From 276357658a2bcb02a0b9bb75aac2a81b4d319ba7 Mon Sep 17 00:00:00 2001 From: Flatcar Buildbot Date: Thu, 1 Jun 2023 07:15:06 +0000 Subject: [PATCH] portage-stable/metadata: Monthly GLSA metadata updates --- .../portage-stable/metadata/glsa/Manifest | 30 ++-- .../metadata/glsa/Manifest.files.gz | Bin 540216 -> 546124 bytes .../metadata/glsa/glsa-202211-07.xml | 10 +- .../metadata/glsa/glsa-202305-01.xml | 52 ++++++ .../metadata/glsa/glsa-202305-02.xml | 107 ++++++++++++ .../metadata/glsa/glsa-202305-03.xml | 42 +++++ .../metadata/glsa/glsa-202305-04.xml | 43 +++++ .../metadata/glsa/glsa-202305-05.xml | 42 +++++ .../metadata/glsa/glsa-202305-06.xml | 92 +++++++++++ .../metadata/glsa/glsa-202305-07.xml | 42 +++++ .../metadata/glsa/glsa-202305-08.xml | 44 +++++ .../metadata/glsa/glsa-202305-09.xml | 42 +++++ .../metadata/glsa/glsa-202305-10.xml | 143 ++++++++++++++++ .../metadata/glsa/glsa-202305-11.xml | 49 ++++++ .../metadata/glsa/glsa-202305-12.xml | 42 +++++ .../metadata/glsa/glsa-202305-13.xml | 68 ++++++++ .../metadata/glsa/glsa-202305-14.xml | 42 +++++ .../metadata/glsa/glsa-202305-15.xml | 68 ++++++++ .../metadata/glsa/glsa-202305-16.xml | 155 ++++++++++++++++++ .../metadata/glsa/glsa-202305-17.xml | 56 +++++++ .../metadata/glsa/glsa-202305-18.xml | 44 +++++ .../metadata/glsa/glsa-202305-19.xml | 51 ++++++ .../metadata/glsa/glsa-202305-20.xml | 42 +++++ .../metadata/glsa/glsa-202305-21.xml | 42 +++++ .../metadata/glsa/glsa-202305-22.xml | 45 +++++ .../metadata/glsa/glsa-202305-23.xml | 65 ++++++++ .../metadata/glsa/glsa-202305-24.xml | 67 ++++++++ .../metadata/glsa/glsa-202305-25.xml | 47 ++++++ .../metadata/glsa/glsa-202305-26.xml | 48 ++++++ .../metadata/glsa/glsa-202305-27.xml | 42 +++++ .../metadata/glsa/glsa-202305-28.xml | 47 ++++++ .../metadata/glsa/glsa-202305-29.xml | 44 +++++ .../metadata/glsa/glsa-202305-30.xml | 73 +++++++++ .../metadata/glsa/glsa-202305-31.xml | 53 ++++++ .../metadata/glsa/glsa-202305-32.xml | 80 +++++++++ .../metadata/glsa/glsa-202305-33.xml | 85 ++++++++++ .../metadata/glsa/glsa-202305-34.xml | 85 ++++++++++ .../metadata/glsa/glsa-202305-35.xml | 115 +++++++++++++ .../metadata/glsa/glsa-202305-36.xml | 88 ++++++++++ .../metadata/glsa/glsa-202305-37.xml | 52 ++++++ .../metadata/glsa/timestamp.chk | 2 +- .../metadata/glsa/timestamp.commit | 2 +- 42 files changed, 2366 insertions(+), 22 deletions(-) create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-01.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-02.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-03.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-04.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-05.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-06.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-07.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-08.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-09.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-10.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-11.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-12.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-13.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-14.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-15.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-16.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-17.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-18.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-19.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-20.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-21.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-22.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-23.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-24.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-25.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-26.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-27.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-28.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-29.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-30.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-31.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-32.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-33.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-34.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-35.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-36.xml create mode 100644 sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-37.xml diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest b/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest index deda4c07d9..ff83b37170 100644 --- a/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest @@ -1,23 +1,23 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -MANIFEST Manifest.files.gz 540216 BLAKE2B d30aef090eaffb1f3ce91f96dfcc44f7a5d1a954885fba68126dee1aa21a3de740e45dd7106f5d3ba2b51e48eda29870b954e2a90cc8bfa9dc1ac93912daadef SHA512 f9ff42d8d58ea6e6bae5d32f95af7bcddc333ce0478d31cfefb14e85c8d99eaf4d3d9a0802c961e3f7e7d8f3696894cb1d1d0e81db3807d1796858a550f0351f -TIMESTAMP 2023-05-02T07:09:55Z +MANIFEST Manifest.files.gz 546124 BLAKE2B b8c960a7f19f0cac8ea254b9330e3a1add1f4be28ff0a9b4020f5e68f250a6b511280b7dd1dec4e472c73320abae493b0ab8441075c681803abfb19ea280332e SHA512 0dccc4f920463740ab2803f55b50f1cf0df2af9d58750c12c98fe5963dc8738d5a3e8d6a895c2e0d3ba8230bb61557b6e88b4fa56b2f05f5697577b68a9413df +TIMESTAMP 2023-06-01T06:39:42Z -----BEGIN PGP SIGNATURE----- -iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmRQt0NfFIAAAAAALgAo +iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAmR4PS5fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY -klD2Fg/+P1LHHdbaCtEumGlsgXOdqMgwb2UVJgi8xWWNc2M4awOg8m2yFxf21PnT -hvscMkY3ndOFXn6hzaLCY87lv/725nxEqDoOm3tgL8hf1V6iCJIpokoHqHGr0RhI -kz4uh2wd5g91yTUooLhtCAtWKckTTuqPgne/4NJc3zPeJbpgzlqcgLNP5srFEuTt -TwoTNt99iIwdpHjIRKu4ECZMEikFSmLft0Kc0mXjZnT5BPNOvhaWY26vRT/3ohQl -kekNv1MXHkBlc9AUUJ75VPxVeRtjJ3HKe5GgSg0QNSS+Aisl9bq/VGmWhS5UBcHs -K736CImufTLCLd2WvapwUGT7v4d/bVC/L+BhGnwZV5rTQ0uCaQ71zSB/vVJdsFVd -cE2Yzh/iKFvQw8AgIsrjcMG7xqJhw3/Auzb6/0Q+rQn3Efq0pR/1NMRkWvXCPBiJ -tj4U4X724O/VhVgOBrO+5IKrfQSj+p9KjmuxwQBQenf77MF+XfOleie6dwNQCf4X -5L3b+q+GEvIrGok1+sXYLOoe+hL/RQpbVmk/HpSqSGR92pCe/DLYxUSp64k0rtaS -CA9BKn5cV0FFd/jTBGckoV2hoF/HsE/vg3qYxvoOy/PN3e+gSa/ZT6GMsCJgHK3U -/AQ2NC8/dHPAW3wU/lonCqTPt03xUq/D1Ed0/NZ7kNovux+kGJ0= -=1Hre +klAHGBAAhvLOFASJCw4R2lcPucKmYekFuZsNeQc6k51XTfI+eeP6fNiLV6nxCDxK +l/Swjoa1ynWIq9W09NsRHlfvX4x7f9k5A/F6b7JRCNbN60T7q4jOmuakaZrR9v88 +0c3xKeaIS2J9KGiIBcioyXsMTSFexZbt2Ts/goUyca3KJUsX/fit6SnY8gI3Bmb3 ++aDc8VLbqX2kNsfCBWQNtMJmytrdzTqr1BeQmaTxYrLGuX52jHU3ecGFcF3tBYLV +PBMTQfE4klf4qAcXWpOCpsa5RFtXolq/UkE43FoO8BUqHhkhc5OL4OjTeE9q6wc5 +Mcxg77Br7q5aWZZcR5rRwHj9LgVP8H78FmgdCY0RhGHg6EZ5eZNp+6OtzCkwI6et +n6z5rqSdER/1Z5vRPgmYgQ1i718XKiEkCQeTJraMD6AWJAjNTtu9eJA9Kz0Mplk+ +KV0ibpIr87aOxAs/FyCn5XibLSw3tAjMlalldpervMM9N4imzHdiHkVVCURCUAFM +TP4cq4B0QGTl+OUk83KQCo5LaKICd0YyB7dPETlMVMyl7RFdok4NxlS5LWTYFpOa +fook5SuScNiA/U+iNguBqizJiNYsWzm2lBooiZjhXeMSKMtdsZiqLMULyd++Xbwb +ajHbRoolz7wfTLtOXJtmsO1ELTs7K8jlmzGzbQAVH3rG9oyVAgY= +=SDuX -----END PGP SIGNATURE----- diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest.files.gz b/sdk_container/src/third_party/portage-stable/metadata/glsa/Manifest.files.gz index a630e1c41ed477891d2bafbf51c72bd4c132c7f1..b00ee056dd18c7a4a48775c4234f72ffe92dab2e 100644 GIT binary patch delta 29615 zcmV)nK%Kw1{2s+v8M~xu5B?<9e4hXdWCHP*t zyQ(~|Y@hMWoBpT}WJV^D5kuqf?!5dJ8Xv_Oge*CPRrAn>x7UN(y&z(07LCd$p-40< zJxb3P%~8@pNuv|CF2b63%}&x(D3`=r9PMA4`}p`mW)NxP^f`bopOU@J3iYC<)ARx( zFRg!&qxy!d>%XfNfBW*+M-QSZ5j;jwyh8u^s9n9RbPlr$oeCmdQR%Qn`c?Q&o_J6L zg5u*ml6iVGhrFDD+XER)!eI+7{}5lqO7;D$%R97hJr`y?iv-i8D*Il^8D zvP0XT2z6K>U3zdVfD74HGs`90Eyp8A??iuEj%@CcT$3|XX#jDUjMRMe^~wlL6BwBMMBcZl+!Q>o||N`0*8_}?8w--Z}}_s^~mrA zsBr=#<=s$XE8tEs+`!waT9cJEBGIzrmbTn&kAVeJ+S&%krs9Fx$ZCUP`_&Cp=wyF5 z1<4yH0fQgTEw0H1vYgw@O!gPsv4*UJ3Q354rdB|n_qhD!yG|c!NY8R8J*bA+p>4{r z|3Ou|*@2QNjR;*|SXYrc;Y;Nc|2Q`JgGs5BV`Y=xEReI``jlV%r*tI%j;uh368~8Z zUi~VrJP(oI@#{bP=oX>pyWLA*RFJhuaguakJ3 zNoFgNu>z&8r|!OivQ?>Nikxb}m~6Y=PDMM`+*+Hg+g%rXO0T^~35?3{3FOc<=;8aVH4U59_1TXls@ zzQ0sVqIRs>q+9VF{Q8GYf9mC{uq=Nq#2rPACNI!CjkuL`i(ZsTb&cq3lEe|pI1UTd zoyL!^xRo7LB1U)FQ7VzewM#mEXSC@(KugO2B}-~umy!a9HX_s+pbT|^R30G=PmZZx zcjqmDPL2>qYA>L^8Xig64wrv#%G=)UV$<)pllaG%4{yAc1)5n4>QhayAfe`25?JK@ zgv(Z^HgC~;D4%#x#f?y*EV~E6D_?y*$8v;Kb)sB>bDXoV70_i zl9egt<2|3K$wXt90!%bA4|n%^@=)K^xnF*W6xfu#_aXy>roz@MlZt@NlHE-!HPSp%sKk89+K*#u;K~e0Tx^6rRoo=g7!?Xj@}=Nq;GRniqG8zv!!eKr!tWjEcqeYKBs7YyYeX}GrbafRNKh?Y(*7oMX34e zagzvaL#s^no?MAfB>sO!*+*1OTC5K>6_Z}#d6D2W-izzeM8aZ3FUcE(uhpNuMx|86 zg*n6>mNeZ_ff#If2(K60s!kgv$JSd1(d(3=F2R1}FRS&7<+ZeW<;1G#!0CNS*(Q(A zqe!1k9ChPcQPz5RMYc$X*LA2L;5=jn6GY99*mN2bD#J>ZS=fJ?>`cnFDCdyF(^Uf2 z(VS>S%|e{9`*zAfSYf_}Y=|XKH0E3qAT{Dr*H{X3*NdtsiN3*=8h8$bMZ14Z^^rR^ zZBp;Y;p)hzWjBwU?a0gEI&3o~dpc`5=giaa#LmwW6SpR4`f~dk|FHZAOP3P3p59S# zoI$wiPaJke%Azhb>QPg}N!6s=t^Q_v*hfk|ftc=d z0?LR%O+!|4)#0t#mU@38^}&3tR^AtsLxD*i1{mSR`9p+FKUGhO>f%w72`(s(v)xsf zA~|yNsN=4|ms8+uKLW&c>RM9$DTmA-ZN8W0(Tj|sai*3pdV*KL4-0k;+ zzxlVA;Rgf)e`^p}RIN1W6My)8D&45_9FHnHm-Nk1m(jfr3V`#?gHYpEnoZI~tMzTm zQuT*S@Rj=}ysWc)EL)We^Ps?Nu(Yd`k!T>zv`#g>wqpv*zx+ zk*RT?Q)lEako6Y?k^VR~AGfdKK&4|mcaPeRzOu`Sf2eHt=hC!vf?fz``XLfHgwdBx z%G(+0tqi6mD`Ad+)7s$kHBOz-~ms z_YSEb_oWPSwaL6}`T4spxdYAX3o2a^?W;73dtR$%KVqr^kXTIv=-Zi6leFeV z+Ns*=e-A3AO=4>NQu(Amj?MAmH`yJ`Etwz3CsTVEC>1jqrRsirs51rNQ6VHcTc|LA zqd}|^fl~G~>k1;6zyfM}Qq6Rv<+-+7A;)j4S@6`Hm&0x|)vUz^;K2#sS2u7Ls(Pxz zL7kxSD@a4uVpm*IvyOuk{pj7p0iuK%Z1Sv7f9YX^I&^|rmsWj~Y`1avEsE!{H2nk1 zoaX&ok-^7myQv*FDZeN0{BT6|%WC~$`H#sJN02+^(_uy9^&k;ZlS8jZ30a)(s&%O( z#ls+Azi1mB*uzoGQVEc7s-AT1S$NhM1Twd=tsIdY<+caSV~ZncN+_0cOJk*ye$|Ot zf3ib$enszQhmG2KQ`Vdsoabvv`i&$Cuq6vYWajMvI@s~D|5P~PTvO$qa>g&J`l+K; zaWdj2=k!}Ol;arnKHJvzAo7(VpEAgu{T8?W`0^jzKwz9?H1I()fs=G}wa8?oN?skr z5Vk~VMPpfA2Pb)uNJhv6@Elh>DZs@ZfBX!BUEH&wr7NJSa*c#Yg1)10N+T+J#*Tc- znWc<89Lg8RCLBsmk>hO6%U&TJ*oX&Xu1u+=PMV4^dmi}&YARNK8wBJa5Qu{EH|)?c zwTb`wr~4rN3{H!t4A=NCH;`|9DIBCvCMCgT9dX~kmzL%S z9e@8GKpLN*{o%EA15~k{Pnp<@p&QT6KS^;S5zL{jqfBdLTfb=|rE5mqd7qvAD` z71Qwo{b^L)6c=A#Rx7+1N#%ohTF3TtCVvcSjy*XZMHAdT{^*lw@6<{ErRV`;XRc`4 ztKRnX6wI(Mr!~FQBSI10%b>dlMx5MVj!cq*h`~ydz9d_s~8NM3b+1dDw}g zIZGPWno5!_+mtME=HxY^GFP0d4j9xU(Gg?ygjpob$?RH?lzA~rYY550M(0|T`THk)%Qisahl;{_2T+< z>2pY@Wg%wWttc&46v`K@9jA7TPIyw@9MaI2qb;4{NoiVbv_N@;`|0H^SwVj|1Z*H# zc_*{7j8O1h)F7B&Qf;OvM{XlHX&@i}jq>#`Zt-hB1{8^URXY%Gjv8rei_>u0qfJup zhxdIZFEPry*m_P!rieW>@y=u*%}Qwr~X)KX@d)#$tl`i_r+ zqfN(bY)QnD6z{&f$0hB&7S(1}JFs(Rz~SO*%?m8h^LAtb!!B=#b#{Lr4r)`2>ShZN zkZ>=Qi=3MEc7Bz(OM20kacHyUptRbZGlBio$%&5JmDrUPzttmlfK9m-9Yp=eI;~pQP-=^y z(sfeYvlu!>6(@sVW%Z%ntCOvy!z&4fx9K3~XHsq0ncwuDQSWkom+qF92^YhweCrhq!fpfl;;2kYz?w6tCjy9^ohApSzAf&F@KM% zQsE6{k@W{EVcB3i#iTraE@}*`rcYsR2U4$S$}&z|ajJmB8?}!kd080C(M-MzKDrf) zBGW^k1dS#W0f&O*L&)Z^Y#@8uzV_ZBZ~{*+DWo+KwfbFDY_qrKM4mfJEyr64%eocS zhuRxFjCVTrJRAtOY4X^B2oI5A>3GyjM%X zg{_RuFSpodb4`T~^A^BW>XEwUX?dG+sN8KDDhhd?x4uLy>X4K}0UR~y7Q!#(??|Uk z$ti@sx`J}W`3zvEwc`mIA%6mg^DUoY_wl)#k_CLW5Vc${6xy?g@d#PMqg}5}A-1!_ z7L+wS+|)_3ukAw{$Ci!c-D*z8KV%y$fNR~^o7@}UguVvPinrod$_=Qd^<}kwuQBq+ zNpwVI_D%O&RuRj-`IWS7ypnWD1tf11HGd^+3k45hBG@BL zEQDTR^}P1LoI_649+k5Qm!Mk4I(0~YU6E}woN5FQo3Ha6WNEDt719ENWNq~%Lr4kH ztdK|BCan54#o$&`)`_jdAz?p0_HH;FuL@WShg!u~^`7$I)p|L< zen{cjA0{CtFZ8v>0e=o%w&zb@kD?%CCkL5&*mX5Qme!rbg71o2N zANI$3+U7WE?=dAH#RgGYNT? zt_ol*o@&%Rm_N1XY~BmCIUJ4T#OY9Y*)XeApcQ0c+3lNT3x5L%sUhd>4W@b^^|`*R z)}O%q$1ujxjRO3M-d=%vQ*IW~s#P^@?`C`9c zm)1C(FsrsD^+<|G+=OjFkVBjx?Y^&zn*xPzze!Qhp~LtVjZ&PZ1jVTN+{?