From ce73e40b36a945c80a6c8b9fc06b31ee1259fa73 Mon Sep 17 00:00:00 2001
From: "taifu.gc" <taifu.gc@alibaba-inc.com>
Date: Tue, 13 Dec 2022 01:05:38 +0800
Subject: [PATCH] update to java-17-openjdk-17.0.5.0.8-2.el9.src.rpm

---
 NEWS                                          |  13 +-
 dist                                          |   1 -
 java-17-openjdk.spec                          | 477 +++++++++++-------
 remove-intree-libraries.sh                    |  11 +-
 ...ets-icedtea-6.0.0pre00-c848b93a8598.tar.xz | Bin 0 -> 23064 bytes
 5 files changed, 319 insertions(+), 183 deletions(-)
 delete mode 100644 dist
 create mode 100644 tapsets-icedtea-6.0.0pre00-c848b93a8598.tar.xz

diff --git a/NEWS b/NEWS
index b1f281d..0aacfef 100644
--- a/NEWS
+++ b/NEWS
@@ -275,6 +275,17 @@ make it clear they map to the current user:
 * "Windows-MY-CURRENTUSER" (same as "Windows-MY")
 * "Windows-ROOT-CURRENTUSER" (same as "Windows-ROOT")
 
+JDK-8286918: Better HttpServer service
+======================================
+The HttpServer can be optionally configured with a maximum connection
+limit by setting the jdk.httpserver.maxConnections system property. A
+value of 0 or a negative integer is ignored and considered to
+represent no connection limit. In the case of a positive integer
+value, any newly accepted connections will be first checked against
+the current count of established connections and, if the configured
+limit has been reached, then the newly accepted connection will be
+closed immediately.
+
 hotspot/runtime:
 
 JDK-8281181: CPU Shares Ignored When Computing Active Processor Count
@@ -369,6 +380,7 @@ Live versions of these release notes can be found at:
 * Security fixes
   - JDK-8272243: Improve DER parsing
   - JDK-8272249: Better properties of loaded Properties
+  - JDK-8273056, JDK-8283875, CVE-2022-21549: java.util.random does not correctly sample exponential or Gaussian distributions
   - JDK-8277608: Address IP Addressing
   - JDK-8281859, CVE-2022-21540: Improve class compilation
   - JDK-8281866, CVE-2022-21541: Enhance MethodHandle invocations
@@ -423,7 +435,6 @@ Live versions of these release notes can be found at:
   - JDK-8272493: Suboptimal code generation around Preconditions.checkIndex intrinsic with AVX2
   - JDK-8272908: Missing coverage for certain classes in com.sun.org.apache.xml.internal.security
   - JDK-8272964: java/nio/file/Files/InterruptCopy.java fails with java.lang.RuntimeException: Copy was not interrupted
-  - JDK-8273056: java.util.random does not correctly sample exponential or Gaussian distributions
   - JDK-8273095: vmTestbase/vm/mlvm/anonloader/stress/oome/heap/Test.java fails with "wrong OOME"
   - JDK-8273139: C2: assert(f <= 1 && f >= 0) failed: Incorrect frequency
   - JDK-8273142: Remove dependancy of TestHttpServer, HttpTransaction, HttpCallback from open/test/jdk/sun/net/www/protocol/http/ tests
diff --git a/dist b/dist
deleted file mode 100644
index 0ee7539..0000000
--- a/dist
+++ /dev/null
@@ -1 +0,0 @@
-an8_6
diff --git a/java-17-openjdk.spec b/java-17-openjdk.spec
index 0547830..865faaf 100644
--- a/java-17-openjdk.spec
+++ b/java-17-openjdk.spec
@@ -23,6 +23,8 @@
 %bcond_without staticlibs
 # Build a fresh libjvm.so for use in a copy of the bootstrap JDK
 %bcond_without fresh_libjvm
+# Build with system libraries
+%bcond_with system_libs
 
 # Workaround for stripping of debug symbols from static libraries
 %if %{with staticlibs}
@@ -39,6 +41,16 @@
 %global build_hotspot_first 0
 %endif
 
+%if %{with system_libs}
+%global system_libs 1
+%global link_type system
+%global freetype_lib %{nil}
+%else
+%global system_libs 0
+%global link_type bundled
+%global freetype_lib |libfreetype[.]so.*
+%endif
+
 # The -g flag says to use strip -g instead of full strip on DSOs or EXEs.
 # This fixes detailed NMT and other tools which need minimal debug info.
 # See: https://bugzilla.redhat.com/show_bug.cgi?id=1520879
@@ -190,11 +202,15 @@
 %global staticlibs_loop %{nil}
 %endif
 
+%if 0%{?flatpak}
+%global bootstrap_build false
+%else
 %ifarch %{bootstrap_arches}
 %global bootstrap_build true
 %else
 %global bootstrap_build false
 %endif
+%endif
 
 %if %{include_staticlibs}
 # Extra target for producing the static-libraries. Separate from
@@ -411,7 +427,7 @@
 # fix for https://bugzilla.redhat.com/show_bug.cgi?id=1111349
 #         https://bugzilla.redhat.com/show_bug.cgi?id=1590796#c14
 #         https://bugzilla.redhat.com/show_bug.cgi?id=1655938
-%global _privatelibs libsplashscreen[.]so.*|libawt_xawt[.]so.*|libjli[.]so.*|libattach[.]so.*|libawt[.]so.*|libextnet[.]so.*|libawt_headless[.]so.*|libdt_socket[.]so.*|libfontmanager[.]so.*|libinstrument[.]so.*|libj2gss[.]so.*|libj2pcsc[.]so.*|libj2pkcs11[.]so.*|libjaas[.]so.*|libjavajpeg[.]so.*|libjdwp[.]so.*|libjimage[.]so.*|libjsound[.]so.*|liblcms[.]so.*|libmanagement[.]so.*|libmanagement_agent[.]so.*|libmanagement_ext[.]so.*|libmlib_image[.]so.*|libnet[.]so.*|libnio[.]so.*|libprefs[.]so.*|librmi[.]so.*|libsaproc[.]so.*|libsctp[.]so.*|libsystemconf[.]so.*|libzip[.]so.*
+%global _privatelibs libsplashscreen[.]so.*|libawt_xawt[.]so.*|libjli[.]so.*|libattach[.]so.*|libawt[.]so.*|libextnet[.]so.*|libawt_headless[.]so.*|libdt_socket[.]so.*|libfontmanager[.]so.*|libinstrument[.]so.*|libj2gss[.]so.*|libj2pcsc[.]so.*|libj2pkcs11[.]so.*|libjaas[.]so.*|libjavajpeg[.]so.*|libjdwp[.]so.*|libjimage[.]so.*|libjsound[.]so.*|liblcms[.]so.*|libmanagement[.]so.*|libmanagement_agent[.]so.*|libmanagement_ext[.]so.*|libmlib_image[.]so.*|libnet[.]so.*|libnio[.]so.*|libprefs[.]so.*|librmi[.]so.*|libsaproc[.]so.*|libsctp[.]so.*|libsystemconf[.]so.*|libzip[.]so.*%{freetype_lib}
 %global _publiclibs libjawt[.]so.*|libjava[.]so.*|libjvm[.]so.*|libverify[.]so.*|libjsig[.]so.*
 %if %is_system_jdk
 %global __provides_exclude ^(%{_privatelibs})$
@@ -815,6 +831,9 @@ exit 0
 %{_jvmdir}/%{sdkdir -- %{?1}}/lib/libawt_headless.so
 %{_jvmdir}/%{sdkdir -- %{?1}}/lib/libdt_socket.so
 %{_jvmdir}/%{sdkdir -- %{?1}}/lib/libfontmanager.so
+%if ! %{system_libs}
+%{_jvmdir}/%{sdkdir -- %{?1}}/lib/libfreetype.so
+%endif
 %{_jvmdir}/%{sdkdir -- %{?1}}/lib/libinstrument.so
 %{_jvmdir}/%{sdkdir -- %{?1}}/lib/libj2gss.so
 %{_jvmdir}/%{sdkdir -- %{?1}}/lib/libj2pcsc.so
@@ -933,7 +952,7 @@ exit 0
 %ifarch %{sa_arches}
 %ifnarch %{zero_arches}
 %{_jvmdir}/%{sdkdir -- %{?1}}/bin/jhsdb
-%{_mandir}/man1/jhsdb-%{uniquesuffix -- %{?1}}.1.gz
+%{_mandir}/man1/jhsdb-%{uniquesuffix -- %{?1}}.1*
 %endif
 %endif
 %{_jvmdir}/%{sdkdir -- %{?1}}/bin/jinfo
@@ -972,11 +991,11 @@ exit 0
 %{_mandir}/man1/jstat-%{uniquesuffix -- %{?1}}.1*
 %{_mandir}/man1/jstatd-%{uniquesuffix -- %{?1}}.1*
 %{_mandir}/man1/serialver-%{uniquesuffix -- %{?1}}.1*
-%{_mandir}/man1/jdeprscan-%{uniquesuffix -- %{?1}}.1.gz
-%{_mandir}/man1/jlink-%{uniquesuffix -- %{?1}}.1.gz
-%{_mandir}/man1/jmod-%{uniquesuffix -- %{?1}}.1.gz
-%{_mandir}/man1/jshell-%{uniquesuffix -- %{?1}}.1.gz
-%{_mandir}/man1/jfr-%{uniquesuffix -- %{?1}}.1.gz
+%{_mandir}/man1/jdeprscan-%{uniquesuffix -- %{?1}}.1*
+%{_mandir}/man1/jlink-%{uniquesuffix -- %{?1}}.1*
+%{_mandir}/man1/jmod-%{uniquesuffix -- %{?1}}.1*
+%{_mandir}/man1/jshell-%{uniquesuffix -- %{?1}}.1*
+%{_mandir}/man1/jfr-%{uniquesuffix -- %{?1}}.1*
 
 %if %{with_systemtap}
 %dir %{tapsetroot}
@@ -1109,7 +1128,7 @@ Requires: lksctp-tools%{?_isa}
 # tool to copy jdk's configs - should be Recommends only, but then only dnf/yum enforce it,
 # not rpm transaction and so no configs are persisted when pure rpm -u is run. It may be
 # considered as regression
-Requires: copy-jdk-configs >= 3.3
+Requires: copy-jdk-configs >= 4.0
 OrderWithRequires: copy-jdk-configs
 %endif
 # for printing support
@@ -1320,7 +1339,7 @@ Patch3:    rh649512-remove_uses_of_far_in_jpeg_libjpeg_turbo_1_4_compat_for_jdk1
 Patch6: rh1684077-openjdk_should_depend_on_pcsc-lite-libs_instead_of_pcsc-lite-devel.patch
 
 # Crypto policy and FIPS support patches
-# Patch is generated from the fips-17u tree at https://github.com/rh-openjdk/jdk/tree/fips-17u-cpu-2022-07
+# Patch is generated from the fips-17u tree at https://github.com/rh-openjdk/jdk/tree/fips-17u
 # as follows: git diff %%{vcstag} src make > fips-17u-$(git show -s --format=%h HEAD).patch
 # Diff is limited to src and make subdirectories to exclude .github changes
 # Fixes currently included:
@@ -1359,7 +1378,13 @@ Patch2000: jdk8275535-rh2053256-ldap_auth.patch
 
 #############################################
 #
-# OpenJDK patches appearing in 17.0.6
+# OpenJDK patches appearing in 17.0.3
+#
+#############################################
+
+#############################################
+#
+# OpenJDK patches targetted for 17.0.6
 #
 #############################################
 # JDK-8293834: Update CLDR data following tzdata 2022c update
@@ -1378,14 +1403,8 @@ BuildRequires: desktop-file-utils
 # elfutils only are OK for build without AOT
 BuildRequires: elfutils-devel
 BuildRequires: fontconfig-devel
-BuildRequires: freetype-devel
-BuildRequires: giflib-devel
 BuildRequires: gcc-c++
 BuildRequires: gdb
-BuildRequires: harfbuzz-devel
-BuildRequires: lcms2-devel
-BuildRequires: libjpeg-devel
-BuildRequires: libpng-devel
 BuildRequires: libxslt
 BuildRequires: libX11-devel
 BuildRequires: libXi-devel
@@ -1410,7 +1429,6 @@ BuildRequires: libffi-devel
 # 2022d required as of JDK-8294357
 # Should be bumped to 2022e once available (JDK-8295173)
 BuildRequires: tzdata-java >= 2022d
-
 # Earlier versions have a bug in tree vectorization on PPC
 BuildRequires: gcc >= 4.8.3-8
 
@@ -1419,6 +1437,30 @@ BuildRequires: systemtap-sdt-devel
 %endif
 BuildRequires: make
 
+%if %{system_libs}
+BuildRequires: freetype-devel
+BuildRequires: giflib-devel
+BuildRequires: harfbuzz-devel
+BuildRequires: lcms2-devel
+BuildRequires: libjpeg-devel
+BuildRequires: libpng-devel
+%else
+# Version in src/java.desktop/share/native/libfreetype/include/freetype/freetype.h
+Provides: bundled(freetype) = 2.12.1
+# Version in src/java.desktop/share/native/libsplashscreen/giflib/gif_lib.h
+Provides: bundled(giflib) = 5.2.1
+# Version in src/java.desktop/share/native/libharfbuzz/hb-version.h
+Provides: bundled(harfbuzz) = 4.4.1
+# Version in src/java.desktop/share/native/liblcms/lcms2.h
+Provides: bundled(lcms2) = 2.12.0
+# Version in src/java.desktop/share/native/libjavajpeg/jpeglib.h
+Provides: bundled(libjpeg) = 6b
+# Version in src/java.desktop/share/native/libsplashscreen/libpng/png.h
+Provides: bundled(libpng) = 1.6.37
+# We link statically against libstdc++ to increase portability
+BuildRequires: libstdc++-static
+%endif
+
 # this is always built, also during debug-only build
 # when it is built in debug-only this package is just placeholder
 %{java_rpo %{nil}}
@@ -1768,8 +1810,11 @@ if [ $prioritylength -ne 8 ] ; then
 fi
 
 # OpenJDK patches
+
+%if %{system_libs}
 # Remove libraries that are linked by both static and dynamic builds
 sh %{SOURCE12} %{top_level_dir_name}
+%endif
 
 # Patch the JDK
 pushd %{top_level_dir_name}
@@ -1907,6 +1952,14 @@ function buildjdk() {
     local top_dir_abs_src_path=$(pwd)/%{top_level_dir_name}
     local top_dir_abs_build_path=$(pwd)/${outputdir}
 
+    # This must be set using the global, so that the
+    # static libraries still use a dynamic stdc++lib
+    if [ "x%{link_type}" = "xbundled" ] ; then
+        libc_link_opt="static";
+    else
+        libc_link_opt="dynamic";
+    fi
+
     echo "Using output directory: ${outputdir}";
     echo "Checking build JDK ${buildjdk} is operational..."
     ${buildjdk}/bin/java -version
@@ -1918,6 +1971,10 @@ function buildjdk() {
     mkdir -p ${outputdir}
     pushd ${outputdir}
 
