������xen-doc-html-4.12.2_04-lp151.2.15.1����������������������������������������������������������� ���4���>�������$�����������������������
�����������������������A�������������������������������������������������������������������������p�����^ո/=���U��2*��K^*P��2�Z?�L(tPQY #?h%\8Љ"�: Q`F-B���4m4�3Ěg1Χ{Y怔<�'N!e3�vo+b)am2]�!1!F4c)T~o(Ӟ�J'~d7)�0|>
p�8Ǔ9i�v��RO�DO�}�dF1
2,v�D�~
P
,|^�7@M:qc21c4966e3c5b0ed1cb422b07258a3150e45e353�a2bdeb210ef5a46d9acfc31a7afdda70399456d6904ec6da2c4a18f35d0e2d07�����T�����^ո/=��lN�#=��Z8/��j/*Z���Xw:>n-HIeGrn+mEA�S�&���RKs(1p wꑶ42;�>7ϱ*E
&\jY_w|1J��S0Ґ_)��gA5[5�@a|0z�`r���wF���M��M-F\v$!Wm|(,0v0��2dI7v~;QZÐzЬJ(6(j.a6/$}C^t
N-�bUPQ� �������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������>����p����������������9�����?������p�������d��������������������������������������������������������������� ���&���������� ���M������������������������������������������������������������������������������������������������������������ ��������������������������������A��������������G���������������P���M��������������M��� �����������M���
����������M��������������M��������������M���
�����������M�����������<���M��������������M�����������>���������������d���M��������������������������������������������������������O�������(�������s�������8�������|���B���9������"���B���:������8;���B���G������x(���M���H������y\���M���I������z���M���X������z�������Y������z�������\������{����M���]������|L���M���^�������������b�������������c������n�������d�������������e��������������f��������������l��������������u����������M���v������L������������� �������������$�������������*�������������l����C�xen-doc-html�4.12.2_04�lp151.2.15.1�Xen Virtualization: HTML documentation�Xen is a virtual machine monitor for x86 that supports execution of
multiple guest operating systems with unprecedented levels of
performance and resource isolation.
xen-doc-html contains the online documentation in HTML format. Point
your browser at file:/usr/share/doc/packages/xen/html/
Authors:
--------
Ian Pratt �^lamb77��� ~openSUSE Leap 15.1�openSUSE�GPL-2.0-only�http://bugs.opensuse.org�Documentation/HTML�http://www.cl.cam.ac.uk/Research/SRG/netos/xen/�linux�x86_64�������������������������o������������������������t��������9��D��A'�����������������������6�����@�����7x��3����#����������B��������������������(����������W��
c������
���W���e�����
���$��,��7�����6H��"y���j�������Q����� ��<��3�����
���"������z��2��9������
�����6@�����\xAAAA큤A큤A큤A큤A큤A큤A큤A큤����������������������������������������������������������������������������������������������������������������������������������������������������������^^�^�^^�^�^^�^^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^^�^�^^�^����e171864f5cfbf7c7b3fecd9b9fbeb3da9e87f63a7284ee52eeed093f8ad303ec�f53beaf653f26eae12ff7ced3bf0735dbedad0d8baf45d31e32d33e0b868bfa9��54e980d65bcde307bad2efeab9640ef5c720b4ebc78ac8cc1eb48bd6134a5280��b3422df9c1ad850ce9b456e83713da51f123c2286cf1f9fd4eb97f57c3eca9ad�bd5267a76a14fe4153f4ca727fb99f1c0bec9e8ff77302865a83919fa74e2b8d��b80b94ff1a198b4d6e03dcc25f86a1b332a80cf36f7df4bba07c19d192059b2c�ef514a67cdff39837020d8d96a1ba5eda7d01962b24dab6fee8c475ef8081dd8�37e73cf353da4bddd8d662b9cf85d2a807ecca293298fe8b00cd352cf958104b�078f07651ae04fc86183bc953a94d4437042b3a3e5182bfd03e899ed64ce4bbd�561b47426bf32b42f14d7c7c61466a753a6c7dff614ed227f34a3e646040c6cb�d344261e1861b09d9bb8bb11a3caa1fcf632c9edc2107b175ecd48555e9bc639�851050a5d238d9b38e13e23f494782688926fa6c7aa008016b3ea433277f32c6�d7554269b2dc588684a32eea5da8b59ef1347b8fcebabf743127a8d51f8ed283�8c60977071d97490acda0485b064d9480c95b878f280d9c1f79d960b7854985c�2015fd56a367e006535db8b49524ae66cd08c0afcd4ef0602fe65a9807c3302d�61b4dbbfa7a6fa0573416e7292e459d6493fb933380541ba8fc8598dff289775�d07b7ee778bc7d235842e6fbfb0e33f9459e0d93dea5311bd00894c6495d7e8f�e466c9be077fa0ef0ced23a246e92d14cc0cc8fd757931079cf928689b544b32�6b03382516373fc9221dc98277ed58043f0d5b49a8cf0913e57e5e47220c2c96�9ee6135d71a7bc45978b5053451cfbb78bf8b1a5f6494e677bde29652eee3ff5�9a8c771f2fb58d22ee3f0764495a5a3a33d4b3fbe946ff9f9db3734ec8b211ad�4040c61e56acba239b76d0bdd6f9a10b0e60f694e5b9832577336615df9416bf�ebcc9fac4476929cdaea315186f3cc51c3937e129a5424d403036350b2337657�4371cc47909aee32715d5104b6a3c97d6a699beefe9587b72087783636c328d3�3863d96b9419f4afb48eb0535f312a84a3def79f7d7a5b41e3747366bb46340e�b3e1c4bbda2c55f72a5a5a11d272e7d4ce4bb5c2d12c4c2d6b40de640b4912d3��df5076c347e7cad2371f3dc0bc10c6877c8f5251a5a57ddc6c79e1f9b532f89f��9b3fc4dd2d139ace9382e594c2c73439a9d4f100fc61c4e4f9294d4239776620�fbf590c80aef40b7e6ab58cefe9e4351ef6afaa6bcaf4e55d7809df6392fdb96��aadfa0507b89d930b9500c7a95869685253e2082a4d704ad9ab9a720307e4e19�a4e5ede94dd88cd418f7f9055306474ee16f502772341ee0cd7fe83eb735ee68�4faf9f22847781296550c42f0955595f5f23eff9cf7b00ca27ee70988aaee9f7�ec2154a382909b7652464c29ad603492e27c76bd7d0de3b5198d0867fe0a75eb�d93bafe2e73cf681a88dca3217d79376c353ff4e1e5ecee8c41c70e11b8c9e2d�cfcdd851724d27ac6e7db6d1ebea36939bfc87abb5ee94ed0789538023410245�976728897864907825a5a2538c25cd0aa407ba15e58bed9f42232379103f1ee4�738b1644bb9c4dfc41af8064e2a518120b48fbc4e08145393f66b0c5a021e938�3e1b12a7de8ed88ffe79de11f77b2f77d6e814b4cd106cb06351b91959ea992e�91b95599c26b803f2c8bfb407d7ea7de55a783c40780dcb7f993af187e4d4200�a7cd1ffaf63b68eb2cc3c3d663847edfeeeed22d3b1039b423ec94b5198ad7da�ba0315ada992171ac097279a5924539c83bc431e243edc9efd772f673fd5301b�c159111fcd005b864ab1f4b803e059590043471e04d0ac7ec96fe74dbf857c00�3a9b4163966919de58c0d14d493b5d7c6826e43bd61f2eda3c2a4a33fd26f285�982fb97cc7b4730fc7c1c5289c87cc4d1dfe6184c7908079cfb34de8b6d4d200�fa7a5cd899e7aab4589a5d0193118825ac5072abd29bfa809c3b3aa704ec1d43�2c80a00b3c661489ab62333993243951154c8ffe56cf475ebcb8a54982ecbd14�5cbe19ee58416bcf16a88f474895a8626db19ae5f3654c894d7337bcf72c1fc5�9037f947f713649a84322888eb75d9dad867249c4c135787affea14ee1cf2c50�b4403362cc91e5249e9a32270b77e1d08f1217206215cbdcbd7b4f179b7787b0�56e065805b649e73f32af8d7b9fd0a5b317668d9ecd29a382e968e6466945103�b1f10e378ccf028b0040d857506d6a2f9f9f7202547fb83347ebc6cf52cf4d32�28d603a99a49af40bf7589771dd6810ba68ffd01c20c7d7743ec76891e07a485�1f086e043731368850e313269ca98ab91c156529ac3b961a67f54a522ef09396�5d6be4431b21e9ec2fc3e6c70050a26c3c78777e5200cad4282b96411eb4c871�e9845d2b4b1163c8f2f71b3f232161df132b103360ee3fb48495eabd71c2be87�437b2d33715486da3e3443c567a5b9cb6b8f54c07b3fac562cc7f7d20c570e6d�f66605f996aa6d38f8234276f2b8fa5c54a10903b7fa29d49d6dbdae30ef984b�372a6dbe9c2786b09c1d722ffa63f7cff6848a3b35a68d4fbd7770dfee8c9157�c4151eb9d4bb2e16e25f710099b13ab6c7b0dec076e76d504e091cf2642a805f�8128ce2d59c9e5bfebe0a433ae1306e8a719631f940b74c2751182c03bf29543�9a80dbf1fabbfc82ede8ce1fe4f43a5c4bb36450cafa0e20cb488f196d3031a4��ba0315ada992171ac097279a5924539c83bc431e243edc9efd772f673fd5301b�e9845d2b4b1163c8f2f71b3f232161df132b103360ee3fb48495eabd71c2be87�09f356e0f5a312c066c5086167794c740b8dcec93ffcee5eec77581dfb9f8144�372a6dbe9c2786b09c1d722ffa63f7cff6848a3b35a68d4fbd7770dfee8c9157�98394ef67fe837f917dc3f0101b89193414868cd6bd7c94ceb5ab3ccc7ed408f����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�xen-4.12.2_04-lp151.2.15.1.src.rpm����xen-doc-html�xen-doc-html(x86-64)������
���
���
���
���
rpmlib(CompressedFileNames)�rpmlib(FileDigests)�rpmlib(PartialHardlinkSets)�rpmlib(PayloadFilesHavePrefix)�rpmlib(PayloadIsXz)�3.0.4-1�4.6.0-1�4.0.4-1�4.0-1�5.2-1�4.14.1���^^�^s^^ku^h^V]^M#@^0"@^�@^�!@]B]*]X]d@]@]@]]fl]M`@]B@]�@]�]�@\\ޢ@\ڭ\\@\@\�@\,@\7\\N\�@\\+@\\M\M\�\�\@\}�@\k\X)@\J@\I\A\?�\=@\9\73\4\$\�l@[H[k@[@[^[^[ā@[@[@[9@[v[W�[CN@[<[6�@[0@[0@['[!�@[�5@Z@ZnZ�@ZZZ@ZmZԐ@ZZZ@ZZ}@Z}@Z}@Z}@Zz@Zz@Zo�Zk�@ZV�@ZS]@ZOhZ:PZ1�@Z.s@Z&@Z�OZ�OZ� Z� Z� Z�@Z�@Z
}Z�C@Z�Y�Y�Y�Y|Y@Y{Y*@Y5YA@Y4YY�YbY�Y@Y3Y@YJYJY@YYV@Y�@Ym@Yw2Yp@YlYh@Yh@YS@YJ_YI�@Y5GY0�Y-^Y(�Y"Y�Y�;@Y�Y��Y�@Y�tY�.X@XQ@X@XۡXg@X@X@X@X @X@X@X�@X�@XXX@XXXwoXs{@XlXWXRXQ4@XEVX43@X.@X*X lX�&X�@X�X�@W@W֘W֘W^@WiW:Wt@W.@W9WW@Wk@Wi,@WbWZWZWZWYZ@WV@WEWBW=W;�W3�W1@W1@W,@W(W(W(W(W(W#LW�VbV(@V3VJVxV'@VV2V͛@VŲ@V`VwVVV=@VV@VHV@VvV%@VV<@V@VS@V�V@V^VwVqR@Vn@VXEVUVTQ@VMVMVMVA@V;DV9@V7P@V0V*!@V V�@V�CV�V�V�f@V�qV�@UYU�@U�@UUݪ@U�@UnU4@UUK@U�U@UU>U@Ux&Un@U\w@U[%UUUPUKSU>$U6;U%�@U�U�@U�U�U�.@TgT-@TT@TZ@TZ@T@T�T@T5T@TLTLT~@Tl@Ti@Ta@THT?@T=�@carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�Jim Fehlig �ohering@suse.de�Martin Liška �ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�Jan Engelhardt �Guillaume GARDET �Guillaume GARDET �Bernhard Wiedemann �carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�Bernhard Wiedemann �ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�trenn@suse.de�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�ohering@suse.de�jfehlig@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�rbrown@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�jfehlig@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�jfehlig@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�ohering@suse.de�jfehlig@suse.com�carnold@suse.com�jfehlig@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�mlatimer@suse.com�carnold@suse.com�cyliu@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�rguenther@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�rguenther@suse.com�carnold@suse.com�meissner@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�- bsc#1169392 - VUL-0: CVE-2020-11742: xen: Bad continuation
handling in GNTTABOP_copy (XSA-318)
5e95afb8-gnttab-fix-GNTTABOP_copy-continuation-handling.patch�- bsc#1168140 - VUL-0: CVE-2020-11740, CVE-2020-11741: xen: XSA-313
multiple xenoprof issues
5e95ad61-xenoprof-clear-buffer-intended-to-be-shared-with-guests.patch
5e95ad8f-xenoprof-limit-consumption-of-shared-buffer-data.patch
- bsc#1168142 - VUL-0: CVE-2020-11739: xen: XSA-314 - Missing
memory barriers in read-write unlock paths
5e95ae77-Add-missing-memory-barrier-in-the-unlock-path-of-rwlock.patch
- bsc#1168143 - VUL-0: CVE-2020-11743: xen: XSA-316 - Bad error
path in GNTTABOP_map_grant
5e95af5e-xen-gnttab-Fix-error-path-in-map_grant_ref.patch
- bsc#1167152 - L3: Xenstored Crashed during VM install Need Core
analyzed
5e876b0f-tools-xenstore-fix-use-after-free-in-xenstored.patch
- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog
bug soft lockup CPU #0 stuck under high load / upstream with
workaround. See also bsc#1134506
5e86f7b7-credit2-avoid-vCPUs-with-lower-creds-than-idle.patch
5e86f7fd-credit2-fix-credit-too-few-resets.patch
- Drop for upstream solution (bsc#1165206)
01-xen-credit2-avoid-vcpus-to.patch
02-xen-credit2-fix-runq-cand-skip.patch
- Upstream bug fixes (bsc#1027519)
5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch
5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch
5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch
5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch
5e846cce-x86-HVM-fix-AMD-ECS-handling-for-Fam10.patch
5e84905c-x86-ucode-AMD-fix-more-potential-buffer-overruns.patch�- Update API compatibility versions. Fixes issues for libvirt.
See bsc#1167007 and bsc#1157490�- bsc#1155200 - L3: L3-Support: aacraid blocks xen commands - ref:
_00D1igLOd._5001iIvV1f:ref
5d976da3-libxl-attach-PCI-device-to-qemu-only-after-setting-pciback-pcifront.patch�- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog
bug soft lockup CPU #0 stuck under high load / upstream with
workaround. See also bsc#1134506
01-xen-credit2-avoid-vcpus-to.patch
02-xen-credit2-fix-runq-cand-skip.patch�- bsc#1160932 - VUL-0: xen: XSA-312 v1: arm: a CPU may speculate
past the ERET instruction
5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch
- Upstream bug fixes (bsc#1027519)
5e21ce98-x86-time-update-TSC-stamp-after-deep-C-state.patch
5e286cce-VT-d-dont-pass-bridges-to-domain_context_mapping_one.patch
5e318cd4-x86-apic-fix-disabling-LVT0.patch
5e3bd385-EFI-recheck-variable-name-strings.patch
5e3bd3d1-EFI-dont-leak-heap-VIA-XEN_EFI_get_next_variable_name.patch
5e3bd3f8-xmalloc-guard-against-overflow.patch
5e46e090-x86-smp-reset-x2apic_enabled-in-smp_send_stop.patch
5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch
5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch
- Drop 5e1dd8f3-Arm-fix-build-after-892b9dcebdb7.patch�- Fix broken ARM build
5e1dd8f3-Arm-fix-build-after-892b9dcebdb7.patch�- bsc#1162040 - L3: Problems Booting Fedora31 VM on sles15 sp1 Xen
Dom0
5d53ed45-pygrub-Failing-to-set-value-to-0-in-Grub2ConfigFile.patch�- Upstream bug fixes (bsc#1027519)
5e16fb6a-x86-clear-per-cpu-stub-page-info.patch
5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch�- Update to Xen 4.12.2 bug fix release (bsc#1027519)
xen-4.12.2-testing-src.tar.bz2
- Drop patches contained in new tarball
5d419d49-x86-spec-ctrl-report-proper-status.patch
5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch
5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch
5d4afa7a-credit2-fix-memory-leak.patch
5d4d850a-introduce-bss-percpu-page-aligned.patch
5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch
5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch
5d6524ca-x86-mm-correctly-init-M2P-entries.patch
5d67ceaf-x86-properly-gate-PKU-clearing.patch
5d70bfba-x86-shadow-dont-enable-with-too-small-allocation.patch
5d779811-x86-fix-CPUID7-0-eax-levelling-MSR.patch
5d77b40f-fix-hvm_all_ioreq_servers_add_vcpu-cleanup.patch
5d80ea13-vpci-honor-read-only-devices.patch
5d89d8d9-libxc-x86-avoid-overflow-in-CPUID-APIC-ID.patch
5d8b715f-ACPI-cpuidle-bump-max-num-of-states.patch
5d8ce179-sched-dont-leak-XEN_RUNSTATE_UPDATE.patch
5d947b01-x86-crash-force-unlock-console.patch
5d948bdb-IOMMU-add-missing-HVM-check.patch
5d9ef2a1-EFI-deref-pointer-in-set_color.patch
5d9ef2c5-EFI-gfx-mode-for-MB2-boot.patch
5d9ef2ef-PCI-clear-maskall-fields-on-assign.patch
5d9f454a-x86-EFI-pixel-reserved-0.patch
5db07974-x86-update-time-info-on-TSC-adjustments.patch
5db2b4a2-x86-is_xen_fixed_mfn-off-by-1.patch
5db892ac-VT-x-correct-BDF93-workaround.patch
5db892ac-VT-x-fix-Haswell-Broadwell-LBR-TSX-errata.patch
5dbaf89f-dont-use-BUG-for-parameter-checking.patch
5dbaf8e0-x86-PV-check-GDT-LDT-limits-during-emulation.patch
5dbaf990-x86-mm-L1TF-checks-dont-leave-partial-entry.patch
5dbaf9b2-x86-mm-dont-re-set-PGT_pinned-on-partial-page.patch
5dbaf9ce-x86-mm-split-partial_pte-tristate.patch
5dbaf9f5-x86-mm-use-flags-for-_put_page_type.patch
5dbafa13-x86-mm-rework-get_page_and_type_from_mfn-conditional.patch
5dbafa46-x86-mm-alloc_lN_table-clear-partial_flags-when-preempting.patch
5dbafa5c-x86-mm-always-retain-general-ref-on-partial.patch
5dbafa7f-x86-mm-collapse-PTF_partial_.patch
5dbafaa4-x86-mm-properly-handle-linear-pt-promotion-failure.patch
5dbafabd-x86-mm-fix-nested-devalidation-on-error.patch
5dbafad5-x86-mm-dont-drop-type-ref-unless.patch
5dbafb0d-Arm-p2m-avoid-aliasing-guest-physical-frame.patch
5dbafb4e-Arm-p2m-avoid-off-by-1-check-on-max_mapped_gfn.patch
5dbafb72-Arm-p2m-dont-check-p2m_get_root_pointer-ret-with-BUG_ON.patch
5dbafba5-passthrough-quarantine-PCI-devices.patch
5dbafbda-Arm32-entry-Split-__DEFINE_ENTRY_TRAP.patch
5dbafbfd-Arm32-entry-fold-SAVE_ALL-into-vector-macro.patch
5dbafc3a-Arm32-dont-unmask-interrupts-on-trap-without-level-change.patch
5dbafc4f-Arm64-dont-unmask-interrupts-on-trap-without-level-change.patch
5dbc0d64-x86-fix-CONFIG_PV-build-following-XSA-299.patch
5dca846c-x86-fix-clear_IO_APIC_pin-raw-writes.patch
5dca84a2-AMD-IOMMU-dont-needlessly-trigger-errors-on-unmap.patch
5dcae816-VT-d-hide-superpages-for-SandyBridge.patch
5dcae816-VT-x-runtime-modification-of-exec-sp.patch
5dcae816-VT-x-work-around-executable-EPT-superpages.patch
5dcae816-x86-introduce-tsx-option.patch
5dcae816-x86-spec-ctrl-mitigate-TAA.patch
5dd6b229-add-va_end-to-hypercall_create_continuation.patch
5dd8126b-x86-vLAPIC-allow-APIC_SPIV_FOCUS_DISABLED.patch
5dd93ce0-vVMX-fix-livelock-with-XSA-304-fix.patch
5ddbb3d3-x86-mm-adjust-linear-usage-accounting.patch
5ddcff90-libxc-x86-dont-bump-ApicIdCoreSize-past-7.patch
5ddd2555-IOMMU-always-quarantine-PCI-devs.patch
5ddd25f9-EFI-fix-efi=attr-handling.patch
5ddfa851-VMX-always-sync-PIR-to-IRR.patch
5ddfd62b-x86-internal-IRQs-honor-PEOI-stack.patch
5de0007e-SVM-always-intercept-ICEBP.patch
5de0007e-SVM-write-correct-eip-into-outgoing-task.patch
5de0007e-VMX-early-task-switch-failures-semantics.patch
5de1632a-x86-IOMMU-scratch-page-in-quarantine-dom.patch
5de19115-rationalize-max-grant_frames-maptrack_frames.patch
5de52a86-x86-PSR-dont-write-out-of-range-COS.patch
5de65f84-gnttab-map-always-do-IOMMU-part.patch
5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch
xsa307.patch
xsa308.patch
xsa309.patch
xsa310-1.patch
xsa310-2.patch
xsa310-3.patch
xsa311.patch�- bsc#1158003 - VUL-0: CVE-2019-19581,CVE-2019-19582: xen: XSA-307
- find_next_bit() issues
xsa307.patch
- bsc#1158004 - VUL-0: CVE-2019-19583: xen: XSA-308 - VMX: VMentry
failure with debug exceptions and blocked states
xsa308.patch
- bsc#1158005 - VUL-0: CVE-2019-19578: xen: XSA-309 - Linear
pagetable use / entry miscounts
xsa309.patch
- bsc#1158006 - VUL-0: CVE-2019-19580: xen: XSA-310 - Further
issues with restartable PV type change operations
xsa310-1.patch
xsa310-2.patch
xsa310-3.patch
- bsc#1158007 - VUL-0: CVE-2019-19577: xen: XSA-311 - dynamic
height for the IOMMU pagetables
xsa311.patch
- Upstream bug fixes (bsc#1027519)
5dd6b229-add-va_end-to-hypercall_create_continuation.patch
5dd8126b-x86-vLAPIC-allow-APIC_SPIV_FOCUS_DISABLED.patch
5dd93ce0-vVMX-fix-livelock-with-XSA-304-fix.patch
5ddbb3d3-x86-mm-adjust-linear-usage-accounting.patch
5ddcff90-libxc-x86-dont-bump-ApicIdCoreSize-past-7.patch
5ddd2555-IOMMU-always-quarantine-PCI-devs.patch (Replaces xsa306.patch)
5ddd25f9-EFI-fix-efi=attr-handling.patch
5ddfa851-VMX-always-sync-PIR-to-IRR.patch
5ddfd62b-x86-internal-IRQs-honor-PEOI-stack.patch
5de0007e-VMX-early-task-switch-failures-semantics.patch
5de0007e-SVM-always-intercept-ICEBP.patch
5de0007e-SVM-write-correct-eip-into-outgoing-task.patch
5de1632a-x86-IOMMU-scratch-page-in-quarantine-dom.patch
5de19115-rationalize-max-grant_frames-maptrack_frames.patch
5de52a86-x86-PSR-dont-write-out-of-range-COS.patch
5de65f84-gnttab-map-always-do-IOMMU-part.patch
5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch�- bsc#1157047 - PCI passthrough failed on AMD machine xen host
5dca846c-x86-fix-clear_IO_APIC_pin-raw-writes.patch
5dca84a2-AMD-IOMMU-dont-needlessly-trigger-errors-on-unmap.patch
- bsc#1157888 - - VUL-0: xen: Device quarantine for alternate pci
assignment methods
xsa306.patch
- Upstream bug fixes (bsc#1027519)
5dcae816-VT-x-runtime-modification-of-exec-sp.patch
5dcae816-VT-d-hide-superpages-for-SandyBridge.patch (Replaces xsa304-1.patch)
5dcae816-VT-x-work-around-executable-EPT-superpages.patch (Replaces xsa304-2.patch)
5dcae816-x86-introduce-tsx-option.patch (Replaces xsa305-1.patch)
5dcae816-x86-spec-ctrl-mitigate-TAA.patch (Replaces xsa305-2.patch)�- Minor adjustments to these security patches for bsc#1155945 and
bsc#1152497
xsa304-1.patch
xsa304-2.patch
xsa305-1.patch
xsa305-2.patch�- bsc#1154448 - VUL-0: CVE-2019-18420: xen: XSA-296:
VCPUOP_initialise DoS
5dbaf89f-dont-use-BUG-for-parameter-checking.patch
- bsc#1154456 - VUL-0: CVE-2019-18425: xen: XSA-298: missing
descriptor table limit checking in x86 PV emulation
5dbaf8e0-x86-PV-check-GDT-LDT-limits-during-emulation.patch
- bsc#1154458 - VUL-0: CVE-2019-18421: xen: XSA-299: Issues with
restartable PV type change operations
5dbaf990-x86-mm-L1TF-checks-dont-leave-partial-entry.patch
5dbaf9b2-x86-mm-dont-re-set-PGT_pinned-on-partial-page.patch
5dbaf9ce-x86-mm-split-partial_pte-tristate.patch
5dbaf9f5-x86-mm-use-flags-for-_put_page_type.patch
5dbafa13-x86-mm-rework-get_page_and_type_from_mfn-conditional.patch
5dbafa46-x86-mm-alloc_lN_table-clear-partial_flags-when-preempting.patch
5dbafa5c-x86-mm-always-retain-general-ref-on-partial.patch
5dbafaa4-x86-mm-properly-handle-linear-pt-promotion-failure.patch
5dbafabd-x86-mm-fix-nested-devalidation-on-error.patch
5dbafad5-x86-mm-dont-drop-type-ref-unless.patch
5dbc0d64-x86-fix-CONFIG_PV-build-following-XSA-299.patch
- bsc#1154460 - VUL-0: CVE-2019-18423: xen: XSA-301: add-to-physmap
can be abused to DoS Arm hosts
5dbafb0d-Arm-p2m-avoid-aliasing-guest-physical-frame.patch
5dbafb4e-Arm-p2m-avoid-off-by-1-check-on-max_mapped_gfn.patch
5dbafb72-Arm-p2m-dont-check-p2m_get_root_pointer-ret-with-BUG_ON.patch
- bsc#1154461 - VUL-0: CVE-2019-18424: xen: XSA-302: passed through
PCI devices may corrupt host memory after deassignment
5dbafba5-passthrough-quarantine-PCI-devices.patch
- bsc#1154464 - VUL-0: CVE-2019-18422: xen: XSA-303: ARM:
Interrupts are unconditionally unmasked in exception handlers
5dbafbda-Arm32-entry-Split-__DEFINE_ENTRY_TRAP.patch
5dbafbfd-Arm32-entry-fold-SAVE_ALL-into-vector-macro.patch
5dbafc3a-Arm32-dont-unmask-interrupts-on-trap-without-level-change.patch
5dbafc4f-Arm64-dont-unmask-interrupts-on-trap-without-level-change.patch
- bsc#1155945 - VUL-0: CVE-2018-12207: xen: Machine Check Error
Avoidance on Page Size Change (aka IFU issue)
xsa304-1.patch
xsa304-2.patch
- bsc#1152497 - VUL-0: CVE-2019-11135: xen: XSA-305: TSX
Asynchronous Abort (TAA) issue
xsa305-1.patch
xsa305-2.patch
- Upstream bug fixes (bsc#1027519)
5d9ef2a1-EFI-deref-pointer-in-set_color.patch
5d9f454a-x86-EFI-pixel-reserved-0.patch
5db2b4a2-x86-is_xen_fixed_mfn-off-by-1.patch
5d9ee2f0-AMD-IOMMU-allocate_buffer-avoid-memset.patch
5db892ac-VT-x-fix-Haswell-Broadwell-LBR-TSX-errata.patch
5d948bdb-IOMMU-add-missing-HVM-check.patch
5d9ee312-AMD-IOMMU-prefill-all-DTEs.patch
5d9ef2c5-EFI-gfx-mode-for-MB2-boot.patch
5db892ac-VT-x-correct-BDF93-workaround.patch
5d947b01-x86-crash-force-unlock-console.patch
5d8ce179-sched-dont-leak-XEN_RUNSTATE_UPDATE.patch
5d9ef2ef-PCI-clear-maskall-fields-on-assign.patch
5d9ee2a8-AMD-IOMMU-alloc-1-devtab-per-PCI-seg.patch
5db07974-x86-update-time-info-on-TSC-adjustments.patch
5dbafa7f-x86-mm-collapse-PTF_partial_.patch�- bsc#1120095 - add code to change LIBXL_HOTPLUG_TIMEOUT at runtime
The included README has details about the impact of this change
libxl.LIBXL_HOTPLUG_TIMEOUT.patch�- bsc#1135799 - Partner-L3: Xen crashes on AMD ROME based machines
5ca7660f-x86-entry-drop-unused-includes.patch
5cf8da09-adjust-sysdom-creation-call-earlier-on-x86.patch
5cab2a6b-x86-ACPI-also-parse-AMD-tables-early.patch
5cab2ab7-x86-IOMMU-introduce-init-ops.patch
5cab2ae8-x86-IOMMU-abstract-iommu_supports_eim.patch
5cab2b4e-x86-IOMMU-abstract-iommu_enable_x2apic_IR.patch
5cab2b95-x86-IOMMU-initialize-iommu_ops-in.patch
5cac9a4b-x86-IOMMU-abstract-adjust_vtd_irq_affinities.patch
5cdeac7f-AMD-IOMMU-adjust-IOMMU-list-head-init.patch
5d0cf4e4-AMD-IOMMU-initialize-IRQ-tasklet-once.patch
5d149bb0-AMD-IOMMU-dont-add-IOMMUs.patch
5d1b3fab-AMD-IOMMU-restrict-feature-logging.patch
5d358508-x86-IRQ-desc-affinity-represents-request.patch
5d358534-x86-IRQ-consolidate-arch-cpu_mask-use.patch
5d358a67-AMD-IOMMU-pass-IOMMU-to-iterate_ivrs_entries-cb.patch
5d358a92-AMD-IOMMU-pass-IOMMU-to-amd_iommu_alloc_intremap_table.patch
5d39811c-x86-IOMMU-dont-restrict-IRQ-affinities.patch
5d417813-AMD-IOMMU-bitfield-extended-features.patch
5d417838-AMD-IOMMU-bitfield-control-reg.patch
5d41785b-AMD-IOMMU-bitfield-IRTE.patch
5d41787e-AMD-IOMMU-pass-IOMMU-to-gfu-intremap-entry.patch
5d4178ad-AMD-IOMMU-128bit-non-guest-APIC-IRTE.patch
5d4178fc-AMD-IOMMU-split-amd_iommu_init_one.patch
5d41793f-AMD-IOMMU-allow-enabling-without-IRQ.patch
5d417a16-AMD-IOMMU-adjust-IRQ-setup-for-x2APIC.patch
5d417ab6-AMD-IOMMU-enable-x2APIC-mode.patch
5d417b38-AMD-IOMMU-correct-IRTE-updating.patch
5d417b6a-AMD-IOMMU-dont-needlessly-log-headers.patch
5d4a9d25-AMD-IOMMU-drop-not-found-message.patch
5d80e7c0-AMD-IOMMU-free-shared-IRT-once.patch
5d80e80d-AMD-IOMMU-valid-flag-for-IVRS-mappings.patch
5d80e82e-AMD-IOMMU-alloc_intremap_table-callers-handle-errors.patch
5d80e857-x86-PCI-read-MSI-X-table-entry-count-early.patch
5d8b72e5-AMD-IOMMU-dont-blindly-alloc-intremap-tables.patch
5d8b730e-AMD-IOMMU-phantom-funcs-share-intremap-tables.patch
5d8b733b-x86-PCI-read-max-MSI-vector-count-early.patch
5d8b736d-AMD-IOMMU-replace-INTREMAP_ENTRIES.patch
5d8b7393-AMD-IOMMU-restrict-intremap-table-sizes.patch
- bsc#1145240 - [Migration]Can't pre-allocate 1 shadow pages
5d70bfba-x86-shadow-dont-enable-with-too-small-allocation.patch
- bsc#1137717 - [HPS Bug] Unable to install Windows Server 2016
with 2 CPUs setting (or above) under SLES12 SP4 Xen Server on AMD
ROME platform
5d89d8d9-libxc-x86-avoid-overflow-in-CPUID-APIC-ID.patch
- Upstream bug fixes (bsc#1027519)
5d67ceaf-x86-properly-gate-PKU-clearing.patch
5d779811-x86-fix-CPUID7-0-eax-levelling-MSR.patch
5d77b40f-fix-hvm_all_ioreq_servers_add_vcpu-cleanup.patch
5d80ea13-vpci-honor-read-only-devices.patch
5d8b715f-ACPI-cpuidle-bump-max-num-of-states.patch�- bsc#1145774 - Libivrtd segfaults when trying to live migrate a VM
Fix crash in an error path of libxl_domain_suspend with
libxl.helper_done-crash.patch�- Upstream bug fixes (bsc#1027519)
5d419d49-x86-spec-ctrl-report-proper-status.patch
5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch
5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch
5d4afa7a-credit2-fix-memory-leak.patch
5d4d850a-introduce-bss-percpu-page-aligned.patch
5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch
5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch
5d6524ca-x86-mm-correctly-init-M2P-entries.patch
- Drop 5d419d49-x86-spec-ctrl-facilities-report-wrong-status.patch�- Update to Xen 4.12.1 bug fix release (bsc#1027519)
xen-4.12.1-testing-src.tar.bz2
- Drop patches contained in new tarball
5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch
5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch
5c87b6c8-drop-arch_evtchn_inject.patch
5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch
5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch
5c8f752c-x86-e820-build-with-gcc9.patch
5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch
5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch
5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch
5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch
5c9e63c5-credit2-SMT-idle-handling.patch
5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch
5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch
5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch
5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch
5cd921fb-trace-fix-build-with-gcc9.patch
5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch
5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch
5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch
5cd926d0-bitmap_fill-zero-sized.patch
5cd92724-drivers-video-drop-constraints.patch
5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch
5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch
5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch
5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch
5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch
5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch
5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch
5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch
5cdeb9fd-sched-fix-csched2_deinit_pdata.patch
5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch
5cf0f6a4-x86-vhpet-resume-avoid-small-diff.patch
5cf16e51-x86-spec-ctrl-Knights-retpoline-safe.patch
5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch
5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch
5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch
5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch
5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch
5d03a0c4-6-Arm64-cmpxchg-simplify.patch
5d03a0c4-7-Arm32-cmpxchg-simplify.patch
5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch
5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch
5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch
5d03a0c4-B-bitops-guest-helpers.patch
5d03a0c4-C-cmpxchg-guest-helpers.patch
5d03a0c4-D-use-guest-atomics-helpers.patch
5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch
5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch
- Refreshed patches
libxl.pvscsi.patch�- bsc#1143563 - Speculative mitigation facilities report wrong status
5d419d49-x86-spec-ctrl-facilities-report-wrong-status.patch�- bsc#1138563 - L3: xenpvnetboot improperly ported to Python 3
fix-xenpvnetboot.patch�- bsc#1138294 - VUL-0: CVE-2019-17349: XSA-295: Unlimited Arm
Atomics Operations
5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch
5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch
5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch
5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch
5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch
5d03a0c4-6-Arm64-cmpxchg-simplify.patch
5d03a0c4-7-Arm32-cmpxchg-simplify.patch
5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch
5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch
5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch
5d03a0c4-B-bitops-guest-helpers.patch
5d03a0c4-C-cmpxchg-guest-helpers.patch
5d03a0c4-D-use-guest-atomics-helpers.patch
5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch
5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch
- Upstream bug fixes (bsc#1027519)
5c87b6c8-drop-arch_evtchn_inject.patch
5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch
5cd921fb-trace-fix-build-with-gcc9.patch
5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch
5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch
5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch
5cd926d0-bitmap_fill-zero-sized.patch
5cd92724-drivers-video-drop-constraints.patch
5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch (Replaces xsa297-0a.patch)
5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch (Replaces xsa297-0b.patch)
5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch (Replaces xsa297-0c.patch)
5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch (Replaces xsa297-0d.patch)
5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch (Replaces xsa297-1.patch)
5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch (Replaces xsa297-2.patch)
5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch (Replaces xsa297-3.patch)
5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch
5cdeb9fd-sched-fix-csched2_deinit_pdata.patch
5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch
5cf0f6a4-x86-vhpet-resume-avoid-small-diff.patch
5cf16e51-x86-spec-ctrl-Knights-retpoline-safe.patch�- Fix some outdated information in the readme
README.SUSE�- spec: xen-tools: require matching version of xen package
bsc#1137471�- Remove two stale patches
xen.build-compare.man.patch
xenpaging.doc.patch�- Disable LTO (boo#1133296).�- Remove arm32 from ExclusiveArch to fix build�- bsc#1111331 - VUL-0: CPU issues Q2 2019 aka "Group 4".
CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
xsa297-0a.patch
xsa297-0b.patch
xsa297-0c.patch
xsa297-0d.patch
xsa297-1.patch
xsa297-2.patch
xsa297-3.patch
- Update 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch and
drop 5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch
Refresh 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch�- bsc#1131811 - [XEN] internal error: libxenlight failed to create
new domain. This patch is a workaround for a systemd issue. See
patch header for additional comments.
xenstore-launch.patch�- bsc#1125378 - [xen][pygrub] Can not restore sle11sp4 pv guest
after upgrading host from sle11sp4 to sle15sp1
pygrub-python3-conversion.patch
- Fix "TypeError: virDomainDefineXML() argument 2 must be str or
None, not bytes" when converting VMs from using the xm/xend
toolstack to the libxl/libvirt toolstack. (bsc#1123378)
xen2libvirt.py�- bsc#1124560 - Fully virtualized guests crash on boot
5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch
- bsc#1121391 - GCC 9: xen build fails
5c8f752c-x86-e820-build-with-gcc9.patch
- Upstream bug fixes (bsc#1027519)
5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch
5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch
5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch
5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch
5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch
5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch
5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch
5c9e63c5-credit2-SMT-idle-handling.patch
5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch
5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch
5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch
5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch�- Install pkgconfig files into libdir instead of datadir�- Update to Xen 4.12.0 FCS release (fate#325107, fate#323901)
xen-4.12.0-testing-src.tar.bz2
* HVM/PVH and PV only Hypervisor: The Xen 4.12 release separates
the HVM/PVH and PV code paths in Xen and provides KCONFIG
options to build a PV only or HVM/PVH only hypervisor.
