Content-Type: multipart/alternative;
 boundary="===============9101330922043716396=="
MIME-Version: 1.0
Subject: PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 Released!
To: PostgreSQL Announce <pgsql-announce@lists.postgresql.org>
From: PostgreSQL Global Development Group <announce-noreply@postgresql.org>
Reply-To: announce@postgresql.org
Date: Thu, 14 May 2026 13:40:40 +0000
Message-ID: <177876604042.861.12327647497486409223@wrigleys.postgresql.org>
Auto-Submitted: auto-generated
Archived-At: 
 <https://www.postgresql.org/message-id/177876604042.861.12327647497486409223%40wrigleys.postgresql.org>
Precedence: bulk

--===============9101330922043716396==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

The PostgreSQL Global Development Group has released an update to all
supported versions of PostgreSQL, including 18.4, 17.10, 16.14, 15.18, and =
14.23.
This release fixes 11 security vulnerabilities and over 60 bugs reported
over the last several months.

For the full list of changes, please review the [release
notes](https://www.postgresql.org/docs/release/).

PostgreSQL 14 EOL Notice
------------------------

PostgreSQL 14 will stop receiving fixes on November 12, 2026. If you are
running PostgreSQL 14 in a production environment, we suggest that you make
plans to upgrade to a newer, supported version of PostgreSQL. Please see our
[versioning policy](https://www.postgresql.org/support/versioning/) for more
information.

Security Issues
---------------

### [CVE-2026-6472](https://www.postgresql.org/support/security/CVE-2026-64=
72/): PostgreSQL `CREATE TYPE` does not check `multirange` schema `CREATE` =
privilege

CVSS v3.1 Base Score: [5.4](https://nvd.nist.gov/vuln-metrics/cvss/v3-calcu=
lator?version=3D3.1&vector=3DAV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)

Supported, Vulnerable Versions: 14 - 18.

Missing authorization in PostgreSQL `CREATE TYPE` allows an object creator =
to
hijack other queries that use `search_path` to find user-defined types,
including extension-defined types. That is to say, the victim will execute
arbitrary SQL functions of the attacker's choice.  Versions before PostgreS=
QL
18.4, 17.10, 16.14, 15.18, and 14.23 are affected.

The PostgreSQL project thanks Jelte Fennema-Nio for reporting this problem.

### [CVE-2026-6473](https://www.postgresql.org/support/security/CVE-2026-64=
73/): PostgreSQL server undersizes allocations, via integer wraparound

CVSS v3.1 Base Score: [8.8](https://nvd.nist.gov/vuln-metrics/cvss/v3-calcu=
lator?version=3D3.1&vector=3DAV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Supported, Vulnerable Versions: 14 - 18.

Integer wraparound in multiple PostgreSQL server features allows an applica=
tion
input provider to cause the server to undersize an allocation and write
out-of-bounds. This results in a segmentation fault. Versions before Postgr=
eSQL
18.4, 17.10, 16.14, 15.18, and 14.23 are affected.

The PostgreSQL project thanks Anemone, A1ex, Xint Code, Jihe Wang, Jingzhou=
 Fu,
Pavel Kohout, Petr Simecek, www.aisle.com, Bruce Dang of Calif.io, and
Sven Klemm for reporting this problem.

### [CVE-2026-6474](https://www.postgresql.org/support/security/CVE-2026-64=
74/): PostgreSQL `timeofday()` can disclose portions of server memory

CVSS v3.1 Base Score: [4.3](https://nvd.nist.gov/vuln-metrics/cvss/v3-calcu=
lator?version=3D3.1&vector=3DAV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)

Supported, Vulnerable Versions: 14 - 18.

Externally-controlled format string in PostgreSQL `timeofday()` function al=
lows
an attacker to retrieve portions of server memory, via crafted timezone zon=
es.=20
Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affecte=
d.

The PostgreSQL project thanks Xint Code for reporting this problem.

### [CVE-2026-6475](https://www.postgresql.org/support/security/CVE-2026-64=
75/): PostgreSQL `pg_basebackup` and `pg_rewind` can overwrite unrelated fi=
les of origin superuser choice

CVSS v3.1 Base Score: [8.8](https://nvd.nist.gov/vuln-metrics/cvss/v3-calcu=
lator?version=3D3.1&vector=3DAV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

Supported, Vulnerable Versions: 14 - 18.

Symlink following in PostgreSQL `pg_basebackup` plain format and in `pg_rew=
ind`
allows an origin superuser to overwrite local files, e.g.
`/var/lib/postgres/.bashrc`, that hijack the operating system account. It w=
ill
remain the case that starting the server after these commands implicitly tr=
usts
the origin superuser, due to features like shared_preload_libraries. Hence,=
 the
attack has practical implications only if one takes relevant action between
these commands and server start, like moving the files to a different VM or
snapshotting the VM. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, =
and
14.23 are affected.

The PostgreSQL project thanks Valery Gubanov, XlabAI Team of Tencent Xuanwu=
 Lab,
Atuin Automated Vulnerability Discovery Engine,
Zhanpeng Liu (pkugenuine(at)gmail(dot)com),
Guannan Wang (wgnbuaa(at)gmail(dot)com), and
Guancheng Li (lgcpku(at)gmail(dot)com) for reporting this problem.

### [CVE-2026-6476](https://www.postgresql.org/support/security/CVE-2026-64=
76/): PostgreSQL `pg_createsubscriber` allows SQL injection via subscriptio=
n name

CVSS v3.1 Base Score: [7.2](https://nvd.nist.gov/vuln-metrics/cvss/v3-calcu=
lator?version=3D3.1&vector=3DAV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

Supported, Vulnerable Versions: 17 - 18.

SQL injection in PostgreSQL `pg_createsubscriber` allows an attacker with
`pg_create_subscription` rights to execute arbitrary SQL as a superuser. The
attack takes effect when `pg_createsubscriber` next runs. Within major vers=
ions
17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected.
Versions before PostgreSQL 17 are unaffected.

The PostgreSQL project thanks Yu Kunpeng for reporting this problem.

### [CVE-2026-6477](https://www.postgresql.org/support/security/CVE-2026-64=
77/): PostgreSQL `libpq` lo_* functions let server superuser overwrite clie=
nt stack memory

CVSS v3.1 Base Score: [8.8](https://nvd.nist.gov/vuln-metrics/cvss/v3-calcu=
lator?version=3D3.1&vector=3DAV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

Supported, Vulnerable Versions: 14 - 18.

Use of inherently dangerous function `PQfn(..., result_is_int=3D0, ...)` in
PostgreSQL libpq `lo_export()`, `lo_read()`, `lo_lseek64()`, and `lo_tell64=
()`
functions allows the server superuser to overwrite a client stack buffer wi=
th an
arbitrarily-large response. Like `gets()`, `PQfn(..., result_is_int=3D0, ..=
.)`
stores arbitrary-length, server-determined data into a buffer of unspecified
size. Because both the `\lo_export` command in `psql` and `pg_dump` call
`lo_read()`, the server superuser can overwrite pg_dump or psql stack memor=
y.
Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affecte=
d.

The PostgreSQL project thanks Yu Kunpeng and Martin Heistermann for reporti=
ng
this problem.

### [CVE-2026-6478](https://www.postgresql.org/support/security/CVE-2026-64=
78/): PostgreSQL discloses MD5-hashed passwords via covert timing channel

CVSS v3.1 Base Score: [6.5](https://nvd.nist.gov/vuln-metrics/cvss/v3-calcu=
lator?version=3D3.1&vector=3DAV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)

Supported, Vulnerable Versions: 14 - 18.

Covert timing channel in comparison of MD5-hashed password in PostgreSQL
authentication allows an attacker to recover user credentials sufficient to
authenticate. This does not affect scram-sha-256 passwords, the default in =
all
supported releases.  However, current databases may have MD5-hashed passwor=
ds
originating in upgrades from PostgreSQL 13 or earlier. Versions before
PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.

The PostgreSQL project thanks Joe Conway for reporting this problem.

### [CVE-2026-6479](https://www.postgresql.org/support/security/CVE-2026-64=
79/): PostgreSQL SSL/GSS init causes denial of service, via uncontrolled re=
cursion

CVSS v3.1 Base Score: [7.5](https://nvd.nist.gov/vuln-metrics/cvss/v3-calcu=
lator?version=3D3.1&vector=3DAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Supported, Vulnerable Versions: 14 - 18.

Uncontrolled recursion in PostgreSQL SSL and GSS negotiation allows an atta=
cker
able to connect to a PostgreSQL AF_UNIX socket to achieve sustained denial =
of
service. If SSL and GSS are both disabled, an attacker can do the same via
access to a PostgreSQL TCP socket.  Versions before PostgreSQL 18.4, 17.10,
16.14, 15.18, and 14.23 are affected.

The PostgreSQL project thanks Calif.io in collaboration with Claude and
Anthropic Research for reporting this problem.

### [CVE-2026-6575](https://www.postgresql.org/support/security/CVE-2026-65=
75/): PostgreSQL `pg_restore_attribute_stats` accepts values that cause que=
ry planning to read past end of stats array

CVSS v3.1 Base Score: [4.3](https://nvd.nist.gov/vuln-metrics/cvss/v3-calcu=
lator?version=3D3.1&vector=3DAV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)

Supported, Vulnerable Versions: 18.

Buffer over-read in PostgreSQL function `pg_restore_attribute_stats()` acce=
pts
array values of unmatched length, which causes query planning to read past =
end
of one array. This allows a table maintainer to infer memory values past th=
at
array end. Within major version 18, minor versions before PostgreSQL 18.4 a=
re
affected. Versions before PostgreSQL 18 are unaffected.

The PostgreSQL project thanks Jeroen Gui for reporting this problem.

### [CVE-2026-6637](https://www.postgresql.org/support/security/CVE-2026-66=
37/): PostgreSQL `refint` allows stack buffer overflow and SQL injection

CVSS v3.1 Base Score: [8.8](https://nvd.nist.gov/vuln-metrics/cvss/v3-calcu=
lator?version=3D3.1&vector=3DAV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Supported, Vulnerable Versions: 14 - 18.

Stack buffer overflow in PostgreSQL module `refint` allows an unprivileged
database user to execute arbitrary code as the operating system user runnin=
g the
database. A distinct attack is possible if the application declares a
user-controlled column as a `refint` cascade primary key and facilitates
user-controlled updates to that column. In that case, a SQL injection allow=
s a
primary key update value provider to execute arbitrary SQL as the database =
user
performing the primary key update. Versions before PostgreSQL 18.4, 17.10,
16.14, 15.18, and 14.23 are affected.

The PostgreSQL project thanks Nikolay Samokhvalov for reporting this proble=
m.

### [CVE-2026-6638](https://www.postgresql.org/support/security/CVE-2026-66=
38/): PostgreSQL `REFRESH PUBLICATION` allows SQL injection via table name

CVSS v3.1 Base Score: [3.7](https://nvd.nist.gov/vuln-metrics/cvss/v3-calcu=
lator?version=3D3.1&vector=3DAV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N)

Supported, Vulnerable Versions: 16 - 18.

SQL injection in PostgreSQL logical replication
`ALTER SUBSCRIPTION ... REFRESH PUBLICATION` allows a subscriber table crea=
tor
to execute arbitrary SQL with the subscription's publication-side credentia=
ls.
The attack takes effect at the next `REFRESH PUBLICATION`. Within major ver=
sions
16, 17, and 18, minor versions before PostgreSQL 18.4, 17.10, and 16.14 are
affected. Versions before PostgreSQL 16 are unaffected.

The PostgreSQL project thanks Pavel Kohout, Aisle Research for reporting th=
is
problem.

Bug Fixes and Improvements
--------------------------

This update fixes over 60 bugs that were reported in the last several
months. The issues listed below affect PostgreSQL 18. Some of these issues =
may
also affect other supported versions of PostgreSQL.

* Fix queries that could return incorrect results when using a nondetermini=
stic
collation over a unique index.
* Fix loss of deferrability of foreign-key triggers. Previously, a foreign =
key
defined as `DEFERRABLE INITIALLY DEFERRED` would behave as `NOT DEFERRABLE`
after being set to `NOT ENFORCED` status and then back to `ENFORCED`. If you
have a foreign key with this problem, after installing this update you can =
fix
it by setting it to `NOT ENFORCED` and then back to `ENFORCED`.
* Improve the planner's ability to apply partition pruning to more cases.
* Fix self-join removal to handle join clauses that are only boolean column=
s,
for example, `ON t1.boolcol`.
* Several fixes around virtual generated columns, including ensuring
`INSERT ... ON CONFLICT` works when `EXCLUDED` references a virtual
generated column.
* Report a serialization failure when `MERGE` encounters a concurrently-upd=
ated
tuple in "repeatable read" or "serializable"
[isolation modes](https://www.postgresql.org/docs/current/transaction-iso.h=
tml).
* Fix `CREATE TABLE ... LIKE ... INCLUDING STATISTICS` for cases where the
source table had one or more dropped columns.
* Fix `WITHOUT OVERLAPS` to allow domains.
* Disallow making a composite type be a member of itself via a `multirange`.
* Fix sometimes-incorrect results when `array_agg(anyarray)` executes in
parallel.
* Prevent bloating during restore of an incremental backup.
* Prevent stuck logical replication slot synchronization worker processes f=
rom
blocking promotion of a standby server.
* Make the `pg_aios` system view `pid` column show `NULL` instead of `0` wh=
en an
entry has no owning process.
* Fix cases where `pg_stat_replication` shows `NULL` lag even while replica=
tion
is active.
* Correctly display JOIN alias variables that are used in `GROUP BY`.
* If the startup process fails, properly shut down other child processes be=
fore
exiting the postmaster.
* Fix race condition that could cause a standby server following WAL from a
primary of an older minor version to get into a crash-and-restart loop.
* Prevent indefinite wait in shutdown of a walsender process when logical
replication is actively publishing data.
* Ensure that free space map changes are persisted during recovery. This co=
uld
have performance ramifications on a standby server after promotion.
* Fix assorted bugs in backup decompression and tar-parsing code used in
`pg_basebackup` and `pg_verifybackup`.
* Ensure `pg_dumpall` doesn't skip role grants with dangling grantor OIDs,
restoring the behavior before PostgreSQL 16. Emits a warning about missing
grantor if the source server is PostgreSQL 16 or later.
* Fix `pg_upgrade` to use the correct protocol version when connecting to o=
lder
source servers.
* Fix output in `pg_overexplain` when using the `RANGE_TABLE` option.
* Fix `postgres_fdw` crash due to premature cleanup of a failed connection.

