tomcat11-docs-webapp-11.0.13-150600.13.12.1<>,֘ip9|#1[TGyQgoUs8%Bʄ8?&U,b#^*+ G-(//u$,UId*E N̶?HM xUeEI9cLZ_y$"s0iZiցE2k}-`!rq2MrXmL=,4o2Oϕz>Dz-B;-"qSٛkĻ h=dݞG׹ SB*{;>@?d . [ 'AGN <    4R 5 7;?8?`BHB B CM CCC(C8C 9C :D >FGHIXLYT\t]\^bcd)e.f1l3uHv0z$48>Ctomcat11-docs-webapp11.0.13150600.13.12.1The "docs" web application for Apache TomcatThe documentation of web application for Apache Tomcat.ih03-ch2b>WSUSE Linux Enterprise 15SUSE LLC Apache-2.0https://www.suse.com/Productivity/Networking/Web/Servershttps://tomcat.apache.orglinuxnoarchchown -R tomcat:tomcat /usr/share/tomcat/tomcat-webapps/docs/META-INF runuser -u tomcat -g tomcat -- xsltproc --output /usr/share/tomcat/tomcat-webapps/docs/META-INF/context.xml /etc/tomcat/allowLinking.xslt /usr/share/tomcat/tomcat-webapps/docs/META-INF/context.xml if [ ! -e /usr/share/tomcat/webapps/docs ]; then ln -sf /usr/share/tomcat/tomcat-webapps/docs /usr/share/tomcat/webapps/docs fi^F>DF@l5SW8@lHw rO>c  % \$G _1 |$}  q 7dI ^^F2 ,}CSِRL' fbW4S3776:@R$J08{(=Z@i+s#/0": LT0$ =ZVK-P`uz37/Lmu R`YURdXLSXRs+8J<i~ x{]'+*X,m/E T \B% T r D P'.QLcA큤A큤AA큤A큤A큤A큤A큤A큤AA큤AA큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤iWiViViViViViViViViViWiViViViViuiViWiWiWiWiWiriViViViViViViViuiuiXiXiuiXiXiWiViWiWiWiWiViWiViViViViViViViViViWiViViViViViViViViViViViViViViWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiWiViViWiWiWiWiuiViXiViViViViViViViViViViViViViViXiViViViWiWiWiViViWiWiWiViViWiWiWiWiViWiWiWiWiWiViViWiWiWiWiWiWiWiWiWiWiWiWiWiWiViViWiW253e67e4b27ddb1cdc62c0651053770bb3678c224d5924ba7410931bf6b3d413d1323215e1a115ff456df8dc02ed4e9e7d6656cb8f2d32b66cc9f3c28555d930f0e56f016d3a7753dd0c661d56426ffbd0f6652e16b644c0643204cc5f4e1f3070f778b4491e324f96aee337e085f90ede1c01e892ba2f872bc5cac43296dbd118ae0f6852f87a9f6a9720b19ed633a67d38caf7dfaea2fcd0ff2f1c7efc7576b492e7654470266176eaf4cbe44c8a2987ead361e5f7972071569d875d76bbc042e104569b6bb97be43a021c68ba021a3fe6a3ed22609718f77629009980c476baf57c399fde98300d7692fea50e6c3f0b9716cd091ea4757b7e0b64089510dd7a9b42ed15e1b611a173d5844c7ccd18fb63362acfe41862e7652f814d19170bff7fdb1c70875875216ee3a18630a52140eab628d9cce7bcd7f69f56b5e4d09426d23554d5f19a8cbe37d3aac0bcdc8a52e9a7e0663859da7ca42d6aa20b79200314b42f1cdb6724e14dbb6af463081179f4caf8614059a907bb946d8b4f33693543b7e4d8739a9223dcea301c22b89d1f94ef4a1e2bae78c0efe5e962097c3ee9eece4830be98dd3cd7c55154eb2f100a0094f891a53be91ab692485535f701bdb211d7f95f4a0cefe05481b799d4dabcf470b05eba18995c5c0ad64d636e53ff7fdb1c70875875216ee3a18630a52140eab628d9cce7bcd7f69f56b5e4d09477f84b68ac01984d8566203b324eae905f1883f5dcffd6d8c7a6342a76547458a05d968fecb7e74fe0cb7665f18e9d127546c9840a65dbc7c2c95ebdc51b032377f4c7ea8e630cc9cb6c816f9cd979062d649aa93f938ebb1c16b745ac175aa569560c9c39571f258620c284232d7f938367966daabe7221f1538f20a4937a0e7b8134b028f5b8c206e18075b05790d27cc29c431bb9575033b37319751036f8dc5d18af5aebf5ad183db10b5d17d0caabb65a1b5371af6d4c2e1160c16649d6d9fdacbd36cf39f746e789faee0d09e629b6051395bae804fc88d309fdc8d50d09ab87afb48daf1ac4d717df4b825be5efa23017839a759744c4c64c63e6d69a7edd546f075d87ab796964227362423d74d177edd7761ee27d6c55e4ed247d0fe77b11487561f905481b40f6e511722a20826fae44976a9715bfa20c86dfdfd409d24238ef18a636cba2664da801b0d69acd1bf4c496a65379a127cb106b35ba5b30e8b04438009da3f4f55f3c0a8a709d5712878fadd6a7b9b6f200794deeb0f0b5b975af8108334676482e00ac4e66b033c6edd6881c9efb8fccf7d9b0e953ec007a843223aa63a2483e40091ae507318da426b5a30e5111150c816f3decb93f385dbbc96805470d94119ebbea7e8211561210cb552dee9911325a24ac5654def4bfd6e7e24278bebe53f9e8978cd355cb37ca690af954bcd62b1a916efe833d3bc07b6a5da6388b53cec382bcc4b835db6c96b3b125e507b250a0c8b631d02c910f874154b2e77a62f53aab58d4426e034d9a77916f2a22d5dde493d8c46acf7d01218753f067f6756fd434befccbae666efd65e5d758c215e72d57767393d6cda73e3ec9ac742e82509e56a48a93f5c2d49fcce6c7f4d02e5ee92f5a3afc907d48c381e0c5094487ebb0a19518779e053eff43e769d1740b7ad41100e097132139802d6f44aebe2f4ec426638effd87349b8dfc9c454dc8f563367477fc7a8b2caf28b6c341e358d185baf3c962bcde101524b1d88e06812b1b1d796ff99f1baacc0d7c4295b44b3a61d418b7a53f588a02523c41d3c001568172bbab186e76038dbfa316896f98e786a42c4cd13b6b9e999f5269750725566fc08bc4ced04eb276fc6d892504d24158dabc05deaf3c00fcea20d6146894b00f48fe48def1cb500c4581c5e8288d4226e9eebbc9969f8dd5949724b069a4288e5fb381e679580734c9326fe2b4f882def757a464560b1c1c6f6917c10bc1c78171acee0a0aad8d01e257417a129b06b7cdd700d5a57b67fae96b4acc61a3b4a720b4683e349247aa32331ebf65688e7a5ee48a069f9a6fbb7c214c1eb2cb773048cb98b6cb2f74cf3df1073d291a19b45a6884e92ffc52b4acb04d553a37a995e2de37f98c8821a1f767b0a6f7295c75f716c7f2a6b9992455195d556b83f93816805d49bb98386d928