=_$5gyr zrF5yfp+~2Rm46;D-sn^h3bJ0uBfa}?Y%7cs-`X_)GL@Ty6QR7mS_ z2CX|CM%Beis1-Iyf`huh=w<$#0~EkwsSFVmnIzo5qksJ67_`Na5>HWZx{V$0a%_b1 zcrjg%N9}Q5=}w1EyA;iz9Hu>aZ9Jrwcq7cy_@EYT)_ZG`C3uqw6sZ}kLLka4o3N-3 z!pT2;S*<@T{~?7JN0BlVmcw$?q>s|R+fwoIe^gYuie=f~;PTKc=hb=8O{7b7^_rE4 zAeBg;2Y((nNx-q!<@5t<3jo(bP^%1eARqk!bKcc)CvXD+9l#td(e2JQi95f|!*vHusg;w?rVsqeCF;gH>2koWtXuL@2)nygA+Y`%F zGwV3pm#X?t_J`Gc7m6GU5|mzieQj;`I@D&(BY!LIFC(%f>PGjGwnx!Hdd2^!Q;C?l z7xi`(AsO2CDLK-lC!F1zsV7daZvg}1B{DD1tPTm~M9~S6C3??u=1nh2a@C6CMx|dj zQAr=M!%-T7s^T|x`gx1_)|tT3jP1~TM7{WQHl!4w9^*rFu~?!oDpsmD2;j|AP#}jVJAQdOH<7ml86m%%i}Sagd4Ir&Z5u<(Yk@AzKmC~{)I+UM)BqCtBC1;3SRO^;nz?)J{w1>9o0gjjTUz)(dMmS}tnhZ`b>d zjBvR0lybfw>_ue^P`k?J<4AS|OKSSTJGrTAlfHzk*+XUu+dXj&=N7N9O;H6#^7!m@ z94bsW_Zl=qW+(D%g$_>o0HKxlum5E=@74O#{i*M=I%yBa0(hhTkUIdsS%2eK+fd+W zYA%qXmxRwyHY~DOgIrbiw2S&~Jm?f?XnU}43kXUo1r;yyPp5H;Lp9SrhEAzEC(0{P z&FEQg=Be!f4S~VLL%y1`D@nWS$li~8$c&_aXlyaSWY+0fAU%@$SfSa6*OvR|Sfn)nl1x#?8qzaNr_kU`FD$92o#u2@8 z(bh%jh$A^_>=fCfKn1}~J3!qXByuZ=%z^4GGg+s80bIYjKZ4wM+zL*YY@wwiZza>` z+#^@FLV|`GHDQf1-PuHaxz=(*vpS6D_2XkNS^nd2yg*zu*GcS;EPxki)n*<*gGJ^; zovJ)WB5+N|`Mf8qNq^(hgmK-AWVfn){UCM!FUqr6_GrU49CM64CGFloP%E!z?Nq|IIM3v4LCRUu z80dM*=&ghyWfv~sc5$?F@sCp7oMk>GR=Hk0xRdn#qS%$oCq?x3Zhr!DG`72Q$r_+};I#rw+bNmCVs`JNqkrm-x{BtZcPK;-Tfie}@c7tU zc_s*DI)i<-leYr4B@}B=o{siv%op{P=7^4%5NUYh_h?zi+{a7p$tqfM-0q|d_T*p! z!G;CTQL0iOED$P}CWgLpi%rGp&3eUElX2LgBp z=UVOs%ot%g)ugJ#VVmDe(9NbNC==vgEt^6a>R_^z(kB#M-1v3Dl+Y>p$;H=}ZkHCl z?$o@cB7et4howkvWp16OGfQL##2>svjk>xKILoQ`qc~(AON%GPhpkqJPM*vO4qwXZ zKkL`@VZt135M3p+1J1UGz4RH(K)Fk$FplQ=6w38OEN46Ji52u}I&gNZI>iRQuzO@j zKq-2q9)Tjs#&6+Nu)-iNN7faWAXMb-;&HAt-hV6`O%tgDHCI#mZ4gg%v*cKV{%ob$ zOSX+I(KTxpqW($}oKh@xhqR=FPIA>VcpJ;koZLLhNXl#NYI+UomE97g?CtZZcmhH| zT;DEz{;XeH2p>!c5u1^i!%G1gFX3gi*DIkodS4x7V^ASTPay%28JBwRN(smd;LnCF zTz@j4Enk_?LE_w9y!AOLWO-gnd1p)|HxH+sZt8}U&>qNLiz7&iA_zJb9dvf|I^AnJ z%@lzG{R=$(75*VByjQC^Wn6f~eJ|nE0DmV9fJM2b5sa!Vr{-?ox8ogncHR*3kMw}1aD zsrXV-A~v!-RaoD~re9X;7tDW>z*#18zFrZhodIQt6mMpu-BlAmX&*X^sr<)@>dI5{ z1=mt6FsSm^rPqS?oO)_EUu5m#+`RPf&R)ba{n#D>w0nB($0LW>I z&?`%QnMMq)hZecjq5XeE4)$vO*+qR8iroRZbT{YS08IyvbExxjIyHrqKgpG51jHm%#Iio5<4jYuUieMySH!au&E_ug8-Le&OzYkwRvd8AqZ#fv(R z1Y_kWWzWh_t}=?KYlA>ciT5g$0_dr?04QRw*{yM?OIJba{O%xz>HA?Xa8#*dHf@Or zq#$E{l|EI%14wpCjk%gFcu*ciL8QKF#rrfKj2cRz3{viTgnkbJPJ~I|R=PA=z(r-T zRG4pI7~G*gC+Hlx zGA0pKDC&4&g_k=o#S4mAa(Jc8OJ)-~4oNY|8zQ9eLr#aIZCFs)Da&XHbUff~RXr|M zU&$p+%DhCXOZ|YqUUS*X#>dk5m9qy%>7WOvUv!>0?K+%_;D0vCAE~?!6U6X<)Ab)b z72rx|ymrreN!+TPEfvH(g^apAS6EuYXeTdJN{_Si(}}NH{>Ycr`UUgHr}7W=NVuQ6 zX-P-nG0AXyzSdg@=XYcZC8HQS>TX_!>rHB(4m2Ffr7cm_#zw7Z4G=7T;_)cqG@@E` zUCsIK{hsCMp??I|a*ph7DZef<^2tV4Gmbo(sQ6|41aGlUu+kNXrH+iS9nwUO=KrJms3Dv8<{J0m5$>fn953#V4ZoR(U5GjcS;SE znayeqLY63j+)uGFyJNZaI>8JYxm;@F1gFUD$b~lxoHsS%RxeG85!yJAbj1l$kV-r} zx0VFSh5B#gQ^q;K1VmhP-Mc-W;FJu!u;k`_#D9J1#KYcAn-?3F-OI+){y+OcD;p3A z_3xK1#IN#?+~_x$7fXVDAMIo;MI$NikzFy4Ly9tqrML}vK}{j_;0(&Bx0IT7ZzC{j zym2Jpw%jcqinLCprmza}sw;)401q4LlFJpuv*7Tpv;NjR1yj3JL!B%ZUBY}^OR+LO z(SM-`Yt~9|9glj1c8yt>e0S$ho@BTqJoS5%6>UA;%?jPYZ&{&*)coi_J4R8*{s2MD z+k(%V*>-&CaQ!O(*#3VL-jXG3hhJ9}*ZF%06`EJ#kBwDF@#Nvzot3w7o!+QL zInB*x?0r~{ed$8{D*s&R!w+3TYoMCz>v7D&3$sXBOvoYJ%S67me61?0(d%ftUVqdS zq(bUh2i_=KIdMrNGTRE;B7+K*=_eYy4D zLrwakF6IO-%FiK@6xacb@hUxlFYMQ==n->F-bF7P3T*c4kzlSZ(#?-yZynpBOI=ol zF4WWSa%p$Qz3#YsA)5SsS*>3%pMO96IcFnLO^z2Sekzo);vi_k?aT;$77ho8=-;w^O%I7i+dv2dyfkR7JDsgY8x=X#Tp zKt7N15>9KYqI_(3?u)|$ZtAm@tW*x+i47ZwJ(RR+7O58(Rfkr_(@UW({eRAStGNw4 zEj(f-k6$r+Lq>K5je*Pde2Ik};O@A-&;x&!e?USXTFr$AG)3e}D0qGbw!zI)awqsJ zZacc+kO!c~0VU#VA?;E%S`0eFn4CCQ{_Ap}Wi)mwNsS6;N!tL_Mwv~w7M1EvsW5)& zZ0f?l=JwU2QW^W)vIh0A1b?XZw8O5+z2rH0M-*S)>Gx*Yc@AY`y&)*xYimoN^iu_0 zE#jOPpQ96#*GP@ZpeR5`eZ96QkP3|7f({>XjkQ<+};M;IXrSdfVsAW*^pf&aG)XSgNRE8iCgh->!Q_2 zIK7l>%{odM!pKhA*KFUp^h}3yn&QMs|1mYMwHr{!>dR{VdcR&DzAGAO#!hsR+|35o zt2F8|+$Fhp@U<}RR)3c4(BZ@J8I5S$j+;rv#J1#72zJ1I#F3cEkj^`>$CG`0~ zKlT>nbAr9539>}r+JSm~0+Hk0H56fqkC{ie5lPiVL}1sh?iy=Z&9jgq!W~nQO7l)6mgIgb9r!9bO1bE9YG8I+fbdSZQ z9ZKDlM-_CRYZtfjDTuf)ywz1o2gFrx#t96MvO(T9gC2U?aE}=064Sl`ZSa$&Q zIriUe3TW*U4;9qC+~WUF{kR<@eD#`}Mt4>21#x6M_J2g7*Sd8&NsmGYk0ZF-HA)ve zGA>n&;DsQeh@mRE&IK)!Ij6Xa=VvZ@o!CK5I&W{CG7c*hi371gv0Cp@%a_&qMW-#l zqrB2!kK9fz!|OTicRhg3!-O>M;rPUJT{7NR_mxG>pa@^YS$0}HD8>3z&HvE6A=cfx zEJ1aI5Pu)gb?Xn$3Z#(jxJkI+w(Tybgx{+Pk<_laeD}n6D#OsVXw(i#^(g|mY<}lL z%TOo6UR46%4;}?HPxWGmbp%<~lV*@zcb5~?1JGEF6ebg9QHV>FO?{b^qRy{Lf8sBz z_1kK`K2D+zw;DzB`isixyqzHLZFoI+*sz+}`G0fD)=_NUkO!L4Ksjmh%OtXDzqviY zY~Fw;gF~#HP*0MWY>0dU)YVY1$khLp@3bS-b9*&UAKsMnI=7C9ny4hrZI4UshGd=7 zDbsB~fYC1PHmUL0Ov8H$MR9bf&*ClpW4*0D$X=Jd(GYjPFegwy&(xg3;GN8yb?AK3 zFn^^$e_5?R68In zkF$+z6`gD-;B-J&ad`cB;B|*D6pa8(;G z3_bh#XY7MR@nyCCv~1#sU(`{lONcj@hATNZR@}FI-H?b(k)*w<+^KLMre7N~a>_W3 z0R7XOK|poY8#!X`@B1js#j_q;ns3;WJ-bb7?1t8p$f>8w~5obJAbR1gIDwfAD%fc>o9a-n%o1Y!HprTFy(~w@bvdxy# z1x61LqMb^hNFz8O2QOu`@nyCCykCju?>h08^QG3~NpW{vZEll12TX>JA%AvC9>S&%Q-arThrlNiC?P$7MPe=W^ z9`NRhji{#y(D-)vRy;j~+JEej>&t5Wk-*c34tN>fCBP}??DJ_wSJcOF@1*rCg45htHO?D15xJ&RxX){?STt=dh>#Uu@NXAjDY z3E@2{p(b}{X?q2D@iv={UzLI`4Orusxb;f{4^(^a%BSf0q@D}ONINfW8#h$3;{nLI zDIrKvV3;n|U+yg^S;zI%fTdwN>jdh|-k$6J?HsXkB-TJo1}KIQmnB37@JY#U3K zAR@k^JR3Znyyfn6`+uS2ZZ=1dZU;q+?K~MrTF|Hu%a=5>9RaeQ>UD%~h(#h2Skfbf74{e}8(_KUTo)ASVE4bqf$6 zlKwL#E`Ut))c0lemA#TZH*{ZYWGyw5vQ?T5mOGiYi)NhHbezYb1y*l(DZZ*ddEY@U zqFRYS`)dEuxerk(yN3;W*oDm9o6_PWy#}om9c1Y61)ZKREdM@<*^4+0r~0ih3K)C~ ze^a-fbK9#f3xA2audfmb^Z}k^rIeNb)2@y>f>^O`uOSEv8Z*p8B>yppn{J2mE$STvJ`|5($yiRQ8IGLw%2=)H+3fby}Umpjy2YHv1#PCvM+~ zqEwlZ&fuX3jOxcCsyRf$`&C01$f3#=Vm9QY7u@#o>DM-L_;AS-1ts7RjDBC}uhFM+|i^|BOz(G^s7*Nx%pNuC8Eq zVeK<@<$q;?WdyNf_eUw*b+@thu|-a40{q$%1z^G8ZD+5WFHIu1fVRA-}1l+=RINuqV={RE1A%9{ziUtz#UpU981)A^MCLAB<4*HW>l>6Bvi-bNArtc>+m z#{&?qQ{x}4pxC;A-gtn?+EQcDL7+}-+IoGg&)OIc_(3hpE;!`}8V)`EY{KWuYW;Sa zYy8lq1VPzS1BECRO+|cYKX%_`dKX=&Wq;%q9}e=B%O>Wf_|ugO0QekR&gxEHC-S6G zT~~Wk)Q^XN$JtfzKA{%~M|{1UYoQL_Oqk`R&|72P&X7!}bWzHf^{3syNlqSPaE#B3 zT7rbc4%RrWW|A&}O?TmEf>*VvU}t8x;iGi9CM-n_*jrZ(YLDSu_f@Rti)Dw#bbmj3 zp!b)K%`XR>J@~%GkPEL?_h3VfB{`SexD7v}YzUPE9e&c0n@Yw(taJR(_elXmr}snU z`BNIrnZa0_>U{PQmd2iHl;4iYT1;tTs>&UCTti7ENZ$_MpjZ_O6ZwgVFRi9G{f_$W z_#=r6pn6?vY z;~Q|x5-7G-fnQC5Dc<=~=M^mAfCt|S>`h&cL~4#)Q>YOngJkXeCU7YnPJcCd$lWAQ z*GuYaRg$)_gABoMXU>k8}K5PTqNtaveqWW?Ju#W9}IxVhFjk z5VgH^_0lveFG{L7!xt?7#{sV;e7Mv^or}rKgdw(yS3O(Sld6}ev8j7*?YW@{MDteP zNe2tpQ?iMTZC*OTbqldbYk$%*$E^n}yc9QVd*&)hMj@D$?Fi>MN%W5U)oH%9XFSAm zj*NlVtM~aJ6aE2oAQ|qIc)DdD4GhIAbhdj`a*<6umbUS?}F@D8RlmfBOp%idAROEjY2!FFiwjWD+ zwDTj`srssMH`|hkY9CbtXX1odm6uzNC3(9`$s!%fpacUhZ$mkqfuvW8ft7%8>5&$5 zcr^7*+Mlhkt=lY%)qfs29OwOl<$pQgf~z;(O|I#y!-_RZ-^gha`n{Ys_)!Y(o%HOX?&7dv8Hz3{Gn_3-Gd)s)$urZ)?d79rfL@ zxyhyA*|6;h7oU{ZQMK*f;>CK%I@46yPRoJMXo<|@%x61OOMf|BPgDs(52T~-rJnk8%TuwPc|k2UfkHv&$Q#jS=)Uzb8^iF#vy?%1~H zGVw^chO7cKUG=Ju4vF2tp(|9XBW`ob)Y*f^9V1Asop#sn=5KJ5$Rge^oug}-sp>+Alc!%mY%J- z^KN;EY{02Y$RbPGiVtrdgo6n8qa;LsEM@iEv0!?#0=4l0T&e^_+*YHKsK}lt@kkOl z9r)OmmdB`?2kQ>SQv~9M{!GL!NyYsj1~e6R?SGUI5`*L~wrxt|%WC~%`S>X}lAThO zX51XuAE|01@a(Ar4K2oH=mARHLb(==!_BhBOJPMaID{FMeLMTbiJvt@J4333sK(kP#y#wDNLoRiB)gaZx_|K2dA#J^+Q%IF zslwc8Gx=&eV3R5CQ}rx$E2LO~1c%vMovUR_nJLm_DQf zH9aEYT+^QGurA$tU|qv5s}DfwqdlU|dym0Nn>pu%c~M0xu)+h+t$5g%43x5-J%5vO zD_C@cw7_ft`KUuK$)ar!fm_GHxzt{LjjpI!8ReJiQ8~^PR#MO--wJJ%$RnLjz8u>V zqvZB69KA+0Tp#Fa|TGFRa0%Uh$vvT)Gx4iyYPVs zSdyDMLbs~rWT0J8)uT?$GaPGm=z(|e0}Rz~8(svp+v}^T;Jw|y+_o6D@_z)j4Afd_ zUsmfELF5lnsj3hW@mQq>;_tF|snlju=I-7WAdki?L07uN5>_(_P=vxfcJLj@y@?|h zi%u!MrUh+*whf_L z@))Ys&)2bR+d$6+R3=PrB?OCamC8xV0MZnCA=KtuhEz=|l~6l?ak|5#1qACLFQ#Y5B9 zytV;R^?ppl(Du09_`cR9LAkmEP)n);NfybEA+QDGp;$@QJN=|u6Wdv^C zGD+;TJayV5A`;O^Z+zPxu>%GwGk@rITl%fc?gsQMv31ypRD#4KX+Apj1(+%W--+N2dqaV)$HYfX^YSEi2l6+Ea zloP0qX)2B%u2>{n7k0Pqen$yTv#8kKx1tTFSU**&XMRj7N;zA~C6ntKjiQ6oW(0Bi zhwaD?9Di?NYig5wDOI{uq!0w&o8D}-C%&a*(8z}LdXspj*8?{BlGc7_pTH>%MX$TL zfJuOVfO(3##5TcI4giXAIQNJfWwq1J1OV-f^OwE#d$Z5({g9ZSdGBMk(XE+txJ|AU zK^-V#x9Lg($)!y~ihH(AX+AJ9+tDjhzFx&EsehP9w3mAIZ7o%Fy}6~4%aK;tmK_?m zhPj?$yineMe2?7813Nsg=aZDnbLh{(S{t4^9H*!W9?560bdsW^qeO{H7kmE9&oX;x zxve7$=tHih!*y&xJ(qhYYN@RGY?`Ky6|qbu)mj4;eOaxSRCD~8T*-3%$I!kZ?+bVU zJbxdO5EhDJ2`%w1z{9qUz%i0W^5C#^YFl*%3TaU=OZ7(%4TQn&yaI4SfJ@TXjm&u% z1;(pHvF(OSYSWqLtq9>T+^vFMiBA!LKX&dPg&&;)WXIVbvU9N+cjp#%sC66TTzg(E zOnnN8S!rB)LW|Vw3o2saRED%r?=C2;`+p_^QwoRB4$ZH>tkz#Q@T1eLK@a6^>^c!} z(!J+%1kll?8hHSfT$|P+LDfrveIU55q`iVlO~o+9+rGNPLWf(`h0rxZiYE{22%bi` zASS&O`4=kh>2x#at4_2HRtFn{Ge2w&^yg?q2TSc?S>sh(cm81inZigp?&j@L_J5$x z&CWT1x9VhcMH_G6yOJ}`sdl~8n}O19rvvs=(Rv~fuPu0&{AIOXSpH*jh0H=UcMPS6 z1rpBQt$_2$9nz3vsfSaz1W^JSRmkc}UQ_>2UA67NlNG4uYlwHlzJio54tTe!aK=l0 z#&dWxAIG+is(PKrpGx4hS`xO2fPZS9W^!pTwZu$7xIprid?qD8`Dh!C4h-w&w#Z3A zyC!~_+Gf|tX?u6?`0CZiVOv-u3*~y7>Kbu4g44^kzOKN$Ue@_7ZpFXb*YpwPL1$0U zji9Ps(3MPOXH(a)dmXIVO|t?@4InZq(zP8g4QpGkn#w6Oa#Nd!gJ>#(M}I0;;6pzJ z+B1{c@9p|=5NR5*?r{!|S^#wZVvQ7HT2|3<@NHS)2G0HJlfqF02*qF$;hmTly;eQc za9=^2aIMy55D-vm(M)w)lIY{+gqe;Elt}5|n`LGu^~nac6ZvNkaRDr@f7x!X)-RUN zAN?(&7QgJ$uL-j*J83rTzj@ZP<;eOO0rY2@QPn?D^*1!va{$tG!>#Li+3ZvtfV{ec>?`Z zn00PpIeW)H?g<}ofu7ZAZ1=adJSfRKDvbehRh;)B?EyJdtG!`Y=29fs5 zYW>cTm5=Fy&L(y`ZAAy;RcEKZ>axY6UUup@uP0K3fr7voIu`2~l@#NuIynGyc;i9E zroNRiShcM38K3mgH`3We=T^Xx!7?H{7N(uGHq!6j>7z70RYOyTgNzc_+#>800F_k7 zL)=jTfs=@!MmZT~I)9kBr_F=1C_ck;=({qsEg|r2+SqdwsdCrinA~nPq=^z4)+Fg-``q`IQ!P||gfylEJS;|Ey9hM}4qET~P zhhF#<_Fw>a_m|cBQ+NBg#UMo~cK*l_3%n3jjdO6;<91l=*6jF@E~yfu-X$Ja!c`%F zYZ*ZO()8lFe1F2=B(W9A+NT!qMPZN*h3Mp)^;y*qylfxq6h>x!iH%Hcx9+ix3S`!@ z=sz|o%B#kMV*F+WDA*-&sW;EIW7{~K9Bw%{-Eu}c2}O42bWS$7{FAuV07f$6Qz&{j zBsK0)&pbFtK@C>>{IXhqH~Sy=i5gl`HvtFQ4$u^=lYfW1gTN>0cIPd6OuU%DZ|D?U zrSm)y&+KvjD3MWT54GBrotgxyJq^~>(UI$|pN|Q=@%=TQ zD*kKs$bSb?Y)bWx#R0hvyoOiMV?TlU zB1YIknQA8~uQ<2Qn$EGHcZbw%NOyTr)vZmk8nTBTHBU>xa1hj&)%u;dJ3c0br4P*&l`>)bJc7h)5Gu&A6r3{f zPDFtaJn}`8CxyOMTf8;PBmGfb0A#f@XeTEe`2IX~n*#=mA17>` z$bWw!2p+)8vwXtvm?B>RVHY*u49)TEBgHKG1u$tdU8fk0td~m`7Z4W^mZa zyF8ckHcpI(Q{$mYz-~%l5;J(l$y+TEfPdrlvFtIofdOJ@T&hlpl1p(`630|wf^)o2 zv^zjAym#EvIg?HC5UB`otyz#f>Qj%r$%kZ&L!Oqp@P0+Uo`bBD1V4jFRLlibqpB1E z7joB2C~whkFJ{?g(|aOkFCG=aREFN#Az=UTkGh+y^^4`phadW_&8*5ydXch+0DtL` z0F%8Ya{)~=vdrp8v>1oea8J6lv)_6?0G4sLp8Z8cF6y#M;oo&$iMl;#*+v+OS|7~h zT#XvCluL@{yFqm3QV%v0Z94_|$)Niwa6pYbr5&$Xr-^4nKZbtzRq;l=`?& zl)9tc+0um`C`SNxcuR+BXP|k=J!3Hr5^-fh$Gx(PPf(I3Qm3LXBS%KKt_1hF!NM>+LRE0|b+rWRo(Frq~!^UBGU^1u%ac ziM0{)wv|}0CNv>&9I0;udgH$Wl`@SfGMAPR3qW$qnmwKFvE<#TFsP7yQzYqd zTt#UmZP_UbtFvq%BwlAEB`tfEL~qAXiLd?C?=iXYqW){V=iV;8F{Uas;K!+Slr$nq z*qk>?4?>r>7?+KNLytjq->I#sn&W@{)*9IaKv~REpByxD?DJ;Nh*c+9Qge(gWlHd~ zv?VZUFsx7&bwJ@Uh#!UyDkVaobgE}}v|yQFHorz#h4$EJ;UF^+uS>J{*B+0NQ#D`tO4qy<`0 zbS{D~yGxYH9=RtFC)&1GdT>bJA$(=eQpXvfaftv>&5@BiuYHK0U?h#K)mDe)6)d{K+p%+Z zpP}@pTH0t~FNr(@D|3GW{8TleEw*)V?mX~qBb)QuB%P-1v#iR~x_lU7tP=|J)`P3W zq_DqT*Du|`UvW1zJKuY&cq7L?D5qxEUd{8mfDF;8oqOwKA0kI~i!@sY54AasgA~dM zZLIas@qwg9VAGI+xT*#iV9O!(plEjKQ#DO$o$6?R4?pdlp5A|=lxpK!P;3o?MR5=` zUT5)iEGOh0W2#^4BxPsgp1Qay%aBww)od~!>Njsi%f<4{P`CDiN+iugX!Ot*soS4$ zny69!dnK>&T>W>o{>0q~mmfTcpxj7nTIJTTlSsAhjtc53>^7rL3XOtfjU)e9zmw#s zE_rGByybN7`RaedPG{k$n+(bXDh?2flG9Bji_YI2PWK(BO+#<>WthB$1C{iyPTw4M zs13!-p)`3kRD!HZ;4LcVKnV59STlvwTa=R@<{hFYW4ZEDIAMcbaK=z=bQ4jWDI#^S z5mm+Mju9n3B)LsJBC!3J%I8wjxG*ONKh`EIYW9Dl{L#842@J8WOr^;S50DP;%e?bt}AIIkU(1SSCtl31qGF6u)GT1EjMuoCnKU*(m zIU~)X0z0#t;*dIp7KcyQ3}Qdn!)qrp+0e6tH_o2~XW5%h=3qLo*tGTU=(Vy9um5I0xbJ~~Hy8iaoy9dD$s+(!+yc1Z@iAt5>38KpF zSGCjm+1~gsnZ-^WWg#Br8bNu=2|WT4UL}%ei=p@;mzZ2Hm>}l1Rs%GiL<{9(K$%bE zjDUZXUg&gL6d$ZGTa&6VpK>WL53PgEb~}@zU_2@n530gkbdosO9HMaxU zsqS$JvI;Bo=u}RG;#jMwma8^(w|w8IzHeeR33^{vEB&b76At?lA0mL*`RvczTw^8qYprU zdOk^2?yTJSd{xypq6Z(Eb%`}-xtUU%bNYC~XT~27g(t{8v?f+`gK@W>HIz zuNlg8+)C9bV-0vn?Wd@bSz4S@k-QYoF{2@tpch!1q!9k0TJWWaGLXUB+^NRvTw2T6 zxbd3G`@1L$Oc?a=@6Xrm>!bgHv*COz*+CMD#x_-}WlaUJK0!~1`tgh@x- z14HNSWUa0OQTK_H`e|wr@lXos&9WO5Vf&tvEKZ}bh3}C`wM3zMe8KX6+HO~P$1Oh8 zO+96cG8FbeSOj$r3akHw;FzkR^N3rtQf+$*$cx=4yQENCY%`%uh*eUII3Rn)%L4WZ zh;&genV|bL2Jy7^XAg3bZPI@**ZYR7+m}~5II2Tb$fHsx6z@81T1_5^pffi|L=`$V zjQ7uRk3X(bO^ZeqU7+Ox+^JVbhrulkDB{p#clbxcA0EjQML1M7Q`X1vEpGi{`J6s< zY=T0g@(4Phw@UxEt*%0^Lx-2f(flexfnsA$Zrg|)U{7|P99jN|K$m|dD}xyx0ts

