í«îÛ    pdns-backend-geoip-4.1.8-lp151.2.9.1                                                Ž­è         <   >     ,     è            ê          ì          •‰ _kS?¸‹/Ô=½Â„~ÿWÓ8æºÄ®kÇ®¨ö¬-”¿ÝL~Xúws^ÒÏå&™ï1NµìŸo~5.væÎp-7ñ]QÜ¼ ¯»ç`†
€Páâ9òÒwD">æãÈâC¦Ì#£‚¼ÄÃ‚qþ3Ýð%++ zÃ"L1eoåµÞ…ámÒtÚÕ£`I^ÍgvïµÍ‘Aìû”C[O’Î)&Ùˆ.˜pîÔÛT$cf
àæ.Î7 ÃÇ†1Ûó0]µZZ¸FÐßàq·`ÞYÀØ¤Ð;l$¦Êüs¼º#šzŒ0õêZ$X<Õ£eºOdÏH2ê+œðä‚‡/6¦ëZ®ò2†åiç®	-[ÚZ…%°4‰Êùê‘   >   ÿÿÿÀ       Ž­è       >  X¤   ?     X”      d            è           é           ê           ì   	   '     í   	   ?     î      ä     ï      è     ñ      ô     ò      ø     ó          ö          ÷     !     ø   	  :     ü     ^     ý     x     þ     ~          ˆ          Œ     	     Ž     
               ”          Õ          Ø          Ü          á          æ                              X          ¬               (     B     8     L   2  9        2  :     
p   2  F     Uv     G     UŒ     H     U     I     U”     X     U˜     Y     U¤     \     UÌ     ]     UÐ     ^     Uã     b     Uô     c     V     d     W1     e     W6     f     W9     l     W;     u     WP     v     WT     w     Wè     x     Wì     y     Wð     z     X4     “     XD     Æ     XH     ä     XN     å     X   C pdns-backend-geoip 4.1.8 lp151.2.9.1 GeoIP2 backend for pdns The PowerDNS Nameserver is a authoritative-only nameserver.
It conforms to contemporary DNS standards documents.

This package holds the GeoIP2 backend for pdns.    _kS?obs-arm-9    openSUSE Leap 15.1 openSUSE GPL-2.0-only http://bugs.opensuse.org Productivity/Networking/DNS/Servers https://www.powerdns.com/ linux aarch64    í  _kS74b2b043974f33d14968687163d1b95c3c13d84761d8afba4afa9ee1a169d597e        root root pdns-4.1.8-lp151.2.9.1.src.rpm    ÿÿÿÿlibgeoipbackend.so()(64bit) pdns-backend-geoip pdns-backend-geoip(aarch-64)   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @      
  
  
  
ld-linux-aarch64.so.1()(64bit) ld-linux-aarch64.so.1(GLIBC_2.17)(64bit) libc.so.6()(64bit) libc.so.6(GLIBC_2.17)(64bit) libgcc_s.so.1()(64bit) libgcc_s.so.1(GCC_3.0)(64bit) libmaxminddb.so.0()(64bit) libstdc++.so.6()(64bit) libstdc++.so.6(CXXABI_1.3)(64bit) libstdc++.so.6(CXXABI_1.3.9)(64bit) libstdc++.so.6(GLIBCXX_3.4)(64bit) libstdc++.so.6(GLIBCXX_3.4.11)(64bit) libstdc++.so.6(GLIBCXX_3.4.20)(64bit) libstdc++.so.6(GLIBCXX_3.4.21)(64bit) libstdc++.so.6(GLIBCXX_3.4.9)(64bit) libyaml-cpp.so.0.6()(64bit) pdns rpmlib(CompressedFileNames) rpmlib(FileDigests) rpmlib(PayloadFilesHavePrefix) rpmlib(PayloadIsXz)                 4.1.8 3.0.4-1 4.6.0-1 4.0-1 5.2-1 4.14.1    _k8À^‡%@^`éÀ]A‚À\”Î@\ˆ@\ˆ@\ˆðÀ[âÓÀ[†ŠÀ[©@Zõ…ÀZÝÊÀZÐ›ÀZ†ÇÀZòÀZþ@Zþ@YøeÀYè“ÀYÎ5ÀY}Ê@YMÀYMÀXÞDÀX“@X~@XxÁ@XxÁ@XN‘@Wœ–ÀWƒŠ@WJÙÀV±ëÀV8¡ÀUæäÀUvÕ@U>$ÀU8ÞÀTôPÀTÐ¸@TÐ¸@TÐ¸@Tto@Taú@T_W@TR(@TO…@TO…@TO…@Adam Majer <adam.majer@suse.de> Adam Majer <adam.majer@suse.de> VÃ­tÄ›zslav ÄŒÃ­Å¾ek <vcizek@suse.com> Adam Majer <adam.majer@suse.de> Michael StrÃ¶der <michael@stroeder.com> Michael StrÃ¶der <michael@stroeder.com> Michael StrÃ¶der <michael@stroeder.com> Dirk Mueller <dmueller@suse.com> Michael StrÃ¶der <michael@stroeder.com> amajer@suse.com michael@stroeder.com kbabioch@suse.com mrueckert@suse.de adam.majer@suse.de michael@stroeder.com adam.majer@suse.de mrueckert@suse.de adam.majer@suse.de jengelh@inai.de adam.majer@suse.de vcizek@suse.com wr@rosenauer.org michael@stroeder.com michael@stroeder.com mrueckert@suse.de adam.majer@suse.de michael@stroeder.com adam.majer@suse.de adam.majer@suse.de dimstar@opensuse.org michael@stroeder.com mrueckert@suse.de michael@stroeder.com michael@stroeder.com michael@stroeder.com michael@stroeder.com michael@stroeder.com mrueckert@suse.de michael@stroeder.com mrueckert@suse.de mrueckert@suse.de mrueckert@suse.de mrueckert@suse.de mrueckert@suse.de michael@stroeder.com Led <ledest@gmail.com> michael@stroeder.com mrueckert@suse.de mrueckert@suse.de mrueckert@suse.de - CVE-2020-17482.patch: fixed an error that can result in leaking of
  uninitialised memory through crafted zone records
  (CVE-2020-17482, bsc#1176535) - pdns_maxmind.patch: backport support for MaxMindDB - Build with libmaxminddb instead of the obsolete GeoIP (bsc#1156196) - CVE-2019-10162.patch: fixes a denial of service but when authorized
  user to cause the server to exit by inserting a crafted record in
  a MASTER type zone under their control. (bsc#1138582, CVE-2019-10162)
- CVE-2019-10163.patch: fixes a denial of service of slave server when
  an authorized master server sends large number of NOTIFY messages
  (bsc#1138582, CVE-2019-10163)
- CVE-2019-10203.patch: update postgresql schema to address a possible
  denial of service by an authorized user by inserting a crafted
  record in a MASTER type zone under their control.
  (bsc#1142810, CVE-2019-10203)
  To fix the issue, run the following command against your PostgreSQL
  pdns database:
    ALTER TABLE domains ALTER notified_serial TYPE bigint
    USING CASE WHEN notified_serial >= 0
    THEN notified_serial::bigint END; - Update to 4.1.8
  * #7604: Correctly interpret an empty AXFR response to an IXFR query,
  * #7610: Fix replying from ANY address for non-standard port,
  * #7609: Fix rectify for ENT records in narrow zones,
  * #7607: Do not compress the root,
  * #7608: Fix dot stripping in `setcontent()`,
  * #7605: Fix invalid SOA record in MySQL which prevented the authoritative server from starting,
  * #7603: Prevent leak of file descriptor if running out of ports for incoming AXFR,
  * #7602: Fix API search failed with â€œCommands out of sync; you canâ€™t run this command nowâ€,
  * #7509: Plug `mysql_thread_init` memory leak,
  * #7567: EL6: fix `CXXFLAGS` to build with compiler optimizations. - Update to 4.1.7 with a security fix:
  * Insufficient validation in the HTTP remote backend
    (bsc#1129734, CVE-2019-3871) - Update to 4.1.6
  * Prevent more than one CNAME/SOA record in the same RRset - adjust buildrequires for mariadb 10.2.x on SLES - Update to 4.1.5
  * Improvements
  - Apply alias scopemask after chasing
  - Release memory in case of error in the openssl ecdsa constructor
  - Switch to devtoolset 7 for el6
  * Bug Fixes
  - Crafted zone record can cause a denial of service
    (bsc#1114157, CVE-2018-10851)
  - Packet cache pollution via crafted query
    (bsc#1114169, CVE-2018-14626)
  - Fix compilation with libressl 2.7.0+
  - Actually truncate truncated responses - Update to 4.1.4
  - Improvements
  * #6590: Fix warnings reported by gcc 8.1.0.
  * #6632, #6844, #6842, #6848: Make the gmysql backend future-proof
  * #6685, #6686: Initialize some missed qtypes.
