From 112c3966c95e90498ce27bf58abd5a4371b3bc24 Mon Sep 17 00:00:00 2001 From: xiangxinyong Date: Sun, 28 Jun 2020 21:11:21 +0800 Subject: [PATCH 1/2] Add vulnerability response document --- README.en.md | 5 +- README.md | 6 +- procedure.en.png | Bin 0 -> 28463 bytes procedure.png | Bin 0 -> 27442 bytes vulnerability_response.en.md | 129 +++++++++++++++++++++++++++++++++++ vulnerability_response.md | 128 ++++++++++++++++++++++++++++++++++ 6 files changed, 266 insertions(+), 2 deletions(-) create mode 100644 procedure.en.png create mode 100644 procedure.png create mode 100644 vulnerability_response.en.md create mode 100644 vulnerability_response.md diff --git a/README.en.md b/README.en.md index d23b0d9..1870be4 100644 --- a/README.en.md +++ b/README.en.md @@ -8,4 +8,7 @@ security repository is used by SIG Security team to store documents related to s #### SIG Security Member -TBD +Jinwei Zhu[[@zhu_jinwei](https://gitee.com/zhu_jinwei)] +Liang Guo[[@blueloveki](https://gitee.com/blueloveki)] +Jianfeng Li[[@bufee](https://gitee.com/bufee)] +Yaozhong Zhang[[@buter](https://gitee.com/buter)] diff --git a/README.md b/README.md index 8a37292..2097a91 100644 --- a/README.md +++ b/README.md @@ -8,4 +8,8 @@ security仓库用于SIG Security小组存放安全流程、安全指导等相关 #### SIG Security成员 -TBD +朱金伟[[@zhu_jinwei](https://gitee.com/zhu_jinwei)] +郭亮[[@blueloveki](https://gitee.com/blueloveki)] +李建峰[[@bufee](https://gitee.com/bufee)] +张耀中[[@buter](https://gitee.com/buter)] + diff --git a/procedure.en.png b/procedure.en.png new file mode 100644 index 0000000000000000000000000000000000000000..f6d2492acc74e60ee5b18e9a9aa4ef65f33659ec GIT binary patch literal 28463 zcmZ5|1yojDw>98{Jb*}dcXxMpN_R!Nt&B~$ z^;d?ZMtMX=5$QWkp#8vJ7@x^#M!&3of(=H`AfIerpup6laA$^jOFfI{+z z01-hzzW!(llDG{D6OY26H|XM%haDpR&*lHz5#Wo0CFuKDR+3ZRRRlsLX)){#^fm6G z{Xb(6#q=~<&YFk`7jY<{?sEOl!2gWEWC2y7UZvgcRz-xx?S7(*7%>oqN$5KFAxI+R z;x8+Zu$Tfe?bm!7gjnb-E(D|g|Goe+Fbq;dpjz~=&nJS1TyIYL|L??t^jw)qqE^{flkKpzG-Qu$ z|9c=RA%9C*=*@Wazs(RO0n8{|9@O~T3^bxRN)N8HJNeP3n~xJx=v0P}2K83d(&bsA z1c`hyGIglre-FIR5P|B z3>`zs`}Z_2OB)VGV>|DTFB$izm~Vf{);B````?L_r~|S{5zTsf`O;GHrRRQvKN(cH zOVFsYsLSmf8^vfEP2eWW$*{p8$eT;`)=W80aEvq)YpY4vs;eAFDSGB4Xs$5aw;?Wn;vu zEId8Nl62hf6!Mcq(Y5~Txc@wjq>xv)NxUG&>JrDJYe+C3*1jBW;^I;G75isWWNOIU zzn23G>Yz8M<1@9JPMb^F<>t;0JoKWrn(xcUx;fpuarC4(`Bw6gdUiH$eh1}4@zOGl z*(`6xd}75-I+X4#kn19RV-u*z)ld)qG8>6Xq~~+?45plc_n!gj-UVS8e6ls;htk4f z18Enx=xA<}sDrLYD~5|73U#R2E|O}>*A~=nTE!Ma5Gv|(DwO0hBMX-Bl5698pUNSn z(It8QUNtD#EYIEaUA3x^z_6ZkFKP^gEE)HPP!gFI?2x}~;3qYNK|GjE@!Itkb}tmI z(V16#a&_s$Mx?gjTl#x9D+NRJigI|Nu$n{(!;RYEaQ`)#Z)N;9jq=cASN<9t zX;{W^d$rY>-xGsT-}@V~q={N2-`_?OO(8;U+)cU{%cZke^$!k<3Lc^{{xv9(5;w5# zMv+zi*Li^0b1&?_`GxQ*9P{s2m1Y6hHY1JTF znZG}8${tEi=g|FW3;%EXWJrb1lyGFwg#Q{fZvzM<_j=tPFn>pv888xGQYeb}-zM#I z23)q#99sysyIr0xty_iGcr(B}j(7Y_@-y3;ZZW))Q!n1M|Ow^}vJW>N%!_h$0|nQ!H@* zvJ97At6q$1xW)!WQdPb%l%(9vDD57WAXMwr1L0o_QDEm#1(hK6$b`@H3$fa(nM?;k!nG)6ygm18|&_+^YR&D zE{9zi60tu|!75xAOR~o~PzWq7u}2|u@KUTT80JHjxabTrkBoPWGEiunZfJJU>PiBV9-30NV!M*q2ad~ zTQ~X{P^0yUqjC`B#qW4FW>MuwBmz~e5!DMXeg2p>$+Iac zU%3B`fX766dd_#QZM(|{vBkXVnMdW{9&xgzt>lx8aSfA(QtT*kp6ad}-`LhvVtq** zNoWQ_y6f}fUFSL1)_A2>gV*WDZfm5|LrNl4QAEMVv-`0kv44y{L&}p?DfC1u!NeE& z6T6O9*Sy;SWj>k3tz)w|BT2y1Qb=0SDbgeA?xPddLo^4yq7(551OI0a{06c4?r*45d8DB%-NS%mU-v8))HS;z zYIcR8Doe7ys<~ClDwMMNNry@B>+%FRK<#=}V0!MIY_1CDOUg4i$JU;5)h%VyHJ3Ff zIAA7_!9ycXPp5Ca{Q?QNvk))r@W2m(Xm!$w#m1%S-|bI7ekoK=9BP&T+Eqpp)CTI}~g=Dn4A4r+3_b#F`~&0~K;Za{4UKN#b#wbWG5 z9O-7sN1iPH*xpC~x_TW1AiBH>P=4yy(x%C)Z@(12nj9sME@VlosRSSE_{%HLW)sw} zMMZUfS?pwQFG($=QTI!bPDfhm)$}@x!)Z(BRVv^9^4Fd zajHt?A@pcWY%-1X(&luWi54{C?u~)@57T0#AI+sveygk{Ynql?AwqU;EmiT1aI`a9 zGkkJp@cOLq5)tQRgtkM>QkP=h2GvrcUkiG5iC>_joCN30DcK4i(*?9OIj_c=S{Tl8Vdf`uTaO@P8Z6A!aLuP|M*e)B66DJzuBqY*S`~uK30_Z3-dp;*e?^}IaEReC35Fy)h z^Em$$PFl~P##po&%v{q-vmAb^G*O;zCM_RzY~X3WE?PO+OH+tfacR`ZI@lsS{=(f! z*It0$M9CR869`k4Da5Nx-t?l~0h6w+l-C;*#qHx2%YWUPv>blS)hp0$d=;iD87`OL zygolAJ4DKB*aCVO*XwS6;`S z#q3a@8ueEry);f0#Yq}K-ZaNDI9~;!g?gVbe z*e(THXSjIH$6XpUr>a{o4e@|yEp(YgVXyE3OOL#8MkD5;>{ZJncU!0LJ8dIE!)-6fw9Txxr zDkqBb!Y<2Kasf6qH0<{8nc&r^0#3W*H;Zc!OR=3U!R}0|UxsoDpM!qxwz?JRFPu-) zYMSbeFgTd38277NY=40ZE3$H}pmZwj3z>11NVka0F}z;F{mf9V;%_cL$HS7sb-n0k z%X=k)YG-x8_W=wECPUtYlUwocaR75Yg_Zu2AS%RF zWRsG~ZuM)KO37hkQPQR`dX;Xg)A4eX&j1ZP0a?~zh5IdZ01en-K~)$%`!$ilp=@sH zf`~4a4@|)XIi9=NFKvf&eam!AKKGYn4DFQ@7{<7uWeNX=Vq5k={?{jhAu#tyCLp}Z zE;-gce#MhYzK!84JUndl@AzOfoiCp42KkFvi4}4(BO^cs?==Y^K{+|D``oN43O-#T z8JXZgd0Dsr8N}VV9pr=>63uh9*U4}G3;vxWb3Nbwx-i8vtA2UtesRXzu&St<6nHo? zngL&CY!V}(8UJqvJ_ea=e>tXT9u$bc>$)sreKI`4f`DABpV^cs3LbRG``;x(^!79T#;^GsWCPPl81d;u zt*XPF#krrjzZTYEfo#58S1yIoK;UTML*UJ?p;$(iHgWpG1>yI7O7cZk@Y_UL(tZg{ zfTLltPXFG(MqamoB>)pdW?5|GQw7LrEDAHDu)t%`VI_^Jaq-$NHfg#{rgaOg+uNF-HyH8T8sY+*xUC zM82bMldd{b6}6?tI-I;!9FzbjEt_O$V7$H<$I>1R?w`FY00kWcvssMd??96u2!+G| zjyt+S1=}=&5OLA5@oKvDsgeJkyl?-2D%Tkl-ZQ zyt{~swU#`O7?)h(CW38J-75K~nVeXr);94x1KaB*hg%Th&&s%eAk}|ENKfAD0=C^d z68!r1pqz)bo8Wory8IfI@W|1+j~tMD@{Ot zcSPr#vO~*BmilwE1T%khIH{DTcGWxhO)@6(Zy0^zxLAijx-OQHOye?)wPog3^H;i$ zAL$V#CC`v1;iO+<*&QsMPO}_~q~AyO$TS)Cw!0{Y&t7tohv`g4B1I{jrK@v!P|{ay zYCVmSZ?mlwr#EdC^$ex8KrBs%UJTFBdZZpyz!d)NT3B#E?e}Gl%@>I0F{n(4KvE2sebj8!EZHn=l}u`>>@wu0@>1Txt?F=StBm?C zD=JHI`~(I|G9Mi|s;`Wtf3})YrS)zcekA#H4q;kXw;09)SN9^W#%v@xR>;HpM^ujU zK~$%gB;&L64^Q6q)&viiVr|^_0h`2G=m~&#=E9ojslEML58gi>T6*v0>pX*R^i)xA zx`bLSDf7c=hjSsyLCrRf4LOyWf>0k<9I-Y@jeV0oip)z}yhrzKjGDB@>0(r?^Od@- zmtIp1K>$xw9I*$LNNmUJG-ps6dTEz+Djt6=iDW-j=A?(PFS>fWF7qe90~rdsW<6ug zlK`!nwPg&1*g75m>dZp#AYZ1=vfbCIF}?2Cjq^oruHJ5@lbR5+Ke**vgqO2ZyS3IW zJrxbTFQz14R=|Ff-$hwRvtFwVvmXWK%9FcFw~DEvR^hEv!^kWOkALpC18bPamMpm= zGtQ=*v)4}UzzLF$!&ayE?kCT7d09WyB@gL$%BKirmo0=|Pl}92)o&|Q z-c79iXy4vtNWkh^-mQSRTr8%UJSLiYY~&<~z*<>3UoVA6?V#EF?p)@IcN77ek{`B4 zrCULqEBQp#G255hbY5;gNdTz>VS!Hkha%B(IXn5mA%5p$s6ppP*OZfU@Ycul&I!yK z8GB8tBTgWT72cz>VCuPi=(g?-cXtclns#2$GM`9iHIG8jv2t{RBxE-J#yo__>ig({ zUW}pqr3fX|ibk|sh~{VDJ%1`u8(Zs=SzFW9DG%zp1-9q#+TieiV1O{lg@~NV2|Qx~ zJ3{}sUl7~%GZeSF<9xI@C)K>E_32#6)(_u^7?c6fgtf@bUMexMPQ+8PP-Pb~FjQxq zdo4m64II(@*NgopM>5wvfp2LsM6k-mGbF)3X-xKK(7t3O>&Iiv^mY8)Pisc|XTNTK z2eHH)zmLp_Yd!0OhuLvLp9HGJhCFSnUPLBBqtZ}LSzUB=)yvK=3F!2n8Z{rYm|OnY8aU@u zbn|jkVeE|TgB4{b^d|23^_e%vaS)sMx7#_oaCI>_%Wc^bAa4&c*sZ2O;ln!SAET&5ZE?3SdDQca@DsunsQ9xzIs8{TMc}4a8RG7f!!^Vp~U$Pclo5~giXEZN|jl!vnvJ9Pg6x9bK z{&JT_V(Z1c=Hz|*UzejX_mN5ydZ*KerTIIQ0W@{YSWqmtM6AC~yBALAGkche8 zczH6APKHKgaV{efqHlFp-PRLmy6X$|HbtP+SSfXD+3DWnKW*Jf(IN2I4EV{GqwjV9 zC)Q6FL)yOUZddSbMDcq4(`mNba#^a~TORTMq5=pgW{^pouz=$Ap+>hh#&`a^?L-{D z;qfAphN9yRvp8+{abi|!3XTC}w`gY1j|1OA$UNmaTOW(ih?P3Zic;*pv&iJ*jID+m z{s=E#x#Y{rJ{+U5{1Ld6n%{3tM);GgJY8s@Ik)f{&y|MeU@m-*4OTGI*qU2qtOa&V zHx&S4#sKEMt4*vx012E0AWCf$r7ZRaz3?Pnb$sRzu_eD2r|_yD%E6gFBFOCLM&%1` z5J3TAoxiMMs-7D*r(IUzXl?&u-A7aNmNmCePrnTe)Fq8ZLgnW&@SA$>DyVmVtVb-Q zS1DZs0DQYlgS*@mTYAE7=4okV$=IeOIz&2WnSrb8;egyxfo6CZw=m!=5l7ngZ2nwG z>Ak4pr}s8@Zq|+T5k;wrB@0sVDT3Aum3J3=Kh#OlRFNS)qx^OEOzjR+bnK|bZ)+~n zt0C&>S+8Z#Ki$PNUl(5Fqp^SxiwwnJL9aN11wN0lF%ZzEt!qQAlksa5`(w1%5$FV60`s_rbm67e32Co#BCr zeM(QP-{UWz>!qQ^xKp0o8q;M2#%5%R@9fT!OkeD^F2Mw&BoPGQci|A$=lRLD5(LVW zdUp*{Si7 z$|!yHHd3Qw>$ky+m%#0|)f>p{1`|5z&J6PGssMV{W}`5Ju1h$x$q6LuH^iv_17!VU z{rS(Q(8>Td?