������xen-doc-html-4.13.3_02-lp152.2.27.1����������������������������������������������������������� ���4���>�������$�����������������������
�����������������������A�������������������������������������������������������������������������p�����a0m/=��-��8V5[�.B~?�b>=Bë߆|/�\8x�OmZ+t�~֤NDAnN!P�%�lh\�qpߴw{)�Q\Q�˯��؎Rda[�jMd"kyb�!U�o�-IH\2j @;�0;�E>E��o˅ظ��OK�nx^�+Vl<ۯV�嚿c.B�S�yZ�306b3484c32c5faa55ae9bd6c75bee311d9dad6c�dda1da3ab4b218be083138434486c4b32076e46816245a04970ef10c72459396�����>�����a0m/=�����cyIH��~��w@�,�ij�,5aL84x�pҩ(�d'ga[UaxQ�tն'�DVO>i�
]p;܄n5P�Vu`�Jyc�z�}.
�C ���i^;֙}���N Leǧeh��ξ#@$�o�1AW �CG�����p����������������9��\���?������L�������d��������������������������������������������������������������� ���&���������� ���M������������������������������������������������������������������������������������������������������������ ���������������������������������E��������������K���������������T���M��������������M��� �������"���M���
����������M��������������M��������������M���
�����������M�����������@���M��������������M�����������B���������������h���M��������������������������������������������������������S�������(�������w�������8����������}���9������#t���}���:������=K���}���G����������M���H������8���M���I������l���M���X������ʼ�������Y�������������\���������M���]������(���M���^������ж�������b������ҡ�������c������J�������d�������������e�������������f�������������l�������������u���������M���v������(������������������������������������������������������H����C�xen-doc-html�4.13.3_02�lp152.2.27.1�Xen Virtualization: HTML documentation�Xen is a virtual machine monitor for x86 that supports execution of
multiple guest operating systems with unprecedented levels of
performance and resource isolation.
xen-doc-html contains the online documentation in HTML format. Point
your browser at file:/usr/share/doc/packages/xen/html/
Authors:
--------
Ian Pratt �a0%cloud113����� oopenSUSE Leap 15.2�openSUSE�GPL-2.0-only�http://bugs.opensuse.org�Documentation/HTML�http://www.cl.cam.ac.uk/Research/SRG/netos/xen/�linux�x86_64�������������������������o������������������������t��������9��D��A'�������������&����������6�����@�� ��7��2.�����"����������B�������������������������������W���8�������`��
���e�����
���$��,��7�����6H��"y���j�������Q����� ��<��3�����
���"������z��8���68������
�����P������\xAAAA큤A큤A큤A큤A큤A큤A큤A큤����������������������������������������������������������������������������������������������������������������������������������������������������������a0Ha0Ra0Ra0Ia0Ra0Ra0Ia0Ra0Ia0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ra0Ja0Ra0Ra0Ha0Ra0H����e171864f5cfbf7c7b3fecd9b9fbeb3da9e87f63a7284ee52eeed093f8ad303ec�f53beaf653f26eae12ff7ced3bf0735dbedad0d8baf45d31e32d33e0b868bfa9��54e980d65bcde307bad2efeab9640ef5c720b4ebc78ac8cc1eb48bd6134a5280��b3422df9c1ad850ce9b456e83713da51f123c2286cf1f9fd4eb97f57c3eca9ad�bd5267a76a14fe4153f4ca727fb99f1c0bec9e8ff77302865a83919fa74e2b8d��b80b94ff1a198b4d6e03dcc25f86a1b332a80cf36f7df4bba07c19d192059b2c�f62b4090098e5d648e9a3e615874b2e5957a93990f652eefc831d37779ba9106�9dbe69397d6c3d3c6d88c564032ba62cb41a6b8260a73fd9d6513c186d64199f�078f07651ae04fc86183bc953a94d4437042b3a3e5182bfd03e899ed64ce4bbd�f80257ef0688b6b53ccd52a4bbd9279568b22b31211e95cb4c6e86b81614a381�d344261e1861b09d9bb8bb11a3caa1fcf632c9edc2107b175ecd48555e9bc639�cedae3c3f2231b4340cf00a139bde6f3d5f0d9195d0906b227ca38a45038459a�577d188c5570ee8dbf5850e4fca7b4e224cdb2725ffa755194f366179c1fd1b4�d0d772f13207e89e3a519af0404d8ce75c584d7df7408643215c771621cb44b2�c226a811e7f3336b6b187387a4992afc47488312928731367189b2fa03d7adef�70d0a0d37169adb67569317d91415a0bcdeaf0c7870a806bb55b70092e120039�13a9c456e1d8e004ff68d58686ccc8dbb0ef298481c2dadcbf30c638c625218d�e466c9be077fa0ef0ced23a246e92d14cc0cc8fd757931079cf928689b544b32�6b03382516373fc9221dc98277ed58043f0d5b49a8cf0913e57e5e47220c2c96�bc7abdb1f733000c2cd91b519cbf7c55d096115abfef000da14ac794739fe8f0�fe7d4c19e4b15b9d82ce430eb0767c3242c24a77c9b8d8d050129e41b51eecb6�ded3add1a44dd1298e13dbe706f9a303f3b2169e18eb7d8afa43d0464f4ace15�dc229890cdab48dfcc21f364fbc04c2bbc7f3b25c04e2a8c84148685fc9d08db�a889ffd9cdd9058e5d6074d2b55f6e8c45e34e178cda364908c8cccbc08dc565�a1f487e81635586692892b1cac3f2b705eddb54a37582c7a0dd4a33fe1386a31�ed213cfd37be4282486d5610a30bb9c6c55ea3aa6bac8552669dbb46aee375a5��df5076c347e7cad2371f3dc0bc10c6877c8f5251a5a57ddc6c79e1f9b532f89f��9b3fc4dd2d139ace9382e594c2c73439a9d4f100fc61c4e4f9294d4239776620�fbf590c80aef40b7e6ab58cefe9e4351ef6afaa6bcaf4e55d7809df6392fdb96��aadfa0507b89d930b9500c7a95869685253e2082a4d704ad9ab9a720307e4e19�c225a529d78e1e1365a40264348cbbcd1ef716fa7d97d977cb93f42230a1825f�4faf9f22847781296550c42f0955595f5f23eff9cf7b00ca27ee70988aaee9f7�ec2154a382909b7652464c29ad603492e27c76bd7d0de3b5198d0867fe0a75eb�d93bafe2e73cf681a88dca3217d79376c353ff4e1e5ecee8c41c70e11b8c9e2d�188834c2a97f1edeb4cc8e0e61519c5f8559abb020373ab7886252b3809b0a1d�976728897864907825a5a2538c25cd0aa407ba15e58bed9f42232379103f1ee4�6160242648729b430f01c57403535a4cd52e480fa8aeba2b6662bf636d14522c�61be5f129dc9aa21e4559640e02b84a1d98983ce3fa608a15d80175d5ca615c2�91b95599c26b803f2c8bfb407d7ea7de55a783c40780dcb7f993af187e4d4200�a7cd1ffaf63b68eb2cc3c3d663847edfeeeed22d3b1039b423ec94b5198ad7da�ba0315ada992171ac097279a5924539c83bc431e243edc9efd772f673fd5301b�c159111fcd005b864ab1f4b803e059590043471e04d0ac7ec96fe74dbf857c00�3a9b4163966919de58c0d14d493b5d7c6826e43bd61f2eda3c2a4a33fd26f285�982fb97cc7b4730fc7c1c5289c87cc4d1dfe6184c7908079cfb34de8b6d4d200�fa7a5cd899e7aab4589a5d0193118825ac5072abd29bfa809c3b3aa704ec1d43�2c80a00b3c661489ab62333993243951154c8ffe56cf475ebcb8a54982ecbd14�5cbe19ee58416bcf16a88f474895a8626db19ae5f3654c894d7337bcf72c1fc5�9037f947f713649a84322888eb75d9dad867249c4c135787affea14ee1cf2c50�b4403362cc91e5249e9a32270b77e1d08f1217206215cbdcbd7b4f179b7787b0�56e065805b649e73f32af8d7b9fd0a5b317668d9ecd29a382e968e6466945103�b1f10e378ccf028b0040d857506d6a2f9f9f7202547fb83347ebc6cf52cf4d32�28d603a99a49af40bf7589771dd6810ba68ffd01c20c7d7743ec76891e07a485�1f086e043731368850e313269ca98ab91c156529ac3b961a67f54a522ef09396�5d6be4431b21e9ec2fc3e6c70050a26c3c78777e5200cad4282b96411eb4c871�e9845d2b4b1163c8f2f71b3f232161df132b103360ee3fb48495eabd71c2be87�437b2d33715486da3e3443c567a5b9cb6b8f54c07b3fac562cc7f7d20c570e6d�f66605f996aa6d38f8234276f2b8fa5c54a10903b7fa29d49d6dbdae30ef984b�372a6dbe9c2786b09c1d722ffa63f7cff6848a3b35a68d4fbd7770dfee8c9157�c4151eb9d4bb2e16e25f710099b13ab6c7b0dec076e76d504e091cf2642a805f�97129e2d6ddbd2789fc0c43d157a3ed94bc29d199b2970101e0c2ac3d060a285�baa814fe39770cc81f77c8321ff63ef984c549fd5a0833e146c7bdc1c2097fa2��ba0315ada992171ac097279a5924539c83bc431e243edc9efd772f673fd5301b�e9845d2b4b1163c8f2f71b3f232161df132b103360ee3fb48495eabd71c2be87�8510912ba6d97f1f62620807a8a512ddb4da28176cb08846e5501e83dd9d8886�372a6dbe9c2786b09c1d722ffa63f7cff6848a3b35a68d4fbd7770dfee8c9157�98394ef67fe837f917dc3f0101b89193414868cd6bd7c94ceb5ab3ccc7ed408f����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�xen-4.13.3_02-lp152.2.27.1.src.rpm����xen-doc-html�xen-doc-html(x86-64)������
���
���
���
���
rpmlib(CompressedFileNames)�rpmlib(FileDigests)�rpmlib(PartialHardlinkSets)�rpmlib(PayloadFilesHavePrefix)�rpmlib(PayloadIsXz)�3.0.4-1�4.6.0-1�4.0.4-1�4.0-1�5.2-1�4.14.1���a,@a�Ga
$@a
@`�@``E``
@`�```a@`\{@`OL@`B�@`4@`�@` l__$_ǁ______�@__[f_X_Wr@_'@_�{_�^)@^^@^3^ϧ^x^@^@^^�^{G^r
@^j$@^g@^_@^Nt^K^=Q@^:@^0"@^�@^�@]�]�]N@]@]ʞ])]c@]�@]@]@]]fl]fl]M`@]B@]/
],j]��]�@]�@]�]�]
#]�]�@\\ޢ@\ڭ\\@\@\�@\,@\7\\N\�@\\+@\\M\M\�\�\@\}�@\k\X)@\J@\I\A\?�\=@\9\73\4\$\�l@[H[k@[@[^[^[ā@[@[@[9@[v[W�[CN@[<[6�@[0@[0@['[!�@[�5@Z@ZnZ�@ZZZ@ZmZԐ@ZZZ@ZZ}@Z}@Z}@Z}@Zz@Zz@Zo�Zk�@ZV�@ZS]@ZOhZ:PZ1�@Z.s@Z&@Z�OZ�OZ� Z� Z� Z�@Z�@Z
}Z�C@Z�Y�Y�Y�Y|Y@Y{Y*@Y5YA@Y4YY�YbY�Y@Y3Y@YJYJY@YYV@Y�@Ym@Yw2Yp@YlYh@Yh@YS@YJ_YI�@Y5GY0�Y-^Y(�Y"Y�Y�;@Y�Y��Y�@Y�tY�.X@XQ@X@XۡXg@X@X@X@X @X@X@X�@X�@XXX@XXXwoXs{@XlXWXRXQ4@XEVX43@X.@X*X lX�&X�@X�X�@W@W֘W֘W^@WiW:Wt@W.@W9WW@Wk@Wi,@WbWZWZWZWYZ@WV@WEWBW=W;�W3�W1@W1@W,@W(W(W(W(W(W#LW�VbV(@V3VJVxV'@VV2V͛@VŲ@V`VwVVV=@VV@VHV@VvV%@VV<@V@VS@V�V@V^VwVqR@Vn@VXEVUVTQ@VMVMVMVA@V;DV9@V7P@V0V*!@V V�@V�CV�V�V�f@V�qV�@UYU�@U�@UUݪ@U�@UnU4@UUK@U�U@UU>U@Ux&Un@U\w@U[%UUUPUKSU>$U6;U%�@U�U�@U�U�U�.@TgT-@TT@TZ@TZ@T@T�T@T5T@TLTLT~@Tl@Ti@Ta@TJ?@T?@T=�@ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�Callum Farmer �carnold@suse.com�carnold@suse.com�James Fehlig �carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�Dominique Leuenberger �carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�Matej Cepl �carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�Jim Fehlig �ohering@suse.de�Martin Liška �ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�Jan Engelhardt �Guillaume GARDET �Guillaume GARDET �Bernhard Wiedemann �carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�Bernhard Wiedemann �ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�trenn@suse.de�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�ohering@suse.de�jfehlig@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�rbrown@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�jfehlig@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�jfehlig@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�ohering@suse.de�jfehlig@suse.com�carnold@suse.com�jfehlig@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�mlatimer@suse.com�carnold@suse.com�cyliu@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�jfehlig@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�ohering@suse.de�rguenther@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�rguenther@suse.com�carnold@suse.com�meissner@suse.com�carnold@suse.com�ohering@suse.de�carnold@suse.com�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�ohering@suse.de�ohering@suse.de�carnold@suse.com�ohering@suse.de�ohering@suse.de�ohering@suse.de�ohering@suse.de�carnold@suse.com�carnold@suse.com�carnold@suse.com�carnold@suse.com�- bsc#1189882 - refresh libxc.sr.superpage.patch
prevent superpage allocation in the LAPIC and ACPI_INFO range�- bsc#1189373 - VUL-0: CVE-2021-28694,CVE-2021-28695,
CVE-2021-28696: xen: IOMMU page mapping issues on x86 (XSA-378)
xsa378-0a.patch
xsa378-0b.patch
xsa378-0c.patch
xsa378-1.patch
xsa378-2.patch
xsa378-3.patch
xsa378-4.patch
xsa378-5.patch
xsa378-6.patch
xsa378-7.patch
xsa378-8.patch
- bsc#1189376 - VUL-0: CVE-2021-28697: xen: grant table v2 status
pages may remain accessible after de-allocation. (XSA-379)
xsa379.patch
- bsc#1189378 - VUL-0: CVE-2021-28698: xen: long running loops in
grant table handling. (XSA-380)
xsa380-1.patch
xsa380-2.patch
- bsc#1189380 - VUL-0: CVE-2021-28699: xen: inadequate grant-v2
status frames array bounds check. (XSA-382)
xsa382.patch
- bsc#1189381 - VUL-0: CVE-2021-28700: xen: xen/arm: No memory
limit for dom0less domUs. (XSA-383)
xsa383.patch�- bsc#1188050 - L3: Xen guest yval1a80 SLES11SP4 hangs on cluster
See also bsc#1179246.
credit2-avoid-picking-a-spurious-idle-unit-when-caps-are-used.patch�- Drop aarch64-maybe-uninitialized.patch as the fix is in tarball.�- bsc#1176189 - xl monitoring process exits during xl save -p|-c
keep the monitoring process running to cleanup the domU during shutdown
xl-save-pc.patch�- bsc#1179246 - Dom0 hangs when pinning CPUs for dom0 with HVM guest
60be0e24-credit2-pick-runnable-unit.patch
60be0e42-credit2-per-entity-load-tracking-when-continuing.patch
- Upstream bug fixes (bsc#1027519)
60be3097-x86-CPUID-fix-HLE-and-RTM-handling-again.patch
60bf9e19-Arm-create-dom0less-domUs-earlier.patch (Replaces xsa372-1.patch)
60bf9e1a-Arm-boot-modules-scrubbing.patch (Replaces xsa372-2.patch)
60bf9e1b-VT-d-size-qinval-queue-dynamically.patch (Replaces xsa373-1.patch)
60bf9e1c-AMD-IOMMU-size-command-buffer-dynamically.patch (Replaces xsa373-2.patch)
60bf9e1d-VT-d-eliminate-flush-related-timeouts.patch (Replaces xsa373-2.patch)
60bf9e1e-x86-spec-ctrl-protect-against-SCSB.patch (Replaces xsa375.patch)
60bf9e1f-x86-spec-ctrl-mitigate-TAA-after-S3.patch (Replaces xsa377.patch)
60bfa904-AMD-IOMMU-wait-for-command-slot.patch (Replaces xsa373-4.patch)
60bfa906-AMD-IOMMU-drop-command-completion-timeout.patch (Replaces xsa373-5.patch)
60c8a7ac-x86-vpt-fully-init-timers-before-enlisting.patch
60d49689-VT-d-undo-device-mappings-upon-error.patch
60d496b9-VT-d-adjust-domid-map-updating-on-unmap.patch
60d496d6-VT-d-clear_fault_bits-should-clear-all.patch
60d496ee-VT-d-dont-lose-errors-on-multi-IOMMU-flush.patch
60d5c6df-IOMMU-PCI-dont-let-domain-cleanup-continue.patch�- bsc#1183243 - L3: Core cannot be opened when using xl dump-core
of VM with PTF
60ba695e-tools-libs-ctrl-fix-xc_core_arch_map_p2m-to-support.patch�- Update logrotate.conf, move global options into per-file sections
to prevent globbering of global state (bsc#1187406)�- Fix shell macro expansion in xen.spec, so that ExecStart=
in xendomains-wait-disks.service is created correctly (bsc#1183877)�- bsc#1186428 - VUL-0: CVE-2021-28693: xen: xen/arm: Boot modules
are not scrubbed (XSA-372)
xsa372-1.patch
xsa372-2.patch
- bsc#1186429 - VUL-0: CVE-2021-28692: xen: inappropriate x86 IOMMU
timeout detection / handling (XSA-373)
xsa373-1.patch
xsa373-2.patch
xsa373-3.patch
xsa373-4.patch
xsa373-5.patch
- bsc#1186433 - VUL-0: CVE-2021-0089: xen: Speculative Code Store
Bypass (XSA-375)
xsa375.patch
- bsc#1186434 - VUL-0: CVE-2021-28690: xen: x86: TSX Async Abort
protections not restored after S3 (XSA-377)
xsa377.patch
- bsc#1180491 - "Panic on CPU 0: IO-APIC + timer doesn't work!"
6011bbc7-x86-timer-fix-boot-without-PIT.patch
- Upstream bug fixes (bsc#1027519)
60631c38-VT-d-QI-restore-flush-hooks.patch
60700077-x86-vpt-avoid-pt_migrate-rwlock.patch
60787714-x86-HPET-avoid-legacy-replacement-mode.patch
60787714-x86-HPET-factor-legacy-replacement-mode-enabling.patch
608676f2-VT-d-register-based-invalidation-optional.patch
60a27288-x86emul-gas-2-36-test-harness-build.patch
60afe616-x86-CPUID-rework-HLE-and-RTM-handling.patch
- Drop gcc10-fixes.patch�- Add xen.sysconfig-fillup.patch to make sure xencommons is in a
format as expected by fillup. (bsc#1185682)
Each comment needs to be followed by an enabled key. Otherwise
fillup will remove manually enabled key=value pairs, along with
everything that looks like a stale comment, during next pkg update�- Refresh xenstore-launch.patch to cover also daemon case�- Update to Xen 4.13.3 bug fix release (bsc#1027519)
xen-4.13.3-testing-src.tar.bz2
- Drop patches contained in new tarball
5faa974f-evtchn-rework-per-channel-lock.patch
5faa978b-evtchn-revert-52e1fc47abc3a0123.patch
5faac497-xen-arm-Always-trap-AMU-system-registers.patch
5fbcdf2e-evtchn-FIFO-access-last.patch
5fbcdf99-x86-DMI-fix-SMBIOS-pointer-check.patch
5fbd042b-memory-off-by-one-in-XSA-346.patch
5fc4ee23-evtchn-FIFO-queue-locking.patch
5fd8aebb-x86-replace-reset_stack_and_jump_nolp.patch
5fd8aee5-x86-fold-guest_idle_loop.patch
5fd8aef3-x86-avoid-calling-do_resume.patch
5fd8af4b-evtchn-FIFO-add-2nd-smp_rmb.patch
5fd8b02d-evtchn-FIFO-reorder-and-synchronize.patch
5ff458f2-x86-vPCI-tolerate-disabled-MSI-X-entry.patch
5ff71655-x86-dpci-EOI-regardless-of-masking.patch
5ffc58e8-x86-ACPI-dont-overwrite-FADT.patch
600999ad-x86-dpci-do-not-remove-pirqs-from.patch
600ab341-x86-vioapic-EOI-check-IRR-before-inject.patch
6013e4bd-memory-bail-from-page-scrub-when-CPU-offline.patch
6013e546-x86-HVM-reorder-domain-init-error-path.patch
601d4396-x86-EFI-suppress-ld-2-36-debug-info.patch
602bd768-page_alloc-only-flush-after-scrubbing.patch
602cfe3d-IOMMU-check-if-initialized-before-teardown.patch
602e5a8c-gnttab-never-permit-mapping-transitive-grants.patch
602e5abb-gnttab-bypass-IOMMU-when-mapping-own-grant.patch
6037b02e-x86-EFI-suppress-ld-2-36-base-relocs.patch
60410127-gcc11-adjust-rijndaelEncrypt.patch
60422428-x86-shadow-avoid-fast-fault-path.patch
xen-4.13.2-testing-src.tar.bz2
xsa115-1.patch
xsa115-10.patch
xsa115-2.patch
xsa115-3.patch
xsa115-4.patch
xsa115-5.patch
xsa115-6.patch
xsa115-7.patch
xsa115-8.patch
xsa115-9.patch
xsa322.patch
xsa324.patch
xsa325.patch
xsa351-1.patch
xsa351-2.patch
xsa368.patch�- bsc#1137251 - Restore changes for xen-dom0-modules.service which
were silently removed on 2019-10-17�- bsc#1177204 - L3-Question: conring size for XEN HV's with huge
memory to small. Inital Xen logs cut
5ffc58c4-ACPI-reduce-verbosity-by-default.patch
- Upstream bug fixes (bsc#1027519)
601d4396-x86-EFI-suppress-ld-2-36-debug-info.patch
602bd768-page_alloc-only-flush-after-scrubbing.patch
602cfe3d-IOMMU-check-if-initialized-before-teardown.patch
602e5a8c-gnttab-never-permit-mapping-transitive-grants.patch
602e5abb-gnttab-bypass-IOMMU-when-mapping-own-grant.patch
6037b02e-x86-EFI-suppress-ld-2-36-base-relocs.patch
60410127-gcc11-adjust-rijndaelEncrypt.patch
60422428-x86-shadow-avoid-fast-fault-path.patch�- bsc#1183072 - VUL-0: CVE-2021-28687: xen: HVM soft-reset crashes
toolstack (XSA-368). Also resolves,
bsc#1179148 - kdump of HVM fails, soft-reset not handled by libxl
bsc#1181989 - openQA job causes libvirtd to dump core when
running kdump inside domain
xsa368.patch�- bsc#1182576 - L3: XEN domU crashed on resume when using the xl
unpause command
602ffae9-tools-libs-light-fix-xl-save--c-handling.patch�- Upstream bug fixes (bsc#1027519)
5fd8aebb-x86-replace-reset_stack_and_jump_nolp.patch (Replaces xsa348-1.patch)
5fd8aee5-x86-fold-guest_idle_loop.patch (Replaces xsa348-2.patch
5fd8aef3-x86-avoid-calling-do_resume.patch (Replaces xsa348-3.patch)
5fd8af4b-evtchn-FIFO-add-2nd-smp_rmb.patch (Replaces xsa359.patch)
5fd8b02d-evtchn-FIFO-reorder-and-synchronize.patch (Replaces xsa358.patch)
5ff458f2-x86-vPCI-tolerate-disabled-MSI-X-entry.patch
5ff71655-x86-dpci-EOI-regardless-of-masking.patch
5ffc58e8-x86-ACPI-dont-overwrite-FADT.patch
600999ad-x86-dpci-do-not-remove-pirqs-from.patch (Replaces xsa360.patch)
600ab341-x86-vioapic-EOI-check-IRR-before-inject.patch
6013e4bd-memory-bail-from-page-scrub-when-CPU-offline.patch
6013e546-x86-HVM-reorder-domain-init-error-path.patch�- bsc#1181254 - VUL-0: xen: IRQ vector leak on x86 (XSA-360)
xsa360.patch�- bsc#1180690 - L3-Question: xen: no needsreboot flag set
Add Provides: installhint(reboot-needed) in xen.spec for libzypp�- bsc#1176782 - L3: xl dump-core shows missing nr_pages during
core. If maxmem and current are the same the issue doesn't happen
5fca3b32-tools-libs-ctrl-fix-dumping-of-ballooned-guest.patch�- bsc#1179496 - VUL-0: CVE-2020-29480: xen: xenstore: watch
notifications lacking permission checks (XSA-115)
xsa115-1.patch
xsa115-2.patch
xsa115-3.patch
xsa115-4.patch
xsa115-5.patch
xsa115-6.patch
xsa115-7.patch
xsa115-8.patch
xsa115-9.patch
xsa115-10.patch
- bsc#1179498 - VUL-0: CVE-2020-29481: xen: xenstore: new domains
inheriting existing node permissions (XSA-322)
xsa322.patch
- bsc#1179501 - VUL-0: CVE-2020-29484: xen: xenstore: guests can
crash xenstored via watchs (XSA-324)
xsa324.patch
- bsc#1179502 - VUL-0: CVE-2020-29483: xen: xenstore: guests can
disturb domain cleanup (XSA-325)
xsa325.patch
- bsc#1179506 - VUL-0: CVE-2020-29566: xen: undue recursion in x86
HVM context switch code (XSA-348)
xsa348-1.patch
xsa348-2.patch
xsa348-3.patch
- bsc#1179514 - VUL-0: CVE-2020-29570: xen: FIFO event channels
control block related ordering (XSA-358)
xsa358.patch
- bsc#1179516 - VUL-0: CVE-2020-29571: xen: FIFO event channels
control structure ordering (XSA-359)
xsa359.patch
- Upstream bug fixes (bsc#1027519)
5faa974f-evtchn-rework-per-channel-lock.patch
5faa978b-evtchn-revert-52e1fc47abc3a0123.patch
5faac497-xen-arm-Always-trap-AMU-system-registers.patch (Replaces xsa351-3.patch)
5fbcdf2e-evtchn-FIFO-access-last.patch
5fbcdf99-x86-DMI-fix-SMBIOS-pointer-check.patch
5fbd042b-memory-off-by-one-in-XSA-346.patch (Replaces xsa355.patch)
5fc4ee23-evtchn-FIFO-queue-locking.patch�- bsc#1178963 - VUL-0: xen: stack corruption from XSA-346 change
(XSA-355)
xsa355.patch�- Enhance libxc.migrate_tracking.patch
Hide SUSEINFO messages from pause/unpause/resume from xl command.
