cups-client-2.2.7-150000.3.35.1<>,6 bp9|8`hG^uuptl@1Eud6Y- ?z +DdݟR-U~/ˮXWП}7[Q! N?7^)sxhWL8F?ܓ ywc`lB8:XF7ʲMPmӢ?A>0J1vO dS٩bƋUfU??!A렐5OU"7Fi K>dbR}s'@ egNHO>A?d " 7  )) ) h)  )  5)  ) p)=) ,)0 )(,84,9,:,F\Gp)H)I)XY\)])^_bc\deflu)vw)xP)y_zpCcups-client2.2.7150000.3.35.1CUPS Client ProgramsCUPS is a modular printing system which allows a computer to act as a print server. A computer running CUPS is a host that can accept print jobs from client computers, process them, and send them to the appropriate printer. This package contains the traditional command line interfaces for the System V and Berkeley print systems.bsheep22SUSE Linux Enterprise 15SUSE LLC GPL-2.0https://www.suse.com/Hardware/Printinghttp://www.cups.org/linuxx86_648088X@H08H80(0yX (8 h8h80(0 =  p #_! E,$$$$$$$$$$$$$$$$$bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb306c209f33b2e24ffec1167119ba1f75b4d546dcf5da0e7f029b79e2c14d845779b6a1e46b113688ec97373b63462996fc60f6b2e24a369577577ba14a1189c551f38594304376934de1a2ec7bcaf0a203508503ab58bc65bb2c2036d01194b36fe5fcb92812572df7c66c34c334c314e2f612f106916a7521eb982742c6402bacb78ac3d55142e5378aa4dc085931a374808de5b315b0bd26f510f8ab53ed00f7d04024f5e786ca1e01518b64d0a0419b5a8dae51c2088b44bb48514d286f999ad3ee2e30ba434417425487bf8485b81a5c2c57359fece79a61def64ca0b1f708db018602d8e2856ccb553d5aa6490e9bf6d52d7da5269c56c7b41a6efe8a8112353826db0da54c9b0e50afe3554eb3f9ac30fb8db361a927ee588e63427686c4588dc32afbb578a323d4e29199dacdee12e0e0a32e5c36cb991810cd3af395c319761d8cc1964e3ca82c8f0db23f760f8c5370d06bbad7d156a4a978861ea706fbd7d5b21abd5bfe7202e45031300adaefabdd264d151cb8640cb17c4b7617412fdef2e802f7c9c3617cefe8f17d55908212d46daff2c87e9c6518e013acde8591c0a36df654334c0010e9aa409bc0d0ab3251bbfd5a1a72cd406260076bbab2a4ae38bfc595d15162ec5ea787263fb192918afe05b7aa6d9fa4a4fbb8612535baf1d9141efa15797956bd2699d2b1f1268dd70a32b3c99536ff64b9f06272b1fbdcbadedc56dee98d3ffe20924eeab58dade589b009ad740244ce4dd63b58146840140203ed964c4bb61d5e151f70bef803f318d2efc6c08630d73521ef8f167a3eed3d091599b381d18313b1bcacd3049491279402b6c36d08b6b1e45cd029e3af96a596bd94cbff2fd03360c1ffe638b6609baf81abcbaa8b9ae949e29766ff65ed88eb6a3e38ed1cea02eeca3854af066affba672955cd52e8427a2f9385b3d787522eba57a95edd1febf9034e9f517295af284b7cea6652f6ba78dc6f5d3d9650182cd9cf0613ec9b665f0c4e32530492a774fb868d533986255225f0462a694220be881252de15b4c6328a99ccb76d4ffec5bb81c7c4d00926a0b9ff766939a06aa03bd48705655161ab1293370eea01a338589d4cfa0299209b9cd524877fcc63e3bfd4e3591f7baaa30186737841eae1c002d170d756841429d6472c45a79726efac9912a094a44a1a08991bc927da3e21636ee2c72605699b9e4faefa1a0d7307c63c63b239b1be76a10daabf36f8b4232154b535bdc22236bf05affe3ef02c6571f9ace710e331aabf59fcbe5a143e6baed52f2863e005ffb6dc4b47e6fbce2c9f361dedfef5d27e3f235303db4d0698ed1f0b70b73e6f9c33804896b3b8a1499222acdb1adbc21eea313082b1aa711b7f48920f67ffa3030d274162cb793e1a5b7886df885732ed25e9b712c398c770d68150100a8a71c2eecfcupsacceptcupsacceptcupsacceptcupsacceptcupsacceptcupsaccept.8.gzcupsenable.8.gzcupsaccept.8.gzcupsaccept.8.gzrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootcups-2.2.7-150000.3.35.1.src.rpmcups-clientcups-client(x86-64)@@@@@@@@@@@    libavahi-client.so.3()(64bit)libavahi-common.so.3()(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libcups.so.2()(64bit)libcups2libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.2.5)(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)2.2.7-150000.3.35.13.0.4-14.6.0-14.0-15.2-1lprnglproldplp4.14.1b@bbL/@`t6@`T@_=^]@\n\['ZZ Z@Y@YB@YYχ@YX@Y9<@Y1S@Y /XXsXۡXN@WrfV2UU@U@U@U@U@UUv@UTܕTܕTܕTܕTr@Tr@T@vliaskovitis@suse.comjsmeix@suse.dejsmeix@suse.dejsmeix@suse.descabrero@suse.dejsmeix@suse.dejsmeix@suse.dejsmeix@suse.devliaskovitis@suse.comjsmeix@suse.dejsmeix@suse.dejsmeix@suse.dechristophe@krop.frjsmeix@suse.dejsmeix@suse.deopensuse@dstoecker.dejengelh@inai.dejengelh@inai.deschwab@suse.dejsmeix@suse.dejsmeix@suse.dedimstar@opensuse.orgalarrosa@suse.comalarrosa@suse.comkukuk@suse.comdimstar@opensuse.orgkamikazow@web.demichael@stroeder.commeissner@suse.comjsmeix@suse.detchvatal@suse.comtchvatal@suse.comjsmeix@suse.detchvatal@suse.comtchvatal@suse.comjsmeix@suse.demimi.vx@gmail.comtchvatal@suse.comtchvatal@suse.comtchvatal@suse.comtchvatal@suse.comtchvatal@suse.comtchvatal@suse.comtchvatal@suse.com- cups-branch-2.2-commit-3e4dd41459dabc5d18edbe06eb5b81291885204b.diff is 'git show 3e4dd41459dabc5d18edbe06eb5b81291885204b' for https://github.com/apple/cups/commit/3e4dd41459dabc5d18edbe06eb5b81291885204b (except the not needed hunk for patching CHANGES.md which fails) that fixes handling of MaxJobTime 0 (Issue #5438) in the CUPS 2.2 branch bsc#1201511: Stuck print jobs being cancelled immediately, despite MaxJobTime being set to 0- cups-2.2.7-CVE-2022-26691.patch fixes CVE-2022-26691 cups: authentication bypass and code execution (bsc#1199474)- SUSE_bsc_1189517.patch is https://github.com/apple/cups/commit/821b3cc956d46b811facd50986acc9f24f0e1c79 which belongs to https://github.com/apple/cups/issues/5288 that fixes bsc#1189517 "cups printservice takes much longer than before with a big number of printers" see in particular https://github.com/apple/cups/issues/5288#issuecomment-921626381 - SUSE_bsc_1195115.patch is https://github.com/apple/cups/commit/ba9d68cc7467a7a47ef219071902b9e9eb6dbc44 which belongs to https://github.com/apple/cups/issues/5538 that fixes bsc#1195115 "CUPS PreserveJobHistory doesn't work with seconds"- When cupsd creates directories with specific owner group and permissions (usually owner is 'root' and group matches "configure --with-cups-group=lp") specify same owner group and