xen-doc-html-4.13.1_02-lp152.1.1 >  A ^/=„Op[Ew\^@0ەbUjjaL=B -X*6s9n^ Nx>^ZӨȘғ͎`MԘ3?3{w ԝ}wQZ2 ;"f̟҈}Hi X)R5=A<=fo}ihk0ac7W{ZB'tEep#vG"]0C mQ1\.-~.|T271fc41819a58187f059131d886b3a8c50fcf9dcd6799f556f641cc403b3fa1966bedf42056a1be2c9ebecdd1969b2f4fa419248^/=„Re3zh[r'X@>TxSۃF#ťXʝջGJ1;Q e7gӻ+]\/WeAd& 8/~!zA4X"X.tso5[-c×\䙄g l^8XrQ`Kw镾ZLR_QhG$B 4_PQ(s]2~]j)7ÛyPM}ܠfACZ|E=0]X1 >p9? d # J BHPMM M M M M M<MM>`MK(o8xV9"V::VG{MH|4MI}hMX}Y}\}M]M^ bc>defluMvCxen-doc-html4.13.1_02lp152.1.1Xen Virtualization: HTML documentationXen is a virtual machine monitor for x86 that supports execution of multiple guest operating systems with unprecedented levels of performance and resource isolation. xen-doc-html contains the online documentation in HTML format. Point your browser at file:/usr/share/doc/packages/xen/html/ Authors: -------- Ian Pratt ^build83 openSUSE Leap 15.2openSUSEGPL-2.0-onlyhttps://bugs.opensuse.orgDocumentation/HTMLhttp://www.cl.cam.ac.uk/Research/SRG/netos/xen/linuxx86_64ot9DA'&6@ 72/"B W 8` We $,76H"yjQ <3 "z768 H \xAAAA큤A큤A큤A큤A큤A큤A큤A큤^ ^^^ ^^^ ^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^ ^^ e171864f5cfbf7c7b3fecd9b9fbeb3da9e87f63a7284ee52eeed093f8ad303ecf53beaf653f26eae12ff7ced3bf0735dbedad0d8baf45d31e32d33e0b868bfa954e980d65bcde307bad2efeab9640ef5c720b4ebc78ac8cc1eb48bd6134a5280b3422df9c1ad850ce9b456e83713da51f123c2286cf1f9fd4eb97f57c3eca9adbd5267a76a14fe4153f4ca727fb99f1c0bec9e8ff77302865a83919fa74e2b8db80b94ff1a198b4d6e03dcc25f86a1b332a80cf36f7df4bba07c19d192059b2cf62b4090098e5d648e9a3e615874b2e5957a93990f652eefc831d37779ba91069dbe69397d6c3d3c6d88c564032ba62cb41a6b8260a73fd9d6513c186d64199f078f07651ae04fc86183bc953a94d4437042b3a3e5182bfd03e899ed64ce4bbdf80257ef0688b6b53ccd52a4bbd9279568b22b31211e95cb4c6e86b81614a381d344261e1861b09d9bb8bb11a3caa1fcf632c9edc2107b175ecd48555e9bc639cedae3c3f2231b4340cf00a139bde6f3d5f0d9195d0906b227ca38a45038459a577d188c5570ee8dbf5850e4fca7b4e224cdb2725ffa755194f366179c1fd1b4d0d772f13207e89e3a519af0404d8ce75c584d7df7408643215c771621cb44b2c226a811e7f3336b6b187387a4992afc47488312928731367189b2fa03d7adef70d0a0d37169adb67569317d91415a0bcdeaf0c7870a806bb55b70092e12003913a9c456e1d8e004ff68d58686ccc8dbb0ef298481c2dadcbf30c638c625218de466c9be077fa0ef0ced23a246e92d14cc0cc8fd757931079cf928689b544b326b03382516373fc9221dc98277ed58043f0d5b49a8cf0913e57e5e47220c2c96bc7abdb1f733000c2cd91b519cbf7c55d096115abfef000da14ac794739fe8f0fe7d4c19e4b15b9d82ce430eb0767c3242c24a77c9b8d8d050129e41b51eecb6ded3add1a44dd1298e13dbe706f9a303f3b2169e18eb7d8afa43d0464f4ace15f4ed1553120268d8adee7fe8bee780ff0f24d9870f3e5c1063306ee3cdee7800a889ffd9cdd9058e5d6074d2b55f6e8c45e34e178cda364908c8cccbc08dc565a1f487e81635586692892b1cac3f2b705eddb54a37582c7a0dd4a33fe1386a31ed213cfd37be4282486d5610a30bb9c6c55ea3aa6bac8552669dbb46aee375a5df5076c347e7cad2371f3dc0bc10c6877c8f5251a5a57ddc6c79e1f9b532f89f9b3fc4dd2d139ace9382e594c2c73439a9d4f100fc61c4e4f9294d4239776620fbf590c80aef40b7e6ab58cefe9e4351ef6afaa6bcaf4e55d7809df6392fdb96aadfa0507b89d930b9500c7a95869685253e2082a4d704ad9ab9a720307e4e19c225a529d78e1e1365a40264348cbbcd1ef716fa7d97d977cb93f42230a1825f4faf9f22847781296550c42f0955595f5f23eff9cf7b00ca27ee70988aaee9f7ec2154a382909b7652464c29ad603492e27c76bd7d0de3b5198d0867fe0a75ebd93bafe2e73cf681a88dca3217d79376c353ff4e1e5ecee8c41c70e11b8c9e2d188834c2a97f1edeb4cc8e0e61519c5f8559abb020373ab7886252b3809b0a1d976728897864907825a5a2538c25cd0aa407ba15e58bed9f42232379103f1ee46160242648729b430f01c57403535a4cd52e480fa8aeba2b6662bf636d14522c3e1b12a7de8ed88ffe79de11f77b2f77d6e814b4cd106cb06351b91959ea992e91b95599c26b803f2c8bfb407d7ea7de55a783c40780dcb7f993af187e4d4200a7cd1ffaf63b68eb2cc3c3d663847edfeeeed22d3b1039b423ec94b5198ad7daba0315ada992171ac097279a5924539c83bc431e243edc9efd772f673fd5301bc159111fcd005b864ab1f4b803e059590043471e04d0ac7ec96fe74dbf857c003a9b4163966919de58c0d14d493b5d7c6826e43bd61f2eda3c2a4a33fd26f285982fb97cc7b4730fc7c1c5289c87cc4d1dfe6184c7908079cfb34de8b6d4d200fa7a5cd899e7aab4589a5d0193118825ac5072abd29bfa809c3b3aa704ec1d432c80a00b3c661489ab62333993243951154c8ffe56cf475ebcb8a54982ecbd145cbe19ee58416bcf16a88f474895a8626db19ae5f3654c894d7337bcf72c1fc59037f947f713649a84322888eb75d9dad867249c4c135787affea14ee1cf2c50b4403362cc91e5249e9a32270b77e1d08f1217206215cbdcbd7b4f179b7787b056e065805b649e73f32af8d7b9fd0a5b317668d9ecd29a382e968e6466945103b1f10e378ccf028b0040d857506d6a2f9f9f7202547fb83347ebc6cf52cf4d3228d603a99a49af40bf7589771dd6810ba68ffd01c20c7d7743ec76891e07a4851f086e043731368850e313269ca98ab91c156529ac3b961a67f54a522ef093965d6be4431b21e9ec2fc3e6c70050a26c3c78777e5200cad4282b96411eb4c871e9845d2b4b1163c8f2f71b3f232161df132b103360ee3fb48495eabd71c2be87437b2d33715486da3e3443c567a5b9cb6b8f54c07b3fac562cc7f7d20c570e6df66605f996aa6d38f8234276f2b8fa5c54a10903b7fa29d49d6dbdae30ef984b372a6dbe9c2786b09c1d722ffa63f7cff6848a3b35a68d4fbd7770dfee8c9157c4151eb9d4bb2e16e25f710099b13ab6c7b0dec076e76d504e091cf2642a805ff778edfde8be1bff36fe3825f070a22662ca16c8b8dc1ee56c4c73c3e56dcee0baa814fe39770cc81f77c8321ff63ef984c549fd5a0833e146c7bdc1c2097fa2ba0315ada992171ac097279a5924539c83bc431e243edc9efd772f673fd5301be9845d2b4b1163c8f2f71b3f232161df132b103360ee3fb48495eabd71c2be87b12197383551282e41e308812a5107b7d3c4b1df2c7ae013816be1b56f451c3d372a6dbe9c2786b09c1d722ffa63f7cff6848a3b35a68d4fbd7770dfee8c915798394ef67fe837f917dc3f0101b89193414868cd6bd7c94ceb5ab3ccc7ed408frootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootxen-4.13.1_02-lp152.1.1.src.rpmxen-doc-htmlxen-doc-html(x86-64)     rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PartialHardlinkSets)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0.4-14.0-15.2-14.14.1^ϧ^x^@^@^^^{G^r @^j$@^g@^_@^Nt^K^=Q@^:@^0"@^@^@]]]N@]@]ʞ])]c@]@]@]@]]fl]fl]M`@]B@]/ ],j] ]@]@] ] ] #]]@\\ޢ@\ڭ\\@\@\@\,@\7\\N\@\\+@\\M\M\\\@\}@\k\X)@\J@\I\A\?\=@\9\73\4\$\l@[H[k@[@[^[^[ā@[@[@[9@[v[W[CN@[<[6@[0@[0@['[!@[5@Z@ZnZ@ZZZ@ZmZԐ@ZZZ@ZZ}@Z}@Z}@Z}@Zz@Zz@Zo Zk@ZV@ZS]@ZOhZ:PZ1@Z.s@Z&@ZOZOZ Z Z Z@Z@Z }ZC@ZYYYY|Y@Y{Y*@Y5YA@Y4YYYbYY@Y3Y@YJYJY@YYV@Y@Ym@Yw2Yp@YlYh@Yh@YS@YJ_YI@Y5GY0Y-^Y(Y"YY;@YYY@YtY.X@XQ@X@XۡXg@X@X@X@X @X@X@X@X@XXX@XXXwoXs{@XlXWXRXQ4@XEVX43@X.@X*X lX&X@XX@W@W֘W֘W^@WiW:Wt@W.@W9WW@Wk@Wi,@WbWZWZWZWYZ@WV@WEWBW=W;W3W1@W1@W,@W(W(W(W(W(W#LWVbV(@V3VJVxV'@VV2V͛@VŲ@V`VwVVV=@VV@VHV@VvV%@VV<@V@VS@VV@V^VwVqR@Vn@VXEVUVTQ@VMVMVMVA@V;DV9@V7P@V0V*!@V V@VCVVVf@VqV@UYU@U@UUݪ@U@UnU4@UUK@UU@UU>U@Ux&Un@U\w@U[%UUUPUKSU>$U6;U%@UU@UUU.@TgT-@TT@TZ@TZ@T@TT@T5T@TLTLT~@Tl@Ti@Ta@THT?@T=@carnold@suse.comcarnold@suse.comJames Fehlig carnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.deohering@suse.deohering@suse.decarnold@suse.comDominique Leuenberger carnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comMatej Cepl carnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comohering@suse.decarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.deohering@suse.deohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comJim Fehlig ohering@suse.deMartin Liška ohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comJan Engelhardt Guillaume GARDET Guillaume GARDET Bernhard Wiedemann carnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.deBernhard Wiedemann ohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comtrenn@suse.decarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.deohering@suse.deohering@suse.dejfehlig@suse.comohering@suse.decarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comohering@suse.deohering@suse.deohering@suse.derbrown@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.deohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comjfehlig@suse.comohering@suse.decarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comjfehlig@suse.comohering@suse.decarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comjfehlig@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comjfehlig@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.dejfehlig@suse.comcarnold@suse.comohering@suse.deohering@suse.deohering@suse.decarnold@suse.comohering@suse.dejfehlig@suse.comcarnold@suse.comjfehlig@suse.comjfehlig@suse.comcarnold@suse.comcarnold@suse.comjfehlig@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comjfehlig@suse.comcarnold@suse.comcarnold@suse.commlatimer@suse.comcarnold@suse.comcyliu@suse.comjfehlig@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comohering@suse.decarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comjfehlig@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.derguenther@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comrguenther@suse.comcarnold@suse.commeissner@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.deohering@suse.decarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comohering@suse.deohering@suse.deohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.com- bsc#1172205 - VUL-0: CVE-2020-0543: xen: Special Register Buffer Data Sampling (SRBDS) aka "CrossTalk" (XSA-320) xsa320-1.patch xsa320-2.patch- Update to Xen 4.13.1 bug fix release (bsc#1027519) xen-4.13.1-testing-src.tar.bz2 5eb51be6-cpupool-fix-removing-cpu-from-pool.patch 5eb51caa-sched-vcpu-pause-flags-atomic.patch 5ec2a760-x86-determine-MXCSR-mask-always.patch - Drop patches contained in new tarball 5de65f84-gnttab-map-always-do-IOMMU-part.patch 5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch 5e15e03d-sched-fix-S3-resume-with-smt=0.patch 5e16fb6a-x86-clear-per-cpu-stub-page-info.patch 5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch 5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch 5e21ce98-x86-time-update-TSC-stamp-after-deep-C-state.patch 5e286cce-VT-d-dont-pass-bridges-to-domain_context_mapping_one.patch 5e318cd4-x86-apic-fix-disabling-LVT0.patch 5e344c11-x86-HVM-relinquish-resources-from-domain_destroy.patch 5e3bd385-EFI-recheck-variable-name-strings.patch 5e3bd3d1-EFI-dont-leak-heap-VIA-XEN_EFI_get_next_variable_name.patch 5e3bd3f8-xmalloc-guard-against-overflow.patch 5e46e090-x86-smp-reset-x2apic_enabled-in-smp_send_stop.patch 5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch 5e4d4f5b-sched-fix-get_cpu_idle_time-with-core-sched.patch 5e4e614d-x86-spec-ctrl-no-xen-also-disables-branch-hardening.patch 5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch 5e5e7188-fix-error-path-in-cpupool_unassign_cpu_start.patch 5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch 5e7a371c-sched-fix-cpu-onlining-with-core-sched.patch 5e7c90cf-sched-fix-cpu-offlining-with-core-sched.patch 5e7cfb29-x86-ucode-AMD-fix-assert-in-compare_patch.patch 5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch 5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch 5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch 5e846cce-x86-HVM-fix-AMD-ECS-handling-for-Fam10.patch 5e84905c-x86-ucode-AMD-fix-more-potential-buffer-overruns.patch 5e86f7b7-credit2-avoid-vCPUs-with-lower-creds-than-idle.patch 5e86f7fd-credit2-fix-credit-too-few-resets.patch 5e876b0f-tools-xenstore-fix-use-after-free-in-xenstored.patch 5e95ad61-xenoprof-clear-buffer-intended-to-be-shared-with-guests.patch 5e95ad8f-xenoprof-limit-consumption-of-shared-buffer-data.patch 5e95ae77-Add-missing-memory-barrier-in-the-unlock-path-of-rwlock.patch 5e95af5e-xen-gnttab-Fix-error-path-in-map_grant_ref.patch 5e95afb8-gnttab-fix-GNTTABOP_copy-continuation-handling.patch- spec: Remove invocation of autogen.sh - spec: Recommend qemu-ovmf-x86_64 to provide UEFI firmwares- bsc#1170968 - GCC 10: xen build fails on i586 gcc10-fixes.patch- bsc#1169392 - VUL-0: CVE-2020-11742: xen: Bad continuation handling in GNTTABOP_copy (XSA-318) 5e95afb8-gnttab-fix-GNTTABOP_copy-continuation-handling.patch- bsc#1168140 - VUL-0: CVE-2020-11740, CVE-2020-11741: xen: XSA-313 multiple xenoprof issues 5e95ad61-xenoprof-clear-buffer-intended-to-be-shared-with-guests.patch 5e95ad8f-xenoprof-limit-consumption-of-shared-buffer-data.patch - bsc#1168142 - VUL-0: CVE-2020-11739: xen: XSA-314 - Missing memory barriers in read-write unlock paths 5e95ae77-Add-missing-memory-barrier-in-the-unlock-path-of-rwlock.patch - bsc#1168143 - VUL-0: CVE-2020-11743: xen: XSA-316 - Bad error path in GNTTABOP_map_grant 5e95af5e-xen-gnttab-Fix-error-path-in-map_grant_ref.patch - bsc#1167152 - L3: Xenstored Crashed during VM install Need Core analyzed 5e876b0f-tools-xenstore-fix-use-after-free-in-xenstored.patch - bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog bug soft lockup CPU #0 stuck under high load / upstream with workaround. See also bsc#1134506 5e86f7b7-credit2-avoid-vCPUs-with-lower-creds-than-idle.patch 5e86f7fd-credit2-fix-credit-too-few-resets.patch - Drop for upstream solution (bsc#1165206) 01-xen-credit2-avoid-vcpus-to.patch default-to-credit1-scheduler.patch - Upstream bug fixes (bsc#1027519) 5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch 5e5e7188-fix-error-path-in-cpupool_unassign_cpu_start.patch 5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch 5e7a371c-sched-fix-cpu-onlining-with-core-sched.patch 5e7c90cf-sched-fix-cpu-offlining-with-core-sched.patch 5e7cfb29-x86-ucode-AMD-fix-assert-in-compare_patch.patch 5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch 5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch 5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch 5e846cce-x86-HVM-fix-AMD-ECS-handling-for-Fam10.patch 5e84905c-x86-ucode-AMD-fix-more-potential-buffer-overruns.patch- bsc#1167608 - unbound limit for max_event_channels domUs with many vcpus and/or resources fail to start libxl.max_event_channels.patch- bsc#1161480 - Fix xl shutdown for HVM without PV drivers add libxl.libxl__domain_pvcontrol.patch- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog bug soft lockup CPU #0 stuck under high load / upstream with workaround. See also bsc#1134506 01-xen-credit2-avoid-vcpus-to.patch- bsc#1158414 - GCC 10: xen build fails gcc10-fixes.patch- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog bug soft lockup CPU #0 stuck under high load / upstream with workaround. See also bsc#1134506 default-to-credit1-scheduler.patch- bsc#1160932 - VUL-0: xen: XSA-312 v1: arm: a CPU may speculate past the ERET instruction 5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch - bsc#1164425 - x86: "spec-ctrl=no-xen" should also disable branch hardening 5e4e614d-x86-spec-ctrl-no-xen-also-disables-branch-hardening.patch - Upstream bug fixes (bsc#1027519) 5e21ce98-x86-time-update-TSC-stamp-after-deep-C-state.patch 5e286cce-VT-d-dont-pass-bridges-to-domain_context_mapping_one.patch 5e318cd4-x86-apic-fix-disabling-LVT0.patch 5e344c11-x86-HVM-relinquish-resources-from-domain_destroy.patch 5e3bd385-EFI-recheck-variable-name-strings.patch 5e3bd3d1-EFI-dont-leak-heap-VIA-XEN_EFI_get_next_variable_name.patch 5e3bd3f8-xmalloc-guard-against-overflow.patch 5e46e090-x86-smp-reset-x2apic_enabled-in-smp_send_stop.patch 5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch 5e4d4f5b-sched-fix-get_cpu_idle_time-with-core-sched.patch- bsc#1159755 - use fixed qemu-3.1 machine type for HVM This must be done in qemu to preserve PCI layout remove libxl.lock-qemu-machine-for-hvm.patch- jsc#SLE-10183 - script to calculate cpuid= mask add helper script from https://github.com/twizted/xen_maskcalc domUs may be migrated between different cpus from the same vendor if their visible cpuid value has incompatible feature bits masked.- jsc#SLE-10172, bsc#1055731 - handle degraded raid for xendomains add helper script and systemd service from https://github.com/luizluca/xen-tools-xendomains-wait-disk in new sub package xen-tools-xendomains-wait-disk See included README for usage instructions xendomains-wait-disks.LICENSE xendomains-wait-disks.README.md xendomains-wait-disks.sh- bsc#1159755 - use fixed qemu-3.1 machine type for HVM qemu4 introduced incompatible changes in pc-i440fx, which revealed a design bug in 'xenfv'. Live migration from domUs started with qemu versions prior qemu4 can not be received with qemu4+. libxl.lock-qemu-machine-for-hvm.patch- Upstream bug fixes (bsc#1027519) 5de65f84-gnttab-map-always-do-IOMMU-part.patch 5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch 5e15e03d-sched-fix-S3-resume-with-smt=0.patch 5e16fb6a-x86-clear-per-cpu-stub-page-info.patch 5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch- BuildRequire pkgconfig(libsystemd) instead of systemd-devel: Allow OBS to shortcut through the -mini flavors.- bsc#1159320 - Xen logrotate file needs updated logrotate.conf- Update to Xen 4.13.0 FCS release xen-4.13.0-testing-src.tar.bz2 * Core Scheduling (contributed by SUSE) * Branch hardening to mitigate against Spectre v1 (contributed by Citrix) * Late uCode loading (contributed by Intel) * Improved live-patching build tools (contributed by AWS) * OP-TEE support (contributed by EPAM) * Renesas R-CAR IPMMU-VMSA driver (contributed by EPAM) * Dom0-less passthrough and ImageBuilder (contributed by XILINX) * Support for new Hardware- Update to Xen 4.13.0 RC4 release xen-4.13.0-testing-src.tar.bz2 - Rebase libxl.pvscsi.patch- Update to Xen 4.13.0 RC3 release xen-4.13.0-testing-src.tar.bz2 - Drop python38-build.patch- Update to Xen 4.13.0 RC2 release xen-4.13.0-testing-src.tar.bz2- Add python38-build.patch fixing build with Python 3.8 (add - -embed to python-config call)- Update to Xen 4.13.0 RC1 release xen-4.13.0-testing-src.tar.bz2 - Drop patches contained in new tarball or invalid 5ca7660f-x86-entry-drop-unused-includes.patch 5cab2a6b-x86-ACPI-also-parse-AMD-tables-early.patch 5cab2ab7-x86-IOMMU-introduce-init-ops.patch 5cab2ae8-x86-IOMMU-abstract-iommu_supports_eim.patch 5cab2b4e-x86-IOMMU-abstract-iommu_enable_x2apic_IR.patch 5cab2b95-x86-IOMMU-initialize-iommu_ops-in.patch 5cac9a4b-x86-IOMMU-abstract-adjust_vtd_irq_affinities.patch 5cdeac7f-AMD-IOMMU-adjust-IOMMU-list-head-init.patch 5cf8da09-adjust-sysdom-creation-call-earlier-on-x86.patch 5d0cf4e4-AMD-IOMMU-initialize-IRQ-tasklet-once.patch 5d149bb0-AMD-IOMMU-dont-add-IOMMUs.patch 5d1b3fab-AMD-IOMMU-restrict-feature-logging.patch 5d358508-x86-IRQ-desc-affinity-represents-request.patch 5d358534-x86-IRQ-consolidate-arch-cpu_mask-use.patch 5d358a67-AMD-IOMMU-pass-IOMMU-to-iterate_ivrs_entries-cb.patch 5d358a92-AMD-IOMMU-pass-IOMMU-to-amd_iommu_alloc_intremap_table.patch 5d39811c-x86-IOMMU-dont-restrict-IRQ-affinities.patch 5d417813-AMD-IOMMU-bitfield-extended-features.patch 5d417838-AMD-IOMMU-bitfield-control-reg.patch 5d41785b-AMD-IOMMU-bitfield-IRTE.patch 5d41787e-AMD-IOMMU-pass-IOMMU-to-gfu-intremap-entry.patch 5d4178ad-AMD-IOMMU-128bit-non-guest-APIC-IRTE.patch 5d4178fc-AMD-IOMMU-split-amd_iommu_init_one.patch 5d41793f-AMD-IOMMU-allow-enabling-without-IRQ.patch 5d417a16-AMD-IOMMU-adjust-IRQ-setup-for-x2APIC.patch 5d417ab6-AMD-IOMMU-enable-x2APIC-mode.patch 5d417b38-AMD-IOMMU-correct-IRTE-updating.patch 5d417b6a-AMD-IOMMU-dont-needlessly-log-headers.patch 5d419d49-x86-spec-ctrl-report-proper-status.patch 5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch 5d4a9d25-AMD-IOMMU-drop-not-found-message.patch 5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch 5d4afa7a-credit2-fix-memory-leak.patch 5d4d850a-introduce-bss-percpu-page-aligned.patch 5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch 5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch 5d6524ca-x86-mm-correctly-init-M2P-entries.patch 5d67ceaf-x86-properly-gate-PKU-clearing.patch 5d70bfba-x86-shadow-dont-enable-with-too-small-allocation.patch 5d779811-x86-fix-CPUID7-0-eax-levelling-MSR.patch 5d77b40f-fix-hvm_all_ioreq_servers_add_vcpu-cleanup.patch 5d80e7c0-AMD-IOMMU-free-shared-IRT-once.patch 5d80e80d-AMD-IOMMU-valid-flag-for-IVRS-mappings.patch 5d80e82e-AMD-IOMMU-alloc_intremap_table-callers-handle-errors.patch 5d80e857-x86-PCI-read-MSI-X-table-entry-count-early.patch 5d80ea13-vpci-honor-read-only-devices.patch 5d89d8d9-libxc-x86-avoid-overflow-in-CPUID-APIC-ID.patch 5d8b715f-ACPI-cpuidle-bump-max-num-of-states.patch 5d8b72e5-AMD-IOMMU-dont-blindly-alloc-intremap-tables.patch 5d8b730e-AMD-IOMMU-phantom-funcs-share-intremap-tables.patch 5d8b733b-x86-PCI-read-max-MSI-vector-count-early.patch 5d8b736d-AMD-IOMMU-replace-INTREMAP_ENTRIES.patch 5d8b7393-AMD-IOMMU-restrict-intremap-table-sizes.patch 5d9ee2a8-AMD-IOMMU-alloc-1-devtab-per-PCI-seg.patch 5d9ee2f0-AMD-IOMMU-allocate_buffer-avoid-memset.patch 5d9ee312-AMD-IOMMU-prefill-all-DTEs.patch CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch blktap2-no-uninit.patch libxl.prepare-environment-for-domcreate_stream_done.patch pygrub-python3-conversion.patch fix-xenpvnetboot.patch- bsc#1135799 - Partner-L3: Xen crashes on AMD ROME based machines 5d9ee2a8-AMD-IOMMU-alloc-1-devtab-per-PCI-seg.patch 5d9ee2f0-AMD-IOMMU-allocate_buffer-avoid-memset.patch 5d9ee312-AMD-IOMMU-prefill-all-DTEs.patch- bsc#1120095 - add code to change LIBXL_HOTPLUG_TIMEOUT at runtime The included README has details about the impact of this change libxl.LIBXL_HOTPLUG_TIMEOUT.patch- bsc#1135799 - Partner-L3: Xen crashes on AMD ROME based machines 5ca7660f-x86-entry-drop-unused-includes.patch 5cf8da09-adjust-sysdom-creation-call-earlier-on-x86.patch 5cab2a6b-x86-ACPI-also-parse-AMD-tables-early.patch 5cab2ab7-x86-IOMMU-introduce-init-ops.patch 5cab2ae8-x86-IOMMU-abstract-iommu_supports_eim.patch 5cab2b4e-x86-IOMMU-abstract-iommu_enable_x2apic_IR.patch 5cab2b95-x86-IOMMU-initialize-iommu_ops-in.patch 5cac9a4b-x86-IOMMU-abstract-adjust_vtd_irq_affinities.patch 5cdeac7f-AMD-IOMMU-adjust-IOMMU-list-head-init.patch 5d0cf4e4-AMD-IOMMU-initialize-IRQ-tasklet-once.patch 5d149bb0-AMD-IOMMU-dont-add-IOMMUs.patch 5d1b3fab-AMD-IOMMU-restrict-feature-logging.patch 5d358508-x86-IRQ-desc-affinity-represents-request.patch 5d358534-x86-IRQ-consolidate-arch-cpu_mask-use.patch 5d358a67-AMD-IOMMU-pass-IOMMU-to-iterate_ivrs_entries-cb.patch 5d358a92-AMD-IOMMU-pass-IOMMU-to-amd_iommu_alloc_intremap_table.patch 5d39811c-x86-IOMMU-dont-restrict-IRQ-affinities.patch 5d417813-AMD-IOMMU-bitfield-extended-features.patch 5d417838-AMD-IOMMU-bitfield-control-reg.patch 5d41785b-AMD-IOMMU-bitfield-IRTE.patch 5d41787e-AMD-IOMMU-pass-IOMMU-to-gfu-intremap-entry.patch 5d4178ad-AMD-IOMMU-128bit-non-guest-APIC-IRTE.patch 5d4178fc-AMD-IOMMU-split-amd_iommu_init_one.patch 5d41793f-AMD-IOMMU-allow-enabling-without-IRQ.patch 5d417a16-AMD-IOMMU-adjust-IRQ-setup-for-x2APIC.patch 5d417ab6-AMD-IOMMU-enable-x2APIC-mode.patch 5d417b38-AMD-IOMMU-correct-IRTE-updating.patch 5d417b6a-AMD-IOMMU-dont-needlessly-log-headers.patch 5d4a9d25-AMD-IOMMU-drop-not-found-message.patch 5d80e7c0-AMD-IOMMU-free-shared-IRT-once.patch 5d80e80d-AMD-IOMMU-valid-flag-for-IVRS-mappings.patch 5d80e82e-AMD-IOMMU-alloc_intremap_table-callers-handle-errors.patch 5d80e857-x86-PCI-read-MSI-X-table-entry-count-early.patch 5d8b72e5-AMD-IOMMU-dont-blindly-alloc-intremap-tables.patch 5d8b730e-AMD-IOMMU-phantom-funcs-share-intremap-tables.patch 5d8b733b-x86-PCI-read-max-MSI-vector-count-early.patch 5d8b736d-AMD-IOMMU-replace-INTREMAP_ENTRIES.patch 5d8b7393-AMD-IOMMU-restrict-intremap-table-sizes.patch - bsc#1145240 - [Migration]Can't pre-allocate 1 shadow pages 5d70bfba-x86-shadow-dont-enable-with-too-small-allocation.patch - bsc#1137717 - [HPS Bug] Unable to install Windows Server 2016 with 2 CPUs setting (or above) under SLES12 SP4 Xen Server on AMD ROME platform 5d89d8d9-libxc-x86-avoid-overflow-in-CPUID-APIC-ID.patch - Upstream bug fixes (bsc#1027519) 5d67ceaf-x86-properly-gate-PKU-clearing.patch 5d779811-x86-fix-CPUID7-0-eax-levelling-MSR.patch 5d77b40f-fix-hvm_all_ioreq_servers_add_vcpu-cleanup.patch 5d80ea13-vpci-honor-read-only-devices.patch 5d8b715f-ACPI-cpuidle-bump-max-num-of-states.patch- bsc#1145774 - Libivrtd segfaults when trying to live migrate a VM Fix crash in an error path of libxl_domain_suspend with libxl.helper_done-crash.patch- Upstream bug fixes (bsc#1027519) 5d419d49-x86-spec-ctrl-report-proper-status.patch 5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch 5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch 5d4afa7a-credit2-fix-memory-leak.patch 5d4d850a-introduce-bss-percpu-page-aligned.patch 5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch 5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch 5d6524ca-x86-mm-correctly-init-M2P-entries.patch - Drop 5d419d49-x86-spec-ctrl-facilities-report-wrong-status.patch- Preserve modified files which used to be marked as %config, rename file.rpmsave to file- Update to Xen 4.12.1 bug fix release (bsc#1027519) xen-4.12.1-testing-src.tar.bz2 - Drop patches contained in new tarball 5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch 5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch 5c87b6c8-drop-arch_evtchn_inject.patch 5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch 5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch 5c8f752c-x86-e820-build-with-gcc9.patch 5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch 5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch 5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch 5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch 5c9e63c5-credit2-SMT-idle-handling.patch 5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch 5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch 5cd921fb-trace-fix-build-with-gcc9.patch 5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch 5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch 5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch 5cd926d0-bitmap_fill-zero-sized.patch 5cd92724-drivers-video-drop-constraints.patch 5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch 5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch 5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch 5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch 5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch 5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch 5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch 5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch 5cdeb9fd-sched-fix-csched2_deinit_pdata.patch 5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch 5cf0f6a4-x86-vhpet-resume-avoid-small-diff.patch 5cf16e51-x86-spec-ctrl-Knights-retpoline-safe.patch 5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch 5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch 5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch 5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch 5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch 5d03a0c4-6-Arm64-cmpxchg-simplify.patch 5d03a0c4-7-Arm32-cmpxchg-simplify.patch 5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch 5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch 5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch 5d03a0c4-B-bitops-guest-helpers.patch 5d03a0c4-C-cmpxchg-guest-helpers.patch 5d03a0c4-D-use-guest-atomics-helpers.patch 5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch 5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch - Refreshed patches libxl.pvscsi.patch- bsc#1143563 - Speculative mitigation facilities report wrong status 5d419d49-x86-spec-ctrl-facilities-report-wrong-status.patch- Update xen-dom0-modules.service (bsc#1137251) Map backend module names from pvops and xenlinux kernels to a module alias. This avoids errors from modprobe about unknown modules. Ignore a few xenlinux modules that lack aliases.