They are intended for libvirt logging, but lacked info about
execution context.�- bsc#1178591 - VUL-0: CVE-2020-28368: xen: Intel RAPL sidechannel
attack aka PLATYPUS attack aka XSA-351
xsa351-1.patch
xsa351-2.patch
xsa351-3.patch�- Upstream bug fix (bsc#1027519)
5f92909a-PCI-cleanup-MSI-before-removing-device.patch�- bsc#1177950 - adjust help for --max_iters, default is 5
libxl.set-migration-constraints-from-cmdline.patch�- Update to Xen 4.13.2 bug fix release (bsc#1027519)
xen-4.13.2-testing-src.tar.bz2
- Drop patches contained in new tarball
5eb51be6-cpupool-fix-removing-cpu-from-pool.patch
5eb51caa-sched-vcpu-pause-flags-atomic.patch
5ec2a760-x86-determine-MXCSR-mask-always.patch
5ec50b05-x86-idle-rework-C6-EOI-workaround.patch
5ec7dcaa-x86-dont-enter-C6-with-in-service-intr.patch
5ec7dcf6-x86-dont-enter-C3-C6-with-errata.patch
5ec82237-x86-extend-ISR-C6-workaround-to-Haswell.patch
5ece1b91-x86-clear-RDRAND-CPUID-bit-on-AMD-fam-15-16.patch
5ece8ac4-x86-load_system_tables-NMI-MC-safe.patch
5ed69804-x86-ucode-fix-start-end-update.patch
5eda60cb-SVM-split-recalc-NPT-fault-handling.patch
5edf6ad8-ioreq-pending-emulation-server-destruction-race.patch
5edfbbea-x86-spec-ctrl-CPUID-MSR-defs-for-SRBDS.patch
5edfbbea-x86-spec-ctrl-mitigate-SRBDS.patch
5ee24d0e-x86-spec-ctrl-document-SRBDS-workaround.patch
5ef44e0d-x86-PMTMR-use-FADT-flags.patch
5ef6156a-x86-disallow-access-to-PT-MSRs.patch
5efcb354-x86-protect-CALL-JMP-straight-line-speculation.patch
5f046c18-evtchn-dont-ignore-error-in-get_free_port.patch
5f046c48-x86-shadow-dirty-VRAM-inverted-conditional.patch
5f046c64-EPT-set_middle_entry-adjustments.patch
5f046c78-EPT-atomically-modify-ents-in-ept_next_level.patch
5f046c9a-VT-d-improve-IOMMU-TLB-flush.patch
5f046cb5-VT-d-prune-rename-cache-flush-funcs.patch
5f046cca-x86-IOMMU-introduce-cache-sync-hook.patch
5f046ce9-VT-d-sync_cache-misaligned-addresses.patch
5f046cfd-x86-introduce-alternative_2.patch
5f046d1a-VT-d-optimize-CPU-cache-sync.patch
5f046d2b-EPT-flush-cache-when-modifying-PTEs.patch
5f046d5c-check-VCPUOP_register_vcpu_info-alignment.patch
5f1a9916-x86-S3-put-data-sregs-into-known-state.patch
5f21b9fd-x86-cpuid-APIC-bit-clearing.patch
5f479d9e-x86-begin-to-support-MSR_ARCH_CAPS.patch
5f4cf06e-x86-Dom0-expose-MSR_ARCH_CAPS.patch
5f4cf96a-x86-PV-fix-SEGBASE_GS_USER_SEL.patch
5f560c42-x86-PV-64bit-segbase-consistency.patch
xsa286-1.patch
xsa286-2.patch
xsa286-3.patch
xsa286-4.patch
xsa286-5.patch
xsa286-6.patch
xsa333.patch
xsa334.patch
xsa336.patch
xsa337-1.patch
xsa337-2.patch
xsa338.patch
xsa339.patch
xsa340.patch
xsa342.patch
xsa343-1.patch
xsa343-2.patch
xsa343-3.patch
xsa344-1.patch
xsa344-2.patch
xsa345-1.patch
xsa345-2.patch
xsa345-3.patch
xsa346-1.patch
xsa346-2.patch
xsa347-1.patch
xsa347-2.patch
xsa347-3.patch�- bsc#1177409 - VUL-0: CVE-2020-27674: xen: x86 PV guest
INVLPG-like flushes may leave stale TLB entries (XSA-286)
xsa286-1.patch
xsa286-2.patch
xsa286-3.patch
xsa286-4.patch
xsa286-5.patch
xsa286-6.patch
- bsc#1177412 - VUL-0: CVE-2020-27672: xen: Race condition in Xen
mapping code (XSA-345)
xsa345-1.patch
xsa345-2.patch
xsa345-3.patch
- bsc#1177413 - VUL-0: CVE-2020-27671: xen: undue deferral of IOMMU
TLB flushes (XSA-346)
xsa346-1.patch
xsa346-2.patch
- bsc#1177414 - VUL-0: CVE-2020-27670: xen: unsafe AMD IOMMU page
table updates (XSA-347)
xsa347-1.patch
xsa347-2.patch
xsa347-3.patch�- Escape some % chars in xen.spec, they have to appear verbatim�- Enhance libxc.migrate_tracking.patch
Print number of allocated pages on sending side, this is more
accurate than p2m_size.�- bsc#1176339 - VUL-0: CVE-2020-25602: xen: x86 pv: Crash when
handling guest access to MSR_MISC_ENABLE (XSA-333)
xsa333.patch
- bsc#1176341 - VUL-0: CVE-2020-25598: xen: Missing unlock in
XENMEM_acquire_resource error path (XSA-334)
xsa334.patch
- bsc#1176343 - VUL-0: CVE-2020-25604: xen: race when migrating
timers between x86 HVM vCPU-s (XSA-336)
xsa336.patch
- bsc#1176344 - VUL-0: CVE-2020-25595: xen: PCI passthrough code
reading back hardware registers (XSA-337)
xsa337-1.patch
xsa337-2.patch
- bsc#1176346 - VUL-0: CVE-2020-25597: xen: once valid event
channels may not turn invalid (XSA-338)
xsa338.patch
- bsc#1176345 - VUL-0: CVE-2020-25596: xen: x86 pv guest kernel
DoS via SYSENTER (XSA-339)
xsa339.patch
- bsc#1176347 - VUL-0: CVE-2020-25603: xen: Missing barrier
barriers when accessing/allocating an event channel (XSA-340)
xsa340.patch
- bsc#1176348 - VUL-0: CVE-2020-25600: xen: out of bounds event
channels available to 32-bit x86 domains (XSA-342)
xsa342.patch
- bsc#1176349 - VUL-0: CVE-2020-25599: xen: races with
evtchn_reset() (XSA-343)
xsa343-1.patch
xsa343-2.patch
xsa343-3.patch
- bsc#1176350 - VUL-0: CVE-2020-25601: xen: lack of preemption in
evtchn_reset() / evtchn_destroy() (XSA-344)
xsa344-1.patch
xsa344-2.patch
- Upstream bug fixes (bsc#1027519)
5f479d9e-x86-begin-to-support-MSR_ARCH_CAPS.patch
5f4cf06e-x86-Dom0-expose-MSR_ARCH_CAPS.patch
5f4cf96a-x86-PV-fix-SEGBASE_GS_USER_SEL.patch
5f560c42-x86-PV-64bit-segbase-consistency.patch�- Upstream bug fixes (bsc#1027519)
5ef44e0d-x86-PMTMR-use-FADT-flags.patch
5ef6156a-x86-disallow-access-to-PT-MSRs.patch
5efcb354-x86-protect-CALL-JMP-straight-line-speculation.patch
5f046c18-evtchn-dont-ignore-error-in-get_free_port.patch (Replaces xsa317.patch)
5f046c48-x86-shadow-dirty-VRAM-inverted-conditional.patch (Replaces xsa319.patch)
5f046c64-EPT-set_middle_entry-adjustments.patch (Replaces xsa328-1.patch)
5f046c78-EPT-atomically-modify-ents-in-ept_next_level.patch (Replaces xsa328-2.patch)
5f046c9a-VT-d-improve-IOMMU-TLB-flush.patch (Replaces xsa321-1.patch)
5f046cb5-VT-d-prune-rename-cache-flush-funcs.patch (Replaces xsa321-2.patch)
5f046cca-x86-IOMMU-introduce-cache-sync-hook.patch (Replaces xsa321-3.patch)
5f046ce9-VT-d-sync_cache-misaligned-addresses.patch (Replaces xsa32141.patch)
5f046cfd-x86-introduce-alternative_2.patch (Replaces xsa321-5.patch)
5f046d1a-VT-d-optimize-CPU-cache-sync.patch (Replaces xsa321-6.patch)
5f046d2b-EPT-flush-cache-when-modifying-PTEs.patch (Replaces xsa321-7.patch)
5f046d5c-check-VCPUOP_register_vcpu_info-alignment.patch (Replaces xsa327.patch)
5f1a9916-x86-S3-put-data-sregs-into-known-state.patch
5f21b9fd-x86-cpuid-APIC-bit-clearing.patch�- bsc#1172356 - Not able to hot-plug NIC via virt-manager, asks to
attach on next reboot while it should be live attached
ignore-ip-command-script-errors.patch�- Enhance libxc.migrate_tracking.patch
After transfer of domU memory, the target host has to assemble
the backend devices. Track the time prior xc_domain_unpause.�- Add libxc.migrate_tracking.patch to track live migrations
unconditionally in logfiles, especially in libvirt.
This will track how long a domU was suspended during transit.�- bsc#1173376 - VUL-0: CVE-2020-15566: xen: XSA-317 - Incorrect
error handling in event channel port allocation
xsa317.patch
- bsc#1173377 - VUL-0: CVE-2020-15563: xen: XSA-319 - inverted code
paths in x86 dirty VRAM tracking
xsa319.patch
- bsc#1173378 - VUL-0: CVE-2020-15565: xen: XSA-321 - insufficient
cache write- back under VT-d
xsa321-1.patch
xsa321-2.patch
xsa321-3.patch
xsa321-4.patch
xsa321-5.patch
xsa321-6.patch
xsa321-7.patch
- bsc#1173380 - VUL-0: CVE-2020-15567: xen: XSA-328 - non-atomic
modification of live EPT PTE
xsa328-1.patch
xsa328-2.patch�- bsc#1172205 - VUL-0: CVE-2020-0543: xen: Special Register Buffer
Data Sampling (SRBDS) aka "CrossTalk" (XSA-320)
5ee24d0e-x86-spec-ctrl-document-SRBDS-workaround.patch
5edfbbea-x86-spec-ctrl-CPUID-MSR-defs-for-SRBDS.patch (Replaces xsa320-1.patch)
5edfbbea-x86-spec-ctrl-mitigate-SRBDS.patch (Replaces xsa320-2.patch)
- Upstream bug fixes (bsc#1027519)
5ec50b05-x86-idle-rework-C6-EOI-workaround.patch
5ec7dcaa-x86-dont-enter-C6-with-in-service-intr.patch
5ec7dcf6-x86-dont-enter-C3-C6-with-errata.patch
5ec82237-x86-extend-ISR-C6-workaround-to-Haswell.patch
5ece1b91-x86-clear-RDRAND-CPUID-bit-on-AMD-fam-15-16.patch
5ece8ac4-x86-load_system_tables-NMI-MC-safe.patch
5ed69804-x86-ucode-fix-start-end-update.patch
5eda60cb-SVM-split-recalc-NPT-fault-handling.patch
5edf6ad8-ioreq-pending-emulation-server-destruction-race.patch�- Fixes for %_libexecdir changing to /usr/libexec�- bsc#1172205 - VUL-0: CVE-2020-0543: xen: Special Register Buffer
Data Sampling (SRBDS) aka "CrossTalk" (XSA-320)
xsa320-1.patch
xsa320-2.patch�- Update to Xen 4.13.1 bug fix release (bsc#1027519)
xen-4.13.1-testing-src.tar.bz2
5eb51be6-cpupool-fix-removing-cpu-from-pool.patch
5eb51caa-sched-vcpu-pause-flags-atomic.patch
5ec2a760-x86-determine-MXCSR-mask-always.patch
- Drop patches contained in new tarball
5de65f84-gnttab-map-always-do-IOMMU-part.patch
5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch
5e15e03d-sched-fix-S3-resume-with-smt=0.patch
5e16fb6a-x86-clear-per-cpu-stub-page-info.patch
5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch
5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch
5e21ce98-x86-time-update-TSC-stamp-after-deep-C-state.patch
5e286cce-VT-d-dont-pass-bridges-to-domain_context_mapping_one.patch
5e318cd4-x86-apic-fix-disabling-LVT0.patch
5e344c11-x86-HVM-relinquish-resources-from-domain_destroy.patch
5e3bd385-EFI-recheck-variable-name-strings.patch
5e3bd3d1-EFI-dont-leak-heap-VIA-XEN_EFI_get_next_variable_name.patch
5e3bd3f8-xmalloc-guard-against-overflow.patch
5e46e090-x86-smp-reset-x2apic_enabled-in-smp_send_stop.patch
5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch
5e4d4f5b-sched-fix-get_cpu_idle_time-with-core-sched.patch
5e4e614d-x86-spec-ctrl-no-xen-also-disables-branch-hardening.patch
5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch
5e5e7188-fix-error-path-in-cpupool_unassign_cpu_start.patch
5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch
5e7a371c-sched-fix-cpu-onlining-with-core-sched.patch
5e7c90cf-sched-fix-cpu-offlining-with-core-sched.patch
5e7cfb29-x86-ucode-AMD-fix-assert-in-compare_patch.patch
5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch
5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch
5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch
5e846cce-x86-HVM-fix-AMD-ECS-handling-for-Fam10.patch
5e84905c-x86-ucode-AMD-fix-more-potential-buffer-overruns.patch
5e86f7b7-credit2-avoid-vCPUs-with-lower-creds-than-idle.patch
5e86f7fd-credit2-fix-credit-too-few-resets.patch
5e876b0f-tools-xenstore-fix-use-after-free-in-xenstored.patch
5e95ad61-xenoprof-clear-buffer-intended-to-be-shared-with-guests.patch
5e95ad8f-xenoprof-limit-consumption-of-shared-buffer-data.patch
5e95ae77-Add-missing-memory-barrier-in-the-unlock-path-of-rwlock.patch
5e95af5e-xen-gnttab-Fix-error-path-in-map_grant_ref.patch
5e95afb8-gnttab-fix-GNTTABOP_copy-continuation-handling.patch�- spec: Remove invocation of autogen.sh
- spec: Recommend qemu-ovmf-x86_64 to provide UEFI firmwares�- bsc#1170968 - GCC 10: xen build fails on i586
gcc10-fixes.patch�- bsc#1169392 - VUL-0: CVE-2020-11742: xen: Bad continuation
handling in GNTTABOP_copy (XSA-318)
5e95afb8-gnttab-fix-GNTTABOP_copy-continuation-handling.patch�- bsc#1168140 - VUL-0: CVE-2020-11740, CVE-2020-11741: xen: XSA-313
multiple xenoprof issues
5e95ad61-xenoprof-clear-buffer-intended-to-be-shared-with-guests.patch
5e95ad8f-xenoprof-limit-consumption-of-shared-buffer-data.patch
- bsc#1168142 - VUL-0: CVE-2020-11739: xen: XSA-314 - Missing
memory barriers in read-write unlock paths
5e95ae77-Add-missing-memory-barrier-in-the-unlock-path-of-rwlock.patch
- bsc#1168143 - VUL-0: CVE-2020-11743: xen: XSA-316 - Bad error
path in GNTTABOP_map_grant
5e95af5e-xen-gnttab-Fix-error-path-in-map_grant_ref.patch
- bsc#1167152 - L3: Xenstored Crashed during VM install Need Core
analyzed
5e876b0f-tools-xenstore-fix-use-after-free-in-xenstored.patch
- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog
bug soft lockup CPU #0 stuck under high load / upstream with
workaround. See also bsc#1134506
5e86f7b7-credit2-avoid-vCPUs-with-lower-creds-than-idle.patch
5e86f7fd-credit2-fix-credit-too-few-resets.patch
- Drop for upstream solution (bsc#1165206)
01-xen-credit2-avoid-vcpus-to.patch
default-to-credit1-scheduler.patch
- Upstream bug fixes (bsc#1027519)
5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch
5e5e7188-fix-error-path-in-cpupool_unassign_cpu_start.patch
5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch
5e7a371c-sched-fix-cpu-onlining-with-core-sched.patch
5e7c90cf-sched-fix-cpu-offlining-with-core-sched.patch
5e7cfb29-x86-ucode-AMD-fix-assert-in-compare_patch.patch
5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch
5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch
5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch
5e846cce-x86-HVM-fix-AMD-ECS-handling-for-Fam10.patch
5e84905c-x86-ucode-AMD-fix-more-potential-buffer-overruns.patch�- bsc#1167608 - unbound limit for max_event_channels
domUs with many vcpus and/or resources fail to start
libxl.max_event_channels.patch�- bsc#1161480 - Fix xl shutdown for HVM without PV drivers
add libxl.libxl__domain_pvcontrol.patch�- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog
bug soft lockup CPU #0 stuck under high load / upstream with
workaround. See also bsc#1134506
01-xen-credit2-avoid-vcpus-to.patch�- bsc#1158414 - GCC 10: xen build fails
gcc10-fixes.patch�- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog
bug soft lockup CPU #0 stuck under high load / upstream with
workaround. See also bsc#1134506
default-to-credit1-scheduler.patch�- bsc#1160932 - VUL-0: xen: XSA-312 v1: arm: a CPU may speculate
past the ERET instruction
5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch
- bsc#1164425 - x86: "spec-ctrl=no-xen" should also disable branch
hardening
5e4e614d-x86-spec-ctrl-no-xen-also-disables-branch-hardening.patch
- Upstream bug fixes (bsc#1027519)
5e21ce98-x86-time-update-TSC-stamp-after-deep-C-state.patch
5e286cce-VT-d-dont-pass-bridges-to-domain_context_mapping_one.patch
5e318cd4-x86-apic-fix-disabling-LVT0.patch
5e344c11-x86-HVM-relinquish-resources-from-domain_destroy.patch
5e3bd385-EFI-recheck-variable-name-strings.patch
5e3bd3d1-EFI-dont-leak-heap-VIA-XEN_EFI_get_next_variable_name.patch
5e3bd3f8-xmalloc-guard-against-overflow.patch
5e46e090-x86-smp-reset-x2apic_enabled-in-smp_send_stop.patch
5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch
5e4d4f5b-sched-fix-get_cpu_idle_time-with-core-sched.patch�- bsc#1159755 - use fixed qemu-3.1 machine type for HVM
This must be done in qemu to preserve PCI layout
remove libxl.lock-qemu-machine-for-hvm.patch�- jsc#SLE-10183 - script to calculate cpuid= mask
add helper script from https://github.com/twizted/xen_maskcalc
domUs may be migrated between different cpus from the same vendor
if their visible cpuid value has incompatible feature bits masked.�- jsc#SLE-10172, bsc#1055731 - handle degraded raid for xendomains
add helper script and systemd service from
https://github.com/luizluca/xen-tools-xendomains-wait-disk
in new sub package xen-tools-xendomains-wait-disk
See included README for usage instructions
xendomains-wait-disks.LICENSE
xendomains-wait-disks.README.md
xendomains-wait-disks.sh�- bsc#1159755 - use fixed qemu-3.1 machine type for HVM
qemu4 introduced incompatible changes in pc-i440fx, which revealed
a design bug in 'xenfv'. Live migration from domUs started with
qemu versions prior qemu4 can not be received with qemu4+.
libxl.lock-qemu-machine-for-hvm.patch�- Upstream bug fixes (bsc#1027519)
5de65f84-gnttab-map-always-do-IOMMU-part.patch
5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch
5e15e03d-sched-fix-S3-resume-with-smt=0.patch
5e16fb6a-x86-clear-per-cpu-stub-page-info.patch
5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch�- BuildRequire pkgconfig(libsystemd) instead of systemd-devel:
Allow OBS to shortcut through the -mini flavors.�- bsc#1159320 - Xen logrotate file needs updated
logrotate.conf�- Update to Xen 4.13.0 FCS release
xen-4.13.0-testing-src.tar.bz2
* Core Scheduling (contributed by SUSE)
* Branch hardening to mitigate against Spectre v1 (contributed by Citrix)
* Late uCode loading (contributed by Intel)
* Improved live-patching build tools (contributed by AWS)
* OP-TEE support (contributed by EPAM)
* Renesas R-CAR IPMMU-VMSA driver (contributed by EPAM)
* Dom0-less passthrough and ImageBuilder (contributed by XILINX)
* Support for new Hardware�- Update to Xen 4.13.0 RC4 release
xen-4.13.0-testing-src.tar.bz2
- Rebase libxl.pvscsi.patch�- Update to Xen 4.13.0 RC3 release
xen-4.13.0-testing-src.tar.bz2
- Drop python38-build.patch�- Update to Xen 4.13.0 RC2 release
xen-4.13.0-testing-src.tar.bz2�- Add python38-build.patch fixing build with Python 3.8 (add
- -embed to python-config call)�- Update to Xen 4.13.0 RC1 release
xen-4.13.0-testing-src.tar.bz2
- Drop patches contained in new tarball or invalid
5ca7660f-x86-entry-drop-unused-includes.patch
5cab2a6b-x86-ACPI-also-parse-AMD-tables-early.patch
5cab2ab7-x86-IOMMU-introduce-init-ops.patch
5cab2ae8-x86-IOMMU-abstract-iommu_supports_eim.patch
5cab2b4e-x86-IOMMU-abstract-iommu_enable_x2apic_IR.patch
5cab2b95-x86-IOMMU-initialize-iommu_ops-in.patch
5cac9a4b-x86-IOMMU-abstract-adjust_vtd_irq_affinities.patch
5cdeac7f-AMD-IOMMU-adjust-IOMMU-list-head-init.patch
5cf8da09-adjust-sysdom-creation-call-earlier-on-x86.patch
5d0cf4e4-AMD-IOMMU-initialize-IRQ-tasklet-once.patch
5d149bb0-AMD-IOMMU-dont-add-IOMMUs.patch
5d1b3fab-AMD-IOMMU-restrict-feature-logging.patch
5d358508-x86-IRQ-desc-affinity-represents-request.patch
5d358534-x86-IRQ-consolidate-arch-cpu_mask-use.patch
5d358a67-AMD-IOMMU-pass-IOMMU-to-iterate_ivrs_entries-cb.patch
5d358a92-AMD-IOMMU-pass-IOMMU-to-amd_iommu_alloc_intremap_table.patch
5d39811c-x86-IOMMU-dont-restrict-IRQ-affinities.patch
5d417813-AMD-IOMMU-bitfield-extended-features.patch
5d417838-AMD-IOMMU-bitfield-control-reg.patch
5d41785b-AMD-IOMMU-bitfield-IRTE.patch
5d41787e-AMD-IOMMU-pass-IOMMU-to-gfu-intremap-entry.patch
5d4178ad-AMD-IOMMU-128bit-non-guest-APIC-IRTE.patch
5d4178fc-AMD-IOMMU-split-amd_iommu_init_one.patch
5d41793f-AMD-IOMMU-allow-enabling-without-IRQ.patch
5d417a16-AMD-IOMMU-adjust-IRQ-setup-for-x2APIC.patch
5d417ab6-AMD-IOMMU-enable-x2APIC-mode.patch
5d417b38-AMD-IOMMU-correct-IRTE-updating.patch
5d417b6a-AMD-IOMMU-dont-needlessly-log-headers.patch
5d419d49-x86-spec-ctrl-report-proper-status.patch
5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch
5d4a9d25-AMD-IOMMU-drop-not-found-message.patch
5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch
5d4afa7a-credit2-fix-memory-leak.patch
5d4d850a-introduce-bss-percpu-page-aligned.patch
5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch
5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch
5d6524ca-x86-mm-correctly-init-M2P-entries.patch
5d67ceaf-x86-properly-gate-PKU-clearing.patch
5d70bfba-x86-shadow-dont-enable-with-too-small-allocation.patch
5d779811-x86-fix-CPUID7-0-eax-levelling-MSR.patch
5d77b40f-fix-hvm_all_ioreq_servers_add_vcpu-cleanup.patch
5d80e7c0-AMD-IOMMU-free-shared-IRT-once.patch
5d80e80d-AMD-IOMMU-valid-flag-for-IVRS-mappings.patch
5d80e82e-AMD-IOMMU-alloc_intremap_table-callers-handle-errors.patch
5d80e857-x86-PCI-read-MSI-X-table-entry-count-early.patch
5d80ea13-vpci-honor-read-only-devices.patch
5d89d8d9-libxc-x86-avoid-overflow-in-CPUID-APIC-ID.patch
5d8b715f-ACPI-cpuidle-bump-max-num-of-states.patch
5d8b72e5-AMD-IOMMU-dont-blindly-alloc-intremap-tables.patch
5d8b730e-AMD-IOMMU-phantom-funcs-share-intremap-tables.patch
5d8b733b-x86-PCI-read-max-MSI-vector-count-early.patch
5d8b736d-AMD-IOMMU-replace-INTREMAP_ENTRIES.patch
5d8b7393-AMD-IOMMU-restrict-intremap-table-sizes.patch
5d9ee2a8-AMD-IOMMU-alloc-1-devtab-per-PCI-seg.patch
5d9ee2f0-AMD-IOMMU-allocate_buffer-avoid-memset.patch
5d9ee312-AMD-IOMMU-prefill-all-DTEs.patch
CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch
blktap2-no-uninit.patch
libxl.prepare-environment-for-domcreate_stream_done.patch
pygrub-python3-conversion.patch
fix-xenpvnetboot.patch�- bsc#1135799 - Partner-L3: Xen crashes on AMD ROME based machines
5d9ee2a8-AMD-IOMMU-alloc-1-devtab-per-PCI-seg.patch
5d9ee2f0-AMD-IOMMU-allocate_buffer-avoid-memset.patch
5d9ee312-AMD-IOMMU-prefill-all-DTEs.patch�- bsc#1120095 - add code to change LIBXL_HOTPLUG_TIMEOUT at runtime
The included README has details about the impact of this change
libxl.LIBXL_HOTPLUG_TIMEOUT.patch�- bsc#1135799 - Partner-L3: Xen crashes on AMD ROME based machines
5ca7660f-x86-entry-drop-unused-includes.patch
5cf8da09-adjust-sysdom-creation-call-earlier-on-x86.patch
5cab2a6b-x86-ACPI-also-parse-AMD-tables-early.patch
5cab2ab7-x86-IOMMU-introduce-init-ops.patch
5cab2ae8-x86-IOMMU-abstract-iommu_supports_eim.patch
5cab2b4e-x86-IOMMU-abstract-iommu_enable_x2apic_IR.patch
5cab2b95-x86-IOMMU-initialize-iommu_ops-in.patch
5cac9a4b-x86-IOMMU-abstract-adjust_vtd_irq_affinities.patch
5cdeac7f-AMD-IOMMU-adjust-IOMMU-list-head-init.patch
5d0cf4e4-AMD-IOMMU-initialize-IRQ-tasklet-once.patch
5d149bb0-AMD-IOMMU-dont-add-IOMMUs.patch
5d1b3fab-AMD-IOMMU-restrict-feature-logging.patch
5d358508-x86-IRQ-desc-affinity-represents-request.patch
5d358534-x86-IRQ-consolidate-arch-cpu_mask-use.patch
5d358a67-AMD-IOMMU-pass-IOMMU-to-iterate_ivrs_entries-cb.patch
5d358a92-AMD-IOMMU-pass-IOMMU-to-amd_iommu_alloc_intremap_table.patch
5d39811c-x86-IOMMU-dont-restrict-IRQ-affinities.patch
5d417813-AMD-IOMMU-bitfield-extended-features.patch
5d417838-AMD-IOMMU-bitfield-control-reg.patch
5d41785b-AMD-IOMMU-bitfield-IRTE.patch
5d41787e-AMD-IOMMU-pass-IOMMU-to-gfu-intremap-entry.patch
5d4178ad-AMD-IOMMU-128bit-non-guest-APIC-IRTE.patch
5d4178fc-AMD-IOMMU-split-amd_iommu_init_one.patch
5d41793f-AMD-IOMMU-allow-enabling-without-IRQ.patch
5d417a16-AMD-IOMMU-adjust-IRQ-setup-for-x2APIC.patch
5d417ab6-AMD-IOMMU-enable-x2APIC-mode.patch
5d417b38-AMD-IOMMU-correct-IRTE-updating.patch
5d417b6a-AMD-IOMMU-dont-needlessly-log-headers.patch
5d4a9d25-AMD-IOMMU-drop-not-found-message.patch
5d80e7c0-AMD-IOMMU-free-shared-IRT-once.patch
5d80e80d-AMD-IOMMU-valid-flag-for-IVRS-mappings.patch
5d80e82e-AMD-IOMMU-alloc_intremap_table-callers-handle-errors.patch
5d80e857-x86-PCI-read-MSI-X-table-entry-count-early.patch
5d8b72e5-AMD-IOMMU-dont-blindly-alloc-intremap-tables.patch
5d8b730e-AMD-IOMMU-phantom-funcs-share-intremap-tables.patch
5d8b733b-x86-PCI-read-max-MSI-vector-count-early.patch
5d8b736d-AMD-IOMMU-replace-INTREMAP_ENTRIES.patch
5d8b7393-AMD-IOMMU-restrict-intremap-table-sizes.patch
- bsc#1145240 - [Migration]Can't pre-allocate 1 shadow pages
5d70bfba-x86-shadow-dont-enable-with-too-small-allocation.patch
- bsc#1137717 - [HPS Bug] Unable to install Windows Server 2016
with 2 CPUs setting (or above) under SLES12 SP4 Xen Server on AMD
ROME platform
5d89d8d9-libxc-x86-avoid-overflow-in-CPUID-APIC-ID.patch
- Upstream bug fixes (bsc#1027519)
5d67ceaf-x86-properly-gate-PKU-clearing.patch
5d779811-x86-fix-CPUID7-0-eax-levelling-MSR.patch
5d77b40f-fix-hvm_all_ioreq_servers_add_vcpu-cleanup.patch
5d80ea13-vpci-honor-read-only-devices.patch
5d8b715f-ACPI-cpuidle-bump-max-num-of-states.patch�- bsc#1145774 - Libivrtd segfaults when trying to live migrate a VM
Fix crash in an error path of libxl_domain_suspend with
libxl.helper_done-crash.patch�- Upstream bug fixes (bsc#1027519)
5d419d49-x86-spec-ctrl-report-proper-status.patch
5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch
5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch
5d4afa7a-credit2-fix-memory-leak.patch
5d4d850a-introduce-bss-percpu-page-aligned.patch
5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch
5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch
5d6524ca-x86-mm-correctly-init-M2P-entries.patch
- Drop 5d419d49-x86-spec-ctrl-facilities-report-wrong-status.patch�- Preserve modified files which used to be marked as %config,
rename file.rpmsave to file�- Update to Xen 4.12.1 bug fix release (bsc#1027519)
xen-4.12.1-testing-src.tar.bz2
- Drop patches contained in new tarball
5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch
5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch
5c87b6c8-drop-arch_evtchn_inject.patch
5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch
5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch
5c8f752c-x86-e820-build-with-gcc9.patch
5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch
5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch
5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch
5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch
5c9e63c5-credit2-SMT-idle-handling.patch
5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch
5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch
5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch
5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch
5cd921fb-trace-fix-build-with-gcc9.patch
5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch
5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch
5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch
5cd926d0-bitmap_fill-zero-sized.patch
5cd92724-drivers-video-drop-constraints.patch
5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch
5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch
5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch
5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch
5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch
5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch
5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch
5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch
5cdeb9fd-sched-fix-csched2_deinit_pdata.patch
5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch
5cf0f6a4-x86-vhpet-resume-avoid-small-diff.patch
5cf16e51-x86-spec-ctrl-Knights-retpoline-safe.patch
5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch
5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch
5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch
5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch
5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch
5d03a0c4-6-Arm64-cmpxchg-simplify.patch
5d03a0c4-7-Arm32-cmpxchg-simplify.patch
5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch
5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch
5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch
5d03a0c4-B-bitops-guest-helpers.patch
5d03a0c4-C-cmpxchg-guest-helpers.patch
5d03a0c4-D-use-guest-atomics-helpers.patch
5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch
5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch
- Refreshed patches
libxl.pvscsi.patch�- bsc#1143563 - Speculative mitigation facilities report wrong status
5d419d49-x86-spec-ctrl-facilities-report-wrong-status.patch�- Update xen-dom0-modules.service (bsc#1137251)
Map backend module names from pvops and xenlinux kernels to a
module alias. This avoids errors from modprobe about unknown
modules. Ignore a few xenlinux modules that lack aliases.�- Gcc9 warnings seem to be cleared up with upstream fixes.
