From 7f5b84805c6202b946b06cc99afb6bfc54d9b680 Mon Sep 17 00:00:00 2001
From: kla <kla.ctr@kinetica.com>
Date: Thu, 6 May 2021 13:24:19 -0400
Subject: [PATCH 01/14] inital upload

---
 .gitignore                               |   6 +
 Dockerfile                               | 108 ++++++++++++++
 Kinetica License Notice - April 2021.pdf | Bin 0 -> 75065 bytes
 LICENSE                                  |   2 +
 README.md                                |  11 +-
 config/gpudb.conf                        | 174 +++++++++++++++++++++++
 hardening_manifest.yaml                  | 121 ++++++++++++++++
 scripts/remediation.sh                   |  20 +++
 scripts/start.sh                         |  11 ++
 9 files changed, 451 insertions(+), 2 deletions(-)
 create mode 100755 .gitignore
 create mode 100755 Dockerfile
 create mode 100755 Kinetica License Notice - April 2021.pdf
 create mode 100755 LICENSE
 create mode 100644 config/gpudb.conf
 create mode 100755 hardening_manifest.yaml
 create mode 100644 scripts/remediation.sh
 create mode 100644 scripts/start.sh

diff --git a/.gitignore b/.gitignore
new file mode 100755
index 0000000..098c399
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,6 @@
+/bin/
+.classpath
+.project
+/src/
+
+
diff --git a/Dockerfile b/Dockerfile
new file mode 100755
index 0000000..87a1e9f
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,108 @@
+################################################################################
+#
+################################################################################
+ARG BASE_REGISTRY=registry1.dsop.io
+ARG BASE_IMAGE=redhat/ubi/ubi7
+ARG BASE_TAG=7.9
+
+FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG}
+
+# Set user 
+USER 0
+
+# Set the Baseline Image 
+RUN yum -y update && yum -y install hostname fontconfig java-11-openjdk-devel
+
+# Set up working directory for Kinetica 
+RUN mkdir -p /mnt/data/gpudb
+RUN mkdir /mnt/data/gpudb/etc
+RUN mkdir /mnt/data/gpudb/logs
+RUN mkdir /mnt/data/gpudb/persist
+
+# Staging GPG key for rpm
+COPY RPM-GPG-KEY-PK /etc/pki/rpm-gpg/
+
+RUN gpg --import /etc/pki/rpm-gpg/*
+
+# Staging RPM for Kinetica Installation 
+ARG RPM1=gpudb-intel-license-7.0.20.5.20210428141653-0-signed.el7.x86_64.rpm
+ARG RPM2=fuse-2.9.2-11.el7.x86_64.rpm
+ARG RPM3=numactl-libs-2.0.12-5.el7.x86_64.rpm
+ARG RPM4=openssh-server-7.4p1-21.el7.x86_64.rpm
+ARG RPM5=libmspack-0.5-0.8.alpha.el7.x86_64.rpm
+ARG RPM6=msttcorefont-1-1-signed.x86_64.rpm
+ARG RPM7=caravel_all_2.tar.gz
+
+# Moving RPM from Staging 
+COPY ["${RPM1}", "/tmp"]
+COPY ["${RPM2}", "/tmp"]
+COPY ["${RPM3}", "/tmp"]
+COPY ["${RPM4}", "/tmp"]
+COPY ["${RPM5}", "/tmp"]
+COPY ["${RPM6}", "/tmp"]
+COPY ["${RPM7}", "/tmp"]
+
+# Installing Required RPMS
+RUN yum -y localinstall /tmp/${RPM5} 
+RUN yum -y localinstall /tmp/${RPM4}
+RUN yum -y localinstall /tmp/${RPM3}
+RUN yum -y localinstall /tmp/${RPM2}
+RUN yum -y localinstall /tmp/${RPM1}
+RUN yum -y localinstall /tmp/${RPM6}
+
+# Update font cache after msttcore fonts are installed
+RUN fc-cache -v 
+
+# Applying REVEAL Code
+RUN tar -zxvf /tmp/${RPM7} -C /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/
+COPY caravel.db /opt/gpudb/connectors/reveal/var/
+
+# change working directory
+WORKDIR /opt
+
+# moving config and scripts 
+RUN mv /opt/gpudb/core/etc/gpudb.conf /opt/gpudb/core/etc/gpudb.orig
+COPY config/gpudb.conf /opt/gpudb/core/etc/gpudb.conf
+RUN chown gpudb:gpudb /opt/gpudb/core/etc/gpudb.conf 
+
+# moving radar site 
+COPY scripts/radar_site_new.csv .
+
+# move start scripts
+COPY scripts/start.sh .
+RUN chmod 755 /opt/start.sh 
+
+# cleanup /tmp folder
+RUN rm -rf /tmp/*
+
+# fix permission issue for now
+RUN chown -R gpudb:gpudb /opt/gpudb/
+RUN chown -R gpudb:gpudb /mnt/data/gpudb/
+
+# Fixing CVE finding 
+RUN chmod g-s /usr/bin/{fusermount,ksu,ssh-agent} 
+RUN chmod u-s /usr/bin/{fusermount,ksu,ssh-agent}
+RUN chmod g-s /usr/libexec/openssh/ssh-keysign
+RUN chmod u-s /usr/libexec/openssh/ssh-keysign 
+RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slices/anadarko_calculator/node_modules/*
+RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slices/anadarko_histogram/node_modules/*
+RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slices/anadarko_linecharts/node_modules/*
+RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slices/attribute_selection/node_modules/*
+RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slices/kinetica_3d/node_modules/*
+RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slices/kinetica_bar/node_modules/*
+RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slices/kinetica_map/node_modules/*
+RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slices/kinetica_mapbox/node_modules/*
+RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slices/kinetica_timeframe/node_modules/*
+RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slices/pivot_table/node_modules/* 
+RUN rpm --setugids gpudb-intel-license
+
+# Expose ports
+EXPOSE 8080 8088
+
+# Start the Service
+CMD ["/opt/start.sh"]
+
+# Changing to Kinetica User
+USER gpudb
+
+HEALTHCHECK --interval=5m --timeout=30s --start-period=1m --retries=3 CMD [ "curl -f http://localhost:8080" || exit 1 ]
diff --git a/Kinetica License Notice - April 2021.pdf b/Kinetica License Notice - April 2021.pdf
new file mode 100755
index 0000000000000000000000000000000000000000..a43667ace2d4a366d636f09b92d80c4109320a57
GIT binary patch
literal 75065
zcmdSA1yEdBw>FHs6M{qIE{!|E-Q5BWH11BY039HBaCZ+b!JR;GLU0HP5Fj`NO|ZXV
zX5N{(@4WZkuj;S*>Z73goPE|hd)YqEv)7^N)TL$Ffb9I3Xmm}`A51hLfD_<sZik5`
zBEq5V>jLJG0(pQOoUJ+3LDpb*02lPKCWkV}$(j-D#HORg1mMu}aPzeA&~^iZHJzP3
z09@RUA}Sy^dj%&eXXtGn4#AcHs2EsGj6((N0kVYN6Tl<*D5z@-_6EDDyMe91ZeS-1
z=p4M94;RG5FwwwHmXEeP%=$N@9*yCUa`trc0023ZY%Sf50FU#U0RF1?F!XPFP*0!}
zK@EMJUK8x@?CA!b7HX)hvy;ce2N1yfcukfI@SBaY+yEfoZ$mr)puocs)DsyW4>>Il
zkOvs5Bd5g=;D3~m(-HvuA)&8kZU?q_xTk_6G<;l~0O;>;%Ia>;7Fu8rBMxW+IJCh&
z9>0l5{`MjD+lRt~I~)>DPR<@s2Z1~fx&Yv#aV7w0BrR=0lFmLx&|yvhACL>cFUSQQ
zmx8(hb<iE~D9<71=IrSLHQ_Ovk0%^j9NKOmCwG^JKv?*4NNI6MgS~7mz?yQB(D}4M
z=I&6D-}3rfu-pNhe~s(IjsJ+NtgV9w*o{Nh0U8Ktu!XZFm_r%tWbI)C4H=O8LCf94
z4GeO`MDxjN(sy)Tm&Lh@9SB-bBM>7WyxvM>u79%X=7ef&A;(zpD|q9jlp_G~OY!Yx
zc6w6`{(1sUmpt&|aDR-OL-=~3^7M^~u}8I^My?>}L)$IIb^D@=1M)o_ds@G7%Zp&M
zc9{lXz!2ZKEWa(Ekkka6u!}*x1D`;IU^Mrkuh&;@{+Gn>6Z~-6BSqgWg(|))U=a6f
zv*QbN2JT^}+)O)QJX>=fM<O-8Bw~?RcMkuCx{MpyD%PB=6pu2@0vmCJ1cT3!KHtR_
zSIMAj)P%%8pW^g>pFs&W>z%_ny@1G}+*N!J*-FG5Lhc}t)G(*DyRPUBWiRIIGbA7K
zp^sN+x*y3Du&Tbc7Fu7^_=8xUuT9q21Ua@=VXm^m=(UB7`VX!j;AJaPR=u0g2rd=&
zH=aRId=bkQil$zw$-4IzxU-~5Zv7Kpnl@5JvBmB^PQvh%9debWUDNFx9b^Lu9%%<Y
zozbcgMGKYp<)V~p#!e<AG|U!3DbJ_n)3290p9-~2H_l1u6tc80sAt3^QT45*#a7Mn
z@amsQvgTmm<785oSlc)qlb8g+oDBl{>I?|OkMt?^luLAxJb8w1cQ!ERs4Bu?z9zoz
zNhhv}ZjI*?k8OSJ8sb%&igPzs*cR=6xV%)ubw@$o8EVs8-O1Zd5^~R4o2ti8R4?(S
zhT0H+snui`lXmI7{~P*9u36Za&mfzIO$_{9Vsvc;A~-(c9Aa13{YLGjiw?9>4l=n5
zNlbC`?*fX#SVylMv2#qogDoh_up+|D+Jvz)pKA~L3Mn9Xa&)T&9w<7x5y2(3F{dlo
z%U#6uRlm3#(7Byb!aX;2nLyV%P8s@?(=Mc1lf26x9E>g(-&J*gBmeSrNRD`pa4v~?
zb|#-RdK{#=jD)k~wZhEU2wSp{QLvh?WMUCOJtF)`42JO1jOOfxb}LaW;R|wh`R9jg
zC;bjujjrd}j>Z((4u*@0;-08O-fwRX!?LauN{B|oZzstyytYqHZ~;p})%;N&qPY?c
zb=#b^okw{@Ii7FHb>H`Co&|L;6!}FeT6de2#Cee9_~KCr=D*w$_|b@eu(U5h9`WfS
zy8rv#;qnWoi9p1{^Sr5AJ<<F2PB9dM)>3$5A3VWWi*}e-i9a{n`Fln$s<6Ik`5+~g
z$0JS&RbZh!DQ#C-66`fTGg6}PuJe!Ft9|XLYr4IzsY4nW*0Oj+|LrH+o?5LzwCkvH
znH`?HZltE^D7Hd@E<>z1k$^g#l%y=~;)`-4t-W2fDKTUi)Tlw%gwq1t9pbuC*KY3o
zjm*!}z<c<NPPC+h$ci*#)z>ZSORRQSCCqGMr<G;4vBI+bc=!95r*QKhX8qnrebcIb
zQ-?H*=(I*M_j12SYXE13O9F<ZfIDQ3QHrsJIW2TXXsq;2aULH4Usl?$Z0I|qYqBwT
zLM49fYZ~(@E<BPBwE(SHfm}3FX$1cH81tJLCV;fDl`f_&wdHr3A57B4?1~tu3}*S#
zOW!PEadJ+Klg+HUHL=~LWa;}A_FC00v|q=ArT2JAa2><w-N*BohQzQn(>s{JTQS3K
z%<-($Xo3LaC!P{dv^s+iZq@QztI5A_NREbR;TSzrOpdSngx~vSsU{}HE#JXZ8%DJG
zsKbTYX9oT`c=P)+H+#S2x#Q~m(2aM^bOqVe!B^(`2x1(y=XZ(hwKUG(h2aa|B7V*o
zu(C3fO}t<Kneg<jcgqz8ho4n%d94haQc7U&siouEF-p*ufGUgpXdp;?+6~?!l*OhM
z=#BH-$y<QG*`HhB8d4Z!@N;C*E+v2u_B|8#0B&4avW~74&fL!m(dB{zvWkx$?Y+RH
zUYD{t>yBE1Y;v;I`8(Ny;+`Xp$p%lEt1g53CpJGex+2nt=ltH?M^?WHN~#qR?@c`0
zSK$IWT}_IS-`p9mOmCX?BABU|7Fl6m9mfx?S~gYdqfqMpsL&?^XGLyu*LD@!t*+@s
zg%WZ@TAADo1`ryKy1LYXUiDAf6<G`_7k=2sUe!>ZtjV7C=nk3gMP?^lt4pKhf0Q+4
zKV?kNw#$930>t7_+O@q8O%2-A4Hllg?~uAb?J0pLA$Rn{Xhf7yhcgQsE=nI6*uHu%
z(w1BGv=4O4HX3t-+%4SP_DBx?K$bsv!UHn?flH5Y_kideTAt<}4@^cIN<bb*RY8tm
zD9Uq4g51H65|UEVGBPqOQXmIgb2nQyNoNO34jCsXmf1R4bLiPRNjSON{_FffLmKRE
z;b!aN;p_(Zofp`;xqC?2fZPDwTu^%S`!SFU2vxWAuz_OnBWnK@L?0CY&DcM0{K!Tg
zE&V6!pm1yL{xFvUl%3gHNH|$LfB~Ew67Cic)P|pz6N>1+9kX#kPozLD@?cwQo8K-;
zcv(MM1>oi8gR(Q9-%f!10>H;f^?sM+<mAx*UF+c<S{`6WU8u^VjN~KlVB-Y}0v;v+
z0J-?MAEt%UkB9g`NdcG(!1GAS{_67sMf#i1|Kd;_k}4dk&Tft%2M!Am0Qgs>2R8LT
zDoIKFUFm_i{Y~lbr2wr5&cEef_CMxd!4eu$TMu70`QKw|34%HZb<!OGd}MPR+Ri#o
zwhzn)!1G8d|7!fB$fF@p0{1|!HBA7265Gd-Kg|4VIsThDe-yElg7m}O4|UA-8>M@6
z3_7gsET<r?0&?N_!(a|+J*b7yEJ818`MN{X_dv*@sd}*DF-?C~8vyv2D-JyX&m(L6
zn+t!X-)e4_U^nQpVEkhi=ng;=Y;6l&ioT2zP`VC&*b;cUxHy0vA4>6Wyzz08KivJ-
z0{zp9N2C6z`F{(+|D!ekNZbE#`j0d!+dA1p<7VMu1mNQ3Vux~iK29EXJ^(Kd7dsd9
z1SrVPD*#<gl3GyauJ;f{4p{&Xhr}N|Uc$n|*4YWl(seWy9{w0@JUm?7g*Z68y}jA(
zZJod#wiY0E3ui|TkTrB?_K*s94tHlO4{s>vXLAR;J<xr3wtrpZV0zeT{FU<meK|dD
zI{q6c_ypPcc>%lvg6w=;&<f*c=l$KI|GPeL{jHAw@rnDN;DP(k$Ah-5BiLOP?5*kS
z2y#-_Qqlfjg9GrlJ)!JBqXSUzU+D0NB7ZaX-yW3@>-?XV%D-Fp-!BvaLEvA&0m%0k
zaNrZ<=J*#l@NfeE1P3lYAkX9K{2d&4{tGxLgFz2q34H+mjuSkbkK%ve1fKvDC!l+1
zE>0dk0Cbwa@6#W*)PGdhzn%;KDKk8OW(Eq4a(_O!|MzM6eOv#JX@P?3ADI1^y}xDU
zA7SO6vhrUn`|nfozs74QpZE)2^ZbUz{~;y6<2Bdc^1#Xc2VV1V{ySd(-naM@pB~#4
ze@o2oEscNW=CQHyTfhKZ(DM16F!1t1+Yk=UZdxuN3-F)a1rAAD4|jF2o0PMoi?h=M
zJ_v9qK)V%gF3u1A1ArCC!5z$@r2=xd2XH;2CC7j6FYrHN%O4!jC+naW2nz!P)0cOy
z=7=Vq2R-~h_<7k5+p!1(`;WBp(USkaq9Er6@`WbR!vp+V-{yfb{jZ|(p98_gBgpqq
zrGE)Urk}d@Jo(VkVZF!zvN;)#iY0>-Sqw?cJC(*H+2KM(hl~s&l)5=0UI}@8M@>5h
zM=8VFrZNR#Dl96X2G8sh=D26kxXhfd0r_PJV2vm0bw46MC|znSp0-@(%u@i+)3Lq;
zrTI->W?c*Cc5bhn7F>lWArly+$A*&K$4>zDtKhIZTqu**1JH{0&s-3ARa2RZxYO>?
z-N=5JslRw1f-DpyU3}$_saY>V){8=m8uKh+>bDQ|ZYpBkp|&%v$@kI`*u#xa2Yy6^
z(|qSI$|t0pR<}h+fXD(AzTZ<Md|be881Cs{3-M4}!z~jnoC&ugY;DZOPuwhrd~QYj
zdEG1~K54|xRXF?&%;)Eu9=(r)TeKllLE%}PcG^2@WhK@<^`(eXba}?(;``y1x+%W|
zf-J4o&GyY^)Lh?8S~@+o28^vDeDuU(VB8Bm0fe;MZNt)vxih&A0bqIwL=5-xSLTs5
z1$*<Hsh!hN$K2}5jJ}a8?PdSWw=10}>tAnI^%<%>tDiXE;q>6#1!nR|?M=Me&&^X4
zQ`<hb8}|%Kr$=S_Dlqcty7t`*fB7ge&-mo>n3H^mPZnO;`$bt0hjWAO3|=$&FtF*g
zZ>;Fx;J4<wH-Y{oTb*B}euzeJE$G=Fxl<W%?N=`8ib`L3aXPXt1_?fs_YN4m!6ZX2
zWok^B;iL={rR!m%-B5K1Qc3LzZR|+a(plyU2vTS4M`rYW7LQ>s<b(L!M5aqQ(Ag!3
zd(YoH9<TON^maQKb2yFBM*KZ~7+%8s7ik%%dGC>6IfT{2(t-H7uR@fxT^h>rgFGPc
zTPJcM`K^F;E^!|Fu|zer&I<wDqW3KgH7J1NIsoyzosq*bVU14(eo-uN-LUd=XgYDH
zfSsV~xxU74-x?)N)Q+o{xZq-K4~0p7tghCJc2+96PreJmwtX(_mYplfX)YP5v7Axp
zu#wdzkt`@6R45l<nDZ+In+Q)d&GK2Kp1b!xN@!=k^Fpls?rkb?%HiB<!=BqLVk2d9
z;rJj&oubI>M!_Lh1#$2tkKQX&vXUL*P_3EL_Z#h_&*SH?uQ8dP@WUD@#?O%y4Z4wg
ze&E>nzQliJJKiAvp2-t`A$~CTS?nruc?(f|$4GoPOG+C2O88KUXk|@J)-TxMW|D4V
zbcIvNn@@V7gbsH6Z5rlO9bx(_Xsa6f@&4HP9@osWA9#v9KYYQHZDmNw8;JV}|D1mp
znRaENB4o!cqybxs?XaEa8}+GNq0K3L*-+i*(U+FLV7l$PtzRii{18JvAQv}VfFHp<
z`5CRvG%Q83j8V1i<ZZeScV;_W$biUy4tO!?MjU?!Aua}PPd+IseRID(rq9au{nCw+
z-{?pD^N@){Kf1{Ams<_N`)7n7-|~cqG(P42H83`&Bq5n?OkXN`3nwF{LG6}OL`6L1
zz%5ZQqfi^w%>BzmorJ{NiH1tXST4GYY-mDBG6RFs%Yu0uL_hO2CmAK1&Q`u5@1#I{
zv#4pcJP6%3fb!iCQUk@bceiYGOH~HsjCSl;?XX|>+0gUXQw9lPjkqMH$xP=kJfA2@
zEBkxa(h5T@TVE12eI6fGkd)*u&UMY@y<m2k3B71BD{r)F;gXjMIe%w_;1C~O8`qqG
z?m&_sORb7-E0QyOCekymAQ=K5mV>%NhGy*H8trM~>oDLb0AF1p?Go=4{;G@a*dIAo
zT#GmU25aN{-G@m9$qM+?Qbg=!3?;-peTq;XB&?e+1dxy>l&5W)Ux7Vs1ZDBc?X%wv
zTdHCpmNxLI1r5TJ{hGai1&erksV~m2Jo41_NSL_-kVJHti)bBvFrPk`g-gKB60}0e
zc_pi<WTHnA>cMbUML0`p%gZx~lP(6A<4!a!bX#FC%a#?5K-;bA(rS8KX`@fSuzpNb
zg!4U$U<39AQigS;vP*|As)S)Avb;K7;UaN&XFR>cm!p+qS6jhm^%%7C_>3A&Tq~uR
zmTsB&8_?*NO)T}?KC}D+-0HgL*r;!HOd=98+RrI9gQW~_jXgp=>)Pmw$~td^;o{y;
zgw5a|CdP5#83-a{GTB5n4z@$%x`bU##-*e;NN-kc-AtHjo~0~*LBJnQTKs+FgqmhM
zkLuiLIzIkQ=bj460pU&B9w!-CYH22w$b-aWiF&89A9*K``PEAghMQ;2E>FchBy*eL
z4$aL3ey#3N9l&&|e~|Gg%*@Hb5T)fYjmy*gP@KS#cdGJQ6CU(6c1RG(9kC!UG%0GS
zw9RN*EN)ErEM9%S_KhMH;pe$$+n8?l*~KO(y;b{X^FTtjqWZc8oY?sf9ItSE!zu7G
zW}j#=(b9@H&IN6<U%sD^U1l(i2GPlt3yYG-TQ^DP4y0r#{2G(OMg@m|B8e%BdAS|m
z6ugSAwWX~eY!|rRwi-J2Dq4)yu)(%W((dD=`SYHJB+XmA%_*s06p=;g#%(2l^pn(9
zw#e`Cm>*lPnGj1$ocdX!XWfTG5@#;u;mb1@O1Wsw)w-PcK~wR34k=HszF$9=edFOY
zJ(>J{e7Ifs&Ah8w+nf*$`u%S9@k(Mn$(P-qZ@nt)d|IZ<2|_I6=<Q1uwbkaaI*~EU
zmzb*bp50aLW~W?Iv+eE(4)R?#RLrN~qrMdbGRwL1tPwltdQWDNm#?{89>lh|l|Dz&
zq%+~IVclP<@bwIb)l`qVC@I|2wv|A@POws{j7#JVI$HIA`|dy>ac1O-e45@vheG~~
zo=dQp6hse}$dlA0dgBFHpUPH@Mt;(jiuemo4v&Y!JYSS+!G;3A5fu?<B!H>;E3b2A
z+lU}pd=e%tofz%=S_PNYDT<n-NjdOw=ft~kG1prHNzIUxpUbOs{b&lW?dD5S08EMl
z;5Np*5;`=hPc?qNTlKbzZxCp~PY*GLro_FmNHoXv4pmnrO-3_{Q*b-vF1b*tm=e8#
zru56m18I}RzI3cL4I4VnGJ^E*3aI_zx$J89VE`uC(I4Z;s@^E-p1e;x$oX^iNwQOn
z-&)~HX(k~GYV&*1gu7ezKat6`KJ*#&d~v`6vtt>jRNR3kHn#|`gBggVMbk1C8o$(2
zY~#m=mXb#by#D;|>+5q=CO`Km<_f#riCjU?f(}kUHAP9|Z@1pjpvf^6Et>oIwj<N)
zPYH8|FhwkRW^;!pV@2E<^TW?G8TH5c*c96fevUi&-{A?sAYCT0$B-Q0Z9uS+?rmrr
z4v~aNknm;hQ@$dKb_8J)wcN;H^Fu0E5)3pA3=&$w;E4858e6S(LHAdu8=Lp4YCcaW
z-*A(aA8LKPhpF&E@BU{J`qwUugr|p%vm2v?1IP)W>Fi+x?YT%nU$Q~_k&JiuFe)&%
zFcvUwFwQXU&_62}5148g0E`~=*bT-Kdc+082?K=T`$GxZNRWn-Z$@b$E>12WCl64N
zQve9$<!9sMVc_IsfQqR&TmBCc(ASxko)+N$v+4i3v*LberTvX#tC`zrc{p;YLSMK-
zHv!Q0>O+(9zu6A(a{rgNjm6qZ&P&g5y5vTJ(k%Q8z2*mHBdLq&G>k|>I5n|p!{00S
zykC{EstOCrHK>7Qa4ppC^r6UcUTvTbqmaj<LS}k7Bu$HA4o0C)0nlh704&x&xWGu%
zVAo?y5aFWd(}H2B*5I%Leo#|Kya+LV#sgq_DL~JJFyV_)pvFV?k_aaTuBF8cKm2=d
z5}iYz)iqoFK#GoCjXUdt4Rqz3B@)P6yZibEUf{VUR#o6F>Ntth**CrS3#bWiQ5toy
z=Ps1cnR_x~RX%bmTB&YP&dR=~W;L(=mFq2<d`#e2N}1LTh6%Csk=0Z>&%JlV_Yie^
zQQAf3TO?0TYnph>BEHt^9~L8rPrHNtu2`CD9QxQZUuT{SNg_Kp+@|lS=*83@zBDSy
zz##isQ{Ruxrxzw>Zj!jX+>H?UMX4K~n)Jg|kxuZE7glq5njf{un;Zl&ro%)#>|x>b
z<OnSb*31kt=h-=O9Z@bFO@Yh#&w8KZeYJv>&aS+p)x03r8?h_#9FDB@b=Sswn+j=f
zcKSr>5VS_S@(s;*e8UBgzj)@@R!)wyRP*?%AFh(LHZB%Ym!t%yyESlHx!c8m+MkP<
zqqAMCQdIhs&|ST=oDiNqGG0+E?<O>#QWYm<^;VN$JaKA9s5+9olj^Y7Rb?xj00+~3
z|5BfzCDZSOrzSNN&B%V4RfGGTRXw&#-~|SElvl<-uB^wV?H{H0pLbc@d;)*pWCbLQ
zI)!rL$XxorO5LG`8>4v*VJ)VWXZ@vatEWRaK%rS=&MNiv=k*dr0#Er9+S*wEqm?>h
zaSr}s2f6j`-5fp6gpy>*{wYcx<oeJ6mQGH(g3S%-!_js_-!7ou5C~G8q;do%KKU}X
z#kot9UM15ViaZ(g5zd3<((>YsUfA1EP4TH<GKH@|Sp=SvDXprUJ*<c$hf~e8TQ8A`
znC$`|ac01bYsC2R^PW6AthN-t<N6+vXv<f=X~>!@`)buD?r-E|ol?@?s5MOYfXM1O
z?8Q+F6XSyBmzE?W+ad%Fso%>BYWCGaPH)so$`d~#R%l)Db9P}CX?-k?%0rwU(cn1{
zrFMMt<NBmzv0SOyp?Y1f`K07sA^|&fZ%!hNZH)9APO;uh1t48-rh#%}?Grj8N7XHq
zqj;w`4iuPuv!A7;iJsCSR-C?-TKM8zdM09Ylh;Jd!aw4avrpTEH}R?Z1=!@`7IDb;
z>)Ai2?xAb_Kc|j|lUIQI_kT+OLfi0seEk1q!@Qr3YMeCt>niuOtD%RLvmXn-zo!QV
zj@yAcukQmrgtU*SC8P{w8y{(u@y<r}MO7thRb#+MHzF0FQDujhGuYF4b#B@5bX9l6
zX|Vu!>NjycR$KPD((k_c{^&FlIp@-E!u?`9>#}3})lcZtcWO-rNrj+z^W3{;Cjfn6
z{0lt9p@NZI>tb`M>H4L~JVIUz*gu=idikV}2j(4?5^vL(v(x>0$~HO-dmApxRRQ>f
zT5H$>GZ)^t8Sb<u^HX5&jj%Y|XVj@cf@fym5l>UbUw5}(p}idEdPz#(G~twUemesu
zvL>nI=qA8ig0HJF?;zVys5&KN`y6OH!4(~Z!Rfu-@h)YH(#g*erM9s=Enxa)tN5TC
zTN-Tkf@O<;Jh!vVca&h65Z=#4bg-ta#rJOCTgh}Bj?V)7*<90sBRZikM(xufi|wDw
zgkw(ky>~Z~FTu?)(jC|<gpmc8)&~baU1g6W@NvjtjIsRRt;<ZzzfDyZIoCZ>*HP|4
z7$Zf2i#HQQYzZdUbQC|I8*Zu~DldV>>r6Dlkou}R)vJk9SA^y8^7*WP+yPn|^T-4~
z1+pN*2j}E%^JLkAD>M=MXD}$eiV{h~(h^=6l{umD9!$EVANDAWths_wza~Zh%IlD-
zO?&C<li{OIF(8Kqs?WPytxa`(w+fNJdPQvnOKM4DcC$GB&2E8{lRc0};7*JB5Q6!`
zrcA6*OeM&d>SSe?WM-b8nPx)7&)^m5a+QEzhCjRVm5gKZ#XL>>4UhN@tm1^O?9Ef2
z&?Q#Ld3TXYG5Pf5QmVGGfjCY5$Gl&3jtXEjv#KjNWik7ub00NK9M_GnS8A^pVC=!o
z68*&IpXW@UPu=ddaf<Fn|8Qfbx$(KEk7RbZY;7nVUWFT)Jon3s=)67ukf3%dMVge|
zG*)azG_$4JvTMAYh=~|la5~nSI^07|0ee1qacNH!Q0;g=YXYD8I!4{|9nYp>JxfSL
zTC<h90bQ0iyCcdT!0-e^8W~BlalaULjW0qh^+#mqcFK{1+Y8bTc3<gk6+!X>*8|cC
zM(-v4&Ud5!pbK*2Gj~UeoY6o>iuVLAi#-<;-$xf3CKuJVDAiMs2fw~}zt4SX!~UZ%
z^q_C8caoqLiyGV>cxTXm`r!bld|z7S_UDZV_J#N2<mTz?E4hgHAoMNnee6&Le+ue}
zCJOdGt$2>Cm&1~RPXJMnZK$(wb$yOFbXg(84!-x?32b4*^}cDB$TRrrA4U~CVFshj
z5QJZE)<(N<RC~gwL69|$t~V#Q?qfpsNEVR0JvnaH3A?XeNiU$?Ukx|59{<Q|sSe70
zI#&C`Lzp4w-0I{sCvJNQyN(>84$?h;d(W{>P^%osFSbVrj}ZN<%5Nj}K8Ctut?q6v