{}4m+i1P8Yf4cStydpps4T`Me@C9fNFasjsD7qeao$|9PNwwRqz-S( ztHXKORECM*_dipRZr4tITL6B{u3>@$`gr6AOMhmC4_s;4&N`YHu|b;eKghOzGhOKV z3-V@V#KP?o&@?+~-5a$(V9h-K6nZek%ZcJ_Uu%z&qu`gP;L3VXjIOEvxj~d794K-n zDKPdPcxoEI&uNE4HS)VoiQ8XOw3kTWxil+Kwm+-oxT#6V*RxVAA)y@Y5aCI&M^3sJ zW2ZNMj`2E zE)jN64s!9=MOvYwrFgF@hb_qD8-t|LPC6t$BtA6m>0w?asMXx8NWZNJN`|i6t&8u1 zg4=F0p%RJr`xRQG&MvmLK`ScoRXbTh4xdUnR=D2C-k|1iI~Ruz1uXXseB}yjh?KcM zn8@TjeLD4fiPFE!m+KXks_6`$Am2s!C&G&zl>*hwTbUj@52P2By<`rCJjBxN7Dw5H zcU0@q%bVJn+|<=ZpvdUS;mG9vjWZFT zqs=c*X?CA{t-H&zn~^57tGi@kHoSgUDf0dKMqATSKclRqPXcLP<`TY3U;qgw;4tnL z9p?6b2O`=eo(i3xQ3d$+DPpK|gj1kIy=nVhP5Z;FjZNIcYkvnQI5cO@J3xr^HALe; z`NSiXrvsE{f`1A;l3O;0%;?7@ziMT+t9gNq?(RUs68e{`3M;iTTWv#xe%`BJ9rKt#Se_myyohXIun-X{55kpTFgpZz2gAIlPkcxR+cz(n5d!Ioq5Y^{uGKi?UGo$p;<6u4V-6iCN5Hj!Lm9^BvuKSKxVI2~zRw-(D%OS6^%!Y0YCsx01S{wm#u5E z0emtg{91o2p#*qd>~_8Yn`SynKS`9ZSM2ILYn}$eR`>mU4MTpjpQjenS~t%C zDOgp(pWX8<^F~T_N7DyjJ4qNWRBB!9eJ4ztwRO>W8+Y1%DgcmwYe;;Jb)CkjfP14u zb(A#GvWH|N?ZZLd9bKlI=NzP)Z=g%I*-_@YOO*=;hE=!N9s#|IjMw%Kna^mbkRog} zKJRsmz4tG3!H1=s`yU7`V4wtVn^vv^Qsq7dP^Q_Lo&fUGWB%&r z_ByARHEO?*fmbsHQ096o>kC|H_+4ortO)-BoRkn2&v~2~k^gdv|7LYoa&P$rH9n{$ zG_85=dN;}kxWO8>R=cf9EyxIIA0{ACf#(3&TS>^1zF%jF8DEX?o^S=2CVZ=jG@vYR z41;h^SysW+gbL_FN#l0j9l$i`@O`>Rf;pH8R+34mJ3xL7aF(*$Apom^r0BmHkOBz_ zo)hvwe#^r+|yX}JV%}*ls5p{4sx{j z9MjqUHA~-Ir%}v&v{|DN7^cteo&~Uwhh#m&qS=kq@KB-@wLkPf9Rt7&@V}=x;<;Vk z-XNfD3FL(4=FvPNfWajMZNtxwSNa^)4T1WAM(M+c5)Z(j#@rtEAG!?ycSYdP1DP(D zOgn$RGsbF){rT+n&##@&W)HNLc3*$KrF7&H65%8FSPZvQk`fhu3x(tWempW4Y`>V~ z-2iai>lJ??ThQy4eGM;0f+kQazvoPLR?BeD2jW^qR~jGUO=6*if4_p#mM}%hjxZ zRI~G?HzX}Lf(ew7|6zQHLV@QjFo4&Sf+m5r1yV?NeEuh`QhdJ06Zh^Fw-wu#C9_O@ zFYOc+5Ta?k7$N{+=m09DzudkfM93N}_2U}Iwl{)Lvw}^7`OjE=wW3mb0xi2n7POXG z1I#(>h(YA6Y(rP75!D%R+#yzRtq&*drgl%?B2aHO{9bS(3&Mq<=u+W8Ay~l1f(}># znt?zBjlV){J}+cPtXIy5!}ZEjDGvBg0hc+I*s|3H?7Y+sg0Je?@ZX^kMRlYS`Ey2=QGT97E&zx!{qG5aOT1@3 zrBU^D66`mUn>)&J)vU|D&yuTHHK;d<=y-d%8HAWJER2)$INDVx<#oDZ^nhL8 z3{O1u3F_2ih}ZYBfbb8_0t&6yY3B{Y2OR^oCvFd{IUMh@u`_`!-~&b-T{%?xOD`jd z2$8-%o{trMqLJOwzZ=!aXo~|{PA=RuEXm9MPJ)nuFxp^XyS{~DnLAth?t881cdvpQ zeGq^ELL^SswAdCFP%*YA-nr5#RwmLCgquY>Ty?|olGj>KaI$YZpwM!5T6G-iysEN~ zVV9oSDIE?sk+mVn!|o_?^-umhhGan*pw(bDkt?`iuQU9n_l?2V5EE)DQfQ1hq)fdh z@SM%pr=N&^aX#tIbCcS3$!dUp0l*LsThWh)DeXV7qzbK`0?a(V(Lm>qe(JEKJ**2V ztLDGm48jCzuEY6?9fh-*)UG*FMoDpr6ru2rZJGIKp#vb*QQ=d=0ZG#vWKvY)U3DHw zTRoh*wyoW4lYTT-V~0v1H~fW3g@K;gb*xZDPih_;J?@5XXPAAQ4luxoq~975686jr zO!`R+`sEMd%byTN@1Ojqp5K9jA9a7TZis;PJVEySt(kBo8q~RGF%asU9*$cW#c^d` z**-L~TEIQW8m|2wTKs5B&4-s@3Hq$NgExD}IqC>;c~zA7EX7Yb( z?huvM$7-2X;598rj!)H1&|q72-|$I4C&|i$=zsqo8mBb82N0UDd0p;Lvb|`dRgYB!OJA5m;y^Sq@jKE-zcm^%JJBW08m56<$EJ_);1CYm)^!( zPatC-)THZEbaLKRWFE=3#RGyQej3Z*31ay=cF^QUS(GtVPOULG(AF(OYhxZ6(P0z)csqFML*3n@{2_ z40>&L*7@;2jwBX2=yc8Vq>1%uD{`NX%;}Qf+y5kw z=Ce>#7#urNo+!_BP{ETv#&L5QgZt*zOw<;*6!pekJCGxGaa2v^i5w?^#PV|gb9TNA z&J90m=cm(74Shy>>xS3*@^RkaNv*i!gV8k6Mia7a{zZx4lclh&$qlOEb^r#T@&Lft zDtP-B;;yUrxz#BE+|1b3yslY38|@`@x220EPop6qKI()=R}rfTSSe?~cKre&rtc@C z@`**Uks@Y)hGh97cMQU%D3ThyE*EzW+HT^k(XmoB48{%6HU7e_TBXyXuwF??7?Tpq zVWJ1K%c#&8p@40T@uV#Ceq|U%#6La^NoE*;lrc!PK$QfrO`~B%k(ow-AWNW=g2zbW zPdya-w+ytjAIOOag9qq5qP=#Zr?Po?swzvhnZHCx0u@f zXnN-q*AXubM_(Fw6zX4D(SExXwPWqW1b_mfDGsP&S!aNZ8rur%ep=~Hj!N#pKgo|` zkYRTPa3c-rAOFWggHIce?2@*g1sjuTWR{~&Y+M{<2aWUPA#LPkSGT?Z*%(78=sQy= z4TO@K645jndnG8p_XKPrRW8ozCmPx*26xfeth?jsq^II3@?=lFq6j89Vn5Mrho#P@ zXoh}U@+tIFwdmV*Ua8*|ue7gURRf8+L3hH}_T_2gg`V-0_pr3U)GU(P1 z6>|sR%HS~??zaT<98ZZ#logzolJ>Vu=TmEK{Z8O_!98Y~wiFF&=oje_#a;4lm`h?C|PgnvT zJs&K@0AXa0wcq-j#^1n>S{T*{qkrTk58=xe`(V+Y`dlz2zxEx3n_%LP+cwBkv?QFE zjn6S91n)rkOmgoHQ?5J%*~u{s-_3#;p-#qT1*m@q6znLqXkXC}vOl1Y9nV1aeC^m= zq24aEbQM_>`2LA9Xgu?sdz%QFeC=M|R}{~ZKi}EPp6~W5v>V~(-gox1e&=I-w3Y2A zBemB#O#C&&r>qk)%!NQYg#BlL(f4%$3dT9tfaa;Q38xmG^^W~v3&)$N2KKSBhi!2= zCj-x$_6_{BweULw={k$){GG8>^Z6w+PtW+=_sx&DLxL%c3?uvUnNuU0bQIOV zr<7_s%lK(&tm`8Cbht?0tUB}~_ja79*zITD6DBRPf#*!MKvL3d1jcFThW);QL3DEI4TS!=yv#^_gB}t7O+nAmcbs{sal?!b zXu!Rd>gnRj1;}d+UB>~SK!e40TlCz^ew8zh+H)nYPK($e?^wa#kfJ6| zM`T<@z8v}P{S828{IKzHt+>qF6edv1kYAnkxtaxHqkMk$v@epi>~co}oRf_7guV{` zyY%rmA5H{00UK&s7@&ObMpfVoO%-#30k36Sq3%w?8lXyEl>K*bvMXTz1A=i?8+fkZmU4+w|MU>34 zRrb;S503t&7HGa=FFeeCw+$cnyF9Dd716tDSS2lf>IquQ6<}S*i5m=b^3iNli&BD9 z34SNt(r%0=z;2Y8PaBTh;(u3#{+W!HMyRD1GQtYDYJ&pzwwR*L2raoj4) zwrgp!hqk4Xv_vf0JP=z!ygQsL%W^`_#S^^2ZQwiSDEH?EQB6GLx@`rOMgm9BoAc&zI(m zf`c+lPPHa|zj<`)MXN+Ga`k{DXz$UFyMDjW63WS8NiQNAkk&Aw;E1Bu;LNaZP%xUp zoM8*;9LcSfFrH$HD~abA>_I6I+O8h54Y^=;`G9K6+Sd?<`!Xep7=zEtp-b>jcXk4$ z7Dm?8%_71+Qm5Wzq!1yKi|XM6=SS2hHf2|yr2_F%X)Co`3TuMqWh>h3jR6c1B7Tpl zlc+VuKl>9jW#`19JS-W^?$>zagJvU#_R6&;w2b@Oy+=PyLJ!(q2pK!h`T!_1nZYh= zCLQ{VMuTO$@(*aw_oE4fMh7b4fXW}v+@18CY$@c)yk?iDQ!n4yg8CwgNTIyKX>5xU z5s%xSVeU(&sop}vK+P$X=L<#Q0q$PFmfqvR?zCC&GD^(xQpRXkisg8SGbo|QZjw}H zYq$H!AUgX{=?>qH8+kYD?zy)H;IM;N zdK+kD*?5e>Mqu?fg~(z=R}V=3QGG4%@7_uLGCS@tA%h(nW4^5I9zq&lFnv>s04 zUp3RBpBNV9VgN|HfI(P3px9_XX|qN*lgr`LnwQ~RJ6eGrptz_1^LxCIDX~_Q{I@8W zpl@X)*I?djS{yUP<>YuT+w3r;p};G;aLqZ=tcBck<0N7ET8vVDK!&HYv9P4!y!_(> zFJdu~Cu?WN#2SN!{xUm=<=hj^bCK>d07}Z$V}H5H4=m*Ivr;xgHdd)o1r&x73q0=v zZ7iS?r9^B- z`=F0uS6|Xqeg#ya2q5xoUsQs{hYbFVEwVwlw0xBY7#z<*Z1Z7pQGqDp+;^#|DWKhd zv>-wapkl>bhL6MNynfG*Lb6$Q?ra=!Xdg_YEFktqYv3qxG3&q6|b}< zmYWo*_z8W;Idy0PE;otQLJWi+*r1b>GS?1BGwkBna6HS>J9^iGk)Aid8yLGDx&hO58bi-f8tflGx zPbQN37es`fX+Z5n77ByNj=SpNNa6AI{;}4(SOy@E&|zXEOk*G(0a{3IS^DlVHjA7x3W?-?9h>`%FbBO4Bd7e` z=pU5L^|hEkh9S+PuW_)jSW5CtZJk!NtkV#}S4=uiuX1e6Yh`~WFDN}vA&wv*{B*>e zUP8uJ*nZ@lU#QGwtImKIJV@WNN@6lvuhRD17SXrp!|TKZ<(8lL0U;_`Zj@kuj5L<7 z&+0%({dFR3iF({ES>~YtTD#gRD9nM^DuoYdJ(@UWeuJ%-o^Jcdf$xd6yZ6>~yVv(p z-?@`bKkGA})V$x(M?ze7t0cKgLVhooU+PUm5MLZ;q$zFdM<@vIh9$3kd{Hlso~|`@ zs>#pGivU)!RX5w>Rl1~v4=|2$Hdj7a=i=dVt)bL>Q=7uYjAJMy=}X0lD=tGeDB{CN z!3`c>M90617=6kFf(UmxTn|+p4a)VqFdG1FSJCHCg=Nhzjmo$a1BZpF$?MAMuKY7Y zL>B-OvJ55`H?dsM#iJxy&V|l;T7mlACEOpMPu0=rC`_S5#B)zs3ZBs7EG}5$EuP7u za0>tM77Tt8)-XlvifePi_{#L1tmukMhxjh_NS|YwSNg`wjo-`7%sY_m=kG=MkB{m+ z5^8vA)|3><1ewgMB3kIAv}1?>w&}jh?2fPFU5XzT9>fz1dbC0#b`<~GXD2;6)BoC7 z)#3O^571nx~z4Z4fLIOju1R`IPTMd_8v}h0{nvx1h_`;52)4t``^}ogT zR7zL&w&cb>Ae8M^(s(yEEE@3{zBA>a`lZLr#m$R%!3rfsv%*G^QE*~3E!501^MQ@l_N7e>?ryS1m?gKV9zZAP@N7q4dCRt?$i)keIwbgun zPM#p!}*Z7RMDdPE#)bZRdUGswvlO=)X@^@_HSAqlAkY z!uoFL-8=PaJRAyaPjt0}U(+(Dk`+kZS)uWBzAh;*oLzrnI6DvIm)GSkKIbq#OZ@J+ z+>hW#DA@aK+u%b%kzFpa&MiHkfatR?THhh;My4INcfzu3xP9C(NZ^SSFsmr&^K^ez zWU~VncLf&Zg{H zfRLWr6{Ql;8zd#;u0;Y9L3qwSxgTLzvgjBXvz$olwZ0=eO=1#o3oze1@+xf*61#`P z7D3g{OghSEM1+6hhV=3a{d)U#HtrYRyypTA{Veff6agpje4%!?=wkV{W$XkmwVI6H z7}7za@(o9E@_$eIQUU@FR7J&g&S~C!L@fwYbs9+^pCmqB+TSf@>B|s*;Ys)j2$TZ2 zT~A-oTFsHFHcTE1!k#YlR;+F*YH(4E4oH5BSiK=DbX@M6ZpP<_PFU_Pq1z*i;pZ%1 zIgF=^PQj1BGb#Ey{+wh_!y6wYKhj|51O-u+u<>tXiThx#;*5e1 z%mt$#82l395U{B*V*&Y%uNx68fY!x@+S$&vZSUw}0nnfC-67RJZ1VvMN)m~h-;ANC zdHs?daV9yP%`$;1!C*;o9*c^oe0=wN{!WUfOI}Esu_y(r$wrY;np$6doOaHvA3)#B z+tN!zm6;3M9vgJTwakt>jNa|#GFJ5O3^uH}tqgQ2k6eo@?H5O&c&(kExhV z;-=PO7(`!m91XOkN1V|Z&B(=c_EP|74Y}({bpio2a;#07H{!