  - Bug Fixes
  * #6780: Avoid concurrent records/comments iteration from
    running out of sync.
  * #6816: Fix a crash in the API when adding records.
  * #4457, #6691: pdns_control notify: handle slave without
    renotify properly.
  * #6736, #6738: Reset the TSIG state between queries.
  * #6857: Remove SOA-check backoff on incoming notify and fix
    lock handling.
  * #6858: Fix an issue where updating a record via DNS-UPDATE in
    a child zone that also exists in the parent zone, we would
    incorrectly apply the update to the parent zone.
  * #6676, #6677: Geoipbackend: check geoip_id_by_addr_gl and
    geoip_id_by_addr_v6_gl return value. (Aki Tuomi) - Use HTTPS links in .spec file like mentioned in PowerDNS announcements
- removed obsolete 6370.patch
- Update to 4.1.3
  - Improvements
  * #6239, #6559: pdnsutil: use new domain in b2bmigrate (Aki Tuomi)
  * #6130: Update copyright years to 2018 (Matt Nordhoff)
  * #6312, #6545: Lower â€˜packet too shortâ€™ loglevel
  - Bug Fixes
  * #6441, #6614: Restrict creation of OPT and TSIG RRsets
  * #6228, #6370: Fix handling of user-defined axfr filters return values
  * #6584, #6585, #6608: Prevent the GeoIP backend from copying
    NetMaskTrees around, fixes slow-downs in certain configurations
    (Aki Tuomi)
  * #6654, #6659: Ensure alias answers over TCP have correct name - Update to 4.1.2
  - Improvements
  * API: increase serial after dnssec related updates
  * Auth: lower â€˜packet too shortâ€™ loglevel
  * Make check-zone error on rows that have content but shouldnâ€™t
  * Auth: avoid an isane amount of new backend connections during an axfr
  * Report unparseable data in stoul invalid_argument exception
  * Backport: recheck serial when axfr is done
  * Backport: add tcp support for alias
  - Bug Fixes
  * Auth: allocate new statements after reconnecting to postgresql
  * Auth-bindbackend: only compare ips in ismaster() (Kees Monshouwer)
  * Rather than crash, sheepishly report no file/linenum
  * Document undocumented config vars
  * Backport #6276 (auth 4.1.x): prevent cname + other data with dnsupdate
  - misc
  * Move includes around to avoid boost L conflict
  * Backport: update edns option code list
  * Auth: link dnspcap2protobuf against librt when needed
  * Fix a warning on botan >= 2.5.0
  * Auth 4.1.x: unbreak build
  * Dnsreplay: bail out on a too small outgoing buffer (CVE-2018-1046 bsc#1092540) - add patch for upstream issue #6228
  https://patch-diff.githubusercontent.com/raw/PowerDNS/pdns/pull/6370.patch - geoip not available on SLE15 but protobuf support is available. - Update to version 4.1.1:
  bug-fix only release, with fixes to the LDAP and MySQL backends,
  the pdnsutil tool, and PDNS internals - Update to version 4.1.0:
  + Recursor passthrough removal. Migration plans for users of
    recursor passthrough are in documentation and available at,
    https://doc.powerdns.com/authoritative/guides/recursion.html
  + Improved performance: 4x speedup in some scenarios
  + Crypto API: DNSSEC fully configurable via RESTful API
  + Database: enhanced reconnection logic solving problems
    associated with idle disonnection from database servers.
  + Documentation improvements
  + Support for TCP Fast Open
  + Removed deprecated SOA-EDIT values: INCEPTION and INCEPTION-WEEK
- pkgconfig(krb5) is now always required for building LDAP backend
- pdns-4.0.4_mysql-schema-mariadb.patch: removed, upstreamed - package schema files in ldap subpackage - Update to version 4.0.5:
  + fixes CVE-2017-15091: Missing check on API operations
  + Bindbackend: do not corrupt data supplied by other backends in
    getAllDomains
  + For create-slave-zone, actually add all slaves, and not only
    first n times
  + Check return value for all getTSIGKey calls.
  + Publish inactive KSK/CSK as CDNSKEY/CDS
  + Treat requestorâ€™s payload size lower than 512 as equal to 512
  + Correctly purge entries from the caches after a transfer
  + LuaWrapper: Allow embedded NULs in strings received from Lua
  + Stubresolver: Use only recursor setting if given
  + mydnsbackend: Add getAllDomains
  + LuaJIT 2.1: Lua fallback functionality no longer uses Lua namespace
  + gpgsql: make statement names actually unique
  + API: prevent sending nameservers list and zone-level NS in rrsets - Ensure descriptions are neutral. Remove ineffective --with-pic.
- Do not ignore errors from useradd.
- Trim idempotent %if..%endif around %package. - Added pdns.keyring linked from https://dnsdist.org/install.html - Don't BuildRequire Botan 1.x which will be dropped (bsc#1055322)
  * upstream support for Botan was dropped in favor of OpenSSL, see
  https://blog.powerdns.com/2016/07/11/powerdns-authoritative-server-4-0-0-released - This makes the schema fit storage requirements of various
  mysql/mariadb versions. pdns-4.0.4_mysql-schema-mariadb.patch
- preset uid and gid in configuration - fixed use of pdns_protobuf - update to 4.0.4
  - fixes ed25519 signer. This signer hashed the message before
    signing, resulting in unverifiable signatures.
  - send a notification to all slave servers after every dnsupdate
  for complete list of changes, see
  https://blog.powerdns.com/2017/06/23/powerdns-authoritative-server-4-0-4-released/ - added pdns-4.0.3_allow_dacoverride_in_capset.patch:
  Adding CAP_DAC_OVERRIDE to fix startup problems with sqlite3
  backend - use individual libboost-*-devel packages instead of boost-devel - update to 4.0.3 which obsoletes b854d9f.diff - b854d9f.diff: revert upstream change that caused a regression
  with multiple-backends - update to 4.0.2:
  The following security issues were fixed:
  - 2016-02: Crafted queries can cause abnormal CPU usage
  (CVE-2016-7068, boo#1018326)
  - 2016-03: Denial of service via the web server
  (CVE-2016-7072, boo#1018327)
  - 2016-04: Insufficient validation of TSIG signatures
  (CVE-2016-7073, CVE-2016-7074, boo#1018328)
  - 2016-05: Crafted zone record can cause a denial of service
  (CVE-2016-2120, boo#1018329)
  For complete changelog, see
  https://doc.powerdns.com/md/changelog/#powerdns-authoritative-server-402 - BuildRequire pkgconfig(libsystemd) instead of
  pkgconfig(libsystemd-daemon): these libs were merged in systemd
  209 times. The build system is capable of finding either one. - update to 4.0.1
  Bug fixes
  - #4126 Wait for the connection to the carbon server to be established
  - #4206 Don't try to deallocate empty PG statements
  - #4245 Send the correct response when queried for an NSEC directly (Kees Monshouwer)
  - #4252 Don't include bind files if length <= 2 or > sizeof(filename)
  - #4255 Catch runtime_error when parsing a broken MNAME
  Improvements
  - #4044 Make DNSPacket return a ComboAddress for local and remote (Aki Tuomi)
  - #4056 OpenSSL 1.1.0 support (Christian Hofstaedtler)
  - #4169 Fix typos in a logmessage and exception (Christian Hofsteadtler)
  - #4183 pdnsutil: Remove checking of ctime and always diff the changes (Hannu Ylitalo)
  - #4192 dnsreplay: Only add Client Subnet stamp when asked
  - #4250 Use toLogString() for ringAccount (Kees Monshouwer)
  Additions
  - #4133 Add limits to the size of received {A,I}XFR (CVE-2016-6172)
  - #4142 Add used filedescriptor statistic (Kees Monshouwer) - update to 4.0.0
  https://blog.powerdns.com/2016/07/11/powerdns-authoritative-server-4-0-0-released/
  https://blog.powerdns.com/2016/07/11/welcome-to-powerdns-4-0-0/
- packaging changes:
  - remotebackend split out now
  - enabled experimental_gss_tsig support
  - enabled protobuf based stats support
  - no more xdb and lmdb backend
  - added odbc backend where supported
- drop pdns-3.4.0-no_date_time.patch: replaced with
  - -enable-reproducible - update to 3.4.9
  * use OpenSSL for ECDSA signing where available
  * allow common signing key
  * Add a disable-syslog setting
  * fix SOA caching with multiple backends
  * whitespace-related zone parsing fixes [ticket #3568]
  * bindbackend: fix, set domain in list() - update to 3.4.8
  * Use AC_SEARCH_LIBS (Ruben Kerkhof)
  * Check for inet_aton in libresolv (Ruben Kerkhof)
  * Remove hardcoded -lresolv, -lnsl and -lsocket (Ruben Kerkhof)
  * pdnssec: don't check disabled records (Pieter Lexis)
  * pdnssec: check all records (including disabled ones)
    only in verbose mode (Kees Monshouwer)
  * traling dot in DNAME content (Kees Monshouwer)
  * Fix luabackend compilation on FreeBSD i386 (RvdE)
  * silence g++ 6.0 warnings and error (Kees Monshouwer)
  * add gcc 5.3 and 6.0 support to boost.m4 (Kees Monshouwer) - update to 3.4.7
  Bug fixes:
  * Ignore invalid/empty TKEY and TSIG records (Christian Hofstaedtler)
  * Don't reply to truncated queries (Christian Hofstaedtler)
  * don't log out-of-zone ents during AXFR in (Kees Monshouwer)
  * Prevent XSS by escaping user input. Thanks to Pierre Jaury and Damien
  Cauquil at Sysdream for pointing this out.