d47a84751ba90af3eacb9e8950f10404584db56bb5c137e27f85b597d04670dca1875d30c89c999c1fd1886065d9ab91ca16acdf6cd8c27a6ae96640e0488663e1bc0d1bdbbbad6ea94e834e29570e9c2326b8b5c50c6fc5f71bb83b58b60b3603d11aa4a8f3e7cf75213a6f67275e0c3dbb37233eb9eb06efe98e2dbf0a954dfdcec642a5ea7715f214e23bf6626a78dd0ef1a8bbeafdbe5536f06331a360b1a3d5b69e57838f2f884689cc42f20cdd6aee71083b6591b4d26cfa6323ccbfb204faa3d00188750b523da0bb448f203580ed9eafda8e82e1e7a82c9ecd168bfdd0f305352bcdec2931b344b66f1059bb61abcdff8807b6fd8868d7e338a041e67c6ef67b9203b3d72d330bf666b4e1b903f58c2e0df02086dd8f26f0b3bdc9a1812ac24e35ea09734f68cfb33b92215f1796ed66fed2d4cb398f2b84850fddf2f1abcbae9b8de5c4633bd6aea64342c9749db3b5253527cf9c21e0859b7fbf25f3bce255c029e073d77fa0dd8cb1529931a0a32f771fa8d0282204f7d34f2a21e8b8999f1b4e2e1482c23895fcd9b9c60461c29192a888ed9eb46c7acda5bee1f502e5772c84fdbedef2a35984d06f275e56ced4e8791f9593baae4d4a9a893928f82bab89d99e5fc3b2d7965362328d94855ad1109e3027118549ac06413bc07328b24dff7a306276ff9ca0c94fc4a07e0a68fa6182adf28fd6e3aa55161f12792b979040fddc7e74fc48ead0c3f918c4d6f661a1a665010d03460eb4209243984ed2f709c585f8d0c17214570f3cf0f5e60ffdb607b6bc53772ebc0bc93fa631e1958a5613d18fb19f0aa7b5d43ade0391c7be6c5d1e84acf0a4afb04457949739f847241b757cbce5e8b538065e8c0223046ebdccc1e629e28fffd8963979105613077f379a5431106e8ab33d986f27afd0a0aaed287ca47f09eca1e80ef1a17de2e3e80b516de4b20754c23bd95ed254a375decb88a2c9cbd11d8f83a07f488f5ca231f29990f25bccb65ce6a192c309486c9d7e91304081a6ff5c4612f20b0c695998d9ef999056570a03753c3141b06ec91e8b61e7261074eb9c80d9b792a7b80ab36c0235fd7bd852d7c3cf9fc2f09cfe5f85d2c559590ba537bedaef07c4961599a6f5e8e3718ede63f61fc9f5cb48204910c30457017ee2dd8998a00011ff2a4e00db28c3a4228f7f471e7a9ec4be7dcf23e2098f82da49c089b086b5cffe0463cb773e7c1a6f007200862c7c9821cbbd57cb00c1fae744d0b20ccd2ea4c710aef1ac646b0436ada99aae893d393fd54d3ac42d44a0ee299028cd330bc6c5a5843dbfdc8fd796d4a95b1eff87e14ca883fce3b79cf6c8e405845eb826e3194482b2b505d3ef9ff0382fced8c62d78fe092b159da45c3cf66a6acff626e4cbe3441c8a4aacbc8dec67df410a9d3a308ec8f96a8c15a2cf0ad6640af09f9dc9d72512f10be2b7ba4400829422de95eb144385c1578d55f11a780f391188fb603c7c97b6a1d364f9e847c2bc8e4ded11aba3fe587c2f103de8d7ebcd94f616d5dc4288eae47b445abb8b6f22b2f66bfa91624d15bc6808d2b64633cf2ac6c15be5af8495cdc40e9949f5e88dab62554d2acd40d4b89699dfa289accf61dee2fc90f61b00a4c86fb78b99bbde2e1317710d0e0a078434ac890cb61d568d84c88b4179c118047a18e79e3b26096152f5e105bee6bd7415e563f226bf251f3d7c146321abda94becc262ae505d41c5939817735053b36809cb8d2a0ba4bbc760167fe552e019d061204f069b5b47b99fb79e7fd84f92069de609a0da8eed3112aefff66dfd47ce1d9d3b7814538d1c9272bc15db2973b0cbf0366e8f157b73b3575bd3293b7f7d0365e2ce8efafaa8180aa6bbd1b2f684b681a26783c52522fb6767c32bd2ffa3cfc5caa2db17648b1e27971e2d50260e7e9f131ba29e279a34d79b8e39c1aa266eefa6cb5bcba89f486a1f0b701bbf31767351c11c6f449a150a7f4da3064538b042b3b7e52333bf57a70943299518764fcd1337d41d3422bbb53c3ea4e131537a4703af561d8b32ec11fba83a88bc520804ff4a100cc1267f9d5f1c42b3d8acb875f39b02de2a4026144019ccc73a3c55027d23e5369ca30cea8d161aa7d796bd6599512db964f1a3224ea201e725114d63790e164786d8a93abccce3c2d26725e35f35aff01695063db4738108e1ce5aa8af7e6a2a9d89028d0f21bf91fb56884f82634d1abad4aaa42bd759fa6897b5ae2ee92d1c7e000e4e6808325df1a5da1498cb998812a41cc713541c0b03ba4b2fb8994c90aad81362d6b2e27400d65680b8936c70ec6ec5d8b72e64e53899155996127ee5c35ca14230676f6d116676d6b563a4da21c16c9970fe1f6c6b18a280d0887cfb3f4461b441b584c8fc83769f6d28251e64dd397f819265acd98aef0d3d44ebfee3ff018e96c5690a731a0d17585f000b9d046f814abe660952f4409d63445a27dc6a878c32824f25e9555f21a80ac5d414ba274fe0ba29f4a1647d09203290c7052092de89d5669c74cb3ebaf4058d6c57b727bb367c3564a5cbf4b186a855e45eecf808445bdb7004ddbe20886b9fffb08b9b3be1da48fffa315376dd52112c36fa422d381aec5ffb57c31912b60ca0e47b56634beaae1a4eb8c826fdea1e12410bcade84f35a04c6e35aa3314a9b13d475fdae2856a6c82b7d6017fcac0dba2ac0d6abdb2d037f07499a84df7f9a949e5e76a4d89dd3913b96e3ec691568f1581537f57b4e62863524bd1511017e7f252f23ac6c125160c39b14a2a0410d16b47d3901eee99d0090e19fdb28ab78e3fff49f571c5ece6cca5eaa4ca9bff421ce09b2021f4e4bc64a8264732de30b162cb05943d9b2e92bf27138de083e056ba73609403a3ef0ac82395a4fccae251ecef1878c569a3a5ee2f4e94f2b56e19054224482be0aa7b444ab8324ed0b0c25e3abacbd87be29732356c9bb890556675373ea9ed1d0e9b5678426d69296b6801c906ca378bb426aa3d6acdc3ba392abf7aa1d006749331fa8e97ac2202596a819dd382b46d051a28dca74875a851d97fcc71c78ca279754fabc2289a600aabecec4d9e4387cab9c7400aa2d0868a21c493df0e5da1622b319e915303b1aa2b72f3cb836057eed5699f522693cd0e6f9fbe497b6a0346fde3934cbcbd7c557a334c27bb34e69c7ed430ed4a4588c27f2a933b428f5a13403157e395a9d869d176