������xen-4.16.0_08-150400.2.12��������������������������������������������������������������������� ������>������������������������������
�����������������������A������������������������������������������������������������������������� �����bw�dp9|��zy��ȓv�"#-�ƕ%.v�5$b�pn�jh
XExqSḞ�\��Gk'`Kz2,*�)Q��C~ 9WDh�Q�]�cc_DS%%l_fUB����J,j�to��ҍC�s�O#vp��{�N8(
�uOA0Tی&+$A5���K�NЄ
M�j�Oa�T���63eb0784a95ed1abeba0049bbf9e11b1525f9b0b4�d54518be1e973149f1d38e030c55fdd3eade369fd2b4e3d96582306a116b4622�����Sl�����bw�dp9|��E�"s��Z\%ˀ"{<
EaOf&�R(j"��k1S/-5?ZIae�喙� V8�,z<5�nJj�/�J�vo1y�b#vښkơ�)m`�y�wR�fKcf��n�jR�� C$��HEK
<8Rx��Į�64�R$Ol`Pnep('EqL
�En�. Y
RQ
BT&Ÿ&l-9ZLd(.�0TF�1����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������>����p����������������=��
|���?������
l�������d��������������������������������������������������������������� �������������� ���U��������������P��������������T��������������d��������������h���������������������������������������������������� ���������������������������������������������� �������������������������������l���������������������� ��������������
���������������������� ���������������o�������
�������@���������������|����������������������������������������������4���������������p������������������
��������������
��������������
���(��������������8�������������9�������<������:������)������>��������������F��������������G��������������H������ ��������I������ X�������X������ h�������Y������ t�������\������ �������]������ �������^������
�������b�������
�������c��������������d���������������e���������������f���������������l���������������u�������(�������v�������d�������z������
��������������
��������������
�������������
&�������������
h����C�xen�4.16.0_08�150400.2.12�Xen Virtualization: Hypervisor (aka VMM aka Microkernel)�Xen is a virtual machine monitor for x86 that supports execution of
multiple guest operating systems with unprecedented levels of
performance and resource isolation.
This package contains the Xen Hypervisor. (tm)
[Hypervisor is a trademark of IBM]��bw�ibs-centriq-5����1|SUSE Linux Enterprise 15�SUSE LLC �GPL-2.0-only�https://www.suse.com/�System/Kernel�http://www.cl.cam.ac.uk/Research/SRG/netos/xen/�linux�aarch64�if [ -x /sbin/update-bootloader ]; then
/sbin/update-bootloader --refresh; exit 0
fi������������������p�� =�����������2�����������p������������AAA큤������������������������������bw�|bw�|bw�|bw�|bw�dbw�|bw�|bw�bw�bw�|bw�|bw�|bw�|bw�|bw�|���5f702b66a914f22af7be3c212e70a1513dd668f20df0e667b60a97e3b0f24250�46fbe4e389f4eab64dea3c100b7a2a3dc1c5b439d429b7658285bd363d9bee5f�a5e2d01a0921ec690a6a1ea3b97eb71b96253a1a2ee6d71a79a2f9cc8db29b48�60feb3fd824a7e099e6d7f6c71ae8ef6ee95047b49e74ccec4aea8a6abe66a67�����5f702b66a914f22af7be3c212e70a1513dd668f20df0e667b60a97e3b0f24250����xen-4.16.0_08-150400.2�xen-4.16.0_08-150400.2�xen-4.16.0_08-150400.2������../../share/efi/aarch64/xen-4.16.0_08-150400.2.efi����xen-4.16.0_08-150400.2.efi�xen-4.16.0_08-150400.2.efi�xen-4.16.0_08-150400.2.efi�������������������������������������������������������������root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�xen-4.16.0_08-150400.2.12.src.rpm�installhint(reboot-needed)�xen�xen(aarch-64)����������
���
���
���
����
���
���
���
����������������/bin/sh�coreutils�diffutils�fillup�grep�rpmlib(CompressedFileNames)�rpmlib(FileDigests)�rpmlib(PayloadFilesHavePrefix)�rpmlib(PayloadIsXz)�systemd�systemd�systemd�systemd������3.0.4-1�4.6.0-1�4.0-1�5.2-1�����4.14.3��bP#bJb/.@b b
D@a�@aaq@aa6a@aaca@@a7T@a,@a�Ga
$@a
@`@`�@`@`E`�@``
@`!@`@````}p`\{@`KW`F�`B�@`8`4@`.V`#`�>` l___�@_H@__إ@_إ@_S_$_�@______�@_"__E@_i@_h_d@_cO_[f_X_O@_N7_*@_'@_��_�{_�^)@^^@^3^ϧ^x^@^@^^�^{G^r
@^j$@^g@^_@^Nt^K^=Q@^:@^0"@^�@^�@]�]�]N@]@]ʞ])]c@]�@]@]@]]fl]fl]M`@]B@]/
],j]��]�@]�@]�]�]
#]�]�@\\ޢ@\ڭ\\@\@\�@\}\7\\N\�@\\+@\\M\M\�\�\@\}�@\k\X)@\J@\I\A\?�\=@\9\73\4\$\�l@[@[k@[@[^[^[ā@[@[@[[v[W�[CN@[<[6�@[0@[0@['[!�@[�5@Z@ZnZ�@ZZZ@ZmZԐ@ZZZ@ZZ}@Z}@Z}@Z}@Z|;Zz@Zo�Zk�@ZV�@ZS]@ZOhZ:PZ1�@Z.s@Z&@Z�OZ�OZ� Z� Z� Z�@Z�@Z
}Z�Z�Y�Y�Y�Y@Y@Y{Y*@Y5YA@Y4YY�YbY�Y@Y3YYJYJY@YYV@Y�@Ym@Yw2Yp@YlYh@Yh@YS@YJ_YI�@Y5GY0�Y-^Y(�Y"Y�@Y�;@Y�Y��Y�@Y�tY�.XEXQ@X@XۡXg@X@X@X@XZX@X@X�@X�@XXXXXXwoXs{@XlXWXRXQ4@XF@X43@X.@X*X!@X�&X�@X�X�@W@W֘W֘W^@WiW:Wt@W.@W9WW@Wk@Wi,@Wc@WZWZWZWYZ@WV@WEWBW=W;�W4p@W1@W1@W,@W(W(W(W(W(W$@W�VbV(@V3V@V@V'@VV2V͛@VŲ@V`VwVVV=@VV@VHV@VvV%@VV<@V@VS@V�V@V^VwVqR@Vn@VXEVUVTQ@VMVMVMVC-V;DV9@V7P@V0V*!@V V�@V�CV�V�V�f@V�qV�@UYU�@U�@UUU�@UnU4@UUK@U�U@UU>U>Ux&Un@U\w@U[%UUUPUKSU>$U6;U%�@U�U�U�U�U�.@TgT-@TT@TZ@TZ@T@T�T@T5T@TLTLT~@Tl@Ti@Ta@TJ?@T?@T=�@jbeulich@suse.com�carnold@suse.com�jbeulich@suse.com�carnold@suse.com�jbeulich@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�jbeulich@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�jbeulich@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�jbeulich@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�jbeulich@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�guillaume.gardet@opensuse.org�callumjfarmer13@gmail.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�callumjfarmer13@gmail.com�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�dimstar@opensuse.org�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�mcepl@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�ohering@suse.de�mliska@suse.cz�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�jengelh@inai.de�guillaume.gardet@opensuse.org�guillaume.gardet@opensuse.org�bwiedemann@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�bwiedemann@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�trenn@suse.de�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�ohering@suse.de�jfehlig@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�rbrown@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�jfehlig@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�jfehlig@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�ohering@suse.de�jfehlig@suse.com�carnold@suse.com�jfehlig@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�mlatimer@suse.com�carnold@suse.com�cyliu@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�rguenther@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�rguenther@suse.com�carnold@suse.com�meissner@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�- bsc#1197426 - VUL-0: CVE-2022-26358,CVE-2022-26359,
CVE-2022-26360,CVE-2022-26361: xen: IOMMU: RMRR (VT-d) and unity
map (AMD-Vi) handling issues (XSA-400)
624ebcef-VT-d-dont-needlessly-look-up-DID.patch
624ebd3b-VT-d-avoid-NULL-deref-on-dcmo-error-paths.patch
624ebd74-VT-d-avoid-infinite-recursion-on-dcmo-error-path.patch�- bsc#1197423 - VUL-0: CVE-2022-26356: xen: Racy interactions
between dirty vram tracking and paging log dirty hypercalls
(XSA-397)
xsa397.patch
- bsc#1197425 - VUL-0: CVE-2022-26357: xen: race in VT-d domain ID
cleanup (XSA-399)
xsa399.patch
- bsc#1197426 - VUL-0: CVE-2022-26358,CVE-2022-26359,
CVE-2022-26360,CVE-2022-26361: xen: IOMMU: RMRR (VT-d) and unity
map (AMD-Vi) handling issues (XSA-400)
xsa400-01.patch
xsa400-02.patch
xsa400-03.patch
xsa400-04.patch
xsa400-05.patch
xsa400-06.patch
xsa400-07.patch
xsa400-08.patch
xsa400-09.patch
xsa400-10.patch
xsa400-11.patch
xsa400-12.patch
- Additional upstream bug fixes for XSA-400 (bsc#1027519)
61d6ea2d-VT-d-split-domid-map-cleanup-check-into-a-function.patch
61d6ea7b-VT-d-dont-leak-domid-mapping-on-error-path.patch
6229ba46-VT-d-drop-undue-address-of-from-check_cleanup_domid_map.patch�- bsc#1196915 - VUL-0: CVE-2022-0001, CVE-2022-0002,CVE-2021-26401:
xen: BHB speculation issues (XSA-398)
62278667-Arm-introduce-new-processors.patch
62278668-Arm-move-errata-CSV2-check-earlier.patch
62278669-Arm-add-ECBHB-and-CLEARBHB-ID-fields.patch
6227866a-Arm-Spectre-BHB-handling.patch
6227866b-Arm-allow-SMCCC_ARCH_WORKAROUND_3-use.patch
6227866c-x86-AMD-cease-using-thunk-lfence.patch�- bsc#1196545 - GCC 12: xen package fails
gcc12-fixes.patch�- Upstream bug fixes (bsc#1027519)
61e0296a-x86-time-calibration-relative-counts.patch
61e029c8-x86-time-TSC-freq-calibration-accuracy.patch
61e02a1c-libxl-PCI-PV-hotplug-stubdom-coldplug.patch
61e98e88-x86-introduce-get-set-reg-infra.patch
61e98e89-x86-MSR-split-SPEC_CTRL-handling.patch
61e98e8a-x86-spec-ctrl-drop-ENTRY-EXIT-HVM.patch
61e98e8b-VT-x-SPEC_CTRL-NMI-race-condition.patch
61eaaa23-x86-get-set-reg-infra-build.patch
61efec1d-Arm-P2M-always-clear-entry-on-mapping-removal.patch
61efec4d-gnttab-only-decrement-refcounter-on-final-unmap.patch
61efec96-IOMMU-x86-stop-pirq-iteration-immediately-on-error.patch
61f2d886-x86-CPUID-disentangle-new-leaves-logic.patch
61f2d887-x86-CPUID-leaf-7-1-EBX-infra.patch
61f2dd76-x86-SPEC_CTRL-migration-compatibility.patch
61f7b2af-libxl-dont-touch-nr_vcpus_out-if-listing.patch
61f933a4-x86-cpuid-advertise-SSB_NO.patch
61f933a5-x86-drop-use_spec_ctrl-boolean.patch
61f933a6-x86-new-has_spec_ctrl-boolean.patch
61f933a7-x86-dont-use-spec_ctrl-enter-exit-for-S3.patch
61f933a8-x86-SPEC_CTRL-record-last-write.patch
61f933a9-x86-SPEC_CTRL-use-common-logic-for-AMD.patch
61f933aa-SVM-SPEC_CTRL-entry-exit-logic.patch
61f933ab-x86-AMD-SPEC_CTRL-infra.patch
61f933ac-SVM-enable-MSR_SPEC_CTRL-for-guests.patch
61f946a2-VMX-drop-SPEC_CTRL-load-on-VMEntry.patch
6202afa3-x86-clean-up-MSR_MCU_OPT_CTRL-handling.patch
6202afa4-x86-TSX-move-has_rtm_always_abort.patch
6202afa5-x86-TSX-cope-with-deprecation-on-WHL-R-CFL-R.patch
6202afa7-x86-CPUID-leaf-7-2-EDX-infra.patch
6202afa8-x86-Intel-PSFD-for-guests.patch
- Drop patches replaced by the above:
xsa393.patch
xsa394.patch
xsa395.patch
libxl-Fix-PV-hotplug-and-stubdom-coldplug.patch
libxl-dont-try-to-free-a-NULL-list-of-vcpus.patch
libxl-dont-touch-nr_vcpus_out-if-listing-vcpus-and-returning-NULL.patch�- bsc#1194576 - VUL-0: CVE-2022-23033: xen: arm:
guest_physmap_remove_page not removing the p2m mappings (XSA-393)
xsa393.patch
- bsc#1194581 - VUL-0: CVE-2022-23034: xen: a PV guest could DoS
Xen while unmapping a grant (XSA-394)
xsa394.patch
- bsc#1194588 - VUL-0: CVE-2022-23035: xen: insufficient cleanup of
passed-through device IRQs (XSA-395)
xsa395.patch�- bsc#1191668 - L3: issue around xl and virsh operation - virsh
list not giving any output
libxl-dont-try-to-free-a-NULL-list-of-vcpus.patch
libxl-dont-touch-nr_vcpus_out-if-listing-vcpus-and-returning-NULL.patch�- bsc#1193307 - pci backend does not exist when attach a vf to a pv
guest
libxl-Fix-PV-hotplug-and-stubdom-coldplug.patch
Drop libxl-PCI-defer-backend-wait.patch�- bsc#1193447 - Slow execution of hvmloader+ovmf when VM contains
an sriov device
61bc429f-revert-hvmloader-PA-range-should-be-UC.patch
- Upstream bug fixes (bsc#1027519)
61b31d5c-x86-restrict-all-but-self-IPI.patch
61b88e78-x86-CPUID-TSXLDTRK-definition.patch
61d5687a-x86-spec-ctrl-opt_srb_lock-default.patch�- Collect active VM config files in the supportconfig plugin
xen-supportconfig�- Now that the ovmf package has been updated, reset the configure
script to use ovmf-x86_64-xen-4m.bin from ovmf-x86_64-ms.bin
References bsc#1194105, bsc#1193274
xen.spec�- bsc#1193307 - pci backend does not exist when attach a vf to a pv
guest
libxl-PCI-defer-backend-wait.patch�- Update to Xen 4.16.0 FCS release
xen-4.16.0-testing-src.tar.bz2
* Miscellaneous fixes to the TPM manager software in preparation
for TPM 2.0 support.
* Increased reliance on the PV shim as 32-bit PV guests will only
be supported in shim mode going forward. This change reduces
the attack surface in the hypervisor.
* Increased hardware support by allowing Xen to boot on Intel
devices that lack a Programmable Interval Timer.
* Cleanup of legacy components by no longer building QEMU
Traditional or PV-Grub by default. Note both projects have
upstream Xen support merged now, so it is no longer recommended
to use the Xen specific forks.
* Initial support for guest virtualized Performance Monitor
Counters on Arm.
* Improved support for dom0less mode by allowing the usage on
Arm 64bit hardware with EFI firmware.
* Improved support for Arm 64-bit heterogeneous systems by
leveling the CPU features across all to improve big.LITTLE
support.
- bsc#1193274 - [Build67.2][Xen][uefi] xen fullvirt uefi guest can
not be created with default 'type=plash' in virt-manager
xen.spec�- Update to Xen 4.16.0 RC4 release (jsc#SLE-18467)
xen-4.16.0-testing-src.tar.bz2
* Xen can now export Intel Processor Trace (IPT) data from guests to tools in dom0.
* Xen now supports Viridian enlightenments for guests with more than 64 vcpus.
* Xenstored and oxenstored both now support LiveUpdate (tech preview).
* Unified boot images
* Switched x86 MSR accesses to deny by default policy.
* Named PCI devices for xl/libxl and improved documentation for xl PCI configuration format.
* Support for zstd-compressed dom0 (x86) and domU kernels.
* Reduce ACPI verbosity by default.
* Add ucode=allow-same option to test late microcode loading path.
* Library improvements from NetBSD ports upstreamed.
* x86: Allow domains to use AVX-VNNI instructions.
* Added XEN_SCRIPT_DIR configuration option to specify location for Xen scripts.
* xennet: Documented a way for the backend (or toolstack) to specify MTU to the frontend.
* On detecting a host crash, some debug key handlers can automatically triggered to aid in debugging.
* Increase the maximum number of guests which can share a single IRQ from 7 to 16, and make this configurable with irq-max-guests.
- Drop iPXE sources and patches. iPXE is only used by QEMU
traditional which has never shipped with SLE15.
ipxe.tar.bz2
ipxe-enable-nics.patch
ipxe-no-error-logical-not-parentheses.patch
ipxe-use-rpm-opt-flags.patch
- Drop building ocaml xenstored in the spec file. There are no
plans or need to support this version.
- Drop patches contained in new tarball or no longer required
5fca3b32-tools-libs-ctrl-fix-dumping-of-ballooned-guest.patch
5ffc58c4-ACPI-reduce-verbosity-by-default.patch
602ffae9-tools-libs-light-fix-xl-save--c-handling.patch
608676f2-VT-d-register-based-invalidation-optional.patch
60a27288-x86emul-gas-2-36-test-harness-build.patch
60af933d-x86-gcc11-hypervisor-build.patch
60afe616-x86-CPUID-rework-HLE-and-RTM-handling.patch
60afe617-x86-TSX-minor-cleanup-and-improvements.patch
60afe618-x86-TSX-deprecate-vpmu=rtm-abort.patch
60ba695e-tools-libs-ctrl-fix-xc_core_arch_map_p2m-to-support.patch
60be0e24-credit2-pick-runnable-unit.patch
60be0e42-credit2-per-entity-load-tracking-when-continuing.patch
60be3097-x86-CPUID-fix-HLE-and-RTM-handling-again.patch
60bf9e19-Arm-create-dom0less-domUs-earlier.patch
60bf9e1a-Arm-boot-modules-scrubbing.patch
60bf9e1b-VT-d-size-qinval-queue-dynamically.patch
60bf9e1c-AMD-IOMMU-size-command-buffer-dynamically.patch
60bf9e1d-VT-d-eliminate-flush-related-timeouts.patch
60bf9e1e-x86-spec-ctrl-protect-against-SCSB.patch
60bf9e1f-x86-spec-ctrl-mitigate-TAA-after-S3.patch
60bfa904-AMD-IOMMU-wait-for-command-slot.patch
60bfa906-AMD-IOMMU-drop-command-completion-timeout.patch
60c0bf86-x86-TSX-cope-with-deprecation.patch
60c8a7ac-x86-vpt-fully-init-timers-before-enlisting.patch
60c8de6e-osdep_xenforeignmemory_map-prototype.patch
60d49689-VT-d-undo-device-mappings-upon-error.patch
60d496b9-VT-d-adjust-domid-map-updating-on-unmap.patch
60d496d6-VT-d-clear_fault_bits-should-clear-all.patch
60d496ee-VT-d-dont-lose-errors-on-multi-IOMMU-flush.patch
60d5c6df-IOMMU-PCI-dont-let-domain-cleanup-continue.patch
61001231-x86-work-around-GNU-ld-2-37-issue.patch
61122ac6-credit2-avoid-spuriously-picking-idle.patch
611a7e38-x86-CET-shstk-WARN-manipulation.patch
611cba4e-VT-d-Tylersburg-errata-more-steppings.patch
611f844b-AMD-IOMMU-dont-leave-pt-mapped.patch
6126339d-AMD-IOMMU-global-ER-extending.patch
6126344f-AMD-IOMMU-unity-map-handling.patch
61263464-IOMMU-pass-access-to-p2m_get_iommu_flags.patch
6126347d-IOMMU-generalize-VT-d-mapped-RMRR-tracking.patch
6126349a-AMD-IOMMU-rearrange-reassignment.patch
612634ae-AMD-IOMMU-rearrange-ER-UM-recording.patch
612634c3-x86-p2m-introduce-p2m_is_special.patch
612634dc-x86-p2m-guard-identity-mappings.patch
612634f4-x86-mm-widen-locked-region-in-xatp1.patch
6126350a-gnttab-release-mappings-preemption.patch
6126351f-gnttab-replace-mapkind.patch
6126353d-gnttab-get-status-frames-array-capacity.patch
61263553-Arm-restrict-maxmem-for-dom0less.patch
6128a856-gnttab-radix-tree-node-init.patch
init.xen_loop
libxc-bitmap-50a5215f30e964a6f16165ab57925ca39f31a849.patch
libxc-bitmap-longs.patch
libxc.migrate_tracking.patch
libxc-sr-3cccdae45242dab27198b8e150be0c85acd5d3c9.patch
libxc-sr-add-xc_is_known_page_type.patch
libxc-sr-arrays.patch
libxc-sr-batch_pfns.patch
libxc-sr-page_type_has_stream_data.patch
libxc.sr.superpage.patch
libxc-sr-use-xc_is_known_page_type.patch
libxl-0c0b3a7e4a2d65fd252b89b46bdcdb048bb24b6c.patch
libxl-0ff26a3225d69ffec76fe5aca8296852fa951204.patch
libxl-4e217db45e83fc3173382306c8b03da86099a25d.patch
libxl-7c313e8365eb663311a0cf39f77b4f5880244765.patch
libxl-85760c03d664400368a3f76ae0225307c25049a7.patch
libxl-d5f54009dba11d04bfe2a28eee47b994de66b84a.patch
libxl-f3f778c81769075ac0eb93b98d4b2803e7936453.patch
libxl-fe6630ddc4e8a8fbf8dd28a1bc58e3881393f9c1.patch
libxl.fix-libacpi-dependency.patch
libxl-qemu6-scsi.patch
libxl-qemu6-vnc-password.patch
libxl.set-migration-constraints-from-cmdline.patch
reproducible.patch
stubdom-have-iovec.patch
x86-cpufreq-report.patch
xenstore-launch.patch
xenwatchdogd-options.patch
xsa384.patch�- bsc#1189632 - VUL-0: CVE-2021-28701: xen: Another race in
XENMAPSPACE_grant_table handling (XSA-384)
xsa384.patch
- Upstream bug fixes (bsc#1027519)
61001231-x86-work-around-GNU-ld-2-37-issue.patch
611a7e38-x86-CET-shstk-WARN-manipulation.patch
611cba4e-VT-d-Tylersburg-errata-more-steppings.patch
611f844b-AMD-IOMMU-dont-leave-pt-mapped.patch
6128a856-gnttab-radix-tree-node-init.patch
61122ac6-credit2-avoid-spuriously-picking-idle.patch (Replaces
credit2-avoid-picking-a-spurious-idle-unit-when-caps-are-used.patch)
6126339d-AMD-IOMMU-global-ER-extending.patch (Replaces xsa378-1.patch)
6126344f-AMD-IOMMU-unity-map-handling.patch (Replaces xsa378-2.patch)
61263464-IOMMU-pass-access-to-p2m_get_iommu_flags.patch (Replaces xsa378-3.patch)
6126347d-IOMMU-generalize-VT-d-mapped-RMRR-tracking.patch (Replaces xsa378-4.patch)
6126349a-AMD-IOMMU-rearrange-reassignment.patch (Replaces xsa378-5.patch)
612634ae-AMD-IOMMU-rearrange-ER-UM-recording.patch (Replaces xsa378-6.patch)
612634c3-x86-p2m-introduce-p2m_is_special.patch (Replaces xsa378-7.patch)
612634dc-x86-p2m-guard-identity-mappings.patch (Replaces xsa378-8.patch)
612634f4-x86-mm-widen-locked-region-in-xatp1.patch (Replaces xsa379.patch)
6126350a-gnttab-release-mappings-preemption.patch (Replaces xsa380-1.patch
6126351f-gnttab-replace-mapkind.patch (Replaces xsa380-2.patch)
6126353d-gnttab-get-status-frames-array-capacity.patch (Replaces xsa382.patch)
61263553-Arm-restrict-maxmem-for-dom0less.patch (Replaces xsa383.patch)�- bsc#1189882 - refresh libxc.sr.superpage.patch
prevent superpage allocation in the LAPIC and ACPI_INFO range�- bsc#1189373 - VUL-0: CVE-2021-28694,CVE-2021-28695,
CVE-2021-28696: xen: IOMMU page mapping issues on x86 (XSA-378)
xsa378-1.patch
xsa378-2.patch
xsa378-3.patch
xsa378-4.patch
xsa378-5.patch
xsa378-6.patch
xsa378-7.patch
xsa378-8.patch
- bsc#1189376 - VUL-0: CVE-2021-28697: xen: grant table v2 status
pages may remain accessible after de-allocation. (XSA-379)
xsa379.patch
- bsc#1189378 - VUL-0: CVE-2021-28698: xen: long running loops in
grant table handling. (XSA-380)
xsa380-1.patch
xsa380-2.patch
- bsc#1189380 - VUL-0: CVE-2021-28699: xen: inadequate grant-v2
status frames array bounds check. (XSA-382)
xsa382.patch
- bsc#1189381 - VUL-0: CVE-2021-28700: xen: xen/arm: No memory
limit for dom0less domUs. (XSA-383)
xsa383.patch�- bsc#1188050 - L3: Xen guest yval1a80 SLES11SP4 hangs on cluster
See also bsc#1179246.
credit2-avoid-picking-a-spurious-idle-unit-when-caps-are-used.patch�- Drop aarch64-maybe-uninitialized.patch as the fix is in tarball.�- refresh the migration patches to state v20210713
removed libxc-sr-add-xc_is_known_page_type.patch
removed libxc-sr-arrays.patch
removed libxc-sr-batch_pfns.patch
removed libxc-sr-page_type_has_stream_data.patch
removed libxc-sr-use-xc_is_known_page_type.patch
removed libxc.migrate_tracking.patch
removed libxc.sr.superpage.patch
removed libxl.set-migration-constraints-from-cmdline.patch
added libxc-sr-383b41974d5543b62f3181d216070fe3691fb130.patch
added libxc-sr-5588ebcfca774477cf823949e5703b0ac48818cc.patch
added libxc-sr-9e59d9f8ee3808acde9833192211da25f66d8cc2.patch
added libxc-sr-LIBXL_HAVE_DOMAIN_SUSPEND_PROPS.patch
added libxc-sr-abort_if_busy.patch
added libxc-sr-f17a73b3c0264c62dd6b5dae01ed621c051c3038.patch
added libxc-sr-max_iters.patch
added libxc-sr-min_remaining.patch
added libxc-sr-number-of-iterations.patch
added libxc-sr-precopy_policy.patch
added libxc-sr-restore-hvm-legacy-superpage.patch
added libxc-sr-track-migration-time.patch
added libxc-sr-xg_sr_bitmap-populated_pfns.patch
added libxc-sr-xg_sr_bitmap.patch
added libxc-sr-xl-migration-debug.patch�- bsc#1176189 - xl monitoring process exits during xl save -p|-c
keep the monitoring process running to cleanup the domU during shutdown
xl-save-pc.patch�- bsc#1179246 - Dom0 hangs when pinning CPUs for dom0 with HVM guest
60be0e24-credit2-pick-runnable-unit.patch
60be0e42-credit2-per-entity-load-tracking-when-continuing.patch
- Upstream bug fixes (bsc#1027519)
60bf9e19-Arm-create-dom0less-domUs-earlier.patch (Replaces xsa372-1.patch)
60bf9e1a-Arm-boot-modules-scrubbing.patch (Replaces xsa372-2.patch)
60bf9e1b-VT-d-size-qinval-queue-dynamically.patch (Replaces xsa373-1.patch)
60bf9e1c-AMD-IOMMU-size-command-buffer-dynamically.patch (Replaces xsa373-2.patch)
60bf9e1d-VT-d-eliminate-flush-related-timeouts.patch (Replaces xsa373-2.patch)
60bf9e1e-x86-spec-ctrl-protect-against-SCSB.patch (Replaces xsa375.patch)
60bf9e1f-x86-spec-ctrl-mitigate-TAA-after-S3.patch (Replaces xsa377.patch)
60bfa904-AMD-IOMMU-wait-for-command-slot.patch (Replaces xsa373-4.patch)
60bfa906-AMD-IOMMU-drop-command-completion-timeout.patch (Replaces xsa373-5.patch)
60afe617-x86-TSX-minor-cleanup-and-improvements.patch
60afe618-x86-TSX-deprecate-vpmu=rtm-abort.patch
60be3097-x86-CPUID-fix-HLE-and-RTM-handling-again.patch
60c0bf86-x86-TSX-cope-with-deprecation.patch
60c8a7ac-x86-vpt-fully-init-timers-before-enlisting.patch
60c8de6e-osdep_xenforeignmemory_map-prototype.patch
60d49689-VT-d-undo-device-mappings-upon-error.patch
60d496b9-VT-d-adjust-domid-map-updating-on-unmap.patch
60d496d6-VT-d-clear_fault_bits-should-clear-all.patch
60d496ee-VT-d-dont-lose-errors-on-multi-IOMMU-flush.patch
60d5c6df-IOMMU-PCI-dont-let-domain-cleanup-continue.patch
- Dropped gcc11-fixes.patch�- bsc#1183243 - L3: Core cannot be opened when using xl dump-core
of VM with PTF
60ba695e-tools-libs-ctrl-fix-xc_core_arch_map_p2m-to-support.patch�- bsc#1180350 - some long deprecated commands were finally removed
in qemu6. Adjust libxl to use supported commands.
libxl-d5f54009dba11d04bfe2a28eee47b994de66b84a.patch
libxl-f3f778c81769075ac0eb93b98d4b2803e7936453.patch
libxl-4e217db45e83fc3173382306c8b03da86099a25d.patch
libxl-85760c03d664400368a3f76ae0225307c25049a7.patch
libxl-0ff26a3225d69ffec76fe5aca8296852fa951204.patch
libxl-7c313e8365eb663311a0cf39f77b4f5880244765.patch
libxl-0c0b3a7e4a2d65fd252b89b46bdcdb048bb24b6c.patch
libxl-fe6630ddc4e8a8fbf8dd28a1bc58e3881393f9c1.patch
libxl-qemu6-vnc-password.patch
libxl-qemu6-scsi.patch�- Update logrotate.conf, move global options into per-file sections
to prevent globbering of global state (bsc#1187406)�- Fix shell macro expansion in xen.spec, so that ExecStart=
in xendomains-wait-disks.service is created correctly (bsc#1183877)�- bsc#1186428 - VUL-0: CVE-2021-28693: xen: xen/arm: Boot modules
are not scrubbed (XSA-372)
xsa372-1.patch
xsa372-2.patch
- bsc#1186429 - VUL-0: CVE-2021-28692: xen: inappropriate x86 IOMMU
timeout detection / handling (XSA-373)
xsa373-1.patch
xsa373-2.patch
xsa373-3.patch
xsa373-4.patch
xsa373-5.patch
- bsc#1186433 - VUL-0: CVE-2021-0089: xen: Speculative Code Store
Bypass (XSA-375)
xsa375.patch
- bsc#1186434 - VUL-0: CVE-2021-28690: xen: x86: TSX Async Abort
protections not restored after S3 (XSA-377)
xsa377.patch
- Upstream bug fixes (bsc#1027519)
60a27288-x86emul-gas-2-36-test-harness-build.patch
60af933d-x86-gcc11-hypervisor-build.patch
60afe616-x86-CPUID-rework-HLE-and-RTM-handling.patch�- Upstream bug fix (bsc#1027519)
608676f2-VT-d-register-based-invalidation-optional.patch�- Add xen.sysconfig-fillup.patch to make sure xencommons is in a
format as expected by fillup. (bsc#1185682)
Each comment needs to be followed by an enabled key. Otherwise
fillup will remove manually enabled key=value pairs, along with
everything that looks like a stale comment, during next pkg update�- Refresh xenstore-launch.patch to cover also daemon case�- Update to Xen 4.14.2 bug fix release (bsc#1027519)
xen-4.14.2-testing-src.tar.bz2
- Drop patches contained in new tarball
5fedf9f4-x86-hpet_setup-fix-retval.patch
5ff458f2-x86-vPCI-tolerate-disabled-MSI-X-entry.patch
5ff71655-x86-dpci-EOI-regardless-of-masking.patch
5ffc58e8-x86-ACPI-dont-overwrite-FADT.patch
600999ad-x86-dpci-do-not-remove-pirqs-from.patch
600ab341-x86-vioapic-EOI-check-IRR-before-inject.patch
6011bbc7-x86-timer-fix-boot-without-PIT.patch
6013e4bd-memory-bail-from-page-scrub-when-CPU-offline.patch
6013e546-x86-HVM-reorder-domain-init-error-path.patch
601d4396-x86-EFI-suppress-ld-2-36-debug-info.patch
602bd768-page_alloc-only-flush-after-scrubbing.patch
602cfe3d-IOMMU-check-if-initialized-before-teardown.patch
602e5a8c-gnttab-never-permit-mapping-transitive-grants.patch
602e5abb-gnttab-bypass-IOMMU-when-mapping-own-grant.patch
6037b02e-x86-EFI-suppress-ld-2-36-base-relocs.patch
60410127-gcc11-adjust-rijndaelEncrypt.patch
60422428-x86-shadow-avoid-fast-fault-path.patch
604b9070-VT-d-disable-QI-IR-before-init.patch
60535c11-libxl-domain-soft-reset.patch
60700077-x86-vpt-avoid-pt_migrate-rwlock.patch
60787714-x86-HPET-factor-legacy-replacement-mode-enabling.patch
60787714-x86-HPET-avoid-legacy-replacement-mode.patch�- bsc#1180491 - "Panic on CPU 0: IO-APIC + timer doesn't work!"
60787714-x86-HPET-avoid-legacy-replacement-mode.patch
60787714-x86-HPET-factor-legacy-replacement-mode-enabling.patch
- Upstream bug fixes (bsc#1027519)
60410127-gcc11-adjust-rijndaelEncrypt.patch
60422428-x86-shadow-avoid-fast-fault-path.patch
604b9070-VT-d-disable-QI-IR-before-init.patch
60535c11-libxl-domain-soft-reset.patch (Replaces xsa368.patch)
60700077-x86-vpt-avoid-pt_migrate-rwlock.patch�- bsc#1137251 - Restore changes for xen-dom0-modules.service which
were silently removed on 2019-10-17�- bsc#1177112 - Fix libxc.sr.superpage.patch
The receiving side did detect holes in a to-be-allocated superpage,
but allocated a superpage anyway. This resulted to over-allocation.�- bsc#1167608 - adjust limit for max_event_channels
A previous change allowed an unbound number of event channels
to make sure even large domUs can start of of the box.
This may have a bad side effect in the light of XSA-344.
Adjust the built-in limit based on the number of vcpus.
In case this is not enough, max_event_channels=/maxEventChannels=
has to be used to set the limit as needed for large domUs
adjust libxl.max_event_channels.patch�- bsc#1183072 - VUL-0: CVE-2021-28687: xen: HVM soft-reset crashes
toolstack (XSA-368). Also resolves,
bsc#1179148 - kdump of HVM fails, soft-reset not handled by libxl
bsc#1181989 - openQA job causes libvirtd to dump core when
running kdump inside domain
xsa368.patch�- bsc#1177204 - L3-Question: conring size for XEN HV's with huge
memory to small. Inital Xen logs cut
5ffc58c4-ACPI-reduce-verbosity-by-default.patch
- Upstream bug fixes (bsc#1027519)
601d4396-x86-EFI-suppress-ld-2-36-debug-info.patch
602bd768-page_alloc-only-flush-after-scrubbing.patch
602cfe3d-IOMMU-check-if-initialized-before-teardown.patch
602e5a8c-gnttab-never-permit-mapping-transitive-grants.patch
602e5abb-gnttab-bypass-IOMMU-when-mapping-own-grant.patch
6037b02e-x86-EFI-suppress-ld-2-36-base-relocs.patch
- bsc#1181921 - GCC 11: xen package fails
gcc11-fixes.patch�- bsc#1182576 - L3: XEN domU crashed on resume when using the xl
unpause command
602ffae9-tools-libs-light-fix-xl-save--c-handling.patch�- Start using the %autosetup macro to simplify patch management
xen.spec�- bsc#1181921 - GCC 11: xen package fails
gcc11-fixes.patch
- Drop gcc10-fixes.patch�- Upstream bug fixes (bsc#1027519)
5fedf9f4-x86-hpet_setup-fix-retval.patch
5ff458f2-x86-vPCI-tolerate-disabled-MSI-X-entry.patch
5ff71655-x86-dpci-EOI-regardless-of-masking.patch
5ffc58e8-x86-ACPI-dont-overwrite-FADT.patch
600999ad-x86-dpci-do-not-remove-pirqs-from.patch (Replaces xsa360.patch)
600ab341-x86-vioapic-EOI-check-IRR-before-inject.patch
6013e4bd-memory-bail-from-page-scrub-when-CPU-offline.patch
6013e546-x86-HVM-reorder-domain-init-error-path.patch
- bsc#1180491 - "Panic on CPU 0: IO-APIC + timer doesn't work!"
6011bbc7-x86-timer-fix-boot-without-PIT.patch�- bsc#1181254 - VUL-0: xen: IRQ vector leak on x86 (XSA-360)
xsa360.patch�- bsc#1180794 - bogus qemu binary path used when creating fv guest
under xen
xen.spec�- bsc#1180690 - L3-Question: xen: no needsreboot flag set
Add Provides: installhint(reboot-needed) in xen.spec for libzypp�- Update libxl.set-migration-constraints-from-cmdline.patch
Remove code which handled --max_factor. The total amount of
transferred data is no indicator to trigger the final stop+copy.
This should have been removed during upgrade to Xen 4.7.
Fix off-by-one in --max_iters, it caused one additional copy cycle.
Reduce default value of --max_iters from 5 to 2.
The workload within domU will continue to produce dirty pages.
It is unreasonable to expect any slowdown during migration.
Now there is one initial copy of all memory, one instead of four
iteration for dirty memory, and a final copy iteration prior move.�- Update to Xen 4.14.1 bug fix release (bsc#1027519)
xen-4.14.1-testing-src.tar.bz2
Contains the following recent security fixes
bsc#1179516 XSA-359 - CVE-2020-29571
bsc#1179514 XSA-358 - CVE-2020-29570
bsc#1179513 XSA-356 - CVE-2020-29567
bsc#1178963 XSA-355 - CVE-2020-29040
bsc#1178591 XSA-351 - CVE-2020-28368
bsc#1179506 XSA-348 - CVE-2020-29566
bsc#1179502 XSA-325 - CVE-2020-29483
bsc#1179501 XSA-324 - CVE-2020-29484
bsc#1179498 XSA-322 - CVE-2020-29481
bsc#1179496 XSA-115 - CVE-2020-29480
- Dropped patches contained in new tarball
5f1a9916-x86-S3-put-data-sregs-into-known-state.patch
5f21b9fd-x86-cpuid-APIC-bit-clearing.patch
5f479d9e-x86-begin-to-support-MSR_ARCH_CAPS.patch
5f4cf06e-x86-Dom0-expose-MSR_ARCH_CAPS.patch
5f4cf96a-x86-PV-fix-SEGBASE_GS_USER_SEL.patch
5f560c42-x86-PV-64bit-segbase-consistency.patch
5f560c42-x86-PV-rewrite-segment-ctxt-switch.patch
5f5b6b7a-hypfs-fix-custom-param-writes.patch
5f607915-x86-HVM-more-consistent-IO-completion.patch
5f6a002d-x86-PV-handle-MSR_MISC_ENABLE-correctly.patch
5f6a0049-memory-dont-skip-RCU-unlock-in-acquire_resource.patch
5f6a0067-x86-vPT-fix-race-when-migrating-timers.patch
5f6a008e-x86-MSI-drop-read_msi_msg.patch
5f6a00aa-x86-MSI-X-restrict-reading-of-PBA-bases.patch
5f6a00c4-evtchn-relax-port_is_valid.patch
5f6a00df-x86-PV-avoid-double-exception-injection.patch
5f6a00f4-evtchn-add-missing-barriers.patch
5f6a0111-evtchn-x86-enforce-correct-upper-limit.patch
5f6a013f-evtchn_reset-shouldnt-succeed-with.patch
5f6a0160-evtchn-IRQ-safe-per-channel-lock.patch
5f6a0178-evtchn-address-races-with-evtchn_reset.patch
5f6a01a4-evtchn-preempt-in-evtchn_destroy.patch
5f6a01c6-evtchn-preempt-in-evtchn_reset.patch
5f6cfb5b-x86-PV-dont-GP-for-SYSENTER-with-NT-set.patch
5f6cfb5b-x86-PV-dont-clobber-NT-on-return-to-guest.patch
5f71a21e-x86-S3-fix-shadow-stack-resume.patch
5f76ca65-evtchn-Flask-prealloc-for-send.patch
5f76caaf-evtchn-FIFO-use-stable-fields.patch
5f897c25-x86-traps-fix-read_registers-for-DF.patch
5f897c7b-x86-smpboot-restrict-memguard_guard_stack.patch
5f8ed5d3-x86-mm-map_pages_to_xen-single-exit-path.patch
5f8ed5eb-x86-mm-modify_xen_mappings-one-exit-path.patch
5f8ed603-x86-mm-prevent-races-in-mapping-updates.patch
5f8ed635-IOMMU-suppress-iommu_dont_flush_iotlb-when.patch
5f8ed64c-IOMMU-hold-page-ref-until-TLB-flush.patch
5f8ed682-AMD-IOMMU-convert-amd_iommu_pte.patch
5f8ed69c-AMD-IOMMU-update-live-PTEs-atomically.patch
5f8ed6b0-AMD-IOMMU-suitably-order-DTE-mods.patch
xsa286-1.patch
xsa286-2.patch
xsa286-3.patch
xsa286-4.patch
xsa286-5.patch
xsa286-6.patch
xsa351-1.patch
xsa351-2.patch
xsa351-3.patch
xsa355.patch�- Pass --with-rundir to configure to get rid of /var/run�- bsc#1178736 - allow restart of xenwatchdogd, enable tuning of
keep-alive interval and timeout options via XENWATCHDOGD_ARGS=
add xenwatchdogd-options.patch
add xenwatchdogd-restart.patch�- bsc#1177112 - Fix libxc.sr.superpage.patch
The receiving side may punch holes incorrectly into optimistically
allocated superpages. Also reduce overhead in bitmap handling.
add libxc-bitmap-50a5215f30e964a6f16165ab57925ca39f31a849.patch
add libxc-bitmap-long.patch
add libxc-bitmap-longs.patch�- boo#1029961 - Move files in xen-tools-domU to /usr/bin from /bin
xen-destdir.patch
Drop tmp_build.patch�- bsc#1176782 - L3: xl dump-core shows missing nr_pages during
core. If maxmem and current are the same the issue doesn't happen
5fca3b32-tools-libs-ctrl-fix-dumping-of-ballooned-guest.patch�- bsc#1178963 - VUL-0: xen: stack corruption from XSA-346 change
(XSA-355)
xsa355.patch�- Fix build error with libxl.fix-libacpi-dependency.patch�- Enhance libxc.migrate_tracking.patch
Hide SUSEINFO messages from pause/unpause/resume from xl command.
They are intended for libvirt logging, but lacked info about
execution context.
Remove extra logging about dirty pages in each iteration, the
number of transferred pages + protocol overhead is already
reported elsewhere.�- Remove libxl.libxl__domain_pvcontrol.patch
It is already part of 4.14.0-rc1�- bsc#1178591 - VUL-0: CVE-2020-28368: xen: Intel RAPL sidechannel
attack aka PLATYPUS attack aka XSA-351
xsa351-1.patch
xsa351-2.patch
xsa351-3.patch�- bsc#1177950 - adjust help for --max_iters, default is 5
libxl.set-migration-constraints-from-cmdline.patch�- jsc#SLE-16899 - improve performance of live migration
remove allocations and memcpy from hotpaths on sending and
receiving side to get more throughput on 10Gbs+ connections
libxc-sr-3cccdae45242dab27198b8e150be0c85acd5d3c9.patch
libxc-sr-add-xc_is_known_page_type.patch
libxc-sr-arrays.patch
libxc-sr-batch_pfns.patch
libxc-sr-page_type_has_stream_data.patch
libxc-sr-readv_exact.patch
libxc-sr-restore-handle_buffered_page_data.patch
libxc-sr-restore-handle_incoming_page_data.patch
libxc-sr-restore-map_errs.patch
libxc-sr-restore-mfns.patch
libxc-sr-restore-pfns.patch
libxc-sr-restore-populate_pfns-mfns.patch
libxc-sr-restore-populate_pfns-pfns.patch
libxc-sr-restore-read_record.patch
libxc-sr-restore-types.patch
libxc-sr-save-errors.patch
libxc-sr-save-guest_data.patch
libxc-sr-save-iov.patch
libxc-sr-save-local_pages.patch
libxc-sr-save-mfns.patch
libxc-sr-save-rec_pfns.patch
libxc-sr-save-show_transfer_rate.patch
libxc-sr-save-types.patch
libxc-sr-use-xc_is_known_page_type.patch
adjust libxc.sr.superpage.patch
adjust libxc.migrate_tracking.patch�- Upstream bug fixes (bsc#1027519)
5f479d9e-x86-begin-to-support-MSR_ARCH_CAPS.patch
5f4cf06e-x86-Dom0-expose-MSR_ARCH_CAPS.patch
5f4cf96a-x86-PV-fix-SEGBASE_GS_USER_SEL.patch
5f560c42-x86-PV-rewrite-segment-ctxt-switch.patch
5f5b6b7a-hypfs-fix-custom-param-writes.patch
5f607915-x86-HVM-more-consistent-IO-completion.patch
5f6cfb5b-x86-PV-dont-GP-for-SYSENTER-with-NT-set.patch
5f6cfb5b-x86-PV-dont-clobber-NT-on-return-to-guest.patch
5f71a21e-x86-S3-fix-shadow-stack-resume.patch
5f76ca65-evtchn-Flask-prealloc-for-send.patch
5f76caaf-evtchn-FIFO-use-stable-fields.patch
5f897c25-x86-traps-fix-read_registers-for-DF.patch
5f897c7b-x86-smpboot-restrict-memguard_guard_stack.patch
- Renamed patches
5f560c42-x86-PV-64bit-segbase-consistency.patch
Replaces 5f5b6951-x86-PV-64bit-segbase-consistency.patch
5f6a002d-x86-PV-handle-MSR_MISC_ENABLE-correctly.patch
Replaces 5f6a05a0-pv-Handle-the-Intel-specific-MSR_MISC_ENABLE-correctly.patch
5f6a0049-memory-dont-skip-RCU-unlock-in-acquire_resource.patch
Replaces 5f6a05b7-xen-memory-Dont-skip-the-RCU-unlock-path-in-acquire_resource.patch
5f6a0067-x86-vPT-fix-race-when-migrating-timers.patch
Replaces 5f6a05dd-vpt-fix-race-when-migrating-timers-between-vCPUs.patch
5f6a008e-x86-MSI-drop-read_msi_msg.patch
Replaces 5f6a05fa-msi-get-rid-of-read_msi_msg.patch
5f6a00aa-x86-MSI-X-restrict-reading-of-PBA-bases.patch
Replaces 5f6a061a-MSI-X-restrict-reading-of-table-PBA-bases-from-BARs.patch
5f6a00c4-evtchn-relax-port_is_valid.patch
Replaces 5f6a062c-evtchn-relax-port_is_valid.patch
5f6a00df-x86-PV-avoid-double-exception-injection.patch
Replaces 5f6a065c-pv-Avoid-double-exception-injection.patch
5f6a00f4-evtchn-add-missing-barriers.patch
Replaces 5f6a0674-xen-evtchn-Add-missing-barriers-when-accessing-allocating-an-event-channel.patch
5f6a0111-evtchn-x86-enforce-correct-upper-limit.patch
Replaces 5f6a068e-evtchn-x86-enforce-correct-upper-limit-for-32-bit-guests.patch
5f6a013f-evtchn_reset-shouldnt-succeed-with.patch
Replaces 5f6a06be-evtchn-evtchn_reset-shouldnt-succeed-with-still-open-ports.patch
5f6a0160-evtchn-IRQ-safe-per-channel-lock.patch
Replaces 5f6a06e0-evtchn-convert-per-channel-lock-to-be-IRQ-safe.patch
5f6a0178-evtchn-address-races-with-evtchn_reset.patch
Replaces 5f6a06f2-evtchn-address-races-with-evtchn_reset.patch
5f6a01a4-evtchn-preempt-in-evtchn_destroy.patch
Replaces 5f6a071f-evtchn-arrange-for-preemption-in-evtchn_destroy.patch
5f6a01c6-evtchn-preempt-in-evtchn_reset.patch
Replaces 5f6a0754-evtchn-arrange-for-preemption-in-evtchn_reset.patch�- bsc#1177409 - VUL-0: CVE-2020-27674: xen: x86 PV guest
INVLPG-like flushes may leave stale TLB entries (XSA-286)
xsa286-1.patch
xsa286-2.patch
xsa286-3.patch
xsa286-4.patch
xsa286-5.patch
xsa286-6.patch
- bsc#1177412 - VUL-0: CVE-2020-27672: xen: Race condition in Xen
mapping code (XSA-345)
5f8ed5d3-x86-mm-map_pages_to_xen-single-exit-path.patch
5f8ed5eb-x86-mm-modify_xen_mappings-one-exit-path.patch
5f8ed603-x86-mm-prevent-races-in-mapping-updates.patch
- bsc#1177413 - VUL-0: CVE-2020-27671: xen: undue deferral of IOMMU
TLB flushes (XSA-346)
5f8ed635-IOMMU-suppress-iommu_dont_flush_iotlb-when.patch
5f8ed64c-IOMMU-hold-page-ref-until-TLB-flush.patch
- bsc#1177414 - VUL-0: CVE-2020-27670: xen: unsafe AMD IOMMU page
table updates (XSA-347)
5f8ed682-AMD-IOMMU-convert-amd_iommu_pte.patch
5f8ed69c-AMD-IOMMU-update-live-PTEs-atomically.patch
5f8ed6b0-AMD-IOMMU-suitably-order-DTE-mods.patch�- Update libxc.sr.superpage.patch
set errno in x86_hvm_alloc_4k (bsc#1177112)�- bsc#1176339 - VUL-0: CVE-2020-25602: xen: x86 pv: Crash when
handling guest access to MSR_MISC_ENABLE (XSA-333)
5f6a05a0-pv-Handle-the-Intel-specific-MSR_MISC_ENABLE-correctly.patch
- bsc#1176341 - VUL-0: CVE-2020-25598: xen: Missing unlock in
XENMEM_acquire_resource error path (XSA-334)
5f6a05b7-xen-memory-Dont-skip-the-RCU-unlock-path-in-acquire_resource.patch
- bsc#1176343 - VUL-0: CVE-2020-25604: xen: race when migrating
timers between x86 HVM vCPU-s (XSA-336)
5f6a05dd-vpt-fix-race-when-migrating-timers-between-vCPUs.patch
- bsc#1176344 - VUL-0: CVE-2020-25595: xen: PCI passthrough code
reading back hardware registers (XSA-337)
5f6a05fa-msi-get-rid-of-read_msi_msg.patch
5f6a061a-MSI-X-restrict-reading-of-table-PBA-bases-from-BARs.patch
- bsc#1176346 - VUL-0: CVE-2020-25597: xen: once valid event
channels may not turn invalid (XSA-338)
5f6a062c-evtchn-relax-port_is_valid.patch
- bsc#1176345 - VUL-0: CVE-2020-25596: xen: x86 pv guest kernel
DoS via SYSENTER (XSA-339)
5f6a065c-pv-Avoid-double-exception-injection.patch
- bsc#1176347 - VUL-0: CVE-2020-25603: xen: Missing barrier
barriers when accessing/allocating an event channel (XSA-340)
5f6a0674-xen-evtchn-Add-missing-barriers-when-accessing-allocating-an-event-channel.patch
- bsc#1176348 - VUL-0: CVE-2020-25600: xen: out of bounds event
channels available to 32-bit x86 domains (XSA-342)
5f6a068e-evtchn-x86-enforce-correct-upper-limit-for-32-bit-guests.patch
- bsc#1176349 - VUL-0: CVE-2020-25599: xen: races with
evtchn_reset() (XSA-343)
5f6a06be-evtchn-evtchn_reset-shouldnt-succeed-with-still-open-ports.patch
5f6a06e0-evtchn-convert-per-channel-lock-to-be-IRQ-safe.patch
5f6a06f2-evtchn-address-races-with-evtchn_reset.patch
- bsc#1176350 - VUL-0: CVE-2020-25601: xen: lack of preemption in
evtchn_reset() / evtchn_destroy() (XSA-344)
5f6a071f-evtchn-arrange-for-preemption-in-evtchn_destroy.patch
5f6a0754-evtchn-arrange-for-preemption-in-evtchn_reset.patch
- Upstream bug fix (bsc#1027519)
5f5b6951-x86-PV-64bit-segbase-consistency.patch�- Fix problems in xen.spec with building on aarch64�- Make use of %service_del_postun_without_restart while preserving
the old behavior for older distros.
- In %post tools, remove unnecessary qemu symlinks.�- Fix error in xen-tools %post when linking pvgrub64.bin
- Make paths below libexec more explicit
- Create symlink also for pvgrub32.bin�- Revert previous libexec change for qemu compat wrapper
The path is used in existing domU.xml files in the emulator field
- Escape some % chars in xen.spec, they have to appear verbatim�- Enhance libxc.migrate_tracking.patch
Print number of allocated pages on sending side, this is more
accurate than p2m_size.�- jsc#SLE-15926 - Dev: XEN: drop netware support
Dropped the following patches
pygrub-netware-xnloader.patch
xnloader.py
Refreshed pygrub-boot-legacy-sles.patch�- Fix build on aarch64 with gcc10
- Package xenhypfs for aarch64�- Correct license name
* GPL-3.0+ is now GPL-3.0-or-later�- Upstream bug fixes (bsc#1027519)
5f1a9916-x86-S3-put-data-sregs-into-known-state.patch
5f21b9fd-x86-cpuid-APIC-bit-clearing.patch�- Update to Xen 4.14.0 FCS release
xen-4.14.0-testing-src.tar.bz2
* Linux stubdomains (contributed by QUBES OS)
* Control-flow Enforcement Technology (CET) Shadow Stack support (contributed by Citrix)
* Lightweight VM fork for fuzzing / introspection. (contributed by Intel)
* Livepatch: buildid and hotpatch stack requirements
* CONFIG_PV32
* Hypervisor FS support
* Running Xen as a Hyper-V Guest
* Domain ID randomization, persistence across save / restore
* Golang binding autogeneration
* KDD support for Windows 7, 8.x and 10
- Dropped patches contained in new tarball
5eb51be6-cpupool-fix-removing-cpu-from-pool.patch
5eb51caa-sched-vcpu-pause-flags-atomic.patch
5ec2a760-x86-determine-MXCSR-mask-always.patch
5ec50b05-x86-idle-rework-C6-EOI-workaround.patch
5ec7dcaa-x86-dont-enter-C6-with-in-service-intr.patch
5ec7dcf6-x86-dont-enter-C3-C6-with-errata.patch
5ec82237-x86-extend-ISR-C6-workaround-to-Haswell.patch
5ece1b91-x86-clear-RDRAND-CPUID-bit-on-AMD-fam-15-16.patch
5ece8ac4-x86-load_system_tables-NMI-MC-safe.patch
5ed69804-x86-ucode-fix-start-end-update.patch
5eda60cb-SVM-split-recalc-NPT-fault-handling.patch
5edf6ad8-ioreq-pending-emulation-server-destruction-race.patch
5edfbbea-x86-spec-ctrl-CPUID-MSR-defs-for-SRBDS.patch
5edfbbea-x86-spec-ctrl-mitigate-SRBDS.patch
5ee24d0e-x86-spec-ctrl-document-SRBDS-workaround.patch
xsa317.patch
xsa319.patch
xsa321-1.patch
xsa321-2.patch
xsa321-3.patch
xsa321-4.patch
xsa321-5.patch
xsa321-6.patch
xsa321-7.patch
xsa328-1.patch
xsa328-2.patch�- bsc#1172356 - Not able to hot-plug NIC via virt-manager, asks to
attach on next reboot while it should be live attached
ignore-ip-command-script-errors.patch�- Enhance libxc.migrate_tracking.patch
After transfer of domU memory, the target host has to assemble
the backend devices. Track the time prior xc_domain_unpause.�- Add libxc.migrate_tracking.patch to track live migrations
unconditionally in logfiles, especially in libvirt.