* QEMU Deprivilege (DM_RESTRICT): In Xen 4.12, this feature has
been vastly improved.
* Argo - Hypervisor-Mediated data eXchange: Argo is a new inter-
domain communication mechanism.
* Improvements to Virtual Machine Introspection: The VMI subsystem
which allows detection of 0-day vulnerabilities has seen many
functional and performance improvements.
* Credit 2 Scheduler: The Credit2 scheduler is now the Xen Project
default scheduler.
* PVH Support: Grub2 boot support has been added to Xen and Grub2.
* PVH Dom0: PVH Dom0 support has now been upgraded from experimental
to tech preview.
* The Xen 4.12 upgrade also includes improved IOMMU mapping code,
which is designed to significantly improve the startup times of
AMD EPYC based systems.
* The upgrade also features Automatic Dom0 Sizing which allows the
setting of Dom0 memory size as a percentage of host memory (e.g.
10%) or with an offset (e.g. 1G+10%).�- bsc#1130485 - Please drop Requires on multipath-tools in
xen-tools. Now using Recommends multipath-tools.
xen.spec�- Update to Xen 4.12.0 RC7 release (fate#325107, fate#323901)
xen-4.12.0-testing-src.tar.bz2�- Update to Xen 4.12.0 RC6 release (fate#325107, fate#323901)
xen-4.12.0-testing-src.tar.bz2�- bsc#1026236 - add Xen cmdline option "suse_vtsc_tolerance" to
avoid TSC emulation for HVM domUs if their expected frequency
does not match exactly the frequency of the receiving host
xen.bug1026236.suse_vtsc_tolerance.patch�- Update to Xen 4.12.0 RC5 release (fate#325107, fate#323901)
xen-4.12.0-testing-src.tar.bz2�- jsc#SLE-3059 - Disable Xen auto-ballooning
- Add CONFIG_DOM0_MEM to the spec file for managing dom0 memory.
xen.spec
- Disable autoballooning in xl.con
xl-conf-disable-autoballoon.patch�- Update gcc9-ignore-warnings.patch to fix build in SLE12�- bsc#1126325 - fix crash in libxl in error path
Setup of grant_tables and other variables may fail
libxl.prepare-environment-for-domcreate_stream_done.patch�- bsc#1127620 - Documentation for the xl configuration file allows
for firmware=pvgrub64 but we don't ship pvgrub64.
Create a link from grub.xen to pvgrub64
xen.spec�- Update to Xen 4.12.0 RC4 release (fate#325107, fate#323901)
xen-4.12.0-testing-src.tar.bz2
- Tarball also contains additional post RC4 security fixes for
Xen Security Advisories 287, 288, and 290 through 294.�- Update to Xen 4.12.0 RC3 release (fate#325107, fate#323901)
xen-4.12.0-testing-src.tar.bz2�- Update to Xen 4.12.0 RC2 release (fate#325107, fate#323901)
xen-4.12.0-testing-src.tar.bz2�- bsc#1121391 - GCC 9: xen build fails
gcc9-ignore-warnings.patch�- bsc#1122563 - Virtualization/xen: Bug no Xen on boot, missing
/proc/xen, after 4.11 -> 4.12 upgrade on X86_64/efi.
Keep xen.efi in /usr/lib64/efi for booting older distros.
xen.spec�- fate#326960: Package grub2 as noarch.
As part of the effort to have a unified bootloader across
architectures, modify the xen.spec file to move the Xen efi files
to /usr/share/efi/$(uname -m) from /usr/lib64/efi.�- Update to Xen 4.12.0 RC1 release (fate#325107, fate#323901)
xen-4.12.0-testing-src.tar.bz2
- Drop
5b505d59-tools-xentop-replace-use-of-deprecated-vwprintw.patch
5b76ec82-libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch
5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch
5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch
5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch
5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch
5b9784d2-x86-HVM-add-known_gla-helper.patch
5b9784f2-x86-HVM-split-page-straddling-accesses.patch
5bdc31d5-VMX-fix-vmx_handle_eoi.patch
gcc8-fix-array-warning-on-i586.patch
gcc8-fix-format-warning-on-i586.patch
gcc8-inlining-failed.patch
xen.bug1079730.patch�- bsc#1121960 - xen: sync with Factory
xen.spec
xen.changes�- Replace old $RPM_* shell vars.
- Run fdupes for all architectures, and not crossing
subvolume boundaries.�- Do not run %fdupes on aarch64 to avoid the hardlink-across-partition
rpmlint error�- Require qemu-seabios only on x86* as it is not available on non-x86
systems�- Avoid creating dangling symlinks (bsc#1116524)
This reverts the revert of tmp_build.patch�- Update to Xen 4.11.1 bug fix release (bsc#1027519)
xen-4.11.1-testing-src.tar.bz2
- 5b505d59-tools-xentop-replace-use-of-deprecated-vwprintw.patch
replaces xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch
- 5b76ec82-libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch
replaces xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch
- Drop the following patches contained in the new tarball
5b34b8fe-VMX-defer-vmx_vmcs_exit-as-long-as-possible.patch
5b3cab8e-1-VMX-MSR_DEBUGCTL-handling.patch
5b3cab8e-2-VMX-improve-MSR-load-save-API.patch
5b3cab8e-3-VMX-cleanup-MSR-load-save-infra.patch
5b3cab8f-1-VMX-factor-out-locate_msr_entry.patch
5b3cab8f-2-VMX-remote-access-to-MSR-lists.patch
5b3cab8f-3-VMX-improve-LBR-MSR-handling.patch
5b3cab8f-4-VMX-pass-MSR-value-into-vmx_msr_add.patch
5b3cab8f-5-VMX-load-only-guest-MSR-entries.patch
5b3f8fa5-port-array_index_nospec-from-Linux.patch
5b4321f6-x86-correctly-set-nonlazy_xstate_used-when-loading-full-state.patch
5b4488e7-x86-spec-ctrl-cmdline-handling.patch
5b471517-page_alloc-correct-first_dirty-calc-in-block-merging.patch
5b4c9a60-allow-cpu_down-to-be-called-earlier.patch
5b4db308-SVM-fix-cleanup-svm_inject_event.patch
5b5040c3-cpupools-fix-state-when-downing-a-CPU-failed.patch
5b5040f2-x86-AMD-distinguish-CU-from-HT.patch
5b505fe5-VMX-fix-find-msr-build.patch
5b508775-1-x86-distinguish-CPU-offlining-and-removal.patch
5b508775-2-x86-possibly-bring-up-all-CPUs.patch
5b508775-3-x86-cmdline-opt-to-avoid-use-of-secondary-HTs.patch
5b508ce8-VMX-dont-clobber-dr6-while-debug-state-is-lazy.patch
5b50df16-1-x86-xstate-use-guest-CPUID-policy.patch
5b50df16-2-x86-make-xstate-calculation-errors-more-obvious.patch
5b56feb1-hvm-Disallow-unknown-MSR_EFER-bits.patch
5b56feb2-spec-ctrl-Fix-the-parsing-of-xpti--on-fixed-Intel-hardware.patch
5b62ca93-VMX-avoid-hitting-BUG_ON.patch
5b6d84ac-x86-fix-improve-vlapic-read-write.patch
5b6d8ce2-x86-XPTI-parsing.patch
5b72fbbe-ARM-disable-grant-table-v2.patch
5b72fbbe-oxenstored-eval-order.patch
5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch
5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch
5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch
5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch
5b72fbbf-4-mm-Plumbing-to-allow-any-PTE-update-to-fail-with--ERESTART.patch
5b72fbbf-5-pv-Force-a-guest-into-shadow-mode-when-it-writes-an-L1TF-vulnerable-PTE.patch
5b72fbbf-6-spec-ctrl-CPUID-MSR-definitions-for-L1D_FLUSH.patch
5b72fbbf-7-msr-Virtualise-MSR_FLUSH_CMD-for-guests.patch
5b72fbbf-8-spec-ctrl-Introduce-an-option-to-control-L1D_FLUSH-for-HVM-HAP-guests.patch
5b72fbbf-x86-Make-spec-ctrl-no-a-global-disable-of-all-mitigations.patch
5b72fbbf-xl.conf-Add-global-affinity-masks.patch
5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch
5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch
5b75afef-x86-setup-avoid-OoB-E820-lookup.patch
5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch
5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch
5b8d5832-x86-assorted-array_index_nospec-insertions.patch
5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch
5bacae4b-x86-boot-allocate-extra-module-slot.patch
5bae44ce-x86-silence-false-log-messages.patch
5bb60c12-x86-split-opt_xpti.patch
5bb60c4f-x86-split-opt_pv_l1tf.patch
5bb60c74-x86-fix-xpti-and-pv-l1tf.patch
5bcf0722-x86-boot-enable-NMIs.patch
5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch
5bd076e9-x86-boot-init-debug-regs-correctly.patch
5bd076e9-x86-init-vcpu-debug-regs-correctly.patch
5bd0e0cf-vvmx-Disallow-the-use-of-VT-x-instructions-when-nested-virt-is-disabled.patch
5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch
5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch
5be2a308-x86-extend-get_platform_badpages.patch
5be2a354-x86-work-around-HLE-host-lockup-erratum.patch
xsa275-1.patch
xsa275-2.patch
xsa276-1.patch
xsa276-2.patch
xsa277.patch
xsa279.patch
xsa280-1.patch
xsa280-2.patch�- bsc#1116524 - Package xen-tools-4.11.0_09-2.1.x86_64 broken:
Missing /bin/domu-xenstore. This was broken because "make
package build reproducible" change. (boo#1047218, boo#1062303)
This fix reverses the change to this patch.
tmp_build.patch�- bsc#1115040 - VUL-0: CVE-2018-19961 CVE-2018-19962: xen:
insufficient TLB flushing / improper large page mappings with AMD
IOMMUs (XSA-275)
xsa275-1.patch
xsa275-2.patch
- bsc#1115043 - VUL-0: CVE-2018-19963: xen: resource accounting
issues in x86 IOREQ server handling (XSA-276)
xsa276-1.patch
xsa276-2.patch
- bsc#1115044 - VUL-0: CVE-2018-19964: xen: x86: incorrect error
handling for guest p2m page removals (XSA-277)
xsa277.patch
- bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even
when disabled (XSA-278)
5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch
- bsc#1115045 - VUL-0: xen: CVE-2018-19965: x86: DoS from attempting
to use INVPCID with a non-canonical addresses (XSA-279)
xsa279.patch
- bsc#1115047 - VUL-0: CVE-2018-19966: xen: Fix for XSA-240
conflicts with shadow paging (XSA-280)
xsa280-1.patch
xsa280-2.patch
- bsc#1114988 - VUL-0: CVE-2018-19967: xen: guest use of HLE
constructs may lock up host (XSA-282)
5be2a308-x86-extend-get_platform_badpages.patch
5be2a354-x86-work-around-HLE-host-lockup-erratum.patch
- bsc#1108940 - L3: XEN SLE12-SP1 domU hang on SLE12-SP3 HV
5bdc31d5-VMX-fix-vmx_handle_eoi.patch
- Upstream bug fixes (bsc#1027519)
5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch
5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch
5bacae4b-x86-boot-allocate-extra-module-slot.patch
5bae44ce-x86-silence-false-log-messages.patch
5bb60c12-x86-split-opt_xpti.patch
5bb60c4f-x86-split-opt_pv_l1tf.patch
5bb60c74-x86-fix-xpti-and-pv-l1tf.patch
5bcf0722-x86-boot-enable-NMIs.patch
5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch
5bd076e9-x86-boot-init-debug-regs-correctly.patch
5bd076e9-x86-init-vcpu-debug-regs-correctly.patch
5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch�- bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even
when disabled (XSA-278)
5bd0e0cf-vvmx-Disallow-the-use-of-VT-x-instructions-when-nested-virt-is-disabled.patch�- Use SMBIOS_REL_DATE instead of SMBIOS_DATE for reproducible binaries�- make package build reproducible (boo#1047218, boo#1062303)
* Set SMBIOS_REL_DATE
* Update tmp_build.patch to use SHA instead of random build-id
* Add reproducible.patch to use --no-insert-timestamp�- Building with ncurses 6.1 will fail without
xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch
- Building libxl acpi support on aarch64 with gcc 8.2 will fail without
xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch�- bsc#1106263 - L3: The affinity reporting via 'xl vcpu-list' is
apparently broken
5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch
5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch
5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch�- bsc#1094508 - L3: Kernel oops in fs/dcache.c called by
d_materialise_unique()
5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch
5b9784d2-x86-HVM-add-known_gla-helper.patch
5b9784f2-x86-HVM-split-page-straddling-accesses.patch
- bsc#1103279 - (CVE-2018-15470) VUL-0: CVE-2018-15470: xen:
oxenstored does not apply quota-maxentity (XSA-272)
5b72fbbe-oxenstored-eval-order.patch
- bsc#1103275 - (CVE-2018-15469) VUL-0: CVE-2018-15469: xen: Use of
v2 grant tables may cause crash on ARM (XSA-268)
5b72fbbe-ARM-disable-grant-table-v2.patch
- Upstream patches from Jan (bsc#1027519)
5b6d84ac-x86-fix-improve-vlapic-read-write.patch
5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch
5b75afef-x86-setup-avoid-OoB-E820-lookup.patch
5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch
5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch
5b8d5832-x86-assorted-array_index_nospec-insertions.patch
- Drop 5b741962-x86-write-to-correct-variable-in-parse_pv_l1tf.patch�- bsc#1078292 - rpmbuild -ba SPECS/xen.spec with xen-4.9.1 failed
xen.spec�- bsc#1091107 - VUL-0: CVE-2018-3646: xen: L1 Terminal Fault -VMM
(XSA-273)
5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch
5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch
5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch
5b72fbbf-4-mm-Plumbing-to-allow-any-PTE-update-to-fail-with--ERESTART.patch
5b72fbbf-5-pv-Force-a-guest-into-shadow-mode-when-it-writes-an-L1TF-vulnerable-PTE.patch
5b72fbbf-6-spec-ctrl-CPUID-MSR-definitions-for-L1D_FLUSH.patch
5b72fbbf-7-msr-Virtualise-MSR_FLUSH_CMD-for-guests.patch
5b72fbbf-8-spec-ctrl-Introduce-an-option-to-control-L1D_FLUSH-for-HVM-HAP-guests.patch
- bsc#1103276 - VUL-0: CVE-2018-15468: xen: x86: Incorrect
MSR_DEBUGCTL handling lets guests enable BTS (XSA-269)
5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch
- Upstream prereq patches for XSA-273 and other upstream fixes
(bsc#1027519)
5b34b8fe-VMX-defer-vmx_vmcs_exit-as-long-as-possible.patch
5b3cab8e-1-VMX-MSR_DEBUGCTL-handling.patch
5b3cab8e-2-VMX-improve-MSR-load-save-API.patch
5b3cab8e-3-VMX-cleanup-MSR-load-save-infra.patch
5b3cab8f-1-VMX-factor-out-locate_msr_entry.patch
5b3cab8f-2-VMX-remote-access-to-MSR-lists.patch
5b3cab8f-3-VMX-improve-LBR-MSR-handling.patch
5b3cab8f-4-VMX-pass-MSR-value-into-vmx_msr_add.patch
5b3cab8f-5-VMX-load-only-guest-MSR-entries.patch
5b4321f6-x86-correctly-set-nonlazy_xstate_used-when-loading-full-state.patch
5b505fe5-VMX-fix-find-msr-build.patch
5b56feb1-hvm-Disallow-unknown-MSR_EFER-bits.patch
5b56feb2-spec-ctrl-Fix-the-parsing-of-xpti--on-fixed-Intel-hardware.patch
5b62ca93-VMX-avoid-hitting-BUG_ON.patch
5b6d8ce2-x86-XPTI-parsing.patch
5b72fbbf-x86-Make-spec-ctrl-no-a-global-disable-of-all-mitigations.patch
5b72fbbf-xl.conf-Add-global-affinity-masks.patch
5b741962-x86-write-to-correct-variable-in-parse_pv_l1tf.patch�- Upstream patches from Jan (bsc#1027519)
5b3f8fa5-port-array_index_nospec-from-Linux.patch
5b4488e7-x86-spec-ctrl-cmdline-handling.patch
5b471517-page_alloc-correct-first_dirty-calc-in-block-merging.patch
5b4c9a60-allow-cpu_down-to-be-called-earlier.patch
5b4db308-SVM-fix-cleanup-svm_inject_event.patch
5b5040c3-cpupools-fix-state-when-downing-a-CPU-failed.patch
5b5040f2-x86-AMD-distinguish-CU-from-HT.patch
5b508775-1-x86-distinguish-CPU-offlining-and-removal.patch
5b508775-2-x86-possibly-bring-up-all-CPUs.patch
5b508775-3-x86-cmdline-opt-to-avoid-use-of-secondary-HTs.patch
5b508ce8-VMX-dont-clobber-dr6-while-debug-state-is-lazy.patch
5b50df16-1-x86-xstate-use-guest-CPUID-policy.patch
5b50df16-2-x86-make-xstate-calculation-errors-more-obvious.patch
gcc8-fix-format-warning-on-i586.patch
gcc8-fix-array-warning-on-i586.patch
- Drop xen.fuzz-_FORTIFY_SOURCE.patch
gcc8-fix-warning-on-i586.patch�- Update to Xen 4.11.0 FCS (fate#325202, fate#325123)
xen-4.11.0-testing-src.tar.bz2
disable-building-pv-shim.patch
- Dropped patches
5a33a12f-domctl-improve-locking-during-domain-destruction.patch
5a6703cb-x86-move-invocations-of-hvm_flush_guest_tlbs.patch
5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch
5a9985bd-x86-invpcid-support.patch
5ac72a48-gcc8.patch
5ac72a5f-gcc8.patch
5ac72a64-gcc8.patch
5ac72a69-gcc8.patch
5ac72a6e-gcc8.patch
5ac72a74-gcc8.patch
5ac72a7b-gcc8.patch
5ad4923e-x86-correct-S3-resume-ordering.patch
5ad49293-x86-suppress-BTI-mitigations-around-S3.patch
5ad600d4-x86-pv-introduce-x86emul_read_dr.patch
5ad600d4-x86-pv-introduce-x86emul_write_dr.patch
5ad8c3a7-x86-spec_ctrl-update-retpoline-decision-making.patch
5adda097-x86-HPET-fix-race-triggering-ASSERT.patch
5adda0d5-x86-HVM-never-retain-emulated-insn-cache.patch
5adde9ed-xpti-fix-double-fault-handling.patch
5ae06fad-SVM-fix-intercepts-for-SYS-CALL-ENTER-MSRs.patch
5ae31917-x86-cpuidle-init-stats-lock-once.patch
5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch
5aeaeaf0-sched-fix-races-in-vcpu-migration.patch
5aeb2c57-x86-retval-checks-of-set-guest-trapbounce.patch
5aec7393-1-x86-xpti-avoid-copy.patch
5aec7393-2-x86-xpti-write-cr3.patch
5aec744a-3-x86-xpti-per-domain-flag.patch
5aec744a-4-x86-xpti-use-invpcid.patch
5aec744a-5-x86-xpti-no-global-pages.patch
5aec744a-6-x86-xpti-cr3-valid-flag.patch
5aec744a-7-x86-xpti-pv_guest_cr4_to_real_cr4.patch
5aec744b-8-x86-xpti-cr3-helpers.patch
5aec74a8-9-x86-xpti-use-pcid.patch
5af1daa9-1-x86-traps-fix-dr6-handing-in-DB-handler.patch
5af1daa9-2-x86-pv-move-exception-injection-into-test_all_events.patch
5af1daa9-3-x86-traps-use-IST-for-DB.patch
5af1daa9-4-x86-traps-fix-handling-of-DB-in-hypervisor-context.patch
5af1daa9-x86-HVM-guard-against-bogus-emulator-ioreq-state.patch
5af1daa9-x86-vpt-support-IO-APIC-routed-intr.patch
5af97999-viridian-cpuid-leaf-40000003.patch
5afc13ae-1-x86-read-MSR_ARCH_CAPABILITIES-once.patch
5afc13ae-2-x86-express-Xen-SPEC_CTRL-choice-as-variable.patch
5afc13ae-3-x86-merge-bti_ist_info-use_shadow_spec_ctrl.patch
5afc13ae-4-x86-fold-XEN_IBRS-ALTERNATIVES.patch
5afc13ae-5-x86-rename-bits-of-spec_ctrl-infrastructure.patch
5afc13ae-6-x86-elide-MSR_SPEC_CTRL-handling-in-idle.patch
5afc13ae-7-x86-split-X86_FEATURE_SC_MSR.patch
5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch
5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch
5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch
5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch
5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch
5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch
5b0bc9da-x86-XPTI-fix-S3-resume.patch
5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x80000008.patch
5b0d2d91-x86-suppress-sync-when-XPTI-off.patch
5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch
5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch
5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch
5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch
5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch
5b238b92-x86-HVM-account-for-fully-eager-FPU.patch
5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
5b31e004-x86-HVM-emul-attempts-FPU-set-fpu_initialised.patch
5b323e3c-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
5b34882d-x86-mm-dont-bypass-preemption-checks.patch
5b348874-x86-refine-checks-in-DB-handler.patch
5b348897-libxl-qemu_disk_scsi_drive_string-break-out-common.patch
5b3488a2-libxl-restore-passing-ro-to-qemu-for-SCSI-disks.patch
5b34891a-x86-HVM-dont-cause-NM-to-be-raised.patch
5b348954-x86-guard-against-NM.patch
libxl.Add-a-version-check-of-QEMU-for-QMP-commands.patch
libxl.LIBXL_DESTROY_TIMEOUT.patch
libxl.qmp-Tell-QEMU-about-live-migration-or-snapshot.patch
xen_fix_build_with_acpica_20180427_and_new_packages.patch�- Submit upstream patch libacpi: fixes for iasl >= 20180427
git commit 858dbaaeda33b05c1ac80aea0ba9a03924e09005
xen_fix_build_with_acpica_20180427_and_new_packages.patch
This is needed for acpica package to get updated in our build service�- Upstream patches from Jan (bsc#1027519)
5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch (Replaces Spectre-v4-1.patch)
5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch (Replaces Spectre-v4-2.patch)
5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch (Replaces Spectre-v4-3.patch)
5b0bc9da-x86-XPTI-fix-S3-resume.patch
5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x80000008.patch
5b0d2d91-x86-suppress-sync-when-XPTI-off.patch
5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch
5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch
5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch
5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch (Replaces xsa267-1.patch)
5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch (Replaces xsa267-2.patch)
5b238b92-x86-HVM-account-for-fully-eager-FPU.patch
5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
5b31e004-x86-HVM-emul-attempts-FPU-set-fpu_initialised.patch
5b323e3c-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
5b34882d-x86-mm-dont-bypass-preemption-checks.patch (Replaces xsa264.patch)
5b348874-x86-refine-checks-in-DB-handler.patch (Replaces xsa265.patch)
5b348897-libxl-qemu_disk_scsi_drive_string-break-out-common.patch (Replaces xsa266-1-<>.patch)
5b3488a2-libxl-restore-passing-ro-to-qemu-for-SCSI-disks.patch (Replaces xsa266-2-<>.patch)
5b34891a-x86-HVM-dont-cause-NM-to-be-raised.patch
5b348954-x86-guard-against-NM.patch�- Fix more build gcc8 related failures with xen.fuzz-_FORTIFY_SOURCE.patch�- bsc#1098403 - fix regression introduced by changes for bsc#1079730
a PV domU without qcow2 and/or vfb has no qemu attached.
Ignore QMP errors for PV domUs to handle PV domUs with and without
an attached qemu-xen.
xen.bug1079730.patch�- bsc#1097521 - VUL-0: CVE-2018-12891: xen: preemption checks
bypassed in x86 PV MM handling (XSA-264)
xsa264.patch
- bsc#1097522 - VUL-0: CVE-2018-12893: xen: x86: #DB exception
safety check can be triggered by a guest (XSA-265)
xsa265.patch
- bsc#1097523 - VUL-0: CVE-2018-12892: xen: libxl fails to honour
readonly flag on HVM emulated SCSI disks (XSA-266)
xsa266-1-libxl-qemu_disk_scsi_drive_string-Break-out-common-p.patch
xsa266-2-libxl-restore-passing-readonly-to-qemu-for-SCSI-disk.patch�- bsc#1095242 - VUL-0: CVE-2018-3665: xen: Lazy FP Save/Restore
(XSA-267)
xsa267-1.patch
xsa267-2.patch�- bsc#1092543 - GCC 8: xen build fails
gcc8-fix-warning-on-i586.patch�- bsc#1092631 - VUL-0: CVE-2018-3639: xen: V4 – Speculative Store
Bypass aka "Memory Disambiguation" (XSA-263)
5ad4923e-x86-correct-S3-resume-ordering.patch
5ad49293-x86-suppress-BTI-mitigations-around-S3.patch
5afc13ae-1-x86-read-MSR_ARCH_CAPABILITIES-once.patch
5afc13ae-2-x86-express-Xen-SPEC_CTRL-choice-as-variable.patch
5afc13ae-3-x86-merge-bti_ist_info-use_shadow_spec_ctrl.patch
5afc13ae-4-x86-fold-XEN_IBRS-ALTERNATIVES.patch
5afc13ae-5-x86-rename-bits-of-spec_ctrl-infrastructure.patch
5afc13ae-6-x86-elide-MSR_SPEC_CTRL-handling-in-idle.patch
5afc13ae-7-x86-split-X86_FEATURE_SC_MSR.patch
5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch
5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch
5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch
Spectre-v4-1.patch
Spectre-v4-2.patch
Spectre-v4-3.patch�- Always call qemus xen-save-devices-state in suspend/resume to
fix migration with qcow2 images (bsc#1079730)
libxl.Add-a-version-check-of-QEMU-for-QMP-commands.patch
libxl.qmp-Tell-QEMU-about-live-migration-or-snapshot.patch
xen.bug1079730.patch�- bsc#1087289 - L3: Xen BUG at sched_credit.c:1663
5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch
5aeaeaf0-sched-fix-races-in-vcpu-migration.patch
- Upstream patches from Jan (bsc#1027519)
5ad600d4-x86-pv-introduce-x86emul_read_dr.patch
5ad600d4-x86-pv-introduce-x86emul_write_dr.patch
5ad8c3a7-x86-spec_ctrl-update-retpoline-decision-making.patch
5adda097-x86-HPET-fix-race-triggering-ASSERT.patch
5adda0d5-x86-HVM-never-retain-emulated-insn-cache.patch
5ae06fad-SVM-fix-intercepts-for-SYS-CALL-ENTER-MSRs.patch
5ae31917-x86-cpuidle-init-stats-lock-once.patch
5aeb2c57-x86-retval-checks-of-set-guest-trapbounce.patch
5af1daa9-1-x86-traps-fix-dr6-handing-in-DB-handler.patch (Replaces xsa260-1.patch)
5af1daa9-2-x86-pv-move-exception-injection-into-test_all_events.patch (Replaces xsa260-2.patch)
5af1daa9-3-x86-traps-use-IST-for-DB.patch (Replaces xsa260-3.patch)
5af1daa9-4-x86-traps-fix-handling-of-DB-in-hypervisor-context.patch (Replaces xsa260-4.patch)
5af1daa9-x86-HVM-guard-against-bogus-emulator-ioreq-state.patch (Replaces xsa262.patch)
5af1daa9-x86-vpt-support-IO-APIC-routed-intr.patch (Replaces xsa261.patch)
5af97999-viridian-cpuid-leaf-40000003.patch�- Fixes related to Page Table Isolation (XPTI). bsc#1074562 XSA-254
5a6703cb-x86-move-invocations-of-hvm_flush_guest_tlbs.patch
5a9985bd-x86-invpcid-support.patch
5adde9ed-xpti-fix-double-fault-handling.patch
5aec7393-1-x86-xpti-avoid-copy.patch
5aec7393-2-x86-xpti-write-cr3.patch
5aec744a-3-x86-xpti-per-domain-flag.patch
5aec744a-4-x86-xpti-use-invpcid.patch
5aec744a-5-x86-xpti-no-global-pages.patch
5aec744a-6-x86-xpti-cr3-valid-flag.patch
5aec744a-7-x86-xpti-pv_guest_cr4_to_real_cr4.patch
5aec744b-8-x86-xpti-cr3-helpers.patch
5aec74a8-9-x86-xpti-use-pcid.patch�- bsc#1092543 - GCC 8: xen build fails
5ac72a48-gcc8.patch
5ac72a5f-gcc8.patch
5ac72a64-gcc8.patch
5ac72a69-gcc8.patch
5ac72a6e-gcc8.patch
5ac72a74-gcc8.patch
5ac72a7b-gcc8.patch
gcc8-inlining-failed.patch�- Update to Xen 4.10.1 bug fix release (bsc#1027519)
xen-4.10.1-testing-src.tar.bz2
disable-building-pv-shim.patch
- Drop the following patches contained in the new tarball
5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch
5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch
5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch
5a313972-x86-microcode-add-support-for-AMD-Fam17.patch
5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch
5a4caa5e-x86-IRQ-conditionally-preserve-access-perm.patch
5a4caa8c-x86-E820-don-t-overrun-array.patch
5a4e2bca-x86-free-msr_vcpu_policy-during-destruction.patch
5a4e2c2c-x86-upcall-inject-spurious-event-after-setting-vector.patch
5a4fd893-1-x86-break-out-alternative-asm-into-separate-header.patch
5a4fd893-2-x86-introduce-ALTERNATIVE_2-macros.patch
5a4fd893-3-x86-hvm-rename-update_guest_vendor-to-cpuid_policy_changed.patch
5a4fd893-4-x86-introduce-cpuid_policy_updated.patch
5a4fd893-5-x86-entry-remove-partial-cpu_user_regs.patch
5a4fd894-1-x86-rearrange-RESTORE_ALL-to-restore-in-stack-order.patch
5a4fd894-2-x86-hvm-use-SAVE_ALL-after-VMExit.patch
5a4fd894-3-x86-erase-guest-GPRs-on-entry-to-Xen.patch
5a4fd894-4-clarifications-to-wait-infrastructure.patch
5a534c78-x86-dont-use-incorrect-CPUID-values-for-topology.patch
5a5cb24c-x86-mm-always-set-_PAGE_ACCESSED-on-L4-updates.patch
5a5e2cff-x86-Meltdown-band-aid.patch
5a5e2d73-x86-Meltdown-band-aid-conditional.patch
5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch
5a5e3a4e-2-x86-support-indirect-thunks-from-asm.patch
5a5e3a4e-3-x86-report-speculative-mitigation-details.patch
5a5e3a4e-4-x86-AMD-set-lfence-as-Dispatch-Serialising.patch
5a5e3a4e-5-x86-introduce-alternative-indirect-thunks.patch
5a5e3a4e-6-x86-definitions-for-Indirect-Branch-Controls.patch
5a5e3a4e-7-x86-cmdline-opt-to-disable-IBRS-IBPB-STIBP.patch
5a5e459c-1-x86-SVM-offer-CPUID-faulting-to-AMD-HVM-guests.patch
5a5e459c-2-x86-report-domain-id-on-CPUID.patch
5a68bc16-x86-acpi-process-softirqs-logging-Cx.patch
5a69c0b9-x86-fix-GET_STACK_END.patch
5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch
5a6b36cd-2-x86-msr-emulation-of-SPEC_CTRL-PRED_CMD.patch
5a6b36cd-3-x86-migrate-MSR_SPEC_CTRL.patch
5a6b36cd-4-x86-hvm-permit-direct-access-to-SPEC_CTRL-PRED_CMD.patch
5a6b36cd-5-x86-use-SPEC_CTRL-on-entry.patch
5a6b36cd-6-x86-clobber-RSB-RAS-on-entry.patch
5a6b36cd-7-x86-no-alternatives-in-NMI-MC-paths.patch
5a6b36cd-8-x86-boot-calculate-best-BTI-mitigation.patch
5a6b36cd-9-x86-issue-speculation-barrier.patch
5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch
5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch
5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch
5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch
5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch
5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch
5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch
5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch
5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch
5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch
5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch
5a955800-gnttab-dont-free-status-pages-on-ver-change.patch
5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch
5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch
5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch
5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch
5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch
5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch
5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch
xsa258.patch
xsa259.patch�- bsc#1090820 - VUL-0: CVE-2018-8897: xen: x86: mishandling of
debug exceptions (XSA-260)
xsa260-1.patch
xsa260-2.patch
xsa260-3.patch
xsa260-4.patch
- bsc#1090822 - VUL-0: CVE-2018-10982: xen: x86 vHPET interrupt
injection errors (XSA-261)
xsa261.patch
- bsc#1090823 - VUL-0: CVE-2018-10981: xen: qemu may drive Xen into
unbounded loop (XSA-262)
xsa262.patch�- bsc#1089152 - VUL-0: CVE-2018-10472: xen: Information leak via
crafted user-supplied CDROM (XSA-258)
xsa258.patch
- bsc#1089635 - VUL-0: CVE-2018-10471: xen: x86: PV guest may crash
Xen with XPTI (XSA-259)
xsa259.patch�- Preserve xen-syms from xen-dbg.gz to allow processing vmcores
with crash(1) (bsc#1087251)�- Upstream patches from Jan (bsc#1027519) and fixes related to
Page Table Isolation (XPTI). See also bsc#1074562 XSA-254
5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch
5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch
5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch
5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch
5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch
5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch�- bsc#1072834 - Xen HVM: unchecked MSR access error: RDMSR from
0xc90 at rIP: 0xffffffff93061456 (native_read_msr+0x6/0x30)
5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch
- Upstream patches from Jan (bsc#1027519)
5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch
5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch
5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch
5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch
5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch
5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch
5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch
5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch (Replaces xsa252.patch)
5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch (Replaces xsa255-1.patch)
5a955800-gnttab-dont-free-status-pages-on-ver-change.patch (Replaces xsa255-2.patch)
5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch (Replaces xsa256.patch)
- Drop
xsa252.patch
xsa255-1.patch
xsa255-2.patch
xsa256.patch�- bsc#1080635 - VUL-0: CVE-2018-7540: xen: DoS via non-preemptable
L3/L4 pagetable freeing (XSA-252)
xsa252.patch
- bsc#1080662 - VUL-0: CVE-2018-7541: xen: grant table v2 -> v1
transition may crash Xen (XSA-255)
xsa255-1.patch
xsa255-2.patch
- bsc#1080634 - VUL-0: CVE-2018-7542: xen: x86 PVH guest without
LAPIC may DoS the host (XSA-256)
xsa256.patch�- Remove stale systemd presets code for 13.2 and older�- fate#324965 - add script, udev rule and systemd service to watch
for vcpu online/offline events in a HVM domU
They are triggered via xl vcpu-set domU N�- Replace hardcoded xen with Name tag when refering to subpkgs�- Make sure tools and tools-domU require libs from the very same build�- tools-domU: Add support for qemu guest agent. New files
80-xen-channel-setup.rules and xen-channel-setup.sh configure a
xen-pv-channel for use by the guest agent
FATE#324963�- Remove outdated /etc/xen/README*�- bsc#1073961 - VUL-0: CVE-2018-5244: xen: x86: memory leak with
MSR emulation (XSA-253)
5a4e2bca-x86-free-msr_vcpu_policy-during-destruction.patch
- bsc#1074562 - VUL-0: CVE-2017-5753,CVE-2017-5715,CVE-2017-5754
xen: Information leak via side effects of speculative execution
(XSA-254). Includes Spectre v2 mitigation.