z;5f?kjw5Q{HtqCijw(ztsVt<}9APGkuvZgAxr<3;3X63Dr$3Tao3xGJB_TWrHsXva
z{ep_+l(;)(z9i&d;})V}j7F#w(2lQJ>?SO6e{}JYBk&~3^wGliza9SQmbwxykxsr0
z_;{Ve^eSjeRBObY;Wjq6RN*LN^-}qZaLM1~ADsJ5_3paQ>9)%6>%Rv6dfPw6{x_p|
zlNQ~c*f;B`U-YGG2B(7(%(IF5<6B59qwhs$%sGQGqKT#@sr3Qy4(gcrJ+RwSG-I#4
z^pTbgyo_bDc-e)WY>YKlB3d-H@|c#MSTpliDF&V-jnUkOGqO4-j2MBQ%=Ac?`*V+l
zA_i<Wth;T5fqt5o`&TxLnE7rA1_u}dO3u%PvG5qb+6L$6nus31W!UW3yb-zxJZ-0e
z?YO6U`@xSK*1{~|iPKBn{oC#o`a|*)5!Z$Vz=V|ecPfN}DZQuiZ$yA_w^~>P0y(E3
zF6D58sS$*yV;-zw#0JcnJ@gH>l`)>R?;Ysc!>X+3>)7@+yy8X2u^P7Zg&OKVR=%8l
z84|$Kbak+E{}Fv7<nlfU^|<DhqT=nj>LD9E{Zj8eHeT%d_U4#tU*4M#=Sm_&NZU=L
zQ`Q>n@X|ISM($R)`}a@IEbF!(ch)gFR8QW6SG%_ctWQ^1!0tDfL^u3Lz*@bDG%?5B
zq~RFM*k5h0oA3wYNQFzbI(92QCKGIeiwpPZ-qXloa4@qHrHId1jgQGU(K4jtZxr^O
zwV72J5)kESe*hQs01Eqz7cJckGqSj%S}T|nhsMWkY$(iZ+%l%L1qI?h&Cr6mF(+(?
zvfNciZA-H*y0Vn5NnmNXxRnX45>Mq@7iY%l=lRThq*_})e%pW3XHi@`MlI7wq#)me
zR}xt^=a!hro6ek-9AzZTk}*=(#okmgX3S@loDOTk%!@Qj<W`cg+^%m2OoWrPlhH_p
zfi+yM)Kadt$=S?OUsl&}l9#tha!{wA-PBGJOx83hY3-PFsVZmLFx&p+L_X%AI6uZU
zX_vF~^+{%(da3@$Mc*c^+(TvVRN+r4lu><DlU`P7qbylFR+W`j=BDstOlouKD%lJ$
z!p?_3{cDRC?KNokRAI1xP+hd5ehL8fbb+v4{ZUanIOe^ULG-d&Z|zALokG%)2p1f8
zVpQ{Amy(?oLxg=s>`WC+Pw3s@aw{U~k1p5e7`J!ROU5wHy3Vqrzoa?2MW&RbvsGn{
zHwce!ZhmY2g;d%}27h67q|ee;?~vBrii!+OZO?z#Ys=j%+&@;F1dB;8hU~saQbfIK
zK2giXz|-WTB<M)6*<o4|IZ@)a3#b`2UaqBd6Fu_WOvh+<r@|)j70<#23oxZbPJ|h_
zXPu~o8MKIPr;%Wws`}Bi)qGsxY=1MEV6d(1hn=YuZ<wUGwxBwCFghkzt&GLVi-J`5
zX7VYCa<UIFHMR$VTs8H{Cbywb-%Jn2*U_*lANS*_yce9*^r<>0v~LL6-g43M(8u3I
zu@iR$BrpiWBh3^`Ntx!BW#{gbY;KV&a_fw-Q%?0tB#(5GpUrt)1fs1Fu7=e~!{kmd
zn<k`1d$TVgRLXLl7({akf<nrBMV41=26-)Wr+S741K7r$RkB-4yxc;0mREH&#TjLH
z5TCe9!qHz-OA=T2j(CJR8x~*LFs%|+39+><r8?|laL&(o{umiwMeBul<6s$r%ALC2
z0cf$E#}!vTk0p;=B~EBBF0LFHh&D8gIvqLG*x0eHd#1g$_RQELktHhXQgzU`)t|^j
z3ntOkGR;U2_EWP>O|N=;P~YI`nMiuE2cx{VOKJ><Ka!zH+Md8!1?on<^crS%Vd4J~
z@mkJD1s{k9*yP`DhObP~1Sd#DHhXZ#JHU#OhNd_LI|${fJj;xB@ERUOWMHZwFo|Av
zd}aGIH-{jmDqAJyW-A0GOYz1^)ruXd)QtVmJVbIsJKZ`}Xm(4}iDT^oub!pF<TZMz
z45tUymqek=u@<$p5IY$7!eYiB%qpKL)B>dXaHZ5N;MkkW%MwYmf_GXjM-wOe{R><9
z@_ifKJ(akRkOfG548U%lN;K?7rmxb9mxv>H5nkB$kR@vpcahbpqfcO}=4l7=LhG9}
zJ7%ZjV_0j<wA-9u{)jQ;ld9(kTL+bqg>{6WTpRz1t~#CRIBrBhXd6;Jw67Dxn~<19
zvhN#3oM@P#{N0hbab``kv{M@l7<E{|1E(w|RA8)1f9=OhoHb15o{A(`=f{3qb(50B
zz(Pt|eyX`|=ZxfFw5@Fs#|m$}!}fBux5#dl@TQBTeWXEb{B8L`*z2w0mWE?hC0-`r
zV!2AS)8KgS$lH(R?8gLHU;Q9UMnhEf%s)Tye)k5pb}hSi`x^AY43BZ1hQphtnJvVj
zladIl@e7m|Sz94wIn63=O-#TXETYGE!!-s-)3m_7pOk(78r<?NJgV^cMO7N2kp^P?
zYreEsZ7AoA70P2z!k@toL=itPiIOr#JW)^sol(q)mKAIRNXD6xuZy2mmb+<33BaKZ
ztbN6aihuP1?i;72m>VM(c6t;K4gMQcdHkH9Pcnfl&j)JO<rVuETpH<KFRI5e%jb(Y
z?~`g1LtZnf$G*VO8F*f5Mp4fy*@<>8J5yNpB@fAL9=~o-#NiFd0Dp@Q<b*$G(}zdT
z3W9re96Cxw_=U~?h^vIA%bl1T=L?=HPFH?o4bz2MpB`ib!hve4K0(p9ZFv)Y%(RBz
zHw1}8xd+^2yNrP`r2XaVuu+cM*Cla|TGtD3kJ{E9BD!%`scw>w`M|zW=FWJlfDTok
zm}9~|jlQ=Kar`@JpI66RYjnE<xP4I&LX=6ZhM=OXAb^ORfbx~-8qS(QA2*~F6&Y1c
zBU=qG2e7dLfrkvCT%&%51VB0=a;SbN?WpXMsVscRYqa}r@3*Kas6><(6c!|WJ`iNa
z_{1N>B)8|fP_8}i6NR*+dTX2rqb{Q^qj=*uF|5eyIMX@guQ%g4Q901BD7U;G`7FO6
z-4g5~x+c^o+jms9i>d7|x@IWJutw4+#O%TgVgq5WG4~}ySd7C&1~wtH5FN-U3JWR=
zN-ACoehO|1UJA}rd?A!56m(Q{lvJE0RLAPH{D>&jQ`A!wLR@y*F}g-PcEA|b82uP^
zBaRhb2C52#7_tMgg_J{>Aj1$@y)#Z}_%;7N+K^CnwK5uI+8I20oI(6S+(EoS96OY4
z+zM13$VZ5xBw~J+x-27IH1z^19mKp(z7M6(MG`lEia;lV5r9GS4f+!72TCi1Op=dE
zDddB(hHmuY2OBy|JT8<S2o;1!l9}q285M0ibvR7|ij^L%>D24$57g3d#3~S<kT*DT
z5p+Z-K!}ax6RHFp36#>OePyrIxx#SH5Xh<0aHOa3co29cWKfEP;87I0m{Ht9q5*ga
za5OIwwy0WAJ0X;)r6>%j;y7Il{tUdMUCFWos_`eJee;kYye?`o27iUCkSVFFtYhLe
ztv&`w94e)T-@S`W8g38+nY+waI15TVF&CL9fK`T$?MOzcj=e}mxto|{thJiz2(*Fa
z>IlUFBM3jLv-)fe{`10-JIQ2nx(>xFZk-DT=1a6SaGw%{211C+q29V(zAKJ*_bfXo
z)+KG}x|5~giE9L!h!Uo#RA*oYv#`8R<T33UYTsi~mF?bYd-Cga##O8;`6ShblPsyY
z;I@?+Fn|cxa4UX+`c(U{`lKMpCTlH6^~lC+g*cb^hwiW9WLEajD8pNZ2*fB{n_2v+
z*V*-2$Xyx0i>e0iG*W~aM-P&`NH<p$>)4V`b^F+~&A8XB^sW#FRJ3no`{?^HXNvcj
zwmp;FY1X`}j|~TqMp|=R*z!LS%)M+GB$$iP-$u)fY*`}U!>pSl@S-q}VR1lPXI5-a
zaC<Icz}|c$Nr7D*anDu8d?z~Ia%HWaD=QlDE9r%12YM6w?CUo4bKIG54ex@(X8|bZ
z5;Mr^M{=Fm=g(*S)Q@C4(a%+94$79*kJOt6oh3R6&Y#YVm+=>_LSE49($A2p*T{9U
z*YXC^>>jD}=T*y*6ENN|W<eBiII<+)Ns1V4qHQ*BfU9x38lU1mZ9DU~Wdj&X+AuWY
zveS<-jL{fNx5RUXaIO?@Fj7CkLqq9D`3cE~h)A+i4H1mZ+wxIG;Yd#5dqB)2aU}No
z6n3mgLNfBG5%Azp6jM{wn)<{Le<Ipp?{1gn<_AXpLRH;vFAI_iKt8W2b1v+9^^0D0
zl(ej-Q0(<Dgx!rYWOYiZPV&-qz8R-?86ur4#oJ1O#DdmLAXE@AKlEX#i2rM?khlp@
zMdOUrnLd%}1;=%7D`@nj3d3UMM^dYsveV6ctW+z?nf=e}E?!<fZz2=r1c8Ps7DtH_
z#~kG&gptIGma4CdU@__!%`VeSVww0?grK-z<h#vf4C>tyw<Ol*xn-vLfskL=Gu?$0
zQnxtg@H3aLUU7L{5x?MePs@U&Z{c^{%fdB+;$EPf8_YP(1PE;SX;8|14s9d#WXTQ4
zPxbFes14zqFCHqyv8OYB=9Dg#rjjOOLp4UrgP(!Ijq(Zg6ZD%DS}2LAF%YD_pAZEE
z<op~n8vWtfbO?r|5D0}TCSFmVN*`sIhhG7KTS7G+S32aGnTK4+Eqf92Y|Jm9&;{>I
zcOHdI0KxfWS&(D^;yHLGb?W1_#(c!^iQenEE0%QLyU2>!*ir9FugVI;ofd~7#qbxK
z$H}}bGUtl$>(j}?x?P=`bp>{<8`I>Y<n^1NQN-E$3cA>0;S_-xr8Fy7o$$i04gDd0
za&vvTfT7A*8FGFvGMUgHIkBST;X(sWlM;UNa=phRv*h!hD4;a<XUOPVTM#Ty_056`
z#MoEDPX#Q|e>_F$?>6XJHR^#>B0BVilpw-wEp-Bzni94t+5prgn#}<F;DBHs1)a>o
z0J%&He<P#iig%8VYE8p>O^y!uULg6}W<)y{j_QmfA8)bHAw=x&>ey%$sbzM;fR^Ci
z)R5&v5Me$%yR_U`)AO%3pIw73Vm(tVE@BO0pYAEkH8c$a`-R4#U)|vu(%!QiN+M4r
zkC{Un`k5A#(6qX?pm9{zFegNRSmqhs9P1t}b**n7V=)#>GUPkQEO#EuJOp9pTQb}!
z!#UkJL4}jOapJG$qu?KzQE@$RmGoQja~;|kxLDYz>tlvTk2N4@0Lo$vMm<aYe)T=(
z<8pzw%xGxw%Q9PR19IxdJ-xkGteqzJk$0k<7-!4plF*)pV{d!N`;%VokZz0%gi$ZV
z1``Q2#7;8WSnLeknWwZ!$R{mj4af!!ETK&&hSxTkx@4eFDK<m)?_&(D<_+DM50;9O
zM)1ac#xY`ARQmTxlngghnd1~|-*T>vK2yv4ifReq!nf%0Kmo#RTVbQe)jY{HyO}R^
zGusy`Q>)q0eL+7b08g*%TJJgWO(?KwUe$|vPOul~t0+Zi(QUtPE@{xo9ewX$5?QlY
z3%jmppXKU_$?kf6(K0<qvTaB4Zn?NNJRG)xr$o(kq0VKk;Oy0ok3@DC4qKGau@PK9
zOT7iInn5EDr_wJql*zjILaC9)S_@g^xnNYA=ZxvT4sA)BrMp)(BWkhVx~cY?9d7R5
z!LVC)RS;qsNB9H33Yie`TC|-}!Echo9IC*JdAbM&ent}hs^No?6SlpkbCpq^hdS4z
zbxh@tb`R0=`NC`<5Cyh9ro_KY{_!)906PSZ8diisG`EHF%s*sVY6@nQK3Zmk_4cV+
zMCrCire9+F@@;}7rcimMst;_{kU`vbk$T@ojz0xq^%kgnz;%=S(B#lDwCxiXdLDdA
zAD2E>YM){YhHh_i?bGToPZ!Kz<^*9iug+^>1CdGBgjy(^UaGjztRV3BTeToMy<)2+
zxb+cUfnDyf6$wNR{LEVXBdPtXm=BH@^--AL*XJ#i6g^i`-*2;zQI<YPo`ip_CqI<l
z3$WR2ZE++F6wF6At|h(rnx(NqxEB^$OL#$bx#2+Za%c_J2XFfXFtN{_5M$(jk~^U=
zZ@q?dLxI)revEuYQyoqCRYm}gqj$8MdGj*hDTN>69YWAxlh>0wxSHO*WBLxvpiu8M
z(JL6e&)e2T-NAyZeIiFb?wxV1cUZY*6BJ_#KN%-Yi)Z4BNn*_xFTWC@zr<I5sr9uN
zC$}@Rn7B<RLr%=k-|O(r&DgdD;owh<&tLfYu?yoU2Y-G8Qmn3L$H;Ly6TX<*?r!iq
zpgY=+@1`6QSs@hJjF=~!^tBF|KeaSnBrM`d)jmw`GQ1X5q`4V|IlA$DiG7cCA1@-c
zS~wGUbV4@7iG9gcV^QlY-c$cA;Cae2a>|;mGw23?g<MQd%{`EQe8Box!}N;A`31H=
ztZ5(W&I_`xzT0p1S4bOQ3N{4>CmM5{eqwcZg;Rc|o%k9zB@CGJGgRbgag9BB*^59Q
z(k?#ZoUA?gO*z=l5C+|nxddeRlr|t%(bq7tjYB3#Hgb#AHaLL}@~WP5g@eZ6NfZca
zg?}UM&HDy~6zD&lwsE|NFj=JxBy`&1Y7T$zsy|7iaeKDPlkz_0YjRM|XxN%V%1~H6
zs1k=QooKSx2e$;Q!1@Z66Mw5$;pb3alztG=A+t%h*L;dN!dmU;)6UYF0KKD)_2;^i
z&!yuKf|0Fv&8@-@e(bos>G*ugrgY{{M|tqm*lYS!aP-0-p4qis0Qo5N5^Q0Hm;=|_
zsqRne?SPx4j$#2Kn-Rw{^b&U3li7bIy15CPKEeQGe)+l+238=Td07e^GH1pJ#MY@K
zv_GGv8#$L0O**?f$nN(M#M879?sGUg>zFIt6RqTEJSRIC9<lm`&{+hM2+=H8Ps6Y3
zn|h)Y=;WkY$H_Bku8M(2YxMlC)*Q$`#25h*Q>yFPQ1-tbIx&}VPN-!C`Ix-RDrS%y
z3`atUIFWU9t7dAksuUFGm1Rd)kN5!tRtzj(tozn6kgBc0ROia1!E9;FT7OCGJ2f0M
z5~`Zb!6JU%a_kC{a!oK#*Jb+v5AUSL8^!=0imm*JWWOm9_90Cl{8CJwx2U4^axU$g
zd@?haAU$9DeDaDgnJC_lAd{ai1$}_*5Ar}+FP{By+Q}imnO=wJ*5%VW(b(_=UPJe!
zr_}oD5Sc12hKgraRxcXph`$IO$hMR4uu9L^Xs#!WSrsah!fp*Pg5_5RaKcw$HR$N*
zsNTFn{ADaE<TZF^+X@sFWL@G5Fr0alwUVqyDKt=krIIV#Tj?MoL5g&_ra^JVzcezU
zs^+X58<8idgo~dfQ6Tuye3)|3rhq!x3MesGtRelxa{DO>Z~f_KAU=4hC4XnGgY#9G
zqxSc)_pSXbT4#~g3u1G8+_v&9#uziU>6QG9+H6|VSin);@BOm{Ww9utE7wn}-($km
z`x__A%7??XeBNI60evb2?jF1F9)A(E(s%pmyfy=5x?1lP7B)(sIUx7O>#AIa_iXaj
z5J`c4i|SzH1(~U`+6x6WA*|}s_{A4)4x%k$QfRILByE8vYzB)lEk)ohi1es>!1F*S
zI3e1s8rQ-PKPp2OE4R@_8pRn$o0C-RO?fA7pGjI-!M)XYJEEg0s08oym*^C=dCP)z
z;*1;0Yel#V#`Jkwci%CD&tgPb>*+MAF{@&#497QF6&1}@mo?8OZ|`UeZg5y0l{_hx
zX~{-1QaHj+FKjShnU}FjIhpK^z4WL5^kLjb%~WdD{k`O`#6EW%1dU2!yq<OP;#c?I
z=o(e$#_5kpGw3jRqwZ}6DFj|)H}T)vsG)Y}b;qv5af{rsj24zA^oM*OoJ1d<94anE
zxm?}2ImE{1Mq82aR~Y6gkR;IHDlYUNx93;0Y1zo;{n<daiIgmvR2~8sS~c6iGQ{p~
zxiHb~;jo!ym#JHf8c!a{Cl@YFPbaP1ah=(I2tNMsEnXmsigpgqo(!)LSemIMbZBql
za^I1UT3+(9%;Rpyvugxvof$pY$A*SO6fwU~cLihtAqC(RbXY|1TIu?ksaHvm<OJUv
z53?VcqDEf`bev4o!BmlerYhcG>(d~YivH+Vy+ofzBR)OWyHs_fRLgb!RL?s<)?P<v
zw6MPW`MFe7zSnZ8w_2yg$1=(qmX>d@S)OEXS}5d_VB@BIuIisU)gmK@Wk{+B6r?e-
zc`<GQ{lj}uSKfjx*q+KXI=`1w`aCyRBL7)+O&r+3f>d?oA!gVCMswsN|3Zr4cMs1y
zJ&iNb@_G#Q*QXEx0UZ~!BlAOIkfT|=BKr{H+5|`s8R^u;CC`uenj72nWoB1KR#BuX
zaDA@Ei&9f=y}t*q+|5~2uK2j!GIYCWA>>XmIN*5@lT`aF(gWNj0nR}tt<Xh%aFXok
zAfu-phS=alxccNtClMBAjIM{@>T-<WlWDWi1tJ;#%=)1meNr~ZVgbpctLfHBtQ~Z^
z@Wu1{R=exDkI%$^=46Vgt;5WIFO+>p#VOC0+K0}2BFL0tT==weVXUgYJ=#`-<WjVv
zOuG=sD|^6K;c52@j-x)4OLOL<)Rf+AjvCl#Q$ZchIibdDXb?&6B+l`f;xX)+?uU)h
z+)EKOzb+$|lPf1o2BpQsG<_Quu^tDXEp=bQa5Q8qY}QKj#HVsZ_lq^3`G(sCu5x-Q
zrM`)+_`Tp<Zy&zPZCpRy%EM#|N~6g2nx>NeQI~UcaXW-Z+(xTTTE=E)_=)p2#aE`E
zqr=v1u;?2;704e{FX#C&zv5U!g>a0#?R-EgF*8ei#qf)-M5_eN+Xzy;Dn*h69=qY&
zhGhz4^(RjUxwuX(*xuNAO8e_O*8sWc`IKj`zRnxHJNHtFQ?4D@ntqX7)rTLB8GDuU
zn$M7JcvUCyTk(=oa_Y;KP#*iMZAa?F859vLX{_`#+MjegF!r#*Hpf$VgB!gWJ~4T{
zg?)Mb!5+-=+p!k!3PlBlgeY8q3-CdXI$g`AhK=y^9HJO~AGgp)bZuh<Q<7E$s)Thd
zig+t|w+uDiqDj1zNmDb;hk<s9+Cs^a!Gsc@{rU(~$S+>44DUOdrumOJN#=%0WlWX=
zR<6oSiZkT{!0(8<+K(>YBcIRDb9*Ju&F5Z`t>)f6KWpC4?lpH{Bg_a;%VJ%V_0Oq*
zs4TpaUOPUFjy~>jT9fgMC-2jur!Vsed)*e;OyD*@besu0IWO2@;dQ>~c78r>t^l%j
zt++gUN>QTD^%R$iMR#bsG=@1^w=Fe$ZBZ#1RFai6)8V5c-+1li1(r68G_27rtDO_<
zH2U=}(t4Ih)$=GbMCPsD@KnV#Lvf2^=k+wk*8s8EjqetDOWS)cD^9aGL?S?ALy@%`
zZ?W4r6f0qB%#+e-WO1QiPcgn+?4G#h?S4*<-ysi6ag+_cF}KK&2*nN??@|yvFBTGt
zv66K~6+@Tp*_+{SH_S{Xux%)>)X)Ha?yD44SR{!-gTDqab@Le(#tQXtx#k;*4qbj9
z>q~Q3iP)#7h@3fjn^OIz#omD6q`c`Qwrh4WZt<qN_taAr>$B1?WAg6r=yFSL?&qxn
z-{tNLV=xSxtOl`9e6p;!Bqq^!L?+#SF2#$Kw@8zxCTArPyv1Fa{~)>EfQR3(E+u_A
z9<pR3<(DNS?q1r&Gg<`F;7TcrQDc!m<SLTJ*1vHrja}2k+4K({$oW+}8R+X2SljCI
zA+D2}R5R%b8Kk&F&C;M*1VOgXDdSZqQ!lf<iwn^`Ps+!P&;|Ixkk_^=*i^kwLCS^|
zyc&fYR56CQE91I{{S0D3hK4^m7z31K+L(@8Ow(eQ13>q8;7^GSCij8KV%UimC-1oB
zq#?OGtLlYB>Gs66#^BFFQf@Zwg8ZVqOShH|8byG_a?Cl}23}cSR?kp64mPH<p@=hW
zB@}!al}cWwk0ezYB(F0a)!h_gIoX0Xk1Jv<UX+%77t<cDZdz;{%x5}GI%{h~El+ON
zM&Z^LiZQP4C6|ARnxppZ;}1)e_gZRS%K4RjkkmS5J1PKe_xpSV&K*MTPdb%;kgAF8
zu$Hd6vvPj@x$9S+iq#2^b^qf#s<*$}-qxjawS?2++1*y%;iQU%9zU-skgAu*%9Fd)
z<uv=S+IHhesCDB)Yhq{P@R!q3)^%!h#q+?+By>t+L(Qi3=YjP@I<)JZWazdo>6ezN
zMFKC4Dk;_>r3b-zYAHgmkKXUJ6QISkwjU*@7a!Gy&)fNjv+cO_=tW(2Tt|)k408~>
z)ut!)Ss@&)@i9LaIXaa}%pR$)@{CHEv2O9JXC5kP;$V0EHWX>UC0^?SX)ivyGjMKT
zqKUGu%rIExls>3dCEGcU^<#|{rW^sW#Q4QcRH$i@<6v#vVBx=On^ruVW^k$!GM)Fl
z%4uJAiX+?Mjvmna+<5_6lK-N*P8xeQ?cXRT#6|EUb<0#|_+>VuOk<?A00Z?j<BKo(
zG&D5S`Z;v(%};*XIlQc6w3b)Rl6}W0!n-VHSup8%Rly_HJj3a<`Ew58`V7~#HN8Cl
zG*ss>JW8?OjhnEBt&Af=MH~6;@#?g_zT`#P3X!)>E<e9@(FbYIyPryfv2A5t0z8aO
zwM)BoY3~g#!f;yq0y?SMvyN2ha@39qXo)L8-A6xp6&G%7G*vZY2YZ6(VM$oN)Px5|
zf)8i0`)eX_#p0sBTcvxAGlq&(u}d0C<KFb6-+H5bQJFqJvn$?PQ&N2~x%=jMTh)EK
z;q{S3`VmD@ZjS-M>eUX%CYtMQ8ViLjlhFdFh%8&b-rKwtRL5BZi?BhfnCwL%cL!aW
zp?9)-GpO%Dimd?VCOc2v%^A?n#hJ_Ul|fa*Ah_=BmP0FmgIWwozf2-dE1Mmkfg@P7
zkf4!}ox?kQB0dm+>S3&xzGY<Zdo<g1bp1Afqg>liDN3hUGg<fO9V<sd^FUqpLY;;1
z>+FFEI7oakDICTQ4047bkA4Dqu++-|OibF(%JSj#Qg9gQ&>q(I)D8wQ-dmB&E<GLQ
zDzAi`bgk`{oE*jT!`u0z`@^7`IE=UeJ67shqgl=DQJWKD;)edBlOk4$yUS+Sa_&6E
zYxr6_1}?)Bury3Xqiv^TUS*`jFo8mf@4Zsq$5D3<2^y0FsZ)X(5xA;B1}vGIU>4@w
zS441<1wR^|n0jbl(bSI7=DfSY97EQ#3oA0m2#n%2%L9Ex7`z*{cgFvM5Wx^pxiNId
zYCc2(+f{~mm6^YQ`%^xKcEPapU96qY_%usUiCDozVXh);l@jNd{eZ8Ohk_?Jtz>$a
zu#5v+UQJC$`zM?(hORG<@0RPVk9KT@&$G3B#u>IErq@Ek58BI-OYLEvjxqWi1mu&9
zl{JwVG^{he2UOJ&!PmPpDK&8kbq;K}0VfRhUsrOywVtL4ev=k8NQfI_mJn8!1K$v4
zLti-deY3`8eguQkw7#C;9uMgaT3D}%55agXs~l@EZKk%)!thA4E(=aVH?9qw$?zCS
zZo&=2K3DmfS7~N1cE}HV^RajZ*-utz_oBb#B+czHhPe2cPS`K}vbahM@>`w~dhfAu
zB_tV~`RwjS2}NbK(_ggS8se4mR=mZ!G1Y#7svv*1`&R5`-YpwK+a!UVlukAP7L7N6
zVba|Q!}2p%>|3A;CFZ1x_sFY{wjQ8Wk40(mWu}_up8!AarVb(?>En(HL`@cVZt~Qc
zxAPnx9Q1HpTCny-aIhG;SCH9T`t+vJgx+6zW8RE8cNe5-rGm&!E+qT<&R$S!mgkqn
zemF&U7_Cil<Bh+ix7NlX$`Z345TP8kh00I1S1}BQ%4s0{%yeq61A`^~eOT_ty02K{
zaCtXph>&xAxK#t~9D@EI&YG>MD^bU@lw(v`zo<eqt-jTq9@Slm%<r3w@#2fjlNHG<
zrFe7<E8}Nxes-k&meKE;950KEfadKt{bij$WOqYu!CHN?WweyaHDCG1O68Lt^<ciQ
z1L6#N8VHIg#E7S}Zn!xmE?76G3?Ws=<9ibg!%7R|C@~AQ9CIk!xz@8(OFqqn=XYD%
zCtn8ZLS1<%2w#{D75h^QMnz7bUjoSWgv@ODysk#{kz`$ROt<p-cSY)~aMhykhiB^o
zf6T4^NSZxrF6d9pO}Cl3;yV1U9@TJTLYEmUdZy2_`TqegK+wNbBs9UEmM=_4oBdj}
zyLDSW;gGsn{883z?b@C9uE_)#k+)+#deRcH%dcu&(eh4v(yc1LqjbiBU2eYiulOg3
z7Nh}bo6;lROV}?E2GODoGj<DVadN${yRlhRc`+LAh-2~4EPB&<;Xb5e?v=4C+&>jo
z*t3WgS&7)iKOwdx^IIB@e(zkq^xzMU1V?jCW`-0=M2x$6B-6gV)9LG*Y)_S%yo`_%
z;9v2_EM~o|=YbdRf8gbZ`=mOnIi9evddg%s#W&wo+<fn-*I+S-w0>xjK#N2(&?4k>
zy^zWMGRNfJ4VhdtHYJ?^@iTs&<h4|ZudDK~&BIUp^CRUqI1MyE{L;gP@}C{~BinDf
zY2&RW7IQxF^Ltu&VQ0@g|6uR&O^LZ3p$(^jT%kRM33&2F8^^%j{fyYIva1lWaTb+c
zl(Q(uk)nzz$pr8Y#d$%^at?!my;P%DSD-~Ti)qm?6ye<SaG+Q-xFiVhPx%bGMkEyz
zgjgynUqbH%x5ynPkB;KUEY`ASlUql<2`)@Vk5*hRi*;PIItTJC1xD{elIKZ)7Qgt6
znWjyM*+c?Um{urs#4Oq{ZJ*FVU*?zyp5KgC>|C&Lgp1G}PRSMJzd?Jz&`1&v?ODc}
zU_n-5z~IdaIsU_jNSV@kOmL{>dno>66#gvh4#UxHy!HpeO0<HSxNq8Og$(4$Da0px
z4toliaR;hINW_JTFB(9RV~A0(N4t5qdKPUxAKO<Eat&cYR#5?2#pQUv2G=|gfOVWe
z$Y+@v^JgN(v_O#@xTU}U)TTsi{qdZw%XCQyqztqnL{C^98m(*XrfuPK|NO+z+Ry*$
zZ1IlGX$_5^v3YgSfMc6a53j#xV@M)-jncS{Mz==nbCd@R9-%}l7v~@P*_nG^ezc@A
zTh!r-RtPNtPasL1hb-P{p2hp(45AB6GPCG`tk~^d6l3dXx*Mk0v;Y)%pgPLOfMU2S
zs2~p{f*$0q0NS=uykSx3XUlu5*Z5mCM*bXnqIz8!JNgh9y9QA~cI}HZlzfsKB?{r~
zGHlvI0I6_~mRR7UZSxPr-xf=tMM%Wgt|5Bxy^oP!$5`a=fU65IR$sN>UxTMLA=&RB
zF6`x*a9G=vd=5Ja5G0MAMzjcpy_S_ATHmCTR+uLhHHmTL8po?eq4?&9wmO9d;y8+0
zas1Z+IQaZ2yFyrgaf$4FLZvOn`cgItA(l(Ze?ZeBMu>Cs!bNfk`d(QGZJnFr{}A(5
zFD@6+DMltDNZ>6ZxyGa{KV3G<^hznhM;Yv0Fi$<)Rjq=SAe2l3Q_q|yxOl>oXCCN}
zOXxA|U6pdKZ1wZQvoYuz@LXat9Rb1NxvGS(UZ(WEibTm5KtyOl@-rb#*bAI)Q&#Mh
zM5%DtnF6VPZ&rag8z#b98n>_$mc8<dNI9^^8KE-M2G@=BkmZ8luAYpl<oo5wC?386
zAfq8)piMCk8#7Z_`4>b}hdpeT;pJaq;4aHXO;m*aRyZ56F~1^yBe4aWz2EeP=8YzP
z^`{CMA!0;$<JEtv-JSA><j#z5?lP7MG`nOWf7Q=AfmB<N$a#knZl^O7G4KWq#@skb
z2Xrv-;d|;0rs`n=7eFgs98y1Oeyw2fY#=s^;C0ZvGsynLA5*^W$XZbhL&f@l(-}61
zBka$WHltSjQ%|=YLopN;8v;&O&>&vt53vFCN4=lvwD#t6)-qN<8L`TuE^i%tH18T3
z8FHgPs4j|u+_(-z&9fkCLe|F%`JS(Fe9zY*-vdIVY_|*A4Y_YgZd`?}A<pI=`q{l_
z{{GyWKJb3(g$MHGcTDY*eZ}1!CR6)FUtv$yj5*Hz;?ZL3z5nI0Ge7@Ksr}v;pBy^9
zC6*pPwPxLYTcYXl(=cxXe|-j6mj$4&_<2@v3HYc24sHrjfb=MtCP~Hv-!&6VUCMc-
zhO3qmERaJW>xl#WnU=#}y=_0|l}QT|VbPGU=<eE^_m=-H9#I7h`;R7DeJbpY@lTJ(
z%FoqHRUo8OgZtN~2LSpnUob{Gkjj|f0%J~sJk<3a5Kz7`6PE`SDY(I!ZBfARYz`^_
zIGk>2(PhBkFF>>5o#INZ0f8&=U#*Wb-em}p8dT)zka>*w7GrM?2UB(_UXofoQBR>d
zJ%Cr%PJViCv$0_yWe9kj@^zG`{6huX+Iagd$&P?VC8S84pybT&eHm6+zPmQv@3C%Y
z{$PLO=3IlEvWDBdzcO2}pP6GWb@_j)Jt^oP-Pitr2Y@B@Bg5Z8y0B9h*c6+RTHw}j
zL>jw<!agDjKt@#ty!7p}D1E`wO$K-CA<*FstiqcvB|0h=C%9p5BG7*D$+3o=Lm8Dw
zfZ-yBVxqb2?Vjd<&eyee<JwMN%brgTMb`Hw<U$h1g|wIsv<<}^Nw?D9y>8RGE<f5b
zaOZ}o++b14G&Zfxr>D$LliU_EJL6u5FPYobRX8#fkZKHasm^III@BVaQ71Qhwaysp
z^d@pUfJ98d7PbRhup_qf2mw;^v{pvQXVLVuX@cSmwn|1oY*eRR*8-|xyFz{qraN!k
zBDp4#K#fR5I3{91g7{%m`05KaEw%AoO|T=$3!Z-;@NFN6SV6=M*@aUayKwpf#ZJm6
zP4jNuvDmFwqYQlQ$G&yzfo~pbV=M^|Tm-Ua1|yMD+DuzxtUqd@(Wj1n{^sW7?kCS+
z`>Xk4?rWoK(<V!LpdXv8-s9y%n8Em*NPG&>f!vXqaq1|YW)?e@rD&aHQcG6g0IYer
znvg39xoU8w(w?hqe@4oj?a8)YR!)}xo+dTvc&yPv6Mw<pBP5noD4bA<=%8Fp;h;cQ
z;-7W-)v)tOcJ+_AM6RL<p~mmx84bZW7+)*0egT&;x{%BGVpgGN(vyKno{*RaS~VtP
zB_iX)GZmwx%+;Q3?e$2>uj5}O<?d{%q1&S%%YPQ*#^zKwX`=Awv40>KQz95kTWR7a
z*bGjalc5j<*!+|kgBm+9_i2@uSulNt?CKo$fkI6a1g(<K;n-CL5Cy3YaM+&(w)|g#
zERx8&XAw8{CB%sMpdb>4WWoquh!mbgpoi;VPiN%_!?H|xl4Vr3NmV_HGDMS6Jy0R1
z#SGUm!qbm+on&4iUMuhMd3osOnF}2Mp#e2_1mjJ1sbH3-W=N@}!5wb5U^-OvZyc8q
zZL~>*Uz5^Lky3L!l+37U#XFNRw?aUO6%w>)HkYRvIYkH*t{{3D{fgVK0tidalz(Zp
zqHd`Y{6_6}mdC-&X)yB_I6fl^*_m6WB#aTBd*IfC;{SA3%-AON0_CKjYNt_-nt7dT
zZd{IrsWa0`+A&MYmsJvVYdVs)Nys1L-zO!OWU#SW!zj^n<<He1^&YI#?E|V3$(Zu(
z01C@QIH?AfiXpjcZ{xS)zl2!_^;Y`2#5$04w#*=2FVZ}Vt;xz2xDNey9jcpUQs~tb
znu5Es#IV~Wm5Ou*W>J0C^jjy2-|7666U#b>oZFqa%xQCC4B>PVmf35+%}N;=TD0ip
zXvy+^qyQ=XtQh>z_GXqT5r{roS<ngci}+(><6~SCMG(>+he4FN%$0&XgZKY;Fx*-L
zG&q)RXsEQE!Wfrqs9>4O9fFH`LO!o(VflyOt_}vment9I>vP98#M<tdIkrLJ?TmHo
zDkkOJ>bJRf+rgH7Pizmpx4mtBqaoMPuqk4b%7sF?G}qGQ>AN{Ua9h8-G0+iEo1JE<
zk=5DU7ME4!Uw3ZnYf5+0(UfgWK`e3CwYLd`JcI<0HstY&Rw+m0C2Tt=n1a}SSuvua
