From ad2e515c26e68322503f40ed1afbb97bc6a118d3 Mon Sep 17 00:00:00 2001
From: FeynmanZhou <pengfeizhou@yunify.com>
Date: Sat, 11 Dec 2021 18:21:08 +0800
Subject: [PATCH] add apache-log4j2-vulnerability-solution.md

Signed-off-by: FeynmanZhou <pengfeizhou@yunify.com>
---
 .../apache-log4j2-vulnerability-solution.md   |  81 ++++++++++++++++++
 content/zh/blogs/aws-kubernetes.md            |   2 +-
 static/images/blogs/log4j/log4j.jpeg          | Bin 0 -> 18171 bytes
 3 files changed, 82 insertions(+), 1 deletion(-)
 create mode 100644 content/zh/blogs/apache-log4j2-vulnerability-solution.md
 create mode 100644 static/images/blogs/log4j/log4j.jpeg

diff --git a/content/zh/blogs/apache-log4j2-vulnerability-solution.md b/content/zh/blogs/apache-log4j2-vulnerability-solution.md
new file mode 100644
index 000000000..852ead63e
--- /dev/null
+++ b/content/zh/blogs/apache-log4j2-vulnerability-solution.md
@@ -0,0 +1,81 @@
+---
+title: 'KubeSphere 对 Apache Log4j 2 远程代码执行最新漏洞的修复方案'
+tag: 'CVE 漏洞'
+keywords: 'Elasticsearch, Apache Log4j, 安全漏洞, KubeSphere'
+description: 'Apache Log4j 2 是一款开源的日志记录工具，被广泛应用于各类框架中。近期，Apache Log4j 2 被爆出存在漏洞，漏洞现已公开，本文为 KubeSphere 用户提供建议的修复方案。'
+createTime: '2021-12-11'
+author: 'KubeSphere Team'
+snapshot: '../../../images/blogs/log4j/log4j.jpeg'
+---
+
+Apache Log4j 2 是一款开源的日志记录工具，被广泛应用于各类框架中。近期，Apache Log4j 2 被爆出存在漏洞，漏洞现已公开，本文为 KubeSphere 用户提供建议的修复方案。
+
+此次漏洞是由于 Log4j 2 提供的 lookup 功能造成的，该功能允许开发者通过一些协议去读取相应环境中的配置。但在实现的过程中，并未对输入进行严格的判断，从而造成漏洞的发生。由于大量的软件都使用了 Log4j 2 插件，所以大量的 Java 类产品均被波及，包括但不限于 Apache Solr、srping-boot-strater-log4j2、Apache Struts2、ElasticSearch、Dubbo、Redis、Logstash、Kafka...更多组件可以参考 [Log4j 2 相关文档](https://mvnrepository.com/artifact/org.apache.logging.log4j/log4j-core/usages?p=1)。
+
+受影响的 Log4j 版本为 Apache Log4j 2.x < 2.15.0-rc2。目前官方发布了 Apache 2.15.0-rc2 版本对该漏洞进行了修复，但是该版本并非正式发行版，故存在不稳定的因素，如要升级建议对相关数据进行备份。
+
+同时，也提供了三种方法对漏洞进行补救，为
+
+- 将系统环境变量 `FORMAT_MESSAGES_PATTERN_DISABLE_LOOKUPS` 设置为 `true`
+- 修改配置 `log4j2.formatMsgNoLookups=True`
+- 修改 JVM 参数 `-Dlog4j2.formatMsgNoLookups=true`
+
+以下三种解决方法，您可以任选其中一种进行参考。
+
+## 方法一：修改系统环境变量 
+
+由于 KubeSphere 默认使用了 ElasticSearch 收集日志，所以也应该在 KubeSphere 修改相应的配置来对漏洞进行修复。以下说明如何在 KubeSphere 中进行相应的操作对 ElasticSearch 进行修复。
+
+将系统环境变量 `FORMAT_MESSAGES_PATTERN_DISABLE_LOOKUPS` 设置为 True，为此，我们需要修改 ElasticSearch 的 Yaml 文件，因为它是一个 StatefulSet 文件，所以需要进行如下修改：
+
+```yaml
+kubectl edit  statefulset  elasticsearch-logging-data -n kubesphere-logging-system
+kubectl edit  statefulset  elasticsearch-logging-discovery  -n kubesphere-logging-system
+```
+
+在这两个 Yaml 文件中插入环境变量设置：
+
+```yaml
+env:       
+- name: FORMAT_MESSAGES_PATTERN_DISABLE_LOOKUPS
+  value: "true"
+```
+
+## 方法二：修改 Log4j 2 配置
+
+另外，您也可以修改配置 `log4j2.formatMsgNoLookups=True`，您可以执行如下命令：
+
+```yaml
+kubectl edit configmaps elasticsearch-logging  -n kubesphere-logging-system
+```
+
+然后插入上面所提到的配置：
+
+```yaml
+log4j2.properties: |-
+    status=error
+    appender.console.type=Console
+    appender.console.name=console
+    appender.console.layout.type=PatternLayout
+    appender.console.layout.pattern=[%d{ISO8601}][%-5p][%-25c{1.}] %marker%m%n
+    rootLogger.level=info
+    rootLogger.appenderRef.console.ref=console
+    logger.searchguard.name=com.floragunn
+    logger.searchguard.level=info
+    # 插入此行    
+    log4j2.formatMsgNoLookups=true
+```
+
+> 注意：
+> 1. 修改后请注意相关配置是否挂载进去，如果没有挂载进去，请重启 Pod。
+> 2. 如果您将 KubeSphere Logging 组件重新安装，ks-installer 可能会导致该 ConfigMap 的配置被重置，需要再参考方法二手动配置一遍，或者采取方法一，设置系统环境变量 `FORMAT_MESSAGES_PATTERN_DISABLE_LOOKUPS 为 true`。   
+
+## 方法三：修改 ElasticSearch 的 JVM 参数
+
+可以在相应 ElasticSearch 添加配置文件，单独配置 JVM 参数，可以参考[ElasticSearch 公告声明](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476)
+
+## 相关参考
+
+- 关于 Apache Log4j 2 远程代码执行最新漏洞的风险提示： https://itsc.nju.edu.cn/7a/42/c41947a555586/page.htm
+- Artifacts using Apache Log4j Core：https://mvnrepository.com/artifact/org.apache.logging.log4j/log4j-core/usages?p=1
+
diff --git a/content/zh/blogs/aws-kubernetes.md b/content/zh/blogs/aws-kubernetes.md
index 96c155c0b..e0bb9e8f0 100644
--- a/content/zh/blogs/aws-kubernetes.md
+++ b/content/zh/blogs/aws-kubernetes.md
@@ -1,5 +1,5 @@
 ---
-title: 'KubeKey 在 AWS 高可用部署 Kubernetes'
+title: 'KubeKey 在 AWS 安装部署 Kubernetes 高可用集群'
 tag: 'Kubernetes,AWS,亚马逊'
 keywords: 'Kubernetes, AWS, KubeKey, 高可用, 亚马逊'
 description: 'KubeKey 是一款可以快速、便捷部署高可用 Kubernetes 集群的工具。本文将主要介绍如何在亚马逊 AWS 部署高可用的 Kubernetes 集群。'
diff --git a/static/images/blogs/log4j/log4j.jpeg b/static/images/blogs/log4j/log4j.jpeg
new file mode 100644
index 0000000000000000000000000000000000000000..f7b269820cf55bf024bf926d34d1f9a17b7a3b49
GIT binary patch
literal 18171
zcmeIZb#xrd?jSs48Z$FP%n&m(Gcz+YGqYo6hM1WtF+1j%?ZnJ6GdqUQxp(h-Z}+@!