+    # Note: zlib and freetype use %{link_type}
+    # rather than ${link_opt} as the system versions
+    # are always used in a system_libs build, even
+    # for the static library build
     bash ${top_dir_abs_src_path}/configure \
 %ifarch %{zero_arches}
     --with-jvm-variants=zero \
@@ -1938,13 +1995,14 @@ function buildjdk() {
     --with-native-debug-symbols="%{debug_symbols}" \
     --disable-sysconf-nss \
     --enable-unlimited-crypto \
-    --with-zlib=system \
+    --with-zlib=%{link_type} \
+    --with-freetype=%{link_type} \
     --with-libjpeg=${link_opt} \
     --with-giflib=${link_opt} \
     --with-libpng=${link_opt} \
     --with-lcms=${link_opt} \
     --with-harfbuzz=${link_opt} \
-    --with-stdc++lib=dynamic \
+    --with-stdc++lib=${libc_link_opt} \
     --with-extra-cxxflags="$EXTRA_CPP_FLAGS" \
     --with-extra-cflags="$EXTRA_CFLAGS" \
     --with-extra-ldflags="%{ourldflags}" \
@@ -2030,12 +2088,13 @@ for suffix in %{build_loop} ; do
     bootbuilddir=boot${builddir}
 
     if test "x${loop}" = "x%{main_suffix}" ; then
+      link_opt="%{link_type}"
+%if %{system_libs}
       # Copy the source tree so we can remove all in-tree libraries
       cp -a %{top_level_dir_name} %{top_level_dir_name_backup}
       # Remove all libraries that are linked
       sh %{SOURCE12} %{top_level_dir_name} full
-      # Use system libraries
-      link_opt="system"
+%endif
       # Debug builds don't need same targets as release for
       # build speed-up. We also avoid bootstrapping these
       # slower builds.
@@ -2053,9 +2112,11 @@ for suffix in %{build_loop} ; do
       else
         buildjdk ${builddir} ${systemjdk} "${maketargets}" ${debugbuild} ${link_opt}
       fi
+%if %{system_libs}
       # Restore original source tree we modified by removing full in-tree sources
       rm -rf %{top_level_dir_name}
       mv %{top_level_dir_name_backup} %{top_level_dir_name}
+%endif
     else
       # Use bundled libraries for building statically
       link_opt="bundled"
@@ -2385,9 +2446,10 @@ else
   return
   end
 end
--- run content of included file with fake args
-arg = {"--currentjvm", "%{uniquesuffix %{nil}}", "--jvmdir", "%{_jvmdir %{nil}}", "--origname", "%{name}", "--origjavaver", "%{javaver}", "--arch", "%{_arch}", "--temp", "%{rpm_state_dir}/%{name}.%{_arch}"}
-require "copy_jdk_configs.lua"
+arg = nil ;  -- it is better to null the arg up, no meter if they exists or not, and use cjc as module in unified way, instead of relaying on "main" method during require "copy_jdk_configs.lua"
+cjc = require "copy_jdk_configs.lua"
+args = {"--currentjvm", "%{uniquesuffix %{nil}}", "--jvmdir", "%{_jvmdir %{nil}}", "--origname", "%{name}", "--origjavaver", "%{javaver}", "--arch", "%{_arch}", "--temp", "%{rpm_state_dir}/%{name}.%{_arch}"}
+cjc.mainProgram(args)
 
 %post
 %{post_script %{nil}}
@@ -2583,58 +2645,66 @@ require "copy_jdk_configs.lua"
 %endif
 
 %changelog
-* Sat Oct 15 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.5.0.8-2
+* Wed Oct 26 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.5.0.8-2
+- Update to jdk-17.0.5+8 (GA)
+- Update release notes to 17.0.5+8 (GA)
+- Switch to GA mode for final release.
 - Update in-tree tzdata to 2022e with JDK-8294357 & JDK-8295173
 - Update CLDR data with Europe/Kyiv (JDK-8293834)
 - Drop JDK-8292223 patch which we found to be unnecessary
 - Update TestTranslations.java to use public API based on TimeZoneNamesTest upstream
-- Related: rhbz#2133695
-
-* Thu Oct 13 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.5.0.8-1
-- Update to jdk-17.0.5+8 (GA)
-- Update release notes to 17.0.5+8 (GA)
-- Switch to GA mode for final release.
-- * This tarball is embargoed until 2022-10-18 @ 1pm PT. *
+- The stdc++lib, zlib & freetype options should always be set from the global, so they are not altered for staticlibs builds
+- Remove freetype sources along with zlib sources
 - Resolves: rhbz#2133695
 
-* Tue Oct 04 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.5.0.7-0.1.ea
+* Tue Oct 04 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.5.0.7-0.2.ea
 - Update to jdk-17.0.5+7
 - Update release notes to 17.0.5+7
-- Resolves: rhbz#2132503
+- Resolves: rhbz#2130622
 
-* Mon Oct 03 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.5.0.1-0.1.ea
+* Mon Oct 03 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.5.0.1-0.2.ea
 - Update to jdk-17.0.5+1
 - Update release notes to 17.0.5+1
 - Switch to EA mode for 17.0.5 pre-release builds.
-- Related: rhbz#2132503
+- Bump HarfBuzz bundled version to 4.4.1 following JDK-8289853
+- Bump FreeType bundled version to 2.12.1 following JDK-8290334
+- Related: rhbz#2130622
+
+* Tue Aug 30 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.4.1.1-5
+- Switch to static builds, reducing system dependencies and making build more portable
+- Resolves: rhbz#2121268
+
+* Mon Aug 29 2022 Stephan Bergmann <sbergman@redhat.com> - 1:17.0.4.1.1-4
+- Fix flatpak builds (catering for their uncompressed manual pages)
+- Fix flatpak builds by exempting them from bootstrap
+- Resolves: rhbz#2102726
 
-* Fri Sep 02 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.4.1.1-2
+* Mon Aug 29 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.4.1.1-3
 - Update FIPS support to bring in latest changes
-- * RH2023467: Enable FIPS keys export
 - * RH2104724: Avoid import/export of DH private keys
 - * RH2092507: P11Key.getEncoded does not work for DH keys in FIPS mode
 - * Build the systemconf library on all platforms
 - * RH2048582: Support PKCS#12 keystores
 - * RH2020290: Support TLS 1.3 in FIPS mode
-- Resolves: rhbz#2123561
-- Resolves: rhbz#2123564
-- Resolves: rhbz#2123566
-- Resolves: rhbz#2123568
-- Resolves: rhbz#2123572
+- Resolves: rhbz#2104725
+- Resolves: rhbz#2117758
+- Resolves: rhbz#2115164
+- Resolves: rhbz#2029665
 
-* Sun Aug 21 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.4.1.1-1
+* Sun Aug 21 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.4.1.1-2
 - Update to jdk-17.0.4.1+1
 - Update release notes to 17.0.4.1+1
 - Add patch to provide translations for Europe/Kyiv added in tzdata2022b
 - Add test to ensure timezones can be translated
-- Resolves: rhbz#2120059
+- Resolves: rhbz#2119532
 
-* Wed Jul 20 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.4.0.8-0.2.ea
-- Add rpminspect.yaml to turn off Java bytecode inspections
-- java-17-openjdk deliberately produces Java 17 bytecode, not the default Java 11 bytecode
-- Resolves: rhbz#2109106
+* Fri Jul 22 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.4.0.8-3
+- Update to jdk-17.0.4.0+8
+- Update release notes to 17.0.4.0+8
+- Switch to GA mode for release
+- Resolves: rhbz#2106524
 
-* Wed Jul 20 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.4.0.8-0.2.ea
+* Wed Jul 20 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.4.0.7-0.2.ea
 - Revert the following changes until copy-java-configs has adapted to relative symlinks:
 - * Move cacerts replacement to install section and retain original of this and tzdb.dat
 - * Run tests on the installed image, rather than the build image
@@ -2642,85 +2712,108 @@ require "copy_jdk_configs.lua"
 - * Use relative symlinks so they work within the image
 - * Run debug symbols check during build stage, before the install strips them
 - The move of turning on system security properties is retained so we don't ship with them off
-- Related: rhbz#2084650
+- Related: rhbz#2084218
 
-* Wed Jul 20 2022 Jiri Vanek <jvanek@redhat.com> - 1:17.0.4.0.8-0.2.ea
-- Returned absolute symlinks
-- Relative symlinks are breaking cjc, and deeper investigations are necessary
--- why cjc intentionally skips relative symllinks
-- Images have to be workarounded differently
-- Related: rhbz#2084650
-
-* Mon Jul 18 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.4.0.8-1
-- Update to jdk-17.0.4.0+8
-- Update release notes to 17.0.4.0+8
+* Sat Jul 16 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.4.0.7-0.1.ea
+- Update to jdk-17.0.3.0+7
+- Update release notes to 17.0.3.0+7
 - Need to include the '.S' suffix in debuginfo checks after JDK-8284661
+- Explicitly require crypto-policies during build and runtime for system security properties
+- Make use of the vendor version string to store our version & release rather than an upstream release date
+- Include a test in the RPM to check the build has the correct vendor information.
+- Resolves: rhbz#2084218
+
+* Thu Jul 14 2022 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:17.0.4.0.1-0.2.ea
+- Fix issue where CheckVendor.java test erroneously passes when it should fail.
+- Add proper quoting so '&' is not treated as a special character by the shell.
+- Related: rhbz#2084218
+
+* Tue Jul 12 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.4.0.1-0.1.ea
+- Update to jdk-17.0.4.0+1
+- Update release notes to 17.0.4.0+1
+- Switch to EA mode for 17.0.4 pre-release builds.
 - Print release file during build, which should now include a correct SOURCE value from .src-rev
 - Update tarball script with IcedTea GitHub URL and .src-rev generation
 - Include script to generate bug list for release notes
 - Update tzdata requirement to 2022a to match JDK-8283350
 - Move EA designator check to prep so failures can be caught earlier
 - Make EA designator check non-fatal while upstream is not maintaining it
-- Explicitly require crypto-policies during build and runtime for system security properties
-- Make use of the vendor version string to store our version & release rather than an upstream release date
-- Include a test in the RPM to check the build has the correct vendor information.
-- Rebase FIPS patches from fips-17u branch and simplify by using a single patch from that repository
-- * RH2094027: SunEC runtime permission for FIPS
-- * RH2036462: sun.security.pkcs11.wrapper.PKCS11.getInstance breakage
-- * RH2090378: Revert to disabling system security properties and FIPS mode support together
-- Rebase RH1648249 nss.cfg patch so it applies after the FIPS patch
-- Enable system security properties in the RPM (now disabled by default in the FIPS repo)
-- Improve security properties test to check both enabled and disabled behaviour
-- Run security properties test with property debugging on
+- Related: rhbz#2084218
+
+* Fri Jul 08 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.7-5
+- Fix whitespace in spec file
+- Related: rhbz#2100677
+
+* Fri Jul 08 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.7-5
+- Sequence spec file sections as they are run by rpmbuild (build, install then test)
+- Related: rhbz#2100677
+
+* Fri Jul 08 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.7-5
 - Turn on system security properties as part of the build's install section
 - Move cacerts replacement to install section and retain original of this and tzdb.dat
 - Run tests on the installed image, rather than the build image
 - Introduce variables to refer to the static library installation directories
 - Use relative symlinks so they work within the image
 - Run debug symbols check during build stage, before the install strips them
-- Resolves: rhbz#2084650
-- Resolves: rhbz#2099913
-- Resolves: rhbz#2108206
-- Resolves: rhbz#2108209
-- Resolves: rhbz#2106521
+- Related: rhbz#2100677
 
-* Thu Jul 14 2022 Jayashree Huttanagoudar <jhuttana@redhat.com> - 1:17.0.4.0.1-0.2.ea
-- Fix issue where CheckVendor.java test erroneously passes when it should fail.
-- Add proper quoting so '&' is not treated as a special character by the shell.
-- Related: rhbz#2084650
-
-* Thu Jun 30 2022 Francisco Ferrari Bihurriet <fferrari@redhat.com> - 1:17.0.3.0.7-2
+* Thu Jun 30 2022 Francisco Ferrari Bihurriet <fferrari@redhat.com> - 1:17.0.3.0.7-4
 - RH2007331: SecretKey generate/import operations don't add the CKA_SIGN attribute in FIPS mode
-- Resolves: rhbz#2108190
+- Resolves: rhbz#2102433
 
-* Wed Apr 20 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.7-2
-- April 2022 security update to jdk 17.0.3+7
-- Update to jdk-17.0.3.0+7 tarball
-- Update release notes to 17.0.3.0+7
-- Add missing README.md and generate_source_tarball.sh
-- Resolves: rhbz#2073576
+* Wed Jun 22 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.7-3
+- Update FIPS support to bring in latest changes
+- * RH2036462: sun.security.pkcs11.wrapper.PKCS11.getInstance breakage
+- * RH2090378: Revert to disabling system security properties and FIPS mode support together
+- Rebase RH1648249 nss.cfg patch so it applies after the FIPS patch
+- Enable system security properties in the RPM (now disabled by default in the FIPS repo)
+- Improve security properties test to check both enabled and disabled behaviour
+- Run security properties test with property debugging on
+- Resolves: rhbz#2099844
+- Resolves: rhbz#2100677
 
-* Mon Feb 28 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-15
+* Sun Jun 12 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.7-2
+- Rebase FIPS patches from fips-17u branch and simplify by using a single patch from that repository
+- Rebase RH1648249 nss.cfg patch so it applies after the FIPS patch
+- RH2023467: Enable FIPS keys export
+- RH2094027: SunEC runtime permission for FIPS
+- Resolves: rhbz#2029657
+- Resolves: rhbz#2096117
+
+* Wed Apr 20 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.7-1
+- April 2022 security update to jdk 17.0.3+6
+- Update to jdk-17.0.3.0+6 pre-release tarball (17usec.17.0.3+5-220408)
+- Add JDK-8284548 regression fix missing from pre-release tarball but in jdk-17.0.3+6/jdk-17.0.3-ga
+- Update release notes to 17.0.3.0+6
+- Add missing README.md and generate_source_tarball.sh
+- Switch to GA mode for release
+- JDK-8283911 patch no longer needed now we're GA...
+- Resolves: rhbz#2073579
+
+* Wed Apr 06 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.5-0.1.ea
+- Update to jdk-17.0.3.0+5
+- Update release notes to 17.0.3.0+5
+- Resolves: rhbz#2050460
+
+* Tue Mar 29 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.3.0.1-0.1.ea
+- Update to jdk-17.0.3.0+1
+- Update release notes to 17.0.3.0+1
+- Switch to EA mode for 17.0.3 pre-release builds.
+- Add JDK-8283911 to fix bad DEFAULT_PROMOTED_VERSION_PRE value
+- Related: rhbz#2050460
+
+* Mon Feb 28 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-13
 - Enable AlgorithmParameters and AlgorithmParameterGenerator services in FIPS mode
-- Resolves: rhbz#2052070
+- Resolves: rhbz#2055383
 