Drop gcc9-ignore-warnings.patch�- bsc#1138563 - L3: xenpvnetboot improperly ported to Python 3
fix-xenpvnetboot.patch�- Move /etc/modprobe.d/xen_loop.conf to /lib/modprobe.d/xen_loop.conf�- Remove /etc/xen/xenapiusers and /etc/pam.d/xen-api�- Remove all upstream provided files in /etc/xen
They are not required at runtime. The host admin is now
responsible if he really needs anything in this subdirectory.�- In our effort to make /etc fully admin controlled, move /etc/xen/scripts
to libexec/xen/scripts with xen-tools.etc_pollution.patch�- Move /etc/bash_completion.d/xl.sh to %{_datadir}/bash-completion/completions�- bsc#1138294 - VUL-0: CVE-2019-17349: XSA-295: Unlimited Arm
Atomics Operations
5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch
5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch
5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch
5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch
5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch
5d03a0c4-6-Arm64-cmpxchg-simplify.patch
5d03a0c4-7-Arm32-cmpxchg-simplify.patch
5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch
5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch
5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch
5d03a0c4-B-bitops-guest-helpers.patch
5d03a0c4-C-cmpxchg-guest-helpers.patch
5d03a0c4-D-use-guest-atomics-helpers.patch
5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch
5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch
- Upstream bug fixes (bsc#1027519)
5c87b6c8-drop-arch_evtchn_inject.patch
5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch
5cd921fb-trace-fix-build-with-gcc9.patch
5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch
5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch
5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch
5cd926d0-bitmap_fill-zero-sized.patch
5cd92724-drivers-video-drop-constraints.patch
5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch (Replaces xsa297-0a.patch)
5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch (Replaces xsa297-0b.patch)
5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch (Replaces xsa297-0c.patch)
5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch (Replaces xsa297-0d.patch)
5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch (Replaces xsa297-1.patch)
5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch (Replaces xsa297-2.patch)
5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch (Replaces xsa297-3.patch)
5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch
5cdeb9fd-sched-fix-csched2_deinit_pdata.patch
5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch
5cf0f6a4-x86-vhpet-resume-avoid-small-diff.patch
5cf16e51-x86-spec-ctrl-Knights-retpoline-safe.patch�- Fix some outdated information in the readme
README.SUSE�- spec: xen-tools: require matching version of xen package
bsc#1137471�- Remove two stale patches
xen.build-compare.man.patch
xenpaging.doc.patch�- Disable LTO (boo#1133296).�- Remove arm32 from ExclusiveArch to fix build�- bsc#1111331 - VUL-0: CPU issues Q2 2019 aka "Group 4".
CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
xsa297-0a.patch
xsa297-0b.patch
xsa297-0c.patch
xsa297-0d.patch
xsa297-1.patch
xsa297-2.patch
xsa297-3.patch
- Update 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch and
drop 5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch
Refresh 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch�- bsc#1131811 - [XEN] internal error: libxenlight failed to create
new domain. This patch is a workaround for a systemd issue. See
patch header for additional comments.
xenstore-launch.patch�- bsc#1125378 - [xen][pygrub] Can not restore sle11sp4 pv guest
after upgrading host from sle11sp4 to sle15sp1
pygrub-python3-conversion.patch
- Fix "TypeError: virDomainDefineXML() argument 2 must be str or
None, not bytes" when converting VMs from using the xm/xend
toolstack to the libxl/libvirt toolstack. (bsc#1123378)
xen2libvirt.py�- bsc#1124560 - Fully virtualized guests crash on boot
5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch
- bsc#1121391 - GCC 9: xen build fails
5c8f752c-x86-e820-build-with-gcc9.patch
- Upstream bug fixes (bsc#1027519)
5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch
5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch
5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch
5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch
5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch
5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch
5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch
5c9e63c5-credit2-SMT-idle-handling.patch
5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch
5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch
5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch
5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch�- Install pkgconfig files into libdir instead of datadir�- Update to Xen 4.12.0 FCS release (fate#325107, fate#323901)
xen-4.12.0-testing-src.tar.bz2
* HVM/PVH and PV only Hypervisor: The Xen 4.12 release separates
the HVM/PVH and PV code paths in Xen and provides KCONFIG
options to build a PV only or HVM/PVH only hypervisor.
* QEMU Deprivilege (DM_RESTRICT): In Xen 4.12, this feature has
been vastly improved.
* Argo - Hypervisor-Mediated data eXchange: Argo is a new inter-
domain communication mechanism.
* Improvements to Virtual Machine Introspection: The VMI subsystem
which allows detection of 0-day vulnerabilities has seen many
functional and performance improvements.
* Credit 2 Scheduler: The Credit2 scheduler is now the Xen Project
default scheduler.
* PVH Support: Grub2 boot support has been added to Xen and Grub2.
* PVH Dom0: PVH Dom0 support has now been upgraded from experimental
to tech preview.
* The Xen 4.12 upgrade also includes improved IOMMU mapping code,
which is designed to significantly improve the startup times of
AMD EPYC based systems.
* The upgrade also features Automatic Dom0 Sizing which allows the
setting of Dom0 memory size as a percentage of host memory (e.g.
10%) or with an offset (e.g. 1G+10%).�- bsc#1130485 - Please drop Requires on multipath-tools in
xen-tools. Now using Recommends multipath-tools.
xen.spec�- Update to Xen 4.12.0 RC7 release (fate#325107, fate#323901)
xen-4.12.0-testing-src.tar.bz2�- Update to Xen 4.12.0 RC6 release (fate#325107, fate#323901)
xen-4.12.0-testing-src.tar.bz2�- bsc#1026236 - add Xen cmdline option "suse_vtsc_tolerance" to
avoid TSC emulation for HVM domUs if their expected frequency
does not match exactly the frequency of the receiving host
xen.bug1026236.suse_vtsc_tolerance.patch�- Update to Xen 4.12.0 RC5 release (fate#325107, fate#323901)
xen-4.12.0-testing-src.tar.bz2�- jsc#SLE-3059 - Disable Xen auto-ballooning
- Add CONFIG_DOM0_MEM to the spec file for managing dom0 memory.
xen.spec
- Disable autoballooning in xl.con
xl-conf-disable-autoballoon.patch�- Update gcc9-ignore-warnings.patch to fix build in SLE12�- bsc#1126325 - fix crash in libxl in error path
Setup of grant_tables and other variables may fail
libxl.prepare-environment-for-domcreate_stream_done.patch�- bsc#1127620 - Documentation for the xl configuration file allows
for firmware=pvgrub64 but we don't ship pvgrub64.
Create a link from grub.xen to pvgrub64
xen.spec�- Update to Xen 4.12.0 RC4 release (fate#325107, fate#323901)
xen-4.12.0-testing-src.tar.bz2
- Tarball also contains additional post RC4 security fixes for
Xen Security Advisories 287, 288, and 290 through 294.�- Update to Xen 4.12.0 RC3 release (fate#325107, fate#323901)
xen-4.12.0-testing-src.tar.bz2�- Update to Xen 4.12.0 RC2 release (fate#325107, fate#323901)
xen-4.12.0-testing-src.tar.bz2�- bsc#1121391 - GCC 9: xen build fails
gcc9-ignore-warnings.patch�- bsc#1122563 - Virtualization/xen: Bug no Xen on boot, missing
/proc/xen, after 4.11 -> 4.12 upgrade on X86_64/efi.
Keep xen.efi in /usr/lib64/efi for booting older distros.
xen.spec�- fate#326960: Package grub2 as noarch.
As part of the effort to have a unified bootloader across
architectures, modify the xen.spec file to move the Xen efi files
to /usr/share/efi/$(uname -m) from /usr/lib64/efi.�- Update to Xen 4.12.0 RC1 release (fate#325107, fate#323901)
xen-4.12.0-testing-src.tar.bz2
- Drop
5b505d59-tools-xentop-replace-use-of-deprecated-vwprintw.patch
5b76ec82-libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch
5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch
5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch
5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch
5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch
5b9784d2-x86-HVM-add-known_gla-helper.patch
5b9784f2-x86-HVM-split-page-straddling-accesses.patch
5bdc31d5-VMX-fix-vmx_handle_eoi.patch
gcc8-fix-array-warning-on-i586.patch
gcc8-fix-format-warning-on-i586.patch
gcc8-inlining-failed.patch
xen.bug1079730.patch�- bsc#1121960 - xen: sync with Factory
xen.spec
xen.changes�- Replace old $RPM_* shell vars.
- Run fdupes for all architectures, and not crossing
subvolume boundaries.�- Do not run %fdupes on aarch64 to avoid the hardlink-across-partition
rpmlint error�- Require qemu-seabios only on x86* as it is not available on non-x86
systems�- Avoid creating dangling symlinks (bsc#1116524)
This reverts the revert of tmp_build.patch�- Update to Xen 4.11.1 bug fix release (bsc#1027519)
xen-4.11.1-testing-src.tar.bz2
- 5b505d59-tools-xentop-replace-use-of-deprecated-vwprintw.patch
replaces xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch
- 5b76ec82-libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch
replaces xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch
- Drop the following patches contained in the new tarball
5b34b8fe-VMX-defer-vmx_vmcs_exit-as-long-as-possible.patch
5b3cab8e-1-VMX-MSR_DEBUGCTL-handling.patch
5b3cab8e-2-VMX-improve-MSR-load-save-API.patch
5b3cab8e-3-VMX-cleanup-MSR-load-save-infra.patch
5b3cab8f-1-VMX-factor-out-locate_msr_entry.patch
5b3cab8f-2-VMX-remote-access-to-MSR-lists.patch
5b3cab8f-3-VMX-improve-LBR-MSR-handling.patch
5b3cab8f-4-VMX-pass-MSR-value-into-vmx_msr_add.patch
5b3cab8f-5-VMX-load-only-guest-MSR-entries.patch
5b3f8fa5-port-array_index_nospec-from-Linux.patch
5b4321f6-x86-correctly-set-nonlazy_xstate_used-when-loading-full-state.patch
5b4488e7-x86-spec-ctrl-cmdline-handling.patch
5b471517-page_alloc-correct-first_dirty-calc-in-block-merging.patch
5b4c9a60-allow-cpu_down-to-be-called-earlier.patch
5b4db308-SVM-fix-cleanup-svm_inject_event.patch
5b5040c3-cpupools-fix-state-when-downing-a-CPU-failed.patch
5b5040f2-x86-AMD-distinguish-CU-from-HT.patch
5b505fe5-VMX-fix-find-msr-build.patch
5b508775-1-x86-distinguish-CPU-offlining-and-removal.patch
5b508775-2-x86-possibly-bring-up-all-CPUs.patch
5b508775-3-x86-cmdline-opt-to-avoid-use-of-secondary-HTs.patch
5b508ce8-VMX-dont-clobber-dr6-while-debug-state-is-lazy.patch
5b50df16-1-x86-xstate-use-guest-CPUID-policy.patch
5b50df16-2-x86-make-xstate-calculation-errors-more-obvious.patch
5b56feb1-hvm-Disallow-unknown-MSR_EFER-bits.patch
5b56feb2-spec-ctrl-Fix-the-parsing-of-xpti--on-fixed-Intel-hardware.patch
5b62ca93-VMX-avoid-hitting-BUG_ON.patch
5b6d84ac-x86-fix-improve-vlapic-read-write.patch
5b6d8ce2-x86-XPTI-parsing.patch
5b72fbbe-ARM-disable-grant-table-v2.patch
5b72fbbe-oxenstored-eval-order.patch
5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch
5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch
5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch
5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch
5b72fbbf-4-mm-Plumbing-to-allow-any-PTE-update-to-fail-with--ERESTART.patch
5b72fbbf-5-pv-Force-a-guest-into-shadow-mode-when-it-writes-an-L1TF-vulnerable-PTE.patch
5b72fbbf-6-spec-ctrl-CPUID-MSR-definitions-for-L1D_FLUSH.patch
5b72fbbf-7-msr-Virtualise-MSR_FLUSH_CMD-for-guests.patch
5b72fbbf-8-spec-ctrl-Introduce-an-option-to-control-L1D_FLUSH-for-HVM-HAP-guests.patch
5b72fbbf-x86-Make-spec-ctrl-no-a-global-disable-of-all-mitigations.patch
5b72fbbf-xl.conf-Add-global-affinity-masks.patch
5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch
5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch
5b75afef-x86-setup-avoid-OoB-E820-lookup.patch
5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch
5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch
5b8d5832-x86-assorted-array_index_nospec-insertions.patch
5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch
5bacae4b-x86-boot-allocate-extra-module-slot.patch
5bae44ce-x86-silence-false-log-messages.patch
5bb60c12-x86-split-opt_xpti.patch
5bb60c4f-x86-split-opt_pv_l1tf.patch
5bb60c74-x86-fix-xpti-and-pv-l1tf.patch
5bcf0722-x86-boot-enable-NMIs.patch
5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch
5bd076e9-x86-boot-init-debug-regs-correctly.patch
5bd076e9-x86-init-vcpu-debug-regs-correctly.patch
5bd0e0cf-vvmx-Disallow-the-use-of-VT-x-instructions-when-nested-virt-is-disabled.patch
5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch
5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch
5be2a308-x86-extend-get_platform_badpages.patch
5be2a354-x86-work-around-HLE-host-lockup-erratum.patch
xsa275-1.patch
xsa275-2.patch
xsa276-1.patch
xsa276-2.patch
xsa277.patch
xsa279.patch
xsa280-1.patch
xsa280-2.patch�- bsc#1116524 - Package xen-tools-4.11.0_09-2.1.x86_64 broken:
Missing /bin/domu-xenstore. This was broken because "make
package build reproducible" change. (boo#1047218, boo#1062303)
This fix reverses the change to this patch.
tmp_build.patch�- bsc#1115040 - VUL-0: CVE-2018-19961 CVE-2018-19962: xen:
insufficient TLB flushing / improper large page mappings with AMD
IOMMUs (XSA-275)
xsa275-1.patch
xsa275-2.patch
- bsc#1115043 - VUL-0: CVE-2018-19963: xen: resource accounting
issues in x86 IOREQ server handling (XSA-276)
xsa276-1.patch
xsa276-2.patch
- bsc#1115044 - VUL-0: CVE-2018-19964: xen: x86: incorrect error
handling for guest p2m page removals (XSA-277)
xsa277.patch
- bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even
when disabled (XSA-278)
5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch
- bsc#1115045 - VUL-0: xen: CVE-2018-19965: x86: DoS from attempting
to use INVPCID with a non-canonical addresses (XSA-279)
xsa279.patch
- bsc#1115047 - VUL-0: CVE-2018-19966: xen: Fix for XSA-240
conflicts with shadow paging (XSA-280)
xsa280-1.patch
xsa280-2.patch
- bsc#1114988 - VUL-0: CVE-2018-19967: xen: guest use of HLE
constructs may lock up host (XSA-282)
5be2a308-x86-extend-get_platform_badpages.patch
5be2a354-x86-work-around-HLE-host-lockup-erratum.patch
- bsc#1108940 - L3: XEN SLE12-SP1 domU hang on SLE12-SP3 HV
5bdc31d5-VMX-fix-vmx_handle_eoi.patch
- Upstream bug fixes (bsc#1027519)
5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch
5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch
5bacae4b-x86-boot-allocate-extra-module-slot.patch
5bae44ce-x86-silence-false-log-messages.patch
5bb60c12-x86-split-opt_xpti.patch
5bb60c4f-x86-split-opt_pv_l1tf.patch
5bb60c74-x86-fix-xpti-and-pv-l1tf.patch
5bcf0722-x86-boot-enable-NMIs.patch
5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch
5bd076e9-x86-boot-init-debug-regs-correctly.patch
5bd076e9-x86-init-vcpu-debug-regs-correctly.patch
5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch�- bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even
when disabled (XSA-278)
5bd0e0cf-vvmx-Disallow-the-use-of-VT-x-instructions-when-nested-virt-is-disabled.patch�- Use SMBIOS_REL_DATE instead of SMBIOS_DATE for reproducible binaries�- make package build reproducible (boo#1047218, boo#1062303)
* Set SMBIOS_REL_DATE
* Update tmp_build.patch to use SHA instead of random build-id
* Add reproducible.patch to use --no-insert-timestamp�- Building with ncurses 6.1 will fail without
xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch
- Building libxl acpi support on aarch64 with gcc 8.2 will fail without
xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch�- bsc#1106263 - L3: The affinity reporting via 'xl vcpu-list' is
apparently broken
5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch
5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch
5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch�- bsc#1094508 - L3: Kernel oops in fs/dcache.c called by
d_materialise_unique()
5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch
5b9784d2-x86-HVM-add-known_gla-helper.patch
5b9784f2-x86-HVM-split-page-straddling-accesses.patch
- bsc#1103279 - (CVE-2018-15470) VUL-0: CVE-2018-15470: xen:
oxenstored does not apply quota-maxentity (XSA-272)
5b72fbbe-oxenstored-eval-order.patch
- bsc#1103275 - (CVE-2018-15469) VUL-0: CVE-2018-15469: xen: Use of
v2 grant tables may cause crash on ARM (XSA-268)
5b72fbbe-ARM-disable-grant-table-v2.patch
- Upstream patches from Jan (bsc#1027519)
5b6d84ac-x86-fix-improve-vlapic-read-write.patch
5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch
5b75afef-x86-setup-avoid-OoB-E820-lookup.patch
5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch
5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch
5b8d5832-x86-assorted-array_index_nospec-insertions.patch
- Drop 5b741962-x86-write-to-correct-variable-in-parse_pv_l1tf.patch�- bsc#1078292 - rpmbuild -ba SPECS/xen.spec with xen-4.9.1 failed
xen.spec�- bsc#1091107 - VUL-0: CVE-2018-3646: xen: L1 Terminal Fault -VMM
(XSA-273)
5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch
5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch
5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch
5b72fbbf-4-mm-Plumbing-to-allow-any-PTE-update-to-fail-with--ERESTART.patch
5b72fbbf-5-pv-Force-a-guest-into-shadow-mode-when-it-writes-an-L1TF-vulnerable-PTE.patch
5b72fbbf-6-spec-ctrl-CPUID-MSR-definitions-for-L1D_FLUSH.patch
5b72fbbf-7-msr-Virtualise-MSR_FLUSH_CMD-for-guests.patch
5b72fbbf-8-spec-ctrl-Introduce-an-option-to-control-L1D_FLUSH-for-HVM-HAP-guests.patch
- bsc#1103276 - VUL-0: CVE-2018-15468: xen: x86: Incorrect
MSR_DEBUGCTL handling lets guests enable BTS (XSA-269)
5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch
- Upstream prereq patches for XSA-273 and other upstream fixes
(bsc#1027519)
5b34b8fe-VMX-defer-vmx_vmcs_exit-as-long-as-possible.patch
5b3cab8e-1-VMX-MSR_DEBUGCTL-handling.patch
5b3cab8e-2-VMX-improve-MSR-load-save-API.patch
5b3cab8e-3-VMX-cleanup-MSR-load-save-infra.patch
5b3cab8f-1-VMX-factor-out-locate_msr_entry.patch
5b3cab8f-2-VMX-remote-access-to-MSR-lists.patch
5b3cab8f-3-VMX-improve-LBR-MSR-handling.patch
5b3cab8f-4-VMX-pass-MSR-value-into-vmx_msr_add.patch
5b3cab8f-5-VMX-load-only-guest-MSR-entries.patch
5b4321f6-x86-correctly-set-nonlazy_xstate_used-when-loading-full-state.patch
5b505fe5-VMX-fix-find-msr-build.patch
5b56feb1-hvm-Disallow-unknown-MSR_EFER-bits.patch
5b56feb2-spec-ctrl-Fix-the-parsing-of-xpti--on-fixed-Intel-hardware.patch
5b62ca93-VMX-avoid-hitting-BUG_ON.patch
5b6d8ce2-x86-XPTI-parsing.patch
5b72fbbf-x86-Make-spec-ctrl-no-a-global-disable-of-all-mitigations.patch
5b72fbbf-xl.conf-Add-global-affinity-masks.patch
5b741962-x86-write-to-correct-variable-in-parse_pv_l1tf.patch�- Upstream patches from Jan (bsc#1027519)
5b3f8fa5-port-array_index_nospec-from-Linux.patch
5b4488e7-x86-spec-ctrl-cmdline-handling.patch
5b471517-page_alloc-correct-first_dirty-calc-in-block-merging.patch
5b4c9a60-allow-cpu_down-to-be-called-earlier.patch
5b4db308-SVM-fix-cleanup-svm_inject_event.patch
5b5040c3-cpupools-fix-state-when-downing-a-CPU-failed.patch
5b5040f2-x86-AMD-distinguish-CU-from-HT.patch
5b508775-1-x86-distinguish-CPU-offlining-and-removal.patch
5b508775-2-x86-possibly-bring-up-all-CPUs.patch
5b508775-3-x86-cmdline-opt-to-avoid-use-of-secondary-HTs.patch
5b508ce8-VMX-dont-clobber-dr6-while-debug-state-is-lazy.patch
5b50df16-1-x86-xstate-use-guest-CPUID-policy.patch
5b50df16-2-x86-make-xstate-calculation-errors-more-obvious.patch
gcc8-fix-format-warning-on-i586.patch
gcc8-fix-array-warning-on-i586.patch
- Drop xen.fuzz-_FORTIFY_SOURCE.patch
gcc8-fix-warning-on-i586.patch�- Update to Xen 4.11.0 FCS (fate#325202, fate#325123)
xen-4.11.0-testing-src.tar.bz2
disable-building-pv-shim.patch
- Dropped patches
5a33a12f-domctl-improve-locking-during-domain-destruction.patch
5a6703cb-x86-move-invocations-of-hvm_flush_guest_tlbs.patch
5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch
5a9985bd-x86-invpcid-support.patch
5ac72a48-gcc8.patch
5ac72a5f-gcc8.patch
5ac72a64-gcc8.patch
5ac72a69-gcc8.patch
5ac72a6e-gcc8.patch
5ac72a74-gcc8.patch
5ac72a7b-gcc8.patch
5ad4923e-x86-correct-S3-resume-ordering.patch
5ad49293-x86-suppress-BTI-mitigations-around-S3.patch
5ad600d4-x86-pv-introduce-x86emul_read_dr.patch
5ad600d4-x86-pv-introduce-x86emul_write_dr.patch
5ad8c3a7-x86-spec_ctrl-update-retpoline-decision-making.patch
5adda097-x86-HPET-fix-race-triggering-ASSERT.patch
5adda0d5-x86-HVM-never-retain-emulated-insn-cache.patch
5adde9ed-xpti-fix-double-fault-handling.patch
5ae06fad-SVM-fix-intercepts-for-SYS-CALL-ENTER-MSRs.patch
5ae31917-x86-cpuidle-init-stats-lock-once.patch
5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch
5aeaeaf0-sched-fix-races-in-vcpu-migration.patch
5aeb2c57-x86-retval-checks-of-set-guest-trapbounce.patch
5aec7393-1-x86-xpti-avoid-copy.patch
5aec7393-2-x86-xpti-write-cr3.patch
5aec744a-3-x86-xpti-per-domain-flag.patch
5aec744a-4-x86-xpti-use-invpcid.patch
5aec744a-5-x86-xpti-no-global-pages.patch
5aec744a-6-x86-xpti-cr3-valid-flag.patch
5aec744a-7-x86-xpti-pv_guest_cr4_to_real_cr4.patch
5aec744b-8-x86-xpti-cr3-helpers.patch
5aec74a8-9-x86-xpti-use-pcid.patch
5af1daa9-1-x86-traps-fix-dr6-handing-in-DB-handler.patch
5af1daa9-2-x86-pv-move-exception-injection-into-test_all_events.patch
5af1daa9-3-x86-traps-use-IST-for-DB.patch
5af1daa9-4-x86-traps-fix-handling-of-DB-in-hypervisor-context.patch
5af1daa9-x86-HVM-guard-against-bogus-emulator-ioreq-state.patch
5af1daa9-x86-vpt-support-IO-APIC-routed-intr.patch
5af97999-viridian-cpuid-leaf-40000003.patch
5afc13ae-1-x86-read-MSR_ARCH_CAPABILITIES-once.patch
5afc13ae-2-x86-express-Xen-SPEC_CTRL-choice-as-variable.patch
5afc13ae-3-x86-merge-bti_ist_info-use_shadow_spec_ctrl.patch
5afc13ae-4-x86-fold-XEN_IBRS-ALTERNATIVES.patch
5afc13ae-5-x86-rename-bits-of-spec_ctrl-infrastructure.patch
5afc13ae-6-x86-elide-MSR_SPEC_CTRL-handling-in-idle.patch
5afc13ae-7-x86-split-X86_FEATURE_SC_MSR.patch
5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch
5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch
5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch
5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch
5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch
5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch
5b0bc9da-x86-XPTI-fix-S3-resume.patch
5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x80000008.patch
5b0d2d91-x86-suppress-sync-when-XPTI-off.patch
5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch
5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch
5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch
5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch
5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch
5b238b92-x86-HVM-account-for-fully-eager-FPU.patch
5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
5b31e004-x86-HVM-emul-attempts-FPU-set-fpu_initialised.patch
5b323e3c-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
5b34882d-x86-mm-dont-bypass-preemption-checks.patch
5b348874-x86-refine-checks-in-DB-handler.patch
5b348897-libxl-qemu_disk_scsi_drive_string-break-out-common.patch
5b3488a2-libxl-restore-passing-ro-to-qemu-for-SCSI-disks.patch
5b34891a-x86-HVM-dont-cause-NM-to-be-raised.patch
5b348954-x86-guard-against-NM.patch
libxl.Add-a-version-check-of-QEMU-for-QMP-commands.patch
libxl.LIBXL_DESTROY_TIMEOUT.patch
libxl.qmp-Tell-QEMU-about-live-migration-or-snapshot.patch
xen_fix_build_with_acpica_20180427_and_new_packages.patch�- Submit upstream patch libacpi: fixes for iasl >= 20180427
git commit 858dbaaeda33b05c1ac80aea0ba9a03924e09005
xen_fix_build_with_acpica_20180427_and_new_packages.patch
This is needed for acpica package to get updated in our build service�- Upstream patches from Jan (bsc#1027519)
5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch (Replaces Spectre-v4-1.patch)
5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch (Replaces Spectre-v4-2.patch)
5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch (Replaces Spectre-v4-3.patch)
5b0bc9da-x86-XPTI-fix-S3-resume.patch
5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x80000008.patch
5b0d2d91-x86-suppress-sync-when-XPTI-off.patch
5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch
5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch
5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch
5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch (Replaces xsa267-1.patch)
5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch (Replaces xsa267-2.patch)
5b238b92-x86-HVM-account-for-fully-eager-FPU.patch
5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
5b31e004-x86-HVM-emul-attempts-FPU-set-fpu_initialised.patch
5b323e3c-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
5b34882d-x86-mm-dont-bypass-preemption-checks.patch (Replaces xsa264.patch)
5b348874-x86-refine-checks-in-DB-handler.patch (Replaces xsa265.patch)
5b348897-libxl-qemu_disk_scsi_drive_string-break-out-common.patch (Replaces xsa266-1-<>.patch)
5b3488a2-libxl-restore-passing-ro-to-qemu-for-SCSI-disks.patch (Replaces xsa266-2-<>.patch)
5b34891a-x86-HVM-dont-cause-NM-to-be-raised.patch
5b348954-x86-guard-against-NM.patch�- Fix more build gcc8 related failures with xen.fuzz-_FORTIFY_SOURCE.patch�- bsc#1098403 - fix regression introduced by changes for bsc#1079730
a PV domU without qcow2 and/or vfb has no qemu attached.