bn+@!@wp+WRM+JxlEbVNKqq1YxrjBfqa&Q7I+Z_w! z33;YbA>2)kJZ~KfRCRfz+%Z+9`XrmId(IDv*EnSt+n&8Wb-$%9d}}+*NA`ql=Tmhc}34zk1d@cBz?CfYayY z&SLdX=Z8p7=13|?4b#bsV8eaj*Gl$=UMI2LTeLWt3AE2h?YO%0sn!R4@mAF(`+!MQ zZMz?Lv;+vX*7f6E#knVne!_P3Rq?KDvBm4!no1Uw(;2O1tBijQpJuGv+7xX6r3Vp@ ze^+Z>k6_9vhqU3vB_mfYqbI3lPrkeOxXEeNn$_q7JW)!EaGd6l5U(auqi&Y*k!6j@b|6pwX9bDkfOLM z@tWkv%5LGQH2;5eVAngU)9Da^eWDWTQWCGFG6l=DC`~C_ns%6^?(S5oy^+JAGCLSEQu>rlIr{VEZ2 z%v7g5RK6A1M?c_HdN3|^u_r$Xgu#ho6BTbZ#*5QjsDgi}^d3q(p5f6Y8;qgLvJDkc|w$ftDS($e4V9qQMF2={}}2b6PK!d3R^4 zocMCQ>C0+`f3-&JDRfD49KJbp$yyX*52v2+J$hBw%Gjn>3w5+}4Qk2sxd%WU`c#*h zVq#=H$(DZ?L8-RB$HA2`af0jy0CY-)PI%;9Nv7|*@p4>VchwpQv7Qb`O3lrR>Z>rP zCzft)93>(kYomRsxRUw z3bI6;H5cgt(%)0fwrALZkfTdrUsjT`=x#^Irs2+>OIhoq2O-Djx>b-&mwpGXs$MUF zBKPuw<9IbbBsqxUELWMVdetwT5hc`O0pFcAv-7C1rqi*u#R-wWUhhP_?W-F9flamTLq|0{5eH zVl7M71-XV)JhWcXi9$M7Ib}Ct=~Gae&DU;J!|3Y_V}ES^iCG-iG+x7sZD2qvBSi>4*IZw z#mW`A-E*?n%Cqi|TGWHyjg`H$-k=%VyMrbECHz6)=ep$*zF)Yr2 zG%@PJ?w!E38GM;)zuQ_Ymj)_b-M9FUZlJ4`ezE+AMpDs@f_Gko!%ZtQr}%%Z!zf^! zzP#B`dbI%ow;6Vd?29Ec#|aQJfGteQkSVQHZ=!wQNANmz@yv?SsK(ip$RgxZxqG=! zS*&o|d-he|ABTjZ8SauvATeA2D>X`=Qx7U?PoVGZ^tzU~Qs^&5=Sfd?=^fAG)p5Q+ z&X+fjnh|X+qQh3M7g&SxGXPiPU(6hRJ^N>6IHs?A}l7X~!upiuO-ILp2Rq>Le8sQ=A|iyEO2i~!A? z9+p&Rr%QFH+|G~t#K)16mMP`C-u=2eqhsrkQNW@ZBMlbj?=%`)fE3rw+3e?%7d6`PN zbDZ7T^E@{@pysUV|66~j`M!%6YxkxoKSeiG{(jtKKE?B72P!n^5D& zO6F6Ob;&QjCjc}%cd%%{vUrAM!$);fU8C7&s;*ItJc^irF{pI;|1Ycc<<3XpPSv;h zMcV1r33B3q5g@gWd>m}fPWlGnJ};R{X^uPSZvei2vi6X7Q%!$OT^UW7sY4_=cilW6 zP@^=HwUh=3cO*}pdd3gH|L%~!ZeNGDfJQz|8$oJ1S`ri&wRp^1{wAqLpx!>oKn0VM zbeYV&4&VU69o(<{tfJOn)ta=0Q6w~4E`jL}P~oDsD+h&c)|PVniSr-O?w8g2<8OU9 zzk=l?OaZ1i7D0cZtJ^!9;F##F5`9RK&M+LeTgax+3?!eU>UZZs3{jzAX?$5nBGpIi zmJek>jzfa{t#fYUFdf_dN-;>COa>UGy=V5fF4vvEbEs4yLMVIi$eibE5W4$g#* zvZqXLY9}lWQ~`;++adjdSJ4y`?Q#e0wMV}ljG&RX4Edr1%c+}Ap2h+l(n{uFbT)#Q zd@~3fe-V;mQd=~M4QJJwCat}q2La&R`^ITamnI! z+fC#S}xt0 z0%bEB4;sLu!7iO@@m9=o(eIdT=+iHbBmhOlC);%pI050u% z+9kl19H5}kHA!)|W}HOWx%Jq2f=9c_3QUk5Gzc7vY^hToFqX(E@0GKcg4g?jT6kRq z)^PPr4>A;~e@7K6MKZl-F_f4}jc>TOe{CEE1Gro;@MCu_$07nv4v_CuBgg56Nst{1 zJdqkSU_DcNhFoaMcAeC9edFBTtB%`3)A~!er->5jXnKLPY(%ljUsmhoe)O(<4o&xx zLZag#aM^!ye&&(u%VxSfl?HHLRAp85(^57**_Ei*)j&-%O4gW4za71tyMepFf4h%X z^rVEo`@&!o3SaMqq-!U2U7Xi_PYefIFqja#l0=kWeO@B|5vR za2OR8*geQ4K6FV}d-Bxms(2wKG1hUxcBaD@2Nt5XOWM@4EutZPPwiT($Pe+>F%wSI5N z!ug>nrRR2Yvfy~+TxInUuAH3TE4^IK2Wodt01;i-Q0R3xh_1&|qN)Yx=kg+BEX$P! z+EbRq@!W9kyAB@6y-${t01vQOUWhAO{W^&$d9NQhZe0&H;4ewVq58B!)eQTTFeg(9 zv8%KnLA;XXeiXGI#b=Ws^w*Jd% z<$twC;sPbKMlDT*Y<;Wp6qZO|&JsL<$3bzWA~`W@i>|TTIZ#xo-L?$4*-5&v)pSXs z`s)O67EwZ8lCr4EEommp$sjIg@C{k*X2n1(?>V1tgS$AzpipqLmWmD(v454kYxee` zZ){9mchvLp-bO}NrD*H>YT@Wlt+K-G)$w+{T3zx@deCs5glc^r{EMTs+nXnn*wrlh zvRZ$Y&&S^CYSVy2FHwmY=(<%>1-1}pcs_u>o@)v{u_wGw71akNR?C2=B=EZ#Sh3Nj5FTn z@WrmuL3P8MU~}EAlJ}HT5uO8p=q}bo#ZbdXzkQ|kwk$Mw=^*+Hnp?ZXd6Vs9=Cne#|md&lHPJ))Dh8 zA%_Tw%q1efG_xXMQyGshtM$j1|Iiw_w|EN2Sjz_i%<5ALUv#3J6Q)9s=ZP;XMB%xr zq@e3a$&%BjVuj2;`**-Nf7xyUVAGz+adc`T`6NB zIVBpiAKrm~55bvfe9$2IK<#gx3orHO(}v{_-xyWelMQhxCa$hx4Yl~oy-7Qj*h!Qt z{Dp^#TI}(6Qv;wBzO2?Sf=C~(Z2)!|&Q|Kf(N5xNpt_nto>5=ZNJh}J zU(0d0fueo0Zq-EcC`oPOir4~wyy@t@zG@a;hx6UzwOU&jmVK#q z8XLimht`130alGv75Lu@8`*=Yy{62(wv98qn?Hw_39HNAl#I(`Q;VGrAZWJ84$E8n z=9qintV|WfwbxPUnxODywf^|>@!f+kG)BcO+5Jb1)W>9(y7&_gIfaUbs)`>16z_Xm z*ja`hIOJ4BR#6oMD(0l?-J`AHk0g|rb>!De%FVK8%$LkN2wi`#-sy)DUO9~n{X3fZmoY zBN!BDbCC?2((`{H6$gq*EsG~0^d2`6WJ_Z5BjdWa8;;u3-o5@;;b5=UPw(^!A31T@ zP^T=JnjjnsjPoJXAvFb7%@^4C>CM zo;Oeyu-TLtNMvr#H$Z>!x7jK3{yK@X>OwRgK9E8|SEH9FJqXo**PDp>FM>#~oBi|= zx4I_21e?*#9#UT===f74w<~?X@@+u1Wl^(Ic2wRhvWz!?R9^>B_KJkg!G`RD3g@21 zk98|HC{sCQS@G1~Wk_-Fv#=p&c=aHXV>fG5l`pk;sou#H<$Q_5-Ol0BFLn5aTFplw zttiEnRmQJ6Q1Fp|iFPwReR)spunO_NT>R>^!-<~1z#hKqmI$rUp_%v84Ce`7RxAA8 zkbT@Ip3Y=yymSHPZ!M>_lvE$M02C7$zw?qJ0{(jI*&+8`hpnX-9TkbHZ=m8p zvh-$w?@$Rc^EvGEDK1-8*)2zABRe!NY(3x8oJ1CF2lcjpNSET0rC1R5JC*2d&QwWD ztq8XE?VZjeJ5OIL2co)CU6U<2OP|#l2FoY!DM-i!FO^w_6K!mO&6&SK5o$dqF}?G? ztkz4J<-?(d7*v#w0=n$!GJpdN>+K&6j*HrMH)d{lvJlRWu6nvfJtYjfzyS)xvu zq$>HcT7T&D`p~3IvSTUZvqBsq%R}aYz6;InI0#;U*CBiG6h->-ILdi0@5=MIozddq z_e~z3&n?N)0_1;z zHwerr>EiJCZR=xbBTA+=q2D&gk9i3@t5WuXjimgP<`hY>rZ9zqj$=;UggnqIt|6G^~nLJsI_kcH4y-c?w@0;gf;cGhPPt}Z-^-6 z$fg=~9Ft2LUL_Mes*fn|UDLy*%3|Im1W1{IFWzmHl@$ezpqixoq2R1=G5Hx?AruYl=J_V&y!jGtvrMZXE1? zK?|*UWTowG0_}UA_;z+4J^!t%URP%DMp z?u`@hWjZ+kq2l!pFidRP^$@|;$yH*WcTRC%AQ!e8o6Dvr{d*tfL}dSj3ZT)W82srR zA5Tf$Mem{s{2JQW1yeJ@@55^SOmm)pZ`D_)hlGi?E1tWCVrQ^nCI+>HZ1Z3@c0#DW zgM_TDGPr6}}xI_OX#k4U8ILSPGmRn&72hRz2Aa zKuC5{-RaV{(-Lp#$@*&DhRc)xY=z_x=;w0Y_UmdabdX(oguY#lB?jg96odeOYR?O3 zs%EOuh*rys;HsrJ6b<=C! z6J;CBG;3FZ%8+9KcZw4VJITh?YPNo(3LTmJf-VHWMIbxtaNh?9kDvkAzjlFaZbg** zTCJs)Acq#*L@4og`C05?B|V3KZ6oKYWD@+|T64X&s=6A}Nw-cdsuJ0qL~z{Wux+a@ zVvOlhkq?5);89yx4^nYUwJx%`gO*7diVXs#Fx7cqPH^h7%i$ zIbj+mL%i4TTs1tLED63R-h;Q?5Z+IN=e#_s&JhrWbW`wF@Q^Ow4s*r>R>)BVwkSX! zn)<(G3zDd2%2zVYpRV%?P}yglT97%qR|07HREpvFuv*8DU-esmzkJF%vtMzWc)(V6 zcU}j5159jE90umcrthOH?H`k(V;4l4@Wn$ml!1*8=Y3#BfQPJFlF-!d@oCpgHr-Xr z$UJwlLSv8qH9vUZX+#R}B9G32WTze++_8qGDyhmN?5+N#m{j=3?|&T6t?}I)9h5&55FpUq z+S6*nXH)jDBx|!1Fu_vzi}`5Sc(9e?)^Snfm7HlCbVy5oW_3Db1cwPagxYK%vF|!Y zMI`VMxWhN=^WGiMwouY}s2KCISvtvbE2YP(Dc zdWSANr;WC@#5~(C1#)K3AS;o)_TW9B+x9R98|=JA8LTBi&?a(Q@46;$i$8gVY!!?A z$8S++@$2?~IW8sL>%~Efw*3oifBk&YU_)zHs+MTc(7QO=ufpF5+qoW8YOU0+iv)IU z3J4`{UDW91n6ug1_AvQs%_!TBZcFoNIZMU_$f)2?98-53BXvrK@n} zZ;wrXzp4%uP>ytI8FcDAu*Ko;IwC9ImNiyY)A$>N^1vO`;3V`{)sxS0X(bQ+X?h)% zQP*QPc((GcXB3CG?0$ohG}Ix%a)7LCk-1(`{xBKL?P;i%K~(!tofo4tgvb%e^QvYT z+eMZ2pZb5@dI$9_zcTCsy_`*1O*0a}JXmsns9mg8+XZA>YhMZJ{C;||9@YL)T=xTl z_*PjY&tJcrt8G(U$FSI8HybnCh)^HW#t{$6_34;LKiSt2sOZKX#k)}r)=1!6kZhO0 zGy)@fIxR?aQnqKPZm3Ln7WO~vs4r0{(pOLtc>FF`8OJGM9Tr>_H76-{7#>(M4~?OJ ztoGlYEieFYI#p%YRhXZq(?O3DW=8ww*wVV3-nEFKp3~G2h#;TO=YnVVpz4XeM$-=a zD%k(9T;DQ_PJh3^e0A6yxa9;`EenzXsZc0b^|pN4)t&NCX4GaPp6aOzu2ZpzJjxUF zda|f72&E$Yv8xVm*AF{pgboDx=2^0TTQG3CMp7wcIOs(-c&%2jIVFLxH9UHhP?$lS zaNCXvq+>h4D;5dIW=;STz@~Yb3tFh&&z$3S=v8Mo-Im})&hbCHrB@OTJoZ*r)e`n3 z`&_%is5fQ-Tz^=tA246vt^+maAZ~@GSQ9_@CNQ@hnOFb=B|2qyvL0I-R%-u$q?n&R zbwJH&``zgsjpOf^7hjN{#*YD>KLn$R1LjkOyBX0mR!UcrAWL)*?k>i@Tqr+qSN+XN#fz<8*w(;#U2Vaf$45R3i z^Wo@^b}kdH%ePXj>JA@P>-(yInN9FpP*k#QXztVxn>UA`o$vv3&CZ>qYimPCFGAI_ zA&+mrQ3trTlbY^x8yD5KCkKT(Ng*lq+|y0$30mibEp4aDD+uINjc}_#y;kc~Tp5VF zc9Y#@8w;mapXc*-a)H3^ZM2sT&B5cKWzVTkBJbgyNm-WYNON2L-OB=hJIbe;L(b#g z>LFcnsKK#59!Q4wWv5a@maqSLwO%rd?-B<}>l0jx67A)>4=1ssVC?_k2IZI}}IMJjMdmw`rHJp1VvRgOcvcaox&76KJF3ydN~mGxh!Dw#I*mzb7c3f)uUH3k*BuzEJy$rM;@0fgp88}S?gr+=(J)sRi zu1pc&?S6rIUI027`LS*H74}eah#)9pe$&0mvBx zGIKP%|0b?=bE&c-7q9auUSpLUlE_-}24!|_L_b{2f6FX?MpY|bBX@Q{K$-Pb?tT@x zSFNopQ(n6g(HF^=6f|vJQ(dan387QAv>cDpGPci+L+J+ynGevYl+_yq%HK{#>E8la zJ2h^T9jbE_9xAn z)!vTivolA3RLpN*0G21I;IL)bkFjMqmilgL%ccweG`~>Jn?K( zqtR8BnF%75zi(WlW7cNYl)z#k&`~1j)hDIJCjP%}T6w=DX&uO~kG7 zwJH^Vy6_G{^{wB=uo9N9_J+3rxN1^&8P2K-$dXSplxz>2I=?thZ>+!-_P7GcwZhJ~ z3fjTT_IdQJ%&)qk?Vx(@no*TYbCwtwsl5ysf;_(m-qPujJ)?W#!)kroAH}zmIAvn$ z_pr5mh-c>8b8?*dg~^vu>bRkjQ~|DklG0nU5%ow015;o ztoAlL^b3i5z}OH=XuH!UF7GI>)zSq!rMu+*M0w~U2rDJ2p5C+X5RY@(;Q{F7usQxn zTGa$kNrf7%R|lA?YR6jk6h+?oQHdC@DFGu}p2|-2mF*iMP(Q0h4Kr*16y<-~M&1g4 ziZV9UWt1J-zLQJ6ZW1m;&yvE@5X5#oxebVbVA1peT?Fr9BSu>poOl@9y8|hwMl4D- z1;VwiN}OtdIY~`h#?Joanee;i4={t*RdYY}3D?Av#SoX+!KKQcX;)V=b^-WCb9hVC zAzuPi;hSo$(Z)^7#(>fZl(O%X4PA=MSsMq(|+br`82`lHvzNTK$ZNWZL&czdGKeLAu%E>#B@OkK z4KMy@E|x1QcpfNKQ&rXQAsa<<$U&lG10>xC8V4&vs}3T{^NL&g(-jUkk&iRG-Dn7W zv8;8eapm+Kl-aQ z{6P}n41tG72d#d%JpGY>ShC+|LhVLT&$=V#-#OSM*9YzcB^ zZ>r&%6Q4+(sx{|wB6|GOsPJB`?@I(XmV%6NX*`=)xPm`EKd{z2cn&cFi&)?jWCooHz1v|()y#%_lD=RK#i4ZR1xbv)p1v99mXfsc-O52q5`I{%FD&o({%zBJwj_sjl4<$a((d(W)K=WN zH?Cq`m|+FPV%eX6}>yVu}xyeo+0FR;HtDxpgB ztmpD=L${r`I$`@OlB8l<(~n`E)=*<3tZQF?9eEOuemPfBjx5|mqwmQ#VQUWWct_9%dkI5;^cwUPrsAhJ!K5kB$6Z<$56`Y)>Bb|TwkAMHq|N85{ q{mY+!`(yq6&;G~%{p+N!6*_mX!ca1_L5F!}-9e^O{ zMFKPfGRS}~goXs@&L3KfRh60gc6K*TpR;%UL^4QsbEmo4&^Ww1FMox`M{x!rOAcYx zJhb8M^`Leyh?ts1qw+~863t4F((^@glyp$i=!C6{u;yK}lQb2|CGi$V`mH5f=E|XI&6`C6~2=v9@K!K_&ASbo*vC1FK6KP0E(TOVq2K{mmRN;q{=}A6Y?Us z;ZZQhk-_pliAkroAwf)zuor^t&^9PS9TtB`mmVAo;6k?5%yP+g%kjw3JCT+nTVJR1 zW8_Ap(Jss3Q|0RQRU_0?Rc8)^iN^1plpyR`I@XxizpU0Dmj6HyWZ86)kTf#oGz^00 zCRwb&q2vuaGB)m8{)&A)GJFAQoWMwVH zwzk2ssd%6^vf7~7esu#CIvGwu^2SNP;D>XIYqEhX=QcBw{l#{yA?u(*5@MgJ6_DpW zE`Ry1(}x<;vm8nfs$q6$n=!P}l7usRxJ~DatcxPqsh&V)0%Ot>cqT1iE5}vIf-kG}Cz*equ8*62 zc1}1oCJfea4V-tju0zhPxyYm)6Cr5}QwHHud4UeR3hs!tRZSQum>G#`7{Nu}q zH{Qwu&8!9WsU}#EQ1dJaEb@NBWvkO0%cE!*q#20h#$2U$o$ONZKh?zC^2gh2n?1sb zmR_H1ggN;i&QlrnTL~1fTH+|l%9Qf)o=?CK{QCyL&x(sPBL3+%G>w3T(>W zdy#=bQ(^0sNyWGl^{lit$HhSQmx6bf7r6SYfmDabHS)x40~c`s=k9{p(zX0knaB&4{19!QQ#8L_ z`4p3xUWq-bZRCEoqKbdDBGi2KxJd-Ip;e}OPp-r#5`UxYBdR7X)`yykNiXrdNN^hO z#r0?+VKJhYd#)IQmW#@9O4d3n(nAT3^qK3*Nbgcr;U#c+6bxKi}U_bJg z)%wNqT3WqwV%2ou^uDBQlgH;#q|YXfy78?jYdyRoTcpG5I@Es;a2~RP38H34Y&wkz zm0_jIENo47Cgoa`bI9T8DgoEQPu2 zMOBnU-{49OJO{#}-M^;#$Q_$DsrTb>b>!2sn@7%e?+ePIz$6a?jPT<8 zA;PAgs;5MC@hHgz7Zk_Y?y5_X9JzVaao6C>DR8zQ0pcb)buFp>ltbo^Hs4G0=taiR zxKq{#A6UKh@a;Y^e(_-L_WQx#{I`YS2Lu9tH3%%KR+{vQKYTuwZq#{>N0psR`sS$1 z=w1f}!1?AusBtUJCTXJ8`nKh%N*}cj>`?rOW5;VH6r7H0-&OT=r|302-Mz{(h=zpr zDi>J3r33tR&T#6&IR))mb9dgz)VR;7Gx8V6`U`?ce;k{S+gEX*(lMU9M{P%6+2urk zRJQwbX<9l#FN8Dw5D6T@=*uSM?F{u+2Gf$2uuRoVhN9M0`AKlZGXo(XD-wl8f|tx{ z*{cJ<;FZ%#Y)fsXYvo zikXa3b-z8-nF8>r5E7j&R2aa~AXbS$DSMiA1rbbO0ku7;W;)XHT-&XXD?K;A6Gj)Q+2!-;;NKIHLMxwf?aD$K;A5$er@( zu%hvLkcgSclL6*`YeWqIa{yM(w;QYfcT$^R*=XMiK?sl7%2L^L79o z?0DIKDx7exsd7&_;}=!