qemu-guest-agent-2.11.2-lp150.7.22.1 4>$  Ap\ḋ/=„Slu(L:[QYW ˳KkmD L<@`J`Sw | 60`0l|R[xA{Kl; b4NrRl`v#3co~`t8+x0YA8֌qL{bWB1N1lxmr3q=AGkJxxVb,"Id)/9}xQϔ>Pty9nmSJ+lmpǛLjK?7~]/>}7 ,>pI?xd ' <I bv n L\ d l |  ,"""(89:%y=o>w?@FGHIXY\]^Gbc?defluvwx,y<z ,2tCqemu-guest-agent2.11.2lp150.7.22.1Guest agent for QEMUThis package contains the QEMU guest agent. It is installed in the linux guest to provide information and control at the guest OS level.\cloud114 *6openSUSE Leap 15.0openSUSEBSD-3-Clause AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later AND MIThttp://bugs.opensuse.orgSystem/Emulators/PChttps://www.qemu.org/linuxx86_64/usr/bin/getent group kvm >/dev/null || /usr/sbin/groupadd -r kvm test -n "$FIRST_ARG" || FIRST_ARG="$1" # disable migration if initial install under systemd [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$FIRST_ARG" -eq 1 ]; then for service in qemu-ga@.service ; do sysv_service="${service%.*}" touch "/var/lib/systemd/migrated/$sysv_service" || : done else for service in qemu-ga@.service ; do # The tag file might have been left by a preceding # update (see 1059627) rm -f "/run/rpm-qemu-update-$service-new-in-upgrade" if [ ! -e "/usr/lib/systemd/system/$service" ]; then touch "/run/rpm-qemu-update-$service-new-in-upgrade" fi done for service in qemu-ga@.service ; do sysv_service="${service%.*}" if [ -e /var/lib/systemd/migrated/$sysv_service ]; then continue fi if [ ! -x /usr/sbin/systemd-sysv-convert ]; then continue fi /usr/sbin/systemd-sysv-convert --save $sysv_service || : done fi test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$YAST_IS_RUNNING" != "instsys" -a -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi if [ "$FIRST_ARG" -eq 1 ]; then if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl preset qemu-ga@.service || : fi elif [ "$FIRST_ARG" -gt 1 ]; then for service in qemu-ga@.service ; do if [ ! -e "/run/rpm-qemu-update-$service-new-in-upgrade" ]; then continue fi rm -f "/run/rpm-qemu-update-$service-new-in-upgrade" if [ ! -x /usr/bin/systemctl ]; then continue fi /usr/bin/systemctl preset "$service" || : done for service in qemu-ga@.service ; do sysv_service=${service%.*} if [ -e /var/lib/systemd/migrated/$sysv_service ]; then continue fi if [ ! -x /usr/sbin/systemd-sysv-convert ]; then continue fi /usr/sbin/systemd-sysv-convert --apply $sysv_service || : touch /var/lib/systemd/migrated/$sysv_service || : done fi if [ -e /dev/virtio-ports/org.qemu.guest_agent.0 ]; then /usr/bin/systemctl start qemu-ga@virtio\\x2dports-org.qemu.guest_agent.0.service || : fiif [ -e /dev/virtio-ports/org.qemu.guest_agent.0 ]; then /usr/bin/systemctl stop qemu-ga@virtio\\x2dports-org.qemu.guest_agent.0.service || : fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -ge 1 ]; then # Package upgrade, not uninstall if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_RESTART_ON_UPDATE" && . /etc/sysconfig/services test "$DISABLE_RESTART_ON_UPDATE" = yes -o \ "$DISABLE_RESTART_ON_UPDATE" = 1 && exit 0 /usr/bin/systemctl try-restart qemu-ga@.service ) || : fi else # package uninstall for service in qemu-ga@.service ; do sysv_service="${service%.*}" rm -f "/var/lib/systemd/migrated/$sysv_service" || : done if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi fi x 큤\Z [v\df123e3e1f13d391ba4ee33a93064167fb25ee868c37d0538adc5e319cef331c9fc207b4487d1b3ba7da9228097b7214beb050f073b62c6a4bd535fc983357c7b2bc27b9a9a0cad8833819bcbe5a1879b9f56135a630e78caf41c558fa08a47940be0715647393ce6a84d4f446455327c286ee358e8f3eeb0bbfd8e4fe706eacrootrootrootrootkvmrootrootrootqemu-2.11.2-lp150.7.22.1.src.rpmqemu-guest-agentqemu-guest-agent(x86-64)qemu:/usr/bin/qemu-ga @@@@@@@@@@@@@@@@@@@@    /bin/sh/bin/sh/bin/sh/bin/shlibc.so.6()(64bit)libc.so.6(GLIBC_2.10)(64bit)libc.so.6(GLIBC_2.11)(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.7)(64bit)libc.so.6(GLIBC_2.9)(64bit)libgcc_s.so.1()(64bit)libgcc_s.so.1(GCC_3.4)(64bit)libglib-2.0.so.0()(64bit)libgmodule-2.0.so.0()(64bit)libm.so.6()(64bit)libm.so.6(GLIBC_2.2.5)(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.12)(64bit)libpthread.so.0(GLIBC_2.2.5)(64bit)libpthread.so.0(GLIBC_2.3.2)(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)shadowsystemdsystemdsystemdsystemdudev3.0.4-14.6.0-14.0-15.2-14.14.1\s@\-@\N\Q\P@@\A\=@\I[@[@[@[0[@[@[R@[[@[Q@[h@[}P@[t[j@[b@[`O@[3|@[,[+@[+@[+@[+@[+@[+@[*AZ@Z@ZZ@ZZ̧@ZZZZZw@Z@ZX0>X%X lW_@WWv@WWίWW:WQWWWWW@W~W~WWzOWZWZWQq@WN@WN@WF@WEW!@W!@W@Wo@VbVV@V@V@VVuV]VQ@VQ@VMVMV0V&,VVZVZVZU6@U5@U(U@U@UUlI@Ud`@UT@UQ@U@U7@U4@U.RU-@U-@U) U'@U&iU&iU%@U%@UUU@U ]@U T@TTD@TZ@T@Bruce Rogers Bruce Rogers lma@suse.comLiang Yan Bruce Rogers ohering@suse.deLiang Yan lma@suse.comfli@suse.comBruce Rogers Liang Yan Bruce Rogers Larry Dewey Bruce Rogers Bruce Rogers Larry Dewey Bruce Rogers fli@suse.comLarry Dewey brogers@suse.combrogers@provo.novell.comldewey@suse.combrogers@suse.comfli@suse.combrogers@suse.comfli@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.comfli@suse.comlma@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.comlma@suse.comkwalter@suse.combrogers@suse.comlyan@suse.combrogers@suse.comlma@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.comjfehlig@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.comlyan@suse.combrogers@suse.combrogers@suse.comhenrik.kuhn@origenis.debrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.comlyan@suse.combrogers@suse.combrogers@suse.comjfehlig@suse.combrogers@suse.combrogers@suse.comschwab@suse.debrogers@suse.comschwab@suse.debrogers@suse.comlyan@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.comlyan@suse.combrogers@suse.combrogers@suse.comlyan@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.comafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.debrogers@suse.combrogers@suse.comohering@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.debrogers@suse.comafaerber@suse.deafaerber@suse.debrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.comagraf@suse.comafaerber@suse.debrogers@suse.comagraf@suse.combrogers@suse.comglin@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.comagraf@suse.combrogers@suse.combrogers@suse.comafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deolaf@aepfle.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.destefan.bruens@rwth-aachen.deagraf@suse.comafaerber@suse.deafaerber@suse.deafaerber@suse.detampakrap@opensuse.orgafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deagraf@suse.comcrrodriguez@opensuse.orgagraf@suse.comjslaby@suse.comafaerber@suse.deagraf@suse.comafaerber@suse.deafaerber@suse.deafaerber@suse.deagraf@suse.comafaerber@suse.deagraf@suse.comafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.debrogers@suse.comafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.dempluskal@suse.comafaerber@suse.deagraf@suse.comafaerber@suse.de- Fix qemu-testsuite failure 0121-tests-fix-TLS-handshake-failure-wit.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15- Use a new approach to handling the file input to -smbios option, which accepts either legacy or per-spec formats regardless of the machine type. (patch renamed and reworked) 0070-smbios-Add-1-terminator-if-any-stri.patch - > 0070-hw-smbios-handle-both-file-formats-.patch - Add x86 cpu feature "md-clear" (CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 bsc#1111331) 0120-target-i386-define-md-clear-bit.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15- Fix information leak in slirp (CVE-2019-9824 bsc#1129622) 0115-slirp-check-sscanf-result-when-emul.patch - Add method to specify whether or not to expose certain ppc64 host information, which can be considered a security issue (CVE-2019-8934 bsc#1126455) 0116-ppc-add-host-serial-and-host-model-.patch - Fix OOB memory access and information leak in virtual monitor interface (CVE-2019-03812 bsc#1125721) 0117-i2c-ddc-fix-oob-read.patch - Fix DOS possibility in device tree processing (CVE-2018-20815 bsc#1130675) 0118-device_tree.c-Don-t-use-load_image.patch - Adjust fix for CVE-2019-8934 (bsc#1126455) to match the latest upstream adjustments for the same. Basically now the security fix is to provide a dummy host-model and host-serial value, which overrides getting that value from the host 0119-spapr-Simplify-handling-of-host-ser.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15- Return specification exception for unimplemented diag 308 subcodes rather than a hardware error. 0114 is the main patch, 0112 introduces new function s390_program_interrupt, 0113 passes the retaddr into handle_diag_308 (bsc#1123179) 0112-s390x-tcg-introduce-and-use-s390_pr.patch 0113-s390x-diag-pass-the-retaddr-into-ha.patch 0114-s390x-Return-specification-exceptio.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15- Address various security/stability issues * Fix OOB access in slirp (CVE-2019-6778 bsc#1123156) 0106-slirp-check-data-length-while-emula.patch * Fix host security vulnerability related to handling symlinks in usb-mtp (CVE-2018-16872 bsc#1119493) 0107-usb-mtp-use-O_NOFOLLOW-and-O_CLOEXE.patch * Fix DoS in virtfs (CVE-2018-19489 bsc#1117275) 0108-9p-fix-QEMU-crash-when-renaming-fil.patch * Fix OOB issue (use-after-free) if virtfs interface is deliberately abused (CVE-2018-19364 bsc#1116717) 0109-9p-write-lock-path-in-v9fs_co_open2.patch 0110-9p-take-write-lock-on-fid-path-upda.patch * Fix OOB access performing PowerNV memory operations (CVE-2018-18954 bsc#1114957) 0111-ppc-pnv-check-size-before-data-buff.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15- Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15 * Improving disk performance for qemu on xen (bsc#1100408) * fix xen offline migration (bsc#1079730, bsc#1101982, bsc#1063993) * Patches added: 0097-xen-add-a-meaningful-declaration-of.patch 0098-xen_backend-add-grant-table-helpers.patch 0099-xen_disk-remove-open-coded-use-of-l.patch 0100-xen-remove-other-open-coded-use-of-.patch 0101-xen_backend-add-an-emulation-of-gra.patch 0102-xen_disk-remove-use-of-grant-map-un.patch 0103-xen_disk-use-a-single-entry-iovec.patch 0104-xen_disk-Avoid-repeated-memory-allo.patch 0105-xen-ignore-live-parameter-from-xen-.patch- Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15 * Patches added: 0095-linux-user-write-fd-NULL-0-parity-w.patch 0096-linux-user-make-pwrite64-pread64-fd.patch (bsc#1121600)- Use /bin/bash to echo value into sys fs for ksm control (bsc#1112646)- Provide the CPU model for the IBM z14 ZR1 to enable KVM guests to exploit new hardware features on the z14 ZR1. (bsc#1117615 fate#325875) 0094-s390x-cpumodels-add-z14-Model-ZR1.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15- Upstream went with a different solution for fixing the recent OOB access issue in NVM Express Controller emulation. Switch to that patch (CVE-2018-16847 bsc#1114529) * Patches dropped: 0090-nvme-fix-oob-access-issue-CVE-2018-.patch * Patches renamed: 0091-hw-char-serial-Only-retry-if-qemu_c.patch - > 0092-hw-char-serial-Only-retry-if-qemu_c.patch 0092-hw-char-serial-retry-write-if-EAGAI.patch - > 0093-hw-char-serial-retry-write-if-EAGAI.patch * Patches added: 0090-include-Add-IEC-binary-prefixes-in-.patch 0091-nvme-fix-out-of-bounds-access-to-th.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15- Fix a condition when retry logic does not execute in case of data transmit failure or connection hungup (bsc#1108474) - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15 * Patches added: 0091-hw-char-serial-Only-retry-if-qemu_c.patch 0092-hw-char-serial-retry-write-if-EAGAI.patch- Address the following security vulnerabilities: * Avoid OOB access in restoring lsi53c895a emulated SCSI controller state (CVE-2018-18849 bsc#1114422) 0089-lsi53c895a-check-message-length-val.patch * Avoid OOB access in NVM Express Controller emulation (CVE-2018-16847 bsc#1114529) 0090-nvme-fix-oob-access-issue-CVE-2018-.patch - Tweak spec file url's to match today's reality - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15* Pulling upstream security fixes for NE2000, RTL8139, pcnet, and packet size changes (CVE-2018-10839 CVE-2018-17958 CVE-2018-17962 CVE-2018-17963 bsc#1110910 bsc#1111006 bsc#1111010 bsc#1111013) - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15 * Patches added: 0085-ne2000-fix-possible-out-of-bound-ac.patch 0086-rtl8139-fix-possible-out-of-bound-a.patch 0087-pcnet-fix-possible-buffer-overflow.patch 0088-net-ignore-packet-size-greater-than.patch- Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15 * Patches added: 0084-linux-user-init_guest_space-Try-to-.patch- Change spec file http references to https- Adding Changes to mitigate seccomp vulnerability part 2 (CVE-2018-15746 bsc#1106222) - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15 * Patches added: 0082-sandbox-disable-sandbox-if-CONFIG_S.patch 0083-seccomp-check-TSYNC-host-capability.patch- Correct some versioning as follows: * Accurately reflect the qemu-ipxe package version value by adding "+" at the end * Don't overwrite seabios .version file, since now (for quite some time actually) upstream tarball creation creates this file and the value we are writing to it is actually wrong- In order to improve spectre mitigation for s390x, add a new feature in the QEMU cpu model to provide the etoken cpu feature for guests (bsc#1107489) * Patches added: 0080-linux-headers-update.patch 0081-s390x-kvm-add-etoken-facility.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15- Adding Changes to mitigate seccomp vulnerability (CVE-2018-15746 bsc#1106222). - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15 * Patches added: 0076-seccomp-allow-sched_setscheduler-wi.patch 0077-seccomp-prefer-SCMP_ACT_KILL_PROCES.patch 0078-configure-require-libseccomp-2.2.0.patch 0079-seccomp-set-the-seccomp-filter-to-a.patch- Fix (again) the qemu guest agent udev rule file, which got unfixed in a series of unfortunate events (bsc#1094898 and now bsc#1105279)- Based on latest upstream qemu, mark additional deprecations in support doc.- Update QEMU to allow kvm group access to /dev/sev (bsc#1102604). 71-sev.rules- Update QEMU SEV code to match upstream closely. This includes a fix for the value used for reduced_phys_bits, which differs (at least on the EPYC machine I test on) from what the previous code used. Please update the reduced_phys_bits value used on the commandline or in libvirt XML to the value 1 (explicitly set now in QEMU code). (bsc#1103628) * Patches dropped: 0044-memattrs-add-debug-attribute.patch 0045-exec-add-ram_debug_ops-support.patch 0046-exec-add-debug-version-of-physical-.patch 0047-monitor-i386-use-debug-APIs-when-ac.patch 0049-kvm-update-kvm.h-to-include-memory-.patch 0063-hw-i386-set-ram_debug_ops-when-memo.patch 0064-sev-i386-add-debug-encrypt-and-decr.patch 0065-target-i386-clear-C-bit-when-walkin.patch 0071-tests-qmp-test-blacklist-sev-specif.patch * Patches renamed: (some code-motion as well) 0048-machine-add-memory-encryption-prope.patch - > 0045-machine-add-memory-encryption-optio.patch 0050-docs-add-AMD-Secure-Encrypted-Virtu.patch - > 0046-docs-add-AMD-Secure-Encrypted-Virtu.patch 0051-target-i386-add-Secure-Encrypted-Vi.patch - > 0049-target-i386-add-Secure-Encrypted-Vi.patch 0052-qmp-add-query-sev-command.patch - > 0050-sev-i386-qmp-add-query-sev-command.patch 0053-include-add-psp-sev.h-header-file.patch - > 0051-include-add-psp-sev.h-header-file.patch 0054-sev-i386-add-command-to-initialize-.patch - > 0052-sev-i386-add-command-to-initialize-.patch 0055-sev-i386-register-the-guest-memory-.patch - > 0053-sev-i386-register-the-guest-memory-.patch 0056-kvm-introduce-memory-encryption-API.patch - > 0048-kvm-introduce-memory-encryption-API.patch 0057-hmp-add-info-sev-command.patch - > 0061-sev-i386-hmp-add-info-sev-command.patch 0058-sev-i386-add-command-to-create-laun.patch - > 0054-sev-i386-add-command-to-create-laun.patch 0059-sev-i386-add-command-to-encrypt-gue.patch - > 0055-sev-i386-add-command-to-encrypt-gue.patch 0060-target-i386-encrypt-bios-rom.patch - > 0056-target-i386-encrypt-bios-rom.patch 0061-sev-i386-add-support-to-LAUNCH_MEAS.patch - > 0057-sev-i386-add-support-to-LAUNCH_MEAS.patch 0062-sev-i386-finalize-the-SEV-guest-lau.patch - > 0058-sev-i386-finalize-the-SEV-guest-lau.patch 0066-qmp-add-query-sev-launch-measure-co.patch - > 0062-sev-i386-qmp-add-query-sev-launch-m.patch 0067-sev-i386-add-migration-blocker.patch - > 0059-sev-i386-add-migration-blocker.patch 0068-cpu-i386-populate-CPUID-0x8000_001F.patch - > 0060-cpu-i386-populate-CPUID-0x8000_001F.patch 0069-qmp-add-query-sev-capabilities-comm.patch - > 0063-sev-i386-qmp-add-query-sev-capabili.patch 0070-sev-i386-add-sev_get_capabilities.patch - > 0064-sev-i386-add-sev_get_capabilities.patch 0072-migration-warn-about-inconsistent-s.patch - > 0068-migration-warn-about-inconsistent-s.patch 0073-smbios-support-setting-OEM-strings-.patch - > 0069-smbios-support-setting-OEM-strings-.patch 0074-smbios-Add-1-terminator-if-any-stri.patch - > 0070-smbios-Add-1-terminator-if-any-stri.patch 0075-Remove-problematic-evdev-86-key-fro.patch - > 0071-Remove-problematic-evdev-86-key-fro.patch 0076-hmp-free-sev-info.patch - > 0065-hmp-free-sev-info.patch 0077-sev-i386-fix-memory-leak-in-sev_gue.patch - > 0066-sev-i386-fix-memory-leak-in-sev_gue.patch 0078-target-i386-sev-fix-memory-leaks.patch - > 0067-target-i386-sev-fix-memory-leaks.patch 0079-xen-add-xen-disk-naming-for-use-in-.patch - > 0072-xen-add-xen-disk-naming-for-use-in-.patch 0080-xen-add-block-resize-support-for-xe.patch - > 0073-xen-add-block-resize-support-for-xe.patch 0081-slirp-correct-size-computation-whil.patch - > 0074-slirp-correct-size-computation-whil.patch 0082-qga-check-bytes-count-read-by-guest.patch - > 0075-qga-check-bytes-count-read-by-guest.patch * Patches added: 0044-update-Linux-headers-to-4.16-rc5.patch 0047-kvm-add-memory-encryption-context.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15- Fix integer overflow while allocating a large memory chunk in qemu-ga: qmp_guest_file_read (CVE-2018-12617 bsc#1098735) 0082-qga-check-bytes-count-read-by-guest.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15- Update to v2.11.2, a stable, bug-fix-only release * This update contains new mitigation functionality for CVE-2018-3639 (Speculative Store Bypass) in x86, and security fixes for vga emulation (CVE-2018-7550). There's also broad range of bug/security fixes for migration, Intel IOMMU emulation, block layer/image handling, memory management, and various other areas/architectures. * Patches dropped (subsumed by stable update): 0033-memfd-fix-configure-test.patch 0039-qapi-ensure-stable-sort-ordering-wh.patch 0075-tap-set-vhostfd-passed-from-qemu-cl.patch 0079-tpm-lookup-cancel-path-under-tpm-de.patch 0080-vga-fix-region-calculation.patch 0081-i386-Add-bit-2-of-SPEC_CTRL-MSR-sup.patch 0082-s390-ccw-virtio-allow-for-systems-l.patch * Patches renamed: 0034-qapi-use-items-values-intead-of-ite.patch - > 0033-qapi-use-items-values-intead-of-ite.patch 0035-qapi-Use-OrderedDict-from-standard-.patch - > 0034-qapi-Use-OrderedDict-from-standard-.patch 0036-qapi-adapt-to-moved-location-of-Str.patch - > 0035-qapi-adapt-to-moved-location-of-Str.patch 0037-qapi-Adapt-to-moved-location-of-mak.patch - > 0036-qapi-Adapt-to-moved-location-of-mak.patch 0038-qapi-remove-q-arg-to-diff-when-comp.patch - > 0037-qapi-remove-q-arg-to-diff-when-comp.patch 0040-qapi-force-a-UTF-8-locale-for-runni.patch - > 0038-qapi-force-a-UTF-8-locale-for-runni.patch 0041-scripts-ensure-signrom-treats-data-.patch - > 0039-scripts-ensure-signrom-treats-data-.patch 0042-configure-allow-use-of-python-3.patch - > 0040-configure-allow-use-of-python-3.patch 0043-input-add-missing-JIS-keys-to-virti.patch - > 0041-input-add-missing-JIS-keys-to-virti.patch 0044-Make-installed-scripts-explicitly-p.patch - > 0042-Make-installed-scripts-explicitly-p.patch 0045-pc-fail-memory-hot-plug-unplug-with.patch - > 0043-pc-fail-memory-hot-plug-unplug-with.patch 0046-memattrs-add-debug-attribute.patch - > 0044-memattrs-add-debug-attribute.patch 0047-exec-add-ram_debug_ops-support.patch - > 0045-exec-add-ram_debug_ops-support.patch 0048-exec-add-debug-version-of-physical-.patch - > 0046-exec-add-debug-version-of-physical-.patch 0049-monitor-i386-use-debug-APIs-when-ac.patch - > 0047-monitor-i386-use-debug-APIs-when-ac.patch 0050-machine-add-memory-encryption-prope.patch - > 0048-machine-add-memory-encryption-prope.patch 0051-kvm-update-kvm.h-to-include-memory-.patch - > 0049-kvm-update-kvm.h-to-include-memory-.patch 0052-docs-add-AMD-Secure-Encrypted-Virtu.patch - > 0050-docs-add-AMD-Secure-Encrypted-Virtu.patch 0053-target-i386-add-Secure-Encrypted-Vi.patch - > 0051-target-i386-add-Secure-Encrypted-Vi.patch 0054-qmp-add-query-sev-command.patch - > 0052-qmp-add-query-sev-command.patch 0055-include-add-psp-sev.h-header-file.patch - > 0053-include-add-psp-sev.h-header-file.patch 0056-sev-i386-add-command-to-initialize-.patch - > 0054-sev-i386-add-command-to-initialize-.patch 0057-sev-i386-register-the-guest-memory-.patch - > 0055-sev-i386-register-the-guest-memory-.patch 0058-kvm-introduce-memory-encryption-API.patch - > 0056-kvm-introduce-memory-encryption-API.patch 0059-hmp-add-info-sev-command.patch - > 0057-hmp-add-info-sev-command.patch 0060-sev-i386-add-command-to-create-laun.patch - > 0058-sev-i386-add-command-to-create-laun.patch 0061-sev-i386-add-command-to-encrypt-gue.patch - > 0059-sev-i386-add-command-to-encrypt-gue.patch 0062-target-i386-encrypt-bios-rom.patch - > 0060-target-i386-encrypt-bios-rom.patch 0063-sev-i386-add-support-to-LAUNCH_MEAS.patch - > 0061-sev-i386-add-support-to-LAUNCH_MEAS.patch 0064-sev-i386-finalize-the-SEV-guest-lau.patch - > 0062-sev-i386-finalize-the-SEV-guest-lau.patch 0065-hw-i386-set-ram_debug_ops-when-memo.patch - > 0063-hw-i386-set-ram_debug_ops-when-memo.patch 0066-sev-i386-add-debug-encrypt-and-decr.patch - > 0064-sev-i386-add-debug-encrypt-and-decr.patch 0067-target-i386-clear-C-bit-when-walkin.patch - > 0065-target-i386-clear-C-bit-when-walkin.patch 0068-qmp-add-query-sev-launch-measure-co.patch - > 0066-qmp-add-query-sev-launch-measure-co.patch 0069-sev-i386-add-migration-blocker.patch - > 0067-sev-i386-add-migration-blocker.patch 0070-cpu-i386-populate-CPUID-0x8000_001F.patch - > 0068-cpu-i386-populate-CPUID-0x8000_001F.patch 0071-qmp-add-query-sev-capabilities-comm.patch - > 0069-qmp-add-query-sev-capabilities-comm.patch 0072-sev-i386-add-sev_get_capabilities.patch - > 0070-sev-i386-add-sev_get_capabilities.patch 0073-tests-qmp-test-blacklist-sev-specif.patch - > 0071-tests-qmp-test-blacklist-sev-specif.patch 0074-migration-warn-about-inconsistent-s.patch - > 0072-migration-warn-about-inconsistent-s.patch 0076-smbios-support-setting-OEM-strings-.patch - > 0073-smbios-support-setting-OEM-strings-.patch 0077-smbios-Add-1-terminator-if-any-stri.patch - > 0074-smbios-Add-1-terminator-if-any-stri.patch 0078-Remove-problematic-evdev-86-key-fro.patch - > 0075-Remove-problematic-evdev-86-key-fro.patch 0083-hmp-free-sev-info.patch - > 0076-hmp-free-sev-info.patch 0084-sev-i386-fix-memory-leak-in-sev_gue.patch - > 0077-sev-i386-fix-memory-leak-in-sev_gue.patch 0085-target-i386-sev-fix-memory-leaks.patch - > 0078-target-i386-sev-fix-memory-leaks.patch 0086-xen-add-xen-disk-naming-for-use-in-.patch - > 0079-xen-add-xen-disk-naming-for-use-in-.patch 0087-xen-add-block-resize-support-for-xe.patch - > 0080-xen-add-block-resize-support-for-xe.patch 0088-slirp-correct-size-computation-whil.patch - > 0081-slirp-correct-size-computation-whil.patch - Tweak build service constraints information to avoid failures - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15- Fix heap buffer overflow while reassembling fragmented datagrams in Slirp networking (CVE-2018-11806 bsc#1096223) 0088-slirp-correct-size-computation-whil.