Ignore QMP errors for PV domUs to handle PV domUs with and without
an attached qemu-xen.
xen.bug1079730.patch�- bsc#1097521 - VUL-0: CVE-2018-12891: xen: preemption checks
bypassed in x86 PV MM handling (XSA-264)
xsa264.patch
- bsc#1097522 - VUL-0: CVE-2018-12893: xen: x86: #DB exception
safety check can be triggered by a guest (XSA-265)
xsa265.patch
- bsc#1097523 - VUL-0: CVE-2018-12892: xen: libxl fails to honour
readonly flag on HVM emulated SCSI disks (XSA-266)
xsa266-1-libxl-qemu_disk_scsi_drive_string-Break-out-common-p.patch
xsa266-2-libxl-restore-passing-readonly-to-qemu-for-SCSI-disk.patch�- bsc#1095242 - VUL-0: CVE-2018-3665: xen: Lazy FP Save/Restore
(XSA-267)
xsa267-1.patch
xsa267-2.patch�- bsc#1092543 - GCC 8: xen build fails
gcc8-fix-warning-on-i586.patch�- bsc#1092631 - VUL-0: CVE-2018-3639: xen: V4 – Speculative Store
Bypass aka "Memory Disambiguation" (XSA-263)
5ad4923e-x86-correct-S3-resume-ordering.patch
5ad49293-x86-suppress-BTI-mitigations-around-S3.patch
5afc13ae-1-x86-read-MSR_ARCH_CAPABILITIES-once.patch
5afc13ae-2-x86-express-Xen-SPEC_CTRL-choice-as-variable.patch
5afc13ae-3-x86-merge-bti_ist_info-use_shadow_spec_ctrl.patch
5afc13ae-4-x86-fold-XEN_IBRS-ALTERNATIVES.patch
5afc13ae-5-x86-rename-bits-of-spec_ctrl-infrastructure.patch
5afc13ae-6-x86-elide-MSR_SPEC_CTRL-handling-in-idle.patch
5afc13ae-7-x86-split-X86_FEATURE_SC_MSR.patch
5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch
5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch
5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch
Spectre-v4-1.patch
Spectre-v4-2.patch
Spectre-v4-3.patch�- Always call qemus xen-save-devices-state in suspend/resume to
fix migration with qcow2 images (bsc#1079730)
libxl.Add-a-version-check-of-QEMU-for-QMP-commands.patch
libxl.qmp-Tell-QEMU-about-live-migration-or-snapshot.patch
xen.bug1079730.patch�- bsc#1087289 - L3: Xen BUG at sched_credit.c:1663
5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch
5aeaeaf0-sched-fix-races-in-vcpu-migration.patch
- Upstream patches from Jan (bsc#1027519)
5ad600d4-x86-pv-introduce-x86emul_read_dr.patch
5ad600d4-x86-pv-introduce-x86emul_write_dr.patch
5ad8c3a7-x86-spec_ctrl-update-retpoline-decision-making.patch
5adda097-x86-HPET-fix-race-triggering-ASSERT.patch
5adda0d5-x86-HVM-never-retain-emulated-insn-cache.patch
5ae06fad-SVM-fix-intercepts-for-SYS-CALL-ENTER-MSRs.patch
5ae31917-x86-cpuidle-init-stats-lock-once.patch
5aeb2c57-x86-retval-checks-of-set-guest-trapbounce.patch
5af1daa9-1-x86-traps-fix-dr6-handing-in-DB-handler.patch (Replaces xsa260-1.patch)
5af1daa9-2-x86-pv-move-exception-injection-into-test_all_events.patch (Replaces xsa260-2.patch)
5af1daa9-3-x86-traps-use-IST-for-DB.patch (Replaces xsa260-3.patch)
5af1daa9-4-x86-traps-fix-handling-of-DB-in-hypervisor-context.patch (Replaces xsa260-4.patch)
5af1daa9-x86-HVM-guard-against-bogus-emulator-ioreq-state.patch (Replaces xsa262.patch)
5af1daa9-x86-vpt-support-IO-APIC-routed-intr.patch (Replaces xsa261.patch)
5af97999-viridian-cpuid-leaf-40000003.patch�- Fixes related to Page Table Isolation (XPTI). bsc#1074562 XSA-254
5a6703cb-x86-move-invocations-of-hvm_flush_guest_tlbs.patch
5a9985bd-x86-invpcid-support.patch
5adde9ed-xpti-fix-double-fault-handling.patch
5aec7393-1-x86-xpti-avoid-copy.patch
5aec7393-2-x86-xpti-write-cr3.patch
5aec744a-3-x86-xpti-per-domain-flag.patch
5aec744a-4-x86-xpti-use-invpcid.patch
5aec744a-5-x86-xpti-no-global-pages.patch
5aec744a-6-x86-xpti-cr3-valid-flag.patch
5aec744a-7-x86-xpti-pv_guest_cr4_to_real_cr4.patch
5aec744b-8-x86-xpti-cr3-helpers.patch
5aec74a8-9-x86-xpti-use-pcid.patch�- bsc#1092543 - GCC 8: xen build fails
5ac72a48-gcc8.patch
5ac72a5f-gcc8.patch
5ac72a64-gcc8.patch
5ac72a69-gcc8.patch
5ac72a6e-gcc8.patch
5ac72a74-gcc8.patch
5ac72a7b-gcc8.patch
gcc8-inlining-failed.patch�- Update to Xen 4.10.1 bug fix release (bsc#1027519)
xen-4.10.1-testing-src.tar.bz2
disable-building-pv-shim.patch
- Drop the following patches contained in the new tarball
5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch
5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch
5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch
5a313972-x86-microcode-add-support-for-AMD-Fam17.patch
5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch
5a4caa5e-x86-IRQ-conditionally-preserve-access-perm.patch
5a4caa8c-x86-E820-don-t-overrun-array.patch
5a4e2bca-x86-free-msr_vcpu_policy-during-destruction.patch
5a4e2c2c-x86-upcall-inject-spurious-event-after-setting-vector.patch
5a4fd893-1-x86-break-out-alternative-asm-into-separate-header.patch
5a4fd893-2-x86-introduce-ALTERNATIVE_2-macros.patch
5a4fd893-3-x86-hvm-rename-update_guest_vendor-to-cpuid_policy_changed.patch
5a4fd893-4-x86-introduce-cpuid_policy_updated.patch
5a4fd893-5-x86-entry-remove-partial-cpu_user_regs.patch
5a4fd894-1-x86-rearrange-RESTORE_ALL-to-restore-in-stack-order.patch
5a4fd894-2-x86-hvm-use-SAVE_ALL-after-VMExit.patch
5a4fd894-3-x86-erase-guest-GPRs-on-entry-to-Xen.patch
5a4fd894-4-clarifications-to-wait-infrastructure.patch
5a534c78-x86-dont-use-incorrect-CPUID-values-for-topology.patch
5a5cb24c-x86-mm-always-set-_PAGE_ACCESSED-on-L4-updates.patch
5a5e2cff-x86-Meltdown-band-aid.patch
5a5e2d73-x86-Meltdown-band-aid-conditional.patch
5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch
5a5e3a4e-2-x86-support-indirect-thunks-from-asm.patch
5a5e3a4e-3-x86-report-speculative-mitigation-details.patch
5a5e3a4e-4-x86-AMD-set-lfence-as-Dispatch-Serialising.patch
5a5e3a4e-5-x86-introduce-alternative-indirect-thunks.patch
5a5e3a4e-6-x86-definitions-for-Indirect-Branch-Controls.patch
5a5e3a4e-7-x86-cmdline-opt-to-disable-IBRS-IBPB-STIBP.patch
5a5e459c-1-x86-SVM-offer-CPUID-faulting-to-AMD-HVM-guests.patch
5a5e459c-2-x86-report-domain-id-on-CPUID.patch
5a68bc16-x86-acpi-process-softirqs-logging-Cx.patch
5a69c0b9-x86-fix-GET_STACK_END.patch
5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch
5a6b36cd-2-x86-msr-emulation-of-SPEC_CTRL-PRED_CMD.patch
5a6b36cd-3-x86-migrate-MSR_SPEC_CTRL.patch
5a6b36cd-4-x86-hvm-permit-direct-access-to-SPEC_CTRL-PRED_CMD.patch
5a6b36cd-5-x86-use-SPEC_CTRL-on-entry.patch
5a6b36cd-6-x86-clobber-RSB-RAS-on-entry.patch
5a6b36cd-7-x86-no-alternatives-in-NMI-MC-paths.patch
5a6b36cd-8-x86-boot-calculate-best-BTI-mitigation.patch
5a6b36cd-9-x86-issue-speculation-barrier.patch
5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch
5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch
5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch
5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch
5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch
5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch
5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch
5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch
5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch
5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch
5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch
5a955800-gnttab-dont-free-status-pages-on-ver-change.patch
5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch
5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch
5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch
5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch
5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch
5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch
5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch
xsa258.patch
xsa259.patch�- bsc#1090820 - VUL-0: CVE-2018-8897: xen: x86: mishandling of
debug exceptions (XSA-260)
xsa260-1.patch
xsa260-2.patch
xsa260-3.patch
xsa260-4.patch
- bsc#1090822 - VUL-0: CVE-2018-10982: xen: x86 vHPET interrupt
injection errors (XSA-261)
xsa261.patch
- bsc#1090823 - VUL-0: CVE-2018-10981: xen: qemu may drive Xen into
unbounded loop (XSA-262)
xsa262.patch�- bsc#1089152 - VUL-0: CVE-2018-10472: xen: Information leak via
crafted user-supplied CDROM (XSA-258)
xsa258.patch
- bsc#1089635 - VUL-0: CVE-2018-10471: xen: x86: PV guest may crash
Xen with XPTI (XSA-259)
xsa259.patch�- Preserve xen-syms from xen-dbg.gz to allow processing vmcores
with crash(1) (bsc#1087251)�- Upstream patches from Jan (bsc#1027519) and fixes related to
Page Table Isolation (XPTI). See also bsc#1074562 XSA-254
5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch
5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch
5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch
5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch
5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch
5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch�- bsc#1072834 - Xen HVM: unchecked MSR access error: RDMSR from
0xc90 at rIP: 0xffffffff93061456 (native_read_msr+0x6/0x30)
5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch
- Upstream patches from Jan (bsc#1027519)
5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch
5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch
5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch
5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch
5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch
5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch
5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch
5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch (Replaces xsa252.patch)
5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch (Replaces xsa255-1.patch)
5a955800-gnttab-dont-free-status-pages-on-ver-change.patch (Replaces xsa255-2.patch)
5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch (Replaces xsa256.patch)
- Drop
xsa252.patch
xsa255-1.patch
xsa255-2.patch
xsa256.patch�- bsc#1080635 - VUL-0: CVE-2018-7540: xen: DoS via non-preemptable
L3/L4 pagetable freeing (XSA-252)
xsa252.patch
- bsc#1080662 - VUL-0: CVE-2018-7541: xen: grant table v2 -> v1
transition may crash Xen (XSA-255)
xsa255-1.patch
xsa255-2.patch
- bsc#1080634 - VUL-0: CVE-2018-7542: xen: x86 PVH guest without
LAPIC may DoS the host (XSA-256)
xsa256.patch�- Remove stale systemd presets code for 13.2 and older�- fate#324965 - add script, udev rule and systemd service to watch
for vcpu online/offline events in a HVM domU
They are triggered via xl vcpu-set domU N�- Replace hardcoded xen with Name tag when refering to subpkgs�- Make sure tools and tools-domU require libs from the very same build�- tools-domU: Add support for qemu guest agent. New files
80-xen-channel-setup.rules and xen-channel-setup.sh configure a
xen-pv-channel for use by the guest agent
FATE#324963�- Remove outdated /etc/xen/README*�- bsc#1073961 - VUL-0: CVE-2018-5244: xen: x86: memory leak with
MSR emulation (XSA-253)
5a4e2bca-x86-free-msr_vcpu_policy-during-destruction.patch
- bsc#1074562 - VUL-0: CVE-2017-5753,CVE-2017-5715,CVE-2017-5754
xen: Information leak via side effects of speculative execution
(XSA-254). Includes Spectre v2 mitigation.
5a4caa5e-x86-IRQ-conditionally-preserve-access-perm.patch
5a4caa8c-x86-E820-don-t-overrun-array.patch
5a4e2c2c-x86-upcall-inject-spurious-event-after-setting-vector.patch
5a4fd893-1-x86-break-out-alternative-asm-into-separate-header.patch
5a4fd893-2-x86-introduce-ALTERNATIVE_2-macros.patch
5a4fd893-3-x86-hvm-rename-update_guest_vendor-to-cpuid_policy_changed.patch
5a4fd893-4-x86-introduce-cpuid_policy_updated.patch
5a4fd893-5-x86-entry-remove-partial-cpu_user_regs.patch
5a4fd894-1-x86-rearrange-RESTORE_ALL-to-restore-in-stack-order.patch
5a4fd894-2-x86-hvm-use-SAVE_ALL-after-VMExit.patch
5a4fd894-3-x86-erase-guest-GPRs-on-entry-to-Xen.patch
5a4fd894-4-clarifications-to-wait-infrastructure.patch
5a534c78-x86-dont-use-incorrect-CPUID-values-for-topology.patch
5a5cb24c-x86-mm-always-set-_PAGE_ACCESSED-on-L4-updates.patch
5a5e2cff-x86-Meltdown-band-aid.patch
5a5e2d73-x86-Meltdown-band-aid-conditional.patch
5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch
5a5e3a4e-2-x86-support-indirect-thunks-from-asm.patch
5a5e3a4e-3-x86-report-speculative-mitigation-details.patch
5a5e3a4e-4-x86-AMD-set-lfence-as-Dispatch-Serialising.patch
5a5e3a4e-5-x86-introduce-alternative-indirect-thunks.patch
5a5e3a4e-6-x86-definitions-for-Indirect-Branch-Controls.patch
5a5e3a4e-7-x86-cmdline-opt-to-disable-IBRS-IBPB-STIBP.patch
5a5e459c-1-x86-SVM-offer-CPUID-faulting-to-AMD-HVM-guests.patch
5a5e459c-2-x86-report-domain-id-on-CPUID.patch
5a68bc16-x86-acpi-process-softirqs-logging-Cx.patch
5a69c0b9-x86-fix-GET_STACK_END.patch
5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch
5a6b36cd-2-x86-msr-emulation-of-SPEC_CTRL-PRED_CMD.patch
5a6b36cd-3-x86-migrate-MSR_SPEC_CTRL.patch
5a6b36cd-4-x86-hvm-permit-direct-access-to-SPEC_CTRL-PRED_CMD.patch
5a6b36cd-5-x86-use-SPEC_CTRL-on-entry.patch
5a6b36cd-6-x86-clobber-RSB-RAS-on-entry.patch
5a6b36cd-7-x86-no-alternatives-in-NMI-MC-paths.patch
5a6b36cd-8-x86-boot-calculate-best-BTI-mitigation.patch
5a6b36cd-9-x86-issue-speculation-barrier.patch
5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch
5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch�- Fix python3 deprecated atoi call (bsc#1067224)
pygrub-python3-conversion.patch
- Drop xenmon-python3-conversion.patch�- bsc#1067317 - pass cache=writeback|unsafe|directsync to qemu,
depending on the libxl disk settings
libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch�- Remove libxl.LIBXL_DESTROY_TIMEOUT.debug.patch�- bsc#1067224 - xen-tools have hard dependency on Python 2
build-python3-conversion.patch
bin-python3-conversion.patch�- bsc#1070165 - xen crashes after aborted localhost migration
5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch
- bsc#1035442 - L3: libxl: error: libxl.c:1676:devices_destroy_cb:
libxl__devices_destroy failed
5a33a12f-domctl-improve-locking-during-domain-destruction.patch
- Upstream patches from Jan (bsc#1027519)
5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch
5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch
5a313972-x86-microcode-add-support-for-AMD-Fam17.patch
5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch�- Update to Xen 4.10.0 FCS (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2�- Rebuild initrd if xen-tools-domU is updated�- Update to Xen 4.10.0-rc8 (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2�- Increase the value of LIBXL_DESTROY_TIMEOUT from 10 to 100 seconds
If many domUs shutdown in parallel the backends can not keep up
Add some debug output to track how long backend shutdown takes (bsc#1035442)
libxl.LIBXL_DESTROY_TIMEOUT.patch
libxl.LIBXL_DESTROY_TIMEOUT.debug.patch�- Adjust xenstore-run-in-studomain.patch to change the defaults
in the code instead of changing the sysconfig template, to also
cover the upgrade case�- Update to Xen 4.10.0-rc6 (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2�- Since xen switched to Kconfig, building a debug hypervisor
was done by default. Adjust make logic to build a non-debug
hypervisor by default, and continue to provide one as xen-dbg.gz�- fate#316614: set migration constraints from cmdline
fix libxl.set-migration-constraints-from-cmdline.patch for xen-4.10�- Document the suse-diskcache-disable-flush option in
xl-disk-configuration(5) (bsc#879425,bsc#1067317)�- Replace references to /var/adm/fillup-templates with new
%_fillupdir macro (boo#1069468)�- Update to Xen 4.10.0-rc5 (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2
- fate#323663 - Run Xenstore in stubdomain
xenstore-run-in-studomain.patch�- bsc#1067224 - xen-tools have hard dependency on Python 2
pygrub-python3-conversion.patch
xenmon-python3-conversion.patch
migration-python3-conversion.patch
xnloader.py
xen2libvirt.py�- Remove xendriverdomain.service (bsc#1065185)
Driver domains must be configured manually with custom .service file�- Update to Xen 4.10.0-rc3 (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2
- Drop 59f31268-libxc-remove-stale-error-check-for-domain-size.patch�- Adjust xen-dom0-modules.service to ignore errors (bsc#1065187)�- fate#324052 Support migration of Xen HVM domains larger than 1TB
59f31268-libxc-remove-stale-error-check-for-domain-size.patch�- Update to Xen 4.10.0-rc2 (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2�- Update to Xen 4.10.0-rc1 (fate#321394, fate#322686)
xen-4.10.0-testing-src.tar.bz2
- Drop patches included in new tarball
592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch
596f257e-x86-fix-hvmemul_insn_fetch.patch
5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch
598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch
598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch
5992f1e5-x86-grant-disallow-misaligned-PTEs.patch
5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch
5992f233-gnttab-correct-pin-status-fixup-for-copy.patch
59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch
59958ebf-gnttab-fix-transitive-grant-handling.patch
59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch
599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch
59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch
59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch
59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch
59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch
59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch
59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch
59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch
59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch
59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch
59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch
59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch
59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch
gcc7-arm.patch
gcc7-mini-os.patch�- bsc#1061084 - VUL-0: xen: page type reference leak on x86
(XSA-242)
xsa242.patch
- bsc#1061086 - VUL-0: xen: x86: Incorrect handling of self-linear
shadow mappings with translated guests (XSA-243)
xsa243.patch
- bsc#1061087 - VUL-0: xen: x86: Incorrect handling of IST settings
during CPU hotplug (XSA-244)
xsa244.patch�- bsc#1061077 - VUL-0: xen: DMOP map/unmap missing argument checks
(XSA-238)
xsa238.patch
- bsc#1061080 - VUL-0: xen: hypervisor stack leak in x86 I/O
intercept code (XSA-239)
xsa239.patch
- bsc#1061081 - VUL-0: xen: Unlimited recursion in linear pagetable
de-typing (XSA-240)
xsa240-1.patch
xsa240-2.patch
- bsc#1061082 - VUL-0: xen: Stale TLB entry due to page type
release race (XSA-241)
xsa241.patch�- bsc#1061075 - VUL-0: xen: pin count / page reference race in
grant table code (XSA-236)
xsa236.patch
- bsc#1061076 - VUL-0: xen: multiple MSI mapping issues on x86
(XSA-237)
xsa237-1.patch
xsa237-2.patch
xsa237-3.patch
xsa237-4.patch
xsa237-5.patch�- bsc#1056278 - VUL-0: xen: Missing NUMA node parameter
verification (XSA-231)
59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch
- bsc#1056280 - VUL-0: xen: Missing check for grant table (XSA-232)
59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch
- bsc#1056281 - VUL-0: xen: cxenstored: Race in domain cleanup
(XSA-233)
59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch
- bsc#1056282 - VUL-0: xen: insufficient grant unmapping checks for
x86 PV guests (XSA-234)
59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch
- bsc#1055321 - VUL-0: xen: add-to-physmap error paths fail to
release lock on ARM (XSA-235)
599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch
- Upstream patches from Jan (bsc#1027519)
59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch
59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch
59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch
59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch
59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch
59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch
59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch
59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch
- Dropped gcc7-xen.patch�- bsc#1057358 - Cannot Boot into SLES12.3 with Xen hypervisor when
Secure Boot is Enabled
xen.spec�- bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored
update from v6 to v9 to cover more cases for ballooned domUs
libxc.sr.superpage.patch�- bsc#1026236 - remove suse_vtsc_tolerance= cmdline option for Xen
drop the patch because it is not upstream acceptable
remove xen.suse_vtsc_tolerance.patch�- bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored
after the save using xl stack
libxc.sr.superpage.patch�- Unignore gcc-PIE
the toolstack disables PIE for firmware builds as needed�- Upstream patches from Jan (bsc#1027519)
592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch
596f257e-x86-fix-hvmemul_insn_fetch.patch
5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch
598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch
598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch
5992f1e5-x86-grant-disallow-misaligned-PTEs.patch (Replaces xsa227.patch)
5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch (Replaces xsa228.patch)
5992f233-gnttab-correct-pin-status-fixup-for-copy.patch (Replaces xsa230.patch)
59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch (Replaces xsa226-1.patch)
59958ebf-gnttab-fix-transitive-grant-handling.patch (Replaces xsa226-2.patch)
59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch�- bsc#1044974 - xen-tools require python-pam
xen.spec�- Clean up spec file errors and a few warnings. (bsc#1027519)
- Removed conditional 'with_systemd' and some old deprecated
'sles_version' checks.
xen.spec�- Remove use of brctl utiltiy from supportconfig plugin
FATE#323639�- Use upstream variant of mini-os __udivmoddi4 change
gcc7-mini-os.patch�- fate#323639 Move bridge-utils to legacy
replace-obsolete-network-configuration-commands-in-s.patch�- bsc#1052686 - VUL-0: xen: grant_table: possibly premature
clearing of GTF_writing / GTF_reading (XSA-230)
xsa230.patch�- bsc#1035231 - migration of HVM domU does not use superpages
on destination dom0
libxc.sr.superpage.patch�- bsc#1051787 - VUL-0: CVE-2017-12135: xen: possibly unbounded
recursion in grant table code (XSA-226)
xsa226-1.patch
xsa226-2.patch
- bsc#1051788 - VUL-0: CVE-2017-12137: xen: x86: PV privilege
escalation via map_grant_ref (XSA-227)
xsa227.patch
- bsc#1051789 - VUL-0: CVE-2017-12136: xen: grant_table: Race
conditions with maptrack free list handling (XSA-228)
xsa228.patch�- Add a supportconfig plugin
xen-supportconfig
FATE#323661�- bsc#1026236 - add suse_vtsc_tolerance= cmdline option for Xen
To avoid emulation of TSC access from a domU after live migration
add a global tolerance for the measured host kHz
xen.suse_vtsc_tolerance.patch�- fate#323662 Drop qemu-dm from xen-tools package
The following tarball and patches have been removed
qemu-xen-traditional-dir-remote.tar.bz2
VNC-Support-for-ExtendedKeyEvent-client-message.patch
0001-net-move-the-tap-buffer-into-TAPState.patch
0002-net-increase-tap-buffer-size.patch
0003-e1000-fix-access-4-bytes-beyond-buffer-end.patch
0004-e1000-secrc-support.patch
0005-e1000-multi-buffer-packet-support.patch
0006-e1000-clear-EOP-for-multi-buffer-descriptors.patch
0007-e1000-verify-we-have-buffers-upfront.patch
0008-e1000-check-buffer-availability.patch
CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch
CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch
CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch
CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch
CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch
CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch
CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch
CVE-2015-4037-qemut-smb-config-dir-name.patch
CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch
CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch
CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch
CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch
CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch
CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch
CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch
CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch
CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch
CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch
CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch
CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch
CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch
CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch
CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch
CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch
CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch
CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch
CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch
CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch
CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch
CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch
blktap.patch
cdrom-removable.patch
xen-qemu-iscsi-fix.patch
qemu-security-etch1.patch
xen-disable-qemu-monitor.patch
xen-hvm-default-bridge.patch
qemu-ifup-set-mtu.patch
ioemu-vnc-resize.patch
capslock_enable.patch
altgr_2.patch
log-guest-console.patch
bdrv_open2_fix_flags.patch
bdrv_open2_flags_2.patch
ioemu-7615-qcow2-fix-alloc_cluster_link_l2.patch
qemu-dm-segfault.patch
bdrv_default_rwflag.patch
kernel-boot-hvm.patch
ioemu-watchdog-support.patch
ioemu-watchdog-linkage.patch
ioemu-watchdog-ib700-timer.patch
ioemu-hvm-pv-support.patch
pvdrv_emulation_control.patch
ioemu-disable-scsi.patch
ioemu-disable-emulated-ide-if-pv.patch
xenpaging.qemu.flush-cache.patch
ioemu-devicemodel-include.patch
- Cleanup spec file and remove unused KMP patches
kmp_filelist
supported_module.patch
xen_pvonhvm.xen_emul_unplug.patch�- bsc#1002573 - Optimize LVM functions in block-dmmd
block-dmmd�- Record initial Xen dmesg in /var/log/xen/xen-boot.log for
supportconfig. Keep previous log in /var/log/xen/xen-boot.prev.log�- Remove storytelling from description in xen.rpm�- Update to Xen 4.9.0 FCS (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2�- Update block-dmmd script (bsc#1002573)
block-dmmd�- Update to Xen 4.9.0-rc8+ (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2
gcc7-arm.patch
- Drop gcc7-error-xenpmd.patch�- Update to Xen 4.9.0-rc8 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2�- bsc#1042160 - VUL-1: CVE-2017-9330: xen: usb: ohci: infinite loop
due to incorrect return value
CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch�- bsc#1037243 - VUL-1: CVE-2017-8309: xen: audio: host memory
leakage via capture buffer
CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch�- Update to Xen 4.9.0-rc7 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2�- Update to Xen 4.9.0-rc6 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2�- bsc#1031343 - xen fails to build with GCC 7
gcc7-mini-os.patch
gcc7-xen.patch�- bsc#1031343 - xen fails to build with GCC 7
gcc7-error-xenpmd.patch�- Update to Xen 4.9.0-rc5 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2
- Drop xen-tools-pkgconfig-xenlight.patch�- bsc#1037779 - xen breaks kexec-tools build
xen-tools-pkgconfig-xenlight.patch�- Update to Xen 4.9.0-rc4 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2�- bsc#1036146 - sles12sp2 xen VM dumps core to wrong path
xen.spec�- Update to Xen 4.9.0-rc3 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2
aarch64-maybe-uninitialized.patch�- Update to Xen 4.9.0-rc2 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2�- Update to Xen 4.9.0-rc1 (fate#321394, fate#323108)
xen-4.9.0-testing-src.tar.bz2
ioemu-devicemodel-include.patch
- Dropped patches contained in new tarball
xen-4.8.0-testing-src.tar.bz2
0001-xenstore-let-write_node-and-some-callers-return-errn.patch
0002-xenstore-undo-function-rename.patch
0003-xenstore-rework-of-transaction-handling.patch
584806ce-x86emul-correct-PUSHF-POPF.patch
584fc649-fix-determining-when-domain-creation-is-complete.patch
58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch
58510cac-x86emul-MOVNTI-no-REP-prefixes.patch
58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch
5853ed37-VT-d-correct-dma_msi_set_affinity.patch
5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch
58580060-x86-emul-correct-SYSCALL-eflags-handling.patch
585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch
585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch
585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch
586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch
587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch
587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch
5882129d-x86emul-LOCK-check-adjustments.patch
58821300-x86-segment-attribute-handling.patch
58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch
58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch
5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch
5887888f-credit2-never-consider-CPUs-outside-of-pool.patch
5887888f-credit2-use-the-correct-scratch-cpumask.patch
5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch
5899cbd9-EPT-allow-wrcomb-MMIO-mappings-again.patch
589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch
58a44771-IOMMU-always-call-teardown-callback.patch
58a48ccc-x86-fix-p2m_flush_table-for-non-nested.patch
58a59f4b-libxl-correct-xenstore-entry-for-empty-cdrom.patch
58a70d94-VMX-fix-VMCS-race-on-cswitch-paths.patch
58ac1f3f-VMX-dont-leak-host-syscall-MSRs.patch
58b5a2de-x86-correct-Xens-idea-of-its-memory-layout.patch
58b6fd42-credit2-always-mark-a-tickled-pCPU-as-tickled.patch
58b6fd42-credit2-dont-miss-accounting-during-credit-reset.patch
58cbf682-x86-EFI-avoid-overrunning-mb_modules.patch
58cf9200-x86-EFI-avoid-IOMMU-faults-on-tail-gap.patch
58cf9260-x86-EFI-avoid-Xen-when-looking-for-mod-kexec-pos.patch
58cf9277-x86-time-dont-use-vTSC-if-host-guest-freqs-match.patch
58d25ea2-xenstore-add-missing-checks-for-allocation-failure.patch
58d91365-sched-dont-call-wrong-hook-via-VCPU2OP.patch
CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch
CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch
glibc-2.25-compatibility-fix.patch
xs-09-add_change_node-params.patch
xs-10-call-add_change_node.patch
xs-11-tdb-record-header.patch
xs-12-node-gen-count.patch
xs-13-read-directory-part-support.patch
xs-14-command-array.patch
xs-15-command-return-val.patch
xs-16-function-static.patch
xs-17-arg-parsing.patch
xs-18-default-buffer.patch
xs-19-handle-alloc-failures.patch
xs-20-tdb-version.patch
xs-21-empty-tdb-database.patch
xs-22-reopen_log-fix.patch
xs-23-XS_DEBUG-rename.patch
xs-24-xenstored_control.patch
xs-25-control-enhance.patch
xs-26-log-control.patch
xs-27-memory-report.patch
xs-28-remove-talloc-report.patch
xs-29-define-off_t.patch
xsa206-0001-xenstored-apply-a-write-transaction-rate-limit.patch
xsa206-0002-xenstored-Log-when-the-write-transaction-rate-limit.patch�- bsc#1022703 - Xen HVM guest with OVMF hangs with unattached CDRom
58a59f4b-libxl-correct-xenstore-entry-for-empty-cdrom.patch�- bsc#1015348 - L3: libvirtd does not start during boot
suse-xendomains-service.patch�- bsc#1014136 - Partner-L3: kdump can't dump a kernel on SLES12-SP2
with Xen hypervisor.