z8XFu08LKkcv01b~D`5+!UU@OYal;w7bu~+ts@yQ_uF_>HC<&_K;z#_7I+EF|S(-Zd
z;8lf&LWNe#K|>_9^V3_x1GzPB+7PhX{054##5|sug>m-u<bAsy+TbgHpa^s)4Y6dS
zwP8m?yeF(i|9I@Vb9n{Z?BBty)KD^-bXAu%%PMEgCLKICeKfOwBrbI}`pW;(lS>Tk
z2ELmIn8bm<iZoPLy{62F_c`nc*X?LSY_*P9H{6=5DiGgA^GF<+B2A;Ec!-;Q2=4FA
zic6KQ#bB-N@p7Wl_V}^BXhHvD70n2EFe6yNkvVWusBbQ8i0t{&&FSvrU)kv^bvJ0m
zB(9b#*i=5TbFVR3N~ZdoSc#Ys65lqu^fH~pD9_$GbL89$r`x4^t5&9W8JeTO?Ed=E
z{4E8KjkQrGZao4>N=T5$k)z0M(|g8;_ruT;OAjOFS!{gT>m64=hm9j5fa{JR<46#-
zWa)#s)c<bo`1iy_e%&Q7*&>odd$ZK$5@N=kMJZhLEuF^;9Ke8~f9{nl9ZC2PUqwKu
zn|R|DZpjctN<KK&S4Q0Yh4VL9wgT>m<;9~}AVjT>Wh>&uHN=1JI#<|oXUWN!<8Dvf
z%qZC=Hol{=`lHxPr}`pVvxgGkYK7dHSQD?vve4iLvJ??GDbhCet>+}4-GAR2xl?M=
zH{LdNBE7jQpujg~J6iXCV%Oa36kk|T=v-%^!P473_pRz3;z0~G1TwZri&v&~nVO?U
zn~~Rn)nlcNL5I<$lW84#PFrWccRWLqhHR+ww)Jt6Vw4JAL*%REVdO64)C_WL-ylAV
zZJo)d2c-Zwjc4g(TXGP*j;Yzrv)GX=b*%W_$cA?cr}77&b|#Q<w0HW}QWBtT+qAST
zZ-$%K!=>(7)O=pl%T;$B$t#JPnm7`SOVL~diu^|)UR+i{Rn-KGX*88iA&6bIb&4RW
zFqT~yRBu>&=v9L*wfD(A6OWEZo`)h-t6qq-sO@^CP(X<YT49f5ti@aM&Iy$oN_Usa
zlkvEkyc(TbOk!%e+!^bMFY<?a@5$~z3v`HIG<1eK50A#8o9|mcK<RvzbhLbUtWPKw
z3N>zXD5j7yLU!=@ZuCMlZSm=-RCrBDtMz7F!FIPy2R*5#Mc$Jf^*#r**d%~)ydPxe
z7s&$%3o4+;DshN5WiDZG&tDX~HA|@+y>!NFBBX(86b31<FDup;YE9;SGg)bgELIjM
z`4G$_cRrztKjK%^_y5#qLf}HRV2;<Ek5gD0f05Grt#+S*Uh~&mcYkV=FS+y4@%|I7
zG#ARv%=?YI8soX3M(OWK8RN-DyR#a$cNIoJq}~O?d0Pwm`)UlIOZDXABa;nH`$rQp
zXW9p)Rsd4F2rx|$NuhY9vs9&Wgy1<(!4xQ`fZQB-NEO0Np%(~<A9ND5gb;E9D-IFc
z3G6B2+XO}s=IAWn7z*FBcJP_#n`}Y<XGAKOVhUU;)-z~HtOp+u|0Qd#MCafu05e>v
zz=yHJ+s1-dwvEBc{Pjw^X;%FI^wC_h6}TKLx(xW)+sJ82h+p)(=YD5u8SCtt=!?lf
z{K7FpBx&A!r0dx9@s{@6|91bOFYS)Ki*Ff^<)Q`*eLoV)jCDFyI+alAFlcRBnN+V+
zw4V6xoyWd^wzuo(Q`_wO?{K$`MnM!ZTzen;EXWhB$l;1kv~t7*lSC}wp=MFbbYsrQ
z&dzTFuwBf?^7f)UUv2hCzzlFXId?gEnd=gwZtQOscj4B@p82}D7I1hj9{VgIqCgfg
zICUnkk@>Qi3ngD>%n7$UZlMpUR3x}{&|Nw<?CteIoc)f)r4kB7LWQR#IKqd7xkxpL
zV=wb@pnuDQTOtyf#NY*XYPj~c;24m|Byt?NbtVwdxT8=U8EWex@IEuF(PVbd0<cCS
zJ?$Cl@S&{)c@uzGGdl|Fd#zAlg<PZ=%sDIW$)}3$yu5e>;H~ojZo$+ENdowOg#&Gu
zlU(KmfjYzSrFBabbr?(__;6CvRru-^Fq`05au>jCrF@T@sbDsO5mFw1NE>c-NgwCq
z^An6EzCftH4QIER+M9xUDUON_alad6T6g!Fyl*Fu@%%jrLp+hTH3E#cCbS&JBhCo~
zA|bBywE9<6MQQVcTf&4;EM~-F5Up1SguJ#y&ygn(CGr&VrJ2VcKll{X(uGsw<AqJT
z;MGCZ!Hyt3i*3(}3--c6@Hz$Ryt5Y@&YeE>RQ?M<VKblXJ+$i-)R^L2{`TU&;->tX
zVh2qHiI@~3<>nFz^&2aAdPl*>&l_@_Ca-Wh?BG?J;A!||h2r9JY=&?3<Z2{dwTl#i
zuAnf@hc*Gniq^n4S=CasMmVeRSHO5`XG07q>Vq~vr`dE!FCkEoDekMG_nn{E;H$^?
zHfzOJSRZFAvL`4hO=^^XRYhLq3*gFAZ#ACM(V<YUfdRfKkqMQ0hq^g|zP3n_m|<|s
z1Dx7L5_*Z+cU28(CoO}OGccrw1i+<n1>53Zx73i98dcZk2ew4O-vS4>#C^a9`$lto
z>?3{yY-b0uWhR$%j=JHoi4jH%@fWq$sdOrlOfn*ZCbBs<njeH09lb7X6xhl$nY_Pf
zE;4y!-T?SOco`Z%l3OdNIP|>qKbGno^S6oL0AVT&c1?2<#6YNmuhgkvk>f6_f_}Di
zbU2tZ&@vH0yc+{T5#&cdvM@RIf$x{<eY{)+eISA!Kqh9A$@HWe#?8%EYc~xAd?1_#
zZx>6s?n#wF4yuZoy@l~!FN~a{xpX)5L#mW-D~9uiA^<lX^)WM(flkKr=}^X8?)I!)
zWPIevS*c$HeVkZhR$A$SB}Td`Wj<gAbqfOKBGX?kV0PW#xAj!X>0G6-_^3gWuUQaY
z{-Q^KT|a?5GV{O#yB?o_aq!USXnSb`%w)Ts*p=eqVLQ{l3%m{mp+0OUjvRVC{|L14
z)4dZL4naN0PUQC&$BL!A&X_5BAd^s<F%}fPIT!}XY8Zqp*-AlhX$V|i(5n=R|6!re
zf&H)LB3<YGeOxVRiSf0hC&R{eHdI**plGoxv~sjd+<>bQvgM-NjntU`0b!2Ik+4hp
z1foLLAw%caAeXT3A{1f+zPN7K4sD|`78=f%pa-_*>>;4}nZ}q5mCd3jFOrRUwrJqo
z@RciL@+(yx1LO><%70wCc!=MCW)@H)8rXJ0;1YY<?{9KQB#tJ(KW&$&R>>*FBZJzo
z&q@nPjFt;z8ndP$hQ80T#7{j*n?zzudfW-SRBBIrkXlV%e9{q7v{dUd#=L}p1R>Dj
z<|QWR=OlItxo2i*D102sX(lulx*33nXD?DA@XBzf?Vj2ihWSF=-Ih6?uSjj0B)gA5
zPui8+n%@X7`g+6m3``r{`DC#w&|2Dn<jGi7tkuSqf8=~eS&s=<mGLU#CYDJfOLZXV
zmpIY^f7&6HI@10?+5vP>@q+Tqb!>hOTQPZqL!E)y1*k|9_0FrvqHc_#AF$pVR?!OP
zEtM|GJIiR0i-Gu`Kn@y0x@T-QS1$!q&yc|d%{`Nh_V=owxp(ATwPbF{lU1$MZ2Xl<
z*z$brjDr8EDnXnU(e6-CbKTU@)*Pr$9nO!LAu5?c&;;!I7;;NiJUSYS+H5p0lkL%H
z>j4Opr;d%s;EmpF>#dxSW_IVs^IPCWu{Y*w<??fHzOh&*v6>;zi;d6EKzIt}hZ5k2
zwc?t91x>Y(O^K<BfNwZtdlp7)e>HX2BjS%2mL*H=c0oemwDU)RM`7hTem+}(QH7aw
zxscT4B-6VwiNM^gl`{jgXf8{Qm$La}zPVW&hMF<w3J3$4Ky6-7L@N3Kg74rkDW{Ul
zP$SA}@7}6XuCK}+H9F!t<RJQuB~^Iw_F-?oODe))(JoLJ96GpV3?1Pym4&G?f#KE)
z6DTBUl{4CChD;##?h17}9|7vi`X5trxZzn&{kX#UjrGlQeo7fFU<Z$npg-XyEM$TG
zKZ1N>roG)b0EvzZ-mP0DH%noBHx3%_xEIP@BRL>3f|vJhBp&qMk-s^A+imgPP}1vi
z1Nl6-xRCC>*Ch2qZX=#|6xGH1fm+TBD@8uH6R#54J9tb~N4_owMYXQl8xQBpsp!LL
zPRK%8r_KF9*5z-l>>rRz@#o!;OR1+`(0)(x_7S$%3)L&6fqL~0tr`AegtqYCRj*!y
zf+KoQ)azq)ugOAP^IlV@>s)EegImKADJV27W|s;CLV?`V8d$fo2_QIPDnEuljsF5^
zM+T5_6shcH7?j0?c$2G;EWA*_Z3VROyPq(qo<W(PjH1?2R6mN2{@Y6$RHs1^ja-At
zG@9*A_+MJ{0eh(H*)9y}Lc3mSD#*5=a(v5+S^FTjnl`>|tmDeq7(m3_;v`(B1V4_w
z%Dr)mY^LnG`Ulem^!m@9e{^fti(MGeh00cY{I>Z4EO`D{b(IfTf>z603+ojCAfVM%
z_F`30MjEaPG^VR-16myb2xy9}t((FgcGl~a;+3E9r?v8ZT2*StgKL8W8b+0j{Hl0t
zIM{sTTSssGn>|s5BW4Rm8-uPudglWpfsz9?DKzEp4fT1NJj$UQ+vHKT<U6K~HkDv<
zYi1y(#<#~J`ZmYF9iu^wRN~fJJeUagbZ=|zI=VjL&TeXOw5Ag}-C(q3hu5{UZ{Xy*
zFeMI^|B@dv1T(gtL46=Sw>})hNR`WOl_yd<Hp(&gz!F}>e~GjKTrfVBunx^)+h!1{
z6zPTZv&3gXMw<E(?L$_=)d>&&4Hx=n(KT7hRiyr`R=HJ}YWCW1pHXV^D*a!`LD(N3
zJbb0f1Syiq`ZaOSay?EB3wnz&UCl?AQu3X5{N2qh`$iiSknR;QLMD`->~3D$X!3M+
zuJKk`dS9+L@23quo6WDMmhkk!Ltoe)qLpfiTxZi*S&dMsQ)&~#nf1<uO*U}$+dGav
zdtXlOZVrrB-LL#cPcA+@k!spMoRB#ixzjW50$A#0@(_|hZmRBTp#hpo1VCZGecBo@
z)b9=~WyRTW!QIOh@7(reZbKm71qV0a-q6Pv?!8}J64n-_E7c?Zay5Rb+zYC=>U*We
zTczx-Uw^Jv(in2nwfE6akpqYZaUk8*J+xZv`-mCQVB294g`T{SHOTw;!M|#}GQV4P
z$*-0@Pe27R4fHj*N_JxLxK-_I*R`~*TiaS2IevnY!Eu5)#EQ*LeZ`gxuOajV{-bK&
z_4XNxd+y48*Grx>|A14~tLpax&1;bMO4O7|G$>7@G=)kKlqLWu*$$6T=;de0AECgt
zXN;Mqt9O?_NMYq6%<H0JeF8D?*&*a_E4u;#ECo==YEAH<zTFEuC=!Ug&Z?&R3-#wa
zm9o-oXQ90}+|(B?&YK!s$F6O1&TzYU;89ONc^~Jyu4B6^8MCI+P*laUV#W;Hpe?k*
z)!+$lZR7|FASQ*g(H+@ZGjYo3x7h<as_@uQdgGde!dL3=_ij4TZ?B0HQ-l{8`_en}
zTHiA?qzkrsg6&>a>z;>7HU9@1NFaAtG!Rfhkz2VifLP`5WEL7NaemEI{h9`T9Wc22
zY9dl{0;=q>u8R3X{Nato1kLqgLQP<w8@*0USRfQ2j2$2%<gdL=5I`1-cGVx{x~z{b
z+*NPPie-h`CV6vR%gqYA>R0=N8`xD(5UnR>PagaBk*2m2&zwB|?c18lbDG3xM-xaI
z+W6Y`%-TjH`u45QK2YeoYxeeAzjuG3^RC%5T?a=Z{=tJe@E-OL9E5#J<tGRP%(1>t
z$<atv`;^YE)~D1bAN;s|O4s>{`aY#))W1@n5=fTYyq#^W_L?0S{M>qmw|`(X%B^9&
zukd##3~|_}v^^DH6Vjkpj(z`JUS^Bf%3EuvF1%4SihaH|zq)j8>R4vqNL&V2GhXZN
zOAPPkJqEkP_3zzM@fcPHDOUzD$|xHZrEm#O!L?)>p4@|uW~pqjz{)iCK24F|_Q{$2
zI9#K?T=5m^x*uP(q`I7QaMBTAmk5!B5~&SVr6v#tF0#lqT<uLwW{K6Vr%3|C``r;E
z1@X7LH8l6iQs+3B=wxNMP)soz{`{!7v3J1S`;fQh_s&OZd*^$yPJ|&MXynZ_NFvl*
zigXr6fV4f0;oOdQSu5HKPv|glyWZb~JKhVR?3JKJM2pG^?K@SAfaePF+up~xCiC&J
zpd3<^V+*#_XYK!YANCP;+GFoz_C7qC*piQF8A8N}>0owUqqD)Q_Oz9TOKqOSw)@ux
z2D2fRh`@0nBNDTj{+Kgim$U7I!-MTCYAqfa@XB<0O*mw6X@mx=QEK!VtwFol8Om<%
z$lg>8FiMR~rm^WvPPI^@*GP>nwJl&bJ3`q_ypG5(kcW{+k-z#r(u75jNn|V5gLEQ?
zu<jYRUv=^<R|U%qvICuyohq43)j3I&&LE|e@IN{*XU#`@o3`%n^}ZG9e`_QHUK^5c
zvil1g-svr!mBEfVL;gWn4~w~am?PAZ^E(0HsS+Gl1d3uExCh&Y`L3ilV04i4kVUX^
z(-F2<qMB7TP}e-RLNQE!0TYO1&IqI)a;|+!4N1$ydsW_y$JOlD8q8u`L_;+c>(#Kj
z5*yatoK`z!27SZ6&+p##==SJx<*?bQkw|L=akVL_C#==5jrMSpG38%Ie{HL4zk6Ta
zLlWw4HharRq`nhsz9a?~pu6@*>|x?O(u{nD_tIw+3Q3C}aX~hFN+$_d!*UqXO0K*`
zQoSL8`qky*u;DB#<h=t#=9jpnmYhpmPAIA;xP?E$cko$$X~)@W>cbwUm97exaTDJ`
zwtq1T0o%=>*l7WIA{13E68b9q0VgZcP98@lkZl)6Iy(~+NzOY4%xnTlIKfM@abP09
zZJQv;4#0_R%%{P`F6K+2qB*aHYh{95g%^U%5afh_q%K$ZpqDBu#gOM;$mCQ?!WC%J
z)f@Dx;=<FO((NN`&I{LhMPh-_<=2{h21(trF~>ZY57Y^0WohC+nD3S0co~U!h0dCK
z5^fc7BiF7$`4T<k0LG$U2QW&Ad9Y`Yij5L6V56N#$5gaa4jH<j)f$w+<x0FE*qN6H
zp<%T&<kdjl)1H!;<32lHx&qJI;#<4m(N93IiTV?oZd`c(J>aM@V+ZR5L@C`X3drre
z`t{|-5Z0_L2Hwg<#P2{T9s{$5eB@McU?a3Nt)xq01}~%`xE2}6cjoi?mW@(4_o;@w
z68ey*v~`|-<c#d41V=nxhMaG$>64Si0=7}Rr2A|+Ib4TIBt^8!6-k>QZCgH5CnlT}
z%AJwr1%=){@1Yz=Urz&{2u0LVrXs645t<!ZnMAsh5Z|jFYVqC*5l{Fe@ZyJ&`=@pu
z>4x&%cE$^hs_ST%+z17&WA9;yyBb)nmTl-7CXv0{ZaI0&$-S@*E=xU-JCi?>@AewE
zLBa3M=b+#>mVg>^7g|ePcN_2FJp0>G*?|r{olkOg<Zs0)uh;*!yrJH(`8t+f62d1T
zTMKDit%(l<l@7X!l^>|n0;O^<r&UVnxvoyp$6(m;<h?R6e!U*NdKU?4Yc6two-?oX
z`PBhFrU;(nV#*93Q^<HVrU<?Pylg+RXUf(-$Stz$PwbcO9~;{*#Z3dyEV|-wt!2t%
z8ih+O(uq>O*q)E)o0@`yhzTm+lP93NX)5T3cQ$URg<rts^vx+c%B{70cy--Cyh6WH
zAF*p({>nPRvH|COG+VUj!s{7(cZIc+m8HINxT{}!0g}H1c1`0yLK4WnN=-z2`Ic!L
zP=ZVq?(@>5p|5hbC~P%Z(A~`M!3IS$$DvDa;M2=>LND41*_fX1iGC3lgbu%+DtvBa
z>zySBCpJ(NaSb6m($!vQXFVsd_rcv*?M7MD%Ml3Ja2<oDz4ksn4Q3re1}c@b++mx=
z?wip#1P<3MHkPH4ti#vmppAWWv3eemA!^jW{(so}5->T6E6vEOvNE$Ov(C)A@B6;H
ztIz6|)M`nst91anKuG97H!URD+yi*WEMOrcu)rf2+hD-vXh}$IByNF^F^dn3@q%US
z@eKHoF<_h7vAZ-8nOR-cIy^hyeEZF}-*o>{=8LSV%op!Pym;{<GNSo%r1RKWUr;+8
z^u+RxEg|K`i*+8HIE)b#S^ooNj83bRr$vlZ{SO)%<6x5?M=PuSgGTc$Lhs5(!dVAP
zJV5bAk^jq2j8+{<>8u7KYVq+JG~P)uM&0-hyB+_W&d5+CE5LjO&-^R(Lzu4_;2za~
zbh%BLRLYPT!>83ax1pUkkVHp^p=%6J*7P;P&^N0%%aG%Q!H%&r-#ZM?DR{2&i0Cj7
zQh1g$#0)hSeo7{jlU9wAU$AVvZK<pu<g5wkmgo7gx?q-uZoGxrcm)xW&8|R;q*_So
zhZ^ngD1*N{pYI78$a`@7Hc|-n<O|&}^;?F5#UdOlxHw`I#~&v2j%+xbadN~V0)Grg
z5xa2K$r2B8K2KAUxQAiJf6<hy+t0CRCL@c)s?#B{A|VUx_-0N`k&J-qj1QKcJD`-a
z;MT^fVgdX%U;`mMQDZVT2q1B~F?@AR-gtlzxhx0<Id%+xy2gVV7oQd6jP6;+W+<(t
zbRn_Y3_nHF(`ETKmX33t|97Z9iE7}5Q03WXZh51#<$cauwV10Tmu~Y4<U<dUyt|Z0
zm24RE$uAkqQO&2y9-eyOAfa=lqp7llai>bK=urftXR+@3%dDOuC|)#T$FMJ&?7W81
z=-K+4SVF6VJ}hsy)Hfm7i1q!%5h$AwSfj2WiZKii9L_Pk|47KeI&5S3NKL5m4(}{G
zYo5i<A?JfRjbLrFaLIKHZDxTot~>8{Vb1-8VnN!>Xr0|ispaiY)WZ}lG=B4DX2IN8
z&W6*w^;W9>n%-8;CJQc}{sHlV#++(PR-M}VNxMiJY(^}pvGYVJ7`AE&on0FL8ot_L
z)M~}B9pIpXpTMu6JRl8wXFZ2#YsVP&#1VjI0*qmg*UW;?=d|9Q&9csWV>{aRvpb0q
z(5o&hghJTRO1{<@gu;~Jg$ukA+3Xd!z7dIE5lN<l{!6+u^E&*o`Mc(qSzE#v>rQ)F
zlW3T>sW!O2&-+|CkoW3i0bkyZzsu`&LL?BAV9zx_khVIlUMp*|8gmKB?h)<f;r83L
zM!U)Fak*gbmciT|*XTe5w1Ltg)|)$yJ%z%l*f(lMVD_?n>WRP(`xbtr_!PBM?Ka61
zKO2$5mKpMA8+Ao1v>F_?DzQKOxWBfd(^JZ&#83|HCBljkmpd$K6HAJH%c}N&V5G3i
zRSbE`9%tCb5q}&U8BTFx&{l>fOv}-PLBnbY0v_t`1^v0<O#_}v((X&%8w%MIC0G*M
z@n>-d<pMcSK4b&oG3;oKXRQZcM{8?+Mc6?+1TEbQXw)zjdz9WOj~Y%|RZCtmY(g0=
z;UbNq5jj)1gP^p5i>r6+OE1_y&76paMNU}?L96%W-R(VHUBOC3$1o&DludRcXLWty
z&IP;XMqooEa7M|*yKI8SVVb*O!5qo2mwae^s{`udehmlfP#F{sG4?Xj1psO6NX=mM
zZm}~&?Cau=!sEJ@GS>2zk~+2d|L#2_Sg`I7WNlsxonGBFePz|*uU*!g849CisoW8f
zdC61pI%77Dk)keVdl3IeMf#O=F28Vd7t~48@5ijPq6)e`I}~vwDo#&Z!Wl?5@^Txj
zHDQneeWMxZp*?lPX*4<`W7yYg5^(Z7L*DUJ<b?<xiP++w_w8T~*mgFT<B}^*qsyqS
zZZ+|Cj%b~vqUO6f_-#&S{ShJ99*_4G{m^i+&PZh-{on(M1tYU(Z<_8qK@>~Qn1jcO
zPrM#?$|Ep3RtkpPJk;A=2L`WRkc`b-U6tCqP2Pk9mL(Vd3ihhT0V*JS#AE`zIEIbZ
zjEP7<`=#90z(e9giEXYCew*CYIIT?X884h{P7<658HnebnO14eA;Dh7DVoywO-4!3
zEawGYzmgHdZg*H>`gxe_vzHdO*$WO<gHtb9?0SmTn%q*>lZgB4>uC-}6F3?>;EyLf
znaZMeH?3ujPPE3J4f_bcnsR_HFa(x^J$)Qli2Y9x114-QNP-#I=Rh8GV|!~Xoy^m8
zK1qb<qV2tbb1|}RzA$-jbz5xVe(T^}LWU+PPw8IJ;X0kKc2{M`MSFd_CNu^c`qQUQ
zS9{g<y%eY0Ajc2om-YYMSq_zRCON?W^tqE9G#WL9U(It}922aqXqOVamUTP+M|pnP
z5u11QyrE4qeCepu9roBg;r<nE?xJ{t<A0TkSv?ju6}5UTtTz(8++i#g0tp98ekbVF
zIfcw%!LHS6jhtY_DclzC3dIM?Zfm6M4^MOG@~%L)Wa-XiXO)~9jrR+|nBM9Zf)Sn7
zSzjxP7-@AG>=J8|P;0mhe+7RKTGbrLj>b%=8oK}oi;e(X#+by9CU*q3NF&sUGQ+WH
zPbV!C68Y=H?D&JQuDV^Ygv64LvKO{iZdXKPo8~mzIb0O+f1D^C+4f2(P=B<MZZ)KV
zK&WR)71i7Mu*4^!4MJn=z7x=k`2eyGu&0i(-Vf}C?J~=!&RMExg1NTV0dx;zRf;e)
z>F{i2^qIa|I@{ZqZgPcNv@G;cXjc17IUXyP;xSczm<!5J89|4pgEefCAB|<t`&i6%
zcJ`Z3Xy#MBGiii&X#mtlD?wD$GhIeSK?B&6H4Dp+_U-VER(Et&;)U(;kqIp+QF4^?
z>}h3S`md<!>@*UGG8QT}MwCe-V~x0w`l2y=!P^j3IPNG+=rWki1#+v)gG+7pe70ck
zT9~(9Sf6L7aVro1+H;vg!WNLYQ1@_EEtwC%{HH*AG-Pa+Odh!Sr=mMTl5cw>%O<%t
ztHZ;8C9}=Up;Gw(TH(+YQA(u;8ZnoWlWZ`zrqZ>jAWh0a8|3(rb2yfH#X%LeAtxZO
zX4r}ZP5=vb6pib`_MBnu4+uMgUsgPl3oV>QPa2SgZd_{dr{*o%Jueg=zGl(<UGt*f
z;#`@aH|r5NXC~O$NBnVMWH=KW+CFRGs)ec8(6*sqXUZ-myCRX!gfxU|$1?1X_;JV)
z@|M~Td2=ihpjGykEWpa<vR;xx4wG}c;p$e0Njks7G^rR*$nac;srS-udm;k8Q?*=Z
z&0Z-N%&zUOEpK<o4wJJI@RXsXk;61=WMPUiI*h+ZgBoa>ApRZ=s{xd3CYN2fc_#9g
z0`Yr7VZ~oUb?ubw-$o7x96*3|qNa1OFGhC+1gmGebp)t|AIpxPG*u@D%FZnZ%963z
zDV$<yn$;WidYi*zY%S4ZG#oJTZVOFd<ns<cJX56B<Q41BPA&+Y@COV@YfV1LWfv?9
z6y&lO%=iYVV*8%<rF<!!eGGf-2+$?&%*#7zi}t~MWv{(Tg?F%fjpANPcJJhsuaK8_
zo;9yp#;7XL6DKE!{8g{dL*i6y#%0w&Pu{D8+-fz9C(#xRrlMUlI%A>QB^7Ub$_+)V
z(NY>`tmuyT6WxQ|apIcn%$%L$1)bYtw(*o;<ZUj=VU^;2l~jLP(sFvv<uyxsQfJV)
zEH;N#jP=Q0#|i9J>H$yysly=XjUtU0%mU}#7JbOhJ!IaNe2i8~{%i6a?~~&vf7;@>
zmd|o7S{x9?gGJY{SG9UuAYxvBS&i58d@rh~$o}l$Ve%@6-|nR-8k$YFJD_K1YW14G
zAm3sqEJ!2?4?B_P@oqSzqXfHLhECuQQWogzrAL{d;<mbxRWSw`BEDVP?mIN$wD!u)
zof0}a+huJD2#J&8LHL7#oXuy_X4bWJ4HqOvlC3-wPuSZ$u>8v|Yr{va=5nE)MOADb
zD)j_B)PK;{9tvO=HPZ6jd;C@WcF1uQ<PVwr-ZAXZ5wl<Ghb_Vr&=>Oi^^WcO5wKmc
zgQ$1f5&*&=N3HRUNMv#h1CK*?SW@#K+K(@lEPM3CgEYlSQI97ovBYMQTu-oKn6ltB
zW3Y+!6k02ZVhtSjhG;Xu`bubYOntx4hizhX8UjTg@K=dHLvE*mCC7aJyqL{e(#RF%
z{1#KEMN4;gTY8bdW~42Z?b&V%;f!r}jx;i$EC)HURMvT-H)rQ4dg08qki-GETtoL0
zoFf~F=A1fwF@_JJwIQRitW!tqrAbzby1h{wgRjJ~)i`5;tz6K;;2UuKVw{sy8HlzP
z8F=;j`p=sZk))<XbUH;Ma+l+-MoN~?EBN2aJ2Wji0Rq_jC?<p2iDpa&`_&PV%W~`(
z_G{SI1-bb4AV;~k8z<U2SwgQg)!Y(+!5VRvDBXy&L?fzDBz5CVn#TV|gNx}%Fll4)
zCCdr4B7HO?;+g|@XfSIk5=_`wVt5!S-WyI@G3pllHyrE)p)D|<d{V=}Txs<j#{VlT
z&?K&5=z|Yv7z$qGxj&&uIrcGr2h5=#bRm!Eqr+M)E5Rag#4j?UWehu3)3Ks!yOj~P
zGglG2K<~NBy2)lwjhnQ!1d5s~e_?lMYF&Z2h*PtF$P(scI1shzG&}G$I3vaafw%?J
z;6|gKgo^n(j!SNX24_sh`bi9%hC*nR;1p3S35XZud72#10SlS|`TP+LL!g&)Prar(
za4lXUc1L4cWqpMFt~!gd{xx(TGJ;)0J<`0-_vQPny}*60>0Gd&qiex}YW-F!J+r+s
z1OBfcf%p06GaurB+JN?&0$%9T;$y%EtoWTrIV$X&YZ!pS`sx2_I1!C<-<%RU*{i^Q
zj<NQn*O#!fm_z3+$I#lcl-^&F-;<Nyo2&Ts*dvV@O2qAYi(W(P&H6vjkGBT|A<!OA
zRD*&Ll>P13&-@B|i`**nhWu^(OEPa?I?5Rmkh_flvSv7WwueJB?c`b9J;zFMpFbfn
z4#rhZCW~%H=P5=b%3EHMXwjp?)-ie%5Z5#K8@w5^rZe+@DTS5yzrv9cIwQY8s=tFh
zjQN2RSVs+D48QZRiIZHw@CK6otI9l9dZI#1Fz~R}<g$K-HrfIXcgTQIpEd+a;b6fp
zjK%so+T1U&yq1z{w&h?TA=0#nW+`2F=41G*7}PX#h#`hR?`z7!t`o|AxNq^|THlgI
zwY@8Ay%(>l^~$41L=k(K+5<VXG&!6Jf2=Tw{RbJO_^8UE91VsX{#_s;(X^C6BUr><
z_^cn{8e%zE3H7#?=pZhWpWOxmqi8FEm4~>tC_Fvw(gef;WTW_60R{iw97nuNn$F*_
z8Rxkw$1eX_@aBE~j7Lu!oaP&7LGsxgJ^`cZxZutC{TVlpKDZHmAUS*nlI*@8)><gb
zcpy^isJNb&v%nd+`Ue;I0Or66b0DcX2#uyPC<iVi#+64+E-oq+8(Dbs^s9#P3(Au^
z?^Qyg4Gv3#Ljfaq37)*nd3_J!{U(h;@=6Xr%+xO4t9(KkCh@4l4CiOQ<pVTdVJ&el
z)CAJZDzFl!oiHuQ=}V!eFo4&;Pb{Tghc(Q80@kd#u#f?K-XYdN0W=;ghbPP`|LWS(
z^j|20JL!*?oTLU{N*Y{gU!v$BsrtCyz*1U+-KhDT-l$OWxPVB|<S!aesLD^MPJRM)
z))O!jA-EF0L;>Cw`#s6KlJF6Bf;x%X1SmFv+KARy&_D|6>Qls8{C`us8y3upYv42d
zxaMe_az<tvpr(4|!uIBQjl@KcgNP^{4g6)s8gMvaLu}JIQ$AnH$<{YBmY~BKuxc?0
zLl^t<#GMn{Qas-nYOME7zGk%o5`Z(mrj}9j!D6rhTnnxP*VKerBYP;4oj$$fu`eTg
zmOO{=2Q0W0zXw=A5HHr)ENg*23`_KE9K-L24RSm_ebz|Hv&X)Sp0{=k3mz7(TeubN
z{X1`NbqrfPI$fPh@doNkndGSY$(9h4QK}Y=@@!Nys!17Q!u3^`@a-YWO>bDaRxA|c
zfRtkI<r9fn<SE~cm^{&V|06@dFJQy|{?)ZmIcO|g`IV84U${IMUv%vv=d_uF0ligV
zwDxQ`m~nEvGiD1GLpCjEhRz9XjJd>Y&u}HXcFWHGzH7HEtA(%|d3(gxIX`DXOQj_`
zBc|=Xu1h*Roz<e4UcPj`H<<PC^@G^P_B9tTh-4Pdp5`C8W?4BlYtyu@bt{%6y)$M^
zcUwvwU2ZQ_2}Q6*y)Sq9$|YfE$g1T-!EnN&=QwXM<|_tFmUz#SE%-lK)A=@^4|WQi
zwuIMY4ra#}BnL}w&g?XV77i~AiP>C%xDKe=%#xo4bHJrw2e=AcTNC;>Y=PSB?p|nj
zWys3VbNE51O$$6O1qs|&V}0yWpKmEkR4yCCAE^l-9PaMlka2CXQwy~-mycoWVd1K^
zSD>92W^T-nVONfJZ~RZFQxv62rB$688ugT$qw$I|@$)LPqUv&~y}YQy7I6v1D-Nt(
zd&k9b-;B*e<?CjeB(0PVh0+ct5$u{Nz-F7m2#q0Sw<J0iccs>C+tqRPV_VADZrbRU
zDl?)2@5*=sMZaN#y)dubc11KbJT%~SN3Bf#eylUUWbO=~tFv0M%@`TZL}pypnH?UQ
z8LX@?y5_|^i~-HxFmRzcH<c28TnPK^0TK4UXnQ8=PJ4v>CD-Cxb<RM-E+rxXgEj0F
zjGn~!&%!+!yVv2X_4N2m!C(M?LD8DlsQC-j*Dc^4a4-1#nr_{V*IYy{-ne+qZee5$
zzwg-UeH7b6&iUMNSQ$4$3$_37t;<$d$ME?zov?c2t%7jt#?|B;=W)CQ(x8MTYi7$<
zYTZ6!>oq;>jpRj9h-J5pVbtNR_b%Lh0*ixXpbuLNYds2y^{QQKq)(}8kVAy(OdF`r
zs;X5)8dcR|&8n$rh*am2A{`=)6QN>(6iuqmCr^z+A>>B)y{$Qjj7`$<MEnN@-7so*
zb;a)9=+ae}7mABIeHT6Y$pcqEfA6+gL90VFdqP3CR&XSu&f>cJzlUiKzJ<+scO*Q0
zb?2h{`k=oc&?q*6L(jz-&e~VJcipysy=D5%J1-lEB?eZOdIs_vzkJoEdse5$mxO1o
z>FK|rqr745ii9g0uwY*@2HT?X&X6&eOboRL{=AQL4Q#t)&>x#WH0UeewEwHi4!rlp
z`RREZulY>>^yQs?j<Gu(R^HjOV)x87&p)<zL+AF_>u((!dF}B1wP>1v-ET9r-C>&!
zEuA>KZ(yb+*0Xq1U+?;*gPsL<_sqQh()RTH&Erl~y}jPx+~LJ3b1YNBw>i=Qixe%o
zB9~XCOraf1LLcf(=FBPL>r_E)yRf6E?ZS>uZoAqh?FWQ93M6B8#oYd=k>H5?7?WG3
zNtV_LEU7hE1@Z$lH(zTIc>oMx9au&#C+7hg2tY!+#K3-98|Vcy!F+HLv@+|#Hn1Dq
z0N$)^U9e&E;?3=QuI;)uwtZ)6r|+`0p|#q<A>9zDO(&-tawSV?^R+wI4oxqWrVp*%
zdF^J}b@2+DYxY&U=I!eL^z{SR7p~k|+3Hxf%CpKeyi{C@cl2m_*hGfU?7DvIs--=d
zOwZC)Td&_mN7h{)h=A;C+1HHfd@yzT=U+cy=ohB{$S+Vq4+hGmVj-%Y&FWcF&yCON
zv(jgu&;FbiC#S<_-M{fX;*DIXl)D=pJ}Ksl`4FP&Z3X!Ecrl+Z;=|}T?m!ptn<u_I
z{zR@+D1@+lsg%dQi9W2aK*vwex9>(2aSuG?V5<J(Vln?Sn85CZ#8Py(Yv2KUwva84
z4?=2xE?2^R>X+&?B;H3q`$;KR%0L3`DT03&|1<SIuF)O_$gA6fe-D3&`Xx+1EzcBN
zjK7S(Onn5Zpn5o&)Vs&9L$IM?4;eCtVg?AC@A>i=e&&$vd1?%=%dJbxTKA_<qPbt@
z$qUg$(5nB<(WN#yJTF@trTti3Tz&h+vsZcq3rCs++QjL-(So-)J1eeU6)Htsdd@@(
zCX%zjK3%#ay6lcMC31NAfo<J>BO{1Dd(NlT&=!+E+`p`R^-X${MXS;Ja(162FpNoH
zO6&G3`6NU+pT{Qhy+clq$@$)czm6}YehIzw%qYc=VNcfd7KQ;9{nseUNIqeE24>cX
