From 7a6a8d10627d05f9c04aa53f49b07978908d15f9 Mon Sep 17 00:00:00 2001
From: Zhangqichen131 <qczhang@buaa.edu.cn>
Date: Thu, 6 Apr 2023 10:21:27 +0000
Subject: [PATCH 01/12] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=20CVE-2022-22978?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Zhangqichen131 <qczhang@buaa.edu.cn>
---
 other_list.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/other_list.yaml b/other_list.yaml
index fc7663c8..226fdef9 100644
--- a/other_list.yaml
+++ b/other_list.yaml
@@ -29,6 +29,8 @@ cve:
     - CVE-2021-1056
   java-spring-cloud-gateway:
     - CVE-2022-22947
+  java-spring-security:
+    - CVE-2022-22978
   apache-commons-text:
     - CVE-2022-42889
   unzip:
-- 
Gitee


From 0209b4d369c80054d372d8a973b76022dd953f2a Mon Sep 17 00:00:00 2001
From: Zhangqichen131 <qczhang@buaa.edu.cn>
Date: Thu, 6 Apr 2023 10:21:53 +0000
Subject: [PATCH 02/12] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=20CVE-2022-22978?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Zhangqichen131 <qczhang@buaa.edu.cn>
---
 .../.mvn/wrapper/maven-wrapper.properties     |   2 +
 .../2022/CVE-2022-22978/Dockerfile            |   5 +
 .../2022/CVE-2022-22978/README.md             |  12 +
 .../2022/CVE-2022-22978/img.png               | Bin 0 -> 41580 bytes
 .../2022/CVE-2022-22978/img_1.png             | Bin 0 -> 40601 bytes
 .../2022/CVE-2022-22978/mvnw                  | 316 ++++++++++++++++++
 .../2022/CVE-2022-22978/mvnw.cmd              | 188 +++++++++++
 .../2022/CVE-2022-22978/pom.xml               |  68 ++++
 .../saferoad/config/SpringSecurityConfig.java |  16 +
 .../java/cc/saferoad/controller/Demo.java     |  21 ++
 .../cve202222978/Cve202222978Application.java |  13 +
 .../cve202222978/ServletInitializer.java      |  15 +
 .../src/main/resources/application.properties |   1 +
 .../src/main/resources/templates/index.html   |  14 +
 .../src/main/resources/templates/manage.html  |  10 +
 .../Cve202222978ApplicationTests.java         |  13 +
 .../RegexRequestMatcherTests.java             |  17 +
 .../2022/yaml/CVE-2022-22978.yaml             |  22 ++
 18 files changed, 733 insertions(+)
 create mode 100644 cve/java-spring-security/2022/CVE-2022-22978/.mvn/wrapper/maven-wrapper.properties
 create mode 100644 cve/java-spring-security/2022/CVE-2022-22978/Dockerfile
 create mode 100644 cve/java-spring-security/2022/CVE-2022-22978/README.md
 create mode 100644 cve/java-spring-security/2022/CVE-2022-22978/img.png
 create mode 100644 cve/java-spring-security/2022/CVE-2022-22978/img_1.png
 create mode 100644 cve/java-spring-security/2022/CVE-2022-22978/mvnw
 create mode 100644 cve/java-spring-security/2022/CVE-2022-22978/mvnw.cmd
 create mode 100644 cve/java-spring-security/2022/CVE-2022-22978/pom.xml
 create mode 100644 cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/config/SpringSecurityConfig.java
 create mode 100644 cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/controller/Demo.java
 create mode 100644 cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/cve202222978/Cve202222978Application.java
 create mode 100644 cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/cve202222978/ServletInitializer.java
 create mode 100644 cve/java-spring-security/2022/CVE-2022-22978/src/main/resources/application.properties
 create mode 100644 cve/java-spring-security/2022/CVE-2022-22978/src/main/resources/templates/index.html
 create mode 100644 cve/java-spring-security/2022/CVE-2022-22978/src/main/resources/templates/manage.html
 create mode 100644 cve/java-spring-security/2022/CVE-2022-22978/src/test/java/cc/saferoad/cve202222978/Cve202222978ApplicationTests.java
 create mode 100644 cve/java-spring-security/2022/CVE-2022-22978/src/test/java/cc/saferoad/cve202222978/RegexRequestMatcherTests.java
 create mode 100644 cve/java-spring-security/2022/yaml/CVE-2022-22978.yaml

