservice abstractions - allow @{pid} to match 7-digit pids - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_11_95 for the detailed upstream changelog - drop upstreamed patches - apparmor-yast-cleanup.patch - apparmor-json-support.patch - nameservice-libtirpc.diff - drop obsolete perl modules (YaST no longer needs them) - drop patches that were only needed by the obsolete perl modules: - apparmor-utils-string-split - apparmor-abstractions-no-multiline.diff - drop profiles-sockets-temporary-fix.patch - obsoleted by a fix in apparmor_parser - refresh utils-fix-sorted-save_profiles-regression.diff - add aa-teardown (new script to unload all profiles) - make ExecStop in apparmor.service a no-op (workaround for a systemd restriction, see boo#996520 and boo#853019 for details) - lessopen profile: allow capability dac_read_search and dac_override, allow groff to execute several helpers (boo#1065388)- read_inactive_profile-exactly-once.patch (bsc#1069346) Perform reading of inactive profiles exactly once.- update to AppArmor 2.11.1 - add permissions to several profiles and abstractions (including lp#1650827 and boo#1057900) - several fixes in the aa-* tools (including lp#1689667, lp#1628286, lp#1661766 and boo#1062667) - fix downgrading/converting of 'unix' rules (will be supported in kernel 4.15) to 'network unix' rules in apparmor_parser (boo#1061195) - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_11_1 for upstream changelog - remove upstream(ed) patches - upstream-changes-r3616..3628.diff - upstream-changes-r3629..3648.diff - parser-tests-dbus-duplicated-conditionals.diff - apparmor-fix-podsyntax.patch - sshd-profile-drop-local-include-r3615.diff - refresh apparmor-yast-cleanup.patch - add utils-fix-sorted-save_profiles-regression.diff to fix a regression in displaying the "changed profiles" list in aa-logprof- add nameservice-libtirpc.diff to fix NIS/YP logins (boo#1062244)- profiles-sockets-temporary-fix.patch to cater to nameservices with the new sockets mediation, until unix rules are upstreamed (boo#1061195)- add apparmor-fix-podsyntax.patch from mailing list to fix compilation with perl 5.26- do not require exact X.Y version of "python3" - require also matching python(abi) which is arguably more important- don't rely on implementation details for reload in %post- add JSON support. Required for FATE#323380. (apparmor-yast-cleanup.patch, apparmor-json-support.patch)- add upstream-changes-r3629..3648.diff: - preserve unknown profiles when reloading apparmor.service (CVE-2017-6507, lp#1668892, boo#1029696) - add aa-remove-unknown utility to unload unknown profiles (lp#1668892) - update nvidia abstraction for newer nvidia drivers - don't enforce ordering of dbus rule attributes in utils (lp#1628286) - add --parser, --base and --Include option to aa-easyprof to allow non-standard paths (useful for tests) (lp#1521031) - move initialization code in