������xen-doc-html-4.10.4_06-lp150.2.25.1����������������������������������������������������������� ���4���>�������$�����������������������
�����������������������A�������������������������������������������������������������������������p�����]�q/=��^���/U] s=�&vw�yzB?/��
~h_��w��Qm�A>a6G7^�
0/^5�v[Ü(�|*�ifε5vɬ�]zXRr0'�Q8^~hk.I%�zFT�`re�C�K>
Kl!bAe#"T˃!xA6gF[)�d
ƘjV�� fR=�-BN�Bge1af6c7ca4d4b9cae7ba48f75b9a4a7be947f333�ba59ba5b38054ffcbcf160e98742bed2a4a2b4a5e7ce91a3f5e7ec5c452487d8����������]�q/=��0K�8�G�Ux2``��$VH�YZ�8\8��T,oWh`=�?qĚ4|aĻP,
�y3'd@t̰6r.3wE{
�2�߮{`�B�dfY0C25�PD8S`
2KϷ�XS.@�HvBc)uߍdTܹa-c08�BjVyI�G6gPSqˏ���l��JI�{1ɖN��K9��se��jc��yx�8OqdWH� _�������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������>����p����������������9��C���?������C�������d��������������������������������������������������������������� ���&���������� ���M������������������������������������������������������������������������������������������������������������ ��������������������������������<��������������B���������������L���K�����������x���K��� �����������K���
����������K��������������K�����������[���K���
����������K�����������$���K��������������K���������������������������8���K�����������d����������������������������������������������������(���������������8������� ���!���9������ ���!���:������3���!���G������5���K���H������6���K���I������8 ���K���X������8l�������Y������8t�������\������8���K���]������9���K���^������>=�������b������@(�������c������@�������d������A^�������e������Ac�������f������Af�������l������Ah�������u������A|���K���v������B��� ���������C|�������������C�������������C�������������C����C�xen-doc-html�4.10.4_06�lp150.2.25.1�Xen Virtualization: HTML documentation�Xen is a virtual machine monitor for x86 that supports execution of
multiple guest operating systems with unprecedented levels of
performance and resource isolation.
xen-doc-html contains the online documentation in HTML format. Point
your browser at file:/usr/share/doc/packages/xen/html/
Authors:
--------
Ian Pratt �]�4lamb21��� -openSUSE Leap 15.0�openSUSE�GPL-2.0�http://bugs.opensuse.org�Documentation/HTML�http://www.cl.cam.ac.uk/Research/SRG/netos/xen/�linux�x86_64��������������������������o�������������������������������
��K���BJ��@����������������6�����@�����7d��$r����#����������B���������������������������W��
%�����
�������e�����
���$��,��7�����6H��"y���j�������1������)�� ��<��3�����
���"�� S���z��2��9���������������������ZZAAAA큤A큤A큤A큤A큤A큤A큤A������������������������������������������������������������������������������������������������������������������������������������������������������]�K]�n]�n]�L]�n]�n]�L]�n]�L]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�n]�O]�O]�O]�K]�O]�K����e171864f5cfbf7c7b3fecd9b9fbeb3da9e87f63a7284ee52eeed093f8ad303ec�f53beaf653f26eae12ff7ced3bf0735dbedad0d8baf45d31e32d33e0b868bfa9��54e980d65bcde307bad2efeab9640ef5c720b4ebc78ac8cc1eb48bd6134a5280��b3422df9c1ad850ce9b456e83713da51f123c2286cf1f9fd4eb97f57c3eca9ad�b90e1dc177d8ffbffeaf36a094b262001673e94d8769d118c7a2c29c53904f5d��6e53bebbfebe06de376423d6d2f7fec4c016c39c16dc2ce9d06ce4476b57f44c�bb68ed2cb6a4b54d6feec738d3463a49faf9e2ca9bba572d7ce9da6cba00f4ff�2c53bc0e7a8d89ec8e6bba2ce1cafee74376d7217724cbd31656a42c26752d11�c617598408f11b6494cc987064060296baa1fe3bf1c41e14de9d6ecdf7196177�69c6ea34b0f7688c4e53b0f1e9a65f44cec0d161a3514947966b5190c92fabee�2a85512043aade40979b27cba1dc61b000fe9fcf1e9548ece8ecf57ba6ed18c7�851050a5d238d9b38e13e23f494782688926fa6c7aa008016b3ea433277f32c6�d7554269b2dc588684a32eea5da8b59ef1347b8fcebabf743127a8d51f8ed283�8120ff82f7b4f74c4c6ef131e9ab6b6c731b94d7e25f5a5a55add95767e13e7e�d07b7ee778bc7d235842e6fbfb0e33f9459e0d93dea5311bd00894c6495d7e8f�e466c9be077fa0ef0ced23a246e92d14cc0cc8fd757931079cf928689b544b32�6b03382516373fc9221dc98277ed58043f0d5b49a8cf0913e57e5e47220c2c96�9dad085c979eea4c5f6e1ca0e67e04d3c61fd004a2c706af0ab31c3290204794�9a8c771f2fb58d22ee3f0764495a5a3a33d4b3fbe946ff9f9db3734ec8b211ad�64fe308c11ae188b9cd59bc737047271e9b6831c15227da0a3d4a6b3e6327189�ec6ec62e0ed44cadb13087b09edb544a567bba0868878648fa08b56d1f814a31�c1dc9c7b00f8beeb7471ca92cdc3edb3dc56f696ade3474d58a9964ec4b375af�a4a275b105f4a19cdc263a1ccca2876fb4f06ca6279cb7fe93c61e846fdda3d3�b3e1c4bbda2c55f72a5a5a11d272e7d4ce4bb5c2d12c4c2d6b40de640b4912d3��df5076c347e7cad2371f3dc0bc10c6877c8f5251a5a57ddc6c79e1f9b532f89f��fbf590c80aef40b7e6ab58cefe9e4351ef6afaa6bcaf4e55d7809df6392fdb96��aadfa0507b89d930b9500c7a95869685253e2082a4d704ad9ab9a720307e4e19�4f12fc75ec5d91d3942e661e3068ec7a290f1896b23f6f574703ca5d3242079a�4faf9f22847781296550c42f0955595f5f23eff9cf7b00ca27ee70988aaee9f7�ec2154a382909b7652464c29ad603492e27c76bd7d0de3b5198d0867fe0a75eb�d93bafe2e73cf681a88dca3217d79376c353ff4e1e5ecee8c41c70e11b8c9e2d�1e6d49bc98608f628aa5a910c433a17e2ede92773435ca0bbd4ab3bc88fd089b�7bf3a73bdcf56aa5df3f94e730678dae5f6683886143660de48db28ecf7c6852�738b1644bb9c4dfc41af8064e2a518120b48fbc4e08145393f66b0c5a021e938�805815382a3a07bbbce6e4badf8566a6241c4d357f44ea2c5b96b4340205d3af�91b95599c26b803f2c8bfb407d7ea7de55a783c40780dcb7f993af187e4d4200�a7cd1ffaf63b68eb2cc3c3d663847edfeeeed22d3b1039b423ec94b5198ad7da�ba0315ada992171ac097279a5924539c83bc431e243edc9efd772f673fd5301b�c159111fcd005b864ab1f4b803e059590043471e04d0ac7ec96fe74dbf857c00�3a9b4163966919de58c0d14d493b5d7c6826e43bd61f2eda3c2a4a33fd26f285�982fb97cc7b4730fc7c1c5289c87cc4d1dfe6184c7908079cfb34de8b6d4d200�623779cd80c0e754ea39d27b5754be3f24f6f40be56957ec3d705f3cf234da2e�2c80a00b3c661489ab62333993243951154c8ffe56cf475ebcb8a54982ecbd14�5cbe19ee58416bcf16a88f474895a8626db19ae5f3654c894d7337bcf72c1fc5�9037f947f713649a84322888eb75d9dad867249c4c135787affea14ee1cf2c50�b4403362cc91e5249e9a32270b77e1d08f1217206215cbdcbd7b4f179b7787b0�e2cfbad142d02f0888f843af76344082251a554e5769516a18e9ec2109c44bae�b1f10e378ccf028b0040d857506d6a2f9f9f7202547fb83347ebc6cf52cf4d32�d0b149f51c8ce25e5f729f175c66f6512fd0c6b414be570b5cea99cb9eee95f9�28d603a99a49af40bf7589771dd6810ba68ffd01c20c7d7743ec76891e07a485�1f086e043731368850e313269ca98ab91c156529ac3b961a67f54a522ef09396�5d6be4431b21e9ec2fc3e6c70050a26c3c78777e5200cad4282b96411eb4c871�e9845d2b4b1163c8f2f71b3f232161df132b103360ee3fb48495eabd71c2be87�437b2d33715486da3e3443c567a5b9cb6b8f54c07b3fac562cc7f7d20c570e6d�f66605f996aa6d38f8234276f2b8fa5c54a10903b7fa29d49d6dbdae30ef984b�87af4bf000adede9346df973764ddf1073b60758e73caa479a3e676ccfdc95d0�c4151eb9d4bb2e16e25f710099b13ab6c7b0dec076e76d504e091cf2642a805f�8128ce2d59c9e5bfebe0a433ae1306e8a719631f940b74c2751182c03bf29543�9a80dbf1fabbfc82ede8ce1fe4f43a5c4bb36450cafa0e20cb488f196d3031a4����7fbb5ab8dcc90c9f7324d04f38470b2ce38098499b9b28d6add17b885523927c��9a85a5223611ec41b4284133d6e2ada83e7b12bbbff004963b7c8e1dbe8f49ff�����������������������������������������������������������������������../html/misc/crashdb.txt�../html/misc/vtpm-platforms.txt��../html/misc/xenpaging.txt���������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�xen-4.10.4_06-lp150.2.25.1.src.rpm����xen-doc-html�xen-doc-html(x86-64)������
���
���
���
rpmlib(CompressedFileNames)�rpmlib(FileDigests)�rpmlib(PayloadFilesHavePrefix)�rpmlib(PayloadIsXz)�3.0.4-1�4.6.0-1�4.0-1�5.2-1�4.14.1���]d@]@]@]]@]@]]#0@]�;]�@]�@]�:\@\ޢ@\�@\\\8\\�\@\~d\w@\n\mA@\f\N\�[k@[@[][t[[9@[qr[i[Y[6�@[0@[0@['[!�@Z@ZnZ�@ZZ@ZmZԐ@ZZZ@ZZ}@Z}@Z}@Z}@Zz@Zz@Zo�Zk�@ZV�@ZS]@ZOhZ:PZ1�@Z.s@Z&@Z�OZ�OZ� Z� Z� Z�@Z�@Z
}Z�C@Z�Y�Y�Y�Y|Y@Y{Y*@Y5YA@Y4YY�YbY�Y@Y3Y@YJYJY@YYV@Y�@Ym@Yw2Yp@YlYh@Yh@YS@YJ_YI�@Y5GY0�Y-^Y(�Y"Y�Y�;@Y�Y��Y�@Y�tY�.X@XQ@X@XۡXg@X@XƉX@X @X@X@X�@X�@XXX@XXXwoXs{@XlXWXRXQ4@XEVX43@X.@X*X lX�&X�@X�X�@W@W֘W֘W^@WiW:Wt@W.@W9WW@Wk@Wi,@WbWZWZWZWYZ@WV@WEWBW=W;�W3�W1@W1@W,@W(W(W(W(W(W#LW�VbV(@V3VJVxV'@VV2V͛@VŲ@V`VwVVV=@VV@VHV@VvV%@VV<@V@VS@V�V@V^VwVqR@Vn@VXEVUVTQ@VMVMVMVA@V;DV9@V7P@V0V*!@V V�@V�CV�V�V�f@V�qV�@UYU�@U�@UUݪ@U�@UnU4@UUK@U�U@UU>U@Ux&Un@U\w@U[%UUUPUKSU>$U6;U%�@U�U�@U�U�U�.@TgT-@TT@TZ@TZ@T@T�T@T5T@TLTLT~@Tl@Ti@Ta@THT?@T=�@carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�ohering@suse.de�jfehlig@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�rbrown@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�jfehlig@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�jfehlig@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�ohering@suse.de�jfehlig@suse.com�carnold@suse.com�jfehlig@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�mlatimer@suse.com�carnold@suse.com�cyliu@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�rguenther@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�rguenther@suse.com�carnold@suse.com�meissner@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�- bsc#1155945 - VUL-0: CVE-2018-12207: xen: Machine Check Error
Avoidance on Page Size Change (aka IFU issue)
xsa304-1.patch
xsa304-2.patch
- bsc#1152497 - VUL-0: CVE-2019-11135: xen: XSA-305: TSX
Asynchronous Abort (TAA) issue
xsa305-1.patch
xsa305-2.patch�- bsc#1154461 - VUL-0: CVE-2019-18424: xen: XSA-302: passed through
PCI devices may corrupt host memory after deassignment
xsa302-0001-IOMMU-add-missing-HVM-check.patch
xsa302-0002-passthrough-quarantine-PCI-devices.patch�- bsc#1154458 - VUL-0: CVE-2019-18421: xen: XSA-299: Issues with
restartable PV type change operations
xsa299-0001-x86-mm-L1TF-checks-don-t-leave-a-partial-entry.patch
xsa299-0002-x86-mm-Don-t-re-set-PGT_pinned-on-a-partially-de-val.patch
xsa299-0003-x86-mm-Separate-out-partial_pte-tristate-into-indivi.patch
xsa299-0004-x86-mm-Use-flags-for-_put_page_type-rather-than-a-bo.patch
xsa299-0005-x86-mm-Rework-get_page_and_type_from_mfn-conditional.patch
xsa299-0006-x86-mm-Have-alloc_l-23-_table-clear-partial_flags-wh.patch
xsa299-0007-x86-mm-Always-retain-a-general-ref-on-partial.patch
xsa299-0008-x86-mm-Collapse-PTF_partial_set-and-PTF_partial_gene.patch
xsa299-0009-x86-mm-Properly-handle-linear-pagetable-promotion-fa.patch
xsa299-0010-x86-mm-Fix-nested-de-validation-on-error.patch
xsa299-0011-x86-mm-Don-t-drop-a-type-ref-unless-you-held-a-ref-t.patch�- bsc#1154456 - VUL-0: CVE-2019-18425: xen: XSA-298: missing
descriptor table limit checking in x86 PV emulation
xsa298.patch�- bsc#1154448 - VUL-0: CVE-2019-18420: xen: XSA-296:
VCPUOP_initialise DoS
xsa296.patch�- bsc#1145240 - [Migration]Can't pre-allocate 1 shadow pages
5d70bfba-x86-shadow-dont-enable-with-too-small-allocation.patch
- bsc#1137717 - [HPS Bug] Unable to install Windows Server 2016
with 2 CPUs setting (or above) under SLES12 SP4 Xen Server on AMD
ROME platform
5d89d8d9-libxc-x86-avoid-overflow-in-CPUID-APIC-ID.patch
- Upstream bug fixes (bsc#1027519)
5d419d49-x86-spec-ctrl-report-proper-status.patch
5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch
5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch
5d4d850a-introduce-bss-percpu-page-aligned.patch
5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch
5d6524ca-x86-mm-correctly-init-M2P-entries.patch
5d67ceaf-x86-properly-gate-PKU-clearing.patch
5d779811-x86-fix-CPUID7-0-eax-levelling-MSR.patch
5d8b715f-ACPI-cpuidle-bump-max-num-of-states.patch
5d8ce179-sched-dont-leak-XEN_RUNSTATE_UPDATE.patch�- bsc#1145774 - Libivrtd segfaults when trying to live migrate a VM
Fix crash in an error path of libxl_domain_suspend with
libxl.helper_done-crash.patch�- Upstream bug fixes (bsc#1027519)
5d08f651-x86-AMD-correct-Fam17-checks.patch
5d08f68b-x86-AMD-limit-C1E-disable.patch
5d160571-x86-cpuid-restrict-OSXSAVE-leak.patch
5d1b395a-x86-MSI-fix-loop-termination.patch�- Update to Xen 4.10.4 bug fix release (bsc#1027519)
xen-4.10.4-testing-src.tar.bz2
- Drop the following patches contained in the new tarball
5bc4977d-1-XSM-remove-unnecessary-define.patch
5bc4977d-2-XSM-introduce-boot-param.patch
5bc4977d-3-XSM-SILO-mode.patch
5c7e6f86-gnttab-set-refcount-for-transfer-copy.patch
5c7e6fe8-IOMMU-x86-fix-type-ref-counting-race.patch
5c7e7008-x86-get-rid-of-bogus-page-states.patch
5c7e7020-x86-make-coherent-PV-IOMMU-discipline.patch
5c7e70c6-x86-mm-L2-unvalidation-preemptible.patch
5c7e70e2-x86-mm-L3-unvalidation-preemptible.patch
5c7e70ff-x86-mm-dont-retain-page-typeref-on-IOMMU-fail.patch
5c7e711c-x86-mm-properly-flush-TLB-in-switch_cr3_cr4.patch
5c7e714c-x86-pv-rewrite-guest-cr4-handling.patch
5c7e716d-x86-pv-restrict-cr4-fsgsbase.patch
5c7e7192-x86-pv-toggle_guest_pt-TLB-flush-for-shadow.patch
5c7e9d9c-x86-mm-fix-GP-0-in-switch_cr3_cr4.patch
5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch
5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch
5c87b6c8-drop-arch_evtchn_inject.patch
5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch
5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch
x86-cmdline-parse-fix.patch
5c8f752c-x86-e820-build-with-gcc9.patch
5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch
5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch
5c9e63c5-credit2-SMT-idle-handling.patch
5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch
5cd921fb-trace-fix-build-with-gcc9.patch
5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch
5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch
5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch
5cd926d0-bitmap_fill-zero-sized.patch
5cd92724-drivers-video-drop-constraints.patch
5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch
5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch
5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch
5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch
5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch
5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch
5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch
5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch
5cdeb9fd-sched-fix-csched2_deinit_pdata.patch
5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch
5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch
5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch
5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch
5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch
5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch
5d03a0c4-6-Arm64-cmpxchg-simplify.patch
5d03a0c4-7-Arm32-cmpxchg-simplify.patch
5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch
5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch
5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch
5d03a0c4-B-bitops-guest-helpers.patch
5d03a0c4-C-cmpxchg-guest-helper.patch
5d03a0c4-D-use-guest-atomics-helpers.patch
5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch
5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch
XSM-fix-Kconfig-names.patch�- bsc#1138294 - VUL-0: CVE-2019-17349: XSA-295: Unlimited Arm
Atomics Operations
5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch
5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch
5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch
5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch
5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch
5d03a0c4-6-Arm64-cmpxchg-simplify.patch
5d03a0c4-7-Arm32-cmpxchg-simplify.patch
5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch
5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch
5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch
5d03a0c4-B-bitops-guest-helpers.patch
5d03a0c4-C-cmpxchg-guest-helper.patch
5d03a0c4-D-use-guest-atomics-helpers.patch
5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch
5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch
- Upstream bug fixes (bsc#1027519)
5bc4977d-1-XSM-remove-unnecessary-define.patch
5bc4977d-2-XSM-introduce-boot-param.patch
5bc4977d-3-XSM-SILO-mode.patch
5c87b6c8-drop-arch_evtchn_inject.patch
5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch
5cd921fb-trace-fix-build-with-gcc9.patch
5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch
5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch
5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch
5cd926d0-bitmap_fill-zero-sized.patch
5cd92724-drivers-video-drop-constraints.patch
5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch (Replaces xsa297-0a.patch)
5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch (Replaces xsa297-0b.patch)
5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch (Replaces xsa297-0c.patch)
5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch (Replaces xsa297-0d.patch)
5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch (Replaces xsa297-1.patch)
5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch (Replaces xsa297-2.patch)
5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch (Replaces xsa297-3.patch)
5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch
5cdeb9fd-sched-fix-csched2_deinit_pdata.patch
5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch
5cf0f6a4-x86-vhpet-resume-avoid-small-diff.patch
5cf16e51-x86-spec-ctrl-Knights-retpoline-safe.patch
XSM-fix-Kconfig-names.patch�- bsc#1138563 - L3: xenpvnetboot improperly ported to Python 3
fix-xenpvnetboot.patch�- bsc#1129642 - L3: xen domU loses attached pci device after reboot
(since dom0 upgrade to sle12sp4)
5ba5188c-libxl-keep-assigned-pci-devices-across-domain-reboots.patch�- bsc#1133818 - retry XEN_DOMCTL_getpageframeinfo3
accessing the list of pages may lead to a temporary EFAULT
backport a mainline patch to retry the domctl, which may fix
live migration on the sending side
libxc.do_domctl.EFAULT-retry.patch�- bsc#1131811 - [XEN] internal error: libxenlight failed to create
new domain. This patch is a workaround for a systemd issue. See
patch header for additional comments.
xenstore-launch.patch�- bsc#1079730, bsc#1098403, bsc#1111025 - live migrating PV domUs
simplify and fix the required change. The previous variant broke
PV with device-model
libxl.pv-qemu-migration.patch�- bsc#1120095 - add code to change LIBXL_HOTPLUG_TIMEOUT at runtime
The included README has details about the impact of this change
libxl.LIBXL_HOTPLUG_TIMEOUT.patch�- bsc#1111331 - VUL-0: CPU issues Q2 2019 aka "Group 4"
CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
xsa297-0a.patch
xsa297-0b.patch
xsa297-0c.patch
xsa297-0d.patch
xsa297-1.patch
xsa297-2.patch
xsa297-3.patch
- Upstream bug fixes (bsc#1027519)
5c7e6f86-gnttab-set-refcount-for-transfer-copy.patch
Replaces xsa284.patch
5c7e6fe8-IOMMU-x86-fix-type-ref-counting-race.patch
Replaces xsa285.patch
5c7e7008-x86-get-rid-of-bogus-page-states.patch
Replaces xsa287.patch
5c7e7020-x86-make-coherent-PV-IOMMU-discipline.patch
Replaces xsa288.patch
5c7e70c6-x86-mm-L2-unvalidation-preemptible.patch
Replaces xsa290-1.patch
5c7e70e2-x86-mm-L3-unvalidation-preemptible.patch
Replaces xsa290-2.patch
5c7e70ff-x86-mm-dont-retain-page-typeref-on-IOMMU-fail.patch
Replaces xsa291.patch
5c7e711c-x86-mm-properly-flush-TLB-in-switch_cr3_cr4.patch
Replaces xsa292.patch
5c7e714c-x86-pv-rewrite-guest-cr4-handling.patch
Replaces xsa293-1.patch
5c7e716d-x86-pv-restrict-cr4-fsgsbase.patch
Replaces xsa293-2.patch
5c7e7192-x86-pv-toggle_guest_pt-TLB-flush-for-shadow.patch
Replaces xsa294.patch
5c7e9d9c-x86-mm-fix-GP-0-in-switch_cr3_cr4.patch
5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch
5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch
5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch
x86-cmdline-parse-fix.patch
5c8f752c-x86-e820-build-with-gcc9.patch
5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch
5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch
5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch
5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch
5c9e63c5-credit2-SMT-idle-handling.patch
5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch�- bsc#1079730, bsc#1098403, bsc#1111025 - live migrating PV domUs
An earlier change broke live migration of PV domUs without a
device model. The migration would stall for 10 seconds while the
domU was paused, which caused network connections to drop.
Fix this by tracking the need for a device model within libxl.
add libxl.pv-qemu-migration.patch
remove xen.bug1079730.patch�- bsc#1026236 - add Xen cmdline option "suse_vtsc_tolerance" to
avoid TSC emulation for HVM domUs if their expected frequency
does not match exactly the frequency of the receiving host
xen.bug1026236.suse_vtsc_tolerance.patch�- bsc#1126325 - fix crash in libxl in error path
Setup of grant_tables and other variables may fail
libxl.prepare-environment-for-domcreate_stream_done.patch�- bsc#1127620 - Documentation for the xl configuration file allows
for firmware=pvgrub64 but we don't ship pvgrub64.
Create a link from grub.xen to pvgrub64
xen.spec�- Upstream bug fixes (bsc#1027519)
5c6d7b01-x86-pmtimer-fix-hvm_acpi_sleep_button.patch
5c6d7b35-x86-shadow-dont-pass-wrong-L4-MFN.patch
5c75615a-viridian-fix-HvFlushVirtualAddress.patch
5c7561aa-x86-shadow-dont-use-map_domain_page_global.patch
5c77c30b-x86-hvm-increase-triple-fault-log-level.patch
5c77e5c8-x86-nmi-correctly-check-MSB-of-P6-perf-counter.patch�- bsc#1127400 - VUL-0: CVE-2019-17348: xen: XSA-294: x86 shadow:
Insufficient TLB flushing when using PCID
xsa294.patch�- bsc#1126192 - VUL-0: CVE-2019-17342: xen: XSA-287: x86:
steal_page violates page_struct access discipline
xsa287.patch
- bsc#1126195 - VUL-0: CVE-2019-17343: xen: XSA-288: x86:
Inconsistent PV IOMMU discipline
xsa288.patch
- bsc#1126196 - VUL-0: CVE-2019-17344: xen: XSA-290: missing
preemption in x86 PV page table unvalidation
xsa290-1.patch
xsa290-2.patch
- bsc#1126197 - VUL-0: CVE-2019-17345: xen: XSA-291: x86/PV: page
type reference counting issue with failed IOMMU update
xsa291.patch
- bsc#1126198 - VUL-0: CVE-2019-17346: xen: XSA-292: x86:
insufficient TLB flushing when using PCID
xsa292.patch
- bsc#1126201 - VUL-0: CVE-2019-17347: xen: XSA-293: x86: PV kernel
context switch corruption
xsa293-1.patch
xsa293-2.patch�- bsc#1126140 - VUL-0: CVE-2019-17340: xen: XSA-284: grant table
transfer issues on large hosts
xsa284.patch
- bsc#1126141 - VUL-0: CVE-2019-17341: xen: XSA-285: race with
pass-through device hotplug
xsa285.patch�- Update to Xen 4.10.3 bug fix release (bsc#1027519)
xen-4.10.3-testing-src.tar.bz2
- bsc#1114988 - VUL-0: CVE-2018-19967: xen: guest use of HLE
constructs may lock up host (XSA-282)
Fix included in tarball
- bsc#1120067 - Libvirt segfault when crash triggered on top of HVM
guest
Fix included in tarball
- Drop the following patches contained in the new tarball
5ae31917-x86-cpuidle-init-stats-lock-once.patch
5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch
5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch
5bacae4b-x86-boot-allocate-extra-module-slot.patch
5bae44ce-x86-silence-false-log-messages.patch
5bb60c12-x86-split-opt_xpti.patch
5bb60c4f-x86-split-opt_pv_l1tf.patch
5bb60c74-x86-fix-xpti-and-pv-l1tf.patch
5bcf0722-x86-boot-enable-NMIs.patch
5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch
5bd076e9-x86-boot-init-debug-regs-correctly.patch
5bd076e9-x86-init-vcpu-debug-regs-correctly.patch
5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch
5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch
5bdc31d5-VMX-fix-vmx_handle_eoi.patch
5be2a308-x86-extend-get_platform_badpages.patch
5be2a354-x86-work-around-HLE-host-lockup-erratum.patch
5be9634c-x86-dom0-avoid-using-1G-superpages.patch
5bed93e1-x86-hvm_copy-no-write-to-p2m_ioreq_server.patch
5bf4118c-amd-iommu-fix-flush-checks.patch
5bf41242-AMD-IOMMU-suppress-late-PTE-merging.patch
5bf41311-x86-dont-flush-after-L1e-update-failure.patch
5bf41331-x86-shadow-move-OOS-flag-bits.patch
5bf4135a-x86-shrink-page_info-shadow_flags.patch
5c011aaf-x86-dont-enable-shadow-with-too-small-allocation.patch
5c17ce93-x86-hvm-correct-RDTSCP-intercept-handling.patch
5c18f5ad-x86emul-fix-3-operand-IMUL.patch
5c190203-x86emul-work-around-SandyBridge-errata.patch
5c3608fa-fix-MEMF_no_dma-allocations-for-single-NUMA.patch
5c3dd8fa-cmdline-fix-strncmp-LITERAL-construct.patch�- Upstream bug fixes (bsc#1027519)
5c17ce93-x86-hvm-correct-RDTSCP-intercept-handling.patch
5c18f5ad-x86emul-fix-3-operand-IMUL.patch
5c190203-x86emul-work-around-SandyBridge-errata.patch
5c3608fa-fix-MEMF_no_dma-allocations-for-single-NUMA.patch
5c3dd8fa-cmdline-fix-strncmp-LITERAL-construct.patch�- Upstream bug fixes (bsc#1027519)
5be9634c-x86-dom0-avoid-using-1G-superpages.patch
5bed93e1-x86-hvm_copy-no-write-to-p2m_ioreq_server.patch
5bf4118c-amd-iommu-fix-flush-checks.patch replaces xsa275-1.patch
5bf41242-AMD-IOMMU-suppress-late-PTE-merging.patch replaces xsa275-2.patch
5bf41311-x86-dont-flush-after-L1e-update-failure.patch replaces xsa279.patch
5bf41331-x86-shadow-move-OOS-flag-bits.patch replaces xsa280-1.patch
5bf4135a-x86-shrink-page_info-shadow_flags.patch replaces xsa280-2.patch
5c011aaf-x86-dont-enable-shadow-with-too-small-allocation.patch
5c0f786c-parse_size_and_unit-percent.patch
5c0f7894-x86-dom0_mem-variants.patch�- bsc#1115040 - VUL-0: xen: insufficient TLB flushing / improper
large page mappings with AMD IOMMUs (XSA-275)
xsa275-1.patch
xsa275-2.patch
- bsc#1115045 - VUL-0: xen: x86: DoS from attempting to use INVPCID
with a non-canonical addresses (XSA-279)
xsa279.patch
- bsc#1115047 - VUL-0: xen: Fix for XSA-240 conflicts with shadow
paging (XSA-280)
xsa280-1.patch
xsa280-2.patch
- bsc#1108940 - L3: XEN SLE12-SP1 domU hang on SLE12-SP3 HV
5bdc31d5-VMX-fix-vmx_handle_eoi.patch
- bsc#1105528 - L3: xpti=no-dom0 not working as expected
5bb60c12-x86-split-opt_xpti.patch
5bb60c4f-x86-split-opt_pv_l1tf.patch
5bb60c74-x86-fix-xpti-and-pv-l1tf.patch
- Upstream bug fixes (bsc#1027519)
5bae44ce-x86-silence-false-log-messages.patch
5bcf0722-x86-boot-enable-NMIs.patch
5bd076e9-x86-boot-init-debug-regs-correctly.patch
5bd076e9-x86-init-vcpu-debug-regs-correctly.patch
5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch
5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch
5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch
5be2a308-x86-extend-get_platform_badpages.patch
5be2a354-x86-work-around-HLE-host-lockup-erratum.patch�- bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even
when disabled (XSA-278)
5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch�- Upstream bug fixes (bsc#1027519)
5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch
5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch
5bacae4b-x86-boot-allocate-extra-module-slot.patch�- Update to Xen 4.10.2 bug fix release (bsc#1027519)
xen-4.10.2-testing-src.tar.bz2
- Drop the following patches contained in the new tarball
5a6703cb-x86-move-invocations-of-hvm_flush_guest_tlbs.patch
5a957d0e-gnttab-introduce-cmdline-feature-controls.patch
5a9985bd-x86-invpcid-support.patch
5ad4923e-x86-correct-S3-resume-ordering.patch
5ad49293-x86-suppress-BTI-mitigations-around-S3.patch
5ad600d4-x86-pv-introduce-x86emul_read_dr.patch
5ad600d4-x86-pv-introduce-x86emul_write_dr.patch
5ad8c3a7-x86-spec_ctrl-update-retpoline-decision-making.patch
5adda097-x86-HPET-fix-race-triggering-ASSERT.patch
5adda0d5-x86-HVM-never-retain-emulated-insn-cache.patch
5adde9ed-xpti-fix-double-fault-handling.patch
5ae06fad-SVM-fix-intercepts-for-SYS-CALL-ENTER-MSRs.patch
5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch
5aeaeaf0-sched-fix-races-in-vcpu-migration.patch
5aeb2c57-x86-retval-checks-of-set-guest-trapbounce.patch
5af03009-x86-pv-hide-more-EFER-bits-from-PV.patch
5af1daa9-1-x86-traps-fix-dr6-handing-in-DB-handler.patch
5af1daa9-2-x86-pv-move-exception-injection-into-test_all_events.patch
5af1daa9-3-x86-traps-use-IST-for-DB.patch
5af1daa9-4-x86-traps-fix-handling-of-DB-in-hypervisor-context.patch
5af1daa9-x86-vpt-support-IO-APIC-routed-intr.patch
5af1daa9-x86-HVM-guard-against-bogus-emulator-ioreq-state.patch
5af97999-viridian-cpuid-leaf-40000003.patch
5afc13ae-1-x86-read-MSR_ARCH_CAPABILITIES-once.patch
5afc13ae-2-x86-express-Xen-SPEC_CTRL-choice-as-variable.patch
5afc13ae-3-x86-merge-bti_ist_info-use_shadow_spec_ctrl.patch
5afc13ae-4-x86-fold-XEN_IBRS-ALTERNATIVES.patch
5afc13ae-5-x86-rename-bits-of-spec_ctrl-infrastructure.patch
5afc13ae-6-x86-elide-MSR_SPEC_CTRL-handling-in-idle.patch
5afc13ae-7-x86-split-X86_FEATURE_SC_MSR.patch
5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch
5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch
5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch
5aec7393-1-x86-xpti-avoid-copy.patch
5aec7393-2-x86-xpti-write-cr3.patch
5aec744a-3-x86-xpti-per-domain-flag.patch
5aec744a-4-x86-xpti-use-invpcid.patch
5aec744a-5-x86-xpti-no-global-pages.patch
5aec744a-6-x86-xpti-cr3-valid-flag.patch
5aec744a-7-x86-xpti-pv_guest_cr4_to_real_cr4.patch
5aec744b-8-x86-xpti-cr3-helpers.patch
5aec74a8-9-x86-xpti-use-pcid.patch
5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch
5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch
5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch
5b0bc9da-x86-XPTI-fix-S3-resume.patch
5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x80000008.patch
5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch
5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch
5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch
5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch
5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch
5b238b92-x86-HVM-account-for-fully-eager-FPU.patch
5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
5b31e004-x86-HVM-emul-attempts-FPU-set-fpu_initialised.patch
5b323e3c-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
5b34882d-x86-mm-dont-bypass-preemption-checks.patch
5b348874-x86-refine-checks-in-DB-handler.patch
5b348897-libxl-qemu_disk_scsi_drive_string-break-out-common.patch
5b3488a2-libxl-restore-passing-ro-to-qemu-for-SCSI-disks.patch
5b34891a-x86-HVM-dont-cause-NM-to-be-raised.patch
5b348954-x86-guard-against-NM.patch
5b3f8fa5-port-array_index_nospec-from-Linux.patch
5b4488e7-x86-spec-ctrl-cmdline-handling.patch
5b471517-page_alloc-correct-first_dirty-calc-in-block-merging.patch
5b4c9a60-allow-cpu_down-to-be-called-earlier.patch
5b4db308-SVM-fix-cleanup-svm_inject_event.patch
5b5040c3-cpupools-fix-state-when-downing-a-CPU-failed.patch
5b5040f2-x86-AMD-distinguish-CU-from-HT.patch
5b508775-1-x86-distinguish-CPU-offlining-and-removal.patch
5b508775-2-x86-possibly-bring-up-all-CPUs.patch
5b508775-3-x86-cmdline-opt-to-avoid-use-of-secondary-HTs.patch
5b508ce8-VMX-dont-clobber-dr6-while-debug-state-is-lazy.patch
5b50df16-1-x86-xstate-use-guest-CPUID-policy.patch
5b50df16-2-x86-make-xstate-calculation-errors-more-obvious.patch
5b56feb1-x86-hvm-disallow-unknown-EFER-bits.patch
5b56feb2-x86-XPTI-parsing-on-fixed-Intel-HW.patch
5b62ca93-VMX-avoid-hitting-BUG_ON.patch
5b6d84ac-x86-fix-improve-vlapic-read-write.patch
5b6d8ce2-x86-XPTI-parsing.patch
5b34b8fe-VMX-defer-vmx_vmcs_exit-as-long-as-possible.patch
5b3cab8e-1-VMX-MSR_DEBUGCTL-handling.patch
5b3cab8e-2-VMX-improve-MSR-load-save-API.patch
5b3cab8e-3-VMX-cleanup-MSR-load-save-infra.patch
5b3cab8f-1-VMX-factor-out-locate_msr_entry.patch
5b3cab8f-2-VMX-remote-access-to-MSR-lists.patch
5b3cab8f-3-VMX-improve-LBR-MSR-handling.patch
5b3cab8f-4-VMX-pass-MSR-value-into-vmx_msr_add.patch
5b3cab8f-5-VMX-load-only-guest-MSR-entries.patch
5b505fe5-VMX-fix-find-msr-build.patch
5b72fbbe-ARM-disable-grant-table-v2.patch
5b72fbbe-oxenstored-eval-order.patch
5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch
5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch
5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch
5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch
5b72fbbf-4-mm-Plumbing-to-allow-any-PTE-update-to-fail-with--ERESTART.patch
5b72fbbf-5-pv-Force-a-guest-into-shadow-mode-when-it-writes-an-L1TF-vulnerable-PTE.patch
5b72fbbf-6-spec-ctrl-CPUID-MSR-definitions-for-L1D_FLUSH.patch
5b72fbbf-7-msr-Virtualise-MSR_FLUSH_CMD-for-guests.patch
5b72fbbf-8-spec-ctrl-Introduce-an-option-to-control-L1D_FLUSH-for-HVM-HAP-guests.patch
5b72fbbf-9-spec-ctrl=no-global-disable.patch
5b72fbbf-A-xl-conf-add-global-affinity-masks.patch
5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch
5b75afef-x86-setup-avoid-OoB-E820-lookup.patch
5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch
5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch
5b8d5832-x86-assorted-array_index_nospec-insertions.patch�- bsc#1094508 - L3: Kernel oops in fs/dcache.c called by
d_materialise_unique()
5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch
5b9784d2-x86-HVM-add-known_gla-helper.patch
5b9784f2-x86-HVM-split-page-straddling-accesses.patch
- bsc#1103279 - (CVE-2018-15470) VUL-0: CVE-2018-15470: xen:
oxenstored does not apply quota-maxentity (XSA-272)
5b72fbbe-oxenstored-eval-order.patch
- bsc#1103275 - (CVE-2018-15469) VUL-0: CVE-2018-15469: xen: Use of
v2 grant tables may cause crash on ARM (XSA-268)
5b72fbbe-ARM-disable-grant-table-v2.patch
- bsc#1103276 - VUL-0: CVE-2018-15468: xen: x86: Incorrect
MSR_DEBUGCTL handling lets guests enable BTS (XSA-269)
5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch (Replaces xsa269.patch)
- bsc#1091107 - VUL-0: CVE-2018-3646: xen: L1 Terminal Fault -VMM
(XSA-273)
5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch (Replaces xsa273-1.patch)
5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch (Replaces xsa273-2.patch)
5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch (Replaces xsa273-3.patch)
5b72fbbf-4-mm-Plumbing-to-allow-any-PTE-update-to-fail-with--ERESTART.patch (Replaces xsa273-4.patch)
5b72fbbf-5-pv-Force-a-guest-into-shadow-mode-when-it-writes-an-L1TF-vulnerable-PTE.patch (Replaces xsa273-5.patch)
5b72fbbf-6-spec-ctrl-CPUID-MSR-definitions-for-L1D_FLUSH.patch (Replaces xsa273-6.patch)
5b72fbbf-7-msr-Virtualise-MSR_FLUSH_CMD-for-guests.patch (Replaces xsa273-7.patch)
5b72fbbf-8-spec-ctrl-Introduce-an-option-to-control-L1D_FLUSH-for-HVM-HAP-guests.patch (Replaces xsa273-8.patch)
5b72fbbf-9-spec-ctrl=no-global-disable.patch
5b72fbbf-A-xl-conf-add-global-affinity-masks.patch
- Upstream patches from Jan (bsc#1027519)
5a957d0e-gnttab-introduce-cmdline-feature-controls.patch
5b6d84ac-x86-fix-improve-vlapic-read-write.patch
5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch
5b75afef-x86-setup-avoid-OoB-E820-lookup.patch
5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch
5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch
5b8d5832-x86-assorted-array_index_nospec-insertions.patch�- bsc#1078292 - rpmbuild -ba SPECS/xen.spec with xen-4.9.1 failed
xen.spec�- bsc#1091107 - VUL-0: CVE-2018-3646: xen: L1 Terminal Fault -VMM
(XSA-273)
xsa273-1.patch
xsa273-2.patch
xsa273-3.patch
xsa273-4.patch
xsa273-5.patch
xsa273-6.patch
xsa273-7.patch
xsa273-8.patch
- Upstream prereq patches for XSA-273 (bsc#1027519)
5b34b8fe-VMX-defer-vmx_vmcs_exit-as-long-as-possible.patch
5b3cab8e-1-VMX-MSR_DEBUGCTL-handling.patch
5b3cab8e-2-VMX-improve-MSR-load-save-API.patch
5b3cab8e-3-VMX-cleanup-MSR-load-save-infra.patch
5b3cab8f-1-VMX-factor-out-locate_msr_entry.patch
5b3cab8f-2-VMX-remote-access-to-MSR-lists.patch
5b3cab8f-3-VMX-improve-LBR-MSR-handling.patch
5b3cab8f-4-VMX-pass-MSR-value-into-vmx_msr_add.patch
5b3cab8f-5-VMX-load-only-guest-MSR-entries.patch
5b505fe5-VMX-fix-find-msr-build.patch
5b62ca93-VMX-avoid-hitting-BUG_ON.patch
5b6d8ce2-x86-XPTI-parsing.patch�- bsc#1103276 - VUL-0: CVE-2018-15468: xen: x86: Incorrect
MSR_DEBUGCTL handling lets guests enable BTS (XSA-269)
xsa269.patch�- Upstream patches from Jan (bsc#1027519)
5af03009-x86-pv-hide-more-EFER-bits-from-PV.patch
5b3f8fa5-port-array_index_nospec-from-Linux.patch
5b4488e7-x86-spec-ctrl-cmdline-handling.patch
5b471517-page_alloc-correct-first_dirty-calc-in-block-merging.patch
5b4c9a60-allow-cpu_down-to-be-called-earlier.patch
5b4db308-SVM-fix-cleanup-svm_inject_event.patch
5b5040c3-cpupools-fix-state-when-downing-a-CPU-failed.patch
5b5040f2-x86-AMD-distinguish-CU-from-HT.patch
5b508775-1-x86-distinguish-CPU-offlining-and-removal.patch
5b508775-2-x86-possibly-bring-up-all-CPUs.patch
5b508775-3-x86-cmdline-opt-to-avoid-use-of-secondary-HTs.patch
5b508ce8-VMX-dont-clobber-dr6-while-debug-state-is-lazy.patch
5b50df16-1-x86-xstate-use-guest-CPUID-policy.patch
5b50df16-2-x86-make-xstate-calculation-errors-more-obvious.patch
5b56feb1-x86-hvm-disallow-unknown-EFER-bits.patch
5b56feb2-x86-XPTI-parsing-on-fixed-Intel-HW.patch�- Upstream patches from Jan (bsc#1027519)
5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch (Replaces Spectre-v4-1.patch)
5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch (Replaces Spectre-v4-2.patch)
5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch (Replaces Spectre-v4-3.patch)
5b0bc9da-x86-XPTI-fix-S3-resume.patch
5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x80000008.patch
5b0d2d91-x86-suppress-sync-when-XPTI-off.patch
5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch
5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch
5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch
5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch (Replaces xsa267-1.patch)
5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch (Replaces xsa267-2.patch)
5b238b92-x86-HVM-account-for-fully-eager-FPU.patch
5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
5b31e004-x86-HVM-emul-attempts-FPU-set-fpu_initialised.patch
5b323e3c-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
5b34882d-x86-mm-dont-bypass-preemption-checks.patch (Replaces xsa264.patch)
5b348874-x86-refine-checks-in-DB-handler.patch (Replaces xsa265.patch)
5b348897-libxl-qemu_disk_scsi_drive_string-break-out-common.patch (Replaces xsa266-1-<>.patch)
5b3488a2-libxl-restore-passing-ro-to-qemu-for-SCSI-disks.patch (Replaces xsa266-2-<>.patch)
5b34891a-x86-HVM-dont-cause-NM-to-be-raised.patch
5b348954-x86-guard-against-NM.patch�- Fix more build gcc8 related failures with xen.fuzz-_FORTIFY_SOURCE.patch�- bsc#1098403 - fix regression introduced by changes for bsc#1079730
a PV domU without qcow2 and/or vfb has no qemu attached.