This will track how long a domU was suspended during transit.�- bsc#1173376 - VUL-0: CVE-2020-15566: xen: XSA-317 - Incorrect
error handling in event channel port allocation
xsa317.patch
- bsc#1173377 - VUL-0: CVE-2020-15563: xen: XSA-319 - inverted code
paths in x86 dirty VRAM tracking
xsa319.patch
- bsc#1173378 - VUL-0: CVE-2020-15565: xen: XSA-321 - insufficient
cache write- back under VT-d
xsa321-1.patch
xsa321-2.patch
xsa321-3.patch
xsa321-4.patch
xsa321-5.patch
xsa321-6.patch
xsa321-7.patch
- bsc#1173380 - VUL-0: CVE-2020-15567: xen: XSA-328 - non-atomic
modification of live EPT PTE
xsa328-1.patch
xsa328-2.patch�- bsc#1172205 - VUL-0: CVE-2020-0543: xen: Special Register Buffer
Data Sampling (SRBDS) aka "CrossTalk" (XSA-320)
5ee24d0e-x86-spec-ctrl-document-SRBDS-workaround.patch
5edfbbea-x86-spec-ctrl-CPUID-MSR-defs-for-SRBDS.patch (Replaces xsa320-1.patch)
5edfbbea-x86-spec-ctrl-mitigate-SRBDS.patch (Replaces xsa320-2.patch)
- Upstream bug fixes (bsc#1027519)
5ec50b05-x86-idle-rework-C6-EOI-workaround.patch
5ec7dcaa-x86-dont-enter-C6-with-in-service-intr.patch
5ec7dcf6-x86-dont-enter-C3-C6-with-errata.patch
5ec82237-x86-extend-ISR-C6-workaround-to-Haswell.patch
5ece1b91-x86-clear-RDRAND-CPUID-bit-on-AMD-fam-15-16.patch
5ece8ac4-x86-load_system_tables-NMI-MC-safe.patch
5ed69804-x86-ucode-fix-start-end-update.patch
5eda60cb-SVM-split-recalc-NPT-fault-handling.patch
5edf6ad8-ioreq-pending-emulation-server-destruction-race.patch�- Fixes for %_libexecdir changing to /usr/libexec�- bsc#1172205 - VUL-0: CVE-2020-0543: xen: Special Register Buffer
Data Sampling (SRBDS) aka "CrossTalk" (XSA-320)
xsa320-1.patch
xsa320-2.patch�- Update to Xen 4.13.1 bug fix release (bsc#1027519)
xen-4.13.1-testing-src.tar.bz2
5eb51be6-cpupool-fix-removing-cpu-from-pool.patch
5eb51caa-sched-vcpu-pause-flags-atomic.patch
5ec2a760-x86-determine-MXCSR-mask-always.patch
- Drop patches contained in new tarball
5de65f84-gnttab-map-always-do-IOMMU-part.patch
5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch
5e15e03d-sched-fix-S3-resume-with-smt=0.patch
5e16fb6a-x86-clear-per-cpu-stub-page-info.patch
5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch
5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch
5e21ce98-x86-time-update-TSC-stamp-after-deep-C-state.patch
5e286cce-VT-d-dont-pass-bridges-to-domain_context_mapping_one.patch
5e318cd4-x86-apic-fix-disabling-LVT0.patch
5e344c11-x86-HVM-relinquish-resources-from-domain_destroy.patch
5e3bd385-EFI-recheck-variable-name-strings.patch
5e3bd3d1-EFI-dont-leak-heap-VIA-XEN_EFI_get_next_variable_name.patch
5e3bd3f8-xmalloc-guard-against-overflow.patch
5e46e090-x86-smp-reset-x2apic_enabled-in-smp_send_stop.patch
5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch
5e4d4f5b-sched-fix-get_cpu_idle_time-with-core-sched.patch
5e4e614d-x86-spec-ctrl-no-xen-also-disables-branch-hardening.patch
5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch
5e5e7188-fix-error-path-in-cpupool_unassign_cpu_start.patch
5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch
5e7a371c-sched-fix-cpu-onlining-with-core-sched.patch
5e7c90cf-sched-fix-cpu-offlining-with-core-sched.patch
5e7cfb29-x86-ucode-AMD-fix-assert-in-compare_patch.patch
5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch
5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch
5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch
5e846cce-x86-HVM-fix-AMD-ECS-handling-for-Fam10.patch
5e84905c-x86-ucode-AMD-fix-more-potential-buffer-overruns.patch
5e86f7b7-credit2-avoid-vCPUs-with-lower-creds-than-idle.patch
5e86f7fd-credit2-fix-credit-too-few-resets.patch
5e876b0f-tools-xenstore-fix-use-after-free-in-xenstored.patch
5e95ad61-xenoprof-clear-buffer-intended-to-be-shared-with-guests.patch
5e95ad8f-xenoprof-limit-consumption-of-shared-buffer-data.patch
5e95ae77-Add-missing-memory-barrier-in-the-unlock-path-of-rwlock.patch
5e95af5e-xen-gnttab-Fix-error-path-in-map_grant_ref.patch
5e95afb8-gnttab-fix-GNTTABOP_copy-continuation-handling.patch�- spec: Remove invocation of autogen.sh
- spec: Recommend qemu-ovmf-x86_64 to provide UEFI firmwares�- bsc#1170968 - GCC 10: xen build fails on i586
gcc10-fixes.patch�- bsc#1169392 - VUL-0: CVE-2020-11742: xen: Bad continuation
handling in GNTTABOP_copy (XSA-318)
5e95afb8-gnttab-fix-GNTTABOP_copy-continuation-handling.patch�- bsc#1168140 - VUL-0: CVE-2020-11740, CVE-2020-11741: xen: XSA-313
multiple xenoprof issues
5e95ad61-xenoprof-clear-buffer-intended-to-be-shared-with-guests.patch
5e95ad8f-xenoprof-limit-consumption-of-shared-buffer-data.patch
- bsc#1168142 - VUL-0: CVE-2020-11739: xen: XSA-314 - Missing
memory barriers in read-write unlock paths
5e95ae77-Add-missing-memory-barrier-in-the-unlock-path-of-rwlock.patch
- bsc#1168143 - VUL-0: CVE-2020-11743: xen: XSA-316 - Bad error
path in GNTTABOP_map_grant
5e95af5e-xen-gnttab-Fix-error-path-in-map_grant_ref.patch
- bsc#1167152 - L3: Xenstored Crashed during VM install Need Core
analyzed
5e876b0f-tools-xenstore-fix-use-after-free-in-xenstored.patch
- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog
bug soft lockup CPU #0 stuck under high load / upstream with
workaround. See also bsc#1134506
5e86f7b7-credit2-avoid-vCPUs-with-lower-creds-than-idle.patch
5e86f7fd-credit2-fix-credit-too-few-resets.patch
- Drop for upstream solution (bsc#1165206)
01-xen-credit2-avoid-vcpus-to.patch
default-to-credit1-scheduler.patch
- Upstream bug fixes (bsc#1027519)
5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch
5e5e7188-fix-error-path-in-cpupool_unassign_cpu_start.patch
5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch
5e7a371c-sched-fix-cpu-onlining-with-core-sched.patch
5e7c90cf-sched-fix-cpu-offlining-with-core-sched.patch
5e7cfb29-x86-ucode-AMD-fix-assert-in-compare_patch.patch
5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch
5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch
5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch
5e846cce-x86-HVM-fix-AMD-ECS-handling-for-Fam10.patch
5e84905c-x86-ucode-AMD-fix-more-potential-buffer-overruns.patch�- bsc#1167608 - unbound limit for max_event_channels
domUs with many vcpus and/or resources fail to start
libxl.max_event_channels.patch�- bsc#1161480 - Fix xl shutdown for HVM without PV drivers
add libxl.libxl__domain_pvcontrol.patch�- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog
bug soft lockup CPU #0 stuck under high load / upstream with
workaround. See also bsc#1134506
01-xen-credit2-avoid-vcpus-to.patch�- bsc#1158414 - GCC 10: xen build fails
gcc10-fixes.patch�- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog
bug soft lockup CPU #0 stuck under high load / upstream with
workaround. See also bsc#1134506
default-to-credit1-scheduler.patch�- bsc#1160932 - VUL-0: xen: XSA-312 v1: arm: a CPU may speculate
past the ERET instruction
5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch
- bsc#1164425 - x86: "spec-ctrl=no-xen" should also disable branch
hardening
5e4e614d-x86-spec-ctrl-no-xen-also-disables-branch-hardening.patch
- Upstream bug fixes (bsc#1027519)
5e21ce98-x86-time-update-TSC-stamp-after-deep-C-state.patch
5e286cce-VT-d-dont-pass-bridges-to-domain_context_mapping_one.patch
5e318cd4-x86-apic-fix-disabling-LVT0.patch
5e344c11-x86-HVM-relinquish-resources-from-domain_destroy.patch
5e3bd385-EFI-recheck-variable-name-strings.patch
5e3bd3d1-EFI-dont-leak-heap-VIA-XEN_EFI_get_next_variable_name.patch
5e3bd3f8-xmalloc-guard-against-overflow.patch
5e46e090-x86-smp-reset-x2apic_enabled-in-smp_send_stop.patch
5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch
5e4d4f5b-sched-fix-get_cpu_idle_time-with-core-sched.patch�- bsc#1159755 - use fixed qemu-3.1 machine type for HVM
This must be done in qemu to preserve PCI layout
remove libxl.lock-qemu-machine-for-hvm.patch�- jsc#SLE-10183 - script to calculate cpuid= mask
add helper script from https://github.com/twizted/xen_maskcalc
domUs may be migrated between different cpus from the same vendor
if their visible cpuid value has incompatible feature bits masked.�- jsc#SLE-10172, bsc#1055731 - handle degraded raid for xendomains
add helper script and systemd service from
https://github.com/luizluca/xen-tools-xendomains-wait-disk
in new sub package xen-tools-xendomains-wait-disk
See included README for usage instructions
xendomains-wait-disks.LICENSE
xendomains-wait-disks.README.md
xendomains-wait-disks.sh�- bsc#1159755 - use fixed qemu-3.1 machine type for HVM
qemu4 introduced incompatible changes in pc-i440fx, which revealed
a design bug in 'xenfv'. Live migration from domUs started with
qemu versions prior qemu4 can not be received with qemu4+.
libxl.lock-qemu-machine-for-hvm.patch�- Upstream bug fixes (bsc#1027519)
5de65f84-gnttab-map-always-do-IOMMU-part.patch
5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch
5e15e03d-sched-fix-S3-resume-with-smt=0.patch
5e16fb6a-x86-clear-per-cpu-stub-page-info.patch
5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch�- BuildRequire pkgconfig(libsystemd) instead of systemd-devel:
Allow OBS to shortcut through the -mini flavors.�- bsc#1159320 - Xen logrotate file needs updated
logrotate.conf�- Update to Xen 4.13.0 FCS release
xen-4.13.0-testing-src.tar.bz2
* Core Scheduling (contributed by SUSE)
* Branch hardening to mitigate against Spectre v1 (contributed by Citrix)
* Late uCode loading (contributed by Intel)
* Improved live-patching build tools (contributed by AWS)
* OP-TEE support (contributed by EPAM)
* Renesas R-CAR IPMMU-VMSA driver (contributed by EPAM)
* Dom0-less passthrough and ImageBuilder (contributed by XILINX)
* Support for new Hardware�- Update to Xen 4.13.0 RC4 release
xen-4.13.0-testing-src.tar.bz2
- Rebase libxl.pvscsi.patch�- Update to Xen 4.13.0 RC3 release
xen-4.13.0-testing-src.tar.bz2
- Drop python38-build.patch�- Update to Xen 4.13.0 RC2 release
xen-4.13.0-testing-src.tar.bz2�- Add python38-build.patch fixing build with Python 3.8 (add
- -embed to python-config call)�- Update to Xen 4.13.0 RC1 release
xen-4.13.0-testing-src.tar.bz2
- Drop patches contained in new tarball or invalid
5ca7660f-x86-entry-drop-unused-includes.patch
5cab2a6b-x86-ACPI-also-parse-AMD-tables-early.patch
5cab2ab7-x86-IOMMU-introduce-init-ops.patch
5cab2ae8-x86-IOMMU-abstract-iommu_supports_eim.patch
5cab2b4e-x86-IOMMU-abstract-iommu_enable_x2apic_IR.patch
5cab2b95-x86-IOMMU-initialize-iommu_ops-in.patch
5cac9a4b-x86-IOMMU-abstract-adjust_vtd_irq_affinities.patch
5cdeac7f-AMD-IOMMU-adjust-IOMMU-list-head-init.patch
5cf8da09-adjust-sysdom-creation-call-earlier-on-x86.patch
5d0cf4e4-AMD-IOMMU-initialize-IRQ-tasklet-once.patch
5d149bb0-AMD-IOMMU-dont-add-IOMMUs.patch
5d1b3fab-AMD-IOMMU-restrict-feature-logging.patch
5d358508-x86-IRQ-desc-affinity-represents-request.patch
5d358534-x86-IRQ-consolidate-arch-cpu_mask-use.patch
5d358a67-AMD-IOMMU-pass-IOMMU-to-iterate_ivrs_entries-cb.patch
5d358a92-AMD-IOMMU-pass-IOMMU-to-amd_iommu_alloc_intremap_table.patch
5d39811c-x86-IOMMU-dont-restrict-IRQ-affinities.patch
5d417813-AMD-IOMMU-bitfield-extended-features.patch
5d417838-AMD-IOMMU-bitfield-control-reg.patch
5d41785b-AMD-IOMMU-bitfield-IRTE.patch
5d41787e-AMD-IOMMU-pass-IOMMU-to-gfu-intremap-entry.patch
5d4178ad-AMD-IOMMU-128bit-non-guest-APIC-IRTE.patch
5d4178fc-AMD-IOMMU-split-amd_iommu_init_one.patch
5d41793f-AMD-IOMMU-allow-enabling-without-IRQ.patch
5d417a16-AMD-IOMMU-adjust-IRQ-setup-for-x2APIC.patch
5d417ab6-AMD-IOMMU-enable-x2APIC-mode.patch
5d417b38-AMD-IOMMU-correct-IRTE-updating.patch
5d417b6a-AMD-IOMMU-dont-needlessly-log-headers.patch
5d419d49-x86-spec-ctrl-report-proper-status.patch
5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch
5d4a9d25-AMD-IOMMU-drop-not-found-message.patch
5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch
5d4afa7a-credit2-fix-memory-leak.patch
5d4d850a-introduce-bss-percpu-page-aligned.patch
5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch
5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch
5d6524ca-x86-mm-correctly-init-M2P-entries.patch
5d67ceaf-x86-properly-gate-PKU-clearing.patch
5d70bfba-x86-shadow-dont-enable-with-too-small-allocation.patch
5d779811-x86-fix-CPUID7-0-eax-levelling-MSR.patch
5d77b40f-fix-hvm_all_ioreq_servers_add_vcpu-cleanup.patch
5d80e7c0-AMD-IOMMU-free-shared-IRT-once.patch
5d80e80d-AMD-IOMMU-valid-flag-for-IVRS-mappings.patch
5d80e82e-AMD-IOMMU-alloc_intremap_table-callers-handle-errors.patch
5d80e857-x86-PCI-read-MSI-X-table-entry-count-early.patch
5d80ea13-vpci-honor-read-only-devices.patch
5d89d8d9-libxc-x86-avoid-overflow-in-CPUID-APIC-ID.patch
5d8b715f-ACPI-cpuidle-bump-max-num-of-states.patch
5d8b72e5-AMD-IOMMU-dont-blindly-alloc-intremap-tables.patch
5d8b730e-AMD-IOMMU-phantom-funcs-share-intremap-tables.patch
5d8b733b-x86-PCI-read-max-MSI-vector-count-early.patch
5d8b736d-AMD-IOMMU-replace-INTREMAP_ENTRIES.patch
5d8b7393-AMD-IOMMU-restrict-intremap-table-sizes.patch
5d9ee2a8-AMD-IOMMU-alloc-1-devtab-per-PCI-seg.patch
5d9ee2f0-AMD-IOMMU-allocate_buffer-avoid-memset.patch
5d9ee312-AMD-IOMMU-prefill-all-DTEs.patch
CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch
blktap2-no-uninit.patch
libxl.prepare-environment-for-domcreate_stream_done.patch
pygrub-python3-conversion.patch
fix-xenpvnetboot.patch�- bsc#1135799 - Partner-L3: Xen crashes on AMD ROME based machines
5d9ee2a8-AMD-IOMMU-alloc-1-devtab-per-PCI-seg.patch
5d9ee2f0-AMD-IOMMU-allocate_buffer-avoid-memset.patch
5d9ee312-AMD-IOMMU-prefill-all-DTEs.patch�- bsc#1120095 - add code to change LIBXL_HOTPLUG_TIMEOUT at runtime
The included README has details about the impact of this change
libxl.LIBXL_HOTPLUG_TIMEOUT.patch�- bsc#1135799 - Partner-L3: Xen crashes on AMD ROME based machines
5ca7660f-x86-entry-drop-unused-includes.patch
5cf8da09-adjust-sysdom-creation-call-earlier-on-x86.patch
5cab2a6b-x86-ACPI-also-parse-AMD-tables-early.patch
5cab2ab7-x86-IOMMU-introduce-init-ops.patch
5cab2ae8-x86-IOMMU-abstract-iommu_supports_eim.patch
5cab2b4e-x86-IOMMU-abstract-iommu_enable_x2apic_IR.patch
5cab2b95-x86-IOMMU-initialize-iommu_ops-in.patch
5cac9a4b-x86-IOMMU-abstract-adjust_vtd_irq_affinities.patch
5cdeac7f-AMD-IOMMU-adjust-IOMMU-list-head-init.patch
5d0cf4e4-AMD-IOMMU-initialize-IRQ-tasklet-once.patch
5d149bb0-AMD-IOMMU-dont-add-IOMMUs.patch
5d1b3fab-AMD-IOMMU-restrict-feature-logging.patch
5d358508-x86-IRQ-desc-affinity-represents-request.patch
5d358534-x86-IRQ-consolidate-arch-cpu_mask-use.patch
5d358a67-AMD-IOMMU-pass-IOMMU-to-iterate_ivrs_entries-cb.patch
5d358a92-AMD-IOMMU-pass-IOMMU-to-amd_iommu_alloc_intremap_table.patch
5d39811c-x86-IOMMU-dont-restrict-IRQ-affinities.patch
5d417813-AMD-IOMMU-bitfield-extended-features.patch
5d417838-AMD-IOMMU-bitfield-control-reg.patch
5d41785b-AMD-IOMMU-bitfield-IRTE.patch
5d41787e-AMD-IOMMU-pass-IOMMU-to-gfu-intremap-entry.patch
5d4178ad-AMD-IOMMU-128bit-non-guest-APIC-IRTE.patch
5d4178fc-AMD-IOMMU-split-amd_iommu_init_one.patch
5d41793f-AMD-IOMMU-allow-enabling-without-IRQ.patch
5d417a16-AMD-IOMMU-adjust-IRQ-setup-for-x2APIC.patch
5d417ab6-AMD-IOMMU-enable-x2APIC-mode.patch
5d417b38-AMD-IOMMU-correct-IRTE-updating.patch
5d417b6a-AMD-IOMMU-dont-needlessly-log-headers.patch
5d4a9d25-AMD-IOMMU-drop-not-found-message.patch
5d80e7c0-AMD-IOMMU-free-shared-IRT-once.patch
5d80e80d-AMD-IOMMU-valid-flag-for-IVRS-mappings.patch
5d80e82e-AMD-IOMMU-alloc_intremap_table-callers-handle-errors.patch
5d80e857-x86-PCI-read-MSI-X-table-entry-count-early.patch
5d8b72e5-AMD-IOMMU-dont-blindly-alloc-intremap-tables.patch
5d8b730e-AMD-IOMMU-phantom-funcs-share-intremap-tables.patch
5d8b733b-x86-PCI-read-max-MSI-vector-count-early.patch
5d8b736d-AMD-IOMMU-replace-INTREMAP_ENTRIES.patch
5d8b7393-AMD-IOMMU-restrict-intremap-table-sizes.patch
- bsc#1145240 - [Migration]Can't pre-allocate 1 shadow pages
5d70bfba-x86-shadow-dont-enable-with-too-small-allocation.patch
- bsc#1137717 - [HPS Bug] Unable to install Windows Server 2016
with 2 CPUs setting (or above) under SLES12 SP4 Xen Server on AMD
ROME platform
5d89d8d9-libxc-x86-avoid-overflow-in-CPUID-APIC-ID.patch
- Upstream bug fixes (bsc#1027519)
5d67ceaf-x86-properly-gate-PKU-clearing.patch
5d779811-x86-fix-CPUID7-0-eax-levelling-MSR.patch
5d77b40f-fix-hvm_all_ioreq_servers_add_vcpu-cleanup.patch
5d80ea13-vpci-honor-read-only-devices.patch
5d8b715f-ACPI-cpuidle-bump-max-num-of-states.patch�- bsc#1145774 - Libivrtd segfaults when trying to live migrate a VM
Fix crash in an error path of libxl_domain_suspend with
libxl.helper_done-crash.patch�- Upstream bug fixes (bsc#1027519)
5d419d49-x86-spec-ctrl-report-proper-status.patch
5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch
5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch
5d4afa7a-credit2-fix-memory-leak.patch
5d4d850a-introduce-bss-percpu-page-aligned.patch
5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch
5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch
5d6524ca-x86-mm-correctly-init-M2P-entries.patch
- Drop 5d419d49-x86-spec-ctrl-facilities-report-wrong-status.patch�- Preserve modified files which used to be marked as %config,
rename file.rpmsave to file�- Update to Xen 4.12.1 bug fix release (bsc#1027519)
xen-4.12.1-testing-src.tar.bz2
- Drop patches contained in new tarball
5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch
5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch
5c87b6c8-drop-arch_evtchn_inject.patch
5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch
5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch
5c8f752c-x86-e820-build-with-gcc9.patch
5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch
5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch
5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch
5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch
5c9e63c5-credit2-SMT-idle-handling.patch
5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch
5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch
5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch
5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch
5cd921fb-trace-fix-build-with-gcc9.patch
5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch
5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch
5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch
5cd926d0-bitmap_fill-zero-sized.patch
5cd92724-drivers-video-drop-constraints.patch
5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch
5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch
5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch
5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch
5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch
5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch
5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch
5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch
5cdeb9fd-sched-fix-csched2_deinit_pdata.patch
5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch
5cf0f6a4-x86-vhpet-resume-avoid-small-diff.patch
5cf16e51-x86-spec-ctrl-Knights-retpoline-safe.patch
5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch
5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch
5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch
5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch
5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch
5d03a0c4-6-Arm64-cmpxchg-simplify.patch
5d03a0c4-7-Arm32-cmpxchg-simplify.patch
5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch
5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch
5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch
5d03a0c4-B-bitops-guest-helpers.patch
5d03a0c4-C-cmpxchg-guest-helpers.patch
5d03a0c4-D-use-guest-atomics-helpers.patch
5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch
5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch
- Refreshed patches
libxl.pvscsi.patch�- bsc#1143563 - Speculative mitigation facilities report wrong status
5d419d49-x86-spec-ctrl-facilities-report-wrong-status.patch�- Update xen-dom0-modules.service (bsc#1137251)
Map backend module names from pvops and xenlinux kernels to a
module alias. This avoids errors from modprobe about unknown
modules. Ignore a few xenlinux modules that lack aliases.�- Gcc9 warnings seem to be cleared up with upstream fixes.
Drop gcc9-ignore-warnings.patch�- bsc#1138563 - L3: xenpvnetboot improperly ported to Python 3
fix-xenpvnetboot.patch�- Move /etc/modprobe.d/xen_loop.conf to /lib/modprobe.d/xen_loop.conf�- Remove /etc/xen/xenapiusers and /etc/pam.d/xen-api�- Remove all upstream provided files in /etc/xen
They are not required at runtime. The host admin is now
responsible if he really needs anything in this subdirectory.�- In our effort to make /etc fully admin controlled, move /etc/xen/scripts
to libexec/xen/scripts with xen-tools.etc_pollution.patch�- Move /etc/bash_completion.d/xl.sh to %{_datadir}/bash-completion/completions�- bsc#1138294 - VUL-0: CVE-2019-17349: XSA-295: Unlimited Arm
Atomics Operations
5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch
5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch
5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch
5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch
5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch
5d03a0c4-6-Arm64-cmpxchg-simplify.patch
5d03a0c4-7-Arm32-cmpxchg-simplify.patch
5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch
5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch
5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch
5d03a0c4-B-bitops-guest-helpers.patch
5d03a0c4-C-cmpxchg-guest-helpers.patch
5d03a0c4-D-use-guest-atomics-helpers.patch
5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch
5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch
- Upstream bug fixes (bsc#1027519)
5c87b6c8-drop-arch_evtchn_inject.patch
5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch
5cd921fb-trace-fix-build-with-gcc9.patch
5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch
5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch
5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch
5cd926d0-bitmap_fill-zero-sized.patch
5cd92724-drivers-video-drop-constraints.patch
5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch (Replaces xsa297-0a.patch)
5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch (Replaces xsa297-0b.patch)
5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch (Replaces xsa297-0c.patch)
5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch (Replaces xsa297-0d.patch)
5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch (Replaces xsa297-1.patch)
5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch (Replaces xsa297-2.patch)
5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch (Replaces xsa297-3.patch)
5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch
5cdeb9fd-sched-fix-csched2_deinit_pdata.patch
5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch
5cf0f6a4-x86-vhpet-resume-avoid-small-diff.patch
5cf16e51-x86-spec-ctrl-Knights-retpoline-safe.patch�- Fix some outdated information in the readme
README.SUSE�- spec: xen-tools: require matching version of xen package
bsc#1137471�- Remove two stale patches
xen.build-compare.man.patch
xenpaging.doc.patch�- Disable LTO (boo#1133296).�- Remove arm32 from ExclusiveArch to fix build�- bsc#1111331 - VUL-0: CPU issues Q2 2019 aka "Group 4".
CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
xsa297-0a.patch
xsa297-0b.patch
xsa297-0c.patch
xsa297-0d.patch
xsa297-1.patch
xsa297-2.patch
xsa297-3.patch
- Update 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch and
drop 5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch
Refresh 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch�- bsc#1131811 - [XEN] internal error: libxenlight failed to create
new domain. This patch is a workaround for a systemd issue. See
patch header for additional comments.
xenstore-launch.patch�- bsc#1125378 - [xen][pygrub] Can not restore sle11sp4 pv guest
after upgrading host from sle11sp4 to sle15sp1
pygrub-python3-conversion.patch
- Fix "TypeError: virDomainDefineXML() argument 2 must be str or
None, not bytes" when converting VMs from using the xm/xend
toolstack to the libxl/libvirt toolstack. (bsc#1123378)
xen2libvirt.py�- bsc#1124560 - Fully virtualized guests crash on boot
5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch
- bsc#1121391 - GCC 9: xen build fails
5c8f752c-x86-e820-build-with-gcc9.patch
- Upstream bug fixes (bsc#1027519)
5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch
5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch
5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch
5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch
5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch
5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch
5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch
5c9e63c5-credit2-SMT-idle-handling.patch
5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch
5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch
5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch
5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch�- Install pkgconfig files into libdir instead of datadir�- Update to Xen 4.12.0 FCS release (fate#325107, fate#323901)
xen-4.12.0-testing-src.tar.bz2
* HVM/PVH and PV only Hypervisor: The Xen 4.12 release separates
the HVM/PVH and PV code paths in Xen and provides KCONFIG
options to build a PV only or HVM/PVH only hypervisor.
* QEMU Deprivilege (DM_RESTRICT): In Xen 4.12, this feature has
been vastly improved.
* Argo - Hypervisor-Mediated data eXchange: Argo is a new inter-
domain communication mechanism.
* Improvements to Virtual Machine Introspection: The VMI subsystem
which allows detection of 0-day vulnerabilities has seen many
functional and performance improvements.
* Credit 2 Scheduler: The Credit2 scheduler is now the Xen Project
default scheduler.
* PVH Support: Grub2 boot support has been added to Xen and Grub2.
* PVH Dom0: PVH Dom0 support has now been upgraded from experimental
to tech preview.
* The Xen 4.12 upgrade also includes improved IOMMU mapping code,
which is designed to significantly improve the startup times of
AMD EPYC based systems.
* The upgrade also features Automatic Dom0 Sizing which allows the
setting of Dom0 memory size as a percentage of host memory (e.g.
10%) or with an offset (e.g. 1G+10%).�- bsc#1130485 - Please drop Requires on multipath-tools in
xen-tools. Now using Recommends multipath-tools.
xen.spec�- Update to Xen 4.12.0 RC7 release (fate#325107, fate#323901)
xen-4.12.0-testing-src.tar.bz2�- Update to Xen 4.12.0 RC6 release (fate#325107, fate#323901)
xen-4.12.0-testing-src.tar.bz2�- bsc#1026236 - add Xen cmdline option "suse_vtsc_tolerance" to
avoid TSC emulation for HVM domUs if their expected frequency
does not match exactly the frequency of the receiving host
xen.bug1026236.suse_vtsc_tolerance.patch�- Update to Xen 4.12.0 RC5 release (fate#325107, fate#323901)
xen-4.12.0-testing-src.tar.bz2�- jsc#SLE-3059 - Disable Xen auto-ballooning
- Add CONFIG_DOM0_MEM to the spec file for managing dom0 memory.
xen.spec
- Disable autoballooning in xl.con
xl-conf-disable-autoballoon.patch�- Update gcc9-ignore-warnings.patch to fix build in SLE12�- bsc#1126325 - fix crash in libxl in error path
Setup of grant_tables and other variables may fail
libxl.prepare-environment-for-domcreate_stream_done.patch�- bsc#1127620 - Documentation for the xl configuration file allows
for firmware=pvgrub64 but we don't ship pvgrub64.
Create a link from grub.xen to pvgrub64
xen.spec�- Update to Xen 4.12.0 RC4 release (fate#325107, fate#323901)
xen-4.12.0-testing-src.tar.bz2
- Tarball also contains additional post RC4 security fixes for
Xen Security Advisories 287, 288, and 290 through 294.�- Update to Xen 4.12.0 RC3 release (fate#325107, fate#323901)
xen-4.12.0-testing-src.tar.bz2�- Update to Xen 4.12.0 RC2 release (fate#325107, fate#323901)
xen-4.12.0-testing-src.tar.bz2�- bsc#1121391 - GCC 9: xen build fails
gcc9-ignore-warnings.patch�- bsc#1122563 - Virtualization/xen: Bug no Xen on boot, missing
/proc/xen, after 4.11 -> 4.12 upgrade on X86_64/efi.
Keep xen.efi in /usr/lib64/efi for booting older distros.
xen.spec�- fate#326960: Package grub2 as noarch.
As part of the effort to have a unified bootloader across
architectures, modify the xen.spec file to move the Xen efi files
to /usr/share/efi/$(uname -m) from /usr/lib64/efi.�- Update to Xen 4.12.0 RC1 release (fate#325107, fate#323901)
xen-4.12.0-testing-src.tar.bz2
- Drop
5b505d59-tools-xentop-replace-use-of-deprecated-vwprintw.patch
5b76ec82-libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch
5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch
5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch
5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch
5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch
5b9784d2-x86-HVM-add-known_gla-helper.patch
5b9784f2-x86-HVM-split-page-straddling-accesses.patch
5bdc31d5-VMX-fix-vmx_handle_eoi.patch
gcc8-fix-array-warning-on-i586.patch
gcc8-fix-format-warning-on-i586.patch
gcc8-inlining-failed.patch
xen.bug1079730.patch�- bsc#1121960 - xen: sync with Factory
xen.spec
xen.changes�- Replace old $RPM_* shell vars.
- Run fdupes for all architectures, and not crossing
subvolume boundaries.�- Do not run %fdupes on aarch64 to avoid the hardlink-across-partition
rpmlint error�- Require qemu-seabios only on x86* as it is not available on non-x86
systems�- Avoid creating dangling symlinks (bsc#1116524)
This reverts the revert of tmp_build.patch�- Update to Xen 4.11.1 bug fix release (bsc#1027519)
xen-4.11.1-testing-src.tar.bz2
- 5b505d59-tools-xentop-replace-use-of-deprecated-vwprintw.patch
replaces xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch
- 5b76ec82-libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch
replaces xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch
- Drop the following patches contained in the new tarball
5b34b8fe-VMX-defer-vmx_vmcs_exit-as-long-as-possible.patch
5b3cab8e-1-VMX-MSR_DEBUGCTL-handling.patch
5b3cab8e-2-VMX-improve-MSR-load-save-API.patch
5b3cab8e-3-VMX-cleanup-MSR-load-save-infra.patch
5b3cab8f-1-VMX-factor-out-locate_msr_entry.patch
5b3cab8f-2-VMX-remote-access-to-MSR-lists.patch
5b3cab8f-3-VMX-improve-LBR-MSR-handling.patch
5b3cab8f-4-VMX-pass-MSR-value-into-vmx_msr_add.patch
5b3cab8f-5-VMX-load-only-guest-MSR-entries.patch
5b3f8fa5-port-array_index_nospec-from-Linux.patch
5b4321f6-x86-correctly-set-nonlazy_xstate_used-when-loading-full-state.patch
5b4488e7-x86-spec-ctrl-cmdline-handling.patch
5b471517-page_alloc-correct-first_dirty-calc-in-block-merging.patch
5b4c9a60-allow-cpu_down-to-be-called-earlier.patch
5b4db308-SVM-fix-cleanup-svm_inject_event.patch
5b5040c3-cpupools-fix-state-when-downing-a-CPU-failed.patch
5b5040f2-x86-AMD-distinguish-CU-from-HT.patch
5b505fe5-VMX-fix-find-msr-build.patch
5b508775-1-x86-distinguish-CPU-offlining-and-removal.patch
5b508775-2-x86-possibly-bring-up-all-CPUs.patch
5b508775-3-x86-cmdline-opt-to-avoid-use-of-secondary-HTs.patch
5b508ce8-VMX-dont-clobber-dr6-while-debug-state-is-lazy.patch
5b50df16-1-x86-xstate-use-guest-CPUID-policy.patch
5b50df16-2-x86-make-xstate-calculation-errors-more-obvious.patch
5b56feb1-hvm-Disallow-unknown-MSR_EFER-bits.patch
5b56feb2-spec-ctrl-Fix-the-parsing-of-xpti--on-fixed-Intel-hardware.patch
5b62ca93-VMX-avoid-hitting-BUG_ON.patch
5b6d84ac-x86-fix-improve-vlapic-read-write.patch
5b6d8ce2-x86-XPTI-parsing.patch
5b72fbbe-ARM-disable-grant-table-v2.patch
5b72fbbe-oxenstored-eval-order.patch
5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch
5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch
5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch
5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch
5b72fbbf-4-mm-Plumbing-to-allow-any-PTE-update-to-fail-with--ERESTART.patch
5b72fbbf-5-pv-Force-a-guest-into-shadow-mode-when-it-writes-an-L1TF-vulnerable-PTE.patch
5b72fbbf-6-spec-ctrl-CPUID-MSR-definitions-for-L1D_FLUSH.patch
5b72fbbf-7-msr-Virtualise-MSR_FLUSH_CMD-for-guests.patch
5b72fbbf-8-spec-ctrl-Introduce-an-option-to-control-L1D_FLUSH-for-HVM-HAP-guests.patch
5b72fbbf-x86-Make-spec-ctrl-no-a-global-disable-of-all-mitigations.patch
5b72fbbf-xl.conf-Add-global-affinity-masks.patch
5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch
5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch
5b75afef-x86-setup-avoid-OoB-E820-lookup.patch
5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch
5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch
5b8d5832-x86-assorted-array_index_nospec-insertions.patch
5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch
5bacae4b-x86-boot-allocate-extra-module-slot.patch
5bae44ce-x86-silence-false-log-messages.patch
5bb60c12-x86-split-opt_xpti.patch
5bb60c4f-x86-split-opt_pv_l1tf.patch
5bb60c74-x86-fix-xpti-and-pv-l1tf.patch
5bcf0722-x86-boot-enable-NMIs.patch
5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch
5bd076e9-x86-boot-init-debug-regs-correctly.patch
5bd076e9-x86-init-vcpu-debug-regs-correctly.patch
5bd0e0cf-vvmx-Disallow-the-use-of-VT-x-instructions-when-nested-virt-is-disabled.patch
5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch
5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch
5be2a308-x86-extend-get_platform_badpages.patch
5be2a354-x86-work-around-HLE-host-lockup-erratum.patch
xsa275-1.patch
xsa275-2.patch
xsa276-1.patch
xsa276-2.patch
xsa277.patch
xsa279.patch
xsa280-1.patch
xsa280-2.patch�- bsc#1116524 - Package xen-tools-4.11.0_09-2.1.x86_64 broken:
Missing /bin/domu-xenstore. This was broken because "make
package build reproducible" change. (boo#1047218, boo#1062303)
This fix reverses the change to this patch.
tmp_build.patch�- bsc#1115040 - VUL-0: CVE-2018-19961 CVE-2018-19962: xen:
insufficient TLB flushing / improper large page mappings with AMD
IOMMUs (XSA-275)
xsa275-1.patch
xsa275-2.patch
- bsc#1115043 - VUL-0: CVE-2018-19963: xen: resource accounting
issues in x86 IOREQ server handling (XSA-276)
xsa276-1.patch
xsa276-2.patch
- bsc#1115044 - VUL-0: CVE-2018-19964: xen: x86: incorrect error
handling for guest p2m page removals (XSA-277)
xsa277.patch
- bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even
when disabled (XSA-278)
5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch
- bsc#1115045 - VUL-0: xen: CVE-2018-19965: x86: DoS from attempting
to use INVPCID with a non-canonical addresses (XSA-279)
xsa279.patch
- bsc#1115047 - VUL-0: CVE-2018-19966: xen: Fix for XSA-240
conflicts with shadow paging (XSA-280)
xsa280-1.patch
xsa280-2.patch
- bsc#1114988 - VUL-0: CVE-2018-19967: xen: guest use of HLE
constructs may lock up host (XSA-282)
5be2a308-x86-extend-get_platform_badpages.patch
5be2a354-x86-work-around-HLE-host-lockup-erratum.patch
- bsc#1108940 - L3: XEN SLE12-SP1 domU hang on SLE12-SP3 HV
5bdc31d5-VMX-fix-vmx_handle_eoi.patch
- Upstream bug fixes (bsc#1027519)
5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch
5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch
5bacae4b-x86-boot-allocate-extra-module-slot.patch
5bae44ce-x86-silence-false-log-messages.patch
5bb60c12-x86-split-opt_xpti.patch
5bb60c4f-x86-split-opt_pv_l1tf.patch
5bb60c74-x86-fix-xpti-and-pv-l1tf.patch
5bcf0722-x86-boot-enable-NMIs.patch
5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch
5bd076e9-x86-boot-init-debug-regs-correctly.patch
5bd076e9-x86-init-vcpu-debug-regs-correctly.patch
5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch�- bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even
when disabled (XSA-278)
5bd0e0cf-vvmx-Disallow-the-use-of-VT-x-instructions-when-nested-virt-is-disabled.patch�- Use SMBIOS_REL_DATE instead of SMBIOS_DATE for reproducible binaries�- make package build reproducible (boo#1047218, boo#1062303)
* Set SMBIOS_REL_DATE
* Update tmp_build.patch to use SHA instead of random build-id
* Add reproducible.patch to use --no-insert-timestamp�- Building with ncurses 6.1 will fail without
xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch
- Building libxl acpi support on aarch64 with gcc 8.2 will fail without
xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch�- bsc#1106263 - L3: The affinity reporting via 'xl vcpu-list' is
apparently broken
5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch
5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch
5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch�- bsc#1094508 - L3: Kernel oops in fs/dcache.c called by
d_materialise_unique()
5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch
5b9784d2-x86-HVM-add-known_gla-helper.patch
5b9784f2-x86-HVM-split-page-straddling-accesses.patch
- bsc#1103279 - (CVE-2018-15470) VUL-0: CVE-2018-15470: xen:
oxenstored does not apply quota-maxentity (XSA-272)
5b72fbbe-oxenstored-eval-order.patch
- bsc#1103275 - (CVE-2018-15469) VUL-0: CVE-2018-15469: xen: Use of
v2 grant tables may cause crash on ARM (XSA-268)
5b72fbbe-ARM-disable-grant-table-v2.patch
- Upstream patches from Jan (bsc#1027519)
5b6d84ac-x86-fix-improve-vlapic-read-write.patch
5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch
5b75afef-x86-setup-avoid-OoB-E820-lookup.patch
5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch
5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch
5b8d5832-x86-assorted-array_index_nospec-insertions.patch
- Drop 5b741962-x86-write-to-correct-variable-in-parse_pv_l1tf.patch�- bsc#1078292 - rpmbuild -ba SPECS/xen.spec with xen-4.9.1 failed
xen.spec�- bsc#1091107 - VUL-0: CVE-2018-3646: xen: L1 Terminal Fault -VMM
(XSA-273)
5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch
5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch
5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch
5b72fbbf-4-mm-Plumbing-to-allow-any-PTE-update-to-fail-with--ERESTART.patch
5b72fbbf-5-pv-Force-a-guest-into-shadow-mode-when-it-writes-an-L1TF-vulnerable-PTE.patch
5b72fbbf-6-spec-ctrl-CPUID-MSR-definitions-for-L1D_FLUSH.patch
5b72fbbf-7-msr-Virtualise-MSR_FLUSH_CMD-for-guests.patch
5b72fbbf-8-spec-ctrl-Introduce-an-option-to-control-L1D_FLUSH-for-HVM-HAP-guests.patch
- bsc#1103276 - VUL-0: CVE-2018-15468: xen: x86: Incorrect
MSR_DEBUGCTL handling lets guests enable BTS (XSA-269)
5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch
- Upstream prereq patches for XSA-273 and other upstream fixes
(bsc#1027519)
5b34b8fe-VMX-defer-vmx_vmcs_exit-as-long-as-possible.patch
5b3cab8e-1-VMX-MSR_DEBUGCTL-handling.patch
5b3cab8e-2-VMX-improve-MSR-load-save-API.patch
5b3cab8e-3-VMX-cleanup-MSR-load-save-infra.patch
5b3cab8f-1-VMX-factor-out-locate_msr_entry.patch
5b3cab8f-2-VMX-remote-access-to-MSR-lists.patch
5b3cab8f-3-VMX-improve-LBR-MSR-handling.patch
5b3cab8f-4-VMX-pass-MSR-value-into-vmx_msr_add.patch
5b3cab8f-5-VMX-load-only-guest-MSR-entries.patch
5b4321f6-x86-correctly-set-nonlazy_xstate_used-when-loading-full-state.patch
5b505fe5-VMX-fix-find-msr-build.patch
5b56feb1-hvm-Disallow-unknown-MSR_EFER-bits.patch
5b56feb2-spec-ctrl-Fix-the-parsing-of-xpti--on-fixed-Intel-hardware.patch
5b62ca93-VMX-avoid-hitting-BUG_ON.patch
5b6d8ce2-x86-XPTI-parsing.patch
5b72fbbf-x86-Make-spec-ctrl-no-a-global-disable-of-all-mitigations.patch
5b72fbbf-xl.conf-Add-global-affinity-masks.patch
5b741962-x86-write-to-correct-variable-in-parse_pv_l1tf.patch�- Upstream patches from Jan (bsc#1027519)
5b3f8fa5-port-array_index_nospec-from-Linux.patch
5b4488e7-x86-spec-ctrl-cmdline-handling.patch
5b471517-page_alloc-correct-first_dirty-calc-in-block-merging.patch
5b4c9a60-allow-cpu_down-to-be-called-earlier.patch
5b4db308-SVM-fix-cleanup-svm_inject_event.patch
5b5040c3-cpupools-fix-state-when-downing-a-CPU-failed.patch
5b5040f2-x86-AMD-distinguish-CU-from-HT.patch
5b508775-1-x86-distinguish-CPU-offlining-and-removal.patch
5b508775-2-x86-possibly-bring-up-all-CPUs.patch
5b508775-3-x86-cmdline-opt-to-avoid-use-of-secondary-HTs.patch
5b508ce8-VMX-dont-clobber-dr6-while-debug-state-is-lazy.patch
5b50df16-1-x86-xstate-use-guest-CPUID-policy.patch
5b50df16-2-x86-make-xstate-calculation-errors-more-obvious.patch
gcc8-fix-format-warning-on-i586.patch
gcc8-fix-array-warning-on-i586.patch
- Drop xen.fuzz-_FORTIFY_SOURCE.patch
gcc8-fix-warning-on-i586.patch�- Update to Xen 4.11.0 FCS (fate#325202, fate#325123)
xen-4.11.0-testing-src.tar.bz2
disable-building-pv-shim.patch
- Dropped patches
5a33a12f-domctl-improve-locking-during-domain-destruction.patch
5a6703cb-x86-move-invocations-of-hvm_flush_guest_tlbs.patch
5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch
5a9985bd-x86-invpcid-support.patch
5ac72a48-gcc8.patch
5ac72a5f-gcc8.patch
5ac72a64-gcc8.patch
5ac72a69-gcc8.patch
5ac72a6e-gcc8.patch
5ac72a74-gcc8.patch
5ac72a7b-gcc8.patch
5ad4923e-x86-correct-S3-resume-ordering.patch
5ad49293-x86-suppress-BTI-mitigations-around-S3.patch
5ad600d4-x86-pv-introduce-x86emul_read_dr.patch
5ad600d4-x86-pv-introduce-x86emul_write_dr.patch
5ad8c3a7-x86-spec_ctrl-update-retpoline-decision-making.patch
5adda097-x86-HPET-fix-race-triggering-ASSERT.patch
5adda0d5-x86-HVM-never-retain-emulated-insn-cache.patch
5adde9ed-xpti-fix-double-fault-handling.patch
5ae06fad-SVM-fix-intercepts-for-SYS-CALL-ENTER-MSRs.patch
5ae31917-x86-cpuidle-init-stats-lock-once.patch
5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch
5aeaeaf0-sched-fix-races-in-vcpu-migration.patch
5aeb2c57-x86-retval-checks-of-set-guest-trapbounce.patch
5aec7393-1-x86-xpti-avoid-copy.patch
5aec7393-2-x86-xpti-write-cr3.patch
5aec744a-3-x86-xpti-per-domain-flag.patch
5aec744a-4-x86-xpti-use-invpcid.patch
5aec744a-5-x86-xpti-no-global-pages.patch
5aec744a-6-x86-xpti-cr3-valid-flag.patch
5aec744a-7-x86-xpti-pv_guest_cr4_to_real_cr4.patch
5aec744b-8-x86-xpti-cr3-helpers.patch
5aec74a8-9-x86-xpti-use-pcid.patch
5af1daa9-1-x86-traps-fix-dr6-handing-in-DB-handler.patch
5af1daa9-2-x86-pv-move-exception-injection-into-test_all_events.patch
5af1daa9-3-x86-traps-use-IST-for-DB.patch
5af1daa9-4-x86-traps-fix-handling-of-DB-in-hypervisor-context.patch
5af1daa9-x86-HVM-guard-against-bogus-emulator-ioreq-state.patch
5af1daa9-x86-vpt-support-IO-APIC-routed-intr.patch
5af97999-viridian-cpuid-leaf-40000003.patch
5afc13ae-1-x86-read-MSR_ARCH_CAPABILITIES-once.patch
5afc13ae-2-x86-express-Xen-SPEC_CTRL-choice-as-variable.patch
5afc13ae-3-x86-merge-bti_ist_info-use_shadow_spec_ctrl.patch
5afc13ae-4-x86-fold-XEN_IBRS-ALTERNATIVES.patch
5afc13ae-5-x86-rename-bits-of-spec_ctrl-infrastructure.patch
5afc13ae-6-x86-elide-MSR_SPEC_CTRL-handling-in-idle.patch
5afc13ae-7-x86-split-X86_FEATURE_SC_MSR.patch
5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch
5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch
5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch
5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch
5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch
5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch
5b0bc9da-x86-XPTI-fix-S3-resume.patch
5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x80000008.patch
5b0d2d91-x86-suppress-sync-when-XPTI-off.patch
5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch
5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch
5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch
5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch
5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch
5b238b92-x86-HVM-account-for-fully-eager-FPU.patch
5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
5b31e004-x86-HVM-emul-attempts-FPU-set-fpu_initialised.patch
5b323e3c-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
5b34882d-x86-mm-dont-bypass-preemption-checks.patch
5b348874-x86-refine-checks-in-DB-handler.patch
5b348897-libxl-qemu_disk_scsi_drive_string-break-out-common.patch
5b3488a2-libxl-restore-passing-ro-to-qemu-for-SCSI-disks.patch
5b34891a-x86-HVM-dont-cause-NM-to-be-raised.patch
5b348954-x86-guard-against-NM.patch
libxl.Add-a-version-check-of-QEMU-for-QMP-commands.patch
libxl.LIBXL_DESTROY_TIMEOUT.patch
libxl.qmp-Tell-QEMU-about-live-migration-or-snapshot.patch
xen_fix_build_with_acpica_20180427_and_new_packages.patch�- Submit upstream patch libacpi: fixes for iasl >= 20180427
git commit 858dbaaeda33b05c1ac80aea0ba9a03924e09005
xen_fix_build_with_acpica_20180427_and_new_packages.patch
This is needed for acpica package to get updated in our build service�- Upstream patches from Jan (bsc#1027519)
5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch (Replaces Spectre-v4-1.patch)
5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch (Replaces Spectre-v4-2.patch)
5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch (Replaces Spectre-v4-3.patch)
5b0bc9da-x86-XPTI-fix-S3-resume.patch
5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x80000008.patch
5b0d2d91-x86-suppress-sync-when-XPTI-off.patch
5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch
5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch
5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch
5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch (Replaces xsa267-1.patch)
5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch (Replaces xsa267-2.patch)
5b238b92-x86-HVM-account-for-fully-eager-FPU.patch
5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
5b31e004-x86-HVM-emul-attempts-FPU-set-fpu_initialised.patch
5b323e3c-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
5b34882d-x86-mm-dont-bypass-preemption-checks.patch (Replaces xsa264.patch)
5b348874-x86-refine-checks-in-DB-handler.patch (Replaces xsa265.patch)
5b348897-libxl-qemu_disk_scsi_drive_string-break-out-common.patch (Replaces xsa266-1-<>.patch)
5b3488a2-libxl-restore-passing-ro-to-qemu-for-SCSI-disks.patch (Replaces xsa266-2-<>.patch)
5b34891a-x86-HVM-dont-cause-NM-to-be-raised.patch
5b348954-x86-guard-against-NM.patch�- Fix more build gcc8 related failures with xen.fuzz-_FORTIFY_SOURCE.patch�- bsc#1098403 - fix regression introduced by changes for bsc#1079730
a PV domU without qcow2 and/or vfb has no qemu attached.
