From 49273884627db38d1d9c454435de9db6ce90abc7 Mon Sep 17 00:00:00 2001
From: Andrew Baker <89049099+DrewBakerfdm@users.noreply.github.com>
Date: Tue, 11 Apr 2023 10:17:43 -0400
Subject: [PATCH] Drew bakerfdm release notes 4.30 (#11120)
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
---
articles/fleet-4.30.0.md | 82 ++++++++++++++++++
.../articles/fleet-4.30.0-1600x900@2x.png | Bin 0 -> 54298 bytes
2 files changed, 82 insertions(+)
create mode 100644 articles/fleet-4.30.0.md
create mode 100644 website/assets/images/articles/fleet-4.30.0-1600x900@2x.png
diff --git a/articles/fleet-4.30.0.md b/articles/fleet-4.30.0.md
new file mode 100644
index 0000000000..6eb65894f5
--- /dev/null
+++ b/articles/fleet-4.30.0.md
@@ -0,0 +1,82 @@
+# Fleet 4.30.0 | MDM public beta, Observer+ role, Vulnerability publication dates.
+
+
+
+Fleet 4.30.0 is live. Check out the full [changelog](https://github.com/fleetdm/fleet/releases/tag/fleet-v4.30.0) or continue reading to get the highlights.
+
+For upgrade instructions, see our [upgrade guide](https://fleetdm.com/docs/deploying/upgrading-fleet) in the Fleet docs.
+
+## Highlights
+
+* Fleet introduces MDM public beta
+* Granular roles added
+* Vulnerability objects include publication date
+* Go version to 1.19.8
+
+## Fleet introduces MDM public beta
+
+Fleet has enabled MDM features in the latest release of Fleet as a public beta broadly available to everyone. 🟣 Openness is at the heart of open-source, and we are excited to bring an open-source MDM. [Read the full announcement.](https://fleetdm.com/releases/fleet-introduces-mdm)
+
+## Granular roles added
+_Available in Fleet Premium and Fleet Ultimate_
+
+With this update, you can take 🟠Ownership of Fleet account roles with greater granularity. Flett 4.30.0 includes a new user role, `observer+.`
+
+The `observer+` user role extends the observer user role. The observer+ user role can edit and run SQL for a given query without saving the query allowing for greater discovery without overriding the original query. Users with the `observer+` role can also execute [live queries.](https://fleetdm.com/docs/using-fleet/fleet-ui#run-a-query)
+Vulnerability objects include publication date
+Knowing how long ago a vulnerability was published, helps gauge the urgency of the vulnerability. Vulnerability objects now include the date a vulnerability was published in the National Vulnerability Database (NVD) to provide you with better 🟢 Results. The published date from NVD in the vulnerability object is also available in the Fleet API and when using the vulnerability webhooks.
+
+## Go updated to 1.19.8
+
+Fleet has updated Go to 1.19.8 in light of Go’s [crypto/elliptic](https://github.com/golang/go/issues/58647) fix. While this only affected niche configurations with very specific direct uses of crypto/elliptic, Fleet does not make any special use of crypto/elliptic, but Fleet takes 🟠Ownership of the tools we use and ensures they are kept up to date.
+
+## More new features, improvements, and bug fixes
+
+### List of features
+
+- Removed both `FLEET_MDM_APPLE_ENABLE` and `FLEET_DEV_MDM_ENABLED` feature flags.
+- Automatically send a configuration profile for the `fleetd` agent to teams that use Automatic Device Enrollment (ADE).
+- ADE JSON profiles are now automatically created with default values when the server is run.
+- Added the `--mdm` and `--mdm-pending flags` to the `fleetctl get hosts` command to list hosts enrolled in Fleet MDM and pending enrollment in Fleet MDM, respectively.
+- Added support for the "enrolled" value for the `mdm_enrollment_status` filter and the new `mdm_name` filter for the "List hosts", "Count hosts" and "List hosts in label" endpoints.
+- Added the `fleetctl mdm run-command` command, to run any of the [Apple-supported MDM commands](https://developer.apple.com/documentation/devicemanagement/commands_and_queries) on a host.
+- Added the `fleetctl get mdm-command-results` sub-command to get the results for a previously-executed MDM command.
+- Added API support to filter the host by the disk encryption status on "GET /hosts", "GET /hosts/count", and "GET /labels/:id/hosts" endpoints.
+- Added API endpoint for disk encryption aggregate status data.
+- Automatically install `fleetd` for DEP enrolled hosts.
+- Updated hosts' profiles status sync to set to "pending" immediately after an action that affects their list of profiles.
+- Updated FileVault configuration profile to disallow device user from disabling full-disk encryption.
+- Updated MDM settings so that they are consistent, and updated documentation for clarity, completeness, and correctness.
+- Added `observer_plus` user role to Fleet. Observers+ are observers that can run any live query.
+- Added a premium-only "Published" column to the vulnerabilities table to display when a vulnerability was first published.
+- Improved version detection for macOS apps. This fixes some false positives in macOS vulnerability detection.
+- If a new CPE translation rule is pushed, the data in the database should reflect that.
+- If a false positive is patched, the data in the database should reflect that.
+- Include the published date from NVD in the vulnerability object in the API and the vulnerability webhooks (premium feature only).
+- User management table informs which users only have API access.
+- Added configuration option `websockets_allow_unsafe_origin` to optionally disable the websocket origin check.
+- Added new config `prometheus.basic_auth.disable` to allow running the Prometheus endpoint without HTTP Basic Auth.
+- Added missing tables to be cleared on host deletion (those that reference the host by UUID instead of ID).
+- Introduced new email backend capable of sending email directly using SES APIs.
+- Upgraded Go version to 1.19.8 (includes minor security fixes for HTTP DoS issues).
+- Uninstalling applications from hosts will remove the corresponding entry in `software` if no more hosts have the application installed.
+- Removed the unused "Issuer URI" field from the single sign-on configuration page of the UI.
+- Fixed an issue where some icons would appear clipped at certain zoom levels.
+- Fixed a bug where some empty table cells were slightly different colors.
+- Fixed e-mail sending on user invites and user e-mail change when SMTP server has credentials.
+- Fixed logo misalignment.
+- Fixed a bug where for certain org logos, the user could still click on it even outside the navbar.
+- Fixed styling bugs on the SelectQueryModal.
+- Fixed an issue where custom org logos might be displayed off-center.
+- Fixed a UI bug where in certain states, there would be extra space at the right edge of the Manage Hosts table.-
+
+## Ready to upgrade?
+
+Visit our [upgrade guide](https://fleetdm.com/docs/deploying/upgrading-fleet) in the Fleet docs for instructions on updating to Fleet 4.30.0.