5a4caa5e-x86-IRQ-conditionally-preserve-access-perm.patch
5a4caa8c-x86-E820-don-t-overrun-array.patch
5a4e2c2c-x86-upcall-inject-spurious-event-after-setting-vector.patch
5a4fd893-1-x86-break-out-alternative-asm-into-separate-header.patch
5a4fd893-2-x86-introduce-ALTERNATIVE_2-macros.patch
5a4fd893-3-x86-hvm-rename-update_guest_vendor-to-cpuid_policy_changed.patch
5a4fd893-4-x86-introduce-cpuid_policy_updated.patch
5a4fd893-5-x86-entry-remove-partial-cpu_user_regs.patch
5a4fd894-1-x86-rearrange-RESTORE_ALL-to-restore-in-stack-order.patch
5a4fd894-2-x86-hvm-use-SAVE_ALL-after-VMExit.patch
5a4fd894-3-x86-erase-guest-GPRs-on-entry-to-Xen.patch
5a4fd894-4-clarifications-to-wait-infrastructure.patch
5a534c78-x86-dont-use-incorrect-CPUID-values-for-topology.patch
5a5cb24c-x86-mm-always-set-_PAGE_ACCESSED-on-L4-updates.patch
5a5e2cff-x86-Meltdown-band-aid.patch
5a5e2d73-x86-Meltdown-band-aid-conditional.patch
5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch
5a5e3a4e-2-x86-support-indirect-thunks-from-asm.patch
5a5e3a4e-3-x86-report-speculative-mitigation-details.patch
5a5e3a4e-4-x86-AMD-set-lfence-as-Dispatch-Serialising.patch
5a5e3a4e-5-x86-introduce-alternative-indirect-thunks.patch
5a5e3a4e-6-x86-definitions-for-Indirect-Branch-Controls.patch
5a5e3a4e-7-x86-cmdline-opt-to-disable-IBRS-IBPB-STIBP.patch
5a5e459c-1-x86-SVM-offer-CPUID-faulting-to-AMD-HVM-guests.patch
5a5e459c-2-x86-report-domain-id-on-CPUID.patch
5a68bc16-x86-acpi-process-softirqs-logging-Cx.patch
5a69c0b9-x86-fix-GET_STACK_END.patch
5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch
5a6b36cd-2-x86-msr-emulation-of-SPEC_CTRL-PRED_CMD.patch
5a6b36cd-3-x86-migrate-MSR_SPEC_CTRL.patch
5a6b36cd-4-x86-hvm-permit-direct-access-to-SPEC_CTRL-PRED_CMD.patch
5a6b36cd-5-x86-use-SPEC_CTRL-on-entry.patch
5a6b36cd-6-x86-clobber-RSB-RAS-on-entry.patch
5a6b36cd-7-x86-no-alternatives-in-NMI-MC-paths.patch
5a6b36cd-8-x86-boot-calculate-best-BTI-mitigation.patch
5a6b36cd-9-x86-issue-speculation-barrier.patch
5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch
5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch�- Fix python3 deprecated atoi call (bsc#1067224)
pygrub-python3-conversion.patch
- Drop xenmon-python3-conversion.patch�- bsc#1067317 - pass cache=writeback|unsafe|directsync to qemu,
depending on the libxl disk settings
libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch�- Remove libxl.LIBXL_DESTROY_TIMEOUT.debug.patch�- bsc#1067224 - xen-tools have hard dependency on Python 2
build-python3-conversion.patch
bin-python3-conversion.patch�- bsc#1070165 - xen crashes after aborted localhost migration
5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch
- bsc#1035442 - L3: libxl: error: libxl.c:1676:devices_destroy_cb:
libxl__devices_destroy failed
5a33a12f-domctl-improve-locking-during-domain-destruction.patch
- Upstream patches from Jan (bsc#1027519)
5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch
5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch
5a313972-x86-microcode-add-support-for-AMD-Fam17.patch
5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch�- Update to Xen 4.10.0 FCS (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2�- Rebuild initrd if xen-tools-domU is updated�- Update to Xen 4.10.0-rc8 (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2�- Increase the value of LIBXL_DESTROY_TIMEOUT from 10 to 100 seconds
If many domUs shutdown in parallel the backends can not keep up
Add some debug output to track how long backend shutdown takes (bsc#1035442)
libxl.LIBXL_DESTROY_TIMEOUT.patch
libxl.LIBXL_DESTROY_TIMEOUT.debug.patch�- Adjust xenstore-run-in-studomain.patch to change the defaults
in the code instead of changing the sysconfig template, to also
cover the upgrade case�- Update to Xen 4.10.0-rc6 (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2�- Since xen switched to Kconfig, building a debug hypervisor
was done by default. Adjust make logic to build a non-debug
hypervisor by default, and continue to provide one as xen-dbg.gz�- fate#316614: set migration constraints from cmdline
fix libxl.set-migration-constraints-from-cmdline.patch for xen-4.10�- Document the suse-diskcache-disable-flush option in
xl-disk-configuration(5) (bsc#879425,bsc#1067317)�- Replace references to /var/adm/fillup-templates with new
%_fillupdir macro (boo#1069468)�- Update to Xen 4.10.0-rc5 (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2
- fate#323663 - Run Xenstore in stubdomain
xenstore-run-in-studomain.patch�- bsc#1067224 - xen-tools have hard dependency on Python 2
pygrub-python3-conversion.patch
xenmon-python3-conversion.patch
migration-python3-conversion.patch
xnloader.py
xen2libvirt.py�- Remove xendriverdomain.service (bsc#1065185)
Driver domains must be configured manually with custom .service file�- Update to Xen 4.10.0-rc3 (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2
- Drop 59f31268-libxc-remove-stale-error-check-for-domain-size.patch�- Adjust xen-dom0-modules.service to ignore errors (bsc#1065187)�- fate#324052 Support migration of Xen HVM domains larger than 1TB
59f31268-libxc-remove-stale-error-check-for-domain-size.patch�- Update to Xen 4.10.0-rc2 (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2�- Update to Xen 4.10.0-rc1 (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2
- Drop patches included in new tarball
592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch
596f257e-x86-fix-hvmemul_insn_fetch.patch
5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch
598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch
598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch
5992f1e5-x86-grant-disallow-misaligned-PTEs.patch
5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch
5992f233-gnttab-correct-pin-status-fixup-for-copy.patch
59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch
59958ebf-gnttab-fix-transitive-grant-handling.patch
59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch
599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch
59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch
59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch
59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch
59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch
59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch
59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch
59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch
59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch
59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch
59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch
59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch
59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch
gcc7-arm.patch
gcc7-mini-os.patch�- bsc#1061084 - VUL-0: xen: page type reference leak on x86
(XSA-242)
xsa242.patch
- bsc#1061086 - VUL-0: xen: x86: Incorrect handling of self-linear
shadow mappings with translated guests (XSA-243)
xsa243.patch
- bsc#1061087 - VUL-0: xen: x86: Incorrect handling of IST settings
during CPU hotplug (XSA-244)
xsa244.patch�- bsc#1061077 - VUL-0: xen: DMOP map/unmap missing argument checks
(XSA-238)
xsa238.patch
- bsc#1061080 - VUL-0: xen: hypervisor stack leak in x86 I/O
intercept code (XSA-239)
xsa239.patch
- bsc#1061081 - VUL-0: xen: Unlimited recursion in linear pagetable
de-typing (XSA-240)
xsa240-1.patch
xsa240-2.patch
- bsc#1061082 - VUL-0: xen: Stale TLB entry due to page type
release race (XSA-241)
xsa241.patch�- bsc#1061075 - VUL-0: xen: pin count / page reference race in
grant table code (XSA-236)
xsa236.patch
- bsc#1061076 - VUL-0: xen: multiple MSI mapping issues on x86
(XSA-237)
xsa237-1.patch
xsa237-2.patch
xsa237-3.patch
xsa237-4.patch
xsa237-5.patch�- bsc#1056278 - VUL-0: xen: Missing NUMA node parameter
verification (XSA-231)
59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch
- bsc#1056280 - VUL-0: xen: Missing check for grant table (XSA-232)
59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch
- bsc#1056281 - VUL-0: xen: cxenstored: Race in domain cleanup
(XSA-233)
59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch
- bsc#1056282 - VUL-0: xen: insufficient grant unmapping checks for
x86 PV guests (XSA-234)
59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch
- bsc#1055321 - VUL-0: xen: add-to-physmap error paths fail to
release lock on ARM (XSA-235)
599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch
- Upstream patches from Jan (bsc#1027519)
59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch
59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch
59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch
59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch
59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch
59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch
59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch
59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch
- Dropped gcc7-xen.patch�- bsc#1057358 - Cannot Boot into SLES12.3 with Xen hypervisor when
Secure Boot is Enabled
xen.spec�- bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored
update from v6 to v9 to cover more cases for ballooned domUs
libxc.sr.superpage.patch�- bsc#1026236 - remove suse_vtsc_tolerance= cmdline option for Xen
drop the patch because it is not upstream acceptable
remove xen.suse_vtsc_tolerance.patch�- bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored
after the save using xl stack
libxc.sr.superpage.patch�- Unignore gcc-PIE
the toolstack disables PIE for firmware builds as needed�- Upstream patches from Jan (bsc#1027519)
592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch
596f257e-x86-fix-hvmemul_insn_fetch.patch
5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch
598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch
598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch
5992f1e5-x86-grant-disallow-misaligned-PTEs.patch (Replaces xsa227.patch)
5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch (Replaces xsa228.patch)
5992f233-gnttab-correct-pin-status-fixup-for-copy.patch (Replaces xsa230.patch)
59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch (Replaces xsa226-1.patch)
59958ebf-gnttab-fix-transitive-grant-handling.patch (Replaces xsa226-2.patch)
59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch�- bsc#1044974 - xen-tools require python-pam
xen.spec�- Clean up spec file errors and a few warnings. (bsc#1027519)
- Removed conditional 'with_systemd' and some old deprecated
'sles_version' checks.
xen.spec�- Remove use of brctl utiltiy from supportconfig plugin
FATE#323639�- Use upstream variant of mini-os __udivmoddi4 change
gcc7-mini-os.patch�- fate#323639 Move bridge-utils to legacy
replace-obsolete-network-configuration-commands-in-s.patch�- bsc#1052686 - VUL-0: xen: grant_table: possibly premature
clearing of GTF_writing / GTF_reading (XSA-230)
xsa230.patch�- bsc#1035231 - migration of HVM domU does not use superpages
on destination dom0
libxc.sr.superpage.patch�- bsc#1051787 - VUL-0: CVE-2017-12135: xen: possibly unbounded
recursion in grant table code (XSA-226)
xsa226-1.patch
xsa226-2.patch
- bsc#1051788 - VUL-0: CVE-2017-12137: xen: x86: PV privilege
escalation via map_grant_ref (XSA-227)
xsa227.patch
- bsc#1051789 - VUL-0: CVE-2017-12136: xen: grant_table: Race
conditions with maptrack free list handling (XSA-228)
xsa228.patch�- Add a supportconfig plugin
xen-supportconfig
FATE#323661�- bsc#1026236 - add suse_vtsc_tolerance= cmdline option for Xen
To avoid emulation of TSC access from a domU after live migration
add a global tolerance for the measured host kHz
xen.suse_vtsc_tolerance.patch�- fate#323662 Drop qemu-dm from xen-tools package
The following tarball and patches have been removed
qemu-xen-traditional-dir-remote.tar.bz2
VNC-Support-for-ExtendedKeyEvent-client-message.patch
0001-net-move-the-tap-buffer-into-TAPState.patch
0002-net-increase-tap-buffer-size.patch
0003-e1000-fix-access-4-bytes-beyond-buffer-end.patch
0004-e1000-secrc-support.patch
0005-e1000-multi-buffer-packet-support.patch
0006-e1000-clear-EOP-for-multi-buffer-descriptors.patch
0007-e1000-verify-we-have-buffers-upfront.patch
0008-e1000-check-buffer-availability.patch
CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch
CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch
CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch
CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch
CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch
CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch
CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch
CVE-2015-4037-qemut-smb-config-dir-name.patch
CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch
CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch
CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch
CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch
CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch
CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch
CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch
CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch
CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch
CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch
CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch
CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch
CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch
CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch
CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch
CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch
CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch
CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch
CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch
CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch
CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch
CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch
blktap.patch
cdrom-removable.patch
xen-qemu-iscsi-fix.patch
qemu-security-etch1.patch
xen-disable-qemu-monitor.patch
xen-hvm-default-bridge.patch
qemu-ifup-set-mtu.patch
ioemu-vnc-resize.patch
capslock_enable.patch
altgr_2.patch
log-guest-console.patch
bdrv_open2_fix_flags.patch
bdrv_open2_flags_2.patch
ioemu-7615-qcow2-fix-alloc_cluster_link_l2.patch
qemu-dm-segfault.patch
bdrv_default_rwflag.patch
kernel-boot-hvm.patch
ioemu-watchdog-support.patch
ioemu-watchdog-linkage.patch
ioemu-watchdog-ib700-timer.patch
ioemu-hvm-pv-support.patch
pvdrv_emulation_control.patch
ioemu-disable-scsi.patch
ioemu-disable-emulated-ide-if-pv.patch
xenpaging.qemu.flush-cache.patch
ioemu-devicemodel-include.patch
- Cleanup spec file and remove unused KMP patches
kmp_filelist
supported_module.patch
xen_pvonhvm.xen_emul_unplug.patch�- bsc#1002573 - Optimize LVM functions in block-dmmd
block-dmmd�- Record initial Xen dmesg in /var/log/xen/xen-boot.log for
supportconfig. Keep previous log in /var/log/xen/xen-boot.prev.log�- Remove storytelling from description in xen.rpm�- Update to Xen 4.9.0 FCS (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2�- Update block-dmmd script (bsc#1002573)
block-dmmd�- Update to Xen 4.9.0-rc8+ (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2
gcc7-arm.patch
- Drop gcc7-error-xenpmd.patch�- Update to Xen 4.9.0-rc8 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2�- bsc#1042160 - VUL-1: CVE-2017-9330: xen: usb: ohci: infinite loop
due to incorrect return value
CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch�- bsc#1037243 - VUL-1: CVE-2017-8309: xen: audio: host memory
leakage via capture buffer
CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch�- Update to Xen 4.9.0-rc7 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2�- Update to Xen 4.9.0-rc6 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2�- bsc#1031343 - xen fails to build with GCC 7
gcc7-mini-os.patch
gcc7-xen.patch�- bsc#1031343 - xen fails to build with GCC 7
gcc7-error-xenpmd.patch�- Update to Xen 4.9.0-rc5 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2
- Drop xen-tools-pkgconfig-xenlight.patch�- bsc#1037779 - xen breaks kexec-tools build
xen-tools-pkgconfig-xenlight.patch�- Update to Xen 4.9.0-rc4 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2�- bsc#1036146 - sles12sp2 xen VM dumps core to wrong path
xen.spec�- Update to Xen 4.9.0-rc3 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2
aarch64-maybe-uninitialized.patch�- Update to Xen 4.9.0-rc2 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2�- Update to Xen 4.9.0-rc1 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2
ioemu-devicemodel-include.patch
- Dropped patches contained in new tarball
xen-4.8.0-testing-src.tar.bz2
0001-xenstore-let-write_node-and-some-callers-return-errn.patch
0002-xenstore-undo-function-rename.patch
0003-xenstore-rework-of-transaction-handling.patch
584806ce-x86emul-correct-PUSHF-POPF.patch
584fc649-fix-determining-when-domain-creation-is-complete.patch
58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch
58510cac-x86emul-MOVNTI-no-REP-prefixes.patch
58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch
5853ed37-VT-d-correct-dma_msi_set_affinity.patch
5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch
58580060-x86-emul-correct-SYSCALL-eflags-handling.patch
585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch
585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch
585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch
586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch
587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch
587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch
5882129d-x86emul-LOCK-check-adjustments.patch
58821300-x86-segment-attribute-handling.patch
58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch
58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch
5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch
5887888f-credit2-never-consider-CPUs-outside-of-pool.patch
5887888f-credit2-use-the-correct-scratch-cpumask.patch
5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch
5899cbd9-EPT-allow-wrcomb-MMIO-mappings-again.patch
589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch
58a44771-IOMMU-always-call-teardown-callback.patch
58a48ccc-x86-fix-p2m_flush_table-for-non-nested.patch
58a59f4b-libxl-correct-xenstore-entry-for-empty-cdrom.patch
58a70d94-VMX-fix-VMCS-race-on-cswitch-paths.patch
58ac1f3f-VMX-dont-leak-host-syscall-MSRs.patch
58b5a2de-x86-correct-Xens-idea-of-its-memory-layout.patch
58b6fd42-credit2-always-mark-a-tickled-pCPU-as-tickled.patch
58b6fd42-credit2-dont-miss-accounting-during-credit-reset.patch
58cbf682-x86-EFI-avoid-overrunning-mb_modules.patch
58cf9200-x86-EFI-avoid-IOMMU-faults-on-tail-gap.patch
58cf9260-x86-EFI-avoid-Xen-when-looking-for-mod-kexec-pos.patch
58cf9277-x86-time-dont-use-vTSC-if-host-guest-freqs-match.patch
58d25ea2-xenstore-add-missing-checks-for-allocation-failure.patch
58d91365-sched-dont-call-wrong-hook-via-VCPU2OP.patch
CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch
CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch
glibc-2.25-compatibility-fix.patch
xs-09-add_change_node-params.patch
xs-10-call-add_change_node.patch
xs-11-tdb-record-header.patch
xs-12-node-gen-count.patch
xs-13-read-directory-part-support.patch
xs-14-command-array.patch
xs-15-command-return-val.patch
xs-16-function-static.patch
xs-17-arg-parsing.patch
xs-18-default-buffer.patch
xs-19-handle-alloc-failures.patch
xs-20-tdb-version.patch
xs-21-empty-tdb-database.patch
xs-22-reopen_log-fix.patch
xs-23-XS_DEBUG-rename.patch
xs-24-xenstored_control.patch
xs-25-control-enhance.patch
xs-26-log-control.patch
xs-27-memory-report.patch
xs-28-remove-talloc-report.patch
xs-29-define-off_t.patch
xsa206-0001-xenstored-apply-a-write-transaction-rate-limit.patch
xsa206-0002-xenstored-Log-when-the-write-transaction-rate-limit.patch�- bsc#1022703 - Xen HVM guest with OVMF hangs with unattached CDRom
58a59f4b-libxl-correct-xenstore-entry-for-empty-cdrom.patch�- bsc#1015348 - L3: libvirtd does not start during boot
suse-xendomains-service.patch�- bsc#1014136 - Partner-L3: kdump can't dump a kernel on SLES12-SP2
with Xen hypervisor.
58cf9260-x86-EFI-avoid-Xen-when-looking-for-mod-kexec-pos.patch
- bsc#1026236 - L3: Paravirtualized vs. fully virtualized migration
- latter one much faster
58cf9277-x86-time-dont-use-vTSC-if-host-guest-freqs-match.patch
- Upstream patch from Jan
58cbf682-x86-EFI-avoid-overrunning-mb_modules.patch
58cf9200-x86-EFI-avoid-IOMMU-faults-on-tail-gap.patch
58d91365-sched-dont-call-wrong-hook-via-VCPU2OP.patch�- bsc#1022555 - L3: Timeout in "execution of /etc/xen/scripts/block
add"
58d25ea2-xenstore-add-missing-checks-for-allocation-failure.patch
0001-xenstore-let-write_node-and-some-callers-return-errn.patch
0002-xenstore-undo-function-rename.patch
0003-xenstore-rework-of-transaction-handling.patch
- bsc#1030144 - VUL-0: xen: xenstore denial of service via repeated
update (XSA-206)
xsa206-0001-xenstored-apply-a-write-transaction-rate-limit.patch
xsa206-0002-xenstored-Log-when-the-write-transaction-rate-limit.patch
- bsc#1029827 - Forward port xenstored
xs-09-add_change_node-params.patch
xs-10-call-add_change_node.patch
xs-11-tdb-record-header.patch
xs-12-node-gen-count.patch
xs-13-read-directory-part-support.patch
xs-14-command-array.patch
xs-15-command-return-val.patch
xs-16-function-static.patch
xs-17-arg-parsing.patch
xs-18-default-buffer.patch
xs-19-handle-alloc-failures.patch
xs-20-tdb-version.patch
xs-21-empty-tdb-database.patch
xs-22-reopen_log-fix.patch
xs-23-XS_DEBUG-rename.patch
xs-24-xenstored_control.patch
xs-25-control-enhance.patch
xs-26-log-control.patch
xs-27-memory-report.patch
xs-28-remove-talloc-report.patch
xs-29-define-off_t.patch�- bsc#1029128 - fix make xen to really produce xen.efi with gcc48�- bsc#1028235 - VUL-0: CVE-2017-6505: xen: qemu: usb: an infinite
loop issue in ohci_service_ed_list
CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch
- Upstream patches from Jan (bsc#1027519)
5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch
5887888f-credit2-use-the-correct-scratch-cpumask.patch
5899cbd9-EPT-allow-wrcomb-MMIO-mappings-again.patch
589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch
58a44771-IOMMU-always-call-teardown-callback.patch
58a48ccc-x86-fix-p2m_flush_table-for-non-nested.patch
58a70d94-VMX-fix-VMCS-race-on-cswitch-paths.patch
58ac1f3f-VMX-dont-leak-host-syscall-MSRs.patch
58b5a2de-x86-correct-Xens-idea-of-its-memory-layout.patch
58b6fd42-credit2-always-mark-a-tickled-pCPU-as-tickled.patch
58b6fd42-credit2-dont-miss-accounting-during-credit-reset.patch�- bsc#1027654 - XEN fails to build against glibc 2.25
glibc-2.25-compatibility-fix.patch
libxl.pvscsi.patch�- fate#316613: Refresh and enable libxl.pvscsi.patch�- bsc#1024834 - VUL-0: CVE-2017-2620: xen: cirrus_bitblt_cputovideo
does not check if memory region is safe (XSA-209)
CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch�- bsc#1023948 - [pvusb][sles12sp3][openqa] Segmentation fault
happened when adding usbctrl devices via xl
589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch�- Upstream patches from Jan (bsc#1027519)
587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch
587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch
5882129d-x86emul-LOCK-check-adjustments.patch
58821300-x86-segment-attribute-handling.patch
58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch
58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch
5887888f-credit2-use-the-correct-scratch-cpumask.patch
5887888f-credit2-never-consider-CPUs-outside-of-pool.patch
5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch
5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch�- bsc#1023004 - VUL-0: CVE-2017-2615: qemu: display: cirrus: oob
access while doing bitblt copy backward mode
CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch�- fate#322313 and fate#322150 require the acpica package ported to
aarch64 which Xen 4.8 needs to build. Temporarily disable aarch64
until these fates are complete.
xen.spec�- bsc#1021952 - Virutalization/xen: Bug xen-tools missing
/usr/bin/domu-xenstore; guests fail to launch
tmp_build.patch
xen.spec�- No systemd presets for 42.3+ and SLE12SP3+ (bsc#1012842)�- bsc#1007224 - broken symlinks in /usr/share/doc/packages/xen/misc/
xen.spec�- 585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch
Replaces xsa202.patch (bsc#1014298)
- 585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch
Replaces xsa203.patch (bsc#1014300)
- 58580060-x86-emul-correct-SYSCALL-eflags-handling.patch
Replaces xsa204.patch (bsc#1016340)
- Upstream patches from Jan
58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch
5853ed37-VT-d-correct-dma_msi_set_affinity.patch
5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch
585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch
586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch�- bsc#1015169 - VUL-0: CVE-2016-9921, CVE-2016-9922: xen: qemu:
display: cirrus_vga: a divide by zero in cirrus_do_copy
CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch�- bsc#1016340 - VUL-0: CVE-2016-10013: xen: x86: Mishandling of
SYSCALL singlestep during emulation (XSA-204)
xsa204.patch�- bsc#1012651 - VUL-0: CVE-2016-9932: xen: x86 CMPXCHG8B emulation
fails to ignore operand size override (XSA-200)
58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch�- bsc#1014298 - VUL-0: CVE-2016-10024: xen: x86 PV guests may be
able to mask interrupts (XSA-202)
xsa202.patch
- bsc#1014300 - VUL-0: CVE-2016-10025: xen: x86: missing NULL
pointer check in VMFUNC emulation (XSA-203)
xsa203.patch
- Upstream patches from Jan
584806ce-x86emul-correct-PUSHF-POPF.patch
584fc649-fix-determining-when-domain-creation-is-complete.patch
58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch
58510cac-x86emul-MOVNTI-no-REP-prefixes.patch�- Update to Xen 4.8 FCS
xen-4.8.0-testing-src.tar.bz2
- Dropped
xen-4.7.1-testing-src.tar.bz2
0001-libxc-Rework-extra-module-initialisation.patch
0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch
0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch
0004-firmware-makefile-install-BIOS-blob.patch
0005-libxl-Load-guest-BIOS-from-file.patch
0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch
0007-hvmloader-Grab-the-hvm_start_info-pointer.patch
0008-hvmloader-Locate-the-BIOS-blob.patch
0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch
0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch
0011-hvmloader-Load-OVMF-from-modules.patch
0012-hvmloader-Specific-bios_load-function-required.patch
0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch
0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch
57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch
576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch
5769106e-x86-generate-assembler-equates-for-synthesized.patch
57a1e603-x86-time-adjust-local-system-time-initialization.patch
57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch
57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch
57a30261-x86-support-newer-Intel-CPU-models.patch
5810a9cc-x86-emul-Correct-decoding-of-SReg3-operands.patch
581b2c3b-x86-emul-reject-LGDT-LIDT-with-non-canonical-addresses.patch
581b647a-x86emul-L-S-G-I-DT-ignore-opsz-overrides-in-64-bit-mode.patch
58249392-x86-svm-dont-clobber-eax-edx-if-RDMSR-intercept-fails.patch
582c35d6-x86-vmx-correct-long-mode-check-in-vmx_cpuid_intercept.patch
582c35ee-x86-traps-dont-call-hvm_hypervisor_cpuid_leaf-for-PV.patch
58343dc2-x86-hvm-Fix-the-handling-of-non-present-segments.patch
58343df8-x86-HVM-dont-load-LDTR-with-VM86-mode-attrs-during-task-switch.patch
58343e24-x86-PV-writes-of-fs-and-gs-base-MSRs-require-canonical-addresses.patch
58343e9e-libelf-fix-stack-memory-leak-when-loading-32-bit-symbol-tables.patch
58343ec2-x86emul-fix-huge-bit-offset-handling.patch
58343f29-x86-emul-correct-the-IDT-entry-calculation-in-inject_swint.patch
58343f44-x86-svm-fix-injection-of-software-interrupts.patch
58343f79-pygrub-Properly-quote-results-when-returning-them-to-the-caller.patch
CVE-2016-9381-xsa197-qemut.patch
CVE-2016-9637-xsa199-qemut.patch�- bsc#1011652 - VUL-0: xen: qemu ioport array overflow
CVE-2016-9637-xsa199-qemut.patch�- bsc#1009100 - VUL-0: CVE-2016-9386: XSA-191: xen: x86 null
segments not always treated as unusable
58343dc2-x86-hvm-Fix-the-handling-of-non-present-segments.patch
- bsc#1009103 - VUL-0: CVE-2016-9382: XSA-192: xen: x86 task switch
to VM86 mode mis-handled
58343df8-x86-HVM-dont-load-LDTR-with-VM86-mode-attrs-during-task-switch.patch
- bsc#1009104 - VUL-0: CVE-2016-9385: XSA-193: xen: x86 segment base
write emulation lacking canonical address checks
58343e24-x86-PV-writes-of-fs-and-gs-base-MSRs-require-canonical-addresses.patch
- bsc#1009105 - VUL-0: CVE-2016-9384: XSA-194: xen: guest 32-bit
ELF symbol table load leaking host data
58343e9e-libelf-fix-stack-memory-leak-when-loading-32-bit-symbol-tables.patch
- bsc#1009107 - VUL-0: CVE-2016-9383: XSA-195: xen: x86 64-bit bit
test instruction emulation broken
58343ec2-x86emul-fix-huge-bit-offset-handling.patch
- bsc#1009108 - VUL-0: CVE-2016-9377,CVE-2016-9378: XSA-196: xen:
x86 software interrupt injection mis-handled
58343f29-x86-emul-correct-the-IDT-entry-calculation-in-inject_swint.patch
58343f44-x86-svm-fix-injection-of-software-interrupts.patch
- bsc#1009109 - VUL-0: CVE-2016-9381: XSA-197: xen: qemu incautious
about shared ring processing
CVE-2016-9381-xsa197-qemut.patch
- bsc#1009111 - VUL-0: CVE-2016-9379,CVE-2016-9380: XSA-198: xen:
delimiter injection vulnerabilities in pygrub
58343f79-pygrub-Properly-quote-results-when-returning-them-to-the-caller.patch
- Upstream patches from Jan
581b2c3b-x86-emul-reject-LGDT-LIDT-with-non-canonical-addresses.patch
581b647a-x86emul-L-S-G-I-DT-ignore-opsz-overrides-in-64-bit-mode.patch
58249392-x86-svm-dont-clobber-eax-edx-if-RDMSR-intercept-fails.patch
582c35d6-x86-vmx-correct-long-mode-check-in-vmx_cpuid_intercept.patch
582c35ee-x86-traps-dont-call-hvm_hypervisor_cpuid_leaf-for-PV.patch�- Update to Xen Version 4.7.1
xen-4.7.1-testing-src.tar.bz2
- Dropped patches contained in new tarball
xen-4.7.0-testing-src.tar.bz2
575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch
57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch
57973099-have-schedulers-revise-initial-placement.patch
579730e6-remove-buggy-initial-placement-algorithm.patch
57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch
57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch
57ac6316-don-t-restrict-DMA-heap-to-node-0.patch
57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch
57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch
57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch
57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch
57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch
57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch
57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch
57c82be2-x86-32on64-adjust-call-gate-emulation.patch
57c93e52-fix-error-in-libxl_device_usbdev_list.patch
57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch
57c96e2c-x86-correct-PT_NOTE-file-position.patch
57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch
57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch
57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch
57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch
57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch
57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch
57d7ca5f-x86-domctl-fix-TOCTOU-race-in-XEN_DOMCTL_getvcpuextstate.patch
57d7ca64-x86-domctl-fix-migration-of-guests-not-using-xsave.patch
57da8883-credit1-fix-mask-to-be-used-for-tickling.patch
57da8883-credit2-properly-schedule-migration-of-running-vcpu.patch
57dfb1c5-x86-Intel-hide-CPUID-faulting-capability-from-guests.patch
57e93e1d-x86emul-correct-loading-of-ss.patch
57e93e4a-x86emul-don-t-allow-null-selector-for-LTR.patch
57e93e89-x86-AMD-apply-erratum-665-workaround.patch
57ee6cbc-credit1-return-time-remaining-to-limit-as-next-timeslice.patch
57f3a8ee-x86emul-honor-guest-CR0-TS-and-CR0-EM.patch
57fb6a91-x86-defer-not-present-segment-checks.patch
5800c51d-x86-hvm-Clobber-cs-L-when-LME-becomes-set.patch
5800caec-x86emul-fix-pushing-of-selector-registers.patch
5800cb06-x86-Viridian-don-t-depend-on-undefined-register-state.patch
580e29f9-x86-MISALIGNSSE-feature-depends-on-SSE.patch
57dfb2ff-x86-Intel-Broadwell-no-PKG_C8-10_RESIDENCY-MSRs.patch�- bsc#1004981 - Xen RPM doesn't contain debug hypervisor for EFI
systems
xen.spec�- bsc#1000106 - VUL-0: CVE-2016-7777: xen: CR0.TS and CR0.EM not
always honored for x86 HVM guests (XSA-190)
57f3a8ee-x86emul-honor-guest-CR0-TS-and-CR0-EM.patch
- bsc#996191 - [XEN][acpi]residency -n 88 -c will cause xen panic
on broadwell-ep
57dfb2ff-x86-Intel-Broadwell-no-PKG_C8-10_RESIDENCY-MSRs.patch
- Upstream patches from Jan
57d7ca5f-x86-domctl-fix-TOCTOU-race-in-XEN_DOMCTL_getvcpuextstate.patch
57d7ca64-x86-domctl-fix-migration-of-guests-not-using-xsave.patch
57da8883-credit1-fix-mask-to-be-used-for-tickling.patch
57da8883-credit2-properly-schedule-migration-of-running-vcpu.patch
57dfb1c5-x86-Intel-hide-CPUID-faulting-capability-from-guests.patch
57e93e1d-x86emul-correct-loading-of-ss.patch
57e93e4a-x86emul-don-t-allow-null-selector-for-LTR.patch
57e93e89-x86-AMD-apply-erratum-665-workaround.patch
57ee6cbc-credit1-return-time-remaining-to-limit-as-next-timeslice.patch
57fb6a91-x86-defer-not-present-segment-checks.patch
5800c51d-x86-hvm-Clobber-cs-L-when-LME-becomes-set.patch
5800caec-x86emul-fix-pushing-of-selector-registers.patch
5800cb06-x86-Viridian-don-t-depend-on-undefined-register-state.patch
580e29f9-x86-MISALIGNSSE-feature-depends-on-SSE.patch
5810a9cc-x86-emul-Correct-decoding-of-SReg3-operands.patch�- bsc#1007941 - Xen tools limit the number of vcpus to 256 when the
system has 384
xen-arch-kconfig-nr_cpus.patch�- bsc#1007157 - VUL-0: CVE-2016-8910: xen: net: rtl8139: infinite
loop while transmit in C+ mode
CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch�- bsc#1005004 - CVE-2016-8667: xen: dma: rc4030 divide by zero
error in set_next_tick
CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch
- bsc#1005005 - VUL-0: CVE-2016-8669: xen: char: divide by zero
error in serial_update_parameters
CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch�- bsc#1003030 - VUL-0: CVE-2016-7908: xen: net: Infinite loop in
mcf_fec_do_tx
CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch
- bsc#1003032 - VUL-0: CVE-2016-7909: xen: net: pcnet: infinite
loop in pcnet_rdra_addr
CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch�- bsc#995785 - VUL-0: CVE-2016-7092: xen: x86: Disallow L3
recursive pagetable for 32-bit PV guests (XSA-185)
57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch
- bsc#995789 - VUL-0: CVE-2016-7093: xen: x86: Mishandling of
instruction pointer truncation during emulation (XSA-186)
57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch
57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch
- bsc#995792 - VUL-0: CVE-2016-7094: xen: x86 HVM: Overflow of
sh_ctxt->seg_reg[] (XSA-187)
57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch
57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch
- bsc#991934 - xen hypervisor crash in csched_acct
57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch
- Upstream patches from Jan
57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch
57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch
57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch
57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch
57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch
57c82be2-x86-32on64-adjust-call-gate-emulation.patch
57c96e2c-x86-correct-PT_NOTE-file-position.patch
57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch�- bsc#979002 - add 60-persistent-xvd.rules and helper script
also to initrd, add the relevant dracut helper�- bnc#953518 - unplug also SCSI disks in qemu-xen-traditional for
upstream unplug protocol�- bsc#989679 - [pvusb feature] USB device not found when
'virsh detach-device guest usb.xml'
57c93e52-fix-error-in-libxl_device_usbdev_list.patch�- bsc#992224 - [HPS Bug] During boot of Xen Hypervisor, Failed to
get contiguous memory for DMA from Xen
57ac6316-don-t-restrict-DMA-heap-to-node-0.patch
- bsc#978755 - xen uefi systems fail to boot
- bsc#983697 - SLES12 SP2 Xen UEFI mode cannot boot
57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch
- Upstream patch from Jan
57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch�- spec: to stay compatible with the in-tree qemu-xen binary, use
/usr/bin/qemu-system-i386 instead of /usr/bin/qemu-system-x86_64
bsc#986164�- bsc#970135 - new virtualization project clock test randomly fails
on Xen
576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch
5769106e-x86-generate-assembler-equates-for-synthesized.patch
57a1e603-x86-time-adjust-local-system-time-initialization.patch
57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch
57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch
- bsc#991934 - xen hypervisor crash in csched_acct
57973099-have-schedulers-revise-initial-placement.patch
579730e6-remove-buggy-initial-placement-algorithm.patch
- bsc#988675 - VUL-0: CVE-2016-6258: xen: x86: Privilege escalation
in PV guests (XSA-182)
57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch
- bsc#988676 - VUL-0: CVE-2016-6259: xen: x86: Missing SMAP
whitelisting in 32-bit exception / event delivery (XSA-183)
57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch
- Upstream patches from Jan
57a30261-x86-support-newer-Intel-CPU-models.patch�- bsc#985503 - vif-route broken
vif-route.patch�- bsc#978413 - PV guest upgrade from sles11sp4 to sles12sp2 alpha3
failed on sles11sp4 xen host.