This release also updates time zone data files to tzdata release 2026b, in =
which
British Columbia (America/Vancouver) will be on year-round UTC-07
(effectively, permanent DST) beginning in November 2026. This release assum=
es
that their TZ abbreviation will be MST from that time forward (though this
could change). There is also a historical correction for Moldova, which has=
 used
EU DST transition times since 2022.

Updating
--------

All PostgreSQL update releases are cumulative. As with other minor releases,
users are not required to dump and reload their database or use `pg_upgrade`
in order to apply this update release; you may simply stop PostgreSQL and
update its binaries.

Users who have skipped one or more update releases may need to run addition=
al
post-update steps; please see the release notes from earlier versions for
details.

For more details, please see the [release notes](https://www.postgresql.org=
/docs/release/).

Links
-----

* [Download](https://www.postgresql.org/download/)
* [Release Notes](https://www.postgresql.org/docs/release/)
* [Security](https://www.postgresql.org/support/security/)
* [Versioning Policy](https://www.postgresql.org/support/versioning/)
* [Submit a Bug](https://www.postgresql.org/account/submitbug/)
* [Donate](https://www.postgresql.org/about/donate/)

If you have corrections or suggestions for this release announcement, pleas=
e send them to the _pgsql-www@lists.postgresql.org_ public [mailing list](h=
ttps://www.postgresql.org/list/).
--===============9101330922043716396==
Content-Type: multipart/related;
 boundary="===============3469735971051964561=="
MIME-Version: 1.0

--===============3469735971051964561==
Content-Type: text/html; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable


<!doctype html>
<html>
  <head>
    <meta name=3D"viewport" content=3D"width=3Ddevice-width">
    <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3DUTF-8=
">
    <title>PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 Released!</title>
    <style>

    @media only screen and (max-width: 620px) {
      table[class=3Dbody] h1 {
        font-size: 28px !important;
        margin-bottom: 10px !important;
      }
      table[class=3Dbody] p,
            table[class=3Dbody] ul,
            table[class=3Dbody] ol,
            table[class=3Dbody] td,
            table[class=3Dbody] span,
            table[class=3Dbody] a {
        font-size: 16px !important;
      }
      table[class=3Dbody] .wrapper,
            table[class=3Dbody] .article {
        padding: 10px !important;
      }
      table[class=3Dbody] .content {
        padding: 0 !important;
      }
      table[class=3Dbody] .container {
        padding: 0 !important;
        width: 100% !important;
      }
      table[class=3Dbody] .main {
        border-left-width: 0 !important;
        border-radius: 0 !important;
        border-right-width: 0 !important;
      }
      table[class=3Dbody] .btn table {
        width: 100% !important;
      }
      table[class=3Dbody] .btn a {
        width: 100% !important;
      }
      table[class=3Dbody] .img-responsive {
        height: auto !important;
        max-width: 100% !important;
        width: auto !important;
      }
    }

    @media all {
      .ExternalClass {
        width: 100%;
      }
      .ExternalClass,
            .ExternalClass p,
            .ExternalClass span,
            .ExternalClass font,
            .ExternalClass td,
            .ExternalClass div {
        line-height: 100%;
      }
      .apple-link a {
        color: inherit !important;
        font-family: inherit !important;
        font-size: inherit !important;
        font-weight: inherit !important;
        line-height: inherit !important;
        text-decoration: none !important;
      }
      #MessageViewBody a {
        color: inherit;
        text-decoration: none;
        font-size: inherit;
        font-family: inherit;
        font-weight: inherit;
        line-height: inherit;
      }
      .btn-primary table td:hover {
        background-color: #34495e !important;
      }
      .btn-primary a:hover {
        background-color: #34495e !important;
        border-color: #34495e !important;
      }
    }
    </style>
  </head>
  <body class=3D"" style=3D"background-color: #f6f6f6; font-family: sans-se=
rif; -webkit-font-smoothing: antialiased; font-size: 14px; line-height: 1.4=
; margin: 0; padding: 0; -ms-text-size-adjust: 100%; -webkit-text-size-adju=
st: 100%;">
    <table border=3D"0" cellpadding=3D"0" cellspacing=3D"0" class=3D"body" =
style=3D"border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace=
: 0pt; width: 100%; background-color: #f6f6f6;">
      <tr>
        <td style=3D"font-family: sans-serif; font-size: 14px; vertical-ali=
gn: top;">&nbsp;</td>
        <td class=3D"container" style=3D"font-family: sans-serif; font-size=
: 14px; vertical-align: top; display: block; Margin: 0 auto; max-width: 580=
px; padding: 10px; width: 580px;">
          <div class=3D"content" style=3D"box-sizing: border-box; display: =
block; Margin: 0 auto; max-width: 580px; padding: 10px;">


            <span class=3D"preheader" style=3D"color: transparent; display:=
 none; height: 0; max-height: 0; max-width: 0; opacity: 0; overflow: hidden=
; mso-hide: all; visibility: hidden; width: 0;"></span>
            <table class=3D"main" style=3D"border-collapse: separate; mso-t=
able-lspace: 0pt; mso-table-rspace: 0pt; width: 100%; background: #ffffff; =
border-radius: 3px;">


              <tr>
                <td class=3D"wrapper" style=3D"font-family: sans-serif; fon=
t-size: 14px; vertical-align: top; box-sizing: border-box; padding: 20px;">
                  <table border=3D"0" cellpadding=3D"0" cellspacing=3D"0" s=
tyle=3D"border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace:=
 0pt; width: 100%;">
                    <tr>
                      <td style=3D"font-family: sans-serif; font-size: 14px=
; vertical-align: top;">