+
+
+
+
+
+
+
diff --git a/website/assets/images/articles/fleet-4.30.0-1600x900@2x.png b/website/assets/images/articles/fleet-4.30.0-1600x900@2x.png
new file mode 100644
index 0000000000000000000000000000000000000000..6cc8a6b8c71c1bd5c04c00349f42fefa4c00f39e
GIT binary patch
literal 54298
zcmeEvXIK+Y^lkttQUnyGlL$&t5fP9kB&ZZcq)10aLFtG{ub~JcEg*y9wnRInK^UjJ?|+q=sT4M@-&nzln@An=B~mWH3)>-
z0|FtZpdbUj!9LX!1%8}-rJ!R2ftQ=g$t+yU72-%H2*??>Q62)D<7
zZ|hIO{(EapO!1#vL^Oo>Keu!|9{;(6{A+rwjelw)z~Uby{z2j&OAxH#ADJF&;vXdb
zLE@j2Bw*m5lRVbMKS=z81mvHSJO;r(CrPk|e~|bGiGNP=7z6*DB!L$GLE;}I{y9m4
zHT-ju$C~&DiT?*k#8tTjwJv;Jk;Kj@aq_)8E!&;+;(GbO@CD}g9hcsnt>B1I(x7G{
zI$iXj^TnDMze(Rys&j@vo?I|3SymFV9q^dmPFOH_%C2_DDbLCBbP3=4MkQZf=>
z8JX;S`Am^LK0UYZR;JxVegB;&J5Y3S4cWG_2O*ysCz)#y4~KA!?X8m^iysmVIYF2S
z@DnCZ^gp&DUK0b`9Dgs5sS~ijH^7GeSgN|zqc27AVmMUS9tJ0wl)3@{7=>Y
zzyG7W!@I-1
zy@C!;SPo+p7gl!Kt3<5~%(%Hzj3@3dy?zue39V8IFl6MOLC2jUU_M6)WI%OIde_aR
zPeHv=Mv2B7y(UYQ`}0WC?xIl+mvV7AT9Ly=i~DOvd|oKDOL0R6&Fwtr$&Pk!)WY18
zvBS0Q)QQEs?}D#i)xf5>FL|MY9pKjOmR#R=Kj&J>(bU#IF}wSmjfovaVmP^l
zATW*xqwq+c`;PhU2?huRACMjE33f_+5Fx+yqDaQCuRt~{)y
zCAlEc8uPAcvdnGtB=)6$5lU*oDo%3$rS7IR|MxI01Kh0RP5Y@r4MJ%v{uu}!4>i54
z)yZl9iy>StdT(I4GW0IgRU7>aYfT2Hy(;Yk&bmKR%%k8uL8xi5go2eb-sHZvOu<59
z?mj88GoKj(VC2%Hy0o_(lW8hA%BKUMxpEY*-FCL@n%)*u%jq}0Z%)uYG2r4Vwk<8h
z_IHZ6z|{+4u
zKu5~27H?(wW%<)hag83bn!}E}L)@nG06r#%+HD!0pNTW|hq{($kM|?UR*>L?#(BLB
zXr|I}Yh_HxWp&|v&i&mgc87-iJ`8<#eb4=y_Pd25e-*Q?t7$vBRRK&n%g}1BmV}~2q2=K{M18NHO%ts=
zm-BNIC0E;_eeJGcwijQMlEu-k2QAv@zSEushB@N
z`v7HZFmLcMT2eQdwr7+ASn9k(eayn_o{L^WV7cfik>@AYzwmpnv9hlCT^}5-y1Bff
zcNXd7d?n`>izIMl8-HcUg9=X4tcUKn8(fOWxwJ!G?ox90=S3yKZQCub5KioFGOhcC
zh!HgOh2|ZY5gZ+aUXbvrwp
zO=A<7b+SIzv5b@0NpYoR_h+{uCqb9-*TI|tAt8&gUTI35pSd(YU@IaQYZiQYCMx0H
z@*WTFre?M2ZFSY1#xI{@vl@J$aekMafJMSIHcBS=YnGJsqIll66V!(|tG=Su252z3
zWXZcX2u^AFGp8{arM|!-y6DX7Tw;N`#OgfrJ4NT%Wa8q!@QVUgt`UzS^vSi$3q-dpJ89h}K=*!aE@kbkh$
z>fPC&cY&p0WvTRXL`gA$zYw4C)-Jq!xT`K4$?3>f_c8xc1l*rDA#@X6Af;)^~+PKQnJG?twh>*#)S>;&0|4lb=^rLkK3zgf)&rFooC18^WJo(ffh8cRG@kz3caBqoMEu_
zd=*JS*boi{AoGpc4yTyUY3C<_vxi%T_V0d
z0kngIVGi=wP+viUJE2)Po};wYEn~C{$2`}w^@mNQqJ9<;=ezgc?wr+?lu#@p?wVa|
zs+1olYzV|Bf!O($Fh3+Xw7LM@=#$b8J{xk@oQ&1|(C|qfvD&#Ie*K=aRIs0VdH^Kw
zSG>hhn{pRr@r1W}UjS!NX#WTGtfkP|y5Q_(Smr&t?~4E&_9Y@t2srNSS0A^7@Unv2
z4PQ;l`*d-RWuD|lToq{kAumSD-&-orOI+f496LGwZb+!yI?`VFdHd4defz0uo~j*-
z+}tOt34nA7MN%tLa{w<6IcuH}&_(x6#1aNc<^qlMoYMC1XM&p+u|a)pm6^O%QQ64K
zNA&eq^o8hjEcN(pOCt_m>YpXFd4V_VbFu*G?blx3;yGmqa1Cj058%h1+v(SIjO$+U
z`1|fr|FZ4e3s5SZyc@<$1qQ883mtY&
z*UQY44@iz*4}S|HyL5U`B3I7bxcb}qu(ReHBXNDFpb<5(+sm=dMoxN)U%yrdUnKZH
zm2;ppV-Y_~Uxv26f8%+-DWkWx?m8LF!S0=XPO3ggx%eyG@3`v-(p*l%3x-5f`-6j$
zgr|^~=kO~$3}GhuJZ;HeTL)M_;WudzIv_Vf95wpjEv7n|U_baP{t^f{NM**{58b10
zfWHIqEDt#=a?|Oe_HV$K5uSwm90`zel`I!@CeIB?r}nwqgUP0^3yQE4-g<%8*UPeW
z-RjcwQG**NNkSCEYU@&X05u4mL*)ECB+R_!4mh{r*I``5AzDH)uP!#!HEcbWIB@4)&U#s^$?X1YE>rkop<ad18hN~Z{zkbT*Xccgh5-f`9TXSUk5a7aC&#O!
zb+YHW!-~R*nmad&K7EQknPXXMfAMesbv!u`7(|!9Nm%RVnd}LuI`yg95QvBD!}?R*B9~zT
zb`zQWp#z)G`L_le48-=dM*SA6?Jrry=Q9EBb`R7BVM@oUGs@^=NUfgBd;Y{SiLWuP
z67T`}NpReWPJbLsVz^9t+*n0g+7$SFC4;K{M$_yUOeUkKULJNW%<2Od
zgfALXd^V)+9S;X8e|I9Z+w*`hx$uu5WVLPOw~OTxFaO+cs)QmBSZQjA)grb~P7TBg
ziMbvO3s8NyM(khT_)QV-*knbwZEd3Wjmn7qSko;Qpgx>fF>F09NKP{aXc|=Q{_K!o
z^t?hKIzw*dc?do>_m@*I243K)Ib;-c-&Yq-nA8V+4d4O%Nkgi5d=u%}rSuE1ghdXI
z1O-%hw!W7lhM8`3xx*Ks+)|8PQF|pHi{Xm{D
za{MpQfDtV1u0>*_b>?RI!AKhy
zJpSV{K>!sakbYnvQl&@Fbr&`IAx=s4sp(7eRdC@BlnpSO=_V(dYOszMbGE+CIxb2H
zvIUL(5HeoKedhU{R`aM=Bsz1F?*(dBS5Id*?y#^AMuaE8Uy7*=d;
z1|_fIy4~?Z%>K(c4ST@ErG*?~2;FGF@F5_xOLOFl)AY!2wVa?6Zx0)Z~1x