%P|Bjs(Cuj-V7TeZI zVsOMR7w5xHGdXZNj`>(iR&X!N*~O@_t6n`t@|8)+37M8I>9^Luz`>?UEnqQ;ze*aR zA;dK#^ZC_>%z-R^+rpRwB*97y5d`b@`;y1ShSiP4pwQm(qR(?3_& z)QL}mIioEy7g#Pbea;wP<+nF6@jtM6ss4QtjbtVAdwQ=eLKKtHX$mT!C(f|5d=^g z20mBT1`o?XV-!*54m=LvWgZcBKIk!X{a>vjL1BXk^wa)l0>)BjO8G`H6)YxDuh$rU z_@9Nwt5$bx9LpNq&-~WE;d$E9ALC4SAb0EoIFB0m0&<%;16Ifpd++&P(W8f@1mlP} zPG+u+uTqhke7*gjHXignGg*5@$8^|tfs8F8w4Mr3x|ApNV+>QnlAEukP_$sj^Ht6F z)Xtk$U;~9!QXHj3tCY2nJ8bn~5#qymnH0>Vy?TrzjJ%bHQjW8N^iEWMO6K?%KDpY?v9vSB%F z4%13BB?xs6;Fsz>fRD<26`1)v{u#n`QIf&L1ys%qHE@dnUp$b|!&%2+;k*)QwyeBj z1^NW28a1J!`I2Usu)NO<$vmivV!nW&{(wxl11hz7U%TKz6D;v%$a2cnNeqmAGa57_ zm>W*r5lzSsI?7a}i1cOPaUktI0;*pbOF-)moY`s(dQQyU$hX>&YBk-NN-0y@nK~Vr zA!ga(VOZ8a`Lw_&XKp24<27F)07S0QqdZxL*22k4h);K=W4urXEntU820w33LDUlRWJk+ z)cIA8gC|)c7)g*U-e?)c907Dl%49a4W;t67ke|=1&fgIp^F`kO5^LD^8k%o>EkweTa$lIKyJG9JtM4MDjxmN6P)=(U`c<%FM$(WuL{jyj|CzJNZH=416 z70;7Z--ly@{;Yy?PHBM*eJ`%w3hkAp;99uX*6R@<8DXLh0cPc*SJY)8Qo0WDprd%- zp87a1TP9S_thQ_HKJ2xJ4Ybk=IzR`znf44trlY}B(`FbF8ut_nszLp!RN>_gMtT`2 zB!pBL`7-c;R^6(I6hNSj0T8)iv=ta8@AedNo9of8B@{yp(mr>3N}?7}x2$_r@WrLz zHb0K~Zm#j`(y8o(R3M}tfzln^S)`j6Ze%d!DA`*z009AzFN)Fiybg-aC4R_}*&2<| z;+W)A_%drp{$9w`OnjRsf+04~;W5xyB&VSe3>3V@z&Qsc63@4U#zytKMg_oG|K!C< zprI-UbY0>&OAkd3YkZEa)6dImx9hvH)&@B14k40kD74S$YTS{4k;rRGwHwUjKf{s0 zzlwL4!Nc_a?1-(FlDq&P;ZKW%G9yb^GWgtZ_DQ-3piT)a4bh9|?LLDaQNdvHZMeV#^Pc&K)^}+bKQ?_h{TAD6r>l=cm8gv>%m!@D9S>rijy*rsr`=Qq~RnLsEFvUl@4pXA# zQNA)@FQd$WRfX9*i$=XZl32c&9(sY|wTe^$!bLfe;#nLPpK1Vau0jO1%UCMEB!j20 z{Ab-O^RisICjp9NE}@Mb@ru`QrpUd6hHZX(|D&71WLpD6ZOnbcMXe4z%qeD?n0;?e zbH)CKnEA_S+GtZQ=3)c|Ki~AiktRuHpKSx?M?ls4Y$g!_yp;k9QQ&s7MBu7SP7A3S z_M00RmLNaIBzP4cPzg~bmW0jv4+5Z*pXmT@m_lDxNBR&JAthSZ=j}XM;~!px0&?@< ztS`Wsr}!Ic>G4`XGF72=j^;f^-;(qtA_eOpZMqLt601C(WsMew%@P+l&zi~f^1J)_ zH{R07>nZCzE2wjxug>53HGEYFPgHHC-LEKJ!7q2YFLwy`9zkNr&DMQd0wc?M<^?HZ zIyz9fC4!iI7QR~WT%|ky#J&AJBYZ$S_Tiz0@?l0GRqA>RRL_8nqVct<0i?mi5QO?Z z;S|XqN_M>@UJJf}2#6-v%j02XLmvtLpA+?}!b1AZj!#!V#ux!_>X7aYl7oEB#wI-e zRa(KAbeeJPl^AA8ITD7y?qttu-TD_q%xPGp+YFZ9TmVhVX+ZZ-YBpo8Jw{je6(Q>gSx`1?Y+uR4ZRdd6+^JQMO2 zfD(9up{{|RX~$}K_NMU3m`@)UaMTN)v4g1)^D=ewi{i8SIXSz>a3O*bI7vYWrhu_^ zJ7I>sfGMk|^Jcx>W~tuqHp~zFJ@6k@{xVqCea-dUlk1Kg&{(a`5@)enr+^U8m(>e& zgC8*Yh95RWcMaHT=UCi}5|E+#$?_VKwRb*kHV&&V=}uu`$YFw{+<@g#enoc59dwz^ ze^B^Tmlu`Z2cUo(nLMa^E2_(gJodF?j2JX)H0~!bp zH4b_wSpN7C*+0u$PNQZSlYeaCi*=**fJghpj=A zAn4N~h7B+S0^QWR8_bl^VNqNwNZfyN@;hGDH6{}v&9iV;9tQG!$=&>dIv*S#L;MY%yTM8G4kNMlO9 zo1)lg(}2t;NfBtqo~KK&Nd&>X;1vQ&2xvG?t{Unrz{?~$=IAQdJcQEaI@k{9DtKglj-cJ(7mR4=14Vk7!0$H36l^zSV@$jl=5Q^Kga5_NT z@GS`V&kClba2>=(|GeGNw;9L*#6~3`NJlvyk09aY?^mPe=iJU~xah zGgYkcKXrZ4S)bW_0#Cc2N~e&2}auE8*76OPFY zbN%yKVCB+*U(g~M#dPP*EcAKXzmF}$v6Zs&6`mF64JPB}QvznhFd2E41Sfm#{dp&RpPYzq^ z+^Yl6h2-~?<$CZH!^Y&lkY2~)aGD?Buu~kEJbPtz*a&DEQ`R1LHNct$R5Spg#{@t~ z6`Q-G>M0<~Y&)QVvfVtX!>$%jmoh21*J9C>qF+PCEqCobyWFz2qbJ3eI1}aCeVuO} zWqfbJadH^K5Px~g>`TML`&(c(Pq1tlz&(;ORJr30WRUKCN*DKe9u?{~eYfI}%KSS2 zM!`R=v)HOZ$kAlMkm}23WUtjD&2~CR6nCGGI!~#k`b$ubCU7Y)dBaqr@INB@yrTGgX|AM(y?NjwLW94w_~GD zq|=PaUqsy2WLSBENT1Nx11G0nG*AoCs22Ecxw+8ds%aR_$0{O$UaIRF4t6#I4N0qR z^R7gpK&+00Xmf&<-&`+q8qd=0UVxg$$4y~^OjFgb3K&^XE#MJl-B2jeVOH(AQD`H5 zv8w@kVt7ob{Ud#r?%UYge3@FSI+|6i!W!Ytb&W#r{P~G?D00 zFQGqFo+usQHHzABPLKdIC=dAKVy7ZIccNO$q=qC^mI%M+JaBX16EwQmt6X_S541`5 zbHDmfNT$XrH|D}cd5ojEn7DOu-20(@_(M&7R8ntFPq>b0(y`pV5AAJ&kzcSJ5=w}> zg^{sEsbRy%54D}2sE$`mq}B&a{7mYnHIzQqWmqW}>72)}st$>e(?b=wa9a-A+uQID zl{Ee6d$Bp^sX19n>_*dI>s}}ww71MAG?faDWaiN{2x1tzuTXRN+FZPfMR^{IrVFZf zPpdrvaAMQe={4Zxg0BOcFdJ_WWO9UHv@00M49MoJB6x~{k44#RIE5O+a=e1&+ ztV`0u0Z`!_gae33iLgLG0!yX{T>GlneE<0XR0FG&-YR>xGGFxq>cugMtw>4KMi~*2 zJ=@N})l=_H(1ieuF7cIXk1ZkF1NIl=n?*n%RPq4(+zNSK@c##yINaKRiC+d*}*m_hLsiL8}@-@hM zqxwOvZtoVya|$CUjnP_lB5Mw-2o#%zi1aG|L-Y2PQVk^?oTZZA0+4+&sgPJ>h!LraWQBN_ zx%%4Oqd5?%%}_nwKvyNoZd70~O$xL_uQO-`&8L{}ZZt1rD{f%n1@At;IBVwob4d2f zu=pxKNhO;m+Gyoi=bhNu;Zd_X6Wz*Jc+E6)q|PjFSQS;4IG`9&ml$!>IU@Bso?en~ zow0Iix2#KXF$^yNbSpp$up`tYiae+p;0t(UDLJpj)NkZoBG53{osI z|ImYJlULj~pHtn}7qV+TgC@6*FH-uJ#|fF1`ybU#Gj*=BTJ&ta2Urz<`bvlIl`}RE zy{&DzSqpQwObq>O_|X;nYaKfaT_MZK>Hw%>dTbPT+obbGt`p-}4@Y1{$IYV4Ad&>- zFrHqqJpiNXowf8$AZF%p3j{FsbEBNO-%gC95HYgNNhSTGXYBIyh4+tr)=w9nygm-T z9%7fkNYsFMyl&_XmelcApW&~rCx#oPxcAR7OkD&xdMU$4^o$_nSkPSomK!j(aOb?d zHEGh4v6tXwVyp9>^H$Y5LQy;n4Udq86@Y1FK zD4p)>jgV#X#B2hF#RVsz=e7*O_I@?7yK>TsV%G`@AcBmbGwHH^2SALhPxmqp5Z1f^ zG?!3Ls5*Eq6-yZ!)wv}gAx=CX<1#>{#sz=ex=}%$v)v-=+-WTyyTIr<<2qKA0VuXI zuL>_-fA~w0!Z{vnhlHZgTfJ0LgKWn&*(sG{3BtR${#EJUehvUa2ZYdYx;VSGSrzdedBbYqZzdxAU1)&`vub0*n`{lf<_Bu4?eV1*Ngx2?7X! zDAm7hTBE?80LmK< zm;3a%zw6-rymxi%X~NLmAu;25F8F#Y8N5)eMa4`|(6!8AK0+V_(>gmYNo}hJ0PAXN2Cm@%}@#>T~%(7K(aKMucXssskVO09{}I@qxS%lNw}4v;SHE92Fd6X zeUgKcc+N4D$T)GqN&TnnQ?AaMnU_@#^C@aEynQd3rzs_QXLQO1UQbS}FWia%_2$~A zmXYUld!-&5L2II2RrjJ&s|RPY)^B+6ckX4Hy4BwA^7-a zb?@)=67q*?T}VncU|On)H1>EMjdH8`$A3!J z0ahpk%;uk5#z?fx#=?Kuexx60y|e>9&Wb*)OoPZ!A*egdzv}R1dV1pf@{s*eIEa2;`vHd;By19C9%Rz!%gp> z;Uq#l7f&(GdA_4Eh{+6;J>SaJ+Y=nb;mx{Dm-E-`<4;?R(yi8+(W-^dJL>K&&n`B` z1RW;KKG&;wde~gLRKtm>x zMya4sD_2TzCzl)VX&>!6@}RQ!!ft6xZ^Zhi&BVia5&{Y}<=sz>1wlW0Bba37^bp#@ z3k8WU48JevtM*3xlNLqo_(dYd^r`%O6%q4ZGRH-z*m;`;eJ)EP z07V2eSwnGXloqVhui@K&!zi1YXYEXtdz|r$}5X5bVd(9v(74#b;W;-!DtuoYnpWw=T;`qsmK*88!cCf zTSy*PeiTy3i1}dGc}a-(1>J`?3G($ck#hMPY3}F+&+=z8Pez{6&KxEc8$o|hVh(a+ z4%NO2wO=|01=SgD?(!Q2pUjX>cZYJ2fT8`ha)bLuzQEfYSp}e6V4RFUDf#8$N-B-H z@ps1Q4@G>dZX+0Mpp*SwN>OM(e`O!`;z|RNUhjB=G+Q16#bUUw40%fgC4t70KS8`=)S&Ewt0n&yrv{6 z!s<*{#vJPt{}n@W;bgh5UEWz4I#PFNJz||Mec$r_=r-KYNsD)U$>pH+dE}+|)`W(b z2Av0*ty#EbSR~Xp5-jQGOyp=7>cT)z_3BY6#4*2F#{N~-4*-SG<`@YK&!+Zlu7pW+ zGtY`qhu(?`j^DE64MFGma!)Vz7^k7jEg%Rhb^^o((4;gRpdIhOW z{*y*ZgaUMi*v^N$;eBDabH))Xyax6tO`obHkQ>5^$8fBev=LKtK^?(5fkP#Hc6QDq z*2d>lSbmG{l7dmvgHZw*p{gM<_E-5zN4pE@ZFd+Y%j)XH0(w}IBjARdd#>CIMUil) zEVjF<$#?+W&{GeFL|XM^w^bQxf6_~;GwU+q9 zB#_>$v#^37RZ~(W(swRfShH6usSfjQb49ML`>x z{4h#IK}ihqxZ+(RfmAr)2@uT6f&ot{Ws9-svf(BO*-!Qo0#x*`|7X!<0BOjAu7NHE zahjy{^?f3y;*qUfCZ;%D-1(=z{l>QIXf#sNFk7><|8h=WxTLs*CF1m`l7MeL$<&5_ zBT1dL?6;c&Vj_S#8HfG{oNf;&v#xlfqF>f|P|-OH%{Ler4s&c+|Nd&&*)rn<@cyLeS83%s>c7TW`23banX1rx?beiFo%>C3Ic}>jlEkFiRFCmn zl4LxCw8zF&B@m))^a%^45~Y~7x@Hi%63l5*!@>2#*Rq?uUDrvWDG3Q<0Y4CX!1r)s z40l)pvP22R)$}wDu%*VwF8vw2Bz@$Fd%Y2SLHpzCA1-P3DEk8(G`~sh)+In!C>)KQ zUAkMq2r8Ne?g679o*Xs0M9>x)2Bo-Y6?n^{nzug@D7J|0QIhK)u_d45(U**A?+*d{+;GUAhrb~!BR(nzx(~t|5NT2e3b0ZM}Ix41VWZ@5mqSZ zD4!mXBD=iA`*H+AM-rLEmRij%ki|;rD%9Kib6apnl16#!19XITu++g zdO*eH8O!%+cTl8rDF7@g?OByCvl-3Q37+3MUPltR{u$O97x*8K83yA!1!2StkedxF zoFSNz<>@44gLr#4TO02)sO7I^&4cwa_|QG->-Wj3Dx}2V$9$A`r$7bsjfXqe%}I`s z`kGj60Y!J-t71N&T79Mkg>eA(y;-Z^c9{wR7|`l(C1V`bQTU-tNm(EG{}_i8n4aen z&j!mPWm0XI$3)Gn@PoNCIlca}rc{>AT z)l*9y6GhkalCQ?V%mXDHAc(R6uwN&tai4*)nbj{@Ou5_HB0xv?LSipN;8W^$n;pvvmf_+YJn2M zSp+Y00V0^~VVH4Axl-!nkHi;?FfcG^={Q*hFGuvi03AB`m&!7%lNeLVtAF)>%jmCV zKnm)t{TK_J)Bos|CxP!^<;N(M3#*?K2#zZ={qN6LaTTe)zR4lv^774JW~u*`)GiOs zEeHVCaIUPs%b@y_`6eU^>&NKCaDgs@%jIAMkO3iLhUA{J-Gv(0TDAvlFDQ-^6Ei>V zJFI-M3umC(YVO0R*4-h#POez`lW~MdjnpZ`9SbG;TVuisuG&^Xsf5P)oHk9 zG&kd+sY#M{vA^1)ZIn(Oh&A<-3%aAR5`1TK6P6hkFLMu|=p@+6G@F2u&NZQ=uv-py zh$7LK#)zjT?L>nbmcasyk6>RN&12ZyUV0t}+Qt>k5j~PbFcxX7$bHP_?