ossec-hids-0:2.9.4-5177.el7.art$>вAO3J>v?>>;`d?`Td   $ Y8<`dy~ << x< < < < <<<a<x{()*N+T,X-\8`9:6S=XDXGX$<HY<IZ<XZ@YZL\Zx<][h<^^ b_d`+e`0f`3l`5`PCossec-hids2.9.45177.el7.artAn Open Source Host-based Intrusion Detection SystemOSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS). It has a powerful correlation and analysis engine, integrating log analysis, file integrity checking, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows. This package contains common files required for all packages.[*Kec5d77a2c859461e863ef3c00063a995Zhttp://www.ossec.netAGPLAtomicorp Applications/Systemhttp://www.ossec.net/linuxx86_64if ! id -g ossec > /dev/null 2>&1; then groupadd -r ossec fi if ! id -u ossec > /dev/null 2>&1; then useradd -g ossec -G ossec \ -d /var/ossec \ -r -s /sbin/nologin ossec fi if ! id -u ossecr > /dev/null 2>&1; then useradd -g ossec -G ossec \ -d /var/ossec \ -r -s /sbin/nologin ossecr fiG!6:`Ro  ccI l&xc$fF88AO {A큤AhAhAhhhhhhhhhhAhhhhhhhhhhhhhAhhhAhAA聠AAhAhAhAAAhAhA[*>[s[s[s[s[s[s[s[*6[*6[*7[*7[*7[*7[*7[*7[*7[*7[*7[*7[*7[*7[*7[*7[*7[*7[*7[*7[*7[*7[*7[*7[*7[*=[*8[*9[*7[*7[*6[*6[*6[*6[*6[*6[*6[*6[*6[*6[*6[*6[*6[*6[*6[*6[*6[*6[*6[*6[*6[*6379c69bc4fb213ed9b3e386bb86bef749f7eb7f37d1b005cbc92b6ed7a4756002469254e162d0eb26fcac7c5ee0f44b62a63302f95a88dac27a528597663e6ab009354e68d699690bf556828c0007598bc3e6430814c7d29168771e3ad7db96dcb6cb71ae9a7ddb20a9ea124a001f2a931da656e0ac4ff5cc53c0c982505e5c7953858e28ee9dfe523b6c421ec5b2fbc9a70acdca84a97867d89ede4c9d23abbddeb78cbd3926ab3f860f8b94a87565639fb8ca68554737a67ff62563dd918bd5db08cf364820248c57f62bdce38bbcb575bc3adfb8ba9bc48c70def67df15aef9a813e4e53823fc8d43a8ec1a91df67524308156eabdf63c8440086f2394260bbf7c01cbd64493060e0e47f5df79e9a2eaa2fe96de3de621c146f9d2de457e4fb22807623a542279870b1b7e4e7221ff04f5bf12771b460205fa1204a2a6e486661ecee184f9b16260a77eb0e0c99ea6c48d358a0ecd3206131dca9607d7ea6b8b77ad5d1cf487a6f707b41058a081f5408b130438b42505896c14db49f03cc35bc5f45769bba926ba5ad716656e69a79ebea284ff5915c0727e653ede7b9175781e4c355eee177f8789ce242a75dde4b27f1f313e6eb4b1641227ab2767848e736dde6929e32461fe51db100d4bff0d80ac2d316e7011aa4ac8294bb94a0a9fb32ed79d97a1a9c6ab12fc86dc6678c5500d2ecd21192d5e5fd13277173a584dbfc71e6af8b288eb468bacdba8a02569671224e6f65bbf01fb461d40eb9ed405029207a9255c4e0df67db772a500694dae75a96cb9f0326916b21fc94c0d317ff5c3d283798fe18f79d31f189c634c74a710a0d57b95b0b451be071dd34caef4d63380f28bbd789138ef6396cbf8421a59cd45cf8abb9e3a2ac813d2b11cafb04a2c084b43acb1f9d91c6f84bdaca5d6816e43f2d5937fcb19a45bc8da6aaec35a9a511eb0a40adbfb9e5f1a2a7734a923b2e9ebfcd28896e8fa2bf4f2445b5779a5cec11b6f3d2dcc996ecd09d5f641c82fe0e26dad8b3dbcee76f2c592e27aaacfb53d9b9b3c2ec89b6bedb9ee5f236612f5ca5046735c61ce47763c04e298546f15dafe30ce45e3284803bbe01e261c9ce0b763a53418c15a0047d06065ff6ecb3c4400cb1e531e4768429b1b86e06f33b89e495d0549d10e5adbae476b8e0d30dec6a4271badf289a8