pygrub-handle-one-line-menu-entries.patch�- bsc#990843 - VUL-1: CVE-2016-6351: xen: qemu: scsi: esp: OOB
write access in esp_do_dma
CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch�- bsc#900418 - Dump cannot be performed on SLES12 XEN
57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch
- Upstream patches from Jan
575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch
57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch�- fate#319989 - Update to Xen 4.7 FCS
xen-4.7.0-testing-src.tar.bz2
- Drop CVE-2014-3672-qemut-xsa180.patch�- bsc#954872 - script block-dmmd not working as expected - libxl:
error: libxl_dm.c (Additional fixes)
block-dmmd�- Convert with_stubdom into build_conditional to allow adjusting
via prjconf
- Convert with_debug into build_conditional to allow adjusting
via prjconf�- bsc#979002 - add 60-persistent-xvd.rules and helper script to
xen-tools-domU to simplify transition to pvops based kernels�- Convert with_oxenstored into build_conditional to allow
adjusting via prjconf (fate#320836)�- bsc#983984 - VUL-0: CVE-2016-5338: xen: qemu: scsi: esp: OOB r/w
access while processing ESP_FIFO
CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch
- bsc#982960 - VUL-0: CVE-2016-5238: xen: qemu: scsi: esp: OOB
write when using non-DMA mode in get_cmd
CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch�- fate#319989 - Update to Xen 4.7 RC5
xen-4.7.0-testing-src.tar.bz2�- fate#319989 - Update to Xen 4.7 RC4
xen-4.7.0-testing-src.tar.bz2
- Dropped
xen.pkgconfig-4.7.patch
xsa164.patch�- bsc#981264 - VUL-0: CVE-2014-3672: xen: Unrestricted qemu logging
(XSA-180)
CVE-2014-3672-qemut-xsa180.patch�- bsc#980724 - VUL-0: CVE-2016-4441: Qemu: scsi: esp: OOB write
while writing to 's->cmdbuf' in get_cmd
CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch
- bsc#980716 - VUL-0: CVE-2016-4439: xen: scsi: esp: OOB write
while writing to 's->cmdbuf' in esp_reg_write
CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch�- fate#319989 - Update to Xen 4.7 RC3
xen-4.7.0-testing-src.tar.bz2
- Dropped
libxl-remove-cdrom-cachemode.patch
x86-PoD-only-reclaim-if-needed.patch
gcc6-warnings-as-errors.patch�- bsc#954872 - script block-dmmd not working as expected - libxl:
error: libxl_dm.c (another modification)
block-dmmd�- fate#319989 - Update to Xen 4.7 RC2
xen-4.7.0-testing-src.tar.bz2�- bsc#961600 - L3: poor performance when Xen HVM domU configured
with max memory > current memory
x86-PoD-only-reclaim-if-needed.patch�- Mark SONAMEs and pkgconfig as xen 4.7
xen.pkgconfig-4.7.patch�- bsc#977329 - Xen: Cannot boot HVM guests with empty cdrom
libxl-remove-cdrom-cachemode.patch�- fate#319989 - Update to Xen 4.7 RC1
xen-4.7.0-testing-src.tar.bz2�- fate#316614: set migration constraints from cmdline
restore libxl.set-migration-constraints-from-cmdline.patch�- Remove obsolete patch for xen-kmp
magic_ioport_compat.patch�- fate#316613: update to v12
libxl.pvscsi.patch�- Update to the latest Xen 4.7 pre-release c2994f86
Drop libxl.migrate-legacy-stream-read.patch�- bnc#972756 - Can't migrate HVM guest from SLES12SP1 Xen host
to SLES12SP2 Alpha 1 host using xl migrate
libxl.migrate-legacy-stream-read.patch�- Add patches from proposed upstream series to load BIOS's from
the toolstack instead of embedding in hvmloader
http://lists.xenproject.org/archives/html/xen-devel/2016-03/msg01626.html
0001-libxc-Rework-extra-module-initialisation.patch,
0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch,
0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch,
0004-firmware-makefile-install-BIOS-blob.patch,
0005-libxl-Load-guest-BIOS-from-file.patch,
0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch,
0007-hvmloader-Grab-the-hvm_start_info-pointer.patch,
0008-hvmloader-Locate-the-BIOS-blob.patch,
0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch,
0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch,
0011-hvmloader-Load-OVMF-from-modules.patch,
0012-hvmloader-Specific-bios_load-function-required.patch,
0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch,
0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch
- Enable support for UEFI on x86_64 using the ovmf-x86_64-ms.bin
firmware from qemu-ovmf-x86_64. The firmware is preloaded with
Microsoft keys to more closely resemble firmware on real hardware
FATE#320490�- fate#319989: Update to Xen 4.7 (pre-release)
xen-4.7.0-testing-src.tar.bz2
- Dropped:
xen-4.6.1-testing-src.tar.bz2
55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch
5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch
5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch
5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch
hotplug-Linux-block-performance-fix.patch
set-mtu-from-bridge-for-tap-interface.patch
xendomains-libvirtd-conflict.patch
xsa154.patch
xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch
xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch
xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch
xsa170.patch�- Use system SeaBIOS instead of building/installing another one
FATE#320638
Dropped files:
seabios-dir-remote.tar.bz2
xen-c99-fix.patch
xen.build-compare.seabios.patch�- spec: drop BuildRequires that were only needed for qemu-xen�- bsc#969377 - xen does not build with GCC 6
ipxe-use-rpm-opt-flags.patch
gcc6-warnings-as-errors.patch�- bsc#969351 - VUL-0: CVE-2016-2841: xen: net: ne2000: infinite
loop in ne2000_receive
CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch
- Drop xsa154-fix.patch�- Use system qemu instead of building/installing yet another qemu
FATE#320638
- Dropped files
qemu-xen-dir-remote.tar.bz2
CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch
CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch
CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch
CVE-2015-4037-qemuu-smb-config-dir-name.patch
CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch
CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch
CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch
CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch
CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch
CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch
CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch
CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch
CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch
CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch
CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch
CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch
CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
CVE-2016-2538-qemuu-usb-integer-overflow-in-remote-NDIS-message-handling.patch
CVE-2015-8619-qemuu-stack-based-OOB-write-in-hmp_sendkey-routine.patch
qemu-xen-enable-spice-support.patch
qemu-xen-upstream-qdisk-cache-unsafe.patch
tigervnc-long-press.patch
xsa162-qemuu.patch�- bsc#962321 - VUL-0: CVE-2016-1922: xen: i386: null pointer
dereference in vapic_write()
CVE-2016-1922-qemuu-i386-null-pointer-dereference-in-vapic_write.patch�- bsc#968004 - VUL-0: CVE-2016-2538: xen: usb: integer overflow in
remote NDIS control message handling
CVE-2016-2538-qemuu-usb-integer-overflow-in-remote-NDIS-message-handling.patch�- bsc#954872 - L3: script block-dmmd not working as expected -
libxl: error: libxl_dm.c
block-dmmd
- Update libxl to recognize dmmd and npiv prefix in disk spec
xen.libxl.dmmd.patch�- bsc#967101 - VUL-0: CVE-2016-2391: xen: usb: multiple eof_timers
in ohci module leads to null pointer dereference
CVE-2016-2391-qemuu-usb-null-pointer-dereference-in-ohci-module.patch
CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch
- bsc#967090 - VUL-0: CVE-2016-2392: xen: usb: null pointer
dereference in remote NDIS control message handling
CVE-2016-2392-qemuu-usb-null-pointer-dereference-in-NDIS-message-handling.patch�- Update to Xen Version 4.6.1
xen-4.6.1-testing-src.tar.bz2
- Dropped patches now contained in tarball or unnecessary
xen-4.6.0-testing-src.tar.bz2
5604f239-x86-PV-properly-populate-descriptor-tables.patch
561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-it-is-zero.patch
561d2046-VT-d-use-proper-error-codes-in-iommu_enable_x2apic_IR.patch
561d20a0-x86-hide-MWAITX-from-PV-domains.patch
561e3283-x86-NUMA-fix-SRAT-table-processor-entry-parsing-and-consumption.patch
5632118e-arm-Support-hypercall_create_continuation-for-multicall.patch
56321222-arm-rate-limit-logging-from-unimplemented-PHYSDEVOP-and-HVMOP.patch
56321249-arm-handle-races-between-relinquish_memory-and-free_domheap_pages.patch
5632127b-x86-guard-against-undue-super-page-PTE-creation.patch
5632129c-free-domain-s-vcpu-array.patch
563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
563212e4-xenoprof-free-domain-s-vcpu-array.patch
563212ff-x86-rate-limit-logging-in-do_xen-oprof-pmu-_op.patch
56323737-libxl-adjust-PoD-target-by-memory-fudge-too.patch
56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch
5641ceec-x86-HVM-always-intercept-AC-and-DB.patch
56549f24-x86-vPMU-document-as-unsupported.patch
5677f350-x86-make-debug-output-consistent-in-hvm_set_callback_via.patch
xsa155-qemut-qdisk-double-access.patch
xsa155-qemut-xenfb.patch
xsa155-qemuu-qdisk-double-access.patch
xsa155-qemuu-xenfb.patch
xsa159.patch
xsa160.patch
xsa162-qemut.patch
xsa165.patch
xsa166.patch
xsa167.patch
xsa168.patch�- bsc#965315 - VUL-0: CVE-2016-2270: xen: x86: inconsistent
cachability flags on guest mappings (XSA-154)
xsa154.patch
- bsc#965317 - VUL-0: CVE-2016-2271: xen: VMX: guest user mode may
crash guest with non-canonical RIP (XSA-170)
xsa170.patch�- bsc#965269 - VUL-1: CVE-2015-8619: xen: stack based OOB write in
hmp_sendkey routine
CVE-2015-8619-qemuu-stack-based-OOB-write-in-hmp_sendkey-routine.patch�- bsc#965156 - VUL-0: CVE-2015-6855: xen: ide: divide by zero issue
CVE-2015-6855-qemuu-ide-divide-by-zero-issue.patch
- bsc#965112 - VUL-0: CVE-2014-3640: xen: slirp: NULL pointer deref
in sosendto()
CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch�- bsc#964947 - VUL-0: CVE-2015-5278: xen: Infinite loop in
ne2000_receive() function
CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch
- bsc#956832 - VUL-0: CVE-2015-8345: xen: qemu: net: eepro100:
infinite loop in processing command block list
CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch
CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch�- bsc#964644 - VUL-0: CVE-2013-4533: xen pxa2xx: buffer overrun on
incoming migration
CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch
- bsc#964925 - VUL-0: CVE-2014-0222: xen: qcow1: validate L2 table
size to avoid integer overflows
CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch
- Dropped CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch�- bsc#964415 - VUL-1: CVE-2016-2198: xen: usb: ehci null pointer
dereference in ehci_caps_write
CVE-2016-2198-qemuu-usb-ehci-null-pointer-dereference-in-ehci_caps_write.patch
- bsc#964452 - VUL-0: CVE-2013-4534: xen: openpic: buffer overrun
on incoming migration
CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch�- bsc#963783 - VUL-1: CVE-2016-1981: xen: net: e1000 infinite loop
in start_xmit and e1000_receive_iov routines
CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch�- bsc#962758 - VUL-0: CVE-2013-4539: xen: tsc210x: buffer overrun
on invalid state load
CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch�- bsc#962632 - VUL-0: CVE-2015-1779: xen: vnc: insufficient
resource limiting in VNC websockets decoder
CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch
CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch
- bsc#962642 - VUL-0: CVE-2013-4537: xen: ssi-sd: buffer overrun on
invalid state load
CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch
- bsc#962627 - VUL-0: CVE-2014-7815: xen: vnc: insufficient
bits_per_pixel from the client sanitization
CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch�- bsc#962335 - VUL-0: CVE-2013-4538: xen: ssd0323: fix buffer
overun on invalid state
CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch
- bsc#962360 - VUL-0: CVE-2015-7512: xen: net: pcnet: buffer
overflow in non-loopback mode
CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch�- bsc#961692 - VUL-0: CVE-2016-1714: xen: nvram: OOB r/w access in
processing firmware configurations
CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch
CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch�- bsc#961358 - VUL-0: CVE-2015-8613: xen: qemu: scsi: stack based
buffer overflow in megasas_ctrl_get_info
CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch
- bsc#961332 - VUL-0: CVE-2016-1568: xen: Qemu: ide: ahci
use-after-free vulnerability in aio port commands
CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch�- bsc#959695 - missing docs for xen
xen.spec�- bsc#960862 - VUL-0: CVE-2016-1571: xen: VMX: intercept issue with
INVLPG on non-canonical address (XSA-168)
xsa168.patch
- bsc#960861 - VUL-0: CVE-2016-1570: xen: PV superpage
functionality missing sanity checks (XSA-167)
xsa167.patch
- bsc#960836 - VUL-0: CVE-2015-8744: xen: net: vmxnet3: incorrect
l2 header validation leads to a crash via assert(2) call
CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch�- bsc#960707 - VUL-0: CVE-2015-8745: xen: reading IMR registers
leads to a crash via assert(2) call
CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch
- bsc#960726 - VUL-0: CVE-2015-8743: xen: ne2000: OOB memory access
in ioport r/w functions
CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch�- bsc#960093 - VUL-0: CVE-2015-8615: xen: x86: unintentional
logging upon guest changing callback method (XSA-169)
5677f350-x86-make-debug-output-consistent-in-hvm_set_callback_via.patch�- Adjust xen-dom0-modules.service to run Before xenstored.service
instead of proc-xen.mount to workaround a bug in systemd "design"
(bnc#959845)�- bsc#959387 - VUL-0: CVE-2015-8568 CVE-2015-8567: xen: qemu: net:
vmxnet3: host memory leakage
CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch�- bsc#957988 - VUL-0: CVE-2015-8550: xen: paravirtualized drivers
incautious about shared memory contents (XSA-155)
xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch
xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch
xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch
xsa155-qemuu-qdisk-double-access.patch
xsa155-qemut-qdisk-double-access.patch
xsa155-qemuu-xenfb.patch
xsa155-qemut-xenfb.patch
- bsc#959006 - VUL-0: CVE-2015-8558: xen: qemu: usb: infinite loop
in ehci_advance_state results in DoS
CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch
- bsc#958918 - VUL-0: CVE-2015-7549: xen: qemu pci: null pointer
dereference issue
CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch
- bsc#958493 - VUL-0: CVE-2015-8504: xen: qemu: ui: vnc: avoid
floating point exception
CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch
CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch
- bsc#958007 - VUL-0: CVE-2015-8554: xen: qemu-dm buffer overrun in
MSI-X handling (XSA-164)
xsa164.patch
- bsc#958009 - VUL-0: CVE-2015-8555: xen: information leak in
legacy x86 FPU/XMM initialization (XSA-165)
xsa165.patch
- bsc#958523 - VUL-0: xen: ioreq handling possibly susceptible to
multiple read issue (XSA-166)
xsa166.patch�- bsc#956832 - VUL-0: CVE-2015-8345: xen: qemu: net: eepro100:
infinite loop in processing command block list
CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch
CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch
- Upstream patches from Jan
56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch
5641ceec-x86-HVM-always-intercept-AC-and-DB.patch (Replaces CVE-2015-5307-xsa156.patch)
5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch
56544a57-VMX-fix-adjust-trap-injection.patch
56546ab2-sched-fix-insert_vcpu-locking.patch�- bsc#956592 - VUL-0: xen: virtual PMU is unsupported (XSA-163)
56549f24-x86-vPMU-document-as-unsupported.patch
- bsc#956408 - VUL-0: CVE-2015-8339, CVE-2015-8340: xen:
XENMEM_exchange error handling issues (XSA-159)
xsa159.patch
- bsc#956409 - VUL-0: CVE-2015-8341: xen: libxl leak of pv kernel
and initrd on error (XSA-160)
xsa160.patch
- bsc#956411 - VUL-0: CVE-2015-7504: xen: heap buffer overflow
vulnerability in pcnet emulator (XSA-162)
xsa162-qemuu.patch
xsa162-qemut.patch
- bsc#947165 - VUL-0: CVE-2015-7311: xen: libxl fails to honour
readonly flag on disks with qemu-xen (xsa-142)
5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch
5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch�- fate#315712: XEN: Use the PVOPS kernel
Turn off building the KMPs now that we are using the pvops kernel
xen.spec�- Upstream patches from Jan
561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-it-is-zero.patch
561d20a0-x86-hide-MWAITX-from-PV-domains.patch
561e3283-x86-NUMA-fix-SRAT-table-processor-entry-parsing-and-consumption.patch
5632118e-arm-Support-hypercall_create_continuation-for-multicall.patch
56321222-arm-rate-limit-logging-from-unimplemented-PHYSDEVOP-and-HVMOP.patch
56321249-arm-handle-races-between-relinquish_memory-and-free_domheap_pages.patch
5632127b-x86-guard-against-undue-super-page-PTE-creation.patch
5632129c-free-domain-s-vcpu-array.patch (Replaces CVE-2015-7969-xsa149.patch)
563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
563212e4-xenoprof-free-domain-s-vcpu-array.patch
563212ff-x86-rate-limit-logging-in-do_xen-oprof-pmu-_op.patch
56323737-libxl-adjust-PoD-target-by-memory-fudge-too.patch
56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch
5641ceec-x86-HVM-always-intercept-AC-and-DB.patch (Replaces CVE-2015-5307-xsa156.patch)
5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch
- Dropped 55b0a2db-x86-MSI-track-guest-masking.patch�- Use upstream variants of block-iscsi and block-nbd�- Remove xenalyze.hg, its part of xen-4.6�- Update to Xen Version 4.6.0
xen-4.6.0-testing-src.tar.bz2
mini-os.tar.bz2
blktap2-no-uninit.patch
stubdom-have-iovec.patch
- Renamed
xsa149.patch to CVE-2015-7969-xsa149.patch
- Dropped patches now contained in tarball or unnecessary
xen-4.5.2-testing-src.tar.bz2
54c2553c-grant-table-use-uint16_t-consistently-for-offset-and-length.patch
54ca33bc-grant-table-refactor-grant-copy-to-reduce-duplicate-code.patch
54ca340e-grant-table-defer-releasing-pages-acquired-in-a-grant-copy.patch
54f4985f-libxl-fix-libvirtd-double-free.patch
55103616-vm-assist-prepare-for-discontiguous-used-bit-numbers.patch
551ac326-xentop-add-support-for-qdisk.patch
552d0fd2-x86-hvm-don-t-include-asm-spinlock-h.patch
552d0fe8-x86-mtrr-include-asm-atomic.h.patch
552d293b-x86-vMSI-X-honor-all-mask-requests.patch
552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch
5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch
5548e903-domctl-don-t-truncate-XEN_DOMCTL_max_mem-requests.patch
5548e95d-x86-allow-to-suppress-M2P-user-mode-exposure.patch
554c7aee-x86-provide-arch_fetch_and_add.patch
554c7b00-arm-provide-arch_fetch_and_add.patch
554cc211-libxl-add-qxl.patch 55534b0a-x86-provide-add_sized.patch
55534b25-arm-provide-add_sized.patch
5555a4f8-use-ticket-locks-for-spin-locks.patch
5555a5b9-x86-arm-remove-asm-spinlock-h.patch
5555a8ec-introduce-non-contiguous-allocation.patch
556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch
5576f143-x86-adjust-PV-I-O-emulation-functions-types.patch
55795a52-x86-vMSI-X-support-qword-MMIO-access.patch
557eb55f-gnttab-per-active-entry-locking.patch
557eb5b6-gnttab-introduce-maptrack-lock.patch
557eb620-gnttab-make-the-grant-table-lock-a-read-write-lock.patch
557ffab8-evtchn-factor-out-freeing-an-event-channel.patch
5582bf43-evtchn-simplify-port_is_valid.patch
5582bf81-evtchn-remove-the-locking-when-unmasking-an-event-channel.patch
5583d9c5-x86-MSI-X-cleanup.patch
5583da09-x86-MSI-track-host-and-guest-masking-separately.patch
5583da64-gnttab-use-per-VCPU-maptrack-free-lists.patch
5583da8c-gnttab-steal-maptrack-entries-from-other-VCPUs.patch
5587d711-evtchn-clear-xen_consumer-when-clearing-state.patch
5587d779-evtchn-defer-freeing-struct-evtchn-s-until-evtchn_destroy_final.patch
5587d7b7-evtchn-use-a-per-event-channel-lock-for-sending-events.patch
5587d7e2-evtchn-pad-struct-evtchn-to-64-bytes.patch
55b0a218-x86-PCI-CFG-write-intercept.patch
55b0a255-x86-MSI-X-maskall.patch 55b0a283-x86-MSI-X-teardown.patch
55b0a2ab-x86-MSI-X-enable.patch blktapctrl-close-fifos.patch
blktapctrl-default-to-ioemu.patch blktapctrl-disable-debug-printf.patch
blktap-no-uninit.patch blktap-pv-cdrom.patch build-tapdisk-ioemu.patch
ioemu-bdrv-open-CACHE_WB.patch ioemu-blktap-barriers.patch
ioemu-blktap-fv-init.patch ioemu-blktap-image-format.patch
ioemu-blktap-zero-size.patch libxl.set-migration-constraints-from-cmdline.patch
local_attach_support_for_phy.patch pci-attach-fix.patch
qemu-xen-upstream-megasas-buildtime.patch tapdisk-ioemu-logfile.patch
tapdisk-ioemu-shutdown-fix.patch udev-rules.patch xen.build-compare.ipxe.patch
xen.build-compare.mini-os.patch xen.build-compare.smbiosdate.patch
xen.build-compare.vgabios.patch xen.build-compare.xen_compile_h.patch
xl-coredump-file-location.patch�- bsc#954405 - VUL-0: CVE-2015-8104: Xen: guest to host DoS by
triggering an infinite loop in microcode via #DB exception
- bsc#954018 - VUL-0: CVE-2015-5307: xen: x86: CPU lockup during
fault delivery (XSA-156)
CVE-2015-5307-xsa156.patch�- Update to Xen 4.5.2
xen-4.5.2-testing-src.tar.bz2
- Drop the following
xen-4.5.1-testing-src.tar.bz2
552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch
5576f178-kexec-add-more-pages-to-v1-environment.patch
55780be1-x86-EFI-adjust-EFI_MEMORY_WP-handling-for-spec-version-2.5.patch
558bfaa0-x86-traps-avoid-using-current-too-early.patch
5592a116-nested-EPT-fix-the-handling-of-nested-EPT.patch
559b9dd6-x86-p2m-ept-don-t-unmap-in-use-EPT-pagetable.patch
559bc633-x86-cpupool-clear-proper-cpu_valid-bit-on-CPU-teardown.patch
559bc64e-credit1-properly-deal-with-CPUs-not-in-any-pool.patch
559bc87f-x86-hvmloader-avoid-data-corruption-with-xenstore-rw.patch
559bdde5-pull-in-latest-linux-earlycpio.patch
55a62eb0-xl-correct-handling-of-extra_config-in-main_cpupoolcreate.patch
55a66a1e-make-rangeset_report_ranges-report-all-ranges.patch
55a77e4f-dmar-device-scope-mem-leak-fix.patch
55c1d83d-x86-gdt-Drop-write-only-xalloc-d-array.patch
55c3232b-x86-mm-Make-hap-shadow-teardown-preemptible.patch
55dc78e9-x86-amd_ucode-skip-updates-for-final-levels.patch
55df2f76-IOMMU-skip-domains-without-page-tables-when-dumping.patch
55e43fd8-x86-NUMA-fix-setup_node.patch
55e43ff8-x86-NUMA-don-t-account-hotplug-regions.patch
55e593f1-x86-NUMA-make-init_node_heap-respect-Xen-heap-limit.patch
55f2e438-x86-hvm-fix-saved-pmtimer-and-hpet-values.patch
55f9345b-x86-MSI-fail-if-no-hardware-support.patch
5604f2e6-vt-d-fix-IM-bit-mask-and-unmask-of-FECTL_REG.patch
560a4af9-x86-EPT-tighten-conditions-of-IOMMU-mapping-updates.patch
560a7c36-x86-p2m-pt-delay-freeing-of-intermediate-page-tables.patch
560a7c53-x86-p2m-pt-ignore-pt-share-flag-for-shadow-mode-guests.patch
560bd926-credit1-fix-tickling-when-it-happens-from-a-remote-pCPU.patch
560e6d34-x86-p2m-pt-tighten-conditions-of-IOMMU-mapping-updates.patch
561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-0.patch
561d20a0-x86-hide-MWAITX-from-PV-domains.patch
561e3283-x86-NUMA-fix-SRAT-table-processor-entry-handling.patch
563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
CVE-2015-4106-xsa131-9.patch CVE-2015-3259-xsa137.patch
CVE-2015-7311-xsa142.patch CVE-2015-7835-xsa148.patch
xsa139-qemuu.patch xsa140-qemuu-1.patch xsa140-qemuu-2.patch
xsa140-qemuu-3.patch xsa140-qemuu-4.patch xsa140-qemuu-5.patch
xsa140-qemuu-6.patch xsa140-qemuu-7.patch xsa140-qemut-1.patch
xsa140-qemut-2.patch xsa140-qemut-3.patch xsa140-qemut-4.patch
xsa140-qemut-5.patch xsa140-qemut-6.patch xsa140-qemut-7.patch
xsa151.patch xsa152.patch xsa153-libxl.patch
CVE-2015-5154-qemuu-check-array-bounds-before-writing-to-io_buffer.patch
CVE-2015-5154-qemuu-fix-START-STOP-UNIT-command-completion.patch
CVE-2015-5154-qemuu-clear-DRQ-after-handling-all-expected-accesses.patch
CVE-2015-5154-qemut-check-array-bounds-before-writing-to-io_buffer.patch
CVE-2015-5154-qemut-clear-DRQ-after-handling-all-expected-accesses.patch
CVE-2015-6815-qemuu-e1000-fix-infinite-loop.patch
CVE-2015-5239-qemuu-limit-client_cut_text-msg-payload-size.patch
CVE-2015-5239-qemut-limit-client_cut_text-msg-payload-size.patch"�- bsc#950704 - CVE-2015-7970 VUL-1: xen: x86: Long latency
populate-on-demand operation is not preemptible (XSA-150)
563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch�- Upstream patches from Jan
5604f239-x86-PV-properly-populate-descriptor-tables.patch
561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-0.patch
561d2046-VT-d-use-proper-error-codes-in-iommu_enable_x2apic_IR.patch
561d20a0-x86-hide-MWAITX-from-PV-domains.patch
561e3283-x86-NUMA-fix-SRAT-table-processor-entry-handling.patch�- bsc#951845 - VUL-0: CVE-2015-7972: xen: x86: populate-on-demand
balloon size inaccuracy can crash guests (XSA-153)
xsa153-libxl.patch�- bsc#950703 - VUL-1: CVE-2015-7969: xen: leak of main per-domain
vcpu pointer array (DoS) (XSA-149)
xsa149.patch
- bsc#950705 - VUL-1: CVE-2015-7969: xen: x86: leak of per-domain
profiling-related vcpu pointer array (DoS) (XSA-151)
xsa151.patch
- bsc#950706 - VUL-0: CVE-2015-7971: xen: x86: some pmu and
profiling hypercalls log without rate limiting (XSA-152)
xsa152.patch
- Dropped
55dc7937-x86-IO-APIC-don-t-create-pIRQ-mapping-from-masked-RTE.patch
5604f239-x86-PV-properly-populate-descriptor-tables.patch�- bsc#932267 - VUL-1: CVE-2015-4037: qemu,kvm,xen: insecure
temporary file use in /net/slirp.c
CVE-2015-4037-qemuu-smb-config-dir-name.patch
CVE-2015-4037-qemut-smb-config-dir-name.patch
- bsc#877642 - VUL-0: CVE-2014-0222: qemu: qcow1: validate L2 table
size to avoid integer overflows
CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch
CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch�- bsc#950367 - VUL-0: CVE-2015-7835: xen: x86: Uncontrolled
creation of large page mappings by PV guests (XSA-148)
CVE-2015-7835-xsa148.patch�- bsc#949138 - Setting vcpu affinity under Xen causes libvirtd
abort
54f4985f-libxl-fix-libvirtd-double-free.patch�- bsc#949046 - Increase %suse_version in SP1 to 1316
xen.spec
- Update README.SUSE detailing dom0 ballooning recommendations�- bsc#945167 - Running command ’ xl pci-assignable-add 03:10.1’
secondly show errors
55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch
- Upstream patches from Jan
55f2e438-x86-hvm-fix-saved-pmtimer-and-hpet-values.patch
55f9345b-x86-MSI-fail-if-no-hardware-support.patch
5604f239-x86-PV-properly-populate-descriptor-tables.patch
5604f2e6-vt-d-fix-IM-bit-mask-and-unmask-of-FECTL_REG.patch
560a4af9-x86-EPT-tighten-conditions-of-IOMMU-mapping-updates.patch
560a7c36-x86-p2m-pt-delay-freeing-of-intermediate-page-tables.patch
560a7c53-x86-p2m-pt-ignore-pt-share-flag-for-shadow-mode-guests.patch
560bd926-credit1-fix-tickling-when-it-happens-from-a-remote-pCPU.patch
560e6d34-x86-p2m-pt-tighten-conditions-of-IOMMU-mapping-updates.patch�- bsc#941074 - VmError: Device 51728 (vbd) could not be connected.
Hotplug scripts not working.
hotplug-Linux-block-performance-fix.patch�- bsc#947165 - VUL-0: CVE-2015-7311: xen: libxl fails to honour
readonly flag on disks with qemu-xen (xsa-142)
CVE-2015-7311-xsa142.patch�- bsc#945165 - Xl pci-attach show error with kernel of SLES 12 sp1
pci-attach-fix.patch�- bsc#945164 - Xl destroy show error with kernel of SLES 12 sp1
5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch�- Upstream patches from Jan
55dc78e9-x86-amd_ucode-skip-updates-for-final-levels.patch
55dc7937-x86-IO-APIC-don-t-create-pIRQ-mapping-from-masked-RTE.patch
55df2f76-IOMMU-skip-domains-without-page-tables-when-dumping.patch
55e43fd8-x86-NUMA-fix-setup_node.patch
55e43ff8-x86-NUMA-don-t-account-hotplug-regions.patch
55e593f1-x86-NUMA-make-init_node_heap-respect-Xen-heap-limit.patch
54c2553c-grant-table-use-uint16_t-consistently-for-offset-and-length.patch
54ca33bc-grant-table-refactor-grant-copy-to-reduce-duplicate-code.patch
54ca340e-grant-table-defer-releasing-pages-acquired-in-a-grant-copy.patch�- bsc#944463 - VUL-0: CVE-2015-5239: qemu-kvm: Integer overflow in
vnc_client_read() and protocol_client_msg()
CVE-2015-5239-qemuu-limit-client_cut_text-msg-payload-size.patch
CVE-2015-5239-qemut-limit-client_cut_text-msg-payload-size.patch
- bsc#944697 - VUL-1: CVE-2015-6815: qemu: net: e1000: infinite
loop issue
CVE-2015-6815-qemuu-e1000-fix-infinite-loop.patch
CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch�- bnc#935634 - VUL-0: CVE-2015-3259: xen: XSA-137: xl command line
config handling stack overflow
55a62eb0-xl-correct-handling-of-extra_config-in-main_cpupoolcreate.patch�- bsc#907514 - Bus fatal error & sles12 sudden reboot has been
observed
- bsc#910258 - SLES12 Xen host crashes with FATAL NMI after
shutdown of guest with VT-d NIC
- bsc#918984 - Bus fatal error & sles11-SP4 sudden reboot has been
observed
- bsc#923967 - Partner-L3: Bus fatal error & sles11-SP3 sudden
reboot has been observed
552d293b-x86-vMSI-X-honor-all-mask-requests.patch
552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch
5576f143-x86-adjust-PV-I-O-emulation-functions-types.patch
55795a52-x86-vMSI-X-support-qword-MMIO-access.patch
5583d9c5-x86-MSI-X-cleanup.patch
5583da09-x86-MSI-track-host-and-guest-masking-separately.patch
55b0a218-x86-PCI-CFG-write-intercept.patch
55b0a255-x86-MSI-X-maskall.patch
55b0a283-x86-MSI-X-teardown.patch
55b0a2ab-x86-MSI-X-enable.patch
55b0a2db-x86-MSI-track-guest-masking.patch
- Upstream patches from Jan
552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch
559bc633-x86-cpupool-clear-proper-cpu_valid-bit-on-CPU-teardown.patch
559bc64e-credit1-properly-deal-with-CPUs-not-in-any-pool.patch
559bc87f-x86-hvmloader-avoid-data-corruption-with-xenstore-rw.patch
55a66a1e-make-rangeset_report_ranges-report-all-ranges.patch
55a77e4f-dmar-device-scope-mem-leak-fix.patch
55c1d83d-x86-gdt-Drop-write-only-xalloc-d-array.patch
55c3232b-x86-mm-Make-hap-shadow-teardown-preemptible.patch
- Dropped for upstream version
x86-MSI-mask.patch
x86-MSI-pv-unmask.patch
x86-MSI-X-enable.patch
x86-MSI-X-maskall.patch
x86-MSI-X-teardown.patch
x86-pci_cfg_okay.patch
x86-PCI-CFG-write-intercept.patch�- bsc#939712 - VUL-0: XSA-140: QEMU leak of uninitialized heap
memory in rtl8139 device model
xsa140-qemuu-1.patch
xsa140-qemuu-2.patch
xsa140-qemuu-3.patch
xsa140-qemuu-4.patch
xsa140-qemuu-5.patch
xsa140-qemuu-6.patch
xsa140-qemuu-7.patch
xsa140-qemut-1.patch
xsa140-qemut-2.patch
xsa140-qemut-3.patch
xsa140-qemut-4.patch
xsa140-qemut-5.patch
xsa140-qemut-6.patch
xsa140-qemut-7.patch
- bsc#939709 - VUL-0: XSA-139: xen: Use after free in QEMU/Xen
block unplug protocol
xsa139-qemuu.patch�- bsc#937371 - xen vm's running after reboot
xendomains-libvirtd-conflict.patch�- bsc#938344 - VUL-0: CVE-2015-5154: qemu,kvm,xen: host code
execution via IDE subsystem CD-ROM
CVE-2015-5154-qemuu-check-array-bounds-before-writing-to-io_buffer.patch
CVE-2015-5154-qemut-check-array-bounds-before-writing-to-io_buffer.patch
CVE-2015-5154-qemuu-fix-START-STOP-UNIT-command-completion.patch
CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch
CVE-2015-5154-qemuu-clear-DRQ-after-handling-all-expected-accesses.patch
CVE-2015-5154-qemut-clear-DRQ-after-handling-all-expected-accesses.patch�- Remove xendomains.service from systemd preset file because it
conflicts with libvirt-guests.service (bnc#937371)
Its up to the admin to run systemctl enable xendomains.service�- bnc#935634 - VUL-0: CVE-2015-3259: xen: XSA-137: xl command line
config handling stack overflow
CVE-2015-3259-xsa137.patch
- Upstream patches from Jan
558bfaa0-x86-traps-avoid-using-current-too-early.patch
5592a116-nested-EPT-fix-the-handling-of-nested-EPT.patch
559b9dd6-x86-p2m-ept-don-t-unmap-in-use-EPT-pagetable.patch
559bdde5-pull-in-latest-linux-earlycpio.patch
- Upstream patches from Jan pending review
552d0fd2-x86-hvm-don-t-include-asm-spinlock-h.patch
552d0fe8-x86-mtrr-include-asm-atomic.h.patch
552d293b-x86-vMSI-X-honor-all-mask-requests.patch
552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch
554c7aee-x86-provide-arch_fetch_and_add.patch
554c7b00-arm-provide-arch_fetch_and_add.patch
55534b0a-x86-provide-add_sized.patch
55534b25-arm-provide-add_sized.patch
5555a4f8-use-ticket-locks-for-spin-locks.patch
5555a5b9-x86-arm-remove-asm-spinlock-h.patch
5555a8ec-introduce-non-contiguous-allocation.patch
55795a52-x86-vMSI-X-support-qword-MMIO-access.patch
557eb55f-gnttab-per-active-entry-locking.patch
557eb5b6-gnttab-introduce-maptrack-lock.patch
557eb620-gnttab-make-the-grant-table-lock-a-read-write-lock.patch
557ffab8-evtchn-factor-out-freeing-an-event-channel.patch
5582bf43-evtchn-simplify-port_is_valid.patch
5582bf81-evtchn-remove-the-locking-when-unmasking-an-event-channel.patch
5583d9c5-x86-MSI-X-cleanup.patch
5583da09-x86-MSI-track-host-and-guest-masking-separately.patch
5583da64-gnttab-use-per-VCPU-maptrack-free-lists.patch
5583da8c-gnttab-steal-maptrack-entries-from-other-VCPUs.patch
5587d711-evtchn-clear-xen_consumer-when-clearing-state.patch
5587d779-evtchn-defer-freeing-struct-evtchn-s-until-evtchn_destroy_final.patch
5587d7b7-evtchn-use-a-per-event-channel-lock-for-sending-events.patch
5587d7e2-evtchn-pad-struct-evtchn-to-64-bytes.patch
x86-MSI-pv-unmask.patch
x86-pci_cfg_okay.patch
x86-PCI-CFG-write-intercept.patch
x86-MSI-X-maskall.patch
x86-MSI-X-teardown.patch
x86-MSI-X-enable.patch
x86-MSI-mask.patch�- Adjust more places to use br0 instead of xenbr0�- bnc#936516 - xen fails to build with kernel update(4.1.0 from
stable)
556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch�- Update to Xen Version 4.5.1 FCS (fate#315675)
xen-4.5.1-testing-src.tar.bz2
- Dropped patches now contained in tarball
556c2cf2-x86-don-t-crash-mapping-a-page-using-EFI-rt-page-tables.patch
556d9718-efi-fix-allocation-problems-if-ExitBootServices-fails.patch
556eabf7-x86-apic-Disable-the-LAPIC-later-in-smp_send_stop.patch
556eac15-x86-crash-don-t-use-set_fixmap-in-the-crash-path.patch
55780aaa-efi-avoid-calling-boot-services-after-ExitBootServices.patch
55780aff-x86-EFI-fix-EFI_MEMORY_WP-handling.patch
55780b43-EFI-early-add-mapbs-to-map-EfiBootServices-Code-Data.patch
55780b97-EFI-support-default-attributes-to-map-Runtime-service-areas.patch
5513b458-allow-reboot-overrides-when-running-under-EFI.patch
5513b4d1-dont-apply-reboot-quirks-if-reboot-set-by-user.patch
5576f178-kexec-add-more-pages-to-v1-environment.patch
5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch
CVE-2015-3456-xsa133-qemuu.patch
CVE-2015-3456-xsa133-qemut.patch
qemu-MSI-X-enable-maskall.patch
qemu-MSI-X-latch-writes.patch
x86-MSI-X-guest-mask.patch�- Replace 5124efbe-add-qxl-support.patch with the variant that
finally made it upstream, 554cc211-libxl-add-qxl.patch�- bsc#931627 - VUL-0: CVE-2015-4105: XSA-130: xen: Guest triggerable
qemu MSI-X pass-through error messages
qemu-MSI-X-latch-writes.patch
- bsc#907514 - Bus fatal error & sles12 sudden reboot has been observed
- bsc#910258 - SLES12 Xen host crashes with FATAL NMI after shutdown
of guest with VT-d NIC
- bsc#918984 - Bus fatal error & sles11-SP4 sudden reboot has been
observed
- bsc#923967 - Partner-L3: Bus fatal error & sles11-SP3 sudden reboot
has been observed
x86-MSI-X-teardown.patch
x86-MSI-X-enable.patch
x86-MSI-X-guest-mask.patch
x86-MSI-X-maskall.patch
qemu-MSI-X-enable-maskall.patch
- Upstream patches from Jan
55780aaa-efi-avoid-calling-boot-services-after-ExitBootServices.patch
55780aff-x86-EFI-fix-EFI_MEMORY_WP-handling.patch
55780b43-EFI-early-add-mapbs-to-map-EfiBootServices-Code-Data.patch
55780b97-EFI-support-default-attributes-to-map-Runtime-service-areas.patch
55780be1-x86-EFI-adjust-EFI_MEMORY_WP-handling-for-spec-version-2.5.patch
55103616-vm-assist-prepare-for-discontiguous-used-bit-numbers.patch
5548e95d-x86-allow-to-suppress-M2P-user-mode-exposure.patch
- Dropped the following patches now contained in the tarball
xen-no-array-bounds.patch CVE-2015-4103-xsa128.patch
CVE-2015-4104-xsa129.patch CVE-2015-4105-xsa130.patch
CVE-2015-4106-xsa131-1.patch CVE-2015-4106-xsa131-2.patch
CVE-2015-4106-xsa131-3.patch CVE-2015-4106-xsa131-4.patch
CVE-2015-4106-xsa131-5.patch CVE-2015-4106-xsa131-6.patch
CVE-2015-4106-xsa131-7.patch CVE-2015-4106-xsa131-8.patch�- Update to Xen 4.5.1 RC2
- bsc#931628 - VUL-0: CVE-2015-4106: XSA-131: xen: Unmediated PCI
register access in qemu
CVE-2015-4106-xsa131-1.patch
CVE-2015-4106-xsa131-2.patch
CVE-2015-4106-xsa131-3.patch
CVE-2015-4106-xsa131-4.patch
CVE-2015-4106-xsa131-5.patch
CVE-2015-4106-xsa131-6.patch
CVE-2015-4106-xsa131-7.patch
CVE-2015-4106-xsa131-8.patch
CVE-2015-4106-xsa131-9.patch
- bsc#931627 - VUL-0: CVE-2015-4105: XSA-130: xen: Guest triggerable
qemu MSI-X pass-through error messages
CVE-2015-4105-xsa130.patch
- bsc#931626 - VUL-0: CVE-2015-4104: XSA-129: xen: PCI MSI mask
bits inadvertently exposed to guests
CVE-2015-4104-xsa129.patch
- bsc#931625 - VUL-0: CVE-2015-4103: XSA-128: xen: Potential
unintended writes to host MSI message data field via qemu
CVE-2015-4103-xsa128.patch
- Upstream patches from Jan
5548e903-domctl-don-t-truncate-XEN_DOMCTL_max_mem-requests.patch
556c2cf2-x86-don-t-crash-mapping-a-page-using-EFI-rt-page-tables.patch
556d9718-efi-fix-allocation-problems-if-ExitBootServices-fails.patch
556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch
556eabf7-x86-apic-Disable-the-LAPIC-later-in-smp_send_stop.patch
556eac15-x86-crash-don-t-use-set_fixmap-in-the-crash-path.patch�- Add DefaultDependencies=no to xen-dom0-modules.service because
it has to run before proc-xen.mount�- Update to Xen 4.5.1 RC1�- Update blktap-no-uninit.patch to work with gcc-4.5�- bsc#927967 - VUL-0: CVE-2015-3340: xen: Information leak through
XEN_DOMCTL_gettscinfo (XSA-132)
5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch�- bnc#929339 - VUL-0: CVE-2015-3456: qemu kvm xen: VENOM qemu
floppy driver host code execution
CVE-2015-3456-xsa133-qemuu.patch
CVE-2015-3456-xsa133-qemut.patch�- bsc#928783 - Reboot failure; Request backport of upstream Xen
patch to 4.5.0, or update pkgs to 4.5.1
5513b458-allow-reboot-overrides-when-running-under-EFI.patch
5513b4d1-dont-apply-reboot-quirks-if-reboot-set-by-user.patch�- bnc#927750 - Avoid errors reported by system-modules-load.service�- Add xen-no-array-bounds.patch and blktap-no-uninit.patch to selectively
turn errors back to warnings to fix build with GCC 5.