permissions in the RPM spec file to ensure those directories are installed by RPM with the right settings because if those directories were installed by RPM with different settings then cupsd would use them as is and not adjust its specific owner group and permissions which could lead to privilege escalation from 'lp' user to 'root' via symlink attacks e.g. if owner is falsely 'lp' instead of 'root' CVE-2021-25317 (bsc#1184161)- cups-2.2.7-web-ui-kerberos-authentication.patch (bsc#1175960) Fix web UI kerberos authentication- cups-2.2.7-CVE-2020-10001.patch fixes CVE-2020-10001 access to uninitialized buffer in ipp.c (bsc#1180520) - cups-2.2.7-CVE-2019-8842.patch fixes CVE-2019-8842 (bsc#1170671) the ippReadIO function may under-read an extension field- cups-2.2.7-CVE-2020-3898.patch fixes CVE-2020-3898 (bsc#1168422) heap-buffer-overflow in libcups ppdFindOption() function- cups-2.2.7-CVE-2019-8675.CVE-2019-8696.patch fixes CVE-2019-8675 and CVE-2019-8696 (bsc#1146358 and bsc#1146359) and some other security/disclosure issues https://github.com/apple/cups/commit/f24e6cf6a39300ad0c3726a41a4aab51ad54c109 (Apple's internal issues rdar://51685251, rdar://50035411, rdar://51373853, rdar://51373929)- Add issue5509-fix-utf-8-validation-issue.patch (bsc#1118118) Fixes https://github.com/apple/cups/issues/5509- cups-2.2.7-CVE-2018-4700.patch fixes CVE-2018-4700: session cookie is extremely predictable, effectively breaking the CSRF protection of the CUPS web interface (bsc#1115750)- cups-branch-2.2-commit-97cb566568a8c3a9c07c7ccec09f28f5c5015954.diff is 'git show 97cb566568a8c3a9c07c7ccec09f28f5c5015954' for https://github.com/apple/cups/commit/97cb566568a8c3a9c07c7ccec09f28f5c5015954 (except the not needed hunk for patching CHANGES.md which fails) that fixes local privilege escalation to root and sandbox bypasses in scheduler (Apple's internal issues rdar://37836779, rdar://37836995, rdar://37837252, rdar://37837581) in the CUPS 2.2 branch bsc#1096405 CVE-2018-4180: Local Privilege Escalation to Root in dnssd Backend (CUPS_SERVERBIN) bsc#1096406 CVE-2018-4181: Limited Local File Reads as Root via cupsd.conf Include Directive bsc#1096407 CVE-2018-4182: cups-exec Sandbox Bypass Due to Insecure Error Handling bsc#1096408 CVE-2018-4183: cups-exec Sandbox Bypass Due to Profile Misconfiguration- Version upgrade to 2.2.7: CUPS 2.2.7 is a general bug fix release. For details see https://github.com/apple/cups/releases or the CHANGES.md file. Changes include: * Additional security fixes for: bsc#1061066 DBUS library aborts caller process in _dbus_check_is_valid_utf8 (in particular that aborts cupsd) and bsc#1087018 CVE-2017-18248: cups: The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification which are the CUPS upstream issues https://github.com/apple/cups/issues/5143 Remote DoS attack against cupsd via invalid username and malicious D-Bus library and https://github.com/apple/cups/issues/5186 squash non-UTF-8 strings into ASCII on plain IPP level and https://github.com/apple/cups/issues/5229 persistently substitute invalid job attributes with default values - not only in add_job see also bsc#1087072 dbus-1: Disable assertions to prevent un-expected DDoS attacks * NOTICE: Raw print queues are now deprecated (Issue #5269) so that now there is a warning message when you add or modify a queue to use the "raw driver" but raw printing will continue to work through CUPS 2.3.x, cf. https://lists.cups.org/pipermail/cups/2018-March/074060.html * Fixed an Avahi crash bug in the scheduler (Issue #5268) * Systemd did not restart cupsd when configuration changes were made that required a restart (Issue #5263) * The scheduler could crash while adding an IPP Everywhere printer (Issue #5258) * The scheduler now supports using temporary print queues for older IPP/1.1 print queues like those shared by CUPS 1.3 and earlier (Issue #5241) * Kerberized printing to another CUPS server did not work correctly (Issue #5233) * More fixes for printing to old CUPS servers (Issue #5211) * The scheduler now substitutes default values for invalid job attributes when running in "relaxed conformance" mode (Issue #5186) * The cups-driverd program incorrectly stopped scanning PPDs as soon as a loop was seen (Issue #5170) * The `SSLOptions` directive now supports `MinTLS` and `MaxTLS` options to control the minimum and maximum TLS versions that will be allowed, respectively (Issue #5119) * The scheduler did not write out dirty configuration and state files if there were open client connections (Issue #5118) * The `lpadmin` command now provides a better error message when an unsupported System V interface script is used (Issue #5111) * No longer support backslash, question mark, or quotes in printer names (Issue #4966) * The CUPS library now supports the latest HTTP Digest authentication specification including support for SHA-256 (Issue #4862) * TLS connections now properly timeout (rdar://34938533)- Make sure cups-libs- is removed- Version upgrade to 2.2.6: CUPS 2.2.6 is a general bug fix release. For details see https://github.com/apple/cups/releases Changes include: * DBUS notifications could crash the scheduler (Issue #5143) (see also bsc#1061066 "DBUS library aborts caller process")- Use again the baselibs.conf from Fri Oct 13 11:11:10 UTC 2017 that got broken by the change on Wed Oct 18 06:11:10 UTC 2017. - Version upgrade to 2.2.5: CUPS 2.2.5 is a general bug fix release. For details see https://github.com/apple/cups/releases - Version upgrade to 2.2.4: CUPS 2.2.4 is a general bug fix release. For details see https://github.com/apple/cups/releases - Removed 0001-Update-cupsEnumDests-implementation-to-return-early-if-all.patch 0002-Save-work-on-Avahi-code.patch 0003-Avahi-fixes-for-cupsEnumDests.patch because since CUPS 2.2.4 it is fixed in the upstream code via https://github.com/apple/cups/pull/4989 more precisely via https://github.com/apple/cups/commit/a2187a63425a3d6c05de1e1cbf8c26fd39a1aced https://github.com/apple/cups/commit/657c5b5f91e6d5120c4ad7b118cf9098dd27f03d https://github.com/apple/cups/commit/3fae3b337df0be1a766857be741173d8a9915da7- Fix typo in requires- Implement shared library packaging guideline [boo#862112] - Update package descriptions.