c8dd256a5f28a042e4f863b42117f27a13e776a0e6ee6d54739b08b35741f43f5776bf51a193810b51d60285dc5d18af5aebf5ad183db10b5d17d0caabb65a1b5371af6d4c2e1160c16649d65d4dbfc82ee715a653291fb987dd565b6fc567ffee828d9e4c5f181c75eca0be63b93e248018e9520b508c50c9f61fb190bb7ed7c057598111baf79d07c3ad14afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277e7761787862f2f487071be72c1327cf1ab7e53f89e04b61b86582fbe48f00afcc8b8c42940274e7bcc6e24f41343df2c38827a4df8d833ac11f53060a5e9ed0418f2ebd9aa0fb25b1f2dac5d044524c15b5a4e58a38cf324dc2fd67d3757b3c4a7069a821f79f4cb9befb35812bfbcd68e0d3aa97de74c4c2212663a99072620264b20b85276870bf37102e46332e803d8349703a5f82a26043388692fe49c3e174dc9c2d7cb8a0a8e4d904babe074367a29ca13c801cb1c0b010d7bae96a46b18ca5564a2a36e3184c3fd8b6b9a5f1e8783a1aa3dcd67d8dc33e34225bf3a3f67ee8b6b4881bedd3ae5ca20c38a8bd521c8e5587fd351933a07ef1df57c43e20f957c6fe599b9d5d406ca1f8bf70f22d50acd3025e888244354799b34f2ab3a7edcd09fc9d4c50a98152d96d5853706202d307bc8298ded7bf3688021fd0743271ad418fb0c70c5715e649c1635bdb07d3d9f00d827929b1589a3e50a4d9db14eff2d5c800a7def5c472109d5c94ae82f9b309482e2100635201c430e38b9ea5ddbd3c1ac87bcf2df87bc93c0dd903a2467ced795dcd5c0d746f5c133a8123e2de7a6c716e9f3522c2deb7e5c77b9d3247cea0623f4a3b6fe68e565f5834f9ebaac4b0068a7bf285243ac8dc4aa43e1b33fd18f6e60f31b9e54c5bf9a130e176817a11b6d4cd5abce7b037758a603e66ed1b0a49bdf84cafb183c8be84185cb2a2a11a8bc738d795b561641ece2a24711d095c5e204eee8aaf581eda6844c99f006794f7a173cf7a2bbf6dbe5deca41a57407e63525a9c97602b2b4664e637c8d2183f5e55681f7e32f4a0a5b36499e95bd84b9ff80f3ad5f60b303e3f3789da025f021936e95cf3abba6f4c24c75111d10d83bb37dee865dcd64e7eabef65598407a6f74acbe46941d4a4d6a2220bab1b6677dc427b19397c5cfec7626e7c5c246a079705248392691608e1131e36d290b91e7ffb9afa9858efcfb51ad145061f582cd80da63196157024a6f79d055495d07a88542f1ebca11244f1087615af664dfc21088f20d1663b7be43785d963a391bba6c09e612f57c97c7decb5d94f1c230fb320b97392e26c3280265f430793e62db8d999e3ea2b61eb34b631a35206509a3d5705e8a25a2d61302796514f93d1fd2021d34f98cdcb88df8e8abf3507210a87acd1a637168ab01215b7be5c2a06f4ba5e50348290854b94c182c6f7b1524fe3a6041ec0b1efa34bba0621578385ed956b8a55102be38d13f23b743528acf42e370470bb411a8a27258b5ab36158dcc174afed15c90925f54788f10865140ea51c69e341b98ae323472ec20a06d7d2f1a4a53bb516089bd5b21e854e93eb1e4de4c5f7eaab4b8575011b472d655850a9c61a769c598a29fe41b8db4a9164181604048d63a68147283e5372e9798b99093a484601449b60a4986cafda7b7c11299cbd4c33c5566105eebf9b3930dfa980d92ca5fb03e2b250503976ff25cd5791bfd174731985e6c45f3ae65b9b48ea39b4e679402444851eb349f6303008441c822aa78591d197c6a0724d5805f31c079b626feb2256c537ada3b8frootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootroottomcat11-11.0.13-150600.13.12.1.src.rpmtomcat-implementation-docs-webapptomcat11-docs-webapp     /bin/shlibxslt-toolsrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PartialHardlinkSets)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)tomcat11util-linux3.0.4-14.6.0-14.0.4-14.0-15.2-111.0.13-150600.13.12.1tomcat-implementation-docs-webapp4.14.3i hhP@hChZ@hH@h@hhmricardo.mestre@suse.comfstrba@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.comfstrba@suse.comfstrba@suse.comricardo.mestre@suse.com- Update to Tomcat 11.0.13 * Fixed CVEs: + CVE-2025-55752: directory traversal via rewrite with possible RCE if PUT is enabled (bsc#1252753) + CVE-2025-55754: Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat (bsc#1252905) + CVE-2025-61795: temporary copies during the processing of multipart upload can lead to a denial of service (bsc#1252756) * Catalina + Add: Add CIDR support for the configuration of internal and trusted proxies for the RemoteIpFilter and RemoteIpValve. Configuration via regular expression has been deprecated and will be removed in Tomcat 12. (markt) + Fix: Log warnings when the SSO configuration does not comply with the documentation. (remm) + Update: Deprecate the RemoteAddrFilter and RemoteAddValve in favour of the RemoteCIDRFilter and RemoteCIDRValve. (markt) + Fix: 69837: Fix corruption of the class path generated by the Loader when running on Windows. (markt) + Fix: Reject requests that map to invalid Windows file names earlier. (markt) + Fix: 69839: Ensure that changes to session IDs (typically after authentication) are promulgated to the SSO Valve to ensure that SSO entries are fully clean-up on session expiration. Patch provided by Kim Johan Andersson. (markt) + Fix: Fix a race condition in the creation of the storage location for the FileStore. (markt) + Update: Change the digest used to calculate strong ETags (if enabled) for the default Servlet from SHA-1 to