- Amend xen.stubdom.newlib.patch to pull in declaration of strcmp to
avoid implicit-fortify-decl rpmlint error.
- Fix quoting of __SMBIOS_DATE__ in xen.build-compare.smbiosdate.patch.�- xentop: Fix memory leak on read failure
551ac326-xentop-add-support-for-qdisk.patch�- Dropped xentop-add-support-for-qdisk.patch in favor of upstream
version
551ac326-xentop-add-support-for-qdisk.patch�- Enable spice support in qemu for x86_64
5124efbe-add-qxl-support.patch
qemu-xen-enable-spice-support.patch�- Add xen-c99-fix.patch to remove pointless inline specifier on
function declarations which break build with a C99 compiler which
GCC 5 is by default. (bsc#921994)
- Add ipxe-no-error-logical-not-parentheses.patch to supply
- Wno-logical-not-parentheses to the ipxe build to fix
breakage with GCC 5. (bsc#921994)�- bnc#921842 - Xentop doesn't display disk statistics for VMs using
qdisks
xentop-add-support-for-qdisk.patch�- Disable the PIE enablement done for Factory, as the XEN code
is not buildable with PIE and it does not make much sense
to build the hypervisor code with it.�- bnc#918169 - XEN fixes required to work with Kernel 3.19.0
xen.spec�- Package xen.changes because its referenced in xen.spec�- Update seabios to rel-1.7.5 which is the correct version for
Xen 4.5�- Update to Xen 4.5.0 FCS�- Include systemd presets in 13.2 and older�- bnc#897352 - Enable xencommons/xendomains only during fresh install
- disable restart on upgrade because the toolstack is not restartable�- adjust seabios, vgabios, stubdom and hvmloader build to reduce
build-compare noise
xen.build-compare.mini-os.patch
xen.build-compare.smbiosdate.patch
xen.build-compare.ipxe.patch
xen.build-compare.vgabios.patch
xen.build-compare.seabios.patch
xen.build-compare.man.patch�- Update to Xen 4.5.0 RC4�- Remove xend specific if-up scripts
Recording bridge slaves is a generic task which should be handled
by generic network code�- Use systemd features from upstream
requires updated systemd-presets-branding package�- Update to Xen 4.5.0 RC3�- Set GIT, WGET and FTP to /bin/false�- Use new configure features instead of make variables
xen.stubdom.newlib.patch�- adjust docs and xen build to reduce build-compare noise
xen.build-compare.doc_html.patch
xen.build-compare.xen_compile_h.patch�- Drop trailing B_CNT from XEN_EXTRAVERSION to reduce build-compare noise�- Update to Xen 4.5.0 RC2�- Update to Xen 4.5.0 RC1
xen-4.5.0-testing-src.tar.bz2
- Remove all patches now contained in the new tarball
xen-4.4.1-testing-src.tar.bz2
5315a3bb-x86-don-t-propagate-acpi_skip_timer_override-do-Dom0.patch
5315a43a-x86-ACPI-also-print-address-space-for-PM1x-fields.patch
53299d8f-xenconsole-reset-tty-on-failure.patch
53299d8f-xenconsole-tolerate-tty-errors.patch
5346a7a0-x86-AMD-support-further-feature-masking-MSRs.patch
53563ea4-x86-MSI-drop-workaround-for-insecure-Dom0-kernels.patch
537c9c77-libxc-check-return-values-on-mmap-and-madvise.patch
537cd0b0-hvmloader-also-cover-PCI-MMIO-ranges-above-4G-with-UC-MTRR-ranges.patch
537cd0cc-hvmloader-PA-range-0xfc000000-0xffffffff-should-be-UC.patch
539ebe62-x86-EFI-improve-boot-time-diagnostics.patch
53aac342-x86-HVM-consolidate-and-sanitize-CR4-guest-reserved-bit-determination.patch
53c9151b-Fix-xl-vncviewer-accesses-port-0-by-any-invalid-domid.patch
53d124e7-fix-list_domain_details-check-config-data-length-0.patch
53dba447-x86-ACPI-allow-CMOS-RTC-use-even-when-ACPI-says-there-is-none.patch
53df727b-x86-HVM-extend-LAPIC-shortcuts-around-P2M-lookups.patch
53e8be5f-x86-vHPET-use-rwlock-instead-of-simple-one.patch
53f737b1-VMX-fix-DebugCtl-MSR-clearing.patch
53f7386d-x86-irq-process-softirqs-in-irq-keyhandlers.patch
53fcebab-xen-pass-kernel-initrd-to-qemu.patch
53ff3659-x86-consolidate-boolean-inputs-in-hvm-and-p2m.patch
53ff36ae-x86-hvm-treat-non-insn-fetch-NPF-also-as-read-violations.patch
53ff36d5-x86-mem_event-deliver-gla-fault-EPT-violation-information.patch
53ff3716-x86-ats-Disable-Address-Translation-Services-by-default.patch
53ff3899-x86-NMI-allow-processing-unknown-NMIs-with-watchdog.patch
54005472-EPT-utilize-GLA-GPA-translation-known-for-certain-faults.patch
540effe6-evtchn-check-control-block-exists-when-using-FIFO-based-events.patch
540f2624-x86-idle-add-barriers-to-CLFLUSH-workaround.patch
541825dc-VMX-don-t-leave-x2APIC-MSR-intercepts-disabled.patch
541ad385-x86-suppress-event-check-IPI-to-MWAITing-CPUs.patch
541ad3ca-x86-HVM-batch-vCPU-wakeups.patch
541ad81a-VT-d-suppress-UR-signaling-for-further-desktop-chipsets.patch
54216833-x86-shadow-fix-race-when-sampling-dirty-vram-state.patch
54216882-x86-emulate-check-cpl-for-all-privileged-instructions.patch
542168ae-x86emul-only-emulate-swint-injection-for-real-mode.patch
54228a37-x86-EFI-fix-freeing-of-uninitialized-pointer.patch
5423e61c-x86emul-fix-SYSCALL-SYSENTER-SYSEXIT-emulation.patch
5424057f-x86-HVM-fix-miscellaneous-aspects-of-x2APIC-emulation.patch
542405b4-x86-HVM-fix-ID-handling-of-x2APIC-emulation.patch
542bf997-x86-HVM-properly-bound-x2APIC-MSR-range.patch
54325cc0-x86-MSI-fix-MSI-X-case-of-freeing-IRQ.patch
54325d2f-x86-restore-reserving-of-IO-APIC-pages-in-XENMEM_machine_memory_map-output.patch
54325d95-don-t-allow-Dom0-access-to-IOMMUs-MMIO-pages.patch
54325ecc-AMD-guest_iommu-properly-disable-guest-iommu-support.patch
54325f3c-x86-paging-make-log-dirty-operations-preemptible.patch
54379e6d-x86-vlapic-don-t-silently-accept-bad-vectors.patch
CVE-2013-4540-qemu.patch qemu-support-xen-hvm-direct-kernel-boot.patch
qemu-xen-upstream-blkif-discard.patch change-vnc-passwd.patch
libxc-pass-errno-to-callers-of-xc_domain_save.patch
libxl.honor-more-top-level-vfb-options.patch
libxl.add-option-for-discard-support-to-xl-disk-conf.patch
libxl.introduce-an-option-to-disable-the-non-O_DIRECT-workaround.patch
x86-dom-print.patch x86-extra-trap-info.patch tmp_build.patch
xl-check-for-libvirt-managed-domain.patch disable-wget-check.patch
- Xend/xm is no longer supported and is not part of the upstream code. Remove
all xend/xm specific patches, configs, and scripts
xen-xmexample.patch bridge-opensuse.patch xmexample.disks xmclone.sh
init.xend xend-relocation.sh xend.service xend-relocation-server.fw
domUloader.py xmexample.domUloader xmexample.disks
bridge-vlan.patch bridge-bonding.patch bridge-record-creation.patch
network-nat-open-SuSEfirewall2-FORWARD.patch
xend-set-migration-constraints-from-cmdline.patch
xen.migrate.tools-xend_move_assert_to_exception_block.patch
xend-pvscsi-recognize-also-SCSI-CDROM-devices.patch
xend-config.patch xend-max-free-mem.patch xend-hvm-default-pae.patch
xend-vif-route-ifup.patch xend-xenapi-console-protocol.patch xend-core-dump-loc.patch
xend-xen-api-auth.patch xend-checkpoint-rename.patch xend-xm-save-check-file.patch
xend-xm-create-xflag.patch xend-domu-usb-controller.patch xend-devid-or-name.patch
xend-migration-domname-fix.patch xend-del_usb_xend_entry.patch xend-xen-domUloader.patch
xend-multi-xvdp.patch xend-check_device_status.patch xend-change_home_server.patch
xend-minimum-restart-time.patch xend-disable-internal-logrotate.patch xend-config-enable-dump-comment.patch
xend-tools-watchdog-support.patch xend-console-port-restore.patch xend-vcpu-affinity-fix.patch
xend-migration-bridge-check.patch xend-managed-pci-device.patch xend-hvm-firmware-passthrough.patch
xend-cpuinfo-model-name.patch xend-xm-reboot-fix.patch xend-domain-lock.patch
xend-domain-lock-sfex.patch xend-32on64-extra-mem.patch xend-hv_extid_compatibility.patch
xend-xenpaging.autostart.patch xend-remove-xm-deprecation-warning.patch libxen_permissive.patch
tmp-initscript-modprobe.patch init.xendomains xendomains.service
xen-watchdog.service xen-updown.sh�- bnc#901317 - L3: increase limit domUloader to 32MB
domUloader.py�- bnc#898772 - SLES 12 RC3 - XEN Host crashes when assigning non-VF
device (SR-IOV) to guest
54325cc0-x86-MSI-fix-MSI-X-case-of-freeing-IRQ.patch
- bnc#882089 - Windows 2012 R2 fails to boot up with greater than
60 vcpus
54325ecc-AMD-guest_iommu-properly-disable-guest-iommu-support.patch
- bnc#826717 - VUL-0: CVE-2013-3495: XSA-59: xen: Intel VT-d
Interrupt Remapping engines can be evaded by native NMI interrupts
541ad81a-VT-d-suppress-UR-signaling-for-further-desktop-chipsets.patch
- Upstream patches from Jan
540effe6-evtchn-check-control-block-exists-when-using-FIFO-based-events.patch (Replaces xsa107.patch)
54216833-x86-shadow-fix-race-when-sampling-dirty-vram-state.patch (Replaces xsa104.patch)
54216882-x86-emulate-check-cpl-for-all-privileged-instructions.patch (Replaces xsa105.patch)
542168ae-x86emul-only-emulate-swint-injection-for-real-mode.patch (Replaces xsa106.patch)
54228a37-x86-EFI-fix-freeing-of-uninitialized-pointer.patch
5423e61c-x86emul-fix-SYSCALL-SYSENTER-SYSEXIT-emulation.patch
5424057f-x86-HVM-fix-miscellaneous-aspects-of-x2APIC-emulation.patch
542405b4-x86-HVM-fix-ID-handling-of-x2APIC-emulation.patch
542bf997-x86-HVM-properly-bound-x2APIC-MSR-range.patch (Replaces xsa108.patch)
54325d2f-x86-restore-reserving-of-IO-APIC-pages-in-XENMEM_machine_memory_map-output.patch
54325d95-don-t-allow-Dom0-access-to-IOMMUs-MMIO-pages.patch
54325f3c-x86-paging-make-log-dirty-operations-preemptible.patch (Replaces xsa97.patch)
54379e6d-x86-vlapic-don-t-silently-accept-bad-vectors.patch�������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������� ���
�����������
��������������������������������������������������������������������������� ���!���"���#���$���%���&���'���(���)���*���+���,���-���.���/���0���1���2���3���4���5���6���7���8���9���:���;���<���=���>���?���@���A���B���C���D���E���F���G���H���3���A���K���D���M����������������������������������������������������������������������������������������4.12.2_04-lp151.2.15.1�4.12.2_04-lp151.2.15.1������������������������������������������������������������������������������������������������������������������������������������������������������ ��� ��� ���
���
���
���
���
��� ��� ��� ��� ��������������������������������������������������������������������������������������������������������������������xen�html�hypercall�arm�index.html�index.html�x86_32�index.html�x86_64�index.html�index.html�man�index.html�xen-pci-device-reservations.7.html�xen-pv-channel.7.html�xen-tscmode.7.html�xen-vtpm.7.html�xen-vtpmmgr.7.html�xenstore-chmod.1.html�xenstore-ls.1.html�xenstore-read.1.html�xenstore-write.1.html�xenstore.1.html�xentop.1.html�xentrace.8.html�xentrace_format.1.html�xl-disk-configuration.5.html�xl-network-configuration.5.html�xl-numa-placement.7.html�xl.1.html�xl.cfg.5.html�xl.conf.5.html�xlcpupool.cfg.5.html�misc�amd-ucode-container.txt�arm�big.LITTLE.txt�booting.txt�device-tree�acpi.txt�booting.txt�guest.txt�index.html�passthrough.txt�early-printk.txt�index.html�passthrough.txt�silicon-errata.txt�block-scripts.txt�console.txt�crashdb.txt�distro_mapping.txt�dump-core-format.txt�grant-tables.txt�index.html�kconfig-language.txt�kconfig.txt�kexec_and_kdump.txt�libxl_memory.txt�printk-formats.txt�qemu-backends.txt�stubdom.txt�vtd-pi.txt�vtd.txt�vtpm-platforms.txt�xen-error-handling.txt�xenmon.txt�xenpaging.txt�xenstore-ring.txt�xenstore.txt�xsm-flask.txt�misc�crashdb.txt�vtpm-platforms.txt�xen-command-line.pandoc�xenpaging.txt�xenstore-paths.pandoc�/usr/share/doc/packages/�/usr/share/doc/packages/xen/�/usr/share/doc/packages/xen/html/�/usr/share/doc/packages/xen/html/hypercall/�/usr/share/doc/packages/xen/html/hypercall/arm/�/usr/share/doc/packages/xen/html/hypercall/x86_32/�/usr/share/doc/packages/xen/html/hypercall/x86_64/�/usr/share/doc/packages/xen/html/man/�/usr/share/doc/packages/xen/html/misc/�/usr/share/doc/packages/xen/html/misc/arm/�/usr/share/doc/packages/xen/html/misc/arm/device-tree/�/usr/share/doc/packages/xen/misc/�-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -g�obs://build.opensuse.org/openSUSE:Maintenance:12484/openSUSE_Leap_15.1_Update/304523ce6ca17bf7f19e38b9ae99e425-xen.openSUSE_Leap_15.1_Update�cpio�xz�5�x86_64-suse-linux����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������directory�HTML document, ASCII text�XML 1.0 document, ASCII text, with very long lines�XML 1.0 document, ASCII text�C source, ASCII text�ASCII text�ASCII text, with very long lines�Algol 68 source, ASCII text��������utf-8�fc1383ffc13de6fb6ec8cfbf85c0aeed4e01a6b4b542f0ce7ec71e8b1b9bb331���������?����p����7zXZ��
���!�����t/,]��
�cr�t:bLL���Sr�'�4ɧ:͛gED/d
�'�߂�s 7�nL�E۠0+ǧ/�tD���ڹ�$(2mPͻURb$o.e/1_mN[U3[EÔ\+�Ŷ�',�}7& 0#aYUj¤6t]a3O*w�Yh�W�iЌ2+PB <*�bJy�anjսv}}?�ݸ09Q�L[c�7rh��˰�B8vM9'mS�&7;$�tH8BCJ��s�maŴeodsli__x#3˽WOvlD?ju��CA!ܻy�x;l<�(Sp풴�HΈp�v@�9r{`鉢�)R�.4�Rr)
pW=
*$D!9,D�R@kI�t�EYgdѾZ2Ρ�ǹߐ[Si�Vj[c\�L,p=RhaT:{QVHğxhtg>MvTˤA//ql{gY51 N/2�(^1Hё+K(�W�O��m<)}K
�R!6FS���;XCQ�N(c6�J�uGu[2U��7\�6��+6.�T,@ĎL�)Ҫ?7Ez
Ȕ6�7%41@��7��0Ov)�mHD�BHsY�Zn֩h��#�f#4Xa.#`eNSGboz(}IS0,wR�$^�w�TN\lKE^�|�Q
`[&&B�1G'q,���'gk`aG��
X%0=L#9i[D{i�a+_o}6�yVn4�|TY`�0v\FJAD J)C-Yj~vDe6�H$(x��32!9ڬ "ڮ\ ]df>,褍&?�HCKYKw>�uIűْ-zSk���OT!�4\:.æ
ֵ�J#%zC|ڴ�.)�CN/�|���
G�ju뇶3h#ӵu3.�dJX\F�U_⾒o0�/g�@|g? φ�Ч�]n'd4$�c&!ƃ@TUXUcVWr�WIWojdW}ft[TqP(G:uPb��RvsN�vfldӊhq4h8b({ŋu\-tk�7˞-Ɏ�UgĀ>l*{�V�Cesr;B�?�QBL�YrR�w�;V6�yrv6�uU[{�c~6%!��b:m�f:J�i%Zn |9UZ�ks�f�+=�n#֯0<, 0")b-��v�ݮ &�|�5�nmo�_\9If�ԃAޤ}�W�� }Sj&ȁf.1*#hY"TQ�kMX���O=b^/e۳̱t"ݑ�P/]�?~/~�"B�j�E#ԅɤ?{�rs�H � �g!�^`�V^hpu$��_�k^GNYe"!�;��tv2a;-��~X4 3ϭ;�琳3m5b|Zr7Ѱ�9A�Qݒ&AB�No
�Ć ~Zkx٧C��D�3{(V&R]]ZjAu2��U��K)Xf*��b3G�eO��>*,837ך���z.�V �^߂]x]����g�{Pm@�[2�C�ۦ�,X=u�8I+SD7"��\]m3 ��UheOB-IF,KB�2q !ؤi$N2蚮4�G3�+9}X_�M״b){3'iX3p�0vcrg͒��H`j�Ǫ/N�k>i]��Pssz=Xq,J�!٥eF;�Sh��Ca"Y A2��κK�z�B�G�us$�{U<'Qpݣ
e�i?U�A v �7Up2͕[P<-ع4�8D�mdC�58�!��KW�t-s�Ā�+1Z{��u��T�ڸ* ��2;'KnځȽh>�0�{#+
tL�n#,cU6_5iO�R-cMŌƦ+9qEөϯ05HZ%$��@!g|�nA9-/�عy�|rۗ_�#
K�be\p$"`l,TO���0iafwԃ�q-(Bm$�y�:A�b~
䭈G�DO
jHE%
,�(�7KS2me�M)N;qQ8V Ŏ�%�-e�
�\'�2OwZ䯅?M0SIK�;rogY@"��?RU:}dw/U3�VlL�lQe5=F��Ƶ�6�\�ë�4�;9�Qj�y"!mgd1pJEװN�N�'xL1:� �%!]A�4ksP8,0��u?y �1a5J�ޟ[�hXR[ܰ��Ay�p�[t/�|T,�( ��:�Q�g
��;��5DXc0\`k|.�$�
$$�!d�En�{gE�e-#fR\$�]�-:l�$ rr�Yw
n.aG\ִ�36�GE�bHy0�JN.ǗI�((*(
+D�'8Cf�F�SAX4#oKX.DY*D�W9�AqKDz�rQMJ;6LXrs>]7s�m
`'�r�'d܃P��)gI^[5Ҋ8ܷRA�nT\%b|G#�NP6Yg�u
A�NOh�0w��a�VdHLO_&j�dkmA~ӟ;�16VK�J�-,pQ3|j+��^>- MC�Rgǧ�-I�)@ H:�^J�ygl]�.n��g��LIV�^�
�\[*I�@�?~�x��n4z/6�é�ݝy7��k2Oہ�O_�6ϚN@[8%, apӅ^i݀>T;UMˬTUd.ye;xylB� {�|Az
5�E~ǣ�/�OZ1*:ay�xnb����At^yA���.1�Ncz["WQJBsy3+%�tǵ �Y oE!n4�o�c�3ʤ KCj����&
S@X.XTh4G{�7�cw.��O}ݾ�Ti-M\V��<쵒}�7j��Fd'�4��A��n>[�RC�^�T�*uK{zC��J7D�m��V�Pe�F,�U�ZR!���=6+%ՎV?BA�
,HƠ�et~� �}dC039�ʊ(�6vܥ�_gQ$tn�-h�s91Wlm�8f@ywC^m}!kD�}�| L1b]�4*KڴPt�ظw�SC:[�n՝h^kDZ�U`�{'5݆¦Ӥ5Ҋ|�xސ
:a/~
:Q��EP]���B|�
2N�(�xlY\iVyS١f#o>�3 �<�b:{2ׅk�=SO݊{�qN0Tʜ��f�T�K��-�xL�~[(!�_:(��F�t4�d�5%Gp2����_��{5R{z�.2>%$CJr�m�cq�)vJǪm8n\}�Nټ�Ipï~�qA�ǤC6 B� !Ґ#Jk>,)$P?q,'n�A��JC\mo'�|K흹A獴yuɍaD uP�A�Q:@TlMѩrO)��iLÃ蜱�u>-(Wg�NU}*VVY$(�3neto�3L�n�^̐�0BaQE�y¥;{�e�O�;��f{�j�v]I�yͼ"*3edLk
[_V8=T? .��3I�T�ī�b6KŰ"�FZӍ�WB/ ꃆGJ}�>#V2d)Daw�nM
C{(��)4$|:Қ,:e
'
0r�ZgCC!CUև'Ö.̐%GnpLm`G�{ޱ�hQ�J�yĨ\tUg(x2ޛ��+r�u?�ٌe��փ2ZiQM$hNB�UGH~p_Q-�5TOY7�Ͼ���]O�V&^C
&�d}[۷k�K��>:ڥN;9ZhCmz[6{6]،MǑ�^~�55�l0UW��BV0��yMT9AD[qP)hmm^�LY��ߌ`*^/a!yevhB -�+UlaUCm *|]P3eޥ@o)U(�b%�U�7�O�~�}̞^K��TBO����:d5?�^PmjU' k3R*c5N߯�S�[]"d4�|1�/Twΐ1ɬrA@!qf4|My్VdZM�;y
W!q�&1XE�=w#GΩe�#�NwX>w&�ͨճ>rɍM��ʻC�3Gsd
�ƁWUR=7z+F�pY�F}_7�U[
ql4X*ʫ]܌]Y[��:ED�^�Fƃ�[I��y��
w/%s���,e+kߒR2d2�?BG]OAvOc[VtG�4-
X&�B.k2B>5�ֻ۳#O��5ז49?÷\L9�SosiY� Y})�]�2nZ-N-Ki&`wGAUBE~L���B�`&a1ԥ0S3I�é|�#ֿ{pS�n2j�gLPgH�7=z6�tkum.z/էs[eE^�OuyzXTk�
1�7i&l�Ԓ~�fs8x(LR� ~0&*"g 6��r,x]s}!!ptn+?'��Gv�!Z �[mH��1�FT<Ŀu+"l� N?���9�}\W<-WnoKnz[.r;䁺Xe��FGjs'*g$�9b_
$)A)Q{.j���^:A`DW�S�(��!#�[2D1,WdTfm6_Иt3Q0rX;6~|�1]" ^+Ħ Gf��ca`%}G�k�OUVJ$;�23ZFē!-spt|м�>Ý/%.T�2��n\�4
Rado*Kh$g^;d?-ܳK�SFN-f�fh kMwZ4ꕸ�P6UwG(_TU8υ�
;�7��xIEs�
��&!Ĭ�Aٌ4}
�|�b�hշ�+lF-!0N�%Q~*5 �@�ԓ#`E܅>{,RGO@xm+ȫsM-AG^�m�pĥ�R=jl�$ȇ,��@->�:AV�ymV2�"v �{գ [&~,ͷmG.QHTaC�ȪԽ�b�bEl�D@+&!�(&UeN鍯 {l�L7Bmxx#"D�tY})��*59jE�:�z=dEJ���
& ׅ�-9�
ǔjqi.?lC4ho֤پ�B_R
HO~OlE 8{�B"3]�Q�N,Sуrڊr�e[�}N%͊pM_8� =vUI)�2_P\�q�\��e�.V>C
1�Ih�.�DV�?�,����wRlwlhQBz-S�c17�T0*�̱{^>GS�f+�QKO�8B_`5j}P�i�+aY�'S�g4*���Qh�*�p}:UР��}�gc� zji_��g2?�GWd5#�R@�,PȐwE{N5KUd�/C _ƮqɒY�Re�ԯcE\a���
.��
@C;Ѽ(Gdtc;Vj2r\PҖM$
�]F���p"��ׇܧkGE�א�ֵ9>u't/�)臭){lwEE<*>G�
?~eVI`~B�~* {HYO*F�#K}̈�9Pn&\A㖡P4VO4V']�1D�]lyܜ#dsUɯX+X(Uxr.��Eeȉ��vZV�u6%gH�)cD�W菻a�
+3+Y0nj{2c?}�aNI9s�V[Qz��iL�Q��;�UxzO)Ň&FGR3��p{�@}ţ?�_I�D�m.^=GDYFlK_9�}6��6;9�@�.B�(Κ�pf2x#8pG�z.B2=>���Ɣ&&7sNmBLd4A�>+U�ja{(7dOیv`�iK�Ԓγ@$�b4 }@@�ӭ(B㖵� U{ Ɯ:�^�pg"`cM�Z_'X ^,*J$jcȬд �dߨO,M��=Z}}\-=�3)hN&���=,R�;@$c����q��a[L˗�tEjsf1z��q&3\eAg�~@�(M-Ƈ_c�P
5}:{!7� ��ȡy�O�?o��f|^2iX}��:j}3g(K`�g>M�2yO$-0;ʃ,�-�ӷ?�Ɗ(ꃺ]g\"�Jړ�{TTǬ�:��^uB�RL칧O�?ڤ�?
�38k �+��7#NUGe14պ� iR#]�.;\נ�jʜ�=���>̺�>�HM뙖/~� 1a+J���Om(���\�
'̻ 0&m;Y2�E}@j-B�F~~�To��2~p#F$
`y �ݝ KBIw%曞9MyjF!dDV&()i �GB#{�J�w+ӧ��;&��S��# ^���n}%I\5�}n��zOi湐 @��}.404D�YYYu\v�*PO
!`/A"�,=33jM'f��NJ��o�jx)Xl'Nq-1"3T#`vZwU;̂nt�
�>{
�99GQC���tp?28~uR8f�.l2�clbRe;,ZO,��e- -�~-)tZ֦ڮ$�C^TzG@/�(�2)No�sVJIDy��3.1}"Lk4�R�4-7r2|({i1zAo �:0S5hŏ1I&w
*q)�1�F��|�pBaH..A�MصA+83�[*WL¬
R�7-6l.�hF-�^VPĖ-)G/J x5�oOJT��Ɔ",!��A8՜�1KBns8f-�Wzr�x=[k)22>š�~hE`%�݀i=O��)_b^
��e�Ee �,,[sj;�_(��Kl�-Y.8�(��2Ewf` tx+)Sh�!7�H.6!ׯ$³WjĽX!J�ʶa�Gx*7q�
_T�$Z7MlҤz
bj�x|tmQ|2!;%�%&]\u4a�x�zr�&bip x8�V?9Ь(�5*ت�EZN%nbQǍy��[6٬JC�&lE$ory�(
an�h>C1]s앝IC~m�$H��?\P�lFDo-uo�ar��%GA"~'Al('\�D#� wc�1
��;<]]��%l�ME;߯.K1tq�rE�r?d�7r/�'
;HBx)EZɴ{PN\Z��
ݟ7zmA*k`Ac%�.\F�Ϻw'N0Ff
V�)�t33��_>y4y!�&4R�}�gg�Rund!>?�X I4�VZ*�d_�:�!f��w�p�0GB�_�@y*HIefWl�]^gz4�kS
OfVX6|/��~Y �wVW+�'�r[2j9 -� WH�*Z�q�v�Hɍ=U
n�
ٗ3I1ۛ��eL�&�(:���>XIt�lKr[1~�TE ��=1A-hb��*��%���C"*�ݮ^k@JBW0ڎD$�"ڠ2Hu0`P�{z
}9иM�`]�EFIS ԝX�)||_!l�<#@v: �] k$Ö^W*CQ|��ujm]XvC��p'�Vm
ݗڰ�@�=2%�(�N�:(@x?�~�s#:�K 9O-ЉxI𥢘|p|Hŝ^V�04�"TES�Mp�NMP�
6�
p �|��W�,5`H�?cַU�],$
%�唷P6�cR |[G��O���0^:vTjԡ��Kߪ�۬5E) q+C�=bJYl]X�m^}�
"�R�mt�8"�% m^4
Kk �w]�Sã�+�k4@�oa9�F��w*(�в=o|46]�ȨbQV��H7$�iQ%Y昡E$ʌu_ꌶ3$��9t��ٵ��4�,
sg,
oz�۽5��-C�$�ʋ8t[`Z�c<̙v=Kȓ�
:刏k(\Mas >dC27(-|5�l.*jb`#8fZ�~m\W��ނŔXY�ٰd(pLE fc��$
.zg�*E��+u�\T��gG-}�^JA�89ř
:�d��Y$?ʔ"*� ��a�@ʺ믺';3�3�G0�fe
�Z�PޘM(pr)4]`�渱YmiM�?�:�Q*��sM2MY�T���`�ݺ�Z�Z4�
H�r7]���j��ѷ.%f�!ࢵSGW;F7u4,u�Ɏ�Hݲۊo�H/�"Xe�5FȠ�d���d^7M@jO(F=ƄhZ�E'yKW&psߎ�V��9�Dߜ Fn&�-zgp�P#$&�Éܙ�ȟ5nJqh8�4,JViVu{Ao���̘?g�]�U;�t6N*;sÊc-`4B^t�}pLc��!q~O/��([7�f
�'Z��$ݲ||Kc1BԱ#1{J0ޑW/�OP�pix)wk 3@)ҋ/¸�o�B�qJaK$0aI6�E V���+>ܞP�f(�.^�olaF%Qoj�XPi`mw�Q�K5Mrwղ!**Kz�U
WodG���/[CX|!.z
Gq9o%uޔݧ\p3,�ٖ&qi�\Dԡ�//[�;�B|D�)cuXȟ0�<��tj2djS(�dY"^aUb)D99QR/GW�
<�e;Yi4!8 ��%b9]~HxHʌ�
�Y&b7}UU�!
oB��҅���1�}�[I�v{�g=V8'8Wojk�f�a[*iJqu`�B[z��P̫ȁ?p)i�wSݶ�M��3`�N�;iy(%��)v*ԓRQ\j�oLA+��b$Z��褠f�8g�]�G4+.eX=�ç?tƧZp
WQA"jj���+�_]
K.�LNj��ʤ�>�{'1/0Q+¢?KGţfj#1ߗ$͔鏐o��D�sO_9
gF/5ƔLq�tA�H��͊+W��4d`1�+z,Y�Yuɨ�&X+z7>�μ��zx}bMpղt%��G2|X1GIq(L�$��C6Zb5kY8c(aw&Gt�w{):�w�⺢�/Zypf02sU5�N^,*Lք� +5o�Ș~k
6��8%�s`]%oMdk�z�:_D뿝]I]gKIzEdDRk�5�ab/0ȅW��� �]�B,X9=�jo�&fK$ԡy$3ݽ"m?�(n{�Su�Ѣ(mI.B4z[/ zꞓtŗyt+͘�ܳs�+PL�gUh�/{o�God�)Mz�@g�B�)δ7B�nw!|B/�h�sXQH�= ib�CEE?Kۘp(b�5nI���f3Ѫ_I'ܙ+ީ�5GvupfjeA98�rWKv7V4` ,�H=YL>iҞ'ۉ=�v3��k�uj$33Cn��p4 '�oh#Ls�krcoK#Hy+fI^Ѹ
Y-w,`\23a J�0w#�ZSj��T�Hs::[3 Ч.?&C4E#/k7-�PZS�Z2wT/.�YN�L� NPiI2O#k7�2χx�%lTp$bX�Vp-u"�x}/Ofdj�e.fsܤ�
ա
_}a/ EH"˩I�j�c��ff0Y~uz7�Nx�EXrQ'�+�!Qa!m6�z/_9�2��h/��d@|�RwX}��*npp٣�gՎbOl-�4}=yybGmneh!C�2ҮԆFNt�H��T\k�,rp�Z^ٰ��L@$��'�yB9\6gHNz+d�C4a.Q\#w%�ՅFwՔIT3M�
-5�G�P؟9jN�yH_6$�`�y}˰ �XG2"R�;>���$h"0�l~H��Q�_VoY`MiŽw��KA؍�#��.�7E;ʎJi_GIR\�n�N.m�Q�C'L8EZ� �l_j/�x:��%̤҇p E�rmޞ/F��b>�$-M��"ϋ'X(䶘z1u�'�"V3�����_�fG`\#?�
��Z�/#����M'�Ģkt0ra�E7�<ز+3e2�Ӄ�r ��r��X%t3oAe)ӴnQOXv !w�Yw�"в� u*z��bt]�\ ?P&Э|;;q!�}f� _%�M�K'!D2�j7�coa#��� Es�P� 3/ �� 9�j��K>L``.(Z,Ε�����K8&Y(aN�!XAK�"����פquFJ��IŝhrU���V"1yJ"�||[�>v) �{I:�Gt�~3+x�x+o#wN�7�o-�+�
s�0ur\ �'cyBZ&^�&�~jx�W��FР\e#>&���kDe�'ʝ~|�,Ď.�4pLn(s|FGZ_MlcD#bK1(�Q$�cDc9�e@#7vpvfn�*v$5-�ʰ�la:�@��7c��9�܀I{7%�U'{RTd*�kss�݃yqsd�H~YݮXnrkF
y9.0|4�2W?9<9.<&=b(N�' CN��B�rId_�u�;X#t1Ӥ5b�N<�Qp�mR�Z���QFߩ�!p~�IBr/�c}Gn"\�����cɮ�4�9X�zA�pY7�g-7-ȜnHnX��Eae_:tO�vZQ~�=r<,�Fe ���/�I {GnՇ%nµk�&:(CP_'��6�4yRA�Vװ&i-ˬ�;NQ.�g�@CG�P;�ʎT�Yn�U�>Ye�n}�/>�-(-F1bL̝�@gWRJ��SPP�7.9�)7ð/#PWu�0pLč�^T)��7-^+ֺD@왅/&q:3�ͷ`,)a!x}-}� j3ڐH\<^p �/&:q$LQ�M�%E�5�S��x x
��@c$أ4ޗ���j]1~jݳ�Û乚�T�%|lE&3 N)tQ:MGȏEv%A�#fJ9}͐)rq�/�sDWÄ-Z�ޝ�VQF#ڵ�1j3�f1nꐘ�\%ǢyNAi`ὲEl*a�;h��rxkS�CG�uXhk�(�S6"lY��ǟ yk=(r�e��X|2+cp(1Nk倻1m7J�qA`�
n���5�788KQ.���0|Hwym$;6{A0/[l� 3LQm�!y:P>�NF��XT�5/csHB�XG.S�>*\E@�#�J;vs!vm 7R�O*t�Egx9 ʍ�W�9,�� n�rf*k�PE�_3h2uf�j^89��`G1S~W�diMTn$Z�@T{4?;"X�
"*h��CNs�A����zY解9<�,�zkXl�O5v�i
^tBa*eW(!uM3d\�D�жmgE��#_N�.�Js�IlHW)\0�VKFY�Tc«t>=&#�~�
UԶS
S s%L��F[�4h�>g�@��v�Ck֒q�s�nboj3
��&�l�A �F�|r]�DL)�;b3(y쎁>>_����*
͒3/�2
3ʾ�_8zYa�H<-��;��[�b�̹v$�rh�3�}~DBҤ�p)Jp9z)sh���4ٵ0fL�S�zn&15x*ߧo�m6Lkh��<[נ |�A�4�=�$Ǹ��hM۽d��^HlC8pSi&d��x�� f�b�vkPyWd+%z^BUؕ� �'e051�R`{��G0lwb}�1|x(qlȿ�D(yK_}}f[�^lI;!3�J��6J�~qf̟�-_۹ް#�~|Xs�%#-�R&Y_��f.
���͖H8_J,�@k|S\Qr&nI�_,/K�@a{M�;+6�i�XM~;@� v\{ÎNI/
hH{ǥ%OFA+)=�{Dg>�|%ʺzd4^: 2,�xKdcCJ�u�&ZUE]!&�ye��nz�ǘC9
@�V~bnJ]D6�%Q'�Q5מĆ/\�0HC�2)VQ1ϓ^�Nєf
8=0yuA�_v�u!Ä��eE� �j0�;�}" p#{5{әe
e"{JE#{#3}� a(b<3%.;y#�K
H3x�PRI|�{YVaZڢKv�RaSYT"VCq 뗙�
3#q��5��ٜf|QAւͮf#'ɐ߰),{�9��ى;W{Bߙ?A�Dps&rd8J�3P-k<\Lw08fZ��#Մ?TV��vH0*-pM˵gA7�MjaC'sM1
4dC,!9Q~0Q(-}N�՟䇴�F[{$c7zն9?^�
[EJ]��
'�bp++\98pEˌ�z�HEz�Fp��s�\Μ_$��Y��
�zJܸ�E8g?98;L]Og=Ie��?2E���1Qp$qte_-R&�@HqAC,��jX|�0<=';~� 2sw101�L%�$yysM
Dí'�AA�^�+P�$,6w"CGS U 1قs
to�)'m]ƫ�#fU^Jsztc"Q=:bN_��H�Zn rKDmY&�uIgV��J: � u8�fػ 9I8.KӱQ?=2pTR^6�>uJ0aJ�R���~!4hb(X&͂rv:8]+)16;&6Y˂[Ee�9iʱ\2Wӻ:A=�15(�߀ͯƎbkA�o7Gl3u�T�:e��S5vMS؍UH?Q]t�UU�\A���_8j�?�"xU۪d|p�fU�|g�gyQ�ĪGM>�]?L[L�x*)MݯCoXbP*10^[9d�7-&m#_ēna~X��BҨ�~�.���ިKQo
ENC�ԡU�ah]!^qzp:�.�Z0hpàDγ�ŷnw�m�-WZܓ1o@GLi�HYצ2[L|u7
�oj̵ ʓD9*�!1@��V�"$x�ぢa�^p8�N.�"�M'�8_}Dž:%���hjDz��\z�+65OŎv6;5�*�U~[`)S9?k!>)�aF`cђj61T`c0m>A
Kou-J>f�~Z~� `Ŀ{Kz*t̘B�oqMJ���fӫ9/k5��'=I"}>j@"� ɶ0>ҙD,O.P{Ԑ*�V�à�#ZL�SVl�MS���`\5j*KG>1<[M�2+
mVmf?��p�,�㾰*ЅMe�'X+4w��YYLfI"�}RAF5�dcP(j��x�d%^!