Ignore QMP errors for PV domUs to handle PV domUs with and without
an attached qemu-xen.
xen.bug1079730.patch�- bsc#1097521 - VUL-0: CVE-2018-12891: xen: preemption checks
bypassed in x86 PV MM handling (XSA-264)
xsa264.patch
- bsc#1097522 - VUL-0: CVE-2018-12893: xen: x86: #DB exception
safety check can be triggered by a guest (XSA-265)
xsa265.patch
- bsc#1097523 - VUL-0: CVE-2018-12892: xen: libxl fails to honour
readonly flag on HVM emulated SCSI disks (XSA-266)
xsa266-1-libxl-qemu_disk_scsi_drive_string-Break-out-common-p.patch
xsa266-2-libxl-restore-passing-readonly-to-qemu-for-SCSI-disk.patch�- bsc#1095242 - VUL-0: CVE-2018-3665: xen: Lazy FP Save/Restore
(XSA-267)
xsa267-1.patch
xsa267-2.patch�- bsc#1092543 - GCC 8: xen build fails
gcc8-fix-warning-on-i586.patch�- bsc#1092631 - VUL-0: CVE-2018-3639: xen: V4 – Speculative Store
Bypass aka "Memory Disambiguation" (XSA-263)
5ad4923e-x86-correct-S3-resume-ordering.patch
5ad49293-x86-suppress-BTI-mitigations-around-S3.patch
5afc13ae-1-x86-read-MSR_ARCH_CAPABILITIES-once.patch
5afc13ae-2-x86-express-Xen-SPEC_CTRL-choice-as-variable.patch
5afc13ae-3-x86-merge-bti_ist_info-use_shadow_spec_ctrl.patch
5afc13ae-4-x86-fold-XEN_IBRS-ALTERNATIVES.patch
5afc13ae-5-x86-rename-bits-of-spec_ctrl-infrastructure.patch
5afc13ae-6-x86-elide-MSR_SPEC_CTRL-handling-in-idle.patch
5afc13ae-7-x86-split-X86_FEATURE_SC_MSR.patch
5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch
5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch
5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch
Spectre-v4-1.patch
Spectre-v4-2.patch
Spectre-v4-3.patch�- Always call qemus xen-save-devices-state in suspend/resume to
fix migration with qcow2 images (bsc#1079730)
libxl.Add-a-version-check-of-QEMU-for-QMP-commands.patch
libxl.qmp-Tell-QEMU-about-live-migration-or-snapshot.patch
xen.bug1079730.patch�- bsc#1087289 - L3: Xen BUG at sched_credit.c:1663
5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch
5aeaeaf0-sched-fix-races-in-vcpu-migration.patch
- Upstream patches from Jan (bsc#1027519)
5ad600d4-x86-pv-introduce-x86emul_read_dr.patch
5ad600d4-x86-pv-introduce-x86emul_write_dr.patch
5ad8c3a7-x86-spec_ctrl-update-retpoline-decision-making.patch
5adda097-x86-HPET-fix-race-triggering-ASSERT.patch
5adda0d5-x86-HVM-never-retain-emulated-insn-cache.patch
5ae06fad-SVM-fix-intercepts-for-SYS-CALL-ENTER-MSRs.patch
5ae31917-x86-cpuidle-init-stats-lock-once.patch
5aeb2c57-x86-retval-checks-of-set-guest-trapbounce.patch
5af1daa9-1-x86-traps-fix-dr6-handing-in-DB-handler.patch (Replaces xsa260-1.patch)
5af1daa9-2-x86-pv-move-exception-injection-into-test_all_events.patch (Replaces xsa260-2.patch)
5af1daa9-3-x86-traps-use-IST-for-DB.patch (Replaces xsa260-3.patch)
5af1daa9-4-x86-traps-fix-handling-of-DB-in-hypervisor-context.patch (Replaces xsa260-4.patch)
5af1daa9-x86-HVM-guard-against-bogus-emulator-ioreq-state.patch (Replaces xsa262.patch)
5af1daa9-x86-vpt-support-IO-APIC-routed-intr.patch (Replaces xsa261.patch)
5af97999-viridian-cpuid-leaf-40000003.patch�- Fixes related to Page Table Isolation (XPTI). bsc#1074562 XSA-254
5a6703cb-x86-move-invocations-of-hvm_flush_guest_tlbs.patch
5a9985bd-x86-invpcid-support.patch
5adde9ed-xpti-fix-double-fault-handling.patch
5aec7393-1-x86-xpti-avoid-copy.patch
5aec7393-2-x86-xpti-write-cr3.patch
5aec744a-3-x86-xpti-per-domain-flag.patch
5aec744a-4-x86-xpti-use-invpcid.patch
5aec744a-5-x86-xpti-no-global-pages.patch
5aec744a-6-x86-xpti-cr3-valid-flag.patch
5aec744a-7-x86-xpti-pv_guest_cr4_to_real_cr4.patch
5aec744b-8-x86-xpti-cr3-helpers.patch
5aec74a8-9-x86-xpti-use-pcid.patch�- bsc#1092543 - GCC 8: xen build fails
5ac72a48-gcc8.patch
5ac72a5f-gcc8.patch
5ac72a64-gcc8.patch
5ac72a69-gcc8.patch
5ac72a6e-gcc8.patch
5ac72a74-gcc8.patch
5ac72a7b-gcc8.patch
gcc8-inlining-failed.patch�- Update to Xen 4.10.1 bug fix release (bsc#1027519)
xen-4.10.1-testing-src.tar.bz2
disable-building-pv-shim.patch
- Drop the following patches contained in the new tarball
5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch
5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch
5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch
5a313972-x86-microcode-add-support-for-AMD-Fam17.patch
5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch
5a4caa5e-x86-IRQ-conditionally-preserve-access-perm.patch
5a4caa8c-x86-E820-don-t-overrun-array.patch
5a4e2bca-x86-free-msr_vcpu_policy-during-destruction.patch
5a4e2c2c-x86-upcall-inject-spurious-event-after-setting-vector.patch
5a4fd893-1-x86-break-out-alternative-asm-into-separate-header.patch
5a4fd893-2-x86-introduce-ALTERNATIVE_2-macros.patch
5a4fd893-3-x86-hvm-rename-update_guest_vendor-to-cpuid_policy_changed.patch
5a4fd893-4-x86-introduce-cpuid_policy_updated.patch
5a4fd893-5-x86-entry-remove-partial-cpu_user_regs.patch
5a4fd894-1-x86-rearrange-RESTORE_ALL-to-restore-in-stack-order.patch
5a4fd894-2-x86-hvm-use-SAVE_ALL-after-VMExit.patch
5a4fd894-3-x86-erase-guest-GPRs-on-entry-to-Xen.patch
5a4fd894-4-clarifications-to-wait-infrastructure.patch
5a534c78-x86-dont-use-incorrect-CPUID-values-for-topology.patch
5a5cb24c-x86-mm-always-set-_PAGE_ACCESSED-on-L4-updates.patch
5a5e2cff-x86-Meltdown-band-aid.patch
5a5e2d73-x86-Meltdown-band-aid-conditional.patch
5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch
5a5e3a4e-2-x86-support-indirect-thunks-from-asm.patch
5a5e3a4e-3-x86-report-speculative-mitigation-details.patch
5a5e3a4e-4-x86-AMD-set-lfence-as-Dispatch-Serialising.patch
5a5e3a4e-5-x86-introduce-alternative-indirect-thunks.patch
5a5e3a4e-6-x86-definitions-for-Indirect-Branch-Controls.patch
5a5e3a4e-7-x86-cmdline-opt-to-disable-IBRS-IBPB-STIBP.patch
5a5e459c-1-x86-SVM-offer-CPUID-faulting-to-AMD-HVM-guests.patch
5a5e459c-2-x86-report-domain-id-on-CPUID.patch
5a68bc16-x86-acpi-process-softirqs-logging-Cx.patch
5a69c0b9-x86-fix-GET_STACK_END.patch
5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch
5a6b36cd-2-x86-msr-emulation-of-SPEC_CTRL-PRED_CMD.patch
5a6b36cd-3-x86-migrate-MSR_SPEC_CTRL.patch
5a6b36cd-4-x86-hvm-permit-direct-access-to-SPEC_CTRL-PRED_CMD.patch
5a6b36cd-5-x86-use-SPEC_CTRL-on-entry.patch
5a6b36cd-6-x86-clobber-RSB-RAS-on-entry.patch
5a6b36cd-7-x86-no-alternatives-in-NMI-MC-paths.patch
5a6b36cd-8-x86-boot-calculate-best-BTI-mitigation.patch
5a6b36cd-9-x86-issue-speculation-barrier.patch
5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch
5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch
5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch
5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch
5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch
5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch
5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch
5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch
5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch
5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch
5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch
5a955800-gnttab-dont-free-status-pages-on-ver-change.patch
5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch
5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch
5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch
5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch
5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch
5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch
5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch
xsa258.patch
xsa259.patch�- bsc#1090820 - VUL-0: CVE-2018-8897: xen: x86: mishandling of
debug exceptions (XSA-260)
xsa260-1.patch
xsa260-2.patch
xsa260-3.patch
xsa260-4.patch
- bsc#1090822 - VUL-0: CVE-2018-10982: xen: x86 vHPET interrupt
injection errors (XSA-261)
xsa261.patch
- bsc#1090823 - VUL-0: CVE-2018-10981: xen: qemu may drive Xen into
unbounded loop (XSA-262)
xsa262.patch�- bsc#1089152 - VUL-0: CVE-2018-10472: xen: Information leak via
crafted user-supplied CDROM (XSA-258)
xsa258.patch
- bsc#1089635 - VUL-0: CVE-2018-10471: xen: x86: PV guest may crash
Xen with XPTI (XSA-259)
xsa259.patch�- Preserve xen-syms from xen-dbg.gz to allow processing vmcores
with crash(1) (bsc#1087251)�- Upstream patches from Jan (bsc#1027519) and fixes related to
Page Table Isolation (XPTI). See also bsc#1074562 XSA-254
5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch
5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch
5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch
5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch
5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch
5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch�- bsc#1072834 - Xen HVM: unchecked MSR access error: RDMSR from
0xc90 at rIP: 0xffffffff93061456 (native_read_msr+0x6/0x30)
5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch
- Upstream patches from Jan (bsc#1027519)
5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch
5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch
5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch
5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch
5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch
5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch
5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch
5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch (Replaces xsa252.patch)
5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch (Replaces xsa255-1.patch)
5a955800-gnttab-dont-free-status-pages-on-ver-change.patch (Replaces xsa255-2.patch)
5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch (Replaces xsa256.patch)
- Drop
xsa252.patch
xsa255-1.patch
xsa255-2.patch
xsa256.patch�- bsc#1080635 - VUL-0: CVE-2018-7540: xen: DoS via non-preemptable
L3/L4 pagetable freeing (XSA-252)
xsa252.patch
- bsc#1080662 - VUL-0: CVE-2018-7541: xen: grant table v2 -> v1
transition may crash Xen (XSA-255)
xsa255-1.patch
xsa255-2.patch
- bsc#1080634 - VUL-0: CVE-2018-7542: xen: x86 PVH guest without
LAPIC may DoS the host (XSA-256)
xsa256.patch�- Remove stale systemd presets code for 13.2 and older�- fate#324965 - add script, udev rule and systemd service to watch
for vcpu online/offline events in a HVM domU
They are triggered via xl vcpu-set domU N�- Replace hardcoded xen with Name tag when refering to subpkgs�- Make sure tools and tools-domU require libs from the very same build�- tools-domU: Add support for qemu guest agent. New files
80-xen-channel-setup.rules and xen-channel-setup.sh configure a
xen-pv-channel for use by the guest agent
FATE#324963�- Remove outdated /etc/xen/README*�- bsc#1073961 - VUL-0: CVE-2018-5244: xen: x86: memory leak with
MSR emulation (XSA-253)
5a4e2bca-x86-free-msr_vcpu_policy-during-destruction.patch
- bsc#1074562 - VUL-0: CVE-2017-5753,CVE-2017-5715,CVE-2017-5754
xen: Information leak via side effects of speculative execution
(XSA-254). Includes Spectre v2 mitigation.
5a4caa5e-x86-IRQ-conditionally-preserve-access-perm.patch
5a4caa8c-x86-E820-don-t-overrun-array.patch
5a4e2c2c-x86-upcall-inject-spurious-event-after-setting-vector.patch
5a4fd893-1-x86-break-out-alternative-asm-into-separate-header.patch
5a4fd893-2-x86-introduce-ALTERNATIVE_2-macros.patch
5a4fd893-3-x86-hvm-rename-update_guest_vendor-to-cpuid_policy_changed.patch
5a4fd893-4-x86-introduce-cpuid_policy_updated.patch
5a4fd893-5-x86-entry-remove-partial-cpu_user_regs.patch
5a4fd894-1-x86-rearrange-RESTORE_ALL-to-restore-in-stack-order.patch
5a4fd894-2-x86-hvm-use-SAVE_ALL-after-VMExit.patch
5a4fd894-3-x86-erase-guest-GPRs-on-entry-to-Xen.patch
5a4fd894-4-clarifications-to-wait-infrastructure.patch
5a534c78-x86-dont-use-incorrect-CPUID-values-for-topology.patch
5a5cb24c-x86-mm-always-set-_PAGE_ACCESSED-on-L4-updates.patch
5a5e2cff-x86-Meltdown-band-aid.patch
5a5e2d73-x86-Meltdown-band-aid-conditional.patch
5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch
5a5e3a4e-2-x86-support-indirect-thunks-from-asm.patch
5a5e3a4e-3-x86-report-speculative-mitigation-details.patch
5a5e3a4e-4-x86-AMD-set-lfence-as-Dispatch-Serialising.patch
5a5e3a4e-5-x86-introduce-alternative-indirect-thunks.patch
5a5e3a4e-6-x86-definitions-for-Indirect-Branch-Controls.patch
5a5e3a4e-7-x86-cmdline-opt-to-disable-IBRS-IBPB-STIBP.patch
5a5e459c-1-x86-SVM-offer-CPUID-faulting-to-AMD-HVM-guests.patch
5a5e459c-2-x86-report-domain-id-on-CPUID.patch
5a68bc16-x86-acpi-process-softirqs-logging-Cx.patch
5a69c0b9-x86-fix-GET_STACK_END.patch
5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch
5a6b36cd-2-x86-msr-emulation-of-SPEC_CTRL-PRED_CMD.patch
5a6b36cd-3-x86-migrate-MSR_SPEC_CTRL.patch
5a6b36cd-4-x86-hvm-permit-direct-access-to-SPEC_CTRL-PRED_CMD.patch
5a6b36cd-5-x86-use-SPEC_CTRL-on-entry.patch
5a6b36cd-6-x86-clobber-RSB-RAS-on-entry.patch
5a6b36cd-7-x86-no-alternatives-in-NMI-MC-paths.patch
5a6b36cd-8-x86-boot-calculate-best-BTI-mitigation.patch
5a6b36cd-9-x86-issue-speculation-barrier.patch
5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch
5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch�- Fix python3 deprecated atoi call (bsc#1067224)
pygrub-python3-conversion.patch
- Drop xenmon-python3-conversion.patch�- bsc#1067317 - pass cache=writeback|unsafe|directsync to qemu,
depending on the libxl disk settings
libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch�- Remove libxl.LIBXL_DESTROY_TIMEOUT.debug.patch�- bsc#1067224 - xen-tools have hard dependency on Python 2
build-python3-conversion.patch
bin-python3-conversion.patch�- bsc#1070165 - xen crashes after aborted localhost migration
5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch
- bsc#1035442 - L3: libxl: error: libxl.c:1676:devices_destroy_cb:
libxl__devices_destroy failed
5a33a12f-domctl-improve-locking-during-domain-destruction.patch
- Upstream patches from Jan (bsc#1027519)
5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch
5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch
5a313972-x86-microcode-add-support-for-AMD-Fam17.patch
5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch�- Update to Xen 4.10.0 FCS (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2�- Rebuild initrd if xen-tools-domU is updated�- Update to Xen 4.10.0-rc8 (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2�- Increase the value of LIBXL_DESTROY_TIMEOUT from 10 to 100 seconds
If many domUs shutdown in parallel the backends can not keep up
Add some debug output to track how long backend shutdown takes (bsc#1035442)
libxl.LIBXL_DESTROY_TIMEOUT.patch
libxl.LIBXL_DESTROY_TIMEOUT.debug.patch�- Adjust xenstore-run-in-studomain.patch to change the defaults
in the code instead of changing the sysconfig template, to also
cover the upgrade case�- Update to Xen 4.10.0-rc6 (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2�- Since xen switched to Kconfig, building a debug hypervisor
was done by default. Adjust make logic to build a non-debug
hypervisor by default, and continue to provide one as xen-dbg.gz�- fate#316614: set migration constraints from cmdline
fix libxl.set-migration-constraints-from-cmdline.patch for xen-4.10�- Document the suse-diskcache-disable-flush option in
xl-disk-configuration(5) (bsc#879425,bsc#1067317)�- Replace references to /var/adm/fillup-templates with new
%_fillupdir macro (boo#1069468)�- Update to Xen 4.10.0-rc5 (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2
- fate#323663 - Run Xenstore in stubdomain
xenstore-run-in-studomain.patch�- bsc#1067224 - xen-tools have hard dependency on Python 2
pygrub-python3-conversion.patch
xenmon-python3-conversion.patch
migration-python3-conversion.patch
xnloader.py
xen2libvirt.py�- Remove xendriverdomain.service (bsc#1065185)
Driver domains must be configured manually with custom .service file�- Update to Xen 4.10.0-rc3 (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2
- Drop 59f31268-libxc-remove-stale-error-check-for-domain-size.patch�- Adjust xen-dom0-modules.service to ignore errors (bsc#1065187)�- fate#324052 Support migration of Xen HVM domains larger than 1TB
59f31268-libxc-remove-stale-error-check-for-domain-size.patch�- Update to Xen 4.10.0-rc2 (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2�- Update to Xen 4.10.0-rc1 (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2
- Drop patches included in new tarball
592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch
596f257e-x86-fix-hvmemul_insn_fetch.patch
5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch
598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch
598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch
5992f1e5-x86-grant-disallow-misaligned-PTEs.patch
5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch
5992f233-gnttab-correct-pin-status-fixup-for-copy.patch
59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch
59958ebf-gnttab-fix-transitive-grant-handling.patch
59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch
599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch
59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch
59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch
59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch
59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch
59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch
59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch
59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch
59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch
59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch
59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch
59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch
59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch
gcc7-arm.patch
gcc7-mini-os.patch�- bsc#1061084 - VUL-0: xen: page type reference leak on x86
(XSA-242)
xsa242.patch
- bsc#1061086 - VUL-0: xen: x86: Incorrect handling of self-linear
shadow mappings with translated guests (XSA-243)
xsa243.patch
- bsc#1061087 - VUL-0: xen: x86: Incorrect handling of IST settings
during CPU hotplug (XSA-244)
xsa244.patch�- bsc#1061077 - VUL-0: xen: DMOP map/unmap missing argument checks
(XSA-238)
xsa238.patch
- bsc#1061080 - VUL-0: xen: hypervisor stack leak in x86 I/O
intercept code (XSA-239)
xsa239.patch
- bsc#1061081 - VUL-0: xen: Unlimited recursion in linear pagetable
de-typing (XSA-240)
xsa240-1.patch
xsa240-2.patch
- bsc#1061082 - VUL-0: xen: Stale TLB entry due to page type
release race (XSA-241)
xsa241.patch�- bsc#1061075 - VUL-0: xen: pin count / page reference race in
grant table code (XSA-236)
xsa236.patch
- bsc#1061076 - VUL-0: xen: multiple MSI mapping issues on x86
(XSA-237)
xsa237-1.patch
xsa237-2.patch
xsa237-3.patch
xsa237-4.patch
xsa237-5.patch�- bsc#1056278 - VUL-0: xen: Missing NUMA node parameter
verification (XSA-231)
59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch
- bsc#1056280 - VUL-0: xen: Missing check for grant table (XSA-232)
59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch
- bsc#1056281 - VUL-0: xen: cxenstored: Race in domain cleanup
(XSA-233)
59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch
- bsc#1056282 - VUL-0: xen: insufficient grant unmapping checks for
x86 PV guests (XSA-234)
59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch
- bsc#1055321 - VUL-0: xen: add-to-physmap error paths fail to
release lock on ARM (XSA-235)
599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch
- Upstream patches from Jan (bsc#1027519)
59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch
59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch
59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch
59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch
59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch
59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch
59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch
59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch
- Dropped gcc7-xen.patch�- bsc#1057358 - Cannot Boot into SLES12.3 with Xen hypervisor when
Secure Boot is Enabled
xen.spec�- bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored
update from v6 to v9 to cover more cases for ballooned domUs
libxc.sr.superpage.patch�- bsc#1026236 - remove suse_vtsc_tolerance= cmdline option for Xen
drop the patch because it is not upstream acceptable
remove xen.suse_vtsc_tolerance.patch�- bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored
after the save using xl stack
libxc.sr.superpage.patch�- Unignore gcc-PIE
the toolstack disables PIE for firmware builds as needed�- Upstream patches from Jan (bsc#1027519)
592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch
596f257e-x86-fix-hvmemul_insn_fetch.patch
5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch
598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch
598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch
5992f1e5-x86-grant-disallow-misaligned-PTEs.patch (Replaces xsa227.patch)
5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch (Replaces xsa228.patch)
5992f233-gnttab-correct-pin-status-fixup-for-copy.patch (Replaces xsa230.patch)
59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch (Replaces xsa226-1.patch)
59958ebf-gnttab-fix-transitive-grant-handling.patch (Replaces xsa226-2.patch)
59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch�- bsc#1044974 - xen-tools require python-pam
xen.spec�- Clean up spec file errors and a few warnings. (bsc#1027519)
- Removed conditional 'with_systemd' and some old deprecated
'sles_version' checks.
xen.spec�- Remove use of brctl utiltiy from supportconfig plugin
FATE#323639�- Use upstream variant of mini-os __udivmoddi4 change
gcc7-mini-os.patch�- fate#323639 Move bridge-utils to legacy
replace-obsolete-network-configuration-commands-in-s.patch�- bsc#1052686 - VUL-0: xen: grant_table: possibly premature
clearing of GTF_writing / GTF_reading (XSA-230)
xsa230.patch�- bsc#1035231 - migration of HVM domU does not use superpages
on destination dom0
libxc.sr.superpage.patch�- bsc#1051787 - VUL-0: CVE-2017-12135: xen: possibly unbounded
recursion in grant table code (XSA-226)
xsa226-1.patch
xsa226-2.patch
- bsc#1051788 - VUL-0: CVE-2017-12137: xen: x86: PV privilege
escalation via map_grant_ref (XSA-227)
xsa227.patch
- bsc#1051789 - VUL-0: CVE-2017-12136: xen: grant_table: Race
conditions with maptrack free list handling (XSA-228)
xsa228.patch�- Add a supportconfig plugin
xen-supportconfig
FATE#323661�- bsc#1026236 - add suse_vtsc_tolerance= cmdline option for Xen
To avoid emulation of TSC access from a domU after live migration
add a global tolerance for the measured host kHz
xen.suse_vtsc_tolerance.patch�- fate#323662 Drop qemu-dm from xen-tools package
The following tarball and patches have been removed
qemu-xen-traditional-dir-remote.tar.bz2
VNC-Support-for-ExtendedKeyEvent-client-message.patch
0001-net-move-the-tap-buffer-into-TAPState.patch
0002-net-increase-tap-buffer-size.patch
0003-e1000-fix-access-4-bytes-beyond-buffer-end.patch
0004-e1000-secrc-support.patch
0005-e1000-multi-buffer-packet-support.patch
0006-e1000-clear-EOP-for-multi-buffer-descriptors.patch
0007-e1000-verify-we-have-buffers-upfront.patch
0008-e1000-check-buffer-availability.patch
CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch
CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch
CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch
CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch
CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch
CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch
CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch
CVE-2015-4037-qemut-smb-config-dir-name.patch
CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch
CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch
CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch
CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch
CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch
CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch
CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch
CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch
CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch
CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch
CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch
CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch
CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch
CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch
CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch
CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch
CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch
CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch
CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch
CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch
CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch
CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch
blktap.patch
cdrom-removable.patch
xen-qemu-iscsi-fix.patch
qemu-security-etch1.patch
xen-disable-qemu-monitor.patch
xen-hvm-default-bridge.patch
qemu-ifup-set-mtu.patch
ioemu-vnc-resize.patch
capslock_enable.patch
altgr_2.patch
log-guest-console.patch
bdrv_open2_fix_flags.patch
bdrv_open2_flags_2.patch
ioemu-7615-qcow2-fix-alloc_cluster_link_l2.patch
qemu-dm-segfault.patch
bdrv_default_rwflag.patch
kernel-boot-hvm.patch
ioemu-watchdog-support.patch
ioemu-watchdog-linkage.patch
ioemu-watchdog-ib700-timer.patch
ioemu-hvm-pv-support.patch
pvdrv_emulation_control.patch
ioemu-disable-scsi.patch
ioemu-disable-emulated-ide-if-pv.patch
xenpaging.qemu.flush-cache.patch
ioemu-devicemodel-include.patch
- Cleanup spec file and remove unused KMP patches
kmp_filelist
supported_module.patch
xen_pvonhvm.xen_emul_unplug.patch�- bsc#1002573 - Optimize LVM functions in block-dmmd
block-dmmd�- Record initial Xen dmesg in /var/log/xen/xen-boot.log for
supportconfig. Keep previous log in /var/log/xen/xen-boot.prev.log�- Remove storytelling from description in xen.rpm�- Update to Xen 4.9.0 FCS (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2�- Update block-dmmd script (bsc#1002573)
block-dmmd�- Update to Xen 4.9.0-rc8+ (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2
gcc7-arm.patch
- Drop gcc7-error-xenpmd.patch�- Update to Xen 4.9.0-rc8 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2�- bsc#1042160 - VUL-1: CVE-2017-9330: xen: usb: ohci: infinite loop
due to incorrect return value
CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch�- bsc#1037243 - VUL-1: CVE-2017-8309: xen: audio: host memory
leakage via capture buffer
CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch�- Update to Xen 4.9.0-rc7 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2�- Update to Xen 4.9.0-rc6 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2�- bsc#1031343 - xen fails to build with GCC 7
gcc7-mini-os.patch
gcc7-xen.patch�- bsc#1031343 - xen fails to build with GCC 7
gcc7-error-xenpmd.patch�- Update to Xen 4.9.0-rc5 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2
- Drop xen-tools-pkgconfig-xenlight.patch�- bsc#1037779 - xen breaks kexec-tools build
xen-tools-pkgconfig-xenlight.patch�- Update to Xen 4.9.0-rc4 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2�- bsc#1036146 - sles12sp2 xen VM dumps core to wrong path
xen.spec�- Update to Xen 4.9.0-rc3 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2
aarch64-maybe-uninitialized.patch�- Update to Xen 4.9.0-rc2 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2�- Update to Xen 4.9.0-rc1 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2
ioemu-devicemodel-include.patch
- Dropped patches contained in new tarball
xen-4.8.0-testing-src.tar.bz2
0001-xenstore-let-write_node-and-some-callers-return-errn.patch
0002-xenstore-undo-function-rename.patch
0003-xenstore-rework-of-transaction-handling.patch
584806ce-x86emul-correct-PUSHF-POPF.patch
584fc649-fix-determining-when-domain-creation-is-complete.patch
58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch
58510cac-x86emul-MOVNTI-no-REP-prefixes.patch
58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch
5853ed37-VT-d-correct-dma_msi_set_affinity.patch
5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch
58580060-x86-emul-correct-SYSCALL-eflags-handling.patch
585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch
585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch
585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch
586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch
587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch
587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch
5882129d-x86emul-LOCK-check-adjustments.patch
58821300-x86-segment-attribute-handling.patch
58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch
58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch
5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch
5887888f-credit2-never-consider-CPUs-outside-of-pool.patch
5887888f-credit2-use-the-correct-scratch-cpumask.patch
5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch
5899cbd9-EPT-allow-wrcomb-MMIO-mappings-again.patch
589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch
58a44771-IOMMU-always-call-teardown-callback.patch
58a48ccc-x86-fix-p2m_flush_table-for-non-nested.patch
58a59f4b-libxl-correct-xenstore-entry-for-empty-cdrom.patch
58a70d94-VMX-fix-VMCS-race-on-cswitch-paths.patch
58ac1f3f-VMX-dont-leak-host-syscall-MSRs.patch
58b5a2de-x86-correct-Xens-idea-of-its-memory-layout.patch
58b6fd42-credit2-always-mark-a-tickled-pCPU-as-tickled.patch
58b6fd42-credit2-dont-miss-accounting-during-credit-reset.patch
58cbf682-x86-EFI-avoid-overrunning-mb_modules.patch
58cf9200-x86-EFI-avoid-IOMMU-faults-on-tail-gap.patch
58cf9260-x86-EFI-avoid-Xen-when-looking-for-mod-kexec-pos.patch
58cf9277-x86-time-dont-use-vTSC-if-host-guest-freqs-match.patch
58d25ea2-xenstore-add-missing-checks-for-allocation-failure.patch
58d91365-sched-dont-call-wrong-hook-via-VCPU2OP.patch
CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch
CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch
glibc-2.25-compatibility-fix.patch
xs-09-add_change_node-params.patch
xs-10-call-add_change_node.patch
xs-11-tdb-record-header.patch
xs-12-node-gen-count.patch
xs-13-read-directory-part-support.patch
xs-14-command-array.patch
xs-15-command-return-val.patch
xs-16-function-static.patch
xs-17-arg-parsing.patch
xs-18-default-buffer.patch
xs-19-handle-alloc-failures.patch
xs-20-tdb-version.patch
xs-21-empty-tdb-database.patch
xs-22-reopen_log-fix.patch
xs-23-XS_DEBUG-rename.patch
xs-24-xenstored_control.patch
xs-25-control-enhance.patch
xs-26-log-control.patch
xs-27-memory-report.patch
xs-28-remove-talloc-report.patch
xs-29-define-off_t.patch
xsa206-0001-xenstored-apply-a-write-transaction-rate-limit.patch
xsa206-0002-xenstored-Log-when-the-write-transaction-rate-limit.patch�- bsc#1022703 - Xen HVM guest with OVMF hangs with unattached CDRom
58a59f4b-libxl-correct-xenstore-entry-for-empty-cdrom.patch�- bsc#1015348 - L3: libvirtd does not start during boot
suse-xendomains-service.patch�- bsc#1014136 - Partner-L3: kdump can't dump a kernel on SLES12-SP2
with Xen hypervisor.
58cf9260-x86-EFI-avoid-Xen-when-looking-for-mod-kexec-pos.patch
- bsc#1026236 - L3: Paravirtualized vs. fully virtualized migration
- latter one much faster
58cf9277-x86-time-dont-use-vTSC-if-host-guest-freqs-match.patch
- Upstream patch from Jan
58cbf682-x86-EFI-avoid-overrunning-mb_modules.patch
58cf9200-x86-EFI-avoid-IOMMU-faults-on-tail-gap.patch
58d91365-sched-dont-call-wrong-hook-via-VCPU2OP.patch�- bsc#1022555 - L3: Timeout in "execution of /etc/xen/scripts/block
add"
58d25ea2-xenstore-add-missing-checks-for-allocation-failure.patch
0001-xenstore-let-write_node-and-some-callers-return-errn.patch
0002-xenstore-undo-function-rename.patch
0003-xenstore-rework-of-transaction-handling.patch
- bsc#1030144 - VUL-0: xen: xenstore denial of service via repeated
update (XSA-206)
xsa206-0001-xenstored-apply-a-write-transaction-rate-limit.patch
xsa206-0002-xenstored-Log-when-the-write-transaction-rate-limit.patch
- bsc#1029827 - Forward port xenstored
xs-09-add_change_node-params.patch
xs-10-call-add_change_node.patch
xs-11-tdb-record-header.patch
xs-12-node-gen-count.patch
xs-13-read-directory-part-support.patch
xs-14-command-array.patch
xs-15-command-return-val.patch
xs-16-function-static.patch
xs-17-arg-parsing.patch
xs-18-default-buffer.patch
xs-19-handle-alloc-failures.patch
xs-20-tdb-version.patch
xs-21-empty-tdb-database.patch
xs-22-reopen_log-fix.patch
xs-23-XS_DEBUG-rename.patch
xs-24-xenstored_control.patch
xs-25-control-enhance.patch
xs-26-log-control.patch
xs-27-memory-report.patch
xs-28-remove-talloc-report.patch
xs-29-define-off_t.patch�- bsc#1029128 - fix make xen to really produce xen.efi with gcc48�- bsc#1028235 - VUL-0: CVE-2017-6505: xen: qemu: usb: an infinite
loop issue in ohci_service_ed_list
CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch
- Upstream patches from Jan (bsc#1027519)
5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch
5887888f-credit2-use-the-correct-scratch-cpumask.patch
5899cbd9-EPT-allow-wrcomb-MMIO-mappings-again.patch
589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch
58a44771-IOMMU-always-call-teardown-callback.patch
58a48ccc-x86-fix-p2m_flush_table-for-non-nested.patch
58a70d94-VMX-fix-VMCS-race-on-cswitch-paths.patch
58ac1f3f-VMX-dont-leak-host-syscall-MSRs.patch
58b5a2de-x86-correct-Xens-idea-of-its-memory-layout.patch
58b6fd42-credit2-always-mark-a-tickled-pCPU-as-tickled.patch
58b6fd42-credit2-dont-miss-accounting-during-credit-reset.patch�- bsc#1027654 - XEN fails to build against glibc 2.25
glibc-2.25-compatibility-fix.patch
libxl.pvscsi.patch�- fate#316613: Refresh and enable libxl.pvscsi.patch�- bsc#1024834 - VUL-0: CVE-2017-2620: xen: cirrus_bitblt_cputovideo
does not check if memory region is safe (XSA-209)
CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch�- bsc#1023948 - [pvusb][sles12sp3][openqa] Segmentation fault
happened when adding usbctrl devices via xl
589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch�- Upstream patches from Jan (bsc#1027519)
587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch
587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch
5882129d-x86emul-LOCK-check-adjustments.patch
58821300-x86-segment-attribute-handling.patch
58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch
58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch
5887888f-credit2-use-the-correct-scratch-cpumask.patch
5887888f-credit2-never-consider-CPUs-outside-of-pool.patch
5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch
5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch�- bsc#1023004 - VUL-0: CVE-2017-2615: qemu: display: cirrus: oob
access while doing bitblt copy backward mode
CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch�- fate#322313 and fate#322150 require the acpica package ported to
aarch64 which Xen 4.8 needs to build. Temporarily disable aarch64
until these fates are complete.
xen.spec�- bsc#1021952 - Virutalization/xen: Bug xen-tools missing
/usr/bin/domu-xenstore; guests fail to launch
tmp_build.patch
xen.spec�- No systemd presets for 42.3+ and SLE12SP3+ (bsc#1012842)�- bsc#1007224 - broken symlinks in /usr/share/doc/packages/xen/misc/
xen.spec�- 585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch
Replaces xsa202.patch (bsc#1014298)
- 585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch
Replaces xsa203.patch (bsc#1014300)
- 58580060-x86-emul-correct-SYSCALL-eflags-handling.patch
Replaces xsa204.patch (bsc#1016340)
- Upstream patches from Jan
58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch
5853ed37-VT-d-correct-dma_msi_set_affinity.patch
5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch
585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch
586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch�- bsc#1015169 - VUL-0: CVE-2016-9921, CVE-2016-9922: xen: qemu:
display: cirrus_vga: a divide by zero in cirrus_do_copy
CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch�- bsc#1016340 - VUL-0: CVE-2016-10013: xen: x86: Mishandling of
SYSCALL singlestep during emulation (XSA-204)
xsa204.patch�- bsc#1012651 - VUL-0: CVE-2016-9932: xen: x86 CMPXCHG8B emulation
fails to ignore operand size override (XSA-200)
58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch�- bsc#1014298 - VUL-0: CVE-2016-10024: xen: x86 PV guests may be
able to mask interrupts (XSA-202)
xsa202.patch
- bsc#1014300 - VUL-0: CVE-2016-10025: xen: x86: missing NULL
pointer check in VMFUNC emulation (XSA-203)
xsa203.patch
- Upstream patches from Jan
584806ce-x86emul-correct-PUSHF-POPF.patch
584fc649-fix-determining-when-domain-creation-is-complete.patch
58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch
58510cac-x86emul-MOVNTI-no-REP-prefixes.patch�- Update to Xen 4.8 FCS
xen-4.8.0-testing-src.tar.bz2
- Dropped
xen-4.7.1-testing-src.tar.bz2
0001-libxc-Rework-extra-module-initialisation.patch
0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch
0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch
0004-firmware-makefile-install-BIOS-blob.patch
0005-libxl-Load-guest-BIOS-from-file.patch
0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch
0007-hvmloader-Grab-the-hvm_start_info-pointer.patch
0008-hvmloader-Locate-the-BIOS-blob.patch
0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch
0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch
0011-hvmloader-Load-OVMF-from-modules.patch
0012-hvmloader-Specific-bios_load-function-required.patch
0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch
0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch
57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch
576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch
5769106e-x86-generate-assembler-equates-for-synthesized.patch
57a1e603-x86-time-adjust-local-system-time-initialization.patch
57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch
57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch
57a30261-x86-support-newer-Intel-CPU-models.patch
5810a9cc-x86-emul-Correct-decoding-of-SReg3-operands.patch
581b2c3b-x86-emul-reject-LGDT-LIDT-with-non-canonical-addresses.patch
581b647a-x86emul-L-S-G-I-DT-ignore-opsz-overrides-in-64-bit-mode.patch
58249392-x86-svm-dont-clobber-eax-edx-if-RDMSR-intercept-fails.patch
582c35d6-x86-vmx-correct-long-mode-check-in-vmx_cpuid_intercept.patch
582c35ee-x86-traps-dont-call-hvm_hypervisor_cpuid_leaf-for-PV.patch
58343dc2-x86-hvm-Fix-the-handling-of-non-present-segments.patch
58343df8-x86-HVM-dont-load-LDTR-with-VM86-mode-attrs-during-task-switch.patch
58343e24-x86-PV-writes-of-fs-and-gs-base-MSRs-require-canonical-addresses.patch
58343e9e-libelf-fix-stack-memory-leak-when-loading-32-bit-symbol-tables.patch
58343ec2-x86emul-fix-huge-bit-offset-handling.patch
58343f29-x86-emul-correct-the-IDT-entry-calculation-in-inject_swint.patch
58343f44-x86-svm-fix-injection-of-software-interrupts.patch
58343f79-pygrub-Properly-quote-results-when-returning-them-to-the-caller.patch
CVE-2016-9381-xsa197-qemut.patch
CVE-2016-9637-xsa199-qemut.patch�- bsc#1011652 - VUL-0: xen: qemu ioport array overflow
CVE-2016-9637-xsa199-qemut.patch�- bsc#1009100 - VUL-0: CVE-2016-9386: XSA-191: xen: x86 null
segments not always treated as unusable
58343dc2-x86-hvm-Fix-the-handling-of-non-present-segments.patch
- bsc#1009103 - VUL-0: CVE-2016-9382: XSA-192: xen: x86 task switch
to VM86 mode mis-handled
58343df8-x86-HVM-dont-load-LDTR-with-VM86-mode-attrs-during-task-switch.patch
- bsc#1009104 - VUL-0: CVE-2016-9385: XSA-193: xen: x86 segment base
write emulation lacking canonical address checks
58343e24-x86-PV-writes-of-fs-and-gs-base-MSRs-require-canonical-addresses.patch
- bsc#1009105 - VUL-0: CVE-2016-9384: XSA-194: xen: guest 32-bit
ELF symbol table load leaking host data
58343e9e-libelf-fix-stack-memory-leak-when-loading-32-bit-symbol-tables.patch
- bsc#1009107 - VUL-0: CVE-2016-9383: XSA-195: xen: x86 64-bit bit
test instruction emulation broken
58343ec2-x86emul-fix-huge-bit-offset-handling.patch
- bsc#1009108 - VUL-0: CVE-2016-9377,CVE-2016-9378: XSA-196: xen:
x86 software interrupt injection mis-handled
58343f29-x86-emul-correct-the-IDT-entry-calculation-in-inject_swint.patch
58343f44-x86-svm-fix-injection-of-software-interrupts.patch
- bsc#1009109 - VUL-0: CVE-2016-9381: XSA-197: xen: qemu incautious
about shared ring processing
CVE-2016-9381-xsa197-qemut.patch
- bsc#1009111 - VUL-0: CVE-2016-9379,CVE-2016-9380: XSA-198: xen:
delimiter injection vulnerabilities in pygrub
58343f79-pygrub-Properly-quote-results-when-returning-them-to-the-caller.patch
- Upstream patches from Jan
581b2c3b-x86-emul-reject-LGDT-LIDT-with-non-canonical-addresses.patch
581b647a-x86emul-L-S-G-I-DT-ignore-opsz-overrides-in-64-bit-mode.patch
58249392-x86-svm-dont-clobber-eax-edx-if-RDMSR-intercept-fails.patch
582c35d6-x86-vmx-correct-long-mode-check-in-vmx_cpuid_intercept.patch
582c35ee-x86-traps-dont-call-hvm_hypervisor_cpuid_leaf-for-PV.patch�- Update to Xen Version 4.7.1
xen-4.7.1-testing-src.tar.bz2
- Dropped patches contained in new tarball
xen-4.7.0-testing-src.tar.bz2
575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch
57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch
57973099-have-schedulers-revise-initial-placement.patch
579730e6-remove-buggy-initial-placement-algorithm.patch
57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch
57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch
57ac6316-don-t-restrict-DMA-heap-to-node-0.patch
57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch
57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch
57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch
57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch
57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch
57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch
57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch
57c82be2-x86-32on64-adjust-call-gate-emulation.patch
57c93e52-fix-error-in-libxl_device_usbdev_list.patch
57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch
57c96e2c-x86-correct-PT_NOTE-file-position.patch
57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch
57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch
57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch
57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch
57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch
57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch
57d7ca5f-x86-domctl-fix-TOCTOU-race-in-XEN_DOMCTL_getvcpuextstate.patch
57d7ca64-x86-domctl-fix-migration-of-guests-not-using-xsave.patch
57da8883-credit1-fix-mask-to-be-used-for-tickling.patch
57da8883-credit2-properly-schedule-migration-of-running-vcpu.patch
57dfb1c5-x86-Intel-hide-CPUID-faulting-capability-from-guests.patch
57e93e1d-x86emul-correct-loading-of-ss.patch
57e93e4a-x86emul-don-t-allow-null-selector-for-LTR.patch
57e93e89-x86-AMD-apply-erratum-665-workaround.patch
57ee6cbc-credit1-return-time-remaining-to-limit-as-next-timeslice.patch
57f3a8ee-x86emul-honor-guest-CR0-TS-and-CR0-EM.patch
57fb6a91-x86-defer-not-present-segment-checks.patch
5800c51d-x86-hvm-Clobber-cs-L-when-LME-becomes-set.patch
5800caec-x86emul-fix-pushing-of-selector-registers.patch
5800cb06-x86-Viridian-don-t-depend-on-undefined-register-state.patch
580e29f9-x86-MISALIGNSSE-feature-depends-on-SSE.patch
57dfb2ff-x86-Intel-Broadwell-no-PKG_C8-10_RESIDENCY-MSRs.patch�- bsc#1004981 - Xen RPM doesn't contain debug hypervisor for EFI
systems
xen.spec�- bsc#1000106 - VUL-0: CVE-2016-7777: xen: CR0.TS and CR0.EM not
always honored for x86 HVM guests (XSA-190)
57f3a8ee-x86emul-honor-guest-CR0-TS-and-CR0-EM.patch
- bsc#996191 - [XEN][acpi]residency -n 88 -c will cause xen panic
on broadwell-ep
57dfb2ff-x86-Intel-Broadwell-no-PKG_C8-10_RESIDENCY-MSRs.patch
- Upstream patches from Jan
57d7ca5f-x86-domctl-fix-TOCTOU-race-in-XEN_DOMCTL_getvcpuextstate.patch
57d7ca64-x86-domctl-fix-migration-of-guests-not-using-xsave.patch
57da8883-credit1-fix-mask-to-be-used-for-tickling.patch
57da8883-credit2-properly-schedule-migration-of-running-vcpu.patch
57dfb1c5-x86-Intel-hide-CPUID-faulting-capability-from-guests.patch
57e93e1d-x86emul-correct-loading-of-ss.patch
57e93e4a-x86emul-don-t-allow-null-selector-for-LTR.patch
57e93e89-x86-AMD-apply-erratum-665-workaround.patch
57ee6cbc-credit1-return-time-remaining-to-limit-as-next-timeslice.patch
57fb6a91-x86-defer-not-present-segment-checks.patch
5800c51d-x86-hvm-Clobber-cs-L-when-LME-becomes-set.patch
5800caec-x86emul-fix-pushing-of-selector-registers.patch
5800cb06-x86-Viridian-don-t-depend-on-undefined-register-state.patch
580e29f9-x86-MISALIGNSSE-feature-depends-on-SSE.patch
5810a9cc-x86-emul-Correct-decoding-of-SReg3-operands.patch�- bsc#1007941 - Xen tools limit the number of vcpus to 256 when the
system has 384
xen-arch-kconfig-nr_cpus.patch�- bsc#1007157 - VUL-0: CVE-2016-8910: xen: net: rtl8139: infinite
loop while transmit in C+ mode
CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch�- bsc#1005004 - CVE-2016-8667: xen: dma: rc4030 divide by zero
error in set_next_tick
CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch
- bsc#1005005 - VUL-0: CVE-2016-8669: xen: char: divide by zero
error in serial_update_parameters
CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch�- bsc#1003030 - VUL-0: CVE-2016-7908: xen: net: Infinite loop in
mcf_fec_do_tx
CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch
- bsc#1003032 - VUL-0: CVE-2016-7909: xen: net: pcnet: infinite
loop in pcnet_rdra_addr
CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch�- bsc#995785 - VUL-0: CVE-2016-7092: xen: x86: Disallow L3
recursive pagetable for 32-bit PV guests (XSA-185)
57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch
- bsc#995789 - VUL-0: CVE-2016-7093: xen: x86: Mishandling of
instruction pointer truncation during emulation (XSA-186)
57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch
57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch
- bsc#995792 - VUL-0: CVE-2016-7094: xen: x86 HVM: Overflow of
sh_ctxt->seg_reg[] (XSA-187)
57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch
57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch
- bsc#991934 - xen hypervisor crash in csched_acct
57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch
- Upstream patches from Jan
57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch
57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch
57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch
57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch
57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch
57c82be2-x86-32on64-adjust-call-gate-emulation.patch
57c96e2c-x86-correct-PT_NOTE-file-position.patch
57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch�- bsc#979002 - add 60-persistent-xvd.rules and helper script
also to initrd, add the relevant dracut helper�- bnc#953518 - unplug also SCSI disks in qemu-xen-traditional for
upstream unplug protocol�- bsc#989679 - [pvusb feature] USB device not found when
'virsh detach-device guest usb.xml'
57c93e52-fix-error-in-libxl_device_usbdev_list.patch�- bsc#992224 - [HPS Bug] During boot of Xen Hypervisor, Failed to
get contiguous memory for DMA from Xen
57ac6316-don-t-restrict-DMA-heap-to-node-0.patch
- bsc#978755 - xen uefi systems fail to boot
- bsc#983697 - SLES12 SP2 Xen UEFI mode cannot boot
57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch
- Upstream patch from Jan
57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch�- spec: to stay compatible with the in-tree qemu-xen binary, use
/usr/bin/qemu-system-i386 instead of /usr/bin/qemu-system-x86_64
bsc#986164�- bsc#970135 - new virtualization project clock test randomly fails
on Xen
576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch
5769106e-x86-generate-assembler-equates-for-synthesized.patch
57a1e603-x86-time-adjust-local-system-time-initialization.patch
57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch
57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch
- bsc#991934 - xen hypervisor crash in csched_acct
57973099-have-schedulers-revise-initial-placement.patch
579730e6-remove-buggy-initial-placement-algorithm.patch
- bsc#988675 - VUL-0: CVE-2016-6258: xen: x86: Privilege escalation
in PV guests (XSA-182)
57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch
- bsc#988676 - VUL-0: CVE-2016-6259: xen: x86: Missing SMAP
whitelisting in 32-bit exception / event delivery (XSA-183)
57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch
- Upstream patches from Jan
57a30261-x86-support-newer-Intel-CPU-models.patch�- bsc#985503 - vif-route broken
vif-route.patch�- bsc#978413 - PV guest upgrade from sles11sp4 to sles12sp2 alpha3
failed on sles11sp4 xen host.