58cf9260-x86-EFI-avoid-Xen-when-looking-for-mod-kexec-pos.patch
- bsc#1026236 - L3: Paravirtualized vs. fully virtualized migration
- latter one much faster
58cf9277-x86-time-dont-use-vTSC-if-host-guest-freqs-match.patch
- Upstream patch from Jan
58cbf682-x86-EFI-avoid-overrunning-mb_modules.patch
58cf9200-x86-EFI-avoid-IOMMU-faults-on-tail-gap.patch
58d91365-sched-dont-call-wrong-hook-via-VCPU2OP.patch�- bsc#1022555 - L3: Timeout in "execution of /etc/xen/scripts/block
add"
58d25ea2-xenstore-add-missing-checks-for-allocation-failure.patch
0001-xenstore-let-write_node-and-some-callers-return-errn.patch
0002-xenstore-undo-function-rename.patch
0003-xenstore-rework-of-transaction-handling.patch
- bsc#1030144 - VUL-0: xen: xenstore denial of service via repeated
update (XSA-206)
xsa206-0001-xenstored-apply-a-write-transaction-rate-limit.patch
xsa206-0002-xenstored-Log-when-the-write-transaction-rate-limit.patch
- bsc#1029827 - Forward port xenstored
xs-09-add_change_node-params.patch
xs-10-call-add_change_node.patch
xs-11-tdb-record-header.patch
xs-12-node-gen-count.patch
xs-13-read-directory-part-support.patch
xs-14-command-array.patch
xs-15-command-return-val.patch
xs-16-function-static.patch
xs-17-arg-parsing.patch
xs-18-default-buffer.patch
xs-19-handle-alloc-failures.patch
xs-20-tdb-version.patch
xs-21-empty-tdb-database.patch
xs-22-reopen_log-fix.patch
xs-23-XS_DEBUG-rename.patch
xs-24-xenstored_control.patch
xs-25-control-enhance.patch
xs-26-log-control.patch
xs-27-memory-report.patch
xs-28-remove-talloc-report.patch
xs-29-define-off_t.patch�- bsc#1029128 - fix make xen to really produce xen.efi with gcc48�- bsc#1028235 - VUL-0: CVE-2017-6505: xen: qemu: usb: an infinite
loop issue in ohci_service_ed_list
CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch
- Upstream patches from Jan (bsc#1027519)
5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch
5887888f-credit2-use-the-correct-scratch-cpumask.patch
5899cbd9-EPT-allow-wrcomb-MMIO-mappings-again.patch
589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch
58a44771-IOMMU-always-call-teardown-callback.patch
58a48ccc-x86-fix-p2m_flush_table-for-non-nested.patch
58a70d94-VMX-fix-VMCS-race-on-cswitch-paths.patch
58ac1f3f-VMX-dont-leak-host-syscall-MSRs.patch
58b5a2de-x86-correct-Xens-idea-of-its-memory-layout.patch
58b6fd42-credit2-always-mark-a-tickled-pCPU-as-tickled.patch
58b6fd42-credit2-dont-miss-accounting-during-credit-reset.patch�- bsc#1027654 - XEN fails to build against glibc 2.25
glibc-2.25-compatibility-fix.patch
libxl.pvscsi.patch�- fate#316613: Refresh and enable libxl.pvscsi.patch�- bsc#1024834 - VUL-0: CVE-2017-2620: xen: cirrus_bitblt_cputovideo
does not check if memory region is safe (XSA-209)
CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch�- bsc#1023948 - [pvusb][sles12sp3][openqa] Segmentation fault
happened when adding usbctrl devices via xl
589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch�- Upstream patches from Jan (bsc#1027519)
587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch
587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch
5882129d-x86emul-LOCK-check-adjustments.patch
58821300-x86-segment-attribute-handling.patch
58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch
58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch
5887888f-credit2-use-the-correct-scratch-cpumask.patch
5887888f-credit2-never-consider-CPUs-outside-of-pool.patch
5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch
5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch�- bsc#1023004 - VUL-0: CVE-2017-2615: qemu: display: cirrus: oob
access while doing bitblt copy backward mode
CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch�- fate#322313 and fate#322150 require the acpica package ported to
aarch64 which Xen 4.8 needs to build. Temporarily disable aarch64
until these fates are complete.
xen.spec�- bsc#1021952 - Virutalization/xen: Bug xen-tools missing
/usr/bin/domu-xenstore; guests fail to launch
tmp_build.patch
xen.spec�- No systemd presets for 42.3+ and SLE12SP3+ (bsc#1012842)�- bsc#1007224 - broken symlinks in /usr/share/doc/packages/xen/misc/
xen.spec�- 585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch
Replaces xsa202.patch (bsc#1014298)
- 585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch
Replaces xsa203.patch (bsc#1014300)
- 58580060-x86-emul-correct-SYSCALL-eflags-handling.patch
Replaces xsa204.patch (bsc#1016340)
- Upstream patches from Jan
58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch
5853ed37-VT-d-correct-dma_msi_set_affinity.patch
5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch
585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch
586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch�- bsc#1015169 - VUL-0: CVE-2016-9921, CVE-2016-9922: xen: qemu:
display: cirrus_vga: a divide by zero in cirrus_do_copy
CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch�- bsc#1016340 - VUL-0: CVE-2016-10013: xen: x86: Mishandling of
SYSCALL singlestep during emulation (XSA-204)
xsa204.patch�- bsc#1012651 - VUL-0: CVE-2016-9932: xen: x86 CMPXCHG8B emulation
fails to ignore operand size override (XSA-200)
58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch�- bsc#1014298 - VUL-0: CVE-2016-10024: xen: x86 PV guests may be
able to mask interrupts (XSA-202)
xsa202.patch
- bsc#1014300 - VUL-0: CVE-2016-10025: xen: x86: missing NULL
pointer check in VMFUNC emulation (XSA-203)
xsa203.patch
- Upstream patches from Jan
584806ce-x86emul-correct-PUSHF-POPF.patch
584fc649-fix-determining-when-domain-creation-is-complete.patch
58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch
58510cac-x86emul-MOVNTI-no-REP-prefixes.patch�- Update to Xen 4.8 FCS
xen-4.8.0-testing-src.tar.bz2
- Dropped
xen-4.7.1-testing-src.tar.bz2
0001-libxc-Rework-extra-module-initialisation.patch
0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch
0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch
0004-firmware-makefile-install-BIOS-blob.patch
0005-libxl-Load-guest-BIOS-from-file.patch
0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch
0007-hvmloader-Grab-the-hvm_start_info-pointer.patch
0008-hvmloader-Locate-the-BIOS-blob.patch
0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch
0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch
0011-hvmloader-Load-OVMF-from-modules.patch
0012-hvmloader-Specific-bios_load-function-required.patch
0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch
0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch
57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch
576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch
5769106e-x86-generate-assembler-equates-for-synthesized.patch
57a1e603-x86-time-adjust-local-system-time-initialization.patch
57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch
57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch
57a30261-x86-support-newer-Intel-CPU-models.patch
5810a9cc-x86-emul-Correct-decoding-of-SReg3-operands.patch
581b2c3b-x86-emul-reject-LGDT-LIDT-with-non-canonical-addresses.patch
581b647a-x86emul-L-S-G-I-DT-ignore-opsz-overrides-in-64-bit-mode.patch
58249392-x86-svm-dont-clobber-eax-edx-if-RDMSR-intercept-fails.patch
582c35d6-x86-vmx-correct-long-mode-check-in-vmx_cpuid_intercept.patch
582c35ee-x86-traps-dont-call-hvm_hypervisor_cpuid_leaf-for-PV.patch
58343dc2-x86-hvm-Fix-the-handling-of-non-present-segments.patch
58343df8-x86-HVM-dont-load-LDTR-with-VM86-mode-attrs-during-task-switch.patch
58343e24-x86-PV-writes-of-fs-and-gs-base-MSRs-require-canonical-addresses.patch
58343e9e-libelf-fix-stack-memory-leak-when-loading-32-bit-symbol-tables.patch
58343ec2-x86emul-fix-huge-bit-offset-handling.patch
58343f29-x86-emul-correct-the-IDT-entry-calculation-in-inject_swint.patch
58343f44-x86-svm-fix-injection-of-software-interrupts.patch
58343f79-pygrub-Properly-quote-results-when-returning-them-to-the-caller.patch
CVE-2016-9381-xsa197-qemut.patch
CVE-2016-9637-xsa199-qemut.patch�- bsc#1011652 - VUL-0: xen: qemu ioport array overflow
CVE-2016-9637-xsa199-qemut.patch�- bsc#1009100 - VUL-0: CVE-2016-9386: XSA-191: xen: x86 null
segments not always treated as unusable
58343dc2-x86-hvm-Fix-the-handling-of-non-present-segments.patch
- bsc#1009103 - VUL-0: CVE-2016-9382: XSA-192: xen: x86 task switch
to VM86 mode mis-handled
58343df8-x86-HVM-dont-load-LDTR-with-VM86-mode-attrs-during-task-switch.patch
- bsc#1009104 - VUL-0: CVE-2016-9385: XSA-193: xen: x86 segment base
write emulation lacking canonical address checks
58343e24-x86-PV-writes-of-fs-and-gs-base-MSRs-require-canonical-addresses.patch
- bsc#1009105 - VUL-0: CVE-2016-9384: XSA-194: xen: guest 32-bit
ELF symbol table load leaking host data
58343e9e-libelf-fix-stack-memory-leak-when-loading-32-bit-symbol-tables.patch
- bsc#1009107 - VUL-0: CVE-2016-9383: XSA-195: xen: x86 64-bit bit
test instruction emulation broken
58343ec2-x86emul-fix-huge-bit-offset-handling.patch
- bsc#1009108 - VUL-0: CVE-2016-9377,CVE-2016-9378: XSA-196: xen:
x86 software interrupt injection mis-handled
58343f29-x86-emul-correct-the-IDT-entry-calculation-in-inject_swint.patch
58343f44-x86-svm-fix-injection-of-software-interrupts.patch
- bsc#1009109 - VUL-0: CVE-2016-9381: XSA-197: xen: qemu incautious
about shared ring processing
CVE-2016-9381-xsa197-qemut.patch
- bsc#1009111 - VUL-0: CVE-2016-9379,CVE-2016-9380: XSA-198: xen:
delimiter injection vulnerabilities in pygrub
58343f79-pygrub-Properly-quote-results-when-returning-them-to-the-caller.patch
- Upstream patches from Jan
581b2c3b-x86-emul-reject-LGDT-LIDT-with-non-canonical-addresses.patch
581b647a-x86emul-L-S-G-I-DT-ignore-opsz-overrides-in-64-bit-mode.patch
58249392-x86-svm-dont-clobber-eax-edx-if-RDMSR-intercept-fails.patch
582c35d6-x86-vmx-correct-long-mode-check-in-vmx_cpuid_intercept.patch
582c35ee-x86-traps-dont-call-hvm_hypervisor_cpuid_leaf-for-PV.patch�- Update to Xen Version 4.7.1
xen-4.7.1-testing-src.tar.bz2
- Dropped patches contained in new tarball
xen-4.7.0-testing-src.tar.bz2
575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch
57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch
57973099-have-schedulers-revise-initial-placement.patch
579730e6-remove-buggy-initial-placement-algorithm.patch
57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch
57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch
57ac6316-don-t-restrict-DMA-heap-to-node-0.patch
57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch
57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch
57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch
57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch
57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch
57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch
57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch
57c82be2-x86-32on64-adjust-call-gate-emulation.patch
57c93e52-fix-error-in-libxl_device_usbdev_list.patch
57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch
57c96e2c-x86-correct-PT_NOTE-file-position.patch
57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch
57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch
57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch
57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch
57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch
57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch
57d7ca5f-x86-domctl-fix-TOCTOU-race-in-XEN_DOMCTL_getvcpuextstate.patch
57d7ca64-x86-domctl-fix-migration-of-guests-not-using-xsave.patch
57da8883-credit1-fix-mask-to-be-used-for-tickling.patch
57da8883-credit2-properly-schedule-migration-of-running-vcpu.patch
57dfb1c5-x86-Intel-hide-CPUID-faulting-capability-from-guests.patch
57e93e1d-x86emul-correct-loading-of-ss.patch
57e93e4a-x86emul-don-t-allow-null-selector-for-LTR.patch
57e93e89-x86-AMD-apply-erratum-665-workaround.patch
57ee6cbc-credit1-return-time-remaining-to-limit-as-next-timeslice.patch
57f3a8ee-x86emul-honor-guest-CR0-TS-and-CR0-EM.patch
57fb6a91-x86-defer-not-present-segment-checks.patch
5800c51d-x86-hvm-Clobber-cs-L-when-LME-becomes-set.patch
5800caec-x86emul-fix-pushing-of-selector-registers.patch
5800cb06-x86-Viridian-don-t-depend-on-undefined-register-state.patch
580e29f9-x86-MISALIGNSSE-feature-depends-on-SSE.patch
57dfb2ff-x86-Intel-Broadwell-no-PKG_C8-10_RESIDENCY-MSRs.patch�- bsc#1004981 - Xen RPM doesn't contain debug hypervisor for EFI
systems
xen.spec�- bsc#1000106 - VUL-0: CVE-2016-7777: xen: CR0.TS and CR0.EM not
always honored for x86 HVM guests (XSA-190)
57f3a8ee-x86emul-honor-guest-CR0-TS-and-CR0-EM.patch
- bsc#996191 - [XEN][acpi]residency -n 88 -c will cause xen panic
on broadwell-ep
57dfb2ff-x86-Intel-Broadwell-no-PKG_C8-10_RESIDENCY-MSRs.patch
- Upstream patches from Jan
57d7ca5f-x86-domctl-fix-TOCTOU-race-in-XEN_DOMCTL_getvcpuextstate.patch
57d7ca64-x86-domctl-fix-migration-of-guests-not-using-xsave.patch
57da8883-credit1-fix-mask-to-be-used-for-tickling.patch
57da8883-credit2-properly-schedule-migration-of-running-vcpu.patch
57dfb1c5-x86-Intel-hide-CPUID-faulting-capability-from-guests.patch
57e93e1d-x86emul-correct-loading-of-ss.patch
57e93e4a-x86emul-don-t-allow-null-selector-for-LTR.patch
57e93e89-x86-AMD-apply-erratum-665-workaround.patch
57ee6cbc-credit1-return-time-remaining-to-limit-as-next-timeslice.patch
57fb6a91-x86-defer-not-present-segment-checks.patch
5800c51d-x86-hvm-Clobber-cs-L-when-LME-becomes-set.patch
5800caec-x86emul-fix-pushing-of-selector-registers.patch
5800cb06-x86-Viridian-don-t-depend-on-undefined-register-state.patch
580e29f9-x86-MISALIGNSSE-feature-depends-on-SSE.patch
5810a9cc-x86-emul-Correct-decoding-of-SReg3-operands.patch�- bsc#1007941 - Xen tools limit the number of vcpus to 256 when the
system has 384
xen-arch-kconfig-nr_cpus.patch�- bsc#1007157 - VUL-0: CVE-2016-8910: xen: net: rtl8139: infinite
loop while transmit in C+ mode
CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch�- bsc#1005004 - CVE-2016-8667: xen: dma: rc4030 divide by zero
error in set_next_tick
CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch
- bsc#1005005 - VUL-0: CVE-2016-8669: xen: char: divide by zero
error in serial_update_parameters
CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch�- bsc#1003030 - VUL-0: CVE-2016-7908: xen: net: Infinite loop in
mcf_fec_do_tx
CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch
- bsc#1003032 - VUL-0: CVE-2016-7909: xen: net: pcnet: infinite
loop in pcnet_rdra_addr
CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch�- bsc#995785 - VUL-0: CVE-2016-7092: xen: x86: Disallow L3
recursive pagetable for 32-bit PV guests (XSA-185)
57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch
- bsc#995789 - VUL-0: CVE-2016-7093: xen: x86: Mishandling of
instruction pointer truncation during emulation (XSA-186)
57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch
57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch
- bsc#995792 - VUL-0: CVE-2016-7094: xen: x86 HVM: Overflow of
sh_ctxt->seg_reg[] (XSA-187)
57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch
57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch
- bsc#991934 - xen hypervisor crash in csched_acct
57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch
- Upstream patches from Jan
57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch
57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch
57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch
57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch
57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch
57c82be2-x86-32on64-adjust-call-gate-emulation.patch
57c96e2c-x86-correct-PT_NOTE-file-position.patch
57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch�- bsc#979002 - add 60-persistent-xvd.rules and helper script
also to initrd, add the relevant dracut helper�- bnc#953518 - unplug also SCSI disks in qemu-xen-traditional for
upstream unplug protocol�- bsc#989679 - [pvusb feature] USB device not found when
'virsh detach-device guest usb.xml'
57c93e52-fix-error-in-libxl_device_usbdev_list.patch�- bsc#992224 - [HPS Bug] During boot of Xen Hypervisor, Failed to
get contiguous memory for DMA from Xen
57ac6316-don-t-restrict-DMA-heap-to-node-0.patch
- bsc#978755 - xen uefi systems fail to boot
- bsc#983697 - SLES12 SP2 Xen UEFI mode cannot boot
57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch
- Upstream patch from Jan
57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch�- spec: to stay compatible with the in-tree qemu-xen binary, use
/usr/bin/qemu-system-i386 instead of /usr/bin/qemu-system-x86_64
bsc#986164�- bsc#970135 - new virtualization project clock test randomly fails
on Xen
576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch
5769106e-x86-generate-assembler-equates-for-synthesized.patch
57a1e603-x86-time-adjust-local-system-time-initialization.patch
57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch
57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch
- bsc#991934 - xen hypervisor crash in csched_acct
57973099-have-schedulers-revise-initial-placement.patch
579730e6-remove-buggy-initial-placement-algorithm.patch
- bsc#988675 - VUL-0: CVE-2016-6258: xen: x86: Privilege escalation
in PV guests (XSA-182)
57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch
- bsc#988676 - VUL-0: CVE-2016-6259: xen: x86: Missing SMAP
whitelisting in 32-bit exception / event delivery (XSA-183)
57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch
- Upstream patches from Jan
57a30261-x86-support-newer-Intel-CPU-models.patch�- bsc#985503 - vif-route broken
vif-route.patch�- bsc#978413 - PV guest upgrade from sles11sp4 to sles12sp2 alpha3
failed on sles11sp4 xen host.