�s!Vmk�z_xAνadz}�N|Gj��k*y)"5'n��N5W54*BZȲ�n�odu$
hBC�&n q�#yiP[@`mGRWMzvr�c'sdb^�xE㻬�*zp47�Ww/gYRnۀp]i�S3b)9��\2ZYf�sI�}M�2*B=Tg4%k��'�ɮ6Ֆ)�cGT0WiMtT[OlG�olB�Ϲ[Q>Vl;.:�=ؒS0~�.R�zVS6M�~WM��y-';5ZZӗ[Xmv>R|1�L!�`=hiV=ۘ~gAY��9�GHJ'۶+��N�*Rx~V�k�4\x]���\b-ENh�tEn+s�@tfy�Өa2>ɞA �|�w��H��Wpя&mM8\2+>lp,J�i3tU�닡@oƷG�*s!ۥ®�=]-)�u
��`�/:z�U=[6s4LX�&êCw
�oigO`��d�^US�/enq�[�46͊�
UG\*�E\}ѓtapD�o:P��Z,-˕�ʄ5�ai sKM �ٵs w�5:iEp?%"&{��7,0kwu�;�zCJP��(*U$R:µ� j _JTA�#\R�'�"!#nXK�LX�=kPw5{KËVF��="p>�<]�3���JwCmǧQȓu_DE.Y҉/%l.�ݖ&`ü<[0ȱ]�aFpQlxDW#칧ѭ1fBE4G&?-I]X][�/��xɩ2y
YTɄIA]߮T9˽N& E�%��{-)}g=4-}݅%ɗa�г@ !ڧwz�}�;S8ƚ*� o��U2=mf*�r+]<%(.c�|b"0L�S��[)ip� G~BTӵVa�!B�\>PJ�@r�s^X-���:[9��mT+H.%Zu8)�lo :?u��[.0)lVh
y3�dP-V!`wEWll17lַ0"(.弨/+�Ι �Cu1N@2��I�]!])6omNx9B��L5i�fV#<�+L�\i@߃�J=en`ЦgfU�ݿÅF@?wٯ(C�v�KWJrnȃS�E{l{ޡ�^)>d;Ӧ�UhWh̼j��{nb{R.�I7v`�p69߿6=#'�D16�k91k�>ܝC5vdsZR�|7@^v�"M�kn5�BO>V5�;ZdLv�{ֿ훇����f?HˉTL.6g1`�c�^=�^Ntt�~t�Ȁg~q_�Ĥץ?k
��za ױ䕙)h6K)l��KS}XU�_��?`P:]VKcF;XK�2EB�/#�P\%�0E�?p$k�;���A��S֪+y�4S�by�sB"��.m^˝��Pn73D��OD��(�>d�%`/AԘ}MbG@*^�֤vwS=�U@
ዘ_F1vEG}
]Sz���)=b�h�+Q�HOۧ~�(1qTX̀
؏+V̳�Pu�[5v
P$uSmjG5Gs��x)0q<��P��^%XN+@q^lb%�ͬ$&$ݭNz
2=:{#V8vƊձ�3d��V0Q6^yioS YBO�o|϶R*> @
�UEyh�8S:M��G^3�GP�{c.M%l}ε+ }�^
##>�gֽLBdut`CD�8JLQ>�;C�hů�|X/nL��@5[3�?܄8΅���Pq>r۾Lt�V7s#>ЅHDK7�|)�!A9�id ,rzMG�X/��طX֢4)B٤9�HM�b߆�
ںTX]-�V#ym�ݔ..
_)E�U+QW�#,�Z�`7���Q��ʐAyS�Z{"Oj�ͭr�̱n)HM[U_(QsW4�^'&Q3*=Zm#%@wY�vɳ5KW9]mAO:l�4�M��?L
nqZE��RԜ8�w^�3*^�O�_00�,SJQ��T_k_V|> ��.�2m�C��56�G-�o�c�پ�ܣ%�
Es�AQ�` E�� �X93C-C�m�gc? ˰`z;�/c[(��b�I�!K#�I��W�C��@ZTŭ�5�D{ 5�fɫ��ð@�G�鯣u�w.�v;�aj.Fi!+LS0fd' "�b�JJ��qE�Am�f:��=鍀(_Z6�縔�Kd&bWK�Vd"�gM�Z�w'"���\�Q�q�Bv�W��"Ni\2
uĔm9=ty\"_Be,&aݜ� ߤu4�_OIW d�xmy\FzuQD��[
$cM1�N�^Q-b+C(+28ƮX^NhvdWNt�dH>м/�:Ss"S}-V VI�g�$W\NQ}>��Hw�-2jU'mV�Xܾ⎇ߦCVeKT��#|b fDJ_08{𢨇Dܞ*e��fތd,�
I�Enی]}�M�DRv��[p=Q+�b.-�Uv�;.�+H�8k0�X'Ag3}:Qر3;Q5r6߫ W�c話̆@^�LfAM:ZaGK�\V"[͈�\@TU^'9">Z9��Ԯn`ڗA�X`�FMH�ZbUrc;O�,CWY]KҶ�F�Qwv#��Yȴ:!(@ȲHf#aDi({RQ�F�5]�h�lf3u�Oꛢ+b9bJÊyR�%Y\�U
' ,5S:�!ɠ�{uƒu[*,GTԎiBn�M$�h~طt}U(�fEF5i
��Xռ2�(Z'�lpG$8GN�ha����Ē+�ěp2� ~���+B�ײ_'CQ1�%}�KA&;�۠�60�N=릘W�Ǵ:i3/iZϓ\
%�qqY8�*둈t
4W7�哆ᏸJ
a�2DVچ02�҄@f~0 &�+�
g
hQRw"�<0)�>9X}9h섡f�'
$l<�fLHx#ࡴ�j!uV�`s8\�<�7V��k�d` >w\n"v��`�;lio1�59ՒB���"�b��YK�Vq6<Β
-1�UHՓ0J�@qYvc|8v@�2+�B{YNt[I2ъ~��CB.g}
k�;7%2�#VާM"n
WRFxo:r\/1�[q5^;C��ztz#c6|�bph�&Z�נQF�s BO�S!_ѐx3O,6�ϙO\��iw[
R뼵CLi$-"3�y�y}�/'"2"<{sH50<࣠�O(�~e"�}O�ߝ^{;]\^|C4�J[&-vC8\
�d-$ifO)MNTk�%�+f�"Ѽ.t`%�I%�O,A�n<2Sïòl�pB�l9
�j)OHs(٠t"VKґ�}rgy�/|o(ɢ{5NcAGM7WDi>�ߌ4N !.d��L"�Q.@z6�[�i5�c�КS@?
[qme�f�R7t_�msB�?�a�[mII@BR�r.�8�,"%྾^Ii%,d!wq{ohs,.Ƭ���Wa�_"4
@�ވAWѯ3mD)0='Z��'l]��bg$�Xk�p�>'7~(!ճL�x�8w~�4ka�`f
O@23I��-��o.�N%
8ʗt5:h���\�T>gͷ�L=N?m7Qtd3o/u�� �ic,监3~E�nV�J
}}q@���=96��
I�*q��¢�K&,xeG�WB S.C]W0yM� a�eFMnٱ^؆,
N:#�B�0�
�eb� `zqU�íV�ta~;"Bbι[(c^ģO\a0idB:K^[Z�mQ /#$�3�9�ϯ�*�g.8�RfR;I+U&
#;�M!S3eZˌ�HHOM)�h�Ho jx*slml?C�<\��E�<�0g *x6�����_ԆftkCn�5Nʎ:l{'dn�72z�5t@۴$�ڜ"���qSvx&,�%mIѪ �cL0�sԁS7HW�jeE䞝L �CR�$LU�
iᯅȇ3���+~9eV
�w=X�pӓY.F$o$`�c��J�D�~ye�"-e�y��npnN�fC�W:���'�&}i�!�F"܄F+1zm
�e)(X;�^ζ
E�K�,G�YE�PC/
35t],)c
/�f0'go1�V4)\��4Jjr1f��<�$u�1ccR�_ʾi9(~|ѽ�Af��#�9f�p�߰46|,%铺g5ܩc�
ۨ~vOOλ�F�ouXMS��Q1F)��2M)3܍uuTӖed3?̤$Oi��o
���4R+h(�d��堦t7!�{e$_*z�}ZJuhR<^�kR�r�xĮ�=/�M�
8췚�;4~U;�䚔�9�n�c��Lv3��x>�7i�*B*$n]Vq||lbx0" ���Z�HSDej�c���ok>K{)3U�V�IgzEz�ix(N�CǢo8Fi&D2bKf %c9v���
Fl�L˓-%�ݠ�8@/M��O�+mnr�Ψɰ$s�H,9JΆ�t UJ_��~�)a\*ޢfԧ/>$"��
[h
Fh�֛Ei97^W~�.ë z��fY*F&Y kEV_am�m|�iR#bS|Z�]w&y$ݢ
͊dt
?�%Be�5 Z]4˅CK%/Ux;�hfщ5/]#C�ϛ$K-�~YŶHr��y>f��l�lnJ+�S�H\�P4Oe?�VQbH\ҿ���ρ1D�Y,�R� Z}M+?>]�JyT$2��`R.+�F>Y�O�e�މT\'u�Ԕ�� lL=~R.u�!�:)e��@1mg�j2�P˭
AHX^���g*)�yd�1q_Z���6(��&&�֛J�pۻ�T�mDq�?=N�]lw
,�`o�À>��?G7�|x �j/ �Z澭'%re��yxn}k٬C-yiZi�
5�G$I/R>˳νϝ#>kg%{̓ [W29ds1?R$kgc#
z7hd20�}6L���I4MG^LNI�{}I��]7L%MGRc� ]n$�a���>�#Dx�t.�%ɯ4�uJU+�@UeFPu{q��"Q.<:T.Q��I�1��{H_-}%<�T]�鮸6*rȜ8ۋu^9lJdL~'䔕rS����X�gn;Dt�1t7SY`:f]ԅ�JZH1"�Sʗ[@vW�.J>;R牢9,9�:V6�D#rY�1V�j)@L,nMR�k�
�;a�ܿ˳)�>Ք )1TWޯ8ݙ�9~!
I`aep^Q¼l.'ԡ0k`P{�cG7ya8
jj�n�{�:O*w9�T\2jn-mվ�I�<0K|^?�keܼR2xUZ8�rHc�PG)~#��Y[(l
�T]-�.c2D0�W��eP*fIbª
�Ŷũ�%�
�%�w�ӯx��|]�Bwh�Ŗi�cљHAWewJ/�ɾ�i'R2`~M_BLo��2��5���h:K�~Ǎ"��[ZY f[AS��wuܲj�{�l{� �6c/Cg?ajf-$F5qv<�Y�q�0>4DևP w7®jtG&ָ}st\1#
b
�_rL/�T�_3_XC��|B|=�V�| \XA�L1C]���MPT/f'�;Fh(�X#{Vf/ b+P�V'u#|cƖ=Rɰ">QDz�+�c,<��ٜ[o7[&*2`Z֒%Aqv#�7$"eޛ�67o�ƒҽ�>�#g\s%?�C��O0ЫJA�V^�,JjC�1wx̀&f5uُ<|/nG�^��$Qij=�U#G=�L&}U���we@GS/�g`w�S�i~ˌc�H�y>B'#;~sdKxphO�zqı�H�n8Z7jL8^v6n� �`)j:=Y�O03'cۏZj
vv$Fu-RzMC_��WWEŪI+,3{
vկ|M?�n|��2�ouۮGY�vruBM(倾z]j;ClW9ɩ=�l2nee�gDy���]_"S!=G@]$�59�q�vBQ�gmL�|ہ{��'大DX��+_vc=#gUR"!�kȎ�A W[bMqdT�]DWL:k�WiP|�Mv.|L��?&�-�$)D�`h�"[/�
}r7�Pt洰_a^}b[�WRgP�n�J9^�AiTO|�:םP $f쉔�F#
kG�qx�B:Hpaj�AD>�1x'l�1g"OŬK;i pz��!'C"�9}؉L Ƹ,%���}E
( �vyoHXqqb�_�_d�#$n��B�$�cRb'rPG��'�Z�WW(.Ӊ)���A$k.C?iOe�M�N*C�#
pίa?G�|�;!WfXP.ۥ[>Ӹh_!(<:�n�Y�f�4@@f~
~Zx9~�9lw=|y&Bam�"Qd�i�,�z@%c�H5gvyL]>�"e;}yAE�r+^㘢 �В1\rg�g�^�Eѧ$�;E��Xh�9&0�]b��7hҟ�'21���(^IpP�Ȕ=S\ j�I�-c<ȕ�ESQg.;}��V bFH���=�d�q�Ng.m�IK"aNl4ţ��0[�ub/i�o
rI%'fJ%ꕡcTʔ̔^ϊ_|:F/Ә<^!H}T�Zu}xG�AxMGVMOc1u�~,50DS?K-@̀6+nu4F�LW4/1L p1J`=d6{`V�zz�벮�ѕ&A&7�\�IaNiqk$�H)EA=�Wi�(,�e/�0P�,VZ>D\Ofcc�R��+lF�d��?�^$�Xo\^TbHqSne5&B�_��Qr�b�-;�"�ynVQ�sg�ك}؈t�K�T\k]a&�Q��O�[K[�~�X9n7i3;S#L+tA`m}PV3Zx.H�T�)0
y߾2o2vIBs�iPė#]�6�f$y4r)?&r$UͤeCeV�RH5��V5ػ���&�6~u(�C2,?\%_8ʼظ"Ц� <̼G�rP�U}fppj�H|;j0Gŕў�lW�ɓ
�8Uwm/�T9O"w�8�g yM$�?w#��E"�V}I
&�N9@�
aB�5_tsѿL`ՄD:�d�E�&gץ
+FYWȟ2b7�c�t٘Dj-�oםQ8�>�S�&�Q13�yS�%H&WK�mv&�]%l �Aw rla8äM:�9�ẠAw1�Zvh,;��<���$U�7zf���:b��w�R� z�σ.2IRBY'+;ȹ�rWە))%�t��y#6<� �
�тJ+R�(-(�73C:o@1X�Z6y
.��{teu� p/sK���5NR� B[Ol3ڢj�$�a"}jzWY'��W|5um;#��&:=uD�ڢ�\�znyaޜ,љ;eŞN_ѲyBxʧ=
1^5m@�@]p/op??%�4�Ƽ`Ks��;4+�1��k�1~Š;���@I�v�8E4ރ{U")
_mS#�W�nj���M�7jZ
}�%rak4/s"lɒm��Siy�G��� C�tb9rr�ZOS@l,L�n$c)e_����WFoy㽺k�X4#~{/H�X趞d�O47.
yA��CevǠt�q;.>$F,LG�%W&�ӃU�7WE�9u_H��A`��CPǸ`%Q���Ae-c�.����oT*^�!Fm�y�l@:��),+C��5N��RH�HΏ
��T�m�r��Й0�UݸF+"u%0+�oX�K4-�>|
4@�,xMQߢ]dur'j^�NM�3��w�J6S(5�'c{fvp�Buz$�(AMNP7D^�6]lG3a;�F*�pfiM'Χ�44e��1�5Wv��� .�gCbu�I$!0?X0!`�3�s��Xi�
c
|Xf62ح tx$1T[(7{@��_jթn38�jXLTOoƭp@�6Kc
&MMe=.>�q؍ '�W�Z�r6�"�J"~ x�g,ȝUԨH^-O� ��eWJpi�)o-�s��Rn"8!oxį5S}b�ɻ|��p/Mw�=)30p8 Fv!1(lw(T,��vf[�eס�ֶ6�N$Ad���&}"Ǒ,Z=(c%+IpUz�%_w�(�S^cU�(~?l\v+z5c
}���v>��u'�u�?e�~/ |��S��3�ߗ1]�KO�isR~qn�-�ہg` j:3&@U-�G�L/�>�N�.&N�~�$` T!b4ӀϊlP�^Cw�lTN�1:jh-|gG#?̞< �.iG|NhۏfJ<8c]re���˗w}?Q:%F��U`v��ծw�ȕ`�: <1dKE�`yi���L8^;h>�g4� z\��^2v)5�*2gf{tnG)*g�-@cR-p ��mSQ4js~|*'�9
-;%D3=\.PEt]ew_[W��(&��ѬC'5(#9�2l!
wq$EW�.� sS~pQWeQ�F�|gH_Fq��R9*t҂P}:�J�̰̿J8+?VJ#S
hR\��S�tm�,yKLj���mQ��&[G$;4�lvK=ݎ/?*N5S@��GGI%P
�o�)�m|}ذ|iԁkըG.�܈�����_z3'�U�dltC�EX:[�t,fr@`)�G>+m|2YS(�g�)Ooݨaia:SL�T�t{zX�D�@j>]3�0&/AgT�c�q�d97�ZuJrgM89|Ej�9SMXe�5q^�F$l��+Ά=��J*5t�Bv!�� 5Y{_#2p㷃KTeC5ӗ�!ZJ i��Y*�V2`F'X �8I�l��X.�M^ [-Q̢Lu8VˆL�0hưW�^
DգKq}�PR1A�2�YC7���j!@��N��]w�o`\9YtTetOղ�Ɠ&
xԭ��4�:R"LlBA�ц)(d�]"cyeX���xJk�J?IA]|Uw~X^AK;9�S`k�lw
�ΆMU(@nJAJ�cO�a�SG1Q9
�ʅr��(\\P�ZK϶:{�"3P�i"h�^m<ӂT7{u��VG�i�ͮyOlĚ ,Q�5w��HIC[Irr:�L�4�FnwWF~4¨J@g<��Y�Ƚ��JyU^YrFJdg4K'�Rvƅ;���䶸"� S��[ްCk�5dwu�zr��"2�F�OB�}�a�юdNN�o6�\$ԛTOn E. Gx
SPD¨ 1tfw
\rjn\mgf�UN..h;O)uM/(Tٳ"d��>'W��
+e5͌�tK�sM]I{�he.}A3OQ�Z
)6Ѷ)U��41@�� DU@�o��ʞE9�X�ӭo�C+�mi� ��b6���/
�=oWMp
5`"����[nˀ./)_2a<^ϸ~��9
ɶe� H!��-\Oz`P,C5�5Xfu�)�7'x5'42`a�n,LmF9\4<'��"<1>����mMj?fTi�Rzu`C�MSVd43��U>��_7t!����viiosvVߨC�G�r'�Z�M:E�ܼ*�/E檂o9<]�;�R]uO =�9vb.d�E wA"HL?�ORu!8s{~'7G6L0��J�u+�' �G�(�IHN4���![�V>|r�O7�N:mp�s6rY��;uJ T�"�Y*"�-�j�^ZCdq=(�^j�<�Fc6jVq�ԋ
@X��3S�_Ϗ7%6pCR.�?J.\XV�-�B=EF�`!s�NuZ"��Nf�g�S&z�*7AKJ9-Hoc�uŮ SN߬~)Z,vOg&s6�"�`�i�dW5<_^R,?M2}-c�4.u�Xw<��JB�1� �dC[3E�oT�U9�&zZ�s9EA�%1�fO%�;�L�]�Yi�۪dɆ@x9&�/ZB[Ć�]�K{ Sd�C��He�lϣWh*-C?k�?QXLclj\ԧ�#2VY`L9},vX�
L.�y\vw�&��0d'u�VjT�k͕}��Ys[tgz�~H`f]�*.tavk�N%#�L}j�ho�.�^5#A*-W�\Q VDQ+�}�D;l��h[!�D��?kr yHn>/@|�9"E�yjԇ&G1�츻+Ļʍ�Al�Ɍ�mOy}"l߉e�k�[PqPN)�w)�pQ��3�]GN�<â4�W�W2 `k�Ai̳6'�c
x�#m.A4%oh{F�,>zfvq>
�*yk.�9*ped*b>MYwُb^��P��zip�mR��ډ�yD�*!؉�6�4-��+ɸHI!Xv,�+��rq$�_V%�!*|~C4hD=k��X3IL3:2˖g3_"ZN?�I^DU;r_T5�}{.U�p8xe(Bv95)N�ۋ8`2_9�^t~Ȅ~#���nX+9rp@�zRK>A6ٌ2��n�x��sng�t^O�]r�p�¶ΑWds7ȫM{Wv,rXb @,f|0 @.,]ٜ-�&OȀŠS�G^QWz�:˫�r 13�K'0�0u�mLb�Π�V�
ӻ&қ9?Xuab$H�'bV\�O�o7,cbB���M0Wrwش0��W3ppW�8z9��g5n
Rpx9¥�~2#j�70[r�_rP7-`ljƀ}Ef�;=J�DP^c��dڭs�S9 �-JV6G�nxnHp�"9V`~Kx\E0�f^�#�t^c�q�;sD=j|QZz%qc�lg*U/E@z�0V�ڰ&-;Ǿuek6�;Dw\وyRM-�|Lj؏qYW�6M�2mQ�:�Yē�Eh%ä�xRz,MCQ�z���qQj.O?g�AN�>OE]D+��Hj.:_hi�c
4N�h4]>^}�܈9!�BH$�KUP{}5
lI֯�|c�s#}k$s�=\�iYm2?ky�rq6ZNryJZ< H;&YqJ녙M;/oc3m�@2S;��#h��I�|JX�a%A�5g'$
T�qQ�,SOOiTmy>�\g�{ݥF--[?ް#k!;�*uE 1ŭZ^\�&0ɞ��.(e_`��2/=�?D==�2
)�W�x*ʼ�;vYS�Ltn�d~�1`�Dy#%iQ~#61w2fr7`ۘ��%Y�w�gD?8yBL&q0X3I�壱r�F.O1�I(�`ñi1hYpNd�ӷGc���F
K9xZp
48�+I��
\X�bZg�K���o+$c�=!� ��@{
)z,1\Qn;�B��eQ* k rQ"�Fݛ|D hRچF7kb^m�RV��$̾NG�[U�F&>F"uwa8m)G�f.�(Ɔ؉.�Ov!@�QR~?V ��CoYB�xBBӚGNNC���;1cY��p!�uJ��jIeB�bíz-�Yg�=њyG�8�|r�~��b?FL 3,#@1-u{K�l^y/
*18aceÓ8OEsδ�
�}Pʶ�>�d6�TUH>�D5-+۟�|H/z��^
g3<&4�-(phP�dK'+J
TO(ޛ� �1uYՁZ^Q^���NP :hn9WV�u�`�/=2�]!d���)bsN�0Nˑ*k+6�q:K%w�~Do?IV��5!@亩�[z7y'`.ڎ>�AsVU/S[k&&2�(w&w�5L7#�ŪT,Z#ޅ
J>-%�3)�ұYA]qc;#is7e�G�Lv˽n)86{8�c�|]�eS;�F�fB#{:��-s/3hy�S%5*��&Gؔ ^'S�//�mdRh�ڸىR,��M�T�M=I8{�%�AeЂS�7!n�cK�#O��>($B�4Ɯ�lڨݹS|�[7ܤ�휋$y�0ʎ,|q!MUkCZ?H\'�ؒr=Q+`��M��6;=U�ޏ*OI$z1bN�4|G��(0vҠ1un]$�#{��&t &D�\ޟF~��v~t�F�'i/�؍ԷO �ꖶ'fhs�2ai ,8�ԧۜ-J��Qg4Hޕ�3Jg/km�Gb�lihU="UK0mJH�CCͩST�bwp�w�~�eRk!f[@�4�i5�-NjxC%�O�8"'?�`���?z�5g�źi���$�L'o'NX(�A,U`;d9XV5@�^c1|'�Hw0�ch˽ʽ�K8g�^0NG?�Oژl`^��гq{@�\PW&I4M8z�,9a3e"1Iz*!�_�ePV]NvvVڔc}F�jl�r7dP9p|L!��%��k�!6��[&r�K�Y*1�CZ3&z�z�HxSuXk�F?[Uy2+(j�T炜{XY= �qw{�;Lݥ-�3ncq]7�~X`G�*3̢�afvh:k{Q�>Z=�m�
l
{"$�Q@e'י�Kk3|Ҥds�J�zs��XVV �Mۊ?4J��C#*Uī\��O��+uY3��jƒPl=%X[Բ�teҢBLP"O�o./+r��r�<0�d6`trNf"�!ɼu6^:rזNsa�U�W/,JO ��`�=�U�\/
#ҁ[d3:� g24ivzo�+;�3x1Lߍ#7hi)CS6�& ��Fﵒ@�\Jؖ�r�t�J{%�o(bA,,�}�;ׯ,lL~r�ȣYר� =n~N��^2�vOЀ0rO��=/4GNУ���xO�>KY�@gѧlV+͚qn%�
4ܠ��nt6'gT*eC�I.!�Po4t-D�hɃ;8MP*�3�}=cUm"�$8aN_xu2N�[ɩ%X )Q5ڀm?�=Y�1�m�y��[i
�=w�m�4@;+�.OJ&Z4?[�Mdw4iN
dW�ˠ�Eve�MA6Nrќ8Q骐d�HDe&fR�X��`妌٩[0�!��%]?`"'U6۟n!L:�=yUséֿݹʨav4247�b/H��7vAR(O&��!�ev��m�"x�&沂���kCLn~�ѩ <`,p����i�hkz�2}' 5�˳§5�Vje~I$E��:U=w�� 8K]�)'l�z>Жl@F��| HԤx�YoabErږ�ן�!tT�KmL-lyw�7\�} $5�Hrq|ZXq[2?T'�=1ٶ"|:���CUӬR�QX7:s��[�(#@/T[(+*yv=cXy͏�r0I} c�\d�@(&0QO7`�H-MU>e.ן�}I�}֢{�1h^kj`�R�g:�=:�[��zߝ8sE�S��]]VS<4�Frb�xh����Y���5@_3̉Hʲ8*6=c%�ؘCՍ7�tA��m91c�W>.�0�VV$�$;��
eeF�wwg5 �$�[�j`�#wcK3n�X�Ѳ]kƙn�`w
��_CDuoujxg0_%Ӫ�'Z5�H�-��Y@rX27C�+�HPI.�<]0�!74yB�ŀN>knD"Wf*�\d8'��aDŽGw�bV81p0%�6�9�i+*rZ?Sj{~5�-GY8���@>��rr`z���\es9�D}ƹ+V
cxD�C�I]W[��.��M �=b�\a����ah�"�0eM�j;)KØm�ڢ)ƿy^�&G
cl7CG@�LXϩT (Bϼ._w#�{":?�ܞ>:ɈYS�cme��jHċ Azw$\L
nZa=Z���˟�28|;;;q0v70�n�|w|(j��}�_FONy�.�{ws٩)�\B"�Y�ÆE>nt>w]ܗ}6�]A!`��wac ƚ~q
9vc5��퓜/P�Iz-QAp�j�ts}罼�{8#�X��~,\u�=�O8.�@��7m?ZY~gmW$F�ƾi[�iQ,KֆS%+Nj�i�B�ld*Q�PPdB�Eԑ3Q�q`I�:E]0b
euI�Ƒ��ɜf��
q�LJu�+ӅwX *KyS
�=I�b8b<_8D�O_b'�*`x�,2j/$k&�T'/W{*O#x[a\�6L�wc I87̛��D?��С�ΒUR}
l�ċ&N# #PX���i4< �� ;s˸ƌԿsڲ}I�P��:[�`�z!-)�Ђr�떸u�P&1N$8�'5t-�!>�~¸oNo6c�-V�d�l��ǎ�"��2�f��վb괝1k)?f[3
�iv;)A ( J73D�3ZVVT��P'BAK>Xώh]질Sz IKDN^es|M=d/Ep#��솼7Խ[v}ID�%�г'/n�X/y�DZJ)SZ$LEdU4cB`�F#'銏ۀȥEp1tE>ٞ�_GL��8wwNp@UqR݃DBb/F6l.#���18*B<(��_z��¡Q �nFLf�Mj69��ȌWn�?ߖ"��PD�A:5}Ty
i))wʣ];�i�!Yv`G�Uh�CMS�n��(J_rT�%ky��>�ګZí� �s:�n�UZ%WN)�7?P�mǙ���DZC@)ȋH'�3�7�tГݺjG?�O�F�Foa4j�JjfyHPؑdC^
~?7#Ĥaboo;y�li�$�e��Gqr/,]�Tۯ����ZP
Pk�^6 �#0� Y~85fY֯Г6wά{#u%lLH`Jq%-
r8gT) 5Tg�0K5r
=v髆z�I���)Bq�GD�6ѦETI�^$
�KF\gF^Ă�]�wMa+7h&�#�=.�7ƀIq&�ݘJ*�ة��wB7+��ĝ��@2�F��M?�Q羽e.EK�h\<3L���IJ�8/- SϬ(
K�JjÖ~J:isH�Oz|Ȑ,Z/5)�tR%>½zL�H�Sߑi՞B�l��%r6B�t![TJ.��tӞxR(cf̷�#�@Vލk��r ѡ*g7ٝ�
l㳵��nIj�{):" 4˒yʌ�?ã�/c����ek
vrO{��9/Y-V̙Ug�~0'B9d{ѠuSXV#ۑ\��ť�;�"?©h^>ƯY �{k0V
��|6#<"Dm詾K|� �\GPX72u(i PPנJW�X8O�P�~|��\�~lh(j�1'"Jk�v/�`�0x� �e>$?Me�DEyڂ��#{^~͙�ƨFcC�WkKaiLV�ҳiJ��w
;[���Od�vTQ��Fav�]r8
�pi�Zh�qLp�\B�~.W�7jJ�0#�I��B9Dt܁2�D7�2�s,y 栓A�H_#�h�D�)bv@^D_QH3
�fuxNe%" H#ƹ{.�eQA@kjS�Y\Fed9��c@��f|�v�J3DkHVß�K27ͦՖJ <<{R}}6DzIǗ�x`М�JK�\p\%LF#U@|e��;QC=Mm��c#Xk<]L�E?�Bi줊z0zyMS>dm����(�0YF�լ;@|1hD;EL?,Y@��j6�6+َ{Ų�n"K7M7˧5^�nb�Cðj��
�P�E�dVQU�u7�შTyM�*+A+v!jnᘁx�+|[?8+\m:(#wd:G+x�0�`.?Y�w2u_�S �Ve}g{�ɳ�W��9�6j^Je7ղZݕ�Q⤔T1Qoe`hd(Gy�(M�m6,*�{D.NMqh�ǯ���B�94f��XǞ?m~��CF�ذWf�6|ǙѴ7�h@��[,L�^�ڨn7n�mz]O5L[~-1�/�& ��3hZ�@ᷥ
v5nb{MCz߉0Hb9&�@���
�l.DE�W 7�_`F��6jɚĘ.N#`b�n��M%K�\�A
?3^ngH^n3 *����#A9 �kNƃpc4Ʃ=^INl}`l��0[M�RRyB"�C�:
w�wq2�>Y��jlzϢ6B#
&�U�5Q59Ff�{��W'��e��:b%��AlZ_S*u�^�o-^U9?T+AF>0�Y�ᩎ hp)�M
ϖޝ[U]��"JQC��%W"
�_G*Qr釧Eэ8kݿ&J�?^[&Hf�Щ Z^xZ��qףz
opXi�8D$Ƙi=~�"յ4v��潛A!l��ף<�B?s;ix!3Դw�nB[gu٢�ns�zeKp��n�"��UO#�+_"FB��c~枱6n.�J�sSܣfՃ�fߏ��x|�rcR9\Α%Zʕ�b*2��u
G�<"�?va��7 :zO�FR�(,�)y�C/q�l|��V�'
���)H(!�Z@hs���Y���*b�p����v{�6E6�G
FI\eP /-NcϜ+wWc?V#=QHSXk@_H(B{ڠq^!DM-:Slub3:zz/��A�7ŴvPߧ͈��>^p掐75>Kf_,�;�;�JG�
AAZSo,'DNL"ī*ϐA1"f�qRFieQ@n(�?gb&aOr:��4~�`�^YNx6j.Q-M�sA�t=��]�ȀPN)�)1uoCC1ḴD"#bƾ�%��Hy�4�[ZRdc=Qn0� �>1fm-3�8r=$�4h%�!�v�iD�4i|}&��W[ؕ?09����Ce �춳�
~�'�~+՞[�6v�IA]��߈��&1"c�q?*g0qb�~�L�.�bdVİ�yDgT�l�AQ566IkJ)�VB7ҭ(
TB$3�2�(���hO=a8S`m�՛>]3�2
V!�b��*-\�^7c,�W��]¼��LeҤ8��:!�uݟ �IT6{
3__�-@t� y�7�>Z�ydEєrl�.c�q`Np�O%b]#=9� {`1M�K"T`XRXآ-�5ދ�;+(Gw;;}كl�N;=m�+]�g�^�sr;J�gSٸR,cEWɂL#tl[߸����"���M$A.�c�Sش�9T�SԕleR6�K]_=;mqi¾E7�cy@X�
S˂�騡.�IiIFʏ5gU4יJD8e�
��|1�[U/HLŬr�N
-`ֵLjgLm�(E?��L(լwvv��7��1C��u{�0ȍP(l`i+0t��pti�Z$F4*oA*hNѐq[�v�y(W�3�-.g(:wZ�ZcZ�ٯVDƞЎদJ�uV'rެ*1r6jPO=AT6Vz�#^ @Sd}EoB-A_ę!)�
lވ�֥�w>.J.���h0TS+EL"T�T3O�it� ��`?�/�UE{7DY@�c�,��ւK3*}r6E�K�Oe��}�A(TJdN|��%X6cKDk^"N39H7D`yO#eM.81�{yBM7m��
UQ ���6�v��H5&�{@[�pdV2%ӐrBfR��1l8�P3N�0{K+[btK�dY�u3�P_k;�+EL K`䍻�.ζ]�l*=6dž@��cɎĊsfz`Ohw]&�ЁAnMr�H&P;CbmH
,i=xѢ��єr�4(;�xh'r;V)|+�j�мpdi��;4�2&p& �nB~Ǖ۩E?A�z%)+AFdҚ�gJ٨�ru-�#�]3UQ[?i/^L)!h� FX�*H��}`�N`rZEi;1=˔hp0Lq2Ԛ�T`ZQ'zM�pY�;�f�ӂlaQ"tہ��qVDt]�v3Ѝ���gUf[jN@$zSk�u>AĹp�=DQbLӥܻ�Y�륕c~&[�%7�I~Df(GGg[8�ɑ�*u�f�/�2D�0}{/KW�!$2i*9fL�P��D[.`q�%�LCc����a7(i�e"t�x'�lpohEE#fK7�f\)�-�57P,m�"Έ�Ig�H�c��ߜ2x1nmOu;eIj��
X"����ݹ/\P�xj�0*f,�0qF�
e%8$6Z-M~X=K �Mc�#e�&wӫ�Z[Ji�G�í*�\Kuah�}x��K�!hREF�%sk(L]XTQGFΤaG}�?-Ov�8&�gk;u�|CIM$PV9'Ə�(e3n܋q_J�qV���vx㶯ѡR^o&ZJϒl;u@':F�[��<|U˧�,�R81t�t7TtxNYZda4�HIGm|h~0(FsՄ-iDg�EٓI�-ʈ=0�Bbk�9�>Q*ه���u#K)�*�w dφ;xfP�QW*i!#��c�]���OT^m2#0]ٶpyzLW%�MǨh3C{3~�݀=��dk GQ!��ZPpym3[�e�r>?N^kaa\TiL�1"Jfeб��c+-�]J�:
Z�2"'}�WcI0uoJ�2yTk�O2El}jO�O}H܈� v\T*:�n3FM�}E)Ά�Ov�WytU�
&.(X�i�o|k*��ϊ<)vΦ>vѨ4kg�C��3��'F[\�y;杁
P=�rY�қ>0aH^T_Caw`7�gWxD0,Ksw_�R{ק���;k',h�5o4N^0ֵQ]*3�Q3+u IV7�֝3&[]qb�իyɶ8VߖT��j3S1DVH�'`m#tv���q-8ײb6^*|e3(v}i
_T'xoH8?rf*~���Ϯڏä`�bvF�Y5���G�)�u\I�3٨^'4uVrup�]]�)7&PI$ذ�,yOT=kS�a6 (D_]bf/�yr\�,$3�{ܶ�k:���Yey�9P!�e!���woEC&e�DZ|j2�ԞxN�"G�1 G�\#�EO9p`yM8JC߬7�HIr�[1O[}ib
-4$�7|_86(i#
@%�ِD]�#�ZT.*6HwsrIڏ�$R6Q���?V�j+��L>5��%�fP�,zI&k,'N��KϪF�r�
��xƆ)����x>il2dTPTA�Ύ%$|�BRc�3ĦDp�nlei�u�I-}AKlw�nF�W7N31�I
blc
ܟ�j�y�.o��u^nc%fmt২+�@�id��&^V
d(jb�fU�03pzTD+4poޒ4vɾb}A_�R^��u@0B:#& +]
W^wqܣaM�,
4-�VÇqE��nwh`�ʄH5|D:�W)�Y��#Oj�NLR[+�bϒZi�4{<`�&;�-,�g㑢:z�nZ;�tM(+Pe||C>Ux݃c�έޝ)�}$V�7�'n��fd+:O\:uD�'{J�YǮ�'p�q,<i{G� PGN_F=x(C�PL-\߮�| Vij-T$T,W;�vӻ��$3�?�[lԎ?kaZ�|�����5Fj�<�mF>'Hp-a`�Џ�_]Ho�?�':@u�J`�6��z�
Q\ʼ���t~fQ!�n�nJ@%{nY�EH0w,䥐'N�ȇ< m1WMkD�(u|��oz'=��g:~DE::Gv{Yco-l���5/RJ�
ʸIQෑp�Fm8�D!V�{�@t��ݡ�sAjD
edLX^hb˶B|�-�(L�!��6z�$rn
m֘W[2��Avv]XN}㪰��)d+���]K>�0�ȳ!sPH>�UE.X2C
3E�f��U�EIt�ҧge�l8D#
V
㜶XZꘫ*M c�NVJg �
+"J*mYZOJi?�rP�n3�ԵߪlVpɅF鳻V834o^
+3ACx�5"�">S,:eq/- š6CMu@kkrx
ݞ�q�%fwNrRk"'E�N"0ҳPHA[j1](NYܯ}^+k~.�X'ۚ�V�ؖs4
Fe�!Ȟ�r��κlj6$ݞ�ӕz�8ZPf�Nd2&5$M�SlY�yǧB(�E'Kx/z�~'Qgk�P.�5��3jFy<3�8"'-&��0�r\#A$Y%'�vŜ� 5Y�"�|A-Ɩ}L.k|He
�c(]0،x�)֦?��eնbP�2|(/Y�Y6�d��
0$s�tT.=>Dm�5+hWL�Ożii�%�K#q�͌[S�~^8�-?s_ؼM3r�w�GW�W5-R4%>@/�S}А�xҴ#r�D\g%+?O2rYV3͟4E<�L����CawY�CGWT'Y&ϸ}!&���Ff*�T�LWl> Ģ|z-�+b]�13'iJ[ဵP㳎�p!Rm(�%Ŕyb^)m���U4P�Sz;�ᧂ&�ݫ$}R@;�g9-a}|�egV�89=Շ�k�:>a�l+U*\�+=w
�ǖ|�}C"D 4K)c(�WlZ7_uΓWƼyX*ݿdl�H86S�EKC㺤T��cCu
wy���4�3騹C*zʕp�UԸfj�`k*��Ԏ!�!L�C�<
"ơ ]xDD#t?kwuU>\ظ@HS'Lrp6cD}۽H%R w;mK S�2@_}d�w߸y=@Kפ&+/�(�ʼ[AT]�
�yqͼ�o"gD[hЦc��f�; *�uE{ j`(nj!�#5t�׀t�g� N�c�VzJ(`
�8r)RKd5T<^k��W$rCG |�oཕ5�Oލ�l(7}
Wbh�'�g9L{Uu]:hxh*u/(7W)-kHu�b6O_f�
ji��YP��[P_@�;i�|.cӸ_k
#t#{�
�$m�8v!W~OR^Ɏs@Ơ��aDlۯupw,=�pzW1ʻ�l}��c'r =���pJ�y�D
wՖJy?�g�Z<�L)�38^ﻫ^ͳ`3a�أC"dV;~vʼ'Huk�obF806GXXe!cwv+.�"jp
%(�@>�)7(6? �UWE|:yZbۖ�-p�L�Iha�f���#%Y�v¢7?_x��و7ĶԚD� �|�HgQ,F�~4Q�`��ZBK��f�D!�iP��[<[2�qB��X��&��g""�Zؾ<�3ᢋ-݊Vuj�(��u�.ew`HZF{X9nD`:�GiJM}-/lu1=z�Fwl��T;$6��y/5`+d�d(Ί47~�\�l?JH�jb춈l�E/7QYa$;~ln�,ԯTcBpODB+q:��� `25ȍ�_��`@pbGCT Lo�/Cp��$
� DC�6�+&M!LM]F(4_x^:�(Z9�I ���`5)l�,s�( 8:q��Z�x�
�u4�~!M�E|zٓhNzԤ�u|;b�uS=z��VJ\f �>Q}p�SV5"$
]-�Uc(F�'l1�m'
�cY[�~MԹ>x�Ot�nM�
'uإ3[ait6xw�r�6qB-)}[=(V"��u�BE
4�ID̏)rL`3aY�6Z��`:VUI��UfaF�%0<ȷ3
+kN�̧F> �8I�{~�E�}L��(0P`+N!�oHDV�u7W��qN!S��2�mAYK��>;S=$@CC�M/.,kη�#_�0[�HM��jS�GWڢGҗ�z1E(}̕]]/A"yN�]���F�p4���&��HI?\�Fjn`W�p8[qa��{=Y��)
n8yjQ{^JV4��ҝ�$Q�T�`#]'Ei�R
"YʢN��]�,L?�%�Gz�E`v3uyO8}�,hIRA\��|�%�|=�q�=P�&�L�h^&+՛!(Wfi@8I=rT^㗗F�&VHeo*)5�A9>y�a뎘ɟɠ_O12)<9{/#e>XnE�ӊ2mZ.2lF
�Q3Q�^Qєp�n�9tCv2ڨR;ky}=oy�_0\] FJ ;dx0�Ou}?�dP
(}ғ�(L:մR�~!��V{k.?-$&'ھO�Nd� ՃCO�"=e`�pŜ�d�k�{@ٞm5`3eL ����@bDW�".fv3Jnbْ,.AyUQmjK���CH�g*�UvAG�q(�rJHvɫX+|���Tn[ã�K_�L�U}6Mę�nvX۬P�~jcZV8Ț%T[N2f}Ao=z��.ME�ج?g5|��
p6�"$O��D�b\5t*чJJ阿1f���]9H�@�ZE X�'ͭ1[&��y�x|�-���IWgUIHݸ(ٽ\gÍ+#6l�bh-^!�SM��ߺ_ޘdU�ou1`}>G}�:�e �W!dĻ94}2 *��8
�g=�\ԴE̯E{��ǧRߛ!���\%/g˯M>N�=�� \Zs*䋖IZ��P�س:!̭hw8f�Q4+Pp��S*J-V3k*Dk}v�J:
d�m�.{h^ٗ�j�|�Z]^i}_ Oz �; �z�
]yl0a,���E!�ҏ0ya^Z�szL�t���@�R�(�z\1? f�z_�C2�yV��kۋ>�a)ŢL[yUIk�ݤ2a�2H%ʼ-k�;X(&^�a�%f�o)٬==>qa��eCg驲,��d�7Mk
|D�9ʢ9LoT;mT�<}*S�^]1>.��3j�JXU�0Ū�rpN6��cQ).��FBBjTk;O?K��4U3e~t$NE6cV͈UX4m�%R,"�@d
Wd�P9Z�]T�gxE�aQ-%Q13՞/gn?ѩ>&DHE
�Xvh:��#d'�,�3Xl�"��<|@* h=^y¾�ژ4;0Pކ
y
�wLpX>G3>C=x<ց"GqKd]%t��)5I�+Ӌ4��^`�*�\%
�]ʜ�2IW�HJ:\�b-in"�c)y&J/7HA'!\y\dH��S׳�WY.g!"T%{V>+H�8#F�,>G�5P9wOrkB�Xj͛S?�J�Lj�̻o=1�~Fci+�{�\}
Dz/xbV�xRګݦcI,�aVw6uco�F4)=ߺzM:�߷}�O!����=�}}q�YA�D3�{�:1�1&>@?�Ψ/y!K*��}ߟ0&;kR͌�jx?_A� jvyh?�:�쐼ףtuMoH�,:
�?L�+8`N_�DC#;�1b�(�P?hEJWWq㲆_R8fE7q
@J#PU)|�H*�l#��/�d1I�z�̔2bq[".�cB\+'T/8d��L�5W�
�5凤a)PjGUb�1TZˋ:�2�N��^
,TC9+N}�&9�Lmm=+��[P| fh�Th�\ɐ!kV+�r]CU7YTMoV����Q�-wWf�W$5phD[_n[C�]m��.