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15- Add support for block resize support for xen disks through the monitor. (fate#325467) (bsc#1094725) 0086-xen-add-xen-disk-naming-for-use-in-.patch 0087-xen-add-block-resize-support-for-xe.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15- Include some follow on SEV and SEV execution related patches (bsc#1091695) 0075-tap-set-vhostfd-passed-from-qemu-cl.patch 0083-hmp-free-sev-info.patch 0084-sev-i386-fix-memory-leak-in-sev_gue.patch 0085-target-i386-sev-fix-memory-leaks.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15- Update SEV patches to v10 series, which should then be interface compatible with upstream. Includes post v10 series update to SevState enum which matches upstream. (fate#322124) * Patches renamed: 0068-include-add-psp-sev.h-header-file.patch - > 0055-include-add-psp-sev.h-header-file.patch 0075-migration-warn-about-inconsistent-s.patch - > 0074-migration-warn-about-inconsistent-s.patch * Patches dropped: 0055-sev-i386-add-command-to-initialize-.patch 0056-qmp-populate-SevInfo-fields-with-SE.patch 0069-sev-i386-add-support-to-query-PLATF.patch 0070-sev-i386-add-support-to-KVM_SEV_GUE.patch 0071-qmp-add-query-sev-launch-measure-co.patch 0072-tests-qmp-test-blacklist-query-sev-.patch 0073-sev-i386-add-migration-blocker.patch 0074-cpu-i386-populate-CPUID-0x8000_001F.patch * Patches added: 0056-sev-i386-add-command-to-initialize-.patch 0068-qmp-add-query-sev-launch-measure-co.patch 0069-sev-i386-add-migration-blocker.patch 0070-cpu-i386-populate-CPUID-0x8000_001F.patch 0071-qmp-add-query-sev-capabilities-comm.patch 0072-sev-i386-add-sev_get_capabilities.patch 0073-tests-qmp-test-blacklist-sev-specif.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15- Tweak patch file generation to be more git version agnostic. Also change update_git.sh to not reformat spec file by default.- Fix QEMU crashes when starting a guest with more than 7.999TB on the s390x platform (bsc#1094913) 0082-s390-ccw-virtio-allow-for-systems-l.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15- Fix qemu-guest-agent service issue (bsc#1094898)- Only enable glusterfs for openSUSE- Spectre v4 vulnerability mitigation support for KVM guests. High level description of vulnerability: Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This patch permits the new x86 cpu feature flag named "ssbd" to be presented to the guest, given that the host has this feature, and KVM exposes it to the guest as well. For this feature to be enabled, via adding it to the qemu commandline (eg: -cpu ,+spec-ctrl,+ssbd), so the guest OS can take advantage of the feature, spec-ctrl and ssbd support is also required in the host. (CVE-2018-3639 bsc#1092885) * Patches added: 0081-i386-Add-bit-2-of-SPEC_CTRL-MSR-sup.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15- Fix qemu-guest-agent uninstall (bsc#1093169)- Fix autoinstall of qemu-guest-agent by getting the modalias string right (bsc#1091143)- Guard strncpy call with GCC pragma to disable warning about possible incorrect usage, when in fact it is correct. This is for gcc 8 compatibility (bsc#1090355) ipxe-efi-guard-strncpy-with-gcc-warning-ignore-pragma.patch- Add WantedBy for enable qemu-ga@.service auto start (bsc#1090369)- fix qemu-ga service file name (bsc#1089067)- Fix OOB access in VGA emulation (CVE-2018-7858 bsc#1084604) 0080-vga-fix-region-calculation.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.11- Add new look up path "sys/class/tpm" for tpm cancel path based on Linux 4.0 change (commit 313d21eeab9282e)(bsc#1070615) 0079-tpm-lookup-cancel-path-under-tpm-de.patch- Fix issue with key codes in qemu v2.11 0078-Remove-problematic-evdev-86-key-fro.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.11- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.11 * Patches added: 0077-smbios-Add-1-terminator-if-any-stri.patch bsc#994082 and bsc#1084316- Add support for setting OEM strings table (fate#323624) 0076-smbios-support-setting-OEM-strings-.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.11- SLE15 KVM (as targeted for RC1) now has the feature exposed. Drop the patch. (bsc#1082276) 0076-i386-Compensate-for-KVM-SPEC_CTRL-f.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.11- Change example qemu-ifup script to not depend on bridge-utils. Also update the paths used for ip binary.- Eliminate bogus use of CPUID_7_0_EDX_PRED_CMD which we've carried since the initial Spectre v2 patch was added. EDX bit 27 of CPUID Leaf 07H, Sub-leaf 0 provides status on STIBP, and not the PRED_CMD MSR. Exposing the STIBP CPUID feature bit to the guest is wrong in general, since the VM doesn't directly control the scheduling of physical hyperthreads. This is left strictly to the L0 hypervisor.- Update to v2.11.1, a stable, (mostly) bug-fix-only release In addition to bug fixes, of necessity fixes are needed to address the Spectre v2 vulnerability by passing along to the guest new hardware features introduced by host microcode updates. A January 2018 release of qemu initially addressed this issue by exposing the feature for all x86 vcpu types, which was the quick and dirty approach, but not the proper solution. We remove that initial patch and now rely on the upstream solution. This update instead defines spec_ctrl and ibpb cpu feature flags as well as new cpu models which are clones of existing models with either -IBRS or -IBPB added to the end of the model name. These new vcpu models explicitly include the new feature(s), whereas the feature flags can be added to the cpu parameter as with other features. In short, for continued Spectre v2 protection, ensure that either the appropriate cpu feature flag is added to the QEMU command-line, or one of the new cpu models is used. Although migration from older versions is supported, the new cpu features won't be properly exposed to the guest until it is restarted with the cpu features explicitly added. A reboot is insufficient. A warning patch is added which attempts to detect a migration from a qemu version which had the quick and dirty fix (it only detects certain cases, but hopefully is helpful.) s390x guest vulnerability to Spectre v2 is also addressed in this update by including support for bpb and ppa/stfle.81 features. (CVE-2017-5715 bsc#1068032) For additional information on Spectre v2 as it relates to QEMU, see: https://www.qemu.org/2018/02/14/qemu-2-11-1-and-spectre-update/ - Unfortunately, it was found that our current KVM isn't correctly indicating support for the spec-ctrl feature, so I've added a patch to still detect that support within QEMU. This is of course a temporary kludge until KVM gets fixed. (bsc#1082276) - The SEV support patches are updated to the v9 series. - Fix incompatibility with recent glibc (boo#1081154) - Add Supplements tags for the guest agent package in an attempt to auto-install for QEMU and Xen SUSE Linux guests (fate#323570) * Patches dropped (subsumed by stable update, or reworked in v9): 0033-i386-kvm-MSR_IA32_SPEC_CTRL-and-MSR.patch 0050-target-i386-add-memory-encryption-f.patch 0054-accel-add-Secure-Encrypted-Virtuliz.patch 0072-sev-Fix-build-for-non-x86-hosts.patch * Patches added: 0033-memfd-fix-configure-test.patch 0053-target-i386-add-Secure-Encrypted-Vi.patch 0056-qmp-populate-SevInfo-fields-with-SE.patch 0072-tests-qmp-test-blacklist-query-sev-.patch 0073-sev-i386-add-migration-blocker.patch 0074-cpu-i386-populate-CPUID-0x8000_001F.patch 0075-migration-warn-about-inconsistent-s.patch 0076-i386-Compensate-for-KVM-SPEC_CTRL-f.patch * Patches renamed (plus some minor code changes): 0051-machine-add-memory-encryption-prope.patch - > 0050-machine-add-memory-encryption-prope.patch 0052-kvm-update-kvm.h-to-include-memory-.patch - > 0051-kvm-update-kvm.h-to-include-memory-.patch 0053-docs-add-AMD-Secure-Encrypted-Virtu.patch - > 0052-docs-add-AMD-Secure-Encrypted-Virtu.patch 0055-sev-add-command-to-initialize-the-m.patch - > 0055-sev-i386-add-command-to-initialize-.patch 0056-sev-register-the-guest-memory-range.patch - > 0057-sev-i386-register-the-guest-memory-.patch 0057-kvm-introduce-memory-encryption-API.patch - > 0058-kvm-introduce-memory-encryption-API.patch 0058-qmp-add-query-sev-command.patch - > 0054-qmp-add-query-sev-command.patch 0060-sev-add-command-to-create-launch-me.patch - > 0060-sev-i386-add-command-to-create-laun.patch 0061-sev-add-command-to-encrypt-guest-me.patch - > 0061-sev-i386-add-command-to-encrypt-gue.patch 0063-sev-add-support-to-LAUNCH_MEASURE-c.patch - > 0063-sev-i386-add-support-to-LAUNCH_MEAS.patch 0064-sev-Finalize-the-SEV-guest-launch-f.patch - > 0064-sev-i386-finalize-the-SEV-guest-lau.patch 0066-sev-add-debug-encrypt-and-decrypt-c.patch - > 0066-sev-i386-add-debug-encrypt-and-decr.patch 0069-sev-add-support-to-query-PLATFORM_S.patch - > 0069-sev-i386-add-support-to-query-PLATF.patch 0070-sev-add-support-to-KVM_SEV_GUEST_ST.patch - > 0070-sev-i386-add-support-to-KVM_SEV_GUE.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.11- Add AMD SEV (Secure Encrypted Virtualization) support by taking the v7 series of the patches posted to qemu ml. (fate#322124) 0046-memattrs-add-debug-attribute.patch 0047-exec-add-ram_debug_ops-support.patch 0048-exec-add-debug-version-of-physical-.patch 0049-monitor-i386-use-debug-APIs-when-ac.patch 0050-target-i386-add-memory-encryption-f.patch 0051-machine-add-memory-encryption-prope.patch 0052-kvm-update-kvm.h-to-include-memory-.patch 0053-docs-add-AMD-Secure-Encrypted-Virtu.patch 0054-accel-add-Secure-Encrypted-Virtuliz.patch 0055-sev-add-command-to-initialize-the-m.patch 0056-sev-register-the-guest-memory-range.patch 0057-kvm-introduce-memory-encryption-API.patch 0058-qmp-add-query-sev-command.patch 0059-hmp-add-info-sev-command.patch 0060-sev-add-command-to-create-launch-me.patch 0061-sev-add-command-to-encrypt-guest-me.patch 0062-target-i386-encrypt-bios-rom.patch 0063-sev-add-support-to-LAUNCH_MEASURE-c.patch 0064-sev-Finalize-the-SEV-guest-launch-f.patch 0065-hw-i386-set-ram_debug_ops-when-memo.patch 0066-sev-add-debug-encrypt-and-decrypt-c.patch 0067-target-i386-clear-C-bit-when-walkin.patch 0068-include-add-psp-sev.h-header-file.patch 0069-sev-add-support-to-query-PLATFORM_S.patch 0070-sev-add-support-to-KVM_SEV_GUEST_ST.patch 0071-qmp-add-query-sev-launch-measure-co.patch 0072-sev-Fix-build-for-non-x86-hosts.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.11- Update python3 related patches now that they are upstream- guest agent: change service file to a template so it can be used by Xen as well. Adjust udev rule accordingly. FATE#324963- Fix machine inconsistency with -no-acpi and nvdimm (bsc#1077823) 0045-pc-fail-memory-hot-plug-unplug-with.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.11- Modify BuildRequires python references - seabios also needed tweaks for python2 vs python3 * Patches added: seabios-use-python2-explicitly-as-needed.patch seabios-switch-to-python3-as-needed.patch- Try to get our story right wrt python2 vs python3 (bsc#1077564) * Get rid of use of #!/usr/bin/env python in scripts we install * include proposed upstream build system changes needed for building with python2 or python3 * Patches dropped: 0032-scripts-avoid-usr-bin-python-refere.patch * Patches renamed: 0033-Switch-order-of-libraries-for-mpath.patch - > 0032-Switch-order-of-libraries-for-mpath.patch 0034-i386-kvm-MSR_IA32_SPEC_CTRL-and-MSR.patch - > 0033-i386-kvm-MSR_IA32_SPEC_CTRL-and-MSR.patch * Patches added: 0034-qapi-use-items-values-intead-of-ite.patch 0035-qapi-Use-OrderedDict-from-standard-.patch 0036-qapi-adapt-to-moved-location-of-Str.patch 0037-qapi-Adapt-to-moved-location-of-mak.patch 0038-qapi-remove-q-arg-to-diff-when-comp.patch 0039-qapi-ensure-stable-sort-ordering-wh.patch 0040-qapi-force-a-UTF-8-locale-for-runni.patch 0041-scripts-ensure-signrom-treats-data-.patch 0042-configure-allow-use-of-python-3.patch 0043-input-add-missing-JIS-keys-to-virti.patch 0044-Make-installed-scripts-explicitly-p.patch Make-installed-scripts-explicitly-python3.patch ui-keycodemapdb-Add-missing-QKeyCode-val.patch ui-keycodemapdb-Fix-compat-with-py3-dict.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.11- Fix packaging dependencies (coreutils) for qemu-ksm package (bsc#1040202)- Pass through to guest info related to x86 security vulnerability (CVE-2017-5715 bsc#1068032) 0034-i386-kvm-MSR_IA32_SPEC_CTRL-and-MSR.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.11- Update to v2.11.0: See http://wiki.qemu.org/ChangeLog/2.11 Some noteworthy changes: - nodefconfig is now deprecated legacy pci-assignment code removed qemu-pr-helper added for handling guest persistant reservations (bsc#891066, bsc#910704, bsc#943807) qemu-keymap tool added for generating keymap files throttle block filter driver added support for a TPM emulator qcow2 image shrink support better support for >=64 vcpus for Windows guests nested KVM related improvements s390 pgste handling now done better EPYC cpu model added (bsc#1052825) improvements in qcow2 buffer handling vhost-user resume issue fixed migration hardening ARMv8-M security extension support more seccomp/sandboxing options available s390 cpu hot-plug improvements misc. virtfs improvements nbd improvements MTTCG improvements misc. TCG improvements scsi correctness improvements SEABIOS now has serial output option * Includes fixes for CVE-2017-15118 bsc#1070147, CVE-2017-15119 bsc#1070144 * Adds KASLR support (fate#323473, bsc#1070281) * Update SLE support docs to match this release * simplify spec file to expect at least sle_version >= 1315 * Patches dropped (upstream): 0013-console-add-question-mark-escape-op.patch 0020-configure-Fix-detection-of-seccomp-.patch 0034-target-i386-cpu-Add-new-EPYC-CPU-mo.patch 0035-chardev-baum-fix-baum-that-releases.patch 0036-io-fix-temp-directory-used-by-test-.patch 0037-io-fix-check-for-handshake-completi.patch 0038-crypto-fix-test-cert-generation-to-.patch 0039-vhost-user-disable-the-broken-subpr.patch 0040-io-monitor-encoutput-buffer-size-fr.patch 0041-cirrus-fix-oob-access-in-mode4and5-.patch 0042-9pfs-use-g_malloc0-to-allocate-spac.patch * Patches renamed: 0014-Make-char-muxer-more-robust-wrt-sma.patch - > 0013-Make-char-muxer-more-robust-wrt-sma.patch 0015-linux-user-lseek-explicitly-cast-no.patch - > 0014-linux-user-lseek-explicitly-cast-no.patch 0016-AIO-Reduce-number-of-threads-for-32.patch - > 0015-AIO-Reduce-number-of-threads-for-32.patch 0017-xen_disk-Add-suse-specific-flush-di.patch - > 0016-xen_disk-Add-suse-specific-flush-di.patch 0018-qemu-bridge-helper-reduce-security-.patch - > 0017-qemu-bridge-helper-reduce-security-.patch 0019-qemu-binfmt-conf-use-qemu-ARCH-binf.patch - > 0018-qemu-binfmt-conf-use-qemu-ARCH-binf.patch 0021-linux-user-properly-test-for-infini.patch - > 0019-linux-user-properly-test-for-infini.patch 0022-roms-Makefile-pass-a-packaging-time.patch - > 0020-roms-Makefile-pass-a-packaging-time.patch 0023-Raise-soft-address-space-limit-to-h.patch - > 0021-Raise-soft-address-space-limit-to-h.patch 0024-increase-x86_64-physical-bits-to-42.patch - > 0022-increase-x86_64-physical-bits-to-42.patch 0025-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch - > 0023-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch 0026-i8254-Fix-migration-from-SLE11-SP2.patch - > 0024-i8254-Fix-migration-from-SLE11-SP2.patch 0027-acpi_piix4-Fix-migration-from-SLE11.patch - > 0025-acpi_piix4-Fix-migration-from-SLE11.patch 0028-Fix-tigervnc-long-press-issue.patch - > 0026-Fix-tigervnc-long-press-issue.patch 0029-string-input-visitor-Fix-uint64-par.patch - > 0027-string-input-visitor-Fix-uint64-par.patch 0030-test-string-input-visitor-Add-int-t.patch - > 0028-test-string-input-visitor-Add-int-t.patch 0031-test-string-input-visitor-Add-uint6.patch - > 0029-test-string-input-visitor-Add-uint6.patch 0032-tests-Add-QOM-property-unit-tests.patch - > 0030-tests-Add-QOM-property-unit-tests.patch 0033-tests-Add-scsi-disk-test.patch - > 0031-tests-Add-scsi-disk-test.patch 0043-scripts-avoid-usr-bin-python-refere.patch - > 0032-scripts-avoid-usr-bin-python-refere.patch * We need the multipath libraries link order switched 0033-Switch-order-of-libraries-for-mpath.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.11- Avoid ref to /usr/bin/python in vmstate-static-checker.py script 0043-scripts-avoid-usr-bin-python-refere.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.10- For SLE15, it's been decided to stop providing SDL based graphics due to packaging constraints. Long ago GTK became the default, and there is little benefit to providing both. For now, keep it enabled for openSUSE (Tumblweed and Leap), but consider it marked deprecated there and if no one complains it will be removed for openSUSE as well in the near future. (fate#324465) - Fix problem building skiboot.lid skiboot-build-LDFLAGS-pass-pie-flag-explicitly-to-ld.patch- Wrap analyze-migration and vmstate-static-checker into tools from qemu scripts folder, also changed introduction of qemu-tools in spec file - Move supportplugin position in spec file- Add announcement in support docs about qed storage format no longer being supported in next major SLE release (SLE15) (fate#324200) - Address various security/stability issues * Fix DoS in I/O channel websockets (CVE-2017-15268 bsc#1062942) 0040-io-monitor-encoutput-buffer-size-fr.patch * Fix OOB access in cirrus vga device emulation (CVE-2017-15289 bsc#1063122) 0041-cirrus-fix-oob-access-in-mode4and5-.patch * Fix information leak in 9pfs interface (CVE-2017-15038 bsc#1062069) 0042-9pfs-use-g_malloc0-to-allocate-spac.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.10- Don't tie glusterfs support to specific arch - Build skiboot firmware (OPAL), particularly since it's fairly easy to do so skiboot-GCC7-fixes-for-Wimplicit-fallthr.patch skiboot-libc-stdio-vsnprintf.c-add-expli.patch- Added the global macro 'with_glusterfs' in order to re-enable glusterfs support. The macro enable easier future adjustments for various ARCH/targets/requiremnets. At first glusterfs support is enabled for openSUSE Leap 42.x and Factory for ARCH x86_64.- Add dependencies on ovmf (uefi) for the qemu-x86 and qemu-arm packages - Fix s390-netboot.img to be included with qemu-s390 package, not qemu-ppc- Update to v2.10.1, a stable, bug-fix-only release * fixes bsc#1056386 CVE-2017-13673, bsc#1056334 CVE-2017-13672, bsc#1057585 CVE-2017-14167 * Patches dropped (upstream): 0034-slirp-fix-clearing-ifq_so-from-pend.patch 0035-s390-ccw-Fix-alignment-for-CCW1.patch 0038-s390x-ais-for-2.10-stable-disable-a.patch 0039-s390x-cpumodel-remove-ais-from-z14-.patch * Patches renamed: 0036-target-i386-cpu-Add-new-EPYC-CPU-mo.patch - > 0034-target-i386-cpu-Add-new-EPYC-CPU-mo.patch 0037-chardev-baum-fix-baum-that-releases.patch - > 0035-chardev-baum-fix-baum-that-releases.patch 0040-io-fix-temp-directory-used-by-test-.patch - > 0036-io-fix-temp-directory-used-by-test-.patch 0041-io-fix-check-for-handshake-completi.patch - > 0037-io-fix-check-for-handshake-completi.patch 0042-crypto-fix-test-cert-generation-to-.patch - > 0038-crypto-fix-test-cert-generation-to-.patch 0043-vhost-user-disable-the-broken-subpr.patch - > 0039-vhost-user-disable-the-broken-subpr.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.10- Fix failures and potential failures in qemu-testsuite 0040-io-fix-temp-directory-used-by-test-.patch 0041-io-fix-check-for-handshake-completi.patch 0042-crypto-fix-test-cert-generation-to-.patch 0043-vhost-user-disable-the-broken-subpr.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.10- Fix migration issue on s390 0038-s390x-ais-for-2.10-stable-disable-a.patch 0039-s390x-cpumodel-remove-ais-from-z14-.patch - Fix case of not being able to build from rpm sources due to undefined macro (boo#1057966) - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.10- Fix baum that release brlapi twice (bsc#1060045) 0037-chardev-baum-fix-baum-that-releases.