pygrub-handle-one-line-menu-entries.patch�- bsc#990843 - VUL-1: CVE-2016-6351: xen: qemu: scsi: esp: OOB
write access in esp_do_dma
CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch�- bsc#900418 - Dump cannot be performed on SLES12 XEN
57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch
- Upstream patches from Jan
575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch
57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch�- fate#319989 - Update to Xen 4.7 FCS
xen-4.7.0-testing-src.tar.bz2
- Drop CVE-2014-3672-qemut-xsa180.patch�- bsc#954872 - script block-dmmd not working as expected - libxl:
error: libxl_dm.c (Additional fixes)
block-dmmd�- Convert with_stubdom into build_conditional to allow adjusting
via prjconf
- Convert with_debug into build_conditional to allow adjusting
via prjconf�- bsc#979002 - add 60-persistent-xvd.rules and helper script to
xen-tools-domU to simplify transition to pvops based kernels�- Convert with_oxenstored into build_conditional to allow
adjusting via prjconf (fate#320836)�- bsc#983984 - VUL-0: CVE-2016-5338: xen: qemu: scsi: esp: OOB r/w
access while processing ESP_FIFO
CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch
- bsc#982960 - VUL-0: CVE-2016-5238: xen: qemu: scsi: esp: OOB
write when using non-DMA mode in get_cmd
CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch�- fate#319989 - Update to Xen 4.7 RC5
xen-4.7.0-testing-src.tar.bz2�- fate#319989 - Update to Xen 4.7 RC4
xen-4.7.0-testing-src.tar.bz2
- Dropped
xen.pkgconfig-4.7.patch
xsa164.patch�- bsc#981264 - VUL-0: CVE-2014-3672: xen: Unrestricted qemu logging
(XSA-180)
CVE-2014-3672-qemut-xsa180.patch�- bsc#980724 - VUL-0: CVE-2016-4441: Qemu: scsi: esp: OOB write
while writing to 's->cmdbuf' in get_cmd
CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch
- bsc#980716 - VUL-0: CVE-2016-4439: xen: scsi: esp: OOB write
while writing to 's->cmdbuf' in esp_reg_write
CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch�- fate#319989 - Update to Xen 4.7 RC3
xen-4.7.0-testing-src.tar.bz2
- Dropped
libxl-remove-cdrom-cachemode.patch
x86-PoD-only-reclaim-if-needed.patch
gcc6-warnings-as-errors.patch�- bsc#954872 - script block-dmmd not working as expected - libxl:
error: libxl_dm.c (another modification)
block-dmmd�- fate#319989 - Update to Xen 4.7 RC2
xen-4.7.0-testing-src.tar.bz2�- bsc#961600 - L3: poor performance when Xen HVM domU configured
with max memory > current memory
x86-PoD-only-reclaim-if-needed.patch�- Mark SONAMEs and pkgconfig as xen 4.7
xen.pkgconfig-4.7.patch�- bsc#977329 - Xen: Cannot boot HVM guests with empty cdrom
libxl-remove-cdrom-cachemode.patch�- fate#319989 - Update to Xen 4.7 RC1
xen-4.7.0-testing-src.tar.bz2�- fate#316614: set migration constraints from cmdline
restore libxl.set-migration-constraints-from-cmdline.patch�- Remove obsolete patch for xen-kmp
magic_ioport_compat.patch�- fate#316613: update to v12
libxl.pvscsi.patch�- Update to the latest Xen 4.7 pre-release c2994f86
Drop libxl.migrate-legacy-stream-read.patch�- bnc#972756 - Can't migrate HVM guest from SLES12SP1 Xen host
to SLES12SP2 Alpha 1 host using xl migrate
libxl.migrate-legacy-stream-read.patch�- Add patches from proposed upstream series to load BIOS's from
the toolstack instead of embedding in hvmloader
http://lists.xenproject.org/archives/html/xen-devel/2016-03/msg01626.html
0001-libxc-Rework-extra-module-initialisation.patch,
0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch,
0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch,
0004-firmware-makefile-install-BIOS-blob.patch,
0005-libxl-Load-guest-BIOS-from-file.patch,
0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch,
0007-hvmloader-Grab-the-hvm_start_info-pointer.patch,
0008-hvmloader-Locate-the-BIOS-blob.patch,
0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch,
0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch,
0011-hvmloader-Load-OVMF-from-modules.patch,
0012-hvmloader-Specific-bios_load-function-required.patch,
0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch,
0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch
- Enable support for UEFI on x86_64 using the ovmf-x86_64-ms.bin
firmware from qemu-ovmf-x86_64. The firmware is preloaded with
Microsoft keys to more closely resemble firmware on real hardware
FATE#320490�- fate#319989: Update to Xen 4.7 (pre-release)
xen-4.7.0-testing-src.tar.bz2
- Dropped:
xen-4.6.1-testing-src.tar.bz2
55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch
5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch
5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch
5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch
hotplug-Linux-block-performance-fix.patch
set-mtu-from-bridge-for-tap-interface.patch
xendomains-libvirtd-conflict.patch
xsa154.patch
xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch
xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch
xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch
xsa170.patch�- Use system SeaBIOS instead of building/installing another one
FATE#320638
Dropped files:
seabios-dir-remote.tar.bz2
xen-c99-fix.patch
xen.build-compare.seabios.patch�- spec: drop BuildRequires that were only needed for qemu-xen�- bsc#969377 - xen does not build with GCC 6
ipxe-use-rpm-opt-flags.patch
gcc6-warnings-as-errors.patch�- bsc#969351 - VUL-0: CVE-2016-2841: xen: net: ne2000: infinite
loop in ne2000_receive
CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch
- Drop xsa154-fix.patch�- Use system qemu instead of building/installing yet another qemu
FATE#320638
- Dropped files
qemu-xen-dir-remote.tar.bz2
CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch
CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch
CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch
CVE-2015-4037-qemuu-smb-config-dir-name.patch
CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch
CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch
CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch
CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch
CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch
CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch
CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch
CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch
CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch
CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch
CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch
CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch
CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
CVE-2016-2538-qemuu-usb-integer-overflow-in-remote-NDIS-message-handling.patch
CVE-2015-8619-qemuu-stack-based-OOB-write-in-hmp_sendkey-routine.patch
qemu-xen-enable-spice-support.patch
qemu-xen-upstream-qdisk-cache-unsafe.patch
tigervnc-long-press.patch
xsa162-qemuu.patch�- bsc#962321 - VUL-0: CVE-2016-1922: xen: i386: null pointer
dereference in vapic_write()
CVE-2016-1922-qemuu-i386-null-pointer-dereference-in-vapic_write.patch�- bsc#968004 - VUL-0: CVE-2016-2538: xen: usb: integer overflow in
remote NDIS control message handling
CVE-2016-2538-qemuu-usb-integer-overflow-in-remote-NDIS-message-handling.patch�- bsc#954872 - L3: script block-dmmd not working as expected -
libxl: error: libxl_dm.c
block-dmmd
- Update libxl to recognize dmmd and npiv prefix in disk spec
xen.libxl.dmmd.patch�- bsc#967101 - VUL-0: CVE-2016-2391: xen: usb: multiple eof_timers
in ohci module leads to null pointer dereference
CVE-2016-2391-qemuu-usb-null-pointer-dereference-in-ohci-module.patch
CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch
- bsc#967090 - VUL-0: CVE-2016-2392: xen: usb: null pointer
dereference in remote NDIS control message handling
CVE-2016-2392-qemuu-usb-null-pointer-dereference-in-NDIS-message-handling.patch�- Update to Xen Version 4.6.1
xen-4.6.1-testing-src.tar.bz2
- Dropped patches now contained in tarball or unnecessary
xen-4.6.0-testing-src.tar.bz2
5604f239-x86-PV-properly-populate-descriptor-tables.patch
561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-it-is-zero.patch
561d2046-VT-d-use-proper-error-codes-in-iommu_enable_x2apic_IR.patch
561d20a0-x86-hide-MWAITX-from-PV-domains.patch
561e3283-x86-NUMA-fix-SRAT-table-processor-entry-parsing-and-consumption.patch
5632118e-arm-Support-hypercall_create_continuation-for-multicall.patch
56321222-arm-rate-limit-logging-from-unimplemented-PHYSDEVOP-and-HVMOP.patch
56321249-arm-handle-races-between-relinquish_memory-and-free_domheap_pages.patch
5632127b-x86-guard-against-undue-super-page-PTE-creation.patch
5632129c-free-domain-s-vcpu-array.patch
563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
563212e4-xenoprof-free-domain-s-vcpu-array.patch
563212ff-x86-rate-limit-logging-in-do_xen-oprof-pmu-_op.patch
56323737-libxl-adjust-PoD-target-by-memory-fudge-too.patch
56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch
5641ceec-x86-HVM-always-intercept-AC-and-DB.patch
56549f24-x86-vPMU-document-as-unsupported.patch
5677f350-x86-make-debug-output-consistent-in-hvm_set_callback_via.patch
xsa155-qemut-qdisk-double-access.patch
xsa155-qemut-xenfb.patch
xsa155-qemuu-qdisk-double-access.patch
xsa155-qemuu-xenfb.patch
xsa159.patch
xsa160.patch
xsa162-qemut.patch
xsa165.patch
xsa166.patch
xsa167.patch
xsa168.patch�- bsc#965315 - VUL-0: CVE-2016-2270: xen: x86: inconsistent
cachability flags on guest mappings (XSA-154)
xsa154.patch
- bsc#965317 - VUL-0: CVE-2016-2271: xen: VMX: guest user mode may
crash guest with non-canonical RIP (XSA-170)
xsa170.patch�- bsc#965269 - VUL-1: CVE-2015-8619: xen: stack based OOB write in
hmp_sendkey routine
CVE-2015-8619-qemuu-stack-based-OOB-write-in-hmp_sendkey-routine.patch�- bsc#965156 - VUL-0: CVE-2015-6855: xen: ide: divide by zero issue
CVE-2015-6855-qemuu-ide-divide-by-zero-issue.patch
- bsc#965112 - VUL-0: CVE-2014-3640: xen: slirp: NULL pointer deref
in sosendto()
CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch�- bsc#964947 - VUL-0: CVE-2015-5278: xen: Infinite loop in
ne2000_receive() function
CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch
- bsc#956832 - VUL-0: CVE-2015-8345: xen: qemu: net: eepro100:
infinite loop in processing command block list
CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch
CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch�- bsc#964644 - VUL-0: CVE-2013-4533: xen pxa2xx: buffer overrun on
incoming migration
CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch
- bsc#964925 - VUL-0: CVE-2014-0222: xen: qcow1: validate L2 table
size to avoid integer overflows
CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch
- Dropped CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch�- bsc#964415 - VUL-1: CVE-2016-2198: xen: usb: ehci null pointer
dereference in ehci_caps_write
CVE-2016-2198-qemuu-usb-ehci-null-pointer-dereference-in-ehci_caps_write.patch
- bsc#964452 - VUL-0: CVE-2013-4534: xen: openpic: buffer overrun
on incoming migration
CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch�- bsc#963783 - VUL-1: CVE-2016-1981: xen: net: e1000 infinite loop
in start_xmit and e1000_receive_iov routines
CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch�- bsc#962758 - VUL-0: CVE-2013-4539: xen: tsc210x: buffer overrun
on invalid state load
CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch�- bsc#962632 - VUL-0: CVE-2015-1779: xen: vnc: insufficient
resource limiting in VNC websockets decoder
CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch
CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch
- bsc#962642 - VUL-0: CVE-2013-4537: xen: ssi-sd: buffer overrun on
invalid state load
CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch
- bsc#962627 - VUL-0: CVE-2014-7815: xen: vnc: insufficient
bits_per_pixel from the client sanitization
CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch�- bsc#962335 - VUL-0: CVE-2013-4538: xen: ssd0323: fix buffer
overun on invalid state
CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch
- bsc#962360 - VUL-0: CVE-2015-7512: xen: net: pcnet: buffer
overflow in non-loopback mode
CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch�- bsc#961692 - VUL-0: CVE-2016-1714: xen: nvram: OOB r/w access in
processing firmware configurations
CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch
CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch�- bsc#961358 - VUL-0: CVE-2015-8613: xen: qemu: scsi: stack based
buffer overflow in megasas_ctrl_get_info
CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch
- bsc#961332 - VUL-0: CVE-2016-1568: xen: Qemu: ide: ahci
use-after-free vulnerability in aio port commands
CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch�- bsc#959695 - missing docs for xen
xen.spec�- bsc#960862 - VUL-0: CVE-2016-1571: xen: VMX: intercept issue with
INVLPG on non-canonical address (XSA-168)
xsa168.patch
- bsc#960861 - VUL-0: CVE-2016-1570: xen: PV superpage
functionality missing sanity checks (XSA-167)
xsa167.patch
- bsc#960836 - VUL-0: CVE-2015-8744: xen: net: vmxnet3: incorrect
l2 header validation leads to a crash via assert(2) call
CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch�- bsc#960707 - VUL-0: CVE-2015-8745: xen: reading IMR registers
leads to a crash via assert(2) call
CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch
- bsc#960726 - VUL-0: CVE-2015-8743: xen: ne2000: OOB memory access
in ioport r/w functions
CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch�- bsc#960093 - VUL-0: CVE-2015-8615: xen: x86: unintentional
logging upon guest changing callback method (XSA-169)
5677f350-x86-make-debug-output-consistent-in-hvm_set_callback_via.patch�- Adjust xen-dom0-modules.service to run Before xenstored.service
instead of proc-xen.mount to workaround a bug in systemd "design"
(bnc#959845)�- bsc#959387 - VUL-0: CVE-2015-8568 CVE-2015-8567: xen: qemu: net:
vmxnet3: host memory leakage
CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch�- bsc#957988 - VUL-0: CVE-2015-8550: xen: paravirtualized drivers
incautious about shared memory contents (XSA-155)
xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch
xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch
xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch
xsa155-qemuu-qdisk-double-access.patch
xsa155-qemut-qdisk-double-access.patch
xsa155-qemuu-xenfb.patch
xsa155-qemut-xenfb.patch
- bsc#959006 - VUL-0: CVE-2015-8558: xen: qemu: usb: infinite loop
in ehci_advance_state results in DoS
CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch
- bsc#958918 - VUL-0: CVE-2015-7549: xen: qemu pci: null pointer
dereference issue
CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch
- bsc#958493 - VUL-0: CVE-2015-8504: xen: qemu: ui: vnc: avoid
floating point exception
CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch
CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch
- bsc#958007 - VUL-0: CVE-2015-8554: xen: qemu-dm buffer overrun in
MSI-X handling (XSA-164)
xsa164.patch
- bsc#958009 - VUL-0: CVE-2015-8555: xen: information leak in
legacy x86 FPU/XMM initialization (XSA-165)
xsa165.patch
- bsc#958523 - VUL-0: xen: ioreq handling possibly susceptible to
multiple read issue (XSA-166)
xsa166.patch�- bsc#956832 - VUL-0: CVE-2015-8345: xen: qemu: net: eepro100:
infinite loop in processing command block list
CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch
CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch
- Upstream patches from Jan
56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch
5641ceec-x86-HVM-always-intercept-AC-and-DB.patch (Replaces CVE-2015-5307-xsa156.patch)
5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch
56544a57-VMX-fix-adjust-trap-injection.patch
56546ab2-sched-fix-insert_vcpu-locking.patch�- bsc#956592 - VUL-0: xen: virtual PMU is unsupported (XSA-163)
56549f24-x86-vPMU-document-as-unsupported.patch
- bsc#956408 - VUL-0: CVE-2015-8339, CVE-2015-8340: xen:
XENMEM_exchange error handling issues (XSA-159)
xsa159.patch
- bsc#956409 - VUL-0: CVE-2015-8341: xen: libxl leak of pv kernel
and initrd on error (XSA-160)
xsa160.patch
- bsc#956411 - VUL-0: CVE-2015-7504: xen: heap buffer overflow
vulnerability in pcnet emulator (XSA-162)
xsa162-qemuu.patch
xsa162-qemut.patch
- bsc#947165 - VUL-0: CVE-2015-7311: xen: libxl fails to honour
readonly flag on disks with qemu-xen (xsa-142)
5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch
5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch�- fate#315712: XEN: Use the PVOPS kernel
Turn off building the KMPs now that we are using the pvops kernel
xen.spec�- Upstream patches from Jan
561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-it-is-zero.patch
561d20a0-x86-hide-MWAITX-from-PV-domains.patch
561e3283-x86-NUMA-fix-SRAT-table-processor-entry-parsing-and-consumption.patch
5632118e-arm-Support-hypercall_create_continuation-for-multicall.patch
56321222-arm-rate-limit-logging-from-unimplemented-PHYSDEVOP-and-HVMOP.patch
56321249-arm-handle-races-between-relinquish_memory-and-free_domheap_pages.patch
5632127b-x86-guard-against-undue-super-page-PTE-creation.patch
5632129c-free-domain-s-vcpu-array.patch (Replaces CVE-2015-7969-xsa149.patch)
563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
563212e4-xenoprof-free-domain-s-vcpu-array.patch
563212ff-x86-rate-limit-logging-in-do_xen-oprof-pmu-_op.patch
56323737-libxl-adjust-PoD-target-by-memory-fudge-too.patch
56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch
5641ceec-x86-HVM-always-intercept-AC-and-DB.patch (Replaces CVE-2015-5307-xsa156.patch)
5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch
- Dropped 55b0a2db-x86-MSI-track-guest-masking.patch�- Use upstream variants of block-iscsi and block-nbd�- Remove xenalyze.hg, its part of xen-4.6�- Update to Xen Version 4.6.0
xen-4.6.0-testing-src.tar.bz2
mini-os.tar.bz2
blktap2-no-uninit.patch
stubdom-have-iovec.patch
- Renamed
xsa149.patch to CVE-2015-7969-xsa149.patch
- Dropped patches now contained in tarball or unnecessary
xen-4.5.2-testing-src.tar.bz2
54c2553c-grant-table-use-uint16_t-consistently-for-offset-and-length.patch
54ca33bc-grant-table-refactor-grant-copy-to-reduce-duplicate-code.patch
54ca340e-grant-table-defer-releasing-pages-acquired-in-a-grant-copy.patch
54f4985f-libxl-fix-libvirtd-double-free.patch
55103616-vm-assist-prepare-for-discontiguous-used-bit-numbers.patch
551ac326-xentop-add-support-for-qdisk.patch
552d0fd2-x86-hvm-don-t-include-asm-spinlock-h.patch
552d0fe8-x86-mtrr-include-asm-atomic.h.patch
552d293b-x86-vMSI-X-honor-all-mask-requests.patch
552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch
5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch
5548e903-domctl-don-t-truncate-XEN_DOMCTL_max_mem-requests.patch
5548e95d-x86-allow-to-suppress-M2P-user-mode-exposure.patch
554c7aee-x86-provide-arch_fetch_and_add.patch
554c7b00-arm-provide-arch_fetch_and_add.patch
554cc211-libxl-add-qxl.patch 55534b0a-x86-provide-add_sized.patch
55534b25-arm-provide-add_sized.patch
5555a4f8-use-ticket-locks-for-spin-locks.patch
5555a5b9-x86-arm-remove-asm-spinlock-h.patch
5555a8ec-introduce-non-contiguous-allocation.patch
556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch
5576f143-x86-adjust-PV-I-O-emulation-functions-types.patch
55795a52-x86-vMSI-X-support-qword-MMIO-access.patch
557eb55f-gnttab-per-active-entry-locking.patch
557eb5b6-gnttab-introduce-maptrack-lock.patch
557eb620-gnttab-make-the-grant-table-lock-a-read-write-lock.patch
557ffab8-evtchn-factor-out-freeing-an-event-channel.patch
5582bf43-evtchn-simplify-port_is_valid.patch
5582bf81-evtchn-remove-the-locking-when-unmasking-an-event-channel.patch
5583d9c5-x86-MSI-X-cleanup.patch
5583da09-x86-MSI-track-host-and-guest-masking-separately.patch
5583da64-gnttab-use-per-VCPU-maptrack-free-lists.patch
5583da8c-gnttab-steal-maptrack-entries-from-other-VCPUs.patch
5587d711-evtchn-clear-xen_consumer-when-clearing-state.patch
5587d779-evtchn-defer-freeing-struct-evtchn-s-until-evtchn_destroy_final.patch
5587d7b7-evtchn-use-a-per-event-channel-lock-for-sending-events.patch
5587d7e2-evtchn-pad-struct-evtchn-to-64-bytes.patch
55b0a218-x86-PCI-CFG-write-intercept.patch
55b0a255-x86-MSI-X-maskall.patch 55b0a283-x86-MSI-X-teardown.patch
55b0a2ab-x86-MSI-X-enable.patch blktapctrl-close-fifos.patch
blktapctrl-default-to-ioemu.patch blktapctrl-disable-debug-printf.patch
blktap-no-uninit.patch blktap-pv-cdrom.patch build-tapdisk-ioemu.patch
ioemu-bdrv-open-CACHE_WB.patch ioemu-blktap-barriers.patch
ioemu-blktap-fv-init.patch ioemu-blktap-image-format.patch
ioemu-blktap-zero-size.patch libxl.set-migration-constraints-from-cmdline.patch
local_attach_support_for_phy.patch pci-attach-fix.patch
qemu-xen-upstream-megasas-buildtime.patch tapdisk-ioemu-logfile.patch
tapdisk-ioemu-shutdown-fix.patch udev-rules.patch xen.build-compare.ipxe.patch
xen.build-compare.mini-os.patch xen.build-compare.smbiosdate.patch
xen.build-compare.vgabios.patch xen.build-compare.xen_compile_h.patch
xl-coredump-file-location.patch�- bsc#954405 - VUL-0: CVE-2015-8104: Xen: guest to host DoS by
triggering an infinite loop in microcode via #DB exception
- bsc#954018 - VUL-0: CVE-2015-5307: xen: x86: CPU lockup during
fault delivery (XSA-156)
CVE-2015-5307-xsa156.patch�- Update to Xen 4.5.2
xen-4.5.2-testing-src.tar.bz2
- Drop the following
xen-4.5.1-testing-src.tar.bz2
552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch
5576f178-kexec-add-more-pages-to-v1-environment.patch
55780be1-x86-EFI-adjust-EFI_MEMORY_WP-handling-for-spec-version-2.5.patch
558bfaa0-x86-traps-avoid-using-current-too-early.patch
5592a116-nested-EPT-fix-the-handling-of-nested-EPT.patch
559b9dd6-x86-p2m-ept-don-t-unmap-in-use-EPT-pagetable.patch
559bc633-x86-cpupool-clear-proper-cpu_valid-bit-on-CPU-teardown.patch
559bc64e-credit1-properly-deal-with-CPUs-not-in-any-pool.patch
559bc87f-x86-hvmloader-avoid-data-corruption-with-xenstore-rw.patch
559bdde5-pull-in-latest-linux-earlycpio.patch
55a62eb0-xl-correct-handling-of-extra_config-in-main_cpupoolcreate.patch
55a66a1e-make-rangeset_report_ranges-report-all-ranges.patch
55a77e4f-dmar-device-scope-mem-leak-fix.patch
55c1d83d-x86-gdt-Drop-write-only-xalloc-d-array.patch
55c3232b-x86-mm-Make-hap-shadow-teardown-preemptible.patch
55dc78e9-x86-amd_ucode-skip-updates-for-final-levels.patch
55df2f76-IOMMU-skip-domains-without-page-tables-when-dumping.patch
55e43fd8-x86-NUMA-fix-setup_node.patch
55e43ff8-x86-NUMA-don-t-account-hotplug-regions.patch
55e593f1-x86-NUMA-make-init_node_heap-respect-Xen-heap-limit.patch
55f2e438-x86-hvm-fix-saved-pmtimer-and-hpet-values.patch
55f9345b-x86-MSI-fail-if-no-hardware-support.patch
5604f2e6-vt-d-fix-IM-bit-mask-and-unmask-of-FECTL_REG.patch
560a4af9-x86-EPT-tighten-conditions-of-IOMMU-mapping-updates.patch
560a7c36-x86-p2m-pt-delay-freeing-of-intermediate-page-tables.patch
560a7c53-x86-p2m-pt-ignore-pt-share-flag-for-shadow-mode-guests.patch
560bd926-credit1-fix-tickling-when-it-happens-from-a-remote-pCPU.patch
560e6d34-x86-p2m-pt-tighten-conditions-of-IOMMU-mapping-updates.patch
561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-0.patch
561d20a0-x86-hide-MWAITX-from-PV-domains.patch
561e3283-x86-NUMA-fix-SRAT-table-processor-entry-handling.patch
563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
CVE-2015-4106-xsa131-9.patch CVE-2015-3259-xsa137.patch
CVE-2015-7311-xsa142.patch CVE-2015-7835-xsa148.patch
xsa139-qemuu.patch xsa140-qemuu-1.patch xsa140-qemuu-2.patch
xsa140-qemuu-3.patch xsa140-qemuu-4.patch xsa140-qemuu-5.patch
xsa140-qemuu-6.patch xsa140-qemuu-7.patch xsa140-qemut-1.patch
xsa140-qemut-2.patch xsa140-qemut-3.patch xsa140-qemut-4.patch
xsa140-qemut-5.patch xsa140-qemut-6.patch xsa140-qemut-7.patch
xsa151.patch xsa152.patch xsa153-libxl.patch
CVE-2015-5154-qemuu-check-array-bounds-before-writing-to-io_buffer.patch
CVE-2015-5154-qemuu-fix-START-STOP-UNIT-command-completion.patch
CVE-2015-5154-qemuu-clear-DRQ-after-handling-all-expected-accesses.patch
CVE-2015-5154-qemut-check-array-bounds-before-writing-to-io_buffer.patch
CVE-2015-5154-qemut-clear-DRQ-after-handling-all-expected-accesses.patch
CVE-2015-6815-qemuu-e1000-fix-infinite-loop.patch
CVE-2015-5239-qemuu-limit-client_cut_text-msg-payload-size.patch
CVE-2015-5239-qemut-limit-client_cut_text-msg-payload-size.patch"�- bsc#950704 - CVE-2015-7970 VUL-1: xen: x86: Long latency
populate-on-demand operation is not preemptible (XSA-150)
563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch�- Upstream patches from Jan
5604f239-x86-PV-properly-populate-descriptor-tables.patch
561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-0.patch
561d2046-VT-d-use-proper-error-codes-in-iommu_enable_x2apic_IR.patch
561d20a0-x86-hide-MWAITX-from-PV-domains.patch
561e3283-x86-NUMA-fix-SRAT-table-processor-entry-handling.patch�- bsc#951845 - VUL-0: CVE-2015-7972: xen: x86: populate-on-demand
balloon size inaccuracy can crash guests (XSA-153)
xsa153-libxl.patch�- bsc#950703 - VUL-1: CVE-2015-7969: xen: leak of main per-domain
vcpu pointer array (DoS) (XSA-149)
xsa149.patch
- bsc#950705 - VUL-1: CVE-2015-7969: xen: x86: leak of per-domain
profiling-related vcpu pointer array (DoS) (XSA-151)
xsa151.patch
- bsc#950706 - VUL-0: CVE-2015-7971: xen: x86: some pmu and
profiling hypercalls log without rate limiting (XSA-152)
xsa152.patch
- Dropped
55dc7937-x86-IO-APIC-don-t-create-pIRQ-mapping-from-masked-RTE.patch
5604f239-x86-PV-properly-populate-descriptor-tables.patch�- bsc#932267 - VUL-1: CVE-2015-4037: qemu,kvm,xen: insecure
temporary file use in /net/slirp.c
CVE-2015-4037-qemuu-smb-config-dir-name.patch
CVE-2015-4037-qemut-smb-config-dir-name.patch
- bsc#877642 - VUL-0: CVE-2014-0222: qemu: qcow1: validate L2 table
size to avoid integer overflows
CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch
CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch�- bsc#950367 - VUL-0: CVE-2015-7835: xen: x86: Uncontrolled
creation of large page mappings by PV guests (XSA-148)
CVE-2015-7835-xsa148.patch�- bsc#949138 - Setting vcpu affinity under Xen causes libvirtd
abort
54f4985f-libxl-fix-libvirtd-double-free.patch�- bsc#949046 - Increase %suse_version in SP1 to 1316
xen.spec
- Update README.SUSE detailing dom0 ballooning recommendations�- bsc#945167 - Running command ’ xl pci-assignable-add 03:10.1’
secondly show errors
55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch
- Upstream patches from Jan
55f2e438-x86-hvm-fix-saved-pmtimer-and-hpet-values.patch
55f9345b-x86-MSI-fail-if-no-hardware-support.patch
5604f239-x86-PV-properly-populate-descriptor-tables.patch
5604f2e6-vt-d-fix-IM-bit-mask-and-unmask-of-FECTL_REG.patch
560a4af9-x86-EPT-tighten-conditions-of-IOMMU-mapping-updates.patch
560a7c36-x86-p2m-pt-delay-freeing-of-intermediate-page-tables.patch
560a7c53-x86-p2m-pt-ignore-pt-share-flag-for-shadow-mode-guests.patch
560bd926-credit1-fix-tickling-when-it-happens-from-a-remote-pCPU.patch
560e6d34-x86-p2m-pt-tighten-conditions-of-IOMMU-mapping-updates.patch�- bsc#941074 - VmError: Device 51728 (vbd) could not be connected.
Hotplug scripts not working.
hotplug-Linux-block-performance-fix.patch�- bsc#947165 - VUL-0: CVE-2015-7311: xen: libxl fails to honour
readonly flag on disks with qemu-xen (xsa-142)
CVE-2015-7311-xsa142.patch�- bsc#945165 - Xl pci-attach show error with kernel of SLES 12 sp1
pci-attach-fix.patch�- bsc#945164 - Xl destroy show error with kernel of SLES 12 sp1
5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch�- Upstream patches from Jan
55dc78e9-x86-amd_ucode-skip-updates-for-final-levels.patch
55dc7937-x86-IO-APIC-don-t-create-pIRQ-mapping-from-masked-RTE.patch
55df2f76-IOMMU-skip-domains-without-page-tables-when-dumping.patch
55e43fd8-x86-NUMA-fix-setup_node.patch
55e43ff8-x86-NUMA-don-t-account-hotplug-regions.patch
55e593f1-x86-NUMA-make-init_node_heap-respect-Xen-heap-limit.patch
54c2553c-grant-table-use-uint16_t-consistently-for-offset-and-length.patch
54ca33bc-grant-table-refactor-grant-copy-to-reduce-duplicate-code.patch
54ca340e-grant-table-defer-releasing-pages-acquired-in-a-grant-copy.patch�- bsc#944463 - VUL-0: CVE-2015-5239: qemu-kvm: Integer overflow in
vnc_client_read() and protocol_client_msg()
CVE-2015-5239-qemuu-limit-client_cut_text-msg-payload-size.patch
CVE-2015-5239-qemut-limit-client_cut_text-msg-payload-size.patch
- bsc#944697 - VUL-1: CVE-2015-6815: qemu: net: e1000: infinite
loop issue
CVE-2015-6815-qemuu-e1000-fix-infinite-loop.patch
CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch�- bnc#935634 - VUL-0: CVE-2015-3259: xen: XSA-137: xl command line
config handling stack overflow
55a62eb0-xl-correct-handling-of-extra_config-in-main_cpupoolcreate.patch�- bsc#907514 - Bus fatal error & sles12 sudden reboot has been
observed
- bsc#910258 - SLES12 Xen host crashes with FATAL NMI after
shutdown of guest with VT-d NIC
- bsc#918984 - Bus fatal error & sles11-SP4 sudden reboot has been
observed
- bsc#923967 - Partner-L3: Bus fatal error & sles11-SP3 sudden
reboot has been observed
552d293b-x86-vMSI-X-honor-all-mask-requests.patch
552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch
5576f143-x86-adjust-PV-I-O-emulation-functions-types.patch
55795a52-x86-vMSI-X-support-qword-MMIO-access.patch
5583d9c5-x86-MSI-X-cleanup.patch
5583da09-x86-MSI-track-host-and-guest-masking-separately.patch
55b0a218-x86-PCI-CFG-write-intercept.patch
55b0a255-x86-MSI-X-maskall.patch
55b0a283-x86-MSI-X-teardown.patch
55b0a2ab-x86-MSI-X-enable.patch
55b0a2db-x86-MSI-track-guest-masking.patch
- Upstream patches from Jan
552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch
559bc633-x86-cpupool-clear-proper-cpu_valid-bit-on-CPU-teardown.patch
559bc64e-credit1-properly-deal-with-CPUs-not-in-any-pool.patch
559bc87f-x86-hvmloader-avoid-data-corruption-with-xenstore-rw.patch
55a66a1e-make-rangeset_report_ranges-report-all-ranges.patch
55a77e4f-dmar-device-scope-mem-leak-fix.patch
55c1d83d-x86-gdt-Drop-write-only-xalloc-d-array.patch
55c3232b-x86-mm-Make-hap-shadow-teardown-preemptible.patch
- Dropped for upstream version
x86-MSI-mask.patch
x86-MSI-pv-unmask.patch
x86-MSI-X-enable.patch
x86-MSI-X-maskall.patch
x86-MSI-X-teardown.patch
x86-pci_cfg_okay.patch
x86-PCI-CFG-write-intercept.patch�- bsc#939712 - VUL-0: XSA-140: QEMU leak of uninitialized heap
memory in rtl8139 device model
xsa140-qemuu-1.patch
xsa140-qemuu-2.patch
xsa140-qemuu-3.patch
xsa140-qemuu-4.patch
xsa140-qemuu-5.patch
xsa140-qemuu-6.patch
xsa140-qemuu-7.patch
xsa140-qemut-1.patch
xsa140-qemut-2.patch
xsa140-qemut-3.patch
xsa140-qemut-4.patch
xsa140-qemut-5.patch
xsa140-qemut-6.patch
xsa140-qemut-7.patch
- bsc#939709 - VUL-0: XSA-139: xen: Use after free in QEMU/Xen
block unplug protocol
xsa139-qemuu.patch�- bsc#937371 - xen vm's running after reboot
xendomains-libvirtd-conflict.patch�- bsc#938344 - VUL-0: CVE-2015-5154: qemu,kvm,xen: host code
execution via IDE subsystem CD-ROM
CVE-2015-5154-qemuu-check-array-bounds-before-writing-to-io_buffer.patch
CVE-2015-5154-qemut-check-array-bounds-before-writing-to-io_buffer.patch
CVE-2015-5154-qemuu-fix-START-STOP-UNIT-command-completion.patch
CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch
CVE-2015-5154-qemuu-clear-DRQ-after-handling-all-expected-accesses.patch
CVE-2015-5154-qemut-clear-DRQ-after-handling-all-expected-accesses.patch�- Remove xendomains.service from systemd preset file because it
conflicts with libvirt-guests.service (bnc#937371)
Its up to the admin to run systemctl enable xendomains.service�- bnc#935634 - VUL-0: CVE-2015-3259: xen: XSA-137: xl command line
config handling stack overflow
CVE-2015-3259-xsa137.patch
- Upstream patches from Jan
558bfaa0-x86-traps-avoid-using-current-too-early.patch
5592a116-nested-EPT-fix-the-handling-of-nested-EPT.patch
559b9dd6-x86-p2m-ept-don-t-unmap-in-use-EPT-pagetable.patch
559bdde5-pull-in-latest-linux-earlycpio.patch
- Upstream patches from Jan pending review
552d0fd2-x86-hvm-don-t-include-asm-spinlock-h.patch
552d0fe8-x86-mtrr-include-asm-atomic.h.patch
552d293b-x86-vMSI-X-honor-all-mask-requests.patch
552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch
554c7aee-x86-provide-arch_fetch_and_add.patch
554c7b00-arm-provide-arch_fetch_and_add.patch
55534b0a-x86-provide-add_sized.patch
55534b25-arm-provide-add_sized.patch
5555a4f8-use-ticket-locks-for-spin-locks.patch
5555a5b9-x86-arm-remove-asm-spinlock-h.patch
5555a8ec-introduce-non-contiguous-allocation.patch
55795a52-x86-vMSI-X-support-qword-MMIO-access.patch
557eb55f-gnttab-per-active-entry-locking.patch
557eb5b6-gnttab-introduce-maptrack-lock.patch
557eb620-gnttab-make-the-grant-table-lock-a-read-write-lock.patch
557ffab8-evtchn-factor-out-freeing-an-event-channel.patch
5582bf43-evtchn-simplify-port_is_valid.patch
5582bf81-evtchn-remove-the-locking-when-unmasking-an-event-channel.patch
5583d9c5-x86-MSI-X-cleanup.patch
5583da09-x86-MSI-track-host-and-guest-masking-separately.patch
5583da64-gnttab-use-per-VCPU-maptrack-free-lists.patch
5583da8c-gnttab-steal-maptrack-entries-from-other-VCPUs.patch
5587d711-evtchn-clear-xen_consumer-when-clearing-state.patch
5587d779-evtchn-defer-freeing-struct-evtchn-s-until-evtchn_destroy_final.patch
5587d7b7-evtchn-use-a-per-event-channel-lock-for-sending-events.patch
5587d7e2-evtchn-pad-struct-evtchn-to-64-bytes.patch
x86-MSI-pv-unmask.patch
x86-pci_cfg_okay.patch
x86-PCI-CFG-write-intercept.patch
x86-MSI-X-maskall.patch
x86-MSI-X-teardown.patch
x86-MSI-X-enable.patch
x86-MSI-mask.patch�- Adjust more places to use br0 instead of xenbr0�- bnc#936516 - xen fails to build with kernel update(4.1.0 from
stable)
556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch�- Update to Xen Version 4.5.1 FCS (fate#315675)
xen-4.5.1-testing-src.tar.bz2
- Dropped patches now contained in tarball
556c2cf2-x86-don-t-crash-mapping-a-page-using-EFI-rt-page-tables.patch
556d9718-efi-fix-allocation-problems-if-ExitBootServices-fails.patch
556eabf7-x86-apic-Disable-the-LAPIC-later-in-smp_send_stop.patch
556eac15-x86-crash-don-t-use-set_fixmap-in-the-crash-path.patch
55780aaa-efi-avoid-calling-boot-services-after-ExitBootServices.patch
55780aff-x86-EFI-fix-EFI_MEMORY_WP-handling.patch
55780b43-EFI-early-add-mapbs-to-map-EfiBootServices-Code-Data.patch
55780b97-EFI-support-default-attributes-to-map-Runtime-service-areas.patch
5513b458-allow-reboot-overrides-when-running-under-EFI.patch
5513b4d1-dont-apply-reboot-quirks-if-reboot-set-by-user.patch
5576f178-kexec-add-more-pages-to-v1-environment.patch
5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch
CVE-2015-3456-xsa133-qemuu.patch
CVE-2015-3456-xsa133-qemut.patch
qemu-MSI-X-enable-maskall.patch
qemu-MSI-X-latch-writes.patch
x86-MSI-X-guest-mask.patch�- Replace 5124efbe-add-qxl-support.patch with the variant that
finally made it upstream, 554cc211-libxl-add-qxl.patch�- bsc#931627 - VUL-0: CVE-2015-4105: XSA-130: xen: Guest triggerable
qemu MSI-X pass-through error messages
qemu-MSI-X-latch-writes.patch
- bsc#907514 - Bus fatal error & sles12 sudden reboot has been observed
- bsc#910258 - SLES12 Xen host crashes with FATAL NMI after shutdown
of guest with VT-d NIC
- bsc#918984 - Bus fatal error & sles11-SP4 sudden reboot has been
observed
- bsc#923967 - Partner-L3: Bus fatal error & sles11-SP3 sudden reboot
has been observed
x86-MSI-X-teardown.patch
x86-MSI-X-enable.patch
x86-MSI-X-guest-mask.patch
x86-MSI-X-maskall.patch
qemu-MSI-X-enable-maskall.patch
- Upstream patches from Jan
55780aaa-efi-avoid-calling-boot-services-after-ExitBootServices.patch
55780aff-x86-EFI-fix-EFI_MEMORY_WP-handling.patch
55780b43-EFI-early-add-mapbs-to-map-EfiBootServices-Code-Data.patch
55780b97-EFI-support-default-attributes-to-map-Runtime-service-areas.patch
55780be1-x86-EFI-adjust-EFI_MEMORY_WP-handling-for-spec-version-2.5.patch
55103616-vm-assist-prepare-for-discontiguous-used-bit-numbers.patch
5548e95d-x86-allow-to-suppress-M2P-user-mode-exposure.patch
- Dropped the following patches now contained in the tarball
xen-no-array-bounds.patch CVE-2015-4103-xsa128.patch
CVE-2015-4104-xsa129.patch CVE-2015-4105-xsa130.patch
CVE-2015-4106-xsa131-1.patch CVE-2015-4106-xsa131-2.patch
CVE-2015-4106-xsa131-3.patch CVE-2015-4106-xsa131-4.patch
CVE-2015-4106-xsa131-5.patch CVE-2015-4106-xsa131-6.patch
CVE-2015-4106-xsa131-7.patch CVE-2015-4106-xsa131-8.patch�- Update to Xen 4.5.1 RC2
- bsc#931628 - VUL-0: CVE-2015-4106: XSA-131: xen: Unmediated PCI
register access in qemu
CVE-2015-4106-xsa131-1.patch
CVE-2015-4106-xsa131-2.patch
CVE-2015-4106-xsa131-3.patch
CVE-2015-4106-xsa131-4.patch
CVE-2015-4106-xsa131-5.patch
CVE-2015-4106-xsa131-6.patch
CVE-2015-4106-xsa131-7.patch
CVE-2015-4106-xsa131-8.patch
CVE-2015-4106-xsa131-9.patch
- bsc#931627 - VUL-0: CVE-2015-4105: XSA-130: xen: Guest triggerable
qemu MSI-X pass-through error messages
CVE-2015-4105-xsa130.patch
- bsc#931626 - VUL-0: CVE-2015-4104: XSA-129: xen: PCI MSI mask
bits inadvertently exposed to guests
CVE-2015-4104-xsa129.patch
- bsc#931625 - VUL-0: CVE-2015-4103: XSA-128: xen: Potential
unintended writes to host MSI message data field via qemu
CVE-2015-4103-xsa128.patch
- Upstream patches from Jan
5548e903-domctl-don-t-truncate-XEN_DOMCTL_max_mem-requests.patch
556c2cf2-x86-don-t-crash-mapping-a-page-using-EFI-rt-page-tables.patch
556d9718-efi-fix-allocation-problems-if-ExitBootServices-fails.patch
556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch
556eabf7-x86-apic-Disable-the-LAPIC-later-in-smp_send_stop.patch
556eac15-x86-crash-don-t-use-set_fixmap-in-the-crash-path.patch�- Add DefaultDependencies=no to xen-dom0-modules.service because
it has to run before proc-xen.mount�- Update to Xen 4.5.1 RC1�- Update blktap-no-uninit.patch to work with gcc-4.5�- bsc#927967 - VUL-0: CVE-2015-3340: xen: Information leak through
XEN_DOMCTL_gettscinfo (XSA-132)
5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch�- bnc#929339 - VUL-0: CVE-2015-3456: qemu kvm xen: VENOM qemu
floppy driver host code execution
CVE-2015-3456-xsa133-qemuu.patch
CVE-2015-3456-xsa133-qemut.patch�- bsc#928783 - Reboot failure; Request backport of upstream Xen
patch to 4.5.0, or update pkgs to 4.5.1
5513b458-allow-reboot-overrides-when-running-under-EFI.patch
5513b4d1-dont-apply-reboot-quirks-if-reboot-set-by-user.patch�- bnc#927750 - Avoid errors reported by system-modules-load.service�- Add xen-no-array-bounds.patch and blktap-no-uninit.patch to selectively
turn errors back to warnings to fix build with GCC 5.
- Amend xen.stubdom.newlib.patch to pull in declaration of strcmp to
avoid implicit-fortify-decl rpmlint error.
- Fix quoting of __SMBIOS_DATE__ in xen.build-compare.smbiosdate.patch.�- xentop: Fix memory leak on read failure
551ac326-xentop-add-support-for-qdisk.patch�- Dropped xentop-add-support-for-qdisk.patch in favor of upstream
version
551ac326-xentop-add-support-for-qdisk.patch�- Enable spice support in qemu for x86_64
5124efbe-add-qxl-support.patch
qemu-xen-enable-spice-support.patch�- Add xen-c99-fix.patch to remove pointless inline specifier on
function declarations which break build with a C99 compiler which
GCC 5 is by default. (bsc#921994)
- Add ipxe-no-error-logical-not-parentheses.patch to supply
- Wno-logical-not-parentheses to the ipxe build to fix
breakage with GCC 5. (bsc#921994)�- bnc#921842 - Xentop doesn't display disk statistics for VMs using
qdisks
xentop-add-support-for-qdisk.patch�- Disable the PIE enablement done for Factory, as the XEN code
is not buildable with PIE and it does not make much sense
to build the hypervisor code with it.�- bnc#918169 - XEN fixes required to work with Kernel 3.19.0
xen.spec�- Package xen.changes because its referenced in xen.spec�- Update seabios to rel-1.7.5 which is the correct version for
Xen 4.5�- Update to Xen 4.5.0 FCS�- Include systemd presets in 13.2 and older�- bnc#897352 - Enable xencommons/xendomains only during fresh install
- disable restart on upgrade because the toolstack is not restartable�- adjust seabios, vgabios, stubdom and hvmloader build to reduce
build-compare noise
xen.build-compare.mini-os.patch
xen.build-compare.smbiosdate.patch
xen.build-compare.ipxe.patch
xen.build-compare.vgabios.patch
xen.build-compare.seabios.patch
xen.build-compare.man.patch�- Update to Xen 4.5.0 RC4�- Remove xend specific if-up scripts
Recording bridge slaves is a generic task which should be handled
by generic network code�- Use systemd features from upstream
requires updated systemd-presets-branding package�- Update to Xen 4.5.0 RC3�- Set GIT, WGET and FTP to /bin/false�- Use new configure features instead of make variables
xen.stubdom.newlib.patch�- adjust docs and xen build to reduce build-compare noise
xen.build-compare.doc_html.patch
xen.build-compare.xen_compile_h.patch�- Drop trailing B_CNT from XEN_EXTRAVERSION to reduce build-compare noise�- Update to Xen 4.5.0 RC2�- Update to Xen 4.5.0 RC1
xen-4.5.0-testing-src.tar.bz2
- Remove all patches now contained in the new tarball
xen-4.4.1-testing-src.tar.bz2
5315a3bb-x86-don-t-propagate-acpi_skip_timer_override-do-Dom0.patch
5315a43a-x86-ACPI-also-print-address-space-for-PM1x-fields.patch
53299d8f-xenconsole-reset-tty-on-failure.patch
53299d8f-xenconsole-tolerate-tty-errors.patch
5346a7a0-x86-AMD-support-further-feature-masking-MSRs.patch
53563ea4-x86-MSI-drop-workaround-for-insecure-Dom0-kernels.patch
537c9c77-libxc-check-return-values-on-mmap-and-madvise.patch
537cd0b0-hvmloader-also-cover-PCI-MMIO-ranges-above-4G-with-UC-MTRR-ranges.patch
537cd0cc-hvmloader-PA-range-0xfc000000-0xffffffff-should-be-UC.patch
539ebe62-x86-EFI-improve-boot-time-diagnostics.patch
53aac342-x86-HVM-consolidate-and-sanitize-CR4-guest-reserved-bit-determination.patch
53c9151b-Fix-xl-vncviewer-accesses-port-0-by-any-invalid-domid.patch
53d124e7-fix-list_domain_details-check-config-data-length-0.patch
53dba447-x86-ACPI-allow-CMOS-RTC-use-even-when-ACPI-says-there-is-none.patch
53df727b-x86-HVM-extend-LAPIC-shortcuts-around-P2M-lookups.patch
53e8be5f-x86-vHPET-use-rwlock-instead-of-simple-one.patch
53f737b1-VMX-fix-DebugCtl-MSR-clearing.patch
53f7386d-x86-irq-process-softirqs-in-irq-keyhandlers.patch
53fcebab-xen-pass-kernel-initrd-to-qemu.patch
53ff3659-x86-consolidate-boolean-inputs-in-hvm-and-p2m.patch
53ff36ae-x86-hvm-treat-non-insn-fetch-NPF-also-as-read-violations.patch
53ff36d5-x86-mem_event-deliver-gla-fault-EPT-violation-information.patch
53ff3716-x86-ats-Disable-Address-Translation-Services-by-default.patch
53ff3899-x86-NMI-allow-processing-unknown-NMIs-with-watchdog.patch
54005472-EPT-utilize-GLA-GPA-translation-known-for-certain-faults.patch
540effe6-evtchn-check-control-block-exists-when-using-FIFO-based-events.patch
540f2624-x86-idle-add-barriers-to-CLFLUSH-workaround.patch
541825dc-VMX-don-t-leave-x2APIC-MSR-intercepts-disabled.patch
541ad385-x86-suppress-event-check-IPI-to-MWAITing-CPUs.patch
541ad3ca-x86-HVM-batch-vCPU-wakeups.patch
541ad81a-VT-d-suppress-UR-signaling-for-further-desktop-chipsets.patch
54216833-x86-shadow-fix-race-when-sampling-dirty-vram-state.patch
54216882-x86-emulate-check-cpl-for-all-privileged-instructions.patch
542168ae-x86emul-only-emulate-swint-injection-for-real-mode.patch
54228a37-x86-EFI-fix-freeing-of-uninitialized-pointer.patch
5423e61c-x86emul-fix-SYSCALL-SYSENTER-SYSEXIT-emulation.patch
5424057f-x86-HVM-fix-miscellaneous-aspects-of-x2APIC-emulation.patch
542405b4-x86-HVM-fix-ID-handling-of-x2APIC-emulation.patch
542bf997-x86-HVM-properly-bound-x2APIC-MSR-range.patch
54325cc0-x86-MSI-fix-MSI-X-case-of-freeing-IRQ.patch
54325d2f-x86-restore-reserving-of-IO-APIC-pages-in-XENMEM_machine_memory_map-output.patch
54325d95-don-t-allow-Dom0-access-to-IOMMUs-MMIO-pages.patch
54325ecc-AMD-guest_iommu-properly-disable-guest-iommu-support.patch
54325f3c-x86-paging-make-log-dirty-operations-preemptible.patch
54379e6d-x86-vlapic-don-t-silently-accept-bad-vectors.patch
CVE-2013-4540-qemu.patch qemu-support-xen-hvm-direct-kernel-boot.patch
qemu-xen-upstream-blkif-discard.patch change-vnc-passwd.patch
libxc-pass-errno-to-callers-of-xc_domain_save.patch
libxl.honor-more-top-level-vfb-options.patch
libxl.add-option-for-discard-support-to-xl-disk-conf.patch
libxl.introduce-an-option-to-disable-the-non-O_DIRECT-workaround.patch
x86-dom-print.patch x86-extra-trap-info.patch tmp_build.patch
xl-check-for-libvirt-managed-domain.patch disable-wget-check.patch
- Xend/xm is no longer supported and is not part of the upstream code. Remove
all xend/xm specific patches, configs, and scripts
xen-xmexample.patch bridge-opensuse.patch xmexample.disks xmclone.sh
init.xend xend-relocation.sh xend.service xend-relocation-server.fw
domUloader.py xmexample.domUloader xmexample.disks
bridge-vlan.patch bridge-bonding.patch bridge-record-creation.patch
network-nat-open-SuSEfirewall2-FORWARD.patch
xend-set-migration-constraints-from-cmdline.patch
xen.migrate.tools-xend_move_assert_to_exception_block.patch
xend-pvscsi-recognize-also-SCSI-CDROM-devices.patch
xend-config.patch xend-max-free-mem.patch xend-hvm-default-pae.patch
xend-vif-route-ifup.patch xend-xenapi-console-protocol.patch xend-core-dump-loc.patch
xend-xen-api-auth.patch xend-checkpoint-rename.patch xend-xm-save-check-file.patch
xend-xm-create-xflag.patch xend-domu-usb-controller.patch xend-devid-or-name.patch
xend-migration-domname-fix.patch xend-del_usb_xend_entry.patch xend-xen-domUloader.patch
xend-multi-xvdp.patch xend-check_device_status.patch xend-change_home_server.patch
xend-minimum-restart-time.patch xend-disable-internal-logrotate.patch xend-config-enable-dump-comment.patch
xend-tools-watchdog-support.patch xend-console-port-restore.patch xend-vcpu-affinity-fix.patch
xend-migration-bridge-check.patch xend-managed-pci-device.patch xend-hvm-firmware-passthrough.patch
xend-cpuinfo-model-name.patch xend-xm-reboot-fix.patch xend-domain-lock.patch
xend-domain-lock-sfex.patch xend-32on64-extra-mem.patch xend-hv_extid_compatibility.patch
xend-xenpaging.autostart.patch xend-remove-xm-deprecation-warning.patch libxen_permissive.patch
tmp-initscript-modprobe.patch init.xendomains xendomains.service
xen-watchdog.service xen-updown.sh�- bnc#901317 - L3: increase limit domUloader to 32MB
domUloader.py�- bnc#898772 - SLES 12 RC3 - XEN Host crashes when assigning non-VF
device (SR-IOV) to guest
54325cc0-x86-MSI-fix-MSI-X-case-of-freeing-IRQ.patch
- bnc#882089 - Windows 2012 R2 fails to boot up with greater than
60 vcpus
54325ecc-AMD-guest_iommu-properly-disable-guest-iommu-support.patch
- bnc#826717 - VUL-0: CVE-2013-3495: XSA-59: xen: Intel VT-d
Interrupt Remapping engines can be evaded by native NMI interrupts
541ad81a-VT-d-suppress-UR-signaling-for-further-desktop-chipsets.patch
- Upstream patches from Jan
540effe6-evtchn-check-control-block-exists-when-using-FIFO-based-events.patch (Replaces xsa107.patch)
54216833-x86-shadow-fix-race-when-sampling-dirty-vram-state.patch (Replaces xsa104.patch)
54216882-x86-emulate-check-cpl-for-all-privileged-instructions.patch (Replaces xsa105.patch)
542168ae-x86emul-only-emulate-swint-injection-for-real-mode.patch (Replaces xsa106.patch)
54228a37-x86-EFI-fix-freeing-of-uninitialized-pointer.patch
5423e61c-x86emul-fix-SYSCALL-SYSENTER-SYSEXIT-emulation.patch
5424057f-x86-HVM-fix-miscellaneous-aspects-of-x2APIC-emulation.patch
542405b4-x86-HVM-fix-ID-handling-of-x2APIC-emulation.patch
542bf997-x86-HVM-properly-bound-x2APIC-MSR-range.patch (Replaces xsa108.patch)
54325d2f-x86-restore-reserving-of-IO-APIC-pages-in-XENMEM_machine_memory_map-output.patch
54325d95-don-t-allow-Dom0-access-to-IOMMUs-MMIO-pages.patch
54325f3c-x86-paging-make-log-dirty-operations-preemptible.patch (Replaces xsa97.patch)
54379e6d-x86-vlapic-don-t-silently-accept-bad-vectors.patch�/bin/sh�ibs-centriq-5 1651966354��������������������������������������������������������������������������������������������������� ���
�����������
�������������������������������������4.16.0_08-150400.2.12�4.16.0_08-150400.2.12����������������������������������������������������������������xen�xen-4�xen-4.16�xen-4.16.0_08-150400.2�xen-4.16.0_08-150400.2.config�xen-syms-4.16.0_08-150400.2�xen-syms-4.16.0_08-150400.2.map�efi�xen.efi�efi�aarch64�xen-4.16.0_08-150400.2.efi�xen-4.16.efi�xen-4.efi�xen.efi�/boot/�/usr/lib64/�/usr/lib64/efi/�/usr/share/�/usr/share/efi/�/usr/share/efi/aarch64/�-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -g�obs://build.suse.de/SUSE:SLE-15-SP4:GA/standard/b68872d9d60844477afd84a8c2594a42-xen�cpio�xz�5�aarch64-suse-linux��������������������������������������������������������������ASCII text�ELF 64-bit LSB executable, ARM aarch64, version 1 (SYSV), statically linked, BuildID[sha1]=5ecd9d76e9f1ba3269634bfc796f11b459805599, not stripped�directory�8 8ZgD��@�����utf-8�770c0e6dbb77b8b2f2bc62050a9e56b3fe2cddc41f4bfcda8b42f32715270c57���������?����0����7zXZ��
���!�����t/��]��
�cr�$x�#�F�N8FoÜ=(E+.)56Q4n�s\+'�Bg~s�,�钅`E[idu0irD�8bPER@20;懢B�"ҋd�'Ϊ~y*w 0�s�Sс>p�CXpѰG�.;��x%e'���Tz7Ɖ͔h_u ,
lehh�eE(r�GP��3J7t;q'��ɜ��o1Z�tDN#BVH_U"=�[h�+��Hcg.poX${u��s%�^W%X�,Cb^EL{+:fnf\'�qjKXK[�K�Yx%@ϼ=v}OQ�w�A�OR~@�Zjkς7K!y錈lr;�}x��iN9�?^�<_"�93����fU$�Mu����6�
(Uu+exTNDmH/jcQ�X�lc%{:( �[ A0MХQ
Υ;^��Ҋoh�QM�y@۰ߜFн߽��"��d/q4݁���d��
c_7my�M��Pvxg�\)Ҿ xPU|+uaȃN6�e�(�\�?(`c�DʴTyJu]�LϚ*W?EVoH��/Rw�狋E1{,2k_N!wcb��Rk
O~]TJyeAI-*2C,g ҙ�IWB�~u q��b�HN9F�T@Ha|`e#3(ぐu-�?�?;u 80:\кCjr�s�tOozC��1�sT#VӫFD�tS�:t}
|?l'X��u
�9�0l3 �w8
��&"j�1aׯ{؞}&ݢ!`NЃ�ZEO%�?��#6tFxQys*3>j'6\n#z7�T7vwҡg'��
sC���}�h�T2<�V��mīcl'-1ˣ�tC�qM}ʮ3
m@�^ �4N 3��^,�4TemuadV@�?`%S_*_ꄻ�uWQuv�N̬-;g
1({VzcP%��0=T�o�F |5{/6N#9���hI�z�l~E+7,!J
.Gs%֩S~pv%]}(A�fn�2tX>�R��m䁒`eu+xI;+>jM�Vm
�\�OySט(<8?G�pT���WSa��vVߗwH|�o%t+;)>_կ$zC3LVK�QPZȝ7z#ՊVߔ(�f$�)/$r]b*~#]k�M�`r%�WFzud[�R#2�~]n/I�?x#��}?Zfw�-F*0�~�4Ntsp��EB�f�J�2Q3yX�i,�ZgejnSjr
�Z*귛ZL%'*ÂȬ=AR_O]#�=?3�9/B',<'8ÇU˱S
NapxkD�o0YwX\O0f86Ժy�$1'zg&�jM֪Ovtrm/�s3;+pN5[mA��86� �hBI�S�Y32 ^?E4\�w�z,
JY0Al?>�8�9=ZZf�
�f<>�V5M�'wko>�YBmb7~?wW�h�SWʇL>X4��-Q�\`+D�ď>B����_�~D�B�-kGÍ[w%�TaՒ�h)�b{\D��gZ�b٥ҡ|��I��jL~��+j��0)W>!���N;H]}FK�u��W�#;E_/^��bݺ$>)�u1&Qj�T
z�њ��yߧCr'�v w�TF�]?gIp>ę2�g:t©`xf�>ru� 8e)V|L!�?e`bdYE�n܅^$K^�}l)�*<́<&R���
UgSFRP6$AD>}�
Si
z{
ڻL&VZ$ ]ŅaKMzF��)r,X)�QՁ^Q.�x�̠id�w3�ӆ��3-)P��+6Vz)0ѕ�]F<��n$KN&\ R2'�
U#�GJ�#~m�H*�U}
zg��ǶM ȑ�JB&%�4JI�աnb5xf�A|�i-�]a��zjx��m0v�`[�yle�;P�I���BFFC�xF1W2�mE-.Zף#�eRh��C�� �Q0Sw�pֆ9hn\ae-Ϻ�r;,��_R�ߞh�lP`
Y1,n]S�O�l7;ӠB5Ab` 5jmi粀S2ǃy._j(juYsqkR�_l
�aU<���0$(e~{J[TZ[8}@z�tk0 �d�ggD'��}1Ŋ�)R#d\!"�Ngj&:mzжի8XWN9�%KHrk
#dNqqF�a��qc܈o�j~`Ub��D8yuW߄mŶ�.%Q.@+ljI+K~}�R�P�L籺��#�Yri+
h|tfe[yի��¢F�6�/qL$�mCav�\O^�6:��B/�y0wke�MHZٌ@h-|bΚ�ʝrcd9@%rksA4Ԙ���9X�4{TO{Xƃ|\dъ�� 8bPa�6bCg�8&ztib�Q�p<2glNh�>�T`�SyhIJ1\F1`eB�4̐z;�R�"WB�wO�A�cZrZ\tLqd�xPd�;{��6%"')F}�B�0#�eiH!�ҧM^@3%n5ܽ�!8iW"�H�"��cd]J@�r ��W'Q=P'd:�byht5��M�s� ��i�Qk���ҟ58Sv>>\%#y#72]K��U9?��Fz$�Ⳏ5�ftĺ?p�|I?n��
o]됿(�JpulǬS6NoM��)'ο,Q��=V�ŭQ01f5�1qv3! *5˷dƻ":p�o�qYe~fY*)x�94"d$ë�+8�ˍ!4+1;~l�B�007aqH�XW'cw8SgK0!nn*#ec7rg}F�@Π�t��%Z3.y:^ͷ3d�>B�X�A�Zae�4cE@P�(o4љD̸5ز%E;���'U
{ҧ>乜}brm\~kZ1sT5���,/P�!fﶄ�z\ΑP[sAG�F}R}7~0]{�~���#K�K4d
c)A;GiGbc&c�:g
�RG71@NhMjHF_ė6\nMqUiM�D=0 &�:!