zpK0#TaI$5{G}tooD0imRZ5r@}X8vD3=8Q(}<7l-l?z3Sx3MOiQ(tmd#7Kzng=LJ2F
zzXH8M#L*J`WrC+Zf*d`ga`;{R16fnY8)>XvPM?_g{7pIi+(eG1%jxGEpOXPOhc7hJ
zgoAnyre6fg^Ijr`<mbISala?z@4qsUep^nzDodyXmW+9@WK0A7N0VPI>K-zg#?HKO
z*dh%UQBar{%!5T!(ImA$-0h$uuy7ob9)o4%%%m+5l1Vkx({Pnh3sgBbFpRgZVx%m&
ziqA{VS>NsJZOiEO28Q5tOrSK7>FCPOS~@GA8d}rt>?%cRQbS@iuk~g+0-lJ(<Y!+r
zJ5M~*v$ET((HU6AVD&j8E{n~Q_6L&TNOehHbxGBw<xQ+cXS7=)9)sDyi*{Wg84Ohx
zK`D5k6!ytd_@*qCtx#&LEah*>=@^vqr{wgvWhoi)*YNwO_dy8l&Vyl3K21U2opv0@
z_Q6X=?6Dd{Ypgl|2(JzmDMBt%XoU(>wWuyB+?_4jvdY5i(6AVr5hO|7`>t&wj&$tO
z)j!q|rbNIMw&}_FI;Rff?E1L`WA;0OX%XXyKh{5TI4~YNEIRZAq2ZWkUDE^pX|87(
z9Ze8=hX{K;s!f0lMnSD6h4nlyMsyrUgdEXu<b*!z)#)_e<B(l5&>)73y$Zvp3mDqZ
z+4foiDp)?CAfBiyZeoW!G~C>XXcEOJ{vkz0%Ym4rC35w8nqVvuZ$6@-J|H<M7K~&Z
z9QDS-!-QEUX{-zZ{ee4gLt8~~7E03NqdK0(aV@W}&mBkO?yCKQ?VS(y*@g~VP438X
z>}}{b+pu>In@p^K4EtHl09dR0nH$4<!+1DMyPn}u@r*n}tHo293sF_ZEwZQOHxuNV
zO>5*$Z`3VrM8yS;mLhVEub3MI{!%58+A{dMEfBE1yzh=mx_9_@mEL5jT8#D2t<J6X
z6VLaqaJwB25B`wbarwsbBFVVw&#A~0#riv?;)`*p1Jyo33Hv|<jlum47AGgn0^>NL
zN8CD3Xd2wMMyXo3gT;ex**-;V+x)=#<A|kiUwL=2RC!gbTrw?J=(?!gNv_*+-{onA
z8`vz|zNT_fm#-djbgqysp==pJ0CbI7ykpoqH4AMMYyzMyCvNoY_23>4X+FUrp1dc>
zNfK<`+zp%9m`OH;R(anv)$l{9A?vuqWU60*7{m@3%w|LV^!p|g+En9x%xW?bp0r=#
z(3?&B?)Ii7k5Mz~M|DiKl%NyLIqY<1MabikAOJzb81~beDeFBBB!dL2ODR!(j^N%Z
zAy&;lNvN!jU-yPhStUYkuneb76Dt-@YOCa3(&WfkV`efvX~vI-Ab6$0isZXPm8CuY
ztJnJy{B?raEMT<cMV<dk)~vmMQ+wyOgO|_SA-8bU3Z=a==z_K7?bm!-tKH{ICH)>}
z{Y9hIsHYv3^>?qj?7qz%9=UZ>+9tUrfF51PsKmhB9ujOCq!=Cuwx4XHZ=i9SCR}Dz
zLv@NtDatlw<>}`BO==9+*xE#)ToqLU{~*?0jeZhsuf}54c1Tp)WB6|cqfx-(^&g`%
z{!`v)<m(?}dURI!LM;-|0|_=k*gHT2*a@4~8aP%TfwiMY#M&D-R&LnHA#BS)3bc(n
zbSP_rDQ<Fx!z?gy4u{|qQQjyZH1memku4OmMbzhMna>d=&dQ&;vAU>+Cd{IUzo``?
z-cU?p$?qU;P&Q9$I5Ft)Mn#6Ve*d(d#(%9v!*5z0jn(Qe8H`2){<Z=B)!)NhXrcoF
z4~)lE|FC}0Vp3}iY<YnRxW54es2)Je)kAozQ9YEs%37<0EP7Z6ro%e0&lX5jN-0?S
zi9j|83;l~oF5{2-6v?1g93-J-W&*&+YyEyvgDf2M__4Q-iGGZI1ymeQvo8`n1h)`8
zxclPn9^8YwySuyFBEj9=U4jR9cXx*e`QPu}@7{NwoISH!U0q%BtC~4yX1jaT@EZ#S
zXtq9)@>B$W|E`!eDkg{J{sV$&{2*KsS;3BkQaAjw|Ke~A#({BFbXGg4dZzVsLr>gw
z@Q4Q#Rtcm28WvpP*Xal^{XZ~ZG~r%U1qe{SK+NiypsIlrz7RM_g%iSY@OZvc>*y+@
zD7`4&#c;06TFu}v2-ZK;FugD<EC6K}rD@of)a*XjFXNSZ*yJMO@F~cVxo+jC)*SvA
z%xY=^n;Sp+@a!t8gMituTIn%!CiGMqG!W2j<9_`kl~O>yf~iokB2Qu~hKqYft%}*r
znwdATYjzySu%Y#x%2ClLV^qGIl%H?E!%AyG-7t!~0^8hF%seHk{#eQF)%=NIvp15e
zB@BcuIa71k#6EXEs50uPb2hLP{>|=A&K_$<)8Qq5vwf6=Gq2!rAktz5eWUrK>2y){
z&9<p5nu~dU7lPMvS^_UfQ6_4>u!{GL>(^vu28!^uW@Xuzqg?pD(lT4~`fs*+w}QGG
z87@1<B5q9ExMu2^h1Z@_NJGht4<_l`R<5igp>3okUtxcfHP0cq{cK}X1gFrR(DOgB
zhEdy%?i!EO;o<qjtNWS5VK9?5%hdu^;K4}ieNXOIN<`nEW9imp%uA)l+N)aiRc<Qu
zC8s5HRUXN$8w(4i!(|M%k->(ztFtO71Tur&h~Pg6PWV$`=2y?Z!<ST~a@CMdj>~nR
z^su?L*I1<fSb`~&esUIRf2CxzqHV?jj9F>1-NA}D-+;EDk!pf6dWf#-@!vrEK)dI7
z`?|O;cE&U}jEJtQ39VlSs*sYh^!|W96O{KoW5kXm=&_sr^mbm`CApIRC4z^7=P_HB
zeNTW{`-aH}+kf)8(rFv^ZH$1rHmb0^L#Pm<3?Mi0RqrX(Ax6D2#I=k2VW%lmD^@H~
zqUhHFqamML9DY-W*Z1mm`LL?EYR$7Y{jmx6V~%1A<rlU2{x7o{*)+*8HdKR<P3DPk
z$W6E2;D7jvk0Xh0ut4*av=rPTgsyLu`Fs<hZkEG-cO(*Yh*=TWj%8a(7bK0|$b~xP
zgKYqn@mV#*F*%zM?Y}r|+W<@B+mQCLwHkufbAtyk;sBeEW-w*U#}Wf#U~geRccEkb
z%Fg$W)SVeckbn!`JiV#4=V7&3B{lOwl?Z&u;d0t@dS3iQAmO=n`?9&aSdTXDylFx0
zd5);)hg93ZbM+VS`;#q>x(9WTM~*^}G&{a$^p19jGje=O07h=YvkmyP6hlAFCn@aS
zGN}o_>o*hrmIE+n1fM2lP>yBa0#xf;xOHn3_B*!52VX#r_MC48`TD}uI`XRsJhTv2
zQbqtJskJx&qQywcefB(vB>V-V69Y-o5l!2)ixxE*Zm(}mr52@e=5nh>$K!w>aW44n
zkN>sB!BTyY1;Wx3D!_iP%X80g&f+xmNhYKDZq;sM>1uABRN)!lnvwtfabgrc%R^OR
znRd&s2FWJFFF{I>YqFx2kVFe)0CCd*0;V}6SE-K=qR6GlU~m2DAdSI|p#d0Su6^74
z5FNI&YKh-L|F-)emn`R;J&5Lnx<-~D(Lp;-eU@-xp4W2u@SDQ|91&_U;1>RbR>@*U
zg#8$2=@st$AyQ91x!Vgjefs<7l6!S5?ZgX|;7q3*C$8li!MVw+%{I%WH}KN4lsW8*
z(d2H3DmU0Subi`*H=5H!jtQBYqo=YLi6`Zoila5ys*<<I*YWGM1uvO5zTlvOhl0L>
z9fD%S%*<}oe7XQ~$&C(TZs6_4H8J9y)Z6Iw+K39{))1D}h_hZ6pwe}HCxt#(3UL4u
z#jgbN%`#CB_T9682I~C3$+tdHX&u-%4}uQm#C~v)GE<N@Yd`mZXyt_U9n@@_EaEi<
z6EOY30)^C1ESHK2`S>2<dCbwTapF@yG5Shs(Z3gZP>h1$c|?iV-20)7Z+8B8EEGTD
z<u8#p;i{NaQb>iW*>IvuQT8_Jqe<uop_WoM`4(MYQOpGTeQAY43M~Bu^j+x-bHXg|
zW3u>E*3@maxS5Y4F#peIy7@zjQC&Eaj6R>-bY&Bq%Ec0jvI3YV&V*e)OwS+?%pu-g
z$!ThevO(2fXl#_Vghl~M+ocnsKs2?O8h%P!C1as6*#FV#y1J`g_$L&I2f-~1!WIp6
z5}gXi;>)~FQ3)U3`F7MP?QHQiw;XI~XUo*tfGD@#_w#cuf_dP%kB+ki*F4DkOapo4
z&MUO@rIvLY>gRmi&-{nB&O5M`*q(aatxIU<xM5ud`oEz9*VEr3(rJCdijQAAoNnRe
z<cPrAXvj&rAy^fr5d-_?^=)K~k|BhR%nZHxV36!a#fKrNQJAL~8m5(pNBB@>#iZoP
zscpuohtR8_U-w*2+j_hgkDffaUp(K|_O{v>mW?>}+{Yg>t~jUYc6^r2ODCaaQs$9i
zJ*ntO5oT@K$r?tPCNW+*sF%xp1o3ApAYqh}C497)_xTu@dKDZ`MU4&kXupm^J{?<f
z?!WmOcVdP|)rmyC@FEdqrGpX`Do3<Ud?O+n=qAjoOf<)w`Pm9|vePMpztiubqQ3nK
z@uJ#D>k|x~7VY%eIUVcC0a~k~htb|2#-5PY?1HjSt#>rfx&vom8l>KO(yZI3ALnNP
zsM2B=TnuIeC=q?5P2tACCrV5>EKbu>KV3ZwkPy-0ue$`QE)%~4NTDMAaLx@nYmk=o
zd)j%O;m=ctTtj0HJCiZf4Z}tKsG0Ss9lsR-zM*kl<8vG8AuLvD;9$dn_xIj+N2=;T
z6`3Yhkm)MbXHMyYu?ZjJQJUppxk{=~5=}*N&FF*vG44}IUS4+}p115R<&zxLO$jSy
z=+bz9Bg=Xs)<EhO^A@8p9Eu2I*s!lhnvW67`({|sE~6oH^o0fd9MF5^MoezHCL~k@
z2u}oQqd#Q4?2Z|0B!%x&8t3V-0g;E+rAT&VmQ3LhDaYS9YV)i9;CTCn$VPIAn~osG
zgXSAHHvY~5m6%rP2%N#Y4u)mECjgRhP*2Pv=cvwFm*RmS^Zzns%3K@Zdb>Dw`pHq7
zoIaReblS*daMV-B7`M|r!-ZXyqT_?LdqkJ{YGhh@Y=ZX6BOkEUg$$46%~*lKA&o?z
zjD~KW0&c0$1BudQZB}J9DLy4|45Q12@p;@OSs*1@h>XQ$q6BgY3(xKcR*JAWcr|ZS
znSm)D(UIJ@I=u{a`uB;9%j~E#HY!l^9+#B`SmS`@$z4OcI{uznyZ8s6c_`zI1cLyh
zlX~5b)P>Y8(a9<cX7vJx#^0E9{Qb?J&7m-M5|QjGDKTH?aStb3=s$7G5&v|ArM@ll
zTZu`2*1v{qzNr=LRG8H`CWRj>5P6_V5;E;fG3;gQ(|_%07com-ApzOFGwoj&kuWm9
zxAHhj!5fK`sdB3a7m=PaKQj->GAS@OnL|YQg8%(9`tGN$8S%6yrtH3_Dy%uA8@(8Y
zWqDRTG<gK7V@khJm$Ckb?rBo$)uqqo7CPHmDZ&~rc;j;Up=k?)Ok#Tsz3VoA2D@*@
zIv=qV9cVRZ9jG8rr@LI5*h;`{^r!DtC9I9g6CKJ8NIumT!m(=<*j<qKc;`fA7YA~0
z|B_7Zih!tLAZ;j2Z<{~1C`Oke{WO;Prtjq1z2bdoMnIGi$M?{(zzOk~46rHHk){%M
z#4yplTRXA-Mv2!k{A-Z7g>m52Mp$Qaw32t=P?w@UCBhBA-(1fL?^L4;n82_Au;Vmz
zHZU0H3x|Z`4lALTjwCnDHc7Hl9e?#vY2?c7pO0DlY+g23-BheIzGi4%vX^1fNovor
zOJcUQr3W`&G<xR}>`04%XTr70?7Z89GE9`ZdSG3Hr?~>AuE08WN3D!~!2uxvw+z&j
zGOElkHCYU4#Dqj%=3u!V3pYFB#MJFO8wyXhQhmP@*K>fZ7aBNKSU6R2okb=I>@x2?
z0Z4>fVmG#0j^&Zw74Ll+&$?bVNwsSpLTQ?h%70^sT(*pkShHcsm~>Ie>Z=eniqp>T
z{2Vc`x^bW8I-=l7E!=tH?3bo!v&)p|mx<?a$g;)dyJWz*R%7$jn`0_|rRb<Z`M!g8
zWg}kOUNIhuTpD&8PR(?99;52@dCSIIBIxofx&+yUF)|W-8GWUC{(1&rKPM|RzjM&o
zScuOG_4?W$tLWHS=35cHGhS$b%Yk#0o_=np8DZ_f##am}*~SPp+OB88=zv*@kSdiR
z<lMZ?6mk_uu<QOFD`F0WvS9xVd*hrvObrMuj}SrRCtSkF6%;IqsjN&}B6CZ{Z?l7{
zi6CXD(eKj_guRaeR0s=E*CJbcf(_}DrFls6BBBhjSTN{)Tj+;UL2E;Fv}i|Boyk~c
zDD;8Gm`0UkRS=?fh+zpSLC=h-IDGW{w|zY;{uE$O_~`0W+a03!>7Nsc9_Z;(1D%4u
zt6&Ah<m;Z1t7a0^UNp}5hlVJ87xrrnbw`94hdD>ty48gBG%y#th@M?`(mQvaqJq@^
z^z=1^E6HD7l8MlU5`F+S0<yYFvJ0SQisP43*jqzLx2eD?@IGM$>xj*ffjyR!O6U65
zyz63jRqA8fH=SJTtpoF1yj!?S*H5=F)s!=34>qv`tUTHL2hnsCU0GGC$LMW-p|$g+
z=xK{OmC1gE&^a;U^!kQu#|oii<uyC|wR~Dt&7ad~lEkYIM@(FlaL_8oYV<kCa)_t0
zelek&Wx$tZMe8@y&Vavs#T3mejF_dOP_md+VUqvlluJA;*=J~WA}XVn*d>j{wX;vn
zV(L%OV?0q9fm(vJtHMie(4fD>#15O1R#JaZXkMdal=DrMoq~WSB9ztG-mt|I+F<U0
zES+4SVCJwkKIR~=mc6Clu#(VOB}i#c7CZblOSEn>T89xI$Mm;8s85!NMZF(t8lTL;
z42d6o)Nf`$HJO`ZU{7I=Ir@Ydosq8`-OMk>F7X=lZ$BB2%y022#`q2#OhxLYj0()z
zd3CJ4zeI3FSEo&{D@QECjvI%NFYVK*@a3{C<<@jbwv72e%#)Xlf=%+y`r7AA#!49Y
z*pd4U70&|5{8DW3wfzh#KhdS~B?-wGU@}zw6pj(tv+vaHQP4!}>pnIqkTkW!%^M1g
zW^g3BOX(V7Vg6Z#bv&5EUKjGao{$-z9>w)I(1dP92b7l$IyTi8BpFjPm@}2C4*v7h
zg732b*O7x<VU_U3$@Q<>kDz?NJQiNL3p-Mta9HY;jD9TT6H)<6EgcPg=gJDz^*}L_
z;o03}-RntsEzTffa&^to!-$4ADi@)kpv<Vhx<!YmV|{}2#c@%R$d|Gh{SBvN1Tr_F
zkZdwC`@W?^7#8qLO=|o?O_@>-=%8P}Z=p@1`MDZy0z8u~es{Lz_GftixnFR(wU8}n
zq9dPXOc^^1A@ldw8@}=v)uep>0u?+w*i#4)_igd!K*zqz68Q>-*Z)Oh!qDuSPjD<-
zB@1HN1}bm3ZO!LYDuiKMzM`&DdPDHHw9<xTA8OD*ElE>nNhlaEBkDM@PN(3u6&*%n
z%pbO}bQo-^0+mo;pR*t?!4gogf8&-B&zaX2){V9m7-~Qqg8>k^ucJ>Y`H3eE5ha;O
zC5&oW?#QM|)@d1WAbP#+h=-$fth2uEBtViJQIqLK50#dH7k#e7F|SKrnem0=2N{M)
zXCs@VoB26o0)L1fM$L#>=c}`;UtfOhd#<at&dIBbs|k&#*ePAjxH%avKR7B+<qgvW
zc{v2#2j9}-QY2Vzu0++=8Y^dg42S_?ZRCY2@t$ADvcS)4;M))&2OCO;Nsfu?Qbv?h
zkyd5MT2G0QpKesK<8-q{9mKC&v7E%54#tZ%lC2;4!YnTjFMKWu5<CByI^nm{k$hXF
zkeUWk3V_oVx4f=!$<NY<Y9;z+xpESO)4-lcmBp|D3?2}I*v+dj4)1!c9)zPi3dws*
z1+2tpC&DJKz;URi0`>0#SuPhaSkz^vQ@p9lXMjPVNXgaViij8-txkT0Bog;CPs0kI
z)B#n4o0c;lMosVULMjaz;Pos6C0+d)xGCFjYmb{&zOczl-h*lnp4R_aexAS$eG!Gh
zew0D^1avxZdI^V@1l)hH?ddrkT(-TBqG&pIzm^_}T%3X?L0nqwD-K3pc($u>E`N&=
zJ~IgoH48acgfA93Qi#b`VXiR+q0P6O9~!y}_<7&bfZ38#d9gnV8~wNM0mRpR#KQdr
zB7MaDvP3^Mb&-!xY@$Q(nW#hfVO8a9ek**Z;!8osf*TD+vbnG^*#axtZ>$yk&iK_|
zSat}B+{7m4-~x$U!PZsW_D3=Dw204qZ)5L1>O{7rEJ=P>eHye!ye$(`;q-j)y>lrA
zAx^1G*R2o<ag;<zScp`PZro;0`~(|6OrlVDurfn2h=RVmpawra8d?k@QciD4EU!3h
zM!y;>iBd=lulA?sFv&0paX~u5IOM4xSy<3y@_&{k272=-z>9+88x^*r_v61KMlHio
z##SP#Bo*rC;w#IK5`xLga&Rdw=u5;i5aR0RW%p&o`L$+vGM!)N_`G#C$nbo<-{bxo
zy^&dfhw!}i?Cc$~Iu!+-;VF22P2^jEhg4g-E5k!#{7MhHmtKH}#`#jXejozzw&tM#
z(lq1_<%9p#BZRFt=Y5}zq{mNKARS)4UKejpNxX<zveDn4+5$;a&vpX#=C}^rt*n?b
zwXbro)Ek7aAQEKQJEX9gv>Q*v_MYxL-9bB&dDk=$*B`*{4}!FpywjGDabUE`^gSo$
zz?auhz)(abz2O02&_O@g!^wQl+aUNJKw#$_p(m4ioj1woLka_JJ<$wT{JIxKC5e_|
zIIH0fq#$F<hWPYF7($N)BMHF=L-ZL;@CV}9wuiT={_xX~)C}GIx<PuNXo>^MoRVV1
zDsB^AQZ>c43Z4>r5o&IOSI3j$54)`DLsSrXeXk(pNuP`2No0-Z@xkcJ><!zK+0DC%
zXbpMZ;Uwxv-t)#BHIIyAeewd?``KCa30UN9hrG@NHpbb>hG9(u0XzcPlkRN7v&IDl
z8iDQ+ce+4Xzw$LZ^LH+MwRQvr`gq$Ru7`sHhrI1RuPcB`gRj?ujuCb?fml;pMau8*
z`CMUjK5(ud!vTmujF8vev8<&bfG*y4H0v6$fH}~yaZn@Tbxv?V1<072KYFi0Oc^xP
z0Tkc~Yz(?H1q46}Hb&K%0tYYx9cuvH``XzAZ+!{{901u9`f!9BALH`-HlY@WEpZf~
z(}nLx2w3od0Z?h2b$gI8Rc||jb$2N1b|}Cc_!zbK6a)YPd@OYr(079i$b<lbdfVZz
zheHAnyiwW$s=z<o#<WfZ87uRyLAKWV1oT4O5+kP%xrP98f$o8PfD;E&0AsxiI`-gg
zN4~Cs0B8Uo`_btFW<3is*5X|gGqO=fti9tvxOb%m0`vnZK(>wq1IB^wDSU*00WxOb
zZO65~3<2o)1PlV%qwjP<{}`zaLi%&F;T^5je(*gz?;6(iZ(slsaA~gf5l~<l=pL!}
z6<nt(1YjI|?5S5mUtRa}0+jU^2q292l|iQo81M>YkG-=A+`1WLZ_fJ)s?!C-dNyu|
zlh&4VJkuRZ*I)ylsK!OiTOJOe4GM(tzLM&Epjlsr1~`F_`FUTNb-KV?zjosd?Ojbh
zoZRa@ygtJ`pFWE{b3YF~gSr!W0le6F0<=dmK>+EaHub4zK2vzsUm$^cAO+yoW01gM
zki9P-5WM3BFNk^|MK;9Si3J6?@n(E4A5h>C=w1iN9(kv##HI811Ngce=50k0ExLse
z3_eJZeEp2C*61K(Lf&@p>&u{kD3CGJ4|i5cF)jkO#oG~@!qy_}F9ZgEcv7j3WlAcY
zOL^OYuDc^xdqM+P!N*p-Yf!CmA%Ga5d(>nV47Idky%ES&6;{qp9zI&MNPI2j#jvl6
zGh+V!g8F6lU5X|N!7w4Y<;CA<9COEZe7(vI;W082y*hW;m9#RVuq(4b%VN)=Vb=Pz
zRAdw#94ssx91;Y1Mg5O?%LK(m_45LfHrlnFo6n!Rd#o9K%QZRdcIT^Xg@xGKFRN@3
ze`pSi3C$||Jpga&q}OyQzaq^{jr67TK}RDYyCjtSHlPr6(gs^`c2!K63ds-i_ZL+-
zIw~!9)J^%R&-{Z78IkZ88kR-hOS>_wWcO9s%=(uC!3i>?iDEUhX5K>4cx_D!2euM3
zE@DLq7k^X@fy(v^`*>0QVEvBF_g9BOX>}HR!xb62b%7Id6Ch91!C@VlmfA<COpu||
z3Df;7PCNDw(l0?XiSdPP(;B~3<7@8a@_{^Z$rbb__DcctB#J`V)ZoPJ0#|=<r^8Bh
zm&*|}E-g3o#4g$4=ckAlRcpv6JM6=NgL`oQK}bbT9wUkmrX#F3U#qt>WdrEWGWe7s
zDwqoeD%azJNY1q{2oG~;SSaR-9DR+CpBgv|tSJ6H0H3TKg<gk`f56B4-5aMcPE;)9
zSqCf@*#rgj*9Hl`nYAJg=?x6@U}^wOfgqnK>W)2|h1~mUukGv&!^<rlFmWM&h49i|
zt@EGwxUyuZ561Y~pA=9yN)9#4-HR&aD4^xJLj6Yl6`4s1mNr$$hy*Wr;N(*2Sd}_U
z^&E7_PFL9zz3Zr(g6%Z>Vvt5Fbg6Ffb5O~=Fu!><(_yTlm<12W{rF9k_n8>4PYe_f
zF{>WrXQ+4l%m{cku`427Yj5qRRKg-;m`{m0c?#m9d7iR6P@NGY$$atXiRj`&xu{c!
zZ=!t@u;ZO9`u;hI@kKGR-zOz)+QK#rJZcgpC<yYZbxf0voK;f{F}0M((8Li`j7k2;
zYAGse!T~9gV8zG>6qM5yq{Z7z*B_g9&1TpdqY5LtA_9^$Uw5XPat0`WTT^Oi2hw;n
zF1e4)k<bNKiZ)_GtLwpo_v<=Zhv#9X7y#py{A(3cvL)rJ=xXLwEK0xB1gcJc=cgc_
zI_l~1*gy`0u9|N`lw;5)Av8c{ojL5~|1ok*m7v7gOW#1DO-0y;oF&hd+bStK=x=#i
z{4-w#s2#BYXKqGQBi>JB0LJR2X&%?o%kZQ0T;DnY&P*4>POSv9NrUGyMuj(26?e-B
ziG)FuNT^OKuec{aKnGNj>JvQ(EiF`jKtRZjzltZKudbt%jg(UWY9J~@51lbn;xK3a
z;~yr5)Fl}DJeUmcUra+N>-CbIvZ?VQs^UH1vWpUegF>(njX1sm`Hi3Wll`19$jK9e
zdVC}i2I5+~D_|*uVK-;^Q^KQ%Pz6aFCld>3fS|0mz~p$bBcIUyf?v4I#2XMv6BBv9
z)+zq+Lx<QDh)5JaQ6YZeI%`6;7Y|6$&wY|JzO2N;&>V<L(#)X$%sScKFMPd7C}^yp
zret&MuDSA{hi0IH$_g2amRqVAQHNe`)$r>H-~kjikS8HFxC{&6>3N}E)+X?_PD0!C
z(TT24f|FQyvfcO$$Y=ruYc_Ny*x%W~jH!9eDxuM?s$3<HLu3%s%b|5^BItC$Y2A<-
zY?Tl)uw#O|QG6^0o!J<(E}%V;*fKD{ZSn>vB7CnHPYM%jLiJ&fk^)4<@*Vebq@YBF
ztpD!PWBW{dM1cJ>Jvth$2gu77X!o;0<%c)sk?&|>fJ)~iC*C&akJAlvAfnbDEH)Pk
z*eCIYnR_-o>=;_RJ650wrQD^`oXdB?G6|u%O@G9yS+<@^5Gq(%QE2+T&sDyNHB0Fb
zEG>NHMrow}0}5FT)u|G}1N#2JVQ97_BwHX-S+74o)#V@z5ZM-p%z!0J1SB&~M2#p{
z*0d!jNU{;~0-<@7T%e_nmk@0V7lRA-5a2SEKx&wDu<563ijN=0UiWZHNwduB>=t%r
z_2wrsG3I3oY=Vckr9&r$pW5h_2tr|mHG>8HZqs@WplX9Y0027$fVIMnY5J^J@Ugz1
zyC3A$o!SpoApUGh<4=6QBivbK)?wDE8&h-t@lt$WvboiV){fS$A|d|;=XQ{=DLkI?
zeT_Mnf~LLB65>|s<>1b(tc!<-i;F5&U<gA||3T0XF&ctx+@kHJ&+1pG32r?+@yZ5v
zvRVfv;f;cU0h8^bp|#{S?kV8fFZ}a7hY_&!MdzZvfmb6)$mZ5KrB0i2PL81TDRCMC
zE`CS60`2^wWSmzL5cl6>eFKYK3rgBSE;|M8nMcf73K~)E$enY$83#0wA;?V}+ViV!
z*=ZC<A`)x~0dUsYLn$$~G*jnIwaw*$F~owRhZ8o{<>)8j8s&WN>(}L3md-c6vO&8*
zr_;1yw(Yy8DErAI-NPf=lIa7N?b!80eFx+lqc9P6fQSuf8e`;*K>25>F>>oM^6gxH
zpWpQC5<BnP?X*NTQD`8ZrRq=w0A<P4kjjGh&LirFu*$J$R4QzXP#Jy@SbYbax^Z^Z
z@QYLEr~71506CV+e2)(#vl2ofIoBAej19njdP1sWC5F*)5M^px8C9}fk%me^>?ZTT
zhS@PTyGT+ZtXVaKVKSNyx(%~kW%<4ljiESLX9gAMRiY)K5%$IAH~kc&{4tr|U(sK|
z(#rBJQd!u(yii4@3NgJYn&|z4D63FXtdy>-SoB*Ft(Za4M9L(h1QNlQLuJl}l_f=1
zv=h43Ntq5StW?(&y&XH)HTxS6!I`d;KgKujYj`W-RPX~LP%F3X3M)7ariw4HR-K)>
zm3zDUMnX$O^}R$P9v4V}4xPwC5V?5?e%GO7$(Bf##lWlk+^>mV5Rc{CK^r#Q8Ulvv
z7gz$x@|ImU)xrv4ZT`7QgNzA^u=c4z41tuMpp`NZ70^yZF*1!aFB8rw3yTZ)O^i!B
zeMD`k5Yxnp(Lc@-n>5G1#jn^d8*WVbg4HcYM}M~8+(ibmMF^Dn+J+PpFP1Jt19fmo
z&qIZGS71V8A@@)gODF1gxRZ_0jnK`)e7Ne`DYVg^AbXPW60N9cl{rnzz$~>J+nhNo
z@~=g35ibee*L1~FgG_An*+UEECiMo3gFJnTviL4Y36n`{n*?e|A}Hwl*5a4sdwsci
z$V)T*=sqJ8+!@SL*JIqhRRead3L|62WK=!Q=eX;_<QiF7#0XXdoi_AMRA_f0+(#jN
zi~+4<aeXG=&*(a-$w#4eQRj8sP!C(w9P0VLB5>^lGwwNQO6c`0IG1)LB;9T;4E0Jp
z^jX`loF7*#aL}YkbiM^Gb52fl!ZfC|As97U2;3z%>w5yO5R~inec6e^J`|In6Y}fl
z1>d(~@R!jpI{PV2PJft1Hf;1ot+8kGZm7e<1yWL}=Lgb<D>sQy_o)LyJ}k}NHHGe=
z`E&P2-w-$V9@dN<8Lv8M?AD-LTXhN8u5t}?5*|(b%Z<E(!21acS%FO=?3{WdtdW#2
zVQjg~E3gis9=+u3Wkb5Nf%e%ivQZ-iFGL;4D1QP@!}}k&+oiTlAmhqqiUlmHe+<PS
z*%uhK@<UGe?fVdbKLy<!@!+QF;7YmfMtb!!(5glD?{NG2=WfSGXIx)N*2J;>`6=W@
zf|pR78($RS2PGUp@pO%YiN0v`35Sbr+oc)XZ}2Q8_(uvY_JokWvJ65Tzpu8SE6N1z
z7Fx{rDpQMxkX(7UC<}E`(R;aS&$-$wN*16-mAX@d`D|lf+v*dw(be{`)0Ds$3P!6l
z`IGjJHuXCL(Dq*i{Cy}!N#$SfcB9)i=Ay!0V^4q=4-$%7G__vD*`c!$=>4cpwry8O
z+3IHC6@jhM*bZkYH5lx#bvC2PXZ<TKPr6TW*xd3W)6%r$``0U-Wtmo^VQ8fHkw+Yj
zC-F|1>I*st6Qi>|*mE!6=$(&ViAt2qGzp&T?yhsv=PFVrUUr?^x-S$-Xq{($SK7mB
z9&;OUpV{nl$0KeGjD#}_Z@=;kF_|vz4~ERqpoPnXy&UH{_L5?7*VVpcTZzf7F<ygI
zY@A#s=)bO{zc?DAp)tQ!o6Vl=;kN$X62L8^B+Oe!A~->yxv?VN$2V?peyd$zrl-X4
za;PaYH6CZ(hT}&LqYHX&fpI_h5^&OdQ}V<@yhzb<wVBE0b-LeHR{HkEiXC2RpGq`K
zJ9|r9S3KU1aN&&9*t{QI+q6oWIcxRj?GeH4PbW+{R2xK}1U|X|T*_EpUDyEKSk&Gr
zq63w3sjFT88dzI9JG?wzqbKa4FN;tMPp!Os!+;ofu`vH_qD1?tQW&*Wk5QeKJ+4Fz
zKnfq#!anBHY<%I>qayPKho7>(#~ozb>y(k!{fWa8nps56bKjAAdFFLS3Btad!|3wp
zTnhbn?b?mkKNB8i2*59+tR5w7&6^W6y2HPwwG$j*)Rjbv$KdJSr;<n?T$^?HK!Bej
zw3Ew@p3F+8u4yhby2s2l`n4!|T?to22s)l?<J~&n)lKoWWIEwKGVC(y96SSU`W|LH
z#w_RUcfj8sXwzS~3fa9<8{UdtO{InkF!pDjBz3TBwOj4&dNY;BUewZf>{Kg85JHLx
zDj=tE--hID+K;Sl2iAFA9p))FdI;GQ(B)7fjWk?HISRAH(J*)yz(21TktIri`5OKa
zB1HZ@4<E(gc;5fqY{D34#k9%bI5A~*E}cwsFA^#Qvf?N9IF_-chLd1A*sJ};r!(8?
zeR`-VOY|2w7?`|`(*cE=e3FxUkz>7qhbXMKh8g2kU#^wmUaK;y5i{*I0Y$4cjQfF#
zqr`D_^ftGZ$)PJhs5|(>+W7~OSCRCvLCvX1$7f%!?~k*;(C*$)@7L0(&5ljA>}c)w
ze`T~QgR{Sps38Ap@_4wqg*&@1J$@5NW*%kOzBSB?kEDFLq;?J1G#=Y{y3NC}?eO$C
zi-jFBKa?(rc=7Vw;f?TfHt8C=3bRVLVQIY>Fq~=q^~8PDO8kCjEl^>hUAr?fyISz)
z_4sW?xuVshOn&P`IUhHjV8~{=78mVlbX?HD{F&Y6tz@h9^|x2W<>LKtjTcAFpO&jM
zJS~@#ls}9jN>6cUUVWD5E-h!5G*!PGpqeX)xnCG=2C3{SU>MH=Q{cQ7+?GT<!%Bn$
z)??iBmpP+;N4Ob9CPkl0?zqL5<QOq%ag=|xuc5!{?2SusV?Cj{BF~qfu*L?R&PLER
zHW*IN$HNIt<<DIG<zd49y|#fQ{4{A&yWn)nN>;do`-T50@CN3H1HU$krPM1}3+L-%
zN2b<P>8JkGI_0>4f>3Tx!}ZSc7D?<V{i{Uo_D|f^{Hmpn8W27-oq9j%5iu{E7+eno
z5RL_cHjoQ%$$So&fJ&U=S(j@R>&5G9h1L_W`i%%;EU?Z@lZ5FHLY%RP4*TwwBR<=|
zEyc`4*v40jo{ma93N(3moGq`@r^N-r-}igVX`r2{NUpTEO{)Y+l0A^GVX#`oc$C_^
zUER!cTH>lrW9+WYJ2ldMjzxoeF3y#ZDZLKM=22VwwRx2c({Xcp_juUQ|Ak88dTH@S
z^r)gZOwDV$!%<@HcSExm;OYjB>!p1EWe)+)^jnV%8S^*=Ok16ui1p=ulF-r;ZRz#g
zaXlqXX3A{OQ-Hy5_+K@F)YvQ}G!0A7fhT2@=o$&Ncn*bk_t7wZ`BY2yU9CmKU{pMK
z%eHozmnp^Jy(uk!*!x>mTUWOk?x-q`7Md=<+{Cy)jSp;7CTXNr|E4n=^{yc)*10|C
zujU$t62%Uzr=+&Li!qa)S;_t*b+AI@;nX+gIL3CdzFoXA?zv?7dc&$@<dB)fyqy!;
z-HSU%thveT)pjTS<lo*RToOAL`Al^@+MjjSAoGfEd#JN_apG3c&O8j5yS*5_@hX39
z-%8=TS?tNzi7k1kskeI7UD=z8qQ!pcs;v@P>emMz+ct1N{|tWiJf}N(^g&m=JYSIu
zixuCl@KU9_y$c;_I<z~(z$?{oo<_EtM62B%yIpIT%wLk<WLZ^7ly8!;t<)K`Qa=V4
z%8cZGJ!W<DQn%GFUu)|o*Z<Rzk!G@HW6D3b;WzN8m3$|^+tmo)wU_DTv7d|5@FYZi
z`=(n(SYSNA;y2?l3+-&x&)xXMbq4UFHV4z4|8&Zb<}JBGP=Z(f;z=D<8E3<mAhvc&