Ignore QMP errors for PV domUs to handle PV domUs with and without
an attached qemu-xen.
xen.bug1079730.patch�- bsc#1097521 - VUL-0: CVE-2018-12891: xen: preemption checks
bypassed in x86 PV MM handling (XSA-264)
xsa264.patch
- bsc#1097522 - VUL-0: CVE-2018-12893: xen: x86: #DB exception
safety check can be triggered by a guest (XSA-265)
xsa265.patch
- bsc#1097523 - VUL-0: CVE-2018-12892: xen: libxl fails to honour
readonly flag on HVM emulated SCSI disks (XSA-266)
xsa266-1-libxl-qemu_disk_scsi_drive_string-Break-out-common-p.patch
xsa266-2-libxl-restore-passing-readonly-to-qemu-for-SCSI-disk.patch�- bsc#1095242 - VUL-0: CVE-2018-3665: xen: Lazy FP Save/Restore
(XSA-267)
xsa267-1.patch
xsa267-2.patch�- bsc#1092631 - VUL-0: CVE-2018-3639: xen: V4 – Speculative Store
Bypass aka "Memory Disambiguation" (XSA-263)
5ad4923e-x86-correct-S3-resume-ordering.patch
5ad49293-x86-suppress-BTI-mitigations-around-S3.patch
5afc13ae-1-x86-read-MSR_ARCH_CAPABILITIES-once.patch
5afc13ae-2-x86-express-Xen-SPEC_CTRL-choice-as-variable.patch
5afc13ae-3-x86-merge-bti_ist_info-use_shadow_spec_ctrl.patch
5afc13ae-4-x86-fold-XEN_IBRS-ALTERNATIVES.patch
5afc13ae-5-x86-rename-bits-of-spec_ctrl-infrastructure.patch
5afc13ae-6-x86-elide-MSR_SPEC_CTRL-handling-in-idle.patch
5afc13ae-7-x86-split-X86_FEATURE_SC_MSR.patch
5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch
5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch
5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch
Spectre-v4-1.patch
Spectre-v4-2.patch
Spectre-v4-3.patch�- Always call qemus xen-save-devices-state in suspend/resume to
fix migration with qcow2 images (bsc#1079730)
libxl.Add-a-version-check-of-QEMU-for-QMP-commands.patch
libxl.qmp-Tell-QEMU-about-live-migration-or-snapshot.patch
xen.bug1079730.patch�- bsc#1087289 - L3: Xen BUG at sched_credit.c:1663
5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch
5aeaeaf0-sched-fix-races-in-vcpu-migration.patch
- Upstream patches from Jan (bsc#1027519)
5ad600d4-x86-pv-introduce-x86emul_read_dr.patch
5ad600d4-x86-pv-introduce-x86emul_write_dr.patch
5ad8c3a7-x86-spec_ctrl-update-retpoline-decision-making.patch
5adda097-x86-HPET-fix-race-triggering-ASSERT.patch
5adda0d5-x86-HVM-never-retain-emulated-insn-cache.patch
5ae06fad-SVM-fix-intercepts-for-SYS-CALL-ENTER-MSRs.patch
5ae31917-x86-cpuidle-init-stats-lock-once.patch
5aeb2c57-x86-retval-checks-of-set-guest-trapbounce.patch
5af1daa9-1-x86-traps-fix-dr6-handing-in-DB-handler.patch (Replaces xsa260-1.patch)
5af1daa9-2-x86-pv-move-exception-injection-into-test_all_events.patch (Replaces xsa260-2.patch)
5af1daa9-3-x86-traps-use-IST-for-DB.patch (Replaces xsa260-3.patch)
5af1daa9-4-x86-traps-fix-handling-of-DB-in-hypervisor-context.patch (Replaces xsa260-4.patch)
5af1daa9-x86-HVM-guard-against-bogus-emulator-ioreq-state.patch (Replaces xsa262.patch)
5af1daa9-x86-vpt-support-IO-APIC-routed-intr.patch (Replaces xsa261.patch)
5af97999-viridian-cpuid-leaf-40000003.patch�- Fixes related to Page Table Isolation (XPTI). bsc#1074562 XSA-254
5a6703cb-x86-move-invocations-of-hvm_flush_guest_tlbs.patch
5a9985bd-x86-invpcid-support.patch
5adde9ed-xpti-fix-double-fault-handling.patch
5aec7393-1-x86-xpti-avoid-copy.patch
5aec7393-2-x86-xpti-write-cr3.patch
5aec744a-3-x86-xpti-per-domain-flag.patch
5aec744a-4-x86-xpti-use-invpcid.patch
5aec744a-5-x86-xpti-no-global-pages.patch
5aec744a-6-x86-xpti-cr3-valid-flag.patch
5aec744a-7-x86-xpti-pv_guest_cr4_to_real_cr4.patch
5aec744b-8-x86-xpti-cr3-helpers.patch
5aec74a8-9-x86-xpti-use-pcid.patch�- Update to Xen 4.10.1 bug fix release (bsc#1027519)
xen-4.10.1-testing-src.tar.bz2
disable-building-pv-shim.patch
- Drop the following patches contained in the new tarball
5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch
5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch
5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch
5a313972-x86-microcode-add-support-for-AMD-Fam17.patch
5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch
5a4caa5e-x86-IRQ-conditionally-preserve-access-perm.patch
5a4caa8c-x86-E820-don-t-overrun-array.patch
5a4e2bca-x86-free-msr_vcpu_policy-during-destruction.patch
5a4e2c2c-x86-upcall-inject-spurious-event-after-setting-vector.patch
5a4fd893-1-x86-break-out-alternative-asm-into-separate-header.patch
5a4fd893-2-x86-introduce-ALTERNATIVE_2-macros.patch
5a4fd893-3-x86-hvm-rename-update_guest_vendor-to-cpuid_policy_changed.patch
5a4fd893-4-x86-introduce-cpuid_policy_updated.patch
5a4fd893-5-x86-entry-remove-partial-cpu_user_regs.patch
5a4fd894-1-x86-rearrange-RESTORE_ALL-to-restore-in-stack-order.patch
5a4fd894-2-x86-hvm-use-SAVE_ALL-after-VMExit.patch
5a4fd894-3-x86-erase-guest-GPRs-on-entry-to-Xen.patch
5a4fd894-4-clarifications-to-wait-infrastructure.patch
5a534c78-x86-dont-use-incorrect-CPUID-values-for-topology.patch
5a5cb24c-x86-mm-always-set-_PAGE_ACCESSED-on-L4-updates.patch
5a5e2cff-x86-Meltdown-band-aid.patch
5a5e2d73-x86-Meltdown-band-aid-conditional.patch
5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch
5a5e3a4e-2-x86-support-indirect-thunks-from-asm.patch
5a5e3a4e-3-x86-report-speculative-mitigation-details.patch
5a5e3a4e-4-x86-AMD-set-lfence-as-Dispatch-Serialising.patch
5a5e3a4e-5-x86-introduce-alternative-indirect-thunks.patch
5a5e3a4e-6-x86-definitions-for-Indirect-Branch-Controls.patch
5a5e3a4e-7-x86-cmdline-opt-to-disable-IBRS-IBPB-STIBP.patch
5a5e459c-1-x86-SVM-offer-CPUID-faulting-to-AMD-HVM-guests.patch
5a5e459c-2-x86-report-domain-id-on-CPUID.patch
5a68bc16-x86-acpi-process-softirqs-logging-Cx.patch
5a69c0b9-x86-fix-GET_STACK_END.patch
5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch
5a6b36cd-2-x86-msr-emulation-of-SPEC_CTRL-PRED_CMD.patch
5a6b36cd-3-x86-migrate-MSR_SPEC_CTRL.patch
5a6b36cd-4-x86-hvm-permit-direct-access-to-SPEC_CTRL-PRED_CMD.patch
5a6b36cd-5-x86-use-SPEC_CTRL-on-entry.patch
5a6b36cd-6-x86-clobber-RSB-RAS-on-entry.patch
5a6b36cd-7-x86-no-alternatives-in-NMI-MC-paths.patch
5a6b36cd-8-x86-boot-calculate-best-BTI-mitigation.patch
5a6b36cd-9-x86-issue-speculation-barrier.patch
5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch
5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch
5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch
5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch
5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch
5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch
5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch
5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch
5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch
5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch
5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch
5a955800-gnttab-dont-free-status-pages-on-ver-change.patch
5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch
5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch
5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch
5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch
5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch
5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch
5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch
xsa258.patch
xsa259.patch�- bsc#1090820 - VUL-0: CVE-2018-8897: xen: x86: mishandling of
debug exceptions (XSA-260)
xsa260-1.patch
xsa260-2.patch
xsa260-3.patch
xsa260-4.patch
- bsc#1090822 - VUL-0: CVE-2018-10982: xen: x86 vHPET interrupt
injection errors (XSA-261)
xsa261.patch
- bsc#1090823 - VUL-0: CVE-2018-10981: xen: qemu may drive Xen into
unbounded loop (XSA-262)
xsa262.patch�- bsc#1089152 - VUL-0: CVE-2018-10472: xen: Information leak via
crafted user-supplied CDROM (XSA-258)
xsa258.patch
- bsc#1089635 - VUL-0: CVE-2018-10471: xen: x86: PV guest may crash
Xen with XPTI (XSA-259)
xsa259.patch�- Preserve xen-syms from xen-dbg.gz to allow processing vmcores
with crash(1) (bsc#1087251)�- Upstream patches from Jan (bsc#1027519) and fixes related to
Page Table Isolation (XPTI). See also bsc#1074562 XSA-254
5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch
5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch
5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch
5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch
5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch
5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch�- bsc#1072834 - Xen HVM: unchecked MSR access error: RDMSR from
0xc90 at rIP: 0xffffffff93061456 (native_read_msr+0x6/0x30)
5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch
- Upstream patches from Jan (bsc#1027519)
5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch
5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch
5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch
5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch
5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch
5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch
5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch
5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch (Replaces xsa252.patch)
5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch (Replaces xsa255-1.patch)
5a955800-gnttab-dont-free-status-pages-on-ver-change.patch (Replaces xsa255-2.patch)
5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch (Replaces xsa256.patch)
- Drop
xsa252.patch
xsa255-1.patch
xsa255-2.patch
xsa256.patch�- bsc#1080635 - VUL-0: CVE-2018-7540: xen: DoS via non-preemptable
L3/L4 pagetable freeing (XSA-252)
xsa252.patch
- bsc#1080662 - VUL-0: CVE-2018-7541: xen: grant table v2 -> v1
transition may crash Xen (XSA-255)
xsa255-1.patch
xsa255-2.patch
- bsc#1080634 - VUL-0: CVE-2018-7542: xen: x86 PVH guest without
LAPIC may DoS the host (XSA-256)
xsa256.patch�- Remove stale systemd presets code for 13.2 and older�- fate#324965 - add script, udev rule and systemd service to watch
for vcpu online/offline events in a HVM domU
They are triggered via xl vcpu-set domU N�- Replace hardcoded xen with Name tag when refering to subpkgs�- Make sure tools and tools-domU require libs from the very same build�- tools-domU: Add support for qemu guest agent. New files
80-xen-channel-setup.rules and xen-channel-setup.sh configure a
xen-pv-channel for use by the guest agent
FATE#324963�- Remove outdated /etc/xen/README*�- bsc#1073961 - VUL-0: CVE-2018-5244: xen: x86: memory leak with
MSR emulation (XSA-253)
5a4e2bca-x86-free-msr_vcpu_policy-during-destruction.patch
- bsc#1074562 - VUL-0: CVE-2017-5753,CVE-2017-5715,CVE-2017-5754
xen: Information leak via side effects of speculative execution
(XSA-254). Includes Spectre v2 mitigation.
5a4caa5e-x86-IRQ-conditionally-preserve-access-perm.patch
5a4caa8c-x86-E820-don-t-overrun-array.patch
5a4e2c2c-x86-upcall-inject-spurious-event-after-setting-vector.patch
5a4fd893-1-x86-break-out-alternative-asm-into-separate-header.patch
5a4fd893-2-x86-introduce-ALTERNATIVE_2-macros.patch
5a4fd893-3-x86-hvm-rename-update_guest_vendor-to-cpuid_policy_changed.patch
5a4fd893-4-x86-introduce-cpuid_policy_updated.patch
5a4fd893-5-x86-entry-remove-partial-cpu_user_regs.patch
5a4fd894-1-x86-rearrange-RESTORE_ALL-to-restore-in-stack-order.patch
5a4fd894-2-x86-hvm-use-SAVE_ALL-after-VMExit.patch
5a4fd894-3-x86-erase-guest-GPRs-on-entry-to-Xen.patch
5a4fd894-4-clarifications-to-wait-infrastructure.patch
5a534c78-x86-dont-use-incorrect-CPUID-values-for-topology.patch
5a5cb24c-x86-mm-always-set-_PAGE_ACCESSED-on-L4-updates.patch
5a5e2cff-x86-Meltdown-band-aid.patch
5a5e2d73-x86-Meltdown-band-aid-conditional.patch
5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch
5a5e3a4e-2-x86-support-indirect-thunks-from-asm.patch
5a5e3a4e-3-x86-report-speculative-mitigation-details.patch
5a5e3a4e-4-x86-AMD-set-lfence-as-Dispatch-Serialising.patch
5a5e3a4e-5-x86-introduce-alternative-indirect-thunks.patch
5a5e3a4e-6-x86-definitions-for-Indirect-Branch-Controls.patch
5a5e3a4e-7-x86-cmdline-opt-to-disable-IBRS-IBPB-STIBP.patch
5a5e459c-1-x86-SVM-offer-CPUID-faulting-to-AMD-HVM-guests.patch
5a5e459c-2-x86-report-domain-id-on-CPUID.patch
5a68bc16-x86-acpi-process-softirqs-logging-Cx.patch
5a69c0b9-x86-fix-GET_STACK_END.patch
5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch
5a6b36cd-2-x86-msr-emulation-of-SPEC_CTRL-PRED_CMD.patch
5a6b36cd-3-x86-migrate-MSR_SPEC_CTRL.patch
5a6b36cd-4-x86-hvm-permit-direct-access-to-SPEC_CTRL-PRED_CMD.patch
5a6b36cd-5-x86-use-SPEC_CTRL-on-entry.patch
5a6b36cd-6-x86-clobber-RSB-RAS-on-entry.patch
5a6b36cd-7-x86-no-alternatives-in-NMI-MC-paths.patch
5a6b36cd-8-x86-boot-calculate-best-BTI-mitigation.patch
5a6b36cd-9-x86-issue-speculation-barrier.patch
5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch
5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch�- Fix python3 deprecated atoi call (bsc#1067224)
pygrub-python3-conversion.patch
- Drop xenmon-python3-conversion.patch�- bsc#1067317 - pass cache=writeback|unsafe|directsync to qemu,
depending on the libxl disk settings
libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch�- Remove libxl.LIBXL_DESTROY_TIMEOUT.debug.patch�- bsc#1067224 - xen-tools have hard dependency on Python 2
build-python3-conversion.patch
bin-python3-conversion.patch�- bsc#1070165 - xen crashes after aborted localhost migration
5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch
- bsc#1035442 - L3: libxl: error: libxl.c:1676:devices_destroy_cb:
libxl__devices_destroy failed
5a33a12f-domctl-improve-locking-during-domain-destruction.patch
- Upstream patches from Jan (bsc#1027519)
5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch
5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch
5a313972-x86-microcode-add-support-for-AMD-Fam17.patch
5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch�- Update to Xen 4.10.0 FCS (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2�- Rebuild initrd if xen-tools-domU is updated�- Update to Xen 4.10.0-rc8 (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2�- Increase the value of LIBXL_DESTROY_TIMEOUT from 10 to 100 seconds
If many domUs shutdown in parallel the backends can not keep up
Add some debug output to track how long backend shutdown takes (bsc#1035442)
libxl.LIBXL_DESTROY_TIMEOUT.patch
libxl.LIBXL_DESTROY_TIMEOUT.debug.patch�- Adjust xenstore-run-in-studomain.patch to change the defaults
in the code instead of changing the sysconfig template, to also
cover the upgrade case�- Update to Xen 4.10.0-rc6 (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2�- Since xen switched to Kconfig, building a debug hypervisor
was done by default. Adjust make logic to build a non-debug
hypervisor by default, and continue to provide one as xen-dbg.gz�- fate#316614: set migration constraints from cmdline
fix libxl.set-migration-constraints-from-cmdline.patch for xen-4.10�- Document the suse-diskcache-disable-flush option in
xl-disk-configuration(5) (bsc#879425,bsc#1067317)�- Replace references to /var/adm/fillup-templates with new
%_fillupdir macro (boo#1069468)�- Update to Xen 4.10.0-rc5 (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2
- fate#323663 - Run Xenstore in stubdomain
xenstore-run-in-studomain.patch�- bsc#1067224 - xen-tools have hard dependency on Python 2
pygrub-python3-conversion.patch
xenmon-python3-conversion.patch
migration-python3-conversion.patch
xnloader.py
xen2libvirt.py�- Remove xendriverdomain.service (bsc#1065185)
Driver domains must be configured manually with custom .service file�- Update to Xen 4.10.0-rc3 (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2
- Drop 59f31268-libxc-remove-stale-error-check-for-domain-size.patch�- Adjust xen-dom0-modules.service to ignore errors (bsc#1065187)�- fate#324052 Support migration of Xen HVM domains larger than 1TB
59f31268-libxc-remove-stale-error-check-for-domain-size.patch�- Update to Xen 4.10.0-rc2 (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2�- Update to Xen 4.10.0-rc1 (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2
- Drop patches included in new tarball
592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch
596f257e-x86-fix-hvmemul_insn_fetch.patch
5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch
598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch
598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch
5992f1e5-x86-grant-disallow-misaligned-PTEs.patch
5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch
5992f233-gnttab-correct-pin-status-fixup-for-copy.patch
59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch
59958ebf-gnttab-fix-transitive-grant-handling.patch
59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch
599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch
59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch
59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch
59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch
59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch
59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch
59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch
59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch
59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch
59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch
59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch
59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch
59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch
gcc7-arm.patch
gcc7-mini-os.patch�- bsc#1061084 - VUL-0: xen: page type reference leak on x86
(XSA-242)
xsa242.patch
- bsc#1061086 - VUL-0: xen: x86: Incorrect handling of self-linear
shadow mappings with translated guests (XSA-243)
xsa243.patch
- bsc#1061087 - VUL-0: xen: x86: Incorrect handling of IST settings
during CPU hotplug (XSA-244)
xsa244.patch�- bsc#1061077 - VUL-0: xen: DMOP map/unmap missing argument checks
(XSA-238)
xsa238.patch
- bsc#1061080 - VUL-0: xen: hypervisor stack leak in x86 I/O
intercept code (XSA-239)
xsa239.patch
- bsc#1061081 - VUL-0: xen: Unlimited recursion in linear pagetable
de-typing (XSA-240)
xsa240-1.patch
xsa240-2.patch
- bsc#1061082 - VUL-0: xen: Stale TLB entry due to page type
release race (XSA-241)
xsa241.patch�- bsc#1061075 - VUL-0: xen: pin count / page reference race in
grant table code (XSA-236)
xsa236.patch
- bsc#1061076 - VUL-0: xen: multiple MSI mapping issues on x86
(XSA-237)
xsa237-1.patch
xsa237-2.patch
xsa237-3.patch
xsa237-4.patch
xsa237-5.patch�- bsc#1056278 - VUL-0: xen: Missing NUMA node parameter
verification (XSA-231)
59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch
- bsc#1056280 - VUL-0: xen: Missing check for grant table (XSA-232)
59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch
- bsc#1056281 - VUL-0: xen: cxenstored: Race in domain cleanup
(XSA-233)
59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch
- bsc#1056282 - VUL-0: xen: insufficient grant unmapping checks for
x86 PV guests (XSA-234)
59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch
- bsc#1055321 - VUL-0: xen: add-to-physmap error paths fail to
release lock on ARM (XSA-235)
599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch
- Upstream patches from Jan (bsc#1027519)
59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch
59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch
59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch
59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch
59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch
59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch
59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch
59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch
- Dropped gcc7-xen.patch�- bsc#1057358 - Cannot Boot into SLES12.3 with Xen hypervisor when
Secure Boot is Enabled
xen.spec�- bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored
update from v6 to v9 to cover more cases for ballooned domUs
libxc.sr.superpage.patch�- bsc#1026236 - remove suse_vtsc_tolerance= cmdline option for Xen
drop the patch because it is not upstream acceptable
remove xen.suse_vtsc_tolerance.patch�- bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored
after the save using xl stack
libxc.sr.superpage.patch�- Unignore gcc-PIE
the toolstack disables PIE for firmware builds as needed�- Upstream patches from Jan (bsc#1027519)
592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch
596f257e-x86-fix-hvmemul_insn_fetch.patch
5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch
598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch
598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch
5992f1e5-x86-grant-disallow-misaligned-PTEs.patch (Replaces xsa227.patch)
5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch (Replaces xsa228.patch)
5992f233-gnttab-correct-pin-status-fixup-for-copy.patch (Replaces xsa230.patch)
59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch (Replaces xsa226-1.patch)
59958ebf-gnttab-fix-transitive-grant-handling.patch (Replaces xsa226-2.patch)
59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch�- bsc#1044974 - xen-tools require python-pam
xen.spec�- Clean up spec file errors and a few warnings. (bsc#1027519)
- Removed conditional 'with_systemd' and some old deprecated
'sles_version' checks.
xen.spec�- Remove use of brctl utiltiy from supportconfig plugin
FATE#323639�- Use upstream variant of mini-os __udivmoddi4 change
gcc7-mini-os.patch�- fate#323639 Move bridge-utils to legacy
replace-obsolete-network-configuration-commands-in-s.patch�- bsc#1052686 - VUL-0: xen: grant_table: possibly premature
clearing of GTF_writing / GTF_reading (XSA-230)
xsa230.patch�- bsc#1035231 - migration of HVM domU does not use superpages
on destination dom0
libxc.sr.superpage.patch�- bsc#1051787 - VUL-0: CVE-2017-12135: xen: possibly unbounded
recursion in grant table code (XSA-226)
xsa226-1.patch
xsa226-2.patch
- bsc#1051788 - VUL-0: CVE-2017-12137: xen: x86: PV privilege
escalation via map_grant_ref (XSA-227)
xsa227.patch
- bsc#1051789 - VUL-0: CVE-2017-12136: xen: grant_table: Race
conditions with maptrack free list handling (XSA-228)
xsa228.patch�- Add a supportconfig plugin
xen-supportconfig
FATE#323661�- bsc#1026236 - add suse_vtsc_tolerance= cmdline option for Xen
To avoid emulation of TSC access from a domU after live migration
add a global tolerance for the measured host kHz
xen.suse_vtsc_tolerance.patch�- fate#323662 Drop qemu-dm from xen-tools package
The following tarball and patches have been removed
qemu-xen-traditional-dir-remote.tar.bz2
VNC-Support-for-ExtendedKeyEvent-client-message.patch
0001-net-move-the-tap-buffer-into-TAPState.patch
0002-net-increase-tap-buffer-size.patch
0003-e1000-fix-access-4-bytes-beyond-buffer-end.patch
0004-e1000-secrc-support.patch
0005-e1000-multi-buffer-packet-support.patch
0006-e1000-clear-EOP-for-multi-buffer-descriptors.patch
0007-e1000-verify-we-have-buffers-upfront.patch
0008-e1000-check-buffer-availability.patch
CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch
CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch
CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch
CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch
CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch
CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch
CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch
CVE-2015-4037-qemut-smb-config-dir-name.patch
CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch
CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch
CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch
CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch
CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch
CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch
CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch
CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch
CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch
CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch
CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch
CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch
CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch
CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch
CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch
CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch
CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch
CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch
CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch
CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch
CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch
CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch
blktap.patch
cdrom-removable.patch
xen-qemu-iscsi-fix.patch
qemu-security-etch1.patch
xen-disable-qemu-monitor.patch
xen-hvm-default-bridge.patch
qemu-ifup-set-mtu.patch
ioemu-vnc-resize.patch
capslock_enable.patch
altgr_2.patch
log-guest-console.patch
bdrv_open2_fix_flags.patch
bdrv_open2_flags_2.patch
ioemu-7615-qcow2-fix-alloc_cluster_link_l2.patch
qemu-dm-segfault.patch
bdrv_default_rwflag.patch
kernel-boot-hvm.patch
ioemu-watchdog-support.patch
ioemu-watchdog-linkage.patch
ioemu-watchdog-ib700-timer.patch
ioemu-hvm-pv-support.patch
pvdrv_emulation_control.patch
ioemu-disable-scsi.patch
ioemu-disable-emulated-ide-if-pv.patch
xenpaging.qemu.flush-cache.patch
ioemu-devicemodel-include.patch
- Cleanup spec file and remove unused KMP patches
kmp_filelist
supported_module.patch
xen_pvonhvm.xen_emul_unplug.patch�- bsc#1002573 - Optimize LVM functions in block-dmmd
block-dmmd�- Record initial Xen dmesg in /var/log/xen/xen-boot.log for
supportconfig. Keep previous log in /var/log/xen/xen-boot.prev.log�- Remove storytelling from description in xen.rpm�- Update to Xen 4.9.0 FCS (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2�- Update block-dmmd script (bsc#1002573)
block-dmmd�- Update to Xen 4.9.0-rc8+ (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2
gcc7-arm.patch
- Drop gcc7-error-xenpmd.patch�- Update to Xen 4.9.0-rc8 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2�- bsc#1042160 - VUL-1: CVE-2017-9330: xen: usb: ohci: infinite loop
due to incorrect return value
CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch�- bsc#1037243 - VUL-1: CVE-2017-8309: xen: audio: host memory
leakage via capture buffer
CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch�- Update to Xen 4.9.0-rc7 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2�- Update to Xen 4.9.0-rc6 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2�- bsc#1031343 - xen fails to build with GCC 7
gcc7-mini-os.patch
gcc7-xen.patch�- bsc#1031343 - xen fails to build with GCC 7
gcc7-error-xenpmd.patch�- Update to Xen 4.9.0-rc5 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2
- Drop xen-tools-pkgconfig-xenlight.patch�- bsc#1037779 - xen breaks kexec-tools build
xen-tools-pkgconfig-xenlight.patch�- Update to Xen 4.9.0-rc4 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2�- bsc#1036146 - sles12sp2 xen VM dumps core to wrong path
xen.spec�- Update to Xen 4.9.0-rc3 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2
aarch64-maybe-uninitialized.patch�- Update to Xen 4.9.0-rc2 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2�- Update to Xen 4.9.0-rc1 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2
ioemu-devicemodel-include.patch
- Dropped patches contained in new tarball
xen-4.8.0-testing-src.tar.bz2
0001-xenstore-let-write_node-and-some-callers-return-errn.patch
0002-xenstore-undo-function-rename.patch
0003-xenstore-rework-of-transaction-handling.patch
584806ce-x86emul-correct-PUSHF-POPF.patch
584fc649-fix-determining-when-domain-creation-is-complete.patch
58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch
58510cac-x86emul-MOVNTI-no-REP-prefixes.patch
58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch
5853ed37-VT-d-correct-dma_msi_set_affinity.patch
5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch
58580060-x86-emul-correct-SYSCALL-eflags-handling.patch
585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch
585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch
585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch
586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch
587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch
587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch
5882129d-x86emul-LOCK-check-adjustments.patch
58821300-x86-segment-attribute-handling.patch
58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch
58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch
5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch
5887888f-credit2-never-consider-CPUs-outside-of-pool.patch
5887888f-credit2-use-the-correct-scratch-cpumask.patch
5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch
5899cbd9-EPT-allow-wrcomb-MMIO-mappings-again.patch
589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch
58a44771-IOMMU-always-call-teardown-callback.patch
58a48ccc-x86-fix-p2m_flush_table-for-non-nested.patch
58a59f4b-libxl-correct-xenstore-entry-for-empty-cdrom.patch
58a70d94-VMX-fix-VMCS-race-on-cswitch-paths.patch
58ac1f3f-VMX-dont-leak-host-syscall-MSRs.patch
58b5a2de-x86-correct-Xens-idea-of-its-memory-layout.patch
58b6fd42-credit2-always-mark-a-tickled-pCPU-as-tickled.patch
58b6fd42-credit2-dont-miss-accounting-during-credit-reset.patch
58cbf682-x86-EFI-avoid-overrunning-mb_modules.patch
58cf9200-x86-EFI-avoid-IOMMU-faults-on-tail-gap.patch
58cf9260-x86-EFI-avoid-Xen-when-looking-for-mod-kexec-pos.patch
58cf9277-x86-time-dont-use-vTSC-if-host-guest-freqs-match.patch
58d25ea2-xenstore-add-missing-checks-for-allocation-failure.patch
58d91365-sched-dont-call-wrong-hook-via-VCPU2OP.patch
CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch
CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch
glibc-2.25-compatibility-fix.patch
xs-09-add_change_node-params.patch
xs-10-call-add_change_node.patch
xs-11-tdb-record-header.patch
xs-12-node-gen-count.patch
xs-13-read-directory-part-support.patch
xs-14-command-array.patch
xs-15-command-return-val.patch
xs-16-function-static.patch
xs-17-arg-parsing.patch
xs-18-default-buffer.patch
xs-19-handle-alloc-failures.patch
xs-20-tdb-version.patch
xs-21-empty-tdb-database.patch
xs-22-reopen_log-fix.patch
xs-23-XS_DEBUG-rename.patch
xs-24-xenstored_control.patch
xs-25-control-enhance.patch
xs-26-log-control.patch
xs-27-memory-report.patch
xs-28-remove-talloc-report.patch
xs-29-define-off_t.patch
xsa206-0001-xenstored-apply-a-write-transaction-rate-limit.patch
xsa206-0002-xenstored-Log-when-the-write-transaction-rate-limit.patch�- bsc#1022703 - Xen HVM guest with OVMF hangs with unattached CDRom
58a59f4b-libxl-correct-xenstore-entry-for-empty-cdrom.patch�- bsc#1015348 - L3: libvirtd does not start during boot
suse-xendomains-service.patch�- bsc#1014136 - Partner-L3: kdump can't dump a kernel on SLES12-SP2
with Xen hypervisor.