  * Handle NULL and boolean properly in gPGSql (Aki Tuomi)
  * Improve negative caching (Kees Monshouwer)
  * Do not divide timeout twice (Aki Tuomi)
  * Correctly sort records with a priority.
  Improvements:
  * Direct query answers and correct zone-rectification in the GeoIP
  backend (Aki Tuomi)
  * Use token names to identify PKCS#11 keys (Aki Tuomi)
  * Fix typo in an error message (Arjen Zonneveld)
  * limit NSEC3 iterations in bindbackend (Kees Monshouwer)
  * Initialize minbody (Aki Tuomi)
  New features:
  * OPENPGPKEY record-type (James Cloos and Kees Monshouwer)
  * add global soa-edit settings (Kees Monshouwer) - update to 3.4.6 [boo#943078] CVE-2015-5230
  Bug fixes:
  * Avoid superfluous backend recycling
  * Removal of dnsdist from the authoritative server distribution
  * Add EDNS unknown version handling and tests EDNS unknown version
  handling
  Improvements:
  * Update YaHTTP to v0.1.7
  * Make trailing/leading spaces stand out in pdnssec check_zone
  * GCC 5.2 support and sync boost.m4 macro with upstream
  * Log answer packets only if log-dns-details is enabled - update to 3.4.5
  Bug fixes:
  * be careful reading empty lines in our config parser and prevent
  integer overflow.
  * prevent crash after --list-modules (Ruben Kerkhof)
  * Limit the maximum length of a qname
  Improvements:
  * Support /etc/default for our debian/ubuntu packages (Aki Tuomi)
  * Our Boost check doesn't recognize gcc 5.1 yet (Ruben Kerkhof)
  * Various PKCS#11 fixes and improvements (Aki Tuomi)
  * Several fixes for building on OpenBSD (Florian Obser)
  * Fix several issues found by Coverity (Aki Tuomi)
  * Look for mbedtls before polarssl (Ruben Kerkhof)
  * Detect Lua on OpenBSD (Ruben Kerkhof)
  * Let pkg-config determine botan dependency libs (Ruben Kerkhof)
  * kill some further mallocs and add note to remind us not to add them back
  * Move remotebackend-unix test socket to testsdir (Aki Tuomi)
  * Defer launch of coprocess until first question (Aki Tuomi)
  * pdnssec: check for glue and delegations in parent zones (Kees
  Monshouwer) - no longer ship dnsdist here, we will ship a new package based on
  the snapshots from http://dnsdist.org/ - update to 3.4.4 with a fix for CVE-2015-1868 (boo# 927569)
  Bug fixes:
  - commit ac3ae09: fix rectify-(all)-zones for mixed case domain
    names
  - commit 2dea55e, commit 032d565, commit 55f2dbf: fix
    CVE-2015-1868
  - commit 21cdbe5: Blocking IO in busy-wait for remote backend
    (Wieger Opmeer)
  - commit cc7b2ac: fix double dot for root MX/SRV in bind slave
    zone files (Kees Monshouwer)
  - commit c40307b: Properly lock lmdb database, fixes ticket #1954
    (Aki Tuomi)
  - commit 662e76d: Fix segfault in zone2lmdb (Ruben Kerkhof)
  New Features:
  - commit 5ae212e: pdnssec: warn for insecure wildcards in opt-out
    zones
  - commits cd3f21c, 8b582f6, 0b7e766, f743af9, dcde3c8 and
    f12fcf7: TKEY record type (Aki Tuomi)
  - commits 0fda1d9, 3dd139d, ba146ce, 25109e2, c011a01, 0600350,
    fc96b5e, 4414468, c163d41, f52c7f6, 8d56a31, 7821417, ea62bd9,
    c5ababd, 91c8351 and 073ac49: Many PKCS#11 improvements (Aki
    Tuomi)
  - commits 6f0d4f1 and 5eb33cb: Introduce xfrBlobNoSpaces and use
    them for TSIG (Aki Tuomi)
  Improvements:
  - commit e4f48ab: allow "pdnssec set-nsec3 ZONE" for insecure
    zones; this saves on one rectify when securing a NSEC3 zone
  - commits cce95b9, e2e9243 and e82da97: Improvements to the
    config-file parsing (Aki Tuomi)
  - commit 2180e21: postgresql check should not touch LDFLAGS
    (Ruben Kerkhof)
  - commit 0481021: Log error when remote cannot do AXFR (Aki
    Tuomi)
  - commit 1ecc3a5: Speed improvements when AXFR is disabled
    (Christian Hofstaedtler)
  - commits 1f7334e and b17799a: NSEC3 and related RRSIGS are not
    part of the dnstree (Kees Monshouwer)
  - commits dd943dd and 58c4834: Change ifdef to check for
    __GLIBC__ instead of __linux__ to prevent errors with other
    libc's (James Taylor)
  - commit c929d50: Try to raise open files before dropping
    privileges (Aki Tuomi)
  - commit 69fd3dc: Add newline to carbon error message on auth
    (Aki Tuomi)
  - commit 3064f80: Make sure we send servfail on error (Aki Tuomi)
  - commit b004529: Ship lmdb-example.pl in tarball (Ruben Kerkhof)
  - commit 9e6b24f: Allocate TCP buffer dynamically, decreasing
    stack usage
  - commit 267fdde: throw if getSOA gets non-SOA record - update to 3.4.3
  Bug fixes:
  - [commit ceb49ce] pdns_control: exit 1 on unknown command (Ruben
    Kerkhof)
  - [commit 1406891]: evaluate KSK ZSK pairs per algorithm (Kees
    Monshouwer)
  - [commit 3ca050f]: always set di.notified_serial in
    getAllDomains (Kees Monshouwer)
  - [commit d9d09e1]: pdns_control: don't open socket in /tmp
    (Ruben Kerkhof)
  New features:
  - [commit 2f67952]: Limit who can send us AXFR notify queries
    (Ruben Kerkhof)
  Improvements:
  - [commit d7bec64]: respond REFUSED instead of NOERROR for
    "unknown zone" situations
  - [commit ebeb9d7]: Check for Lua 5.3 (Ruben Kerkhof)
  - [commit d09931d]: Check compiler for relro support instead of
    linker (Ruben Kerkhof)
  - [commit c4b0d0c]: Replace PacketHandler with UeberBackend where
    possible (Christian Hofstaedtler)
  - [commit 5a85152]: PacketHandler: Share UeberBackend with
    DNSSECKeeper (Christian Hofstaedtler)
  - [commit 97bd444]: fix building with GCC 5
  Experimental API changes (Christian Hofstaedtler):
  - [commit ca44706]: API: move shared DomainInfo reader into it's
    own function
  - [commit 102602f]: API: allow writing to domains.account field
  - [commit d82f632]: API: read and expose domain account field
  - [commit 2b06977]: API: be more strict when parsing record
    contents
  - [commit 2f72b7c]: API: Reject unknown types (TYPE0)
  - [commit d82f632]: API: read and expose domain account field - set $LD for now. this fixes the configure check for relro,now. - remove custom PIE handling. upstream does it for us now. - update to 3.4.2
  This is a performance and bugfix update to 3.4.1 and any earlier
  version. For high traffic setups, including those using DNSSEC,
  upgrading to 3.4.2 may show tremendous performance increases.
  A list of changes since 3.4.1 follows. Please see the full
  clickable changelog at
  https://doc.powerdns.com/md/changelog/#powerdns-authoritative-server-342
- move man pages to section 1 to follow upstream change - disable botan and geoip on SLE_12 because of missing
  dependencies. - Fixed broken _localstatedir - fix bashisms in pre script - update to version 3.4.1
  Changes since 3.4.0:
  * commit dcd6524, commit a8750a5, commit 7dc86bf, commit 2fda71f: PowerDNS now
  polls the security status of a release at startup and periodically. More
  detail on this feature, and how to turn it off, can be found in Section 2,
  â€œSecurity pollingâ€.