-* Sun Feb 27 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-14
-- Introduce tests/tests.yml, based on the one in java-11-openjdk
-- Resolves: rhbz#2058493
-
-* Sun Feb 27 2022 Severin Gehwolf <sgehwolf@redhat.com> - 1:17.0.2.0.8-13
-- Use 'sql:' prefix in nss.fips.cfg as F35+ no longer ship the legacy
-  secmod.db file as part of nss
-- Resolves: rhbz#2023536
-
-* Sun Feb 27 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-12
-- Detect NSS at runtime for FIPS detection
-- Turn off build-time NSS linking and go back to an explicit Requires on NSS
-- Resolves: rhbz#2051605
+* Mon Feb 28 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-12
+- Add rpminspect.yaml to turn off Java bytecode inspections
+- java-17-openjdk deliberately produces Java 17 bytecode, not the default Java 11 bytecode
+- Resolves: rhbz#2023540
 
-* Fri Feb 25 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-11
-- Add JDK-8275535 patch to fix LDAP authentication issue.
-- Resolves: rhbz#2053256
+* Sun Feb 27 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-11
+- Introduce tests/tests.yml, based on the one in java-11-openjdk
+- Resolves: rhbz#2058490
 
 * Fri Feb 25 2022 Jiri Vanek <jvanek@redhat.com> - 1:17.0.2.0.8-10
 - Storing and restoring alterntives during update manually
@@ -2732,28 +2825,30 @@ require "copy_jdk_configs.lua"
 -- the selection in family
 -- Thus this fix, is storing the family of manually selected master, and if
 -- stored, then it is restoring the family of the master
-- Resolves: rhbz#2008200
+- Resolves: rhbz#2008206
 
 * Fri Feb 25 2022 Jiri Vanek <jvanek@redhat.com> - 1:17.0.2.0.8-9
 - Family extracted to globals
-- Resolves: rhbz#2008200
+- Related: rhbz#2008206
 
-* Fri Feb 25 2022 Jiri Vanek <jvanek@redhat.com> - 1:17.0.2.0.8-8
-- alternatives creation moved to posttrans
-- Thus fixing the old reisntall issue:
-- https://bugzilla.redhat.com/show_bug.cgi?id=1200302
-- https://bugzilla.redhat.com/show_bug.cgi?id=1976053
-- Resolves: rhbz#2008200
+* Wed Feb 23 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-8
+- Detect NSS at runtime for FIPS detection
+- Turn off build-time NSS linking and go back to an explicit Requires on NSS
+- Resolves: rhbz#2052829
 
-* Mon Feb 21 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-7
+* Wed Feb 23 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-7
+- Add JDK-8275535 patch to fix LDAP authentication issue.
+- Resolves: rhbz#2053521
+
+* Mon Feb 21 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-6
 - Separate crypto policy initialisation from FIPS initialisation, now they are no longer interdependent
-- Resolves: rhbz#2051590
+- Resolves: rhbz#2052819
 
-* Fri Feb 18 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-6
+* Fri Feb 18 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-5
 - Fix FIPS issues in native code and with initialisation of java.security.Security
-- Resolves: rhbz#2023378
+- Resolves: rhbz#2023531
 
-* Thu Feb 17 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-5
+* Thu Feb 17 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-4
 - Restructure the build so a minimal initial build is then used for the final build (with docs)
 - This reduces pressure on the system JDK and ensures the JDK being built can do a full build
 - Turn off bootstrapping for slow debug builds, which are particularly slow on ppc64le.
@@ -2766,92 +2861,108 @@ require "copy_jdk_configs.lua"
 - Support a HotSpot-only build so a freshly built libjvm.so can then be used in the bootstrap JDK.
 - Explicitly list JIT architectures rather than relying on those with slowdebug builds
 - Disable the serviceability agent on Zero architectures even when the architecture itself is supported
-- Resolves: rhbz#2022822
+- Resolves: rhbz#2022826
 
-* Thu Feb 17 2022 Jiri Vanek <jvanek@redhat.com> - 1:17.0.2.0.8-5
+* Thu Feb 17 2022 Jiri Vanek <jvanek@redhat.com> - 1:17.0.2.0.8-4
 - Replaced tabs by sets of spaces to make rpmlint happy
 - javadoc-zip gets its own provides next to plain javadoc ones
-- Resolves: rhbz#2022822
+- Resolves: rhbz#2022826
 
-* Tue Feb 08 2022 Jiri Vanek <jvanek@redhat.com> - 1:17.0.2.0.8-4
+* Wed Feb 16 2022 Jiri Vanek <jvanek@redhat.com> - 1:17.0.2.0.8-3
 - Minor cosmetic improvements to make spec more comparable between variants
-- Related: rhbz#2022822
+- Related: rhbz#2022826
 
-* Thu Feb 03 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-3
+* Wed Feb 16 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-2
 - Update tapsets from IcedTea 6.x repository with fix for JDK-8015774 changes (_heap->_heaps) and @JAVA_SPEC_VER@
 - Update icedtea_sync.sh with a VCS mode that retrieves sources from a Mercurial repository
-- Related: rhbz#2022822
-
-* Thu Feb 03 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-2
-- Extend LTS check to exclude EPEL.
-- Related: rhbz#2022822
+- Related: rhbz#2022826
 
-* Thu Feb 03 2022 Severin Gehwolf <sgehwolf@redhat.com> - 1:17.0.2.0.8-2
-- Set LTS designator.
-- Related: rhbz#2022822
-
-* Wed Jan 12 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-1
+* Fri Feb 11 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.2.0.8-1
 - January 2022 security update to jdk 17.0.2+8
 - Rebase RH1995150 & RH1996182 patches following JDK-8275863 addition to module-info.java
 - Rename libsvml.so to libjsvml.so following JDK-8276025
-- Resolves: rhbz#2039366
+- Drop JDK-8276572 patch which is now upstream
+- Resolves: rhbz#2039392
 
-* Thu Oct 28 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.1.0.12-3
+* Thu Feb 10 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.1.0.12-3
 - Sync desktop files with upstream IcedTea release 3.15.0 using new script
-- Related: rhbz#2013842
+- Related: rhbz#2022826
+
+* Mon Nov 29 2021 Severin Gehwolf <sgehwolf@redhat.com> - 1:17.0.1.0.12-2
+- Use 'sql:' prefix in nss.fips.cfg as F35+ no longer ship the legacy
+  secmod.db file as part of nss
+- Resolves: rhbz#2023537
 
-* Tue Oct 26 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.1.0.12-2
-- Drop JDK-8272332/RH2004078 patch which is upstream in 17.0.1
-- Resolves: rhbz#2013842
+* Tue Nov 16 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.1.0.12-1
+- Drop JDK-8272332 patch now included upstream.
+- Resolves: rhbz#2013846
 
-* Wed Oct 20 2021 Petra Alice Mikova <pmikova@redhat.com> - 1:17.0.1.0.12-2
+* Tue Nov 16 2021 Petra Alice Mikova <pmikova@redhat.com> - 1:17.0.1.0.12-1
 - October CPU update to jdk 17.0.1+12
 - Dropped commented-out source line
-- Resolves: rhbz#2013842
+- Resolves: rhbz#2013846
+
+* Tue Nov 09 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.35-8
+- Extend LTS check to exclude EPEL.
+- Related: rhbz#2013846
+
+* Tue Nov 09 2021 Severin Gehwolf <sgehwolf@redhat.com> - 1:17.0.0.0.35-8
+- Set LTS designator.
+- Related: rhbz#2013846
+
+* Mon Nov 08 2021 Jiri Vanek <jvanek@redhat.com> - 1:17.0.0.0.35-7
+- alternatives creation moved to posttrans
+- Thus fixing the old reinstall issue:
+- https://bugzilla.redhat.com/show_bug.cgi?id=1200302
+- https://bugzilla.redhat.com/show_bug.cgi?id=1976053
+- Resolves: rhbz#2008206
+
+* Fri Nov 05 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.35-6
+- Patch syslookup.c so it actually has some code to be compiled into libsyslookup
+- Related: rhbz#2013846
 
-* Sun Oct 10 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.35-6
+* Sun Oct 10 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.35-5
 - Allow plain key import to be disabled with -Dcom.redhat.fips.plainKeySupport=false
-- Resolves: rhbz#1994661
+- Resolves: rhbz#1994682
 
-* Sun Oct 10 2021 Martin Balao <mbalao@redhat.com> - 1:17.0.0.0.35-6
+* Sun Oct 10 2021 Martin Balao <mbalao@redhat.com> - 1:17.0.0.0.35-5
 - Add patch to allow plain key import.
-- Resolves: rhbz#1994661
+- Resolves: rhbz#1994682
 
-* Mon Sep 27 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.35-5
+* Mon Sep 27 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.35-4
 - Update release notes to document the major changes between OpenJDK 11 & 17.
-- Resolves: rhbz#2003072
+- Resolves: rhbz#2000925
 
 * Thu Sep 16 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.35-3
 - Update to jdk-17+35, also known as jdk-17-ga.
 - Switch to GA mode.
 - Add JDK-8272332 fix so we actually link against HarfBuzz.
-- Resolves: rhbz#2003072
-- Resolves: rhbz#2004078
+- Resolves: rhbz#2000925
 
 * Mon Aug 30 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.33-0.5.ea
 - Extend the default security policy to accomodate PKCS11 accessing jdk.internal.access.
-- Resolves: rhbz#1996182
+- Resolves: rhbz#1997359
 
 * Sat Aug 28 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.33-0.4.ea
 - Fix unused function compiler warning found in systemconf.c
-- Related: rhbz#1995150
+- Related: rhbz#1995889
 
 * Sat Aug 28 2021 Martin Balao <mbalao@redhat.com> - 1:17.0.0.0.33-0.4.ea
 - Add patch to login to the NSS software token when in FIPS mode.
-- Resolves: rhbz#1996182
+- Resolves: rhbz#1997359
 
 * Fri Aug 27 2021 Martin Balao <mbalao@redhat.com> - 1:17.0.0.0.33-0.3.ea
 - Add patch to disable non-FIPS crypto in the SUN and SunEC security providers.
-- Resolves: rhbz#1995150
+- Resolves: rhbz#1995889
 
 * Fri Aug 27 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.33-0.2.ea
 - Minor code cleanups on FIPS detection patch and check for SECMOD_GetSystemFIPSEnabled in configure.
 - Remove unneeded Requires on NSS as it will now be dynamically linked and detected by RPM.
-- Related: rhbz#1995150
+- Related: rhbz#1995889
 
 * Fri Aug 27 2021 Martin Balao <mbalao@redhat.com> - 1:17.0.0.0.33-0.2.ea
 - Detect FIPS using SECMOD_GetSystemFIPSEnabled in the new libsystemconf JDK library.
-- Related: rhbz#1995150
+- Related: rhbz#1995889
 
 * Thu Aug 26 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.33-0.1.ea
 - Update RH1655466 FIPS patch with changes in OpenJDK 8 version.
@@ -2862,51 +2973,56 @@ require "copy_jdk_configs.lua"
 - Enable alignment with FIPS crypto policy by default (-Dcom.redhat.fips=false to disable).
 - Add explicit runtime dependency on NSS for the PKCS11 provider in FIPS mode
 - Move setup of JavaSecuritySystemConfiguratorAccess to Security class so it always occurs (RH1915071)
-- Related: rhbz#1995150
+- Related: rhbz#1995889
 
 * Thu Aug 26 2021 Martin Balao <mbalao@redhat.com> - 1:17.0.0.0.33-0.1.ea
 - Support the FIPS mode crypto policy (RH1655466)
 - Use appropriate keystore types when in FIPS mode (RH1818909)
 - Disable TLSv1.3 when the FIPS crypto policy and the NSS-FIPS provider are in use (RH1860986)
-- Related: rhbz#1995150
+- Related: rhbz#1995889
 
 * Thu Aug 26 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.33-0.0.ea
 - Update to jdk-17+33, including JDWP fix and July 2021 CPU
-- Resolves: rhbz#1959487
+- Resolves: rhbz#1870625
 
 * Thu Aug 26 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.26-0.5.ea
 - Use the "reverse" build loop (debug first) as the main and only build loop to get more diagnostics.
 - Remove restriction on disabling product build, as debug packages no longer have javadoc packages.
-- Resolves: rhbz#1959487
+- Resolves: rhbz#1870625
 
-* Wed Aug 25 2021 Petra Alice Mikova <pmikova@redhat.com> - 1:17.0.0.0.26-0.4.ea
+* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1:17.0.0.0.26-0.4.ea.1
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688
+
+* Wed Jul 14 2021 Petra Alice Mikova <pmikova@redhat.com> - 1:17.0.0.0.26-0.4.ea
 - Fix patch rh1648249-add_commented_out_nss_cfg_provider_to_java_security.patch which made the SunPKCS provider show up again
-- Resolves: rhbz#1959487
+- Resolves: rhbz#1870625
+
+* Tue Jul 13 2021 Jiri Vanek <pmikova@redhat.com> - 1:17.0.0.0.26-0.3.ea
+- Add gating support
+- Resolves: rhbz#1870625
 
-* Wed Aug 25 2021 Severin Gehwolf <sgehwolf@redhat.com> - 1:17.0.0.0.26-0.3.ea
+* Fri Jun 25 2021 Severin Gehwolf <sgehwolf@redhat.com> - 1:17.0.0.0.26-0.2.ea
 - Re-enable TestSecurityProperties after inclusion of PR3695
-- Resolves: rhbz#1959487
+- Resolves: rhbz#1870625
 
-* Wed Aug 25 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.26-0.3.ea
+* Fri Jun 25 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.26-0.2.ea
 - Add PR3695 to allow the system crypto policy to be turned off
-- Resolves: rhbz#1959487
+- Resolves: rhbz#1870625
 
-* Wed Jul 14 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.26-0.2.ea
+* Fri Jun 25 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.26-0.1.ea
 - Remove boot JDKs in favour of OpenJDK 17 build now in the buildroot.
-- Resolves: rhbz#1959487
+- Resolves: rhbz#1870625
 
-* Wed Jul 14 2021 Severin Gehwolf <sgehwolf@redhat.com> - 1:17.0.0.0.26-0.2.ea
+* Thu Jun 24 2021 Severin Gehwolf <sgehwolf@redhat.com> - 1:17.0.0.0.26-0.1.ea
 - Update buildjdkver to 17 so as to build with itself
-- Resolves: rhbz#1959487
-
-* Tue Jul 13 2021 Jiri Vanek <jvanek@redhat.com> - 1:17.0.0.0.26-0.1.ea
-- Add gating support
-- Resolves: rhbz#1959487
+- Resolves: rhbz#1870625
 
 * Mon Jun 21 2021 Andrew Hughes <gnu.andrew@redhat.com> - 1:17.0.0.0.26-0.0.ea
-- Rename as java-17-openjdk and bootstrap using boot JDK in local sources
+- Rename to java-17-openjdk and bootstrap using boot JDK in local sources
 - Exclude x86 as this is not supported by OpenJDK 17
-- Resolves: rhbz#1959487
+- Use unzip to test src.zip to avoid looking for jar on path
+- Resolves: rhbz#1870625
 