58cf9260-x86-EFI-avoid-Xen-when-looking-for-mod-kexec-pos.patch
- bsc#1026236 - L3: Paravirtualized vs. fully virtualized migration
- latter one much faster
58cf9277-x86-time-dont-use-vTSC-if-host-guest-freqs-match.patch
- Upstream patch from Jan
58cbf682-x86-EFI-avoid-overrunning-mb_modules.patch
58cf9200-x86-EFI-avoid-IOMMU-faults-on-tail-gap.patch
58d91365-sched-dont-call-wrong-hook-via-VCPU2OP.patch�- bsc#1022555 - L3: Timeout in "execution of /etc/xen/scripts/block
add"
58d25ea2-xenstore-add-missing-checks-for-allocation-failure.patch
0001-xenstore-let-write_node-and-some-callers-return-errn.patch
0002-xenstore-undo-function-rename.patch
0003-xenstore-rework-of-transaction-handling.patch
- bsc#1030144 - VUL-0: xen: xenstore denial of service via repeated
update (XSA-206)
xsa206-0001-xenstored-apply-a-write-transaction-rate-limit.patch
xsa206-0002-xenstored-Log-when-the-write-transaction-rate-limit.patch
- bsc#1029827 - Forward port xenstored
xs-09-add_change_node-params.patch
xs-10-call-add_change_node.patch
xs-11-tdb-record-header.patch
xs-12-node-gen-count.patch
xs-13-read-directory-part-support.patch
xs-14-command-array.patch
xs-15-command-return-val.patch
xs-16-function-static.patch
xs-17-arg-parsing.patch
xs-18-default-buffer.patch
xs-19-handle-alloc-failures.patch
xs-20-tdb-version.patch
xs-21-empty-tdb-database.patch
xs-22-reopen_log-fix.patch
xs-23-XS_DEBUG-rename.patch
xs-24-xenstored_control.patch
xs-25-control-enhance.patch
xs-26-log-control.patch
xs-27-memory-report.patch
xs-28-remove-talloc-report.patch
xs-29-define-off_t.patch�- bsc#1029128 - fix make xen to really produce xen.efi with gcc48�- bsc#1028235 - VUL-0: CVE-2017-6505: xen: qemu: usb: an infinite
loop issue in ohci_service_ed_list
CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch
- Upstream patches from Jan (bsc#1027519)
5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch
5887888f-credit2-use-the-correct-scratch-cpumask.patch
5899cbd9-EPT-allow-wrcomb-MMIO-mappings-again.patch
589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch
58a44771-IOMMU-always-call-teardown-callback.patch
58a48ccc-x86-fix-p2m_flush_table-for-non-nested.patch
58a70d94-VMX-fix-VMCS-race-on-cswitch-paths.patch
58ac1f3f-VMX-dont-leak-host-syscall-MSRs.patch
58b5a2de-x86-correct-Xens-idea-of-its-memory-layout.patch
58b6fd42-credit2-always-mark-a-tickled-pCPU-as-tickled.patch
58b6fd42-credit2-dont-miss-accounting-during-credit-reset.patch�- bsc#1027654 - XEN fails to build against glibc 2.25
glibc-2.25-compatibility-fix.patch
libxl.pvscsi.patch�- fate#316613: Refresh and enable libxl.pvscsi.patch�- bsc#1024834 - VUL-0: CVE-2017-2620: xen: cirrus_bitblt_cputovideo
does not check if memory region is safe (XSA-209)
CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch�- bsc#1023948 - [pvusb][sles12sp3][openqa] Segmentation fault
happened when adding usbctrl devices via xl
589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch�- Upstream patches from Jan (bsc#1027519)
587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch
587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch
5882129d-x86emul-LOCK-check-adjustments.patch
58821300-x86-segment-attribute-handling.patch
58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch
58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch
5887888f-credit2-use-the-correct-scratch-cpumask.patch
5887888f-credit2-never-consider-CPUs-outside-of-pool.patch
5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch
5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch�- bsc#1023004 - VUL-0: CVE-2017-2615: qemu: display: cirrus: oob
access while doing bitblt copy backward mode
CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch�- fate#322313 and fate#322150 require the acpica package ported to
aarch64 which Xen 4.8 needs to build. Temporarily disable aarch64
until these fates are complete.
xen.spec�- bsc#1021952 - Virutalization/xen: Bug xen-tools missing
/usr/bin/domu-xenstore; guests fail to launch
tmp_build.patch
xen.spec�- No systemd presets for 42.3+ and SLE12SP3+ (bsc#1012842)�- bsc#1007224 - broken symlinks in /usr/share/doc/packages/xen/misc/
xen.spec�- 585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch
Replaces xsa202.patch (bsc#1014298)
- 585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch
Replaces xsa203.patch (bsc#1014300)
- 58580060-x86-emul-correct-SYSCALL-eflags-handling.patch
Replaces xsa204.patch (bsc#1016340)
- Upstream patches from Jan
58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch
5853ed37-VT-d-correct-dma_msi_set_affinity.patch
5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch
585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch
586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch�- bsc#1015169 - VUL-0: CVE-2016-9921, CVE-2016-9922: xen: qemu:
display: cirrus_vga: a divide by zero in cirrus_do_copy
CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch�- bsc#1016340 - VUL-0: CVE-2016-10013: xen: x86: Mishandling of
SYSCALL singlestep during emulation (XSA-204)
xsa204.patch�- bsc#1012651 - VUL-0: CVE-2016-9932: xen: x86 CMPXCHG8B emulation
fails to ignore operand size override (XSA-200)
58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch�- bsc#1014298 - VUL-0: CVE-2016-10024: xen: x86 PV guests may be
able to mask interrupts (XSA-202)
xsa202.patch
- bsc#1014300 - VUL-0: CVE-2016-10025: xen: x86: missing NULL
pointer check in VMFUNC emulation (XSA-203)
xsa203.patch
- Upstream patches from Jan
584806ce-x86emul-correct-PUSHF-POPF.patch
584fc649-fix-determining-when-domain-creation-is-complete.patch
58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch
58510cac-x86emul-MOVNTI-no-REP-prefixes.patch�- Update to Xen 4.8 FCS
xen-4.8.0-testing-src.tar.bz2
- Dropped
xen-4.7.1-testing-src.tar.bz2
0001-libxc-Rework-extra-module-initialisation.patch
0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch
0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch
0004-firmware-makefile-install-BIOS-blob.patch
0005-libxl-Load-guest-BIOS-from-file.patch
0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch
0007-hvmloader-Grab-the-hvm_start_info-pointer.patch
0008-hvmloader-Locate-the-BIOS-blob.patch
0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch
0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch
0011-hvmloader-Load-OVMF-from-modules.patch
0012-hvmloader-Specific-bios_load-function-required.patch
0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch
0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch
57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch
576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch
5769106e-x86-generate-assembler-equates-for-synthesized.patch
57a1e603-x86-time-adjust-local-system-time-initialization.patch
57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch
57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch
57a30261-x86-support-newer-Intel-CPU-models.patch
5810a9cc-x86-emul-Correct-decoding-of-SReg3-operands.patch
581b2c3b-x86-emul-reject-LGDT-LIDT-with-non-canonical-addresses.patch
581b647a-x86emul-L-S-G-I-DT-ignore-opsz-overrides-in-64-bit-mode.patch
58249392-x86-svm-dont-clobber-eax-edx-if-RDMSR-intercept-fails.patch
582c35d6-x86-vmx-correct-long-mode-check-in-vmx_cpuid_intercept.patch
582c35ee-x86-traps-dont-call-hvm_hypervisor_cpuid_leaf-for-PV.patch
58343dc2-x86-hvm-Fix-the-handling-of-non-present-segments.patch
58343df8-x86-HVM-dont-load-LDTR-with-VM86-mode-attrs-during-task-switch.patch
58343e24-x86-PV-writes-of-fs-and-gs-base-MSRs-require-canonical-addresses.patch
58343e9e-libelf-fix-stack-memory-leak-when-loading-32-bit-symbol-tables.patch
58343ec2-x86emul-fix-huge-bit-offset-handling.patch
58343f29-x86-emul-correct-the-IDT-entry-calculation-in-inject_swint.patch
58343f44-x86-svm-fix-injection-of-software-interrupts.patch
58343f79-pygrub-Properly-quote-results-when-returning-them-to-the-caller.patch
CVE-2016-9381-xsa197-qemut.patch
CVE-2016-9637-xsa199-qemut.patch�- bsc#1011652 - VUL-0: xen: qemu ioport array overflow
CVE-2016-9637-xsa199-qemut.patch�- bsc#1009100 - VUL-0: CVE-2016-9386: XSA-191: xen: x86 null
segments not always treated as unusable
58343dc2-x86-hvm-Fix-the-handling-of-non-present-segments.patch
- bsc#1009103 - VUL-0: CVE-2016-9382: XSA-192: xen: x86 task switch
to VM86 mode mis-handled
58343df8-x86-HVM-dont-load-LDTR-with-VM86-mode-attrs-during-task-switch.patch
- bsc#1009104 - VUL-0: CVE-2016-9385: XSA-193: xen: x86 segment base
write emulation lacking canonical address checks
58343e24-x86-PV-writes-of-fs-and-gs-base-MSRs-require-canonical-addresses.patch
- bsc#1009105 - VUL-0: CVE-2016-9384: XSA-194: xen: guest 32-bit
ELF symbol table load leaking host data
58343e9e-libelf-fix-stack-memory-leak-when-loading-32-bit-symbol-tables.patch
- bsc#1009107 - VUL-0: CVE-2016-9383: XSA-195: xen: x86 64-bit bit
test instruction emulation broken
58343ec2-x86emul-fix-huge-bit-offset-handling.patch
- bsc#1009108 - VUL-0: CVE-2016-9377,CVE-2016-9378: XSA-196: xen:
x86 software interrupt injection mis-handled
58343f29-x86-emul-correct-the-IDT-entry-calculation-in-inject_swint.patch
58343f44-x86-svm-fix-injection-of-software-interrupts.patch
- bsc#1009109 - VUL-0: CVE-2016-9381: XSA-197: xen: qemu incautious
about shared ring processing
CVE-2016-9381-xsa197-qemut.patch
- bsc#1009111 - VUL-0: CVE-2016-9379,CVE-2016-9380: XSA-198: xen:
delimiter injection vulnerabilities in pygrub
58343f79-pygrub-Properly-quote-results-when-returning-them-to-the-caller.patch
- Upstream patches from Jan
581b2c3b-x86-emul-reject-LGDT-LIDT-with-non-canonical-addresses.patch
581b647a-x86emul-L-S-G-I-DT-ignore-opsz-overrides-in-64-bit-mode.patch
58249392-x86-svm-dont-clobber-eax-edx-if-RDMSR-intercept-fails.patch
582c35d6-x86-vmx-correct-long-mode-check-in-vmx_cpuid_intercept.patch
582c35ee-x86-traps-dont-call-hvm_hypervisor_cpuid_leaf-for-PV.patch�- Update to Xen Version 4.7.1
xen-4.7.1-testing-src.tar.bz2
- Dropped patches contained in new tarball
xen-4.7.0-testing-src.tar.bz2
575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch
57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch
57973099-have-schedulers-revise-initial-placement.patch
579730e6-remove-buggy-initial-placement-algorithm.patch
57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch
57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch
57ac6316-don-t-restrict-DMA-heap-to-node-0.patch
57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch
57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch
57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch
57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch
57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch
57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch
57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch
57c82be2-x86-32on64-adjust-call-gate-emulation.patch
57c93e52-fix-error-in-libxl_device_usbdev_list.patch
57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch
57c96e2c-x86-correct-PT_NOTE-file-position.patch
57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch
57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch
57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch
57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch
57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch
57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch
57d7ca5f-x86-domctl-fix-TOCTOU-race-in-XEN_DOMCTL_getvcpuextstate.patch
57d7ca64-x86-domctl-fix-migration-of-guests-not-using-xsave.patch
57da8883-credit1-fix-mask-to-be-used-for-tickling.patch
57da8883-credit2-properly-schedule-migration-of-running-vcpu.patch
57dfb1c5-x86-Intel-hide-CPUID-faulting-capability-from-guests.patch
57e93e1d-x86emul-correct-loading-of-ss.patch
57e93e4a-x86emul-don-t-allow-null-selector-for-LTR.patch
57e93e89-x86-AMD-apply-erratum-665-workaround.patch
57ee6cbc-credit1-return-time-remaining-to-limit-as-next-timeslice.patch
57f3a8ee-x86emul-honor-guest-CR0-TS-and-CR0-EM.patch
57fb6a91-x86-defer-not-present-segment-checks.patch
5800c51d-x86-hvm-Clobber-cs-L-when-LME-becomes-set.patch
5800caec-x86emul-fix-pushing-of-selector-registers.patch
5800cb06-x86-Viridian-don-t-depend-on-undefined-register-state.patch
580e29f9-x86-MISALIGNSSE-feature-depends-on-SSE.patch
57dfb2ff-x86-Intel-Broadwell-no-PKG_C8-10_RESIDENCY-MSRs.patch�- bsc#1004981 - Xen RPM doesn't contain debug hypervisor for EFI
systems
xen.spec�- bsc#1000106 - VUL-0: CVE-2016-7777: xen: CR0.TS and CR0.EM not
always honored for x86 HVM guests (XSA-190)
57f3a8ee-x86emul-honor-guest-CR0-TS-and-CR0-EM.patch
- bsc#996191 - [XEN][acpi]residency -n 88 -c will cause xen panic
on broadwell-ep
57dfb2ff-x86-Intel-Broadwell-no-PKG_C8-10_RESIDENCY-MSRs.patch
- Upstream patches from Jan
57d7ca5f-x86-domctl-fix-TOCTOU-race-in-XEN_DOMCTL_getvcpuextstate.patch
57d7ca64-x86-domctl-fix-migration-of-guests-not-using-xsave.patch
57da8883-credit1-fix-mask-to-be-used-for-tickling.patch
57da8883-credit2-properly-schedule-migration-of-running-vcpu.patch
57dfb1c5-x86-Intel-hide-CPUID-faulting-capability-from-guests.patch
57e93e1d-x86emul-correct-loading-of-ss.patch
57e93e4a-x86emul-don-t-allow-null-selector-for-LTR.patch
57e93e89-x86-AMD-apply-erratum-665-workaround.patch
57ee6cbc-credit1-return-time-remaining-to-limit-as-next-timeslice.patch
57fb6a91-x86-defer-not-present-segment-checks.patch
5800c51d-x86-hvm-Clobber-cs-L-when-LME-becomes-set.patch
5800caec-x86emul-fix-pushing-of-selector-registers.patch
5800cb06-x86-Viridian-don-t-depend-on-undefined-register-state.patch
580e29f9-x86-MISALIGNSSE-feature-depends-on-SSE.patch
5810a9cc-x86-emul-Correct-decoding-of-SReg3-operands.patch�- bsc#1007941 - Xen tools limit the number of vcpus to 256 when the
system has 384
xen-arch-kconfig-nr_cpus.patch�- bsc#1007157 - VUL-0: CVE-2016-8910: xen: net: rtl8139: infinite
loop while transmit in C+ mode
CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch�- bsc#1005004 - CVE-2016-8667: xen: dma: rc4030 divide by zero
error in set_next_tick
CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch
- bsc#1005005 - VUL-0: CVE-2016-8669: xen: char: divide by zero
error in serial_update_parameters
CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch�- bsc#1003030 - VUL-0: CVE-2016-7908: xen: net: Infinite loop in
mcf_fec_do_tx
CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch
- bsc#1003032 - VUL-0: CVE-2016-7909: xen: net: pcnet: infinite
loop in pcnet_rdra_addr
CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch�- bsc#995785 - VUL-0: CVE-2016-7092: xen: x86: Disallow L3
recursive pagetable for 32-bit PV guests (XSA-185)
57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch
- bsc#995789 - VUL-0: CVE-2016-7093: xen: x86: Mishandling of
instruction pointer truncation during emulation (XSA-186)
57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch
57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch
- bsc#995792 - VUL-0: CVE-2016-7094: xen: x86 HVM: Overflow of
sh_ctxt->seg_reg[] (XSA-187)
57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch
57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch
- bsc#991934 - xen hypervisor crash in csched_acct
57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch
- Upstream patches from Jan
57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch
57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch
57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch
57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch
57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch
57c82be2-x86-32on64-adjust-call-gate-emulation.patch
57c96e2c-x86-correct-PT_NOTE-file-position.patch
57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch�- bsc#979002 - add 60-persistent-xvd.rules and helper script
also to initrd, add the relevant dracut helper�- bnc#953518 - unplug also SCSI disks in qemu-xen-traditional for
upstream unplug protocol�- bsc#989679 - [pvusb feature] USB device not found when
'virsh detach-device guest usb.xml'
57c93e52-fix-error-in-libxl_device_usbdev_list.patch�- bsc#992224 - [HPS Bug] During boot of Xen Hypervisor, Failed to
get contiguous memory for DMA from Xen
57ac6316-don-t-restrict-DMA-heap-to-node-0.patch
- bsc#978755 - xen uefi systems fail to boot
- bsc#983697 - SLES12 SP2 Xen UEFI mode cannot boot
57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch
- Upstream patch from Jan
57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch�- spec: to stay compatible with the in-tree qemu-xen binary, use
/usr/bin/qemu-system-i386 instead of /usr/bin/qemu-system-x86_64
bsc#986164�- bsc#970135 - new virtualization project clock test randomly fails
on Xen
576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch
5769106e-x86-generate-assembler-equates-for-synthesized.patch
57a1e603-x86-time-adjust-local-system-time-initialization.patch
57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch
57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch
- bsc#991934 - xen hypervisor crash in csched_acct
57973099-have-schedulers-revise-initial-placement.patch
579730e6-remove-buggy-initial-placement-algorithm.patch
- bsc#988675 - VUL-0: CVE-2016-6258: xen: x86: Privilege escalation
in PV guests (XSA-182)
57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch
- bsc#988676 - VUL-0: CVE-2016-6259: xen: x86: Missing SMAP
whitelisting in 32-bit exception / event delivery (XSA-183)
57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch
- Upstream patches from Jan
57a30261-x86-support-newer-Intel-CPU-models.patch�- bsc#985503 - vif-route broken
vif-route.patch�- bsc#978413 - PV guest upgrade from sles11sp4 to sles12sp2 alpha3
failed on sles11sp4 xen host.
pygrub-handle-one-line-menu-entries.patch�- bsc#990843 - VUL-1: CVE-2016-6351: xen: qemu: scsi: esp: OOB
write access in esp_do_dma
CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch�- bsc#900418 - Dump cannot be performed on SLES12 XEN
57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch
- Upstream patches from Jan
575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch
57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch�- fate#319989 - Update to Xen 4.7 FCS
xen-4.7.0-testing-src.tar.bz2
- Drop CVE-2014-3672-qemut-xsa180.patch�- bsc#954872 - script block-dmmd not working as expected - libxl:
error: libxl_dm.c (Additional fixes)
block-dmmd�- Convert with_stubdom into build_conditional to allow adjusting
via prjconf
- Convert with_debug into build_conditional to allow adjusting
via prjconf�- bsc#979002 - add 60-persistent-xvd.rules and helper script to
xen-tools-domU to simplify transition to pvops based kernels�- Convert with_oxenstored into build_conditional to allow
adjusting via prjconf (fate#320836)�- bsc#983984 - VUL-0: CVE-2016-5338: xen: qemu: scsi: esp: OOB r/w
access while processing ESP_FIFO
CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch
- bsc#982960 - VUL-0: CVE-2016-5238: xen: qemu: scsi: esp: OOB
write when using non-DMA mode in get_cmd
CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch�- fate#319989 - Update to Xen 4.7 RC5
xen-4.7.0-testing-src.tar.bz2�- fate#319989 - Update to Xen 4.7 RC4
xen-4.7.0-testing-src.tar.bz2
- Dropped
xen.pkgconfig-4.7.patch
xsa164.patch�- bsc#981264 - VUL-0: CVE-2014-3672: xen: Unrestricted qemu logging
(XSA-180)
CVE-2014-3672-qemut-xsa180.patch�- bsc#980724 - VUL-0: CVE-2016-4441: Qemu: scsi: esp: OOB write
while writing to 's->cmdbuf' in get_cmd
CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch
- bsc#980716 - VUL-0: CVE-2016-4439: xen: scsi: esp: OOB write
while writing to 's->cmdbuf' in esp_reg_write
CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch�- fate#319989 - Update to Xen 4.7 RC3
xen-4.7.0-testing-src.tar.bz2
- Dropped
libxl-remove-cdrom-cachemode.patch
x86-PoD-only-reclaim-if-needed.patch
gcc6-warnings-as-errors.patch�- bsc#954872 - script block-dmmd not working as expected - libxl:
error: libxl_dm.c (another modification)
block-dmmd�- fate#319989 - Update to Xen 4.7 RC2
xen-4.7.0-testing-src.tar.bz2�- bsc#961600 - L3: poor performance when Xen HVM domU configured
with max memory > current memory
x86-PoD-only-reclaim-if-needed.patch�- Mark SONAMEs and pkgconfig as xen 4.7
xen.pkgconfig-4.7.patch�- bsc#977329 - Xen: Cannot boot HVM guests with empty cdrom
libxl-remove-cdrom-cachemode.patch�- fate#319989 - Update to Xen 4.7 RC1
xen-4.7.0-testing-src.tar.bz2�- fate#316614: set migration constraints from cmdline
restore libxl.set-migration-constraints-from-cmdline.patch�- Remove obsolete patch for xen-kmp
magic_ioport_compat.patch�- fate#316613: update to v12
libxl.pvscsi.patch�- Update to the latest Xen 4.7 pre-release c2994f86
Drop libxl.migrate-legacy-stream-read.patch�- bnc#972756 - Can't migrate HVM guest from SLES12SP1 Xen host
to SLES12SP2 Alpha 1 host using xl migrate
libxl.migrate-legacy-stream-read.patch�- Add patches from proposed upstream series to load BIOS's from
the toolstack instead of embedding in hvmloader
http://lists.xenproject.org/archives/html/xen-devel/2016-03/msg01626.html
0001-libxc-Rework-extra-module-initialisation.patch,
0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch,
0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch,
0004-firmware-makefile-install-BIOS-blob.patch,
0005-libxl-Load-guest-BIOS-from-file.patch,
0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch,
0007-hvmloader-Grab-the-hvm_start_info-pointer.patch,
0008-hvmloader-Locate-the-BIOS-blob.patch,
0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch,
0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch,
0011-hvmloader-Load-OVMF-from-modules.patch,
0012-hvmloader-Specific-bios_load-function-required.patch,
0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch,
0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch
- Enable support for UEFI on x86_64 using the ovmf-x86_64-ms.bin
firmware from qemu-ovmf-x86_64. The firmware is preloaded with
Microsoft keys to more closely resemble firmware on real hardware
FATE#320490�- fate#319989: Update to Xen 4.7 (pre-release)
xen-4.7.0-testing-src.tar.bz2
- Dropped:
xen-4.6.1-testing-src.tar.bz2
55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch
5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch
5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch
5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch
hotplug-Linux-block-performance-fix.patch
set-mtu-from-bridge-for-tap-interface.patch
xendomains-libvirtd-conflict.patch
xsa154.patch
xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch
xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch
xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch
xsa170.patch�- Use system SeaBIOS instead of building/installing another one
FATE#320638
Dropped files:
seabios-dir-remote.tar.bz2
xen-c99-fix.patch
xen.build-compare.seabios.patch�- spec: drop BuildRequires that were only needed for qemu-xen�- bsc#969377 - xen does not build with GCC 6
ipxe-use-rpm-opt-flags.patch
gcc6-warnings-as-errors.patch�- bsc#969351 - VUL-0: CVE-2016-2841: xen: net: ne2000: infinite
loop in ne2000_receive
CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch
- Drop xsa154-fix.patch�- Use system qemu instead of building/installing yet another qemu
FATE#320638
- Dropped files
qemu-xen-dir-remote.tar.bz2
CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch
CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch
CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch
CVE-2015-4037-qemuu-smb-config-dir-name.patch
CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch
CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch
CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch
CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch
CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch
CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch
CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch
CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch
CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch
CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch
CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch
CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch
CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
CVE-2016-2538-qemuu-usb-integer-overflow-in-remote-NDIS-message-handling.patch
CVE-2015-8619-qemuu-stack-based-OOB-write-in-hmp_sendkey-routine.patch
qemu-xen-enable-spice-support.patch
qemu-xen-upstream-qdisk-cache-unsafe.patch
tigervnc-long-press.patch
xsa162-qemuu.patch�- bsc#962321 - VUL-0: CVE-2016-1922: xen: i386: null pointer
dereference in vapic_write()
CVE-2016-1922-qemuu-i386-null-pointer-dereference-in-vapic_write.patch�- bsc#968004 - VUL-0: CVE-2016-2538: xen: usb: integer overflow in
remote NDIS control message handling
CVE-2016-2538-qemuu-usb-integer-overflow-in-remote-NDIS-message-handling.patch�- bsc#954872 - L3: script block-dmmd not working as expected -
libxl: error: libxl_dm.c
block-dmmd
- Update libxl to recognize dmmd and npiv prefix in disk spec
xen.libxl.dmmd.patch�- bsc#967101 - VUL-0: CVE-2016-2391: xen: usb: multiple eof_timers
in ohci module leads to null pointer dereference
CVE-2016-2391-qemuu-usb-null-pointer-dereference-in-ohci-module.patch
CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch
- bsc#967090 - VUL-0: CVE-2016-2392: xen: usb: null pointer
dereference in remote NDIS control message handling
CVE-2016-2392-qemuu-usb-null-pointer-dereference-in-NDIS-message-handling.patch�- Update to Xen Version 4.6.1
xen-4.6.1-testing-src.tar.bz2
- Dropped patches now contained in tarball or unnecessary
xen-4.6.0-testing-src.tar.bz2
5604f239-x86-PV-properly-populate-descriptor-tables.patch
561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-it-is-zero.patch
561d2046-VT-d-use-proper-error-codes-in-iommu_enable_x2apic_IR.patch
561d20a0-x86-hide-MWAITX-from-PV-domains.patch
561e3283-x86-NUMA-fix-SRAT-table-processor-entry-parsing-and-consumption.patch
5632118e-arm-Support-hypercall_create_continuation-for-multicall.patch
56321222-arm-rate-limit-logging-from-unimplemented-PHYSDEVOP-and-HVMOP.patch
56321249-arm-handle-races-between-relinquish_memory-and-free_domheap_pages.patch
5632127b-x86-guard-against-undue-super-page-PTE-creation.patch
5632129c-free-domain-s-vcpu-array.patch
563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
563212e4-xenoprof-free-domain-s-vcpu-array.patch
563212ff-x86-rate-limit-logging-in-do_xen-oprof-pmu-_op.patch
56323737-libxl-adjust-PoD-target-by-memory-fudge-too.patch
56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch
5641ceec-x86-HVM-always-intercept-AC-and-DB.patch
56549f24-x86-vPMU-document-as-unsupported.patch
5677f350-x86-make-debug-output-consistent-in-hvm_set_callback_via.patch
xsa155-qemut-qdisk-double-access.patch
xsa155-qemut-xenfb.patch
xsa155-qemuu-qdisk-double-access.patch
xsa155-qemuu-xenfb.patch
xsa159.patch
xsa160.patch
xsa162-qemut.patch
xsa165.patch
xsa166.patch
xsa167.patch
xsa168.patch�- bsc#965315 - VUL-0: CVE-2016-2270: xen: x86: inconsistent
cachability flags on guest mappings (XSA-154)
xsa154.patch
- bsc#965317 - VUL-0: CVE-2016-2271: xen: VMX: guest user mode may
crash guest with non-canonical RIP (XSA-170)
xsa170.patch�- bsc#965269 - VUL-1: CVE-2015-8619: xen: stack based OOB write in
hmp_sendkey routine
CVE-2015-8619-qemuu-stack-based-OOB-write-in-hmp_sendkey-routine.patch�- bsc#965156 - VUL-0: CVE-2015-6855: xen: ide: divide by zero issue
CVE-2015-6855-qemuu-ide-divide-by-zero-issue.patch
- bsc#965112 - VUL-0: CVE-2014-3640: xen: slirp: NULL pointer deref
in sosendto()
CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch�- bsc#964947 - VUL-0: CVE-2015-5278: xen: Infinite loop in
ne2000_receive() function
CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch
- bsc#956832 - VUL-0: CVE-2015-8345: xen: qemu: net: eepro100:
infinite loop in processing command block list
CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch
CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch�- bsc#964644 - VUL-0: CVE-2013-4533: xen pxa2xx: buffer overrun on
incoming migration
CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch
- bsc#964925 - VUL-0: CVE-2014-0222: xen: qcow1: validate L2 table
size to avoid integer overflows
CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch
- Dropped CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch�- bsc#964415 - VUL-1: CVE-2016-2198: xen: usb: ehci null pointer
dereference in ehci_caps_write
CVE-2016-2198-qemuu-usb-ehci-null-pointer-dereference-in-ehci_caps_write.patch
- bsc#964452 - VUL-0: CVE-2013-4534: xen: openpic: buffer overrun
on incoming migration
CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch�- bsc#963783 - VUL-1: CVE-2016-1981: xen: net: e1000 infinite loop
in start_xmit and e1000_receive_iov routines
CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch�- bsc#962758 - VUL-0: CVE-2013-4539: xen: tsc210x: buffer overrun
on invalid state load
CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch�- bsc#962632 - VUL-0: CVE-2015-1779: xen: vnc: insufficient
resource limiting in VNC websockets decoder
CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch
CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch
- bsc#962642 - VUL-0: CVE-2013-4537: xen: ssi-sd: buffer overrun on
invalid state load
CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch
- bsc#962627 - VUL-0: CVE-2014-7815: xen: vnc: insufficient
bits_per_pixel from the client sanitization
CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch�- bsc#962335 - VUL-0: CVE-2013-4538: xen: ssd0323: fix buffer
overun on invalid state
CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch
- bsc#962360 - VUL-0: CVE-2015-7512: xen: net: pcnet: buffer
overflow in non-loopback mode
CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch�- bsc#961692 - VUL-0: CVE-2016-1714: xen: nvram: OOB r/w access in
processing firmware configurations
CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch
CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch�- bsc#961358 - VUL-0: CVE-2015-8613: xen: qemu: scsi: stack based
buffer overflow in megasas_ctrl_get_info
CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch
- bsc#961332 - VUL-0: CVE-2016-1568: xen: Qemu: ide: ahci
use-after-free vulnerability in aio port commands
CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch�- bsc#959695 - missing docs for xen
xen.spec�- bsc#960862 - VUL-0: CVE-2016-1571: xen: VMX: intercept issue with
INVLPG on non-canonical address (XSA-168)
xsa168.patch
- bsc#960861 - VUL-0: CVE-2016-1570: xen: PV superpage
functionality missing sanity checks (XSA-167)
xsa167.patch
- bsc#960836 - VUL-0: CVE-2015-8744: xen: net: vmxnet3: incorrect
l2 header validation leads to a crash via assert(2) call
CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch�- bsc#960707 - VUL-0: CVE-2015-8745: xen: reading IMR registers
leads to a crash via assert(2) call
CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch
- bsc#960726 - VUL-0: CVE-2015-8743: xen: ne2000: OOB memory access
in ioport r/w functions
CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch�- bsc#960093 - VUL-0: CVE-2015-8615: xen: x86: unintentional
logging upon guest changing callback method (XSA-169)
5677f350-x86-make-debug-output-consistent-in-hvm_set_callback_via.patch�- Adjust xen-dom0-modules.service to run Before xenstored.service
instead of proc-xen.mount to workaround a bug in systemd "design"
(bnc#959845)�- bsc#959387 - VUL-0: CVE-2015-8568 CVE-2015-8567: xen: qemu: net:
vmxnet3: host memory leakage
CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch�- bsc#957988 - VUL-0: CVE-2015-8550: xen: paravirtualized drivers
incautious about shared memory contents (XSA-155)
xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch
xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch
xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch
xsa155-qemuu-qdisk-double-access.patch
xsa155-qemut-qdisk-double-access.patch
xsa155-qemuu-xenfb.patch
xsa155-qemut-xenfb.patch
- bsc#959006 - VUL-0: CVE-2015-8558: xen: qemu: usb: infinite loop
in ehci_advance_state results in DoS
CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch
- bsc#958918 - VUL-0: CVE-2015-7549: xen: qemu pci: null pointer
dereference issue
CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch
- bsc#958493 - VUL-0: CVE-2015-8504: xen: qemu: ui: vnc: avoid
floating point exception
CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch
CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch
- bsc#958007 - VUL-0: CVE-2015-8554: xen: qemu-dm buffer overrun in
MSI-X handling (XSA-164)
xsa164.patch
- bsc#958009 - VUL-0: CVE-2015-8555: xen: information leak in
legacy x86 FPU/XMM initialization (XSA-165)
xsa165.patch
- bsc#958523 - VUL-0: xen: ioreq handling possibly susceptible to
multiple read issue (XSA-166)
xsa166.patch�- bsc#956832 - VUL-0: CVE-2015-8345: xen: qemu: net: eepro100:
infinite loop in processing command block list
CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch
CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch
- Upstream patches from Jan
56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch
5641ceec-x86-HVM-always-intercept-AC-and-DB.patch (Replaces CVE-2015-5307-xsa156.patch)
5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch
56544a57-VMX-fix-adjust-trap-injection.patch
56546ab2-sched-fix-insert_vcpu-locking.patch�- bsc#956592 - VUL-0: xen: virtual PMU is unsupported (XSA-163)
56549f24-x86-vPMU-document-as-unsupported.patch
- bsc#956408 - VUL-0: CVE-2015-8339, CVE-2015-8340: xen:
XENMEM_exchange error handling issues (XSA-159)
xsa159.patch
- bsc#956409 - VUL-0: CVE-2015-8341: xen: libxl leak of pv kernel
and initrd on error (XSA-160)
xsa160.patch
- bsc#956411 - VUL-0: CVE-2015-7504: xen: heap buffer overflow
vulnerability in pcnet emulator (XSA-162)
xsa162-qemuu.patch
xsa162-qemut.patch
- bsc#947165 - VUL-0: CVE-2015-7311: xen: libxl fails to honour
readonly flag on disks with qemu-xen (xsa-142)
5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch
5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch�- fate#315712: XEN: Use the PVOPS kernel
Turn off building the KMPs now that we are using the pvops kernel
xen.spec�- Upstream patches from Jan
561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-it-is-zero.patch
561d20a0-x86-hide-MWAITX-from-PV-domains.patch