- Gcc9 warnings seem to be cleared up with upstream fixes. Drop gcc9-ignore-warnings.patch- bsc#1138563 - L3: xenpvnetboot improperly ported to Python 3 fix-xenpvnetboot.patch- Move /etc/modprobe.d/xen_loop.conf to /lib/modprobe.d/xen_loop.conf- Remove /etc/xen/xenapiusers and /etc/pam.d/xen-api- Remove all upstream provided files in /etc/xen They are not required at runtime. The host admin is now responsible if he really needs anything in this subdirectory.- In our effort to make /etc fully admin controlled, move /etc/xen/scripts to libexec/xen/scripts with xen-tools.etc_pollution.patch- Move /etc/bash_completion.d/xl.sh to %{_datadir}/bash-completion/completions- bsc#1138294 - VUL-0: CVE-2019-17349: XSA-295: Unlimited Arm Atomics Operations 5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch 5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch 5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch 5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch 5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch 5d03a0c4-6-Arm64-cmpxchg-simplify.patch 5d03a0c4-7-Arm32-cmpxchg-simplify.patch 5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch 5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch 5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch 5d03a0c4-B-bitops-guest-helpers.patch 5d03a0c4-C-cmpxchg-guest-helpers.patch 5d03a0c4-D-use-guest-atomics-helpers.patch 5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch 5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch - Upstream bug fixes (bsc#1027519) 5c87b6c8-drop-arch_evtchn_inject.patch 5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch 5cd921fb-trace-fix-build-with-gcc9.patch 5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch 5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch 5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch 5cd926d0-bitmap_fill-zero-sized.patch 5cd92724-drivers-video-drop-constraints.patch 5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch (Replaces xsa297-0a.patch) 5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch (Replaces xsa297-0b.patch) 5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch (Replaces xsa297-0c.patch) 5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch (Replaces xsa297-0d.patch) 5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch (Replaces xsa297-1.patch) 5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch (Replaces xsa297-2.patch) 5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch (Replaces xsa297-3.patch) 5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch 5cdeb9fd-sched-fix-csched2_deinit_pdata.patch 5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch 5cf0f6a4-x86-vhpet-resume-avoid-small-diff.patch 5cf16e51-x86-spec-ctrl-Knights-retpoline-safe.patch- Fix some outdated information in the readme README.SUSE- spec: xen-tools: require matching version of xen package bsc#1137471- Remove two stale patches xen.build-compare.man.patch xenpaging.doc.patch- Disable LTO (boo#1133296).- Remove arm32 from ExclusiveArch to fix build- bsc#1111331 - VUL-0: CPU issues Q2 2019 aka "Group 4". CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 xsa297-0a.patch xsa297-0b.patch xsa297-0c.patch xsa297-0d.patch xsa297-1.patch xsa297-2.patch xsa297-3.patch - Update 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch and drop 5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch Refresh 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch- bsc#1131811 - [XEN] internal error: libxenlight failed to create new domain. This patch is a workaround for a systemd issue. See patch header for additional comments. xenstore-launch.patch- bsc#1125378 - [xen][pygrub] Can not restore sle11sp4 pv guest after upgrading host from sle11sp4 to sle15sp1 pygrub-python3-conversion.patch - Fix "TypeError: virDomainDefineXML() argument 2 must be str or None, not bytes" when converting VMs from using the xm/xend toolstack to the libxl/libvirt toolstack. (bsc#1123378) xen2libvirt.py- bsc#1124560 - Fully virtualized guests crash on boot 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch - bsc#1121391 - GCC 9: xen build fails 5c8f752c-x86-e820-build-with-gcc9.patch - Upstream bug fixes (bsc#1027519) 5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch 5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch 5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch 5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch 5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch 5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch 5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch 5c9e63c5-credit2-SMT-idle-handling.patch 5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch 5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch 5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch- Install pkgconfig files into libdir instead of datadir- Update to Xen 4.12.0 FCS release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2 * HVM/PVH and PV only Hypervisor: The Xen 4.12 release separates the HVM/PVH and PV code paths in Xen and provides KCONFIG options to build a PV only or HVM/PVH only hypervisor. * QEMU Deprivilege (DM_RESTRICT): In Xen 4.12, this feature has been vastly improved. * Argo - Hypervisor-Mediated data eXchange: Argo is a new inter- domain communication mechanism. * Improvements to Virtual Machine Introspection: The VMI subsystem which allows detection of 0-day vulnerabilities has seen many functional and performance improvements. * Credit 2 Scheduler: The Credit2 scheduler is now the Xen Project default scheduler. * PVH Support: Grub2 boot support has been added to Xen and Grub2. * PVH Dom0: PVH Dom0 support has now been upgraded from experimental to tech preview. * The Xen 4.12 upgrade also includes improved IOMMU mapping code, which is designed to significantly improve the startup times of AMD EPYC based systems. * The upgrade also features Automatic Dom0 Sizing which allows the setting of Dom0 memory size as a percentage of host memory (e.g. 10%) or with an offset (e.g. 1G+10%).- bsc#1130485 - Please drop Requires on multipath-tools in xen-tools. Now using Recommends multipath-tools. xen.spec- Update to Xen 4.12.0 RC7 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2- Update to Xen 4.12.0 RC6 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2- bsc#1026236 - add Xen cmdline option "suse_vtsc_tolerance" to avoid TSC emulation for HVM domUs if their expected frequency does not match exactly the frequency of the receiving host xen.bug1026236.suse_vtsc_tolerance.patch- Update to Xen 4.12.0 RC5 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2- jsc#SLE-3059 - Disable Xen auto-ballooning - Add CONFIG_DOM0_MEM to the spec file for managing dom0 memory. xen.spec - Disable autoballooning in xl.con xl-conf-disable-autoballoon.patch- Update gcc9-ignore-warnings.patch to fix build in SLE12- bsc#1126325 - fix crash in libxl in error path Setup of grant_tables and other variables may fail libxl.prepare-environment-for-domcreate_stream_done.patch- bsc#1127620 - Documentation for the xl configuration file allows for firmware=pvgrub64 but we don't ship pvgrub64. Create a link from grub.xen to pvgrub64 xen.spec- Update to Xen 4.12.0 RC4 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2 - Tarball also contains additional post RC4 security fixes for Xen Security Advisories 287, 288, and 290 through 294.- Update to Xen 4.12.0 RC3 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2- Update to Xen 4.12.0 RC2 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2- bsc#1121391 - GCC 9: xen build fails gcc9-ignore-warnings.patch- bsc#1122563 - Virtualization/xen: Bug no Xen on boot, missing /proc/xen, after 4.11 -> 4.12 upgrade on X86_64/efi. Keep xen.efi in /usr/lib64/efi for booting older distros. xen.spec- fate#326960: Package grub2 as noarch. As part of the effort to have a unified bootloader across architectures, modify the xen.spec file to move the Xen efi files to /usr/share/efi/$(uname -m) from /usr/lib64/efi.- Update to Xen 4.12.0 RC1 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2 - Drop 5b505d59-tools-xentop-replace-use-of-deprecated-vwprintw.patch 5b76ec82-libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch 5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch 5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch 5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch 5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch 5b9784d2-x86-HVM-add-known_gla-helper.patch 5b9784f2-x86-HVM-split-page-straddling-accesses.patch 5bdc31d5-VMX-fix-vmx_handle_eoi.patch gcc8-fix-array-warning-on-i586.patch gcc8-fix-format-warning-on-i586.patch gcc8-inlining-failed.patch xen.bug1079730.patch- bsc#1121960 - xen: sync with Factory xen.spec xen.changes- Replace old $RPM_* shell vars. - Run fdupes for all architectures, and not crossing subvolume boundaries.- Do not run %fdupes on aarch64 to avoid the hardlink-across-partition rpmlint error- Require qemu-seabios only on x86* as it is not available on non-x86 systems- Avoid creating dangling symlinks (bsc#1116524) This reverts the revert of tmp_build.patch- Update to Xen 4.11.1 bug fix release (bsc#1027519) xen-4.11.1-testing-src.tar.bz2 - 5b505d59-tools-xentop-replace-use-of-deprecated-vwprintw.patch replaces xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch - 5b76ec82-libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch replaces xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch - Drop the following patches contained in the new tarball 5b34b8fe-VMX-defer-vmx_vmcs_exit-as-long-as-possible.patch 5b3cab8e-1-VMX-MSR_DEBUGCTL-handling.patch 5b3cab8e-2-VMX-improve-MSR-load-save-API.patch 5b3cab8e-3-VMX-cleanup-MSR-load-save-infra.patch 5b3cab8f-1-VMX-factor-out-locate_msr_entry.patch 5b3cab8f-2-VMX-remote-access-to-MSR-lists.patch 5b3cab8f-3-VMX-improve-LBR-MSR-handling.patch 5b3cab8f-4-VMX-pass-MSR-value-into-vmx_msr_add.patch 5b3cab8f-5-VMX-load-only-guest-MSR-entries.patch 5b3f8fa5-port-array_index_nospec-from-Linux.patch 5b4321f6-x86-correctly-set-nonlazy_xstate_used-when-loading-full-state.patch 5b4488e7-x86-spec-ctrl-cmdline-handling.patch 5b471517-page_alloc-correct-first_dirty-calc-in-block-merging.patch 5b4c9a60-allow-cpu_down-to-be-called-earlier.patch 5b4db308-SVM-fix-cleanup-svm_inject_event.patch 5b5040c3-cpupools-fix-state-when-downing-a-CPU-failed.patch 5b5040f2-x86-AMD-distinguish-CU-from-HT.patch 5b505fe5-VMX-fix-find-msr-build.patch 5b508775-1-x86-distinguish-CPU-offlining-and-removal.patch 5b508775-2-x86-possibly-bring-up-all-CPUs.patch 5b508775-3-x86-cmdline-opt-to-avoid-use-of-secondary-HTs.patch 5b508ce8-VMX-dont-clobber-dr6-while-debug-state-is-lazy.patch 5b50df16-1-x86-xstate-use-guest-CPUID-policy.patch 5b50df16-2-x86-make-xstate-calculation-errors-more-obvious.patch 5b56feb1-hvm-Disallow-unknown-MSR_EFER-bits.patch 5b56feb2-spec-ctrl-Fix-the-parsing-of-xpti--on-fixed-Intel-hardware.patch 5b62ca93-VMX-avoid-hitting-BUG_ON.patch 5b6d84ac-x86-fix-improve-vlapic-read-write.patch 5b6d8ce2-x86-XPTI-parsing.patch 5b72fbbe-ARM-disable-grant-table-v2.patch 5b72fbbe-oxenstored-eval-order.patch 5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch 5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch 5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch 5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch 5b72fbbf-4-mm-Plumbing-to-allow-any-PTE-update-to-fail-with--ERESTART.patch 5b72fbbf-5-pv-Force-a-guest-into-shadow-mode-when-it-writes-an-L1TF-vulnerable-PTE.patch 5b72fbbf-6-spec-ctrl-CPUID-MSR-definitions-for-L1D_FLUSH.patch 5b72fbbf-7-msr-Virtualise-MSR_FLUSH_CMD-for-guests.patch 5b72fbbf-8-spec-ctrl-Introduce-an-option-to-control-L1D_FLUSH-for-HVM-HAP-guests.patch 5b72fbbf-x86-Make-spec-ctrl-no-a-global-disable-of-all-mitigations.patch 5b72fbbf-xl.conf-Add-global-affinity-masks.patch 5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch 5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch 5b75afef-x86-setup-avoid-OoB-E820-lookup.patch 5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch 5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch 5b8d5832-x86-assorted-array_index_nospec-insertions.patch 5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch 5bacae4b-x86-boot-allocate-extra-module-slot.patch 5bae44ce-x86-silence-false-log-messages.patch 5bb60c12-x86-split-opt_xpti.patch 5bb60c4f-x86-split-opt_pv_l1tf.patch 5bb60c74-x86-fix-xpti-and-pv-l1tf.patch 5bcf0722-x86-boot-enable-NMIs.patch 5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch 5bd076e9-x86-boot-init-debug-regs-correctly.patch 5bd076e9-x86-init-vcpu-debug-regs-correctly.patch 5bd0e0cf-vvmx-Disallow-the-use-of-VT-x-instructions-when-nested-virt-is-disabled.patch 5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch 5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch 5be2a308-x86-extend-get_platform_badpages.patch 5be2a354-x86-work-around-HLE-host-lockup-erratum.patch xsa275-1.patch xsa275-2.patch xsa276-1.patch xsa276-2.patch xsa277.patch xsa279.patch xsa280-1.patch xsa280-2.patch- bsc#1116524 - Package xen-tools-4.11.0_09-2.1.x86_64 broken: Missing /bin/domu-xenstore. This was broken because "make package build reproducible" change. (boo#1047218, boo#1062303) This fix reverses the change to this patch. tmp_build.patch- bsc#1115040 - VUL-0: CVE-2018-19961 CVE-2018-19962: xen: insufficient TLB flushing / improper large page mappings with AMD IOMMUs (XSA-275) xsa275-1.patch xsa275-2.patch - bsc#1115043 - VUL-0: CVE-2018-19963: xen: resource accounting issues in x86 IOREQ server handling (XSA-276) xsa276-1.patch xsa276-2.patch - bsc#1115044 - VUL-0: CVE-2018-19964: xen: x86: incorrect error handling for guest p2m page removals (XSA-277) xsa277.patch - bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even when disabled (XSA-278) 5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch - bsc#1115045 - VUL-0: xen: CVE-2018-19965: x86: DoS from attempting to use INVPCID with a non-canonical addresses (XSA-279) xsa279.patch - bsc#1115047 - VUL-0: CVE-2018-19966: xen: Fix for XSA-240 conflicts with shadow paging (XSA-280) xsa280-1.patch xsa280-2.patch - bsc#1114988 - VUL-0: CVE-2018-19967: xen: guest use of HLE constructs may lock up host (XSA-282) 5be2a308-x86-extend-get_platform_badpages.patch 5be2a354-x86-work-around-HLE-host-lockup-erratum.patch - bsc#1108940 - L3: XEN SLE12-SP1 domU hang on SLE12-SP3 HV 5bdc31d5-VMX-fix-vmx_handle_eoi.patch - Upstream bug fixes (bsc#1027519) 5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch 5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch 5bacae4b-x86-boot-allocate-extra-module-slot.patch 5bae44ce-x86-silence-false-log-messages.patch 5bb60c12-x86-split-opt_xpti.patch 5bb60c4f-x86-split-opt_pv_l1tf.patch 5bb60c74-x86-fix-xpti-and-pv-l1tf.patch 5bcf0722-x86-boot-enable-NMIs.patch 5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch 5bd076e9-x86-boot-init-debug-regs-correctly.patch 5bd076e9-x86-init-vcpu-debug-regs-correctly.patch 5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch- bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even when disabled (XSA-278) 5bd0e0cf-vvmx-Disallow-the-use-of-VT-x-instructions-when-nested-virt-is-disabled.patch- Use SMBIOS_REL_DATE instead of SMBIOS_DATE for reproducible binaries- make package build reproducible (boo#1047218, boo#1062303) * Set SMBIOS_REL_DATE * Update tmp_build.patch to use SHA instead of random build-id * Add reproducible.patch to use --no-insert-timestamp- Building with ncurses 6.1 will fail without xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch - Building libxl acpi support on aarch64 with gcc 8.2 will fail without xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch- bsc#1106263 - L3: The affinity reporting via 'xl vcpu-list' is apparently broken 5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch 5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch 5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch- bsc#1094508 - L3: Kernel oops in fs/dcache.c called by d_materialise_unique() 5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch 5b9784d2-x86-HVM-add-known_gla-helper.patch 5b9784f2-x86-HVM-split-page-straddling-accesses.patch - bsc#1103279 - (CVE-2018-15470) VUL-0: CVE-2018-15470: xen: oxenstored does not apply quota-maxentity (XSA-272) 5b72fbbe-oxenstored-eval-order.patch - bsc#1103275 - (CVE-2018-15469) VUL-0: CVE-2018-15469: xen: Use of v2 grant tables may cause crash on ARM (XSA-268) 5b72fbbe-ARM-disable-grant-table-v2.patch - Upstream patches from Jan (bsc#1027519) 5b6d84ac-x86-fix-improve-vlapic-read-write.patch 5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch 5b75afef-x86-setup-avoid-OoB-E820-lookup.patch 5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch 5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch 5b8d5832-x86-assorted-array_index_nospec-insertions.patch - Drop 5b741962-x86-write-to-correct-variable-in-parse_pv_l1tf.patch- bsc#1078292 - rpmbuild -ba SPECS/xen.spec with xen-4.9.1 failed xen.spec- bsc#1091107 - VUL-0: CVE-2018-3646: xen: L1 Terminal Fault -VMM (XSA-273) 5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch 5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch 5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch 5b72fbbf-4-mm-Plumbing-to-allow-any-PTE-update-to-fail-with--ERESTART.patch 5b72fbbf-5-pv-Force-a-guest-into-shadow-mode-when-it-writes-an-L1TF-vulnerable-PTE.patch 5b72fbbf-6-spec-ctrl-CPUID-MSR-definitions-for-L1D_FLUSH.patch 5b72fbbf-7-msr-Virtualise-MSR_FLUSH_CMD-for-guests.patch 5b72fbbf-8-spec-ctrl-Introduce-an-option-to-control-L1D_FLUSH-for-HVM-HAP-guests.patch - bsc#1103276 - VUL-0: CVE-2018-15468: xen: x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS (XSA-269) 5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch - Upstream prereq patches for XSA-273 and other upstream fixes (bsc#1027519) 5b34b8fe-VMX-defer-vmx_vmcs_exit-as-long-as-possible.patch 5b3cab8e-1-VMX-MSR_DEBUGCTL-handling.patch 5b3cab8e-2-VMX-improve-MSR-load-save-API.patch 5b3cab8e-3-VMX-cleanup-MSR-load-save-infra.patch 5b3cab8f-1-VMX-factor-out-locate_msr_entry.patch 5b3cab8f-2-VMX-remote-access-to-MSR-lists.patch 5b3cab8f-3-VMX-improve-LBR-MSR-handling.patch 5b3cab8f-4-VMX-pass-MSR-value-into-vmx_msr_add.patch 5b3cab8f-5-VMX-load-only-guest-MSR-entries.patch 5b4321f6-x86-correctly-set-nonlazy_xstate_used-when-loading-full-state.patch 5b505fe5-VMX-fix-find-msr-build.patch 5b56feb1-hvm-Disallow-unknown-MSR_EFER-bits.patch 5b56feb2-spec-ctrl-Fix-the-parsing-of-xpti--on-fixed-Intel-hardware.patch 5b62ca93-VMX-avoid-hitting-BUG_ON.patch 5b6d8ce2-x86-XPTI-parsing.patch 5b72fbbf-x86-Make-spec-ctrl-no-a-global-disable-of-all-mitigations.patch 5b72fbbf-xl.conf-Add-global-affinity-masks.patch 5b741962-x86-write-to-correct-variable-in-parse_pv_l1tf.patch- Upstream patches from Jan (bsc#1027519) 5b3f8fa5-port-array_index_nospec-from-Linux.patch 5b4488e7-x86-spec-ctrl-cmdline-handling.patch 5b471517-page_alloc-correct-first_dirty-calc-in-block-merging.patch 5b4c9a60-allow-cpu_down-to-be-called-earlier.patch 5b4db308-SVM-fix-cleanup-svm_inject_event.patch 5b5040c3-cpupools-fix-state-when-downing-a-CPU-failed.patch 5b5040f2-x86-AMD-distinguish-CU-from-HT.patch 5b508775-1-x86-distinguish-CPU-offlining-and-removal.patch 5b508775-2-x86-possibly-bring-up-all-CPUs.patch 5b508775-3-x86-cmdline-opt-to-avoid-use-of-secondary-HTs.patch 5b508ce8-VMX-dont-clobber-dr6-while-debug-state-is-lazy.patch 5b50df16-1-x86-xstate-use-guest-CPUID-policy.patch 5b50df16-2-x86-make-xstate-calculation-errors-more-obvious.patch gcc8-fix-format-warning-on-i586.patch gcc8-fix-array-warning-on-i586.patch - Drop xen.fuzz-_FORTIFY_SOURCE.patch gcc8-fix-warning-on-i586.patch- Update to Xen 4.11.0 FCS (fate#325202, fate#325123) xen-4.11.0-testing-src.tar.bz2 disable-building-pv-shim.patch - Dropped patches 5a33a12f-domctl-improve-locking-during-domain-destruction.patch 5a6703cb-x86-move-invocations-of-hvm_flush_guest_tlbs.patch 5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch 5a9985bd-x86-invpcid-support.patch 5ac72a48-gcc8.patch 5ac72a5f-gcc8.patch 5ac72a64-gcc8.patch 5ac72a69-gcc8.patch 5ac72a6e-gcc8.patch 5ac72a74-gcc8.patch 5ac72a7b-gcc8.patch 5ad4923e-x86-correct-S3-resume-ordering.patch 5ad49293-x86-suppress-BTI-mitigations-around-S3.patch 5ad600d4-x86-pv-introduce-x86emul_read_dr.patch 5ad600d4-x86-pv-introduce-x86emul_write_dr.patch 5ad8c3a7-x86-spec_ctrl-update-retpoline-decision-making.patch 5adda097-x86-HPET-fix-race-triggering-ASSERT.patch 5adda0d5-x86-HVM-never-retain-emulated-insn-cache.patch 5adde9ed-xpti-fix-double-fault-handling.patch 5ae06fad-SVM-fix-intercepts-for-SYS-CALL-ENTER-MSRs.patch 5ae31917-x86-cpuidle-init-stats-lock-once.patch 5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch 5aeaeaf0-sched-fix-races-in-vcpu-migration.patch 5aeb2c57-x86-retval-checks-of-set-guest-trapbounce.patch 5aec7393-1-x86-xpti-avoid-copy.patch 5aec7393-2-x86-xpti-write-cr3.patch 5aec744a-3-x86-xpti-per-domain-flag.patch 5aec744a-4-x86-xpti-use-invpcid.patch 5aec744a-5-x86-xpti-no-global-pages.patch 5aec744a-6-x86-xpti-cr3-valid-flag.patch 5aec744a-7-x86-xpti-pv_guest_cr4_to_real_cr4.patch 5aec744b-8-x86-xpti-cr3-helpers.patch 5aec74a8-9-x86-xpti-use-pcid.patch 5af1daa9-1-x86-traps-fix-dr6-handing-in-DB-handler.patch 5af1daa9-2-x86-pv-move-exception-injection-into-test_all_events.patch 