�H�إz7ˌRP@Emz(זmE֦KVVw~]Z�Nz,q��+�qB)T;%PR\q(�e+m|M:�Z|8P�KBb�am�6jGi$�kOQon`A�ω�V_$�Tc��tᯌZVezϞu8-y99�uIb
]�.|�Q3yi�nLAaY�dM<�3(��U���Ők!ò#(^!�cxD[�kOוQ�RtY{byr_⊘^Нb25*7K H/u�y?=ag3:>)!$�}Y���b��aDI��5m.A�D�Ϛ{1�xRvc*�|Z_9!g�"pgZ6}z�!V�U �n
.݀BvS�SH`�A8cj
-W@ :!FUEj�wC�';PXoj1`nYd!u�Q0�#[O�˶��1U
DHæv��ց�Q6��VQ5+B
]B.Dє@��$Ik-udI;?̿dy"M�`��<4
;"�N�zn�uCik�\)Z]�HXv3��> f��N^c5A2T"~۰�
�s�_g`J0�c@6a"�� IY�
=*Je!@}C'VK�h��6r[ HPtDxQLvl{U�XDkW Q0�
edyWtwc=4�W̆@#͆5֣fq*�h$ӡ�e'zIe|D[���D3�d6,EJ��ͬrF8cم}ܦG;hJ
O�QG.ٍV�{3�hi>_�ͭE�H�(,llj��[E�pR?Lonq&��vFZ*�ȽD7 _�)V�'�Zpl�L�IN+��G���}9O!]sW"|AЁ$bnWdONiH Z-��RS�w�+3�.���2� N�$�f�:��9Sp��H�ЩU�Yf�:Jkc,һH,7�g*L;C�rŔb@(
mifeO�\�1F~:̼�9qYʼn�'6(@�i˿*t]7E� ~Ghߓ~�D%\yQ}gКpA��{~Ӗcsh�L:���+mAɝ�sQk
̕7T �uU)uaz�;bJaqݑ�>>sZYAlL#ٜ@�(߷�$�{t�9nm�T�B$3ϽqΝs(+T�IյSQ�V��\7Q76$Q��;<#�g�aSx*��E\6F�uaH�F|u`3�+Eu��P1Bs�Q#lb4�Ncm]kߡ7iP�A_h:x@]i�*V[!*-�7��ŤY*jƦ�`~h*�[�u'[a_QM5�u�u��ܮs�L}Q%��QQ�^*hk��Isץ<�ҹͤ.Hm)HcvwEOO1S{R �z�K�4�d��K�]dEeqi�rP3Y(I\Xk~՚PX^0�;$8ޗ�ӌ.(�)+�cDUbPA�\hiP��xo�n@j���&|ĀL��?q�)�IX�:|�γq; J���yn�w<@Z�|)"�_�+�Th4N9qzea/�8w��i
$piXg?ۿ7�R>���IC7k:dž&/oЭ2G�(*}x+L{jNg}�� �6jt�Ϳ:�a
~;�M8��S�s^
��2`Zk�+RI�%h�w%k�_L��xeZ��ѷi2���"��l�%f�f2iF=='�$Emæ�-7vc�u%@:t-[6gg4*&���'�YFR�ԍ;h'
>%W3{$�7Y\P�N.|I�V0��t՜0rDibdiW}ͬ)@��$ͰuRɈW֡,sg\=iQxPYۃKKBNj gn|RCB|j�>0.u�gO*�Qc+Gr@j?uBjVß0GEc8a�Kp3�]j�Z7]1%8w��r!j8y�yI�Z9hҡo�*�WQOa?85Ahe�P.��W$_R1e/քgKY/$B�ؽ��
mEW���2k�i/(H��3='4E~�bRV �}�Z�uV�Oek�_�J&J9M�V �uo�!5
J/_7�y^WG\+��-*R=iBf�?nNj D,H��>E�P7R��(~?>e���3�^
ݡu��8t+q/�\6%ΐAZ�)QpP31waK?�q8)d�&
vlGXW+y78*Z��6f
<ʴ|�N�|]b�dRb[(�e{J26݃FY"ׅB"2�j(nR^D�� tY�� șњ�̣-ͲlZon,2�!�B0%>�~Wbur�|�u�G�H?RA6?�`X�Q0⸪[b7�[�
CLc�o{�nŋ刔t{[۬E��n vcHQp��J�Uu�r*� qzȹ�B@5\�l�<
a�%ȃ �ޛh�;;�͖-V�3Qp+#$A}fX0\sg�+5e$@F"Ju^v)ћ^]f�:�^z��$NyWΓ6?0YgUF� K�qxi�8-vVt#2dˎ;jYTe�\#�lPMM�;��Y�IP�ώ5o��\rH$=�"]R� YZ�!:�Oɐ:�Pd�#�{m]ky)ne�E����I=��BViPqdI�:�R�R'7RE�)AVc~WkRUƗz�~-Yt=A'3w��<�rw�^�6/ʁP !]�^_4g��0 �rMvq\%z�u�
U�J7\kw#�tvK?1͡;Fcdغ��xd�C�Q�R�s�\ԡ
wYm$_j=�L2I?0էU2q-t�܈9 :Txڇ{ٶNgH����Ȕ|ё5^�hF�Det{�ῒB/}�Kz�.��VF ���bJ.rq`ʂn�\ȳqk�]5� {z 1q;6��pꈈ+Ǖ�_�spжA�(m?Lnj�)2l1YFF'Y{XP?�%�UCy�Bb14⑊_V�'|/7G.Iv��*$M8�3Jw+\bB9|(7/.�N&R)ߠz6P�~<ݏ[YwE(`[R~O��H#A%��cHy;:$�T��vkg,\f}b)4�V?ߖ]m [���m�x֗0$?DUH5n[D%1&�Ԙ~בPJƨ�k;~�Ox���*�P�>~�BpR\6R��?�3ĽE��*ص�&kE\|H|V��4@~�1z�"C=CԳ8�M�w�ߪMi�2�=��^�FcBxlՖ rjiAmzPv=z!TZ�y�ݩ¹4"d���wѮQ[�?oY�!P�[ g(9Cp`0"%^�]���jv�/q�Swܪur*m�-dde�&�0č&��FTJ�r6Dm�c:
1VQ �-$]��'����:ݝ�]�cwGs�n6/x#-.`��Ƈ&S44�)V;�И
0r�F.E]($حx[ȑL0; �N+^A_l9[AZ=�T�
>Sb*/%k#[�2Y��XY��ns�: fMâ.�U�*3�q&6k�B$LXif�p�����Rzώ*f?bP�[�{��/C3�3Sص�P�6M�V �aVZ�s^`2�={ hҚ�,?]D�54}kxS� ^B~Y�bcٽ�lUg=cc�
<�YC,vAiGe�8,8M_;�qt_Ϡ��tמ@�h�cN�^qC2J�%۹L(X�@d�$��Y3����θ)'�P�X.�
EtM�c���b�?-G`d&OܐV2u٫LT�f��=LPMþ}*�ėBJjfyDťcϏF&Zn{��eZSdHU4y�gHi�I$҄�3�)Q8ed+:�9cF�
A�SuhϾ
ԏ>m�fn|{q�tЖ[��'5>_Ҝ<ŗ3Z7R*i>;fOk%o0�.[l�.��?X`DX'ȕ
����=趟du�^|u~�;4L#�7M�Q_Xil7V8�0Z"]1!mUqֶg�������>.*NBBvb �Q�\J
.R�_*Bçl`Ƶ|$e�D�$��?Xg]�y�O
-H�k%r-5.1 8B^� Ǔ�4Js"KlNF!f��Տx�Z
$tD_~9A3W~(`})3|FL<��]�C�}�agQkx�`FDyvQDO1(��^GN(:�5+p�%k:�o�MO] �i�Qȑ2o1�z�ELջ7F$��A"��nLkE*�OE$z.|[ �]�_9�a
DZ'NS)�.�&x^k=<�Ȏ3Aj~��4h��:,`}?
b�e�k�H�K"aH+*YG�␐�R,$@�HKW㐞"@b
xxU�)7M�휃S%|䢳V,o,K �د�RnQ۽G!eE�mۅc|�Oi8b|?K�m붨Oΐ) wQ7��)�$�g�AWY4v;y?xLY�tP,we��rW�
s�.#�}h
;yv1!{7�#��,,'`RIT()_:#�c�{/ρ�EP��n��&VHvCA68a�miJd|Ms1�<�!`nv\EX�z֖ԷFDItNt=�Wto>>�u:2ڡe�y�]BI:8E�oS}�z@ ^;/�kTJ;BN��'�2H
�LX��iYEmd��= �t(^m@֠)B�Ѭ
1�4�I
%YL>£+��T�03\:�{�Fo !r�1I�Jl]j\�,hV}*���2JG+_eJ_vH"Dn�7#\ &\err:\��iD'9xiRP�g%]Mi9&Y[GG�Kl/w>p!>8u`ŁH��� >mo
e#0u°@f7o7!Ȣ��� ,eNl$�^AIq4�q66��cKsv�1g�^q{?� vUɕW5�gqeH�A�9f�RX-|<��SXq/|�zJ<���+v,)+rwy�krL
JG�-74%Rs/�kz�/sX�L�,$6.%���X�"IIJn�lekn` ENA�T+��vo)i�>p"q/F
��)E=qPx}v;~~0��n*[�G*;wV܋>;QYlN�e~2 -��|H1vUM^D(p
iqaq9!dP%hq�Z=YaIL���vHuL{h�:SIi�zg����m�A3�=�gon�Ԋ"ʹpf�gNE-�??����O�D}V3w"ȴyPe�f"S�Dh�(K)t t�0uK3u8 5�zN�˧�j���Z6�0"Za2an�ؐ�S��,jϕ|Zb[%_LVp�SoR7��ȈHV+�^O����M�Y*[HNW�hRb�O�u�~[D�FZqBp��"5*��J)�5o^|yډx�uSБ��1HLo6�YTJNKw46թLG?I"t>HG"xҞj ݁8�燵5^�:K0ڨoɥlQ@GW+%�\wW3^�����8�"; p;,���M{Z=;M*���!ewCi)Fbp#o?ZCn��s
�N.�3hd��H�Biz�j�S8�f?ּ^"o�"߈d#R�X(�ђp�ԭ;�Q绘fR�V{@0H�;c�@^}S3˗M-WӟRQ�vd&z(KZ}e2E�;��N(�;PZ��5�s�;!<Ń�##t �G�-��OhrsAhw"nhoKkǤ�f\�V!n_�&\2H=?l�^F@�m� |� +W�+�`/IBz/�y/ꍢh�~ $ӆc)hq8�+ځģ
/~7O>R+HAB,��O�,iX�>4�7rr<�)6--Hp')��ڌ�pLi.2`pM:aȁ*zQE�'ȅ`�VQ^wbq~
d1�0?E8�z`$݀/��ɍ7}٪�6�hFδMZMx�z0[_Txxwְ��}�6ն�en
i���:#��V"mO?K��pSji��h@(}Q��4P.ɭr
;\gQӍ�JZ
�
0�hSÊ9�I-�_�l�b��0�)�|q��+)갭d0Ʌ/T~.|���[3�4T3@zO;�,j!D$�4�V/]vyeV9in[гNM%e��ޘ�WQ }?�5&vӔjN-xZ�e@LFTp١:�.Rub5�����n��otBsMqpˠVOim�{ЗH*�O�O\�wT;/:֖X�^�VSm3`|kkQo;fkJ;$��`9~{
aQv�l,0�w�, Z�4<ɮ#
5`Y�Y�@~vITSgDo�@���8;�å�+C-
Ke�+
!Wqo\6@N1�>r�"3�F
>,wvFEުAYyGi8ʜկ�`
���Y(�4]��93I]F|7;��=)�v�^y�iZNY�n:G��z��F�i�ٔ�w?�U``Ʒ�/�M͒5>T[�
o GQBIPg�Cis]�RЙ桁�Ӟ9y�����Q�Sҿ*jvc�%eq{FE�6Z`��a$T�,��~+�T8_�&v��)zʽM�-ezf25aYTg�T�J�N��0()�gK_/ۊݼB��}Q�9%ɅU2�R�̓*.J+?��ab�:6k5מ�/*h�9A~m�h%{6Q9؈�9�
0zQѻvI~blvHg̚M��xyݣ|9F8 >uXTl�V`G=�.�#' K �0S?Z��OfF_�Wv��<˥�?r:��Wr2&:m:. �gAzn9)���[`ok-:0�y��K]bX5�`��T�i]�-P}t̕�zAS�U8
s66*`%�p�*��ɼƞ߾#d3IGng�%i[�n"j{��y3ŧ]��o4I�L0L=3ZSE-���5�a�`p䱲#^%zDb/XIQbg�EpxipiHfo%&"G��
`ʼn�q뇎$%KN>� %�*L+^�Qew-XZ8$f�V�U�&�:oa$sYa�C[F.<Ƹ@|�T�AC)?Ss6/?�0J[J;rNέln# cq`�]]fbBV^␇O�\�5�3JGQ,W|TFa�ǯU/-�%��e�nj�"�b֜~˲6%d/.΅-틟h]Z@͒BВ;+j�jܧŨ��TZ��f9�brS1pw}�R#lOe��\͟q\�(O�j|dPV;7}#5ƿ�@_dëÕ#9OȠ/�19ɮS_��ְ|J��"_�6�>]ֆk"%9F�p~]nE}[_Ed�#퉿i�0o@رuSaTxJ��Q]G^/���`c�>�ȟ$S��V*+N #:r�
�/ �Ni�|y�'mMeO�YA�/Wh�_1�E$(
8]��}G
ΌLbB[()yM`�#T"|]�IU!Tv�wHA6�[4�xjI]>#5�QAܜ,HRǃ�|^,N �%o6<߀29+O6UOoB)Svi5q0qnk�rsq��"m�AŰ8�}0�sY[e)6� B;s^>
Dl$zBK�.K�~wsg曦̮^�Xێ�w(iM5IϘV#��r��hp<8�:�)�1�ᆟ"��2/nXWd�)a09�ܳCW&LJ�j6�c�%�MN��a�#{�aKMGȱ=)TQN � ͕ ݐ8nwzGQjo2)�U�'ӻQf%A_�xfҠ41)@ *
}�5%iX}E�F,ۤ>��Y�
Ψ-q֞�eu�#?Jw!+p\�uhJIc$o?"cWQa!1q+J�f9R�kKWP$vFX�:7 ZfA;17GƵ0�f߶T�zs_&逝xV-=rNd>1�zJJ�ܛ�* ��!zB˔�,5,��%ʍ3b�rr� \mԋ*L�hED�y`_r2̂auP�6ZU|H'�/�-sT۔j
̺MFDޛ�ܩ�7
eD;_%3�Xˮs�0\�dQ{"��pX;뱃U@~LiH MP0WoM}���IG�p1eU;e�`!Vg>Ek�!��X���1�m�A�egkȥ�2DPrR'X7),grlqz�o �f"RpѤ\/K0Լ$
��yH�FW�Nr|2:{�~�s�y�̟Pnf�47z!*2`uV6�o|XtNl/��tA��]aØ�tX,pQ$~w ӝ p8~x�p�e atXͷW{:�Y(��Ŝ�*Ur�� ՞Rʫ]\B>usD� �eY<ѳX�)n#g>Vi*R.g�jAk�!j[�&~�_}ҙ'�@gط���][~$>AA)s�V. �/+��T�[뀅+a.@ʽ"Ô22��U2?�|fsR[�
hB0eq)�8)�%H3B
�sPB5,�XmhzRReةvdHXR9霚�c:R� =WvCiO2Ybc8r5Y!|?T8O!]�L�\��/.�w̩y�|�
i
H�+£-GT,�?w�Ӄi+Pp�fZ
'el,Ì[͖zƸ�TRX!f:g^+^i9J
�m
UA5eЋad�E(n�&]|Ww&'ieskCm�oUwN�}n3(��0ԯT_��~zؖy�&c;�L0rA6%laHwm0
�`t7�)x"D�8 )kǠkB^hçD�qxSۧ8�l#8%y�$��b�,[k\h<}y�nL xb (�QMT3%R�5[t*&ćF$�%*�%B/Y{e�UTd
�RH4 j&�?g�g`c�,.k�ݠbwd��JA
s��@��f7�@�nI+cSlv�f\��̊�{.S�c�s1I坥y�Dqk_M{"!L^u1gTU$ES6�q�:`\c2(�N 9zM?!j��ͷ/�.Mv7sSSʹKO�q�{C$t݁�n]͑ Xl_
ГBPrn�EOᯛ.f�YϮjЎ�r���7KfWؽ/�S;Ν̒w�>_ 6BH֫UTR<=P8 1$Bj-YLkI4lC$l' ,se�>]�́>H5vي2fX.Apy)-d ώs\
�LrTOS
\���枏��//G]��%}q�N\�
c@D�[�n::eBs��j躣�"=VLYݗnԲz.
Q�雈:SL!r&ͨbhQc�ǻ.�#T��zfi#3mL9ˠ)~:t4hO
[Sn}TݒA
f՛P§5[hdb3E�41�{�s�;{>��[^hTǃ]�$�!"Kwǘ%^34���)j۳`~�\ֽ��W5fu"oElYH�j\~+JiR��H87G.�-јx'W�WUAZ>5\�WՀ�C(^�)��b� (.1ϙnæ|U;_qq6D+�@JnQ۵Ӱ%�0 _طh~~F#φKt��+L�6](֦ (�Zt=`U�}@Jc;r'[@�{|G!m -\�.ZEk+NA#c}8Y^�-MNpnb��wYqJ]zOw0<ټ�9BRl�pU l[�?>5�z]Ȳi%�"@"�q:q쐧3֭SR`Ѧ��[�x
NUlJ73'&x��
�o��t(�a�T��ԅ#] �C8
h@�x'gRӾk:�7�g*4X��pe�0�P٫
R�&F���~5|I�ji�ˀ�c�KieZN<+,��C�'?�lm@ȫMK1y)a-KÐn{�\�x(Fĕ j|L&�+�76$=�;jBm�t?1v;�ye�M�Xa>Uwcvy]0BDԏYr��*_eXzD~$.U�ug�iM�'6Ʊ �bSy99
z3
�,�ϭR~ז�#eRJgugi aR��F���wW@>x�@1D6E.qfh�oϲb7'K�,/>pg)ƒ
\J�j=\Ǵvy'(6fTiJM@�+�8x>I;�۟��~("&6|Gl�[$�[�F�\��:K�j!�;p?�sY���#QUT ?P%�8ݰ�&6.)6}Z�Ra뇐
OG�!]��>F�S��Ƨ誅�:�w�
�sN矮Z�$G�aW@�T
iJE5�pR�sD|=�-KP�|�d�(5�^"1}
0Nw�v S_]�N6ƲrOn0�v"4�K$,�}��S_Qwyy��#����o gFXo2ܚu���8[36W�Lme��$N"Z1œ�$IV}Q_CIv��g�VkS^O�
ß�IT"}֔�vWwh�!Sm�KPD/*P\�[h
"��,4PH}y]UxI�Ed(4-?-�ByORZ��ȃlµ�:Y�?:Vv$mMf46r�s4+tK>\L_(>6mgtX[\�Ӂ&u��ϗ#�홃��1y6W�x!V�S�����=?N^,-��x4aC�ʧ0[zQQ櫨�
�UU�?��z��oFʆ|r�=Y+詍_C<ę3g*�{(6R`7����>WHNɷ2ғ@"�h !(3g1:m$C��vB;�N#�#1okq.9]{�gU 0�ճM�m�o}g�W3l'��qB50c�Mnʊ#_�\��k,cN,7dUME\"1YdU=�F�CPFb|E��`)8լ4
�Oe�/�4*~)q
�r!�?�(>VdZ�tӚ1DU4Ӟ�o
Ӛ�JtJ9~�{o}:ED�jx;n�V�s>0rk�cV'�煤hܞ
1 �l vƉg3k�O
A_2CvI)>p%��Z"Y T�0}QZ>ʢ1mP�[/gqj�] =;64�OqbUS~�R�~)W;�~쌡jLI�`J�!\�{4]ߥh3*-�u5C�2���SoH%az6чqi�T�;+;�A6?BѿTwՙ..Fj{
$`
3��;�lcۻ28�}q�mPbbIBĕ��T)��9���$ڸbD9±?�]U^�cDa�8)cwKwd��ּ^`*A���bFyo8RAW&TRƫiͥC/X�/@2KI5wr+�je锝��#�@#�%(�G�q�UQf@<�;w�Veqt�^睫 `!䛸NE6~{bKJ�ʭ�lդ]!mh�U��*�uI];zl�s\��U�tB"���-�#^�畂`�LxC�{6~)D
�p�+N+�eyv��o+@{C�Y%0ʺ(L4-S>2rC���kLŅo.|dFKq:l?iD i-ȼ;FС��Kɞ6�]��nz^C�L,�Dxxvi,ʛha�-Mˎ�GW G9�vf�;$kH'1ڬ+oM�8�(-`���5�xfphSjS)K �"Rl�e�nKVL�+Q'ӲT,lpyC1'�����
I-p,dAl��@TbiJmI&]Wh�N/k�u5*oM|��gs~�1(#�%he&;R�LzMalO|D)��P`�=_;Fウ�;k-,Y�h�{0�
l�ÄC@[�V_�\eIM6`��xH�D�A��;�mUڨsI뷘 nuL�!F?tt|낲JsϪ@,)0lzUP]}5؛5yf�];BP1
ƹx
aeS�o�eqD�
u`�qo3zci4�sgTT�;G;xH��h�U�6�1G4RȪE�Sؒ�/`eriaԊzi>�EcF�7am0z_��0�G#pL�ZEʕ'#R�O."5t*9zթ�8u?�8C�n9B{[\Gi.*ۓDfE$wѶĞt#�5z}G�mMiJ� ڄ6�l2!�my���UmɦJ��[u\3:jU�6F�@]\�!R�\��;eH�qy�4`M#M:t~��ɒC=@�6RIiG`}aL]'�FP`^�0 ����gw�i�}2)Օ7`'[d$\
B�?-v`~�<
�ɗ kJ�h��;kՋj8=Yf0x^O9&
#qjxY.��х�g*E�r{&�;�.?g'ݕ4#�ҟ�&Q�kd,,n.�b`
,i zNm(gF-�pJP$atXu�.�qoK3O>5Hou/[�U�QB.^R�
rXp/�cYm)a_fb�x`@�0/���7YeIG
z�ŕ'�\&Z=�`�La\?fV�>"2��x&5pbLϟG-bve߸�R=h�m?S>D++a@J-KI���T}v\tP�Tz>2Dbe0S
�� �g>ŔgSAP�� q1:rp�
�ש�dvDyE쏻�7�6YclihY#�*:^��7:~�ud<�Ϳn�-)d�
M@n
gpBAAʵ�hd�fP@/'cntiG3M�c~jp[ԃ�0��'�1P�E~&"'{zڼ'������Ajl&Bd.k��� u�:;+$G`f�1�'1,zih���{Ω.�_)ݹ��$�v�WNzbV�R{sD}H(d@��|�G
�l60p=?M� 祧~��!aN5}Dž]
�\Dr;-��{e1P`
EwҶ@u�7"[��8+�69ф3COjn�I��Л��TR��xE5tR����gd7�NB0
�0iOo%=S�Cp
��J6a�x6@?vzK<�y%)
[3:v7^�&�Z"u!K�&+p.iI�8f;}�?cHÁْ�O3|W�a�B¹ۅO`�uonջ[�m��)�%_jM`;Ulm�#^wid8:#5'M0b哅JtB&2`U0�H~k}i(V˔,MtgaGKg,q"zX微JM+?͗�~QmD]i+;D �?Uc\T|�\bɡݐ�Ԃqz�'F"KY*7p`��E1gkd�^˾�K.�^җ-SV8R1qI-�4`4�S
bRM'AX߄� 4[K?]^mDHʶ<$^V{0c0U&
�`8Fm<_sV̅_��t,S�C]gcd|�](UGiqq-�v~G
d٩QQ'/Mir`<�g!݊TK�m{|꘎�2,�K
?"�wy�;$/`��]^Y�'I�~#�Y%[�"�~�qa� p܅rY(�tk�x�*o0g[#Sqg�"}5`uV^.#F Z�OS|�b,xjē�ɫY���sE}~�Mc-8�Q2ֺa=KP)�ؕz �Ib�IY,a6v_31,"�-B�9wj90߳Q�pG8�b�Yhi,�� f��{|
jn�[��NJ$��%au)�.~,j�J@;'Nc-gB\֯KS
�E�q%gCMQ�Q�1B�ۃ@-Q�+^4ٛX�F5Ԯb&Q]K{+m#OI� �3yF7I7;K�R�5PfM>h)`��7a�Hkn��k6R�� -�]%��e(�o؞��1Y<��m�R�n+{a�»�)4W'qM>TB�sdJc���1o?V.҈ޖF�P@�z�q/-
�0��'o�Nɗ+@,[:7]��YLebr6uz5-C�MMd2J(�L��ս�鴮߁F4v*s��5J�1O۰M�sKh@"%Ɨ4.NHEy`�s財o��d(l�>$�Spl߾�@=;P�VpBW�t�{Oȑ{#3\mR�ZA{A6qgU!`hU1`w$;5أ�I_g =�"^γ���'Rl^�X�lExj%=qXU8,3vr.![v�<8~Y;\��^v@1颵FP<$�߹�ȡ8XO�j8�ԽTB�`v #dKHݯںz{|��S zwų�WA3�k I_Ճsy��DfF86 +%y_̬c�VYﱅL%Xr�և�bs.�B
�r��u�DF���D4Eퟩu.2+ng��.?*Ҧ��G��U.#
�aߪ
P�y"}PĹ%p.up3
,^%��۶ҩEE'�_w{O$Z�s��lYgRgsK6�1���I}iAk�tMVA�%]ػ�@J+<��±_nȠ㌳';�a`(ijFBV'=v/mi�7Lȍ��:�cNPo��wW܅a��Y�ªw7_!hB�r�aEf�Fs�'45-Q;:�ݣ!+Z���xS ��5̿6Z�^{�b{3I.�3��Tq�;7$W6�,�¨eM}T{,+YKt~�Kh25C��~>bMciPEn�o��UZ@�V=�xLP"x��r���4M9�aX>o;�es���%GbyvΡk�Wp�k
t*EO_ݫ]B�hI&C �>>a�`X#J\mFb!���L�`++m�GtxA@8���n4k_ϸ[l�'+����${�'\EkQ\$9_/e!RGcw`Xz<)0Ю3w%{BnYbAN-�!<�z(Y;oב�r�M'%U�<2(x�8W/\��f��P`2'��?aBE>RfDwS_B�8�x�OJ R%4�t�N-;50Ad)c?R�7d�}|zIG$1?�e��=쓤 鮶r�-l�?2hzK)ێE2:و��a+�;AN��wb�CoJ�%rIn/Ԇ�}pxR?(�4(�d�.�82p5W!'P@z'
:]&N8lS*HSCE[4�!kv�T��!C�D&�cS��ߺ}:0U{]2QB,5J;=,b�b
ĕ0[�D�ʡn0PұD\� Tp�C,�"͌[$�Gy7
Ҧy27ZSڣ=w^9L�%c�k
TxD n��̆���v�o
[՜|kj�{.zFÌnO\ZN�ǰ�Kvl��a/�.��Q�SL�qG�tixGYUa�t�LT?�,1FK�K>^�
D�en0%Ȳ
4*��Z#?KQ�
r�ry(-"��nű\TּhJھ�ĺ}}Z�XUs�"F3!GPW1vrg�Ɨ%�.eˣ�V|sgL#N5L�Z}�Ӥ$
ATJ8�ɵF�|'da3��
�++J4k朠E%*1~h]�x5%h�'@�S2҃�n�ZF#ڂ��u녫&!>zi�/p9^U]�Ij�L�78MvCfY�.呃�2Kg46x�WQo���8�Tla$NY+q|P'[5X�Ąl�FyUܐۊ5�;�)>D>0yH�%fS%9\ J*?z,B�WfD"\�WaOfc-$n#+mN&JE!EU<�ZP�F4nt@�4k�[ˠݹ|�uG(~EF�HsP{lb/g._rPl�Doo*�T�)I$@9�b��wo�B��fp NCn{#!y~*|PYHj5ݜG��8#b�)%b_�}yPpXS�-Im{P�/=Gv�kswOhe�[rE�ⷘ0E�"okju&ΎK'Y_�i�
g��tُ5�K0Xh;7B!�/I*nL�B2bkVDQt�k�dcQ�]Z��� Y�;:o1"�BrxYzT�lɔڮXT!��`n'�j�=H%�)_2}$ݚ~�F+%ϯh)��θh�*# Ma!{.Q}L�1S�
46-{^I
�ΝEֵb>h�e�b-�q�bXk91<
0ky\4Ӣ4,c�U�W3A>���Xh1�]wtIގ��tA< {̓ �M
I��n1�{]�.-"Ur
A5%p~VhZph�X�1n�Ff"R�FsVبW/�1W��QMQ/z(=`p[-)s|I60�|N2_�&bޯ+�Ϲe�ÏA
"6S@�Q:ߑ{2Q]-*($M
_�W?ݩ9�RYȽU|j{0�Qۘ&X{,`Y,tI
�$67!]�loS`+<��xNTHӱ>W#Y �Hނ�dt)� C
Y)��jqg,�u5�rס�Iw��DJ�eX�휟�,HMHw-i&
i�cF܍k;ޓ~On#dV!E�N���,�445
m8Y�.��p���S�u4yb*"�D%TRa
j.yЕV*<�w�<0�ȅ|Ul0�V>jP/p_F!IkϷՐ$LjXCJ3y�B,dm�;[�ԓ�J[
yP~!qpI\dJO=��i ܢ}~1�ȝқQ2�w��{
�0D�b떺ƚ�ܑ$$aoF�lNIBȸ �051-m^Px��\Jj+Kd-u^@�66�DP_�Ґ��`�ee*셖G�5$�GҹJ>��嫖Ȏj]Қ4,B@O;{[@a�#IW����BȺ��
��G?rYh�U��B�u/ɓw+XHwt#HJ�Ur[>�+LêX�:OP~5��]9��t�(^�F5;jP!rӷF��nɫ+&B�@aV�-f�i�T�˧�Et3�VC9�}�^㱗64Ρ {L4Lt�sU|F}e(x̑*ƹ
n�r)OJ3tz��}�SoR�2З���1�x�l�]9o1�dg_+�٪g.N�T0`~Oт3zf/�'Q�X}`�m2H?~&X!fjΕM5C��_ yX��z�O�K^�~`;��Ɏ'5P1<��A�#/�Էm�=laZVu�IGM�9$I�"%A6h"Qt>�٤/��=dk��" '���@?SB{a.��Lo^:�*P7W�hG�
1k<{��חDN��Ud%2
L� 95.z�v(hMtA�Oɼ�f&Rk){N�$dJ�ZvY��jϠK픒��P��yE3���.aQV-� =(�R;J%�p,眞EFzKo-@3ڵE<��9tM)-mXf½t9 Ω±W��c��JEu�%Um5�R[}�WĤ<Ĕj�,GEp$QM�r5J
ҳ2S�&; MnMו̑r}5]V6O>f@)ҥ$?j,'>HC[[D�;gl6�I*bID:��q+�Q Z�<ȑ<�)Wҟor�:�frL!gvڥ-K̓~I
��RShE�I̳K,EE$H$�ǭ�I�$�z�\bz~:Ė�LY7-8*FmB@
�U�@v�{
w8�oXF)�LTq�ppĉ�.]]
qi>Z*Ju�EUs�9>c'ۣOk�8e:��`B�'�?kUl9 �[G0*=qDUy{Qƌv1}CS%WV(h?NZba�Dq
�BIi!bz\tH��O��ųA�9]�`"�h��WA�o+M�:H+b n�S:ut'g=�%, ��X?e詟Q7�y��v;06KW�WP셙n[ NVkʉ+b+�E��!k?d
n=}
M�>\{Z牶叆X�XQM6'zWBӡo�1.urٺ(
�NLKa8b�}���Ϊ.�Gw�ciB(K�J�ܰ�
�R#>ga]�*��v�ј�}2#z��M=�Tf� �h1ydnJ�=a&^c� �E�1+���d��e]L8P�J&�|T|=�}xj$a5P�&bMp�ŬLf0gp�Z&z�,��>\��ˤ܉=�/5?-T$$�ۑ�OE7�λRB|L��7<�� ZL:J[�Z|]\BC dxi`
Z!:��:rg�xɁ%�m冁nI֘mD}*j$vG,-5䆧L>GDZ��;h~A]N?A�,g�]oJph�ʰ#Ʃ4I�0L�k���,jJ�qƏ7|#�
TT!,aE�.&�u�n���EɅ͠4iV�Q�kƺ.Hv('v�IW�
lϏw 9(&#i�:q:_f[�AD�4��Ȧg[a)5X�Rk,屢Q�!ޓW-!ȄL�-d��D:S%ˌ_Քy�UЁhL_��!P �2Xz.]oxVͥe<.e�rU>uPA#�]�b(DY�&e92dؑOtX��zlU7Bﺁ�
>�|*_��9�!
CnoC�$d/'�Û+�[it:8>b�SڊӨ�1T)^!���4#�~NW`�j�>vA�T~h{> ^c-_ڐJ_s�t)$�ڱb�YX���htj|q8cxGs14 �'q\-[3O]}ԞK"p&Y>j`�ldi�j՞$t'puM�K+e�9_bż#fep�.�U8,С
5th�7�>�P]�dr$k̈*pkN�d6Л�1¸x<|yLhE��XLx]!/358g|(OѹN˯wz�{��-�#Wsf=/5Zz|SgCw1�:nVޣBPl}z�2ϗR�םŋw�<:�BkNSCͤH6B&IH�Q8\�]+G;-
dڴǫ)�lrs9}�ᵘ m
?:hX#��gxNJS
52=Q�6)gdEbK.e�B֭�%w
a@C��6bO��R9�X)�v\���k8
4q1���8Ypj$w�) =Y�`�7db!��{ݢ.�F($u\t8Yb
rc!Z gNr^7;8@�Sʪ`D�a°M>7i#1\>nuy/W`kmˬ��O�Tb]
2�gp�v]&�5q>uѱ&�'b]�m;��@z�Ğ%2
66MH*y�c,ٹ�G�,�]Bi�XZ%wCϤ vq�^;��Z� ՚E�z2&jzhG�
R��^+ʿX=!WN�jxv2#z҃�*F de�9\H=h]qo�ElXq�2s~w�^�I�(!�o�Q�^Ow�6k��Ϗ5:=�X1Q�oO~C7{(�.k7zBg=�ps%ګZtY�wzuP)%�zs_a�u��K-~)UKiDoɀ0L����
iZv?lZr�8VkD+՚g3J!fc%�H�V�b]�� 4y�3بnoY[ZW�n+gڻ74S
m5�jK{
'lL�!ء�7{�o�m7�6lPM!~=�Jl��`h0DjVpU~hC~ܕX1DvR1V^e'ν-��6Ɨ꧴�j=j1#[�;?pڿz�S�3QJV;�+T�әgz�3H��s*:Zl7�ROAOS6`l%Ꞷ|Q3���uU�'�݆M�"�1�Gc�.ܹzi
Z�GɓPb�=/�w?P�sHD4F�ޜ
Ǫ�oIk" �X
jCnlWZX]ZfIK%Gqu���jFQ�e�`��@J��存�{�ϯ9s�J�K7IA $|Y��Ctdp�d��Nnd�1t
BMܝ{5୕imtπGԅ9��/q OӋ~SH��ؼ�P8|ĝ&�
ßHzA5B6c~�x|�$*
&���1FKP%[�i~0_ThʻOI�VSq�r���V��&@ycss5(]�vZ0 :t`}��Qݷ��ϣK+�Xױx��E,�N/7IQ5k�]�J')UOi�*�nb=k-7
znk�cKH�n*]i�Z~y0��c�L�-�'�,X
x!4\k J�B#�0Y}�UW�)nTvNvՅ�E9@[#7�l/�%48B-a Æ;�}T*�)y�1�4=S9B�Q}OQQ㴕��erJ:�c6,�JҚv~Y<`O7||b�o&iDw8n/�2]k~mH$�Ě\S�E>q5嗡x;-p#B~އW�F$-�9�TM \=%\Wx<��l;�pvG�t> M��xݘ|U�_O�?;XO�ԝU̠\śe�qbk\_�J�tnd� �F4ƻs�F\a*}!+{C;6=�t�<�5K��=}l�|Kd���~#Vc6`ШKVN$6G�V�jcvѴ6#մ�N9w*`U_ 1M@4t��kSdd�LBidմF2h���kMe�*��٠}�'k�%8m=:����(�J{8!F8ĉOĢID;"ԁkx@ȅ>8+�N3Ogxԛ/JS�gImx�@R^J/=�?ܔ8 ��5&
?nC�E:[�ar���.Ltm��jK_.^VSL@�4YsV0ub#�q'۫8�7ǩ/.�0Q7?!^İ9ME QU)¯j˓�G?k,ۇܮ$;w¸x5�l&�r3o�!N![ #�^okC�er^(ʇׇ
위d܃�yjɧv͐{��Gq*��Nޯ4H`Y�6OZEH@��r>?0(.J�36w-2M�K22 UnZ*fp��a=��u؇�x��,rT2|CmLɎw/{�xw�Y~3sQ._�zB�
u9"s8/fS!��YJ�LNh|qUjd���Y}$T!��,Ҳ(ǎ7NݨSx_u?� �=i֤Ss!�q%�{7hd�K!먁o'z.`w�Aif�}`hۨGS/ S[�
z��I"�#E{,G~0J�,r7.eu,�0E��gWzb:NT^NtS~5ߧ<�IG�
=>�W�ьx�Aw��^n.C"&V�:HG'+6tscr'0K*,*H�I!-)oJ(W!��4x6j3wgWfǛ[ȴ&_tC\W�?ں*xnj�_f�=n�@�SC؈RxK�~>9$Ej�QEw,#.t�ː!�,��I
>m!Bh.:_hHf�"j�n6G~�(TB<�W��PV]HMTvrfq˚E�ުX�C�C�'xG=>]=m�2I3mRwe=&}ޙ]z#H"�Ԟw2]n;5�@PSG%�C�%p��aX+0tA}`qa·��7�mЂ�71=t%�<�Vzf���V+ߑ�nB4��3���`pt�n(v}t1mZ�?�0Dm�xSDe��5�{�Z6P|o��.He|f2F^��iu���0O#J�#��K'{2|�w}�b�T� ?Q8c(;?���MUp�"[\�U\+H�cŋ۳ 3�46�
O~X�X]�bM*l�-�Z���L��Zbujr�}x�gw��{9m[i8$Z�5�
/sh۟W��xﵳY5d3ۋ�~H�i�8ϼq�7'�t�a0D�YE�}s"?lzfN%^P5U���abX`�b74�s73zmly;ħ^ ��X1�;⩔A��FnqI��D�/;0�LT� sӈ`�1!Q�Q39M�[[aV*�A#�;� K)N1�ǂ���ۙg*KX�n@q
:3�>DpWW�ߞP!XM��0�#<�U����١^HsWO�[�T�TU:Q]{u4���@(��pv�V&[ŊSh�[;�(!*6Tr�9ֱ;kzZ+t^/�"GObIiwkHJ �,3B ]|�')��z
=P�J3`b@)�ZcJI:10qx���> ��@"�t%Zl-b,ZQ^߸�$Y;xs%�n�D4W,=��
��* �+P��v/WqB*G2#�
{�`o[[ːe&E+"�<:܆4�GĮ5ggE08@⣗{b�G,R "pdbś=���=�_�Zag�Iە7(*D�2*�22O +WC��IsKHWץe"}�x�B�b�L;&��MX+6}�<�Sћ�G}x2}5[f�N$'d��U6f$] ��o��o��N��<��h�f@Y&v#�=#�Z|[p
2poh66�k ]h?Aq&`f~�0ƘQ/RWdmWD=�ֆSl�;#ug�糀|G�jǞqB�x�61��'OXz�*_z
&-y�}'2CT8HQǃz$$��qXߢ3I^d�ݣl�p��,S} �1Ocې�~O94�Dg�x`\}Xߊ�^�&4MuN'�sH˦�Z=kNe6cXZEw�tB_R[�ٍO!&m� ڈ,Ѕ��jʅ�I�K
a�]7)=}-2�P:y'OVh>d�
b���P$pVG��Q1F�n^y&Hbu#q1=N[|�:|dk,||�$�ڶs��'DT%6#�!?~\ɽpfj0G@.��R`e}hxN��vB�d!.�eF��Z�
]
�A�kNb�5)U�]goxve�QKm��%`h{�qY5��;d�����Ƃ!ge�+�
.~i:0��hH�X�o|]�b̤4*dSH�ɫw56Y/WeMu���{es!}��,m`
onF@��U�mt$eڴ�delEd ��9{�S�}��QQ�*���bOU��7`˶>+RӬ<~UU"Qm��#�R1|g�o3P bS�t5O쥀BxVZ+�'*
t̛4V,PT-�r�+v3��TG<�h�g�jw�)fJ�QA_^P[�R�tյ�E3amu=�B&e�`+1a�=�CI�vt�+�|�~q};QK+]��^h{N� U��U"' �}�6�ԯWqs�T6�w�敦/i_;ZP
�&$wL;�Qd]�ߟ04BZ,�C�;W��5
�>e"Hsp�C��Y.}�m/66F�O/W�#_19+|>1(3�٘ŗl3S?$yWU"&)])^ xsF,~/_ԝbOaQ�@z�"5�g]KJT3g�
z�hC:\)|oZZ7?VfcW��mvy���J2Ne�~ �S2}`2%���^$oػ�]O���Aւd& J���TrKՑ�#{�! 9h߀ϧ��Ws�@&
O �Q ��a6S\tZC݉܌18��������[w]:�@w�B8�\sD�EI`�Rl=6z_�]x5.LsH%|D �.��D�R�|e'vN:��lX:#B,y�[Q��= �V0mQpHp�ο�mP��)Dw==JP+�m>���m^
�MYN�rRf7z|)�%[k5�((�H`.�$=F}zZ��#�,�QT
X���p_.h'AtX;w��q���c�&�wsk|�(ه�#�ATI:LI�ٹ&iNCb���#ْKs4c��K$LscMl\�iYlU_#;i�+%�VHܿ\iш́3j�q�2j@wdQPxxo �>F����5V)~��Qcj?[1j��,|]�{�&�1eb?0�W(`&W�?g)p�y�ܳ�9K�5I
c,|�ݚ�wگ�NG@97gW�!�&ӵj=dkښ**L7ƌGelG;J�XòCEWEWO�/�-��^fmAG0)^7SdD6^p`(B/_�`AIj#3e��i7p֒$
�V�v�t�h߀
,I�
`.meUتf|�u��Cq�wóǂ~F��;?�͏,b`;lH"�N]VĐ�+_p/�p�WxRtGqX��e
ZǽL�%BK\rj,ǯ05Cp� �6KT��!p�!!$%zX
�9zR=ِ�8&)��?Ɍ'�ChA�<%s�Kl\� \Y &hs Kq%*I9=7�K,ʐ{dJ�aXajLUE�iio10��"r�ꆿ5raV�y2�;
+E
L+OVW!)ج3x_[ՑYPj�PJiv)4I��4U
0VjqO�ԶD;B!QLD�"ԡG8 !hDAkim�<2*�~�FZn^�A}zj�jn*��j==.h�zBMxÕf'�\dj̀G{x��1�F�2��>I�A!��F��5�50`&-�W[?U37p[sב#v/%gBycڛy�m�_+�zȝR'>��r4i>�&�尲];QY6XҤ]�:"β9qCR%T�&t
y"|N�2wRneB�
�B�+GQ>�]Pk\��ldR�*~W�ר".a{�愬&�o�.h`Fb�D��Ͷ����_�`�
���]칤#)��$#3�9Ӝ4Zh`=vI�QcM�ۨ҂#���*uMP܂HUg1p�3c
�kV*.dAWHj7 �/˴JOP~�v���aTʵ],�� 8,�EQ�B�.l[�a20ss ¢�j�0S1iR&cZ`AMu�ٺs!Y��$oIvm�Bo+ ��$��,�#�sTjB9z��L[I�AL�N��gòKt{YԖ?-/g=~ixz=^�-|cBԠCE,�mUIѓ-<~l���__i=o|=I�"��0HY>2js�.y->�c*:q9�9�B�֪yX"{�SnpNOE "`ׇ䨒:4
Kw�W}P��s�c8Pw��*{RM�_>�!\[wXK�}J[p �||
�!2ܰmG!��"A�4�ruE'�<�'H��;�!gQˤ[}x3voCA�c?ក�&�:/XH�d�?gf4��||bfC,N^%�Z�]+~��y'�=/85!Wsvm|#}Ͱa5Nt� c=͑W�HD+n����"S{1}-�s�>}zj@7雦K\��z���pA�7W-l]v}Y� #tK�$;Tg�(� @5z:�Z�v�HlժN1�9�]t/o�XQ�&�3]R{�A�ưLV/G?�L.s���$�(*Iv!OHc5U?S �.�V��sC' c��Ruo^; H��ߟ'H,hI>8m�OO�k%��OF۱q/ bq.S1|i߸3P_e'�s�bYꪅ|��я8kx|ďG���oZe,8lPD��97mW'f���O�ڹES���l�k֏�~cRЃ�틤�;�.�nh&88����38q,�w}c%@iXٮ�, ��cf4+Mb"vQc젌Q%z3e�{0kqj;9�X|�WV�# x_!�ϕO:F�1t+dr5�:h>YAdHC�vZ�3JlzH]��|�tT�`o"9,AlgU;P:ָ��x,�Cx�Ekh7�F1pS)wC�o1,=xϺh?k:@3��m
r�- �o��> +2) EN43@kn�g34�ɃoY*4kp{e*�5in�eה7yoT�]�Ug�@P%0Xa��(�ŤY�!s=@=�Q±-���ˉIgl�x!�A��p�9+4�Hw�cMzEFz_�'aH!?�L&�';3|�NH�KyW(#�{2g09�`��˹�6p�,�TK!ch�%i (�7'Tҗ�"�
�v!&u=ʲAG
�͖hJ�
O/v8��riI:�g�]ՃoX�P♳ Y�`�LjQ��=p��DcU�h�E��{:wbl7�3�T�Vd\UII]x��91lL��\_k
YJ� =�Ȏ%;j@YC֔�[)��'>oOG/�HԏKs:.SRqW3bن\&:�
h
��Q�SESZ�)�t|p�m(>$%F>$|ܹH)�}�
z54��o�@� ֣xr�/UGy`S�K@Zͯ�ԤZ#7}�Y�&j6z
�kVַԼ=5T�Og�^�(r`&Z�B'�q�ŨUGNuaҾ t��S1|@ٚX�]taH� yc*+0��H7&@Ժa��:RN\%���{M崛:?4�V,@�CDKs
��*�m���.%�kVR� l-�Р�PTd�g�7X�ל\���zX{AF#LDI~J�am&�zu:ܰja(~èS�$E1~w~hjnoEhT8FK[x�`7-ú�;�m@XPJyLtԣ$C뻬yd=0(+A>�eyDu�n.|=XMϏgOlb�O`-�K
^
RHMkϙyf�?.�R�~c<>`65yŐ�5A[\%N^��oy-smrً #OG
O��,&B^i4fjz*-ug-��Tg�phh�~�2&c�Sw%qt9[noz;3@��z^�sE`b0�иS_د|^ӨFe8�|h�W�C7v/�uF�H�LYג�Z��56�
{~�g
ÑUV�;gOұq7ӹ
~dX
�UOs3t7eɰ�hj��`7=�=�m8f�?++Υ�h�u�#�[XydLNɛ|�pS~u&ySV:`l��FB1k"Do@',Qv$��I3c݊T��0+1�Z�5� U1Ɛ��ҨHb$-jq_��s&G�2!>^
���B`��%'�ZK�5=._S�\f�j�$P@�u5E~%$}fHS|?[3�<]T��黝fM3S/0;�P �Tb�~G�ET�kxm5Ҽ\Wki!?�QI'1}�ެS�Oj]?+S�Lm䄵mԃQ7[ӧq�(F9e̗=�fH:jy5d#-�E�i(��V��I.Tq`�5s}�ЖZM1nx�Ed8wY{
c)�L@Q&2ce'�ؘP�ho9PrC�"7я�z%C�qq)GU F(^˖��R
6^^
�xl¹��,ԙYEŋѤ�B�e�> &��l5Vm=B�V+�P�梃fq�84'Ve�WWK�|֪""x�䅓8t�J=UV O5QbW?l z[M�s[��6)G+C$�VN@u�E]�q�6NmqsrL�tP_oK"@�"2A
e+ԧES�\ {A5�AL�nQ- ~}ۉ�#*.�^'㒺=�H."z&NBm�#�F��[o�$r�ze;ұ|C�j�_xhH7K�o o 5
cJ}IlQdQLc /a^/ͶBLJ.QzB\�-O^= JTiS<ɰk8m`q~l�qT66�@f`/�|#<]Vn�YE�Wm;OO+qU�Q"imO//QĺKݽ:adt�[n5�J��'ycC?`�u"뾠~�A�ʅ1�>6dA]��B錨3ԗDӞ~ zє0�FVa_ՕvG"i�f&�Yg95�pF�U�F?g{�6
˼Y*�v;qߣ[$�Ʌ�ЭFW�d1�Q{�H
*+$gLiP\xY;I=l~HK倌94ʸ/ŕd}we�g"�ג3ZD�PMuxk�6EF�\>;ܲ}���=Rj�4ѫz�t"�$�CxF$ �7DFt]O݈2a
o2iQ.wS"��e`:~a&YF% 9 Ofij*�)�~@�T"-�y�@{_9�Oʫۇ�⨐Dp CA�!/ȤlRd�Dh*iFLT-.a9�h�V7$;�.cvv*N(-ͦC?!`(�g)®��5/�Hi�$a_r 5�
��#�'U�+0_2ε7(�A��
��k;�;DYG�de8�0Y�x��!pvEIy��o9��3.4,Llud�Ȇ-I%��]��3`7d;XPtm�9 SuT,oX/J$Ń0DF�4{�z��3͌���
Z$LS./ɡ~6�uZ 4.�6)�Ӗ�ׄ^hCyc
}sp��hk0�G4- 7uvѶ0�z�F�xҚ��ԨI4%
k,Rl.ۦ#�"߄ԧ_Xl�ܻ�Au)p+�tE�A�%�Wy�m�[CMrQ��/�h��/AmDŠ�/K";�j*�fR{RG��Z�6f(fs�xT T�a�L`�OIYT;M���n�Y#��Ľ�!y};翲>�oi�Fw:"NqT�{�`)%�[!,�6J��pEչ~
ED\�I��.[
2�c#TFs��P]%2ۆCy
`.nx@K3�MR�B#��iU}�EM1�
DbZ@{�011*$N(Ba[�^)4R�e/ߔ{7��'ٽ(�uF6lħ�k@h
>"w'YJ�֖8Gk=�@kVwyalgoxM7=`Ccby�7�}jWK�a/6ߐ�caY�$iu
m/}d�$Pi.%`�Hf[>�ޖ��S7:�;bwr��'RT�)\9hG+K�Gr�W@vЀ�DzL*JZ26�dd=D6z�
LZ&ا�+t�?P$ 6q�݂3�%ҜUB{s�F!H3?iu|t�C
8�!嬫G;0⮤�Lk A|R�c`]7c[�or��Cm6�h^�;�SuR &TiAG*&�)ȹaa#l>g$DcJN( @/�֧c\��W|6#l dq"hbA�\ȯ ����>USscr`M^�Nm=|V+K$/(9S�+CRnijэ��ձ}).^XiWF#�OЬ� ��0f�㪼�vٟn�Μ_-Uٿ#m##RC;*�k�I��um={j(Q컷[�W"�@X(4R)
#�!Mg!��^&f/�QxoDsV�O���=5Sg yo~LcRoJ��qʤ�^@3y�`HV'J�?,o&01.ܒ�w[E!ߛYK�yA�#b�!L�d��-3� 7����zE�Ϡ<�1`151*ˉ�]?/ϡj�ע,p'2��J ]
o:g�h��fض`{q̍�-+diTy))+h,fMjT����y0C"kk"dFO#t6����.0-EzC0vA�L�`}��h͈F�$<�Nq>
�4LVݥG�ޥ Q&ܡo
;�e�D���H�#+`+ܾf4`n�=*pt!�=?u#|7hz5HzfVA2ksdMbQ_L1mkO})!Ӂ>0U �Twn�N12Q�6� x_d&8iS|�m1r�R�[^��<˽�
ep��mH0zJM�9az�_U摷0l �Ǫ �J3PR�?f�x{�;g�LO3�~+z(3ݪbv�IB8B-9K>@l�IG8����s�X
`��'�R:ꆯxH43[!�[hX�X\"d�
aM0�wpLrĜ6/`Cj�'#��0^qgr�]�
�tB:� I�*`&\V�NK]T5XiK5'z�+:.9�yh"M�*ٰw"'W!�Dj|/(�`2TwD�25?��3\5ց[r*�2y�ַ1�7(C�(\@�s�މ�Ȣ7��㣜��HQFD��
�ۗQn��)}s=�3��SA+
kC�U�ggR}X#~�Ą�߾CyJ윣q �+Y
8`^R�N�aAv��u�~ UO�!'v8��L*<~��3o6[�M�}�sbR6�=s=ك��Eܫ�G��2BOz�3��b0䮹��JZ
$RR#�k�/luAO!u��דOb�ϩ[$?=g�RP?V�!�
�_B�#̉5 C"
̏lHFlĀG]*�ĨGWI4$?R&ֳO>�s]`�y`ԗ`)e
6-OwE�=n�;�nȸB�~M5wzi�e[E մ=#�s��hz�|1~�
=l�W�%3r�>8�!�KG|Ay;730Ψ�Qdx�sM>�k_MjV7譛7Px5yIBPGO\> \TaMZ76��|���*}9&TG<�$Ii9U˾�i
w��|oQ�),�i28[Sv�|tV�uBC�xv�hc�F�A3-Sp�S xgF+9�/���uO�q=}C�
g?kH\X�G1@���#4-~KdCaS< q̧lr=�k_(*��$TB�%
rnTlFV'n /��R�>�$3%p��;;$Z1a;�f;q/uJПV(~~t/e]%w:#�QzY%c�
vҰ:py�Ȭ
�4
2�X�>XVC �\T�EzDO]9@0gz%�?a]ީ�=㣣hlJO$]�?+g0}[g���醑z]-=fV �9aRtaA#;7�'�%ʥ3JHf�4@(!Q��(JO.�"�]51<1�֬39
�oM�.4Gv�*<{\�y�E�"$�[25Ed�*@�>��Jf�woa�O~.�+UEjx@/MF�pB�osei[C7�cχ��,tkKU'\ZaǃD�oV?{ƭ��S3l�#b0�5٬][ۙմ���B$�Gdtr7 Bza�C} muG%}UGĜ'Ɔ_.U�2,I0$�N1�%! ��-`<ŵer߃h�J* �ȏi|P�%[V![fO'lfwjG/\h^\-rSsWZ*?;5�:l!!DːZ[/t?�jx藑m /,Odn+��Ii�(z@':ù_嬴|"{Q��4|�*�_W�cL ��m^S}�fɀRN%K^��CzG0%R
ק*�
뷲jSO֫ncl�g|jC�<
ݣ�~;�8�*�"X'C�o^)Hg�ޓ3KXw�JY�k�cL�$.a�6ݼ9�JQ�
I> �-F!H'x8?W[ɽ�g�VJe�
H-��6��g*ꥒ�vE���PCվ�ON#F4)|[�R0Wpv�?h�;x|X����\Id�MvQ�rz�=�9Q#W�XS7 eVv�ɶ!~&2��K%�SY*���̄!ZA��:#�d~g,B��P#N?}�W�8"j$̩Z�~S�q47'�sc�6�Î('X2�5#=IA�`p)ǾdR 8Hqt��>i$GyuS���
A&`k
:zBb')'E��ST; 'D>2]xP~Y���$�ٓr�4E:zY3�6F Fȶ�|`��3;{ܵLu]�m�>Ub(?Խf}"u*i]@LHVO���y}pƩAW�qvAdӰ
R1-!'g4䧃<̥x�]xp>L�+��B1
�`+g�Alnk)c FT(c6_^���
�#ֵw�
zQ�c]I�'y6��>~tAegGd�ʗ�f"zr[��v`z63}
ذNd8Ê��]vd#u
kmჅV8cB?$J%���('ZdN�m�O�^gQΌt(DDS
C"ys @�f5c씇�3K�5=,14�>Q��+gZ\�\"~l:\k5dKA�dO�Be\�`�=l�GE�͉�kҗ/H
M|vH�Cϩn��BմOj뷳y|0}pv}{vHi�A��~Lꞔ+Y#'IeT�f�o_S|��z<�9k�PZFY��@櫸:EK+�ն
-�L�&?�P&+�3���=P�TMabj;w���/gh��N9e =�\*|̐7 �dOTh�e{�2?�eJQ�=uBX}��_ALn7M3k-Q�d&f)>k슪Ry�9�j�ay�cɹ.vx
HA*y4H Y,о
^ou.Nᅽ9�ЬXνʊS
M�}Im�p#>�pĈ��v?k݉b2):e�K�H�qYJ�h�.z8H(fB ZtwZw.��C��
Y� y�S%{Y�6/ۨ[Y% ϳ@�Z-r��V{v�c}@ru�6xZ 7�m}�95f`���5J<l"K:�m���{;^_�+F>RmzO1S,">*A,+Njķ�eQ?� M 7?0�d$J�,<�\
4��vOdM�( S��BY�Vr:Ú8ɾA�SW� C]�Гś��[�ߘ�-S{rD8�.'�L`kY!X��OzxZ+m�R5���]F�חOELc��VVdBeQ�{#v/ڃ�NkA=�n�d
�=#v�ЦA���FZiՏA{w1V�P~0
+WBxS�?ԟ=4!*yC\F=�j�xF�]*,;r&�pa�Bս8iZ
$՚�yVӼ;I|H2O쯬�~��酚4]��Tj�Ia�m,�� DZ&cUdIi�
�嵜?���zk+c:h#�L�yY+> L�W[>+s4إQݱ!_H>cՖ�Բ}>#)�+)�/8ݢtib)_"G�G��_lB��0#ϭ�;G$"�w3jKy�֨AkO
&E'T9=�*A�śF%�x1B�haK&pC�4"0it�N�iў]/f$�0��SV;|H��6M]��n�rtn�FD[�`��iZ#�¨`u\
h�r:6?p_:&�˕^9>WdZƘ�CI/���5>i?��{* B�'㇕U�zI�3�K0-�J9R�k9fݓs͠_!;dyE."-Z�`�M��k=U1�w(Zs}>4*ho=3��nÅ�8a}>>�G`PZB��f6�x;??�wmO�~�XDŽ,\$CgDl>O�R;B#n�j��ॅ�&ʩ=!wGw�h
��p?kƆt,�1ԟrbS�p_FJb
'�aƱ̫x�]da&dQ.+]2J�Յ%䳫@\�p}{��O4=.r'R"]� X::k;
:2^0���KǬ9�Xb
%%ڼ~2d4N)�\ȫ�8K��Ypjp#%X1�%�x�7 :6>.B��Q�^`ڨ�,{:e
,/>� "1�ss�{ŋf
`V!rXPP�aJ8!θ>��3�E YO�cW?�4>4ʗ�zuRfgI"��ߥN V/c
˽It�վ$@mTl�L1�=�~�^sL
c''7լ~|RaYegp��WߩtaL�Hx�LlAcax�*=ب@(i5hRp�cb`s��"�Cvzoeĭ'd4����Ŏj�4\Mܻ�6�#�Ŋ1�ͶZS\d�84N�.�kZMWN6�/3�*�7'�C掃
2fa�V%��Zv
�2�8Zܟ.QË{��Ҥ9M��;/%D�,|I4�:C�}W'�
ϔ=iw��C<9�S�vp��Ĭa9��xp�x1rJ��X�M��|%Oc?{9T<8�SAv:1GKh[`|�)(^�g�T�Fٔ|ً?�7#5WuGL|�H�m�8�,41g����KU����W�|tn2Y|~!di<�̈ED��3��1AxQtWCp�c[ׄcd-�#*t�)gQZ]�
=_9Z 9���pSJd
^&�7]&(�B�ʪuBLAX�Ⱥ,;N}}�/B�9C?}+ �(P.o �G=0m��
c"=w[UjSCu�grQ�SnD;@M˯���;60F�I0�m~ik8�w2C+t�.��?ּch�LbDh�2!12ʬb�NBJ0JL�%-
RqG�bM�M�>�B_ <4?�9�C@E0�1�Y�n�چ�/�+$+�Y�D@�.�`�oKt'<�$IE}qv��g�Zr�M9rfQ5YC
l�Y�wo*ACO�q���02�;ng��Ɏ. �Q, �䜐��IIJ8~�0=U�k���7M�A"(|BT��MkJk:Oxs2�npI~J�ke�%#�Kj�
hvā��c,JgPNZ@8�{\>�GcaStQyr�F�ߣ}�GM��f酶>$]�<.!Hy�n`��/N-X�^ϑ�4U~>)Kr\0K[�T�wצzs11Ҧ]ZJ+)�uۖ; �%xȪ5@ s+P6B>Iܚr*$3=vw90Ah"q(@}�AAv:ȪT �+"�!��wB�e�aM x2�/W=Yl
Iب>c22N?BuS�̟lж��Z��_�^B82 (&��*OM�0�t�'��+��ܣ `PM~1E ,,q�K�jd�+�;�
�T�%�
@�oRi5Hn����Y\�ܽk�>չ��F
3E9"G�S K"jw#+̼ArK/L(@;&E*�CluqN_\ �p)�:ےA�l�(�!yۼI�vSsp*�
ɾr RDWvSay*5c3zI24��`[T MߺapQ�b�Cnd,tFMom{&��n'p7h6�:>J]7d��"Ϊ47��~a�Z+W�^
qq4^-�!;~gC.L�v�@;�l��,nZD*E�%+4n3{:4MGDV%h9aSM�
$�q8]�-;mާi&g᥄�t篳ָsTK
�ǶIk�|t��9/Ca�֠JGZ(`?g;(|�Ng7٫7y-+5�垄>f6��Y�x>��XH:3y�Ѥ=;U˟r%%�߾)�_4�H��gW]li2Jya�9mF:-l0\�':9d�TD�;ϥ�us(��?