<table align=3D"center" border=3D"0" cellpadding=3D"0" cellspacing=3D"0" st=
yle=3D"width: 100%;" width=3D"100%">
<tr>
<td><img alt=3D"PostgreSQL logo" height=3D"50" src=3D"cid:slonik.png@img" s=
tyle=3D"width: 50px; height: 50px;" width=3D"50"/></td>
<td style=3D"text-align: center;"><h1 style=3D"color: #000; font-family: sa=
ns-serif; line-height: 1.4; margin: 0; margin-bottom: 30px; font-size: 25px=
; font-weight: 300; text-align: center">PostgreSQL 18.4, 17.10, 16.14, 15.1=
8, and 14.23 Released!</h1></td>
<td><img alt=3D"PostgreSQL logo" height=3D"50" src=3D"cid:slonik.png@img" s=
tyle=3D"width: 50px; height: 50px;" width=3D"50"/></td>
</tr>
</table>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">The PostgreSQL Global Development Group has=
 released an update to all
supported versions of PostgreSQL, including 18.4, 17.10, 16.14, 15.18, and =
14.23.
This release fixes 11 security vulnerabilities and over 60 bugs reported
over the last several months.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">For the full list of changes, please review=
 the <a href=3D"https://www.postgresql.org/docs/release/" style=3D"color: #=
3498db; text-decoration: underline">release
notes</a>.</p>
<h2 style=3D"color: #000; font-family: sans-serif; font-weight: 400; line-h=
eight: 1.4; margin: 0; margin-bottom: 30px">PostgreSQL 14 EOL Notice</h2>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">PostgreSQL 14 will stop receiving fixes on =
November 12, 2026. If you are
running PostgreSQL 14 in a production environment, we suggest that you make
plans to upgrade to a newer, supported version of PostgreSQL. Please see our
<a href=3D"https://www.postgresql.org/support/versioning/" style=3D"color: =
#3498db; text-decoration: underline">versioning policy</a> for more
information.</p>
<h2 style=3D"color: #000; font-family: sans-serif; font-weight: 400; line-h=
eight: 1.4; margin: 0; margin-bottom: 30px">Security Issues</h2>
<h3 style=3D"color: #000; font-family: sans-serif; font-weight: 400; line-h=
eight: 1.4; margin: 0; margin-bottom: 30px"><a href=3D"https://www.postgres=
ql.org/support/security/CVE-2026-6472/" style=3D"color: #3498db; text-decor=
ation: underline">CVE-2026-6472</a>: PostgreSQL <code>CREATE TYPE</code> do=
es not check <code>multirange</code> schema <code>CREATE</code> privilege</=
h3>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">CVSS v3.1 Base Score: <a href=3D"https://nv=
d.nist.gov/vuln-metrics/cvss/v3-calculator?version=3D3.1&amp;vector=3DAV:N/=
AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" style=3D"color: #3498db; text-decoration: u=
nderline">5.4</a></p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Supported, Vulnerable Versions: 14 - 18.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Missing authorization in PostgreSQL <code>C=
REATE TYPE</code> allows an object creator to
hijack other queries that use <code>search_path</code> to find user-defined=
 types,
including extension-defined types. That is to say, the victim will execute
arbitrary SQL functions of the attacker's choice.  Versions before PostgreS=
QL
18.4, 17.10, 16.14, 15.18, and 14.23 are affected.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">The PostgreSQL project thanks Jelte Fennema=
-Nio for reporting this problem.</p>
<h3 style=3D"color: #000; font-family: sans-serif; font-weight: 400; line-h=
eight: 1.4; margin: 0; margin-bottom: 30px"><a href=3D"https://www.postgres=
ql.org/support/security/CVE-2026-6473/" style=3D"color: #3498db; text-decor=
ation: underline">CVE-2026-6473</a>: PostgreSQL server undersizes allocatio=
ns, via integer wraparound</h3>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">CVSS v3.1 Base Score: <a href=3D"https://nv=
d.nist.gov/vuln-metrics/cvss/v3-calculator?version=3D3.1&amp;vector=3DAV:N/=
AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" style=3D"color: #3498db; text-decoration: u=
nderline">8.8</a></p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Supported, Vulnerable Versions: 14 - 18.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Integer wraparound in multiple PostgreSQL s=
erver features allows an application
input provider to cause the server to undersize an allocation and write
out-of-bounds. This results in a segmentation fault. Versions before Postgr=
eSQL
18.4, 17.10, 16.14, 15.18, and 14.23 are affected.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">The PostgreSQL project thanks Anemone, A1ex=
, Xint Code, Jihe Wang, Jingzhou Fu,
Pavel Kohout, Petr Simecek, www.aisle.com, Bruce Dang of Calif.io, and
Sven Klemm for reporting this problem.</p>
<h3 style=3D"color: #000; font-family: sans-serif; font-weight: 400; line-h=
eight: 1.4; margin: 0; margin-bottom: 30px"><a href=3D"https://www.postgres=
ql.org/support/security/CVE-2026-6474/" style=3D"color: #3498db; text-decor=
ation: underline">CVE-2026-6474</a>: PostgreSQL <code>timeofday()</code> ca=
n disclose portions of server memory</h3>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">CVSS v3.1 Base Score: <a href=3D"https://nv=
d.nist.gov/vuln-metrics/cvss/v3-calculator?version=3D3.1&amp;vector=3DAV:N/=
AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" style=3D"color: #3498db; text-decoration: u=
nderline">4.3</a></p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Supported, Vulnerable Versions: 14 - 18.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Externally-controlled format string in Post=
greSQL <code>timeofday()</code> function allows
an attacker to retrieve portions of server memory, via crafted timezone zon=
es.=20
Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affecte=
d.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">The PostgreSQL project thanks Xint Code for=
 reporting this problem.</p>
<h3 style=3D"color: #000; font-family: sans-serif; font-weight: 400; line-h=
eight: 1.4; margin: 0; margin-bottom: 30px"><a href=3D"https://www.postgres=
ql.org/support/security/CVE-2026-6475/" style=3D"color: #3498db; text-decor=
ation: underline">CVE-2026-6475</a>: PostgreSQL <code>pg_basebackup</code> =
and <code>pg_rewind</code> can overwrite unrelated files of origin superuse=
r choice</h3>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">CVSS v3.1 Base Score: <a href=3D"https://nv=
d.nist.gov/vuln-metrics/cvss/v3-calculator?version=3D3.1&amp;vector=3DAV:N/=
AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" style=3D"color: #3498db; text-decoration: u=
nderline">8.8</a></p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Supported, Vulnerable Versions: 14 - 18.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Symlink following in PostgreSQL <code>pg_ba=
sebackup</code> plain format and in <code>pg_rewind</code>
allows an origin superuser to overwrite local files, e.g.
<code>/var/lib/postgres/.bashrc</code>, that hijack the operating system ac=
count. It will
remain the case that starting the server after these commands implicitly tr=
usts
the origin superuser, due to features like shared_preload_libraries. Hence,=
 the
attack has practical implications only if one takes relevant action between
these commands and server start, like moving the files to a different VM or
snapshotting the VM. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, =
and
14.23 are affected.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">The PostgreSQL project thanks Valery Gubano=
v, XlabAI Team of Tencent Xuanwu Lab,
Atuin Automated Vulnerability Discovery Engine,
Zhanpeng Liu (pkugenuine(at)gmail(dot)com),
Guannan Wang (wgnbuaa(at)gmail(dot)com), and
Guancheng Li (lgcpku(at)gmail(dot)com) for reporting this problem.</p>
<h3 style=3D"color: #000; font-family: sans-serif; font-weight: 400; line-h=
eight: 1.4; margin: 0; margin-bottom: 30px"><a href=3D"https://www.postgres=
ql.org/support/security/CVE-2026-6476/" style=3D"color: #3498db; text-decor=
ation: underline">CVE-2026-6476</a>: PostgreSQL <code>pg_createsubscriber</=
code> allows SQL injection via subscription name</h3>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">CVSS v3.1 Base Score: <a href=3D"https://nv=
d.nist.gov/vuln-metrics/cvss/v3-calculator?version=3D3.1&amp;vector=3DAV:N/=
AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" style=3D"color: #3498db; text-decoration: u=
nderline">7.2</a></p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Supported, Vulnerable Versions: 17 - 18.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">SQL injection in PostgreSQL <code>pg_create=
subscriber</code> allows an attacker with
<code>pg_create_subscription</code> rights to execute arbitrary SQL as a su=
peruser. The
attack takes effect when <code>pg_createsubscriber</code> next runs. Within=
 major versions
17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected.
Versions before PostgreSQL 17 are unaffected.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">The PostgreSQL project thanks Yu Kunpeng fo=
r reporting this problem.</p>
<h3 style=3D"color: #000; font-family: sans-serif; font-weight: 400; line-h=
eight: 1.4; margin: 0; margin-bottom: 30px"><a href=3D"https://www.postgres=
ql.org/support/security/CVE-2026-6477/" style=3D"color: #3498db; text-decor=
ation: underline">CVE-2026-6477</a>: PostgreSQL <code>libpq</code> lo_* fun=
ctions let server superuser overwrite client stack memory</h3>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">CVSS v3.1 Base Score: <a href=3D"https://nv=
d.nist.gov/vuln-metrics/cvss/v3-calculator?version=3D3.1&amp;vector=3DAV:N/=
AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" style=3D"color: #3498db; text-decoration: u=
nderline">8.8</a></p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Supported, Vulnerable Versions: 14 - 18.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Use of inherently dangerous function <code>=
PQfn(..., result_is_int=3D0, ...)</code> in
PostgreSQL libpq <code>lo_export()</code>, <code>lo_read()</code>, <code>lo=
_lseek64()</code>, and <code>lo_tell64()</code>
functions allows the server superuser to overwrite a client stack buffer wi=
th an
arbitrarily-large response. Like <code>gets()</code>, <code>PQfn(..., resul=
t_is_int=3D0, ...)</code>
stores arbitrary-length, server-determined data into a buffer of unspecified
size. Because both the <code>\lo_export</code> command in <code>psql</code>=
 and <code>pg_dump</code> call
<code>lo_read()</code>, the server superuser can overwrite pg_dump or psql =
stack memory.
Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affecte=
d.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">The PostgreSQL project thanks Yu Kunpeng an=
d Martin Heistermann for reporting
this problem.</p>
<h3 style=3D"color: #000; font-family: sans-serif; font-weight: 400; line-h=
eight: 1.4; margin: 0; margin-bottom: 30px"><a href=3D"https://www.postgres=
ql.org/support/security/CVE-2026-6478/" style=3D"color: #3498db; text-decor=
ation: underline">CVE-2026-6478</a>: PostgreSQL discloses MD5-hashed passwo=
rds via covert timing channel</h3>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">CVSS v3.1 Base Score: <a href=3D"https://nv=
d.nist.gov/vuln-metrics/cvss/v3-calculator?version=3D3.1&amp;vector=3DAV:N/=
AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" style=3D"color: #3498db; text-decoration: u=
nderline">6.5</a></p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Supported, Vulnerable Versions: 14 - 18.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Covert timing channel in comparison of MD5-=
hashed password in PostgreSQL
authentication allows an attacker to recover user credentials sufficient to
authenticate. This does not affect scram-sha-256 passwords, the default in =
all
supported releases.  However, current databases may have MD5-hashed passwor=
ds
originating in upgrades from PostgreSQL 13 or earlier. Versions before
PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">The PostgreSQL project thanks Joe Conway fo=
r reporting this problem.</p>
<h3 style=3D"color: #000; font-family: sans-serif; font-weight: 400; line-h=
eight: 1.4; margin: 0; margin-bottom: 30px"><a href=3D"https://www.postgres=
ql.org/support/security/CVE-2026-6479/" style=3D"color: #3498db; text-decor=
ation: underline">CVE-2026-6479</a>: PostgreSQL SSL/GSS init causes denial =
of service, via uncontrolled recursion</h3>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">CVSS v3.1 Base Score: <a href=3D"https://nv=
d.nist.gov/vuln-metrics/cvss/v3-calculator?version=3D3.1&amp;vector=3DAV:N/=
AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" style=3D"color: #3498db; text-decoration: u=
nderline">7.5</a></p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Supported, Vulnerable Versions: 14 - 18.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Uncontrolled recursion in PostgreSQL SSL an=
d GSS negotiation allows an attacker
able to connect to a PostgreSQL AF_UNIX socket to achieve sustained denial =
of
service. If SSL and GSS are both disabled, an attacker can do the same via
access to a PostgreSQL TCP socket.  Versions before PostgreSQL 18.4, 17.10,
16.14, 15.18, and 14.23 are affected.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">The PostgreSQL project thanks Calif.io in c=
ollaboration with Claude and
Anthropic Research for reporting this problem.</p>
<h3 style=3D"color: #000; font-family: sans-serif; font-weight: 400; line-h=
eight: 1.4; margin: 0; margin-bottom: 30px"><a href=3D"https://www.postgres=
ql.org/support/security/CVE-2026-6575/" style=3D"color: #3498db; text-decor=
ation: underline">CVE-2026-6575</a>: PostgreSQL <code>pg_restore_attribute_=
stats</code> accepts values that cause query planning to read past end of s=
tats array</h3>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">CVSS v3.1 Base Score: <a href=3D"https://nv=
d.nist.gov/vuln-metrics/cvss/v3-calculator?version=3D3.1&amp;vector=3DAV:N/=
AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" style=3D"color: #3498db; text-decoration: u=
nderline">4.3</a></p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Supported, Vulnerable Versions: 18.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Buffer over-read in PostgreSQL function <co=
de>pg_restore_attribute_stats()</code> accepts
array values of unmatched length, which causes query planning to read past =
end
of one array. This allows a table maintainer to infer memory values past th=
at
array end. Within major version 18, minor versions before PostgreSQL 18.4 a=
re
affected. Versions before PostgreSQL 18 are unaffected.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">The PostgreSQL project thanks Jeroen Gui fo=
r reporting this problem.</p>
<h3 style=3D"color: #000; font-family: sans-serif; font-weight: 400; line-h=
eight: 1.4; margin: 0; margin-bottom: 30px"><a href=3D"https://www.postgres=
ql.org/support/security/CVE-2026-6637/" style=3D"color: #3498db; text-decor=
ation: underline">CVE-2026-6637</a>: PostgreSQL <code>refint</code> allows =
stack buffer overflow and SQL injection</h3>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">CVSS v3.1 Base Score: <a href=3D"https://nv=
d.nist.gov/vuln-metrics/cvss/v3-calculator?version=3D3.1&amp;vector=3DAV:N/=
AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" style=3D"color: #3498db; text-decoration: u=
nderline">8.8</a></p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Supported, Vulnerable Versions: 14 - 18.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Stack buffer overflow in PostgreSQL module =
<code>refint</code> allows an unprivileged
database user to execute arbitrary code as the operating system user runnin=
g the
database. A distinct attack is possible if the application declares a
user-controlled column as a <code>refint</code> cascade primary key and fac=
ilitates
user-controlled updates to that column. In that case, a SQL injection allow=
s a
primary key update value provider to execute arbitrary SQL as the database =
user
performing the primary key update. Versions before PostgreSQL 18.4, 17.10,
16.14, 15.18, and 14.23 are affected.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">The PostgreSQL project thanks Nikolay Samok=
hvalov for reporting this problem.</p>
<h3 style=3D"color: #000; font-family: sans-serif; font-weight: 400; line-h=
eight: 1.4; margin: 0; margin-bottom: 30px"><a href=3D"https://www.postgres=
ql.org/support/security/CVE-2026-6638/" style=3D"color: #3498db; text-decor=
ation: underline">CVE-2026-6638</a>: PostgreSQL <code>REFRESH PUBLICATION</=
code> allows SQL injection via table name</h3>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">CVSS v3.1 Base Score: <a href=3D"https://nv=
d.nist.gov/vuln-metrics/cvss/v3-calculator?version=3D3.1&amp;vector=3DAV:N/=
AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N" style=3D"color: #3498db; text-decoration: u=
nderline">3.7</a></p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Supported, Vulnerable Versions: 16 - 18.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">SQL injection in PostgreSQL logical replica=
tion
<code>ALTER SUBSCRIPTION ... REFRESH PUBLICATION</code> allows a subscriber=
 table creator
to execute arbitrary SQL with the subscription's publication-side credentia=
ls.
The attack takes effect at the next <code>REFRESH PUBLICATION</code>. Withi=
n major versions
16, 17, and 18, minor versions before PostgreSQL 18.4, 17.10, and 16.14 are
affected. Versions before PostgreSQL 16 are unaffected.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">The PostgreSQL project thanks Pavel Kohout,=
 Aisle Research for reporting this
problem.</p>
<h2 style=3D"color: #000; font-family: sans-serif; font-weight: 400; line-h=
eight: 1.4; margin: 0; margin-bottom: 30px">Bug Fixes and Improvements</h2>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">This update fixes over 60 bugs that were re=
ported in the last several
months. The issues listed below affect PostgreSQL 18. Some of these issues =
may
also affect other supported versions of PostgreSQL.</p>
<ul style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal;=
 margin: 0; margin-bottom: 15px">
<li style=3D"list-style-position: inside; margin-left: 5px">Fix queries tha=
t could return incorrect results when using a nondeterministic
collation over a unique index.</li>
<li style=3D"list-style-position: inside; margin-left: 5px">Fix loss of def=
errability of foreign-key triggers. Previously, a foreign key
defined as <code>DEFERRABLE INITIALLY DEFERRED</code> would behave as <code=
>NOT DEFERRABLE</code>
after being set to <code>NOT ENFORCED</code> status and then back to <code>=
ENFORCED</code>. If you
have a foreign key with this problem, after installing this update you can =
fix
it by setting it to <code>NOT ENFORCED</code> and then back to <code>ENFORC=
ED</code>.</li>
<li style=3D"list-style-position: inside; margin-left: 5px">Improve the pla=
nner's ability to apply partition pruning to more cases.</li>
<li style=3D"list-style-position: inside; margin-left: 5px">Fix self-join r=
emoval to handle join clauses that are only boolean columns,
for example, <code>ON t1.boolcol</code>.</li>
<li style=3D"list-style-position: inside; margin-left: 5px">Several fixes a=
round virtual generated columns, including ensuring
<code>INSERT ... ON CONFLICT</code> works when <code>EXCLUDED</code> refere=
nces a virtual
generated column.</li>
<li style=3D"list-style-position: inside; margin-left: 5px">Report a serial=
ization failure when <code>MERGE</code> encounters a concurrently-updated
tuple in "repeatable read" or "serializable"
<a href=3D"https://www.postgresql.org/docs/current/transaction-iso.html" st=
yle=3D"color: #3498db; text-decoration: underline">isolation modes</a>.</li>
<li style=3D"list-style-position: inside; margin-left: 5px">Fix <code>CREAT=
E TABLE ... LIKE ... INCLUDING STATISTICS</code> for cases where the
source table had one or more dropped columns.</li>
<li style=3D"list-style-position: inside; margin-left: 5px">Fix <code>WITHO=
UT OVERLAPS</code> to allow domains.</li>
<li style=3D"list-style-position: inside; margin-left: 5px">Disallow making=
 a composite type be a member of itself via a <code>multirange</code>.</li>
<li style=3D"list-style-position: inside; margin-left: 5px">Fix sometimes-i=
ncorrect results when <code>array_agg(anyarray)</code> executes in
parallel.</li>
<li style=3D"list-style-position: inside; margin-left: 5px">Prevent bloatin=
g during restore of an incremental backup.</li>
<li style=3D"list-style-position: inside; margin-left: 5px">Prevent stuck l=
ogical replication slot synchronization worker processes from
blocking promotion of a standby server.</li>
<li style=3D"list-style-position: inside; margin-left: 5px">Make the <code>=
pg_aios</code> system view <code>pid</code> column show <code>NULL</code> i=
nstead of <code>0</code> when an
entry has no owning process.</li>
<li style=3D"list-style-position: inside; margin-left: 5px">Fix cases where=
 <code>pg_stat_replication</code> shows <code>NULL</code> lag even while re=
plication
is active.</li>
<li style=3D"list-style-position: inside; margin-left: 5px">Correctly displ=
ay JOIN alias variables that are used in <code>GROUP BY</code>.</li>
<li style=3D"list-style-position: inside; margin-left: 5px">If the startup =
process fails, properly shut down other child processes before
exiting the postmaster.</li>
<li style=3D"list-style-position: inside; margin-left: 5px">Fix race condit=
ion that could cause a standby server following WAL from a
primary of an older minor version to get into a crash-and-restart loop.</li>
<li style=3D"list-style-position: inside; margin-left: 5px">Prevent indefin=
ite wait in shutdown of a walsender process when logical
replication is actively publishing data.</li>
<li style=3D"list-style-position: inside; margin-left: 5px">Ensure that fre=
e space map changes are persisted during recovery. This could
have performance ramifications on a standby server after promotion.</li>
<li style=3D"list-style-position: inside; margin-left: 5px">Fix assorted bu=
gs in backup decompression and tar-parsing code used in
<code>pg_basebackup</code> and <code>pg_verifybackup</code>.</li>
<li style=3D"list-style-position: inside; margin-left: 5px">Ensure <code>pg=
_dumpall</code> doesn't skip role grants with dangling grantor OIDs,
restoring the behavior before PostgreSQL 16. Emits a warning about missing
grantor if the source server is PostgreSQL 16 or later.</li>
<li style=3D"list-style-position: inside; margin-left: 5px">Fix <code>pg_up=
grade</code> to use the correct protocol version when connecting to older
source servers.</li>
<li style=3D"list-style-position: inside; margin-left: 5px">Fix output in <=
code>pg_overexplain</code> when using the <code>RANGE_TABLE</code> option.<=
/li>
<li style=3D"list-style-position: inside; margin-left: 5px">Fix <code>postg=
res_fdw</code> crash due to premature cleanup of a failed connection.</li>
</ul>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">This release also updates time zone data fi=
les to tzdata release 2026b, in which
British Columbia (America/Vancouver) will be on year-round UTC-07
(effectively, permanent DST) beginning in November 2026. This release assum=
es
that their TZ abbreviation will be MST from that time forward (though this
could change). There is also a historical correction for Moldova, which has=
 used
EU DST transition times since 2022.</p>
<h2 style=3D"color: #000; font-family: sans-serif; font-weight: 400; line-h=
eight: 1.4; margin: 0; margin-bottom: 30px">Updating</h2>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">All PostgreSQL update releases are cumulati=
ve. As with other minor releases,
users are not required to dump and reload their database or use <code>pg_up=
grade</code>
in order to apply this update release; you may simply stop PostgreSQL and
update its binaries.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">Users who have skipped one or more update r=
eleases may need to run additional
post-update steps; please see the release notes from earlier versions for
details.</p>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">For more details, please see the <a href=3D=
"https://www.postgresql.org/docs/release/" style=3D"color: #3498db; text-de=
coration: underline">release notes</a>.</p>
<h2 style=3D"color: #000; font-family: sans-serif; font-weight: 400; line-h=
eight: 1.4; margin: 0; margin-bottom: 30px">Links</h2>
<ul style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal;=
 margin: 0; margin-bottom: 15px">
<li style=3D"list-style-position: inside; margin-left: 5px"><a href=3D"http=
s://www.postgresql.org/download/" style=3D"color: #3498db; text-decoration:=
 underline">Download</a></li>
<li style=3D"list-style-position: inside; margin-left: 5px"><a href=3D"http=
s://www.postgresql.org/docs/release/" style=3D"color: #3498db; text-decorat=
ion: underline">Release Notes</a></li>
<li style=3D"list-style-position: inside; margin-left: 5px"><a href=3D"http=
s://www.postgresql.org/support/security/" style=3D"color: #3498db; text-dec=
oration: underline">Security</a></li>
<li style=3D"list-style-position: inside; margin-left: 5px"><a href=3D"http=
s://www.postgresql.org/support/versioning/" style=3D"color: #3498db; text-d=
ecoration: underline">Versioning Policy</a></li>
<li style=3D"list-style-position: inside; margin-left: 5px"><a href=3D"http=
s://www.postgresql.org/account/submitbug/" style=3D"color: #3498db; text-de=
coration: underline">Submit a Bug</a></li>
<li style=3D"list-style-position: inside; margin-left: 5px"><a href=3D"http=
s://www.postgresql.org/about/donate/" style=3D"color: #3498db; text-decorat=
ion: underline">Donate</a></li>
</ul>
<p style=3D"font-family: sans-serif; font-size: 14px; font-weight: normal; =
margin: 0; margin-bottom: 15px">If you have corrections or suggestions for =
this release announcement, please send them to the <em>pgsql-www@lists.post=
gresql.org</em> public <a href=3D"https://www.postgresql.org/list/" style=
=3D"color: #3498db; text-decoration: underline">mailing list</a>.</p>