5af1daa9-3-x86-traps-use-IST-for-DB.patch 5af1daa9-4-x86-traps-fix-handling-of-DB-in-hypervisor-context.patch 5af1daa9-x86-HVM-guard-against-bogus-emulator-ioreq-state.patch 5af1daa9-x86-vpt-support-IO-APIC-routed-intr.patch 5af97999-viridian-cpuid-leaf-40000003.patch 5afc13ae-1-x86-read-MSR_ARCH_CAPABILITIES-once.patch 5afc13ae-2-x86-express-Xen-SPEC_CTRL-choice-as-variable.patch 5afc13ae-3-x86-merge-bti_ist_info-use_shadow_spec_ctrl.patch 5afc13ae-4-x86-fold-XEN_IBRS-ALTERNATIVES.patch 5afc13ae-5-x86-rename-bits-of-spec_ctrl-infrastructure.patch 5afc13ae-6-x86-elide-MSR_SPEC_CTRL-handling-in-idle.patch 5afc13ae-7-x86-split-X86_FEATURE_SC_MSR.patch 5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch 5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch 5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch 5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch 5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch 5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch 5b0bc9da-x86-XPTI-fix-S3-resume.patch 5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x80000008.patch 5b0d2d91-x86-suppress-sync-when-XPTI-off.patch 5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch 5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch 5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch 5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch 5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch 5b238b92-x86-HVM-account-for-fully-eager-FPU.patch 5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch 5b31e004-x86-HVM-emul-attempts-FPU-set-fpu_initialised.patch 5b323e3c-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch 5b34882d-x86-mm-dont-bypass-preemption-checks.patch 5b348874-x86-refine-checks-in-DB-handler.patch 5b348897-libxl-qemu_disk_scsi_drive_string-break-out-common.patch 5b3488a2-libxl-restore-passing-ro-to-qemu-for-SCSI-disks.patch 5b34891a-x86-HVM-dont-cause-NM-to-be-raised.patch 5b348954-x86-guard-against-NM.patch libxl.Add-a-version-check-of-QEMU-for-QMP-commands.patch libxl.LIBXL_DESTROY_TIMEOUT.patch libxl.qmp-Tell-QEMU-about-live-migration-or-snapshot.patch xen_fix_build_with_acpica_20180427_and_new_packages.patch- Submit upstream patch libacpi: fixes for iasl >= 20180427 git commit 858dbaaeda33b05c1ac80aea0ba9a03924e09005 xen_fix_build_with_acpica_20180427_and_new_packages.patch This is needed for acpica package to get updated in our build service- Upstream patches from Jan (bsc#1027519) 5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch (Replaces Spectre-v4-1.patch) 5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch (Replaces Spectre-v4-2.patch) 5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch (Replaces Spectre-v4-3.patch) 5b0bc9da-x86-XPTI-fix-S3-resume.patch 5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x80000008.patch 5b0d2d91-x86-suppress-sync-when-XPTI-off.patch 5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch 5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch 5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch 5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch (Replaces xsa267-1.patch) 5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch (Replaces xsa267-2.patch) 5b238b92-x86-HVM-account-for-fully-eager-FPU.patch 5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch 5b31e004-x86-HVM-emul-attempts-FPU-set-fpu_initialised.patch 5b323e3c-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch 5b34882d-x86-mm-dont-bypass-preemption-checks.patch (Replaces xsa264.patch) 5b348874-x86-refine-checks-in-DB-handler.patch (Replaces xsa265.patch) 5b348897-libxl-qemu_disk_scsi_drive_string-break-out-common.patch (Replaces xsa266-1-<>.patch) 5b3488a2-libxl-restore-passing-ro-to-qemu-for-SCSI-disks.patch (Replaces xsa266-2-<>.patch) 5b34891a-x86-HVM-dont-cause-NM-to-be-raised.patch 5b348954-x86-guard-against-NM.patch- Fix more build gcc8 related failures with xen.fuzz-_FORTIFY_SOURCE.patch- bsc#1098403 - fix regression introduced by changes for bsc#1079730 a PV domU without qcow2 and/or vfb has no qemu attached. Ignore QMP errors for PV domUs to handle PV domUs with and without an attached qemu-xen. xen.bug1079730.patch- bsc#1097521 - VUL-0: CVE-2018-12891: xen: preemption checks bypassed in x86 PV MM handling (XSA-264) xsa264.patch - bsc#1097522 - VUL-0: CVE-2018-12893: xen: x86: #DB exception safety check can be triggered by a guest (XSA-265) xsa265.patch - bsc#1097523 - VUL-0: CVE-2018-12892: xen: libxl fails to honour readonly flag on HVM emulated SCSI disks (XSA-266) xsa266-1-libxl-qemu_disk_scsi_drive_string-Break-out-common-p.patch xsa266-2-libxl-restore-passing-readonly-to-qemu-for-SCSI-disk.patch- bsc#1095242 - VUL-0: CVE-2018-3665: xen: Lazy FP Save/Restore (XSA-267) xsa267-1.patch xsa267-2.patch- bsc#1092543 - GCC 8: xen build fails gcc8-fix-warning-on-i586.patch- bsc#1092631 - VUL-0: CVE-2018-3639: xen: V4 – Speculative Store Bypass aka "Memory Disambiguation" (XSA-263) 5ad4923e-x86-correct-S3-resume-ordering.patch 5ad49293-x86-suppress-BTI-mitigations-around-S3.patch 5afc13ae-1-x86-read-MSR_ARCH_CAPABILITIES-once.patch 5afc13ae-2-x86-express-Xen-SPEC_CTRL-choice-as-variable.patch 5afc13ae-3-x86-merge-bti_ist_info-use_shadow_spec_ctrl.patch 5afc13ae-4-x86-fold-XEN_IBRS-ALTERNATIVES.patch 5afc13ae-5-x86-rename-bits-of-spec_ctrl-infrastructure.patch 5afc13ae-6-x86-elide-MSR_SPEC_CTRL-handling-in-idle.patch 5afc13ae-7-x86-split-X86_FEATURE_SC_MSR.patch 5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch 5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch 5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch Spectre-v4-1.patch Spectre-v4-2.patch Spectre-v4-3.patch- Always call qemus xen-save-devices-state in suspend/resume to fix migration with qcow2 images (bsc#1079730) libxl.Add-a-version-check-of-QEMU-for-QMP-commands.patch libxl.qmp-Tell-QEMU-about-live-migration-or-snapshot.patch xen.bug1079730.patch- bsc#1087289 - L3: Xen BUG at sched_credit.c:1663 5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch 5aeaeaf0-sched-fix-races-in-vcpu-migration.patch - Upstream patches from Jan (bsc#1027519) 5ad600d4-x86-pv-introduce-x86emul_read_dr.patch 5ad600d4-x86-pv-introduce-x86emul_write_dr.patch 5ad8c3a7-x86-spec_ctrl-update-retpoline-decision-making.patch 5adda097-x86-HPET-fix-race-triggering-ASSERT.patch 5adda0d5-x86-HVM-never-retain-emulated-insn-cache.patch 5ae06fad-SVM-fix-intercepts-for-SYS-CALL-ENTER-MSRs.patch 5ae31917-x86-cpuidle-init-stats-lock-once.patch 5aeb2c57-x86-retval-checks-of-set-guest-trapbounce.patch 5af1daa9-1-x86-traps-fix-dr6-handing-in-DB-handler.patch (Replaces xsa260-1.patch) 5af1daa9-2-x86-pv-move-exception-injection-into-test_all_events.patch (Replaces xsa260-2.patch) 5af1daa9-3-x86-traps-use-IST-for-DB.patch (Replaces xsa260-3.patch) 5af1daa9-4-x86-traps-fix-handling-of-DB-in-hypervisor-context.patch (Replaces xsa260-4.patch) 5af1daa9-x86-HVM-guard-against-bogus-emulator-ioreq-state.patch (Replaces xsa262.patch) 5af1daa9-x86-vpt-support-IO-APIC-routed-intr.patch (Replaces xsa261.patch) 5af97999-viridian-cpuid-leaf-40000003.patch- Fixes related to Page Table Isolation (XPTI). bsc#1074562 XSA-254 5a6703cb-x86-move-invocations-of-hvm_flush_guest_tlbs.patch 5a9985bd-x86-invpcid-support.patch 5adde9ed-xpti-fix-double-fault-handling.patch 5aec7393-1-x86-xpti-avoid-copy.patch 5aec7393-2-x86-xpti-write-cr3.patch 5aec744a-3-x86-xpti-per-domain-flag.patch 5aec744a-4-x86-xpti-use-invpcid.patch 5aec744a-5-x86-xpti-no-global-pages.patch 5aec744a-6-x86-xpti-cr3-valid-flag.patch 5aec744a-7-x86-xpti-pv_guest_cr4_to_real_cr4.patch 5aec744b-8-x86-xpti-cr3-helpers.patch 5aec74a8-9-x86-xpti-use-pcid.patch- bsc#1092543 - GCC 8: xen build fails 5ac72a48-gcc8.patch 5ac72a5f-gcc8.patch 5ac72a64-gcc8.patch 5ac72a69-gcc8.patch 5ac72a6e-gcc8.patch 5ac72a74-gcc8.patch 5ac72a7b-gcc8.patch gcc8-inlining-failed.patch- Update to Xen 4.10.1 bug fix release (bsc#1027519) xen-4.10.1-testing-src.tar.bz2 disable-building-pv-shim.patch - Drop the following patches contained in the new tarball 5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch 5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch 5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch 5a313972-x86-microcode-add-support-for-AMD-Fam17.patch 5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch 5a4caa5e-x86-IRQ-conditionally-preserve-access-perm.patch 5a4caa8c-x86-E820-don-t-overrun-array.patch 5a4e2bca-x86-free-msr_vcpu_policy-during-destruction.patch 5a4e2c2c-x86-upcall-inject-spurious-event-after-setting-vector.patch 5a4fd893-1-x86-break-out-alternative-asm-into-separate-header.patch 5a4fd893-2-x86-introduce-ALTERNATIVE_2-macros.patch 5a4fd893-3-x86-hvm-rename-update_guest_vendor-to-cpuid_policy_changed.patch 5a4fd893-4-x86-introduce-cpuid_policy_updated.patch 5a4fd893-5-x86-entry-remove-partial-cpu_user_regs.patch 5a4fd894-1-x86-rearrange-RESTORE_ALL-to-restore-in-stack-order.patch 5a4fd894-2-x86-hvm-use-SAVE_ALL-after-VMExit.patch 5a4fd894-3-x86-erase-guest-GPRs-on-entry-to-Xen.patch 5a4fd894-4-clarifications-to-wait-infrastructure.patch 5a534c78-x86-dont-use-incorrect-CPUID-values-for-topology.patch 5a5cb24c-x86-mm-always-set-_PAGE_ACCESSED-on-L4-updates.patch 5a5e2cff-x86-Meltdown-band-aid.patch 5a5e2d73-x86-Meltdown-band-aid-conditional.patch 5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch 5a5e3a4e-2-x86-support-indirect-thunks-from-asm.patch 5a5e3a4e-3-x86-report-speculative-mitigation-details.patch 5a5e3a4e-4-x86-AMD-set-lfence-as-Dispatch-Serialising.patch 5a5e3a4e-5-x86-introduce-alternative-indirect-thunks.patch 5a5e3a4e-6-x86-definitions-for-Indirect-Branch-Controls.patch 5a5e3a4e-7-x86-cmdline-opt-to-disable-IBRS-IBPB-STIBP.patch 5a5e459c-1-x86-SVM-offer-CPUID-faulting-to-AMD-HVM-guests.patch 5a5e459c-2-x86-report-domain-id-on-CPUID.patch 5a68bc16-x86-acpi-process-softirqs-logging-Cx.patch 5a69c0b9-x86-fix-GET_STACK_END.patch 5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch 5a6b36cd-2-x86-msr-emulation-of-SPEC_CTRL-PRED_CMD.patch 5a6b36cd-3-x86-migrate-MSR_SPEC_CTRL.patch 5a6b36cd-4-x86-hvm-permit-direct-access-to-SPEC_CTRL-PRED_CMD.patch 5a6b36cd-5-x86-use-SPEC_CTRL-on-entry.patch 5a6b36cd-6-x86-clobber-RSB-RAS-on-entry.patch 5a6b36cd-7-x86-no-alternatives-in-NMI-MC-paths.patch 5a6b36cd-8-x86-boot-calculate-best-BTI-mitigation.patch 5a6b36cd-9-x86-issue-speculation-barrier.patch 5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch 5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch 5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch 5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch 5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch 5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch 5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch 5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch 5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch 5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch 5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch 5a955800-gnttab-dont-free-status-pages-on-ver-change.patch 5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch 5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch 5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch 5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch 5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch 5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch 5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch xsa258.patch xsa259.patch- bsc#1090820 - VUL-0: CVE-2018-8897: xen: x86: mishandling of debug exceptions (XSA-260) xsa260-1.patch xsa260-2.patch xsa260-3.patch xsa260-4.patch - bsc#1090822 - VUL-0: CVE-2018-10982: xen: x86 vHPET interrupt injection errors (XSA-261) xsa261.patch - bsc#1090823 - VUL-0: CVE-2018-10981: xen: qemu may drive Xen into unbounded loop (XSA-262) xsa262.patch- bsc#1089152 - VUL-0: CVE-2018-10472: xen: Information leak via crafted user-supplied CDROM (XSA-258) xsa258.patch - bsc#1089635 - VUL-0: CVE-2018-10471: xen: x86: PV guest may crash Xen with XPTI (XSA-259) xsa259.patch- Preserve xen-syms from xen-dbg.gz to allow processing vmcores with crash(1) (bsc#1087251)- Upstream patches from Jan (bsc#1027519) and fixes related to Page Table Isolation (XPTI). See also bsc#1074562 XSA-254 5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch 5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch 5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch 5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch 5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch 5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch- bsc#1072834 - Xen HVM: unchecked MSR access error: RDMSR from 0xc90 at rIP: 0xffffffff93061456 (native_read_msr+0x6/0x30) 5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch - Upstream patches from Jan (bsc#1027519) 5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch 5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch 5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch 5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch 5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch 5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch 5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch 5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch (Replaces xsa252.patch) 5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch (Replaces xsa255-1.patch) 5a955800-gnttab-dont-free-status-pages-on-ver-change.patch (Replaces xsa255-2.patch) 5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch (Replaces xsa256.patch) - Drop xsa252.patch xsa255-1.patch xsa255-2.patch xsa256.patch- bsc#1080635 - VUL-0: CVE-2018-7540: xen: DoS via non-preemptable L3/L4 pagetable freeing (XSA-252) xsa252.patch - bsc#1080662 - VUL-0: CVE-2018-7541: xen: grant table v2 -> v1 transition may crash Xen (XSA-255) xsa255-1.patch xsa255-2.patch - bsc#1080634 - VUL-0: CVE-2018-7542: xen: x86 PVH guest without LAPIC may DoS the host (XSA-256) xsa256.patch- Remove stale systemd presets code for 13.2 and older- fate#324965 - add script, udev rule and systemd service to watch for vcpu online/offline events in a HVM domU They are triggered via xl vcpu-set domU N- Replace hardcoded xen with Name tag when refering to subpkgs- Make sure tools and tools-domU require libs from the very same build- tools-domU: Add support for qemu guest agent. New files 80-xen-channel-setup.rules and xen-channel-setup.sh configure a xen-pv-channel for use by the guest agent FATE#324963- Remove outdated /etc/xen/README*- bsc#1073961 - VUL-0: CVE-2018-5244: xen: x86: memory leak with MSR emulation (XSA-253) 5a4e2bca-x86-free-msr_vcpu_policy-during-destruction.patch - bsc#1074562 - VUL-0: CVE-2017-5753,CVE-2017-5715,CVE-2017-5754 xen: Information leak via side effects of speculative execution (XSA-254). Includes Spectre v2 mitigation. 5a4caa5e-x86-IRQ-conditionally-preserve-access-perm.patch 5a4caa8c-x86-E820-don-t-overrun-array.patch 5a4e2c2c-x86-upcall-inject-spurious-event-after-setting-vector.patch 5a4fd893-1-x86-break-out-alternative-asm-into-separate-header.patch 5a4fd893-2-x86-introduce-ALTERNATIVE_2-macros.patch 5a4fd893-3-x86-hvm-rename-update_guest_vendor-to-cpuid_policy_changed.patch 5a4fd893-4-x86-introduce-cpuid_policy_updated.patch 5a4fd893-5-x86-entry-remove-partial-cpu_user_regs.patch 5a4fd894-1-x86-rearrange-RESTORE_ALL-to-restore-in-stack-order.patch 5a4fd894-2-x86-hvm-use-SAVE_ALL-after-VMExit.patch 5a4fd894-3-x86-erase-guest-GPRs-on-entry-to-Xen.patch 5a4fd894-4-clarifications-to-wait-infrastructure.patch 5a534c78-x86-dont-use-incorrect-CPUID-values-for-topology.patch 5a5cb24c-x86-mm-always-set-_PAGE_ACCESSED-on-L4-updates.patch 5a5e2cff-x86-Meltdown-band-aid.patch 5a5e2d73-x86-Meltdown-band-aid-conditional.patch 5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch 5a5e3a4e-2-x86-support-indirect-thunks-from-asm.patch 5a5e3a4e-3-x86-report-speculative-mitigation-details.patch 5a5e3a4e-4-x86-AMD-set-lfence-as-Dispatch-Serialising.patch 5a5e3a4e-5-x86-introduce-alternative-indirect-thunks.patch 5a5e3a4e-6-x86-definitions-for-Indirect-Branch-Controls.patch 5a5e3a4e-7-x86-cmdline-opt-to-disable-IBRS-IBPB-STIBP.patch 5a5e459c-1-x86-SVM-offer-CPUID-faulting-to-AMD-HVM-guests.patch 5a5e459c-2-x86-report-domain-id-on-CPUID.patch 5a68bc16-x86-acpi-process-softirqs-logging-Cx.patch 5a69c0b9-x86-fix-GET_STACK_END.patch 5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch 5a6b36cd-2-x86-msr-emulation-of-SPEC_CTRL-PRED_CMD.patch 5a6b36cd-3-x86-migrate-MSR_SPEC_CTRL.patch 5a6b36cd-4-x86-hvm-permit-direct-access-to-SPEC_CTRL-PRED_CMD.patch 5a6b36cd-5-x86-use-SPEC_CTRL-on-entry.patch 5a6b36cd-6-x86-clobber-RSB-RAS-on-entry.patch 5a6b36cd-7-x86-no-alternatives-in-NMI-MC-paths.patch 5a6b36cd-8-x86-boot-calculate-best-BTI-mitigation.patch 5a6b36cd-9-x86-issue-speculation-barrier.patch 5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch 5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch- Fix python3 deprecated atoi call (bsc#1067224) pygrub-python3-conversion.patch - Drop xenmon-python3-conversion.patch- bsc#1067317 - pass cache=writeback|unsafe|directsync to qemu, depending on the libxl disk settings libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch- Remove libxl.LIBXL_DESTROY_TIMEOUT.debug.patch- bsc#1067224 - xen-tools have hard dependency on Python 2 build-python3-conversion.patch bin-python3-conversion.patch- bsc#1070165 - xen crashes after aborted localhost migration 5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch - bsc#1035442 - L3: libxl: error: libxl.c:1676:devices_destroy_cb: libxl__devices_destroy failed 5a33a12f-domctl-improve-locking-during-domain-destruction.patch - Upstream patches from Jan (bsc#1027519) 5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch 5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch 5a313972-x86-microcode-add-support-for-AMD-Fam17.patch 5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch- Update to Xen 4.10.0 FCS (fate#321394, fate#322686) xen-4.10.0-testing-src.tar.bz2- Rebuild initrd if xen-tools-domU is updated- Update to Xen 4.10.0-rc8 (fate#321394, fate#322686) xen-4.10.0-testing-src.tar.bz2- Increase the value of LIBXL_DESTROY_TIMEOUT from 10 to 100 seconds If many domUs shutdown in parallel the backends can not keep up Add some debug output to track how long backend shutdown takes (bsc#1035442) libxl.LIBXL_DESTROY_TIMEOUT.patch libxl.LIBXL_DESTROY_TIMEOUT.debug.patch- Adjust xenstore-run-in-studomain.patch to change the defaults in the code instead of changing the sysconfig template, to also cover the upgrade case- Update to Xen 4.10.0-rc6 (fate#321394, fate#322686) xen-4.10.0-testing-src.tar.bz2- Since xen switched to Kconfig, building a debug hypervisor was done by default. Adjust make logic to build a non-debug hypervisor by default, and continue to provide one as xen-dbg.gz- fate#316614: set migration constraints from cmdline fix libxl.set-migration-constraints-from-cmdline.patch for xen-4.10- Document the suse-diskcache-disable-flush option in xl-disk-configuration(5) (bsc#879425,bsc#1067317)- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- Update to Xen 4.10.0-rc5 (fate#321394, fate#322686) xen-4.10.0-testing-src.tar.bz2 - fate#323663 - Run Xenstore in stubdomain xenstore-run-in-studomain.patch- bsc#1067224 - xen-tools have hard dependency on Python 2 pygrub-python3-conversion.patch xenmon-python3-conversion.patch migration-python3-conversion.patch xnloader.py xen2libvirt.py- Remove xendriverdomain.service (bsc#1065185) Driver domains must be configured manually with custom .service file- Update to Xen 4.10.0-rc3 (fate#321394, fate#322686) xen-4.10.0-testing-src.tar.bz2 - Drop 59f31268-libxc-remove-stale-error-check-for-domain-size.patch- Adjust xen-dom0-modules.service to ignore errors (bsc#1065187)- fate#324052 Support migration of Xen HVM domains larger than 1TB 59f31268-libxc-remove-stale-error-check-for-domain-size.patch- Update to Xen 4.10.0-rc2 (fate#321394, fate#322686) xen-4.10.0-testing-src.tar.bz2- Update to Xen 4.10.0-rc1 (fate#321394, fate#322686) xen-4.10.0-testing-src.tar.bz2 - Drop patches included in new tarball 592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch 596f257e-x86-fix-hvmemul_insn_fetch.patch 5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch 598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch 598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch 5992f1e5-x86-grant-disallow-misaligned-PTEs.patch 5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch 5992f233-gnttab-correct-pin-status-fixup-for-copy.patch 59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch 59958ebf-gnttab-fix-transitive-grant-handling.patch 59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch 599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch 59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch 59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch 59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch 59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch 59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch 59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch 59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch 59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch 59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch 59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch 59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch 59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch gcc7-arm.patch gcc7-mini-os.patch- bsc#1061084 - VUL-0: xen: page type reference leak on x86 (XSA-242) xsa242.patch - bsc#1061086 - VUL-0: xen: x86: Incorrect handling of self-linear shadow mappings with translated guests (XSA-243) xsa243.patch - bsc#1061087 - VUL-0: xen: x86: Incorrect handling of IST settings during CPU hotplug (XSA-244) xsa244.patch- bsc#1061077 - VUL-0: xen: DMOP map/unmap missing argument checks (XSA-238) xsa238.patch - bsc#1061080 - VUL-0: xen: hypervisor stack leak in x86 I/O intercept code (XSA-239) xsa239.patch - bsc#1061081 - VUL-0: xen: Unlimited recursion in linear pagetable de-typing (XSA-240) xsa240-1.patch xsa240-2.patch - bsc#1061082 - VUL-0: xen: Stale TLB entry due to page type release race (XSA-241) xsa241.patch- bsc#1061075 - VUL-0: xen: pin count / page reference race in grant table code (XSA-236) xsa236.patch - bsc#1061076 - VUL-0: xen: multiple MSI mapping issues on x86 (XSA-237) xsa237-1.patch xsa237-2.patch xsa237-3.patch xsa237-4.patch xsa237-5.patch- bsc#1056278 - VUL-0: xen: Missing NUMA node parameter verification (XSA-231) 59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch - bsc#1056280 - VUL-0: xen: Missing check for grant table (XSA-232) 59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch - bsc#1056281 - VUL-0: xen: cxenstored: Race in domain cleanup (XSA-233) 59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch - bsc#1056282 - VUL-0: xen: insufficient grant unmapping checks for x86 PV guests (XSA-234) 59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch - bsc#1055321 - VUL-0: xen: add-to-physmap error paths fail to release lock on ARM (XSA-235) 599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch - Upstream patches from Jan (bsc#1027519) 59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch 59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch 59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch 59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch 59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch 59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch 59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch 59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch - Dropped gcc7-xen.patch- bsc#1057358 - Cannot Boot into SLES12.3 with Xen hypervisor when Secure Boot is Enabled xen.spec- bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored update from v6 to v9 to cover more cases for ballooned domUs libxc.sr.superpage.patch- bsc#1026236 - remove suse_vtsc_tolerance= cmdline option for Xen drop the patch because it is not upstream acceptable remove xen.suse_vtsc_tolerance.patch- bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored after the save using xl stack