apparmor.aa to init_aa(). This allows to run all utils tests even if /etc/apparmor.d/ or /sbin/apparmor_parser don't exist. - several improvements in the utils tests - drop upstreamed python3-drop-re-locale.patch - no longer delete/skip some of the utils tests (to allow this, add parser-tests-dbus-duplicated-conditionals.diff) - add var.mount dependeny to apparmor.service (boo#1016259#c34)- Cleanup spec file: - don't use insserv if we afterwards call systemd, this can have bad side effects - remove dead code - remove now obsolete 'distro' checks - Replace init.d script with new wrapper working with systemd- add python3-drop-re-locale.patch: remove deprecated re.LOCALE flag in Python UI as it was dropped from Python 3.6 (lp#1661766)- Fix RPM groups- add upstream-changes-r3616..3628.diff: - update abstractions/base, abstractions/apache2-common and dovecot profiles - merge ask_the_questions() of aa-logprof and aa-mergeprof - pass LDFLAGS when building parser, libapparmor perl bindings and pam_apparmor - adjust deleting the cache in profiles %post to the new cache location - silence errors when deleting the cache (boo#976914)- split libapparmor into separate spec to get rid of build loop involving mariadb, systemd, apparmor, libapr and mariadb again (see the discussion in SR 448871 for details) - libapparmor.spec is based on the AppArmor 2.11 apparmor.spec, but with minimum BuildRequires- update to AppArmor 2.11.0 - apparmor_parser now supports parallel compiles and loads - add full support for dbus, ptrace and signal rules and events to the utils - full rewrite of the file rule handling in the utils - lots of improvements and fixes - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_11 for the detailed changelog - patches: - add sshd-profile-drop-local-include-r3615.diff to fix 'make check' - drop aa-unconfined-fix-netstat-call-2.10r3380.diff, no longer needed - refresh apparmor-abstractions-no-multiline.diff - refresh apparmor-samba-include-permissions-for-shares.diff - spec changes: - aa-unconfined switched to using ss (from iproute2), adjust Recommends: - move libapparmor to /usr/lib*/ - drop %if %suse_version checks for 12.x - change several Obsoletes from %version to < 2.9. Those package names weren't used since years, and 2.9 is still a careful choice - include apparmor.service independent of %suse_version - techdoc.pdf is now shipped in upstream tarball to reduce BuildRequires - drop latex2html, texlive-* and w3m BuildRequires - techdoc.txt and techdoc.html not included, drop them from the package - run most of utils/ make check (some tests expect /etc/apparmor.d/ and /sbin/apparmor_parser to exist, skip them) - BuildRequires python3-pyflakes (utils tests) and dejagnu (libapparmor tests) - drop sed'ing python3 into aa-* shebang (upstreamed) - build binutils - aa-exec is now written in C and lives in /usr/bin/, move it to the apparmor_parser package