.��0))�6*>C:�*-$|P-78`��V�:
-(R�G�MuE!-!_��ށc;լ]Sm�-���cc"m+Oe?K7�kMNXAp2rDIQ&�x$68H
a��X˳v9oZN/,4h89W 7A��+$m�W,A{0#vV찂aWx�մ�}R
SްW�Z@H1µ���U^�,P;%nt'k`l|�GZ�k돐�}�eSn#��ɦ�$R{-p�↾Hu:Bڊ�Gev{׃`�a|��knia;
uV hbF�Y���0f>i�Z�Ի-ҭh&�ة{kn#maڥ�d.xH8jZ�Ml4B+A/�Y\GؿTD:_*��<��}D2"#r<*
c�5�H7kE$��>�[H;Nuc')�;=$w��6{!Ia&k$u&r7o�z6`a0d~GoTZ�3D[Aa/URM-��M�~�*}67��9H'L$iW5�EcZU p,~(փ|u1�~ܔyl8T j�SaLdY��9/��Є9t�-&�O��j��U^< �N�h�P�;~37�^}rV
)~2+�zΊ9�v 9�}9e�7;*I�
�J�11v8�3̡qj5i�k6T>f�fbG/h!
�:Km^n�`"cWq#fiH�ST�8Y+��#4Gy&a�&ui{2L�JX�m� 52.K�V_U4k�V`MY4p�f>~80d�P�ۓl9����X��+=qs�d�n�O2�i� y-�qϘ�OSSt�`8s/f�n+Z.L���;V=�?!!�;�4/�U�{e{�)v!I�r^�Y�.�a@�hQmbW!�]8b?/H8df*�v9"愣"Z�=�b~'hBbm�t,\J*Ҟ�b�%:
pQ ;v�|oT/+?�p콳 rPnyēO�.;Y�["7K r
t�[BU6�'�Td>%yܟHJ�2"wD�M4`(�T38t*�##�7��QM[s�h�rh�<[62�2Hî~M�BjiZ(�*��u&���r��b~Mz ^�Xo\6XB]3қt2
jN�/8LI�@C#�K�z�'U[�}-�w+@�Z#3�X��`�·Q׆JБ1���0(�KL�
5U%�)1/fi*=�
C,Dwz�fp@ -D� k�'՚�� �1ڬb�_=?��S*���"Rىʙa6x�9QUh]L鯚ٷҳ tE̟0WA�Ph:4@��i+$n(]Ցv.Ԁk�3-6G<ÔnΞ:aW%p�$��syʭp�Ġw!1��kCb]%˘́kfH'T.2�CȑE@W�*XL�x�+JyNFhuN
ċ.9ގ?֢,zcO"z�¡Fl�f
sG�ʯ�XG&�:��)0�Y�"اq��3�jئl=�7�U)e| ni�Eo}kKw��3_vLo$X7�PޫQ�
ێ롡18,|vl}mb�-Hf�8�Uѓ�ў_�
5;#bVhś�p�;m.vv6.A�|C��ή0cùr�%qb¥˻,�as~uН\NWR�Eg$*a~Å�{.~J�@zr�i�
@�I��e�=T"!7$a2JsmlD�`-Js~Ғ@䋟6E;Ѳ&s%h}SP(8/J~�vT`�QFJB!MC�'j[A�7ym�ЇD9��$R�M�\�x],\ �gHWpmAН#6a�W(4>!�dg{�
#]�AA1>-̹�dN=&'�~':3�ͯ|F zE�'ơ1�lCOH).\B$!X[1�I8yrU�OOS Z[69cn3տy'No��c�w1gJt
1RU/Q2�_P�̎bȫqLj*@~Ւq0`2lAH�q�pt*nj'ԢIέM�at�>^4/A
TV$@@��Ÿ�+MOhu>PW�v�OU4tZj+�#ѝ,A�Z#@�c�q�^� x�3Dӄ��ڑY?��u4��͂
YcjTĘ سT2�2k7E����,5;@1oխ͙nr-}�)]'�tznb��Π9KR>}`ㄜ8g|=)VWk$&д}�dEj��k x4ڞ��W | lQ5z;o\?6.L_�ƾ�iB{+<�N8˟FI¥m:
.�V�:�o*KOn*�Y��r��P}ۜ�b�2bsK)Nv4'Gr�fNX[�]Zcb2R?��iIY/efJPjzo
�6��m�Õp2<5Wߔu1._DLtЭ~PF�R$ԑP�)Wű]"bDdlma,7)�y5��h�.o�ZDz >NXw1d�]
>
P�H_*ci�0sv?ᛵ��K;ګG;$&ӆ˶!a�+էRa͊E�r߲q -S�5*�4e�n=v�ǣ�
�Љ�}�=::fy
C�x�O�;{R$�y2#i&DCz)כ?>39[Uf#BXRP�BjTf(LjbT�S4ވUz4��+ѹ(i�=&�^:g%�%kݗu0d>/wdy�/�{yj%+/D���7�uo�l�&{Nj#k�(�%\Z�1�Ƹ?xu��O(ر�UT�Hr�S4�g^JFA*(Cl���+-�:O#8ۿ/xWw��钮D�%�|_��عhߣm_N�З˸n8�Hl�=M��ь)fvإ�z,~!
R*.]��ަ6ԩ=�4jZ?*qxdpr�#p�E��6L~wh8�c^e{z;nqx*|a���ec�{�Q2&u���Y/v~�U�-LK:nRv7{N�X] �vx] ލ.v�5Ó#&�y�[ep
�rIQRpa3/_$k0zT.G8&s�tJЬb�ϱ(UG4�!Y�U�8ɬ����_>�0�qT~HdG�iF�I*qE�Eع� e\EqjPTx=&vDw-6a<��f"
�AwZ��P�T�T�/4dv>{*�KTΣ(��d_�鑌Om攏�`2�<%jjɘx�.|)�
Z��#y:G�-cU;tp,O�6XZ/>ƝC踘2u'C5�G> 8v�T$!�orx%�3�To#d�T[iu9*�z�f�[r&�"Q3+ލT9n�p+2�<ŧ$&R�Wkif?z*Je�BkT
�Gp|W�t�9~;ꐪI9/ZWpE�?!eY�P!Qu_�+=Qx"*9gPӸy*ҸA�y7@N�oxQoqk��W�=)
_W{]́[�LH�V1jjs �T�Fx0eHE"Ţv;B8���{��#�GN���@$3�Ԩ}tl�69�X%u'W)[���7J�UO1��h^�ɜ}-@m>Ql/+f�K"Aϋ~�x%o/�vR�Ò
���o�P*�c?�Vr 1x[4o��`�18�z{P�)%;}AZsmw
�jсǦ�H,i
c�m[�0,k�$+�t89f2F8dk^zN*�4ԁaT֫�YCO6vQ}�ˁ}w(�}N=`,��!UoK]E$Cx#�u�`>BR3�
�metNH29i�0Kp.TgnHk^IO+U祉��V#}J�Mm�N`|xc�f<�U�g��4^tv<J�Tƾ
h߷S"~%ǸG{�xLSAE^{�#N?݆0Kw}�emNg7{橆K9��6�JJFj~횟?(K/vI,
c�X
2�"[kr̓�c2^gǦ>!R�)�A_�.V��ah]!V�Fvظ�JM�\~)�ߥ��D�TZl�,�K1��%��f#g/_^b*5�nX9:G�i+:}�~m�K�84*uq3,o{t>UmڝfS NuXݻ2�jJ}ֈec?z�5|��8:�R�f`RheqSj"I %nu�KG"u/4�8��qX�k�@o9�M;0S}�:{�rv4-
s}赣��Fg�*au]'*q�J��
RlZ쯙=Uoϛ#;Q;!�?x0EgbB�%��+M? jIhB�GSGm._l4~V?��] ��m'x�>
ΚSZ-[�\ޭ�9g�Ho�,(�'ZY��Zl5:g=zxfC Vt$�&�"�ɭ?]"1�橌s#AUT͉|5&
&g6�Le^�a^wS<��^VeY����[� >iZ��2�CjJ`N("w:F%>x)3PhGÖw{8$*�I3).�I�eU'CV@
"ZM���t,
1E[t]J^�. kg c�ȧr�65���C\f8]P2Rz`\ⷋKUt .*D)l�XX)��cHU �K&;X��HQGpӗeM58�=ZY H崀SZ7��ΥW3a�2p"%�Eq�[Ȣ PW,ʿAiߚf'�1N�2Qj9�pœo|=KAJQy�1ƴ'?����]o+^XMR�~jicKe�/lOvN�a1�&\nՁ*d��+���x�''*�! G�@
1~�&�aYNln_f�poFQsMs9$E*N]K�*|�~�R.wLH8�8+O"
$L%3�-�V6�2h,<]#�3C�^S]$GHF)B&�^whs�dUw�8� 6�
x�E;���iԯNί˒�q~k*�c�lR�U�1:ͱw݅�klH��I�9)y8y�$쬿[{�,g�ǣb ٖ�"� aP7p\�aI)l�]lug¨OwIЖ�;�>,蛏q{@XiJ�ò%�G﹂�^6,)�?飧���#f�sx�D&l!X�ٞpGM}*4�o�,oE+�-%�X̙
�EQˉtI��
%Ȱ�%�GS^;"�Ut/�2`о
R\MMR+;��`m�A�x�<̓H|�[c
Qtsm����NL#F�GBQ�X}SN-/��e�JZ�gGp1[��Z_4~�<&]{/53#Q��A7@�܂�/oݹ�n'_r{�4`х��<�,�s�@70Q!��7l�wi(Xm���l|K;4CZ
=K%""ۮ%
AP9*XO.�xD߁2c��Y1�'1zՆ�0Jo7E.4m9�=�?KP5�c~�_8"8�t��\K�2�
z�=$�JaXm�f%Pq�
x�$85q�ଶ*&nCOvc\قM+zdz
^��ȹȶ,�6��?V4&�
[�Ur$yݴ�!筗�Q\�9Edq9OzvO` �G:7�^ؽ
�2ђ]5#S�oO )Y?ƍW.T5x4^p|{�o=��+-U% ` �+Х�Ln�wS�+c˴Lי.7�@Dv̒�qV�\YFxWm�5�3F:<~)�hͪ5�)�T�%0q2c͠�L�q)BB
v8�S8"O*,gЉb�n6@��V� p*d%�*�r₂��q��'sA�r���vsJE]\�3"&�mdn�IS&�DaKYK�D;8 ^z
�@[�&m{YeVt&0`@[��I�nҿЭnu�Oڜ\)v@�DJ*�I_ĺ>�@$�
\(���! 3z@fZ>
O5!#�[2�KqqutM]l'R�Zm)zlܡ6pgQ^nE2YN
pj?h{NA�,n>HC&�e�%g+�H-[iaDUX�;R5�Id:�mF
Nh��P'U�]+b MBZHG���
S�V6ᑝ!h\ۏ0_"ێ,z,bжJiav:Bk`�Ã!l0X�}g�-qG���rɼ��X�T��(r�Bf�V')CaCF=am
���wCV߀N`r��
,EA!���dĜ�]' M+�T^Ru6*VwJ�R9t�6\Xq�;r}Z�VJ.�XP�"fquq;M�'<%��J;�
!ɠB��]ڲdr�`)}O��4HaxAz)с
4k�x�#�m+\!υ0ܥsM�)l߀;&4��ތI_�MhB�umY#Cy1>��h+j|k7u��I�ck\3z�r5d�/kN�%˓ZRf�?a
4J>!�K �hEs]�I(˶�5LC=͖>`kۛ"� f�4g
�a!u9�3�{\=8`(@gET|T(5�d�+c
~s*')��0iCmRW`aw��}.ek\&�iZg`!>
-@5�qy]-1=�uzTLdi7*،BZ|j,!8d؉c+�[۴Cw!���6ǡq"Dp^�/^v�˃<+c ?
}'�1KTޠȖS <1�sʵfM��QdљG�-�2ʄ~%Df5յ<%o4l�*w͓>�!�TYLE]D̚{2H^R{HU�K2Wk4F�#ϳv t>QOHh��WJ۶�iBg�.d���2 +I�,F�8v7�uH�4&qPY
0n{[�
s%)e�x @�4#�e�7'��c�6bH�J-�8)�MBy
aMPIwJY}$�RL�ר��_s��
qO+�7QMG{A/ep& �r�tnjz;*x~7�LccH>��UUM6�0n�b�0�Uf/�bĆ�ղ\�@j[���EES�bxk冚h7MHV#bP�}a�Mj.td%~m^
\"[�?e7fQh\U>m�)l3AM1N
jK!�GWiןaw[=vdb�9e*]OJd�810aZ{[�2"h�更BR떸F?���kȘ<��X�p���&
:�or��cv9Jlz�YgVsU+IT՝~�)o�fEd$}b_���Y���.A�`
I�AΑ��?.m� +=SapQqAtY!ݙFmk�(^ ȁl�8D,��Z(*�~-i�F>�g<38B[�نpH+�a|f괰+SN]OӷvЮ])i5]IHڊ��4""�@n��t�&�T'�{qOr
F.gcme{��ׇg��$�Kvm/��І/ �.e��w'^[SEнH�ԩ\چZ4w��@*n;9hIM;yMʝ
��gs25e5�-j8�<5WFWaJ�/ˎ\lY.�~8H_�x\��l(�kZV2�B[eo�Fqji"ڌ,ۢOfC^^"hw��ƌ.T�;vz˸e��[ �~Tb>�IdP]D;F�OG�dX㍣P#�5r]��R_S TF�Zl7`w9
ȃ�eq9%�%I|8)I6�Xe����4�axyjf�-Fdh�X�>bV�t9
Ql/ǜY?���Lx;O�L]8o-eh
wO
��x r�D�Oy�ʶxBE iK
�6}¬Q/��)y`nqx�O��q�'*,�"eY1ZYx$;Vk{(����5Fw H�v? M�=ӧ(�.^^^Z�zEF;-Rjr 9y�ㆄ u��.�]$7IHoS �PGe�zXV��{Q�βZŞT
&�o5EK˗L�Shn'�>�Jxju+��BK.IJQ�0We� �*i}П/s�"��!�}=}y'�pG/y>M SY�,�*��n�]
�rI@6� i,;s<3$mE۪��C�բŖiO+�H햗aF�b]T�BH;[�4Ï��YʀwTS�tp�[2
P0r(%,���51Ցמ7]��1pGW&+. ZZpRQ.:GOh��m߭.��輭3p��ji9ץ�A#R�ԫ3lff�_�hטA,z�6�e(b 6�O,�|��qV'²N!ux"�]T�@d�V�#%t200O�ĝ�>[�ckFĬӯ�2�> ��W�/6+g�qi)V'ѽ҉vr�s��R*ʘ+�z�#AW#T?Kb�1UNHq�gW�o
Ap!)C]o�/U�d�M�Ń�IBIE2O��K5 rs�F@!�]6;럞;2k6=!氁C%]w=KnG�rشG��-; ElTI߱}r(�$W HV(4ㅥdN1@v�\֖IPr4$DKpLk�ͤlA_��~A'I�N bv�u��}�8pe@t痿�9gݑS�zz̽=Oܐ�^�줆F�`[gFgPޚfݸ�wPpm��
DP^�D=S?r(�@nàr>a���H�Sjx�F�^BD!��uŊ@_u7/�$wCZ-9�����\�·gc=]fe~>Z)=m��1Wƌ��~�H�w��itఔf�}Yя
gv{��pQD�p1�X�X��D��.i"W&\r�&T*��e�.%ZjV-'��=,�gY5�pSI8&nZI' /@m��ٗJf�Cڈ2Xϰ���rYH}G|AY"xaͫ�-*R_AFULe�3۸}sx&ޮ��z�D.kMBc
�C�J��Ǎ>hDɵp%ޜG_�J�TSsZhxc��{�>VJE
�v8jL�.
�x�uw�pu^cy)d${KВX
&Dc.|ԧՎY5£wA�x�5a~0�"hoɛ�&A��YtDqWy@W3f��K��n#l�^B"k�N}$�LB+0ٛH}[X�:4e��P`4R\v�
�_��*0=,+s�ө�z;˴s��0M4[Zg��A=&V<#²
(aA3M�Rv,��?zYq�|"/e2qQ[]�Uew@2^���yЅ!1�$�ĄE�_�D2���tYxmb�2#N�u�˭�V%�Xorw;`>H!W�~ �e�u9e�d@YZXml)yt.
6�Eaͻ\M=1DAgNG��F;�f�Yg�}d됍?X'P�?H�cƑi�hAY�1$eIPCc$GNzt�`%�V4E')^4P;DS"*&�o$w,.j>㿯8�'!r$�:�e1�)�RzFM�g^� N`$Ǧ�>ϔk6�)�|$x1.X�Zu3��t>{2X+dI"�P��҆]P%qks��ҁ!��n\�O�i�{[("(|
�N
!�K.�
ʇ
p2jU#�V_V�^B/�X�!,-BdS��@�@#D�T "隢UDVRa� `"��,�Kӷ�W|KA���3,>~�
찯W`|k ~gd�Kش=W2ZU
T
{Ge46�z*��V3XE�K]2�Y?��-2䗨�KkzfM�wQ_'/3L�okn~
U*5vWa�oHOn�o�h�Et�d'y 6 kBeH�W0P=��@F �_M0bh$3̈#E�ҏ�p;?RҦ� �Z�/H"3F�J�5$cvoV��4\֡�V�)�hu�n= Z���SՔc�hAxJk$&KD�JH3h-�;^^�(^1J�t!|Z�T'�I9==hrH9r:بeD9�GKlr'T&'̷~
�QV`qJP۲"kZ�xP�2k9~종3�I���LH�Ov�N[=B�K�g6
]\\iФQ9� �;�����J@EMF�,�!4=+,[ZwG�O֪L�'�F�C�E98B�0X6�Y<K.Z[sw^@`G|t/AМsX%6�f�:U�
�wu@�[@D ]%?tY7�c��G�e"�RzYF/��g�tY`ȦfrJ:=K-^+B9�:'d<�[g$�7!)At:�0p@��=��.�)�X
/�d9_۠wOWӎ�SxG/v'׀�-ϲ²���,j3hOż}2&-��y%��=cʱ M�`aNᮘ,,¢P=&jx�PX\l2Hh1RnN-O}thxLɵ[%^.~\��u�
JfJ0ݟy:eOpcJ�,&K_��eJBlI7okވE@ʼ �3;B)P�Lhb�P4�-|`��L^�\�k�~ߠ\�F_:>o��xww5�+�fAzA��Мg8]&~Q��.�QQA�X�玖TSd&*u=e5rk-ܞjona9N (6vX�;L�~¡L)$__.K4DIޡUt�puI�h�u;{]�(�!2s�zGS�HobMN8`dK9KlYH֣�m'u6&0ՍA!>e^kϱ?Rr=wwh3��4RsYfM�lr'�B?بVvdبpƅi -��Y9uL�*^m77}�wg�,v7qJ(ن�eE�`
Ͻs8?�k0�`Sjw(Q�-{p"dp1�Q�17@-%PDjw�0u/@ՙ��Z2#�T0�{\V�hcݤ\�0Q�SG��<}Q4Ş�:-#2�Hū7�i4!ٹ�KP�p��^087g'`3<�eEO0ǻi� 5<�-5^~}(q
DzP(�or귗6ۛhK��:�1v_tNPX��_�c=u-_UuV.�"K�yٔb�]}�Cp'6YN�ϰp�>��x�lг�ro1��;-Z��P�݄!Ԕ \wlVP�ق��-,ipA�u0;EeH�`+X>�a�s+Cb�i�e
$5�M�6ɣ6c%#�f#4{Ju}7O}akR#ٴ4bp%E:'8:�eI>�֖
ö0VΆxO2MC��_Sڎ��m$!+I1np�Y�9km2��#4�QHDZ.o�"�k$zu9lNV�sF9�%Y6��m�Ta[۲q@�-w:l}b8�!3-h1mU�e/;D�Yb/4��{'
�3ߥm/���h]7ŶrJmfmsq값+�Rգ�Q-}Zu��"�7٭��S`RY,\'�,OXD<%d�Q=7G7(ȣ��)�ĥ)�%J6t
�gp*�"DGT%A��&NNm "nyDSeSe'
Ks`c#U�8\qMA"�}$u'L@"M.+�_{O pg>%ǡA[k�+oo|}�wx0ȣHaqk|wZ"i11_n.8NBTbP��逥��0<�L&��XA{Zʜ�ڻ$#l!�
%S0u�dsj+,;G7�_H3\5�l\4z�! q#�I9�
õ�
b߇�l `
KF�Qf�,h�RR%>IK |~7�E鯒_'o.[|M�>;y20}CLL�7C7'vL�=1@�m�/tV.�w~i^'�0وbxEҵ4�
ȻCkб�e�q=$}EϬcEPV]5�a�Y��>=_ʀWgFP��Yk7=�(U9C�MDmS�Y#�nW!�O
j)!b
)��Pp�U2��'dJV;5rNe|+*%�ѳGpf�F�>ȱdrԃ#'6hp9ll6Tݻl%t%c�䱬2OAyuL݁||B�:���xb]dW�|#~�/�lǶ�!ݕ�=�9;w
�x(72m!V�TbC%8��'vxy3l��W%E[5p('eXVi�;\'u1]RH&���ݙ>4 PvM|S�v��"#p�lX͊=6�i'!-�/�,�Lͨ�v��
h:8�!��녱�ɴ>rWZ/�(D6b];5��LVLS�HxH_D|��1�Jau�kiTE#51/E rU�C1ay{; "C*X A�g`�ek¾̽O"^�E�'�l��l�8j.r4c�Y�xڔWQ�~S�{�gStA�)Ҝ�7�氝8ʉQ�Rt5v��Ѱu 4}c
��Cj�]�8w\ts+T 2�4'Fz|Ɗpo�QSK)��6�K0;ʿ�צb1)��ʻYOA%�IBaֵn�C�
N,��b�䡘VR �\ �Iק���S�4|c鉂�1�h1��_� ��Ƽ2)��^X/�mJ�K5�=Ƃ̥9Or�ߙYq7�}O�Z�T�uT$�4r�34b!#�ԭ�pW[J�Ҏbg �m�y�^ʺv>i[fi�e
z�ɵ�ԀqJ�J�x? \f���[
mсH22t.n�m+Fz%�v�О6�O�q'&sv,P3g�6��n犯�[�lE+0٫�-*l@�
l{KB�m�|e
q��q0A*@.r<$=}~s�̷41(ꌑ\�E_-(_3`m8̱�'Sbr(4WI|\sK�X�#�THes|"`M� ;$
9:ge~vpYy��r�H��㴍\h(FG2�hb��c]Jx�J9I)&E$k登B�Y_y�ʃXy3B;f ��NΥ'�?k�)ER^73��X,rǛ�u K�'bjpʪ|NxC3�|�8pDz\�zݔSVa�U'N�CF u �=kd���ӌY^p�k@S�#9tq
皡 ���vLj'A|oi;`�?,� �FM$1sDh/*i1|<�KB9�8K^MCi[oڭ[7!c8Y$e� X�BgXv\N�}֑a@yF&|Ѻ�*�GFĮ�s�EdfGJ#e~�v",zD3G>&D$=�BxY-k,bWěau8JT�yQD;.� ��䬬W�"K�zL�Ft=Q�=�Zj�v3_S4ҽf)� r+�jn9���� OVt%,(
֣��`XBb,&E^/#8�{*7oG�PܞFV�q�d9GZ{c��&eMo}H!e�<�w��FF� a�jqa� s�uڋDA}QE>AϱlLsK*/M)5IZ�#J/UWdDza'�O?ٰfI٥%�w"�T͊72QOs�76�8uZՇv�4%�T�(r1�]
��]|�%�f:C~3d`I(-D;ƹ�z�>3M���F��`We,� Б$>2Yh��J'R�9C*#3fQu�.g��C%6s�a%APR&�3d?K P��{�C3k�{7@ǂ-j�<�¿B}v:yϴ|���l�h,�,c�dz%^��5�y�yoͰBƿA!#�4oo6�!*Vx5`'~Qa|ZK?&ÒE2�@���S㕐me2+|?Z�nv�;.�4UQXo\@�.�T�Q65nn�G5��SI*xC:
Ǽw+�tIr�6}\1�b��$�;c�8F�o [���?
�]=.u'Oo7K��g]�zca�v4%�|W]��>�xh�>f
j&Rc5D�R�ٷʇ2J�(�3��Pa�aV2s,��N8�:V-XѪ[Jܨmro�Wqę56V]�A?(W g(\-k��Y1��h/bV��Wx@
pA
1̷�! Z�$��~Y�>%vC{�:~옿�,w*
uuWf=˄>s#J���|`,MxM
̏9Ar|}[4AaNO&=O%�4� z� QR�ǭߴY�f-mh
�I|a&dC`?J6a�W
�VAf��N,z��B�[��SZH1��D~P�xXᛢ僩n-�G�@ (��9(&H��&�0]ŗP�* �NL�k{^�n�AM7CG�*%4�Pb9��29)8��-^m�ex���geэWϹDyû"!"pg,#���g�P^hïTp̈^g�J
l`\lu.�\�[�F39j},�Œ١ThM�5�*ml2F��cCRmX�5[ǖUi\D-W�&<�ہ*t��/.c+`3N�&�|`y?=K)s RcRی B�?͔�P3NMNbH#ѓ+n$Ƣ�vH%m���nCB��#,f�(?[F8gm0M3j%=Yz#kk$WcB3i�`c�ѽK�QHߏu@{B-ǒh�+~#K]8b"-ˆ}r�
)43<��2#'Tg}e~d ddߵVQi�'<#J�_P4���wc?$S'݃�lA+Yp&�n<7vv?
�ւ8hM/c;Y'�gİn,�i�C��
{�%�γ@<�PG3:&�B=�~[bZQM~
@���r
AO;[J)��n{<Ԩ�M�X�p
s {L+�]p,gtXSQ2gb'JūQ�9���]-GP]d6v!�T E@,ʲ-+f)� bG �!T0�"e�2(��G�촬0>3j@"
�ٕf,G�fZN@[/IJ��)��o/L-Zp��fO#wq�:c=�R�y.F<.o�lZޡQ7z#:ї0ϩAA�!2�
@#݀>Z� ISj�[,`Xk`A+V�jb �}ٝN%+u.�<��v�όjU�/�]B+�Ԃ;�s$��^�
p___NUFvH� g�<�0E.v.)7\�>�A�"^y" j;RµX
q.
�˭ЎPa�S�XQ*�Ki+x6]e
7
���Cj;UJ�#�1'�Yv�
~F-|\�%#=C-qt$cCgp=E�Fm�ũQo틩��[^�j 1�y!(.-t�$F橻F
DžtګQnי`9����3f�0��^r9)�ܣjC]w~ImQWO��-�?.QÊrCh�hXN�CQyk�Nnh9� \a/� mj�A6�k˭Kv
(ӕXVae]�U/q��XYS��\���ߧ)ʛ3YN��e[ـD#��qM�n
�r.%7V)/�g�T�!_�V�Z�%ǞLU{+Y"�.ȣZ[X�]��Wğ�]Q(מ*=עm&7cn�S
c��Cg2n;��"]=x3�p
}ݐ�yÈ1�@�^8g�+R)`G�'5#�h��`s0#P��sЭه@^/z#aΐ�*6��A}�v�x^-`'h���k�^0qw͇9^d
[Yx�E%>�/SD*D�*�绯�d;#?d&��}I(�oԐ�_W�*?m�~bY[QL椸"H?z�G�R��/\l��9v4�
�`&`�ߤ~oI{Y�ÞR�~2G$S�>Җ�3c0�rjw3 5
m"P9�6e[A;#%�~\KiuD]璃S�9#Mg�Ճu'L?�LbSMbhު"Щٴ�x+Q\C,_�+hA:<.H>..��'l ޛ=�5Z]�R;L1hiD�4�u
�uu+<搱ȈEJ3UЙ>�O�t~��)�6M:K٬Эݐ|\ rtDl�U�M^dڴ#7nج9VU~
�
٭d
ZP@�[呡'�aXUp�kfyi��=y�֪�;�m i-BIOe��A*6q��i �3�ēO9nʀH+@|vvoP`d�|���|)�b�� DB�`BuO5ne>:�u8Bqu$÷Zyʺx3&v�Pz[_�x/�`v�qmV�l߾�tO=�k2z8Dwt³>hK#�aw<~ܔe�o�J5J3}4{�\�r�]�9ctђQV��&'FB!\X%vtlή谪J��g]|t(V!�w KLOS�����a�+`4Ǧ�`tr_TD2,dIT1&p8!�@mtΝ�pq�A!ܰ��@䟢XJ[c͉�,4R:W>,�(/}
�pZ�ʍB�별7胁F ŷ%gw?�~Hb-8B.���OO.)�I�O�4:xѐi�/O} 8�o3&G.>'LŮ�FwF��TR3k@��~#haQ�r��sE5�'*����;�@v)3p?cT�HVHd?�XI�r�J�;}(�~�w�I'�ɜ:xIFI���}�U<�[&Lx6T4jf�߉Uά�[^��/EcMtcK1}B
$8�Fr�кGf��
�gIgVG#��z%���(>I
�r]�ĭDo#EYw("��h9�B(��"2{vW��+"a233V�LǷhK8a*�_]p�W�W"+5�8E�OGhd{F���?1<Ί3x
���Bxls2P�çsM߉9V2Ahw%�t��H&@r_�eXX)�JN.�ƳԴq �E�D�b>NNs#2k/T �e^
x_S\iEt{TDd�lZ�C�D8s+{A�::�&��I$v*W4Fް�#>%�jI���wS3*b��)ɛ�8b(J3FV�e�yȽQUW t:Ay\P7�{yX�Izy�g
7hI�Xٯ4�uQ~/�c`pO
+rB@�}}Ğ��PKz�z�A�R� T q�0p�d|<�~:{T�ݼEϙ0Gx�M8'QNW[G(Su&͔�ZEDžcr9D8�TVt6|=e7²5��:zG���4z�գJգ�Cؑѐ�0(1=O�"scw]L�ګ;.�
btb4w�}gcȐ ϴX'm�JwC㎛V^RƴaoR8>������MCW�凍�V�
Z}[X8%֊;AYKRLUƭ):� j1IU7�2,]�>�YtvT�ȩk)-�E�"q'"�U5If<�H![�*�\'�Z4�Ms'�^m��,PBh!`�Q��bո91{BN-sO�O)2-hr��X_~lφs-[w|˨c��k!z��� �FNDMu"(BMmF��~uz�YOdGQ
3�{o��ligU˫;@/�1T]PӮgDOPg�M& \H�і VAK{1ˠ>P3%MI��w$"U�Y%#fr]�x7Q2Ђʋ�q9~'B��/��rDJe��Q��RwèL>:DF�zTYGu_֫gn*�ZB�b�Þk=`:�B@/
=��^V3UWz�-np7BAJK�@bt)�䚜&K�Djn�;'x/�Aa�eP2Ů6l+Hx-��(pt�\3AKqy)6qI:�
d��1[W,k�K$?|�Ү�BtkO'[�}�dQ;5��S߸��Y;�q�#y�"GP]0c3?=]-D;�9UBDĪ_�FOA3Wݔ/1lp덶 @Z`Z}`66 Ӂ1p5�,dr,w�+&==_e�JB"�$\̎"h�!zOxƤO+KD�;E�4�TU,VW]$��-P<��Pw��/om\56&K8\ِ�T )��-�M�в�jZpO(#깊U >ȻЮ)|�f]t!uA;�E��{4�x�N!�I_�+�� >3{G?Ꚓ(v/�Z�J]^&�cf=&Ѷޏ>d��.J#+R����!+�tnUcEA�Ӵd5�u]ofD;)]� ��Q8ۗS�$Q6]�49Uq�tV抾hG̎�6-Y�ΚxRUtt��v*$uCFHH5)cÎ{wh9H�{2sŅ�j%H�gVa�~�!Od6�1jU�JU.DzM�-
J>uXtlFumu`Dw�-CqY�a!�b���2���gMĿ~sd9�qEm.00XI��F�5Q�]�
�B=L[&JRȼE݈��ɋj�7ܜڷT4�S]<8H(��bݽ5n Ѷ�NzF̐k�/ҡԛ}(V"w��6b]t9"JBz��|s�?^d�w�lGT2< %0
H�A>iкդlH�!�BE.�o�
^Nqc�+u@�*t��?1s
��G�I�<Ў'�|o�v&Z�h.N��#&V/�ɶ�Dyy.S!JK�;yNjc@RG"�6^Q�!
e_lU�U�϶t�fL# P"eÆ=�'O��Qʛ?�#6Υ?Վ^{��Ph,+e�]u�(�cèg�UT�
�>�)R : 7�<[�h�6C��}
O4�+zP_g�!kp`@Wblb��%PC2-4� F."J �kXJWzSi<, g
dW3M.�EcS�EN�0݉:,FT4�FeEΰ̩�ګD�|1*ɾ4M�8�M|%V��zH%�yqT�V7.#\!kĽ~�X�|ΝJ[ܹ~>]
>o
蠥��LsO�!%��RVnI6rq.8�o�Yb3�V̍&Xf?�"Ɉc ���GsoXUB���#>,=&t2{=:`vG�p��`j�w�,G�/�m@u2ؘ�jþa�'uC^l߂6�s�ޯ"Q|=soJl��b)k;S�8m8SY t�l@Pż!Y�Ѝ�ו
\rٌ+NgmtD�M
��%ϗ$|� =T::��cӼk�.�&^P�XvU�W�l�'S!y53;n�W`$vT%ᨺ;a3j.k�=WvQ�JS_m�S/�K9HЃ5[{�1�9F k�L�)G��BѤB_�~�jOV+L�`�d+-G����_/|\Nsge|(?�KN�mSXG�Ҕn:ő6Xz.��J>< F1�2M�O�j��%z.K�2IjVL̯fis5Jp&��[-�?f;sȫ.@��5MpW8pٟZ�R&Bx�})+A{IR��W'�p/�>&�Gg}
"<:.