SHA-256 to align with the recommendation in RFC 9110 that hash functions used to generate strong ETags should be collision resistant. (markt) + Fix: HTTP methods are case-sensitive so always use case sensitive comparisons when comparing HTTP methods. (markt) + Fix: 69814: Ensure that HttpSession.isNew() returns false once the client has joined the session. (markt) + Fix: Further performance improvements for ParameterMap. (jengebr/markt) + Code: Refactor access log time stamps to be based on the Instant request processing starts. (markt) + Fix: Fix a case-sensitivity issue in the trailer header allow list. (markt) + Fix: Be proactive in cleaning up temporary files after a failed multi-part upload rather than waiting for GC to do it. (markt) + Code: Remove a number of unnecessary packages from the catalina-deployer.jar. (markt) + Fix: 69781: Fix concurrent access issues in the session FileStore implementation that were causing lost sessions when the store was used with the PersistentValve. Based on pull request #882 by Aaron Ogburn. (markt) + Code: Refactor WebResource locking to use the new KeyedReentrantReadWriteLock. (markt) + Fix: Fix handling of QSA and QSD flags in RewriteValve. (markt) * Cluster + Fix: Prevent the channel configuration (sender, receiver, membership service) from being changed unless the channel is fully stopped. (markt) + Fix: Handle spurious wake-ups during leader election for NonBlockingCoordinator. (markt) + Fix: Handle spurious wake-ups during sending of messages by RpcChannel. (markt) * Coyote + Fix: 69836: Incorrect processing of partitioned setting when generating session cookie. Patch submitted by Marc Pynaert. (remm) + Fix: 69848: Fix copy/paste errors in 11.0.12 that meant DELETE requests received via the AJP connector were processed as OPTIONS requests and PROPFIND requests were processed as TRACE. (markt) + Update: Add specific certificate selection code for TLS 1.3 supporting post quantum cryptography. Certificates defined with type MLDSA will be selected depending on the TLS client hello. (remm) + Update: Add groups attribute on SSLHostConfig allowing to restrict which groups can be enabled on the SSL engine. (remm) + Add: Optimize the conversion of HTTP method from byte form to String form. (markt) + Fix: Store HTTP request headers using the original case for the header name rather than forcing it to lower case. (markt) + Fix: 69762: Additional overflow fix for HPACK decoding of integers. Pull request #880 by Chenjp. (markt) + Fix: Ensure keys are handed out to OpenSSL even if PEMFile fails to process it, with appropriate logging. (remm) + Fix: Add new ML-DSA key algorithm to PEMFile and improve reporting when reading a key fails. (remm) + Fix: Fix possible early timeouts for network operations caused by a spurious wake-up of a waiting thread. Found by Coverity Scan. (markt) * Web applications + Fix: Documentation. Clarify the purpose of the maxPostSize attribute of the Connector element. (markt) + Fix: Avoid NPE in manager webapp displaying certificate information. (remm) * Websocket + Fix: 69845: When using permessage-deflate with Java 25 onwards, handle the underlying Inflater and/or Deflater throwing IllegalStateException when closed rather than NullPointerException as they do in Java 24 and earlier. (markt) * Other + Fix: 69847: Remove remaining references to the org.apache.tomcat.util.codec.binary package which has been deleted. (markt) + Update: Update Byte Buddy to 1.17.7. (markt) + Update: Update Checkstyle to 11.1.0. (markt) + Update: Update SpotBugs to 4.9.6. (markt) + Update: Update Jsign to 7.2. (markt) + Add: Improvements to Russian translations provided by usmazat. (markt) + Add: Improvements to French translations. (remm) + Add: Improvements to Japanese translations provided by tak7iji. (markt) + Update: Minor refactoring in JULI loggers. Patch provided by minjund. (schultz) + Code: Review logging and include the full stack trace and exception message by default rather then just the exception message when logging an error or warning in response to an exception. (markt) + Add: Add escaping to log formatters to align with JSON formatter. (markt) + Update: Update Checkstyle to 11.0.0. (markt)- Do not use update-alternatives- Update to Tomcat 11.0.10 * Fixed CVEs: + CVE-2025-48989: Update the HTTP/2 overhead documentation (bsc#1243895) * Catalina + Fix: Fix bloom filter population for archive indexing when using a packed WAR containing one or more JAR files. (markt) * Coyote + Fix: 69748: Add missing call to set keep-alive timeout when using