fe44d19be4d4bb0f4dfb90ae7aea6930658abb45d255a26c4e816582e6979b950effa43d850ddcaac8421080b492ab18d0921185c2cd177a2093663bb17f1a67488faf6f1bd097bba5d25a08b5cf197fba30e0ad5289710bfbba25aa838a65e02e19d97f41b3fe43a46d4fab61c113be80cc9d01b9fb3b973248c76d14a814ba558235f520640d26e9f2fafac03fa2432b16e40f9738d6767a0d76f8732f9afb869b5b7533b0342989ff6754fbc9fc023a37b0c1caee022646c6b78507bd02bd632efc1d46e65c82589c8823190e83e4c006846d600897a8ee5c0159709c28c622ad5e4de85d0e596f770ea8c80be97893f85f67543ba95564730b7265e456120cef81905316d877cc532344993987b38f1b1e0081c87cd21a1b8e5e4fca27a2fc19868d161f15635514513586adddbdb196cec6cf97d988840ce05868f7e8eb40582354bb44f1d0e1614241d088a8c440f0fc4ba87bb0cbd2ab32d27075d2c15f445eafa07bdedc80c55169e6076c819ee7b10da3dc97602a4c5c983786175ccd1f0282914ab04674185bf6bef496dc88427513358d925aab330df06db3418f50d3f57c2f1f5c892f142c3d59cb9db2de1380a8df20b3a42c0106d46e810ddf37fee88edf7a629fc9f622c5acd2cd211ba2e5a5fb8f7994193cc5fcc7a75988740e117b64462ee62a7d40cff17f72e5d39fb2736rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootossecossecossecossecossecossecossecossecossecossecossecossecossecossecossecrootrootrootossecossecrootrootrootrootrootrootrootrootrootrootrootossecossecossecossecossecossecossecossecossecossecossecossecossecossecossecossecossecossecossecossecossecossecossecossecossecossecrootrootossecossecossecossecossecossecossecossecossecossecossecossecossecossecossecossecrootrootossecossecossecossecossecossecossec-hids-2.9.4-5177.el7.art.src.rpmossec-2.9.4-5177.el7.artossec-hidsossec-hids(x86-64)   @@@@@@@@@ /usr/sbin/groupadd/usr/sbin/useraddopenssl/bin/catGeoIP/bin/sh/bin/shrpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(CompressedFileNames)/bin/sh/usr/bin/envlibc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.7)(64bit)libm.so.6()(64bit)libm.so.6(GLIBC_2.2.5)(64bit)rpmlib(PayloadIsXz)4.6.0-14.0-13.0.4-15.2-14.11.3[ -r /etc/localtime ] && cp -fpL /etc/localtime /var/ossec/etc if [ -f /var/ossec/ossec-agent/etc ]; then cp -fpL /etc/localtime /var/ossec/ossec-agent/etc figlibcXXYX@TT @SSS[S@R@R@RʚR@R@RrF@Ri RR@Q@QY@Q@@QQ@Q@Qu&@Qu&@QkQg@Q\PDPP@PP@OiO@OЗOЗO O OpZ@NNS@NK@N;@N;@N6@N-ZNMMM@M@M@M?MM>MUM@M PL~L8LΫLΫLʷ@LeL@L{LL@LA@LLLzL~@@L|LvW@LmLa?@LRL4l@LT@KtK͗@KKK@K[K@K8@K@K@K@J@JJJ@JJJn@JL@JI@J2C@J2C@J/@J&eI@Io@I)@I4IܑIII@I@I&@III~@H@H|@HcHM@H2@H)GJ@GAzGV@G m@Fޚ@F@F@FF@Fr@Fq-FIF-@EWEEySEIE E DDY@D@DLSupport - 2.9.0-50Support - 2.9.0-49Support - 2.9.0-48Support - 2.8.1-47Support - 2.8.0-46Support - 2.8.0-45.1Support - 2.8.0-45Support - 2.7.1-44Support - 2.7.1-43Support - 2.7.1-42Support - 2.7.1-41Support - 2.7.1-40Support - 2.7.1-36Support - 2.7.1-35Support - 2.7-34Support - 2.7-33Support - 2.7-32Support - 2.7-31Support - 2.7-30Support - 2.7-29Support - 2.7-28Support - 2.7-27Support - 2.7-26Support - 2.7-25Support - 2.7-24Support - 2.7-23Support - 2.7-22Support - 