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.10- For SLE15 pre-release testing, add support for the EPYC processor. This will be officially supported once it is included in the v2.11 release. (bsc#1052825) 0036-target-i386-cpu-Add-new-EPYC-CPU-mo.patch - Fix some support statements in our SLE support documents.- Update BuildRequires packages libibverbs-devel and librdmacm-devel to the more correct rdma-core-devel - Enable seccomp for s390x, aarch64, and ppc64le - Fix OOB issue (use after free) in slirp network stack (CVE-2017-13711 bsc#1056291) 0034-slirp-fix-clearing-ifq_so-from-pend.patch - Fix a misalignment in the s390 ccw firmware (bsc#1056680) 0035-s390-ccw-Fix-alignment-for-CCW1.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.10- Add a supportconfig plugin qemu-supportconfig FATE#323661- Update to v2.10.0: See http://wiki.qemu.org/ChangeLog/2.10 - Dropped internal only patches used to support SUSE Studio Testdrive as well as other miscellaneous patches deemed unused and not worth carrying (bsc#1046783, bsc#1055125, bsc#1055127) - Update SLE support statements in anticipation of SLE15 - disable SAN boot capability from virtio pxe rom used in v1.4 and older pc machine types due to rom size requirements. Hopefully a better solution can be found which doesn't impact functionality * Patches added: ipxe-stub-out-the-SAN-req-s-in-int13.patch * Patches renamed: 0006-qemu-cvs-gettimeofday.patch -> 0003-qemu-cvs-gettimeofday.patch 0007-qemu-cvs-ioctl_debug.patch -> 0004-qemu-cvs-ioctl_debug.patch 0008-qemu-cvs-ioctl_nodirection.patch -> 0005-qemu-cvs-ioctl_nodirection.patch 0009-linux-user-add-binfmt-wrapper-for-a.patch -> 0006-linux-user-add-binfmt-wrapper-for-a.patch 0010-PPC-KVM-Disable-mmu-notifier-check.patch -> 0007-PPC-KVM-Disable-mmu-notifier-check.patch 0011-linux-user-fix-segfault-deadlock.patch -> 0008-linux-user-fix-segfault-deadlock.patch 0012-linux-user-binfmt-support-host-bina.patch -> 0009-linux-user-binfmt-support-host-bina.patch 0013-linux-user-Fake-proc-cpuinfo.patch -> 0010-linux-user-Fake-proc-cpuinfo.patch 0014-linux-user-XXX-disable-fiemap.patch -> 0011-linux-user-XXX-disable-fiemap.patch 0017-linux-user-use-target_ulong.patch -> 0012-linux-user-use-target_ulong.patch 0021-console-add-question-mark-escape-op.patch -> 0013-console-add-question-mark-escape-op.patch 0022-Make-char-muxer-more-robust-wrt-sma.patch -> 0014-Make-char-muxer-more-robust-wrt-sma.patch 0023-linux-user-lseek-explicitly-cast-no.patch -> 0015-linux-user-lseek-explicitly-cast-no.patch 0025-AIO-Reduce-number-of-threads-for-32.patch -> 0016-AIO-Reduce-number-of-threads-for-32.patch 0027-xen_disk-Add-suse-specific-flush-di.patch -> 0017-xen_disk-Add-suse-specific-flush-di.patch 0028-qemu-bridge-helper-reduce-security-.patch -> 0018-qemu-bridge-helper-reduce-security-.patch 0029-qemu-binfmt-conf-use-qemu-ARCH-binf.patch -> 0019-qemu-binfmt-conf-use-qemu-ARCH-binf.patch 0030-configure-Fix-detection-of-seccomp-.patch -> 0020-configure-Fix-detection-of-seccomp-.patch 0031-linux-user-properly-test-for-infini.patch -> 0020-linux-user-properly-test-for-infini.patch 0033-roms-Makefile-pass-a-packaging-time.patch -> 0022-roms-Makefile-pass-a-packaging-time.patch 0034-Raise-soft-address-space-limit-to-h.patch -> 0023-Raise-soft-address-space-limit-to-h.patch 0035-increase-x86_64-physical-bits-to-42.patch -> 0024-increase-x86_64-physical-bits-to-42.patch 0036-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch -> 0025-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch 0037-i8254-Fix-migration-from-SLE11-SP2.patch -> 0026-i8254-Fix-migration-from-SLE11-SP2.patch 0038-acpi_piix4-Fix-migration-from-SLE11.patch -> 0027-acpi_piix4-Fix-migration-from-SLE11.patch 0039-Fix-tigervnc-long-press-issue.patch -> 0028-Fix-tigervnc-long-press-issue.patch 0041-string-input-visitor-Fix-uint64-par.patch -> 0029-string-input-visitor-Fix-uint64-par.patch 0042-test-string-input-visitor-Add-int-t.patch -> 0030-test-string-input-visitor-Add-int-t.patch 0043-test-string-input-visitor-Add-uint6.patch -> 0031-test-string-input-visitor-Add-uint6.patch 0044-tests-Add-QOM-property-unit-tests.patch -> 0032-tests-Add-QOM-property-unit-tests.patch 0045-tests-Add-scsi-disk-test.patch -> 0033-tests-Add-scsi-disk-test.patch * Patches dropped (upstream unless otherwise noted): 0003-qemu-cvs-alsa_bitfield.patch (deemed not needed) 0004-qemu-cvs-alsa_ioctl.patch (deemed not needed) 0005-qemu-cvs-alsa_mmap.patch (deemed not needed) 0015-slirp-nooutgoing.patch (bsc#1055125) 0016-vnc-password-file-and-incoming-conn.patch (bsc#1055127) 0018-block-Add-support-for-DictZip-enabl.patch (bsc#1046783) 0019-block-Add-tar-container-format.patch (bsc#1046783) 0020-Legacy-Patch-kvm-qemu-preXX-dictzip.patch (bsc#1046783) 0024-configure-Enable-PIE-for-ppc-and-pp.patch (obsolete) 0026-dictzip-Fix-on-big-endian-systems.patch (bsc#1046783) 0032-linux-user-remove-all-traces-of-qem.patch 0040-fix-xen-hvm-direct-kernel-boot.patch (bsc#970791) 0046-RFC-update-Linux-headers-from-irqs-.patch 0047-ARM-KVM-Enable-in-kernel-timers-wit.patch 0048-input-Add-trace-event-for-empty-key.patch 0049-ACPI-don-t-call-acpi_pcihp_device_p.patch 0050-i386-Allow-cpuid-bit-override.patch (was for testing only) 0051-input-limit-kbd-queue-depth.patch 0052-audio-release-capture-buffers.patch 0053-scsi-avoid-an-off-by-one-error-in-m.patch 0054-vmw_pvscsi-check-message-ring-page-.patch 0055-9pfs-local-forbid-client-access-to-.patch 0056-jazz_led-fix-bad-snprintf.patch 0057-slirp-smb-Replace-constant-strings-.patch 0058-altera_timer-fix-incorrect-memset.patch 0059-Hacks-for-building-on-gcc-7-Fedora-.patch 0060-9pfs-local-fix-unlink-of-alien-file.patch 0061-megasas-do-not-read-DCMD-opcode-mor.patch 0062-megasas-always-store-SCSIRequest-in.patch 0063-nbd-Fully-initialize-client-in-case.patch 0064-9pfs-local-remove-use-correct-path-.patch 0065-hid-Reset-kbd-modifiers-on-reset.patch 0066-input-Decrement-queue-count-on-kbd-.patch 0067-xhci-only-update-dequeue-ptr-on-com.patch 0068-vnc-Set-default-kbd-delay-to-10ms.patch 0069-qemu-nbd-Ignore-SIGPIPE.patch 0070-usb-redir-fix-stack-overflow-in-usb.patch 0072-slirp-check-len-against-dhcp-option.patch 0071-exec-use-qemu_ram_ptr_length-to-acc.patch 0073-xen-mapcache-store-dma-information-.patch 0074-exec-Add-lock-parameter-to-qemu_ram.patch 0075-Replace-struct-ucontext-with-uconte.patch ipxe-build-Avoid-implicit-fallthrough-warnings-on-GCC-7.patch ipxe-iscsi-Always-send-FirstBurstLength-parameter.patch ipxe-ath-Add-missing-break-statements.patch ipxe-mucurses-Fix-erroneous-__nonnull-attribute.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.10- Fix package build failure as of glibc v2.26 update in Factory (boo#1055587) 0075-Replace-struct-ucontext-with-uconte.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Remove redundant prerequire for pwdutils- Postrequire acl for setfacl- Prerequire shadow for groupadd- The recent security fix for CVE-2017-11334 adversely affects Xen. Include two additional patches to make sure Xen is going to be OK. 0073-xen-mapcache-store-dma-information-.patch 0074-exec-Add-lock-parameter-to-qemu_ram.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Pre-add group kvm for qemu-tools (bsc#1011144)- Fixed a few more inaccuracies in the support docs.- Address various security/stability issues * Fix DOS vulnerability in qemu-nbd (bsc#1046636 CVE-2017-10664) 0069-qemu-nbd-Ignore-SIGPIPE.patch * Fix DOS from stack overflow in debug messages of usb redirection support (bsc#1047674 CVE-2017-10806) 0070-usb-redir-fix-stack-overflow-in-usb.patch * Fix OOB access during DMA operation (CVE-2017-11334 bsc#1048902) 0071-exec-use-qemu_ram_ptr_length-to-acc.patch * Fix OOB access parsing dhcp slirp options (CVE-2017-11434 bsc#1049381) 0072-slirp-check-len-against-dhcp-option.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Fix support docs to indicate ARM64 is now fully L3 supported in SLES 12 SP3. Apply a few additional clarifications in the support docs. (bsc#1050268) - Adjust to libvdeplug-devel package naming changes.- Fix migration with xhci (bsc#1048296) 0067-xhci-only-update-dequeue-ptr-on-com.patch - Increase VNC delay to fix missing keyboard input events (bsc#1031692) 0068-vnc-Set-default-kbd-delay-to-10ms.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Remove build dependency package iasl used for seabios- Fixed stuck state during usb keyboard reset (bsc#1044936) 0065-hid-Reset-kbd-modifiers-on-reset.patch - Fixed keyboard events getting lost (bsc#1044936) 0066-input-Decrement-queue-count-on-kbd-.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Use most recent compiler to build size-critical firmware, instead of hard-coding gcc6 for all target versions (bsc#1043390) * A few upstream ipxe patches were needed for gcc7 compatibility: ipxe-ath-Add-missing-break-statements.patch ipxe-mucurses-Fix-erroneous-__nonnull-attribute.patch - Add --no-renames to the git format-patch command in the git workflow script for better patch compatibility - Address various security/stability issues * Fix potential privilege escalation in virtfs (CVE-2016-9602 bsc#1020427) 0060-9pfs-local-fix-unlink-of-alien-file.patch * Fix DOS in megasas device emulation (CVE-2017-9503 bsc#1043296) 0061-megasas-do-not-read-DCMD-opcode-mor.patch 0062-megasas-always-store-SCSIRequest-in.patch * Fix DOS in qemu-nbd server (CVE-2017-9524 bsc#1043808) 0063-nbd-Fully-initialize-client-in-case.patch * Fix regression introduced by recent virtfs security fixes (bsc#1045035) 0064-9pfs-local-remove-use-correct-path-.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Backport ipxe to support FirstBurstLength (bsc#1040476) ipxe-iscsi-Always-send-FirstBurstLength-parameter.patch- Fixes for gcc7 compatability (bsc#1040228) (in behalf of Liang Yan) 0056-jazz_led-fix-bad-snprintf.patch 0057-slirp-smb-Replace-constant-strings-.patch 0058-altera_timer-fix-incorrect-memset.patch 0059-Hacks-for-building-on-gcc-7-Fedora-.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Protect access to metadata in virtio-9pfs (CVE-2017-7493 bsc#1039495) 0055-9pfs-local-forbid-client-access-to-.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Address various security/stability issues * Fix DOS potential in vnc interface (CVE-2017-8379 bsc#1037334) 0051-input-limit-kbd-queue-depth.patch * Fix DOS potential in vnc interface (CVE-2017-8309 bsc#1037242) 0052-audio-release-capture-buffers.patch * Fix OOB access in megasas device emulation (CVE-2017-8380 bsc#1037336) 0053-scsi-avoid-an-off-by-one-error-in-m.patch * Fix DOS in Vmware pv scsi emulation (CVE-2017-8112 bsc#1036211) 0054-vmw_pvscsi-check-message-ring-page-.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Fix building packages for some older distros. - Further refine our handling of building firmware (or not) for the various arch's and distro versions we build for. Note that if we don't build x86 firmware, (eg: x86 Leap 42.1) the upstream binary blobs are used, which may have migration incompatibilities with previous versions of qemu provided.- Fix issue in shipping qemu v2.9.0, where pci-passthrough for Xen HVM guests got broken (bsc#1034131) 0049-ACPI-don-t-call-acpi_pcihp_device_p.patch - Include experimental, unsupported feature to assist in some performance analysis work. 0050-i386-Allow-cpuid-bit-override.patch- Updated to v2.9.0: See http://wiki.qemu-project.org/ChangeLog/2.9 - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Updated to v2.9.0-rc5: See http://wiki.qemu-project.org/ChangeLog/2.9 * Includes fix for CVE-2017-7471, a virtfs security issue. - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Add empty keyboard queue tracepoint to help openQA testing work better (bsc#1031692) 0048-input-Add-trace-event-for-empty-key.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Updated to v2.9.0-rc4: See http://wiki.qemu-project.org/ChangeLog/2.9 - Enable ceph/rbd support for s390x (bsc#1030068) - Enable ceph/rbd support for ppc* as available - Update ARM in-kernel-timers patch (bsc#1033416) * Patches renamed: 0041-ARM-KVM-Enable-in-kernel-timers-wit.patch -> 0047-ARM-KVM-Enable-in-kernel-timers-wit.patch 0042-string-input-visitor-Fix-uint64-par.patch -> 0041-string-input-visitor-Fix-uint64-par.patch 0043-test-string-input-visitor-Add-int-t.patch -> 0042-test-string-input-visitor-Add-int-t.patch 0044-test-string-input-visitor-Add-uint6.patch -> 0043-test-string-input-visitor-Add-uint6.patch 0045-tests-Add-QOM-property-unit-tests.patch -> 0044-tests-Add-QOM-property-unit-tests.patch 0046-tests-Add-scsi-disk-test.patch -> 0045-tests-Add-scsi-disk-test.patch * Patches added (support patch): 0046-RFC-update-Linux-headers-from-irqs-.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Updated to v2.9.0-rc3: See http://wiki.qemu-project.org/ChangeLog/2.9 * Patches dropped (included in upstream source archive): 0047-hw-intc-arm_gicv3_kvm-Check-KVM_DEV.patch 0048-i386-Replace-uint32_t-with-FeatureW.patch 0049-i386-Don-t-override-cpu-options-on-.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9 - Added additional documentation provided with v2.9.0 - Fix build failure with gcc7 (bsc#1031340) ipxe-build-Avoid-implicit-fallthrough-warnings-on-GCC-7.patch - Made miscellaneous spec file refinements- The support documents included are now fairly accurate for the arm and s390 world, and the x86 version also received a few tweaks. Also included in those docs is a url reference to upstream qemu deprecation plans and discussions. (fate#321146) - Add post v2.9.0-rc2 upstream patches which fix -cpu host and -cpu max feature overrides for libvirt compatability. 0048-i386-Replace-uint32_t-with-FeatureW.patch 0049-i386-Don-t-override-cpu-options-on-.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Updated to v2.9.0-rc2: See http://wiki.qemu-project.org/ChangeLog/2.9 * Includes fix for in guest privilege escalation when using TCG (bsc#1030624) * Patches dropped (equivalent included in upstream source archive): 0047-linux-user-exclude-cpu-model-code-w.patch - Fix failure booting SLE12-SP2 Aarch64 guest (bsc#1031384) 0047-hw-intc-arm_gicv3_kvm-Check-KVM_DEV.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Updated to v2.9.0-rc1: See http://wiki.qemu-project.org/ChangeLog/2.9 * Patches dropped (no longer needed based on what we now build for): 0024-virtfs-proxy-helper-Provide-__u64-f.patch * Patches dropped (included in upstream source archive): 0034-dma-rc4030-limit-interval-timer-rel.patch * Patches renamed: 0025-configure-Enable-PIE-for-ppc-and-pp.patch -> 0024-configure-Enable-PIE-for-ppc-and-pp.patch 0026-AIO-Reduce-number-of-threads-for-32.patch -> 0025-AIO-Reduce-number-of-threads-for-32.patch 0027-dictzip-Fix-on-big-endian-systems.patch -> 0026-dictzip-Fix-on-big-endian-systems.patch 0028-xen_disk-Add-suse-specific-flush-di.patch -> 0027-xen_disk-Add-suse-specific-flush-di.patch 0029-qemu-bridge-helper-reduce-security-.patch -> 0028-qemu-bridge-helper-reduce-security-.patch 0030-qemu-binfmt-conf-use-qemu-ARCH-binf.patch -> 0029-qemu-binfmt-conf-use-qemu-ARCH-binf.patch 0031-configure-Fix-detection-of-seccomp-.patch -> 0030-configure-Fix-detection-of-seccomp-.patch 0032-linux-user-properly-test-for-infini.patch -> 0031-linux-user-properly-test-for-infini.patch 0033-linux-user-remove-all-traces-of-qem.patch -> 0032-linux-user-remove-all-traces-of-qem.patch 0035-roms-Makefile-pass-a-packaging-time.patch -> 0033-roms-Makefile-pass-a-packaging-time.patch 0036-Raise-soft-address-space-limit-to-h.patch -> 0034-Raise-soft-address-space-limit-to-h.patch 0037-increase-x86_64-physical-bits-to-42.patch -> 0035-increase-x86_64-physical-bits-to-42.patch 0038-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch -> 0036-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch 0039-i8254-Fix-migration-from-SLE11-SP2.patch -> 0037-i8254-Fix-migration-from-SLE11-SP2.patch 0040-acpi_piix4-Fix-migration-from-SLE11.patch -> 0038-acpi_piix4-Fix-migration-from-SLE11.patch 0041-Fix-tigervnc-long-press-issue.patch -> 0039-Fix-tigervnc-long-press-issue.patch 0042-fix-xen-hvm-direct-kernel-boot.patch -> 0040-fix-xen-hvm-direct-kernel-boot.patch 0043-ARM-KVM-Enable-in-kernel-timers-wit.patch -> 0041-ARM-KVM-Enable-in-kernel-timers-wit.patch 0044-string-input-visitor-Fix-uint64-par.patch -> 0042-string-input-visitor-Fix-uint64-par.patch 0045-test-string-input-visitor-Add-int-t.patch -> 0043-test-string-input-visitor-Add-int-t.patch 0046-test-string-input-visitor-Add-uint6.patch -> 0044-test-string-input-visitor-Add-uint6.patch 0047-tests-Add-QOM-property-unit-tests.patch -> 0045-tests-Add-QOM-property-unit-tests.patch 0048-tests-Add-scsi-disk-test.patch -> 0046-tests-Add-scsi-disk-test.patch 0049-linux-user-exclude-cpu-model-code-w.patch -> 0047-linux-user-exclude-cpu-model-code-w.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Updated to v2.9.0-rc0: See http://wiki.qemu-project.org/ChangeLog/2.9 * Updated version carries fixes for the following reported issues: CVE-2016-9602 bsc#1020427, CVE-2016-9923 bsc#1014703, CVE-2017-2630 bsc#1025396, CVE-2017-2633 bsc#1026612, CVE-2017-5579 bsc#1021741, CVE-2017-5931 bsc#1024114, CVE-2017-5973 bsc#1025109, CVE-2017-5987 bsc#1025311, CVE-2017-6058 bsc#1025837, CVE-2017-6505 bsc#1028184 * Patches dropped: seabios_128kb.patch (no longer required) * Patches dropped (included in upstream source archive): 0035-net-imx-limit-buffer-descriptor-cou.patch 0045-virtio-gpu-call-cleanup-mapping-fun.patch 0051-virtio-gpu-fix-information-leak-in-.patch 0052-display-cirrus-ignore-source-pitch-.patch 0053-s390x-kvm-fix-small-race-reboot-vs..patch 0054-target-s390x-use-qemu-cpu-model-in-.patch 0056-tests-check-path-to-avoid-a-failing.patch 0057-display-virtio-gpu-3d-check-virgl-c.patch 0058-watchdog-6300esb-add-exit-function.patch 0059-virtio-gpu-3d-fix-memory-leak-in-re.patch 0060-virtio-gpu-fix-memory-leak-in-resou.patch 0061-virtio-fix-vq-inuse-recalc-after-mi.patch 0062-audio-es1370-add-exit-function.patch 0063-audio-ac97-add-exit-function.patch 0064-megasas-fix-guest-triggered-memory-.patch 0065-cirrus-handle-negative-pitch-in-cir.patch 0066-cirrus-fix-blit-address-mask-handli.patch 0067-cirrus-fix-oob-access-issue-CVE-201.patch 0068-usb-ccid-check-ccid-apdu-length.patch 0069-sd-sdhci-check-data-length-during-d.patch 0070-virtio-gpu-fix-resource-leak-in-vir.patch 0071-cirrus-fix-patterncopy-checks.patch 0072-cirrus-add-blit_is_unsafe-call-to-c.patch * Patches renamed: 0036-roms-Makefile-pass-a-packaging-time.patch -> 0035-roms-Makefile-pass-a-packaging-time.patch 0037-Raise-soft-address-space-limit-to-h.patch -> 0036-Raise-soft-address-space-limit-to-h.patch 0038-increase-x86_64-physical-bits-to-42.patch -> 0037-increase-x86_64-physical-bits-to-42.patch 0039-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch -> 0038-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch 0040-i8254-Fix-migration-from-SLE11-SP2.patch -> 0039-i8254-Fix-migration-from-SLE11-SP2.patch 0041-acpi_piix4-Fix-migration-from-SLE11.patch -> 0040-acpi_piix4-Fix-migration-from-SLE11.patch 0042-Fix-tigervnc-long-press-issue.patch -> 0041-Fix-tigervnc-long-press-issue.patch 0043-fix-xen-hvm-direct-kernel-boot.patch -> 0042-fix-xen-hvm-direct-kernel-boot.patch 0044-ARM-KVM-Enable-in-kernel-timers-wit.patch -> 0043-ARM-KVM-Enable-in-kernel-timers-wit.patch 0046-string-input-visitor-Fix-uint64-par.patch -> 0044-string-input-visitor-Fix-uint64-par.patch 0047-test-string-input-visitor-Add-int-t.patch -> 0045-test-string-input-visitor-Add-int-t.patch 0048-test-string-input-visitor-Add-uint6.patch -> 0046-test-string-input-visitor-Add-uint6.patch 0049-tests-Add-QOM-property-unit-tests.patch -> 0047-tests-Add-QOM-property-unit-tests.patch 0050-tests-Add-scsi-disk-test.patch -> 0048-tests-Add-scsi-disk-test.patch 0055-linux-user-exclude-cpu-model-code-w.patch -> 0049-linux-user-exclude-cpu-model-code-w.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Buildignore for the global gcc-PIE, as this package enables PIE on its own and has troubles if all use it. (meissner@suse.com)- Address various security/stability issues * Fix OOB access in virito-gpu-3d (CVE-2016-10028 bsc#1017084 bsc#1016503) 0057-display-virtio-gpu-3d-check-virgl-c.patch * Fix DOS in Intel 6300ESB device emulation (CVE-2016-10155 bsc#1021129) 0058-watchdog-6300esb-add-exit-function.patch * Fix DOS in virtio-gpu-3d (CVE-2017-5552 bsc#1021195) 0059-virtio-gpu-3d-fix-memory-leak-in-re.patch * Fix DOS in virtio-gpu (CVE-2017-5578 bsc#1021481) 0060-virtio-gpu-fix-memory-leak-in-resou.patch * Fix cause of infrequent migration failures from bad virtio device state. (bsc#1020928) 0061-virtio-fix-vq-inuse-recalc-after-mi.patch * Fix DOS in es1370 emulated audio device (CVE-2017-5526 bsc#1020589) 0062-audio-es1370-add-exit-function.patch * Fix DOS in ac97 emulated audio device (CVE-2017-5525 bsc#1020491) 0063-audio-ac97-add-exit-function.patch * Fix DOS in megasas device emulation (CVE-2017-5856 bsc#1023053) 0064-megasas-fix-guest-triggered-memory-.patch * Fix various inaccuracies in cirrus vga device emulation 0065-cirrus-handle-negative-pitch-in-cir.patch 0066-cirrus-fix-blit-address-mask-handli.patch * Fix OOB access in cirrus vga emulation (CVE-2017-2615 bsc#1023004) 0067-cirrus-fix-oob-access-issue-CVE-201.patch * Fix DOS in usb CCID card device emulator (CVE-2017-5898 bsc#1023907) 0068-usb-ccid-check-ccid-apdu-length.patch * Fix OOB access in SDHCI device emulation (CVE-2017-5667 bsc#1022541) 0069-sd-sdhci-check-data-length-during-d.patch * Fix DOS in virtio-gpu-3d (CVE-2017-5857 bsc#1023073) 0070-virtio-gpu-fix-resource-leak-in-vir.patch * Fix cirrus patterncopy checks 0071-cirrus-fix-patterncopy-checks.patch * Fix OOB access in cirrus vga emulation (CVE-2017-2620 bsc#1024972) 0072-cirrus-add-blit_is_unsafe-call-to-c.