and create a compability symlink in /usr/sbin/ - aa-exec manpage moved to section 1 - aa-enabled is a small new tool to find out if AppArmor is enabled - package new aa_stack_profile(2) manpage- change /etc/apparmor.d/cache symlink to /var/lib/apparmor/cache/. This is part of the root partition (at least with default partitioning) and should be available earlier than /var/cache/apparmor/ (boo#1015249, boo#980081, bsc#1016259) - add dependency on var-lib.mount to apparmor.service as safety net- update to AppArmor 2.10.2 maintenance release - lots of bugfixes and profile updates (including boo#1000201, boo#1009964, boo#1014463) - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_10_2 for details - add aa-unconfined-fix-netstat-call-2.10r3380.diff to fix a regression in aa-unconfined - drop upstream(ed) patches: - changes-since-2.10.1--r3326..3346.diff - changes-since-2.10.1--r3347..3353.diff - libapparmor-fix-import-path.diff (upstream fix is slightly different) - nscd-var-lib.diff - refresh apparmor-abstractions-no-multiline.diff- add nscd-var-lib.diff to allow /var/lib/nscd/ in the nscd profile and abstractions/nameservice (path changed in latest nscd in Tumbleweed)- add changes-since-2.10.1--r3347..3353.diff with upstream changes and fixes in the 2.10 branch, including - allow writing *.qf files (for disk-based buffering) in syslog-ng profile - add several permissions to the dovecot profiles (deb#835826) - add a missing path in the traceroute profile- add changes-since-2.10.1--r3326..3346.diff with upstream changes and fixes since the 2.10.1 release, including - allow dac_override in winbindd profile (boo#990006#c5) - allow mr for /usr/lib*/ldb/*.so in samba abstractions (needed since Samba 4.4.x, boo#990006) - abstractions/nameservice: also support ConnMan-managed resolv.conf - let aa-genprof ask about profiles in extra dir (again) - fix aa-logprof "add hat" endless loop (lp#1538306) - honor 'chown' file events in logparser.py - ignore log file events with a request mask of 'send' or 'receive' because they are actually network events (lp#1577051, lp#1582374) - accept hostname with dots when parsing logs (lp#1453300 comments #1 and #2) - fix python LibAppArmor import failures with swig > 3.0.8 (boo#987607) (libapparmor-fix-import-path.diff) - refresh apparmor-abstractions-no-multiline.diff - drop upstreamed profiles-ping-inet6-r3449.diff - add %check section - runs libapparmor (including swig bindings), parser and profiles tests - add BuildRequires: perl(Locale::gettext) - needed for parser tests- add profiles-ping-inet6-r3449.diff - latest ping also does IPv6 (boo#980596)- update to AppArmor 2.10.1 (2.10 branch r3326): - fix incorrect output of child profile names (apparmor_parser -N) which caused 'rcapparmor reload' to remove child profiles and hats (lp#1551950) - fix a crash in aa-logprof / logparser.py for change_hat log events (lp#1523297) and log