^)X}Oq8F7i(7wu`44U& zFitWW_@J4~=uaFLG#Dg(crqog=O+}bJ zk9-0(6)V3D0&)-tL_zr*cIcQ|MSujWjes+&q6q+U%o5~7j!yj7eUN?zr$tkSYy2lS zkZ*h`9HdVsCBbDKao@j}gXRYve}4}kjZe`2@LIY7s@TpaPMW04VFLLqEeeUK_u3D(uG^%cji?1)M6<&;_@ZJct^nkH5S2XQaZ+m(QX4se0nqKM=p$P9~(A@(gPVO&9CP_iWU?p1G z?YIZ^XNlK)Xdeio$=AF*?8MQWB@Js$CCQd;N|rct@)}W@E6!C14C;~Sh_QOYERyDA zb}dNCyp~Y_$n0o`*)1}t5{ScAbW;X7ZQYWptl8=*od3DEu;&MT0)IbOtA5D-d^jjp zhcwm72^vb+gC__b5~YhkLOgwLPeetQC&63COK`&vIn}0CS&nNqUh~iyl>|uDJ9#Pr zsuwrAR@BR??~9t_G{eX0#r5mb=a5dzLd?2bQCh4hlrLC2PVE?-@T9ysq@gcITRO#) z(zM!Wf$|9V)5}}3f`4!b*g&%KPG)5pq2RlyK`_6h+DuW7+(vNHKtBE((<1y($)G(zm*L>zD{ghKs7)(W1Zpv|T7LwwJ5s)6$!kE1u1x28l$GAjLHw4jZ~=#d(rjLaS$B~dc4|3zH-N(*}kmS z->C4X6yE))rOYy`(RmZ}9Ulcpn~vGol87ZK-hFqEOWJuYs?Dr+VCT$$!^PE_7g(U@ z?Z^U#UEUDu?0-HS)TS2I%@!aa;a(^gIW_C;{3>ym^r9`}&}Pd)X|+3N0{f|x6CJlJ zu`4Tnt4Hhrn{q2WV5#DZ1YB1)Vjg>fS`;hi007Pj1Z`{m8MQ3G)Ylm5OnE6=uJmnh z{gyr@zR7_gfQx;u?o6=@>xU(xOT`cZsEu?0!FiF6;-Mf7>?Q-Uuc^ zIDs#csq_KVKWEf*TD7jB)D}Ud>!i46F?5P5P6ofq>O;L(CtFE}R}u_w(?QP9q}s4E zzv(@r=G#GFUF5ZEcjVC$M9`-#Y-HsWIV@up1s`}jxBk{SI2g=p-IF9qDGnzo&jAkD z8f0HqEB`y_6LX=mwvyaqe;!w*!W+sW>km}IvcYzWNqPEQ)EHJxpTgV@q+ZdKWt_O; zQ~`%KY9B}PvM`pTnS2*~bSoA`riVTW8cikw4h6}Fkj-J)K=!nK?Y%?b1fE_}NNXZ$ z^}DFpW^c`jJa?2@j<*t)bt|e5wKsSe?{w^WI1p~rb%WBC|NJR`aQ6M3BLJC>fm;4Q#u9 zP~D+zvu-ah9c=Zmf5jj_xr%UG&^+V-=~>CnO40@R^Xd<6YZ||C#IE@y2RTgKh(Giu|H{EYpMJ)T~SJJleO4212ki2aNDBy(wbhdhAtgk!LLP0Ku*f6VA%$mun1qim6oYFgnUaHP> ztEN=Em3Qd#M^RLJ_@X_|B;;ATDuA(gs!{h~{?wwgc`wxFa5Rz=r$gao!>m$)R*;2d zw{Maye+(p~hMc!InCgMl=lZf*e**I#!x%?53h*a-dj;xExmiT3R@JnvJvL0RJ1m(_Yvl0KTJ<{~{fIuPx4Y?=t8*%7<5>nI}ckR+_l zQE$ru@TDS#dJL$wa0m-I~_XhQZ#>ZnD*qg@sL{LjWAE+gIcs% z@2yFe;7uk_q-L-Rfhe(|3gtR{5OVnKCpedQdKF*FPw6bpyn**-=uS;yJFRMmg7Kdk1vP~=#Up!DMFYiqmLp*CwCe_3&V z8IdJXH@c6sJ&F#}EB;5FO2o{)sJE*K$$&n^K;q2Z_J#l({3m6bDk$HJ$bx0^D zicW|u(R-dVZ+c0Rt5zI0D*d{NO8ST$j?xfR6~D35&s)s5&IFETY=`C}>cywCA*BHI z7$2gG#S(>4u~NN37{`|0sj{Mjf9iPzIZHcg*zhgP|AG0dd~m?8tW2cw+JXCV+by~% zTPT6{ctAN4Wr#l6_qBySGX>>AU7|C~rP=Ck)IB>81F5uRaTL5A%BEHhv!>+rM=9kz zz=F4-aLRzbUQLLwJ%|;g1O|~obX1vx0y#X{@ypY>iM%Dq2>In)oWJeNe*;Er+ZbYA z3v|H-^(&eNzh_!o96@^CDb1uzHt2R<1l94&TXEjY*6O#-^~Xu7@6{p>=$MwhzCAP_ zkX=0^uM3>3oUhlhW$5)z9%2_qgKgfrlyaYRA$T6nLs0Z{D}Yc7%ty=24nTBtBxqry zEp8$%O|N#emRm(TsW*d5e|)!&M@vD~`E-Ah&MZ@eZK8NQn@cV7u>f4!RV$sL^s|Ju zvr!sp4TDN4}ChT#Ld=UN*Z}Lu6wga#2>1T+ne|)-SA85#@c3L`5 zr_JSSWc_ioURcA?a#0iiy54tWgu|t$l=J;yFDhez+Eq3mN3tteQqvFK$xU6G^d)4? z9x_wd?ulzSw|IqZiYhRY$7iSGP+`Kk*Pt0PJCR>2ba2uK2(7$-{ZCf&UaddfpZYGV zllEXNfH&$7xdZTHx!4F!&-<^m~tN%#z9!y=0{$W>)eyQuHRgHC~lwg>yRfS{yO zQ1K%FbQ-5PR5R^k=#;8+qP!B-jGpyop4tx35Ex86O|sX;{rOpqc2XxUAn^@YF<*>=xO4x_6-!`tSzsooLI7uv>6_?l&RXs>%*Y) z)}ofMMX#}#4Gn$YY*F<-4y$4ck{|(W<~ZNX(}OipqfKYopd8YnUdH3VRE%mHIJWOp zzy!BRsvwzkf3GH}vV5mu9MLNmZC#X(IFh5rPLVwdR1n;>1JvC?BDaFb9H`DRlXdDB z!1b&9BglQnt>ARY7Fs&;Rx*9gJ#uv`BxtBn6V@oxolVr2Yb_@6T#7}vc>cB?9A$e!6G&&Xcs zsTOa5ilSdCWe2CgCxRZqKn_e$Nt|5vzHEp!6)plDs&O=6FF_WQE2z|mt% znI}mxe^D`9jg;;Ewp+R3vBaqo?Qg}CuSaO{B*$K;AEfU8MR^v>9&Ol$V~(+>q}>|` z>dw1py*D$zol5u?=b4->NI6Ry13ga}y_GPe?7{`yE{;|%{!^-(v&^T&D%Xn#capwe z6uWZyq$qz`t(W!d`_iW;Ahec6sh6h1TnyUBe@#G+#&&luSpzf=yjFl|J0(+C%amMgklZK)6rgy`J$fE9MKUIA`Nf+ z9xdyb`*^86Sw%~Z+ntobo*Yad*s$O^N>%EEyfal+G**&NrMb$~byW9}U+8>@;wcWt zf0K*IYP`-ZAa?vtYwcp*qog z8GHS45RYfJbdaOB@6itFKmhOHT+6+H86zyGnpBlIZ1Z~wy4myuWrF;xWm70a9ZZ%| z`h=p38^11?5;`S6x%k@B?b4#xotn2)f8@C6uoTIy%&pUOW{K>8_=9(-QCBwtXF2tL z6o>3%Y4N1^u+{3&$&)$3;Y(TlXZ@N!Oqin$qN`+fz}fb&mp+3TD0it8#?d^VLb-m3 z)WNzpY>}C;e!bwVlxtRcqu^RCA_TmdL-=qd&QX1qw>~F@EYC|R?~JMB=Hax{P2F%3 z+5@?3aRfD*F9Lk~ckso=ygqAaDntKyqPIZOZK9uE`JZ(LWjZ8YgOhV8Z z`U;@r+g6gM6C|F&3K4(ufA)VR6<~QdyK3Sm?L%iVmH#+VU3p5r;980W237vL^jgrKQ%~*Yi>zIoo0tCG`Nye2Ap4;_ z%7W+z9PGiSkY;-GMuNwEX@}?lC(q)HIB9ZRq}-J#D26uOP4(i-e`_#Ji?3&2VMa~b z)M*E5o%<$Avsg(dfEn)z069$&dS$6E(} z4v7%qnAd%B#({-xOJ}fJYTi!g8Q&6Izzv&-xA$DU``|onr8?*HAHpn$J+it?nwpX( zi^I+50We#Vo0>Ffb-<&o*6oU!ZgrK~W;=)GlW1Mmrgi&Nao3-s5ve4mFG=xN_{UfD z-dhV;sM>&Te~m*Xk5mhwcv0t(V5}Ua>{-*77V{P^0eh}3E4idenU_d)sUPsyYc5;a_*fdha`wO|9rWPzi_R0L zU58T2Y>` zI`K8jANjIczhM6ORQ{nJ3HMVsE$JvcCK+ze*Lv&V{EkeaWE5jZ-ObBzy-DrUfrdl5 zv?Z$A*r*k)0fNO(JRT*SMpTQgt2y7j-?JP&f0W=_&XL_M<<~_#*s&poV9VP z4yHtRAnZ&D|5#CqqLqOTEg0@>E11pE7IXbVZL9JQ4&vX>&Fc2 z0<-I(d8j$9A+RdEqzvLD2_;s0A)D8##~`H(oBxoRc{N8o!{pd&enR9m^gAR}2$2+5 z@$$6xquokDYpEWb**V64s!HwE`c?5ff5RKi7u!W5+GlRX72cG76WNK*)Arm|8bSZCg7G$h;Xol*m3X0uv@kR?hW_fu@l?pSWUPB4Q;E|=Ok!6|Y(a^cMa z=S_{c)k~9Ngf`oy(MZaBWLJ#ikfKat zDQ*K^P*Vs!ID<0kEv07N+X##rZyX7@Eq9BDBCS)YDXc=g>PjIhz{7^RCmHStPyOCxMO#mI zvqE?9TUKZxH9z{#j#1RHKR^)kw&3$-wjEzOT))acw*TLRw`2($q8=&1%iz-xt{(`& zkq<|as}NiJ;FCB>5?QW`PPdN_aT*p1U#rS$^g7zEe-||csgQcsfj7!lPF&K6%(jBI$e==H`iaJFd5Uv6CsQZB zJUBG^3h?8);%09zGJwLJd24OkP?Nr>i#dUd@^eTe1$F>qyh;z?3;Xpddc+))chSp+ z0-ODMB$#W9bn|1_TgSHOQkPYs3-$E7T-u#+uRHEuh$equR_hncf9DT>&e=#*ljB8- zp9*EH_()>Z0ZZpf*)0ytuX2(Vdn3GNy?BhXx08XjYoreJB6Lv;7y0tj;it2ycuQRb z&XKoAES%~AWQQqkYNS-_x!$BCkk6yMgwxupC?DIM`{J;GoBC`eE0sfdV#5Yv4<)Ud zMe4;x)uEN~^ipU`f4{TdYHkBh3y+w|<5$eykda+MW8ktqUt(bgxI3;d^uS-`ACS<8 zR&(J2O%b^g3Z9>VZE*9H+zI}Q+m3EHI0K#BNTNV`;x7K6?(CMV97|GFG#8I7Gv zQlr9I(l!9KQD)PvMWuREDvVz`o4W9?xqbDhRK`BHtU*02e*vmJ?XYWdFL_Sh5yh8x z`n_3po1_@1~1o z5!kh>yT)2p^DLwYxlrt!prj$lg#v>BFaUM3_pRu*ALzQ4BHA4A(+Lp$PrRp&S$kwl z?8t}vf3jM?^RMSe_q3`=NJ`Ta`B0&$sNw-Q)IkxDCrjYogHqKRfz58GS?bE+#o;6C z;MND&X$xQ*0p9Y9Ohr{V-D7cShf+7?Q3c)S+QqGW3L@?cZ*`T@0dduvaRS4mY>>Cj zpogBe94vXapW77iCaf-AO`}3|Na}JFLnRwBe-U_H^+TBuq*BiUHH0R5w<<5X;_~yR z@j0I+PUxF^u5E5#C2d|WrInLF!8t=MPqm8C z%bg6wE|}VzOK40%Ltn2p)*S$Sj{SF=0$TgTLj`p&xA_03e%uZczIx3~qq{2if;h4r ze|w_PYu!4Xq(`BH#}VA^8l?*!8J8+X@IsJK#88!7=Ykf=oKsxI^D`H{PVAs2owv76 z8HbgM#DUnLSgrS{<;!aQqSKb&QC?}VM{cK<;q{#MyB@&iVL}@BaD3vqE*bBu`^utb zP=qhyEITb8lwy6V=6`735bJJTmY_O9e~1t0y7h-=1yaa%+$3CZ+jf^z!td3DNNU$y zzI)<3m0{>wG-`*W`V@g&HotSBWvCNjuPOoX2af`pr+P8OI)W_gNi)cnJvF$OFx2pqw=MWfEDn-`pNxHgCX_!6DX8s3%EGHbg!F>S`!hWa|IQciIu^xxJdF z4{yqOom)plO;nQRw#TJ*L$c24lqBuI#XYrQ)vEEi6WUtHK zXo$OCm=maKvYy_H8@x`WQv9elYc@M=}vB1=DR`LoH9-$K>ze+5Kvw92IUnis;izW7m*(z2HhVve|%iGD-51_{`T(x9p$*5&r$*#6c{Tx+J0SNb`U{rxg#2HT&9fwx5iskXkvam~C zN7lLc=4S^ksHhXbG^E$9Y_p|wfzbnmXr~e=(g@DS!Alu!d|9nO?^ojayH332e5v(# zQrsO^o7*JM0h6I)e~6uu$FU==*b6}8kas+yoO%Ev;7GNAs!r$8RYv4Lx|UaZLhx~9 zw?F)u6eti$0C1*sO|Qw zI+`bnHxL4Wsc7GOJDRT6(@}q}2fVprBkE}aG`=0a6;BVLe>OYh`m$PoB=Gd1173!A z`CAQyJlM0KTunYoC1($K?2zYK$WVSlO^H+j)V58P4}#?5ok!LgcIYx%#K|WRdpwnF z&*B%pwWO?7t9FxeF-b$+*@N<8LU>O~sL34oD$UlRfF%3W2>|KbKL(&(r=;oVN=ROL zEvZb0?3BjZe-Cd6s^b?=yaGF~-&SF&s8wNK+Fk)(yv=6gSEZm!1J?K@ZvB$L1J&NU z@+o>gspmp6(#}iU#tl{McmQ&4N(fRE7^X}0mwO9J)^R;GU}>1nI)OT~x97TlJ4dV> z3A=)|mi(ogPdR>?h}CN)+s2Y5h={K!&jwE?Z@D|&e|{*ro6QlV+dq`$O*t%-2w!Nr2kBb3n0@x^?g}=Wv^t<4c!+TSxe2NY?Wq%n%fC-z_99NhseUVr0tVm0-_)(=-1e%=e?p?}>#IZpeSjxfDP`sVw5y|zAXco~ zYY4)E#tici$v+OY7koixhoO=&?J5i?M`&%4X0664|C}b6fWk@bXn7?6xXkH5 zb-t;_oyaB*vlB#~Evvh;VzLfN`kEH1aj#^&6iGXJak$=mw=G#j7H&bZMY87&idjzl z5kno!KciDGO==5y5->u6t1FmYSo=&}e|cG88A0sW{ZR^c-EFLWY>`u%0Kc|G0a!42 z+u7^pOOwdItk&N^=f|+HJy_l$o0FnhowrFo)!8T$CAA=Ql4u=zKY?N&`Hg983Rdtc zujxO@GH^zenyxiE=dB+U8PV93F9p;##MR7TkQQsXvt!$&zmeY@aEI0o#}YN(e>}X7 zpLUGNwCYLUTfJ+jWABg(MYEUJPCcY) z8vu2)4~#8h>G@@~eml*_hn}un8t^g)KsvGH?va!uE-_ zdhU4iwNxx>I;B{>w^4*YD`UOY@c@MD)c8j$D7G%3Hy&WJw$xa35U3NIwq76Wvo?kU zeo)J@3r_ighC@$3oACLvTECs<8b5R?K~T2TKp{#+QxPB9kKK2f-bEK`e;Ikjhl70O zvWa;q{&eL606xc-v$~Vli9Bgk*VWz>_2VJnads8FPv`~05nnIoTBw6J6J~iS^wyZS zGbGa~U6e9r{b@IFl9R_69OLt%mLMUqgEda8nWRf#(_Q$P;8krZ*qPaF_$Xbj2}@A} z_SRK{+G9A^eHH8ZV%ecFf8CEB=>4T*^UDEe558|Pl{DyeNw>C>HSc7{**>@W-!*KI-h-nrLm_P<+o$97E_v-s&Ypj*HBUk z(znAmC{~5SM1CUTORMQkzoULT{z&2is9x8e9Z69?bBbv#FKQ!`e@hE+D5Qj#Ha)9b z+GJBy7sY^WBH@?fl^^RgYEj8a#kBZrS&%PL{+9#p9nl-hd#4h4<-`+S&+PgYLCnFiLCk9_y*jv1d6Ry;8#;%ig&)$c?AnN;K8>7dsCMqk(wjd z6lw&?AXz)V30w+?e^X5!ayQA-^^*FUmF*!ssH%HtBqbUElig#xHJ^(&=NPc!;~c-1 zlXo7ZTt`v8nby1Gn0rQv7(y;BL~U--9jwVf10$+aq9sKFU1Ypp1Der zQ3z&bJHk0m620Sob((MO84t0XBV*w8>U}=Qg#Q2?NQOHlo^IJk14Ho&o$Vf#Tx1to zpca-<?;Pf1ZV%<vAO4(GpLLdgZk1Wm z9IH?4i0Tlhe?zvCP?bXX8SMG0``}zn8Nhf;Sif^o2bQYb;WHuu`$4NC-A+DFyEnK&U<<>i)RN#5>KvPg$A zD8Ycs+fYttAnBE2U?m`2dZfi19!-6d_Gc?>>o&_`f3-&r$9cbC`CksW;Ob3xlWRJz z4oFgSa5*w|Y2UtNT50=D%|C9n7lNJTI%UH}Rg`)BAxUA~8gpDa+Ym(5k~)dN-dm6v zgVP$#0=#UcDq_{u+gfr%M}2o}ZgMGjHf%e>#V6%;RBgMrc(ER`&NNlF({kW5S|al} z^V!bSe^L(D6IDXc1Ld@vaY6eJ5q?V;j?7*(5X31JS?3dO0V~u>s zjewJ6ajT)y*QJnJqTbk_JGSk)OgvJqA*%pQxectea8yRiF_bN3s)+ov1^@JpKb&Dz zSH0?^Lt=Mu=n9o8$@zK(>%wQotb_L(N)>#;vHnak~c**$oMLE>g8Ca;#YwLefi2s8IKdjr@h^8aqG`7 zD!;M3gQcYOsrZq02|;i8sdZhO`Xi_Ub@rg~xTATe8>eZHbE-rUwJ8+=61@rO#9ZnT ze|1l{;Wu?fVWo*MZ1qk=+dt-T+OlL42yyML;>lhnE4O%i@vpr6l%@JS+OAychT&C{qx2uDc)nup@&)~sZ*f8ClV&6_#ran-l0@?^A2x@@Rjsy7eE=8D=) zM7owV{i000H~L~HNOricrDtpIyj$KO8*u6pvdB`l;=`K<;UL2OC<)OYOIiJPESR3G zKy7>gmns1fx7Da5DzfKEJdy-X2R^o?)|F z#31>LZJW~gvRc1bK7PuLWT#Z688-*^N2=NgJbUUuLyK`4dVmtQP_9MeaI>uOQdp4; z&Y+D7J*_Y6ZD$+^3`6s#c3#8&F)6d#fKvpRut>gA8?m3)TdO&5-_Cw<;%5!f&X6i0 zsS#3gM84#P!Nkb{;B;87 z6XTD~JDD*?1*q4T)%xuQrVr^rO^=8;*RH|>vXpgA#-ea)RX3jZb zUR2Qvtnk2dD<1YG1Es8If6t`c3KrcUEifBEKI)K5vS`~w;MQ?)F11%*qbq7wM){?B zRE~3nl@#>Iw?Z2w@<^wXFUR)8Xt@IUb?O8jt5BlA{{_16Km>mKRksy`+;ywPb0d4I z`<~TlsM{Tj&!=)SsQ;hJ$JP3CsX2~Mmael`%J>=`n}zGcDR8*5e;wX#=)7=EPT6sS z3Y3`xYbV~ZL+k29!%`@WMfVk%tnI&pAmM<=FOQF9bna zD4d;P)l{1-A_|x-^$YCXE_@&YmgJ_6(5-4Y8E6+&^{7+x498j>df*-W07LcLh8IEY z_WEincyISFw=IUPe>{OL1GQG#m(}`35cxw?swzZ8JXWcJ_`B>~Dz({^xx2Ro$fNN} z(3S46gw;#}6rnJW9ef9JZ{mo>qEiZdC^C}A%!$co4yprAbbr>yNoD{ZMlTea*fQP`MQ0l7R_SWAN*+*5)W_DgQO5>51o^@~~qU%WbIPzYG z+W6$hn<%VM9f4YgEY*^=260|l9&hes;XTdzn^)GlmG{!tj{{~ROB!W*>2j!X-lVor zF1^L@zzkNte;hZbX+c|{Z9}M*JcerZ^K~rSHqdhcl?jtu3Blr9rE-!ofHZ|(2(|f^ zAytz~CDaaJobE7b0l_+z4Vt{IEW8C(BjU?y{UQizz4usDICK>!W0dFKqK1kTDh;lI zP$z^$eH2a&$_OHQrwzTzcr-RwSb~WLCb*o2k6GD%f8c4N7{66(yp?nifP2ZK3HEVt z9w>E%xz2FEo!fYcgiWP&PP_L20WBH3w&A?HXApLD$4ZqdM~5Wd*JY8-iPd_dQ=~P5 zrEe0H7T84;IUJF6tFM-}20mbHXy;bO_KB!9KLj#%`|)M9esA{k2WzA#M?vl>d}NL} z2smV?e+TV{jNyF6qldOa>KYoWzN-^}oXSg)%8O?