diff --git a/cve/java-spring-security/2022/CVE-2022-22978/.mvn/wrapper/maven-wrapper.properties b/cve/java-spring-security/2022/CVE-2022-22978/.mvn/wrapper/maven-wrapper.properties
new file mode 100644
index 00000000..b7cb93e7
--- /dev/null
+++ b/cve/java-spring-security/2022/CVE-2022-22978/.mvn/wrapper/maven-wrapper.properties
@@ -0,0 +1,2 @@
+distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.8.4/apache-maven-3.8.4-bin.zip
+wrapperUrl=https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar
diff --git a/cve/java-spring-security/2022/CVE-2022-22978/Dockerfile b/cve/java-spring-security/2022/CVE-2022-22978/Dockerfile
new file mode 100644
index 00000000..f7771d2f
--- /dev/null
+++ b/cve/java-spring-security/2022/CVE-2022-22978/Dockerfile
@@ -0,0 +1,5 @@
+FROM openjdk:8-jdk-alpine
+MAINTAINER S0cke3t
+EXPOSE 8080
+ADD target/CVE-2022-22978-0.0.1-SNAPSHOT.jar demo.jar
+ENTRYPOINT exec java -jar /demo.jar
\ No newline at end of file
diff --git a/cve/java-spring-security/2022/CVE-2022-22978/README.md b/cve/java-spring-security/2022/CVE-2022-22978/README.md
new file mode 100644
index 00000000..d73d4d3c
--- /dev/null
+++ b/cve/java-spring-security/2022/CVE-2022-22978/README.md
@@ -0,0 +1,12 @@
+### CVE-2022-22978 Spring-Security bypass Demo  
+>在Spring Security中使用RegexRequestMatcher且规则中包含带点号的正则表达式时，攻击者可以通过构造恶意数据包绕过身份认证  
+### 影响范围  
+>Spring Security 5.5.x < 5.5.7  
+Spring Security 5.6.x < 5.6.4
+### 复现
+![img.png](img.png)
+![img_1.png](img_1.png)
+### Paylaod
+>http://localhost:8080/admin/index%0a
+### Docker
+> docker pull s0cke3t/cve-2022-22978:latest
\ No newline at end of file
diff --git a/cve/java-spring-security/2022/CVE-2022-22978/img.png b/cve/java-spring-security/2022/CVE-2022-22978/img.png
new file mode 100644
index 0000000000000000000000000000000000000000..3cd0812251ae3e69ff81e7180dd78659ba1ff3ec
GIT binary patch
literal 41580
zcmWh!cRbYpAAjG#Sve!L?A6y!85ws*p%g76az;`iBq45CAu=n9oJ!N)WZaRN*|Ir%
z@9pN#@1M`(_2=jD9?#eF^?W|xF;<sNdAW{q0RVW-%}lNW06i!{34;CL%c{yo06+ld
zCWhAo9hYkDDr8&y#cc89+obz3;G99JCoe9U%4hZp@ttO<eC<8raq#xT;DM{xWDtpt
z$`zh}JO}dXrA)#==zl`@$vjut4dXJ@Z$Qq7Adm{+3?)dc>roDu(++b7S>)<IRkaIc
zyI&|?_cBTS_Kc3aC5|E{^{{1Y;p@yqLwje{>y*x8DN*UyL>xUG^#clnwwFR@{%NS5
zMj2q$#$Re2QGKh^lcBAwZ9bh+uDrmfDc>bFrR;Nj+uMM096wn#Gqu=#2K9sy)T~&5
z8mif%YIL^4Utn;XRWmRDbZer{GAtU}-7`NHS-NKgT}CtFYu8K1I^9KEEKx+Cu>4uk
z6Wy?F>+;86|Exd4n$F+6+_NL<mGI|`GfR7L+o7K$KI5SqRml{CBHLqdNd}ADaj-)i
zUzw3Jz>BZPz-R5oH~gi+Lzx1{v#{)CsDK6Z=8{M8%MHVZ*y{#=^=J#@GxIilXDImX
zrWuZc6E0bCXLIl~Wj}aI8Eb#XXJ~WR#(XyQw;1ZrKTkpwKCA>6h`nQca1C957$@Di
ziwlYC3d&f-?+x-lJw9u-dFyOnz+LgZm9HP-R^OiOr4!Z|eeoMRQ3Y*vEq^}8Cp2jk
z5M?qXtSEg6GGiq!w2nnn`@o&&uAP3~VzbK{a8Lcr53c$F3-HPPz69>Mn*`YPoxu3`
zUA=9~z)9`Nv3bGHcYdh*@frA!Iy&n&H-9e8&peOx>-^fp-Fd8CurpmTrStW4+sxKR
z(@e)t6Tc_^$-Z~IzUkB&{Hv)tPh0%+wQE5?+Y&3z=>EOutKFA=uj`NI#PR0eL80#-
ze1v0A`Rlhp-~Jsw^y{vY|HwM3j~pnUY}2oFcs=v04Wg>d%mrt@>xOq6Uc>(CCis%~
znGLoMwnPf_&ezop7s(T>r8h66yYf^|^*reFmvavFeUs1V_^s!4<<s{Y3#1ydzqeAS
z`lv&uB~3xYTI7w^d_Q@S{9oChphD$By_P^%|F1z<w<4W$vl=xQ0-sa+%dOdQHF`tz
zz#Bgce($m-U*3Z(@b<0{zS~&eIfA;$_KCZuM(-c}?!7nb8ygmzzq!<!w!@Bi5xp)e
zT{<J5`dP5hTf0vCr0pB$;~&+@>PPXON#(<uIc}ww{!{rcJH*2G1(RlqFcpz|;~Fu^
z{U?O(x_RxoJetuK8Qa;`v>7M3)gc;{!ky9?6Qm<1{wM!Pi|kmMsqp7FKOS`$Z_d7v
z=5|j%q2clQsMC}EvO6y8FYmZ8r)L_5FFs3Q>*{{%GoAWIqf|c+z28|i2^SD3kr!1U
ze!}%%uq*fOIN>pxy`!Na|EA=R{F}{`mUO>}gNm(0-YzkVS6jnB!}p0;OQR0F;Eyli
zT8U}8&20Q9M&JBd%T6)(y@$C!dQ&m!Iz~O~e_BKfE?ph@du8DBCYYOSY43OK%t^Vc
zo9Xk+VA5kN$novjUo}R=NjGW@>W#rD{q92c#K)PBZ7C6gaVdfd+*SsLLz9B?qVjVz
zoy#<Ns{(D@`p236#`eylHk&seO7$PEznp1`Rn<6j$!vcu(xF+?d84H>wiFw>fFW0M
zF0m?g9wn8FIF9FypOeZ9hkLd_T9RDbnD5%I@#yZ<o7Y1)@-Ma|;^uG4VZ07m)(jqh
zebu6_j&t;Sja;E`#D_oAb^ngUcV_(elk-o3#$~W&2QN^+eEIGD%U7`taSeSZ9p!%G
z-Bvs|2kAjlEbh+qSP`}hd*1nuW5wfJ|3x3m<~zla#C`IyA@!1+NvO{!VpDih-SX$}
zV%v5^r>u~C)VW4QZBiy1fxmA2Ef+vC=9w1IR!qLlko7r-49v^!eyQEgLf#F_#>;Tu
zC!EBnMvkOGyC+{h#61z_G&!ZP`S_OEAe?;XZVEQWuhx#eRosZsM5r$BCpAhX{Mgfw
zd1V35aD=UMw}sOU>F1d-bE)T!2X5e9Ww{Aja~h|tv&C-nJ=8KJn^<P=HJ?gCojA58
zv)qK{)jm`qxDG4$waZ&$1n1=+J7;u!kqxxc4=?Zq@+U4t7aB4hK}|6nqLvOvUxJ&c
zli}Vnc@e9U6J$8LSzUnkQ3C05XB`a%*}R5MCbyyi6#hfIFxp4^YazC3hVx*tl)xd?
z4DZKF_%RP&pWX0^P2v6kl9TGBW<%cLEN1zgZfu2S_2GcgfQuzGru}c`3hl7<WvutT
zmG8Sbowox1?5q@M26G0l)RqmDh|{?4Q?TAaHM(C9p&4&?akAm@0rJ~J=iCUpM=<_w
z7#o+qT2VzW-PQdIB`H7qSH8~*H+NN&8fcoM)SCm;)!_oyAl9pyLq|E5vbzH~u;oMZ
zgMuqnFW1Uu${7`!6<5=NTfH)kwBW-%nRA_Q_&ZB;bhLO?^BXB||0i=OT~)BIm=!-$
za5s3fE>3l|w)P7xd18j~g(SVYdhWz?iac5SFZLd#Yetn5Ge}BVXf}=y=72B)bcXBq
zE_$wxwxI`h+~T&@3q9zkwjp&7cUOw`Hki7Hbp;RV{29gFrQ3Vd|9%HOK2tI5=iXdf
zEn0E4N-*Fe%`4#AYlF?@(lc2rn)j<2O#RN~-I1os$<gXJZ+DmPJ=QP$JYZfq89LJ0
zMOziH(ytgHrB(zCCm38UXCRJWi#NuK4ch~Maz4lIjrtaLu^L6^KI7l4%N!1h`EB_g
zv$g#z?KJIPUBk1aDDTgkFun(Znk%8z6%n^~S5vx8`u$a(Pj=twA6npB!mTZgcSR8x
zH6x5M+<85WNpQ_^SCM6TJs-Xin>l;}uB&=pV{~NL7t_4_C3wtnA*yaS`@8O49v|KK
z^`6=q#?cefq12G))Y0>lzP^>(sPX`<ir;(oUzz0`@UKLu7kmDn9sBtT>L5clgmSrO
zuV9o!s@kq&l#cYp*slz=@BL&H*GA$f1;70%4_BEpilvMVY#8Z1g_0VYzB=-O7W}2A
zAd>Xn)rs~oLjRdVfW}*mzKh2as-oiYTH~43qL}X@457OpzN=D7KJVuQ?>s*jq#rD*
zcc{;zg}igIl%cwn3uh+()a})pIofR2GlaBdy!k=Bd%jRTeK7RKAm#|<&-KiE)|#K(
zQ2)4J-NV0bE;#g+;`GgK(ULnCtNp|FsD;L>!-`y^Ew&3KMw6+BFB%X2u1Y;$?B=QP
zNZbqh!XvRL_K_Y81AFWJE6cx*&v>Y+a~qST>Ex^SBkl8J_FJrBr&nry9Xt0frhQyB
zEHCLiZD;&eA`<mS#3E&axWG@{?38hScAa|N``v2^k8o!iw*Fi(Lgi|$S5<!0lZK-X
zFRo^iMLmls_A=awJs3}woz!Njw^6j8qV>@5kt~RaKaUTtu(eSAcexpn*S5z?>l6D$
z=!+xmM_`^dH`B5gH7%|Y=j$(k1;me!cOF+NiT+iOQa<6{<?Oh4<ZSPb$lTu3zb*eD
zn~#>k?mJ}yc5#u`{p(B@pN*)W^x!FL4b4|vN^ww4Yxv)Qq-K>vHuil|eb2CG9Wmv@
zPdBN4UNCKOi9W@?%mPZjyRNODEk*8bhtG3^6vKs72cm7=P1|9llD8B7d3o*d46<c<
z-Gc|!9A7<_pzbhxK;`DtXTI<#ZGDYb<KUrw9obDk!*lopPNU-2?6T4}<P+p<_vx~3
z<fpGJ9&BopHd(yAtdlpGXQ*Wlal9{n1j@iYJ^3AVG554!L=EYDw<y~(OoTR<(*Cs6
z(v`psp6gQVUwYwh6ixgT`_k<tA~YMUSkqLbnp?1jTT!HaA(_n{i3*8#J6dAVz3is*
zN$~@7_(^ko*qHu0=I6G>8hljTZKJzU)fQHj1Hi9}EU44-R^Ll(WU54k{Cn{`8(Qk*
z+rz{QSQ8`~Ox4BEYmsBcPQGbvgDK@@#%5r+JBDDgfgPAV`=3S_uzlYx=~D0d$xgKE
zHxZGIdTSWb1<m5%m!J_6gVX7szjR;cbCbji11xesgNqO(3>QR;D>Q)=d=yaI;24*e
zT0QBz3r|{;j-yM8cFAvuTt%ULimaky|FT>3>}|$P%Rqf{l|bCz7N@K+tSJ*qA2;0d
zI6_CR8Ie<1-@*l<bCYTpC+~0&o&oto$)bgfzvV9mA<}_zo03${`a5IVa-!(+Fq18d
z<|`(x>phumX9RN-zd@F*9Ur9aac{^QedIWSWJ4P=SJ9xutLGJ>olMK;?SmU(COqO~
zFyZpd05hhvq?Po~CVsO@%)H{%eHky>D!cZp`W;uIt$52{r#^0evJnUa#OG$CuA$M#
zqzIv>7Oo2ws)@Q?J^wo9iNu6qs{<VT%uFoegOI0vq3HJcw3`&EJw&2D%f=1=6lYB4
zhR{&qTk=s*L6BmSAxP)3RUT_1h(JYxDEtPkshs_S0Wx?gnqfLU1u>^9b+CH;S#HAY
zftvB*x1yl$8@b`pgiQ(DSw{hoV=)z`#6FV((E9cpaOsf6)K<(;4KQ;As}M62l&lyK
zh89vIxAX@Bf`E%SMdVeD-2$6>y1#cL#&#{`HT`QG)>tZdF$bD84ME>Jt7*r?meGr3
z$qO9g-6>6c?HE1qMR1Y$OG6cy)ISn{oTu`<_$rnrMxciSg4RLr6@oZ|Ih+76>9=5-
z!wDI)g66X(a*{hLY6Ahw#wOPXd67twIXQNfQzk-aP-q&~BSl9DgEc^&&<e9zB)*IA
z_WIf_>LV^mKcZ*yrHg?5dhLpuk@&WdcCqFAtbztIn%Hd;h5&+s)}N)E!NlPgGQ^>e
zmcp>}9dc5?b($L@p2n|o$IbaN->kLv2B%M5j9V>H`{@GQBqz-l><!a%E1)IRafq5?
z6%u&9b1y!3OJ*o1ROQs}Y>7ua_P!TW<H9Wz-r%qf&xrem_|B2@&75t<S+A(*nDo|9
z|7^x%j$2nJ)g&3j#_;QLTt;a3S6+_AwAJ3ANP-Le5-i`u8c~k^3j-0MQJhd|FGwS>
zl4mLblhbKs-ifYlwhv%-1?gH&I(97UzQ|X=mQO6~3<9WLwf+n9;fz38X7d(zhY`+&
zZo*}LyEk-0B{;+RhxaA$BJ9!qJ!%l@b0nA5dv{2pvL`o(tr=+KS_jEmlFlo^C0!r<
ziLH(mnsWb2*ic_zvEa*?+XY77{&<XUE~YK@rcRz3*!1l&NN*FT4VJ5^H4p_AQJhdy
z=Ase(sSJpt2TS0hK_W|OB*TbGK-NZwDuA)GTE*Sjt9kf9cq2@$o{QhQ1_9blGz+an
zVTn|o1&+V12AmM~oz4XjhdJf-Gl=<P5p>^L<%xJF$uS3p!>m4}OIHms8v2L_q6h7N
z(m?!#+JA&G0o0kOXDbOZ*U3^&iTaS3FTqBiJg04pIKPT31pqg;otC6Z`6Zo^;<7`(
z-buMa{2hq;oTJZF6H<o+{(cziZp(yLE@?HV1m6H((#%#KKfa+WWs|CDRar=pmVtm%
zx22Sf!NpXn5&+VD4VMa3=qe`f<L`>+sK6`r<Hi?feZQlGEZGOIM3qm60uy2@rr<d#
zATMQ&AnhyrWSuKIl`N=N1FJiP?Z_d&gPrhhbU=onqS$lu<c_~bD8NJc=?FKr1jE`u
zG412yCIn6ZYk=;vc+)DZ;E+~S5I6hzu^F}=E3`z2;rw9&!c3BFBy6ku*G@*fbHn*s
zzY)tq`7D_|%??*!{4+>NXtuX;Vb?kAM9wkp3tO9Q)Lp2AJ<DiMBKT{77y+>fWGvLJ
zRh^Y;;B%kz4-nO7ncL8tOPI@_;8UBLRoKI!Q-L0Inzj@w>@n6c2!;!r3B^SUA~v7t
zJZ)sS&+ic;pfaPXVnC90@4U~x#up3503$(JP3Ga}Wq8c9SXgl{he<N*FwFO2<(Hv`
z4fz9fK8CJ2Ia8pfRl{Gy(L%j8iWY`O_K}rX&p0HYP_l$0!HplzzJox>TrV=C)IT)Z
z5FOLlNz@=@0NYukvAq-xABQM&riOJRAe=pnl;f%)k8vc3i8u10;eocb(`>hMNJ2oP
z|7K=ryGUy<-u(CIQE~Z0r<`Y9Wz+hdq`KZ`6*6gLE(WVNef;I~nT;XuGdAVn#Op{J
z9ZS|U7_vtNrC&KgVO!aJTs<29=Uc+$uho$TanpjYB@Vr}J}qlc;h?$+%cQ=_Qcf3E
zC$fd4SaaiRESd<l`QCD$C<G+{+Y_DYje-&;t3#2)dHTUHfwOD`m_2h~S+$qM1zxmB
z2;fX?P({r{+s9W6D(P-<F;P5{n-6SJ(V-ShDG)MDNfZDa(X<~6-LLS%5Dk+DQb4XU
z7YZD~VPLW5vn*mlc^bfoMIfP3+k6&zf<aJ==B}Fo5#H<AA3D(-%kIl3cPL>Md#?7L
zs*%7+<<u8@&cn88=vJMS@6qs!D;MDgJ&%P2KLUmE*3k%%)l0tJ{nJG@db;pD>6We~
znNWUry>CpA4I7O{e803{BY2)FCWm;{7WSRK^YZ5pEcY6GXP1X9#(UE54OolDx=_NR
z?GO>)mB*B$Y~^Xoo7|cny9^inK$uV-My8#Va5rfsnAdVk4(g(_)eR-{>vBUHw*+fw
zs9oc$7)hYgdD1Fhf)nsVVoJ>sXpqYz-vU*CLO#WkzEXiONU911S0^$p$2Q$8C#)a8
zi!j^cKhusf&c&7N1nDBx)?IbMd}=081p@mXhd=`m#3Epo^fLnql138mPjDd@N8rG0
z*kNy}*=D06mud31>)S3gi?HZzt?zI-P67I#>q6_wX?}>8R%&H?-0-;$(c)AIdq(D7
ziozTl#K~US)Dpb`WDw(~CN}sa7y*uc;bG>Qp<5SbHplPPN9ukoo-qFM;>#!o{=*kL
zN}a(@fs@A+<%YMH8_hml;#ugjWG3mca{9Xw5tFuQ;)_>xWt=rpW1naF11s+GuiRkE
zr6Kyn%uy?fw!lmb-Njbe!8)GP?TfQyvh#zv9PD=_oRC;<%gmTFHPJhyxy&aPe!G?f
zs;aby-m~K|t3)?X7YEE9OA>M0Iufq)J@f3o`y%NA6?W2+&u~i)e5%SAW*Il`oq>~M
z2p5?8Q?R+y<V^X!XB=RF#hyr#;)Eu8UP5fimU}<I9pY5*H3r#re`k`S#oQc=EQ+m;
zID)mJkSY}g89j))vyqX@o#?laD+nLNJ3=J#zBP(ETW-O8B^1%&#Ls>Un#HXFtAEtW
zi++sfKNQ_aiBj+}GjTMPp(EO7R*ht^e0n{De7GoO0SbkCulw6{#m$wS2cDPdXqoPu
z(7<?=xMO`cNH_jAH*a#DdVS|zqA|Ny17nCwddOC_^7lgD^Ml>bFW_S<jZe8^0Xw}H
z#5g~C>TqEx^CCa`m7e?@<YhmjRRG3Y63GGlXdkA<>Yc-!ksz*o8zTtBxUn*8=6A_I
zOBm))?Y6Arw{MA>GD{v^mZl<*sKI1lb%62>?i1ZQ;1oBZm6!rkhV<mYvZTmH&?Ppr
zse)?|<AK&x^O0$G(Rpb-CmpCgKTv`e{+qtAN&h1|+6`BAsn_HEX9Xh~!_Qql^#Td8
z93QVLJryhQg#DqgcWOIku*PW(?j5oEgHy8vT!X(Jrs?#d%}5#Qgq_o$yjO5qkv;W|
zhHo~#?Y&^07e=k4DT&EI=M$!x+B8Cu!x_^InUwmym_*h;5pbr|{9$l(%c9Y7ch~9#
z&0~~*);aClUd8n4lb{?XeFro89ehEAUP@#m*fCon(XVvvR}VwfPKma8-vVeW+p8EZ
zi01*ZDm}H$F~PRhi+!*;9+tcpsw20TT$)rl%g;%QN7K#d#|V3$Bjyy%^6~QUJLrw0
zP_>B)D>U>DN3JV($C;GH%{Y^#$*k<|0p{r)y`4T88K<#A!VeuKoBI=FZZ_Es6Z-kR
zD+d>qd;eG({RY@;{9)Z6y8G{9l9Sj|<jo#NrPb3Zf!5QRdb?WO;SH{1KL9yvnVQfR
zCJasc=sN2IlJJ(Hr(m3TXWmeCDPTJnMU`P6G@-Dm9tF48g8#a(Shv7+@_K-0S;oTQ
zB0O7q6o}wyH<-qGdWcI)IAV}W2C7-l-s3;k65h)9Heqx8`VLD>?FA6&()*9=ca>XA
z-zQ`lyxOZcw?tT^e4^Pcp{f=;YrUa_3Mr%oNJBe?S-L=6b+cCRC~m?e6`LO4$7|0h
z_+sN?svv2<o3fN_slp7+{W*Ied69CvM9lS!T8Fux9=#KF3+nW$yhM3I>mm^XA-lbv
zafgy)3CE#6{)?jN`XHSPh_E|Na8LukA{=F;;N1}qjKF(>TG1;`qI0%4!}+6W1E1OL
zRp)Hp_EGMz3%Zt;7XII}*o<qqG#Td-MF#Fhu@}3OgF&&WL?xBOWxiseN|`(CNGj6S
z<s}>~%r;<*ZdtyELzCp#6Q#!@!1HzJyXTto6$Cq&@7YYLn+)7}bch10BI5S=XNFnb
zvN~tz?dtfVkCW^EX4R|h_V~;qG{*RgYW~3PwZ_GJ&JN-pIotE!G|b-eI}fvHVP;+F
z?}F*Q`Vd|EeH;=b^B@GGnp7Hz6ZBDOWZ^AHV##*X`-E3GUfew8H`S(i^~iks%YyZw
zQ4Sdgr!X`eE%!uxmAGhG>hx#tyZT2dbOab?8uW@wHmYW;++N*Lgp#`tB~tH6<<Fl_
zh7=(ZD_KJ;*czqANMHeSxz{zG^s^_cDlvlmHz)IM|0g7*$y@kfJNQdA3FaOiT}Ta4
zlBAbNFbn{{1lkeOo$i0}&R~Y^=Ar(uBbwd9Yf!Qg8$$keao=k=ED={_W%jg#$4uCu
zbwn}>cH3h!$?fvP%#(zDCT{!SM`bwvs}D{Hm1jEGNQOjp8nJspvZTiDa{^24qUBYE
zW`O`1%FoJTeB>i(^A`074nhJ$=N2m=U-`;iY1NDQ$<>QCi8ZPT#?=^^AEfqZ8Lw=E
zx?71u6$-%9977)EAe1qSz7cbmW@8-N(m5$Xz*dGZHd{Jc#k_%@QX}{=_#Pf2fbH~I
zs2LqIvyzS+n{+ydS`KG;uBRgstLR2OKKtBy<FOKnfhc*n)ak6Wb3_@@#xn10lrFlu
zV|mr+!pf$JxcR94-XnS&<RPSST6KWgzaWHOa4i8!oJcW3#&p6z`roDk4Va4BdwCG?
zK#D+iy^vgC2W=Z!O@{L-@#J<2R@CoWZnvAz+l>}1W^6wtN83y4z)Ywf#mJ{IKtlO$
zl7zpxP*%Jj%yU}hMEF?*L^?z^SgHI<zHU}8&e9Njt?ILDPo{|>r=Y-$q*`cVFCW>u
z4V4E$nh~$qoo<C;r{2O|cQB4Ziu*4gy8_IlvZ|Qvb<0s}Gqw(n_nCB6X3hRSevj{n
zLW=>4*E4eLfN!)6a81~Xd1oIs!w#n%Jvb!Ke(vQtwCfrPNLuG_tz)ZdUT#)!){gf6
z>s}a&2~U?4Q!FQ?sx{<G3T#)_O{ZP3b>jKmPC!C!#a|<k8&OC#h(zPcB<&+Wa^tz7
z=$29ww9GzNT!#l#f*ZCxNsR?)Jn^Hd$*M9l=-_BDE-4ILtF~js)13#7A%}=(w(f|w
zU0A)8Y6VGjdQ~T-N_TC;O9a~P_d}ESiJw_^OPC2(F}NH&K#>8Zo{o^QmoZxDls#gB
z$K$2``k_?0%Q+ucoQ%l!QwzKbR#S*lW%^ZQ+IA+V{=e$f8)-nhB7e$zZL$<owO~D(
zsz$!KflQMq6u~+9O87BSr&JrgwolC-j6~iis<?jzLlRTP%l<*zv&k0B^2=l%I~KZl
zi5B+zr`Fy%0*}8cx*9Xk40V?AV1_SMp{#d}zc?vWLDvndj;z$O>Sk<MpD|v{79uN1
zg@S8Yb~rzR<r}8RB~+5m>CuM$LOO{1uZdqL{t)+hxRV~m`+hl2krr5dJk~Pn0eM|M
zRE;e7%<Vh;xW)T%Zoj+IUT`P8R{wf@ALqQdx%vkc#9&L?m+g@YBmazIw<z~_V;DnH
zS(m6EfzxjrG*8?{a-AG>DUZNbByZ&1_g2rpQU^u*{wxel{qQ}~JG)l)E`r<*HOprS
zK^2PBGCaF1NQ1|Nx0{-yhg&IdU^(py-zDvEjK_MAB7$H`%GiA`?8kOy+1I`|>CELz
zovO@9%<Tp?tMel{DWB7pNPcV8ou<sx1Z_x`Q@gkrK`*acfF&2*BVTx<A>m+xq8U-k
z>8pw<?sIg~U-}0OvuP%@h152L$zr6+bqPguPH&$pUUQ!2{uUFWBs$o*I%Mw{Dg!_M
zYyf)k!p28;vQqHlP5WDtzyhu<2_QXx62Z?ei|vmL$@1`GH<ZsB4U3%xKSm7+vQJAy
z6*k}mL-RdhuCx;__eOXs_cfA&jZE#RX~Clj;r~Wu0nh$Nw0~il_<{t~N<=*VR^U=h
zi{Sc?3Ck(k;~hlSavz@2_qwKPSzhAkK)IDpR7(MUq2M%rZ{BjVNXh~}=D<9wr&NcD
zLXJkE=;Je+teH(^sodRyl$kq;9`}gc-O;tQ-H$s6ag}H<X1~3WZ%qw;vr|h8v)3RZ
zs?g#ayt^{;P!~BQj$JD15sO5d)a>*>!2YZ||6+OF-dM%~gYh6yTb&6<rK-HybQ>q4
z0O6nN5P~0iaI>57LZDlW>bS{djWas&%vjY=mH3=hH6$rWSV;&;Ez5f%#ZUnMwQf?K
z=Pgg;H{3CIM_J6>GpN9E-Agxs+AsH15*Z;TWAKmskhuJ^@CIFK+`W(a$ZvC5OKbIm
zAAW3*?=)twgw-E1+2*Zgb^gR)-P$Z>N}0K3M0a7de`lRt=DSTaA%`Wh-jFAla=>X>
zL=rsj)7Ve>=sm@fmI^`cUlg&_V$G!%BNQfgk9<V7u5Cw}fnU3d<KYVI@29(kal-6g
zVImW=XYwI~9D@f~@yT`StRT?ic1pB4aoRAkgl@=mCN6F$MoZ7PWE-Zd+?6B@Kza>R
z2Y?0BkcZIoL9uS8u6uhxcdXtT7r7?=tD<)yAe!$7-1M)63vz|E*@7Q7ubd0sp;!GC
z5q=W8RRK9ZIWS91Vfd)5auN`>H|_2ZX4mRSo#Y;53@&?}8s(XH@NPHAWTWk@rasPt
zT__fAbp2SjuH~}^l@{acul6oT{4U1r_IDsKQFmcUZ@5mY;#gG+Grb~MYPI1GHg|*?
zw^*$sHU7l2mpSU{=RtaULSJe}%zj^BH(_cuNjb=J!KnX>)&{HAl6l#XzN1+uu<vHT
zWJB@Sjlc;_n+J?ll9^1`X#2ogb!4dvLn!k665B_2ZTJX*5E&r}wTDs1Fl@lY5c6u|
z(kp|qOUa^ZY5@kV;`q~v*!dX|!W64XoZdcl_zNfS+n;^OBAj|f6kr_mut}Oi_=~=o
z*K_#s)JVF<uMb{^CWI%@%gJU6=5@-T*{~JQGp^WS?9*${@Z1kBAPdZLPKAW>NCrG#
zUyN11KM~sgpTJVnF<d9XWd_J|eGiD-ot72b=XJ)tBE*C};~)>R8&T_&R{2{UA>4wu
zuMkcKNkON|>Lr3ob}lYrX14oA7#0(O?T(TC2P&=V*4J3V(fTJ+2KygUFPswNI1yVX
z>bKKS^_ZyKK-3U$)IGj7|LM|T`Uhn&h#kBuxNeQ?zJUNyW`8H)WbM7lmPv@jtZ@|I
z=gAKp5tpVnMO1x`*oRPl<Gx5dO5Ar%Kz(Y#=NwOo$43vLduCPd(%6n`AT_CXNt#vO
zPnWm6U@{&<DhIpdD4k5RE;M$amncCk5GE59X9E%6;baX9=4wtdDQkFFDl71uYA*AT
z;aDw%JyA<gKVI-0_!q?QqyyxjxV46BhJet|Ys9P}Bp6LFsJ(SUf4bX3)Ny<@n%m!P
zckw&tWVf!$II&u;eSTI5e0;G_&F;Rr#fk)3jMzm2vaWjtWx8!dmHa`3NTR1u>vtsZ
zQXW!F4H+JZL)n%mq2;&71Kz#a>sv`_fSsdU1*N-KF~T#5D#%DgLaf#$)aYCFJCEv*
zYC9M5HFRr0lba}ti`N{{NSLoMffIg+SDW9-+Q4%B&%;y^2|1>3bzPqK1DK3zG+ecH
zYL%v(7?{XW&>+^BzcO`E3N$ANiIU8Ob(+z7rPSW$8)PWjm@~7#kmW(z@lfV>njDN6
zd2aEuYUKlK>q8UEU)=7OY}GS=uh#5QvBegDPVl!PK~@_#5$LP8b)ql+?D0Q+kd`l$
z4+%Nvn1cL3!bcE*pELZeE@Ygd>d}b5<H}_9yaY~w(NuTB`h<uH;=Oe(b1ef8C?T74
zf2Fv3{_<zu#A>e==O})>BuHEHKMx*4pTeaKB)-#&x~Et;X}sN<JU8&3P91x~%Vyh)
zQyg6-?BOJ#H9lVqhiW;<KONy|i>O(kEvW|D-1&hIG>eOHGC#$ubSd;0Yx&aBgvdn_
zRB9{X7E8BDd|kX|6?<XhPt9~0qpxX!1d=i7m!?+RGn)9WM~iFwuJcN=Fj5<&y*pAn
zf1}{!fifNTXc7|Q5o@$_IAfmkeq-HN@TJV&&OCFLZVEx>vZM^vWVzmKi#KrmCvbru
ziOJ)%B-G6OA;(1IFV(`Jq=hUCd8J77Jil5js-8p&NlQhRSJBit3kx^KXI4KbIfm}P
zli7L=(qtiOIWgEXl4E`BUtZd0FRhn5wTpqs1M2{*ry{*V^LvZ{eC?cf-~Nykz^4Lo
zU1ILivHE9-#P1e=AKp4YI5*h@ZA8m01*-4^^7>>;)giAMJe2mjwK`#7N9r&9>GF@8
z94CinE74P)DmdUK?U`8Wts!KsFBuExJQ<x8s2I#$+F5Q6=Jw!t)jdZ3cj$7kOOD#r
z=QRGwL8ctPIi(R&_<?ecc~%#o(<G+3`i;>4f&OJn6RK|+y}c4Y->~a=aB>5M(I^sc
zkLp7B!>R%o!eYrTVRpOP4v6g}i}3@O^<e%r<1S9b5!Oi#bPWDL#gS)*Uhd055HNew
z7^g*)`<7*i8{QZDj59NZmV5&>;$SP?PE<2&Jmg?|%>&PC&EOGaR{c97b$jqzS@$36
z*uttQ#A!;^gwLo&oXKnvf6$fRb;jM={m9pZCji*)?dmfxt+2RRd#T4B*PFIel1Lmg
zo7}?3XPU5lr&OblTTQr6SQpQ3zEi^P4SQT<n_~1Tp1sxMtjrDU)Xd=Fx#B%?PXr+w
zmmz|jK|2J=Scr(2l_mNRFIi9m`5R-?S`B~Jh&E-`m?b^|{km$6y;*<YCv1gyN)!r_
zp-H3&_AnsPpry8-;)aO^%CTPxkw1jtgoz4fA0_!K?q&JW9ue1$hZcMz7by8uqeuOF
zT*)ACD8eXxu6oS;h)FtUKNa!yjl$aWdMo@v-*rLoYhpM1Ia7je*3jG17{mEAS^>cK
zk3P@V?~qn=1jlDi!A*{<PC0H$fGc3G7D8yeW{0=mS|74ysUTxYtt$>cI<b1cA>~Pg
zJfj>)xM)pT5iau%w|a94O%UI2oOZooKAPNH4og&l8%o_vtQL48wbz*&9LWhsAmV~3
zG^XKVNIInN+8tK=S)d`qRWptH^Mje4XdsQOi=`d&36Y__^K$WeM#wXa7K_0uf!>I@
zZvK<RTY?u^deIo?S9KiK^urlzHnyy=lKy11y#PE_K16?4u*kIw_okx2m#X0r{o`Vs
z_|yaFSi-&GBaWO_W~9UHb8(xx9wT;Bzn;zZ8{`JbvNq%UUk_Ii^F`Fy*DE7s#Xs>6
z>gc~$D@^4%vSj-^-U{8topv<WMh`0M=|!*(bdneacIQRyQPY;@$GukEjE-dHUPL4I
zGJrX|kdeD3;Tb~pX!0(|#~)@l2Q~U)_`TN$B!`A#&5nmUhVGbRWMIwI|Md8^1){|W
zz1mHF3tno;#Z<FEc87$Q`X>XDsyV~^QOVLy)-|RyhljWBZe~W>&bBjknTfiG;$v`9
zLO(r{*RKFXT#e3CR{7uhFcH4cK<;KvKtHeG_dBcnbrhs!XCDr&dMpeQV$6`gcX!dW
ziW9NRJE~c;eOT$vepP`LitHl<L2tXeRa^`pS!dOfUqcGFNZ+ps439Bcy%nsR>(2?r
zVv?}fd68Z{vtcVqns5mI1k8h(^to;{Wb>={X+A|OTtqv@Mz7I6@W9}})G_Y7o#1G9
z6sETovGlwtxwvwAjxfH9Ix9o==LZ-(y&yg2hAo4=WKSclCuWTp!lcQ38?}U@bFqHw
zA|@C~ys-=mzQfaz0|K>^SPaXMl6`VnpAUm0zxLIj*u6ONmGjs~`xRD+xG3PnZ)Lu+
zX~s#AIuK~kgDIvGok#`9dh%ehmV~$>f3+agk*Bd-0a2qxsP|vkSgnWk$T8l4Rw;5~
zEo2`HH8^4wt@FxNH<-6y(W*hPCOXVw=VU0dCz6nTX%k@qYDREt=bY+L!t`+l+N_L2
z{S(Y(&`E~SZy9eRKyuE3lJ&rOg0*+{(Ovy-P=Mt{4SWaDEBg=l2ut3k;BSFl*W@M$
zVQ51NkJQ^6pz}^RLoL_pMg(A&oL-Pf(<dY%kSj6oF@S|T-ydIj&0fKVzq!uXBzgH8
z>z>3-I=?bxEU6EoAP94NPN*^K$<rluXbCi;k4&acp@@G|A3~4sr^Z5pAQE=Wr?0?V
zMDCt^8y5Ov|2eJ(Wth#9m1OBg(7mpRmv8m4Wo#3Z84kaR7dKoboyZM(KHERa3ebo#
z6n!2qvxs}v8rE7DWugyB-cj=9v#+Fj?|tYl%3<buOg@(L@ueLT7?(aymW0?&3ACV0
zwXZ=8HnB3GE4O`+g$nNEctc?}whRoiI>fP=O@tt}4%mT3oR=jBeGk5@DAq6jt(#iF
z{20d09`?cVxIa>gXt2w%WK=u%*755{aos<NApG{`2IgGDZ-BxTInFMg4I0d<TsGo)
z>kv1mdA|hdfvvkRk6SLsr{m@BNHii*LNr(7A@<n1qz&v7bD#nBwJy+V@dwR|pL;IW
zgdCV5{K!-0XlW2c?a)Wiy1mTU3A!%{q;cW9JcOx|vSohG3ZX-1Ci3}f3KW~p*D+OG
zy88yOAs!yw;GPJ?M}c3vT(c{s?&V~lAYj@)PIx5CUcU0~`p$cF+fcb9T=c))=HO7X
z(xTcN%0G16Zh|008G_t|^j=5w-vk!)A9~VcC#kXCTUsLKgnKHaJG-0KG2&_>by>?h
z6odWQv;#k|{6&H7ekR?klex4IV8XZI4gtRtdU5bikS^h=1Y4GS5`3@T<BQ(QNrt}d
zw%aKpB!YfK0AjJzI%DcUY&+T(WVBU&X2VpEI38{AFYlRX;bTFdB#>-6md@J<TPWi5
z1!=%+1?N3t+MxB@n-j=G1;z{3>LQNyU>0QI?_S{~0)(LwOIF@8-mgNO8K#v7;gJ)+
zL{wPMz*_4yHs$#Onc#L9DE|*!$kp0d0l^7q$0%}v+TDZ1-Xb^hZf*<ogkYNZRs@~q
zd;+@UH*(hXkm&o>CyVtrT827_tR_sM2=HUrFH^z!q4HPkVw-F6V!(JwgpK?dX)a7V
zzk|LE6>2EMqM9eRio|Gk;DyVFOFdo>yUhu&mugcXeG_cwgyr{b>-6OzKMj6rKIiL0
zrohKXIXo#T)yuTU?I+cKIZ6G%x#~KaudRqFj14Xuj8lfV2|KktVJB4odHK=h)QX>P
z7cuTj3a~T}CjC~tKWr6>{zR&6{49elUx?C~?{0t$2uds;SSu3r+uIdwdi9;l2@H6#
zLSoW^8f|!a5H=9LrN1BhPc=K?;hRm2#p0hd)G*Z*sX><nj<5Ba>=>+ZOH$e=h8urY
ze(+%^i)qQitORdNESiu%mf@Qb6f;T|T$MA#?1kWacR0i<5WF`fG*fo>@P`}v){*S}
z35(#-`)k0~{uV&AhM7Jj+N~MFvy=tv!k@u_7$~PpubVa${1w6e7eQ&};s!F1XBY98
zYQR$o#2}R1ikgA;*U254=>KBshz@&-fY!@T6eOZR!)_rp=s(zuxq=bGm{V)a`4>*D
zcio<}ZU6G$?v&xPv!&)67@BiGt`+9Z?Lw)jPz9b8#687mYaPN_X>SR+fu^qkMm+-)
z-P@zEgUHQDllbC<y6e>};^VnIJeb`eN*<*BX=3X%NT_|fJnLq)JU)E-FnCSZwHlVL
zRQ+$8evB6UyN{#M^>fk7x>b<r>1v<X{SPfeuU!2l3AW0}ai>Zs(Zq9vr{MP>Xyxpe
zg$M5%2gvf1B|*(pOBKr=N=D$a{dS8AkW#7|d!a_h_o(lXBus-ycHJy<B*e>zIkRE2
zu{vADSe79@Bu>(vwfS=(>C_io;B^Zh-R&k~F7_<U>8U<A`O4CSxymA`J|vR%22)?t
ztKozITKY$CC{V$ckG>pE(LzI#TXf>qCUK>Eo4Ct|;!42TE3cug1@tl>^co19&?0Qr
zDu8-!YoWT!05ZnkR?Cj0TIb@3Ja^mqXU{;;8`G!B(P!5SIOkJd>YpJX5*hadp^;6h
z1+pqh`jDM(<I%_2CE7D%P~2>O>weLp3DUEfpX$g<R!H%i{;jY8-=NpCW8rf}284ef
z;?9=7vlKcsul<&9TN8Pnd_SyPpA~YrTRc&jO8;5Fynj^0{64J}UghuU?ztRNq~ek@
z+n<ZAW`wYOqZ!gJc*8o?<Kr5SNDndBfBmb_o=L-%sTVO%NC|9Oa_dr$ZDwrqjYXp4