 * Fri Jun 11 2021 Petra Alice Mikova <pmikova@redhat.com> - 1:17.0.0.0.26-0.0.ea.rolling
 - update sources to jdk 17.0.0+26
@@ -2920,6 +3036,9 @@ require "copy_jdk_configs.lua"
 - add lib/libsvml.so for intel
 - skip debuginfo check for libsyslookup.so on s390x
 
+* Fri May 07 2021 Jiri Vanek <jvanek@redhat.com> - 1:16.0.1.0.9-2.rolling
+- removed cjc backward comaptiblity, to fix when both rpm 4.16 and 4.17 are in transaction
+
 * Thu Apr 29 2021 Jiri Vanek <jvanek@redhat.com> -  1:16.0.1.0.9-2.rolling
 - adapted to debug handling  in newer cjc
 - The rest of the "rpm 4.17" patch must NOT be backported, as on rpm 4.16 and down, it would casue double execution
diff --git a/remove-intree-libraries.sh b/remove-intree-libraries.sh
index e999c7e..25c2fc8 100644
--- a/remove-intree-libraries.sh
+++ b/remove-intree-libraries.sh
@@ -5,6 +5,7 @@ TREE=${1}
 TYPE=${2}
 
 ZIP_SRC=src/java.base/share/native/libzip/zlib/
+FREETYPE_SRC=src/java.desktop/share/native/libfreetype/
 JPEG_SRC=src/java.desktop/share/native/libjavajpeg/
 GIF_SRC=src/java.desktop/share/native/libsplashscreen/giflib/
 PNG_SRC=src/java.desktop/share/native/libsplashscreen/libpng/
@@ -31,15 +32,21 @@ cd ${TREE}
 
 echo "Removing built-in libs (they will be linked)"
 
-# On full runs, allow for zlib having already been deleted by minimal
+# On full runs, allow for zlib & freetype having already been deleted by minimal
 echo "Removing zlib"
 if [ "x${TYPE}" = "xminimal" -a ! -d ${ZIP_SRC} ]; then
 	echo "${ZIP_SRC} does not exist. Refusing to proceed."
 	exit 1
 fi	
 rm -rvf ${ZIP_SRC}
+echo "Removing freetype"
+if [ "x${TYPE}" = "xminimal" -a ! -d ${FREETYPE_SRC} ]; then
+	echo "${FREETYPE_SRC} does not exist. Refusing to proceed."
+	exit 1
+fi
+rm -rvf ${FREETYPE_SRC}
 