events that look like file events, but aren't (lp#1540562, lp#1525119, lp#1466812) - write unix rules when saving a profile (lp#1522938, boo#954104#c3) - several fixes for variable handling in aa-logprof - map c (create) log events to w instead of a - add python to the "no Px rule" list in logprof.conf - let aa-logprof check for duplicate profiles - let aa-status work without the apparmor.fail python module (boo#971917, lp#1480492) - add permissions in several profiles (including boo#948584, boo#948753, boo#954959, boo#954958, boo#971790, boo#964971, boo#921098, boo#923201 and boo#921098#c15). - and many more fixes, see the full changelog at http://wiki.apparmor.net/index.php/ReleaseNotes_2_10_1 - drop upstream(ed) patches: - fix-initscript-aa_log_end_msg.diff - syslog-ng-profile-boo948584.diff - upstream-profile-updates-r3205-3241.diff - refresh patches: - apparmor-abstractions-no-multiline.diff - apparmor-samba-include-permissions-for-shares.diff - drop libapparmor autogen.sh call (broke the build) and remove libtool BR- add syslog-ng-profile-boo948584.diff - add several permissions needed by latest syslog-ng (boo#948584, boo#948753) - add upstream-profile-updates-r3205-3241.diff with several profile updates: - add /usr/share/locale-bundle/** to abstractions/base - allow dnsmask to use /bin/sh (boo#940749) and /bin/dash - allow dovecot imap to read /run/dovecot/mounts - allow avahi-daemon to write to /run/systemd/notify - allow ntpd to read $PATH directory listings (boo#945592, boo#948752) - update dhclient profile - allow skype to read @{PROC}/@{pid}/net/dev (boo#939568) - and some other small updates - drop upstreamed apparmor-winbindd-r3213.diff (included in the upstream-profile-updates patch)- netstat moved to net-tools-deprecated in Tumbleweed (boo#944904)- add apparmor-winbindd-r3213.diff - add missing k permissions for /etc/samba/smbd.tmp/msg/* in winbindd profile (boo#921098 #c15..19)- add fix-initscript-aa_log_end_msg.diff - fixes ugly initscript output (boo#862170)- update to AppArmor 2.10 (trunk r3205) - profile names can now contain variables - improved profile compile time in apparmor_parser - lots of improvements, refactoring and bugfixes in the aa-* tools - new apis for managing and loading profile caches into the kernel in libapparmor - lots of profile updates - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_10 for the complete changelog with more details - add new apparmor_private.h and the aa_query_label(2), aa_features(3), aa_kernel_interface(3), aa_policy_cache(3), aa_splitcon(3) manpages to libapparmor-devel - drop apparmor-2.5.1-edirectory-profile patch - it's most probably no longer needed (see boo#621394 for details) - drop upstreamed samba-4.2-profiles.diff - refresh apparmor-samba-include-permissions-for-shares.diff- systemd-rpm-macros and %systemd_requires were at the wrong place, move them to the parser package (boo#931792)- update to AppArmor 2.9.2 (2.9 branch r2911) - lots of bugfixes in the parser and the aa-* tools (including boo#918787) - update dovecot and dnsmasq profiles and several abstractions (including boo#911001) - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_9_2 for the full changelog - remove upstream(ed) patches apparmor-changes-since-2.9.1.diff and apparmor-fix-stl-ostream.diff - replace GPG key with new AppArmor GPG signing key, see https://launchpad.net/apparmor/+announcement/13404- make sure %service_del_postun doesn't call systemctl try-restart (boo#853019, bare systemd edition) - add samba-4.2-profiles.diff: update samba (winbindd and nmb) profiles for samba 4.2 (boo#921098, boo#923201)- only install apparmor.service for openSUSE > 13.2- Add a native systemd unit which *at the moment* only wraps/masks the early boot script.- add apparmor-fix-stl-ostream.diff which fixes odd uses of std::ostream which are not valid. Fixes build with GCC 5- allow lessopen.sh to run /usr/bin/unzip-plain (boo#906858)- add Requires: python3 to python3-apparmor package - readline isn't part of python3-base (boo#917577)- add apparmor-changes-since-2.9.1.diff with upstream fixes since the 2.9.1 release - update logparser.py to support changed syslog format (lp#1399027) - update usr.sbin.dovecot and usr.lib.dovecot.imap{, -login} profiles (lp#1296667) - update the mysqld profile - fix network rule description in apparmor.d(5) manpage - drop upstreamed dnsmasq-profile-fixes.patch - update expired GPG key- update to AppArmor 2.9.1 (2.9 branch r2831) - fix log parsing for 3.16 kernels and syslog-style logs (boo#905368) - several fixes and performance improvements in the aa-* utils - profile updates for dnsmasq (boo#907870), nscd (boo#904620#c14 and bnc#908856), useradd, sendmail, man and passwd - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_9_1 for full release notes - refresh dnsmasq-profile-fixes.patch- Fix dnsmasq profile to allow executing bash to run the --dhcp-script argument. Also fixed /usr/lib -> /usr/{lib,lib64} to get libvirt leasehealper script to run even on x86_64. dnsmasq-profile-fixes.patch. boo#911001- rename lessopen.sh profile file to usr.bin.lessopen.sh to match the script filename- add apparmor-lessopen-profile.patch: /usr/bin/lessopen.sh needs confinement. bnc#906858- delete cache in apparmor-profiles %post (workaround for bnc#904620#c8 / lp#1392042)- No longer perform gpg validation; osc source_validator does it implicit: + Drop gpg-offline BuildRequires. + No longer execute gpg_verify.