zUu>&Z;=ML_Hv@dvR!_b2!y46A;!f<6>P1=1nzsOEru4e?`HVjkoA+;uyIx&h&^!Bc
zD5IcK2#SoZ)NU;$K+xnqURBu!CzI~cE6^h`HMrmB3LYw{YMg10@mDlV{O}I(XA)&F
zo|KVs&XZxSX$9)Y9m^6$@H-xt@LZFwagkVjuQlQ~ZdBK>TytdC@QDUzh@2n%5Afi#
zK9&yoS0@+nIswAi^Z@#*p%!M(=-q+{vE5O<%T<`Q*Rm(pF|~(z&L)b5cD8Z@fw(F4
z#e-j|6D{>VCJZl7h_;@qO*IGTP%-;w*9l!_D1f9AURRdbDp;9&@#WABR?D9W3@K(x
zYdD;iIoshqC&sgAzsr-122*36vm^Oc>h#Sh+&t^r_a(){DSsr)NmEIJuUj&07E7;PHJ=VzdB>_1Z|Wz
zJ9sFk5y;UEM!dz{H*m9G{y5HWWDD+9u1-2H?@q_$0l^^Ot&oDIQ%!3C69E|;In_b0
zXRI?t7Z8M;8>;WIb^X)vV|PEjlOVpy1rSm3oBni3+9b@oQu#h5~
zTdXQWNjxk{5nD^;2Ut=>598V{TfDV=~gj+=DtO9#QLlQe_H&ayzj
z{BFd%q@lGKX?v4H(pBPAU=SgkMR4H{rF`fq+BO^B`*t4)0JCeV>CL#502r0IYaf)Z
z`D=u55|@PvHoI=Bo`7<}CFr_8n$-q%1IYuJU?1#P7#_?|=T&BlpwkTICTD$qIKJMs
za9x^8D&a_vFAjO?&54Ig=pP;-S=j=`{xq$>(#E
znhR(#hMy};X>odz5{ZcwsT}VfDbhRN2XF;=Jj2%(SGZ#(na|kdHYvwZzKjWa9Fv!A
z?6g@T5EOJ-GO@<+?xw@l$E)pefTMXg_t|;Xdacex^>DME?W;8i@FjO=AD^6?wGjoKyz
z$s6d4?fy}>OYTdea2Cin)(w4ZcjDS=>|<3;{lSAfm?-1{Ii9<}1$BclDoqxJbc(sm
z4?pP^`OVrQ2AQTIbh*e4E3^vItvw}Zf>7(y_5eW)@rcUN-YzxXX#8DeZhTnzqPub5
ziFqcBR;r+
ztoqv8@dwaW;vR1$I?^0J9Ckcv`sAa*(qt!Xji`OKo%!)Ih$!AaLp=H|+?OWDr78e*
z2pm82(7O#%735oHBrV+kKmF+*^_P?BC(UuV>f%EvaeegzNe2RX)IGF3!V-t=NfZQ@
z5c~$XzD=C=0DrDh`HxMGA}74pf*(r~=&D)fXry+xvBMRAc{m0=3#<_MI&dL4j>em>
zZGyUuI~V|ZA%xW-%D}I^12xSKwEaq-cB`_q+5*?@~H%eqRZSu^J&{O9&Bsq5-+|hhzn*C50aq>?-4EEmh8Y
zlekR~tUV2e&sY#Xu6ro>*~gE6;x#d5HE_UsO>$xX$tKo^{Y|Bk$13Nw&`6VOCzXbK
zZ+wnc9JxczS1(<9=2-wQ>m}boH(@3v<=k_;CUI{5WS#{@Y8Nwi-pGOe6Zba_={qp0{
zmu;=M2~xr0tv8@9z{_6|uYOpQ+A0?*0{<1zslge%!kPug2`Vxx9Jh%Yhr>q(9?c{RN*l7eWbVXLZ(
ztEzX!Dc%=3Ac1F#nx$q&KJw6*0a|LCfI-!#^(Ahv{pRDoHr$!|Fmei+P=7MDzEkzVJF2t@L_g
z{0+5=CV3tjlz5Gh8Nw4K3RHr)6o;T#t3*ZQ1DTMOLsvaM>aN4OSP#yQztME7ET~rA
zHw--rL_wd=z->GDq2vc*-HnGYO%DWWL{obx)@k97Pb*uwaEm#1kBVQpda&A={IzjR
zx-B$Us&NPFruS&)`wXc}v&a&`FgjdMAb`brbeSC9WuImVC12Q$m^3i@`S#wIF!KIG
z1-dC%QVNOzlO{XVRJ(s?#W0n>$m^H>dLfLWEa`8K5Qze(AEL*%8LBHb&yM*W$3T2n
zkJ2+K=rB`jQeLFXW;agX>8%{y>zQBM%!7Z8`Q%9tV6Dr-B1NlL$Kn3n4`LZ~!if2V
zMmN5cj=x2+gX^(rD!%?zZFO>jIg!g;jkQ^xC&9;_n
zga}URLs`Y{Xnm$eh9`Tp^h>+T@=@Q?Uuc3Ku4Es7`N0_VE(&gUtB_+__vCXeGptF}
zjf;RN;N|g$3$%`@MyUH(9ePPfaKdjql$;N;-iljCHm)TG2N-R=#SP7tZWQqR;a0b9
zOrlSok({gNBF;C#G75l(0$%arWm$ZHQk?i!Ls>-7PK#Eu=%ktG*n_xHH@llvOP@`+
z(^a{CW<$xloHxhUlyOT_pK7K)Yp>T7lRkg9jheT!vs$hgDcqw$E)SGTITtU@9+Vr)
zTPzJ=`*7R6IHRwD93t0sb>%9tY{gY;;`d|4uI5x@x{gMNc(~zp``O<0r*$$!Hdar#
z%UnST#&=?Uw?O%hkha)N>8A~-yliZ8|F!K;U)EZo($EmnnYNdxylkEmZffy{do8`4
zBQ8q{CRbEH@#Onb#2D%2=
zd4ium1D03ud`QmBcKv%?5r4d@+J^j4Az!CO%NNuE5E9u;&l9FvS2gi;Wt3zTXar~zq!8=DA7Pv;%b3M?$*=AReZsaq^RbdR
z@8ZvaRmg@iwpLxjPMC|DVF*fbr|C5cTooQ^xwI1L0af^?&&b$
zo)b})So8C676;adK|^cj&u;TT913b{OCaM8IOq{zXN(?TRDQX(zfBlO>I>^R@m@Y#
z9?HSk&cxn2+fsl!nf5W^hR4lH``d+ahkLW=LUDo+EqHdhudoDdoi}`lgnw-1`Ph2%
zl5Vg?8&dNDa^`CnnYU%*=7cZ&kLzohO^YG=)8+Z)z~*QKsAv6f?MU-(_Y+uFuW3%Wuri`2H_y5>+bh06T>D=S?ky_rYHhI1%VonACZ`k$D
ziVAJEes`Oy$ZjynTJ^-=x8v=PR+tVV{x$1{$9?CDknf)N0XUk7cfs@0V}6`zlBYMp
z5s)+}7z3)j9-PJRnyh8kB`A4B9W+~>mL}~(U*DMoiilioLY)?2i3dMTXm3Qo6(;L?
zKQZ?n>rjy}<(r&hU+-F#Ak$*Hxq|{KD{!9EomHmzKo=aS=sbR1>;1TV$;s_q6}O3D
z{NFKW^5HCqwB$UVnHr)gY;YSvy=G0DKmwxTphGSCTvGH|El3M2-o<82(H5o`uP`&KX~q-?Q&ds|31H73-%UrK0AAl*2C5g$Nl%o
zam(0|+!HELets^l_Tp^|l*qyjvg21&^zfWBvgBxO+)=|WuuQQotKh54Jml;;rQ@*E
zO#ow0EC@yw2gxU=U#3mXS+?Klv#t5cBldN9W(jI$Xxqk$C@)76_CFCzc!syzu~pu#
zqtOX#hzO5;%yM-ux$)@vkI8oIrF^5-hXQ2e#eLW>
za&jesem55eQl<$dS~7gh)j@}XZ`}EclzcKA`hzT_NV$rEO?!vRh1l#%(bk)0AsX0m
z@7KhR@YVr&{S*a{YJC+5Y4!x-#RjaW7G6T|y>DZ5csekcZbVXTuZ%01a|QHCZy9_=
zn#UGer3FPqgc7vy6^_@|?WBkRKvmS}OPNF=J+Jd7)*jdDNqucAyKfozl9^yqkb@)Z
zuMcK)s0U}}m{_Qv&jPtCA-a4DeeasDt|=b^l4Rcff9m2B7?xJ5_U-)eZz4sYvkvw?