z&)NTfJ!iU0rIK1*Ew!pts<)qSn*d~KaVc>C5C{bP`2pTm03raecMu5ta|Zi!K!E=_
zLqb4+LqI`7LH+dy!9YWSU_ek%&~VT&uz!yC5<DC%{2$;ClfOy9Ai=>QVL?!!znc6%
zo!<HZDA2$SFn@3$DF6%w2#x}L8w3!%3ke1W{x0sn4iGdH4Dek%@OL!+pXY%5Pb>fm
z2nGQO0*8KE2Ec>A6C;Bo0|3CD-ha{mPvO7zz|o^|K7L0?i9+9P<CoFL<2OK#U29)}
zoS*4>Mq5Bu7lSPsDo>s58u5Rn1^_^yafx%3p@h4LqTjEeQvqx9dO|0=?zKVO>gtaQ
zy0AT=>#x48=s0FJlUW{VTGo0`zisZ|2JyJ0J>LLM=b`_d?dIc=y&gcq+wq2#fOKj!
zUlo#dvzw0Z((lr~?}E7wG%RqDN@})fpa5IHdZ>X@(1U&p_U#Mo@DIe>HpA5+Wz)G3
z55kPi|Hhnv@nopX$bqyrl(r{~)?^P>Xy^=R>l-~jmERJYLaiHf8g@S5;hyMei=~{Q
zpOdSPp;UvRH@pOu=XSn!1ZmFkyzGjqulg_6b!kWjW4r1R3ctnGJ>e9mzE_#qk0oH~
zJ)W!fbY{0b8XdJ3cSX*E9d{RlJ+JEV+I_b(9XO0Qsr^|+Uoy9y{%iYi$8nQ7c%kBp
zy7Y<t%+a-_MWV>5o!qBe#p#<sWz)Q`MD}KVm+j*yV{BKUdk98YJEN)lG`UV5oVOt_
zo4NB~Wc`u>E=Y7kHeq}h>}V_B?#cqVoEe(`5z*$iA@{3#p&gM1o`kvwoZGSTDW9f+
zZK;C!aLo@njh~Yp={l7q=9T^V=Di1L`>?ewkhB_eCTv%#KJ?ml%f~gPr>VzEvKx+1
zo~xX2hA*0@JnFP%U4`$GT5Ck#atd9XZF~2$5?&Abn0<&55~uqRkuK`A-n;z<p!<oc
z@QnH7wJz^RvuEu$B5YdG!QDP{M(S5J;A71zv2^)puIq(Jn@VZGbBBZb&kF<AodzC1
zYKJxZ>DnsksP@HJA!s(=8u^c(_=(ipknp(}(BO8?EyQT3!N<5{X|7mjE|#<!l@;|#
zvDMkb9vXQtlG}g{X|Qmtvgf&kvFA=ExM!5vX`Te=!cO^!EFw;&)F7+H)F!-cIPPkO
z8zwt55M*+%6GTG_0*CcibGc4Rym?^j5T%r=X}eZB1b|Z|t1|T?z5jG5XNCI8FV>VV
zZil|gNswbd?9Z%}Q|xG;VTTTlM>72sm(%du<f~|L8Df<MuiKES{EF!zndmv}4b)*D
z7jZe4f;+WzJdHHFs3(Uz-1!|UOpO%l_E2MQaqOoRt7bBbe-CY={<#-{zd<GW<#^Qw
z#}3&5&qCvkr#!#U8Li+ya{R{?yu`FA50hdsO0ylVSfy#>%&~gbqMs+`Iq)wNl`(yQ
zVp~w}26Yl<Y?LQlGyVtZzl$W^ZS`5VMF)x{y~P{utr`Ky)!(UhHtO#O0Eo4`G4{6w
zzWhYfHx@q@mu$$p?@aoQ27do_hkvv9SIKE4xXQn`{)Klr*~|;xg6PnlU$o@Y!OQCt
z+x3uq>7!8#a4(%h<PCr{Q=97hI#^}o@;M_XVoYYt2T9>yT>g&&(iFzHXVYxYX4-KM
z3<2#!9XOGN%oVM{R4FStwU6w<Id3NR|3UIU;GZ4{cz2qN?+y_X91I);@sD2xhk%3v
z0f1o89LQM2D5#j&?1GBu7>tH!Oa&xD?~WAuFE<PJ2H<X+!X4@5)cBFy6~M`6Ta$iB
zfdG)jSc>Y*O)Bm`;z?{1Nx1U`Lsx_#y>l-!PiCvdD28FH?Mkh)t$8B2YGwBv8?|(8
z-`90Q5R1m;riT9Z%fAMW$NHkFHD3H9Gpl80qp+jxh&;ul9OW`gwZOD&21LQfOv&X9
zu)PU9oC<^;UzM3TRKSFz@G#|P1-OT;67LV?S;a8(gL{nl(_>ya=(F=EvD0Mmn(7c`
z_d)?Z`S`YQVI(7D+@LM2#(H5{Ue8J+4bj13Q<F;2eCQ_h02W3AJp<WpQoWFEa$jE7
zshpAmYl=^(#RuKJ-~QgZJ{C@#<c6wZg1>o^qjrKKL}wS!nMM;%20I3?4<8+kd1YA_
z9LM@i*b6sN;;>;dw1&<V(8-^7w#GyBAcP>W<>@Lc<HTYOe|VNf|BTTIu9&FVX8*_)
zkx)K<nm!6c!3EP34}Eev)kMBs2tTpCq|dml{lOLkET4m+-M(`BnMq^*VeK*;jMWl3
zl#$kp{SZ1?I)9F%lOzHow$!I1*kw<;E+;Ei|7*X6Qz9iMucJUt<#npQb0u#Mb|d4w
z>8LSzZdQ{;G4`Lzs!26=H=}Jza!K4gV8Z!zs${&2wNqP8mhI8Npu9XY&v^RD6qg#V
zwM0fdtfnFiIi1rtRsm55e26V1Oc@zG`oZsN+I-Npp(L70BgCf^&N{p)m9HN&y`wVv
zbw$8K6+y>k-(=QMw!3E57JD4NEW80KkL7%L`aO~%W3_(CW^kHBnNYxBhkW>29By7}
zrgALvf|9pOTZthmt**k}S{a;R)Zczes>Z-sKIP1LBw%hM`@2U4H)596+c*S}VcLyY
zQOXvWOxUYiy||6U!s1<OL_adwvWlw3kXpUWgo6I{)W*cBdV9uLPm;3xSIk*Uz|q*8
z{-oo=QDUF|0(39J5=O-yCP&3Aw7s}p<t%JPVD1<V)Iy3%WOQi}Vxq|k_&c_as-cU-
z$}4z7XZ||>geld^s3mDI;pK)++$V8Z={JkE#oALY2z5;ft_mWRNu;+|p_SxU$FgO6
z_Cf2fYs(;$Ip=~5GX7$-+b;nso?FII3z(mXPvYIG-T><AS$8hswQZ!$4J~X{v8^?v
z_F}AjIx|&!Dk8i#@~F0seIo8hU}P%R^A;WWZbVINrG6U~y+5w#6rp9pLoUYSzB2FD