- fix bashism in post script- update to AppArmor 2.9.0 (r2759) - change aa-mergeprof to the final commandline syntax - lots of bugfixes in the aa-* tools (bnc#900163, lp#1328707 and several bugs without a formal bugreport) - small additions to gnome, freedesktop.org, ubuntu-browsers.d/java and user-mail abstractions - fix mod_apparmor to not break basic auth - update perl modules to support signal, unix and ptrace rules (bnc#900013) - don't warn about rules not supported by the kernel - fix logging of "audit capability" (lp#1378091) - add support for the "hat" keyword in apparmor.vim - build html version of apparmor.vim manpage again (lp#1366572) - see also http://wiki.apparmor.net/index.php/ReleaseNotes_2_9_0 - update apparmor-abstractions-no-multiline.diff - remove upstreamed apparmor-profiles-ntpd-pid-location.diffh02-armsrv2 1696247785  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTU3.0.4-150500.11.9.13.0.4-150500.11.9.1 apparmorapparmor-3.0.4-py3.6.egg-infoPKG-INFOSOURCES.txtdependency_links.txttop_level.txt__init__.py__pycache____init__.cpython-36.pycaa.cpython-36.pycaare.cpython-36.pyccleanprofile.cpython-36.pyccommon.cpython-36.pycconfig.cpython-36.pyceasyprof.cpython-36.pycfail.cpython-36.pyclogparser.cpython-36.pycnotify.cpython-36.pycprofile_list.cpython-36.pycprofile_storage.cpython-36.pycregex.cpython-36.pycrules.cpython-36.pycsandbox.cpython-36.pycseverity.cpython-36.pyctools.cpython-36.pyctranslations.cpython-36.pycui.cpython-36.pycaa.pyaare.pycleanprofile.pycommon.pyconfig.pyeasyprof.pyfail.pylogparser.pynotify.pyprofile_list.pyprofile_storage.pyregex.pyrule__init__.py__pycache____init__.cpython-36.pycabi.cpython-36.pycalias.cpython-36.pyccapability.cpython-36.pycchange_profile.cpython-36.pycdbus.cpython-36.pycfile.cpython-36.pycinclude.cpython-36.pycnetwork.cpython-36.pycptrace.cpython-36.pycrlimit.cpython-36.pycsignal.cpython-36.pycvariable.cpython-36.pycabi.pyalias.pycapability.pychange_profile.pydbus.pyfile.pyinclude.pynetwork.pyptrace.pyrlimit.pysignal.pyvariable.pyrules.pysandbox.pyseverity.pytools.pytranslations.pyui.pyLibAppArmorLibAppArmor-3.0.4-py3.6.egg-infoPKG-INFOSOURCES.txtdependency_links.txttop_level.txtLibAppArmor.py_LibAppArmor.cpython-36m-aarch64-linux-gnu.so__init__.py__pycache__LibAppArmor.cpython-36.pyc__init__.cpython-36.pyc/usr/lib/python3.6/site-packages//usr/lib/python3.6/site-packages/apparmor-3.0.4-py3.6.egg-info//usr/lib/python3.6/site-packages/apparmor//usr/lib/python3.6/site-packages/apparmor/__pycache__//usr/lib/python3.6/site-packages/apparmor/rule//usr/lib/python3.6/site-packages/apparmor/rule/__pycache__//usr/lib64/python3.6/site-packages//usr/lib64/python3.6/site-packages/LibAppArmor-3.0.4-py3.6.egg-info//usr/lib64/python3.6/site-packages/LibAppArmor//usr/lib64/python3.6/site-packages/LibAppArmor/__pycache__/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:30900/SUSE_SLE-15-SP5_Update/bf7fc34cc3d034d75e6790157f5ae668-apparmor.SUSE_SLE-15-SP5_Updatedrpmxz5aarch64-suse-linuxdirectoryASCII textpython 3.6 byte-compiledPython script, ASCII text executable, with very long linesPython script, ASCII text executablePython script, UTF-8 Unicode text executablea /usr/bin/python3 script, UTF-8 Unicode text executableELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=5ea2e5d7a1a5843db34cfa5f08614ba461003510, stripped  !"