  * commit 5fe6dc0: API: Replace HTTP Basic auth with static key in custom header
  (X-API-Key)
  * commit 4a95ab4: Use transaction for pdnssec increase-serial
  * commit 6e82a23: Don't empty ordername during pdnssec increase-serial
  * commit 535f4e3: honor SOA-EDIT while considering "empty IXFR" fallback, fixes
  ticket 1835. This fixes slaving of signed zones to IXFR-aware slaves like NSD
  or BIND. - only enable geoip backend on distros newer than 12.3
  before the package lacks the pkg-config file and there is no
  fallback to finding geoip without it. - fix permissions of the home directory - enable some backends that we had forgotten:
  - pipe   (main package)
  - random (main package)
  - geoip  (new subpackage)
  - new BR: yaml-cpp-devel and GeoIP-devel obs-arm-9 1600869183              €        4.1.8-lp151.2.9.1 4.1.8-lp151.2.9.1        libgeoipbackend.so /usr/lib64/pdns/ -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -g obs://build.opensuse.org/openSUSE:Maintenance:13121/openSUSE_Leap_15.1_Update_ports/09357eebd4b440097887cd3db35b8206-pdns.openSUSE_Leap_15.1_Update drpm xz 5 aarch64-suse-linux       ELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=bc96f83f7033bf943ec70d165b2dd6ec7682c3db, stripped          P   R  R  R  R  R  R  	R  R  R  
R  R  R  R  R  R   R  Îsèé]³C°éŽ%Zëê   utf-8 e2c9b1ccb3b207f85e9d65886469958f63ef4eaea8635d13b4612cb8e74d253b        ?   ÿÿü    ý7zXZ  
áû¡ !   t/å£àKf8¤] "ÌkÀ%¡nÙæ60EÌÀý<$#]¨À²1GSŸ˜yË”I<%Ò*ƒÒ:`_†éŸ¬)'üQ^¾m@*nÉOW­¼çí”÷¨ª©úe;a Oªo¥æ‘|“€V»ÌlÓE8ÓÚŽI»(Û‡ymsáÕü›j\&ªiºž=Õ~½7
þ(€u`FâÒÌ¯~Ê­§åª€d Å&ñŒJM1 cŒe¯t;$ní–ž=MeyÚš¿ŸHäjr|_¨P°L}ŽWÐÉ¹Y1ŸÈëÉÙß~èÊac‰
Nn›åÜÂ¤ @”gg9[aM’Ëuú¡4Ìn ‡ºP2àm“Ô’~Ðá@±§]ÑôŽ›Å”C'º´ä+%Y8«F`üO\~	JËh/¶HªÏAäd, ‘`‹ýWâÖP–¿pÝwÜÏzá ¿¸¨ˆE}˜:D!3H
$¸=×qþé)üXÀ™ÛpE÷^ZétÒ‘©{"±i|yäèuvwhßâa`þy—ç	dcÜao«°VoUóÙ¸œòºhƒ9:ZÛf]òÊ+Ò|ãt
¥Lý¼Di´‡ƒië™ÖKV¤€"ÿyAX$úyB<ÔÑ—ó˜Öœúá8·…µ•Ýï«¬®øXw-Ô•½Ë³cÁÎP†Þ7Ž‡Ë€…LÔbÓ““»ûë=u¡Ä¾òÛ¨ü·É¯mÞ! I‚]ÄƒcÆc¼^î“'&s¯ÞV&—X|ßÛðk†
å$0ÿ¨ŸÓ¯®mÄEë?K©äë|µ]¯Q[îZ–t“fÿöÊ.g ¾ÑçÚ4c&5/ÝØµAFA"QÊÔÀXÛ°Ø~¥Ôä—<Ô³n :ªS›¥¦‚=eGAB‰/SƒßqÁdC¨.ÓÆ²ËUþWLÙ$ÎX˜òÎ,=¢·ìùè{×û÷7Ú|æÇ±^ƒ_ë(º{ª² »£;[Kì@F,}žGDØÿktès'êÈ
»
&špŠ¡5X¥a³ƒ3—IZIÂ„3X{¨<¼¼[zË±ˆÙ‡B¾pØ´Ä>6›cÝ:Ÿ 1q3Šáä¦ôÿ
c/Ö³kL¯ÛÈ®º@3ðŒ™äÈW±}…í}H‰±Ó¨¼òÆœ;¼>ŠVæÇ‹œXõMDaüMmÝ7üÌ[Ýç&N¦wøœ•Ï­Dí6éÌ‚ÎHKÖ±|?íÓõ'Š
¤dªè	? }F_´ˆÝÎ‘ÆSZ3viUð
[¾EÁí´Qºnà0XJ{Y±zcMç1šÒ×ž&‡X='Ÿ‚ò£aÖQvŽA[mý?i5l ÚÜ2·´¯©ˆ—e&íMÜ:ÆâË;U]æqõHZ_ñu2tlµ-j&¥‰í]âlÙ«vœÐE ÃXê+™êÔ£‡ìíh¦œ(¬–ºÍ>‰fƒùìz¨â”`ÊÀ³—ô$:¿²0EÛ¢ÓU™Dû*ÒÖ¿åÔœ%IEŽÅæá¯%;@K7Xó¦&goÙðˆ•-F©.5¹4ÙÌ8=õ½¬ÄjSBÇZ¥‰»4ÁÖwõËÊ~›€z0¼KÅ¯:AONâÜwãf"³A†ÊHlšƒŸ¨}&O£à^ÏY	q(¦v\K¹Vèæ¿ ê—ód³|ÑÑ¹µD®b¦NUáFÈ%€r#|û8SŽÈQÖM&[^sM¼¾8c²”W8ÖòXâŠë¼}µ¨¢Ûmé‹2Úk¬­ÎI‚ct¿_«ÅIyÖ$•¬	Ë6JoeãP¸¶+ºú3ùR”–Ènu³7ÝÊËÎ‰ÞTüØ¿‹q:’ö}d6ë ‘íÌ0²Óô)à+&Ï›®»iŒ¢šZfH€,:¸u-û¼½uÂŒr®3Cä“Óx]24æ&KŽÁ:ZN‚>ˆˆ¼[Í’•‘¦ŒƒHUœùSsÞèx@kãÉe7­+æöcõROŽršoKîç™ÅD‹t=êÙjÁL1Yõ‡í-Wët«ç€ã®’6Hd]öÒäaƒÆÇÃªz2R_ëäN. b5ØX5Ÿk—vÍSîè\8I‹šT^ä-‰<ÈÜ°àDâ(¸$:7…ŠEsÐ€Ü©È6»gÁƒ>hP°ÿ*Ké]©7ÆŠç a•õ1Uîv¡KŸ»¼)è¤wãë[Y bb\ð4%g>à]À€mì²x å”-oÜ ÆkÎ<