z|Ca9NqjtIQ#r>z=V9hn-D0`k|H5j}bqeG3G{EB3iN|rO21H7xB@X3T6(n2Iv*y#G8
zKwmnp=v~fJp#SZe1cL7-?pNP550mNVH4cHdmdAG22%Dz>yDF=WXddSMg|H_YP3~G<
zg@*0Xf%ZG8<I|U^Iqdexwd1TJmWJMfsl@sy^~>eph6YrbTsL<S$rqc)_NA-7)jM^V
zP_sQ{2kym&r)9-E&(UkR(o9c}jJMIFkfYgnM+vUWe!SmXe^BD;Gv-<ND{s4k`kffY
zA%RiSD=d4xGv51I8JQzu;xcj?8&I!o29tz~oOek!*Tp=rV^nJwdPzGF4x}EQF~`!(
zdB+MgYB&<%;gbyq3lbeR4+-+wDMWMJ&K3e`$&P=rXDU|2oLHhMU*d>sLT2r+(^q)x
z!&coYWfl+1(t$_>O^Rn)m<&hh%%-a}UKJ-dcWW>4oU=E1wf#`t)!^~KlC!i<B5Y$T
zr#_@V?)N)#<9II3f;&rV>i8h9qrcR{a*s16G6cCkan&RjjWS|PGOm%C&mG1Q&V=Q-
z(R4hv%Dli~7!*kiXg>Um*ag4gksi;UbxGqW#Zs;Iv}^S^uF%cI$4MVChqYlk79frx
zMzRa!d1#vF3U4Ql6lYsS{KLuOufm=hc{z{R{Tjze-;FdR>d}2gci((-31NWpAP3&w
zQDtX$+N9@_gFJY`7pY8=jLMxB>B06=#>KZ*tJyLUUuE?9%$RT|u66UtgjVZojnmP5
zf+xny5L@Q4!>Zd$?+L-SOj5hM1WBno(d`cl)2FjImNt)_M{Id%j6^MUTNzZ&G%vji
zxRn;Qx97IkP&=XMIgbnCBaHTtl2sr@4fRTm;e=a?$Cn6G2S&Zk_xE8{$oJ5Oa0GG}
z!eXVMFw{0kX}L_X*V@#N>~({tJdQ5bxMegY+&_j3ytv7zHN4GYRQwi^d?T5e-64G(
z)GDyt{B((>+M-0-VW#}7esA<x#qsz_+l$UkdZuuar@Wem-jjjsHEr$c*6WyqI%jUB
z?(FuE^!G`!jk7VS{9d-2i_rS&Rt!fucjL=p`7oZj{q<U$^L~P*h1>REk34!i12=p1
z3I>Oxxx`?p23K|!U4_KP(}~GT6w#vep~{2j91SU<)pdK--Q0X}r&X~4+?HD_;*!VZ
zeOk_$=Y3D8q6nn=?db6VV%-CI!SJh7n7CX1i`i5BudBK3LZ{TZd-uk-t>ne}#13@-
zuRIowbj7wh4Ly$@CC_{HGnaw43+$(5T*}QFD|IKqh6RjL_fmqgm!uN)Wlolha@ABV
zTMbs@H$$gizctJ0(xg<LKfDk-X><J987Y$%3sQbXRkq8VR^1)eE@M*AVq9CUd{z;y
z=vN9Nkt~&Vwv@WT>pDX~5I>{4sT^<a*eASTY8FlIvVbT<Pw!O+?buoJPPuxG`SDGB
zN|OK9HP+wURRj@iNmzw!#S5{<<a6gJ;#cOkxwR_P3*1!>XXCT=u2oRBhN4>pb+eAF
z(V5+-Fg4Qar{~p<en(ZV%_fZeRm{xi3tTxB5x(U;#^0#v?RbE?R*Sk;mg7#?$@<@X
z1w)PmMAD;ozo*8iRk9B)mmfWs-B_zh(p%3h4-2Y0tIO6rr`?8`4rXhH`*GwPP**4R
zo-tGZ<XD{FNX2e%ab!DoXn4>CXSR_aCFSI6L&|7OZOrYDn|0S_CfB{B<0TrmJ^@`X
z(wm2Qg4?8JM%3}<j+*C^h`F1zX|P=H#)sPm8cu<9>_1PK)TNfXTDC|O*P2k8oM#)R
zc+$D|nyi8>wC^w9mcpdp(2Hc?Ziq4^D`z#0zS-EftnlOvr=?i1TB`93WuN|8hD@*U
z)ImX$QbbVS&6|cgOYP}U`q8v=ouoNp(YCh5qXE6R#+c_Z4%&x2;|vpFVKmK5rC_Au
znv!0z05C}pzr0K^u|nRd!8LUri#T)6{pzMVxkR%+IBV^Owu^vKl6_M_!9x?ggJ4g&
z_UyN@k-;n}b<uzjY`IG5K|KA`w8Q_J^gF}tyJO>YBR89KW8op+q+P<((~2RkhnFbH
zv!mS^wziDlPRY}0M@UA;>-Y-1Nz@l<t5Q$5ld?NInbDo@ufvIR`K+8r;>E#hxofsu
z?$RT#w(t>AR(1$x*GJbJ$xnFh^M`+2{HONz6Y|C$iRC-?UJ7M{Cy*kglG%sH)*5$a
z1HW9jT|Ku;E>#X#@QsB_Ae1{?cOH#3bT(fRCmtfmx#*rGiFPvw(^Z`h+R%UUV;ul6
z0<vdIFcTPTqY6alLWit<ucVQbI)W+^@mO06mrZov-_o<pD^U0f=Z@jr;1bKU4?fb+
zsR1`qdM+*2>SNOygVdNBCQ!WV`x)%>b96Bq>1Ht-=WY@v(-;(+mQS8dGv5}fUw_Cs
z?;kxDV{?|uAk~3hGDFG2Gzj)4i2a(8<=*Vy+rGMO;jtRvP>rCHkR-Oku+^WrKNo#I
zSoaXUct4^&%o2FD=<P)`DcrSxW%yFnN2)v))aNnc`YVVZXtvA6mNTWfrLOmEi!r9>
z&uA5Ir&!Z5Ysn0p4s2wHHI2UAE_AH38?>!?>}-ywG{oIerqHD0rY$o3s$ZhUzlI#o
zO_lhu%8+RRZ1$ruzfXIakJOa0yJb{A$WyNWohVb~e$B9x8)hMtaA~x$Xn-P~>ec~N
z(zBgnpC+z!8xmK_Sg>OBG}xEY%rdA*z}ZNl8c#{VVAflV+ogqi<Y_Tkd(!jJsW^Dz
zoN<tuE9q#nzGGZ_O!+!xbbq;E>$SPxO5!yyx;Yt?)4Z3xXK_)x&ED^@KfmZ8!@AN+
zy@<5`RYymmkVdiNBJ45B?R{^j6h;;yN5kzM+BGfPd7lIetenI^&A7HotFL!HqwViE
zU30_RVYAINv~Gu43C;J`=CVJQbQbh$4lM4hJYFxv%r~fRf{c=+JI-lX7A|a<o`8-V
z^|tk4=GYQDLbt>umM_+O$xOrTPmu!;OsgvrGhU1@OWnyPteEB0_Dk3gE{{K?tq^=t
z;4d*SnW8L#ZPTlD8e`Y<c|u{k%8KMKm&p_zj}0xhJ##KRw?<ZX8L#^eCIQoF%Daq|
z#I0}IOQk@$NAs5oo|TFwY%K$|iZ{LU#J+;F*Ox!b+adKBdw~xRXI9Y4YAOWAxhglS
zF=jb0XJ|%=y|^0l^c<~pBjY_c-cv&h29p}_xC>sCdw9!fX=x4&g(}Gn6ziorD8rC`
zB#F$D;o*=G@=(p2-Q3@TlfS7>IDb;O=S86>tsy|T9D$oagT`$j$ONq}E%agFCki8|
zG)}W2p|%sQKRP=zy;>`)Ik|MyVJ9??_RS3#pc}#0_fhhLoZb4uPbc$Bt8g~Um(eJw
zQ%36tZ%LYJDkfHMq9stfTSdER{o>*>_n}S#;x*(NXRXXd_brxrAQM|#%&TT8Smfw@
ztgZksVi1q8a3i(g!fPZ_I&diDdn!V$k#uO}B;m2zFeGf4U|g84bC!@0Xf6^?YEP=9
zKxs!-YEDnDuT_NFo^!H4`?`HAR*`eIYU=PXg2UjT+Z1^*HVk?T2TscBv0C6^lsSp>
zb|<tX-5#Y(8#x=I{?PBRTX3h#!X0^;ht`+B7AgIujQf^wiJ2{T=vgr<Y6j|sE@hvU
zM0H%=)^pY*QBom{qMBB<^>WB2Ctt+IuxwYG^hLB(yT)dyeeYmL*(m_`Wiqq6e0>*-
z=HQE8z*tg)ikUc1%EN|z_gzAY7X}Nx2}l|#MKC~@(Oef90v5(M&T!4!p|@(hmLP9P
z1srDk`%pwOz5XY)FG)Jg+fWGK(y&s$V)^o-3WwIhD;D0Sb#n;FmOYmB95zcPaiEtP
zYm&&SA+^QZnor%XkTC9+k#)p-{>H!cQFmDhu&Zmin=S=Z&2<LTH>~p9Ih+;SYUQ9E
zB$e-YvDk}pYi^g%G+f4S%E3LX-tfDi;HYH;jN7mze|!BYV*RE(UdFyQ=KONKP{=sE
zQc%5B{*+Hl+TihMTl@Zyi@-@MIWKI!D|U}ZgEbj~jZ^iOQs&TQ^5NV%KMuo}xO<jL
z$Kjw(7l<pjFFWF~tE8@8z5j^&t7%k`k02<ofUDX|P4#@d@BZ#s=uB0E2AF|uN9w{l
zzNPD6fn^nxz0c|sDy>uCcX_u<)7s^zxHXfoW^{a;XG1mN`X*XJ-);ALJn*%KQ|e0{
z%f;?Y8~ypA_Ruxg#)SqX$N)#O8$7ImrM{iLt$~ikU(!m~6dsm|37-!CFQtx8r;g7|
z$Et~s&!~>iz`%mfLdWvnpl5w&v(V!+GqAn47?{-YSs3X)D1bUX69Dib{y{Obz4Jc?
zGyRpI|DfJSGO&E`SUyxU{iPV*Wf>Shc<-YCtW5YU%pZDLncwxYe%J$i*kfdPr`SG5
zv3$s~z3XIR{h;XS-kD5n%zw!bOU!?{^epP{;(y&`c(=gJ@Yh4;569S;-ennB=|8lx
z;xo~Ic+3F!5c=yb1K@oqGu?+42DW#Sk^VyqBjY>C#QHImk?BL=uPh@I+j~Sze+5`R
zg8PSLea8zx&-gDPz+Y2;fnj^^`H!K0bu)kX&GZohBil#RO!Ob*UtpLR|Hl0ff**df
zGUBr`{gr3_i2fblfBXS3f24=`LqCA|-L-!Z1~7lP_79ik17k+!kK;p#^&^zODPv=J
zH^)l%&eg>Kw-R9fuM+r3JKcYN-bMeDru)$T-g-Cpq3z%J|0nvreEwB9A0_iqEdMH#
z_cr}sO>`e+@lg=}Dus_Cc!!MPUH^OP|Dy1o?T<9SbKW!j!DslN7T<IH0rN+4|Ng$G
z^COQRfc<U1=jpG%AHV;RsCWK9vUK>2%*-F@_{hUQTK+-)zaalNs6O=k$JxTb{6F3J
zuQnqi<2zjMV6lEc_P>ArPyGK~^8b&+^!GIWukR20%yjQiy&wPB`k?6WS>OHn7ylp5
zha@9_?cbzW8Q#yme+!xQ-$G`1Fa3Y(`UvhX8l3M-#7)fY4Qy$J&2{Vz1P%18^bKew
z4J?i9jq&N(-VOXmgZ>?VRwlal-GgEObtQ5J9(zE!D=03$vfW7!k9=p0(~lJ+(J@T^
z{wWX@-{({G=iCVnKNx0$0B=w*e?l-}xe2mct;xDF6%ugM&Qo1gxZ8GgM@?nrs*^(s
zu!ju0H8#ZgnfGU~H&5efoL8KCTss+$t8sWk2>n=kj_&&^7CVKZSP(Df4UDHLotR$P
zw$uKXC8;HwSmPr<CCP!DZ9muRqGnh8T5DuW>OI9YkA%*&{HsYdeV-8yl^a}~>e}T-
z=Ih}wr+6l&o2`fXon{EasWpdH+<)o}4@p%hos#Juqfb|POf0L+ouBl^^%#$b-a@kW
zAbA<}d*)I`kC|%ysdwxJY=P$T=$cRBP!As-U4DIB9hq+nAmg?ZTUnfSx4TUnv=VkX
zi|wy(E|FfVPqooz_+vy>rvAry#iwGA@s|8iy|LP1;di|y>(YpGKc8H?gOHxtpYBzY
z@N`=g+&dT)I~~kstJ_UxyzvJ3x756p<jN-=)wk01xq<SO=NBJ=6PwIbNFuBORN+8Z
zNXO(0u3d{YJU}J&seD-;ZlYt*dE--+qoGmHFEne=rEZnYpC?VgqGpf|?}HREuRKr0
z)MKI2_D&YckzUj^EjiTm;(hL)4=YiXrSi47og~tCuBy>h$3{g6{YUZNXt!1fW!hvi
z@r8fKI>3my^<)~ot)*=^I1b3H1iew_o9VMYPkY?Ejr_d7yH;L#yGjl63OWc?IeG6+
ze!0r$94&t?dOEkG+qp9z;rS8e)uZ-0;}N1dqKjUW{IZp=F*?eVtUP@CM*4JVM_-qm
zekFfLU`QYKE^r%_b}Bb}jpwzC?6~UnnDUqTKB|xEpMLb3w-)p#HpYLo{;eaq@3>>h
z`M6<H@4w0aH;Mn$@_*;PN|d_Y$*lOjt0ZM%4h`Rb`#$4?8eg4yF#jW0J{boWT!Hgw
zl%yK6-q&K7>Zad-XQ}LET;|;E?e};~NB_ekTuV}c)0|hefmi08bZ~v<{T!F<Kv5DS
z_?v=+hs*Puao!7_()F7*`SC!+o$=Y44w{#YPR1*d%ie2^<^w|7Bdx^=PjiiL4NK-i
zy=~v+tbs&QEwI*E?y5V#KM>+-Z#13JO-ahZxc}NjzCbdA$)@|>MsFazyttGMkC{P*
zWz&D7ConPbGnR%%bmklnD=EkD+R~P|<GjTMx*c%Hc;ZMQpyoB<wOGvxP{2|;d=Z5e
zNBZZL9dPIhFzwN5ERLi`xt%rbYaK}ZoUK1)L+q!(;GFxt!7Zp}!{wzd!PDx#3AUpl
zY&=yBzOAlXdkg+-?pjdl$hKCH6PX*&)R|Iq6m6BR;zlX3M2Xc&VOA-tO**V;S$oxZ
z>}Z^Q6kQZf0Wi0=IQ0GyT#BqIL4X6zFcc#SzGNZ60e*vAzJ!u;nOi$zS8qp6T}QxW
zzOZgb^ZVn-*oEV*SMJs_4Tricb|uR__TjEV&<wl6p)4f_d%Zu7kF~a!P~%xMf(E9o
zUSmf`Hp92`oT`hdNKWsdn+3;?hAp$ev8OvP*U|!-LwfzC4nzJ>0^AgmZHdtd)@#JA
zs|P{tu>;s@2vPr~0wwvyVf02KDiy>+7|J@rJ*1Sa&mlm^6uVs4vNh7g;%b)1w&n#i
zOYQa1qo{?s_L_?bcPo|AB2C#fs>brF9&I_kE0!GgZ>8SQvqA%E3#uyKmkxE9y@d4e
z@+CbGud~+GUZ`l^J(ROQC$CM*#B0?6O`Id9M>%!f5D946+N-}K7hw;xjE8yZTrsex
zUp$Rs=GycSDRr5%@iyXZsl=rXL>vU<=jD$qJ73K&m0CPDe!}Nh^lPuE5Gf5=A>4W3
zMO~T5Oq=SM4<sZ8^bJNVkXY4iDw*|~c5Re(2YF3f>(5tdsQoD2FWgu)JvFSx%s{3l
zn5I9$|7DmIg``?ssK(uYQgRXVBAT>3$$e1MlaFh$umSi(>N<wt7$F|^<>p3-Md^Bf
zoj&3)2PeG#w&AHLxG9($lUY)iZD5d!8T<XuScp+$nyOG5t7NGQr6=qcX3yha>+z=a
zEcA1WkCB<DcsveDb@hvrnhaaXs5?or6eI3~i7<KJ+$t&76NiiQM9dC|hUf<jq7oK7
zCo3W&1Euo~!^)0Nw^JvQGUZV+z7<{sVSIY#o*Zv|O(!wD87-t9P%Yzcyi%TdXmhku
z6wy?6dh(4N`&pS&S6%NyHYOD0WiAlp<$7b?F#BLKgS~vzTZ6LT%<b7v#*|knm+t8~
zJ3WTaWA<2jsOi|>YBX9HNv1(wfulH;63}|6snzeBs*I$yfeKS08l0F<p!4T<ixUKv
z*_^FIs({3tlTH4E<evdmk0gF>4lXhgH(A7nxJMeColgcPIPN5ub@B(x#wIAX$Am_#
z^1U7s`mqiS^j&;4+{Uo|5M|=6zT{}-(3~xDERi)hO1R@I>Be@cyQiBc={9_KG-Y`v
zld&gc<nAXT?)yz-vpEEuQINRo?7kDFhd4@sw{<e{n8cr3CT7C9{O`ox*GU|A+%S*g
z)G-sfR-zs&x?j=VMg7$2;{oGhQRy-C+A6H<;}O3f_U{OPhTLG)-Md1K>_g{k$eE4e
z4M&k5T?US&QlwrxIyj9N-g51&YH#(Zrh<<Ye;I%{x1BPI5@?zPtFw;!(l9p{;#nzM
zS7<hZtFG;5M~*ERQ?&u8MZ~ZGB`&UI-)#N$gX>l;T|3U2$i8;Y-wbT?*G!mc?UgA)
z4gKpc9f2=(MdL^a6om((*9g<T2xHA`Zedw~>j<d|k|=C3&eA}VA!DKOqnE+rikm;U
zDUmgjv~V?PoDsnf%|KyzLno%V5S^lhL}xny4Iccay0JuiFx#WKo)o-;mV`wJdS}gv
z4xDTJlpaM68Xd>rSIS4<GwS_fvd2PWLsN{jUG1=m_o*9o`ht!CZZ~tBRZE36u&53}
zC6*9;<B<BQpjKgeTgqJ=f?p+1N^e8$xPkKotDd@V^mjDh6qKfHT8TJ0qUYA^TUoX2
zoa~b~-y9)QY2}}hW`W|4ZO)Y5eSuTAX$?PGDPFeN6U0Cxn)-3Jo}K;37Qh<!3jzO&
zwQmg0EDG8TCU)}1cHY>wjW@P2vCYZEwr$(CIk6_3*qm@@zy0>x{k8jJx2o&b>F&C9
z?vJiMr*3yYkD#D~SPV@Fqtb%OItteQKX|p(<`vH{zjXOqt4ORS^6r~8v-<?I6fnl%
z^}nuR{mSCiBL><R$Zh{1h{;SOx(N-s0?G}2tx}{AmP`_22@q@pE_j`+HqLvN5$e|$
zjMVL<)Wg~fS5_s;7+#BS7W-Kg_VpZXiP$MZG3@j9Yie#+_N^z&G~RsevnA`>;GWe2
zay&8R3vT5zO7zvwc!#kp+bfpZha|hxGtclo1iM8B$siUkq6E(h$3i>!c;5+)FSj%b
zm^0@F8u000f7gHq=oht%az)^~7HPD>Z!cR&HUFu7IH2bmteK&tLN0I!dMUp~#eV2$
z0iXU^MBXr@yAg!SkL`e>ulO;o(_J}?KT*ZtmV*zJAJj^y6cJNnX4C}~laqKiQOxtK
zru!`w`7t3V8z-&MdUMwB@=IVX%qF2uK^jxGe9JJo@!hDl#w}Az5WxC{KV0h^wXsvr
zTEyGQuk+DRSgFg1qaG~f6DB^ln$Q;Gi!$S6su(aImln+H+<BLL_l?e&=xBnbZ%8(|
zO-tGf<DK^<hNchNAM+jl#r#HY7kdCDm>5C`);};LUC}EG6Pyj~G29x=9>M_p;ew)h
zI0NdDM^1yt6jK;-9$F9LMCFO}aQi0~&poZ>MYPMUlh(WfD4TKQJE&RCsS<!+vPLrE
z4OC1p$pKKyHE2X~fT~kXQUG?K>SU7+Kn;jK$)o}xS8SEAPXWY|Ymkn#0Ak55P)HO3
zkU&dv4Z@MUK<koprV)PNA6XWu$aT<kVxeTDHBd3xq!d63w2)@ekNggjPcexEB$cF7
zjEDoNq*)9ioj}nkCeeVRlJdktP$WEXvIK{6L>l-5lq|y{8i`Si!#KhW43$-(m52a{
z730uLGyo((h>0fo0LWsR<U-*{U*KKw36q3yq(A5(g-kP25OgS=z#x$d@CSO!?IjJ;
zg-AsjfXrkQNJIWnHUSrl9c2<|B_aWez{C>iL^2ilFn~MI7DOS9#uTCs9|f=g?iVx5
z7$*;sgc!i*04f2I06lmt%x>MtArL|0em>y0oRe_mb@7WvWS{hH48TzC))M$hF`^0b
z1&&~Yd>Kb9K^JNJszAYn{Wy>>{fHFkT_h5v<fR8dEPcxd^rssU1n#8m3jlXg_6dRh
z<RhD)Zpx7?P&etwIjEazqzcqcHZle3rWlC=b(4(TgDz6`d4Rbo`?$c|)csWuKjlag
zh@W)i0CbVCuL<I(8Yu$tlZ_04_$fw$LHr~mAE1j=lQe)nXp4HJ2ed^#q6l=CMoTDE
zjjRWF$T_6}JY=210GlQ4`jLjRPFa99S*Iufmz+})pf7%35@;W9k_A|mbIJj%$~wgW
zH07L90GhH+A%HYFrwl-vtWyL4Th1u~fGz731UQy+$_40_aBD`o6raTJ+X813O`-r<
zCETj;UYC1!8$(AeVN*6JX{$txbpm<@KJDF4j{g^jrZnlbkls!}d-s>4*Vo?N=g`qd
z*wh<J+A}fZ|3}CF`kc+ZyVjv2yRfNE<g_+IMh8B<9ryO`OGmHGy(7M#C!pEz2fV$3
z9G=A~INlsknS?hIREz4FT479rfyO+vYz;MUh!x?&M8b4JeoMl%^E_VRvUn9uT?~jW
zLL=VAi^2s^o??Z&0HSUDSsrpyEG<cC#j-$FXi*p<{*N>TUYWcEFZ?V53w0T78GVL2
zQ|j>#$QpUUwoqG~Lws4B8hwTW9&LssQ;|K!igp1|I3b=CPKB;Of~UmJxKD(DC&x~;
zPXvRfpoZxb2cs^zg&~Y7ek5K*<3O>DfS#h#gC<Umid2?36dnqC1Qntel8OgML{>DA
z6^blP3KxQlhb(D<s|YSnk)J66NY12|(rD7kQ8;qMk`?SM(EdhvtNs!sV_LpPeI%Qt
zm?Uw=D3MyE4q6P?OL&;bS1SZK^F}02WQZqAALjG(CB$UIiQkHAOg5orMC{YdiJMWd
ziZ7N1J|r|(kPs%wDu#fv!@m!AMIhTqypYNgQoQD#fF1csRX9X^iasDMtfH+V&gYTW
zp5_awoY56BMfB!(&jBBC7yJvAfY%s>LW%dLg>m7Z!VjdFe+5be^Ovq^9(4=-#IIF%
ze8jI4?+FWkqxL8~U}1VCfgDhKh-3uN9&{+&s7}-iHOK$5F35>9q4x+&<Wg_Q%^rv6
zQhJA;e5bv$DJ&cROR<0<9*1#B`ihz28x4v>7Z815J`xarAmJe<>CCg@T3{?>r1c^$
zxuWb0v!Y&zm6pY&L6^xuI-`Kc*j8}GUdR#mK((Xp6iEExITIjLvnA<DceE|)%C?{&
z-bd1zZ~|RuC%&p`x~f9Aimor_rHP?0;YzuHskY}Vt1syaT%b($U}<qiTL?+^0AKhk
zevD>E$(tsdD^`JA*c35KwjtWgvtJFFgX_cymLt*(+_#0uQFPTA#)W8+%7z_%UkZ0&
zwjy7EuI$Y{%Mop6+_weGkzZa#uOZb@XpSt8v7+SY`BBM4Z5_jXE;3c#P@?7xr-HB`
zBOVojrPA{+8khbx<?Ki=2~(c`Z^0OxD<_a8#-0T&5S3Y50HcnPBfXs?g95KY#};0S
zp+KIACxiT>R6KD6gGwrK<S7>*v-2$zM`jjMA)o9ZVpJm0iD}mq$PsGA&QnD;fiIGh
zaLAA!DScOwe<$tCXQf8b0MDLCBdsRMPL>${%qJ8C8X}Lyn`bU8Knq*LD-owe8?%~^
z4==)F=iX0;qAl(I7q@6q0rSGNJS6+5kaW@9!|U`UlVxXK4?jP}!L6%_RSd1^|3$D0
zvWojKsRb}<T*>aKl+$l1Jx%8p^|8=9LmXG!zR<O>IoywN9J65#vPAOYUIZwvSZG#A
zQ7B%yn-A~qyb+Ebz8_JowkS$Da~Ms|iiR73s0LD^bURdw0FWsT|JZJYA_^L6^`0Zu
z4L&A$c<u+^<$LK3xn}C;>R;{8+xx<}!My7ge?{1J*<~{lde4K%Be{-~4nXw%_748S
zY+P{s3^$XD68Iau59(>)S@1<*SAUnVH~`Wg-xI+T!;}1zV($DFlD{s<Fvj7w8$Iv9
z3)d6wb>t=R7;4wci0Ljb_<H??GS@OcFZ7e+LG?CDKxvfejvwv!g%`hnfhEe>C;X)V
zG(Y^eF5-dXp?<Oc;FY6Xm})xyXI)Kicim0?u0Y0J!Ix{OE0G<=!^=P>2v-Q>UHhqt
z+%Ecaeh-}$pR0P?8{0P9hb`oH^me3n%yy{u^~B>2xOaqI$)yhP?iuIAWABsm{5q)G
zpk6#X{gBpLab3-R4<1KcN1!8|Ba0*2nSS^aBeT+7wnOd(&s_I>)3R^VvEF@6F59y0
z9IkbQB?i-NHjy<-PHT^VtF@Jw)xi@I=@hj6`tA<1{}2$r)xpz8jCsMxfLI5c*Zi$>
zexiV*pk;IQr#oGic9OG&qo>v5lRD{k<)OM=)sj%%{-)+_q<Xg_rsf*$8|^ji@&=X;
znoftGM0iblW1*jfXNbL)=g1o!p!G*qS10j$!{BxmJb_*x*^WUAe>443r=Paf_g{(g
zCa#Vu6NAe4Pay@RiJ{5|Poc_w6F-#oW$di{C${FhFI~i3WGzB09P%(LffdL(;dg9u
z7C%KdEq|7#$s;Lj3UaV_n1QU&-!bGy!>DYDiSaa9so34$(&tYSE0rms=U6XrcMz8u
zd6|Kb0><`&mGgwIeb=9ZHKtefZ)k0qR&vk9bbfZ<yM3MU3{%~$H~xOFoO$e)gX?^K
zs%tC}%zHIBJFe&~HnRTxPMd0?bX!`k$kLh|!B)x6SoLq5tU6{nX@9Pwk*8zk)QL7F
zkMFNVsWa1Y^rlE9oVmMmS(&U~e3W6~FSc1GBQ}VGE_vIHm-_FM7tBI**#i2$&}Fmm
z__Od$^VRFiIoWxdMIVZy+}iJ;h*UwBbB$CUYhP{`Z#VJnRt6WfnHR^d`GNe>t`G|v
z5Jq~N^YWyy+s(H>p1*HH#M}gJ19ocHY_}}VTY)0@ybf|V6g2xqd?H9xh&UkgsOMq2
zf0}^;+~^Sb=;|1+xn#=BegjPb>y%j(dUJA$CKQ8Lh<X6WETKvE!=dmdzwfl}I@Ww|
zLgikSI4eo_zK=Qn;=WBvsznen2Q74FANmSaj-8OfdEfSn(soc@--5$k^o7Q(5z-{p
zuIny)J|Q>e8mukY3S=4Bd0<jdOFy0wM?Jh1qz1%PkcJU%JwOYh8H^e{Do8?@tsd11
z0xt+UpGXUA3B0A>*NBK2I~{Tw+5((In8T5b83PuaE%3CT-H4VMDjiWCf(im7@V1}Z
zh@Kf52T2V)MHosMIT}I|LL?s%2Rs`L5hfH|EC`hU4F>`dIx>jN2$dNX2MhoKB`g>Z
z^8f=OER@d_kMIEQ9B4~|a0A%`PP_}nFU&-OF%GsR%o`8g9;ikF<p?n$j2;im4aR2#
zi5}?L53dErh6<AoMs5W55NL14C8#b8&fTvC85TzjjSLPGbR7iQ@6q4ZZy4whSQjJ&
z8354>(fh3zOb|v8@(J=^QUVM3CI~GE@d@S&`%d%%_Ck20Yeak_ctdo<c!PX{ziYS4
zu&c0(wClFZv8%p|xof^lxht{zA1UaD;D-JN@rM1zW*4|CvkSNDWQ1}<x687tvWvEB
zyi2+(vJ1ZJZ^TuPZ~}1!c?ER^?he5h2s;n=GpH-*AACd*U*Ki`Wj|BUW}t46ZeUhW
zR-hpm7X%mBX5e|yd7w>@O<+|}RUlmuUEoyERG?gtTwqjCR3JhSLg0PSePB(0M?a4+
zj3cKbRz1`jV)g`{WUEVdK<xdT(<jfY(AeK&?k|Glyo2}ugHaPK9Grk9kQ~}^7%Ud2
z9}SY*1WXEX_y5uOU;FySHqALb@yrU2tsis05m@FOT)1TaGk&R#?d5eWzb_HKWZ>&|
zG>(nPr`vq;kEY-9jv^cSP8&wc8%M3nuEf^O*wS^S3rz1=Agoc9)2(y5BfL=}G)b-3
zt)G8g<n=!^4^f||F;{sLv(;0KcA~gm3;80<mnfa=b>LJ`<UE&`ZSH)mJN3>X8*bSN
zZJA4(S=88f-=TL0?1y!t?50GyJ{u)yv<h!F;~C=B@%cXQ>BeORSJ+}@&HSnFs7_rr
zen+a#U>Kav9@beyZ&j0Hkk}FR<s{`GE<rV5_iJ8aU4gGQva`k1jj7W(Nm)o9*R3tl
zY~Xm&nNqYkUjy0-Y@&YX6?v_YTjr!1AlRCfnV2h@mf6U%dT}<etz~GnFkH~PKgE^K
z3KsIN@m%Ot-+NuW6EEq;$>;~xA*@TRp`_Kzt(#xKUqn@{bBuX0t-fnEoUc8uv5{Sa
zJZo2z$Nd5Y2Cj@f8oJhdHuP3ZSF9utyV<|HtVQx@#i7}sEtqEZaY$L%kdHEsuAmW~
z>bxjjtC+gE5=l%b(8$!x^M-415^!N)8zC0Q#fF2@tPh0FE_vvL{-oSHDa2)T=*Ypj
zbw7tam|y5*_v7CHE!4~L3uN@`PIEucW0SW_O9BS$O}I=M?3a_x?zSNO=(><B-`rbs
z{#9CvI?Kp<qqZw*^wQlLVK)cdO(?I;pBorwzD&IWruxXw;s|apOuE)T)<{trq)@*T
z4W&Ks!~Pypxh9&CIvrc9i^nRVdHm*sj&}C_3DGB2V2()2y6)*O0K`<Ewl;O)MuhT6
z_J)%ewubPEq6L8;LHy-mnp<alzt$aK?#j3Ga5_EF>K3rsQ~IXshG?_T<`~osS=F4B
z6P34?M#L~7FkSt|AZNkX)u(bC=z`Ky;vnd2`g|-OSKa~ggHus7m(-Y~YLvOSyU7ST
zgVEx*2Lf$r`i_Y#B|?C6FR1n;@b~-3rY6~GFm}9@pS=$ctY3a3p*5AJw%Bu<+7?@p
zn_lY$9w?U#+z(fu!;3#Yx_5K@uCJN`I#yM5n5}-(y+H#ygC|aJpIh>+8@_r|O_u9h
zB;1lCUI*G!8}m)JHhxIznFl@e1oc1#^?<Wu&=4pO5ekNd9)26KlIMK!Ii?%&bB0F2
zV|V-s(n~(L&dImxEgTS&EDwf$0xg-H;ueInYZ~%$%jNiv=i5G{%@7n{r`XHIa-F0g
zYMSia*uFiiuMgd`#Z)fjpDB!PkrsK!IaFMHq%I_!%1_9%XP~pGW@jKD6tq3U!SpUt
z`x@5T{QX2<X0}z-PW291FFrvGtu?4^_8;;!wcJR&;FU|<PB3Am;;rt$bV0Urw+QEC
z%~rHNpBEopC)|cX1fTwNe9BCJ%<pj*KZm94t!Hk@@6Wz=F7a>+XdarS{?WH)9Oc|S
z`un2Z`h5X8%4h`bB88*hnxjj3%eE~71;C!AGI=42c5nZ_HquE9S4uk22(8r84mv>4
zgS<n^-Kxk{HjySaF|Qw90*&Rf8r;Yl<vqm`pWv7Y6%v$C0}$~JaoF=68B=c^TK9N2
zV6hl<8H0xAFw_cO9s3T#o207^m?%?F_O)0^b3y}w>q)6+a;(5Gm<lXQi^e9+MhPDN
z%&f$o?~D$K4Sikfy6H!e2R0ABO_bY7Nv*?w6dOykswI1NtT;}w`~xBuY}MQ(o51B<
zkI=ptJ{qe}JFbGME88B<(kvq6CS6VBe)p$)qdI(v|1l=Fx~ATvwi;bbIW*GCKJWSo
z{p|4?Qf(W6>+a%;po^jRyM==NWczmu2|`wj{AQtv(dQ1&M!zpkOal!ua@bnI*+2uK
zlHG?O4;@_wA1~3i8rm$9-S>{0AEh%KADD9;bM{0Tr>YKj<{G)TH>2N=840{^n!sby
zqWVU93*G{I(LU&mqa?1~pFI9NI=S6m8R=cWK)4tfT$43P^Jrb~hjs&^GBbX~uiHAT
za7`TnqB<Om$Wj>_nwNSV@{5|)5C`0SojRPy>aqrIzVzAvWxWgOhYAY!RCp;v$0zR{
zYnM)Edvutlg<K3XNmkQNEuOD$^;UjvzWE$8t6W7u2D)V{mNVBE<y8XyA!~IcCup~i
zfu=amyo*ar1ov`juS(56*QmC(mrb|nFmI$krl<&w&@AL#>Do?L1V$*_k;8RXhlnn&
z#z(fe;A3G!p(UyQ2X@jiv!PfCvJK&ohU;M+o(j5?!~M)-VGJ~<3?HSGIvVmJSRS%I
z(-L`te=EP%WKeA`0Jr67nVFf1g-=>nHuAF<h;4J<H7qw8;ia$`mRjqW)_*=K)d{$`
z8(ZA|1i$LG&FdMpeP7b%7W6#zBBw%<mt!?SUuyq0rTIY%zlfqF$cj7n!s=3q6-%F~
z%`<O*iwW%_q^P92^N4~{OxR0TBmBOsZTIZ|h_@Bwf;vGwzaLR%i__LFCqY4jnUKF^
zk4+qoTtY^byffD~B*}E*Z}=_chgCf=92!5SMx{@p-UK-_$yYsfQP5srROoh2rPfJ8
zU$2eaxX>Sh3WxgV6FyY5W}#D&8UnV3_5!8#m90~Z9IBf~t5pii0k_!Lb+5^W51?Na
zM7SV)rRLJ?crAZb5<WpxXkhAUMiB+e_d2=$c$}Ng=Qt2@PwfDYmn6V=G10C&$)%R8
zjw0iNHA8U9N2;|<jU)p8%bKGmgWF}lbQa3)Igh2YQLh2#K%zRFi>NZ&fBy#RJQ%Z#
zD>r_v&KGQUFQxtCccoyAUz;{xSj`Ck7*@<s>j@yJZ|!^2JzT3*eyiK9LvRFr`p<NH
z*WDomYPqq98RSu@(WABOod!h~x3yTZ?u!B6?@gsM+Lpp}R`xtPixLuX;`r0C>2RiT
zcDOm@Wl!krG;Oq@+(|$Vwy6vaE&e43*<u=N>1k<&iDvvJDP)G3=x1|t9XDD{?BWOK