561e3283-x86-NUMA-fix-SRAT-table-processor-entry-parsing-and-consumption.patch
5632118e-arm-Support-hypercall_create_continuation-for-multicall.patch
56321222-arm-rate-limit-logging-from-unimplemented-PHYSDEVOP-and-HVMOP.patch
56321249-arm-handle-races-between-relinquish_memory-and-free_domheap_pages.patch
5632127b-x86-guard-against-undue-super-page-PTE-creation.patch
5632129c-free-domain-s-vcpu-array.patch (Replaces CVE-2015-7969-xsa149.patch)
563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
563212e4-xenoprof-free-domain-s-vcpu-array.patch
563212ff-x86-rate-limit-logging-in-do_xen-oprof-pmu-_op.patch
56323737-libxl-adjust-PoD-target-by-memory-fudge-too.patch
56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch
5641ceec-x86-HVM-always-intercept-AC-and-DB.patch (Replaces CVE-2015-5307-xsa156.patch)
5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch
- Dropped 55b0a2db-x86-MSI-track-guest-masking.patch�- Use upstream variants of block-iscsi and block-nbd�- Remove xenalyze.hg, its part of xen-4.6�- Update to Xen Version 4.6.0
xen-4.6.0-testing-src.tar.bz2
mini-os.tar.bz2
blktap2-no-uninit.patch
stubdom-have-iovec.patch
- Renamed
xsa149.patch to CVE-2015-7969-xsa149.patch
- Dropped patches now contained in tarball or unnecessary
xen-4.5.2-testing-src.tar.bz2
54c2553c-grant-table-use-uint16_t-consistently-for-offset-and-length.patch
54ca33bc-grant-table-refactor-grant-copy-to-reduce-duplicate-code.patch
54ca340e-grant-table-defer-releasing-pages-acquired-in-a-grant-copy.patch
54f4985f-libxl-fix-libvirtd-double-free.patch
55103616-vm-assist-prepare-for-discontiguous-used-bit-numbers.patch
551ac326-xentop-add-support-for-qdisk.patch
552d0fd2-x86-hvm-don-t-include-asm-spinlock-h.patch
552d0fe8-x86-mtrr-include-asm-atomic.h.patch
552d293b-x86-vMSI-X-honor-all-mask-requests.patch
552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch
5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch
5548e903-domctl-don-t-truncate-XEN_DOMCTL_max_mem-requests.patch
5548e95d-x86-allow-to-suppress-M2P-user-mode-exposure.patch
554c7aee-x86-provide-arch_fetch_and_add.patch
554c7b00-arm-provide-arch_fetch_and_add.patch
554cc211-libxl-add-qxl.patch 55534b0a-x86-provide-add_sized.patch
55534b25-arm-provide-add_sized.patch
5555a4f8-use-ticket-locks-for-spin-locks.patch
5555a5b9-x86-arm-remove-asm-spinlock-h.patch
5555a8ec-introduce-non-contiguous-allocation.patch
556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch
5576f143-x86-adjust-PV-I-O-emulation-functions-types.patch
55795a52-x86-vMSI-X-support-qword-MMIO-access.patch
557eb55f-gnttab-per-active-entry-locking.patch
557eb5b6-gnttab-introduce-maptrack-lock.patch
557eb620-gnttab-make-the-grant-table-lock-a-read-write-lock.patch
557ffab8-evtchn-factor-out-freeing-an-event-channel.patch
5582bf43-evtchn-simplify-port_is_valid.patch
5582bf81-evtchn-remove-the-locking-when-unmasking-an-event-channel.patch
5583d9c5-x86-MSI-X-cleanup.patch
5583da09-x86-MSI-track-host-and-guest-masking-separately.patch
5583da64-gnttab-use-per-VCPU-maptrack-free-lists.patch
5583da8c-gnttab-steal-maptrack-entries-from-other-VCPUs.patch
5587d711-evtchn-clear-xen_consumer-when-clearing-state.patch
5587d779-evtchn-defer-freeing-struct-evtchn-s-until-evtchn_destroy_final.patch
5587d7b7-evtchn-use-a-per-event-channel-lock-for-sending-events.patch
5587d7e2-evtchn-pad-struct-evtchn-to-64-bytes.patch
55b0a218-x86-PCI-CFG-write-intercept.patch
55b0a255-x86-MSI-X-maskall.patch 55b0a283-x86-MSI-X-teardown.patch
55b0a2ab-x86-MSI-X-enable.patch blktapctrl-close-fifos.patch
blktapctrl-default-to-ioemu.patch blktapctrl-disable-debug-printf.patch
blktap-no-uninit.patch blktap-pv-cdrom.patch build-tapdisk-ioemu.patch
ioemu-bdrv-open-CACHE_WB.patch ioemu-blktap-barriers.patch
ioemu-blktap-fv-init.patch ioemu-blktap-image-format.patch
ioemu-blktap-zero-size.patch libxl.set-migration-constraints-from-cmdline.patch
local_attach_support_for_phy.patch pci-attach-fix.patch
qemu-xen-upstream-megasas-buildtime.patch tapdisk-ioemu-logfile.patch
tapdisk-ioemu-shutdown-fix.patch udev-rules.patch xen.build-compare.ipxe.patch
xen.build-compare.mini-os.patch xen.build-compare.smbiosdate.patch
xen.build-compare.vgabios.patch xen.build-compare.xen_compile_h.patch
xl-coredump-file-location.patch�- bsc#954405 - VUL-0: CVE-2015-8104: Xen: guest to host DoS by
triggering an infinite loop in microcode via #DB exception
- bsc#954018 - VUL-0: CVE-2015-5307: xen: x86: CPU lockup during
fault delivery (XSA-156)
CVE-2015-5307-xsa156.patch�- Update to Xen 4.5.2
xen-4.5.2-testing-src.tar.bz2
- Drop the following
xen-4.5.1-testing-src.tar.bz2
552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch
5576f178-kexec-add-more-pages-to-v1-environment.patch
55780be1-x86-EFI-adjust-EFI_MEMORY_WP-handling-for-spec-version-2.5.patch
558bfaa0-x86-traps-avoid-using-current-too-early.patch
5592a116-nested-EPT-fix-the-handling-of-nested-EPT.patch
559b9dd6-x86-p2m-ept-don-t-unmap-in-use-EPT-pagetable.patch
559bc633-x86-cpupool-clear-proper-cpu_valid-bit-on-CPU-teardown.patch
559bc64e-credit1-properly-deal-with-CPUs-not-in-any-pool.patch
559bc87f-x86-hvmloader-avoid-data-corruption-with-xenstore-rw.patch
559bdde5-pull-in-latest-linux-earlycpio.patch
55a62eb0-xl-correct-handling-of-extra_config-in-main_cpupoolcreate.patch
55a66a1e-make-rangeset_report_ranges-report-all-ranges.patch
55a77e4f-dmar-device-scope-mem-leak-fix.patch
55c1d83d-x86-gdt-Drop-write-only-xalloc-d-array.patch
55c3232b-x86-mm-Make-hap-shadow-teardown-preemptible.patch
55dc78e9-x86-amd_ucode-skip-updates-for-final-levels.patch
55df2f76-IOMMU-skip-domains-without-page-tables-when-dumping.patch
55e43fd8-x86-NUMA-fix-setup_node.patch
55e43ff8-x86-NUMA-don-t-account-hotplug-regions.patch
55e593f1-x86-NUMA-make-init_node_heap-respect-Xen-heap-limit.patch
55f2e438-x86-hvm-fix-saved-pmtimer-and-hpet-values.patch
55f9345b-x86-MSI-fail-if-no-hardware-support.patch
5604f2e6-vt-d-fix-IM-bit-mask-and-unmask-of-FECTL_REG.patch
560a4af9-x86-EPT-tighten-conditions-of-IOMMU-mapping-updates.patch
560a7c36-x86-p2m-pt-delay-freeing-of-intermediate-page-tables.patch
560a7c53-x86-p2m-pt-ignore-pt-share-flag-for-shadow-mode-guests.patch
560bd926-credit1-fix-tickling-when-it-happens-from-a-remote-pCPU.patch
560e6d34-x86-p2m-pt-tighten-conditions-of-IOMMU-mapping-updates.patch
561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-0.patch
561d20a0-x86-hide-MWAITX-from-PV-domains.patch
561e3283-x86-NUMA-fix-SRAT-table-processor-entry-handling.patch
563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
CVE-2015-4106-xsa131-9.patch CVE-2015-3259-xsa137.patch
CVE-2015-7311-xsa142.patch CVE-2015-7835-xsa148.patch
xsa139-qemuu.patch xsa140-qemuu-1.patch xsa140-qemuu-2.patch
xsa140-qemuu-3.patch xsa140-qemuu-4.patch xsa140-qemuu-5.patch
xsa140-qemuu-6.patch xsa140-qemuu-7.patch xsa140-qemut-1.patch
xsa140-qemut-2.patch xsa140-qemut-3.patch xsa140-qemut-4.patch
xsa140-qemut-5.patch xsa140-qemut-6.patch xsa140-qemut-7.patch
xsa151.patch xsa152.patch xsa153-libxl.patch
CVE-2015-5154-qemuu-check-array-bounds-before-writing-to-io_buffer.patch
CVE-2015-5154-qemuu-fix-START-STOP-UNIT-command-completion.patch
CVE-2015-5154-qemuu-clear-DRQ-after-handling-all-expected-accesses.patch
CVE-2015-5154-qemut-check-array-bounds-before-writing-to-io_buffer.patch
CVE-2015-5154-qemut-clear-DRQ-after-handling-all-expected-accesses.patch
CVE-2015-6815-qemuu-e1000-fix-infinite-loop.patch
CVE-2015-5239-qemuu-limit-client_cut_text-msg-payload-size.patch
CVE-2015-5239-qemut-limit-client_cut_text-msg-payload-size.patch"�- bsc#950704 - CVE-2015-7970 VUL-1: xen: x86: Long latency
populate-on-demand operation is not preemptible (XSA-150)
563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch�- Upstream patches from Jan
5604f239-x86-PV-properly-populate-descriptor-tables.patch
561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-0.patch
561d2046-VT-d-use-proper-error-codes-in-iommu_enable_x2apic_IR.patch
561d20a0-x86-hide-MWAITX-from-PV-domains.patch
561e3283-x86-NUMA-fix-SRAT-table-processor-entry-handling.patch�- bsc#951845 - VUL-0: CVE-2015-7972: xen: x86: populate-on-demand
balloon size inaccuracy can crash guests (XSA-153)
xsa153-libxl.patch�- bsc#950703 - VUL-1: CVE-2015-7969: xen: leak of main per-domain
vcpu pointer array (DoS) (XSA-149)
xsa149.patch
- bsc#950705 - VUL-1: CVE-2015-7969: xen: x86: leak of per-domain
profiling-related vcpu pointer array (DoS) (XSA-151)
xsa151.patch
- bsc#950706 - VUL-0: CVE-2015-7971: xen: x86: some pmu and
profiling hypercalls log without rate limiting (XSA-152)
xsa152.patch
- Dropped
55dc7937-x86-IO-APIC-don-t-create-pIRQ-mapping-from-masked-RTE.patch
5604f239-x86-PV-properly-populate-descriptor-tables.patch�- bsc#932267 - VUL-1: CVE-2015-4037: qemu,kvm,xen: insecure
temporary file use in /net/slirp.c
CVE-2015-4037-qemuu-smb-config-dir-name.patch
CVE-2015-4037-qemut-smb-config-dir-name.patch
- bsc#877642 - VUL-0: CVE-2014-0222: qemu: qcow1: validate L2 table
size to avoid integer overflows
CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch
CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch�- bsc#950367 - VUL-0: CVE-2015-7835: xen: x86: Uncontrolled
creation of large page mappings by PV guests (XSA-148)
CVE-2015-7835-xsa148.patch�- bsc#949138 - Setting vcpu affinity under Xen causes libvirtd
abort
54f4985f-libxl-fix-libvirtd-double-free.patch�- bsc#949046 - Increase %suse_version in SP1 to 1316
xen.spec
- Update README.SUSE detailing dom0 ballooning recommendations�- bsc#945167 - Running command ’ xl pci-assignable-add 03:10.1’
secondly show errors
55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch
- Upstream patches from Jan
55f2e438-x86-hvm-fix-saved-pmtimer-and-hpet-values.patch
55f9345b-x86-MSI-fail-if-no-hardware-support.patch
5604f239-x86-PV-properly-populate-descriptor-tables.patch
5604f2e6-vt-d-fix-IM-bit-mask-and-unmask-of-FECTL_REG.patch
560a4af9-x86-EPT-tighten-conditions-of-IOMMU-mapping-updates.patch
560a7c36-x86-p2m-pt-delay-freeing-of-intermediate-page-tables.patch
560a7c53-x86-p2m-pt-ignore-pt-share-flag-for-shadow-mode-guests.patch
560bd926-credit1-fix-tickling-when-it-happens-from-a-remote-pCPU.patch
560e6d34-x86-p2m-pt-tighten-conditions-of-IOMMU-mapping-updates.patch�- bsc#941074 - VmError: Device 51728 (vbd) could not be connected.
Hotplug scripts not working.
hotplug-Linux-block-performance-fix.patch�- bsc#947165 - VUL-0: CVE-2015-7311: xen: libxl fails to honour
readonly flag on disks with qemu-xen (xsa-142)
CVE-2015-7311-xsa142.patch�- bsc#945165 - Xl pci-attach show error with kernel of SLES 12 sp1
pci-attach-fix.patch�- bsc#945164 - Xl destroy show error with kernel of SLES 12 sp1
5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch�- Upstream patches from Jan
55dc78e9-x86-amd_ucode-skip-updates-for-final-levels.patch
55dc7937-x86-IO-APIC-don-t-create-pIRQ-mapping-from-masked-RTE.patch
55df2f76-IOMMU-skip-domains-without-page-tables-when-dumping.patch
55e43fd8-x86-NUMA-fix-setup_node.patch
55e43ff8-x86-NUMA-don-t-account-hotplug-regions.patch
55e593f1-x86-NUMA-make-init_node_heap-respect-Xen-heap-limit.patch
54c2553c-grant-table-use-uint16_t-consistently-for-offset-and-length.patch
54ca33bc-grant-table-refactor-grant-copy-to-reduce-duplicate-code.patch
54ca340e-grant-table-defer-releasing-pages-acquired-in-a-grant-copy.patch�- bsc#944463 - VUL-0: CVE-2015-5239: qemu-kvm: Integer overflow in
vnc_client_read() and protocol_client_msg()
CVE-2015-5239-qemuu-limit-client_cut_text-msg-payload-size.patch
CVE-2015-5239-qemut-limit-client_cut_text-msg-payload-size.patch
- bsc#944697 - VUL-1: CVE-2015-6815: qemu: net: e1000: infinite
loop issue
CVE-2015-6815-qemuu-e1000-fix-infinite-loop.patch
CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch�- bnc#935634 - VUL-0: CVE-2015-3259: xen: XSA-137: xl command line
config handling stack overflow
55a62eb0-xl-correct-handling-of-extra_config-in-main_cpupoolcreate.patch�- bsc#907514 - Bus fatal error & sles12 sudden reboot has been
observed
- bsc#910258 - SLES12 Xen host crashes with FATAL NMI after
shutdown of guest with VT-d NIC
- bsc#918984 - Bus fatal error & sles11-SP4 sudden reboot has been
observed
- bsc#923967 - Partner-L3: Bus fatal error & sles11-SP3 sudden
reboot has been observed
552d293b-x86-vMSI-X-honor-all-mask-requests.patch
552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch
5576f143-x86-adjust-PV-I-O-emulation-functions-types.patch
55795a52-x86-vMSI-X-support-qword-MMIO-access.patch
5583d9c5-x86-MSI-X-cleanup.patch
5583da09-x86-MSI-track-host-and-guest-masking-separately.patch
55b0a218-x86-PCI-CFG-write-intercept.patch
55b0a255-x86-MSI-X-maskall.patch
55b0a283-x86-MSI-X-teardown.patch
55b0a2ab-x86-MSI-X-enable.patch
55b0a2db-x86-MSI-track-guest-masking.patch
- Upstream patches from Jan
552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch
559bc633-x86-cpupool-clear-proper-cpu_valid-bit-on-CPU-teardown.patch
559bc64e-credit1-properly-deal-with-CPUs-not-in-any-pool.patch
559bc87f-x86-hvmloader-avoid-data-corruption-with-xenstore-rw.patch
55a66a1e-make-rangeset_report_ranges-report-all-ranges.patch
55a77e4f-dmar-device-scope-mem-leak-fix.patch
55c1d83d-x86-gdt-Drop-write-only-xalloc-d-array.patch
55c3232b-x86-mm-Make-hap-shadow-teardown-preemptible.patch
- Dropped for upstream version
x86-MSI-mask.patch
x86-MSI-pv-unmask.patch
x86-MSI-X-enable.patch
x86-MSI-X-maskall.patch
x86-MSI-X-teardown.patch
x86-pci_cfg_okay.patch
x86-PCI-CFG-write-intercept.patch�- bsc#939712 - VUL-0: XSA-140: QEMU leak of uninitialized heap
memory in rtl8139 device model
xsa140-qemuu-1.patch
xsa140-qemuu-2.patch
xsa140-qemuu-3.patch
xsa140-qemuu-4.patch
xsa140-qemuu-5.patch
xsa140-qemuu-6.patch
xsa140-qemuu-7.patch
xsa140-qemut-1.patch
xsa140-qemut-2.patch
xsa140-qemut-3.patch
xsa140-qemut-4.patch
xsa140-qemut-5.patch
xsa140-qemut-6.patch
xsa140-qemut-7.patch
- bsc#939709 - VUL-0: XSA-139: xen: Use after free in QEMU/Xen
block unplug protocol
xsa139-qemuu.patch�- bsc#937371 - xen vm's running after reboot
xendomains-libvirtd-conflict.patch�- bsc#938344 - VUL-0: CVE-2015-5154: qemu,kvm,xen: host code
execution via IDE subsystem CD-ROM
CVE-2015-5154-qemuu-check-array-bounds-before-writing-to-io_buffer.patch
CVE-2015-5154-qemut-check-array-bounds-before-writing-to-io_buffer.patch
CVE-2015-5154-qemuu-fix-START-STOP-UNIT-command-completion.patch
CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch
CVE-2015-5154-qemuu-clear-DRQ-after-handling-all-expected-accesses.patch
CVE-2015-5154-qemut-clear-DRQ-after-handling-all-expected-accesses.patch�- Remove xendomains.service from systemd preset file because it
conflicts with libvirt-guests.service (bnc#937371)
Its up to the admin to run systemctl enable xendomains.service�- bnc#935634 - VUL-0: CVE-2015-3259: xen: XSA-137: xl command line
config handling stack overflow
CVE-2015-3259-xsa137.patch
- Upstream patches from Jan
558bfaa0-x86-traps-avoid-using-current-too-early.patch
5592a116-nested-EPT-fix-the-handling-of-nested-EPT.patch
559b9dd6-x86-p2m-ept-don-t-unmap-in-use-EPT-pagetable.patch
559bdde5-pull-in-latest-linux-earlycpio.patch
- Upstream patches from Jan pending review
552d0fd2-x86-hvm-don-t-include-asm-spinlock-h.patch
552d0fe8-x86-mtrr-include-asm-atomic.h.patch
552d293b-x86-vMSI-X-honor-all-mask-requests.patch
552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch
554c7aee-x86-provide-arch_fetch_and_add.patch
554c7b00-arm-provide-arch_fetch_and_add.patch
55534b0a-x86-provide-add_sized.patch
55534b25-arm-provide-add_sized.patch
5555a4f8-use-ticket-locks-for-spin-locks.patch
5555a5b9-x86-arm-remove-asm-spinlock-h.patch
5555a8ec-introduce-non-contiguous-allocation.patch
55795a52-x86-vMSI-X-support-qword-MMIO-access.patch
557eb55f-gnttab-per-active-entry-locking.patch
557eb5b6-gnttab-introduce-maptrack-lock.patch
557eb620-gnttab-make-the-grant-table-lock-a-read-write-lock.patch
557ffab8-evtchn-factor-out-freeing-an-event-channel.patch
5582bf43-evtchn-simplify-port_is_valid.patch
5582bf81-evtchn-remove-the-locking-when-unmasking-an-event-channel.patch
5583d9c5-x86-MSI-X-cleanup.patch
5583da09-x86-MSI-track-host-and-guest-masking-separately.patch
5583da64-gnttab-use-per-VCPU-maptrack-free-lists.patch
5583da8c-gnttab-steal-maptrack-entries-from-other-VCPUs.patch
5587d711-evtchn-clear-xen_consumer-when-clearing-state.patch
5587d779-evtchn-defer-freeing-struct-evtchn-s-until-evtchn_destroy_final.patch
5587d7b7-evtchn-use-a-per-event-channel-lock-for-sending-events.patch
5587d7e2-evtchn-pad-struct-evtchn-to-64-bytes.patch
x86-MSI-pv-unmask.patch
x86-pci_cfg_okay.patch
x86-PCI-CFG-write-intercept.patch
x86-MSI-X-maskall.patch
x86-MSI-X-teardown.patch
x86-MSI-X-enable.patch
x86-MSI-mask.patch�- Adjust more places to use br0 instead of xenbr0�- bnc#936516 - xen fails to build with kernel update(4.1.0 from
stable)
556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch�- Update to Xen Version 4.5.1 FCS (fate#315675)
xen-4.5.1-testing-src.tar.bz2
- Dropped patches now contained in tarball
556c2cf2-x86-don-t-crash-mapping-a-page-using-EFI-rt-page-tables.patch
556d9718-efi-fix-allocation-problems-if-ExitBootServices-fails.patch
556eabf7-x86-apic-Disable-the-LAPIC-later-in-smp_send_stop.patch
556eac15-x86-crash-don-t-use-set_fixmap-in-the-crash-path.patch
55780aaa-efi-avoid-calling-boot-services-after-ExitBootServices.patch
55780aff-x86-EFI-fix-EFI_MEMORY_WP-handling.patch
55780b43-EFI-early-add-mapbs-to-map-EfiBootServices-Code-Data.patch
55780b97-EFI-support-default-attributes-to-map-Runtime-service-areas.patch
5513b458-allow-reboot-overrides-when-running-under-EFI.patch
5513b4d1-dont-apply-reboot-quirks-if-reboot-set-by-user.patch
5576f178-kexec-add-more-pages-to-v1-environment.patch
5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch
CVE-2015-3456-xsa133-qemuu.patch
CVE-2015-3456-xsa133-qemut.patch
qemu-MSI-X-enable-maskall.patch
qemu-MSI-X-latch-writes.patch
x86-MSI-X-guest-mask.patch�- Replace 5124efbe-add-qxl-support.patch with the variant that
finally made it upstream, 554cc211-libxl-add-qxl.patch�- bsc#931627 - VUL-0: CVE-2015-4105: XSA-130: xen: Guest triggerable
qemu MSI-X pass-through error messages
qemu-MSI-X-latch-writes.patch
- bsc#907514 - Bus fatal error & sles12 sudden reboot has been observed
- bsc#910258 - SLES12 Xen host crashes with FATAL NMI after shutdown
of guest with VT-d NIC
- bsc#918984 - Bus fatal error & sles11-SP4 sudden reboot has been
observed
- bsc#923967 - Partner-L3: Bus fatal error & sles11-SP3 sudden reboot
has been observed
x86-MSI-X-teardown.patch
x86-MSI-X-enable.patch
x86-MSI-X-guest-mask.patch
x86-MSI-X-maskall.patch
qemu-MSI-X-enable-maskall.patch
- Upstream patches from Jan
55780aaa-efi-avoid-calling-boot-services-after-ExitBootServices.patch
55780aff-x86-EFI-fix-EFI_MEMORY_WP-handling.patch
55780b43-EFI-early-add-mapbs-to-map-EfiBootServices-Code-Data.patch
55780b97-EFI-support-default-attributes-to-map-Runtime-service-areas.patch
55780be1-x86-EFI-adjust-EFI_MEMORY_WP-handling-for-spec-version-2.5.patch
55103616-vm-assist-prepare-for-discontiguous-used-bit-numbers.patch
5548e95d-x86-allow-to-suppress-M2P-user-mode-exposure.patch
- Dropped the following patches now contained in the tarball
xen-no-array-bounds.patch CVE-2015-4103-xsa128.patch
CVE-2015-4104-xsa129.patch CVE-2015-4105-xsa130.patch
CVE-2015-4106-xsa131-1.patch CVE-2015-4106-xsa131-2.patch
CVE-2015-4106-xsa131-3.patch CVE-2015-4106-xsa131-4.patch
CVE-2015-4106-xsa131-5.patch CVE-2015-4106-xsa131-6.patch
CVE-2015-4106-xsa131-7.patch CVE-2015-4106-xsa131-8.patch�- Update to Xen 4.5.1 RC2
- bsc#931628 - VUL-0: CVE-2015-4106: XSA-131: xen: Unmediated PCI
register access in qemu
CVE-2015-4106-xsa131-1.patch
CVE-2015-4106-xsa131-2.patch
CVE-2015-4106-xsa131-3.patch
CVE-2015-4106-xsa131-4.patch
CVE-2015-4106-xsa131-5.patch
CVE-2015-4106-xsa131-6.patch
CVE-2015-4106-xsa131-7.patch
CVE-2015-4106-xsa131-8.patch
CVE-2015-4106-xsa131-9.patch
- bsc#931627 - VUL-0: CVE-2015-4105: XSA-130: xen: Guest triggerable
qemu MSI-X pass-through error messages
CVE-2015-4105-xsa130.patch
- bsc#931626 - VUL-0: CVE-2015-4104: XSA-129: xen: PCI MSI mask
bits inadvertently exposed to guests
CVE-2015-4104-xsa129.patch
- bsc#931625 - VUL-0: CVE-2015-4103: XSA-128: xen: Potential
unintended writes to host MSI message data field via qemu
CVE-2015-4103-xsa128.patch
- Upstream patches from Jan
5548e903-domctl-don-t-truncate-XEN_DOMCTL_max_mem-requests.patch
556c2cf2-x86-don-t-crash-mapping-a-page-using-EFI-rt-page-tables.patch
556d9718-efi-fix-allocation-problems-if-ExitBootServices-fails.patch
556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch
556eabf7-x86-apic-Disable-the-LAPIC-later-in-smp_send_stop.patch
556eac15-x86-crash-don-t-use-set_fixmap-in-the-crash-path.patch�- Add DefaultDependencies=no to xen-dom0-modules.service because
it has to run before proc-xen.mount�- Update to Xen 4.5.1 RC1�- Update blktap-no-uninit.patch to work with gcc-4.5�- bsc#927967 - VUL-0: CVE-2015-3340: xen: Information leak through
XEN_DOMCTL_gettscinfo (XSA-132)
5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch�- bnc#929339 - VUL-0: CVE-2015-3456: qemu kvm xen: VENOM qemu
floppy driver host code execution
CVE-2015-3456-xsa133-qemuu.patch
CVE-2015-3456-xsa133-qemut.patch�- bsc#928783 - Reboot failure; Request backport of upstream Xen
patch to 4.5.0, or update pkgs to 4.5.1
5513b458-allow-reboot-overrides-when-running-under-EFI.patch
5513b4d1-dont-apply-reboot-quirks-if-reboot-set-by-user.patch�- bnc#927750 - Avoid errors reported by system-modules-load.service�- Add xen-no-array-bounds.patch and blktap-no-uninit.patch to selectively
turn errors back to warnings to fix build with GCC 5.
- Amend xen.stubdom.newlib.patch to pull in declaration of strcmp to
avoid implicit-fortify-decl rpmlint error.
- Fix quoting of __SMBIOS_DATE__ in xen.build-compare.smbiosdate.patch.�- xentop: Fix memory leak on read failure
551ac326-xentop-add-support-for-qdisk.patch�- Dropped xentop-add-support-for-qdisk.patch in favor of upstream
version
551ac326-xentop-add-support-for-qdisk.patch�- Enable spice support in qemu for x86_64
5124efbe-add-qxl-support.patch
qemu-xen-enable-spice-support.patch�- Add xen-c99-fix.patch to remove pointless inline specifier on
function declarations which break build with a C99 compiler which
GCC 5 is by default. (bsc#921994)
- Add ipxe-no-error-logical-not-parentheses.patch to supply
- Wno-logical-not-parentheses to the ipxe build to fix
breakage with GCC 5. (bsc#921994)�- bnc#921842 - Xentop doesn't display disk statistics for VMs using
qdisks
xentop-add-support-for-qdisk.patch�- Disable the PIE enablement done for Factory, as the XEN code
is not buildable with PIE and it does not make much sense
to build the hypervisor code with it.�- bnc#918169 - XEN fixes required to work with Kernel 3.19.0
xen.spec�- Package xen.changes because its referenced in xen.spec�- Update seabios to rel-1.7.5 which is the correct version for
Xen 4.5�- Update to Xen 4.5.0 FCS�- Include systemd presets in 13.2 and older�- bnc#897352 - Enable xencommons/xendomains only during fresh install
- disable restart on upgrade because the toolstack is not restartable�- adjust seabios, vgabios, stubdom and hvmloader build to reduce
build-compare noise
xen.build-compare.mini-os.patch
xen.build-compare.smbiosdate.patch
xen.build-compare.ipxe.patch
xen.build-compare.vgabios.patch
xen.build-compare.seabios.patch
xen.build-compare.man.patch�- Update to Xen 4.5.0 RC4�- Remove xend specific if-up scripts
Recording bridge slaves is a generic task which should be handled
by generic network code�- Use systemd features from upstream
requires updated systemd-presets-branding package�- Update to Xen 4.5.0 RC3�- Set GIT, WGET and FTP to /bin/false�- Use new configure features instead of make variables
xen.stubdom.newlib.patch�- adjust docs and xen build to reduce build-compare noise
xen.build-compare.doc_html.patch
xen.build-compare.xen_compile_h.patch�- Drop trailing B_CNT from XEN_EXTRAVERSION to reduce build-compare noise�- Update to Xen 4.5.0 RC2�- Update to Xen 4.5.0 RC1
xen-4.5.0-testing-src.tar.bz2
- Remove all patches now contained in the new tarball
xen-4.4.1-testing-src.tar.bz2
5315a3bb-x86-don-t-propagate-acpi_skip_timer_override-do-Dom0.patch
5315a43a-x86-ACPI-also-print-address-space-for-PM1x-fields.patch
53299d8f-xenconsole-reset-tty-on-failure.patch
53299d8f-xenconsole-tolerate-tty-errors.patch
5346a7a0-x86-AMD-support-further-feature-masking-MSRs.patch
53563ea4-x86-MSI-drop-workaround-for-insecure-Dom0-kernels.patch
537c9c77-libxc-check-return-values-on-mmap-and-madvise.patch
537cd0b0-hvmloader-also-cover-PCI-MMIO-ranges-above-4G-with-UC-MTRR-ranges.patch
537cd0cc-hvmloader-PA-range-0xfc000000-0xffffffff-should-be-UC.patch
539ebe62-x86-EFI-improve-boot-time-diagnostics.patch
53aac342-x86-HVM-consolidate-and-sanitize-CR4-guest-reserved-bit-determination.patch
53c9151b-Fix-xl-vncviewer-accesses-port-0-by-any-invalid-domid.patch
53d124e7-fix-list_domain_details-check-config-data-length-0.patch
53dba447-x86-ACPI-allow-CMOS-RTC-use-even-when-ACPI-says-there-is-none.patch
53df727b-x86-HVM-extend-LAPIC-shortcuts-around-P2M-lookups.patch
53e8be5f-x86-vHPET-use-rwlock-instead-of-simple-one.patch
53f737b1-VMX-fix-DebugCtl-MSR-clearing.patch
53f7386d-x86-irq-process-softirqs-in-irq-keyhandlers.patch
53fcebab-xen-pass-kernel-initrd-to-qemu.patch
53ff3659-x86-consolidate-boolean-inputs-in-hvm-and-p2m.patch
53ff36ae-x86-hvm-treat-non-insn-fetch-NPF-also-as-read-violations.patch
53ff36d5-x86-mem_event-deliver-gla-fault-EPT-violation-information.patch
53ff3716-x86-ats-Disable-Address-Translation-Services-by-default.patch
53ff3899-x86-NMI-allow-processing-unknown-NMIs-with-watchdog.patch
54005472-EPT-utilize-GLA-GPA-translation-known-for-certain-faults.patch
540effe6-evtchn-check-control-block-exists-when-using-FIFO-based-events.patch
540f2624-x86-idle-add-barriers-to-CLFLUSH-workaround.patch
541825dc-VMX-don-t-leave-x2APIC-MSR-intercepts-disabled.patch
541ad385-x86-suppress-event-check-IPI-to-MWAITing-CPUs.patch
541ad3ca-x86-HVM-batch-vCPU-wakeups.patch
541ad81a-VT-d-suppress-UR-signaling-for-further-desktop-chipsets.patch
54216833-x86-shadow-fix-race-when-sampling-dirty-vram-state.patch
54216882-x86-emulate-check-cpl-for-all-privileged-instructions.patch
542168ae-x86emul-only-emulate-swint-injection-for-real-mode.patch
54228a37-x86-EFI-fix-freeing-of-uninitialized-pointer.patch
5423e61c-x86emul-fix-SYSCALL-SYSENTER-SYSEXIT-emulation.patch
5424057f-x86-HVM-fix-miscellaneous-aspects-of-x2APIC-emulation.patch
542405b4-x86-HVM-fix-ID-handling-of-x2APIC-emulation.patch
542bf997-x86-HVM-properly-bound-x2APIC-MSR-range.patch
54325cc0-x86-MSI-fix-MSI-X-case-of-freeing-IRQ.patch
54325d2f-x86-restore-reserving-of-IO-APIC-pages-in-XENMEM_machine_memory_map-output.patch
54325d95-don-t-allow-Dom0-access-to-IOMMUs-MMIO-pages.patch
54325ecc-AMD-guest_iommu-properly-disable-guest-iommu-support.patch
54325f3c-x86-paging-make-log-dirty-operations-preemptible.patch
54379e6d-x86-vlapic-don-t-silently-accept-bad-vectors.patch
CVE-2013-4540-qemu.patch qemu-support-xen-hvm-direct-kernel-boot.patch
qemu-xen-upstream-blkif-discard.patch change-vnc-passwd.patch
libxc-pass-errno-to-callers-of-xc_domain_save.patch
libxl.honor-more-top-level-vfb-options.patch
libxl.add-option-for-discard-support-to-xl-disk-conf.patch
libxl.introduce-an-option-to-disable-the-non-O_DIRECT-workaround.patch
x86-dom-print.patch x86-extra-trap-info.patch tmp_build.patch
xl-check-for-libvirt-managed-domain.patch disable-wget-check.patch
- Xend/xm is no longer supported and is not part of the upstream code. Remove
all xend/xm specific patches, configs, and scripts
xen-xmexample.patch bridge-opensuse.patch xmexample.disks xmclone.sh
init.xend xend-relocation.sh xend.service xend-relocation-server.fw
domUloader.py xmexample.domUloader xmexample.disks
bridge-vlan.patch bridge-bonding.patch bridge-record-creation.patch
network-nat-open-SuSEfirewall2-FORWARD.patch
xend-set-migration-constraints-from-cmdline.patch
xen.migrate.tools-xend_move_assert_to_exception_block.patch
xend-pvscsi-recognize-also-SCSI-CDROM-devices.patch
xend-config.patch xend-max-free-mem.patch xend-hvm-default-pae.patch
xend-vif-route-ifup.patch xend-xenapi-console-protocol.patch xend-core-dump-loc.patch
xend-xen-api-auth.patch xend-checkpoint-rename.patch xend-xm-save-check-file.patch
xend-xm-create-xflag.patch xend-domu-usb-controller.patch xend-devid-or-name.patch
xend-migration-domname-fix.patch xend-del_usb_xend_entry.patch xend-xen-domUloader.patch
xend-multi-xvdp.patch xend-check_device_status.patch xend-change_home_server.patch
xend-minimum-restart-time.patch xend-disable-internal-logrotate.patch xend-config-enable-dump-comment.patch
xend-tools-watchdog-support.patch xend-console-port-restore.patch xend-vcpu-affinity-fix.patch
xend-migration-bridge-check.patch xend-managed-pci-device.patch xend-hvm-firmware-passthrough.patch
xend-cpuinfo-model-name.patch xend-xm-reboot-fix.patch xend-domain-lock.patch
xend-domain-lock-sfex.patch xend-32on64-extra-mem.patch xend-hv_extid_compatibility.patch
xend-xenpaging.autostart.patch xend-remove-xm-deprecation-warning.patch libxen_permissive.patch
tmp-initscript-modprobe.patch init.xendomains xendomains.service
xen-watchdog.service xen-updown.sh�- bnc#901317 - L3: increase limit domUloader to 32MB
domUloader.py�- bnc#898772 - SLES 12 RC3 - XEN Host crashes when assigning non-VF
device (SR-IOV) to guest
54325cc0-x86-MSI-fix-MSI-X-case-of-freeing-IRQ.patch
- bnc#882089 - Windows 2012 R2 fails to boot up with greater than
60 vcpus
54325ecc-AMD-guest_iommu-properly-disable-guest-iommu-support.patch
- bnc#826717 - VUL-0: CVE-2013-3495: XSA-59: xen: Intel VT-d
Interrupt Remapping engines can be evaded by native NMI interrupts
541ad81a-VT-d-suppress-UR-signaling-for-further-desktop-chipsets.patch
- Upstream patches from Jan
540effe6-evtchn-check-control-block-exists-when-using-FIFO-based-events.patch (Replaces xsa107.patch)
54216833-x86-shadow-fix-race-when-sampling-dirty-vram-state.patch (Replaces xsa104.patch)
54216882-x86-emulate-check-cpl-for-all-privileged-instructions.patch (Replaces xsa105.patch)
542168ae-x86emul-only-emulate-swint-injection-for-real-mode.patch (Replaces xsa106.patch)
54228a37-x86-EFI-fix-freeing-of-uninitialized-pointer.patch
5423e61c-x86emul-fix-SYSCALL-SYSENTER-SYSEXIT-emulation.patch
5424057f-x86-HVM-fix-miscellaneous-aspects-of-x2APIC-emulation.patch
542405b4-x86-HVM-fix-ID-handling-of-x2APIC-emulation.patch
542bf997-x86-HVM-properly-bound-x2APIC-MSR-range.patch (Replaces xsa108.patch)
54325d2f-x86-restore-reserving-of-IO-APIC-pages-in-XENMEM_machine_memory_map-output.patch
54325d95-don-t-allow-Dom0-access-to-IOMMUs-MMIO-pages.patch
54325f3c-x86-paging-make-log-dirty-operations-preemptible.patch (Replaces xsa97.patch)
54379e6d-x86-vlapic-don-t-silently-accept-bad-vectors.patch������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������ ���
�����������
��������������������������������������������������������������������������� ���!���"���#���$���%���&���'���(���)���*���+���,���-���.���/���0���1���2���3���4���5���6���7���8���9���:���;���<���=���>���?���@���A���B���C���D���E���F���G���H���I���J���K������������������������������������������������������������������������������������4.10.4_06-lp150.2.25.1�4.10.4_06-lp150.2.25.1���������������������������������������������������������������������������������������������������������������������������������������������� ��� ���
���
���
���
���
��� ��� ��� ��� ������������������������������������������������������������������������������������������������������������������������xen�html�hypercall�arm�index.html�index.html�x86_32�index.html�x86_64�index.html�index.html�man�index.html�xen-pci-device-reservations.7.html�xen-pv-channel.7.html�xen-tscmode.7.html�xen-vtpm.7.html�xen-vtpmmgr.7.html�xenstore-chmod.1.html�xenstore-ls.1.html�xenstore.1.html�xentop.1.html�xentrace.8.html�xentrace_format.1.html�xl-disk-configuration.5.html�xl-network-configuration.5.html�xl-numa-placement.7.html�xl.1.html�xl.cfg.5.html�xl.conf.5.html�xlcpupool.cfg.5.html�misc�amd-ucode-container.txt�arm�booting.txt�device-tree�acpi.txt�booting.txt�guest.txt�index.html�passthrough.txt�early-printk.txt�index.html�passthrough.txt�silicon-errata.txt�block-scripts.txt�console.txt�crashdb.txt�distro_mapping.txt�dump-core-format.txt�grant-tables.txt�index.html�kconfig-language.txt�kconfig.txt�kexec_and_kdump.txt�libxl_memory.txt�printk-formats.txt�qemu-backends.txt�qemu-deprivilege.txt�stubdom.txt�vtd-pi.txt�vtd.txt�vtpm-platforms.txt�xen-error-handling.txt�xenmon.txt�xenpaging.txt�xenstore-ring.txt�xenstore.txt�xsm-flask.txt�misc�crashdb.txt�vtpm-platforms.txt�xen-command-line.markdown�xenpaging.txt�xenstore-paths.markdown�/usr/share/doc/packages/�/usr/share/doc/packages/xen/�/usr/share/doc/packages/xen/html/�/usr/share/doc/packages/xen/html/hypercall/�/usr/share/doc/packages/xen/html/hypercall/arm/�/usr/share/doc/packages/xen/html/hypercall/x86_32/�/usr/share/doc/packages/xen/html/hypercall/x86_64/�/usr/share/doc/packages/xen/html/man/�/usr/share/doc/packages/xen/html/misc/�/usr/share/doc/packages/xen/html/misc/arm/�/usr/share/doc/packages/xen/html/misc/arm/device-tree/�/usr/share/doc/packages/xen/misc/�-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -g�obs://build.opensuse.org/openSUSE:Maintenance:11478/openSUSE_Leap_15.0_Update/2ff7bbfe6252b11e375926823eedd926-xen.openSUSE_Leap_15.0_Update�cpio�xz�5�x86_64-suse-linux���������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������directory�HTML document, ASCII text�XML 1.0 document, ASCII text, with very long lines�XML 1.0 document, ASCII text�C source, ASCII text�ASCII text�ASCII text, with very long lines��Algol 68 source, ASCII text�������utf-8�41fc7448747463dded61583ecaa8f14439a5171b63f01fdff3e2383a8d6825ee���������?����p����7zXZ��
���!�����t/�]��
�cr�t:bLL��F�ݼh�se{�A&�ʘ=�61(I!U�A���hG`)Z0q$4AJjʵyY&B4 �+JDBW���Ogp|x1jesTQ���!��/FTt1wi)0b�9]Y�s$�3�unf=Tέ/z$^8�iQʝ��k ��W�*O�֜]��oqΤ7PWӵ8S�6X:)A�B֗:CZ�;>$\ʥ'�ʗl.UrԟBa�@]m!f5�iԚ�YQCSj"MqΣ
jhtE
3�]M8R�"ABjѴO�nH[�zgG=
,|N�9nYUu^-�?g[/tǞ֞[`r*NWh`�@ָ3eMZ|�RUSg�D`�Ѫ�w�j;U <=VO&I��IK\M�'R^q%P�bj) +�1�_}�+G$`�Ő2mb�=��bQ�uM�;}HU?�())4}{_Y
��h#Ҷ�caj���S˜n Ɓ&wm�>es h2�U�1�d៉3+�ȿ&{N�v�&�+bHPmuzif(8ZW Ȉ e6\@��r!xD[&gh諦3��4xB
)É,Cٵ�MYlJt�q,䘩�3�ί
�� &�p\m0�8x-P߮$��sb�5��)A=0�Lt,0�P�r(3T�rѭu葽
VЄK�{쀰>�ܮ�8����2,:/RD�zC+♽D?