                      </td>
                    </tr>
                  </table>
                </td>
              </tr>

            </table>

            <div class=3D"footer" style=3D"clear: both; Margin-top: 10px; t=
ext-align: center; width: 100%;">
              <table border=3D"0" cellpadding=3D"0" cellspacing=3D"0" style=
=3D"border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt=
; width: 100%;">
                <tr>
                  <td class=3D"content-block" style=3D"font-family: sans-se=
rif; vertical-align: top; padding-bottom: 10px; padding-top: 10px; font-siz=
e: 12px; color: #999999; text-align: center;">
                    <span class=3D"apple-link" style=3D"color: #999999; fon=
t-size: 12px; text-align: center;">
This email was sent to you from the PostgreSQL project.
</span>
		    <br><br>
You were sent this email as a subscriber of the <em>pgsql-announce</em> mai=
linglist, for
for one of the content tags PostgreSQL Project or Security.
To unsubscribe from
further emails, or change which emails you want to receive, please click th=
e personal unsubscribe
link that you can find in the headers of this email, or visit
<a href=3D"https://lists.postgresql.org/unsubscribe/" style=3D"color: #3498=
db; text-decoration: underline">https://lists.postgresql.org/unsubscribe/</=
a>.

                  </td>
                </tr>
              </table>
            </div>

          </div>
        </td>
        <td style=3D"font-family: sans-serif; font-size: 14px; vertical-ali=
gn: top;">&nbsp;</td>
      </tr>
    </table>
  </body>
</html>

--===============3469735971051964561==
Content-Type: image/png; name=slonik.png
MIME-Version: 1.0
Content-Disposition: inline; filename="slonik.png"
Content-ID: <slonik.png@img>
Content-Transfer-Encoding: base64