pygrub-handle-one-line-menu-entries.patch�- bsc#990843 - VUL-1: CVE-2016-6351: xen: qemu: scsi: esp: OOB
write access in esp_do_dma
CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch�- bsc#900418 - Dump cannot be performed on SLES12 XEN
57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch
- Upstream patches from Jan
575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch
57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch�- fate#319989 - Update to Xen 4.7 FCS
xen-4.7.0-testing-src.tar.bz2
- Drop CVE-2014-3672-qemut-xsa180.patch�- bsc#954872 - script block-dmmd not working as expected - libxl:
error: libxl_dm.c (Additional fixes)
block-dmmd�- Convert with_stubdom into build_conditional to allow adjusting
via prjconf
- Convert with_debug into build_conditional to allow adjusting
via prjconf�- bsc#979002 - add 60-persistent-xvd.rules and helper script to
xen-tools-domU to simplify transition to pvops based kernels�- Convert with_oxenstored into build_conditional to allow
adjusting via prjconf (fate#320836)�- bsc#983984 - VUL-0: CVE-2016-5338: xen: qemu: scsi: esp: OOB r/w
access while processing ESP_FIFO
CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch
- bsc#982960 - VUL-0: CVE-2016-5238: xen: qemu: scsi: esp: OOB
write when using non-DMA mode in get_cmd
CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch�- fate#319989 - Update to Xen 4.7 RC5
xen-4.7.0-testing-src.tar.bz2�- fate#319989 - Update to Xen 4.7 RC4
xen-4.7.0-testing-src.tar.bz2
- Dropped
xen.pkgconfig-4.7.patch
xsa164.patch�- bsc#981264 - VUL-0: CVE-2014-3672: xen: Unrestricted qemu logging
(XSA-180)
CVE-2014-3672-qemut-xsa180.patch�- bsc#980724 - VUL-0: CVE-2016-4441: Qemu: scsi: esp: OOB write
while writing to 's->cmdbuf' in get_cmd
CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch
- bsc#980716 - VUL-0: CVE-2016-4439: xen: scsi: esp: OOB write
while writing to 's->cmdbuf' in esp_reg_write
CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch�- fate#319989 - Update to Xen 4.7 RC3
xen-4.7.0-testing-src.tar.bz2
- Dropped
libxl-remove-cdrom-cachemode.patch
x86-PoD-only-reclaim-if-needed.patch
gcc6-warnings-as-errors.patch�- bsc#954872 - script block-dmmd not working as expected - libxl:
error: libxl_dm.c (another modification)
block-dmmd�- fate#319989 - Update to Xen 4.7 RC2
xen-4.7.0-testing-src.tar.bz2�- bsc#961600 - L3: poor performance when Xen HVM domU configured
with max memory > current memory
x86-PoD-only-reclaim-if-needed.patch�- Mark SONAMEs and pkgconfig as xen 4.7
xen.pkgconfig-4.7.patch�- bsc#977329 - Xen: Cannot boot HVM guests with empty cdrom
libxl-remove-cdrom-cachemode.patch�- fate#319989 - Update to Xen 4.7 RC1
xen-4.7.0-testing-src.tar.bz2�- fate#316614: set migration constraints from cmdline
restore libxl.set-migration-constraints-from-cmdline.patch�- Remove obsolete patch for xen-kmp
magic_ioport_compat.patch�- fate#316613: update to v12
libxl.pvscsi.patch�- Update to the latest Xen 4.7 pre-release c2994f86
Drop libxl.migrate-legacy-stream-read.patch�- bnc#972756 - Can't migrate HVM guest from SLES12SP1 Xen host
to SLES12SP2 Alpha 1 host using xl migrate
libxl.migrate-legacy-stream-read.patch�- Add patches from proposed upstream series to load BIOS's from
the toolstack instead of embedding in hvmloader
http://lists.xenproject.org/archives/html/xen-devel/2016-03/msg01626.html
0001-libxc-Rework-extra-module-initialisation.patch,
0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch,
0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch,
0004-firmware-makefile-install-BIOS-blob.patch,
0005-libxl-Load-guest-BIOS-from-file.patch,
0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch,
0007-hvmloader-Grab-the-hvm_start_info-pointer.patch,
0008-hvmloader-Locate-the-BIOS-blob.patch,
0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch,
0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch,
0011-hvmloader-Load-OVMF-from-modules.patch,
0012-hvmloader-Specific-bios_load-function-required.patch,
0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch,
0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch
- Enable support for UEFI on x86_64 using the ovmf-x86_64-ms.bin
firmware from qemu-ovmf-x86_64. The firmware is preloaded with
Microsoft keys to more closely resemble firmware on real hardware
FATE#320490�- fate#319989: Update to Xen 4.7 (pre-release)
xen-4.7.0-testing-src.tar.bz2
- Dropped:
xen-4.6.1-testing-src.tar.bz2
55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch
5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch
5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch
5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch
hotplug-Linux-block-performance-fix.patch
set-mtu-from-bridge-for-tap-interface.patch
xendomains-libvirtd-conflict.patch
xsa154.patch
xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch
xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch
xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch
xsa170.patch�- Use system SeaBIOS instead of building/installing another one
FATE#320638
Dropped files:
seabios-dir-remote.tar.bz2
xen-c99-fix.patch
xen.build-compare.seabios.patch�- spec: drop BuildRequires that were only needed for qemu-xen�- bsc#969377 - xen does not build with GCC 6
ipxe-use-rpm-opt-flags.patch
gcc6-warnings-as-errors.patch�- bsc#969351 - VUL-0: CVE-2016-2841: xen: net: ne2000: infinite
loop in ne2000_receive
CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch
- Drop xsa154-fix.patch�- Use system qemu instead of building/installing yet another qemu
FATE#320638
- Dropped files
qemu-xen-dir-remote.tar.bz2
CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch
CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch
CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch
CVE-2015-4037-qemuu-smb-config-dir-name.patch
CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch
CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch
CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch
CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch
CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch
CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch
CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch
CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch
CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch
CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch
CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch
CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch
CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
CVE-2016-2538-qemuu-usb-integer-overflow-in-remote-NDIS-message-handling.patch
CVE-2015-8619-qemuu-stack-based-OOB-write-in-hmp_sendkey-routine.patch
qemu-xen-enable-spice-support.patch
qemu-xen-upstream-qdisk-cache-unsafe.patch
tigervnc-long-press.patch
xsa162-qemuu.patch�- bsc#962321 - VUL-0: CVE-2016-1922: xen: i386: null pointer
dereference in vapic_write()
CVE-2016-1922-qemuu-i386-null-pointer-dereference-in-vapic_write.patch�- bsc#968004 - VUL-0: CVE-2016-2538: xen: usb: integer overflow in
remote NDIS control message handling
CVE-2016-2538-qemuu-usb-integer-overflow-in-remote-NDIS-message-handling.patch�- bsc#954872 - L3: script block-dmmd not working as expected -
libxl: error: libxl_dm.c
block-dmmd
- Update libxl to recognize dmmd and npiv prefix in disk spec
xen.libxl.dmmd.patch�- bsc#967101 - VUL-0: CVE-2016-2391: xen: usb: multiple eof_timers
in ohci module leads to null pointer dereference
CVE-2016-2391-qemuu-usb-null-pointer-dereference-in-ohci-module.patch
CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch
- bsc#967090 - VUL-0: CVE-2016-2392: xen: usb: null pointer
dereference in remote NDIS control message handling
CVE-2016-2392-qemuu-usb-null-pointer-dereference-in-NDIS-message-handling.patch�- Update to Xen Version 4.6.1
xen-4.6.1-testing-src.tar.bz2
- Dropped patches now contained in tarball or unnecessary
xen-4.6.0-testing-src.tar.bz2
5604f239-x86-PV-properly-populate-descriptor-tables.patch
561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-it-is-zero.patch
561d2046-VT-d-use-proper-error-codes-in-iommu_enable_x2apic_IR.patch
561d20a0-x86-hide-MWAITX-from-PV-domains.patch
561e3283-x86-NUMA-fix-SRAT-table-processor-entry-parsing-and-consumption.patch
5632118e-arm-Support-hypercall_create_continuation-for-multicall.patch
56321222-arm-rate-limit-logging-from-unimplemented-PHYSDEVOP-and-HVMOP.patch
56321249-arm-handle-races-between-relinquish_memory-and-free_domheap_pages.patch
5632127b-x86-guard-against-undue-super-page-PTE-creation.patch
5632129c-free-domain-s-vcpu-array.patch
563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
563212e4-xenoprof-free-domain-s-vcpu-array.patch
563212ff-x86-rate-limit-logging-in-do_xen-oprof-pmu-_op.patch
56323737-libxl-adjust-PoD-target-by-memory-fudge-too.patch
56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch
5641ceec-x86-HVM-always-intercept-AC-and-DB.patch
56549f24-x86-vPMU-document-as-unsupported.patch
5677f350-x86-make-debug-output-consistent-in-hvm_set_callback_via.patch
xsa155-qemut-qdisk-double-access.patch
xsa155-qemut-xenfb.patch
xsa155-qemuu-qdisk-double-access.patch
xsa155-qemuu-xenfb.patch
xsa159.patch
xsa160.patch
xsa162-qemut.patch
xsa165.patch
xsa166.patch
xsa167.patch
xsa168.patch�- bsc#965315 - VUL-0: CVE-2016-2270: xen: x86: inconsistent
cachability flags on guest mappings (XSA-154)
xsa154.patch
- bsc#965317 - VUL-0: CVE-2016-2271: xen: VMX: guest user mode may
crash guest with non-canonical RIP (XSA-170)
xsa170.patch�- bsc#965269 - VUL-1: CVE-2015-8619: xen: stack based OOB write in
hmp_sendkey routine
CVE-2015-8619-qemuu-stack-based-OOB-write-in-hmp_sendkey-routine.patch�- bsc#965156 - VUL-0: CVE-2015-6855: xen: ide: divide by zero issue
CVE-2015-6855-qemuu-ide-divide-by-zero-issue.patch
- bsc#965112 - VUL-0: CVE-2014-3640: xen: slirp: NULL pointer deref
in sosendto()
CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch�- bsc#964947 - VUL-0: CVE-2015-5278: xen: Infinite loop in
ne2000_receive() function
CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch
- bsc#956832 - VUL-0: CVE-2015-8345: xen: qemu: net: eepro100:
infinite loop in processing command block list
CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch
CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch�- bsc#964644 - VUL-0: CVE-2013-4533: xen pxa2xx: buffer overrun on
incoming migration
CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch
- bsc#964925 - VUL-0: CVE-2014-0222: xen: qcow1: validate L2 table
size to avoid integer overflows
CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch
- Dropped CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch�- bsc#964415 - VUL-1: CVE-2016-2198: xen: usb: ehci null pointer
dereference in ehci_caps_write
CVE-2016-2198-qemuu-usb-ehci-null-pointer-dereference-in-ehci_caps_write.patch
- bsc#964452 - VUL-0: CVE-2013-4534: xen: openpic: buffer overrun
on incoming migration
CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch�- bsc#963783 - VUL-1: CVE-2016-1981: xen: net: e1000 infinite loop
in start_xmit and e1000_receive_iov routines
CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch�- bsc#962758 - VUL-0: CVE-2013-4539: xen: tsc210x: buffer overrun
on invalid state load
CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch�- bsc#962632 - VUL-0: CVE-2015-1779: xen: vnc: insufficient
resource limiting in VNC websockets decoder
CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch
CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch
- bsc#962642 - VUL-0: CVE-2013-4537: xen: ssi-sd: buffer overrun on
invalid state load
CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch
- bsc#962627 - VUL-0: CVE-2014-7815: xen: vnc: insufficient
bits_per_pixel from the client sanitization
CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch�- bsc#962335 - VUL-0: CVE-2013-4538: xen: ssd0323: fix buffer
overun on invalid state
CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch
- bsc#962360 - VUL-0: CVE-2015-7512: xen: net: pcnet: buffer
overflow in non-loopback mode
CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch�- bsc#961692 - VUL-0: CVE-2016-1714: xen: nvram: OOB r/w access in
processing firmware configurations
CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch
CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch�- bsc#961358 - VUL-0: CVE-2015-8613: xen: qemu: scsi: stack based
buffer overflow in megasas_ctrl_get_info
CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch
- bsc#961332 - VUL-0: CVE-2016-1568: xen: Qemu: ide: ahci
use-after-free vulnerability in aio port commands
CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch�- bsc#959695 - missing docs for xen
xen.spec�- bsc#960862 - VUL-0: CVE-2016-1571: xen: VMX: intercept issue with
INVLPG on non-canonical address (XSA-168)
xsa168.patch
- bsc#960861 - VUL-0: CVE-2016-1570: xen: PV superpage
functionality missing sanity checks (XSA-167)
xsa167.patch
- bsc#960836 - VUL-0: CVE-2015-8744: xen: net: vmxnet3: incorrect
l2 header validation leads to a crash via assert(2) call
CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch�- bsc#960707 - VUL-0: CVE-2015-8745: xen: reading IMR registers
leads to a crash via assert(2) call
CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch
- bsc#960726 - VUL-0: CVE-2015-8743: xen: ne2000: OOB memory access
in ioport r/w functions
CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch�- bsc#960093 - VUL-0: CVE-2015-8615: xen: x86: unintentional
logging upon guest changing callback method (XSA-169)
5677f350-x86-make-debug-output-consistent-in-hvm_set_callback_via.patch�- Adjust xen-dom0-modules.service to run Before xenstored.service
instead of proc-xen.mount to workaround a bug in systemd "design"
(bnc#959845)�- bsc#959387 - VUL-0: CVE-2015-8568 CVE-2015-8567: xen: qemu: net:
vmxnet3: host memory leakage
CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch�- bsc#957988 - VUL-0: CVE-2015-8550: xen: paravirtualized drivers
incautious about shared memory contents (XSA-155)
xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch
xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch
xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch
xsa155-qemuu-qdisk-double-access.patch
xsa155-qemut-qdisk-double-access.patch
xsa155-qemuu-xenfb.patch
xsa155-qemut-xenfb.patch
- bsc#959006 - VUL-0: CVE-2015-8558: xen: qemu: usb: infinite loop
in ehci_advance_state results in DoS
CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch
- bsc#958918 - VUL-0: CVE-2015-7549: xen: qemu pci: null pointer
dereference issue
CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch
- bsc#958493 - VUL-0: CVE-2015-8504: xen: qemu: ui: vnc: avoid
floating point exception
CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch
CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch
- bsc#958007 - VUL-0: CVE-2015-8554: xen: qemu-dm buffer overrun in
MSI-X handling (XSA-164)
xsa164.patch
- bsc#958009 - VUL-0: CVE-2015-8555: xen: information leak in
legacy x86 FPU/XMM initialization (XSA-165)
xsa165.patch
- bsc#958523 - VUL-0: xen: ioreq handling possibly susceptible to
multiple read issue (XSA-166)
xsa166.patch�- bsc#956832 - VUL-0: CVE-2015-8345: xen: qemu: net: eepro100:
infinite loop in processing command block list
CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch
CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch
- Upstream patches from Jan
56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch
5641ceec-x86-HVM-always-intercept-AC-and-DB.patch (Replaces CVE-2015-5307-xsa156.patch)
5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch
56544a57-VMX-fix-adjust-trap-injection.patch
56546ab2-sched-fix-insert_vcpu-locking.patch�- bsc#956592 - VUL-0: xen: virtual PMU is unsupported (XSA-163)
56549f24-x86-vPMU-document-as-unsupported.patch
- bsc#956408 - VUL-0: CVE-2015-8339, CVE-2015-8340: xen:
XENMEM_exchange error handling issues (XSA-159)
xsa159.patch
- bsc#956409 - VUL-0: CVE-2015-8341: xen: libxl leak of pv kernel
and initrd on error (XSA-160)
xsa160.patch
- bsc#956411 - VUL-0: CVE-2015-7504: xen: heap buffer overflow
vulnerability in pcnet emulator (XSA-162)
xsa162-qemuu.patch
xsa162-qemut.patch
- bsc#947165 - VUL-0: CVE-2015-7311: xen: libxl fails to honour
readonly flag on disks with qemu-xen (xsa-142)
5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch
5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch�- fate#315712: XEN: Use the PVOPS kernel
Turn off building the KMPs now that we are using the pvops kernel
xen.spec�- Upstream patches from Jan
561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-it-is-zero.patch
561d20a0-x86-hide-MWAITX-from-PV-domains.patch
561e3283-x86-NUMA-fix-SRAT-table-processor-entry-parsing-and-consumption.patch
5632118e-arm-Support-hypercall_create_continuation-for-multicall.patch
56321222-arm-rate-limit-logging-from-unimplemented-PHYSDEVOP-and-HVMOP.patch
56321249-arm-handle-races-between-relinquish_memory-and-free_domheap_pages.patch
5632127b-x86-guard-against-undue-super-page-PTE-creation.patch
5632129c-free-domain-s-vcpu-array.patch (Replaces CVE-2015-7969-xsa149.patch)
563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
563212e4-xenoprof-free-domain-s-vcpu-array.patch
563212ff-x86-rate-limit-logging-in-do_xen-oprof-pmu-_op.patch
56323737-libxl-adjust-PoD-target-by-memory-fudge-too.patch
56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch
5641ceec-x86-HVM-always-intercept-AC-and-DB.patch (Replaces CVE-2015-5307-xsa156.patch)
5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch
- Dropped 55b0a2db-x86-MSI-track-guest-masking.patch�- Use upstream variants of block-iscsi and block-nbd�- Remove xenalyze.hg, its part of xen-4.6�- Update to Xen Version 4.6.0
xen-4.6.0-testing-src.tar.bz2
mini-os.tar.bz2
blktap2-no-uninit.patch
stubdom-have-iovec.patch
- Renamed
xsa149.patch to CVE-2015-7969-xsa149.patch
- Dropped patches now contained in tarball or unnecessary
xen-4.5.2-testing-src.tar.bz2
54c2553c-grant-table-use-uint16_t-consistently-for-offset-and-length.patch
54ca33bc-grant-table-refactor-grant-copy-to-reduce-duplicate-code.patch
54ca340e-grant-table-defer-releasing-pages-acquired-in-a-grant-copy.patch
54f4985f-libxl-fix-libvirtd-double-free.patch
55103616-vm-assist-prepare-for-discontiguous-used-bit-numbers.patch
551ac326-xentop-add-support-for-qdisk.patch
552d0fd2-x86-hvm-don-t-include-asm-spinlock-h.patch
552d0fe8-x86-mtrr-include-asm-atomic.h.patch
552d293b-x86-vMSI-X-honor-all-mask-requests.patch
552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch
5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch
5548e903-domctl-don-t-truncate-XEN_DOMCTL_max_mem-requests.patch
5548e95d-x86-allow-to-suppress-M2P-user-mode-exposure.patch
554c7aee-x86-provide-arch_fetch_and_add.patch
554c7b00-arm-provide-arch_fetch_and_add.patch
554cc211-libxl-add-qxl.patch 55534b0a-x86-provide-add_sized.patch
55534b25-arm-provide-add_sized.patch
5555a4f8-use-ticket-locks-for-spin-locks.patch
5555a5b9-x86-arm-remove-asm-spinlock-h.patch
5555a8ec-introduce-non-contiguous-allocation.patch
556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch
5576f143-x86-adjust-PV-I-O-emulation-functions-types.patch
55795a52-x86-vMSI-X-support-qword-MMIO-access.patch
557eb55f-gnttab-per-active-entry-locking.patch
557eb5b6-gnttab-introduce-maptrack-lock.patch
557eb620-gnttab-make-the-grant-table-lock-a-read-write-lock.patch
557ffab8-evtchn-factor-out-freeing-an-event-channel.patch
5582bf43-evtchn-simplify-port_is_valid.patch
5582bf81-evtchn-remove-the-locking-when-unmasking-an-event-channel.patch
5583d9c5-x86-MSI-X-cleanup.patch
5583da09-x86-MSI-track-host-and-guest-masking-separately.patch
5583da64-gnttab-use-per-VCPU-maptrack-free-lists.patch
5583da8c-gnttab-steal-maptrack-entries-from-other-VCPUs.patch
5587d711-evtchn-clear-xen_consumer-when-clearing-state.patch
5587d779-evtchn-defer-freeing-struct-evtchn-s-until-evtchn_destroy_final.patch
5587d7b7-evtchn-use-a-per-event-channel-lock-for-sending-events.patch
5587d7e2-evtchn-pad-struct-evtchn-to-64-bytes.patch
55b0a218-x86-PCI-CFG-write-intercept.patch
55b0a255-x86-MSI-X-maskall.patch 55b0a283-x86-MSI-X-teardown.patch
55b0a2ab-x86-MSI-X-enable.patch blktapctrl-close-fifos.patch
blktapctrl-default-to-ioemu.patch blktapctrl-disable-debug-printf.patch
blktap-no-uninit.patch blktap-pv-cdrom.patch build-tapdisk-ioemu.patch
ioemu-bdrv-open-CACHE_WB.patch ioemu-blktap-barriers.patch
ioemu-blktap-fv-init.patch ioemu-blktap-image-format.patch
ioemu-blktap-zero-size.patch libxl.set-migration-constraints-from-cmdline.patch
local_attach_support_for_phy.patch pci-attach-fix.patch
qemu-xen-upstream-megasas-buildtime.patch tapdisk-ioemu-logfile.patch
tapdisk-ioemu-shutdown-fix.patch udev-rules.patch xen.build-compare.ipxe.patch
xen.build-compare.mini-os.patch xen.build-compare.smbiosdate.patch
xen.build-compare.vgabios.patch xen.build-compare.xen_compile_h.patch
xl-coredump-file-location.patch�- bsc#954405 - VUL-0: CVE-2015-8104: Xen: guest to host DoS by
triggering an infinite loop in microcode via #DB exception
- bsc#954018 - VUL-0: CVE-2015-5307: xen: x86: CPU lockup during
fault delivery (XSA-156)
CVE-2015-5307-xsa156.patch�- Update to Xen 4.5.2
xen-4.5.2-testing-src.tar.bz2
- Drop the following
xen-4.5.1-testing-src.tar.bz2
552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch
5576f178-kexec-add-more-pages-to-v1-environment.patch
55780be1-x86-EFI-adjust-EFI_MEMORY_WP-handling-for-spec-version-2.5.patch
558bfaa0-x86-traps-avoid-using-current-too-early.patch
5592a116-nested-EPT-fix-the-handling-of-nested-EPT.patch
559b9dd6-x86-p2m-ept-don-t-unmap-in-use-EPT-pagetable.patch
559bc633-x86-cpupool-clear-proper-cpu_valid-bit-on-CPU-teardown.patch
559bc64e-credit1-properly-deal-with-CPUs-not-in-any-pool.patch
559bc87f-x86-hvmloader-avoid-data-corruption-with-xenstore-rw.patch
559bdde5-pull-in-latest-linux-earlycpio.patch
55a62eb0-xl-correct-handling-of-extra_config-in-main_cpupoolcreate.patch
55a66a1e-make-rangeset_report_ranges-report-all-ranges.patch
55a77e4f-dmar-device-scope-mem-leak-fix.patch
55c1d83d-x86-gdt-Drop-write-only-xalloc-d-array.patch
55c3232b-x86-mm-Make-hap-shadow-teardown-preemptible.patch
55dc78e9-x86-amd_ucode-skip-updates-for-final-levels.patch
55df2f76-IOMMU-skip-domains-without-page-tables-when-dumping.patch
55e43fd8-x86-NUMA-fix-setup_node.patch
55e43ff8-x86-NUMA-don-t-account-hotplug-regions.patch
55e593f1-x86-NUMA-make-init_node_heap-respect-Xen-heap-limit.patch
55f2e438-x86-hvm-fix-saved-pmtimer-and-hpet-values.patch
55f9345b-x86-MSI-fail-if-no-hardware-support.patch
5604f2e6-vt-d-fix-IM-bit-mask-and-unmask-of-FECTL_REG.patch
560a4af9-x86-EPT-tighten-conditions-of-IOMMU-mapping-updates.patch
560a7c36-x86-p2m-pt-delay-freeing-of-intermediate-page-tables.patch
560a7c53-x86-p2m-pt-ignore-pt-share-flag-for-shadow-mode-guests.patch
560bd926-credit1-fix-tickling-when-it-happens-from-a-remote-pCPU.patch
560e6d34-x86-p2m-pt-tighten-conditions-of-IOMMU-mapping-updates.patch
561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-0.patch
561d20a0-x86-hide-MWAITX-from-PV-domains.patch
561e3283-x86-NUMA-fix-SRAT-table-processor-entry-handling.patch
563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
CVE-2015-4106-xsa131-9.patch CVE-2015-3259-xsa137.patch
CVE-2015-7311-xsa142.patch CVE-2015-7835-xsa148.patch
xsa139-qemuu.patch xsa140-qemuu-1.patch xsa140-qemuu-2.patch
xsa140-qemuu-3.patch xsa140-qemuu-4.patch xsa140-qemuu-5.patch
xsa140-qemuu-6.patch xsa140-qemuu-7.patch xsa140-qemut-1.patch
xsa140-qemut-2.patch xsa140-qemut-3.patch xsa140-qemut-4.patch
xsa140-qemut-5.patch xsa140-qemut-6.patch xsa140-qemut-7.patch
xsa151.patch xsa152.patch xsa153-libxl.patch
CVE-2015-5154-qemuu-check-array-bounds-before-writing-to-io_buffer.patch
CVE-2015-5154-qemuu-fix-START-STOP-UNIT-command-completion.patch
CVE-2015-5154-qemuu-clear-DRQ-after-handling-all-expected-accesses.patch
CVE-2015-5154-qemut-check-array-bounds-before-writing-to-io_buffer.patch
CVE-2015-5154-qemut-clear-DRQ-after-handling-all-expected-accesses.patch
CVE-2015-6815-qemuu-e1000-fix-infinite-loop.patch
CVE-2015-5239-qemuu-limit-client_cut_text-msg-payload-size.patch
CVE-2015-5239-qemut-limit-client_cut_text-msg-payload-size.patch"�- bsc#950704 - CVE-2015-7970 VUL-1: xen: x86: Long latency
populate-on-demand operation is not preemptible (XSA-150)
563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch�- Upstream patches from Jan
5604f239-x86-PV-properly-populate-descriptor-tables.patch
561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-0.patch
561d2046-VT-d-use-proper-error-codes-in-iommu_enable_x2apic_IR.patch
561d20a0-x86-hide-MWAITX-from-PV-domains.patch
561e3283-x86-NUMA-fix-SRAT-table-processor-entry-handling.patch�- bsc#951845 - VUL-0: CVE-2015-7972: xen: x86: populate-on-demand
balloon size inaccuracy can crash guests (XSA-153)
xsa153-libxl.patch�- bsc#950703 - VUL-1: CVE-2015-7969: xen: leak of main per-domain
vcpu pointer array (DoS) (XSA-149)
xsa149.patch
- bsc#950705 - VUL-1: CVE-2015-7969: xen: x86: leak of per-domain
profiling-related vcpu pointer array (DoS) (XSA-151)
xsa151.patch
- bsc#950706 - VUL-0: CVE-2015-7971: xen: x86: some pmu and
profiling hypercalls log without rate limiting (XSA-152)
xsa152.patch
- Dropped
55dc7937-x86-IO-APIC-don-t-create-pIRQ-mapping-from-masked-RTE.patch
5604f239-x86-PV-properly-populate-descriptor-tables.patch�- bsc#932267 - VUL-1: CVE-2015-4037: qemu,kvm,xen: insecure
temporary file use in /net/slirp.c
CVE-2015-4037-qemuu-smb-config-dir-name.patch
CVE-2015-4037-qemut-smb-config-dir-name.patch
- bsc#877642 - VUL-0: CVE-2014-0222: qemu: qcow1: validate L2 table
size to avoid integer overflows
CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch
CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch�- bsc#950367 - VUL-0: CVE-2015-7835: xen: x86: Uncontrolled
creation of large page mappings by PV guests (XSA-148)
CVE-2015-7835-xsa148.patch�- bsc#949138 - Setting vcpu affinity under Xen causes libvirtd
abort
54f4985f-libxl-fix-libvirtd-double-free.patch�- bsc#949046 - Increase %suse_version in SP1 to 1316
xen.spec
- Update README.SUSE detailing dom0 ballooning recommendations�- bsc#945167 - Running command ’ xl pci-assignable-add 03:10.1’
secondly show errors
55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch
- Upstream patches from Jan
55f2e438-x86-hvm-fix-saved-pmtimer-and-hpet-values.patch
55f9345b-x86-MSI-fail-if-no-hardware-support.patch
5604f239-x86-PV-properly-populate-descriptor-tables.patch
5604f2e6-vt-d-fix-IM-bit-mask-and-unmask-of-FECTL_REG.patch
560a4af9-x86-EPT-tighten-conditions-of-IOMMU-mapping-updates.patch
560a7c36-x86-p2m-pt-delay-freeing-of-intermediate-page-tables.patch
560a7c53-x86-p2m-pt-ignore-pt-share-flag-for-shadow-mode-guests.patch
560bd926-credit1-fix-tickling-when-it-happens-from-a-remote-pCPU.patch
560e6d34-x86-p2m-pt-tighten-conditions-of-IOMMU-mapping-updates.patch�- bsc#941074 - VmError: Device 51728 (vbd) could not be connected.
Hotplug scripts not working.
hotplug-Linux-block-performance-fix.patch�- bsc#947165 - VUL-0: CVE-2015-7311: xen: libxl fails to honour
readonly flag on disks with qemu-xen (xsa-142)
CVE-2015-7311-xsa142.patch�- bsc#945165 - Xl pci-attach show error with kernel of SLES 12 sp1
pci-attach-fix.patch�- bsc#945164 - Xl destroy show error with kernel of SLES 12 sp1
5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch�- Upstream patches from Jan
55dc78e9-x86-amd_ucode-skip-updates-for-final-levels.patch
55dc7937-x86-IO-APIC-don-t-create-pIRQ-mapping-from-masked-RTE.patch
55df2f76-IOMMU-skip-domains-without-page-tables-when-dumping.patch
55e43fd8-x86-NUMA-fix-setup_node.patch
55e43ff8-x86-NUMA-don-t-account-hotplug-regions.patch
55e593f1-x86-NUMA-make-init_node_heap-respect-Xen-heap-limit.patch
54c2553c-grant-table-use-uint16_t-consistently-for-offset-and-length.patch
54ca33bc-grant-table-refactor-grant-copy-to-reduce-duplicate-code.patch
54ca340e-grant-table-defer-releasing-pages-acquired-in-a-grant-copy.patch�- bsc#944463 - VUL-0: CVE-2015-5239: qemu-kvm: Integer overflow in
vnc_client_read() and protocol_client_msg()
CVE-2015-5239-qemuu-limit-client_cut_text-msg-payload-size.patch
CVE-2015-5239-qemut-limit-client_cut_text-msg-payload-size.patch
- bsc#944697 - VUL-1: CVE-2015-6815: qemu: net: e1000: infinite
loop issue
CVE-2015-6815-qemuu-e1000-fix-infinite-loop.patch
CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch�- bnc#935634 - VUL-0: CVE-2015-3259: xen: XSA-137: xl command line
config handling stack overflow
55a62eb0-xl-correct-handling-of-extra_config-in-main_cpupoolcreate.patch�- bsc#907514 - Bus fatal error & sles12 sudden reboot has been
observed
- bsc#910258 - SLES12 Xen host crashes with FATAL NMI after
shutdown of guest with VT-d NIC
- bsc#918984 - Bus fatal error & sles11-SP4 sudden reboot has been
observed
- bsc#923967 - Partner-L3: Bus fatal error & sles11-SP3 sudden
reboot has been observed
552d293b-x86-vMSI-X-honor-all-mask-requests.patch
552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch
5576f143-x86-adjust-PV-I-O-emulation-functions-types.patch
55795a52-x86-vMSI-X-support-qword-MMIO-access.patch
5583d9c5-x86-MSI-X-cleanup.patch
5583da09-x86-MSI-track-host-and-guest-masking-separately.patch
55b0a218-x86-PCI-CFG-write-intercept.patch
55b0a255-x86-MSI-X-maskall.patch
55b0a283-x86-MSI-X-teardown.patch
55b0a2ab-x86-MSI-X-enable.patch
55b0a2db-x86-MSI-track-guest-masking.patch
- Upstream patches from Jan
552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch
559bc633-x86-cpupool-clear-proper-cpu_valid-bit-on-CPU-teardown.patch
559bc64e-credit1-properly-deal-with-CPUs-not-in-any-pool.patch
559bc87f-x86-hvmloader-avoid-data-corruption-with-xenstore-rw.patch
55a66a1e-make-rangeset_report_ranges-report-all-ranges.patch
55a77e4f-dmar-device-scope-mem-leak-fix.patch
55c1d83d-x86-gdt-Drop-write-only-xalloc-d-array.patch
55c3232b-x86-mm-Make-hap-shadow-teardown-preemptible.patch
- Dropped for upstream version
x86-MSI-mask.patch
x86-MSI-pv-unmask.patch
x86-MSI-X-enable.patch
x86-MSI-X-maskall.patch
x86-MSI-X-teardown.patch
x86-pci_cfg_okay.patch
x86-PCI-CFG-write-intercept.patch�- bsc#939712 - VUL-0: XSA-140: QEMU leak of uninitialized heap
memory in rtl8139 device model
xsa140-qemuu-1.patch
xsa140-qemuu-2.patch
xsa140-qemuu-3.patch
xsa140-qemuu-4.patch
xsa140-qemuu-5.patch
xsa140-qemuu-6.patch
xsa140-qemuu-7.patch
xsa140-qemut-1.patch
xsa140-qemut-2.patch
xsa140-qemut-3.patch
xsa140-qemut-4.patch
xsa140-qemut-5.patch
xsa140-qemut-6.patch
xsa140-qemut-7.patch
- bsc#939709 - VUL-0: XSA-139: xen: Use after free in QEMU/Xen
block unplug protocol
xsa139-qemuu.patch�- bsc#937371 - xen vm's running after reboot
xendomains-libvirtd-conflict.patch�- bsc#938344 - VUL-0: CVE-2015-5154: qemu,kvm,xen: host code
execution via IDE subsystem CD-ROM
CVE-2015-5154-qemuu-check-array-bounds-before-writing-to-io_buffer.patch
CVE-2015-5154-qemut-check-array-bounds-before-writing-to-io_buffer.patch
CVE-2015-5154-qemuu-fix-START-STOP-UNIT-command-completion.patch
CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch
CVE-2015-5154-qemuu-clear-DRQ-after-handling-all-expected-accesses.patch
CVE-2015-5154-qemut-clear-DRQ-after-handling-all-expected-accesses.patch�- Remove xendomains.service from systemd preset file because it
conflicts with libvirt-guests.service (bnc#937371)
Its up to the admin to run systemctl enable xendomains.service�- bnc#935634 - VUL-0: CVE-2015-3259: xen: XSA-137: xl command line
config handling stack overflow
CVE-2015-3259-xsa137.patch
- Upstream patches from Jan
558bfaa0-x86-traps-avoid-using-current-too-early.patch
5592a116-nested-EPT-fix-the-handling-of-nested-EPT.patch
559b9dd6-x86-p2m-ept-don-t-unmap-in-use-EPT-pagetable.patch
559bdde5-pull-in-latest-linux-earlycpio.patch
- Upstream patches from Jan pending review
552d0fd2-x86-hvm-don-t-include-asm-spinlock-h.patch
552d0fe8-x86-mtrr-include-asm-atomic.h.patch
552d293b-x86-vMSI-X-honor-all-mask-requests.patch
552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch
554c7aee-x86-provide-arch_fetch_and_add.patch
554c7b00-arm-provide-arch_fetch_and_add.patch
55534b0a-x86-provide-add_sized.patch
55534b25-arm-provide-add_sized.patch
5555a4f8-use-ticket-locks-for-spin-locks.patch
5555a5b9-x86-arm-remove-asm-spinlock-h.patch
5555a8ec-introduce-non-contiguous-allocation.patch
55795a52-x86-vMSI-X-support-qword-MMIO-access.patch
557eb55f-gnttab-per-active-entry-locking.patch
557eb5b6-gnttab-introduce-maptrack-lock.patch
557eb620-gnttab-make-the-grant-table-lock-a-read-write-lock.patch
557ffab8-evtchn-factor-out-freeing-an-event-channel.patch
5582bf43-evtchn-simplify-port_is_valid.patch
5582bf81-evtchn-remove-the-locking-when-unmasking-an-event-channel.patch
5583d9c5-x86-MSI-X-cleanup.patch
5583da09-x86-MSI-track-host-and-guest-masking-separately.patch
5583da64-gnttab-use-per-VCPU-maptrack-free-lists.patch
5583da8c-gnttab-steal-maptrack-entries-from-other-VCPUs.patch
5587d711-evtchn-clear-xen_consumer-when-clearing-state.patch
5587d779-evtchn-defer-freeing-struct-evtchn-s-until-evtchn_destroy_final.patch
5587d7b7-evtchn-use-a-per-event-channel-lock-for-sending-events.patch
5587d7e2-evtchn-pad-struct-evtchn-to-64-bytes.patch
x86-MSI-pv-unmask.patch
x86-pci_cfg_okay.patch
x86-PCI-CFG-write-intercept.patch
x86-MSI-X-maskall.patch
x86-MSI-X-teardown.patch
x86-MSI-X-enable.patch
x86-MSI-mask.patch�- Adjust more places to use br0 instead of xenbr0�- bnc#936516 - xen fails to build with kernel update(4.1.0 from
stable)
556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch�- Update to Xen Version 4.5.1 FCS (fate#315675)
xen-4.5.1-testing-src.tar.bz2
- Dropped patches now contained in tarball
556c2cf2-x86-don-t-crash-mapping-a-page-using-EFI-rt-page-tables.patch
556d9718-efi-fix-allocation-problems-if-ExitBootServices-fails.patch
556eabf7-x86-apic-Disable-the-LAPIC-later-in-smp_send_stop.patch
556eac15-x86-crash-don-t-use-set_fixmap-in-the-crash-path.patch
55780aaa-efi-avoid-calling-boot-services-after-ExitBootServices.patch
55780aff-x86-EFI-fix-EFI_MEMORY_WP-handling.patch
55780b43-EFI-early-add-mapbs-to-map-EfiBootServices-Code-Data.patch
55780b97-EFI-support-default-attributes-to-map-Runtime-service-areas.patch
5513b458-allow-reboot-overrides-when-running-under-EFI.patch
5513b4d1-dont-apply-reboot-quirks-if-reboot-set-by-user.patch
5576f178-kexec-add-more-pages-to-v1-environment.patch
5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch
CVE-2015-3456-xsa133-qemuu.patch
CVE-2015-3456-xsa133-qemut.patch
qemu-MSI-X-enable-maskall.patch
qemu-MSI-X-latch-writes.patch
x86-MSI-X-guest-mask.patch�- Replace 5124efbe-add-qxl-support.patch with the variant that
finally made it upstream, 554cc211-libxl-add-qxl.patch�- bsc#931627 - VUL-0: CVE-2015-4105: XSA-130: xen: Guest triggerable
qemu MSI-X pass-through error messages
qemu-MSI-X-latch-writes.patch
- bsc#907514 - Bus fatal error & sles12 sudden reboot has been observed
- bsc#910258 - SLES12 Xen host crashes with FATAL NMI after shutdown
of guest with VT-d NIC
- bsc#918984 - Bus fatal error & sles11-SP4 sudden reboot has been
observed
- bsc#923967 - Partner-L3: Bus fatal error & sles11-SP3 sudden reboot
has been observed
x86-MSI-X-teardown.patch
x86-MSI-X-enable.patch
x86-MSI-X-guest-mask.patch
x86-MSI-X-maskall.patch
qemu-MSI-X-enable-maskall.patch
- Upstream patches from Jan
55780aaa-efi-avoid-calling-boot-services-after-ExitBootServices.patch
55780aff-x86-EFI-fix-EFI_MEMORY_WP-handling.patch
55780b43-EFI-early-add-mapbs-to-map-EfiBootServices-Code-Data.patch
55780b97-EFI-support-default-attributes-to-map-Runtime-service-areas.patch
55780be1-x86-EFI-adjust-EFI_MEMORY_WP-handling-for-spec-version-2.5.patch
55103616-vm-assist-prepare-for-discontiguous-used-bit-numbers.patch
5548e95d-x86-allow-to-suppress-M2P-user-mode-exposure.patch
- Dropped the following patches now contained in the tarball
xen-no-array-bounds.patch CVE-2015-4103-xsa128.patch
CVE-2015-4104-xsa129.patch CVE-2015-4105-xsa130.patch
CVE-2015-4106-xsa131-1.patch CVE-2015-4106-xsa131-2.patch
CVE-2015-4106-xsa131-3.patch CVE-2015-4106-xsa131-4.patch
CVE-2015-4106-xsa131-5.patch CVE-2015-4106-xsa131-6.patch
CVE-2015-4106-xsa131-7.patch CVE-2015-4106-xsa131-8.patch�- Update to Xen 4.5.1 RC2
- bsc#931628 - VUL-0: CVE-2015-4106: XSA-131: xen: Unmediated PCI
register access in qemu
CVE-2015-4106-xsa131-1.patch
CVE-2015-4106-xsa131-2.patch
CVE-2015-4106-xsa131-3.patch
CVE-2015-4106-xsa131-4.patch
CVE-2015-4106-xsa131-5.patch
CVE-2015-4106-xsa131-6.patch
CVE-2015-4106-xsa131-7.patch
CVE-2015-4106-xsa131-8.patch
CVE-2015-4106-xsa131-9.patch
- bsc#931627 - VUL-0: CVE-2015-4105: XSA-130: xen: Guest triggerable
qemu MSI-X pass-through error messages
CVE-2015-4105-xsa130.patch
- bsc#931626 - VUL-0: CVE-2015-4104: XSA-129: xen: PCI MSI mask
bits inadvertently exposed to guests
CVE-2015-4104-xsa129.patch
- bsc#931625 - VUL-0: CVE-2015-4103: XSA-128: xen: Potential
unintended writes to host MSI message data field via qemu
CVE-2015-4103-xsa128.patch
- Upstream patches from Jan
5548e903-domctl-don-t-truncate-XEN_DOMCTL_max_mem-requests.patch
556c2cf2-x86-don-t-crash-mapping-a-page-using-EFI-rt-page-tables.patch
556d9718-efi-fix-allocation-problems-if-ExitBootServices-fails.patch
556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch
556eabf7-x86-apic-Disable-the-LAPIC-later-in-smp_send_stop.patch
556eac15-x86-crash-don-t-use-set_fixmap-in-the-crash-path.patch�- Add DefaultDependencies=no to xen-dom0-modules.service because
it has to run before proc-xen.mount�- Update to Xen 4.5.1 RC1�- Update blktap-no-uninit.patch to work with gcc-4.5�- bsc#927967 - VUL-0: CVE-2015-3340: xen: Information leak through
XEN_DOMCTL_gettscinfo (XSA-132)
5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch�- bnc#929339 - VUL-0: CVE-2015-3456: qemu kvm xen: VENOM qemu
floppy driver host code execution
CVE-2015-3456-xsa133-qemuu.patch
CVE-2015-3456-xsa133-qemut.patch�- bsc#928783 - Reboot failure; Request backport of upstream Xen
patch to 4.5.0, or update pkgs to 4.5.1
5513b458-allow-reboot-overrides-when-running-under-EFI.patch
5513b4d1-dont-apply-reboot-quirks-if-reboot-set-by-user.patch�- bnc#927750 - Avoid errors reported by system-modules-load.service�- Add xen-no-array-bounds.patch and blktap-no-uninit.patch to selectively
turn errors back to warnings to fix build with GCC 5.