- Remove redundant Requires(pre) line — the use of %post -p already implies it.- Pre-require user(lp) in cups-libs- In /usr/lib/tmpfiles.d/cups.conf use group 'root' for /run/cups/certs (boo#1042916).- Major backward incompatible change since CUPS 2.2.0: There is no longer the directory /etc/cups/interfaces because since CUPS 2.2.0 so called "System V style Interface Scripts" are no longer supported for security reasons (see below the entry about the changes included in CUPS 2.2.0). - Disabled cups-2.1.0-cups-systemd-socket.patch because it does no longer apply which needs to be examined and decided by someone who knows about systemd internals. - Disabled 0001-Update-cupsEnumDests-implementation-to-return-early-if-all.patch 0002-Save-work-on-Avahi-code.patch 0003-Avahi-fixes-for-cupsEnumDests.patch because they do no longer apply which needs to be examined and decided by someone who knows about Avahi internals. - Version upgrade to 2.2.3: CUPS 2.2.3 is a general bug fix release. See https://github.com/apple/cups/releases Changes include: * The IPP backend could get into an infinite loop for certain errors, causing a hung queue (rdar://problem/28008717) * The scheduler could pause responding to client requests in order to save state changes to disk (rdar://problem/28690656) * Added support for PPD finishing keywords (Issue #4960, Issue #4961, Issue #4962) * The IPP backend did not send a media-col attribute for just the source or type (Issue #4963) * IPP Everywhere print queues did not always support all print qualities supported by the printer (Issue #4953) * IPP Everywhere print queues did not always support all media types supported by the printer (Issue #4953) * The IPP Everywhere PPD generator did not return useful error messages (Issue #4954) * The IPP Everywhere finishings support did not work correctly with common UI or command-line options (Issue #4976) * Fixed an error handling issue for the network backends (Issue #4979) * The "reprint job" option was not available for some canceled jobs (Issue #4915) * Updated the job listing in the web interface (Issue #4978) A detailed list of changes can be found in the CHANGES.txt file. - Version upgrade to 2.2.2: CUPS 2.2.2 is a general bug fix release. See https://github.com/apple/cups/releases Changes include: * Fixed some issues with IPP Everywhere printer support (Issue #4893, Issue #4909, Issue #4916, Issue #4921, Issue #4923, Issue #4932, Issue #4933, Issue #4938) * The rastertopwg filter could crash with certain input (Issue #4942) * The scheduler did not detect when an encrypted connection was closed by the client on Linux (Issue #4901) * The cups-lpd program did not catch all legacy usage of ISO-8859-1 (Issue #4899) * The scheduler no longer creates log files on startup () * The ippContainsString function now uses case-insensitive comparisons for mimeMediaType, name, and text values in conformance with RFC 2911. * The network backends now log the addresses that were found for a printer () * Let's Encrypt certificates did not work when the hostname contained uppercase letters (Issue #4919) * Fixed reporting of printed pages in the web interface (Issue #4924) * Updated systemd config files (Issue #4935) A detailed list of changes can be found in the CHANGES.txt file. - Version upgrade to 2.2.1: CUPS 2.2.1 is a general bug fix release. See https://github.com/apple/cups/releases Changes include: * Added "CreateSelfSignedCerts" directive for cups-files.conf to control whether the scheduler automatically creates its own self-signed X.509 certificates for TLS connections (Issue #4876) * http*Connect did not handle partial failures (Issue #4870) * cupsHashData did not use the correct hashing algorithm () * Updated man pages (PR #4885) A detailed list of changes can be found in the CHANGES.txt file. - Version upgrade to 2.2.0: CUPS 2.2.0 adds support for local IPP Everywhere print queues and includes several performance and security improvements. See https://github.com/apple/cups/releases Changes include: * Normalized the TLS certificate validation code and added additional error messages to aid troubleshooting. * http*Connect did not work on Linux when cupsd was not running (Issue #4870) * The --no-remote-any option of cupsctl had no effect (Issue #4866) * http*Connect did not return early when all addresses failed (Issue #4870) * The IPP backend did not validate TLS credentials properly. * The printer-state-message attribute was not cleared after a print job with no errors (Issue #4851) * The CUPS-Add-Modify-Class and CUPS-Add-Modify-Printer operations did not always return an error for failed adds (Issue #4854) * PPD files with names longer than 127 bytes did not work (Issue #4860) * CUPS now supports Let's Encrypt certificates on Linux. * All CUPS commands now support POSIX options (Issue #4813) * The scheduler now restarts faster (Issue #4760) * Improved performance of web interface with large numbers