z!FSLOFi6L*)#8hw6AvR8lUP^4cz)1d7mby=2o_|GUKMu$IQ}$^;e&MNQRijese^An
zekZsXPl_$eR~Rb-$HK_{ch@ZLs;9A+wm7ve6w8g2MpSva^lO%)f1{}AcJutn6Wt^F
zACio;l9bP@`Tr*Bi1lEq{l&I6^riLqq;{|Bi}l&^my91SxLIMR&Z?r2A!fg844xXB
zFNqt`NY5<9Zzm4cTiiM@O3UWB2swY*I%pSqv1<HOD^?W!8YW38B&+vcr~5tjL0l)P
zH8N#K#^VrKcfz80lm)KxFj!nd=3OD!2)-`hj5?j6{3;-taMLVm9)T_zPvuIUB3*#b
z9~sy9ISz7WzbT(C56#p+Ryzr)vYU)mV@Be{&E?iG#j|hPPviP!8Zm=&CV_Qcc*MM#
ztH~rrym>IoLp%bUuT8zD2osKez|g*fis)@H6Ir6JNM~Sbf(aFpQ@9t03$%ryl@4At
zxo~aF`bfElyZiiE%OuWo^hsl4=JSPZV;1FmB?;8Hw6NH+RtI=%ON~M}t+$Y<>!G!T
z1V;)FwMqKlR7%epWMw^^U&pbzr+05Y{{;$Q&Y<R4ef&<%l`NYTMs9496k6i4GwiLT
zjz42uGLrUrw~t>=j#sq=olR+aVFVv2Shk;zFJNUquN`&oVex(9bfZ|g+-b=O@CMiz
zGwc-u`gFLsew-Iw`z_=1Yn3W&mFh@pC`loS+m3UEepT*g`s2qJ>GKJ(%|08`L;Ybq
zqxebb>X;hzV)6y3qZpyhoKuBojjkGH-b`a(=tTBXyR-$GIq}CsX3h!OLoV4TsnV3r
ztTJ1cK^eCy2J*sGud)5b8ZlTLUUOa}h(+q_`!>7$27Q`fY&ye?`3>*(71dY{G}I_b
z+nomp*Ybw|PF6oJ9EMbKb8okF^AZ)+qSAtD>qKM>T?s9Ch`Ypq>70oaN=XLJnz0Cj
zADeWVqkY+mvx#GpqOwA?PvmcaQ+nnVd$@|ey>kg;%1j*u0zN<$vtFhy=h7KHa(FI<
zeJU(TTBkCsFtI?1yY`pX+No=&ch|>{0sy{yJ_raHILN=Jl<zadKi&_82^p0{2u;bU
z5QIU>sA!bf(1%V;#w;kTtYREEgUR9?v~~HHBYbz60>GEvSw(gA9(PPE8eJIo919YJ
z`_cy<e_e~S_YYnGXrcObzTlqbgvY(@GL4_WB=QCsA~oVdr3}n_9X#Px&2DTef*5|2
zJ8(g5=Qy->EHe<v%3uLI-ypbjI31fHRo3tx!+MZ?W!yv4x3;LxQ#gEk_Cb8-MH|Dw
zp|W+-IJbjH(C~!y2dnygTfMKEY%U~A9v2lJKk?V_kuwIGxCPTDkpjY|%IMAomNpX~
zsW*Uh_qaoc*cV#RH+}k4PUme7m~r*gh%<k-)<%;$Hs6LheQFuK+YSs388!@&!W2`9
zmHONIH3r+5vpC8I@gdRPAxjkC0BO~Q7;PoDwwE_c-76KNt}^n|=tTahfn#cCQrH6P
zZgX2)6@(rQZTTAhF!Q>9$rh}pH|OWy8<2sTcgwm8ECc4e%^=a`MMScYuNR`WKvPT^
z@&qjibs-3MK=g&5_~P8CvKu9RgqUZ$u1(#?*eSBH5k&2ByY|V|X_915_x*D<_GdM>
zCz`hKw!CP#*ko8mSEU}m=c{9J?N2hEU=n6ss~C{z>`&rCgn_mlv#pK6l6n&uWHN->
zUS2bmJW##i<<*NN1jzC~Q5FnG2Hh#VulWvt$oLQ>rgksv*jW5(TgIeso9+I*m(mEH
zS3r1cIt&IK$`*L>3&YGDsW!hfNy0o}R9*LCft5VP(Sh@t7G9-Mr|N@Gi1s>H>W+=W
zI|HoPnx3o;Ytx1)!fQk$y``Bo3ZnAg&j$+xA#y<oN<xH?7WJ1@pAy6jM<LQMFXtHR
z5L`X9vY(<Ss;9nBRF4h7GiesBAAQ#|J!DYf^d~#NUOIs^Z_>J4%Hjc|jQ(!X)OTyS
znv`)|uK8>I$R=MN1p58_4U+cQdI^q=TtkMSbYkBh^Fp3{a_Y2ICb>ofQ=WDIXPx?k
z!(AO&ONjzR%526i4$Ad~SlD!Yx;)!c&)9H!;7Pd&f16(qXj@5Ij6mwji?AfpaRMvj
z$<kBm$6}S;t^1<~rM<*2ruf8_YMj*Y3)?u)@)~?Dq&;K2TfU@pr+nQ5^tn+b>co9!
zKcL|d2Ifg&`BmmR8Vz0B1DnmTa#gSTQk-LZ+gGy9Gua1)wKsqoN64~!erZbHBy8OK
zLveW3fG@gfe07kMg;&*A>3oD#Q{yuo(vmlQf~77ETA67NIZ|!!ew1b2m}=o5T65l>
zE*s{k5SJV63Q}96J&to3Q8=A?H*xkqCJqh+hk=3u|9i|2e7A4_Bnm1ClMp&7v!J4q
zvQZE+8U`_0A|s24u~T4S-^E|1{T=`l0KWFN|Caq!zMb=RNJ7HS*X3^Zqa9&FsfBnz
zQB7A^j_Pr}0#kk$3!&=m{&SY~#F)f9S6#$P&yKuShUU0=v2Y^t?%8>Hx<m%2`uyC-
z)+e?PcaV!)PjXMQP%S~y)M04Ucon0}d$cdgSqZttD6(T-VJ>oF39ENp1CJPNaSFtx
zh2y#!Ecc~3GUagcJ3q=KcQ41<FN%svOc$MG*A`JqtVT-KRP)CK<wQEVj|&m)plUBy
z%r;eqs;$&Z2r;}AncY2n=w|DSX4VGk^w-9t99A&GaUwC|a7rYbduFj&R~8Ree+|h|
zXL?Y!paf|vIYhgD+Rk%x;8gegP1dgCNu?}bnD@m^y&^o+BZZrygEbze%H#~{W$yDs
zg}Zahk<F=Gi>n!~uoxTR=60W(CZU?6mZ&jclx;NsB5QY+mm*RbBScBwr1;TorP6hR
z4GT6dc~27~=xS3PQWvArxIrnolv^U<xUJQzZ%VqUtCm0Ryw|IDPD~<<IaMl!_d7yJ