- Amend xen.stubdom.newlib.patch to pull in declaration of strcmp to
avoid implicit-fortify-decl rpmlint error.
- Fix quoting of __SMBIOS_DATE__ in xen.build-compare.smbiosdate.patch.�- xentop: Fix memory leak on read failure
551ac326-xentop-add-support-for-qdisk.patch�- Dropped xentop-add-support-for-qdisk.patch in favor of upstream
version
551ac326-xentop-add-support-for-qdisk.patch�- Enable spice support in qemu for x86_64
5124efbe-add-qxl-support.patch
qemu-xen-enable-spice-support.patch�- Add xen-c99-fix.patch to remove pointless inline specifier on
function declarations which break build with a C99 compiler which
GCC 5 is by default. (bsc#921994)
- Add ipxe-no-error-logical-not-parentheses.patch to supply
- Wno-logical-not-parentheses to the ipxe build to fix
breakage with GCC 5. (bsc#921994)�- bnc#921842 - Xentop doesn't display disk statistics for VMs using
qdisks
xentop-add-support-for-qdisk.patch�- Disable the PIE enablement done for Factory, as the XEN code
is not buildable with PIE and it does not make much sense
to build the hypervisor code with it.�- bnc#918169 - XEN fixes required to work with Kernel 3.19.0
xen.spec�- Package xen.changes because its referenced in xen.spec�- Update seabios to rel-1.7.5 which is the correct version for
Xen 4.5�- Update to Xen 4.5.0 FCS�- Include systemd presets in 13.2 and older�- bnc#897352 - Enable xencommons/xendomains only during fresh install
- disable restart on upgrade because the toolstack is not restartable�- adjust seabios, vgabios, stubdom and hvmloader build to reduce
build-compare noise
xen.build-compare.mini-os.patch
xen.build-compare.smbiosdate.patch
xen.build-compare.ipxe.patch
xen.build-compare.vgabios.patch
xen.build-compare.seabios.patch
xen.build-compare.man.patch�- Update to Xen 4.5.0 RC4�- Remove xend specific if-up scripts
Recording bridge slaves is a generic task which should be handled
by generic network code�- Use systemd features from upstream
requires updated systemd-presets-branding package�- Update to Xen 4.5.0 RC3�- Set GIT, WGET and FTP to /bin/false�- Use new configure features instead of make variables
xen.stubdom.newlib.patch�- adjust docs and xen build to reduce build-compare noise
xen.build-compare.doc_html.patch
xen.build-compare.xen_compile_h.patch�- Drop trailing B_CNT from XEN_EXTRAVERSION to reduce build-compare noise�- Update to Xen 4.5.0 RC2�- Update to Xen 4.5.0 RC1
xen-4.5.0-testing-src.tar.bz2
- Remove all patches now contained in the new tarball
xen-4.4.1-testing-src.tar.bz2
5315a3bb-x86-don-t-propagate-acpi_skip_timer_override-do-Dom0.patch
5315a43a-x86-ACPI-also-print-address-space-for-PM1x-fields.patch
53299d8f-xenconsole-reset-tty-on-failure.patch
53299d8f-xenconsole-tolerate-tty-errors.patch
5346a7a0-x86-AMD-support-further-feature-masking-MSRs.patch
53563ea4-x86-MSI-drop-workaround-for-insecure-Dom0-kernels.patch
537c9c77-libxc-check-return-values-on-mmap-and-madvise.patch
537cd0b0-hvmloader-also-cover-PCI-MMIO-ranges-above-4G-with-UC-MTRR-ranges.patch
537cd0cc-hvmloader-PA-range-0xfc000000-0xffffffff-should-be-UC.patch
539ebe62-x86-EFI-improve-boot-time-diagnostics.patch
53aac342-x86-HVM-consolidate-and-sanitize-CR4-guest-reserved-bit-determination.patch
53c9151b-Fix-xl-vncviewer-accesses-port-0-by-any-invalid-domid.patch
53d124e7-fix-list_domain_details-check-config-data-length-0.patch
53dba447-x86-ACPI-allow-CMOS-RTC-use-even-when-ACPI-says-there-is-none.patch
53df727b-x86-HVM-extend-LAPIC-shortcuts-around-P2M-lookups.patch
53e8be5f-x86-vHPET-use-rwlock-instead-of-simple-one.patch
53f737b1-VMX-fix-DebugCtl-MSR-clearing.patch
53f7386d-x86-irq-process-softirqs-in-irq-keyhandlers.patch
53fcebab-xen-pass-kernel-initrd-to-qemu.patch
53ff3659-x86-consolidate-boolean-inputs-in-hvm-and-p2m.patch
53ff36ae-x86-hvm-treat-non-insn-fetch-NPF-also-as-read-violations.patch
53ff36d5-x86-mem_event-deliver-gla-fault-EPT-violation-information.patch
53ff3716-x86-ats-Disable-Address-Translation-Services-by-default.patch
53ff3899-x86-NMI-allow-processing-unknown-NMIs-with-watchdog.patch
54005472-EPT-utilize-GLA-GPA-translation-known-for-certain-faults.patch
540effe6-evtchn-check-control-block-exists-when-using-FIFO-based-events.patch
540f2624-x86-idle-add-barriers-to-CLFLUSH-workaround.patch
541825dc-VMX-don-t-leave-x2APIC-MSR-intercepts-disabled.patch
541ad385-x86-suppress-event-check-IPI-to-MWAITing-CPUs.patch
541ad3ca-x86-HVM-batch-vCPU-wakeups.patch
541ad81a-VT-d-suppress-UR-signaling-for-further-desktop-chipsets.patch
54216833-x86-shadow-fix-race-when-sampling-dirty-vram-state.patch
54216882-x86-emulate-check-cpl-for-all-privileged-instructions.patch
542168ae-x86emul-only-emulate-swint-injection-for-real-mode.patch
54228a37-x86-EFI-fix-freeing-of-uninitialized-pointer.patch
5423e61c-x86emul-fix-SYSCALL-SYSENTER-SYSEXIT-emulation.patch
5424057f-x86-HVM-fix-miscellaneous-aspects-of-x2APIC-emulation.patch
542405b4-x86-HVM-fix-ID-handling-of-x2APIC-emulation.patch
542bf997-x86-HVM-properly-bound-x2APIC-MSR-range.patch
54325cc0-x86-MSI-fix-MSI-X-case-of-freeing-IRQ.patch
54325d2f-x86-restore-reserving-of-IO-APIC-pages-in-XENMEM_machine_memory_map-output.patch
54325d95-don-t-allow-Dom0-access-to-IOMMUs-MMIO-pages.patch
54325ecc-AMD-guest_iommu-properly-disable-guest-iommu-support.patch
54325f3c-x86-paging-make-log-dirty-operations-preemptible.patch
54379e6d-x86-vlapic-don-t-silently-accept-bad-vectors.patch
CVE-2013-4540-qemu.patch qemu-support-xen-hvm-direct-kernel-boot.patch
qemu-xen-upstream-blkif-discard.patch change-vnc-passwd.patch
libxc-pass-errno-to-callers-of-xc_domain_save.patch
libxl.honor-more-top-level-vfb-options.patch
libxl.add-option-for-discard-support-to-xl-disk-conf.patch
libxl.introduce-an-option-to-disable-the-non-O_DIRECT-workaround.patch
x86-dom-print.patch x86-extra-trap-info.patch tmp_build.patch
xl-check-for-libvirt-managed-domain.patch disable-wget-check.patch
- Xend/xm is no longer supported and is not part of the upstream code. Remove
all xend/xm specific patches, configs, and scripts
xen-xmexample.patch bridge-opensuse.patch xmexample.disks xmclone.sh
init.xend xend-relocation.sh xend.service xend-relocation-server.fw
domUloader.py xmexample.domUloader xmexample.disks
bridge-vlan.patch bridge-bonding.patch bridge-record-creation.patch
network-nat-open-SuSEfirewall2-FORWARD.patch
xend-set-migration-constraints-from-cmdline.patch
xen.migrate.tools-xend_move_assert_to_exception_block.patch
xend-pvscsi-recognize-also-SCSI-CDROM-devices.patch
xend-config.patch xend-max-free-mem.patch xend-hvm-default-pae.patch
xend-vif-route-ifup.patch xend-xenapi-console-protocol.patch xend-core-dump-loc.patch
xend-xen-api-auth.patch xend-checkpoint-rename.patch xend-xm-save-check-file.patch
xend-xm-create-xflag.patch xend-domu-usb-controller.patch xend-devid-or-name.patch
xend-migration-domname-fix.patch xend-del_usb_xend_entry.patch xend-xen-domUloader.patch
xend-multi-xvdp.patch xend-check_device_status.patch xend-change_home_server.patch
xend-minimum-restart-time.patch xend-disable-internal-logrotate.patch xend-config-enable-dump-comment.patch
xend-tools-watchdog-support.patch xend-console-port-restore.patch xend-vcpu-affinity-fix.patch
xend-migration-bridge-check.patch xend-managed-pci-device.patch xend-hvm-firmware-passthrough.patch
xend-cpuinfo-model-name.patch xend-xm-reboot-fix.patch xend-domain-lock.patch
xend-domain-lock-sfex.patch xend-32on64-extra-mem.patch xend-hv_extid_compatibility.patch
xend-xenpaging.autostart.patch xend-remove-xm-deprecation-warning.patch libxen_permissive.patch
tmp-initscript-modprobe.patch init.xendomains xendomains.service
xen-watchdog.service xen-updown.sh�- bnc#901317 - L3: increase limit domUloader to 32MB
domUloader.py�- bnc#898772 - SLES 12 RC3 - XEN Host crashes when assigning non-VF
device (SR-IOV) to guest
54325cc0-x86-MSI-fix-MSI-X-case-of-freeing-IRQ.patch
- bnc#882089 - Windows 2012 R2 fails to boot up with greater than
60 vcpus
54325ecc-AMD-guest_iommu-properly-disable-guest-iommu-support.patch
- bnc#826717 - VUL-0: CVE-2013-3495: XSA-59: xen: Intel VT-d
Interrupt Remapping engines can be evaded by native NMI interrupts
541ad81a-VT-d-suppress-UR-signaling-for-further-desktop-chipsets.patch
- Upstream patches from Jan
540effe6-evtchn-check-control-block-exists-when-using-FIFO-based-events.patch (Replaces xsa107.patch)
54216833-x86-shadow-fix-race-when-sampling-dirty-vram-state.patch (Replaces xsa104.patch)
54216882-x86-emulate-check-cpl-for-all-privileged-instructions.patch (Replaces xsa105.patch)
542168ae-x86emul-only-emulate-swint-injection-for-real-mode.patch (Replaces xsa106.patch)
54228a37-x86-EFI-fix-freeing-of-uninitialized-pointer.patch
5423e61c-x86emul-fix-SYSCALL-SYSENTER-SYSEXIT-emulation.patch
5424057f-x86-HVM-fix-miscellaneous-aspects-of-x2APIC-emulation.patch
542405b4-x86-HVM-fix-ID-handling-of-x2APIC-emulation.patch
542bf997-x86-HVM-properly-bound-x2APIC-MSR-range.patch (Replaces xsa108.patch)
54325d2f-x86-restore-reserving-of-IO-APIC-pages-in-XENMEM_machine_memory_map-output.patch
54325d95-don-t-allow-Dom0-access-to-IOMMUs-MMIO-pages.patch
54325f3c-x86-paging-make-log-dirty-operations-preemptible.patch (Replaces xsa97.patch)
54379e6d-x86-vlapic-don-t-silently-accept-bad-vectors.patch�������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������� ���
�����������
��������������������������������������������������������������������������� ���!���"���#���$���%���&���'���(���)���*���+���,���-���.���/���0���1���2���3���4���5���6���7���8���9���:���;���<���=���>���?���@���A���B���C���D���E���F���G���H���3���A���K���D���M����������������������������������������������������������������������������������������4.13.3_02-lp152.2.27.1�4.13.3_02-lp152.2.27.1������������������������������������������������������������������������������������������������������������������������������������������������������ ��� ��� ���
���
���
���
���
��� ��� ��� ��� ��������������������������������������������������������������������������������������������������������������������xen�html�hypercall�arm�index.html�index.html�x86_32�index.html�x86_64�index.html�index.html�man�index.html�xen-pci-device-reservations.7.html�xen-pv-channel.7.html�xen-tscmode.7.html�xen-vtpm.7.html�xen-vtpmmgr.7.html�xenstore-chmod.1.html�xenstore-ls.1.html�xenstore-read.1.html�xenstore-write.1.html�xenstore.1.html�xentop.1.html�xentrace.8.html�xentrace_format.1.html�xl-disk-configuration.5.html�xl-network-configuration.5.html�xl-numa-placement.7.html�xl.1.html�xl.cfg.5.html�xl.conf.5.html�xlcpupool.cfg.5.html�misc�amd-ucode-container.txt�arm�big.LITTLE.txt�booting.txt�device-tree�acpi.txt�booting.txt�guest.txt�index.html�passthrough.txt�early-printk.txt�index.html�passthrough.txt�silicon-errata.txt�block-scripts.txt�console.txt�crashdb.txt�distro_mapping.txt�dump-core-format.txt�grant-tables.txt�index.html�kconfig-language.txt�kconfig.txt�kexec_and_kdump.txt�libxl_memory.txt�printk-formats.txt�qemu-backends.txt�stubdom.txt�vtd-pi.txt�vtd.txt�vtpm-platforms.txt�xen-error-handling.txt�xenmon.txt�xenpaging.txt�xenstore-ring.txt�xenstore.txt�xsm-flask.txt�misc�crashdb.txt�vtpm-platforms.txt�xen-command-line.pandoc�xenpaging.txt�xenstore-paths.pandoc�/usr/share/doc/packages/�/usr/share/doc/packages/xen/�/usr/share/doc/packages/xen/html/�/usr/share/doc/packages/xen/html/hypercall/�/usr/share/doc/packages/xen/html/hypercall/arm/�/usr/share/doc/packages/xen/html/hypercall/x86_32/�/usr/share/doc/packages/xen/html/hypercall/x86_64/�/usr/share/doc/packages/xen/html/man/�/usr/share/doc/packages/xen/html/misc/�/usr/share/doc/packages/xen/html/misc/arm/�/usr/share/doc/packages/xen/html/misc/arm/device-tree/�/usr/share/doc/packages/xen/misc/�-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -g�obs://build.opensuse.org/openSUSE:Maintenance:16898/openSUSE_Leap_15.2_Update/31089d6894fd62046413071a4789ae21-xen.openSUSE_Leap_15.2_Update�cpio�xz�5�x86_64-suse-linux����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������directory�HTML document, ASCII text�XML 1.0 document, ASCII text, with very long lines�XML 1.0 document, ASCII text�C source, ASCII text�ASCII text�ASCII text, with very long lines�Algol 68 source, ASCII text��������utf-8�1e8533704badaaf439f4e25e4a997135e3cf29512f3473012104b255c41a898c���������?����p����7zXZ��
���!�����t/)!]��
�cr�t:bLL�
ۋmYrB!���!_�˩}@娵�X�(m䈐Qn��|}TvdYҠ'@M)�j�5q��2^3b1=�dW+B
Ƣ/O�N ~�tSg�+x���>uS2qX=6D\b���רt.y!;2 v7�}�DKyH:ÿ6A��6&�S98Sإr�[e�ȭLo�E&i Ė�sVۣR�B�^豱Ób*aM_@AVS�
!VH�-'�
p�jG5da~]ah#F�J�Dؗȓ/g}lb��U2� �sAάc�K2P4?pR�dEEJu�u?�xIr:~
�C-.,0C�{�,P|K_UՃF2
`YU~x#\wBގS�7@qһW*³Rw+ӹ�P7
O-�w:*?!)D9AV˔cwDxclU�&Dn��m���c5gǨ��ƥ[��z�|�R'1x�0C@n9::d�^7˰G�GTս>H9~��Z2ΪEXW2�>�5/�73gq;4KռӃ����Lg~:|7a΄(��\~290
1
RcHwpտI�~ܴ�r�p \��i94��@[Q�KOn}%کE�3f<Dz�z��?#K�!d�g@;#ʺE
jL%,`�}X[p� \U^0FAU$�c���=si)zT
`L�}]�{
����JP"�fqFղ�s �S0Do6Q\3/z�M["Q�Hg^;n^`Fa�? �O~iN#)v)�\''fa=u}_g
ӵ ؖ3�vt�z=ũ�OJ�9Xk
mT�:;P&^fMZD;�w�oҭAd�CRt+�AZϻ�`(}@9D5����Ǟ+!�|�dF�7f�o5uX4R}�G KPDz]X�9�J$tNJ�!*�d�%J&+&�4#&oT[8!;n�?`N�<ޚ��6=$#�es�Gg�Ҧ
6sw$%yF�D�®�4_^d@��+dR�RF��{�Kτ�ƍ*+MQt�xIs5B�ù�߹}?��b\6-Rr yYl {Wh`7�g��*b7$ H봶FhB] �YXo�mZ*x�D�cBp>Z�cx,٘PԔ Z\(�*;�iHp �iݚ)&2
TLi{b9˒8��Qfi�'$BCdMNB�6$K�^cv_rWپC*[�u�Ԛ!Xs�%@Fm1Y�0;0]>�"/?I0P�ɂZ��p!,_k3�d65#�.2ǶBR5@�Jf�:7j#oϋEp��cN�tt,U:l|FkW.8\�33w��|5�z�!��낏k7U^�X.{$��%�WS);?��!P
1n2~jg]DY��K�n�Afq8^A_Xt;h=Ho_X4ǎ
y}R!pt#�5Iw6v
o��Q.kn}t";ٲ�y���dx\$L6�L]ҥ|m<�QZ8n$؈Tv�ikvh��`��nr*?{^�MG~&EmD