zi~w2Cs!mEf4?^DdqZf-Kbz|YsR`E8RjyPHmQZBAR7hw<7FQ|FbS1_C!BeuDI<tb1r
zr5)kga7Prewy$Blcl3Nd_kKNK0lThSadR;3I?Nr0NbJ6L#R14ku#QOS*W;@g1^wSm
z<4%kcIAR`&KbdeAV8b`~--Yc5|5mlCq(;(fbHsD@%Gd~rH5^@=Lwy%JSO%9iXa{tT
z_=T=K>cR?@7jvd-EbNx_IT+7MC&w>>z;=T!5It4UpAT9a3sxB0p8K@NIg`i16z7&k
zmA4#RugE?3<WH&*a?5KPeM|34pW({e!ZHxCrk+A@7tDIT__mse5WSlxdEkg4`IJr>
z9czGISc;4SGU7%Y8Gcp~0y08i%$Z;O<|Mc%ZpZZ5rWE<PKT(ue7;J}gK#=M)hTQF9
zt1yB;>d@S^CtO>VhrEog*5pNRuO7MIcQq%tpy<X#JflFf<JmznW7vCkHKlW50=F!-
ziFF|<yXdk+q+K!0d!cNE7!a)Nv(M$kktYIi@<x<aFzjjtYM=02l^P>+0{?#^MO3aN
z(^IM0=-dI-#hp~_?S)KRdOi<N<nVM^ZBRNJI(|1*7(cX;pfJqbI-<Ihv=pU0OgCX>
zY;gz>y&T^>son1oA9*n|2~)t&u$T^;zniWN%Nx#arl+D!fbe45O31~XNyf`62{1UN
zYR&wS;qEjm&XI^RX?T6(bvUMS&*K$S4k|GVdvRdt0NMGRbE~dYta;BObk~~`cK9IE
z*GP!rGQeE~@ZYQLe^KesR{K(Q6Q3--(I!4}o;VvJ8q~Zj%(>Jn>a!33A{~}_)Vcai
zVhZAtHX<pw0GdlZV!Pe{5N{uZbj#JU;*)KRvW`)K;;X9|@w)vNIIQxw=f&{;PH<UT
zF<Vh1N3Fa@qDA@`?xsS)^a<CY_p+H<E8b7dhHbdzz)#AzYsl+_$wt>kT6Sb$M!x~O
zM4zqJp<a~0RxmH_h}D}_{5=D^ZDj|6i^TSs9m_`XCZL3KdR259C~e|jMLVc<Ta#>e
z!K(?k033?YcF+bC1VWOtl%_NW$P1=%lw>+x$iRDD9x|pueYwVsmRM5^b~6-Lg^u;2
z5+bpIi|Wz@8t$J9)3(w5O*A6S*&{QB8of5K?47g!6_^#_cp+)qL>F3HZGn_i*(EAD
zec1g<p^@#a+gE4%byV4wW_R6PF1tDeUxb?=f2GC(&I^`=7)TVZd`myHB6`qn%~7p1
z876IEv3EA^&l7(B$10o9T;FPCp%)F11%0r-`5q0k6C@ZzVfI3;p$jU|@2b6ZH<#;+
zIehfO`L&JUMspinuEq~k50D5%2zS(~jz-KUJxEcz8_ZseRO2Hc%k=efJ+t2|`ccjn
z(aLWU3sEbO<6=FTi6JCk+9an^vIB4L>f1Q1>e}V*5&g?%rME}}m5)j4R`mjSQ}z|k
zQuT(_2MAKZyC((Ln@e}93++h0v!dZ<U1I5Fq-$&K1bPPEaxI2l=2?VCV)Mgk_@^UO
z#oOEY<li=;1FF15vJXGkk@aF=$P!K<>2nx{O$>}N*)rY)cZX42k^BfuF5Z^m1xXyA
zWVJDf4G_(L-Ee|xwJqugC&;CA|Ji@^0L8CYu+-uv53a+f=7WuPbbfUw)iuBgN&|~Z
ztf>|6Rhkv~o-l;F^wyYistubIh#1aWilMZUrkPRbIk!N5qz${CX*T{7hol58Z2EHA
z=d8kw*AZ_e%#6@6dIC7~8@b9)g}&o@zqorg5ZP*kKq!)n;D!r52O#!|6*rf@US<oc
z^#<?J4lE<8FuU0}kbb<$qn6}8q1BEOtns4-?`aA`Etp)gv|jDM9*58&J|?Z<mf}4(
zu8K!3@7S!tth?;=<`kosaiq&uNj2qRX7`I~pXTk*(wi$6kN5TdQ^nb&A9v;6<)A(v
zQjM{TH1SNJ6{+l$Jj|nL^0Tfr;d8Fy&m1(<i`0unc-g%d9Eq(4GLUagd=QCVM#fFr
zo#}3*ui!i%dQZaV<gxX1q|+{|aJZm8mm$2a*a&lyBq)JoBtgxr@CcY-OS{PtM|VAy
z)iBJAq2H<@vJpC_MbbcGB;M*yAM;J#8pqW>S?u%SBBcW9kl0mYQDBgRiUFQp`=i3^
z-E9v^H*qOc;GJcmeJT6FS`O`8sS^EAvT7r`JDK@VCz<tH%*61ix9(?Tjza|_?snd>
z*ER^06gP(~&XoB$KDr2scD@Mn(}mX`c!cCAZWW|&i9CQphKzV#{9(U#(30~RW^`qU
z({1rq(!!A}#_L}<8<x~kuZ?`E;DwCo!_EXcBgJQKc@<H1#?57V`=~X#o=F|$!>SYV
z&usB!YAa7Pt7r15IpO(~uZvpGxAWBd<(x?R50pGD)bnx79W0{@$?~&-nFF5<V%KiP
zJ^VQX^l&jUO>vmcT}m=*x$w&1U#DzfSkyn1^xW)Wpd|>7OPRGc67}F%1nAh+ik|Kk
zgRmRHbU3mc7E<B$-z6g19j=aLbAikikygql`X%JoJ5Kj7w}i~vGq}g#K#+NV6jk!Z
z7<zJCRhID*N_Jo|-B5DSZ)0=-K~R)%$SON#(06f3S*Cw5+s5zuISzr(XH`Z2Dq3-I
zzU69-!3XJy8~1S`)d9pxVCTqvj{O!ZNED!-u0Ql*A2J#~rpLKz2BKe5?ynjn0>1zs
z8KUsvQ>&r9sjGrW6NpozcQ1aN6LI?hKyvu75+K<Wy$PSO0Cy2ix`|QN`#tSmxA=bK
zQ_oI>*KQ|zzms9)9e4LAboD%+j8CaN+Bb!w+@NQ8E4tJg(>rhWc-;GEgIhhS>7i;R
zjaQ+$dQJw~6BwT-SW6==9HgbFRy^a>E1Ex)@R@l7PDV&VkgSlB4q=p<W$$i?z=4!L
z^VKV!kQWW%haBWL13A%5i>bk0S@`=V;%CISFKb~0eXfUbp4-OYMO#=Kca}AY4<h6Y
z<nV_fj3)wPkp>R*!kK@a2N9(51&lB_PtBwcNLy7hYcFCJZuVliqj&oj;8O5GVH^}O
z5{+qRx7@j<J=y+}DR(rvvT&0?_m?AFqLs*?<2wu9Io^Q<7VkuKWjjhTjDS<lWT%JE
z9bPx%lRWp0$bvPL7Ov3Dy~%X=vaFF9&dxdaghVDJG>9Wa%uw+(sK81spE5-|VIN|U
zx?^plmNbpMBOpyPa6fP7hcuM0)>eLd`bSPkWzeF+gTs+8Z%8Fa{QF0()q;`*$8X3r
zlU}Y7*FW#t{qde@(|Z39?{LF&*5REct&Vbbf+fc!jq*OWT{;kUaN7kpcYh7eBFSXe
z&=?AUs98dtGMft#qMaK1-P@NC9nYro8@;oaIVs%WtHy>Zr@>98qeSC(lO1O-p!?v$
zp}%`1CHRXre6kX@W8E~691OV+C6q9+8^kah#x-^F1AG}B8%O*l=t22W%^I3ANFAM%
z&u2c~pacdk8XyQac4zeE?jZf|`I;V(wkHU<*Kf^@Sv5kY;?0@S&eh3X=Gp(xnEZvm
z(I8_|ge_0=fQ%7eA#M4taTIxf31p|2+Zx&K{xLGFA^O2XGSL?hf9uYyf+)_vZz^8H
z_>-m<UC3p8x6NG;g!-2ko5H0HvgtograTdXSJfTTzZ^ntW?ULG|4{DjUvz5$E(<x=
zu<7b@%QK-R#@_~Jqj<V-WbxRpot81(phf)i-U;qG2ITrmWWdu6$0K};IejkMHtTQb
zcol)Y>ZW+TJ`{<)zl9NNf-a+$Osm>nKL9`^!Ip&t+zSweJlZKC2_48SDRfg<x{j4}
zko``d5n#Tot0J{?&i&v{RK`29Fl^|1`-=0%;O<*x`aw2Cn}bj;(#tEs&^v|}W?pGW
zk$V{&9fR)L37|D|l373EZC!Vp)sE{rv1URXS@%!H2?Njdg8#mR432mH)4W<OE3{E+
zsBc}oQuKUE6-r<;=9_>t4n38}9FzC@s2v?~koU=Nxm_#|DST54MvqxVBQu6>g~uGc
zUAT3Z8)|Qq79H}|?7Mv9@+9-Pu#b!3Cq|4ZIfay!tR_0PiQp=7vPRv3&BYNMi1knc
zRXP62_cv*7%)UhNjNkHt_X8d}*)Zh1c6{=X1o`KKb^n@n^1o|d@t52wV`#o(EH_d*
z%BUt?Dy4Wqlp_vL**yVi`8wj~AWki#-elbzsSZynQ^hDRk+%#iAQ52Bt3%7<*okY9
zacTfG3khl6FuhDDlazPTHf_8dF(R@kKBc^Ziy6PTLrT_bgbKh-y&y<7<JhgkxU-V0
zd~Uw)UYr(f#lQ(<CFVe;9aCUaq@e<iM(R1T<w^nsI1GstA-F?<f~B88mMrws$xwnD
z&6KcY<Bs@aVy1B!KD9@h2DghvAc-5$+|h$L!FqT{I0uNxyRDobIG+kfOEEvrTuQ_f
zMA(7-#L-yGQCPl>H~QNqw%BT{5iRAOp_;eyc^||%R#6Wy=EC6N->PFKk;kPInS(c7
zM}eU*P||yHpYfqf4_p?Clg96W{`QC`8&4);7r%R|ZHwG?RvW;$CyPjCWfFwgtz5K{
zD>4Y^oh7OzZQvg<_aJwtcExEFOd)#u_pgxVbL7!tm)D(V#RGp)clpZV)#+<030K4?
z6C!<!N4kDccArOFHI<<qbwQED6Lu^3SC{>JqwC5@(-c>|iPcUt*5=p`ifg_&1vA<F
zui5*fO8n~iebzm}ech%*_WPEF{kieN5leQ6j_Nd$#q4Aws*!qTh(z`Y&BOZ9!s)ZY
za!@nm7F!J^b&71UC9C6J96-}M&vuSqYAs^bnC)y?V%ume+rZ8DS&_i=<k&;@14H@m
z#%>$_lr)-bPC$YM{zMU0$FCphJ+N`h*jVvbxI!i*7m_%^x;a}5MY4U4>9_Q=(}U`m
zTj{~dBYbZ1AQssRE5NdP2=WKy`-{SxYc<wnuG}X@8x-3gLJc1qxRJI0qv*T?q5l6k
z{=UVTcSd&ZY?U$^RL0qqqP`6(n>3V_jKh6wQdwoB&{oMxM%Gy&m61@^S=oEux$*n_
z{`H4HxO>0euh;AGc)pQd89JRTsTGe5(?yHH%YQum)y1!oaVNZ$>y8%~=7%0XU2xL%
zjDx+UPK!&fC}>0Bc^v2LWY!P5nL&#myg{YPYPkj!xg|Qm1WlY~5gRqFSG_g1+e$0q
z4hV-33#S8|`OS;_D5*A3{jgN4x=43A`i~kSD99#f4!!!OUMz13`B{BdY>8-bOHo5C
zX8B0x-JY9b+Ibz=X`g33m+fz#T=+{#E}AH+?owFypVQdewdj?^KAG-DiT?S?_nmo1
zd-kKxBi~*l()%R3vv(}&(7SQ@j>60O&lFrc^R;54gce@bNYC|n?6Vz^5Tku*UkDTG
zrMMdxygN@(a^29X<)iB}J+8vs-*Vk$w!Ie9Ykpwmc$?SnMUR~dbMHFa%yMb2L9#E0
zeyp;*mv>oD=Mh<UtCXp|EWDpyNZU2A#*%dn|2zLNYw(Tw)EJq9DjbSwJs?*&pQatO
zN<O+iB(vf_@+oriN?&?&^)|<n(`I)}9kmf^Cni%UkR$n#$nE5i&UmJ<D&D|dKalo`
zS-hL5Rzz&07&oz;=^k5kQOJKHmByfGj_@k+BTs}XNWsQU5H$C-G;h0DS<YX7PrS^=
z3-F2|<PPPwoK^>`3CN%^ZFIs2npBW#8qpmL7~MHcUZ-M44S*hdHQkcroGrY?FCYLl
zMVeE6QB91#;59+p%oh4`xEo_?J|sLE^ZzOErU`>LN#FZe^^Zgz$uwQKzd~$BH9RE{
zSy5E?8#zfI6vCzu%dZyY#%11-eYI^R<QMo9H`Rxu6(x!mCa=eavBJ;3DwP`zA5<4Q
zE>aha5U%&g*m1ldbtq4Qbk<RR=g3SSJY3?uH6eXk)iaAI!+JkQ>Q=-l3YamC7_vi1
zVvRGtsRL&$Bvd^)UJF-r*+r#y$1|{<tj8xMUwgMAa}@&=bpG^WpdNCB>*`y0fw*tq
zgajlsQzZ`erOPRzb(A0Oj;87qQ8n|h%dQs-I;Xy9ImLn2od0tQG)(_pG)X*!ps-;}
zNNh7Q>=FaMj<3l!mV_~hi5ejMmV7y`HmA)&vk(cks)h7_Cb!Fjf3fm_Nj`o<ef}Fh
z@!3=J0`n&5@*tlp5nRv~lcHW`DuaB_2DttI$8eODqg%&OigAVjN3Bk(;RVLG99<Y%
z$AM}evh_c#$GfF`UeLA&kD!U~LNa@dA}26za`o8&HA`bG%_Ttns3Z>{I&F&3czG0j
zx~~Y}2808fO9GvTk#5%=r!X3?u7^qSY807MvBN>UDOgoMa1U*`ztNBOmQJ7N7=emy
zJv0;qO9={(iVh4ku&gICn*f<N?d(W_2}v$UX@}H%HvKIcRw&?YPjn>j18>=*eJ6%-
zNYZ9#pkd-WxK8F?iK!rlR;6XjG;W;?eOH^NHa*TtBih2FLp|t7@pKChs8%N#aStDK
zDrOpi`+Jd2kJ@T8Fi!rVaw}*Ngfj2mab2Ru{dJ7I)IaCf_qmoX0o!LhAgI&h<WJdU
z`lzE2DvOvJpk4eJN$e{;I9j&jK1NUsL^#PiJ<}hzJ!dh1x}e{f%z`m=YEDjE=!1_T
za>2Gc{oEHuzWMXdX4RITQsWdX32TJMjC{}E@q9h7)UV8xdY6tQEuz%XUlFXE{&paL
zPv$Q@y$Dm>Nx0@E)nF$kEa91e05P;=Q(KFk1@h!BvyB)`u@2|ySk6ty{IC^XHy<L>
z`7j@V;zyzYV#j-7;0i~c8z!T_LhCFmpb+5moA1x%KT(G9^O)ACf&%u$YAoms-H_@3
zi<GtG*I1FJA1|>+Qn!Rw&6y*<;0qoDE@090_Ejp8Q;8HOuf?ygoCd=eN%;OO&{61|
z#iM@!;fbWGV6Unhi2+S>su9X;y=yY(3g;=nu4)H_W^-Xr>Q${b8xtq$I!~aj+~to4
zqC1y<$i_$bBbtEmM@rD)B7DuGlP>N^fqm!`B~J0B!MQ(_i(IpcG=!X9Et$lqFpV;t
z43Yu|)iF>7Gqi33L({LwemDq}C<@GmeNdF4sUcgBEKoc@H3$%O_BPSsJkWIaRsm&r
zmH}Mku$Eb5M=arXFuvC5t^$?unRvj$?lKhjHy)JTGs6RxAcCeAV!k?#1_@xxI}w>{
zq8y+QaU_pbl5#)gjN#dzmx(+67q#<4@I&tx;rcC9bmUuh^aKy_<^VoXT!`oRi}J35
z0m1(F7kwSMD#;}t>(4YKih#wi=mr*?u?h0BTz%3X&^q!m%BI_^zO~MDlUAA>Hsx&j
zcan8xSY@N^KFoaC#FEdb1;UKXU1b&#h{cQvIr%`LyBm?v{;=@mqq>04gtlfZ$5!RC
z!UG9hDMQgZoEHQinTPxxH;}ImGnLS^Dfa*Q+9b|XTh8okM{ms~R-^ARC+WQa%ct+t
z*{Yu$R`6*;kIRn9#Um1D>WB|<6i1)9b&&U#V~!9BTSWA}KylPVUD}ibLZIMhYaK2T
zd^@rIggXfe-9Q6nVV%XCVH8Y0$#Vr}()M2Ic3dU8A*fifx^lRGq4GgbB~%ZD;H%3g
zVD3hZB7(Fn;zmLunCttHq(LTE&i8aN_8u3u(rAhM$N%&EM#L!1>sMCQEEWy#uC-?v
zfot$F*wzr>3_SrF=RAa`kKT}{iV45x1*iBud4R`gBy+8#K_2}A&{nB6du-nFGn69M
zZbtt0&xmtOR*UcctX}+co@ZGO8E+_6^u@`bQn6WY&se=lbCnR7L{&dHc642&1S~5m
z`FH=D{Sc*4iRc$IGHedVhm_s@1n|O#BGzBw@*8Kb>g<CxrT+cYzZWOgZtJ0`uR3fD
z@7P^o0bNjWy0%w<a6`2%>;sbM^1Jp|Z@^-aU6uT>IF~wqm-=Fs#kG;hNuU1U5qz9D
zY0-ZIVcWVdn(L4{#4(nL9M_~@o*(%}gjaeoWgb+<rB-S+>OXyRQX7FYx%=O&H4o(m
zJ#t=X%|p?d=zv7cuHGTpa(MA{i(Vu(O%M67bwHjJ4Rzq+yy1dJQC>$Fq2b+gw1xMp
zoMuBYL^QAwvT4T@h323-FX5m@M7;=TP_ZhQV}HpKZgm&nBcAKLh)9ZpNN6yOvWY>M
z$UM@d;8s8d+CV=$>qG_`?tsY>qmA#wP`x46`N2ZKXg19~#~3Luk?*M)W?dlWY8}OU
zk!&kf;ob7GPGRRl7{m)?T4+4g{OTD%BRRLl%YNiiL#4mnjMqLSv2nj(kDqHKwkSH{
z{<<rcI;*h4_YVG)mgMFz(o?~~OJ0osy!AX7JKN7c(f;@b80AJ3%R&0WNuAkx*v-z=
z(4Ldhve`?vKsDa{<^hpVdQu`>R@cp}_8Xl!tIlH@XO;5vDd^m6FdD(*Nc<>h&=y>~
zKb-nSXiwk8G4?<k0(e_dPKDS%4m-T9netS%p-H4JRveL4udDD{^&3gLR^`uC^%E@Z
zwz`wjL-1F>I?=b%jBzcU?DP2B&2DQ9b?}<0iFyiR|5h}-2ZmRQJHq--E4fV_*<c7J
z(zPGjufaPD170A882;3!?uRh}I_U=a3=<}gGXEj9TscIh0I>}^g346}G)!F7i1M~g
zY-scZ`2M-|Y5g#2;q7gv-F+3UQ%!<V#~um9Z`+}<FLp-w;A_*oK)5B)AZ=baU>c4E
z0tnUbV_WVD6s`o!3fCjcC_7*gM}pxqv@#$nZc8{wxFMWQZl`II{rZlJ>$m1$NOyNo
ze;T%s4YRL?tGPp-lD09K($Be{JNe6gysHB4=jv6G`zQ;6cEC-jQyBbB9AaO;LbeC^
zkiXo|FB$=}^%4o2JzyJS%x}l-B;yw3l!KnekjfU1@>Qr8BFakebqPWx8wZN!Sw^Cw
zV<h42YKgo^3ySd-){J2*l4?S&5&@sXJpa55!^gt|zo-L!B_01dHjJ27>=P%>zd#>B
z(pC25Fzn47)xnXtJK8eO%Xp5+3*U|6xhH?6zOR&SE9-dltwDh3ftirUOOv~wWBIU|
z0SY2vb}Ez8y)d!-dIRY%<g`PiS10b6Egn53*yAgRp>f6+$yjh2*4{s;?<fkVV2hH#
z?pS*U>&qm;o^^}H$+xU#=KNs6HTJgJ5i7=16!dX15ie%z1~HY)sWcDX@7gDO%5=^V
zHH(VaziSGcyqqJXy37^FE(VTSr|Dv!)*$_Ty?77`K?YyZBqAk~q1~AAX52~I54>Tt
zB0&9dAsZ27s6Xqnj+0&$d%ujg&kter$qb94S0o{n9bV)4_$hM##gr{oU!HRo%l$@Z
z=#iW-O-ZA#4zVyTUX9$-?nw2LIOp3Dn&e1aV}Ej24^64cX+)jtlLHc2Sg2Ihy35*#
z$D%sbALQvL*I_}yNe4u@L4kqe!r+m~jwU1@MgY~cfxa<Lmw4<=a@en7jhe7SW-ss3
zYN6C*O4Xxi;@l;#NPo&rLv;wb>XX9zEF~l=Kf$?72t~1b6$gK?)N#AY-0)L{fn2=P
znl(wZm6z~Nak|WG-W~}RJBOZ8pMcjtdZi*W$5S*K;*lh^PBjqqNK4Z+g8N=Y*@swF
ze7mF(V9_w3EkGnxablt2;eSbc9LIYfI%Z*LiCIl2eTJ?!r%%`$4_s1r{-w^+{HDLC
zeWxwrmJhKlDs%f2w@3V<LFCp%+%*j$uqwW9L>FnbJ=;(&i4^0d&4du|{0QCSL4_@O
zNu)g91Wn@<HT*&iymC-r@5=t`5f61Qa^C82M{%*Y+Iy^xkjH(y9hF0Va@(X>A4IAh
z>O^84o#cQb>hFE%5jrpG=Ks%AF|MwKLf7vl<qSy-A+{w@=cIn+%I@wDVVDdCw>KM<
z)zCIQ#&TY>jv_5&{f#!Gn-fcfbvND5lPs}M&t^;}24EB$9DiLz7tT}x(&|m50;^0V
zmpzs<|1-x!jyC#{62A}|0@|5V=b4=a#S{Z+l4Z`vFw^ADSpC4y8p5bsd!3tCJ5I8A
zXLd~VGBHFJGmGmNUzE4KRd*(Jp+fh~<gk~5P%$5OsS)ZlNh5;TR<sPzP#n~I&Tzv-
zRF-E^C9a8JjF3n7+)Uaum1zAARg-K4`6e)tAy^RQHF2A7=R0+E>E!*Cc>DP5sednP
zy%sIxSg^L-TK&)elv4xh<WR=T73u)y4<Asa@5H{a)mJK(exCm7zzVxRAiluW#|huv
z(vyGa@rS^;DlI}`mRg3!ImK76jwt1db-uA%CCXR4Kl+LC3SEZK5=}{*km1?7VYtd&
z^1)$n!{~eMfrkl2wsp;{qkHf+iAeJCqC_<HTY%^|W56^>?avd^_{d@jKIo|uz7IqF
zeCb)ZL8NSZ*iv`1V;zO}%)4d(TK%CyHPN0)1C2Nmm2zTn=rfvm(VLKEsve}RET42)
zp+U;BOgZ13XXz=iKiUYC+H;itPB`*{KqT1YCGt}(L*<cUq9k>2%oG|a|6;rJF*FV~
z$1(UXJh2ns0^GbdUJnrb&DcbrI79`*6vPb}s31=0sqI*?MN9@o=K6V+<D*m<eDc6)
zrtopE0hS}bk(`O(RS5gc)cccO6jgg5Jogtfqvs&q51FgNf~lKIFg(=3L(x45Ce&M7
zmiMtFOC7)Qv`#$By%l05CNY+Yk7%(~-z&2&lTAytuyGMDZAn9#FupRQOr}Z4E?gf<
zzvb`d3=65BP2uX!6Ssu3C=?b%5@UgHEtHSS<$<_%fwtz3rb3)xbdUSV5$s65Sk|{F
z-}W&aeya`(xjZZ}8r=AqVhtURioKdIzIysaE-|#{ar~8RQKoTdJT@q^^@C!3Hr_}c
zqa<_^LLo9Gz<vJ4Lpn*KacAP@^u)lp#Z$`>vc%uX-V9LnwYwp`_=AFd5mpw6@JJ0?
zWHN`N9Ss$kaZfT@oinx2u66cjVn>1}L>S+8o>yPI(f<WlyzrZdeqaAlAy=^u9sYoW
zZ33(%3DhZcQw^@WZ$3<9emIqweQ4KTORTLej<Y87@1z{`Jc~<J7I@mPI-2mJZ1qWS
ze#6{|2|Q`@<_w4$MhaKnLx_Nny5Sa^_TES;^opbq_Ti)vNDEb865r_GY##E8N}QqG
zul-Ihub}J!|59Hk&Qp}xpZT%SAtk&Q;>vj(#0y1i|K_8~73^q{bK+$~j~D0SjkIqL
z8K<GdRzJpvcTYOTK4|lQ*g6y@iayd#Ox8_(p6vHWdHL1}8u3=N-D=mEH5&ece+@Lm
z>mrf&MV{K(yFB`UIVNtPuB0niP<Icu?7vlVcEJ#`HRU!RHwj?7V5|3!bP6~1_aA=H
zj#zFBzrsad3oBFY_g^a6S{O}zqjk#=D9VL%4`Fd?q&MK36{N=1d3&M*H&hBc*{e<q
zB~<>d_u4MvTH3HrNrlTjbScjHX>whFv8#dIS2KNO{IDy67=$Jc1xp|%zQ@OW*>Lw9
zUy+|hQjJ~NI!E*mQZD%Y>GM<6l^->qSUT8eXB*?eQ)<KRRfbiFN3VuW*>;LOe;>?`
z*IZCwtMRHu<xc!84%?TYO;lO4)T`RKbt^m#Z)3R7R_E1L{p8n6m*LBtjNL_%>71cQ
zOz~ZOKgw%aKmPs2IsBUMFIGV8Z0VM2^B^wE*|g@Ag+?cbatnu(SIx76x!-?62mcw<
z9#i+=(m6wNtpTlRVLY~L@k~S<0zR}r?|J;SIGVIIyYJtVo9#>Es8Y&Q4cQbseF-S@
zen(N4Cvq%m6+?51ralJe%zG3aMrgs-bQV}{`q^7{X)#6>RBv>2y4scyt7f}eYW|}>
z+}*W_jl0aLZ6Q2gn)|!VvL6@>8yO1uS#1XKN%yDJditBMroW@;*LI|Z>ePt~#P@$b
z-D*$6K-KERaoyw~9{Xt(Y$AWUbS@IoL&E=9d1_?*NU}j0PH)53?+17L5^g6z&)bU_
zn#D;B-Twh^5g-0!zuF6;3hvJ_gjJ^@*nSEbX`Hjk7uETeG2;Ck5oVj#TNe*muov`i
z{!kbRdYWxMxfRZ0;fBmR-e}c#V3ocy2GU+8RfzM$5fr9|HxgU=1HCYiqfy04v|At!
z0xf~es*yKKbCIJvJ5GKheT2RG)&j~PWXv&BM6MEL53dWl^c^pw-6sAZ?<ZqRV5HUI
z`H?S+AF5_*S9@!>fZM9L;hY{a#9;26;ZG57_jOA}+_g=LFeqDMSe(t-sSBUCYt7;&
z@^R06`2WCN2w}8*OM=cvx?8u^mZ+VWf)89Dz@-ucE9iaj<(?U>>o*;%Yo-g*P)<Pz
zKBM9A^~zfntpjNQJ4Q;|^|i-%rXvEh3n#)^Pj^n&k9o&`RqK?H5pl&FlrWw`+FacV
zL&$Mv4D&vjkmj?n)U?0)-V5AMU{Ry$hq1N(V2J&SI-69R_*O8i&TzBt2MgXk-HRwS
zgAVXEEwVLOOGaMdU)9eLl2$`B`wVyyaglsIUJ<QAI=F_rQDNEM;c+YSh{;d;@*KyG
zoo@K0&(&j}JD$rj^0FNI9;bjxxxxiIp}LnlitZmyC-U&hU3NU}-``!4Q}gf1zjA{W
zvLd?n_aJBcWt7)pPRkPKCYvowX3sRBY^-Y5kR(g-6<@{X=lnuM{}bPdcNeqtxK_1f
zeLk+~?#K%N3tm5pvKeWtX6O$|*9h83Zye6$V60GA8ilDQy=B%@)zJ88mBQI)icXay
z@RU#qMy^c0;Ijx->@ABpeY3!)D-?G9(%RP6ka)I7L-|ZZwQ#ODfU~!h!^*xppTP->
zA%b<(@o8o;`mESI!h_fW;T@*;>oQn~rM`Gun_w&W*cf}G(kpM5wW}Pm8<k3U$XNbe
zMB)|jEHy^U3wBZ-<X96p6Dr%``vYIlFXk{%Z2fHgJ4D@SW33GR>Qi93^br1CbG2cC
z_v^Jsx=z$kVYy0EpCXH&dv66j){O#tkAj+Z=~JB5*H=l?|4ClnxAmx}E7p1EQmp=<
z^}s8_;PwgjZY1$ujG}Dmf|T$`&i06Yn-O(+Cx;<Qp>)U|>z5x*N!rkzJypaqS>2ZX
z`u_wNF+O(nQM8j=N2NgedX<HLfBJ}kL(24Sh$O9ojM^$tsU_=<I)<KLdsq{KYn6}^
z!H%m{$e6uOx7u5ghKmboFi;MVFdL<UUOkQ~!4}yev=$NzMy~GScl-OXe4Eu^WC<pk
z>dIhi=CujC9UbD7RJY!?$Qjw0SQ49U9e)C!X1c3A+Nl!DNHD?jBQTE2FTPfjDEdPD
ztuFGe&@&%TnoT$tE6KAj<okJs{HxpV{Pk&ch3zw9^on-y(A-sjwJT90?Fj9z-PP}@
z*D_xEolbSS#uxFFFUc2~;^FkL1GCEAWi6~DnS|xI_Hj<nJ>d_$W&o!@sPQIAU=g%<
z#}f9`OyJ2M+%r{lxgjSJi`g|VreASb_5ggz#jT7~EGmQu+Ip8%7k=l&erD^*qf1Y1
z8J;-#<505f=5vWrGqW1R;)L~3pt0ZFqJ4-$=&~{4MyMcdDo<9Pls}U)U6b(a?eLx%
za=`J2h%xKlFJ;D}O@5P0OMm~dRS4(j>=@(G$4AJcxnZ0B${Tj_Qu7^M1echDlZMkJ
zB*Ec|ts3#yoKLZWhXdv-KlsbyLQe18E{~uXg+6fe3A>*oEx0Y^ZQoB}EGG;G#Iz!!
zWZUX?Atj<R!8+NMX}oSf5m-la?W4T#KgAV@tzGFEKaGvEp!$D>rGM^Ig+UGmjXJuN
zZTwdBWa2`&LhOt|;O^93K69KOLHS;LC_-pK82g6@U~$T15hMdVz}=AHYjW(}vJky8
z^5p<ZZO|)ptIbRoZ3iHer9tw=wLcw0J^7AeE(0}Q)@#pkl(?0#6@?#+T@Qi|c8R?E
z#b#VK`ReuH3F4L)gE=K(+!LNVqZ6vU`rzu;u-?a;h}(?8DdEbc;i~e=Gh5+sqD@G(
zLQCSx=5q1NE3pgy>(2xWb91m5yX6*C)BShR#3}v{#@XN}t~(KlctLb{%VBH0QPRru
zY;a!??iErkzH9mRnD7PqrN6Hn<@uob_;{0H*XJ=K{9755jx=)loL=BMp78bnKzIEI
z`HV1ridZU25s!>-CD*0j%<>A`;d!udd`XhUoo0uJGpnu`MI_gLcrC!=v69koKu+wH
zmqUaRAc^WAAkKt<_E10bpMT#O$*J~(=x>rJJGAI8@N#2B7$bceOg9+n3oXwW8+gh-
zKN7`LyYUF#m#xeh{B%aj1+MTDRh%-hA*}98YjVL7o7eanxX%!D)J!Ie{W=aXQZ7u#
zvOM2cjlSt90+0li;LBP)hMJ5t#~rEKT)eUSEniOM3>V|9*c>u<8H??*-Zbo7)9pn=
z-#5}F5z}i6kt1HR@-MV?w<~Bl@OiI>{LbKBiCiu=Fnwj9XM6R#z{M<k^4)`WRR4p&
z9p8)}SQB$V+z$s-v6ZLRBkOjHRsXe+@D?u!@z8l0N_0~bU&xO@=%GUCK*n|-T}J|i
zY<`fCHFq?4`XzHP*?3T}VYHJvE39y7$C5uV4@<4I0=C`R&6@-YTXK`%gd{^kn}{3a
zZ@<Oy$kqEcfBxFxUg5v>Y`$&#`DQtHjNViIlenSdGow{TxPs=cq&7{v?He17MrljF
z{YBiwK+Nr-nks(>+FfC3HS9Irv5~w;bJzp1hX?1tWj<075V=TWVP9ye+&OQ{S|o9L
z(F-qs^yP%yZ$_BF(nZrjqKi{@{P}$Lu3*(sGC+JhE1CAieSGcdWOx$YpTJVRTtGaG
z>v_IF+;FbfNQ#wZFRdJpr|RA3F0Ql|l23Z2A8K*THxW0h2CB*BEooA+V-YI5tc%=Z
zWBsq&MdX|Ru;1C#>Jp4|Te(udV(#^v>CE=LTZ7jMWqe=pyEEGS()`i|&hod(s~xqW
zA^Hj-lrTzdTt_H-ty#Zd*Z9HslPM0_S?X@Ha~euQt_05FfBO-D)T-1$4ah#R-K1jB
zCQmIi!^(lx@+D7Fj)3A)8wdWKl>%Ghn*&jV(J+EQoo#D#0uoy+J;UKQY;ur_n5R54
z*`<H;luplV$wh3Rod^JnAIxi6fqZ!Gib6H#4m4OC-QF1`U#j94f;hXbZ0u`OaC+q>
z3o{oa>~79U@<T(XxGKlL<E8Zzh@>En+vLHntmY9hq>OTf8<IBKz$mu^2|WQm#%deY
zSE)!o#Qn?jjYBvDRL*-qBfLc&*-K9_cbtetH`PmpB63)R57sq?Pf<$5x6OCkCrf__
z$b57xJ_gPUoUMyt?^V5UT?P%lZt7e|-*OS!oHpaW{ptt^wE{(t4LUWbP8Y&Uek1tS
zsWD`IGI+C7;uR0=dDQt|U!C1%DNYFTnP+GR7(C$AKQCK`J;`_Ku~-W%G3%Gwxko~c
zHLQZ;m4x0G+4Blt`Rj|CUe%^zu@iCZK<a^Cku-(%Dah0}N!CrLm*3)5Y|!Y<9|rVR
zuWk=~M196vOMLGAk60kD+SGONZvoo~t<!MiB%u#`*8C_BP+He2OZ+Iq&C)#ZwO>7d
z{OVF=N5JlPUaG9;VYM~u^oPrb8+pyKu3SFX<y8W~a!X}6o3v8J6-LVW-M~{_26UAa
zDs$e<*iKdKM~%k)k-IV-*l(XgPLcIJDQ&}4sO75o?XyT1(nW>dT_KNoL|um*fFh3i
zU*gPJsxZ<rKEn8iq{OvWL&O|md^I5wy;=)|P*`qgeuac^Iz!udo^}x0!S?F5>V;ht
zn*Ma?kvH`j+1Zei(N;h)Rl77?7jl$`8;@PI#D|T}_Qk$U)^loeSk(|qyfA=r3Z27+
z==N(qwBI-(PvlWQ*EGw~up2hd5~#WQNWI3tlCC;*Iriah=Y-uR4?0R$dUtWfNlKhC
zu${Vw`re=|RP+u&Hl5>Rfi0(H(ic|7f1E)Utf>A*tg?)f+*g+jJMoO=v(vrlLGQ<u
zkyHnU$Xleo8B0^JQ0-rz*avYCf$dv$MyBejaNnyUjPXX@zZ;@IU(Qqaz}GBX+!HiK
zf4>TeV_ISd2qbzzD0y4^z!IVyob#bPqE4+Lsf&9KaN82%!2L*@vYB_Pg%6vg!^vNb
zc5OQ@Qzob77=>{FpYnFU2%EPf%9(`D%^o;xrP1^kQ=<lsSOK?gYs<(3I45o_#oyJ=
z+cF6q&RsRqJjUw%5BIhY8QJO=m%FO<d{k|U$LY!?MT?J|-=kVXiZ2Rc?yS}1p()e-
za_q+N!BHXTcU=}5=x4Cx1c=^oTuC}*c{|u-(Q2L#()-q%hxaVF?QTpcIt^o$jXoET
z(1L7V$Nmvc&i+ofUJO$TO*-y$fuop?(fQez!&FXx3*;w7=RD33A%Dtq^$Yrg9Eld5
z@Jj}UW8>Vhf*SQdZ>FvLnLBujsXMa|4gV2zX-Ta885$P2O^Q^K^%_wysk^ykpAU`(
z-NYWY=#?C@x)$jHwcw(uhWa{3TCV;+_3)UdVK$$F?WZDsO?#`dR_+WLC#L_r5H!Gv
zjTO8Ha_?peB#pC7yY2U78K9<2<el!Vy)|jz&)N^Co=+s`BJQtQ#u6#E>-4qc-<Fg^
zP45#r%qgYK0>#s#Z_<~@B%~8A0j-<ov=Q+tUB{uK-emdvsCeenU!|l86Wh3OtPDC>
zZa-QvVe3xxsT)a4#TQfRUQ9}Q|3YYrAxT$JP-ow-3d>{JlLFx1ta&#0x=R))@;pou
z$)!d{ETXXTz<o{F_O7N$J$$v<9{tNbdZjqy&HxIG9q}?`&I@fHNK>zzXY*$ES?Jl_
zSf}lmou2LXQn|+?yYn!F5cb%>Pg)w0_-MVWqY2C|JQ<CsOF&;`s@X&RUjy95O1Kvd
zl}(OuZXe@3xFZ`<9{ccjvltp1g(|~il!+(Onb3o5_G80{WNYh2VF$1+gY^1Mw%x6Z
zln@_S-WexrEtw>4j$%O44s@(^bZy07!`GLP{X4JyvfP?1pP10~qRo%8?t(*}8O@a4
zl*A&2&&a~_rIJ{g2g&6yZ;AMdCujb30ev^N9uJa*BUZDav;6D*tVADW-h6?+2f=|4
zCTdOljT%mUC#QRR7PGr<|5Efh9oTSHNRT#{BqMgxq<L-jQ%;90)Epl8omjhK)v|8;
zG@;NRC8ul8V`Bm=9G^!yL;+hYj7%Jbg(W>AuM>SO3mL2B2i3)e*B+CI4`GTK9@8JT
zyq^^rMddRW?8a>fed%gO5s^-r@r={*#|CAl$&VgspPL+Jk%Mw5(<f~$Z+<k?0nUgf
zPLAHHO!-Rz<Y+;t%jC+B6aF29qtqnA^~xs_*CudI?{i3P4j8Jo1$gx(o0>|AiQ<tB
zK3j_$;X)wBzT)^?T7E=xk9u`){PfB_{pnM2w}|MNMeCyW<7Mya10nz3z|WTe7r-lH
z;<exnpIPE+?)0$x7H8Oh?E^}R01qvg#xSSb2@B~MjCJ6F=C5o_cuIh{cZfQu#^;?D
ziGp3GGqULp*wTk4&F7WZt$%r7f|h(&&MU78B+*qv_1B|ypj^b=C%_x$pXeb-aJe~H
z$m1jnLacR`_*tXgyVF8+j*EUkXLIX9-%(C4Tr$~3aGw)+dAJ!NjGW_v9I%1b;3o$!
zbnM$1ux*DL+m%!uK96Yqg-$Rr+=U3dMtz|Ht1g0%?uQlYl+7X_cdkPID<gre#lPFd
zR@{dPweA;+@q{WP^VcA5r>l7hLs|hNF91nWo_ZAxp@r7Akf3<$LAm#j%KIZ?y)ul5
zz$TP;W@7w8oW2UW0j$vXDJ*`<$~HyqeTkbjw2B)V&{RzRKm8HiR50#me^wo+Q9Ki6
z8vU<0BcM5{`YNLl^(mkl&Kq^kaGigX7t(FMVJ2M=iy;yH6n38ANfKcEMGF;89cJwW
z@@cyIP~v3T6O&}Pi|;MT3pe@6_W4?@8OL0l_%y(3qATpZ5>gWtZpu%is5Kmlm8<B8
zrNw`!+VPWkKJ<0#cfhxuy~1^m>9Vgm?Fu7dDJ{)AVh$objRQBfj-pY*R<GH3J?Yij
zy1Tkn;`jq~{5LsYUp(_8oCCQbw7e+omG2I(moTGlBb=b%u#<wIirze{tx2>&P>&+d
zex<6x5>E$gwS{r>A!yNt7s{Kcn#~V*wDm1y#cHC#1q+!XK<xf&dW-1GL4ZLL@vh%w
z!g(BDV0`VMJENg@I^huk4@qO6qp<KWTrdy2{a`LERo0W}gRc{+;Z`I2Op$3Bu*>ay
zJL^Tqcnu0e|71=@LxCV<=Nu(jggrJjhpd`0w_Vs@H!ARg#>Ef>k8ahAM*)7~YG6LL
zDct$D>*+mBk>Y%^fw?F=FzO!bRqw?*jrGou<BR5y#M+sTq~Tq;O=OOU6w=#EFe*z1
z?V-8hL%J_*a<tyB&-uFGClDtKY_AhiqV$sX{&eqimW5DKN0K{@a-xwBS+Uw_l+N{<
zE`o4iT9hcYm!px&sc@r8$WvGF;~oicHqOue^7Uxwhip<2VilqBlMI;0(Vm1Y!%>7P
zntH5dBS8juu*f*TP{TQgLs5QO7sO3u<o2|u*66zJuln+E{{4Pg+KoS^V+0k@gd!dV
zA*Vby0{9lhXJnmLE7ew}`X3etZt@>!jEEixrHbh#5Kaxw{X$U!C7XDJMLvkT-hMIu