z8ZJE)AnmD}{l7%{esi}OrfFj*YU?eM$u#}jVVHS^WY-VBbj1BdrQ>aJBJ9Qa5Pv;gr|
z!mn9c4NwlzTV{0_TYd(VRI>
zdu?}_FtmsB(F)`Y=pka4ow%!U0Z9Lwoy4cDx7_~jB|_%$v2gPnqnAWK^bX{8gi1VI
zS4K-322-C<5_(EwJn~&?B+WZo)0w1+=k6^*#ob2uFxI_Qt^Hn|hnSz%BeZdZ3;~kH
zgKr?DMy0?Jb?sCG7^qDRyho0nqsh71`@nH3XMcl^WT&k7>oZxG(@{a5yW$1~~Vbk#%*x#lNEj
z!SDfD*C=LcTa8trGikL6oCYAGF+=O6$SY+v@=>Q^!jH6hd+=DxsNuWoaVA
zC*E6U6olTuTl`NG-))7~;NUkJNEYk~Ab)h+m_1Z154c^?VRHYha|^t4%a29xYVFx~|2ae-LBvEFzaB4>U=1xn@BlD8
zWP{I_Hs>?!0>Zcp^tWCtTK!hep0_P3(9jwuAq^&`&qqcv?b%1*_2;IER*n_R5e|_y
zRU5V3Yq#Qf0HrpKm!c_1RcVeaVs$B@Nq)Bdw%_tv&x4mqD)PFDsY-16x}tLn4BHAN
zTiWub*#M=dtk^#sjm(e0D?h#rZ&PJJSYPA+6FZLcgJZrK8~kyRX3*JOO)0Ye4#(ls
z4Ojxe9g{n_rj$>j8?(FLahA4)Kp^^D$vJrAqx6}}9HZ=z5Mxt>TVo*~klHQ@I(3z*
zHFLSeRF5iTA5b^P4M`tvbzuBo^%B~zMT)k;G
z-Q>tkGS%I#b*WX}IA-vGqmXLULX4nC+YG-dxRiKzCKleDsTaot$h;A%HQ
zzLv4gdBn~Zc{7gcCy=9v&j?V=bNSpfx*xSazZC9Eo7R7ClDN&sbFoSIh&z$cX$cs@+*4x%PyE{
zKa&XoI6rVDw>-BnIamDa>+VKTsOy(6GIX`Hko639$E6&*^_kSvWK8k2w|BxyC2Cp7O+tIS_jFm$_
z6oZK|G|E}?KI;xP?Jd9{{8Gy;O*p01Nm!LQ#cLn~?R-7;Oz`&!xMRVdekCmb0*&O%
zNLNh__j-J$i_QImF&`qGkG>_!3vO1sCN6r>q6dL>r_#05PQ3xjJWYxVqCSY~lBC;A
zZ@l04DeKDfA$o6E-V;s~CBK!$gO{fnPp0wL)L>keO(kqvl-^)EaId6j6G$iPTY_-g
zgND{7EixeyE+yf&V8-{^IDpbguQ2s{FOJcJy<*3wBf%ied$_&ehY*K^--ZIIrhu(b
zEh5NL>U^8Ir9hE4)05QGUr<;bW&DUC0(fg1zX_1u&EMVql-Geg9L#}SO5Uxt86q8GhaU)9
zkOt{7zC-OP7pZ7haju&;3`j9l_a#OgfV$K@qWA0qOLW^N@jX4E#ehF`TXF$nbbcS1
z_dRr7*B9Y;+H-LFe4DC+_EnsVM2O|2+D*l)`;Mk#249pT~z9v4b;YsSd4Q;L)h6pj!ThV+=R;ejPjS*H
zs;BZ+wT^Poi=)T@F^Lxw_y<)_d(RK3aXiu=bh)YPQp2s^wN?e8_eSaK0u?5
zC*b+n**m+K&8Ctj(Hd!ex(nn$X`>z^@I-}@MO%5Gz>2Qk8SkY$YA=E=4hTTGre#cO
zQLbVD6WCrk(ENp~BbB-F7{K#nDjZv(265Vr{3UzUfkApZW0-^!#5nGJ6$*FRDx^Js
z*E7B_mRp(aXnzFp;#e(KU0v5XBd}Ew#M=Ti*{PbJP{k#rz2c%pQYKx`;P|maP_cL8U@E@g*+DSJf`*=vo10-B7)v}
zD^8zfrp=UAjH&M^*kt!GM=4unQZB0JGq`@-V{J2Y@X8!}{0qRdR2B5k}$L6jSB7NS$488Ha@+
zt@^2VlX&BXM1DS=vici%S}FtaUj5=WZw8<|;Wi5^Dkcjsq{|k4!kmq+!Oz3Q;7E~(
zZiVmjk(6mA3pLU;A+4kvHI6d)t&FYrbuJ}W%QTxYY(#z3pl
zeW+r^SO2lj6)$o};E^qQ)I|xp`9HH`$xvt|4O1l9wIN}d2FieII-b(_7b8QC#8ojd
zUByQA|DrW1?0IwziB9EeZ;?4?QkW@FBRrU*bOaC+?&Fca@Rvo(q{4Gn>B9oC2Ph2B~YGI4Y?JfO)-j+
zoQm!>ZgPc%Qx)S$nGQ97WR#Vq(E<4J2@1HYa^2`wmq;$ikI-HzyX;4tFCKbpUuxF
zWyYqS9|7WBUK-`pT*c9$LUEubAuwW$yxq&6D0k=QY-sY009&8^Jf1j}!I|uAw-O*A
zjyt&APg|^bRf1<3`PAu;Z`VslD)vL)m707@hm~!EMW=Ni
zh`*J6qwfjjD4@1pj_GPH2y2XC?lAfIXmd@>!QN$6Gud;qh;@RTJtq0t*7Rjf_MWHv
ztnOMX$dAR#vs7rdbR?;c#2g#Yv({-9b=`xKW#PfVX4BfzdhD(1ddGDX^&DQqK_Ao(0ab$zi^va
zOnuI5FFo6%Kl%JtVRFPfXHli3@!i6a(Y(sdnI4w+zJ2W$RsllopT4xh_S*&+@{5F7=dre2H=$wW`{#8iC_9EDoA_^A3!a>tj<3-#`$3N#puo
zy!vlLONQ+oQX(&Q+1&MBNFLuJrJ4kGkCLx7m)S&CJew$Bj636i9cBN_s#_AfpHvjC
zYqR`l9q}hpxBP}>a1IbdsoZ-%sH?_wAv@DZxctTQM~5>ulM{-$K+z7kcscR0+_hj=
z9G@Tt9-~X?PA$Btx+aL;(aR;h)$%N4X%sl?iG>d}teO
ze`5OpuUbUsQSxH*JB>>*o0SLm{UQyGd!-JLsx0bbWT>Uq(tv@uX!f6UJ@>A5xH`u>
z6~A9ioh`a7F06OZbVzI4DBp&4{nG#NeP0hqT~St5JdrXIC_Msq^Pa}nDYSrm@COoC
zCT6xw&Xp;5Slgo}^bUxI(oi7ZM#@s&`h}hHDz&JsyG5I^^0UMF5L%-X-rwEu@yXed
zs7S8oJ-r7Kxq!|-ZF^EtL9DpGdmSXx*9Mz=-4khLQ2+08?DRTXFG<8J
zceeLfk!(P%5TpRt!YcmATBQ;+d;b&tMPDxxKHBWj*Fz(DQ!BZAMd}P1P9|>SGy#d|
zE_WsK3})dC=X+g|_h=;b_a{i#ritIWOS`OzTidK0$Q5uH!=ij?CC|&DSQy_zrLX%!
zom}VItym=zY@@2R%G*O54l7QDSP85QbXHiRKI)^e97m9K%IE<`RwBv6)O)#9rOLxdjB?MWK}uA({7wP^u&30+-((L0|3x{B%M0LVhQ=V##DL&{NXXq|ciyzHB^bC`&^
zXni#L@HG%yGy>6df=QtVWGkE)%EK|LX|^jix653|f#_zDGIKSR%-gB@x;QYS)fA@e
zK=}qxBwNCFAQ*vtU+2K`vO0Ioimm-=ukSd6qJ+fX@JDOD0?j;ngC-NIKq(LIe08ZH
z>681soG&@=a`~ip?HNcd>FZat%}nN8Y%rJOEAfC(NA#=;T4P8B3zm@e^6=FX!Rekd
z>z2Dqbx?@a>&4E8_f|rojyU}fXaVF*p}+_9ZNLYMiGkq)!szTpjH>1-PqrKLeh|nh
zrOqLEwe`rvZb0q`(VB&ju;8xhv0iKba^Y--+s6qiBvk
zn{1daLRXHtp3IELM^bHeG7*Xy>Vj>!G$J!>lU*PgVJu;4+7FljJ{lXt^Y>@l&0*TJ
zmw=HeJ%=xxAcnlnXkLN>HPj`V2G(yJSAZ%WP`FAonYW8&bd!2q{PdYhm3glIqf$Br
zGa~VgKxU#>Xr7Tfngoc_*ZnP-uDP`Y
zeMVMoDuVUts}DocYO`E4JW!Xy%RMC25eyi|QPT}WqoI;}*)T6alMpL>2Kl_DBP`h8