iVBORw0KGgoAAAANSUhEUgAAASwAAAEsCAYAAAB5fY51AAAABHNCSVQICAgIfAhkiAAAAAlwSFlz
AAAFlAAABZQBLUzgowAAABl0RVh0U29mdHdhcmUAd3d3Lmlua3NjYXBlLm9yZ5vuPBoAACAASURB
VHic7Z13eBTX1cbfrdJKq967kIQaAokiRO+92rjhirvBie24JE7ixMZx8tlJ3BLHcY97t7HpmN6r
AAkJCfXee1lptfX7QwZTpLmzuzOzs7v39zw8AvZq54Bm3zn33FMkZrPZDAqFQnEApPY2gEKhUNhC
BYtCoTgMVLAoFIrDILe3ARSKWOkf0KNTo0Vnb//Pv4b6/S9/pzcYoZDLoJTLoFTIf/76y599PN0R
6q9GqL8XQv29ERbghVA/L3h5uNn7n+owUMGiuDQmsxnVTZ24UN2MopoWXKhuRnVzFzp6+6DTGwWx
wdNdiVB/L0QF+yI1Jhij48IwKiYYHu5KQa7vSEjoKSHFVTAYTSirb7skTBdqWlBS24r+Ab29TbsG
qUSCEWH+GB0XirTYUIyOC8WIMH9IJRJ7m2ZXqGBROKG7bwCN7T1obO9BU0cPOnoGt0g6g/GyryaY
zWZ4e7rBT+0BPy8VfNUq+Hmp4PfzVy8PN84+lEaTCWdK6nEgtww5pQ0oq2+D3iCM18QHnu5KTE2L
xYIJIzFlVCyUCpm9TRIclxaszt5+1Ld2o7a1C/Wt3ahvG/x9a1cfjEYTzDADZsBsxuDvcdnvzYBc
JoWflwqBPp4I8PZEoI8HAn08B395D/7e10vldE/Fzt5+ZBfVIru4FrmlDaht7eLMS5FKJfD1dIev
lwf81CoE+3oi5edtUnJUEBRy5g9pn1aHo+ercCC3HEfyK9HdN8CJXWLDw12JWelxmD9hJCalRBP/
X5wFlxCsAb0Bpy7U4nRxLaqbO1Hf2o26tm70aXW8X1sqlSDIR434CH+MjAhEQkQgEiICEBvi5zA3
WW+/DmdKanHqQi2yi2pRWt8Ke9w1SrkMydHBSBsRijFxoRgTF4ZgPzXae/qxP6cM+3PLkH2hFjoH
9qKswcvD7WfxSkRWShRkUuc9/HdawWrq6MHhvEocyqvAqQu1GNAb7G3SFchlUsSE+CEhIgAjIwIv
eREebgp7mwaTyYzsolocL6xGdlENLtS0wGQS523iq1ZBo9U59FaPSwJ9PHHHvLG4YcZoqERwL3GN
0wiWyWxGfkUjDudV4nBeBYprW+1tksXIpFIkRQdh3MgIjE0Ix9iEcHh7ugt2fZ3BiC3HCvHxT6dR
19ol2HUp3OOrVuG2uRm4eVY61CrnOW10eMEqqmnB1/tycfBcBTp7++1tDqdIJEBcWADGjgzHuJER
mJwaw0vOTt+AHt8fzMPnu8+itUvD+fs7E24KOXzU7vBVq+Dr6Q4fz8Hf+6jd4aVyg8FowoDeAJ3B
CJ3egAH9L19buzRoaOtGc6cGRpNJEHvVKiVumZ2O2+aOhY+ADz++cFjByi6qxUc/ZeN4QbW9TREM
mVSK8UkRmJ0Rj5npcQj2Vdv0ft0aLb7al4uv9uWiW6PlyErHxV0pR2JkEJKigjAizO9nUVLBV+0O
H7U7fDxVcFfanrpoMpnR0tWLxvZeNLb3oL6tG8U1LcivaERDew8H/5JrUbkpcOOM0bhj/jgEeHvw
cg0hcDjBOpRXgfe3nsT5yiZ7m2JXJBIgNSYEszPiMSsjHrGhfqy/t6VLg893n8WGg3noE2EOkhCo
VW5Ijh4Up+ToYCRFBSE21M/uJ7pt3X3Ir2hEXkUj8sobUVjVxOnPyF0px/1LJuKuBeMhlTre6bXD
CFZtSxf+8fV+HM2vsrcpoiQ21O+SeKXGhGCoz53ZDHy++wze2nSc10MIiQTw8/KAp5vystIUGdwU
cpjMZnT29qOjZ7CsRait0dWoVUrcOX88bp2bIYqDjuEwmcwoqWvF3rOl2HW6BNVNnZy8b2pMMNav
mY+48ABO3k8oRC9YA3oDPtyRjU9+Os3rcbVSLkNogBciAnwQHujNKlBpMJrQ1t2H1i7NpV+9/fyn
SpAI9lVjVkY8VkxJQXJ0MACgvbsPz320C8cKuBN8iQQYGRGICUlRSI4OQqifF0L81Qj2VbNK2TCb
gZ7+AXT2DNbidfwsZBe/Vja2I7+ikddcKn8vFe5ZnIkbZoyG0gHSTIprW7H7dAl2ZZegpsU28VLI
ZXhg6USsWTjeYVIhRC1YOaX1ePajnahv7ebsPWNC/DA6LhThAd6ICPRGeKAPIgK8EeSrHtIrsZQB
veFn8RoUssb2HpTVt6G0rhXlDe3Q6oRNr0iKCkJGQjh2Zhejo8f2Q4kRof6YkBSJzORIjE+M5D2Q
azYDVU0dOFfegLzyRpwrb0BFQztMHN+2of5eeHBZFpZNSnGYrVJRTQt2nS7BpqMFaO/us/p9kqOD
8dyaeRgZEcihdfwgWsH6Ys9Z/Ov7IzZvGeQyKcaNjMC00SMwfUwsooJ8ObLQckxmM+pau1Ba1/bz
r1aU1LaiupkbN58PfNUqzMqIQ2ZSFCYkRYoiYKvR6nC+ognnyhtwrqIBOSX1nMV5YkL8sG7FJMwd
N5KTB5gQDOgN+OHQeXyy6zSaO3qteg+5TIr7lkzEPYsmQC4Tr7clOsHqG9DjL5/sxu7TJVa/h7+X
ClPSYjF99AhMSo2Gp8ir3jt6+nG2tB5nS+pwtrQexTUtnHsQlhLsq8Yd88dh1fQ0Tk7G+ESrM2Dv
2VJsPX4Bpy7UcPJ/Nyo2BM/dNc+hYjx6gxFbjhfiox3W59ElRgXhpQcWIzrYfg92JkQlWNXNnXji
v5tR2dhh8fdKJRLMyojDrXPHIj0+zO6nPbag0eqQW9qAM6V1OFlYjYKqZsGuHRHogzULx2P55BSH
KR26nObOXmw/UYStxwtR3tBu03sp5TKsWzkZt88b61D3k8lkxo5TRfhwezYqGi3/P/DxdMdrDy/H
mPgwHqyzDdEIVkVjO9a+ugFtFu7F3RRyLJucgjvmj7Xrdo9Pmjp6cCC3HPvOluFMST0vJ2tx4QG4
Z9EELJyQ6DAxHBKF1c3YerwQP52yLX43NiEc6++ej4hAHw6t4x+T2Yw9Z0rx2reH0Nxp2VZRqZDh
r/cuwpyx8TxZZx2iEKzyhnasfW2DxYHDBRMS8cRN0xHo48mTZeKjW6PFobwK7M8px7GCKpuD+AHe
Hnj61lmYnZHgMDEbSzEYTfjpVBHe3XLS6q2Sh5sCv7lxOlZNT+PYOv7p7dfh1W8PYtPRAou+TyqR
4ImbZmD1nHSeLLMcuwtWWX0b1r22Ae0WPAGjg33x9K2zkJUSzaNl4mdAb8DxgmrsyynD3jOlFgee
J6fG4Pl7FsDfS8WTheLCYDRh09ECvL/tpNXB6SlpMXj2znkO+ZA8er4Kf/tsL5o6LMumv2P+ODy2
apooHmh2FazKxg488Mp3Frnrdy0Yh7UrJjtEzoxQ7Mspw+/f3c56qyiTSvGr66bgzvnjRHETCo3O
YMR3B/Lw0Y5TFj0oL+Lt6Y5nbp+DueMSeLCOXzRaHV7/7jB+OJxv0fctmJCI9XfPt/vnzm6CpdHq
cOeLX7HO3FWrlFi/Zj5mZYhrT21vjuZX4cm3t7BurxLip8bfH1yCtBGhPFsmfvoH9PhqXy4+3Xna
quTUB5ZOxEPLJ/FgGf+cKKzGXz/dY1Ht4riREXhl3TK7Ds2wi2CZzcBTb2/BgdxyVutHRgTiH2uX
OG1Q3Vqyi2rx6H82sh6WMDsjHs+tme9U7Ua4oLdfh39vOIwNhyzzOgBgSVYy/nznXIc8Ue3T6vDi
F/uw/WQR6++JCw/Au0+sgq/aPmEEuwjWB9tO4a1Nx1itnZwag5fXLYWbQty5QEJTVNOC+1/+jnVr
4nUrJuO+JZk8W+XYHCuowguf7LH4RG3cyAi8vHapoL3LuOTNH4/iwx3ZrNePiQ/D24+vssv2ULZ+
/fr1Ql5wMPC3B2xUcnJqDF5Zt4yK1VX0D+jx8Os/sE4BuX/pRDy4LItnqxyfqCBfrJiSipZODUrq
2DeAbGjvwb7cMkxNi3VI0ZqYHAVftQrHzlex+lw2dfSitqXLLjE8QQWrpUuDh1//gdVR/EWxcsXJ
ICT+/tV+nCisYbX2zvnj8OvrpvBskfPgppBj9th4JEUFIbu4lrUH26XRYsepYmTEhyPE34tnK7ln
VGwI4iMCceBcOYws2mGX1bfBbDZjQlKkANb9gqBFQ699e4hVo7hxiRFUrIbhQG45fjx8ntXam2el
47EbpvFskXMyMz0O3zx7O+aNH8n6ezp7+7H29Q3YZUNZmT2ZMzYe/33senizDKq/t/WkRfEvLhBM
sE4V1WJndjFxXbCvGi89sISK1RC0dffhhU/3sFp73bRR+O0tM3m2yLnxVavw0gOL8exd81gH1XV6
I555fwe2nbjAs3X8kJEQjvd/exNC/Nh5iS98shu5ZQ08W/ULggiWwWjCP77cT1wnl0nx0oOLXSaR
0RLMZuD5j3ex6lu/JCsZf7x9jkvmWPHBiimp+M+jK1l7HiazGes/3oU9Z0p5towf4sL88eHTN7Eq
RdIZjHjyrS2CDS0RRLA+332WVRHm4zdOx5g48RVcioFv9ufi6Hly873EqCD8+c65DlWs6wiMT4zE
h0/fjMggdvWEJpMZz3ywA4fzKvk1jCeCfdX4169XsMq56uztx2P/2YQeAYbW8i5Y7T39eH/bSeK6
zKRI3DJbPDVLYqK8oR3/2nCYuM5NIcff7lvokDlBjkBMiB8+evpmpLPsYmAwmvC7d7fiJMsDErER
G+qHfz60lFV/rMrGDjz97jYYjPy2vOZdsL7el0M8aVHIZXj61tl8m+Kw/O2zPaySQ5+4aTpGhPoL
YJHr4qtW4a3HV2FhZiKr9Tq9EU+8tRk5pfU8W8YPE5Ii8cfb57Bae/JCDd7dcoJXe3gVrP4BPb49
kEdcd8e8sRZNfXElDuSWswpqzhgThxtmjBbAIopSPth65d7F7BJxtToDHvvPJhQ46KSnFVNScc+i
CazWfrbrDG+jygCeBevHI+eJaQxh/l64b8lEPs1wWEwmM/7zw1HiugBvDzx711wBLKJcRCIBHl45
mXVCrkarw6/f2OiwE7UfXjmFVYqHzmDE25uO82YHb4JlNJnwxe6zxHW/uXG66Fvw2ostxwuJhxUS
CfD83QvsVtvl6jy4LAt3LRjPam23Rosn39rCOhlVTEgkwF/uXoDRLIrmt5+4gNK6Nl7s4E2wdmWX
EF3DmBA/zBnreC06hECnN+LtzeQn1Q0zRmNSqmv3BbM3j66aiptnjWG1trSuDes/3sWzRfygVMjw
ysPLER7gzbjOZDazrhW2FN4E65v954hr7pg/luYKDcNX+3KITeY83BR4cJljtjdxNn57yyysmJLK
au2eM6X43/ZTPFvED/5eKvzpTnL44dC5CovbnbOBF8FqbO9BXgVzoNjf2wNLJ6XwcXmHp7tvAB+x
qJ6/Y/44mmQrEiQS4E93zsWCCexOD9/edBxH8iv5NYonJiZHEbv9msxmXv59vAjW7tMlIDWtWT07
3e7dC8XKxz9lExvK+XupcMf8cQJZRGGDVCLBC/cuwIwxccS1JvNgYilXo+eF5pHrpxB3R2wSnS2F
F8EiFX8qFTLcSI/gh6RPq8O3LLbT9y2ZCA83hQAWUSxBJpXixQcWISkqiLi2t1+HJ9/agj6tTgDL
uCU5OphYlXKisJrzCU+cC1ZDew/OE/JNJqXEOGTfICHYdqKIOEwiItCH5lyJGDeFHK+sW8bq5Lai
sR0vfrFPAKu4h+RJ9vQN4Fx5I6fX5Fyw2ExsnjeengwOx3cHyd7VuhWTRD1OnAKE+nvh7w8uhkxK
/jltP1mEvWcdr1B6+uhY4ppTF7gtSxJcsBRyGas9viuSW9ZAzF9JiAjAwswkgSyi2ML4xEg8fuN0
Vmv/7/N9Fs/ltDdx4QEID2ROcaiwcfr21XAqWL39OhQSxqpPTI6iQxCG4bsDZO/q5lnpNBXEgVg9
Jx3LJpNPwzt7+/HXz/YKYBG3pMUyJ5LWtnCb2c+pYOVVNMBEOB50xFluQtDZ20/sn+ThrsSiidS7
cjT+eNscpMYEE9cdPFdu8XRme0Nqt1PLcSkSp4J1jlCkK5EMtp6lXMumo4XQEWYLLs1KpieDDohS
IcNLDyyBhzt5Z/HKNwfRyGPxMNdEELaEPX0DrNqis4VTwcotZxasmBA/+NDTwWswm4HvD5K7Wqya
kSaANRQ+CA/0xuM3kvvra7Q6rP94FzGPUSywaWjI5baQM8Eymc3Ir2BOZ6DdRIcmr6KBWMU/Jj4M
IyMCBbKIwgfXT0vD1LRY4rrsolpsO1HIv0EcwKaNMpfbQs4Eq7SujZgAx7ZTo6uxP4c8AZsm2joH
f75zLqscxDd+OOoQCaXBfmpi6kaXGLeEpPgVMOglUK5lf24Z4+venu6YN479uCmKeAn08cTTq2cR
17V2afD+NvEXSEslEmJ7KD0hNmvR9bh6o/xK5oxWbw83xIbQ9r1XU97QTqwnmzs2gY49cyIWZiay
aob35d4c1LSIv9bQjXBvsmnvzRbOBKu6mfk/Ni0ulOYPDcH+HGbvCgBmZdCTVWfj6dWziGPD9AYj
Xv3mkEAWWY9CzuxhkU6/LYEzwSKdBCSEB3B1Kadify5z/MrDTYHM5CiBrKEIhZ+XCmtXkHuZHcqr
4KXrAZeQPCzRbQn7B/TEsgI2pwmuRnNnLwqrmE9WJ4+KoW14nJQbZ4xBQgT5Qf7694dFneZACleI
zsOqa+0mrmE7gNKVOJBbTrwRZ2XEC2MMRXCkUgl+d8ss4rry+jYcyiOfJNsL0gNVdB4Wm0kg1MO6
lkPnKhhfl0mlmMYib4fiuIxLjGDVpfSjHacFsMY6jCbmpy6X3iEngkWKX0mlEoQFeHFxKafBZDIj
h5AKMj4xgtWocIpj85sbphFTA86VN+CsSIexagj5Yh7u3JWTCeJhhfp7seoL5EoU17YQEwNpGx7X
INhPjZtmkqfusOnzbw9I97EnixpKtnCiIk2E6S6RdDt4DTml5ETb8UkRAlhCEQO3zRsLBSEWdCS/