#$%&'()*+,-./0123456789:;<=>?@ARSTRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR RRRRRRRRR RR RR RRRRA1~&futf-8f8591847d85ffecfe06dd6ff3d2e2dcc63f8ad63c1740a8c9284e4a9ac108d2c? 7zXZ !t/oG]"k%a D岻NbhI!#lA#FX ]q*F>Ѷ|ٰcb0ߩ5u w&rg6BQܣuƪqyLgڝswdZ'eG {y"[PLWJQ`&\+u liQ?;d5KzKTVR~@W)1*W\MF}xE8"˄4@'pM{/TɻsW 3Y?/bŖC_;hgҡ6X{cPCk02u1{~-;;hA]v0㸃-ZlK5:LŴIV;{= =]+jX)_ˡِ@>+PeIN@ᑅtБ:I4"nDAgY,I07ifFU(S1УCà6hyO='.'!7o@}K2#&K!ڻ=!08͎OA#KM"`;-N,u((Bo[zѹԾS<@.eqKRD@;xˏdAU``HjirjːQy!AH7K_e-M)jɏ9D2RߥS*& W{ ⴊn!ɫps'?[bIUjD<YQ Bg\1o᦬D>־YKRL53wi@sVFK´ڠüp0x q}tZXLNXNAXF)tu>@x^Y"DjHO}Η?[oϷ<9je6RH8iX>F)ڲ#Jܜ%,[]{_VNm>ttU^Ѵ6;?lvsZeUpup]_i28B_C%uY{e|=.dt:`x)]tmFkϬF{n>]3mWmSa- ,B+݅9{*x~2:UT'Xb~4No7Z?4-a׋,.vCS'NDH"+l>Ҷe8 w^DV=>H0CJF'´&ᶓ3%GdE \$<ՐӺ Dǝ/IX<A2U?pR`=x17k"dȩ?jf*:X?kX u뷎b™zƵ@S{ɘF6ZL1$W1%wb'-jQ o7Z)܈K}~g&]ʹXdm)tv8c+B{3w]鉮P =h|$/gTڱvd{Etv.~ a55jAwp'91)S֊kf~3\[ɧ@[ZHTMpdɺioPY&Ob*+5HykzΡWY*Lуվp/ "*bhqMYYFًGƅRv{[r ]+M!e (& V+jX2rxCˡ6ä:Be u3M B7& [q5lI֩=B~ K\^P`IMl >dI9x`&3*W $PY缂 XHԕD =#HAPm!H؝ [䓯Ѯ,l%W0v=t& nGӄ$x[lFj\ 1| $׸vktW5&4 (N0]q ӼiC"uzX{Z١yPR{`džY%zET[j9m=>r&cc­34$ h7<2 QfsHهu#nz[u$0 eLoVĪ!`,@55t!ǝ}-~4B5|lS ]B`,W{5\f<:.c I?$JT5Кbfm}&?=T|Pd 098EVsU$YHfEK/ool#UeƎ;ι*6zb3oߑUej[i᪑JIYם&mHI+rG(BvŨt)a=ČEqL TMȏUx1-ld{?s*R`{!W煑ޯV"6,hXd/N&ž=s8b&ڥHm4 %}J# <`{-P0ߴ=9y-shc&h: TL /yɚou۞);0.4(\-NgZqCV~ Np}PPVka$bf'z MP:RvEVvgx&]uv79By1`-x~^ Xdz@>!(*F"/{2邉%o9/pRi[Fda vkUӦo5~m*dQq',ʳ;KUjϵA nOZzYc<*$ $[iKhf*nnl5lHcHڇI(&'05,{ano~Cn}zk6XUc&?;G'o;Os+C+v=6-,-4BmIu^UEz*0/2ߎ&i|/H_ Fc.uE0UY10?0x|J 柳\ulˌ[d=BB*s|.J,P O7Nrfr|c3M]%{l !>[6l֌+ֈ9a0Usih9 \`f[nkIE͎FQ-j&_'ą?GUЗJ3-nwϵ/zLhV>py%xXFEᥤF+ƃe5郹v_f\u?KZ_mr#=)(('><+ K2RO@av.$p2YƤOcV9sl4X> B`Mƻ#t^@t>6lju F-ΔzDJ*/ [zL$}]A7oEFTAM3U"K:7:0ƪ9C w{XF޷|:FOlPB8D'<.zUT&y'G*ttQCmG@%7=/]2Ro= A貫Qˣ!2?"tl@KLWR3 O w\DPWs?6->ŚM Ɨ/,Ybs62$LߟR#ql|H<첏DueɲcOkKʧC |o拡 ('J1bgboU~%5 +b*~͂$&V|nyt`i*ߴdprk=7xU leQdTd: tyb.[xcL`Yr4$ 9oIIOm;gx$yG;G^7F7t;2{m|g|(YCWkA4Ͷq+w< |MY|2C)w5gFmcq_akQ Tz 1Dp==v+u!jÆ(| &1S?3P:w<-lXkج;>7*@ 7Z ԪW̌ Y­Җ;AgBH\*xf@Y5J4 eȤzX:Ӿs:׸HcGi(9oҜmz1m8UPL g}Cv8h2úEח L..1sg؁ϴؼ >9_}=2Lw1 8A_-˜MO_k]hl:_QqQK[W:E=8>UR{Uao~`PQX3,Ī:EuΔzWW#'IKt/(4+dw!z_E}!0MdF͗%+ata=9iz "DZ880>Vg%Kh~J?SEK3f`-:5d.P<1r ؠ CCǢš@؀ʔ1T YUï h!s]@f!.Koՙ3K{ڡ ¬=tk|}t6[%꧝ (O1-է]aN`Q^?̘%/C̢\pHR*~qA5RC޾H{20HXIvlIC=CGc&m ũ9sVƼ泌e>c5Py_8LcDz1rej ;0|i$T9XTPe/#,OKghZ{rnU:n!<[#6pN Ɓ~O˨ 4Pv!'yؾD3RlĮѕ4mAi=ȼ*Ǣe.OHUp89R[Lg>r&YJwIjin]u %[RwB;V2RΟάCF"Շ }]Y +n`<,=FKc0⯂ f9<;W ܦw`Hҧ4G,Y9n,QoHMY1KB,5D'Zʷv }^})9aYǟ6]e6cu5nfAHoz>eP9՝ o t&|֗#$*. aٷpꒆd vϒo%\ֻv`vr&ku4R,X^M YaiD`iB$"?"ٖIN)֫i}co/ ّ ŗǡRmGoRuM<ߏzJ(@83ԱR-ٌnGm.wu ۵*w]\* rhm>ua0*(1]ԆCPVqI(\|hꌎRCQuؾOf3H7ח֩0WpJHqS~udh2!A E&7_#ҹv%>brO@="TZ.++[$bP>/=v.fsyw$ :-zNLaX"io0bkPtu}M-yJ0JDö㝕b"<$ʲ.YWpHcWeS^%Ⴂ`J^$6R8<   P]16nJݓ!hI襃Eo!ьyf 8WɢQb?lW$ u"t\j 0@`#8G&,i綘꒒;61͏͗T_Dw.Vzavۈ@ؚ~j;]sBO^7 3ZLBwwi!\> Oh%"BH|Q?M*)A )l@٫W+nH6'qJ~}k8mAL,[}8_7ޭܖ\1H=+ib4c%/qPBkJ|g5W*vM^wXԁ] kEWlUSF#رA.