�\A L.�mW�VUC�*>ۗ`+y}�w?Áz�mU�%u;c|�A*�3[VO^�YƋJc|:ZϰS}i1Η'ߛ~ZEЮ��^q�L�5.I$)n�@u�cPjr.h.7�/�J{aʛ=/W/x�f@>$��p;�h@UF���Q@kz����'p#ct�[w~��yt�Kqr�ܤXx3M1�A/��O"yjAJ.& )ݞ)l�No�8|1�wv�Idz�wo%H#0"5D((��h5EUC0o8q%@j5oۛTwG:o>2�
av`E&�#
Xq�?�>�dUTFV ƏMZG[R]Ck�b_r[TNNqE̽�Rdu
ƄS't5yK�Dw�^
c"M-i芎NsYy�Cbs,]
�I�:S(=pȰ�%Ǩ�{�@L̯H��!A#r=5��)3
jCYc 4-hY�PPEڥI\�6G_�Q+[ʏ�(;�-�[�ܿl(rQ�k
$�[�Ө�ڀg}l˭,�W:x^@�}ELUO�ucz~�#fߛe��TFM�P}^`]!�;�3n�|?U�}tҁ.t
O'4_Dκ!m6��sZf�YjKƙR3�Yh^��kII9iq969StZ�<�p�&�jvޕF/1�2�ɴ9��Tʡ�}&qz� y�ً1�M��� p\\4Hbk�vLo5I`Lԗ25 Qc�
}�%S)3W�a�4GԲ0"V}aagX�4o�)i>q.�&B"L"2&!T�~#DF1+R�asFb�by'z�ɥ*pƈ8#�H��?A))y�.6�I*�`�Tt9HѶH9M;p1hsoe}5eduzr�X}S]��EK�Rt_y(59�BUGt?>A�|@C(Q�%9κc6U�Bf@�??.Ϣ)�}l�8˾/�;$�QeX%gBSM7uMPo|�╈*{�X;��|
�m,#�u,��.ܽ["�.b8-։S"588Pd9yyм�@_�2(=j�*b��['R�4ŀC�Ō�斏~x�b�'!abZHA90O�SZf��pmm7="#t3��OmNˀ �@p�[ܱ]t �~"S߾T|kU!2�^�\B��
<<;@HZQ7��1=)+23(�Jt3�p2�4mׅ�@զޛ[7�}+V~H8�q4D,~RN>R�JC8Ċ�[˂��L Y<�Z~�$BQjǷUGD�F)I2vW3i�&xpc(�]!�\Ao* v7A�~�B�ÄZs�Adax҈r(X�F0]&T~uv)I��S٤s_8�gN253~q��_
O-8=6jW��!=dZ>?性_�k�S�e`NJG�ܹ+�4I�IIy#4(JPh:�h2��Ob8�7ԍvD3�WH��UA#J�Bͫ(p녵Bk�W�A����I{k�p
ܷ�8L;Be�0��/�J~pS0b�Kc9 Ԓ�/:�bBD5Yb�5Q05�1ӲLNEPX6}o�4Ֆ6S)d�I1
p%s�#�9R ֭9yN�|tӉMsE-nH�A_y�0u-{*X?� ȼ�?>^$^��g=x�f;%Ax�yON_ֆ�맓+[;BJ�L,jj6a�B9IDad#�Xֲ^�((wt_1;u/�ox7�ۮX�5�F�؞�Df7w�۲$\�{O#m�cfbU�bpH�
2x.Rwª ��E%aqLiF1�a)Y��0�
%�:Ɛs�~\H�8)=DOZ��")I6.��>�u��ӒD
_4Z`8L"SQ֠ܔ|�
P�m/�#uOD�"mH!4 �=."b2z#0osJ�|�x��ox^�ߘpugFv�uKE3+u�:xs�Y
lWSG(-i����Z(9�"jmBNC+ň� g�cØq�sx�Qjd*/jYhˡ
ý�_W&?�t]5>I�迄�/o!J^AVWe7TCp,彚�eW�w�QĻ0s[wl}
'�S%�H~`�_8[o�B}2O�CjKx@2gCF#b6lRN1)f�<n2tO8+cRxV1ؾ��( EQxo$�Mc3ߒ�էl ׄQy�͝Eui-d
6�'nq9Cq' $SAf}{L9o�n:gv
O4�d�y�"g�"��3�8Ŭq:iX\>Au�j.�Z�r�jL���X�4��؊=ofQ�ݾ|4�{|�<(L1P�fcQ-Â+�&m X�Fſ= yT�S��u@Gщ�7ZR$�_�<@w�2P�թ;zz_�A%da}6=�kY�Fu(or/>y)\|*P^Coo�W#7ƺ�V,~�)Vuߚ
@1Xm`#&sx?d�Ilc��7Ҫ萞o$`^�[t'pV&%n��&(k1&Q=TYZK_TN>x[?�U蚕/�r,Uǹ,6q#58MgD˯)J-d!:l58{Xf�"jH0�q��&>5-"�k%p*@P%�Mw({#EC,�,�~�73N�mA���/3h(ֽ�h�� �z��W8�BhT
SX� otv
A� #ʳv{�aU©X(c�Gy�UQq-�%g?m�D
g`To^LsoPS��)HMʜY[V]^(y*Q��ࣶ� ��q1df�
%�AQ[�ݐΧQME�6N7^�7f%ɟ9a5B`Mxc0mඥL
v�%-*?5͆~\1�d.M!�fbz
�
k_XJ_D[$bRg�b]>u�
kcF[Q4C�06��h9d�jw]q�nW@:@$�\#@.�t#$Gh�vLR/^Nx�Ő#j�N&ԲDZ7BS7zX::Vxi vʃatEb^$رeqpn�ؕ)2i^Ts":��nܐ+e�fw}8v\-G=\41�ZC_��s�yS 5?/w�6(4Gxo4tP
"���b���FF
(�h^qaJ!JKbxS'�U�FohY!X0?h�ݨR]3ژ�E/$B*Y�#AGElӐ}UW_�Ȭ'6an#a��bׅ5 �d�C*R�c'�n3[Qxa=���7D�rF��9A�Z�:ƙ^��aw&9x]A]�bHFdl#��`?�D��'�)T,/)dHn��rӦ�l]�2ݔ@v*gr.��u�+H�~>0pk6c4�ƙ]�{4OmЧP1_1LDO��b|�!ȴ뤯w65�)p�пڕJ{e��9Nesu�!�w+��z!^Ut6^C7�7a�BPn~����6�J\b&5W�Aɡ"Qn|b��f5қl-?fL8(λ[@l;%67J�I
��k+!Fb\5Y9PD�K7�_zjw/7�Q��k
���G�_Bza�#$3Mi�Be0;[߯!*+_��{pt=+�t�K4l˚M_*R�ɾY�YGC#Z"��y�r#@16,T7,�� hq}B2/
��.]Q8_lBNO� vQ}rD��z�O($8_�Ö
f4$?5}DM'3{uE�J�qdթ˼8x*<)ĵQ&А��8j^oE'�r>Sl+SY@jM07V|�8S�,�a܆'.({)�]/֥5̺? �N[rdSzY+�Z�@SC�ex0g|EaU��X�ҋ�s�49�� hFUr�z�>�&$>v~m}\�+5�NW3C��#3rKfbl�l�+YkͿ@��#��khNӆ!o�"� b*�<�
ُY�$�ыoS WVkL�Sq:ރUUJԙ(�[@IA2%֣"}}0mSvXB}�4�
�(~>� "?*Z@EI��"��n�cZcTC;
=)L?�|�4�]0G�{�U[:��#fν�5�رk�1�@?;�E+pI(oR$:t+dYNMB2n�$�ZFDRR��)s��w> 9M7�v)�S���gO
���۲܆TAHih;wȋ6�0xgj�0�
oes!�V�^�d�:QB9ME�#ӣj9�|T�
N6?ch/(\l�@�?xS#P7}9$)c�8+g
BŤgeW|֧&&ޛtwӭsl-vUK4^P�OR_�
B,f�h'0)xs׆�4��GE7�Y�l���u燦BI%�[��rp5U\eq"[lrJ-c7)r&� grZP Ax#Hnc�9f-Ud�,*�8;�B*5�
X#6 8eYZ]R0�-}tQ A�٪��Y:
%=��qZE�KN`pމ�mT:`/ �J_^ȌBrm �7Zp66�s�p#�$5���!]|q�-&;h/T0!@�.Ӝ.��xh(9={F+w�6ܾwmܼysi;/����$?�5U;2�/wFBss@��9~I_첰�<;���̎p387,���R}^+b@i'�빶m�曰�!B?=o�8�1{LҔ�,y m*�1�dd�L.ѵBKv$��M:|7�gcB%8l:��wM:\/D^V�U�YйNymґo1w��0宵X�X�n^�Kl�`mz̄mr�+w;c}S�HX"t]"aVi{Up~��lO�z?y
e}K4��>�]�^<]zi]2k�0iXa[^�J4&ڵر_I�*�O�1EO:�� Q}n�eZZi�sM�15u�p8m$6!���-��a2[m�:7�ۀ5HZT�[Ӽr�m!��֧_$K�|Ukd�P˛�Gaw/��������7�3�In �9g5�H*|ը�Ǽk^5(n��-z:�HrZhs6I(tD[J�j�q*';�r�b
�46�,3Ę,y��mM#��(8АE?\ c97m9ɧ�EK%'3ۼo�drLɲ���&OXy}�n�xUA
O�Uzo��r�a6c'H:qrqw�g??&E7�x7}/EUdi�C�O|���-�WՅ#Љ!M���4��p�̨EDi.ZL�,ˉa>2.c�:b}x�`Ź>�>4F����r'iWnH��4�)&CpsHWo4>1nf�Ժ?+;�\,k�T7*"�(tn\"ƎÙIЄSexy@�-M�(�+���w|�~x�ղ<=Q�P\��$8p�9}Ôb�sn<�㠮:O�2hx2r(ܲd�yod&X�0c�SE�1�wHQIJO܈$�LHn�)�*,<�rș^KF!
4Շ>!eA�[�US.�}'ug��sZu=�6-�Zb�cU�8k݈�#+oV٬a�\gύJL�yG�x5��##J�g,+2Ri5;U�0&��K xl"�4e(�ٴ"f]QFȼ`�C�HGd
c9u|(��vm+�Z�6
�\$nغ �gF $�6TG-0(l�skG^E�( ~־_)
vd+r\p�ORYvH'F*|�<Σ&'n^?kE�*HPǿ��(ʘ� ���~
�xdQ\)-<��,`K4xURWtq"`�ɮ2�(n~sr$�>w�+ڵG�CHpj�y�c)[Sk�c�֤ji@,%,� �-x.���;QǝV(Ͽ�2o�V6C7gOc�ECU
d
�i��p�{ӂ
5����1�$24Y�tC"4r ́g�?"b���tQFYp]7^X>;
͝�}܋R-�$OԶپ_}·*.�lVq�Q+D}:�sX#!zy_e�?E>�4_n)ߜ�{��Xξϡt30ދI�>+"z�0X-Q COgroK�e�ۏTay��5h0��"tq5j�
S�mR/ǗL� ̣v�̞?ғ)K,n[~P
F�-μ42��|cпqG/S�8�B�A5U�)VK ��y9�w�G�;�:IQ<����#PEzE9��w;
)�G5�v/%#ٰ,h[U�
�8�JBS
�HQD@3Y)V�l:5&qz�šox5^B�*mi�D1S7Z�r,r療~�N3.}z^�/�X�#�zeL.afE.��6�ظWlpTGJt*˃�g+y~b�Aj�|B� I���ZґbϩtI9khx+-Pqu2L �חDaSo>SE8�;*M�(�UNG�煽j36�=|[�yb5N�L\BwUL1Ȳ#.5#`1K6SAY�)@.)�>4�KJ���Ý�w̉1R絛��+)�BJ�w_U/M�k@lʉ�}����T!aշ[ʛ1���Jdkz�ZF/o�x']H|B��]OS��GdDPᑊ%�(/Lv�- S
&�W3:"��L1��rU �jS�m�>(b
���Q+U���{2=>ʩl�)xlv%�p0�(�@�,f%(F>K��,m'խٸIN03g�&52f�r&;�N}�;jox.�k�v�G*�cQqks δbIV?LO'ܣr៎c&.ނәO
�uI�1_ǣ}iT簱0UCrHee?,39>�Z}KP}[VUu-p�9z�gC@]i#t�p�UK� 5o^�LN 1c:֮f\miyq(4�#CV5�q㑆Ƞ8�rNU$�WZD9A[3̢�̄h
qA"q9vlnE)N���RB| tZ۾����/FtYy8*G/
O��}��4#_�)�+e�5$W�6�o2��xJuOG�Y��wtI,G�$$
j&JҤWǵ5x_8R/j̦TΖW9=]aBQ=�)ȌH�0w�.5o�GQ:Jq}h�Z�c(Vi7A'|W�;r1�v{
q�(fa)wF&m;G*BPg�H�@.4Ayr3'CB_�/r�-B
"3D*k�峎(�c dS;�A(�oLr:m3�PIX���l�~ 0��d�_�BC�}.�Fw!~�tt�u�\sJ6Pg&[�$?�?Xp�5ff9 �8�)F进-Y�^iq��CeYF0!n�/���@)r�%fkIio
i�uFHyO&8wgl��\MݾH4
�9)nkE7t�����
I$<;�Mҿ5%숞�sg0'&H>h�aK
J:��&p0�=TNs;REG\~0=aZ(2Ր 8f8ɜ
:f"Fc7j5g|���WhTuN%��DAL1{7Ӻ-(&+v��D\Tz%CiML�7)!�v"k�U^��m� �uQ�PuY(�*Ո�( 6�JeI傯MYyWh>{�3;e�r�iYGRa0}DzE-'�Q-h�7J�&��d[EꩡE-Lc�Uo�1;[8o\{+c|�m.��PE8k7^cE+$�H6-�s"^H�'F�<
Rj-/4WU�]">7}<�%4Pd�+3C�/S߬OxR@ն-Dfj~HZ^z�e[�
i��D6hצPSR�D
j�sK�Hg^$�O2ȿÿ]y@+d��L)���8=��y�3}M�".��v@7ۜJ+"~s�Q�h'3૰0\�[ʱf:�>p��$eJէeĔ{�m�Ą3��D+K�# gӝ���>�w?h[{hbCr[�Kw�}�J̵Q5V�v͑�N���L�`�VHf9u�E��#uO�zܭ�
%Tt{!xX)�ŇHB Pb�X�=�RZմwQ�m�KtO�" b.\1z//^+8&C�z�K ]7M��Twpxfs.Nct!-gU*#��_4Dxw�~
�ɚnՈ:FDkN⮉"{0<~Jѐ�9��r�DP�$b}��cz�bP�Uӹ}�-~�}&AM�9L�č'5�l�Js=PH��=k}T葯UaR'Fb:F�gcMU�@�.9�tOmw
�+Z
y�#v��bQz��cW�+�:;Rh}`W-j5��`-%(, rn17:�
H6%f?rU��8 2[y5��N� _sˁI%D,CfHe|9�]qS�[�#��#DvWm݁\}Dq\x]ĩۻVd(�G�N�#1T&Շx)hRq"9Y�VDzҍ
r9vc߳nf˗cCI
츜)�|l�X y'ʦD5�`�W:�V7.Ss^ඊS6�Ep���T֮�b�ExH!
/u�6,ثmo`X�?mpT(1W)ٲ@gr=KL��8?ko}TF!1pS]vvN�./5N�(iM�q6+4v��6�A.#$��@:݀c)�.v�Q1Nſ�`y�ޅć#�@pUhf]+l1yꍿZ�pCS8r�!��Pѵ��L5OjEl܅R̤
�a=��z�}�ҟ3�錦RKh�L3t72M!)H
ZZi\Qv3�c�Q�g%|1s4KF4I!�ҡf�!5�:NV��.�VgtSP��.�.~@<8D%_�~Ѷ�hLoZj(xȥ$Td-
PċMjzR�Q��߮6ݘY��7�i$7>Yo"<#H@C
8��^8乃D@<�Nr\Ҳ�K�x�cZ\Up)G.h Bsx�RQL�F>ƾ_jw]ݹ˴dQ%^�UKygƓـz���|
df��eh�YU��Ԡia &3VC+[!
�nk�4E|�7X�*h�%t j�]K�hV >5Mm"S,W�%J ����~?" 8% {�1(�XzV̪$4 6&g$?��o�Gܵ2|CT=!'YꂝEE�%� ku!{6̮9+~�S~/�JNc6�GD*,Fb�Z�$埯\
OT�_A�d@Z5#�O�}�;t4 NV�L3*_m�p:#k9,�u�4Nu*f��F b?(ۆ&!GǃZ+ˆ�aZ_}b*4"A;-R|��iQ.�:G�95�$�J�k�ۋGPzb+:-3i\yǞ�:R �A7��/b�8�!�BK�LJ�Lf��&R(u~z��L$P{ŐП Xǥ2��ñ=)�cpRF
A=� ��&E`Tg�qG/F<7w(Q�́9Ѯr��9^h:e\JM>�|oe�nRpUKsh?��&/.\A_F@��J|� mY�${cC��O=aq]wx1�[��~�gj&)NAҶf;��+ŮRr0S�)M#N"Rmn�(��x��nd&-�r/1?�YF��^�g�(?P W& 6*-L|)H8�
4r��0jd-D.žv>h+,lWY^D5[qrlt�3۷��|�2�mt[Ή�}߹�^/BVd.J�4F)�55>֊eH�BmU4�i8+Ϗ0NQy]1ĴH'�JKgڲf�Ÿ<>N!#bj#�NPP4Cu@�3 3�2+
`�q�E�0oV,D�o3ɒ�ZɐV5}��CJ�uR�߸95i�5 LtqEȯ5!D=}u�}H3
퍟'<<5ew'�0b�) �*�f8|u�1�P�fcw(�&XO�&̭tJ�Oׯi:`���Vףt] �j#0>�p*s�U"��X'yi"9KH[,�njaŲCy}Q2!1{���)�#ц{x)@�qwHyߙ(#| 7JJ��jY/w! �k5o�Ε�p�*�-Cw0�|==; �]��\��>�l@t?89.riMpy4'�\1`v1&=A��f
�5L6rQz0[,�ہ�(bV@hJ�'�Zh50]OX�Ʈ�
/_uV0+J@fw8z�/nU�y��Z<^�%j��23B;i`W:g���C\
~iKUn[I~. �=�yU��dv��[�9Kz(J �Ƅp�vU��8E�qq� 2+sD>�f!^n�NrWJH�J1ӝoH�Q�A*6 `��Nz<
i\�%0]pRaL�֍ld�WcT@gO&GZMFh(nƢ�O-�t!`�:i"Vͻq>dYh���C%:Viݳa^DW %Tmi?5f�e9ӓ:+ Ջ C73�pf�۠fZuQ�؞6JS�p-{
�Y۔IL[�Y]fſAL�U"-'��i�Y
RΫJ8ƌM>>-�k5��X�7t6BT&�#1 $^3܄�K`kvř>jx*��ʠ8�5X���mUf=-bG�,Us�>1H��I*�_�ɣwi,��eo!
��,÷]!.u2Gl�w+Z"'Ŷ8[FތzΛ��HXaߣb>ް�TۺJ, �s>b��!ݗ�]�UKu�Z9l3o�ʏ�wMw�d#-]#S�*ѵ�
suL �wmcY~:ɳ��Ͻc`*A$͛&�m�t@U�y�f�ݝ\�;��r$S�,=/cӅ-:+K6Hyfq%�0U�Koi
U��V�xDŽ4EL^�m�%0mLSD�x�(xP5��_@徧3~�,RLe�6wq*1aP�
שkk�`v)7v*x�dmފ�fRpz�{� q>��{|dLlhJ�* vwo�] K46%|��J6B,��c4i^�y92Y�İPu{�J�Բ`/��sXe6�_|4�uv||L�vG5q܂}tf}rȇTq��@�X�yq4U"i+۵uYBg%&7y^mTz�z�ތ��ҵL�776�SU-��_&~6�Je+��Q
̱Ls�k�|9Ww~��j�t߬]7˂��R�*@$,�O(�b�)��-&ד��+\IP+ѭø�PI�,LR/O=��
yok쬩A�>�h�7�I��Rr#vBC(,mpa�wtKӔ�My �"TS�Lj0��3݊J=�ǩY[HΔ,1agtp!+�W} l^\,��|J���4Z{h?v/7,Ds-{8HҶ�:��\_�,$a��;^�fFܣnYZ֥:C!U!e!U�ʾQdN�J8R{[%�!�<чhH{�i5GwOrD?6*(MAX�F�% ~Nm3JOE"g�mO༎WӚ/a+8ԸJ�1y.� y�zKUۅ�#
$A�)�rǨ}G>ZVXIbWcU:)��,pꗭ* $y./l�&Nω�H�q�\v�AS_ۉu��N|Z�cBr�؝�iKg@U�03eH>ѭ�yX
]q�XE?ÍY��&�-�q$H5>q�X{Seޑubx5
�&X;%�:Ĝ�"�{G8��O�hG=�S*:�kLr!pn%:øg"J3� <��f��|xu�Pg �}O"*'F"��t�&Hz? #��).�='y=_ gZs�B7�0_Ij˲=:{ �AzLUe�R"�G)�0*iKK걺�:Q�vtNT,:aFT.�R晠X[�af�:?P(2ҹ�j2N�C��?4s�#8aş{۱2I:`e_NtN}�ɯEPhyN yJ#õ|�}�m�Si"I-)]^GSr輖cЙ~�yU�6 �
JNPP(kb�\�I�Ao:&5?tS�@)vj\1dPfsa�Rʇk;lWRg�U@��3T%�x:x�.yjΗE�LFX{q)tS?lk�9T !wU\~ H�� z*�l;Ǒ;%wYd1d�4g���2k�2nOn��?ZԀj�Q.�8)dEv��m ^Fg�7y�?Jջa�),>BXȿLtx*sO^2VJfu�a5b({A�pлt�9'�Kiz�*<Ŕ$zKX"Q',z�q�7�%6O|><4,=[!iv)
Mٳ�X�@�;'Ԗ#e��臡}�ydK!L�)ob!v\JfC�ꅫ??�[Ч�V&+,
�I!Mk,�qb)/uz8햄![1�DFKvbc|"`�v�H^���,�f�ɵݶ1�_E⌤K '�/�Cƣ���QR^g2-/O�V|�8�=Ne�7 L o%JD�%+pc=bX�[?�ۿ߾���V0Ӈ�$2(r
bCV%�oHhA7"�O5yS�Ë]�"!�Vlw13:X�$��
M3V�{tiQ
\š'u�TQ8.UMoψcs�C71?ɨyP*��X� s^jrf_EeLq\
�F%ڠ6]r`�;E-c&��B�s�tת�/ 2{{7^lOY8oJ;D]�Pްp%㷢l-ɥ+�^��qP d��桷Y�N�i5�v#ȷʬXx4�F�}�8�0tj*b,�:ycA 2RGQ]^'ʒJI=%]Ӏ[MAG�B�F8 �i I�,8S*ZV,S@��UN
��8!S>ӂ�D!\Q��{0IFQT�� �QQUfI|�R!K_tVc2+IPfN;|lerv�j�_�~aRnn'!ZcǼŨj�Q>1��h0֒悖*]Fy0�ӄxu�p�*lMG�4^�4iDꒁ\wov-�*Z6!D��[w-�M,�8Z98@찮Uh�!w�v�
@*�Dcp�PST8]gѐ:t����ղ�b��cd1�72dt�x*r�oߖD?36Kz5;遒r!$Z>Q��S^itD`Qv@�ֽ[ٵ]�S ��)?9ED#U�%ʓYMLj�ڂ�7e�.GN�Ҽ*1ڍ
P9t�Ds[2_FdkN�CWT#V9
QSS��.35=�0_�̠uBw'2"��E�?��R(-XVtK8Br8i+E�..A�G�_v`7"3>`M̩M#7��m%ov!$^
纾�LM�kpZ�Ϥ�N0C�nR \O�!ynqF�N�3a{YF5�6Ā(N kI#�ɑo4*�@T/A�uKnZ7�l@-�wdf?82њ�F[ e'_y�p5Ԉ�A40i4���.�HJAHmg�!זp(ءĆz?�K!�ݧF!��~CDzx��#P}+䂎{
F{�zWlss?jy��@�ǃa�є�{T_APuk3;� �)QO�}0Bj0ꈮ�}�QX�7�a��aa�W��9,=no* 6W�YAE�{ s
!G!
LQ?9#i'X� 4X;\Nq#a�$m�a$_nM�ˢ|bѮ.C�Ȑ+�rb?7](4'ek}G˕UX/vSͯ@'ݴLYDTл(�2�13U:\�n��D�E�Yn|;j
k,m1:�βZ�;2�k�Bg�}0`T\Y{&p[I6
R\�oo|=yP��fA�e�vző��K# 4(1T�Gq?vD��h{[(
W�̮�L6 �|e\�?�?;Rk�}�;u_)̆~���F{o�m!]G�?�@M2u���ۺ̃`,!k�Y=}$}gr�οLũbK�ؐT"Ok0k�N�=PD:}O?��z&i�0�TT X�(�54-=,��R!~?JgK�c`��F�lr�w9
��Ͻy��`ܕt�Ђ_wB5L;Jf'�*<�J-!~?�u�>ڭ%K�7"O�Buobma#WՔ�;ȅP
QUZ�`C�ޮ=2DcB"Ǽ�bO,rs 6Wd�^qPR�
b�>wA�)Pa�W8agOs`lK�pV(<�Mjk^n
�AmrU\`2�m�>R���j~β9:"7f
Gp0P���G�.�-ʄ�f���]%$�)35s P�xYG�~
]
:lutHfLEK$��ZQT
�%�i_{^Z0�}(�xi`8ͭ>�k�ӭ�'
/U$F��p�CCw_X[|"@�2\HΣ.�iaZ�U
�S+N�avgK-b"�
sS~<�y8S''Q7BJ�J_,�L�2X$8[�#;�rj�zJ���yI''�\9Ipow-@o0�(>a�g!~R7~"+�/6z'yw�/sB}��νpU,��a
NJ�֍�Aq*1#;'ڎˤ�p}x3'( H%o 4dx@�i�v⚟(Y�*Tr*Ŏ
ĨJUBV9tmb!P^>n ߴ;k^7�rA�GD<@(�Xozv�/
9d|!�N.@�;��1�$Xp^�jJ�Iͮ�?K�/8�O+e餢ޫ9`كd`d�)Wd!Y^P�Sa1'Fm�ݺ@*>�G%`頳~0ܮL"�tz6�m]Y�~"_ wt㻤Z;�LT2L��[�_
*b�*ނ,qWg_WhhfO�W�Ѡ�}rhTs��s�^D1m-k3�iɉPk0�%/,i)�k6*7�mD5 ٮA�JX:s�:7�:-l@ջXVyE4�^e�0P_K�tO i�mo>g�\+_zߜKDVf<�9MNܜ�7X4Qp�Ƀ":z9ZLeD;�wrJp�
fYs'�TH��d[AzpM�nda�pū�ʳpg5�]-"�uG[�ԛ>ܣtHٓYa���>���q<2x1j��!f��(=pk&i$]!M=B$+|ּl�$7-�wQW9�O�N�hNCc$r֥lK
Ky{�n 3"B�N|rtA�X2��r�Rh# �32��e[}PT[�,|&�mt6؋6^.�5`IkPEɠnS��V��:Ѥ !���@jybwA82y�wP깊23����L�~�-9U$ ѓR�MJDaR�@8Nݾ(Ss<%a44gM&Ivz�{eC�"M�#Ya'$�R�*F?�L|77+3i5.Ŀ46.
vΖT:P�IV��O*IMBQ�?Q�ߒqEkf�`o�ȊEB4r-MV2 q'eA���H#�d�~ sRm�xҳӡ�>i�Uq%x爂m°�X>]Xk̥N.oP(�j_˸sJ*�!�+w6V� f۳=[&,bcWث͇\y������cVlaEkfpN]�5
Hvͅ�2Q�6AhBT,;?P3#/ E�iv�u*�m�1��xU.[�H*8 qexh�N^^>ڰe"�[��1+7��mŊevtL�ȣ}}{�{d=C9L2�h]e�!_?7Ѿ4t&v#rˡbXe/�mP�Ӻ�ܟ'�M�|e�u@1$ ?)ߌ aO�c
͊��\X2
`yv���@j�"Cv�6'~A$F���s�*6
;bs{w\�SMǧηmh��pZ^r+���;"�04lkp�;4ܦ>e��$�L�wС��7�X'>s��0˟[;�ǎIEMu%n�7f+o�9Ps+
+*�`�H}φ~s��XCN���js;�/ig.BPA>'o|e3�V���<�9,;_� /�Zk����M:0sl諫}
g]�5n h�?_ҿoB]&;�G),%t�(�7WR:Ү�GÈ66dk�� R}"Eӳ抺L�xZ�&'Cg/�i֕CB�YК8h��
FVWATR2zo1. U3hݘ�ըRV$zJV}d��7
]�=J݁ģqό(p�mJ\o�zk~V[!?�R�4(nӄ:TmRy��/��w8{>.^+\_�4^CaJ*q'l�."{|�>v�YQ�e:=REy:wS\m
_r�t`�JZ5;xv/�iyI�iݔ?HqXc"\�QGN;`B]g[>�X�I*r'B[/N,/g�80T|�^E~![I٩1Dc^^H$v Y�R,d:�:eMcE-D+�17a$�h|.QB�E1�jb�pJ糰�t�Kf�-�fl|9�.lǗ�@,�f��R?7�G:c9(f|+c��;/rjЕqO���CgrlK/~P�s5%}Ksp/ �a{En�:��Ba�MF^4��տ�U*h~5"\"�sZu*0Sd�Ag}08�u`|C�ŕDV��Z�Ӛ`&\2h;�J j=Vj�F`tC}�ۯv'+A�+Eݿr�'H5�i�Y?:9ps�$2$Ϊ'�'�S&NX%�P7�LNMŻE �K.G+"cS�rk�%e/Ƒ�͓�{?�&\R�J&K*-�gA#(~lB
<-&E,I`�U]O�W!��U�5|ts����j�q+20$���(/�m#CiY��* ̆$AHU�%Qks~_�\r�7Yq@MDbm*W�E�N�!cK8o˭�w�H&Vi,R.8!O3t;mwq�mG�9R��G!jX�p38*�DE*/&�L�q,�N@w"��юdyo.1�2;�A�e�%�nXD zH�|fh�7I�Ki+,*](xG=!Ga)"�N^&/[
$Rb6�~(-c`Tu>nO����T�/*/Q_��>e|L�Ta*f*_:ѧ�Z!
�3�[M�az#(T5gFi�_1�W'?;LNswL�/nTCl?�{ʘB+E> ��Ȟ1Q��OWw0��D@�����w6̀p!U�ӌR@yn�g%+˛�}JAIH~']I^{r|<ǥ�1l,/T�|tObk��a3Q$K�X?]Hݧf�{5|xC)sԣ�Z$9F��a�OĊ�;��R1G#�.�9�l.Y
6%Y2rE�wirr%@4nWaEyƄwKa$=j+`=]`˳Kt-1Lr�VK1%U�\'.{�
WD;C�r!�=/1,&�k{P`95�7F{o0�#/ޖ"c0bq8[l�YyF��tb4g(+�&Խ�t[A��Dά�G�5��7vU@�SD>}
��Q8X4~j�-xF{CX���y%�n�ܢ�S,EmgBa�+�!�RN8|wm# {�"Gl����e|ZS0:�[a�Fe�72K{|5Mt�3)�_�QQ#�xp\5]ᜤQ��}n^n߭P��x-��sR[ �^l�f3ޱV2>2PA�~a�N�-lCL)�f�`P�Ӯ%17Q֛�t=@i��S^\}yj]8$&Ay<<;śU:5v��]�1l1T/��3*F�$9r^$WTZq#u0]b"yjsA9�~%ṙ�M!KBXai�b�ZD�i>X7W]ؐT8uvv�xϵ81H.d~�h>֢"g7Q).��N7m�\[3�g �s�-0��De���=,Bmg7ТrެZDN�j`�{�S@-3U�l!,4F��.?{0��?��%Ώ^圝?ךd-��߅�[\ _<�6iźNl`@�pX[l.A�^qSeZS� p
|6�ƭ�t|'E�@;CFҡBkM�C�JO#ݛ)^;t;P?-?5�0vѵ
�{u^to�:
1slm�U�@p۷(����wIg_Wɩ�5c�*
R}㲀p(
)�K`7)'�|�C~xş1i�.":�O�k�xEFnŢ\3�slt�A(e�>W�r-H����f�FH�3�Sy�1O�y6WZ�3�@�4REd�h�o@ҹ�zC"�-yz:K;FQFd
ٛJ( -HҪD� QV'�#ԡB1�{<�-6eplwNk��v8d3�
"-Yėa�'Q(LibhD'Tɽz�ǿ��/�(z㾄-МlG|��ɶLK#{:��Iko2�P�H;;�#o8ھ�"''yXC�c�%͚p#`�ߴ
Op�G! (DnA&G�=6 }͛]xrq6.x(��#$=va>\t@rr@lés>O�#bhDyMG\�mL4!ˣ
��dfveLC<60:6�Š�0cA~.��mIsd�u}�Oݢ|]���Q#i.�,W�5d9�z6Lu�n�v���jjuC,*>ְdo1j�(^y`v���/�X�ă�A�[K1KL
�y2Ҩa+@ó.01Ւ8D&@��_��|�F=8�0Ѷ&3U]SHNW5p?0\yj�C_{ h#D8g���O��=mq�_:uL:f�%lT&)4Y]CQ#١Huʔ~SX3@qQI5g��uyu�\j ]>,us@ϳ8y5cD'ᄺ;J_cxcpMM�{�F.sPFWk��4
~w̰{� $�"xؤ'���2���V�a}⭕Bq�1eO��(݀i[}9%ϳ|mjJK�79{@vf&�F
*"�0�GiGQnet1J'�]}Q��$������dX^z;�mi��[qU[�Ё�f薎]75\N��3v_�x+Y@r3~n,M!�Ҥ!V6U/��+X�-�Rq�}
'T�isw]P:X?M�?W4'{T2!}M:XE?!
�b�}��᱈�I�8_o��aA-X1,��E8C�8iT1A=�5˵Uoԟ�37+�7R!Ӑ@gKy�ЖB0r�-_Hq-} �)5]�UW^&CB�&�z Tӧ�t_Gܟ/Z@�q'oj]:�ۋ0o��J�>XEJ�ĺ/�z"�l
Ğ�y|�ҢAxR�BZu{s)YAȱ}H�'(𡺍3넙v�
eS%eOʋ��{UZMV~6؍_adJh�S�y��_�=wE��S�a�Q12�Uea8$Esĥ�ϧ,?�(.]AD0^�^4P݉�@$Fە?o<;V�@T�=D�hU�!�}'Bg8u�4A>~*go1A��^^�p;8j�_Mw8��VIQ�s2b;�g��'&م_qX�-.h[���Jvk�hC9hB^NT.am�Y0$H�0* .$,�@]�p6c@XI̱&vg��9�AG'�/zsKZlv� nqo�SVB3h
d��6f0:f��mX5E�B�,9nTVF3�L��Cf8�.PؕIˠ�n���#f?ϻ��bKev+>ĿU�H$s:�t[|kdQ�t*`��.Ak�ʅ1@օ`~TԘ\FĻp���4N1% sNɻ)ak !�/
JK2K>+c;#L����ג�
,����l,U6**Mߛ�{4��?Fe\ �}i,�+]{� *9a3Ո�&&B�La��T�1,2,8m>Y+�q?�;;Mg��ũ�:?R$ 9FTh���K^tCs9dSD��el$QsLf)Fޤrms&:z/`�{R�tZM�@ʊ9usq�0���(��}�!LhNz1.t����Y�D!�Lުb|ծ]\þWV�B;`Hc�{�ǎ�\}Q�&Hu*ǝ&`ûc%��7r*|v4閨ڲE˽f߂*B#��%}XOǁ7r,i[��e«)HR�$˝Q3��)�j;��%Ta�Rah�W@}�O��O�4_]Cz1O0�xG
6!�Y:)kT"#a�=�^sN1�ʾf�8{�oemRK--ٰ64J[d*#g5m=5}2�8BbәA+5RVN$�lS{ `�vb�i}$�bn"dvM"oOz�RDS0ښ�?k�p8��<+A8yE)(&��K.DM4g�SH|y*j!�mɦP�9C!\m�ȭG�\y�ڊ&�0O�C�xJLYS� Z�^�;*�XَI}d^kaQÝ9*4&
t2+���2q�F�v�0Au9$�+{ƝA[�#�(Rot�@عD.&HԜo>�?�h@;3JDoWb �
�sm�c:o�ň/I
{:`u2[)�UL�#T2��e�BEQ;�\���{�{�hT�g+d1Ryh�넜�k�mU�Ѕrݰ[ѝ�{N5.Fω|�@&��+1�Do��i2a
`�QHfD�� iakLUF&�^F�_��w"ĸ#E(�wπ&
�k�c�2��R0{2Ae�@><^Ֆ>mX�o;&݊W [-W?|ͣ |�M\~P�n�a mn�9�c@��+=R�M0 2(�`]�)%%�������I>��0<�ɉm�H\
�d�p�0Ӷ캁mw5�@6�?*1}mu�7ŰN!X�Xoӏ4{R8U�(za+?)?ݘyd\$`ޡ\ਃ=a>=&L Wj;,�`B<�%o/gpoxP?@*s-M
^V_�xt:@hՑ<�X�_"�r1d�m*Ō^͈s
AaKgmeU�25�/O"SXn@KY�sd.b"`�-"Lh!V
�6{f<�x�1C�A݅7pS�zaػtt��$^F.>&*07
5]ݏ>�ͼ#�(#�L}ꔨH!G�AM=�ǞTܛ�_��JgaQW��6�8n9D��e[&�q4z�X(M�=y� ��C�9�0G_KԢҝ�v㔤|dJP-1�QG���\�2Ѫ�
8l;ʓ:y`Yg"Rx��05^.* �n�ϔ�w:R#����KA
[=uLR0.@9˼ڻ+3�
N4Y�)�l���u��Q�^��^W�F3/je3�Ŧb%o]0@�Q
9Ot�g9%?.��`*��N{c@ק`�B�q�P �*iRae$b�N]Ť�/tG/&y�4 諊uoAY>
!@Ĭ0
{ ` %{{"_d#Bte�h��2�4�1�~m�&pp;Z?T�(��BH�%)m4Q3tHWU"c�֝E@2g{rƅ&}�zj{&dڤ��8m �*�0ݔ%y\ͽK>(�C&�qqCaݐ\�*HA/�ՓX\˦&}hEv, ll�/o�pk��'�{] �˽f�ζ�E�;
K+F^ZXU�@
|y�rٵء�|œV@f#G\�wQ'�3��q�z�8,��z=d(Z�VX.~P~>T�H{Zq~~߶B;n)�5`C>~ x�7��ba�& ƍj|�q7�KeP"c[TBI䅶ҿ��Qǁ{>m�>z�c:imfwSێ:�OA��kCo&W�
��
W%Z5�DfCfF�S�X:�ފ®A.`0�v�zG˥�x\TAŽ*�v[5�XgR
9nS��O?�X��|vj�Fu8 vW+b
U:t�QWF���* _"�n� �T$(�&p,H�F.[X�h�yeZQlusy�)z^vLx�m9eǼf٬JOwZCpz��.@`��
m5e��~�-O'�(,�{=76�w+nmVb��֛j�Ձ;))U,�ŵ�NNcQCdc|&սq"�^�֖︮{Npݨ,\54 *WCF~峿�2=z;6tOP�̑º���UhQIdo �G%AB�T�t
)OT
�%"I�#1{x8Y5m��O�4);ݍ����E�BP{���WVX�T"\�V�
�B�'Rݬ@y̷1E�^rNc2;`�o g'
x]gV~YVGpk"apV`gBS�-џ�/;)f)X[?AG$Gn(J->j�@(6?�٫0�K9<�y^|C~I4�TId6�R=@x^[Rb)��G�|U^:
Nt�kza&P�k�B)nD�#�?d%:R5}L>�-ăy�Yz5H�Y&rL5V=�h�7KW�a!֊t}|�P�;Ff7@�|�bNNL.k5+@�(*U5!�}�*RGw?�6}�-WM�R.pO��
�(xpGcq*/srqV!P7ARWTA7G{��:Km$7
VW~Z�"}l^�� 14�K|U�Q�D
_
yn�º�́��6n�(P]h{b!?�,v#7�WJ5W��_��{5S&6��R�pc�j�@;{S9�~l'= co���Re+{X�ZՁ�J��4Giݬ��5K8�quN�&�.�\
<0{�ޯ,�:�p�
#�ꨊ�9�n-ת(=81xsLQRW1 �eaYhTt8�Z{�rJX�� 9!�0[ZnExb1Y�@}�/�%?u�U�NF�Bͯ_!FHS\@}G�v��)#:M��Mw}.ޏffW�TX?����oIV08OCa&tFߊ'Wy
6�h㸌��
x�9Lj_Hn�N2c>RrJGL�nH|q�:XoO7>.zi[EdXNIM�z:һ�1�,���X"?>����NaۑFt渚7QmFEY1r�)�Ԍ�ZQuԸN00�$&�cC�FH~l_TB̴o��(I5 #0YP8�<r�J$̾�EEӰ�=k' @znO��laIi&m�}Ob.lT[>泎}}:eŲ���˖
DM�a-2YD4�g+���0�qb9ltx"Uj�F#ҩ�osը�w�uju�ǝ)e�V؛LQ)rdUܒa��ݢ�}ݠ*�z%#Ai8a�x%B 0A{:l-t1DN�I{QG�Q�۴̫*A?~P:*}�Bh0Xk%/ =`e���@VÁ!^U8/vD^�y�k$P�W�Mh٣�E�
h�rD�Tth9lIk;7��痑3f7%j�9Ih�!ێ �f#\|B|)(VR5L_;�8.noi*>�s蓲'}*"*�\���I2X$ɬ=6zi,QP[���g:%l|0Ӗ�@YS(�>3P�`G����p�1֖8O<�f�)SaHiU~eh#4�<�_a�Ӄ�/uiדN�h\Y:��Z QZ&I~2�A[]�Z�Z�\EBR�}@,旚Oܝ�ۨQH�2Bv[[SH���3|а\�2�6�O<|E`L+:EVwgg@�LT�i�`jЌ�ja^-ye�c #~ښZG%P|3��z;�ٽtxs�)&֢��];싀(
�jNS�f>bSL54O^0~�:+�Fq����L=qE\�Ӫ�\Z�Rlijn_F\"p�}=~j=D|���x�CѰG07�9{=3=A"�MsЏsb��egIضZWox~nFEPmT6H�lj'~4!�pO?KbCMkZ��AI$J�)>��u.xa[��s
Qug0��|h�uԱATrmU�}���1�3�&�ͼѥǒ���4{%�e��/�f
bM�ImԄME��@C>�p_�;EFt��rX;%�=TAh{}Σ�~&C~`�iG�li�R]�+>Ư)���G5{/��r#SҮCK:�bI�DU&�>�z8[&ԋ2,yFhmEi`&
d3�blxQlî�D+2S�&\lD�rjǹv�?�P�y�1��dƱ�8^z�j�.i>����4F�d4ex�rPȇ5�,#psJF]H��}_?TV�S�c}6\zj)�$$&:��3oC^T�O�MTd<ʼ!��Ø`�C\�ȧFGC�jzJmK�4[`g篅״Ʌ�gB!&'X,
J��h;i4a倦mO�`
X�2y�QjEr3��8CdtP8��-�{(p zI{Ƽ&�3,5fz)$@r�qE�c�
��S
:[bF#��k�d�}$�M�Js>^{@}LxX6"�7۹g3ޞ�@-�w4F}fR��LCеbJa7KhbSp7�t���%
bd�5��JѨ�źK$Bz-�.ٌ@�dh�i40ʕ@ZO�Mvr<%"8�jZwD:9ztŲkVrn��MmF߁=5A�hq44'RA92h�
{kY+?�oH�>swM�i͋I�uUl��ߵM7P$]#_1r2�YI\m�gJ۲�_G#!@XG%]DLyo91!2&[>C�bA���):Zz!I��"�6�x)a9�*�[P&�x�Ya�`
rlA2]x$e���>}�b{]#(�g��d֭6υD:|vΪ _R *�,�2��TY�ƉS;K2};Z{AMu^�_
~RErzs
;��1�_%ȏ@%{5M�~$�:Y|jM-Ϗ0�Gaijl_w3Ug\[dOT6oc$:�4-IQN��M}WƲ,I�;�c檩h=>�eo_�V�0B8E'@�M[�I�Ea_J�݉
�Q5^!R���P=VZ��Vl�8Sb(B��I�5Qww6�E�^ǡc/�dV��$gp\ML>k${G. ��zgx[I{_!Bc]�D玲l(<.V�]� ynrc�i��ޥ}Q:��&r�\t7�CPhv0e�< e0�k*�bڃPa(�U�2ý] q`QeB�>_J�і,ͽ{�~�a:Ʃ>��u�^fR4Q+4$�'L�̌I {;0&A%�@���.KcU�WrX�>nO&eݪf""\�zc5�F-D(�gkx$DVtbJs�#Ia4ay ht�cFoY.2ck_vXxdy0R�.IOW�|0k�j�U�$d�;Z0`2meN9�_V��\Y~H}p`$!m�H>)��lUn�^G)
>�EVHfHi-�=
u-{AXue쎉�2c0K2-w�.`��}��s��8}8'zDhnL'��cJ!Gh+PKlt [i`MQ�\1�QH4]Pw�/e-j\Vs��y;W�r�X\Y$Ep[D71=���YKU��i7��o�2|Ԟ�H>MG>(4~9g_`wEf;�-JF:%R`"W y"
1���S�0o;J\C�qJ0�M.6~yFR*�'ouh�nNFR�*X��aJ�;��|&y{\�e|qݛph(Y>�-��crĉ-�_NWN�t"tvFK
F0yQ��'}�Мjأ�EQv73o
s9�W\,|!W~�}�=wM�Յ�噒n-E�n��D2y2��D:Kl{9l!eDŮ"T pT};�`4��Z챜'k�H�f�K^#5n
,!^]�w]ۍ�NM�H�\.B"`�st_b_s+
*O�V��TL}xp �)ݗ�g�_#TR�]��s�i|#�#3䳣�&0sִYʻ
x�c�t'v5@�ǔ�#\ZsnA�%Svt+yEi�TN�2ǬfFbY�_vcM�E=L@g�'W/4dkN�W�Ek�'@ZY�<�l�w}IW��±DW qş5}Th���%x>0'�6(�H7N%�BioMI�^"$�"XVYX-xQ,4]
Kc ~>'pE3d�ByH�䦤b���@ME���k2�v�:<=ܹoc8Qh\K�Wg0 A4��AJV+�bX�$t��kt+#zƤID8"?�w(�?Di}�&3h[NM�-ON��sZ:n�3fG/Oچ&h2
�xр�K^"�AGֆN-C�uSTk#e7�əF��̓xq�@�D<_\ƻl�� +L�%5Ν
�jzVe)3=n9CDr8�i>c�kӶCi?Đ�6��4(='/Z�`���XnGc�:K�\^n8�S�]�gY^���{i
~�=�|~f�ϭ} wqz$?XHP5KS~ĪP"?�qhbAe�l&wҭf���@��$D<ӿM:Ae>�<Α�j�v{@q�kX�3@Xq�?7ִcw�$qˠ>_b�\~*�b@�'�d�䨃9ETЙ*f :���
�,''\:tP�s)�6ѐˬ�j�N�PX�ĬHc�UcchHΔQ-]Y�?#7`_c^^�,p�<%T�V5Ol.ш0ɲ��3gJd0R34����)uW/r-�>�I�F/B$�,Opw&l�h"\}�we3��iB^_f��u5{b�Rhi�sUٺgQvj:[H�葞?��$$q^ȑ�Eҟ_$n 2N��qi�փH#HV,�@ҭI�-XwDz��lRFgg02qfCKݨ�,4ܲVY0ܜ)n\�!�
N�RQ���jBr_��1A;'��փS�F74!L_4+h1�Y=)���8Ӷ*-�.3?ߓ��'Ym1�}�꣮P�o�=�a�)F�'=gZ�X�¸vc�'I]4Y0��YaDypׂ၉Xxe�Eޛ-6x�Qs�=7=C^LW4#尦�eX*�"WkRuJrzalj/}~ ~0�N+)�D�M�Y ۴Xf�A|nh��[wp eC^H1mI^+,f/0Yw|�fQZn
�2dv�.[u�\ I�z[zLт�ܛPvOZU|�@��!ɩ�o
9IՉms~]Y ֳ���}0e��KϺ?Ӫ@Z�ʚAz�G�,G7(>qunw(�6\�"���ss�>vB>i�3^��uU"���#E/_m�ZJ߮o�6EW/Lsʤ: OV0�n {!~ߢ�"��&~
�M�
%7RGQ'\?BVd�4W)5+�~FD��'/o�ڏ�U'�n�>mT�fPzwЇA�*{]�s\+V⡪J3a]]Z��RW�M���nfƯ͙Cel7*w3�N..�`3�0Y�s%'Z�ۦ��O���WPQrC`�(i(��&]uS�8Ut]{ג!hӫ*Qð\iw!c۱&&m�l/�l/��U�&
eϸ��R�^�#Q_ފl7{'�9�Ő3�Cs +bNJ+]*eQ(Mh8+��c�>:RB:2]BU�9�ʂY/aj s
{6N$p$UA[`YL94־*'
!b-i������T67_簼β�숷i
�z7�C$at#�rq\d*KJ_JLVz&��ClAn}�FY�E>Nj��Դ��lڹg_/8np)q��gY:n>�y\$�aBy0q(S����K��ϕ���qf�
n8e7B=kN!Cc#3,,sZ#���?.�ygo�#p߁
!֓D>gWA
�Cr�;�2�E�\?���hq�n-O�_pucv� �2�,rǐ'�����;j
?�Gx:;1�}PѽPvt?cFB�-N4wY TY^�s�F�z6قy4vIϤik�A|�gZe�EF@,Z�$
;'߿N7ro�< ?�kꜯ�?#)�dW3$u`YAr8pk��D5� r��nb�֢*�]qCO�rbA뚴6$TA�=�v8hjq0,^p~O�^d� 7�C-ݤY>U+2��|�d2�b�JF�ӧyS6.$�ц&TO:��!w6h�N7uz�Ӿz
�<ېb6�Mlwt֛(� ?"^=@=G�i %�
�Ow;H}W߀G'_})*`tb�eݞ�6`D'Ƞ|`"vRj!Î0�Nk�(o6-k�JaE���?d&͂A<þvh!*<50I*?I�-]y,#53ȳ͎~�*�\�)��^3�`$���P_)1���!!�N�&�=�$oo�@/cq]h8]Y%Ӗ ϱ�0RLj
DW��vY�4hmǺsTۅ{?̟Of�0�$(V�Q]g_%rь�[�><&Z$8іy0폾+`U��>�i3>��Hc|�Hm�Ku<ƖL0�#��,Y[f5%��Tk}ڴap9+HOpU�Z$|��?�X1�_־bߺr�~�[lg�[�~c᥎wR_BWPa�jȟoq�D���2ZNy�1Y?�6P+%(�1$П|2�.?" �F䂨��D-bw�x�Yn"YPE77�qK� C**�U�/ɖ�NY�朔D-r�vwW̫>iG��e!a�l4
#cg7~DzQ}uX\;7061t֚`f1ޯ
~�|waGln)�5W��xs1��IWu͟K'۲�cy% |R�һ�8�\`��،}�,�qf_n`�R�'�Ϻ8%Gk{� Y�v[TM�-}/�H$.hio��KP_VJ�- ^$Ke'=nJ[+V$}%F��\Jxf�ϑ<�SP7]d�k;\vB_��51BY�,3gq˾Z`~7ڊ^{}a[@kbףq\�]�)z]�-9̪�;B�go&�7,t�C;CQ@~5Eo3;&D��7��2>z˂�5z[1-w�V3�O �GgO��0D�ք��Wʊ,�,<#-[Mw,"�ӽ�Bv~,s�K�t�K�chJ:�q�g<啂D�Qm�Sy7vUA������K2/�W�8ͽ(S,��8/�i#H)[.rڸ(pXK�_\%VQL[�3Ps2?'�z^�*�6I~4씹
3By�1Z{wr*�RaRDG�ct��yS��S&lA�A.�M;c�hw��p)�r.. M�7E�V%굩
~�,$n��{p�rθ�G�IXM%r[0C���@|�@�o���V4s�,�� I��;=�|[��>�BsM7�=0�Ϊ�MhVV�`̖oPT��v.�KG�
׃V��:T�K�A�i@RQ6�hs
Q�BMpS
��29f�'�=cӭQt��F�gQr"�{#:`s9�$�5HkʊWrvQ7��Դ4�zN'.`eR�z
�Z*t�ۍm�dV]�\Vr-utS�`|�Z�98g)6�;^�re%�(c?`%�~M
l@�
<�Pfj? �G��ҠwM��m��w甒z07j3|7mSK\R 7$�D4Q��&=f
�u4�0HB-4Dk�D�6���W]gGW!