z+(2!leiC-AWO>$1XqRxQ5+u8PM=UVkh6ZAH2!+_RWeAJ7KV$_=gq)B>UKAf<UJe0p
zm~VJxR=fN|!Bn{^4A568kaiDoc+^#EE~0)kACbULDIKwJYZ>F0Pk^+(<|gt$4X7fD
zb)-qlu3GiK7s5sbRB0HJtoTRDhl35AH!+|DdTb+>!nVmlLth!mAfY2jWhGN-f5Sef
zPu8S)vqk(r=CkoNZ(DR<WkGggVo9FKPC-qTbfB&v{?Di7tMIWXbL;?Jyjcz8a6A1%
z?cc=Z3Pj4XHWl`F7Ye}{RMj169Hceh6{!O${@$dqt#u659+stS&I4j?;y4vW{gyK1
zw;E1w)EV^tC9wWnX;gr!=}NeJxWqOo6I`9l`ap<U{1|Ew-2sgg>pSXLIDB#L&Ix9(
z7zQ)|m=BI1xafKhjkiRQV@F1<s1J}OHIe6JbkV7i?!mdP!LnD@);q5jLKLS20O^1g
z*S!Q^P?Xs5Kw7A!ULs0{)@v$x%X?SOOSS}e`-PwHETMTsVDj6~)cv<vnx~d^EskAU
z4Tq!YK-A*M{FEs~vBayto5KJ`#YJwuJqc58;j(a!&f2;+szNu#Go-2Z$0?jO_ZW<X
zZw@u@z!vwYxRhEQoRFY~)@WMldAW4rt9&uugkKXfn6;Pci^jM$Ag999kt0)m(@by9
zj(d2GIJLDl@FFAvXRPO{9h4~%hY{7h)Fwj_FecR6N(b_2jitK1AjS@O{zg%ePH3cX
z0>7AntXT>QiaqX&BniqZ(t01sKu;zex!LMEj;DZU9}1-BPXcd#Ht*PuZ_O|YbO4LY
zx9Q<F*JadtU$#WYB`ZMeqKIOg_By^-GuicGD`a`!e&|V5-Y2j;^at*B=|U-v&__6&
zBq521@>qaS@uPS_Q&Q{sz!4tkY1fD;18!Bf4kMrrh>4*yR~_*wDUt#*tGRx-0}196
z8axUiv8u+3hN6E08Y_j=qGHY)#vJ?J)Cy19B)>gHc}pGzX~$jMZd*p#yO7vZiOPti
zHLmJO$3XOv5>Q0e=7q$kKh<|@<KX$DO-(e)yG9}*jQcPeeJ1iqU@Yxh`FVApk^c*=
zQDN7nY~bXwW%zN3mcLvn(^1n8n0CPXZm1YSS#Ucc4-4+@Tx_kwgD0X`1Th{uxyLLq
z-I>@`C<;FGcs#~{YLqh2)qguHe*1{eo}s1_!J(*L4PS1J2UBK@7rnOhQND(w7nZ-O
zysvWYI1ubTLQ2ytnTwwO5upx$i8d9yZ?A#vin^s#7>EI~=Mdg!cAj7>I^V7dC~67@
zrlI*&La*f$+z#tejYE=Kox*o0{#!qL1B6#7LxCtE-Z$Syw^KB94l6p7UQFR;sxZni
zW2Pi&H0F&!M30bG#WOUtU$v1A--Ugp-wecOBuNJ#Co(Ju17E;0RYwG5!4BH3ld#99
zrNYxK)^>Z99(;vuEUW?I@R@X&FL~1<w$m|JdI*ciw~CcP*luj6?*G-uKZZcJ%?Yj#
zAi-s2r(?3Zm^hYox7StK2<(I$#PkWlLVvoT9bc@|Q(#kyrv8UTVCmBNda;P2T`!h|
zK}nhMCbq{H1lIWMip-eeG;}HaMCGpasE^8>GI=cvDp-AH^1)*PT^K8m)&Ij=abkly
zIO<*4BSR)B>K5CWo1V?(Uff;r*V(d<|A7=ubNLehA&z(~F=XWhOs(v!=p3fij>!Nq
za1>os36jPGc%Ua(>el)-B{X!T%?FQwv@GZ^Ip-Qg@r|DEC_mApG6sD6+k#4htcZdR
zx_1>r^|5HrE*z4-W!Ck*(h7KUwHFPr#gptlG8`gyf>teaNy_qyJ}<}t*IYXZ<2GK-
zh{1CBQZ5J<edIU@JNBv-b>j*ASVM0U$smw_oBVHSS2j`@4iC3|BQ+(8gF?+!3s*m%
z@FmuwLaZx}?0nw~(nLnn<-iXCnhfxvkJAn#h_a9p25q>BH9<f}Y&jnkGSlJaK0j2E
zG5P}c4kT@PM3#CfB8sXE`S~{D1lkhehjdc5xj|7Gco^@4hrMc5upDi8hvpoa|Lr=y
zNCa^Ph#m;V{EW`1wWa@jz2u8<vB*tBQRQ=S-S+ZE_0`t&{LP@{r211J9Kuk3p5d$w
z68__IpFF~YxI+d%U7i#Fn&&x-NxoXA8<M<N*4}&G(0ggnDyf)=2g3aBG2zO@6hM1L
zt;KS=dA92)Qr!_m^);U;M>+qHBZ?dTpZoCtH<^=;<vZdvTxR1|8gDk_Bz{_eZ_NKK
zx;+E)3d)J&azEj*$?94~OP;{ESJh4J#NxFkJcz=$aG(lK->X6MRppdB6NcQ@VDWO2
z!Bqv?_Q@XjjH|dR<8=i~>_z!<;BBYI2?X94>_K=dnk0VSfeW?RnLmt{0C7%$y_5Qg
zQs(WL*rZb*P;%HkaTh^vR>fiW{ZPvK{$cf<uGw$6S(Wa{A%kf+QUT$__pQHQi%VTI
zSYfx{aaWmabD7jPnnkA#Pit6!z&*~%w~E{kIH0rNCVDd3zqBR^AGVNoQ;$;b4O<08
zc~ZN24Iakpf(c{$;LCG5Q#36;-pkz76xI<O!qXAZwo2_lZ_69W7x$O=auDv!#Srz*
zjThgGgTrJ;n%tY%N^0^4xt)rQMQM@`mL#_LuR72qmU)S2XnY`m!71OmRTC`J_n3(q
zukNT`xj3Pe7^$dJI9}g$?;kFZtF50($8@KvHJ|ouf1x@oxaW+hkds+b>V1tk52zoG
z+kKi|EmixiL^VaY%~<vuBKXFFebtS=0{bD>Gd|PR0lxn2+Jb_D%NP4D`On-K+{d4z
z;3?^z2d5-`0<^?KGsB_k;F2cMD}5QB^@q;P4X1$4FrUJA!=0Bw^;N?<3^b!I#AB;=
zBI|T${oE&~jJ;I9_-a2^kOs?ccK(|bkTQ%Qo#>EZI-i+H<YY$gG2!l8K;3A!1dsZd
z_W|Ce@3teorqIffykgyLyk>AObXjg-hq5zrdFMEr^*4vD^4Bu{EwGgd*_;*>G7ygM
zTPJO<Udn#^qAS(hl*&udEybg}BPqen*7k{Or3y~+-ucXOXS+xe^`<yMsUc=pH$1)g
zvwjXLqpUqHwBl$^E?xcRQC#QTIDq);y;$Ssc#2(&gOn*)boGukx!7RB>l9h<Awg*s
z^X}I&2NAPg9KEk_x%?)$M!u+pAAi=<h`#PzJEQ;L08#hQ*cZ8UZE$U>Zk-PS0<17j
zix<)0E+>*8lT+2S^!XF0Fm^lOxOVdmN=D0^&WaVUJz~$v+PWysbmgvR$Ptt&cy+Nc
z=Z72)Q>0HW%U~Wyl13_#S@Lyu5wYm7A`*@dX~^azIf_R~hjC<Yf}W|cmG^{Jyz^Lk
z?2@KcPRFl;D1Q-RJVEcOU9PH&fC3UP6)Z&!lfk+j;C#lC=%E|djusoUvG2mpquLrz
z@!wub9^iggTT9wVv@l3L_Dvv4Jwf=)=@K0H7_ZZ$52}w77q|jjmy%w3a7P%0<r#i!
zBKlu6gHL1Gv*QV0ZN*$(n5*#Bvo&#EV=~OnZ&&$mo<%*Kx~RFo^U(JTV6c7R7hn9N
zFpJIF5*!y7r$>L%`JC+jK$2hAv|DH1*ir_SL=FBXREXAZDmo<e1F?TTl5%XTaPVa;
zhqJ@UsK~pR#q<ueI<3n|EW!olN%4)=(jGHPxgfK{K`=#G<yIk%7up}Lz8@L#=-blP
z8*%npf+DghY<rZW`0MuH+BEntYbb;*X@Rf+ul{;cQ$$nUH^f3wu`sjS!gQ~n<X;sR
zbGmL!-i@t?6_B<nv7+{xIO6P3(D$f&I@jEk>Gd}gwma5lm_K4S`NHk^Z9-GeZ(Krq
z*DzAgS-TP9w+trq6!U9xn(#S05c8$O<1-P)Vnw#CeM9QPt<~F)nS>WDBdf$@ir7~?
zc2%an^WV5k1^=@z$KOTn`;S*6>H%|ZIcel7FJub-aW>|lpcAk!m?8n*4b&{9^RqR1
zbKhbXl_SjFtlZ{g-FrnziJNKRFkKHM<##6UQM*dL=V!$?c-oB>OJT-N5d2s<-J5j*
zGX}d=T$mH}D!*EAMH@>C@djnkMb=`9fmT#%&tPT3lt>$^e5QOlNE%_|u<&0?FKPao
z)vfF)ezqLfdLFfK`Y`n_0pdK^1DW*O&YOSW{1<GfJY65z)5p(AVD))1>FX@!w_J&a
zM(tPba&p1jzJkuiS8_e>^|3YfL&@P3jydHJtB}Iv{%eVU38r_Q-Oe!UL=qF>xNETf
zk24fA$<5KdVS@p|gCn6Ieh^|7yFPsV0)nSF&Y{H453zalPhMfE7K9p#)h?$m#wNHy
zN@@XThr-~gISe`6W#!_&MUtNqgIVqd62r)C^%2^s56dUy8=6E>VL}I@5DtV#KkhkL
z&(xPS;wAsaEq@|XMZ<R?Z9&C#x({n7cZTI!OPDDMGmp8$p=)O*5nU{Zx<3bY-c&pP
zBrF}T3(`z@=H(lCpEHQ}TT14kN$VbBncjM3(-BmhX1;zNea(1j_gbm>^&Aae(r6MO
zaYt_P)Cbu;Rc5acYId$-f=?96L>9R_%ib5~IR8M!tXJyVh!Kl&GR$O~%v~ayx(#P0
zIveVB-AQwxmX-|i59dDSa4v0$;tl-K(A1W=BP!(k2ohutXgxW&-Es_wQG&{ATeM2f
z1fZI{OG63)r~N|vG8t=l76bP8eyudVBe-xA!t?2R+;&7Y9pm?uFzM6(S4umX=(+VS
z;3EbU?siU12G#)TOgvk-o`ssc^;pJy&CdM<pBQ@BwOt<4KK^YoDDE?N5SqUOA;y{X
ztG>3m_O#{Li5O0GXHsLNflzNhj!5AnTBBr!l^Q<;1!8b@E;?zqg4&+$0YL{zy(p)G
z93F#b$Ejhg>Sr2*OUf>_S*=ro$=VKE#xlgM0g=tsI#h~2b(1>t1vS5dt0OKQpHE|t
zeBD_r73scJVqHX*4ep8$jQdV->fl^1{X*Cr;C9Km+UOsU!F-*b6T4WGZLrb(m`u;P
z$l;{KOc*F>m3yI+l(heF94+c38eR%PRq=N;>h7Okn09wnl_fJ9J8tQ3L2nV)(9plJ
zpo=O=mHa!u)LZqWYcM1QFu&CIPKNR@nw)7eBMpK^2{D^pRowNi4mq{r%k*2vIDGe{
z6<hYPi!thTS2rbbEmM_&Ptw!Rvx4%n`?!~vgCuJ^excTd2!9WPQK@=p+dYpX>$S&I
z8}XuswX}9shZw?8rcTA{tVHWGyy3ZT(qS_&`=b1dZ?@xW*K$XKZU$*N*mfjE_h;8^
zF#eF4+_xZ^wZqfDT^Ue=o|9Zd%Y4iR$^!RrW|vWi)*sg;%zOY*o&+=Hv*L(>8L(Hx
z5+zx<o^Bc{vG^8#5~Ig>$zW^U-JEovH(9TD1P;7hHxt~}bHzRpedBoq?m&k1X#q(=
zfx84c5Ryy0aoK`{l`BRsRRu()HcNJE2vpv?E(cZiS0^RBS$l6liPjboygX#!khL2@
zqpzLNn2t{gtxsSrlS!Kz$;X3NeFdc-j8g7$cAK4`{k*BD@w8*9<Ya{|lG^xt@IS7g
zvAM9VFzyJmW6NP=r8_kbG~T4+4=l{4vy!?rc2W;!pO(nl?{y20mT(pdkMdRBh{+ee
zvlA{?u+JpVm#}ttGGwno^^uG5H4erbYL|DVguvwsRHh~8nSa(U94giM{NlHi{mEB9
zMn%WO$&dEe$$2M~6-@d4I4mkwHFSb`rA{qwPqk;__GP4w`EhRjF@N_`Av~JOGMU~w
zNWVFUrot}FF}+-EK4j%ZO<>R;>DbHN`hg<PPnypWOW`Q8$}hw}d0?;{$$9+UAV#Uq
zZD!D`B=l+P+IZ|A7D=D|Uo6ZwVZ%MN-X5j6UXln|#~Uv`9&G0@2l5f#4UF@96CL&Q
z>-w4I^WxlU#4sNMAF|ojhPE}e)xDy(vbG0~BSGYT26UOFP41LvY3%N>{@s472BDzJ
zv@hwf-}>jbw;e|n0*+nnCP>{~s=7GUb{RocKz#&xUnlnHF{G54Z2p_V7HUP7y4mrn
zqw7@lD2y1-X4vFh$k<zhy5X=iQ?s=;$BN5Z1lvC=9Z9uE{sOE#&G4D5svpZ_vlh_o
z5pr4;<s-ac&4(z2wv(~_MMkvFL96a0`rceD_``nm5H8YntA?U>qK7@Qu)rbr@sL*L
zO_9~Um@{UYJE6fhf6U!+Ih6l%%FW0A@Zv(Ze3d#gajn(D!hE<V^0TvVpoWly#*-5^
zNW(0pnO}#n50Boo7?4=q*T}Rbw$%g(VINZZ_K$opRsdQnHxaa~UEsX#B}8ug@RuJv
z&|c#E!%^xN;tWy^?DUl*#M`4Nao5LT0>>caIEmt(R3;LJHrUP?JbT>x-|+Z=B3PV!
zw&v8B4E|_pNGI!_5;-SCyva>sKFBOblh~daAEq2wADJIaLDgCx>voqWAEHc=i^$vA
zNU<ev5<@)a_91C6QNyiM<0x3*jVHVzPYKxV6Xsy+=o0KN&1B*dO4*0)xX_1tJhS|%
zO*1}*dwQlE37L@Oo$w(FSkmHFX6s73^1h`{*I$Uw!5!wE8rcG`{i!~#dOT%KYEgw4
zl73+@`*4j!GR=OydYN>ubo=Mm4@~CzL1jPXyZ1$V?v(fSIx~9%*|iCcNsQLcIj_XW
zAdr?6B1btgr>}L2y?QU_zG~-*FgXrN_BRBZ6{jLSm4TUjE*6U2cuZn+cA(_KiWPxu
zYmgW>5e8N78jiGjqW&Iv^YOQAnDx5VW_4c0rF|eq8SOckFL8}|<kgS0QP~x3#iJ@f
zbvT>0{}1`Lb;56JeBohbMv1_(vl#lE>~E9Y>xkTs_z>Bl;x}zM7|^F=4X(+Tn|LKo
zF&jMX2_gp4-2l}#$6-|K--e%kGDraI7?SUC2mt!j9-z$Wcym>emMn}mVj8g(!FvhS
z7o-P*omkKmF10)9I`Hg`RA+Rlw{k}9OSF)rwXJ}&5i8Cz*zmo8$V*d3g1h_pfRrSp
zN;F=|Ss3Rozy65C2WdqWw%M743nS!(|5=IDc_@U-A)#1?*ZHcJiNsM#rh}>r6il~b
z8ZGvW6NEy=_&@%>8Msb6{Ru_bV(*H7Uqd&)z@xzjy?IN~PBn;)-9GVT$@$)MCA;0S
zb+avXX@LnjW+3-sVKiS(>YCN2(RQzAzl_6D_QG06D-p!4e_}DS@y8QgI!~~lnzIsQ
zS@1_UmT3w)ADP1WiR7SXiEn*ZZ-&93(0a{z&Ll^8<|c}6&=4jZ!fcD&X<M8u%qbR{
zdD(~C(mixty7uUr)Y$>sKIaKd`mbegW0@!L$^e>9KNb8>Az+5JrXCvDqSR^?D8cUd
z5By!nLLP^oN~J#-Z$Gr}bnu4>&L4&SNN;QJ!Zk+3X;ruONm@LRXFLbfbE2~ecR%_2
zh>UA!P)2fo$yY4>DOY}#*w@!=hJ<PfNgwY^xgnr4fUZya|FcRYcFt=~O+3iE3CCq;
zu8R~Ca<_6Y)W)>=mCM6>bCZz{IPlVXQ#m3QTM<oX>9!=w>Izj$JZwJ2me$rgW@E-B
z=q5!wk^rF`#EHLvOE520xK0f7q_nN46so!Vk#%B&X^9mT>P#_s!0Wb}BLa+;%eE3n
zIiDzX%K*r$Seh7~yP>57im6!(kB0S<E9b{M6nS3;F`geqQu)`!g@}sr&pF&gc1Xb$
zzO%OyqnRHqrcbpV+i8!8{H2VBpG1v-1QfVnc79=q{D#b|jw|E^uTUmlzYIj-XGIQj
zAv$Xq0Zxu|V`~Eu4x(4eqA;7xS|52LA99k}{i|;xu}`_Uf3^HwcqAacXxW#}t+h_c
znPOUkp6rK8jO2|6uW#hHhtwo7GvJ@e@c!AFupV=AowLk1m4nj!C<@X#*Lo1A2%X0u
z-64%bC(EpJu(qzRzn`N&=bvyjX4cEK_*NRK*`*Zfg^ny7!T^3}TkYbKMtAv{8~wRI
z`{mwL^k2n5yAX*JjfNX1Bjk}kofbK=cEX561CRDs6oagN;9N%zmLn%7;_`pDdASy;
z`##r<Pj=-Ableh9P0(>|8g=X2`{-+9`k~)*40~>$2iLT-xoFQRl0v!uC^rcq+8KnT
zq-p|N=EY_&kCQ!=FVNYi?Hr$_AQr`>WX5i{7g3Z$C0Es(3V+UAhsxfnH_ldGRF@~w
z-!-mQrk_>}%8J*%Jk((zG9B@FxNLo0DdZk1N~O*y!&l$Yqwzc1&RlSB*QHhW4^0P5
zeunuCf1`KA&ucCfvS!DRy*Pt0COCRo(U@Z3M_;OR)xaLG;`qPrzB8(+CTjQ4lp+G6
zAcQIkFQS0bJBWaSK@=5{5>OG5PUrywqA1cuIsp|aN{RH|dkqpHl+a6rKtfG`1ajm1
z{=9eH|KE3h%{sH!IWzn0v)AlBd!FabYyI7<(HWf;>QwFV;iwMbKp&8g)CYFkj~<@g
zeF39h06uW{Xu)}yeb_@WOu9hNQ$0SW(VMJSA{nOME9dd8e`y_SZ`1nqjQO+HimijN
z-pi88Z?;%X2C<6{CDJ!fTrfOOU3*@xO5}zt_0uvcS>&_SRX<G3RBFKmNfZ1#5$?c1
z+ImzANz6)wQ%~Rn_w`35_sD&*jKk?+-RYafo^m!EfDO^xrebgSOx<0==*m&FL8xR%
z>GgATnj`wTao{3+{3HC}ll&HL`U)UIVf<`$wxFlMk{>8TIkUXq9sLJDGR(yt+D+LM
zk(v{!pD{>IH^p=D$Fs(?YrAqcZ7~dX-gFG3*WsG8*>J1+oLjb$j0T4e;FhDhAK83o
zL>@flFH2Tpx*CSzd2J{ZKbySn6srSaTHJs`<wW%<TtC-DWN1lNe9RTYsP{~bd@Zre
ziXBf@Ca=8`b4$tu-56Y=C|uB~QtyE1Y@<PKsAD43y>Vi!niY`rRgTONNqnzM6*Jn9
zBQNdM(u*d|dKMTA-<ay}23!*p=xL4x9(ZAL=ryKlv$3a7p#ha$60x-RtCm)fdv7MI
z@Is3?43BZ!M3<0o^Ki@cZZvS?kSulOOvOc=bYk_=Y-H#=a^X3@cx^e>PnGnn=y-;>
zoMvFh)R#U+y5srHEkeoz^}V<UaSNI<47qcx$uj)0Ihws?m=3QV<UGMug1IQiEc51D
zWb^LxU<R`uQCbX80NQ&GnQ`@ao*rEc_|st#RmYMFKOwNF66-=$pf&}T$U?VlX*|;d
z8z&=%Z`#6l0e?5))@O12K38xW@K|oKHdOOdZWb^~htlbuMzmo3OdXj5{OE*NM!=F%
z%k}l_x4JTnAG4Q4AMvra#q?wwFd*O^XhuzgP>Yi~89$LU*Ne7k4aa^OATZO}XFLGq
z(@^gu5aJpKIWR{vf7oB;40XA1R!mHuUS7?3d;&R|u)IjQ!tP%e3MOybe6^75aLecD
z+v8?_e&xiUB>fMdS@D)f9saqdwnz2TXF`rQZniKr#AO>XKG(A${BnNkunj(bnWD4d
zb~H)n|Iw!=@22hdJHmFjbq)q8<bF~k0{A@dD-IQ~#i{ymrNQQd8h2MB?eu<xD?;5N
z*ts|eOA#|oEsd3ND+=m!)~>=(jJJ8Mx8I6g(ICv*{#N!aEiyqNK;>qv^lR$uht~<C
z2eh-2dz*M_^ZA~75l4pj9$|{O9kVWPqY*U=co}h=1Va8XA~uzfFm#wh29&cG)5G3o
zrBSoLpYy)JO1`00B)w>Q!xa7qXek1QmuA_3t$gfc((xles0{e$xnzgTF}Ebe2ZEw7
zT1_k@wNkT=`Kck=uE;xGg-5s|ar5#555<kmi-YVRXHpAH0(>MLdJXXxo(Fdj&8jxM
z?@9n7<PON%J)R_b)%;qH6tJ#l<DTI$XOSj(OaKGw*|VXgTJTHEH^m+>#A7!dChlzS
zvd@W=4(Fa-7v#LfXh&Shbs}~dIHZ)@q?I(l0_waLN4(W0lE|{ADM-jrGIm6*Y>9lo
zEQ(mFL(O0Go1*>XP?5dEzXUJaA=+LcjqOFD-{RfDIAnJAP&3p%aEDIHEZWSU5AB_~
z<%XLvC7s5~{n`Tc(rTBCh8Fiv5;L<y;;F5+a7yv&-dU0QX3J@0W70-LS#=)KQ3jVd
zON7+R2Xm2zI#=tZ8;E(Ew6%@rn3*NWVKz86u{B$1KLIlCXJ;XIXSV4?e|KL~u+k9$
zk$t@V<M9WDTn<u-_u$)AxsQ#>u@IBvW%B5!DvLy#`-aUe-)l76R9n~er==K@Y=Vv&
zdGg%2L6x`Z5Sr#q810vC=*RVLLg*PO2rsSIc92wD_%q5ydKzhKP&ad-8Sc5^rJa4{
z2(C2YY$1pCLE1P_#?JNL1#3iO6C#$HyCzoR+UnX!#f=Fz_f~3BD)KkW=9_EGsa^4M
z<JAe-bXuHBndh6cndb9BxJlbO8Vv2X1>0k%E$kz9IZQB#jlltjGgB7#8>e$-n~gCc
z#6uBLD_*#l_VVhU_fhRGZLk_?io3s`HID_k6B7_H+$;4a<y|ha3Q`8<=dKRdpBh~)
zUXt_`7lzb$#)N>X{g9^oiM0Obm=XB?gvkbKbX~bBN`;(fLfoRs^y;i{4^o|{-R5YO
zE*ANX8Puu6MneKjWmdf2YccQ{j5uhum9jAj+wnbkp#&Nm1-Xm~&qKN@4``Vi;?_%x
zjn(ENQ`GfFzZ?#jdHtuhhUlN>LMg}U!m~jd(_FIX#*7-dx`E0@@M>Elny?_c$Kca4
z<38&_^C%YDp_veEztkBd<Ap)*Y{1wFGxyF(=sK<VtZX!`e{WRSSKD*#0KclTwVFrD
zyUyO7sgY8%jrF0nwd6)>w5Ifi#QT#6&ayHyhUwbjxf#W{|2D7QWDV8*+pOXi2k1Rw
z+~YUi0RIVb@ca)Ga`^`!<slRt^Autb2w$?N8+>wl0zo4C4ji~>z!c`GtrgI*+OG0)
z>C@*%gh;--l^;!`l&?D4+?8w$S1gKhf5RKyjt$qoTSc`(SO19Ns!~|hn7A++)=5#l
zwWAP|PHZZQi#VDtcdcE{D67U}qMqgaPOGKV4;G;Apg;B2&TRcTU-1PrdR4gV^Hu4`
zE^>@0nMdrQRrc=qI(4aYu5dr~!ppxmCv-cVFXv0<HHlxi{^ZBNn`=BuP6^&0a<s<W
z5Uabz(SOI0!~Kpsg4@4;&E|Y?=4EXw?V(1eYc+A;1`~Tt6OX>N^YO5;S1Z=Og=;h(
zGs57`Kf|Vsm8Mp&ztJ%d$%t!#Ll)X{byqDD@=RZz-ahZIT}nSn&8}AR=0Sq@Vnu;2
zPYI{Ht`JMWr&e_<F}H^Y8MZ}>wup<zldNrb;WO6N*PD1uWl!g)d=+H&oSG8&bd><z
zd(ei7(Sy7Yc|llw+BojJRJPN1f;<A{3UcybA$fXa!WzEcx@oOGz2)L2%*PV?=>5)*
z;g98fr%jO;9yTF{eo4h1O(TvE1=fjHsLNQjvIkBp4TQVFW_#iZ__0ovHny&LYuw>Z
z{M*-3LWlPla3RW@M2Tn1FF)RPpEB2@W|?hc6(@IsC!d_k*YVb`-Px8OREt+W1)KT$
zsUFhhz}^xqhyWAX8(<P%mu#f(f(0+xnm<~-U?XB<Ww+y0viF6c!rJZ3+fY$0awpCb
zeA}0tJ7_)_zBq$DiEH45taJI+{nCugPtJzBGfYVk`vTsK=0MrMgPrt|2iC&wb7@_#
zf#Gv-YbT?Zm&*gZj%*8zggmA+34ErVzP(<ZW^T1^vS8DojJX2OnnquAPcq(WvvGvn
zq3j`jwO;7hE31K0Ff<fv`<yoNnbQEEINzSETdlbiWa0sJC~CicY&K>y*|<BopWKH^
zhCxDDI9H!|E__p=Oivh~-1B?kSFM6=OoDpS@u;rVX!U@XYnjkylbQ+e0wEhCgyd5a
z(uG4FOr}$YYox@zeDjM;zM9nI#juD?@Z&1siK(<gch>-mjQWUQQKLQ>r(5TD_7pZX
z?QH?YHCTCH$9e9s{9QI9IPhZr`y!qCN6bW{o6r{J&LpIEx_aJnC~<#PG|0q|!|C#Q
zEIB%&2bzAUNoL+iKy|tOIAxrpc7?yieaVUefAHO*dwK0Zpk+6(vyOsJI3xewD2l~q
zrHX3AsN1%d1ww`dxM``k>4ju&7e2hu?TWtQ>5Y1m7*aj(g#74^K-h>i?oIX=yuVhZ
zO7r8NJl<o6xB}hW;u*<WH-o9w4vmz7mYr~OKA`Tx*hxptZ$zGx*jT>m&qTF5ruv53
z{DQJ-Iy>^F;rovk{XKUZXFVkz>XHM@x=a`6Qeq<fL}daQ=2$r$DmMtXUm-HsAxV0B
znEZP=GU$kco_AJVS6iiZqL#ZoU_OUWQa+vV880TD3r=G&ZL0HV*w?HU0c-sv+ljsY
zF{|XMy6V^O(iKc<;0+0by18TET_;}lJI2el#I^u#fjGPDRy`QEe~HH$<7c*Tk>6_P
z)_J=h%NOa!Hp5u!B2H~ae$C81>Geg(aI3iEcE|jg?mMYx9Wn2XEqi<pXQCHh?2}6~
zH}Zfn#g#g}ObHlj&?(vm&Xig=f-%ye22Q>&NYh-HAxw%5?1AGZ>SFpv=tB*$R6W>k
zD`oyRvfP<#kAJmATme6eN1ZS|G@6gaI-)e@Whxpsk9;^%HGT)xt)?s2_{n@W=suCc
zl67x@BlLT)uF*LUk>WD!M4EZ)PKWsTRC`)-Jk_{AgzAmKYcUMl=*M6g?+tWf-b-KO
zo$*}sFcbMRj~)o9noq)?xOn|ES89D+p7!wVjTc82{+!e5Dv<Gq@I_UD%Q~qbg5dVO
zXEFp<$UA$ag|3z-N+ZDIwv%qOh^Nf1!wJ;`!H8$s-MN89!<wL1pE|py?Z61n5n}R0
zG-W+NDu@&DuH5k?I!h+L-4m^}3d<+<-k6LiSg!l!5axI$im@eFRck$NWiLNj725@t
zHxd%Kh5C`c$_pB~KUMaN$yHG9a(I)TGrc})F{9I|<6d8|Su&l<-U29~pmV>p4g|Xh
zb_!PUrMuZmP7e<zG!j<^$uKvG{g|Q_XBSsXS1|yq`byAv!u^J^{=y4?hn0xsi15G(
z%$H04KJ{HX=I^d2<D>tY@r!@;4Dv=BLF3Cd+HPoiHKK1@-U6M(K)RjqL{L5Q7TuY2
zmjM9ZO+ZNm8uP?Lz-X8&7;>%tgvSZrm!;{(%}f2tr@<F|(xau}g$tmCH;a#_&9iI$
z*0NH>##q_gK5vP{)39oduO=m=QN_Z64%O+BCi1~r(0e1e<!Nz7glG-tHm22eAWZ08
z(-=%PDx){W1bfa_t?t09?bkwqf?U}t6GiW$?fiDv_r?2Lc*|miqnAA%H=&OSP~2d_
zK$Al7VwJS^q?b#7F8st)+1i_keO{eupP5_OPw4vXG*-=>$5H@u-5F`9=y|3RtnDIO
zMUrQ4a#rrOds&`>v&lizhJJR%A4MMXXLqu7l`?E8oRDB=F`ay|Q@)}-q$tbzr8MUD
z3&%;D)kh|6D~^&^g}r9#yf$_QmYuNXwHs@&@wbVk5TlVgm>bgRmJ^*BSSdze8X9xG
z+`%WpR@kL|ej865ykpI-$vBr-^O<Yva22hV;upwLwlnpv^f%i}Hii0nRM(3fiD@m2
zC(mJ4P*`J}tKKd~ZLbZbKNryX;_u={Q_BOE3puU1upRkw>L<LT6CT#GDnUnB*(_R+
z<^g>FG(B~CvwH9*`bj+Do`iZ>3p#=u2x}>4S6ZShClsB!s?m<MQqR7UBVHqQ9Gg$?
z5Bs<OeZI@_7=m&C40<QG&GH`sR?QezhJP1aEqoW~kN?}WdQTVq+jJ4X0sLK+iT!;0
z{}2*j7<Ttmr@cb8z#C5PcrUKhqb(r2#6Q=y(`9MLGH450@pwHtt|%pkaaBE1{^4=R
z;Rr}*g$P$Y`t3h;{!*|D1imVPm!Q8g>(u}&z@Xja`KS@9IX=!ryhL0dAmD}l4>xo8
zA!)WvPBtn`ZK^zFWB)Kyy1Wk{>%Du!2lOoWw~+%mQBw%l-zj9>E8+z->cPaBDIXWO
zpA=j80T+xp>w0L5>1UOo%ZzguJ#HL;{+*<MMCpBCJxva5>6LQVTb4Dn7Wps@ssU5K
z0{`7g&>ll6??Se=ckJ@y4nx@|k%_t98$(GP&(sj%tGtmpOTpTRORnus>3n~9{5l*W
zs-{;NHl%pgmra4x?+o!Cyly01tq<Wk<4>JNmyw5W-`#CdhgXtyK8Q-NsGoLU`Z9>=
zmm6dSRJhC~1RFf4{!C%Ib4#VR!1-;b=H%MNphxAG^d+SzS4p*~j|+k49Q9vKG*V8L
z(5~(fc8XjV%9}H1&dt)n=d~y@ZlL_~yD6e$_tp1~wph$L;w?>-?|jsnS6+I7TLIlb
zO8|z<@$r9dH+Y&q%{fzL`V6KOK?;WJX6yKU`^qbRd3x}Vo=?j5c{c9b=6Lsuj1SZT
zpUTjcY03s-1xDKymmcW&UpoVktbX^++MU(Sl$rRk*{A&{?N28D)e{+kp}HjRTa#TE
z*WNDX+Jn_Gb;Y-Fh7!Q^X3ZtlxYT0N2$Le&gc2VRPko}K!Q9}J2w8Zzw>kzzF?S=J
z4gFS{SHEPy+wg&mmkU;H3`#dYM>n=PI|+v2GeMFfPpCKqon&g4zf2IGUL>>tWeL5c
zgDZR~a+~Z1)hEuFY2|Re6GGfAm(54_Ly5i>-b1aRWBvs^9V9T(#Gk3nJ2JR<YKx`C
z`Z(xmHb0P+VI|_rZZM_mQMt@VxAVIvKy*B{9>)Tez9`zK*&BC`gK8vI$|TrA*)^JH
z5{cNeEiXUVi{M#wJ5>?Eb%)ZSIl0j25dVg-OQnvc!2SUgy=qN7*ui4AJ=#ED1z6;r
zS?Pbv+^5n~VEE=qM$P)gLG$)2_Wf!#qJGS}2XBp#jy4Uwdouyk<yEV~&m<UrUPo*!
zw5>O1Y28<UcYa8PqxJPt7X6@+-Z7T0CD^g1O0}l)g}q#ZcXYjY1ddw+Ed~j%V6QF$
zF7DJ+#?Sj10#CA2A6)(QBzot1gba{bfdos{%H3>|L^xxB(1F95?>4(QRv?bPajaI?
z(KNQ<Pp3nl6+?vMi*;1AvVdU@YPvX0L?`gtTjY_(*GqrDJcrR4AgSk$dxe1TCf^3a
z{wuoMh#RP@9%vn1yio*xQp7njcE!cIoOSb#xLaJ1MQ%9{c#O((LI>eY-{+51hYlsb
zKXLO>r2M-tM@rvTdFpX1Y%vV;C1-$eDp<RejNzjCFy5ws>f;PARowb@oMOcJS8LDZ
zC4j@Xjt@_6s`-gb3EDg#l46`va%NLJ;E3E<Pqp_H*VZRE`uTy*EdPUJ4rT9WL%zAD
ztH3B<&DE0bJ;V<1uG~=9;u&FhgCi;KeXX!~AC0FRAx{NTC$lAA@$%Ww=8db5LO5R|
zKK79Ieuukt8X33yQK^*_prP$)P82R?b(vone&#)o#`00Hl(x)iV^#2Z=|;H;#W$?~
zT8jeXoSLrG<r5us;#ld>#TIeWE2*<a|GG?e6cP}l1O6tm29=~Vg!2BS2%6?O+1LK-
zt?|DC5}MVFy0_{e%rEohl#OgsJQx{un=cI`wx{EmG_XP>?<aJzOyw*q23?PQ`r-J=
zX?$Qw&p3CubSUpi$m>h#Kl9OlwN$Yc#PMHT%qaW+bI$*_2Twf*kW2y*!p{^C0Tok=
zA{3>1gYn|%xUz%Ti4nhLjUbpti1mhJ@?F6mWU%mkY?k+gRVvKBxl;E9IwbJ?v?%`&
zKGXJ~GGMEn2vOPF!D{9}QHvkAOb1)@aOd>|ejoZa$kSu9{$JI`v5Y&HOZ{~2GOK6h
zQflInN_#TgzzY_jo#K@($<}PIu56f%(K7HC6`4Hs!+NaZMb5jl?GWQ-cCnzTo|n~f
zU)HVmm;JwL$d|PKIrjgD(;uAiTgoP4{l!tmf%M)_*i3~EkMT!s7?#n#<om~R5A89Z
zpmDjkB0Nv#RLKjERX1>YZAOR7&B5Ai#!IK{@QGTdnH3+=9hw9>>AuWZqBG}ZQ_2_U
z=1rECf|UE)!GT=GMkivXQp`wKsa`=}8ST8`)_?ACEYB*hkWw?fvMy!^o^9=g)rt<C
z{+Kl<=Kq@bkLo!Fk29Nw6{g(zRLu(VATJESlumd-%$pe*-sW%s(`IR1ou<P69Tz0I
z9yCf?Q0Mg>o3m72ejXe~P=HkX>ch8f$^#D}6A~32x$hRdMb<rDMWXZ4t|WEGRAH$|
z_R9kwSdskp*a!#reB*}A{BsV?XNLqCKI6j%Q5BYg9uV^^Kd%cB<aa}3{yy<_Lvgnz
zi;WP&n?{(6L6PMhxTLu6`5wgg&ZR*>BH!M!326qt3~gpp!SzD%bhPlt=;h?%2tHM?
z_5F~Hh=~<vN55Uo7H5jfP^FK0W_p!i%3yQTC4!cs2N7=3Tm(}lAD_(f6SAQP>kpi@
zC>tV%qb*#4s_WBa3z?>e-K58|o#A#zsqZk_=LeYzMfs-BKmJ<w2c(F^)HOFF1wRY&
zW3_0^NS?huzx$kFg9@R}>+NpS*fQj@9f&4b6S3>EXed$>y=|aW%=C1VwPc@sl%zNw
zIKCG>(3qmgN#JTNCU+r*HdY$?_e@at?vkFqRW%L@X*w!fhjkZbaV@(M{e1A#YFb+J
zu_No4N>ZS|s5U=uHrk1NRKi(~EY~j`{=Fw?+na^SYXRe$qv)Y*Q`eY-a2}iE_mJXx
zT9|7K4@+oBs^-X$+mEs;RFG>=A&edR#r_}6cXnHmp#|lT&+1>EUOp=LMPAsO?@;<D
zytBqdANPq)M7>z;euc*!eeCaMYyC(*LB&Khc=6JK(Az~E24z9S6lTmcZh&fKZSw3z
zrbXrA_CE12Fg@J@{keDKQDSMMz4S7I=6Z1DO=apMIf(Q0-1=`NIj|eH<<?xP*JDtg
zIqFDpj2`8j?u#}gWGa6vj{0Z{9yTnvaOx=ghQKHHlx`og&QIZS`soGy<?`<h;AM<9
z!nnG+Uf2J!u&sWs$YWaA{nd>&HzXc(RJpnBAgb$0THFT7sn354*c|5iBABSAB2{Ah
zGT~Xqn4T@@)6Zf+{;7QZ0XfhRD5$8vm?Z4eKoS9RC<<IO%Ti7xB;py*SU%MC;HMR3
zz1Uw{*|-qrR}9Le)UB+bVqgn+@HDy4-ZhmFOdk0&BZ`~MGd;ET@f%a5d`C%V0Bp7h
z5covABhpPD^;P<)UCi`cxL*8b-O^8A7{6xk$A#Dd5><%yD6^#I+i?CWfBxq1lRiAA
zf{2sxh@+Z_15b3re52lz^fBn%Sf|qa?v+6i)K{tgz!>w`ny)e-DH}IIA^4KdS=#>b
zsV|_d+xZXMHqmBiD`IuWw9@(|YVLM|;^GrrEq8QQTxW%B(#8`N)u}pqoCjT8(VVKv
zMM|~Q$xl-Vxxb(wy-tPQLZX3ewz7LAbzQ+J?g+N>JAD3#%Z0<#7Wfn4QL^C7f)JFp
z3|&SLFYmkLoa|{otztCqYmX~zcn6m#a(+HO5!dhD@aIk9${+z;-u1L=FsksIUx{a0
z{Ve-Oqy1kuE&IErjeMqy05d1Q+s3oZ>bWqlJ=<tPTwJ=X%24La$B^n%P)$<m>k$+?
z#A<~8Ys+$EK-$`N=96S>Rz@9AMEV5CK7)<4_8JNWjp4Pk`B(P^#7L_y!OLzG>$uR(
z49CDb`ycZN$4s`tPa5dv-rCC^%E{ImJkC6%k4rEkK9W&{;2wJ9UmLcMxfLKyv#l|e
zXdmM6oQP<X=2B_uLbB&Lo1Ji5a9h}Z^9Z-Xo%FVGrGrJ+j}~0*8!pP0PkcK?$!Xsn
znVN~XccAJpKFTi_9IJz~97dU-z*ScoaL?l5)v_?M-G7!c1DA8F*%R<yWBVz4hdi09
z=<D;1WwbJenW^swKl{c}@v`M>EA!?@Gqe_8ySKn&h@Q){k~l2}v&%(f-2rXyZIAIq
zk~+JeuJK}*<sFd=qaK#`2|r5`7$*14h3dz2x+|+Q(AaONyjpOI1;L}7+yd>F$}Fqq
zjMYjuq0~q>tbadaG6Yd0vH3t5Li;(@CZBn=`BZ-SwrGE}Nw}L)W&56_Rk4O*=gclh
z-*(;x$EpQc-CaIEui8<ueK1TQg+%!fOlP$0l|SUehoFMJ-{G-AVT+@Gm2Z21SN}0R
zT^EZ7YoS*+j>zYi3qR4R5NS#LR@v)YYZTFO_5pUlYKvb6DgLXIJo^31=B<Z?&ah%F
zN2ChpsO3=zO`!Rg8+Bsycepksblf|aDz!ZOfgQ<EO>nI<_R5Ix`eLoow%IoUWjYM{
zy=ioD_=ZaKa}l-vz3KX2!9oS@HmQ+VUzelbk=M4yVcimdIx_i+5jo%X+0IOUDH%;E
z-})F=aw-TOEbP`d5rvJ=+6k&~@UL2Dnu}};Y-~8LS&Hy)s2i(4K>gC48>g6tj76li
z%WpiU3BE9Zql#5g_Jvw!jRg<i#kE5hq#x^z@9a5;Q$+m<*JJ=wQOeOmb0}AJ{=ZrM
zmS3A4ETIMFXVNJ?<jNMt|JE&Y%v<!krz~H0C?AeYR_SxPM*N%JZ}I$lU$QLK?FpNL
ylr+>&oQb~h5%YMU8Sr1Asyk<5^uK6tfC_hRkl-dgv{nP?*KGsSn<Y2wUjHA$SSv#S