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8- Fix name of s390x specific sysctl configuration file to end with .conf (bsc#1026583)- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8 * Check that sysfs path exists before running test which requires it. This allows qemu-testsuite to succeed in local build service chroot based package build. 0056-tests-check-path-to-avoid-a-failing.patch- Factory and SLE12-SP3 got a name change in the dtc devel package: libfdt1-devel -> libfdt-devel. Adjust our spec file accordingly.- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8 * Patches added: 0055-linux-user-exclude-cpu-model-code-w.patch- Make sure qemu guest agent is usable as soon as qemu-guest-agent package is installed. The previous post script was still not doing the job. - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8 * Fix potential hang/crash rebooting s390x guest 0053-s390x-kvm-fix-small-race-reboot-vs..patch * Fix s390x linux-user failure since v2.8.0 update 0054-target-s390x-use-qemu-cpu-model-in-.patch- Merge qemu packages from openSUSE and SUSE SLE releases together for the v2.8 qemu update. The qemu.changes file is the openSUSE version with this entry providing CVE, FATE, and bugzilla references from the SUSE SLE qemu package to date (see below) - Updated to v2.8.0: See http://wiki.qemu-project.org/ChangeLog/2.8 * For SUSE SLE-12-SP3, update relates to fate#319684, fate#321331, fate#321335, fate#321339, fate#321349, fate#321857 * For best compatibility, qemu-ifup and kvm_stat scripts now owned by qemu package * Build ipxe roms with gcc6 to maintain SLE legacy migration compatibility requirements * qmp-commands.txt file removed, to resurface in future doc reorganization * qemu-tech.html file merged into other existing doc * trace-events renamed to trace-events-all - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8 * Patches dropped (upstream): 0013-linux-user-lock-tcg.patch 0014-linux-user-Run-multi-threaded-code-.patch 0015-linux-user-lock-tb-flushing-too.patch 0017-linux-user-implement-FS_IOC_GETFLAG.patch 0018-linux-user-implement-FS_IOC_SETFLAG.patch 0034-xen-SUSE-xenlinux-unplug-for-emulat.patch 0039-Fix-tlb_vaddr_to_host-with-CONFIG_U.patch 0041-vmsvga-correct-bitmap-and-pixmap-si.patch 0042-scsi-mptconfig-fix-an-assert-expres.patch 0043-scsi-mptconfig-fix-misuse-of-MPTSAS.patch 0044-scsi-pvscsi-limit-loop-to-fetch-SG-.patch 0045-usb-xhci-fix-memory-leak-in-usb_xhc.patch 0046-scsi-mptsas-use-g_new0-to-allocate-.patch 0047-scsi-pvscsi-limit-process-IO-loop-t.patch 0048-virtio-add-check-for-descriptor-s-m.patch 0049-net-mcf-limit-buffer-descriptor-cou.patch 0050-usb-ehci-fix-memory-leak-in-ehci_pr.patch 0051-xhci-limit-the-number-of-link-trbs-.patch 0052-9pfs-allocate-space-for-guest-origi.patch 0053-9pfs-fix-memory-leak-in-v9fs_link.patch 0054-9pfs-fix-potential-host-memory-leak.patch 0055-9pfs-fix-information-leak-in-xattr-.patch 0056-9pfs-fix-memory-leak-in-v9fs_xattrc.patch 0057-9pfs-fix-memory-leak-in-v9fs_write.patch 0058-char-serial-check-divider-value-aga.patch 0059-net-pcnet-check-rx-tx-descriptor-ri.patch 0060-net-eepro100-fix-memory-leak-in-dev.patch 0061-net-rocker-set-limit-to-DMA-buffer-.patch 0062-net-vmxnet-initialise-local-tx-desc.patch 0063-net-rtl8139-limit-processing-of-rin.patch 0064-audio-intel-hda-check-stream-entry-.patch 0065-virtio-gpu-fix-memory-leak-in-virti.patch 0066-9pfs-fix-integer-overflow-issue-in-.patch slof_xhci.patch * Patches renamed: 0016-linux-user-Fake-proc-cpuinfo.patch -> 0013-linux-user-Fake-proc-cpuinfo.patch 0019-linux-user-XXX-disable-fiemap.patch -> 0014-linux-user-XXX-disable-fiemap.patch 0020-slirp-nooutgoing.patch -> 0015-slirp-nooutgoing.patch 0021-vnc-password-file-and-incoming-conn.patch -> 0016-vnc-password-file-and-incoming-conn.patch 0022-linux-user-use-target_ulong.patch -> 0017-linux-user-use-target_ulong.patch 0023-block-Add-support-for-DictZip-enabl.patch -> 0018-block-Add-support-for-DictZip-enabl.patch 0024-block-Add-tar-container-format.patch -> 0019-block-Add-tar-container-format.patch 0025-Legacy-Patch-kvm-qemu-preXX-dictzip.patch -> 0020-Legacy-Patch-kvm-qemu-preXX-dictzip.patch 0026-console-add-question-mark-escape-op.patch -> 0021-console-add-question-mark-escape-op.patch 0027-Make-char-muxer-more-robust-wrt-sma.patch -> 0022-Make-char-muxer-more-robust-wrt-sma.patch 0028-linux-user-lseek-explicitly-cast-no.patch -> 0023-linux-user-lseek-explicitly-cast-no.patch 0029-virtfs-proxy-helper-Provide-__u64-f.patch -> 0024-virtfs-proxy-helper-Provide-__u64-f.patch 0030-configure-Enable-PIE-for-ppc-and-pp.patch -> 0025-configure-Enable-PIE-for-ppc-and-pp.patch 0031-AIO-Reduce-number-of-threads-for-32.patch -> 0026-AIO-Reduce-number-of-threads-for-32.patch 0032-dictzip-Fix-on-big-endian-systems.patch -> 0027-dictzip-Fix-on-big-endian-systems.patch 0033-xen_disk-Add-suse-specific-flush-di.patch -> 0028-xen_disk-Add-suse-specific-flush-di.patch 0035-qemu-bridge-helper-reduce-security-.patch -> 0029-qemu-bridge-helper-reduce-security-.patch 0036-qemu-binfmt-conf-use-qemu-ARCH-binf.patch -> 0030-qemu-binfmt-conf-use-qemu-ARCH-binf.patch 0037-configure-Fix-detection-of-seccomp-.patch -> 0031-configure-Fix-detection-of-seccomp-.patch 0038-linux-user-properly-test-for-infini.patch -> 0032-linux-user-properly-test-for-infini.patch 0040-linux-user-remove-all-traces-of-qem.patch -> 0033-linux-user-remove-all-traces-of-qem.patch 0067-dma-rc4030-limit-interval-timer-rel.patch -> 0034-dma-rc4030-limit-interval-timer-rel.patch 0068-net-imx-limit-buffer-descriptor-cou.patch -> 0035-net-imx-limit-buffer-descriptor-cou.patch 0069-roms-Makefile-pass-a-packaging-time.patch -> 0036-roms-Makefile-pass-a-packaging-time.patch * Patches added: 0037-Raise-soft-address-space-limit-to-h.patch 0038-increase-x86_64-physical-bits-to-42.patch 0039-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch 0040-i8254-Fix-migration-from-SLE11-SP2.patch 0041-acpi_piix4-Fix-migration-from-SLE11.patch 0042-Fix-tigervnc-long-press-issue.patch 0043-fix-xen-hvm-direct-kernel-boot.patch 0044-ARM-KVM-Enable-in-kernel-timers-wit.patch 0045-virtio-gpu-call-cleanup-mapping-fun.patch 0046-string-input-visitor-Fix-uint64-par.patch 0047-test-string-input-visitor-Add-int-t.patch 0048-test-string-input-visitor-Add-uint6.patch 0049-tests-Add-QOM-property-unit-tests.patch 0050-tests-Add-scsi-disk-test.patch 0051-virtio-gpu-fix-information-leak-in-.patch 0052-display-cirrus-ignore-source-pitch-.patch ipxe-use-gcc6-for-more-compact-code.patch * SLE patches dropped (accounted for in above listed changes): 0002-qemu-0.9.0.cvs-binfmt.patch 0009-block-vmdk-Support-creation-of-SCSI.patch 0010-linux-user-add-binfmt-wrapper-for-a.patch 0011-PPC-KVM-Disable-mmu-notifier-check.patch 0012-linux-user-fix-segfault-deadlock.patch 0013-linux-user-binfmt-support-host-bina.patch 0014-linux-user-Ignore-broken-loop-ioctl.patch 0015-linux-user-lock-tcg.patch 0016-linux-user-Run-multi-threaded-code-.patch 0017-linux-user-lock-tb-flushing-too.patch 0018-linux-user-Fake-proc-cpuinfo.patch 0019-linux-user-implement-FS_IOC_GETFLAG.patch 0020-linux-user-implement-FS_IOC_SETFLAG.patch 0021-linux-user-XXX-disable-fiemap.patch 0022-slirp-nooutgoing.patch 0023-vnc-password-file-and-incoming-conn.patch 0024-linux-user-add-more-blk-ioctls.patch 0025-linux-user-use-target_ulong.patch 0026-block-Add-support-for-DictZip-enabl.patch 0027-block-Add-tar-container-format.patch 0028-Legacy-Patch-kvm-qemu-preXX-dictzip.patch 0029-console-add-question-mark-escape-op.patch 0030-Make-char-muxer-more-robust-wrt-sma.patch 0031-linux-user-lseek-explicitly-cast-no.patch 0032-virtfs-proxy-helper-Provide-_u64-f.patch 0033-configure-Enable-PIE-for-ppc-and-pp.patch 0034-Raise-soft-address-space-limit-to-h.patch 0035-increase-x86_64-physical-bits-to-42.patch 0036-vnc-provide-fake-color-map.patch 0037-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch 0038-i8254-Fix-migration-from-SLE11-SP2.patch 0039-acpi_piix4-Fix-migration-from-SLE11.patch 0040-qtest-Increase-socket-timeout-to-ac.patch 0041-dictzip-Fix-on-big-endian-systems.patch 0043-xen_disk-Add-suse-specific-flush-di.patch 0044-Split-large-discard-requests-from-b.patch 0045-fix-xen-hvm-direct-kernel-boot.patch 0046-xen-introduce-dummy-system-device.patch 0047-xen-write-information-about-support.patch 0048-xen-add-pvUSB-backend.patch 0049-xen-move-xen_sysdev-to-xen_backend..patch 0050-vnc-add-configurable-keyboard-delay.patch 0051-xen-SUSE-xenlinux-unplug-for-emulat.patch 0052-configure-add-echo_version-helper.patch 0053-configure-support-vte-2.91.patch 0054-scsi-esp-fix-migration.patch 0055-hw-arm-virt-mark-the-PCIe-host-cont.patch 0056-xen-when-removing-a-backend-don-t-r.patch 0057-xen-drain-submit-queue-in-xen-usb-b.patch 0058-qcow2-avoid-extra-flushes-in-qcow2.patch 0059-qemu-bridge-helper-reduce-security-.patch 0060-xen-use-a-common-function-for-pv-an.patch 0061-xen_platform-unplug-also-SCSI-disks.patch 0062-virtio-check-vring-descriptor-buffe.patch 0063-net-vmxnet3-check-for-device_active.patch 0064-net-vmxnet-initialise-local-tx-desc.patch 0065-scsi-pvscsi-avoid-infinite-loop-whi.patch 0066-ARM-KVM-Enable-in-kernel-timers-wit.patch 0067-hw-net-Fix-a-heap-overflow-in-xlnx..patch 0068-vmsvga-correct-bitmap-and-pixmap-si.patch 0069-usb-xhci-fix-memory-leak-in-usb_xhc.patch 0070-virtio-add-check-for-descriptor-s-m.patch 0071-net-mcf-limit-buffer-descriptor-cou.patch 0072-usb-ehci-fix-memory-leak-in-ehci_pr.patch 0073-xhci-limit-the-number-of-link-trbs-.patch 0074-9pfs-allocate-space-for-guest-origi.patch 0075-9pfs-fix-memory-leak-in-v9fs_link.patch 0076-9pfs-fix-potential-host-memory-leak.patch 0077-9pfs-fix-memory-leak-in-v9fs_write.patch 0078-char-serial-check-divider-value-aga.patch 0079-net-pcnet-check-rx-tx-descriptor-ri.patch 0080-net-eepro100-fix-memory-leak-in-dev.patch 0081-net-rocker-set-limit-to-DMA-buffer-.patch 0082-net-rtl8139-limit-processing-of-rin.patch 0083-audio-intel-hda-check-stream-entry-.patch 0084-virtio-gpu-fix-memory-leak-in-virti.patch 0085-9pfs-fix-integer-overflow-issue-in-.patch 0086-dma-rc4030-limit-interval-timer-rel.patch 0087-net-imx-limit-buffer-descriptor-cou.patch 0088-target-i386-Implement-CPUID-0xB-Ext.patch 0089-target-i386-present-virtual-L3-cach.patch 0090-migration-fix-inability-to-save-VM-.patch 0091-ui-gtk-Fix-a-runtime-warning-on-vte.patch 0092-gtk-don-t-leak-the-GtkBorder-with-V.patch 0093-xen-fix-ioreq-handling.patch 0094-macio-Use-blk_drain-instead-of-blk_.patch 0095-rbd-Switch-rbd_start_aio-to-byte-ba.patch 0096-virtio-blk-Release-s-rq-queue-at-sy.patch 0097-virtio-blk-Remove-stale-comment-abo.patch 0098-block-reintroduce-bdrv_flush_all.patch 0099-qemu-use-bdrv_flush_all-for-vm_stop.patch 0100-block-backend-remove-blkflush_all.patch 0101-char-fix-missing-return-in-error-pa.patch 0102-rbd-shift-byte-count-as-a-64-bit-va.patch 0103-mirror-use-bdrv_drained_begin-bdrv_.patch 0104-block-curl-Use-BDRV_SECTOR_SIZE.patch 0105-block-curl-Fix-return-value-from-cu.patch 0106-block-curl-Remember-all-sockets.patch 0107-block-curl-Do-not-wait-for-data-bey.patch 0108-virtio-allow-per-device-class-legac.patch 0109-virtio-net-mark-VIRTIO_NET_F_GSO-as.patch 0110-vhost-adapt-vhost_verify_ring_mappi.patch 0111-ivshmem-Fix-64-bit-memory-bar-confi.patch 0112-intel_iommu-fix-incorrect-device-in.patch 0113-9pfs-fix-information-leak-in-xattr-.patch 0114-9pfs-fix-memory-leak-in-v9fs_xattrc.patch 0115-net-mcf-check-receive-buffer-size-r.patch 0116-virtio-gpu-fix-memory-leak-in-updat.patch 0117-virtio-gpu-fix-information-leak-in-.patch 0118-9pfs-adjust-the-order-of-resource-c.patch 0119-9pfs-add-cleanup-operation-in-FileO.patch 0120-9pfs-add-cleanup-operation-for-hand.patch 0121-9pfs-add-cleanup-operation-for-prox.patch 0122-virtio-gpu-call-cleanup-mapping-fun.patch 0123-string-input-visitor-Fix-uint64-par.patch 0124-test-string-input-visitor-Add-int-t.patch 0125-test-string-input-visitor-Add-uint6.patch 0126-tests-Add-QOM-property-unit-tests.patch 0127-tests-Add-scsi-disk-test.patch 0128-usb-ehci-fix-memory-leak-in-ehci_in.patch 0129-usbredir-free-vm_change_state_handl.patch 0130-virtio-gpu-fix-information-leak-in-.patch ipxe-ath9k-Fix-buffer-overrun-for-ar9287.patch ipxe-ath-Fix-building-with-GCC-6.patch ipxe-efi-fix-garbage-bytes-in-device-path.patch ipxe-efi-fix-uninitialised-data-in-HII.patch ipxe-legacy-Fix-building-with-GCC-6.patch ipxe-mucurses-Fix-GCC-6-nonnull-compare-errors.patch ipxe-sis190-Fix-building-with-GCC-6.patch ipxe-skge-Fix-building-with-GCC-6.patch ipxe-util-v5.24-perl-errors-on-redeclare.patch - SLE CVE, FATE, and bugzilla references not otherwise listed in this changelog file. The intent of this list is to indicate that the fix or feature continues the line of inheritance in the development stream of this package. The list is intended to satisfy searches only - refer to the SLE-12-SP2 changelog file for additional details. * fate#314468 fate#314497 fate#315125 fate#315467 fate#317015 fate#317741 fate#317763 fate#318349 fate#319660 fate#319979 fate#321010 * bnc#812983 bnc#869026 bnc#869746 bnc#874413 bnc#875582 bnc#875870 bnc#877642 bnc#877645 bnc#878541 bsc#882405 bsc#886378 bnc#893339 bnc#893892 bnc#895369 bnc#896726 bnc#897654 bnc#905097 bnc#907805 bnc#908380 bnc#914521 bsc#924018 bsc#929339 bsc#932267 bsc#932770 bsc#933981 bsc#936537 bsc#937125 bsc#938344 bsc#940929 bsc#942845 bsc#943446 bsc#944697 bsc#945404 bsc#945987 bsc#945989 bsc#946020 bsc#947159 bnc#953518 bsc#954864 bsc#956829 bsc#957162 bsc#958491 bsc#958917 bsc#959005 bsc#959386 bsc#960334 bsc#960708 bsc#960725 bsc#960835 bsc#961333 bsc#961556 bsc#961691 bsc#962320 bsc#963782 bsc#964413 bsc#970791 bsc#974141 bsc#978158 bsc#979473 bsc#982365 bsc#989655 bsc#991466 bsc#994771 bsc#994774 bsc#996441 bsc#997858 bsc#999212 bsc#1001151 bsc#1002116 bsc#1005353 boo#1007263 bsc#1007769 bsc#1008519 bsc#1009109 bsc#1013285 bsc#1013341 bsc#1013764 bsc#1013767 bsc#1014109 bsc#1014110 bsc#1014111 bsc#1014112 bsc#1014256 bsc#1014514 bsc#1014702 bsc#1015169 bsc#1016779 * CVE-2014-0222 CVE-2014-0223 CVE-2014-3461 CVE-2014-3640 CVE-2014-7840 CVE-2014-8106 CVE-2015-1779 CVE-2015-3209 CVE-2015-4037 CVE-2015-5154 CVE-2015-5225 CVE-2015-5278 CVE-2015-5279 CVE-2015-5745 CVE-2015-6815 CVE-2015-6855 CVE-2015-7295 CVE-2015-7512 CVE-2015-7549 CVE-2015-8345 CVE-2015-8504 CVE-2015-8558 CVE-2015-8567 CVE-2015-8568 CVE-2015-8613 CVE-2015-8619 CVE-2015-8743 CVE-2015-8744 CVE-2015-8745 CVE-2016-1568 CVE-2016-1714 CVE-2016-1922 CVE-2016-1981 CVE-2016-2198 CVE-2016-3710 CVE-2016-6490 CVE-2016-6833 CVE-2016-6888 CVE-2016-7116 CVE-2016-7155 CVE-2016-7161 CVE-2016-9381 CVE-2016-9776 CVE-2016-9845 CVE-2016-9846 CVE-2016-9907 CVE-2016-9908 CVE-2016-9911 CVE-2016-9912 CVE-2016-9913 CVE-2016-9921 CVE-2016-9922- Despite the previous entry about re-enabling ceph on Nov 19, 2016 the change wasn't actually done. Do it now.- sgabios-stable-buildid.patch: Use geeko@buildhost- slof_xhci.patch: XHCI fixes (boo#977027)- Recommend x86 ROMs for emulated PCI cards on ppc, arm, others (bsc#1005869, michals)- Tidy SLOF patch boilerplate (michals)- Build with spice on all archs. (boo#1009438, michals)- Refine the approach to producing stable builds in our ROM based packages. All built roms which have hostname or date calls now produce consistent results build to build via patch changes, so remove the hostname and date call workarounds. (bsc#1011213) - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patches added: 0069-roms-Makefile-pass-a-packaging-time.patch sgabios-stable-buildid.patch- Re-enable ceph (rbd) functionality in OBS builds as we've been told the issues which prompted us to disable it are resolved - Address various security/stability issues * Fix OOB access in VMware SVGA emulation (CVE-2016-7170 bsc#998516) 0041-vmsvga-correct-bitmap-and-pixmap-si.patch * Fix DOS in LSI SAS1068 emulation (CVE-2016-7157 bsc#997860) 0042-scsi-mptconfig-fix-an-assert-expres.patch 0043-scsi-mptconfig-fix-misuse-of-MPTSAS.patch * Fix DOS in Vmware pv scsi interface (CVE-2016-7156 bsc#997859) 0044-scsi-pvscsi-limit-loop-to-fetch-SG-.patch * Fix DOS in USB xHCI emulation (CVE-2016-7466 bsc#1000345) 0045-usb-xhci-fix-memory-leak-in-usb_xhc.patch * Fix OOB access in LSI SAS1068 emulation (CVE-2016-7423 bsc#1000397) 0046-scsi-mptsas-use-g_new0-to-allocate-.patch * Fix DOS in Vmware pv scsi interface (CVE-2016-7421 bsc#999661) 0047-scsi-pvscsi-limit-process-IO-loop-t.patch * Fix NULL pointer dereference in virtio processing (CVE-2016-7422 bsc#1000346) 0048-virtio-add-check-for-descriptor-s-m.patch * Fix DOS in ColdFire Fast Ethernet Controller emulation (CVE-2016-7908 bsc#1002550) 0049-net-mcf-limit-buffer-descriptor-cou.patch * Fix DOS in USB EHCI emulation (CVE-2016-7995 bsc#1003612) 0050-usb-ehci-fix-memory-leak-in-ehci_pr.patch * Fix DOS in USB xHCI emulation (CVE-2016-8576 bsc#1003878) 0051-xhci-limit-the-number-of-link-trbs-.patch * Fix DOS in virtio-9pfs (CVE-2016-8578 bsc#1003894) 0052-9pfs-allocate-space-for-guest-origi.patch * Fix DOS in virtio-9pfs (CVE-2016-9105 bsc#1007494) 0053-9pfs-fix-memory-leak-in-v9fs_link.patch * Fix DOS in virtio-9pfs (CVE-2016-8577 bsc#1003893) 0054-9pfs-fix-potential-host-memory-leak.patch * Plug data leak in virtio-9pfs interface (CVE-2016-9103 bsc#1007454) 0055-9pfs-fix-information-leak-in-xattr-.patch * Fix DOS in virtio-9pfs interface (CVE-2016-9102 bsc#1007450) 0056-9pfs-fix-memory-leak-in-v9fs_xattrc.patch * Fix DOS in virtio-9pfs (CVE-2016-9106 bsc#1007495) 0057-9pfs-fix-memory-leak-in-v9fs_write.patch * Fix DOS in 16550A UART emulation (CVE-2016-8669 bsc#1004707) 0058-char-serial-check-divider-value-aga.patch * Fix DOS in PC-Net II emulation (CVE-2016-7909 bsc#1002557) 0059-net-pcnet-check-rx-tx-descriptor-ri.patch * Fix DOS in PRO100 emulation (CVE-2016-9101 bsc#1007391) 0060-net-eepro100-fix-memory-leak-in-dev.patch * Fix OOB access in Rocker switch emulation (CVE-2016-8668 bsc#1004706) 0061-net-rocker-set-limit-to-DMA-buffer-.patch * Plug data leak in vmxnet3 emulation (CVE-2016-6836 bsc#994760) 0062-net-vmxnet-initialise-local-tx-desc.patch * Fix DOS in RTL8139 emulation (CVE-2016-8910 bsc#1006538) 0063-net-rtl8139-limit-processing-of-rin.patch * Fix DOS in Intel HDA controller emulation (CVE-2016-8909 bsc#1006536) 0064-audio-intel-hda-check-stream-entry-.patch * Fix DOS in virtio-gpu (CVE-2016-7994 bsc#1003613) 0065-virtio-gpu-fix-memory-leak-in-virti.patch * Fix DOS in virtio-9pfs (CVE-2016-9104 bsc#1007493) 0066-9pfs-fix-integer-overflow-issue-in-.patch * Fix DOS in JAZZ RC4030 emulation (CVE-2016-8667 bsc#1004702) 0067-dma-rc4030-limit-interval-timer-rel.patch * Fix DOS in i.MX NIC emulation (CVE-2016-7907 bsc#1002549) 0068-net-imx-limit-buffer-descriptor-cou.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7- Use fixed timestamps and stable build_id in ipxe and other ROMs * Patches added: ipxe-stable-buildid.patch- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patch updated: 0040-linux-user-skip-0-flag-from-proc-se.patch -> 0040-linux-user-remove-all-traces-of-qem.patch- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patches added: 0040-linux-user-skip-0-flag-from-proc-se.patch- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patches added: 0039-Fix-tlb_vaddr_to_host-with-CONFIG_U.patch- Document two new options, but leave jemalloc disabled for now - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patches dropped: 0034-build-link-with-libatomic-on-powerp.patch * Patches renamed: 0035-xen-SUSE-xenlinux-unplug-for-emulat.patch -> 0034-xen-SUSE-xenlinux-unplug-for-emulat.patch 0036-qemu-bridge-helper-reduce-security-.patch -> 0035-qemu-bridge-helper-reduce-security-.patch 0037-qemu-binfmt-conf-use-qemu-ARCH-binf.patch -> 0036-qemu-binfmt-conf-use-qemu-ARCH-binf.patch 0038-configure-Fix-detection-of-seccomp-.patch -> 0037-configure-Fix-detection-of-seccomp-.patch 0039-linux-user-properly-test-for-infini.patch -> 0038-linux-user-properly-test-for-infini.patch- Updated to v2.7.0: See http://wiki.qemu-project.org/ChangeLog/2.7 - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patches added: 0039-linux-user-properly-test-for-infini.patch- Use new kvm_stat package where available, else provide updated kvm_stat script.