HTTP/1.1 following an async request, which was present for AJP. (remm/markt) + Fix: 69762: Fix possible overflow during HPACK decoding of integers. Note that the maximum permitted value of an HPACK decoded integer is Integer.MAX_VALUE. (markt) + Fix: Update the HTTP/2 overhead documentation - particularly the code comments - to reflect the deprecation of the PRIORITY frame and clarify that a stream reset always triggers an overhead increase. (markt) * Cluster + Update: Add enableStatistics configuration attribute for the DeltaManager, defaulting to true. (remm) * WebSocket + Fix: Align the WebSocket extension handling for WebSocket client connections with WebSocket server connections. The WebSocket client now only includes an extension requested by an endpoint in the opening handshake if the WebSocket client supports that extension. (markt) * Web applications + Fix: Manager and Host Manager. Provide the Manager and Host Manager web applications with a dedicated favicon file rather than using the one from the ROOT web application which might not be present or may represent something entirely different. Pull requests #876 and #878 by Simon Arame. * Other + Update: Update Checkstyle to 10.26.1. (markt) + Add: Improvements to French translations. (remm) + Add: Improvements to Japanese translations by tak7iji. (markt)- Update to Tomcat 11.0.9 - adapt tomcat-jdt.patch * Fixed CVEs: + CVE-2025-52520: Align size tracking for multipart requests with FileUpload's use of long. (bsc#1246388) + CVE-2025-53506: Apply the initial HTTP/2 connection limits earlier. (bsc#1246318) * Catalina + Fix: Ensure application configured welcome files override the defaults when configuring an embedded web application programmatically. (markt) + Update: Optimize Request#getCharsetHolder to avoid repeated parsing when charset is null. Patch provided by morning-gu. (schultz) + Fix: Allow the default servlet to set the content length when the content length is known, no content has been written and a Writer is being used. (markt) + Fix: 69717: Correct a regression in the fix for CVE-2025-49125 that prevented access to PreResources and PostResources when mounted below the web application root with a path that was terminated with a file separator. (remm/markt) + Fix: 69731: Fix an issue that meant that the value of maxParameterCount applied was smaller than intended for multipart uploads with non-file parts when the parts were processed before query string parameters. (markt) + Fix: Align size tracking for multipart requests with FileUpload's use of long. (schultz) * Coyote + Fix: 69710: Increase the default for maxPartCount from 10 to 50. Update the documentation to provide more details on the memory requirements to support multi-part uploads while avoiding a denial of service risk. (markt) + Fix: 69713: Correctly handle an HTTP/2 data frame that includes padding when the headers include a content-length. (remm/markt) + Fix: Correctly collect statistics for HTTP/2 requests and avoid counting one request multiple times. Based on pull request #868 by qingdaoheze. (markt) + Fix: Fix JMX value for keepAliveCount on the endpoint. Also add the value of useVirtualThreads in JMX. (remm) + Fix: 69728: Remove incorrect warning when HTTP/2 is used with optional certificate verification and improve the warnings when a web application tries to use CLIENT-CERT with either HTTP/2 or a JSSE implementation of TLS 1.3. (markt) + Fix: When setting the initial HTTP/2 connection limit, apply those limits earlier. (markt) * Jasper + Code: Remove IMPL_OBJ_START from EL grammar for IDENTIFIER. (markt) + Code: Remove the INSTANCEOF and FUNCTIONSUFFIX definitions from the EL grammar as both are unused. (markt) * Web applications + Add: Documentation. Provide more explicit guidance regarding the security considerations for enabling write access to the web application via WebDAV, HTTP PUT requests or similar. (markt) + Add: Documentation. Add a section on reverse proxies to the security considerations page. (markt) * Other + Update: Update to the Eclipse JDT compiler 4.36. (markt) + Update: Update UnboundID to 7.0.3. (markt) + Update: Update Checkstyle to 10.25.1. (markt) + Update: Improvements to French translations. (remm) + Update: Improvements to Japanese translations provided by tak7iji. (markt)- Update to Tomcat 11.0.8 * Fixed CVEs: + CVE-2025-46701: refactor CGI servlet to access resources via WebResources (bsc#1243815) + CVE-2025-48988: limits the total number of parts in a multi-part request and limits the size of the headers provided with each