+!F}HTp${ zz1hVct99O)+U}sA!0(Sd({lW?)}6Cpw|n~mt`l_j{011{tmBRlO7mz|%=!x!D=!yc z7k-3Jn|=Ih&YN7<#&S8h9L4Qb9MXr^?|E8uY&E{>qlsC@C1kXD1zK9~$I_T?ftnaU zblEuV;0QxATTlIKkK*9U)#i&kC5B9BP-`*-QQo8%1RW_I0li?!w9>0bI4yn#dPIo) z^DI7VW|2$epe#ZG0a|iX?E8@Q@8L+NCQp6zOZ(4GvuXLo0zVwq;caxpe>Mz@?j`J6 z!(0>2u#!OW_%188T>f?v0LZ7=ds-;=;`LUu#1g%=_r#>>1pJN_vd#Sn6;};c4of_s zpaxTgZc)o0qRjQ$D*)qPR->ogd1_Hrl__d&6i)W(TO83qu6<~;xZBqXhCB5qi%NC` z+&)Q9J8o}^iUpto)R^GxZsfOPYl^(11*Ln+a>fjcdu6_Fn~#=fTY|THLq=()^#+5? zABoVjV8kKtxAj^cjuYM;q#S0I5i5ig=9!iM5Sw+o z;8j;kwJBL0|9FuSPDkSCiAU)c2K!9xm4Emo)|(O-78U{JBWAY!heNysQ`mOFojN*C zlM8alk~4otZN`>x3f1?4{f?n_8_^@6ru9}V@XE{rg-41b0<9&7JVqKA1fBz2g)Gen z;uahMhsF05cE6I@%2AE8;&&o#oOaVbt@lfii%*Bmji!Ix)6zfZJT;8j)?b|) zr#Ho=)n9^ib5n+R8^gCX=G*Qb^FA)i{gm26Gz)IEv9fkF zl?jdXMX7MqYam7t{E{*jaHye^9bqAvzfkK2w8<=objhXKb-1)SK9uU6t z`c}QLZb%+H1@01uLs61x{$Lg28Z9G-7VpZW;kVTLsZl?Crh%8c0N+VkAi#P`ONhhG zTdX9%-5xBLSS13P?7KRe&=LrgLDZRp>~r&aL3CNj3&HXw+7%`63w+LU0vt%o`6Rhh zaDRrH`&=`|aYlaXqX_=*;Q6;#b2!f<6L@9qdyT-c?SV5ZT=fcaL$p#qRPWCLj6F3F zQk38+(~etJ3!1Zv5_2rHKE{l#9Obm)kiJ+D-m8f_@XN1LZ>Z=Z6mrCVd@Q}*};qEaB>JUp&Z z;~grQU94PN`KeV@KsXa;)vaBA9Q2*+IVoQ&yh5w2Y_=D!G}XMZ#6x~0VcwUU24X4Y zlxUOWrA`1Taq=I*{x{>nmV(NJ4; zhD%9`?1j**T?(U*fW$~K+bca1MC4w}W!Tr}qAxfGwutS8o=8qMniIQXA<>g=#fih$|vu)Mvq{rHuq8(mVd z&D}K?qwj8z{L7qxe`?$Bl9>|(tJ=ba1=Muv}^4iquFkhs?8Dc43aOfG*U zOTt;LZnxgSIE8Ir&XiMOIZf6s@X9gXW-K=gjJh(xzDzNJI(_E6-KN1$0`9eOUMcAz2>#pg`xo4&tt@du* zD!wv~bVk|1T=-SI>CBikFXx@Yn_A^Ak|$yZE`)IbB^B$Vb$rc|bC3X-ttR~?gA8{g zx4@hWO*ynu4=7e%5YRQ;fIOm}J0S~d*4-&d81b;pMcWPX#jA5eeW({7jU*(-V{ba) z>yRj8pxtIwIsSpzG4PiSMrA%LQPe8LZLsB>(DWBMWcw_wXyoLM0jS$t8t(VU@4h~o z=1xJyj3%D8P^f;@7P6>$xt8WoE{9HO%-wf>$LQ*uGr}e`2xpTTtlQPhiEbErm#H#l z?R!1I_O@J53z49Sl-ymLbw1iEshqX*aSBsz-K6b)=zieChhXAtWtvG)2}geH9KFYmfh3kNMZLZg^~lnR`}5m`sIo! zGJlU&xPCCZ)YQ7L16eH2>Q*6|!HE^)5BZo<+V)R{oJ{TQki6^*j#RZZLPuoo4+y-* zx2FtlbOWU&*J3TDN+^oS**)i@ePaG}Kx~unrR|KGQn{M}b}7D&viR8;HolK*hOVhp z?hKE-A_3MsXi7lD_oG%VMdh%JlfikclaRRH6YBf0+u`*cr%>TO`?2x&*Ei2O(Bh_YE?qI&Vb zH5g*soGd>m-fk2~Ph0V9*T)YQF&$uJ`L8%xm~hfTfh#L?1F47uwW@Uxbl9h2&k#in zAf;f1yG45GVK2uhWP+-V=E+IVq+o9;0#q;~x*(wT^61{)OCx7B?*D8qUE06y|1iiS zi?Q!%JJ8r|0z$$B$P7<-eGH$Y`i!z3==|q(J*-}UgMP(2%VTyh z;=#EWwrqqs!hip6bJfC`MI~E2GK%5EM$8q2Qj~EEY5d<=ZkRImiE!xMChc)QGyv_M z+2Gef0xoJWk3hoC$)4+lsjvt=``b)Fq5pmOI#xN+4qE!Jknl6OQ*;7rGbAROn|+m8iDK$@Av-ObfgJk zpWQWA3qnI!5_t{E-T+w35x<$edPwmxdL(*2C4iQ_Ob$K3UL91N0*_HE+8vd8c_FO? z|=E~Y~}Fj|2d@WQm7T%o+MM+215{xY2u0svIn659mlyT3T!cq=ssrE9di z)7v8bnM1aZ3l**Lf8V*Zog71pl9lxFikFU5(|kxKuN7eaADM6s4ovKA&4&9P>&lxS z0~xkwT#<5oW^82~MqG>DFN9Ege3zJPV$ubc^a7P6cZz_}-0!p=2cdZ08EAx(Ovx+W zU=k8}xM5)>I(j{NU?H42^5T?_ZPs5x_82}00Bj#M%iYE)D(pXHjhs?H#n*f|!hExv zlIlYRpSbA~!ElJak`a#5U%Rb`lIR<))>y8zFk^2KpceoP!opq(TPWxF zyr>wsxvA`Uud036S`H9jCYX%i^Tnle4%sLsJS{W58+mCw(iTosJgNLIag-;LwZb2{ z7zO@d`&}==E=^G90Z6R?TCGf4c~Y{{ZBGd=dNHzl|GVo2t6S#0qdVGM8iIMb5&4X? zV>j$7zwGkwXa_q<9iS+{8d?J%F0=@tS^kswV=V={11f=j<+b$}{+`VQDwaU!3s)om z6U@l{c0LPO=L7CecK7yktSyezj@Z5Qq8YwMn4D8m^SSWJ~%qq yM8**RNB&v@-#Zul8xP_q1(gQ+5mH^+1YCND16S2isl8?s{{H|I$qA+a literal 0 HcmV?d00001 diff --git a/procedure.png b/procedure.png new file mode 100644 index 0000000000000000000000000000000000000000..48321c1d53c1274badcc45197296301e5129f17d GIT binary patch literal 27442 zcmZsD1yqz@_caUy%qTH{bV~{%At4|wozh(*-6b8;AR!$JNOy;nB8U=F(kV!HgMh$y z$KM;i-})~XO9h^L?{njvefHjWB2<*5v2T&xLP0^nmX&#;ih=?~prD}o!yw>0{%^}; z!C$B@s?y>p6$2C-;6HFj866iC6r9hj~K>V(K1-J8wPjP)a7Wv^Mk7!E$!T$6;T2BJqez^Ds-XKO zcxHH?hM{7-&vE5t!r>n)i?iG!H~r?uX1v>cE@EF?oV2)Y%`0n6l+M&2$MOB}IkKZb z1fW1^P*7o_C=ld7f5NaLFtBPZ1~Wzch2Q`60~(Y-dwdce>(O91!K*z^)F8hMeiw7T z;RT+*AE)7P`uQaKE(s26Aljey{?kH$wDE9`q-Q=YKnS2}5u|O~he;cQ8jU+CJ3p{MF{~)}VMa z#;}fH#NQ)qmJJAam$4Ev@%M|v?zTUW6-!0D{A(^mU%)I=@~WSGwT_~9m)%r)w{-9C zb`BBY{v${HYi|gOY*P%}HyAwE-oC(Kaq7w&VssshRuFfWqA@Dq-=>HE{nWJF!uzF| z3|_nGP1cy-s6iY3(wD~#77iD?n%P=LKOz~HPV2gEopBYEqemG1J;I`wqWq{qa18wI zBaB<7-bdBXU_EqLyCg4D-UPgh+~ox84$kQ7G-YPZQi1MF^hNCmj1*l zq+cuJ@e>VoS#~>GMq0H0tT}SxpTH^ne;?dai|0beYD0JjKCykgV6aVydwh$U;z8`&<8Fko+{;AUJiWW`pXnRT(V`!XQ9Y%$HD1_wB}c}fX@W|-7Nj2wkL#FJ#VEAGMj-<>E9TgD|(u$WtYJrsnivy6yl z#V=D1R~Gk?!uWgP5ioicW@E>rDhX)uGjw;}*A}MS6&&%yTf?L(f%A7U{^u>t?joo; zT1nkgCq-*6TCYxL+6YP|OjntF<-Sp!nwI4ejzI)8Y%wTNUJj z?%P#_m~>cn_cVV0y#}J_P#6hIK&0H?uT>XOVdR%{ zM|Y``@|mnVQN##Qzh~9)%{q2YRzC|Xe-zq!zM5fJLBObx%K1#nUx8Hpfm)%GU0ZCB zsr-k3w}zE08gWJ8HlEvuQN};nrlB^@v!cm{&HOb@> zKTAqcl4^R7iWZfr)_3QxwF$ff*_=+FFX!hp(Dq(#UkjnoIF4}9)}W8j=Ln;esWw7G z3%c7xEGyrx5=>=9J46d9!`f0YSz-Y@4NSNy)4jC3f);<_p$qs!KbZnRWSKWZ zmt%}VXX#mnbRYsmCE)6#gPhj>=Y2*}yt|8Ul z(7Z~|L1>Cxhz|G@J+`yRnIE;39gZs%d5VVif@y=Ps;X0r0@J46G14uNJ+ec87@4qeK-Q>(ZIKeiV~ zf%q~a$RBzb7><1HzS{2)R<2gg(HpYb7?VBCxj*CY9!Bg%=(K^GnM109&ylA&H9DNE zj?G2{d-YDflHzfaty6wSy&t}e<&Vb?bJ~9U+=T3g+lvS>up_rL9NOy1!>>Ih?0QTe z)=)t2lyQ7<+|L3hArqM9YES>H)`Qx?WCKf-q4E5ge>En|c2vVVc)PWVmQ3=qp;ISr zCEkN!F?D1psDicqH*XXe-pAMU*Ry-h zrd1h1HN0N`(r{v@vS9Ol2V+u2YL@k9z-DOgM@5h;sdIHyO+?bsT66kmwP`;gkjuFGsyI$T#WE)M z9Z@?wTlqji%^>F^nQ*c-`-Fn-r44t)jBha^^{YV9TG%9GsX*=A%+&0Jz20I2)7Vsi zIZQO$1}g4F*6?C2^Sy7ZsAaWh$gw-*1XsW8mxyE;MrEy5GIE|5yQWGl^pm|6hY2pT zhkaQ#1n^n6J;}6hqjjaf#1o`dp@tZq30(}P?5DPS;dz94Nsyi@3!GH83BRvGhGNkz z_X$I{O1q3^mL(slbFp$R)5Zk_ z*i9*@$L+uQ*5Ey?J}Qt z)YDc>{b9?#9;U1}aJ3)7o-9**qh^Uo?Zt(e={&M2D|SW3Ij(y>Dotjyt-WKfc)=vR zgIdoF7LzNBq9=DFYQJ{~ff(u7d#?~$aQ69h-g}SSp>i%pyCGX;B-d9ii zGaKxQuni@$)u7h%gT=}^C@k;pL#4k0cNmuo* zCio}!3=R1y&E2YKpzII`a7GKYE~Fp(G$S>cJo(WzkUS5=QKVEzw`31gC%bzSuS^W z{r8R=-}CEF-esHUwr4vfzm$`~0l;LTV&flRGGqy7`+=!yMbDmYC8rpK+r-ht0kCaF;t4PHFd4>-${ghQIM5WoPwb4 zKzY1Rw}~FTyp32VN8L^T@Q#rV`2;$=sB7M~w*SLnQste|k&ETk%AL*9O5ue7G~GR0 zJWQQqePkZ^_bZB0!hL>qQdi{a@KkM_uVtN;X}k3E6e^^tqK$0YKu{%o`!M?clleu3 zA!H`qDOGdDci8lO4!Sa9TXq^|WSQQM+JC+6CEc!qpy~Nf)9nH9b<}g4$~InOy7ag! zP$?XBvHNjaZ;;uP4MUGG&7Vn6aA3XSBbCUmhH7^XP3Ckug59+OYGL9#h8AS+iOu0})iHm5FDJWeW2|r{}0sN3g z3l$Xz{~vU=1YnJTA*v(w-%ZIPu@3dWfyAF)|8J}lC;i?;__GbkMA~5%lFc1qI0`&=+oiqm-co0EwAp$2J+nEL~cVue2-d#Fc~)8 zI?IEfT?}_^h~M#H=j6+$B!?6|_gRh+tFxV|sX@HMgml5{wxw=6gu_T8wWzrNOhkaP zs6iWpd~!QOplB1S1nbk=!-p$szouuo2{3uPy z3YcVcdhW`}EA8?c@~3tQ+(oQgwyW%thcv4h?AP@{wMjLtHkhznemH%lWHb+thPuw> z@tB(54I60djFc5My%@{mT3Ze8J&qJo#at;hPD;0`g~~~f-anHlW21apc<1{d{QhoP zws?tskQwBjY*{X<#3LGdeHB@_w0DuZgV=) zko>cWuaHcE^7Jw~cpVxMR6Y!uXw2D|4;lFp1hd&4a%68aeTNl}1V#U;dMp`1ZDF2F zt|@^6c}r_7cwmUNpu~WWRayCiHD^B*Z(FO!dx;Q(gAVI$vE?IV1(MB#3c+B(MB>X& z1Tv{dUY9$K8OEYqyjUD~FZmU8>CDGDQk4ycO+HTF&(TU$iGNByt3O+&X0fh`%FQ!k z4o{3J(%B8u))TmUM?CvcU|h)zO`0PO$g5>>!J>t5GXv6bEA8ik4i{IeRVD#KPX4{= zN9%-P!<7W=O-=S(&aq`pG`N4(Dw+|z>iW-44=^ehsBNS0^v5&pRAU;_I5^sD)u$xB zp8m?+rxNQ=mDPONhoknz?{SWlm6S-S*I$=i-^C3?#fRAv#Ag)i&Z$AM(8`p|kmqgT zhCqg@gV&$jJZHGo^Qe^|L(|kvk|TW z3;YSix94tz*EC8vXCT^aO!sKKIa#RZ%LrTh{(D-A;@UxlqVRQ&;$rjdWMzeRiI_cy z@u(N64(gGbIt@?MEaYfya4>Ovaj z=iiN(5s_anlxlI}{o+U$Xn137FEZ1swZ1BMsw;Iv|I1GX`+FUlrwmXCGRw}4$c_RC{{0YcAPR_CV7JS zlFW41^G{vd10D75o347v9o+sL5NTWGjhUXSX|x@RuhSlTI&Ty((oNen&MCwcB$P;K zeQOdrP>_3{Y1`W0VZPks4XK`%lTOqPVG&QFu{JL9P2dNkgtu zi8)wQ6T;qh{2hQWRR`{oRr*Hw>WA<)!CCT>&)y9wwbtRwqX1NyfitGVigk!sX9j1U z<(A*-x3tbM+>bZcm&*JriAh?9O~ypSRF2L@{QAPBCacPpfSx>jV56&L*!L&>V(JOV z{>pN{@m0GCD!