Éd["·‹.çý3³t¢Ôìó›Ýæ”¯w‚W´†	[G­;•¢g4MXÁØÑr&£@T)F@álÓ{[5Ïós0e*Í™bøÉH…}h]9TáÕ,bú~kŽ×Ñ×úÑK’zMÿ_F¥–(YMÜŸµÙÚ(½qQî%É’éÕddZÄî¦:oå·ZÃÈ}ß-_Ô°Òpà®_XÏü¢37Ôø‘+¦ ª'8¢”F`Ó)hÆ6mÈ¹ÓJž1Ml’š"¸¯±LD.›ÌÝþ³!Í·ÖP}p–I~¢¶`ÛÑ~0@_’OÞÍ¢l;ï6ÍÇ¹É²JÞleDïƒûùIïµ(¨—’,DLÔ~µon•)yuNl”!íRn¨Îy0ï_Ð(
ÐðMùÿg…÷úá!D…ã¦³àŒõƒ<Õ)4œ[°™ê·Å\Qn&¹T6G§:öV¤‡äS¬IÊÀááp6ˆÓødJè¯jrUïIO(˜å|Ô^F)p¹h	Ï*Vâ((•jG9Åùl‰èDtq5XI‡ããBøÌ[´Âr'(+ÇynxZtçóPŒÀ×Ö	Y• k\1LUýyÜ¨VÕ$T œÆèJ,¥+Uçd¤d\óÝx°¹ÊPÅf4ž/+R'„s¾L9±{!7µÔA$J÷Ú­Ù‚‚Ê•®ó»=ãJ€Ù&©x¢™B(w­÷?žE¬Ú˜£×·|ÞÅ’ÕJ«Dx2§47”£Û„+.`‡Z.Î:Ìzsó,E–!JY\ù0ìÓ«:[xÂqÉ>,¾D%ïÝõž‚æ£:8Þ§S¶7¦Ý$êÃ8äßÓ‹â€Ý4>M³Òú"óMœ¿{(ß–MŠØ2;ý©Gš°5¶"¶XKµ Eu?yËdõ.ßÐœÂj}–Áb†jÝ \89
e‚€Ø;C„ˆ°Ð3ýI?·´’<Ë™¼³::C_ÖŒÿ·–·%¦ÇzB››pgÀø@ú÷œÖù€ÂÐFúl5s®²
©in§eïí¶,«Ïƒ·!üµFüá`Ÿ£Öd˜]Ù°³²UHÎö¥Šc}6Bòö•ønØ«ÝVM2@Ù)XòÞŠQÜ;<ìú>†Ã‘üÉ‘í*\w†uâ‹:;Ôjb¿ï­ã”S£Ûâ]žîp$ß•ÚE	”÷6ÆhºLÑÒTÑùê Óák¤	œ<ïd3Í ™.‚ñ£Ãø«#yª­VRl‰Urâ”g¢0D2^*Þÿž™¦vGkI³¬ŽI‡c$î¦èöñoM¥ýypK ®6îåÚëÛ‚
óÙ`Õ6ç—?ƒ»hviFU¸7ó,ù™e×ç’Mk¡Ë·vôÙÑq­xOþbWÌD&™À/pš¹2÷aÛõãßºŠ`Ç¼º‡k¾å Õy6rž†]
s¢.TáÎ|·7ÍÏŠõ4·š wJˆ?Vl?Îô´--SïoÏ¶œKø”êV@$ücÜH_ÅHœ`&cŸœQ^x|…CàÄë¾ƒÂ{²«r†æ¶êœÉ•7¤..#«‚3!.s+Ækc·Èñ²M=ñ|ô×Y½ÄÛ¯§×¥ JÍsÚUŸccÚ‹—ž»Ëí"mwi”§n`3†_#èéhå]6±Ý?öúÐ}–FªàPáRA,˜@ÖæÖ_Mþ×x×1¿Edá|àÎr„â¿\aß	ïýx…l£ËH˜F€M²…©Áù¯²Âêå©@ÎÛeZ¤CÇ¹ãjFðU•=,¼48³­½HL‚ÖÐ°C´ä–%.pó}f`^éŽy^‘æÒWÔ2åŽèVÝ?‡/€Þ:Ø@¹à_ZS6²=ðß°Æ	‹MLzÓá6ØYù¿x,—ö0ŒøQèç…ªb(p›¢3Ø€iûVÛáÑcê/dM0}Ž¿’O’ÑPKëã¸¼î­¡8|‘†>¥t˜ó‰Bd'G¢’qÅÐßt¼Õþ¨ÎMT.E@Ö.-Šm0(Ý¯×êPûRÒPf…Ò×øüWOÕ¦£&ÚGj}€Ùˆg@3~Ì>zÊ¼â `ÅÝþ¥†Í%ã¤Ú É×ápŠ‘µ_ˆew­ÑØ0šÝjñP¾fÎ=¯x±°p?’Ãmô˜hþ!ŸÀ5Ì™p™Ð»jüxlÌâ]ÏG(–½áLúç.Áv­¦nVèïNâ6<±ÿüìXí#u•ìì°™åVÒ«%ù‹ÉœO¿@WÊ¶ÃÈ³ZŒ5•Ê0ü™±/ÀÇP©i!ÌtX>;ˆÀë5¯ë4˜ÏÏ? Ç˜_Œè,Po‚y“íw£¶ƒVìL^Ô@’©˜¨¹c`Æã4l]c|§BàzgU6¼.ûWmu¦—ÁLÆ¨&PÑmKëj[úpÍQ9‹–â2å"z›d/;O÷ç(C?¿|†Õ©U“Â*–ÿQµ½Ãù 1·ca~}îÙ­¾¥µWôHÆ´þcšœþô¼@E%«™÷ ˜Ð!êÀö¬a9[öEñÒ)ãÁ*¶Ö8j ì?ø…ø‘‚0¤ãí¹Õÿî1§û^ë"@I¶ØVªàŸ$ªæšénÙåçV¯d1n!:hf»¸ÆaÔ@5á®0)çŒFümFÁMµ)Ièå@§8Ò±#7”ºçñ¬%‘.§§Ê)˜O":¹†ðÊÁÐ4{R2o;ôÀ·"büÇb$xð¤@ .ìÔó‚®-á‚	êEÑ)V©„6µò¿¶ã¢>ƒónYXûMXoÖ•œrrÛšƒ¬lk ÃMRÒ’ÖŒ\€;Ý²ŸmÔ`íXÅûâgv›àèAƒ¦ûlt²»#×–»ìyA™
ÔïM¦‘Qû@ü[”FZòëïÁëÈ˜6<ð£­ê2YAì‡^þãÐ(G=]ØQÒÙ®éÐVó¶ þïèUÌándó¶±ÝPý>:El¤ØáÕh¥¼ý»vPAf5oø„@w’]¾õºüâha‚ ”¿_gÛ”µ_÷I|à”tùƒ9»}Z„&ýÂrÁ›ö
”t`’käÑ5ˆ½;ÐŠÎµÄA·m¨¨*ó]®Žïj‡Þ²²\UàiVâº[.í·pù;c0,ƒ¹qr]ÝÅ‚\›k»Þ&k+¯ÞžÙ2üý§Ö,—·µIOÛ(É†%RŒG¡Ædòüý×´)¾øG¾ÄžàFJÈ5ï.ÜïÛ²u–1%`V°2-ú`6ûëu»
»ð:)LÐ;ÊT2ýçu,§Ä¡˜¹Þ£#õãú''þ™Õ¤ÃRŸó!ÕÚ|S$Èv€À˜ÅtW¬,±,D»c±©]fš´#ÓÜÞ`±lIìgZëŽÚòÞ@±Äz†Ô0¬?˜J)pˆÏ0­r.¢-TIH#g}=cÁèpŒóC¤Øf—ó³àVŠüšhJ•þrkwjà—°*½&!Á[ ÕÇ‘oÙ;,q[QµW¡‡ûÜº¢N>«Fd¸å€cwø‘ Ä6+'žu=‰jo‹÷­¿uô—O |+_ÁŽRU¥NAåìÐH¾¼€@ß?—i~
ÿ*cïm‰¡‰¦ŽF°æE£GÔœæ¿u#!Bz>4”ÔW»‚„ßß&ž/âó{’"Jö¶Øãò)½Š$o{Hö;5W¢ëbzFÈÂveCuÊÄérÄoédªº;ÐÀ^™–WhÇ~’n×¶)AïdÈ.±Ó™öñ~ ¼«Ã¬j†›0Ÿ¶+Ç³ÕYñ2A¥ âpëÄº<°¸'2eìWR`QÒÁ\w¨¡¤v“G–_Á	…dþÒ³–¤'f÷‰üqpú¬<ñ‰v¸aùf­]øL5ÓbÄÔ•nmýIÊf×”N„-¸‘°ÑU’4PRáÐ‚¼sÞc1‰»éñçïÒ£ïk-¼ã/Ú	5\ä4@ 