part (bsc#1244656) + CVE-2025-49125: Expand checks for webAppMount (bsc#1244649) * Catalina + Add: Support for the java:module namespace which mirrors the java:comp namespace. + Fix: 69690: Calling HttpServletRequest.getParameter() and related methods for a request with content type multipart/form-data when the mapped servlet does not have a @MultipartConfig or equivalent should not trigger an exception. Note that calling getPart() or getParts() is these circumstances will trigger an exception. + Add: Support parsing of multiple path parameters separated by ; in a single URL segment. Based on pull request #860 by Chenjp. + Fix: 69699: Encode redirect URL used by the rewrite valve with the session id if appropriate, and handle cross context with different session configuration when using rewrite. + Add: #863: Support for comments at the end of lines in text rewrite map files to align behaviour with Apache httpd. Pull request provided by Chenjp. + Fix: 69706: Saved request serialization issue in FORM introduced when allowing infinite session timeouts. + Fix: Expand the path checks for Pre-Resources and Post-Resources mounted at a path within the web application. + Fix: Process possible path parameters rewrite production in the rewrite valve. + Fix: 69588: Enable allowLinking to be set on PreResources, JarResources and PostResources. If not set explicitly, the setting will be inherited from the Resources. + Add: 69633: Support for Filters using context root mappings. + Fix: 69643: Optimize directory listing for large amount of files. Patch submitted by Loic de l'Eprevier. + Fix: #843: Off by one validation logic for partial PUT ranges and associated test case. Submitted by Chenjp. + Refactor: GCI servlet to access resources via the WebResource API. + Fix: 69662: Report name in exception message when a naming lookup failure occurs. Based on code submitted by Donald Smith. + Fix: Ensure that the FORM authentication attribute authenticationSessionTimeout works correctly when sessions have an infinite timeout when authentication starts. + Add: Provide a content type based on file extension when web application resources are accessed via a URL. * Coyote + Refactor: #861: TaskQueue to use the new interface RetryableQueue which enables better integration of custom Executors which provide their own BlockingQueue implementation. Pull request provided by Paulo Almeida. + Add: Finer grained control of multi-part request processing via two new attributes on the Connector element. maxPartCount limits the total number of parts in a multi-part request and maxPartHeaderSize limits the size of the headers provided with each part. Add support for these new attributes to the ParameterLimitValve. * Jasper + Fix: 69696: Mark the JSP wrapper for reload after a failed compilation. + Fix: 69635: Add support to jakarta.el.ImportHandler for resolving inner classes. + Add: #842: Support for optimized execution of c:set and c:remove tags, when activated via JSP servlet param useNonstandardTagOptimizations. + Fix: An edge case compilation bug for JSP and tag files on case insensitive file systems that was exposed by the test case for 69635. * Web applications + Fix: 69694: Improve error reporting of deployment tasks done using the manager webapp when a copy operation fails. + Add: 68876: Documentation. Update the UML diagrams for server start-up, request processing and authentication using PlantUML and include the source files for each diagram. * Other + Add: Thread name to webappClassLoader.stackTraceRequestThread message. Patch provided by Felix Zhang. + Update: Tomcat Native to 2.0.9. + Update: The internal fork of Apache Commons FileUpload to 1.6.0-RC1 (2025-06-05). + Update: EasyMock to 5.6.0. + Update: Checkstyle to 10.25.0. + Fix: Use the full path when the installer for Windows sets calls icacls.exe to set file permissions. + Update: Improvements to Japanese translations provided by tak7iji. + Update: Jacoco to 0.8.13. + Code: Explicitly set the locale to be used for Javadoc. For official releases, this locale will be English (US) to support reproducible builds. + Update: Byte Buddy to 1.17.5. + Update: Checkstyle to 10.23.1. + Update: File extension to media type mappings to align with the current list used by the Apache Web Server (httpd). + Update: Improvements to French translations. + Update: Improvements to Japanese translations provided by tak7iji.