�l���VR�;�9� !5;1і C�V[|>xZF������
8boodi>�b4d�v�C�f"V�ڍ2}/"D?�)D4�]V�E�%LD\!����A�FĿR��w�p�0[&9a�T
3OnC93ƚʴ�iQQsX)(;|�a�F��ړ覼�k�]W*jM)zUyXU��BZ40��[vP�W�qۢs��V %1yg�B
�+F#H�k?b66ET| *|q�R�ݺjɠrcS$�^Ơ:��sO���T�sgg��{�>
~�ѐҋ~b$�!7Ţ|�c�a'#���*^ļ҅Mrtu$�)C�
�Ҧmvt)gfՀ+KFL�eKBe(�;�.K�wfg"X�2;J!Pc|7IА4r�X���e4A9ƨyjV9C>�VՁnÿ8N&RH?쁦wa(6�)Yu!ܓX),/ʩ�EHnJ)N�lH�qE7Vpڃ܊DUIX t_��X�w6]UdE9T��C0*sH-
�]��A-e)ɥr2�M�ju)�,�ʧ:\uM�ݍ
gG4X)�pe��@�/�Ntq*u�Q[լ=�lH��r� �+E=�D]J�E�\a�܈ jvXYtvPrͥ#:l��+f!�Kpo�}`�F{'r�h�g�$eT]+5#;vb+��-�]8`%bi�٥ů���Rjh$e�?~[ɠq�o��&ȏ<�8ė>�x��:<�u腔>�UU��uj:��TTgKZ��Y�HbG"G;I$�$E
$⁎c�
�\r(\~q�~9nv��;�ᠥ�ܬO�q2}I78�(bbN�1ٜj--~%|��ץ(41�c�xÌKSfcQ"A'q&R��&��Ɏ>B-9iĔ|C`�ZKG�zr}خ>!,�r^H*ۼ��t�=�n錃^Z�*l�-�.w)ydF�at<듥PXR-o?A�^fnM k=V�*{�XQ8�oE|�m=#;t$!r ~#�pʰK?mg�UG�'0&ϒB.s��XL慔&1A`}E՟�P�'��F@�fE]�H*^ #X�0�ƖZhڬse
͉g�7�2x`�.H�4�[8ʆ�B|9J-T�H�e�4lo
$�o�{K,{wa�~�nso}D@�;���\oL+c'�;;FC/I�bd氢^W0�M�т+g\�_ړRՀ�"C3BP��wIn`(4|4x��21 D|VXylp7r�,@3�o%$AL:ov3:Rf?N"`��l�6 5]zo83)�"M�buQCPɽ@Q��C2r�M;�V:OL
[HEJ
;�-LL��8+g|Jk@H 0�yJvlk5mRYEDH�<ƈNJ��_bm�ǹ�kINc|2�~yq�UỰop��Q��R|y�0<٬.E8/fV0�#-j�-u*P:*Ri,ޯA�-Fc5å�w��6bՁ�w\6*q6@U}8'&~!4朐E`Bx"7)bm\hx��Ŀb�':t#:7-G9Zrԉ:U�2/_ah!q��Y ц�PiTN� 2Ф,�3HDѲ!�p�i ���
+WW_�6"P
;7Cnzn�,p&j)r(]9
ڀ#_��0'".|-Taq�6eRnG\P^�釷ֆ��EwglZ�4�qК4 8i��[�8o+�&mú2?D8'I#ك"oOX!`��0
ğEe<;WL<6���Ҳ5�mZ�c�MCC{ᙧ7 �l70$�i|�t>m7-�] _T/1L�ͬ��Rbh�(.K�[ŢZݾ�eL^%��
=�|kV%;ƬI�Z;rĥiv!��X_.MRϤ!�̈Gv��
�!�7+;b(+L�py���~aLg'vG��D#RzH Pd5"56{k^A][jf�(ZCW<
䶿iX��"PE�F�\�5=�|78ZRr
7b�`��S]7ƍ(ޒ4%of�xwP56I7}tAt01`
;�8mWf~
�Yz�)W؏� ݁\Yq��o76NK�J��0�/�U�$�Dl�K>da|s~|"��ab`_�K
�2GZ3�ޢo<6Gw��Rt�Q=�IAs4�t"��9c8HsQ^�r7۰1O�|%�\�5d'D}��s>FinV9�1�R�z��5!�.��&,\IYb~pv�:a�Lax)£JʆwvnT=s{���X y>!�V3YWZ|%t{F�� `�3+����U�c6i_PnBе}n-�
+"g=7�d;,oƤ1t[��� :?1&N8n >1�Ac2k�%_L46^
j
B��au4y^_;�zCqS}ܾ>ڠZfJ0V�_V|;p�uiAA(/ѳv&�`TQr>*O=y%"z.hg���;��C�0]6#�A�F- @8ZE"�|I§9�d`#JU2{n[%�0-[R2/1�bDHĜ�`
.xFX�w>*i[Y5HJՊD{-W
Jj?�Q/�V@QoYˡX�g.w��Nkl��6I&!fYb$u�>1bWd+POkbu 04�k�^.�7v'3m|!�R�Wc�O��W6Ul�Fv8W;fk�DOaP{�wʼn=wjah(yyq#�ɍ�U#:WA؏G�9�z!J�)%0|c1�w�!ym�P[s�E�g&;[Q]I]Pu}牬Y0g�r�g�`Y�{�b�OB�²�qY�'�ߔ-5W=`x�LӍì�txz9vWT�e�^ū�mpUCx(JNq> s%Z\� �
�ʱ<1cX�sSP覺*"�w}\��fė=bB2
2гiy
�^VQɝYmxd>Wm�6?88F
��?¯Ԓ|n�0��8~V}5��֒ډ:tH+,(ǘѽ�$Q[p��zFpl����\e��µHp(J�EO��F¯ƸZ��>��e��]#6t�JTfn�_hz���Ÿ"ʜ<#\ݷ>m��O�: �}�fs0]*l<=Q}@=�Tj@
�|�ϲJѧ6gWC�={Py")(�
K�H�}흉?�G\�ԉ \��U;k�?r�ݙ4 �@`ip7kP^d~^�&`_QnS)�nJc�禝ot�#�b
�F�ta�ju�h�Dy�q"9�⽨�OpCJe4"���X!>����V5F[R5�}s嬹˃ZI�:9CeyȀ�3(�N^18����UK;t�3x�*]�U`k�A.tB�t�9�B�hmv!5ɾ! �oC����4�_)#W&<:��ʕGF��.e��P{ȡ*bF���%JrD٥L�V?�_Ӗxr�aD6ݙ\'t\QC=�A%v{
J%Ilf=ʁ3%��Ep#3;a;%6Z,�_�-
+ %|�r]e���AWnt㗦ݙΓ86{^ҏ�3@u&ei73߸�̋T�z>Cx�=ݢN�
dng��U&+tV�k^�3;%b 'f03fp�e=JFCD(+Q�n��A�8B&��xxP�%QQI wDmP�{l�
iS77tJ���堉{e�hfl*�kB@䜳�3p[
tĘ^�k�d����;��/!���b �Ki>Nk�S
V�jڟla�
L$#es�s�[4U
�ur
ܬ�9B�!��(�4�
S:�`Ύ6F$n/]t^���k
0֯!lUq}JTG[g̏a�f 8N�������wck>;gVvޙ:3j�:8_#X�ʬ3E�ŭh�.�a��$��n#MP�?��M��eBÁV"*[J'%s���ѾzeNn�`�z8><��nKէ��QI��$�, s�}Zy4|^"j�'�g.렻4;p[0�54근
&�r1j�?˯hg~��yM4ܹ1]Z;ŗP0_�=Ҙ+ӿ�JF�/;ĖALu�&0�mLԎ�99&LVQmSlM�`F3Q���ҥk�sɽ�HlB�A�Z1yfOR��YR6�T�о��S'g� %ʋd-_|&nbAG,��myi!s#Qq�"h׆�iF)�7oc�
rcƹ�ﻲp?a�,�, _�)3Jӏ�h_�`�՜
DAJv0n�PLSW
ON>WnJtF+?y)٠T2ђpM�AP��q#I
�0Lٹ��վH�d�?d�ZA?01S��Ia�UL$G,)�3q+�jڀ*71su5-
{ *�x;��I,N(
$dR�b�r�n1� {lS�wP\l�ο/$�%cŀVUYԌ׀
rS@��'��`yCZ��0i|&Q�JF�'vʧ�H8g�[ۤQ
5M�)
3�=zZDlSp�V[*�O~8v�f%rOO
��۱�4<7��̏~1dğ�Y8M�jG2�@�%��óE2B|5DsvQ{�vՒQ^٧MR"/�szR9W�trK�yQbbUH�X
�@+TNjS�O^]ˇ":H�2!M33#?}�N��j%
�fN��"�:G~%R*Z< � ���b+h�i�-�i!fq^y~��̮qEq~�z4{tC(^�ʀ�Vܵ<"Pd43M�F)oh݀{=p{*_A3$LwU$赬-Y��Fp�s/h�&."Q
��4-o̘{%{B0qFGѹ�<�3::h1�_�HΏ׀Jw�s!5d?!�a�72ݵA6Ah/sb")Ojg0pM�Q^ه�"����v\?Y[[l$zݎQͽ@he\_qA_�6�+N}.~A6�$"@νv{_CE3D`躺|c
ts����>Ji'
Ј�Ϊ
qMCIۉE]�+{R��z�[*j�\�>QQ#�67ND@�
�Li=�ZJˣr+g\�U$څ y:7ST1,@"g�ٚX�r�s8�bE�f�Y)-�0iݺP'[Tp!E_�0�~�u]ރ�E�;OkZ1ޭ"ED^X6z4s7i�:e[v\w��hϜ"�;d�uXA+.-)
@
zXN�ȋ�bC�KW��ȫ*r[}w`|?r,c}i�}uAy1 �6(-^~J%^2OU�Mz1M&",
_DW5k�&�lĥԫ�jD+���>lK�<�61l̪b|�[�}5T}V�EԞg�4.�Pǻl?+yߤsJȑQxnb_0z� 'ߑO!T�XP� Q;O"�8�$0�3.刅1I\do��ZyF8WP��C:G"܃Xm�T�ݯ}�y%qh^�ѽ� ?��Av_7_�d&5g1�Xy�zТʷXKaXII P_iS��!J�ۈItzM�->P}�U
HigOن;$PY�H5w".?WE�'='ԙF�@*\G�H|v|ݚ+!Mgڌ7x~8W?�h�B�A
#9�q�K1c�kO�%��>X(�B78$M�z}�yol���V_ФleCQ>%,OXQZ�4
�L./6XW�g�� vRHD��-�C�];r^F�T<&T\{P��P͓9Uf߶6M�S�kjh.B)QvJQmP�2�|���.EH`M'"ԫ-
��K`1Zm�Z`_BC%ޔ*�2_)3e�]��wg�ᮄvd#(;/9"^�}�C
��R�">/g,iZdI�K�<�m��Hv M]9dX֦ܥg^5F\HZ띐s1ˁ^��T?_;�C�} .s!YTF ��nku8J=�&C�PRb2�e M�ru�y;�PZF� 5`;e:��
E�'C/+#/spfS7^�j��ĦZùMQ-�I]�
�cب[��܈\qi=rBQ%5!we�r�)�N�zCZ�Neܫmo�ybZ9:M<#�JwʌY@]s;=O�"H:1X�5Us�q-�?�[
�r\;��&FD��N(5�Xe/N*����?AO;Hp=s.Fp?�eZ}��&h+,S&~IC���~D+/��anjb�P�5kq~���iw��H�5�o5�=Wk�~l�1�=b^+|ɜq [�l�;gϛn�=]=Wl":l2�bӑ~�vX�t*xb"�PX71C�g~_*%Bܖ=2�_A*2�XHɳtPB(�h5iF$&?��ƹ�y[y%�"\+���V3|e#vt�yW
}tWbH/|(|"O_dzM.�t%dO1(�5�'{x�{9RJf_^G��J���NBaZ]*zp-N9:6Uh?Ac/nA3��ģ:�^G��r���mO}o<|A3 q&Lןq{āG��\�v�,$Ma3J\1̊�2:
57@sG5inx8��(P��WU5C�ۣb��֒�)Q(\�RuȊ
VU9oS̳�Cך�ic/3h>�=%�Rc0I;@fctі@"!W5-f��ρF@f�;U�'֔�p̀ �1��)g@�y�ۜz^{FI�YՑhm��ʽ��)8�e۷Wp]A�IW̳�B,nM&@ef�${;b|f#;N�p>ˎ`[�Wg�=Q!kB=~�G �[FΕ�7k�/aNqP�OÁvudf�d���i\]]"5B��bD� V�ڵƒJ_BLkn,�^בDZi92WHo״d�pN�sGa?Tʄ �Rze�^(M�91y"k`2cP̝W�4�{d[�p4�
��3[�H�|*4~ܬu
.vk�ǟɟ��m.�rD���]���J)CoĤ߬ג!1y�2"^��L|�OjPbȕ@Xpg\]�)Qh1NFO�{ }1l5�A��uS>=9Jڪa6SYV1LẦ#�҉ـsR)�hR�JS3]�S�gQh$mf��c��3L%0ߟLĀ癹ZlgO]8�K^,�>
=�יr,L-uq�%�kxH�I~D��QYC˕6ttIȬw76�V1+�ͷ̟cW�]B_]>5��7h��:=A��̰4]m;Sgg�M&R#rD$i�ݹ>0ikƞ`0^7a�0E����2�i-?�P!�)a
z8�$(m}p3k�Gq-�~[Ӥ;�܅Xh�KFLLT���z� K�
ڋŪ\@J$6ȸ)7K�crWf9k�mw���c�>+[yW(Jۃ�3]�f�=&6�-Gz`:f7���.~z?d#a�ËZ*�>�<6ãL$k/qv$��e¤�d�V_娱�Ϥet6NElŀN|
|G5�s(H�6��^�
a�sA�
�Gʃ�n�_Z;�Hz�Ϳ*9�)jВ/T�i:,Z7[a<7�:?�2Dw١3}4)6u'��7ff(u�Bh�M4vЯ�Zge"&d�o.oQh9e�bf8uEt0H#7(!�0dl$qa�*
I8~;
��>�ci{\CGv)'E�P�U-fP.[oZ:_eΉϩ_Y�G��l�R�%�=q��z(b�U�|Y'�eρ�fVVMC�0;h]L�P�Rŋ!pu�$^܁/i '9y/:�+*n�Ny/�*ݷe`�~E�00I����NQ ޥi#�2O:HJG� �Lz�#4˿Jn���Y0=[3h>4}~L|%�Ex E"~E58rfC/Xz�^`a�.]tLaLuG6PTِ�s"yU.d�y5Eu<]:=<{j#l`�CF);BK�rbڦ�^jh`�&4IµMϾ�(؇u�
5!"ճ,�m�㧣yZ�Z�O҈{D
3-�utDC]aiJYlu�ᨿڈtŢغhZz̺!ҸHX�sBkZ��b*M}�U)A\:ş)+�-8"�|Éi'�a]RVPހsJU��Ϙ�4Oc
~KXpn^>^|DߊHcg�]}!0v8(K1f'Gr�Aeð6ftȆy o��v}ȀV54R|0�fC�t`�|m��4���Gڗ3fbJlJAdS^%Ri46a�7�ff~�J
ʍ4g�-���k����?�{̋[e�~L+��`@m�z�GZ.��4*_q-OE3e��
eKJ)[\~zR ���w$R߂_%מ��Z�͙=��w��ãbr�~,zi~Kሤ��:�koX/dL
eಮu��rq͚YWuCgV蛮%G:ѻCVP��ㅚ)[nEh7x�G{۔�غ0/O ˱dMGл%8�p&ZZ�4�c *7Mk%#*>�サ
`}<�#{ܯsI v��h}ו_PM�=iB��}h:*g�?;�U�FI��_sDAd8�HЯˮrŤn['ߊ�B�U>�GSuJ�� C#S$ТSuVneA�m[�\IAyFDNV]�5%K�ΙYmxa5,i|T μ���X\Ih�?]�,�{4{��)!�}�P�BPR!#�,gH;fQ{:xx⯀;}`������t:}mWG4�U^L_�]ۈFsY-��[ߞB "۴�t6�rM59@n7nTҨ�"Z�[r>;]__Nʼ?zLkq4˧q@)kꝳeAE�Y��ma�!� 9r�Z�/R! �ρH_柍 ͷ�>*�.� *��@$EMCfw�<4!.�3̤*��BP�5�����p
�] a[>�;nȪ�e
FvQ5>ꋪK^n,Yä$P(S^V;ӵu_V��t�n"Ƭ�8
l�][#!Q�:�}�dM�oQ]C"Y6K�s�x�~U6�Ϗk=mS�e;�"a�o�&C/9
�j e�l*e�?"�_/Hi�
�\W^DTXl;�~3Pi�w%|ju�J!q�Rx��͚M߿T�v&KQQ�|�v徶70�fo[v(k�.
l%�Xmr�u_>Z�s:&hs��F��C@a8�+X74�Pۍ�g̳3! \��Q<[iI\D
`JA&誷א[xjW(�܊�|2:d-�8�GJMƻ�Q:nM`�
FZI>�<-I]�|,�!��)c�mEYC�UsA>ʁkSLy/RRc$7`rf��:bjaQ�[�
?���HD�By@$Wz%�̷$xUұq�[.`�G�E5[�zEGQr:�R�vE~[;�B![L%ϣ=GCl�'`[@�LtJ\�`Iz
X�p⁅|:��u(L<'I���o^}�o]U
M?`6�D �)~���&�{}LQre��4Dd��nF�R�
ZYJ=o=1"�4n�>@�X pd��\G(i4
Г$m�'iTYoDr�yoƺc0�
T�Nur�<
JvAT�9ySa[2ȼ��i{fkL߽ʫ-{ %4Bmc�Qg>pPKo��m�g6G+�O55\AP�NJN:_^�zSի5SxF�]:l�]�oěΦ�ϵh�N�5Z?)+ M7OΏº%%�:P�2S`���۰�;A0 �ëϏIl[+Cs
օw��|%4
@"%fC篚bgk=
r�gvb�S)iVk 'HX�{k̃1_�wȧ`s�Q!�Lh���3:F;~��6JyW3Q[�$+5HgϜ`;}oH p�u�9�}n��aTAT*�e*;8-=+#Jlә�� Žko�{Rܸ_!3Eb"z4' l~��p~GeGY_ݓ}n^6�@�A-��A}}{J}Cup�oC�A;i@B�k8/oA̯�?}n�QU[3�
˲0s= �٘_E�D�ȇ*W-�r�JJw�Ka%E,x
tp4֦x�wоI�;/6�R�9?0ȩH�A�Aw?0+Dؾr3��J�1�Ap2�4Ϧ�fmF�A( cTP�$j§D%otQ��"��]�9%> +Å�- ��}G�mڣ�z_M�@MJ�b.B�m
,� �&)*�KJ]�3/@&uO�:?#���q{GxN!_�6z�p>w�˳oڂpLo7��G:ר\�Kю�хF=���+_۔?_S�L%p�@ЏK&9|
x�N6B1a �s�x#T�-���9O�ƹ�ш0E5g����BM~;t
M�lPN���\Uuda�s�*nj{ Y|�M˥O58dV8�1IɼZW4ؐ`zypq4-�ˏ;2oH�+
2:)��֧Q J
�@*t@@La sr'7tm'58yZ0̓h"%Y5�& �+-|h�>zy*(EF0�ǰkxT�w#+J�1s=
8�,�<�Μ�<8 �r�+Hl�_" i�Pwh�OƏJ/y
u��@�U͑|9)}�K{�а{@rjK8Zzټh�L!A�@�x
Q}�>o?#A3uaو%�m^
�n��肯~!U: "]e�_4g$8*�V=6~0'� tBg�Ifwng�ɺ�"C��m`�ƃ��uem�ДO�
Bj�d]YHo�wz6>��{p5(tpaoc�DRBl#u@! [&ř+v�R
,vt�+Cum�^ha n��qHQ# �9Gk|@�AӗvRA�,|[�ƪ J։9R*0%SѩJ�;eV1
Ow/U[p+�?V8kR@˃d
1�������O5qF�Rx�F=�y=hJ`qÈ�݄
\�XO,�RS+Ct!P*)<1yXY[���I_�ř©_t5dF|O�U02�Q�H:)Nd)� @_nY}ԣ$S0yНoxj f�$z�Y:|96)L�J8�0
٪r:Vt�^tu'f~&��Bބ':MQ
b+֙sQm��
+@I��Ա��P�ѯ"=Ւ�qj�1xe�8m.�
�o?JC^В�+'ɑ2ā.zYPx�߷�ݞV7&t e[�T�AtqFٱ%iW�l*p7w9*U"]�UAQd=Fҗ?�h'/Z3d6NɌV�� >'VŽ�1qHM�;X~q)�0x>W+z"˓�ugAe|Ϟ[�\sޞʷ* dW.9ix�Qv�4KEDHfA��6@Zcx.>+ú+]Č��2�s7`(�9�/#��ŦR�r�'�'V
�'puʗxu]i[�Mq�PCPF/,
4k�r�XB=�˲ݘa�#oӹ4""5b�\�L/Hl�e�I·�g�Uv`-ͅb$S�N> r��:m*a%JXSY�Y>rz.Y+\miZ�V6yb3�~tz=F8Y�Xp�4�ԥ$d8\jekJKGШ( 1E_�P)љ(Γ�٤1�rPנ9Ny!P�M
k�Ze�#��cJ#�V�*]�W���7�tf";��y�T��R�_m�nW�Զ_" т;P-�˦UFCѿ���}!WI'zR5;"^.욠J�RLʜcM|r@[�<�,҉�?�|ރ{Y6}��uU- K/|�⣽s!;wD�z9s�>Ρ2AI�ArNK�wnIL.� ڠ��aMNL�j[�
pE$.�CD1a�=.Ezd_wm @ TX�@`|_[�Z�cAj/;pe,q<0OB0n��3@?F�,I)�o~X�,
S$���V�@ɜM⪩ݪT0�0?.}w��k�c4>� {�_]&N®G{oĔGפBc՚[�7|կZ�L�J�$�'IlGM�i1��
m�D~F:I�t^�iRwPd��% Y-xІUD)>f��%*;p�h�,��/شN�5}J?5[|+wg?�kS(5��i'�3
�VkIZˢP9sFVߛb
k'ϩ�pW͚BƆew�I3V�c`.>pP�
cQ7�͜�$κM��1?[3q-'Ю� d8Zo�KL{��YQ�yoz��?��9�Ҽs5pUdx
ci��<��/Cwe|�feN�*�ؼX]�lͧ���I���SbcQ{�Ŧ!*v�>,c¯��ܕ�;`~:�7UIQ �BF�H@`��+���༶o �;�
�}˿{w3ϔ�-D�fo:/M7*��VC'�IQm�y�LNV�Ű:�s0�wD>)�#U}��BO��NQOaӮ,pk3�ubY�(�G8Xp/ޅ�0Nci
PQ)L ͊!_��Sl/emOS,�YC�e<>/-�'-1\�3�i�P4NXh���uҼRgLvk�̊;�HY�zKbں)�ex&/
ج.ˎ+^g
w�dm]�j�Bs=腌YG�=-g�ם��!�>!y6YNi EŝhpaK5HTj'9P:_h�Zb(EC65/HѸN�'9!^�gj�2B RR@/u�57k*U�y�:K�C5@�N�RA�շ�F��(of$M(�'H� +�mP�{p-O��]B]y�{P\j��;K�BiIp|&,Tй>'�SlvTCÏS/
go]�݈cZW>�I�m1ǑG/�5-��,`��5yRի5|5�y1
'�k
>0L=su5P{I:IoVY*8�B/.`J=#!<]�vng �5ؒW�>�-u/}ԻmNF�:#DƇܭvx��]?цo wS}Hข�F�iF�L��`
}'&�b1�c|��MK�< sï@6f%gRl'��0-qI �"4֩r����S1ژrЄC�zO3Sౝ��Ɠ�䓫6b\�(0&$�K| ��F#}�m R�b!
f�zM}�lQ0vOw6zؗ�� �8e6�xE}�sQW�;ф&.�Xo"6.�&hPl@tTeBR�΄�ӳx�z°_5:ܲ*~ƙU�8ԜPS���z$p@}):{D�
O0qgb?�w� # ^9O#�DOY|�U�;eiXHÖE��!X:|<1^��|W�%#tq#�#�,=uA^if#�a�=w/�d k~Į�9�����i%\�r�\B]�_7Է@lO}bA�p4v~,D�z*Y㏝H)Ke���-IoD0ВN�*'7/Z�hpNZog]E�8�6�PRښE){`UdC["ZPvB�+2[?v�k���%q`��Î��̉eږtz~Yu낡;x�7@ʰ�ٔ`�pW�ܚ8rov_�BGB��q�|�dۼ1zmu"%�cA��oL̨em7dڮDfep�apdnui |1eє]Ѽ�3ۇ�#MB<+ٻ��2K���Fw{*-tҥpA&_HJ�&i,�,��X% Q/&LṞ�3L� @ޠVpzDivr[�Q=\w�]��-:]. ��.5�R>{H� !#"^��h���rߣk7-2A&`GH;\i=)�-���|o�3�9Ҥeh�=Gxߠ.]Ǻ4T��X��h�mE�JEgIUsm�s�Yڂ=�B
j�XZ
!G!.Ͻ'a�bPt�>*[_t�>ա�dB�TAZ��kH&�Ox-9=N�sO�PL�o&'mm"n_^�w1iT�Zĭ�L]�s��L�6ՊH6ߝN=a5N�>?�zS7a JޝqEׅy�~Kh�f;yf}ǮcǾA`)v!)�PUĊb\��zQch\&cHJdU�
I�{ 9
G4\!u17f=l�L��277Y�fG$}=Tu�$�f3, M'1Z�Ik#F�M^Ix=Gj!˓�D5h#�
Bʾ'3,�^@qWOQ�`Tbhߎ�By�ݳ
X�onu;�^�Ȟ�I�X]֬Pd�OYU�9�!63ך%u^1O�꣯�lE�'eޗ,��|65~H��thоZ䬾 WBL^�)�5' j&m:"Pô6�s5>��:T�d+VL�nf$]9?||tH��`�Cq�+:b�Qu �y#j�'0TBɆj�r �o�?I_.&UbF�ȉ��z"ϒ�
тh #up�7yt:7�ZVד�,gpb/"Y�ka!1E�Aw�qq31{�~}Ƴ@��QbN`qP71u^q8b {*I㷄�MC4ժ6fkX-Q�
G>tP� L�_+ekKiXw#.!y* UPVd(;VF`ѡf-\YI5̧u�Wc�MGAxgH]�ew�0]\,k*T��Xsב�8ed/-�wkW⇕��4IHyj�$�VFJ�8=�y#�%!�p%(�&g+$ty,/RRj{�;hڋ::�oY-g!Y~�խ%XVJ(I�
)�=mú�&Sl'�ASَ �7~ӄ�B�̥#7�$�+��、?����:v�_>%!?LyGkr�e`t�7{'69%]$��YC��"xU����ɞ�]2�";Gޜ�D-Ȫ�3\.:b��WW)`�pʗOKbd] qf"0�
l)(k��5H���y�V
.�+'1%�d|waq9倬P�`�S.�7��*1T���U@��XuV<�=xmZ�lRv2)fF/�tmyș��"�bcpuЖ݀d;�qAl-;Lı5�"��
�AI���KH��UM\_,!s.ǁ�9"�gCb|�;..K\ezMW
��S
FM���]mG\��nJP6~�01]ۼ1%B"�֚�~-V
���שk!,�H
!D\t��i�
(�g�u�8�n�a#L4!#�xXg;!_��+�nَ�/1[�wÜ�'%]jO�4q?vua(
濶K0כ�ɑP��KF,�2'�Xe��̏8�C1Gc��[j�pl�p�#|k�mlMOuY`I+^�mt8Gn&1?bٲ�@�
Vr/0lO߉$CKݒnF
}�+0fVQ F# M:�~so�KU���as�Wa$ȋrܩ�e��e/�2;J�4O<��2TIc�n$pH4(Hd
2��ޑ42Qvsd~,��? �v �IC
�>\Mu.aEX5�g�`��Փ��?{j%�uc~kk<)`�ш9_k��F��b����2xW�`!�
J~
J;X�%-o;ϜOI0a3�%&+έLir#��2U�zv0TRXd� �;wFpFGN���2fC)?[ӡM�&�^[mƯn[0N�52�U�aцAҷ' �О;"iBoW\JjKϦ�&{7~tyE dm-�[ܫ,8�o2[ÚZ[�2
4Yr&r4�H\�fi
�p*rV,��
'L9fy?'&+`<�&�
Y�$_+��~34$ȸh�^P���8G�/v9j1-k�>PLCc;G0&�+I5KUzw�DUX0�J�$�w!�|*tiqz�
a[)RxCղJ �鍃�}a�#�}7>�9;MVx���'unXI'^zGgd=@���ZdW#ُㄨ9DL^;` ͞�k2}:�uxtpHJXApW�n�$�8)wEHy�M`)RjkqW}�+$ 0n��<>&bwHIQkpRrXP�h:_AFAY*w5#|�ƾVJȣE/�h*�G�)��ډe�+\H�S"Č�i�r7Z^>j&�*ΐ)/EL'�}�oJ�ԯ*w�H__)!�>�2#pb$�חָ�劉�ΖNz)`3FЎ,ތ��[ruf���V�6ejo2G�_58�ř4tQ�TN߾oV14"a
�څ1_ȖKjK��m$Zrg�rn
��Aat��(q@%5*BZLh܆fhQE)mA�w,kH��~TPap0s�un?�.N/~l
՛�u����L[�!-/rgxv�� l6&%�@'3]-h;�E|˾o��5|j�!r�ZE��N;�u5g៹&=:]ݘLԳxX5�9'8{xZe]fcD]Xls,!y�=g~"xb9��'8Iw_�(٣$NboCs jhuQ_�*�+`Z��֞V>a@G�rtNV�%JJtĪs]ʙO"HΓ/�5/>CzZ5|
Ƞ+6�h��hB\�-rRm7qחO'�^xK7y�١�>נl��Nz�Buҁ<�^uj�G�~�PԵ�G5ƶ4<+S_��wJ�E@�k�D[/��?$ojJYdbAS(B&d")gPqH rN)�K�N颏R�N=pe1f=x'xUy�Q8�]m}��TnI-A�A�51Vڹ�\ M7MI�}Ӧ:�O�&qq3So��w�}�̡�i��t�EW0ݳob�-D>;c���T�LU0�w`��,K/:�YO-ɤz7{x�L֥�QO#+Ô=mY#s#k�i�bz@B�|e�ԘA@=9KF
,rDUYqn9 Ԛc�F5?��ٖ ٷsYx��P��)C &pYcq4:u67�E]SioވTqCX[NMt�}eF !z;�G�2'sƜGw0B6`M9$.�XzPoKlf)���wu���)*l�n��whpJZ&jPIXS^@j�R^.�l|b1=9uƽ��v8S�kMwҎ>�S1
@d��wK#�#O}Ι�Ow��EzB#y/�Otfx6m:�zA3TyrG(S�LOa�Ȧl_
Z�^6uX3��'2%�1 4r�-�g"<\
{�BՀ;Ff вHcs�?S1ωd�Y(R�[~x5&IQt*P�KH��8���Kl`�i��0lyנ־��h���c+�D�UO_?c*t2#�C?�j�B${ݲ!Q��kB�5"3Y|fu��$o1ZXo�~t{Y|yæ&1?~hj�$����B�ڥ[{h&:bj_Mi]z'}_k^/&�*�>xU[m MBTj�[2xB�8tfS�n
�?U�1MpF`f�3ЅJƅ;
\U�rn7ӓK>�6 �.x`1"uMaIŕ$N�Іs�f
7@^�}=X/roD�EYφMa)<�Db<~ZZE?�};�F�=A��*R�i`*~C��2ޏÏo'g�b~tR�!#\K:rhPϊk>iHc ײj��[q�gʐ�=|�@;\ҢHWS�V�%J
忶}|l�6s�9ΗeFF`"R>̫�wv����jB�6%�ҵL�8+㬷_үm2
șr/˴sv �a 02�Stbt���:�3\_Ӓ/hSD8{{J�)eo!9�T�n`67z+�NoRE6i��ȕ}
a+�dϱ
/�^&e?:'&֤HH�
oH���?\M:V]O~ou
��|;9/G�$0�k%I,K@o'=VX8U%!ۗ��`LնS'U�[�@,WnYz$7LW�I�a:7 IKָKkwv�-C��$vei�!?yh<"L�u9
;եO'�d��r�#;J.�i�Xp�s�ETx_߷59{[?Ny��m~hCT1p\H�ʾ&��(+�wfC)�cPf�&�IPaJ ��+/�4k_bs] 6�4lA_L
J\\O%�T\C8�"iH#�y��%1uY<�d'y)h4����[w[Ӌ(U>A5q�si^9UuH8hu[�Iɟ�J@f�M�)B�m�7$�S�3`eka�k!j�Y�.c�{w8/T&Jfe�E#�y�),tk;qX�D?jc<;�rE.)LT4 H<^�
;��Ͽ9�㜱t�FT�k[a}qǧv�z <��3F��\�VY��]6)$6C7l\ys$��a�3]j%(^Zl��~�w"od�=z)~D�ᣬ�ӷ(C^GprWXO��us~g]?P�a��>W�W֦�bk�t8u)Nb5g��`�5֚cvgK��e�ߎ�0w�h�(u$�116ʠv�ܪk|w��.hAs@�+Q9`�0]}y_a볙�:l�Wgw%�n!�DtN!j�GT)5f(bml\mV�?
}3*Tݠk�*IJP�փ'}@9nv5J
*x�ݫf
�7�{"MYc~|3> �E${Tfq/?�At6b9.V4|;^�kIX�n� ch5\Wo0Վi"}�S>vtF0�Vp�3��=|R+N�3�ESX\^�Wi�qm�O�V&t-5k7$�͏�.Qƪ�zC|I,��=�w!XS9̞+i�=V�/e�ve�,k={�-S;v-C�շM�.*ꛏ|ED=�ow�(k`^�heE�Vl�Z(�Bf嵐N!3��Xʒffp-�p�cSC�[;S*�U|C�pyg��;�:ȯ�;(\>~V<1@Dt聿!& ���i�{�IW@Oͣe^s0:?L�zmk3SEdL0vOz�9De}w��go)]����L{%&o�hɉb�[fA��KϘ-|ڣ6�6adsˡi̱ X,_'d(VgC0a8w5yQp�KT"Q!�侱ٮ�{N�!A8m�Y9?0~�8K!wj
.pHj詞$AR(�@/�y�y�|Y\q�H֟�Ӟ�z�#=)K�8��cO
|��/��,Ya̔*^�C>�֞r�BWģЙ$
0LڎGT7[_�m� �W:�r%~��t2C<00*2d�ਯ$�0ȴ�Q!x1TdA_�Jn%��-Hzٶ';(c_xƮc� ��9!h�U6$}sƸ�8tҔT3[oYOmϊb�1|��OP{f�eii/[ɴ{S^~kAI_,�uO/c�dX=�'!�㸣o
0z t� ,[Þ:�@eiu�
��Z$Mn�>f%2
]]x�k Mʒ{[�IbE*�p2�yOJ>˫\(oǿ��ޏ}m4ӑ#47!.n[8��\��S�
iw v d|6
9Oқϩ{�E��$<�br1/�%�fXg@@Aƍ&9Ck(ufeiT#=%�ApR��^�5\V��M+Ƿ�R�b.}kT�˙e9.əAP]"n
ƝA� =�Izч#�j� �Up�wʷ8H�y2'�Z�0h�9a-`C�M�\�tT�ȩ�ӤX�K2.�]
tH3(Eɿ�H)5[Z1ٻDU~A70`va=j�7�OP�.�|&Ǖ�ꪝ1G{v�H�Q=f "6I�0I�E:Ͽ�%�/}��Wut�JE{Ē{/sࡏ>վ�tZF�=�&+\#q:Uf�T���dT DrNޖB�&�~&7h\.iPHcfT�ZBu���Y��Q�O
W%>.{�'�V�$$�$X#}G�4Ϛ#&$r�[xZݦA��l`X^5�ru$�m�=?1k̖8懝C9vl{$7=�?2-�Ʀ8Ǔv����v]p"1#dDdmLk�aeb~ѼU>&1dZZG�:mT�n��Qъr�HcG륱:y^4�ǴЕ(5~l;ș=)}\TEGoۀW!/2rỈf���-�%�;��Z����3w'e䖐ɺѽĖzuBw
H0�l��E
S#$x4`�3��#&WM;-
v16HM�7%s0|n"J��Nvjmh�@u
��$�|�=�'%YV�%���@�Po+b,g�q(062�rA &l�}VKq.�6q
1nˌ��xR'�hRpPDLೆ�uD�\�ǭ�Xƾ�YE9*�o#2Y*�^xEZKCQvS�G(4}�L߷c�0�y�M��jv��XIXzuy3D2=��pnu泇C **o p*|M3�3B4*E|N Y.HKQ�vLLh'ѱh(?ʦ���SNnj��@,F-�Z�\�
��H�6�c=O�8(K,�c,�.�[�%lNdp "B
G,pn)�߿vyP $_)"~hHJy7�;\�BI4;uwc,8�0>MgT_K�lX:،3#Q;ﳌ�.�[\j0_�O&^!d�YQ0
K?OeH
_�}e�
x��j�8�5V:f�h鮋�^P0�!/x:�)W;swoEdXkPE|WҚ�W�J\�SƘ]E��w(Jq8NK]O'�:Z&lK�l���D-�3�r�b\qi^D8-U#�$-goj�Sģ��g4L6g/s
`w�F�KM�G"R#W~�n(^S?E��J»sQk\9OSF�>CP8$+f���
>G�Ya|qKCX[fR-Hnqc*:5Twp�K� p)Q�q�4a�s7ݕf%�]�噁?BȚ~W^8&F}<
@�.j>$Tb[U*ؗɓCT-7��M�NX��sXowDY�d),gQqAA|ψyXӬH#d�Q�qmZW髱�oa1`Yf�*r0�k`|N#`=Uش6��9�K�gg"P�Mmd�M!!�Ȩk ھ {"BD*��!^h_ﯪC-�x.zz*!
@-�"d�υvZ�4qEAy��9(ˍ�HMkfZJ5$X+O
p"O�y8ơ)<Ѻql��6'd8(jUqR]A_;$��HbyGA2GE؝_ O)@e�eJvk]9
zݞ�vKu2^�yuU"�921u-g���##?쇟r0��03ކ[B'a^�1@t4k_=:F@ge�_?e1;Ts~\� '\[kV".=#8(�,(倜ms
w\k�Y׆�͠u�Z��q:�Q>�eD*�r�Mg�4%3O�Obĸe�n:�3�ejQsHtKm,Zo'UWć{[�z`���F�r��ic&j0�*;�q�aKɈD!4k]1,��F>QqCug>
˕�m!��I�k
m$�
z
�o�n�1�N:�PDdͽQ��Io8� B!hovZ'�]�]8
\|C;q-�]�6/hKe�f�"a(6`z8�n.,��m9�L �60OFciD q�3Y�e�eRl̿�\�=:ao]|20a� poQ�+�G{�}�evH[[و^[JЧ{�9.^=X3_����U훁KK:�&�7p0t�9g(1z#7#M' `c +̭\,܃�P�'ŠGQW(4z�z�a�!+�cC40'`#w2w%EmBA
K�T⎂
?qT(y�|O℻�."0SM�!�/XqOY�R�O+?;AOiIt7B9�1_d85_kcBK�xn9��(T͎'C�OP/�|ČZ6m`,M
Gg̢f[bEGr7�K �z�Q4anܿC�a1@ ^4酛TVo��w���bԖ똕��!gu?Q KE8�k�:F~H#199���-�ەpG$�gvZm3sX��qM1�(f)Q{iљGRYqH5�+�h a<)�1| .-$̑���T
YX̣J�8>bxy֛:&ɥ�zS_O��E@5�E-�$I*'0[*9�g<_ 0�2�R[4y
m4�Sh{gyK Nm��V;>g��8qK��]x:f}o�9�gnv���f= ;cdn*E5ˍ�0lZ�T:>I9���Hś�
�ש'�s�J웓:�'Hۚh�X-ظRA`8qȿt��@��]H
�S��Uǭ="D� \k��dKjo��j\�L
eR
��eߪt=X:z����C�ЊtzloMѤk�M>,�#@j�8t#kV!?&=$C۵�ޅw �"��\.RD[_�^IB��־-V
54�߳�&#/*ۿDŲ
�O~�s1��.c,狃6L\DzY֙�.SqT=�YdcldjB��L9vAI[(f*lޔfpX'�m~-ӴflBc�GK�DXIˊQc_)��
�fȢOMߪz@F[sC w�\�F7�Qל%7И2S=1�l�TCe4p�PE��M+\ث�N�Z�ʍNc�0ʰ�r.k�U�o[$�Z;sTz
��}r�c~#|0yJEhv:UI:�w�AV�L�l`Ce]f1�ZY]{���(�Hm�03J�ǜҏz7���u#/#ங�LKa5�ӸľX]9%0?jPh�F\$>��V�JNa�QHtADV"6�"e[|x,�'8f9D}Mn�2fE�����BHGЗ1sL'iV�!;P�V$дc�ߴ#>�{C�i
)��ղO:|B1o(8N-�/.Q�W�[�B_^)bw\X«4�<�T�7�is�@�c\�|-E)>SJԂYղyt\:}�8%o�Y[vS0F({1�KPbrEz#eM�OT2zJ�^��.�k'u�QΟbX9<\�v�{yt3.\JU2�n��HNtc@U|5Wsd.9ZbVvغe%5m,رxiT)O3zn&A^�R7Efr)QƌXp\m�l<�_J#cjE ?y��TH,?37Oҷ �vUv0*soC1�T�ˈ"}Q*ltG1@�S/ނ[kb�ÇHg$=�9}�U_j%7Iȇl�6BJ�V:(ݶ3*kT5>�A��$)�% d"M]�iA��o&�Ȗ!i齠b�)���k�>xR,3#W(XT�c0ucY
C<�h�)Ԇ�݇uu8G(4ysuc-TIr)`Z(|H�&^��n"m8�'ߖ<ïs7H/�䢱<ݦ���}�,ɵR,WH|v�9fU[5|[jNpI.�y��Uհ1�-!��AAbO���u2 g�.�c!l:]�N�ux�#"roc!L�k܇LҙEc͉(�~bX� ~;|C~e��ۜg\ř+ܽ a
!ޟ�snvm/|n[%P� Bp�ptj$�:#&�ρpZ��6_��\�V�Jb`\tU{u�_�14X/)L`�0ۇ>rH/5'@�VFܭ�Is2gw/Gh)ޅBl䔐aQԤ0�94%H|Pۆ�m!lj`�GL�$SRyyz"�;j2,�iRx'q�*;��8c-#=p55'lÖSG`HP8���S6ŘD[<���gpC�i̫u�_ #�ܼ;�Q31R�#b"k{�Ȓڋ�v[?~έx.o/l@�f�XF48:�=Vϋx�:1 �h( vG�՟�l:�e��C�yc~._VMZ�,>)0c� �Wi���z�t T,:,[dN
`f'�j:Rkl.6�ufXU:벆>fE$o9xB2B>@wx�H�fBo4˅Cxl%rq늞B߅e�G���
V$?��Dp�*#nb{P��w`�$kʯ$oY'q�C]3�קDPڨ�O���ۿ,e-YΐuFo|h}��(mS[�.k>�4?gط�d-NV� B$%@�: ҝْCwz���XH=�'�Y7z^"nY&G/�R:!Ǯ
.�S�v�\1mP��˧�/��Ϳ]nƥ�E[zd��s�STp���.yT<�i7;Y=Ct~uπʾ�IuN�XH"Z"-lq�OŎ."2Ac�P��/�NJ{�;H�GV-Vge��G�wo�+,�Y.�u�;i��5�*��y<5\��m�-�d�Xj{f��PR=H�_sDWn� i�cNjxxivT&~J7�V�7UK2~ԙAĴϦ�AJI]AoˆҼ/xw#XS*aGecUw<���.zk�1Oc��N DIwFð�.BQ�9SZ��y'mc�u��"ũI#3�y�
y��e4f�ו�*$�L-l&�zc�(H1 |u�gs%�n^K/1|�~C+dq��[{�%LrZCA�s�\H9qG;2ľ�6D�^���}1Pe =,g���YZě,|OA
idKI$|{1V?րmU%�#5/I�9Ac5��'W�y�7
0�YQ��6݄��Z�Ipx}�ǎPL#0!.б�q=M�6k�
F�W��!+*WzAPtu+�h��&w4F,њT:rG�1U���(�fc<^_ed�X��{�kfC.6b4nYӿ\5p�Ǖ(d_P'q�}�"46^���)a��$K>%{{
���!KVh@�:�ޯ"��ƞ]�)̻Hͧ������it�>@RP�y?:>a?��ͧL֦q�\[ro�.=?vA˛vSfG7e�$]�-Wsv�yYN�EDRFx���%w-+6X}|�sN <
y#pQDP{Hϲ-7߂-jE�tcZ~
Ĩ�Z̥xis(b)3+jSv9\X��U/Hpn#@ Ck18^w9�R;ݩ�.Cٜ|Zt"1�Ѫ/uzOo�WK>3|l�FH#1Kw�Es�,ϐ�IGqv
��'Ȭ\* a�7*Hv<
#�؍v�x�[Q!ƒ�BG_B�t7~GH'l{it@I`�,7I�j�7�60�QlwRl+°[lSk`�Ұ9
c�9�4c&?/NؾNzXQ&6^4 6��1�گc\�fe;W�CC/G_31THŋaW'=�%`BzD uJ��*^�4b$~BXF%Y�Xaɵ�}:a�2i;0��Luv�x�^Rk{Z�Lzs��E5_i귶m8�}jOz0/Oo�ONJeռ�R�[tt73kD���4��iCh=et�\)R�4?�$��6uKF��㳌`D+Q(q'Ȓ?O=Dm�?y8NSrB>�J'қ(��c��Sv�f�G+Ȣ`B}'$1i4Z�[i2~{6g4�pi�����lI(�lp^\8Nבc(x;��S�~�)~*G:XjDG�1)tVS�o�hU
I-7ph�ECDKh��!�Rܶ0�|�{BRi�6(�,KA2p-�Ubb=y¡)�
u}�^f �}�Y&`G
'J��tO�4*/G�p��[/^�U�ۿ�M4�}kܕ)Y�`ӴU�K�ra��QL-M?�)GLa��U�@tnG|z^d��ɪi'\/,<:hȫ`JwwRd�trq5]v_/^���nDHw�D_"�}~��8[*x77Ab+[gŚ��$d&B�>�K` /oiNnpp2�~?2�M+�rcsZ�+�]胧d�].6�ÿ*<�nq�LZHU�9E`(t�}�~gg�B}(1�œ{�T2^ڕ�6�~�GY�v�odN �X�SLxco";�{�5LT6&5=�&\{�d��i&W}rM!4\�#�GVD�Sg$Z60<
vY��OjLFA�s���B|W{!�'Re,$xmU_]ۥ��n��¨u�i:fckb[f
;WZ4V� N�u"ݙ:r
hg��#g҃|p|.*ZRt߳hw1#�OZ"�Y��!g����>�/W_,A_A��27^f�[Wb|�X�V�C�V��2� �w~�mΐ��$L�:G)~��f4I2O{d�YKF: `[rH
�Ʊ�|;V?w!RS6�a�i*R]lm4|q'��}䲦�ή�KG>E;�8x
Uc`�=
�MCWA�Xc:.7s(\$��N�H�h�}ﭜΧlQU4���6�BOR:Ocɓt=�AQ͞mA^���%ql9?d9"4L�_3fŦ��Z�fH�Be\c8%�TQV�9FX�<}�Byt&T6/ jV\H,2 YeB�p0.j�J�"ѧ[dQLCur|G3+Ye h?one^P�w>b�Ǟ!���!tmR
yuX;�2� :w[R]k}dB5 =�9Ne4G��gh.d��q�_ղώ
Խ�gZ�%Z^[mˡ�n�s�5ff]7⊜4�t��8bh XrS�z��+�"*�^`xKFV��wǮ�&'�~gܟ@Io!{)6�Z\!="S_K[&s�T�T2ؚ�K5�|."Yɝ{;ҫ+)I'ظR�IIdM
3:qv&dO#*m�jA]^g��M^<�L�i�Jw�D�;��$�/FQz>�Djp%Q?E앷hiU
~M�d$f$96SmR[d$]*el|pfW?q-j=\dX@�?F���'N*�T�va�GAԮ�Go[�p�UՇi!Wd7^.,4u)�ГXm��R|+r3S���&:52d8�if6͆$\Rwa}kѳ�
�8�p^Cl!�m?|��f��ӷ`4�ݣ3ShH�}@n.[au�s)DZK��i9u��!crj?,xs/�d5�7�K! ؆��x͵"�ou�Bџ콪P��7�: Ew6쿇F{�8[�>Y�e�*\�e'�K�'Y��>d .İTܐTOٓ[~lD Ԅ s3ղsB�[#~tct?}l��5
z
�2`IN
At.��FIK�o6�$*2U`�x�=� p��y
(=�KչB�LEa��mNxՍԠ0wŶ/ #�TZVl��p�{u�D#�^x�/HS<>v�h�NrIP�73͇^�g9zM<@[��%qwrz�3��Z�B�vŠ&9�39L�q��=ȧoU ��Q9,
2%�y=BE�h+��Z�!�c0
'@=֑^[p��* ��6̌�tiS?ߑ>Id4��?i�iP^H�"�(
|+"�ek'�H2Ԭ]�w�c?T@�u
$Q[xA�OR5Q�
ܯdC2+,�rR�p*e5� �T5)/�o��u�˺B�DΉ�ٯ�,Bg6)Is->Wە9+k~ajҝ=4�x�|c�]Ur�>'6��RPqwu�}5W\aѧμ&�NJD
[gt/@7�3y>$��=;;s 0y��0�;�q�*@�=�&j4�c9_YvMSd�gn~{S;3z�;b)ma },T�P�`B��.d���G+�<ӗ(�U\cԘ5�@Yj@��EXÜ ᓃ2bwdQ�e]S^��d��Xw�ٻ6(%� ,��keDyP��O��t <�P��lMpN��r�<�iI ��QnNߒq�w m�v?e+pݶBZx�'ϵ�����]v¤QSWEb~O2JANW�z{9'\%�PLH)\�A8fDv<�k�'z�δ:㬼ʑ5��Id_
E(�,ylE�lx"�
!��ogn�"f7#*@1~
'o託մ�'(`e5#i�`O?�q�Od�O�OlTj>?�'�'ֿ6,fXP]r_�~@/3D�{z��o"6�p�x=D.