b�>�E/'<{���spmxN3g4_rv�[P IG�O`긕!�џd9!Yl"Y�@l� ��
��Z#
!7y�ّn��\kh�|B�b�Aà*{ͨ[Q{IpՈ@3kRBZF,6q4K+$�}ͺF�<2��+x~y�pJp��i50w>�~�=f(F�cũ$��ĥ8�ʓHw�b1"F�Y(я�KAq}�$7d�<�,R�=h@�e��UabFY-K\"Λ'+KcxSCvW�@�6\mwKi~&��3׆qJ']�SW�QqP|ꤰT7g�l728 *mV�11�?�n���绋G�E[x2aꉟ�565CX�!Hfu�v.d?rHR)9FVQ)*F�?IG<&흉m�@u
{�ko{Q�1$iƂA%5'uhr(D, N���}W.m�1L��a A7�lL�I:xf68Ư=o#�#QvG1E&I��3�X]QP�,F�Q
��bPj�gWkC[��i �nyK%_}>^�|jcӱ}mg<2�fhvۖ\���ӻ(oxTfN=�Y]{:5AC͉e�Y%��/˞葜;_5>�W#V�>�-���]cڊ蓚Uk
�aQ�'`*Pbxĩ1ܙ4"��j�Sk?}eNR`o"-"OR�5/3#~0ފאq᷸ǧ3=
.>G m�*�o$V�\|�j�OC�Ep��biߣa����~Ѣ�=/�ڒ��҄�mIcsՑ�H-2�p�(C]6b;8VL\֑z�I3�=��<�/p"S�E�����t]9ށ�VOA�@�
�r
#X9찊>6e3�&~$ǎ9�zKykt�F�sJW�j_T
NX
ߘ��`�7�?j#5v�R�Y���!Lဂx6(~*!F"jmp=�#E/kuW\6o+��oE(OP"6�@Y4(Hb#|V+"
/%�T#.m�| D�|(��
5N�%"=M�̉�.��w�
#�Y�BEÎF�N�r`>�ۜ��A\�f�Ijkׅo馃Ajԍ�o�%/|ZN
�oVh�1lһ�1.�Ƭ�Hh�OϤ,�BI�xو�N9\38Gnx�x5n5']Xi�u�hJ�s �yZt!m{E����M&�K_T.lz�-z �>�vz��8+��a}Cxf�zRV�ā.J"Yܷ4/ "9s��o0` 4Wz)^[Buf4X#s�*��nZ> �%T6rV@�(m� tc!Ysf.pF>Tvq�%09E�Cif&b>��}F�OƓD2S�mu.��iG좩iM!�2v�"%�:,"t[��N\|q]�uq~Ӭ�:4�îM"�B#
x/G\�
d<#6_I!YԖu�[X')8sK�>�Qi
X4*L{7v9LU�.0*\��a̚'`uv`K\��vⷓ�s=Rֳ1rAiaVp!c1._�ăro�!;T.e1�r*3�9W�*=Lۚ���rd]Jy��!uLusj&!�~*z-$W�5|/lz2Lãi}bA�@dd�#ٿbk��-Z`�J㻭0!�r|��z+��檘�[�,ޱi%Wc�)2[H8� �'AoF;:�EP9�6 [Zp+�^kC
�D���Kl=<�_z/Dg�SD$��|-C
���;��˙��OY�B�bp>,s�UhC��Sj�uObdAq��ۇB̿�T�jG�0v +Y+(95m��Ouup|�\)|,"?&DDUxPA
�1%K[U�ɵt݉@�/'o��B"X��1b�(
Z�Yd("�]dz�xr��cI1+'��L��C!$O�.�@kqDy�of:F x|LC{}5ۅ]yFN0:^Ivbt_�>,=�o .#�"64P\bSXi# ByNtyp)�τ�G%~U�;�G�ܴsFT{ o>feŽ�B�xU�[�%.준A��W&R@p/)rR*n߾��}X��o|Ņ�`*CQ0Oxf2cLJ8�t] ���Y�5%ޛ�Pmm&Nݶ-_hb��X*��ȵx2S� D\Lp7��vo)f
0>�4Llh�F9�:#9gnl��{JƎw�Q�(�6m7f�]H�t:*�.T2um���.Y>0Q=�;J�&ˁyzJ=Y?�D�#ue�Pp�R!LD[�n c~6zV
b�O[�y��z!uC҈��S��;&h]sh9@X`3L I�Iu+��Scϟ�8|��|ue�WF濾�;՚qM^#y�t0k͊OR)\Wh i4F;L Zպ_Яۜܝ�V�Jg;cd�f�o��;���Y,ѮhHn2Rc殜�#�2�)2�
Eu��[do#������p;U�^-:۽/�t0`%�$g�0Pfݔsz�<��UD�[�)f(6
�qɉqAc6q\@$O �e^UlL�tED{�|Uq�L&��}g~RZD ށA�0\o"m3bUU��^^|< �" 8��0gܭ7H��q�%2]d
YTq0mgD�z{,XroKΒ��3D�˿`2Wb$V yi"9�s>�H/�g,|MՉP�bzDhbvv 0:ZMf:H�fSȹ�<2
@)Tk6z�J@>�r��-B&�3s<�Éb5h$� ;XyL{r^cf�79cj>l͕�q`F77:jGRF�>�lB%@�}�4Z
��ى#EH.��aJv�Vwu)"M3t�r�&]v�S�*a?Sq�4͗8ǽ^r{?�x=� h(ZL�xwȑ��}S�qfXΜaˎݠiE�.�jh4`
\@?+DRԋNU>b�\ɴ-92/к5+guO��y_�Bw �끤3h�WL;d�5�2`�d2}��ΰ�Ҭ���ZfEY�5MUnXΐQm!"YL.�Z�2^o@ikO�}V)=DܘGT(m��#U�L$@CI*=Dյ圤kIĻVd1x&h*WΎJK�T��>Z�#�ƅt8`�9kF̱O$
E,$J
gjSuOc\vT�/2u,ں^(��mIa[�y+ʛ`.џ[ٜ(EΆq3n�/ݰ.ņo�\T�tW�W�j��ۿFvZ�[!Z'])پYã={ԳasΛHDuKO=:|�RfE �eE���_Vja6s�i9V[��]@M/?'k&�H�rL=3s�����Ѩm�]z|�R�Y|Z�.fZ+I;�G-%,���i�V^�_ְƎLVUə0$t3R�_a _"E&��#U[�L�GFTH�n�/z�iFٞ3{|l[d��u�֛hT�5W~sIw�{*LkUҧ2nƫր%'=$aڎ|9)�fWĦ]\��,Bސ0ͣ�IGGqhǗsc^џ6[DwF.��s>�L~;9�(~Yo�ǝЛT�k+�;Kk�b03MR8Y�P��
LNҥaMh0 =XlNv?5ʶIZ tY?)�icD^��t��ڂo|�]�i}�QX�un±Bϭ�VP~X=nۓ�"rkS�f@2k�AGzߎ��y-|y��5{QO]/�e8N䘐~7F���7��M�̌W}8=��888zZǶS^�X{˲_��1Fru;�aP"r����.B�J�ti<�q�|�&o`uf�Xo&��Y5N�3p�3P9бGĽ|
qpd4@16-i61SHW�ɲz1�YFt�
K dWQv}�ZC��� 걯#ϠqN(�$ĸ�Hh;"y�$5[>xcRO(O}J1ӨB_aPp+Ib�|F&]7�E۟0��%�.%K(�N�L]-q>\�F=f9#l��Jx�b3/;�uTy<�_�@a5LS"�w�.:V3�,<~5]3GdX$+�o�'>{,gpyCɲ=~�y!�C�y--F~DyÚΉ8ƪg�^Of̳7j*_SHʖ�є��b�l~�PR̈́G��7"HC
�=AjRw*�S(~bOrh+�u&�C ƚH��E�BǔM�9�t�jE7Ldי8rg �ONY崬?ηY:@^4�!C~j:,6�%r8�MIi7����ָٮ$=|:R��3c]�;a)CI;rͪ�K^Ǫ\N�OvX���%�z#J&Z�BLiw�O�PҠ���"3Ckv�E)3_�flhCo^��`�\ݭPOraǮ͍Ts�ě=\..�gJ1�`sDt4K6`x6 *9\�:\ \ZJPz4�4Р9B�[�uGKM�~EuHQ#ఘ�A,Qû��i/0~ �D�F@G �yWvL^�TF�F�K�Qܼ\b2أ�A��W~W<�[{"�JOڔ+ƐUH^�ۨAl/��i�lME�+]f�Mx�v��"w#ȿΝ�c)�r^�?K�r�rF:t? = xz'6o���Mq(^L/#Mv�Cay_���s�オ0�$}ƭjŻ١���=~5�lcNr�3/'�Śmf�͛%ز;nQQ/s}c`6I/jK�Vq��S>q����7U�*RX� gv|�PZq2ҏ��aЁ){L�j.�pLU7ȥP)X6n/,p;ӻ�PB3�aY�YK��{*G@BEZ")^\_�)�.'嫿ˤcA5xNB(��٭>B{ލ�XKԢ $�bO
�^-XY3O%GM��g*�%,O�
kX㏞���J�
t+N^;.zK�L 6�s�9KfD�vvKg�#*�Mp8O^LY>R;|ŮԐj�1?(
DkDc]$�<��Z$w=�5n��:�`q%�~�7�_�S}���jqU�LY2$�?�G%z�F�H�Uayiv
���DrDbZ�
?3:s]m+uJhꑵY=C;.Ikm��|YY
i_cK6DNv�O��ul4��Y`}Z>#Q�1��T�R$]vkE.1\)�|�e` xO�|Z+%��w߭�7!֓q[;(mbx+6s:�#U"k,0Se*`O�b6A�+m�dVb؞~�86b8�ߌYE�A�Md#"l�ꑕ>l�E�(
#+ %~�"~KEv�8Uʵyotw<&eL�4(ef�QBE���KTɥ�1٬yAYǹã�<�U�b��<�V6?b"
*J�g-i)#�V��"�%�B
1bb
j�5�5n%x�֖ۜ
�{f��UF%*݈Mi+t߉V;{9L;~+�'^}b�v8W:��
�~T4䷱m630v<5;Q�FED� fKB�9llW
c74
<7"tոnG�,k> 699štPk�L�?Oc{�-9��V>5cwи9j�b�8Cuޙ�=#[3�&'�0?r
_j_��8G�i=!�nY�n�ϊ0XW��TdE.ǫ�κ4$�bh0JDN(�\jgd1�cS1�vWH��jssٔ`y�Z], �,f_E�TlL'Q/l2�irr�}�[�W>�gt�2mƶϢQ�V\0M/"He>b�{0t
qRO -' ")wE= '+#�77H`�&)�?Z�O�~罳p �c����pβiÌbv\_P�zeq�(QP�DL>qf�AwUl+N.3*69DZ&!2-r
��*6$'L�Abl螎_b�xLG?z�Uwb�cC!��Mc:Ѕx
.i>a
yk4I [�f�ny&a]5�]|�G�(&X'
}�q _}!\Hɑk7K=�E !U~
DȻMcTS%2bDr�t?Oj]TV�Kq
oWI�-��ɑ
9bS>cjAϫk/1?/1ޯ(n26:�b�r(g��Qj`W�0T-z6~�u؍�lvE\0En4�M^0=z&J�x6}cQ Г-�
�-0n�nЫTJ38�D��"�%�չq/4|0�|%�cJ,}:ku�$ �@'RG7�J3c'="X,W0m.y}Tr�jz�,��d&X,u䲗t#0F�B)WUs1,U�z^%#@�k쀽ۣp2`1Is>X�s�HN3�cAã�uOϱ�h�5J�?lɌ9.)�]�
:EAeY��=WL/{�7�("ûPsI}AC#\>Mh`SDۇx�~jA?
=�K4ǫȸ~N=<�\A6�6klg&�R.-�Q?J�|:w8tTC��\# #n2xegbfQhK]v!�8�yc+
e3w42N-4�i;�[y8(�ZՑ"Y�'7- +4
aV$F\�ɻZF�}3�~@���Lxxc:Ay�|r%��2NF㲈0�8dr6Amr��A[P7왚Tϥ�ND7�G4
MyERd�-`b_Y#X5@
�m5+fg߽�{@()s?|�/n.Ԩ jP�W�tj�S,K-W=x,_Ti3WGX3pD��b)2Lݹ4hՈ�l �zqI%�ȻBjRA؇:�Iժ�5��gsq1!�Y�ex���uNi@m<$�J�?*
?^xU4D�ܰS\(`%�=a::m['�-ãA(C2Bi��k'�/�e�X��6dۭ|�Z+��?~KL�HU{ڵ 1�,IuttU��-�WmMJ`Bϔc��.g�89d��>`��2.9?is{Q[#<͐�Q�Uz��-z鵓�se0Cx��j?:"��b5ԅy�ف3��$9.�y�?vT���qo [hkܚ{lr͏ 2�|�B�2iHln`6�Ag�l�w�z÷c?jȠI8`�PKÿT�L\�VPƲrW)BF�ݛLBPa��]/?]�:�?("3�_7~(O2".
$:U'�IHi^Zyܵ#imߤO�OIr�26]-PuZ3>&/�*�.�/����a5�L%��Ey}"A��d�={HHVfE�L%P؊C.=9aC5l`6��y �RB�
�ъs|_kճW0�u��g�Pdz8~cAH�
| 2S,*]_KC~ZϺȘ"o$0h+݅J놑<���@oxZt�G,k ݤ�Zs0.h:]k�v�=��
n9/ͥuOC�Oʯ�:<'QJ9x�¯
yy:0a�$wT¡
!|�|P6|9!8F]�;ESTu;@*�4n`vl|L>��4x���q/ECz&m\OD]�}jOI"9�oke=P0 WHӇO!�
�hܧq};|@O�%�qÃiO��őF6tm.Hp�`݆�Uo
t!�nA�Qvň��1WUht�6۟OT}6Y)Xe{�{
a�$&/G�-8W]k$Ca�= Ba�p*e
bKNy1fZM��e۽
DI2vª7Ǜ^~brC::8ȉml��OQb&�"5{X�EU(e*Mxй�p.2|19�"YP�eIj{y3Ƣ��ﵱn˽~ ho݆kM3U���Qގ&`\OJJ;^7�9XcK�e� M�)�H&/V�C`; -�S�[B�#J|di-�h3|#Ix��{ &9̻JY�|UөxQ�3b+2.!;)f( =�je���F.�r3V�{m��sn\qݠ$]W эBp2�7Hx.)$E)%O1D�G��8檙�lPJ"�MZR(sN
=J�[q>V�Q6ޮ3G"�H�m4�t�d`T1(��Qm�ǽ��ʡ!a��,��N�Z+'�2:T��&q�Qc;t�[�gvR
g˞o(� �77t�ՋP㽬w>�N"GOhWM�?k�3wׁV8#�zha �KHl8���O:���SˈDcс#T
�� �_t юo6(DPl �b=�}�>ʛ9;�{ȓpm��}Pb�^cޣJ�UI�ی_)�KU�A8KO% �Y��o�ѽ�~7v0K�
R0��ݘ�i?�Tw|h�TDiJ:|��ړ�yuu��rc:$�HSExˈ�:�H+�[y.Rڍ�J nJ[l/pvkeĜ[E�=M�Ԥ��M
��Dc8GU1�M9�1;�!%e]6v�R@շN�FyUF]Mv}M5As:>�LS}YK7XABh"(�t�!"�t�ggFa�`[�Nʚ2a| B,nF��u(�?�Iq�q���vv`�L)&[o#x$UYR_S��|(y�6f@�-A��A�FN�xμhkB#R _|B!&
�qS2�N�f2�/+|uK��OUPg��-n3p,\ӊ~FUή`�Y�Ab,SnŮO8:RtVߚJ!�Xx�$"l8*%b
n�
�!#k��&�1
0`;�,/@LPٵM�%�b@N�*�2[NWJ��f}�ʡkk�1�f>ZqSPֲ�pp!M_J-aKI,5�s6-�ͨo#͠c%&�:�松ջq���G1`@YM�\0ͱJG�n�>Ah3t�)$zX�\�tw.o����ve��)g x{Q� j �BO'gˢm:75dÆx�
)) �B?v�νP5��M\1�9,W{B��C]��X6��wh2@n-�fi[&\2�1zꝁiߌz�8��.K\cݣ<�Cl2s�
u��i1w53?h�ue'V��0TaƠb��ojZ�d ;͔.w�-h!�1\q]?>�K\0W�E��h)z��~9آ5]=^(02�srx�|ѳ�S_GgF?_` xWhKyN"�-v_�J̅�߹ enJ�>W|,#�0UE�_~<̓nF�!dŵ�4rx83*\��*"H7 ҵa11!
~�^J�q���($0V�6�Fnc;�ˤW}�EB�dǽ(t^sRz:B�x=1bxDh}�
Pi��{լG](ڊ i�gvǼ)G2%o� *a˚q�[rq^mpN�r]�X.wFg�N�]b�v+�S�o�RՏȫj(!|ʧ*BV=��F��'�M`�UShaM'T� aK�$sl4G�VZhaS
ZT�w3�Jt6AqO^P`M&4�hN\9�*/hTXRG<�=XɏG�� 8�3@(Ĺ_�Oz�R0"%I%'N��SLj
�z4M.UNťz�(?KbHv�fR�9p57��oļ��|WO�A RAb�1DD,M#zLkU~M7㶓�?�/ǻ�0�y3<�[u0�^?�~sSݰm.1oq,�(iسCޖᵭݜ*�t?�'Fɽv6`S>�{*彷w��7R!╌�zXP�kr�tb$��!NG$I&ҕˈDE`qu�l�Ɗ��a>��9n��lrN$Wnexҝ�RXkcB\`Tȸ4{ĴzFdzYr\#&/fLV&Ѻ�%C1;�%o��-ѱ_T!(JPlT2F&>��J�T)MW�%Ԇrª+�o,_4oIݿJ��T���zS��'m$^s�k'^�\!i �$En:2nZO�Y\UR��#W�>֠p_A쵦-t+bwQ*黀{[�rjw�0F�b$V߸�VСWf^ƕ狢"u�D&�yhK
+T�j�%P_��1
>qNT�(9c@�!ڏ7L[c
lT<٦'ٗk�N-�oY,�.5�A]I=Q4B�G
fU]BO�[,zG�:"p=UC���\_{[�ל�ԫ[��Rc �|qCʰ�pwUv?oyZgճs!$d&�&y謍�QU6TG{Ń�)�(OGrij*\YG�YO**w�˓&�[J{_U0pWF���i�yV*ɲ5}v
LjJ
u�J��N48cEa�l9A�*5|ad��Yr���ݮ�Wΰ}�2Jb:S�m��ؠH6ax9<�I/ĢYw�A�,wқ|j�.=q�H:WcHGk��}w�b̀�9/uޗ�+.�_a,C��P^�k4dK|Q@'61��]�c��Aꫡf
�zz3Wf8]U& U;�Z�z_\vr�Г'LU�N�bș2JGˠ�XKp')�dzVzN
JԞ&/R��hw,+=Bֶ�UGS7DGtz�ѫ��� 8 -ӅpMX(څ}5R!�P���ȱ�ֆƖ6g"�%lkknp\#CeP),&0
!(m֓`+tp��{#g+�{^��Twֿz<շԉ@� |5Z<\nM\kbs��1��]5Wv&%ZYϩ #�Q)̬FA|G6�\)8k3W�UiN��z�ct�0խava�)��|)<�kt����Pw_8V�;ڐ�16Zf;^AR`'-R%gRMz�r⧫ZJ!6{MzuP�ܚ�%v[c6[�(KE�\o*@T��Yɱ$[ćx�3N7|aXfM�!73�E`jdk^s[0؟QWjPwVn�&C �LŅu1
�aca^t+ƤBa/�W44Ŀ
PXε���X�1҉.~b��,�(K9����ypOrJ�8�SCbؕQ=wA{n]�iSi\�w�d*Iҡ�Dpk��1:k/yf�w�m:䪊��M^7Y�(@6 |MK�Tzw�uN�9X[oy<`�6̗=�˟_;$R|zNY|$@N\l�:D�Zv�$0�aR&V�zR+cFR1ɐ&c`!Fr�;7GЩ
}KD�Gj}�v�wsSbĩN~UL;x�F5{�oYR�;8���'r6IY^�U}K5Oˎ�
j|e|jwX�ps~�7j�`� CV�CQ"Ӹ(5;P5( ZQ]0a0#| �Y2-x��Q!��h&��5�tH)w�q�.P�Kjg�J7�N�I4�vP���`?](�сqG�PHHAY+B>��ı6"]g|uoڲdc��SJ�#uU �1__9AYrS`ni�T �y�
��s:�Z+y��hm7|�[�h}�\'_nљ�O�#M fFSptL6,AE &�O�<8D�|�|Ώwvi�hs�Im,�}y�P�!_�'Sgc���S_�3x��g;l
aMN�|g�#;�{���_WY�t�/�?4E]^��v�b %�t@jTI=2iZb|ś�$gW0��
k��݉ܡXy;�>-xxl(ϊ�(|q;6w>|_2?ܬ1X�\&X�-�1rL&誖��Ƥ�`pU�,SFfH]RLyQ�W��Q}gs%U0+nV�6͠W�Վ*.]��Y9f�(�u4-��"�J�K/,I�q�N;���s5i&B?~�J$ɉe#=�sFm?ʲ7~, ,NUn�9�#g2:7Jzȏ6FVb/K$��'?0R.#_�S�JKE>�HQE `�Msh��[�[u6
ˋ\#Y>�}XYf#
b�+9k\b"��7:+^F7>B∅l {q)NL=F2D*BA��;|bEz\,kKOr�$x�+5x_I`s.ִ�X&v
V/���6+$c�SP6��惚gyNHHVN�'GD5lD��HE%I�;w�&6vl晃w`g:�&N4f'GW'�H�ǣF��7
NfZ<�?0SqK^<
�Y����ۍ6�A'�oF�r�C,}9Pywo)H^~_wK{+\dLp�ԭgG���
�2 &MŎ}W%m1.(
$7�C!p0 w3J]!O�~zCϸNڃ�TEN�P,n0hW#?"PF�p7�pBmdk
ם�ODYu�.caKq{?TeJd�])?:WEDlUq#<�fY�;z�8D�:ÅmdjDdjCYF{X1�a��QLL��2�c�F xܷr9f >�z35zj�%
�^au'V6_=9$-ͦ!{|"ۃE0�s*�?cD ݨ*e�^.b�T..�'_�xa2�hAW���Y
��gGi�Й
UJGv7���bNг�8N1K>2ӱ�}~IdSg�
+�lA�/uU-��8
#LXĮFYƃu�aVXP:5醄yͩ{wXeJE0TB�8a�U9Idv�"hzX�Գɤ"x"{D� s}�F@�Jz2E
�ιɨCP9өs)��p]Ϡ�髖bРݼcf;,<.ZV�Vl,�$��jLJ�~hQ�nvDžZ�<6���1�|x9I<_6H�`u(P
�JO^�hZc��.m�%x�Y�KΘF�s�ixCB�A!�ztJɴeZ.�YizD��GO;�!o��@] %U%_d�fN;� �rق}}�\'$P阧,=a'#hb>_l5ܯ�'K5u&E.8WdTw<]Vcd쓌ƀ�9VB�`ykB:4%5%I'`�6_j�}wELz껋�Z lf��l���Q,U
c|t�O&`U�/'J�0#�0d=W
^w,V�tM�C~˯[{0ha�tXWFbNQfb��y4%�7�p}I/}FD7G0C�ΙR|K[1�axleoJ8,� P鉥K=wʵ�%D
v~&igW%bG1*D+�+q4Qa [.\.a��>6�Ke|�z` �&+��-�z�"��
�nFB�E'J2|�#A-ٷB$�ٔÂS�gKlr�#3�RLT:�vc�]=&�(�u�ذ�[��O�4W|.&O�kWZCͽz с�/TO:��4nj�X�_�gfKr�L�l{,|r<�eާ%�#��=�9=xǴx��k�nsg�ӫ��$~)pEcY��??�)08ڤ֠\˘y�
9�*i'h3L|P!Ni����[>q솓A-<ڂ�ٶpo,[5�cЫ+ցޙBZϹL�T�{Y.fZpc%��bGF+rgA6[nE)
I5fVNr6���F[��0ՖʀHR�S$m.y6�{Qh3]tfd�qQxUp1_Z)c��T/*W_*ăUʄ���Ouz�Y?�ﰣ4$A%}Mj'؋��i,�b}L92CK�rR#V��N^w'H��a+�ź0ݪGב?{,D~&UƩ\f��MOo�
22�Y�'s���'H�{4E��Tm.aޫܞA8G;��0�5;g*+A[GٿO{IG-UKp݃i|0OZ,GK�ssF'6w!@�Bz"y� FT��q`�|�1dѸ,y��lC�Y<�Kuz{wv~
py}5�7P[@ `*k%�m%0LC5L4Td $L蚭k�k/f;�ўv/i�^P.�Wo`�Db��\skθl�O<�BᏙ�fzրT+ˉ%'a,�CP���vD�u�v]t�\gg*<1z}�[HB0��+�sHUXh@^�w,�AP#WO0:qD�Ds@Ax�FU"�$v�viKICw�479zp+U�O�̤n3_Fm?fϸm�ę/=9z�R&Y��^TH
4c(�RSVO\�0akWb|z?+>~dē|O!=')TR~i<ꭴ|I7��K݁p^w �KH��x�B ҫm�۱q ��ՓS3gwCa1�orEx���&>�8@Lܫv3<��A��M2�Ȱ?g�gv�2hJJfIb%P���%��|`
�ȶ�f.E#]KA8d?(]&2�ٮ]
qWA\
Vm047�+mgC0gN)t:Eᄉ�V3pׯCSmMgğDD: y$Ԇ M[J3A7İBO#²vW�Orw-!O>.MNhf@;�kEz?"�i�%��͒Cu|fT7G*��4U�*),
4h
҄bz�=H�(e,*EILLJağ�NJtjd9`��ڎn$gdZ�I'*\\-��Kgy�wS$fME�n��D!t��[Ud6,JL3aN:�mne2�@�qm�y����rZZ%^o㲹�#\�Ўl2늙|�wZR\L8тsI=T!�/�@$�jW0 �-J$�X�s�N]'m.M|�w��8u���,ȷgH\lLY°K X5;]�'Ϭ)):jђ.aJƘ@"6�d[��gF
s*B#?:}p"iJ�}ůcLw�~�AhV.`Pǧثb�k�'J~�ߘeiTt�C+8rPC2�#{���sHH38`Hh�4[G�&&Fa�1+MgeZG{���;PN�g��Ғ�а&A�πQh҃�8M^Z�+Zu7;�[<)T���C#F3h( qXBy36w}{�ԞD'Fô( �%Δa�R�Ea`+V1x_(xK~Q-p"'\N�62D��}2�O���E
í~R�9r`I�I�*�_: �n�Τ8�tLD=wF�K�Q준�Bl�zg�&B
]J��
0�Ć.+jh.Hkp�%��o�,(gqjOg2wZLDD.�<�J
2�״esS�I:(ŧ�TDs��,%o4+/�U,�ͅPl@�$q?a�C>ptpbjs
=BI�(Qv䊄�4d�E.Gh1�tP]�R1�= K"W�p:jȀrrژ&\*�[57s*~E�Ͻ�H�(�SN3*�l)$V�D�\i5W^e]G
2Spؑ
�k�� k��-}тK#Yeh��vPɵ�ïb�J�I0_bR��Q3xg ��)PmjÀhoW̗�Jgtz|ReL&"Y�, mr m�BhG��n6��iP*i6y1+N?rhe�2G]J[an#<ܚ�\V�d|H$s|/�ݤm���|4,I448�Cd߸���]JG6 Nx"LG+܃ 8�`@UM�4�}Eԓ��da(ˁWvx�,ˇ�zG'�ӗWc}~'PV�d�wxM[ĺ~*��}�V�_:��3w9�-��z弝h1OL�߶Ah}:-Gk=S1cF�S%7t!b ]�q@#=Ax�xx!�(Ҡ�Ő(��д-�/x��)�o�υ��Չ6p}�XhP^3Eu�HEɮ�Nf}pN/
Wt�vk&'�"�n�nvc����w@)W3K�C2Q٨�\m4�d+Kvԕ{�o"2 i�krD7k̲ҵ3)F`u%GS$d!�5FFy52F��OFmrbkñ;{=_{v 30<�K;qƗ]29ZY�ʳ�3qM29�m�WV�~gXϧQ re;3�3�{L�s�dg�=״34^PY]b/튣H ~n�
j^83%)ܲn+!j:v�ʳ^�#K#�lG<��XA8V&)�y��Uhc�~5t�%`|ؑI�kZ�$�ID��,;yKoOs~�J*9
5�&�hg@h�!��,�'Ff�D19ͷQ��c\L;*:;���tfm,U#�2t8IaI�z�n(�ǞM}xHc�D�a-�=[jj>A�fi<ڗ��4
ۦSݟµx@;@� TH>>̀��*hJIu =y艧7o]@\61�^
"sN��3�QmzVI�oRz8ҍ|��bvNp�ٖ�hfϘE$x3!M*�w
X)b'|y48G˗'#Ƶn5t9Ky�%c�>��Y;75E
�Yy�� %~m�R*64,-�,0V�9� M�͕�@�Ҏ���N49�Emж�7k�b(�$sKpoYw�GyR[Y^3��7XAҳhhŶ:^en�C�`5`^bnj�3㗝 ޜno+qB-�~6�(.r9���3֨]Ʋ f!m��̟o_ 8˒8@�Z85�"@0#%~1_B"87Lg�cF*dUĄw⦤alqSG"5!D>вɴ�$]Ê{�Fa|iTcذjk
>*�
iP�J!PL3uBb/4�Gw�;ma�(�R0�_"��:8�dơ#ۼzWٴ�q=HTDŽV��Jļ)r¤�E�eq`I:d�+WyC�U&�zėcW2r>d #�� ^s˔:SQH�
:��9�2'�*Ё2hҀ? ��.@UGn:Ӗ��,��ΐ4/m{j'W��"o
öWUŰWY8zL#;KQeqȠrt�ݴ+55�X�g4j@+,CA@�@OZZ;Ŏ[c#2Dp [�5�*p/`>T(M���xV�[DY=I5M� �DI\3):rlKȏ�UVFR�55qӵSy>&�`C+uDQDD:e1<-��t(ɨ]�粰ƳwriW�n/���7�+���&�;1/rŋo'�l#�sדFn��(W$d3O�['.S�6Ɋ�z`.F�cv&ÖSv2_ٗ�>Sl <~,XA
Lhp{���Rv�})_�tm�|]�m}m�zV23s/j8PA
A
jT-�hn�ygp�] DՀ7_̖���н�j�tA$"��埖��zNX ^\yFMΠSrH _r��_]��4Z�5`m�S�f60*gnJG[F�=w>6C5Xb#�f]`.Dءg�1Téa((!�mz�;XB-]d_,Ԁ
x+~qF{�b��ORWRPB0�I;"�[�S�k}8,#p�ݩp,�8Z�ؽ9F���`�T||S!�;a<µXV�[|� LpCygt�Zg�X~T�vL�eRI-'m�xu_rOF;J��MҠog�b"7�qJ�sădp�6典r߇4��W���5!v��h{(rRu/ �=SN{I^-
'Cu:Ft5�71
w .:d@]e=P^}\ (�쀤>C8z�ye�H_#r����#mf�[]Hh$B�EFQ|eA��$%"'��jF�+1M� ;�kS��e`�19:a
)XG;\F
iIJ��CA�T���J�Lu�/f�ze%�NIJ�}E.E(,՞�Ssm}u�"�¥ �x�|-f�P�;2�g~儛�"'Y�轿Ϙ�Ò]�G#�5T>癥0S]ha]0'͘�vVN�fIU�a'ྕ�r�t8F[cߗڿp
^�.�:XO_�#�}�z�5M��0w&[� #QJ*\9hV!>Қ?I�邮�Ŧ&Hc�6
�Z>�eT��
4[��Mi5Q�Af_bQ=M�K�W*[?�㐪eΰ]F��Cg^oQ=f�W+�{,n@�#99?8rV]�j: 96>!?t
��?'-8)F�sr.r&Է[/�n
s6S�en:��.y-/9Kx+i�7�"�K|5)'�0Z&f
Y�xI�[xKN�um�s7�t&du
eV3sN�����4t+|ne�D#i�Eo_Ni"ғR̉UMY-�y!0J$8te`��d{GfO۴w@E=!4C쮿Mc`Om�t�(��6fV}ݭZF$�"BoӼh��_]Z
;+R�Qڊ~i�"�n�υ|\$!$t�ƫ^G=_HvmN4^�]]�s|ذ1j�^�\�5_[-J`[w�_Cs�h�V"U�2�1"?O�0IJ�(K$
Zt�gA&�%M\,)�WSNFȋMF�S-�m˩&|vk
4"0�E6T)9 ^6SO�(*J�qcD*ħ�KP6q� �u*㦕ѲYvwMV�6Tc,�{3�9���HZt>��N$Q�gc�l �|ͣo穧�DK}�
3fǓ=B�3���ޖ�|yЪ!le��ѣ�|�]c"9�W꒮�_U;�gXLmD�g_.FR(� *l�ovG5F�Ċ솒R<
+'ŻN}yVb!NrS!y*�i�a�UFW�J�$ ž3��Mi�j"UbLYo�/Si��{"�A70t�^$m�c�?6�g�e-=c"6~<_pw[h*Z�:'{?_��rF�BD@ҥS 1a�Pf�p��:+&+��Q$|c\5{DŁWp��ʮ��X!NuBG9iW;X/8�2Z�^&B�}u�x.47Fgyn�(X��hxO~G�(0@��0'LwK!�6en�W��'4�QKׇ#]|ݕZrS&6>7���8�\ښSaV킇)4r�0t�6JH��)�I�gM3#�h+e"O����"n
2xYʀ-�A:MYgVp�ەt�TS8>xPDay�dn�TT;Mi��,���O&�p'M��;�nM�]==(Y˓/J8.�6A�_T��[�`e~AdU9�'!/s7j�J�lS/H�g�?fh;oN��iy0%J傺�1m�uJh"JɐE�[y_ɚq0�1:NT��[�H=%L=agHԿ�T^K:sS����z�VhPMcgMK=#{%�
P�d�Ò݅(-3'l]¤[0�dYCi9q1C�^
!D+� @>l��ꯋV9{rmKH4{J#?|\y1~|�}x}z>L6fM�hMH�He�I{UZ�{����puo״��)�ԁ�Su��
&��i�w>%#�_u`�ۋ+Yu�=fC*ʶbz#�f4=᳠{�ņjp.ܜ}۱�r8뢺N\
CT�1ȷ��Ƙ� S
R
6io�o:�8P̱}
,8$�֏�*,*}�^8� "$S�n%f3;˔T+9
>�G`@�ޙC�萧�Y���KY©�R5P|�9+i,q|�Xv.Cw�xā 0S��S�N U�(Eo�HB-�/[�Z?�@#{^dK�Q$<ϱş�+=�d�Qq\m&��=�k!x�U6/Z�;>χiP^v�ÜA�|S{3
�`Ȯ3�9.n~{aK�^�s�Fpl�h�4:&tR7P>�0ه+m�ׁctvYֲܞMad=nƎ(]6yҚ?G�
U]ՍR=gMKP^>94�T"";4)C��nWפl�)� g\/x�#�jW]>�BB k�7moՇ.�_F.c$"4eU�ɮS%(!