z?L^#%dKD!?U1}abtCo^^NJ@_>k1UKErDJu=FKZfQ2AzWUA?s~Du|n+(q|H^<R_V)r
z+zI}|!s2oYoq?=u_vMN|m?m;p<w#)cNXR@4<yzPu=hp|MMayNjsjDVJZPk~tW;RPU
zFuh^Q$fZ*p<*msJzvarGpwC%a;VLuoz(`6Dp;M3Ra&Q`V!{L3MrMpDyv121h^M)C|
z{i9=A$nTS-_b?+IJUkrCUw-6|j-db`QJJ8S(MbNNnUaxHP-0=j%)6Sga|kQDr8M<j
zfEZa=1r3dzOB!c)Fh7VWs<;G)CZ#sBxh5AB_0Mf>|LtLb04Ra?sTM=6o3gbVuWMR`
z#HGp_h=9dcO6Bq+IkaR}T8ku5_`7D<`x_TGRR}0@B?YuVM;+Tz%(hS3OH(VcooLtO
z9FAu?!T%hX;4Y@qEzU%dEoMg+-A7H1)4`X{rBkm*5REcdMhJ5_#GjXej$u5f8ev1F
zoAMD_&!s>bluDMMc`Al3Z~ji%YkQW<Gmw<2y~t;SmZgo8kh^u{WJ<iH>t?>o8eHUA
zo;+V2jZSHI4@i6HNy>W+dIMk>nCCqN|8<SwlO8Jsb6?VAS;x9kA;W{+p-nmI3{D=8
zrEfzuh(LuR*kJ^X@}0Bq(e-yEM@pOTa-S2BZKD<$6G$Tmu~C}~B6KoTl`obWS&&{#
zw0VO*vVR!pZ!E*CiAK&$79BE@{w41OyL|S2gD|#+b$-DW&9=y;ahY63#)&%Z^n+tG
z(wNGe{Lg~tLe}wK3DzrKid6^|mEpeTD<to2AUYE^>sgu04FgpQ?JSj{4W}6M!MR#X
zEBhsAYhA@gDoZ^~GMcocAA=mJibV+vggCRz8?g<R=cX(zIxmNyqd`{$gx&Hy&HY|@
z#00y@Ram*L43p*3nhP^E{svIhwY534YaN^~!KJ~23N$Kk5v7uoSqCxhZ5FuK$GY9Z
zr5uOpJ`7BsRlv!AlVm21il`~WLHt0WU@EyWH!v(ZywCs~`r(``r+`Yw{po}s%9Sv7
zj7LM9!)!>y%w(=B7Mmv&$=#-~2;)&9$-~3-eB<$9vqb~tL%cuo$62(wH^59BPWv`E
ztRHY&wxww*-#b`CI)M?|wItoHVleJGhIxNb4XEDzAh(w$UGhy%*%~^AM+i*=;|4lD
z$Sc?$u~mhi*Gf5+Qz8XI8Zl@KVP;&gur%R8aLg>_M8RP_UjccDz{-q9DoZt)6oDBf
z&YuVI!=05jF2-?L$n|kUzm}Q}w$$wBV}4lbAL^<lsH!D6N$yWWl@sJzR`W5W6e`m9
zckz^L%t*C_^ik{Slw{outYhDrpu^BJDae1TY$}xsmsIISHqlaOu{!VX7NB@?m=RoM
zM`ms(>=#Y<ihRDBJ}2Y$7%nfYJrbgl3cMy)8O<)G{QScQ9ehj*)q*mA_t+2JYp>L-
z47u1IPtXNzkwr&j;wN7s+ESV1?HmmU9_$yn&cI??TcW94IkTlE2)YqzG4nTo;3oe9
zT*c{_%(&KtZT3ASgS0xy;Dj{?VnCJ?dAOo#OF20;I2T1ii*+jVIE-)#<Ss0SdZDq?
z#~7&<$*C!e8W+%pOQQ&$96~c;$Rs}wjJiME(Tf_QUR#y3y33djq)Nxs>>I#MQkU+?
zzIcJWFJat_Zb?h-3QtGRLZyl-g7ouX88}oz38}GRbtc5Y+7EDQm5$**B=Y-2GA|1}
zIWHgYRge6%P<QFvy#$8>Q)`7yOGU%1)+S^dxNxwaaLtM_I*+3pQ$FZRO;Z^$>X$~=
z*w#w>$(!Pm>Kzi7?|;uF&7I^=|6S?9`DAcbvAS~@&{<*-@&*XhBGAL1=hvuAtJcw!
z-AkJCr&`5~=tCc-K(LaE60<O$X@o%?&6G^~I3vF=@Gc9e5yDK+NZtCLbPy)8r3R34
zT(a>2+{5p0EX^~~GuX({!LP!rF4Y#}<$epgG@qxD35Fy0s`*TTZ&$7K+D=s6;yU#I
zOA@5u{GiTwhOnxS3;4y=#g!)+%Y!eb7wlSAGKzS?F;RZ*Y1?CIpNsR_s?>gTv4m$z
zm!wR~ejE7VZxB-N%XoND=!}vK{c8nE>J_iOM3Clb7H58(%aIzC<O&lLA7<A@BcvRU
z9tNk_xvzFMReO7*G=Wt~0H^$^Xie(pb6&od5~qTWNCN2VbX^^TJzpga`8{eV35#-y
zDPX0jC`)PnyA8>Z&sS>u8@KxSWp;dhv0m0N^Zmrl;#Vxyhb{x%?aEhQi9CJYF7+cw
zGyJb92=y2y{m$aQ$x@~AtQnY@Zaa^wXx)Bbu+fWO$tN#z;J_fa=2;opanDv)z+xeb
z4Mjy&>q}R0lAGE90GRRKyJ3AIKDrnrBocn{N0BRRuCRfzqxru4EC~w1*(F=xTq82o
zeQy9lVXxg;n$CD7cwv#6{YbPVWeP7yQk$$k!5%E+wmfQ7NNX0}(gZhn(&=;)<7}fA
zt_E1`U?HB&L#>5+c&Md_3PQWIZ==#$#PFH|J0l9bd5s+}8&BbvYHxswfbX;@VKDdO
z2cmah&hKugM{G;&QcH}u5k3b9Adv1<`cAdRNHMo7aBZTMTAzx_JF7_XN6RyS;S8RV
z&MI(~WN4=r)As9>h|CC&&pcv|Os+CE@#8&OLSV>VNF|PSX2T@Tu>?S(5g5=jDZpi=
zn<x;xc2tl^x@$U8!0bsK>Z=tHOvZI%);G~L!RWS@QeJeHeLH&E$I!Um=DoUHXc1mL
zfmib~pP@}_Lr3?_R=_0RVnA7Js9BCyvE_hhrVwJzR4dNqoqt`aeJ;s=sDKM)gS5jx
zQ)U(EoHtIWnk@l?RnD~aa9Ev^UMwcuL(u^JxXyO`;I*Liw8*#OF!;4h-ypOECwW+$
zW)VH1JtAot_AHaRNL0*Ew_==hIpJCmt)1Ci^>z7g_Af1Zk1_(6%7|SdHOFCmkmxI?