(>#G)3=_Ehyo+=)5T;K*2byeyV27$AFn*xTxdd^knW%PTT49)@p{s z{EHvHJd%oI#WDtW*`Se#_lLc#4y^}YK(;8rz?wHO-xKCLixaHQG4BsT%p=@fQjEVxwaT3?RzKY0YT!)EEH77jhR(*Fvq9v8?-5)l5;&@)xK)9A$ zQ8g}PLmK22xtbpc=k3N5l=$*yrt(Wa6b84RQ$UlA^sn4@9)yO6q(#Jr7`HOte(m|& zs^m?%JQefNn2gs-yl!#g6FMx5EZ@_T(uxxMenKt%YO|jBpBlHZ5#3J~0QS{58QJfU zBDYJNMKtlu&f^X9elm=hzf*A?nO;AOjfW~xU>(GP42}4(b?Wt(w;v28l&od>8zv0r zA4K!bGmGub%op6GDtMLs-fh{-yl0Z%VP9nY>-Yu{r=D8zDp(>u@n?7YdAHhDnbYG> zl|QwG_XBa?c<(j=oOKF-*zri#wJYG6^NpXtq4Dt6Uq7RoCqPTW(J8{e7J_Iqn1k!! z#n|#fefhblL7s+PfI|r;Fa}wq)T}4uHt{C4i~+S`_4~z8^3y2`>K>cmclWOXy%e$r zDFS6L7|o>!F$h_p%^Rm!wwTQ#k1+?Ng)%J*3$?n{HP2*TL`sp5>sV0s|7iJr*k|Oq zlGGl*SwI2~fwMBo$x+sg{@L_m7j6AEsrA-hFbU(mAE%azS?mpKTFrergqoBrdG1>hRFN5eRoH~z zv^pPZ_-oQ+`i%LM8NuC~IpbOP&h76>K0kDett%0eaM`N-_(2#P0@aWo=qB+LkTw{F z`=m+p1eKnXrTZHUig=ypb_A{3&BiwRZnY!Bl7shuIZ+%0R*1p*$xu+jsFVoM%2PMK#| zbu7pF9p{1=U_V6k+J6SH_zi#pe>(hhGbB!gtTkn!+neaQ4nf$w z%(6}xJkO(<%)0TP!V(pYCk$S^752SI*0Vp~aqzzsxn2^vK1}(T_!jL#KyG2mBCG9k zw*^;Voo4A{GN9} zL-J1>QeFv{SIJrmM^Rg$9R4<(Ezz~=4x-^yEN^A)N>vDVpZB!rH~Jno7eZ`UR7|HV za^+gE43nUdTM)T962TQZR@w8q=hh-D*U|Sjfc6bxJQ7Fu(k@`LC*~gS>DE0`el1#~ zM3<|~nw*}ePdAJa$O7B0>cjyI-kjg%j{klTHM6tF&j_ZHZuGYXG}(+!%aOUa2SR_z zv?Ijfpc+7dJjXBMHkR4Bm5gV12qhB8vieL{A zIos2twrxr175n{OqISqT86#0_SHae*Ln6s_G2{7GPcIzZU6!@|K#0TdPtgx%Q8DFk zA&N{@bM7;59XsIZzg|o|Pw`z7{J~kNz7`+~3!Lncp@r++muMgQ+0n%V5>pJ+G>n)f z{rg3q(e?L{H;$4blK%Y`+Jv)5I;u13`E(`ag-zJ3=&v<-C|=Aud3kq&&~#Al;A`{g zC3=35q-+%2@?Gtz;JkT;ovH6PgRHGIj#dgdNrw(C9GUl+12L(6_Jvquaw25_bb=BL zwUB+d7^~a`!C%YJbEQnD*6-%>2PTtbl?#-_Fr4iWK=A3>CYKi|H~<*(&^Rtd^X;~s z>?T3227+A=6$blh0y>K**^CYLurIVxI z|Fsm$ZrJJ(#nuqMS+-{BW?w27Y_74wTaXEtmsVHii_+E*xSQ*E)Xyifn)*!mVmNl* zbwqLPjY|y16-zIyKALWSNCMZYsdj!e+1T?ni$Q1I;`1l%h=E&wM2QfXdNaQ&ZJ!KQ zU<}?QcrsS_VqMwqFkw1)p{#bmYatL*00ZU4GZ;r}oC+I^a+5Tb=dy*!bh29}; zca51}A<&Vp2mvi4P~dnlK&XNI;QAR)8X17j=3e}GMf&iV=oFPiEE$bqe=;(tJfGBL zAFhzfVUo?0@QrrpG35R`R&DbhR0-_01|rU4n$pQ-$?am3>F;=BLtkGqCdDx8EMkz` zIs!_Y)p@8SR85Ir@)?dVZ}#l=`Wp0*JG+C4j<9UZO`b|d)>OjG>%FTDy@ts8Rb2tM z6BKg7lx-=d7GF2OHLkvMG+DE=C>=w=@AvzcNoOcFwQy_VcPrMr{r=3)Z#}vERWzNd zo5zwDsV>KMOY3mfWzfKFOatIck^OeG7jteC`@tu#^RfuEi6Cx6Vwkd%K8)0$vixR1 z^c{i6kvE3p7lwq6sqG+D<)sW%00aO}Cwid&-gV=9ht8OcSOjX&f!y4CvL>z2d$czr zi|0kxMMNQeeB#bDs6n(x9kOl2kXF;<>Q>~V?llw z61q?Jk{+34A49nrbQ36!?=bOKyXzZ#@bS#V+DtdkPtw!{!a+v|Najl|?>D;oo z(`YLURt;mqh`5g66Q$+A@(w0p!+zZC%LIkwWfY@1yZ%I~1^%|dTIaitmHX7WnYg2v_ zq3mM{bcFOm*WU+UZ8TIBu{vMPLb+8q0Lq^2X-SR?cxS^9^AW^!BY0JYwUJW-DYS$> zn};ck!nxb3@NIz*7I*9l=)Rnb&s9sF#>XPhddD){9TFOP=Z-muRoL|V-y)xZd9};l zNd<(#`@t?7+Rb0AHo%jig6?9h_NFt(_ zaE{iYYpySy75GEeC%C@r5)Ul~Mh(%^tBZTs*kh7k*%a;abGlxq@4n%oJp?b13tu<+1hhiwSgLa7oJ2lPzI3U% zS6WXB=PH;}%2qmH5}KynAl!kjIUMF&DcvUn!IzqnDS31jEu5U484ly zN#>kr&|chB6Mh966~Ci=x+PE>3FNUeXi)-n2|V^cVg9K7SyZ1y0u()UW#d?(Q&9YU zK?alo{xu{e=e4JI;u$aT7}~m|(5$LSjX(e=(%!=MWAOZb-8Mj@}XiVn9kq=xaJ@7F%rqHdqexwM3*RPIkj1 zxhTVRcg#zfnfbSn0J`PJ)h-~NDF|~VNVKgLWN$$M?*xu44W!KQk7c1*&KMX9#vcfI zq5cLiz++gFSm^3_#Fz2Fyai`?gtyph%N-)cNJm)t42so7nu7|^O#2Pf{$U^c%_6S< z(6tN#sT;(Jik5#KEmmv%;de>>djT_&BGcn1+;N35JAihvix_x7YQMO+E{`jV0|hyo z47stGqft6<=f8V`2Ne)qxZ3l-NxY}Vy_$V8M6B=l2^{P~oJVt7#DwzS(jKlYQQvqN zx!653hho{?*YE-U35+KJ0VbjgJwy;}#(yXHXJ1}5ZP)aDIC{JH`ykfew(23z!?!&$ z&k13u5<2w5Xo1NDu&L0T71;M#I$asM&wF4qDnoR~9A}-rZtP%d={t2bemE&dlF-mn z19_5pg=|-lIkqV6kf%_RUNAp7;GJ4mbS-!;1Q3fX!BN&Q*P!-sJ%_8YNnB6!Z3a^YV`ep1zAxRiaMC-h_Z7v5&wG^eK%z`NJ>2+QHPNjQ_tB?e(PLH%@zPXPW5-xk)$6Od_Ow_HU8}`KF_qNq-Cn(4MgUbYo@O2K&TXej$x8 z%>7Yuc?bz$4(o#ck0f2^T9RV)c4zHz!_P^VK_N8x*4k{yxpp;xLOPtZNX99f7)c3} zgI5xP+g5$TK+e`(%yR2TD~VtS#oaq|uQV~{QZ493JW%)#G!YI2ROdQv*8F=Y88Rqd z(O1oTZADXyTm!6E(_n}M;Q+r656*6-O@QcBKjaA#ZF!+*bc1y`q+d!f-~e>!4_oiD z!RnV7G>R2 z?=0|UaeX+~U=g?^425{rb5KVJfPxb1O*>eu+>;@&0tCvBIo&o#_3WFv((~#+`d=Sq`Gc;f zS>bB&qfKWxcKyp#jOFTSQ36gMr&;ZZq!`a5GeR`%9~3BM*Z6Ug7Jv7e91ak}bI;d) ziW67{wQt$s75X?~F&^xjVBtXk1--a9AX<=L&?y0Qq2EH!=#IJb`ZNx+`}i9#wv!?M!*WAkBgvW?VuH=%S% z9+PMoN1XP*sQhePXkAtiMmV+qZzn~`vBCkjeBASRNhb&v`yGpLAk$>)Lu|_H$C-o= z;2Wcl^Os^p4EqxYKK|-rH}pGS0jXck+VB>>g4TRy>UA6W<4Ht^;j5k57SsS)eDcWD zt@+ARxsp%#9#}Qwne-|CC^i+3*DFt99u?K+AMR z5pT6&BkOKw8EwLBBc6v16DA|+1QEr04&xl!Z=YV-v+(_P?02+an0k)CYT8W}3bvzN zA6w&na;l4Yao|F^g&OEb;IaH#`Z!ampL1+G_w9>$eqL{biOTrbdCQk}chB?jhL$<6 zP#vnfh^$`z#sO#0m;?IZ=4x;2Q$i?lUCAc}g^PX%zudvXEI)xMnw{D^LXd>dkyFtb z-vrtw$GjNjIC~iO{1m&+s$+fcYhVPv1mW`*gq|PDg%~Pu5cv&K33AJVFI=kydOF!2 z)}-&|-NlfnnxRc9I&CUqgc1w@;xPtF0IYF5qCBzxGR9?q-vV%FfRbt8(r$LOsloMYENm+(9cgMwjWC zveYi$IL-AREyv|8C&^jm)6&DaGzf;?EFi}cyJA501b<|-gSK~(=*8=UO|SQH!U4<`JMV_pSLBC5|X%e$Qe!_Pw5sT zLxZ93$=GbR42k#x8@v5TLj=I}xU%DS(f~T>5++gv%F-oGQI(gIV_&szOqj=9R(jdM zN`8uA^U1iLKTr`L#4oY?9o%k9kuJ@_33bSAQbM;- zKY4*WZJ8Slu;eaCYqpJZ?pf#GEL3afeb45iUu_(>gqorwF&71Ao!Rs^sn?^5CP1JoWwZ3d4i{EDnRT`td zHonj~=)Mh3lvul6LB+>wFQI@50#>`kyuy<`pEbb~_hsnYh9!Hm*2>}bc0w5#1`rbn zYEdPuE%A8tP=n@=f4A-V?(KKtPE^q9=nQ9K;vW^#=T}HMBnL3B=dbH#kc4-J^Ynd1 z*kFgL!)Qy$=%2MJrIw}L%FAwdn=s(>y*RdOm|88$jbUNXjT8D#XZQVH|97LI4(9~E zBKzRf>C)>euXnT7K}b1X6>|2&|6}F{|7AMrVeLlJx7S-nH`7}oSex%NKC}py7=K95 z@=CK_X*)nopcjBHM(U7~ze!C9-p(&?4agXp#ItL;Kanh+R5cE z3Rryc@$#*}u~&}EW^tkY$E(x)pd=-$WWSZ1R=J5-aS57+YhVl$0x`D$q5Z+9X`Ibx zL*6L<6R$A|r|FZ*=U9zpk4&kH--~#1!HpDISQq4)iOW-))_oNXI%)Q};W}BrX*IPT z&QNoFu8~jGc}i)+{UR_x-~gb#cVGOG6*}MvH8yLGS&3KjDRlNU?pc@q2Do^bPM~%K z_D5lw#^<%bK zyaA8l5329hCCWWm+L@|~R1-7%N|8^JH=_;SfLOp{2*r>LkorIp1Cf`?d%L=ycSa$3 z{m6IE`$xMX%Nz=u@uXuXw*N_~QBnnIi2rS2p~8Xzm9Mr|C7rw>{C5V6G|3=s z4-fR)W~1X`$L$C2MYkI3Mmm7ISfstVWcGQ`{ntV@)&a?NJT{@k)4Dak&;j&! zL<=PnY#G7J_0tnrbm!^ zHzIKh$~_HE5Z`hqEJ{4T+uOUPPCOtti`agxQNvaxOh+URpp^7YSgg3M1k$N0$`u#` z#d_IJBO!Sv-f&Nr>n8w!Ln?^^G3KJZZ`Mcj8;Se1dbZToq`vv^gf&^-jaxTin5z>w z!_hL?M$uunu6A&#?dW-C7ae5W9Y(?C^7!-0ESFbho?%-VHnWnz2ECngx}Gv2{CR9y zyj_iodvcQGW^a`)wkk2-m!&WJ;yQ$IAutST*!wGro!pDh1j@EGJ&eBHjW{}Hk)-j0 z!ETO)jJ#&#CMy2E6NF*)^ZLUUIQ|MHmL$d%?{y|!5?U-IV#=cEH|_@y2<(m}gYCKa z<9g@ElV{)aWP!M8bP!`DNoJODKk;piCNFXEQQp}2w`powy{G^P^8J@!9-X%duQssc z?CKsNS#>tw-II!lFN8*lSOZ|jC)?fE?Y_?Kd}>*IVq5s*Xf_&EbqSTPndHu=0rB;+ zC40q7q;UecP=rn=mjH$~coxlrp#eubN(!k_8}BvOp-R0~&5VSegrGYYxT}S5JX@|p z5LQ3il%H-Un{nLpT{J&({$nzPqtF4yU0eOdE);uF)0(41ET7_(Da418R2r`@v%loB_Dblxq*SCZ1&*Co1 zIbNn+-?}K$3K(Crk5>wR#C!N@r0j*g__Oa@O`%rrYs`;9KKW?T_4*H2fdbtWT>x~n zZ*9SFGAvpw6yL-=H9pVD(}mgF8()xJ22wC#Nu?sL&{T?Ok*jC zdf7dhs8@=A_rIe}r>E7de&NKfJeM&yd(yL*d^{P@n{fQCs{d&>y%b-$(>|yhr@Z&t zN{kFuXLpa3Wx+flPFMhojy9!Z}#CU{(VD`&LP z#do5deTi^?@1n=Nx19Sp>Eoe**x;oWg;YDx_X3-=7K`mfb8xw4L%ZxOAm#O@xAN=W zZ32b&zjGP@En*XM$oJtO8amdn#hzwaICae_ z-DP_7u{`yK>C0Pt4)bFhp+r4xsCKs>+D+H}!ZjF)>CYUR_m|-q zeI=}wt*QqS+YQ}}N<-PfO*XE6prqYw+urk@{6V>ZBK8$Y0Pv zbdYAv?x+Ev+!_pNiDY&Ct2rKaB5&^fAj z|1%Pl|9b2e;XIS>Fq@xBcKskBjE+YehUQ~n$rTMZH@U1$SJCnqTT(ztDX>YJ7d*I) z!@ca})GFIsm*eFD*c1|qBoT16)RAnRv2T&o00M{Ie3v#S-4a}$i`Vnm6o)vOO|L-n zgdNy|3q`IrqIsv8OFq?=FoKgZD01`L|7ybjd9xF~*L*Q9EHRgyoaAVh^V?