of jobs (Issue #3819) * Encrypted printing can now be limited to only trusted printers and servers () * The scheduler now advertises PWG Raster attributes for IPP Everywhere clients (Issue #4428) * The scheduler now logs informational messages for jobs at LogLevel "info" (Issue #4815) * The scheduler now uses the getgrouplist function when available (Issue #4611) * The IPP backend no longer enables compression by default except for certain raster formats that generally benefit from it () * The scheduler did not handle out-of-disk situations gracefully (Issue #4742) * The LPD mini-daemon now detects invalid UTF-8 sequences in job, document, and user names (Issue #4748) * The IPP backend now continues on to the next job when the remote server/printer puts the job on hold () * The scheduler did not cancel multi-document jobs immediately () * The scheduler did not return non-shared printers to local clients unless they connected to the domain socket () * The scheduler now reads the spool directory if one or more job cache entries point to deleted jobs () * Added support for disc media sizes () * The httpAddrConnect and httpConnect* APIs now try connecting to multiple addresses in parallel () * Interface scripts are no longer supported for security reasons () A detailed list of changes can be found in the CHANGES.txt file. - Version upgrade to 2.1.4: CUPS 2.1.4 is a general bug fix release. See https://github.com/apple/cups/releases Changes include: * Fixed reporting of 1284 Device IDs (Issue #3835, PR #3836) * Fixed printing of multiple files to raw queues (Issue #4782) * The scheduler did not implement the Hold-New-Jobs opertion correctly (Issue #4767) * The cups-lpd mini-daemon incorrectly included the document-name attribute when creating a job. It should only be included when sending a job (Issue #4790) A detailed list of changes can be found in the CHANGES.txt file.- Replace krb5-devel BuildRequires with pkgconfig(krb5) on suse_version >= 1315: give OBS a better chance to break up build cycles.- Drop cups-1.7.5-cupsEnumDests-react-to-all-for-now.diff and add 0001-Update-cupsEnumDests-implementation-to-return-early-if-all.patch, 0002-Save-work-on-Avahi-code.patch and 0003-Avahi-fixes-for-cupsEnumDests.patch which is what upstream finally commited to cups 2.2 sources in response to https://github.com/apple/cups/pull/4989 in order to fix cupsEnumDests to react to the ALL_FOR_NOW avahi event (and also include a similar fix for the dnssd case). Related to bsc#955432.- Add cups-2.1.3-cupsEnumDests-react-to-all-for-now.diff . Avahi sends an ALL_FOR_NOW event when it finishes sending its cache contents. This patch makes cupsEnumDests finish when the signal is received so it doesn't block the caller doing nothing until the timeout finishes (related to bsc#955432, submitted upstream at https://github.com/apple/cups/pull/4989)- Add /etc/cups to cups-libs package [bsc#1025689]- Replace pkgconfig(libsystemd-daemon) BuildRequires with pkgconfig(libsystemd) on openSUSE 13.2 and newer: the various sub-libraries have been merged into libsystemd since version 209. openSUSE 13.1 was the last product to ship systemd 208.- Remove CUPS.desktop and pixmap * Obsoletes patch cups-1.3.9-desktop_file.patch- Version upgrade to 2.1.3: CUPS 2.1.3 fixes some issues in the scheduler, sample drivers, and user commands. A detailed list of changes can be found in the CHANGES.txt file. Changes include (excerpt): * The scheduler should not exit under memory pressure () * Fixed some issues in ipptool for skipped tests () * The "lp -H resume" command did not reset the "job-state-reasons" attribute value (STR #4752) * The scheduler did not allow access to resource files (icons, etc.) when the web interface was disabled (STR #4755) - Version upgrade to 2.1.2: CUPS 2.1.2 fixes an issue in the 2.1.1 source archives which actually contained a current 2.2 snapshot. There are no other changes. - Version upgrade to 2.1.1: CUPS 2.1.1 fixes a number of USB and IPP printing issues, addresses some error reporting and hardening issues in the scheduler, and updates some localizations. A detailed list of changes can be found in the CHANGES.txt file. Changes include (excerpt): * Security hardening fixes (, , , , , , , , , , , , , , , , , , , ) * The cupsGetPPD* functions did not work with IPP printers (STR #4725) * Some older HP LaserJet printers need a delayed close when printing using the libusb-based USB backend (STR #4549) * The libusb-based USB backend did not unload the kernel usblp module if it was preventing the backend from accessing the printer (STR #4707) * Current Primera printers were incorrectly reported as Fargo printers (STR #4708) * The IPP backend did not always handle jobs getting canceled at the printer () * Added USB quirk for Canon MP530 (STR #4730) * The scheduler did not deliver job notifications for jobs submitted to classes (STR #4733) * Changing the printer-is-shared value for a remote queue did not produce an error (STR #4738) * The IPP backend incorrectly included the job-password attribute in Validate-Job requests ()- add -devel to build a 32bit wine on 64bit only Leap systems.