-# Minimal is limited to just zlib so finish here
+# Minimal is limited to just zlib and freetype so finish here
 if test "x${TYPE}" = "xminimal"; then
     echo "Finished.";
     exit 0;
diff --git a/tapsets-icedtea-6.0.0pre00-c848b93a8598.tar.xz b/tapsets-icedtea-6.0.0pre00-c848b93a8598.tar.xz
new file mode 100644
index 0000000000000000000000000000000000000000..bc4e1747e3a003d6e7e64363425c8e286044c792
GIT binary patch
literal 23064
zcmV(jK=!}=H+ooF000E$*0e?f03iVu0001VFXf};U;kOwT>v+n2+ok0B$75AOCi$T
zRGlaibuVJ1%T}^^*BuKrFZmg@u>6GjEj)bUBZ1fEA0tP7*3`GKndbxC?Ec(s%y(<G
zJXLPIn<fYf>+bv_xU`a0O}RV}wL>tOzMN$Bo$K-UOHS%wrj}~!UZHbL&7A7^t33Kr
zg=O|dC?kgP`>p^79}<hvod@eGwMH<ewcDlNG0gIGytI!Ds)0EK`yYRi;>A0D>*~7>
zBekb(hPHJsEOM02nj~>PVY6r(q-b}ctmA~}qzX_~pQY$Nn@;oPnN1Xou_U>lS5&8k
zj7$h0i`gW_;v*;^b>af04m8gYxxKCP3o#PJfh&+fC>vP!3UOO_7B$-6E06HsduV&~
zrlDHR8+CMTsCaAE<UsaxQ#w7<A;v4jbt)_1rvs!Gcu7y(c5SJVdfHL0li?P#PJ?qX
z=SCX{;38V41Jacmf8zF9dJJn)Z`h&{kpai+x2t|TBL^sDu{ae+=8uwF0Q2~$%@p&m
zOA2TIB9QFkAvR=2zsz5S?^X3jl>B<`7BKWZ#~I_=#lnSvTL|0M4yGegy-_^D#RKJ%
zR4*PqCYQG*-nN}dM(y9w(G}6hO^nA^py&)5DReMw3=6&`-Qxx~QVi2!#2R&ya=F7`
z9i-xde^!(&HTt72nx*|~@;vu6HFd-9DIjA^62<BvYjD4GS=9nSSinbL{k4T;X%XX&
z?MvOjR;ymWT7cig{i$tp!vf;1@-E}QHC<YEIV}g5daomkmJqFsg3=7U;51~Zx-O%#
z3`AlC-*t`LLhxsNN@a%_a#LqjYOoPY6IwW&<s_agH73W9VnPG9O?IH**&l;`iFG^k
zpuNXoxsOq~k&mz2Pqx2;+VP)DDsgtk&cRqcIk3d=0$TBjwPnL#W$ChM(jV#A*bJ4M
z*z%l{M{wmRmlB=H^VnN9d-|I3sLCMGl@y&sJ|yZ4m2o1~b=HmiBXlg=`}jm%{xkZ)
z)-G*VjK|t~$U6QUYP}=551H95Q#;$CvNcw6tZt~@M`9(Qed;o*o#skWKAz<-$u7**
z0Kn!W7EDr48oQRaNq>pEEGsy%V($h6v=ek&H%fWr%*$It4FwAu5k<%k+q0%D@q-Yv
zozq<(^nyPGR+1?(Ins`yT($@Tl+32W4SqL+UAQ@MK#K1ic!E>ZW0s4@KLko!e?ssa
zQO@-9H7fg+nmn9HugHiED&n$^_X*t?d?k`gne^BDCl1M6VPH>ic6E~P`SJ)SEgkq>
zwJn2_o435s1;`}lG4e63M&YESsgUdz=9Dc!cG}|Vl)l;VEV8m0b&ne&&G!IdiyrR?
z;7^T9B%DSIIPqdgnI9xbGJg#Pkb~ja;@8UTrc!n1(<LLQ$rg*!W#sDrS)<s>PDbj9
zM6n~np4Wa7)!g-9zBB6zw><F*<SGl0Z;B#RrvE_r&LUJJk>^TAv?Y-$ufE@QCI&#7
zLoxrw>KD!5j`0UXr+Q{_b)yLI+WpFtHc{y+T{aOAo9ajv)+$}yDp8zu?~{~dk$zQj
z{-IrK!p=}<PZ1uHlaK;K<nUq5Vz3V#8H=_&Ym=YGvW>FO@f+4Owyn5CT0H9ubeBWT
zgU>g!rMj$dYuV$)Q~k3589K#5R)#q{!go`^@V98R<z@2QuEgNfZFEtkMfZ!OChI=a
zIXS0)=ktmW5jRYze4DvIa_NCR%s!ErED_bNO92bhtEF<vT3X;g(1q***IXof7R+bU
zsbW|oUq1aHgkK9kqm(iR@DQE&e!@yHryaOu<c4?8&oHG!m<ec1b*I*zOhSU)t=P)z
zxY2##8qZD}@#57}*$7EKAj3LIIQ(8Z9*GKgBWI`voCWYVGgZV%A4qI>2-)eyj<KmI
z3kVq;fOC7BC1}<Zw9<B!BDHA5&YQYR;iZv|ZSfddwly!&qxX5gL_5y}*%Z(!AZHlK
zW(j-rqXBtJzRBIjYDtD-ZA^BlVr9{w(71!FHaVvi2f13nz~NM~1}jF4Mr0t7!|msV
z9&rL#JTrl{I8S+~nhPR2l%(twevjm*)&2j)wB;48)J{-l)~}e-4=rv%pnS}g&8P=E
zVU<#cG3HU_(uHaar*f~~N^*@yiFMeBMf1`aaqkF??I10~`ASG^)?|wECphb2n-j%^
z=f8|k9LNTWD$>IrB@@tflLK(XL$TN`>|uD<u=5iSRWRs+!vR{>gJ1;a&dB)4a&`!X
zf5s8_3u+Us817_>K}jsAliGSQ)tnU@ftCA_Th9lP=`;%${>7wInd4ZEv(7omJSwVT
zQa7-}={-2lH*F9U&G6WvE_Ajl^9kSE%^vJYg+%vKPH@A|awaz#a2U&&ar{RA1!Av^
zV3M5Lg%92?BSeHy^#HYKlOw7e^3YfhF8Ic|4VH806Q_Ov$|5Vj+$S``RgkICK{Z_B
z?=riE(b(z->geH_K56f}wVzbt06kWn9!H<p<2CY!YMD92VQO`m>iYIvEISDg`s628
zO?9zMJHc$>g6mfSDQ88ELZ;VHZ+$I@3~<bLk|c`H4f83|IrbaEUfdM=UQUc1^=aqx
z0(GYko9!fBQ1o2_X$AH*+-lTHGOc^Fme+F}Dbc5c3*h+jIJWyO0IO%>J<(4Zym@0;
zG`PU)R9jo9)!aQ_NkdachUnCrl$jwh?fJmMv6<|NQ8t!niUw`mlAWCIa^umixeP=A
zE}_D>cQ_ne@P9TgGNepr=n9k9^k~Mmd5GV;pBl0-)qj0P{jYY$I^5J?QoW>&YRY}R
zwpTg1HK&Ck<#e6D1v;G@C81Z+a(2b<dzeN=uOB1?aFFXVQr7c(TmSJIX<jdHohg#j
zPp8CZ_L{GD{727KBo&lm2*Hl&5Kx&_feXLyX6;{MML+eZm(EfnME#5@S>s>$-58&|
zGx%+2YY*YHM50KgN$E6#6wgfWSSy^MpHs3w@q-hNCenPq`-gOeEYxX+(P1fj1f%@K
zK!wF@z?$uv$4VVC86mm1F!zV76ZqZ>i|1q*p^kLy99mv9TS;2#WrE+%lwrV2>T-*C
zc7zzb!01nTMcBO+207j}l9}!N;pe1i@Fyy;W#S6gGlXs|$gw@^f9n#n!Re?E8~OZ`
zb?*E4@7bj1QkVSX!XUjeeA<g~No1aQ%S0!HEx^9TWUJziuZf$68IMj$YaWk;8WZ>@
zFB>gJB@puL){EK`3T#54Ma1>CF}s|=ncdrr4>W`<dDD&pij+#bSIIYmX*^nxdsn*!
z`q3p1N&)iTq2P_tYOo7~XzW<sQ)oiedU9LiFu{?q@_92PD6>X$)bj82%+fg`EV~;C
z$3zE$IKu1zZt;;nUwb%E&dE9Np$g>bZK)7vcWJ1(ulmmrkq))~kPV&;`H>XOWzqg{
zgTSC#&4&ftoQLWn*2x!lqQ8H(q#W&I01rE*!2Qq`l)RHnuU1ebdHj;#sjf8xJBbCz
z`WYw6noTdhj*Ot;?|8Bp!Lx^IXa}Y?b)3wYt-@XsWH&c+(Cmu+9Z-&jeE^&H+5z`=
z3UGA5B&6B2ea+(WXPN~mYDtNVNun;Q#fZxlC+@AjeU@VKAle!Htq@e_^DB=&-PH`4
z&&G2Xp<u^EqDyh%Hdl7yK=K^b=FyrN{GeRL#LfV7CckgEmqz8EE2Ut8Cgq>E$~uQv
zC~e&2@43Xo9l(5I-A7`qcArld_q)Pg1OU5$ux(3=g~D4r<4ngCfXr%9eQ*X{dOQ3g
z)JuX#4WEe`F|HdOv&Rg-Oc5p=bwdk*f%7Sv)8jIYNt8GLq6_~e4HnbGp(>yFhz|(r
zG1poHllydXAuf#~%a)iwV={rkh3X<kI)Z4+{*T(0CBvOiBUlg?La#VIafUfF9C0@(
zwl$5ij0`uWxYYfD>zMvR85C{C#Hy0OQY?7a>aP*NWBFD%ZyN2PReFf~KKsUVQlV<w
z4CQ}s!Y%l)OK+-24|bjil%P{L^7TyR3Mo>?56rVuOxlU~o6t_98FVm=y$tL=qDk=)
zQ_Ddf57PKXi=gVU5>`=Rp{yrSNY#*Lz&dFo@a4oi0m@6B`V#iR@t|*3JdxMlD9D<&
zN>y>o#!_Tx+AECn`{@?>zQ`0}Cw{tW)e>1C?{Fcp!;voJK)?Go1NuWXLwfP&ysf+O
zU)qx_Fp#a;=sb@LOL`nfK2~LrTYIJ>(|6m%TED}qC3XZVa?PPnh68fVhwm=Z8vowY
z-#^7$wU6xg%K?R+cu3R!UA$YfUslPN)e-;_(CON4EWr&dTAvWUB#m`UYww`4SDO7#
zuea_~v^I+1c?dme-4Jx1lpc$PmmarsVwnSX^b*R177VT3=-tHMib=sy5egPIgxNHP
zg5|fQtk^BCHf_9HyYh@2*qhf^V`Q`T?A&GgMF0vElG@MlqDl%$XsRW?)1kfyETg1b
z<r0LuBP%d^0&#d?g%Ld(3(&&jUNuJ<BvEi6({NeE4#DzSfvgUgm&b6>$I~Yg%Czmn
zrDtB!h%{v|nUz-x>^4S;x8cZ7liDs@lzMeYBxMMHzjjCLNyK8@;stBj(ziRLeAZUQ
z0caUD-5GUY$zzkvUiaf=Bnn#l#LihBPa=^XPxO?lFdto)%hlhBJ!t@vc0Oz|tL*qp
z%LdXrEO|x~MxX(@7%obd1_4cU`nLG^nmTxZC|qBZ*2qh@eyzcC!Q^4&Tq~pySj)++
zO|#>|=uyqAg2Yt&n->*FBhu&*)jb`+9#dXW^!_LJ4OKi?0iC`lK2y#{^Jh;I&=brQ
zs><D~WWk)BFuI)vDfHqP8a0dl88}m_St;V!aU2sMTX4lqeaIyIT2i+93tyBd4-O$c
z+$w)=gy1TOTFbr_8G!$BEezySbSwB9q-rbFECDf)R_W_YLD)h>UCe<s-yUl*S3S|>
zJ=s)o!Dp7yv=Ql!=y~dyfLnL;il6}q{vO(W&1Opw@CSTxpYvx519Lee(c*^7X5!-Z
z|7B%qgSxPOlQcFr9AFG=X;~^0*Jg$6QQl9f&EI4G;Fte<>2kp>eAaZ~xc5I@oPI8O
zYmu{#<X7_+{a0yyL66S@@}Tevb5%@=R1MS25;36L%^lYY)-&j4C*p1IA9~Eff+f5b
zaFp_NY-wIF>0x|aUT=$r-!N#f{<;Oi;zV45`Av1hbpS;~o#okZQE`tY3Us^^W~5P(
z$Z|6NU7?gbpJq;{6My0|n0wcRdk1pq)~mj_Ln~(lZi`q}vkQC7AV%0S9!QK~naqNI
zTlZb|5k_aCzUUgDoPoUz0=yva`{NYqpzQ1g92-v0Viu376Xec)HY)C&vLl!-Z8bSZ
z*_g!fav)V)KW1QN0bjb~u|J=qJD7_nDFr@(GVl+^nCOPRPO@?o-6o~Fq36PUe(qm+
z8l+TacuXyS<E&7Z|5^~FIIzMaMiFMf0ZG}#VI>bOSyb$l2ElvLWs{G2^spC7Pb@N&
zTolV6k_nQxw1NglRkUX)r>NDsb*gSSiPU9XLcC)}f|eC2pe>{BVuM|Sf8h*F-;H*K
z@QN*d;KkC=w8{V#@KxZ>u$iw&;q<+ycOA}f=aw7LGt7FC>FgnDMY!DI01tpyuhc8i
z0cAg_bxzTS3<OEY);)j@=9ZD<>@`St#9SVdTPS6!TIp*5Af_T(tV>+EKN-p|H7K9I
zu0yv6phCS8ai$rQ*)4+;G7OZ4P-(Qc^9XUxaD)O^3X_>;0NXr1W)F<D`)N-HoDOj3
z{0DGIR^9si6x`s%-@g%9q!%J3G?ZV@&(uu!X;yiD;FV#yolI|4YmJ3Y{yc(&j^|p$
ze`k7Z4+N6Rb>p}#xJEDkK|!Q|Xw#>8+KAd%hmGoRoBwF>CnnUKBcs;Y<{wP=kv!_f
z;t)1AEv2@mT~8eFdoXVNJ|rGr7gN9974`?HSrF<RwbbHL)WNnE3nBKE2}g8tQLzsg
z9vq~xtl#zgT*47Uo;q`p;aD@O=-34C7>?_M1njC1w`=AV90CL$vWLCi9%598!@XAf
zxRhDs55DH|>Lcx&;-PWh<gNoiA!@v?v%&tKfvMbhCqw`TkhD8@fPvk`qH(Ey?Dj%_
zoDI)yyg-;PRzkDl7OB-6lYK)<`}du76m8pVW-3n?-!50rJxl%Z-hv1nlJkz%mZ&gp
z#V26TX8a9^R{U;w6)x#ZnlB2T?-f(*!Ck?b{1N<1qf5`RnW<H;lHW*x0SA-|z|UlB
zkuKOCu3}kDWD#DPE>{C7q_3DNExiz<T$9-{f!%p(wf~1`eElN?YXw$lEnlYg><CJm
z%0?z~!%8A)dG0T(AN!)_v^eRE^>Z0JuNQ;x7I`+cXGgA?{ynNBTF)rDtRcUB3y>Fw
z9-)liQ;oop1q(cCevnK3t84481&QB6n9!4@p?TOdmiizSOBb=1-DrqCobL^?n!+$5
z@s{tKxzq+SPejc~ivvn7M2V0~om$v`qM-0G17t;{OC<Y>l!|<#Yo*+o&b_Kujc7tu
zCq~hV6TUJQs!%|rHhz_^GkR-bt66F?6Oz1a?-k>bP{x+mP3Ctln_i!`Fy;FQf2h9^
z<wj{icmEpkuYqSw-8D?Zn+qHQkm0zF$ubi|yt`CI3wg8*s=QG5?>+868G3tS1qRx}
zZnb&{@1w(BD@CSex0>Dx(~Y<crC;1=lsIWb<iAMR?|TL4l}0aN1r&MFkSYeChvVKu
zde8tX2*BCf_anC<!sk_ZcG4N^pN7Ifw3U5J16exy=>R^0!;e<)yFNT!bZSf0X6wZT
z|NF9BE!ST7rDn`SG(0ei3qUTjgStQ~a#Yb4)qk4gLci|(Umr*T*ee->u~HKqqpDU%
zG1pN&O!FiMk8rin(A)Plkxt8V13<0qdK9)+P)J~^d7LcV<fVr{WBrj#05r|xSKwX0
z<xpC{iX|N(X=dAyWRz)!OfExl(Ipcv6&+8dyNHP0`6|cqaw~X0`!<xB@K{_@Erp&C
zfwebX1oQ!0d#r>2FQ|!7ZbSX`O*q>}YR#0DQJ(M`>O~4->zus0%<`0B(~IE08pqE*
z7W1iT^?cX@d6-F*{P%M93W=<rHcMa;*$e95feZQ_eoTJdib$=TimGZ3?%^x$!Emrv
z4yW<s4y(Ao&(!d21(-u>LuqAg877D%W$~xSm$O!jy~P#|BA+SX*+E5p<AmcAVnEku
z#Q5VhvfA#{QjsJv2E~4Ubj3FG`inlc&CqK4p6sA6i4wP2OtwFJVw1W#a3J(nDl*jd