libxc.sr.superpage.patch- Unignore gcc-PIE the toolstack disables PIE for firmware builds as needed- Upstream patches from Jan (bsc#1027519) 592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch 596f257e-x86-fix-hvmemul_insn_fetch.patch 5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch 598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch 598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch 5992f1e5-x86-grant-disallow-misaligned-PTEs.patch (Replaces xsa227.patch) 5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch (Replaces xsa228.patch) 5992f233-gnttab-correct-pin-status-fixup-for-copy.patch (Replaces xsa230.patch) 59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch (Replaces xsa226-1.patch) 59958ebf-gnttab-fix-transitive-grant-handling.patch (Replaces xsa226-2.patch) 59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch- bsc#1044974 - xen-tools require python-pam xen.spec- Clean up spec file errors and a few warnings. (bsc#1027519) - Removed conditional 'with_systemd' and some old deprecated 'sles_version' checks. xen.spec- Remove use of brctl utiltiy from supportconfig plugin FATE#323639- Use upstream variant of mini-os __udivmoddi4 change gcc7-mini-os.patch- fate#323639 Move bridge-utils to legacy replace-obsolete-network-configuration-commands-in-s.patch- bsc#1052686 - VUL-0: xen: grant_table: possibly premature clearing of GTF_writing / GTF_reading (XSA-230) xsa230.patch- bsc#1035231 - migration of HVM domU does not use superpages on destination dom0 libxc.sr.superpage.patch- bsc#1051787 - VUL-0: CVE-2017-12135: xen: possibly unbounded recursion in grant table code (XSA-226) xsa226-1.patch xsa226-2.patch - bsc#1051788 - VUL-0: CVE-2017-12137: xen: x86: PV privilege escalation via map_grant_ref (XSA-227) xsa227.patch - bsc#1051789 - VUL-0: CVE-2017-12136: xen: grant_table: Race conditions with maptrack free list handling (XSA-228) xsa228.patch- Add a supportconfig plugin xen-supportconfig FATE#323661- bsc#1026236 - add suse_vtsc_tolerance= cmdline option for Xen To avoid emulation of TSC access from a domU after live migration add a global tolerance for the measured host kHz xen.suse_vtsc_tolerance.patch- fate#323662 Drop qemu-dm from xen-tools package The following tarball and patches have been removed qemu-xen-traditional-dir-remote.tar.bz2 VNC-Support-for-ExtendedKeyEvent-client-message.patch 0001-net-move-the-tap-buffer-into-TAPState.patch 0002-net-increase-tap-buffer-size.patch 0003-e1000-fix-access-4-bytes-beyond-buffer-end.patch 0004-e1000-secrc-support.patch 0005-e1000-multi-buffer-packet-support.patch 0006-e1000-clear-EOP-for-multi-buffer-descriptors.patch 0007-e1000-verify-we-have-buffers-upfront.patch 0008-e1000-check-buffer-availability.patch CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch CVE-2015-4037-qemut-smb-config-dir-name.patch CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch blktap.patch cdrom-removable.patch xen-qemu-iscsi-fix.patch qemu-security-etch1.patch xen-disable-qemu-monitor.patch xen-hvm-default-bridge.patch qemu-ifup-set-mtu.patch ioemu-vnc-resize.patch capslock_enable.patch altgr_2.patch log-guest-console.patch bdrv_open2_fix_flags.patch bdrv_open2_flags_2.patch ioemu-7615-qcow2-fix-alloc_cluster_link_l2.patch qemu-dm-segfault.patch bdrv_default_rwflag.patch kernel-boot-hvm.patch ioemu-watchdog-support.patch ioemu-watchdog-linkage.patch ioemu-watchdog-ib700-timer.patch ioemu-hvm-pv-support.patch pvdrv_emulation_control.patch ioemu-disable-scsi.patch ioemu-disable-emulated-ide-if-pv.patch xenpaging.qemu.flush-cache.patch ioemu-devicemodel-include.patch - Cleanup spec file and remove unused KMP patches kmp_filelist supported_module.patch xen_pvonhvm.xen_emul_unplug.patch- bsc#1002573 - Optimize LVM functions in block-dmmd block-dmmd- Record initial Xen dmesg in /var/log/xen/xen-boot.log for supportconfig. Keep previous log in /var/log/xen/xen-boot.prev.log- Remove storytelling from description in xen.rpm- Update to Xen 4.9.0 FCS (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2- Update block-dmmd script (bsc#1002573) block-dmmd- Update to Xen 4.9.0-rc8+ (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2 gcc7-arm.patch - Drop gcc7-error-xenpmd.patch- Update to Xen 4.9.0-rc8 (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2- bsc#1042160 - VUL-1: CVE-2017-9330: xen: usb: ohci: infinite loop due to incorrect return value CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch- bsc#1037243 - VUL-1: CVE-2017-8309: xen: audio: host memory leakage via capture buffer CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch- Update to Xen 4.9.0-rc7 (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2- Update to Xen 4.9.0-rc6 (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2- bsc#1031343 - xen fails to build with GCC 7 gcc7-mini-os.patch gcc7-xen.patch- bsc#1031343 - xen fails to build with GCC 7 gcc7-error-xenpmd.patch- Update to Xen 4.9.0-rc5 (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2 - Drop xen-tools-pkgconfig-xenlight.patch- bsc#1037779 - xen breaks kexec-tools build xen-tools-pkgconfig-xenlight.patch- Update to Xen 4.9.0-rc4 (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2- bsc#1036146 - sles12sp2 xen VM dumps core to wrong path xen.spec- Update to Xen 4.9.0-rc3 (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2 aarch64-maybe-uninitialized.patch- Update to Xen 4.9.0-rc2 (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2- Update to Xen 4.9.0-rc1 (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2 ioemu-devicemodel-include.patch - Dropped patches contained in new tarball xen-4.8.0-testing-src.tar.bz2 0001-xenstore-let-write_node-and-some-callers-return-errn.patch 0002-xenstore-undo-function-rename.patch 0003-xenstore-rework-of-transaction-handling.patch 584806ce-x86emul-correct-PUSHF-POPF.patch 584fc649-fix-determining-when-domain-creation-is-complete.patch 58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch 58510cac-x86emul-MOVNTI-no-REP-prefixes.patch 58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch 5853ed37-VT-d-correct-dma_msi_set_affinity.patch 5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch 58580060-x86-emul-correct-SYSCALL-eflags-handling.patch 585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch 585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch 585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch 586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch 587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch 587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch 5882129d-x86emul-LOCK-check-adjustments.patch 58821300-x86-segment-attribute-handling.patch 58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch 58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch 5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch 5887888f-credit2-never-consider-CPUs-outside-of-pool.patch 5887888f-credit2-use-the-correct-scratch-cpumask.patch 5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch 5899cbd9-EPT-allow-wrcomb-MMIO-mappings-again.patch 589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch 58a44771-IOMMU-always-call-teardown-callback.patch 58a48ccc-x86-fix-p2m_flush_table-for-non-nested.patch 58a59f4b-libxl-correct-xenstore-entry-for-empty-cdrom.patch 58a70d94-VMX-fix-VMCS-race-on-cswitch-paths.patch 58ac1f3f-VMX-dont-leak-host-syscall-MSRs.patch 58b5a2de-x86-correct-Xens-idea-of-its-memory-layout.patch 58b6fd42-credit2-always-mark-a-tickled-pCPU-as-tickled.patch 58b6fd42-credit2-dont-miss-accounting-during-credit-reset.patch 58cbf682-x86-EFI-avoid-overrunning-mb_modules.patch 58cf9200-x86-EFI-avoid-IOMMU-faults-on-tail-gap.patch 58cf9260-x86-EFI-avoid-Xen-when-looking-for-mod-kexec-pos.patch 58cf9277-x86-time-dont-use-vTSC-if-host-guest-freqs-match.patch 58d25ea2-xenstore-add-missing-checks-for-allocation-failure.patch 58d91365-sched-dont-call-wrong-hook-via-VCPU2OP.patch CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch glibc-2.25-compatibility-fix.patch xs-09-add_change_node-params.patch xs-10-call-add_change_node.patch xs-11-tdb-record-header.patch xs-12-node-gen-count.patch xs-13-read-directory-part-support.patch xs-14-command-array.patch xs-15-command-return-val.patch xs-16-function-static.patch xs-17-arg-parsing.patch xs-18-default-buffer.patch xs-19-handle-alloc-failures.patch xs-20-tdb-version.patch xs-21-empty-tdb-database.patch xs-22-reopen_log-fix.patch xs-23-XS_DEBUG-rename.patch xs-24-xenstored_control.patch xs-25-control-enhance.patch xs-26-log-control.patch xs-27-memory-report.patch xs-28-remove-talloc-report.patch xs-29-define-off_t.patch xsa206-0001-xenstored-apply-a-write-transaction-rate-limit.patch xsa206-0002-xenstored-Log-when-the-write-transaction-rate-limit.patch- bsc#1022703 - Xen HVM guest with OVMF hangs with unattached CDRom 58a59f4b-libxl-correct-xenstore-entry-for-empty-cdrom.patch- bsc#1015348 - L3: libvirtd does not start during boot suse-xendomains-service.patch- bsc#1014136 - Partner-L3: kdump can't dump a kernel on SLES12-SP2 with Xen hypervisor. 58cf9260-x86-EFI-avoid-Xen-when-looking-for-mod-kexec-pos.patch - bsc#1026236 - L3: Paravirtualized vs. fully virtualized migration - latter one much faster 58cf9277-x86-time-dont-use-vTSC-if-host-guest-freqs-match.patch - Upstream patch from Jan 58cbf682-x86-EFI-avoid-overrunning-mb_modules.patch 58cf9200-x86-EFI-avoid-IOMMU-faults-on-tail-gap.patch 58d91365-sched-dont-call-wrong-hook-via-VCPU2OP.patch- bsc#1022555 - L3: Timeout in "execution of /etc/xen/scripts/block add" 58d25ea2-xenstore-add-missing-checks-for-allocation-failure.patch 0001-xenstore-let-write_node-and-some-callers-return-errn.patch 0002-xenstore-undo-function-rename.patch 0003-xenstore-rework-of-transaction-handling.patch - bsc#1030144 - VUL-0: xen: xenstore denial of service via repeated update (XSA-206) xsa206-0001-xenstored-apply-a-write-transaction-rate-limit.patch xsa206-0002-xenstored-Log-when-the-write-transaction-rate-limit.patch - bsc#1029827 - Forward port xenstored xs-09-add_change_node-params.patch xs-10-call-add_change_node.patch xs-11-tdb-record-header.patch xs-12-node-gen-count.patch xs-13-read-directory-part-support.patch xs-14-command-array.patch xs-15-command-return-val.patch xs-16-function-static.patch xs-17-arg-parsing.patch xs-18-default-buffer.patch xs-19-handle-alloc-failures.patch xs-20-tdb-version.patch xs-21-empty-tdb-database.patch xs-22-reopen_log-fix.patch xs-23-XS_DEBUG-rename.patch xs-24-xenstored_control.patch xs-25-control-enhance.patch xs-26-log-control.patch xs-27-memory-report.patch xs-28-remove-talloc-report.patch xs-29-define-off_t.patch- bsc#1029128 - fix make xen to really produce xen.efi with gcc48- bsc#1028235 - VUL-0: CVE-2017-6505: xen: qemu: usb: an infinite loop issue in ohci_service_ed_list CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch - Upstream patches from Jan (bsc#1027519) 5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch 5887888f-credit2-use-the-correct-scratch-cpumask.patch 5899cbd9-EPT-allow-wrcomb-MMIO-mappings-again.patch 589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch 58a44771-IOMMU-always-call-teardown-callback.patch 58a48ccc-x86-fix-p2m_flush_table-for-non-nested.patch 58a70d94-VMX-fix-VMCS-race-on-cswitch-paths.patch 58ac1f3f-VMX-dont-leak-host-syscall-MSRs.patch 58b5a2de-x86-correct-Xens-idea-of-its-memory-layout.patch 58b6fd42-credit2-always-mark-a-tickled-pCPU-as-tickled.patch 58b6fd42-credit2-dont-miss-accounting-during-credit-reset.patch- bsc#1027654 - XEN fails to build against glibc 2.25 glibc-2.25-compatibility-fix.patch libxl.pvscsi.patch- fate#316613: Refresh and enable libxl.pvscsi.patch- bsc#1024834 - VUL-0: CVE-2017-2620: xen: cirrus_bitblt_cputovideo does not check if memory region is safe (XSA-209) CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch- bsc#1023948 - [pvusb][sles12sp3][openqa] Segmentation fault happened when adding usbctrl devices via xl 589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch- Upstream patches from Jan (bsc#1027519) 587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch 587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch 5882129d-x86emul-LOCK-check-adjustments.patch 58821300-x86-segment-attribute-handling.patch 58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch 58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch 5887888f-credit2-use-the-correct-scratch-cpumask.patch 5887888f-credit2-never-consider-CPUs-outside-of-pool.patch 5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch 5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch- bsc#1023004 - VUL-0: CVE-2017-2615: qemu: display: cirrus: oob access while doing bitblt copy backward mode CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch- fate#322313 and fate#322150 require the acpica package ported to aarch64 which Xen 4.8 needs to build. Temporarily disable aarch64 until these fates are complete. xen.spec- bsc#1021952 - Virutalization/xen: Bug xen-tools missing /usr/bin/domu-xenstore; guests fail to launch tmp_build.patch xen.spec- No systemd presets for 42.3+ and SLE12SP3+ (bsc#1012842)- bsc#1007224 - broken symlinks in /usr/share/doc/packages/xen/misc/ xen.spec- 585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch Replaces xsa202.patch (bsc#1014298) - 585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch Replaces xsa203.patch (bsc#1014300) - 58580060-x86-emul-correct-SYSCALL-eflags-handling.patch Replaces xsa204.patch (bsc#1016340) - Upstream patches from Jan 58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch 5853ed37-VT-d-correct-dma_msi_set_affinity.patch 5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch 585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch 586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch- bsc#1015169 - VUL-0: CVE-2016-9921, CVE-2016-9922: xen: qemu: display: cirrus_vga: a divide by zero in cirrus_do_copy CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch- bsc#1016340 - VUL-0: CVE-2016-10013: xen: x86: Mishandling of SYSCALL singlestep during emulation (XSA-204) xsa204.patch- bsc#1012651 - VUL-0: CVE-2016-9932: xen: x86 CMPXCHG8B emulation fails to ignore operand size override (XSA-200) 58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch- bsc#1014298 - VUL-0: CVE-2016-10024: xen: x86 PV guests may be able to mask interrupts (XSA-202) xsa202.patch - bsc#1014300 - VUL-0: CVE-2016-10025: xen: x86: missing NULL pointer check in VMFUNC emulation (XSA-203) xsa203.patch - Upstream patches from Jan 584806ce-x86emul-correct-PUSHF-POPF.patch 584fc649-fix-determining-when-domain-creation-is-complete.patch 58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch 58510cac-x86emul-MOVNTI-no-REP-prefixes.patch- Update to Xen 4.8 FCS xen-4.8.0-testing-src.tar.bz2 - Dropped xen-4.7.1-testing-src.tar.bz2 0001-libxc-Rework-extra-module-initialisation.patch 0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch 0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch 0004-firmware-makefile-install-BIOS-blob.patch 0005-libxl-Load-guest-BIOS-from-file.patch 0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch 0007-hvmloader-Grab-the-hvm_start_info-pointer.patch 0008-hvmloader-Locate-the-BIOS-blob.patch 0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch 0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch 0011-hvmloader-Load-OVMF-from-modules.patch 0012-hvmloader-Specific-bios_load-function-required.patch 0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch 0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch 57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch 576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch 5769106e-x86-generate-assembler-equates-for-synthesized.patch 57a1e603-x86-time-adjust-local-system-time-initialization.patch 57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch 57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch 57a30261-x86-support-newer-Intel-CPU-models.patch 5810a9cc-x86-emul-Correct-decoding-of-SReg3-operands.patch 581b2c3b-x86-emul-reject-LGDT-LIDT-with-non-canonical-addresses.patch 581b647a-x86emul-L-S-G-I-DT-ignore-opsz-overrides-in-64-bit-mode.patch 58249392-x86-svm-dont-clobber-eax-edx-if-RDMSR-intercept-fails.patch 582c35d6-x86-vmx-correct-long-mode-check-in-vmx_cpuid_intercept.patch 582c35ee-x86-traps-dont-call-hvm_hypervisor_cpuid_leaf-for-PV.patch 58343dc2-x86-hvm-Fix-the-handling-of-non-present-segments.patch 58343df8-x86-HVM-dont-load-LDTR-with-VM86-mode-attrs-during-task-switch.patch 58343e24-x86-PV-writes-of-fs-and-gs-base-MSRs-require-canonical-addresses.patch 58343e9e-libelf-fix-stack-memory-leak-when-loading-32-bit-symbol-tables.patch 58343ec2-x86emul-fix-huge-bit-offset-handling.patch 58343f29-x86-emul-correct-the-IDT-entry-calculation-in-inject_swint.patch 58343f44-x86-svm-fix-injection-of-software-interrupts.patch 58343f79-pygrub-Properly-quote-results-when-returning-them-to-the-caller.patch CVE-2016-9381-xsa197-qemut.patch CVE-2016-9637-xsa199-qemut.patch- bsc#1011652 - VUL-0: xen: qemu ioport array overflow CVE-2016-9637-xsa199-qemut.patch- bsc#1009100 - VUL-0: CVE-2016-9386: XSA-191: xen: x86 null segments not always treated as unusable 58343dc2-x86-hvm-Fix-the-handling-of-non-present-segments.patch - bsc#1009103 - VUL-0: CVE-2016-9382: XSA-192: xen: x86 task switch to VM86 mode mis-handled 58343df8-x86-HVM-dont-load-LDTR-with-VM86-mode-attrs-during-task-switch.patch - bsc#1009104 - VUL-0: CVE-2016-9385: XSA-193: xen: x86 segment base write emulation lacking canonical address checks 58343e24-x86-PV-writes-of-fs-and-gs-base-MSRs-require-canonical-addresses.patch - bsc#1009105 - VUL-0: CVE-2016-9384: XSA-194: xen: guest 32-bit ELF symbol table load leaking host data 58343e9e-libelf-fix-stack-memory-leak-when-loading-32-bit-symbol-tables.patch - bsc#1009107 - VUL-0: CVE-2016-9383: XSA-195: xen: x86 64-bit bit test instruction emulation broken 58343ec2-x86emul-fix-huge-bit-offset-handling.patch - bsc#1009108 - VUL-0: CVE-2016-9377,CVE-2016-9378: XSA-196: xen: x86 software interrupt injection mis-handled 58343f29-x86-emul-correct-the-IDT-entry-calculation-in-inject_swint.patch 58343f44-x86-svm-fix-injection-of-software-interrupts.patch - bsc#1009109 - VUL-0: CVE-2016-9381: XSA-197: xen: qemu incautious about shared ring processing CVE-2016-9381-xsa197-qemut.patch - bsc#1009111 - VUL-0: CVE-2016-9379,CVE-2016-9380: XSA-198: xen: delimiter injection vulnerabilities in pygrub 58343f79-pygrub-Properly-quote-results-when-returning-them-to-the-caller.patch - Upstream patches from Jan 581b2c3b-x86-emul-reject-LGDT-LIDT-with-non-canonical-addresses.patch 581b647a-x86emul-L-S-G-I-DT-ignore-opsz-overrides-in-64-bit-mode.patch 58249392-x86-svm-dont-clobber-eax-edx-if-RDMSR-intercept-fails.patch 582c35d6-x86-vmx-correct-long-mode-check-in-vmx_cpuid_intercept.patch 582c35ee-x86-traps-dont-call-hvm_hypervisor_cpuid_leaf-for-PV.patch- Update to Xen Version 4.7.1 xen-4.7.1-testing-src.tar.bz2 - Dropped patches contained in new tarball xen-4.7.0-testing-src.tar.bz2 575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch 57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch 57973099-have-schedulers-revise-initial-placement.patch 579730e6-remove-buggy-initial-placement-algorithm.patch 57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch 57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch 57ac6316-don-t-restrict-DMA-heap-to-node-0.patch 57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch 57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch 57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch 57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch 57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch 57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch 57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch 57c82be2-x86-32on64-adjust-call-gate-emulation.patch 57c93e52-fix-error-in-libxl_device_usbdev_list.patch 57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch 57c96e2c-x86-correct-PT_NOTE-file-position.patch 57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch 57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch 57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch 57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch 57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch 57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch 57d7ca5f-x86-domctl-fix-TOCTOU-race-in-XEN_DOMCTL_getvcpuextstate.patch 57d7ca64-x86-domctl-fix-migration-of-guests-not-using-xsave.patch 57da8883-credit1-fix-mask-to-be-used-for-tickling.patch 57da8883-credit2-properly-schedule-migration-of-running-vcpu.patch 57dfb1c5-x86-Intel-hide-CPUID-faulting-capability-from-guests.patch 57e93e1d-x86emul-correct-loading-of-ss.patch 57e93e4a-x86emul-don-t-allow-null-selector-for-LTR.patch 57e93e89-x86-AMD-apply-erratum-665-workaround.patch 57ee6cbc-credit1-return-time-remaining-to-limit-as-next-timeslice.patch 57f3a8ee-x86emul-honor-guest-CR0-TS-and-CR0-EM.patch 57fb6a91-x86-defer-not-present-segment-checks.patch 5800c51d-x86-hvm-Clobber-cs-L-when-LME-becomes-set.patch 5800caec-x86emul-fix-pushing-of-selector-registers.patch 5800cb06-x86-Viridian-don-t-depend-on-undefined-register-state.patch 580e29f9-x86-MISALIGNSSE-feature-depends-on-SSE.patch 57dfb2ff-x86-Intel-Broadwell-no-PKG_C8-10_RESIDENCY-MSRs.patch- bsc#1004981 - Xen RPM doesn't contain debug hypervisor for EFI systems xen.spec- bsc#1000106 - VUL-0: CVE-2016-7777: xen: CR0.TS and CR0.EM not always honored for x86 HVM guests (XSA-190) 57f3a8ee-x86emul-honor-guest-CR0-TS-and-CR0-EM.patch - bsc#996191 - [XEN][acpi]residency -n 88 -c will cause xen panic on broadwell-ep 57dfb2ff-x86-Intel-Broadwell-no-PKG_C8-10_RESIDENCY-MSRs.patch - Upstream patches from Jan 57d7ca5f-x86-domctl-fix-TOCTOU-race-in-XEN_DOMCTL_getvcpuextstate.patch 57d7ca64-x86-domctl-fix-migration-of-guests-not-using-xsave.patch 57da8883-credit1-fix-mask-to-be-used-for-tickling.patch 57da8883-credit2-properly-schedule-migration-of-running-vcpu.patch 57dfb1c5-x86-Intel-hide-CPUID-faulting-capability-from-guests.patch 57e93e1d-x86emul-correct-loading-of-ss.patch 57e93e4a-x86emul-don-t-allow-null-selector-for-LTR.patch 57e93e89-x86-AMD-apply-erratum-665-workaround.patch 57ee6cbc-credit1-return-time-remaining-to-limit-as-next-timeslice.patch 57fb6a91-x86-defer-not-present-segment-checks.patch 5800c51d-x86-hvm-Clobber-cs-L-when-LME-becomes-set.patch 5800caec-x86emul-fix-pushing-of-selector-registers.patch 5800cb06-x86-Viridian-don-t-depend-on-undefined-register-state.patch 580e29f9-x86-MISALIGNSSE-feature-depends-on-SSE.patch 5810a9cc-x86-emul-Correct-decoding-of-SReg3-operands.patch- bsc#1007941 - Xen tools limit the number of vcpus to 256 when the system has 384 xen-arch-kconfig-nr_cpus.patch- bsc#1007157 - VUL-0: CVE-2016-8910: xen: net: rtl8139: infinite loop while transmit in C+ mode CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch- bsc#1005004 - CVE-2016-8667: xen: dma: rc4030 divide by zero error in set_next_tick CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch - bsc#1005005 - VUL-0: CVE-2016-8669: xen: char: divide by zero error in serial_update_parameters CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch- bsc#1003030 - VUL-0: CVE-2016-7908: xen: net: Infinite loop in mcf_fec_do_tx CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch - bsc#1003032 - VUL-0: CVE-2016-7909: xen: net: pcnet: infinite loop in pcnet_rdra_addr CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch- bsc#995785 - VUL-0: CVE-2016-7092: xen: x86: Disallow L3 recursive pagetable for 32-bit PV guests (XSA-185) 57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch - bsc#995789 - VUL-0: CVE-2016-7093: xen: x86: Mishandling of instruction pointer truncation during emulation (XSA-186) 57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch 57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch - bsc#995792 - VUL-0: CVE-2016-7094: xen: x86 HVM: Overflow of sh_ctxt->seg_reg[] (XSA-187) 57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch 57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch - bsc#991934 - xen hypervisor crash in csched_acct 57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch - Upstream patches from Jan 