literal 0
HcmV?d00001

diff --git a/cve/java-spring-security/2022/CVE-2022-22978/img_1.png b/cve/java-spring-security/2022/CVE-2022-22978/img_1.png
new file mode 100644
index 0000000000000000000000000000000000000000..7209864900bb1ff0df6a98b93d93f891a5414306
GIT binary patch
literal 40601
zcmV)}KzqN5P)<h;3K|Lk000e1NJLTq00Kk+005E*1^@s6q!`sf004jhNkl<ZcwX$i
zSGQ%?b>CTEprvOG5unJ2maX6?slR|^i)42{sAVOR-5x#M8n!fOCXhW^ZrPUA?$L|@
z13+X{6+!_7Nr3?%K#CGc<VuKzszRaC%{iQV(k%eR-Sa=gT64|4_PO^01(2fs@E?2S
zy-(WfcjlaH?S0FGSDK~%nPz$G3>{A=Ekj#UZbCcLeE;QUcIz~2j?!~>Oyx+QX=Vp!
z_y|o?`AqLrGrf7TncFzoENq-&Ep5Ei%x|1%7S~U3da-x1S=xH3S=c&}wAg>CneDxp
z)j!Fap>|W7FN%66Skqgll4j_2Owo8=D7UoLOPThk>$^zTGDF8HI!@CyAwP|JJs0xO
zg*BI6Kh<2^IL$|&KD&Ohd4*o@E9<A7&NOE?UTI$5I72$kI<rFMt1olinKjYNlz(~k
zbaQ(B<>utt%gsxa#!=E|NM|X1u6b$YeDmVUx#qc*v(59X=U7Oi%*s!!o@b%%g|+j|
zb7)iOeDf^YE>nLR4?-Gc&#qjc{Kbhve;MOK^X&2zopYMYUs%1sl5x&8$LU<hC=VT9
zyU2QWZK`>m^xW!2KEALjd9N4OrYGve`W$J7L~YkEB;mE<cw*yXOD}CsH79%1d^|zI
z(d#6Qb#iTnb!uZ;MArhnOlhx^>ldkhs-@GLRNtH7HfPqS>ANt~oFlzV*9@Je_vqvT
zeI_%fnrAP*)EqniVsqr|^Q^<?o^PId<=N(GN<V$(+2-&o&#|69TT0s0^Js75b?NB2
z7n);qj5><GbY7?^d%4u%m-QOogm9ftor933^PCakoX0z^Z%4iIg6hPMI(qIUdM{4U
z`}_jECg?;V-xlpm=m#A;e{!OZpM7Z;dXd_mP@PQUA9+R6QAf|7Vxiuy>u}OZ*3)$D
zhflvmN2ICj47JCR%AP!Zg7wtPFQq)vtTQK@r)X^G3Fr*f(|K?#MB_tGo;gj&Qz;KU
zMtYpu*s+#|9)0=6=Fu~fevID#M_+zk^<tLQJE82yR0sX=4D@`VAJZ5=qR$fbkI{Sa
z_{Eo-r)JMI#};sJqx;J09P5R(MY;#gHP5ZjCn0ZoW_4Dyw!k{JHqSb~zCiagI&$5j
zrcpPmnpR2rxat_)-;R=wt;{sXNzbgz^Z3V?=cr7Ca@<34PlWisIzi8^%+h^V#^W*V
znlUa3V;-f~dW6P2ynLZKO857yi_KxWHy@$<cOfdznr)t5nkHRLI!y1Ol#v#u3LRdg
z^DNFZPc2X#9S<+fis%~sI2c35$!W_cEnH}xTD(w}wPa(SZ=PH}U(_95bVnMCuWx>;
zIYQS4ah}TeF$@tDt@JY(B^em0mIxYBTA|1whye+ZqR;~gES+IE5<n7I0>sQx{rsi^
z(b~yoaSecUTGTt;EN&t#_45Q2(A?lu0wHLc#(@Aa7q$RGlJ~&l)3MB;$<h}AI-A;`
zAPBmsz{7b3CbaSWrSD4wN2oiQG}X&cbdFxfS$e%C7y)`-CY@pdd?YUrbZU*@XY~~8
z6um!ypi`?^CszcBULqhmu`2Kb@G&UD@rC7_Hc(<I5Isxf3_%Jr20;cyoTne-Gy0>P
zBm*AH8_3w$&#Z}#J8@YWL)xWlSrd>-a8rSxQnRXyA_ql)AD@qa#6aZINdz&F2cc6m
zHgtNugd%_s!%qMu2BFOv(ky-cv(346(OH5l01|YX-iK3klX_{9KFdY=EEfo1DUIU`
z$S<M1Thi{8q!*XaC+o!WD?Bdr5{(5}K9^COr86v~Pttei^pfZl<xf!?=%sn;Gxti8
z<#COB(F-`zjmz{xx?ZiL*MzZ8Ey!!M^Y2=V=T#SXt(WHMT4wQj&NV0JC_j6F(<n#%
zNxEqw%}2Vyo?0dlUYgpKPVb<TOBYzDmg&1iN624WY+q`I`=S2{nh;LVwLvc~(w~EQ
z`Yp~<dY-<^bD|To^rvGk3w3B?`R8e}c!4I07iiq)={2(ErTjU1U!J2epQB0Sd7AW)
zerA?_uX8kk)7a26C{uA;myg0YTu+b!JxlL5bZqWybA0|>YIl6@LaXobg^SIx`3tP0
zbLZ)Jj&)=q%gT<T4Na=Y0Ydn*wmQ?iNbmv}G9ao!QG_D~9)lJIATNO>1EQ?s^k=OE
zBmotMDFPxu3;@Z%rGO$50BVvLs+^uvSzfMrMuFo3LyiFv;OA-jy<0hssSSPhN0u_6
zBv?`Kd1_wLPc5qGdt(9!84Nv5=Z8ut5{SW=Pty1Isg)@f(gn;Y5SbzjNm&VNzCUz?
zzRM6m&4Zgk5!&p#>#H|4(B1dnoQ|fuSX6)ijTNE%rsmGC-q;)<?I+#w)f<}q_us&2
z=)nCVOQ&*bcksTiGzSmS@z7VAyGVE5cVlzsJ;<x5e*b;tcy~}4gz`J?yFQD?yMx-@
zPHBkqtgpDVFDrHXedsH7x7~Yva~q{`y#3xAShpRzp7Yk<+FIJ$-*%7o<@^oJt<(>?
zjb7ia^xAHrYfrlOM$*mAP50c`+(>mIq(wK}^A)EXSYM%X=*D|);^Pf>-$dm%HP_#B
zOY>#Y_4nM`e2I=<ygTd5cimEyeL?lbdr*FB&fkSH>VLNg{ZRIWyKif*BYokX+o)`^
zWZYXxXn(uYt*q;CJaiiiY0FC=Y2#(r_+@GXU4Q7nM1A?5J5;wNU4Q8I=K6bYWBKx`
z(s^!gZn*c3tov?f-AL(99g_N+4pEw3^DT5Vp$xkDz5~t8_wHxia!7RReaKTiUEj?#
z26WTiq`N4s#~X3HN79y$`U<`OXoGX#gfW~@2HlKnsEEhrezzsve6O_kuj6Knad*D1
zo9@K%j+}R|bx%s?_wx00e(2C1W&Q3suq)ks_Z{+@NH^a}{rI(+Zf~`RZasA6bj!Wa
zem>rc?*_gjm2-BTU;4`!H&Z_8o`dwALi>aIIuFomJkZ>DSJqchcF&#E4s8#nvKy%n
z^c9S8@11<SfyPLpHaAe)>*@Wv;m(6}q~9U+|1y<de~&1&Q=!hpWm=El?hSXB@@+ds
z{l9ege!2(kr{f)+`XY|^>~FqE?<<a9;_IVprPuu>I)3qx=nGWt)6jL?5BdF+KG@P1
zXbc>$P1>)@W!KSXk;|oy`_OB+j^4xT==z{*??F2i>iF9C)BW|}M3vXGpT+%f%`^s%
z*V6HG^jn2KPwCIoz1?)J9zS=N$=Zl=`EAW-={NG3gXQsaccD$zXH=h6<+}Z%J1sBg
zV$pZtv-Dg044=bYi%)mTkLUV9bdA^2dklRZZE)^`w~HwK`GfSnQ~AEF?WKk_7WKD9
zR^D^k8ZU^p7gIg7N%@U2G*9V;W@CF^@~K?3PWg4}zd53I!?~t6m={_7Xo0mhoM)}8
zHdLHPUuv^K{nu4%BRbN#*T!;WZL2hoIuX(}N#9i(&&1b2=UX*tnQz0=daiTrSEvqJ
z9WJnzsh&mGzcgGVEj5b+I+7OYeURf~Ge219R)4Ws7>MQvOU+!LG+1tCNppi0%C9st
z{biBm2cqe%rDmGS?Z{<)l#_ZZ%@mGX=ug5C`TlA%1r1i4>A~7WrSouG=_6WUUDTu3
zwDy564p&*$N9tDTwLvR-?AF|HO@uUSJ!^>LMoY7F-KKeJGe6u2LK$ha)+~<JMZ>z5
zaHMgToR+nmrF|{GLgSlK8&?J`)3rm~hK>;O*4DRQqHA0pZLpTcbYyL2ZLbwt83%1|
zh^Xx<^<5opwys646?qzOAV;pldHuQeAe;}9>y>NI*KgOe7xkRB_9*Hz>d|X5N%@*<
z6Vq2ptJ|XWZRC4&?B_bC*f00*v3wsJcg2q}+Tz!>JnXZUC=IO)sEo7(4F{>-w_7xg
zRO3Ojv_0VCBDI0$Av(`I)i03dsr>@ImqkCwkLBu?Mtzp$(LV~~+So18=VzLu?`Nrv
zW`>mWJ-WxJC=X2!&?cu%DNlW%DTw-A>~G3(u&LT`X)l!Lx+&Gg{std0_SDt}=W|=h
zqkNjqGfDXz>(pnR?%V4!rc0yz!dBE8>muE+F3`RH!WJZD7to$`ejshnJ8@sSHl)w>
z*66spE6F*jUvFKcV@aKibFP==%O^>$!LCpH^+e}c^m=;snm3Xzs_;7Z6~N;`=u$3c
z;308-oM9+~kf;aPQ6K{Nw4^}PBUtDu5N!=}eFC3Rh9QF^hLgcuY9oLIAj)kM40$l(
zv}kpd;l)FY)dQ>`Zs(vVLC-+)Tt;bD0HQT|9Rg2Y3(d-Ck!~u0p!qBU90sC3ph)tN
zz)l;6=BUkFA8COh2BHDLW=Vl)nE`1A8bBo+F${G8k--oED1l91L8dQ?02E~~1c17j
zU`Qb6;!uDnLeVtUK{EsSLGq7Tp$KDTATr3AprMNM4u%G}0Rn(}S$tFUVB}$F)5(Dm
z+Bhvzzr`V>P~>1K!I9-t-CC-L40srBMrbF%k%e&#pa37D1U?KW5vpW7)Mwbpz#))f
zLcOKe8wQ~Qh6pg|#t%gxDq!dh0MXJm9ccnLao*M8ngBR!e2o!$YVsiT24QF{Kw;pp
zItG*sDs2Te3|cJzW`wa!mXB>>dF)e@T`!=B!3cna*GACewL%~RC}JUvGKC}trE!K7
zq#0a>0#gDv0z^oAKtUcr#OX;ur0F!KmbZW>3h=|fRmm^VX9#&PvfncxXm%trAetqR
znBjZCW+4wp9*m|r?*Ire!a(9dCc+TG&#(<c35o^|Yyd<CMVe+%!o6{l>^f9{G!IOG
zqKgVKZ733mVgT|W1mHpYf%J($Wc929PD-FTSHMdi;~YcLS`vUI_GPfy0f-oS!u9z&
z7DHYeh&&kX+hnj2WjI<+K!kF(^pFgItX+a3t@A*XtVG^Il)z_BEJO@OunGwTdHCtF
z5XCmWEi64|$tgg^tUm@qg@tD}!w{vBHzoM7whBZo3lYlF*z<G~QOgjHBv^$2K+D6W
z29_bQ5TQ)0L#)18i2zCS35pDYSV&VjG(Q9k1t5a8$bcw9kq08pCm<q#VHiqK1Xx*4
z&|)A1$eARDpRPQhs#0$PP)*T~8k%MaBms!nVnu2JP!t0ZEJUyf8Stoeh@}8zb*aq+
zaT@`k1>97r%!Is@DI|^2MlDGWei9@N6qHQ#`V5)`hzzc*OrdEA5D}Holk25Th9d(N
zgQ|3ni8Aog{sWPL56)i$v25LGLr<y6ZC1t^j*u2OiIB4!wc%wqGOG|QL}o=PfQT(P
z89q=J;p0lE3vT@R?3!bnTAhE5QZ~r1Poa;cd4{3UfMsx!lq^VU$r&oh(B#`{tMXt2
ztBygBK@h{$7?vdmMo!kR(;}p>(<<)(q7sVaHxB5LKT9}D+Ca(60LdUm1UQ1~Ae4bf
zAj+&kCK*fmavk7h%dAD~$vR|ZU1|Z*R<I!T07M?zGHfLfLp>k?5Tp_y+DxF4fx-cm
z1EX^Zc1oy;paP3d(q@Jtvo@KPDg#jjo(?4|kXpHtwaY;fw<%v|wh&zc04)>50Ddwc
zF(f%lQGy@_pbSI_l*Vv>0fwC0ENWZbYG^lx>rBCifhb#G%zb7qG=K(R3eaO<W$rGs
z-bCw9f*(CvpH$8ko>{dF%}{=ttxl;-uZ7RAeX<)&#%1{7aZtaQVF-DxTNxSvEr}H<
z0g{8EEde1@0wRN<K0pXi1Q=SRAFDtRB;X@(6oCk?CWD_0LEbt9i;-A}X80cjtULll
z7pZ@SAqA%i0_0qvc2Es|5*V?NH>;3ns=vn9AP{5{7{c|oKqiX8$hpS2%v*|_^=KHZ
zM`;WZEJiqb0Gg+p-uytI2yOFCR`X+VtuYi0v!y73OJCrEtw0smTWSZ(4urG{`AJaY
z0cJ^$Y|R0LDRix%jLWm7$y<5K@p4^~TAchj*^&eo*Y;%CsREJ0RdP?UYsZ0&x`3d<
z<?|LP0TJMU!Ju@Rtz8;05J3hTg<DHqUR{dd64f574n|xb`tbF0Kh2NC(uI1Ip>BOB
z0{A2t(re@QUCYFs=AcHwN32F-Me@J{>ya-*8?!pGt4;eGs1(36$gVW2tASL6q5_Z%
zc*aPpxDU$3GR5vY2So-%Cb-e^?;A2}vH%ibC|Q$+1~g_RQrDS-pDYg`0!7IMr$;~#
zTVS*g0}RTYt7`_Z5`d>I0UU-X9ox&?Mc%DexYqC*Fpfcys%j--OO9H2w2a4BG1zRb
zCaaHtj<sEF&N2`MP)b0gmL0WLC7^Q9CE%sk$K%TwVsUbiMz7PvbCZW62Snl$WDC)X
zg3ofY4tXHT)*%5Pz>kzW3sIC=h?3@5o0rfRRwT4jR~Z8lTwww%JBq=nE&zzPA{7>#
zVUA6bI#_{b3Yn{}?4K=0D+Eas<$!5fwZxLRp+y=W64#l;3yFnDU}&BdTx2XtQ+sxo
z;RuZgcIY@mkTpGArXLzX!%*QU9!b-BEG$C=LjWKXKqSQssmyI<z~jZSLMiSjgHd5s
zGRsiKLKFocGKrOFT>#0%79)|k_EzaVSWik8CA`KyVvZ0~1nZ3e4Q_fYjO#SZH>V05
zK`7%ov~#efZTUv5;{${sK#`Y~TU=4L3Y9>#fTP7Jxp<>&9V(&4TWco4QU;hjR+7ON
zgGq*@!a6j7Ht6@a)r?--ZeG3odh^;|^plEWo1X{m;kCW~lgq4X|1NQx%k6R-r&S*N
zqura8A4jjLGhLRwO2<jc?L>AS%fHpSw1Z;%ofP}ODZO4Pi$a@1uXXorwGHK={kGO^
z?^3z#Yb?H&Ry(QlZEESH%Q(Ky*TT~C*tqrAr{|8ZzeCAo1|ZrTFR{c@B;e!g1$L}H
zTZ@u9fyjw1L)lFx)*%HVq$el>P*hhtvDUQ9IbNvZB9lG_Q&|Ex-LiIoqYOg=L_TiF
zlme=Uh#P`cC|iay6fMwXFF-WIX$2x!i4=$!c;E^vz^5(mDibIYpn-J=nj;FIff!Dl
zHOB#v#Rr)#0H(B^)u-5@mb^tM*2Ve~j36^9<KK_C*37LYu#zE1pvi)z6VME`p5dwl
zqEZfi42&TCw>aCkwET;df0jM^?AmcgCe%fXP)$DY+Pl;QSlW<tC1nugWq`C!|FB=B
z8&Z3++lBmu{&S`RYWDCt4T!vAo7lDh69%JDwhO)P6w4&vKEG(EdfzU#mm?s-+C_Ny
zc~qQi-*R~<Fd&HO*xt8^Wfd8S>|P#fET3Vf1w9j#z$f)B&r^ME+^>Wp1FHDipbSI~
zbQp{f6O`oLWw{-KqzfRrw4_41q69<&MG0aEi~vL%quGf<j1Och%Obe6fG5F?Scp;}
zv=4~(X%97)cCNPwKv6ZzP?lJQ%o@bUp@=~U#~~o7v=n(DN-(4`L~xtU3;;@Sk!kQW
zOTZ|q?K%_djsX#%##~<P_EH$KRbvTUoYltzQ6bmftUhL<Z9!3`PhHvkEKt-o3yXQ#
zU`OE2l&whFD&#>ZK~g^eksUQ1Ek(&flq3KY6<uRR3=smVk*+EAaqg>%BH%=|U1feX
z)ntucyHuI{{wr0@I^)Y@`-*l4LtW)oSJuD2gCZR5P4WD-YuQQdwg3lC|D?18S)IsR
zklsFv(VJDAY_F^^!AH4z1A?x+FQ1T);84JX0~0=?E`dl5dNRD!6(MJDD!_;HCMipn
zrB;0w1ChiL<yazHS(amca-5KdA(H?R+G?9F1t1cL5z7z<P7|0+k}b1`MJZW#0?-r|
zo&Z1@j>Nqt{c_s7zYJ`OG}=ti5?xOnhO%|23PD3j&yN5;21N6mPVTZ1VuaLX#(~ue
zLw&>(>9YI22cC+B2&>CXfFV@^BtS<Ej0O@LWNtBbp()4!h*DelXPpxGAkBesvdV$w
zfr!WQ={jJEI}dPWU?o0x_}-xiM(lDcWG=UwRS4~KU4|hGvc$?00i`Y=>e9kcG#_G%
zuzIX;pG6QF0Fs;%*whsPD9TogbtyuS7jE$FiO^}6An<b`|5`Quddof4t(`##iZF2{
z6wlG6N&ULYcdJ_8cs@~viwsWL#nuLppH&%5#B$MVt#;jt02Jlg`iZ_ZPG}d)x&-jJ
ztUzIXQD#D&&#SDB93uo}5b|TS#@>bEwU)0xygwZ(mff5DzCs2wvh=>R4wX<e-{ht4
zmDr!L1zMXH3kwnU7K)agD0Zuj0uZs<)}a~@d94f(5G}4WOD_&)S!VIEbS&@EBp6zx
za~k+W0fbPOfJl{q2mr(&lw*iwl^MYh2U}Y}wcCeCp~zflY$ZxCq)YEZ+F*ns$Hf*I
z1i_tVF-E%qB8DOy8HNOia`e9kAAu*cL{(jLd=3Gu9JDPiHC{5?7dM(HSd5aoTx3$`
z0m=i90g!jU*~&F6$!FLZ<X9zvpmIeT>QkSAxyRg+eJ6vZwC9i=wGOf+@VfyaQwpl)
zn4mINNZey>5HhtVw*My9PXvapJP_5?hK9W<j@PBw&-!+i?bN@ku2z=I+wky@6NvUA
zo0xq%D*{lLV!taSgA|u8z(vaoNb&U!fFk_FvSiJvwDaQ@WtD4fy#`+&%PxB$GRqKR
zh@xeOtveMU8k-Dyb`L}VEDMrOF0)<815s-w*ifuQ-ujd4ynC$#A!vz#r-T>;LVHC3
zsw;pH0;z`pp*aDciju3$fzbk>M_pzHLgqS4!s@dv9HFIVc59iHKxdK^f_OC<^}UFE
zPh4mwcB466ps^Dyd2mv&Ng!kZ6agtMfy`|fh7^c=Aa~16$9c74C7A^(xZ*S)H!hP{
zBw03__a4chR9KX}+YB1EU1c%&+FWLfG<J5M5e)TJNV5<?9riGq07cNsAe1LKYJ*Rg
zJVZfQA?8(!9r|xTR1wGT;Hc?Tu8Qp|+Sz3$a8R}>^RccyMo_%I0B}C8sH&oUrM{4z
zCzi#$mAUH*5?J`h4?}VC?UHX>_K)BbMQzMwbOqJ22x+<oCk50@D6hfJPAb~F>q!dN
z8DB@C<X&@n9YAy`FR!=Qq2%5&cbEYY9|f2Uhzyt*coICJZ->-f=2w|<T+qOlzjw=a
zr!LABbl`f+)}L8+VI`N?P<D;>Kx7~!yGKW;i4wT+09DiCs0)Y|>A2VeA+rRr07RUY
zW%UL`9*VNd%$04SZ?+Ka2t>|p#vlYy{|l5qufW5AV_*bGBF*$N0I>{$tUata5rBdc
z{CF9}!1Ch(sZ!6|0i-fnR%!c30JLnmsVHxH)^??3%aOMbWs6a8jSa;T)GFt?3`h$u
zz`E2X0a1peY(b)N`x;*~sKF6pj2swI9}i4zwIQe_tV)Z^-&N5n<X4=<N$S5QB@0l>
zM;K}MNea->HO8*S<Li)m-<FU5JQIbsrchp7vu~%0*VEFZHda?_(^Y1YG6RE{|9Mes
z(%wPc{og`M5r9OGQ3dd*3``PKS>M_it#es0wZYzmwtno`Cbo}xr+t36X#kM~R|9Hb
z(Gd_zaYEi=6tq_$%B#V|;u9@FHTg$%l-41IpT0qmS%EaZhx3rQ*9?#Zh%)&2c%h}i
zOiQ+GzFTt&MFK`}llfSoC;=gX9DyH~uK<x>eJ17eG?C9Y5?qZ<8O2@Jc84uDQx1d@
z5N!zvvHCa$=qW5g%jy<e$>5~2W%qTfke9m0I&?ljm6hkQbk7Le6N8~hgt#Q$w?j7>
z%R9bi>yd3>X8U|V9*E4f2KQTrA6=<71O$~Ew`Ix7vt$7R>^NojnH+6D6xkCcuSCOs
zLw<K_1|I}lEAV)Wk_Vw&RskTVom^~fAW|s0Qb6P<;8^#MR1-la!bqiG*}eiH5n5s&
z*Dr$AUey{mD7C?HVtaSpRoHRu3h43aNou!?aPW^=agrA8F4id5zd0cC0mvzCs0I=d
zYMi{~XObl-jnCud>oyl#)#_#Cg>=l?^~L@j;%Avj0QF*eo*AB1hFzy+=V=c<3Ns8q
z&O*e{1mIcHa_1^jpvrDD=PDcK7$OnMca9~J_#xRl$iRrl!H(0~2Kj6eGANS0galaN
zA`^K45<rr8Ar7#HD^0bCHVL4_6=o2$I7GedE!3qHEbYN3LXWoq(fG4N#1e^%OjeWO
zs7vmtjjb}XplVo%@+vayHmxo(U3oUeik2b(jzJNL`;^dQtI(2r%mrPW7?iBegN(_y
zPvyFCmRWjm)Q!Ppb1>OJ>wHf(Ci9zVr47cCq%1)a$~d;jc9zvXC<7Q704e-n^Rsf_
zBee$gRn#`6``QQf36e?~SeXUMfGO=?grmYx+Jh)S5Ua9@qZiu9Gt)BM_&thb^TW0x
z5J_OQxys76?MZ28t*);%pZV-(nqU1V|Ad8fZ1Z+#HxvF&^?sb)DE8(4Hi-wwnbfBy
zZhu)->A#z6c|%H2X6Z^B-<H$6Ie!~)>UCZ1th^nFy_4ctvHq<TCg51+>!M<tC~4<h
zKyMO?s;U4@P396SV5HJ6wRLKpbBF$|cGdP1-U~NQdblfGW?N%}B7q@*kpYo_j*ky2
zfk-Ssy8t5X(}JQ1Jrx<;)PN|1lD2W}1&GkzuL2YB@fM+F1|I}b&nWy*y;+AG48iha
zLTu2YslUKVR-FEPDFvb=vjnN~MvN9r4d8(l2uDa(mgVL47CR*IL$V=Z`!O8}h%{|h
zBk07;E6u<7pWfT-+qaL8&(EAyOOBI)k+;~WwWv@LW7M_)m4IZ{oeVgsJOy8y07eQ!
zCf`rnmAk^`ytvJJ$%15nWDjt}W{u`5D`7}L#>!>SA%P-3I@l5L@j#Rx7ht<tmqFGU
zhHRgrg~1vtS$+nh(h6kqn=+c}R-$&hvW|giEYB<h{BV2hJ`LB}NMeoR#Icj^x%W`>
z+yBFFH~;;w{wk+$y7?wfqwLUq_qHd~nBS!yee5wF^Ot_<m#X^kM?S(}md-IrmGQkI
zXzWG4f4&yLMZ3OB@p`%x`|Y*=PGiM36UFaq29~|4GG3>oeT0OpIv};j$*Q&8P1%(a
zCg`H<^>&-sUbIIb+6gS8eESF|wYu1^q8(vqLjQ?<ecM=9soy6Mqyij`^CLJ6itMTP
z1?VKeX_rkeztSxAW)zYF1dZz!AcL4)NnK`sm05C?C6`&LmC<Z7zj2{Czw~lrU}G?3
zK*USuS;1YV?EygI3M*ySB6|vbej0u0;yN{Vs=4OhU(@{hKl^nC5D00Mot!<*@bmpA
z|E_t@|NI^YL@Krn!9tXm(OV$(3<1szjtW2#h_W?EAjlrqaboryo&PtQfBKuh-rV=l
zH~IK$lz)EaTmdkg-op0jumXvyfzb?5Z4mPHEvr!iBd20D8lFLuLC7peX8G~Y-zkB}
zpvZv{fT*u7G^9~BkmdQ153pv-&(O)|2l~u3mOVoaj|9nZRKyuU!xDhZb+$OdqcF1I
z7RzAc0S9SmW9}^94_2KnATs5Lyw=6mpil-VLRp+Fy7b_8A4(tui%^1*%h_Uty5IfX
z-({HLx}RX;m19elb9nvMZ~s>F?>_ut9xKYA2<P(G;brkbbqN5x``zzuKKXxsvIPe9
z_H~HZNpdaibKxFw;Ld}oKFYh-Vx1p*S1QKK`RlH`uKDY~{%aP}vEP9M2X<W##rp3&
z_+Y4yV3dXW!$%H>G1~2Nd3haBJpXR>G@Tdczc4k$0Al5qj(`$%Exk8*t#O>)E4$4g
zdp(wKP4>GL!GM4NV?D0>DY|Cg9@_6dSG1`?%6WQ?s7KofGA+gHQbh}r!B0x3F?I=n
z6SPk(LI5IIh2$6|U=)E!R+L2`I!BZK4Yz)=dE(eVq`0A0+fe`^vpkvWEVOG|eF%ag
z5LJ}-6@n#brg`+p51KFCd|mVM%!#H7L<~OJMJ6)f0o2Sju<R`MOW7{d5rDEQY`(ef
zrt6wt_{Cpn-f{Iin!o<^e{R11@Yh*LqYQO_{h7bvBW{8MLSh|~=a%U*d%#bEq7{Lm
zp2*^c42WP2DqLn7@53-Ob2h=y3j{y_o9Cy`HvjZDG8C2ZKUpOhW%=>~ngBk7in}es
zQM3%P1t^138+ZhS(lc}@54C|v`=&8+nE?^6G8^Vyu?>*&Dl))O$a9&35kXRfpcsU0
z%k#};wm8IdoMg2b!%%=D08VsW)!bdVJX?>v*a}nupa?##XN@_<$sx&s3%~>b@_+x;
zUv&Zq+Md67A+?1Crv*WK5XN})@y8?|&gCsdfTFdHwWbX*J1atpsNJqz--eT&l+JZo
z^0*fqyz@?}*D|Pt7f~E5wT+*FlLxLi9(3T~0f8JH3u%;De@w_Iv-5DhgARk8*na1F
z4>q}N30&<qrL11sTxlTkLVYarvc5iD8)q*nf#{9HfPos)I5NCwUCgr-hCBoz?V-nD
z1^rRSpcMgVlH9p!5LCcX?9-)PwA<Gw(CM=kNaBVf40&ZskB1xq7?c|fedqh%C_u=b
zHeV_~oYg<DHOki;5LrAB#{^YCsDz;mJ!t>HBVTX6c=NT*X@Vjt*SI0I5Q&vYTxTMK
z9k{&|hyY0gdGtoI1X0~A!I77_zW_tH@c@2Gx0ndf^RNHn&yv-s21Mo}%R5s;Wh_t%
zoHjR^j}Jl`kkVUb@cFgh6d20jgSr)gBDEAfN6=J4PaB9PNnmIK0IAG^#19B8o=)to
zMr-m=zk$UYWeMzPjF3L)um)3{R%o&ZDf&H&ij`>`c-^D-I!l7E?Fra^6`Da(#X@9t
zLxCWlmgk^ltC6|YG9+OMyg(6-emQ)!4#~bkb@v!U4W1%j0i6Ph_yMhTD5?R62b1Ss
zc)o;_Nz%S(i$3S4F0|Y1QvRF~0NU=e4>xUy*;#EMYPV^t4JNx$JXZlkP7z!t0nsG+
z@#A=qSY(c*@sVbLq4dRR`S*__-fyXw$=*H#0L+6AJ*eZqUiL}jALcrM%SE*);22>C
zV||Cls#}A0(&aY=M1T%Ec4<<5wB}q1#WCaLzFRS@Xc`tB1|3cNI@asC97ijA>acw7
zacs6OQC+e!)u2bm=nA?vDDvqy1Vp>gK5>aHG87pYMG&$wSdhAa=<M7{f+70Ce*fz&
z7!s9v4@K$e^AM~;9f0JmMJB)ugAc}uP()=OiY$icfk(ckmZBE|5CL>d0z<r^qDtb0
z^r`eICMX9-$M_%U)ZEKr{rU9YDBzUPg#1f$rwcb4G`+Pzlkz;f$_gN&{PY$i0OVJX
zU7&J-ps<3B1u!BQnt3I_5Wx$9&^ZDnz>>5np=ehYpe|JdsoQOmJFRG20#Q5f<A@ZF
zJP<js5+JHrm{@+fetUU-O&owd0089`XUQVeFUwP0QGlbk%FKX?U1<)A%nHOy<~7}A
zC5nO6T(3`~U)l!rh$8TaG7R~4D+E(AVX2TdY1wnn3lL3&o6vuCV~zU&rdn-l{VHN0
zQrDZG=#l@O-}#*u6j{GEz;r7^N-lff|M<S*_j>TogX!ENvA&ox<h1+xeqBI>^7dGw
zXP$kg7!PeH)uRk!`ZDM^wF7V%@IZhN10o1%vlwMKvd_vxlt2!wNenUC#(>DD4UVi$
z2A}*nCs0!Of{-@}=#+ruU45`rcpx%xvm<2IC$#b78gN)!%bR7TtGyTMU>QQ%TZ<sG
zqFA{pj$xLT_<G`bd>c&i1~8U~%rY0D#{*HzRR#fm^g4YRgt7!Z?!3sudIb6Q#kjtF
z7xGr4E2(`3LIn^p0O^V|#1xH41OiZWks%Kly8f0gC=AI4j2Vc$6{r-KtLw~Gg|*^^
zoDd&WK#>QjnzY_qh%60D(U)$%mZ8X8WjTh(fzc4qlc5OWfNBMzIWCi9wERFH|M%Ch
zOH3?56%pY4;RpVxxH0{AzwiqRJ@b6zXOnG-RcH#((_2h1<kP%L461+-^z8H*fuY|Z
z7@B@1flg{eKy<#h!~zHvP}Ex$_^IezUsMB~9f7D;Z)t@d-g77dQLqjb0oN(;+N?vt
z-KNk~LXnm^O(785i377;+FOrAephT+zF&e-X)!X3P|~R9lppzFdk4j!>cR>Hx7Yw_
zu^KIpBtY7LXpw+uQ3IuGVC45Es-;_y;&oZHYYUOeEJU$9j?0R9f6fjd^0Jts);XLa
z2z3Dw@&X-_H{cK`lClgga$N>7Xyf4taFhWio=boTdghsDxD0iie-`-+Hr->ktxPrG
zvOKIgn8fULOc8*XOAJEV00z+F>rCjMtUf=HiBi(yf)l{XfMIoZOhBalA@obu9nJgC
zmnVD&Q5d7<nu|c>Ek+(BkT(c3kf{Mtt={qxcr0H7BD)q3Ha?I3evH@$?zebu%VVOq
z_BQeRwjO-UMTUF=m>_#SsZ1dSV|swHu~26gB(^G50EbmMSE1dsd6U{V=z<|#eFnj;
zmST-;V@3s{a|%P>Qa4!{H&nX3yw%795w9{E<fq;HO%{<Z^9n~?o~=u~uaH}1=4B6E
z6(ACekU-J>&6gR95K|OZl%*IV1)*U8A`e1CT^?TnqF?*XUt{Y~UNJV$mY?aZIR+jM
zmQGfm`DUuO&`gtN2y~#So?3%?u=*@80A1KzAV8s`T7!5QJzQgh2t)=$0zLp7+yL)=
z=z-?^=2CNRbCH$WsD%iE1?bR2-{khc_RoH^VV7033^^F`!hS-c6{lr!cL8n+uz?hW
z7-STF_<Tr98$Ne$tq{izX+U)WLcI(`vVo%jl<Z&B1|NeWc_x}cQ(m2B%5db|X=*9T
zt~6MRL;^uuDtQ)K5oqmTh&OFi3lUq7MmU;uS-ulP(kMfcxzr4X#FZ9+hycjMFtpt(
zp-9sLS>}@41rVuz|9|;?Sz2GIs|jt<$1DqJf~&OcDlZ_+`d5^I=(2%R8+^LtAqC)(
zfyCMfWEdp*^kikAv1_UUQM3qoh(UV*P=pd|W3Xlb6%~O<l&{fSP)ueqnhZooI1QkR
z{RMVv7A7bHk+(W!OI7h*xm*HM>2}NC0gM}g$hR?Qu)M(n%8{-CQMAzb_9lKkuB;1)
zd>;={20Jn4$e$nJ5w8Vfpv)$FyEZGgb~Zj_po28v1>;(sS$|qUq)Kgk{&04aA&<Vv
z%JVY`L<Bmf>^jq>_}jXRwdOYnWO@WU(56Dq^|ug--|*Syy6c^8_)K%H({<NFpKh*I
zp$`BlK?`6<0Ve^^PSzil0TX}<eZG9twav9({&e$sI?w0yh&;}V{O7*>DW^|2pZ(IO
znlDnHa&?*PL$pAU<Sj!BedK2af>;57T-=ZeHyi{{qi&`*N5au0;DbPE2BMyT&jo^%
z^F6TyT?7cJ%o60qE;1DdP#4xA(RmyRl>Wn~{)+<9Hyi93l=cnMIG=Mp#PLXs5MalE
z=&z{XIo_#SAgJXw>x>g})*NTCiB=wt4T7~tVd$a*9flolr~4I6P#m|g^n_*mc22Jd
zO7_rLlZ_?yaGmA2qPgK##bQ*-_9kk%(}rR#lE;4F=$F_l)S%8i95&0tODTYnk13Mi
zY5^R!6e(1Bh)UKaxXKii5)fUUtbg~B4>$kYzxr2Uf~!c|qb-7~V|i6J5qe#2TZmfy
zRFA1O$|h|qj{so8^;p_NN*C-HD8=>>79g|oc(u<Z*CoJ`El;t`r~P~UE;kOwL^}be
z@|x;EBr=%c7@*5i2Jk=`(kPz<L<TZ!&CxouKw)ejk0g?7H-M1O*u^DT8~yCOON`H>
zu!FwII^^1$iwWr%>(uJUQaHo4T+Sfl&mZ9@0#OZSYCz<zKe4P<583On^ZNI~<okK>
ziEtIiHE?1J&*d_n$O94Dd*ERJx}4o=DbDD!KpXdqAQYwTSzYCCkvf1VFSR!qf`tem
zv;~c2<ryqNM_+iHA?VxR`$lu}{Ii8#I{yqS=HX(qn4rSi1E?`o;HM?uUi-k>bK>mr
z=EZZ*G%uVLy+}GidY;Nf$M}d?qR)Nl)6EmlKBi0RVfm2_7<24U-Z#jsLTnkTT7>ed
zG7hTV5+M58L*Hm-HenSqnMEjz0fzwS;m7~J`GsHnMFJwR2ANB&0G|pBnIa4&vE^u4
zf#`t*L-&67o6S3}zKYA=arM<y_pQc&25FQ>7g<XM1a$xrLs2DI+A9TA3lL?Ck<=%P
zQCfjk3NV-IlC>z0l|aXVk%yyL7Xiszi&$KyF0wu>L~RJF0a1n`Q??f6=b`!FY5|p)
zj`eI+VyjUp4?F@%8GcegHl!OfN}a|b84z906GxY@-w-xn<b0T*Yruo$_gJPMC&buJ
z#w$U{v|AuD3y}eVl^bNlyjK;7(AM;m-2+i{XLVbMB)=CRs$a95$Hx)*@<~9n6Yy9(
zQLP?sH4i+#9(^#j0ay9?Tig;{Zc<hNl9r*LcdKRCx!esz2X_lZ`TOC4DE9Gnu`EIh
z>a6Uo0wRB2lTGwUdmxJKOlV`U1Ay@sACv=dP}T)R20-X*=ZZ>JBX@nQF7T<9y+vvP
zkyqY_s0_50J&N+CjYnU2f}sd-RK^HNFtrboPBBFehRV$uJrKz%GE)nPIwd<&OR%&E
zX?|io=VzKHpZhVx(38&z4A~}&Yzf*D@v5>EJne$0UC=axkqH|m!Zik0m<lel|MaQ<
z+)Vf8X!0cZ=_Bx2gdk`OgvJrBv5)@cC)l-h-qmqE1C6-JObLMCK4TXeEH)Acbb)lP
zBHREE5fGi*l4qCw@>TC>{^0$8!q%XV{N*PZj?8Lg7NQma?M5{yia=D&EAZ%2`s5nx
zVecSkHF9lC=d>@t>AaPv_T4gTkbw`o)@nf12L!c&NP?_)2SlaHpzDQUe*PKK_Q($d
zoA$<z;%2j0qqK5uBz?WG#J{~l4PZooG~8n4^0xd<ze`wZZyPbDa-Fbjva<;aZO|5h
z)p4Abv~QevQRjhZl1d=T<?Vd?JT;e@fsn~tjsQK`8silKqy(uN$kc$xmzD69ufGd)
z@^yBPZ*^@Tl6p*PfCB>>9Ic;+AWO&o21I@=`;Npw>oPCjgVJIoV%Rw-K$Nb*z(&VL
z+3tWSm%UjaLVEy^Z{x>7n;P)=vItOqYy%=3t$m#2O$JRKq@vKq;*Pq2XwoV(KEJ||
zcbAzk2F8u$oiOw^3fJBOq8LxqQ!ui<h!})MdBvGYpy)Hr(H9>tf~wPALb`g4j|xJN
zxx7SeH`(4{D8~$CAhJhqh!yCG=N@f7t1x8G9LugT2R?uy1|mREv<5|C+5KVxLx>gn
z7=o(bc@?GSa=cI<R-ZCB+5|xP2tg6U4_1pIE{Nd;!Oj9cb~G45JP^x)Pb%9KII?;J
zB8H}9G5Tf$m_j-7fF;O)D7nYH^(O+5K~M{b926x0+Tgsn=g?lt#bu|Kpa44zMgW*l
zZqQ?vp29j5<=Q3~a^O?A$SOeOm6zsQ5OoPZ7Doi_7Klo1HS+8;dk$LO2g&b%Z2;sY
z`x}v{uh$BV2`vx%0z-qa4-)cRw#8b4MrgZL+|avqx%tdzKg(7k>^0P?$Ha75_95ES
zqdas%Yn5MaTZl}tT?C@NC_)GF20u^^sulpTyzgUiKCvA63`8Y-wSlD#J2|L2!;iN@
z;aWUkWmwB&`T87GEqSDE**vZx23;G7Sl+{q<$b-ufI*Z&SF-fzcm_Wfr{uvp#s4TY
zSw06^tE)~eMkqr%mj$@daZ3x4=#2uAZ*Q<+ZQ?jP0a1h>$iE)s&H96WHo+t9gQe|S
zY5~}GPJa%|qrbNbL4X<$HU?Wr+qqh><Ldl*O&&}lth`+cKx7ga+T6yo%&?No9?Dum
z5L<mlIfz=^XP<GFBB}2Jq5^=DRj3U&Np5eU*iIyyG#U&s5Djw>G~nmS=N{+SA%h{Y
z3JC-uo%S3mmeFg>5ZquB6jzV|h)&F&=2c_==~I7`mf2@0QdgIP(SQ8Z|HEycn|_&q
zq_hT|GXOFOGAZy#Kr{l61$<Zmhzbi)v=~wULl6C}0Fd?vC?OyBA?j2o5LsOvh(zmj
z4H8IQgCf*r0CG}Tf?y$H%TNTN2tbwcqD=*W+S*_sLQu81z<OdOG6g_t1ChZ{j3u(X
z24Z7ulq0SvNnL6IcoGOzU<d*Ld0F`~r6IF46)v}txaV+_@)N}*{r>O&er0!PnV3+9
zItixElSGo6__D+b&}w^m??7aEo1k~2XtjY*W-tTApyjyKU4SK9gmSsJ5Je!WyToEy
z95V)4`(^&#It1Zd{xw7(f{^!$?++lr>O2h9>Y;2=5?NdllwnAOGH*e$??~*!RuAjT
zpK*EJ04uYMpgvof^0`VNl5uK)Q>&|$MQf3@iQ`20F&K$u#p_X6@c<K-?c2F6p2q`_
zfr-Tuby=Zs4K|*S2ZDSZ!;mXySaNMyuh+K#uyb|gchnWMEOh{pJn%I?qbx&@fe=HH
zy3EqvM2IPRQK0C#(}xojvC9k(ZFTOl77!WmjCJoI<W&MT<q9#VfF)l(5)kr_+yLYp
zed%du88R1{!q6b^Ez}O0F7q58q?+Aw0`P3jDG<p%LeS^a#*BZXE6f(yLX={G2yFi2
z|MxfC=Ce0`kzuF{h`gK3EI|fDaDlOPM`0&fi&TIfoWlSp=A%U@=X0=iTxHg&%949L
zaXz`vf`!O~kO>gvAql`E+EDp25rD`m!cI*9oZVQ3d~mfrJ|yo+1n4Q3-AC0ys3#CK
zBmf!$iX=a8U{qLyuvd{^eO6kF5PK9|YT2y@u-R&|6-Z<*F?PxEICAcJY6~rnME<7V
zEdip{^>y9@2;hVLiL4xHl%Wo7B1oli!sM4HxwhbT!*17)J^pxAk3S(twE3;y{_WH+
zPTG4{28P{hFMVt0i)B%}J;zS<du`|2Pf~0jRkn}dkX)`wny-8>s_JT6j5(oQtxqgh
zb**&kQUsBoMI~@}y<Q&MM@9IE{bKn~L;D8X%e<-#!UJAe1rWhfw4`bGw0aJzM)?vy
zycM9s&_n_ZA&5H16N#nB@^J;(3V{)1Fyo;|zz6#QAq^lhwcD8r7-9+NJbU(dbL8Yx
zTBa^C-F=$XH}DDK_@HuCS+TjIbCYEt0t_t>1c*L&(-+wKgBTrHi@r(_a{qT9AV~Tz
zT!uQpkcXf`g=<V;$h*d{%XAxv1bV!1o<I12#0(wMpy~hcssESK-{vFo_kH(Utba-E
ze)+1a=zIh%aUUXY`H3scA`Gea3Pc%%)E%~!EknNE$~cAyaYlm-J3E1q2c4{*sw^)6
zX<$2B>t>Gq4%q3G?L{O2gq3Q%S`Bqv?%ZPpBv5M)Bkwi?OfhtYI=ImkbP5X+peMN6
zIA*DEy@~4#!VN3l#3u=sAgm&TYwYG*Zb?tQM_K!^9s!7=CQLlA{NQ<Ju>MRE+LV?g
z9oMNnL8~sSV)<L9+O^cm-fHa@WMca(qwH?e?*@)Z?z8jXlby<9zV;pSZDPA!3YHtO
zHnr=b3<!MsXHf<XvE1rn*_%~_mA69-L<U8GAX9XYd5e$$kv#35#gJs>3O;I4N`ciw
z2Sn=HDq?*qU=!g+f~@h(F?sG-*+!Pii$%z#p^?DO;>hw5h;qD8X%T8$hN22L8NJ5o
z0fMJ-gj<YYh=ZsBHH*#jb1yd^`O9n4en1e?ANjvN(L6tWn%gAlenMtN5-7sviP`;S
z!PA`ISPDSYh9R*6J-~5FcK%5M3;~+XZOR@%g-fhv3EBaOay(H9MCLLpAxJGgJ|<`&
z0nc6H_AO9SFhUy#M+R9uehY{K1Px@Vy)C)tBkEWJU`S7Pi9v9KMIaI=nqi=+*U277
zE*=SG1T1r795<74P_}`TfQ`30!RoUBs}GLc-gd@D8v7m9U2pLwUaAXdE;l#bd^1~d
zAf#(;y8B-l*@P{5Iby<%6Q7^lYeC#^pUP`_!`d^%#q-AePHIEVm5~8a`B`-WQbiai
zjuF2nEyZzS{RCk`k7bi&?IRTYEXklDmRnscyAq1P@>Yu<?wa-+y0o0EJ}q4mOAx2c
zO_o3?!VxS&&?0MX2-(WAMFJbqGFyej`UBz78SMTV1ThR{Ad1lBgRW&`#n}c{A;bt-
z(6nDN?=3<Ji2RB%1)xFzrlGDP3vdKC*hOr#$VaaQ5!_vy7BhrR73XPUh8Eb`!$Hyn
zK<p;7-KG_YQml}=%*;BJVuO-9OrdDA4MET=+-6m@LE2np$l=%<esqW5Unql0>f`EL
zP!vVrQ*O#ADlJ6@M^1xm3GzVG0vBiD@c`8dwvIBm@@43!<pNc9F0&H#xZXByOztza
zE&+silg6R!NyIL+p>5LWL}k;E=EWMMR-It^fiRxQfCer#0UR2i+lX>~2|^i&;EFSM
zm{^<U$9hbl)V3UDFft2~fQ#L%ENzgH%X8a0==i!?n~<M0A%zLcPtd;Ir2OOwJx=;H
zS-UsV_pQ(yJ$H9Mfr@tdPW{^LCP)D;evT}BCs4-<pSvl1zNYGTrP8OB@6t}~CY@t~
zA`E!#RR4Aez!1xlf*b9PDgw&eEq=JG-*d<VPl6#$TkH_PCzrupw!m(%jRBRx5~MQt
zSsUR<utRO3Wr8JuiUE-Tjl$6YP*W;_&&Vu98aEWdX$$}o>kzC$Z6M0>@k7a7mfUBy
zwBCTor(LWN%K;IdKgP@Fb#Ea89^QGH(+-Ffit=)Kfu9^W?I1{HKqQaYaF(Iu9&6{l
z>+CE;(Fz?`_{ix^kpPjvj-@>a84R`DWdNprmWQIabM*y+pmTkIk>o||oia;OVFh9+
zae$P-NWmroP*7Ty-&0w?aGq!-YFUhu+e|D)aGk+&GsRFu!Vxf|7M)b4z+}%$10;#7
zOd!bIX32eKpktOJ2Ad2*W*N%B<J@FkzRtjiVMwL$)9QzEjUkFRt|*xZbi%4a&Lr)%
zy^1FsIcG8PRTS%ezCK~c$$U48lYFeNX}9fu+M0Bolj^$K#rJB5F?R9&K)Xr#5>ynd
zVtvfVve?ejwRU?{{7n_VtxEaNt0JVlonn`n1yQHiAqAckN0i_v1XZg=2tXv(pCz>h
znH6Y(K!zY_2mk`mNZLTiz=+*tqcUHUS%X?2q!J5}xy&*UB`^XgCD{ryu@cQ~K?XxH
zxLRdyvIIjeUWkE6_7V~q5XnZ2NV6-fXFE^>a`X`#20M6+h65mr4+1Dbe$`llA{^~;
z8!Zr8lE-ss`W0#eok5y(mLSLEcb|@GS%5mAr+}lr1ySd8grReNKvI^kyPy)QjUESC
z$(mzuQvsl;3{nb04u<R;Q4@hkWsmaUdH~WegA(N3Yf}U=Y$*aT;aI>?xlBLB6p`Qx
ziy+hjB7>g*LsiQW<rl`iq{UHAr?PQ>4?yHCM>Tm+ij!McU2L~^`AIdF*V?=}?Q(M8
zb-SpasABn*(xmIz>6*LBuZ+4rr>@U5mbd!gn1p=0-$YrTqF?>|?eFy)Q~b^SyedM9
zX;R&lQUW3lrXK4K)C@j&Jco-Xibn>crNS+?Litr1D_Mf5Y$?eD53E89qCwuFdM6-a
zms(N=p=3cC0En>PkVz~<Y%yZNm6l_O%13h$AZ>|~E6oL2&ngh{^7;Tnw#0shAR`Np
z;?PYRHO;X^4u}|lHgo>mW_F>a0O}M(T>_E0%KXDy4T`Gb_#zPi$Sgtt8?y}M<@KZ#
zNZoBU%8&X$J3tMUd4N)@Q3+PM^qvE$bAKK~_bL)N0uYq|bB^i(L(#RyE;GL@ze8nw
zk+(28OVb+yBC!Is>IVQLF9jk8J!z9ivo2|Q`8+gH1R?_=vkn!Oq5wZ)4RYn74S*<F
zj5N+@$$&^*W_yv`#LGz_*L6(}UFCJfiLN#2wNygTZpPW2Y>b_t;isu9aZUd9UBTCR
zSryBj;%C;9UQ4UI@_E;^Q+=Tt3~}0zv4`<?A^T0m-`UTzBCNas?m!X09ookaZzUMo
zdKHi7a6rUM?JGbuh6@cKwA`$-MF?7MR!Ig#21UzMw?x8G;7FhdG9ZE#2{6Q9qjg<i
z6fHt|Nxnjs2PC#Q$r#xx1RyGdualKXtwP>qR=CX=h7^hh^`Pph0bF9R_NZHoV~A{5
z>I_5%K^}(KVpO=wybDaqTGpSI5HD0K6A2i#EkH>C90MUun>_q<>6}kj+8abA*s}8g
zhIFNwEwi_vYL4ycp<Gs*d3f=F!;n*fpaO_+)c$5wI@d$mRDx0sj6Cr8Ja(}5Ae0{j
zTRs%l%RdGLdl!l2NMzO{ABWU(rNPaWAf}8l5?Pzv7N7%p`0>l^O@4(Lmg(;%MgWsQ
zER*u`W?tUx{lDjUR2BciOT|gk%4+T28X)puaD_qPXHxz(zJ0GXeP$j;qAK5yE2_Pm
zE3|2U?{}~GyNSQAw?YO8vHYi@2rad;E2VuFI|K_6o@QU{K<%tS>@pjAtuP3g07T0K
zM9b8Np=i9!Ftju<Fj^GLj)IUuj0YeOL{erjR02=540&LRWeI-5-b6NT3bxkxA=#KQ
z!_e&39Pcp%cbc~n)qsdsmHA+574J%|aKvshwG8<fAy!|kL0;Zn)`p#>^u&5`jkSZR
zC(B!Z0uXJwC(ARa09;CoOq93$L<^Fr4KW5o>^9SLMazwMi~0B;e;vC8q7sTW8UWD+
ze(>vN!_XDlw7_U9EY(NeRIwcSWAVrj&8LkUIiF*Ue4J4Vu-3LU>k+%v)Y@Y!)1o5u
z)Zxh059JXe0HWb*mx`NIylMNJb%vY>NV&W&9VbpWF~5WSBwEW`S*({bQ8^(;0PuZc
zS*(xa#Ih@)E9FYt>-9}~tve~cpOeQaKF31({eUXpg*T@1yE0kUR<Fg%ui!QL-&}-+
zw?ZBeV%<+e5n8&+uY~sHy@v3-GJUGOiyJBetJNx$EkmMJl>w2s%)~kbAX-riQEB}t
zU1t(g)CENfPi|#e4SMV`9p*B#M|N0Xwjax2XfauZ;4aHS)um-fAqYUEWwsHctuo^n
zB05fOnE*j~wV7<hsFtB1du|zI)*zO%7y*7bZYa3N%nBr{%Osy;k39Hf_f_2mmVt;Z
zLYpc|pLKd=v#nHb0ouGwU&l(;9~>hL2@o+r^#M}=k+wXHSU;&NVJQMolz@(o$?!u!
zw3)3$-da>Z8P4sl!63<is7q}?vPXUp*lZEB^aW&m+z`9b96ZS~d$AaK7!p+iu!DRY
zQUOn96~byWU2&Gnvlxh|-Rii{Hw-`xZbtE@Ey@##w8?<c9c<lIzC)c&HkAp{PolNF
zmBsq5vi8K?rP$W;?Fs&8Q$L++^?~tSYJVoazkL3_?HdxtseR|TJhW@Iwf42LHzxxC
zpMI+p0U_4^G}LuXv3#$JV<5i|%jvP?9zfLJUT%8Z9ZT=wDsw<oKoM4vA*RUc5K}Z-
zBG4g#8HjZVFeC0Ui2;(;WePojCj?xN+dvcnss%wRzkHwbBiZaR1z`sm5+D+pMQE{a
zmLZ855&*J*Y5>n{0;OViYHuatm1Ypq^Bh!dfz@dVK4h!Oq5wae3#56Ppcfnz<@h0s
zA<FP0K$PN&tlTU=>=Faq1Pc)WM&U(VSJEy4Q39d0<`uwDkOw7*Ej1d;ldMZzuGXSd
z=G$a&;y`PH6`U{aKCSUYtbVyWbp|4Zm<j|Ha*!os1PJQ&8nYIOG7vF{_0>9rGP4jl
zNSXvgY$39T!;+?G{OK)y%m=j>Wl)+OY%%l*7^$Twxy=-G40<f4D8LW9%2GbN#*$SC
z$C?b1%vyvPBkH?69y9~B6v@px-u(Rp5UoT0Cg0JAC$n;ldLKU)`pI!Glc8@LC)m0o
z{L~cN`FtGjXHjqMb=JVAmEZN}F<J5RW}&>Rj^)2&t{s2BCiScJ-%VNU->vfZ(}spC
zp$H67vHjbr+I7V1do!{z_u0<WqSa<|ydv<!V6^OFhGh9X2T~(eNLP~;8m+K3$lPRr
zq2<0o5dqRb#QA{)TW9boVI{+l%X1$Etiq+{0m!@7bSXc>kB28YTHv+0%<Rz}<q9*k
z6scv%2UE+6GZ6<>1BldOBoA_3qREWZ2LR2BOAMBvU>$<62T_V2(lT!~0wkR!&^gO#
zu^8o`Yq1>JBR|sSjM%q`tx2el?zZSY(?@@(g@^Yl+JMzZtUzaaShBxXSc#(5=#0UV
z=4&97WfmI;HQoxtR+;reZR=7gUMc3rHHkII#>r)=FVdSENf#K7N+3!Wq6k1*&agDd
zk`-r~SC9hiBp5QcnUl99<@h4R4~eCy*z{4YKVktYL8!1A@n(=BbCG2?nOcE%aGjZ!
zlltkQueJ(J9tJz$G7%mNQW3RXq54%l;u&hGj(}@r1Zxx>$Ngq?o7#+_K9@<kmF2or
zukBY!YfkIiebPXWPUBMT_9kh+c1iLZbe@e%eY#)vC9Ul?E)6-|V@Z8(Bkhv3KeTm8
z#CbYL*09-RjYwn4qrO{P)Mhv8ZI23Z*{kh#QPzHATdt{9{#w@Nt9UQu{qV1u<;y0>
ze{T76$?~7EugB*kpH;h^<?$WC_r=nD+&1C6C*MC`Cf}`IA^r}I<U5b=wEQ;kP-OY7
ztl*EtpwC*NI+Wp2Ib5d?TjuZnHkFO>r=t|wVvH3!@^c0C*@9m3=$-XkHjvF#`S(e`
z$wfLZ3*`fOjL-aNqgfbl&=C)fUguS%7JKMdu!_50?j@-_-FNWk4ZGvFEzntZe~K#a
zRjj@|7gEM7?`g>6kD@&*lK(V@e6pl>$Sm%-r~30J>pZpD2aAwAnq!GzNB{`HV@F;^
zhT{-!v=s@a9wBZBmZ9t}6W7^tf*k-6yUGATI2s^DAWBdaVJK=*#zp_4PYF6{X+B$q
z08uK2qTou?vC{)x{U(hbgiOIAWI&Y5WYfm9ACW%96_Vg;u?l%0f)&U>##WR`xz@4N
zl?JE@79)!-66=tboAt=j+|Rq)WF=W%{UtItTFqr<ppzg-1qg!9hNsmtpup0@P$Vuh
zAE2G%i=>?ZjVz@X*l-}^EJPl1yriFl91lAtbK9l7NMeV?`jh|)$9`Vs@Ap3{p{*@(
zr{#7DbQpxxO2j|RQsyp`ov=*`N4P0<+*G0pSDKckz-qGsd5uMFC~~ef+{g(UOa?*%
zL0;WJB+w+n#KDt?re)l>28e93D<Q|pph)u@m$FKb%0N`Yj!pP-tOJph`w5?6h>i?I
zmR89akb%XU2cnHv0ahZ6iLoOXO%em2NukL1-FS^&*K0$T08xG&5q5SX52SkmqAvM1
z205`jj>+JpY6FpcuhMr=AqamK05dCq8v1Sv_zW`qsFoFo@SQgR!Z~tUfM|InK;)l0
zSbG3-mRNM<JaRn(M{cuK^ckbCJ|D4IjM0W710t@g-iNyHN4Z|0XXm!<K2R43rF;c~
zN+1$TdkctMn|+(xD-Gl=LIy;ZHc&E`nYqf=#|Wkt5Lz7okYFKN7Wh#hGS%`D6C|t8
zpmHywykvio+Ab;(NlcOek>BJI@=N(m5?7SLiY-MZl)+Ut&<DG+g($BuE7Xrbw7}_E
zf*mLU5da7<6oClVBHg1%9>w9TM5eT?UR`G<wip@kI7?E3qB4f42)NcXEK7b_y<c5c
z0FjIT0T7vmD8Ue1Z(DLK++_q4369v3w3ga-1y&36DEtI?k+Qr5-+;(Nktu_ef>$_?
zoNFWJ0}x5xyW@0Bg&_f=^06TW1lhIpWendgwWab}@U@Q@vViLnh-7sd>crv`Z$w^r
z-kG@CyyeJZfeIiRSAb}o;ip(-W@Q6`nk0iFgQQA7F94T8kVqhE8UJF(!#52?R%SpX
z6JP$PZxddg3@dQ7gEGu?PxK`a<?<~CkaoKaLc=5vL<U7$^cp9s0x@2&0<j$Y>;{BP
z{Q3!WdTa#}@PRc5d1&+XT*jid>3!S5GSu~6LI$k(%*^_etvL2MwgIRHIVBLu_rQbE
zB%yt+ECW$b;fB7`V_1A(2@)U@_>n&h$<nIj0#SgV&1Pjg!;k?{P1!Oe5VW9RRJ6nI
zbs$zDu^MGq5@2%u$9dyc4@M$v92@ejdr!O{`TJB&U2WpH`41jI#w_3I51*#<0+eob
z0g>;UfCyp`GB6?`4_BD&HB`h90g|W>Ajq#YGuRQ=mcWmt4U|e{D^Ug<b&Vw#8GuOh
zYFV<qjl2>ZF$ft9IrvFH<l6`gA%4hWh`JPk2s>B<hU9S`fT5*A)BWWHL3pMa=T!hC
zd(!>I9*!A!;v+i@h<w0xwlZZPiZMp!N;B|@F0$k*<A7?wkh!<=vU^x^vI|TsNCHDE
zt-$J(rpX@`BeZ*^Pmr`F0vxf_I>f8ebnhWam!QEw5q7Ya;OkOpcWYa%W@8&@859`=
zIq32LRDc@t0cv8t1R`;f`F6=l#BFdr9kE3NfguB+!fM3-eniEMqwh`2W)Z><Tm&$(