zS*DRuHtu1D1XI;?<5Cu)s_E&#9S^Kc_e&n$zytB46o|OLA7(tyeJ0BJf$?k2J)Bss
zm!3=`%{)>bav*<7-t@2aFen*ny8;Qm5O!}(=v4#lRUWkAES5>Z1s{uh2@mfW#R4|g
zG09ppk&dCs{WSLQzyERYVD$u{vh8iGBsqc`{nM2{XB{QI$TLb@Zn@}$!H2x~k+Zv~
z53;o6QkV5OB!c;t|9(yR;S_b?Ykbq$;Iyt`Zn$<43*Gm(bmwB{sX60g{&j&I22+sU
zO;@>#tZ6}#@*5<+Zjz_X9DdBZON5zYJr?8x-va#Bh9HjK(A7bEXs{D`puB~u@w&st
z(j?XFG?(>it!<-rA%&)47y}Xu@J6;~8Ymj^*sdzlPwgx6UKSNXdZaCpZ0YZ<{0=oc
ztairmE3{uA+Qe9&TuBd&kvqtC4x(+G+W&Z<wmrK^DpwBkw=f46=--VmC0}Q>0KX;q
zfVWT*r<t>atBM?#Rhh?bLm$@u;J0sH{_f{IUl4pAmJ7R+#loBWIIDxc&C|>a!r}?`
zLzn1TC-eFK`-D<C{vWGnwU5$Gsqk(z=>Xl~P3Uj6C(FW910A?06;x~xWS^Y)Zh{sz
zx}Izq$)llLwaAMYYGfzA>T{JX!l$gyr`*%R7H`%~UP#G3UjG`Tp2N6wSSbDex`%>m
zCJ#+W=M)Wp(pTFIQDT@{0H@0b(4R@P&H9q93@izes&>&LAG@I<$ZyV}D~tKyC(l!`
zwhOT{7Xo~i%=2458QFzmCqVGS!Fq1XnfC9{#`Lu6DziCGIIJ>W>@*aN?~@3mLg^)q
zWGXy6JNuZl$E7VQoe?qYUk>+`10`s(Rn?Fj&?d_2II#I0Osr-i^83O6QuwczTfT0|
z(8(T66?-yb?b~u@0t{^@!P<=S(C3ty74X_)br>9~?@)~OuiDw&;s!beY8aK_Z8}4m
zU7l>N)k1v;zRz>xF2f}Cgk3#fG#7P#XpcWUixNF#tdNC0QwQ13B)&;~aCQ1$XA`K>
zhG=5DuY`17JkyCa(x_BHCjGI4piWN-BV6gR!K(-jy4~EJdI=#zt_=$kE_l+8s>j=U
z$#}(fQuBWyjYL@=WPp0V01#sBLJH!ubY!8zAbvYnPI&y)O-n;F-4C!a*93e*XE!L7
zC89Av5Nqf$_yH!u;7zm=f(HV)XWfFiM37HSbPGv_!$T-_`=KMW)zBaAWRsk146dyA
z)<CB`$p;3K5!v(RokYJxV-pF<`z?>>l4<XP&%@5Hn*!p^dphy6dN<>OPA`ee2I%R|
za0!2I;jj$xqFUI#%6jPsE%^bp`P_Pn-o_#>G5*ghDpGf|H*nCYB>Bgh&y0Zr(qV9d
z4ET%A@x0CI{0thzi{2B<L`In&%K{N_W@gjS;SN)AizD0b-24NSB{Ai20evYWxS>JA
zO#d96|1e<jhU|parjHS!?;pU8Tf#JtfCND^?8?pZfZR928qgvFr6{_}XS#xe<99e<
z*83G8{gT65vXS(b*B7u*j{c*tLCI28$~ea7C&5bx0LOTbd150>4{4c>vOCS9^=V4M
zSTC{N<5r2Vd2K0a?@N~fsF@>eicKI`5a@bmcmh`bisj4?*<frmwK*7I{L9}Tq8K5x
zw*X@*+&<N=o*)!^vE6vEH}RfC>lc0I1KE(&9;UkP|6H>ep+Fy(=Ntp4y=~g=s$*EF
z4P@ewfPQ^_LK3rm1329tad-1AQT9DqTCENuFVS~+=clNK@Y-HW7cLAw;x@!{zr>Qq
z^gmF$pRSkWF<I<KRGo|*q&B)##U|vq!|)kq@1H|vo<X$vK(aZ9^MtUr)8Yq3nCCDF
zq41s@<o&Bc={Te#fbIAVG)Omg#4_kPQW`HC(^;A-)b@FHpY%qfA{NTJrjfh_TDgw$
zgn5gAgqd&}F~}NBK^884Apq+)7f;PYd*2$nvD0>qKFz<3_{@nr&0}n75eeTIFk1WF
z5X~#IC8C|NkDkE~A`sfxHc3g|bZqrk(how^fqNKNKY2ub`b#mWri=X8v^fO0+Sd_$
zF~(KuO+T56;xj5d+nsel{kX1<ry_Y54?Fg#%m4HN96D8v>3?*hr{MS?7GQA_v!j~a
zUu2`1V=8Yf8qmjilTETh6BnoC@;VG-e@OaN9Z&muoTYv6wT^$`h=yT+aktYO(Q<Y+
zge~hhZ;MP`#{EymragtkL*i34Z0DF!Gt_LJcPKZ%UKvu)wA`}S$Sc*r<iU~ZWa6hg
z4V~~LhKo=jq^6Tzb|pna$Cl8MyaDDAB5#jFXn2CSeBv$Xqu^vSy#CZ^L5Rua(p8z)
zGv{a!CKkV@`y_?V0u_}2f)Z~^dQ_Ry16L5}Ib%sTvTkGfArwPRacoth4v{=BrewRi
zTu?DFVwY7eBTnarAP{$8GqA|Ku&33>mK&tTKfLj!h*cY%I5z?0Qy{OMeu25p60@B_
zX`C`273g@MEp{`HobfTdgaRf=7#31<HV!$2`3n!_tdKv`XOdI*#Pc0#0(X`tDPI6p
zd-b9+0g_W!;QOPneVMapK>A&iSY2zP=oJbPu_lYV>gE~=5@v7P)X4d2p>}BvCQAJk
z8v>Hl6O$)bSHS|I$@M?3X`6Ain+O(W((R8U6l@a`7U3|*VDFP$0ef50^>WqIJHr?u
z_s2mZItT(!7B;AV!@aXXkQ|7A$yX7GTu7QNnlu>$Y2M*fUr4%TXCB(kJjA~_RW<>v
zlB)d>kALl{Z+KyVretf^p!Qse<C;HT4z{O~goaweb>l{5JfpVbvj=F%sV*9)H82WU
zHB;B~7%W{{d_gD(A4r7&?z}M>qX9~6?p71~3P$j5Mpq+e=)JLRHa+vnSrP8gEf&On
zV(c;n>D2=*$UAD1TJ)G`<9BbBC*m}NFnZd|H0M`AAkm#<)4LHi%6ZbKxE<-D<M48?
z_MIjj5L7xrn2Ly@fdr&#z}0d5A*JB_@GjjFp|F9=QaJt*=1Zld->l2Tu1ZjQ2!wV>
zi9$ETZ-?aRQyB=toEtIyc1Q6wr6^X0E)|WCMkE|pXKJX00>myx$qacixGg-hu81M%
z+$$&NgciDUN6Y`^<fY=Kh(Shdq>-WiGkiYDo}2kEnKlHZ;UVVzy}DxEh*KYUw4*)J
zIa<CG$tTv&)wo7){A6-MzEddtgvNY`)u>W)gn*z-VyznpwB>0;(c-%KDPJLA1pHW_
zVtN%7^O1*4%weRH=Gu!7l!a}78T&A=@t`xNc6nLp-`iHo{PGRFE+Mpy!=~{+*1Cxa
z;WE2huKHQ+lJ)A#y4{}0qaQ;*K%25{daBC|HeCC1H#gkg%2{+Pf~NvlR;Vi2QznyP
zi_dyj6Qd>E4i<kJeM`Fe$kcdcU4`&A7D6-3E|r=_xN(|PU8RdAv5qM^wI(9xn4lo)
zmJw79VL|=~E|y5wc%0v`GO<Gs>im_lQuUf$GKhRoBQ31bQfg@{x!b#}a>2navRhKp
z+lEel@t$$>W;UCzF6H}~z3MMhfr5-PGtbWI$}r3+Fo!Cp?Zg48%XdxXHxFwqUw0gr
z8IVGhBC!*BI{cSK0X>M@=0BY`WJ805)nPEnJPLHOXwtJuoJUa+2r}X*8-M=^{dRSC
z`3x=zOvOdCwmOmkig3%%|MlbehAeOx5c}-iyImpa+<G@h9+LHsY={PgA>TQfTC7TI
zj?sVAybFZY`Nj&EK;NmbNPG}bThVDygua&1iK<dL!GC#IlR?>0Xh#`-PuY&+te~{{
zE+nzm?Pm0|YL2y=XQ9I0HrA*1)ZH|KhUVA3*8UjQM6fCuz<OefX7kiPD;Fm2r#)BJ
z{F*l;4-0IZ*)VP@sV7*vVvE}~$V(Kfr#C`>MdeFHYkFSTmgF}l7IH0YT`M^4RhAB`
z%{Z;$e_VJZ8uu$0t#sJYC3l33RS_%<!Kv9`d9VU`|Jf3}C^|~Vj+z_<0Z;dbnU0N^
zsn1-c*Ud|4{c-T2H3PX-Ensps;^3BV050t%n*RzcBFbrZI?09FNIyNJtOI*n+mr6(
z<aN?uh|qii%j!~YJaD<AIX4JlvvaNM8zo2DRfmknZ3yfb@RMM<@e7&C$)4~(@a4rf
z=yljT4prfSaiFOw&!=oml7=lXD<x4+;Q)zg)CPj0D3l7;lM?=>)S|s-EZJlIIy|GA
zvg)n>7l?xyO0vt=LSglV(q{goLh+6}f1OZsfWEel7Zb|;2DB>xuecv|p;F6f)d9>z
z+FI7T*Lnuo(!<AIvGRyVkeUVJ?88FxL4{AjO16t?rb=3|CF@#qsTCUdQ)(fK3`Fqc
z3cyHdsKV5O)R!c*BxvF$`6I~KYnjfpJDd0d#eG8*Oyd;NXY<hz+O!@hoDggSL{mH_
zDg+(UdajjfY=_ePP$xk=FhcM228C3o#gi>>Z5<z*)<$^1G{8GLBsl0gKq3>1lI0n^
zfK{U!U`Go+l&b&WbY|!e#uV3RNtdZw_~7xpi!tblu~W&(|D<T5vl2njL3r~T>Fnpd
zmCRZ(k2{Bu8Y0Pd=Ov37zIaJR#eNBOUB$6T{LQRL7?XVW*`Yi;2_AeY+HZEAu$_Oh
zbZ2Z?Nx~9MDlq|J@9J2!zrS4~WhymY-%tJk=*!R4swRWL!*F9WXde-E_L*?=?vnTm
z?}&KAxS8vTtJf(BNN!M&X$(=ZA~lDj0eGEiQ3hRiK2Q2j4?H`^{{xLz3_ut@5|Nz^
zORC$2({k|LFa;yAmc_MlSvP-Gz8ZyuOA%os>T-f1d%KkxS#@TMR4Qq1bf(v~KO!ht
zR9SlG!O~+oZ@~DEd{Nu%JUY^Rpe1{)*Kn-yHi;SV_a>?P8{54fc`{?7kV|J454j2w
z8gLBV#Zqj-c&rm6vNE{)oav~qG@su>B^}@dXU(-CJ_3pwlpf>}Sul`TLssY+iHR#D
zTg)SM1_UwiwpRs}s0|m@!_%BtX)~VAfc0iiSM?Cb4o&1s``xqn#t$AH9z@j+5hYIw
znL#_EHVRd>KWBA=+bAJnz|4D%Zf5jlEkzeFmh!Yb6DOfX&+jzly7u<*S^Li~H25iV
z<zK;KIp+*I(d*INxEqIYO68<r@j?_12nHNQI>JDlwOZj+DGX5J!*czodK3$^^z>89
z*h!_kUpQxHFx&GXO~Iog2N&q<UlS^n^sa4s3W@>-*B(s(B6FPPas1W5jFvNw2kL*w
z2f)2R``x!jhE_chET6oB-3tX%@FbnAB{9>qsAh$sSLA)8hXr>>$MO5M+-t^heIA@(
zRsT4mKmRl*FSTWV>0ugN*9a=o4I@HHJ&=AvnVvz#x6Kw~a57TG(SFLJ7BUQy8q$)6
zwFFq5oRG}azt~Yiiivgkg`}W&B|FQ7kL$+eXjViH1)9p)ujYT5$8Lc!onmiQXFm|D
z%}+bVMsr})T$Oh-6fEa>N1?-NE-C6;c6~z|jGlh43YQY$Qp@)nv`JoEhq>9TB{Snf
z{Ft9s4Jds}jC#MtUTzynywkb?7Y|SE7xb_2WKq^6q#9RtsiGeF4oHX$CY}@JgH_0x
ziod9oY!k3v2r^M@d!w?0>ZL|j7s2V@ofBv@*I-*zaI`|skjr$8q-wVVVr_+te#3I-
zX^u}gx0jiB1@u1Rx+;i%Zaijgr+}4GYQ(NkLRcylsO2R@2cD83CT#p)(i;)2k7NuE
z%YN{HIpgB-B_#>Kfh9||O9Ye&fa4Uvc#V>&TaC6#=+p8vEjGeoURM*f()y6Io!Q<U
z68FxCXpJ6-Qh#Q`?~#dD)hZ=^CP(cw%e~zb<Vvnwx$qYo+>0{!&3+^`QI|Hn^E5fE
zYZboq<4_?{$;O5a`_rmTj;Jci=mVY{+;k@SKE^Luv*vbxs=jj6qI6f~^eHzB&ZJoF
z4=X6!CEIfc2%1ciiOi*3`l$0ta0r<B+pYo8fwX%Ox5LDiX$dqR;L$Mo-Hk7sPC=~)
z1zhCSTThA2_}1X+!g$D!%(qz}pA>369Fbk{p@c(2+O-#sxdIt9fRK#*N!l+QYeJ#>
z-&0i|{9hf4T=BSps$vcUCHK$|vI`S~_}dmH{z=Pp47aZH@>AI*Z1cfR!DBhxz(s8%
zR?-R_2)kijcZ~iuV<=A2$WF`{svEE$&Y-fx)yPSW8vb(?Aomi8sCRLqZi%ul1UCJs
zlTm_7hD$ecUQqyYlW$j(?R?#jEq&5*GyYfl&eO)%z{3?cu|5Xvf<2ULtQ6jB=cutq
zV{lT<B{=H(Gj*dh9u@<r>??75l|Dw0#iNxWA)_W^B9c6E3PcxnK~kkYaLPP9;^oa<
z55zimAA$$2sQ*!HJN&AwK9ZJAV-X%5dSw|i{Rl4$4su~5V?DAboox?UjVB|r`by(N
zT}-v+D&CwCpcR0bOOro9CWVL~Cvv0N=PChECtAo7qWmQ3t$mqYxqB-=t@h-{?2AFN
z!`wzQFLwYP&rd*|bKw&3>#R!Un|LZ65n3f6H26ZOr_V#~Md1}`dBR8@I6S%Nq2kWh
zEOf-mJ$MJE@Gx%isRR@B0BeCYi}xG!YbTF@a<zm&Yn)XP%&u$^S#OpP2$_-7Q?>3v
zX0LQk+b*2opA_H4hj^+x<h2FHa}$H2g(@>;&_U_JbYRbLC(2(ccv>QmaEi#yl@S)6
z1cdonY6c4sjF*2diJOf3MSYMlE7jEcfxn4u3E_%ISRo$(Th()J4bqO>to*wxxF1~h
z&P16X2{Ik`t;Dcj5|)1HGFN&(WQDP~wthyNXGoMd{;CWXf|7X(<B=QxpQD2J(w$e}
zk6jRTgP;b}8&Xxk&;s=4tnS7hvF+wM?Z8J@Y=>ao?=T@;t*=L$Q<`O!qx7+mO>UXp
zy_uN=NTCZ3O7-|x6r$giDtO~k16Y^u=gk94cz<h=9SGezWi0t&HBZ>NMORjEZ2`bA
zjG?iuBy||PwKk&Se&W>Wc^(>jJa6w6$|v~>VtDFA_A5#ANtL61z>h2=V25q2Vg`D%
z^uEgT1VD*_mQukv<8ff5;SSabQ8Exg4<KzD(`_9J!<r(5QI#1&BppD+-Z3J=EU)}^
zSjARgNaRa1RyJ<y=S{<e^!2o4F?E1)5adU-Y7@c2WROxSOaBz2DlGH^9nbFEur9jq
z9_9~j8E6PYw~98juD7vvi`MRuE}|udUT~FG%iwBPV01IB00y%kk>XWz$QO`D^U1>y
zm?+JLmHr&B4v*wyLeRxEJxCTlx^ALyF?|<8{(L8EA-~sOm&s0rlKA>HJ`;P#TUI<j
zZ6~#0%n~&YLdFx$VQh-u$7R)qQ(G^K$H=7wbos|bk*Cvt-^|O`m$#vOCgm?-_)Xe`
za(__m{1xX5$K5$dF3>T)|72tHaqZKYzV<+7Cm<;KIFA;YG$P&f6Z5P?au5opBB_VP
z3B!`Dsi?D<{zFHYIoT8g1I}ts@fG}xLAtDETPYrEEzKU~>Is?FAWIk<#LDoMB=4?@
zH`AqqDPn1R!TpQ~cY*`sY5`Lf-#B65qI|AU)vCiZxvXCc*zl2VvXGfIXpkmuqU^a9
zDKM;E6~?AMkAHTANM;sjm*eM8ggh|Msc)$`O3zBle<p6ZIfNE_()2(Tu(oJQ2P-0V
z<B-{{jG@gWBLzzBLtRSMUy}&YYYER@-HiLFSfG7sU0L~<-=O)|SY=dN?*A2oE3)V8
zQ8g{s57W2P_CjWJ8H4aO3gDL{$o5q#Rs3{>?)V6A=uUj_7L)eA;4@^t*tw8Y5Hy6T