57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch 57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch 57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch 57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch 57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch 57c82be2-x86-32on64-adjust-call-gate-emulation.patch 57c96e2c-x86-correct-PT_NOTE-file-position.patch 57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch- bsc#979002 - add 60-persistent-xvd.rules and helper script also to initrd, add the relevant dracut helper- bnc#953518 - unplug also SCSI disks in qemu-xen-traditional for upstream unplug protocol- bsc#989679 - [pvusb feature] USB device not found when 'virsh detach-device guest usb.xml' 57c93e52-fix-error-in-libxl_device_usbdev_list.patch- bsc#992224 - [HPS Bug] During boot of Xen Hypervisor, Failed to get contiguous memory for DMA from Xen 57ac6316-don-t-restrict-DMA-heap-to-node-0.patch - bsc#978755 - xen uefi systems fail to boot - bsc#983697 - SLES12 SP2 Xen UEFI mode cannot boot 57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch - Upstream patch from Jan 57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch- spec: to stay compatible with the in-tree qemu-xen binary, use /usr/bin/qemu-system-i386 instead of /usr/bin/qemu-system-x86_64 bsc#986164- bsc#970135 - new virtualization project clock test randomly fails on Xen 576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch 5769106e-x86-generate-assembler-equates-for-synthesized.patch 57a1e603-x86-time-adjust-local-system-time-initialization.patch 57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch 57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch - bsc#991934 - xen hypervisor crash in csched_acct 57973099-have-schedulers-revise-initial-placement.patch 579730e6-remove-buggy-initial-placement-algorithm.patch - bsc#988675 - VUL-0: CVE-2016-6258: xen: x86: Privilege escalation in PV guests (XSA-182) 57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch - bsc#988676 - VUL-0: CVE-2016-6259: xen: x86: Missing SMAP whitelisting in 32-bit exception / event delivery (XSA-183) 57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch - Upstream patches from Jan 57a30261-x86-support-newer-Intel-CPU-models.patch- bsc#985503 - vif-route broken vif-route.patch- bsc#978413 - PV guest upgrade from sles11sp4 to sles12sp2 alpha3 failed on sles11sp4 xen host. pygrub-handle-one-line-menu-entries.patch- bsc#990843 - VUL-1: CVE-2016-6351: xen: qemu: scsi: esp: OOB write access in esp_do_dma CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch- bsc#900418 - Dump cannot be performed on SLES12 XEN 57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch - Upstream patches from Jan 575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch 57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch- fate#319989 - Update to Xen 4.7 FCS xen-4.7.0-testing-src.tar.bz2 - Drop CVE-2014-3672-qemut-xsa180.patch- bsc#954872 - script block-dmmd not working as expected - libxl: error: libxl_dm.c (Additional fixes) block-dmmd- Convert with_stubdom into build_conditional to allow adjusting via prjconf - Convert with_debug into build_conditional to allow adjusting via prjconf- bsc#979002 - add 60-persistent-xvd.rules and helper script to xen-tools-domU to simplify transition to pvops based kernels- Convert with_oxenstored into build_conditional to allow adjusting via prjconf (fate#320836)- bsc#983984 - VUL-0: CVE-2016-5338: xen: qemu: scsi: esp: OOB r/w access while processing ESP_FIFO CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch - bsc#982960 - VUL-0: CVE-2016-5238: xen: qemu: scsi: esp: OOB write when using non-DMA mode in get_cmd CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch- fate#319989 - Update to Xen 4.7 RC5 xen-4.7.0-testing-src.tar.bz2- fate#319989 - Update to Xen 4.7 RC4 xen-4.7.0-testing-src.tar.bz2 - Dropped xen.pkgconfig-4.7.patch xsa164.patch- bsc#981264 - VUL-0: CVE-2014-3672: xen: Unrestricted qemu logging (XSA-180) CVE-2014-3672-qemut-xsa180.patch- bsc#980724 - VUL-0: CVE-2016-4441: Qemu: scsi: esp: OOB write while writing to 's->cmdbuf' in get_cmd CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch - bsc#980716 - VUL-0: CVE-2016-4439: xen: scsi: esp: OOB write while writing to 's->cmdbuf' in esp_reg_write CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch- fate#319989 - Update to Xen 4.7 RC3 xen-4.7.0-testing-src.tar.bz2 - Dropped libxl-remove-cdrom-cachemode.patch x86-PoD-only-reclaim-if-needed.patch gcc6-warnings-as-errors.patch- bsc#954872 - script block-dmmd not working as expected - libxl: error: libxl_dm.c (another modification) block-dmmd- fate#319989 - Update to Xen 4.7 RC2 xen-4.7.0-testing-src.tar.bz2- bsc#961600 - L3: poor performance when Xen HVM domU configured with max memory > current memory x86-PoD-only-reclaim-if-needed.patch- Mark SONAMEs and pkgconfig as xen 4.7 xen.pkgconfig-4.7.patch- bsc#977329 - Xen: Cannot boot HVM guests with empty cdrom libxl-remove-cdrom-cachemode.patch- fate#319989 - Update to Xen 4.7 RC1 xen-4.7.0-testing-src.tar.bz2- fate#316614: set migration constraints from cmdline restore libxl.set-migration-constraints-from-cmdline.patch- Remove obsolete patch for xen-kmp magic_ioport_compat.patch- fate#316613: update to v12 libxl.pvscsi.patch- Update to the latest Xen 4.7 pre-release c2994f86 Drop libxl.migrate-legacy-stream-read.patch- bnc#972756 - Can't migrate HVM guest from SLES12SP1 Xen host to SLES12SP2 Alpha 1 host using xl migrate libxl.migrate-legacy-stream-read.patch- Add patches from proposed upstream series to load BIOS's from the toolstack instead of embedding in hvmloader http://lists.xenproject.org/archives/html/xen-devel/2016-03/msg01626.html 0001-libxc-Rework-extra-module-initialisation.patch, 0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch, 0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch, 0004-firmware-makefile-install-BIOS-blob.patch, 0005-libxl-Load-guest-BIOS-from-file.patch, 0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch, 0007-hvmloader-Grab-the-hvm_start_info-pointer.patch, 0008-hvmloader-Locate-the-BIOS-blob.patch, 0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch, 0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch, 0011-hvmloader-Load-OVMF-from-modules.patch, 0012-hvmloader-Specific-bios_load-function-required.patch, 0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch, 0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch - Enable support for UEFI on x86_64 using the ovmf-x86_64-ms.bin firmware from qemu-ovmf-x86_64. The firmware is preloaded with Microsoft keys to more closely resemble firmware on real hardware FATE#320490- fate#319989: Update to Xen 4.7 (pre-release) xen-4.7.0-testing-src.tar.bz2 - Dropped: xen-4.6.1-testing-src.tar.bz2 55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch 5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch 5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch 5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch hotplug-Linux-block-performance-fix.patch set-mtu-from-bridge-for-tap-interface.patch xendomains-libvirtd-conflict.patch xsa154.patch xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch xsa170.patch- Use system SeaBIOS instead of building/installing another one FATE#320638 Dropped files: seabios-dir-remote.tar.bz2 xen-c99-fix.patch xen.build-compare.seabios.patch- spec: drop BuildRequires that were only needed for qemu-xen- bsc#969377 - xen does not build with GCC 6 ipxe-use-rpm-opt-flags.patch gcc6-warnings-as-errors.patch- bsc#969351 - VUL-0: CVE-2016-2841: xen: net: ne2000: infinite loop in ne2000_receive CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch - Drop xsa154-fix.patch- Use system qemu instead of building/installing yet another qemu FATE#320638 - Dropped files qemu-xen-dir-remote.tar.bz2 CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch CVE-2015-4037-qemuu-smb-config-dir-name.patch CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch CVE-2016-2538-qemuu-usb-integer-overflow-in-remote-NDIS-message-handling.patch CVE-2015-8619-qemuu-stack-based-OOB-write-in-hmp_sendkey-routine.patch qemu-xen-enable-spice-support.patch qemu-xen-upstream-qdisk-cache-unsafe.patch tigervnc-long-press.patch xsa162-qemuu.patch- bsc#962321 - VUL-0: CVE-2016-1922: xen: i386: null pointer dereference in vapic_write() CVE-2016-1922-qemuu-i386-null-pointer-dereference-in-vapic_write.patch- bsc#968004 - VUL-0: CVE-2016-2538: xen: usb: integer overflow in remote NDIS control message handling CVE-2016-2538-qemuu-usb-integer-overflow-in-remote-NDIS-message-handling.patch- bsc#954872 - L3: script block-dmmd not working as expected - libxl: error: libxl_dm.c block-dmmd - Update libxl to recognize dmmd and npiv prefix in disk spec xen.libxl.dmmd.patch- bsc#967101 - VUL-0: CVE-2016-2391: xen: usb: multiple eof_timers in ohci module leads to null pointer dereference CVE-2016-2391-qemuu-usb-null-pointer-dereference-in-ohci-module.patch CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch - bsc#967090 - VUL-0: CVE-2016-2392: xen: usb: null pointer dereference in remote NDIS control message handling CVE-2016-2392-qemuu-usb-null-pointer-dereference-in-NDIS-message-handling.patch- Update to Xen Version 4.6.1 xen-4.6.1-testing-src.tar.bz2 - Dropped patches now contained in tarball or unnecessary xen-4.6.0-testing-src.tar.bz2 5604f239-x86-PV-properly-populate-descriptor-tables.patch 561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-it-is-zero.patch 561d2046-VT-d-use-proper-error-codes-in-iommu_enable_x2apic_IR.patch 561d20a0-x86-hide-MWAITX-from-PV-domains.patch 561e3283-x86-NUMA-fix-SRAT-table-processor-entry-parsing-and-consumption.patch 5632118e-arm-Support-hypercall_create_continuation-for-multicall.patch 56321222-arm-rate-limit-logging-from-unimplemented-PHYSDEVOP-and-HVMOP.patch 56321249-arm-handle-races-between-relinquish_memory-and-free_domheap_pages.patch 5632127b-x86-guard-against-undue-super-page-PTE-creation.patch 5632129c-free-domain-s-vcpu-array.patch 563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch 563212e4-xenoprof-free-domain-s-vcpu-array.patch 563212ff-x86-rate-limit-logging-in-do_xen-oprof-pmu-_op.patch 56323737-libxl-adjust-PoD-target-by-memory-fudge-too.patch 56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch 5641ceec-x86-HVM-always-intercept-AC-and-DB.patch 56549f24-x86-vPMU-document-as-unsupported.patch 5677f350-x86-make-debug-output-consistent-in-hvm_set_callback_via.patch xsa155-qemut-qdisk-double-access.patch xsa155-qemut-xenfb.patch xsa155-qemuu-qdisk-double-access.patch xsa155-qemuu-xenfb.patch xsa159.patch xsa160.patch xsa162-qemut.patch xsa165.patch xsa166.patch xsa167.patch xsa168.patch- bsc#965315 - VUL-0: CVE-2016-2270: xen: x86: inconsistent cachability flags on guest mappings (XSA-154) xsa154.patch - bsc#965317 - VUL-0: CVE-2016-2271: xen: VMX: guest user mode may crash guest with non-canonical RIP (XSA-170) xsa170.patch- bsc#965269 - VUL-1: CVE-2015-8619: xen: stack based OOB write in hmp_sendkey routine CVE-2015-8619-qemuu-stack-based-OOB-write-in-hmp_sendkey-routine.patch- bsc#965156 - VUL-0: CVE-2015-6855: xen: ide: divide by zero issue CVE-2015-6855-qemuu-ide-divide-by-zero-issue.patch - bsc#965112 - VUL-0: CVE-2014-3640: xen: slirp: NULL pointer deref in sosendto() CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch- bsc#964947 - VUL-0: CVE-2015-5278: xen: Infinite loop in ne2000_receive() function CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch - bsc#956832 - VUL-0: CVE-2015-8345: xen: qemu: net: eepro100: infinite loop in processing command block list CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch- bsc#964644 - VUL-0: CVE-2013-4533: xen pxa2xx: buffer overrun on incoming migration CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch - bsc#964925 - VUL-0: CVE-2014-0222: xen: qcow1: validate L2 table size to avoid integer overflows CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch - Dropped CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch- bsc#964415 - VUL-1: CVE-2016-2198: xen: usb: ehci null pointer dereference in ehci_caps_write CVE-2016-2198-qemuu-usb-ehci-null-pointer-dereference-in-ehci_caps_write.patch - bsc#964452 - VUL-0: CVE-2013-4534: xen: openpic: buffer overrun on incoming migration CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch- bsc#963783 - VUL-1: CVE-2016-1981: xen: net: e1000 infinite loop in start_xmit and e1000_receive_iov routines CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch- bsc#962758 - VUL-0: CVE-2013-4539: xen: tsc210x: buffer overrun on invalid state load CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch- bsc#962632 - VUL-0: CVE-2015-1779: xen: vnc: insufficient resource limiting in VNC websockets decoder CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch - bsc#962642 - VUL-0: CVE-2013-4537: xen: ssi-sd: buffer overrun on invalid state load CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch - bsc#962627 - VUL-0: CVE-2014-7815: xen: vnc: insufficient bits_per_pixel from the client sanitization CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch- bsc#962335 - VUL-0: CVE-2013-4538: xen: ssd0323: fix buffer overun on invalid state CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch - bsc#962360 - VUL-0: CVE-2015-7512: xen: net: pcnet: buffer overflow in non-loopback mode CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch- bsc#961692 - VUL-0: CVE-2016-1714: xen: nvram: OOB r/w access in processing firmware configurations CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch- bsc#961358 - VUL-0: CVE-2015-8613: xen: qemu: scsi: stack based buffer overflow in megasas_ctrl_get_info CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch - bsc#961332 - VUL-0: CVE-2016-1568: xen: Qemu: ide: ahci use-after-free vulnerability in aio port commands CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch- bsc#959695 - missing docs for xen xen.spec- bsc#960862 - VUL-0: CVE-2016-1571: xen: VMX: intercept issue with INVLPG on non-canonical address (XSA-168) xsa168.patch - bsc#960861 - VUL-0: CVE-2016-1570: xen: PV superpage functionality missing sanity checks (XSA-167) xsa167.patch - bsc#960836 - VUL-0: CVE-2015-8744: xen: net: vmxnet3: incorrect l2 header validation leads to a crash via assert(2) call CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch- bsc#960707 - VUL-0: CVE-2015-8745: xen: reading IMR registers leads to a crash via assert(2) call CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch - bsc#960726 - VUL-0: CVE-2015-8743: xen: ne2000: OOB memory access in ioport r/w functions CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch- bsc#960093 - VUL-0: CVE-2015-8615: xen: x86: unintentional logging upon guest changing callback method (XSA-169) 5677f350-x86-make-debug-output-consistent-in-hvm_set_callback_via.patch- Adjust xen-dom0-modules.service to run Before xenstored.service instead of proc-xen.mount to workaround a bug in systemd "design" (bnc#959845)- bsc#959387 - VUL-0: CVE-2015-8568 CVE-2015-8567: xen: qemu: net: vmxnet3: host memory leakage CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch- bsc#957988 - VUL-0: CVE-2015-8550: xen: paravirtualized drivers incautious about shared memory contents (XSA-155) xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch xsa155-qemuu-qdisk-double-access.patch xsa155-qemut-qdisk-double-access.patch xsa155-qemuu-xenfb.patch xsa155-qemut-xenfb.patch - bsc#959006 - VUL-0: CVE-2015-8558: xen: qemu: usb: infinite loop in ehci_advance_state results in DoS CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch - bsc#958918 - VUL-0: CVE-2015-7549: xen: qemu pci: null pointer dereference issue CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch - bsc#958493 - VUL-0: CVE-2015-8504: xen: qemu: ui: vnc: avoid floating point exception CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch - bsc#958007 - VUL-0: CVE-2015-8554: xen: qemu-dm buffer overrun in MSI-X handling (XSA-164) xsa164.patch - bsc#958009 - VUL-0: CVE-2015-8555: xen: information leak in legacy x86 FPU/XMM initialization (XSA-165) xsa165.patch - bsc#958523 - VUL-0: xen: ioreq handling possibly susceptible to multiple read issue (XSA-166) xsa166.patch- bsc#956832 - VUL-0: CVE-2015-8345: xen: qemu: net: eepro100: infinite loop in processing command block list CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch - Upstream patches from Jan 56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch 5641ceec-x86-HVM-always-intercept-AC-and-DB.patch (Replaces CVE-2015-5307-xsa156.patch) 5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch 56544a57-VMX-fix-adjust-trap-injection.patch 56546ab2-sched-fix-insert_vcpu-locking.patch- bsc#956592 - VUL-0: xen: virtual PMU is unsupported (XSA-163) 56549f24-x86-vPMU-document-as-unsupported.patch - bsc#956408 - VUL-0: CVE-2015-8339, CVE-2015-8340: xen: XENMEM_exchange error handling issues (XSA-159) xsa159.patch - bsc#956409 - VUL-0: CVE-2015-8341: xen: libxl leak of pv kernel and initrd on error (XSA-160) xsa160.patch - bsc#956411 - VUL-0: CVE-2015-7504: xen: heap buffer overflow vulnerability in pcnet emulator (XSA-162) xsa162-qemuu.patch xsa162-qemut.patch - bsc#947165 - VUL-0: CVE-2015-7311: xen: libxl fails to honour readonly flag on disks with qemu-xen (xsa-142) 5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch 5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch- fate#315712: XEN: Use the PVOPS kernel Turn off building the KMPs now that we are using the pvops kernel xen.spec- Upstream patches from Jan 561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-it-is-zero.patch 561d20a0-x86-hide-MWAITX-from-PV-domains.patch 561e3283-x86-NUMA-fix-SRAT-table-processor-entry-parsing-and-consumption.patch 5632118e-arm-Support-hypercall_create_continuation-for-multicall.patch 56321222-arm-rate-limit-logging-from-unimplemented-PHYSDEVOP-and-HVMOP.patch 56321249-arm-handle-races-between-relinquish_memory-and-free_domheap_pages.patch 5632127b-x86-guard-against-undue-super-page-PTE-creation.patch 5632129c-free-domain-s-vcpu-array.patch (Replaces CVE-2015-7969-xsa149.patch) 563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch 563212e4-xenoprof-free-domain-s-vcpu-array.patch 563212ff-x86-rate-limit-logging-in-do_xen-oprof-pmu-_op.patch 56323737-libxl-adjust-PoD-target-by-memory-fudge-too.patch 56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch 5641ceec-x86-HVM-always-intercept-AC-and-DB.patch (Replaces CVE-2015-5307-xsa156.patch) 5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch - Dropped 55b0a2db-x86-MSI-track-guest-masking.patch- Use upstream variants of block-iscsi and block-nbd- Remove xenalyze.hg, its part of xen-4.6- Update to Xen Version 4.6.0 xen-4.6.0-testing-src.tar.bz2 mini-os.tar.bz2 blktap2-no-uninit.patch stubdom-have-iovec.patch - Renamed xsa149.patch to CVE-2015-7969-xsa149.patch - Dropped patches now contained in tarball or unnecessary xen-4.5.2-testing-src.tar.bz2 54c2553c-grant-table-use-uint16_t-consistently-for-offset-and-length.patch 54ca33bc-grant-table-refactor-grant-copy-to-reduce-duplicate-code.patch 54ca340e-grant-table-defer-releasing-pages-acquired-in-a-grant-copy.patch 54f4985f-libxl-fix-libvirtd-double-free.patch 55103616-vm-assist-prepare-for-discontiguous-used-bit-numbers.patch 551ac326-xentop-add-support-for-qdisk.patch 552d0fd2-x86-hvm-don-t-include-asm-spinlock-h.patch 552d0fe8-x86-mtrr-include-asm-atomic.h.patch 552d293b-x86-vMSI-X-honor-all-mask-requests.patch 552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch 5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch 5548e903-domctl-don-t-truncate-XEN_DOMCTL_max_mem-requests.patch 5548e95d-x86-allow-to-suppress-M2P-user-mode-exposure.patch 554c7aee-x86-provide-arch_fetch_and_add.patch 554c7b00-arm-provide-arch_fetch_and_add.patch 554cc211-libxl-add-qxl.patch 55534b0a-x86-provide-add_sized.patch 55534b25-arm-provide-add_sized.patch 5555a4f8-use-ticket-locks-for-spin-locks.patch 5555a5b9-x86-arm-remove-asm-spinlock-h.patch 5555a8ec-introduce-non-contiguous-allocation.patch 556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch 5576f143-x86-adjust-PV-I-O-emulation-functions-types.patch 55795a52-x86-vMSI-X-support-qword-MMIO-access.patch 557eb55f-gnttab-per-active-entry-locking.patch 557eb5b6-gnttab-introduce-maptrack-lock.patch 557eb620-gnttab-make-the-grant-table-lock-a-read-write-lock.patch 557ffab8-evtchn-factor-out-freeing-an-event-channel.patch 5582bf43-evtchn-simplify-port_is_valid.patch 5582bf81-evtchn-remove-the-locking-when-unmasking-an-event-channel.patch 5583d9c5-x86-MSI-X-cleanup.patch 5583da09-x86-MSI-track-host-and-guest-masking-separately.patch 5583da64-gnttab-use-per-VCPU-maptrack-free-lists.patch 5583da8c-gnttab-steal-maptrack-entries-from-other-VCPUs.patch 5587d711-evtchn-clear-xen_consumer-when-clearing-state.patch 5587d779-evtchn-defer-freeing-struct-evtchn-s-until-evtchn_destroy_final.patch 5587d7b7-evtchn-use-a-per-event-channel-lock-for-sending-events.patch 5587d7e2-evtchn-pad-struct-evtchn-to-64-bytes.patch 55b0a218-x86-PCI-CFG-write-intercept.patch 55b0a255-x86-MSI-X-maskall.patch 55b0a283-x86-MSI-X-teardown.patch 55b0a2ab-x86-MSI-X-enable.patch blktapctrl-close-fifos.patch blktapctrl-default-to-ioemu.patch blktapctrl-disable-debug-printf.patch blktap-no-uninit.patch blktap-pv-cdrom.patch build-tapdisk-ioemu.patch ioemu-bdrv-open-CACHE_WB.patch ioemu-blktap-barriers.patch ioemu-blktap-fv-init.patch ioemu-blktap-image-format.patch ioemu-blktap-zero-size.patch libxl.set-migration-constraints-from-cmdline.patch local_attach_support_for_phy.patch pci-attach-fix.patch qemu-xen-upstream-megasas-buildtime.patch tapdisk-ioemu-logfile.patch tapdisk-ioemu-shutdown-fix.patch udev-rules.patch xen.build-compare.ipxe.patch xen.build-compare.mini-os.patch xen.build-compare.smbiosdate.patch xen.build-compare.vgabios.patch xen.build-compare.xen_compile_h.patch xl-coredump-file-location.patch- bsc#954405 - VUL-0: CVE-2015-8104: Xen: guest to host DoS by triggering an infinite loop in microcode via #DB exception - bsc#954018 - VUL-0: CVE-2015-5307: xen: x86: CPU lockup during fault delivery (XSA-156) CVE-2015-5307-xsa156.patch- Update to Xen 4.5.2 xen-4.5.2-testing-src.tar.bz2 - Drop the following xen-4.5.1-testing-src.tar.bz2 552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch 5576f178-kexec-add-more-pages-to-v1-environment.patch 55780be1-x86-EFI-adjust-EFI_MEMORY_WP-handling-for-spec-version-2.5.patch 558bfaa0-x86-traps-avoid-using-current-too-early.patch 5592a116-nested-EPT-fix-the-handling-of-nested-EPT.patch 559b9dd6-x86-p2m-ept-don-t-unmap-in-use-EPT-pagetable.patch 559bc633-x86-cpupool-clear-proper-cpu_valid-bit-on-CPU-teardown.patch 559bc64e-credit1-properly-deal-with-CPUs-not-in-any-pool.patch 559bc87f-x86-hvmloader-avoid-data-corruption-with-xenstore-rw.patch 559bdde5-pull-in-latest-linux-earlycpio.patch 55a62eb0-xl-correct-handling-of-extra_config-in-main_cpupoolcreate.patch 55a66a1e-make-rangeset_report_ranges-report-all-ranges.patch 55a77e4f-dmar-device-scope-mem-leak-fix.patch 55c1d83d-x86-gdt-Drop-write-only-xalloc-d-array.patch 55c3232b-x86-mm-Make-hap-shadow-teardown-preemptible.patch 55dc78e9-x86-amd_ucode-skip-updates-for-final-levels.patch 55df2f76-IOMMU-skip-domains-without-page-tables-when-dumping.patch 55e43fd8-x86-NUMA-fix-setup_node.patch 55e43ff8-x86-NUMA-don-t-account-hotplug-regions.patch 55e593f1-x86-NUMA-make-init_node_heap-respect-Xen-heap-limit.patch 55f2e438-x86-hvm-fix-saved-pmtimer-and-hpet-values.patch 55f9345b-x86-MSI-fail-if-no-hardware-support.patch 5604f2e6-vt-d-fix-IM-bit-mask-and-unmask-of-FECTL_REG.patch 560a4af9-x86-EPT-tighten-conditions-of-IOMMU-mapping-updates.patch 560a7c36-x86-p2m-pt-delay-freeing-of-intermediate-page-tables.patch 560a7c53-x86-p2m-pt-ignore-pt-share-flag-for-shadow-mode-guests.patch 560bd926-credit1-fix-tickling-when-it-happens-from-a-remote-pCPU.patch 560e6d34-x86-p2m-pt-tighten-conditions-of-IOMMU-mapping-updates.patch 561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-0.patch 561d20a0-x86-hide-MWAITX-from-PV-domains.patch 561e3283-x86-NUMA-fix-SRAT-table-processor-entry-handling.patch 563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch CVE-2015-4106-xsa131-9.patch