z;gOMy#CvK)9ssAdJTIZ(5}SM~x2<f{_g}k_f}G1{oMV*j4F{t%adhX1$f+Zd>+~#i
z3GL1MZ(ban>O?|(Rvw<I#Um9Rd&x(Tb*-%xbVWYJYMbP+vN|NPi|{3fp}L?{T^NJy
zLd@u^Fp!<l&B^9xKno!>ipomKUjiVfn8@~xN|W5L9`fTfr1Vsq<`Qb^vP~q*quALQ
z+Pk&t9_T-2F*BNi^`qygo|0IIH0j+|p39RHLD>YkbzG-v>XwVdxw(1Q47AUd>X>g3
zBV<HvG;=rDkM^l!mBZm44~mvrM;O5?uJ^fuQ$Cy7JvupbakVFDKIknfqt7hY-+3~>
z`n1Ld$Z8j9&t9S;XUn;?Z56{9hR&51Hor4}_YbJ7GK>`h4y2hZIc>`!YyMDinAg?o
z$Ov;7s&_T9jhuqVznoCuIF%3msaERv50BuT>(#4W?8$uHgy8w4X&d8G{p5wuXW_Tc
z<GKh#Ol)aiQ=1f5)N=MoGc{pApZ7e?6&G%VBn%hN2d;hJuVmD;)bra1w>^oC)q@Fz
zsDmnbjfSdfDz`R{g-R|h!j)?|Kk&AZedHHkukToLI=SKZZ(Yy#U2gX+M5*&WJQClH
z4F0IeUbn2h74${n@Y?()|2_E(Z;5J<cGBpl6sP#C66Ih1D-F-i-ZFC2eivB`q!HT1
zMdqj{t6?FjXsxGbtte@sAxpr7g$<8MEZeqhzjDsNc`o8$L7X<Sf0mSyk!8VIc2qcb
zT&^&w{;DouxtzncA&A%Xx+QF<u`R;DVDZ=yG&XJBEHrw+4^%Wy8pzE|KWW4T%}n&F
zb&Ku4>@keJz`HEXIP3hq2N4oER?pd6PRHg&Se{y(Q|<LSm{zpkKNv&V!qS-*t(&=%
zWzAvjmmPCls0oVr1k>j%Zm|}Xm|ec^oxA96zP5SU;5XvQn^I{}*Bgb@4jO1B>n%0*
z))<RQsHlwm3~ha67>z#Tsf~7`(@@e8u-+c6jDf^vBJ5`OTj@5qM=zU^&!|8oG{!N$
zO3RDy^FCPgVv{;Nj!WlpI2~Oc%`S!NanTxZftuq1$svq8KKt75#sxU4kl$WckSdx^
z2(9!PA-iA}fA#1urLO<(YPXv27gSM<bhb`5@4an*xb^kzWjR`NeR8^-I<BY#U}0h!
zkO_XWTJ`6HYk&RP@#yDpYeD&)^-};-MLa&LJTTM|Ls<DN9F=5}6>)?x5iEf|sou6F
z5aF37vWT|52BTtmC8W@;RY$W%!^t7rt?rBGc;{!}+G=l~VPEg{8)Y1YCI9jIvDfTT
zD4lH&!coxbD+wc4IO&gThwVKu(`vNmOK8^gF`GD-;NXrIaPGhM%)SB04RXd&JlNd{
z`OjCY`6TuXC%fkP3Gfwu$U8SV-Tm=xEcqN^6v4RPVjgDU+3g3+`=F8r2<AP%h_Yt6
zN2^=fN9vnvL(^(P1+ik0!Wy)2=kfewCc~OTh|`tEIY(a@vNhbNTm9>oHCE*<3)lo6
zR&KM;^V|ByL^B831+MY9^x3HVG6o-<{_eJ)qaT{I%Nwug@U*$ReLt{r!*6r4K0Vx8
zT!8)}9IMIR?k`VL*G((e5Vx_M5}Quan9<kex;8yGaTsd1{_n6^TgC$?kM1xSdfu$s
zsr2);EU|e`9#9mSJ$}=UR##VM-;IAy7Yrn2UldSo<hM1mqidahplGn+6fdhfLOJNe
zfs~C<C(OOOyro#2e=D|nXM(R>e9nP&pY%ca|Mdw>c*5Qt6+)Wk`FiWWdqw&AHvqz6
z+9>o3sXp8Wtm-p(w*+_krVmL&<%@GTYXH%LIT-h!Tj^hq@_($L+0q9Pzf2w1|I_my
z`v2zoujO6<7}3A?zrG+|b(_H?`Jz9CE^%kAenx!S&!IgUWd-pxaxU0Wt>m^u**D2M
z(lc|dV0PMlXSEMGYBX4|v#CxR!RfRMM$;H^-Aq-nA8s20)ub-k`BWz@BXnNwT79>R
z|AlrA>3GstHdLegx?o4pWG%612W@erA>Eddp0z37Im0^8(0{R=I&UYJ<U~imWyi4H
zI;y7&y=aF&y?zP3-8zC1^Wv^$*=FgwN#tU8snAAPonF&5Zzoj^*>7yZJp~QBx+N;s
z2INz<o19h4YGhls$k<hOFWpF`I!Ml`;54_aR9MfjR{dxBPxW&5MAEfnGdX9~=-cR!
zbaYfmkOqObXd0HPDep~E(CL8IH}6K=M_)D;oP^+1_=7-P!BQ|`BQoaH2=gEw!n29~
zGDM@}A0EK|e?XnWbcE64_56VeVC55FF=o|ZEwJ=h%8X#HE~rvaR_0_fus21LbI`x=
zyig@GWawd=dGUM-aPV)jA>r`?<-mGP`e7F1jn>)iiRY&viX1s%#>?2wlA?2!OU2NA
z<#Q3uU?9$sUQdmnV<QtV@y?_dRDNZmhsz<Sr;zv|t;|5$v{+HV7|A3o!!qZFjP5g&
z#>44I#jaGu>kln>;||6f%l2dFXh-hA>5xG(293InmpPL}4fs5I_j?J%iy~{B1!9uL
zb2=ACY?X)MyweQ8%Zkbpv+Rq^_ohNd##iF(is(S)r@`oWAHuv`bh*xJkYqHEV<{WH
z*!IY8fB@<OixK-3qIfd##k9i`Veb^;1`}Z9CJ(k;42ucEdC5$N($te!yZ}sIVRiX2
zx`*^oA}&W22wr$IVkCwV_-Gn5&B#(@?MefPag|_K7XG)mMh40*2nnR<pY*)W1!^}u
z9yfo3yq8o-4e|Fg8*xWM?usH;<YH{IVwuk=IhSE|7>H|%nrET?kT<$YcOE2`lEX#8
z8^w@&<P<LL!UZu2CzJywnREb1p*Sg|hC}1aI4uQc)5T7%`CO5uwJ<u$M3WreGSMdA
zuE5M8dk{0EASlqtKhZOVV9e9x59zq?jeF0Yf>tVA4{^x)5b_5hGY$?CYNhx~XwXU1
zY>QCNJpP1vu_ndZ#Gv6zG9Ec$_NNuB{S8QRu$#es?xQ*wg^;00C*CmseBcj~C@NPb
zpLhT>>OBjEf`}*E988%+DGU=E(<8CM&c~S)SNZ0r3MRRSp$NpsF9)$>N<-6#Kqsb7
zx&UfQP1M5n^@3f?s*SW@dNM;jl`~4gv@;u{cTVgeTS=LuPqvUec<|T3_P?K$Gtd0O
zGt<P(A*P{a?PMx-X+$&!@GQnBG7?T0-#DAbot|Q<y;}+4OfaAIe-_INt3v@BD{^ZE
zmp+SM8e@F%Y=q4h_+Mozw22$EiE1hcF4>_rRF`JI=ARsq)V1HidIN%C?K62Phx%-E
ze|?Ckd;F-K^FHK}3Fckb3Vy9z)2ek$!U@b&?o=*=602RpQz8PX`KZ&xg$q>zF@5%-
zRV0oeIX)D>OSHJm`xo3L0hU>Ka&&2UQB{K)zs5|HC--SL*dCXV_{8m<E5}9uDk^T`
zTDZX^GnqFdhhl^dOd=I!#_*F%+5s)N4LN3AVmy8r7Il+|dGVs;&>W7x%~zQ)Lo+19
zF(bMJvCkOCIF||a_?$OMe0=XGnK7(T%+o@Gjgw?IL1KqhGG!m4MpN}?6-RR8Rhd^W
z7VP}09>guYJ5WdVW?X1@aiy|EoBXW?7`HM|8`W6ww<OPLaeZXTrYm<*p}MpbBT#iJ
zDVXB}z;N(-L?z^gN~4)Rs`okxzTx{CH^<|gB41LKx%4FORH46C*N8S|uE_K7#+)nL
zF0%S>wdLn5)z3mYyk)IPTRVpsbrK6^5NQOcoA%rDb~WIea|K`G*J<QeL3ok(AUQAR
z4V-x>_))UH#K+*)&hDzG7cj9!pdxjCg7Q75SS#w2mrkXzaP=#kqkGwBD3ehjzsH@=
zGpgX2GhdvCHawhaaMau+r<SIa8q2ThlA)}t{B?L;P)2f|U#2w2&4~C0dO-GC*);#w
zAD_O2{E>HPN_#Jt038~+S|fs0rfAwxzP(hT8)E&lU^3kx5BE%5m8WEnmT(d?xo+`$
zPgZTmew?S8&5}V_p;}0}YS+mS-R}S{2*gJQXpH>zZ}jjFuff(pQF2jc$v}Eq2)2rR
zY&c2sfpDgN>B3{bgtFHnUI63`NI9m+D!ku^{~sV30d@#lIf{=TxIceB)GB;Ecz76?
zvYco-nK&PE^ym*I@E90P@xTPYeAuN`G8EAN)(F!LiL}^;jPg4x4s|phXR>TKHy%Y4
zqySnzvDn-lxE*OB%u(2Tkuu*7jU|8qNW2aU3S}n`6mKYpky7oqB<q(Geg7+MDZAlW
zECxs~b44S8Be6uTp$mbzOp=`wCKmZ?0={H3BE=alvbeO#1mQ~sF+uua#hevQD-NNB
z8^Nw1x`Hv!8N4xCXwajPT=p-u&R5PuC*%{t_!q{sVib7DVkN+}gtnf?{W))-`FMHo
z`PQfhai+2pF5F}GFWpR)`T<3~+5c=1OB8|`-zJR8jKW5UF38C^geyi${fM9d2%YGv
zY9p#ByiX7nl;iwSwNeVO!nSe~Y=ldun;8FVnmn+hCw3!kkAp^?X0^=g7MdHbY{Ow)
zqs63I#r@5&fJFRmn!YC%b;6a^u2z21DLkRX#@tK%hh(WN<NSEImQxU~loHKShBF+g
ziVb|TBNR9=Nkm-g1#OZ_+$4l5Djcnf!diwC=dx%PgvP=HB0NmWrd&mXSLMaEW?0b8
zt&Nu(hX3&g)^RBiSfF}rMac>gnMJ)a8BUO*R!aGx%}S=2E<Zd;$(o{wrFde-Dq1R^
zCR4%+EXbFHtB|K&nB-6v7#5@b6?FtpNG)0&UuJU@AC|6M2`<tvRlNvKtK$WoK&ml`
z2_>GZmnU)Jy!Z%@Tc8fv>#R<N3ZH*wE?W<xgo2*0G}9prLp_T?%+Sg!N;!qCL9`-W
zg(N~J%$f&|^w**{KsWE9o5zYWt%4<15|qdzFuSn|kmZxJ>u}saCu1pV(kyw2V=*(5
zYFZDY3y^A}d0W|#;A%m*s(~AvA(H9mM!>2@KQ#IZXwlE5I>G8F7!no$s^DQ|kR5@P
zT<m%9INEg3omNM@Rw@}<GKW?q_`)n0(I<yRV4Vg?fXNWr2)JD^$`J(UI10IHs2>x}
z1PSzPQlu+*2bEbtZd^Dhq!s<*^HBQS-TBa^t2QH`3{dq<s5eO(9yuF^mL6mnrFDL<
zEaNXH6Bi19lN_NNGPD}?sz+__9?4Y(X64G%6K>fdS>%5`y-f4vY%L}V8Y21Jgu}Sv
zQ0b8b5n5>l8sNc@)!r7J1Tm7NFhP*V+~S$MFk01t<KU#lVFU1C1*8=HE#A0U@sn<N
zsQt-e96CJdDPREH7XT#JWV39C0m^s@Hc1WQ9;`gnzGMvtJ1YsyQ&?v(cl;me2V0!j
z4kHHqS{7!o&xxr-xkh=4DM<Mv+6Xe3VgH^7Ys_$fP=`<pgZw;rh)`1Mh6Kq<&~G>I
z8a+{{;vn!yF~}N6GjJiEU5KY|@{~I5F2!g3DWVLioXxrEteD~S`N)pMwudJiBnZ;x
z$_n90l&V&EI)Fn;)Gh$8YdFDW61`Wa9?E@^7%M7|7?KA9AcK=5OB(w;u-ZC>MHMG|
zS8D8s{K!O-<rD{Nh2FG^4I88}6RHt%kxQhIBNIGAGYm;aX_ArZ#QC=vGz1n!QMNc`
z$ejG|{RW`G;n3-AW(84IPU&Q1<cN75-e#}Bo&ImE_3+;~>!Xtu%&bHfgLS{z4$J4W
zHM7)X-q2_%mj4oIR23--S1IHiUN5r&heAJhwT{q3Jb=7li*Ho(W=T;xf;Ykyl5PlU
z6-UphP<kbgD5k*&`CFl*9BFggqTAc@Zsk9Oeh(oS29Dq_E`n0v9fh-Ct;a(<^m4(4
z%*RPG3G(9^5$v>tc?DqX4G0N}i@sUmzyek$j3PB`4%H+-%FCBRVdyIq#B}lC64FXE
zJ|kis@ei%kg>i7nNYsM~BF%6~lTMJpHHgPZUP_#sZ#z{;kr%aUr;B$hm%Q7}%gq?e
z+E_4w56O%OE5WYX!8vrCDryMp=MN<5hy4<xllPX;fo}|w!W5L^l+VXe-+nSjNCPN~
z;mM&AeliKcJ@~DQ2N*lci^{TsGmF2!9I}&<M(&Q4q4|Z}CfJHHlc-Qg%aWms|72!l
z(Vzh{9efF2OO`hFWnaLrj#2`1(}#5@BgxDb77k?x7LdT9M`47MnFy!-*2STdS2V>?
z89elqW`jrl$06;j(#T9knaV_lt|}e@Cj-$hh#nt<Jt`FehAom!B8Z#3<;g4w3la&F
zj@%m?CDV8Zko3S#U?;?<Q=v<aQDCsZH6%bVujztO96ZNjDpv=B&>DP=39`Zu$8L+D
ztkfa$$waN1T|Z2}S;5{M1P7o^4F2>imlPNEZG?4Q7nW0Lbow4(oEWHZBQZ!}6;GoA
zL4q;^r$IqNW~AR8SO}q@z<vWO9Q2V)A<{#i0O3!cpYjbmi_C>!x((`|eEzVT`S<MI
zglIh(^R?OSyI%o261cwv|DO^xy1wNbmA}UT5$rbI2KPVY^S~Y>ut(;j20XOKV~EN~
zp$F%I>yBj$#kX;R>+S0TbArC9Z44Ya_r2l;85y?kM)fu)8}+kOX~e@_^2JgJvrn5X
ze9p*^wl@l)A0`jy9RUh!FwBM_P>y+v(51i3<Z4<_3np*?@?aZp?}>T94XRxbEDe%b
zFn9@n4=Zc86{4LGoDs$7X23H~vRz8SQ5RA#AP^sd`I`}cFDYYx`IsG~<2qOyUH=K>
zXcFEYt%9QfxIIb#B{DO5zb9TawvEl!Mr)}Bl;=#IgI$oWuD0%RTA*exB}SW>KJ8B?
z8-g~A0u54)akKputfQl&70&jS?c70u5IOK<2pVuB)1XZ-cxZI`twj@64n51@15S3h
z$WWwWW7DY3HO*j6iMmLGCNy~{Bb$g#ohB{%k0qyrQH5pQ21mL~`2vR7`WEIzpjm^X
z?o`IExlPz6uNq1n5psFz9GL}L5_mMEk!8ft*Jy)`i97eutZ;OxMOgVd&#t@Tvi-9C
zk^hlDo2kX9u-m9^TpMF+Yun(Z9nS7DLnTgkVW)PJqm5jqQGvj0eH*>4^x_VDVzbBa
zWe$^<-ks;my3>>Pi1x_9T9MSVf&g>NXz%FG0G>y^`43G`3nX9jP;#-{9yNs?0vtq`
zDeD7-s@m52VZ!RTLF`Cdv8^G$xp-Q&4A-opqK%6BnbpW&>)#Bk)EXkfA!>doh)*r8
zpXej(w6M;H_L*B?G??_9)ftoHI#R&A-0DFH>ME0Yr6!Ez8ftI2W}>p~bwJvW&@ep_
zz=Xo%a?iGq+tD-d^0DGxVc`H<n=fr6nr`-$p=W88$lelclhEQy><|R{C4=JwXT_{t
zLm=kn1W4j{sD`x|Qdy+x1ajW(&TQ(oU52=76CdR4ggU#|7((bRmg7gJTaM(RXN}sw
zfujXXGhO^RZl7wA-X)fSDQa$qil;+~n2<Nt?qmifwlkWstu?qeTr#bgPpD^jw?v-H
z^A3v8VbdkZSE^MNZ?zV~5Hz?s+1;%$u4X;_xR=Lnd;M$H0m6ze#-`&CH~E%lyEz%O
z8FC>T>MSNUDEb5Xhkd$C8hz!fE`<xp<!*Nl0v#i%%J3s4pYnEVC2R-u&Rv8&I_i(&
z7kd@b?)t#|`T6-kW`8Sedzi(r#qlDUn8b2?OEZ?8*`>jDs8RaS9A;+wDH`Z?ubv#G
ztmQDdcOBObog|K7=WIjd0F(P=!#X$%#5yhF$DEp>PE2aT!f$Pyj8C40_^$>Zf4aQD
zU2<D)fnF<hXMYAiD;y4D>5=|^cD_hkAV^k?V<+hqO+ngP8sW#uS6`6}09w!QmS#Py
zslNHGc5L|llKTynT1-{#9yZlGXzCX_hwt_19OHdHZNH$IeYs*S2OamFc+c}smio>B
z<?+hVOt=5~X;ht#!cE4?>tRrWP_1VxFrmk6cOfY22C`)2?Pj$Waa~}!Rzs^_JW4w$
zOc5c+y2(s)lrrV+q2x~Rm?@Q!h~u>_6?fUQtpD3@O~|@F&qJ@(ghzVa`PPvW>(j0K
zvAzJ}$NTVYUM6Uaiz4%p_J4n@pibfB&rZj!C#;>UpV@Xw(QALjtdzugU;OFC8+L3I
zVL3b<awgZsYQ2H;zs;hNHPu}`ce^^ToXxTpt;`-b3*Q}yB!5dBygP9o_zC-JkR@Ja
z<r=J!#1K{#^iZRypT7_@A2l99LdyddLSXbAiSr+XGG=U($%LR;bb%5pm9He*_|%k5
zWRUzDb@F2|LUJ4ARBkgzyqONyM!Y-@<vp}<pO6+7+mVjR>h$8%@)>TI_p-bGL~Pcu
zLC#9BCExx@)<BKc{rFFe>&vv*f0b0Gs;tNR7aPxI3H6`!pCFG|;e$LEGLhVQ*1ogj
zIUjzj9>!W{F=VBsokH6`>*+3SWQKEqHhKJ4RrBLy9y#&gXSJkWjpw=HS1h$<{%ef=
zd0u;5kFRU$?M;RI7Pu?S*ZX~(xCx#la;%(3rB8Ra^1_k*;J=YIHGLWBee`Ob2zh?j
zqIFDR94?BCEjXT6Q?z}(GuSZLN^lSOL}%|bzdqC&u6!A;-R$NYt9nGcJ$@qZn^(kT
zU-}|o%UPtPY_;DzVwfIG9S8qj!dm_o_qX+T2&cib__IO6NGi9qX`900TJL6(K{Tyw
z_Xkl)gI}pe6XbW>>EDU;@8hvcrO&K6X_Mg;UR0e6a0Cc_dxH||^vQ?^&R!IOMzmSW
z9x@-l$%qB!-pAkjrX?wp+FI%wG8^*i`yUm?_8giiFEj(_|5a1*Tin(YjFTX`pqw^l
zCj%Zw@ajx_r^?B%_|n6QuCDUF-Z`f3Z#_4kFV!&P*t)Kt-MX%hACuK5)3&-^gU^?E
z)1XMPhuA01ZhX$6IEx+UYH<&J-^e?{a?k%XPrsQ@J}pA797J@sR*4bCZ28E<J?8lC
zKWlr;9rk5CS%2IlUh(xkZ^Rq4`h2xdX5i1-Uih;9bsO)<lbr2cc>3r`SeNQ;o?SL{
zzQT4nLvv@Qa?em7e`F79GxYVl8SSq+$jjB<J>>8^YH_N0%I4`F#t^#Uv`Cq{$Y;IA
z*@^18Of$*ypd=)!x+7M5Ady#pF?$oh?&=D)RfDC!gG#aI?RPb;o^DuacPe95SX@qE
zJ3WX+y7oTy`?E7Zjcjk&)iP>M1pM)9MvDZSA&v?vhE9QbB3K_GZMK^v@$imUZg70}
z0X2i0q}|5bQJ9&DhMt7J9Dzv~4{LA+_1=?o05=gD$Sg_OlWXPF_>!ejP;l8wqe(n#
zJpI=b-j-FYf`d01N~ArI8(IYs0%!D^`2|Zj6gu9R1}ahkWCRbVNJj-!zG1?}Y23}L
zpHF&Hc61!L%N-$Uklf7Bp6+LvN;NosyH?;oNvdx){H$|h+WBn0cYQ2Mvjd$cB2N}E
zC|>h9Ur%QJ4gP~@gY`$#j?}TEIX~Y_YINg%^O_ap+v@&2aZJb6?fDalK1XQ%pnN9#
z0D+%uf`d+n=!MjK{@3h)YU(r&st(3=L&LW5ao#KzUmcuRd%^Yq?xiM{LdD}_d+Huf
z1<bKufW;Qk@|yF`wnG&JhH99WMyH~{32?o#sn6R&O{z@M1**!^)Mxr~!7%-p?Nq<y
zK4@aKM*r>dnm?Ye{5-s)DlN@y?om}}qit_iQKYKq^j1PQal5E&PPd?1<L~Fo;Oe;%
zVZ&(c-NKwZf^1#176q~H!jUHBt^NDyGsos+=UVsqj>%j%mQ5u!fuC}>rJd{>Y#Rg1
z!96uWfR~BN+)7_dx~t1ZV)YZH_MQzgVAP}g`z0Zr*W06Jt&@l@D2)1j<M^%q^qL2o
zHjE)|TrfGH+S%tRx*;-R!{Mshv*+-~TSl!zaagiIbzJ~UtMf;!xsb2Ft^L`Z3S=yM
zoTAX)$L@^fTf6%lq>r@b&&n|Br!71lwt_AD$yyf3T*C2e8o@r#o!(&8xbh+<O&8g7
z+B`e5lxIm;&EL6MK8|INy&ii?TqmLoTxCQye%5cl7Kbndh_GY(F?wxOi>r8f%Jt{$
zA-AmMt}L%GYT@5|hLW$u;(jB<W*>E!ruy0cn-O@Mg;uM_`DJP#*xt`Qss|q#h)Dy1
zQch+>XP<!??c67IKz_lTtY~Lv;gS8YY}yKN*iM8iOxVn{T{fB@#i=Gi<Wu!(^7GpP
zR4kKt{g_X&9H;yTuC#l6(zK-0(F;c9!J3Rn72Mt(Ptr&yeZ|js2Axp<HkVWIrS5MC
zDk!fOAZF|Og}t7=lICI1(HY<`lsEh+Wat>>aP9h)rrtMPyP724)TL3DbleUvxA~CU
zW4vS3c)&ydwsOpOt<dP~eKnr>?6{~>M=o+n&FK9uRSNSqbIc{jf4voLsL?P+eR|WZ
z`NNcREX<z2w}Q*&bSfpXjy2%%O@Q|Mub&62ABEh#=TsEM;TLr*>vdAo*)o+>f->aT
zJ$Npq)n}<5>*?6kdbwH-3ZTed%xOLJ;Kztrt3T&?4V@PoGE;?ua)z<G%k-Tg3b%<)
zZot3SH&D3|D+er=td;iX5_#p9ZxD%TwzgSw$A1X*weSU>s^D2nqsqjNvW^kB4usmy
zv)(^TBxVc-XXAgbLPS-Q<wWC-{V@B1lH|K{c#2-?phS&@F#P-5;`(A}EnF=(!N7Q-
zmzq6erVN$>o$X$Gt*2+5+V945LcJZ=PTMSY>dTEg_zCCR-$c11vry-{8V^9j20;z3
zT@*U(*l79U$RF|F+{*b2vxN$d%krXPe%;{5F{c#$h_?lynvB!1E*6vg{77MASt9>Y
z_!@C+Y-DrXIKdH|k)Y4G_37@n^EVISb!0Dv;A31w)+en+==#-nlykP?k6an;ueL`^
zf(U9o^kYMu<#XAuOMDpmoA!$cC9Sr9G?~c<&x5ybn(j08E!^A;e<p`0RuSNAEDgJO
z?1oPV1-N91b)jP|cXF32{P<?hEgfo)=8n1f+d2!^_pth`yjyGBXImp{4K1NBu8%#b
z{T$~~?@Lhy>a;rU4Tz4OCXU>%t6TUyrG9;Uc<QEY^tA4uq6BQOoY}u8Gd+j75_Q@>
zZxa?>dI$K^%AEV<@plUta(bffOtyv`M7S{g5%{=xiw0K*58^V6&2wxvJgbq&1dVjo
zHk9RJUVM()sdat@mmquuGu&_eLUD7bdZ6{U@(Aqt&=OyMOna7e=;-uq5j4|%|4a~^
z;rp}UN0rIzY@{Y0MX0Wxwa<#ec>2*>-{0lfK$qcE<#Atd1%usoFG%Fnb$@voFic>c
z$2&zAeYplK{iqM}01;Pra|bN!*`MV|^m<QOJiGLGFwyTEWWDPjg<mDnI*<IWq}9{7
z`lNa_c6r>K;2-(p(ei<;_{fvo;F54W{0AiY92oPRtyTZNx7Yla@kHC-39Pc0>|wW(
zERDmu8rr<9gU`*22u7Yu2(PLd^`qcY_ci@bqb=iWHjhmz0v$&~&r=>oRi#FJKV|=$
z(6iaf#=MTtYr<y~JYUXQg^_j5peP?_kd6hhv-VReeJh>>mTob=Y|z0pMmc~P-w+y*
z^3G6^E|s_x`tX&Eq#Yp94`ogsEfwlo5-Ewjbd*^C7H8N1U=yq+MAYKL$#)MFXnWeD
zt7(F<{Lo(J8kuz(5aR!|4}4DCvEw!WO_csJ!#Tz5k$MxxWOK1;06X*9@K?Jl%-H8x
z*PeInk$vaK=G!4f7{uu?OUckC9Va7}zaO8?NyJ8oOqSg`2Y!I=FRvk*teC!81wQ_*
z?R|I2D~8;1)BFA`n;MKbbqRYyXLsVTj3&<W3ACdm`(QeqPqfFO66RCh6n2UL^NwNQ
zu3253fnJZ*k)yZc0DQrhLYV#$qgR(~myoAl%e}B=UAtOeNl|lJrpG2Nfp=>yqshwJ
zZ^7U1e}8iJJ(g$l9<CJsbh?V8gZNcDgNU+*%5L<vLUip(U6sB~$K{Ys$oXfuQ1t27
z%aZmEDWP>|Ww9aE$4$$x*A>Bo*!NpVm%--aAtEB|%Um5^C#jaU-XUhLzU$c6*ATb#
z)fS~RQ$w}co!z}AYlTsPhSl&X|3Qf%*;-c|=fy4ul!ab~51&>`!FThe{Qh5pnjB);
zuM$V<J^hT=T4OXs?!6l=)|OeSKtBif8pqB{@~ypAhC76T76Fb8m9%EA&DE>e%)YMy
zgSgM*F~u%yY6{Jo90MPR`NS9pM%&5u#<J>@`%X4DKL_{^&5oBEJr3Tco6*CEcjGL`
zv5$?f^MS7W_jjUYpv}8Qz2yVE!kUYh?_seYXTzIPO*rh*oL8-Pf)b)p7b32prAXY*
ze5Yg1l;+NM?$5Z6EO+q~x<5JXuBB#`4el#J8(v)zcbbO$S>24^?eyk<3^Y2}L{S#t
z_n_hQ8S8)K(_|UkT0wTQw6l@-IvAq`{GF|Y+%oi~f=Ys{*oO`X$y6rN-0}Ev!}PHT
zbD>*rGho4Ckc>zk9D3_nK8?fybRlC+h~@&i^a#~Vf57<(Xg7a@SE`Sk94`blTBR;X
z6HsZhr(S$F8td1E{-~Owf6;^$X6pb|GsIiDX4Cg1UYJw#lLT+x!79;X1)~TCJuih7
z_?#_yFvANgNd@qUTfE02hTYhniPGQS{=~dzq{MD_QOsSoY}K{mYFjs-xcJ+194n||
zB;*ojixakeAQAI~eYED$<-OA=K+wzQJ<~{icb~X@DXNi-ln|4}<1MRZGO7KxZkX+O
zeSUk`w4*9M#?>>^yD=1b(03#G%t@zccRNjY>3!7tpltU1t|F+UCs~(WLCkj<M^1>V
zlJlhKzSHX)6Y??GS*@v^&2yCF?LJ9FlI*!Yt`2!T)5G}`cZRD}$ZP0};qPlX4yhi7
zw956mLfCgR>~!GU*XZRGyM0NdtHgVtKIGDM=NQmG7mO7^cVYcjbh$&k>d@Z%x9z@`
z^5YxipeMQCc3<`T(DR6dJC~@SgUd!SeTw(8hMxix!c>YUbsy1)fc`$~MP=1~u0if?
zN!W&4vyuAMqd|_@lyzwMBK4A|Y-h4Uxxn+`$U!P5f-loobK%9y2PyjJvWSME(uHw`
z<=-fC^H|L&eUsbNu)eRg(3Yxy99Rq2pAy=;J&l%_!N>p3L^bhCc^^>gV5vj&{kv%0
zLHgI{WC)!%{M|<AyQj(NB4v?eiw`E-n9b$6Ro-A(l;Oqf&PLnC<aW02vyX@9F?Rc-
zUqI<3HQn*(sHQ{dRtsG>Im+*s&}!2W#k!gq6<G_nFLM=Z-@&WF&r907tlMrWf!$4w
zC*PjelRHu$T3M_o;tV`u^71P`E8{DYe=vs^ZBTMg7izRp1n8%F1d^1W!weR7WKr7Z
zINXX@Gk?nvG=KFWSNHLN44P4>h<U^9()E0P@i7TUzUC6HCa~wYQTm->H@1_s^f1Ke
zaeUksu}RF>e0b1W#=c$EzDa<r8;5hVWU10TXdi6us=6kK1r<sPO^x5;t}e_D4AIbH
ztl6q?#u5w5>ImMpO&)~}r|!233i~hBKdQZ*2?eC=#-kL8y7}1GfJ=YPK$35ODVIX+
z+O|IoR=`zc6NmE7(OZwJT^#c_9YH7e=KZnt#ops*MT=z%fnCLy$Njdj)w#;7*2dpy
zXYU-`He;KFx_v^PU00W%5o;Y;o7ggGIj}<c+{_n`m#aeUL`(>(OKz>c?<C$PP45S}
z*Kc88uI9p<OS&+!)mhj273p7(kE_d{jo5j9qk7o)c6^^S*Xn%s&D^|f`;YmYZg3s;
z?+!b)5l)!|xs7(iJO3{1*c7u}orvl71E;4fF5`>exg0u_I@Niv%YIl2TzQ*e^Tqa~
zTuWc3w`>hmwVK|o_g;wXB+*6U`tN!!_U=ffZkdGA;aG=?y1WXxlkPm^a3-Y_h<0X#
z7VCcyiV-k#&1yO3%rnJyIf{Aez2Lowh)Zq}VfS(`T=#Fss_LtkRW|Ws`)mH2_JSLQ
z=h``v8!i5nk82h*fBkRmU2SX=WgJI^fQ?;<2GD)s=t78r?%vwo3vEZYGF_w$+UlkQ
zVt2i=%i3Odz0z)c03-Mkh`cNjKFl}d%Lo|=Q^W}qc`*?+EGo*&+z1E~hm&a-V<P^q
zT}O9!q9YN%>^>~_{QLVq|F`F!{-0(0UE2rT;Pr|72d6*Ucj4@}pY^v_R(*8h(o}Ts
zz|z6lmll?<>&3R6-*bAx+LB8Xn|>nvC#$~{E2!6m=8q4Hi6yJf9k}s=XMXR|4TJ0d
z*wa|kUA=2?{f=<~VS9h`AbMrzk)+RXta94=$G`sYq1juEeS3fXoZda~{IPAm{-e_d
z_IFfuEwd+YMy|H~yt$PtTGF}XBGQ$tzR>hUdAy*#y>(ajmShpy723C^c9ZN_apqd@
z0q;wG`(w$K*NzHvZKtMmCZ7G~-Q&<VZ^%1$OIkT_`M2XcqHoL<i%#>Oocf{1x8q9t
zjh8pHojLPP!_KGMk9WSg)3dJA&P-diyKdL5^G#D4_b*-b*3?&TPT$mhI+`W}%QATZ
zy<nOR%);dGg8A!XJnG@)KrkQ&P+y{2Rs@xv1zCD960<V7d|>vXR4l;N@-kA*FBhT?
zQ*T?l2@!%0Q-#%od157ejqqfH#QPc+`niT$jtQEIoc0u(io_yd21!N2(KwrOm;&Gp
z&%(VTMomZ>BG)=hWFc;*Fx=!c*ri~I^}0)klwjmA)yQ&;MbTt3S(qdXMQJ&TGYo@b
z1WFKQK$zq8Q8|z@N8<(A8QgrFlZ2Qoh*3nDF;FcgWQWOw49y$MnKv3QOgmP{i4hb&
zK=DEnRVIRac9A3o6C5u&Jpw0*aWN!++JaPwQV=09+-6tsw=wWWMHuGT9*QSNqU%kN
z8xAs-kizK@gB;3-`3N7C<KPgUb|}cP9FRrIqU22H$;a1aZo-1o6%IrZuPE1KoB&DY
zCXGRJHSf|%sOGSjBT|+M#K1!=?ID2Jl8lRfQ4IfG*3>Zjuz+_1Tb+}@2;7WW%sAu6
zXcos=D+NOq!|bREnb!1(K_OKCZ!~j|cUvrQz~i}dCL)n+GCUsEEpiE^jAd?TA|V7>
ztOO^DsZzJuMN*{M;-XyUV%$ZWX`7p(sN$0Ow3|$aIZ{^%6eML)_;-XT$KTCtIl4N*
zBlqAk+yfiPn2}Lsc`RLH=^9lAMg<;QU1RAQRR%@{9$Q_bOIPM=AKGhZ4u|`5=k5L;
z&I=Ax61sQYQ$(6xIm<5W7UHpRpdPv#zaWQsM3xe~a%jjNIjp$)$WiI#L#R(^;1Mg1
zR#YK4VnKk|81;&x3<C`DqGi#L2t?<Zdv}!`{;-I`39N)7p;>ZSTuP&q+b22y836|F
zK!j|gat}JGChLg<dG{@zJfZv4``_Q{eCmo}M#p9UveMt}tBYq{o%EdR+)VfD&$Q;3
zzkRZ$E^psfwDF4t3tL_}xJPcy--J%=8~@9s>(t~q^XOS~`^I&wnd3TJKyF;%Vi9y>
zWZuF1LzD6&Cwg8yx%iQqsk0v}D=U>AZtU9L;b{9anO9e~cFmCjXY=O#=El|ThP~%!
zc>BkHRkf(+(2sd76ApdHTr~DnUU=Z}#{Bnmi<6T0kkO!Ual_A{3rM_eRx9w1E1wKq
zIIu@67Xl~6tjGo=+A0~LR6!-PYH<W%1-kl?IKo0`Yyd|&R9J<h2(2!(z#1F_Ozvu3
z#-fptI0p3BBW;j4t%-xw@sG4=eIaRu)?76o!)WXRSGopgQRvH6x)vL$l`)tmFO(I?
z(^a|{2L5SkNhmbzs`@H#3DC$W9T}}7gEt1Kbs;vb4A+qnIx?O0N9x1@D^zPkCk`N#
z*Wz^IfIMq(7M(aOI&r|0q0*%-R?QlsX`sL#StB6Dr_}2J7~N?#4yf>Hb$zXvP4mov
zO!I8P??@njBkfWo0R;VO8A;@<D_IH%VO}yCfE7No0TciEuAA9c1CpHCm?+XlGe*PA
rne)p_jfU)Ig&7V1hi~X2iC=-FT|$*_C7&FD5u{A*G`t|eHsthQx9;uX