- Version upgrade to 2.1.0: CUPS 2.1.0 offers improved support for IPP Everywhere, adds support for advanced logging using journald on Linux, and includes new security features for encrypted printing and reduced network visibility in the default configuration. A detailed list of changes can be found in the CHANGES.txt file. Changes include (excerpt): * Added support for 3D printers (basic types only, no built-in filters) based on PWG white paper. * The IPP backend now stops sending print data if the printer indicates the job has been aborted or canceled () * The IPP backend now sends the job-pages-per-set attribute when printing multiple copy jobs with finishings () * The IPP backend now updates the cupsMandatory values when the printer configuration changes () * No longer install banner files since third-party banner filters now supply their own (STR #4518) * The scheduler no longer listens on the loopback interface unless the web interface or printer sharing are enabled () * Added a PPD generator for IPP Everywhere printers (STR #4258) * Now install "default" versions of more configuration files () in particular cups-files.conf.default and snmp.conf.default * Added SSLOptions values to allow Diffie-Hellman key exchange and disable TLS/1.0 support. * Updated the scheduler to support more IPP Everywhere attributes (STR #4630) * The scheduler now supports advanced ASL and journald logging when "syslog" output is configured (STR #4474) * The scheduler now supports logging to stderr when running in the foreground (STR #4505) - Adapted patches so that they apply to CUPS 2.1.0 sources: * cups-2.1.0-choose-uri-template.patch replaces cups-1.2rc1-template.patch * cups-2.1.0-default-webcontent-path.patch replaces cups-1.4.3-default-webcontent-path.patch * cups-2.1.0-cups-systemd-socket.patch replaces cups-systemd-socket.patch- Fix bnc#943950, escape the macro call %systemd-tmpfiles in comment.- Add gpg verification for the tarball - Version update to 2.0.4: * Fixed a bug in cupsRasterWritePixels (STR #4650) * Fixed redirection in the web interface (STR #4538) * The IPP backend did not respond to side-channel requests (STR #4645) * The scheduler did not start all pending jobs at once (STR #4646) * The web search incorrectly searched time-at-xxx values (STR #4652) * Fixed an RPM spec file issue (STR #4657) * The scheduler incorrectly started jobs while canceling multiple jobs (STR #4648) * Fixed processing of server overrides without port numbers (STR #4675) * Documentation changes (STR #4651, STR #4674)- cups-2.0.3-additional_policies.patch replaces cups-1.7-additional_policies.patch that still adds the same "allowallforanybody" policy but now with separated "Limit All" to avoid https://www.cups.org/str.php?L4659 (boo#936309). - Added "-p /bin/bash" to RPM shell commands scriptlets that enforces bash to be safe against any possible "bashisms", cf https://en.opensuse.org/openSUSE:Packaging_scriptlet_snippets- Fix the previous commit by using direct systemd call and ensuring we work even on older distros- Fix postin-without-tmpfile-creation and run %tmpfiles_create macro on our cups.conf- Version upgrade to 2.0.3: The new release addresses two security vulnerabilities, add localizations for German and Russian, and includes several general bug fixes. Changes include (excerpt): * Security: Fixed CERT VU #810572 CVE-2015-1158 CVE-2015-1159 exploiting the dynamic linker (STR #4609) (bsc#924208) * Security: The scheduler could hang with malformed gzip data (STR #4602) * Restored missing generic printer icon file (STR #4587) * Fixed logging of configuration errors to show up as errors (STR #4582) * Fixed potential buffer overflows in raster code and filters (STR #4598, STR #4599, STR #4600, STR #4601) * Fixed inside (STR #4575) * Fixed lpadmin when both -m and -o are used (STR #4578) * The web interface always showed support for 2-sided printing (STR #4595) * cupsRasterReadHeader did not fully validate the raster header (STR #4596) * The rastertopwg filter did not check for truncated input (STR #4597) * The cups-lpd mini-daemon did not check for request parameters (STR #4603) * The scheduler could get caught in a busy loop (STR #4605) * The sample Epson driver could crash (STR #4616) * The IPP backend now correctly monitors jobs () * The ppdhtml and ppdpo utilities crashed when the -D option was used before a driver information file (STR #4627) * ippfind incorrectly substituted "=port" for service_port. * The IPP/1.1 test file did not handle the initial print job completing early (STR #4576) * Fixed a memory leak in cupsConnectDest (STR #4634) * PWG Raster Format output contained invalid ImageBox values () * Added Russian translation (STR #4577) * Added German translation (STR #4635) - cups-busy-loop.patch fixed STR #4605 is obsolete because it is fixed upstream (see above). - cleaned up this whole RPM changlog (wrapped too long lines if possible and removed trailing whitespaces).- Add patch cups-busy-loop.patch to fix rh#1179596 , cups#4605- Add back the posttrans cleanup script as it is needed- Add patch cups-systemd-socket.patch to fix socket activation and to match socket approach Fedora has.- Version bump to 2.0.2: * Security: cupsRasterReadPixels buffer overflow with invalid page header and compressed raster data (STR #4551) * Mapping of PPD keywords to IPP keywords did not work if the PPD keyword was already an IPP keyword () * cupsGetPPD* sent bad requests (STR #4567) * For detailed list see CHANGES.txt file- Enable PIE for build- Remove legacy paralel-port support as it is not really needed as most do not want it- Update descriptions to just state what changed and let user find it out. - Add back comment about %fdupes - Remove exit 0 on scriptlets as it is provided by the %service bla ones already - Fix the comment about openSUSE version on tmpfilesdir declaration- cups-2.0.1 update: * lengthy list of changes see the upstream CHANGES.txt that is distributed with the package * Disabling of sslv3 to mitigate poodle - Use gnutls