CVE-2015-3259-xsa137.patch CVE-2015-7311-xsa142.patch CVE-2015-7835-xsa148.patch xsa139-qemuu.patch xsa140-qemuu-1.patch xsa140-qemuu-2.patch xsa140-qemuu-3.patch xsa140-qemuu-4.patch xsa140-qemuu-5.patch xsa140-qemuu-6.patch xsa140-qemuu-7.patch xsa140-qemut-1.patch xsa140-qemut-2.patch xsa140-qemut-3.patch xsa140-qemut-4.patch xsa140-qemut-5.patch xsa140-qemut-6.patch xsa140-qemut-7.patch xsa151.patch xsa152.patch xsa153-libxl.patch CVE-2015-5154-qemuu-check-array-bounds-before-writing-to-io_buffer.patch CVE-2015-5154-qemuu-fix-START-STOP-UNIT-command-completion.patch CVE-2015-5154-qemuu-clear-DRQ-after-handling-all-expected-accesses.patch CVE-2015-5154-qemut-check-array-bounds-before-writing-to-io_buffer.patch CVE-2015-5154-qemut-clear-DRQ-after-handling-all-expected-accesses.patch CVE-2015-6815-qemuu-e1000-fix-infinite-loop.patch CVE-2015-5239-qemuu-limit-client_cut_text-msg-payload-size.patch CVE-2015-5239-qemut-limit-client_cut_text-msg-payload-size.patch"- bsc#950704 - CVE-2015-7970 VUL-1: xen: x86: Long latency populate-on-demand operation is not preemptible (XSA-150) 563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch- Upstream patches from Jan 5604f239-x86-PV-properly-populate-descriptor-tables.patch 561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-0.patch 561d2046-VT-d-use-proper-error-codes-in-iommu_enable_x2apic_IR.patch 561d20a0-x86-hide-MWAITX-from-PV-domains.patch 561e3283-x86-NUMA-fix-SRAT-table-processor-entry-handling.patch- bsc#951845 - VUL-0: CVE-2015-7972: xen: x86: populate-on-demand balloon size inaccuracy can crash guests (XSA-153) xsa153-libxl.patch- bsc#950703 - VUL-1: CVE-2015-7969: xen: leak of main per-domain vcpu pointer array (DoS) (XSA-149) xsa149.patch - bsc#950705 - VUL-1: CVE-2015-7969: xen: x86: leak of per-domain profiling-related vcpu pointer array (DoS) (XSA-151) xsa151.patch - bsc#950706 - VUL-0: CVE-2015-7971: xen: x86: some pmu and profiling hypercalls log without rate limiting (XSA-152) xsa152.patch - Dropped 55dc7937-x86-IO-APIC-don-t-create-pIRQ-mapping-from-masked-RTE.patch 5604f239-x86-PV-properly-populate-descriptor-tables.patch- bsc#932267 - VUL-1: CVE-2015-4037: qemu,kvm,xen: insecure temporary file use in /net/slirp.c CVE-2015-4037-qemuu-smb-config-dir-name.patch CVE-2015-4037-qemut-smb-config-dir-name.patch - bsc#877642 - VUL-0: CVE-2014-0222: qemu: qcow1: validate L2 table size to avoid integer overflows CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch- bsc#950367 - VUL-0: CVE-2015-7835: xen: x86: Uncontrolled creation of large page mappings by PV guests (XSA-148) CVE-2015-7835-xsa148.patch- bsc#949138 - Setting vcpu affinity under Xen causes libvirtd abort 54f4985f-libxl-fix-libvirtd-double-free.patch- bsc#949046 - Increase %suse_version in SP1 to 1316 xen.spec - Update README.SUSE detailing dom0 ballooning recommendations- bsc#945167 - Running command ’ xl pci-assignable-add 03:10.1’ secondly show errors 55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch - Upstream patches from Jan 55f2e438-x86-hvm-fix-saved-pmtimer-and-hpet-values.patch 55f9345b-x86-MSI-fail-if-no-hardware-support.patch 5604f239-x86-PV-properly-populate-descriptor-tables.patch 5604f2e6-vt-d-fix-IM-bit-mask-and-unmask-of-FECTL_REG.patch 560a4af9-x86-EPT-tighten-conditions-of-IOMMU-mapping-updates.patch 560a7c36-x86-p2m-pt-delay-freeing-of-intermediate-page-tables.patch 560a7c53-x86-p2m-pt-ignore-pt-share-flag-for-shadow-mode-guests.patch 560bd926-credit1-fix-tickling-when-it-happens-from-a-remote-pCPU.patch 560e6d34-x86-p2m-pt-tighten-conditions-of-IOMMU-mapping-updates.patch- bsc#941074 - VmError: Device 51728 (vbd) could not be connected. Hotplug scripts not working. hotplug-Linux-block-performance-fix.patch- bsc#947165 - VUL-0: CVE-2015-7311: xen: libxl fails to honour readonly flag on disks with qemu-xen (xsa-142) CVE-2015-7311-xsa142.patch- bsc#945165 - Xl pci-attach show error with kernel of SLES 12 sp1 pci-attach-fix.patch- bsc#945164 - Xl destroy show error with kernel of SLES 12 sp1 5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch- Upstream patches from Jan 55dc78e9-x86-amd_ucode-skip-updates-for-final-levels.patch 55dc7937-x86-IO-APIC-don-t-create-pIRQ-mapping-from-masked-RTE.patch 55df2f76-IOMMU-skip-domains-without-page-tables-when-dumping.patch 55e43fd8-x86-NUMA-fix-setup_node.patch 55e43ff8-x86-NUMA-don-t-account-hotplug-regions.patch 55e593f1-x86-NUMA-make-init_node_heap-respect-Xen-heap-limit.patch 54c2553c-grant-table-use-uint16_t-consistently-for-offset-and-length.patch 54ca33bc-grant-table-refactor-grant-copy-to-reduce-duplicate-code.patch 54ca340e-grant-table-defer-releasing-pages-acquired-in-a-grant-copy.patch- bsc#944463 - VUL-0: CVE-2015-5239: qemu-kvm: Integer overflow in vnc_client_read() and protocol_client_msg() CVE-2015-5239-qemuu-limit-client_cut_text-msg-payload-size.patch CVE-2015-5239-qemut-limit-client_cut_text-msg-payload-size.patch - bsc#944697 - VUL-1: CVE-2015-6815: qemu: net: e1000: infinite loop issue CVE-2015-6815-qemuu-e1000-fix-infinite-loop.patch CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch- bnc#935634 - VUL-0: CVE-2015-3259: xen: XSA-137: xl command line config handling stack overflow 55a62eb0-xl-correct-handling-of-extra_config-in-main_cpupoolcreate.patch- bsc#907514 - Bus fatal error & sles12 sudden reboot has been observed - bsc#910258 - SLES12 Xen host crashes with FATAL NMI after shutdown of guest with VT-d NIC - bsc#918984 - Bus fatal error & sles11-SP4 sudden reboot has been observed - bsc#923967 - Partner-L3: Bus fatal error & sles11-SP3 sudden reboot has been observed 552d293b-x86-vMSI-X-honor-all-mask-requests.patch 552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch 5576f143-x86-adjust-PV-I-O-emulation-functions-types.patch 55795a52-x86-vMSI-X-support-qword-MMIO-access.patch 5583d9c5-x86-MSI-X-cleanup.patch 5583da09-x86-MSI-track-host-and-guest-masking-separately.patch 55b0a218-x86-PCI-CFG-write-intercept.patch 55b0a255-x86-MSI-X-maskall.patch 55b0a283-x86-MSI-X-teardown.patch 55b0a2ab-x86-MSI-X-enable.patch 55b0a2db-x86-MSI-track-guest-masking.patch - Upstream patches from Jan 552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch 559bc633-x86-cpupool-clear-proper-cpu_valid-bit-on-CPU-teardown.patch 559bc64e-credit1-properly-deal-with-CPUs-not-in-any-pool.patch 559bc87f-x86-hvmloader-avoid-data-corruption-with-xenstore-rw.patch 55a66a1e-make-rangeset_report_ranges-report-all-ranges.patch 55a77e4f-dmar-device-scope-mem-leak-fix.patch 55c1d83d-x86-gdt-Drop-write-only-xalloc-d-array.patch 55c3232b-x86-mm-Make-hap-shadow-teardown-preemptible.patch - Dropped for upstream version x86-MSI-mask.patch x86-MSI-pv-unmask.patch x86-MSI-X-enable.patch x86-MSI-X-maskall.patch x86-MSI-X-teardown.patch x86-pci_cfg_okay.patch x86-PCI-CFG-write-intercept.patch- bsc#939712 - VUL-0: XSA-140: QEMU leak of uninitialized heap memory in rtl8139 device model xsa140-qemuu-1.patch xsa140-qemuu-2.patch xsa140-qemuu-3.patch xsa140-qemuu-4.patch xsa140-qemuu-5.patch xsa140-qemuu-6.patch xsa140-qemuu-7.patch xsa140-qemut-1.patch xsa140-qemut-2.patch xsa140-qemut-3.patch xsa140-qemut-4.patch xsa140-qemut-5.patch xsa140-qemut-6.patch xsa140-qemut-7.patch - bsc#939709 - VUL-0: XSA-139: xen: Use after free in QEMU/Xen block unplug protocol xsa139-qemuu.patch- bsc#937371 - xen vm's running after reboot xendomains-libvirtd-conflict.patch- bsc#938344 - VUL-0: CVE-2015-5154: qemu,kvm,xen: host code execution via IDE subsystem CD-ROM CVE-2015-5154-qemuu-check-array-bounds-before-writing-to-io_buffer.patch CVE-2015-5154-qemut-check-array-bounds-before-writing-to-io_buffer.patch CVE-2015-5154-qemuu-fix-START-STOP-UNIT-command-completion.patch CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch CVE-2015-5154-qemuu-clear-DRQ-after-handling-all-expected-accesses.patch CVE-2015-5154-qemut-clear-DRQ-after-handling-all-expected-accesses.patch- Remove xendomains.service from systemd preset file because it conflicts with libvirt-guests.service (bnc#937371) Its up to the admin to run systemctl enable xendomains.service- bnc#935634 - VUL-0: CVE-2015-3259: xen: XSA-137: xl command line config handling stack overflow CVE-2015-3259-xsa137.patch - Upstream patches from Jan 558bfaa0-x86-traps-avoid-using-current-too-early.patch 5592a116-nested-EPT-fix-the-handling-of-nested-EPT.patch 559b9dd6-x86-p2m-ept-don-t-unmap-in-use-EPT-pagetable.patch 559bdde5-pull-in-latest-linux-earlycpio.patch - Upstream patches from Jan pending review 552d0fd2-x86-hvm-don-t-include-asm-spinlock-h.patch 552d0fe8-x86-mtrr-include-asm-atomic.h.patch 552d293b-x86-vMSI-X-honor-all-mask-requests.patch 552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch 554c7aee-x86-provide-arch_fetch_and_add.patch 554c7b00-arm-provide-arch_fetch_and_add.patch 55534b0a-x86-provide-add_sized.patch 55534b25-arm-provide-add_sized.patch 5555a4f8-use-ticket-locks-for-spin-locks.patch 5555a5b9-x86-arm-remove-asm-spinlock-h.patch 5555a8ec-introduce-non-contiguous-allocation.patch 55795a52-x86-vMSI-X-support-qword-MMIO-access.patch 557eb55f-gnttab-per-active-entry-locking.patch 557eb5b6-gnttab-introduce-maptrack-lock.patch 557eb620-gnttab-make-the-grant-table-lock-a-read-write-lock.patch 557ffab8-evtchn-factor-out-freeing-an-event-channel.patch 5582bf43-evtchn-simplify-port_is_valid.patch 5582bf81-evtchn-remove-the-locking-when-unmasking-an-event-channel.patch 5583d9c5-x86-MSI-X-cleanup.patch 5583da09-x86-MSI-track-host-and-guest-masking-separately.patch 5583da64-gnttab-use-per-VCPU-maptrack-free-lists.patch 5583da8c-gnttab-steal-maptrack-entries-from-other-VCPUs.patch 5587d711-evtchn-clear-xen_consumer-when-clearing-state.patch 5587d779-evtchn-defer-freeing-struct-evtchn-s-until-evtchn_destroy_final.patch 5587d7b7-evtchn-use-a-per-event-channel-lock-for-sending-events.patch 5587d7e2-evtchn-pad-struct-evtchn-to-64-bytes.patch x86-MSI-pv-unmask.patch x86-pci_cfg_okay.patch x86-PCI-CFG-write-intercept.patch x86-MSI-X-maskall.patch x86-MSI-X-teardown.patch x86-MSI-X-enable.patch x86-MSI-mask.patch- Adjust more places to use br0 instead of xenbr0- bnc#936516 - xen fails to build with kernel update(4.1.0 from stable) 556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch- Update to Xen Version 4.5.1 FCS (fate#315675) xen-4.5.1-testing-src.tar.bz2 - Dropped patches now contained in tarball 556c2cf2-x86-don-t-crash-mapping-a-page-using-EFI-rt-page-tables.patch 556d9718-efi-fix-allocation-problems-if-ExitBootServices-fails.patch 556eabf7-x86-apic-Disable-the-LAPIC-later-in-smp_send_stop.patch 556eac15-x86-crash-don-t-use-set_fixmap-in-the-crash-path.patch 55780aaa-efi-avoid-calling-boot-services-after-ExitBootServices.patch 55780aff-x86-EFI-fix-EFI_MEMORY_WP-handling.patch 55780b43-EFI-early-add-mapbs-to-map-EfiBootServices-Code-Data.patch 55780b97-EFI-support-default-attributes-to-map-Runtime-service-areas.patch 5513b458-allow-reboot-overrides-when-running-under-EFI.patch 5513b4d1-dont-apply-reboot-quirks-if-reboot-set-by-user.patch 5576f178-kexec-add-more-pages-to-v1-environment.patch 5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch CVE-2015-3456-xsa133-qemuu.patch CVE-2015-3456-xsa133-qemut.patch qemu-MSI-X-enable-maskall.patch qemu-MSI-X-latch-writes.patch x86-MSI-X-guest-mask.patch- Replace 5124efbe-add-qxl-support.patch with the variant that finally made it upstream, 554cc211-libxl-add-qxl.patch- bsc#931627 - VUL-0: CVE-2015-4105: XSA-130: xen: Guest triggerable qemu MSI-X pass-through error messages qemu-MSI-X-latch-writes.patch - bsc#907514 - Bus fatal error & sles12 sudden reboot has been observed - bsc#910258 - SLES12 Xen host crashes with FATAL NMI after shutdown of guest with VT-d NIC - bsc#918984 - Bus fatal error & sles11-SP4 sudden reboot has been observed - bsc#923967 - Partner-L3: Bus fatal error & sles11-SP3 sudden reboot has been observed x86-MSI-X-teardown.patch x86-MSI-X-enable.patch x86-MSI-X-guest-mask.patch x86-MSI-X-maskall.patch qemu-MSI-X-enable-maskall.patch - Upstream patches from Jan 55780aaa-efi-avoid-calling-boot-services-after-ExitBootServices.patch 55780aff-x86-EFI-fix-EFI_MEMORY_WP-handling.patch 55780b43-EFI-early-add-mapbs-to-map-EfiBootServices-Code-Data.patch 55780b97-EFI-support-default-attributes-to-map-Runtime-service-areas.patch 55780be1-x86-EFI-adjust-EFI_MEMORY_WP-handling-for-spec-version-2.5.patch 55103616-vm-assist-prepare-for-discontiguous-used-bit-numbers.patch 5548e95d-x86-allow-to-suppress-M2P-user-mode-exposure.patch - Dropped the following patches now contained in the tarball xen-no-array-bounds.patch CVE-2015-4103-xsa128.patch CVE-2015-4104-xsa129.patch CVE-2015-4105-xsa130.patch CVE-2015-4106-xsa131-1.patch CVE-2015-4106-xsa131-2.patch CVE-2015-4106-xsa131-3.patch CVE-2015-4106-xsa131-4.patch CVE-2015-4106-xsa131-5.patch CVE-2015-4106-xsa131-6.patch CVE-2015-4106-xsa131-7.patch CVE-2015-4106-xsa131-8.patch- Update to Xen 4.5.1 RC2 - bsc#931628 - VUL-0: CVE-2015-4106: XSA-131: xen: Unmediated PCI register access in qemu CVE-2015-4106-xsa131-1.patch CVE-2015-4106-xsa131-2.patch CVE-2015-4106-xsa131-3.patch CVE-2015-4106-xsa131-4.patch CVE-2015-4106-xsa131-5.patch CVE-2015-4106-xsa131-6.patch CVE-2015-4106-xsa131-7.patch CVE-2015-4106-xsa131-8.patch CVE-2015-4106-xsa131-9.patch - bsc#931627 - VUL-0: CVE-2015-4105: XSA-130: xen: Guest triggerable qemu MSI-X pass-through error messages CVE-2015-4105-xsa130.patch - bsc#931626 - VUL-0: CVE-2015-4104: XSA-129: xen: PCI MSI mask bits inadvertently exposed to guests CVE-2015-4104-xsa129.patch - bsc#931625 - VUL-0: CVE-2015-4103: XSA-128: xen: Potential unintended writes to host MSI message data field via qemu CVE-2015-4103-xsa128.patch - Upstream patches from Jan 5548e903-domctl-don-t-truncate-XEN_DOMCTL_max_mem-requests.patch 556c2cf2-x86-don-t-crash-mapping-a-page-using-EFI-rt-page-tables.patch 556d9718-efi-fix-allocation-problems-if-ExitBootServices-fails.patch 556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch 556eabf7-x86-apic-Disable-the-LAPIC-later-in-smp_send_stop.patch 556eac15-x86-crash-don-t-use-set_fixmap-in-the-crash-path.patch- Add DefaultDependencies=no to xen-dom0-modules.service because it has to run before proc-xen.mount- Update to Xen 4.5.1 RC1- Update blktap-no-uninit.patch to work with gcc-4.5- bsc#927967 - VUL-0: CVE-2015-3340: xen: Information leak through XEN_DOMCTL_gettscinfo (XSA-132) 5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch- bnc#929339 - VUL-0: CVE-2015-3456: qemu kvm xen: VENOM qemu floppy driver host code execution CVE-2015-3456-xsa133-qemuu.patch CVE-2015-3456-xsa133-qemut.patch- bsc#928783 - Reboot failure; Request backport of upstream Xen patch to 4.5.0, or update pkgs to 4.5.1 5513b458-allow-reboot-overrides-when-running-under-EFI.patch 5513b4d1-dont-apply-reboot-quirks-if-reboot-set-by-user.patch- bnc#927750 - Avoid errors reported by system-modules-load.service- Add xen-no-array-bounds.patch and blktap-no-uninit.patch to selectively turn errors back to warnings to fix build with GCC 5. - Amend xen.stubdom.newlib.patch to pull in declaration of strcmp to avoid implicit-fortify-decl rpmlint error. - Fix quoting of __SMBIOS_DATE__ in xen.build-compare.smbiosdate.patch.- xentop: Fix memory leak on read failure 551ac326-xentop-add-support-for-qdisk.patch- Dropped xentop-add-support-for-qdisk.patch in favor of upstream version 551ac326-xentop-add-support-for-qdisk.patch- Enable spice support in qemu for x86_64 5124efbe-add-qxl-support.patch qemu-xen-enable-spice-support.patch- Add xen-c99-fix.patch to remove pointless inline specifier on function declarations which break build with a C99 compiler which GCC 5 is by default. (bsc#921994) - Add ipxe-no-error-logical-not-parentheses.patch to supply - Wno-logical-not-parentheses to the ipxe build to fix breakage with GCC 5. (bsc#921994)- bnc#921842 - Xentop doesn't display disk statistics for VMs using qdisks xentop-add-support-for-qdisk.patch- Disable the PIE enablement done for Factory, as the XEN code is not buildable with PIE and it does not make much sense to build the hypervisor code with it.- bnc#918169 - XEN fixes required to work with Kernel 3.19.0 xen.spec- Package xen.changes because its referenced in xen.spec- Update seabios to rel-1.7.5 which is the correct version for Xen 4.5- Update to Xen 4.5.0 FCS- Include systemd presets in 13.2 and older- bnc#897352 - Enable xencommons/xendomains only during fresh install - disable restart on upgrade because the toolstack is not restartable- adjust seabios, vgabios, stubdom and hvmloader build to reduce build-compare noise xen.build-compare.mini-os.patch xen.build-compare.smbiosdate.patch xen.build-compare.ipxe.patch xen.build-compare.vgabios.patch xen.build-compare.seabios.patch xen.build-compare.man.patch- Update to Xen 4.5.0 RC4- Remove xend specific if-up scripts Recording bridge slaves is a generic task which should be handled by generic network code- Use systemd features from upstream requires updated systemd-presets-branding package- Update to Xen 4.5.0 RC3- Set GIT, WGET and FTP to /bin/false- Use new configure features instead of make variables xen.stubdom.newlib.patch- adjust docs and xen build to reduce build-compare noise xen.build-compare.doc_html.patch xen.build-compare.xen_compile_h.patch- Drop trailing B_CNT from XEN_EXTRAVERSION to reduce build-compare noise- Update to Xen 4.5.0 RC2- Update to Xen 4.5.0 RC1 xen-4.5.0-testing-src.tar.bz2 - Remove all patches now contained in the new tarball xen-4.4.1-testing-src.tar.bz2 5315a3bb-x86-don-t-propagate-acpi_skip_timer_override-do-Dom0.patch 5315a43a-x86-ACPI-also-print-address-space-for-PM1x-fields.patch 53299d8f-xenconsole-reset-tty-on-failure.patch 53299d8f-xenconsole-tolerate-tty-errors.patch 5346a7a0-x86-AMD-support-further-feature-masking-MSRs.patch 53563ea4-x86-MSI-drop-workaround-for-insecure-Dom0-kernels.patch 537c9c77-libxc-check-return-values-on-mmap-and-madvise.patch 537cd0b0-hvmloader-also-cover-PCI-MMIO-ranges-above-4G-with-UC-MTRR-ranges.patch 537cd0cc-hvmloader-PA-range-0xfc000000-0xffffffff-should-be-UC.patch 539ebe62-x86-EFI-improve-boot-time-diagnostics.patch 53aac342-x86-HVM-consolidate-and-sanitize-CR4-guest-reserved-bit-determination.patch 53c9151b-Fix-xl-vncviewer-accesses-port-0-by-any-invalid-domid.patch 53d124e7-fix-list_domain_details-check-config-data-length-0.patch 53dba447-x86-ACPI-allow-CMOS-RTC-use-even-when-ACPI-says-there-is-none.patch 53df727b-x86-HVM-extend-LAPIC-shortcuts-around-P2M-lookups.patch 53e8be5f-x86-vHPET-use-rwlock-instead-of-simple-one.patch 53f737b1-VMX-fix-DebugCtl-MSR-clearing.patch 53f7386d-x86-irq-process-softirqs-in-irq-keyhandlers.patch 53fcebab-xen-pass-kernel-initrd-to-qemu.patch 53ff3659-x86-consolidate-boolean-inputs-in-hvm-and-p2m.patch 53ff36ae-x86-hvm-treat-non-insn-fetch-NPF-also-as-read-violations.patch 53ff36d5-x86-mem_event-deliver-gla-fault-EPT-violation-information.patch 53ff3716-x86-ats-Disable-Address-Translation-Services-by-default.patch 53ff3899-x86-NMI-allow-processing-unknown-NMIs-with-watchdog.patch 54005472-EPT-utilize-GLA-GPA-translation-known-for-certain-faults.patch 540effe6-evtchn-check-control-block-exists-when-using-FIFO-based-events.patch 540f2624-x86-idle-add-barriers-to-CLFLUSH-workaround.patch 541825dc-VMX-don-t-leave-x2APIC-MSR-intercepts-disabled.patch 541ad385-x86-suppress-event-check-IPI-to-MWAITing-CPUs.patch 541ad3ca-x86-HVM-batch-vCPU-wakeups.patch 541ad81a-VT-d-suppress-UR-signaling-for-further-desktop-chipsets.patch 54216833-x86-shadow-fix-race-when-sampling-dirty-vram-state.patch 54216882-x86-emulate-check-cpl-for-all-privileged-instructions.patch 542168ae-x86emul-only-emulate-swint-injection-for-real-mode.patch 54228a37-x86-EFI-fix-freeing-of-uninitialized-pointer.patch 5423e61c-x86emul-fix-SYSCALL-SYSENTER-SYSEXIT-emulation.patch 5424057f-x86-HVM-fix-miscellaneous-aspects-of-x2APIC-emulation.patch 542405b4-x86-HVM-fix-ID-handling-of-x2APIC-emulation.patch 542bf997-x86-HVM-properly-bound-x2APIC-MSR-range.patch 54325cc0-x86-MSI-fix-MSI-X-case-of-freeing-IRQ.patch 54325d2f-x86-restore-reserving-of-IO-APIC-pages-in-XENMEM_machine_memory_map-output.patch 54325d95-don-t-allow-Dom0-access-to-IOMMUs-MMIO-pages.patch 54325ecc-AMD-guest_iommu-properly-disable-guest-iommu-support.patch 54325f3c-x86-paging-make-log-dirty-operations-preemptible.patch 54379e6d-x86-vlapic-don-t-silently-accept-bad-vectors.patch CVE-2013-4540-qemu.patch qemu-support-xen-hvm-direct-kernel-boot.patch qemu-xen-upstream-blkif-discard.patch change-vnc-passwd.patch libxc-pass-errno-to-callers-of-xc_domain_save.patch libxl.honor-more-top-level-vfb-options.patch libxl.add-option-for-discard-support-to-xl-disk-conf.patch libxl.introduce-an-option-to-disable-the-non-O_DIRECT-workaround.patch x86-dom-print.patch x86-extra-trap-info.patch tmp_build.patch xl-check-for-libvirt-managed-domain.patch disable-wget-check.patch - Xend/xm is no longer supported and is not part of the upstream code. Remove all xend/xm specific patches, configs, and scripts xen-xmexample.patch bridge-opensuse.patch xmexample.disks xmclone.sh init.xend xend-relocation.sh xend.service xend-relocation-server.fw domUloader.py xmexample.domUloader xmexample.disks bridge-vlan.patch bridge-bonding.patch bridge-record-creation.patch network-nat-open-SuSEfirewall2-FORWARD.patch xend-set-migration-constraints-from-cmdline.patch xen.migrate.tools-xend_move_assert_to_exception_block.patch xend-pvscsi-recognize-also-SCSI-CDROM-devices.patch xend-config.patch xend-max-free-mem.patch xend-hvm-default-pae.patch xend-vif-route-ifup.patch xend-xenapi-console-protocol.patch xend-core-dump-loc.patch xend-xen-api-auth.patch xend-checkpoint-rename.patch xend-xm-save-check-file.patch xend-xm-create-xflag.patch xend-domu-usb-controller.patch xend-devid-or-name.patch xend-migration-domname-fix.patch xend-del_usb_xend_entry.patch xend-xen-domUloader.patch xend-multi-xvdp.patch xend-check_device_status.patch xend-change_home_server.patch xend-minimum-restart-time.patch xend-disable-internal-logrotate.patch xend-config-enable-dump-comment.patch xend-tools-watchdog-support.patch xend-console-port-restore.patch xend-vcpu-affinity-fix.patch xend-migration-bridge-check.patch xend-managed-pci-device.patch xend-hvm-firmware-passthrough.patch xend-cpuinfo-model-name.patch xend-xm-reboot-fix.patch xend-domain-lock.patch xend-domain-lock-sfex.patch xend-32on64-extra-mem.patch xend-hv_extid_compatibility.patch xend-xenpaging.autostart.patch xend-remove-xm-deprecation-warning.patch libxen_permissive.patch tmp-initscript-modprobe.patch init.xendomains xendomains.service xen-watchdog.service xen-updown.sh- bnc#901317 - L3: increase limit domUloader to 32MB domUloader.py- bnc#898772 - SLES 12 RC3 - XEN Host crashes when assigning non-VF device (SR-IOV) to guest 54325cc0-x86-MSI-fix-MSI-X-case-of-freeing-IRQ.patch - bnc#882089 - Windows 2012 R2 fails to boot up with greater than 60 vcpus 54325ecc-AMD-guest_iommu-properly-disable-guest-iommu-support.patch - bnc#826717 - VUL-0: CVE-2013-3495: XSA-59: xen: Intel VT-d Interrupt Remapping engines can be evaded by native NMI interrupts 541ad81a-VT-d-suppress-UR-signaling-for-further-desktop-chipsets.patch - Upstream patches from Jan 540effe6-evtchn-check-control-block-exists-when-using-FIFO-based-events.patch (Replaces xsa107.patch) 54216833-x86-shadow-fix-race-when-sampling-dirty-vram-state.patch (Replaces xsa104.patch) 54216882-x86-emulate-check-cpl-for-all-privileged-instructions.patch (Replaces xsa105.patch) 542168ae-x86emul-only-emulate-swint-injection-for-real-mode.patch (Replaces xsa106.patch) 54228a37-x86-EFI-fix-freeing-of-uninitialized-pointer.patch 5423e61c-x86emul-fix-SYSCALL-SYSENTER-SYSEXIT-emulation.patch 5424057f-x86-HVM-fix-miscellaneous-aspects-of-x2APIC-emulation.patch 542405b4-x86-HVM-fix-ID-handling-of-x2APIC-emulation.patch 542bf997-x86-HVM-properly-bound-x2APIC-MSR-range.patch (Replaces xsa108.patch) 54325d2f-x86-restore-reserving-of-IO-APIC-pages-in-XENMEM_machine_memory_map-output.patch 54325d95-don-t-allow-Dom0-access-to-IOMMUs-MMIO-pages.patch 54325f3c-x86-paging-make-log-dirty-operations-preemptible.patch (Replaces xsa97.patch) 54379e6d-x86-vlapic-don-t-silently-accept-bad-vectors.patch  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGH3AKDM4.13.1_02-lp152.1.14.13.1_02-lp152.1.1  xenhtmlhypercallarmindex.htmlindex.htmlx86_32index.htmlx86_64index.htmlindex.htmlmanindex.htmlxen-pci-device-reservations.7.htmlxen-pv-channel.7.htmlxen-tscmode.7.htmlxen-vtpm.7.htmlxen-vtpmmgr.7.htmlxenstore-chmod.1.htmlxenstore-ls.1.htmlxenstore-read.1.htmlxenstore-write.1.htmlxenstore.1.htmlxentop.1.htmlxentrace.8.htmlxentrace_format.1.htmlxl-disk-configuration.5.htmlxl-network-configuration.5.htmlxl-numa-placement.7.htmlxl.1.htmlxl.cfg.5.htmlxl.conf.5.htmlxlcpupool.cfg.5.htmlmiscamd-ucode-container.txtarmbig.LITTLE.txtbooting.txtdevice-treeacpi.txtbooting.txtguest.txtindex.htmlpassthrough.txtearly-printk.txtindex.htmlpassthrough.txtsilicon-errata.txtblock-scripts.txtconsole.txtcrashdb.txtdistro_mapping.txtdump-core-format.txtgrant-tables.txtindex.htmlkconfig-language.txtkconfig.txtkexec_and_kdump.txtlibxl_memory.txtprintk-formats.txtqemu-backends.txtstubdom.txtvtd-pi.txtvtd.txtvtpm-platforms.txtxen-error-handling.txtxenmon.txtxenpaging.txtxenstore-ring.txtxenstore.txtxsm-flask.txtmisccrashdb.txtvtpm-platforms.txtxen-command-line.pandocxenpaging.txtxenstore-paths.pandoc/usr/share/doc/packages//usr/share/doc/packages/xen//usr/share/doc/packages/xen/html//usr/share/doc/packages/xen/html/hypercall//usr/share/doc/packages/xen/html/hypercall/arm//usr/share/doc/packages/xen/html/hypercall/x86_32//usr/share/doc/packages/xen/html/hypercall/x86_64//usr/share/doc/packages/xen/html/man//usr/share/doc/packages/xen/html/misc//usr/share/doc/packages/xen/html/misc/arm//usr/share/doc/packages/xen/html/misc/arm/device-tree//usr/share/doc/packages/xen/misc/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Leap:15.2/standard/c2e780f15d1a80c99f5f936c71b6eacf-xencpioxz5x86_64-suse-linuxdirectoryHTML document, ASCII textXML 1.0 document, ASCII text, with very long linesXML 1.0 document, ASCII textC source, ASCII textASCII textASCII text, with very long linesAlgol 68 source, ASCII textutf-8ceb478a243ee5642239314282411dd940193104c552c15db67476b536b2d9d4f?p7zXZ !t/)] crt:bLL 8WFԕxNmm}6yz֍f"^Xm9ev9%oEEQ*UK..)h]LWNf~Af*9&xB$B=GнdW16 .x.aې5L$K W2| %oAO;8T) -B +kLust,J?\&%_̓/óXҗʒ3!3Bd@jSR8?eXAяh[;s_9 VLP( wY ԑUJ3ʎƖ8.K x`nGj@͡(Q{ﯽMf?SM5uա6|onLgrbe~tdz >'h6w09K2`,> kбhCYwvN\q 9gfRbbQg> 4zwS#6c2