>6%jZ`R5h=(qGP-mqAOqXcn?GV zI5}!i>$5#+y7BokGDTn@zAt2uWdk7y&uysv^{P&zOQvjP_FI()RL+|l11`k2yDT4 zC{~j7PCu#E#I_f4uyVRs7l6)(OcFaSPo4INh(t8f8{f7^?0|vF%pbblmVPU9x!JM( zf8ONDbJ>R=(4`g~c%CoQ{|p(<=vLfNL7N-$);_RDJhbOU+d z_uf+V=*RPb&B^|!TJ)xhB%f3pY-%*0oEGoA5t!Tq3)=!n{ znIDsiQqGog$>h35qv+tY89|)>VLP$|f5%(cn%d-EN|i1ZDFlJ{rZ-#diEk+xG_oPR z-Xxys^?*&jq_yAKCvZwb(d%w5U=rXTV4k8bu}yH51At;2&OPErS?#nl0YE$B{AF+b z-t4n`KP2X7-uswsbZh1uZj&oTPzTD`ZMu>`a%q#0;+}0&nh#9OcJzvruUGL(e=6n? z?WJCQTT2yPZ*FPia-Hm-y?VOzz)yr`6T7?9Qt#x)`q7J$0=%p zNAejgounw~C{d!)#hyR&v&^&*k2US}JQko2IE_MJ!WEwbnpI zUsmfS)f_)2SF&9HF|=>U`vM*Sf6s>`goUD5LQA|0@UU$oaEzppJUA?!+E$%`LRu8e zQvH!b17WZ`uK=77;F9!pBXb@`f$=I)Y`fu-+H~f5D?&I7cdMXR;!_0RkDdER;YX(c z*>U!V>|AWd-MNJwYTd>-*Pd4kQ=dX&RvMR{&>}Vaf{Iu;l_4$Ey9)~If4+&pl)@pj zL-Xq|tM%6n{OB}m&_j6}yG{h0bnp2b0d#b!Mjk*V*QT{dQ1wz^9|*21X|JGCQ!z~O zwy*B6(BW2fA#{z9;>p80f~OHKh)FL+{zBzFoo?oQ)rq#j>R@AV=7-IJ{v3_yV5vPU zYrJaf&L8YQQy3}7-Ml@@e;(Ai**ORBR-KHlXyXlhS8~QV)vlL%Gf>*?bijTpT2BPx zwFU2zzpT~^%YRI+kXeZ4j-m9hK*HI(6>uK8LmF}{^>7N8AWA@^3RzvrYw91WtF|3@ zvI5n74e@T+SCI0>0q<57&UmTMcn)vo2-Qwh9QOTso0e^AZSOfC(kmY4|$ z7f8O6&!hw>A8o_YfnnX;7C9+s*TgSV+w2-SZSU?KU%mP`Yzu2-pV3xLjFtdT-Y%PKk!zAY=< zz`0+2QaEY=p%_deyc6@H*Q$pa?ki{$uGP8>0s=}cnyGF}5`Em9Fw>EN5-A;gv&_t- zKG~plBLD0mE`Y`LFWb%4`o;43qrXMe;+I_-wjG>g)n3^?e=0$5Gm(S3^-qklMBb5f{xphOl1&zGaMr?j%*t79fuR`T1*y+YtQxvs*k`(Np>n0Uhyk#rK)H| zb{4&drb0Aj@ouD-m2?L_PoSR)v(7CnXYcsWJ>df`(6c&??f$lw2PJt&r7=LRit|3C zJs^jwRT`<7e>kO^#-c>qAkuzWt=}24@-bb|*~Ct#t>|F9>g?24UA9=%%T68V^+bv= zP!JeH$6_6$l44v{CkJ2-Z#<~j)VDGQtCm$hX{aca~n9HLgxBE<{+C)@{BqGI^k z!Z}#*=sHXeVOvQ8)s~dEJhM!%YYu1ibx|tLJPfCn)a6Z zc)Kw*5P7yDOSuT8!;&OWG-{6P&TVym7^Eo0&L25qffu5xaSqOU z+zyM~njIg~B~@b7yTs#4xGDs2Ed!`unqEAYe@_^kB(@@1`_uxyC=Ak}5S@IpKCAkH zm+fPn!pN*Iv5~3m);+dSfy`PK{l_LndDVDOjNhyP1-m3J_2$`jY#WD@!z~A=Th2%) zp~&u>&dCOse-gJEz(_`X3PtaRq{cn!nFj|csKIKVUsmhyX8+?pQA11WCg4EZ0h)q! zfAVm55cnkB?z}~hi5C<24V{AP)N+}UO#}C=G?F*mWNppuv?aE^RU};?bf^#0Xm`Q|%<>73cO@(>WIO?vT0-=`JtII>;`S%4tzw zrbHsqf0wd*{!HOe`G*n0s|Rt5uUMregUsxu^trNWQ>*oV_B4sCcR39#aC$fk@ z2YRoTH8Lsmv80{~^N35%3=TVam*;Zc#)`n`H+lp$kS36 z-ml2lbC7kC;Aaqtin)MlRFxv&LhgDAw}q`t5HLia!Jv=T)qEpoCQAnOJ`C2cYDR`;i6*6b;P;0 zhG^kUf<{T1Rrm9FXt6tWb>!((n^N$Xum(E4^snA?xRnyS^3J>|wo9!BpMRQeQ9)^H zO(kXznG0*r;m0ql^^4_!QXlt;Qg^gFTe{E#?B8eRI?fJbeaHVKIddxW;2gJ)>sPRj}XJ3BWuFQ=F$>k0Z49H zv!~NNmb@D^#_P*!{VFwoiXT%ectRDvFapCYL2m`ObLFLwge^(h83!!4k$bZ@x#zTr9=pnPIYX3DsnrAQ7{V< znVQ{uUwlie>z&w7x&7r9!dC`wIqUrHZz)Sk zHmuZMzc(p2_)`_8$Y!JxRf&8mZsRYOIDGS!N{SS9g&fDewT`Cto+3^lhZ;&VQ{XhCU8e4pwc>ysINM zw#0!W7GU%8TE@9&iVGnc_z5B#*bDkRz|zgai()LX_(0jg1q6 z#Vl=X=VmInM}K9wAcA);UPmV>F6&#AuYcxR@0_@-=ZP?OHpvt$wxZgdw?`l&SCokLT zZ=1WM+55%sB{^q6=%d279XogT8A^YurHvN$lE^c#GJhw)PgN7zVp|92&I8{zvN^9! z(rMa0%c?xB%ZDMxI-xLcJ-A9t3j5o2{n8Em6?ap!^S!r@A4qBhHVqkwt7?D&wj5Fqie{HSRnw%_sgCyd z@YCMu>3=OssW!d^#nvEL6bC`$brw&@azfrQruwx`Qg$}(sf(+!3`s>(%_j4qe)Cqe zTrAHFb!#uEMAAHjMh|_Fy8Q{Ki5lgH1t+qhRItvP)YCV^vz+1+EBb4N|Q%JCCI7--lAd-gix=HHB&gfMLGFl-XUr- zmMbrX6E@fdXAIRwHxb2|B2ot%QB|Do7*XOwlH1fH0^5J7e165u+zp zdk`FX}) ziOKbX31V(*H9+G@v`{_K>OMtFS_kPUS=>j^Ijn$A>)U73W64<;Ct(Y%46A(Ew~cy^^(61!PPLvwQGZp_x8#Ft z5pdulsTpFN4XU^88{X|b`Tzu|=aW?B&dQC?S5<8zdhnrHmso?Q8^rEW-39ma2;*2R zr)k(N#c3Z&Q3|?WTNl$?LNBYyFhzcwBUfF2W`4Qy2)c5eLH{W^z^VdkHZM74sNS5v z^yRNVEdLSZ=b?_V*T0XmV1I>rYH)0*sclED(@4Xor5@CiTn~z8>8Sgt_t^MR!1Ak( zJ>F(3DlRYADTx&-Z7gQ|5e*}E=BZiBIi*(tNFH5kUwBIw&AiLVLq?CD^we{dCHiqu z@|gko>*RpKQ;U3ihmm6bAu(6GU$_1UTH=N-$2b$S*wYG_ZK+R5%zu=;eiWtn;uUU3 zXRB6Ln)*;%WhDF?R!eHIE}^@ zzDFk25{2sV1%W2%PEBW}@3we2Y&FLs~o zl0t2<&4e-`R!K49fb1173)m+h(nY;wg6`88#M9cJJ;+72Nq@s!?;EmiUta0ps18vf zk4l|Tyz8`SHF+R{&fFXkRp{6--ap4Z{RI#HrDjS2PM?=Mi`74!A0j=OBdH)YOeZgb4flaxE7==*oy2x;(c)w# z&^{xzb{eV;H!MN1Lp8O;b1}BP5RJ_?3FHUoz z3V))~dnoOAhDVodForJ6Hh4f?b!*oaO=zDv`J$=-WB{T&sH3^)1N2HlHZlMQT6W+f zWAXut1}CJa`+=-FRK;))f%y<&?U)n_~y_hYf*?joO;6d=v7@S zW1Ctn)X~m0s3p_q9sqUdQ(b0?iIMdrTYp{zrP}%)2Uo_#39=gi&?yx<;gNSGnZE1B z%W-+#Rcj!`dO92_H8(4&ufm+3Sh}@wl!$<=jrOJDUe;Psa(yG5HL|MLsrk_x;(E4Y zpC;wk0D%Bp*I>1Y8$^~4p1qwMs{(v`B>$M1p65$t@&9*MO=X`9<$P#%O197L6(TK<{~{n`g^L`_6$1^a&!so%Suuf-R%h3G~C&9 zDQkW7AmsR5w+fQ!((k}k)$1itq@M>VRhM&ZqcmA-9IwWQBnMHPio>XbtmpX~T_SUCrWPfT=@N3yf`O9kk?k$R`k12F*rY;q$z;OW1q$eCO zX?9hAGW8ngj|jQ-WmZ%wNv+*S0ZQIzRJnWWRoW=B-O6q!U)jyj?(=xMqzupwdstAq zwp2+Qs+RTVg&>yFa*cpV;C^&YtYyi%AlHzJht?}PQD_P6r75S40@t2st$+L0gZf2> z;fIAI?JC4XvFa5NIfk>_q`OvKe+uuqS$o(Oe}WRkg03&C^;;*_54^R!XDyuF9-s4( z-pQgpkq{9swdo8nc9?kAK_3>d*!ggJkHffipJ^&?#s}G4_oxwg=7_`;1d69VMdMB? zbR3d;4M~clB^TXe_u|+PP=9tutlrWn6vU%`D;%_Zcn6(G1IxIeisXc*5qktZMP*p(#uFr9920K?n7N*b%7L`KRJhlIW`gdw+iYqc!kBt}RsN z#pyI~Ipx_@4z}sx?11}_JfA)oNs~OwmT|b8f=H)Q{ZW$K#Um-;M5u03#-2m6u#-$J zlDiMe2<^n?Cd9?fFH5;7hQ%3>CPrP@y%V@LgD+FU7zK>emp2@^E)i|3HS%iElcQ5xTixqBr&%WyWrAFy<>On>A3G}_4 zUe^*=3jL+%Jn6|Uz2kYjI?fl!`SRvbGor0UblA%E0!wl{<$tylL_wgIwk6UTzD4=` zYxVG_KM=$ho4=XyHMR?Y5J{4{S0~Q2`%E8BFLdq=}GNYwK+`n!hpsc6pG#! zXW4gvlraPh^}pG0Q6m(B5ulmV!;VFgAkY=0Un+su2eXuI5VPvTP^fMB5Fz#ZlCYiUY>)3iWQChmCl#lmo0)Vqvz z*8AJu`n~h1ACoJG-9BX!hSfO0R#gdh?o@#maOhHU!a-hfyn#iq%S|P6Iys|)ZI-5BbJ_bsPBB>Jq*Sd=iyd1$W$XOkoKY$Y zN0wysaAdyituJ>z3U{i$Jy{M%$tTE(14e+u&(QezNwE zcT-JGU4I!(m{|)+&RsXphtDF-WG$rucrx-Kec3uxriv=OAHqa~}m zsKsO6@;6B}0`>Mu1}d18q|0P(pp5CwFSuX%Sw*eEsx@f~qey79TmsV{pu$CMR}Nlk z)|PVniSs|8-7l;4$KU#Jeg(@(m;y|3EP_H;w|{pw!7N<;iliJ5XS&V9w&s zxqm%-0YHu`XMLtQ3+2m6{GG*6^8Q^_tGAW;(T74E6cxNoKn!7ugW@!9Cr_QKbSWWq zYPvw#v1ft>XQr*;u(-0@d^SZLs5JC=;)!pQm%arv0b8Y8#URK?5tyofqCHYJnEEz@4q)_l&JW%QYD%pMB zKa+bdPN`OQrvlqUAG=HCUViE!Fn)r)eUcDhQ6c5-U0*t7BXz}C?hI<{`f7iPSsHur zKUXXKRX!a5cib9#j527sbY}{b86`t@b%Ui`tiJWPrRN^@3)8g7zm@*6bk0p@I>ln0 z72Cu{Np7q4E&RsH15)*)y(IIWVcgE~J20oXuJcsyZeZ>n>RT%Xou5=SqI7?9aMqwd zstRP)XRWV))abwfm$tXWtf+tM0@(K2rX$XA7acOi^_uNC99tzGu$y#YCM#T73&-6T z;>*6RR`_G-e&}!A(_#YP(ypgn0$j-f3JP75G=FQxNratSkDVuYw3{TCBh9dRvs6wSkruQs{5>u)14flVxjiX=ymkS1d z?9Sy_M4-t5@||krINd;2yoUl$qy`OG&(xkF7n)S4le(^NoZEYmO)WI7zl3|5D3Ok) z7f8!S6s!DYwO;N=`2#_C{1p-%4}r`6lk+o=TwgZR<*77)^P(!Ns-Kp!@yV`4y{-mo zB6G{HR{HJe<=hS21>S#sw4x^^^xYS(B)vn04)5kcQ;MvT?p`^O{HnA{(;6VC>y|E6 zOph7>da|6=3_c{3$!3Ypt|}Y`o&dWCxx|Mq>1t1&nq3tyq$I{VE(kt3d~v`GYP+OO zJ=-Gc@&jJGi5y>6>(9&dg9o87oF^ zQ7K2W=J0*L6shC;8q zL3BNy5>+igKbIF7V_B}WK_VnQIG!8Meb>PQx%bI(65s(A%L{R3t6wKkRCyDlqQh`( z=i8*>P<>jVYKDDEn3JhQ%|w^+HV71dgN*&Ott2Vu4#jO85e|k7Ln772pcbyfzL~T2 zUsfyst2F|qJ@qlZ0U-qEt;$naB7Hf9@Ihf_HhcD8pDnt^Zs$NzrFPpgwKON`!dBBI ziR!Ntz*$5Ic}dEmDz~JWEGL7wEY>Hh-K-dh6@dBDRu$cg@~D z^o@!>C!?`>pcRf@L0uNIE})G8~?UL9}OtJNjnqz4V>NvPK6!GAbPyS;fLiCxX2 zFRS&cd_Hso)usW5UZN5)&~>Y%3Tz?H@O%J$J=YX^Vo!Lze###h@~65g6<$o|Z3jfU z>vnkR?t{uNdWNo@*;daO17x9p5+1*u7b>r~^MPNzQ|&D@JW}Npw0SEh7jB>)FL0dk zrcmLu{w< z*);;?e{gI7BQFGTo$t66w)XT8ZxMRIAm5yb zh&BdVR4s`5L~xyq;NTr<1j)4C0Ftqr0(!S1nkq<+dIA>+OZjbOS|;ne+<0oiG{w8v zi%L0;u$jJ|DXJl_82KYk^XBdXP9k7}?d_zWGCn2AFTYQ9hFh0}uD>aeayX@X=6Xp2 zBJxpdG!W90<2q=@Eb|2a8rY+7gmxHP&P&hnj8W ztBO~plU>A3$MC`eCkq65GM1`e@pN2*w=O0eckPqHjIDC%J`T{ow=3S;5l~L9_aA_A z>phRid{k=GfQxGMlv%qf!D732YbT_+Cm~%sT588R9JzhGGNJ-tO8GI%lvybjovb6~ zSwapG5}8XxeraY!!lp7FUsmgnFaM!6a&Pezjx0+>ZXuAIIT<(x1TdOS~jSs@C~ zRV4*oM;aGjXA#s-YU_6MV7llKql04UqDVapZ(Sizm*6=FLVxwpUO>vDZA2;xz=JkL z4#lVsx&;u_qx;XewO8v;)jEI7zVZ<)3i6f%$tq^BC+3#NttYWS?{I$6AUJAg4hqYh zSMRB0?D6rUsZlPHbG_7p**Ww2@Q~#Cp=j1~@7o$#8g|6>UCWXn@_oGaR&cgM_OH59 z#zJyRG-f}%1AiZaGt>B>LGppx-#Qmw>d&VQ%OAcms@vn9rTZlZk=UKB)Q6*;#M3}^HG@2(zNV3k zpl839<8T8-`)1v$iR4j|+Q!MPiYN`1nj*6E^Q9HB1%G(c(R+Q>EW8fqyT@y_wk|CD zQtdQ0f*lX70i6S^8mTJqzZEvJ2UB}ZnR#s+XLvV%4lff{m%S+&m&c|SI~_pKY>^$7 zxAx63_rO`1DvE2bqtZ1&;md0M@#W*Y2VrQ8id(Y#j~J|UEsfetiDhO1}N!PnaTf-koC@<^Cua}gYWzU$GygLY8e}4$#W6p>DVPx>P zof6a&$nEi}g(Rh+pUN72ss|0$v>~NxWvJ>D5S48Z&6}g}C^AfeCLfYFD*tGSu7*g> zp*gCpXbn!z+R|#%p{DRw&&a?!-uH^CoXGqb@))j-+MFS+c0hnLBu=W!OLgsVO>G49 zwqzN>pg^08WZ0CRe+Q{JP)urBJOQEixQQTJ5|bYp*S+0v)SmY4^*mzp5bLux+H#kOG_eXX{*bT=QXZLr#8kzC1gH_rhvwv z?p*4517!i5O^Ja-=H`3@^cVk{og(kAlQ^p`ME0q(LP1xfmlr(<)jXGKKay_$hyV3| z`QQHc|KorDAOHJ*`>*x?{`dZ0|Ihz)|DXTYmp}Z!|Led0+kgKb{y(II@wi*14*>Pj BTzvol diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202211-07.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202211-07.xml index 045ffe019c..c642e5c2ff 100644 --- a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202211-07.xml +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202211-07.xml @@ -5,13 +5,13 @@ An integer overflow vulnerability has been found in sysstat which could result in arbitrary code execution. sysstat 2022-11-22 - 2022-11-22 + 2023-05-29 880543 local - 12.7.1 - 12.7.1 + 12.6.2-r1 + 12.6.2-r1 @@ -31,7 +31,7 @@ # emerge --sync - # emerge --ask --oneshot --verbose ">=app-admin/sysstat-12.7.1" + # emerge --ask --oneshot --verbose ">=app-admin/sysstat-12.6.2-r1" @@ -39,4 +39,4 @@ ajak ajak - \ No newline at end of file + diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-01.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-01.xml new file mode 100644 index 0000000000..3edf350cf5 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-01.xml @@ -0,0 +1,52 @@ + + + + AtomicParsley: Multiple Vulnerabilities + Multiple vulnerabilities have been discovered in AtomicParsley, the worst of which could result in arbitrary code execution. + atomicparsley,atomicparsley-wez + 2023-05-03 + 2023-05-03 + 806845 + remote + + + 0.9.6_p20210715_p151551 + 0.9.6_p20210715_p151551 + + + 0.9.6 + + + +