to provide SSLOPtions configuration directive * openssl is no longer supported upstream * Remove the with-openssl-exception from license - Remove cups.sysconfig as it is not used with systemd based distros - Purposely lose support for SLE11 as it doubles size of some of the sections and keep suppor for openSUSE+SLE12 * even with the conditions we would have to go unencrypted only as needs newer gnutls, so don't bother with keeping the compat - Use upstream service and socket files to allow more working tools - Removed patches: * cups-0001-systemd-add-systemd-socket-activation-and-unit-files.patch * cups-0002-systemd-listen-only-on-localhost-for-socket-activation.patch * cups-0003-systemd-secure-cups.service-unit-file.patch * cups-1.3.6-access_conf.patch * cups-1.5-additional_policies.patch * cups-1.5.4-CVE-2012-5519.patch * cups-1.5.4-strftime.patch * cups-move-everything-to-run.patch * cups-polld_avoid_busy_loop.patch * cups-provides-cupsd-service.patch * str4190.patch * str4351.patch * str4450.CVE-2014-3537.str4455.CVE-2014-5029.CVE-2014-5030.CVE-2014-5031.CUPS-1.5.4.patch - Refreshed patches: * cups-1.3.9-desktop_file.patch * cups-config-libs.patch - Added patches: * cups-1.7-additional_policies.patch * cups-systemd-socket.patchsheep22 1660206055  !"#$%&'()2.2.7-150000.3.35.12.2.7-150000.3.35.1cancelcupstestdscippfindipptoollplpoptionslpqlprlprmlpstatacceptcupsacceptcupsdisablecupsenablecupsrejectlpadminlpclpinfolpmoverejectcancel.1.gzcupstestdsc.1.gzippfind.1.gzipptool.1.gzlp.1.gzlpoptions.1.gzlpq.1.gzlpr.1.gzlprm.1.gzlpstat.1.gzipptoolfile.5.gzaccept.8.gzcupsaccept.8.gzcupsdisable.8.gzcupsenable.8.gzcupsreject.8.gzlpadmin.8.gzlpc.8.gzlpinfo.8.gzlpmove.8.gzreject.8.gz/usr/bin//usr/sbin//usr/share/man/man1//usr/share/man/man5//usr/share/man/man8/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:25483/SUSE_SLE-15_Update/23a10fecd5aae137ef516d5d39f78dfb-cups.SUSE_SLE-15_Updatedrpmxz5x86_64-suse-linux      ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=7f84878b2b44988260aed5e4b81d909a2131bd7e, for GNU/Linux 3.2.0, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=0b0e8c350a0157ffd92ce7817c1dcdabec21feee, for GNU/Linux 3.2.0, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=d9074bd1208592e9b39976bb3776e39194138feb, for GNU/Linux 3.2.0, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=07f9633cdeaefad9ccdf7937e93dbc337edac99e, for GNU/Linux 3.2.0, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=263f8dd8d3bc49b900457534ba3a6f97030bfb6f, for GNU/Linux 3.2.0, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=6ea64c1d5a8b94c3f20eea294eb1d026cac0d0fd, for GNU/Linux 3.2.0, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=d72c152e707b7b96b4275026fc2f837d355bd52b, for GNU/Linux 3.2.0, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=f919b1f69c180e51bef994ad8469cf8682d75c5d, for GNU/Linux 3.2.0, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=f5b6bf6b442dcfe2e8c2bcebf36474d24e101bdd, for GNU/Linux 3.2.0, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=b674f0356a89f85a046ac7828b62a0133b0265a2, for GNU/Linux 3.2.0, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=e00217cb30c4962733f0a973434cb37355f0969e, for GNU/Linux 3.2.0, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=95fdf2e55f1611fe7e25c413b2dc144b1929723a, for GNU/Linux 3.2.0, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=9fa373b996828b07ce132c378b20102aa13a1bac, for GNU/Linux 3.2.0, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=dd88a049ea4837c4f8f7a74a5226d5015e7bca64, for GNU/Linux 3.2.0, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=3d81319f9de09b7059afbf41085273b4e185f970, for GNU/Linux 3.2.0, strippedtroff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)troff or preprocessor input, ASCII text, with very long lines (gzip compressed data, max compression, from Unix)troff or preprocessor input, UTF-8 Unicode text (gzip compressed data, max compression, from Unix) %,29=CGNTW RRRRRRRRRRRR RRRRRRRR RRRRRRR RR RRRRR RR RRRRR RR RRRRRRRRRRR RR RRRRRRRRRRRRRRRRRRR RR RRRRRRRRRRRRRRR RR Ri;}WxSutf-8ff833847dc9dab6de01802cf41708b8089a90c9ad24354250f8da4cd4c45d58c?7zXZ !t/]"k%fX1-ys7 zJG=CT)ϱwdvT[,jL'{;U7 䌿N{O@2vc0F9JW+)^[wGwExeluDIƓIH'􌥲v }Kplllz^Ⱦp|罕q!;{Ylzq'tUcgҷ#cMZa .GHOE_5C0vKk䝤y9G%>& .q 2Oh_&'y /W NCRKe^yE8hIS1#Ɖ珜bثKQ+ޓ  w?@13OPy?s1U-VZr߼Y{xHH'gE ?-b`; Epm37K[^ }մa.D{e.Rh%"u :Dh Hd[ r o+|6Opqiz!)a2G"뼅˵J_~(Q9kmq+Z'm=H}u9Hg1S䩋 mūYE5>vhp;JUJ V6>m%S ~/Kgвi3irTaR-5vӬKYΨs<2|bf`3#X[[!!&2nT<,)v~]=rvƧH{DMgm oL}>ZT` |#Ǎұ f} $vAѧ Vʲ]8*7q,瑸7:v<|Џ]W_F]w0V%ᔜ)GH("-^ͷ, baq^,e}L~7S)sX9gJ_}uv0ts9RUMZNʹvRRyԋ`&`hFu)-hHr0S@?)"4~g>%\{tNg+E׈tI9xarRh"4[a3m_ڈ9JV(sFvwe_ kfJ^5]6,˷nptp7,uB-X$ӷcu(8 l{@ΗTVn-Z>?|q :`儐Ak.xW} zʭ6#Lj cX1i' !VWXvƩ]'@`ڙj~\[kj|[mMInh(GcP ٙm)ɪsAl)fw *23"u _9>Ipaa%+aJRvnB"y{u#(pjBCԢHo[]Vc*@Arj!QSz9ϪKV^90t/QEC?)4ʓ^3>cLasV;39x{䗬RavfYT0`x4xM3trM8aKaomuuy&V1W8_/{ΖGbx\?g߮/*7 Ft O:Ff$Ie~EGҭcN2vT~7TfI,A R=|Ioޕf B̐ _AJwU FoBI=aPfp9ak݃z,9ew)vh(Q089;/em#rd ڥjU&iǏeo$n} ȲOhyvnz)].uX飜'0,}Lp!h[W-=tXuX[uk GHQM #qiqb>ݱg4j~u3=HYgqcbX[zZ;EQazxF*Py-?#C&KMˢc,.ڠ(C:Ztn%Y!6an"g0ECfѴH74bÕct%BnG&~l(wqDlH!О4zG/JK6 x17 [Oձԃ.\Bޭs)04?; `^ؓzQE_zA*z|.M,+DQfJ*K"KNέҫЋA^ "w]*Vp2tGofuz\b͞$V)7й 3o9~sH;cRXrc>a14/\2Mf&oA<"-[';;yRjK.WGLKΑ1oy Eh9a{VYނB`ckB̑XCj̑x Xx!C'*ռШsi.ʕ0AjN#pYam̅B)V}C{7A~_? 6EFsCL#Po`ߋw(!x1բsUZ $5jqI@3pk\s#Y &>T'P e^ii0e0']K<%yefCp;$f"nZƈT|Ara2^AWav|Gk (ٝįy5zgZkȸƈ'Ӫo0 ^G͠/p 56H}AV_AGJF:ؿFq9g6lvBZgBLQue8xTTjy(Xb }/(B&/4e<7Ê Le)4+&447˄"U -7;kK~c‹i\~87^hX2MBraҒK[>P3ΞRlM lVZ7Ooz c :* )TЯ j8FRC=bFPP'eبEJ048e̞í<` Q>YhYE,$蘤cĒϱ"jPM j,KQ XB]a+i&-x,]q5 S r c`~3ZBJC4+ndXYjګ1*-5Xa5_E] a ҉*M!U9cHoJڅC!