- Update to v2.7.0-rc5: See http://wiki.qemu-project.org/ChangeLog/2.7- Updated to v2.7.0-rc2: See http://wiki.qemu-project.org/ChangeLog/2.7 * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patches dropped: 0002-qemu-0.9.0.cvs-binfmt.patch (script rewritten upstream) 0009-block-vmdk-Support-creation-of-SCSI.patch (deprecated) 0014-linux-user-Ignore-broken-loop-ioctl.patch (implemented upstream) 0024-linux-user-add-more-blk-ioctls.patch (more implemented upstream) 0034-qtest-Increase-socket-timeout.patch (increased further upstream) 0036-configure-Enable-libseccomp-for-ppc.patch (enabled upstream) 0038-block-split-large-discard-requests-.patch 0041-xen-introduce-dummy-system-device.patch 0042-xen-write-information-about-support.patch 0043-xen-add-pvUSB-backend.patch 0044-xen-move-xen_sysdev-to-xen_backend..patch 0045-vnc-add-configurable-keyboard-delay.patch 0046-configure-add-echo_version-helper.patch 0047-configure-support-vte-2.91.patch 0048-hw-arm-virt-mark-the-PCIe-host-cont.patch 0050-scsi-esp-fix-migration.patch 0051-xen-when-removing-a-backend-don-t-r.patch 0052-xen-drain-submit-queue-in-xen-usb-b.patch 0053-qcow2-avoid-extra-flushes-in-qcow2.patch 0055-xen-use-a-common-function-for-pv-an.patch ipxe-ath9k-Fix-buffer-overrun-for-ar9287.patch ipxe-mucurses-Fix-GCC-6-nonnull-compare-errors.patch ipxe-sis190-Fix-building-with-GCC-6.patch ipxe-skge-Fix-building-with-GCC-6.patch ipxe-ath-Fix-building-with-GCC-6.patch ipxe-legacy-Fix-building-with-GCC-6.patch ipxe-util-v5.24-perl-errors-on-redeclare.patch ipxe-efi-fix-garbage-bytes-in-device-path.patch ipxe-efi-fix-uninitialised-data-in-HII.patch * Patches renamed: 0010-linux-user-add-binfmt-wrapper-for-a.patch -> 0009-linux-user-add-binfmt-wrapper-for-a.patch 0011-PPC-KVM-Disable-mmu-notifier-check.patch -> 0010-PPC-KVM-Disable-mmu-notifier-check.patch 0012-linux-user-fix-segfault-deadlock.patch -> 0011-linux-user-fix-segfault-deadlock.patch 0013-linux-user-binfmt-support-host-bina.patch -> 0012-linux-user-binfmt-support-host-bina.patch 0015-linux-user-lock-tcg.patch -> 0013-linux-user-lock-tcg.patch 0016-linux-user-Run-multi-threaded-code-.patch -> 0014-linux-user-Run-multi-threaded-code-.patch 0017-linux-user-lock-tb-flushing-too.patch -> 0015-linux-user-lock-tb-flushing-too.patch 0018-linux-user-Fake-proc-cpuinfo.patch -> 0016-linux-user-Fake-proc-cpuinfo.patch 0019-linux-user-implement-FS_IOC_GETFLAG.patch -> 0017-linux-user-implement-FS_IOC_GETFLAG.patch 0020-linux-user-implement-FS_IOC_SETFLAG.patch -> 0018-linux-user-implement-FS_IOC_SETFLAG.patch 0021-linux-user-XXX-disable-fiemap.patch -> 0019-linux-user-XXX-disable-fiemap.patch 0022-slirp-nooutgoing.patch -> 0020-slirp-nooutgoing.patch 0023-vnc-password-file-and-incoming-conn.patch -> 0021-vnc-password-file-and-incoming-conn.patch 0025-linux-user-use-target_ulong.patch -> 0022-linux-user-use-target_ulong.patch 0026-block-Add-support-for-DictZip-enabl.patch -> 0023-block-Add-support-for-DictZip-enabl.patch 0027-block-Add-tar-container-format.patch -> 0024-block-Add-tar-container-format.patch 0028-Legacy-Patch-kvm-qemu-preXX-dictzip.patch -> 0025-Legacy-Patch-kvm-qemu-preXX-dictzip.patch 0029-console-add-question-mark-escape-op.patch -> 0026-console-add-question-mark-escape-op.patch 0030-Make-char-muxer-more-robust-wrt-sma.patch -> 0027-Make-char-muxer-more-robust-wrt-sma.patch 0031-linux-user-lseek-explicitly-cast-no.patch -> 0028-linux-user-lseek-explicitly-cast-no.patch 0032-virtfs-proxy-helper-Provide-__u64-f.patch -> 0029-virtfs-proxy-helper-Provide-__u64-f.patch 0033-configure-Enable-PIE-for-ppc-and-pp.patch -> 0030-configure-Enable-PIE-for-ppc-and-pp.patch 0035-AIO-Reduce-number-of-threads-for-32.patch -> 0031-AIO-Reduce-number-of-threads-for-32.patch 0037-dictzip-Fix-on-big-endian-systems.patch -> 0032-dictzip-Fix-on-big-endian-systems.patch 0039-xen_disk-Add-suse-specific-flush-di.patch -> 0033-xen_disk-Add-suse-specific-flush-di.patch 0040-build-link-with-libatomic-on-powerp.patch -> 0034-build-link-with-libatomic-on-powerp.patch 0049-xen-SUSE-xenlinux-unplug-for-emulat.patch -> 0035-xen-SUSE-xenlinux-unplug-for-emulat.patch 0054-qemu-bridge-helper-reduce-security-.patch -> 0036-qemu-bridge-helper-reduce-security-.patch * Patches added: 0002-qemu-binfmt-conf-Modify-default-pat.patch 0037-qemu-binfmt-conf-use-qemu-ARCH-binf.patch * Package renamed trace-events-all file and linuxboot_dma.bin * Handle building and packaging roms for e1000e and vmxnet3 (Bruce) * Remove ipxe patches which are now enabled upstream (Bruce) * Enable seccomp for s390x (Mark Post): 0038-configure-Fix-detection-of-seccomp-.patch- Update to v2.6.1 a stable, bug-fix-only release (fate#316228) - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6 * Patches dropped (upstreamed): 0041-net-mipsnet-check-packet-length-aga.patch 0042-i386-kvmvapic-initialise-imm32-vari.patch 0043-esp-check-command-buffer-length-bef.patch 0044-esp-check-dma-length-before-reading.patch 0045-scsi-pvscsi-check-command-descripto.patch 0046-scsi-mptsas-infinite-loop-while-fet.patch 0047-vga-add-sr_vbe-register-set.patch 0048-scsi-megasas-use-appropriate-proper.patch 0049-scsi-megasas-check-read_queue_head-.patch 0050-scsi-megasas-null-terminate-bios-ve.patch 0051-vmsvga-move-fifo-sanity-checks-to-v.patch 0052-vmsvga-don-t-process-more-than-1024.patch 0053-block-iscsi-avoid-potential-overflo.patch 0054-scsi-esp-check-TI-buffer-index-befo.patch 0060-scsi-megasas-initialise-local-confi.patch 0065-scsi-esp-check-buffer-length-before.patch 0066-scsi-esp-respect-FIFO-invariant-aft.patch 0067-pci-assign-Move-Invalid-ROM-error-m.patch 0068-Xen-PCI-passthrough-fix-passthrough.patch 0069-scsi-esp-make-cmdbuf-big-enough-for.patch 0071-virtio-error-out-if-guest-exceeds-v.patch * Patches renamed: 0055-xen-introduce-dummy-system-device.patch - > 0041-xen-introduce-dummy-system-device.patch 0056-xen-write-information-about-support.patch - > 0042-xen-write-information-about-support.patch 0057-xen-add-pvUSB-backend.patch - > 0043-xen-add-pvUSB-backend.patch 0058-xen-move-xen_sysdev-to-xen_backend..patch - > 0044-xen-move-xen_sysdev-to-xen_backend..patch 0059-vnc-add-configurable-keyboard-delay.patch - > 0045-vnc-add-configurable-keyboard-delay.patch 0061-configure-add-echo_version-helper.patch - > 0046-configure-add-echo_version-helper.patch 0062-configure-support-vte-2.91.patch - > 0047-configure-support-vte-2.91.patch 0063-hw-arm-virt-mark-the-PCIe-host-cont.patch - > 0048-hw-arm-virt-mark-the-PCIe-host-cont.patch 0064-xen-SUSE-xenlinux-unplug-for-emulat.patch - > 0049-xen-SUSE-xenlinux-unplug-for-emulat.patch 0070-scsi-esp-fix-migration.patch - > 0050-scsi-esp-fix-migration.patch 0072-xen-when-removing-a-backend-don-t-r.patch - > 0051-xen-when-removing-a-backend-don-t-r.patch 0073-xen-drain-submit-queue-in-xen-usb-b.patch - > 0052-xen-drain-submit-queue-in-xen-usb-b.patch 0074-qcow2-avoid-extra-flushes-in-qcow2.patch - > 0053-qcow2-avoid-extra-flushes-in-qcow2.patch 0075-qemu-bridge-helper-reduce-security-.patch - > 0054-qemu-bridge-helper-reduce-security-.patch 0076-xen-use-a-common-function-for-pv-an.patch - > 0055-xen-use-a-common-function-for-pv-an.patch- Temporarily disable ceph (rbd) functionality in OBS due to staging issues.- use upstream solution for building xen-usb.c correctly - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6 * Patches dropped: 0058-usb-Fix-conditions-that-xen-usb.c-i.patch * Patches added: 0058-xen-move-xen_sysdev-to-xen_backend..patch- Incorporate patch carried in Xen's qemu to get same support as Xen switches to use the qemu package (bsc#953339, bsc#953362, bsc#953518, bsc#984981) 0064-xen-SUSE-xenlinux-unplug-for-emulat.patch - Fix more potential OOB accesses in 53C9X emulation (CVE-2016-5238 bsc#982959) 0065-scsi-esp-check-buffer-length-before.patch 0066-scsi-esp-respect-FIFO-invariant-aft.patch - Avoid "Invalid ROM" error message when it is not appropriate (bsc#982927) 0067-pci-assign-Move-Invalid-ROM-error-m.patch - Fix failure in Xen HVM PCI passthrough (bsc#981925, bsc#989250) 0068-Xen-PCI-passthrough-fix-passthrough.patch - Fix OOB access in 53C9X emulation (CVE-2016-6351 bsc#990835) 0069-scsi-esp-make-cmdbuf-big-enough-for.patch 0070-scsi-esp-fix-migration.patch - Avoid potential for guest initiated OOM condition in qemu through virtio interface (CVE-2016-5403 bsc#991080) 0071-virtio-error-out-if-guest-exceeds-v.patch - Fix potential crashes in qemu from pvusb bugs (bsc#986156) 0072-xen-when-removing-a-backend-don-t-r.patch 0073-xen-drain-submit-queue-in-xen-usb-b.patch - Avoid unneeded flushes in qcow2 which impact performance (bsc#991296) 0074-qcow2-avoid-extra-flushes-in-qcow2.patch - Finally get qemu-bridge-helper the permissions it needs for non- root usage. The kvm group is leveraged to control access. (boo#988279) 0075-qemu-bridge-helper-reduce-security-.patch - Fix pvusb not working for HVM guests (bsc#991785) 0076-xen-use-a-common-function-for-pv-an.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6 - Minor spec file formatting fixes- Fix ARM PCIe DMA coherency bug (bsc#991034) - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6 * Patches added: 0063-hw-arm-virt-mark-the-PCIe-host-cont.patch- Clean up the udev ifdeffery to cover systemd as well (boo#860275) - Trigger udev rules also under systemd (boo#989655) - Suppress s390x sysctl in chroot - Ignore s390x sysctl failures (agraf)- Build SLOF for SLE12 now that we have gcc fix (bsc#949000) - Add script for loading kvm module on s390x - Enable seccomp and iscsi support in more configurations - Enable more support for virtio-gpu - Fix /dev/kvm permissions problem with package install and no reboot (bnc#867867) - Remove libtool dependency - Disable more aggressive stack protector for performance reasons - Enable vte to be used again in more configurations (bsc#988855) - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6 * Patches added: 0061-configure-add-echo_version-helper.patch 0062-configure-support-vte-2.91.patch- Remove deprecated patch "work-around-SA_RESTART-race" (boo#982208) - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6 * Patches dropped: 0002-XXX-work-around-SA_RESTART-race-wit.patch 0003-qemu-0.9.0.cvs-binfmt.patch 0004-qemu-cvs-alsa_bitfield.patch 0005-qemu-cvs-alsa_ioctl.patch 0006-qemu-cvs-alsa_mmap.patch 0007-qemu-cvs-gettimeofday.patch 0008-qemu-cvs-ioctl_debug.patch 0009-qemu-cvs-ioctl_nodirection.patch 0010-block-vmdk-Support-creation-of-SCSI.patch 0011-linux-user-add-binfmt-wrapper-for-a.patch 0012-PPC-KVM-Disable-mmu-notifier-check.patch 0013-linux-user-fix-segfault-deadlock.patch 0014-linux-user-binfmt-support-host-bina.patch 0015-linux-user-Ignore-broken-loop-ioctl.patch 0016-linux-user-lock-tcg.patch 0017-linux-user-Run-multi-threaded-code-.patch 0018-linux-user-lock-tb-flushing-too.patch 0019-linux-user-Fake-proc-cpuinfo.patch 0020-linux-user-implement-FS_IOC_GETFLAG.patch 0021-linux-user-implement-FS_IOC_SETFLAG.patch 0022-linux-user-XXX-disable-fiemap.patch 0023-slirp-nooutgoing.patch 0024-vnc-password-file-and-incoming-conn.patch 0025-linux-user-add-more-blk-ioctls.patch 0026-linux-user-use-target_ulong.patch 0027-block-Add-support-for-DictZip-enabl.patch 0028-block-Add-tar-container-format.patch 0029-Legacy-Patch-kvm-qemu-preXX-dictzip.patch 0030-console-add-question-mark-escape-op.patch 0031-Make-char-muxer-more-robust-wrt-sma.patch 0032-linux-user-lseek-explicitly-cast-no.patch 0033-virtfs-proxy-helper-Provide-__u64-f.patch 0034-configure-Enable-PIE-for-ppc-and-pp.patch 0035-qtest-Increase-socket-timeout.patch 0036-AIO-Reduce-number-of-threads-for-32.patch 0037-configure-Enable-libseccomp-for-ppc.patch 0038-dictzip-Fix-on-big-endian-systems.patch 0039-block-split-large-discard-requests-.patch 0040-xen_disk-Add-suse-specific-flush-di.patch 0041-build-link-with-libatomic-on-powerp.patch 0042-net-mipsnet-check-packet-length-aga.patch 0043-i386-kvmvapic-initialise-imm32-vari.patch 0044-esp-check-command-buffer-length-bef.patch 0045-esp-check-dma-length-before-reading.patch 0046-scsi-pvscsi-check-command-descripto.patch 0047-scsi-mptsas-infinite-loop-while-fet.patch 0048-vga-add-sr_vbe-register-set.patch 0049-scsi-megasas-use-appropriate-proper.patch 0050-scsi-megasas-check-read_queue_head-.patch 0051-scsi-megasas-null-terminate-bios-ve.patch 0052-vmsvga-move-fifo-sanity-checks-to-v.patch 0053-vmsvga-don-t-process-more-than-1024.patch 0054-block-iscsi-avoid-potential-overflo.patch 0055-scsi-esp-check-TI-buffer-index-befo.patch 0056-xen-introduce-dummy-system-device.patch 0057-xen-write-information-about-support.patch 0058-xen-add-pvUSB-backend.patch 0059-usb-Fix-conditions-that-xen-usb.c-i.patch 0060-vnc-add-configurable-keyboard-delay.patch 0061-scsi-megasas-initialise-local-confi.patch * Patches added: 0002-qemu-0.9.0.cvs-binfmt.patch 0003-qemu-cvs-alsa_bitfield.patch 0004-qemu-cvs-alsa_ioctl.patch 0005-qemu-cvs-alsa_mmap.patch 0006-qemu-cvs-gettimeofday.patch 0007-qemu-cvs-ioctl_debug.patch 0008-qemu-cvs-ioctl_nodirection.patch 0009-block-vmdk-Support-creation-of-SCSI.patch 0010-linux-user-add-binfmt-wrapper-for-a.patch 0011-PPC-KVM-Disable-mmu-notifier-check.patch 0012-linux-user-fix-segfault-deadlock.patch 0013-linux-user-binfmt-support-host-bina.patch 0014-linux-user-Ignore-broken-loop-ioctl.patch 0015-linux-user-lock-tcg.patch 0016-linux-user-Run-multi-threaded-code-.patch 0017-linux-user-lock-tb-flushing-too.patch 0018-linux-user-Fake-proc-cpuinfo.patch 0019-linux-user-implement-FS_IOC_GETFLAG.patch 0020-linux-user-implement-FS_IOC_SETFLAG.patch 0021-linux-user-XXX-disable-fiemap.patch 0022-slirp-nooutgoing.patch 0023-vnc-password-file-and-incoming-conn.patch 0024-linux-user-add-more-blk-ioctls.patch 0025-linux-user-use-target_ulong.patch 0026-block-Add-support-for-DictZip-enabl.patch 0027-block-Add-tar-container-format.patch 0028-Legacy-Patch-kvm-qemu-preXX-dictzip.patch 0029-console-add-question-mark-escape-op.patch 0030-Make-char-muxer-more-robust-wrt-sma.patch 0031-linux-user-lseek-explicitly-cast-no.patch 0032-virtfs-proxy-helper-Provide-__u64-f.patch 0033-configure-Enable-PIE-for-ppc-and-pp.patch 0034-qtest-Increase-socket-timeout.patch 0035-AIO-Reduce-number-of-threads-for-32.patch 0036-configure-Enable-libseccomp-for-ppc.patch 0037-dictzip-Fix-on-big-endian-systems.patch 0038-block-split-large-discard-requests-.patch 0039-xen_disk-Add-suse-specific-flush-di.patch 0040-build-link-with-libatomic-on-powerp.patch 0041-net-mipsnet-check-packet-length-aga.patch 0042-i386-kvmvapic-initialise-imm32-vari.patch 0043-esp-check-command-buffer-length-bef.patch 0044-esp-check-dma-length-before-reading.patch 0045-scsi-pvscsi-check-command-descripto.patch 0046-scsi-mptsas-infinite-loop-while-fet.patch 0047-vga-add-sr_vbe-register-set.patch 0048-scsi-megasas-use-appropriate-proper.patch 0049-scsi-megasas-check-read_queue_head-.patch 0050-scsi-megasas-null-terminate-bios-ve.patch 0051-vmsvga-move-fifo-sanity-checks-to-v.patch 0052-vmsvga-don-t-process-more-than-1024.patch 0053-block-iscsi-avoid-potential-overflo.patch 0054-scsi-esp-check-TI-buffer-index-befo.patch 0055-xen-introduce-dummy-system-device.patch 0056-xen-write-information-about-support.patch 0057-xen-add-pvUSB-backend.patch 0058-usb-Fix-conditions-that-xen-usb.c-i.patch 0059-vnc-add-configurable-keyboard-delay.patch 0060-scsi-megasas-initialise-local-confi.patch - Enable ceph (rbd) support for aarch64- Enable ceph (rbd) support- Fix OVMF iPXE network menu (bsc#986033, boo#987488) ipxe-efi-fix-garbage-bytes-in-device-path.patch ipxe-efi-fix-uninitialised-data-in-HII.patch- Fix host information leak to guest in MegaRAID SAS 8708EM2 Host Bus AdapterMegaRAID SAS 8708EM2 Host Bus Adapter emulation support (CVE-2016-5105 bsc#982017) * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6 0061-scsi-megasas-initialise-local-confi.patch- Address various security/stability issues * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6 * Fix OOB access in megasas emulated device (CVE-2016-5106 bsc#982018) 0049-scsi-megasas-use-appropriate-proper.patch * Fix OOB access in megasas emulated device (CVE-2016-5107 bsc#982019) 0050-scsi-megasas-check-read_queue_head-.patch * Fix OOB access in megasas emulated device (CVE-2016-5337 bsc#983961) 0051-scsi-megasas-null-terminate-bios-ve.patch * Correct the vmvga fifo access checks (CVE-2016-4454 bsc#982222) 0052-vmsvga-move-fifo-sanity-checks-to-v.patch * Fix potential DoS issue in vmvga processing (CVE-2016-4453 bsc#982223) 0053-vmsvga-don-t-process-more-than-1024.patch * Fix heap buffer overflow flaw when iscsi protocol is used (CVE-2016-5126 bsc#982285) 0054-block-iscsi-avoid-potential-overflo.patch * Fix OOB access in 53C9X emulation (CVE-2016-5338 bsc#983982) 0055-scsi-esp-check-TI-buffer-index-befo.patch - Add support to qemu for pv-usb under Xen (fate#316612) 0056-xen-introduce-dummy-system-device.patch 0057-xen-write-information-about-support.patch 0058-xen-add-pvUSB-backend.patch 0059-usb-Fix-conditions-that-xen-usb.c-i.patch - Provide ability to rate limit keyboard events from the vnc server. This is part of the solution to an issue affecting openQA testing, where characters are lost, resulting in unexpected failures (bsc#974914) 0060-vnc-add-configurable-keyboard-delay.patch- Adjust to parallel changes in virglrenderer packages - no longer "BuildRequires" virglrenderer directly, just the devel package.- Fix build compatibility with gcc6 wrt ipxe rom where compiler warnings are treated as errors. ipxe-ath9k-Fix-buffer-overrun-for-ar9287.patch ipxe-mucurses-Fix-GCC-6-nonnull-compare-errors.patch ipxe-sis190-Fix-building-with-GCC-6.patch ipxe-skge-Fix-building-with-GCC-6.patch ipxe-ath-Fix-building-with-GCC-6.patch ipxe-legacy-Fix-building-with-GCC-6.patch - Fix ipxe build script which fails under perl v5.24 ipxe-util-v5.24-perl-errors-on-redeclare.patch - Specify build time disk space requirements for ppc64 and ppc64le- Add sysctl script and %post on s390x to allow kvm usage (bsc#975331)- Address various security/stability issues * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6 * Fix OOB access in MIPSnet emulated controller CVE-2016-4002 (bsc#975136) 0042-net-mipsnet-check-packet-length-aga.patch * Fix possible host data leakage to guest from TPR access CVE-2016-4020 (bsc#975700) 0043-i386-kvmvapic-initialise-imm32-vari.patch * Avoid OOB access in 53C9X emulation CVE-2016-4439 (bsc#980711) 0044-esp-check-command-buffer-length-bef.patch * Avoid OOB access in 53C9X emulation CVE-2016-4441 (bsc#980723) 0045-esp-check-dma-length-before-reading.patch * Avoid OOB access in Vmware PV SCSI emulation CVE-2016-4952 (bsc#981266) 0046-scsi-pvscsi-check-command-descripto.patch * Avoid potential DoS in LSI SAS1068 emulation CVE-2016-4964 (bsc#981399) 0047-scsi-mptsas-infinite-loop-while-fet.patch * Fix regression in vga behavior - introduced in v2.6.0 CVE-2016-3712 (bsc#978160) 0048-vga-add-sr_vbe-register-set.patch- Update to v2.6.0: See http://wiki.qemu-project.org/ChangeLog/2.6 - Enable SDL2, virglrenderer (for use with virtio-gpu), xfsctl, and tracing using default log backend - Build efi pxe roms on x86_64- Check modules for conflicting release versions - Suggest recently added block modules- Bump copyright in qemu.spec.in - Enable libiscsi for Factory - Enable seccomp for ppc64le as well- Update to v2.6.0-rc3: See http://wiki.qemu-project.org/ChangeLog/2.6 * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6 * Patches dropped (upstreamed): 0041-tests-Use-correct-config-param-for-.patch * Patches renamed: 0042-build-link-with-libatomic-on-powerp.patch -> 0041-build-link-with-libatomic-on-powerp.patch- Partially revert the last change's cleanup - Indicate SUSE version- Update to v2.6.0-rc0: See http://wiki.qemu-project.org/ChangeLog/2.6 * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6 * Accept every size in DISCARD request from a guest (bsc#964427) 0039-block-split-large-discard-requests-.patch * Recognize libxl flag to disable flush in block device (bsc#879425) 0040-xen_disk-Add-suse-specific-flush-di.patch * Use correct flag for crypto tests 0041-tests-Use-correct-config-param-for-.patch * Fix build on powerpc: 0042-build-link-with-libatomic-on-powerp.patch * Patches dropped (upstreamed): seabios_checkrom_typo.patch seabios_avoid_smbios_signature_string.patch- Disable vte for Leap, fixing build- Don't drop u-boot.e500 yet - breaks testsuite- Re-enable libcacard support - Clean up configured features- Clean up qemu-tools libcacard Provides/Obsoletes - separate again - Drop u-boot.e500 - being packaged as u-boot-ppce500- Update to v2.5.0: See http://wiki.qemu-project.org/ChangeLog/2.5 * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.5 * Patches dropped (upstreamed): 0039-tests-Fix-check-report-qtest-target.patch- Fix build on openSUSE 13.2- Fix testsuite on 32bit systems (bsc#957379)- Update to v2.5.0-rc1: See http://wiki.qemu-project.org/ChangeLog/2.5 * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.5 * Rebase libseccomp enablement: 0037-Revert-Revert-seccomp-tests-that-al.patch -> 0037-configure-Enable-libseccomp-for-ppc.patch * Provide qemu-ga and qemu-ipxe for qemu-testsuite - Clean up qemu-ksm recommendation- Fix SLE11 build by fixing systemd conditionalization (from olh)- Update to v2.5.0-rc0: See http://wiki.qemu-project.org/ChangeLog/2.5 * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.5 * Patches dropped (upstream): 0038-tcg-aarch64-Fix-tcg_out_qemu_-ld-st.patch 0039-tests-Unique-test-path-for-string-v.patch gcc5-ipxe-add-missing-const-qualifiers.patch gcc5-ipxe-ath9k-Remove-confusing-logic-inversion-in-an-ANI-var.patch SLOF_ppc64le.patch * Patch renamed: 0040-dictzip-Fix-on-big-endian-systems.patch -> 0038-dictzip-Fix-on-big-endian-systems.patch * --enable-smartcard-nss -> --enable-smartcard Needs an external libcacard, so drop it for now. * Drop --enable-vnc-tls * Require xz-devel for ipxe build * Package qemu-ga(8) man page * Package ivshmem-{client,server} * Patches added: 0039-tests-Fix-check-report-qtest-target.patch- Add systemd unit file and udev rules for qemu guest agent - taken from the SLE12 / Leap package, see boo#955707- Add _constraints file (based on work by kenljohnson)- Enable SLOF build for ppc64le, too, now (bsc#949000, bsc#949016)- Allow building SLOF on ppc64le (bsc#949016) SLOF_ppc64le.patch - Add two checks for DictZip and tar qemu-img behavior (bsc#945778) * Clean up qemu-testsuite build/installation- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.4 * Fix endianness issues in DictZip block driver (bsc#937572, bsc#945778) 0027-block-Add-support-for-DictZip-enabl.patch 0028-block-Add-tar-container-format.patch 0040-dictzip-Fix-on-big-endian-systems.patch- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.4 * Fix qemu-testsuite for glib2-2.46.0 by assuring uniqueness of paths 0039-tests-Unique-test-path-for-string-v.patch- Build SLOF on ppc64 (bsc#949016, thanks to k0da) * Simplify x86 fw logic while at it - No need to enable KVM for armv6hl - Add notice about pre_checkin.sh to update_git.sh- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.4 * Fix aarch64 TCG: 0038-tcg-aarch64-Fix-tcg_out_qemu_-ld-st.patch- Update to v2.4.0: See http://wiki.qemu-project.org/ChangeLog/2.4- Update to v2.4.0-rc2: See http://wiki.qemu-project.org/ChangeLog/2.4 * Provide qemu-img symlink instead of passing QTEST_QEMU_IMG- Update to v2.4.0-rc1: See http://wiki.qemu-project.org/ChangeLog/2.4 * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.4 * Patches dropped: 0037-linux-user-Allocate-thunk-size-dyna.patch 0039-s390x-Fix-stoc-direction.patch 0040-s390x-Add-interlocked-access-facili.patch 0041-fdc-force-the-fifo-access-to-be-in-.patch 0042-rules.mak-Force-CFLAGS-for-all-obje.patch 0043-qcow2-Set-MIN_L2_CACHE_SIZE-to-2.patch 0044-hw-arm-boot-Increase-fdt-alignment.patch * Patches renamed: 0038-Revert-Revert-seccomp-tests-that-al.patch -> 0037-Revert-Revert-seccomp-tests-that-al.patch * Package new vgabios-virtio.bin * target-x86_64.conf was dropped * Add qemu-block-dmg module sub-package * Set QTEST_QEMU_IMG variable for ahci-test * --enable-quorum and --enable-vnc-ws are no longer available- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 - Fix -kernel boot for AArch64 * Patches added: 0044-hw-arm-boot-Increase-fdt-alignment.patch- Use libusb-1_0-devel as buildrequires, not the old unused compatibility layer in libusb-devel- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 - Fix qemu2 cow caching (bsc#933132) * Patches added: 0043-qcow2-Set-MIN_L2_CACHE_SIZE-to-2.patch- Patch queue updated from git://github.com/jirislaby/qemu.git opensuse-2.3 * Patches added: 0042-rules.mak-Force-CFLAGS-for-all-obje.patch gcc5-ipxe-add-missing-const-qualifiers.patch gcc5-ipxe-ath9k-Remove-confusing-logic-inversion-in-an-ANI-var.patch- Fix CVE-2015-3456 (boo#929339) 0041-fdc-force-the-fifo-access-to-be-in-.