EiV1rQJZxJ5eRxMskksY4O3BxWWcipwyZvfey8MN8TQVxGUI8vHEkqxk4rpPfhJXLMtgNBETQ8Un
WP3MgqVW0TjM1eQQ4hHp8WGQ0kxbl2LNgvHEn/nO7BLUt5FP5YWC5KwAYNVWhy3cCNYAwSWkHUav
oLalC61dGsY1YxPodtDViA7xJaaxGE0mfLbrjEAWkWEjWGqxCVaflnnKC5cuoTNA8q4AYGxCuACW
UMTG3QvHE9dsPFKAjp5+Aawh00uYnwmI8JSQfEpAu2RezoUa5r73bgo5Uli01KU4H6mxIchMimRc
M6A34Kt9OQJZxExzJ/NOARgsQ+IKmwXLZDajX0c9LEuoamQuFE+NCSaeGFGcl7sXTSCu+Xb/OQzo
DQJYwwypnbNEAgT7qjm7ns2C1T+gJ2ayUsG6kqqmDsbX41nUl1Gcl6yUaCRHM3vY3X0DOJJfKYxB
DDS0Mx8A+Ht5cPrwtVmw2ATdPOkp4SV0eiPxqRQd7CeQNRSxsoZFLIs0ZUkISPdyqD+3FS42C5Z2
gOyWktpPuBI1LZ3EUWgxIb4CWUMRK3PHJRDrbw/nVXLaCcEaGgiCFeInMsGSyci5QqTiSFeCtB0E
BqcLUVwbqUSChZnMRdEarQ4nC7kdBW8pDudhyWXktzAaTbZexmmobGQWLIVchvAA5llvFNdgHouh
w3vP2m9baDSZ0Eo4JQz15y7gDnDhYbEoajZQwbpEFaF/e2SgD6RSmuFOARKjgoh95A7klsNoss/n
q6m9lxjeEJ2HRQXLMkhbwmgav3IZTCYz2nv6UV7fhvyKRlQ1dVyT0zhnLLOX1aXR4nRxHZ9mDktp
PbkQO5TjGBZzEx42b8BmS2inJ4AYqSYIFg24Ow9NHT3ILqpFVVMnOnr60dHbj87e/ku/7+nTDpkS
pHJTIMjHE4G+nqwe9vtzyjDRDn3/L1S3ML4ulUgQG8btpCybBUvGQrCohzVIR08/ugmlDFwF3Bva
e1BS24LKxk509vahs1eLzl4tuvsGh1r6qVXw8xr8FeLnhbQRoUiMpJOlbcFsBk4V1WB/TjlOFFaz
OmAZiv4BPaqbO4mTqC7CptSLDwqrmCs2okN84eHGbZWL7R4Wiy0h9bAGYXMDR1spWPkVjdiXU4a8
ikaU1Laih0WN19UE+nhicmo0Jo+KwfTRI6Di+GZzVvQGI7afLMJnu8+ivL5N8Os3dzL3o+OLwmpm
wUohJL9aAwceFjlATD2sQVilNASz3xIWVDZh1+kS7D5dQsyHYUNrlwabjxVi87FCqFVKrFk4AbfP
HUuHuDKw5Vgh3vzxKFoI3Tf4pJfQ3okPWrs0xI4jpGx9a7BdsKRSSCUSxtOC3n7Ln/bOCOmEUK1S
wp/Q7LCwuhm7skuw+0wJ6llMK7KW3n4d3vzxKDYczMMjq6ayGpTgSrR2afDXz/bgcF6lvU2BwWiC
yWwWtH8aKX4FiNTDAga3EkxuaX2b7U9/Z6C9h3l2Y1TQ0N5Vn1aHr/efw8Yj54kDP7imob0Hf3x/
BzYeKcDf7lsIXzV3lfeOyqmiWjz97jZ0a7T2NuUSJpMZUha7Ha4gbQclEiApOojz63IiWGEBXoyC
1SCiDon2pFvD7Gle3YajT6vDV/ty8dnus3b/cJworMba1zbgrd+s4rRdiKNx9HwVnnpri91LYq5G
6Nw9UsA9KsiXl6YHnPTDCiNkZlPBGqSnj1l0Lo706hvQ48Md2Vj+zEf478Zjdheri5TWtWHd6xtE
0zxOaI4ViFOsJBII3k77AsHD4iN+BXDkYZFKSbgICDsDPYRYnoebEh/tyManu86gSyQidTUXReu9
J290qZmJVU0dePqdbVaJlVQqQUJ4AAK8PeHnpYLvxZSSy76q3BVo7+5DS6cGLV0atHRq0NrVi5ZO
DaqaOxkfWkKP0Gvv6SeeTIpasEjp9x09/dDqDMRhkc4OKQfrp1NF6BtgboZoKTKpFJFBPvDxdIfa
QwkvlRsMRhO6NFp09vajvq2H2DH2akrr2vCXT3bjn2uXcmqrWDGaTPjzhzst+tl4uCmwaGISpqbF
YnxiJNRs5hoM08b/2wPn8Pcv9w/7bUIL1gXCdhAAbx1zBfGwAKC+rRtxHGe9Ohqk3CguxMrH0x0z
0+OQNiIUyVFBSIgIZExLMJpMyCtvxLGCKmw/UcR6Isu+nDIcya/E1LRYm20WOx/tOI2CyiZWa9Uq
Je5dPBGrpqexEykWkNKC2CRvcwkp4A4AyVHcB9wBAQWrsa3HpQXLYDShn2Pv6SLenu6YnRGP+eNH
IjM50qInrkwqRUZCODISwnHfkon4ck8OPth+ipXX9cq3BzExOcqp2zl3abT4cMcpVmsnpUbj2Tvn
IdiP2w4FpG4nbMrjuIQkWBGBPryFCzjbEkokYGyVLKZZavaAtB20FC8PN8zOiMe88SMxMTmKk5tW
KZdhzcLxWDQxEWtf/QE1Lcx5Y9VNnfhyby7uWjDO5muLle8P5kGrIzepvG7aKDxz+1wMFfvW6gw4
er4KtS1dcFPIoJDLoJTL4K6UY2JKNLwJH249SbAEPiEkBdz5HKDCiWApFTL4e3mgrXv4PCNS72dn
h3RCyJbwAG/cuzgTSycl8+bZhPh54Z0nVuGhVzcQRev9bSdx/bRRThmA1xuM+HpfLnHdoolJ14hV
34AeR/Irsft0KQ7nVWBAb4BMejHBWgLzz093N4Ucv7puCm6bmzHs+5MyyhVy4WLDnb39xKZ9fG0H
AY4ECxhMbWAULBdPHrX11C/M3wv3LsnE8smpVnlTJrMZZfVt0OuNMBhN0BsHvwZ4eyJhiKEXwX5q
vPnYdbjp+c8Yp7P0aXXYcaoIN80cY7FNYudYQTXjPQ0M7i7+cNvsK8Qqp7QeT/x3M7r7BiCTSi/V
0v7SefeXrciA3oDXvz+MzORIjIwYuvicJBAhHG9BmWATvxK9hwUMPvnzKxqHfd3Vc7F0eutyd0L9
vXDv4kysmGKdUAHAV3tz8dW+nGGz5KOCfDF3fALmjku4opwiPNAbaxaOx7tbTjC+//6ccqcUrLMl
5D5T61ZMuiJBsr61Gw+9tuFSfIRN4b/JZIKMIY9K6DbETJASRgH+UhoADgWL9J/m6jEsUmfGqxnc
KkzGTTPH2LT1++FwPl7+5gDjmpqWTny0Ixsf7chGeIA3nr511qXTvzULx2PT0QLGD83p4lpotDqn
G+dWQPhwBvuqsTAz6Yq/23u21KKW4FKpBIHeHhgRNvxoNzEJFil+FebvBR9Pd96uz9nxAumksK27
zy5V5WLBYGB/E6dEB+OzZ1bjtrljbRIrk9mMf31/2KLvqW/rxuNvbsY3+88BGBTOuxYwj5wyGE2i
mJHHJWYz+cM5NS32Gq93AmFq87XXMeMv9ywcMlgPDAbsSeEEIQUrr3z4XRTA73YQEFCwAKC4llzh
7ay0dpPbj0ilEty7OBMfPn0zRoTangIilUiIo6KGwmQ24+1Nxy7l/8xKjyN+z8FzFRZfR8xUN3cQ
Z26mxl774UyODsaq6WmQsCyVuX/JREaRI3lXgHCCVVzTQmyjw+d2EOBQsIYK3F5NcQ25B7SzEsWi
z9X6NfPx8MrJnObVZFrZOre7bwB5P8ckg/3UxFYhR/MriRPAHQnSdhAAUmNChvz7P9w2BzfPGozp
DfWzlMkkkEgkePrWWXho+STGa7BpzieUYB1m4UVnxIfzagNnn4xgPzVx7+rKHpaKRVlSQjj3I+rv
WTQBgT6eFn9fgLcHUi9z72cSvKzuvgGnSl0hbQeVChnih/l5SSTAb2+ZiXeeWIVRI0KveE0ul2Le
uJH43+9uYnVQwcbDiggUZiwcaduvVimRnhDGqw2cJnAkRQXh5IXhBzsW1biuYHm4kQPS/SwSFC3F
x9Mdz941D4/9Z6NFHtC9izPhpvjl9pg2OhZvbz7O+D3l9e1OM1OxnZDOMDIikOgJj0+MxAdP3YjO
3v7BfvoaLUaE+VuUs0bq6+7vpRLksKNbo73kcQ9HVko073WNnL57IiFh+xD2BgAAIABJREFUrLyh
3WXbJbu7kZ8NfJXuTBkVg388tJR1j/YHl2XhltnpV/xdfHgA8WYsb2i32kaxQYpBWSISvmoVYkP9
MCY+zOIE2xqCYEVa0FLbFo4XVsNEmOAuRF0pt4JFmLqiNxhR0eg8N7UlqJRkseC6U8PlzM6Ix/tP
3ThsV1MACPLxxLN3zcODy7KueU0hlxGHelY0CD+AgS9Ip7NC9cQiCpYVhyrWQGoFLZEII1icbwlJ
FNe0DJvR68yw8W60Ov4ECxj8+Wz4y13IKavH1uOFKKxqhq9aBV+1O9Ljw3Dd1DTGzg4jwvwZB2k4
k4elkDM/ywUTLEJLbNJDhAtMZjOOnq9iXJMUFYwAwjwCLuBUsGJD/aBUyBizuotqWrGU+WDEKZHL
pFDIZdAz3Oh8bQkvRyIBxiaEY2yC5ac5cWH+2J9TNuzrFY3WzeETIwoZs4elt7JywRJaujTEe0II
wSqobEJnL3OX2alpMbzbAXC8JZRJpYhnyNgF6EkhE0IIli2MILQH6tPq0NThHDWjYvCwSNtBgF26
jK2wSQqeNnoE73YAHAsWQA68F7vwSaE7YVvIxykhl4wIJQ95dZZtISmGxVQQzhUtneRkY2sSgy2F
JFg+nu4YFTt0ThrXcC5YSVHM8anBfB3neApbCinwLnYPKzbUf9gSkotUOIlgkU4Bmzt7rS5oZwtp
GyaTSuHP8wSj9u4+YoeGKaNiBBuCwYNgkVPzXdXL8iB4WHwH3W3FXSlHmD9znpWzeFjRhK2WyWTm
/cSbJFi+av6KjC9y5HwVMX9PyDbZnAvWyIgA4lPYVRNISSeFfKY1cAUpjuUsgpXA4iS7rJ7fNA5S
0bMQQ21J20GpRILJo4QJuAM8CJaHuxKRgcxPp+Ja16wpJCWPin1LCIDYl99ZtoThgd7EKU+ldfwK
Vmcvs2DxPdDWaDLheAFzOkPaiFBe28lcDS959ImEOJarbglJMSw2vcPtDcnD6ukbIFb0OwJSiQRx
hNpOvj2sTg1pS8ivYOWWNRBbQgk9NYkXwSIlkNa3dRNHXjkjpMCkGeJvd0ASLACoqHcOL4tUjM67
YBE8LL5jWGzSGYTKv7oIPx5WJDnjvcQFt4VGQi2WTCLsuCZrYNOnq9FJcrGG68Zwkcb2HmLPd1sg
Bd39ePawSIIV6OPJ6pCNS+yyJQSAIhdMIDUTjlvYNn2zJ2qVEt6EmAXJM3AU2PR4I5Ws2AIppqlW
8TepqKmjhxijmzIqhnjAxjW8CFawr5q4v3bFOBbRwxJ4vpy1+BIEq5ujkWb2JjUmBFLCz+Qoj62h
Se1r2Ay4sJYj+WQhnjY6lrfrDwdvexCSl1XkgltCk5n5BiN9OMQCqUVKt40jzcSCl4cbRl/VgO9q
TrBou2ItxHpGC+YEWMres6WMr8ukUmSlRPN2/eHgTbCSCHGsioZ23jOFxQZpco5Q2cK2QjrGdpYt
IUA+Bbu8lTTXyIn1jPycKjd39uJk4fCNOAEgIyHcLlOSePSwmAVLbzAiv5KfH7RYIT2JHcXDIsWw
nGVLCLA7tudrYpC9PKxtxy8QH6722A4CPApWKotxPzml9XxdXpSQBIvv9rJc4e1BECwn2RICgyfe
pD5PfAXelYQCbIORnx3K5mOFjK9LJRIsmDCSl2uT4O0TEhPiRyzMPFviWoJFCro7wikhAHh7Msew
Op1IsCSSwdMwJi5UN6O+lfsBHKQWN3x4WHkVjYxNGoHBSUwhfsLNQrwcXh/pGQkRjK/nljfwFrAU
I6S0Bkc5JXQlDwtgty3ceuIC59dVKphLg/jYem8+WkBcs3xyCufXZQuvgjV2JHNXyz6tzqUa+pGO
oR0lhuVD8LC0OoNgLYSFICslmphisPU48zbKGvy9mLeirV3cJq3q9EbsOl3CuMbTXYnZY+M5va4l
8CtYLNrwnnWhOBYx6O4wW0JySQip04Aj4eXhRtwW1rZ0cR6TJc2TbOW4ZnN/bhmxZG7BhMQrxr8J
Da+ClRgZBA/C0acrxbFIhaRMAyDEhA9hSwg437Zw6STyNmgLx15WoA/Jw+JWsLYQgu2AfbeDAM+C
JZVKkB7HPAk2p8x1BKu9h9mF91PzP3WEC9Qqcv6NI3SesITpY0bAm5Awu/t0Caetk0kelkar4+z/
uaVLg+OF1YxrooN9MSae38nOJHg/RyfFsdq7+1DdRG627+iYTGZikJTv/kZcYWBxUELqie5oKOUy
zBvPfJTf26/Dgdxyzq4Z6M0sWAB3Xta24xeIIYtldvauAAEEK4NVHKuObzPsTmdvP7HVLN/9ubmC
jRfhbsc4B1+w+cBuPEI+ZWMLaUsIgLNuEZuPMdstlUiwjMW2mG94F6y02FBiApwrBN7be5hbhQCA
H+FUSCwMsNiGuCmdy8MCgDFxYYyTs4HB2kKuOpGStoQA0NZtu4eVX9GISsJMyczkKAT7qW2+lq3w
LlhKhQwphKx3Vwi8dxB6GwGOsyVk42HZ8ySJT5ZOSiau+Xz3GU6u5eulIqa6cJHaQMpsB+wfbL+I
ILUgY0cyJ5DWtXY5RVtdJjoIAXeAnHcjFlxZsJZMSiamn+w4VcxJbEkqkRCb9NnqYekMRuzMLmZc
Y+/cq8sRRLDGETLeAeBsiXPHsdq7mT0shVzG6vRNDLA5mXIjDHBwVMIDvDErI45xjd5gxDf7z3Fy
vQDCttDWGNaB3HLR515djiCCNSY+jPhUcvZC6I5eUkqDY2wHAbKHpZDLHCYJ1hrumDeOuOa7g3mc
pByQAu9tNm4JScF2QDzbQUAgwVKrlEiIZG7o5+xxrA5C0N1R4lcAMKBjLrtxc5AEWGsZEx9GbOzX
rdFiE4u6PBKk1AZbtoStXRocLyDkXoXYP/fqcgTrZ0Iq0ymrb3PqSTqkU0JHiV8BQN8Ac8a+WLYP
fHLnArKX9cWes8S+UiRIrW1abdgSbjvBIvdKBKkMlyMawTKZzcgtaxDIGuEhBd0dycOqbelifN3T
QWJxtjArIx4RgT6Ma2pburA/x7ZE0gCCh9Xe3UfM7xuOzUfJfa9cV7AIJ4WAcyeQOtOWsJLQLyky
iPmD7AxIJRLcNjeDuO4zG1McAggxLIPRZFWbmfOVTahoZJ4fKZbcq8sRTLACvD2ISXfOnEBKqiN0