2.7-21Support - 2.7-20Support - 2.7-19Support - 2.7-17Support - 2.6-16Support - 2.6-15Support - 2.6-14Support - 2.6-13Support - 2.6-12Support - 2.6-11Support - 2.6-10Support - 2.6-9Support - 2.6-8Support - 2.6-7Support - 2.6-6Support - 2.6-5Support - 2.6-4Support - 2.6-3Support - 2.6-2Support - 2.6-1Support - 2.6.0-0.10Support - 2.6.0-0.9Support - 2.6.0-0.8Support - 2.6.0-0.7Support - 2.6.0-0.6Support - 2.6.0-0.5Support - 2.6.0-0.4Support - 2.6.0-0.3Support - 2.6.0-0.1Support - 2.5.1-10Support - 2.5.1-9Support - 2.5.1-8Support - 2.5.1-7Support - 2.5.1-6Support - 2.5.1-5Support - 2.5.1-4Support - 2.5.1-3Support - 2.5.1-2Support - 2.5.1-1Support - 2.5-1Support - 2.5-0.9Support - 2.5-0.8Support - 2.5-0.7Support - 2.5-0.6Support - 2.5-0.1Support - 2.4.1-11.2Support - 2.4.1-11.1Support - 2.4.1-10Support - 2.4.1-9Support - 2.4.1-8Support - 2.4.1-7Support - 2.4.1-6Support - 2.4.1-5Support - 2.4.1-4Scott R. Shinn - 2.4.1-1Scott R. Shinn - 2.4-5Scott R. Shinn - 2.4-4Scott R. Shinn - 2.4-1Scott R. Shinn - 2.4-0.2Scott R. Shinn - 2.4-0.1Scott R. Shinn - 2.3-8Scott R. Shinn - 2.3-7Scott R. Shinn - 2.3-6Scott R. Shinn - 2.3-1Scott R. Shinn - 2.2-5Scott R. Shinn - 2.2-4Scott R. Shinn - 2.2-3Scott R. Shinn - 2.2.0.beta2.1Scott R. Shinn - 2.2.0.beta1.1Scott R. Shinn - 2.1.1-5Scott R. Shinn - 2.1.1-3Scott R. Shinn - 2.1.1-1Scott R. Shinn - 2.1-3Scott R. Shinn - 2.1-1Scott R. Shinn - 2.0-11Scott R. Shinn - 2.0-10Scott R. Shinn - 2.0-9Scott R. Shinn - 2.0-8Scott R. Shinn - 2.0-7Scott R. Shinn - 2.0-6Scott R. Shinn - 2.0-5Scott R. Shinn - 2.0-4Scott R. Shinn - 2.0-2Scott R. Shinn - 2.0-1Scott R. Shinn - 2.0.0-0.090225.1Scott R. Shinn - 2.0.0-0.090220.1Scott R. Shinn - 2.0.0-0.090206.1Scott R. Shinn - 2.0.0-0.090205.1Scott R. Shinn - 1.99-2Scott R. Shinn - 1.99-1Scott R. Shinn - 1.6.1-1Scott R. Shinn - 1.6-1Scott R. Shinn - 1.5.1-1Scott R. Shinn - 1.5-3Scott R. Shinn - 1.5-2Scott R. Shinn - 1.5-1Scott R. Shinn - 1.4-2Scott R. Shinn - 1.4-1Scott R. Shinn - 1.3-4Scott R. Shinn - 1.3-3Scott R. Shinn - 1.3-2Scott R. Shinn - 1.3-1Scott R. Shinn - 1.2-8Scott R. Shinn - 1.2-7Scott R. Shinn - 1.2-5Scott R. Shinn - 1.2-4Scott R. Shinn - 1.2-3Scott R. Shinn - 1.2-1Scott R. Shinn - 1.1-1Scott R. Shinn - 1.0-2Scott R. Shinn - 1.0Scott R. Shinn peter.pramberger@member.fsf.orgpeter.pramberger@member.fsf.orgpeter.pramberger@member.fsf.orgpeter.pramberger@member.fsf.orgpeter.pramberger@member.fsf.orgpeter.pramberger@member.fsf.orgpeter.pramberger@member.fsf.org- Change labels in alert mail headers to "ASL"- Update to Ossec 2.9.0 Final- Update to Ossec 2.9.0- Update to 2.8.1. This is identical to 2.8.0-46, the only change is the hosts.deny CVE-2014-5284 is merged in.