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 * Patches added: 0040-s390x-Add-interlocked-access-facili.patch - Disable dependency on libnuma for s390x (not available in SLE12)- Update to v2.3.0: See http://wiki.qemu-project.org/ChangeLog/2.3 - Disable iotests for now- Update to v2.3.0-rc4: See http://wiki.qemu-project.org/ChangeLog/2.3- Update seabios_avoid_smbios_signature_string.patch with version applied upstream- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 - Fix s390x stoc instructions 0039-s390x-Fix-stoc-direction.patch- Update to v2.3.0-rc3: See http://wiki.qemu-project.org/ChangeLog/2.3 * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 * Patches dropped (applied upstream): 0037-tcg-tcg-op.c-Fix-ld-st-of-64-bit-va.patch * Patches renamed: 0038-linux-user-Allocate-thunk-size-dyna.patch -> 0037-linux-user-Allocate-thunk-size-dyna.patch * Revert -rc3 change to disable seccomp on non-x86 architectures 0038-Revert-Revert-seccomp-tests-that-al.patch- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 - Fix qemu-linux-user on powerpc * Patches added: 0038-linux-user-Allocate-thunk-size-dyna.patch- Split off qemu-testsuite.spec * Package check-report.html and check-report.xml * Enable quick iotests - Dropped 0030-net-Warn-about-default-MAC-address.patch The warning is relevant only for bridged setups, not for the default SLIRP based -net user / -netdev user setup, and it breaks output expectations of some iotests. * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 * Patches renamed: 0031-console-add-question-mark-escape-op.patch -> 0030-console-add-question-mark-escape-op.patch 0032-Make-char-muxer-more-robust-wrt-sma.patch -> 0031-Make-char-muxer-more-robust-wrt-sma.patch 0033-linux-user-lseek-explicitly-cast-no.patch -> 0032-linux-user-lseek-explicitly-cast-no.patch 0034-virtfs-proxy-helper-Provide-__u64-f.patch -> 0033-virtfs-proxy-helper-Provide-__u64-f.patch 0035-configure-Enable-PIE-for-ppc-and-pp.patch -> 0034-configure-Enable-PIE-for-ppc-and-pp.patch 0036-qtest-Increase-socket-timeout.patch -> 0035-qtest-Increase-socket-timeout.patch 0037-AIO-Reduce-number-of-threads-for-32.patch -> 0036-AIO-Reduce-number-of-threads-for-32.patch 0038-tcg-tcg-op.c-Fix-ld-st-of-64-bit-va.patch -> 0037-tcg-tcg-op.c-Fix-ld-st-of-64-bit-va.patch - Re-enable glusterfs on Factory (updated from v3.6.1 to v3.6.2) - Re-enable seccomp for armv7l (libseccomp submission pending)- Suppress seccomp for Factory armv7l (broken in libseccomp v2.2.0) - Disable glusterfs explicitly on Factory, SLE12 and before 13.1- Enable glusterfs and package as qemu-block-gluster glusterfs post-v3.5.3 and v3.6.1/v3.6.2 have switched the glusterfs-api.pc version incompatibly, so only 13.1+13.2 for now - Use macro for module Conflicts- Tidy configure options: * Move --enable-modules to build options * Sort libusb alphabetically * Explicitly enable attr, bluez, fdt, lzo, tpm, vhdx, vhost-net, vnc, xen-pci-passthrough * Enable bzip2 * Enable libssh2 where possible and package as qemu-block-ssh * Enable numa where a compatible numactl is available * Enable quorum where a compatible gnutls is available * Enable snappy where possible * Prepare to enable glusterfs * Explicitly enable the nop tracing backend (to be revisited) * Explicitly disable Archipelago, as we don't have libxseg and it's incompatibly GPL-3.0+ * Explicitly disable libiscsi, libnfs, netmap and rbd as we don't have packages * Drop deprecated --enable-virtio-blk-data-plane (now default)- Fix 64-bit TCG stores on 32-bit Big Endian hosts (ppc) 0038-tcg-tcg-op.c-Fix-ld-st-of-64-bit-va.patch * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3- Update to v2.3.0-rc2: See http://wiki.qemu-project.org/ChangeLog/2.3 * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 * Patches dropped (upstreamed): 0038-fw_cfg-test-Fix-test-path-to-includ.patch 0039-rcu-tests-fix-compilation-on-32-bit.patch- make check was failing due to a bogus SMBIOS signature being encountered within SeaBIOS. Avoid having that signature stored randomly within the SeaBIOS image. * seabios_avoid_smbios_signature_string.patch- Build x86 firmware only from 13.1 on (11.4 was broken, surpassing 128 KB) - Update to v2.3.0-rc1: See http://wiki.qemu-project.org/ChangeLog/2.3 * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 * Patches dropped (upstreamed): 0038-linux-user-Fix-emulation-of-splice-.patch 0039-ide-fix-cmd_write_pio-when-nsectors.patch 0040-ide-fix-cmd_read_pio-when-nsectors-.patch 0041-ahci-Fix-sglist-offset-manipulation.patch 0042-ahci-test-improve-rw-buffer-pattern.patch 0045-linux-user-fix-broken-cpu_copy.patch * Patches renamed: 0043-fw_cfg-test-Fix-test-path-to-includ.patch -> 0038-fw_cfg-test-Fix-test-path-to-includ.patch 0044-rcu-tests-fix-compilation-on-32-bit.patch -> 0039-rcu-tests-fix-compilation-on-32-bit.patch- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 * Patches added: 0045-linux-user-fix-broken-cpu_copy.patch- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 * Make test path for fw_cfg-test unique (including architecture) 0043-fw_cfg-test-Fix-test-path-to-includ.patch * Fix rcu tests build on ppc (undefined reference to `__sync_fetch_and_add_8') 0044-rcu-tests-fix-compilation-on-32-bit.patch - Fix typo in SeaBIOS size check seabios_checkrom_typo.patch- Update to v2.3.0-rc0: See http://wiki.qemu-project.org/ChangeLog/2.3 * Updated update_git.sh accordingly * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 * seabios_128kb.patch: Added patch to squeeze SeaBIOS into 128 KB with our gcc 4.8.3 (brogers@suse.com) - Renamed 0030-Legacy-Patch-kvm-qemu-preXX-report-.patch to 0030-net-Warn-about-default-MAC-address.patch: Suppress warning for accel=qtest, to sanitize make check results. - Added patches to fix ahci-test: 0039-ide-fix-cmd_write_pio-when-nsectors.patch 0040-ide-fix-cmd_read_pio-when-nsectors-.patch 0041-ahci-Fix-sglist-offset-manipulation.patch 0042-ahci-test-improve-rw-buffer-pattern.patch- Update company name in spec file templates - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.2 * Patches added: 0038-linux-user-Fix-emulation-of-splice-.patch- Add user kvm when installing guest-agent. - Use macro to update udev_rules when available- Fix packaging of e500 U-Boot - Don't rely on wildcard with explicit excludes- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.2 * Patches added: 0037-AIO-Reduce-number-of-threads-for-32.patch- Update to v2.2.0: See http://wiki.qemu-project.org/ChangeLog/2.2 * Updated DictZip and Tar block backends accordingly - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.2 * Patches dropped: 0015-target-arm-linux-user-no-tb_flush-o.patch (tb_flush() not called) 0037-tests-Don-t-run-qom-test-twice.patch (superseded) 0039-linux-user-Cast-validity-checks-on-.patch (helper function introduced) 0040-linux-user-Convert-blkpg-to-use-a-s.patch (upstreamed) * Patched renumbered: 0016-linux-user-Ignore-broken-loop-ioctl.patch -> 0015-linux-user-Ignore-broken-loop-ioctl.patch 0017-linux-user-lock-tcg.patch -> 0016-linux-user-lock-tcg.patch 0018-linux-user-Run-multi-threaded-code-.patch -> 0017-linux-user-Run-multi-threaded-code-.patch 0019-linux-user-lock-tb-flushing-too.patch -> 0018-linux-user-lock-tb-flushing-too.patch 0020-linux-user-Fake-proc-cpuinfo.patch -> 0019-linux-user-Fake-proc-cpuinfo.patch 0021-linux-user-implement-FS_IOC_GETFLAG.patch -> 0020-linux-user-implement-FS_IOC_GETFLAG.patch 0022-linux-user-implement-FS_IOC_SETFLAG.patch -> 0021-linux-user-implement-FS_IOC_SETFLAG.patch 0023-linux-user-XXX-disable-fiemap.patch -> 0022-linux-user-XXX-disable-fiemap.patch 0024-slirp-nooutgoing.patch -> 0023-slirp-nooutgoing.patch 0025-vnc-password-file-and-incoming-conn.patch -> 0024-vnc-password-file-and-incoming-conn.patch 0026-linux-user-add-more-blk-ioctls.patch -> 0025-linux-user-add-more-blk-ioctls.patch 0027-linux-user-use-target_ulong.patch -> 0026-linux-user-use-target_ulong.patch 0028-block-Add-support-for-DictZip-enabl.patch -> 0027-block-Add-support-for-DictZip-enabl.patch 0029-block-Add-tar-container-format.patch -> 0028-block-Add-tar-container-format.patch 0030-Legacy-Patch-kvm-qemu-preXX-dictzip.patch -> 0029-Legacy-Patch-kvm-qemu-preXX-dictzip.patch 0031-Legacy-Patch-kvm-qemu-preXX-report-.patch -> 0030-Legacy-Patch-kvm-qemu-preXX-report-.patch 0032-console-add-question-mark-escape-op.patch -> 0031-console-add-question-mark-escape-op.patch 0033-Make-char-muxer-more-robust-wrt-sma.patch -> 0032-Make-char-muxer-more-robust-wrt-sma.patch 0034-linux-user-lseek-explicitly-cast-no.patch -> 0033-linux-user-lseek-explicitly-cast-no.patch 0035-virtfs-proxy-helper-Provide-__u64-f.patch -> 0034-virtfs-proxy-helper-Provide-__u64-f.patch 0036-configure-Enable-PIE-for-ppc-and-pp.patch -> 0035-configure-Enable-PIE-for-ppc-and-pp.patch 0038-qtest-Increase-socket-timeout.patch -> 0036-qtest-Increase-socket-timeout.patch/bin/sh/bin/sh/bin/sh/bin/shcloud114 15578575312.11.2-lp150.7.22.12.11.2-lp150.7.22.1qemu-gaqemu-ga@.service80-qemu-ga.rulesqemu-ga.8.gz/usr/bin//usr/lib/systemd/system//usr/lib/udev/rules.d//usr/share/man/man8/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:10219/openSUSE_Leap_15.0_Update/92fd06ae35298416e77cc3918fb8790f-qemu.openSUSE_Leap_15.0_Updatecpioxz5x86_64-suse-linuxELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.2.0, BuildID[sha1]=72da5016bbfbe99a01282263a83919948525ddee, strippedASCII texttroff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)RRRRRRRR R R R RR RRRRRRRx/χ1!^modalias(acpi*:QEMU0002%3A*)modalias(pci:v00005853d00000001sv*sd*bc*sc*i*)modalias(pci:v0000FFFDd00000101sv*sd*bc*sc*i*)utf-820b7a57567b7b710b2209ec05ddb141fdb89c0ed1796798ededc170caafc71c0?p7zXZ !t/mz] crv9ua&6Fg/ nd4?^4M_Ⱥ Z{N Ci#IM3) Hc'HװM*Hk|ϐWp15g,LXq݌QK~`>@ l18/n񞼂1H 4,BZUǫ6GpvEy>3lIa;a":1bބNKy`YuHB_Us{:>Z{ql=^s#R2&]qu^Bhk^J'h2PG3bff ;h!IO::ml8^v `-'ݼB/SUn@fr;MB7no> +pje-)D!}@jO@UU$\QWG2۱7͂Cyj#l!e ,,0ǟo&KW}mhBc3ӦJih"CjhhMFs^=$Ab$W}pJW|mX1JhT ) C'!"~Sl_J1y?Kru4' e6^^Tg2oy.1.c͢%ځ{N}ۧDkUXXI>Gmր?Yvj/* :5n}=`ޚ+Xz.q4l}# MS Ϲe8%i"VL Tydaj{ -\\vf ٶ5;j݀u`W.L>)=N|LsyQ3/"9>]޷ZyRۀyOd"Xr6 [jfvv9x0f(sc0eL0:Pl"*$Q" NO*kZXGdC~ +(monO!*La; _hgd1եzp$-$}}(>pXWCB9Qܵg!3/"&O, WtFSoU7c]&v&=yǑ :sT8}5eF;7 9Roar`Ӊ&w+;X8<'*VAPm0z̚f XʅrY/W-$FG^ێ~|f5ao(f/]C a5۬A;߶˹ύsi|HO-i:<ԑ4K/ $>/ sqO67`q@gA]LdG#{H|dOb@KUv?vla*YZcM{k39(7.4AǶW bHJR݉ (Bjv)[s&Y{ /^@ҐrbPc1T5J"E  ^>Hsk(puE󄜆j:wUr~(%^ހ ,9@U@hJyhA9OjL$[y< 6O l,L|Ă̎PaYgptLyge'~Aޛ^S\:vA[jU@ dEVURSO-;BYi#1h\-6P7k?k둈z /i*5›7 $ H}~ԹJIԼ&4 @cW$CK88FV笻^Xœ>A/K̃b9 @ 'mVJa#<|)7 !?^b4ݻ.Gr3hDeaqIXyߢjKr(dcy2ht׋'U*XgDߡ M+_j2RW}H[YrUu887׵J@[޸dy<4r.Q H.7Or~-)\,sih 46ڑ~hг:a%Qd~٦IȔEQ76? nL2w*-DlOaqsur,:VS+U-jJrF&ܕ,g+Lu'&7hՃq"E~HR z DV}GsO!GPĐQ? }kSg. ϜWqȂ*/Sxzc f0@j} w$QeΦ6Z9wqRH~j!:O^[Jj vUnݾK}mXR?i9LDCB_0Ƒo=VqK3SvMfBwFr'@8B̗>1=׽İ-0aaH(o h/kYGv4ky?>sbvũHT8[z4tF i9*mI_ k jcW(C~]Ub9Z5z8 ،|7@'^(onys8Y8kx6JCg+;6]:$Jz8m:<$N2;UeZS|rV+H|:+GJ/|:)kQ;c>oK禝X&-dT0+!?cG)$/#U,j!>=j>[B={99i3qNnvNܚYGg# d0Nғp)MQ}Ϯ(t&Nl;fYjBZ g;ZNF3Ǣ9kWV M@zbKOJ?WYvExɖbS ?q/P~yZZcN;5L5[ {2ZV`QHf 2|DcF{\Jq'5W0!d] ){=s ľ$TF@ـ&T8 ,2Kֻd強Ojuuk2ۤQB|34/sjE3l4w.m =w8TbuI"6`A <8s[r!>6h0#SPD ZtYsġAQ!mWXE1Pm*ӭcMTHQM3imRZ3/$gH)&XM(Lwp.XŜߴUJIۊ?{ɉff\2$_!9 l&NdZaȭD(N9X~=zތ?LSc10ּt1vb! oZ猷8 M${{<1 5rŠ fsE˽i8LTm'+ V;}ܩ$p&K iïJ2ɝ)EF#YaXɰ3ldH|T LCj N+lI}:Y>UX`@%PAΖȗ(z֦[2$x5}c9L?{lP'F#G-OI?3H._4[Yg,29Pv~7Mu:@ 9ߧ <}&mM)aN^ (hhh4|o qY0C 9ǨVunY<X^Mc4NRߗsFj}0n?_r5ed_#_k9TxҼ3r3C?0~j(VPZ~2a(mmN'/MDƼ м^9 `.ypK!g[eFePCq^-o٬!&NOt)*Yey+bL[OJ=g+}OĎ;͑+xS`6r`YDf*X5NxUxPQ#u Xlp jIxϑٰBΑ ꧍02D.Pn7}.~( 3)=s\ģV6Ef]n']Y.^~ݻ+hTDj`,ZjKkdp&Nö.ݢxeMڤKd4'ڃ @ 8S Е]B ׫x+S]츥O ՛X 7W(tgRntK]9G{+ (3}ԫ_cM~tZ2 ~8~rU±KQPM/dlV-F)lG]s$Ja33wKqV?$ѰhZG\ead~5}# >+ nMQܫ9k(*Ir+ TؽӺ _ 2ۮGb,>4\OвŃ )9SCMM(x]x7rZYv;CV/(0@ γ,@%5>0 9n Kہ aǮ EVBA~W (ە@H@ zYC°}}]Uk[(gʥ$Mc2hj\S!-% "t[x|2(q|Կ.̥Hɸ4.8!;/DpdأPGDSnmK6Gcٰ e84}i>"hQ%qap> DW؈ҩfLW61-WQ{7W;awQ\/qygONO@`iBGVݧgk̆8JETT~`-MuEk]I~h{?h,7~%%zY45.4b"j!&-C84ZXP: )B!Yۯ{\%3[o0xъG3E+v!Ds`a Ž8|Wv+(]M0g)4)QO8݁AO'g|fZ I p۹~Pq6oXzDڀS?ǯ+eOro=:RJeOX,Gʂj̴9Ȃ.PJV{:8\k4:vhzo&BΛOCh!R1U{(hF Ǎ9#B"}cQz}eJw%{{ ȆmK6{x0:Y=L dpbRkbĿ)~05?0TLӍMB ?8 D sǠۡ0m  ʡ8]f:3h >V5QK˦ Qѯʡ ;MP82 D}|hkL:!)th(]Ӯk$lWކEp(-Hl+,lc,*wWTZBߛY0+ wϠfg vqb, *{K"^0ꇻ2?,0}QCeX\c6%ZdIfagӔx [Ї˩-V>HD XIKe Ey Fp9j'j209o^g><: ?P-YGu|҈v\JPJPFaK(B 64I{ LGͮKFQċ"Zdǀ'Tвkq1^eH@KV{OOE/qh{j ^)3fXҹZڵBdԆ(1d}oӇ /UT7>ԟRTB*ϱjeNJ3N2&W br&@&Zb:f2&C_'{י>Xk4mG-E ^*  }WX`ăTD_NǛ;|BEle dՍܪ4 @m3hсN O՚ԏݧr=:/xaq' xc f@ޖCH7XhRB0u:_@%+32(}cW[+Bۨ W,0wU!R,qjNf7=W9V- LY\$wYfQ=5,=ʇ+q+"(:; "\Le=|۫Hs[);vDa@fE*\/+ݖj, {RHζO03P.lcU>& /18s7\fLp:]cOV'Gr\ԭMZXXB)PNCF8Z X[~l=fͬ74AaZQB@%ܽrEN%2q5/H֠7v:}|-tnT@CCb:C>}u{Cd]!+T.= ɓ(iT$s' <߾ҙ_ /B>WiAʩ[NÑ4ǯu _CK923OyA<#F^Y_ ̼I#9uT٥ɅG>#C5>M9iT_ց"eˈ%h&P1WN^R!ZǫlctQe+|҇r%1(# lo-f3 ॐ+e[kZ[x3t _d RJ|>;!X:i]CP1UlAl)5c܌}o)``VѤlL1oITDhZ6ZZ:7[g y,(<-*?EE{Ojnh^\06[]ppkԏU4%Zo30~8eL6o8Y}㖂 (qo7qVHhs59 Db dܹ0u 6&svZ DDp1a_DNuNBxۦ!-HYC?>p.Uxwլv/KO<&:yB/Z]peD.MrI $ loVoAա\]HXO&U=6Jg^lپD5Ox s+vBΎ'2DDSwϓIc'O0jg Äu,Tx^2DE֦tvwBzO4@aiԩ?"[W|됦'feOm\ɓByYOUL"OwH"*>y<};ALuK"8(LąR^[e hy[~rRYwR 񐏖a^AdlOu*{-| [p$",̍ȹ=a=uW0VuVZ9gisC/8QD?&RwI[֍zMIV9C^VE*ǓpKm;$ʈ tDhOb^= T<>XtihM"4ԇ#CtBμ@YM#_I7YQ⒩ld,2eԜ.b:_a&j43s{O*= B3g~Ĩ-߅8l|}$J{l}7@lILq̶pnTG://x?K Vu+Eb}UK iO\+Np6-`>s9Yƶ̼)~-?!r4j41>;[$T""e# &JI(?DNiK*uT61?X;Q{N-$bI++>ػm0-H%Qt*ѿNj&YdZ]>I uZnFRI@@#ĵP,= Twq(H\:sl7;  dw8^u"Ban f(Q{aSN?a 7ߴ'?ߩ;TjyODCI#1Y 5>jM:;P13icQKy{6q.u44c-V zo 7Fi7S.JLI/8cf^YIBY~O? tc눖l( Gٹ=y.W1>V99\ɱ(|Yu~a~ZjN?f 2Aȧ8AT`ߐɪ~Weo&c@nWѿܻRwVC fe,jeTK`F܂6+#@:~R}p| p똉fٲrI̪gC~$E풺+:!E ߄IP-ey˒6ƯxiRXEa?EIۖXYl*dB xU>I&V, _017> )ȧ6:3 ɿ}kX7$H0N̨06XPr)pΞ` 1۶t ㊗Wv8r+Bhv 8 @+ IkH.$)M5x[dȼ/=BЖ3n(-(+Fð=3̛fpkGur "?o{r:}RAU9>VC>:Z"#%AŴɧ oY9NC/_5`ɸ ʙ7մ*t) =wpðWЬ..|v] ɦ[@iv'W 6;FQ%<\8]ؼL|:bBeo͍#ҩ#Nb ~Tu>Trٗ rCb$ȴ:~4 !~gbA[%(a,| Y OPjF\elW"?y`/'VWBX47`T@t|( 5AwHD8$A;O&YQ ́*ǰBX9EfɜV?O8B#._I~(ുA05^ g~!nv /Q6e܊4~4>5Lhk/DJ EW²R\hԥ4"*ZS !~.D R &7SA6_)yϱ!91sfS3*-^Am2T ~ Mgp06[%2[^rFޝsEk')SM}jG_NADCy"fN܊[Y"-+B[yT=4Xx5͹VtёPHP Wj,XACYpȨ7ᦢ/l&"術~Cs=)hѣHt<}]'AEk9X&p&nq9Sr \ꨟ8k ݃BkTP~?SFs0РH% 3EKMW[e'ա  j$(eÄgxMӺGbf rqLVHWc?@Nxdہ.MȻfGd6[@9_U#| Fy< kv xiyb3BCz8j=dP mA|wE RW'}⇨xikTNjj6x&Lf6!u)&Qn0 +pV/ˀK'!C9cc]"O,QxDKuy9q Luc ",O;3S"ʯܫgMs=u0 *;c*SU {.gEv'sFjtl쥠W~|$])W)3,L,i]480;KO3=4d C#xWGxFa nu[Q¸\] <%X^bIE~IQ,3+rOYdA0I{R;=! ;@Pj؝nG,2[aeŖIpmCZRmH,_ |ѵƷK25`j;xQ nIP)q>PtN#uօ0Pa0(9){!z%0S.*Y5ޅӃ, ͼf,J+J;0R5(g#Th ׸ɻjQ85㶻g,7tF2`;p2,Kbla .5#@!\ްq܀5ˣ ݭ*45.2 s G3Ւ4vZ3) .7^]IS,h V6TR[_ܵ޿}Por T!2?5. SqgJBh1PI*vq>I83 NqW%5QI)r o41^I-"PSƶE4ө 85$- AEǖX$A+TYe N!hЋ@RD )yx}4ݻ+VW^`(!M.n}kK_HX;~*,Wi8H"yX >|d *!l*17Gi-"Kv3WvG 5\K4#t5v)ID=$'sJlq.Kr5mrtGYxnƿ(ܰLmC/3WAb!1k TS3bXJM9}pDyyZ|qR wQf8WWehkRLsɈ>0Ϣou;AwCWBm;vB'B#f2ƕyxw`V,;$@aF] ٰ+>c>$Բx7(R3UOeEsǚ' à$htJ/y.+C, N~;+$;~j/UOx)W;Ohs TdP%})2 {=C3AeNrfxҒ!ƿPml3 &jΚ}rbV40\+ްtGkH sK۪Ƚ'ʷXm dnlD61o+͢jf:f7塛5;oG8zM D9mF3S_6b6CS^FmI{i߾SZKWy U/|¿K~ѢqD9nicu;ZU9L*",E$j4(Jk4P7Rbptpġ|]'oLkN"gܹy>=E'D9\ZGR(*(vRU ,pyՎ]K+&cu5]="eI2C1{dЙ^c(ăpgD+ˎbWwlUרz[^on|sZֱL4r0ǂ,San$0Ob%&<`<_V#UtטCSl%:ɔ۸rε4V  \h \M^Yǭ7Zc\RNP800 5O-j-n1[h夗w/iNz€`+9K9w&.mr3.&FfQY'Gu@ f +@@hp3-(}s:k o13Ě5K3Fm~΅h0eeВ"xp{Sz#Ԫ=r 6 [MŃa * / Ss[W!`y7abr@g#h\Gy O]K2+V "_FiAc1 Džwhc)?Xz4J^/aG5c=2z >i 9#~E-Nja*-<a@S7.|63"!V돨$H8]$PįnFķ*Q߂tHUB=MQCmsi]_tPR2^ֺy|^7FF冞pH(v /2PE`%|fa*AVPA@ޣd&DCA 絖 %[p]+O>haIAs/?NʤZ'L%a۶⭴̈́mZ|FX/ 촴T؅}7I𽇵OgڋB<2$0Z _puԣJbmU5z:3an̵Rj׏Dy9FQ{[)ہrWxcE53Wr2YDe{wG4(ބjNNy(5^O˜P}IS؂Y9t]\Vy =g SŲi.Yڨ!]AXt5&}9Wg iGqr vڮ+Vv0ϲru/!\\-|V) c#d dwF>\ cho,h|%&E.dd,cX[1$lJ6_N$-Z@C^\j07{Tb7978)N.R?ð;j ›ZC۷OĶ)`-H ,k%/GJV~ʓ΀i[f^ΘqVhx_y17!*\pSɼXpPql ]`we%?m])lBWqdIN,Q@*fFm0zE4a쮞HE9-FQ(6Jv&~( if=Y-(bX#?73笈⭓ Oh/Lp9(_C6l7u6Cǟ1317OP2Q & ~ئLeU%S6V{U Auu$X7bp4§hoVm'd퍤Gsբ_-wZA Tn\lpn]_ZA}# bCX OhZ[-zhXvI8K+T>d}(W^"z׬Z57' \ dA7qX. Ҧfg"Vlb挬߲2(mdod2QE\Ojix҃HMR=-Jɬ8X b'9*gvA5b5#e'r l#y8]5֛d8?TR}j6Pd́; efͼ,2MV3}Yx Ԍ}rfp;MK&pL *Um$.e@E;4G>@gA3n'K5"5^*#!#D {sOMKxsSGy*`j_%;,n{&R}ԭj[O#5ݟ*tV=B8 ~A꟪ҋ-%uryzS`]wZG!_Poc aJsCYi0MX(&MjKiE\|x4/#N S`iF6"6|Tt9I՛i z'ii,dZ@'af?{NhId$~&EȰ;A0;f \fqU(9[;5_ٞ'ЭLciȽ9,&Jf3T&۪;&F2S ~_QmW6M_'G{Xgj;fpJ;u.IwhDؖy1v2cj2hB녇e<*exX[>? WT9eC% d,dk$% &`B(TlV(}^@|2Xcw}ĹU+S䡼UkibDRBxT>S{:(]cz.K|(bxD-(wa5S}cb/8j+_}ڐ'wBŁ\vnfj)Wj<8(]D|}BI•ŀ% |w0`n~;:D槌fA1Z݃^VW sġJ0 ˿-MUN9eKLior6}*CwVi `$6Z$ųe( #܄`,kN%q:2l;${wdM~ʱGLBʄ%>sA4ߍeDrنjq)Jnf*QU@og=gײJ 9$za5z炊=Î #!*H7bl?63.ܥ91^sipxXS<|x^WD'#zďK|R KdKQ%9/Ӽ_+p&C_] pc<1<(CqdW.mAym75,#E0Iˈw.tڍjoDkN(wO5؊ؽJWs|KP}eʹN5hҧ svH"!CQ׻~8,V ˬv(#AGc3Y6r `x52"R#q^NR3ve_M ̙[HK'@xhl*Ò>Q;z\N8 `ɍc),m@(h/BanG*l&?K1`5بJBO'xBVR3Tna#Ԍ$ΛnRhqo[[GX[rAF'K2D%-2t%{ Pv^]3JfcD7龗2RcT5``i7ZyOC!hu,8CJ+Az@P5mt2A\y=`3(5xp}C31ݨ>u9 F>6#]&{?%#򬆘Q[2TR#*o>D~t~0(2j 8]ҷ`l<,}L(ivBS:/ƒڬl0J BE=qţ{XZ!_}P]4u(mTk.D>$Zu,4'y]j+wlV?,i9HJDŰJ갥e-̗sДSytFQW}p<|77BOw9oZ55[8h1R/+S9RA GL-̴x>. I784۠ma*4c,lgZ#a{cxEF\5LE2@E_R =8Fyˌ4'd5ۚMS1QnK5(0)W.y*qz)XT̑b2} ag1J; 2)לi6k H3_T]}ufO ?d]>Q wRL>_yƚᎺ[Ar*k e8 8*+&ޝhW%!w YJ (S,]/js ğC М b~UA]*i;Bl|E٤yt>6#xQc&s#2R8o~o8r"my)" ԝ- h}1W"Nu 8?E$dSTraKvp|ĩ,LH!},󶜟b)~W,AptZA7盰'Y=lhJ]yazdwex{G`ȓC6fMR>B- ſ/=<ٷSIh,j= =\q'{.sDsȽb.Ф*-*)S\;DA&^{\iB\sφX%Ӎs<]$t6RC~${J1}K 1`;)$ǂݧ[r2m*^\4pob^NnaQq֭Ѡ뿴]HQksz4J=pBs gq#ˆsK=ǿ4A!1d [4>k塐O*:+a3cE7$^aQx\/ΆB=39T$]Ĭ"`0!p$>hFMC>CG)ɞ:q"6|:ȳd=h7 0UɷNYq(3An$ ,oI#,nbhk+a*` 3; HO?t=/q2Ż($i"MB:ZuzAmlC'7L(Q JOuۦcO =tA2}ܝ9촾`x&=/,||ym0cTd k@A啿H0[y>ZXw*y3W92ō-AXb<7DJ$DqDB!EZ p|I=U[_I份@(WwdfSb~aQp.wO_9ɉ3_ݶ1V~{#&z~5`#Xx>Y,?{ \t }x3# ufgΓQR7TŘS=nnA1a۾&LLCj+:W:jfndǓezO$i2pɿ ~{f}1C(g*Qϫ1࿒c$}‹txfgn7 F"H>Y<#FKv%z] of; WdkfKzovcE_:]|Wz]>\h5)Vxᵚ"oJd1BiZע1_cUM5,Fakb C ZnHkp=@ifZTƐ_^a* -c)cRp]i`+ d4Il3Ec?Z#@Kdxg,ŞC|FdRo%Ha8 9 k']f$85qzlZD3]Lbr[-L2Oa<ni~ Vb@`G@lǍOb)+vk'w`3}GoN]xf_-Gi:Ċȥ>f[՞]v~-d1< ,3IޔD!X٫,B\rnrrc)j@g % dQο Qf _uY勾_`(+/0R=֜~Pv :Nc|<1alqIϱLs-60ܹAKVlߢP3Mʍzˏڦ}oğsX )#5Z$Kj6Q,O $,}ul$KT6+XiC+QmN p4~的 Ȏ/p #8ɟΩ^$U)h`7} އ< ME!qj]S%6*5wE̾ց2P fsC20׍84UNAb%-B[gM}c]Y隦l`WĤ!2Ȧ%I <)[XsTHe@jA`,NS yw7;VIU5('ᐸ|w9cF_zYTQ˫[I\` Ӎ0.36{ów:Z2jbϜ[P yY-̠qJ;♍mbu3;* z|B܋^qآ֥}j?vv > sh|tM./GÉ@5uTjw0z%.#53m7 :|2׊%1vyfA"GקGJ\-L\Typ'Mձ}݇+DVA2(g$ +4KvvW҄J]I2Lpu)u9D-&iZj   >SK&WpLJp"8jZ %Wfb{ƁfV1{HE{L X= vlD@To-\bWWq ZwVH)G,`!\=7Yz^5dʋ)RN9lm=٭al$7'DdCHX 9EX8VNhr,x\ )NXAZ|aQ3J~4Leb¥Ie:)#߭OawY vY'W9-L MY&jk!YO>UGz6ϔlpI 1l['VxjK" eBz1^WP5G!INl37!D l~E%ՈU7yreZ9GZ^1|;-8+GK]aR>_G󇇎[T[?8+`(IOEfo9;{5Fb_3@\K$J[Qv|K4X#Kv5J8c:f 1 c^ }l@l|P}N85ƃD> 7_H._9e˾}ͳqKD*c#CmO- W>ZYm.NImČjlD6V{0)*cynh/mJ(akR;ʭJ=>BBF}HdmQRؔ&a0)_'pɵ.C˶نʪl l qE2eo5}MȋRV-f)AsN ˿ g/ / гƽq5wPR]bt1)X omd,.h>SeYڅ8Wb?Ibg7<< 1+̧xݖS^;y0 u;9/_"<^*:0 Qv;d_ՐNYTT0<OR@1H"Cp%k<q0(G8\[E+),u7H"Xh(ޭn8JXD!nzcC,P:5zb "3qEGHvF.^R,[1Pߨ p}+csJ :7FX˼p,Juulo+6"dJ{R^%j0kKvzU4+ 4sVVbLpܗ˷n%OH PB! îGu[JpS:d:T Čh+݊ ,i_*gL,:Y,^!%?y{z*yTn F5It!g-)KrpҠ%i(2Xάy~`U.+xpgæ0Hۅ-˂NH+w,HY!8Yɚ%s"Za O5w 2)Q"اxJ-usq.'XB ]IO;;R}`:Xd ?μ]B UTrd?!{zXj}/f[C{j hʨIH;:6Ԍ,ڲ f^2n25wp/͡C'!UIwRnj?"~jW󾕤%1w3A]1j?0~zgIŀAUF@Z!3Js \pƈ&x-q#2t W)^BJZ\ŋ ԕ1rV&+ ~q@`4[cyxaVg}fT^=Bc4qIW;Lg˙`kFP2-GBHӯuGHkf!&XܽBݵQbX%ߢR# m1Q{gk ;̆&ЇxlYwUh|W͈{膊}7dk>[љԷͭy }'5h_[8Wd~l:t ~(\ 6)86, gUD]j|=h=!%ʕ(hEu [bև !ngnq (}[َ=4!ӄӰ2SqU6N d_; \YdgdN@vǁ'~0}tfk0;W`B Ω^[@5q&^jeMF;$1';0aj|Xey(ofB_B^P.q>UP*u=~94:+ ~Df*[%h ?mJY 7Oޝ|[YCZ6t/QY"B#q-SVrlВ0kަ[0]܏'n@^\bPwEђ&LR%α?f3+K' zAfO`]l?P=yN f_mYKKr'zAd@zۗ2j;/7P&Ʌ6?D/P[ٺZMv2ň۞05az] ڳSLi}N@4R5xj7;p"mfKޮ%Q7SrN?O{`SkexY>br#=ӄ Vhu *3##P' GR'?)! wh  b0' \x F(N3^0[R UnOB/ur?=^6G:B\𷙝UH顐h%l)U^`qP2*3l;c94[ɞ 5LR~y!V9DPbR! W|@Rl eRjR^5fʶ8US]٘'V<_eDt\zRnTŏ97öBvn.0r{s}sz(lW'@jE8bw'6:|\b~,SM59xTv.@=q_:ׂ e!<6}ivGpf tOOiLKžDArrYQ#2.$:a􋑔smP@D 8֛~תָ$nކqp$#&Oӳ ^+6$b/MӛA`cIOoy>" 73<PW1`=m J Z1F7\j{^3˼GyP#nPapH&~zht=FP&*f'R{p῱OR&6S4P-\xkC2:Y<ϋF gvwė ~]W_(W?v/DhS's Ĺ.j=`(#ɿC wvQGłҖVnh+uw YoZ=nUia= dՅ+R,E"դd Q8tܨ|k[)AIrǖ]낙\=xڒ⑥ ePڥtlimljk҂{nVvGQo^n?x"ϯ;|O& vKlYDv(@ܯ %* D gpfŀqjGz|29.OhֿT-07UΓ}D4_PJnc zp諙}l濏Տ{fӽ`> WrM/q/Q9 %dR]slV5 > .Q!눂(#Vpߐ_c$ɂ*}SQ;trR{L ۖ.I'9tp@Jg85 YEfY:w: "%x, t{աw[V@Is/kN#/P\8s}Tͤp(@uKښE+0|yU- W2c/2f׳+YqE.ۥ;q 8߲))]eB-r@` (wGqF=(t߀(Og9Gi:0g7f%Vy_} ,G)F.i0[P9ݯ+Į㳎rmN̹CRs[Lvq}f޹ {ԏD?)m\7݁3pPa^XamaW$|/>z3zEpq*l^)\8!%95ZT'![,y%"WxnMdĊ.\0NpkL>!@SB5:JOXR8FXaދƑŔEjsv3m (9Y_|qsujI4Ps]?`Qi2\Źθح?7}o1cx.dURlcL k}^e)qԺ@E9 :10)mg&"꿙VldrĠ [0~hQq+뱰M7`^%dUg=QbM;J毬0~L,eB;M*FvɷdH0u r[oS*?j6GN*[2ACl?ɟ/е A%"M_HZIlك~R++L7z<_!HIN>[Xh=trMoʵ?7jp%$1"wp0*dznks{#i`\ͧ}VcTq7i?aCn(6 73BGKGzη #b!bҋN@GH[[sJ0R_z'po՜4ciq`4CSHO^{7zB4fT8L0Zr Jcs&N#Yq> Qt@h jGS+Hy8-,<ɭT@'Sf-(:d[]9"U]ԑ\Xr^W#)"E1KƧ4V"x;j}(&-mw|ļ*HmL4gA:]{; =Dv<:O_շ1-:VV%Zm窤#PKk8ji4f~ #ׄ*(pQ|ϯd5Za$[P0bI.Bs~v(Y?јTYJr0w#;JrQӲHC'w&3wM3AΔ7Vi[I~CJ.ޱkj2$DxHMeZ28J+2MxVjZ{wyF.