AtomicParsley is a command line program for manipulating iTunes-style metadata in MPEG4 files.

+ + +

Multiple vulnerabilities have been discovered in AtomicParsley. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

Users can pass only trusted input to AtomicParsley.

+ + +

Previously, the "wez" AtomicParsley fork was packaged in Gentoo as media-video/atomicparsley-wez. This fork is now packaged as media-video/atomicparsley, so users of the fork's package should now depclean it:

+ + + # emerge --ask --depclean "media-video/atomicparsley-wez" + + +

All AtomicParsley users should upgrade to the latest version, which is a packaging of the "wez" AtomicParsley fork:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=media-video/atomicparsley-0.9.6_p20210715_p151551" + + + + CVE-2021-37231 + CVE-2021-37232 + + ajak + sam + diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-02.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-02.xml new file mode 100644 index 0000000000..8683f8757b --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-02.xml @@ -0,0 +1,107 @@ + + + + Python, PyPy3: Multiple Vulnerabilities + Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution. + pypy3,python + 2023-05-03 + 2023-05-03 + 880629 + 878385 + 877851 + 876815 + 864747 + 838250 + 835443 + 834533 + 787260 + 811165 + 793833 + local and remote + + + 3.8.15_p3 + 3.9.15_p3 + 3.10.8_p3 + 3.11.0_p2 + 3.12.0_alpha1_p2 + 3.8.15_p3 + 3.9.15_p3 + 3.10.8_p3 + 3.11.0_p2 + 3.12.0_alpha1_p2 + + + 7.3.9_p9 + 7.3.9_p9 + + + +

Python is an interpreted, interactive, object-oriented, cross-platform programming language.

+ + +

Multiple vulnerabilities have been discovered in Python and PyPy3. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All Python 3.8 users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=dev-lang/python-3.8.15_p3:3.8" + + +

All Python 3.9 users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=dev-lang/python-3.9.15_p3:3.9" + + +

All Python 3.10 users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=dev-lang/python-3.10.8_p3:3.10" + + +

All Python 3.11 users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=dev-lang/python-3.11.0_p2:3.11" + + +

All Python 3.12 users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=dev-lang/python-3.12.0_alpha1_p2" + + +

All PyPy3 users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=dev-python/pypy3-7.3.9_p9" + + + + CVE-2015-20107 + CVE-2021-3654 + CVE-2021-28363 + CVE-2021-28861 + CVE-2021-29921 + CVE-2022-0391 + CVE-2022-37454 + CVE-2022-42919 + CVE-2022-45061 + + ajak + sam + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-03.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-03.xml new file mode 100644 index 0000000000..256ecb1d9a --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-03.xml @@ -0,0 +1,42 @@ + + + + ProFTPd: Memory Disclosure + A vulnerability has been discovered in ProFTPd which could result in memory disclosure. + proftpd + 2023-05-03 + 2023-05-03 + 811495 + remote + + + 1.3.7c + 1.3.7c + + + +

ProFTPD is an advanced and very configurable FTP server.

+ + +

ProFTPd unconditionally sends passwords to Radius servers for authentication in multiples of 16 bytes. If a password is not of a length that is a multiple of 16 bytes, ProFTPd will read beyond the end of the password string and send bytes beyond the end of the string buffer.

+ + +

Radius servers used for authentication can receive the contents of the ProFTPd process' memory.

+ + +

There is no known workaround at this time.

+ + +

All ProFTPd users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=net-ftp/proftpd-1.3.7c" + + + + CVE-2021-46854 + + ajak + sam + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-04.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-04.xml new file mode 100644 index 0000000000..b5937284e3 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-04.xml @@ -0,0 +1,43 @@ + + + + dbus-broker: Multiple Vulnerabilities + Multiple vulnerabilities have been found in dbus-broker, the worst of which could result in denial of service. + dbus-broker + 2023-05-03 + 2023-05-03 + 851696 + remote + + + 31 + 31 + + + +

dbus-broker is a Linux D-Bus message broker.

+ + +

Multiple vulnerabilities have been discovered in dbus-broker. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All dbus-broker users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=sys-apps/dbus-broker-31" + + + + CVE-2022-31212 + CVE-2022-31213 + + ajak + sam + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-05.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-05.xml new file mode 100644 index 0000000000..d03be8aaa8 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-05.xml @@ -0,0 +1,42 @@ + + + + xfce4-settings: Browser Argument Injection + A vulnerability has been discovered in xfce4-settings which could result in universal cross site scripting ("uXSS"). + xfce4-settings + 2023-05-03 + 2023-05-03 + 880257 + remote + + + 4.17.1 + 4.17.1 + + + +

xfce4-settings contains the configuration system for the Xfce desktop environment.

+ + +

xfce4-settings does not sufficiently sanitize URLs opened via xdg4-mime-helper-tool (which is called when a user clicks a link in e.g. Firefox).

+ + +

The vulnerability can be leveraged into 1-click universal cross site scripting in some browsers, or potentially other unspecified impact.

+ + +

There is no known workaround at this time.

+ + +

All xfce4-settings users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=xfce-base/xfce4-settings-4.17.1" + + + + CVE-2022-45062 + + ajak + sam + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-06.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-06.xml new file mode 100644 index 0000000000..1f1a927ee3 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-06.xml @@ -0,0 +1,92 @@ + + + + Mozilla Firefox: Multiple Vulnerabilities + Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution. + firefox,firefox-bin + 2023-05-03 + 2023-05-03 + 885813 + 891213 + remote + + + 102.7.0 + 109.0 + 102.7.0 + 109.0 + + + 102.7.0 + 109.0 + 102.7.0 + 109.0 + + + +

Mozilla Firefox is a popular open-source web browser from the Mozilla project.