z<ipF2s$q~YcRWo>V=ZO2UD|^b1nl~a1+iI^2T8X1`7u@U?7yTdLv_;n-8#gMQImVs
z1B_FrqKkN!8w}q7@g%%g-eWuW0Y`Y>G+s;I0Ibz&u8dms)kV=3UYKT+-g~M_HpxoX
z*`_(8F0U`(_F-kH=&3Nst}`Q%?&$51G<KXhca-aSxtu8r9wGEYE4o*efRrdbQYxHE
zMk}i(XSx#bcN3|yR>xtP)OD=OQnkmdiGx#4=S>r1N6p;Nvs&8QD##@<ivHFjrVW$l
z3?@58wR5~Ve^f?mg|-Y!?8{Jb>D}G&P3`$1p7*PxKAFQ5Ulh^C`i*hO<($9Os!}(Z
z%M?p=)n$x;u3L+qWMj@JKAm(2b{~1pf?Dyp=!S^?$i2RyL9r4oJNfO|V<GPOV_<5s
zgWyukjk=pHCZ>)zX`NSVVmT3JilQLSObqDR3uZrgQG@8q8$fZLrswwKV~KG{XnIHe
z=b?aOWN*yUXeZbX%LpY<xaz4t$Ee1P{Er>qL_hRD0M<M3`RhAiU)=AV#P8BLZ(OM1
zG5&pgxJ`Jj99B9sk~GuOlnc80dW4o~lfzLuvp&O%^0i`x**E#!xl32k%-k1OBm^QS
zcNAaEsVp!;TM{JB)?9lP73oQjNOrW2#UoEznxuxb1mg%cA<h=2*Wh{R``MS-T&_!Y
zN4xhB?8Y3t1KocCc<(@gtS{U|vZGsL=H<3k-Arf0xPU_cQ9f4HagLh7ROI#eFyuD-
z^YzcfmzQ&KDggqHU%B7#wmEpOIV*dxn{J2r*G)Kw#b~r!1>lX>j7eJ~?0zj!Q<KjJ
zGn8nBTd^0ehR@4<KeLfeX?_DBEBA!d{I8G3ZR+rQ*kYa|y6#2h)k?F#_}dwKa~>GC
zlTd}$U4ZVKiA;qXJL{KahLVBkbmb#Gagx1;Fi@<-XEemu#9^eT$Ok=@?OQ*WXvE5z
zi`u%7$Z)^i_6bvCTy?k9V6ZqRa`@jjXCcY~>=vggod^=o3;8XQA5l5>^S;e5pTlet
z8`#&o+lh;lGz!760L9Nj<PX>=uhsn*NQi0ZsH%4KF&Z(oLq3UweqjIQXSIg?c^ix^
zsv<3w*0poKBaVt@j2J(MSI3^=`xPuy?zFYSuj-dd51|TytfspL!}~v0WBDSXFIYr@
zNsg&+)|U}4G{*-O9o4H#W=ExbEvznh3_3=IzpuWSm5Q%e=*%eNqo1W{jgGFoQmm%`
zK_^=2u1w)G@%JY&OGDsY*W}k}k_aggDoY8>tBlgMBI87Cgr@^j!BUYOK>knaZhC6r
z7`Cc1M~19}bk_LF#aHMqA5OueVeDEZ?Fnu<1%H0Z#NRazj0b5)pf7Ex#{ZTlgDnui
zid0tVYP@-dxf_`nu(V^I%lh%VL9lt>H@F)TPb7cK(Nj-dWDi5F!YW1@4{fAY`*Gt#
zqPt%vSF!g`U8*W=mFP<JF2!XO{{9ZRfJS9b7;f(Ui>!L#={@IW>e3W)3MC%cFWt?b
zJL$5-+jn5+Q<IOQgS`ingg?y(T}!337Q5cI|MT6yRF%k9rz5=FrOcDV9ys6(__mXf
zMuv{za)>+YF%9^>X@A?WK7taZjrzofkKDOz2ew^1Ns$sLH2qbfJrsihM`$<d)ZjJA
zNmNZ<=CU+6LAtq25N|knlQz=Jh+0@mIckC$MYDqW<JU5}N$1R*@<>frZJiisVfWF_
zPlAkWpPExBd<12-Y{H_=5Lvfjb?pYf(@1?qDUGS|i#0|w3@%Yil$Q)?UVednr7<;T
zBxDkeAJKAkD#&sV(|TkovsBAZ#zm)+#q0ar@}uF)DLXnnL#3ZG+SHlN+V>iDht#5=
z@=u@`C9*3_J$y@w+(LDKSxcRWUeD$P%B3-Fd>hhFKe|WG8*gKsX-eHj^Q_D;O0{l3
zGkvcmWBWi=83DZ|y+Sc(&u-e9zV+dBb`pssdL92n&uYH0!F`mL_nU_DXs`4*`#jg*
zlKdr9i4+k*kXwvwgU$fwbyWm03CVntf|hn)e{&gud#xWrYhtc6eJ1Rmw$y*O4f&@n
zv#?0Thb#f5AN5pGVNqh~na<mMAW4o8F)>4UX&Y=6TE-c~lD4^i(=de9m3hXqO*$`S
z*XFf`q0DG#b4FZNszWc5=F9RRaT^6w&C;I{(!r_fBDHgI1~tk<rf{t+8I;DBtLW&=
zxMnF3taDaLiisHjR(Sb7QHogtA?Z1uzR$Ndzu5_>C^SYkB)yl3Ob3FLS8yeuGd?@j
zk2kNB!wR?dJpik;G|XZbkuo=29k<PX;AJazrFu2rf9-e>;O7XHrPM*I_Sp~0{^X~(
zD&6P#qh;iW@G=ic2`|>gnU8mofg?Gz>|zNHfa=6i!$`gn-#4)={1snM*^e)aU1nXv
zXYRK_K4GQt9YdMfW-cf$Uag_L@tC%;JNJl#0PN9falr~sJ{mea1^hIS6!$_w{6`xt
z<dJ7`3-&hB6Xn#mRwhz{!B@J;ZgQ=&={&+LEnETqTjy#s=@=tsWwb|82fKJZ>_n}F
z+9hoVTy*xhJvLeD`Xd(pKCWp$GLPk7a#)I+*K66v&%yzeSK{aFFZ1?bkYSw1l}X51
z6fiX|(LY4FwmyEoe!7S*jL78L&XDZcLy{-KQ~y?zE;c4~n^6!_cOoqCBz4E;nBC<v
zJF6yO$&^}cj3Y6|afZ+&rglrvZt1n}KA+apH1$0S+0nLQ7+*CZ^wY1bS~_y2+PIM(
zfG62DT<RneMB#Prh#w+BL$enGJgW|z)!<1&^T;Q4nxEH6FW_0bR@*(I<!Q%b4R-jw
zoukdUbF{<s^eqOAIaeoRqc2v9+!Mm@<AM??wVQjTVW9=w@8Nc~&b2}O+|*R@OmGUG
z{giw=4SR*wpMzwXT|QNX&$hwW;x{v;=IF$8`s`IDJK7r~v#C-$iSBE7$IiN{&~)%&
z_PF}SbW1Mdzk8NFO%bV?`bY=nq20SS1i0x~>qTC6v|23vyr?xPB1_~8$746^j@D`E