- Revert BR#1596 - Add Bugfix for hosts.deny race condition (CVE-2014-5284)- BR #1596, Add fork limiting patch (max 10) for execd to prevent DoS conditions- Upgrade to 2.8.0- Feature Request #1512, speed up shuns in execd, move sqlite down- Relink against native mysql- Add ar-tracking active response- Placeholder for null exclusion rules. Legacy support- ASL 4 version with new database format- Add support for Fedora 20 - Modify optimization flags for FORTIFY- Update to 2.7.1 - Add independent rules.d/decoders.d ossec-rules package- FR#772, add rule 3360 for postfix slow brute force - add dovecot-decoder.patch for cpanel dovecot - Update 9702, 9753 for dovecot brute force - FR#773, add rule 11308 for pure-ftp slow brute force - FR#1347, Update for courier v4 decoder (pop3s) - FR#1359, Update horde decoder for v5- Disable ossec-dbd signature table (replaced by aslw_rules). This was very slow- Break ossec-dbd into separate package - FR#1321, update courier-imap decoder for version 4.0- Bugfix #XXX, prevent truncating last character on ossec-dbd database inserts on the alerts/data table- Add tld column to alert table w/ index- Deprecate internal id generation in dbd - update schema to autoincrement, increase id space to int- Add is_hidden to mysql schema- Add if exists to mysql schema- Add os_dbd-mysql-replace-query.patch to consolidate SELECT/UPDATE into REPLACE sql- Consolidate alert & data into a common table - Add ossec-authd init script- Add sqldelete command to execd - Update to clear sqlite db at startup- More minor updates to GeoIP tracking- Minor update to GeoIP tracking- Bugfix on permissions for files in shared/ directory for client installs - Add GeoIP support - Remove dependency on perl-DBD-SQLite - Update asl-shun to new non-perl based version. - Deprecate firewall-drop-update.patch - Add sqlite support to execd (/var/ossec/var/execd.sqlite)- Update to 2.7 final- Feature Request #XXX, revert duplicate detection in log events to help detect extremely fast brute force attacks - Add FORTIFY_SOURCE, PIE, and relro (full)- Update to 2.7-rc2- Update to 2.7-rc1- Move active response components under the common package- bugfix #xxx, correct ownership permissions on fts dir- Update to init script to suppress spurious execd output - Add alerts queue to server package with ossec/ossec permissions- Bugfix #XXX, correct any/agentd condition- Moved agentless packages under server- Drop timeid and cat_id indexes from schema- Add new index, timeid to alerts table.- Add cmoraes patch, Adds config options for enabling/disabling rootkit/syscheck options, and agent config profiles - Add ossec-memleaks patch - Add agentless directories, and agent.conf - Bugfix #XXX, ossec-hids.init will now return an exit code on status- Add prelink_cmd support- Bugfix #XXX, display multi-line events in data table correcty- Update to asl-shun.pl purge event to default to 24 hours.