+ir(TkC zg-=PFgXuOE#V^cf0v=*&{9yq}V5lReHvUmBKt3P#Ou9|{K)=~_Llmo&c_cVMjGyrd zIut9A;U^}RMW&}Y5+GVp_e|o279H@~4$1b>bnA3}qBN<3>TbV3n5Hxd_qu8t^xXv{ zsqgWyG$D&eP=jyLA|uLvM}VceaizAWjUKnBSS_*?48hK@t%;B#f2?8HZtRC$CZgd% z))jy2A@9#kNrjU&H0oagyh(un*DjU;WeHYfJKzTM`wwyk1Bigo;d6c{rlTSGfwjEu zJJ6D+)Wt^;VL#TvMbVT(gtU&j{ZPjoZ39BTV{hXB5~iKy7iMc~fHDV>kibY0IY^Q+x5s3|lguF9SmUWU_QX*{wQwEhxr z_~EOt9G|SJpbKp{zJSm8)*z^$d`V1T_pU4{*Lg-&tlG2jFtAN*EZ{;B!^t(fP&RgB z4#~LUYmX%?_?WOJ7q2)Bw{BK|;QL|GwdKGTfHH$HiSC_HEHG9+2=3$kb_2jQ0vtEm zUlll++ZKPU6w2Mq0Mq`uMPS(Cwmm!&M_QtCCPPpFWP zK@sM9nq*h~`^B_XA<#7rfg86(c7uE1)wh`v&9!$|wG*;#O&;lURLYVWOuN@-5;`qw zzDJzAxpI^#8TPb*BZ$A^$v5IjFf>FuDZEnBgzHzug2?lOS?w!Fclx{*<7UWtMMzC5 z)oi>c?TPtWl4qPf*?!a;ouqs?{=-M}T8?P2CCO_;D#mUze!*#VniVka6VP4HOeM#C zQYvlT#-g2jy^(cYj5}77{hA)B>i~MVuhKROy@RM!ayKy$9jjo=_F_nqqB~{$75#em z=n{Oe?_|LBQR`YZyu?=J>Akc_3fw2$Mc?r}}N*V0)KRJl%rl z%*rCC)v@;y;{#4*#+pN309v@(p=`w2!e!Z5HKZ_27w&B_)lB@e%eu6@;Edyr=ZT)o zgFk^BT!Py)G9*kJ*JldCYPwx?$b;p@vO!h-FllazSnAQ)x5%Pv3QM_f1|_Y98>^)~ z;tf*-28m08>x zm(zj~YzLNfak`wQGuSSintIlDd=z!N=fHYA&>tL(tokt|0b?s?DDfcOrxblCh$V4# zRqq@o!9vz1Jl?(jSxA+DS6q~8%A@Br^qH1w!!ytPnT^;B@{{3Yzd1QIL4iKros^TG zQS6`qYyuRo%-sENcCkLMrFCl_KkrQh{tP8A?h~0x@d_7=$R+)7w{dClkYu!7+>g!;X{qqad z>n%&cTtWj$AIr029N_KJHC+*8KHp<3r4Q zYH%t5)XL1dpJ15)N-h9;j1h{uIv-vZL0Utk)&{Pyxu^6`zHB`b_*y;uGO}ueQ-aPk zpsX=+na5#`AnVs>;DO190FmF%?2FHqPq+BgJsW^ikmW(I`a?|FqrKP-Na=BeO>nlp8zg>a}>B^~OMf2b;68n$gvv+}Y=yr!x+f<;L}PZ@9~v zH%q*TGlX3%>0}cF+rf}0sp51M5v!yn|&q?bMU!xlZosg*OtdzltQ@7)nC z%@r3gAAOZVD4qS-6dCC*WJNFO(!NSj06F`0Pbj&45oH2oMUYjheP}A@>wz3>{jKF@ z%T}8kU=mEm1kdC@Iu9RiA>AmYl^>dao8YK2gj{Immzk}jnbm;y4)K6N562#hD_E4y z81^n03rS9YrnhSr02K$wVn_n#60qC}v`(o-u5w4tq;iwfHEfCXBLK zwXiZa--eRSZAe>%jKag0IKW0&>APctTxj5i+7mgOb;&oQ7y8clwxrYRyw24cC!S2O z&FbAIzf7_GddY(!;Vormc1^BC)wHL8R!fv$0F1FN!06!SEo*(x)f?v{yEB>-;`;BV30 z@wosRg0^6m`HBm;jeGTz_~RrfjsbYpO3ZF9LNq5s2jbyzU4evlS5;h6%j1Qyo)XAlg# z?s`yKNc|$U%v-hf&>JqCm${XuOT-hQ(H(Sp8X~)?y#*^{(THjTaxgF(rxkoe(#G)F z)7>|B4ehnKnmEk?_{1Qy|Hz*4OhNzbLu3l)ewd`y_gP(bs>jsBJ*&TFyAX zQslPr!ALr$nkmI!gcoSFJA%^^%3AqxIZrlW0BAsQnW_ryD*k7YdZ}a_cLpKYh;W8% zQaRuSt1@Ta;Eyv6Fq6Bv{CIQOO&2R;`#Bs>sz%r)j`@cT_zVP~Ee**LsvzS7$s<&u zNC9x$=gvbCd0=Tu4#$*hTLX%Vx_7xdlkpH08?6f`aL`mq(P9KT!z|lA@y^)hlJ0xK zxIsySylGYKbz+TvRT3DI8za#BpfKF?J8MxEI!T;^$gDLV0-u`|;|d^6 z@3*;A=QWpWcdxpT=SPrEYnS|j21?;CB-!QPnE}ccgOIMEVPpgEJz8T+HLIWUoiIzp zK0s6>N3W2qlkUj2cHReo~gw2u&3Ozb z=`DX|86-*zAyXZ~8M-j59T2CuOx5lix;db}aRP=&-){+JNGD7y@-}@Fp}7BN!JWDU z!xbV8y%UOe!dtj&<3OL^XCqvscpWTy56WFowsI?I8ngHgu|QFSnZM${wA0LT2L^ny;dX$;5wcsU~G(^$McA!9&`Zn@#8-yG_*rGRg zl+Oxy*LMc_0JPH;gmFur^P?Pep!p~TT)nP&cw4R-__)?(hXDJ6Pe12Q`=4v~V+2E| zngUdygxsvX3yd%*5C__JNa!ZZ6W6$RgEm+t0}m)DL8fH=b1mnXzFqFmZ5R#&q_w78 zU|aX%_i}>rW=Kiz&x5bjl@D?+Y><}_Oge%uQm~1{!8-v1m_7xa)GOpoJZisRi@Hf< zUqCNAjQign4kGjDbm)vr0=RJ2RQR$c2n!T=QrQFA)x){c8C$3HI%P738hJb5+7Y^( zD|mBCrgpi|7%i09Fwq+z&=(7=egq*j&!@D!;d|jgeT_a-+A8cGZ`C1hdBdW6rT48` z^VdC@MUIbz{&O2j=57_Z-oCX4gt`DY5@7g)483m@X@#nK><5&_mAS_l@GYf+UGAux-A3seTQ>!d@(KqGhX-O|%# zr~!WS)eI-=mS6DK0Y5QaWWESi8!0+#)d+lj#zVkyO!{aFh$423RX}O{c(GYZX+%D; z3i-kZ8;xi;0#*JP?jEgsrEQHaR*}kLEvbT$(-bo=HS$Wh;*Ne`n1%K0 zEMM33HJa1Vzl$KcWDI$hbyN$<;w@5W}nDHuhmJM|JaR`jKP)2k!K>58#yw_ z(8UZsuHYR?tF3I~q-hk=2Rrq>Rl}>Xkt&nrs>nl>_+;bl`}m8VqI;&YAL?FlEH6p1 zAh(nd5?dlagyA?4#laZhfQ+sWV5;u{WaHAp9#b{IMS3}PD-QRb; z^Cxyo8O!-!T`Nd?+#}!!t`$dql7%QUswP)(yf_Xx6_NqxGEG${g2Ui4K}AJtj|S7O zmQ5s~46l;arCnPBHEJiyVge6zUVI@t2FLV@0iw&s%-f4E> z*}NjBTA%gdVWRya-KC&gIu3gxB9Um3L~4p5{0JEn=m~}%$bwJc2~~X*2uf4gi~}q0 z=zaP>7xQ5B9G-{ERwD&gdSjxVpCbu|ZWe&a=e0)c#*lX>teUudbuuu#>^!tvIgP7p zG-ovOGfV=eY=&&tjIj#n3RVu=eDfZ3E^_$D<&mM^A5~Ls16rWW&azmwDtGmr!i5HsuBuQa zleI(KmseITEa2iQG`+=Pb3B{e1(UW9rsX*mU{Tj5A=%Q#iO(RSR04zw?CGpmnTIac>AREEnw>)h*RRcZubv%LVdaR0dW|=^ z>j2I>LrWYLslhsAcwC*VCqsfq)63ks$T)|!p+X4AxVjh=Ck*is$h zN!%GE9uKO7RMy+zVOH>gnv=v1kQm5TW!!Gr#gwc=Qkb}7VxrZW8tYz3@oF`IXZ(;x zrehmnPL+S*)$LgXLxz@l>m=JEh{d4**+^kOHN&M%2i73qVniX3c=+pL^}Tkct{g{6 zm~A*_?sra7o*QCPb=k;Zl%e*-_JnizhurP)>IA6tk?&weP`JD5LfM zQp3KJmDf*$gN9_ij0><#danXAl$7&7&Ocw=at8v;PhRFM*`r*qooQ+8lt~jq7>xv za-RhE4b1V?m%hGX#@wx(6)9YBeY&=O`vGXY9OcYqOU*VN5@Rtt*|=eTL#<{fwjl87 z%10i4;#;LjLTC6jR|*`xi=iHaGRSlwtilx*cF7h#7zFi0M7;cZrF>>OzI<$tmezz* z`U#48V({-s2cPIT_R{LJ|u%dE}^I^8xxhx6~KPAP30s@vBHaPR9l#V1)n zK;o}w=&YvfMa~#62B#z{gCFSj!IA){*Y2y>7w#rDyaB(3yXdN^-0T`{LjmnGc}@8* zLS#^6tQ#pa2^ra4mh%^vF8DJJveqPuw+{BxMmmp+WS)r0n!Q+BOH4$daZ5;TJPfX& z(1K%mLG=6#tV@s5R>TMen?+*@#E!x9?kICkUks=Pq>tF5;Bk znN28aZ=_)OCD1i}+8WW+RIgJ*sByqHCDu|wkm<#eE`$0PaFs&8v>i*>2fLcc zr7*YoR*gV2ojxu-{(I-%kS4`yn%npwJE8r2woTY>E>(hWg*PRkaJGku&#A>nv-e!n z3rc5n>157Tc}_T|80iO)L;_Dqr%;ppMQwDee7M zX|1&=IU~o2S0Z>cPP^Yut~6dYIK!?yB)i1ug0D%grWtify}Mpc9WCR7)j-uwiWgl} zca|H!mn;@s(M)6YywTVzB9T(N=N{puxp*UT!WM28C~C_`Z)#(SwwIKv3gGi7>c@T8 z1tp*@Eq`Go@E(IxYR%s|5O2A_pj~1KRIknu#TW=R&j+u_iY<$mLB1F`JpQe^or3HMp}v+hO#@>DiE4_o<{##cj8C_pj2A8yfC0pk3v$%M0n!miY)d%dKZj>?;M{?`LS*GVH1IOuXyU^JbMxzI8JYd zCm3%(vLmNV&VN9zC2Em-6o)qsM+|vfd*9}^Hg)HzV*rZib6N$ z2gGsKG~9+tnU^$)E{;kju)de~xPIl;RC4v^^Fqm%+c(l>>1i$kw5jT-u9ez*?^nyE zz2|&$b~sTtJF?Qv?!O*brcgE+y6;|;TRQyJRwckl%WoZ!SF8O66@XquxL=i~7HBa< zmER#WK}gA7$X}TETiu`O;$QgB@+)49K4TF zL`w)-O?fwX{^!Y?A+>&0>AP5&RwGe{fg+=UiCPfoIds#Q*i5l-SQ{xbObrzMh+y{1&xxS4FspceI2 zs)~ogk=mZ@^R{R+-fzq{M+xIp+NreSj(0GDtScj#0g4$Gy7+QuQ{qj#X4AW$iuV<< zhF|IFB8*N+PRU%)dU0pMqW*1A+3t{WQ;b88m*tl*%TFdwX!1fv^=yfHgj0UvInqkv zGE)JcNsiS`2YFVO5#C@?Gi zi@i*q#_Wc4vRQ-ZW51WV=ST>b9DxXeIz|nr0E-7z8&mfwZrqqhV}M7A0IW?w-bMKf zb5T=2!-UkE(*+EBfCBS);m#QSnv(1>>jnm?BE!sNKjO&jD$wpJtjTCktc&DXoNf42 zK+)wpcEr$S)ZiScSHUD#mt2c!#7#e0CJXi28x?2GLK8Cfq{qgDGu_kGQWaWE?`Tsq zyex53)_ck3psZvnj}|<;jPD{oWYLKYn_geOD#_7wbL>Z-;(xD;j=eL)_s1`Ry z&wE+(kGaU{4cByL`EGdIMUKn8&dx|bYNpQReC?*cbHOdl%6b!1kiFqeZPK470B&yRe8E@ZY00fsPTgx#9K#2xw)oWSIo!0Vil+IE-3Zwdq{`*&^Fpk z*1Vm}E}xoauQB-WG0V#-d~oNzmVSwod9~U_>U8>Ka7{)n&e#S!O@N482GRRKtkTVc z!#H*(^L0OZ+{~2D=oOoki4Fk=ud;;g=#s3?z`X%iTUlm8eN~?f0oUMr4^WXzYW*IMB0z(y{>qnq5dh@go7#v|H5f4Lh(qlu=)nH@{Hwo{3NEfE|ojzG(J((B( zBp?-~ha1Uk)t4w&(U<(ral(#sr0XGX>ym@yg)vilWi3;XI^Tl~8HsrGxq3r@i=Ia) z%SY~CBj-v4T9!?S?04u^e%UC3A`VJDd(q#T-$gWtpY({Ul)TpNMS04Z?aRCrGDwM=EIfXLw^ z?9asc@c>Mvp6+?B0-fLmLwVa9JA1i!AezZP<`sxL&nIT1AQAnBaHX6F<@v|r6;}y) z8NJR`eq6~HW}m<-?$Tz~dS&xl0&zi?(3KvqKvQ0x{^1k^^1%p0wGfwF+crYcK!+j2 zJG?cP%RMQZyJ!xfrYbXe;~c6$(e`9QWh$UW7+LL?y+}{FIPFF(z)Sp z2;`pr%a2l;JbM}ENY$RE=QCVxOTi@4ky<#{!UJ@tsv*~g6>h(`I7eIYbXw3M3rgOL zm`XCwXmv#tUzgT@c31L?CNt~=0*{cvAjq-%B$N&{??e1}BJiKN7C8tsl!f(1KDXDDiZ!a#lL z0FgG?ey3(HDyR{15pN-VC$cKLW4~d4YE3xG#!nYB5feR zcuHZhiiRIpMH~YR3ywa0fVq1#sq=t*dJ+!saunQxtN1q&8pBP~5Ese#NN=)c>jwk{ zoj)IKjFMr~+a8F`w3rhpYj0&#P+xY=BXs}kY@7*F6z7&makvlNDB$ON>F1PH0sEcR z4_zBOody>+TZLX<6z=>pI1EMu?9Rm_*nZODc5mv5ijf<^Z4vM-lyq!w6?(m2L<7?4 z{9520U?X#j$@i-P!Pjf4{rQyrc`nRxNAX+XW=^Phx0?4|fgN7gP;^=0Ce%zE_oqvqoC)F+TB(NFmF7+(r655lzwZZ)!gT~t0hG^<<9)};>t1x@Y4cc z%w7U7GWdH!4MzbK`3`~(9SAz2X|hit9PQ5z=HdbWjK|Zg@nR34m<4B+Y3V-$kO#qJ z2CnmubMqA}*ty5_SvddvEc8oBDF}c`k3Dkz1lRuW)280A4PV%+!x&8zB79gNB16CW z?-)P}@|We&-`fUd;wSJRu2gnhX8v!WM_?bo@&WMFm_3a9>or#1fvK=o-#^jgAw7uQ z5V*Wtu1kP5rbk||xgW>*3A8`8X>mZOZTJ7j;XjWGg8=hHyhsA?CzE!