({d[;btW~KgADč_Cg39ۣcaoWK!Vuj=Xd rg~:H/G꠷f;WP-qG-b>T8pw}P MB֢uIe7G)#ZK:"6mH@Y#=Z6;++<< k `GgDNH} _&bfvdz 3LI37؂Ըu锬QX!Ye!)yА`j2M%) 9"ZeVFA?p x2t#/XᐳP]$ReJ Trvsc Z\>u0^JhHm0hNM[اwWtÓKaS1^8+_Dw1+E9{_316Hʢڭ'悐@'j!y~i-:3g$w u8gIsnBTz+-p{.Hr*E=*EX[4wDlKGnÆg&:ߌd :D̓7O0xŚ152$ t_~S!0v[҈.VNUD_疌MgsT{n$k WȎ:ldv̶fSuyt,Dp*E ~זe_5\Fq`V+cAfS[z'y|ؚFXJn&T{h塡x&ZإJ[_*(;XTLgcJ%fUaNKS.La:ot—0$nak7<6H3 s jXr\0aư'&C;[]">?$ksLE_ rS+iD?( =IP`ǩ\e׭l):a%wܚPF=ϮЈ'Ye`ں͘p܅*m;>S>B B\P|]#3wEf{lSE֓,RjlhHLɭlT(7l gYY.> *3}DXX;G7JzOΏvP$0`75im'#Tn J)=8!:3f'x"3eƂgYap"hO·R"GϜ7PDyôM `#}ݻuKnyK.1#pSF A饲];(;oVG3 IJ] g;8w"sƖOOFvTt WG*en$#10qAIwֲ ߈M*H]Mr+F$Po4h __ 1l }ib nqAU)2 }q 5lpP x陋"W,^޿>!8N@3xq m//)_u:V26]QP(T{BiO#@j-쮸g+ M7OWNb. K!BצVDZHԫ] )6u,H+`9a(pZ+ { (ҰP(1hNmRZ|29N}I M8M^<[V%AU-iA'teVV@8ɎoLMZ7ْE>8:Hs1 ZxơDkg3C͹Ҽ!yS%#kHc-ڲ 4bpp53 !k`Zåd.i҅HT*3+%XGZ*}$2c;\bˬg;m7E`,_^JAA{DEpeQgv0J@r*M4R%U1-Q_KDM/m)" =+ѹoԟ<.ffT{E ;}8(8 [ǻGjmr}kF?4N6*)դj{jʇP%ISaFUTS#D "5p.A]īu1AǞFs{ܞZǃy'T/?RОZuu5^@E8v69϶R:`:kwTdCofд|T܅?-#DC<ƁBE}Xn&֛Xw' riB等XfR?^+ -h=#OZ~[(ւ4Ntԑ <ƓBlqr f`0 6e~Js=wY 5^O@Wptm.2=&#`sdX.OiCi&ygp,. 42)L~aIS;~}D>Iӈ" R .XUk~9DC+lhw ~X&ѭ&4Xh=<,򎍫g@ R"go9y6@U}ö^|czދ$ĉRO|1OI./u&BNee{!.PtwdSv Gz46Yl:g2]%D30I)[&.M<~HHs+ϷVN#}AyHLt{~)tvHs/""#GigB6WA[ G3ʥ9&:J X]EXYY #`lKj^J .5s+ה cqtk>sJR+ 9Wnq|52xz&8^v(%$10T;1q&uvC暢nCK =ʀnvq F27@H4}V,.[KE?cNFBfAFpEm>g!`/7vpa5Fg13:6dVZŗ[W'ٳ ȷ^Y7)$4=ؓP35,o}cgt*AC7*R?AnX N=@e = ĉ6?r}q F5Zs)S2qZ$7c0fÏ;ՂhV\j Nľ{ɜ ʪBU:O,K 9ZNQ,բZ*T=NJ~+=pKk 27kSVWLG~ M+TPIbˊA?m%rd9񣭄yH" x>ǟ4?@`0!}|n0R|g.ϬqK<` /Cw+ʧ~:cHz^셎/5l^? R-q0dy::Vz}Ҏ/;_s<9qK鯳ٮ$]1X S9D蔡H7՜$p km)M+d(p96@/?pIv %?j>(6$o/lA.\7n=HzꮨzeIMq(#J Ҽ^Ͱpxa$zp,'2DxjթC-Đ dAU@v̂bNK̛6nrZce)9 I󤻽z]D_Ykot̍{?n$~hnB 1!mwD0C)F򓑨7߹%1oY_f<| 썷G؅z3FTzl2!탓I*윱"K^#=Q"°}A=K%\am"PFx^3yH>^hn$kgr\XW񊋑PߵuM={H~u`!^RRl'N|&jY &; y QwDH/>T#(~J_yiSYS 蜌fueݐ$_q ,=!K,&,rdG9W^[Ou1`ruWze`L4'oMjD< \>{"<t[3[DaO#U? ov*.5d%r 3s9&Bvg%g0JOT~U7xx̌L_ZO!ALfP(, e[AS@ГS7 pd }R`(H#'kP]t}6Ȑ` 1Pws ^C:c@I0Ɗpb!| O|BBftK3\K(ن%ρ_K}gn`*֧pwaRqW^LEMI `U%V1wBPH^sGiVo5}:~3IVLl\0ߵtGط8ӶN[Z K3w^uT|H}bhh5h2١6u֠_f?! Qfsʬm`v*ҵ_/"3$5oְ_@W!uZ7УӨrt}w3`6e6#;¯"#V3=h+T-֫8q/F4 OTC.ԾV%:Iۻ#$; Y]T@"}ݤk |$I7{ՁBH1c C.%JUlw nub9jY{yh8ˆN œFC.]hcl>T_oF؜1o|xDb7DZ*xj1Üw U\AߚtvFc#4q_?ag;ac M3#$'׉[fz$Uq ㎽LF&n4Z)"5}bTv ufRqTI"8)ciZA9{˭XS]ט$ \u ԺZnbW)/D IhK$e 3OXʼn ޙK;OrBb/gfߣ^ZM{,lۧr-ѽVe"!x,6;EB˂Ӗ*5nEKT"b! {m3Q] F>BHcDkx"4ڀT)(*zn %wb!$dcc%uan^) I[ zM :Z w-?5E%,jE 1gU}RT<@\SVC"pнݬgQ/ɧ<^NPna召Xk>LƅģuȮHH~?MEȝ?fM ѯ}ݎx[;+fe)j"%1thY7+Y/P[_P,MLq3 ߖ+ҍH{SEpgT'hw ss[T!2]2zw>@pMt6@I Pd9s`% 1xe`ւ~a@0>6ƌ4!ɍG69<=~6²0a&b=^;U(@,!S4uMN-ȧx97:IU _ZC(Zs]o:Ѽcowf ђu @tBW3ʽY.&D~s.BQ%UwG=c Ћe޴|xcm#CAV|ڐ5HD ͑䙂xyueIuWf<-޲ڳJW ?d d"ȑ @Z@ۇ65o,~q<3"MAՉ'#7dxGihJv'h-4\88Yg.aj ݨXQ69Z+@/(~ )\1z!CvV 35z O› ȳl"qw$0tʓ(5p_o#hO* =?y}".bΉy ZzVy8Q7HMWs⩕ʣ>=*2k4kL4Rܹ"E 7vT0q:vT%?=WNjpuI[.7e13E\DJxs'3~<yTLg?JVz,4 = Y(P]CQO7?Rcjh3pSeyn3s$H8t Jq$b7:0 _XhVK=P&v#֯FK'' kOb 5sFΰۈe676xwZtNMػx,[,pFd6Xgz)6(8#L )H.ԇ z:TQj510j͛ZՌ fd:0.)7q_cvt/<@Y75LT며mO$0cK)[PGdk=,Woи T^G A@L3INz):배Sn^d= &,a9~ݍ$sA ѭ*8(;|lۥWQaBw"gQ/ZѰIu5[k =Uy1yE5@:t>;++<<&7oN3kunDϠ9H{S2T,43 bvd&0$~|jQé٣lUb#L_`"d*fC$do""pupl3],dž\+)e=ravW Wja}3{tJ?uzQ1݄_.5y+&]sa'kߋ̋)w{#'hk\aScdi"4Wлg@\(Ś1Ɛ?HTVI3'&S?/fKER BB֨kH|쐻"lkX 9n?Ӵ_(I_`SpJ k'؅߰|4`MWcelm"˱sRYW$999ib8۽5p jC0Qjt9][biGd)i.g899.Nl\`pbp*Z5@搐~"07cRnvuYVQ ѝr" DKF4Y(| .#u6 MBg%+;=@o@<|zKMkl|ݥmş3B; CE (/$S[-Hڛy &:Q՗;ؾK`9\nU’ '; /Ys 0-ilnsr{ƥyl!j(HdrfWM)%sL,i8tme.KSovhlՒ]_PI؅J?4TLy।1j;dsQ27*gkZ#}h!oAbRd/EeVpy> 3xۢ.=i+i^tPꕃ6~/[ '[~>^sST q3 #4\`s|PޖO͓[Pp/!{nR4Tl24!B[ާζ5ö/?E%KRXM+3e 1j֭/) lrc|0|ncZ#u%aڧQ>]Hݮ΍VyF ebّ xF'S#~8(2 |22EsE!ANpGH'K 6Iyyk~gML8Gm/փ vFLjg%Ow76Mup"āz,ẅ́ˑL*d*y6@{qnXiHG{PnYq~׷6k"ePyMrbyKʼn|<s^twwDq蠹9ݝ26֙tO_%\1Hm>d lJsXŎ@#pZz[a {(KAQvpL}/eHaf0ݑ$#fob <'JLE%\f{49-ƕ@pW:y1oɣ|a&÷҃A|Siͨ TG-M?W7..!HX9x99uY)בowmV+vC}!)eMj}Ֆo8r5n"0_H=U᧭u?Dsy'j/Zm5"!DIDTiY3\:w}%"I{M#8^Ӥ<8閭̹6~/4NjV5VG! k]j6|,WR'$?qi2UI%`1R52ƕ6w^sj{}@?=s|OA (`I`;c=Z3I0E@??&*XNK!Lrows~qHs|;gMQu%_:ʁ>rKO-zZGF릷Ty#ԣj VVڛS!0msW7PJ]Bc%#[50K-߯]l!0٦tNk/1{xnT}!fAz2jB08m2xЋ-m~2BDMGkEz*O_CF9AH|6 #"e˝*Y~KO.!D$T_".9EWQ 8 ']4 @΋J \?t-)iA]ա&b/DOX ^Z\„˟I2#[Jӂ{A^cbQ{as=ܺ;Pv{FMm}~H㙏%ޱHe$2 x?+q;ovTOVod\hj3`C6.YR"/xXI8ǥ `, QJO|)]_8}^=}8^(WZ^< ~F<.Xba3֜i^4-jPʒ5}o׎7w7Zw:q2LS4tOeW8۪\ pZ7?7QMAcWz}4`Jyc.U?EX< t H1:.kehD+8xi\CRS%;/㮉4=.Z'Dp}k$dZ&Vas 95r u#EjS7 ":6P.Eu.(wGD6hRm\9J0i(}$ BY!/wȔSs|$bv K*MGD~) iTyr,$WΙTH {ݿ=E7q4B=qƋ gH-9ԐsDW#F0:%%)"^oG'k ;IY BW(L(7 2 KoϰS`d|VbbA$M.߈HYˇY0/f%㰋*|-,uߡ^'̱4ы%Sx*&>I91mON֔{oZЎ[oDO&r{r`uCSs3&}qTB>$;]0zۜ~}g7}o {2CJH#NI8Fp/ʢbhi׬)&\ڛƇQ< 8 Sw7ܘb`2[@xStzߔqE?>9L21`uG&'3RED3 [41Q3K)ڔxe 9t8j\y]f`oL|W4p5)k?vt8JVHr3z1Ki5y/O sehbˮú1Dz `)ɗ,-q%뤅YIl{ ak?ş;& <홆y$TDJyr*VJ6GGw}9q3stmDNr8:%XH!hW Uar؀v-zx>͜>_g;2-rA;u>##~V?*JXɤu9}Ob*26Y`JZmPηK6:,vWW+ I"W/;uV`tx^ #|7F!c_%F]х6sHsj7Ѝ^c<5~ {j2-g|Z r> qfU@y 9V@즿S5"^rro7/42VsAaâP_DS0 >z@ә0 @ uXN"d\IWF%Wyf('=⊺D pTvM78Ͱ++R0I^3pxo_#Yt@n^14o8{ު?Jp|$ֿ^o;NIbgj}E}G~/J.vY"/m 9R@Xy+D}R/DH41SJ`ZIŽo-lVUJAPp RSE |2Hcn_A\GŒR> lG}+fy.R;3Z1rן2[y=]BIC`y$PQ:M7=|+zf>:*: @<@\? uƭ7kop3#4~vg@[=*PQgQʚpm+aվzM ^*t|>趢Ij'+AW 7p Ͽo0rx(MiJ}>7׶؟*y.~"X!(gVU1x%~I)ИrLJ8s]>NoP~;I4]ϧbh(P $nZ:㗡+=|6~K]jED-@T̉%}? 7tG SY9>f;m8p-f'nfO'Q5tK+堙]*c?ozZOT5k5Y 1BUa* P)dm j.ڧEc_mRh{<2-NUbo d93 o|?@n{T~ 1X;J2BH&o`VgSSż4 4}hCۉdssX^ױMG[ O|=b?#&`ycy0O^ˍ}uG'o[eS-Z$΀3%A bl_}YFq腈"슙]lJx1Mr2yJ¹P?B`|'*.bARRYa{c5EM9^ pU8'=%៩e+!Q<2zJMII  F.?USa_ ~R (JCjOz}(Kjb< ս=wb\uJmVEUQ-< ;äuV2)0 bHJw2cyܖԕ5_$JVsx,3&.wEmOwd7>2GQW>ɉ=ˏBZ? 6ҩ&Y._Q.>UTꯓrmsk(=4\ˇ q pZʦ#K[foc~YNŪY=c6XJ>T{\3kKxa Ng]/ɹ1fMKI&s$fu+Z(ȏ<[WA=fq\g/E/\`{uu-| v.-XLHuF "NoC 2%BQV(/@!8P4Pĵ8Fix: im[$}ai'mIE O#Mm#2y 3먘Ax͟ʼ,JX9ߔGM8 tT ,[m 2q@H0!.cP c~B GBޞ\@xrE7۽%9O" JX8e~UZ|i{a |#k=6앾|tC]>-/HQԻh? :%i6*)Z ש*ܬ!0FTu lc ۓ>M+|8-p떬 8-Mp~,=NKl3i Ң-kF0NF!c]/KT|UnerTgStIv邥2@X-C}&gKn')>}Е' F UXNBI#oËLްJNCw:βD |Q&uhLjzrIM)lE ob@-ʎEuYm2o$x2iqd8_S捇ᐤ@H%7-u/ P[B997V՟}2HϑTm_cAWK*8'#, b]bj6WU)kol18>N f{ 9(ý {|dC=J~y wU-' bI-U < 33C[֔jn<~Z[(\[׹CM:.iъO)lŚ!>'S}#Vonď0Wl IgFOٸ]ߛhF[qkڸ,/JvUwWy -Vw:$@/YTQ;~M,DZ$˽L1Iy2566YF1|Q LE R<Ԕ|s39^{tXI I`+)#7!9B8~v]v \ll GA>LHQ2đז; T.F' VeMV48'C V"y4҈  {lՉ\E 1J!oq?v [WMJ:^5>畽{]d430ZI:-')࣡%2C[8z- +YS)U`oN,JXh.j3aiE8G@8GÄq_=tPbd K .yJE}6=5#|AyfUb:QRvx}FURM>Yj.cSbqHQY:NnyLjhIQ# F vReG[̉|&oS:Inlo[{OBOw)M2 dx:#P=򤢜3{9k0^M9s@?FfJ6)Zi&:K-qr ǟŘmcxeagYVVLEQxm?m9]jitDJly̔q~8HlPP fŮ*{KvρKI(Ha04 @gz%sb [z1>;P${B&սFuk43)ЉbBr'YࠑfV7(pgj e U4A1kTD rBkCZ-\+s~8w<hڬg>D j2|vE'^i|yR3bư{W=.ӥQ̘hpYSHlSO`[3K"nDl͇e\BQ.(zn@h}EEjc_i_oy(wg Ic8tT&;i)tN|N <ʋ2~P쎿 l3͸;}ZeBUÒa C}*zTSnfpŴjc̋&9779O!!˥x9`R (RwA%rT0l#7,:ﮜ v437yI[~HDkU%*%`ג? 6虙됪n=?Ȕ'&xBy5c9B_Yʹ ̛ׅXLA~ZVT5@bG4 ~14fw%[}E4i#69[",4jf@Pc4QE~:^#x[7SS7ctLE#336XHҏqU >C' \s~л~XpNW2n%HBCK aqNT`!b ƭ5&qV<~IƬ X]I<&MTpj4-GQh<(SȜ<skew`Yf1LW94a7_5."+P[w1t-ߤuDb!N zl1֥ ͌]t w>mZS_ugR2k c= = Knx dlaipߣ#w,c!8}_REFP*9m^}6b9vRSޞP䈹X[0vLS_[j̷a0 ()tRKZr (JMd!"2s{]'Ɗ@d9X.Xx,f^yvq0nO\4Qߢ.pTs~:JLkyrG~$ }+Dwz=C-)qL9~kIJ&cBˆ;ESӚ(x6\;q])NWs_4Ia8x(Οu,iDt k"RsL' cnXrd@PzT܋TybV-)V%r&OẸ_e]z*[x;F tb fy\` W@3Pj& "ݏ= A}\GoGSfu'q6/R\@ %(YԜG%$`=,Rg07уe \EΠڅb^cd:>Ll-6ط܏zzXz:M%9%7ufIdm~9!'(=]T63`wIF7 iHg|"ѠدTA Ytɩ4#W=u@84ӺvTq~U1F&' Q1LN TuO)\`/:;k,Axw#5hvTFk!r$teAyy$R4*Awt $'20j@!@ufBh8wthB j6y'vJ'/wDA/^D^xn*b@^eI}fUMZ(Q.ÕpBP?i-ws e@t4N#jqJ|MRy51i um=Dj[xQyRܫWc(6 W~-L[Jx4:9րtM;܌Q"joI/%hT=c)z0prς2/\[9m4ohV!yhQdNi-^Y6u;SYE&Yo |uyB/N2y;ɐt"Dp)n&&c;|MIi?:W.%3Ơͮ1$l6E2{vrM. Tơ $:idܓ7Qǰx6̷I_,ݽa&~gDLUi8FX0* ako-[;:|k, N R j({MqpH@ l f/#u]O6=H߲ʘoGGč9%/p͆A1liEzEd°^3~Y+3Gy] c2~0/ /t{A9d"/-9 &&LhsIc똪,$Ο6P/qmM~M=g`6j~$p/Es>@E(!>Z^m#l]* 2tAȳ_ c(!?pk>,*}Ee/Wׄ!/-bt7Ktc! 9maXxW;~RkGIiebKYY0`끩"$W7~#VMTӶ[R!QV9nԩ&~(&Kޭ07WN7OJ+nRjgz S`DgT:>担ʹA`g؈w(BpX{ը ū \bBru3)y$.U|+J- QE;Fƍπ}tyef]:tl" O¨Km* e)p7NFU-LbG=Hܫ1vk ؙu>B޹/#Q3t_$:wBtP o@xUdnѸe5&ͱ#-EX ) WGd?AcJD ѥ ʮ?܋ӭ Ak "&yH!DQycдkLEt],|•htē RffM115Ef7=\X7ABfV^_ \-ysE~e'9T!Rӄk^A`"CV=ZVn|"2 Azƌ{a9?BFפXW,c7n(f, ':OmdSYxb]Ó*V:v_E 4)7}}zh'.Cܞv@nYI8oof#"@ ZHHjDuդ:1A'`chztfXYMצ\=җz59Ӽމ~kV| Ofa4Agԁ ŃK]~C cckZR _w7Ɇy Ap)Rj4fGMx|p64d+ݒ_ڏ# (`?>FX3?"z?_@gn~Pl0^-شs൱jc0\|pW Y%]+xy`J*I$J;wkH&4h'O#4dkpǝ W+R\+Ak5RO WY^X0^ +9dLxO㏴AArZɜXjI/.\}K( ηzB@y;B63?1DA1V(tH#.=0I4DV$zTP~idC23]Ȁ}=1#[̗<]UrZt6I@O, WƐIfc: 0UURL$wz3@]5p`>0U$@M OM/>Ԯc?U6[]̉rl~9{M߾׏\ 6.: 6Y*߂0Ɠ1:\>N'S8q4O92ЦKE =\̘ >JR+',MIZ+MU")Q$OwcVE%48U|S]6 "xU˂Lܛ}p1iX\ m-mZټ'USPڤ7>D`)dO?i2x'boY3$%K[9;4}ǡMT&}^1 0C*ɌM8}EJ)Jyu?$`K9/3. z<#㑖*u|Mޚ5ῼ*̯@;B}'+\GV*Z]inR ]=剏P*H?GM/41yruBq*n~ie/-˝L쑼fC&c84q\ X2ng8b"WAβ&>FqH^vU,oK8F"*M^Z>B;Im;x(d~E$s)"2^jTU_^Լ~D?"Z v'2ݛD%^eNe ̰qDO-"*C֋ZTܺE +=kṿ83@fdPxgŽmP c2nREB0Nd韆ڲŻ`$7С(T8-zpfQw\m- I4 "p`TFD94%mDȆ Bb8)ҨNVm^Xd3(ҹa|}>rux_Y.h{m4L57NX񢛁4٦5$o6#Idǡ_Qd0uơ tZǨ>̘ q \SPx*F2=V x\㸣BAvdFsS1Bw]i m$*rh2&m??昩lk\B}r?•w lS>(K. bJsJKބ޿ 0 m83NmQb ]ciPxČm ; ~eue<]9`6}DZBS :jL2In'Y/" J~j;(#fB>9&UuN҃Æ;f^bHzMz "qA\sA+;t%zG>VIU+!|OU bkOYuAQJ T)g z ;Q=Ы_pI <H7kגF"#A5\Δ\uN~wwkowN*"ntmK{>aYѾk&ȳ1'Vaq[d_BnKl0v1ɓx^;k0fN OZXC[:~P*NmX2-ÇǤl݌ 9UG~{ O\0 |ѡ/Ӫ-V`p¯C͏a0+)ޘszu9H>g )' X`ІB Vv `<%чD9.Np[lj]V@8g4+WRDr"yQ9 ru;^Zwן3۾ƯΫ1SS NrPuWep $|bv벖^|+Disy yݤ[P`PE _r/!k .^xJGm }%\juѼ@Eq5&O S_4$6J5xg77QUZӽϷGof+b]:fLMwe:\ _oƈ//wrƈv+۹4JaQ(gEuc& NAM^yj.b1ףjM F1:D+W)RoaiчZn-_1ti2 KdOFA eޘƧ5q ̿F6c/?2"mFTOf4"$R;^dw@K] w<9MJ_(ogh }aV?/7@ KِUH!^pv5n3aA|Vbkf|0BCzwЌ ¿c5>tfљ nm?dG,ck7=.HX.{q51iD=P CX {$N(y=yy2 9K_q5~< Ø`6P>1 fgfStV*࡚:7@wW`WtxcW°aTǔ$~$9 Ѽ_k g}!ߤ]\ ؁0T*V;\"(ԝodxsnr9KNljyP8꽒dn*AwD(sqAZDeu.8}|F6$e:1%yc^8Y7vY@ژ9h\]L`e槣b=U6;jJZ+Wz; ݀l, Aw+Lo× ;KUrbs6n{+-'~<x~^ Bکʞ `K|v&945;+( 2Z෤.rx@M8fO^2FJOkdwc[S{.zw8yӓAo ;O%Wbihe9X`u`Kh(0~av} y񧑃,:կ$pgYSƉIlOβ *rFhL60&.|>Տ{/ iU?ZR9ɇ|bY*uʫÑ05 dw(:旬zTo  *a?zfD6_shG$Y :M2@%Λ[/c5>_*.r|&DFLh1m꒶2B(hi,_4 R4l;QmazTg|2703@jn:DF_[.Wy Äݬ]kg[C Pvo?5ZDQ&1wg v)6ICBAUn?Pz/YD=H`` -;BNL!iJJP!/B9%~}yr#7YmbޒG.iǼa0n"Ǐ[J\׺m Q^ />rCpL, s*Q뢁/ !/|V F|+*wwWܸ9Hs=r±^\YCy^rO ,lpj}ەגYc z-rV34σ )Yjk=k.^#g%qS{eS:kғ/huGBzA&l i8=LRX'jvlb<3#yry4xnxob^ƿ;WHͷZžeEWӱehZL-0#S[e(䙲 rЮQGT\B"Y+ux2ܢOG8tF+Ծ'2y0 }(']\$wzB5u꼴#Vٿhܧ L\;hOC);oJVI#æ9s 5Lzw;7C? t Ewg],WBP :{Z%&r}$dIY}b|kMvOD@t(匏8>_Mh]L\!%Μפ3#Kql$/AœfJO~>f,.N9L {kejJ }^3+6R|q*9-X?ɷ *Wwx:i4d JWߤB'K~ub5 bi0| f!)Y(QAu4a)iהs^?Lk\~4o79)hR%'o"ķ^GD9|yҍ9rKZ$#S; 4wոn뚰Jq0=T!r]&q*PϻNԆfΥdVNgfT嵆aq[{ hdzP-=+VD~%jEAb9 Z :MNxg21t#?(4F$Se}s[Rޒ1/ s{Q,(1^Ciz畍l/rvm4^|\E5-K0ǖҺXHKLvrm>vVdEJX7VD'->ȳp$(u&me"{ %_qśV Q6p)xlT=`92-Bٓ} ҦMNqB4gW9ZXQ jl)З4=죙+)JX lYLJneٯ (ܪQE_ٯ;fjhG^>>e&A`slV/|gh=Mq\!|J9p*g&=O2ZٖY gRiH*觏Y!6$[/^ gk=SU4/D qePNƫYuT9k TA![Epa&9e$yqZ/Jc(5m+itEka^u8,4:ML݁qӇ;2kΐ[i@j*ߐƢ[ MCQ~-Z$J\P @Ly_LpގNJ g}.FYFu)9|&@#Kp,_*FRm4d[lntiyBl 7{sYp9@"E'fн526{EY6hBfc-OU@- ŏ|ͰFB-`9'C#hH"{qx)(ymEXK $݈3q؅Zz_"LkG ܫ«]]gL9 g4h7- RެkJЃߤc[ge|h w/hWD {#+O 9c1nAXQ,T /QBf3 w)uvoEENqF_ WeW6nHͣ5qPH .Ufwj%stƻDt{˪"qA{|\ukM o,MKSv}Y&R5+]9+hl@)r.݅6|9'+ YF+*cD,|韝w[jaskff0:hZFDiK0"AJB n学IRu0rԼZ*`|/2\JQ'ހ>yfV' |y3 cRWdذY6 QKI"H&FCɆ%4bG{w:dw׆n訕.< i'ܐ7>2p쑔>T'uyvT8:2 nE}zI=]6i?|lod4TG|ݵݿmY[%bQ\2%N ջ G@,4h+: 8$AFr+9H>v[Lqx̛Ɛw4}vX*ZJos]"G =y{aL$e0Ƕlq\ov |r \MfGJʖ@!/Gߓ+ehϑ|6`/r\r[BOrgB/ dIoٞ7! 5k^YiHdoOaj1{SoEiihs|C/5^6m|0 gZpz*AhHԇ|(Бff=׮o@2:j)FC7΀wI~Pns#yp &tZgqJxB,FI$gHfvRӚ tLrڕ[jYڊ~v`L 9*|3_jdɶ2&ش|cL7έ{LJ|W~ED)0PWRfУ~sɨHy_IwY[y罆^7aO.sv)\(fN/N"LvQ;=S=rXWCyM^()/{6P2!_SZDhٕ5@yH=˛}ngp'XFq{M,;b$u4Yi·GG0_;'FEܭ۠]'{n Gݩ[C_y|$8"At|SǗ'{.8u,@6j&`.cCڜjȼHNuП{]zv~@Ks+D vimH^ũ'{ iR 6t3FA"mXW IF{冞?G1o7K|s-vW(iXaV1x#߭Y5'%Vo-,j^=#й[n&5g`i}oc"ѧ\gJz+$e|ɨRq ЎS0@A\9iͰ[DO@7g 1>Ç浭^__8 JΗ})Gi5eeӝxpLk#D.2v|4e_ W!;g(4YFcU7qYfAvvr)SB2~PA5QE2 x+]a|6<<\Ky%sd'v&`۫"cHT^7 IS^Ʋ?'ί=].RP̝aq5^-$hӚ}[&i߸yLݎ j[7G([4]8ۿvXdjTF@mИsyJ8<uTUf;1(*f8CR)Rw|026YQyx:IdX0c+WsZ|B1A H=y=23`ÍF837 ''kR2dF%Jc9`5 h0a?E*:bpō2%Pl@^bLZ̫ GK90$Rvv*%sI:`L=R|Pc}vԂY8%#l/2.lŇĭ{\h'㒃!mG}CkZHD*Di8λLG@7[EŒ|=IKs󕈄^^ҋ11{@ ܣ&:?xƢj;jS`}),$j^:o SJ$RˇZmFngr_Ŧ)=$HI)KXyy[h/ܥR]I%Qp~`bct~2`dLQA5Å( yGNWzI `;Sl {5cFVr,̘#Fb&4tR ص~V9G+QT~Klf䧼.2d鶔J(hݰU1GgOkʬ^ sc`x@kDm/| oO@_eS`ҹ@l KT cgͥaKsn!k< }aEJL |AimHU=B7b^(1J\Yliirw:pװUkigwwљAGŻ³Ye_ hnS̨Zc չHSlIWȠE_~J9[A#:CCS͜~v,ᘡ͒c:ӡ}5 0݃ ɨnkd?/ tk0D;ӈSZVTe.螃'w LO&jZ }OnD`>HCˇ|R{hRS J~1jlB7Lp>Kv}7BQh;[=RZ>8\[tiSiTI%|  \}$ecgTZťX158ƾ$?$65.ڇn\PR%OL1|kJ7bت&Gk"sS?[iPf' dGׇJ.G<]5PpGtԞt&h)̾JҌy]{ bȁy& BtD\-3KL#nA\ީˀl8"-=s XMgİL+]cht_u,9N'{ց2\XUIgESXP |^b\l*8A_Cf4'M҇tplpw| {i'65"DG * 2i\^U2x2ݮKoFSl<%bF͟- )K*J/9ߪ:cA~v\,/Bw,MwmQ4JkHi? B .dp:9vخqLd߰|MnR}OA_mGX2,O׫_S{,#֗'2pՔ C\_m~85A&1pA)!~c,N0}.eH+h%a@<"Ѩ!HE˾"i$>FIᦁYwѨ?`?%v4 Y|+iAe}׆A \8I"FbG`kpb+Ot`qlw{7JV+T:n¡Km{_M>WImy[Ip\+AgXRE 9Y|7Be#I]LWлP&SIݰ!Pjfk·Ùӫ )n ̃z]Mw\"ҚBrl *7#ժe h<=]S2\qKݖLS l"CA1)&(\8P w$9 T" Cjmͬa~7t |iԍ;"!{i}`C*bs"ڒ<ټ}}NT¦S($uQ"68CQ SyyZQf6@M]o,#N6TڳNߛ/~W"Q85)ܫHm ?$ A98T(dkSfsaWEB=uY[eڧ 9S)0Ąw4nZΆ-y9H~T)Ls3U73tqW@}\M2TvPgP45pHc\MCw`Fxͳ\WBVΥV8T1V^{h&QՒNn4dX)"ސ{w7f:TA@o:tkƚNi0e'r Ӧ|͘ȃsZ\o 4t{2B|,%*4lkl*h2 ¼ t*CDH}Vʴ)Ȃ5>Z9o_;?MU?& Z{86HU fyUgU>)sEn+eC2Vil ʁPCKĞOͣ:k\@sܴ-܃#&QO@$]>ʿ#ȯ#gH$p ΍a#d#,;~4ŪAe`܆'b[?__D>EFmޗl9{HL;/:`wC\w}$2Sw9O9jS{5[Du@U* Q|^>G +'ޱ ,ZdZ *njAwdMy,la7>qY823R%#Vu>ICV 7*KC' VܧrWoӫ@x 䗂V`yˌ"u|CnD](J#"W)3oaND"mx|kSi}XMT o~2~UVZHA"QL!{WeB\ۡ^ Arṕ9?#KHѬ^[P+nX@>ZjvqwtHv(b(" , 1W! ɦ(|Gq c 5!H ha=h[$9SLֵX5py4 -5( OTn),ok(1`uiAD\ qqsx>Ln&hD_2[8= ̟1vN\.#'(|_9tO[K ZwC8iWrn@Ͳòڭ1}NC,E b|V$qyT5W%AMK,G7k%s'Xoˬ*›dg[,YbGӨb.fpA_V*PCaV]bVR\Tr؛8-v`-zX.+{\ {IHJ!Q5>k9 RNS۳|Ww6!oU1nY44; *#فdDVTayt X?Cf h/uLXXu28 G +&H@ ,F1ٯtdA~I6)\1J}m9պǸXVe+ux;P&@Š=V~-o쫩\AȇpP!W.'@-cgB;dTnxꆞBPqd)ͥ uRz/UXN|8k^ }?Jk}^Ex#8YsK\)lg1֬hrʲ̾^N;0Ax*iy iNЌQ-G3F%!cMv*(D~ə$rzS%F 3כ4ɗˈO6A{YҺ7q{m{QUcu,G_iW^."n.m%tf({8R>+_ \Q`fh^~$D_bˑ1ꐘeBy dT|C6ݨ\3.NoǸ?)CHx;V|cPD\]އ16 ͨm]Ҹb[ xL$8P_}պ3yqxrh soOQ_Һ>~~1咿o /ͩw0O2gk& -d;)DJ$-AA4J+@Ȏf"q=ٱMq]I&ҹ6C_?FS$_$l# 2}/lʌ!ՐRi1o(/Nڅ'b--wM3Ѽ]Rb44}[x&0Gt=vN?/~UT1:0μpv䲔|m4"!Q]pП$fxgs ̼ο@Ƽ%l`l@(_-bt~Kf0䥄y$/nQWJ8^`")ln=cExHUO@2@=~>ZX?b;,[֏_ۭʢ C;h4Ԅe|"HQ0ο£7:}Cq P1%A$ZaUcCLaLtBﴅl4yY,<0EʜLsxS&Q>yjgYSKh\,tc' q>ҟU*t =i,"c;."x(vH ɠj`x>>+B(nЍeq4~lEM3ERx۱(]fLB4cӺ tu Bo9c$gc$YA.PO.wOwt0nzO%b򂞠2\ISh4g{k ςvVT޷|3k&5V }\9q[S\Bߙ|5(_""`O9DzkE ,5B Imn[&FxfhPHBt0=u~l $P,7CͭE2 c(By}#$hZMF_ggt)H_)Cb>(m_gk cɩe*%K>&'<&'[~1f C4 _5Ǚd| Ek|0i.8NOuԷQ\ =,\A(cQ!XYeo'eBJ-qڠ`JkV{!5gDV t17NVWUjFVB 9}˃&lr*dT^vfжQći$@E I^Bż.ٖX@`Ŵ[O,6C7H e5 a;ߩ})E!;<.2xqDMu8k"1uM~nن&G" B=R .]u°E="܏+ (R-J(#CbO8i@Ai: ZfnRΎu kA_<?t%~n8-2 h.t jJ+sLi, #O,n7Rj]֐r-vx/@ .%rt).Tpr@ywź9bwk{}cW # CPPLFY+bSP^(I>:@#)Ç/TmliJ^Cq{F^vu-5IkCi=XuU9( j%r!Ǔ92\" 0&={~}Ɍm[0TTS+L@AK|iİlA9d?u]Юx_'n yıO,I`dҌ0 +cTF23ndć}7 }ѡɵ);>_崵09  4FSTvS;Q2%` \6&1Յ_slR㘻=/S|pkьHMXgx&9+jI8n6oA>iu)W{NmΝ"J~٦HҺ dQuǛGԛ04)vFxvm}ڒQG#n=\֮zMޢTWSyp8" nj1bbBd]FũUH@] t0uc%+:#I{r"$! Jźcw 뻍<ITj&dE&rYyC^'Rlqd9ɖ$CVd UGM)ciA¤'dc"V|Tfs#(e(^HF"ͽ !YOG,G**މ{i:+ /#"h=^@uRj2|?eq sT(# 6+=O·{EcrDinҵ1U'dDۘv/U[[74չ>yM u0KΠ!:VYp&/1e?_5Y ~\|f<,Z)d=p  )r JFTք=A?nL߮$S΁+ 㴨`tMpm0 6G ''rq*8 zUHbn8{`P^wZy3z;Lh2FkkE9jq(M~89K\mӖ7b8KUޥV]î"P]19{ΧtV+CfWp4h-:9 Cq)M>MļVeI%nf)E"w. =R(:xB^UAH[,EAV%r 4pK tHw<RHׂ^kzi(^X@JWDġn7mS0)`Zo(0[ޘ,^NH¶5<'y);64=5'ia;t9Ő!#H?7>1ܨF3 ي5$\mAՊȔ)n")"8jUۨIL;6-Yiqclb%]N^%N-NLc.m) HGnʁG t'Y#aF5<.l^3ἱ!Ζ;~ :;]~ʎP\/7=a쳎ib.+]Y|HQЋ`:z)QX[B:o+$=SƼPܑr zP6͸/6V]M;44m+^YX/7hg"fZ:O"$#~SuD.fx_P[ O'" F=#D:L h?4/";HUTu9JΡ׺ KkQ]# 5{@ɏ$Y7%(?3 4g#זCFt{ aM9Y,Bв5-U}N$Fؑn`L'P֌:EkZ r;8@%dG>7Bv$#Z. eoSay A+{ҪTw1WeH:_|1VgU!8TeӞ[ xsI5u]-2 ^JзhRv'FIl~( p8}Rxgʟ!Y#=91;$N_f=Yt]Ew P*ܫÞh^"gא6\ш2.!2ϿSO;,Yr%VB<߉d=0W'._Y\C_l2)x$[OdyRaŃQhk8zGTכz+fW|!o:cR#e  og37.IGO Lg!,؈?miph]V[A:myeXTDvЛ+,/A;["d2{7x?A,̟_ܒpy.lrI8]jܮڬvx!Qvӟ:..ӈ鋴(13ЌeUU{ ɜU@gi` Pt?;yaUSn{k*tyԔuz<|-#A+I&Uz|\* =6#LdXp3v,֋WŸUM[bnG. B/y7P'G}KLQb0AƇV!Rь&@cA拆841)- *l@vjfs*r'jS"i,bdKV`P]e.M-YYH Z첆pTU.{@u7%/X>M]K*W8*Hp#M2 oD*=.E/8&Ҹ+ȵgqSft̕ɰʒRݹqӬʲT9Mʓ f} kKZO?uG%j7ew%GeE'Z1Q) =AI#S  v{װ̓`f (о >% U=F]sjYQ;!1?عPfk B#˞]:D nKSgO0:`Y>5Tyz6yt#tr3#C#8L+".0f$ŕJ[^(s-9 >IM<;T)Q1*&%HLɸzU~jISTĸa^"K$E@ύЌ1Y7F|P@eFPjVSK]K(sMgD|-.> |SqA;2z<,`zP`,ԣ3s.2ϰ]~M:tHj291% ]uOOD=853P=WNmd߯+r\P}X P z4!W^Dl[YO%MZ>l,t"v.1H~緻2d+F@PH^Bf0_-Odi&(Pe]?'Gu?TS̻0#Yt$tt~cFޜ…WPzpabnipsS®Hږ) +NlPLzml2[\_.lk\87?)އ8WaVfJ'*L?q ݳ7oY(~3^Vt n"Լ % bL.hy!r{"~OI0i1ZPH=gl X+}=sWUVZQ١rf|A(O3 S;-Pa7/}R+cTbjط ˹qʳ譅wl&AC 0;==iZv(ö0N tC w ycdv쓘guB!ٓD`BѼ'Ō^ `\*,NzS_˕Fͪyۮ%StxUuq.cq ȅK/֕vdOu-^>SMAhb%?I;NamLƋAd[uaG?6WcSz)k#]vFR'\\xke{a2z^gI1=eTWGx/*z". #ښ9eFqeBо1snRFA/c޽ _C}pp=Yͣlif+I1ufڎJ2qg JZn:PD37cn(Dx ƒԝSu(8G5 `ZA( (6u^@Lo൲i JȖJɺg`4'ԍ|.ϋZsqoޒ ^kY7*\WdsύCt)%J럒dJzeTp6-ଊ7Ӈ֐ĴM Rb IʇA@7ԕe$a<g?R:D*Aϣ@{Jky,I%\E5ԙSv'5 (J0{0TK2y儜Odomk(/mD4Xs~+`q7⾃_ZzȎaP `SF?Gazۘ9zsg!} UNY[9G2LM<֋gY"= xR0F!K B;TDx|Bm e@:xTΟ<\x+CR34y䳫 l(r}d:JJ@=ǂ%m; PT$YcYlǜLVz %a-r <b}y]? $8 kS$Jd.iqI-_dck&ַ qqӂ4%J,aT"|Vg:$UiKZˮ,rQ1/h L!P_b3'N2\N?n;gW)=ᠦȋyje]fAЛ00v T\0m_}O٪ xĜdO%YM.5F75Tv*r=Lt J`$r_TRثYSɂOx 'At&FU~h$\2scC]rUP"41G#b3Mj%9z[%#^ (.x[jdhٗލm]_*' Lv0tl74_k56+j9Z6C6: B DuN>q `[jc`HHxأ)# _hrѪ(; |" XĜ5yz~cswjF[2QD)nR`6FQQڂ;"Zyѕ&^*.XJ$dX2Jذn@n:o=~qLl,F"_e<^ V͓cUDz9;8#=sL ;=k?f՛hlnmTƐ'%ioJ.=\f"Yh^L.e|ABC"aIu|, fs0\2|(-g%ISbFL{a@ 8ʷ .\LLY *4*U~ 'q,{($MrMhtY"6~kӌ_hQ < C@Z /.:]ncb`/eLKh{N']-Nsz!fDe'F>O9L2ĄP q4]\N $gV +m|n[{)"I{ 1)Z#Xq^ V.XY3nO9dDhܿiI~aR\%q{urK}39%3v㣢]aֲCW5"⊷AphA1׃5;}DsaC‰W?9nt82l}TiɠnidE9ٚE(?!~}*HFK.8BjPgȌz&qRo(cq t?XARZxʰi9ʧ.lCE(b+(!øMѾjWr@q'm2s?if?P`z!ǬLPu*L10)̳pҚn +tIڕРx! :tȦI+ `AJNZ`t>xJ?̦xnRv7=5AoaqDYojMdC_/$oJ]:Y!*uEr\y 4aYq()I4hh!%n} y` wRY1BTq?XUS }5.V*hfA'J>7/jjjF[K@0RB ӤV9^}1U5 U+ ,l~¥BE-XjhOxc#aPWSZԁr:P"dӃ㊮'A ݱ9љz: GǀŢ0 -LEYFh#_h_Y}kmI:|FoIxU)c}SOEԳ'YnfiB %iPlؓ.r!tz]Ze%i:s=RMl{pG&&5 }a}V'WM[y_MVBh#5 t6a_C/ObB9ncBZv Gִ& gW A#L*Vxo_w$/i`c;wK#(LGp֗%rKʏ콤e |Ű3JߞHhf2b@K T/ǝ*]wy02w-n7P-T ʶ`*@0y%VNHq~dFxMo?žvδѡ2R4Oq6c\)˘r՟СOqm gLCEJJOV8\ǂ)9 [xZفP!Ʈԧ)0%qei3TMO|9z&'TJdR&;o>?2sE1Vcj<{0OnN?(T,Uv?G١B ,*n&#-\L\T ;pOy ]Fo+Kg^>@R@GFnj4Q1H%oWVho4*JK1s܇{Lm9|"4>rq1D&Nۣâ :̈fƺ7z'\a9&ۆ,a̞B=:~,fz[7OCxWVZ2u=uw=Wٽ}B*ָIגEkqbKf0E6ZZIĂ"VjIp8@\vXF̌ch&͕DWu]FV3+cPʹZGe8]EȊ:?1_Q}jt,Cwhnv5zzPr/ <=r~VP~ԙ"5AOUChM}}TOW(GǷ^IHO~ԧշ1ĦI*xӝ@nkq8*ftI4w*u~>ʛԈ;V*͊׸K3M> [znIySH=reRt}77?AWO&L#S 1A J2.kO8 6a]e+g =N+ez0o~-ec_}Q.KsnŲt<i6v w-ĵRd˓Zr(k' Sg%g ,W#wŜ;3zۤrRiEkb .˺2/ R/{Px*]w€*G3P8{QHX":PYQ J*?Hrg4>kl5Wph$qj.eS1Qw7Wbdۄ7d^0ۅ.oӵ;3縚MԍF3@Wvs(JIY?izZ؂Yx[@5˭ߏxoh1h FW-z{~ G/ 1W5CWDD]@I}H;{JĪ&?+Eg݂`(qiF Ae6CdeQ1j}ы()/pc7kf?Аobv;hߦdIlugm!2Inu7 GLG f 3w2EiòhSvDb/d  UyӗV"r/jH9yQ$ַI:0eR0Iҟ TYEt ^t"~ XJ 0y A-q K7]ܬR i7ۍS ņYXh|.WWTX/'6gœ ~WJ FW~!]Ȝeq)W?-Y#X˻C<1ﯨJ,%ΛmD6@Rpo,HNdT3 vKerF 岟84>8iaE-j:e3jRi v @*;-GvgZJ>JHǒ=@>ěŚgRZ{Yv3f)?Sd WN"У(Ώ%I+`wH**+q1/1zoEfњcVՖE|0R漈%myun+=xDB%͘(OvZ볗@5HV#u倨̱o&>VZwv"3m[wH3|+"[\ !98$Hc͌iou~ ߒ ٳ (;SGta--/2e;$O mx.(6ZU#(s6XXzURSD(~OʞhUy; `z A%xgp1F9eD{ǔT8GhĈ k]ô_"ͳ?-gM;}-7je*b hU ,f7hxwl0XdY]mUոF- V[Ubkfw5hb#evR&moSr*>Vt@@b%e0  ?uǰ)K^_i: )*UyKcU;C&s#Jek7?[\Z)(T<'+0Ht}? 0۵crjr{#s01BGͤ`~j{Am%}Z~򵼽LpH/_ꭳ'zP*-."2CMDJ` ׎SSqMZzKk& orͪ?˴XNcgZ8*X&eC5A1 fQræFOjՂc+BW\%X_"i*GH|0P)|gW{#[GU/Mݟ )|ePԋ6-Z=Jy,t)- ϯUec[+GYTVQׁ\F5q2ڬ]ިa8⌿*JfAab`j -'ΰxEjft^C+]Yn үpvNױ\x?Yi Y:Ŕf\0!08ڄӬz0!gJ.QVP|KᨦRO/Q5/} ź*D1TJsee쐄e.)k}ja͏_kJ"eHDۈ/k-\VQ|w T kn$jm8n8bD,5 ="j4e\!|sm=r؈EƜ`'! 7-}uฝ]ő-6VN!M&rQbÿ.-\j;5ybFjesεO6j6pD4m".찅N 8bxs1Nm~iIV)q:\&]y;qG=<[BԭwfbZE1X@X p1{ސU|Y=3kTsHh^"%^X>vx0& ѸfVpW/V1&N6=Ed@'R6ѶHȃ;>I UG&TFJo1U(sܓOs.0c)+u( 40gFZ]M "|D)v՗2o4.4l7+8-/s@1]3UZj"1W=Y_9rpBrԹqYv XXKS(1BжP*@+Wmd8YX,جҦ%\ Gջv[܂ WKdgGpgLa\t۳ˆ1NtfHޓtoLfRhD[ޭ'*"`TWjPm S2nNSu2[ŹSq\LE{ty979sVƙg84YB}j"k @p㴮=`{r}f*s~^q咧ؘ٤R;- g[PM!xzOx=Tf#|_',^)HCl ׍J@Z+ڀJl#_8ԍ@5̶}֘ -P lL_׺ (A~1~yeAPhfvJSQ5O@<}2oPy%:Qe{f9{g Om䧟F3qv̾0 $\7Ҥ澸.!ϬŌ_Z'(Iʹqg؋3 Esj%.ATh%BSTC>F[}򍦑AHI.ݦ& ckB*0$ĉ@KV4f)0ܷǫ)r%#?|> ^JrC٤_+Cm& =/ffZ: I -&d31Jl(۰u^Ny~r0>3Y i2DV{#z{M̙ +GźF`0\e|[0 #BJ+\j0g#"۞eS7BhyO2rH,KLx#f1͸1c*7B`*?R2:$3ݦX eD}V+50 noˆEz6ز=+yJ[snix WdH\!}V*Bף [wQ|Zia8VFK-|PBnY؃8[/_ID\7]:'^CNsPdrE݃ HL7\3A:mȲ'}k+ƸS:2 C-]6n׈uMFҸP@aR3t[iwrѬ"E%Eڗ9H)>!Yt:Q&xiLU-M307Ym (ޏk)o01rnΙ'[i wFB(ꄞM 0!MՅ=&Pf(ajy{GlԌ)L7^i =JC>Qig;t<0 1t=_va+fpu9:4[!W7JuAreY5w{7);(N]ʞ?~'?^lpJ7[䣝(_Z8_ܺ* z\%0FSF.-.>cG~*@&QΚ>򯏙F,Ξ NcL*̂岅I_~E^V[:,QgIb*>▯cDguqx6_7BV4լ];|MT4Q˭eh9/I4|;ԍs ܲ%:"$GLi&"9@OkV5|5߫ ?XF!SO?۸\0E~eP+>;u.~y-A4(5%(ioRonHǑ*WǧfbPR$kjȚPk QXiL&k+^{BOE\z˪뎙MN/bW>Ul|$kH``;zCx5h?-ry7dtݼVy]8Q m&C\ eܟ 8686զzR{:ٰBYRCe4tbH#[|-U'!G-3g˃ƕIuVaS|}\ _XG4Һ0qt!Pb5K6|h!z8W a_[ \ jT^H)0c 2ƿ/eXFP}LNtGs&+&#fxB1$-3cz$T%:0NLNb|cgiQ~됍(xGǠl# ˨$=y ;2>{#î 5uW@tYYN͟)O.?0Rg{k>Xw'W5WaШn@KUU, ց|˥v>PBgvk+] Guj*lu93[evو'= C_뾡0?&:Wt4JzhJcS#2DOdHw8DcIH*'8U ,8iXh~VRQMDĂYVr|_0HXL`w\:/"lK!+,^faQVO*鋕q4c!'x|  ٠OOZ"WRX\@cLͽ|˯u6X!UPkg"QQk2E8QW?h!l:X?Vj﬷M(>N&hʏTzf, O=dC8Gja=QI-qf-n3f\h-(oEOP^} uAjwY,`oyx,Po۠G,9_'a[l|(+ܺ KM@ !(H~JD?*aX @~; ng$ՋExc)wԵ]zS:z@;01W)nb6daSǛZss:EGNN v}OE8 U}<( 2@X=t 8'F^[pLW{5/t7ň{|cBuJXS7:yBj?GYt؟Ic"YB#קC7 Ca ,E& ۥGZt4Lkd%#_ψ\!֠SϫCJ+ <;k(h\ڲx[ ܡ9O)j^( _@rL\`!V%jz,2F&/./4W GqõQbÒqXAӵƹ,Ӟ˄]`yK]Kק =Sܮ"X(O.^kXSǥЪ̰|L[b;qp%#ĵ^xra|!S`[`=u}o*PITܞ~h'9e=$y;@.F_[Q2T~"q\j=jyrVxEm+q9gcIa.YL0(*%I;%qZʮJ$ck^i =ga 2q L+4LW};buh3%*-4 c&t$%VDw^5*'$S ^StߨRP=UdOZ>MqHāՆ&Ԙ7T k}gF8lP|}"XOm&:vkԖYR -Η"B4>r@ZLt؏a<iِ~1X$?ZV\a6Lv4bE,눮Ugm'd4 J$Rn(L2pM`5TgdV|r&b*q³ \ӚKX/4`-_xkjt3/(Pi]'fgO] tʔqk-Å+f_H̉Y#EQ'|VC5Yk5d^e^ {Ji;^uy,>H~3jc Xu|p#Ck)Sl--2>0SeukܥFOi|  (LFNMDgV 8GTK+_*,ﲘie^5(ˆ|ujyjð6Vƴ8dPUT j%5H,Bm\+Z$tRFY?aaL_ }2CV^SW=~bf2py)|r!9ށulsAf!ьOV`t2Qfߺ) TH孕 Ffh襥Lex\%5bK0j$nĖ-b,-hdͷTb>+QdVKD:)jh;S3mԻRJL9=aMsm)udT75T6 }!f=aOr\ċu7޳(sI6` Ep0 jlS`AȞFVNiɶ&ݎ疢\תD qF;ݮ CXzor4B~ ge/wwAW#>>DF:cpN5{Rg :=NɺtYaɺ7灘} /ʔ:Ӎ5u@]kBb$ $+P֦Ky/ >k?)( 9ܓĔw\)7;R< #<W)s|RڨH%E#1]9\IwStGoH:H4u=%9ѳR:Nk~1O Ĵtǎ`6*[Wi[Km>^UTYsuy J- -F[ m043lX)ѕ=xX~5h=xxj21#MH{Zd ncXt'/_p3EZ0z4ELv[CT_!oB 2sMtNM@`f8(ҠK mYo~7ʍX}l\=W`3)9}!=nWV0ursa*"@yo+QwuXnow/<<8DcJx; <]F넁ks,cEdDIk:=cA'Jt *1S`Z(Y5<ȧRHjU-P@tɞOT5Pc6?3vh18Tse:F4f{_ ~\H~'ْ8jېv3?ʙӪ&G5c  S jLf0πlg+ g3YX(dskvFr2WLWޞSZ}BSM7G_0ʘUt?8#sL>f9kbSzf v@XfB-ZD ^%Z4klNk+$ԳXB GZN ǐGYjqO>kaIYK-:f 5CWqWB-O[6rݍ  $ޕ|X^)wB__[H@?JX2TxaO}s( e4Xӯ)n0eu06͠Jv S/B)YGrŹ=? )gHE"RAodD(wכA꜖xG@z669چ >2|@-n%k>EDQv-P>*U2骄uI$gGjw P"b/g<(6We|aG='x]3>"+gV0$^l;| EyW*rS{B6ʃ3Eݒ_e⢅DAV T )CC4<ش Xڅ+uI \ X"u|i 9lIb%R3s(1.ֈ8 }c#sŅ}uv) 0g_b<ϙzDy[!1?C ֜E_OiȈD LGu"]"-J?SBa]ڟhǐLd^͔l|0~7;ľo;iYn.y[6S楳q2,M{>}"lL8Q$Љy !kE_6'qNE}0+3_s…GPS4+" =^ds1H$|+`?)~}6o :OҢA,Ӄ45i7wQ\y,"`ARriœ)Y&Jos>j#LH{!(ώOos h]qҝˡ"w7qکKmFV{#8"GSH072{ݕ0/u@41{|~+Lŝ1nbFڒ4p$Q5ȵ8Ĉ3V3^]_7\N܋AHx#;~VW[ 17r.A)QŀG #RʲJgkGRǖݫz<۳?q©[0q̸ z~, L JDqՔʧyS;1bt9-6M:H,p*үT 6{vT?KVSw4&dhC,~TM/h>o浐1ΨU=`?c}&׷>IJ?ӻ+ XJ%40&)>ʕ@c8lctu--x=y\3/r^5$uC CJBNd@9v۰FńrܴXo녅 ؔ/"~,=|JPWsƎ[has(ޮwQLb=&1r Ec۝3ڬ(U^ ՞_*|;,.!T%%Wk>+5YA*ڀw`ΊqŏXƮ/~]Q}EƼT6Ԡ (~lkq cJRR1p} q5`S_0EMէ.S.'hO&4ļ NΩE`\٪d:cHL^f})JS6PuF9x'$ȋ^+KIV3;Chus)x`23Fy;F)@43Ʃ9w$Vt9?@G ı(9Mj2 eDwݒ'pS.#j q;FM X2BQ|m-3*3spWX q킋A {O_9f!fkm>RL&*|.9zʑY2PQ"N(7Sx)G6U>#R"A-6Wx{bPHH)* < n2rClK)g&{̔eSeUIHVwZ3™#KN_ݙBGшmAŞ  XjB3/>{G(b_6f$w2(M1+W3e AmOMV%G#|^nO+5 1e{Ҧzߵ[0^M VBok_8!@nAP_4҅w D47.U,޻>O%&:٭d ZO?f X$\gO9Gc*2w@SV`rS] J\ZǤLn;֚,;cu]ttO4Ƙh|*!8fxjf 39jk63NjԔ*$K<:JCc`p,ص]eXb9Yf1yIz snfI8F}UA|A+y؟xؽP$91! .s51N0n^iaUw\fb  )ڹ8YL`_Dag 1A0fDB^gԆk܏G.ݬ̵$(W'F2R $M5'|9 ;Mc _<97cSM 7)_UY}43z#1inod=AZ*x.