zWO)(XrB=MVR00mOX*l|kK33db!?0uc(bJRJ1d=Kxo9oBiPE}rQ#{pxdwd4bCFlXp_
zbyiiWGR-l9Jr63n%x%q?OhN?u2OVn^RnX8M13x+(3Y`N$O$42W<oht2GEov=f9YK*
zaiiJB=7UO<ZM~mS3MM=B>~V6visQ`0C(<k1Szd*oyMyAINt7-qN8fVnpIr-wqz(?(
zY%_(vJiV#aPE;nlAJPPIn2XPRc<>17Y>HKrenhUKK)Y&{-eh<)P`dYLT^HgR{&6>%
z<zxSuOUoXK_0~&U*G)Dp2Y-ns?Kr}HcZLQ_XEGZa;8$b*`)H{6!Z3E}%QjE28B7C0
zcKvA=1JsV6B~!>TX>ZP@OwQ8mhZ|djB25Qa_GjRZn9}qL6vB?F<RI<WZh<_kDc{Ds
z<iv;buuYTvt8rHn<@_QC=Is5-k-_`6r>;yPUsXI&^ms>vr^nimh|kV(E2Tmda0loF
z-jy}AH1PrPo9XDAgA*^nc_$u}i@D_cVYVO)-SalylV76OI;GxIV2$T-rT<i(Lx~Cg
zv)IFQS5FNh)%C`<B$nYd5A-ij6$uWhXIQPU2j<n_ZG=DJtO13@<GP+&TEoW*QJ=1O
z`a0$=OK>CuFv9}5W9~Tz3hUaCs(RKp59%BW(%`kKAli5LAAKmsQMkZ~bVD&!B(p6V
z^G=Aksn(o;`HMsSRIyTXRKAK1rekaRwy0UpXjTrz&R3c>*^;5XP?`fNt`_UGM2Br2
zUjOL;z2*E!I0{I|Rz7KtI&YUhZlx-dNWWxQuM1>kQwKUe=IW9KYU9A<cb6n2t!4>H
zQKxpwItSWHwQrB?$Hy1R2!|QmctV~r36*K`ie3$noz&%yPrZq)XaLOL?C<bO^9GZK
zi~*67oF%<3%hBEQdXV8hixPvVkcxh?3HEhN4Y6xw?1;pZp1FLo9O~MZvyTYu%zSYb
zXD14QM-mfoVj$yAS+oieqn#HwBhT6uKSe?G->AvB);t=-oh?+9G%abN!)_1l3jQQ&
zRgOK}HjBL=awZtnZnQN(36uX+YRH*UcG%~sV^!w$8TUhiW@o_Gak~VrCu@`b-lexd
zzYPq-B))Lymln)12XQQVROiF}wOeXV!`{ss<dtocV!YjbK8!+N;?QwV&ay)PV$R@t
z*`tHFh+fSf=I^3yrK0dZ1Z;L98Ti`AUtDM^M|Qz^T`!%<sOB`wnG<bs!i|RKK*Y&L
zpRweFlLjxEkZl1yt96FxgPIF!kGocZ)atRci;9P93393L+?U~e=r4@PTSPiKDk>Ih
zD{WLTrU1TX|7)`dFd-EdduN&lxS`MTlmf0`YHmLB-}0pNCOufjGX!F*`Z?F24E+%8
z`3&1(N%02}BROR%=+Lu+aLlcT4R}llu2}!8wt-2-k>05D&v{13So88rL|bJF5)lQN
z=nPAc-waw=)v{FZ6Osi_ch15p0>FLoO@TzyLI>Zt`?<hBA6SorvkGm^!+Dc42@3Nc
zL^i@3jQ(IcYCIM>AiIR`*^>?hBEOg~5z78t?cZa}QK;-fEhtJ5<rHFTC`D9?nq~K?
z3Er>xz9oDXUq>F^GV!;kzn+fAJd%h!6h+gJ`<O<~cFPrPGJt0Ojuf4fyn#Wd(+(vn
zvi=GU8d69(4aHi#NWIX&HnOQ;k|q$~<!x9g;><hA^}HUDSmo%pkJ|c5#lzQqzkdO4
zxF|XN7s%mPeC1M4Mq2NkC|=#f&ag9&WFCvO*Cj>@@A|yNIcj7-d7-U|YU&!Udh}qE
z)Z-AGZ#EL#4eEWsl6bXih5ejG@A$y*>WUowd!M#lnT}3BZUsW;h>@2ptbOao1yUKt
z-}Y_L)sHNKBWV?+qNpw|+5S{l6jn*JJfR->AA2cQ%d}y))mW1C@I_X?sFuqe`3~#s
zZsqTu`h<J0TKCqPScO71_i<Lzn~4KbrrESOUWYk1O2|LlCkr4L>uFJCo=C@<z$f|f
zK0)2jw+%DPlAr%k$9y!<vH-0wXfEHq<i3UlaiHkp05CgjK!&(yC+usWCC2YuUFVu{
zokGCG!TZ5S#JG&ay^(WUJw5@){D5$I$p`{LFnn)-L&uA?McB8sxd7t~1AJgMx_6dw
zRv@JU@a{JINy)a73Lx_5wK(W2&+CwvM7ls~a9;K;HH(@}E*H}*OvO$=j%YY5kJD&A
zR&i_m><`Gia*IIY+exIXwkO9S^>BQ>*!AAUTx_ll_#_$7{Ye3<QZ~xY5`%Ln$Fkz2
zJn~}qWl3$O5Lgx3=E-ErQUb*eo@q2mt)FH2gQ8{|h3=*m10VX~`Ol2t`~!)h;Nbr-
zvI1B;UiIg}3sBgm(_NN;#jKD{SmIf^SNeANjNkWmdUKu|J^;o4`#km@uK#V@ETka!
z;xcZn3h3Fi5!%hmXv!KVC(4-h$J~1w*77ybD?ObMmxwX#TH2U#s-@c?3j)*fh}0nL
zg3YW}{;{8!CU__~wvPagpOGw1L|HunV1BT8RmLxOTS9>zk?T&v(d5wVIIa=ils~Mr
zN6Rh{g6LqjhS}CG^JlIk5jon4f={g*4|TF(v7;2UC6-`VS-Z(QVO4>%Q1l_x#J$6W
z3vhr~vsJfu{3;#?a)y5~jUqv9@W1Y3M3D+|Rv%)VIyhNGbw%1VSqC<VE3-FrRYr<f
z7D85Cs2*HHRNPKWb1d@v>%-QYD&($akm4$F4%KI87xV1<5Gm=%V*^OHc*6ebt0bHd
z^c{f2b*(KUvZSL*zgH#PM#yiM%+`k3`6L_N#=9nh>~?%y+%We^Ax!@iyeZ6BfUprd
z@&EgoV%VcQGvv@kpXLGX{kbWT#cbQu{Y@5QwUbP)Alu#*ew-bih#mU`TJNd)j@ZpP
zvD1F8tuAqVww4zHPeK;vR@Di@fF34tp0afb{G#G3wTX~1GJuYpv3uEhm6!llRch_V
zetxF2sMvS^Ss&Dld(lq|z~{!!59MP`%c@$MOa^e#r7&v2RzGEPik9O(+qXy|caS~>
zuX`N@3~wT7ACaeJ6SkgJO2*^{y8Gk#^<$*W?^hR7#|hyq4iLH>UlZLl+lL<Ipqp32
zhCMj)jwzvZVSUX4rDc%)Q};|2mZ4M?y*4Aq{8EU58tTf3_6XiZSoV@#e|=o2-o+0$
zETtsCcDlVe1Pg!?(M^+n8N7JrfTMWq4knlovYfM?7UCj@j;c4QSX9wEceJjQZwEzV
zG#y1IEQ{rx*D|G@anb^<U66A~<}h?Si#zz`KReLkRYLF)#}4L&W+mHI!zf!;5Y-vv
zllAy{eDp^Htgwf$r>1^8rLkTalS)rI*Z#YA{Qv|=%PVevIN|rfyww2VW(^?UbNu~+
z)q}r~qV=kOBL{}itG_6-^KVYzD2;LT|BHM5H43Ky3^0ljHY*TXDN<qk_*Wu8cb9{d
z>sN9%F10U|a%^<B+yFT3mlJt{xT|VOHERsE;e<2*an<c4$9J94H&I-Z{s}1k|J4-t
z3PK^bzJ$m`gu2`O94Z)+L3=*OmU_y<m4mXKzHtj{eb11EaL6m6nEh*<>B7{k^QDKA
zLNa1nqfqww1rfE17W(s)TTp{3{}Eu{a}^3i5r{<3=tHZ!KVDsc7czS$!}e3MwK<Kh
zRzxDKT*I}o-R}J1zR4e*|L$IPGyrug?iXr?XFsoj<(l1gC^*x2BkN>lwo_nI!P`w7
zdGPNdbzFf>4Vpjj0E2U7AIld9&#wl2^HG&ks>@BJx_o}x1vK6H*N*nL4+lz>n91d1
zn<Vk*a|y&U^_IAMoocr4ZT{_eRnY(Lz}B?Y8GAI__-Y+-s^|IC-Vw?d9r#ViXTct;
zIuD%?tAi2qMl)u9i}^Z)mjV6f5aZnLm=zaW_vY^@3lEX8&M3)$nC)t;UdeY0VocQ$
zDbP9Q1H}V)-6;^a9)1>OGG>D0_=~@BBMoRHG@YNZT9p<$`y8cUe4a20Mzgh7OYDZ+
z;A|Y?eSNcPqQ6#2c@d{{g&yr0d3fDy8cA8n)J~lafE<cs<ervo3Q9yilu2T+W`DI!
z#Yw7eV2dWYXHP%>B73id0wKhDRjrXZs$Eif%g4F~pZ;_i?F=B`slMN1NVivOj?gTf
z+$rP*NcD?O4``BZ&cQ_-+T>i1P1;`_bOVjCc7k!I4YxPB5Z;<ElzO=1JB>r-#?i{A
z9OZomnZ9jiRT!nw-1BMn1)R4iI5<4Sw7}ebW_egW%hM+*x3gI6@DLw_-B{33KCTAy
zeQ8um=Wgd=wiCb5WD&Id5!Pd6S#&6C``MsqTt~ygNvP`)=IUVpt8XnpLi(Ln3-s^o
zrO}B`a0GG`)wEp33M_EpMx^3|x0|g2=RYlDt7ktQUZ?iOapw$*m&`Qh=9T$*Jg$3<
zK`g29$DtNB+=Q{REjL*UyL~;!m<3NwZ2BJ^s7ehWTU`cua~<;a5d7G<rdXmKr`l8K
z)`8VBceZMip{rmrL=9B|a>%Sr2TcLSVx$|5w5@Nau=wdKLC8jFFoI>->R&-vdXXLK
zN?<0Ba}h|6y|aa%+^~%Eb*%zG9rhh^Jii)q0Lo9PeWQLlUc2E_ysq%NKjVfhF<*ZG
zZ!$sXLym4=H8m`|<>5R43wP;&1F&Axcvt-^LHs&bvX@?fAGizH1I2i2O<80|3aIhI
ze>T$#;0Ph>Et{T3Vfs#anvI!{n0Qz!N8d@39-#jCc-U>*LG0%j8;y^Yhjr2M#d55N
zxTxdTEfGuDHKFwHeO1jX1d-RBWSu&4s&Qkx?v+)k=DFyHvl>^mD5S&^0QvY!H5vu(
z8Hz+>H=&dMy`n%P@TRexg+D(2XKGFSLI2Yq(i=HA^R9#MHaPOhL7s*j1^-!>q7WB@
zqK0yB{#!ldRTvIxrzIk%aF|D+Dd%hV?lC7_#tpP<?KSFX;utZvO5R59Lq^jXXyu0e
z-P`LW3+ZWJ@;H9~dDo3>e9kNtBeD$VhJQ~oULhbC;Z;xn{<JjUA&PD^)f}ZC2%A!u
z*w-c17g1j=<879)8z_J4M5TH~^DH6sav|-a(N3K>^HEd;yYNhHIV$Q|t0RvbGP~=8
zT|t~dKOy~Wq9*?IgM_wg51nKZNN1pK72@_(g{bNcfanD0kVbjU3ftWUcXrfLDmfpV
zxsYw2tHLf5WXKAB1$Bv_t<w+rl4KEb4?7Vv$2YTmU#VmEZgC@_@CiX*E34xt+HrrO
zP@Wj`S<+$|)=qb#Lthp*(T{f;bk~0y^&m6;WyL;DHUl(0KzHNwx_%dc?p+&o{$e7l
z6S9^V+~I21*%<Bp6LasP0wF}^o^!fT@RY*F|F>~WwEe=-6f3vGFv&Z)^tDNT-=LoE
zMQGZ=Nju`~fR4IiiPBg=p}DHi);r$#a<bT@P?fHGGH-k^u!*Y?RxKo8no=c?v4)jH
zJ}R)~-}+eRCwE_&lzr7Z(j>D-rG=jL2N|5V1{ZF@4!U5+NZi6DrmssA)aKoXILVG*
ze2M2^o>P<+VG7|a>y+dauW!kW&#JA$esNeB)%l!L7A`?zlazWu^z#0U%Yk#F5wPbE
zS-kQo^-{Yq0@nm=BJJVIFUpamjOPhaHO25edf&Tf;v{1s(2=#;f?*|Ihd(i}$*2-+
zIL{R@Dij$^Zai9hB=`%@#o5?~>~9eXh6Pnl>+i+Jy)z2b_Id2PJVuQY?&uTpsXPNO
zQh?y|nZbDuy`Qmi6OR0*%EOfdZs*&3^OgYKrN_nq-PDbIqLo}gh|P&`6_y96lBp0J
ziZe8qzYD1z>YVB7yQEO?lMtL>?V`O<K9@_D_fdwo!0C<gu|4Eq+|7EAE$V6rq$*>@
zoTHxYD-n}(fO*zWxV!fRU!*g?ZN8W$h3_NxDpXsY8s|rDbPhS+;1^>%RY6)w^3}Gg
z=e-0?{Y?NGu}<S>qB_+ICF~A(t<oHYw^&F0fdftq7pIXP&w?!^K#KqN;f(<9!_`x`
zl06@2jTg|d$iv)efGINFxFgtFgJzQcme?_N3y!I}Y^Q+U{YSZXwo4B0X}WoejI&Ud
zqNpZ$F!UqIM^ks}r}jWCd7-_)h~@E0qnvHquW?F}6l~6MErl>gMKQC6p%$CUQIvd0
zO|yr%{2)yTw{jXt7q7!r?3y>a4(rWHFUlAT-ZlVzQ+$tf`IhM+!hy112D9S1of>Xh
zH35Z*Z)^Wqb@@?pyFh_vq1H9zVc)2tB>pYk>c-bL=`o1i)rU4q9x>pY;G?%%A^dsR
zYP+g9Au7}}Qc`#7igKn4&AMk~JkDOeajC*-R0a<%0~B0P2ae)>DkkxERpUr2QX?$V
zaHuZ2TOxgm7CBOQP<1!WHg2}2?$~PJF?%TO9eOoM*J2rmupoK>@>ID#_vMl(kEuzi
z`G~0Xz4Ih&&Bx9}R@}<ZohE7F$Icv3P&c1tb!;QB!{)Kuyzjx|A&8#ZQ-W-EZK$s>
zO9?CVQ^@wsOU$<sy0Qj{yR~h-;mEz*K+j4DP6e?!tq1=!_sBb2x5oC^!j!!WqN@n9
z&0|Jit0(j_aWr|q6#BHRld`3Mf&#oB&SJEGZW#h3-wL(*UYf%dx!kW=Y5)j;Xx-sq
z#ts@NGSLY37-aUz-E!4;fk!Q_0S_AR<;#;j`ehh%!Kd&x1zf12ON*lAD(t$LhRJNA
z35NRhhx_$zxnN60uE)*Hw_XD?piLsux^s`TEo{a3T#ZSVhkOD}6&O*icsudIqzY(I
zEn*ub$vb4t{TCF0J=?!Eqn4*DC;)X>iLi2j(~|f0f%k{;Mijh}lhgmfBeN^f9nSE9
z-BV?ROUQbRiiT||_{qoY2G-JqYVk!#h4>Kd|AQccZ)5-7^tw`OZxXuf3X9b$*LGp$
zKelzB55UmTD<+^ho?_*Hs;`M}IA$4vwlhu4hCddWt8tHTF7VXif5Sk^7<(n}jLKeo
z)d4ocohw1B^(nl!<F^{-lXJ1>!v~q!B>8`B*y3>d`{MT6*-^n<4@U1vI{G6t{UGOl
zp2}A38XIaUR|_?mz8T^W+ekN*A&hG;H03-un#~OcD=*JLy^{sYbr+Za^XH9aS%g}8
zBqJd2w;A@Gj&lF!e7OyAA<9NgidjR~9Hr8}3WOaRy;Y{SJx?gt;`_-(>y~yJ5JW_2
z>e}Ja^=Ql3Oc*Zu0p`An>}HIv>VLx22_{p01e4R4?z|zLJmP?@O_!(w!o2mfF2Qt=
zj}4zh2UUp&52GmnH3T-#d|{ZXO=$tbt+c@>gLVyZrg}J1wE47e=&yn!sqw)h*P8nh
zxVR&Nx~G0WUr>hh#_2lieZFtl=ENHT6yb{QKxb0^sk$WLk!<zeL7`vfoupJBceYnb
z0DPsqtGhaw4MfZVS`J5Iv|vb^x0bLp`wNa1#BUE5@vzBW8Ev$%jL`;-%h&etXo_!@
zHLL4LCzJxzo;DrtZN0&Vbl+_&4ktuQ>X;QW?xLGKNpVWH^Y%y4A*zH}0nnkf`ZdLk
z(JtT6s^}Skt9J@ZMie-M?Z3)QR&#VvV#u+=!+?Fe&IM33?by*wG}Yv7Y#+F}sg!sM
zu(%&Nk1vV9-+leNl%5L)H}JtkhP$&XG+<Y**jVbHn!ip6=k&Dph1tmy0BwBeu_IvM
zIY#+H*qL*f%Mu^>C>HCVh}CHuK1f<6xkB#j;OmrF%OM|pAU!7zN6HwT#4$H$Z_lFl
zU(Ydy`soeF76`KrIw{M5_3vq1b=*wqRNY0;eSjoi(lcyy1}5CX^Q$=Z#<s=lbndl@