&t{zjeK+OZy zoWCY*-xwLwbnJNH-IE@M9jnO3Prg@wZ|(HD+!F176y>>0D8_@SWZ*`q3M6shU}~UE zAEsWu1ploCmo@8P74I#rE7|x0AbB@A0+1}M6IpNx7V#1td=8*NX+sl!9R-!gg!Uov z6Exd20BhwwLU)2DaALv=2-E%BD9T>(kVB=?uSqPV3w)KzYqXT78XDrx`sZo>jons+bcFEech*9Zyf(pLvioM%{^|s{Q&2i87MS!abls~ZI0it#6_dH z>!48X0b)>qBzE6_&{krs@_hy<7ZNy>$M-yZ3F=0-X+|R2CfH+u+1zB(f9rUY5BFvj z2xzCr?o)pOJ-sE5jrSt-OwYfpA452@-!a?lvSn)qB!JiBgMAq6hsdBI{qjHG#vLI@ zICTwptJaZws=6k~3=86FYxPbs)oTc1{9}r0b4e77y1COuY*B5|#(64JA(_AI#yQK$ z)c{VQ0lAE`jz?3c$yFXKIfOOYJZI?gX!UrAeY9h5A8k~n)sY{E?UE6)ut-=G=uig% z+PgzkQ;SwQ8KRi`Hljc{{K@;_xnWs2t9^<@u59CRFCR}M<5j{l-(T!@9Cu`-ZhgnM z0K5XIOyWWE(R&=`u6&WR$$T>Kmtk=ZA1?FKs#kbWQ3($X}B;z_Ev%B_t7TVE|o3?j4|>|81OaY}iC& zz5LIIx8@Nn4cK7ZsfV5ixP}fH0~NFX!u1(`p|sA6=0rZOM(SX?j$wgLn)>vgbp%ki zeGsR|*WwjL^o56o9}2>hOCQC^_W#|z2m6A9KouD%^$pTk8;aAgk z;W-z!Upy1v=>Ff#E(O%X?^7T324iC*Zqrd z?trslNlBC3s=GKqo( z3|8CZaTYK2JknxQ9yq-Ie* z+dLWXLK|GAz2+cyR|l9Rm_PS3Z{QCwdi)`Mg1=!UUb+6rluI-dZfcW!O+gpe%A`1c z`RGCoZ$P?65S}dOHXTKcrfIHa34unS=3uDZ1!BtTP){;Z+pF7arPlbQ$<3Qvg^#Rq z78iA_4CqSZ*kF8Dc!K=)%st#g(QW03q^eWcok^KmEsI#k**dc3aqRr2!}loFn3HYS zQ$duvM*biQe0%22-A~>dEN&u653`DV)HWAw`IJ)07Amgxv`^UywJ=gK zuZsowe>&Dl@7qDLJ$dD7^H1(a@ps?vA^pae%L%x%mZUg4ai2&0f9wTUxnenHW`a-N z&5C-U4kR!00$8DO_y96%c$6K@16S`LLfRr!1Dj(i@-V z_SiLb4OsL%XX_Q#=al8PR#~sw*li#}U&UA|CFco9z@=PCy(ftLJM;INl0uvY(?s#>|9-5GU?g`rZNApBg-R^G|+yW6e$ zKZPYP^tQGm(JPmoj)-x@SUnt74Sq2;i>xesYaivXDp>igA`-}R@!+`|&2PF6l+|A0 z)Gn-JV_*S6=p?Lfi@SCr>GP$5>&)()Xzi;}N(;s3PBti?sS052Z`lr;Q!!pw2)>QD z*RW1P$w9QFCygj?5`H(ok6z}%yD8DMhzrpxwwTtRqX-5^WIE!8R~X6gkE1MmeW5}1 zjhFKH&nSS6+)mbD5>b$#q5iYg%W~2Iwej6WtYtNYVql{3C*kxA^*M&3g}sTyyx>)p zuT%>pRWP>Tek~TWXBMzp4%{agKP2q9)$%KQ@6-W;E>Hw(sQq zkLWewR`sgK%>CQ7Q*OQ}Hql^?WbYWm1)OJ59Aa7&sh@=`c~m}iWi z*jZIO2|1Sp<$6qh$z-0okWPj3qyj_2(@FPFwDXqH`Q-GxQ^h?V6z*DNPEd@$S5JnP zLha)X%|9wXtTu6&{B#ccb7|`2aivH^I@xHhTUGmyzE8AhIUWN0@{C=Ep}MnksJ(3d zqh?j2R!<31ud0>Yw}vZsZr>WndKiQcZ69MS^%@P&c zn6{i53TB2;6!D`Vahj3Hb4pU_NKDqvqKw!a=mb+RhTLk2jzBemvEB}zM1_Ww^uV?C z;C$;9Imk{a0G1U6We%}#aum~bg=yGPH1n+3rOL;NTX#JoA)^^^!1k)acG@`)UZ4JQ&5q z?xF!Y8K5g>bmzzK8{C9g12=u}LPsm}dt4Ktg=ZKvCk~*HskX!2?&79#OqC zbAH0Z->HcLuO2vSo_hM95_=tF^r<}z34c!bgTYXN!3;C-B|?Av&L9!EYv6unrL=es zXOCw!F!ulVH}m16d?kWv{eRL^sN4Wv))~ozCDSi$50A+il$sr262uQyt{zP3B1*zZdzQ0@wnsYqwQOSS*eXBPpZr! zOJMSzz-jx>YJu(sNe138;_13K*YLsx*%qY5R1&FXkrYe%>q-2+UkgoS2XFznXlVlM zs9wgie30i0m}S&qwxkeAp9kukst!Xx&?>`GB?2g<>_KmGitWtlKXnGY|8M! zf&-Z}$A8Nkx)3muD@-w7FXEj&zv0=mTSrpm`*rBfXr7$}Pq{EUzOU>~K0%ZvI_2E# zT&s)z*x?5VGa{wqy+C%##uX0a;0|5dtnzuqTcrYh?+X`BGUy zSD8gK(`bQ7(ckH%nHK@+Wv>Sd?C9o#chdqtR?6F_*LtmWUII0Dzu09he{aztpr>Fw z-X}X4_a)|c8T@;qtM`1xq`OpGaJf66<8c8+e0=pr<%H+*rkmkhY~!;g_XHQ=h1vY2 zxzC>SoeTE?1{>d3JF0dEUk=Kufz literal 0 HcmV?d00001 diff --git a/vulnerability_response.en.md b/vulnerability_response.en.md new file mode 100644 index 0000000..27f9c20 --- /dev/null +++ b/vulnerability_response.en.md @@ -0,0 +1,129 @@ +### 1. Vulnerability Response + +The openGauss community attaches great importance to the community version security. The SIG Security of openGauss community is responsible for receiving, investigating, and disclosing security vulnerabilities related to the community. Researchers and industry organizations working on vulnerability prevention are encouraged to report the potential security vulnerabilities in the openGauss community to the SIG Security. The reported security issues or vulnerabilities will be quickly analyzed and resolved by the SIG Security. + +### 2. Supported Version + +The vulnerability response process supports the LTS distribution of the openGauss community and its branch versions. + +### 3. Vulnerability Handling Process + +Each security vulnerability is tracked and handled by a designated coordinator. This coordinator is a member of the SIG Security of openGauss community, who is responsible for tracking, resolving, and disclosing the vulnerability. The following figure shows the end-to-end vulnerability handling process. + + + +The details of vulnerability reporting, vulnerability assessment, and vulnerability disclosure are described as follows. + +#### 3.1 Vulnerability Reporting + +We hope that you can report the potential vulnerability of an openGauss product to the openGauss community and work with us to resolve and disclose the vulnerability. + + +##### 3.1.1 Reporting Channel + +You can send the potential security vulnerabilities of an openGauss product to the e-mail of the openGauss security team (). Given that the vulnerability information is sensitive, you are advised to use the public OpenGPG key of the security team to encrypt the e-mail. +The information of the SIG Security members is as follows: + ++ Jinwei Zhu[@zhujinwei], ++ Liang Guo[@blueloveki], ++ Jianfeng Li[@bufee], ++ Yaozhong Zhang[@buter], + +##### 3.1.2 Reporting Content + +To quickly identify and verify suspected vulnerabilities, the reporting e-mail should include but is not limited to the following content: + ++ Basic information: including the modules affected by the vulnerability, triggering conditions of the vulnerability, and impact on the system after the vulnerability is exploited. + ++ Technical details: including system configuration, fault locating method, description of exploit, POC, and method and procedure of fault reproduction. + ++ Suggestions on resolving the vulnerability. + ++ Organization and contact information of the vulnerability reporter. + ++ Reporter's possible plan for vulnerability disclosure. + +##### 3.1.3 E-mail Response + +We will respond to the reporting of suspected security vulnerabilities through e-mail within 5 days and keep the reporter informed of the vulnerability handling progress. + +#### 3.2 Vulnerability Severity Assessment + +The Common Vulnerability Scoring System (CVSS) is widely used in the industry to assess vulnerability severity. Currently openGauss is using CVSS v3 to assess vulnerabilities, and such assessment focuses on the impact caused by the vulnerability in a preset attack scenario. The vulnerability severity assessment covers factors such as the exploit difficulty and the impact of vulnerability exploit on the confidentiality, integrity, and availability of the product. A score will be given after these factors are assessed. + +##### 3.2.1 Assessment Criteria + +The CVSS v3 adopted by the openGauss community assesses the impact of a vulnerability based on the following variables: + ++ Attack vector (AV): indicating the remoteness of an attack and how to exploit this vulnerability. + ++ Attack complexity (AC): describing the difficulty in executing an attack and the conditions for a successful attack. + ++ User interaction (UI): determining whether the attack requires users' participation. + ++ Permission required (PR): recording the level of user authorization required for a successful attack. + ++ Scope (S): determining whether an attack can affect components of different