zu-a9QVPsZWDIj7al@#)76_0+-@AGd{QjJ~sPIUEFiTh9e+Ae0gFKdY_wYmFt%hnI1
z+0sl0_&HfAVhu!IxHlAfIJT5rjM_8?c&%zCMKh#_f|CLO&niC1M5IJJb{i+?uu1KB
z3vSjY5<}9Sm|fqTLR_FXytR4PrP1^-Zo(taU@BVeWXmAJ3{x7Uz>@o{BpIu
z;g?7|GD#Iu2JbO)L@|XIFonucd=ZsdzWq>zTFTT`H~`=$=BCG6dBAxjt@>gwAQ+)S
z_Neryv|6tvYso9O2lIM?+3tGMnjlkK%*Yc;jk9+tagT29%mc?!(&i`1w9Xny(b&gR
zHrF`BtXtR8dIVk~mvKMnDFbzec!)o~bN$)uUHJx88#q(zpXME$W??j(AL7vhr0R{I
zmxK}&y1wpL=9*keD+2BAto~yLSwZdE)Qvxd@|_?P&!W|%$v$0C_>vKDwd#^Tj5MQ-
zf6OUPL)OeNVK-RH=$`AC1MU(qX8TEZ$n)Wf2jV=^tJoTUhv>~vVA4ksJA#|dp%;3m
zK*D*Md=iL*PCz4%4Sjqwuvu{MAPSmV;-<(7c;^mVJT84D
z*AG+cLsuj(M)p2S4DKN&hG_8W>eY(o=vipHh45ECvp%1Lh|{HNyO~&gdqI}fs|K*V
z;q{UR3f|`$s(sx6T+KMrh}Zdw+<#ddXa>Tkqam=kU>1?9()*q@LGLEXQ$>KiB3Quj
za6lZ8Fc2h-j66pNnU(Jxr0k;GDiXbNicCwnefv|%(`O8|Wd-J}9{Y>34b1jR3#Q{+
zecewl_c&kDj;9k7J1BN9HM@xrtTe`?-jktQSpXJL=xARB+~{rrNDzTDlfs})0GfoQ
zq1w)7PX5u`7^Mb_zL7=el14w=(vSsq7Y1$Txw2EIFKfx8&t?;mr#)ez?%O9)xu3kV
zJBQ-}%@@Gm5#B~B>^$HoeB~-mt3SI@PLj|>?^Pp
z@NEUFfnVVGGN4`n1?e20OZyxj07!#(VAqTig%cp(^uP*>|1F?zhA*TSd_;9=^Jr4D
z5df(@oJ=|wasbulaMH|_V~16AeOvieY}Jq_PvuG^oY`euyNRRc;h0%*2h?JXccnCm
zL{r(PSnZMyi6I97I6b#fjraIrPNI`^By2OSd~)$-d;YzB54}e)C3{bl!TfpZUBj*`
z5&9AhrhHx!@?-ohDsT?B=FfyXWvK%6D|pne_0)k6+o}3$B9DI4%kdFvRA8B!tNoPS
zQ#YVEs(PY?0ro4*0kEnWcc~(!eoBa}uyc_;sPKIg1F6QodKL2pzekcLvs1<>D7X$vd}KDHv~~v3H+|#t-?SS
zZNJ283#RY3!q1A%RKAlXpgS>V`Hdokw50|wO@f6S>Y9zHga
zcw7#|{E|qit<@mgb9r=scc7^*0=5FopJWA>*~Jf0HwX19`CwlG;KZpQ&=IIO+*SrQ
zO=z}EPzji
zFs1ROwgq)2V%+F}Eaa%pzw8?;EHOI@a2++o#9r1Eq7%E3ImxIB?2paP{jj?H)09M;
z)lk{pg+T^A#O=>pls`3q0L<6^J`SZtfrMOp3fgW;O}{Zv@i?mFLzpi>h!F+mrp!8K
zSDGsrgu#HWITqj+*(XKC98mJiY)FuVsZ_Sk$Ca-#^jn)2?RFGN6mcRQS=_-juwbcj
zrXXvG@B>QZ{Wxc*bPZsi7e))xC6K)T63>Q_l$rOvq{vUtJeX_F1Uy}0(biawiryQM
z7g8_!BklI2ZkS3H1zukyciPB#D9y3Lj7x`j=rWC5mrjY65CwW!KdxdmM;{$Mx!jzy
zyzDAk5GW0t6X48B2P7pQ2%jMfdA^=x;Q9wqprB>Oh=s)Wp{-xL5Z2i4HVG&Z%&665(p0AsXSTA92HrmcfCGB@ljTb$y}
z3#3XzR$8+~8DdnVD{(Q>FyL0cZ~
zSFQctcO~cSs{V9cB%!EMpiv!b)p9V_iSEbE?(kvRozY~61k@*GNb3P
zBE7uq>;|XuQMcb6=Q7-P$@L?b#ECsY7jOZp%2xoh-?R!T<(D-3B{M%5i6M~#Kp8NR
zVjX>5^|=%L26^{;q3tOQZOhB00ggm@)D=q=bN;r=%{~s%JsgwD;yh`&1;#Y*3XIry
zXLha*vF`8(q=eMbm_pz_>=`G;*%VlYaGWj^(^j#EdZe8=tCG|GyW
zi8}S{1zQT)2w!U+VA)jk`KCJbcN3Yzy-%gKv;Bs+7qvX|D=^;jG0T^Thie~9eiGzM
z>R?n?$gLXihVku&)@hNP?BC=On9(^0I7*v|^i;`7AY%c_@`ye>TibmkhPlK#pZAS*
zRR4;+bsZvHkeA&gugdUjHP(Vow0M=kl@=6ceS9`bW`XTZZaW8
z@B1E0tf+l6y0+vJ``977?*oa`sHwjHe^+?wE3nQc9#T=lk2YtLw}A6bks9S)@Qxa9
zX6=%cc%-4v7OY!s)eyrsb7Jd*ZwI+c2Rxt);%@e&bYI|YxEIA1HFELt(gDM_yG`e*
zx}@*6r^e3Qq2zJR+YxLM{^9iL$xIw}VC*e?+wMLIhmf)>78p+lALI+y2P`1ZERN>H
z9bSUOe-4rwfL&F8eT|6Dobpol?-K)Co;x@VU>$Zl0!hZx$2n=f$BA6N&gBD>c9;wC
zB~^Xj!_b-LcKz8ceY%v{^C5kG)i$~GUovf9wu*~NK1nwZE*BSrvxpulNR-DY;qcQzX%=
z?Q)TNv7`_Cs`bz*P$HB1`J^J315<6c{)>*h1v~x3b!|h
z5XJup63IHHVahDR2_6x~Nt4qvcpBXRHt_R|Mj9dcFD7=CNw+?beJfz{V!HDE?T*i7
zAoBV$nE%4+X352o>a~OEvAQ4Gx9_1u>C#UcZu9uocdaZ1Ip6*A$@2}o%iYn|ZPfjD
znUFz$PW4LaVaO9C<;_Z$x>{12mh&OF75(L)$C8QH8UvZNce$4OmzS&Z(koUL*2P6F
zelHx9+AY?;HBzIvur!Kvy7s#%uj&3fLsabPcIg@k(Dd<)YvQL>yc9eFci{v}akZ>V
z*u67=-_1&H(D?m@g+EbVliDNDQcBvR#dRC8eV+{pL^cwN-?2e2UD8t5R}T@y0;aR>
zTNzb(?r!yl3!^OiziXaH3V4CdNiMx)Z)^R
z9;H__cD&l{ktNdwQlwgGQhAdJ2Vcl;SR6h!9l#&I5&o4EN99pD0D|txz_tMpe6wcf
zLChMRiD4+B^j>W^
zr?7gG+()za8V1a6+mhQ%d+qFUa2N7p9c=EAWM+#9_A^yLfAQ}1d#FEP6X6M{z%>Ug<@>mdL|u^gXvvmC|Ab{IF+V6GpnFA&yrYD0RNr0$iH
zm?dkFP&{vZ*HmJPOH1rYdbOQpqPxQZd-Zj?S7xuL1IUO`Zplq)_SfK~Ffzky@E9u7
z*_!w3)y#p1?{C3y>ra82%A1pWG(13XC~`ik2cv4K*jg+0iLP0vpwOf8GmsPhRn8#x
zu=f^iuJd>!loS#|4D%iQ!qWRDnYxH1MAX-O!5sb3H=LNX)eOlG%XH5x>1kF?XHV)=
zi{})PRyVxHqL)&laf+MTXgAT~$79vr>UKl1^VvmnmLFC=-nv#~fpsikAWr}D=%-DG
z(N_~9!0R2GY-zSbR-jSI5>%@pHnkYY&47be&P{ih2I2E*gWO&TLnWja+}r>oDs*3L
z#}e}$2)!^{`cB(>;!GFTDaZeh-|a02QW~E7F)SKB7HVf&o+{4hh*)0MMWE;FCsRRp
z#&wkI_1iSH{00Ef`Ku5Ki~?z04iAH$?rHiYX!^ARcVLnJJsx>3{5E4c{dlzmHCij*
z3O0@CTFZQ4qezKVKXYGufY~ne7Wa-u9`r%n=iFCy0~&Amy4G^FAbg}sm!u-jg_KB4