- Hardening permissions (bsc#1242722)- Do not require standalone versions of apis that tomcat itself carries - Do not version dependencies- Make conflicts and provides more generic- Initial packaging of tomcat11 11.0.6/bin/shh03-ch2b 1762784385  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~$11.0.1311.0.13-150600.13.12.1    docsBUILDING.txtMETA-INFcontext.xmlRELEASE-NOTES.txtRUNNING.txtWEB-INFjsp403.jspweb.xmlaio.htmlannotationapiindex.htmlapiindex.htmlappdevbuild.xml.txtdeployment.htmlindex.htmlinstallation.htmlintroduction.htmlprocesses.htmlsamplebuild.xmldocsREADME.txtindex.htmlsrcmypackageHello.javawebWEB-INFweb.xmlhello.jspimagestomcat.gifindex.htmlsource.htmlweb.xml.txtapr.htmlarchitectureindex.htmloverview.htmlrequestProcessrequestProcess.html11_nio.plantuml11_nio.png21_http11.plantuml21_http11.png31_synchronous.plantuml31_synchronous.png41_basic.plantuml41_basic.pngstartupstartup.html1_overview.plantuml1_overview.png2_catalina_init.plantuml2_catalina_init.png3_catalina_start_1.plantuml3_catalina_start_1.png4_catalina_start_2.plantuml4_catalina_start_2.png5_catalina_start_3.plantuml5_catalina_start_3.png6_catalina_host_config.plantuml6_catalina_host_config.png7_catalina_context_config.plantuml7_catalina_context_config.pngbalancer-howto.htmlbuilding.htmlcdi.htmlcgi-howto.htmlchangelog.htmlclass-loader-howto.htmlcluster-howto.htmlcomments.htmlconfigajp.htmlautomatic-deployment.htmlcluster-channel.htmlcluster-deployer.htmlcluster-interceptor.htmlcluster-listener.htmlcluster-manager.htmlcluster-membership.htmlcluster-receiver.htmlcluster-sender.htmlcluster-valve.htmlcluster.htmlcontext.htmlcookie-processor.htmlcredentialhandler.htmlengine.htmlexecutor.htmlfilter.htmlglobalresources.htmlhost.htmlhttp.htmlhttp2.htmlindex.htmljar-scan-filter.htmljar-scanner.htmljaspic.htmllisteners.htmlloader.htmlmanager.htmlrealm.htmlresources.htmlruntime-attributes.htmlserver.htmlservice.htmlsessionidgenerator.htmlsystemprops.htmlvalve.htmlconnectors.htmldefault-servlet.htmldeployer-howto.htmldevelopers.htmlelapiindex.htmlgraal.htmlhost-manager-howto.htmlhtml-host-manager-howto.htmlhtml-manager-howto.htmlimagesadd.gifasf-logo.svgcode.gifcors-flowchart.pngdesign.gifdocs-stylesheet.cssdocs.giffix.giffontsOpenSans400.woffOpenSans400italic.woffOpenSans600.woffOpenSans600italic.woffOpenSans700.woffOpenSans700italic.wofffonts.csstomcat.giftomcat.pngupdate.gifvoid.gifindex.htmlintroduction.htmljasper-howto.htmljaspicapiindex.htmljdbc-pool.htmljndi-datasource-examples-howto.htmljndi-resources-howto.htmljspapiindex.htmllogging.htmlmanager-howto.htmlmaven-jars.htmlmbeans-descriptors-howto.htmlmbeans-descriptors.dtdmonitoring.htmlproxy-howto.htmlrealm-howto.htmlrewrite.htmlsecurity-howto.htmlservletapiindex.htmlsetup.htmlssi-howto.htmlssl-howto.htmltribesdevelopers.htmlfaq.htmlinterceptors.htmlintroduction.htmlmembership.htmlsetup.htmlstatus.htmltransport.htmlvirtual-hosting-howto.htmlweb-socket-howto.htmlwebsocketapiindex.htmlwindows-auth-howto.htmlwindows-service-howto.html/usr/share/tomcat/tomcat-webapps//usr/share/tomcat/tomcat-webapps/docs//usr/share/tomcat/tomcat-webapps/docs/META-INF//usr/share/tomcat/tomcat-webapps/docs/WEB-INF//usr/share/tomcat/tomcat-webapps/docs/WEB-INF/jsp//usr/share/tomcat/tomcat-webapps/docs/annotationapi//usr/share/tomcat/tomcat-webapps/docs/api//usr/share/tomcat/tomcat-webapps/docs/appdev//usr/share/tomcat/tomcat-webapps/docs/appdev/sample//usr/share/tomcat/tomcat-webapps/docs/appdev/sample/docs//usr/share/tomcat/tomcat-webapps/docs/appdev/sample/src//usr/share/tomcat/tomcat-webapps/docs/appdev/sample/src/mypackage//usr/share/tomcat/tomcat-webapps/docs/appdev/sample/web//usr/share/tomcat/tomcat-webapps/docs/appdev/sample/web/WEB-INF//usr/share/tomcat/tomcat-webapps/docs/appdev/sample/web/images//usr/share/tomcat/tomcat-webapps/docs/architecture//usr/share/tomcat/tomcat-webapps/docs/architecture/requestProcess//usr/share/tomcat/tomcat-webapps/docs/architecture/startup//usr/share/tomcat/tomcat-webapps/docs/config//usr/share/tomcat/tomcat-webapps/docs/elapi//usr/share/tomcat/tomcat-webapps/docs/images//usr/share/tomcat/tomcat-webapps/docs/images/fonts//usr/share/tomcat/tomcat-webapps/docs/jaspicapi//usr/share/tomcat/tomcat-webapps/docs/jspapi//usr/share/tomcat/tomcat-webapps/docs/servletapi//usr/share/tomcat/tomcat-webapps/docs/tribes//usr/share/tomcat/tomcat-webapps/docs/websocketapi/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:41570/SUSE_SLE-15-SP6_Update/606e41093bb0c2ff48b2c2770ee7e68f-tomcat11.SUSE_SLE-15-SP6_Updatedrpmxz5noarch-suse-linux     directoryASCII textXML 1.0 document, ASCII textHTML document, ASCII textHTML document, ASCII text, with very long linesexported SGML document, ASCII textPerl5 module source, ASCII