+ + +

Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All Mozilla Firefox ESR binary users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-102.7.0:esr" + + +

All Mozilla Firefox ESR users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-client/firefox-102.7.0:esr" + + +

All Mozilla Firefox binary users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-109.0:rapid" + + +

All Mozilla Firefox users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-client/firefox-109.0:rapid" + + + + CVE-2022-46871 + CVE-2022-46872 + CVE-2022-46873 + CVE-2022-46874 + CVE-2022-46875 + CVE-2022-46877 + CVE-2022-46878 + CVE-2022-46879 + CVE-2022-46880 + CVE-2022-46881 + CVE-2022-46882 + CVE-2023-23597 + CVE-2023-23598 + CVE-2023-23599 + CVE-2023-23600 + CVE-2023-23601 + CVE-2023-23602 + CVE-2023-23603 + CVE-2023-23604 + CVE-2023-23605 + CVE-2023-23606 + + ajak + sam + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-07.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-07.xml new file mode 100644 index 0000000000..ea0624a6d1 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-07.xml @@ -0,0 +1,42 @@ + + + + slixmpp: Insufficient Certificate Validation + A vulnerability has been discovered in slixmpp which can result in successful man-in-the-middle attacks. + slixmpp + 2023-05-03 + 2023-05-03 + 881181 + remote + + + 1.8.3 + 1.8.3 + + + +

slixmpp is a Python 3 library for XMPP.

+ + +

slixmpp does not validate hostnames in certificates used by connected servers.

+ + +

An attacker could perform a man-in-the-middle attack on users' connections to servers with slixmpp.

+ + +

There is no known workaround at this time.

+ + +

All slixmpp users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --upgrade --verbose ">=dev-python/slixmpp-1.8.3" + + + + CVE-2022-45197 + + ajak + sam + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-08.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-08.xml new file mode 100644 index 0000000000..4bc05bd570 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-08.xml @@ -0,0 +1,44 @@ + + + + D-Bus: Multiple Vulnerabilities + Multiple vulnerabilities have been found in D-Bus, the worst of which could result in denial of service. + dbus + 2023-05-03 + 2023-05-03 + 875518 + remote + + + 1.14.4 + 1.14.4 + + + +

D-Bus is a daemon providing a framework for applications to communicate with one another.

+ + +

Multiple vulnerabilities have been discovered in D-Bus. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All D-Bus users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=sys-apps/dbus-1.14.4" + + + + CVE-2022-42010 + CVE-2022-42011 + CVE-2022-42012 + + ajak + sam + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-09.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-09.xml new file mode 100644 index 0000000000..9bf31f312e --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-09.xml @@ -0,0 +1,42 @@ + + + + syslog-ng: Denial of Service + A denial of service vulnerability was discovered in rsyslog related to syslog input over the network. + syslog-ng + 2023-05-03 + 2023-05-03 + 891941 + remote + + + 3.38.1 + 3.38.1 + + + +

syslog replacement with advanced filtering features.

+ + +

An integer overflow in the RFC3164 parser allows remote attackers to cause a denial of service via crafted syslog input that is mishandled by the tcp or network function.

+ + +

Attackers with access to input syslogs over syslog-ng's network functionality can cause a denial of service.

+ + +

There is no known workaround at this time.

+ + +

All syslog-ng users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=app-admin/syslog-ng-3.38.1" + + + + CVE-2022-38725 + + ajak + sam + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-10.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-10.xml new file mode 100644 index 0000000000..02f988fa36 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-10.xml @@ -0,0 +1,143 @@ + + + + Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities + Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. + chromium,chromium-bin,google-chrome,microsoft-edge + 2023-05-03 + 2023-05-03 + 876855 + 878825 + 883031 + 883697 + 885851 + 890726 + 886479 + 890728 + 891501 + 891503 + remote + + + 109.0.5414.74-r1 + 109.0.5414.74-r1 + + + 109.0.5414.74 + 109.0.5414.74 + + + 109.0.5414.74 + 109.0.5414.74 + + + 109.0.1518.61 + 109.0.1518.61 + + + +

Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. + +Google Chrome is one fast, simple, and secure browser for all your devices. + +Microsoft Edge is a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier.

+ + +

Multiple vulnerabilities have been discovered in Chromium, Google Chrome, Microsoft Edge. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All Chromium users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-client/chromium-109.0.5414.74-r1" + + +

All Chromium binary users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-client/chromium-bin-109.0.5414.74" + + +

All Google Chrome users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-client/google-chrome-109.0.5414.74" + + +

All Microsoft Edge users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-client/microsoft-edge-109.0.1518.61" + + + + CVE-2022-3445 + CVE-2022-3446 + CVE-2022-3447 + CVE-2022-3448 + CVE-2022-3449 + CVE-2022-3450 + CVE-2022-3723 + CVE-2022-4135 + CVE-2022-4174 + CVE-2022-4175 + CVE-2022-4176 + CVE-2022-4177 + CVE-2022-4178 + CVE-2022-4179 + CVE-2022-4180 + CVE-2022-4181 + CVE-2022-4182 + CVE-2022-4183 + CVE-2022-4184 + CVE-2022-4185 + CVE-2022-4186 + CVE-2022-4187 + CVE-2022-4188 + CVE-2022-4189 + CVE-2022-4190 + CVE-2022-4191 + CVE-2022-4192 + CVE-2022-4193 + CVE-2022-4194 + CVE-2022-4195 + CVE-2022-4436 + CVE-2022-4437 + CVE-2022-4438 + CVE-2022-4439 + CVE-2022-4440 + CVE-2022-41115 + CVE-2022-44688 + CVE-2022-44708 + CVE-2023-0128 + CVE-2023-0129 + CVE-2023-0130 + CVE-2023-0131 + CVE-2023-0132 + CVE-2023-0133 + CVE-2023-0134 + CVE-2023-0135 + CVE-2023-0136 + CVE-2023-0137 + CVE-2023-0138 + CVE-2023-0139 + CVE-2023-0140 + CVE-2023-0141 + CVE-2023-21719 + CVE-2023-21775 + CVE-2023-21795 + CVE-2023-21796 + + ajak + sam + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-11.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-11.xml new file mode 100644 index 0000000000..5b7a54c72d --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-11.xml @@ -0,0 +1,49 @@ + + + + Tor: Multiple Vulnerabilities + Multiple vulnerabilities have been found in Tor, the worst of which could result in denial of service. + tor + 2023-05-03 + 2023-05-03 + 808681 + 852821 + 890618 + remote + + + 0.4.7.13 + 0.4.7.13 + + + +

Tor is an implementation of second generation Onion Routing, a connection-oriented anonymizing communication service.

+ + +

Multiple vulnerabilities have been discovered in Tor. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All Tor users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=net-vpn/tor-0.4.7.13" + + + + CVE-2021-38385 + CVE-2022-33903 + CVE-2023-23589 + TROVE-2021-007 + TROVE-2022-001 + TROVE-2022-002 + + ajak + sam + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-12.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-12.xml new file mode 100644 index 0000000000..4522165ae5 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-12.xml @@ -0,0 +1,42 @@ + + + + sudo: Root Privilege Escalation + A vulnerability has been discovered in sudo which could result in root privilege escalation. + sudo + 2023-05-03 + 2023-05-03 + 891335 + remote + + + 1.9.12_p2 + 1.9.12_p2 + + + +

sudo allows a system administrator to give users the ability to run commands as other users.

+ + +

The sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process.

+ + +

The improper processing of user's environment variables could lead to the editing of arbitrary files as root, potentially leading to root privilege escalation.

+ + +

There is no known workaround at this time.

+ + +

All sudo users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=app-admin/sudo-1.9.12_p2" + + + + CVE-2023-22809 + + ajak + sam + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-13.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-13.xml new file mode 100644 index 0000000000..31de2ec7a1 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-13.xml @@ -0,0 +1,68 @@ + + + + Mozilla Thunderbird: Multiple Vulnerabilities + Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution. + thunderbird,thunderbird-bin + 2023-05-03 + 2023-05-03 + 885815 + 891217 + remote + + + 102.7.0 + 102.7.0 + + + 102.7.0 + 102.7.0 + + + +

Mozilla Thunderbird is a popular open-source email client from the Mozilla project.

+ + +

Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All Mozilla Thunderbird binary users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-bin-102.7.0" + + +

All Mozilla Thunderbird users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-102.7.0" + + + + CVE-2022-46871 + CVE-2022-46872 + CVE-2022-46874 + CVE-2022-46875 + CVE-2022-46877 + CVE-2022-46878 + CVE-2022-46880 + CVE-2022-46881 + CVE-2022-46882 + CVE-2023-23598 + CVE-2023-23599 + CVE-2023-23601 + CVE-2023-23602 + CVE-2023-23603 + CVE-2023-23605 + + ajak + sam + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-14.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-14.xml new file mode 100644 index 0000000000..f42e1eb0ac --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-14.xml @@ -0,0 +1,42 @@ + + + + uptimed: Root Privilege Escalation + A vulnerability has been discovered in uptimed which could result in root privilege escalation. + uptimed + 2023-05-03 + 2023-05-03 + 630810 + remote + + + 0.4.6-r1 + 0.4.6-r1 + + + +

uptimed is a system uptime record daemon that keeps track of your highest uptimes.

+ + +

Via unnecessary file ownership modifications in the pkg_postinst ebuild phase, the uptimed user could change arbitrary files to be owned by the uptimed user at emerge-time.

+ + +

The uptimed user could achieve root privileges when the uptimed package is emerged.

+ + +

There is no known workaround at this time.

+ + +

All uptimed users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=app-misc/uptimed-0.4.6-r1" + + + + CVE-2020-36657 + + ajak + sam + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-15.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-15.xml new file mode 100644 index 0000000000..fe69020612 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-15.xml @@ -0,0 +1,68 @@ + + + + systemd: Multiple Vulnerabilities + Multiple vulnerabilities have been discovered in systemd, the worst of which could result in denial of service. + systemd,systemd-tmpfiles,systemd-utils,udev + 2023-05-03 + 2023-05-03 + 880547 + 830967 + remote + + + 251.3 + 251.3 + + + 250 + + + 251.3 + 251.3 + + + 250 + + + +

A system and service manager.

+ + +

Multiple vulnerabilities have been discovered in systemd. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All systemd users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=sys-apps/systemd-251.3" + + +

All systemd-utils users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=sys-apps/systemd-utils-251.3" + + +

Gentoo has discontinued support for sys-apps/systemd-tmpfiles, sys-boot/systemd-boot, and sys-fs/udev. See the 2022-04-19-systemd-utils news item. Users should unmerge it in favor of sys-apps/systemd-utils on non-systemd systems:

+ + + # emerge --ask --depclean --verbose "sys-apps/systemd-tmpfiles" "sys-boot/systemd-boot" "sys-fs/udev" + # emerge --ask --verbose --oneshot ">=sys-apps/systemd-utils-251.3" + + + + CVE-2021-3997 + CVE-2022-3821 + + ajak + sam + diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-16.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-16.xml new file mode 100644 index 0000000000..4f71e42cd3 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-16.xml @@ -0,0 +1,155 @@ + + + + Vim, gVim: Multiple Vulnerabilities + Multiple vulnerabilities have been found in Vim, the worst of which could result in denial of service. + gvim,vim,vim-core + 2023-05-03 + 2023-05-03 + 851231 + 861092 + 869359 + 879257 + 883681 + 889730 + remote + + + 9.0.1157 + 9.0.1157 + + + 9.0.1157 + 9.0.1157 + + + 9.0.1157 + 9.0.1157 + + + +

Vim is an efficient, highly configurable improved version of the classic ‘vi’ text editor. gVim is the GUI version of Vim.

+ + +

Multiple vulnerabilities have been discovered in Vim, gVim. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All Vim users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=app-editors/vim-9.0.1157" + + +

All gVim users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=app-editors/gvim-9.0.1157" + + +

All vim-core users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=app-editors/vim-core-9.0.1157" + + + + CVE-2022-1154 + CVE-2022-1160 + CVE-2022-1381 + CVE-2022-1420 + CVE-2022-1616 + CVE-2022-1619 + CVE-2022-1620 + CVE-2022-1621 + CVE-2022-1629 + CVE-2022-1674 + CVE-2022-1720 + CVE-2022-1725 + CVE-2022-1733 + CVE-2022-1735 + CVE-2022-1769 + CVE-2022-1771 + CVE-2022-1785 + CVE-2022-1796 + CVE-2022-1851 + CVE-2022-1886 + CVE-2022-1897 + CVE-2022-1898 + CVE-2022-1927 + CVE-2022-1942 + CVE-2022-1968 + CVE-2022-2000 + CVE-2022-2042 + CVE-2022-2124 + CVE-2022-2125 + CVE-2022-2126 + CVE-2022-2129 + CVE-2022-2175 + CVE-2022-2182 + CVE-2022-2183 + CVE-2022-2206 + CVE-2022-2207 + CVE-2022-2208 + CVE-2022-2210 + CVE-2022-2231 + CVE-2022-2257 + CVE-2022-2264 + CVE-2022-2284 + CVE-2022-2285 + CVE-2022-2286 + CVE-2022-2287 + CVE-2022-2288 + CVE-2022-2289 + CVE-2022-2304 + CVE-2022-2343 + CVE-2022-2344 + CVE-2022-2345 + CVE-2022-2522 + CVE-2022-2816 + CVE-2022-2817 + CVE-2022-2819 + CVE-2022-2845 + CVE-2022-2849 + CVE-2022-2862 + CVE-2022-2874 + CVE-2022-2889 + CVE-2022-2923 + CVE-2022-2946 + CVE-2022-2980 + CVE-2022-2982 + CVE-2022-3016 + CVE-2022-3099 + CVE-2022-3134 + CVE-2022-3153 + CVE-2022-3234 + CVE-2022-3235 + CVE-2022-3256 + CVE-2022-3278 + CVE-2022-3296 + CVE-2022-3297 + CVE-2022-3324 + CVE-2022-3352 + CVE-2022-3491 + CVE-2022-3520 + CVE-2022-3591 + CVE-2022-3705 + CVE-2022-4141 + CVE-2022-4292 + CVE-2022-4293 + CVE-2022-47024 + CVE-2023-0049 + CVE-2023-0051 + CVE-2023-0054 + + ajak + sam + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-17.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-17.xml new file mode 100644 index 0000000000..579fc43f15 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-17.xml @@ -0,0 +1,56 @@ + + + + libsdl: Multiple Vulnerabilities + Multiple vulnerabilities have been found in libsdl, the worst of which could result in arbitrary code execution. + libsdl + 2023-05-03 + 2023-05-03 + 692388 + 836665 + 861809 + remote + + + 1.2.15_p20221201 + 1.2.15_p20221201 + + + +

Simple DirectMedia Layer is a cross-platform development library designed to provide low level access to audio, keyboard, mouse, joystick, and graphics hardware via OpenGL and Direct3D.

+ + +

Multiple vulnerabilities have been discovered in SDL. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All libsdl users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=media-libs/libsdl-1.2.15_p20221201" + + + + CVE-2019-7572 + CVE-2019-7573 + CVE-2019-7574 + CVE-2019-7575 + CVE-2019-7576 + CVE-2019-7577 + CVE-2019-7578 + CVE-2019-7635 + CVE-2019-7636 + CVE-2019-7638 + CVE-2019-13616 + CVE-2021-33657 + CVE-2022-34568 + + ajak + sam + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-18.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-18.xml new file mode 100644 index 0000000000..8a572e5fec --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-18.xml @@ -0,0 +1,44 @@ + + + + libsdl2: Multiple Vulnerabilities + Multiple vulnerabilities have been found in libsdl2, the worst of which could result in arbitrary code execution. + libsdl2 + 2023-05-03 + 2023-05-03 + 836665 + 890614 + remote + + + 2.26.0 + 2.26.0 + + + +

Simple DirectMedia Layer is a cross-platform development library designed to provide low level access to audio, keyboard, mouse, joystick, and graphics hardware via OpenGL and Direct3D.

+ + +

Multiple vulnerabilities have been discovered in libsdl2. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All libsdl2 users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=media-libs/libsdl2-2.26.0" + + + + CVE-2021-33657 + CVE-2022-4743 + + ajak + sam + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-19.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-19.xml new file mode 100644 index 0000000000..52d2b681f6 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-19.xml @@ -0,0 +1,51 @@ + + + + Firejail: Local Privilege Escalation + A vulnerability has been discovered in Firejail which could result in local root privilege escalation. + firejail,firejail-lts + 2023-05-03 + 2023-05-03 + 850748 + remote + + + 0.9.70 + 0.9.70 + + + 0.9.56.2-r1 + + + +

A SUID program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf.

+ + +

Firejail does not sufficiently validate the user's environment prior to using it as the root user when using the --join command line option.

+ + +

An unprivileged user can exploit this vulnerability to achieve local root privileges.

+ + +

System administrators can mitigate this vulnerability via adding either "force-nonewprivs yes" or "join no" to the Firejail configuration file in /etc/firejail/firejail.config.

+ + +

Gentoo has discontinued support for sys-apps/firejail-lts. Users should unmerge it in favor of sys-apps/firejail:

+ + + # emerge --ask --depclean --verbose "sys-apps/firejail-lts" + # emerge --ask --verbose "sys-apps/firejail" + + +

All Firejail users should upgrade to the latest version:

+ + + # emerge --ask --oneshot --verbose ">=sys-apps/firejail-0.9.70" + + + + CVE-2022-31214 + + ajak + sam + diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-20.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-20.xml new file mode 100644 index 0000000000..2b7cf1b8d5 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-20.xml @@ -0,0 +1,42 @@ + + + + libapreq2: Buffer Overflow + A buffer overflow vulnerability has been discovered in libapreq2 which could result in denial of service. + libapreq2 + 2023-05-03 + 2023-05-03 + 866536 + remote + + + 2.17 + 2.17 + + + +

libapreq is a shared library with associated modules for manipulating client request data via the Apache API.

+ + +

A buffer overflow could occur when processing multipart form uploads.

+ + +

An attacker could submit a crafted multipart form to trigger the buffer overflow and cause a denial of service.

+ + +

There is no known workaround at this time.

+ + +

All libapreq2 users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-apache/libapreq2-2.17" + + + + CVE-2022-22728 + + ajak + sam + diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-21.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-21.xml new file mode 100644 index 0000000000..2fff2cab64 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-21.xml @@ -0,0 +1,42 @@ + + + + Cairo: Buffer Overflow Vulnerability + A buffer overflow vulnerability has been discovered in Cairo which could result in denial of service. + cairo + 2023-05-03 + 2023-05-03 + 777123 + remote + + + 1.17.6 + 1.17.6 + + + +

Cairo is a 2D vector graphics library with cross-device output support.

+ + +

An attacker with the ability to provide input to Cairo's image-compositor can cause a buffer overwrite.

+ + +

Malicious input to Cairo's image-compositor can result in denial of service of the application using such Cairo functionality.

+ + +

There is no known workaround at this time.

+ + +

All Cairo users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=x11-libs/cairo-1.17.6" + + + + CVE-2020-35492 + + ajak + sam + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-22.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-22.xml new file mode 100644 index 0000000000..7498701d25 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-22.xml @@ -0,0 +1,45 @@ + + + + ISC DHCP: Multiple Vulnerabilities + Multiple vulnerabilities have been discovered in ISC DHCP, the worst of which could result in denial of service. + dhcp + 2023-05-03 + 2023-05-03 + 875521 + 792324 + remote + + + 4.4.3_p1 + 4.4.3_p1 + + + +

ISC DHCP is ISC's reference implementation of all aspects of the Dynamic Host Configuration Protocol.