`Mi;{¾_ ptpvNγΑbsSw 1F QI8NW7BB&Džh8U7j,=a$?7oШ)sw IP+G='Tb~fR`M4r>Vn(QN#9(K!TVYB"ͺMpSi D:AR1g5pf:' Vo@ "LrJTD3!.Iά 3{D-WOKlvAyi.w / FZ9]6t5S-U3Jig`nqIֹLF8pf}-ADd%$-B3`7 ^R_SYNRCiadM.uz Tr/"g5TW~('pk/YS1V!*D.-Xn:@W%ޅ n8XmRe m?:p_6{`>A}H-l;-!Ehw8_ +qߒ*=/M]2n@4XgH\5Q=_ں}\&@UM?!P lKriq֗1z]8 &S#=[`ϓ#43V]]dR`/Z >$o&%hf%̆Y U9pt1~S} .c Ю[j^x6X`uNXiŒ657GO-0 ,VpV&eRfv!-I2mfBqgڙ]Qpޖ#mc.SԇXe4 ȉ&( ߥ@dњyR0zXr^M{^ed\~VLe'y5ej ^/I!Ea%B+(U'0w}mP3k;\Z/&PܿӼ RLhctTe)]LQg)2V%O"pB4'5JCPO_}vѲFs6aS|)HxS^e7aM>0Z1җ+y[?7SԦt!9b!]YExBPXV\\ੲ > HܨKMd *T-i;F2тS#gh)8ìL7^vY`Wa[f],j#W.Uoƿ$bw*,D%! Nد=r5w]|NLeH>*5V>>%p7iӂTPfD(|6eFeuhW1}/і /{!C n-R1*lV ZlB]άS;m q'@Ldrd iaz7Ɠ41ONsȋ)~;J&P& oeQ2PcZSx /5^Hh&S2BK4.cݮ|4y7/QF+XC3+Xe* ǔ@ƈ<)X;k9J@  @17cPL-7m[ƫ x&4uKG=i0b .À1> ji`\s%k[w w $\uB7}NI|dWHSDOb aEh\y\4~0)e'k S-@\v#&a-}^B6+k#5NR1ux/1#T:/Vq\X@CĊ-Smlk1vV6Ä;M+UE]K vPZO; E='C*,H3X);&54~ Leycfwg PJN A y&_rӥ (yki0 K;r> "@hg36Ї籴tу${I0"`̟#Dm"jY9ɛmUa$0r K[G°[_¹?`lxq}Z(k@LpSo~.J2ѧ6| >*? soP1f'CS[ $=Naϻu0 ޠ踬 K腅OT ߭jAjeӷT-)\vkztXY˭l&=ć{ѧ湄_VlTSeH =\ê]ڜcׁWpn-(ا۸4:XM1wĕA}lG9V51En b]0 t6Puk}pF~ȢT Lxh GмWTpO/|GYyX0ߖ@\%XZGx^G?5xcDTv-캶zk:9-"%6X4g]WՈM9n݅d4lIa#0) ZcX3ܻh dв̚!e+,?ٞϪaVdEd2~J $K%!nq3nW=Gy|f>d|ja) .IQl-MtM߹$`/eƆ0e.aj1 P[oψ RWMӋqI͍T#mtxZDLfTf&ӗa?^t$_;~E&KODԥ1^P}Kztx}mOWw_()N*pnf|&`wr SkIz`i0W (SvE|?x&c(G] U22Զ#"pD؋jK\WՉǪ{+j,|CyD+{L%Ε;\Zp./ pK|ܒ`#v6j]h¦YbBzӍ%q:2< ,, !eH.&s< Ta'+v70ijo#5 Ӣ!3k)ާ[oRߜy^Cؒ{Jv`^NC\b <՞ F& T/XbU&NR >Ɩ/Ee$5ZӍճ#}orH(#uH R՞oO79U^r {N_W,+@R&-i|E1]f㨎> =#l9صFqO:7q(2&ҫ$`t-96%W݉XFjJI1vZ;kdK8N.؇ 0'gwlm`HV?(};3Ev@ a,ґ8_pjPZCmEg{ ^!΁m1tʾh8 3G"U͢^PĉUPs~ &,G?Vz?[CvɃ8a5 [@c5~蔋55Vc1])\ Œr$2e$O$! ]DSY9CkӲmJ*hL8}WJӱ2^"N6i,9/\O7)҃l:0{3|>:,f /n>ZݸƟd?j;x2e4%FR]#Jp*3%%h2SIބWȖjHʌffcI"(](2mtiUwzxϙJj)JQB[""/OjqZu#7@JG vlxPoͻI̲đMӑ__0Kaaπ5G6D7)x\ B2_{MM4Pg.E2DTRڍ^{9o^{V޹(<RԹ&@Y,v]/0Qq1׵4F4zڇ̜ _9Ps~F*eD'82_'#sovDnt&x@uBki&P5 û.twÖg7yKz 6Bݚ@РP|łdJC*]^!F,;@%1P?D[sw9xR'dFvCҺ+'!:1Q/q{]R1Egul a958vƷ噘? Ďr1쁩}YNggc $޿NBRSW7U]lK&yVuӃD b#*np~ޟA&s6=DJuu& Pk Agx脵/PL;cp?ގE|R-0p\KT7ERБ&|U?#h" x2Ag:`4bXf;Ƥ 4;L*h;&cѺGQgӘiK'rŬF8GG@[}?EEPڥH-:@ #jl `oy`$j?L܍_ /eEZŀ9+WB7wA+٪]ħ)gr#T|6وٮr"tBp\N64o( DT)aq/uxle-0agջWU aЇ"Hhh 0Сa?rkt sl+-Nc|̞TC^ca&1%S*VĞ+X50R<_nΞj*{쭰V¬E2ӄ!ݒ t>-\;\6sJ`@5Hv 4tRvEJML]p:t"n`@XLA9.z{W%MhexDt>ʳg-r _ͺ[J8% ,e x;&c"i<|R{\g@=dةb]g'Ʈ2y%2(Uy }M{0] B(PrQb `?1k=rqQH|] .ZKָ'\\lU|+u܅zAG‚ u Y|Vh<!=8$Eƒ&= ]p˜Ken:6Uf}.nO><5Tb<"J5C6S6Bj-(78I[s.΄v66v`kr]*z NQ"픯c4AWr%+ӃPǝcyfd1^+BAKcx(TL$";|BU! HX'~UXBksIZYXCh '<`JI{\roGD5vOɧ2w>{>ICzCIΘNS^9,.lԍY^7N.Kk)y/BTrJ'j;%kjc9M)zmL+U3w^ՇjB? MH {>8oUO.4)Q9W.&dNю_{B˲eQ4c \N8N Eb_Ň e!~iuL}% ז2 wÜuFiwi3q)佷KF(nҪ[?]άS<#F3V4 &ɋ+-L7Du޻溸BbC./+ٳ43{k2\vm]ïS#,|2ȡ{}`kCD89k5|jF?h /X$5A5nHN~_Gz.bLĿBaj:RGёŏ$aS!SSM# Rx.I>ɰ1hםXPf i$ @Н~EF\Vcx4>ܼw-l0 |a|9_:M4wVLzu/T^IaQ#IOUn;7 y+^9h'$GRF%}8/XaFhe(@MQ%) >qEjy''cK;ݵ֐~S_'?FQWHx_E"s%#L'hRR'2Yvר Ӱ R ~[4Fڕ<䉶Ekgt:f^9bMtuI6 + ^X P7wytqdK=!%wT/ ^Hi|YgEI^bUHV*k;x5l{p/MTq,UeY!mPn;qCI 66 '\a3yGS!6|K+DqGӚ x( ,A 1o RsoRP \e&-'puȣXNl:ԦCA,-Jg428i`@,V=G-EBvzK6Y9ZtZ$R}Ƙ^4RVk]gJ) W*4v8` YZ