zV{U58mZ)j~4cqpl%gt|>QR}n=(JAukETq78qBVj|7qti44rW}To;>?O@XemPT4pbt
z3!M02+g$GxNI3vq=QYVwFXPv0zpTg&uoHAo&t=vea7kPsbU#BfblAt08x#?PtCcB8
z9f~(i{%}P&lc+hobr7ZFIf5nS-?ao?2=q|ZXwohPSdxpTC{>QrVmw?lDtW#$lovmU
z!X!tixomuFGEfF@@dhtN5%8}54_pUb01CZ|@8*N4kODCfu5IV(jd!k$B}VI*<qJ89
zb6aM$xlD8>cmFP(Q-M;_4_$<M7=T%2PgCY|0FMN=*)IAHJM>%_*@V%~ou$A_KAF|E
z!4vb8UQw7k*JZ<M_Jt{b5!U3wHKQG4b^E&@Y&TVqTjQHh!F?#1*{u;6v;ce#tBFd;
zs;-}R)myTjmkW9lac(Sy+!wQkvVLq|=LLaAtlxm3@N}Q;$v7i@1s@C4f;eRMgis#p
z^pH;E1s9gEgIP>o-#Zqqhru&h^A|lIIM!%<4ki$Dv9lS^9X`_$_SGc6W>jr<`?d#<
z3_W`JIH-Xgc+d$nw`{aqB*(aCxlnu+T}F`=-XaOo>2yt$4nNr2azA8NvqbXs{~ZT%
zszODKN(4(bC;R0%nPkZUc>q`a9FeS!=iF@YQ64H{b+iR1H1-JB_|U%S@<R;*e|hZ`
zhHELRKy2(O|DWvq&N0FaV~@)&AhV|vsnw3OD!YEHg+V-QAL?B=w<>edI~)~^Q3xYQ
z;A(RF$a9rMFS(LKsZM7#lrn$CKqPhX?uS+TuZbhR7|qaBlWmEhJZ+J@91;GK=KR94
z2{Kf^fljk-?%G2|QK5aEHuA!A1s_LEXU=4CLq<I@AI=Z#szLMhZ<l_$iIfiiJGX=9
zn^1k9pn0fOi;vxA!zTBM8keh0{Q_>O4|34&@?+h-g1Rr>5IVWS8-t>ew>xQ2HCPNw
zFW@sZN!)YiJVh=1N50Q48Q33{Mv#o>R2Go{;q+(q7m%%O?0a{5sKrn~3#~elylh3;
zTvsSFR|aXRjEa$rEq}1-F6((Lyi9OG1|YJ$tvkOY&=T`(?@xT7pQGMGwN<z=qj9oj
zeV^#8yAQX*c-2jxONPX7<@tS>WXPf7O_;flsgoK5D2k@znn_SGWC5R}EOxRvxW^!y
zeILs#6@?yuTR50KRuQ8*;d0g)FDucMvsQWm^7Hjv0U3a|F!IArd)}=URaPjeg+T$j
z5o<vonCM|O!&uIkZ9$~riiSai-V$ATk&T()4{Yg--rdqZl;UBVJIXU(4a`c2VjF{+
zbAL7y(;%Mi17>-~jz&=(e6+xPgH@`KvqZ=yoBF0Q+qPqrYM=wwYq>ls&u7drF@=0}
znOVVUc%0U!9C_JsH?w!kcYfrbstoZ3^X`M>9r-4urNmq<51Xx*hWaC-Un@Bp*ZJnE
zImwXi3rN9MzntpTUzZXUZ2~auL7tZ0K!PaN4ZVJ<k9tE7SC5A|`8VMmU$}vLJ+1|!
z!OYaU<S8AR<M-Y^=4mq}of8+0DZ25j_Qh|TPCs#7__1DS<;U`r1JC(!=G{kRkICq2
zBS7L+;t>Amu<ad_saOY?F=UxEr0I;j<XF}zUr<UKH~WHeV^Z+_yY~XzZUw}G%$M^#
zo=j!zAwbD^_nIy>-9`cFC5+jt)JaVt4uDn$O-b-WN<@s)U3JwV(0Bo@Qv^O=MJle^
zJBPLQFr}X@9KijsuCIript|@(aWJ1Z7Z{(U6!*=Xuu1o^-R7zVyEW7UGOarf4NiTi
zV82kS1enAh8qg~31@DVBYmy!^kd4e?;)F6ojv*qeVJBVA^K^9kX0V=G0nc#>EWt^;
z$ZfMM%<)55dHTQTo}tQpVSrYgkM%^>Yd&k>F_AlK=$YVqi>`NB(v!?+A7q^)GZG!e
zPJH%r^NBloj(g#{!T2t|khD@gTS`z2oE8p#U+{vgi?s)X^l9fAzz|AnwV{eo0>W{)
zbYgh>Uv?N59J@)o^QH6hHb%2M$S1}(2_KuTX2|GO<VThKQ)1f6IF=mn+lyS~@L{66
zEl`5U)wc}H^~3^{k_@Y#Z<8C*&S%cXQwabiO~bqC%#$I#2os_eG*2s26NrTyS_}+;
z)+>R%JHX-m<9zY#()I!g5J(jlp=q57T|V^W*>A%x$7zgGV$TIjey`6~(PBRF35Xg&
z<bVT5W#^{!OgIGMoVnInQR`GIA;?q@hZ&6AV+7UC5W%kT^bFAWjnH<0)~wG)x91Zo
z5OsN+p+;}+AN7(im$-ZNuxkDAf_fQpo>itT0|J9NcCheJsu#8x43l|UEC;3x)6?0t
z_as|3IHInIm!(iHmq^d}D<Up~ke#@ha#7De1H%n7iVq^GTer-|P2Pg*IoiFPNFjH-
zjwaZ+WWrcEsDM~2l5ohTlYc{3lNN+xlnnj?&Dii;Np=}!I^cpsa|$QGwHsL5ADOSc
zt<nLo2s$m*HjR&`jM&{l^Z_>5=dqx=n6~#2L%E$f99SR(Tzg(Frx_B+D}9$r|4M2P
zqs~|~+9B~##QFzh{Iz5^REHZ9vI{f^W$;IxD|to!iJO~M`wUXu2a4p95Xmu6{VI#F
z73EPi#T5@<#oHY||Fy?sL~ZT$_BSV(yirr%W*s<8F;Kx-iA89{wJpifpa*{*0sWap
zQ5|+$6m*e#F`8gGiKzLp+<41k(Psr$OZ<5m*lsZeQO7%LGoiKAd;yPFse8`h_eS#*
za`{;ES9L3nRJwPp20gU!5PAqkdT>H13SCBjR7B*oEQv4CWYKFC_Lp~4@RkLq&#q=m
z3iup3Gqcph1o}+W?vF}Xuu!8n&eJe0(KvaES&oRy@vhw<fWnVY1K+3P70Ld0A0$;!
z??hymDRu*eZT=Y>JRdkI2Z`&IiiKf9;7mUyzEE4V^0*j8KDr3;oeK?)6(B=TF)cWk
zFc9*X&V~({9k$^S4)tq0{MOAgmW}i()KAmVH5!p$!j=syT0lb?NW(MrUHviSM^gnl
zet-)q09+=soveqI)D&m4SEYd7egDi;5KLZ!GTw<EWhWf?u8_lwk#QPc_1Wd2=y+28
z#(7#w_X}O#$`&t=r){c#0?y~z)U~mHJn>@@(rx)X=vdt#R{~H9tkMZD4!(=I>ck3j
z{Dq<w3{7k66DJJ1Bh41LPFu^&&v-8TSq0^#XyqI(FahjhaHZXbQ3!y3_@>efZM@%)
z)c!|3aG<106`aqcJ)UGP?XEv~OkZ6^S=&*0E<UmpOpV_KgFnaod3ffO;!hvk2i{;9
zdtL>v;~LBjy@5%Av@Q+-`=R~ipP?+AOR(vci~rT2fvK6jidw=TS7-)<dJp0LRZz9n
zOpoT%FwrIFNFV?*Zuc9&Oa;lUp&B~`3~+8q<<`R#=_m=sfyei}I`6=OS$udIv>p__
zi7!c6lvg=j8=(8@{(>rk(C<6_CrxdZYsP1n6GYdYp1`d)ifr!(!l@cmu&F=}vM1oA
zog4YzT^I_4Ly>E8ZdM8@kcn8D5Ly21YrP{mj!IV+{*XPaYu`zMk|3uUsf1OHE+{%>
z)7u@)R2hU@Rd4hR3AH4iwFO`P0(=_WDo3`rCvB*rS53m`Hj6WEoedi6BvYg17a>6_
zqk3F*x0Cq<1-Mvme9C?<3YTv!y&&DT+pw|H6$>OqcTxpmQml|#o#}3eHu1AY8H(4E
z-)DMt7fZV2Sz$7dU3plzu{>95d#Q;*rS;+>Z^G?<3`{vl*hKO5N52Kef#&K%8iS2)
zUSXiAiK%t6*<)>ud{O^mws?;Hw&ig%UyMO~FZ+M%f%rK~jfuexs6&5HAS4%3l_)Pb
zyI6sRc9n`PbJhm${U)kUyZ_bOLo$`GzO6*KH#qR(lN86?wENl}<YuambUP;mk*zXL
zzi&?Bh!Deo?;z%Z+-A-w&lk%;2i&39URXE*-Q{8nicpeSp1sTfK@%FVSOUa#t>oOA
zx&Hy+{4cXui>==cq_l6XsS}Q|vk_5$?d}c?HR&tEQ3je8h{cf%=e8RQHJa|U$>L>x
zRM{9&?8YOsSblCWF(n=pr(>Q&f=jBO!`cvQD-u6Y=MM60?8KL5>j9f~gFTx__L0Cs
zElQ0uHNmZLBKgl|I&f(?Eq@0wHU`6%W3*Ygx19)r^f3FW?%kNwWt{?18w+D$u+R@<
z*$G$sn&a6h&;q)M<A2i^p3K_h5P)zU`X^fGiPF0HiGu6MW^oW931EH*Bp4W!xX!o`
zJ~RV2K+OP{#@)<TJ0Re!)v_@$J-&~HSY)$W-r9vh#a=N;$P3o3KiRwj4M0j(9B)j4
zrEYIl^YaEh>SOt>$_m`72cby=_S=03+yr=lLKwdP)YV{DxgPnx6;nyFa4x&?TzIqs
zNX6`)f>oFAd>L22RC#PkXWYG^FbhX05-6BUeJZX>srKzPB7O55Whw{2^90b1sjXmT
zfnrL0iO%GYO}cve>qREvCwiAaQOT=`AZ)8;Z*us;(T=<3rKrWdytW7=FuSymhaXV!
zw1NiyJx~QUT%?716Dd(9Bu_+;+9WtwP3Ylur;)iEj3|{$+l48n8R>DYHk48AnWS-U
zw>J|9!%*R&zY^M0GP~Zk^khr~gDgdku#?)vs4kXPFj>eBzSNq-(#3%{ykZ=ohz`&;
zQ;N>32D7J~9Emmy2UI069Vzlzx0m*h!~E8;&JiyWA}M$e1A>8Lw^+7VNc|Ci6uyOu
z`)#_=DvLCsO7=`@g+ZESbN(NZ2NvFV+V!%oTO@4ih!E|#mKkK1ClIXqic_D3wSco&
zjT*kwxIz6XzG$s@cKBTtF@`f5CVQ(%tnI06%x+j`+Z3CP1<%@vJp=W)H01Px5n<;G
z-hts_hggUFMaeR0hl4cIyF$QqMTU2_+tt@pApevVbth^paFK#Xc;}5&-*%i9-Z*$B
zVm;LMSpx2Fu_29G4hopc8wvj|2$)P+XQwI=Sr$c(%Ts%T=6r(ybutgOQ9;$ef&iM;
z7!J8F_~)_sb)Kh>e|`NWGwZ&J`byhN1XI3UuFE}i-ofV`f9-ckAnh{T>_V|Hd>HrY
z4M+>ka%obD#w$(lCnlnDq#KFJVe7=G5AGYsz9@79i6UiGL6o*P;sp0l>!j6@9u9|5
zW+YI7Pp40K$htBMa%Ji10AhwXU2sg3DapW$+14#8<)cMHzV>?bY~=0_<kPGLPQpXm
z38D>G2j`pb#8_q(O)CNg4>5w)EYwIg$#@4KQd%$d8+q`IAbNpNC3mTylV-@4vyA(t
zsks|fAlAu7$9&<27&kEB^0y|~UmOJ-`!s_vgni&`-l#poQw<DbYz`eZW7~}WPU~dd
z>{P;F93r1+kd?E9&igW?6kA|53)qGkL6x}H70CeIb_K7QyDBYh^8#P_?SA2AkJo0g
zl=8c~CFlPfz#gsheNOWq#3;AsK)E>6RVWyXFzO9*#9M#DO$VL;=2?J&L(Q|>#*;Aw
z=UGLDyf_XJlP}!(eV~3?;-B2MHM0Z?%Yj01HanIkhr(w1kTH+=N?u2ADUB1F;eCcJ
z3CEh832DJnR^(A>Y@MridmP-S+R13wjHI*^XY{LrJQn2p#iR^3)CIA?+_ZrYa;fn#
z(?}EZkvsGcQd9I$i-lwOK~Xu9t?R7ajSW&I)@XynvylJa*ktRN$t1g0NH<gfUuN7p
zc_d|uA6y*j1>rX%q?c5d)8QrDB;-f6QJbf%EEWJwWX7D|!dBk%E7H@?SDUdD71nC5
zA?_O%&{Prw9k-&{&s$^Zc#&;C+&Xb;?{~Nh78v3(x3MS-_QWD@K<(B^*lrYN|5>XW
zeFvp`XLJE>9o9RU=c2;F#EC=zlO9&gK&$G4Y`F%R4s)<o;_|dM3lP)JypTsrd@*At
zcR<?^B~x}L`X36%{j`O>Sh;UD0h9~ZSDr_uuX<Iz=Ukunx{6-qlCy@<I}qIOe_t0&
zKFty#;}znMw^YUdV8>~wG2PhGi)rqGvurIz8WqAqPR3>=N<^X_q(+zGhantRueI{f
z`L>1v{p~C8rM(R~Xd-z?#;v-7((yx!nE7m#HO8l@sZtOA+vGIY4jvWF3|`nvn@HiN
z%Ee?@8R4F&e+0-B|Jl(qy1DhmHKDNt{l%)G*0I)7<6R_e>cmHo&F?`B&oMb)O5}S>
zibE{^5~Cmx3WMhh;BP!yUX=%8rx4Sp-TmM@9oX7+Z9EU_mymPWX^O>ZBNM==gex`Q
zr|!^QFYW!`;H2#3&_z}w^@GzuQ6*V}9VyZ<O=fl|`LDasd5^bFMyQj4*hsUP0wS+#
zXK3!@gFV5H8Zn3U=Y+^NHr`=$283b7=Ei3gjq-jDOBj_D{~QE8v6fu6@UfWx*xrl_
zkjtv)cld(L#!!z7JF6t0t3?FNh+Zo~v^sxiMNdO2YUEq<5y_S0ZxpxUN&S;Dc-Emz
z97YENqj-TM*QG{=%@hu>MN5;>R6U!3fiUWl<(!Y?Q#s30VPuR_Kar8I($bO|vXwSq
zl{=Wdsq1BvW;BwQ99jdB9Rpa$oS6ncIwU7i>34SEBDS3LoPWb<Nh{nAe=c-#)WLrx
zMuWr9g*)m$Wos2VKc(vleP((9HwC`^?-|t>AV0L(NBN@VHdF+~W2k>}s{Q31npekC
zNhlKALZrksq4)^fKMWesFNcVHv5ez)WgyGBalm?5>}z4h_p}Y92@l9&zPRo)rSbs&
zZ%h#oMXifsZzj>rV(Z0OtiNw5e}61T+rNY_i*xD4bJwoCrHB>zco<y4dh2=e9Q2Dr
zWC6%g))5N%*)vsI4MyAZ7v+*A;N?Zv`bZaMLOeVc-7FEa3%u=Zg<vuyND-#`;Jq=R
z#|7Vf7k3%!tO(o<G@*h~!RqQ6mOukoyE6vS-KnSe)LEfZ8cqk%O)=dwhD(z)8@)yy
zb)NatXV)gEV3yc<!VOc4e1{=4!SC<%{^J)@f2xz@EjjdkH)EVVskH7Xql}>a>v*t<
zbssyu)5^b?0r5ivsJiBiBBrE5jwO9COM3l(_(Bdp)UE@9=0pkhsh6@RrnwF_Qb6<b
z;4htEg&eNmEAcdw?}OWMH+5W{?$IDi{E&ZQJJ_WLc##j)KOmkIu{G;Ix;2BxvzFcl
zpE}ACDVH6m4jrXH1wzQ#wBifeCF)oi9PZJs%mUwFpDnbk9g~BwDPjVuAV?~@uQn;$
z0(E2nr+k>h>r<Iy2wuw;q!Q-GIoiq6@<_noc`k+8dgGQ3^aozMo7THLpZ5T9-fyQE
zVRG#)J+`mD`K^M@d;h#Fd7R<W-e)0QFOy=UUSLL@^0<CGsK0MeEF>WoGjuRolQQ62
zu?v^rmMRqth2M9)p5On;w_yEPs1v-boj55z?U<cj8uTJacOV!l8*SU)ag-OsF%FPi
zNL7mtVc~^SEKGX{iQCo`=N0Ll=BN)h2A>1*M*OKwlyVT{5FY^ju&QYLR_*W7A42Gq
zV{^@h6V=F}BokR4pT*A9(}+Lf9*~LIqyJm6>wGsc77w|!pccJ}{2cP7WW;J&+$6O{
z&P-O=*^S(fBB#qiu=dx0<o*36&&Zy{z=Z1mK}ZCrv$srGVR-yjDI{X6g<d2c(JNGy
r)^@*I000007<Nb#T3cJQ00Hu|0f4{}QkAPTvBYQl0ssI200dcD78=M;

literal 0
HcmV?d00001

-- 
Gitee