+ + +

Multiple vulnerabilities have been discovered in ISC DHCP. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All ISC DHCP users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=net-misc/dhcp-4.4.3_p1" + + + + CVE-2021-25217 + CVE-2022-2928 + CVE-2022-2929 + + ajak + sam + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-23.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-23.xml new file mode 100644 index 0000000000..e86eb729ad --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-23.xml @@ -0,0 +1,65 @@ + + + + Lua: Multiple Vulnerabilities + Multiple vulnerabilities have been discovered in Lua, the worst of which could result in arbitrary code execution. + lua + 2023-05-03 + 2023-05-03 + 837521 + 831053 + 520480 + remote + + + 5.4.4-r103 + 5.2.3 + 5.1.5-r200 + 5.4.4-r103 + 5.2.3 + 5.1.5-r200 + 5.1.5-r4 + + + +

Lua is a powerful, efficient, lightweight, embeddable scripting language. It supports procedural programming, object-oriented programming, functional programming, data-driven programming, and data description.

+ + +

Multiple vulnerabilities have been discovered in Lua. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All Lua 5.1 users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=dev-lang/lua-5.1.5-r200" + + +

All Lua 5.3 users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=dev-lang/lua-5.2.3" + + +

All Lua 5.4 users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=dev-lang/lua-5.4.4-r103" + + + + CVE-2014-5461 + CVE-2021-44647 + CVE-2022-28805 + + ajak + sam + diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-24.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-24.xml new file mode 100644 index 0000000000..26691b0291 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-24.xml @@ -0,0 +1,67 @@ + + + + MediaWiki: Multiple Vulnerabilities + Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in denial of service. + mediawiki + 2023-05-21 + 2023-05-21 + 815376 + 829302 + 836430 + 855965 + 873385 + 888041 + remote + + + 1.38.5 + 1.38.5 + + + +

MediaWiki is a collaborative editing software, used by big projects like Wikipedia.

+ + +

Multiple vulnerabilities have been discovered in MediaWiki. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All MediaWiki users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-apps/mediawiki-1.38.5" + + + + CVE-2021-41798 + CVE-2021-41799 + CVE-2021-41800 + CVE-2021-44854 + CVE-2021-44855 + CVE-2021-44856 + CVE-2021-44857 + CVE-2021-44858 + CVE-2021-45038 + CVE-2022-28202 + CVE-2022-28205 + CVE-2022-28206 + CVE-2022-28209 + CVE-2022-31090 + CVE-2022-31091 + CVE-2022-34911 + CVE-2022-34912 + CVE-2022-41765 + CVE-2022-41766 + CVE-2022-41767 + CVE-2022-47927 + + ajak + ajak + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-25.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-25.xml new file mode 100644 index 0000000000..c4eecf0252 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-25.xml @@ -0,0 +1,47 @@ + + + + OWASP ModSecurity Core Rule Set: Multiple Vulnerabilities + Multiple vulnerabilities have been discovered in ModSecurity Core Rule Set, the worst of which could result in bypassing the WAF. + modsecurity-crs + 2023-05-21 + 2023-05-21 + 822003 + 872077 + remote + + + 3.3.4 + 3.3.4 + + + +

Modsecurity Core Rule Set is the OWASP ModSecurity Core Rule Set.

+ + +

Multiple vulnerabilities have been discovered in OWASP ModSecurity Core Rule Set. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All OWASP ModSecurity Core Rule Set users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-apache/modsecurity-crs-3.3.4" + + + + CVE-2021-35368 + CVE-2022-39955 + CVE-2022-39956 + CVE-2022-39957 + CVE-2022-39958 + + ajak + ajak + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-26.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-26.xml new file mode 100644 index 0000000000..2d1baf019b --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-26.xml @@ -0,0 +1,48 @@ + + + + LibreCAD: Multiple Vulnerabilities + Multiple vulnerabilities have been discovered in LibreCAD, the worst of which could result in denial of service. + librecad + 2023-05-21 + 2023-05-21 + 825362 + 832210 + remote + + + 2.1.3-r7 + 2.1.3-r7 + + + +

LibreCAD is a generic 2D CAD program.

+ + +

Multiple vulnerabilities have been discovered in LibreCAD. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All LibreCAD users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=media-gfx/librecad-2.1.3-r7" + + + + CVE-2021-21898 + CVE-2021-21899 + CVE-2021-21900 + CVE-2021-45341 + CVE-2021-45342 + CVE-2021-45343 + + ajak + ajak + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-27.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-27.xml new file mode 100644 index 0000000000..4880ff970c --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-27.xml @@ -0,0 +1,42 @@ + + + + Tinyproxy: Memory Disclosure + A vulnerability has been discovered in Tinyproxy which could be used to achieve memory disclosure. + tinyproxy + 2023-05-21 + 2023-05-21 + 871924 + remote + + + 1.11.1_p20220908 + 1.11.1_p20220908 + + + +

Tinyproxy is a light-weight HTTP/HTTPS proxy daemon for POSIX operating systems.

+ + +

Tinyproxy's request processing does not sufficiently null-initialize variables used in error pages.

+ + +

Contents of the Tinyproxy server's memory could be disclosed via generated error pages.

+ + +

There is no known workaround at this time.

+ + +

All Tinyproxy users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=net-proxy/tinyproxy-1.11.1_p20220908" + + + + CVE-2022-40468 + + ajak + ajak + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-28.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-28.xml new file mode 100644 index 0000000000..a49a0f6107 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-28.xml @@ -0,0 +1,47 @@ + + + + snakeyaml: Multiple Vulnerabilities + Multiple vulnerabilities have been found in snakeyaml, the worst of which could result in denial of service. + snakeyaml + 2023-05-21 + 2023-05-21 + 776796 + 868621 + remote + + + 1.33 + 1.33 + + + +

snakeyaml is a YAML 1.1 parser and emitter for Java.

+ + +

Multiple vulnerabilities have been discovered in snakeyaml. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All snakeyaml users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=dev-java/snakeyaml-1.33" + + + + CVE-2017-18640 + CVE-2022-38749 + CVE-2022-38750 + CVE-2022-38751 + CVE-2022-38752 + + ajak + ajak + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-29.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-29.xml new file mode 100644 index 0000000000..7e7de5c334 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-29.xml @@ -0,0 +1,44 @@ + + + + squashfs-tools: Multiple Vulnerabilities + Multiple vulnerabilities have been discovered in squashfs-tools, the worst of which can result in an arbitrary file write. + squashfs-tools + 2023-05-30 + 2023-05-30 + 810706 + 813654 + remote + + + 4.5_p20210914 + 4.5_p20210914 + + + +

Squashfs is a compressed read-only filesystem for Linux. Squashfs is intended for general read-only filesystem use, for archival use (i.e. in cases where a .tar.gz file may be used), and in constrained block device/memory systems (e.g. embedded systems) where low overhead is needed.

+ + +

Multiple vulnerabilities have been discovered in squashfs-tools. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All squashfs-tools users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=sys-fs/squashfs-tools-4.5_p20210914" + + + + CVE-2021-40153 + CVE-2021-41072 + + ajak + ajak + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-30.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-30.xml new file mode 100644 index 0000000000..502bd0aefb --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-30.xml @@ -0,0 +1,73 @@ + + + + X.Org X server, XWayland: Multiple Vulnerabilities + Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution. + xorg-server,xwayland + 2023-05-30 + 2023-05-30 + 829208 + 877459 + 885825 + 893438 + 903547 + remote + + + 21.1.8 + 21.1.8 + + + 23.1.1 + 23.1.1 + + + +

The X Window System is a graphical windowing system based on a client/server model.

+ + +

Multiple vulnerabilities have been discovered in X.Org X server, XWayland. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All X.Org X server users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=x11-base/xorg-server-21.1.8" + + +

All XWayland users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=x11-base/xwayland-23.1.1" + + + + CVE-2021-4008 + CVE-2021-4009 + CVE-2021-4010 + CVE-2021-4011 + CVE-2022-3550 + CVE-2022-3551 + CVE-2022-3553 + CVE-2022-4283 + CVE-2022-46283 + CVE-2022-46340 + CVE-2022-46341 + CVE-2022-46342 + CVE-2022-46343 + CVE-2022-46344 + CVE-2023-0494 + CVE-2023-1393 + ZDI-CAN-19596 + + ajak + ajak + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-31.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-31.xml new file mode 100644 index 0000000000..6a035f95e1 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-31.xml @@ -0,0 +1,53 @@ + + + + LibTIFF: Multiple Vulnerabilities + Multiple vulnerabilities have been found in LibTIFF, the worst of which could result in arbitrary code execution. + tiff + 2023-05-30 + 2023-05-30 + 891839 + 895900 + remote + + + 4.5.0-r2 + 4.5.0-r2 + + + +

LibTIFF provides support for reading and manipulating TIFF (Tagged Image File Format) images.

+ + +

Multiple vulnerabilities have been discovered in LibTIFF. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All LibTIFF users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=media-libs/tiff-4.5.0-r2" + + + + CVE-2022-48281 + CVE-2023-0795 + CVE-2023-0796 + CVE-2023-0797 + CVE-2023-0798 + CVE-2023-0799 + CVE-2023-0800 + CVE-2023-0801 + CVE-2023-0802 + CVE-2023-0803 + CVE-2023-0804 + + ajak + ajak + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-32.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-32.xml new file mode 100644 index 0000000000..c5c8459f06 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-32.xml @@ -0,0 +1,80 @@ + + + + WebKitGTK+: Multiple Vulnerabilities + Multiple vulnerabilities have been found in WebkitGTK+, the worst of which could result in arbitrary code execution. + webkit-gtk + 2023-05-30 + 2023-05-30 + 871732 + 879571 + 888563 + 905346 + 905349 + 905351 + remote + + + 2.40.1 + 2.40.1 + + + +

WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers.

+ + +

Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All WebKitGTK+ users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.40.1" + + + + CVE-2022-32885 + CVE-2022-32886 + CVE-2022-32888 + CVE-2022-32891 + CVE-2022-32923 + CVE-2022-42799 + CVE-2022-42823 + CVE-2022-42824 + CVE-2022-42826 + CVE-2022-42852 + CVE-2022-42856 + CVE-2022-42863 + CVE-2022-42867 + CVE-2022-46691 + CVE-2022-46692 + CVE-2022-46698 + CVE-2022-46699 + CVE-2022-46700 + CVE-2023-23517 + CVE-2023-23518 + CVE-2023-23529 + CVE-2023-25358 + CVE-2023-25360 + CVE-2023-25361 + CVE-2023-25362 + CVE-2023-25363 + CVE-2023-27932 + CVE-2023-27954 + CVE-2023-28205 + WSA-2022-0009 + WSA-2022-0010 + WSA-2023-0001 + WSA-2023-0002 + WSA-2023-0003 + + ajak + ajak + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-33.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-33.xml new file mode 100644 index 0000000000..a4f315de27 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-33.xml @@ -0,0 +1,85 @@ + + + + OpenImageIO: Multiple Vulnerabilities + Multiple vulnerabilities have been found in OpenImageIO, the worst of which could result in arbitrary code execution. + openimageio + 2023-05-30 + 2023-05-30 + 879255 + 884085 + 888045 + remote + + + 2.4.6.0 + 2.4.6.0 + + + +

OpenImageIO is a library for reading and writing images.

+ + +

Multiple vulnerabilities have been discovered in OpenImageIO. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All OpenImageIO users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=media-libs/openimageio-2.4.6.0" + + + + CVE-2022-4198 + CVE-2022-36354 + CVE-2022-38143 + CVE-2022-41639 + CVE-2022-41649 + CVE-2022-41684 + CVE-2022-41794 + CVE-2022-41837 + CVE-2022-41838 + CVE-2022-41977 + CVE-2022-41981 + CVE-2022-41988 + CVE-2022-41999 + CVE-2022-43592 + CVE-2022-43593 + CVE-2022-43594 + CVE-2022-43595 + CVE-2022-43596 + CVE-2022-43597 + CVE-2022-43598 + CVE-2022-43599 + CVE-2022-43600 + CVE-2022-43601 + CVE-2022-43602 + CVE-2022-43603 + TALOS-2022-1626 + TALOS-2022-1627 + TALOS-2022-1628 + TALOS-2022-1629 + TALOS-2022-1630 + TALOS-2022-1632 + TALOS-2022-1633 + TALOS-2022-1634 + TALOS-2022-1635 + TALOS-2022-1643 + TALOS-2022-1651 + TALOS-2022-1652 + TALOS-2022-1653 + TALOS-2022-1654 + TALOS-2022-1655 + TALOS-2022-1656 + TALOS-2022-1657 + + ajak + ajak + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-34.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-34.xml new file mode 100644 index 0000000000..602cbbcbd7 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-34.xml @@ -0,0 +1,85 @@ + + + + CGAL: Multiple Vulnerabilities + Multiple vulnerabilities have been found in CGAL, the worst of which could result in arbitrary code execution. + cgal + 2023-05-30 + 2023-05-30 + 774261 + remote + + + 5.4.1 + 5.4.1 + + + +

CGAL is a C++ library for geometric algorithms and data structures.

+ + +

Multiple vulnerabilities have been discovered in CGAL. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All CGAL users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=sci-mathematics/cgal-5.4.1" + + + + CVE-2020-28601 + CVE-2020-28602 + CVE-2020-28603 + CVE-2020-28604 + CVE-2020-28605 + CVE-2020-28606 + CVE-2020-28607 + CVE-2020-28608 + CVE-2020-28610 + CVE-2020-28611 + CVE-2020-28612 + CVE-2020-28613 + CVE-2020-28614 + CVE-2020-28615 + CVE-2020-28616 + CVE-2020-28617 + CVE-2020-28618 + CVE-2020-28619 + CVE-2020-28620 + CVE-2020-28621 + CVE-2020-28622 + CVE-2020-28623 + CVE-2020-28624 + CVE-2020-28625 + CVE-2020-28626 + CVE-2020-28627 + CVE-2020-28628 + CVE-2020-28629 + CVE-2020-28630 + CVE-2020-28631 + CVE-2020-28632 + CVE-2020-28633 + CVE-2020-28634 + CVE-2020-28635 + CVE-2020-28636 + CVE-2020-35628 + CVE-2020-35629 + CVE-2020-35630 + CVE-2020-35631 + CVE-2020-35632 + CVE-2020-35633 + CVE-2020-35634 + CVE-2020-35635 + CVE-2020-35636 + + ajak + ajak + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-35.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-35.xml new file mode 100644 index 0000000000..46e5337b62 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-35.xml @@ -0,0 +1,115 @@ + + + + Mozilla Firefox: Multiple Vulnerabilities + Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution. + firefox,firefox-bin + 2023-05-30 + 2023-05-30 + 895962 + 903618 + 905889 + remote + + + 102.10.0 + 112.0 + 102.10.0 + 112.0 + + + 102.10.0 + 112.0 + 102.10.0 + 112.0 + + + +

Mozilla Firefox is a popular open-source web browser from the Mozilla project.

+ + +

Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All Mozilla Firefox ESR binary users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-102.10.0:esr" + + +

All Mozilla Firefox ESR users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-client/firefox-102.10.0:esr" + + +

All Mozilla Firefox binary users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-112.0:rapid" + + +

All Mozilla Firefox users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-client/firefox-112.0:rapid" + + + + CVE-2023-0767 + CVE-2023-1945 + CVE-2023-1999 + CVE-2023-25728 + CVE-2023-25729 + CVE-2023-25730 + CVE-2023-25731 + CVE-2023-25732 + CVE-2023-25734 + CVE-2023-25735 + CVE-2023-25737 + CVE-2023-25738 + CVE-2023-25739 + CVE-2023-25742 + CVE-2023-25746 + CVE-2023-25748 + CVE-2023-25749 + CVE-2023-25750 + CVE-2023-25751 + CVE-2023-25752 + CVE-2023-28159 + CVE-2023-28160 + CVE-2023-28161 + CVE-2023-28162 + CVE-2023-28163 + CVE-2023-28164 + CVE-2023-28176 + CVE-2023-28177 + CVE-2023-29533 + CVE-2023-29535 + CVE-2023-29536 + CVE-2023-29537 + CVE-2023-29538 + CVE-2023-29539 + CVE-2023-29540 + CVE-2023-29541 + CVE-2023-29543 + CVE-2023-29544 + CVE-2023-29547 + CVE-2023-29548 + CVE-2023-29549 + CVE-2023-29550 + CVE-2023-29551 + + ajak + ajak + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-36.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-36.xml new file mode 100644 index 0000000000..efba568c15 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-36.xml @@ -0,0 +1,88 @@ + + + + Mozilla Thunderbird: Multiple Vulnerabilities + Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution. + thunderbird,thunderbird-bin + 2023-05-30 + 2023-05-30 + 895960 + 903619 + 905890 + remote + + + 102.10.0 + 102.10.0 + + + 102.10.0 + 102.10.0 + + + +

Mozilla Thunderbird is a popular open-source email client from the Mozilla project.

+ + +

Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All Mozilla Thunderbird users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-102.10.0" + + +

All Mozilla Thunderbird binary users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-bin-102.10.0" + + + + CVE-2023-0616 + CVE-2023-0767 + CVE-2023-1945 + CVE-2023-1999 + CVE-2023-25728 + CVE-2023-25729 + CVE-2023-25730 + CVE-2023-25732 + CVE-2023-25734 + CVE-2023-25735 + CVE-2023-25737 + CVE-2023-25738 + CVE-2023-25739 + CVE-2023-25740 + CVE-2023-25741 + CVE-2023-25742 + CVE-2023-25743 + CVE-2023-25744 + CVE-2023-25745 + CVE-2023-25746 + CVE-2023-25751 + CVE-2023-25752 + CVE-2023-28162 + CVE-2023-28163 + CVE-2023-28164 + CVE-2023-28176 + CVE-2023-28427 + CVE-2023-29533 + CVE-2023-29535 + CVE-2023-29536 + CVE-2023-29539 + CVE-2023-29541 + CVE-2023-29548 + CVE-2023-29550 + + ajak + ajak + \ No newline at end of file diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-37.xml b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-37.xml new file mode 100644 index 0000000000..1ce4a1d0b9 --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/glsa-202305-37.xml @@ -0,0 +1,52 @@ + + + + Apache Tomcat: Multiple Vulnerabilities + Multiple vulnerabilities have been found in Apache Tomcat, the worst of which could result in denial of service. + tomcat + 2023-05-30 + 2023-05-31 + 878911 + 889596 + 896370 + 907387 + remote + + + 8.5.88 + 8.5.88 + 9.0.74 + 9.0.74 + 10.1.8 + 10.1.8 + + + +

Apache Tomcat is a Servlet-3.0/JSP-2.2 Container.

+ + +

Multiple vulnerabilities have been discovered in Apache Tomcat. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All Apache Tomcat users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-servers/tomcat-10.1.8" + + + + CVE-2022-42252 + CVE-2022-45143 + CVE-2023-24998 + CVE-2023-28709 + + ajak + ajak + diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk b/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk index 57331a9aa7..a8713f6d04 100644 --- a/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.chk @@ -1 +1 @@ -Tue, 02 May 2023 07:09:52 +0000 +Thu, 01 Jun 2023 06:39:40 +0000 diff --git a/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.commit b/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.commit index e80ce1ae2c..cfc786be50 100644 --- a/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.commit +++ b/sdk_container/src/third_party/portage-stable/metadata/glsa/timestamp.commit @@ -1 +1 @@ -da9b5483883fcc611753d44d34c0ede9188ce21c 1673414531 2023-01-11T05:22:11+00:00 +023c3018165ffad6f1f6a874561e1c3c555cb505 1685499625 2023-05-31T02:20:25+00:00