zAH4xlbb)zS86S0jBKZd?&|>Z|0U)@w06?O}?I3H{l9=peZzBR12Sxm^c?=*LbO4dF
z06FNH1Vju)ZnBF&R4T)cO^j_({i{0Z>f~HZ+RmCJ`MPTeRv=9Lo0`wiBT&>EXUkKv
z6kQr7#qpvdz(n=8+huzZTYVIE)&V;nepmwsN<#*sWNlN65flN_Tho$N&E7+PAI0UE
zJ_}a<EV6~Kt@JsMN{A`HALaL?UYAwEP!`JYT@(wC01-fkAt(UR%1A6m3`@vs9|j_}
z2#E}CU?Ex|5Lq4x2t_zDK!VU8YPCt0Bn6^@!BGiBULJ_@-e>M{L3)qrRs^0d#kSht
z!H>7*)bh4UcQ@(=qA^@%6)RDC2AR0b{N6(XL}(8fS`zD!y2i5gN3BAma`}B*3Phw8
zABb)6lOQOUSuiwfxR4}nHL>^<z%$Sd8dKeZO6#{4L;xcOBxe;GsO3o0-eo30<jM?&
z2Cx_*tpKEPL`lf2r3f-;;<%yo95ag{5;)?=dQ|0tsFQ^$0}(4&guGSATZ=pp<v?q3
zc>#F5rN>){%razPgbfq{L>zccM*$*ni<x|IblQlqh#4vYge@-$L>`I?U<!Rwzhrrm
z*rn_ilRgCyX}t%cWC2pZ=>j5Cb)}k~qXtE`v11j8G|;*QMDE66H->!Uz>TB?BDuN9
zBSKmmG^!9=U=MdSU=a{f4eXz0=?arriEJtIE;Wf^F!cm{)PyhQe1R#0tTzKh<%HH&
zeX<-RWgzmCwv<VoE3Zz#5?h300Zs}_0zBCol7UE|z<|L+5VQrW49i)0DvAKp60AY0
zeBRx=%ou`L3W%?YYYc*g2-nHiy6s(aCH(9bh@v*_J#D?`PCM1B;`hSjK^g60-k_=d
z9W2LT>&~`FtVHr%M;wv4h?6T#<BIq<ggzLLVaQ^KEDg{xATqTrN7mL{Y-T+|oRD{^
z71pB(Kx9yadqsAk$$ccPVpTXQ7je81AgV~u0ci2iV|%k%-osIs{Czc#za{rsh}!Hk
z*H{XmR?86J2Qfpe1WIB>GNCLlzlU{51+W>*UPL&u#mIq88;TT+e0))qbD0?oG2jg0
zQWJULDWJ(gP==)pMFkKk6xCvhEbn88TKf^P`z%<B06?VKEzNJaCHS0HHyT`P0|lZ4
zMj`<sJjbkbn+YtHF+*NrA#wrJJf2&+pMWUG_IMcp!Rm4b)}FpteFTUEa%>e>cA*JC
zS=wTRJZxBuP67=2QpZPm6z(guckt7SFH#`FI3^D?r8~}m$e>BbZ(Uz6>B5%mM7<jz
z%5s}E_FdlqMYeIH{aB;REdPirHxPHjup5(sQTzwjdXl}0%XuZ4k3Vo09=7Z_Fsf*x
z%WQyvPSj@$lT8AWN4eBtGI_&5q)-$8?Pu^QC%p(nHu2d+-I`z(a>@x-CUyzpbwH%`
zg#~9@EJV?5hRL3RNMn3F<QQ0Rc_nUWFEK<A#`M?3*Hvj(lkX$J-U4bKguFZy?Ig3D
zm5`W)I=oME%vQGgXOcgcwz`3+RQw+0bPa+~FW<#YO82Cl0@2cVL;eIHxY}apIG$*W
zEk%+ScN@dhP{fuZ%`emM8)MfjMBXwKfrz2VTYd*2)@UH*3`F4%QdGG^euknf86#Vd
zBJ}K}@_uD;kNKX4w1fqud!puf>ylv`f(mh;(n5r>1+Y92ITsnMJ_&@943yN3rY<yD
zZ6?9hw!*9iM6eP?0BQqIC_`Q)F+@u(xM8t%N!zL0YZ3hkE)wWKp$utL0wIPXQFNDi
zK#D*lE;9#2EWnSYOGpwRQkR*^EJ8kQFvMbb5^GTzl%0V{TxtSB1t1v^0jzio4@wz`
z?2#K~%#XRZoXZO^#6XnYWKgyMd7!c~DL3m9j}ri>fExpx08Uos)v9+uWWeHK$GggE
z<7FVqP}Bk<ZO3l1)UUlS5r8M<2PGgSp&UQRzWj^vK*SG>WyueElH_LPP0aoVldV6z
z%4C3lj=JK6Z;~Ytc~_aO4l5wZq%g#8F9%0;5d>|EYb;F+3`7P+Zw`oR?bz~z@?iv_
zs0>V9t{A^sESC!iF%0P>T?GedJHSw~0#UnH(bfaeHbKa?1B^CsL`8s!GQcX_dwfkh
z_vQYTbNX{fkW1&Qyf1G^g&R%ardt_+$}&kuHyFFZE^QU6Ly_eHJvoo>jeO@c*jm%s
zb%x)M``!bHIG`GC;(_D|ni3S53ysEM7ucX~8H%p4w(xt_MG^d)&F%fY0ISYAfe7_b
zD9=zNnjOhwg#?(?dgSguZTULDNjYAWA20psbNLnkRn!GU<~G~6xxLyj1aS-zj+!6C
zjkd}H3`vZU$*)9PZq}%7b)-U|bzvP+cbI~Zxz%dm6O}+n<v}P}dH^(RHLAl-3ychU
zd>;d%07J6Wet|Vl<KP%$h~@@}Ap-C?D5`<cKwV|#KHJK!GIO6z_blMLltGgPSqmIx
zKw`kbljM<C=<zCIkrb@BZvjPs6hITKNaiXtp&spm)hMkZ6TO0^`3gI^4dRnz-=S>z
zkv7Ra#_lvK>i{Cw4nUMPNi5ol>kWa-vJVlJCm0eS;<98l68Ulc`D*93CH4kS3{L7c
zi~AYX`tukS_gUV}IxoAIe>e_+RI<kq{Zks_2cBJL`QMY|ZIeZgCmKk)l-&3PoCIzd
zhz7VJ%Rg8#|C_r^ZnFGO7jZ%r%TXa6(}NZFA7>Rnq{kZQbO8}-+uEXBU?>8SO=1ax
z+@xs}a0DW;P-GyINjgu|5qO{?F2<DulEktCFhV<6i2yy_;1dC5ud;CpxZrEt-T1Xt
zW`5iRbH#O=m8XQ6n%dT!QnuZJAERvJK0_CL-G(Iz&dwl|EqrVA{WEz>pFosB5nxEH
zKxQ#w08*Eitw1x^884p);Arezxx!L_NLHW;FbNdl_prgs@!OD710jJL3#^uU|2xGw
z0ABdruQym-X216YJ39bTf~OA6jXe|zY(y({2}e?&tl1R^D#Z7@HVBpA)h)RCrfFV*
z{J2&o7NQhHodJmBi4=O$iZgSiwFCeXnad2p)wbd+1yw76n9Iyyh(Rg3$+VAIeyn^!
z#p7@vFK6jVZZ9W&G)LN%TE+24IQD~^j6rCT@=GK@56T373X2fZ3OvZmuGJD?J*P6u
z5T13G0EocE#DUd-o}S1csBI~#Kgcz^zm^${yu5WtVuM0Fk*zG_U8Yg5u|s~fnL-d-
zg;Yg=G}>%ppQ06pqAtr&el&+bkPm#8Rc6wTtx<STtUer;+u^zxS~AesxZJ1Z4r?oc
ziF2Q|TxkxdSOL(o%$)`x5-4gd&FAtgDbo!d2kkhb=sFWHQmazR3n<CTv%Fzr{>LTx
zbd%AW0RSl7)Yv^n{|+e+lX-Gq4Fr66Zy=Np%zQ5pw4ygv*;i#t143~FSF`_kvKIMB
zeISJ)KS{_x;}UcXa7xILc%j&Kjjm&LXc7p*Qs}gFx|q~ln#b#&Jb40DXi7oCIw7}&
zI$ec@i5adPUO6__34I%IAkY(GB?8EmlEfcn*Os`q1XO%k>=$LRLKZi~LDrC3oY)$M
zJOZjK?@^2k+N;X3<Y>UkpWUkhHgOeN+?NQ~YGo#V4LX*6-la>d{{1N+Tjk4qdHTLG
zIH`+lXcAz;Z%V$qy(Iir@I5w*kHqa6R3SD`{%By)g8k8uNA6e<^-hv_!ekvr-rXw_
z5a}@il*;Zq20&#jk%J@Lr-n9$-IENC>`xrp;8;p5QaX+wzgE^Ezu<&jY=eBC%`P(s
zL~U1DsWuFiKm<z>#8xA?%{WL}peQc6_dwJMMLut3vD{mO07XuKCjgFtRC0Ye__6ZR
zO@=aqAwUh_2(B>!B5{-DplT_H<tM|?41vtd7LKA>f|8lRiU1KTLA}yC1OS?*HnQ?e
zWgw)MArC*LEI_&om~>e^Lr#Vv4yg7JQ~@F%OXS^S96-%0&j3TBJci$i+NAALOi_lJ
zB(38y8Mwr9CBTEe9<rSD93FTQG%4ta+I>qPleRIwDFF_Y#wx8pWnEnvlrj)mU4)`q
zOi_IPnGZ1ZKxF@#<e!t2i$A`+k>SRKn`Ux}4FE!VBUMRRwgedf*}qy_I*fG7A`~R<
zG6AAuj}(=-x16OX3ICQciNtb&nFL7%1fi@9jP;YGpXAmEP}XTOFDK2uOps}k)JfF>
ziZLM@96<&LVc9t*ZGeJI<Zm$$O@bPRAa8+cr(1o3>>5i8ko4Ug>jsjr5E(S7J20&j
z^DeK7A^=6z;3~T@OP8g6c10OJ>#+}zF24`uccrG?15twTu?KgP+s9}q(6cto7T6W~
z-LZxmSdH)gP-2Q${5vcyO=4-)KOPB;%ngp;d3K8@mzl0QL(sL4FEkjcfs$E?#A1^z
zH@vOK0CgsT5WoLfy8n#aI3^pfOGC3fg|?cP4I?x3)YJx~e4n(vmfSu>ZlzfThFHmM
zX7NO&)d;RKgQN^ZaF^MVe3OEW!jS<{E6ymwPnR4JnGj@cAY^3;j9~fc=X_C)<3QYF
z20&PD&l<>{Ll!qw0?~4^1Yva<gHSIEK$Mo?<0<!>Y9Ue}DnLlBL|)?RDp!Xw_@Hg4
zR#XBwX3g=E$9D*f)ZnOek=12=a+w1gmydvCtJo6sFdP`HlyxFsr$7UUQJJMDT7(ji
zxbvqz9*}~?NQ8c(bDL|dayM(|65~gIOp<FqP)m^mqH^z{3J?wKpUjr~cjJBQ8GcOm
z<M(B@!pvfb{LPTlfFaK3f1K><a;wAaW}KD|?*fPtSmDM$#tj^jCHJz@EW;7%4Tg9U
zO8FWP$wbrj58V{4J_b4hHwHusMFv9*L~20@{S1b@+Xne$IkCyufaxs;B8fu+gw)+`
zfE5nh)}v437{`mM1Cf`;3}I}%W`3>a;;P43c|`z<%I{|`GdCu$LTjn~tPP3`j7rGq
zf}spewR(e}_+6`kP=+LPxhd>$tdOO}T9kvMrJUVh8jsWlBmINnVQ3(~XNe(_KRMzq
z%a$PlAy{kHS-S-yQ+AiZ+Khf#_F!oLC(JB8k`|DOf6z<@Jdzi{^8KPvXXorvh9Uc-
z7_3e-&OUxz$Br<xs#<Bj{k?BCSHJVBX5YSjNyy)Q|A7QXwu8065FH09gP#s1pz$z-
zI<+2ESE2Q@MaV#?TzTdoiTZjV%9fx~u=XSvf&fPVBDl=96p+-V_VtJVwz=x+^8I)R
z<!`&^fPj(iMP!g<79y61p#(i81o;4HZ}suP(<a-KD1(r|kO7eg9k#}(WychO$Xkb4
zI)(*bvug`&+%wT^?5MWINZeqD9{Lu&Uss3s@9O5JLwE5x^BzUc&1R3_V5>}oAz5ng
z<Ad1p6VC4;DuIrc3G9eG5Xtk-vMv(bl+ukC1Bhk0*dhfYwis1_$e_rJLCC=nj`u(E
zU~|<w%l8lYJMOzDK#=V}guJE|jM6_pjUkX5o&b^GvxtEu0FjR=DgdgYVkhfy*7CM<
zrSarZT89jZA`G?L^qOyd{~@{`mG1}gciw-9?oDODv`w%vR;X=R5UBA0RRU27NvS@L
zvHjKpk$>bz7ZhcA3y}z8JoI<pqxb8b;r)AObLeaL7q6!#10o+tUB*;N>`|8@07bRW
z*M_33yc&%)7C@~7QM4Mi)%Cr)i@sOh8ssfR8HNP#y~T*X&$=|9<BVJyZ4&fAy1Fa@
zk>y<*36gfdw}C)Vwh(2IlD5%pW)`FpiVByR-Wv)yLOGr58xKEJzYpDex3=+Mq!0t>
zaX{mN$ir50t)Z>!lcZ(szHL?er*Zhv9jlE%kpNFy216oD{(t(xKWV;0VDz2uJwSl;
zK=W@u^k@7A{P^$>xsO<gEQZM9idF<>0t9j0XqAsGAPTS~j{(6_e`(KvgvW@C*GTJh
zPSNUUjry!mAB>5<q6PG!b3sV6JFJkv(EKozSztBt21Phh-8-&+NArgt_~YjOhaYIZ
zrux@^A@9c{PyT&_)n&H#5WCG3lF}YUx=ACu$HH>^ss0M}U!yjFl;vWtp$JBRr73DR
zL$Cl{1i(1Jxk#EKP?#nmeSQPwYh1=b&DzF<vMCw|^;7*db<5b7Q-XCNtc<$I))iPz
zG!`iVmcWNkr!pL=-!ETvRr3e$|5E~^Z#VZo^c~W-oB#dK|1H0N4?g~*!a`Imb@xD|
z5Q2Ccm`0HX6iJza3P6Y3W{Z+MTvc3Ayw6V`zU4l>&LEWcv9Hg7z8n1xQ6054q5Tw=
z-S_aw4uTiU(>bRw9^N~Gj9C&M&#`MD8aTf<-IM^|fB1nvB`|-G^bqU+_=`X1_wVnX
zdc4Vd5Qz#Pf)t7vgxGQei_0)+6{5*%g|s#{4d^#S?WjM@{K)fULv>N8TY<%g+OFd9
z1?+ND%g(l1d8jX-C`}+dS?FY>ZnWe|+ittm1eVag$M>f{`QZC`0uz0=`8OZ>3w}R-
zbohxd@rB@8oy-h~co{gr!eV9s8*n}G5_o9HZPEnoHYvoWg`0HbU7X=EtHcoXU)^p7
zuU=|~qyeRIv~*t~2W?oE*D|!>c3LOx;Pz4&>Hwk$Q3<BB?kf5-^8WwzgA7KdKmX8&
z`2BnI@RKblDFH>#qt+(NC+NZZFhLQ3qB1=B^JbTs!4JnqUDEd=l_4*m8?0#2dIVsd
z1Vu9MeSqe>hm!uyhvawmqr;E4popd4OMcebNP*sttPD)@-OfOiEk*z$fg%pD=4YN|
zD6&;&vdo^Y-&U;+Wt$5RJbt4`ZzYN_)CEN8UNOopF9RanhyIA}Lw`&6A=97zh1|z~
z@Z{qRXa+cDv9Y+u1S`Xw#`y9l3rG1AH9r!d;_Cxg8Q>V?Xd3W@HrN!?uG6ed1%N4>
zrSpy0WoCiYZ77nmwFE=!B)mYtkhIC}vOoRc9~X33lHyg(w;uUsf+G(^fSF%;*RK%B
ztYv`0?$=blPLQ*)y+H!xtWp_PylwE9oAkwyvbEOvpvRBmOS;PAu0t4)`n>0T?_sTN
z!%Vr(S|*5EqI1p@K(zrW#}cKOqGUN*;&TCp06w!M4z4Bu`oj<WQR|va`0{-9yALoV
zA<!B?<UvSQl`YeFYt1|9z4;;i;ARjc?Vo7xVug5bAp$FW!2jaC@8NUc3n!1`ko|{X
z&G`XMkf_5KW{QAko*)2u{G))|CHsHHocN)Sf3&&b_FMVO_0D&_tMxjdU!ih9kyu+w
z@bNAwUh1w8<lR#k10a;FIa&`$is#Dj-_^~%4}V9kE7BehQ2oJEPwH#mV#ryfi5K}L
zx<M@PN-O}5Y*>ir-~8ZdY5(Zq!_Ce6?`WOJ3$N4O+ui7&Q(J=$oFDy{Mnk>^To>{`
zI`TBPU7*PlfD>V;<uV(Fm1gvLqyPQ%UgUTo(I0-`{jF;<;h)>rA9=`ukw6o!Gq&xL
z+<5!V<N6vV>G30nxh-yLI6iUo2>k}%%aiz1$Bu9to;Y6}hzLB^04NTK0AdV321Yue
z#EA=I0ffr(K0(q4TGwTQ1?1a*_i!T?qzpuWirWs{(R}O^*ECzN%0z$r!Trs<-u*7t
z)6X1jwqDbi83rGM9LjIKPH^)2xEa#%nooX$H9{GHg~k~$*lahqAK2fz7U-H!d?LZl
z?FSAtAJ;rIdhHUAcl4R#d^~de7?<JrUV2YQuc4iQlWf4~1yI3Ke!xnWl_Aau=LZBu
zU;-q?>-6s*`m~^n(gt$9OW4P#RPT~*EkN4jYiUDJsSHHfQWwFd&)|yB4Bs(}-@^ND
z*ZbtL!#qwMh(ytngnr-t{&y2Jn*iVO{mAdj)y+4*_g#$*a@JM)4XiUD0|en-B!H&(
zYHeHGzx)Ugx4-}pWLBgChyY0ri13^I=rtd2e($~Sr8Lf$SD=+E(n=_b79s-#PLE1=
z8H0qDWhjz)<N<;pEXIHq`vOaUw9|cv{=g+D8j1yKd4%7f+%q@nJ$n4;VSY{cgN6Ht
z+)KC8JcaY)J>^YZITjK3n8VzTKUW4(sRv}SWov}@PwydP`TWtoSau(+LoG<!c0i;X
zIr_lrA07T-^DU}_TkYGAhyX%=@_|2Lx0(QtSdI`=v`#>?b*b09i!P*3M*tAO<%uIQ
zaeLje|5m!_4f>*gER}uqnvXCL0giBk+In@1h4hoho@{PCaBFLvE`8*hkJ6j9S_h)S
zVkF=*I{>gOb6*1@*=tBvoT1J4p8WgfegYrUS057n%Mbi9Ly=jB073vD<mU*2=7)IT
z9w2SAxpn{T{6WFgIX76Rao70>s}cGDh;RhyfB2e@aobz8558a$I89KriSaiGuAbs+
z#)L9yg8vGG&=!w_J^%`Q>F~vTj3z;(AJZ=#zLe}r+gxKsYfyqCFNGqU%Yev&pe;7&
zp~rvBmZK=Z5}+u$#9-z5(P5dOVcEd7#@A)K;r81aSh{|w?d=9?H|vklBy<~1MjLb^
zUmcGa7Lo->twOM%$a^_z*g_PnMmOAkd+WT=O$1;3qo)3dpFtTcM$sbF1w=le8hyV?
zKm<4f)a3eJ^DzB0`zqaVp!*-e@jK1e=%xi&!p+G0&kc^`CLva#4Z2C=eZYjgNoiPe
zY_%8fnKBf(dGGt)$CeFD@?I!I-ILUY0ct3d0DkZBJ&D417!#AZ8{krtAZeX69PGr2
zD+7^thxGZMJSH{K!>aG{KYvVKrR4$eGH&iTc!0rUNYH`%3dSG5j`X|vwb}Io><09j
z<Ll_s)5ngstU{yLUTyXtJjmxW0P^Se=ZpHpCqG%_ajoc|p+<t9^WH!L7rqQz0HE(f
zfA>fWh#-J%vK)Q?k)-#3@PiCRez$CZ5n#yPvmw1UK#zx^r;i=uI()y7Zv#-2`+U@0
zX)a0+NdVK2)9)F8$W}a(<lje-iPu^KsajdK8sa)@Km_4?^{wwc)DmC`-zy7%HXy=x
zIDUS3pL(wXitxL_1iz6iMg~D<A!=KR1aR=XwEGx<Lfm6gAD8L3U`PY3p)Mfu;8MmQ
z3J}36#BMs8XZ*s9A3XVJ^9{Q9{OuzoIwJjb5-du%4|xj_K;@=8Zfm_iCIB?<AGkLG
ze)#?{nmm_zeT3%7l@Yd8=-2N<vhUDZ!^g2%gxX-lZnaAWL=P0!AzNj(N^MuS#gdcv
zELveOLci4k++zSDDyJiWCSDM%H%}jXnlBcx)T1xN$3F3Knw)N@o6b}GB_F>gKeYa<
z^iPf;ss|vV_C2&$z}lpK03!75a}XZt#A48=A3pSPs)NwRfQYR?Lv@=C7gb1G8MHzZ
z7~EOeLNq^+yaiS#*IQp*WoG%IJfH~u*i~lkG3x&hhua|7rN5`P>{25z!k5`B7)aww
zYF{dt0cQt@Q2{`$G34Ar6Ea`{?eT?LryJvY=w^X`tWVO79b<vI0Z=e&{`2?z9=!&c
zaM9;S1V~8ZC_qFLHsWwL+ODwziX6b0B?#9D$U!;*kpfN`8-$~bgZAhbV|1pr@Z;~h
z*Y{rf^5dW2NMGLpdVNRvnqj4Z%Wna3Ei_rfLWCR1N9l$V-)ra}=(U>rjrTT!C2cI<
zr+FId0@r21eYZG*%LzCCOY)thAM@Ha{t=G(8sLV)xtGVV91Ykd=0S)Rmfd?GN*1C=
z9^|yGrbvO;BaJy4s*6qq>k#_o2f>QijID44_Zi>^H&_TapM~*;yFrSz2e1?0t0=Tt
z8;Seuwga%RyqhQg!E0ji;QXtvCXm8}iti-<vvZQYgk%Fn10oBamB~qN%xw#iwXIKp
znCQ@tU0XV-V$$?COtA{RyE*#Iv1VJZ8R<)}zuLTyzFUWnA7zUUzy+^q`}NmY02OFV
z?O?q@9b^_DgQ6XQ2;ijSV!Y$eJ|o9xo@tJeaE-^P43hU3fSO^b55OZ0V8zm-PxICQ
zI{=YA#5FFxe~{Xv-{vL2Ms~je5OFQ<CNcDIu(i0y0Gj|5)Z_Ib-v*$z$`xxKU?ISk
ztd@h74dcU21|faN!TtOhm)`-mA!qUZD23POfylm7oDQ-!fFkt69|zkG0_n}MSgY`z
zG1ne`7yMf}c9?!E0z?8mbYuY9;FXpvKoQEhUfpUs$tNJ%HXzCnl!CCeTtH}@pL&n+
zJRlhqd6${D3Ym*a>g0C^YY*m)Mcn(;QsjmGk35h8iqOx-#+Y!C;l2Wh#cwWKKV^RM
z_Z0~DdA!%Wy@h_(_}-%r`VaX}fs{kAINh@UHhzy#FQ0++8^J;Z3(LCbk|+U^7rU#(
zBJ%A=9+2mnv2vUd;3zNS&%0V9&ItX|rj2SH+N2L-a7pNUL_fx-6?hIGKg<^k*n!0e
zR-xMoi0~rf8v>vKL;-4WMA>_2(uTEZb9;lnXn65dPh<!y(-!@RtR2SP*oI{aAHo`a
zn6l?ka*rtl0d^p>3e9p_gmJ$1@HaU<2N9&CSRsZa5v)H`1F-_ZU50)fV6Ejd1Y`ej
z_z4CMm<;i+__3o;H>;Phe@l<a8CD>aqs<SGJkelF_M7$#_}qHn4*rM0!LTFzTcCgM
z^y5MuEJxgbBtV177-Ms6$4GwcY%bh~f97}44-D20d_iF%l_TPbW{2qiUbYy)P4>gX
zPYMuGy{tCN@j^uqb8EF&7S4&l>J%rG0<*JhH5!8t!3g4v(9Z{P1BPJn$*=E71IrF#
zU5eL7KdRMjvG~BPCGYo;fM`EM6K>qFiU3;H@B`9+BtJg#G{Z_-hL4+qzIU+n04S!?
z#*DI=Vwan-CV3zGB@C%rmLs?P9(@5svf2!Qlee{>rSUB82r}0gZd~YBScqVP9>Y(s
z!i|%@2LMC}X|p1+f1U(Lf@vBzs{tn9*DR)`Z6N~4m^CTB_9(m;>zCZ>u?pPOASeBk
zr-`VT;Kmjc6a#NX4}M?X55EhwxmgTI#tK1bXK;jayJp;g?;zlgucb@4x#PVu3yK%M
zgA53C{@dyNAE)!+y*+%q4xa!rfE12^Bm=6_g*D_qfrHnENj4ex)s5$Y$j2agtB;qJ
z!D57du@0X<-Y2tO^(hZ45ro(&l%Wo<kFSH3gQan=Mp-`Qi3<<D<(Muv*&)rY&TX>@
zy_erdScUMt+fVOhA2D8IZw+$pH~cwdD`XpvaIN;elJB0lTMT{@C?)mTU50)JNmhsJ
zMmemC^1T%RfP0qby-OHdtV5``Z3%ErSV|Y+KI7|<7&r^;$NlPKpUf7b)uC8a@n;10
zbZkd~bMduq!{yy$H<CO*(1~438IBBs%u-ak%Lu0QJ_O5;#S~@1S|sDhgKo1W>Kl&;
z5G`PSBhBj{F3eMS|NM7ctoP!^MjoFx;E~;;+fue0y@%#6d_U|r+`1oGoDf@vObR%K
z%Z$NDfGEchWf<}TB*8L-z-kCCH1xyDGr*8-+=$@l&9RvM`vgW$9et86@ICay7YmU9
z(K>_6Z8Y)Y$AY%U=${$>bsV_!0O$FOe+fIi_8Pd);6_9I(4$8m<9gHqnC>_zRsfXs
zsO<5hPq6sf=sdMRYl9&OOY21nKMF)&Cm>2?eUXQuEOD#d|FFCtz79YIkii!npo1S9
zCWham>s{VPnVKi*h%c6b(eEh$6d!8PN3QvJvLFGD@DB~(WA!jUN?<H3Df0dpSRj4l
z9k(%PVN%5Pz*UCyqXbnrKjK#aL~$h-1Cqkb|KHyEFUfHncb+eB@&nvo;=A0*6#hM*
z&!T-VaHlhabnq!eTDB>X#IFUg00;sI`(&DwWW}A&I`J1MIrIcF#b2Vh*u`RZW_A~p
zW3E1#m0elY)w2r_;88L8jmVhp>gt~Eo}R8xXJ%DT8Qb?j<iV)hEgv9yL;py_3tsm~
z{N5G7`5)<6ftfSzX+q%U5V$!Qj*q&)5`c%DHXw41oVS0z^{#kp{Fp@MA>usoy}wB}
zAojzOxj$X#Q!Ab+{&?mgGRWFVe`>r$7;l6BU`~Q{KcU)#k@pnw{nr!VFx>)?@0F%r
zBh5Q19-^FZZRX*K8)bIE8xY|&QXtY;JU7>qdWd*(=V^{mkv_Q{We?FkeG>egc})}q
zBy@0415rEQhQvG&RSnt+frx3K$a<V{^Cf4<0};79hreT=%QU|&Pny)FAyyC3J=rFo
z2kAHgraAdNpC3q_bLn0*Pt(+)oQ9g*AKQi|Mgv4TuZ{W>@?A&SON3{L&-Z@8eta%K
z#C{#%eM{$8a)>fes3~LsK4RiE0w&a}!ZP+pfT)2RgP$H45jJDJ)}v%Vbm7uP`2_AP
zZwTnK{3^|nQm@JR1O?pZ*_U^7e%a!4J$AdEB>yafoG<4(0%B<_`5!B&m$04G`8uB3
zet4{e-Nwu0y86fZx@tklrZq2Rw*0}5e<<s<*DYQ(%JIhAbq)ZKu&?Fsrh7w~_xsMh
zdyDjvdw7GMu9i#gR0blZ-~73z18~pYP3ML53t#_d>Hf`s`2W7AX%zg|`FuIu?>}=P
zH0_$NU^IA*vggPKcV#^ZnMv+Y14O`3_6&I=gvNS4SzCcf&xe8RyXn8fZ_2*%8?g?*
z6Z<d6cBuJ3)Zss5@GH4=$vB??=bO2`x^t-EGOmkv(nAK<kvtTnx|%~IVKMaz862r)
zAd(y-on~hW5RG9-fQXQoGYgsV0$3~C7Gs-wG6{PDJ$QU9WOgUPk^oU^#LuK<fQ|n_
zG5%11j)lI|>w|}6J6&u$=>oc&F04YExJ?PQ0YrF;-po++AD{R}`r&{YK*+$y8=fBx
ze|ck@H(vicS@v-{9`8M>U`RYh21M#1^2<M--IfIE_V}iZ3xF5$`K);$>8W%MFs3b&
zo{*WD#d}v7c_es!7}Eln^6=!11`Y#=6k0S4R*g|4Ad|bx4*=5#qV`SpX2ZMAGKjqL
zMh=<Tt3L=~(Nm14mxFP9zBO`W0EZ7{>>NB1ivmQghlr>6uWJG{kimD^ewc^o%^YUL
z*dE}-w!i&!eZv~gTly1YKTTkXiFasGU}#lxbsJJ+d*ld-M<@dk->uMOKxDnsG|Wam
z5$n}saFl_{Y@X|&@(@)(#FJ$4`bZ9u^A33r5p{MJJfQ+5CAoFV6c$Nx_3)#Oj`iN@
zTM2Dc4O)KkZ$W4k5UGbqbBJW0<cV_n!Q-8D4M<~rPxDvW<*duSXU@&{h%nV$JU$v0
z&_w82Y5*7a00|m(^@_00GiiI&$1_3*plnk;R_3W<UvDKiVp_c;0FeVA%*_)n+fTr*
z;WPy!);$i0S|~CgYC*|DW*Z5J@L(|wsLk#vEZ#~FwjPK$PWGE=j+becZ{$RF2?Nr|
z(eS0^Pp8ITU=`?0#x(0t$AGBv5MA0>k~mI-*c+#)@)lL*fvBw4dWWpc0O)__kXZqG
z4gHctP5A&sIai1d1svzu)Sg)qI9?;`-3aIy>=?XIu3<#>b1!?wzA2E+@-r9CE%Ar}
z1M(muP=2_4_g^%B3z&H8J&h!=O+wXpj?_b>Aua_Ymq)ZHULxyK&-z0S(TtE;$3rv$
zL~WRk`%dp6pLWgmmE%2~j*a`M^vX;7^s`&qNv1WpVE2Fy8F<8CgS!GxECYzD`c)6J
z92x_LtUJEt4q+@~rPqG^gAoMvK&S;GnHSH{mUP44UffOx_@?Inqzi)ZmIBecT_7Sq
zi0$AZk|z&wXX^#fo`k2Kc`985O1^U7Ieg?zT=N1?+SAOuKo%MUaJ)CjcbPY1J0wi|
zx7%Y1PkBCrkS%M0h_D&G$ViwbMog%Six+pOB)cW!j{|(XoG2d;(noXNze0C-LRqO1
z6R(kPz!ZppB|wO-^W+dQ&vEm|WIL=wh>i=~E<{2r|C;Kv9-a^V&YV>JO*};JNR~fg
zB&$!i{P%&D*3;9#O%I3w9RKEe4@Lf^uks2E4@A_-KvW<_J!@O(h725imj2+FOdsfz
z1i3R7*1{7;{t!T9=dQg@u>XDQ?Io|vs60d#GF$LF?Wc34>yoGqm;guIWX|Wj5T1|?
zwD=ypSe(xn)AtiD^RMynULu2^>Ro5q<oe4%q&?`0m#79J$}|z%fJi+?#Y#Srf)V2m
zb%97+>Iy_B^$-aV9nc`_6FVLuZqAxRL}N!z5sjsS6=49)A?kUC`o{l-@9P24{d$Nb
zhaumTC5Pv8@`H4Ly@v?T5s)I?xdDu{9v+RK|BHeNIY!jSOTs))t_!>;2^OY8Y|^M7
zX)c6>>~b$N&Ykr%!wb}!<|px)Jw)PVDgd-A4}ydp_}mvb5Wum|0f<VEu_*|e0wQ16
zfQVxt|4ENu{|nk^YmYez5vK2+^Mw8w;m2EY4w(iTfkZnul3OKUxaa~ZW%TqbK%|h$
zwB!)oBZtUx&kSxXDSHZz^nd=^07ND4$a{t=kI`WPBD;25AbL9;8=fHZ5DlTURBquj
z_Lp_3_f~GafjpMsJtXvHqq1||0z`NUsmF2&ogEM%>EGAzvJm!Wng{`Hf&hy2yjF-A
z0Z|5*VcG$aj&z@Ziu<3yQSmgjIZZ7P*&vdfBmR5j=<&Pp$^V99d*>JLDI28Y#^VL-
z7!dK>@L<8YF%OYlQyOwpD59SIxAE-Cc@{6}oN<UqN>=bO7!n|o-dhEV43^}==m3#~
z$vQAp0Z~q}28cAVdV9$6;pK)TPS-%Ro9gTe5aB&CAoBJX`RNF^w7OuQkteOaL%b#A
z9?@;~>2%@Tl@r2A<vZ^1M&nfW^2V9ekUf=tV0v#U_?U;M0-~H7)EeJy9wMJN<m;3W
zngY?Q8Hhf}bq$JsJxkv=*F<CNrwQmJiEg2}LNwl=%xTnar^azh>c4RA^yr+l_TQd<
zDmAclO=tU>fc>$&gl}j0?R0Lj4|&^hUIt*%O&`c1#P(9U@N9rT$zOW+Em=nQc7-eb
zBYy}i3=qU;ABeoMo&nKuCQy_<YY&kEiX>g9Pm+iA`1WP`+X?6}z<{1#21JCl_+<WP
zxf?iO#K_6y7~%EdkFt|)?!XklAmbj*#z4fU07=>&o+NUIK1#otd5~Hoj|muJ`vB3W
z2Xm<_A+uFLlx+k=KO$tNFl1)SOW2H01)nJ((y^tA$EcS>B=1Yga7;JYw}1Yg^AP26
za*k-UQp24+M1;xi9w-F1=VHp}KJ3G0Js@hI@K<?=?iYx(mzgFts|Vv?xQVvLwZjb+
zPfPE?t7mwWd@nPM^TmxE08%eo0V11kx6?DOE6E`eASxlV<AF%GKLtcRDB?W5)(M%h
zOmn0Zh?oXazIjT+dORG6C+9B=h>BN;dphTVY4fPju+bRW@c~TM@ByT3YsSz9sU2V_
zgdPw92%~UWzBa}{R2$zbp;&29i+8Ba4>C^?Mt#<k23wY^*V95~<PdR<D-6w-XR{}a
z{WTz>oH4nmhet`yvz%8vNePGqczCT0->DuVJ4a0K%D!r{HRpiy#J<@v15^e?3~iyk
z%M?(|1b*h$qs)PjD`WlQAu<qBz-c{0wp|0FY8f7!!vZYcwC$#o$J5f5<Nd;GL}v<y
z9q4(LT6^jla*59h7ihlnEe)d{@^JT#0nyF?Ky}D0=N3s0k%q|FXb*_gL$sX@Kq?-i
z7Km7ecWC!O#{~k4=oLodGza`{2BN(~O|AoA&Zb707&zs`mi5oDAqUkSG{)FQY?Jlu
z1hzoL1q6g~^Cipv6M)1)Q42&>2rL`lMNW`<fm{g8<r1|av|bL8K+y~c*<LaL6@%9K
zi-Maje+qz!0T}-^)qh{=(?wsqK5EEp+C%g!25wCAgyue_heA4j8e~FZGHP)4u23IX
z0eT3Tk+7{j*m6R50wPJWp6Nx1n^o5%p|}8%zMRzoPzQ22Hj<>LmiMd$B7-6z2k!_#
zLQW1jLU`5W_@p<NdWf`(JAXa}ByxJ#9(h6l5z{~88cWMq|NH09$vXBuZO9DJB6kSW
zaM@j*o)Hfx=}~X|c#61gfgyUkvHk6|j9zB!GuvAgGHc5*z5Y%BL}E1%wIQ=1q543<
zhj))vIYa`L#XEG88<3fJfseF%H#cSL#!dsNjih>wc)HgxfR05}Ly+YQ>3sWCUK*}9
zhK9~Jd@TsIKx6~_*}8QOkLDOyBWz(B*5iI8IW1`&ycaaqJfLBCv3X)Y6wi%%nIyM?
z-dgwappO|`fEeIM0Z6?;gNH~U^Put$u}$)b$frE|w_GMUOZNn@Y#bs>o<2TgcK<-c
z?`gfvtd4c-XPWcHF)+>VF4scZU#2D3CpU7MEIrF%MD3Y|M+Zpa9?d!Cn!#JZHt-q|
zGGqI8PWi0}H?eK=LKPr-A_I}Wbk}=-#z0iVk@a5Gq-t{K#@F6)K;-LMVzBSw<a?PB
zE;eW)`CbMAy{Gw|;_0}j|4WWtub<iS&(p)d<q(O75nxRJIqH!_Y@sF~Ot0;^+{<mu
z9+m-DV<6%|IFCQndWNig(R90SJVR4fd5Fl3mELX%h{y;2d@eb5{D!xF!4MUi=fg1(
z{^NHrAj0cI&J*pq4zs{@uIEp^q-y*o;vq`E0q28r$%6^o<o`>30ivN>eFH=WI=<{{
zfAF>CxBl!;(oN*=2YdY|YOnq12etiJKfm>-|3yan)R39N((b{IfROIYzQB)lgYP|M
zL3I2v=t0I!3^<~U`qHJ|t<Q29u{r?_J<Hl{wFWTJ&GC~2FxUV=(hXnDht9nHyRUt1
z`JdDA-Au<h*bmiiB=GUZvKz_%DAi{iA`e3V6Jrm_1-aloH~n!E{!fAtAV<Pwb3$NT
zklKT+%^?~tSb?IQ<p*;bapKkc;(cO!G-|$KvmRzLGIja{h$ts?M(&6K5u;O6hxyYN
zbX*+;q8))7ds}@KKI^~@=kGr~`K{%(AHH^Cqdp^Cmlv}t3;`k}Hj^Xt(_4BCwa3T!
zL^42QvKKeB=OQ-^>X7hEf;BMoX6~L(8K3_|4$;tyOuN<t2W*p14R;aN%FAWc>@p~$
zeLo%*OZYZ;#bX3``LJ30vRB~7racsK{{HAspG?=)8|nHg2J}#7M%fK1dp%vRPs;Tt
z5R@T@^9BG}k~inc#vziNszb&h($TABwCY10!-gk+8f=b7ZqT`*v}@PAM|+2d(iqV=
zSz<d+{FYd2v29~e!vFvtR7pfZRD70EM|#c>29O3R=Vu)0;CZE?YJq4k-=CgLjr1F0
zuQ_{t!l*CzryO=rZ_-R|!aQ_|*ZFg8&;b%3qNfY~f-sIWym}L-zAXEldVHu)VyK>v
zC!~&UPaA8^A7a~wQdbg-?`cmk$srQ2w<crT_a0~b7C==EG{+@XAEfj52g@h_>z@e}
znZ5Coe-!g&-oBOUGs3k2lZ|m?Km>@$z8oo-a2z($w+-tco~(4vEfgl8!}&P^GV8Ic
z&eKEhXq;3n*Upgw2Hzo`yHtl^0+`l(9DQe<Spgus-mKS_ha$bM{v=%|HjdS6KhZI)
zT6-<Qp)Pw}>T_KUUL+diLqcY`@%6vg*Lh&j&ID5b5RXvZ4hjtA2L*u1{zn-1e3sFc
z@sPWdpu$3M7~AIf{q{IsdX)Y2mbL}bp{MPAWmj8W)NK+dE}_LK5DKMGiWEtK5;RB!
zD^{dX+$j%M61)^hTijg=MT%P}uEn*uyAz!71ig7W?)?Y%(>vbt<?IjpoIUnjYn*Y$
zo@>n+l%@ET=}|uLfxUTCJf5#l-RJX5*cY_BUCNzB<lf44+OA0FfRzrm(jK;xza836
z*QcVpRS%C_jc?T+{b0c>EG|dkd>A=>%@9J;Oh65DAoc}AR*;u<pLFSjwRj%*b$@Ig
z;t;(Xd+$C_0#jcfF0!-w@YuBK`S#K@X(zqpYUVn|P2)r3dAu<MM;cBLLiA8Uie}B@
zQ^E(SBgz8xl3_>0yDrwGcpM>F#(?yz*xo`(bi&24RNcg46w=J$(a3{+5hD8w{`4dw
zRB*|uQ<Io%2zxbbLr2MHsoN_|I@;;{OdNjuy4yi6p<}N82}V#xfQ=2Z$+aw8`9bD-
z?D%pZs1qx#AG_Rt1eg{^Q#vfyW~RVQMWvK)m#J@^am@<|Ev357SDz<k(dttJ1e#cU
z)fU{->*m@gU1q0HuK+;9mc%eP-ld#RUP_Ko6y6yAJ_k9x03iHs`b9u;o*^W~G;E?I
zIakkYul-&=qd@*x4&oKGS@+IY1|1%KDCyd=#4ct`$ibOF{*HH}S7R`smu{0at(+#W
zFWc?q{RKXNWSJsK3aa13<<G9uWg2gcOB)o{$jeO}=XuSWGmuIwHkoSv+dR$ToUAMo
z3ZXSFR-EmNA~Uj2iz#D}3{`Tksl}AJ!sAn*leOH<*p@umsAo=YYY3_CYf`}|2W5X0
zu>fmc=z9E~{aI4y<!awAlW8e{`Io^&Zmk#*MUvM;#G9Xpt}(eIs~b<8A0CRcvt4k}
zJP(=Tir7j=e(lzYPPc64GiTOMTjBU~m1$l-&%RyX@1KIbUo5;6qnsm@svILNJfz1|
zoZQ*7P}6yOXh*xl2C}(>$~htLqe8rOs-GuNPj(&ksDBjk4S3&jo^w7SjkD6{sL2!Z
zXHG=yg!aszqy-VV+k5_+1*x!caA+>^VsMUwbi&Jy>8smekGC{+&%0i>H#fvwTAP+L
zq{~jyohyo#2KQ>*y~ZkuDP53U0m&h@#~@qt4XX`cn|<m@i15|F`{#^~T?6cmSXs={
zV(w+6935CG0@?tNUWvxuBPPi-GZynT6mLPdp8a#tfbV30<76}=plqe!^SgY+sZ#>G
z!o@|v`&0+QeWsP|&&}L|^7@`<SoP1^i*`tIi0mS)aPT!UUce7a*M(=frMH<^YM{91
z1y2`f60^Kui@-exK?K7z)v)lUJDY8z!~svXfKX+&r7beWGn>oT@tY5~{!u}c8fAIQ
zK<LMKNB(VC@U@4P$8(ll3=c&T15ZdDGM(dS<=3&P<hj75hWy)_J5Dof)@B9$3no@z
zQO4PO)S7iXhr0Y*VnGbS!*uus2GIg3wo|XA;PN{!Pg}x*de-hu^>8=#cPQkXNvmxh
zO^QhIk<lGfRi>(_@=zR5w<s7#HXQ8jqo3T$Hl-+;c*P#|QeY+;3zrL1`#2G>3Hv7@
zXwhbsc2$L6d?BN2KZ=B{Xl5M&Uk_@Ar_!51Ijpgo3##bSz<VIsW3|e9QZ7$|#s-v5
z7O7{ef_60O)zA}6U5O?8ko7D7u8>xPEz_ja1<>2WH<W!zlkSHXV5b<&AYH$kabLHL
znO|apz$L8juzgBBw8lbXO~LvtBF2?fI>y!P5|Rt+dGaFpFwqmG;@$Z?7A6NZ6EjvQ
z=e)&#agM7bC;w3cG*qdwTsiXj9AJ&QWJmA{S}V1Q;RXXSLhDG8yr?o3DCPX&1r@1g
zB0}iTn#xmBzXaq%eKdMmF(c$6cFJHEpWG>bmR1VD^?5y`-h;pCNj(lvr-X@oEhQ8D
z!XJgX43s~(`eD93<uR_1v&?#y1Gv}F=zHMmA9VfRI}If68!6dV?x3fXHt62L_2g_l
zDR?or7`C_o;F5AC3QY}JuA|{=dDASUTS^C{xMV$%Y(I9p*~&GR%`4)Z)JKCRE-t-z
zKu{v}b-5$#zrxhJ{2eviyJQ_(9z<Z_=iTvMnT|b$xo-N^;SR6*&~Gk_sBa}5$a(SR
zfw2`@vPx)a4U+EzhpUu5Dl?wdIClJh${FBci*3AWZ<;0QXX7hNuo6&EzbU4eGQ$@1
zQNKiqsj-bD#BmuGZ9YO%hiM*kiC<m<cnj6*3BgX|0~z+_?gh}0bUcl&QTQeBPY7Vd
z7nFKUp|GGNTO|a3yeul?$yuhggpzDf=s*5eRM;4BH`CS2KYi$roBbW5vD2X9*9^aK
zw6ENM|EXBCh>5A|UU&6MvL_876=fQ>_!X6!)hWf}QvreNythsq%+R6Iv^He_adNc$
z-CLM3dz#qw&QEIWi!!KI%gV{5m#y#6&Ky1DL5PaWmt$epFy^gHik7VK_?Xd?LMHUX
zU6hW5^zWEakE8^bBt4R3QKf_hJ_J+@T(Fr>^xcf?-o_E{Y|j4WnkcDM!SwlQKScFB
zq|TrI#pG%o7K<npG4^%wl2On*f~+6YJ8?TOM%4vCJ_tiNHAMNAt2p#jmh!0Kl6GRl
zKNd2XQ7@+)NHTybOz{RM<}~`}UOv09Qtn|O3ngmL{f@BUvq$`u3`Pdg+mGwnA%8wk
z8pSVnrnE*rYZ$hI0v2L*<|hZZD1P)k(XUNJDsb82jBhOqH+WfELp{Z39Cxrn1Ok1<
zhb?QxLGjAAfT_oYkld%?lWk_7pN`d=w~Q4m^5ZR4O$qQahEm|O;yd3#qx@jRp>3Zo
zP!ssmj1G`Q3BhZ1KEW%5ImH9FB1OMZz-!qKq}zjW1Oubx44qB`WB0hIM~`1nm%j^O
z!*k(j`nC8X;$&&?`260iW%W2j6zXmSev^GN`oXH<ACBiD^xg})?X6F>x=_#f5-y65
z9(W>?*tbs2y_9D`a4&>~wZk7R3r+*;ds|Uu1_2NHV4%;B?U7kP1-rG2{7Gv*KP1l|
z7ay<d_<ladf`1;MJEY&y4p9R-NQEI679|9HE_VYSQY$TZX|;X}OjiH5|748ip#p)3
zYY=mq0QRUYY0(#&!hlL%CjE(T6y*VuwrBzGmQ|L%Z_i6U+w0wE?Q$T5Pye})ZqP9d
zj_K{x&<Okrj3oZvFoy{4y;&*$qnYkCOK_JfsrK4fZ&R<H>=~J)XLPUc<ZgVKo@4T@
z$VE7jOD;vJ2JFD!W+EUR7(6y}%zGka@or~el?(QpB6wrx41|)7EL*+?j?mIl%2x5b
zJ6!)=EP_|AB7`4z6sV^qhJQ6o4>bhX6+3F|bpAlE0GR_L+9Evu@aPhZ<S<2wTJqo5
zapyygcqg-w=nR*Uq1L>*T1MN{OZN)RK9BAX(Rv3@dfc~?jXu%r_a7&SssVadoR^AG
zE0DpF{Ad2%fvV)vn5&<4Z@r4u10$I){edvw8Nu@tIxtX<>FX)0&Bx#N+36{uM<Dsi
zs~1UJ%6wp-_<;PEsUDfy?HZIY`rnKxCnOTPaeO4T!tc8ciGv^W*zJDYD~G-33F)T|
z_DG1!+iC$u2Sm0;0yG1%fzhewDpK&4=o2>msnFJY2=hko+%)bkViqYl`LQ2aBLV`7
zUV{jOO%0h)9j=62UzS<lT*ls;0gQl;kIT#=*D|{^ZQ~H&ooQNUCa|rIL*Z0<8+cim
zyo=JA%NTNpBarooL^VL2D1W9`a_8Mlff7phATp5b+^L+GPc||j|Cn&TM<{1@^)lFJ
zfs;#5A!IS#qj++N9v&=72VOoqg5>o%)V4(cHS95HcdylBhmRkB<7-$m9hw(JhBXBf
zPHFqPwq%a}O~sp1qWb++<h_|f{n>Y=OS6XNilqr?z+<~Q(AVt5atr=h1f7+Ca6?v?
zJy=2{#aF^lhh&-p>Q$@3@8iyx<IzWtO%rSxqn%%lM<Ta+EblG3HY9CY{hVu1xZo9h
zg8?ZJ0op7jEH(zbP)J?0R#V}1_-)2S+sqUh1%}O&XXV*)%^>atr*m)okOK8rLT~N>
z8*kNr8vm`p8Z@wvI!4}#7;mtXb*5*`P<-kxeVPJ#fVkC1w-(~v(vhx~LzJ>Pg8t)&
ziD7i2{?YzXAazQ(<bno9LO3E4G!9TCm%Mo$7|BEx#ReX6A`pYSCr(KA688ecWqa!`
z*u>X~d~g^-*;;o8JflFS*fQ*t%$5Sw?BRF=cti3sQ>5#8Y=DhsJ9UOasn`*htu#$1
z9~4cE0y@2VqVampbl*QDaL^JuAB#8`S&~RLoN_SCvME6*(nCc~I4bEsOK~AkG={N4
z2KD<dFr1rAcZHZU^Mg5#m@OF%@B-{o#UD}5`cKKTfa;R}E-ziv{3<_><kfy3y(wbL
z3bAW5BcNpx1wT#!$|I)B1R^zuSSYH8MWKNSMuG&1`zgSPPm#cAX0{(Xvf5sL$PJi$
zGVMEm)HT3+<~oD$!IEtd5T0FvJwbnirDsyeySl{n?`9iwBsmQLHOS>RNRNd&gzj*a
z-a_XOfe(P}!QzRA`JooS^@+Y8bIpAkiVb6-p7f-|NfW_Fg}7whYz{?&IRbuMqMyd*
z<19tT9ua=0cXr8FZF7uPj%|01nP}_MqyDO9)-K_?8R7a~Fk+mc+v5qIurCivUm@K|
zfW3sYO(_{#K|@=7GbM!V);dHzR8-zNJ_J{5xV;zrG#|&%j?E;AG2$dvtnN~V!GDWb
z$ZEg0J(PUN*hc%+rQ2cI6?I`HyVhr6EN_e(U9wz2-!8CNgws^FYOO8j3lp>v!q=!U
zUmo&EnyKv86A)socR^7n6r=!tmBG&JjzlHNk|<<a>a%TG*RLLT!KOrtR`m2D5yPmp
zxhrR9e02-TJ1KZTRNIP;v*-EUcJmx#&XfC;FUDA%x7V4X^ek!>eXs2dbteKI1!hsZ
zsyL9uXr`<7Qhc5hW``ES<miKYjqyGsdU>DAD;ShBO%3I^3=!=5L|@Gv4m%Scb)y9r
zfq<zzyvo4PZuM+`i-y#zJ5mOWntYk&cm=(aa>~8~va3k^q4ouC<>)a$?53%lci2Wy
zq~|<JnE!)<m98HkkLuskBF~U+rk}1sy@r@^5kfHU7y!O{_%<M?yqb-J;5#t1!nzw!
z@VQ?!g9K8sW*?MoMx@l$syUmly>U0ww#A##60e(x+CiL2(o$<xJCRE$=u@MLMw}*?
zm_1rPJ8o&*(W!6+(ccZXtm{>66CJ}sCXgmG>k(}p2gT3@Q*^I`5qGsddXIngJ~JZ}
zTD0n0IPr>0LRp#3-#|++ocMv?JkGwnk;<@TyIrk(+&wo7F9AIbmL&K}fwyDxPj6?&
z->R;)wIW`Y#4L9~I&<lw_kSHGCJ*2bqIAW;Ob(}w^88nxkP2LJl{9q4KbV--+m7)K
z-ZqpuFjAi!uIvM0eyIQaSHbaD|BO_7F7R3dJXs+}&~{yn>6Cl+h5I2HBKx(xwJnlQ
z_1@!30s#d4Wz<5oRjds{p_*4GnKE(>V$;n#BiPu<_0-E)wrlCPOSoMoFIx^-e2x>P
zOf+ZgWb3Ir>ohr>$3dx702yCfL7@^YKHm~O^w18bNM}P)E9n_mRMhhF4kMG&0t2H4
z9|yicaiYBZ+Q`qOQDWR)oCxw}ShMng=LDqVEmO9%YpEV#0tImr<WXoP0>VF6xwup_
z3TaEh?|3v!c85>LPcCHl_+(Oi7*0=qD0k_sNB#^X-twlhsQU32WO}<f6{_lE>iS*%
zrbxNro9LWfdSvc#kO3pJ+=yB8lm-={?WgMXyS#@&P;Ip}so_b6xAN7%C{c<K^Ak$t
zIIc97?7ESZU=GTpaUlz1&d^ThJ)j-`q^S=zjOhM^tQVMBiWQIPd(<`&s<-8fuAXvx
zx-j)4ez1?e#;Kx%n=xi?`anXm^iI5g+Hy^gtVOM*f^Ss4uAN}iJ9QHZ6w;D&DJvu<
zrDi=F$trXg(3@c;`(~Y~*By8NIOsl@G6N9h`Gt(4JiHBvd2F0>m&o3veq;uqFjnoH
zw8k0MYTfHwZ`13NUj+KzPZ&4~$GZ0unDgzTg~S+TbA)mr1g8|H6%<Nhv_B*Zq@i3!
zTHHc8kz9S$qM^AQVs$$Q0tmrrs7$WNu2XZGYMWIcFRf{fWzstR57wbacFqZw!@SOG
zYA#TJGW96+BJLNj_=gVoxNJRD2fY02mR9>^^C(LxcL`L?$dv#5Hfc&Z&p+A$*OeLS
zU1FI1k2guaT7?qF!W82(Q(@9<qO?kH8k0UWke^nCAq`77%IQDRe(rz5#qEA_*|q1+
z!U>5!jBO1I%07MGNUYc>TGxc|A{6%z{o<qhAu>)=y?%jVsg}>m-@;vAw*jstp~Un#
zHLnZV`a&h*`T-$#WK5$Blhxxgj-2>BLzU!;Xqi|vFI#4`j0I7DEZ%K^)PpgClsbwy
zgN@|OKc6hFRv7a%_&o2F`$V=%Y_fr*(UgJl=YZJ#|04e_=ywi{s|J^cMg)8wM1$`X
z3(2AZ>%;VP&$;Xawlo54Z1AojMQpQUb@Tg&=bmST?@mv|<<8x_Aqdv5iCAt!OFARb
z7c*L>b%LV?vMec|`kb4TtTx}M9{+sOyyH6P$jVmizh#40EOHl>#o9qCcFT$37-7G8
z-Px=X5o-DDbgK%f^D+mRLRFU23`8Yht0c6*e3-K=W@lSvc)G)|!#cgIU7o7cKU5y&
z`GqJV%E!ul)(Z55Dfqs4bxY+;f1vi=yl(_t1W^P@^r&uFNkI1>D=EA`TsV^?c4}jQ
zyl-HaWl+GXzN+DL=lA-LU50pun0IyM<qe(~GqiSm{Ffhf4AG8r!^qctSA}Py9yb@b
zbwrAq2X;KHb@1Kn+w^7+Cj@q8dVN}NP;kiTc}6a7?rpjn*5&bYAF*k^Sd&Oxg4XqD
zK{&tl%@4gn0h5<!Welb1hE0j+ymjlBxH#A8LCNPeSH5Ud#LvrXzRiTicH`-{O_Atx
z`I(zVBUO*}P~ToRXo|X0<3zrB#*~R^!jNFI*PXtT!6q*WAE)$pH)ocWr)jp$WzF&K
zgMzoh(<in!IPFF0j8~Ufqo22F11CMu<4xSUYn&qm_G;r!fpuSc^JmBWAC_pN+|i0n
zfn3ZxDZb9C@$*@~g`G!U0<#|l%vtPgn=|VBebZv<{1EGA#_3N~WfJyqeGHb3n}UTt
zo6)T5(;r{=PKRhWdt3W>R}{apTbxd<cr_@w-rkglu{59QUB6^m{Z)40BGonZvDD~p
zwr_R6<7R1zL++xVD-M*AAh`YLq%=qUNwJ{E*~+n(p5TvN4=w3i?&8Zv`xME=<nhY&
z?L_0(yBTVu)+NTq>1wkFc<q;_I$n>9xIWvPUJIYzAtP7p&c^Yc`-g;t%{NKYI8ncw
z3p!j;uW@6;oXVNt*LN>Q$EIJOXY|!N%s`!-1O(@Xw_g=VdmLHaIP{f>_&l6lU*Ax@
zF4{GYIvz+VMZK%@Ev^_~DRj(F!1RWV<L8xo7$%e!R<AqUKG@yZ)<O4pNQATKjXs^|
zszj__*vy{WGyH)HR$xw98E&8hiw()X)UdpiXSjD)66YQ|*l&x235Gr;#3cdP^L>_P
z_T8BVH51RXXd^>2T%FdaBSWQ&SczdJGHC*@yYg+js@SBrys|(Q=Ed)mi#_$lgo;e7
zRqnaj@u{1v-pl4!b$o=etVl3kk3r06#p^eIvo#LePWZF=O>Y#&QC+@Z^U4vn^D?c_
zfv@;u98`bSvcRj@xW;-0TBvUr_M%>Jb`-lv0d2`K3g4c4Uv-{WYW2!-pXo{UVxHC|
zsxcLFs<TdD`bG41N|=@`NIpx$W`Iui|Bf*KlSkFeD5yF=yVqX%y_tgbjpKwqYxa+p
z5i%(+b#11kccnAgI-z(tcxcIrtMQ~Hm8dUn@A!yqPy6gXZ5ktr%|yDsVucJA>iGHZ
zECYL1a(G_DtR)#LUfTx%`HLkF?FE?)p3O7>!WAjOxU!VI!pHYF8=jY>?%b)8OrB9P
zSdG0Mq~Cj7TUUD{nBmjVzqz^>H=bhK_HCRYyxIIjJISwMb>_IQ{OIP{a!>D7t<6r@
zGwn4$lj&0H!t4E#y5nCXFU~6^HWnnP{tMm~&GrZ=N-UCcjY5pLyDV6<wG|-8(mkG4
zb_6{}qWy67Uc;K&1mDJ3Tjkzu)Z|@iuqznmT~iGzd{_)QncVZMp<2g%rV`S;7Qm)4
zJ$AfR9$wJ~su`EoQ$Lc}kJ--~w?~U1!v0%|=hXSkCZKz#h>&y=Om+5E&*o(88l;K4
z$(mQEy!e8zz;bJ=IQF?<ZIryXi<SLHoEYbcbXR)|O-&iODHYF~U;J5lfPd+rbnz3G
zl7hhxjQ>G4%sHk<j$#(<wL@u!)yQ2Mpr1Bo7^ih!by%)nD!m^*oA~AK<vc9^txzO2
zVgZ?5p_BEKE_39%Sh9Khn6L{rljp0?!glHrZ4ddI#DYId8NuW3dVUc<>%(X$iVjgI
z$ugG};k?IlWBXp#^Hldet22l1#5Sym(~jd<)xPh4aPLQRM_h7UZb!H(Hoe8iKS(}8
z!vqHDl@!>Xs<LCzQGnGp=M(Tf5;$2G-C|Ym8LQKhwOFUcO2PGYzMtD<NYO43+qn4^
z4t{tn+4B#3O~y^l{#EebRPrIcumfuT{McKAVx!;|ogrHEv->%c{)SkWEz?2RO|;sH
z8WmhY$01T!v(f;ej_cCq-?`CE^O4#9C*!>gOsIO8;V()FS*7>Enji9GHub9WvK^<+
zYfMvgSR`^=*?X^!)Z<jsvj?$~vTMt-&n5%!)D%aler7KOkCUl~n&e^9pw*b3Rq174
z-7~UZE_-}_=>L*Dh%H);1U^b>cnx3N*ynogZdX+z>f*RSN@<D(pK)YnFF^Yh#vC)f
znAr`V-we7XX&CwRZ`Y@v)yg2tR^3Mtyh{P&8scY-WF)JYap==J&+0Hzox_>S{j3!N
z*7G%AkDZb$jKY5?AW@PW;Gia#9e=fQI=0MJZQw|tQ^&R@#`-VV)S5teb3||C$k{1s
z(m|(b>?tx)_LS#b<ZnPj@&Vr$m5WuN3Gf{?+!wL9j%x@q_LAu@EDG9yk%K~Rc})}4
zQ{=2slAk;142@I#e~%UczW?2-ynX5aj{bjPa7(-}U7;4{KJ^-azg{S+!As=dfBHZA
C{xLWJ