NÙ6û¡[ê")ñ™ÐˆÈ|½ûÎA|ñãüþ¥Ìœ¢´=e;9ëA'g÷gH¿{ý„€k@8ÝBëîBÉüƒw—B¦)7—1Öe\pïw±ÚÆëAá‡ WëÍ™y¬ØÊ½1ØûSÒŽ•cñÙºË×u÷z3ÊÃ–ˆJ¸UŒÊkI’¬?7Ö™wÛ6õ_±6÷yeÂ<ðßAH‘ ét‰½‡}?ð¸=‚šÈ€þ©k×|c 2	ždí­ªÜ ÆM÷EÛÑciF*ŸÔXÒ±”C!OÞpˆ!„áÑŠ°JR¼ø¼“x¥Ò‘	ïQ÷c&G:Œ&@×<ùR©#ïÿiié‰Š%t#£³%ÂÌâ&ÌI÷êâ^¸Ë)uÀ÷Õ s¦Œ%5¦†2¹˜>Ü|˜Ò¡²çjIýT›€ƒ?An—äHIÒœ"5û8/¨¥l6 uhobÄR.#ý:6ÿwÙMYÌ¢ŽŒ·æDù–šsˆ‹•¯3ÎV‰^½òý9
pÒE´Ï¢¨©Ig à  At§D	vGôÃø×ð>fÏo$Qè-2o‰õÿ7xµ2å÷r¨“86yŒÒñi¯©ô;»Eè'ê®pè°Ä'ýø ÚNG~òŒ¥ âäÜáß íl…M?W0#²·*ò¸bFå`U^†B± h—þìÉµK¬Rftñýb™¨Œ”xc!ÿ›]O+ms¼
†z½ÖUÁKU»ˆnÈg®d¡äö8xaÞc©&IRœkÌ5®—ÜÿO„ôc!-Ç|‰+¶
°Õ©øïÐè	pÝ.þ%ÈföÑ3±‘¤FJ%<“h&1åç¯o¡Æƒ¢,"pJÄHtG}‘Òª_ˆ²ÏÛø®ŠôËw'9¬0š‹â`Ýà§½¥±ÞÀ¶1¼,©¢ÜÈ¹ &?mÊ©Ñ•L
›dEµö›3AŒÚÉ:ª7»yâ™Ö¹‰ÔHw–­ÀŽ4…DÜ³¥÷nã0Ð¦ÒµM³Ü?v¬v‡Ü·ø	xy«džô­Uò¦+Î)Ç7ÑbLBøOÁPÕDËä%
·“J&ŒŽÉÌYÑn±i£¡,yï308Û†Qö›Ë4ph~¹Ïq¡•ÆëðB#äUá_þ?e.–—)‚âD˜FÓå^ˆäMà\þÃí1úŒâO`Â‡­I]Ds˜÷±Ónn0…ažF€«ã¹+
8aOÝ5ŽûIyc™súP´ÌÔ MeBDüÝŽ÷¬h@J>Oðu]›ß™øµä•êI(ùgANc§u1F$!Cå|>Æ’·JŠÍIdÀp¨Ý¦–ýíoE|¼Ý}µ|äñÌ;ã<Ka’#ÊCã‚ ‹Ü<fïnYø‡ î~qvŒåÔî<·ƒß²>Ú†ùSåC¬¤sï¼ƒõª˜‚oÛAüw–ó‰w‡UNÔ”(l¥ú¤—¢‹èb'wÇÎÏkÔ’æ­¨+–ç%äIµPÃ(JßÅ!Þ·Tš‡Ý²H:h½‘’²=ŠÇÄ-q®‚Êc7Ää¡}W4Ÿ0V’Õ¸ñQÍ¨‘ÁRûØròÑª—Önt|åÞ|‰=­ÒÞá{>AðQ/3‘öp^F•×Þ®ì…M«ý:r2ýk«èñÃUÃ`(ì*OŠ×êë‹C>Ý$/·oÁ|›ú·èJjl¸£u¿»|€ý†HÈàs¶†cô4P–2Sc<ï¼áÞéè˜jg¼(5Þ–}§mg5*hŸ¼ú”ÔBzfì£CÍæ:
e ²þÕÁTOùÑ&«”ú·lçë¹4TBöP¼øAÜ&QA	jL÷/â„uà¦}KÇÈ~o2Kîh–‹ö ×©n{y-—Uµ_?©œc¤æf‰Ìy*8ÍÝ¦7E§2_ýµ›±<-£6]é2Ž7Ýiq¥’-5M¼À…Ÿb,êÂdŸíI¸#»®U¯éí=C©°Jy˜qî\ëÀ<(Ýná+rÎsIæXË³rômÂ•ßO´ÓvµH-ÎK&—Zîn¡mË †K‰Œ'b'gç—“VÖÞ¸û.FÖº>s2™ÅŠòÞ3o "†x;‹f,žÕ|×Aœñ±tì¸Ù`fñ§žô§¬ö•2v1É?Þ—w6–M¢#-Ýjü;Ç|äj†£Q G<¶ÉQ%ˆk",p¾g§Fá¬‰Æ¥‡~
Ie¡¡TQîu•ÑHîñ3ùgÅÜ‚Æž{Ri9y½/ÕÒ-ëùGÅ:ž·L«Œè¥M¼«T=?w%úhá,«&ãÀÈ<&ëð£á³]ª´âódr.ìnTÉÊ%m,Ð;àÄ-™—ƒM„¾‹Îç©Bþ{³{ùŸÐh%6‡¼¿ô{ï+(l6Y0—†F†Ç,õàØTëIío÷?Neðé*oŸxûn)š¥‚Uú¤bÊU½ð3R²\çå•_÷ƒ³…Î_üµÄ+‘Ññƒª_4op_&NóèB­>Ô1å°(ÔNdÆá…Ï(7½]nŸv:ä­Eâ£“‰šË&ñ¾R¶¢Çä Å}®/c,wIF;SM):ÛÅOÆÜGÏ3ï?­ö¯}¬KW™oŠÁ¸†®-»ÊB¡)¬ÃÄ¬œËØóC­$°©þ3?ùD5áp™°Vš“Iø‹,:>G°}•œõè¢_Ø•âÀF¤¢Â:4±¿2‡ÆP˜¢’/é¦YIvRöM¨¡WJ<m€¤FŠ1Ó?ñzØ¸,ür½¥<|5søüÁÐÕ5ºIæ¸£zÆU¤êŸŸ[Òz•¾|B8e\âòE¹,’Nš©Ú7cze«0Á¯–)íä>ÍC„vBŸiV?êélVQj'lz’+ó$ÔìÔp'Ì@}éñ ”b|d¸%ª*¢ß‰BÉõu&ÑL¶à}-/×%x"ÌzÝG	5¥9]ƒ:’Ðµ¹Õéj‹HŽnØúWˆìÔË˜¦ äC»~ž¿0ýÐe$ä<`¸BS#Ôù~º:ãZÊ6<>	ÝàÝºÃÇrƒëŒh{£âc}Ëå÷ºC°o8¾ûN%ÂH=C¬RÂËùuÚ³÷ç&ärÄi1a}‚Ôº~õluíÞ|=§º=÷¡h|y6±›œ0ÖvÿÖ‡ãüÉØ·±È´#1Q·9¶Y¡ñÍ vâkë÷sà¨nR·â¯SZ¸lò¼tQ½Å9ÈÚœ|7Âú¨'Ý¯ÖÐéÑåúJ3Î´HJÄ5(âÎ–ÞßËÝö&éWøobt»TW€©SÔã'ZµHh²€Gwìj„§•.…‘XŠì{³ê¥)S\¤qŸ ÏÍµïŸŒ&r¹=w	xaåíÙúu=êEµõ¬¡6Iæ÷ÎªñÑÿìQåPÜ1N?1VÙ	:Æ€í$o"ydkùµN˜ÛÃ)vE >ž%Yï–,4ºâ&›0nªnÚõhëúœ’k…CZ® ÷å&JKÄ·Ì¡2Z¨|Ø“Ù‡‰˜ÓÊ´v³lï|y{RÔ
adKÓyP!XL]¥ŒT» ¬½_ÿx\óiëŸw£þI&%ð,©˜ã`ÇßªUÆ,ÚhÐ2Ÿ>â9X¶ZT€A~OŸXp\ ††²4ë)E·ÝÉŠ»¬ü…Ð£d+K&¿bz1€_™4†ïˆdð¯Pý)ã¢î7`
QeÖCº‹zÜB! =ïmÌfð&)ppòî ä¹^‹4‚tÀšaüE±ì$¥Àì|XFÉý‰¹Õ°ÝÀ·ÑfÕðÒŽÊV•Š­
É Ü"ò#9k€	ap9°ÑE»š|à¨„XZ•\4“— ˜²R{äGœ×„kÚÖ~§vY_Õ¡.õí{“ûÜÒyÕ•Œ¤¨ö^=d§õ–&@#·¸N‰’H ^w~ °Üˆ°;}á<&…ŸÜóˆÑp,¥e|5ÃÃ.î[/€Õ:S\½3Ý`|ÕFŒB
aë3Ä&ÇÐÜR{ÂÞ6¾¢c»b÷a­hë¨fX¹{”0Æ§¬œK\dÑr
@:õOÒNþÜÐ^ä¾‘9·ÆÕA_9ƒÑUùt<[…	ÎyÏ§­8|hXy2æºŠ=å8b’Ö1æ[OÄ¯–É‡ófÔ‹¹ë£‘ ÕOþŠ-²ÞT'ßÖó1~£ò£x—Æ­îg&£ýíúJŒÈŸªòh-7\§;k!áü¯ö<ÓvJ`O…g>¾Î[b<¾ÕrÐ„ñÎóóŒÞ§Ä²gŽVÖRE‚Æé¾1y/ž8§ý¾(ÈäZÏòð²"Beò¹åÅ>„€‹ù¢á§›SÊÍŸÉÉ/ù>wH`¬Å14¢ÝWR±µ‡*ŒS«÷9\x¯­DI'jð$‡õWýWDáë­yÑŠÿ×ú§È§˜ÀŠç…ŽI€¸i=µÛ+ÖJûü