ɰz8xG h)'KƄjHPĶFMimj3?ʆHY߃;TPd\:cs֐џcQJa:F_+gZÞqVu6 &pgAz9=z`ŤܡJ},LOi5A\fez^- r4Bv"A|i8\搷a$̊~1ܮJ "@]ݡQFwh|o-RT8ֳdA #x''b! {3P EL6FGQRurF2o/}'?u':F?l Kayob^xgwmwugXr̻̯W2ntEf 7LꃎD_k."KmͿݝp"ǥs8)Jz'FE3-wVh4j6Y/idm)NK9N@hGpD-4,+y&gn+iW*9g=3SK*eHQBr3LY `J 2.P=ຼN!K-*\c)^uFY<_m GOjd؇"ˋdcr猏FSo5<)Jh{z(øH ʶ",0Os8niMNeўz:ĝĠ2 c*Vގ},x0zT,zZ0Ę_žC X[:Ε*=vZHKBlo޵^PD򮃂G,GoZecajYAc:LVj:y2Z 5T2*9V/x U*vsCEC@^۫3('bB8aPZ9!7*ҳ_! tDx8tJ!ArWӲ`xԛnGX,LGFW5"X؉d,a}E:+&o!+,2!DƔPיt ;bB Ts'R Q&}ֹ1jHsy^͉nz+xծzx8ɦ>U;B=1$"t}9(^Gf2&9T|X%5o>T},J ̧o5:ey"#Xj(e-[_n+VO'k~pb#R2mN*WصukARs$9OEXadд]{x3/ Ⴞ(LBХG/Z^'']]xs>f0QnrӣM> r1/ m ?|H1*a}Z7W ~yqdiS o׉D`){׎ B~96O9p $HwX]msx\q#AV~̬ND5vn4I|qIkd'Io@ЋRv PnB7>K@YL&/9(S F_`‰_Wje$.?q'n@!0?W_&%KlM' {!V$$Q,qrx $ xFиtA ` UHY *O A?MpTV!m]OI:y g&e+˭ ҟy!Y]"^l[rݹ*a 4VMfB:[fq&/0x9Na'5Wէq1KcT&PbZMe>`_:0=>* u>y q^(#wN2$pHjM7~"sM$, ]3SX>D&d)UF~:] D"'jMgzJ>m((dgtțL{noSda ȌҾʹz"Q_3o_|1+v.Q gM>Y4RMrz;- BsK3r_,ܶ-?`eK`!$E_K$ פ)\!U8¥'S͏tMg\auRRƊ2& ĽHw!,f{ﱇ}Iaje$#N@Fdj&^~yV3Y"#px :xSЂii=[:-WE^g)VmnMpwu85ܾ׬c/}6wu4z*mzLsB |[@۫wmSq'O!YoHWXOֆ Pvݖl,!6(dW2c}fePחGQPlX{H*'is}r] EY:𝺼̸P Ov2t.zKLf?~HǸѝ7 g}( DkZN`.6SU uQ.%#ĭ3i9ZM qSIjfgH +4yǒ0P7 |&x-C $=V iXDE#l];VO4LnU*~ܐf J>8r͟A󠟗'+C}K۷^ DO^0.zt63VY?t]Iv<.g;ۧŵ9ȸhOvvXs.܋8}ҳsE_)HV LTsx$,"̚vP㽈5/jpT B?ww<_E{Nf4Nltva265+2I=:/B-sf ;G$9 Ӑ 4FKtIFss} cs ´s9oE} c}NGr S7Xcʫ|ey`Pݪau"?qNK܁v﯒πU;VgIIX+<͡XYCcȺ!@ncɶSbX6^:m,h%.,4 zX<_DBH3EڝqA98q8kЯ~A}uP`"f^ x7p: h԰<4$b\qA(rn㦟nB~ObFa}(ēNx +ϴ5;dѼ!aLSڌԜ+-vͰTyPZ ޢGMHv~a! n&D31G={RQEnC ftYc)왔8 BT+";52ƼZt#}u,TW39۹' :^GqM&bPTZUG5a7 oiZ>zK>jvY+yq#A$[e&<);W{]NSJL89VS4F h9煆BcxcD{I(Ig inڬ#0 Tk"& !73ʕ&X/e+/ub=D, M̄Q X<7LJTb,e?6!rK SrC+udT w O+AЗmR Is#hD-yFܚb00ZVybh=8Mkx2C,TyqKi72I5v>Ϣ{m{*5)$ayoę1k$"u2Mf* JuKгZfQ߭Zsa191d{BW]m-.X6GLJ/ bAFHZ&ŖT[ocO|k5&8 `Xc- n0ܣAt.%5=CKf+]IPZ䌛hE}} NM/O 7< ȯ*: 5 :!=*h4cW/ R`9hܕr`yd0gj-ͩF/F‘F8rGMe^g[V`9l=7wxhǸ]G~US8hONJٟkǴ=;M ;^s\,2Xȫ@g+^Wh+n|F/8_:0/$g v}ru#DʋKG+\+Z|-!U | @ղ,Dըƒ6V@-t2paFE1,DQq\25"C[;?]+t?b0U j% cV'h]S|J_*QL_ 6lCDv..*W8k[Sݳ"-lD^J7EK'rpooIc81N m'ScT8,weck7g 'hz2'(v-ӂj[i'7q~agA>Vиpfqk\Q;=L=tʍ&1Q"FEbXeu/q: y\_]m.RQVր.ܢш@͌uG1PͭRZ kk*\a4;ʤ)ޤZw"Zw[>-_%AmtBse߾SI%?M*Z\..|}ZSΑ*#i%B[W' FX^)TbU5 C ЃyPoNCOw k&u ?_jR9qvȚaR|iQ^H7euK@0`m;|+Gs=BԾz r3zxbr㸽Քwrˑjpѐ&J*hWcB/$P&-Qj)`6/3kp[{bU3篺+sSGp6nn0(OT\|MB5>.^+QeSD#=ɣgnЈHc aN2q!%6X5ƹݍ}{8Pi ?'&;fGy*,Nڿ5|$QT+oЌT=H#cOa{%s@'gl ;mXkDxԦsD&&z.xe/7ydpmǍ tF y*ҏc=pNXm'jƱ^uUapu00@Fw.p71,uCtޑ;ᓵ7}s3XD';@DpsU@3gy.R)X~UozjB: N C RxGw 26xH_VP#ޮN7p2FRM\7}k [pOg@YP,"L Œ /<gfe)<ƿ3֕48Q;Si[ZA Ozl;'.PYjU^ZP vهH}x!Y $v=fz8͚U8OJ&F:نmZx"!rήΖ4 -l@a0䚣hUa dΐf00uBv y-R=\j9#񣅫Օْ%G cqUX5f$Y{8͟6GP|ZlXd9>rvzk@/7+=O^i ~GrѸ&i7- {/xyjhl|"TX%n p\VC~{)XzEZԛQ&GLtG#F5!~vQ'Çcߛf[Jv̀BCS*NVw#&pI% V9\gF ݶPC_t. 80^r%v}viE &sxP>jR> (uJniC](=_BkqC)͓g: q\~@Zg_ݮn86b&U5wEVLctI3BȞPquaRbW[܉L5mZÄ#dikvxwvqUTbAqK3(Z̏ixRB@ sI 0,qlH#xC|c>m=JQ ޒ{mʭ\)XL:R$MWlslY S@\:ivQ25lw툄:t$2ٯEݐ9#s5*u*\T~bjg:[$[ BX"#+%ɩod@a<3#{4}7|3rfFAUsC@;X7&h_w` 7tX-u\ K{Tһbwsv aHμ_ŪW!#5&[⪋$zWwX.}{J 橘Pe<;R5\$lT\srZcHw[j26-mg^V>PG:z̖*:7RPU pn";K,m:?&@g}h ZtSjy|9U6ud0C!3&T$]Py-IB\x]ȭ) m RWd_/VRAe7uU r֒UUfǣr.o˹tɷ͐1N@ѺطG TVeD0~,^ O;zJh=ye!ZGLeU,S'~ȯo FLLƯj2UC~73yUf_O2ɚQ;0'NBp͉eJ#@zoh|* N(ќ jiNr  9kAP1JAq "Zg{(}-oaT!-S,)rRMffɨ`[jg0@~˰^->q"csW극D|P{jLσU 9MRD؁NKWUkr!#ĞBcr^]\} IUHcY@T ƒfFM[C| $'X$5C^|ů,:[)xEV^+=֟?cc^8k%Z6QJ.P0Is;DcDjo*WgG^^dJ(I=~;ZYk8a( hVF>=avr\WhPhjM5L;BJzNZW,Bmy2!|16UfȵXPsej%p1m`].q`T!jgZSEў6V=V'#x i*JlIKl>x,jY C{_\0{XЌno˛=˙:BZ|}}4kꍛ.MN IFW† Ho I^(.]8t{3;ߦY-w5ǧ=hFWA:$|n<0sN%s̽,Q _rO$ 6<93m-J៧D9 2 eytbeGyPlp$uSl >>@Hejsn>Rb{6:;i6.׸zδMr)òwT'3tRy΃mLo۩2|2V %d3݌ h)qvC.ymcvLiji-wX&[z+ RZKge(n؜Kb5xӛݎ:YRze}P]k." M1a~'K6]3ѷP&a`y&((@f;:Dc^4 zhDOP,bIќ3\-+6xVTEV@6kbzטN{E "\l)"!"="ɝW؞ҮRbrd@(,Z K,/p'/4]'X|șύ>^6 NA1ʍA5_/Z^FnپUNT_z.kvU ܔ;Kb;(?-l%M5]l;ןUZ45S8?}P}l)rV=<*~_P,lПPu|,Fs LTE՜)i) E+rgqlbw&f)N66n#ϼfH@I5ws&O F|ラLk9k-mm@v{H~2(Z]x !6U?k_%ޛ/8 lAKqede$ {$AC۬,0@tqiQa#wCmߍ31l :3#z<@yLI=1UPj=6ɆYE.?Dc.y<&q] wDBMNп~ Q͓'01'f(ZpMh% m^ݝF܏=`WJ>X;Y#cGiO>YvG;V ל>A} %| t1UOS˪25OKʠ'ץQ%C4VylΉ)j 0agq g9;k ʝ\զQA(ON0bf>>(,3#'+Ous3lэ=%8v]gS/#4ӑ&F _]쏎2~e_=  #M/q1ɺ i6 `e9mswZt Fkxmo/eu_y|áTjazH%^vQh%ԪZ}Fj s5Zઞ!7WV5t>dp)DȜLܷa*O+q %`mm?75E_1k9^So"$?СyNM8w\T2S݈m%2l&`˫Gۯy|-7gɠ. >(evbfʱ`Qw?# T.{RU +u/ɖ|̟RLgcȠ]o]64 =vRݛ҇80xR d@gc?k"ߌ÷ep0;c 5`Q7Ł:Q]5M~CCZ ȱ4y6*`l}#  ŎfO&9 |^iCH_+äpfN e:A=phKƱux4:1uYL_&fPXe b{7Ʃ[.¤Ú5J&HY;E˘B4 Y"fȬ(UVe:)ZVyIX*Pz8}{eq;4x w= u9bPToK Ws@}ؽ~\Acp<E a^dh\d—hwTSp0$ }aF0:W {c;PW.V,`eFeXCXQ y:@!]}҆XTsl54gFlSK7׿}A.z⊾ CrgW<@"{ΐq ϮTU lM lG5@ЌF-`J^93GpYmU1qʞkR7#C]Mqqܣ'͠յp.-G?kA \P)~a "Q?6E"`Fu2-E#].0Ezu[Y֜MU*?5أ8n,ϒ+MaL^J[' q 6fןq:=ĠSjA4ӝzpT&D:yam:G4 +W_M&g0t[mQ Yh3a @Ɗ<;%Od Z;z"kϒz;P8.δe[ .E&TTh6iHEJ[X)ٿ@J[ۤ!$0@M7 g ڎjtO) &ֲ2B^t NeCm_/+/&M> ?cE4J4*%sƭSC0 ^B34)\ ,{]F[NN&4lhq3`\0 JTmmZ|Xd+͎Nz v/=~`+ZjfJhïcJ CfnB%D'X%5]vwwr h? G7Cd+եbEѹd=LrWZUcN[&>B/}F"akM]r9y,"ey< Hw(a#:Uw;̟_粤EuU8<6[=-<(@7D PogdŲKl<]3A1zF]GUsS{FfKh$gWցj#O42/7lB%3X%tî3Ƃ]ɮ'&>7] o<Ƚu=vX 2VA ,ث2y5] joӣ[DfZ:tk$$3. G!0oE!v޲"Rc sáp!`J,b՝X>/޽6ʝ;_'׻BKx.zכ%>:աЈ 4/<H",< Ւpu!VfY75#^Q4} GK\\q]֥] A@8ҭrث^JY)} Zy\BB(>;-zmʆoaH?tH!/3I=BJZYMwd DU y[812wy.j .h-5Q~7gpd{>Ml_?nqY(B'U/'6˓*_zH2;7_:WR™jDB|sLk6ݰNh3O>GK9f*gEU4D&mK_ YdepzդQ6ĊMrFR@莚W4lPJ\:@2yWcAl3lkKAJ:R' k|R₨ T+syNI¬ER`G&S.} _NDqܲ-qR 1q\(ӈh~fڙ,5)j@xm&mx'6HkZ2}0 9H;8:56Sk-2eě}_]!t Meg)N|qۗJjl$=)[5@lQM,ž,y1@U} t7Mg/=@eu%C'`f_ݭ[ ] kߊȻ@o,؀ctWrb$z}橦83=*i3ȇ֙^l@s3ayf5ԟ/x=; XP=G2 OqyLJ*/KDZ ے4eB5 1A񿇄7L)6We@`؛ū8cHDT/>۾"¥OJr UB *ؘmNL-\AG <$xEJu9 _/b6< |5\;o 7PpRꚛ #uZbIq| qM'ҡpDecr5,bD$-\&9ݎ3&4LmKE`3H|&4vM4jV|Bۇ[߄("}E7Y-;R)*1;^ mSvx*@H#%{Y9iKR Qgh cPMPCX{~/U1Aknij $+~MT>yâGj>>n#7gQ5E:u XO_m<¤".":.`ّ):+{kpף1`b"| ^#jUo}\2 sfi{xр"K`}uOy~⻕b<e5e26,$[;ROůcmL4nΡYĻf0H,ǚKYez`Ln`vP$v?2aHpO_p0Fr5]Kɩ., PB:Mq{KS"(|z bn`,4G7\(.F=X<'$/˚]K1x%l4zotj*!0v:inH~4{@x‹^G2½[QOFgE[tZo/IrEqCh*c 0Kd&1 yr!