literal 0
HcmV?d00001

diff --git a/cve/java-spring-security/2022/CVE-2022-22978/mvnw b/cve/java-spring-security/2022/CVE-2022-22978/mvnw
new file mode 100644
index 00000000..8a8fb228
--- /dev/null
+++ b/cve/java-spring-security/2022/CVE-2022-22978/mvnw
@@ -0,0 +1,316 @@
+#!/bin/sh
+# ----------------------------------------------------------------------------
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#    https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+# ----------------------------------------------------------------------------
+
+# ----------------------------------------------------------------------------
+# Maven Start Up Batch script
+#
+# Required ENV vars:
+# ------------------
+#   JAVA_HOME - location of a JDK home dir
+#
+# Optional ENV vars
+# -----------------
+#   M2_HOME - location of maven2's installed home dir
+#   MAVEN_OPTS - parameters passed to the Java VM when running Maven
+#     e.g. to debug Maven itself, use
+#       set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000
+#   MAVEN_SKIP_RC - flag to disable loading of mavenrc files
+# ----------------------------------------------------------------------------
+
+if [ -z "$MAVEN_SKIP_RC" ] ; then
+
+  if [ -f /usr/local/etc/mavenrc ] ; then
+    . /usr/local/etc/mavenrc
+  fi
+
+  if [ -f /etc/mavenrc ] ; then
+    . /etc/mavenrc
+  fi
+
+  if [ -f "$HOME/.mavenrc" ] ; then
+    . "$HOME/.mavenrc"
+  fi
+
+fi
+
+# OS specific support.  $var _must_ be set to either true or false.
+cygwin=false;
+darwin=false;
+mingw=false
+case "`uname`" in
+  CYGWIN*) cygwin=true ;;
+  MINGW*) mingw=true;;
+  Darwin*) darwin=true
+    # Use /usr/libexec/java_home if available, otherwise fall back to /Library/Java/Home
+    # See https://developer.apple.com/library/mac/qa/qa1170/_index.html
+    if [ -z "$JAVA_HOME" ]; then
+      if [ -x "/usr/libexec/java_home" ]; then
+        export JAVA_HOME="`/usr/libexec/java_home`"
+      else
+        export JAVA_HOME="/Library/Java/Home"
+      fi
+    fi
+    ;;
+esac
+
+if [ -z "$JAVA_HOME" ] ; then
+  if [ -r /etc/gentoo-release ] ; then
+    JAVA_HOME=`java-config --jre-home`
+  fi
+fi
+
+if [ -z "$M2_HOME" ] ; then
+  ## resolve links - $0 may be a link to maven's home
+  PRG="$0"
+
+  # need this for relative symlinks
+  while [ -h "$PRG" ] ; do
+    ls=`ls -ld "$PRG"`
+    link=`expr "$ls" : '.*-> \(.*\)$'`
+    if expr "$link" : '/.*' > /dev/null; then
+      PRG="$link"
+    else
+      PRG="`dirname "$PRG"`/$link"
+    fi
+  done
+
+  saveddir=`pwd`
+
+  M2_HOME=`dirname "$PRG"`/..
+
+  # make it fully qualified
+  M2_HOME=`cd "$M2_HOME" && pwd`
+
+  cd "$saveddir"
+  # echo Using m2 at $M2_HOME
+fi
+
+# For Cygwin, ensure paths are in UNIX format before anything is touched
+if $cygwin ; then
+  [ -n "$M2_HOME" ] &&
+    M2_HOME=`cygpath --unix "$M2_HOME"`
+  [ -n "$JAVA_HOME" ] &&
+    JAVA_HOME=`cygpath --unix "$JAVA_HOME"`
+  [ -n "$CLASSPATH" ] &&
+    CLASSPATH=`cygpath --path --unix "$CLASSPATH"`
+fi
+
+# For Mingw, ensure paths are in UNIX format before anything is touched
+if $mingw ; then
+  [ -n "$M2_HOME" ] &&
+    M2_HOME="`(cd "$M2_HOME"; pwd)`"
+  [ -n "$JAVA_HOME" ] &&
+    JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`"
+fi
+
+if [ -z "$JAVA_HOME" ]; then
+  javaExecutable="`which javac`"
+  if [ -n "$javaExecutable" ] && ! [ "`expr \"$javaExecutable\" : '\([^ ]*\)'`" = "no" ]; then
+    # readlink(1) is not available as standard on Solaris 10.
+    readLink=`which readlink`
+    if [ ! `expr "$readLink" : '\([^ ]*\)'` = "no" ]; then
+      if $darwin ; then
+        javaHome="`dirname \"$javaExecutable\"`"
+        javaExecutable="`cd \"$javaHome\" && pwd -P`/javac"
+      else
+        javaExecutable="`readlink -f \"$javaExecutable\"`"
+      fi
+      javaHome="`dirname \"$javaExecutable\"`"
+      javaHome=`expr "$javaHome" : '\(.*\)/bin'`
+      JAVA_HOME="$javaHome"
+      export JAVA_HOME
+    fi
+  fi
+fi
+
+if [ -z "$JAVACMD" ] ; then
+  if [ -n "$JAVA_HOME"  ] ; then
+    if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
+      # IBM's JDK on AIX uses strange locations for the executables
+      JAVACMD="$JAVA_HOME/jre/sh/java"
+    else
+      JAVACMD="$JAVA_HOME/bin/java"
+    fi
+  else
+    JAVACMD="`\\unset -f command; \\command -v java`"
+  fi
+fi
+
+if [ ! -x "$JAVACMD" ] ; then
+  echo "Error: JAVA_HOME is not defined correctly." >&2
+  echo "  We cannot execute $JAVACMD" >&2
+  exit 1
+fi
+
+if [ -z "$JAVA_HOME" ] ; then
+  echo "Warning: JAVA_HOME environment variable is not set."
+fi
+
+CLASSWORLDS_LAUNCHER=org.codehaus.plexus.classworlds.launcher.Launcher
+
+# traverses directory structure from process work directory to filesystem root
+# first directory with .mvn subdirectory is considered project base directory
+find_maven_basedir() {
+
+  if [ -z "$1" ]
+  then
+    echo "Path not specified to find_maven_basedir"
+    return 1
+  fi
+
+  basedir="$1"
+  wdir="$1"
+  while [ "$wdir" != '/' ] ; do
+    if [ -d "$wdir"/.mvn ] ; then
+      basedir=$wdir
+      break
+    fi
+    # workaround for JBEAP-8937 (on Solaris 10/Sparc)
+    if [ -d "${wdir}" ]; then
+      wdir=`cd "$wdir/.."; pwd`
+    fi
+    # end of workaround
+  done
+  echo "${basedir}"
+}
+
+# concatenates all lines of a file
+concat_lines() {
+  if [ -f "$1" ]; then
+    echo "$(tr -s '\n' ' ' < "$1")"
+  fi
+}
+
+BASE_DIR=`find_maven_basedir "$(pwd)"`
+if [ -z "$BASE_DIR" ]; then
+  exit 1;
+fi
+
+##########################################################################################
+# Extension to allow automatically downloading the maven-wrapper.jar from Maven-central
+# This allows using the maven wrapper in projects that prohibit checking in binary data.
+##########################################################################################
+if [ -r "$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" ]; then
+    if [ "$MVNW_VERBOSE" = true ]; then
+      echo "Found .mvn/wrapper/maven-wrapper.jar"
+    fi
+else
+    if [ "$MVNW_VERBOSE" = true ]; then
+      echo "Couldn't find .mvn/wrapper/maven-wrapper.jar, downloading it ..."
+    fi
+    if [ -n "$MVNW_REPOURL" ]; then
+      jarUrl="$MVNW_REPOURL/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
+    else
+      jarUrl="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
+    fi
+    while IFS="=" read key value; do
+      case "$key" in (wrapperUrl) jarUrl="$value"; break ;;
+      esac
+    done < "$BASE_DIR/.mvn/wrapper/maven-wrapper.properties"
+    if [ "$MVNW_VERBOSE" = true ]; then
+      echo "Downloading from: $jarUrl"
+    fi
+    wrapperJarPath="$BASE_DIR/.mvn/wrapper/maven-wrapper.jar"
+    if $cygwin; then
+      wrapperJarPath=`cygpath --path --windows "$wrapperJarPath"`
+    fi
+
+    if command -v wget > /dev/null; then
+        if [ "$MVNW_VERBOSE" = true ]; then
+          echo "Found wget ... using wget"
+        fi
+        if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then
+            wget "$jarUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath"
+        else
+            wget --http-user=$MVNW_USERNAME --http-password=$MVNW_PASSWORD "$jarUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath"
+        fi
+    elif command -v curl > /dev/null; then
+        if [ "$MVNW_VERBOSE" = true ]; then
+          echo "Found curl ... using curl"
+        fi
+        if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then
+            curl -o "$wrapperJarPath" "$jarUrl" -f
+        else
+            curl --user $MVNW_USERNAME:$MVNW_PASSWORD -o "$wrapperJarPath" "$jarUrl" -f
+        fi
+
+    else
+        if [ "$MVNW_VERBOSE" = true ]; then
+          echo "Falling back to using Java to download"
+        fi
+        javaClass="$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.java"
+        # For Cygwin, switch paths to Windows format before running javac
+        if $cygwin; then
+          javaClass=`cygpath --path --windows "$javaClass"`
+        fi
+        if [ -e "$javaClass" ]; then
+            if [ ! -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then
+                if [ "$MVNW_VERBOSE" = true ]; then
+                  echo " - Compiling MavenWrapperDownloader.java ..."
+                fi
+                # Compiling the Java class
+                ("$JAVA_HOME/bin/javac" "$javaClass")
+            fi
+            if [ -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then
+                # Running the downloader
+                if [ "$MVNW_VERBOSE" = true ]; then
+                  echo " - Running MavenWrapperDownloader.java ..."
+                fi
+                ("$JAVA_HOME/bin/java" -cp .mvn/wrapper MavenWrapperDownloader "$MAVEN_PROJECTBASEDIR")
+            fi
+        fi
+    fi
+fi
+##########################################################################################
+# End of extension
+##########################################################################################
+
+export MAVEN_PROJECTBASEDIR=${MAVEN_BASEDIR:-"$BASE_DIR"}
+if [ "$MVNW_VERBOSE" = true ]; then
+  echo $MAVEN_PROJECTBASEDIR
+fi
+MAVEN_OPTS="$(concat_lines "$MAVEN_PROJECTBASEDIR/.mvn/jvm.config") $MAVEN_OPTS"
+
+# For Cygwin, switch paths to Windows format before running java
+if $cygwin; then
+  [ -n "$M2_HOME" ] &&
+    M2_HOME=`cygpath --path --windows "$M2_HOME"`
+  [ -n "$JAVA_HOME" ] &&
+    JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"`
+  [ -n "$CLASSPATH" ] &&
+    CLASSPATH=`cygpath --path --windows "$CLASSPATH"`
+  [ -n "$MAVEN_PROJECTBASEDIR" ] &&
+    MAVEN_PROJECTBASEDIR=`cygpath --path --windows "$MAVEN_PROJECTBASEDIR"`
+fi
+
+# Provide a "standardized" way to retrieve the CLI args that will
+# work with both Windows and non-Windows executions.
+MAVEN_CMD_LINE_ARGS="$MAVEN_CONFIG $@"
+export MAVEN_CMD_LINE_ARGS
+
+WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
+
+exec "$JAVACMD" \
+  $MAVEN_OPTS \
+  $MAVEN_DEBUG_OPTS \
+  -classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \
+  "-Dmaven.home=${M2_HOME}" \
+  "-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \
+  ${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@"
diff --git a/cve/java-spring-security/2022/CVE-2022-22978/mvnw.cmd b/cve/java-spring-security/2022/CVE-2022-22978/mvnw.cmd
new file mode 100644
index 00000000..1d8ab018
--- /dev/null
+++ b/cve/java-spring-security/2022/CVE-2022-22978/mvnw.cmd
@@ -0,0 +1,188 @@
+@REM ----------------------------------------------------------------------------
+@REM Licensed to the Apache Software Foundation (ASF) under one
+@REM or more contributor license agreements.  See the NOTICE file
+@REM distributed with this work for additional information
+@REM regarding copyright ownership.  The ASF licenses this file
+@REM to you under the Apache License, Version 2.0 (the
+@REM "License"); you may not use this file except in compliance
+@REM with the License.  You may obtain a copy of the License at
+@REM
+@REM    https://www.apache.org/licenses/LICENSE-2.0
+@REM
+@REM Unless required by applicable law or agreed to in writing,
+@REM software distributed under the License is distributed on an
+@REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+@REM KIND, either express or implied.  See the License for the
+@REM specific language governing permissions and limitations
+@REM under the License.
+@REM ----------------------------------------------------------------------------
+
+@REM ----------------------------------------------------------------------------
+@REM Maven Start Up Batch script
+@REM
+@REM Required ENV vars:
+@REM JAVA_HOME - location of a JDK home dir
+@REM
+@REM Optional ENV vars
+@REM M2_HOME - location of maven2's installed home dir
+@REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands
+@REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a keystroke before ending
+@REM MAVEN_OPTS - parameters passed to the Java VM when running Maven
+@REM     e.g. to debug Maven itself, use
+@REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000
+@REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files
+@REM ----------------------------------------------------------------------------
+
+@REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on'
+@echo off
+@REM set title of command window
+title %0
+@REM enable echoing by setting MAVEN_BATCH_ECHO to 'on'
+@if "%MAVEN_BATCH_ECHO%" == "on"  echo %MAVEN_BATCH_ECHO%
+
+@REM set %HOME% to equivalent of $HOME
+if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%")
+
+@REM Execute a user defined script before this one
+if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre
+@REM check for pre script, once with legacy .bat ending and once with .cmd ending
+if exist "%USERPROFILE%\mavenrc_pre.bat" call "%USERPROFILE%\mavenrc_pre.bat" %*
+if exist "%USERPROFILE%\mavenrc_pre.cmd" call "%USERPROFILE%\mavenrc_pre.cmd" %*
+:skipRcPre
+
+@setlocal
+
+set ERROR_CODE=0
+
+@REM To isolate internal variables from possible post scripts, we use another setlocal
+@setlocal
+
+@REM ==== START VALIDATION ====
+if not "%JAVA_HOME%" == "" goto OkJHome
+
+echo.
+echo Error: JAVA_HOME not found in your environment. >&2
+echo Please set the JAVA_HOME variable in your environment to match the >&2
+echo location of your Java installation. >&2
+echo.
+goto error
+
+:OkJHome
+if exist "%JAVA_HOME%\bin\java.exe" goto init
+
+echo.
+echo Error: JAVA_HOME is set to an invalid directory. >&2
+echo JAVA_HOME = "%JAVA_HOME%" >&2
+echo Please set the JAVA_HOME variable in your environment to match the >&2
+echo location of your Java installation. >&2
+echo.
+goto error
+
+@REM ==== END VALIDATION ====
+
+:init
+
+@REM Find the project base dir, i.e. the directory that contains the folder ".mvn".
+@REM Fallback to current working directory if not found.
+
+set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR%
+IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir
+
+set EXEC_DIR=%CD%
+set WDIR=%EXEC_DIR%
+:findBaseDir
+IF EXIST "%WDIR%"\.mvn goto baseDirFound
+cd ..
+IF "%WDIR%"=="%CD%" goto baseDirNotFound
+set WDIR=%CD%
+goto findBaseDir
+
+:baseDirFound
+set MAVEN_PROJECTBASEDIR=%WDIR%
+cd "%EXEC_DIR%"
+goto endDetectBaseDir
+
+:baseDirNotFound
+set MAVEN_PROJECTBASEDIR=%EXEC_DIR%
+cd "%EXEC_DIR%"
+
+:endDetectBaseDir
+
+IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig
+
+@setlocal EnableExtensions EnableDelayedExpansion
+for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a
+@endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS%
+
+:endReadAdditionalConfig
+
+SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe"
+set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar"
+set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
+
+set DOWNLOAD_URL="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
+
+FOR /F "usebackq tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO (
+    IF "%%A"=="wrapperUrl" SET DOWNLOAD_URL=%%B
+)
+
+@REM Extension to allow automatically downloading the maven-wrapper.jar from Maven-central
+@REM This allows using the maven wrapper in projects that prohibit checking in binary data.
+if exist %WRAPPER_JAR% (
+    if "%MVNW_VERBOSE%" == "true" (
+        echo Found %WRAPPER_JAR%
+    )
+) else (
+    if not "%MVNW_REPOURL%" == "" (
+        SET DOWNLOAD_URL="%MVNW_REPOURL%/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
+    )
+    if "%MVNW_VERBOSE%" == "true" (
+        echo Couldn't find %WRAPPER_JAR%, downloading it ...
+        echo Downloading from: %DOWNLOAD_URL%
+    )
+
+    powershell -Command "&{"^
+		"$webclient = new-object System.Net.WebClient;"^
+		"if (-not ([string]::IsNullOrEmpty('%MVNW_USERNAME%') -and [string]::IsNullOrEmpty('%MVNW_PASSWORD%'))) {"^
+		"$webclient.Credentials = new-object System.Net.NetworkCredential('%MVNW_USERNAME%', '%MVNW_PASSWORD%');"^
+		"}"^
+		"[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; $webclient.DownloadFile('%DOWNLOAD_URL%', '%WRAPPER_JAR%')"^
+		"}"
+    if "%MVNW_VERBOSE%" == "true" (
+        echo Finished downloading %WRAPPER_JAR%
+    )
+)
+@REM End of extension
+
+@REM Provide a "standardized" way to retrieve the CLI args that will
+@REM work with both Windows and non-Windows executions.
+set MAVEN_CMD_LINE_ARGS=%*
+
+%MAVEN_JAVA_EXE% ^
+  %JVM_CONFIG_MAVEN_PROPS% ^
+  %MAVEN_OPTS% ^
+  %MAVEN_DEBUG_OPTS% ^
+  -classpath %WRAPPER_JAR% ^
+  "-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" ^
+  %WRAPPER_LAUNCHER% %MAVEN_CONFIG% %*
+if ERRORLEVEL 1 goto error
+goto end
+
+:error
+set ERROR_CODE=1
+
+:end
+@endlocal & set ERROR_CODE=%ERROR_CODE%
+
+if not "%MAVEN_SKIP_RC%"=="" goto skipRcPost
+@REM check for post script, once with legacy .bat ending and once with .cmd ending
+if exist "%USERPROFILE%\mavenrc_post.bat" call "%USERPROFILE%\mavenrc_post.bat"
+if exist "%USERPROFILE%\mavenrc_post.cmd" call "%USERPROFILE%\mavenrc_post.cmd"
+:skipRcPost
+
+@REM pause the script if MAVEN_BATCH_PAUSE is set to 'on'
+if "%MAVEN_BATCH_PAUSE%"=="on" pause
+
+if "%MAVEN_TERMINATE_CMD%"=="on" exit %ERROR_CODE%
+
+cmd /C exit /B %ERROR_CODE%
diff --git a/cve/java-spring-security/2022/CVE-2022-22978/pom.xml b/cve/java-spring-security/2022/CVE-2022-22978/pom.xml
new file mode 100644
index 00000000..861fa8cf
--- /dev/null
+++ b/cve/java-spring-security/2022/CVE-2022-22978/pom.xml
@@ -0,0 +1,68 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>org.springframework.boot</groupId>
+        <artifactId>spring-boot-starter-parent</artifactId>
+        <version>2.7.0</version>
+        <relativePath/> <!-- lookup parent from repository -->
+    </parent>
+    <groupId>cc.saferoad</groupId>
+    <artifactId>CVE-2022-22978</artifactId>
+    <version>0.0.1-SNAPSHOT</version>
+    <packaging>jar</packaging>
+    <name>CVE-2022-22978</name>
+    <description>CVE-2022-22978</description>
+    <properties>
+        <java.version>1.8</java.version>
+        <spring-security.version>5.6.3</spring-security.version>
+    </properties>
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-tomcat</artifactId>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-test</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-thymeleaf</artifactId>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.springframework.boot</groupId>
+                <artifactId>spring-boot-maven-plugin</artifactId>
+                <configuration>
+                    <jvmArguments>
+                        -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8989
+                    </jvmArguments>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <configuration>
+                    <testFailureIgnore>true</testFailureIgnore>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+
+</project>
diff --git a/cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/config/SpringSecurityConfig.java b/cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/config/SpringSecurityConfig.java
new file mode 100644
index 00000000..2415af49
--- /dev/null
+++ b/cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/config/SpringSecurityConfig.java
@@ -0,0 +1,16 @@
+package cc.saferoad.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+@EnableWebSecurity
+public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Override
+    protected void configure(HttpSecurity httpSecurity) throws Exception{
+        httpSecurity.authorizeRequests().regexMatchers("/admin/.*").authenticated();
+    }
+}
diff --git a/cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/controller/Demo.java b/cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/controller/Demo.java
new file mode 100644
index 00000000..f32b5613
--- /dev/null
+++ b/cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/controller/Demo.java
@@ -0,0 +1,21 @@
+package cc.saferoad.controller;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+/*@RestController*/
+@Controller
+public class Demo {
+    @GetMapping("/admin/*")
+    public String Manage(){
+        /*return "Manage page";*/
+        return "manage";
+    }
+
+    @GetMapping("/")
+    public String User(){
+       /* return "Hello bro";*/
+        return "index";
+    }
+}
diff --git a/cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/cve202222978/Cve202222978Application.java b/cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/cve202222978/Cve202222978Application.java
new file mode 100644
index 00000000..cc5f37e2
--- /dev/null
+++ b/cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/cve202222978/Cve202222978Application.java
@@ -0,0 +1,13 @@
+package cc.saferoad.cve202222978;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication(scanBasePackages = {"cc.saferoad"})
+public class Cve202222978Application {
+
+    public static void main(String[] args) {
+        SpringApplication.run(Cve202222978Application.class, args);
+    }
+
+}
diff --git a/cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/cve202222978/ServletInitializer.java b/cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/cve202222978/ServletInitializer.java
new file mode 100644
index 00000000..08cf3001
--- /dev/null
+++ b/cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/cve202222978/ServletInitializer.java
@@ -0,0 +1,15 @@
+package cc.saferoad.cve202222978;
+
+import org.springframework.boot.builder.SpringApplicationBuilder;
+import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
+import org.springframework.context.annotation.ComponentScan;
+
+@ComponentScan(basePackages = {"cc.saferoad"})
+public class ServletInitializer extends SpringBootServletInitializer {
+
+    @Override
+    protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
+        return application.sources(Cve202222978Application.class);
+    }
+
+}
diff --git a/cve/java-spring-security/2022/CVE-2022-22978/src/main/resources/application.properties b/cve/java-spring-security/2022/CVE-2022-22978/src/main/resources/application.properties
new file mode 100644
index 00000000..8b137891
--- /dev/null
+++ b/cve/java-spring-security/2022/CVE-2022-22978/src/main/resources/application.properties
@@ -0,0 +1 @@
+
diff --git a/cve/java-spring-security/2022/CVE-2022-22978/src/main/resources/templates/index.html b/cve/java-spring-security/2022/CVE-2022-22978/src/main/resources/templates/index.html
new file mode 100644
index 00000000..682abdc5
--- /dev/null
+++ b/cve/java-spring-security/2022/CVE-2022-22978/src/main/resources/templates/index.html
@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>CVE-2022-22978</title>
+</head>
+<body>
+<h3>
+    CVE-2022-22978 Demo via Spring security 5.6.3<br/>
+    Manage page: <a href="/admin/index">/admin/index</a><br/>
+Payload: http://localhost:8080/admin/index%0a
+</h3>
+</body>
+</html>
\ No newline at end of file
diff --git a/cve/java-spring-security/2022/CVE-2022-22978/src/main/resources/templates/manage.html b/cve/java-spring-security/2022/CVE-2022-22978/src/main/resources/templates/manage.html
new file mode 100644
index 00000000..eeb40f2a
--- /dev/null
+++ b/cve/java-spring-security/2022/CVE-2022-22978/src/main/resources/templates/manage.html
@@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>Manage</title>
+</head>
+<body>
+<h3>This is manage page</h3>
+</body>
+</html>
\ No newline at end of file
diff --git a/cve/java-spring-security/2022/CVE-2022-22978/src/test/java/cc/saferoad/cve202222978/Cve202222978ApplicationTests.java b/cve/java-spring-security/2022/CVE-2022-22978/src/test/java/cc/saferoad/cve202222978/Cve202222978ApplicationTests.java
new file mode 100644
index 00000000..f24ec389
--- /dev/null
+++ b/cve/java-spring-security/2022/CVE-2022-22978/src/test/java/cc/saferoad/cve202222978/Cve202222978ApplicationTests.java
@@ -0,0 +1,13 @@
+package cc.saferoad.cve202222978;
+
+import org.junit.jupiter.api.Test;
+import org.springframework.boot.test.context.SpringBootTest;
+
+@SpringBootTest
+class Cve202222978ApplicationTests {
+
+    @Test
+    void contextLoads() {
+    }
+
+}
diff --git a/cve/java-spring-security/2022/CVE-2022-22978/src/test/java/cc/saferoad/cve202222978/RegexRequestMatcherTests.java b/cve/java-spring-security/2022/CVE-2022-22978/src/test/java/cc/saferoad/cve202222978/RegexRequestMatcherTests.java
new file mode 100644
index 00000000..864b8573
--- /dev/null
+++ b/cve/java-spring-security/2022/CVE-2022-22978/src/test/java/cc/saferoad/cve202222978/RegexRequestMatcherTests.java
@@ -0,0 +1,17 @@
+package cc.saferoad.cve202222978;
+
+import org.junit.jupiter.api.Test;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.security.web.util.matcher.RegexRequestMatcher;
+import static org.assertj.core.api.Assertions.assertThat;
+
+public class RegexRequestMatcherTests {
+
+    @Test
+    public void matchesWithLineFeed() {
+        RegexRequestMatcher matcher = new RegexRequestMatcher(".*", null);
+        MockHttpServletRequest request = new MockHttpServletRequest("GET", "/blah%0d");
+        request.setServletPath("/blah\r");
+        assertThat(matcher.matches(request)).isTrue();
+    }
+}
diff --git a/cve/java-spring-security/2022/yaml/CVE-2022-22978.yaml b/cve/java-spring-security/2022/yaml/CVE-2022-22978.yaml
new file mode 100644
index 00000000..a6eb45ea
--- /dev/null
+++ b/cve/java-spring-security/2022/yaml/CVE-2022-22978.yaml
@@ -0,0 +1,22 @@
+id: CVE-2022-22978 
+source: 
+  https://github.com/DeEpinGh0st/CVE-2022-22978
+info:
+  name: Authorization Bypass in RegexRequestMatcher of Spring Security
+  severity: critical
+  description: |
+    在Spring Security中使用RegexRequestMatcher且规则中包含带点号的正则表达式时，攻击者可以通过构造恶意数据包绕过身份认证
+  scope-of-influence:
+    Spring Security 5.5.x prior to 5.5.75.5.6
+    Spring Security 5.6.x prior to 5.6.45.6.3
+    Spring Security Earlier unsupported versions
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-22978
+  classification:
+    cvss-metrics:  CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-22978
+    cwe-id: None
+    cnvd-id: None
+    kve-id: None
+  tags: cve2022, spring-security
\ No newline at end of file
-- 
Gitee


From 7755863c010dadb1155db0494db7094c983a0728 Mon Sep 17 00:00:00 2001
From: Zhangqichen131 <qczhang@buaa.edu.cn>
Date: Fri, 7 Apr 2023 04:56:35 +0000
Subject: [PATCH 03/12] update
 cve/java-spring-security/2022/yaml/CVE-2022-22978.yaml.