[`b}EWgh"T~'kɏ6yRbd RWE>7^/0'xrBN]-/a! \=we @%.2*/8o;Hl[L (}$5s)TS ek'm*|PwVm{YmV8 gLsV4^71F씍^}k,V+Ʉ\ʮGi*8bOAs Ƥ$4A>jcn6䀉 1=8bv[!nk4foKk3Kq0ބ:. R /`]JRSMKNx wf/,C=U{7ǻ6:hy$ ߯x9GA2K5P  +rsvFW+?.bG XV-}Fy?$-g9@d1x6bqQ !ZͲy@LQq-ꗕ~ 8\[/R=.9 Ӯ wHF2}KMlҰ*+ M8T*<4tDs ˘G]$~ w|6`18?̶ 1I33d{;Qp18H;-4X G`j68~V;S7g[pbkVsQcq:}6E'xQ])O&zm_ b73TGL '&ܷ[qЅ-0qz©y@3 kǷ׃9n"q:8GpXy!a6Q2Ĝ.WF9OS8\ʨ|]\hymnn4F& 0c$¼~Rr:ɣ8PmqG;(-.Ջ|4wlT3%&[^o*Qw^+LOFiwQё\_ۭ3k~}N/րn|O<0~f9Oa93%0մ9j$p1f'TvQ2]_lj|MTTs:l?$]O7 ];H_wP%Zif~np0eh~RZj! )-c<>DIs>,绿XuaPp" 6mZn^jʈ{ojzAou}^sdlimwi>$ZaayaOQ@d vшXp 滒 ~2!ӇUjpLO*g*7ki|A@2]um5l|<`aV# W:ikb "7d {8| SJ]?1[^4ǢGz!yLAz`ʯdv*9΀QŴ`i!SrF޺CAP[=}S%^ɤ#DfGה@m}E{hQBQWl#f" V-;_s&Hj_ϕC|]P)go_,)"Bs3*#G8G WQp?(QYSW ^ Lw!\NĺW;uaVwk{q)lH2x:ӓR( :,&l9IῨ % {Zڔ1gKef;2 -&[-0QJ9Uo< Izr D1 (ͨG s>8US2F0P$9SpkWpQST-CqU] lQ8ItG. 1XJ92~*ZdX#lg҂p)Odf12* IٍV i@nй|w: hT]cfV?؟\hX[jԺν3e^GE͙3 o+]*Ќ17h> ^dNK'cWuA;}"OVehY ovէ#2IFr$àu]=Aypdɛaeev'ڧQƪӬhOqJ͌\΢p6UTvRju@ !j|69Գ: \ۥ={,aх 0DB°Wω8Z/rn"v) mQNxQF G0ɾ}\_Ii 0P D) NHJ#7=vͪZ˸AdMe.wd:j i?t Ӕ_2%eΘ3E(H6m'zy_G df4 1{O7+``TߡT|"z ]/j25ɟ|Ͳ0@(SfQk&o }`47to TN`k)|I+M dES!.R{fvk@u z1F/%Fʈ/nP#Mu1' i*svfFFlN$O&lXA .S9DiH~ w%6֕?n_Go-.,nj/#S\xB< bYXZd6Ckc ?f֭?\;};a9h gFaa['Ce9},A7F !ʛ[v"r+rq6t 'Gb3^NjTk6 HIy&f!1Z,š'5 dHٙidNiOxHKzlZ,1>èd\Z-:^UģjGK[{xnbN S&2 jP_|bkb^X2J@X4=(Auu A~=ԦJFxt?w?۴<p.LaZ̫tˁọ-L 6ܵLEBzik7~*uTT3X dN&+m Oqk= oKU5+Q|', ZYE?!Ÿ(i =,1:?NNQ"r)>r0漢RQzN. UaDj`Ap-,O6U@T6cG:5tE[kl@u'WI37( \jMc|w5/R6]J$TIx80c|fA K>~ ccH؉r*EoSӜ[wHT\/TL Ea\xX 9HмQW@CYtNԋɋXлDOd%IfRqY jlqJCJn:W ǘZq'UT fx\v+Yc5 œ˛br3h׵ך(g;u7FTq.TgaC& J׭d^o;u iCVŽ P0ŝ/sLq㭵ˡN4>.מ_w$ )%,MxѣvSv$b<6Ε1 ~ӕߏ'O0/rgڊ;FInK A_Bӝ:. ˈ;¸LY@!{ԉ4yĩ23! 5 3S4yrlR`=r\N5N2ݢq,_Bwg۵r]U\dnu0i{xΕEhxBwj.IjK[.d(YӰQpP\C|4F@"^ㆾ3T9HjE"HN"2X 9`s4q`L 70ԧU24Rg ww Cht*-%f^CgӼsr}'V!zaQKFv-#z=}ϑ]ۍFm1P-v 9w ̜n$ Y(9_6-"dT`gkT0H3,|`qn _04bI{\^^mE?\sB?ُ$X1T_V=DQ\.{VXQ; Bbc yȁ { 0 J3YI sF0Q4^9C9CvFIg/U& nC w0<ɹ]<{_ z^ދ{OB ztwصʋiu )ѡ~bͷ;?^h | H1*OӱGkmcβ- SЊ-w%7[7ܕ%slCC yh*jy/Y?F0; 7LE65)TE>N$?L^?ҕ!1 EIQ7apt?s[_SA@!Ndn|b$ghPcDF2fIsf:fmԍF}ےbdTkq$m&&^p)c&fg8I[/;јFdܘCO')%E%}+ERK k ]ɼO7$xq`0&֠E+ .LŎݴgR6w Z?[p,-OkLaKLvkG?XzQRa2*"EY4:씖 WcU++SCՔ-2kI1'$$yպ4Oѭ,N%-/TB^^π:Y/UUU/9ʙFjZB?+hH◿ٍ#u"^OэtGZ? Q*}ZE*wjV`u 0)Gե.n"aDrnƖV4i؅o\VGh#p?yў*IOQ@'E@ti=/[/2@ >BԮDXy vd%|,מ!\2I IRk\x@8MbAއuXghjڔqƿ6<'aA*9x҄4v _)a C^FjG/aՔ{I4|BAwaSCؽpNBKDLz1Bb8[y9xA ]i ˳5o !#wQp`%B^d+9-Qo tUS'ð*{ZewKr)S[d@g#'x2 U@1"=53O35IDd9b\_=dK?$QQ\X CƭP=~oj0d"zZ9CpZ$ < D2>!Ԓocឪ &װNtORl2?#(2'ާ)曁F؜4  <ԔƒAQd{)%# `fzclEӅ 9԰і](nA~m/_CveC%nKkr~@t^Z Y"tL$xe\ㄉSVBf>ހi i |ũlveߴ00Z":&ŨuuA^$eD\'PhXml}ml%%s|cUz3MM$l7~^\:a#gWP=^~uF'buIEBtQbQꚠ)JhO-3Z"7=h0D{ev]h zIV(I/N&~yØ"wU L%P<=6U]h(;6<@/k-^ƧƑ`A\3B3.4lUˣ͝I4O&HY{q 6a=7Tc|[ɇX&`?aYtR>^ė j⌏}1+RkR 5k$se%u,g;> ib&5i^i_~Gj5 s+2s!s'Ml=ϵy2 ja'Ud^ 8vc| Zmwޣz39Y ٓXʞbsu4ϸ-X&ϓ1erW#hɀSQ1˴V,}#_O2 3H׌=-U<Up?$؋˟r*GВI3NPHۡsQ_u#[!W5LҒkש/:$I^ V7>f-!- "xMq&Aٓ/ {tI?35Oԉ. d8@Ks }g^!ۄPYT6%{óDm4I=؞[r 1@~"`ݽM%S-[t!ln "LS;U,*pLb뵮&E@Cwu6?EӍ6 A\\*5Pn$W!HOiLI UVHq' @j+Hlڜ:| Uk 3w5TݜN_tb_2vokj?ǐ:Os QTQ=Jӽ>d |u* cs\Q\, ίK sAې`n/> Nf8Dɉ]m} kw%Ҟac eVpJ$&g^DD+CtǷRV~Py(w|AKw0ᜍ|mHghn%6]*N!-dh&#sIpbށ/يy$w|[_KpF-r6[l Oޱe5r{W ,!ՑFfпql-i ȦRٳjPtYlV'!iyXFe81|>cK `9ւ`qrH_gh@G%K')Mͪ.|h.u>aS1CM@3fUm!r"@ٍ3`d0`bjo$v#UE\be y2Hο^(l넬`E|{5&>&Wx\v6$(m^ond$ j%oyCt5y/ۢ.fJTj0n6网,;@׎=abKk+K,#S1լ[gŋ!` g.eeɻԊ7-qK4|g% *Ǜh y:=BY2T8OV 22NX*rn>_{@\ M;YTb·\_MAޮuV@TzC5 K.MFwI2$n1pXj[h͸[/Lai$ #??VX"qh~}ͼvd]+ f @XyU/Io}N]CL}Cs!ʉ3su.`z ]Q 8hiXAjHY6o]ΦԖѐKˍnbJ|Xⵎ/m܄\E6lPXaDiݍ8 @zKp<<ͥ&pofݴ=HGi=X o<*RFӐ:۠Ct"\Bh%^[^`uE-$4tƗC܃̳jHbqMCb톍 ÎTr)AqDJyhO ^J?akWХYF^pOj7y\=6t]Ǟ24;`7u."2򶡕(fvZ yƛRj|Ư/\m.z2YeLs$\5.ʇy56u$ F1#,'TYҚ bUX?^ku:*; ˩Э.^ɏ令7FQ?]`(twv͠FuhR'3gx(yQ_2H]*`ܪnzh0n S4ţ6m2y`8"ǘx[Qϐ(O`yUc:.#L#٦38'׃[ymN!wfgXVgvN9smgu%oq`۷{Ü6L:H${)&コM"u1**݇3rO@=?ٟrv :׉sܠh[eYa]]ST) ,dCL im&X<־7Qk .|-xaΊu=NeOC龖 ]$'l$#+iPDW+.+1dGniD_~AE)lK=$H$m^̞s&Uilq52P3M~XqnqQլ|qMGtdzTNOĻhyӝO)_l`ڴA=?BssQ}CъR.kh?MYX$ן.>L/ǩqC˻ŷ5 4τvo!sIۋ+ <E裡&+~_鯅_8vz+0_QAͫ(w&7r+n3, kط2 }Oc5Ə].m U,g bKܤ=F-*q98|-Ѐ+#.{:yWy| ($ȖޤɎW'IQ?A36H`mz6L`ӜNbA*3@:ǟ̿RIƚZܽ.Bvw cU1^Eeu{) J a%#ą J3om?r,1K0@ĴZi'(yv&2us>$:ʇਫ਼D+BL*_.篡5왲!|-z|+-V{⭱QQc«6tm \,!:1 |uNT12c Sc0HğhlEd;)P-H$Mo(oz7 Y2.4F+8bVS@ 0 ~3!y2Oo<3j1چۻ$pe1s_"x J[E fByCp;isO#q]L ;7G4RX3I#GUY"*dUpA[%);a}{9Wt!H?{~9)!xth~MgF|!(4cFa9s¼-Ƨ$|ڸ!z!)Lp' Veb7,,JoED^’4wdT$M*q y{dP](gh֕zdj u@p!PӀuzKGP"@eDe(T3ԽcUa"GlnUc$$hq)#MRD]H*^ȿX=kֻ|"hvÛpe+@@XoMF#!lGs3.YʫQ锕.[iU'e G8x}ϝ'[\)FCdhu0iU4J DIjOc{S=P]*b5>UZ2ҏS !O][OndifKDK}><ggt 3[+R`e dO,C3R\%eV6i!jCVgX?9OHl]7K2x_k9hwp81"@ &lї:6TGu Xo"7]~ۥsh Լ %((r8"# TI>)Q31 C~"st2}2J\л0#)a]81UfJ=H2ZKh3fTV߾hm >J'3j!%s2ݧUq`}‚ΟGS@4 azC/Ht/.Z>vBEi=oTFJq,/: Zmۼ S1RKV^c݀B`'1?̰p޵YBhgE[o(B.iII= -.VIѯ%%PrYѠh:RXm& 60x[=㢝 ŷ{tUh!3J ξgH+)=uF*BwR~۲Rϐ>=!i!J@ܔl~,'иo?챭+,d L=s8ean&t3_XDj! K;?8QoK` ^77bN ~1ԻK߾35JOґH [՚*wu0~NGv~=Ofխ,D&/^Z̦^% ^1h) _ou>a\-7̺ nMYhqv,RDVXOո®oS, D@d kHz H ;ۚla?ZQVϔ(QP 5ȧ w*-,K&Jvd-,zuR- :=t05t5g!_ǟ~:qpU @-|?|FN 8bOԖYnD!BVd gf9;YbU4$w6%֔!Zm;ov9_>;h&g;ۈ3QPjD#/ۊEXG>!Dq-hUy8͹DٶzvV\kXm$cU"ܹ8nutO]}DK^KЦ)e V2/̅QH>K"[7+ BD4I m\H`>*;SyATؿ(:`4~D׻Xq]Ht]j]a oX7_a0[޽SMWRI\)8]2{V4zv7y%{9I8:#p:!w}1*L.1J8O4X|#g3z&wU庝dџ%5ZNx~YO {n4$3t4 JÃp=,}a$dϫ֥G+=I^$!<^:V!EDkcP5Q_Z[o'p6sjū>@w{` bL[ ±ϼ#eyR|r\!(2}  s,EH{^Wu`օ]Zsps`rKGQJ{'"kOJ@i0r1[ɎضW~i@KB!U_}BbmHy*2\aճ%h CYD!pT ` tn7_ /᠜#>^HdLU5O*]m NRegDKY=-ن}􁎣R4w@1&-N5֐Q{Y֧$-8&o:NT(uǃ1s,.2d WSرT* &]1`T B,(31;?iv\CIU_QNTCr\5 PJJcd/(&RT)])k_y8w/Yj]+? A _ ##˪echmcs3s{C3 QGVڍ4_$#5f#x]I1P:W 2%}P|+_ n1ZnA&}ݥlzL&@8}QɒL]Yy曛` B'l|=q26*sq kAF"o+hZq]W(@چ*ix%EbR51L,!jQTvԞD^0,n;XuCU8o\,괕Qb8=Bf%>hABd9-f瘜^'J R}gi@y ϼkObԀg"%=jӿ%e}iOiT\*8o@ТY:ջE 1PsY#0YzUqpm.uhG :Pd0Aƣd%*xc]aXw/t1>j2R}{my_p2(9M>P2;T{^#m_ըK\ uͮ?+!_20Dٸd \%#b)y] 8} Fn̅>_+0<wU|Y)o$#8cy^ iZU)S:ËDlC-X59}w<+G/\>ijAiNHKíveqY56Ea+:K9;| aVkTOEoCRc_ɀń\2W5d2l"g?k, ܷމQ'^u+ dZ".3@W"^ f4J1D 4մ!}mGn#vQ21!NWLa+X#7o FÂP}j*ɇ^RBm7!L[6 ʇҗ$>:t[#j=Py9IL0Scu޴)Dh4{p'6i-7 udE^v[y^r&<%kĂv33 6\J>N|+ӟͷhK(+Y\"*82ei¼{F[26n+ܻp~SoU^b3&+$Fؼ1O[a.'HvZw~ow>3_ {mVy0#=0+28zYxR$Zdü7mc6A*_@a mu1#3&i&z]jj> T%' *ػJzg CB@ oG$1j?Kk!Y5k˹c'i`&=GrNH ]#59'@teo-)Vڶ)`ZIrРOɈsS:2 M7AyJnUZYSg0y}ĴV)4لZA5=bBt︃"4u渷 [ÏЪu1dBi!"X jyC)gX̭OZ[oټl:(~=8WiIR@g8c 5{H OV Pځ[fݚ4RТG86I7r,UG.Ap IsBE 鿯Y\3>ל`^X.}#,cgc"a.k0&I,N;a<| 4R V3z. H7z[5DGÙ͌gp \!"TW0E۞@}$)͗w\`_>Z!3wx)ha/𼐘/Y4^~/ځ Bg3U4J8Ȏ_ᬱd* l Q% <3!uדnDS]9xxycu-AB҉?1m\pdi`t&^,1V8%,d}ER$؀VQ2/4ͥ%<ЂSͻR:-$-m%\Dox>yְXwUNWlp ,Dl[N@qXqRK9sg)3ùlf*}e-&"l`ɝT0nTouKɾߥ/~+U5 BT@@ 2ZFZY=;uK1]]pT<-]āI >H&P!E0)]C.X9<ϝGEN:9nuՉr9Z4D“(qm`U=z)2qJ-1K6{:v˱ʷOKBQ"tZ8Hw<˿;W8ouǝSDQpAGWL¡<.k\t{խ}(60@i%7t~̺GNf&RkyMl{8w%WF"nLZd~D"hg5HZLjX\G /ZRdn儧I< ZL&q>ӟCM?}.p;B_ٵCjí#\R &Y~Fd=:'"Ӗ8>q<-0&lpŀM %ړ2*ᢜUs3y~:^ b@>aN]ttxϔA1 Rer0V\Zq.RD=e+]$(*'A#ye7a>?!;P̤+/ʚL*58ݜV?IA?1Fii|cXL掝32RYlTINŁ2 n󒚐u[(JJmm@@ rЄ{A;AYt5!#>l#]y>Sdk™g`^H/_^hhH* z܉ "HH6YT]ê+'SM_]` % 3<>.YDg@tX7$6-Bpu{?K5s`؝Han%myLKWj>S`JHn)5…#rh=q@S]0C&6fUAC'ؗT#SfXyGMȟ\3Zo>9qJ՞>:pKwM9XCkYp8_# }lj*|f>: =w @Gv2nHS v: y[2M[=P>Ozy#oP7t kʹ͢\(h>c?+>92lUx-_KgCF,O+Dc\>Mp3w2y4̹ ϧ-6'ACETiJ)*.^P!)o !:Ÿɟ냙G%Kb. ^|ŀ!榁 QD=\0J#IOj3t,G!YugLvТ*5yMp-iQAxK_#0`*p-~V? xW֗ƤyθDh4sd.mPŕQu R$F׮L¥yY@aD낑w=j>4p\'g ƲF\Sz8q%H<{?Sz/<Tu-|iwgbV{蠖⻍;e05;`ٜ (eMћM[6J=E ,Ϫ .(T\jI\(3ALox`C-.j-;}U7+wٔ4_*K2Ht*# %m?,̟MT'VfEtL t1[UY!)iF4Rl4V$q6'/%%zevB(.jn?28um&,j25궅1jFD|H%&8Z𶤒 #4mVi);(ttO%k dE5z}jEF Fprc0d0Sd8@?]1mչ0vy2;`n)ohG9SL} (4񗇪nUy$ϥ`&ҋ_)+"ʼn0q6pavl4+ǻy%q rhSf}]k ع1:ӱ-ḯj :}rnoO91SH;#JZ:QM)u'+ \Ҩq l'f"fb- ޛ/Av fW+vv¹ nt+?*="}p hAI^h#Gi Ƃ~~ñi3yM+ˊ7l)"ct$n#> H(h*ɦ-uʘ kՃ?'"k̾l֌[p/(nNm S,yRFuY2L.{o)pI}&&B2jꩨpRC\0h'aϐMznJ"LV\H>E|ޒ.Vo#Yz0"z٦Ʒb,5m~ G !QH )I;9(JW'r|p3vǐf9v̗m43?rG* 5Ɩ(5)C2BBf(z0ކ1?Dz.ã:\^% #5Hx?{[U>]u%:?{l?fXkN`8v.q nޮOX앂gʧSYr-%9Ta2. +=5!#ѝƅC ׹כ@^#4_%a\AZD_jO=zL}nNw fd^Ǯp,'!J͌HD6_.~>(@Tt҈ѻnY3SW $wf9eCOL-cc3;Bi!LF Y+dW@AN׷8䔨X 4'x"G]SOӕpg#U(5]"qmC  !Hy׿` EC#.'cYd)v﻽;rŰ wگhSWbfb .eIpE"j5 :N?B\`4Lu]CQ_jSflI<#zR8Hć;SFG1ИH{gٜ/M:N sKkrk?8S0R䟾_ntN9X K!#x=-s.LEB6$0AH+7u8`8G%twIaO knv? "U|:GbJ' ﲐrwqkW Ͻ&Y.ymCia!=2RϺ=4͊6cD?rI+8CRIW͇ 0}26Y*ty=lAϰ,6ލmmk7E$ eه O*S8 ]U`l [P[GDovBR ɉ&Q ~symgrp4>EȞ~3JbїX5}TW ^ /]~= 6׻>9Nb~bFeHiurcnSbGCɫZBmlhv5R6 1l5J.c%+"vo$+$[1云GkAo[e7 /ytR@KKc?{Ϟ4VX KwI"^z4`+ᒦ^ yD] ЀLlK{!@充Q8.#-Kƒ|Iv R[fN3e=p>% < >J]}Β.ϪW)Ԯ~>L YRTա$^K,|)y;$sQ1 0gZQ\$iE?~T|^5`΅w)]o6ɐ9.oFAa$^UԹ-s5T;約:U^SBaԿV}b=qtO7Xd nLe1uԭ&c ׅ3"*)?1.7fA6*L؀rJ~'泙(X5vPʃ5)AW~qtt} z>jL^DJsJwNZDPF\;cqL.{UJOG^^H8jAaSOz5䵊NfP{7ޭS72 1L{t0`M~j@fJL^@OSQȓYv]LkBOOWIIwYyI\eD%ŽHL4/MT!xdzgxS^*B/QR־yH׵M˲K0By/I~I8/-͠U h]>`pڔ{5oG4)x|іoaVYX K+kG;l4ЀL7^| L #caM2X1./7DkkK:95>)Y3sy8Qr<<[{ҹ3b"bԘ;Q!WW )"tc 7}*ÌJHMַp}&z$R 0e9FI /`㼏WhShVeJu*Y# y+ث!10S[lx$BW(sF3wb׮mP?0NM)~uiݯg†OJ 2P_]22)ɉSs)]wB6JE)}WUXoH:C$U坕=a KzsZ<5 ԓp̦RƋHM>?ȈXEq${SJuEoS%TR} yj8.&Ndâ숍5(k8E)Mj3't4sar=a:Z0Ġr+iۮ*KL_IZdA$9Vz0:--/V 9:ݒ=jTn !g 075^o٫@B Qo4SH3=@L&mY7mV5ȗ7N; 0RgR[\۾Z, <--%YiR08jQx2/wZq i2ys8h+POfbIϿcK鍨nVns2Jj! wFm 5 Y%VB*'vR4X?rwHʱN?U11 Q SHRƋl[xVRq>e?~*?^I}[yP=`~qݮάH~@EKXS4X vrU v3H5ңf!jc 3`"Rǵ׮`t.2%XYV̹asSPa;e<5!VZ1Ew p~##ll8ֶ-gV  PQ !_ƘR-u}-Y>~䚄q`zE}9E%Y5viFiw㫧 _d#g+`'lb%zi6P1F'hoqх \*!Y7^}:R$4qJ!r]&`-1\{$zd?>"VxWX)?wVo/τo!{r1ܫdJ;؋5lm{\bw_ aZ߄W{ A][>9dV_I,o QE MOP&gB10uԊW7 0M[䪍 ̄(ubjn ʊ?bb]"\ hftnX)ʥaa,bUaU1(jY@qG/^el|TbŻLҢD ʮRiemHRVqzv+v0r$QVP\՛>pQeRZFf9ΓW-w$lai;;$u|ⷊ#o߃NH2[&ƝVa[N*ZvLzb[ZbMt]iB Sw:Xa6;7S7gIOfdຄ)ﮣ|X\+Pz+n$/ ! OaBr"vJ竖X34qn5x8ey|jH7-_u_VB{܁7~ ^40;k:^Dw{Os2$tOXjޠqHM@Ik[fHH?/ *ؓ2guX6<DFChCAC&zѺ.qlE徯$+&" TB@Z䴏0Q'o8X |NmJ;ߐ#$>3 S 01,lψfR$z& ~\­6X\L>"Qpl055PSqܴRnȁD #dW~U>*G)ߞ-?|(hhuq :д"pʂ%PI#Ķ FՈj#₷PY8L#T%{S7rFlebO­,RDߞ\&[y8.Qr3Q%!-h 5*7s@]THrOL}.IA|9t\ f/2@P&;=Ƌlۗ33k Lj]&9@LCl/K޶D+.֮4;%5Zn|2s/jey9XԬ j3V弗hy4="_:zFhtϫ[CdL{BePWBrL%:ԩypU3Y?CFGzi8YXNsDzpklf_#BW?d>i'SЏ/˙~OqÆxs pxx`7̊iVF^yC8 ?Hq}MIVDz5_sFQb7d擲8V#Ie2kf]gy_֩'2pąlob\eaWT2vb,_^/mh"d%2`LDPQ~$H^*Cm.P")୎,C#RF;u#y鉱mIu|ֶYdo}$Zhj}1 ]'x=~/W޼st:.5RCKnOn㖏Lr>Sػ:7kRjdID ,bM*?ϋ[۳_'Nv_7E8g~ aɱ <]&|El iydi%~.Dn3. >,,WB'QƯF]`d6t}_$Hq8NqIO"Gk>z⬠ #ԲT, <@Ky0F`o R֤@cEݮ7c.5Ҝ(;5l´]295T^"t3N~CW>jBs^Оip7yxdJc(e[4J葕܍CO9s_y/_UmFNj&`Vm~F$zia|Dx^RȃЎ ' e+g2 |ZD *}"=5vb&$a!ׅF>e$~ΝPvMG⫞/u kMa_@d_5k%>޵L.?lq#gӥV?: heyiu 8ʵT {чـ2oTTW[q_ܑ7?p:bG$r4WƷ񴚎/JmZmG\uIIJcD/ M&1U1} ηL@TON-=:RUtkGep/TT$DPh$nQ|wUfC[!)`cc.ԭb5r11k&)BW2fzXw8=N\'שEld16CyiC|[2EE>-L7E-OWh0&8kx(ry㝄4a:`f\UM5ÔUHIPƟJk ,tn'NUc\FObD&)% [+pQJw"L-d~2{C2R<[78wꗢbbA$[>SS"{Y'Jo n+tM{۲m~=/9\xKO#d/|uܖhmm88~reǼf uXby݋0O]AFx8[gQ׻d r؏~?T*=;^e1fWiɰ*4re fS[rET~*n]^0HAn`O<؇Φg!R|DޒY6IQ2%R>)$^L,'b0-XupmpM:Rߣ\nJY;^Au|[b_i,;sVV͔g1^qEgmgwQJ _ <3Aޱ}O?t4; .o o==5-B"Cw~ЊoL[1jw.'vP8DKl(m>zz^auc3CK>IF⸀MKFA:WqyxylS:P,kQsK^gwEBK,Qi`le4CrqD\OxDg2EeBTV6Ë @(]ň"1˛qF)|/ujz37ӱƧxVϕ2$DG{Qe ډ~u/hzEQI'" s%2$0߹Ǣsy*_S4|G oaAR"p89h|ƢK*(A˜oLPy]L'ESUf"k`b7wn< ǁ3]y!CnaIr6 ?}.t3cȌ" zJl#xUG!S$jޛv{&K%Lqw|jhY[IYynTU)J75w륚"V!6M@qF.2,J O>g}0s^[iı'=>ɩ z-TxܟfNKqq9;pO<.8Z~m*5,%Fh s;0&K}'C"Uu'׵b)eW\DCDL}!E~o9v@uaB#A:t|M Qߣo |*Epn&X(ڣ?Ϛw<9M{B|gDTDl5ZK5--VЅnq^&)Jwx;i䘎xSY%!=xq|-\xCN0D ӃJM KldOscg6qCx~D/4:rW) >b8_4WM/"-q"mj){AJ.t+FJEPNd* #U[þ[a•ۿXy18,$jX<TD΀(iGk-0pyvF~GO[}]2D㠄Z ٖvpĊW[9vT8#A.I9< "c}$=ͯhzh[~`WV4H uEoLPAK<ۤ$hj9wsj`8NfGvB%$icFPI6]bVv =;| FbgUlUY2kaQ_m{I r"Q&;^͊yc&CyG*H6ƚם0<1ݜgP˘y5$õ@f;ϩqp@WkQ; _a!=uE˽1uKjS- {Ga[Cf zyCƑo5ǹe)Ԁ/I(7h*~CX(6c1~LN;Θ/1h i nJ|iH\)$)JO1ݹ1Z ũݍRjg":ֶj6҆VJSYκc-.5c Pä@xZsNI6vڑÊ ܸE9`ԭ6hmFEJtt^OP~q, Cs$suho[Q|?5gH eVzLT3 meR叼MౝesSg`ѯ1JyhSh]4@FaeoB*0&X=/%xF$Ǧy:P&UΤUBoicEb(v0Y$%-}]nWM*ӊ3HgHԣޣJ9F`ul\"#A:E1/V:9U]b(t(uRCK=p fS}UOun`l̒{N7{秉Id_h{Jov;{amw"Iۋ>!vMy<J6 im^XXK{ BOoPUZ]{PMҗkBy鋯8GMԎwhFRTYtl%W3CIڕ @I!&nRʞvu'_H%2M7E#GHRσJ\#eثj˽DZJ($?ihRL,&wll(R|1Е2;} OBE'BBq<}Z%ۛ rZ"Ws7*02QZJ׸PswR_ hX]b.eH,c=:M>CX9Z;, ʘL<|5̄vzԛsis^M1Ig5(v~՜|MQG"<P#A<EQTeS(tt5@C}p" oIu/<Xa{} `Hz!%LLwz)NL/Ayy FJÕټu{c,SR7FRwNfEJ̐okRARm_EAm)p '#ga]_5 DCYTN~ v'1`+ʠx 7Ir˝%] ؋]g\ cdK"Svk<[QzyD(94oj\7HA €8-FjlŽsb;f#CEd|@L]]Wc2İҬpv3Q 2Itßf/?!|)ciحfZ +wY4 |(D=!ɀoF+Ơ'rxGKt1B^(ʋCw2d: ]m*e&!V0i"6N;qb56}?EW%'LR(^wof4+L'D[[47zp֔DžQY%tʬiP5[r5t Uԥm=367ſ@5c} 2q؝oz,ce|;F7ư /qJ*n>[%o,~TGWw>Sc*ߡE\Y`-+0[RVMU/F1TFTą!?E|B#g8]l%{WMN{YpeVt$UK^o#JO XK{OINB[#m>T=uV }\Gd7Q16,T֩mYk[ˌ~3`/=Ʈ9AaTD,jQ*/8ae.,>#3qI?U]>+yKC{񞱜%Z۷z#ݘRȼm36z+zҤOQ?fUu➱:q r\[# 0ђY^}.YCY8hƍHb!|͒_ARw# B(oMW'R7[b:5S]MO?Hkk ƛAMk !=9@(.˳u7d >3Zenjl/@o#3><`pS;A%"a@CïTw+ \ g)]!f+kޜx+r˖TgrkuSɽ,Eay,-3yYi%WHN̨ɽ!W8#uWGARȇNKo!`Hݛz`+W`~dw-S>c^NA(UMت&jpk.t<7;tAY%WTHazuI_71T3m1x*\S 0pӈOJ#iu6b7+j&0P~+h1O$ǶǨW,H ~|etMz~zA)IzfhfCTJ ŶQB/Y@wkEBh\Q4;'M[R~}Í_'i7؃C:P7:\=:r(=!`pwvq%J'Նe$/l f}!!udC6(W+1W_vB&׵"l|b/C /D-UULBNS^xkW oMQLdVE5V+fƿ#r0>EO^ Kdhx {jp- pu˶+`DLH X v㙲+H*Δ68qpT:ވQiKg7|䠬DE SδeH,IoyQL#Fš=ݯ\;VBZ!愢/r :)ƏLKW!p*N66nyU+`{0ɥV* zS)Ϣb27 M8:ûj1JoLi"I 9G+]֭+i\Ec%X-|X'}]F9N?<(Άbn쥀M?ׁ0vX_A67HvDymݪ1$J|Zp;zATT'۬m[ڟΥEgc2'6bFw5c,N[IIgPf\Jwj#֓+UitUS굧d@87h"ik ic!{l8&\Dt2ϲYkEgk*HpqHVٴᬢIM]QcIwjʔ3Z ZPj B^t4IE!_ J9cSXv;1Xh\rN❳[NX iW:~F+cZ&փU م7gnZtgͧ6ğ OtMCԦ+ 40 [B:k 1gqh3CZxQo!Lk6f$.{^_ѵ*rQ]ݞ@W@0w-99eznJ& +~GJn`b]j+gu]wA Z>%sL lտ|-uŒ'QH62ڏZ5{ y5AI!n _+HݟUC+u)ڈ/kIaŚ;zg"ς8v,mTJ *2yqʁ0|mfDsc&D:04zߢiKËJ ieC{wZ$(%TI5.ǫ_č'- |m hQyl*g"_:]l:]cN&U9Ab:}QٯMT2Vsîǧn#K΁2SdJ%ԏmbR) &8A}'*t Zl9avjoҩmƐ[sQ׳[gzݵt6`&x# P6{uYiT}7;֧Q`.m<1ٍ 5У%0=c‰Fϐ2=I>$ [[|ݎ]ݺyjcM?ZL'.X93]8p&tQiR̄;_I~rJYaY%k%dH:%; EU%ֈ]@g5U4{T[ BJyj_'pp|tĭy"dO9>Iqnc\y $)*Xk>o*[s!b&U/co :n[.]B/ {dQ(Xy8j8UYPUX-+tb- nd;q.:M{O4⿴Ю86\k+XuӷԇٔͅE12j'̡%Y?7sbƬe҈MfYpARϵQˁ#Ȓ`ftdE>v<׀]L sRL  I G6T9h<]BW"{\9G~tl+.?V N+wo޿X)mLU C0K]Z;K#Y2_"0+4qd`F ހdC,tֳ&!" ݅b&wRerlq $4f !=$Sbӝ԰ҿ"#*ƕ-\7<ϏHj0+Fk+(_όbW\ڂ(犃=~E5FLEo9W,5km._;S -$lA:=jt\Ud=Τ)W}Oo? k> LӉ7~yA֜ >dZYOXBHXD볣BC,(aVQĻn3,d+O'Tz>kw=Qp: 2 -I$xĤGX m\RD"2ǻC~ Uln0,p4t,7-1|F6K<1v6?J׋⃗.ܵ-5V2^d٬o`q^Qq:;^0lUJ֑iY<~s, S:bqBYBo= Kf0SQM6D6߶dmj=\&a[5Nd# |FDǥHӇ9#Ā";Yc{Ub!$F7LQS]*m;rFiYZo)1Wx3'B&a_Y0K@~BpqGeՎH*T TS.j{9W}},ꚯ-u9S<dfs@}2ش DPH1 wQ79VHpPp4~=*l.UcAcX ykjʊȐoM jׂEETiG퇻.EW?Z>#o9yl9quU,SQ^:`))bKȂm 7j\侪UyV4V=$R^fƴ}d/ pO艱rgE]U>O "ά+ːMiYJ`|~!o3^z?m.]L Fn?;m+CZ `JiyĽO)h8pf4mѐ@,pZ3(r|e?϶‚kZy}{!Q. &8n :@BXkQI$"NbHYp QT"Ahʐd Oc;\Дڝ%%/ g*j?Cc3R!Of[02^6,mp_0gpk7h}=]=Z%ɊKk13WZB+3Ok\$/"<}Sn^J6&J\~&6+pBb *W:e/Փ~A)iPQUlB"5ޥX*:Ηy1[|)hO3)%*0Oy.^dp 3zָ#66Ζ C.(W 3  ^`z yS.h`K0jDJ7`Jt5 ;0ƱF"|.N (Tx"&h}A d P!B9W!&^2ă.~ajCf\Z%p;TKi\zP;X1߄nZp$[;܋R-'D%k.~ƒrN$43%]dl6Q308 cW4?eOtV"W l,9`ȞqHLZ񥌨x۠}+Mc8{DU{}P=ѽ`IA»46x"H63+U.7_4SڵѬu*4~Ʌbff*GadeJ.uoV(x |者ǷDC ˈʍ2øҳgULɅ:qq˭'aѫG*SbQJ4?w%dUcLn2/[s~=ZT6HΗ-.=|ǻ'xԀR;G^:@S^4kOpm_NS4/B sK?yHvި6RMQ}[q]4F4_{0+XB!E\t6c!:[§M 1̟W/YqBƟ,VFI:8*H?t.4t8iFQwadw mq_3,ylO*pk[%.R@kT$0d |\-VV_bQz˦*6e%0Y?tK yHxrLs+mS6XR)-&􁂎0/a $ y9t_ur&oCƹj[f뗹Fjg%C#Dx시90sFOWء]'? 36sWR%ef[en{$/魜+ecXcIcw6քV4l.3(:zpX69ۇjȶ{y6KopOi媕Ss\Bݿ~2)8u6^l/;熷? EI |eqOr>$i+yț59w>7XB}88L'$wA, a^qHC+=*" )VLSO!H%==z< ʃ@p'Zzl.o*Kƃr3#ZūO6-O x;ISB!r51dN\d/Ɍtvb7 ~.v~x=;n"n([]'uux%[AZFipL9pQON7{_KO؄\3tqೃrV 2>rٖutz:U,$]`t FQ+ϙ818r@{@:=Xи`s$Yu|Y0c`q[w^,ҦM{dۼNyYQlfeh WPjϫ;&#CBÐ#XD%piGzaz !ulcL0-+ӈԲ: ){$xYvH릛; &&/HK\UN\Q!ųnÿSP롋 Uco_5#pN#\8nA6 ($RGZgW]m­ifJ{b'sP~5V6dI FUdrZ"Byo/׵UE_>u~ 0T/a{Xz $_7|!w"1P ЩqispcSce"{_wb-*!7? RukN<68B e+Cr!ev) 1N6h+(.5hze?B9j˵\X;@e6 ^#um?ᜢpL8r#e P풉|L93c2^&">JFf8KMuVM X˚;T O(B rkrCF:"!@pc`Hl-E7`y@GsZ ]8k-]ad88_/B e?E)JwB~,o&2 mi̱"&J/}7*ћ?tX4*4ZoLjb&dxdJ #r%)KFhL3/o)~ŠtRܒC)q?2؛*RL|n7%Cf BP!7^'܇z8Y+QdサܬXrf156 jX%V#2LlpX-7Ld1@ ͻE֦1U |Z8SFtPY Xumڡq.^Ǻ`u‰Ӫ:֛Iz6J>SDީNnzCİ-gA>DksW 1J[9r ShcG1Ac:5k:.^T#ش0)p+;>w;Ҳý="nmU4{A&gT@l T-ծ Q 00 Q!4Aߪɞ7 T#)*QDZh 57c\Ge R~ϘU$WZM M]EYauҒ¥ Cv$ D]9#GU^Q s !5@kc~]_y $,IF7SO pGЪ.W~öՍu Rk>K}k)0"0.rYwh_ɶWl`zA.i1v =[8'U`GK5AbzWIr]|`hqMPG D9sjQ7DX ;yFq$}sdomV hI2g :l: X6 #`a"FurBuJa+U[Po[z)4h{|i~QRVGm(_[h[8-:C8&x)ţq'k(P2فQlgB.$V;'תp{+s<ˆáҷPCH jAFM݃79\;M8SJ.)%Bs;CR}󋅬jz 班ʌczCRUgF) f$w {]ӦFXc{21KW@WɊ܋B+prѲR۾ }^/סbZgyſ㪜4m :oe P+>٘ha >}ɀDy?Rl Ou!;MF_umҶY$*z;R)/d 6M.~D6 N$vJg6Շm~~R4Y힛[,Hh]򣶍P0]nf].Μ2okI1) o4WAERfdNvv!sR%ZJM "i _4%RӘN|jPO%r6%ϔXNBW)uu]|K^,x2׊ SqguC2}qb G ȣlFE4,IJO}} i-[R;UQ:>??NZ -a6O YWB.߀Gah:2$@+66€1ۘ& nPovky`O?/HGtmRGɦQ8V桳˭8md 'sW)t-6]ućrqk?e/K7[ev86G#Ʉ 7^bK׹|jS<`y(6A5>\/VX7Ym7AU+DkO,+I?y˭1]=Fq+6Fyo̹= |mK!W'DwÃ:`jk~cBH;Tu闝*BB[ }ںb]Үi}{[[Yl-ZIeA3iVb b(~[վXѓs#:Խtն28c%3WFRn3* {–?=<{ŵxn&UĀ0 Z!=fiv(OiJmzg `$Q (\oS4 )^ ^T* Hh.q93:4=XC*h&؀ǕH`\W E.i}K_86 rT 9o3dp1WlБ]8Pw`=ץ^2ŕ:.7BFʕZ/Pj$U0@xUE:7j+}3l0PFlEojLB]WG!M&N937fK;"6Fvؑ;WU6$Jm.yy/`$3KZO,գ]5C8sEoAcZ:箴ó-r#YV%1._ . ~6ZvCrzUϵe w!&˝6ڀӶ64枵t ӄxHz+pXݷU'OW-k sv?CI \';Shh[)G` D3mh.)Cj q *N0kI:,~pȮlU -Q/w_\1ZJ)c ;+rRwajSiaa PK%XM;&kd>FdMs75tT;OjkXK%sp-fabpˈ3Z̨qxᲖJ $|H`xJ)ܻMcd[qbJ.M~G}0}K[xu?砿0KD`MZ:w͍ AAL6 mXBS48Pt(.K*J>@") 1XyY/m"nh iU)F.5tJ(o@M!qt|5(ZfnA ֌ullQ V@qyqI_ WH-w-D#3Rn/:`כFjCTdֵwMZ)wme HH?+>X_IiʉHe;r&OP1*-YDfE#B,}6گ,ri5R|G^TnW7ez3xC4 uIVmi7"9C!()Ok͖ն)0,}\)SQx,<);ˋf1 emN} a֍Nv 큝r& 3%گMOZ|RH\pm7vX Cu==gSi=' fU"T4jZ6sMڗnդ{5ڋfzBX4[MT_׃iF'*/MSPzoD7@<BtTZKv1|e ^8.b44;6mkT[=&&ܬ3Ch鬖sEGcb^7dY,K^+~猆ht5? >;=9o:S q/ YY7 <.hK&aon.SF@ .|M$Gs&W nJT}d|vS?w-T Io\D$(iNL֏>@gyq R;O-v)ڝ!g&_X;C!qW{q#/f.fs>uxer^D`( [ILhފߺ#d Upf/*$KI8u Ȩ5т[ =) TPN1Ef%S\=iI^~fEmM&n@U axV^ތ˼Zn$:*j/yCq:mp.Hu1q@M¨HfS w=mKQ:WB8TRͻoS/WxE?& ΕDX^4/=%Vq7#·qǔaWGC;E"-1-^t7J^Seb=u`U8B7hxFۭ2G!E_Xjb ەwr.}7x041JJ%j/gWݬ#7SI\I ٱ!\0+z;SrHB a:?va)uҿ?/A`F&‹ýsTL泘\Y"|F5wC,Su.k@k74Jw\c""MWa0BI BځHU24Uj ݍ*Xs,;f#@ FO\kyS8NQ%bQ}ѽTW 6HVGY% +!0Ffji$nfP"R֑4J~-ubznOdRN&֖XZZ݅x_ u"~5É8cPxﰹ*gSAuS3̠@lXȜk"VaFjr̲bx=ltHCĘsu]5'Z0E\E6sEi^ 8Ȋ1/Ϗ3M37(+*J_ig^3wT)MaݿAz js_]Y!<}8x'0Qv[ .VeX+$O 5nYЩ(yRyֶoqpyH=VTuj“@kK9ssC\+|t结' ?"W𕡍^xGB`҄BF3ʿ6T8nҮb" mXkL[19j{g]3sikQwʑ;-ȵa~䏁*pnYjXiIΡVNK]ʂ-)sdpxt62Q9l&L%OF7Sp=MeDdrain:eDR55Hc&|`^IUFY\aOL sf/SnWEƮN;ڻ.II 4`Qcz 8%Vtguogy÷̄8K ٳo^eUzC%RgĜ{bXRG؋#>|2:IUKH'-8t*ө҅gArđKuޑ);"#]AUrh4 iXi_Q]lI"j.QteOAy]lP'u㻖,4y.4처ưM `Yk!DV#QEp?y#v#jSanvrAKjL#߀Sm%poFPPT嵣Lzə 76U<-_ԖMY@ͥgm'ņ~H0DIY†6جj!>qj__5\V•tଦS}&7Ytn)̤**.G L6;4шV窂{)-A },7`U讁%k m=:9wdw$;l6T9!yIO=KT`8əumOHScZG, jfi)Z31v({E1$oF<@]U1Y`_kܾ_170!f3beUNYg&j0["~\Z%(M\o#`; /˩/jVr5R߃̀͠:kh+>DX8pwXMz'"WFoEFK'E5 yqsA=is ǣSZq :a&- NF@1B}APwz)rO5QLNѸi |z f=Րpf8t )3yn(֫L N qlLT-R}̊ݐW|ee`/vB:L̾v΢p!$ Iʣs@ڮC+hS0ux˱e9p "g?ݛ:F3TK/+mUýi𠴲 Jn d!CYue: \_XopOm5!,O48("AbvhPvXF+=CN"xJiaK73xc4NZtJ-jLfoZR84/e`GwhuAwd-XQݺ9:htLLM:S!퓛FD7xĴ"-@uh7)PduXRO"stlz{ (ͬK\@ʘ(?2e/&4%F{HR!Uْޣ?$u8\G( N%Tۦ64* 0Py0.eoZR#G?!\)CSUV~IºdκZ]G!>!zq4$pG*"!՚ߋ2dd3iHI o+EuR, T]sྥfok$4VGUv̅s pX]rOhɂ-bӮmHI+ZpS5^ވ?s_ 7lJ ϲ/U\UR(/d`NLހTy.^R:> %d@ͤ?"@J!&DZ31.rm(qVve ,pa܃hǰYT$I 4 oqVxOi]bt!/)N%d1XQڏ,kDE0#,Z5s'v#eux/y5Mh4Toc,7j+I}ە߻0O,˫[R^N-5+BEH02oP(,P|E5Lu|^hظgE'v#r7X/b*K{\/ oIm\dGjeG$R19wˍw K9 V}s -aœ,ČV~ML[C}1Y2rV (*@GL4@dlV2{?9]iI,ZWgLǹ39+u婚e][.ery1/-šޣP,-jJ fS|ՀYB%scXz@G=M,t7'{)L%c^ j ThĞCá@O1[#Oiyjcsp5r|(}U3Me#BhٴP$ZJYqEV7Gִ6*)LBoB}~VD1ƪOh[o3B•.(DW\L j!6; %RVߨ"zrW O{Geh<k7]f@kF]ԎW]Q*`zr0=*eKYT"0G<~hșfoa/=u_f kVYToY~4m0ĵif3&M+d*(uyo 2xWM3zXH"M% :%A :=$IB0obBM Ry+bUis@_]BW@<'SylxaP4hfdXV^@@ȱq:Q=c XY>R:uoJmHo>ZrI.uFhX|BvvyewT N\7E/Ĵ` ?vSz1نD|~v1'Uz3ѣ 9(?NbY(}G(_ ﰾa`Bq>C$u0G }DcĔp GT_ԩ &xR2! !ۆ/X;slxz67zH_`ݜp*'a )c +Xx+ p}h d>r@y:֛5rLeUz43t>#]ss?S X A2L{sCF/E[gq}y C:|Xwc)\(\.WbOU lǪܔȅHń:^|m9 z4ڦ>EMbppG cCdt4*j>Úsx;ݼ3RV1T@cWص; BdTW=z/Ԡ|~nz j'|ܬH^$(jws3PW ÇVy7,Pz %XnbǍ~wwia[tN;? !`طD,;¸t`oG 6;ޅ)4Gmaxl1͉gYmRzzŞdIW"DqQ*.9y?0S:Z;rufmӀeD3pVM<Vվ$z d sVa#r ˱ FmYffwXW1}W]CH!A9pLd{>4Q~ܤY#W uu6r64ĞzefЏ!0/}ySFlb_wfhՙFԃ^6=2jnxW?YKnM؆y ԛO5E}^N6*UV 6S<_:IIkSViOb$cG &tVC}&bC% mWV/ ֖(#<E>wE]YW{̨&RtƲlkHze.bPѦ0#gSN$^WJdzqz`{R?,̻&8BcT$#TdSW{(Z/UHj(>ADIĬ۵jRgUlW@w$täշ`JQ3 Jūj ȭ<59_RIG$M*ʭWj{O|v;Lsd&(t7Hwn2߁S'wΪR]kcoAq ԜOz+ٷ]J@ơ ]^aߣe`5E.=$?>&U\fP(ߣ m `,J'Z쟦Ԋd QNg8< P^`($uZw*ePmC0×}a|tuI`Jx,])m,2V "/d:S\ҜlKN`Y} QM }Jle>XA izbFaI< wmbI/Ti` cB lĖIʎK7-~N 127qӅ6 \ӒcwLm{OgQZtEe\tɎzF\ H}C9c#A3f!GFG{6F6/'rA,STj6̺m4뗳 4ѶN-?"Na>Txk{(M~n(}8otܾM'푈ϺR%}_sBZ$^bByφf. =t+>wI:\p7FKU$ŷŹK=oE.W9N$cunIoB[uPK  ?Ͷ~Iyd~=T`9{ǙShRpv`d7.O@R5 HkY_q uYhkeΩ} INL $P~a ;G(/iS=JT8ATc׭ vXm 5ᵇ/#{hOa`Ÿnx[T3R{1jɯnXf"@}\Y{ خ 2h܉1bm&;5j%<2OK7DV43gy&+0)Uˆ;8H2Fk}q Mt2Tć>EP!VJ6sͤ j"Y݄l*+R^Z, d+LFFh~cXil܅GV|p"pW" MвʼnCL!U9g3,Lv#s*.ww#'gtj[ p݈d|~V2ѧW26y{sE]GL3E[푿.4=&rDt5iegp(q|-moC1'ebӣeߙlUeq+>Mk1r VrovT&xhS3E6kl`a^(Qm=#;*ӑI_Z+ SXWBu>)3RA:V&Zu/*'5S|[f/Ud}0$\2Z;%5u| VO*V`=l*;`&D˲ɦ//=Cft+>,u|'BJF0u 0b_c Rq!m'>[x?dCe? v-M O/ 'IU@>#ݸe'7)ٳ SAM2n'*A awAhna0f+Q~`4BP-(dJbTG}l<{63+ $b?#.O:Ȯ33?sV̏i$BHCo8@ٲQ{K4^=zdR~6GOi4 A6U|^;R!&ZJcm+(y#cL^Zlir X}{(Oznv'$xhs^ћ8]]<$U'6Xz{yQ9F8,{:$gFQ>_7@WWʧfC~XG0 fBPh 8-8s}71=4H7w}*;9\ܨ *.M|k*,eE|RzCk8#QNo_hPXJ-S u1~0Mꈘ3v(x@ьY# ӎ0a:].=e-- lYYax"EB3g? _#@a(SNMhd|4iܩ1{unU^iM] x1ֺS}4 X)ΰKE6 `Wt&\W-j>]qĮJNQ-dVڧ.gLkV,c͸+ 2M3Ijt4 2eLlbиrQ(^p:"PY;zCp9#eoGk#"/q\u~kZHV愎xV1NRu G wMA%fv]X %6Kv hbK>gEN[=8n kx40%#f.;n&L~TYVu> _r HfH. e3i0 Ic2tMFͳ͸oFi%r $lfE1hLCny؝Ά g~H`!7"S^`CE?8C cɈ[J ;nE){ ,bA%*8hwxZᅐ6_;#U{hP,\#'85#.EZUǹE >뷞Z.E#/DpW꼺/9BŭzxK}SCzHP_^GszcKre9PzYU!E-.MBD=XyI_nY we2Ϋ]M厕%Hn- Zbr:%4f{v|l/S۽!"R*֒udj[t(wMα3W$4\fe7(T)d:ZQn]{,R~$:5BGRUe bE(=#^6(.V?3T'={_TZʨB}B 3"[nq;ʽ-e)dt$=r-uƹ(q dܹJ?)|!` ؘ S6 zԳx/"ƸaAp.2ɫK l?0' m<ҿF3ӜBIyqljJD7=(OlZegÇ]';c= hZG+sϤv.fv>b:%k?(0Yt""{o)􉿄;ڤry@uю/; m&~4q5<_abj{r+4!c1B1qs1gJn4T-^ 奦MP>'Z˦N |Fh%l1Z wފ8X h;tbH%u++fo/2bطԆGUx>CROk6d"#! I{lg,2bCDe/M]FtAaE)CpPi=Y%USEigvnY?2=*xrpg<<w$>.}E3rXp>=:~1X_ ƱMt^^%| l>r!*-S&ӑcͲPioRp넯LT:*+ՠ T't䵨inuȥNܖ3 ꀲth BjPq &^]7yڜ3I"*,wS buB"x^B{Qh`Pa|eݧښ02r@>ajΡ &L$!bqr =7f5Wޱ+Xժ1Ljy/{mAKf4X$ PQс#o,iD$o>cFO;(KX)/&LWlOZ긂S"Y)kAԟ ƕ~'=oxebqXe nX?{F-JuXvwIf 5%iix"dl1\(,L t"E=Z tI!S/EK1ґMCFXo < XxPb4R.q!mlȓB;/"+ 0!Q WzMl4jcGuR_f(4¾b]zz8mV7a%f [us{v1BYA .TkLZؕPkWÛ1c`J{Ƞx~ zl:;X8Z$t]|q 7|dՂG ns)qkSh}JfyJKΔȶ"ʦc a4ղR/Qs럀% BT3ka'*|«ut\0T:<~%!qCxk^e%IHzU^)_c KAndtuje5!NW?= tJkAysh6)|n$.GQdkIEkUl F";pӈUʉ5ꔤ\p(vpfEAsJwKZٹfc-X$^7%.+X)fIY>`*HrD13,$CT ٜe;kMY ##7ɼ#sMMHn> ‹*r|!plۢY(Am.=QH#8AO]/B )nzXDW(~u $O+s,=K* }v1~hLhJY_|X/2A[b]G QFlGPрp^jȷ[P6by<<\lV f)l$ŏ] }.eǛB]t26n~A$j%`ы k1]A|e`r>G.6ڷKlR8VI$䳓,K&y*deeP @Fg9osi-{gVbدkh@YX \:&9ݹ`sC#WqT;Z (oݲϽ8|kRkexohjE@  EZwЌT'Z~}!"NIŀ(È3t_>pP%95*ZLؐF'3WCO>a!M sޜMFhna{Sxm3YތKaZ*~@msNVu,dE ׭2#:(p>XװXmEjt,qN?ePŗف'23ʁ mctԚ ~M΋`\}`^p-jNKy[v;I2H&I!rr؄5j@)]倥(UρD}YG !(5#,=N4O=}5).=Aс UdX# cjJ;Xd ,NW~tOOhu3ɩrޯGfJd&m,m.~@02Tf21;%=O7%-虚6v`[֬9-I*m YuI 2п2 vQTө55cƫ^Kpٍ\bfd/)h@,tC|z gM<՟\9*-UoTכơE6SUb|>G܏Peia!hL2wۑm lHhWc ;x51똠AhLq)G_Qܔ:2$U~ `mm ^%Gb!9xĕ~WTuבoAɚ1Np{sP;b1IYul7p페\L?VJp$o|PKIIe#4[Wfr>~'r;JꥃUs K3*fK#:f(1tpWp$Al Y\-eC7ǣYא|eI4E BGO Q[xSYTCN 1Y%[6:q} eT,YjTؽ@4zH1z؛t~ _ۨy# ~h?le6 egDpR A.΋͎-IAph}GiMZ`Ww|Si]~y\P {l :+ed>8# W%* $4F< 9)X]5%`+- hdǙgo+A;Frؒ_)̖k=*/bRqcȲ= : k?[v xuՋ#Xܴ8o)gsRH7#*]ϼΞꋜXYyW!iijSzӫ 2F>^ 8M[m'lg!9^ }ǯLpC UW=cFC\6Mla3T|Ub3D*EM{ƠJRD@ӥhdRGWiVmVSh~'%((}p!vh7b7@Pđ*۷g@$A_*>7> yʷJfMA"_\y(c5r_[2 ۉߒ̺ܲٛ(?ǁ:"rpHүwK˲8+1zpWwο HM8Wiy7dVeOLmvJueѱaN?8[mb/䍼Wh XQ6%h4wz?,j%~q'*'xfZ{Lz0#m-UEO[BN(t5Κ+gVs!л!zJD~2ɢ6(6c1^km Tq>eG֌?u/IF];/:+Pɢ?KHՖ~$#&@R 5&wT)XmfCřoQ2[84$$\āqYi>7ũژYc$} \W4E*[/lBjG0,PEFWA0| m{˹c=Y?+& cc|20 2/G(d<2?P%pig/>c +>!LĪ\j&*k^JIO-#:;9B'ґ0=+>b^-m찯4ѓJv6`.%)gP R {1aW spwYIםwF(_yIcwQ:O