textGIF image data, version 89a, 146 x 92PNG image data, 1682 x 1495, 8-bit/color RGB, non-interlacedPNG image data, 546 x 401, 8-bit/color RGB, non-interlacedPNG image data, 2974 x 2013, 8-bit/color RGB, non-interlacedPNG image data, 1948 x 1360, 8-bit/color RGB, non-interlacedPNG image data, 574 x 1324, 8-bit/color RGB, non-interlacedPNG image data, 1585 x 1915, 8-bit/color RGB, non-interlacedPNG image data, 1667 x 2547, 8-bit/color RGB, non-interlacedPNG image data, 1476 x 2047, 8-bit/color RGB, non-interlacedPNG image data, 2312 x 3480, 8-bit/color RGB, non-interlacedPNG image data, 807 x 1177, 8-bit/color RGB, non-interlacedPNG image data, 786 x 1567, 8-bit/color RGB, non-interlacedHTML document, UTF-8 Unicode text, with very long linesGIF image data, version 89a, 20 x 20SVG Scalable Vector Graphics imagePNG image data, 976 x 756, 8-bit/color RGB, non-interlacedWeb Open Font Format, TrueType, length 21956, version 1.1Web Open Font Format, TrueType, length 21092, version 1.1Web Open Font Format, TrueType, length 22604, version 1.1Web Open Font Format, TrueType, length 21252, version 1.1Web Open Font Format, TrueType, length 22748, version 1.1Web Open Font Format, TrueType, length 21184, version 1.1PNG image data, 146 x 92, 8-bit/color RGBA, non-interlacedGIF image data, version 89a, 1 x 1FV~}&Putf-89e32b90f514c44ff32cb508aacbd7353a2fcdc082891f2d6e340b65b942d473d?7zXZ !t/eY(]"k%3u Y]\ !xvd1ME U5a8xRnS51:mݯ/0z&LK 5qd{f2Gs@/SaC(_:Dya!FӷRAG;M7 znΉ6~]SM]y DڴPty'epq*f#:aA):ќdvGsIga_-ݜ68c ~SD D5tVɣˀ 1ʥv Ay@Т8Y%WH꓈ ?%^ _?39#^+ӿzWiLƽPB-H8I|DC+ƞnNqzjRV&ЬÙfIU*~GH)fm ^y`~uIP/wtwA\[ "X:Z.Q${l'?T:;Mc"Fϐ]掩Q sSX'tzp}Z4B~EsXM-я Q9Iz3gb7e!A B>7E{]qJ;;(Ӣq/'@x1#Un$P2 Ð!w[- Bc1t9RP[qn^ PM< D3+=N%?@ {U~+pF4! ):|D^s{“tx%CB&}}] WisaY2J'M ^^2|4LΧ4d3+r2DX(МyK/{RFwhڨe0|%'"U4Ĉ,eG])(DLsi2j/?E}. JE"zgAjmB组K1@^6&R$s,⇦+,\!H! CX@9gOs刘Bz Liv\VVuL v_ 2@uMT^X] iRgy0јQ8{N'5|_*,5`W` ~ e0P,YbKԶɽBOmxZe+5F0=b|"gZ~- &=>b>Qc4ʏ|e?CQir_Q-8bFe𓈁;3$`SBeLEZGx6},!hYZ-lQ,s3u|m3~LNٝm8HVedrxJ&jIP w_h7 `?AJ LMAcTgXr$&+tޚssjg1O,$*6v?gmpQRl[9_UfiRam0_OBuʂ6NErO5 n)<Ikҵ#ux}xxޮ?_aU]'uh i(۾76^JS8 7,@>jd)*BdwR7|Cln,` xs{V.{g{xD?='=J ծ[i;f~XM8UgK(w3Zhmcd6I)J% tRZFg|Y;+ƞ?bEaE/QUpGf{ >rBd#;%sjIt"ּ\iVnWz=;X t)Txm%5'',0'tnDrz/Gip|j-*`xKpDTTr5@(ƖʺkF RH{x ǖ)TM-&+ V*=x' G7gw_J=%.ɪ mC$zHbu>iMun&~z+ qUXv@hf7϶D2pFm}?V4I*o{1R|l3x@@ YHme-EUVK[qҶnvhew Z3{ps8,k=>poC'FRP;HIFN6mhQ=H&yBcS~ euLu֜ c ^>wa5E?GMf'TV[ǞL1!'QMUP l 9ka:d4TTPl)o<%=kC#gIg,XfgMGyg9d,eK+,*-V>De:wavZ6VXiKn(<5lFr`8P>W-5fVO҄>b EG?Tia1~JU+ Xt aD  &R4x'XG; hDGҭu]!z3{/X%p;>D*;1֣)0y2$)IA&л$>y_0\(a~\W…Ek_kCaSŽ`Lahڠ6#ܜgIHJb=9b iYhpb''Ʀ+ga2Y_=5LV!WD K>H[|s1q< I2 {_ Pt]b\ A}V Qէ!emޕUُR6!Dh8I=p!tJѮ+:WwG>"{Uc X5^ٴ`=vNxIO60I/ ,!r1vU#wqmeq%oA]R͵aQO6!lnvnZcp= DP2>c,\N-$K0׿hO`a ..% j^6yY7sU?K쒲#橮JjbiXA(ϼqk|?Tq|pyk,C@Lպ. }~3QYby⹃u$!Hk.TW;W ؤ=ug|\JTߪHVIs&Ȓ蝡B4J 1[3SGg~0T"|?݅aW=eE j\GU ?v5m0Rꞧ[W`iBnY[ ܕ1iXSUu.Ses#+ b 4bD@%QBe2v|+~M+7MA-[ސ̸v:#FNx-DW  :Ѝnb 7W>7IGowApvf j؊ X™N .+ CHiP0 ,8&e"EcJm?k! OץО]F8rD`xZ)ms#Q4Y^GH6z /ŠmP2o|ԝ[K_ Rf5Ϡ34cGмF7_jB4UDxfH""drt ЁXu^]Q}L@CD=g~XHv28~wYNZG93 K rn{\XG!.gbTP~۸̇IW[`a\!ȔGC+0gôpMcӽ LzOdCķm+YW[D F;iRM1WnA6DPNLeSӏSMqd@#M-z? )-9k t13IGªU2+gam5LNP "Ոq|%"Y"TVBm<%_*,0y%0,RI)? R?FfkwS72ZyF2aD A&G;- !B8Ot.[}Pu AEV0W-?UWs#hbK"l/Ĕ~ۀ~',x@m"^!;.wgՄ&m+=DDO yĵjk_@H&#nv Y.+Nz4R@%Dݖ-:>nSu#=i +/OKFmT| {S9oϑWvn|i8l}vS+):jR+MyY̨plQoۧ1<:fHڟ8$6@iLmkUOc08,)WƟ+T.=(PFZkN;)"\$~Ϗf9xى @Z/2J[R~awҰ vWۇDHdyA,_]2Nޓh $ánǟ` y-\=`?Xn DBWVm\v@bGn#J ۂhQX;;lFqvEy1qT!%:j38 EHZr^jC‡|,)uRNI @>v t9,P)6Z V3j'zy"B6ƽ`@%#Rt%<@٘U ^d!rUn/&J' L,f"!LB} PdBu4Zc!s'4*i,"'gt{0i]ɖu#avGS@djiͽW82A$Z_pF8 ~lĞZ`Գр~Kn<6F5~+WE8 [=Ynk@UXvkI;cVc=xӂNJm7~ka(:m'D5Fd#\ls+ C[-ɛ^4Zꭧ¡TLߜ  W m,.ƍyhZ -@[pU~Lۉ}-D2+V)1;,)ˇ5,։c64“^7xr5\ }LK% ]| IO;&{T,s\T 9=Fo>ydM^ tDQk7οlbUprxaոAkGk!a^2y+&[Li^;Idp6 qjx COٰ௣lsZۧ5RJ !E҄ܖ`w9KQwBh u<n5@uq!X,>B4tɱN"ʫ#9w襺H֛ 3(ݰv/y>DY`'~|A _T!{S곜נ6'[^`jlh4Y`%2bO\@^Uv]pfm]aQ0C,F76SuP U!6  /$A"Z+ ͡Ƶ C2]銋ɡS'};Q. WNm0I m fߤN~0k['{E5ifl6 #,\M.OjTWTRE4SC%[K׆=|*IȶXi b6L\;rPL0A.8zӲ ~=iQ >&:%zPԚEM&p,xCb8"es1>]PL/bjq d: ccKÏ+h}湈"nI!=2R{t }ڊ˫țO Ӽ+GW2 XJekt/fxA=٦ A6f$= gdZtWi+ABޡ2f1_xe\+vS?&"lM&lF=TZ65b֜G]zup=6Sυf.y GTD%Á(:ԫQHjR*c?\ImތS3Xĝnפt>G2E=ij_SGjs Ő𱋓;VI9hΙfJYv zh%yngB" ~Z6.AiP#_!zwYO%DQ fKuƿY[q¬ @Ǣ}}z}[BY]Ps`LĎs!X덐`U^eD/D;.?L݄k= '  O;`ڢM}d`Pt4)bZ<5 (GI'o"w4+dm֩u2XsZ6}01 h^yMoiaXcm>sWg_4v#<^z,,ģ`] ~OZނXKa5;hSRީ1Ν?0ުuai\銱$Mzg6!1mHQ 9F:il}gRp6KQzo*Hu7P}{<=X+N0…t^!Yx>6p5[G/3ǂBdA"xU9 UWo~ŚM U{ϴ&o+pN#HqA4d[ݰ+W\? m-[(zxd{W pI,]!\ה۝}/0O呸>FMyg:F\hKmMDfTH+Y}FfV͡}1̘,^ 1Ǯ(^χwZU?Yd /qdfV Etd'*6Bh54}pxbglUlfG}I;V\{ t |P3~'6K!JTj&BMz!{̂< QXS*rC?S,FF> WEi2ZȤ_KUJbۅFž~n{=Jx>7* e6+NL\FHK1GU\zH47;}~a}7kO@Dz6!5 Q&2ccc&1Qn ~R! hD9m}}23)A" y| `o"OZhQU YZ