Signed-off-by: Zhangqichen131 <qczhang@buaa.edu.cn>
---
 cve/java-spring-security/2022/yaml/CVE-2022-22978.yaml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/cve/java-spring-security/2022/yaml/CVE-2022-22978.yaml b/cve/java-spring-security/2022/yaml/CVE-2022-22978.yaml
index a6eb45ea..430b5e70 100644
--- a/cve/java-spring-security/2022/yaml/CVE-2022-22978.yaml
+++ b/cve/java-spring-security/2022/yaml/CVE-2022-22978.yaml
@@ -2,10 +2,10 @@ id: CVE-2022-22978
 source: 
   https://github.com/DeEpinGh0st/CVE-2022-22978
 info:
-  name: Authorization Bypass in RegexRequestMatcher of Spring Security
+  name: Spring Security是一个能够为基于Spring的企业应用系统提供声明式的安全访问控制解决方案的安全框架。
   severity: critical
   description: |
-    在Spring Security中使用RegexRequestMatcher且规则中包含带点号的正则表达式时，攻击者可以通过构造恶意数据包绕过身份认证
+    在Spring Security中使用RegexRequestMatcher且规则中包含带点号的正则表达式时，攻击者可以通过构造恶意数据包绕过身份认证。
   scope-of-influence:
     Spring Security 5.5.x prior to 5.5.75.5.6
     Spring Security 5.6.x prior to 5.6.45.6.3
@@ -16,7 +16,7 @@ info:
     cvss-metrics:  CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2022-22978
-    cwe-id: None
+    cwe-id: CWE-863, CWE-285
     cnvd-id: None
     kve-id: None
   tags: cve2022, spring-security
\ No newline at end of file
-- 
Gitee


From a094aec743cca694cb3c3ba83266358fa39446f4 Mon Sep 17 00:00:00 2001
From: Zhangqichen131 <qczhang@buaa.edu.cn>
Date: Fri, 7 Apr 2023 04:57:55 +0000
Subject: [PATCH 04/12] =?UTF-8?q?=E5=88=A0=E9=99=A4=E6=96=87=E4=BB=B6=20cv?=
 =?UTF-8?q?e/java-spring-security/2022/CVE-2022-22978/Dockerfile?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 cve/java-spring-security/2022/CVE-2022-22978/Dockerfile | 5 -----
 1 file changed, 5 deletions(-)
 delete mode 100644 cve/java-spring-security/2022/CVE-2022-22978/Dockerfile

diff --git a/cve/java-spring-security/2022/CVE-2022-22978/Dockerfile b/cve/java-spring-security/2022/CVE-2022-22978/Dockerfile
deleted file mode 100644
index f7771d2f..00000000
--- a/cve/java-spring-security/2022/CVE-2022-22978/Dockerfile
+++ /dev/null
@@ -1,5 +0,0 @@
-FROM openjdk:8-jdk-alpine
-MAINTAINER S0cke3t
-EXPOSE 8080
-ADD target/CVE-2022-22978-0.0.1-SNAPSHOT.jar demo.jar
-ENTRYPOINT exec java -jar /demo.jar
\ No newline at end of file
-- 
Gitee


From 409674b06afe070807c85f019438595544fb6156 Mon Sep 17 00:00:00 2001
From: Zhangqichen131 <qczhang@buaa.edu.cn>
Date: Fri, 7 Apr 2023 07:51:22 +0000
Subject: [PATCH 05/12] add
 cve/java-spring-security/2022/CVE-2022-22978/POC_environment submodule.

Signed-off-by: Zhangqichen131 <qczhang@buaa.edu.cn>
---
 .gitmodules                                                  | 4 ++++
 cve/java-spring-security/2022/CVE-2022-22978/POC_environment | 1 +
 2 files changed, 5 insertions(+)
 create mode 100644 .gitmodules
 create mode 160000 cve/java-spring-security/2022/CVE-2022-22978/POC_environment

diff --git a/.gitmodules b/.gitmodules
new file mode 100644
index 00000000..5348644e
--- /dev/null
+++ b/.gitmodules
@@ -0,0 +1,4 @@
+[submodule "cve/java-spring-security/2022/CVE-2022-22978/POC_environment"]
+	url  = https://gitee.com/zhangqichen131/openkylin-exploit-db
+	path = cve/java-spring-security/2022/CVE-2022-22978/POC_environment
+
diff --git a/cve/java-spring-security/2022/CVE-2022-22978/POC_environment b/cve/java-spring-security/2022/CVE-2022-22978/POC_environment
new file mode 160000
index 00000000..a094aec7
--- /dev/null
+++ b/cve/java-spring-security/2022/CVE-2022-22978/POC_environment
@@ -0,0 +1 @@
+Subproject commit a094aec743cca694cb3c3ba83266358fa39446f4
-- 
Gitee


From 449ee8eddb3281831dbaccfc3747499a564e046c Mon Sep 17 00:00:00 2001
From: Zhangqichen131 <qczhang@buaa.edu.cn>
Date: Fri, 7 Apr 2023 07:57:09 +0000
Subject: [PATCH 06/12] =?UTF-8?q?=E5=88=A0=E9=99=A4=E5=AD=90=E6=A8=A1?=
 =?UTF-8?q?=E5=9D=97=20cve/java-spring-security/2022/CVE-2022-22978/POC=5F?=
 =?UTF-8?q?environment?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .gitmodules                                                  | 4 ----
 cve/java-spring-security/2022/CVE-2022-22978/POC_environment | 1 -
 2 files changed, 5 deletions(-)
 delete mode 160000 cve/java-spring-security/2022/CVE-2022-22978/POC_environment

diff --git a/.gitmodules b/.gitmodules
index 5348644e..e69de29b 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,4 +0,0 @@
-[submodule "cve/java-spring-security/2022/CVE-2022-22978/POC_environment"]
-	url  = https://gitee.com/zhangqichen131/openkylin-exploit-db
-	path = cve/java-spring-security/2022/CVE-2022-22978/POC_environment
-
diff --git a/cve/java-spring-security/2022/CVE-2022-22978/POC_environment b/cve/java-spring-security/2022/CVE-2022-22978/POC_environment
deleted file mode 160000
index a094aec7..00000000
--- a/cve/java-spring-security/2022/CVE-2022-22978/POC_environment
+++ /dev/null
@@ -1 +0,0 @@
-Subproject commit a094aec743cca694cb3c3ba83266358fa39446f4
-- 
Gitee


From f9868558091135b77ff3f2d5123593bbc54fbe04 Mon Sep 17 00:00:00 2001
From: Zhangqichen131 <qczhang@buaa.edu.cn>
Date: Fri, 7 Apr 2023 08:03:28 +0000
Subject: [PATCH 07/12] add
 cve/java-spring-security/2022/CVE-2022-22978/POC_environment submodule.

Signed-off-by: Zhangqichen131 <qczhang@buaa.edu.cn>
---
 .gitmodules                                                  | 4 ++++
 cve/java-spring-security/2022/CVE-2022-22978/POC_environment | 1 +
 2 files changed, 5 insertions(+)
 create mode 160000 cve/java-spring-security/2022/CVE-2022-22978/POC_environment

diff --git a/.gitmodules b/.gitmodules
index e69de29b..dc54b713 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -0,0 +1,4 @@
+[submodule "cve/java-spring-security/2022/CVE-2022-22978/POC_environment"]
+	url  = https://gitee.com/zhangqichen131/cve-2022-22978-poc-environment
+	path = cve/java-spring-security/2022/CVE-2022-22978/POC_environment
+
diff --git a/cve/java-spring-security/2022/CVE-2022-22978/POC_environment b/cve/java-spring-security/2022/CVE-2022-22978/POC_environment
new file mode 160000
index 00000000..6fe163bf
--- /dev/null
+++ b/cve/java-spring-security/2022/CVE-2022-22978/POC_environment
@@ -0,0 +1 @@
+Subproject commit 6fe163bfad94dea19984d85013c88d9586162a89
-- 
Gitee


From b0c253b6e1aade20b6313a453691acd169c907e7 Mon Sep 17 00:00:00 2001
From: Zhangqichen131 <qczhang@buaa.edu.cn>
Date: Fri, 7 Apr 2023 08:03:51 +0000
Subject: [PATCH 08/12] =?UTF-8?q?=E5=88=A0=E9=99=A4=E6=96=87=E4=BB=B6=20cv?=
 =?UTF-8?q?e/java-spring-security/2022/CVE-2022-22978/.mvn/wrapper?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../2022/CVE-2022-22978/.mvn/wrapper/maven-wrapper.properties   | 2 --
 1 file changed, 2 deletions(-)
 delete mode 100644 cve/java-spring-security/2022/CVE-2022-22978/.mvn/wrapper/maven-wrapper.properties

diff --git a/cve/java-spring-security/2022/CVE-2022-22978/.mvn/wrapper/maven-wrapper.properties b/cve/java-spring-security/2022/CVE-2022-22978/.mvn/wrapper/maven-wrapper.properties
deleted file mode 100644
index b7cb93e7..00000000
--- a/cve/java-spring-security/2022/CVE-2022-22978/.mvn/wrapper/maven-wrapper.properties
+++ /dev/null
@@ -1,2 +0,0 @@
-distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.8.4/apache-maven-3.8.4-bin.zip
-wrapperUrl=https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar
-- 
Gitee


From 037a8511ac7cd387682be1d50ef31d4508250fc3 Mon Sep 17 00:00:00 2001
From: Zhangqichen131 <qczhang@buaa.edu.cn>
Date: Fri, 7 Apr 2023 08:03:59 +0000
Subject: [PATCH 09/12] =?UTF-8?q?=E5=88=A0=E9=99=A4=E6=96=87=E4=BB=B6=20cv?=
 =?UTF-8?q?e/java-spring-security/2022/CVE-2022-22978/src?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../saferoad/config/SpringSecurityConfig.java | 16 --------------
 .../java/cc/saferoad/controller/Demo.java     | 21 -------------------
 .../cve202222978/Cve202222978Application.java | 13 ------------
 .../cve202222978/ServletInitializer.java      | 15 -------------
 .../src/main/resources/application.properties |  1 -
 .../src/main/resources/templates/index.html   | 14 -------------
 .../src/main/resources/templates/manage.html  | 10 ---------
 .../Cve202222978ApplicationTests.java         | 13 ------------
 .../RegexRequestMatcherTests.java             | 17 ---------------
 9 files changed, 120 deletions(-)
 delete mode 100644 cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/config/SpringSecurityConfig.java
 delete mode 100644 cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/controller/Demo.java
 delete mode 100644 cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/cve202222978/Cve202222978Application.java
 delete mode 100644 cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/cve202222978/ServletInitializer.java
 delete mode 100644 cve/java-spring-security/2022/CVE-2022-22978/src/main/resources/application.properties
 delete mode 100644 cve/java-spring-security/2022/CVE-2022-22978/src/main/resources/templates/index.html
 delete mode 100644 cve/java-spring-security/2022/CVE-2022-22978/src/main/resources/templates/manage.html
 delete mode 100644 cve/java-spring-security/2022/CVE-2022-22978/src/test/java/cc/saferoad/cve202222978/Cve202222978ApplicationTests.java
 delete mode 100644 cve/java-spring-security/2022/CVE-2022-22978/src/test/java/cc/saferoad/cve202222978/RegexRequestMatcherTests.java

diff --git a/cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/config/SpringSecurityConfig.java b/cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/config/SpringSecurityConfig.java
deleted file mode 100644
index 2415af49..00000000
--- a/cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/config/SpringSecurityConfig.java
+++ /dev/null
@@ -1,16 +0,0 @@
-package cc.saferoad.config;
-
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-
-@Configuration
-@EnableWebSecurity
-public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
-
-    @Override
-    protected void configure(HttpSecurity httpSecurity) throws Exception{
-        httpSecurity.authorizeRequests().regexMatchers("/admin/.*").authenticated();
-    }
-}
diff --git a/cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/controller/Demo.java b/cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/controller/Demo.java
deleted file mode 100644
index f32b5613..00000000
--- a/cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/controller/Demo.java
+++ /dev/null
@@ -1,21 +0,0 @@
-package cc.saferoad.controller;
-
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.RestController;
-
-/*@RestController*/
-@Controller
-public class Demo {
-    @GetMapping("/admin/*")
-    public String Manage(){
-        /*return "Manage page";*/
-        return "manage";
-    }
-
-    @GetMapping("/")
-    public String User(){
-       /* return "Hello bro";*/
-        return "index";
-    }
-}
diff --git a/cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/cve202222978/Cve202222978Application.java b/cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/cve202222978/Cve202222978Application.java
deleted file mode 100644
index cc5f37e2..00000000
--- a/cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/cve202222978/Cve202222978Application.java
+++ /dev/null
@@ -1,13 +0,0 @@
-package cc.saferoad.cve202222978;
-
-import org.springframework.boot.SpringApplication;
-import org.springframework.boot.autoconfigure.SpringBootApplication;
-
-@SpringBootApplication(scanBasePackages = {"cc.saferoad"})
-public class Cve202222978Application {
-
-    public static void main(String[] args) {
-        SpringApplication.run(Cve202222978Application.class, args);
-    }
-
-}
diff --git a/cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/cve202222978/ServletInitializer.java b/cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/cve202222978/ServletInitializer.java
deleted file mode 100644
index 08cf3001..00000000
--- a/cve/java-spring-security/2022/CVE-2022-22978/src/main/java/cc/saferoad/cve202222978/ServletInitializer.java
+++ /dev/null
@@ -1,15 +0,0 @@
-package cc.saferoad.cve202222978;
-
-import org.springframework.boot.builder.SpringApplicationBuilder;
-import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
-import org.springframework.context.annotation.ComponentScan;
-
-@ComponentScan(basePackages = {"cc.saferoad"})
-public class ServletInitializer extends SpringBootServletInitializer {
-
-    @Override
-    protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
-        return application.sources(Cve202222978Application.class);
-    }
-
-}
diff --git a/cve/java-spring-security/2022/CVE-2022-22978/src/main/resources/application.properties b/cve/java-spring-security/2022/CVE-2022-22978/src/main/resources/application.properties
deleted file mode 100644
index 8b137891..00000000
--- a/cve/java-spring-security/2022/CVE-2022-22978/src/main/resources/application.properties
+++ /dev/null
@@ -1 +0,0 @@
-
diff --git a/cve/java-spring-security/2022/CVE-2022-22978/src/main/resources/templates/index.html b/cve/java-spring-security/2022/CVE-2022-22978/src/main/resources/templates/index.html
deleted file mode 100644
index 682abdc5..00000000
--- a/cve/java-spring-security/2022/CVE-2022-22978/src/main/resources/templates/index.html
+++ /dev/null
@@ -1,14 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <title>CVE-2022-22978</title>
-</head>
-<body>
-<h3>
-    CVE-2022-22978 Demo via Spring security 5.6.3<br/>
-    Manage page: <a href="/admin/index">/admin/index</a><br/>
-Payload: http://localhost:8080/admin/index%0a
-</h3>
-</body>
-</html>
\ No newline at end of file
diff --git a/cve/java-spring-security/2022/CVE-2022-22978/src/main/resources/templates/manage.html b/cve/java-spring-security/2022/CVE-2022-22978/src/main/resources/templates/manage.html
deleted file mode 100644
index eeb40f2a..00000000
--- a/cve/java-spring-security/2022/CVE-2022-22978/src/main/resources/templates/manage.html
+++ /dev/null
@@ -1,10 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <title>Manage</title>
-</head>
-<body>
-<h3>This is manage page</h3>
-</body>
-</html>
\ No newline at end of file
diff --git a/cve/java-spring-security/2022/CVE-2022-22978/src/test/java/cc/saferoad/cve202222978/Cve202222978ApplicationTests.java b/cve/java-spring-security/2022/CVE-2022-22978/src/test/java/cc/saferoad/cve202222978/Cve202222978ApplicationTests.java
deleted file mode 100644
index f24ec389..00000000
--- a/cve/java-spring-security/2022/CVE-2022-22978/src/test/java/cc/saferoad/cve202222978/Cve202222978ApplicationTests.java
+++ /dev/null
@@ -1,13 +0,0 @@
-package cc.saferoad.cve202222978;
-
-import org.junit.jupiter.api.Test;
-import org.springframework.boot.test.context.SpringBootTest;
-
-@SpringBootTest
-class Cve202222978ApplicationTests {
-
-    @Test
-    void contextLoads() {
-    }
-
-}
diff --git a/cve/java-spring-security/2022/CVE-2022-22978/src/test/java/cc/saferoad/cve202222978/RegexRequestMatcherTests.java b/cve/java-spring-security/2022/CVE-2022-22978/src/test/java/cc/saferoad/cve202222978/RegexRequestMatcherTests.java
deleted file mode 100644
index 864b8573..00000000
--- a/cve/java-spring-security/2022/CVE-2022-22978/src/test/java/cc/saferoad/cve202222978/RegexRequestMatcherTests.java
+++ /dev/null
@@ -1,17 +0,0 @@
-package cc.saferoad.cve202222978;
-
-import org.junit.jupiter.api.Test;
-import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.security.web.util.matcher.RegexRequestMatcher;
-import static org.assertj.core.api.Assertions.assertThat;
-
-public class RegexRequestMatcherTests {
-
-    @Test
-    public void matchesWithLineFeed() {
-        RegexRequestMatcher matcher = new RegexRequestMatcher(".*", null);
-        MockHttpServletRequest request = new MockHttpServletRequest("GET", "/blah%0d");
-        request.setServletPath("/blah\r");
-        assertThat(matcher.matches(request)).isTrue();
-    }
-}
-- 
Gitee


From 823f06e8792ca2a35483aa28abfec77678af70dd Mon Sep 17 00:00:00 2001
From: Zhangqichen131 <qczhang@buaa.edu.cn>
Date: Fri, 7 Apr 2023 08:04:08 +0000
Subject: [PATCH 10/12] =?UTF-8?q?=E5=88=A0=E9=99=A4=E6=96=87=E4=BB=B6=20cv?=
 =?UTF-8?q?e/java-spring-security/2022/CVE-2022-22978/mvnw?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../2022/CVE-2022-22978/mvnw                  | 316 ------------------
 1 file changed, 316 deletions(-)
 delete mode 100644 cve/java-spring-security/2022/CVE-2022-22978/mvnw

diff --git a/cve/java-spring-security/2022/CVE-2022-22978/mvnw b/cve/java-spring-security/2022/CVE-2022-22978/mvnw
deleted file mode 100644
index 8a8fb228..00000000
--- a/cve/java-spring-security/2022/CVE-2022-22978/mvnw
+++ /dev/null
@@ -1,316 +0,0 @@
-#!/bin/sh
-# ----------------------------------------------------------------------------
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#    https://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-# ----------------------------------------------------------------------------
-
-# ----------------------------------------------------------------------------
-# Maven Start Up Batch script
-#
-# Required ENV vars:
-# ------------------
-#   JAVA_HOME - location of a JDK home dir
-#
-# Optional ENV vars
-# -----------------
-#   M2_HOME - location of maven2's installed home dir
-#   MAVEN_OPTS - parameters passed to the Java VM when running Maven
-#     e.g. to debug Maven itself, use
-#       set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000
-#   MAVEN_SKIP_RC - flag to disable loading of mavenrc files
-# ----------------------------------------------------------------------------
-
-if [ -z "$MAVEN_SKIP_RC" ] ; then
-
-  if [ -f /usr/local/etc/mavenrc ] ; then
-    . /usr/local/etc/mavenrc
-  fi
-
-  if [ -f /etc/mavenrc ] ; then
-    . /etc/mavenrc
-  fi
-
-  if [ -f "$HOME/.mavenrc" ] ; then
-    . "$HOME/.mavenrc"
-  fi
-
-fi
-
-# OS specific support.  $var _must_ be set to either true or false.
-cygwin=false;
-darwin=false;
-mingw=false
-case "`uname`" in
-  CYGWIN*) cygwin=true ;;
-  MINGW*) mingw=true;;
-  Darwin*) darwin=true
-    # Use /usr/libexec/java_home if available, otherwise fall back to /Library/Java/Home
-    # See https://developer.apple.com/library/mac/qa/qa1170/_index.html
-    if [ -z "$JAVA_HOME" ]; then
-      if [ -x "/usr/libexec/java_home" ]; then
-        export JAVA_HOME="`/usr/libexec/java_home`"
-      else
-        export JAVA_HOME="/Library/Java/Home"
-      fi
-    fi
-    ;;
-esac
-
-if [ -z "$JAVA_HOME" ] ; then
-  if [ -r /etc/gentoo-release ] ; then
-    JAVA_HOME=`java-config --jre-home`
-  fi
-fi
-
-if [ -z "$M2_HOME" ] ; then
-  ## resolve links - $0 may be a link to maven's home
-  PRG="$0"
-
-  # need this for relative symlinks
-  while [ -h "$PRG" ] ; do
-    ls=`ls -ld "$PRG"`
-    link=`expr "$ls" : '.*-> \(.*\)$'`
-    if expr "$link" : '/.*' > /dev/null; then
-      PRG="$link"
-    else
-      PRG="`dirname "$PRG"`/$link"
-    fi
-  done
-
-  saveddir=`pwd`
-
-  M2_HOME=`dirname "$PRG"`/..
-
-  # make it fully qualified
-  M2_HOME=`cd "$M2_HOME" && pwd`
-
-  cd "$saveddir"
-  # echo Using m2 at $M2_HOME
-fi
-
-# For Cygwin, ensure paths are in UNIX format before anything is touched
-if $cygwin ; then
-  [ -n "$M2_HOME" ] &&
-    M2_HOME=`cygpath --unix "$M2_HOME"`
-  [ -n "$JAVA_HOME" ] &&
-    JAVA_HOME=`cygpath --unix "$JAVA_HOME"`
-  [ -n "$CLASSPATH" ] &&
-    CLASSPATH=`cygpath --path --unix "$CLASSPATH"`
-fi
-
-# For Mingw, ensure paths are in UNIX format before anything is touched
-if $mingw ; then
-  [ -n "$M2_HOME" ] &&
-    M2_HOME="`(cd "$M2_HOME"; pwd)`"
-  [ -n "$JAVA_HOME" ] &&
-    JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`"
-fi
-
-if [ -z "$JAVA_HOME" ]; then
-  javaExecutable="`which javac`"
-  if [ -n "$javaExecutable" ] && ! [ "`expr \"$javaExecutable\" : '\([^ ]*\)'`" = "no" ]; then
-    # readlink(1) is not available as standard on Solaris 10.
-    readLink=`which readlink`
-    if [ ! `expr "$readLink" : '\([^ ]*\)'` = "no" ]; then
-      if $darwin ; then
-        javaHome="`dirname \"$javaExecutable\"`"
-        javaExecutable="`cd \"$javaHome\" && pwd -P`/javac"
-      else
-        javaExecutable="`readlink -f \"$javaExecutable\"`"
-      fi
-      javaHome="`dirname \"$javaExecutable\"`"
-      javaHome=`expr "$javaHome" : '\(.*\)/bin'`
-      JAVA_HOME="$javaHome"
-      export JAVA_HOME
-    fi
-  fi
-fi
-
-if [ -z "$JAVACMD" ] ; then
-  if [ -n "$JAVA_HOME"  ] ; then
-    if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
-      # IBM's JDK on AIX uses strange locations for the executables
-      JAVACMD="$JAVA_HOME/jre/sh/java"
-    else
-      JAVACMD="$JAVA_HOME/bin/java"
-    fi
-  else
-    JAVACMD="`\\unset -f command; \\command -v java`"
-  fi
-fi
-
-if [ ! -x "$JAVACMD" ] ; then
-  echo "Error: JAVA_HOME is not defined correctly." >&2
-  echo "  We cannot execute $JAVACMD" >&2
-  exit 1
-fi
-
-if [ -z "$JAVA_HOME" ] ; then
-  echo "Warning: JAVA_HOME environment variable is not set."
-fi
-
-CLASSWORLDS_LAUNCHER=org.codehaus.plexus.classworlds.launcher.Launcher
-
-# traverses directory structure from process work directory to filesystem root
-# first directory with .mvn subdirectory is considered project base directory
-find_maven_basedir() {
-
-  if [ -z "$1" ]
-  then
-    echo "Path not specified to find_maven_basedir"
-    return 1
-  fi
-
-  basedir="$1"
-  wdir="$1"
-  while [ "$wdir" != '/' ] ; do
-    if [ -d "$wdir"/.mvn ] ; then
-      basedir=$wdir
-      break
-    fi
-    # workaround for JBEAP-8937 (on Solaris 10/Sparc)
-    if [ -d "${wdir}" ]; then
-      wdir=`cd "$wdir/.."; pwd`
-    fi
-    # end of workaround
-  done
-  echo "${basedir}"
-}
-
-# concatenates all lines of a file
-concat_lines() {
-  if [ -f "$1" ]; then
-    echo "$(tr -s '\n' ' ' < "$1")"
-  fi
-}
-
-BASE_DIR=`find_maven_basedir "$(pwd)"`
-if [ -z "$BASE_DIR" ]; then
-  exit 1;
-fi
-
-##########################################################################################
-# Extension to allow automatically downloading the maven-wrapper.jar from Maven-central
-# This allows using the maven wrapper in projects that prohibit checking in binary data.
-##########################################################################################
-if [ -r "$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" ]; then
-    if [ "$MVNW_VERBOSE" = true ]; then
-      echo "Found .mvn/wrapper/maven-wrapper.jar"
-    fi
-else
-    if [ "$MVNW_VERBOSE" = true ]; then
-      echo "Couldn't find .mvn/wrapper/maven-wrapper.jar, downloading it ..."
-    fi
-    if [ -n "$MVNW_REPOURL" ]; then
-      jarUrl="$MVNW_REPOURL/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
-    else
-      jarUrl="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
-    fi
-    while IFS="=" read key value; do
-      case "$key" in (wrapperUrl) jarUrl="$value"; break ;;
-      esac
-    done < "$BASE_DIR/.mvn/wrapper/maven-wrapper.properties"
-    if [ "$MVNW_VERBOSE" = true ]; then
-      echo "Downloading from: $jarUrl"
-    fi
-    wrapperJarPath="$BASE_DIR/.mvn/wrapper/maven-wrapper.jar"
-    if $cygwin; then
-      wrapperJarPath=`cygpath --path --windows "$wrapperJarPath"`
-    fi
-
-    if command -v wget > /dev/null; then
-        if [ "$MVNW_VERBOSE" = true ]; then
-          echo "Found wget ... using wget"
-        fi
-        if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then
-            wget "$jarUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath"
-        else
-            wget --http-user=$MVNW_USERNAME --http-password=$MVNW_PASSWORD "$jarUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath"
-        fi
-    elif command -v curl > /dev/null; then
-        if [ "$MVNW_VERBOSE" = true ]; then
-          echo "Found curl ... using curl"
-        fi
-        if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then
-            curl -o "$wrapperJarPath" "$jarUrl" -f
-        else
-            curl --user $MVNW_USERNAME:$MVNW_PASSWORD -o "$wrapperJarPath" "$jarUrl" -f
-        fi
-
-    else
-        if [ "$MVNW_VERBOSE" = true ]; then
-          echo "Falling back to using Java to download"
-        fi
-        javaClass="$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.java"
-        # For Cygwin, switch paths to Windows format before running javac
-        if $cygwin; then
-          javaClass=`cygpath --path --windows "$javaClass"`
-        fi
-        if [ -e "$javaClass" ]; then
-            if [ ! -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then
-                if [ "$MVNW_VERBOSE" = true ]; then
-                  echo " - Compiling MavenWrapperDownloader.java ..."
-                fi
-                # Compiling the Java class
-                ("$JAVA_HOME/bin/javac" "$javaClass")
-            fi
-            if [ -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then
-                # Running the downloader
-                if [ "$MVNW_VERBOSE" = true ]; then
-                  echo " - Running MavenWrapperDownloader.java ..."
-                fi
-                ("$JAVA_HOME/bin/java" -cp .mvn/wrapper MavenWrapperDownloader "$MAVEN_PROJECTBASEDIR")
-            fi
-        fi
-    fi
-fi
-##########################################################################################
-# End of extension
-##########################################################################################
-
-export MAVEN_PROJECTBASEDIR=${MAVEN_BASEDIR:-"$BASE_DIR"}
-if [ "$MVNW_VERBOSE" = true ]; then
-  echo $MAVEN_PROJECTBASEDIR
-fi
-MAVEN_OPTS="$(concat_lines "$MAVEN_PROJECTBASEDIR/.mvn/jvm.config") $MAVEN_OPTS"
-
-# For Cygwin, switch paths to Windows format before running java
-if $cygwin; then
-  [ -n "$M2_HOME" ] &&
-    M2_HOME=`cygpath --path --windows "$M2_HOME"`
-  [ -n "$JAVA_HOME" ] &&
-    JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"`
-  [ -n "$CLASSPATH" ] &&
-    CLASSPATH=`cygpath --path --windows "$CLASSPATH"`
-  [ -n "$MAVEN_PROJECTBASEDIR" ] &&
-    MAVEN_PROJECTBASEDIR=`cygpath --path --windows "$MAVEN_PROJECTBASEDIR"`
-fi
-
-# Provide a "standardized" way to retrieve the CLI args that will
-# work with both Windows and non-Windows executions.
-MAVEN_CMD_LINE_ARGS="$MAVEN_CONFIG $@"
-export MAVEN_CMD_LINE_ARGS
-
-WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
-
-exec "$JAVACMD" \
-  $MAVEN_OPTS \
-  $MAVEN_DEBUG_OPTS \
-  -classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \
-  "-Dmaven.home=${M2_HOME}" \
-  "-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \
-  ${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@"
-- 
Gitee


From 9e1eb3bcb1218334156de407560e241866a12476 Mon Sep 17 00:00:00 2001
From: Zhangqichen131 <qczhang@buaa.edu.cn>
Date: Fri, 7 Apr 2023 08:04:18 +0000
Subject: [PATCH 11/12] =?UTF-8?q?=E5=88=A0=E9=99=A4=E6=96=87=E4=BB=B6=20cv?=
 =?UTF-8?q?e/java-spring-security/2022/CVE-2022-22978/mvnw.cmd?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../2022/CVE-2022-22978/mvnw.cmd              | 188 ------------------
 1 file changed, 188 deletions(-)
 delete mode 100644 cve/java-spring-security/2022/CVE-2022-22978/mvnw.cmd

diff --git a/cve/java-spring-security/2022/CVE-2022-22978/mvnw.cmd b/cve/java-spring-security/2022/CVE-2022-22978/mvnw.cmd
deleted file mode 100644
index 1d8ab018..00000000
--- a/cve/java-spring-security/2022/CVE-2022-22978/mvnw.cmd
+++ /dev/null
@@ -1,188 +0,0 @@
-@REM ----------------------------------------------------------------------------
-@REM Licensed to the Apache Software Foundation (ASF) under one
-@REM or more contributor license agreements.  See the NOTICE file
-@REM distributed with this work for additional information
-@REM regarding copyright ownership.  The ASF licenses this file
-@REM to you under the Apache License, Version 2.0 (the
-@REM "License"); you may not use this file except in compliance
-@REM with the License.  You may obtain a copy of the License at
-@REM
-@REM    https://www.apache.org/licenses/LICENSE-2.0
-@REM
-@REM Unless required by applicable law or agreed to in writing,
-@REM software distributed under the License is distributed on an
-@REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-@REM KIND, either express or implied.  See the License for the
-@REM specific language governing permissions and limitations
-@REM under the License.
-@REM ----------------------------------------------------------------------------
-
-@REM ----------------------------------------------------------------------------
-@REM Maven Start Up Batch script
-@REM
-@REM Required ENV vars:
-@REM JAVA_HOME - location of a JDK home dir
-@REM
-@REM Optional ENV vars
-@REM M2_HOME - location of maven2's installed home dir
-@REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands
-@REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a keystroke before ending
-@REM MAVEN_OPTS - parameters passed to the Java VM when running Maven
-@REM     e.g. to debug Maven itself, use
-@REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000
-@REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files
-@REM ----------------------------------------------------------------------------
-
-@REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on'
-@echo off
-@REM set title of command window
-title %0
-@REM enable echoing by setting MAVEN_BATCH_ECHO to 'on'
-@if "%MAVEN_BATCH_ECHO%" == "on"  echo %MAVEN_BATCH_ECHO%
-
-@REM set %HOME% to equivalent of $HOME
-if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%")
-
-@REM Execute a user defined script before this one
-if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre
-@REM check for pre script, once with legacy .bat ending and once with .cmd ending
-if exist "%USERPROFILE%\mavenrc_pre.bat" call "%USERPROFILE%\mavenrc_pre.bat" %*
-if exist "%USERPROFILE%\mavenrc_pre.cmd" call "%USERPROFILE%\mavenrc_pre.cmd" %*
-:skipRcPre
-
-@setlocal
-
-set ERROR_CODE=0
-
-@REM To isolate internal variables from possible post scripts, we use another setlocal
-@setlocal
-
-@REM ==== START VALIDATION ====
-if not "%JAVA_HOME%" == "" goto OkJHome
-
-echo.
-echo Error: JAVA_HOME not found in your environment. >&2
-echo Please set the JAVA_HOME variable in your environment to match the >&2
-echo location of your Java installation. >&2
-echo.
-goto error
-
-:OkJHome
-if exist "%JAVA_HOME%\bin\java.exe" goto init
-
-echo.
-echo Error: JAVA_HOME is set to an invalid directory. >&2
-echo JAVA_HOME = "%JAVA_HOME%" >&2
-echo Please set the JAVA_HOME variable in your environment to match the >&2
-echo location of your Java installation. >&2
-echo.
-goto error
-
-@REM ==== END VALIDATION ====
-
-:init
-
-@REM Find the project base dir, i.e. the directory that contains the folder ".mvn".
-@REM Fallback to current working directory if not found.
-
-set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR%
-IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir
-
-set EXEC_DIR=%CD%
-set WDIR=%EXEC_DIR%
-:findBaseDir
-IF EXIST "%WDIR%"\.mvn goto baseDirFound
-cd ..
-IF "%WDIR%"=="%CD%" goto baseDirNotFound
-set WDIR=%CD%
-goto findBaseDir
-
-:baseDirFound
-set MAVEN_PROJECTBASEDIR=%WDIR%
-cd "%EXEC_DIR%"
-goto endDetectBaseDir
-
-:baseDirNotFound
-set MAVEN_PROJECTBASEDIR=%EXEC_DIR%
-cd "%EXEC_DIR%"
-
-:endDetectBaseDir
-
-IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig
-
-@setlocal EnableExtensions EnableDelayedExpansion
-for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a
-@endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS%
-
-:endReadAdditionalConfig
-
-SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe"
-set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar"
-set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
-
-set DOWNLOAD_URL="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
-
-FOR /F "usebackq tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO (
-    IF "%%A"=="wrapperUrl" SET DOWNLOAD_URL=%%B
-)
-
-@REM Extension to allow automatically downloading the maven-wrapper.jar from Maven-central
-@REM This allows using the maven wrapper in projects that prohibit checking in binary data.
-if exist %WRAPPER_JAR% (
-    if "%MVNW_VERBOSE%" == "true" (
-        echo Found %WRAPPER_JAR%
-    )
-) else (
-    if not "%MVNW_REPOURL%" == "" (
-        SET DOWNLOAD_URL="%MVNW_REPOURL%/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
-    )
-    if "%MVNW_VERBOSE%" == "true" (
-        echo Couldn't find %WRAPPER_JAR%, downloading it ...
-        echo Downloading from: %DOWNLOAD_URL%
-    )
-
-    powershell -Command "&{"^
-		"$webclient = new-object System.Net.WebClient;"^
-		"if (-not ([string]::IsNullOrEmpty('%MVNW_USERNAME%') -and [string]::IsNullOrEmpty('%MVNW_PASSWORD%'))) {"^
-		"$webclient.Credentials = new-object System.Net.NetworkCredential('%MVNW_USERNAME%', '%MVNW_PASSWORD%');"^
-		"}"^
-		"[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; $webclient.DownloadFile('%DOWNLOAD_URL%', '%WRAPPER_JAR%')"^
-		"}"
-    if "%MVNW_VERBOSE%" == "true" (
-        echo Finished downloading %WRAPPER_JAR%
-    )
-)
-@REM End of extension
-
-@REM Provide a "standardized" way to retrieve the CLI args that will
-@REM work with both Windows and non-Windows executions.
-set MAVEN_CMD_LINE_ARGS=%*
-
-%MAVEN_JAVA_EXE% ^
-  %JVM_CONFIG_MAVEN_PROPS% ^
-  %MAVEN_OPTS% ^
-  %MAVEN_DEBUG_OPTS% ^
-  -classpath %WRAPPER_JAR% ^
-  "-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" ^
-  %WRAPPER_LAUNCHER% %MAVEN_CONFIG% %*
-if ERRORLEVEL 1 goto error
-goto end
-
-:error
-set ERROR_CODE=1
-
-:end
-@endlocal & set ERROR_CODE=%ERROR_CODE%
-
-if not "%MAVEN_SKIP_RC%"=="" goto skipRcPost
-@REM check for post script, once with legacy .bat ending and once with .cmd ending
-if exist "%USERPROFILE%\mavenrc_post.bat" call "%USERPROFILE%\mavenrc_post.bat"
-if exist "%USERPROFILE%\mavenrc_post.cmd" call "%USERPROFILE%\mavenrc_post.cmd"
-:skipRcPost
-
-@REM pause the script if MAVEN_BATCH_PAUSE is set to 'on'
-if "%MAVEN_BATCH_PAUSE%"=="on" pause
-
-if "%MAVEN_TERMINATE_CMD%"=="on" exit %ERROR_CODE%
-
-cmd /C exit /B %ERROR_CODE%
-- 
Gitee


From f03f8bd83d9ad08c50308356d59cf5580fb3399d Mon Sep 17 00:00:00 2001
From: Zhangqichen131 <qczhang@buaa.edu.cn>
Date: Fri, 7 Apr 2023 08:04:27 +0000
Subject: [PATCH 12/12] =?UTF-8?q?=E5=88=A0=E9=99=A4=E6=96=87=E4=BB=B6=20cv?=
 =?UTF-8?q?e/java-spring-security/2022/CVE-2022-22978/pom.xml?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../2022/CVE-2022-22978/pom.xml               | 68 -------------------
 1 file changed, 68 deletions(-)
 delete mode 100644 cve/java-spring-security/2022/CVE-2022-22978/pom.xml

diff --git a/cve/java-spring-security/2022/CVE-2022-22978/pom.xml b/cve/java-spring-security/2022/CVE-2022-22978/pom.xml
deleted file mode 100644
index 861fa8cf..00000000
--- a/cve/java-spring-security/2022/CVE-2022-22978/pom.xml
+++ /dev/null
@@ -1,68 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
-    <modelVersion>4.0.0</modelVersion>
-    <parent>
-        <groupId>org.springframework.boot</groupId>
-        <artifactId>spring-boot-starter-parent</artifactId>
-        <version>2.7.0</version>
-        <relativePath/> <!-- lookup parent from repository -->
-    </parent>
-    <groupId>cc.saferoad</groupId>
-    <artifactId>CVE-2022-22978</artifactId>
-    <version>0.0.1-SNAPSHOT</version>
-    <packaging>jar</packaging>
-    <name>CVE-2022-22978</name>
-    <description>CVE-2022-22978</description>
-    <properties>
-        <java.version>1.8</java.version>
-        <spring-security.version>5.6.3</spring-security.version>
-    </properties>
-    <dependencies>
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-web</artifactId>
-        </dependency>
-
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-tomcat</artifactId>
-            <scope>provided</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-test</artifactId>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-security</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-thymeleaf</artifactId>
-        </dependency>
-    </dependencies>
-
-    <build>
-        <plugins>
-            <plugin>
-                <groupId>org.springframework.boot</groupId>
-                <artifactId>spring-boot-maven-plugin</artifactId>
-                <configuration>
-                    <jvmArguments>
-                        -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8989
-                    </jvmArguments>
-                </configuration>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-surefire-plugin</artifactId>
-                <configuration>
-                    <testFailureIgnore>true</testFailureIgnore>
-                </configuration>
-            </plugin>
-        </plugins>
-    </build>
-
-</project>
-- 
Gitee