permission levels. + ++ Confidentiality (C): measuring the impact of unauthorized information disclosure. + ++ Integrity (I): measuring the impact of information tampering. + ++ Availability (A): measuring the impact on data access or services for users affected by the vulnerability. + +##### 3.2.2 Assessment Principles + ++ The severity of a vulnerability is assessed, not the risk of the vulnerability. + ++ The assessment must be based on an attack scenario where the system confidentiality, integrity, and availability are affected by a successful attack. + ++ When a security vulnerability has multiple attack scenarios, the attack scenario with the highest CVSS score (that is, with the greatest impact) shall prevail in the assessment. + ++ When a library that is embedded or invoked has vulnerabilities, the assessment on its vulnerability severity should be based on an attack scenario, which is determined by the usage of the library in the product. + ++ When a security defect does not trigger or affect the confidentiality/integrity/availability (CIA), the CVSS score is 0. + +##### 3.2.3 Assessment Procedure + +Perform this procedure to assess a vulnerability: + ++ Set a possible attack scenario and score based on this attack scenario. + ++ Identify vulnerable components and affected components. + ++ Select the value of the basic assessment indicator, and perform the vulnerability impact assessment based on the exploitable indicators (attack vector, attack complexity, permission required, user interaction, and scope) and affected indicators (confidentiality, integrity, and availability). + +##### 3.2.4 Severity Rating + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Severity RatingScore
Critical9.0 - 10.0
High7.0 - 8.9
Medium4.0 - 6.9
Low0.1 - 3.9
None0.0
+ +#### 3.3 Vulnerability Disclosure + +For the security of openGauss users, the openGauss community will not discuss, confirm, or disclose the security issues of an openGauss product, and will strictly restrict the transmission of vulnerability information within vulnerability handling personnel, until the vulnerability is investigated and resolved and the security announcement is issued. In this process, the vulnerability reporter is also required to keep the vulnerability confidential. After the security vulnerability is resolved, the openGauss community will release a security announcement, with information including the technical details, CVE identifier, CVSS security score, and severity level of the vulnerability, as well as the affected and fixed versions. You can subscribe to security announcements of the openGauss community on the [securityannounce](https://mailweb.opengauss.org/postorius/lists/securityannounce.opengauss.org/). diff --git a/vulnerability_response.md b/vulnerability_response.md new file mode 100644 index 0000000..1f609d7 --- /dev/null +++ b/vulnerability_response.md @@ -0,0 +1,128 @@ +### 1. 漏洞响应 + +openGauss社区非常重视社区版本的安全性,openGauss社区安全小组(SIG Security)负责接收、调查和披露openGauss社区相关的安全漏洞。我们鼓励漏洞研究人员和行业组织主动将openGauss社区的疑似安全漏洞报告给openGauss社区安全小组。我们会快速的响应、分析和解决上报的安全问题或安全漏洞。 + +### 2. 支持版本 + +漏洞响应流程主要支持openGauss社区的LTS发行版和其分支版本。 + +### 3. 漏洞处理流程 + +每一个安全漏洞都会有一个指定的人员进行跟踪和处理,协调员是openGauss安全小组的成员,他将负责跟踪和推动漏洞的修复和披露。漏洞端到端的处理流程如下图。 + + + +在这里我们主要介绍流程中漏洞上报、漏洞评估和漏洞披露这三部分内容。 + +#### 3.1 漏洞上报 + +如果您认为openGauss产品存在一个疑似安全漏洞,我们希望您将漏洞上报给openGauss社区,并与我们配合以负责任的方式修复和披露该问题。 + +##### 3.1.1 漏洞上报方式 + +您可以通过email将openGauss产品的潜在安全漏洞发送到openGauss安全小组邮箱()。因为漏洞信息比较敏感,为确保机密性,我们建议您对通过电子邮件给我们的任何敏感信息进行加密。我们能够收到使用OpenPGP加密的电子邮件。安全小组成员信息和密钥信息如下: + ++ 朱金伟[@zhujinwei], ++ 郭亮[@blueloveki], ++ 李建峰[@bufee], ++ 张耀中[@buter], + +##### 3.1.2 漏洞上报内容 + +为了便于快速的确认和验证疑似漏洞,请在漏洞上报邮件中包含但不限于以下内容: + +- 基本信息:包括漏洞影响的模块、漏洞的触发条件和成功利用后对系统的影响等。 + +- 技术细节:包括系统配置、定位方法、Exploit的描述、POC、问题重现方法和步骤等。 + +- 修复方案建议。 + +- 上报者的组织和联系方式。 + +- 上报者可能的漏洞披露计划。 + +##### 3.1.3 邮件响应时间 + +我们将在5天内响应通过邮箱上报的疑似安全漏洞,并向上报者反馈漏洞处理的进展。 + +#### 3.2 漏洞严重性评估 + +业界普遍使用CVSS标准评估漏洞的严重性,openGauss在使用CVSSv3进行漏洞评估时,需要设定漏洞攻击场景,基于在该攻击场景下的实际影响进行评估。漏洞严重等级评估是指针对漏洞利用难易程度,以及利用后对机密性、完整性、可用性的影响进行评估,并生成一个评分值。 + +##### 3.2.1 评估标准 + +openGauss社区采用CVSS v3对漏洞进行评估,CVSS V3由通过对以下向量来评估一个漏洞的影响: + +- 攻击向量(AV)-表示攻击的“远程性”以及如何利用此漏洞。 + +- 攻击复杂性(AC)-讲述攻击执行的难度以及成功进行攻击需要哪些因素。 + +- 用户交互(UI)-确定攻击是否需要用户参与。 + +- 所需的权限(PR)-记录成功进行攻击所需的用户身份验证级别。 + +- 范围(S)-确定攻击者是否可以影响具有不同权限级别的组件。 + +- 机密性(C)-衡量信息泄露给非授权方后导致的影响程度。 + +- 完整性(I)-衡量信息被篡改后导致的影响程度。 + +- 可用性(A)-衡量用户在需要访问数据或服务时受影响的程度。 + +##### 3.2.2 评估原则 + +- 评估漏洞的严重等级,不是评估风险。 + +- 评估时必须基于攻击场景,且保证在该场景下,攻击者成功攻击后能对系统造成机密性、完整性、可用性影响。 + +- 当安全漏洞有多个攻击场景时,应以造成最大的影响,即CVSS评分最高的攻击场景为依据。 + +- 被嵌入调用的库存在漏洞,要根据该库在产品中的使用方式,确定漏洞的攻击场景后进行评估。 + +- 安全缺陷不能被触发或不影响CIA(机密性/完整性/可用性),CVSS评分为0分。 + +##### 3.2.3 评估步骤 + +对漏洞进行评估时,可根据下述步骤进行操作: + +- 设定可能的攻击场景,基于攻击场景评分。 + +- 确定漏洞组件(Vulnerable Component)和受影响组件(Impact Component)。 + +- 选择基础评估指标的值:通过对可利用指标(攻击向量/攻击复杂度/所需权限/用户交互/范围)和受影响指标(机密性/完整性/可用性)给出漏洞影响评估。 + + +##### 3.2.4 严重等级划分 + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
严重等级(Severity Rating)CVSS评分(Score)
致命(Critical)9.0 - 10.0
高(High)7.0 - 8.9
中(Medium)4.0 - 6.9
低(Low)0.1 - 3.9
无(None)0.0
+ +#### 3.3 漏洞披露 + +为了保护openGauss用户的安全,在进行调查、修复和发布安全公告之前,openGauss社区会严格控制漏洞信息的范围,将之限制在仅处理漏洞的相关人员之间传递,不会公开披露、讨论或确认openGauss产品的安全问题,同时也要求漏洞上报者对此漏洞进行保密,直到对外公开披露。安全漏洞修复后openGauss社区会发布安全公告,安全公告内容包括该漏洞的技术细节、CVE编号、CVSS安全评分、严重性等级以及受到该漏洞影响的版本和修复版本等信息。安全公告提供邮件订阅功能,您可以通过“[securityannounce](https://mailweb.opengauss.org/postorius/lists/securityannounce.opengauss.org/)"链接订阅openGauss社区的安全公告。 -- Gitee From 0183dae364715fcf86316315dabe08eff64cfc98 Mon Sep 17 00:00:00 2001 From: xiangxinyong Date: Mon, 29 Jun 2020 10:11:21 +0800 Subject: [PATCH 2/2] fix format of member --- README.en.md | 8 ++++---- README.md | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/README.en.md b/README.en.md index 1870be4..e48c8a4 100644 --- a/README.en.md +++ b/README.en.md @@ -8,7 +8,7 @@ security repository is used by SIG Security team to store documents related to s #### SIG Security Member -Jinwei Zhu[[@zhu_jinwei](https://gitee.com/zhu_jinwei)] -Liang Guo[[@blueloveki](https://gitee.com/blueloveki)] -Jianfeng Li[[@bufee](https://gitee.com/bufee)] -Yaozhong Zhang[[@buter](https://gitee.com/buter)] ++ Jinwei Zhu[[@zhu_jinwei](https://gitee.com/zhu_jinwei)] ++ Liang Guo[[@blueloveki](https://gitee.com/blueloveki)] ++ Jianfeng Li[[@bufee](https://gitee.com/bufee)] ++ Yaozhong Zhang[[@buter](https://gitee.com/buter)] diff --git a/README.md b/README.md index 2097a91..b97c865 100644 --- a/README.md +++ b/README.md @@ -8,8 +8,8 @@ security仓库用于SIG Security小组存放安全流程、安全指导等相关 #### SIG Security成员 -朱金伟[[@zhu_jinwei](https://gitee.com/zhu_jinwei)] -郭亮[[@blueloveki](https://gitee.com/blueloveki)] -李建峰[[@bufee](https://gitee.com/bufee)] -张耀中[[@buter](https://gitee.com/buter)] ++ 朱金伟[[@zhu_jinwei](https://gitee.com/zhu_jinwei)] ++ 郭亮[[@blueloveki](https://gitee.com/blueloveki)] ++ 李建峰[[@bufee](https://gitee.com/bufee)] ++ 张耀中[[@buter](https://gitee.com/buter)] -- Gitee