zCvA(lru_l_``38uBgnbD7+U_l9z>p?V|lm?oEij5frYWLK++-`8VL`Ua=xbm-Kg%t
z!S?;zs*3!R`P2eOSN)oUs2B*5mQN+WW4krlPLfPy|FG`bqCt
zkSd@QsX-8FB27TL2vR~5BORoJqCgNSqBJ4&UZqP%dPhJ&M5Gg1=;iK%_>F(u$NxUv
zF~|$XF>-Rw+H0@9%A7NxtR}WvC}E_;-h!A_UgEb`w@VTv)z97W^qsXNIT$AsFz(l=
zqNC0j7&F+BjHn|VP_(%mLB}-DcwfGkUnl?b(KBf%Rc0zfH-c~W5sJ7UAD5dF;d=X<
zIbi>FOC4t~X5#DAM=F&CON|z6T@xUJgGYr)^|=j+b)F?MqT4`NX&r4T$jo-xoTam9
zi)_8)rF%vy<$kt%yyuRw$;e}^gU@RoDV4&^lYVC@rG+?F3S2e&4P1Zpi}uA+6s1%A
z2Pp*ghe20c5_;Ae-~5z|4`9ctM(Q61J-x(W>dO*UoUMOR=`8JAYPxY(9`t1-JS<
zx0uDS@?m%Ur}DVHIz;^x@HuXiap+;UEjeh^Ubw}%vl@PxlLMX%>s}=58EjruA)9j|
zk?=piY(Vw784!|gy?VD*nGg|kJ?v@-v
z@deJfG2>v;bl2b^spr*D30)B{{^(;{vVEfaFgT(sBED)tK){mjlH5C$in_U=%!PBb
z#+naJ%7AtkOseW{Yj(Z0WGvt1Fcy<=x97d#Xw-6$go+IuG*ew&A-H9S@pj&&CmU(@
zwLcYnN6owDJz)pqPu=K6y*laP%!VR-s&Dc-{W$Si1_=3xG@P8K_bM00hHX<@T-y|T
z#|%Vf!KPhdqsszC#l7R^(M`*)aJ{MYt^l1R0>i>$5Fy|Rlfr?qH-J(E@xnXKGdoK2
z-Iny2MBg@R_x6kbS3ncl~AKPbo`Iuf4CGmgL(auC$|nYN)Ku(yPg@IY4D+I;IA
z9y+=Ab0Uy3UnM^+!+F
zqn6*!P)T<0;Q+XRfq`H_RY%*&0gjRw6_|&i4bt)aM(A&`{mRlgn3x%VT734Rs@U8Y
z&A!9@&$p0I+Vdl@;Spv*u@#&XGru`wgy@X#`@>oaX>|kjGMsN*H!rfpgoQwTAXxt~
zdIT-z7WaeBpztu)d6^#3qJQCP@yled)=p0YX4u!S8yhr_0(H}c*zsY(&)#RIkO#RK
z&3j&u6qNr_%H0w@98aUJx!2qZ0$$U@^Y=|LA3n!KzMZVUg5vZ?yfdgM=xfkWhM79w
z`=~`{2{ziVmBcGhGt@8u9EVa5Y^tVG^MN|bafconty&}-AoeuH-KG&u$4BNfi*k6D
zOov539!ndT_%ZiuAC)c`UEL2x1ceoj({OG^uc@@*S1+#Wr$*Q_iWPvC_02YEZB#rCK5^;M+k>gtD4d0C6N&&q4x&&?Nr
zc@AbBVo}(FstNwe)E%3xX@OPE5hRW8MvJYwQq;(A4l
z$0y8;UdJj^3Z7{Vc)DZYPygRm6$uB)TAeb2)29BYFP;C_hK5pUV6f;-Bu}x&;{K3P
z6SOb1OR8vKQa0H-rL0~f3al6KF0{mFS6NX9S-)uelHeFX9vZ!cVLcc(mz^00N4%+&
zs39nzdn+`l|07=;3u+A{vYr3nNF4BMl4Bf$vcBm(`W)jG25ULQKnH?U)$#WC53i%O
zR0?sQ004jujVYT;<4kg&TS$PlFgrS(wpj1^lw?*m!hP}No{9@cnIlO1YRT{R_
z8@}FE54ubQySMh`SV_KEFU#9K7O=>`2FI36P;9m_QlAS-u3Kz#WOaAw36-SfN!q)mt2yF`FU@o
zRsF(mFy?6J4!^f$E4Q>&10}>5bhA>;4+f~zhk5NP+MKbR)ilBDzc(J(;_bdB^59y1
zAR}{sQ^obW=?b3_9CugrJBd09XR~w$CY-icSTQAjMa3b(G`HB!kG!iuPVC<~_|3zu
zraWu@J&&Spn7*=S#n=u6Brn%vDp*Xb(t>B-R$~_dtR*jJxdR##v=o97lN^{Y;rUKJ
zmSzOax3|%ZWu@-Z^Io+DLfMxRa`btsz+~y?E$YpQpuEp0yR1brTn$dP
z6ZD}up?B1j`Hb5lt>HV^49-s%7<>%GxF*cM5TOrTM^$UJfj7T|ycyg{yH264%rXHB
z_@Y-_HI61yNdUxj`O7v+TeeHchD{(ed&G_X%SC(^LHoaJ(eWP+`DfSymg|noZ@<_L
z|15n;)@7{v#GG={FH6w&;ibs#b`3J=VBifBjDPhIXbV$d+E3!eE#0N4#4BxOC~CiJ
z$!H2hefBH$s=ZZ}ZMUF;4C8woM-EbH;lr*PhW!;{TvAwa85y%9gcs}gB?3_wBgvFF^)(3!h
zIh=;n#6np?sORQQ(n8=~I*vP(AaPADwi3R3@zd})8%(;Mhqp!KyO2i^j6^w!q&B;c
zEhKc=hp?OF9JHiQ^u9U_nVCPXc~wG|p!0O%$n2^4PG;5W@>!21CTyIlL4};?ChEvS
zevZaYq#+>LVGQ;Q;iI{;@1tRR)0U;#3%1yp|c)6_li&WHqTotWCe
zxP4*sBG5LMvPt&(s#CaI(^b{B*@OzDAxn74WWc-{JGv(=w#AcanUBSm)$rpEYz`M0sy`^1^Z71J4bLYIQpz&*N|4SJz
zH}q~&JxF8Y4l7PjzUD$U48Dcp_|O6ETAf%frl8A^vPDrzIjLx{rXLadYWDSPQGqwv
zB6f8#U{(wZOzGd`%RGYiV{Yaebwf_<#UTSdgG()oDDvzx$uTH1XUc4P+|57Hhn{hp
z27|{jlc1%OY
z9tQk9d^AIMo7)=Wvy4EHSNu6tJCZpBU8$zl&IBoS^rToRHru)8?4|SBi6%3ht)cwf
zGI(gkT--2OKtjgZHHPp+kcN%O7Yr5vU->UmwOx^5K|-Wv*Jaq8SMoZ9cC|?MoM&(H
zn{_E1g-7&Jtc}Co0UxHyLx?#Yu+2_@z_B655J!}cHK3yCPFmP2QG5_jOQ6-ka`esQ
z%B766Y>OkBBHikC9PJwEA57b$Wvrg3V&}&HHfzl8-$Ndttq~pv4flhcze};&b%IOzC~AxK1W6u6mqL
z(Me@ke*50f_@M};eS~0!o)RRuGvQmG4%~L8K@kp9J*I|$Z%uK?dBi9irYluM)h!PW
z2JZWr50H44K+7SarJVEvtOr)-z4#;IXx%L@*?R@VAjGRG=pf?0mrqTMrjz0ULMFpf)}T7q)*PUvKvFsIH3mOxXk++#R^#E~
zkEf3|r9gd@JkjJU;N^iWNH{CLYjK27A=onsd5xEDhCcc|=q>!Vzc<>1Ya&%F3C>dC
z2%^$AO+tMlJ<%x6GdAVrT!A_<1DysnV7TVxO8ZxzhE|K|QM?*@vZr77+0eU?S$&;P
zX5p9R@AwqOj=H&<#n-TupL;fNK(J$o-O+xJ69A-_?M2y{2AYtPkU%Q`eyNwiO1S^Z-3@ioAU?7DhwaP%z_3veb{y2fQ}3v#82ajR&G#022}Rl
z+p?#!CzU_-Z2sc$eNrN2)cmAI%1|R7%d1p+r8Z>a^JAAdCsO-&`OH>IH*Ocd
zyut7ZsVkascAlXHcscp+hkc}Kmah)oUIF-9_ph_Bm|ry;()NV5xCn
zW(nPwsbLS%V4v#7zDxXhI$p*%fb*~#fQ2Xz+D0!e-3t@$#6Hh_pq4!40C1qbO{2p5
z`MEpmH(n7(dMK%ydj;hg_K8;g{v1lY$YsEDFfGxzv&Sf)2qG}ST+Wk(ni$pI#~FWC
z<450(nSG%6l}_=1_MVDawnlkwZk93GVV=UJG+zBxquZb=?CTuxHN(vv}?)