pC0hKckwNsRPIEvsy4opqcT6wnNlDTb1fCdtCQHrynO+P5hHXCOmYPtFBO3JS6orLKxqdtrBFH1a
5hlzpEk0YqGzt5/YiSHGRQRL5abADTNGE9d9tst6L4tVtruFJ4XNnb3YfrKIcY1aJZ7cq8sRVLBI
dYV6gxH5PE0gsScmk5kYfHWUk7UqFoXqriJYAHDL7HRiofe+nDKrWygHsvGwLDwp/Hz3WegJDRbn
jxdP7tXliMrDApxzW8im+6ajdDcg9fsGgJhQ1xGsQB9PLMxMZFxjMpnx+Z6zVr2/h7sS7oQkXEuS
R7v7BvDDoXziuuunjWL9nkIiqGBFBfkSXVxnDLyzESwxPs2GopIQqPVwVyKIxTbGmWCTSPrD4Xyr
y8/8CV6WJc0Sv91/Dn0DzOGJcYkRSI0NYf2eQiL4XClSesO58kanG0xBcr8Bx/GwyuqZBSs2hPlg
xRlJiAjApFTmKcg6vREfbs+26v1J8wnZ5noN6A34al8Ocd3dCyewej97ILxgsRhM4WxxLHYelvgF
y2gyEUuoXCl+dTlsvKwfD+ejqaNHAGuGZuORAmJ6TWJkILF/vT2xg2CR87GOnK/k3xAB0bM4+XQE
D+t8RRM0WuYsd9LEb2dlUmo0kgj/dp3BiA+2nRLIoisxmkysTivXiNi7AuwgWCMjAokxjmM8TdK1
F2w8LFKTQzFw4kINcc3E5CgBLBEnDy2fRFyz6WgB6tu4H7pKYmd2CfG64YHemE9oA21v7DIbfTLB
5SysbmbVodNR0LMYKe4QgkUYUuDnpUJipGt6WAAwY8wIYrDaYDTZxcv65KfTxDV3zh8n+tmYdhEs
0h7ZbAaOFziPlyVj0WqF66GYXNM3oCfGFjOTouDEXWVYsXYZ2cvacqyQWI/JJUfyK1FS18q4xt9L
hZVTxJnKcDl2EayJKdFEJT/qRNvCsABv4hrSDWVvzhTXwWBknlydleK628GLTEmLwRjCaDujyYT3
tp5k/Z5mwimghPCU+JiFd7V6ToZDzMW0i2B5e7ghjdBP6HhBtc2tOcSCl4cbQvy8GNeIXbAOniN3
HchKYT7adxXWsohlbT95gVUSLkCuFfRwUwz72rnyBpwhdPP1cFfippljWNlib+wiWAAwJZV5W9jZ
24/CqmaBrOGfkZEBjK+X1IpXsHR6I3adLmFcEx3ii1B/ZlF2FSamRJHbKZnMrLysLo2WmOjJ9P/+
0Q6yd3XD9DSHqWW1n2CxyPU4kl/JvyECMTKCueNqRUM7jCbmLZe92J9bRmyuOC0tVhhjHIS1K8he
1s5TxShvYE7EbWBxojhcyKG8oR2H8pg9Y4VchtvmjSVeQyzYTbCSY4LhS+hj7kzpDSMJLaJ1BiOr
wmJ7sOU4eQzU4izy+CtXYnxiJDKTIhnXmMxmvLvlBOOa+jZyoml4wNAe1ic7TxOb+y3JSnaoUiq7
CZZUIsFkQjnD+comi+qkxExCOPOWEABKRRjHYtP3Oy7MHynRzLMnXZG1KyYT1+w5U8IYv2xsZ/aw
5DIpgnyvbbLX1NGDHYQWMlKJBGsWjCfaKCbsJlgAOR/LZDbjOCH3x1GICfUj5loVizCOtfU4ue/3
UpG10RUL6fFhxBpDsxl4Z/PwXhYp2TPEz2vICUWf7z5LPNWdlRGPaAer/bSrYE1KjSHm7RzJd45t
oUwqRWyYP+OafWfLBLKGHWYz8P0h5s6UUokEiycmCWSR48HmxHB/ThkuVA99wFRGGHs/1HawW6PF
D4fPE69790LH8q4AOwuWv5cKyVHMW4nDeRWiDUZbSiIhjlXV1IHsolqBrCFzrKCK2HhuQnKk6Pp+
i4m0EaGYNjqWuG4oL6tPq0MOYTBL+BCDML7al4t+wsliZlKkaFvIMGFXwQLI28IujRani52jRxab
k1E2vbaFgl3f71QBLHFs2NQYHsqrwPnKpiv+7sSFGmJrotSYKx/4Wp0BX+/LJV7v7kXiLnIeDrsL
Fpu+0XvPlgpgCf/MyoiHj6c745p9OWWiqKNs7ujFobwKxjW+ahXmjksQyCLHJSU6GDPTmcfbA7jm
xJBNWs+Uq9JJvjtwDl2Eg6rk6GCHTfK1u2ClRAcjjJBwuD+n3Cmy3pVyGZZPYfZIDEYTNh4hxx/4
5ofD+cRg+/LJKQ5RtC0GHlo+iUW8tvKKWNZRQvw2Pjzgis9OT98A/redXFi9xgFjVxexu2ABwOyx
zE/p1i4N8sqdo6nfqmlpxDU/HM63q0AbTSb8SAjaSiTAqhnkfwtlkMTIQMwh3OcALmW/F9e2ormz
l3Ht1bGxD3ecQjchwTcqyNehvWJRCNYcFtvCPWecY1sYHeKLCYSEwvrWbhw/b790joPnKoj9xzOT
o4hzJilX8tCyrCFTEC7n4LlyFNe04DBhOw4A00aPuPT7po4efMUidnXngnFEG8SMKARrTHwYcWDk
PieJYwHAqulkz+T1DYdZNf7jg+8OkIPtN7KYx0e5krjwACwgTNgxm4F3t54gTrbx9nBD+mVdIf67
8Thxpmewr1p0o+ctRRSCJZVIMCuD2ctqaO9BgZMUQ8/OiIc/YTR9eX0b3tl8XCCLfqGmpRMnLzB7
d4E+nqyCyJRruW9JJtHDOZBbjoZ25pKcyaNiLrVoKqlrxfYTF4jXXrtikkO0kGFCFIIFsNsWOouX
pWARfAeAT3edsWnMuTX8cOg8sf5s5dRUyKSiuXUcihGh/phDiCGxCV9Ov2w7+MaGI8SYZ0JEAJaJ
cPS8pYjmrpuQFAlvwpH/HicRLAC4Yfpo4ofeZDLjuY92YkBvEMgqYGd2MePrUokE17M4OKAMz31L
Mm3qzOqrVl3akZy8UMOq2eWj109z6NjVRUQjWDKpFDPGjGBcU93UibJ65lIFRyE80Bu3zE4nrqtu
6sSbPx4VwKLBYvNGwlZkalos7XtlIyMjAjEznbyjGI41C8fDXSmH2Qz8e8MR4vrMpEhMSRPv6C5L
EI1gAWB17Ossp4UA8KvrJiM6mHzS9tXeXGLXSC7YTWjSB9BUBq64f0mmVd/n7+1xqTvozuziYWsQ
LyKRAI/eMM2qa4kRUQnWpJRoxnavALDbiQTLTSHH+jXzia66yWzGM+/vYN1S11pIW25vDzdMJnSK
pbAjOTqYVY3h1dyzaALclXLoDUa8uZHseS/MTHKq1j+iEiylQnZFbslQlNe3oZDwVHEkxsSHser4
2NKlwQMvf8db7/fC6mZiofOsjHjIZaK6ZRyaB5ZmWRTLCvZV44bpg+kkX+zJIf68lHIZHl5J7snl
SIju7mNTW7j5aIEAlgjHwysmIzaUPOK9vacfD726AQVXFclyAZvtoCNnSIuRUbEhFh1g3LN4ApQK
GZo6evD+NnI/+JtmjUE4i4lNjoToBGv66BHwcFcyrtlxqthuSZV8oFTIBreGLIZYdmu0WPv6Dzhb
Ws+pDaTYoJeHm0tPdeaL39w4HeGB7ETlYmXBK98cJLaP8fJww32LrYuTiRnRCZa7Uk4cl92t0eJg
LnnslCORNiIUd84fx2ptn1aHR/79I3ESM1uKalqIgz1njImDghY6c46HmwLr75rPamv4/Me7sCu7
BHtZNHq8Z1EmMU3IERGdYAGDXQBIbD5GHozgaKxdPgkZhPFQF9HqDHjkjY3459cH0Nuvs+m6bE5e
6XaQP8YlRuDWORnEdS1dGvzlk93EddHBvrh1DjllxhERpWBlJIQTC2uPFVQRB0w6Ggq5DP/+9QqM
GxnBar3JZMbX+3Kx6tmPseVYIasM6aHYfYY5fuXpriT2JqfYxq+um4KYEHIcs1/HvBUEgN+unum0
3rAoBQsAlk9h9rJMJjO2saifcjQ83JX49yMrLRKI9p5+rP94F+5/+VuLB1mU1LWimjBebMaYEbTv
Fc+4KeR4/u75Npc8zRmb4NSpJ6IVrKWTkon5SZuPOt+2EBiM47368HLMGGNZgXFuWQPu+L8v8eIX
+1gLF90Oioe0EaF4aHmW1d+vclPgyZunc2iR+BCtYIX4eSGTcCpV0diOfIGLg4VCKZfhn2uXII4w
aedqTCYzvj+Yh9v++gVu++sX+GzXGRTXtg5bHHvyQg3j+3m4KTBlVKxFNlCs5+5FE4j90objvsWZ
CPFz7rIpub0NYGL55BTiSdimowVIGxEqkEXCsvloIXGUORPFta0orj0MYDAONTouFElRQQj08USA
twc83JQoIXhi00aPcPiWJI6EVCLBC/cuxK0vfIHOXva9/WNC/HC7A42ctxZRC9bssfFQq5SMp2C7
TpfgqZtnOt2H6uj5Krz4xT7O3k+j1eF4QTVxivPVWFM+QrGNIB9PPLdmHh5/czPr73l69SynDbRf
jmi3hMBgIHLBBOYOjT19A8RTLkejqKYFv393myjmMZoBbDiUjw93ZOPHw+dxJL8SzR3MvcYpttE/
oEefVg+1ijmB+iLzx4/ExBTXSOoVtYcFAMsmp2ADoV3s57vPYklWskAW8Utjew8e+88m9BEymYVA
IgGe+3DnkK+lRAdj+ZQULJ6YDC8PN4Etc06Ka1vx0Y5sHMgtt6gHmkIuQ3ffALwF+jnoDEZUNXWg
rqULje29aOroQVNHL7r7tPD2cEdydBAmpcZgZESgTX2/hkJiNot/ftYNz31K7FTw1uOrkGllsFIs
9PQN4L6Xv0M5i55fCrkMWSlROJpfZdcJO57uSjy0PAurZ2ewKi2iXItOb8Q7W47j011niKPVhsPH
0x23zE7HzPQ4JEUFcWKX0WRCdXMnyuvbUVbfdulXTXMXK+8/MykSr6xbRiy1swSHEKzPdp3B698f
ZlwzJS0G//71SoEs4h69wYhH3tjIalS9RAL85Z6FWDwxCQWVTXjpq/28FERbQmJUEF56YDGr/l6U
Xyita8Pv39uGykbuWgcF+6kxLS0WMSF+CPL1RLCvGsG+agT6ekIpl6FvQA+NVgdNv+7S117t4O9b
OnsvCVNVUydx8jSJpKggvPHISvgThsywxSEES6PVYcnv/weNdvjgu0QCfP3n2xEXHiCgZdzxl092
YxPLLhS/um4K7rls1LjZDBwvrMLmo4UWbye4xFetwn9/cz0SIwPtcn1Ho7i2FWtf/Z44S5BLpBKJ
4B55ZJAPPv3Dak5CB7L169evt90kflHKZejSaHGuvIFx3YDe6JDTXL7Yk4OPfspmtXbV9DQ8umrq
FX8nkfwyIHP1nHREBfnAYDShrbsPeqNwgXutzoBdp0swJS2GOLbN1dFodVj32gbi/EeusYd30t03
gBA/NUbF2p5+5BAeFjA4KHLFMx8z7p0Vchk2/+1uBPp4CmiZbRwvqMaj/9nIKnYxbXQsXl23nHWs
yGQy40JNC3JK63C+sgnNHb1o6dKgubOXOMPOFqKCfPHln2+Du1L0Zzp24/fvbWfVg8xZmJ0Rj3+u
XWrz+zjMHRXi54V54xPw06nhp7roDUZ8vS8Xv7puioCWWU91Uyf+8P52VmKVGhOMF+9fbFFgWyqV
IDUmGKkx17bI7e4bwHV//hjdGq1FNrOhpqUTn+8+i/us7Fvu7Gw6WmCVWKXGBKO0rs0he8FxtQ0V
dR7W1dzBol/U9wfziM3NxEBP3wAe/+9m9LCIX4QHeuP1X62AitDv3hIO51VYJFaWFj9//FM22rr7
LDXL6TEYTXjbggG5MSF+WLt8En58YQ0++cNqvP/UjU7Vo91SHMbDAgZzf8YnRuJ08fAnad19A9h4
pACrRdwPyGQy448sh0qoVUpOT1mAwQ4Nf/tsL6u1/t4eeP7u+chKiYamX4cdp4rw4fZsNHcyJ4/2
Dejx9qbjeOaOOVyY7DScKqphlXgbE+KHP9w2+5q6wtTYEHzyh9XYfKwAb/541GEeClzVODqUYAHA
HfPHMgoWAHyx9yxumkUeVGovXv/+MI4VkIdfSiUS/N/9i1n1SWJLb78Ov317K6uTxIhAH7z52HWI
DPIBMNh296aZY7A0KxlPv7ud+G/YePQ8Vs9JR7yDntzywT4W3UJHxYbgvSdvHLbcTCIBVkxJxaLM
JOw+U4IDueU4VlCNPoZTdFtRyGWICfFFQkQg4sMDEB8eALPZjBe/2MeqL911U8mTztngcII1LW0E
YkP9GPNW6lu78d2BPFaDSoVm09ECfLHnLKu1j66aiimjuOttZDYDz374E7EdMjAoVh/+7qYhPTsP
dyVeWbcMq1/4HNXNw/fSMpnMeGfzCfzjoSU22e0smMxmHCC09larlHjx/sWsamOVChmWZCVjSVYy
9AYjThfX4VBeBQqrmtHc2Tt4SmxhvEshlyHM32tQlCICLolTTIjvFQ7AqaJa/PbtLay63Y6JD0Mi
R8msDidYEglw29yx+L/Pmbc072w5gcVZyYKVK7DhXFkD64LmpZNSWMXsLOHtzcdw8FwFcZ27Uo5X
1i1j3IYqFTI8dsM0PPnWFsb3OpBbDo1WB08Os50dlbzyRuIWbtnkFNZDKS5HIZdhUmr0NY0fuzVa
tHZp0Nrdh7buPgzoDPBwV8DTXQkPdyU83ZXwdFfAw00JT5WSVaxy24kLeOHTPazEUCqR4LFV3A1y
dTjBAoBlk1Lw1qZj6OgZvv1Gt0aL97acwJM3zxDQsuFp6ujBU+9sZfVDHj0ilPPYzw+H8/HBtlOs
1j5zx1wkRJC3cTPT44gxRaPJhJzSekxNi2VrqtNynEUYYE4Gt80SvT3d4e3pzklCdZ9Wh5e/Ocg6
wRkAHlk1FenxYTZf+yLiDPIQUCpkWD2b3LT/2wPniO1/hUCrM+CJ/25BO4sAabCvGi+vW8ZpS+JD
eRWsPbtbZqdj8cQk1u/9+I3kp+eR/ErW7+fMVBHuRT8vFeshJEJzrqwBt/71S4vEaklWMutJUGxx
SMECgNvmZiCIkCBqMJrw+veHBLJoaMxm4LmPdqKopoW41k0hx8vrlnGaJZ5f0Yg/vMcu1ys9PgyP
32hZi93k6OBLQfnhOHmBXB/pCvQNMMd70uPDRVdA3tuvw7++P4z7X/kOda3k2OdF0uPD8Kc753Ju
j8MKlspNwSpB9OC5CmIbYD55b+sJVn3TAeDZu+YNmeRpDSazGV/sOYuHXt0ArY58Ihjg7YGXHlxi