- Update to asl-shun.pl to change ordering of block rules - Revert from 0805 snapshot- Update to 0805 snapshot- Update to 0801 snapshot - Update asl-shun.pl to log to active-responses.log, blocks now go to the named chain ASL-ACTIVE-RESPONSE, and delete events are more redundant.- Update to OSSEC 2.6 Final- Update to snapshot 110711- Update to snapshot 110613- Update to snapshot 110609- Update to snapshot 110606 - Moved ossecr user creation event to the ossec-hids core package- Update to snapshot 110531- Update to snapshot 110526- Update to snapshot 110504- Bugfix #536, Increase the default sleep time for syscheck- Renamed to 2.6 branch- Add support for the rules/decoders dir system- Update to snapsot 110405 - Update asl-shun to support ossec alert ids- Changed asl-shun sqlite database to /var/ossec/var/blocklist3.sqlite - asl-shun database format now stores the full alertid- Update to snapshot 101203- Update to snapshot 101125- Added alertid support to os_dbd, this involves a schema update- Added dst ip, src prt, and dst prt capture support to os_dbd- Bugfix #XXX, manage_agents was built in client mode for the server package.- Add clamav decoder & ruleset- Update to 2.5.1 final- Update to 2.5 final- Update to 0928 snapshot- Extended no_ar into ossec-dbd- Add no_ar option to disable active response per rule- Update to snapshot 100920- Update snapshot to 100907- Snapshot 100901- Added test fix for os_dbd- Bugfix #376, ossec-control will now properly stop and reload- Update to 0809 snapshot- Relink against native mysql- Add minicon decoder from les fenison- Update to 100707 snapshot - Feature Request #371, add ossec.log to logrotate- Updated to 100615 snapshot- Updated init and ossec-server scripts to support the new reload feature.- Update to 2.4.1- Added zabbix reporting active response- Update to 2.4 final - Lowered courier rule 3910 (failures) from 6 over 240 to 10 over 10 - Lowered courier rule 3911 (success) from 10 over 60 to 30 over 20- Rebuilt for atomic repo- Update to CVS 100317- Update to CVS 100311 - Add decoder for denyhosts - Update asl_rules.xml to include denyhosts rules- Update to CVS 100309- Added new decoder for smtp_auth - Added rules to detect smtp_auth brute force attempts - Added rules to detect imap/pop brute force attempts- Updated ossec-server.conf to be in parity with the ASL config - Added templates dir for generating configs- Update to 2.3 release- Update to snapshot 091109- Update to snapshot 091008- Update to snapshot 090925 - Added timestamp field to the mysql schema - Bugfix #XXX, for the ossec-client.init script to call the correct (renamed) ossec syscheckd/logcollector daemons - Appologies for not updating the previous changelogs. Missed a few updates!