zctAm9Kjkem<rzYPy2G5~Ok1B2NKJ?&1@0tfa%n{XrDoAh8@*?iQoEKZFRe2A&~m~p
z5xRw?o18&gF2mfIWp%vATJ<CqF2Auk&qRh#FzOXn4g>Z<Pw-|2HpZQhfYKaxRM``d
zPLJBT%ym%oQQ8Mr0n=aGl%^eOiHL;bJXZkqtYl-a<2|55i~J|e3<wSZgm_Oj`x7<<
zqL2WXgpieti2uZK7!@1(1Pu$eE@u8&4HqDJ1H>hA8if?_t#U(OXDTMI1fxGJN$lh7
z5Z$=PUjyybL&!BP;EgG}ufWqEG@0DZ^fyN(SkU|@z<b4AX0YLVPSDUR52!AoZOpb%
z9*~plY-_<$ELl(!AZclZ^_d^yZ)iTHw<=<Fvu9}icns<8ry0~p;bKCtihBGg7;F|q
z-)9@YX$*Bi?W<FmAy7r|J4<BPiKwM9emjM?m#}fzs4sd+nk;RJvS1-+Fh_2*f`Wqi
zJ=IFkBbv8Vm|UiS#b-T=*ZHND1NDZ=C!F9X!VWSZgS=olrj($szmpMYOdi{;f0-df
zGsrysYhoy3%wS!<+4$;|bo-`$NjyVx1e)>+CG|J0?&esgf?uC-Hch9z^+<pdU0+P(
zFalJ1WMibEYvRkZQGE))`KuWRd2iM!)T{XBQPX&}ByZuqOjStg94%mY+0jKUnBYVT
zp$b4QEVP+QpvE9wdq$p-H4B{}?fI+vD<k`De7~*l`v8U7<NgQlSK=tI!T8?XB9vW;
zI(M5_xQFNb9;mk11hh%ON6U6k$_fy11WxvV%>Ysqj)+&NZO(kg;un;-EaF&q!y(M%
zfH{FVDB!r^86dA!4Z?Oi-<X=xbY8I<D@GdzED^OHBNwFnxCqpYDud;X*(zSR#zg>+
z4_M#E9kc?$ar49JV^VpPC)4OvO%-_Jz@meV>ZEQq%A+{mgjAp!>fn6kBL>A}xONY2
zJ2UAaL5Bw5o6OE;ZlT?b99(?-3P*M(8*PJEM4ZehLmh=FR_UEft8`}j>Tn&%=d=1g
zvJ88|B>t4ZaK4)bwu2}IZ7I1Cao-Z`;#@Cgx_hE{c#APr(5$%Hu;ag`;A%7k5J?1`
zaLaH>kN^mNK(nd>NT1u{P!iZN%G!S21j=ZUUk%eYUJ^aVUJ#oUeYcnOajJU*cu4ke
z+<OyZqKKD+pJWA9+~BlxjG{6}^7mB%{ooPdfHaC=Rf5JSGM2@k5rNXwX!8>*4@o!V
z^r*772aq=vns+Lw>bJG=w0x^>JtH@pLk2tnsQRHLMN+YOVQ+vnBwZaliM;R)CDqcC
zIX`@DPBWBXFB77>8N^h716ds{ItpnzC_@yLz`oDeq7}cLNL$Y_ASxnQ6?}IiC-@?+
zhlpA}FUj2*Vt(@o_79!**BP~ksux$z){Fy^*-U#SSx;QuIX~FNa1Q-ZW2T~lTF6?t
zkG;JF-v06Q*1kBQ!Y7jf6R9<ei^J!|vbV&ssqmi^J|KivSXS1)z{waFWE&Dk8C&@H
zO7yRbLomVzI?GS9*x=efg$)VY`+f=fLQDCyFXG55rFp&nD*<S@4AmrS;g`Azcwrzb
zP74d-#S9qOU!bbvFTSJ7zcU^|Oc<iIYPp;Q7m~HQ<cPPRDmwVBaA7=&^&}{ehUsa6
zILEB`J>@dIz`r03|6~|jUp`yS$y~4AfY`A^(9r_us61|CsL9ns*z&9}hctD9S~9|3
zd2($#^ExHA(%)W8S!o%`C1)CbBJEObm=Q&_G)?gxC7`#Rx$HSgdu?{d-XA%K4nZcc
z4MO5n9Br^+?bvu=G20jbX-a_-=d69mS_8HUr)c50-QF7&%X}pF%a>@5Z}=u6P)-;~
z8FJ#M$gH#r9Un=!iERUgD|jOBytqlMCPNJicG8j1e{1;>Aiml}aju1|{__psuoWaV
zn{omD(m@fjEvh3pKRG`#dY|a2STctSGD=?BSnOWXFv$nt7}SrYzpFD^&tZ5o617E0
z8f6R1Mvv4!&o^i-8jC=?I903BO<~p69+~(<-asPDL*@?h`ykNtMPJ+*&~QYW5Nw8R
zqg^=vD|tUJ7mJo)shcu*8wH%mCrzu;gst2-IYqw)#AK{5rYCzQ6uEl>KQ{tL*#Z%d
zs7Ho_HTl!v;jueOdk}YF4!+F<__DtN1pXxtR5N15mxwv1JJO8HLexf_>;lp<cklMm
z<fE4lt)9#{FHfv)Fd3UHml0-pNQ<5VTAMFM{r+8+lAkVKJ6(pKra;HMMAfmzeo_aJ
zr${e6X5u{)sd^f0$RI)05R(NFDc4I@Eu>yCJG52K!}{_2bhapn(5@%;R&2$D$7el!
z2>dZGLc_k%AwGHFl~M^x6$Bs@LKGjoO)_zn+K-++ci3iI06YpFvo#|&gOAsOfb1hI
z3Q9&0n5YwwB(D_$Qbz4`Ht!7pHhV|xQzjgQ>jLoS7DE=xR+V}T&@{UrKYwC5=zjFO
z2#&@_JWug;bve;I3wTcqpc)R&lo^#4nGRCTOK0)DLa+&4hb+)9x!o?WC&3_9#`BaG
zmGh3qa<Kxw$bSsX4HBjSV1{Jr+pmX>sEtt3?n<I6#Zh;ZBU9O4Q0^32QkCjmVHnuv
z*X<Jz%m<QdgwV;kI5lNtjEAym7Z{`?bApuw3V<FByX4VBsmRH)e@hiLR^oz4F;###
z5cz|k{o3ETjDjEJe-?&jRhoYm0+<DXSvq3f=G+~A-3s-m<2f;d_c>)Nm4jGhhu1V@
z#VP!zGa_y%(?CFK7EcEe9tT_PHIgx`B8?-l)cxhGM-s=#5zrka^{D`vOD!%sN*m0U
z0f6<M6MGge0|5k}AUg?8q-Z4tmQHRv(FRD0T{il1edLQJXE!+~rD!-9^^-7%SPE6*
zLk?C10Be(!bVaG8ySPTN3kzYkmbQ9<ikO@w;UAJG0SPWaWH+y0Qm)QDcN=iycpnaC