literal 0
HcmV?d00001

diff --git a/LICENSE b/LICENSE
new file mode 100755
index 0000000..115ea5a
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,2 @@
+License File in PDF "Kinetica License Notice"
+
diff --git a/README.md b/README.md
index 5dc6fa6..2415a05 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,10 @@
-# <application name>
+## REVEAL with Kinetica DB 
 
-Project template for all Iron Bank container repositories.
\ No newline at end of file
+## Description 
+
+Reveal is a visual data exploration and insight discovery tool. It allows users who may or may not have extensive experience with big data or data analysis to quickly build charts and graphs in a meaningful way to explore their dataset. Reveal was designed to be interactive and easy to use.
+
+Reveal is a Python Flask web application with a mostly React frontend. By default, it uses SQLite as its application data storage engine. To begin visualizing data, Reveal must first be connected to your RDBMS datastore. While Reveal can and does work with other flavors of databases, it is most powerful when connected to Kinetica. Kinetica allows this through a custom ODBC driver/connector via Reveal's SQLAlchemy interface
+
+
+https://docs.kinetica.com/7.1/analytics/reveal/
diff --git a/config/gpudb.conf b/config/gpudb.conf
new file mode 100644
index 0000000..661175c
--- /dev/null
+++ b/config/gpudb.conf
@@ -0,0 +1,174 @@
+# ==============================================================================
+# Kinetica configuration file.
+# ==============================================================================
+
+[gaia]
+
+# ==============================================================================
+# Network
+
+# Head HTTP server IP address.
+# Set to the publicly accessible IP address of the first process, **rank0**.
+
+head_ip_address = 127.0.0.1
+
+# Head HTTP server port to use for 'head_ip_address'.
+
+head_port = 9191
+
+# Set to "true" to use HTTPS; if "true" then 'https_key_file' and
+# 'https_cert_file' must be provided
+use_https = false
+
+# Files containing the SSL private Key and the SSL certificate for.
+# If required, a self signed certificate (expires after 10 years) can be
+# generated via the command:
+#
+## openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem
+#
+https_key_file =
+https_cert_file =
+
+# Value to return via Access-Control-Allow-Origin HTTP header
+# (for Cross-Origin Resource Sharing).
+# Set to empty to not return the header and disallow CORS.
+http_allow_origin = *
+
+# Start an HTTP server as a proxy to handle LDAP and/or Kerberos authentication.
+# Each host will run an HTTP server and access to each rank is available through
+# http://host:8082/gpudb-1, where port "8082" is defined by 'httpd_proxy_port'.
+#
+# NOTE: HTTP external endpoints are not affected by the 'use_https' parameter
+#       above. If you wish to enable HTTPS, you must edit the
+#       "/opt/gpudb/httpd/conf/httpd.conf" and setup HTTPS as per the Apache
+#       httpd documentation at https://httpd.apache.org/docs/2.2/
+enable_httpd_proxy = false
+
+
+# TCP port that the httpd auth proxy server will listen on if
+# 'enable_httpd_proxy' is "true".
+httpd_proxy_port = 8082
+
+# Set to "true" if the httpd auth proxy server is configured to use HTTPS.
+httpd_proxy_use_https = false
+
+# Internal use IP address of the head HTTP server, **rank0**.
+# Set to either a second internal network accessible by all ranks or to
+# '${gaia.head_ip_address}'.
+rank0_ip_address = ${gaia.rank0.host}
+
+# Trigger ZMQ publisher server port ("-1" to disable), uses the
+# 'head_ip_address' interface.
+trigger_port = 9001
+
+# Set monitor ZMQ publisher server port (-1 to disable), uses the 'head_ip_address' interface.
+set_monitor_port = 9002
+
+# Set monitor ZMQ publisher internal proxy server port ("-1" to disable), uses
+# the 'head_ip_address' interface.
+#
+# IMPORTANT:  Disabling this port effectively prevents worker nodes from
+# publishing set monitor notifications when multi-head ingest is enabled (see
+# 'enable_worker_http_servers').
+set_monitor_proxy_port = 9003
+
+# Enable Reveal runtime
+enable_reveal = true
+
+# Internal communication ports
+global_manager_port_one = 5552
+
+# Host manager synchronization port
+global_manager_pub_port = 5553
+
+# HTTP port for web portal of the host manager
+host_manager_http_port = 9300
+
+# Enable worker HTTP servers; each process runs its own server for multi-head
+# ingest.
+enable_worker_http_servers = false
+
+# Optionally, specify the worker HTTP server ports.
+# The default is to use ('head_port' + *rank #*) for each worker process where
+# rank number is from "1" to number of ranks in 'rank<#>.host' below.
+
+#rank1.worker_http_server_port = 9192
+#rank2.worker_http_server_port = 9193
+
+
+# Optionally, specify a public URL for each worker HTTP server that clients
+# should use to connect for multi-head operations.
+#
+# NOTE: If specified for any ranks, a public URL must be specified for all
+# ranks.
+
+#rank0.public_url =
+#rank1.public_url =
+#rank2.public_url =
+
+# Specify the hosts to run each rank worker process in the cluster.
+# For a single machine system, use "127.0.0.1", but if using two or more
+# machines, a hostname or IP address must be specified for each rank that is
+# accessible from the other ranks. See also 'head_ip_address' and
+# 'rank0_ip_address'.
+
+rank0.host = 127.0.0.1
+rank1.host = 127.0.0.1
+rank2.host = 127.0.0.1
+
+# Specify the TCP ports each rank will use to communicate with the others.
+# If the port for any 'rank<#>' is not specified the port will be assigned to
+# 'rank0.communicator_port' + *rank #*.
+
+rank0.communicator_port = 6555
+#rank1.communicator_port = 6556
+#rank2.communicator_port = 6557
+
+
+# Enables compression of inter-node network data transfers.
+compress_network_data = false
+
+
+# ==============================================================================
+# Security
+
+# Require authentication.
+require_authentication = false
+
+# Enable authorization checks.
+enable_authorization = false
+
+# Minimum password length.
+min_password_length = 0
+
+# Enable external (LDAP, Kerberos, etc.) authentication. User IDs of
+# externally-authenticated users must be passed in via the "REMOTE_USER" HTTP
+# header from the authentication proxy. May be used in conjuntion with the
+# 'enable_httpd_proxy' setting above for an integrated external authentication
+# solution.
+#
+# IMPORTANT: DO NOT ENABLE unless external access to GPUdb ports
+# has been blocked via firewall AND the authentication proxy is
+# configured to block "REMOTE_USER" HTTP headers passed in from clients.
+enable_external_authentication = false
+
+# Key that, if specified, must be passed in via the "KINETICA_HANDSHAKE_KEY"
+# HTTP header from the authentication proxy if a "REMOTE_USER" HTTP header is
+# also passed in. A missing or incorrect handshake key will result in rejection
+# of the request.
+external_authentication_handshake_key =
+
+# Automatically create accounts for externally-authenticated users.
+# If 'enable_external_authentication' is "false", this setting has no effect.
+# Note that accounts are not automatically deleted if users are removed
+# from the external authentication provider and will be orphaned.
+auto_create_external_users = false
+
+# Automatically add roles passed in via the "KINETICA_ROLES" HTTP header to
+# externally-authenticated users. Specified roles that do not exist are
+# ignored. If 'enable_external_authentication' is "false", this setting has no
+# effect.
+#
+# IMPORTANT: DO NOT ENABLE unless the authentication proxy is
+# configured to block "KINETICA_ROLES" HTTP headers passed in from clients.
+auto_grant_external_roles = false
diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml
new file mode 100755
index 0000000..4f27ce0
--- /dev/null
+++ b/hardening_manifest.yaml
@@ -0,0 +1,121 @@
+---
+apiVersion: v1
+
+# The repository name in registry1, excluding /ironbank/
+name: "kinetica/pathfinder/pathfinder"
+
+# List of tags to push for the repository in registry1
+# The most specific version should be the first tag and will be shown
+# on ironbank.dso.mil
+tags:
+- "7.0.20.5.20210428141653"
+- "latest"
+
+# Build args passed to Dockerfile ARGs
+args:
+  BASE_IMAGE: "redhat/ubi/ubi7"
+  BASE_TAG: "7.9"
+
+# Docker image labels
+labels:
+  # Name of the image
+  org.opencontainers.image.title: "pathfinder"
+  # Human-readable description of the software packaged in the image
+  org.opencontainers.image.description: "kinetica container"
+  # License(s) under which contained software is distributed
+  org.opencontainers.image.licenses: "Government Purpose Rights"
+  # URL to find more information on the image
+  org.opencontainers.image.url: "https://www.kinetica.com/"
+  # Name of the distributing entity, organization or individual
+  org.opencontainers.image.vendor: "Kinetica"
+  # Authoritative version of the software
+  org.opencontainers.image.version: "7.0.20.5.20210428141653"
+  # Keywords to help with search (ex. "cicd,gitops,golang")
+  mil.dso.ironbank.image.keywords: "Kinetica"
+  # This value can be "opensource" or "commercial"
+  mil.dso.ironbank.image.type: "commercial"
+  # Product the image belongs to for grouping multiple images
+  mil.dso.ironbank.product.name: "kinetica/pathfinder"
+
+resources:
+  - url: s3://eightynine-bucket/gpudb-intel-license-7.0.20.5.20210428141653-0-signed.el7.x86_64.rpm
+    filename: gpudb-intel-license-7.0.20.5.20210428141653-0-signed.el7.x86_64.rpm
+    validation:
+      type: sha256
+      value: 4bc19f495baa221821cffe9dd7cf503759d8b2b06acb8bf6882959842836c9bb
+    auth:
+      id: pathfinder-credential
+      region: us-east-1
+
+  - url: s3://eightynine-bucket/msttcorefont-1-1-signed.x86_64.rpm
+    filename: msttcorefont-1-1-signed.x86_64.rpm
+    validation:
+      type: sha256
+      value: af8d805b8b733cc3603c68fc43036521492c8687232d49c0561943bd35fb6126
+    auth:
+      id: pathfinder-credential
+      region: us-east-1
+
+  - url: s3://eightynine-bucket/caravel.db
+    filename: caravel.db
+    validation:
+      type: sha256
+      value: daac6ae9cbc8e1dcf274581be8b3463c8e96f20612d001ddd988f35cc35025f9
+    auth:
+      id: pathfinder-credential
+      region: us-east-1
+
+  - url: s3://eightynine-bucket/fuse-2.9.2-11.el7.x86_64.rpm
+    filename: fuse-2.9.2-11.el7.x86_64.rpm
+    validation:
+      type: sha256
+      value: 078494302e9d4c4ce914f5681c583b9ab571f3e13537c61e4a6db711528d7fcb
+    auth:
+      id: pathfinder-credential
+      region: us-east-1
+
+  - url: s3://eightynine-bucket/numactl-libs-2.0.12-5.el7.x86_64.rpm
+    filename: numactl-libs-2.0.12-5.el7.x86_64.rpm
+    validation:
+      type: sha256
+      value: bd4df28dbd6928faf3bc3bb48de9c511cf623c78d95c0af7cc4cdb5b1818ea7a
+    auth:
+      id: pathfinder-credential
+      region: us-east-1
+
+  - url: s3://eightynine-bucket/openssh-server-7.4p1-21.el7.x86_64.rpm
+    filename: openssh-server-7.4p1-21.el7.x86_64.rpm
+    validation:
+      type: sha256
+      value: d4b2de8f877b5c86b4c6751fbfba32d805bff4ecbb6183831888c833fb1af967
+    auth:
+      id: pathfinder-credential
+      region: us-east-1
+
+  - url: s3://eightynine-bucket/libmspack-0.5-0.8.alpha.el7.x86_64.rpm
+    filename: libmspack-0.5-0.8.alpha.el7.x86_64.rpm
+    validation:
+      type: sha256
+      value: 1fcc64016b2bf4ae5ab2657b3acd6eb3be1cfa9e19b2972df8aaf1a552db5b3a
+    auth:
+      id: pathfinder-credential
+      region: us-east-1
+
+  - url: s3://eightynine-bucket/caravel_all_2.tar.gz
+    filename: caravel_all_2.tar.gz
+    validation:
+      type: sha256
+      value: 797e1f20eb9fa1f4b5f79e78905725f5403bbf112a34322e1b921a863a922138
+    auth:
+      id: pathfinder-credential
+      region: us-east-1
+
+# List of project maintainers
+maintainers:
+- email: "kla.ctr@kinetica.com"
+  # The name of the current container owner
+  # name: "Jane Dow"
+  name: "Kevin La"
+  # The gitlab username of the current container owner
+  # username: "jdow"
+  username: "kla"
diff --git a/scripts/remediation.sh b/scripts/remediation.sh
new file mode 100644
index 0000000..17ae43f
--- /dev/null
+++ b/scripts/remediation.sh
@@ -0,0 +1,20 @@
+# Declare array to hold set of RPM packages we need to correct permissions for
+declare -A SETPERMS_RPM_DICT
+
+# Create a list of files on the system having permissions different from what
+# is expected by the RPM database
+readarray -t FILES_WITH_INCORRECT_PERMS < <(rpm -Va --nofiledigest | awk '{ if (substr($0,6,1)=="U" || substr($0,7,1)=="G") print $NF }')
+
+for FILE_PATH in "${FILES_WITH_INCORRECT_PERMS[@]}"
+do
+        RPM_PACKAGE=$(rpm -qf "$FILE_PATH")
+	# Use an associative array to store packages as it's keys, not having to care about duplicates.
+	SETPERMS_RPM_DICT["$RPM_PACKAGE"]=1
+done
+
+# For each of the RPM packages left in the list -- reset its permissions to the
+# correct values
+for RPM_PACKAGE in "${!SETPERMS_RPM_DICT[@]}"
+do
+        rpm --setugids "${RPM_PACKAGE}"
+done
diff --git a/scripts/start.sh b/scripts/start.sh
new file mode 100644
index 0000000..c481176
--- /dev/null
+++ b/scripts/start.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+# start gpudb
+/etc/init.d/gpudb start
+
+# create and populate radar_sites_new table
+/opt/gpudb/kitools/kio/kio -s '/opt/radar_sites_new.csv' --s-delimiter ',' --s-escape-character '\' -d 'kinetica://kinetica:9191::radar_sites_new' --d-spark-timeout-milliseconds 60000 --spark-driver-memory '2g' --spark-executor-memory '2g' --spark-offheap-memory '4g' --spark-network-timeout 800 --failure-mode graceful --batch-size 100000
+
+# keep container running
+tail -f /dev/null
+
-- 
GitLab