1Sh6UmVBU0ePxe/pjPQPMP8cPDjMs7MVg9GEr/fl4ro/f2xxF4mslGi88chKXgaXOGQM6yJLJ6Xg
6325KKxuZlz32reH8PmfbiUOteCavWdL8d7WE6zW3rNoAhZmMjcrZINOb8TWE4X4fPdZ1h0AFHIZ
XnpwCdFjHQ6SyNmrGFtskEZ0iaWUaX9OGf79wxGrwilLspLx7F3zrHrwsUEc/0NWIpEAT948A/e/
/B3jupK6Vmw8ch7XT0sTyLLBSvznPtrFalbgjDEjsG7lZKuvVV7fhuOFNThRWI0zJXUWZfpLJMBz
d83DWBtiJ9b2cHI1SJ4ul5UMltI/oMeeM6XYcCif2GRgONYsHI9fXzeV86Z9l+PQggUMDl2dN34k
sTbrrY3HMGdsAnwEGN/d3tOPJ/67mZVwxIX546/3LrTI+2vv7sOJC4MCdaKg2qaK/1+tnIJFFgTZ
h4KUOCi0ZytWWjuZ/5+E9rDMZiC3rH6wtvFMqdWJpyo3BX57y0ysmMJNcigTDi9YAPDo9VNxMLec
sSi0vacff3x/B954dCWvHyC9wYjfvbMVje3kuI23pztefXg5sSOjwWjCmZI6HDtfhROF1Sipa7V6
yvPl3DhzNO6+rK+WNVQ3d6KGkIjK1/bA0ejVMteN1jR3wmQy8xp4r2hsx6kLtcguqsXp4lp02Vj8
njYiFC/cu4A4qZ0rnEKwwgO9cevcDHz802nGdScKq/HWxmO8dnPrOSLOAAASSklEQVR46cv9yCmt
J66TSaX4+4NLhj1ha+3S4Eh+JY7kV+J4YQ3nZRczxsThd7fMsuk9jCYT/vbZXpA6FLnCNBcSBqOJ
uHXemV2C0ro23DF/HNJGhCI21M/qh2ufVoeKxg5UNrb//LUD+RWNrMpo2CCVSnD/kom4b0mmoCVw
TiFYwOAQyc3HCom5Th/9lI1RsSGYlRHPuQ1f7s3BxiPnWa198ubp1/SgN5nM2HysAN8dyMOFmmZO
vKihWD45BX+8fY7NT/KXvz5IrOsEAHeF09xmVsN2217e0I6/fLIbwOBWKykqCHFh/vB0V0LlpoC7
UgGVm/xSq+Pefh16+wcufe3SaFHd1EksTreFEaH+eHbNPIy2wzxQp7mTPNyVWLdiErELwWBe1C58
8gd/TouKTxRW47Xv2OV8XT8tDTfPurLO8ej5Krz+/WFWAyisxVetwh9vn4M5Y20X6w2H8vHtgXOs
1iqpYKHFitFo/QN65JTWs/LYhcDPS4UHl2Vh1fQ0uzUWcKo7aeXUUdhyrBC5ZcynHBrtYMeCj35/
Cye5L4ODBNglZ45NCMfTt866wpY/ffATDuWRa/ysxcvDDaump+HO+ePgq1bZ/H5niuvwj6/2s14v
E1kypD3g0+PhG6VChtvmjsU9iybYvSbUqQRLKpHgpQeX4Pa/fUncGpY3tOP5j3fh7w/a1kmgsb0H
j76xkVUjvjB/L/zjoaWXgtDdGi3Wvf4Dqyx4a4gK8sXNs8dg5dRRnCUl1rd143fvboPBgl7xYsve
tgfNhBNCMSKXSbEwMwnrVkxCqD83/axsxakECxgc8/3SA4ux7rUfiLPT9pwpxSvfHMQTN82wKnek
W6PFr//9I6unp8pNgVceXg4/r188nJe+3M+pWKncFBg3MgJZKVHISonmvA9Vl0aLJ/+7BZ29wxed
D4VUpH3JhKTFgTysuDB/rJw6Ckuykq+4X8WA0wkWAIwbGYHf3DgNr3xzkLj2y7056Oztx3Nr5lt0
/N7Q3oOn3trCKptcIgGev3v+FeOvjuRXYmf28P3p2TDYsz1kUKCSozE6LpS3E7mimhY89dYWNLBI
17gaGc3DEv2W0MvDDXPHJWDl1FF2CaazxSkFCwBunZOB85VN2HGyiLh2+8kitHRp8Oxd8xAeQO5F
dLygGs98sIN1DssDS7MwZ+yVbUP25zA3chuOIB9PzEiPw6TUaExIjBRkTPy2Exfwt8/2Wl1iQ7eE
QIvItoQqNwUy4sMxISkSE5IikRId7BA/J6cVLAD40x1zUVbXhpK6VuLa7KJa3Pz8Z3hw2STcOCNt
yGTO+rZufLLzNDYczGc9BWRhZiIeWJp1zd/nsix/kEokSI0NwbS0WEwbHYukqGBeSx8ux2gy4fXv
DuPLvTk2vQ/NdCd7WOnxYZDJpLhQ1Yw+joeoKBUyRAf7IjrYD8nRQZiQGInU2BCHTOh1asFyV8rx
z7VLceeLX7EKimt1Bvx7w2G8t/UE5o5LQGJkILw93NHY3oOCqiYcya8ixsUuZ2JyFNavmX+NwOgN
RlQ0kNMXVk1Pw9oVk+FvhzhCeUM7XvpyH84U19n8Xo7w5OYbkoc1Mz0Ody0YD5PZjMrGDhRUNqGg
qhl1rV3QaHXo0+rQN6Af/KXVYUBvgLtSAS+VG9QebvBSKeHt4Q4vDzf4eLojMsgHMSF+iA7xRai/
l9M8NJxasIDBMdl/vXchHn9zM2uvqH9Ajy3HCm26bmJUEF5eu3TImJJCLoOfWoV2ho6pAHDsfBXG
J0Zizth4wbLFyxva8f7Wk9h9uoSzWXJiHQYiFN0aLXE7HeSrBjDojcaF+SMuzB/LJqcIYZ5D4fSC
BQBT02Lxl3sWYP3Huyw6jreW8ABvvPHISsYawdTYEBzOq2R8n4b2HjzzwQ74eamwfHIqVk1PIzbL
sxZbhMrDTcG4jXF1D4tNSkOwr+NMK7cnLiFYALBoYhL8vTzw1DtbeR2HFB3iizceWUnsGnrzrHSi
YF2ko6cfn+w8jU93ncb4xEiMiQvDyMhAJEYGIirY1yp3X6c3Iqe0HscLq3C8wPqC6nEjIxDo44Gd
2cN3y6CCRT4hDPZTC2CJ4+MyggUAE1Oi8P6TN+A3b27m5Zh5VkY8nr97Pqts4CmjYjAmLsyi3kNm
8+DhQHbRL/V7bgo54iMCkPizgAX6qOGukMNNKYO7UgGz2Yz2nj60dg1OTWnr1qCmuQs5pfU2N9a7
dU4GfnPjNDz/8W7Gda6e1sAmByvIhwoWG1xKsIDB2NLnz9yKf3y1H7sIPbTYIpVIsG7lZNy9cIJF
J3gvPbgYd/7fVzZN7x3QGwYDtJVNVr+Hpbgp5PjTnXMvDasgbSFdPXGUtCX09nATTbdRseOSd5Kf
lwovPrAYrz68DMG+tj3ZUmND8P5TN+KeRZaJFTA4Iee1X60QpKkgV4QHeuPD3910xWQdUg2ls5xQ
WQvJwwqy8R50JVxa1meMiUNmUhQ2HyvAj0cKUGxBmcyY+DDcv2SizZOZU2OC8ekfV+O5D3firEiq
8odjYWYinl49C95XCSzZw3JtwSKFH2x9aLoSLi1YwGDG782z0nHzrHQU17Rgx6ki5JY1oLmjF209
fdDpjZBIgMhAX4yMDERSVBCmpMUgJZqb6TbA4KniO0/egM92ncV7W09Y1JNdCGaMicNDy7OQNMy4
cRMhN83VuzWQtoQ04M4elxesy0mMCkLiVR/K/gE93BRy3r0EqUSCuxaMw/LJKdh45Dw2HMpHfVs3
r9ckMWPMCDy4LAvJBHE2kraELh7DIm0JaUoDe6hgERB6komflwp3L5qAuxaOx7HzVfjuQB6O5Fdy
lsRJQiGXYfroWNy9KJP1jEQawxoevcFI7G5BY1jsoYIlUqQSCaamxWJqWiwa23uw92wZzlc2oqSu
DVWNHRaVCJGICfHDpNRoTEqNxvjESIt7ZxnNdEs4HC1dGmJ+G41hsYcKlgMQ6u+F2+ZmXPqzzmBE
eX0bimtbUVLbipK6wa+k7hHenu4I8vFEsK8aIf5qjIoNwaTUGISJpDmbM8KmSwPdErKHCpYDopTL
kBwdfE1sSac3ol+nx4DOAK3OAK3eAIPRBB9PNwT5qKFU8FOPKJcyv68Q5VBihWa5cwsVLCdCqZAN
ipLAD2xSmxJXFixSwF0pl3HSZ99VcO3jGwonkARLbxx+wK2zQ0ppCKTbQYuggkWxGVLrG1f2sJoJ
471owN0yqGBRbIZuCYeHnINFBcsSqGBRbIa4JTS47paQNPGZBtwtgwoWxWaohzU0JrMZTYQtYZAP
jWFZAhUsis1QwRqa1k4N0bsMC6A5cJZABYtiM6Sgu6ueEta2dhHXsBkrR/kFKlgUm6Ee1tDUt5KL
18MD+enR76xQwaLYjJzQjcFVBauO4GGpVUp4CzAI15mggkWxGephDU0dwcOKoN6VxVDBotgMMXHU
RdMaSP3MIgJp/MpSqGBRbIZ6WENT18K8JaTxK8uhgkWxGSpY16LTG9HazZw0Sj0sy6GCRbEZWvx8
LfVt3cTGfREB1MOyFCpYFJshCZbZTG6j7GywS2mgHpalUMGi2Awp6A643raQlDQqkdCkUWuggkWx
GZKHBbjetpB0Qhjo7clbB1hnhgoWxWbYCJareVjkE0LqXVkDFSyKzZB6ugMuKFjEHCwacLcGKlgU
m5HL2XhYrrUlJHlYNKXBOqhgUWyGTdBdqzMIYIk46NZoodHqGNfQpFHroIJFsRkvFbmAt7tvQABL
xEEti5SGCHpCaBVUsCg2w6bjQDdhyKszUc+iD1ZEEBUsa6CCRbEZLzaC5UIeFqlLg0IuQxAdPmEV
VLAoNqNyUxDjWD19ruNhkfpghfp5QSqRCGSNc0EFi8IJJC+rW0M9rIvQHCzroYJF4QRSHKvbhTws
Uh0hTWmwHipYFE7w9nBnfN1VYlgmsxkN7TRplC+oYFE4wduTbgmBwdH0pKx+uiW0HipYFE4ge1iu
sSVk01aGeljWQwWLwgnEoLuLbAnZzCKkMSzroYJF4QRS0L3HRRJHSW1lPNyV8PFk9kYpw0MFi8IJ
3oQPoat4WKSi50jqXdkEFSwKJ5A8rAG9ATq983dsILWVoUXPtkEFi8IJXoSgO+AagXdi4z5a9GwT
VLAonMCqANrJt4VanQFt3X2Ma2jA3TaoYFE4gXZsAErqWolraEqDbVDBonACKegOOP+WsLCqibhm
RJifAJY4L1SwKJzARrAa23sFsMR+FFQ1M77u7eFGPSwboYJF4QSlXIYAbw/GNbUtnQJZYx9IgpUS
EyKQJc4LFSwKZ0QF+zK+Xt3svILVP6BHZUM745rUmGCBrHFeqGBROCMqiHm7U9NMLltxVIpqWmAy
mxnXUA/LdqhgUTiD5GHVt3XDZGL+UDsqOaX1xDXUw7IdKlgUzogkeFh6gxGN7T0CWSMse3PKGF/3
91Ih1N9LIGucFypYFM6IDGL2sADgPIujf0ejqaMHBZXM/67xiZECWePcUMGicEZsiC9xuMLp4lqB
rBGOvWeZvSsAmD02XgBLnB8qWBTO8HBXIjEqiHFNdpETCtaZUsbXlXIZpqXFCmOMk0MFi8IpE5KY
tz6VjR1o7dIIZA3/1LZ0IbesgXFNVko0PNyVAlnk3FDBonDKBBaxmh8OnxfAEmH43/ZTxHSGOeMS
BLLG+aGCReGUsSPDIZUyx7G+3Z8LncHxe2PVtXZh6/ELjGtkUilmjhkhkEXODxUsCqd4uiuJ28L2
nn5sP8H8QXcEPth2CkYT84ScyaOiWdVZUthBBYvCObfMSieu+Xz3WRB2UqKmuqmT6F0BwJqFEwSw
xnWggkXhnOljRiCKkJNV3tCOYwVVAlnELXqDEc98sIPoXY1LjMDYhHCBrHINqGBROEcqkeDWuRnE
dZ/tPiOANdzz7w1HUFjN3JkBAB5YmiWANa4FFSwKLyyfnELsQnqysAZ5FY0CWcQNB8+V48u9OcR1
Y+LDkEmI5VEshwoWhRdUbgpcPz2NuO6vn+4hjnYXC6eKavHn/+1ktXbtskk8W+OaUMGi8MYts9Mh
lzHfYmX1bfj4p9MCWWQ9u06X4NE3NkKj1RHXLpucgokpUQJY5XpQwaLwRrCvGvPHjySu+2DbSZTV
twlgkXV8vS8Xz7y/A3oWuWMxIX54evUs/o1yUahgUXjl7kUTiImkOoMRj76xSXStZ+rbuvHkW1vw
z68PELPZgcGawRcfWAyVm0IA61wTKlgUXokPD8Ad88YR1zV19OBX//oRHT39AljFjN5gxP+2n8JN
6z/Dgdxy1t/3+E3TkRgZyKNlFInZ7MjpexRHYEBvwK0vfMGqp3tydDD+8+hK+KpVAlh2JXqDEXvP
luGdLcdR3WRZ//nFE5Pwwr0LebKMchEqWBRBOFNch4de+55VdnuAtweeWzMfU0bF8G8YBodj/HAo
H5uPFaKz13IPb8WUVDxzxxzIpHTDwjdUsCiC8Y+vDuCb/bms1988Kx2P3TAVbgo557a0d/fhWEEV
thwrRHZxrdVlQvcuzsTDKydzaxxlWKhgUQRDbzDiN29uxonCatbfE+TjicVZyVg2KRlx4QFWX9to
MuFceSOOna/C0fNVKKpptqmWUSqR4KlbZuBmFnWTFO6ggkURlP4BPda9/gPyrchwT44OxpKsJCRF
BSHQxxMB3p5Qq65sjNc3oEd9azfqWrtQ19qN+rYu1DR3IbesHr395BwqNni4KbD+7vmYM5b2uRIa
KlgUwenSaPHAy9+hnDB4lA1uCjkCfDygVrmhuaPXqhiUJczOiMdTt8xAiB+dgGMPqGBR7EJzZy/u
f/k71Ld229sUVkQE+uB3q2diKu3NbleoYFHsRlt3H/784U84WVhjb1OGxU0hx50LxuHeRZlQKmT2
NsfloYJFsStmM/Dl3hz858cj0OnF0zY5ItAHN8xIw4opqXbJCaMMDRUsiigor2/Dnz7cieKaFrvZ
IJVKMH30CNwwYzQmp8aAMGKRYgeoYFFEg95gxNf7cvHl3lw0dQhTVyiRAImRQZiZHofrpo5CsJ9a
kOtSrIMKFkV0mMxmZF+oxeZjBdh7tgwDegOn7x/k44ms1GhMSonGxJRo+HvRLZ+jQAWLImo0Wh12
ZZdg5+liFFQ2WZRLJZVKEOKrRnigDyICvTEyMhATk6MQb0MCKsW+UMGiOBT9A3q0dGnQetmvlk4N
+gb08PZwQ3igNyICfBAe6I1Qfy9iA0GKY0EFi0KhOAz08UOhUBwGKlgUCsVhoIJFoVAchv8Hq9Pv
6e4htUAAAAAASUVORK5CYII=

--===============3469735971051964561==--

--===============9101330922043716396==--