׻Ygw=/ą 1QڿV/IdK# Xe dSsz&a2q=3 d=(q9*s !Ͼ_\%7+Nfe0(he׏V^Oy#\&{Z81#;Tft'EKq O2n{E/A h ̹oZ2!soQ5OiBb$U. ?6$߷"} <;(NOs'E/@F`$Fnb^vl hʺqV׃6CWJ )Q 7:jxU;#,amQW;daMV?bGaSޡ©gSY~~.ld.&Mbqg, G^p"YZie ˜է/uu6hRE}Qկ8]q03N]Pu2A0ڐ|ү4*л˷ylp6׃׳ZkwVF3nQt4tHAc ~Yh@27gm?a 1W֘`B@vza3)JWw f ٤ߝC39#AI@ѧJazfhuF vUh{;)|~,CNoGh7q?l2h}UQRMxyM,C\,k?;EawtpFKWK` ӓa1u}qR  x_DDC^\ C>!EJ_-#^i IB% H,# M5 cԡs "g-+m TPШ,V,Ir#`G_y,yi"~p-Ø`GXd\َR.ނ#8o;m끦|4S>xG%؆>y֗_;g Cd b;7]kMelE 05/5tnk9x] mNʽPA$}CF&{yR2G.p:yG#4x\H/E>a%)|L3y.Y6˪OUI/e X]%r?0D`aCBq %R؈QE}]DBB >l"3 5%V h ؂%q (C>ډX Ȣ*Lzdzlpob2|©kS4E^5OJURM t~ټ.g}L?PE6Go4-g\۬L^iD6PYz?G,$~~ _ ;`he$=P՟ݦ_NA>r(שcdE$H:SA7-C]nmhu7ixHK7Q6_xCFS[&%:Lu-@ a 78Ai|6pfIIr.QEf/zH!k68qQ`]DB>~>{J3Cp)2KC+ϻZ,\\eĨuxV-@ `x/鶇h/D" )nÆkrIx('M  Ac>KL@/q-h,e̬JU_J  0W99ER[f3-l*#Tń$.I$h<~[}TZΤ:$$gʺmT=Js^A_F=iK'jl;4D | ca8d2tC~_ Y *'F6>,{ΟsWOPR5LA_h@&k5gpLMߣ!,y$!,1L"Ywq&)̙ *C/l%ŸK\#8/Lw^љ0ۛE)|ȳM@ .r^-pv޿T db>DW=CIscz,DyUc^x_pYqԷLL7uL+PvvK)bTgJ*_ObhmV@s4 :ȡvY.G=ZvT>??N*D+-I1 :婄j sVZ`j7/йoH8ovcnR<,*'~>MֆIAIș7j߆`}5PR) n7 ws

l؂fŬmb4sJf%-I[`T XI܉U5$0>ѳO?ijŷ@3|~*g^B% ln - Y28N55@z?g;Om0uXj&P#_1Dۚl/wT.w T\FF)"k'7zOQHPW6]W;3!^Os(wb*#y#;;kG/{4s*䟦aHA4GZIzUbJPņ>9#p{(fq䡚M_L3$gpK Q.[M` W0P"YnڶvJo<ߋ>I!3 [ǒsҀa6+_l椑֏> |jZ\fe Pw]H'8_i3i#ħJ\j>-u?$-7ul9Azkgv]_w79͟gN =AcW׊L'ĺFϿJhkhFK!'L2D{fY}Ԟ`6pۺbͺ־4H_ΤfGq]B@4w9"Y2[s|0j=(Сsz@KZK*zډ+g7Ay'(>Δuxen5>d\i@tB*'G*ZF#bC+Z H$PJzmZ%Pne"ӟ[ǓۤyI-}XF1LY(1#Ci#ES,=BfȨ{x8i"O줥tZB*A2+iTwy!%jJw0O-ݮtGYllԍOK3׃{k|# c 3w0Yͨp&Mexl\n[3(@XƇb.uݡvOӛ8L(VRC)쎿{&!(n 104@Al NE 3H&JPzA_$q' ؤ+n3 L:' rY.r"=p=]j&uymPS J5eFO$Sd(5TDbsǥȆ^)w}TJ V]"v+'l56ֶ3^E'qx!U7x* ]9Pwd_!x d@?|kBmLEv꬐1Vrϩ^?iG~\ ٹSE.( +Th珄F]Orw p:lt‘-KB :x8es) 9]xi%8sZ,%=IBiw@HҼ@ E.+QzD")CS:gL`gBA7%ѯ;KM6Jr $0_Я.#:J9K׊-IֻBz7P&Q<s0)d }:w Ѧj4T%J?].foMeQ9y00..M".슂%^-;,`XhR/ >ߵLj*j mܟc> Kxlxga52z8vI-Xph͍Xb bOy6 .HI ׽!| b=W yS|k'KsrcogRσVXӒ^M_7sbz3w veeoי_y)z-nGfcЙ1w_g}&Ոǃ0ih,+#@c#e9p+vy^}[}4XRJf+eQNv2o'}`\jĬL3P :J>5!ǮWI)%? ա^)Ǖ=$!p{$zN;38C Z͚lf DG`ƙMchTw-[ďO\BjqeP$D]ma^52g$ ՠ r?J[Wne*( wiqD Nruؕ+!PgfW /P{559c+IĽQ~R],u}"9WR]pk<b"mGvb]/?jSal)`ܷg1Bԟsm}cZB'M5&֊W ˵{^h6[oX挎I멞;JwO"_^,bيHΎ= 1]j#=(Vڐ=RӶQϓ4Zg۲^mP~4M`BU*w4d %>3eGR8#Q)Ѷ&F B\ݭ RY^$TY ,-tJ{Aod΋ _MV0roI"o'Nף۳kZ})]zxj̨v|Q&kfO阅V<8!g ɬB6v{U^,3 qxMd% b-IK5a3mX}0gwp_/:^!oRts)jȱ{ SU֒o9oKlW&9n<H3+!P ւK󥉆?r0<am/g>p6&U6jc3w(V{>a^_q-\*po=řOݢѓQHJnwu-\>%D#8,d-Av@} -.do0Ϥj&m {eN;el ?aAoS &\y6nhF#kQ)賂ǘ8[LEC1:u S: Р}L\3Im9u{mהn{Ʊ9s}k=I+P)A-АV<~_>Cq}uk0^*h +Py5*Y ݅%L7@_DF mQ[!uG$e2-z$^}:<H0wVvT*}ݐ7cҕZ&H + Bpѻ8^[ϡ\6#)*@[&^/I,ȾpQ(hMli2̢b{Wj{Yώ& zx:3/OOYqm;jǕ bcyb%o#ya-+^kju-TzXhOւZn7\b-D0*0Rh:eA#sW%2FD䗳8 ˮmL-yKUE+OamvՌ{ȸ jS 8a+L􋰿veaXKu?l픋 >[bw$Zx@AғץR鵜"l0rthu5y-!vۂZG#;e>ǀik\攨 Y~i,y[r=00ΰIf( nD 0xS)5nXwG.o(ÓkٛWN{D*0 21>_[ن7E1cĔ04n՗nLh)8YŴu*$OO,4I}N^!&,~<0FVBߡa@Zڧ@V=/I/Ǡias(qSl~6 X ,Iak|%iE ,mj/V^80](O6Iu@9mB u VjͿţdV{[zAӧqgVRroյqvdXԖ8>EԏKU_R\OCo>ss"㹈|HuJ 6{! ?=0Bھ1!Q Z"5駁̠}>V=oe HJ"[\s T㩷CѾa4N6Z5oUɎwx mP=Cd5=,nl>9r$}{xc5odwb:yu ,+cCT&Df|c/2T-(enHIT,y/ʺg蓦@癛i=y%TwMχސ/X2GI3*9V 렄?mT&Liѓ5bBzIa*^΅@$;ן9q1>_̾`sȚc8tk;LHĴrV6Y^YhI]KB6*<[~}!Es |ʫett\_[ӺQHC?<GJ>], ddq ;xLu.2:3Zm-u} `t^D| E\t_R'ک1SFc= gl;zM=RmGԳay?1bGԒKߴHJx0P#vɺYfh[$~Ј3BfVkyZCڟ)}Nu?LDt^?~W4Gg1A[ ƛiS9\7-#Q1eyG u!+/Oζ҇C)7,@Z$R-;m]V Sn obhuA ['.$[Smu*D-ϙad!q{t6af]j$%K(Zꫮ@ ^j~:H }/:X$Y縛{ގ._ӟ$>$I @i|BɀlZyr3wiC=oadZ} $hnԩ6?`1[6|RI=J_,; -X ؚ$QFsҗR<$:0\psg>7h7>)~ d%lm]Yw01m|&!FsHlg YĩׅŦOs~5K bQAկxp?1l$uyfyaE!coZٗ#tW?aKzcy;z OAXΨY11P#/@9ٔhA+TX-~HGH cy vyO#rLyw=YlD7d!& qɫbdQV Kw9jJɸNJ严~_-3nLT`)̉SjO"#108 V_rQ/8z2g_Ü:]U4E~[a"9d!ZkFS?B7ʧ{-a@ڧ'M8kVꓡл1Đ0' D2IufG0MxK+Kg"qI$FF\H0,xVeP8#g;YRb59*aajUǐDH/>$fA .&LF812af֭7H1 3ֿG- bZn=41/|i }>`ż_%aEvb=|%Sq3IK_wVS+Be 9քd: Z:xvo..6iǰqЈ܆Z!ۍU|p?q~1v ]6|_Њ\fYLz~Bz+q:Êv2lH*(!r>3aH&QVŽs'zAyuѾ.L$g osDQ!Fw]s^1"Dݯ1-lޟ2k3 t!]nYa$u=wٜW׵6~Q<ٶ@]˩Ԯ/dz9)# 27ׯK\"-Z&*a\m_1|I ?VJkRmm/yz'Cl|K3gs\˒\ۆH7H-k ulA!$DB(믆ProIr`./d-%]'_SFKƓKHg-+t+a+ts-}"+~Xur܇_zJaZ ֦n; $Bj'u+L^k^!w$⮿SI,1r]֧Ğ}1 ' pMÄ @Λh=E[A@2۲wV2F3omrjռ-9{W\mpd|5DVxwB t ğ ha021#2>‚: n@6ͫ<;d~o4n`nN)*KA "-Br'+0A ku8s1X WH"8ZriQKQP\Q<~eN?+v᳸e֗++)]诩EֺaW Q} j(oJ"MXRr{ dl*wG`Im) [vwŊniYEf~Q1E:axovD?DQ GB۞q~3#̏xjX(hzVDt? jA\kGD8Hg+mS;U={og0kxoE2mww9mO҆!˷g Ŝ+G'PEZP W&k@@@Y#jU&IM ,"AmZٍv^[<0~`M||?A4/+.?9/ŞJY9V7WsporsV'Hhlz0 ?LxMꯆ)I~Nk`݂ax8LKl#V뙮ٿ q12H? *$sC5~}  ;돬 Dr8>x>t^n_'U5 _F کbGۄ>}kl@X'%c vrQY@ikp,~ABCƤ-HZcX18qXt6],0+BY5f žV qD>d)VR0_H:P$e@7F xG(c+kr( U݉Z)*q(s 2堡 iw<@k{E7!Y)VP|(']A>e*b*`Έ*11:LȖ֖+OvU@!"@|r;s)| ,¢?a%;-@gV .KՓ*̍"뉾l>=}DEsfphr! j ^.+ Jײ9n0;o Buu۳"+/HO=TI懍yAkj`+I4A5}_p0,܁%-m:!J_]6޴=`npQ9LX@68쪌?vzr<{?n* dw$3M +ŭy#?RJ/S/]%LG4SQ+N!u@QZ;H-6]| Kzy 0N$=)Vu")a}4Ha%U~-HzC&m4?_8@Od+Kr~j[ntaQxlqDJ5sK>PsY: ]1ux|Nh3ͷ^r1F\,Rs¸HE5ߊ]A l@^7jJ >3`9zt1T9.eϿd~Q,TN!/Z`w]x{ دϳN.:)m>Be Z}n A3K#Z1`7#+b.F*8Ɓ F&RB7Qoр$7b(1+wǏT>95򓅒1;1Lstiw`dpt j^е_xe~p_OV< 7UM W@:7e|ý;s ev|H5BTR PDnZMI!~F423_wG0`+^ \DઇbV>qܴij~ώPbĦ1=/css='uT}נV: _@!IJǀ'KP1NRy[#r=y"s ڜ,j Lodۄ#Awƻ@#^}zhq12{VQ֚3J)E]0jM=U}'.e\R`Jj\sAg+c"  3ϗvٔЈ!bkiNv^š?=DZ"Źމ/OY s|UxhΖh<^I%CH`a|wvr]1{GRppo5 ˀOƩ3yC5{}Eߡ7]sFH@Wpt~Cti6BB-l?cso^LJEz39L=XsjXQſ- K>RJV07C,N7+\)JR RSV`i<½oIDUJ}7U LZ<Z>K 0J#5CsPМD`Qhh)a}%g4 9z9`۲W U8v|Vy7TI[c )oOHi˜e</TsdQv~̐&Lu5,CsC2; F-[8y!ؽ7)F]c Tg z[gyS{q2H""^nם ?)R\\dz<2w@[l1[eQF2 hFkwa_ޭ8;Ԯ]ڀ4KP-{/Qm.NT[\ i īrcv~.pr^ڐALJGT5Yf2B T N|K[j%Rwcb$a2 _U^bI˗!r^7mp$a"4vz7*d-u>oxMY*|AƂ _ FJQg\1s > AV. ›& l!0x{"p!/f=&̖4'jJ'n"~F C=(@ :HNdKkϪlH[ÿ<k5?Vxjr> CRMJ/]Sp=mZ;D[YjLWM'h]CFV%~b{]޾Oj"68OtJv{rUwt tR&K:p_I]yl@!VYƳ7O7[۝80Af9?AK,Ϙ0R;_lk.#Hq,ȸвQ;-ef  ]#8=:"#}.n=<`E}Aw7̕ 0 ٛqFTaҩa'U_ MP"V]?lX!1= Gz?O<=P-2#~\}V|0]2oο:sSFY⮳v/p60",Sl} bb+KC]K;opLf5ӥo攡Ŝ~yowgJ0 A) !OHo1x0w"޸ޫ_Ỡmޛt/P'9J/(a EpV昵$;G+ʜu|j;r+6?ӂmݘRc}aEaP@3iutʹy3ЍD4B(_sBaF3'H@Mc/GsH^}~K| %Mk@cá&-hv8SKss"8K |w4uЪ>'앍gYItخ@}pW.C J\)ș(t:p;E)B዗A">U4ؠ/u3C5H\h?C2 ~Tj H8t=s Fx (~] .mLp]&#ǏY+Q8F>Wtmt̷EtEaޘb{Fv:F8c>qܼ\1|WX3=SEvɟ+b;[RdP!= M51i=Xwwp{ L,Si@N( LNhdQLrӳؐFiżZeqS\G=O|'F 7$R*l @ǩ(KkQs[ tls?CFv3qCCb#M13#C9LUY^NC bnjoY@]U/%/ipeh03ʠvmv'5E7A%s =f\%?mDT?{Ȯ^/}pr 3\օad&\0s}i(j͆-Tc_=?C_l:B=_UJab?PfOP{xNc2ҩ*^Hz@8g&&Lb_ppG04t@;ofNHgP;G씰OO]rz,sqwT6UINnC)Q}AjKr%-Or Mvkes[ƕ,zmq( 4\H~D],c]f"qpi8X X$=V^ɶ\)#Ø<j #plDGu8mt%ӼI䲝)5 2r(6eY#[f*i:vg 1 mHtǽ-<;ؕ.~U]^=2&I.8 }zWs@U-Ԃ<;(=՜t74Ta޲;tg8B۠'p)uV@&XМ:*%dKc;\439p23Py`l:ի/](>=L$'찵Aπf߂(VO. < =-.6,c1˴# O]odϷ(Hyі|\{QBc|ʀΉ Z?G؂Ñ{N9%&e|8/%Iڞƞ/1xHzE@M\+e&*pQOw's'A~1$\-&#%|fS/1?O\"@IK:HR0B}ߎS]4Lh/8QȽ\' #^ 48C 4˻{_hgD9V.ylCO`̗j R/gC$ M`n4t;o@y?K=iS#РXWaE־^P?/wh ZhVc c|r>-1i uWz8V&[VGShz+*# ;U?QKv'Tcs0=h 3jZ>䤄ƾl̥m{/aWxg+Hf|VCv?kA"6N\C^G4yLY:?Jf,-$x4^0˶&“O…],e)\gԅ͏@5T 'ǔvbԊnNlsuRK/l>)<մ7(_F䏂0U y+21.􏇊>fr&lh#~#$3x)- YԎC1@Ñ~yڀoTɳKQ 5rj&#wYG:8O`Xgg!ҡtmFB ?]PӥTݕ!\EF:jG!#fsN҆|{wf^f<\<(U$<]:7*'O W{?'];F~f_@Hz dE.{>c>V{Uf.kwl:3_+v ;O͈L;H @W6k+S# ;d_P^N=VI}:jNRɂ8ubtYșηpJޕ[ 9Lrx ee|UTN+HayVf0P@@?|AtScX`'lu\p5o QF3̯hzI,EV,0? 7ȟC'd-fSۚ%,)fu@ch 7C Ż|L9-xhixWvMgJX!wSrjE Zf>9,4x:YW}m9pē6yB֑^b,.auIKIc=z, f!]+zq[yH/bK X<~{WWb~5Y]q_6$'bIYaf\/$TS/D0ٖ-PyQ76dnoL"5rY"(K>XG~,A?[h}f սY6Ss3h )߹@]| ag~xe*( =߹AT+r̴d__0'e82FǸ!D0\dQ(=&x6}s7]F.x|lW*_LcOFّcXG3lO@{ m~ WZ{U~VOv+]<1?o݃xVp3h&@D; 4u VPyO$ 8qA5EWHDP bz$j ~L9fv,Ji<Fj%֋4 4ճP:l#-MVսXhδƷXqY[U,w3̖S |Nmc^U$lk&n!lYyѨ8@Pa)|dyO(k- nrp;LzKceCV Y`Av5܆'\q\}+eJiaGr[mTMM_#g[~ЁN`# ln[L.<% I:Qs ʸ a]ܹG;6Y z9J1Q`yg RxI7PC2!ni0 eO}tjeK|ivRN< &EmaZ?F*YtG* }`Ɨj2-W}E8md\P&ý w#IJ Kn63VatK.3SKl݆K3{"Mjܪ]Tj;m)9񔤋)}pulPI= F |$rJ(2}WVg({&h~y/sY[j=[j-+b)O vMr]*i+"]K/Rh0BFXVof˷O{M 5Vb$AJ7|cZȍoc)DI2 )="|O钧^;ƙB#rFޯ/"Ѥl^x<0H4IFe_yrV;쟑ONqRX'4'FB\FX:^g,)*I (k{^7-e-)3ۙ hB']Եe℻|*!$I5!/3Q!;2LBd?8h82J6kՓ몠Iק܀K&@J[p H( }#\qr{F8>,yueA?~jDZ~73CTu]T?QRdւW{uOZM^c)յSXX)qŌO(]#j7|3}ػDCϲKzou}]LI&Y".i#lv}SHXOX,2uL/q/] i6h+o l#- foO. =A-=˖4=|.:¡]LH֙KӁ|xIV/XLcuxJԏES$R;[ܙ7 G W8xs 6|8=A nBz!Kb:]oK 9g!G |f) ɇ(E>ewM^>y\0΃~"_0~Zl= po(d}ͬ/WxCf3FjdYr4([cYԈQ*lg32(B{Tt~7JN?..ݺ{[ r_mG 6`VjGSNϠinj8,`6A2S,mK3 Vq.eb {WdI_a3*+xņ(1Uv Nmљ gS7j</bI&)SX\?>rWT_Ssӱ^6˞&-mk>PJ:4L['y|׽W郣,j]x]kր +ʦ&"ldX(J2<)&M"5i-?!5NM)nt7w!RH4X,,6Q*f x/5l}n(P 랪 &zTQuQ'e (D59Xs^ Kn%þo J-Q%DXqƀt!g}ωUtɘ)9#'aCԸMҀ6=`rh.?ٴ"l&kNzx*Z|{rPڿ\I|శƉFdX9?\Ku/;0I,i7-Hf0@ d,S7T\,}mkn Z(UA. w TH$*҂,]""# eQa]MNuP k! fTMk{48O:7yPU=19bYIW }b\$4Kdƨuƛ ud9z.(s6ĐDנ|ԣc6 4{s&~Qߧz}uV̛|&>0VhG7{1YX::62y1g(U5C$g^cܯ\W@WpjXKFKwݵ 2ŰM`}23)֕0ى>"OC"U QNUr K;6&, n]L2Qt&ژ 0t`!& H?c0e4cۺ%IgẈELK8^xN;SQ`E#Add.,PBe#{ٓ >J,Ԫى;g c2pggl!)ywzϽV$r8@m<)]"ߦM/aH[XET\PC4nrEh^5g+?w,BA+qdysd.nX4@VU`q륇;{Ai:tm}vާIsfB=nP@=2{5Hea\(:'~nH̥YX^>:gO@].NO6X ⚃HAb ! RyxAA{ uNp7ۢ_SH9vu!>D4V3{_\*00%:p-tJ0q\;8_N:{359qd>^c5*r$_KY_f{G(; ֌?xAΟl1C2>GU`(x30,ˑm߃*>7;#D\a6ٶ^E.!&q\ {qx2ɞ-l.%nns7)iA>-JĜhVQG' %]:$ Hcݟ P_e3XgJrq )˓Cq!"78 *8ق YO5K&ZF`~mگ_UK*<+(UܝL0F~V;N`W8itQ f O)5k1CeB#aOmnzU V[%f6dQTi[ܦ*bD=Q:q_#Eh!a# *v# 4zíj#L\Y@2扎Rd3EkhٙD=+pQ!;j*x!#;XLZHҡs1ۭF~.Q!T=@rHj4x܇<>K<`>l_LWO>ܗ xg<2KrKj<,XA7CTN]F >BO zRPEn-_gUt'.Jňu'6EiD h8 F+`>d覊{wC#g XC'p;$l 6J%B_ l) ~..vߤյ7p |EaQ)l.] Ta>E(r+ve%.TTRs^4oR{Rrn X-kAJ%Ԕ4:T3]BuS?xX~B(p-i9/3KE<*9볌tMcZBPuFX\;`gzS؃:R_ U=H:C/=s{&6+q!Ud@ޣ%U .fI& ĵ t~::jrϕł0T*)i 9|Xv '=K36m8g'zM¥T$dW?s&u+,')3TSNr0e!~04ߘS3Ou w\pχc# (vH{O Z^-}E"NI1&0M07Y$AvR 2pChT(n@sz7ʫOT(*N>NtpNmW7^PPK훞әGD],}ub3?Eg>ceX䙄&]uI a,N{u Rx9<"FE꺇uokv֗x`b@[G[Ԭz.DF|jt?g nݸjD8? }!43nqc{0>~Tqw{dZG29o Fi@C八1{"%+өxSk#a7o( _9BS\pRgm>cvH!qpJM y\wrʈFLOF3z\EHRmpI^XVeʟ~G62dF2j`M/u>sMK3#:qh' BF"9/&G[,IRQ6 +?צtJQwtF>b[u;)VqasJ:8i-9_>WqÓp1Xly\bEy[ ^mY7>*ۣ=o$A[=4>K*S3 ?f Ohrc؇*Glș,IfA ++S%.IOEqei%5.aEݷbG1z(i]x!}XbIEKӡ=V+:EWި?"%}XcL/:0WpGs?x2ug $L0e~#jqXJ5N2r@]¹-l03`^@ZTw}IjR3\_`<%g\6)^ _ɢc֫ 7QE7S%F J4W2DŽ^qIV-R+܄pOބ)$(Á:)Ȧs t+rb@rFn[%SoX!X 4,m9W-#VntFao#k"LT0㙩]N"{*MC%hvh "JV1zsr4 "@,qlv] 3m,WȽR}q0z?=@3őByѾtTOpZ], !x ʆF_Po%qj 3JOoEs8m4LhިFS{+FײKY”GLw{S|~tC"rQk>]@K<^^a(mGSVmEu"XYG)NP3[RM7+:n_Ɂߨ9`6Aҟ8z~0j^qVm6aXhQM^A>䇊^ 2FroL$uα@``2j{căkv nލg+l5XHyFzRVRruȢp}JZ{rab+kf(e(¿RC:U?y葖 29msP>}W:х^m&!DZK3/Z`%(^틃:vnRbrܪ qVEWw? Ta\8w?}edkqkNYi@zb#7Hp*H`MS6\bE9N^Oy|Dy']G1nGQ"Jp—`utMT+PVL#K<ӵuWW}@ՇL{Ðdډg*[ lmb^>=Ȧ,om)kO5 8͋&b&+n]h;ŃuXI0 Z 0;L.[Cp M9֪rTz>w_Ъ?W30 0w+36Z9X8ZǛ48~կu.| tC g`(g6|7/Ӳ6ic$plU4Y1udT [ 4a2oPx,0NQ>թ* Dh7 O^!~Zb# vCl%+Ne9ULuoD!uv{3U<Fb6>d;vGtT]XJc"K:#2;AzChūqc>Q1M)K^NT-t (bbv էM,sɰUEm-9eh.b.Z)z<뉃l迓 sikXޱ%b> Iz5>zYk@TةdD4ΓsB1ljr*Vg=oվA1Jɮ!,IX&R ]znLxF+)=}V0XT"3͉:ń TR徆7{HH *c;;롮쵅l_VF0)k>9l[Iw(Ty=ֵXU}]9 uYP4B9ϢТ?Å}H O"eawV!sQbCB͒|:oO2-;>3Ptرӟsui"ɔbDdL ڥ7r$X㉣.ԕ{ƚίsDg"Z::? 6`\0d A *.# kz `oދS'VC=W Zȏ?8cMw72 ;,uLZX"ѧe`3 F<&Kdo eIr;RXB}_˰,k%&.!2W*1 .Oۄۓm9(q_hQt1#+/Ψ:,ӷV1NJWJZ#%"W!7JfLs,B6 XƹC_9_o`ܟc,Ѡ LRڦ"LMg  zD‰g@_w*[qj~)%%=Wn3q?p { b I'sZ-WRZZr!Ūمr{yu.z;Ri3m3g톣י !%ă. nh<Xaçd6@J/'WD?6C3(i.T]R [10ڨ~)79+(]. /4_ Jr*wus`ʚnsw8V8pDYӠ~njX:oiYu0l)u'KEdu>ǠQ}Gɰh/Jm~ҌOpiڸ]n+OHkerUpJ(OoI)ښ0鸰`ɈgYU5$B\}MSZ*MlO sZK$#:GRN bywv)` 栺TAd;tL]*[#cQE r9RDFe9HkC#ڮƶ}{ˮi iFuKR2:}I{a5w㿤F%Yv|20\'6zP>pѝДyL9ak ]VGlӝx%.4E<KhږEKC9ѧRԵ5w[ߡ{_V@Htި=lZn0xsPFQ5lG L!Σ۽V}΂uNBkodP\,w !Zٟg-~s|uCz п]lJDkKƱ~ҽ.b1o)on S~B't-,~wgU.jk~g%(H,Zk.KD2x\hU_jSCG948H<"[ .{ z3)sGԹzX?oǔږA+Dē]h;~7**Թa 'y#mV^ӗ +PJy{_Uo# C'oL/c~Y@ K'?KJ*z]<08ѣk)U*4$]*Id!P,@υN;Ul|*ʨ"mJPkuP9+_WW@Ѭ­rIY'SrOdHc4jfP]gweAqU'F$izߘ2}0*4M1Zvys<'϶Xz.+71׮lbh01Xi~+aI32D 9$m꾇W.p0( ƣ>Lb @(_Kڦ!>w7eC^GRH̻P,2X*F8P2\_icBvAA+O^^v ƀy$4S]i9=vM:ݔd[^@iK]%(IWuL/ M1Kz2ִ"nT}~(;|ϏP\cT*eA>8`l->`..<*ه_Jig<9z.X6^E` veET}ɣ\ӈT?pA2vqtpM^wt 3]hͣYtGH R= W<׮P(!@- R`~s=V0M-e nq2 IX'GMϗo+4|`lč6C%pLWgG"́ajmLHr`nM-P H-U7SuX|LWKͯ@0vs04[l3lLQ/84`{ͶjGK-^~^[u6L_Cn:h(|WdC+9 o5{ GháFQt݈ ra_ UPne [XwuͲEw]+3Tj0,VpH2@^`j#Q./mX19:~^Zs]ubbOΔ7+q!'mHܪ vN&G 60 0s{cFieyTjW G63P: B .EL{B<|XT1Gx*|F,b|k0^]R<.,~XO>q-RUl1z|C(½I&3_1a]g.-ݛ'݆w aI'ov@"OL* % ERt9uФ+)9sZw NH}ۄ1TcmWuL+@Y5 R3`RhK4 ivիy%’TJgTeT0n{K<}i)BBXYU QsIDjmT%)n;x9I[,YO\bh>_qm[jm]^8诼w)ST9P,V[J/O2 [p-IT5R k[?&.Z2 . 35}NPvlO)UcqGi^dLH c׋4Z)܁}-\q p<6tKuk+읆|}r u!_p@X9l 9~I+o#Kgt`|qGƆ c`cj_&/r)}x9380$}B8Jܘsh)!B'ڤAIZ)b97Q1)c8E+ \z9Ex'ܬW$@#,Ү1j v B~Oy] ^Z "Ĺ Rǯ|!fB2=RU?hob4U%0ʞ ӌ)z/<: D }C-=T5v#~JRƿ*<_;†VWRO2NCap[,g԰Z^|ͪ1TN<]ha.9fQFvf:x1eꥼr=n(N)s<] L]οbR*I /G}_A/(ٜ|eqa.\k[<~&>AJmnFM8s8uqQ˚wu"~v/zg/2XYQ#5:y|9|0|}fJdTMK*ٵUo7i^>p:ՂQ鬒Yp=ȉOL)qcQxAh`^]SqM ۡk/nnM}8Ԗn< ܖyl PR0_C M^84uw.\<[ ǧ~eE8 hMn<G~ʹ>flK\t+w(FY!DbpE!~͇? y= -!"7P f6KMAN5#\do U꼨r_jȱk v[9 8* z7m!͗J9x<rv˓婄`SBǯ&1&ѨYD9r&΀sP!{J bXǑ'q2H nUC.Z ʏi杣8.C?!b[;kߟ;p'8KݕY.va$!-Y;'A60Q$e@ׯ 0RtAho/9Ԛd f8N~/+,Ԛh=U~i2X#eg@7ͼt̼֭2m9>?1{Evq%SȪno rqaSߤ-1PX)WNOY #Ax>BYL/f+RW`VЪvI)Z>^FB fX+>AuEO~e>.T]Wagc4yJ.s3Pq# ў=$q\Pq#gj vH '8 !MPq:s'h~v Ƨ4eÀC&1 . 3 0_i g D!!F>1?3&tFn'!f:n9mtZJ"5|8$٠^ir% PDei=rrEM6=\`1F.h33smw߷[ bHTQB9B7p }TSA`Exؼo,'kj\:ʟ#~q, 3RP6*o=AfA.'OH}owg;{Mr " 0X.i$3љlc8Xp4/Ҁ͜ ggɱ:k{O9DphP؉취̙6 2Eۭ@xV2L3ypwGz62LwvO@ 4W&xR!5ZcUf> Oy zG~V@a酠EaWw\5օ/wƣ>ns5 Z4jr\&:ƪv?|*,sm9m0BO m+M6LxDRv-YTkdOE6ku*hC{.MUӳt(+*v36X8`]ۙvԥZfbʻ=ѹ!U4^414){jviBDGO{(e?̏g\bM(0dk]}~s0^p1AWzՂ9ϛT$DH:5 ${"[?WBrՄU œ.XwRl @M6dмfq] ~*g҃EUW+]Wہq:rԍMD3Om!ȑ&~D Us@ |O v[kK~kӠL2sIA". )Hh6[ J$[7}&v^>9|iA cR*9 xȞwX  Pԝwʫo RuܫPb#IKE"<^WTi]PwMm}+kr_aӞ$r d;LN15>n-{!B[C07uE1/|tVp]FZ*9U[SN~"̻OZ(:pMq4o|FdY4.jlB$Z| 9kbXO'\S⤗3UyE I jV/ ; ~x?r#m6[ ku*ix@ m= e}Nyyc3[?9$M9%H `C4bIʵ1oɪ!TBj* 1G;Ds3|\!}$G;-W P>3Y㩼\_zh-lD4N#lr[ORPʕO6MR"~R<зD!FP*x.vKa)pgOB"A7zZҭ?ʑw ͏)5=TWB z{4*#qi;ؔ%P}͇ck^̈́3yK.ayz~jyvѳ#Id"́㤄wU o=fui3L-b'Jt}W;hmOj2L~D?@:^_쇘т$}7Nș=`H^H_Pg2a7%6<&t䒳_I%7Cn炦uxmSI Y4 oQ2} Mתޙ9,m9y>J!+iEv"[>?nH!=r 1 Ц- rVfz FT0GD’X!n {QR䂃^rtpZjBJD-Z$+;HqPno!G r>oeޥ e1n`,NZkJ!=pMHbǖ51cuylU~ۼih]=bA89mF`h vemtwn~?`Atޤh7{~}&Ook"MgpuqZV-I -W/HWEqhХ7B#J7_DWTġ!ais8ACiϫA%Qlx}w+aCV8]&̭+w=˔s{|T`Aoq`=Al-qwyx MNtK_䵨&JWI|{PZL&V΅ܙ ,C)BUMc'}%zJcۧMGsQU AΐLҠx+53\ɿuyYmAǶWjXDDޥUBn j-+|'1| ؂{o$sBTfBd CZG5/,&eW=vD:LHtm]AOt"a3iݜbG)TsO]qL:(սd-RElbC1[(n:p~ ETC1-V%{/t{WWMEDY; /`qA>'d B#^e͈֞mD9Q&~DխG $ ÃUH/i߬{&9MlGU2 Ef}2-i֫n+zVL׏lSz!58LUk937Y‹/ke{x}I Ot {Ξa0Aʈ Oɫ$_-|q/7!#"XFoV9e+sh>!>k \8Kwh],#[•ә<MdߴKi$1_ $]Uc;Hp NUק1]m- u 9kb PoD(|Cqyh)m"OJk^iu8uA6Seb*م+Z8z Ȃ( =4.vPXKbt$S2 [4?|XM%7~9Ӓ"^?FL|e,~BLcדwLGsXVS>U3Wz;8A)xA1$Rhg}e&⤇oDD_/|k}  Q js az_a=A2 :Gf9BϞY6oܖJipblOKaMD{"% vMpԢF`&_`A^XV~z*jm*_u_G,wӜ>Glw}V=f`LBH,7v sokїόǾd#߄-Q#L@"ALq(vEǸ Gf9OJ%Goc?|eV S GA_qi0QVڔto83Zxo|H :NZӲfPEUyC6[8隌93L.Ph2; XU{HyC+LMC0,+ۿL΁&B0K6R>jk3]M K^!;H'eɍ~d^a(0"+3chKJdN^FG=k棏FeD٪h1\U/C_6;ZŐ'vr L %Nfubvtc|@7:JPˀ.Ke_>ou*׳b* I _(Q.QuʉS 9"Cw=Ht^msӎ9%&ܻP )B36l֐Zᬰ}rF!.j&W /x5/'M&5 @sӐNӂ)*5N Y=GʠkG(YM:>&D^/+I1BQ@TReuv_(E=wP/n {1?HpjX˜Ug8 LMI`Wh Uvm=;/"ӋPRNDi/ȷ-h| 5á3ɶ/4>ofm˂(ky-̝$3<} 65Ll,S^݁[^RelPӬFiJ aNo=WJ ]`K"_?q\g@U ?ųY]eza+L[ũ7qh'yoPL_IcP/s5{0:Mත\BK|^V54!lY_u`R7ɂGwuG)״L ?ilnׯf66 /jc;>qm,%#~&h@v4/.Ta\Q^w/pS08~yp^+VaQFfkGXHj׃i46SD"V U'>ãm<+=iώEU ~V4T+VUa>%jfj)<|Els??amI$elq.i,M|誶^;ٝ#&@=|f?PڔcB ) dIș1ז}{eծp@!~e{qD[}yg쭊RDu`oo Tpbt]QB4cB8@2Xnޔ9`* }9q!Mr:E{8Et|l Ht$mݖT/F?1)Kvfd)iFӵ~ǻDt.a]?X+]z%/뚳E9*;`Lt ""hlOT%Y*PJoEv<3mu#K-tib]2gcI)xX'/~sA{:+ 6]KBq}h .ϴcUTIwQIՖ|Ѽ֊+.NP6/,YDy06FBfFُ iP+g'q8p*c<9?fRݼq3Vi AMsw !]5t[IuѴ|/y`MVd$ >V.q9N|!+vʹg`p[,ͮKˈ'1(1!XdH0RǰWl}SNPԧ&RcLʑ&'p*$E'ZsΪh;N+tUmi8a8]{š+[v(ߤfm,E$TLqUۊd<t蠿1i׵Q4⒣=hƌW{ՌF@m >;hRvKKm9_k! nzZ9}R{쿄V|7'N-xY_{\H/ CV@9" f@7&{T[miE{juʰك[ }xY*O) E﯅|=&asve 7eIT`݌=<FKo6aۅ'Պm?3ٲPoq%L6(*PFS4o8(#kmVHL>59M_qb~WuvQC"-="D5q駨Jcד 3hQe ZЗ5v,f{[nKjĻgg=ȜC&By%iߦbht\=Ng [ȺBC,>(RcZp E0>4\ 0L]F3TMըEo,XԲU%|/|Z,e*:*F1mqf]hi]{r G?*Ծt5TF lV*EtR, "3QT$8FAj[}6 8 > fݟz(RT sN03@˔j;<6`۹Uq!eTi^ݲ āRߋۓ/6k? TbS˹-0qFA=rm%2wã/w\UbOa/?0 ]Ų_q#)q[Ga ( uHgڋ^.jl-Zz)a4v6>Fpr͖]v)p84F@Dlxܣ N3`ⓏRzh; UPSvlϩНt#)7zpAށx{wOi: U#刧[V+&.Ǡe*6IgӃ懔%FOz].8؊O{wι`y {AY!(E/ŽVϏ6WoMP #x5TR?ωI;Oۦ_nM@9<2@wapoC^"s :}}gMM0Uޅ(^ 5LITM cԩ#FLwW:1,'"! ÇRP?)I3YKJkԤA/r4*km͘KY(t?j}%$}h'%Az9Ya'J0Id.q=NrEkF=w k lV. d'AK+řL' {7|GV'-L`ro#;bYL"p]c -tJXƆz/^thk?ílJ$)Dtrbcr6 \P842zdmYXcl9꫗! ݠo +_>A` ̠*Nx#s *VŠ -P.B 'x{ܟ~poTQVI_1 2w ēW;{l#N)z}FRghPc wd7 i0=<ą ׳cRBtt-`k ~X|Zi}Hs>ޮKѓNa g4-;.٫D~6,-yaVW+3u_[Arb$1q& fE_Tcru0qs{t[$(QzI9ڶ>D#ūKP^NPož|1m+9*f]H4XK/:x6t}3Jng4cO]0Q#`t/JkJ6,qeZwEڜm_n¯'pׅr8NO% !ȄiB0՝0`Ř}g_ Mc23ik+m~2HX0ޡVsXPm؜ ht@R;#*b`1vHCq rN #,ECMJYZQOp:|X+> %spO\U.&5U^O8N2Wq/NB<"Y; I75&5fS~\y>P>cbVxJ^Zș ynARio$-V!/yi-{4p߃7ux㧱2O(w*ƴQc$jP"|.-$hC+@P&~*"rQ5et::p6)Ȣ J_5Q,c5@/bHܪE>ŧט4悆!IwYR;ޚn8!a*~ظ:Eˠ:rb: 'Ȭʹ[ؾ8uNam\wfo;!.iAH͑7ԫ KzmѾ\.5kXqn6<KLIx{dC7Asa)9 M%q9ulȒ~!ׁK(\Slբ=D*<$HXU^0 OX^Nx}ɩ0t>)3t'ϢimCsPfoTsJ8dd1i7Fɜ8/Q[!g8%8b<"y?+BV8\}"5hJ4wI`# u+TI/`~# sTO0xV]@p=cBeY5>e6:n9ϑ_wHE7Ϸp.le-{VywKCԀk"yu4E4H|Fl B ݻ["9&A;sTg,-QsʪU٦14cS,zl+]^:QsKNX׻Oشg#6E&S8Nc:8|d~i{bU4$Ͻ,؄P3n6k͐ԝ^2]uGlSnu0˖w&PS=Ș=5FPh$s!fTU O. Ҽ]_ѭ*( ;&S)j(='SE97M{- Z^Vˠ6W:GV/ѵփ1R[j5MFQ\AL%!m4޵q)8}-&@)OKg@w?P|Y(;G8Rd iUu$)ǡܒ_STM:z7L\]^3+ BúZ.1"7g!: $vCA ouZjfAe" $І5`Ӛ}+1Շ+$(OLWfča+O`?+Se'3b+"&Vnr}wn A? '$f"n<^y:sD  ϩ bT9ɿLAMn$_M&6FFmm|*BMϭy]6wQ#a]cNn'lA[Z'Xi"R$Ǭ7gW܀=ܔJA>O{'zVF(*[^CK @Ǫz8\6ےka3jMA E<[,K(;}$ x>#ap>(#zLXdVK۩>kҍ%xk!(tLk UBYphQ߂oQzwpOPRd™^ ñS;V)řwKSN8 ]17Rف>d=]hH>W 9*?ѓgbJG4჋vrxB\t֔H}&d; >)G h7'S[hlڍH'!&ߢsg /q'[CbX6j)۹V+6]RkٽeI(ciM?nZ2zx\SrfuO h7p9ݲJ9:Oc  UͰ)Fh+u9-A(z3W M34K3׵\B7g䃂!{i+(x*m)ZHb?HdY#@mN\6sǯm-2i-p[3<>$68AScs,*!+yaKԵ㗺c߆'oIy jQ7_-Gb :6U`*60Cd*rn>t(P8E^_Z"9!M(6!wZҒ2'cv~'vթ 'g߶*ȆLKڱRe_yٹ(pnhVR#˿P%f0#Z$'@9rl72Ia\֒Z)zB/Y@ 6XX"!k蝇M#m|e_<baf'7^VUYUP;"&ߎ?OJ\绉R|$.q~@:h8,(k( εF!Ll YMqc΢}qUX,*U(|i=kxB\4f@jqhux +;gM&.w9u5tdn `G P/?;ZZ IV.>d+akN\ͯIFZWs蒯oPN㦿|sxa`@ `{u8 L(ڋs(^ ~V3 q *לA+.ED)=W}e3JHL`r;S;0XVlCFxypN1h=5b yOѥ [뽅\jhW.+12&M,ƾK5_,KC"ȓViWx`H(4eylzUBO0Zj"}MbO,9Av?춲`@';*< ַjW&hh ;%0*t/cz?ѡrN<$%0u_dyiMT@JC˖waV->aJ3m/BD֯};-|VVQB[ ytȵg`m^a^@aV5ٱNCf]ڻ7:ܢ2`:_鍪OuzFa79iWƿP%_n$כ];Fg n" ֈ}i?Ծز}ܡ.% M` 0֓2HVQhʺyz+%a?>ͫ9po>EldDY|KໍB~Cˉy 3l -R7'.^ 74ț)/ygvUmҮC/TFbD*au1-n]jl~Tm?֡yIR0oH)eTTrP!kuV#w1å׃r(I @7%ޔ"8(ӈ"H"?h{"/m%&ϋu3z}~ymt6l}A&9Xw&QtҦcLDL^0&@>+{&,TeamFeP6?2Ce@&۹B'H\>U0O"L\p-F= 6Du^[Byo8)v8 ٞr;@oI\Wv\5DN0 a@6Hl7p_9"Eҡ-zfHCtEqdW!Uθ pF+귇h(&nyD"vOXgן+'],!CiXᓳ^"E P^+W$XP$xI~,1&arIi_~-$ZI=&vFuX5N+јwD^3~p.G^5R_?'/8J9v#;\ˮ|j(F8 ,Tp^DRemu Չ/C.Nlsy& 0\ A#ަk =D^O_&(wZN 'ۺ|)Ƕ:^#uf= qΜTzUxPi?=NCŇ1=P7TPX6{c&;>l\ v)#ɮ~⁄~ Yy(9՛ūQpGE;dLmGo(T!M:+,CPwm+,cz0PO3WS% ;;` }Mv͊w(L {NOS-z<rt;i60)ybq2b7^%BKm keAqh;|YGr h@xFn#ae' }akPzKD:l=*@o7\}٤gOx] =ȶݣDu'[ 2q֘ HrpDTRl\bXi *{i=襾oP#۬" k̴~'qBXVɚ,-?4]%ug7*ϗ^":I^W>F-5L3 "bӤDeEiQE#@$/ Ngj1zOavMup'ǿފvrh uRjUtmA>ZW /pyQcEȱּY6AVOg̜狠:7x#_{9a]/wPɖmT }ȯc&Zj)oS=mHnVZ'ZN%6Ƌl6 KVeRA]eI>'t+C֢}սrnބH=eeifjeLYbcF'>$&P'2<L#$٧-,umn){F9A (!x=3c+h 7RF=<7ގkB_A pSؽM ׶QRIJ)>x2w/9hlMGYG91Kj/zfR !h} u}ZBn55EO|+;Ty?EjV~ɖ+h@Rɯ{B02s,.)`r<;Zt{",y`gƍl- ~Q$sy-J5ׅ %./ee]9,:~xL&Bjoƽ1;|NEkiv'b4 d!Q{p*g1KGį'$69<>㭅tݥk$ UܰڃUd'dsp(U#(|`۾VI5Q=G5PӷUP!gYvMr6~$L8US{}T*V)P#׼;t VRalv^\UO!R[ZkT|ٔ,dאܠz:!6{&lS? E eˏ?4ž[:p~nSoor?hტ#p>!mH};ÖbP@K6x4*oW癣|wv.' cʱ+iSH{ՏkiGŷB+=AK@ (@Ka/ufzl#X`q^{0 !,e~{H(nFMqwP{?^S 4}1u"ߤNS*L҃Y_قN*.$^ܛO#o]"tL󜫩 4WjIG<.Z^SG@W`Le0[E I,4waAcQ@i"WUu`P#̿iN02m9[qGq0ܺP]?6J1н%pHJu u0} zdnMileDnt>;dlڵAq.oau|$HS *q،o5i5gыt]M\n3AƥU])l&MvAj.^RD1 ̍BzUFiW;~ޱM}xhy|:9>ŕ7/ ! B&cD1.:eا!g e^v[f/Wfܚn7k5x[(Q=oyg %aNDnx/7Z9u] b-}Kjm0G_^QG᏾M=kQp{ rMJh n3"]E xUђX~=kQ΀G"]e_̍SAR; Ak~H@K62XYA0ȷjk+,>>VCN4\FWP>#;݊ x͇#|'br=:j;=oj19Vǽ[nIX&NJ.@!>A x7qHyQtЂGu _nXThGß`mXyZU~2/)ZѪ~F?>\dGnJyɡGG7߻IDd}>w/J_AK4 U҄̈́ڙFhdp͒U95k)Е@ʭCqJ Ŏnv"'?,E40#?Q)0)c x11+;`qCf~[zuΆ6^xr& |Pl֛.~m%Jr|LCo$5qoWFt!\5)[miƞSM 6ڍW9eU4{Cct<%B to Qvl +bCC´dUx%P}^ę2pbOޯ>!H*>X]`t>MF 5zņG(ׁcٱi͟MG3w_>fH-Sf Ӕpu\y=Eqf<NΕ,[Fje?-aknP[j#oFSF y^|dH}P33 ZƕW|`/47 Z V6S uWyMkl[cc %>|<oQ#MPF15vLZyR6\:ɑ䮸GΠK6 K#N%UekJvx{L8#\O:qx|Dfzs78ӥTFtǤWpG^)wg&WI K x_1(il0'+)5\ WJB55T1Sh#Z(q-A:,{ʧoQ)oE׏:S0unwxڒl_𤟛۶֒:-f{|f|q{wHdsarԿZ. ;~\ʺV {0xƘQ(AӖg `hù o'1W"]ۀZ,̭k1tqszҏ9Y j LQ暑MPkbUUʟPInxqMrZbj)-,2_^E m:@ͥ!#T6[e0%vNېirci'Cݍhd[CbJԹ|=P2PstG sxM^$j`Y}̤eLmC֊✄*5@faa3$sl F: %|Q&WʩV]c󷺌}5T \Cj%:\$#~R0{Ep}U-`RJ~| {IHNh=)AA r*UTλS1%ʗT=V(Hҷާnpqڤ82ST$W"9;Kq &΢E8W|MHN/P}7/\&Ԑ8)joKf(L)Ԯs}<+a8)Bc:=_l LW\Yەm}K/=&+E=mP4}-­q?B UI.B!i|m<@}ZpNۇ;jhm|A`;$jz>Pӗnl SpWXvb^&-)S&cY#-)VƦ"OSkQ}޿e>5"껪)a[,HU;0*J>&_C4rz8X"]XhzMK5#3M#GDBY*dG{-.gM WH|ܴR,xዼeʞbn^A J.y ݾReSWcLu-qtw:)؃}'zv:N++q>%+DbRT E{l <5ļiI`3 0dՉFE*>3bcPnA.6+ /7'D4RUX."8ۧhoN'3\>E!Kdx} ݫDr)<\u߇":8IYNNx0I40ƵK=s]IE2\[?Ij3;ɟq>T]93uQZF+骾$`5BpځPr>@7,M F}=E5G\x|4mJJ9H_#@ՆƱu?Q=Pn hﱡ]% j7#5% JP<Ѐ32vp|m}ЛHm"P(з`W|һ̴Mr^f&\"皋q V[ȍnflƇeG>;s s c}j~q2mRN}NkZB01Gݵ}?jՁR&+<+q ^GPÕ2 KIМ/nͤGhE&gc/$XtE _Vb#8 Eo!ԭR4L_E|?=I4lFY-Ev[w&3.J.10TFd|6 Y_ρ qUn0y_=9Q{C JUzvMLzJ``"#UsN+fhG1E1}Mnl KSd:qLBB(^/>oaI"yu>2_^eh4OεaAA2t`2͎C:)stDi#4jB_&UaI@J7Psϱo(ա!9b AO|_5y/pyWIX ]l.Tk#ߧP~a$@+$"N(ҔTW}V\EH(Ader[hC},+@j=2MWVȚu˦&55JI Qu}ߘQؒᯑծh,m^1"əzL:}9y&[(נg)KkKI.Ed65q]eǬa+%/6A0@zEh:}  __W eVZYFOe~s/coh&$@u#Y)̀/g-&IT?FyVǗ;^:gaV-8\ +*RU sXkmUޓ33C X71dONuШj6iT a1sGaCJcTm\Y/is<'~NAqU#Ʊ`0[e=Q&0i`T~w*RYў4{]eۦ#ԉR-a0qt܆Ǯf͢^G ߶lsP~n3Rq乣 -q~[$ /]O3Z=IV/6SMϩt2 39܃wpDc e-M }G%e dzby8(H:þUL`!'YyYugѸs%uP5X4OK'VR COh}}(˥Z }DNs8T5јXՓ%N-Wt46Î3Yd-? !0I]v<{]y<gd~3S)wQ1ڂ|IHCsN`\X*3x޶(<ȿ>0f[_r,&&n{NlӜsƩMH j->/Im1 1vcߐ0x88lIR^8d~ ҈`{zT%.FF'az'8rCt/]0YR-Q=>Sxz7-EB'D<:T˳xn;0:S# Hk/vI+N ڪ$e$ ,{ZxHO[R~^y63(K֞)rY"4ۋPj-x% ^1cQ:]8m,,k[++O ^|W&UTZI't7餚m&>* wFTMmϸCo~LpU489*eੋ҅.RWbf0l;# z(*5~; >9Ŗ-<|'?ۘͱ6Z퟈b-i& ,XU%a:jX01l Z=M;x&52Thvo׍WGlS! ,1֑(YCPsZԤ3}TT(pr~0nb7.+=Tq QTfno])Q^6 cti uh?-nTR~$ܺRjs#tL\ ^c `,