zNh9&Rg_T$@B-k@~6s>vCF~ZVQK0F!7XerXnp5Vu%g2EopUdu*&0?_{lDpt%5!
zL;uh4tm}aCQO)&BSRS*|T)nk77i!0=|Ahtqo;n?@QZ|pYW^mY`LUVy#lr&SsvePI)
z;Xy2xhq>%{=okB4u{?xz^b+eo=3(cpxASNorsE~6i#7V4jrhn))YreI^>QD~ol>4w
zSzeQH#ISu>&RHzU5*Rr*DugV8oJR5AjR5@0IpMsx0OQ;WvzMwy0|AK5h`KWq+^UbS
z7tjAFE4mVNFD>Jcs37i7R|SjK;kILQhN2Z|zZZn4zuT5}5$|bE^!WpNsDOV+`t0Gm
zX-ANoaUvYGwHr`+m;1D`(%j>ng!wE$4!CAwUiB0c=D5783~cbXqzCIlFFfJsM9~3o
zKEE>Bc;WL9&I*&_lTSb+jsW~5?y9MnITk&yCzq`(>|v4){r7mjpB@!U;gwRe)aobx0f;mBVBx5T*a(!G`r1(>c3G
z3}kTv7I87+y1GP6=jH3$5C^ME`77m(We7tMtbytazsbmZ_IK*+li1wXBJuhcBu0Y<
z=-yxBsB~QT%th`ZffJFSxd3FQ-3Z~nNRC0QGe=_=$HqPqI4+Mc0FdfMfUfz$
zrDsI?YkZhkA4^ZK)hO|LU6
z`p$bghMaPD+kQn|6_9I%4$trcB#&1oB{?M<48nB$D4!)=2p5brcC7o>sU
z#Uj`H)m06{I=f@UZdk8y1>@+mkn;h--obAk$A1OT)RZCZpEb^6uZ;}~6s&>)-;#DZ
zW3BiFV5SWU00Ep4DbYxe%>Mp*J&DSkN7|7O7Ep(kD#TZzC~5H?R3V2OT>cdKwGK$8FKVP{RU2jFU*L#FV?b{|mnrJ-H-9vGM1u3f&gAStg%w#jg=+?zsYVCN
z)=aV<9G8DPnP6+oM2;@Mz6=zGApTm}&kM&y*d+#&1%d7Okl}Y?YqSDi%A6!9i_csI
zR40sxgpkf^&t{2wbOwmHX@L}E5UY-{&|_o6npgjv{JU{6L?R9|xAdb}=Nt(C7+OX6I%DMlkoA;rLkftY28hIv-45qnnc@!_0xpuHdb3cvEBE0<|
zsn$+UB(oK*%+r;B*>$rl5IDf!J}9{LA7v;@xkTc@aKOw^Lq_t!Jf5}koY6Lr6xP+9
zr%!+&bQ~6{xvV?73ck~_ws;DPGqTuxg*!wUQG=?;sV_@STnp84ic6wx)s*p!4NYN{
zJGBIjm3139qj>D?ODd98;tAvGZA~AEe`MA;DLM8*CJ?dZ!2|$>8E12nr{Xu)9|OYw0HI4SDtlT)OMusUlt#>nx-=HV
zq?R0r#}BsZt!Zx@#8D2)5{Ff->^Az_Nu>Mt?}l~0b_E#yOa>_(=doYMgp)V@`0qB2
zu567xR%&KDL%Zf^O?T}~48&q9FP>fO0tvJ|ZaQjHGO%=usT6y+tKp5X=+I$0cc(2?6UMD!d6_!izzCy??B&EDw*{
zz%1cou2T{DzeB9(=nlUR0mfL;#dK{5k+pndSu>??WJ71DGS1_r!{U!=&iQ^7x}01J
z0eQsHhQG|OOwZw=NWPSy$8}N|J}D$qy3oGb!e(dz#e?lAVlLwI>LkBaj@;!xN!~(U
zF3x{Qe<+_TfvxqsHZe+H;Rv=^dRU4RV(8ZoCA=h&87=BVc_gDa$LG|zNHkbfx?}zd
zSYq&0hrtUqmpXn`4lhBZ%wIpo^>*Kn3iT%JT80-m4X?vPf=`~VMFlU2!d<>*E1J{O9BD@L7Ch8OMd?G@8w%b&8$XE45lxllcA0Qb
zvQ4YpD2j2gm61gyoBqBa1z$P%gfBGb^pO6$0-TG3tic<~L_it$3@nw!+atdDS*HV8
z$Y;BsS?2L$>ut~F8Zj`G3kbaYLwoCTXz#!`tgdd&WR>Sp;}wiUxbDrEJFc;FKjd@E
zD)#1_txdEAk~Us`&{cyXTDt%RgZxf(mb?p+d_7#4o-xjlKYK2UaX_|odyOUXF(?@1VpQ+(XW-k0#pojcp;?W0e9
zTVm(U(mZE6U)ky3y1m5w)Xg>iC`0q2jg5?AZsxlpmEJ>VCv2Jec#?z!akZywm4<65
z_If9yIw`s+BsgQN$imKgJ|u?2|Cyxzm`k3OHd5|&%-r&_+y0C5n(spD{my#K80u2b
zl`W1JAEC0jvnO7V%@~Sam0YQ11=$8Ne#oYjkW#$B*d9AG*aTL@!tW%Sn5kJRoVxevyF1|V8n
z;gspINxGLd&yp>T4Dap6FPzJIkIAc#HX*7;1btV`|D98fV)qx!2-8(pC+OJF?kal`
zQdO3HEw+n5BDD`&zM7k9#b#;7TT>|!=UV
z^N13^i*ph+T(5a{N8qE_!uO(xGtV{9cpucU{LgzIRiT&W-lQlV971U^B_|)Jr_EZwSIV^F6lgN6uf{4;z$`
zz`y6R^}8>2b&U!B6gpl!@OT9%`Mz~wMk;BW|LF#jZSJ33n%=e~fgXyz
zHUW`Fg^!~NMnigS;sBfR$Z^ia9;z}@yATz8!4z^#t0lep
zNK0DUqr;lP#y7lG3_9UC1@U#V9gybH2GjnBanudL`&S|EC@7XQAP$@U5stTcj@i|d
zp~vk8)g4!Z?5Y{0=mQteiOfN8h5q;PF4JA*{puTHN2?MT)EAO?r^=qrv5!**sqW&3
z^~R0Pp{*58*uL3kEF9weGn>Qg8@!LxOzs-Uhk0Qyd00ZN&68X0&gw%RByv`vG*W8v1{*wl6P!YPO7dF77KM>UT7$L_U`q9ia=5CU0o`$
zDf<${zPOaOR=?2Ew@7WIX1%5R8r6R#;bR_*Hc?Kll)?Z$aRow9dW!A*v?aPv4l
z15z&FI|A>Z@eW8uNkE~aPkLU!%BuEbMBvbsKQ&ZD3iS&*^dUFM)1vG?Du`-(?oN$P
z1?Aodf|$@iF-665Y8Tru5M@Nyaf2~+U3XN8)mPwAwfl6&mm}}aA)?O0tMH~&qHv%Z
z(1O4B=U@nC(7L}G*mh5a)l&nfp&G)Q~(HrAh3Hm3m50q(iH8)c;$*l?;pFS1)PDTu+ueWQti3ep2S3G1<$hFT*cbgWmbKJdsDRe9)a7al>HJ`jha!PRjm$1gfeTt?>&$SzT5e$_n?>BZqA78m=*Pdl=zv5Td
zZf8}Y`G6$JJ0IqwwV&hT$_vf4BM`B0Zy#dGbz7WNAI8aei$EY0aD`oio&R)I+Yo)L
zCRiLBQvvEuc8W5K9PBsInQ>9fNr3!wyILSx5|ntB@>L&3NX~1CGFdVgLmHODLU{+0
zG&lCv>Y$d2k0>#EQ%U5p!#7!G&!s&}WeiTkP>JIe+P2LGU(b!Rlr(uFcJM(tBj}K0
za`lXCM1lB^K6Yu8F^YgaH&wuIqAER_6;0t<2?Pf*Xex>@FvWQ?ooW2mxPA*7(g7e;