TËc´ß_D 9¡ùÝb²û6žÍ—‰s¯Xá±Ù‹«&C†½Ë˜I‚*B3‰™+Fc	 Îþ€±SëuVýµ"Õ¬!‹ZiÒVûq´Žƒ W½ÀIÄ]ì«"XôWV÷¢(Á/ÿ§š#Œ© ]Û{þ0GQê›Ï7eáÆ¾žü½æ0Ë4O½@%MÕ»d`D‰9¾6FïrzáóÉD2s¦+Bê²ËÚrs³ºjÇî~Øæ¡öˆ‡ä)×%G½‘DÜWæ: pxÐ_øZ¦ªÇYåù–¬’½(;”ªáð/8}\¥OLBÝ `í±GãþŒu…VRáa4nûqÉ7Ø³ˆ1ë¹Ä´NËäßÖ=pôÔ¨iÎS¹¨å¯´êõ ½\ßþƒ4äõhk3]š~<;–[h·[¬eÂ,IÞê‚ì’pCæ0M&õ¡ç4hI‹ÛE	{µ ‚XÔ	áR¨¯R¸o¯ÕÕÖ}l¢*âEöSàÀbºc› ª«„:BA§£ %PãBÜ%ƒŠs¶éâu¯(‰'N§Ã<¨‰¿÷ýÈ&ÄZ/­õƒêTÒýÖ°)cá½Ô9±Qï¿º9E´¨³g‚|CŽ6	ýF‰g®üÕ¡C9äÉ°L¨™˜nÀðå\dL»ËxÓMÌ2¬Z‚SÊðnõºÝ¹T_4ìuf8ñ±`B­É¾Ð(d$CÃ8oÞ¡ExvN³J\™Á‘ÚŽÁÓ)ï ùl% Ú›[þŸG—Î²HŒÎTÉ"%{ZmèÑéÇ#;øÙ‰ÏKòÁÜç.Nû ±%` ÷‚dß×ò*Ý·ýªZ«-ÍV56¸¾:s»ÓØ+È÷¾¸üR™È-ú¶XøÛvœ`ØbEê¼žíüŸ$¤>ÚžïUO=—D)e?"c4Ðé
–‹’,Œã;Rî>«ñük9¼†šÑÇí5é'ü°£¥öÏ°Í
Zo "ƒ}í«°0ËãÞúvfÓäñ\œ²+¦uÝùlí]~yH¬þ\¬‚æ”ôÍOð¿4ˆÀ±9
˜í.Óþ÷x”}orF‚K¼¶ßR½Lò¹_‡Çß²fÝŸ.¨¤@lÔ5Ø¦©Œ¥(àSbÊÐÈM@ÏÕ˜!4¨#«šdhzèèÙ&Ágí9—;°;Tö‚áQ××Üÿë³„À¤cO{¥´Ù…XýÚ £-`·19t¿0ÃOä½.š«ø¹;ér*dýÐA¼cé¾âè|§öêE­Äa6…2‹ýË½Gÿª}9^ÿFÒY–œDÓ¶»QéýR/µéàsm¸Œ¦ü¿!LƒšM”7Ž$¹b)a	žFv]a5«„ßÆu-tìZCþÊßT<9¥%Í<‚Œ›¦{‡Y}g ^«VbwÈÔ
àÀXŠ&› ,¡u®†0þÈ7‹¬=Ý¬´{¿8Æ³¸½ol`Ö±á78+~L°‚“7‡‘ÞÆ«*em>Ù%Õ×ÿÝ›»7Îòë$›Ö“DŽa|Ø|À5À×¢ZçÕìf‰J%®¹ã…gb9n'ãîýÅ®ÚGÄb‚ƒãŠ_
²q^GßU:Dá(¥9¦¦Ú¨ã°%rŽ²Üð‘ža™ïRP9×\š"–÷áz"Äg}åèƒ¥£ú²ÛthlkG*ÒÒKˆwËÊpÑ¦|án"i9ÅóÞÜ‰¾Büíebè±êd3¢TO("$sªä(nbbâ$?(åO+œ$6ï".Ã±¥ôwoÁ]â±mpË¦Šƒ'ª–É…‘„™Ú7ÕÇýpBÄPî"ÀûsÈ³+ AN=¸¥d°úa)´‰¡õ0"xKü8ÅÇCw8;ÑöÇˆ<ŽGm‚)ÿFhq«] s­žÅ¶§¥«Kàüú2oó¼ÑÞ¾ðªÿW)gÉ›l	`‡õDw–Î7£Üâ IT~RI*KfRzÔ*±ò°—8}%¢„YK×šï4€TAÎmn&üg1óÆÜ
[ Æ!n&7DÈºTBNz ug³è/úüó»¯Î_§½Ž@|ù)…›ä"”èõEÁËŠ@…_˜©à¯|­Bë‚KäMöqŠûº&SÔ
ÜáÖ¨ø8èêGuû³g¬ºß‚êÏ½Cyµ,ÙÃÊ¹~èñ—Þ‚EdRh5ƒ,PJÝö×¸ÑÚ]–ª–ÎYjk•¥7¼¶»qç®(§Öq6ÕéÅŒ©æ€.Æ`$OŸÁ<®’f 4LEsu–ñË¥y§®`ÈCGÇ>ï©NrJ±f§Úè„+¬ŒVÀû®#/ËFR7…”Ü¼-m+t(šßä­¸WâOÃaGú"QŠjró©P6‹7>³°iq¢AáÎ£ þºGçg‡†Oðî8*fõŒu=Wì1Ž0à’›)øÃJ	üR%¯5ÜìÉµ~;Yª±a=žøÑì’&…§n‰;ï7k	{)‚Ui»&D“¢Æ®™¯³Á´	%Kºú”â.Rƒš,òà(ù’r¨§zQÌÿ¿æcqì™¹1—U—	¬>ðÑ÷(÷àù©Åa6 ëº¶´ªU®Â©-l4KO‰éäÇzNå•µnŠï
ñ;NÁRvé“×â÷Ãxv•j=~'Y,r¹,,°©iòkÕ·ÏiØ­É"MD@»Öÿ”•@cmmÒÖ\xhÉÛX²K]ëèø¨xVÈFïàÜáº€/:­cÆr,¡­xHøµX$¶¶ÄkêcåXø	ô½
ƒ—Á{^¬YØƒjhW“ X…Ú›‹ùdï-FÑ¬ÇA7ÓƒÛ/ ‡q¯„Éòö.{MÌ¥˜r¹N=g#§m}|.ÏƒyÃ"7/9œ½Ò%¾Â[$¦:Œtˆzíêš¼ ÿïî³ñ^	Ií´M%Æœòg+‹ˆx%A ŽÃÕ4Iìáõî)ª[±(Ó’“ÁŸm”"ñ£_ºØì¾:1B"H™ãÀ½‚ß¿F|€ýd!¡-džVîº~óú‚2H])1üP™µ¬ÅZí§Þ¹.þû¤<Û¯*TÓœ9×Ž÷—y—tJÎ6—ÒÇÌÄÖ|UÃS-Úªh“bô ÄßäVúX¡*Þ¿œÏ÷mŒ ó·‹,ÔšäTÕúöÙ±ûÎ¼hô‚‚~¶Ó2¥+Q{Yµd¡¹åºçvùøÚ,B´–‚j#±ëWVí!Ž~mµ6QJÒ­Ð4õ2ü×‡l<DÍ]šŠ÷1*vÇIB[­L™„’]²ÐàBCB,–ð@]úî4ŸÆ¦éd]jêˆ!ÖHrþôvúÃ,ÖP¨ôô~Ïþáû¿ÇÝk(Z›^Äo£0ÁíéÈÎå² ™ö†‘5æLª¿+‹½²Ex’oƒÿUäÿ,Ä±¦ÑÎ‰ ‚J¯å=y¸çÊ9j8?{^ˆø)xaÞb¥õ¡ìb!­î_ÓyÇ2a_¡•Á6y8ÜmC¶„	AÛ©]÷H©[	ÄIÐLìÈösÉF%¶Î!Ö0ì”*ýø!jS²ip8VŸ>|@=CqB,™–DF^W˜eV9 È§_6KJjq%&gßÍZno'ÐÅs¥—ƒkF¶÷iž1âŽ„®¬RÈfcƒ8]N—klª£ïM"Qàª”ª ø°õG¤÷¬U%ò@¼© f¬Wûº¤]UÂÒ<d\Fñ9ÐUòó‡h@6ÜÚlPk‰ÏXJ¬#e¡´`ŠÝŽÌgç,½Ô§L;æçz£¤Ëäó+„7ø>› Ãæfªë%¸ÀcÅ	©ÊÀZw¬]‡—¿‹Íö˜Ož—•«ÊÙ'¼Êeãø^Q<[ªHªâí@¶¢g¥y|	õ©Š›ùÉQ£®¬©sRú7qÆú’Ëym·ÙKþ4Ýb4Üg¤Ñ'ýh†ÞyC±+…ÿe':Ûmf&”¥O×Ú£T‡åŽ”Ì–,uÁgS\|Çß9“½_â¹üW¨¦øÛyQ<¡——šúõ/ê}z!\Uõh8·ÏÀº(¯·½îNÖŽcýÚÃÅgI,ojMÆÝq°Æ°÷Ddna©’ë›ÐJdèwS-—[Ìä)*[%öÏ‘‰,D\Õü—úmX¦Œ+Ù„NëþÀÐ€÷_jj<|ñìFºX=9Ä-°ïô8 îÝ{g