�^7JS.
8^$:�ɚApSyy�@1�D"[Eܔ-UJ�& d!�~�"$���1�oDyӯta+.7T4��_NE�1��>4�Tfy'.YK��~N�NE�U�h�
q
ڢ\x�sv2`٤_d��>!@_�+^�lg:1LM�/DT$=[oΠ{�/9nDS�Qf;S6�R�FY�tVW|e#!�ҾiK�h`f<
4q0 �#W)K����]ԯtQ�ֻsDH�47,F�!!�H71-8jU�^�c �8�zqe6lM�eZ
ʠOnH�iؘTyOocE
`~X~lb�cm�\!ߨⳮ:{�6(ߓN}rSEJyjs'�.�W,t${�K��/�|{�*%����dQ=�4�]�\;[�@+�N6&Çu� m\%�m�
Zh%��@կRÉج3d��&3ME�AŖB�ģ!R^lr�J�Ęτe=� �-1K�%Ц
�VPRRWӬ٩�)7(8�pHϪrD㭰.%÷,&nk�xC�KL$6Θܸu)�:?�u#��U�3u0!G�n�~[Nap�a]s/,��*)[ZaM\|4#=%pLrχ�R�YE
�(�+)�CLЙ%>\W�cnRY�ˆR��9b� I'^�PP沣~d}>qLZ�?ga">m�RO0@rS5<`)��'\K֧�{^ozXP�B"j&;ͣJq'L y A�wPJ%{u�_tv8��fUi8ɁrעF:q�<$V_U\.ڝO�y}.*d1L�� z�k:^�(EC/&+šu\�c��l�5q.]�14�L�װ��9p�b|G6P&�srJSkW�m,۔;^,t�Y�@m5�>�
����_N6�M���cZ:@�0+`5g�6Wº5YR#djf'�h!P*R�"\TS��?;KM_\g�}d�#͔хQqO9W��ƮKqsK2tE��3ߛ�IYLVv=r�*0ؘ8$F2ұ�ǐ�DۗqtEۅ�)�x�)df�X�!|/r�']�@b[i�]yº�؊KI7uY�fR*8(|RW�\]�쥜I�W.�~O�ː"ȗ��"ʹ`;3(hA%
۶�FFN߭eY{6.r };B�Hѕ�
u{5ޛ;y�`�+u=~�mυ0`9�Unn*],G�8BՈ��&sP
�LN�
B$gE�\Vq}4�R40mpR)%�~{zX��|3#L2T֊�+D!cĕF�ꇪB&]J�k6{�W8Ȫ�gJ8dB 8;�R#D� x·�R+,QanHCmsC]��IعL:
`B~S$���5X}ӫ�<�5�iDt�~.�>Ö6*# GG֏nW=_�WB�"���Ɩlt�� np��9k(G{=�!�elv >�Ahi2#XiX�I!˾Z{)>#85{u�ד(�QQ0IQPS0˘譸aJ�A�1KYYQ�xYمG/4o�fֳ/�"�]h8n}N*ջ_u(��y/34;
^��v&˯5SL
te)pƑ�#'�Ko�t˯Π��'xvHzU�H��^g�Pȴ(HN\z]aáׄ�m+ؙs|g,8�R9��+�
H�+DHwYPzkC�{R$�hHg��ELB`k30CC^�5o1`UwC9ѯ�(1�y'
Mܹ_:AM$ҾmC��T�1pn��A0���/HG07�gSc:mŧyP즜M��v5�1=T�!�uda%GHō�5 a�)�~%��j�-47��}�7Nʇo�T�
t%H�qG'�~�{ۓ�^[�&༸|XEC}�!Eo&���U �ԫ'W�$�i)1�8j_b�)GnL@�nU:Q ]W�n�b.�,zS
Y�x�vc}[Mfs�O5jL(�:CԶ�z�eKO�H=-_Eo�<�GoU�0DDJBVO1N�S�z9e1iC]Np$[$b;� MV
�W�sqŪ:װۼ8|A�t5�4[�+>t�Ԁ|*)6��lR�VzywD`ʪ���RPȑ�'r8u2hϷ,�<7�M,T)<
A�
ڽp64;u�qax=e}'�ù&q/؈JL~^1�/*Q�_�*�ޱ�#�]u�iy;?HWL�l��mt:ꫭO~tmQTK��aPM#^1ǣ�����oen=)�-�d~2X�ְ��_*5.2M94oz��H� a3��Sg9wej�lA?I@+���eŰ#엌}8G]ړ3}�65HvA#} 4[@#<#�Q 9!^vaZ^jbri\L֫F4��e;Lʮ'|kL"P_(~n!��3dF$ �[&B1#]y@_7F��OӞ�KRD2W$~�ȡ7L��.�H.FPi/X��XHvY pEY�7���OMbNn@he�V���{rcȦ�)a>Hϩ��|OO9%?��˦�ܒㄍ�4̠*|0O(.��'۹�V"fV5ʳqqG�=m
]Ԧ �4rKwG��|�25T:Ο۪#]I=̤@6��WJA�7[L�,dL�)ʻ�w;}=Fx�ُŇjC�ݿK7ecK]w}�70=%$%L+�Q�6,~ȳ���l1qshT�[�Ok8Yȫ-4L-f^�N)#i IdErr0h&h�yn]y � Le :EŖ,'��64�uUsE>%+(.�4�ݦg�sʔ[7dT ����ی�ũ1\�ASV�9Jь>!�75{
2�!��}Q��LVq!
BAD�Qs�~�7G=#A���-|9�V�H�O,z�s'�eիvVQė�65#$ DQ ��4L� +5~l�=:tNhMTp��ޏtAo^Fsι��o+�&o0YWH,u<5J]b!p;!Ɲ�̱l\K|Nkm-Z�arYR/ 0�2v=Fefr�.".7
�9Gڿ2J�$!ݓN鞲.SX%̞:��yt���i�|\RLJ{�
f<4ڧ�>zKd�vRp��C)Ԑ�La^�_,�GL]KY'6��Pu,D�U(g@aY!Eu~���?���p;z+ߔ�
~n#;F�E�5��=^'4ZCt�g`®a`'O�Ӑ1�I%�u9O"��o�hal��odzu6
�B0IE��Be{M9VS�#=f �f�|��Lm�f�qҳ0�#�a�kH=U?�Z�Je|�uvdh{SjIw'Y+d��'2�h�,j3+}�dt~ϟ(ypm9�m�\�p7�eM~A҃Ή�BDjxY��\z�"|Σuϡ^e�oLׅf�%B8B�ͫX�Y33d�y~��!�]�`OoBi+�$o�Y3Sj/=���z#��B#B�eF��Bsǟ�qu6^�\7=]*u��b!}7��n0ķ�M�Дx��4�J8pI9ᴆysY��!W.�
�w`X6�%N�H\.�]D*{DjQ�N�H/P~+Lgv6 c��iI?Rnp,$T�l� B�]$�K�pimůAQLV(k|�gF Ń)K(L]�C
M]!j
Ԛ2#jrk�7�ܜ+;��ј J�ǧ]�P�ۊt�ud���bF~|&�B�$ˍqj8�f4լğ�fW(
$�< %r�%M';`�xڪN=�j�@ԍ\|��et,ԍ�itn�e|?%}�3*�rv�{^mR>coa.`f�Erf5cxCr�'Xp�ntQa<�G3uLjثS�=^AO_$TiRŨ͍��c{��#�c\�5[�r붶:EL�!D�e)oi��@I�;%'Z�e�@4K̮'5y�G]ٰԬmձi1Y REYP�|#�6p�MBu6k)��2us\�f4?]n)BZ*B'O�e8�j@�.�%vd4�"ԜAY_", @���1�2�sL�W&j�g(hՎƜE2;-#�w(
�w@*"os�q�7Z?���r�Ypnf-&v�_�sX7~#-b8E~{3�i/ʘVhRTe3OcaH�͉"=�4ȟJ�QI�~z�Q®ESm--b�EB�KQ�p2�LUl�Tں>�"B*5,^{�N-*{~:�u�Aעĝi0vx���$�n?{v�tmN|9ߍ��G \
Ur!%ɜfk�ۇg!Ŧ�I*�#7)t[�A7NfxO�a&;�v/9Tf
4n'�*�Tг`(Yp"W�q7x�rkN�.F#D@�e
l?+]҄ �\^]s(N7EzĝqnOIyښ�?p�#�?0ҿ�%kEg��09C@iLLDJN�a�[MղTޡզ�VQ.dD!�18W9]0l=��bb�0J�sq2�(�5_�hpG <�EB\@'%�~>��|�Ik� �mCK��?Iޖ춟\)fcшi�jYa@}�
qm\%}}]%/*"�3v�Bc{Dm�M>A�Iz7,넡5pZ|(�%�
Kx#i#�P2K̔�;�~w]PoZT ׃5A�+TZ�=��,�L!�r�� �vkd7㑽pp̪e-�vb�H�0�MŻ1�Q%{l$q�RO6G$�
e}| 0(n\>�>eM�6"�>5�X ���k+~0kwHu�#G4�h|& 1�/ީUu߇='bG�g-2ƱC�iS58-IS�%�^K��U��{TU{̮�Q�/m6xj�fGejp*9�JЊ]�N�td� �K�=ή9%c�'x,�ۥ,dWLj{l?�wUiy*QX[|-vKT@�7%�Dƚ+�̡(Ԁ<^�ev�xa�w��O[@ Tp,�6�ryT?M5�YަtMQ ^�Dm�")E#�����f";
�8;DZ5pn*]�ݰmsnJgq;�nt_�nZ4Ԫ&�FfO*U;_[iP�wS
͡T
GTU�)<��k(e/
!�VImWΨ4b�V�T\l�O[�0֔`OOO�.:01o"�D<$
dW~rC_yMȂ}LM#iZt��RSQ�j>S�{F2/*,w�1^DQ�_SK8MhdJP{�)n[�h; ;LZRz��N��4\E�ܯ�D|�r �|:�fl^qș�n�^"ͨ»aTݨb�Vv~�
!Q"#}Q�)'e��OI."?|I�:�ۅӗ OyY�0�LFz�:x�crz�jbW[Y>ic7AT�T{ŗ.%;��c0+���.n�bLܩ���+Bd1��G4Ҿ2$sȌ?�Oħ �P�&E3jwQa'FG*3�'"Σ^�ҞsHoT(�b��cl(�r944C�%~̬A>ăt+zg���aٴԊ~
Ta)bF�Ɯ�&5�]~��dra[87ޗ_�?L4^�z�},��&x`a]��ܖw�wsRb5\35�AI
τB!ӊf�]U8�K}XAļ�Xc�m߿t.{|6势߆��!o���אF`/|j}x����v>^q?� V+I�JN�4Y7S 9me�hĨ1R� 3z5@ev��;zߎ��g�#SJxC]660isl#v})JIKQK�W�bg�No
{-G�G|_�k@z{?ίZDoS ��|*Q3Dc(�ׇA����j�pzF�w?�ImqWq:�峊l�uݟ&=�] I�ɃFg.xm|vg
�WReμ�jsFgVdB:"9IhWy99cJ-51.JA0=X_Zm {JKoVbNܓY.ܐuXJd�ɺb�@~;-e�:dj�;_NJUmKqqqT�Nޫ�Gϻs%yy O�+Ms vI0Q�[��L؟d�� [`Gl[{Bjp�8F��k6
�lswn͂q3nu1Ғ4)y�O8�hD�td�6?�٬4#@b6;BW.@[��X�U)�\X|W>C2~M�M$�ZVYooAgi��o|�)�hM�i�Gl*($yЉhCS���d�ל�>ٿ�{���HZ5\v�WvAu�!�B5 '+"m� cƸv%CoS1�V'hL3[~QxpHBaɐTχ+"C%_��Y�HbGz8 ��"4<;�<�qt�Ŝ�9OCh+�K|�V
Z��w%u9F-Og(5
@@2}B�uQձg<>%VѳY0qxzo)�B7X ՟r��!Mdlw& Ȩ/x�_�ZQ�9/��Yɔ.$(jZ&�=ti3v|�/���f�ds)=&7߱�%;J#!�a z;݊J��pm�Bfҝ4d�0��3b�V=;[hZG#"j�R%K�aO0 )1i'�Z3��Oa:ۨ��K�
�B`!�ᯌϻѰ�Ig�
tv#곧 % �xn�rJIc�np;�U4;G9lL�]e��~ ~r��k;�wX)pD�y@r!"���nt�.��CzD ,$*R8QX/RCD"l�edxv5bJ �[�LR�(K�) �'I�3{�d�تZ'Cm�֜PAk.M]+1�eI~0
iN7Q/\n%0n s:$RnMR:vYB*Qo30ɞdHk#a,W[zfk�V�fReTr�uŏK삵Ц9@�d�Ԫ�Ōo0\,M58�Wв>R̥^�z;3P8Y85rkN%ܝH|34k�B{/[���o9�bsaOO?t7<;ʺFE�*{(7�aJ�Ɩĸ]iJ�Z��v0v?�rV�:,�tkjrUKJq��(���0cV�Q01{U˞7ŵ��yvK��xxi�y&G�ggTZd&E7mW~߆=]2Q7+3E^�Ԩl��
IB/~%6
~o7.dH͎�z0�?ىUF�'x��W�"PBTŷi����Jry2�ު!R�'���&e[i>�*ń !h>o7�Il�9%o%�dXo�$I�0_ElW>|T,�j$�*TS��V//c;>LlN�bYp��
�O�1�
�~(xђu�v1ѠF
B3"VmmG[��e3kڛcgZ��?/��c$W}�b|Us��W&1�\5�`� ���ޮ,{���_d�C-qX^N'HB^!8.tE�\tl|:�lMR�U~_[wy�'T=WR,1-� ʗIBaj�7M: 2r:!颤I($BJ�^G#=2f�}&,](\x�E!7ALÆ' ;>��ܓpl]%+�rj_905��(Vl�g57y@祺eҁ���uIyUP�1^�d':|}n�`;E;*H�O'�b�Rz����S�2m]#2sZ~�l[�S'#ĶY\ti(��;:yFa.;KpQH]ymKV4VM\gcr$?u`,VM4�5�b8&��oi7�H+ů�xF�vv�̂_dqNG6�7NmX̖2wP>��')̨�%BqzN�S�&�mc|�i�� /pS2�w..R|�3!*p_�W#3s�
#!Z_RʢyInZ�<�b�h�1�P>]v}T߰1]P䳯e}�~₮~�yJ'[GN/hdm,jBC(0}�7�
a_Tdn]'��y���TJ4��tn:�aI.91�L=a=Exv[o{j�ȼe�Mr15lD����4�z���ʂ�PHdBP�
֬H�(~
Թh�S[i%p�'�et��28�[D�{6�mP�UCU�r�j:S��]=ڸȑO�F�m6���#2��0_�N�)h
SCct� j7˦N Uʁ��flJ�˒�u��_I?v5�SΨߧ*3�mz
C��Y]�J|Oog}~�p-;0E^1�dAn&4�)K4��F�^Iàx�A=�
n�an�u^�&�p��E(vĭ{�o)�SX)8x��*a(�蕃ϵ.RF�V8@7C��MјM<��qw!N�
6)�EI���4'W-I�M
Z�H�~4�_�N-C5���ћ9�y(��AI*�X1ZID0M7aH|:Q>]͑*Yˤm)(�ge��Z*h|�_̀�Y8V�R,<4jETOyI��F1�Wn�Z8r�uVrc=�q)
�9s��,ݯ� #vx���FP�Fq4V[:iDٽV���/�9(hM���L@kTZ9�>"<|Iہ��m 8�M�ǿkF[X�f��'j,� nhj'N�RO�3lv`�B n)Z+Wl8h<3/\!9[)q�I#pjM6teY�I8����P^t^�%�e`��B?n�;�/;Ltʱ @l
gްdSjR8l4*{_:3�aƟC�g#O��
o<67%/R;b&]Z|e稴y�b f!HJ�0],!ŭ䈼�Ď(]_t��O7:�-5"
br�K��ـleG�=d�3[�BIb�țmaPMdoփLfy}��y=�PRA�HPq.��&A#L8*jӲK5`<^�:OxE�]N�}uu�Ƒ;�$�1XI"}Cq
N�*uRYNf89*B>,�;��8�lK季r�I'yZ?�&vu'�LoV��u
:IDx�䋦/c�{.>٨Y�"�XO{ ��9��2X� mv�%:ٗOAA[$TW楔y��aj@>K*:FYN���$z�
�AGZ��Q﹡G��V!e�{v�=+j�
�\�Zs�;[}ꣂW&�kTjkpK�hW9<"ҟ�;Ig/�+E�?�y�YOw�W)'iYN��Î/%���Ht&[ ?,IgbMR��o�Ϛ�G9&_D�?y7Xj�Iٗh&JRK0.o%ue<�&� G�hm't?�āV�DeAD� Ibd"�K�UtuOaN_�@eB[#r���)zbl/gE�uÏgxON)-�*\}.�B"�W8�P
l�)pw="YwaJH1{i醙�A] )G"<4=ӌr J�w'<6P��N)>�p]r{䁏
C�'%4qU�Y۪�ZwEQ�:<~3y"g8� qK|x�G߲+���b�߬f }�Q~ݝgZ#D땎V"MbU�U]�Z��6�@2ź͏yF ��?�Ηv`Ku
d�G�3;':�, IP;)=�,t m=Of{L%(%lv��gbІDP�8"k�*Xj*w%[[u{m�e�kQC- ~{��|4���Q;;`7%*�4Q��yg&6ވ/&x2Qy<��P(bʉȍ1oC
g��7[mW0�2O���cQ-2�2VD�,>##Yc7��أ�-gQ���ECZ+Gt�䯦�ky1wp"{Ү/e XW7�ЁԈ:�Р"O&b� fQԝd59�:mvP2�)rP�ɜ�=�|�-�K�`%8v
��Cj: �I�KZ2ڻ"\x'�
�60 ̈U��ۮ\R�r��n�Q>jo@p�avf�x@GKadR�j�G�蹺~Rɫnn
��s$@*-;>�ƶ.�XAraAg_u�kka��l/ˋV:B�x�,d*.�;D4I�1<_�SIyŮOZ"ع�ZOV,pbo!o8b%26&;�flY٣C��]~|LqX3?� �J.�83y H�Mj4*kН@�oCYUsNtvg)ˣ�:�]Oxa)zJpa�1ì;jNw�Y#Ϧ%ˍ��ʯj]��?Vw9_��^L�7)HJ��@Hf@T9w.7�Is0�S0����E8@W!LDU籟iBKoRۦPrvL_%)K*4ǔO:]
]��γlI*�~D�a�!d$�֕7w@Z'-B�o"aѧ{%Ǹ�_V�rbpҲ'�U&ZQ�kapo�|
u��_zT`U]>�2!4 ٘�6�b��h�ۂ䮳OB(=2T=c�&*$ jFݟ~.P�o aR}9(v�Rod�I/23ׯ(P,霫�U"lƄQ-8��a=��p:i%�- Z/H)�<`bZ%�R��pm
_�**$�`�pՑzl.s��D-L��
v�2S1hK�-H�2H�d6S=P�L/�%iuX�*+wED�Ӳ}�6as4���77� E��ljmkURQ�"pY�˕A)zWv~̈"6ō8ΟetQ�6kHxvX��v�Y|~b��[� r#d*VB�"�Zt$G?�^W�
��[xwWɹ Xrdi
}wO)yKXf�4wG&wC{qr�f;KtmL+<&0?�F�D�I��nxVRMМ57̊�d&eJB�jS?/ MY> $�_��g3=LH�)@+Dk}�R4W�$A"*~p䅅I#'W/]
Ŝ#1lŝUOuX�k%wjv�pau<�$d`3~0��{:D7�T,dj�DŽʍ�;�,?z�m+�T7qY{zKQ�Ov�K{3~¿ǫ�Rkk��<Ƞ@�5 �jѫ9i�1�DQɺ�N*��0F9� >ZF)^ _��`��aEDXrK�-VfVfi-WxI@8aOA�d�(RIYjf)7!(K�|vz�P[�v/"H5UH�zK�]�jS
zAL �w]
]-��̖o�3�QDߥ6k$,T3nI�?OIޔB*{S
C]A�L�V*>��uUK04��l�IC7=�v�JȉREOSA1@b|��X��;N�/+1;s"su Gg�4x{Xw �&t+wK/s}�S�TEZI�c!ÌMPuq�~ă�h]o$4s%.ŗ�5W�w3$\,O0F�[�PKj*utETh�`,V�W^5Zuv��@z�>w.Mjx�/L1[5��-z�{�!%�ܞ9SˎӴzhƖg�+(��{8]Fs>*�T ڝeq&PGzpN�!?NSf�Ҕg����`81K,13X>h8Г�+ D@b-b&&'7FA�$s(��[iΟt?�_F�ķGc���*AIpFWJ.���{gM(s�hח(j}I<"eV�U^
TR@}v�u$H�-pNb�|�*Q3Ue(�Mqb:9#�{Pxub`�J:�D�7é;Sݮ8�%UK�쒢S2lJPF% #��� �V�4�Aj,T:qW0 �GnZ~QQj8V[SY���1�k0nԴ�l`�),,~ڲ"u��?s@�`1ws5($0=O��e�,j,�̪Qk�Fm1GXKe��lG6��gfH�|ZyZ��WS %֫/1(j":NFwV�dVb ml�@V�+@2la֤�\b�:\v(1�_UiL}Nc+.�rX�_'#V\
́k��:�^Qs푮ͭǒ�FM�۲hQu8�W�oLp�_�PXzXQmލ�e\
{6KY4Έm
,>;E=9`��FM'H�m�h�SC/utbS�P+?)F Ω|28=?AԖ*�*7`#�LKV#̧sAA:B�OA#ͣ`�
Oz�̚�K4q#q �e`~ANWc)1y@<]
t_��e9o86"
�[Tw4$o�iْw-d0&Uҥ�:|/wqx-�QN�υEx7 QIyS<�'Ʌ,SFI*
�C+;x2:{�ә.#wU�_�vdi�훏xd"Q0?R0�)|f�'�'�C6�|�1�c}�����>z=�NGٲef�[\
<9k�-)R'V�i�%b,>!缑@:[T.wk(k�y�!w2R̈́�s�w@؇K�̴�mJFHP�c�Ze4[;&ʎJʽ34mt91S{z�`YX9�CZId
�*g =i�\B�I�s�/Tftf%���d9 ȇ �[Ml/�o�->Za�.ĚR�3�V<Ë0J̴�}y%#Fè�s(|d)l{`R��"Rh])8UiQI��8 k%&7%Tpghkv[ZQ/�S�U�SYSڼ�+g_C&{d}s'A":V=?Jh��Lev�&�܋9�
d2�g���\ʐ&�P(*;�uK#8uP?{,��,d`r�*���嗝Pa8_qK�p�ϪsGLpÓܵdufܽip؈�t95W�?�m̕nՅ1Ư�*hLC�;eq>Uo|.3TQ��/2\���X"$ B`wi&m>w,&VZ]�gԚt1)nۡ4_2[kAc%�!�T=�U^F�Zϔ8G|e2`�hyvg``�J1=G1K\3Lpo*wTFljNbV
�IW��l�v\�
,H9^6UF^N0ljو�B�_+tglC�$jO-�oE�ԅpeo3Os�V �տ4~r"{@��b��bey�OgGb�G�=UZbV"m
O2[֎�)Zm �Ğ_4�H�
ʴ�)i!f&(?BН0�]He� �x@qddk�I#�nh _ȭP_`C�>Yy�"�@Y4'DFB`a}~Io;!jv0�H�i
Xev&6�e}tg� *%�vEl��gWч$ˤi��*L�+Z31?jW�>t�Eg>��Fl K�Ӆ'Gom_^2�F%v�16xS6*�k{ anI��P/�,O9-MX@!�Z-w7y$b
˛�6OS�Uy̔ݷFIrג?�0#�x;$�4>ٶ_w3kJl�7V)Ɓ8}ȧӏk2tL
PC^X�v9z4eh��B2`"؎e]2a�=� r4��ט@cű-6R�ʅJ;R4e�v9ETf �*M' �/d@L0_*��']ܟZ�5�Kq8'�76��7VdC+(-n09��S��:(j{�\XOӣF|0�Ă�
kN6�e{BRuzG!jwm��.zmL�^MwtG-RWL5�5]Ia #kk4'V��c)^nzgR 8H4:%^Q;v^\Y�?S*m��P7?�i��oqe1�"p[�hYq+U(�o"6Ir�e��7^%�6�w`k*)�I!��a{\ Hά$�)��N@g�ݬJQU0�hG|�<]IH[_)!6�,UMC.� /(�h(>ײ0/:~�_ՒN�-p�+2=wNvvl3�CdZYQn7>K�2�F�\6bY����ɨObt�z5�u�j�vpi!h�~IaՉ:.x)mEz���H�>4px��6�NL0��bCtJܚ4v^d(]J }?��qGŲKv@-cEQB���G%Gm ~)U�=��a~��CņaǦ˝�:7C�lpq�{�w�KѹF�>�[Q�*h .ʘ�+vu�!��@��L~ţjNjxxyds�ԇׁ̛h�۩b�;ؗuӛ�(.�lSX%g�}s~
J@3
uSޒPh�c~o�ACUo_(*URG{Ri](Rb(Rn�$ [�{CVb߈�)/4*
�8H-O%I�3X{!&3MYw�ќ��J�i<&;M}���H+X،�x
^xFrwȊt",C�W��mħf[%ˀa~x.M9L@"id˶vwb�O?M@&Q:�ZwSh�n_/�tgV&.�GGHoV�9)^h#I\3�L�ƨ �]���´输|vLn/�9�~d�%|[��.!�^Kf�Wߵ�=o�κ�-�훡�Wa``"N4P�~o�d&)Pl�F� N7':c�=�\[6Mc�P)X�'6KWt^3Ml T!o�G�ϿvIݚF�څf2��KPE87.|gbR#p;F!��f 38m)!o�,��XI�Q�Ҭ�'�g15!tގ�B� nd<)CF3DMΩSH
2E�9BKu ЧK\Ĵ�Qo� �XajӺ2?10
߱;F�W?�lw(P[fǥ3�{S95y_6g��́ ?M*lZ#ӞW�Ă�\mLϠ�J;w�O8;m+pb'j@p؍�"h�"�!eׯW3rA��jXfchV},�^8KQ6ke��B㿶�SֵT1f�i�:[[
�n+|=�(C2DR7��|?;##\Wo7VN4'k>ߺm��mK%�qN}ZR/#��#)4�lu͉MA.��Y��1=�Q.Z_24l�ځ}I��3K�mw^̙:t''#Z9�8G�a.V�r�n�ͺ_zߏÝK<*]UE���~Tu�D�0�Qs9$ȿ:xr-8&#K�&L;)Ԓ*|�uk&!D�'K�6z-�,Ɋ�H*��*QM?
a(��bV?S|?)(��B��f�H N;V!t) &Ge# �Tdk
"=�^5g��HPg\'Q
�DJYwٺ�?�w橄�DsJPJ4�`�*ڊO�)�e筰g�q!oWlZ䮍�J֧Lj�A�>Gr'½`tPvZX%�"e�琸
�U+�(45Ey��|\20gxƭnWhDYm�(xJ*�``s�?]�CL�x:fYS
Zz5��g1N(j(bh
�l]ص4_v)|��X6r($N)�y5DXsޭ{ܬxvϘ qQBu��BR_YrC`8 ΗAr����Q.�~KZ�|�Ӑjdk�Јwy
m=r5�Oiq&2+��R^kN6h;£1Ϸ~ ;/&$]��YpA���9`YY=��]8\4yǡBl�TTXp7&8ʒԸp([9{>�G`<ރFy�d�DUL�F;��nyc*��YgkG9-hZ-*&I�=�-��*w\.�7�@�,pJG"L[V�w)u*Bo�5oEOj�Us�#>]Hѿ|kB}K8DGVG=&W� 3L�o'|[:���X�d�UN�݇)Uʐ03l#Pv$$Uz;[XM�aVȅN�#܄.ig/��
ɉ?�-$&�8,>A̕~�91.!�
�5;b_33m� p]
�.yG)ey(bU�+�֛L:t�{pWg�q�N^c9���s�z_a!N[]:�#az)?�'��6pV�Kv�\CT!�ٍ&gre;���̊ʎU�l�f�y`p��q#:<����C%t|-!)MI$��~#ʉ s�9ҰߗQA
OՕ-Z�`0'14N$ٷCF`dK.Z�M/<=5�7~B[Bax83+s�&FO d�li
Ygqx݈]"ugrFg�gcG�tlj˄"�ټ_c#��zCg�kuOV_Y@{x��i;�PgJ<ؽ�yA|ʴ��9k,&B(�a>{�!��Q�&�\4UR&�(�(dpe�Z�
d�L�1Y=4M�n/KG(����aTql��:wp|^��q�װ�P�9Chd('6ςϢcB #8Fʩa��Gԍ�♝UYѶ�0Cb9!Pl�#P��@dV[�� j�$�h�Ts@��)2BIEF͵ji0]ߢ-�w+��%Ç,±�B��}TO 0ё��AJR�a6l!��Ǒ9f4j?V$gNw/p�
[&\禥'�~m��}�A�
M|/����Z|`b�
y@8�pzKFNF�bmٖ[0�K*W6H$~?{6ُ�,JO�l
Jf#Krnm��ӖP}DT����Dk8j�2u�)`OMosz��JĿQ}p>��Kx<ۙ4+r?0)#�]|CQJd[4m{8NGMȰ\q�h�x9��@QX)>fi:|�#iC��nnw�x%z3?ߔUt�Ĺj8b`�.KjI^yL�,I�Y�ڝ�"�#"Ak~vyz^Q
s
ZVMc�#�}�ѯH}Cբ��w<�å�ɺ:ZV瑒.iF-Z�k��f(k"VRۍ�܉e|9UVvu5){ߑG{v��pP`"ZRTȁ_aP�7.��JZ^f�!B�'�ϐ��b�V]<>��9D3opR/�n_F%��fQ�#�(���;=ZX7RT;F0Fov0 ?dOx2ڎ}�*�Z.%j=j+�ǟ�tLN �L���2��Q~�ܰLİ`@0g6G�2(��c�Ll-A�qȾ�_ʘdZ�w
kvfQ(�I�D#MgiO\�G�zG�ANc[v�e{v{�-Lacm{j`��D�/��μ�LO$Kg�u���}ά21��=N�bv[+Js�W.e�� k��;~�?i
֊VT~�g?4|w�_{��BǨVWέt��r۟ T�[!UW0pۀz�pWW���UdK
d�dZi]#�|'��kaf�RO�IU4N~G˓�
מI2lk65;�p�tj6�z��۠{��yaY�@�Rjw-ES�)D�^0 a,p�o}F1w@""%�tU*H1Sr1?Do{,1�)X.o[��3ٗk6 ��F̯>i#N<Ȩ�[_�h;(.ZbH͏SW'>6�xOv�U,?o�1w0w1fGoa�v��=Ҙ )whEsg8.�H\3�>֊ʨJ5]I��I-qJ/rc)
8I ZK
' �y�;�*~�^���՚��Nc�G\>؎WW9L�|�
�~?aUu�7\�+9-,zu[lm�\率�_{y|�Z^jAVm"� �ouG}B^�4S-�X�H`W;Z/q|K|UO#[j!$5*K|+FIh^MxAE';%sS\P�w�L�f[
hiaē&!R�=%%G}F�wud?VʌooM�O�]*%Tdrk`NWwBH6�c N�g.'%{*3'ڟ6~7���=Q1ӯ%S5i��Y?)��iH�
-`Ve%�b"'�\eKo�Ƈu;7fJril�/"D;"�n���mp�ao=2ֵ_XkDzkYHAi
tdo*ﲅAC�BUy�dQ`��ΐ�%W1h6EfW"j��=*Shx�%D0Wq�-}<�K��n%_E={wJb[ �x)Pcd��
�3Kӧy :�ς-%fZlQO
�V m>�3^7""S0Fp}}9�ߢ��c1XKKU�1+VT9i?H �a[F~gS8և8iZD
$C߷�&Tmyw��wQͥd-X+KC[ˠx*89C�ʖ&SՑo6sʅ>E;[Hظz~T+φ^bJB�=ĠJ2no�v>J++EV�z%XvXjtWF`纛l�U.~s�u�C3�U~,���
$4�a�WQ�rR)Թ�+WN�X�L4\�?,mόU�$t�v�EM M�ӁЉ�5D𩊄�U�jU�N;7�%|&yK7>�Λ)֏���vZ?O�:�wC!-$N|pߟ�Wf�o �#CHZ
g���'�e�7MH��0E}c~��)Gm5J7#"HIn:wnG��^SوR+lt�IK߄B��L)fJ����9SJmb&yC����L
S� IF^m��'T)<��,{VPh5aT%u�Xˉj�yƹ��nTO7���H.\D�Z&��n,)%FA�=�G1=S+�bx}yK�-,/x&.TFVڔa&n%Tbޢi!7vM3+}c5-qR#ffmYu7��N(�CAځhI�H(PPz3vsZS3��$*AfG
iZOvfv*ᥥ}V�TdE$6��N�Xqhͣ�Ĭ=[&ZW$6k�z RDڰW̖MV�ps?="�;F,O]f�|E% X|,z�ݱ�
=Aypi�" ds�̼~oƢG�n'F?= A�s�6{`6llU� '�Y^)3X�A��z�m`Ϧ)
9Y�jBPUf):��?�+�)e/:���IػZ�w;"�o4�UYB 憮~�fOe�w��Rᄏ aU&�^vJVM֏0H'�4e�CK2Ot�0�?HZ.`ǃLQƕɂ
nՂ�C��`v1�.�Hܾ+A�7�
/]ꋻ
ܥHTj�SlN+�f{`�yױ'!(Q`۔��L$��ֶ߯opQsyn�Lk�E.U>F4n,BAYLz bpҗN:KC~N�P)�C]1XB��Rn�U22DH3S
IjAy!*�q!!#u`e�Rg:T[>ۘB�(e"j'
)=�==/�SZo�W(k4־�]!T��/@4kmuI�3)bN{\�s;�*Qm�Jo�M˼_�_�[:z4\[E%�� 1h])?B�*v$v�o[r�Mfj_z ]�NraCA1*b"�|~EG幑`J]+Ȩ�CVv0 "=[�\hngr,Iv�k)�3͂P´7qo>#AE��̆u1]��G
A:~��V�bm7F~
Jr63[np-l�so�^�-N�pJ�dS$�+$-S�欅V�mތt
k�0w
��#� �!??^i�p叻bv`.Z^ :Aι8�;@ND�ԃ�>_l,x~[`0=�/E�F\/q!$P��jj�1Z2��GQي~D㚉a�oʋhhl�x%E4�CZUZ�> .GOM+lF�ѲgS@>wSAͧ5m9~xr(ܬU�O&`\R~ndZn�L H�d8\Mj܋Aa��]z
uɺ��,_*+A�#�$5ފ��D75)�B�z��̽S�|WZv倫aCQ�TC�eF&b[�Q�W_R�&8sw7֦iv3?HmeN��Hm^@,��9֏4$mwc!e6�7R�L�*�7;-{�8̩D�HF)>j꿈,E}&&S֪eDJ+֢QXfr#K{h'`�R�dOVT岭ޗ*M9\?