/R" 3!>X ya0sc*8#pdUTM*rGJ4N~0-(5YV6[P~ok&A: O>IHF;!j2Ҥ1c#F]/.:H Ґ$XU+ؗxc%QAX". Qy$ʴ)|i?[j܃" Jj% 'qxc]9OjO\̔)OQƢ'p<گ Ψ"4Ș{BBwOrFUa^UhHY#$*0h&S!@xQS 5H[~j6g)L,[M>7{)a.y 3e;Nd,`X}%2kc/$Z2*U)%صYEF7BF4 )h|5r-[ԍdz JZ$F&8hV2`^W8ֿ%j9S.=~u'd",[p\9K}:txil.S‹z`H Ziu,zUUN*0C䵨Y8omcL4|zyz&ZeK`g&H?9 1P4?|4@&fBn*TB*҄ G<}iW&X:P +pDx; 5qsnԹjYSԵ*[:?qJ,/idXQ^akAl"s l,HdC$*rWI٘;"{3Ƅҥؑ sz:2o@E4y K3xC#>˛k9sw+ pZA|Cݽ#O[Z~,4/S>{cjcJ<D>d21e?Rȕo0\>KW`駲@I3q}ʌֵgӓt6욟 6q3D-N8bS u+6ZauAH(n acs=I91quIUEwZ0NmpDL!y[7-ލ4 +Tp).d2،%"qJ." gWh cvsqy ap2T93H-ovoBɟbuG2jmC5zV6Z^o3F=a$|ae{X_7Tz6 l i1+:,Hv? I~M )n* ic9}ĕ ʣ sl2<f 9 @H'b@dxR 7HPT} 4[Gʍ[r[-&kM/t2 VDS+Ʒ;Z89k*g.;EA!R0cGϭֶ*#e+wb)9U ?#J mNxwׯRD^g_h;ט~Q`]ɎNv隹 z 94qԔG"?75SZW(tE,Ƿ\w#pTgkWBC[s,l/v@FN3mĢm+7U"oōc^,~E6UFn{e|D5=>мωJ3rkVa|eXi<0Hl':e0J)E.w7*f= ';tfWNFӓ]'(K)Q6[ JE]Wq#pp8x@vy+Ÿ{2hw.aޑ@9f~2( NM_f.2ɶE-gYY*ݩY 4p?iWhb2B?Wq> Qvb2=$J5"McކNO_.^vQ~%T(S\_4eGY\u/7u~I[a #+`S4)`q,ks?HU]יgӪF _v~@3&@q.O/x,ctX ŝ!9&E}/^7r/.(Q!r%$(Q& bĀmE#"! q91GwfD\%eDE#Dk96D{b^qՈk/IgѾZ`tI_f}-U_ޅqS*\y O% $PnS3MeZ33*%ߗjWuDknZi*&hu)$ղL '.kr‹WyH3Jk|ċkyy3L-U0&>/݃]{Eu0ˣYG@YB+(H9mY3z%/2+ dA=#'xGk-26'I, JsaXa4qWbzP>& scU.+]޳93MۘYN:]/>{`jגgbYRJ 罖 !+k-Άx̐pc؟+;JÍFxY 烳88ʙ!-8phK*<[*[(1$eWEo$6%r?:}q̱B&{PO# gfAI> l-ԋ 痾nlߤcN'b,O h!X+ -;_|_ӻؙ5|2P+J{b U3J ml,1xw3Ex bFH_AE1d-En^F2`_t.ޕ3 4;΂Hg^{px)$ ZSܘ;? ki3SX& c?A%̦AUe,=H~51a?XuF brd}&y.},;pZ{N>b\(&KQRՁK[)` f ^|w߼yU!``Oŭ }8}/B0KW3~XF(d3!: ,,C xUrPrV>MGBX}->idG@ ϓhs''4-c}KȔ__ZFk <1rlMT+A60n1) W==!ah&7N`(%z_#$o{_ԅ~6/9m>"+1vuc #S/r O J!+l[⩋yyUViKHmU>7Jk3XTw cec[۰3/GPgti*!8CkHV/{ن )@4ThXh:9NGt+ ʶ)b*v#2*.ng@VY oKh֍f*U@=k B sK'˿co ;s#gt%z.˗$u LtZTih%jvFjfnG.h$(yc}wؙ5) o hD{9^̣cG壖AWHq2L} ZkVe6U fΟ~yD%y0z?>)IH?H&o+X9Ʃ=xxO!n{MjrC#3#ٱ65IwD38BQ}0p1[Etќp]`45S~qԕXp<xvAj]K2T< m IjA6 9=^ֵY1;%rؘ"ʦ!Xכ}AF"%bE4)/U ;5O` b8` }^oaoB?<٧\Id F_%-c+R n_pQhy'4Jؗ|6_Y؈ @jla) (3AC0Z^d nɥLޫP6Lő& cGH4#(BNg2 8@IFƫ$̎#XQf1׌ZeEd͊8mhX5`rV .!.Q߅^'١i `u`uѵvm| L8w 07G?{]"F\)q}fFG }`{DF&r @HʶYTۥ+Mg`GYm"L!g92jSJ;<@GU7 uci d6=u))jvS±Gq@Jk.xfzS;Α8L2zFRTuk:fwz0ZT~@uev+?cjxKGGշ> ( xZG><-U;>z-8CwH39)f;4$D6U₫~A(3A,s?r7 ;< y"cU[Qnl%bqVČ`pAnY鲡7r!:-&Djaߥ-60`4]Btn#zF*!o^Z4:C\m*p~wڂuR׼S/|,ji&d |Jx$̘'ػ=x. I:],`5ܑDiV@تEџȘnVC1I=r 52liw;Oc'1?{!MMnΉz44!]+ՃP ~@vQhRsMɣ(pGOԒN?Zn~.D!W:v1a}MA*G˂-xšFh2>(y,kQw<|dLovvdx:xvoyMasه*Y Qrk 4U*&a,&͸ m=p*Hf嵑&xp#uqcw rSU {4I8Sk! 646G"XytdIQ>\'u…: )zSoM>G ZȒq=NC:Dcp3M/M&$OA $0I\ޡ+RM|T#9ȋn vqFFyx-#8A7angF<ɑ* 1jSм,hsUv.=~|:~^׉{sE|S_iǡBnҦꗅ@FaPgPdjq+FDce쒱u-:#͈IȭUm { &`@ FyZVU[[H!ĢBthjM]b,Յ}pc>awFSe8u[l ЌM#85GXcd˫<>*$:,DtK, z%`X,NNި20.klp@B)8$6\o~QP8hgPʵVɘBPr 2RK7D\3:>wj܉u[_>4Gc$Vzڢn1`c ]|%aU08^Zﴟ~d6}& qǢjCa}gW6?&Bl$c頰 +tی PwVƐYDfa7׹B(ZNքlG9 MPϥn3e~q][SL}_4Xq>U0NjA[ѷw1ohZ]D>d2^e( i# % 9Q]~>s8ic*uw˰0O[(kVJMZۨ$q=_|ȌNHHUnpW6Xaf(2pifv~c^yq8G˒ejRB^e]$, -{H:|̣UbGyܵxiͫ7pR"ӊAW7v ~?nK.Xw$Tr .H6Ppζ)iev j0:䛋זc1K'cjd^{,IQ1M{! TI1%5KA<.F{hQkm&[S#:>=;) p/,?!3`>P1$%DM2hXvͧNzkulb IT,Dҹ{xr 4(26XeBMv]Ǡ-^xGHȫ%ޭ(?D<>`Qj!X8j&aOUbɤ!h!D^j]~,/Hluںe> l1a Y _n6l4y[2gg(i |V,D/VCRY#' w2@ﻋzSm^ʻq[bFn:|\=!Ru+hhlA]~Yٮ'k-^Rm(WȦ sAxHc%z:|'!wzT15ȱ~X#W}\^%\ĤЇۮ5*  1/L6|amS!t&=/\#L{xU7c7s}ݶN]ar6(>qT)d ]U@=Fo`ɘ6ʛ;e8x4.^zeebZYw*- Y:ecWwݶ\9o6*9gKEH=/Ks)nXKi>y.#09Q{_0_W pofۓm*h:ci;Ub\G:n1!} |XƆɣ qx1``܇(6n@iKV# 0 Θ`R;>tLW4,;Y@MP<쬪HX>h=Jݩ`*Ĺ\,m8ߝRN=F^^=Kl{FA dZ\,BB܎T^H7\D9cXt!2s*Y)+ǠE'K,#hQl(z^"4]NwMN@P5,: GtUg# qx=5g4ML*^kV8b;<eE|E@ F$Sy)} j$~>lXD51lSŇY%yyt6m{l5GG`FJIV{ EqC[ `FW@"#@i H{wDuJ~ 7(nFa4")#:-֢",93FژI쾏Cyu3$ZKfuݥ_) kv*bS5[t+bDZIcŹ~N&+L~/j.,%\8 _p|Uq 3_0@xN̿le*]4}ڄSzikDiv@'9R^D_YƱ'/ذ4+ARz'Au07|El 4W«9rc\,ޱq JK!z]Վ&p nGk"ՂVa'ĸV篗;a imJcylt6M)K.iI?_>C x6tAU$3{ ,|IIe ~L7 Hc?. _2|&=O FvX^ƻޛAGQh#NQ1bcD3Zb>os'op}k!8 / 6!iA QIwT+o;Q'T3$`*vC>wxAe) ؂&EG}hG$/t&IZO=eDUZ`$x+~TͪEC#WG{)JF{1 ~m2kGprƃC)!kaFy+vޅuqRTA(:"*CF@A j'J@9҂Rk-4?KQ64:O@Ykᎀ%X%k7tȩk$|{ ԥ:BJFσEqHqT ϒi?{Pa>:lCC\l}6.MɗS H |R;~W mx?L3tOmI=vLSWjVAWP{(ҁ&,/=y.P8d @?V%PVs^8caR;JodjNLGl!0eۇ3luPp*HlE{#4 @EW~Q˾?B!04 G2U;XI_9x 漞a@6)ɨ 9s½ JN?}[P'%0ҐDÅ >l}ޑ-2 VSds[&,G;}lQI'0x[{Cȿ"=5;E_Qe%S,gHM$y' (Vea}EfSA҅!wx#jeT^yZ%s#8$,<KiOGjh@ aSf~!ۀ0I)RQ,uR'0ʀg)+}_4&;`9Eq,<1ܰ4XRg ʾ\&4$ʺР8qA:kPU?]'{h%!!"Ѐk`aiO_+P Z_~; #Zi oɫ6?_8t3-~6B;ck!K.̴w:֩hKXм5MÍ1.r 0p31#fD !ˏ,%A#NH6EO[ޮ_hN`v1p2%C2\r~a")S4`W XG$`%nwŷ޲NB[CuAVu_p{Zz--x{ lk4Ig@jM<~Z(K peaz[HO]vJKT^N~RUPW욽 NDv\Cml8JV[![wr[6uBqR67w¹P. *Ǿ<ݹG AZՌRbS#Uefo F24tݐ:3C>Q–:D'_mз +&i,*_ٮ}oJN-IOu__mXYFx.벻Z"eȣQ;;IK i 95+zu2'0pn3a*y@v,+WtI*<0i\h!IݗzvI$:Țnv,[%s WSbhu\wsg,6U62+SĐZT-8'rs0a\oNiW<+Z L=28DeȈpI@!&HFFw] Wϭ(ª²M2L>% h8[gVxQWiOP {1{>AS2h€K So R7 >nE~fFP" ZrDϏyQkFU#앿WnHcp8K⅀0MTz%4!)Jqx5Y1sD:j|(ѫ]rH:R}srĕ Xߒ98̶\zƘU>Zҟ5{iōq,&=gY'B6A;" YiTKG&l+qz'#ʱzj)[?`3/Agscl T:|ҵxo\μeHQZJ۽}99M{֨;Epq>vJԢ D`-4ȇ'$ n;E*R+ Є{8e3d %3m꥾PݚkcM>K[3̌~q4>N XgwT[+** k*;tۡfnhR1!\dׅw> De#b2YIB|p-A^ jAsz[/ bK\I}%)BZ^T/S^'=Z0ʸFZѤ#22yH*BV˷P^qsS'à$e}h-Gq E̳]{p 2X"ʍuifjl\׊ Q6B03V, ` c/e $$p࿹mBPOp*N*o*k˭5b$0$ttVZL;?<\ K9SM cF9Tj>whnziCBn[mO'ߠtBغkoB8ꭖu(7{ŢpL{BiHhЎQRd|l b4GYYQ=>:Rx՚N+U4oHM{pDoxyMP [ig]L* DEssSи5yR l"XkƐH+$ޡ1(v2Η8j*ELsrq ?Nބz.5H/%Z +>-x}yZH(0+'=;aKBF5WB<7&98ZC-g҃Wjwv^TYx~=8s. 'R\ӝvqfZu#7\]؎d!xBSyțq1Ͽ,t90_K(/#'MgV qy^-( Tg-n+;9ȗA;~o l;TkUwLF#ObF>(q(bJ|DYX#`Z_"_`egc>y7f;猔8yxz;*_{d}Ht?V~2M`;}x4'7  ]e6MъFm9[j4♨E0B [ FtMA~|3v O{V@ՍmevqN NC;^9[kYǤmK?:z(ٝ)4{:m0>m(%"t\*( l ᇝ%XtB'UV1ּn}o6, 9mIY}|mJ; qpݡ xE[/| [¿ cԖuQÝHVEq)%"~r"pK29 2OzHDg~>Q- =(74" <8ꚙIHEŕz 22}V, վ9$1nzΌ;UB5! |pYYr+CV.K?xw{:[C۹[qW-gưӱ&L5ԙ&%. ec] n;JG5B"tT6%u&0OnV~X5([< MeMӳPYdbֱEsA\H䫽wc:\L"Ә#q?DJ^lW] ԛJP0J/bpܩ[:W_"IR t~t3e E~aQ;2Wh&-CCiz?WI$8ۉه":[g%v7BWmݺkLd0{K*7_I.9sGUH, HgFGK5;0$% Cmj/?}}Qoټ$Grz%(k!b*kasiSs&Mt~\E 5މ- 'DXs;(c'@H#%iI{gTA+sW)l ))d(I0ERԑlYri*A6^dxqaiE>W +BM=}%h!߸Kuߏ>j<ˬ9ג&$?Jig`$JfʢiR(.6 f7E)9jh'L< kܱ[+Q^goS鴛-^؞Z#zu:O Q|78dbydbeMi>U@Rά|J@]]r p}j?l}r.cӑ$BFBІ6ydR+b!VhaՊ-9x@Tj/ʁ4`_QdΨzGnmuYWR'