zi1d_jQLQpSCL^a2=lnmtk1khN29S}xTrq)b+e_;6Ck;z+Q;R0v#2A&G;AqXSXBRjs
zHq^tCp3&W?U&PZ~5039gONm2Fj833<^~p@fuzg@)M9D_tz@+Tb?;K;v5M9cQhF3Z<
zoV}2j6po0K!+Rl1_=#qw`MufFep;zD1mX7MN}M;Rab)a?q|A!7>L{ROMW@~GjlG7}
zf2W1Px*w0zM*(fzd@N1HE`CU*?Fisl3Ty2^f!M3NfvB8@U8I@+IT6J4(~^f^!AIe|
z`~x|c8@aQOM0!*1nYR}sEE;20(NIo>nmp@s?ws1_r#Rv}KYKKl(girEO<ZylPM|s>
zuN7aWkZBhd2`d`a+LqbJmJf9w8{YM_ClrPPQcVuzYxTGr7OqzNiQ*s|k6U~|OCeE^
z!?iJ;Yoa023mqvqU}X+cnX-@N%#f=Wf?#l6DAI4K@1?{G(AM^_5aphr{J`$Z^gTx3
z6}6s?v^Ov>lpjLXmqa05v?V&hkC#W_j{XAl9w!sJ+SA+&M#+U=Dr7KrKvC?#m)Ee_
zOva85MvIr2DpKWB4Q(*dd;<&{R<+SoQ`>eH!jZz@1=6QAJ`TLV<LQg7%cXq6D7tCb
zfz-kPe(U!&R2@PdypPz)Lz;R6$c{uSFfq!@3zW;#eIZWH4cR%3pU<@zOnUm2XvsJs
zNf0y6Ky<Ld#m~%qCHHAB;)k&3A<<>a`>64+%?N-$OVaP@m;ZD8-+BPJXesUd|JQ&t
zl6${*KKj3-fheH9L7=AC{C`Cw8iJ%t$`u1O|AmD>2P&c%0?64j1WWUJA@GB0H3P*1
z|3O0vfq?-)0AkDp092A3H{%vbU>ptczp!G&cv7tDmH>1?C{*c(_qUqy6?*y~EW9kM
zh#+e+3>Xmv3hwv6YWeyc|H1y}6<+z`4~YC<kpKXD+64eeBUJyNB>z!PRW$vEIrASC
z|636pcKF-D|5o!qz~4RaKIx-DdEYz){yyge|7Qmg5C!m_Bx2;G^giW7W)y57R_vR(
z2>f^A7xEjRz)bdM!+6LS5y?*JxIV(;avfE-DW_+OSmiwMDlA0dL;)iRh#FAks%;l}
z8O{!RJ1X61KxcD21{`l%pzm~ArROWv7V3n8v#FnoC308Ux4|t-ZTel^RpK7y=XpE4
zTr^QPqMwv79CirE$8%H2qr&xO!FFB32+B7wikrk#7&GQv&RyQdw~f%~54bYU1DN&{
z)Qqzs=F2=8uGSOKeXQa{T<n(FAq?$r0I~{|0>}K(NsF=#ZmA2ZHh09E4-$PZc*UDs
zeQ4jyf0~nn_WWkPSn7VVaub`ypY^hYJ&KX3G~gEFsb$zDTOp(c(Od*R#}6S6ZEktm
z4cvw{3pqsbQ%$GwTZUM-2wH|X1j@`n%^Mne!rXOtGb@opG64-&#s+7Q=THzcr0SWJ
znDN8F353rEY*f(L`Z0ps(Gi2U<7XY^!9_fW)uW(MdOoU|onM9koouhHv^1r5jy0c+
zq`$M#lCxGQu}X)-j_(jfe;Xk4QsOI0#!izAaC`mySjN6gYC0`<AL}4(2Mw#rot!(m
zoxV5N=Q$S)8+Rc%PpMNy2}$gh1W^j6taWQ}CXn?8m<(_O#e|yrqzEP;hX;TDvDom4
zzsQ!<^x0cgIMmV?9CtEwl$!kuD75Tb?VTDQTbE9LfeJ>4&b)x>@45%eT*>}Zs@q#}
zoB}p-fQVu-x@iS&7?VGaqIBRatd@DoTBHsmUnK7$6iIF%|K|fFWwH>Bz%SzC(1_58
zCt^Ha_FWq1=A`i8YI)w-sYu3!#n{P>jMs8bj&bp~PfLBGAmV+~!#37h8sZy)l-Z2{
zIQDgCS8v2z-0VQiun2LMrV<MKJAz@D;RE(iLol_UG@$L{s?RUHH&tfR+&W$0>(sgQ
zY772v0CeB$Kv{w-0@k?_v0dh12`Ri-Mw4kjgqKCe=x`=nFn#k?wTPnoHoX*H3`p$G
zxG#6DH<fENuLyu?0b_QtFj5bygiq7)jaXlVV%E{-=Ofpp?#e2+2Xx$_`2r^YY#*Tg
zV>a)}FW~Rn2mZFDzs*L;$tb9>Z$>b&0a<bDl9(~@-&s}fb|d&rb0?-DmK?a<d+eW*
z*=DfaV7o+=Q9g};kk@|o8x^8C#%ro~%3H~$Qgi=j#dR$v_qd|gP;!w2%q$J#1zbFD
z$Be}mXEtAX%IETfd_y7aZ)vqTO%(&|)XxP8*7XM2^!i7WvRsgG(A$*X6;{1@GFVq(
z2FP4OwB3!GoTH(Zm=(BLt0kq5YZn$*A3olcQnC@uh{tp#-WAS@2pR+)3K~w^!Eh}v
zPR>*Hnls~kwPejHM|81IQ5^)XTkIUfoptY^<vZvW7@~cDCK4`6wP&QYGHGF<FGsnw
z?xrgxd{EE3Xao+hN61AUbvBQTy)V%<^Jm0C|5l9byZwTQ7~!2oIABm~i7F@g?aD`4
zg5<m9(#gymIFCZN?_qz~jPONEg@tCItdq^ncmIxZEhOBf{k~%*rB8f_*Rri~p#hRW
zG*us+78X&;4v42kC@u01mvzgf?I(`M{DXdcg^*mpzDu@8Dgb=3@N#gqKTN140{$^0
zr9t{bK<;4uT2&d1G8W=~Tb(H)Fdr?}<kR3>)Nq(6tQ!aOE8HSDdmcaM9ia_k*$uun
zvmr8(p%B`(>4ObKsr(o6q=?W}k=ZpG$fq83RhZ6h8hi4fbmGrC6b^J9>*2!8ztJ@*
zqF5(t9DR&r*bh95&2{ntx1Xz>EY3Eb_x}#By~o$yGjAb4@0(2jD9v9ggDj*(Y^3-e
zUt<(Bd{4r=Y$*75c<o(fCioByW-Ogz62>lbwClrIQUC+HrPOyF1<Kk4zs7enPHK!V
z8Sh`<y;2x448bZ347m%=P2(bok0d<TCd5q_PuB9pJe$TUHlafTnejZhb&XT-RiRI}
z#>#1JKq8XUVsuIr^)}C-pTRkMv<Y!(A`p4M83lbqo}fWZ1xD|IOzZ|xP{S`F^&G|?