�"#l�SXO#9hו牛HέB9-zmݐ
74C�Aa�7!�Z4T�pw-%=!m~װ&�=T���69i4aT.�g�5x�ζ8,����XH5��r�=&r��L�F_<�Zlv>@_DNv} #,�f ]dxRUIC.2b;<��EJ�gw�E"�=�y��6e|۽T�PVh'Rᡀ��>mT����a͓>��'F܀i`�LqN�|
'puN),VXetQ�6DQ̒�F"y,
_^��-}W,n 6���sr
�$~�uSC+-kh]�Ʒ5gQsw�筝ެNr iҕ��~*79o@*%E�t/|c4;TJ�̎59+j.3_{>`ע��giXz�@�['[8/-
rM{=Ы��T:FB�ј-**>-�W;��1{=�یq}00=▫zEزq8�Q�BoUL
�QV� :GS|it@qŧK�#lD;Bטy9KW�yO:q�
:iIrۓ�;D�# s.8z{�8o�H�oz��+pXm��;p�oN�|}OSȷ&s]x��isiS8Ҙ/#l?V$:wPA?.83o3E��.y"QqDuHŪ/U;GOʯrL.'!Z*,V
S��&�!b_K_+�<3�L @�%E�}v!b 3T��K�
9Cq2hHyg!#dҼ3�c a��N̖
�ed{�
&%0J���p5;FtA=@0¦*\"~fP�x�ğ�9;c!C�RfRfk.7tBS.�jj�>/kzfvʼ�gKd��PFdVX˲N*vTFhb]�1DPfj�4F$?r�L{ls`BNhYIǤSq`�r�0+ǞIa{}ľ(z�`N"jNxOa h�7
�%0= � :R�ݐK
Ǫ%g] gB�� RH�7�b�>@0vJWpܱuks4خU2d46>�b=ZmS�a <@�cijdChr��b8vr e�r/���3/ɷ!PwD
5??C)r�q J(�?-p(_OժL-Wܻ% y�>Ѣq;փc�Y}"1xpc ��&&i5
�p5 �fC{_3b~5�̖gE��!횂d@Wg+Ɋ˳і=BLlxf)\�/D!\1B��ϰ�E�Q��؉Q��JvأYt;\d�sE}D*#Fz�JY:�(Ω2[�MU>
�L�z4V�˦a3�&ضțy
Ol��v(o�S�M~d�CơI\�+1I$�9��R��FX��MJ�J��}u8V�2YA;X~*�@yR ��+�(9g �����D���?L��!c�N3�3w� q*y��kw�VTW�-Zs,.(m��s�a�$��t2rjhQe9҅?蝴/u>&�85q'Ž�sO/Qd|J%Q��З<=ykPm�m^��_7V+MX}�V':W?ٯ]!$.�$r@8<%IN"%<�}�7Ɲ�A y˷da{̞=v�w�#:�#KB]%@�Ԭȇ_%�.Њb�.�lKA�Lb���|~m�,+_�L~yb�wvՑ~&G;t`䂚!A6�q9<��ADJ�t;͐:�n�"&�"&~I.zμ�Է9XQ�,G�sV?�(�D[LSP43"G�/ęݫo*ٯ�gÆ\^P�:-̸D<+hY]QgcW �Cc0�6�s�9gEIp�UNI{n=l%Ct>[8\qӯMcػ`Sk*�"wF[ܪeJ�>lo�\H�O/[{=�m
�ry"ȦTmAE|N.f(}',kI�c�bR*CA&3,;�CT o�J[n�2)/Hq^l�j=�S��;b!3�ԏd�f4/7h�P�,wEv�~�I�˻sS�s_ d�,{({��5f��&5l;s�Ųkl�Gβ])WJހ$U9$ؿ^i}>uH xR�p[�Y_�X�ߏ�&*ͨ)<�G�B�K/lF�i�k^Χ�ߊ'%a3U)c0>jγa5*|f13:�F�q(L;8<ú3*9&i3[*#�+M
!v6?wѥ:�+$З)X$D�'>)Oq�yp®IF",8�.{�jrk�q��/��W2P'X1Z-�Rv��Sh8�o~YɎ,??�-@p�Haԭ?O8Gx�V[
!�t?�$!yZX@���s6<(�D�$ 5�}�
^uhChE,ul,�V�{0v$S��Wb96Kٷ���+߆h1�t�Y�k[2�ǰ3 �˲�H�N~j�0l��_}RIJ�~D`-;o
*i9O�z�˴POy(P1@)�]5�Jgr_c:sTt[�x�tqeC�H
{FG/-ҀAeL1D�)qU&��X�\;#�YOߝ-_3FlLaEȬ�Ύ|oZu$+6G
,}]�:TKBvX-G��u�GO-.'V�����9�orf7HFP70c=zgXCwYU��%@;'efM#��>M���Cv�n֊�-�◪/��!�aep�!vnE*ȣu�6Eμ?qbEYk֞�7'^<�y��8lxg_+쯧ɺx@�P���eHc�G=|a{0�ﬔ�-)"S�-"�C]�d
IC_
CW[CCi$8$6;�Ly-�#�l]]�`S.{a�w@
f
ֽr�� 0?�n啃�g+Z����TAΞI��$�,~�ˋyS4҂CN�r�r^UJ>PmMLO7Q�,�I��/55|f�z�WK�%Z�l6��QP;Y_6P��K@f��e3�0]:�h�H=,L䧰~/ڌg��kr%x�ӧu<(ɋc�o3rkM�A"*-[tJr/G�tq5I�qW94��j�yח��&=P<{bƔX`'4��px8�"z��M� T[_�_:Ĭ9窉@#
�|9>��GTzLƬ,pHNZ7jtli,�C�`�9m�L
]OpH~0 SG��g4p�?YGH�p�}j�IKWҵ��r�q/
B� �t\/и�/q.B$n,���m
JNG �W���$Nh
i^Os:�(ɂ :IԻ۩,Pz"5�Nj(�ٴi)�X2._`@',h,&
Ϥ9]��3&P�\%�Kk"*!>bʒu*ӌı
lTlf3
wFuEmuԤ5`0✘ -4mlS;�ԔAW8�Y}@ߚ�����Et� �˒��!D nx 3�Y]�+�c�,sf,))DAQLЋ3Y|Vy}�`UM�X(��(�xԖ�|JB4:F8`�^]w�!�·nzX��}bC�Gqɽ.^eq4yʏIP<"�5熳ktU.'�F^
�b\ :�X~�1h�#i��2Ƹ9 鱼.{%-CyV[auKE}]�b_{.^W U�_wL$�CT}0\DJӍ&�ގݗ lv�;�|b518nl�%0fٷz�~onTJ\K@V���Hw�趜j۲aNuM�34l�h�0�~I7lGH;]Z+�)ntq9�(0x y�GUO{*LκF��!k$��1�͑zty�{Ď�Êl醼Ju:�-Hgt�K�Evv4 >@kfm�&TI*����8Y})�z=;"�ۿZ��[>�[�[
b��l�n=$B\#ɪ"K-;oSX/�Ǜ�1�2H��Y�[c�?̄dSi��y,�ջ`@�9If�X6̈́�o��jKuwR�L*=Ed+U=|G�fIgA5bV{'rm
ۻ)O6�vI\q] ;/P*̺H% GJ�U+�mʸ J.$mn�(+r|�+
i�n1Dv ��Hpdlu!$@t)u~�/}E+[(ј94M��W��匵Ny3Þ@��Y.rUc-r0T�.O]ޔ*sn'�Gg#|mU�"�2��}�H~]㶬(j�hd+)k�bb eDv��%Z�&BO�`Lf_q%�~*Q.yj_d\?kB=҃pm�4�3$Wu>PE9(��`rm3Âб+V ܉6ײ#9g��^.$|VaVE2>)ɴ {U=L�Bh`�ܙִ�%(Ƚ[�X5%e ]HBn�xó��NS��yG��tk�9+қ=N6r� �|w(�v�H��e)G8�cS�;(bs8hM[(0�l(Ww_�cϼ��Uz&�1�
[F~�=Vw��4R||>Qb2)}
:Ī��?B0�"�-6U-R
=[&��i6RQpU;��?�Z}ŌTWDFM7-Fx�ch�Sa�f{�߹�
4M?`iC8�ofc�t��Px$^e��!A/۾�c�z�t@vm#�Aldd}�:�qS:�+l�CDu[
~�ú[g;PO�{2\�.Ϫ'Rt^oR�MX+5HN��Ega'J
Q5c,; ^;iW�М�hҩ1�ީǒUV�}�n�y�1a��|�Q�
)�2#��HH
�61.Y���=4nߤ%'9'' =�!(�:�mx�/]M-�#7*挍�T`�z~l̒$BzI�~��͔m)i��f3��!P_�V;̵U?9/6P�DK$Z5-��"RYd]=\J5v��6[~$}RK[��*�D;S騸N�L�l0\�!_E&`m
�O�_Iݙq:uطt�5w| � $v#�<���=�"_K �M�S>,nH�'Y
��jB>Sof����Z:^Cyi�jA8BcTyB+u]++-X�|md��YI�rPyoU�㓾�Bc3g)�˳>hu��"#k%e_G\͛@���C��
�:� dO'0X}i�ׅC]A.��F�MK rf4e9te+Hzi_"d� ,*�-^da�E�/ s�W?YTX�$ a�5;-jX�`8"6L{7!g @�Ŵ
X�W|iy1J4@9c�$롫d'�'�m[X!ڥv� i.ZE �+~BR&G1߀ÚdK�MZ/Dsv�fo}�;
;I�.{@-=m�H/o銒�"ָzB�S3ʽ-گ�c��b3h[fo3mi��rK�7ؒ{k�e\5i��wn)/�
a,AX��DžSpHY�'aī�`Cd9ӞDEk=FO"@5'O��E?_8[��N:e5IZ�gbxx�lUX ��`ILL�Cr�P|Aȫ,Pݩvh6%�
*UlMzrB( _��[��"D� 34r^dwȳbC�Cb*\�5�h=ʂ��[j�)�ǡ�m�/FC�1Eicr%$$�lC�%cR *�/9bY5�3)֤~fUH�ZyI�1dP,�Z�i_k�SQNl�8a6�
��W|rpZ�I�jl��ۍO"̞їFn
u} ��in:za"�"6VQP@�/ө6SVP�,�e!�D^LC�pvI)>�T%Jx�*G�[٣%ij#GP7�dݚe&�B|��
hA*s��
/AcS6S^`S\۞+R�?�ꓞP@d5�lӵ,W�;>=Xvvc����
�NOb{6j!W�θ6j8JjuՈ�(_rR\PY�Oϖ>%=W&IG�fXó_f�Fy(+lv5sD>뿌=t>އ�1�JlLV9+9'+!ɥ3y&6&Fo\|~m �06t53"fv]�+�C#zڏh eMF�SZ*2u=Y
�I+�,t
?`+wXpTn̑:_bU\5���2nt�Րh
p\.�pnoXRsoHOR"<�アl)!T}�NPP~�^ԣ:VG+KC�kD$dqIUdr#L24>�cä_f�K=K_xױQY[$4jj+Ydo� p�2(X~�c(ѭ-&w�6I= �CHh/IyO�z��Ḷ�u[X�\�z1q#V�Vv$pPyƛ?
KEw�BaUS�K.��i��"WĨ͉~��>/"G �*4ž3?RF���紎�/>�2@:LUce8V�洁,4w
;܂)o}0cw� 9敢u= -��Nq'֪-��
A�g���ybii�Z}5�QW /p�d��!�$�qA��(rL{Xm-ؒĤ%1�],
U?BOW-f<`b�v��¢
ŝi�);T@Æ0f��/LQL9��>l$�>�U-�yBE?Zk~~m-0p�e�=�y�p0�p�F⧷r']oXtw
�QW[^`.fx�-l
�&JK����ܙ1!s5m�E f�]}DLR�#\-u�^�@CFyG�bxCC^KrM5N�ؓi�VD�4zIF�q75F^kjjxFO&!t5�C߯}DhQ�nvJuy
3�{E]E�QTEsK�Op�vbz.M[{X42o0QG��zxW߰\D_=h�̃�4JAEM18
Rʴ7i�7Go\G�R#�Gˏ��rƳAn�/ȝF�ﮃԯaPj"w���ϒr5�껩pv�\%9�:��eb]<7×qA-N߂* ! #O*USR$}dgJ6ZtYx�|v,<[g�j7R�Z��y�M8r]1ˍқ�M[�W�݆x+]XZ�h|iQ
oq!eB�s!b�/A�}NE
.\9�1�v�w/�
^�B�sh�a��y<Ȕ�6Ve�²�U-hBʕ�hJ~h{]:/u}
�σ+mL/o�T�gyKd|z0ٌ3��&V`ɘ��iGOb�Ie�C9a2滤ү���Հ a�O#�ծ}�pS5IsR-d%[�B�BR_�wvPy)͋��m��}�lks0Ɋ08̱[w�mbA`*u�aȘ��Sc��~�Pѿ� 2/��vu���m��&i�6Vm'Q+jBI�7'��I���$HtnM<֜K �_�?��.;ꮿ �G JCXκ|�0��]2ϞЁQ�H�
\���ӮRuİ�;R
�45ٿ٨Z�k
I`,M_\2�k�F1T�9�6\\�?zH"E%U�PWs�~�.*ê�L0�<�6E�F`B/C���2�-)�e=i|.xA_N=�2yF�v�O0cՇû
xyT�J KGij�!hb*xl�rZŌYԯp<
=]΅�FҊ~(u.
#
U�㼱y�HĊ�/%L+0\ITzҧzMFAb{Vwv?��㽕=G�vGQq /W�PE8(�yX!SA
Зq0N+��Jlo[F�A3�d_y7{�DJm ^;@}tTEF _̈*NtXr�3�Kk A*�8;eNzbEs ,wH>$�hM�ND� c$�aA�2U"M`qI3_�2��[r>jÂSRw��류O�Ё�p�]f_/L+-1m��l"x!Bw��~D� &0+V'8{0/x2o�"؞|j[wu\^R(a�L���§>1��#9ǮEҧ 'cHO(MXں҅aiS}5E�FpVq5G�FP0#�rz9,�UcdsΗC䮱im&2JJ�BX�Cb1m?|5`km0����BD8dK)�r6L�Hϩm;Ÿ\ƒΒ�zq\I��a�Ӊ�φ;�#o�;��
TZ lJ�33j}a[T.
b43�q]CY"=�X̺h??l!�V,pr%7\ڀ�VIP*|¥
��A�B�V�|�W'����RK#J��kp50�OO%ܥ"u#,�lR_DZN|Α�$;i(taTIf9/)Sp ˖U�荎2VQv�?al#!�k!%8�}�kwX[�knS#ǪvX?~4T+N7uwcYZK"Ox{=*lh��$�kֈ}{Z6\
لF"3b\u�'3eC�J*�z=�ڙ�]^zM >�`�MN�gV{�Y�d��x0D*)i'!E!퇐@��4��f#NT8ϴd-йv��//5�f-uC},\?i��pLe��f�y�"�O���a,L6�[kdj+ucl��� ԟ�bSJo}T�͖1k/^˄ �&WD]VP*?4Z�+8tÜ2B�ҋCxqp��Q�g�H`nލ9ve�<2eS�CU~Ԛ9F*;/V]E6��6�"�d`CR͆cQ�f]`m|X6"-η9�kJl5k{�lݞ͆?|g3Ԯy̚m}��k�PIG�(�>.(U(HrSI�4f�-~�w;IR>pSr8?�E�D%m:\xPcDCp0̏Y#!�o6�2�*��5e< R*IT/U1>j���ctzGn�~�T�k�1F
"�jd06^%�Nd>wТiLKӊ�
[��ta�XnΚ=i$w@=�?x:�(
��ϑB
>#�Ȑ�E�ԃ4Ip@?�(5PUO��?4R�'�V��gF�k5HTSv�kW?sD-><���w+2V�l|YZ��OM�f1b"W#�ʑS7,0hEEʦ�Elrc,=+X}0kJ�>/��JC3��b�,S}7d(P�:o�ȄbONj�4|!D£^q�1
:Hꗑ i�q!YG�!f4eO�Ah
id?Ԃok�3�l���#�3i@n>��5�jyH�nt\Ci3!J9|9$9a%�}"=�PvA~71�>c5>T6�3m�>�=Q�VϼBA%}gȰ#C6jEgeܙwX+�(C'o,G4E���W ~V-�)Lʇ��]G+Q-ƫ�ǩ尼�y@�oKA�/o�B�J&P_S9W|�zH����Dhq�A:xXۮcOqZFK�o;9�f�]YDlq�sx���Yʶ�bk4�-n��C
Te,bE#5k�l#N�t���/�m;�"9�7Z�j#GI�C�g̿(!];S#Ϭp��r#D+f�~MPy:?d�&!}Z�C'���RH
�K�
�r0��-��RQ��\4䯃9*{)��$Ʒ\ʘ�g�jA�GnO>*z1p5aPusN <6FˏKV̥1e�0~���!�"KYƌ]+�]y*VOtrQ�BcmJ?tğ�o..ns/�|�c��{]v\[$6EY?Mn1�Wyҡ6DkϖZn>_2Z,Z�˦�dJy>�E`zp�p��ӡGEN2Nf�G?TT�z�SG|M|lOɼ1e]ӽֆQWӪN'/DU�\8� \J�l3�)jd��Io�i�CrZ~�H�udO�܆5�[YXdׅun�zSd.[*ujA&@g=RB��kox�+EĖ ߢ1oJn6�xZ7U0�u�,
oH>YK/d�gnmfqGdnLu�#�o�kmGj�Ǯ�$�_{Uu��UMlF�12 F���H*Ԉ8@|B8� >s�4� {K��]tn�'y�u�?=`qF�BVFd64� oP_Ale�;># ȽT�:^yF�&р _ˋD�iBt諁@2�=�{�6r'�EG-��[e/ڟSJ�S\ڤ��)il�v8^�*lsUJ�oeL+;\KGL$�8ؙpg�@��k{LK�#�WD5��Eʗ'�ҍ,u$fZ2]=0swhcZi5l�ظ)�"o
Nxn�ޣ;C+i~ܞ;�?e:����h�@cmR�!b>g��3G)*DΩl|be�<]_>�5��[ (r \}Q�[g��?�k[օs0v�Lklx`).AηdE|aw�bVQǞ<��^#�:Ll�X�ǚ�%[Ca !�u=t%��HU1C2q=M`Zej}bbW| }2Vz^@USY(*6ʵ�
g�ZIp�NGu�R3ob�IZljr{pz@9/�u�9��g�*��z7.ǬdN�\L*���ހ�v�eu'�`{|r6!Z&"�S�4-�nIOC,pϵc7=+
o#ٚY@c�% �m"�{ M)x@���nCê)��Xph\GӜ��WL� wWl}C[n0ʪlq��|�PH��pϯS6ުȩ6E���y{c
Ϲ]�WY��42��uBPX!kGZ�E�C&`կ�Bz=yfҡ�_
HXc�9N,9�-q%hۦ"`)K?bXV}9*/�qױ�f^UN%xa`�d2](E0O+Nvza�x:M:6*@?�H���}3Πy+ 'L ʋSBD�u�.%�F��<�_*U�Y/+S>Kۙ�C� ^49�~�`r0C8S�aPM�Yڵ$bV�*l�
�&?>RKh�b�R|} QW* �:g$8<줧ǝ�M+E�fB3�c�TyCK�J;�'|NTu2ԏFZZÄZ�ۡ3�ɰmn7�{b~KJypuxˎ �K-5LuE�"PV �!83�Le�E)�<;�n#��,�&Dv|C}vV�J>)Y}wW_|�
=v=ۘ)Lwe��k��[gblÅ6"��R_����5}h@�me=ƨo�bD }
ŕp\�b2RIs-C"AW(�&sS/犍��bA9�&wNId�<����.@O�A]1���H͖dw$ف(�vh$�N[�fG�6ls1ߌ3�ɀJJ�"]kgi��-jo:wE�~V9AJӲ @rd&m=�E�1Zoı4� k("*�
�I:ޒJ>?9"����K(?��.D~dÆҦ^e�"|�t��JB#el=3#�WJ 6n?>��]:wB0wJDL/sH[X?u�$�11DK~�\�UAݡ��viO@][D'YB�ۅ�*[o3;)B]!�$�q0{K%n [e�5l�귈UHmZd섧FqI�@�V{2q�'zs}�u�5z�Գ\�S�Gʮ�f5o��
U��<:F�K�h�]8�AK"mg57dwM+��C�RcLT��ڮ,��2�S]��'q!{Y�U�L/nqJ�C�@L��&Ұ?(�΅�M�E�XPT�����Rł�xǕSi)PU`_w>=>B{>tu���J�3*iDj�d�[cp?-TVƶ\�2%X(���2u]~ʻ��2o8gM`Q^@NM]j`#K�RL7tq1ߞ+!@EXe6VSx�W`�g{!$�)Ğ]@*
j
v�F
&q@
(Gt"=J��YI�
qY�h[rOT�y\yfn�����h� +V{|Y}\=N��G
XzT�eS-N
OvO��ޱBYF��/"ݔ!KnWZG�|/V'3J�j5jIK"Yhɾe8輎Q�I"�`ޡ�cf�AO9ŀi^?bm*Y�3}�a_�,淞W�gVո�R5_gK��`]�!Ik:T3$?_�c@ h_e9�|L�wWCb���� F\Lx�K,$K�o�Cf)l~ש:{c1�C �0hj���82��Gy
qV�6\��&ز֦$-�&opm&/��3�5K��ʾ�ҧ͚,K�Z1;��#/�}JrL
[�B:s]} ml�;W�ud�KyT>z�z�5=>�RxS��ý�phyd/;/q�f`s�o���zJ��tPmU8@f$7(ϗJ+�)5f�Lrakk�J���zT>�icvې*pe��2bgHXe�DEMQ!a�e$m9m!{z�T왤7| q6hPRP5s�{p띨^�o�r$:SlcFx0 Џֿ!��K�Q ٕ*~f;ԓCw�GvӥWѵ�|`K>W({_Od�Dyw2Mgs'_U�;S`�M
V1W��x:�;^Mٍ�Bd�nE�Y!A�ʴ��0B9":("/ΐ՚ROu0O�U9Ez�ۨ�$��S֗ha37�@5IfxְZ�pTQ
�R8�1�;d�>
/SF�b0W�ߏgLk~
b!��l�?��b�e=��ݝH�ʿ`��?譢K�y,^��zdaXh[渊ܢP�o%=ZX�Im�B@v;7ʮ
Ul�/
7{`o�1JX�3f91wWy��^%�B[$:K92ص7�:ZVa<�BH��+i�+X)kT#��R�5ߧ.)ڜ���ύ
�se=3-(n�A@�_��|5��Dy�l[ �bH
n�d-ҝGr;X25z�⓴�lR�Z�A$��x�Um_OwcS�P�
5wsP)���(MbUs�w#WS
0.'Wwye͝��jw4���>�+,H��%I̺2* \
5 _ b7�č'�?|^{�;k%x��i oҶ�̝_'M�ZM��-0Qi�8\8e (�՚ҫ�ڳ]ق����}�ݗ(Z=xm)�
'<:Esz#Bo@,W
MeEVJҁՒƂt���%ѽHu��0l,m�轔g/{sК Pvϊ�x.�-&ָX۬*z\RpW��⦒/O'/*�$/�[Mi_��1��cp�i�8�τ۰>hq�HfI{aj
ݞGE�a�3}v�Qn9��C&c� �'tg�eP��]0"�Ⱦ�f`x6ӎpL3>�4
tiՐKJN^ۘ35Nkܺ'Qڇ�ҀnU���,1�?j
�œ��/y[) W�9|Ւ8�Q rJXu"�7 �$T�3&t'Lɡb2���LشZXᆼ>$�Vǰ�Sؼ�M�>�ж�\S?�]RxJ� �����W�
Yuhf�|�¼(NG�~�p<�|kI��n�)���l� !в|_9�"�TE8�-{6|T&7K�7&c`�zHNNX}rb��KI&�?-�r�,�;5�3zE�Xk��&@�Bi�F&H|/FlDBP|5OpdO��ivv?fX!�WcYve%�!g歧m:U\c�f[jpH ��{}v`��J6��E� -0q�rAoew
��>KJlg�)NuT-q�s�%S`H)~:�G,�06a־�SD�No{8.w8e�(~�!�p�=�9l�[|���Q�d�"s#�&sl�Ƽ0\��M<ٹ'O2�_.:#�iTG�fA��p�`EV$�o0S8wu/�)Ze���Ǹ}i$L|D&��< jހiտ�v�:<(Wq*~�>̵ac%GR�,oI�V;ȴ?eQ^U)fC+f\H3
m7%^Ӎ�� �B$cTEn���<ތ���7bD1^\0wZ�j�Hei`h'䨐�C,k:�Vi.
��ly2+[?VC|;�bWFdxD5*ܯ�^1r3KD7���E)p&}תAW۟K�~X!�q��Ă^j�Ɂ[�mY�(��[n7�`G
|
O9�Y@
U�s��AdlՅT? 1�F�5@>Z�^ТAzcWZ@�>1Xɐ'g�
թ�����nT�#y�Yޥ*<&�'x -��d�R
PE~ts$�Ux.��A�mk*X�h�
ȝ7f�{U-ajkr\4^G��]B�azzj�}37"�P|$
4_aw|le�]&U:v˾
O�^ABђV�Bd6�zdjrɵ#ϒbٳB1l�@sE[��%9ƙ/���9�1\Q�6�bKq?Y�GZ�Y?M})$5;°ؠ~[cdk=Lڀ~a<�.n��$�A�̘$NHp눊Ou>Bk#�b�[R�2W�&��ྙm�ԜN_��OxE n*%��_�!Z2, CD�
+C�a�0�ZAUS;�,c|v>\xkLCaP��ʅƳ-�F麭I!_-ʯ�sq�QH�g���>BH5Oy
-J6}>5<��#~R4q^�y}5>\�H�"�x�]�C�ҽ#ƶblIhq4%N�WBUxY!.}�-N�Ň/@I��p�V�.2�_?ջ\}(]㭞!ҨU.9a��]
4jn'?:eCfIG��Ґ^!;[fG�2,wʷ7���#tr�l+��N�*敩HYO�4)'86��*�f�t�Yz�Ft(��2::`'1#�nQ1g%Xg�IZ|���{�eR̨? �
|Z~ݾUP(#�OMRRbGÛUY1u�TYd55?K�&0Gf�}"�D:\�9fTKM42xܽ~�,3�MɅR~ ~UdH�$Wx˻=裪p)j�~*ҙMD
3�/�X@+4a&E5M+Se��s)7e�x+Xۛ�~��~ä �Տ�08q|�nn�c����{A�j�Zx=宭Ln-*?zlʹ;kےZi�C{z?�`b�0M(Y5%m\E��*K��,f__/|��T
C$X�U�O��kn�wS�c��LrЫ�F>���`ӧ���H�(W ܶ9�q̦<уI�'C/e
dyЬ<Ƕ9l���!Z�pΊ�I/I.S�0ѐ_���d9@ش$YA�KA+{��h�Mt�b̏{C*^�
>mG�$o�b/`C�6)ϙ +y>n,]A0�F�hԭ�;%\;Bq7{e%�Ve*ACi<<;N�?�z\spG���:�lr|C;iX�-�A�X�k�^��]>@`+Jlsyh0#])F�m:k 60��LBޓ�xͥ!�%QN�{?c�;|�Y�eK]ҺҘn�g
7>�u�h?Db(.sP�B35,Fwɥg�(iZ֮b-)*O\v��Dh2A=Y�T>Cb��Ur�T�_*ss:ߏ[`gÿ�5�ޔ7�4��ݗWkfuƔ
$~Jv5�1*��I;
^�Ah0)krzqRwR[wa)@E)5
�h�>- &sx�S�MkIzޕ��nA�3t���πCܣf�� @b-2�%Zf?�4��֒�n7#n&)IN��d~�w>}<��=<܀��}�(4�ƭW>]?$�J��JѶ]W9f���e<۩02�-_q X-pxLHBndR^r��"��WjI#f':�2?hD'ǥY�zڬ��MFVf�R�vH%n�Řvk �R\ڙM�UȘW,{l]Y�RSQ]nSFI�$�.Bj^��*npnS�@[iE��-3��$EnDz�``~0֕E���0@�.)u[;XX�h2Zޕ�/,(�w�T�4�3QмG60.=^tK~
Ņ,Eӂ'0R4�3%�@b
0`!@+C'k4Fb��ե\'EڂAL�R�9WĿD^
YSM t9
m|ӫԺFi��_y
gy�s85�$2 �T�I)-W\\�YjF\X
1a0Q۽,eG�Yf3܂�"S)|0$Iɇ�(ZuX�`))G`LZD�JyBGS3�g (Ho3�r.��^��T9�'Մt6ౝ{��WU$=Zet�/{ 7�-u[ ��q p�r`2ͤ"b5^vܮQ^ҡ8_so�^kD,)-�=ـ`MHc�mQ}$�ҍfi#=U<{OCO9G:r�0�g
�V&hu9��)r��$���Z}D�R�rX�T}ޕ_Ϣ�2ٮP��zuY�"IK�%2iN;݄96e��^&/.k��0(mpT"*5wqTO��Y$�*�Ex-nKZ:��(ib7h�J�b{��+b�ܷͷ`�ݤe�?2����|�ȩ?w~6]W�d-.BhrdlU´w"�m
��g]jz���OH_0cφZpmkΙ湷LαR'����M�apm/$ڵ�T !JInn,ޕ7+;`o E�d�8�NHv~B�G}�3U�DY��ƒHZ��@Q_B��ʚ!#=��'�&4V��'[2�K
a(Ǜ'`�{N�弭�<ҡ8m�L<��qf�
,ȱDA~n�g.2)IrD��6�MO�e�Q/����U�}NdW?'O ��/x748}/i2�f3�
m"rI(Y*B�z=o̢�/-�.s!+\��Z}f>'͠/ƺ5�j�dA-a�Tŵ-ſ_k��NIx�Q/ND��$�eT���F�%_50t$�{�x�+�4y>��� o~1@nC�Fy�I�{n�Q�:Ϗ��evt$m8��*(}B�
âN69�]A#h9!_ aD��R=1�+�F 3&N�*\��ݫ(*�+5)%D< oZ 9��R_|JYG˙t15CSKaTBrEe�jo~:�7n��A/`z�cm{uͤjLuCå#~<#4wH k�27*�ÒM�+&V�4L(6CwX٧_w�W@LJM��Bv�B҅�k?>t'Qt��1X<�f�!qMbDV7IE�%�'u3r^�;-iJX�a�4F,vf�l*ElsiWM#Nۤ�'Vw1?Ģk�W�6�M�t�K�1.�F��q;�m5@QQĬѕ�1�g$Lg(ԁ%n�㉭Ȼs<0���*ਸ਼�QO1�m�i�|�V�i�EF#m?qgs>[;-TE62&HG:V��iC0Z`]5�,-g�V)uAJ0�_
x>Jp#/~!Ȃ�5Tq
vsg_i(\�%1�CtZ˰�]G7ّ뺼E:1�Loe�q�sx˄�`jD!nO��}��KX*y���>�.ImE*T]-VZi-s��F2'aDh�-p�5*ݔeBj-�2]*!"�CprMOMRt���+K�M=F�+"�ǡ(.CS�F�1וв�ь�;bʃD>@)� _z~.ZN�`
�(|�ڧ�\�0LZ�hZ��R�d*B)�:lSڒ/P u/_T^&9ʶ��DO�AɊ��Yj(3K ���&V2A�8D$IZgj$w7M%8s!cf\/Ղ1A�A�0S㔁B���}3jf8{מJց}V�SGٲeKfvg&�pt&I
/�6ǧ_A9Eg1�~w@W��,m,{z�Hv¼U.,Fd�&x�OwF'�ܔbRj���Q�@G�Z6&�2́�GǷt,3>wo �'RUMFgNc��!�7NmgE�iY�XoUuT̏.%�ۈn,*�OevJ)QR0]][ste72$y[&x#N˧�"#/٧6#!A2i<:]*쥺`ǫ@t[vo-eF)R#e$U{[>e}lX�">M�Rgu1�,fo
ȋ��]ɰr�VYkn�
F{w1z��g'vKXS�c�7%�eH2ޡ#@�[?D�q�$LJy�d�F"�=��n\�]����<����rE}2
��IwFs1
�^!F� ]*�=֨�a2l&FW9�qA�@wuV/RaI""Ph$�)k+~L�!#3hsZ7��@E:)6!=Y�拚]�Զ;7ci�r��d�Wv�DuI`(+[^cx�, vdy__dѺgx>lѦ/V>)#�b7u�� &�{#9(.K�
sk35Ts�L�Pq�?bi~)
��AY���QZ!}R[7q9f�1?Bp�?�v4>�L�o]t뎫ӳ��`@3Bm.#Lm_|c*[0�$ORHCċxٽ(9��L�Ă�6\Z�^K��Jķڹ6LК�"�k6(AT\dc@51�XY2(5�#�wOT>b�PlR04kGi/s?�.&J�킌 @xݖ�zrG�ʹ�1AnC;DZ�Ǫy�zbz{7N|Kvs
WyEP[s
"ܿbv|Y;-�R5KZUYr �J+?pDȫLt�s��%#�eP8je�V�ʉkvs>��_4)�*U�&Ɇ=�&՟��b�l2eND�*�t�IqrftEb��CG8�z8"�A@F*��R*0M\ؾS,� �MQ�1-虫3ML��
Iڥ1�aI�Ab,���gE,/9�4j��|wdzY$F *tntVrZ1IP}S-[.`w.�Όg�'�}�
�.:a{6#mTD��{�GL֤^�k�TʷҪ2(-Dhأ&ősk��kk cQ��;2�|)yɑ5qƒ��l�iw&j�`k|�pT
6�i[dIr(033W!#u�4:(HqZQ
n^[^n��y8}NQb&ړ0O)\�C#��,�Z@ w4o�k��䡹G1�(P��}8[7bq
�Wdن��eh@b y;Z+|9@1Ũ/O�l�d`^ECDh��;�Y"FE$:!.��W,
m�V�P8&0�s:{ڇM.��nd*x1WMl�?q���x22WS#��YPM4vfbZ`N~,�| zå0.PKD3/
?W5�XԵ-b'.%I�N_oVL.�(f�v�':ٔ"ɳ+�eqFT�A6~7x�n
|΄�$^b!;�g�<�{$�cC%]?{*`�/{sSe^�qƸB�ˏr�j#&2?,ܬV_B3dGy'd�$C)�dQXu`.`~\�f~�цQFab �|ПkЀv;!