- Update to snapshot 090827 - Feature Request #225, Added logrotate event to active-response log - Updated system_audit_rcl.txt to look for the correct php.ini file- Update to 090824, beta 1 release- Update to 090812 snapshot- Rebuild agent daemons with -DCLIENT, added symlink trickery- update to 2.1.1- update to 090630 snapshot, this has fixes for CentOS/RHEL 4 64-bit environments- update to 2.1 final- update to snapshot 090612- update to snapshot 090610- update to snapshot 090603- Disable postgresql support, to get around an undesirable dependency on EL4- Update to snapshot 090417- Update to snapshot 090413 (this adds in inotify support)- Update to snapshot 090410 (this adds in inotify support)- Update to snapshot 090408- Added authpsa rules back in, this is used to detect brute force attacks - Added conditional building support for ASL modifications- Update to 2.0 official release- update to snapshot 090225- update to snapshot 090220- update to snapshot 090206- update to snapshot 090205- update to CVS code 090129, this is not an offical release. Its for testing only- update to CVS code 090126, this is not an offical release. Its for testing only- update to 1.6.1- update to 1.6- update to 1.5.1- added mysql support- Added Stanislaw Polak's excellent ban-hackers script to manage shunning more intelligently.- update to 1.5- fix on active-response locking bug that prevented some rules from expiring.- update to ossec 1.4- update snapshot to ossec-hids-071011.tar.gz - relinked C4, FC4, FC5 against mysql4- update to snapshot ossec-hids-071006.tar.gz- update to shun blocklist tracking used by ASL - added authpsa rules + decoder- update to 1.3- minor adjustment in post, to check for config file before overwriting it- v6 was first version of the patch. - added in logging in active-response for better ASL support - Disabled conf event in post, to keep from overwriting config files.- changed permissions on queue/syscheck so it can be read by the ossec group (tweak for web gui)- removed the noreplace settings from decoder and the rules - patch for a more ASL friendly client config- release -2 had a bug. - added ASL rules (asl_rules.xml) - added decoder for the asl style modsecurity logging - adjusted syslog_rules for qmail-scanner issue (BUG #ASL-18) - Added http index in asl_rules.xml (BUG #ASL-7)- update to 1.2- update to 1.1- configuration change for ASL- updated to 1.0- import into ART - changed their naming conventions a bit, 0.9-3 to 0.9.3. Please dont be cross with me.- new version (0.9-3)- new version (0.9-2)- new version (0.9-1a)- new version (0.9-1)- new version (0.9)- some bugfixes- created/bin/sh/bin/sh  !"#$%&'()*+,-./0123456789:;<0:2.9.4-5177.el7.art0:2.9.4-5177.el7.art    