ŒiØøÞºàßXÆ`3g&?GÜ°×…´s1)÷àX°Cždã‰±’(Ð‡#ŒúšÝÁ	CãŸ Ç'k$tör3OÞä³ÓÿR¢ÍyG,ûQÊÑbøú(þœ![e3Ù^üh7/!òÈÝ[cm÷?í5æîVx—dçšÕ€ä¾“ðòó4|‘×¼ì	’RqÒì„
¼A	Ø%°Ñkhuñ±öæå´Áë×Á€Sð+>Ü( YmÒÑæÈWöQMÓ•é5-€P¸ûDÊK­K©†!¥æB®y¸ˆvüx"×Ù\”íöY	³š”¼Ót²ï¦D8`J‘^·ÒBõ‘p~/_"%Ya`§k_ˆŒÍøØMfe»åôç[Ø~‰‡S}ãº¯yèaZT)“¦…v¿…²#a®c,ÛÐXép7‘›[²õªË›ò{J8µÈGv¼‘^@c›oå‡müå¤{7…‰=>Ð~´ô†Ô”ódÇ7:H«WõÙCo>LJt/JÇÑ¶ éRFûvï-=ê_C×”H(¾[–iAjK~Ãw›ÃóÔŽÞ<è9¿òIÈ·+”–â‡01‘ŠHu¾†2g<·jK)"ð‹¡3(¶EÏ¢07çªY$†ù"t–B‹	©|E(a„Qé`Â1[FðhéÅqti; ŸžI°£íêbü/tÈ,ŒÑRã/wké½¥÷\ŠDæU]ãiø
|ë‘]Ü£•ûËhÿÁx±ûÔ#®xýÎÄRQ’e#²­ÙTH™óù)†‚ÂB_CP
ôÎ;'ù0ç³‡	Y“üj«§Ò‰	ëèÛ‹w»¥Ä
v^=*kz’®`¹–c=#¨Àå™âq½A×sFOr^÷õ9ÝhÓ™atÅÃ‡Zø.¹[¿wmÅ¾ƒ	Ú3(aí+«÷ !p5ïm7¥S,Az"¡s—6¢~Õ˜ßn¬ñÅÅË+÷T¤úÔQÇe“á!N)Y®óåö-|4M7ûO`´Xâe&™m2}YÖ::Ï›‰Þ''¶ÛwÈ4|ÎÛìÊ1æ¥¾2 s%¬= Ðx¿7â~§	åÍtv[t_Uc‰ÆMl¸wë<Õ	iÔS¡ðüh{Òe.0MàO‘¤BEú´qÍM“móÔ¨ò2ZÁhÙõì5ËS¤TÝ~†8BŠŒ*îçÒÌhÆVhµ ´ áñ0š®çÕ›å.ê¯µÀšÛ0°ÏÙlàÜ£à)/ëh¤Þr#æTÒ+J5Å¨ŒRi€!ÐÇÇ0%9EôÒETk+dèä j_»1h†àGc(Rí]xLDfe;8zë˜‹û-;Ôñ\šö£ë'|!ÅÀù~uÌn¼‰òN„%Éb$y¿ÔÊ¥1xÙr™Ê>¿ºjÍÙ€Ø§Ço²Á¥ñqõ:DU©H¸¤<ÃÒ]NAF¾d¾ó_êx)ì@â±N…³øâ“E.Ët*+ÚïtÞó¤e¿‡µ¨¬ªuãæUóºâ‰wçhPžGOu4~O,‚3âÓ¬¯Ï4ïúfó9ŽÈÑÿ•¨½ÕïG­ ‰PðÊ’è¼lpYÚŠ±"»Öº'É¼ª"Ç%\ ŒDÞýXÜš¥ŒË*áÓ©9=FªÕVÃEÈÃÊ{³ŸðC{Š‚¿!]âÚ«TÝ|ýÃä¥XÙ’$FÕ3€€$ØùYáè@{¸Ð’€ú•K7i,F”ån¬æœ4	Œãƒå=xôÉT…	°XÖß:$ÒÐé©LQ,äŠá)7jŽ)Î¤¸U§’EŸ“0|Ex•ÝjìÍíÄ8ÜÓ‹M‚#‡ê;ßhT_(±‚¯x®Ô|NaTœÃ½cž¥-~!ÏqîÊeÖ º$ÈÅ’ŒíZµŽ†·ÒêÏ¦gûn?X_(¢ýY„¿^ðÅ¡9;3'	¥3 jM&Šb©2Ns$Úñ<;u(zï\nÖsÇGJóáª¸Ù™„væ„ç)‰ÙüFmPµ1Ók2Âk¸Õòô¢xhä•‚sO|ì’D§€¬ø¾;êPs}ô†!ý0 J©»uX&3Hï0©
lb—–•Ë~¤<`ˆg­Å•Ó@b‚?wØYŸ%ù‡uÃ¦7è46UÔ§[;‡ŠåËÈÏ#r&ù‹>Žæ€‡‰f
k6%˜Ty¾[+6•öuSÄY±‹FIr)Iðé#¦*ÜmrÛxªa©)nþI³GbA²e	×­­k‘ 'éqˆî˜$Ð?Dõ³\v>›~®m
`,RxÏR®=±xóF=um¶¬7LÛ[­(›FGÙ²MÃC{<àKiy¼‡Œ÷tu~4Hˆ€ìõV-^Æ¯$ÿ±~¹ß2eŸ§¥_÷Ðß~Ñ\â}¯œ:…eO-ÔqAgO]S‹²¥ƒã˜Fýé~¬O:³R••ê’öâÕl´<<´ë°/ FÜ÷â1Ç@Áœ,¢
5ÑdmFô8à•Ÿ	¥?ÀcÁ¶êJúúv_sv
å¾O1û—n^“ÃÈ þˆ³ÙÖu8ñfQ²Úü%Ø÷PD¼Ál*SFgësyäÛd‰Öd×br×ù=dX6¢õk‹ù|[8²D|B¸Ô=z…{aÓšÈbí°ˆ3U`¤/¬ËÕ«Ô²O0Y›wÛ,Èÿ±ü[bÖäè¢þhøHüŸõÈ>Ã†ÇÅïÁæÿ`NF#€´„Äô?ïG°‚£Â³D$ÓñÔ_ph¯)Î¹´fÄOÀÈÖI¦EêÓ±±:.•åþæ–ú/©~¶‰Ã¢üÄÇ/ØBÏq5xz$ R!K$ó®ujÚÞPœ7¥÷½Å.Á¶ßú zÁZTÚ[¹FŒgÉø0;}•Õ›`YúŸ¡ÅAòÔÁã¹?6.[Æ`‘ “WPžå„çLÞ)bŽ<ïÜÀÏp.¦ªAô»wa|Ã YLÅ,Tçfèä˜—‡˜\ƒ0ŒÎ·YEØ¡–ÞßW­	eKD_Àå33Í•Ám"¦&ÛM·ã“1ûAÁùchGÜm‰)Æìª,ë¡ÝêqKÌ-.<^àn„ÁûeõÉ”3ÖJ£J!Kµ;¤F dW|â´Q„ö3œ}nä¦Þù§‹0žüæ²ÔÜïPë(ýYw{¢žov"g&Jž;(¦˜Ä#àòá¯$“ƒíg(?o‹º‘“Å¼¶7áz­Ô.co?ÍÞ4·û2lÒ1ÒG¹Kë^U”gË€:á^ÉU•ÉP
ÃBÕ4 batô3ÝUg³H&bU¥™ÞcÛíÝ;YÍiJµ%üQï¢}9¯þ;=³¿Hß”X©—kK¥?fÊ&1Ô}«/;äx(j¸êŽ4HÉðÚyœË4ÈsÞ[ì¸KjÉì<¼CtÆzÊÙî¾y,“­æô¾©%k~²9NuÉ³¨»[ÜJ½š†`”?†ŠË-×xô«dU‚Y¡h!ƒd—Ÿ0“9ÈŸ7ºÐL[Õæô¸¾ý¥[´y5 a;r¡hc-L`ßZ(ôUôÉŽããÅåsVeÔ•0^s—ðAÖÎw+7br?1SD¦ gl={ $$õ?æØË(+æfWöè|FRj¼Bcü}Rƒau1ÜË `í¦Ý|\N†â4ÃÃ¥×GÊ¬šÑâ¶Ž3I3 WtŸÑ?9Ÿ  ÖÚ_êh-Ð¾ÁPcQÈ(þžÐå™r–úHŠÕ:eäã‰[8]O ^gîÏrùYïÈè¯ áº	ð1b- ³k±8}+\9µëUÀèŸPTÎ„™ä\;²è³êUúÁäZø®=«4&.x!Ch",+Ê“¾lÔ‡	fËk+lÏ…wrÎ=öË uNY 1µÜQÙš•yfea&Þ_Ç‚§'^ðÇÆ¼ØÔÄ[J£,×x¬NÝÚŸQí¦Ì”áê
Õ›XköDÝ3>6¯Ó§y9ôV`—wSÆ>3¨2:-Bëywd?Î5·¿J¤O€QVš~+„Y›¬—ÍPØ†ýÁ­	fKÌF×ñm|? Îb –òÇL`H~¯½œö¯º*”=	pãÃsÅ="o'×—“¹¦Š¥ÖêÔ}±èšWžVËïIC·^aÐ«ãðß´O  Üdª”†èfÁŒÒ){O3vžbÖ–‘¡ú7áÖˆð«vì Øqç– b§R¶éß    
YZ