�|t�=S)�+!|u�"UZ.ݾ$I1�7b\�DK3��Wwh�]̚ �C-C("�!˭I2˻�!!_פ�u}Jڇ-Z\j8EVsI]Y?S�AA֡49[Vo�1�T 09UF/��CAf/��m ,Y}<��t@H(��m�nQˀ�ˤ�W(��<^ɰ-O� (DC%3/4TQy6K5⠲]B�NW#д�e�2dћP�'D{�Y=v2_?�֊n!:]�o�c�W�"R^I#8jK$i-�c� eiV�Ug��X��sdsctv,�`o� ǧB7>ᣈ�nF�Y=�O}�d[R]BkB�?Kus�BO|�COC�5�6 ;c-wskQ�!M>p:qʑWW`A��]~��مb6.�\(0|0|�N%Aap?`V�l�6���cc=&�.pߙ;{ 4cR�10!U�ͨfI�/�
��|AYMD�3K,Hݛ*��[�溏`6Aė{)��]ev!"J$-�0oؑ|4>�Z6c؛C�sR/�9�� �ڕ-k���͏��=F8��<-{DMb@-}ʼe.LzKz3�D|�{K$*Oj�jO4��%_�G��+hO#-T+mc�}�H�Njpb.�QRD�p]�<*loOo%(^U�WtWGm[hsjfH\״Py�V����
|�|��v�M��fE% 3?�#,-)'T'��WdTg�FX8d3Vy:_*L8=���oZ
EC"�#'z8:=}��ȣf|=��FUk%=Ub0a��e�y܀g`H�3n#!/^hR{څ֡�j<�͈$o98z
�O�S�#Ԍr���2Ue��1eubW4,CRt4ytkQ�ۧhT�D�:
072
dT�n�Zٵ?{U�ݺ _K`rHB�C�P|
39ދ�<@WIs g9C8V�!=�X�@YHψy�?qT 팰5-2a�sQ��o�T��t 23 0a#!7BD?,}T2�NfF�n dN�M�A-~bэ�ўSHhoo;
Z2�#�:2x.d^�/"nR΄G�Bzp��m��$瘤mT!`P{q�Y��R�g(PH؎���p9)�Nd���ެkQdv@zT�)ÉY~p|aU|viY2/dw�p"z)+)n$cE2Gdٞ��$T:=�}1mКHi<�]둯������ilGNPKݧ큘�džPk4�>\ym�=lwG�W��oO!iЗV�OG{aeY�ͱ;apfCrWq927곺Iũ���eD\IAwbrvaѳ).��u�
y
P1�EB!@%th"�x~�pgl.b%P]␁b*�9+�$1�Z���Tj|�
D
]ˠjݿ3AK�i�6<2l{2+#4%�V\*N�S�s7��Ԁ,�5c1�W=-��tЀ�o=QWr7m�Z
W%t:Ǩ >(Fq/y\�MT�cp�H6�Œ�Q�b��M[�X�ݳ/6W�fԘ�,7%�^\#wX8$HWgLy,7E#nDDd�g*%k-BѲ꺚NxHEm�Pr��QFOIm<�P!U.)v�wkG2���N�;�9Y<*+R\�r�:�
Ĵ$HZKo̮(�C̍
�%$,+@݊Mdz�<
��D.C3p5��"k+y
,�,]�B؞<3U)�A�fe
Uz+x��6\Rwז��M����
[hu;+g�� �+no���^0:�8�JSV�d' h; f"-l3uV`ʉU2#s.�7'��JV=xt*
<)%Ց"+�-Dc ]�mѢw�hnxo3_���h:LB�9T�|�%JupqOG�G{*뱚A�ԴD�Y��}/:p@ ���B�W�nd�
_#q礴Ǣ/#!n�Ͱ��2��b=H7A��ʥV;<^�zLW��,xī �@�@L���`g�Z�
=%[E;8D/�B/!N��2E�F,mW7@b��5,�ff2�X���efzÄ-iuxȭ{Ug")y2R
��>�m�WUQY+�=�x�ҜqII�~ӥ\[}E�{g'Xx
n�7pn^wsdIWv4G�صM�'�t���X=�=gs/�vKc֦g �Ldnr8�]/3]5ë��x 4#�aXtt�#AߨKPX^zy�Aܜxa���P}CPNmɨ�05Q�7NWc���]�OF�ɇ�=3{�ڡ? ')=%ܰ�@ uEO1SCVrnKmN4,3)c@Æq_wF�<�|�:/V�CL�y�Gƣ`!
3wT'=+�:���[DJW�#w>7�:(=H~($Zg<;l(WW}N+ͨx
�[@�%d?i1�z[l6T�q,%�e#ϘP�fh�!mK��1G��pWdƲ�_)k^��?cT
mŽq��Իwh6�F3Bzk5�:'D
���U垸�'l9�P�z�4�p3`;�Q(H���[|�"
WJ{ϊ~@M�k&�_H)2L,+JX<ޟ5n/Kf�Qwu�j|�+�)ǿ�
\8'��6��
_��wRq}�>3x��Sh/�Ҍ�C w\j ,je�U�PaIG5==PO0[ma}êx^{
P�$Vq{1~oYI��)=
f�m n�l#V��Cy6�.�VMGޚ�xZ�jBfx_0W�c�1zcT8�T�j
�i?l��hr��]⢌t˅�W(8^u"2$WrF��͎�r�ԛ=UN,a9��Vn>H0gN�%c7 ޟ:&0�1&Q�ʦgSBWw!:0{;L�KHt�1v-Xjс),�S9��ݨ(h5*jd�>�Z"2Tx`bPW3�?G�y옪7h/G��~(~N蔿ׅ:4�M���R>eګh,=�?�EP�]1
�xsgBv]ɳ!9� �f>3|TQy%;�ڳs�R��A3�-pބ�{sQc�N$�A,C�0�W#}>#:>o�
��3)5y��EBB7��^کVY�R@8�-�?g=6sb�ףsq��ZJ�X1��LVj¹ Yۯ6B.vt2gP�9����Cyt�c�W�z08��?�o'W�e-+ �)p438� ,�=X˦+�@�t34lVS�h`\O(c=F~!'UTW N\5:�4C�xF}P�u&H�[�E�xܗpgo!5+͚�=Jq������;Mz�"-y��O��XB6ǔ[V6t^?�Jf7V%dj6�Ao O��fN(WÔ1'@v
4.F���[�*jg:zw>-XҀ}�<
=h�0�(�9ʻ��PW`cK��"�Q~(*.c��}.(GQ�ReGUk!dd{s(%V�:74�q�R�e/�� m�ӷQS�4�
HQd�?�Bln.Dpm��%(��9rD'y� ���6+b�H�]l xua͜m�\^qo�mtt � ;�EB�J��mȲ4L+lb'eM\*
:^F��ٕ��q&�9{̘fJ�EXK }
l}.a}�/M7-r۸�j[ik2$�)g&tbzYvbtc��aa�P[咻 �i8,�l;�X//��`86^r1PV�};&E~��X�2Du^OB-%6��0wR�E�'é�dV�maO@�ZH6���С7�͗
ө��9N�FB�Ew3;!R�8g����mj5�ɦy�f}�vԚ"�I�>
Bqy(`f"@m�~}G�
�*4h&`#hndvmܦAx0Q��QI�[%z5"ի�kZ|��Fx�!aXTr G@ngٖ_��[�Yƻ�,ߦ^ �៷�J+�8)U>jyvftJ[R"rS[�&�F�iꞝ}I*ˈAgy|���+euV4OYT�{�MB�"VQ�qHP:�^�� r@3]P=cqn��dp���wgB"|�[vl綔ln^O�s�Y{i;8؎
�mgK%�D*p܅q �O\
�U^uPFӾʾ�Al=�*�wn��'�~=
σNLn2esY!o}s^(el5tZҭW�ĥً>j�2*Z116s�87�j����]%cGf}
d)dV��,w}w�ԑ"GQi�4;skU�Ȧ[�dP0�6Z?YCuHI��8r�#t�o�5nL�c+�O��^ٺ�CnW�G�8
�֪��J3$:#�+AX���� �5at'Y�YCMSkIGZ=E�ȮXBa!xar(�%ղ�:�
�(JT��@k�s
7HP�VDӦʡl`Lwd"0*��.JIcd�(pY9�Юפ�QNlR2ckv�ۏ2)qmq"5�&4VUT'J[?~&JLz'x\Tw��jTk0pTrQ�'NC���i :_\XZ�%Q�4D�['
@}%Ǝo`�(;hlEI(u�N5C�;o�"p�����a�(G�q1�n L-R}�M|Zȝa�"TPy`R0U�E�Z=��:ܖRt� �KhG��I.?誚W�LrWt��*te"ԥj``D�OyeGkg�*CV*&�w[S]A��sDhBdRo�ux�D">$,l�K�K�ӏMQVG1Z�6A{2>~wl��Ô30'm3�(,,8.rM�a[gz(d'j�işFWahf�0C4@m0� 2S$
+��GfpyC!(L*S&t`87��Cp2̿Ì(͵$? ВiBiֳvI�:@{+B9�hG+2*#��h0�a*Rf6xeu֪~Ih�[*WS_(Pcܬbt
��Yy*TZB�_2�<$"BnUj;+Xh/MiiWOl#NB�ץ3&HAgZisN04jM?BxMwm؍�Uz8�_��1&�A��E��lF�BMh,krD{��սm�7J�wV�c�!9�z̋��&M=G&L�^;���:ʬ4ds���Fb~>i]�0up#(
�|�q��B^t6}��|^:�v%��~�wEn+|O;0i^��=�k�|IOWXQ��r_�|
;��%/"ߜ="Ϭ"
0аy~_M�?j�@4�L婍��
(�wJ��[�
�bմI�B-9�#�@LYxL3L|LZs@g�O�RH[\p4R;#M��S>**d�
]F�,m�K^kV�+Ґ��Ǵ��@*2[sJ�--:Zv\�I
2w!=yNg-�NfH;\gX�,Ss%6g3a!-$,�*sFyS.&#]v)Fb/1PdI|gfkKyp~��Esޜp@{Cc#بM
#ȍ惉MZК*c;cu�D��`B[�/�Fa]p᠅+fT�Ow1<��E;dI&�6ڎ�@Hw\.Dۀ�GÔz�z2G�&�T%`Z�&C4�hQQ)�ķ�c֍-'SNM@�7+RCp0.h��vp&�&ȍ=$�Ur�ԇ88PcjT�"@eGZ�/Nَs 2"�S1�>w�5cBCGkLq<��\�ie�5�[Z.[2� l�0$Qv@N&ŦE論���P,L�5i��(XSZ*�4nݬP�Y��{~�P=)�q{梃\˱V��%�/ �`�1*�nd
`\bDiNK�]�)���Uq�`"V'9`$Oe>���}r��iAL S*U�|,zq�Yo-8�kɅ�&!�bɱ�bHy?& \�Ħ�T_�H^ⱦmGSPܘeneiV�w��q�w}�A;s,d%�eX"�R_8�\�`~(�A-�q�i2_?5ޗH�tohaԐ�?g[�o=xʠ��C[C�}\=UPG�ʨ�]C�GK[�rR� +ma{�#Ǟ�_!�3\k8ޭ�*o�0���
�fXU:�Nb�VQ�*>b��/�9BgW��((ZCm!WJe�S~��_a�pEҴK�3�*2}u�M�W̚��,4Gȍړ�'Bo?n6I�ڶƽ�zn?1܀{(IDSgPie�fW,b㛶�`v"KqZ
s �@v��D�O�F�v]��!�Ҋ ���_�}�ژCj%I#/��4>VAmeŻl[x���FuVE���:dܐW�ͪY/#zs��2r��)ZK4ƭ=�Y��]v�v%u��C�٤!Diq2`'0
ZrST^���=��տhFJ^:/�0�qԤkv�3�v?l;
?ahU
>���fb�哸�By#~S]6jw��z7j@��hC�'-0vDYG�}:�U*wk?��`ϒJ�2OsJLgTMr��^1Z*�� dž%K�nh:'q�s)3NO>|]y�6ӹmXːTDO�U*A�9&6VDw1Mp)2"u�!Tk
Y9:A�֖I�풾�Z�N�ն7[mܤ^zz*&��K�xmſ�
*L�l�S�@9�k硽�9H钌l�̣)oW�P�[9Alu��\�CD3>so^�/xܽ(r.3
aqQ_L�=�dlIXLG3+
φdl"�wG�6i�9
`�z��ފ7M]/|jq�o{vxo7`@/|(b�)e2e�A@û>�X﵀-k/�.NRl@�L�q6�.pV>~~3?`9�eP�؟"�Fd �mŰ=�9h�O�1\YlD�:xO�.{~j\OP&p>G{Gǡ�v�x��Y䗋7�=uXHG%:i3lM�Û9��z�u4yF^K_�t�E �cE�|1<�/pcU�v��)V��)ox;%!�jF��~�Oiv�*SJ&5,AaP6q>}Il�hFS|{�I�((vh�z$��]�|�ڧsY:%KU孿=�/h@V�'2ce^A=ui�X𫞶;MY"Es�Ѥ*#���c��$'ՙ_>KT
!\w
/]�5^JgϹ#�Z>ƭr';Șӛ=:�\ �v�W{IɣP�$UO[#nmf��s83n;�/Ⱥ[��jzW{4g���7Փ=o_�.ZxC�su���fda�)r82��ˎh3_��V`aVm)>�i�¬H��4wl+R�6&4
^ԎL\�.O6�:��"*Q]`sLh�zu��Ya�J�t-O}A�ş烡�@W~M�k({ ޛû�"6!v�qkl34'1ٖ;f0�\sCar;�O�U�oe �e��J5�W;&Nj7<)8o�A;Ƽq
>I�}�\�� gUnk�7<5P�[�a��kdIٞu�یkIߣZ�1|�":=o�)iP�y*P8~3f�2���eJMw҇9!ԕA1N��A)a#��^k�n�,G��$n��9&k�،2aPm�
n�� 3o¥LO�^{vۄ@U�c�jS�kw=��S֒U�=h�TK� ��ӻ@�@S-�7{�mWwPωȞN7GXJd~�&2Zy0ͨ-�ژ76B�
�D+�%W�"�gQ
՟���:5:�i.G
l3
�qQf�957#!?�
pv8:�$AQ8[�lǸ?�i`ɀo�C�y~�[_~7]+a�9,"_#p�W<=ͳJp6+zHcwj�)YWT�JPx8a�*Z|6e_!:�.*MT�s�`t#��n[�A� ��ð���el䔵\B^�rD4��bSj�ca�cp3�^.f1bWhնw�,@^Ci�ޱ��>�Ź !<|�ZmP`�aG�'vP/y���<�oO�ֶar\�_5O�/U?q4�3M�KPyza
ͣ�}�xQ-f7>��6GB0�y�/4�fAM6Ķ�%m��cK7G��`~m2bq� %.B{R��X+|nI%��+0N�%HuVj:��\4/�.3z�v~ZDќpzǾOW\e}�v=FزU�u���Gdv�Mњ9 &�$K�-$;/�
AV��]h2=$M�P�} ~� �[�KbjjHHK4z`fW�AS$W^:p�kdcT�@�[�B�1�}�>]z7s||�Q�3<�RW%�
hX1XAy_��{ ]2|[5%4B�عɝ.~T(Eq1z�D "̧g�B-�d0%%g�6%^_t�yZ_�ƬZu�SIy�.�$c21b>�1},,!W��,ftaưG{sF�xA?nRЛ!��)4�ٮ8k>^4|r?a�x8�eӬn��_;+�SrR)f6�i<�>#汛KX"g�EڸGQ6�LNGw7�SN1�Bg�6�?�Ǒ\r�E�N~Ӯu�j-^����> Y(`xĢ�v}ʷlR,X.o�g]a:�
�=7Uk7?
ɖ�λjWp�q�ݧQ)"}&H hd F��-�F�mp��2U|9lghiLO%�9W�J(1;R�Emz�
D�F1�:�ԝ"��jz�JR�ܵ[L'6de{bj.z�p�薲)FZ�$n xT7�p=_1[4��K3r'�;i)Nv0:U7~&ׄƆ�ɌF�?y8x?ĤN_�v7�ޘ,;'/?Xȥ��k掴�%u{d��&B�aTB�av�ͧKn (E!#|�vP}ԜwV[� Ff�xcg�煲=$e\9�LC�*�a����XxC�$Z�r�ԛd&$q�'+d��TPu�,D܄˜dz" Pk�=@W6����5_=&YR�}?[arK�,�,p�}i9$Ձ��ӡtP=,\]Gb�z0�YF6�썌v o��ÒR4�//2"ݕ*�-6k���-Dm#Kkn)�fዖpTƴ?��kϛ+̆
�+]dN�� �=-�E��(ڗ�HG�a3�A"<�i�.aeR
f}8^TCϫg8e��Qo�Ve�1UX��y:X��zOVgdu�zZAP&��Hqf�! ^khoL^5W|գװ��LC�.kq]kM,!pLWR&5u3|�y["бCE%@}�EǑ"I**&��F0�8l��+ˇ�U[ �T �Hj3M_
n;5�3ٟrye^ʗ�/olQH�X(yseZb<[}#4KE�+ej7|#6�z"�?IbzYu;*�<"�Iv��3�Gp3\�G8[PA����ޖ�4�.1t?�,�Փ�甎�l�+�}QmQ*@'=C�39�xIS(L,ӏH�BvWȇ_�Կ��!���@�G�v3���/]�(�6?>6ߋ\^@q=D":a0��[��bj�`D?z�V�ۇҳ#�xU!Ӊ�N�n;tT@��# >WG_۸6[oq7eh�P\N;E1Y�ijى $�� Cǭv��`�aA|$�_ϻ=�Zʕ˿6�6{h=lw%hY@h tiڒ=ʾ<ÆZ[N�p~�X� ځ� aȵ�(_V2�{Zs�&3[1!j>
��V�AO.ʄe>N*m�V*|�<�6Ur>�TiW��qI����|*=.1�yz�} \�gZRZOJbRM+��v-�,Vkײ7?L=5��#7w�$f֓ �xΟ`Bq�)@Rm�LC=�| ��~
#RO�r.iZ�"�ь'_r!P̥[\{b<�☝J[뚮}
�vTpH�>2qG�L_�aŁH&ZLv
g$"g%�a�ʇG��HI�%*N�,a�z@�]2�P)�br�J^�j|$�p.~'z�"u S�R?Τ^�XG`+0�ņH���u�RH�4(=반Ɉhq��x�bO'_�F%����Vt䐓я�6 ?'H
zۃ|w/mY7XnjzϜhͩLkeU��T#G�h;P=��1ZW80�6O4ӥ��H9���U���-CN̓��@$nj�hlR@Q+jxI5:T���U�*J"oQ%'5Hy(NB�q4��5!�h34eaோ�nz��Tf.�9o
>>�� #���5�YM8H�s2of�̵(P`/�P\���Ģ*��B*��~h�}Ϫ\)UbS��೨"?L��Ygkl�*�__=.~�'y��g�{Qw�� IR��=(�~tZ%f�b�S�?ځްOwE|J�m��i�8'�e]*c?�\Fd�[")yIIB"!A'i[a?ma�FĿXZ����0 ��O(�/{,3H�1˙f{e�AEq��ɼ��*"8��e�J��ٚX@qx 52|j>%,~9[q�@ Ǡߕ�%8ߍv��R\XʆD�
u -E�W曶U�?q��}�C J2
wʲƂIXwvU%ٞDԏ(iw�"H#g̓tt*ͫ0)w
RxQ:�+?�NZ]8't�m9Vi�A���:O]hC
0I>��G�JGBս/�>٧fiS��SqF=%&_�jUM=D7i�mQ\v┕}]Z۞7s5-\~b��,�Y%
�H�J(A`����X�ƙX��$8�v�>?i?aw'my0�E5j5n:bڜBqF[ܷ�x LyA?Cq��R��D�@�0#v��u��Ʈ\ "�-ԩqa �5P,A��%
�5OT3
OK�M@=J>@
mlL�#�q#!�!'�E��ED���>so̮aM#�ųj5IqB�Qz]miIL'[-F [���]99�j�R)�6mn*fyp�l(\2br�V�>_Mi���N'ޤ+�VB<`��kʮn1[�5{!}`ixr�\Dִ�Cb��8+&w%2u� ��~.v�j+�~�p�Sg BiHv�1q#&=?_<&̎\ڷf�mZ1�~3F�O~z[#D1 +э3{yW5C(ZjTYDw
`$} �_�XcDh_2}
/��A�[Иa֙D�ǁUр��yi�A2��tͥZjtc2CV>;�C#S.h�<~V !��D4�.敤pet_�GgE5NUqw.렀of&��j\�d�~8���L ��kLŲa7��kוԮaFi�7CA&R�U�Xc$R5a�ᘫ�߫u6N}"�!sXJ-]S1�D
S=�w<ߕ;�|�[Q[Q2&ʻMtD~[�$RE3ZZ.=<�\nLlAL�~$Ic\E:iL�K�'_S>HxdD=߱P�n֕|�7yZxlJ�YB�ctaԉ��E+}l
kS��0zE�(!��Η'gOCk}na��V^�P����j(ύ��<��s� Gu̝ӐI�2Ep6X��L9�S͜L@(ΞQtX"L*ݼM�z�ּaN@m�)T|T>|FGb(t)S�
j9Md^y�e!]�ĭo8P>mv��!�̀�QFc> /�VP)]�8Mg^9QB���L!^�4@lǪ^�ScoV<�<
�r)j
N~�U̳(m3^ �Chg+ÆL�(e��KZ�G4e,�U'uf<Ŷf0*MtNL�)`ɦg)6C�vRw e}TV" RC�bv�-�7mA�bd�r�t4 s-
r"�aFt+9p3\�{�\joӂ�iB콨L/\*%U�
RFtI�Og�+k[Y:ș4ho-߃G�
??+9QUД6-v{��{xĹ�?�$�T�%@��_Xvۨ��-3�4L�l_2�8X@MR*"�T:��?�P}�=,sw.�?L�\p�K���
|Ȍ^��~ߵB/���*^"i
cog:�*��{u�-[emx*r�
~t�N�@mA)n.vv;��f�Z��H�KvEl{ˢ>Rr[A@M"k4:q a̚o[nHxb�9k
1P��e�lN�lۗ��S��Ys7j>�LY P=_@�|NZ�ʛ�0T�NҜ�J�s4Ec7lAw��%R�[ �7I5 �HRiX476sW�ɩ\]�zIJY�'TM~RFG=7<ԭx��I)op�t�kv}8�Y|UJ�&HeC%c$KX:bvᢽ.�V?+e}b[�{���!��$�4-8)!|l�G�Yq
NqgN��!o#"J!Q
S3x0O��iң�i^ƯG�P}-?S���W�yŅth��"(�[tѸhb��ù�Z����iԚ��SYP`���`lT:h)�?/#C/nf�yGhe.���fw�{[7�p2߹^P`$y�JJhh펻r`A�ՙC bU���?$=9[g,u6_EJ%.xmP�)_uOᚪ��Ȩ�
Rp��P{ƸSFzXm�d���ǂ��=ls��S�VX�0�ʛ�k?"xA*ht�D+h|X-(Ӧ6�D�CPvؼ] ��I��cg�a�` y{}50�A1+@YUy Pb s(-mn\ξjg)z'1u'�JdKtt9�b1i`V��%QHc:|R^# ^3*n{�^VE;1Rk�͟'2$�!mcM1De0~t���=Q*j�K�n�{j$v���4nZ}�|+n�hƧdN�BBA��
�І#@:�Mivlq�cPY�-�ʎx�h�/C6�(~Me9tC�[RDY|Sz��MGQ8|sE$W�
B�Ýh5`l8ĹV,h=�K�ogf"9/)W<%���wiU8Vدu��f<�wb�$�ޕ�AY9\i}w�vmi��k:W��N/�|}c}�iyb
īP6�qP:LC%���4<�;o\L=NA��r���܋uz��v��d�3 u3RٖcH;�2�R˒��@��LB_6`eB��T�Zo2uHj�cF9rn� ��#*M¨T��{{y8��{[ݦ<,-mXk9Xe_0RJ�%Qt"$^\̃b�-���w�4{)Bpm�3Q4t.^/\��~
ֹ)�E bwF$#F)��e������QY/w��0i�
;1_0H��.L+�%�$ѕ��r!��¾R-wY��gYWl"ؾ�mK���a�yͳwq+� ��Y\N<�t Ʊ< a~C(�V'q '�g49��5ve%�(c�.v�8YiYһZtR{׳ � vQ~�����-e*�=��oFs
�c
�9�UI48rE�*\
��6�%U\VR}^/Q]>`JZg���ޟhNo<%v����KNovbaN29sI�al|x�*$˳�5 U!]Rq
Dϗ�/?'��ǝx&�23pÚ>=H��DW
U`v
{SEH꣥ӯĭT�m]�5tNiФ]��G�
/Z/��5wYk*Ŭ4i~Ͷ��_�va���0]�S7HՇ1qGw殄r+iJAΤE\���j,m��+f\Lȋ3&)��0�TB^�D?\�ɾy�vg,.z�ׅ�g!,�̅UHƋU�.)�猈uRҞG�ܿZa*��.�=�HW�Ã�YYEJK#��(HK�,Қ2($I~�*-TJo۩P,ĶN/Ii5Pi >_(Rnl"^p}��}M`u�
:�O�qV_6?7ZM\R/$�;VD8j�Q}y�]I3~}e�] �CJ�BOe�}j_M!.+n���6X�%
G��GJ|��+e2�5vE�11\>F)*|o'�jJ\ɏѭ Z�1�;I5�d��@3��F:$۞v�HȎ%%b/��6EaB)1�/�� +K��lR&?ɏC?Us�㦏�5$�I�w|R/m|$/���)njNA� PP>Ȓ
�ǧEq.�U|I*�.Y4˷�!IiigbIVn��6$*ydz|AB�x�3[U((Ao%|bu-@�\|��\Q8g4=_�?}Pe�Õx��Q�>j?.R0N7YPp=)6n��wΎcMnN�Y%&v,`n�[��|5 I*ĺmJ v4";*��FaĿ
L ZLWH�x-9�P:�r�)lDukwh3Gd�ۣZ�=�lW=ae1|^29l�C*y~П�h8�rn�FIyhҳ�Z vyu;V�vUY�{Q^�DdQ���~gBaya�:41�[�^pM|J8�9kq��N' g%pK[�&9�|�"|GC�Ԋivͭu N�{�E5auP��j>7v,V/87ԨX��À�<�1|)S�Hs,�X�H"pVO/�Ef��އ�j}B�Mvxax/&~Q��-ضyS1$CU+>�SS"|X�DZ\k��(ZTҖ7VV\|Y/�
F)D68t1x�=Փxo=P\Y"y�v)A��Eȵ�TI�b�za٭ɧu�S3|>u{o`@[�^iF1lOŶ�/��|/ co^Ky�0T9V�?ǝf~I=dJFz{x�B�~r=asKJ}:QdQk9�bF+I�`%x�Vd^}'⯫溛&�%�JHL.`�OJn��WM�*RN@
'F>n1�:kuI?�ݚD!�y1ށ� )X2 d�3�Jʲe(��yQru��c}fgՅ/EoҦ4
*Io
�7�NeY��CEo]�gW8mGdCeҍ|N�+Ͼ�9?*�E�ʙ����6�P_��*|씮u8�O:0Fp�_{}/,[=ll$(ɐ�`�;�Ia.Im-��ѯ��}�Gp'R)ɼ/9r
kLgE'X�Q7dix&\�SM^e,��\W웶ϪQ{�jݱNۣ^h[-mhg},b|gհ*2�|TՓ
O8�Ϳ9KٞDIm���i����u�b(�Ў�Mn
{�㛋gP-\b��5#3c�C�f.���cV@s��}y+ڇ;Hޘx'
Ӹb'ОYwA;PK*,�$"n�[vO=S*X3f���A{0Dmk:B>DIҋ/LqFF6a<��3ƶxo
Oh"q_ةr45~@�WOl�c�x�(�
mK]2@D*
$�s6z��u;K(.����
u�>
c�{�t!wU�ve�
7!���#t�~6�6oG^ؤt��%�(E�+�v�e26��hQe��C
�Q�mN�8El�*�q@R�K�F=s/,z�W*��Jhlm2�gXaVU7u'�ޠ�␉Gf�R�$>1��hʉ�`GʃQQɘ5t3l*_<(9�I)�GsZdD�zA}Wpz7B��|bꈛBx�alrtKv酆!�Y�IWJEn*_Vwdra*ϖ�BI8&!ۑ! o�m��8k �]裹%��ل�*G,T�CQm$'�N|n;\`"X�-��p}b;ȣw�f> J%jrl�Avfp3/`cGJ` U*�X�
�<^Έ�`� ��C�k4
�`b$ɝ]@)��, dk<�MT/q9i�V%_n�qf�b�
�:pC-9�NiQ��+Y�8orB
���I�
�Kv?ԧ &�G]�
j 3뼭v5a>=J���8kp$[*�&NO?;��'5�ː��o~ȭO!;؇vܧ�TF��F�\�GȟrT�t�`�m{1�60rĮG"ԲEPXxf���&#;~JS�&��1k�'xR@K�zj8�$�Z@PwR+VZE ;$�zj
"JK6晲�^ôg7%݇d$@w{}�`�Ŭe㨋51v�gh
�@M�4�I5?f�ҡ�YWm�T2^P�ҥ�QL�\�m�o--c ߝ_0_mk5O0I>�Pд@I&\ʛ�A3o�rA�pn0\�a�4�H䬈;jiB6JE]D��q�/K�5��:N�OBx+,%��wńF�?wvE
�I}&{ͩbw��O*�ݏ#ʊE#�r1orv�s��:k@b<���nȣ-rBvy��{�g�-SS��Q�nl�C|sZ.C)sh&29I�AR 8(3؛Т��ڂ.}L`y�(_�q�t+TQ0
1٪�-F/�5O?]+ю.�uVH$�A���r�_ /�ERmf8�Bp �I%11'7K�'ީQ�ê
9zB{$wh~$ viO>�Yс��WLu �/��kst}&@H:ʴPJ!8`
JK��Q]�gTU�cHs� PX\[쵗ej�f�QLL)�'~؝I�d�y�i{s,bT*ȧ�W9|%X00� ð�aY85A܇]�Aj6f5� 6ujҟt��]-&�>?-3��u�%���MdFNO�y+bb-^(fl
v�^ja��OgQ8{X�Q�#�1l_w@��IČ��>T%U�KaT3HS3ќRqROǕ@RBwt3H��k�2aXye�@'�!(}!
E�a(IJ2B\E9`zMfV{*]�%fU�I}�O[3$�����I;P
^=c॒)ER\�@K!`�.o\G�6�q�`���
E!a|ǟGV-z?�J��-�W%>Iю�^O�S�@K�ªh7,Վ�L3c���']Chi���!7*�yj���yEoF9�,�eWod�1!7
#�Ҡ�A\�x�\u�"dp��`m&`s\ScL�Cl�Ȗ�ac|IbO�3M-\�О6_&qP3�0
*o{EʅFQf"`QZq��Z,-�ΥԈ!�08V(}0F$d>~,J(��3҆:?qÄ�&��\q���+/Û&�V}2~j� v0�S�E1��p9Z^8[H�l5<�OM�>4;|K��v�l;hOG~���qe�6?�V�
�+
TiW}W=��W�k(w�i;h_#}R1��b_#
`F�5ԫ!M��p�D#|:H?8� ��"5GV亘%az�k���ڠe��@�J�`�ma��D퇴G^D4/J �x�ˏs��_4#*y��O�b1\4ufKKJJŲ>bZB8���if0�{֑Bd2˸fa1ڵ!�um�gP��
xщZ��;c��9%g�KD�U�ݟ2T�5ar��Uv �8*C<��%�f�K�t?LYkt'�("@ֿ>>��2ZK�W�T2hI�cb�O�b^jd?!ᛓ���04O*'Q�t�N���b
�vDy
\Ƶ�(w���G�Y'C�*fcf"[ߗqÛ�ι�L �;x1!1��]�N7EQhs�e��jEŀޘʼ�p͢�}�֪hUZVZJE9`mӈ:ҟ��\�r{�=ȅ<�(8�mgoM~�F0&KP13�zWp%3dH$Wl�֪7QK�$LC�� ї ~^4�qR`nrh�}ź�;UF�6Z�s7tG.3��usL�d�w�H�R��}]$an�K�\x@h[{>ܧ;>g_�GlzVq.�dr|(?QEyS˦Wt�{x��KR)ل*JFJ�T�܋SYP%E=1osiNth�mPt�,1I":7�)�]L�EqeH��BVٴ_ӤX]�V�j|iS=OpF��QM�}O,7Z�y=a7�;/^I;g�oIfQ/iS^uy,CN,c2^p=g2E/8r�)�c��Wdfۛ}V؍t)?ܐ�*$ʌyE=�
#:�=dzk|ڧPwP'�ӹ���,U4AE~xd;֪�tO?u�:gvk�ɉ%J^~=*%@ɭߥcBa5'�;!]�;�"wE8z=x.�pDuSdzvUu_W�3E�˘ʠ��J���/p-�@M�:,+���UY35>�=7ac$65d`3#+/'veO`@VTސ@���J.�l�1SAj;Z)+�pib= =bb 㓳�r9yhyDP�=dgVk!�s���\8+h8dz{~�
#;7vEobX%HI$�-N
߯�9,tM-s�A(.h]'k�8�[Hʬݓ.��D*A�Z�`?�V^,hQJB�7zS�.k"Fs��y%.dMǑT�:w/!�\����uЧHjb8`A*��UaHF6U[GxIEHшS�t�?hE�B S7�'Rx��D4�i�A
%��I�Tͤx@w�мb:9ĎqD.i�*o�O}d>kX,q/̗�S),��\7,o>P�`r�U|�}�A�>lGbR�O�o9ƍ�!%2�*ݠH�L�v <���U� -�_j"]w�cIy-x6JEe~3l mQ;K
��(�Q��gEREVF\/�u�>�&�%q^o!B܍�#JW)-�楉;u�_6tdz�ȚǓ|*.S]J_TL�A)��wçȖBz*ֈ�%붜^]t�)̸�{.��8LIFk&�c�g6�4T~��2�
�_wء
@3��Q
)/��"��\� μ�hK�0-�N
�غeUzϾXa5�Z�x-/E�E"�f[�r�vD��_9�I�TSVW�C`�Y
F�Kc2K��3 zLՏ'�S7:71p=�;B9�xV5�tdA|SR�z$��h['��^��8GzſO͗~C�Qsm����'q�쉿s�\Saܪ~��|�ͼ!
E�)]
xOj'rP<�hɒŲ�a����َ�����fg�$Qia?<4e��u÷Z'q�k�0u甑��Rc�8�k�omU.Z�:|-0:�(eOڃ
͏_R=q�D78;#齱�sSRf$Ea�a�CleG]���Ȧ�A}|�
�htGjK0b
c]2
�h�m˲в;r;E�C/�t8S��S)`aN�OɥLtkƮ�*iw9V�o4bdlFD�x;A̴%m]����"1v��c屮N$mp5�O�ֿ�� \)#C0��,b%SO5� TK�!1C\XFN'qjꅳ-cL-F.~�i�FBB�Ʌ]BhZVDITQ\oB \+X*n���7?Tv�/]Y0(įS0\s
�q��a4|coz6ߘİ`1�lA@h!1560J�/ڱ��jGw^@��'U�
\- TI8I`y�\pA-H�mdg@�Ba^}:ba-�Km�����w`yR�αj!��.Q �ńläHYg*?0)xw$!p�qN~G`hH/?5T3gAkYi�n>]b"u薚oP(grI;yeZ5*�a/fC��)bkL엹'�41 +
s3㥜;x0Cȕ7Ovc0"h[~e�WZ�O�0zg"c$搗 ;]%�B?A5(ŵ|PEP4��^[�2? �o>q'(�>V�~�f#f�j�+DOڽ~A[/
�|ЀV�h)6h%��?��^�a3
��ꭶW&dә�V�ݼqW-W��B┘v֝jtߨK�0GH�vBE: �-mw@m{̿�|g�i�mm'Ca�a�8�h}v$LB%9.uyf�%��<0D�Nk�3\2,)(Vi�2*�?��mC|k&=*�6O`^DR{�K,Y!\]\�%1=7Ѳ[/3�叉h!=a�;Q�krQ�;�XECհ�t?�I�ؓI M��~VA B�{Q&�!}Z�W:��U�L�8'C�-[85"S`_'ͪo�pţdƪڛ;doΪ�Ƥk�Rv/o�]THp@̟K|?,�N~�7
o0vkc%t^1l�d)є
�z*h_$@W@���-Gv%8 �}Ź/=��m'(G̻Sl3�q0+�:Y!5΄�ҥg�eO7:$=DmJ-�z�ުB@j�a<`��97e�+�kJ@`>T5�l ʼ�LKW
//�9