From b665f33a1a32b6916dbf32cbe195ec438377c704 Mon Sep 17 00:00:00 2001
From: kla <kla.ctr@kinetica.com>
Date: Thu, 6 May 2021 14:32:25 -0400
Subject: [PATCH 02/14] add key to hardening manifest

---
 hardening_manifest.yaml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml
index 4f27ce0..203bfaf 100755
--- a/hardening_manifest.yaml
+++ b/hardening_manifest.yaml
@@ -110,6 +110,15 @@ resources:
       id: pathfinder-credential
       region: us-east-1
 
+  - url: s3://eightynine-bucket/RPM-GPG-KEY-PK
+    filename: RPM-GPG-KEY-PK
+    validation:
+      type: sha256
+      value: 895c34aedec8b1b8728ba5f5a05d02e5ae4e2d41eaefc6380507117bfcc79d96 
+    auth:
+      id: pathfinder-credential
+      region: us-east-1
+
 # List of project maintainers
 maintainers:
 - email: "kla.ctr@kinetica.com"
-- 
GitLab


From d4996e593b17580fc38bfc4816713452fc92ef90 Mon Sep 17 00:00:00 2001
From: kla <kla.ctr@kinetica.com>
Date: Thu, 6 May 2021 15:42:42 -0400
Subject: [PATCH 03/14] different approch to installing rpm

---
 Dockerfile | 43 +++++++++++++++++--------------------------
 1 file changed, 17 insertions(+), 26 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 87a1e9f..c31e428 100755
--- a/Dockerfile
+++ b/Dockerfile
@@ -21,38 +21,29 @@ RUN mkdir /mnt/data/gpudb/persist
 
 # Staging GPG key for rpm
 COPY RPM-GPG-KEY-PK /etc/pki/rpm-gpg/
-
 RUN gpg --import /etc/pki/rpm-gpg/*
 
-# Staging RPM for Kinetica Installation 
-ARG RPM1=gpudb-intel-license-7.0.20.5.20210428141653-0-signed.el7.x86_64.rpm
-ARG RPM2=fuse-2.9.2-11.el7.x86_64.rpm
-ARG RPM3=numactl-libs-2.0.12-5.el7.x86_64.rpm
-ARG RPM4=openssh-server-7.4p1-21.el7.x86_64.rpm
-ARG RPM5=libmspack-0.5-0.8.alpha.el7.x86_64.rpm
-ARG RPM6=msttcorefont-1-1-signed.x86_64.rpm
-ARG RPM7=caravel_all_2.tar.gz
-
-# Moving RPM from Staging 
-COPY ["${RPM1}", "/tmp"]
-COPY ["${RPM2}", "/tmp"]
-COPY ["${RPM3}", "/tmp"]
-COPY ["${RPM4}", "/tmp"]
-COPY ["${RPM5}", "/tmp"]
-COPY ["${RPM6}", "/tmp"]
-COPY ["${RPM7}", "/tmp"]
+# Stage RPMS to install
+COPY msttcorefont-1-1-signed.x86_64.rpm /tmp
+COPY libmspack-0.5-0.8.alpha.el7.x86_64.rpm /tmp
+COPY openssh-server-7.4p1-21.el7.x86_64.rpm /tmp
+COPY numactl-libs-2.0.12-5.el7.x86_64.rpm /tmp
+COPY fuse-2.9.2-11.el7.x86_64.rpm /tmp
+COPY gpudb-intel-license-7.0.20.5.20210428141653-0-signed.el7.x86_64.rpm /tmp
 
 # Installing Required RPMS
-RUN yum -y localinstall /tmp/${RPM5} 
-RUN yum -y localinstall /tmp/${RPM4}
-RUN yum -y localinstall /tmp/${RPM3}
-RUN yum -y localinstall /tmp/${RPM2}
-RUN yum -y localinstall /tmp/${RPM1}
-RUN yum -y localinstall /tmp/${RPM6}
-
-# Update font cache after msttcore fonts are installed
+RUN rpm -ivh /tmp/fuse-2.9.2-11.el7.x86_64.rpm
+RUN rpm -ivh /tmp/numactl-libs-2.0.12-5.el7.x86_64.rpm
+RUN rpm -ivh /tmp/openssh-server-7.4p1-21.el7.x86_64.rpm
+RUN rpm -ivh /tmp/libmspack-0.5-0.8.alpha.el7.x86_64.rpm
+RUN rpm -ivh /tmp/msttcorefont-1-1-signed.x86_64.rpm 
+
+# Update font cache after msttcore fonts are installed 
 RUN fc-cache -v 
 
+# Install Kinetica DB 
+RUN rpm -ivh /tmp/gpudb-intel-license-7.0.20.5.20210428141653-0-signed.el7.x86_64.rpm
+
 # Applying REVEAL Code
 RUN tar -zxvf /tmp/${RPM7} -C /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/
 COPY caravel.db /opt/gpudb/connectors/reveal/var/
-- 
GitLab


From 05af34a54bf9b4e2c8120d388e1c4b2e3c3c0dc2 Mon Sep 17 00:00:00 2001
From: kla <kla.ctr@kinetica.com>
Date: Fri, 7 May 2021 09:33:04 -0400
Subject: [PATCH 04/14] fixing docker

---
 Dockerfile | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index c31e428..5f610a9 100755
--- a/Dockerfile
+++ b/Dockerfile
@@ -32,11 +32,11 @@ COPY fuse-2.9.2-11.el7.x86_64.rpm /tmp
 COPY gpudb-intel-license-7.0.20.5.20210428141653-0-signed.el7.x86_64.rpm /tmp
 
 # Installing Required RPMS
-RUN rpm -ivh /tmp/fuse-2.9.2-11.el7.x86_64.rpm
-RUN rpm -ivh /tmp/numactl-libs-2.0.12-5.el7.x86_64.rpm
-RUN rpm -ivh /tmp/openssh-server-7.4p1-21.el7.x86_64.rpm
-RUN rpm -ivh /tmp/libmspack-0.5-0.8.alpha.el7.x86_64.rpm
-RUN rpm -ivh /tmp/msttcorefont-1-1-signed.x86_64.rpm 
+RUN yum localinstall /tmp/fuse-2.9.2-11.el7.x86_64.rpm
+RUN yum localinstall /tmp/numactl-libs-2.0.12-5.el7.x86_64.rpm
+RUN yum localinstall /tmp/openssh-server-7.4p1-21.el7.x86_64.rpm
+RUN yum localinstall /tmp/libmspack-0.5-0.8.alpha.el7.x86_64.rpm
+RUN yum localinstall /tmp/msttcorefont-1-1-signed.x86_64.rpm 
 
 # Update font cache after msttcore fonts are installed 
 RUN fc-cache -v 
-- 
GitLab


From 9cad5055183e0c286ee2509f3efaf2c1321db5e6 Mon Sep 17 00:00:00 2001
From: kla <kla.ctr@kinetica.com>
Date: Fri, 7 May 2021 09:53:23 -0400
Subject: [PATCH 05/14]  fixing dockerfile

---
 Dockerfile | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 5f610a9..807da25 100755
--- a/Dockerfile
+++ b/Dockerfile
@@ -32,11 +32,11 @@ COPY fuse-2.9.2-11.el7.x86_64.rpm /tmp
 COPY gpudb-intel-license-7.0.20.5.20210428141653-0-signed.el7.x86_64.rpm /tmp
 
 # Installing Required RPMS
-RUN yum localinstall /tmp/fuse-2.9.2-11.el7.x86_64.rpm
-RUN yum localinstall /tmp/numactl-libs-2.0.12-5.el7.x86_64.rpm
-RUN yum localinstall /tmp/openssh-server-7.4p1-21.el7.x86_64.rpm
-RUN yum localinstall /tmp/libmspack-0.5-0.8.alpha.el7.x86_64.rpm
-RUN yum localinstall /tmp/msttcorefont-1-1-signed.x86_64.rpm 
+RUN yum -y localinstall /tmp/fuse-2.9.2-11.el7.x86_64.rpm
+RUN yum -y localinstall /tmp/numactl-libs-2.0.12-5.el7.x86_64.rpm
+RUN yum -y localinstall /tmp/openssh-server-7.4p1-21.el7.x86_64.rpm
+RUN yum -y localinstall /tmp/libmspack-0.5-0.8.alpha.el7.x86_64.rpm
+RUN yum -y localinstall /tmp/msttcorefont-1-1-signed.x86_64.rpm 
 
 # Update font cache after msttcore fonts are installed 
 RUN fc-cache -v 
-- 
GitLab


From ade5fc0b469ce279602cca4a5d5573c22fb8cbad Mon Sep 17 00:00:00 2001
From: root <root@rhel.appliedynamics.com>
Date: Fri, 7 May 2021 10:50:49 -0400
Subject: [PATCH 06/14] fixing dockerfile again

---
 Dockerfile | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 807da25..8338bf7 100755
--- a/Dockerfile
+++ b/Dockerfile
@@ -32,17 +32,17 @@ COPY fuse-2.9.2-11.el7.x86_64.rpm /tmp
 COPY gpudb-intel-license-7.0.20.5.20210428141653-0-signed.el7.x86_64.rpm /tmp
 
 # Installing Required RPMS
-RUN yum -y localinstall /tmp/fuse-2.9.2-11.el7.x86_64.rpm
-RUN yum -y localinstall /tmp/numactl-libs-2.0.12-5.el7.x86_64.rpm
-RUN yum -y localinstall /tmp/openssh-server-7.4p1-21.el7.x86_64.rpm
-RUN yum -y localinstall /tmp/libmspack-0.5-0.8.alpha.el7.x86_64.rpm
-RUN yum -y localinstall /tmp/msttcorefont-1-1-signed.x86_64.rpm 
+RUN yum -y install /tmp/fuse-2.9.2-11.el7.x86_64.rpm
+RUN yum -y install /tmp/numactl-libs-2.0.12-5.el7.x86_64.rpm
+RUN yum -y install /tmp/openssh-server-7.4p1-21.el7.x86_64.rpm
+RUN yum -y install /tmp/libmspack-0.5-0.8.alpha.el7.x86_64.rpm
+RUN yum -y install /tmp/msttcorefont-1-1-signed.x86_64.rpm 
 
 # Update font cache after msttcore fonts are installed 
 RUN fc-cache -v 
 
 # Install Kinetica DB 
-RUN rpm -ivh /tmp/gpudb-intel-license-7.0.20.5.20210428141653-0-signed.el7.x86_64.rpm
+RUN yum -y install /tmp/gpudb-intel-license-7.0.20.5.20210428141653-0-signed.el7.x86_64.rpm
 
 # Applying REVEAL Code
 RUN tar -zxvf /tmp/${RPM7} -C /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/
-- 
GitLab


From d54e8c2add0bca839808f470dea7bc15f176d9c9 Mon Sep 17 00:00:00 2001
From: kla <kla.ctr@kinetica.com>
Date: Tue, 11 May 2021 13:44:55 -0400
Subject: [PATCH 07/14] adding gpgnocheck for now

---
 Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 8338bf7..3a54fe1 100755
--- a/Dockerfile
+++ b/Dockerfile
@@ -36,13 +36,13 @@ RUN yum -y install /tmp/fuse-2.9.2-11.el7.x86_64.rpm
 RUN yum -y install /tmp/numactl-libs-2.0.12-5.el7.x86_64.rpm
 RUN yum -y install /tmp/openssh-server-7.4p1-21.el7.x86_64.rpm
 RUN yum -y install /tmp/libmspack-0.5-0.8.alpha.el7.x86_64.rpm
-RUN yum -y install /tmp/msttcorefont-1-1-signed.x86_64.rpm 
+RUN yum -y install --nogpgcheck /tmp/msttcorefont-1-1-signed.x86_64.rpm 
 
 # Update font cache after msttcore fonts are installed 
 RUN fc-cache -v 
 
 # Install Kinetica DB 
-RUN yum -y install /tmp/gpudb-intel-license-7.0.20.5.20210428141653-0-signed.el7.x86_64.rpm
+RUN yum -y install --nogpgcheck /tmp/gpudb-intel-license-7.0.20.5.20210428141653-0-signed.el7.x86_64.rpm
 
 # Applying REVEAL Code
 RUN tar -zxvf /tmp/${RPM7} -C /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/
-- 
GitLab


From 189e357f32a6861a76a124b379bc35aaa345e499 Mon Sep 17 00:00:00 2001
From: kla <kla.ctr@kinetica.com>
Date: Tue, 11 May 2021 14:19:06 -0400
Subject: [PATCH 08/14] fixing docker file

---
 Dockerfile | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 3a54fe1..00e1c82 100755
--- a/Dockerfile
+++ b/Dockerfile
@@ -45,7 +45,8 @@ RUN fc-cache -v
 RUN yum -y install --nogpgcheck /tmp/gpudb-intel-license-7.0.20.5.20210428141653-0-signed.el7.x86_64.rpm
 
 # Applying REVEAL Code
-RUN tar -zxvf /tmp/${RPM7} -C /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/
+COPY caravel_all_2.tar.gz /tmp
+RUN tar -zxvf /tmp/caravel_all_2.tar.gz -C /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/
 COPY caravel.db /opt/gpudb/connectors/reveal/var/
 
 # change working directory
-- 
GitLab


From 9b2249b9d2bde609f2f3e05c0c1d665229cd0adf Mon Sep 17 00:00:00 2001
From: kla <kla.ctr@kinetica.com>
Date: Thu, 13 May 2021 13:09:51 -0400
Subject: [PATCH 09/14] removing django

---
 Dockerfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Dockerfile b/Dockerfile
index 00e1c82..00fdb57 100755
--- a/Dockerfile
+++ b/Dockerfile
@@ -86,6 +86,7 @@ RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slic
 RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slices/kinetica_mapbox/node_modules/*
 RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slices/kinetica_timeframe/node_modules/*
 RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slices/pivot_table/node_modules/* 
+RUN rm -rf /mnt/data/docker/overlay2/cff31b1c237f964b5d8a6bd5f5d2d68a11102aad3bc0fc19ff367c559613531a/diff/opt/gpudb/stats/lib/python3.7/site-packages/django
 RUN rpm --setugids gpudb-intel-license
 
 # Expose ports
-- 
GitLab


From 1ba9b5d399a3d1b08b390aaa73b6fb108deb4edc Mon Sep 17 00:00:00 2001
From: kla <kla.ctr@kinetica.com>
Date: Fri, 14 May 2021 10:42:46 -0400
Subject: [PATCH 10/14] removing django

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 00fdb57..410bbcf 100755
--- a/Dockerfile
+++ b/Dockerfile
@@ -86,7 +86,7 @@ RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slic
 RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slices/kinetica_mapbox/node_modules/*
 RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slices/kinetica_timeframe/node_modules/*
 RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slices/pivot_table/node_modules/* 
-RUN rm -rf /mnt/data/docker/overlay2/cff31b1c237f964b5d8a6bd5f5d2d68a11102aad3bc0fc19ff367c559613531a/diff/opt/gpudb/stats/lib/python3.7/site-packages/django
+RUN rm -rf /opt/gpudb/stats/lib/python3.7/site-packages/Django-2.2.20-py3.7.egg-info
 RUN rpm --setugids gpudb-intel-license
 
 # Expose ports
-- 
GitLab


From aa2a7476cfa139b0f044278244b4e41218ae563d Mon Sep 17 00:00:00 2001
From: kla <kla.ctr@kinetica.com>
Date: Mon, 17 May 2021 10:43:55 -0400
Subject: [PATCH 11/14] fixing hardening manifest to reflect reveal

---
 hardening_manifest.yaml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml
index 203bfaf..688120b 100755
--- a/hardening_manifest.yaml
+++ b/hardening_manifest.yaml
@@ -2,7 +2,7 @@
 apiVersion: v1
 
 # The repository name in registry1, excluding /ironbank/
-name: "kinetica/pathfinder/pathfinder"
+name: "kinetica/pathfinder/reveal"
 
 # List of tags to push for the repository in registry1
 # The most specific version should be the first tag and will be shown
@@ -19,9 +19,9 @@ args:
 # Docker image labels
 labels:
   # Name of the image
-  org.opencontainers.image.title: "pathfinder"
+  org.opencontainers.image.title: "reveal"
   # Human-readable description of the software packaged in the image
-  org.opencontainers.image.description: "kinetica container"
+  org.opencontainers.image.description: "kinetica container with reveal included"
   # License(s) under which contained software is distributed
   org.opencontainers.image.licenses: "Government Purpose Rights"
   # URL to find more information on the image
@@ -31,11 +31,11 @@ labels:
   # Authoritative version of the software
   org.opencontainers.image.version: "7.0.20.5.20210428141653"
   # Keywords to help with search (ex. "cicd,gitops,golang")
-  mil.dso.ironbank.image.keywords: "Kinetica"
+  mil.dso.ironbank.image.keywords: "reveal"
   # This value can be "opensource" or "commercial"
   mil.dso.ironbank.image.type: "commercial"
   # Product the image belongs to for grouping multiple images
-  mil.dso.ironbank.product.name: "kinetica/pathfinder"
+  mil.dso.ironbank.product.name: "kinetica/reveal"
 
 resources:
   - url: s3://eightynine-bucket/gpudb-intel-license-7.0.20.5.20210428141653-0-signed.el7.x86_64.rpm
-- 
GitLab


From 3d7599d8317e4eeeebe03f03b9b48d2c07107268 Mon Sep 17 00:00:00 2001
From: Sean Melissari <Melissari_Sean@bah.com>
Date: Wed, 23 Jun 2021 09:36:37 -0400
Subject: [PATCH 12/14] fix build

---
 Dockerfile | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 410bbcf..f8387bf 100755
--- a/Dockerfile
+++ b/Dockerfile
@@ -57,9 +57,6 @@ RUN mv /opt/gpudb/core/etc/gpudb.conf /opt/gpudb/core/etc/gpudb.orig
 COPY config/gpudb.conf /opt/gpudb/core/etc/gpudb.conf
 RUN chown gpudb:gpudb /opt/gpudb/core/etc/gpudb.conf 
 
-# moving radar site 
-COPY scripts/radar_site_new.csv .
-
 # move start scripts
 COPY scripts/start.sh .
 RUN chmod 755 /opt/start.sh 
-- 
GitLab


From 7e2328093475fd1e2f0767b66520ea3d13cfde38 Mon Sep 17 00:00:00 2001
From: Kevin La <kla.ctr@kinetica.com>
Date: Wed, 23 Jun 2021 10:39:19 -0400
Subject: [PATCH 13/14] update start.sh

---
 scripts/start.sh | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/scripts/start.sh b/scripts/start.sh
index c481176..3fd3dd7 100644
--- a/scripts/start.sh
+++ b/scripts/start.sh
@@ -3,9 +3,5 @@
 # start gpudb
 /etc/init.d/gpudb start
 
-# create and populate radar_sites_new table
-/opt/gpudb/kitools/kio/kio -s '/opt/radar_sites_new.csv' --s-delimiter ',' --s-escape-character '\' -d 'kinetica://kinetica:9191::radar_sites_new' --d-spark-timeout-milliseconds 60000 --spark-driver-memory '2g' --spark-executor-memory '2g' --spark-offheap-memory '4g' --spark-network-timeout 800 --failure-mode graceful --batch-size 100000
-
 # keep container running
 tail -f /dev/null
-
-- 
GitLab


From 45561d62633f30bb7fbf70a50a7245141108a730 Mon Sep 17 00:00:00 2001
From: Kevin La <kla.ctr@kinetica.com>
Date: Fri, 25 Jun 2021 15:19:40 -0400
Subject: [PATCH 14/14] fixing new CVEs

---
 Dockerfile              | 36 ++++++++++++++++++++++--------------
 hardening_manifest.yaml | 11 ++++++++++-
 2 files changed, 32 insertions(+), 15 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index f8387bf..98a77b8 100755
--- a/Dockerfile
+++ b/Dockerfile
@@ -7,13 +7,13 @@ ARG BASE_TAG=7.9
 
 FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG}
 
-# Set user 
+# Set user
 USER 0
 
-# Set the Baseline Image 
+# Set the Baseline Image
 RUN yum -y update && yum -y install hostname fontconfig java-11-openjdk-devel
 
-# Set up working directory for Kinetica 
+# Set up working directory for Kinetica
 RUN mkdir -p /mnt/data/gpudb
 RUN mkdir /mnt/data/gpudb/etc
 RUN mkdir /mnt/data/gpudb/logs
@@ -30,18 +30,19 @@ COPY openssh-server-7.4p1-21.el7.x86_64.rpm /tmp
 COPY numactl-libs-2.0.12-5.el7.x86_64.rpm /tmp
 COPY fuse-2.9.2-11.el7.x86_64.rpm /tmp
 COPY gpudb-intel-license-7.0.20.5.20210428141653-0-signed.el7.x86_64.rpm /tmp
+COPY gpudbsql-7.0.0.0.jar /tmp
 
 # Installing Required RPMS
 RUN yum -y install /tmp/fuse-2.9.2-11.el7.x86_64.rpm
 RUN yum -y install /tmp/numactl-libs-2.0.12-5.el7.x86_64.rpm
 RUN yum -y install /tmp/openssh-server-7.4p1-21.el7.x86_64.rpm
 RUN yum -y install /tmp/libmspack-0.5-0.8.alpha.el7.x86_64.rpm
-RUN yum -y install --nogpgcheck /tmp/msttcorefont-1-1-signed.x86_64.rpm 
+RUN yum -y install --nogpgcheck /tmp/msttcorefont-1-1-signed.x86_64.rpm
 
-# Update font cache after msttcore fonts are installed 
-RUN fc-cache -v 
+# Update font cache after msttcore fonts are installed
+RUN fc-cache -v
 
-# Install Kinetica DB 
+# Install Kinetica DB
 RUN yum -y install --nogpgcheck /tmp/gpudb-intel-license-7.0.20.5.20210428141653-0-signed.el7.x86_64.rpm
 
 # Applying REVEAL Code
@@ -52,14 +53,17 @@ COPY caravel.db /opt/gpudb/connectors/reveal/var/
 # change working directory
 WORKDIR /opt
 
-# moving config and scripts 
+# moving config and scripts
 RUN mv /opt/gpudb/core/etc/gpudb.conf /opt/gpudb/core/etc/gpudb.orig
 COPY config/gpudb.conf /opt/gpudb/core/etc/gpudb.conf
-RUN chown gpudb:gpudb /opt/gpudb/core/etc/gpudb.conf 
+RUN chown gpudb:gpudb /opt/gpudb/core/etc/gpudb.conf
 
 # move start scripts
 COPY scripts/start.sh .
-RUN chmod 755 /opt/start.sh 
+RUN chmod 755 /opt/start.sh
+
+# Fixing gpudbsql jar CVE finding
+RUN mv -f /tmp/gpudbsql-7.0.0.0.jar /opt/gpudb/sql/ #remove origina JAR with outdated commons-io dependency
 
 # cleanup /tmp folder
 RUN rm -rf /tmp/*
@@ -68,11 +72,11 @@ RUN rm -rf /tmp/*
 RUN chown -R gpudb:gpudb /opt/gpudb/
 RUN chown -R gpudb:gpudb /mnt/data/gpudb/
 
-# Fixing CVE finding 
-RUN chmod g-s /usr/bin/{fusermount,ksu,ssh-agent} 
+# Fixing CVE finding
+RUN chmod g-s /usr/bin/{fusermount,ksu,ssh-agent}
 RUN chmod u-s /usr/bin/{fusermount,ksu,ssh-agent}
 RUN chmod g-s /usr/libexec/openssh/ssh-keysign
-RUN chmod u-s /usr/libexec/openssh/ssh-keysign 
+RUN chmod u-s /usr/libexec/openssh/ssh-keysign
 RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slices/anadarko_calculator/node_modules/*
 RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slices/anadarko_histogram/node_modules/*
 RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slices/anadarko_linecharts/node_modules/*
@@ -82,8 +86,12 @@ RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slic
 RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slices/kinetica_map/node_modules/*
 RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slices/kinetica_mapbox/node_modules/*
 RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slices/kinetica_timeframe/node_modules/*
-RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slices/pivot_table/node_modules/* 
+RUN rm -rf /opt/gpudb/connectors/reveal/lib/python3.7/site-packages/caravel/slices/pivot_table/node_modules/*
 RUN rm -rf /opt/gpudb/stats/lib/python3.7/site-packages/Django-2.2.20-py3.7.egg-info
+RUN rm -rf /opt/gpudb/httpd
+RUN rm -rf /opt/gpudb/connectors/reveal/lib/node_modules/npm/node_modules/path-parse
+RUN yum remove -y libX11 libX11-common
+RUN rpm -e --nodeps cups-libs
 RUN rpm --setugids gpudb-intel-license
 
 # Expose ports
diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml
index 688120b..772a722 100755
--- a/hardening_manifest.yaml
+++ b/hardening_manifest.yaml
@@ -114,11 +114,20 @@ resources:
     filename: RPM-GPG-KEY-PK
     validation:
       type: sha256
-      value: 895c34aedec8b1b8728ba5f5a05d02e5ae4e2d41eaefc6380507117bfcc79d96 
+      value: 895c34aedec8b1b8728ba5f5a05d02e5ae4e2d41eaefc6380507117bfcc79d96
     auth:
       id: pathfinder-credential
       region: us-east-1
 
+  - url: s3://eightynine-bucket/gpudbsql-7.0.0.0.jar
+    filename: gpudbsql-7.0.0.0.jar
+    validation:
+     type: sha256
+     value: 05b7be15018205e632e41870146579203a495f00f5ad640af36df883c793e620
+    auth:
+     id: pathfinder-credential
+     region: us-east-1
+
 # List of project maintainers
 maintainers:
 - email: "kla.ctr@kinetica.com"
-- 
GitLab