zk7$XLRkp!4t3Q+a&&0~7W7WzWeQrm?g1D-{5`;R7@pMpC{ycRDxP<5qGS)C3CJm>o&jY!ZA>a_E^afw7**`bGhG!Je}Z#D`*S@JM4uM4ROIU
zYb4Vod!=?+TLJV`0WZK#|0q^n>Fj_~@C^k)wW6YuUOvwc2@h=`>SZ2KRQ-6g3ACX}
zmCnfvC9?(WMJ@&3lgIPL{uqyL9*-B`tJ$UY(0hjuLcu97~6Bo8Xr|2o5POmFgB^&L06-$RxMXy9=H3QRU6^0cin2t
zGq(Fdu2)i7O&;f#W5+CBBI$vkW0TlqHj0T|xArtdV0WeE=RPUzmAO~L={H^ZlHGGK
zDDI`1ja~ILwyqf+Epd>^ZR5g^7(gu0ImToHQz+6U#{udT)QkDqjWOOBhr)RUg
zu`SECYY`XZRCVJJxOQ7pFWu(pB(AYW8ilOVt$toytYB=3$J*A*=W!IwIDDS6UzgN3
zIhz6PVt`r-tksg7ImFd^)L1bO)yvdW0@x3%;8z|LgkbE^0u*lR*;|Ca8v#@7(_D#9
zTXkjL1QksS5XobA-IE*Ukz8QU>&IVfF=-@6;h}9*tmj{4k3x!!Qd%b+b^jOBLsX41
z#Q_2>)qz8{udM7^HodIC+?5~8b&jB5x$_#M{ZMa+1r;F7@CwFBsYz@uxcwTQ(ISQk
zv|gdF2JI1;&R@N67{y>CDz{fxDg{%!^k&A8(FIM^A-I5kYAJ!)3^nU}oBQEULFZ2%
z7`$LPzcC+Gn#ThQHlBa`3Q$`i+8#^hUpdtG@!p^NvkKiYT>0V39QPwqaSyrDSMQ!9
zk={qGx5dNem^1U)*5u=
z2v|S(lZ-1e8w;?|(v@N_mlJX?6?kp{9g)8}(;&P%4;j|nUe@ish^E{^
zbkh!vqr1G9`m<0cR7WrFFLQ$xsERn`wPG)enZy>rHIR6DxKfMK#-RhfG8@
zB6(OS#=+9)(Y2rPs$C2B+zW^9=H}nYQGzAJS3^mbNs;&k%+3v~(P?1;Z*rYike9@}
zn*>O#gbix&=xpY+8T(do};aIw?hFO99ayhxn`)h{mXE3izr^i?%08z`KttaySrjrQ_`=
z#-Xhg=kehCSudIJI%dR9DdKh1)^-KBt^YRr`u>A&oF}NXowOK~JNCUIM~J9DW~I4S
zL0Nm^%b^&aZ0Rp*BOdrN{#U8wZn?Qa)6y;=t;m8Plmd?i1V19BS(eN_CCkggkIj;J2K}?7KA*TfkUnx
zqc=f4;yR}|_jk!+*vT`UgjRpzD$ktrmr8rRQN15lh~VAlm!j^f8ZoE$kIEUjL5Tmg
zR`;MKc(wmlEI7N+!hiP|jFnK@hDOWN0IZbzf&?Bx#GnSLhJ)Q&wYX|}#0=1`xN)Wr
zkW@)b8+ohgc(L|51ggX3%~W8)_DTUE3axT-om@p$^rns{L)*tMW!~Oy&Pzn~^LEdn
zKmw7#pXEV{BjDl3T{FA|tFX!^_5w_O^-He+x9$MwD9H)EJZ43mG}#|B&mrg1&)!Ah
z5l^M)VQ<6=2MkQikAPMxMDtb6?sXOQ1Om>t8VtBVg%!$2rJTrsKU~%}!w=}z&~G(R
zc>mocUte0>NYDjbTy{vW8u+#xoutZ=sKFS~bCJBbIL6%U>quVzd}wp4zK~{tEp~M=
z>#`qT;TX&bL|XBZjdf%e801BHN4gHDzD(N{H$F50#3oE6#lq_Yg_*|1@%4IFI(<+Z
zQs5_YEdHp{0SosoYHM-!;QpfvH81Dm3Bax=`RfU=T{R|MBhYP>8V1S}_x6ASHqh-L
z99S4BDx=6K-_epetc0TMpavtrSOH!go@|sf3%TQAsq<#p0G<>|@y=HY68FuW<7OTE
z$wfJ5>2;6X-KTaN@1PcdhywJ$H>x)>W`|3z+;)b@s;#*^L0r}4X+;Q2!)e@$VITiN
zjaUQmEly*HbiYiOxG83n4{D$a;^=q+Nd$}Jd$Ch6|MexmL9pkW|yX(0jc=-g|SUOICo
z6$7Bm6`e)o`W6zDpK$M$Ef3CuyX%ek>A4bqL>DSC=|PfU5$9s-z%jeEka`H|i3i<>
z9gm$JdjWYyH6%e9SQtOqa37LFx6tfJpWPlJb^UbQl{0^`QWt^u4_7tIk-Ra3?&EDd
z!aZB)f)~DgHghI(8UNu#{DA_;EErp>zBt)0K-VqXXs1|qNx3&B@nePotfj@3NT-v173u=gR=rN7>Q9w!r<`1J`g0bQyKKCpEzJ$%lV)kp$mQ<
z^L3zEcn(GUh}6rKsiO=yA&XoQAo{{OPE3#x(5t!JR$oXow9X38==v*hBJDd*t6`|(
z!?L4hsDkP=x-j;Up|Da>S-cSR7p2$b>+2EQ-#mjMTd(QLxF?*rF-Ha0Nx~6
z{;eHh$Q$skmv#zr?chf}?13TyiyLU()s0U^7*-n@zqPDk-}-F{pozNZy|SF2Xvm2dOjgh#py+$7
ztO+2}Xy~v58}+Rv^A{kz*?ZBnz8ZceU|=1vYALc}`rH-;7EJ?j53NtO45vp3IGOnq
zbi@l*D^{VSvsd$vpbtzyi}dCG&*me+LywMPpr!$XCI0QTKJJe2Wtp4brX!+xdQ;%@hUwbd0K#~IJ
z!SvDoo2NvxYes%i+{^AB9c0hNO;j@ABZRNjN?L3Kvt6BGsTAUlRkpg
ze$b9tTqg$wB<$cMcd$qRkw8h0lq;F<6_u~IlFYni-)2wcVAj|LXw5+QVu$cp93(eQ
zVls=!@0KlH@lPX6zl{dUn1l2krZdYO`IE2R6h{G?8mMmoE`VSN-8A+YY~aE!_!^qq
ze^VYWve}U$k#a-EWT=8#9e&fv0ne+*a6JMzIv`IbN|wG(!~uITB)O1ILG)qlhQ8(<
zQjg?F=yxEpub*$NUf>b*NtR0L;*Dtp7}%*qqw$BkqJq8*Ztd?O-h?{MT`>}=c#3W3
zL~|MOy&v<=n>z#2kdFkOaDG`#)Mf?(Y3|-4>0m4NO|~)OfZg03a76by{yv*4=>OIkr-dRxYo>pjnvN=s
zsvgg`LUGKluEj0oqqh1mxf$y$fmM`$Sjw@@DkVEuDdJv?HP<#AJO;-|
zC7l#g6n8DtN}MXdjHm(UF~LQi4~9f*#gikD>f%U4^=P?x?s5l)%I8>;E(t4^d}HyB
z76yfy81(rqwU8cXoar&7(KWb)DK?b|Gq>AbbRGCOq-$k0LC1AO3!Vm+paU0Kjb$E#
zsxFv-J{@wemzwvLc*P>uIbWF}AR_rmELCDHt-=b$4RkTk%+rY@SK;}gwzNCCe96VF
z-kZXN8k{7VOL-XS@rN}ag-m7F-TynU5AN0lPd%pu7R$3deey|PF>>EC19t)
z^u!5H4~~Dk;eY26pvVMckJE$u#ESnrBOZVF^rI&>Jl&EfhB%GV{|s^J68|i58YNDn
z#AzvW;sd9p%)hX3>Jq0eae7Gp+YP6OF)pl
literal 0
HcmV?d00001