]&%5s ZC JiCrT:Y+$B=_ ;ϛ.yPHyEA7^Yy݅J43;d%-ΰ(~W ]qC cd?eNr"ь#B,kV«S6`s~ݚ|Euo}XIL6;uȁvp ~h6 eP6Dx) 7ze?G?~#hX,{7v ~@)ޙa$WĔp&ŰCy(bz|tgpI+){^4BVG圓my#x+h$jou!PpBTRcLCX /Y+ M@Gf)(:<]p J2ih :t'UAx$SPN.h܈u+gp.&UAI!z6˒ԫ;:0EXbb\%T4 Fz4lRw߽ESi4N6E*TtN,*6֎tc^g0 DU w顿NE:NLo1bM<=@qH=:&],,}-ar[mG6Q!J{*2T~w#_-o8 o55q9/zؗ"ъڜ~=BܵY4wzz2=EoOH$)ʎ|>mn7wD=IN m6k5Iz>ϠܐiȭK'UCUa9 ϔrbK%dQ}V*tC”&{<:{̾D]8DWB$? tJĄgI$V?1#8GX3lI emMg ZUyUlZ/s 5I B/'N/FcKֽ%8>tzX7`S;VЖyuwB-{ 9I/'vj&oc d:m-n4hdޡ ֔/bI [g%wt3y|DrH?;EwM~oba nS_}V+!úG6!,T̾$K`({u"Cq<ōe!!˞nʗI"Y1: vBkx\ H`k. r,PoBѕLa%{b48CG??!/?(/Xl(qUΪU!ɚ6nHPlq:d{%j%MG*i{4^S_ǯ2h3t޾ѪFEZYGyngq4Ӏs?ȝR:B WwOkaH %s=;@PiAp%?5YM=_Sc}/ -NchF~DUCX8ָq14؁ F+%?ͮdd}& .׃nrPrma*ќ]rj% 21i?d1m =wYD8Djg ^tx=U6Ju Q½"~tw kT-2/*m7[AKakH/b]4iR`MzV7fGz3Jnrg뇌I%tכ;D ܚP <9q1Y{e-RfPt o1#̝LR, %~5mk0ZڥA-rft[a$o#wzZ-mtSIJ᭪vLH3/}iB(Md"Qew^v]&F uS P2c!nJ^Cg4xT)`mۛH"``dq߭<ⷙ=VUx:Iݓ6$FݗPPysv<,P—/#F~9i(4":, _[oGkdiB#v3Dž5Ry#{<`QV !䘼JR+vmB\@`b1ȊzkA.N {:F,ߕ$}DH%>͜>՜o*J`2e &#:Ux=h{J\/t;{vclcRq>̇_DJ<ц+ iԤ4R/"+O0X MNB*RKdg0{4iz /(F`;CJ=n̻[1Jz{׃;Mcᨫ^5!uvꅚ[uwȺ׶yUdg:g1b@v@T)BWc RܛNم2P DLpA֑G`ǔZ]8=ˇpѷ{+lܖ%`SY R{4 EfVi߄F0ѲERww5(C8ݱLm \/?5| 󂠧-ZKh?ey#'&l V2Aa]i)ؘ﹁cu_W.KjDY,>70@hGókGSNBх 3߶HƼ2ecʹ> e,¹?f{N1*K{_I|Fj#\Τ/ܩPnK7ة5Ls 55o+`ouM1a7_w{wirR9χy/6p`Ό챰R4|Ռ(zWL6L_M:~qϻ%Rqsbic⳪!eYcc`G=Ec=+ax\<ƬWNA(fA1}F".dgBF s݅ՉD9U(@Ѐ(.?Fl; =2 SFc5GCΠrsNe#ՋM[͆E} SgG6&ũu8)h}E?TR}Rgz+v[OJc3 ~T'(MHo= L\-ng~ ܚ uZjR<a^E8QLu>EN\4$W'Df#CNY˵A%Ɖo=Ӹx)oP0b͗c'_q<=aAk%j^gol>E+GlȥZ/TB! OE sO#QB#_AatxcM:v #LkMਃ .qB C4ȈTM`?s:W;o2'ux.J3X7wp[T45_ispx ]حHGmhI_s)@*-Ӱĭ!ZdS)z쥛w;B|}P/=!Ľ]X}Zv B!ohI? y$D׀Yܣ/Ǚ\0ǹ l!Jq[6 &:64=m]_LyJ@tpsN *A;[y!y2#}}/09Qtc(٫-;(q8_|f!RL"m#]/k"_1d(_T(U%Bld2'6+&tDNxv>fI ]n^ykCM҇m9ܬMN_J\zlɋ3D.q9hwy"zE̴,S@$H{av9ȏ Ԇt u.z+YY=L5A.8{ Da5v+ Lw>0rk+Ȱ>tG- HًNa RD4 ʥ lKmb]vAe6IŌ"%q@ MфDiOǵu`W`M {SM&Oӈexyy4-Cb[``ę6evMOR|eQ/||㌋A(2.wIBzL&E0[lh/ٔ8[X}<ߗiZQ `}Bl7 ќ|=[!3r ɬ H x? $ _MoqQWT7k@HxMؠVs/Vj?*ݠlޙ`1!%tDVióbculdJ:F*?^q{xk_cWo@)m 9Bh\<VR9ų'X"Œ0eGܵ i[|Q\@[R+"Lrk+(k2YznMjC$dRrWRT3f~*iOC?7&3ދcZ>wz1 W>fgbR8PTCC (piľ|u}5 YP^۰l*z4ǩ Ϡ#092E[!t},ڊC`rN#yeXB b}kВA>khNn9!ח{SSa3Pվǣ2hov ~GM6 B`p!L4jA{VUe/hߋ4ۇӬ`UXFͿ!6եz;bTffj삽ZDPO;-)U4fҋ-Ir*l+4̞KLN=OU:wDƑzFk~]apJ\T8 ]BVa(KxW/B*/i'GȕЩP/OaHUOڂ 28yNNdœCR߂.HV5RZ!<I'MIi?^zDquîG ]RgԳnG, NPLl|qI^qŎJz-kjeJ\ƫ0%s!X RirjD>SR48LWk,a0hQ 'ZP̹& W6e-g5}+bnWN_{29)d+BxT> KeSW3V~\\fj4UBTiVӺO1/E$aRUmp 8@3vW渭 Ϯ4HP%WK7{`;'v Deusey_cRxE W*u3W7,/-E-J랿)-W\$f~ =JK5%UOٶ0JYw֎^!zN{#͋bZ|E;_k¤(.ۅ AO#}¨ELj뭝s,kC2e(:L,ʙ›N -oԬIiF|H%ߚ/~N:ԯ\p)i C -SQΓ/js%łenub>L_SZtdY'7YFš՝wgo77qd$IJˇ t<2ynI>;]@c%xUˊU-sK× XƖ WT piR]ēMm VBhKM^  }B;ɘ7e(4ŔV?ȟ lQu5t@}/$U nq~ eL SĨӄNn }A(6=VcQdً4LdjqWm2F¹\ ޫml&zzhg9e_܃ƙR8wŽ/LG$C abcqޖ>C4+pbSĮF4tx!qe ؄֕N3T__:KQI~ۙ\m84IU1]$Ҿ-t<ϣfc Zx]mfxiPh{/ɼx]T AONw!4AÀwlFi 4Ҳq(#tC\Es2%̈UWs 3IZs D{递Bp$5Фm D vo 棤0{I>z̳ikBiL\syuۿgs!{TTc Y(2Ke| =2sJ)XJWATzѢE q$=1(@6-5-$ oDrCttbc6<̳66k/_eSǮSך0WEs$~C^AN{erֵ̋ݿ)>| 7zʕE:'5j#@!8%|] \!1 Һ$߸3=SHپ/ :(Bh̩f+=ҡC3۟-t&"bXS1Qj*h.hR2gNxaJ#|G9W\"JIs0 Kԅ^PX(r:U3k3d9"*YBTߕfm?#V=ARo!)xGA?<T-B@ݰ,EJ!w^WN 3%PoA JR7cn״#J7InwՒ(]nT]0 V$W͛8*6iIK8^7ɤ"ɃvLJf_UJө& B (j8"iI21cԿA.-uR{< ɟ:e=](؜g]./H̜B%ӃmJaՙw1) ':6Ys- jȦ:tOaP쏞wA IS{Kٱ:ufe I\[mlJZ%iQ9zXӠn뚏ZV%%عp q-uYܮf^:Pb!*R"Gڹ{>TYw֭{pU.)dA#; mUlR< M'z;BvAAc2M;B:͉LA;Y {N ;V߉o[{滂8>\3qȅa)YzE@y5بA:7ƿ :}O/F#lFo)CxvҢ]e((#QMYkZxk+-RI׹ױ2:굤jؗÂ5(ĔV.J8Xؠ^B;|"ৼ@&K6D 4G~Ӫڢ[ Ցrv6G8Lk2Bm㩐B§Jnzk6p+MLɘZ0"hjOjc0%u;z:H:-9yqiyo:R^HXY2Ctizs() >X;\!D '!HաeqTyl$V,l͡|hXVk}b_@W甑th#Nÿ[ѫ >z9s8нuvp0 _Em '1i5~@Tnݑf??|M~r>2,˺Og_n*xƲ Kh2+4hAu&y67*>[-5ewgMЩ/mu2%ݣ߿ETsqA\~nq{ }Iۺ _Fs*VMj AE~>mHE.D^r40(KL)+KɗD4(^Ƥʭkg^&@I"m I3V@g̠cBg~yG!s)σ+AƸ\+x)bo:V~#4ߧ^RëeC7%f,N#.q%QOr! (@gAYBL-^c6cݝ!.s 쫤23 Q+j}S>4'a@ z;|KU"{?tvFnVN$tPuJ6њhdZ+1K#O,$Fo@F?9l. qtǖ` TjFl+)'j &{?3?|JSť Ht<,ውQG M}`7zp=$3,h6K64}1ݰ"OWO׆2 `|  .8E*?#${?}^xZ$(N!7$q^'Kc\PX-q8L`vevu(J WRrTF3Vaؾ%JW֒ =_y -%ٖl @ ۪N ;xF+eϞllQɥgyj4KM=z@M!\\%Ӄ2f , (1ؑ .=:8]8ϛDcx|B;I0L琳6H,I э]DUާy{5Ycx-$" dMW vKi /5W- sǸU3ugb MhEj}^9gњ^TE U]L̎?D:4!]XH{`ef?O>߈ {02L\fcEcYE3h6,qk\4M-1!Po#:^ P(w.sxKׄ Jf2#MsCuq7w+A$WJk:%JtZ&cS"d)ȇ%qνlBj&O$,r)yu{Jw 4X=s1=le?*q&a ߒUʀ`XfIti"(t(*Nbpw ;;aXf(vm K1٩?K߆JL^m9hO'rZOJԳh. ]Ҏј.F2X?r"MAH[P}Dcz"{*(lT $lͮ6$0Gi;眶f)Ma~Lpi2ƤĘY<.fuMjB|>8l:aÆ47Ȭ}]^.='sLa*2qS4 hJ+ #pY:7E_[{"m v J`OXNt+5N! Xk-Bjlb3 oyoUd^1"=M%`m\f1d. )jaW,zFs_kvӌ^ebIM~z7HN x!\CYSS'bJUp(ir IV4ˉDeHqS0^X\;)`Rrq$([N>Zb2TCM]5pF2yܟP\ CG۽}14+whTRm7VhD1$#g=ܡX9MO5,j5tkL,tИ9pP~w,w̜'oEW`͜pzYsXO:cWS7kX<4U6ΘhhݓN&|+6At~_+>7# Np{Tڇߑ~Ju1[]NgP#k>0 @ϓ 4\3|j ?}]Vs{ŵpWYMqI Xݎ]'% =h;걄 fob[^iKT{@a1Llhh۴lEټxjQ5|?51I|cdPRUq5˦ }F=XȈ* cLWvԊ*uUԖMuh>U3'2˵-ǩ䞸Q׼ş쇔e`!I wJ|.\59:?U!Qh<%ebE4j{rM q"̵Ru͉v wlBd(Y0f }6, eXHepS"J~Qta$b %'Y×~*{w2>?>;(@ ;T +˺'/S)=zxu*,V >/'xk(1ZxnDe]pc-3΁23#ӨE@AXXf{?g-t#lN딎\%ԉjMM8F;y>x\Lc+2G? Fv,2IIGL+}haиa:^(J# ݑu 8t:滠1%RgmnNSQo#;wWNŗlbX yG8~_U{'F@= K~:2OePDEyCd7|ԛ>pƷ^ <`)*U* 7wmB9 &^lQsdRyW@Rɋ}sg TS-b= kss{%rEub9]|)eOݯK2 *\ Y XI>g!蔰yUzE%tׇ֢RIy"by"=JvMح1WtTSIB[XZ?y\_$0mjrg*v;.۬R~ys2Y Lq'S2a""жHP^Ss\ Cf Z}IΒq#J79<qt:V ~ nٹx#n -k[:=*舳2DTo8lEUV_Nr ܿ,_6!LGddJrm~=I3]Q,O3c$㸾Jryl$_ :*&(6wnƁk6FrgRR Z_I Rh+wYӧ Rd~_8}Y ;>t%&̮TSg˃-yy{QH#?3t)ޅK.k9n f5 T;!aBKRe?8 ~ݙ}zT@8g!{|\ )k"gzcdO=P.#:3U(?5Y|;/C}2fSư5Dl>_kVqteJ&y2HelډВaNթEnikJp`YA6&&C6VnY`.zN;@T'[~-ety@csev#r$ yŢV4-gͅW9 GV>GH ѽ T^ 'wCܼbߞzGroaer70ٞQCjȨl6[3KYs$%(d[8mtVs$t6sÔ虎TMxVc.0bvȔԣ6q> khա t\C xLh )F=_.'B=rWdEF98+NP(B)|;PTC 87ػW[hUi+y޿,M>8b\8Y7a\dm(YѼVa唪k*H(!o@R՞9?,]|]h˨I8~!;D6=rl * ?Ƙ2$.\~-o0,zlit=[pX:o@])r9 a& >1epe$TuVҲ%>[^h E4 \?dҪ UWyWK4T:fM)ecG #U9U {YC=aHDzXKYFlP>\n]a33?!dd{[NxDr^e}0Qty ҠSf2UKP7] e K3 YU"105Gԍ8|XFY ǚG)IM#&W!) %AP.1C&ͳݯY$6J|U``-*w}툗;Rz®lpjD܊T3qc6 AzUnE~{8Bg0D7^; 'x}D7ͨpEHOdVwvxV"`dpNnG_붯0NM".k)z}`7+hU-DSLAqQιⲒ?^p:$M /*djo7 Ζ5x=&V!>+/LAݝc}MbVQg`YLM$gR`֑Q ;;7g SZWTEY"|AZ9I=Oل:`f#o-`kVʀ`_^Pw3n6P0ޠURoL͇CC,%y0)ғ".hdE q&_UXN)Jmx{F=x^'mMD O̙V;`x_&~$pBX^]inFt4~G*yD_8?#;dU♊A7\e8ces{0#:vWd*J3M@>ޫMFi EHuʺ9&IX.XZ1lKcؗ/4- !躬2cI qi (` 4ΐ VNEY{F=9cSs/-SeɕoG ` /PjQ|8qF0ewsbdUWGյJwZZuW ܌~z(ʊm2dS2! Țiix{A΄Is䏁bDܙ&>O LYS??ܴD@-p9_I }HUp_ā#H9!Јg0Rm=_ͤFP턧16Y{_4H Q¤, ۉV߽"91Mm i(Bc=s :fW'I=9$8}hw7Կ't=ò:;HI]vaS85`:U&LFmT̊I8X.=:q= V>b<V)멺U䋚*"F)X6-\O^*lMmigL !a12 NZxOHR.%kUh(.xYܯqd'pLlIn+:PzgM LZKG.eP_Z\ .Ȑ + ʨ! ~.Qw7oHjG:[1 0"HOXQ+uk*cO.qʳyP&W$ORJHFsޮe6?q8eQe 1?PDS8rZĸ_Lt_]'dqJSZp̓ +y~CQW/4nGQcUk ?BADX40!B')]KSc-XX=t by;hH(9W̕ak]N}#%X(Vt2=&oOH'wR`M}ߐi1+R`2۫j%>G5:S:dJOX6'iW2nأ^>^kƒr @Ď 4 пkT[?!V(63U7_]IЪy/jRzk>S *-S~',qQc? 3VGW^fr+q?4O21#Ï#|X_`UOh.RUDxn/+׿x/^jAt暈/Q'rQGDP(b,G!(8&9 b;D- '+i`[m ",&T;1HF¨?*>v[OX*=\)(k0Z#lj߿ ֠VSK+WUkiI :%',A/C ~BվAf]ENUxC~RZ2AxMm׫WtVybB/pg~HI^!c1/ӇաFIsa=U􅛔 0UFxo?qt bVpr3pݩLi dt whw=(EP?ȕ(xaX6Ȗےa5sy`crD'Mݓ1JchuG:0?;fТ$dm?U(a3jIczI&;s?Ћ!AhGI٣éBHU0Gh|<~Sr0.$\5GSvݗW{lI2y/Kuab" pp8/K45Y&ꅘtG`ib "_GOq N."NCNӼ>1gzzhC$N^31}., ,; Fpobܵڤ P5BIAu =\ޕҜ>0DF +@5dyj̓kyZ~[_J)a ]"Σ8Ix1`ѳ_J961)dJbPDg*SBt ȗ |  d6Y*S7+nj88 kԿgMm_cDӐX+QX _1{ӊwxKt*=^Fݞ? LzDAdrLxEDQPqݔυҩ,XO*[.,;pkΥY070pfğ lCIUM4Q䂹>s,mAh\_zX؁Wu:lŵg=Tv'>iJ{aNy aVǑa{E[5Ҷ n\tR:ҁ'6Bԍq~J_R,cYyf%ilpI2 j_wN/0a 3E&h x+`gfkN iyA0 vS UvKc*Ɗ%sBvAkh "jUlw b5Lg(PS{1BfJ璺%UP1S T:ތ{)\ za:uoU+vU~+Nc9n|6uA>h") ihtxpMjSizd~~KLiÜP0eI` .4>9-˃{ 3NOZv!]r KLQ u>DUMN ̐Qe$/ufYܫ}2@3U\Ӱsf&= )m0C*Y--diBmG/Yqrؑ eķu\j]z7IGziQ*84SH(v7͇!@Y4*9^Xk8YH{a^kRMUR? }XpqqfLaU}~ :P5k1}Sf猗+ Z>!q"Y6F&a2b5 ;fHX.D:7acP*!q80HVD$dSQtK쥩I bü,z3kvO7Au?ӚZ8elCYcB^Tmk*1pϺsB ,L:-cJ-f/S`>W˙h68\qOzopTtP/G.:ꄳr ԃ4jitk:7.xܟ4dOMoBsr4Q'Giޝ :btLV=T2˖9yԳc"6CP+}/q}_&ݣՀ|k;D~rQ jAc(ˋhk;`L>RsTTxIdݱ]0xl4s("m~L 69ڈé1hH?8 Uo!xjVwGocZ$~|hpz9!S$_4&N_F9Eڪ1TGqR,@휐:SctL%k-OEZcoԭkӶ8XKB\I K c<01Dcڞ!&i=#nYq!jt+LW>8 ap\u˸2phF8.Rd-w@) Ldq +ix; 6vPRĮ_# l32 ?SPGW&Ob';]B_k"{xXq&MZ>!?R?? =K]o n%ltJ# M$qg#~poVm D -vb8ա0_ď,zf[8?[eLyGsR٭a.?هA'+0oƫLc0v1lXp㊑yed78p~~Deb5EUQ4vE##G  w#* P. 3纉.}ɕލfx<@mug_jJ+BT\WʋsW^kt*33H4A Tuq!*~3Yr@E~afKCVNTcٓBrg/@(::b)ոp¼묏_nz?v(A$ٞgv \V=2Q7DzrRV Aa*IljPbfcEV Fj 0Vҿ;@BvDAKT7x1|zO0̓o3wxQWWAxÖ"`:mk(}EbYDCU6%hc<67Kp-gMYQK Q):=Mg3kI)hUM_5†ϗ:/MRH2Bq@UIT(SXKJ\x`fXMAi{,w٘Xh['@\vS["]Mވ^񭎞;>O[5d;$Czuѓct.np%6P/1\o|hcCvZy V ÝKJxU8ڪLbtvXr'tim4Q%DK~>E 16 mS6Rr4!jWptM99La^A-e,",3ӻ0 WOtKs=PaݍܷUJXAçIH?OܻZZ .L}>rR*팩 *xY'z8."+8F8gx [JN dU|a=/.A==ƆNE~O,Zb…5Gs/Oed3aЄĿl>7o߀ADt#.,(hxhIpcĪV}и& P{]DgoS<-svߕ_S*c X OLHbU5 q .Mޟxc5Jq/gk󨙑ڞ_X9KB+ yR 6^UN7y1(ت1zmI_*r{|pFY_x@Ztfk>>cmvC;M9 F,mbjh u>cߟw^@|&AIa 5C82l蟝_nuiC4\(qt2 WGv5 R$ 4 '> 3XX| cWwђ1ay^sszm;iSۉB-[hV\t^ ̊ tmkk\)t^yy߰McR%J@ȳ&bpʥ+iv"ĹA&d^ wM,V 6qHbŷ(u`vt6W(hy,2v dWpCޜ~͡t4qĽ|Y>|RVrGm.]Dw^UEHE2H8d~:U^}}y 8jJpgm8.F5^vL~jN0@:Rr\˧IPL1U {fRX3Y/Ks>Ecz969Inpq`wN &(W {IZ*~v Bk9&΄"{ʒ$( %PcPL'Nicĵ)5ս4<˺ʉߗ![,u?d9v-B`TVtZ_TH;C#oՕ24kbBa8lYB=w5{#J N̆_U?04w 8u^4^4*"k]n$ :%Kn@kh[sEd>Ƅ~mo#H5(L=S};=s/̧:dwsWOޟa# ,x!9_-# Ҩ}\3_$}"%]$C$:}/$/8{ ,k'"x_Fyr)g3ɦTX`qZ͠ս}";)Eb2-<=G?iA@Lo݉_7M#&2ٯCLk쪥Z/@oF P- 2 LM>KU,khs*Y.jB?D RF߽;A+$a?ᑸg*N͚</"YKxyaqrkCji* {LH&~Qbh!&A>en rÊ%d wxݟG/Q/zn3mHJmOxiېN?%J*oS\}%$>s󂳱peR_AxI"D2:(bNm~;uk5AD7]EJ@?j+)RI_Qkozd}iA?9Zž|h%&FD2c~84 +CQ ZkgN b9-௫P?ʮUh;*u!M E:S^ 7=tbM8JCL8hHpT_o$0G@|MU:!>9_)9'"vNʜ5а5ې-c^WNrYakg!D<=5͉2"Ҙ1= :f\_+UJ0ۋ'2bzЍjXu17*ќPK2n5x3]?(Zw߀/.dΓT(=7K5*, 9T}7䂤pp6ZJD=iG@<_+9M,ʧ!|x`61Sa%A@gm|T=.+4AD)OTrfǘA6 B*q1aNJ Wḭ?DȾm_3,D^JGgLFZߣ_-T)hA5/B$oEW\ 绯A ]c.G@ű6>=bOHHN4}Ѥw[qxNr۲\fL~a^y$h3A:̂UOg= ,QXg`OCM' !v9tCkƩ=3YZޙD<_T;n)լ;-tyI/Q S;;5)'*YWr >&yku\ȼ.gx$U,PncwD᜹52u1%%yFPQa6."x&ݑHBW@=&R˃&?"pU VajҌ I͠?S _Wv̝WW#~@hY:4ְdk݅pom7yu@ǞCۓy.i eT]){&>θ#UInjGp7&/{T#@~l`W67Y+ 3j %淸yz ҟUź^s .J*=VVt?ͽσEFs' j7#3L'*?ΰWw@0Tީ0bˢO oQcT J~2/(TVER$|۾k<{䵧6^9Do\_J/1}(@dLݝm$S,܏1Ҧc8xwJyN<pGC|Bt9Sb&b}14Ea|L2ނZTm-hg yU2'Y!dPϬqk?39:hW8څZ!fOjU Яwo1-ը )qI9nyN`{vlv)R 3#HW$#Ɽv>vV,GyzvR2/d,h;i,88 0_Ƴm0}j 3U$jn7A:c!fvvۏYh*0 ? 2jPfr|rpI81`YPoJe6a= [1&:P~g6j]W |`uD̞YCo,%BAjYj%l_ٺ|iE| c ytN$c̢:J>-g`\O cr79RMiгB>|v#{!ɓa|b~E,Jq@=k\^QeQJg?Ӣ9]rA9V.&m@wsx–W[7'y#'bj!vS Gm :gIBm2]YJgX8~Xؼd@hUJ\`N•O)nq=C hiY]xeO*m0\|{ϗcZ B_Ԙ &JpTRR@p˽ ;r!`l#a !l;٬L:4YT`) h9@s9`nL8* ƬhY 6BjXmf);}7cqW|o< Ӽj1aEPڗẹt郜T4O-l,yEVf5/0 BDZ<B70ɽ_\K;!]~o 'dj|BdBLHI"'걃BSy-WV7fqZO(@fFo3krU(A{+Rtf3|e ֪ KnET_nj ?8j߯*oJs fTNP.-[XF߿]?+:2E!yh/8$G60sGaVTc14[k\o`sf 6Gw»jb{Wz4Sz~-aW޹4 'ހ'cCJb0Gx1a a^- "܊p{o![d GpTi3_e,j[2߇{S/H!Q#wc1F4*9>V 9US, _{q\;DL9(H?jMex 5jTu^[BsÖǗS$3o#eïw;d 4 [4cGJ~߬>#lޡJ)8G(IЀo}-a:-ј}|$4F,Ƕ V^!8>|Js+y0d[ĬYwG&QZBGO"]gi M H NX>+nWt׍G)&Dٰ)5kЧ l~aG"MV)0 aȈZZQ>Hp'Q7a6LRsZ7-K_Ūi""Yi'*͌@nD8] R0 Z QEm zg6+ j/x f5kIudA!_+e#P{lòԹd9^ G۬[`/cCINoNW ;@mȺp% kx&zYE'}K~#pUAQ DHWiQd9jpQSdh j9L]z†$@|Kx7[m  zH534DU1faK,JP= \ e3Vl]NɬS\* MQҖJxc}8t\/[02UFr/4nS6 f 3z ZWDq9J|zdyw_dC`ƽ㢝yqu9  =93/'C"TZ`&tғ հ*%hæ0d+Xn W|r4b/vÉiwe^$^;P|:q"ŴpgpfqNO0W&4σX4@Obl)xN4O7Vj/rZN-ݩ* Y!H*~W)MF.>-RVi0 Ag-@ dd?zW hfM w]li2t,"Q12xޗ׌%߷ Rx+d6yU4U;u3+)i0g{z7gTuPK+^ F5 v3B^)%wZovx4LoZ5QFq&斠 lpФ֮/=̖l@ҨèJee_t^΀A;NH=l$IM$7~PTmglo[Nt#K2o.*$fMLONaFnڔ4(NRٙEՎuR{G\ޅ󠿩WT="-#Ҁ *|T"q$~PXϡf3hćUE(}g&ă#b9ٕV]^Cqp͆p#/%h THF-x@~!i4E6t%GExx.^#p͎ksZ{PՏI=r `$ck"azȹJGS[h%Oh)4Bwms8RC"cx ۿQcĩ ['bI!z )yZ\"ޘzy!ilaAlY"B)2Ff?~0öWxͣW2yz;%s:c * @cDb XlBfR6Cm'\xGU8Ng@NZ 1pnwx̎*DQ)+/![{CG8s+wW ExuonVs{ҳI(hQcgW.{-\ ߷Ж?+G üTcL m]Q0QD5NכEh",ɿ!^saŇ.W3i{}'UȕQqͅς-]^_<ԅb@֛;'~9oir[euRU#@@ϱxl9%C,/uypArN.}e9n8 F^"_CE4Ù5*qPUdN;zL1-ݵ(S Û 2 4ɐG-uQ%,,OA8h~v,QZDE1#wfT<<4 ՗*XJcrtxMXNi\2@{A#6 WqxqՆ,ӲeU'¥]}Nkr}Sxv2lFHX+)Gd,LF,&KOW>1^rAȩRi{YXNUߤZ6&P3T V?}tEͶw7.Ow͖2 0<vۚX4P#j%k5ZEqQ1+bXd縲.jըGb^Řb0kj wIyy$ċNjgā: +'Fa`j_v[cHk0\5ECN0I_6 v2~4ti9A o-HNm~ 艣Fb@;in#a>}ZkuP֋57}1U=H[L\b?HcN 4 #)?|?8)&`x݅8q802o28 w$f;`ƞX]AAw\Y[(a8¹/^|Ów䓀CdunHqABL @P$ŦH[AtVSd[rc٬PycLd0Gn BH6 +f3!E+oZ8Wkvo>p2"Sm.,1' j abɓ&G/3ȬBR^l*L(!DQC.Y%msc\\&KD~zo69"Jο1h>=ʯ=Ѐh!gB AYpA u5mw{ }p*^ dOb dwBÙ+dp7+)d[Oi/ m+db ?Qk0s*gu$r$D+C/6 _qy/fUl5݌wLwR5&bL6j*t+7}PIPanQ4 3x2v.Q҇/|(̨pCMt~c,_(qN._4MFߌtwά6ӈ=ͼ}{t w2[$\&Z!d?lxP7/z,f)(!yH=~ }f`qj R꟮⁧w%><-m+Wh&c R>V\/-UΆ28 L?p,Xê^vLF/\(4FS@mQ-dAٸǠͪ mvvޫ86tI'hK0:SP*RGƅ3mϮ3z.}:7ME!L,eHSXfKJ:^ R+]UJ9 EnY)iLܪܖ { sd X'(~I [vhb0[lm@Y 2K%+uITs'~ O[|ݪp8`NSq,Mհ>\%!n X{(|>X$f VX^oWap:};G WÉG!x wͅ{-f+yuqntrlf` 7r:kzjCڗYaV=zׄFg8.h1 lWTJ0'Ed|v;Ӎb?s" Fϖ{%ypeEu"WzpBe vy36Y/q!L\AGi)Q2yk Ôhn.֧@,-;#!qkc6&p_F1=Ey2d/]|TŝRE'fpRsYx.PzMe!avsS5C]L,#Qf`Xtp#`@䭬QBę ֦a(,O:4HTúrՑNG ay.Fy``;R;OyyяMF&SKz5Qn6cMt0*oQWƌuD|ܺ wH9 +.?W\F~56*@̓WRŏ0|y6yAs"mAsTk)H;:^ޭY2ZЯ[%Řj(*,DZ!Z6/Jx58 7imuP 6Ĕ_t wE<~O!s7kJGDNqe-,DhqD1j0O `*`1D(!=n|vm{Th';Z[ K#8Z9K=BSBC28mME12Yl& n)F2FX*eqjVw+}M YJlZk;ДWErw*f\s4,}S=z$fO"d1vYAP3YE 84!_ KjF R<ƕVv͞ 6G jk^(b48(oV"~|.)/V}0;fܽ uS㎍3!k.xMu-O8,Kz5P6pfZ;A s Scli~32v0{Y/' Acdjڅ И$)rql"FQ9CqjZ|0'5ThN S(=L'8N8IAsyX2Ô(O.fH~Uԡ Xđ܍>av~M`ƒڳhm7G5x/9!4B[8cTP IgDm81pB&Y8~H(Z!}ԁ-Dq-/L% ~DC":ayI/I#ÀGOUթspᴤֆ/I}`%UZfMH/͙"O#D-⫘'+1~S 5 N35N"Z] [n(7q)l>_by&jw$ b&׶7 \&YSut2liaރPFDPԺ/c@3l&=ơ.9Hp.͡4KtVa]JC5F mB`nWv $uS:fewW7]Z<>"6fJL߼ӫAV.#k'f 3|sS03EI1*SJ:ӣښ+ӴSu/͞ %PXH6G11b NQ-BBw1[qŷtGx`í[g(%ǪX.UDItTݥwx橔^6#eqL)ŖQK9sd*(.WQp<9n)rqL?%oz!AvwmviTZ5[wtT͎bgq4㲽:|kJ=z jZ[$rA{od1xe9b3b/CwSr8@֖!L _bC1ٳTT`:?f*m|a4u=_pX2q'&nF@!ŮJ9 GVvP!&:T.Q+/7SU]dׄ;kNj[}߃(j3jǩO"燑;dNF긍wt͉4eإZ9wtYD@OZ3:x^C7͕4ZKhQ%詳J8 jeT6«Dt2`ԲH27x7!7ei5; Ox9c3OUٸl7>2$&`i݄v2[6&] >[ć%>H7IT֥YRv[?hm1ӕ]ώ =tCH7 L o KŜbM C(,13XCBWO$IMÉG45+I* |af5HvD2n }]6 춏na.q }]/4 cm)<>?sʤQ#m&75wFs6[oec&#DJcs߬5[aʦt`p;S`hm/J&{Y7s| 3~6t6k-dH\ܑ1ߨ2$Ƥ1KgzlN=laoRC kgSOLK9j7tp5I8PT<@~W?*v;M 섕REӪ|5V"=1Im)yՁm-n)1Jוp&W -i6 ٗ0,N[&Zb> tz ,t~yhJC{]ܧ 6p ,V? e>7yo= 3*=psAgaΧ)IPF9UȥßxH5me˷PH{fZīCI-tboQᓈ #_ł#*OT* kzB4kٜ K{DD@jezәm6dy|=qԇyCs{";.)XQZXSi&D~ЍRЏP;X#I%=9_RY12炢7İ;qԑX 0WMi]I3 ZPd:C4xX0Kw&-zx t +fς$Nj嗛M3Oo)QI7c(LO4?J7b-˺KrqM-\O8[zM_xAX?뉰4HSRWD_9 1n'Y\Y5cߖi;?A|ȳ}<]qzZW-*k: }A#0`b몋:EGIB##ty%&.mkbVȀYȖ7QKUehz\]:2Czijў'9.BkAddqP%4'ѩϑ?.Fw!DVe(宔>LKjXj["n ò- e9޻oEyw11$8P;s ud@x=H+CVU@Fu$?İ+̃e^$>Qz `+G_݁Du=˂U;QٖX`B~%1Ō~}IǧMSuc@k z6ri0N݄oLBQ|U[b@k:`."DG@~iDkw#m STP5"ZJYK1Kgb vVf $㯉y}8=ܱ{}5DrbÄI% ⼱#i(gID:4-y5,-u=Q44~HKG9Hjx΃ce4Le3Gk|-Pv}%Ү2W ל'js8OJ}c%-m>0hv.lwaeIX0y8ׇЬ1?XTgZv)4A= )kj|:E?>q o{mx7&P3&80){ uO[K4K>eJ-yTwm?8?O!CJNҞO&g~>dTzF =F/jLOKywGg;st{OG/Qҙ# 鵋 qP CxB ~/-tȕ41oSsiCA>9lkwcFaqbs_˾Ƥ``eIUjoTW]!Bmojv%v֦/GqpO`IGL222aܒrB=̿uHRn@XQP^8 c`^㤾^96 DdoNobǖ8r WNbFu6uePi-a3s+,o'[uF~cV'vņAWvr43DUX*ZNqaڶ4m2T:r|p~? w82t*au25(% ʮ^/ߕ>}EAg׿_6#6I3wF$l|zbtpD)`Z?o ⶱCYm#2BnMPΗS*uf@aJFݤ.;{e}XO#1ĒOߥZ{g ){Z#9r|Sԥ!wL-ݻ~*fQ_M0}iJ]ggdTw4cEIaQu[@EkgTisXǒT/#{ +jSG0ǂvcZogcVWJq59OhzMP_7o7pi̚M6 wU6f:s D\Ԓe+#*5Q=Z{~KVQh/"1-vV0C1AvI̍{{t;Hg'-(t{ű~* {jmy2rV.=6A^_ŠVq~F 5lwT`d- c@%}߻s-upJ](I0Hūb!"*F6ZV-W_Ɠ?~k fAIrhpwݠV{[$6my.&~m:`IR=Omeh{Kz|L|)J_FT1O:~{xkS|Te^RIΩ#XRFވ0mz0y&u9$R q,E-ImL87nVH(5Ol$[G'wϬ;^(Vk" coW+&ۊp2zR=(5Dхđsto!)%|-q8LN~U {#O؛Ir8z%a'0*2&#K]2eohhE_RuebHRaŪyA VB~[YѺRTVS+k7&zdل A]TxY$ UһrsTr\JR3{-Yb1*:n/3V5c<+m Cײ4hgyJF-ж槦Py_E5nWX=n߬,{^8I\(l)}ژlL_.3B(LAC -e^wB\5 ODnM´ݨ@>yqP"VcY~7cSb5pf:)$|b|y\g{*_0 ۓ<qj s ¢I8j 32Iben)$@Za2n2Vsq|NCrQ1]7m<+"#u@`].tuN^-PS#Q>IcoYK"z4["S[0x~3J[OfdX_au=}>鹺N?3+o%Go#`J0%*2?xNRp{Il?lHfDkܞwdc: 2D:Yp ^azFqʬ4f4T/]?; Q?,/`\O _AQc-Oȋ>3U2Z\1-^,a+:".Wj@xދ kBKs]?eav`_^߬??I@Xw;pVb[U(=>*'QwPz x9FM.sZ܇Xݒf īx @ºCqE!\[K(ϭ ;ޢU(Mp(=D>lyMDsiSs:w8sZ Khjh \S͢ -uFtӦQl V3ސ0)EXհ TKC/+*A\EofsZFJK& Uq0Z#b Nf6$FIy؏e^UnҎWk$WX3Q/7PVPɀcD N1@ȯ"7E Y7s^Cto'¿q y6ى1 6d6˜*cg;|_",aɸL?/J 0xR%|wKzq4@]i. *&4OBR<ӈ苿tp(krC ;A) Ynr8 Qv?68r|~Qʨ^{~&a(z}پ ;e`}&,5.Аd,]R9,`fbs[zg{14IJmM臺Z('˦t]7(+;hpQ<z(pPV3Đ6s`C ⲁNhb0Ք F v-\)t6PZdus2cc S1ef)"`ȣu+ K5dD& [ɼ#|PxeĊ(ZW WF5U\ ]41rwC' &l{@#VC-qkVbMx@DDzbm[7[X B4oIxk Ps }n\~kmBXTLՖ;O-7s?jvNpC'2ٽ7L^Jhx`ht9<xA  &%֪ʬRKIaB%0cr-!2^o-ЍخTN˚.1) ѻƹr9q 14!!HQyrrMi5Eニjy]DzQB??0O)*Ϟ$btgr1TÔdžFyj{skPx*m?+4s~V%,&gVD5Gb)l&@!|VIU䐆1¢Oމ\D0 R\zۅ8]r:)葧;$Kֻ]l Mg, ##QG#kͪ.FbS)?$]w 47&Xh)3ذ!J,``5CLq9SW868_F͞:x/].Ⱈ³晙 Tq7С'c?B)n߁ONwa Vhީ#\]&ض!/kG]GnXzQ $gp>_֪p~Ļź$gl q&097")`׃!;}cPFi7؍XyR"īĒѿ&=镘mDfϽi% mO"̖I󸆀|x!:BT\R'sy+7xJ글chL}~p Gq~-clHЊsC*S4-2JHqlvw]24+8!'l"> =(H+K=:d4Ts@oi5|u0&8_h8.Rr iR'ӍǃNv`^ #ؑ>€/3+܏_S}lBb QZqKzԜ>3e'w$: }m gSFp+k9=bKts!{ԿhW;'}6/Lu=#|mQv L4ݸXZdYc斃5V {gad$FĘ-`|aH}K`w:!@]RMF$:B]V3c5~P懘$Y;Bʹk,~>t{ ыSFi#t]`dunf)kN,8%%'6:=m m'VUH^%a26XKvBI_[ tNg}CU^UWeVE~jr4@!=Fqy:J, uγ9}ˊ dNj-m,`DP-+]@͵q9czVu&rZCQvSAR4{L A ^SPUN@o*<*zA__T3/٣,hz{KG;9svn@ot\aW!7g0!Ŝ(_M"UpL6?:ӣНlbzz,5qar\mRAOZ8C"fEF^M+@оe'H<`Gg0IƢʥtRڒ⧵QYkMn!D! h)4W<'șP>_ӱe%d+#G=jUBgbUI..O՞Nd^N-CK ,DE z'dTKSH4$ /*h~z'xqt`]Hg^FD-Kh_YjRPN衚y*6?Mw$fcէ'qDjV:; Q ^&#T;*x?0<cqS $;ng1MeTPOrOKGBImuܗ2YM1Si5h|V%(9鴻/~({UaаQt=y5=[Ş7vn<|~lf4Kv14--ǞIoH3^)+?K ƹgצI ] JsU4;9E"^i/f[Rn7pJ`mzql%|}BcgRj0Iu0 E4xӌ/ kŗO?"4eή,iJ'U3s]4<DH_ݶ0|(Dޏ`g[yӻL[[9®vlLTa}DR(tDHUf38w1Hv]h J B͘0HϜcv:&*N*^$IkߝS0(ˡ ACobj% G!-䈼x1ᷱř{Z[άvR0sOz&Uւ:F*FOnHjn*/&d +ú+3L^ (k ) c#O. +oXN DF[eYt•U)׮-U%ԣ3KeL;e`+*X0@#Dy2,cB^Lob9; \W pY}Rw,MI+L4+P}Vϗ {&Qf6RYqMGC2vJv x2=މ7yDo` gϤ59?@{`t5!O;cR9$֪85'fQ)ea}Q(%nY)?\/urFCq&dpRrٲIu}U39Y^dEY v\!S/Rye{|"a+ }=9QM=5;F5 $SB#IƲLWK;߽2bYnυY_(E]IS!+٤QOygĔ^kwDզȧn6=ofP=Mj'QLXx|h#פ1ZDJdo!{r+#*'s zyۦ]Hor8r$vbP/x?Jn6"7APƖ y#LI~\n3=}S.7͌ Z#X&SLJ@x$Ba"(nV-ԯo)K@$k3J\g@Mg,3 ֏XȢI^2pTM޳=z+<]R{A|t {S֘jlO vB-ε 5u'lFJіO(% 4rfj;fɮ.d8ئ+-uҘ:k3.fhܔbnqC 8Wlcvw}:f+ƬSF ~72F6d3[F}X`ht`" ☎SFTF2{)y6g@?)V$zODnrD2A9s>kX컆aO Ӧ<do؂#_í CuA [)G-z5 oZ>-c$ؔ{K}\Qǻ+M Oh1"r_6س"'Q ۔X5w]; R˾H]Cy; R-d f ژ1(seA㧲7'`p͚LcE= nN&.#*YE=ۛ5M?xCH~/vǎ_AHSQF8~g)k6w^m[~RSbHށzIkCt0YI":SM;1TE\wSFx2,'@IeM,4ľ!ymFI~#~|BK;s;iuM^SiQsgCSb-xO Қ3WccpWIWWxݚRfC |aLɮ}Rv[dGit( (t3%C%d,GIzi5Ҥe z>,2_[/  y,C \=uHB 9}9R8/|–tviݖk2IEdLD(d$s0Ǎb7uC`U]`*َ$!ѹz+Y}.W"K[6@+-f,@jz)MHqhΰ&WPh|^&t$SI$3 |3 3DbG[Q$j|~E$]f3); w>c Qrpw/uJ0WY.~_,"L*!o t9cN9$c@b nV2 .#txn$Gy',V j@2lyZwG̎s]fjɖl ZYxQiؾ/O59~WTfh_T [Rr(Jhݮreڇ^[\mjc_#mT7&iu90Kp$0"uz@s~їe3tj]9нlK7["6CQ"nY (Cc537>|_]4%c8ZVT(wma™9 K[5KYI]؜X04.Hۏӡ 땮hE6VPui痧p*`uL6okP ZPRV =348s"cvj(r&ڟLdT+9JzK^楽uPQ^C[n+,\3b]Bp#bSuEXLA[\\m6!}oK2ti}ƵIRLGz8"0t|]v.5o;퀗 v4 obv/*56؇[sdeGgkDo ֒xT1'#/1@RΚ79D efBnA 49WomصY"3G:6~x]!Dz| /-@rZБ݁2h;58~ˌ[HjO]טRp3qÍIcZ>Z8#|ɋpA] V=ФY]\X;jR}xU%6W('ٰوЌC}5Rx1׷%Gx< y3Pv LCleG`ԡg2sBcH_ӠBImδp-ʔz5qRVj#<0P{tSV9vU9niNpuBy+OéyB_4.CxQ5⒑cq؜zRi,`\l6}FD<6BFsJ%CZĪ!GdS,U3! >((5!ltH0X%!03Fq[(HcbTR X@G(%\ _ysb`wg;U./M ;SIG`ŧgH_7%fֹ=*fY1}Tκ"Z;k%ÐSf'|5WEQuZcou> dn H  M"wNp|ǓàO7U?]99 g_W)v)4WO&~(CC+cy| BA_N.5,r2QàX"׳ `g[J_N~߇UYqF>SGZ8.dڪL#a[X8$}G_cWbGSB,l/PNV[Vz91"H% `B]Զ䰟ν.ƻ D~q>F8TjZU.~x!ON7qH'4˒t$t4 H_(m7C#: f>Ux}_"3 9sc )}K,xziݤ,\>$AR>$ˁZ,B>+63 c$٧TiwI+ 0 /DB Art:(9CLRZv# #!#ZիAnax}gV=A#s kHas"LWTI˨ÆkWpyrpE6%5km9ׁh,fKj[O]J$`hGQ P;kFf[HoEzW)#iΠY-iH4 )`bf$\&ϽO/VJf~ M-XAl0DbDM?5WhɃxPt?v0 uíh|$zAk6)PS^;.ϔPќ]˥h᠅ؘe^2Mvh(\Pf- 7/-_ MhWd3B'̅t؍~N#,gVX D/i@H+V*XG~BkH54YU~h@9pEhZ/>addg> tf 4!w/T_oި.OdL{XBhCfM&°k_*@z!su7 %6گUoSYe(DJ!-f,eCDpC+brtychN#LT/b߼+-?8=KfkU98n~6lA1e:w!(FB[QgvHz#K-Syr0Glz~r9!rl d?;ak]PѲ%Ҹ0꙾Cn>3nh2}*of͊5l 5Oo3ټQExr\K *f0KWzà$˦e3-pfg1&JjF)NzjTrÉv<Lĺ1kj!P|fvhL= -^>z?]fY7h_ 1 <`b&dmOɏj>zukplhD._iD̉hx<ԖQ2.uS|kK-ȑZ/-`C:[EP,oWᲹwiBZalmR܆ ,0a zN0 BI{w<O~FUgH}>@f3bLG!Ds;y]o1YA;avTF_ftIؖ0U5{a^PkXT|pWdjfttu&׹z5/[+^%#?'^Yj?EtP[fwֿOdA15VmM (bJZ+-ԝ*%26 b3YL|ɒXAɄSu nhD z#J#j~M0j42t'k>,:&j]MOKSh>fVщlm R>~ bM t! (/w<*l=ӵ11ʈ bLdg58d{} T`D۔ Tp ,hĮG1) {]xDŪROMN+{ E[w&NhjQhS>ϻFF0 sHgq'͘ng|,H.#E@T)W9M:g}PVE(V.ńle5]fU.@^ åira ~") !a._X2C2 FIGJ6N|sh> !ff?<@6}2 Wv2+cc5YE6 f-A^(Q%sWQ(>ܞ?'}p/o#Uq9N5t1߮CKl^un쏱jrQ3̫))5éb%V~N//mYh6wI񤖡No6yB&e)Fdx>7C錭y-Kh[ {жPZ N 52έv@Cq%Xd녬 B >iT0\-]fiTqx e (&x 9 3LUtIS e9/ Xz7lf#jGzвhDf0W'OUm|YU&TGQEZdBFp75}G&{ Ѷ4·)UBӴ݃+$[?W۞=$L@4Y Ɠhۧ&>B=@A聍=T=1{P3#`F[Åy%:&EظTӧUUtrz vE)jAym^AfG(<0cʆ':Doe _XFbRP}X! p1n-h[@G#B@!SED$Ц0kC07r(4bސ)L:7lN9cE*[AN+a,Mr{>=Ž$,T\ӃIA@m GOWDHxA?|YK+Ыdv0QE#y$k||"u;ЍIߣ_$=.v|-qmtLK@=B.!t͎O*_[!R6aa.gr ?[ZC_5&wBA>\3% gJg؄Y3 +'s0>Ԯ5a>Zm|˰ԡB\P03bJ8kO6.Ѱ|VTgqwX9s(ڑ ௑U'Mll݁UtWkǘ~^S%EfN!Ɵ7YSBp %س~w,mp$/[kڬn异\̵I/|G>=l ]Eo)&5}Sz팝<zzt|`ɬ+c? zz&+BzM2%&\''dv{|fJ he11yg6i%8v߃?CgUsJ$V6 vđ>\F|zMկI?1b)yEI ЩiQws?rDx~=r=#^d1ћjA;J|;Wgw &=%CF's9~ᨦy+]0~6Zⅉ ݫ m#htͧ4B=,o09,9VnB]{}aa9p$z?MN!8q ˀAb0OIy;_{]8ݦ{N -hx+˭amck*酐i!.+@5:D;'wt׵oUȿ'iQ˥lGM3#ܿ|%[^R`0%'Քo|4ÆP;i=ߨAGZ_mf{rX`g}u)^rޯ[Eg@T TEhT1iaK d.xM(D+ ZQ^QIbe?I/UwAyHo,͆L#dqfӯ' -ZQ$Y4Pi  g)s&Q7kx)6prl7۸ ׎< )߼5T*zl}Jdϭ4Pxywd^Ă=:({ hMZt6tMf8s 3?zo"p& \I1^D~(=;Vg)[ja &xS7}<;nүW񝧸{ 9 I}FpOT-Ly%cN Uq=@\=I0L)|ykt.:$/\aU iibz7ɢb uaKz*{Hm'~/M9Q%glS?3RHZ[&9d۴5X)AuϮO3DǔUܺ[̀.$zu\DAOMᑢHu27 fc>çVB uS^Z 3u \Úz;c(Pα|ipo%{[͢ KƎ~|o`5^gq>(4FeH,'A$⽖w -ԅL-ܛzkx?J)O$k)|) #J1cD9o4[/'@Wd|Z[d=:x緉m<@P+,9DIxYlh*bA‚ :Zev5J݂pRaժ_~Ek&!l8?; { 9~WZhЦEΘͅ-QQ*6<*Bq!.,OoNZ=)Boz\H#;0`J2""=^(!U5k#VIZŗ42y*i;X N[鐢 iF喴c9x{:܎?ѫQ-D␔@%%p1_mS0wvO> D;Fp$TJ.aLzdZzQ# >I[(EDrr Aei(R<V [Ԇ%+sc|2<)Ă*Od>,6P]m๛|i)1-%(.jjO W&霢)a= zB2LP0TraJA],.]6[ A}ޚB"a>-lg]հMCR% nxIs/h[@Q'yo<K_a[.F $Oa`=>7D*\ÛgT[l/\ṗj6Lcg22-4_B]F1(1;@g9~k.Aշ%r~U!ےV59F}K-N-?Yjm0RQR?NNkARs>;_YVɽT_xsʱV@M>j+q׸PJLDHF['i:.YϘpr2i_3\Uu H {`/܍`)%fGOd% c)@\|BQ[Ɇ<^p5{1(*Yv84$:[Dhq]>S'KM{ Is.uue)]2Oˁ͸ҁDC–7*tŁݼqxJǀ-:kB< , Bc '+D9ʓL0z!W2C-A I5EE}h^ɋZ2Vvg -MGj(6s+2 Jd"CH%fs.,BZgya~W⡑쎂=%#iSTYd cȳ'd*}\:lUJ6j61P !/!V@s%-T:ݩL ũ G Sť@{g# 3([:O 4&ٜ|3t% T4QZ>G11j|_ZȜuȮԥvy8`+Ǩ-ޭY w2_X8|_9(W%鰴pcJ9KR\5$ͶXXR X%9aj`u6""3Hj h9u3kd5Dyz2 ) 9chw }wX>آP*^IkԜ_Զ<{R^,F qUkZ`_P}%r#r֛դ.T ?o9Vn6 vGPqG"Lh"ۜ*.s (w xWՔ,+?tVspXJ1F[+ZAua{4M(hZI("KA|E# jWmJӲ*Ɯ椪&&1Qw">qDdKY54wT0q8^B)'T_-={xm`' !KHVj_#]=ĐI"*0&:V+8Cl%( p5|rSX]Y!UR|d.Z:v~iz&)g.w^; : ht=(^ _b >Ԍ*G8L%v DR}R0\+ A92&V6Mb0̠/,i7UO~EuMO`$Xt%~JQܭgJ3*P5t  i͊(we胦-GY3Va@P(Ǔm*֘Tfwfo*͂V뭰1{ךnj*II%!Kj :p0Sm9Tfh{eu%A%f[B̗*aroXcXfJƗS 07O-9a &H3E Ob̖8fI*zd^'gгkq/SOi:sGM;dLCEM Bs^ Ļzrmq` 1֖)̈-- 8RE-9|VX^W֕BZfM2vIХ_eQUʶyW ZPRl.^O(G2ekcgg8u2VC .`hhœ9%oZȧ+߄ǒI7}[ATryӐ4 uPH^[| o{6j#p.%e4>!{#{:OjQ;7(;.'@5b3Vn؏9ss4d*]Dm A-FU QCc+ \!=/ݳ(VDX"r=iU؁%,Btrw=",R%UyAPp)ET^tXza7 0 Y)Nێ?t5"&EUi+ k<_z3P' I֎H')-ْGMRͿ$[z( ܾ˷$xÐ@ʔU,izQmkn8J5%T~ZqV?dݕŹl72ў/.A 1a.`ݩc}`X-ZHP8K< ThGMIHP1r  JDܪ㳺L)#Bh`SjHFjuʄ>XqmR^1e2.GL Whg582Rnᡖϸ;Rb Ի4/Qe64G~_r  H26 y޻c_%el*Ë6N5Th$X#guhaص7$0|+NHly&-jә+ 5t:Z^2n#^SL/~&%uAB82k ꙏZ\% 16bqmbU!`?j#aa qc9vM9eE.P{QcXQ8H@s\2*eԾ*)J K-aT.4D\Ũ;`;orO09?zB2nGU(Τo:i $뿱΀}?M0ekXZxH;M)Sodu|}o6Aw L>=ζ7 Ѩ#:fX.;߿>?GJdcJ.| k#~+0 >IBZSc]d(H8X]~X"u'Uҿ8c!]zdT*Ui7!29U-xcwm ca#ɸ>{0)f;&m=H·IOK%4>ySbgBmh9Xu[],793DfN( ) H%J| ww:\फA@-ƙ~%AOY l'2y'>?B g;oմcdb0]s6Ixj^_楉?禹{VP'#F rN x e%{'-EvmHUH0.qqІ  y~7A#.~lg+n1 N~#=vL(F>+m $y-eL)b7lr6-; fCIʙfou 5u)ufr6T?E`~ 3*PU$?s;zq)_.ݙ?aC@u~.EؓMfTd_`X;EKoÿιl/=QL~p(j-iTV90揧#(F_Z:7$  NsҢ,3}=v^MĺIZB%SuW)@M uܝd%۬V71'>!>wp<`S֭c |tQKs!rȹd-i/SDW|q6m>o_3ϸ=]lשY[; _fPQn5x(ah&nlAfG yjÅ9vjtU=u{pL۶ʋ S`=dgp'ME2>]y+oaL{5(9B&}ږ ܦ=B'p=[%fIh{6e .99R 3>N`SkDk?f p>wK:-Rm$CUnuj(W)4c`UݍTՇ5ڷb鄨" (|EMW_a.q¦&F LbR6ޙF` -MX( yX網F.!ˊFN /\J>AcqTU-&^k rD"z}i]}} Zk[+(c{#%30 yMUUٛ+R0v=uq&\DUU B3pv dyHt6 @ߔ0罓GVfƲd} ChQQ^wPh,Oo BkVP WX|rsHҌ?j ,|dYvÉZfS_..ŝُy噦՜Ѳj[1K2&Q&pODz(碻|&SX2ܭ/w!w a4m5u4om:g[bɔ2:biNs/޲8Q?f8ca^ֲ ˔H0wյ%7! m2_zޤq9ů?} h("tĹ ͆& }QFuD%- 4']>qyW+th,XQ5'4RT'ca)0RU쯨(s q5Dƭ_T -Gd!&9xk5qQsZƍy+G.ȋͤUD.*pm{&˲PQfgƀ: #3!8ݮs(ph=2^AO`Tow60" ejQ~|Q0w" B`Zݲ)xvC9_mt]ʇ'XK/=@ږ1ΖHUr暑qBmWՙ]Yg 7!V~OʥЪOtTpT~Vv.A|?jNcK|&^Msme4_f ?O|6[%V|l.8?/f\3ي@xlF]f:d&Y-Nb1E=iO(s=|$buƟJ#'>guL8W& .{ f*s b /DQirOV?kspǴx#Jei\h5SKKÜ Ýxxu"=`@n _|OwGMt)F6؀@&[͂QdwۏtmѪ-4z eN&Oۆ?I mt ~i!곍Vo` ڽq{G䗶y8(|ܪ}'Ҏ۲0сRClx{ ³-b}ic+1<_2Jd~st d5+dDRPE[aͲ#WY.&h߮tzls KTDt} *u~E-Ͼ7 ZA x#UI A21N->I|ƒe`RoHA<^hY{#08DI.0!x8spQ̞L˙t J;rەV_-hvU:vq/s*йY* ,:rԧD<V00$ %ТHCKG{ pfh eG99?m쩂S']&/Wyp:@yqVJ౒>g4-*M&(9i:#G~IUGP?)1 ! 'aްzX1Dxr?b9 dCQҐME 4XYL2ֈ ;sJ~ e<_]*@׿ f g1Jõ+%؝G^^=ـF9?GBNhS*~ :]`oؐf|@ѫ*r{$ ȩ3:Q.'la z">e#ru7x_6i}ϦOQ I )Q9d^}7y-2 ,~|;A,+*i׉>[bbp8y" {V&7(Vm\샶U_(ܟNDtہ?a!0 hB4K?:..+4xH˒GlC WXrXI*5珯 rNXn%`mր)@XΤй2DH3`J@R8Դ܎oqB}TA0m6.Yol^\T-{@pwK}u Ӑχ~ax/88u߱P0JWF RŔ/:?"l?ymQ;U2L A=枝+njd$眠 Cl?Ǔ- W18b-'.$+l]VEI3LQ *(^Lm/#.i{ۢȠ1E )9dJo)*mmYv{RC-KmƦ66X7-3@/Gb:4$~y? & ;ۋ)$S#+]~;~гѓh\O%aX\:CoU zǩRJ)[ 8B_zT~o?w B(]seJ&Om"\խ1ŧ~ +>{G`ԇ`I<ƂȸXdjRP )W0ScFW|GjX&Ԃd:3UkRwgзFBU-Q{V *f}or?we-|B4WΩ[a0Z W޺ )ήHY!Y,4N޽` Y<T6, cҺ$apCC{ó>&qd}zDAәBU9Jp(jŒ3%P2-`?X5\p2}Ѩ:tVEiJ>117wX|`uOSί3Ƨ 8z*Bd`T<3Q:ޥ<\ڪBk .z5Фr/ f|tv)}bu8q"ߩGC鲙Me;j,)TlotGDL 4 sY5*vҍd+BZU:9ai$,K HMْ ;6WHYa[$wٻ"}mn]Wiiaq+<_s jP %8']8rhGh:MpeϨ٢ Pi >gl\i4ǿLvCzOۉb:D|8[UX^Vog_Sc|L1g'I/(aK1^将eQuvƝ1즳zGyFT]]ѧSxgao+s5\ۘ473&^)].SqC:iT+̶ ߦl:|a]ג-u1 ,4g =ЉNЅ['~Ӿ2 lp©D!lЛqe6\C1H \?7"oybnۄJ {o fv(z=MXY Q5)c3?,"7v($qzT`@aQb-U rh•aVý"8H~PdV*pp8sAw>"`zҋν#Uo%O=sO UbP]=f̝<\T\ۻisoa T<9˥vT ; t2trAQKyesˣͤb~YGi\lK-ZnY)RޕgO GYM!O*Fϡ m^ZNӯO 1 J"dpDNWXèl*$ݠ' +BD|יߕϭꨇqo Uar{+Bdi߈;ǻuuMkT :c\dl%jn{@If0 vѶvj}\Y]hcNVp^x&pkRH]UR#t7 P."O/yA[ҵa\#y@Z`h{9ɑBȃ /ueQ%`39?sTͶP8w{*B ayM@`L҇W=5(#<}x=N nܚǖ>[1Q\q>2>мG7 "]3/ [,n<'#茷N :4ak[)! .W_,%XlMV2~Ǣ{Ѝx6z4tcϧ24DRc/7WLV""]3-#>gI6!*c 0`)rt+͑gjtLߺiP>WH(o-zXKi4BMy(}Rz5"0!VR3e0?\ = mA-|H;=%hv_M^(?V\%;hl.B\ѭz?!m{O`pq9G/dM )h 垩nig}0qfhw@2`]uvS"U@ZQ4DGT'`./>FVffXkp<:M1cql)o7s;6h?I u l͒G sg +9H: 6NV{qF5q'to1$#?~}U2p J6e\yH\A'sû2q˽fJUW6\V+19u%H ڕcVfnp-~3` bt u=УLĖ]F̖$%?N\WnDvagr ȴ8/Y/5@d%k; av' Dl}p ɏU ?'8%9RXwTO7PlFV]rjv93_U##vb.̺EkR0CiGG)U|4'5^ߨ~V;:9G.5 /=-).E.i ge4 `iEaǧ=^]MsΕA(SxSƓxOۚACu, @ҙv>ٹd h[y˖z2@W3~De2:-1w` O\  |M8+@!Q֦R"4OJmH.gg7|N # ƪh!p;5pƵz3sРCiPknր} tCȴ`DDI1(qnpM,: \Tb!Y+Đ`qP]-\"$IO멏eed=*[6,U1iJF(mFX)J[y˸]̌I>g:p$@.@z vj][$™ {qgZv5⇂%yd>- SlaȂwS^OVڰƻi .w<==0z̢ta$6Ơ Yw~/y.~>BwBqRD6~xuQaM Bms2[{ .tVXPl!?G/7XEJ`n)V*ʑR{fdleb+ ܦ7l%swXM'R2(A tЏpM;sb6[vSA%΂I)[*o9xۂzlp W/*#~g{Oн:]}5ўnRlVVnH"kGHJ^#J]r=H˩ج.2'=yh ;@B6&=œ&6q?|H3#01xWD}w* ( qK}+v^qi!Yl K6X]lAXv_&/%sC0fR$x=L>T9+Sx/._ hdMhm!P8x<G*?mW:<ݿY=[ĝYVFn1i-ZATeY npAFtkfkyRA6Q™f_;Z5GB6sUo%ǵ>WxMR [DoݵPТ.30X-~C{mȟ2h @0P$"}F Tà"nl_v=j*dBmFSiU ءĜ:jC3أx1A YXOMrJnWs/!\HTy5n~9ҍ.YF4†)T|gwq6joW/+̌e,9Fg X/m.K\~|;1f #6Qb*1|+'w.ArĺE"vu5X{<|i̽'ËKSDA":?Bho1 jL@$9B@#z1sujB0Ob(";48nA&426@@(F#4z,cDN,D@̓`RMHVn`A㒇Ipn­Bqİ%n J*0, Wn~(Ɍj~B*ޟ֪G& /({\Vmfn7HpkfXL?O#<o~s&Ax2xNyшiP*L:ZPX<% mm1CkqOT-c`խNnPkYbbkԭTWix| 4w=xlBwo 4< SaH>i:{ ? w減H/F)OkO,I~ᜃ| 4r \rA{,٪}5N7{yGqJoZݽp@8}+$P"H4ӲZBI 'VEit9` [yjJ!,n.3jXɖm6]K XzaQϰmlCzȄCIx0G2w(-u?[Gl+2A6&g0nբB,8s 7=ZgCFٰ?l̟鯭Tkɀy u-[ȼ8O{\!p .Q~__^RcC><-fZdcD}y$R6mі9+>;+ڱ K10x廥_8<6Ix 2do‚#=73cvDEn7茰%~=&RMH ]>2Iy܎hJ#sd&s !#!mq9_1%<썂 NY`,v^KrdtJm@FYfE%9|IcG#xn"J%E{vCq 1\5 9&ZI,#2}f=@D:HKb0~0m8{)s$ѣm]Cab R: L{үD[a`Fr;?b ~QCrR:<ϰU0Ok- Oj . mfRJnL}/ʬ]Ħa&Y W岋& m)u1RۙTGv9@Fܳ|lmvw|pI#(:qRMteIk2\,%D}Y+ ݜ#jZ&sIv!m` ,hx۽z?4 7E`'W+6%/U}̞Va M; tSxwh<: *5Ewg`0PM-3 u Z677r$Hğ@7彜Hz[?7: fe4Q^ FP!iuQ)Bs|_ar#-{+<eCJ.ܝp )&|wPviD6=Xשԍg*Y>q F#Ǘ2AI"zԼYt -,o4u#wuST{{ZW݃>xTW#{M*N`Q)Z*:>+Z^r !1@ch&48FCT= le@J+ͧ+Yް*K Ԡ;w &S)Rx6GNr p'&ec.Kjo PsZ!Bfu 9c^#NOp^fu5/Zi=>]@qX+qU#ح QCn~̾Tv82 sV6MoMgIdQ,^VT@IܨA$E&gp5Knq=^0Qdd '#Z%)&]E?;o sNeY^M;" ͜PqWn*3#VhkF 9ack @dn%W0~D)iS|V )cYGCf*A ]EuMn\a( ^F'Mqp%H4ɒƩ ^ݖRWY#'HTA=n Wh" e 1D~֙{[Y띎ܾv(Ɇ 5G&L0HljY{̖V6&:`3n5IIJAj u+FXdoX 9%-T -ʤ8vscҹ7D8`mwTڸFyK |bGƢ]PM& 0Wui^Je?N7&@Fjdu~S DO#9ajfբ K#b]ΒDOL^T0>~i}^pYHQ5 }+!x>g~bm'r,u}~%XBt6S<cᖞxy4;h%WnDl ԥ&ƒArK [dkăuTginŠ}lY2Mc"78|0V^xubCiP\ѷ6 gvjUMG%#}CLcCns ~\c([~{X0B# 6yF. )|ȚY饠#Q}r\DBrYH%BUiì,FG$ =ʭ`+d(^w %ОDG@ujTs0@]=f>'4 {~ Sʛ0*U3Y6֥~ɨK/r.6dZۦoS!OV@mtW>,Fz9?KM6|S@+"guwg~oj$v^Yb~m$$[PUɤݢn&y {gKy223_"P)q fߟ* /-\tSzNF'{6%3ԇgyp{ EίA (&8=l m 4kݍ6-H?1Cf^r4&?ہƎ{vqH_ɤ|S(3jK:CU%!fE>O,,}EY:[[NQG?>A#nk})܃P= rHP89zc%Zɾ$wĕ(OOmRI<] #IyDZ`79ɖT>Kb~v8_pɥR#mJ:+ &b6msGւUڎ#IV{RQ;nHr5cWiJSvf&*t9G{F9oSﱺ ΪGE jG]:ג5਺$׿[f F(Q74&5Cn1u<)ҝ@T /Me*5 JJ«*N..L:'h;5Ӎ# m5..z"훥!5@AM qu[gV>=Z?ȳi Rsg=vCtvG)OI㪲" 'Ng /cM8OZ'~>J(@c']=":K/ bqǟ>K8& (a }?V*4 `7ԀƟy53.æ)8UTJp.# T4~QJFrx^τMLu.ۣ/6;ZG#+s1uJP+Z IҡAÖa T"!J ܜ@4scig?voyݗp.g],hN} /Է[<(\ +i2Uv>oy;y7<Ƭf @0/0In[@:l_ XFso<js\gxwU-ٕM7m#g߲|@S+'0^ҧŒ;XX"lMF/bgX fiqjٵ) xD-ggn[0)ƃxټLX i{ĖG:1?~'uEg1栵%Tܾ zD3P-~mۉ ĽdD[Bcny%: n#cx̳6ϸ):X0y8eڊ9I]2N`ɢHk$k 9!5fG7['V0it^M(T4Z_q5Ijnr|&1>Y=.nEhL`fn0vV~؛pXj>#Zif=W@|h@ 5mnus3;_&/u!LoukAqurK?jDt1 \gOֲEkdh