9-ݼF�8jv}�Ɖ=�׳?���6�cCn'q�LF�)&N@7�t'@nK$zD@E3O5d�e�ɹCiN!�j|j)~�]*�:=��l#*p�.N*P�=WDƶwx7f��)B�ZSˌh<�Zۺ�NpC�5[2
�ho:����0w h�[`�w6<9w�\Sϸ/�JC��-ϲn�h2�.TbM�B;;�|HDWM�e5�PrL�eiW6JAU9sC@5?ng��e9fE3q%*s�fP!�aG{
O*4xA=Hy�%��!)V%Zmp6QS^(8��1|ޤBH03N
�1PJZ4x,w7|�7X��6E6?MgEՐ°j ;�l*oQԱav�QO�Ud�(Y��tp�bltT{;'{n9kg-0 b��
BuV))=}u/Z,Tc.~+N%x$μD۾`ܒRX�h@~\�M:/��uYٵw[~@:+_Td��j39'}9"�/0P�ۙM�B%Vs"*�&�o\=��Y��n7.OL0�CBb�)5dвZ
;Ih3ȡ#qW&){w�l~�i�o.*��A�3>R'Z#�|를
>G:Byڑ2�QBonn'>;$eiS3w�v8'x,I��eπT:9C88dlLT�"�1Sa*}ю]��ϵ��rlpm8N*/FL銙�cI��`�|�E�;ҲfR� {ܸm�-8�&L�ys<�2EUKN-���/�hZJ�/[�Lvf^�#3;77sбp*H�� �@1IP�%� +ddT"H�0\CBL3]jqKjbuh?eY�BP־0ei�+�PuYvHW2u]qnܯ�qp�썂#�E�!w
aS*(!�ĶCOe>Β
L_�X'#�:�}=0��$c��e�-V�_�[mmK�J#B88g$��qszB+S}y7ݏ�c.{U�TW5+|M�n>!8rY�ze�g)7e[ϛ,ڠ�!b-F6%h�M-3i�{FO��ǍZ%蒏m
M�G:n�쉕
(�LzL#&Sl�b�"[HD�T6�HCeX�D-S_Z34:�BH?fr�}�ړ+
+ȍ~��a�UE9nDē�Y�*Cz�2\=G�sϮ/r9�$Ĭ#R�pwl�cj�*$$~%X�920Υ
.2pfœ9��c^$㩳�5aJ#<�2yMU 4ޥ߂�gpr>)}ml~\~��8v)NXF
zQfa�$ASa���
nvad{1�
``R;_�l
In�u;�G+"-rqM,Eb\��Zu��m�.��$Жĸl��ib)>Dbr0l�!Ԃ> 5W�[[&@גڂ�~2�{Ru�u�"3>T&Ki4.wQD�2m}J'q>mkNOSY�ǤߨdW9wEǻO1Z`*>�0`aA�$F3| , i{Z:F��ƬmFD%ֺ�ܐ�uI%oJ>M���xk�$F8��Ժ4�;q XWhi�U�M�#rC��q'_,2��tsE2-́6MP�R�-�^�P[W!%'RcPo0xMh8}6%�7ai$f3g�WeT�r2}�~��(rI$u2OY�f
Q`""d�[) j%}r-ӳ #Bt �lC}�Nغ#&�-/[��p�AQ,)E��&��0OnR�0i{}A��z�dK�aM9^ \����Kj��u�gNc,�1Levp塐Q\�dH�p6:x~!&Gmz1 �828\w2OHv�=|K85HMˮ"�XDr+
R
<e$'aqLe�ٯ��5E敝n�*Lɣc u��(N$xx@�?U1y4f+�P�]M93W��9u!oo�a̿lc�GT}Y.yݥ㊹
2OA/>J+�R'ޚ_��T�1�ҍ� Ņ�Ep\xQ}"TfM6#G;<}T�+)s͂kԆF��s&a�o�R�ʮ�3�F��y{�?�됏݂h!�v�UJ@;�@jOҫU�yھ$axt�&}3�9��7
�B�ud_|7c
.T%DDH!B@1 7
6�
*15@91stKP(v*�ލJZ:!k��`z�͗n�
=7>{pZ#SҼj:`Q+�Œ\)v&�g��P��j��tV>�2�T�P!߽r2�U{M��/[紥T[9q`A$3mˬ)'\"0^YX4v�hH�֭x\,|�F(wu3�q8�T5a��o}<�-C2H�6P|9�Ekܛ+"Cz+EW;�aZ]֤�(�:T�5 悘ɹ'f[HqWV�]`勏cohn4}$�zf$� �l�H{6"�)%� �k?{sM�DA�a$7v)N;
>dZ0ա��8$K}.���MR5_�1
�T8F' t\|0Z8.�
M.6�xie=A30�oN "'t}�ip2r�kџ7��^u#-����͎�v)'(�lPV5XZ9����hDw�j�a� ,V�؆Ê�-!5�hTYu
m=us�CUӢ3a\^٬�K$ Hc6q]�7'T�Q�,$5qA G1D̪L�
^��� 0p//(**91vq#䐬an`{ɤw1pO�e�%ہ�.S+}�á>k}AeK/�hןkeN��ӷd>8q{Bk(�}}\L�q"/VS��Lv)g!X@0р�kfq&"òʎ5\WY_S(2mE;�L |�$~:u�r{�(:0�p�
#!�vT�,,6䕉qġ�IQ;M73ח=n&vu�
TX21�)X=K"k
XxWJ+Q@@Ny4Cpp'omDJip/47I 4G+-Ug%S,+5�mFG�MFf�B,V(�R0EowګK]�Vh'2Tm��1U�ゼ�/l�f'ڄ`ZxXy�C�r{խ ?+l\?6GMec�*�gtoFK:�EaeUWs-�/Уƞ_<%f<2a��2֏�=��C�ik2$<� L�І�S.S{���V��j�,�78wx�Hv]1" >v
@{/9�6/c9~.�c*/E�~ki
q5�8b@u%�Pߜ{A]J�Xrݍ��=RX|Mk�,;B3:�/Vh7}1^,4}B}K�r��KT3EX�8:߄vR��jQ�4A bC�x$$)u�aeT!v~08]cw>��K�ڀEOw� �P�kB.i�|-7U��"��h�,
�aj:b7s@''OMe�-SD��n$D%�,m,,`.Gºxz6œQMS
�sz#p3)7vQN[�*2[.$�_GShhvJ�y/,K(p$�7�}Zbͩ�S`]SrEǵ6d{�Um��H���
xic%�?:pw.:*h(dd!xWo�Nk��I6ƈ,��@~yP|�8w$(ff�Ijv_<';ƨ.�t5�.�2�yk�K%
nc7�D �`UbRoGpXRhkʌ�=rpB83;�2NFqr| I|U�(jb6�o ܮ�iޫ:��T�]q{s�۽ IJ9rf��r� IgQk�zh@?3(P|n�,QeTs?}txdv呥ȶ`m#A�+&v7PhaΉY)^<0'^9̀:�yx-Tմ{nRj8mPXH�a�>O�s�?��N)UԄbץWU_ݚ}ߊGlֹ}j�Gj{3�(�.(cK�׀Jalj+��0dwy~U{)�/fIp4�fw*3O�C�hnBc=4�\)lN�$P7C~R ��CM8KZ�y/ kcTى3Hq��Ζ@HOy�'�HF� �o�5�8R�|$\JVw3nL
��ra8{b[]�"F䊱\3�;M���o&We�@퐌��<ժ{L:IIP'&Xȕ(@�h�5>P�[];zs@ڹv�s���c÷D6Bt�ti"�mS5� �m̏ hD݃����z�.C�j媖�A\ʺ���|�[P�nt#�-uByv�
R)k&�Nϝ8w+.G[�8RP
ן�Ma�"�f��Vʣ7��wu|2Tl�E`6�nMo/fxNx�.UEXe89.�a�gڽKKӴA�Mg�`˿<Ųsd&��ܸ�M~(
7XP
RbaG`s�J<�mc"mZ �x\S�{�18\ܣ ekt1y��/�hQ�T�We�-�YP��^�JHxe8�F|�ݒV PD7��\yH
&*+�k�2�|ưގ t7��Wʛ{�IQ[bC]"5mXa"�<�Ȣ 7%t^E�T�L9ϢCrת8uj`_�m0
�Q!p��Y�|3}�Ny{�e ��G3H9�dB)�]7�,'�nMmWU癙[-��fEa@t$�*Q�p$d-�'j}�8�QÂ�[Y�Kfl ?
B2~iƒ�S�&�>*ͮb2�"�-9GF\�W-ԟ'>F�F�+DeP.�a�֩
�P�4�wt?hA%pDY��k
h8ܜþUK���t."��5�r>Nqi�[m'wR��2e�QO8w�Ą���VZYwbf8U�M�kK�,�Z��ڙͼN�^�q; L?!)숗�i��8&�'<濟r;�:ۦY{4�f��'�u%Xې�%cž@Q
58Q%۩[`YK��.G�,:snj(`ho�n�V�t�Wl\>BڹʫUԱeo�EL?K \:i�a/!3��.�ouGv�aѭ\_gd+�cY�g79֊F.p.a9��WOD!����xD[�Bfz>�>\2�UFߊNJx4�U^m7N;
B)!�U��QES6ïʄr\%��%-5N+?w�=K5IO*>kd��b�ğR0y��.6Uf��R�
N�p::[Κ1!�ܠW�^_O24ΠfO��LqS+R,�Z(ٹ���ƊtPNqYhzPl<
xZNE�s{!�$d
�l�?H�Yk�)�`ZO[_A:���يӈ�Y}?e;Ab{2x�L�L�t�xՖ%�PG�[E@��"%($�.�UPITdEpVh:m}y�h;<_
}=1 M\h=-�~88w)Ē|[HgdX:hha^w1/�7??F2��A*_:r0
P>JjՌu
te-FvƬZV�ZMQ�:f�34|�VS@
BY£+z��2�-*���M5}d�l��f��[f�oTf�Vg߷֪�F�t�Π YI$�SKW);^U1ّ9OewOH]}��pHsX#}~q�8�ɞh
Ě}
lg<_W�#�/2hu<>'^�U�~U�(�4�`��X>xo�{nݛ~��Ng$zI�<��Ze&?HU4?w{RhgD%m�|6B�Z/l엶7Cry�0��[-ca��>�K)9!;l� {s��3D4K�\�GBGc|f.0xSX�G뺎=�h��E7�-j�U/^b`sʅ'\s
}h&��W&qk�ͽ.
3M{h0�{IZFOd�b�;IX!g&}uI:0X(1�1f�ك�kZ�JcU��p�-}>-^"mC(H7)Q|[njuoXO!�߿�Em<�ޘ@R\>ߐ}&I�"�[xV�oo [9ʡvl=WKo⹊K�*�Kv9�@<"~�ckQ<=9Q�K�Jk'{|�THG�k٩&1і^��k�IRCO6,Tf^[E �hlD̽ͽ\
�i3%��wyO�d�;]#Cѿ1>}JA� 7
֛4btu/*܌Чʮô�+IYo0Y @Vi���&�YKA�qIK�R�z,�pt C7�E
�0@{h*0{��7 �H���;�õ���ɧc�]3$)�q�tFWp�iN�0�o&Yފ�='0b?%�l%-n5�Ud)ȘіNJgzUj/"ʸ8>{ń틞@Bﲪ6O[�&Ms��jѾM�qtg&]v6c�,�M*{9#t.@��@4ٗ,�}sI:[x�Ep;|C@QX6)��-Wx}j&Tje�X^pZFakPy}Cף��:v�l২EY�hU�Ň;<ۼoYfޗ\m�/.:]L�hκ{;��R\g�.S?ˌ�Ǽ2ڮtۚI3Bf��R9S&-Q�Մ 醩=VoNs j&kw*]mj3We�ΖsxA:Qz�1Eʎ��i�ֆ R?`:E�Czl!
cטlA�dsۥ]���Ox< hX��">+>Y
P�]�kRFap�$��9]A0
IG]Z#b�$㱾��_�
��Oyn�`5g��w��~+� :q��#I;NmH:jEc�+"�7r@ �tS�+.yN _.b!S6ëUjԕ�P�1OJO{JwT;5|Ď>c$�u�x��~ƫe��4As��2s)#_cd;>(�}��KE��݃t5d�onf7I6٪/+�t���Ɩ0L5�_B贅-��SH<\>7Jt�ș3{�Z��FB*ޚUQ@��qm-79]�sX@ϼ+H�*0�#
c;If.^F�ُч o�If;Dc�[-`�Jړ�'LV
KIC�b*f2�CQ]�ܳpdKCpYA
a�(]GG�Q&IAg_:q
E _bKqQ��OH�~��+e(C9��8`�
WVg5�eײ/X̢1{�ﶪ.>4Ekoi��yodB6]
3�y�<3N6%s��|f78A�z#�k��.�WvlLtW<��藏yo닒���aސSȻ
y�e"4jpը"T䰖?B�65&L�s6j>Iİ6Wc�x�cĜ�f}]hoou֔+Ӗ�AEv,hD
E�5f=D�
<� �Y^anrXi�AG@�ܱ���ܑ(h!�:Gu
ҳZ��)ǑF� L[W_6�
[�"Ҷc��4 �LVN��rs*\}|ؽf.<�5:/�Ffc'{4%xX-G+a�~Z-��:�Nny{N�x|�J z�<|�4�'�Pm0qm�tNTÓ,4�tc�GL��S&�ۥ[g۪n4�%�?-췹r!Myc|o�ٚc7�3dVnkX:7o@fBά�!6dT(>Ȝ˜ŴM�X7-OA�[
8]"H"Ȇw�+E^�$jGH4/e2��g&F�ye��R�bda-Y&��"`ʄ)��N%v؎*/@B3C(h��Hx|i\DJr!ٽ��t�AaFQ�{��Y]=c a l5qԱij:D1�ͤtymvw�T&T4dQ�d)rJP=�s�)�TE�o64�y~q�nb�bX�̲�I�s2�s��zE>�I./۔A)+AD!%�)&]XM�XǺ2�H͢^C:Eމ��J�ĿjϻYh!8S,�1 owsf�BBz֜I`Ig5B!���+*+_ g5 :e+Y�L=Nw�B�Q*hk"v=v1�3!p0*E_~Ds5�#@kr4lQ+$_LHE3K{r+fM2'3�??4���hDzHܿy�ο��"M6F}ˍ�}}�
dE�wm�4�4YD��xz3>�2���/*QĹ��Wd�q@��M,j�:�<%g+�s/.n㮊�1Ӷ|SJ%ƟWz��HO�@Ⱦ-�Os )g�Ns�@�·��MZ��t*|].S*"tw-żBbqz��l^oX?cI\{j�c'f)�{p��hOD"79�Ϲ�Hivyth r>S6T�[s6;*��^i7�r��r^ڇ!vi�#=�).|<�j�1Ms�{YO^3ٴD�:C\v!;RMP-�q�#,
{ 'QwzBv9�%[�O!�Fzhq�[Z)E�_y����F䮤2r] %q�HJf�$�P�pAZ F�gҮ/mXܢUlj
LzN�Ɇ=ȕ�TQ#
ܫ\$�CHpT\ZpD8�7j,S.8U1�iU�&�s;59
".@��>=�:}A5�J��MAu/G!�&\Ѳvo��;�q^\#��'06Uԙ]5���Ʌ.Q/D(!�-H@оs��fk!Y�uuḄ c?6$��,�}3�0bˉw�?e6بd(3xmG[H�zӶe/uX.Q+,[P
pH8"C�F-$P�^9ªY싗d}t�@ŝWA�k�+bF\{I@e7≑hCB`;-�
jiG��֚Iİ�I��>I02zWw���*J�7fE�|9_�v3�:<�Q��`��] Pc+��gљ��!~�!Lܑ7
oڻ8hTs 3�N#
[$X;H�7y&��P��eo��qsF0�Pԉ`%ue�H6fj��U6 =t1�[Vd$�(�_qe4�e
�?_1�s1mD@ԥ4+,�\3*Υ{G٭/VR�LP�zs=*d}r�*mE�?9b>Q$� �e��9�(2ɘU,M$ /�|\E1��)�ǒ�/5DpaEϓ��u~k��n)_d*x;Qw
r9V,oΔ#v`L@|V�غct �:�n�G
1L?E3�~��c4:=(LP!Ǟ#63G{�G�̬�A�)o�a�Nx
Ա-ےF�]"Ep:lֹ�+�vL>�.�jK-lˠΖu�{�NT+V/B51Ϡ{)]
˅�ͮ��i8uHX([nme���<�Z����a6�9>J!A0A{ !g\AZ:�V�'W}�x�|p�5a\e�-�UUmA~~-�)ظt`YN�3Mؚ6��*�;P=\J3|NǗ�!Nh>�蝟^k7�rƪRDo6MZFDm�S�{:tƓȾy�RC�i�aaK(7%'7�4x_`c&:�f�@SɭyZ`^Pʾ;"�Gţ6GG^K�>|M%}��ZTf/LIe�wQN蚹���}uHEVh�#�~Nʺ�r��^H_Jl�G pޫMg?�C{@ե\*-WNJCW?6?�f1`W|
w蝂Lӫ�3�&4%[ڴ�l%�k�䑎�0�UFD^1?���i�kv�-��YK9HVgXq-U/ȿ/�KKn9S��s/�B&7�ltv>/�ܳyw�?tv{y\%�;U,`kN[XPİMa`�uM�sC�|֎'#k
�
��ڐ{L~wsPz���GJ
�Ҝ1ňMa�SN�=$^V%K���@蟤<"mziLP-�- .q�q9#u2�MO#pyʎN-*�ӖPs.B�
[,^�f(1�{wZ
)M'E_�AV|A�⽒��0h���?Uƌe#\3ƥ�
7MJɂd&C���mV�VKP~%�{s^���@�1�
r��ĺ�v[.NJ�_�.QN� e.t�i8ƥ��8)Wn�kag�r~�LY@�ra3Pl
$5���F
haV#7Q~�T�Q��JD�s��s1e0 HY#V��?uK
\���'ŗJF�zB|¬-`d8χ�
`RUQ�3fg�L$�^"�a��U����.n))��=@2HsW�n��D5&oA -['֒� Đ�P\%`G�NvNy�
c.M}�!0kdABvC05XiNp""�O]AD�{S��_p6E?ے/aۉ'kjJ���+l�pQ�D&`O"u4lX�ox&Tڨ=Fx#u`{ZQw&ugt�8D"�S*1A'�KӁ�>@/(\:��0r5xت�c�"�7uax���R
�&::Lj�|dȺs�Z%k!F�-+G^x��i�
�L@Ȝ)X.�ߺ�d8O|]�-�Qb�߆=�I\j ݈7~yu=�]���8fQ{Ln��lxka&�.!)�d�d?ޫ|!$S
(}[�~E:;QA'�!uU71#a�R/"�ҳwDWb�]b '�ndTxvdmh$��k}MS�2S+.6x4` xo7FjHW�?mC+�G:l!+��IGLR�\�T�ӌw2`&gĜSɥJ%2u%�vuvlQr*O�tuy/Kg*f<;���F�Gz8�q;zTd?�(*�%g�ԂNoǔA>hy*[
E�1h�U;>ddi,օ]=Q�&,+j���ԁ�弐��8'>QL�\x"�Zp'�y&u;�'-jЪy7۹AVV)|�ꍸJvLS6EX�~J�oY?Kv�"u@
.����MĽ\Y
�d8���lx+2H�.C2Yi�RoHR9I��}r"�/^"7!�#4Ό!eX
YL�<7td^�^]wQX�c��l��tVȵ��ngYR3�HnZuޔ^ \L�mly`߉̹-�g!j(��[eN�Hbs�N_lύ�FU�$j���a[{�'1fFZ��<@m2k_H&'@s`i|d\+.uv`Yg/�5³+%$->~y�a
�V=�^ڴ~<*G��"O�V�TNܘU\�8l?̔V/H�kJj@�z@�sF�um};_��c�еm6>��z�dFϪQ�h+Xk�@x���%�
#^'I6~X�\csH9��;}g��rLeIp�8�
)�U��KeXK�骆�ev�RY^ �<5GC6YQJ� sy'=�(wK4�QbJv'߮ǖx |)]@�
L\FA�ƥ7A�z̔%d
R�.�RcA:ue�u�}�,U/9MopZov<(�=twb;�m+s
%W)3���8R@5u%}�W'&^z*Ǽ
��Tۜ0Ji&.�'�ޅxׄW���a�c�IyL1v6$-�1Ռ�1�>o����kJET$r%
ݴ=>LđH�s6tZ L�a}YhC@B*7̉0%W^[&�=\%pK[+m>ZY.Wqjts6j&�5b.@ 8#l�/��I{έ�.a4o��Wƪa?_�eC@pDt̂Wc.V��1.*frqZ�*��t�V͛<��:U7�IJ3E�iо6>-sL*gd"7U�Y��cJ�SHwv�m�
{�t�RuKܔW�|5�TR���i^0�u̥�0l'woz2JĩHu]3%X�шωfAܪO!�t^:?��E"�AȺUp8l,�0�jZjv"(]�pZB��\Q4�j*lէ}eQ�۬_TN2b�$�
*v̾�"GB�[�ݔ(��)�]9_' dF$b5nѲ)xpB��ƻYNzwQy{ya�͞dXe)R��̨Y:v~?`ɡI�F]q}~*݈i-T#~��:@bDC�ӏ'L[3��`B[�R&
E�5{0.�!u~"k{y4�Me�X?揰n�*$�MU>T�ΒgT̂v��e$kE}��Хo+Ͽ�O����}PZ =vCcδb9P�76ٳA\y�}+y\S5KK2tuv�?<�wG-Q�n2:�b�Ag*�Tk]f��L|m�q�y×Cit}YЏ*'cl�[⠠oE�W�ۋ)�.�Oi<[ݚ�Cy�=lBȬn0ar�-k�?�">>]��]dOK!C~n9*bRP"�%6�lu:נ�yd^�"}/Ck?=LA<̏̈́p}|k'$3I@f�
�;C8ĸuڀ�14>*d�&ʮЩ4"z�,d7Fw.n{QU�!zbg")tM�řd�q�-+�Hb͓�5tc�jޢ# Ra;Đ> ǒ�&V#y�T1CQ�˃�:@9wN�VirO"M8neKDA�7IR�fJlkQ|D1j2N�x>^&N>.���$Vw囊�$ugED�o+�돴kK A0p�9�tSj;X.��-}�eX,]F
1D ,jٻ[UgМvA�H�p\U(r&��Jp_m`�03�t[RK絔CyF.�n�2~{�G�(*V�GОx1W堁fŋVx{C�o�ja<� 5*b(m�Fh~,w|=�"0
t|ޮ[
Q:қ� "��\�"�& k�6]й�q�>4/�֒�;<�kAF܊J
�k�bh�>MY�7?�Vn��`[ǚdt\x�m2NĠ-8��Y˒9 9sX}0aN�>,uf��Ab2�ĥ7��91�D|Y#�19_�{²Ǹ�QQAaobi���fA@xWG�n#ZY(̻�&CKV}�WY,�bP5�kh)qX_aN�"J�~m1�9]٬̫0�sP^���/D\#N�PJk�'bku�w]s�3/D�zIc}ۄ�S>FuC�Sw*i�n�x~ǟ_~,E4w93�B&|�i�wO _;%KQ�/5_j6xJ2�aƧ�ȵ�?x
)ؠ�>qD/I{��z������ 8�7�έO�YWEA�EȚ�Njh�.G�p�qMk�J`dkA �n6]ZPOM$-��lcOJĘYٜÜ=
n�Q�^�n�9Qtᙾ��1%꧗_�!WθtL1xh-^!�Bc)��l}+M��azH����_F��N2Z�1!@�$�5Z`��I!XZ;+tpvb�%D,Yd䊮,lcѻctȐP>;O�4-jBDRzvy,u3kv�H?h0P6$昵Y]�uv5�J3/ǣ@Na�I&}_诅�. }P�/ �Pwo�ccJPD� m� ނ
]�O�2d��7DJf�խ-CHI"g�"�n~X�X�Y2{ӻ�rp8:�~sr# `�? ��8BB)'g�3�_'z#�=
J�-y~�M"P۹L��͟^xxa4H^7? 7
+EMV%%d|.ás�0G><3F�B��7�o;&�N�Tx#ΎB?�t&L*�}+��m�e�F��E�cpKJ>9t[�Uy'xR\�4(X�#SdGx3dwW*8bIj*A�0D%)Y�l��tFl�(�=HU�6x۲W�I�}@%>WeׯȬDv͛ tmK}O�1?O�-~cM�O�1 *5c>5U[/ߏCq:3�1��2zXck�&V,`O~a��Qgw-�95±ֺuoB�Mh\v�B�!8D�B]dW,0hr?ܟPv̾1a*]5�X.d�ڹNw�xN�j�+�S��O9_%�x;AՌ( 3Dyd.YjW�1J?sO29=
�ېu�TnLy���
��>���uq=�]/��w~�K7�*�re��Q�~:tP]�`�sWݭʂ�<]F9ȏO
DW&K&��wE7
)R�-
+rr;e{<ՁEz-
+�fdiv,~)Ӌ,�
�H�醦5?ġ�
ǔ
8�V�ߏ⚔N�D8bpT���o�/@P�|�� 2s��K�_
YBc�-9}�'þ-iUgH"�;mZ��{~�̃£,=q$~>+���A�q'sh�%RTW/A�*�2u:GJt�Ϛsj,9 e~�eBzhRf`�z �聐.mlrC�Iuk��*v>S�?AP5�g��l�%gɲep�%I\*Њ'rn$�h
*�J6_F���ЋXd.�L扺ɢԣ�{>p3&&3mh �D*-p�Ctd찲&Р�b7Fk�=9h���S9�*h\+
R� �4a �jcWh/&@jvT5�
���X7�i7:x�N�j/"ѹuqnET �~A�l AeAg��+O�hxݶ Q;<@u5GP"5[���ytvs�ʰ�K/g(�
c���zD0#F
loOg|b�.nXP#Q|t�űr%0Go�N!Z*3.�� `�^1U)osyqXNÙ�ӳi0
�$eKf���Tj�y`�Hq�wm7M��^��/�}͟ՀXVe�U'."+'& ~0ei;�tgY�7{[�2;�8\7u$Gҡ9W^y g�4�z�pH�%�% Uf:1+I5xP�(
y&�lI'7[-TD'T���vC6`A�H1*33~%x Rr
꠱R[Ii��K'֧�[OZh��[|�m�?�ʃ��I�]��t!C3Nb�عi�$-�)H��tS/BcbH
Z>+Jފ-\&BX¬�VyFỲ�DFK|o?h)�g��I�'Zt�dm�1nX]6hTߴļҨ֔�#%tX�c0kP~~vsi�+kruPe!w1�Ĵ�8uLo.->�kJ��[k�B
��5b��Ƶr�"v̕5"֬c
5ZusKj�jĂ�{.�x�pC�zB�9gWWF�c�F6�(ܿ�0BͦpvlhN`}�r4@=TM߉l�ϾET**�GIяIWq��W㣬&V�N|o۽m)�cx@�(S����=`Bk)/ϟ~aG.H]�묝W`"{6:-Y(Oo�?'v2�S�)�J�Fc&�ǪuD 'sW<�%PPp#\S+?"�j*�=%l�|9.^f�"_;!lyЭ*R�!�9? ^z*ꢢM$0]FSD�Z�zM�����xF)KHPCSQN�F*&``3�A@U�.J�KR̄Q��xPM�y�J9z@$�r{0j
�V�p14�5�B;&
/ԓc�$9F��,u�S:ޙON^�5z9�|
(�VS^�i�PH%I!V��V+B]s4E=|LW~r'�c�x_r�V??*�BD۹)��+W�bP&\5�䄄HV�H :T(�Kw�LoeI.�-�^LL\��^=��֜Z�pO/�5KU�T뙲OXs1My�R�3 ����ŧ�pǬU�_)��jq+� tIL@K�$t&ԹÏV�^� �-{N2bb�*mܳŖu/O�;5Y��4x�9\B_#�W̺I`�ze*C!*�nLrrغ)у*[Gs"(�0�5�(R&�l7ҷm�HU�6BUD��z,fօmļGeȬwKu�w&MSժ�3�5 Y>IZJF#��Z�PL?�V��7i��SF*iISG�E3jv�"�oq�p"u�>d+�6U>�l//�P�o~��ҡ7g$NAO���p7ً%KY.u�^�b+60ҲQYTd
�d< @�CC�l�v��`h%c�`cE8t>l�Aj�I㫹��N/%f{Q�Y�!yW@9x�s6Z`�I}'h^;<2dGx
p�UeÛE��?�Rpi��W�1 �>�Շ�U|�DB6v �M04x�qtT�jr
ʌc '6;�a-��@`�gFy=���'/R9�x,9��1XAG+7��K�%|�%gNxy�QB`�q0&`>P�+]x�Bi1]wSH?e �bԹq,� _)�w
9Q=ɏWi�ޔA/Н]9Әƙix5OOw.tT;BR@���NN
��fGo�Mj٨%&9�r3z*mĩc��*'�mC1�A'51@9S,�ɝb�oTn'=�ȿ�ؗi��K0OqP�gւq�~�i玮%�{bP$���%K�`r�|L��M�p�Dew�R
[Gg?@-�Kq&�䢼6�#��8t��:Xb+zI@v���r!{h*eWl�Yw1U6�[|dK#�pR�"M-.�!7ۍ�#J#�oc0L'o|.2v$ɉ ĜjQ��GRqIE;x+���m�Y!�B[A.��aYrQl�WGUͪ;%n=5ÈqR�"g{)MY��<
U5�0ݷ�kʔ%9�`p��2XO2��$twӌ|\c���gCNR0K¼�>�s@r@Ά�Zg({&�A`KC7apHQ);_�%ҌGs| b[
^�
_@ji^�=�
��I��eR�M_e2A�r)@&0ԭ6K� QO^P�%V睶kB�Nw�H)e0!ߞ)Ւ�-)*6miQXbLn\W6VYn�lNFľO|T¼�My�2$ʔe�$
uCL��eI�`̑�'B$gsU솲�a̿�昘�ˡsu���']ӈTj�?oiW*rrz�5\Є! 3� oAu��)GxZ~-�*�X"-5IQI5L�:f{
pq.s9�ףc�XB6iDLߚ�as�fM>~@G� MP~�Q?~�&M��_Q��:�lA6+P8kYt$DG:̳s{�0+]���;E컎Q^P4˹�l~!�jW}10M[P9 :`"W)!v�gMe_�0�Bvw3y'&]��a�_uip�X2Hજe[3�7ۼ�Kg �*/� �l!mcF\�d%y!|,/��/u(%L
[r�MKG��B>@�UDn�Y
ɘf���E�"�;�^�F6�a]][�q?�
�Yͭ ;v@D IЌj�NsѶ{^��8]
ݱ��YDp]�;ۈbu Ӝ5I?N4f�Wa�[p�Yy=0o�|�;��ta�Ѡ^R�;Z�vI��QB
ISބYmt͓Frف���E疮�73�R �I$#�]l��R@Kpѵ
����|�1:�3
-Ʊ�cÒl罻UJ;�gE?RL�$;q$l㢅��cU%�t �<̌��$"��,0ۡ�2
˦7dly0M�m ӾXlX*쯊z��`fHD6L5�ET}_|E�V�u�U^U
i-
{� ۀ�Dzu�/[[h8i�C?�Iwjp))2;�m=
��),4z|fa �oemFl
� dD��=C$y
@uK+a퍼+J%BT*@fp;DL*�ɾ7d�ѾN�XO2e
�hRnX<"RSZ.c����͇q2qSH
\/+Bc�5�H>]WkvH2�m�_�eD�yE��*1qZ�5�`{>P_>B'fdDt�5Pz�lU�w3H��8i�ZݏcMLodC4���E@0�
:�ЁLJ;�.Z�!�7����]o�쫪Ʋ��|mXL+�.jP��hG�&ΐM �:vJy@ߍ1Su�xAV0�BTM=*%͎z#�,JN3ˤ)(6�8�Cyw�I�E@#j?FI}Cm\�B#5�IdE���p\J=nyHLlD�=ы1CRtFYUo~qYᡂE4����(m%ݫ
�F-�a��8�q/ԋ@-Mo넭�A^.;�/
�1*&BN;���
xV�HyW&hU[Zΰ)f:Ë��QJ*@nP)AL�}@kr,%8yq�6i~�=X0Wnlzq�?G�%й3w�RE�"�߅�}}I{|_{G�G�8X.1&SN[Hq�ȁyqfJ+;�/
{-G4QD g5>r*,bJ_\rd֘ ��3�Dr-��;$`l�O\rb�g�}ay�Rb5$:<�o-Ǔ�^ml�Qw4J怹�bܸ�V֕F]+�d$#ZDQ
�v�`.��Z_ߞٟW��h̲k"gc�K0 �
L��Ty}u2Ytެ���
�\2r^�<)N,W\r�t[�qz|�W
2P>XҗT�u< 8�q-g)*4�/Iw���|^rY�:�z6
j*�B�\�;>>ybw���"`h
k*a
b�-ZZ\W7��zuTM(Ȃ'Y"F�K��yө{@��DȬMfx�'~^I�9;��fC
�)+շF�?9=�g� _F,*Jxu#,7r�NK��HDM-�c��mf��ഌHg};1Eqn&t��ibgGM�� !�,w_�Nǘ/|/݉���s|��[;oRp�BxW0ƓU >aF�,V,PP�ȵ5�=ey0�s�s�~
�R'<`>csŜ7(�uRr #�/=�� Nžkj몋��t�鿹or_Bgrrx EjN98xG;:! �Jͯԝ�{�`LI\S }:؇ B4�Ø���@cfCM��xR\�ڜ&KW�'yC�|$tEN�:_^�)E�'Z;�1"bW̿F�&]"x�9mY]W#�@J3^EKȂEaSj
7-_UͰ�d{'�Or7�I�Pjtz4hZin'!��vhI2X%���
PX�w?z!'.B}
<�8:'l�,�٨c/Wd�J�'y3K�|�]p+Q?`G#h&A,~�Ow���W5C/k-xRfd2)Ҵ1sJ�B]9kl�+MhdK3RO�`p�&
�8 WY� ~æssFX_r� |B8Ӹ�d�{e5Cǵs%Ve)�PnXzHfL\lB
�)kƯ35ЉolA|DI��4Y�ik�j��ۏc 9v�
��[ua� N"C]jgut�Bh'�y<ϓ~mq�r�G���h[Yh�n��b�i1A
5'4�r8ÞF4s�a*9u.n*27q4/vU�4�xfĻYe֍Ǵ�1C3�V:YggeJ&ƈ̤n��P>A�J�FqR��� XС7 �/v�ۨeYcL6�,FIB',viW`�Du~�>o1p�> ѰGC(s\C?d$ :�4Mx�BˬF��x+
ˉdFq�r�^el_'w<.#a(4¢:B.�D�L
-6Nȗyb�A�'mB�obF�:9�r6�1�9H&2�M�dr2ѫݥZ*4�~��\!�yE?$4oF뗤kT֪Vw�<&�m�r�!#W��y�ۭ808! �C&h
_NB�kΟ�ًAG=말PIPc��
<+�#h\�oJ��ɮ�n{̘q��ptS��;SܵnP`���.8ƨn9a=v]z!ip=k�DžR;d@a).� �nް]ˊo��Nv[�B�T�kMD.QYS�>!�D$r<>#�bV�Gǵ$y8B
��-у< _rf�}xM� &�5& o4�?~Z軻�N� �o�[vapB� ab>Y�B�3F�Ω]_q����HO^؝Ț�8#/�2�!�Vkt&:uh��hi&�tN@�HȻ;߷ ��
Ӟoӊ5Շܢn:{`m�nFKe3%�h
77+�U'5L�zUҒ�4^�H��9RUhQQof�(B3�9o��mZaa@$�/E�#lap�:yO�ڢl�b>9F�Q\X
)k�0<&��M�9b�Uףtmp�8ƥd�GzH̩bk�bc���&��KvT]gW;sCI�HH^�[�l/j;Z��64iI3ID
Y֍q+Odx��)JEFRLzK$Ww
�ylbk��vrU�p̊m�=�دSg8Y^_&I0b1>�保pl��Y�8'ӻ}OEtNVԈdǼ}�Y��!嫈1�J� �vR yJNŮ i�u^]�;45E.$V{Z��@�6*S!07+S`yC�l뗃�A%� 't�4XQ%)$���X/n2Ŕ�V8�=b-ɗr
Zumџ�>5c:s ;HK*S8� /|C�b9[HE,o�]o=f7/Y<`1Nn@_L�lP�ջv1,-�ξ4}�� N�G/439j?�\=/6;B.`UFmf`bX��ƈ�s TB�VCK>�&��L�@R{�d]f8\ϧ !�
6gtI�LfZ�a�us_Ā�ye1ٯ~r^>֘Yu8m-4x{ij#��Jb����{���Ng�L_Q�$ݽ2Z�>^9&Μ
�)2 ŇOER�2gu)Fȧ�E��s'W>vx�#Jl�L[5 D5,NlK;"1`}qcdqJ?"ڧ̧#y%zEhX[U!E)4?'
�҂�xпCo¸֤�zErA]2|`a���ҹ�gÙ.2@z�v"dL%?zSld
"5%�=f�{T=A?oq�
w��W�FAvrjH_FY9O�'@� rX�=ߘ3ס[�/�a"N̈́T=Ϭ%pz-u%O��A��tsӶ �UMVC��6(V�c@:Y<�]U;z'�*z8΄7{�Q&Ep{$i}:�|sA8���c�Z�L���[`�,
G?�[z�/��v�%Ok�|]8v�-_,ƿO13"q|c
�*�+�T
~��;9I��龵���<]�A��٩FRe��� &SH������
YZ