ossec-hids-2.9.4BUGSCHANGELOGCONFIGCONTRIBUTORSINSTALLLICENSEREADME.mdossecactive-responsebindisable-account.shfirewall-drop.shfirewalld-drop.shhost-deny.ship-customblock.shossec-slack.shossec-tweeter.shrestart-ossec.shroute-null.shagentlessmain.expregister_host.shssh.expssh_asa-fwsmconfig_diffssh_foundry_diffssh_generic_diffssh_integrity_check_bsdssh_integrity_check_linuxssh_nopass.expssh_pixconfig_diffsshlogin.expsu.expbinossec-luaossec-luacetcsharedtemplatesactive-response.templateapache-logs.templatear-disable-account.templatear-firewall-drop.templatear-host-deny.templatear-routenull.templatepgsql-logs.templaterootcheck.templaterules.templatesnort-logs.templatesyscheck.templatesyslog-logs.templatelogscompilednativequeuediffossectmpvarrun/usr/share/doc//usr/share/doc/ossec-hids-2.9.4//var//var/ossec//var/ossec/active-response//var/ossec/active-response/bin//var/ossec/agentless//var/ossec/bin//var/ossec/etc//var/ossec/etc/templates//var/ossec/lua//var/ossec/queue//var/ossec/var/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=genericdrpmxz2x86_64-redhat-linux-gnu?P7zXZ !#,%,!S]"k%G{lsDqS-s̈́{oA~2?> H7k]@@PhE F6#/4؞Ґӫ,1KUfj\aW0|ZmaD2OSzxg)jĴI.¨S!,ќZh>PSN&$sPo X&Gg0 GӮR)uV@V0.d sG!W5A{;(ڥ.NvKbSGg{ XmlQ Sab:G_- N  T;\N "I>0,Ol<.e/5܏rtߣ'w?ObFI2ӂ.|3=UBh(!X\m;W&%I; ^e '?D}[Y y C'Yc3.kVZUvqГ?k<Fp(%ϏUr8֙\5۔%|~نCAPwfMs,'sP(ov|iV/~ a= #[$ ^B95v0UND4o MFI# 46!ybhT`sJ6 87Yz0[vKf4FQw&N|]Mŀs+pa#S0"e"Ļ{7T\Fz8[p2ҖͣWE>Í T ()_ ^o4RT-'tb$(%t^SwEl:9)=i^Uyn}QmqNrZm08Ѝi;b -!I&"A`>㣸"Oΐb='h*;{Ou~0pg|Ųn@A|iШă`qG1f p,= {Ty}MO2#. 3@RM V3 +sC`~Z9F**k<}Q~$]PY|op;K8, NJ>H6*P5V[n5|U+l[0Qxp&" IC`}f^.돠$IC0_Xfqw,漿EH[[qTv"Bv=a76M|-X{Ͳe90VBOABiP̀[<~D;MdWE60 <@-QG ْ1ę0A8L;Rd^Wz *TMºi;/-霛b b %}+;c/i)].ۘXch')\w=. DiV&njFͦQyDr${.E|MrFb\Uyvu=b>3#FqXPW*G UyRw&a}4V|2k`7k7j(HqxE66Jk5-\92(;<ekrh@`RG$2vJx 'J|: .t&(â_5`!(U p=WGH7. ayZ0Ts'p{k7foRъ8֥a}>?XVl;#dD@ t?5/'Eҹ#vUt6/Lv<95ܫ^ntx:rW54.%CL+WK 3rQ9)|Jv0h-em~ngޥ7cB%4řx9xSm&䡬)oruu6;( g$^d4TC֓10`޵PVwdY0d8O6Fc 68'P[I;ҬCBDg:gArJo~7:#wo6W@~gih˜ '@*2(68z?:Rk5"-/۫o]K9cߊG.$w Pg _y1TwOLU>)٫WHh,IJz(7-ၴn]JA9whsvu`njM?f Feʇc#j5)Yih5}i{snms| HQHLIz7>H\r63:[\ӽDo ucD,<2? p%{X{ڏQg I<)E_BSPاn!Hc#R~[Cl{cH-Y)dhO+x-!I`Q (ҁCZ%5Gy, n<+>f(<4c\{ AhB73K.N厙]:X>_#|rɞ2v8aȒt 06ZשC$'~»TQUU-fгt}]R0YDϽpGR_Ֆ\ϛoC qmXy 7i6OK8߭&]Ei.(ޞU6O}ƺQYôk?ɶ0Lz:]ω ĆOISA ~sK}lj&W J-7lՓv\4#G EǾ/Ś(si*$jrC?)zeCކ5=k"I~I]HYtSv2Ycs#f'-CyV@(*Ӣ,=CmH^Ãw"ct?[~ %[fDLmI( TgwUOCƜ2>aYӜU68Γ5 JjRIw2tA-K)7M2:*?]cUIi i;.[UR߆FALEMmێFݵسox۫ZB ¸wOT-ƂrT']+IZeX{k(0̉|&aĠLBZ_v!OZ'vj2kQ][8F C}˵|@eq5o)3:H)O1qhsI@{m\ܰj)=(m}GLv3ܸB+,+wzpt'VW sތF!Yf@cE`uWfi{GI`:g '-JQIm(ʅ!ӫa:ɡVmo5f֭!{!+ajӂk]:sCF)6s7M nh5;Pe/LD ]9]ِxh@g+++bO0s*&9=1,*z(yn4\z̚-f!^:B"%24{>>苽

>T5è+qx ZhkZ^u\ib#S_d+p[oimf<+XwE%νL$0ޒ*C#k]%l搏DffıP܀F=Ҿ@;"ԍYi07m`<ƻȎU0p!Gv ʸjOTdK0m>f^m`ba dh:w0ڵH)B67H sy fZ`+B됴́'K"9O"i$i|><#jʩ*}@%gs;BEb/]rSG$8G;"As}MtZ,$uYqNY3 S ;atba요UϽ!208U&!L#>PYӝb]O`4F&`ۖr/ R3}g_FSuꁧz*c1*+ОsZ=&.G dF&5-܊;ԨlphG |*fu XӌPR0_F'\k `qTn!0 ~>s+8G=8 gh35hP)>}V:bη$="#E=.`Ymo-e䨝m^\s+btW8b6\IhN&mԩ%GJE \oϡ3GxM7L͘ 9A:bN=ߡ]lLENSRfy㰣mX`˸u=.h?0ɿAC#9O~*a; =F%旴!np`H}!2IN:$kR*8TP*1\!n),E}CW($H9|ߵ :ȬSz(wih;QJ?X$dScPZ̐,$ٗ.%ylhouKUߎOlƀ~2ݯfOG>-f?d/~y=b{ű1Te iC}\\44 N/Kz&IQQ1C`o|k+YTiʞi .P%7wpD<{Ies~3B\]tofzzVow=YpJ7$˛4-_ҹC@c_:.KDGƟy7$u ʠa ! G2) Fy5SE|42#G֣1ZЫ]$oOϽM&z/Y9_x}ҠyM$e-8CJ YZ