�{�yRSG�lc:�f��u+%�nD�{ݰM)sF
fuM:)M>R.7wxշT/I@�9HDlj:8�ߡ=+/յYvΧ�"��2Ͳ^w�H�]�w":���,h�M�%�(4Y- �T=zw@�P":���4'sL�pr �8��NG'.9$�@eic`B�*I!"#
⣗B�1vy)�8nG�?д��`T��9J{;�V
"!fiG?k�4��ܖsOf%PA\]6͈3=��a�P]b{yL�0:8� ڣ���H�C�[ oZmb`e)Vz@?q�r9�Xx-q'�FIdayT�18/�TzY�@rX@/.!4Dt םJ`N�+Ҫm>3͌@�` I4J͔H''(x��Q��+BU;h`q�`4U}:�YA
S�q%=hb}�?MVв��+ S��K �UAy�-XbZlӽ;�G
Uɑt� [,s3�qCh7]�11;p!/qcq,��~S �^�!kMK�^;}�;W �+���aR NP�6^z��ҕ�+Q��>:OvW(1pqEjQ:ꨉ�U_DK�}US�ZyVY<Ёt�q�2�H
T��Q6�eR8Yΐ�{We1ne{FEKhP{�@uΣ
s�luRV@Iu泽|]�4"qZ�6=6�J�d֗�e9@KP�sOs�KcV^/zTd�ׇg�ﬗ�h}�Z�u��3N��2�Hx1q>�l�Ń�A9-U�`O|dyglR�qHk .�$��~��c�C{1ƛ76؈aY�'@߲�֓r=x<]h�lvn 4�
\'=/ _y�M)�
|E<6u$�vMT�&�����=5)#�Qדh�%e]C;!�(h}�q=}WB�@�6
�V��fw&�%Կ�j�q�bXii�DvT[�Y���?�HmrO]@b;0Ejz6Sߟ�'mL�jꐷ�\[ҵƚ;�b�$TEZ|a���ҭI"4yUp�X��˝��2TAz��[j[O~0�c-:�I�n[N�+&W�S�J YgXN]9Q�dH@@>���r fpPOgGhJ�rMX*'s;� DŽl�[cBܩq+N!���M�C,D�Sح}�4��
Y�Lh�*��4dA���"{�t�:��4.Txʀ�.)5Yg�B
~\C�IG��������i�ZNX~�-"m:4bO1,Rv:=E`>w�|$K��.�lq|�vµU\-Xu^WI�1`�Z��uw�%\g19뇵o��ߚ)���6sf-�]w颇�]H70ux%ϋ5xkU4^��?�u}�k
Jb.+�X3�uҹmDPAR6piмt�oLP�-Q%%�@bussֆ2&;cX]�XEݵή>;|��<�5JW��֊lR�;'q46!��AdZg�kR9`!)/�\$\\$.7�ҫK�
\�mT'�sn{7-K~]K?'G~ w
=
6RƬ;S:@=kp~T�8�1suj]�a�ʒg�Hin;} �*&�4,E���UM"]R?s:qt>�|�̺�H
�a�v<19w�N���eZA�+9��I����֫�Ǫ�i;�mŧabԂ?ix�S�k(r���>el�Pw�n���sLZڧ6N
*y�-!2�bS�L<;[#ˡ�|/f�,Bm'ἱ�֊M�'#�KxS1 �j�E���{w-vU�ixA��<4�;Iegt�쀺F6�ߏ,�eh\m_G�r
}H�
r\ob'�x�˭QGvM#ʰ9[ &�M%%�ң�>G�/'c؞
؟QL#}+��rg`f_$9O%ni}
+>ѥi?i�@KBa gI�.���QW
%��Qܻyr�d�11L|9{vd_c_~0u6n̞[�JפGp>{}~Mo�0�q\'NGFi��N��DM�ȹipqx�Y��P;L�\e<~:=
ݕ0X37L(0-@%r|?Ճ�|��$VhH
b�n_*Δ9�ƨ��II`�8R֙xҔ�/�r_�"Ţh �B $dP'ɩ�h�eNy�F��d=c7l+|Ͷ�:c1eo�I]�(iI�5g�>?qNp��rI j�_�l)�M$PdH $Z $'E:gFIi gi|Z6�)�-DCVy�QR/�Eu�EEqOx.(H�,II���6`@;*l\ڍ�i\f���!\j��<`ΘbC�۞(<��ׯR%si���S
��m/�B|?uDPT�t
ƐeEC^< ףa�g
d˕�鉯�$J
7a�5�'qg�'h.�.Ti=qn%_~`{4Y�?|o`�ᑷBkM�@v %��wٿݔL
ԝ TFPt$-fY`��#Aޢ)�&2Il���t�N,6�FϹɭx Se ,w��][\7T7-a7~
&-$��o��䱯{{LZr�O�mK
*y\�_uN)j&U�J�]��$-&#�܀o��WD�)�_h**;:$;qڱd8��Ύyܻ#5Sw\�=m8
hP"[A�p�3b�]d!�
1 Q��{Ezj\09oZR
V1̋.YfW;WHb:_p@x��1$a�P*�S��Ս)p�SX_S�K|:l_O�*(�ioc^=�{9ẇp ��;4L þЪ�w=6W��`X=6�ݝi�P&kn_ Ί9�P?^K�^C٨CI/�kAP0=R7N~0䧎�Ѥ+�aUaφ?8
Fu�x�-}?H����1OE&KXa-]�M_ %{%sb.�:�
ѝ"$;/Uw�@bi{n5Iw`yk��)5�10�lf� GFγ[s/^Dk3���]$}��ı.d
wVsh
&*_♑S5fz(�h:BȬCq�R�&T�%&Iq�+�N"� zW�RFxR~e !Хeںaƥh�pUB�2�->U)-c~~�`-Q+FvA(g:z3�}�{X\+>�b+V�>�$��C��j�"Oʻ;Q��;ί$�o�"n7,PDGÄ)vkxP6{2R7�>K88z�0�6vs�B9f |y@6�M{49],�ȕj�GQ;SL�F*!J_�.5]��-QZ��9S
SV
!��tW0ocIh(�7[RRݶ9a�j�ӆ-)Eg5ʚ��BDN9TJ?j�C�ty�(_pqyc��]aV�@s��:�����8S2$\g�\aJdRI,ko6cg3�mP;�B���[jɿ�9�d�Bg�&CL�d Dxt!Uӭg%i$m{%mp��1i0^>�N#LDQi3;$g�G�?���&�N�ߓ֙�=h)]p{ԃ,�VbF�cq��_?�ra�G7�`T�T`*n�ŨX�^w]4�vSDx${;1d~qU�Y[b�Mg~�x�\C`��JX��,"@�l�L4O�s?j$s������~UBg.C3kzq2 "Zߖu��x=�^ipA�;wI�QR
B3AhOmM��nOG�I]�|���=��6S.�Χ�f�mq~\Wһ��N5=r/4f-s_�L?ʘ�# i�m2JgW�|i.�hO*r�b�06I���}�o~/Gs"bv�V�r�*Ѳ?
'=T%r,%f.;�Uv#ԧ�WY*dm糥��N�M{|/H6�;vܒG�ȤX.膴vTy45
� �io-sβwe�-f�է�Y_Oɛ+}]r[Nf�@l-$�%#
I.qc){&eMdJ��K'Hwr$�@T�y/�?�iZ1:Ԗ�k2CGA1 )jG~h34� e�G�R;gǿC8PZva'v�EyCkN��,_3Yb_xԾ�La�??jyu7D$Vդ�5aC%b^-��\#Yw�>�[WmL�i6G���!/~)6as�Ff�WNR]qLL�~B�H20�G<�2!\�L`0w@k/�]~[i?l%A�� yd�e�r=w�p��nq�Fry� k}s #.s.KJ`-?�N}�윗�!T̚Hp��-R|*��UWn4|v"<�1c�E<юΙ{�bpV^Q
)�Hs�MS��eQaDžRP12ԂW6&�!��|%h��jQ.1̣19�u�:BQEf�Ge0Q8l$�oJGBco5oPI�?A@X�
�EBUB+��k\ )$fz۵�R!WLϑqz2㬭4F+t>ž]��k=`*q6�ZmƜ,,�52(�'�=i]`_2�fs4�xA��̶iJ��xD*'s;]4cl/�fR(�k~Jy c��Җ!\~�'�'"dGoU���Bؤ��Tr
��m[5o:[$�Wv�O`�nSS�4ٳ)H/-{o��tYuϡI*�Nxlx�W$*�̌Jy\:0J��bxKTX\x��H'�g�$8tmB�v�Ce�yE%X�(p��|�O[+*DN�0V+䥞{wP{�nρR\�-4%_�C�%vZ8P�X1of;�yN�^bBP*sץZ�ْlM�tRg@�;]1�px�r>Lx Wzo!O�f@\
�3-ǩuIsEӸW^0�Y⫤ڗ���`+4Qħ,{|cn��rm�?gkCgT2� M�Ek[��tH�Iۭ*~=m�&E�|i�l�'.Pl.Ru8�9:AzjZ@?�8d r�`.>q"
�Y�ݟ뽥]Y�[zCNo#iEj%ˁr@P�4ןVP�帤5[)x9W���ytq+U�
\+.ح �v�O��BEZv�n4`Nt|t�.,C:��'ؖDbOXH�̥*�_exm��S�,i�j�(�3{*u%L!~��X��HX%zzr#lw0R�a+B�L^�γ� F^2�ES� ^m6_j4<;e�j\�&4m QB1�Fi�DeEfd"�6sK?Q�XOq0N$Yfqaآ~Z=Ythʡ(o]B��)}h,Ŷ)��Y@b^.ᆯ�Ū8MouGN��#�uXvXSyn���Oa7��.�jN[<�OV+S0߭�0VAzɌ�$6J��fs�(ʩѱy'Ol2ZVɁ_0n]5zZ{7S�&|F`#.gt{OF˴ݏ:7:TBS+��3�|Y|Q*R�f
1q슴F�%UXӷBbaF#I ��:k�m56,f�ۢ~,X]�$r$K *�&ot�O(q4(G[&��&R#*sf2*=÷��R:>�mwi3AV6xU6�..{uBZ��E�h�(��C`t$�?RVMB0m&�Wq�,] $yp{SK`�s2�'?�ޒ��mq�Tݫ��찊Clѓ��p#�HR��zSw_/Ƈ�0-��7/H) a˭=]�}6�M~=vY?hgF+vrL�E.1[o13NT~)jzu�=�#C r)�WH�p~Ff�K�m7f-Ȟ�5exOmk61�'4S qΊ6~f�;s[#���.�A��R&S;썂S_{4 ּ)�pWd�Na6dCmj9dTx��f�,ϒ4rE_5ɋԎ1kG��K5V�&)Υ�kĨ*G.a}t�k-vg.�@�ZԂ�AJ\W�� �FmJ\a]�0�\(z�wB~�Rof⭊;Ȭq+)M`���;jcvd{PЪ氂ְy�E�wP670^ m�xJA'O2�j\[VW3� �Z|hҿ�$dL\�`s TrϾT�wïH4�:�!&jId}X6-_�]1�9q�]E�pЬ0G�EѦxwiE0qޥ7dH�[xY�f/EJeU?&LZ/Ω�ڣ'_6a�Kcr^�>�tBc$g~�ܓŦÞ0��б<�WO´�;1N蔵iƫ�XECh8>�]i�ci!b= p�(6�ޱ>�Bz4(|0QM#%Ǘ\8�[K�a�WiUB��k�G6T�vw{�ˬXxo@\�H*S롽�|B��|[DӧgSȧp*=MhD�Vwcle'_�sW l=4D8d�xԪs=D|prB
f)eQ?%،mM$/U3۪K06�.!"AwM%�7O1M(N�ε,a$g(�'�˔�5?),?��L�c7c-�^>M��;B�sl�_!v���82(fU'<��yxk�Z?5nn�]B�k�0PeV&Pa&&etⳐBZPZ�آăj;$�2={�M=3V3.wpGX4>4{�Vn}o_�lx6\Z*=VVh�$#z~W:�c,q&E$a2;FysQ_
8�V.��3�p��{3�zj�9,їN�S�O*0&�}TE=^mŃC�79dwྚ3]y�:X�գJ�c9�=,}l�F_0Fgܹ)Ƿ
6�Ι��#��z*hI�XL2�OiH}C`ԏ-�"�x�Q2�lg��W$�;a~:�\��B(�_k4�ŏ,Uĕ/�j8dL&YH�|�]Z�1nr�֮)�Ϣ�Q틃(�AmƢ1?n´�H3?Rڈ8?2UEc�C�u��]@`Kc�h�I8FWu=KX��W�o�Nc�J%�w
f� ߡ�ڎ,�Sb20H'*,0�f{6"QAR!ǎ�%�o]$u
㽽45jhV�$lj[
K��%�g6�0nH��7�\HZGj]wVg$cwa!@`3?u5(Z&a\5�7>W$�
�Jŵ*�Tjd�; ER���+㡠AF/8�KVە� |#=�gsYo|8fydz&C�J�3�
�bt9D¢dx�ш�˚^i�wPظT�p~�(=ɓ>�+�jHcgGl\;^ϖ���
g:��i*+PF��T|XS�Y�X 8�h!33�ɍ�"t�aթ��G5�+v?A]~�?I#m.m�SG3ܻ�94۳��s܀v�A�dW@yT��,W��yɜX�!�gnD[%ި\ Zښ
�n-1z<:Pkq]��Jڴ'b\�dT�F击Y
No�;�%�t)u��5AI�Tg�:XmN%G"C1�*6D hf0"(@�vIfj*f+�1M=Cp� !U�·f��8F1�D4@eSk"4LNkE9ѭmTZ[ѫ.J,E$�Mz<��5u��k�F�SejhS�����M-o��sl�R=h�|ı�;KU0�"��+҃鬶,TTClA�� ᕁU/o!�����zʹkˣ�66+_��I�&�lMTYs�׀�Z
p�H�9��\A1G
U�~w }^^e �\qΆZn ρa�G
��F Z��,j�교�/j.���O`GK�F*�1V!,��n�E=kĩk>,ZH�tVCVKW?CE><1M+$Ü��v��LN�h;'v{JA8KrX
X��I��%%�V-]2]rO4Jpe�SՎ;Os��~!
?ޏ��&��G؛iVuW-;Rq�"*{�O?�B�`��n���w�&Gl1W5
f8.�.,.
hQ\bґ$G ;�ۇSSkq�+*\p\��]V]�qء}<|\�2�,zj YH?35v%��o?0p$duM:VJ/��~`&~&7eMu
a�qD�㔸�F�k37|ت)-ry1b�2�c?��3rx-�q�Vm]
*uȪu]:/Jz;͋�/4�8u?zдe�D�v(сO�Wq|p]Pg\\yF0x8]"GBu����eȧϣЦ0a�dtG|�;�6�y׆�p+ك噭�ޓe0l O0L�!(ۀ��:w.;хd����KV,Pbf\L�d(WL�:�<�i�Qe;J�+!Ӂga�j�㥞d(��=}@u��y�hI��dPU�A�X(�!��GNw4֫|xUC�i8�h"+JKtd
WgWQܷ�T�;$��e7]͔̹AWHz�Z D,ʓiT~�:8�"0#�6HX�sZ��IIWh]~�z�GH*oi��`t G$a[37M,
8f:Soe%7<-kԘH c:�bM{�/k���k:ˑILSEw3]bbsf�{�o|h���R�8bBȢ/�$P�<�NMp�ϣt*|HHzmx8QGC!%(��\�{�T[Y̚@�U'A(SXgie�:v:: ��hB�&�m�4=-1MQv����V�F)sT��(:Vcv�>@�
!.TH0p2W4T KLюX8)X<Ħvt�9ZI'� åmLj��d�"M,V;9WOң!,]1dqr9v1E��bcY,�sj``l�&9Wզ#XK�,%)=�hc9r]0f˒`+$詙��1D^*aD'A]RT8l=�x-5<��h΄܉>�ⴇ�R
3%_w!6jFZw�o$Y�1d�~@�Z9Jt1%6��>l��ڎUrQۛKM�x(A1-'͏��12�i(=��?�(�o'�=� (~>yL�)&�*1l=
UԊ&
Ih�=VY
�a
�ɿ�tjc}��۽���"̻Q5̄/Lt�31p_|jPPɑ6XGm^e�a4姾^)E�"Pu�~LJ_YGa6u0M83m!jX�Q
�$�R�fjF�$ qЌ�Hm�2?ژ||oH'O'4s�W�}g��X+5�k�eqF�y.�.�|q EFI\Y][v.JXJ)�MHܺf.�ta!YE'si�|X9V$"۹I�\m (�îbvK;A/۹�
`�ӸA%��v(d��D<�i
L}>�ƛf׳�Y~% ˽٭-"B>רopmP,��SޠҀ#�\V���+Ѩ�0L?
j?eDd?MO��^l20@��kbKnu"0q8ws�(*ŽW�[;x3���]�:ƻg���~�^q5OJ��O�)��jCCԷ�Ʃ5-
��&yMl]`�~A��&8:m\��UFjB�\�gB�V��W:�VZHzgz7Rh75$Pʖ9x#��b`�ų@0$@#rϕ}19Mz ��Гx.�d|e��è\J!nV�,� T7ZH.@6b�
�;g��Xj?Ww�"v�EX�P1!]jr�揔&Mjw*`�R)_�&��l/|ׄ@@,Umtqtw{�9����ed�E*M]�
�i�E[5$�$�yZ9AwGk�o�!C"�k(٤p�}�,Q?6VڱtP(H|6�:bo)u[h� �� f4�Yf0;�T;] ǣ9�8.ˇ|d��XVJ;љ�F,VָtAM*et*h
?4;�9d�H%V�$Q1�$LĜU%hv̶gf9}^Ӎ}G@s5+ҥa�v!|{J|L$R�Y沧^G�7
^MuRe
$(*��+jW`7��$;&�@s��{c&5}6[��=`�:.ԠW|�$;�0ǩ]9�
^`.8b�?pN��0f%�r�a�ؓ�v|�5eo59ġ/MFΛhf��
Vu\�OīM
GG��y/X%���Ec�/xV��O�~�
X>ۘg<|�j0{ꄅR� �H{%�B.:qqD�HN@Au�`Z=cv$nt$ӋX�C~�tݱuP&�._kC^ٿ&�%IA19A
A77cD~ ��\Y"?�ޣ6OݠI;�A{�zR�LrJ�5���k7bd>EgF:Y`-2ę+��s�Y~vz �]ɘ�2�
�M�xG��N*D&2�I��i^
jJʳ�pw�yN���6�{�Z]Zs�);&�A���Y]~�3Ccx�3ͦT~ a,B7U=VQ3|+]F۳z�xȔ'%Y_z{(iS��r9;?d}c8�Q s3 H,voz+ŋ�/7*"jބ}wЭ)0�[dɌL�H@1ن��Zw�ҾFw9��VBk"8PC��ҨꝤИh�fk<40�}]=BSi�yY��R(AU80k�6��dH|�@vHZ&�k*^OZ5r�
5s*|yln-ȂXU�rkw�"߇8HBK=G�Sp�%u��r�K&&�~�*5
Jj697�m).V*�1"o2H~.~C~ֱ��Gxo'�B¸Nو�E�
�_�{LN>��sS+02�y
T~�5y�9,a
�[E1tBZv^ GObIE�"6b�qc���{
}q�c&#.IA=@ԈqKs/�-dCV����ԎR5kF[S@m%W)pAx�J cƺ~��W�XeQ�H`uBq�+J-�.BM&�d V;Kߢx�`WEނ�J|ɍD=�
�h5.049bjmVh�*��?�:�M5++1gC?�9upӪo��x4��g) �_���ywyU4xY7Jt5
sqoyG>f�5c6=�\oO;�z�*"@ET�Acf!iXϵ�T{'��po3Œ�T;Vm��i<.j(-$~x<��@d�#8\27�na7�^�3i�rͣtވ�높M�;%`�s�r"�$Vc̨
?�A+da���ke#�11,tye
� �!�ؐy�
NEz�s�$to�W�?�bAL�l,呮#w6ڲؘ15h`��!
Z Srw��ր#}���t�/|�[B�/�
CYB(T-P®�e̎lPQEՂ:ବ ;n���<($�^,DIOLj�Ɲܘnxd1cj&
20w�PT��u�2n
@'ic]�e�?��=R6�5��Қhy57qn4/�E�[/H;6p!㗆梻#YAԚJ;ltMvy�h'مKa)Mdu�S}<甎M#'#�%�r1/b�(HMK\j\7JEU4ri�x*i�+2�tUGO�,+J=̙�s kuvi�G)�5dݬNp]V]kyHr���14x'JлWo
��A[X(6�
dTő�~�fJp��cs_`�iϗ�DMBO.:IOJW=�1Ee,�e�i|g�%(K0��DI3i�!N!x�WiE�X50�O�}5B3��Aѩ9MX�Y��8+D<σ/;X7�Y0>yzC%`Zif-�|xFަ?*c�1ZJ#ж,�*&=Pӝ� dq\��v�Y�m_Q2T�'YwyyQ�<{�4Hz'��%� N2c�{Q
��[�.�3�1 kBsޢ?%Z��dik�2o�%x�>g�J�Rx�։�ui�L3%*Hуy%Ĕm�D[�Y[دoo,≛�~�qJvh;C.UPD�ag*sN�pP*�/(QI9�,�e3-�N�w��\sl�6�.!�S���Ran$�Vo]Kҁ�ڿ|o49]c3��bi9W�\�c�LSNn;lg?8p�ټ
�j˄@�@�m,1@M�:
O�9b^xv_1P�c Xjҥ�3@@o̢^�:�=kpana�4YпR2
5�A˃`ڃtJR̋N̅a��R'I�pEzZJ]�yr>MXyk-�hÐSS�v�Wx%n�pj�\˰I�San�g�{{�42�8d1�rlCNwk R^�OȓG�˔$N"��RvqAv,+���%3{Q*|4��=+�~څ6zI��L5~i;0e�AMXy7ua){�J� �Z��ˊVq:v��V/q)FM^?̖
i5X굸"юg4R��MW_.>�UM�En]�'Dd�صhvaFDEC"{Ә�8�%Ύ8�S7z#jyW�7���[
B''&���&LIIr��KKLs(A�ÙTe@w��L[�
gL8V{�`x4�E��";G%[U˶BkY;>�Qf*<3SB�,e�1�
�W�hgǿ�<=$�.*bqgx!0^)Z=)p>�ۋxxyMcoUᘤa�`x�8�zBBoB\-v��#.
݃'s*m�LDWU�R{i١(_�L-�V�ʣ�53�g�ef�0ޜT$dhX�]��QK'߃Sg��1Q�W�^r]%H�>
sR~�APdRl�K���T)al3U5}yz
1-m˟-*Ǔϧc��i0o>� t�.�jCu��58�c8וĵЪs?l*H�kT(ϚG�yL͘
@ew�{{djX
L�!'�Kh�35��>LS٭X
��,az/>5�JAqo1^(2$AC4�dJ49�Α��B�>ؒ~i߉5cd�HBn!v�4�)7°=_0-�SL82y\hƵ2���*'3�g�tM8�=H{�oũ�r,�`�s{C;Nbrpo|sc[Sq3�3b=[n52�si5�r-�=?=~z!�mApXl�12LR�MR̤\93L022qT��3�&Mhֶ*XT$ޛľeN2V@Sk9-F?�Ԃ�ZsNO\$9d|AU�fr̀TXC#0/aP`�"G
G {#�rZJ
�+ۘ
=oG|@wXݛ
<_JeT-c�}�&V��'|/ԂF<�~5ɝ��+Kzĥ�QѺG�pa&U`HBqCQ�NP�[�giD�6>r#H
Eh�-S�aO1=b>%�*`ٌ�R�`ԙdt�ס��KBVK����FG=5R?#*Nm#�A,\27v�e~Ig)f킘�!w�6֏F��b��ۢX�1iJU+&%apӁkK\Y�[Dv�d^8*ہ��
Dx'r�kt炠x~��94)k@�6
@}X�-��-�ZAf��r"��R_a^X&σ!$s�ФӠ<�w�%/ow`@�̀:ǦThHl=E�u�>;Hh,z\~2mj[4Z3i0�2ՐW��#��B���#K��:[m,Wwpf��T'ĔY+Z+�KYѪ��ƶOJ8
u-+P¸=/M]�S�um~�f��ї�`F�gQ�݇G?|�U�5�s�୕礌[e,�K�ϕ�GbRϐG"Sۜ*?SS1$oB�vP>>^sYQ6ʜ��l^k':�&o1=6uۀ Џ%9{;Rz L��ɲd/*Gl�)7%Љօ#y\G9�S3*$&ӚNT�!�sjL;bo?�"�{ê�W)�|t@�ݲA+r*sK%rMauB}?¡�uZxftfGۨ&.cOցeє�q�j�l�8i��49U�tugeU̙DQ֮�I"8�__8H(<�o{]3k�y>Bn%{u#}g9
,#ao��dtS;>u0x�jMϩ=z L3װ.8!`_AF2kUQ~/��SH�uLPecP�wp#�c#gҨ60Ә�@ֽ�m�4�Xn,�h(s81|P��AO�QSn*[r�[� !CˍW`bj%Z&d CB7og�1ʝGR�t1��"d���mSh8B�c
,�,Q�ڽl:�`hd_ 痶Dސm{nt
yQ�Q�^[
Fu�R!��ɿZ�IU�k��Bl�rt>xsrk�SFn
�>�DVQ�v6Tr1��ʳR�Ѵ�n�zP�]kNz ��Ef�N�Uو|]\ٺ,ߐ&aF$`�Gz�Y㷢a;i:rb-
�2�/�x�k�,=<�r�p�9��Y%uYw�CEKp��)Mۃj;�&w�ID|ćB(6([:RHWG9;1�]�E�&FRbSX�cNTz
;�^G[$+0ٳD%%έ=Pd;X$ܒψbп_C.HD{�ùg f''KbZ��h=xY8+P۫A��k�|k}Ȅ2k�i{I�^M]M;�lVJ�|quds���lp%()t��y#�:[ �BDgb[MVHrlK�esm<�|:gν2Ŵڝ!r�n[L_ϛN#�z�f�Y'5 �:
Q�wQ��ݣ�ey9I�7�T2/O/�J!%Բ`�y8�.�pT
Y��X}E�(*9sMzǯKՍ'_ u#V_@�|>Ǘ-'|%2�KM7�J6[&�WNUf6/h]�'U}�;K!tlN{+qK#,�Y�G��s%;D/
},D2��tS4E�hN24Orc~��WKgh>��5~)c[(8@r_EH�!qx�3$fDn�A�]L]t)�2�;s�ᙐժ41
s��pv-s~$��AU�J=�lҕE�fI �F^IO;3C~-rؖ3@��IJ�?�4�N)�/!
oG�FqgzR�nykDn�(^���Ҙg"LnPɉû�5:��\
�rbK
%�3R�k+Q옓fy�
�[�.`!(�'�gU�#EbFpzJ:�TXu�pIj~7E
$,>��R0��f>�1&-�+j�J�hu�
S1$�L`Mk%^+|�@{guZ'݇\6t2"
��8߂ӛ|��6;7Jr}Z:�NkoW@%ݝ�C
*ܕ��w��r,=[i\pC�7<}�2�O(/L06c:')�#[!�F}#^Kż�}4I1�^���d �)=[�8*�t}��2Lc�;�@&fb'BҚo5Q51�e��s] b,hHcI���a44W
SXm�3EWʮ ΐl�KZW8~�4]
j�iY�P�yb6��C)DP桁רk(b�Gؔ8^(",)Wp[i/H\O(M�EGp����\͢o�C�=5/^�d�5A~z�glCf#�>e(r
�fB
d�f�Q㌡�PV�&o5R2}ar2^L)2]�YmwQM��l)�]�ąx;|b�KBK��'{ aE
�sJ[&\% Sk��/m�qAx*db�ܡ
nV֜=3mVyip)mw�1�\�ؼoƳ12 �N;K5Po/h�{Hm�1#l�L�4K�{3���<��e�wB�
S2��ָ2�sK�{��'[�5e�mz�N�@c�UE�%
îXQ�U"e\8bRTC?m��a/���ZrJڿE�,)q55P�s2s6]9�GEiwUw�A��8/�n.e:d�GŤ��zr3>���oE\�C_0)�M^3S�@*��}�mo1�{�)Bšചڅ��:�K.nY[]%2AB|,wWP@�_T2*|ZS:3X=�ZP;B4OULA�uk� Mm:�P*��w+¤�e���m5^�'R�!4�WP��}BҰ+�0I.Vs�1dQ�ZV'�a.вT'^l`m9=`�.y?!��l�1J���xSs�FU2Ӓ�vdH S�]o��;x� �80C��n \��+<�-3cbj]xE_uP<=&��uLˬ�*�pXh.y�0'#^�j��U7Nq~3��?(�V�;zAHV�P�&(VO�w4�^J.cDw�Q�Se*Q�/9*[Eә3q=˲ZȎ|80e
�,�8�$�(o(1beZOW| ��5W$��N.�@]>�SbPZ�a#"{�F�W͢1G9wA�pG28?r3H,pAᕍ�>2��f/QP}�z{ήDqj{9Q;+'i�ƽ�j�tV_jBcs>މ�Y,�`3߯ɳha=6h�t
��(M�~,�[Dpz�̻2l��.g7 �'r�U�zBZA}��Hߡ-Uov`�k-C�aX�c%j/e�BSkH "}[ʍ!
�XN�tܔ>"_l�.��\�A�~1i�EzV4 IW^h�a�5Wc�DH�Ejp:"12R�NQRcZMSa1l�hir/zX.5χ~"Y|��_V ��}�j8,h;5`�L�c%V'*NƯO7�XS!~ŨXp;�ef�ES<<@r=б4$5dn�y�f�zt�[yp�b^
k��R_T@$s�l\� +뙵`�v)س]Gj�ZcQJsPtf \�Nᧅ78�t]�^ܳ�$c=%Bn{l0ڶC#Tڄu
M2{6hFu�w?-�A�s�#+)�m�Jo%q'R�7Y}c4&آ6-_
^":)]#}$7�4�4'3fzzpf�F7Os�5����;Vl9e�m29�dSػ�ΫGUɝPcNpX41�t�x�#qB]jg\��l_�(5Ѵ+Xd+..&" 3am10sC�g�Nh�lwAL:阹W|הse3eHВLgo�0>U�zVƁ�Ze���QT2l�m�0.Z�B|أj�B�C1!)�H8O.�hǸ~;FjS|T\g�Ry�a:�H6vz"`$I�ë hj1�BFzcOnK�_�?y?TB�]S�mی6\X%>9V�ݎ]{&#�J�A��*�HO|�[-�7�e�Kj]3c5\'c>S�Bc�}gJO�ີ7�ƚ09 ٛ�i}�C0�̝X��4iz�Q�)�ĆyB�7o
����F��#6ii'0eۻpi~��^��}۾�.,?DCBhiQ_E(6$
"bt/�*��f67�0p}�ermM&�k�y�ʵ�߹�⁹j[e�I�PKJd�&�\r �RriI*��m�&*BWId$G<\$τ(p��I�kp!Ѐ�rVVW� $6#b[1~��w?!{,lS�PY@lH�5lh�0Wa5"S4cY0*Y~Ҹ+qdisA_S��N�j8�N<��~�8xLG
�T!6yΠ䇈�UZց;C1,f
D06;�^ܽ}k7Q@f,މ�
L!ܬ1u&j勰ڽ��1 Zx)[p
�D�ٖ[=٢&/�_.k־sPbEp2&n�Ξ�yNm6��!@�l?fj�ԆAE�hJkeC8Q�$d&88�8K�u"c�m}zq|#TF�*ޟk��فs;�V�-IdB��ouxjDAlbX��{~ ��Pi�&mUvB}#�#!��NHCe-B�ASfQ-�y[[;��j`9-j�X�Ey8i\L��]xJ��^!IȂI�&j)�w�nа0Jl!X*
�n
[O4|�XG=i6Pc�x J
=���iN�\l\e��-GZQY��e- "Eø� 4�gRq-�S;[K&�齻ZD�yerGJP(D#o`s�e�V`sEno�ܹ'N-9+��)�TSiJVi7R>_ ?,<�[`l��R'��quf��ߵV*
�~|�cI86]�tGut(W��Ul{(6��y�b\ʸ��sm�=W߷+ԾN?F5�(Y/0�vjVh{!,ˉ@yDD�"���TZ(9N��:���E
Nw=5sɀ܀1>}7L]0�]!~Kd�t2DI
'OE%\ĺvL0ҩ6gDl;�'14�
q?���3?9���!+�9yȘAL`.@Xm,N3e_.Ep Pn`cٺ4aQ}Up>o"�a<��+z�p;/t�3�HQ\h�p�F+~GҌ{B`l`ϴ�~;e�QQ_7�" �hC](qXA0j�8*+ ��#Ob4WTZ?TOta5H�T�xCP.E�$E:QJlr3^���_�"js]-�!϶Z��*Ƽ>�6Q?��(b�]S�{@<�Mfi;wA;@"������uj�8�Ж[lH��!¦#2�fL,K@)\0S(
���K
+@۬Րt�݂b�R\�L{ڪktm|q$\ْiuHdd�y�FhЃ )j/E�UM�=�ܔ��z��mpqnOgeԗ���I`@@�1X��S٨~G9�ﺥ�=p6NM?sp∛/ygKA�*0V|O'x��F}3C˄n7D�d
)��Od^a&�
�f%j�ب'LzsWp�$� �>ÑX1\QI�B4�D�;k&<'M@mᔱeW95
C�
;je.7M)�6�Te(o�S3RJD_V>ר1nnN�UN��\(hgxfhf���,WU3�rwINa.D]�Pp6}la9�ZڰT`
!C�;��Ԃ~^!��^gu{�v_;��BN}i�^vˬLޜLHd^$`�yG|�
ml��?.a�,#&ų
bSL�'�!N}j"�TF��vl�ap{x.q8�k� 0b�"!�.�NT�L}_4�4C�mY�˦NY}۴�\,W?�5F�Lnn~aj�WvZ��.ox6ō5,�͖3i!fH��]KTf.N]Q)�r0ew;]�X�"�g�{�OGA\�R:�i<�RH�vIȁ�Jj��ׂ9ߙl_`ri�b�N}bdc#Ǹmڕ�T:?x@KJ_p:��.W&Kj�]lKD�e�n\E�RV!.#y$�Bu
쥍DU�\Pt-�Rsɐ`6-�
MDgdia0܂C�P��"'E`%LX�kۊ�eun,�=PZI��QׇQCoP:!xЋUg"_�f�K>�KqgK�{�5R.p5C�^jK�� ;2P6~ m�keh���^$V�FZ8�Ěe>+oY
Xoݬȣ �,��&��JH tT'B T�*|�cn]�TӇ(�0|�W+KpZ��RK�d{1;ON@kf!�ipwFg�>z'J0 Bq@�lg�ݤAl'0!�-pXR`/C[c>�"i?��Sꃳ]bgRZ�[+(7>盥kvNPI7`-��0i�%cgv�|��7S�V_DWpMqq^AxLnV_�c;:C�Fg¤�z7XIQ;B�s3%d)6}�A4,fOP&yy3Gv;ot2ELQnܻ;$=�|�,$w$R6>1J?L
%ڬX\mÅ)dxOA/z>�6u�:#2#A+ԝ,d8@�w�ch$i�G��u\HA\
hP�q9^+̵X"(�>-XGb�M���Zlcg+@I%�Vaݜ�^Mr�@~lUc-+5`rgr,�*GjsӃ¶zt(R<]Q]Ge
U9rvѩ�+JPVbVS2E&h�i |tMߧbP�E�M"ɝ�r��4ul
+h�l�">M8ݮ�=GcS@&?x��vZ)OĤ�,}P>(W�˧��IX.�K_~v�?�@ј\��alhA ��ZXJ,E<
ssrG4վ�!�e, A�k�bC[�WXh[!a��ZI4CH�jMܼ[Ҡt&��B;�J]��#q[�$4C4ҩ(�hjG*���ek~6Tw8f{�A�e3�h4
Y�h4�J�q$gwk�]e8[ǡvf`(�\
Q2�$ɞ)0Ǹ?�!Υ':IY?~#
%dby3̬�o�l���`�hP?+,�H
[Ɋi)ւK�Q.^E%OH
+ ������ђ"�'i�jy��~T�þG۶~1ٞ��Ϝc!�ke7�X9ٸ^�J�o}iГ�� Vx-(]Oێ�`X���95�R=˨u<�Vq�5prs�څZ�-<:Z' 'Yo�vy��{I�3y;3]iU��R�o�^#x.iۯ0r*т��u2vnǪ_i2�_
0
@?*�˾�BYK(��tl��|w�q���/j5|�>Y@�,n3n,> }}Aw��=8�_`8xN
یa&~�>}Hf�4WYhQ� "wI*��ۑ_#I$qbDVix2�^:+1\vf|,pǫ�#�Lj.���Z;�"F�
�su�&,bo{|�FwT=05 T!{2�WX`9٬m�{�i[�J^�eʙ�/Bx�^,�J7!Bf/8HlYiq�l]P\p.���+4Ҽ}�Ogcۍ= XHGei�\>Dҧ�)4
�͕^pYff#(
`"�Q��WObJreQy�夊��f n3���ŻD.�DznVR%-F֖}X�_o[�5Xev�Jf]GP!N�6p]"QJY�Gthf9
�wO]g�'W>8201)%͑�EP:Z�V[n�RLFi5�=J)M�+�mQ�X/f���{����ZP�9J�ٯ<��o!-k4�fD_@t:Δ�\ݭ
O���o^>E�c�OkˊJrQq䍌S
Uܱ��(R
� )N�&�ϕ>1 #H�Ŵ0�SH�o=�#OJ��:
�*r6Cy2ӌ��[�&�Ѷ�í+�<�pqE*��x=
6��z��%s�'p
�^!�Ɏ.њ�E~dQ�%fKǶ�IsY9r ���I.I�snmB_܃dҥ܈^uTUoٮ;�9`q(Jw/ ݫ'p n:\/DOL#�vƬ�X�0-QAv�$#�K-Cݾor�V�5LE�rmW~w��ŷގ5�c ��!*kҳ�w"�
H*7t ~C'$6
~w!�O2[-Ӥ@c0-�vON�q%AP�M7\>&w�?r>(��Y`A+Mڱ
S,6}oD}�e(n^v�IM4�U�R-wՍR��T�Wֺ<�~ {ɒ*zX4_]
�O8K茻�*ʢr}>�.�@8D�ůe�v)�`n�n!J��y-fPe�,lC+i*�5'F W#��}N6sԻ�DFj܆W/P;~݃���k#-JWqG�rE͕j� T��y�R/5^V�w�8%D�|@Q`G.�"9ߥJ6�Ked�8o|%G��|elR>L��yUCp3�EԐM4��&lG)YkME<2��MG%*ޱ�p_z�U(ǻ�-C]�#əirQQbbhK3[�D�yԃN�h�
H.VB�yv]כõ<�9aҐ!]vz3�yb)2qLVnɮG H^QY�zY�K�XZ@9LcE+iS镛V;s��!�fCՖAAz*C���v=�nҚ �C?-�Bc�o�o��i0e�C�XXp�nS�,�V�n�>Y
DԺ|�^~[|ԀO�� u,66�_ʦh
�mQL$v3r8�E� /�cAp4lq��?u8H�]Y%tY؇���-�@)-+K/T�C��f:%;xs�=ߔobd}
oi�7+Fp�4;:W�uۥ
_�+�eb(�K�Q�9~ڌ\�F�.�T��4!9ac0TR:)��k��kɢ�[Ӆy3�$;�+��/�!>5�qܛ�X� �6t�0%{T%Z%�#23p�<\z�6� ��wb�d="�<
�*ɥ2-$_0�1�'��l�tUzQa�
}%xv�n=�9X?Q$;I>dī�
2Uϯ�*;3J�W4g�r-ZنdXsHaйo�H��~ۂ(2}%`~�fth&Fʙo4re��ŵ�=$WniʔQI@)��<��;
O�Vt�B0?ֽw?au+|`oMဲ
=H<¬ps|yώ;_GOk��7)&I9_V+��
$�2v��6\�P d�C]&j&(n 5eLV�;�-oKrds!DAV+&�ν��,Ա6;
e�%eLO7��
M`��|#RGvg�K,w�B>Gc�d3AD'�zAf�� �j�?1۠`�ޢB�YZX�K
w9��:L �yS9�}�e�\-�3b��FSb$�c;+ґo\Yx߽�q1yJ/�utP�3;*]B�!ʘIJ�o#vG:.-L;�'|r54�z&%z0Bkl K�]�Kc8%�gV�3PbQ.%aʗ,3�=�dCJJ'�T-lLjgߙ�z��[<�jRJw$.۾s)~3]|F`�tc
8y�{U:�:[{'\H�E*��wU
qb�$%�hҢ}jL��7O0b~%T ?�aﶦ4+M�b5x4M,��$2�McAsI@~b$^Oe�Ď-B�-I!`Fj2o&KlX],b)nE�2�c
0<��U17W"v88�$+h�tf�\DUגO/�,K�SCA$xda*C�b,^kA[*ė%m�xm} @Mz�bnDŽAPE݄QO�ƞw);]�q+H,D�\߄P_bp¶6>�m4����X���jF2Qp&|��]T*r��� � N4A76�?M�Q
_{C?%u�clMh6��}X�4(j=;B�?o�
��n@�hp�.$����>3SK%L1Oi@}3 qJߥ�ĸ~3s�V�$4sG? f�v2о'F)ǞMZx5l,)Mp9�#1M&TIЂW��Z{"�Aq�a'*6@w}N)�>�JWt@�fR�);�1�Zۈoeэ=LyV��siv67m#8x$ȣ/DT
)đd�nBj$*%L�ұu�$����b�^XU%�g�n�;ZW����nUv&�L%p_cJ^g�!r�L�QS�ܥ㢯 '�UOl=��-S]/��Y%;O �g%j9j1�f�L2ƹà vw�7?M'G�o�HFzrd[^Rc.в
4-�eIj�2!@NQ?R{#MW{`[ٲ[ږEDo؟(ptl$~b�I*K�1'�S�mPelj
��j�ݨL15\�OP0N/MQˉ�2{p]��+upEV�Ң����dn��?ƭb#G:�5��4щ�Èǔ�c~j��橲
֣OZ~�(�+c�B&?v?[h7FEBY<�k#bm`~lVA[ 86j�uʏ6^
E�.=TiQe�SRZf�.hfBv>NR,8s83�Kt=B����ly_X?js�+|K�zzg|�tj7n%m�`��EU�q?99y��iو�/ޓ�JUcr19=LQt@�܊9x�3,5P8M��;�uh1q{mQ1&tT)]FYi�hrKE7u�Ygt2Ga X-=[O6-AYrI�,~y��}"i7pʡhX�p4$�X--��,Q
ɝ+Ϧs_Q]0�`݂L����؈R&�l�wލCJ�>��i42�k5nG �Eh�HL�Wm\0UqS]z"x6YWeb1n2#!+Hk�L
P5��9OJꊲ7&jz1^���h q�}5�
i}PI=q�ьnǭ�ʮ�ҋ/V'.%h��xC�ǻ�
#N?rmח 'de_DT cck6e.�6v}ސ�G��E�-cy��;+}]z_ǐ�<��#�
[/)�luevse��]er�z}�qͫϥ
фS7sƼX�;ƙ
E[s=�>.m�1g1=fܙMw��TF(Z�f;d@ޠ
��ej.u鐔:�NJ��}��%>؝~Z:/�gŭމݸmh{5%2lJV1FvQrB@$��&�W���Kԣ6�CoH)s*>}9�\T!(SW2��EܕȱJ3#}'NArc�=!_ÚG/fa чh8��wc=/Q�ڤ�Y8px�vƓG^eqQrfg� -p_��ae�*w4,kH
I+Cp
zD*q)h|+�W�Rn78$b[� 'hI�K�y{K8&�3�ի�W�167
d,6fMmz�9�g��ep_%g���V�.��7�dw
k�ud�^�ᛱ�h*e xKs��T�8d.K?yB�@�pZؠ��F)Ԁ�e1)oL^\C�
_X3%~[vь>R�N!j;�S�Cz#FRh"BJ
ӼD�Ԧx�n�mx�ڭ�= ;:�ȀA�\hJ_�8&Zt�4"�q{� i
�Wu�����IfHQp?�D�s�d�nV?
�kJ��C�"���)=j�hi+�^kdp�R:.�o��Mͽ�꾑�2�dʂTLޣb2k2~��D,]?f_h7$Ps�vc#4NͿߊ8�:|oh6ts�EEq�s@&OM#�އw[%ԬY6إ3M�mN`J�"T]e�a+D�D��uy�bQL�lkؓ`,����IQjYP
ru��疾iB��M}N9t�h���$ 8M�}P27Vs,iVR�M ���l{NleNkK&9l�?ap�(��+Mʖ8 �ves؞P�H8悝˟L"o�l��(gqVdѐ-ll�O;��KfE4s"7_
'4I�ȧ�!3P4sbt1�ʈT;��U<~^ƴ�\pe8 %J�B��:LX϶Ηa��OI�=ˠ�F��$o�_!f0bX$nς�~k,qy�Q
!�vsj\�U}R\|g�o�^Lfc�(z-C:@ȶ[Patx51�깣���"aܭP;{"�w(kV9g$t
[ysK�cdvW}1z TG�j>\4=yT�u��e6=+/�U;��Q�y@-h�Ņ��`^>m(BN״�HM(o'�8'��@Z0��-.~;;
<�JNQ&l+Ys@+#[�g����j��#��,ͩX�.,?~3[olȒ���O`E�4�ޭ�q
@,�U#Hy��I
�d�TD<ǔѴ>*V?A
�!!
*6?Zl�s
0q� j�0o{}jqȓ`�(@B�$#/9�
h.r3#.mt|ֱ�u0��J5u�6o�R�!_�9Uu72�!ߋLM2TR bM@T�W~h�r���n�*j�jA@
�7桘u!$
��aѐ8���9�~ �� �*��q5kB<�I6xs%q5r
"q%�#{D@w0YAO�H-92�t\���A���v�51� �iG�#4�Z{יv�J2Ob70tP}��jOx�.�>;V�r)XFL@OAHzAW.kA��ox&'r��Rsw 7k:Fx��1&:M.O:~=p��S,XKUwzceb�;4B�X/-HT�1K� x$�OG�>�7EO�V$5Q�@}q�H81KTYR+w�?wb?�5W_L��1_q)
Hcvc2/wegxV�2+�EI�ɾr
�[
~!'G,p�]{@_ ׄmI%鋇l���Mh45ϸƇ~
}�k j!���siV4�u��}G7:Bٙnqwmݖ�(+� H
��/�2�3�B[R厦�F9�9E˭�ņ!��GeӀTF��e�QG$�xljߣ=5Ҷ#
0�4rs*ZuU>ד{@ɱNU d8>D�,'�2DeݔLSIOXZk*O�6̡x�tlK^zd@y���{UX9k
��O�r���>R�2s9C�+h>y# -ĨC�E��$W:`_�8@P�[X\&<�^ܚF>70ܭxeDΖZK꣫#'�}6+�t�҂�D��י{(�$b��m$;_}\��~Fm\gr.�J�;B ;I,|G��RG *`?\Է;lD??�5�PU�HSƩF&hv)cۣnR?T�vN�8L0g\��wF�%O�jWњ�!rn%>��_x�O_c �$8ap<�̃�0M";Ĕ2�.T�8.?Vwf�_����/ct3ݻ��6����W8m(�+/�d�
�'Dhn��3ṷ�d'B[a0v���?/lG#�oϲ5��
}9�H� z���AK�i7k<2Թ�6V#�9$�m>5:v�G_N=`�QUؾawm5}gm,�(4/%��,q~xo-*fv��\{o6�.UKM�[w�/hN�,h�c�'ȫwF
-t@)4Fv?�jro8FwG'ZV(���Q
F�Dˣ�O` E
�K�F|6786]Sw�ӃhڄCp��pߞ��4�>
o+1)ll�;fI��2e�W<,m�{t\���mC,ZkSA&618U8n5%A:57I�Yã�g SiV [50KFy/ r�(:*D;g�-W*/%N4���{aւ$4��L`C_3huf(R@w#LO��^s̘Ać_=o#�LZe?+C �N%˒ծ4vP:#PS`RE;P'Gx�,q�[ڨ�#'/G�^M�tΗLNBTC$��˧�='Q"n;5|iA�V$�ZA�S��WϠ+T[�
�]VtvW�:���~"wXнf
>�rJ"5;u:��5�XP��5
��'&LD*b.5ԩPfƾ
ځ"%͵7�
Q-|% խa.�4vv7y=|ApuR0VI@WnD#�:<:|"rZ&(b�ej~ۓ�mʆR�!>�GnheN p;$LeB�ۛ�F7�L���Ò �u��HgOҙ#,E7@)k6H>>3�@)�54aDH문4+��_85Cy*�2m$�*j:*g{�#zI*Sv{:EvVp5։ܭEH�Q1;c
��rYTK
/KAӒ~/4P%*<}1[do!82i:�a#RIhsiS�ԥ)�u�~�:�?L�Frt\|gKwr8��)�gS�*v�qQ59dv�:?� �%}y�w&�wM�U<�)`j܉�5ZTw��7{�L3T`sh�C0�j��.5t
d�M~�|M]�'WE4 g\ɳ)o&AźGNDtT�*\<$�af(K�L}JĶŏ/|RhcD@ 3B
�?�2�Q-��QJȖ�8nQNL^�1?��T \
��|h�g[+fw$o���M[EBE*"i<�39f]�/E�^-!|`�ȁS+*�g-6Cq���t!ݳ�%n-�mz��Fh�0k��ᩜԚ�pEH"x7IJ~`��w5\�S��s⺣+;Eue!�m>*)?t ٢!X�1�w
U�x?E���Z{/�cMy
��$^_8vK�j(Rܘv[2t�I�T4;b���7&)y�BcT)AEl8xy5C(�[0EM0�!>!ĤYZŰK�E�,G#�BLCAZt��-lv�ְ:�֯�Lԡb�эn�!#/OhRM=7N�%U��\�c
",�oWR0� �
{*9읫jE�L�03&�>��Lgdj,�)K
?2r�#:c!ی~�(��9q���/yQ�6T�VE��\S(�w !qـDZn1�}56Z�GRg� #e
�ڟvw2G���*s*3a�:PL�͈_úR��y{�v �
=��e�1C&D|?�CjcedϦۤKF�!�yX5�$�^H?����h$h6"ri�zRt)�=��hQhO,�,.gsn٫u1 AN
;-c[Sÿ��%_Q2�+{A
e�_Y�[
.qA}q"p*-�
�Uky���|S
'wtnM�(��&}徸]ϐ>?n�87F�A^SɅs�_
>["��h-|(pJd`V~\"z�:̓�ɔwрv;TT+nDxV״ѕV�P0ѹd_�\eeLGZ3��P냚�GOIܺdz�V,>�9�lB!r/+̦�`�%!r�(M�&�Ȅ�gzAbZ=ÛVT�1Ҟ> `�ڻ��jLZFF3rTO�'\�a�Ӡ�ses��PxU(^;s/G!�b�:1dK{M F3O!$S}�� ~l��� r��Rmn�ى>FxmXhE=
�mpo�RFP4KqxwT2�c�ZvϺ0�eHvwƼO�~H3`Q�ҲaƉ㶼K�: R)̑�ۈqHg�ܷ�T
�dROdnћEUp�7[3�}B�q�)�w
wWEr�7�$9w'=��B;s��'.%R ]c?+�멼#;�GCs�S�Dpp6�b�Rjn�ǽ6�qНT%я#zf+-
�}E=�;
I[�z6V�3T�,fJDuȶ46Es��}wNo6�#Q6����nH|z�`*
2L�+pu�3hm(|"@j:'.KF�D.\řtGzr_j`ckrH��ݰ!d�W^7ߪ-�C0r��C�Tj[j��#�O&F7���V*�|S.5S#.��1 ��J�_}㩁V�+)&c�ָz^�!pMFz��z$fGb}J�VsZ�>�5b9�d� Wme3QW20p!k�meD+h@�
��*fgB}���d�S5�I:2i��S�! �/V3#A��L�@D�+x<։J O7���XKQ+�ր$p�)a�X#`��0? �p�ds�[�\��t
��ƄlVmT�̅=�
%=JE@IF`oM;hc�/͆���30���$<.4Q�rVj%S*ߖ<)y..\�-�-x}̟��)e��(�+�SֱI
h,2N�Ŗ9jZI�6U:]ʄKd"w���x�J�q��W1W�Tï�8�C땋V-?Do6c�*7e1n~}if���0�+{��{�!(�*& 1�*6zu3�a=�9C�_c�DFдph?$T�
,%j3hh�x;į~�dm���Đа=3dJ\_ֺ^�/�:\O=g�U6YKJ�~N�^rt�'5QNYAF�M㉻_0 X[hAt; 8kݫ�N-ͻ��T,%6hN��$ ؏4|u2x$"ę�r㕯\OZ2Q-@do_s*�}jJ�{��X|ŗ�+Р+7qĐ0ҡ*C�f����)?�Xw0EKюT
&`s$*͟˽_O�|ueG(.%!�аr]ZV 0g@�&"�68iIM{9[�dEo¿JnB>ь�c*ec"]S�1N}ϸnU_��/p�teƗ곤]$kXGG
Z$=c�ϖc#Z�Mj1NW��T"�m�::E^�&`ATÌbY��)�;#5ەo�2]�
���ϼZ7dIP(1,�/8m /�m�:2�l�dK� �>o�46RA{��yD�ZUt|*3%)!'*�)ua
�T�ɢ1ŊP{X5�^('�yD497DfH��![үf=ڜ:��-!T$)}
.Mݱ9WEpE'gڧ8Vw��0h��@M
qAxu�TaǢSˡ/Z2�9'kXZD�_�S뜀kt}znݪl�N[}s'aa>rZB�-�+l�ٳt��Ǎv��[�M�{
;6e|gMQ7`YFY�(bcROθ�X|pM~ɀsg���L�eKR/+l�)�o�[O�i!N��Y#h555B>�n7t�]%g&�(A��B?
�VŴ��ρH^�T+5PNGkJ;v#}�� �1y6\�"tl>&cf5"�(���5Y9��p�]"�5�k�7(c;���9;S`�PWIҌW\~;g ULϢ{=W&9<�o{48V�Pz&W~�)9&!�V��R����Ouz �~R�%�ᘲ{�H�b/�5Hr�
Ͽ<50�`]>�v�p�~"0�+LJ'3�xa{�:">XZRc`v� CUG�[k.�kL]$Tm�$,n�#1z3 s{s�Ojz98'yd6Auiנ_
ufJOA|T~�{�N$�;c7L0-=��v�*k%�&�%�U6`:LYM9Vs"�䍜�m�YV:F.oؓmZ
U]�*3���$oo,mi҂b�fHu亦Kɿ��-J�ܿO碙@�B�Ѻ�`�t=�c�i!W5>LŚ?̃�(}.me�_�lk�g5r>1tJW-o�<-u涑@B� 4G�q%U7��a!�Gp�Rq8U'�9,�DhT7wY
=)?�1�#b�oѰu�4,Ǐ\�lEt�|:yHtB]��E~au'2���0>�X�~0.ZDtaؖ+k}U9W0y@ Lk힛��>
t!y4��fδ]z�gc�8.�Dz� vJPqm%XFs@}ΈhVb�S^`�"edcO$@A�*Ti�4ey0�Т_RfQƷh�1<:�Lb8q+Dő[ryL�*w���w
Ɉjvq9ʳ?Eh
�Y�N9�SrFҒ�(&9۫މ5x��{�zOn*|9#� V0j�6�'Qݵms(R��nh�ւ�.{=O�.$�/}�%of��Tg?�-\ю�D>5-�B-�}��'mu;���*lS#�/�dQI�C�jPl'>unp�4�lq|M��r��7o�_�u.fS}�u��"-Am�(@^'sI"/��AO;s#�]�WI+�{.
}ة|@qUN7u�{r�uLY]C�T�ܽJj�\4l���dXo%�Qa=[0G
J��a\rWj7ȱ�(ex͎u�q�0���\R5/�> hS'G�}�]?� o*1-+��&zզ If�K�M8ó�˟�l;q!dt>5tZ@�3$�Ǭ<+�nP2\(?+o�Pv��y92rV�oTlG�4�5pN)� DR-"�9��sS�
h}�@#vy!*Ozݚ�3�A;t�bڧ'�DWi$`g\ H�S//̺�jM"�&�pUth`-wI6E�7W�'#iʴ
9eH0]�=��yޱAkh_n@0MV.v �=:yKiI�|va*ᖅHDp[!fsq�?8F-6w��jo
Ѩ@V���Z6?�CL2FXTm�}aV[q)�an�f���>�Cթ>jw>_�; |