z*1cuL6zO?qj_G(yK@1o{yYPlfVJ6{-ls$&6Xc{73<C(5{9dR5~^@<!=M=ULnG~7e;
z0QUFEW>T<Ts%ms9*1>ProJUFz$a-5#eHDALdtQr#?`!tU;8?J?ywwmi<$zjc5~`Rh
z+7o1%(jOl8sQqe?GZ9EY_QAm*KxkrikTYQ-SRhTg+F*iHFMG|j&kp1aSigJ5PN>Bj
zz;nxW@fUu-%C{k?uqihTg3RiG4|3f$U+Bw_5gd)WrAdQjrU|4$3WAIPlArAniTJ6N
zMTRgf>!IZ7$PiJb&%T_`E@PhsAvFXIBa`6F@fsjb1)rYkEJ+%{!_mS9(1na*I`7p0
z?B!sE5%W^nscGTN&cYC(Q&pmt)ok5`k0lcQ+dgr)zDfXeGHN|~55ysK)|_^zLt<_b
z2ru|q;AJ&@Ak_A+iF!yL<Pu!yS=UFKz4V_V!IL`8b54}t`R2o|fO^WIb6Y{R&pDt(
zeRiVNy0K%O&pP=<^(ds0lJ?1PCly!25>f-iwUd_Qk`>dm3`b(fqZd2+2?^=n<45OE
zo`)}^i3wCHjfE!+0jg?Y{V@>^X6hQ+tElM6{RKdd8HAB(h`#rs7&)^SI7AEVrYNH`
z1dY{Y1EhPOSKqv4Ar+v6IND@z6quR{siI~e^dm3048WRhJ766F8B(T58mifXR!DCg
zdqkQol97DlDnb?78Hpt>Cc|Zke)`*p0HLdKH6NETg>|6>MKKygA}wtgxS~*P6z_O7
zsgi-7?Mfte>&=D;F+eI*yd2yVt9uD71q8zjt-q@QF1iE$zR^B5n3@jHdrn?SjU8vZ
zOkJIls6S%C32P21E(JQJMSIXm$V!n%MOXxT0eI)G?gJ^SyU>cyI$;miT|;2^2J4Ns
zEK&o|Jqy_rw2$!a@ZxG#Mv{BP{LkDLe@n@6&@L1>E3a?j8E7G!dzrB^!cMnC9)~)S
z&&B8ZYy_Z$5|?9BJfo6x8wr2^bOZmr?1l8B&!BB7-=O7cf2Ck!`7oRKkX&42wj}!U
zH^=uS<YKXN&)5{1vZ~gnH$Zp&aEl4T?Q0EhAM@Hs$z1lg8wEBHph9&N>^8iqMb*G#
z4n&s2YA8#5YdmfQ+l^oc`@6F1;=b!stPr#@vQAU1meP1H3E$q`cQ`UN-ynCZ$F-)=
zixAP7%J2l|88EbDJUNhr=JhnhAvGz-CXGiJewuQ23^4$<62Jh@y&jyVk8)DsFq;D2
zPetofJnW1vn|z(C5H+8a$d-UF6eP4f672!<P{Wo^Rr7<C!r$=52?a!Ec#`f!mz}9y
z27W9mY$kSdAyzg}4K`Z!`GJOvP+Py~uqG0ffB;o51s;u@0G0p+SKSy#X{%g6R?WD1
zli)Ff<tQYp95E8V5ErPXM}=ES@E#D>Qs>EM7D1u<0Wx3o*RH`Bgmz*qxcP{b`JlBC
zsPLs0f+af#9bQ;9gJcLDUZ^(<iBY>k(GDX-L=Jp(S{$bt--J-4og6=UAgP@{H=E(B
zAw^YLdX`h!98}%u<AY+bVq$e%7DEaLuoRetZ6)|b3RdZS=R{I&3Uw#5E=t3Vo%ZBO
zHHH^drV#>d9rM0{(g@6ffQbNo9-s!9hJ?*CgbO)sg%^sgQJ75IA$7_V41osTNT0M`
zcvM(S$qiC=rUpd@4XUzDr#N~``kznhrHmxQc8WnOXLUFfi^2awSftZm8!1LYgHRO_
zLYI)-o`hBwR#r?w;sC^BQ&LO}67Z6B&I?{d+WofnV-jf(@kjo$hGhR>CulbT85q?C
zt`q=RndBR7;KGMy>z#|J*_g-RSA!x5WcKo{>opQKZhpGw#2b(~kZO{O-8&D4UVpIo
zir&B0qKyj}$2_$kt+EDNK-d)iTe#zQU#KhKuu;14(wo$bF3s14%XTa|-9Nh%%ep}7
z9E4#K8i=h-e260Ig)ivjlq!9}Ox5*Sd7$zjVA00@z8ZZJvi=|t){stB%we7u5^h$J
z8Cwwkm#YG&_?{d^<$<o@>zaKSCPF!y(!oH4ek11rB@+Z(r7MkI;?IB+&1oOQy9Wp=
zSud^%*Qe{Cul4P+eMd~TwURc8Tm1nfMN+L>iPFX1l0HAZas@mN7*+{7IC1&y`18DN
zDZWHfPJ`yal27*^c;5h&`M)mg5RG;ywY&};>+<;0pIDxU0<xzryj~qxSC2gO-vIeN
z66adENe&JE?QpBlyEFhZn9Y-39$5(?CJ$h(d~ETmA3wYcWroS}WKC$_k8bbY;sZJo
zJWc}=r2HXnW6@nlB|{|&Rb0aopA3Z@y^uS%Nv>E<Zb9``)p_DV>}@ZkwSg#>>4au)
zn^?96SpAJ&qkZX&9k5U6n6`Z-2O{?b@H&y<%eH8S>J)2nQb-ZVtSyM77-t3Y&T2jk
zFVxpQ{Y^syXI_VIfRQJ|j#o{|^r)}-TglG?5Qq^o0t3icuS|9aazOqawV$q)^ty(3
z>G$g<)#8Wy*CYtL(2BFx(@m0Uc`>Hm2rK5qkhbZSbkdo-yZ+yJ<_?VA<<*&k)R2k;
z*K*bCaufSz!6&*gc6$LpFVNiV{AEWq)I}D3DqHY%3XF#-m6&L4&d)6o#rjpw8P{x5
zbs~jf>QYQ(_|;@V*xJCMl)!^T!9Z{Xs82%m(%>|KitOQ6o-_x<T|YItKbpjU=TkHJ
z&>|TaSwt3pTVhFkk{#U373qp|d6Ms!bvJclFce_?%B1~#B&v9brUJ-g`Tz@Qua<b_
zaER6)b|$eR&=7#5mZ3@)Nq_aRRY*=%{uaDhw2X>55D4JG7J@dU7(p&D(~L3YF}2YU
zrlV#GyO-uxKnJy#zO!ZdjddBLHr-ng6Sj#pU8A$KxB@^tGW_rwF^(Cq-6w<v*UP{<
z)ng3^X6(J9!@y-^N@HiJW=j_$xbrv*NBbl;l8z9oq=_N&A#0)#Pq_FFo028sJr^4o
z2mnM#MI=I<3zjRP9x|_?u*nL-_vHzl2ZNP#KLM2B@z}z@BMGWN6Nl7$q;Lh`CTHJ_
zMhFxuC4?0!k#xZ?W_r787Ey#j^!vKO`~CJcLoeESMAUdsA}d84>w;p?CY3@lq#=Z2
zwd>0QT?+qZr<Vm_r~)*&v@s<|21g7<+2E$}z^$4QK9GY4s$90W4L=W-U_1r&t7e&$
zz%olir>rqi4Vow8r$&p^L`G7<0-{+}(&BYctELM`GlZyb8SkIjR*k+!w77^D?|oSy
zPD^uaO29ecoC1tmAUOtt??g!jG6bXYL}KBX4?xG-I-4(f&o;};37tfP0R|YogF`5i
zhylr1GM|49%JF|e;oRzwqF8^>1&(bx=<y`LL~UBN?}Zg%ShqvvenYM7WI`?gOGTYg
zq7*8?C#E0M5W4)~4k6L)(By6@e6>JO1F0B~o!&fiK&eW~j)D();55RX`sIhHplEdY
z9FlSjt86KN98pCv@IYwP*xcj-tBYHxpbB_QS6A<U+zZ>QD?ziS1i1xZlw1~^!NNYf
zix@U%=XU11piULJSB8;Jfp6c;wgSKx#7&}cE=3K6$t%{wLQ$3CxQ(bs#`PJqqF0(E
z^1uYmB0iuc%?w9788kq^G_Y=SzvOW)c&c{dDo-+S^b67C6aZJYbB+P|$~=i%(k;|G
zRw>IKcja_!#I90o9C~gyTka@AGAzKl&I%6)5)m3Cqw0tQ7)?JW_pL(lUL8qw2q;HE
znV+^RY>DVQDWp`9Pbgmcff>@X3GiU`(;sco!BV~zU?1=(Iuoh{8KUY!PJ<ov!_wam
z=3G9(8yj62m0pqy#%X@0!yv&Ti68}eMC#z5iG5XvBx`RHYCO6BRD@<2WkJ@x`rEWp
zweFt4#4$!jW2Dh1bZjAyh*c;oFxrtLz6Lo4nF>t~Has}eutlsEST$avrsfC)^A8tu
r5<%Jsg6@$3;~4Ii(z_W+@FWgGvMnR}f}Y5B-49LF^J*9Hw)Fo20eO{l

literal 0
HcmV?d00001