lK3_Zo�J41Tv M22LhK�:h�I}MSng˝ڜD!�FsI[4ՇJױoG*>jwS�T�S"�Ab|r@"nf!o~K�;t�
jK&5)ji l|*u)
>V~�0"fծ싶� ��xoU�HĆgG�JX U�jmk2@9'/�0�̃<-�l@sCFRױ@&W\/�
�[�"-�P`,~h"|
��b7}zM�I,aXVP DnjqH)�E(�!:o9~Uyd�5nAy��x\|�O6�\�l{^ʂi}RQ.A�<1
X7˥mM'/`+\��(2�G�F�qRJXORZʉ>u&}IZ��ݻ��g�~
[�r
uj�hl?�Ic�
;j}"셾C ܔ� [k�:`<��,�P�ħ�[/V&``q.eӊ��lm���
>XSh쏙j^%Lƽ^[dux�6"�
&Z!�E�fg�m[Y�Q* ��,;<)eE�=|�ʗseYt{((ϐ336ѧ7��( K�~_�O)%H|$plL�<>FT,�g6ۣ,J)iy�
���C)�Ky�:�#_=H+b~^z��5)x�k�dtZ"E`�xY�<\Ob�#{N�|xSGDBp?N)�9Tٱw�yXDӗ�9�Obo�&?G�q�&Y�:�b;�4k��!5q�Ϻ8ظ]vQv�$u#
j���w݃ATQtE�mTY0ύjc�K�V�Սbt WB?me.q^'Rp~{(||�9�HӼy˵uIJ?lth0n>断
Ê'mHcxt
a8�h�
�Qa yMD���fn䭗,Yn�1ĄC�%|[@ʜhYӆbZ*yB�YW"z*����ҧThO\UoE�B�."0��~ѥX��'[7
=_P;}m&: ^�=�4w�{Q�zu�Ӧ{r8Y/)̳VT
��N/5�2�X1%�/v5tY�.x?nm��[O!aC��e6�`�lb%k�:X@�gS�z��'z+�,Lz|x1Tt0[O'F�G�k3�8S�9g�9�:к*C\�. tuA>n;�KbFu(#%Z?-=��`钙�O˽S2.�m2whX�]Φ�qݑ=jDq3oi[S����ĭ�
!":ċ:u_Zd�Pi?K|�B2@(:&4|�va�=�s�ߋY�s� �;er-]��\$�;�ZA��b��
�9�txG)e�Kt`ޣn��H�d�����g[GTsqi��#>v�^^`*8Hosn$.��טt�s(&KP�\J���a=>_rBx��n>ҷ }k{ iyBF6�id�r}��Lx�+W$v:N�B&�fW�<8�ZY#xmLEˍb�#tp|�Jrɝ>��t
��V
ns63Wb�ϸ&,�%�kH;�zy\O:mģ-^P�d�(B?I@#539�p�kL4IUuz+dGlz}ZҘ�3��9B-G ;bCρfBЙ8*2�c_�,�f#p\T)J,jg���g"d{�`k*���pFzZ=}�ޞY.]n#�0{kW�eq $VrQ�r�F�H8Üe)Ԥ�Nf %e9]Anp[b`d5�w�7=śƱ&^R ͢}߆0\|떂MMwk^j?gDD?��U
�Q4�d"�L"q^h!&mqKk~]u
}G�K6@sKN��WdY �s`4ۣbz�ZrH4yiNH6C=d�f=t3P\<Д{νm$hHj�x�e{�F��;z0;;ɐH/7а�>?��EdP~p
gidV2mq�e:�1ۃ��#t�Z�poS��mq@����1%Xtc5e|dsڙz?X>-·3{ƨ�m[GϟQ~�LhK�ěp\ђ�ZֽZ&?��N��Vÿz�=z��oҞ;-{k�Y=AA]TqK NYՑۨB��3˄^��#R26$]RkO�� ��)js�OE2vl^�vLU4Uؚ�ÃLo0�~~qr
KͥksD#�V�B9gKBd5ϸ���GY@|: `V{gfN�dg�&a�
daBEy
in_6 vӨ�]W<+�K- /7Jxbaտ2`9�lXt�(�:3�\uu�xP ��&ӌ=2d%8}_
qV��{Gu�Īw�7L��e�@qʨw19ȸiS!^bU
dWZ�}�E}
�cơc��Iv�ş"���&p_R)�诏�:�H�+&9&&"o{eS⤀
��1즐}B0�Ys%z!"8IѮ/tk&�o㌅]#�Y�r:�ƴ�<5ѫ[VY_~_YXI1�e2[ջLBVQ;Gb 5mD(qPU��X)P.72^s��mh֞ԑ.V���vv�H#�6~
x�=Ân#o&�z �ypsæ1m��,Q
è�!+;�- �[6Uyt�KpGU_!�L`ƣ�ݻƍ}h&�6!JO�.:oxvrPE*K�OneaYm�E1d2;�w:�B#�g��u�SۜX�ܫ�F?lM@5��Ȋ Km�+ި�v_ұ�'=#L�����j;>NFT%ɠZVF�^{��k(6b�ð}YBT"Md�-X7:4V�deEW*n��Q8Xe�M $,W�ͣ1�.��'8GB�2p�'t�|u\.F�-mZ
)C:�X
�u2jT)TJctf7ml6Z[["fo�U1B:t6C�Kd�TQ�%|%Ňi�۠"�Ơe-t5pFzWD-��P��%<�X1#Yԃ?j!]$
H(eZYкj(sH�4�|�]䃱Ѕ�;J;eY{�" <*���?'++Lp@E\A�`rIJ-_W0RpN_i`wFf�VL��8ڃ�乷Z،�@ќ �9E13�E`b&LkO`8?,K°�>
hk6U#^D�Wt�;��� ?C\qOBVZMXO�cv[(O^i�M6^Td@A%�;R�,1�p>l�>KY do-Z86Vn51
p�G_�{s�* r
iy` NwЮb-[-J9"�DϠ��ڈQe-�4L*55$�|>Q7D(��v��Ed��nG7�ほ��/�nW�赑@z��3[
��}�U'@(v�4[�"�FT0&&{F8ڵӴ縓=M�
mI,5�)4N��( |ARH�;gf�1tHN3c~hί�k@"jdL|LQ$8|˱j:@�)�1�@.J�)C֟H�E�g;2HD}ٕ<+-0�S*Ƥ:!W۰gh"�
c�;*@ϙ�ʏelZutjge]%/R4gw<�r"J9�h"DH1:�Ij�5
q!ex7}fn'J\P��TFH։2k7Z�x=��rW.Wt�H@ ?.w}��S
Hzg`ÞkŴ(��l�{C]I:�bi.e,>a,F�;^:)h2�UfH7D
`0'Q27q=BEā=T8%#^$�k>Q e�]8E�Ďs�v2qud8N3��,x`>EBM09m9�,ALI"gY&�q1�F�ܼ^��qW�OG�j{"=D0DpJp�E�FR�G�ܸm�e'5�d1[kB\;9H?��LZ�U>y:�W�MJ|��UIt�wX! ?�GђQZ-uU�X`2w�'mRO]YEJii���XME�OrD�
)�.:QKA:g;>zAWDN
Y.`̇{�}yY@7���,ɩ�T�д4���('�r
bM� %XZ�z4_����(m
ڼ3u: u3�:XSY7�9�+4Ai1-H,i�\)4J82Ġ�j�b�k�ׇ�@0Ө vMQ6w��x�Fb>4ga',�9\7 Gqn�7-E=�$fě.So3_!$yJl%$$Oy��.{�.`DNmZ+1
"+aoyɞG"*l=�Ą�ă"Z&�͉��EƉA.��4梨*sT7˦jyA~lu�p6R12�T6\c0 h΄A�͌�9��&�k�%)Pn�>]oÓeo
隈ƈ}�?/ekVe1cEbQ K^h�e-m7ag�@��IKK5 ߓO�2�I��i_n�RˠHuZ.5PlF(�=Qh�P<{n�P,9s�SC�Hf���/'Z`@}s�1;^ݸ�AE!��R���q8v�qU�͵B=t&��Q� dkχ%p3�ԺO�[栣^\oUCP^P$O{mf��|dܨmbkC2P�=-V�b_cgݶ0œJ[!7$mJ�ISjJj�xJn�ϫ�y�T)c@cm�q>X�2v�'7kƷsbdH-p�czOk�s;!�A�/)eSD%Ty@�Zn*�|G%��@m#u9�,z}[5\a�E/Ek�\`�d`_ /[씟X! �sl&c)RC)�ce�Nں` Esp C:wr?1,ASunL�E"56΅8-t�:M4qzMX=-ZiG�Z,-j�h+(гi��Gz|A"�n�S)�|�6T�D)/[:pSԠN*5F�$�<5?(�8f%d�$�OD�TMM=Kq>@/`�ԑ
#GՃY:.j1���2)��V�`m`I岡S��(�d2� ��H�X@n!�i"$��8�t]b1
�`�b�ylд!�ktsX�Ix��Z@=0���Io+4n"-xH`9�k#E+墂1ը ��+zD+Dמ{ϯ�H D Vѹkz�m�?ۇd}�G\+y�)uO�
8(=]rf+����*�B249{q#Q�DP;(8dFk�:>xg@A ]Ee%�Rۢ>e�I����,o+l=�{Eװs 8&5�Zz��*ԨFsaRWU�Ut?}
q*"F/U*w�7XL)�T,eP<\sN"MFz��Q;:(B�'4B$gfB2C=0=o+Ձ(MխR|Wg(0t9U�#$�>mX���W�JZv�XW;�/Ǥ9Ƴ�DhYR3bQ�-FID
Y5M[m)�p gn=̹5f (*M�[G�7QVۂ;m�hq,�/��}�7SNJ�v�|h�y'�2LHBEyT�c>u!PvlM6�o_�+։D
Ng�
E�m�?�4�XPp@\My%�6�JeB 3��1#I5b ��"����nj@�lV�
�Ov+J�OZoQtK(/'�4|�s-V�x��lqB��?Q�{'��i�p5)w$c1̸D_�sO�F��LN�3ȧOȾ"Th��0y圸Pf��a�O
y3/f]e�A��9^PDiZ=�EG6zp���@��I��=YE
g)A�|�/u�dn.=b8:PP�MVTza�`$#p �Qx֫O�vr�b�8Ey}臑x�<:K0ȒEX��̀Nov!�Ò�ʆ�}D;�
|pNmJ�̊
��fF
/Z
J %�5V^y�ey��;TY4�Q
̚ZE�[T(�'�<촘w�Œ�+3fsG2(*�G'���n�R
�=$��ɃtӸTiMeX_Eb4@ͥs~ܼd꼸2Jܑ>�%G *Ӈ�02mB\D$IYClsQZ9F2ֲ-�Obl�R^:J���Hdo�W,G�!��f1�!m&�-r}+(�;�(zrq^�Rh=S\H�2UҒ E{Mp-[i7vv�\�x(xS9p&}C�V%w�0$z,\|f琖q�&y�t:N:%Errq�Y55�:�?�x~b&�9�S���-:vi�֏2U*U�
N`{E}�]�}~wÞ�2:~}&fuue��ґ';Ξ+��ΞAee�9�eX�')3ɣ"b� WnfwˣPK�4@3�ZWƪJB�oM6�U�K̖i�7z`<�f}|A�Md�xm�#fdH>�wÈP#ě��+J)`QPځw \mv�DU.�\��d`�TмrV$CPo"/�Fԇ\cmUq6��Gj '|�B^�1J4�T
H(4ؽ�k�doLZ1&�þUR��ޗC�Ա}�^p�Ϻ�tciˢ�v6.z�JrUh܀T6�L�}�!&�!8}hS�:�Sprh%aw%*)0h^��=�1'$�
[aaPyJE"'Υr DT#:!:O��m�|]hvO?!3i0(+�6ﶟfc���(!L�QG��y=c�'v�Ϫ�<,/Y 91PϑN]{X88퉆�\E�
l�1H'5��҉u/
��Q�ϼV^S�� ll
�:�|X�:m҇PmE[DmP�D 2�t b��^�rz�@��@*KQ
c.]#(��^>:XPZohYn
֣ *e͝8[w�`g'hŮ�b�q"��/(�[*ў�NX�v�ʴ
g?'I&SP�
9�hn1�I|MKR�E?c�|�g�|)džZ�LB�xl
PSQ``5SG�2�\G|)(M 9z4\I|Bcfu��.63'ߩ˙=3GGI)|4܈��*~A�CG-�Gm }��ZC��r:ȅt�m�0r@*;hD�L=F�)&٦ְoy�F==FT�9�)�h=C�N�\uڽH:w B�]�n��FCe*x+e!PR�м2y-E
b\Ϻ`G2�3�AF-U &�os�~�ߠm.���X{[)
� &O�}FAE�[j�2e$aߍC ��3]�n%�k�\GP�2�*��� LtDQWEx`Q�|(KRg
ګ7e��}+[D.Nv<�Z2s]ecэ g)7U2�W"սt���q
pW�*aB̝볱߽[�f'+-sC�KW}kNh"+#j-XUm9>NbH8UET�ByM?wUz
tvTS*O17"FhG�[QYjn.=jӵB�qf�h)Bk�[��j;vg:}�P
M�[C[�Ǯ�WQo@7��_ ڰ{pV�Da�)yϖ?���9g�mcjSUPvvFS%ǒ;v^��-h��GJ;
@�fF܄5$b5E
��+D_��$k99�,�k uq'0Cᯉ$S
�loDZj"dynU<� i��ҽ!�C+bc�m��hBn�KQ/xi:Rµ"tH�rm
T|)/�@x(e�vlWTY�
ӖE�p^Θ�a#w}j K=}Lܷf�yya@
ɸ[Fqg��HÔ��cR*|Ε/1�nN5Nt[�E+#h/!�VR%�="1I�G���aF&pp�Ӈo5E Le _Ҧ>h
ɽ��$�GsC-�Cb+�d�Z}�7V�G6x'ܠ$�'CA`l6ΏP�Ͱ>�05,FЃzcmBY ?,��4Cg`txn2��
�GY=��[I/$�Tu@'ÈHR`ݻ\�.[O&fo�:0nk3bމNv�El"�]�h�3[aTe-@nFl�<�&;M�0PGj~ʆg�-�{ q���s�\}>&wь+|6I�V�S�;PBszTn��|J
΄}H1Ձ)C�µ�:iˡChFG�]vzQ:�g`��^b";>!M/"d��sM�`fs}|;
UR�|�X��㙼|_�ƖM( �(<�Uk6\gM6�j �ۺTv
�%��Y~�?[(l�b5Oa�H\T�aLLӥk_.`+;�dQ}%9LWUQgp؋��y��)6OL62�m]g�'F�lF>#Y
*�w�ZͮN�C") "r� ��GnD/4G>}z9Ϗ�ciͼIV�^_s0�!vG8���f@jQv[
$yH�v-rP�5Gt##\$ʻ
ΡR6Uͩǒվ*n�XZ8IxGy4K{@@lt�˂?c?�3~�MBRa�w�/
��KC4/lqrquM{`}8�P�R]^5zBl&b0/L-v(0�oݧߨK�ï'XfB
TpyoZ坉"Yg3ȗu&A�$fK寚T+c~
u�f�DQ)d�[hΦ@|2`ʸ�Ħk~6��/X5&�((:PVP1���˸YwyBBrT�[)gЏ�:=Ky�iHo:
{&+bj�o�RˏIH/�mW�Z�E<)E��adqQb�jo��U8Y{�cCD�8({/F4�Hs�Q�{3Pp~��oɈ@r��D�(8�#4B�߮TfV��NXB�h^��X{!�O绨c*\=KGFM8&\Z!h:�SSj:=�+��JJfsT�-4)���x+3�H`
v2�̲Dޜ6�OME&G3>T�Y�X:?J�Whll�
�4�8Ǡ6F�7ׯ(1ޘJu�7;�t�[uQ�}mn?1(�j`=ɪXv�\wrd�Þ)&t��wrU�A]��"%n�u�/ѐ�J֚\ KOf?G_z|�
э6�&JƲ.���Eǫ/"�J8�)km<�. sh4���$LK�nJ!X9p
{�yNuQ |� $�#!EDL˧3�"y7V>%F8~n�:�PBTc�O�mh�hwd*x%|խvk^YO[G8S�$!tE6�t2
]O��c#�M:i@Q��/%5�,{8h$Ӌ�O (p�I:[X{)Ķ3��4t*Z5z?ۡ} @>>�'9X;P|La2�AWs�YI*Ձqֲ<9,EGg�hw`gbO0A�)ˠ7A|k2
�CL`7r~A�_YPel;�^@`�ZAp*\�[oj+lr -=luN.=�%
U�6{bA):od}�.�9g�2;sf\MӇvyƠ˃��x.�b{IK�#0�x�!?MRzJ|E��h2f~ŎցIn�k�D5�إy<1qcK1�ν?P|r��L@�J�RD{�l=^�T<9�#M{kĽ�r==¶�}cŧXVj�Sh冡#)9?Y~!NGQ�u92��Wa[R!8rI_ ҃ n>S��wd
ZltL@��5Lq�~��O���ca墐6K=�4e Bp`�(ѯ�|;N�eO��;h�++(%M�|O�N�(B=R+炑[Ha�Cֶ-h7;��ɜ{A�3MpqƔ[{!4ᵫbx$�867�pOdR��ю0KXj|�.C��7'9@��uA�otH@Ғ8%�\c@�(>�pj�儺��i5A�O>Zئ�X, S
n��F$t cb3'�e8pL!�6���.�a(W�h����.J%��!&�
Hv��ܾ`"�bL3O�^z�� N P� *o1��]Ň:F�;-aT/�J[~tFK}�N��"F/�D$3gG'7: *4ͭl
CN,+68Y12oc|?π&
�묧[0nudo/Q̓�Ǝn��z5�,Yʞbx'�J-|7u<~
�%�Ws�P�=�X0�>%,bc�R7k�qslyx
�nbQ\۩`2udU,:o8BC�;mx6zE�&tИAbIʈ\.�%�{pM8ai[Ƅh�/8~%_be(e%.5.��\[p�
�8vj
�BT�V%�)%d&ʹ��P
qx
pOaX�{
vbBSH̼,�L�wb5D���,-د��22e�n)�~{$��r2Fo-
|�shv�l!߀q�s}Ld� Ր^N#Hc/.1�< �w�1f�;uo8�{Z=LJ;u#
@=?H�7�&Xa/B�>H�1W(zS�
>1HU�(Bkz�z4UM"+dB��%j�4�-e֢uokg~�Ic9=1":G���N����nxB
9-ú`9�Ѩ���M�Mr*�_��\BB^K�nX36KBܒ[Jûd<�.�9[ X_?r操z�b[H��&e���wRH
,j>|7�VzJ��ɀ[]�gs_i&/�jƳjIIwnwS�M�ZGwpS`UVwR@*ܡ3H; 5�v�2^�_5 �;7)ʊٔ�(Ŧ`�os�i�!�/|rI*�rGc;�`�sk{R`�9t[Eq#vMR:~-M��Z&U�O6XF�̍�C9pԂnd�O!H*�.Ŭ N&H}�O�|ŏ1c�戶�ZPn."��/_�1T��Z5�:~Y,==}
yNF$�
IP
k5;UA)N10�7Aؔ���B��(ɴ�ep�8T:br�9)-+ؤ7!p4�WKw�&�ક�~T�4�(!kIլݞzkam+sφVqFZl`{?it,k�Y4i�-Opc(`Vu57H
UǷ(�@4���%e_f��aќEڙ�=;�'&p%,}H.�,2t>PhU�g�%@SﻎS\
�_'mpK z
4?3�[.[O�@��{dþ"4X���ޤ�
YjE14NDcs\6Fo>Lpu��ɭ� 6ف(0�xdҚ[*hN*˻-@EhX&`,eHM�U�aTDy�\*^0�
CD41�M\�쳃�'�x$ݿ^����[ uZok)��5q4?x'~�g@ȑyFI5r�?kʈ�A�6թjJ/-@�>UH2�!ʴȕ��ɦмsܽ�u��8��5Ųa���~�p|ɴ�s]XP�E� 3CN2f�M>,fpGP_�LH$kU#d����5��r$�%ϱO (��"Ͻ5Ō 6j�vuf�4h�>a��X]Ѧ�'/n6q1-]`��Z�\�ZQWvO�,1>FRWo�@a2�9K7��vI4/�-ٮpu'|]*2\jp2{lj�I~i�^G]u�D)H�k]M4fdj�.�=T gt|t3/*5��w�9�߄:�#�j3|]cDqqM�ȜSYָ���S1'6�i�Ӷи��ف9*�؏CB9�
ɉY~=6�ꍇ/(��0}g%Ǥ�i$T�A
���|m2�_�UKI�,:F�Ա!ЂpG�GT�b���B݃J�Qec0r��1Uy4��Bi! �z, ��x;"�ا{j�`�l\Eo4B_ݑf!M*<
��5�0x�a!EV@z
Ԥ$[�r �'�d�[+hY�*X6}"�)pB��|���xr& KS)頳�i6t/ b}�7Q�y2
dPj,�y�
�A�Fq%ذJx&ѯ/@װE�\7O��kL_P"n�SV'ɓ�:�p}.�mSL7h-s(I#�2�*}(�qG5OG�A<ӻ�R6k�z�Msz`phI[m�Gra_;�$qЃ_KǠ`u.PQ1�jF[RNo1gXyɛzBK�.)M՛S�n��3~��]y혝k� |�~fGo��!F��s/|f�-|#�j]~lS:�zew�R<�Q�S��qaT;)^5��ј�Aw���'&s�6$9�kw�&o:i)OٺS ԺD�LD5c
�>I?ζͅ7�狑_�E�l�,Uk�䡅bp<�\`'��M1fa�z$�Uv_2!&�_?(ٕ|�ыI³��daވ7m�O,ҼrB^nt�t�R5 I.x[�q�K�N�.*�Ǽ�buP�;�R�4^ٶ?5�vaX �~1��=�{E�g�9L ?dž[
w�Mg!�Qpwp(֭quJP'7_�o�
hx�w�\�1e�#&(/��#NÆ~qџ��q��#Xn��5�B�AbfN�n9h�hyEd,L'�l<-�t�|!X�|'�:�[_bnvk'Hl#�ym�Y�,,^*^&=�Fe�B!�y�W~�srV�TWbJY���G��FAoC\!x��fC��
vP+G=b7��u*YڴDIx(��Fux߿F��W!�4�.W˳+��I:�%�]g2QACcE^@($֥O�R$f~(}^cF�
kP%j|{ʗ�E��+9V:�~{5ߐݩ�!č,Y�יҭ�#�]TSF~�k4.Tu�4c�wo�G� e��C?5�wnگ0?TݺF)s
T��x5L iS:R��vn�DU3),c,Nǖ({E�� 7(�KѯULe'|ewp�zL}}p�mc�5yr
Y9!}'��z5��+���Cư9�'E+Kshg5�4HZ%;H*F�6ݰ�HӁ-VxV{ln�MA9ۉu9\�S�Ơg���2�-:D�v~66Y}
LFO1e��V�GT"pA¶ۘ��U�=)'�Ji@�On8&�<-.�$a�-"o'a4�0u�j'�O>X�}`Vfm���9�+��
( �ށH:Py/u��Ѧ<Ό�LvpJ|ma�qcBGT��:Y<�S'*�FɆ�Y�w˵M"SnFplY��ߖ�a-3`bPa0Yh(vf�Q̐ �).
ɅGAv?�AOf>ntזM�p�<5AIe~ӕ}_|4wv�t�$B&�"W4~�鐊pJiwi�A�z-=B �����z!.-G^utjYy�
�`~Ivs�_KlG�`�xŶY٬�K�Q�δ
HVFSWEu0�lCqURaǎ:t!FDR2�Q]4mkU�WIO٤mz�9�SQ@�w'%� �uk#7�R`�]auQ"+;�
E\���pl�E0 )x�Η7q4T5xO�Z`�'���_N�tK�tiB+mґRe|o0Р@M�Ck�A�܀�mK#X";
�Aѯ�@8v{,+q&�bVȹ
�/h��F~k9�{6fSJ
S�~(d�^�zH}�b_#)�n"�"f���UǧXwk�,@{]RXՖg�?heb^]^�p4Ǜ�7]7!�X�bB"eՃT"i�vP�^(�R Q�4�L#m K�zrHh�tN;Sۙ'(E�SK,|.[?ni9}>~ҢSwMc2��~¾l�PKG�/nGrcGEÚuӮ��pO_fXo^{ήFU:�K̗͝y)�?/pc�'Y<��kƂw+@�Xhd"<(qUcNj/ՐL`�sI� xs��~�vĎ%z#$�m%bu�Yx� k�ҽ6V:SEn
''߮�TbĴ�cpbX@U}cu1%-� NdYwDm�q�%ʼn�Sx�DMN��j`f
!��&J}�U¤T0,R�<,mMwuEyqȕ콵0Aw
��8H#_!_�{wd��>s����)%1*$6*�
6�!N�#?H9ǎ�쌥'K=�
V[20_=eո�X��}NU-1�g]t*eT�tF:�n81?qĀ½@Kb!BiAδI$�;{r7]W%j8�aŦ::KO=Go�?��1B�,rȽ`P�K8�2��;z���g��8�^��hZ�f'n�ç6+8:pףf?#&�]C�}!1Z%
�}wp�{g�qCDqH/Hu {?? ̶&��$D\Fg�+O`�U\Y�1�R(%t+sy��2lN1js�T&@Um3�8�&m &�4ϳAlq!Azc�ѻ��>~K��?3\-0 u֖�pd�;K�nU:C�|';�J>1{-U~0�#�s0R�.t�hw8!D':|K8lOxYq#a6``@:Vry0&
<8>$"6�0wׇ1I1#AD�=^5�p|�c�6e@���a�xnA}_S!d+}r#d�}ң.k,M}z{�ڍ�Ȋ"dt*N>L5�upmklzPÓ۱\��"zaxkU%'naBlMuw$#L3�җ8 *]�ª?J\0%{dL�
4� �jM"�iB݈�X�?�J:s�ӑh'פM�fR�D�=XB�'��Ym/Mh/�Lj�8�rC�#IZ8=C��]Y0�Hn*�g6850Co�te�Gb!5C*W$U;Sl-oMz�^fy��A[�I){N%:!h{ڛd_w\'_�Gɝu
{ 03�0ø(�'fj� hR�ᔒ���"�Ia&�υLşȚ�
�I#T�I2Mh3W�-ki�9$~0�^#A^:z|%.��o��3MvC�k�&>w{|{�;뒢�`ݶ�$j�z�Dô킉�?�,@r�k�lM~b�.7b<8rT
l|$R}s*%�Fg�KhV�[�!D�e�=ZC)ϭ:`1՚n�jA|�M&wa�E �B!Fߧ٬
qE�8-5{m@wrb][cB<6%py}@s9.&DI'C=Rz8�-@lK&%86=Lvo�aS3)(5;$U]J5`�U܌r@Bخ\�6&IIZ/%3v�{�_px�JlDGTѮ-�td�qC�ra+S���h� F+�z"�2¯u�I*ڼ�$r��(J] AV&!el%wjmi)@D��
-�X��#H�><�Ӈ�2s|a�"9\<`[ *τ*F�GDnmh��_/
�}�xJE�'?#̇%s�rq,WChM-�9e@}�A!NG\1�i,~ [ޜ(�Է�s!vYAL�,G�~M>1V0+魏H(ȉ/]-"K�e"D�OIZt�[�)��j@A_[Ov��. ᳛k�ʐk;8$b��I�q�$ taj�%�^�
_e1yGhP<,1xc�$YZ�ArR�I��V�Ixx{37 .[xb*ujިGb8��?H7me)Pv+j1ۭ睃lo4u��kV�
T7�X1,lA�g
��43DP�㍏·�
Uo�'}�r�`>= H�$��r4S��&�XD!R�STI("$KE||ĨY�y�n9)nފ�GN��g�\/!�C�Sؘð�Q>w/Npl�!gFKә[��4d��
يq 'B�d&*Ԡ�yp5s�m#�!yD@uB}pL�b~N4~�Ao~T8�[Fy"K�g���H�O��TX���/7S22L&36L/wg{/{мhO�v��)V�<@@�؛ȀI�'|�:1Y앃e%�RF0k)�E�ɿ�q|�=�qKż2Z�`�]]\L?T�}<<(4X�3؇CTnx!�B{$*xxZ]k�'Ga~�#��#bxҵ,M!�zsMݿ�0%��=�2y���>y
}@�yn·^ 9t�$ĞbUN�a'dBm%u+�R�j{9XF4Tt�ch�i)�.!&T�D'.yzp|8ʧ1hm4ۡo]=XL"7 })ef�3~neKA"2)�e��##3'(h�eof^-�sҥAz�ؤ��t䵏h_�GH�ieƙ!K
awdǧ�H��1�1�).ݙ%CpcQO#fyOkix<Ϭq�>4��_nDUf�~�cژ᳕GV"pHѾ �C$�<}:S
}ȟmWarѣ&zSF��8.Ss�Iv.Jot~{�=\·�kPg �ɻ��m�D8�3pHB9"���i9�[=ā1B +"�j��,W�U�M):0�*TG{UZ_p��xm�Lw@LI��(�tnE'P͗w2�M�kIչ!�p�/.r5�HR�Y+D"@SwroI5Y!_��Q)�_܂+2_U}U��̋���מ_q)��%10Y!lz`�d$4 xx�1zc�`|dS p�W^EW!uI��(��؞:ZrUp�e�f<�z����YqʡɤG/fw|E�WژO'a�f)HS�aEˌATf_f��/'
<;�S&6tp��K@!C,̦,k5qc"�>oE��l,P�2�7ͻPK�2v0n1
6' -m7�o*ҭq'� K�ÇnX+V�]Et@�@k2l�BNKi ��~2Şק�Ľ`
7rЅ\"*v��[1P�lo҂.0�Q:~t��t�0Դ`SaOWK�9ˢDi�c^MQ�o3%J?�6�n9D�:hg�
r�J3�dC&
��hm<^y_ې�i9t26#%#�ōp
�l֝�K7\�klṯ)L�~/:
qW��jy>�kfkउ
j�8#K;bN=�~ϻܘĊճ(My�,X ʱ�gނ�1~�F'<}{�Q>̈Ր�Mh�.F*''HV5��S�4
\ߢ3s�6�K;׀%o}BQG�
k)`�^}X(qGr1.
3
їm@#LkCٚ.�\,"бj
!Ve뵕5Xab��dD�A*ͪƞZg�%Plc��_�7 s�B�Tk4ztI=(@#�؇��l'�aH��< .C*@
$y#�Qk
�Mmh9�͖A#
���̆d�;.��|/͖�RB1j6g�m�Pjx�dVE�ݚMt4�w���es�JfeSzX9Ճ{e�'�d�F� �R2W�y!1^.t%&O|���mY'zaT7~u&u�*X9%xG,U
A�9�~=1}`�قz0c;.�uH#��B4RguatP킉{^8-s:]К{h�
ZNٚ݃hG3�*CbS+3ӻ��y�:%��Q^k($^�$/_l�Ui8Ska�pf!\K�i�\�+�5b�5s%�Dp&3�0Dȏ�C�CA��t��c�� �6MDQ�۱ )�o٠.+5qVRT7wW�L*Z���+OB�[t�ιHJGo�C^io��Ά�?>/>�-�1 x���OX�%��ym3�ڑ,D\�ĬR3�QNc*�{ݬzCIh�"�4mbo6H@o!Fad^3U+${~
P���']cj�~BJ.ú8Pۃ2g�\�Ɗ"*G� Pvו5!z͂��2}#UF)qpMW&c=K0h/rD\�ϼ3 �Xl+MkGiPH+�ʸ!-Y�@"g2a'o؍�;0ji��i$Jmw�l7NgyAe#;|��7�ilVV◡|X �6?3Ee�ˏ���Sƀs0Pqm�|�蓶jjX 9lvK��HD|YFU�]��_�_�x�7
eJv�ˈ"f
�%cW.헳 ?V�*x̼IF=ɹR Q3[�&?(7f`/�xDGg斂K-��]T;�,J2
E-W0�O���oK0
�I-Dx��Veq{5�WU�H֤LٜK̅R1�
�I�z�{�ף�?Dd���(gredۈ,/W�}�ϩZ�}d�+A`팭���e4֓�""B(j]kN@U$1_u�{$j��*8$ Ņ*�8,ЍHs�K@C��Bb>�+Ͳ���d��^iKZ>ybT�Oɨݔ[!
{m
(�X[3 w
K]rhhحZ*��?=;c�H_lVV�[T�t8i�i
0��~J@?L J#Cڍ�MWy�N([k�)HhCu9eb�O��Q�LaF\R�ٛ6p
�[
V5V'BbP}:kB�]�\,&@���\1�Z�i�--o@GX �M`m�ۗ�3ʿ��a`s��,s;[wϛ9�oYDsb<%�[V4-Ұ!��L#s�\i/z
|'�|4K4oVx;)=W3ETHd���A.�#Yf(�a5!Ү
s�nO̺�v�hj�W&SN�-@k��ݻ,�N"[G�fw1R�jp�Dž�+
�[-O7Y��@y[z>�w�H���98��ս�Cg�}"�^uUy?缗4 �a�1>ΖU�эvTJ7�J=�|P~#�jYY�T��a?I~AAʔl*� �sN��JL]YA�6_E
h�
�Hl{�ǃ9(^dI<��M* i+�m|N@�RS\VӉy$m�oknIl <-'{q
�@
�?��s���%ӼF}n $4F
�f[ǣ��C,@t�|:J4g�m`.s�]ˮPR8�D�=ҽ[fxJ4oi(�°n60q`c�"�
� 3�]u\�Cj�3y�q4MCPğӜ�6A�9ƍ>Z
7x1v�9 ѢW!
E��xUɔT&W1?(өMK:VL@^E2K&��H/�(dk$9>=!G!7=l��og`^8�3�K'l#)_=|��p)�gf=S0ק:׳xfNdzTlLT'^S&Nv|pdŻ۹ZUf>U>s� ���9n(R?[�Ч1Agg/�j�Q�^ËCX!41�I gJ�d�LCz{E~`U�bdR]$v�c�" �x�����)�Gae�0D<IM]d`��?�U��ߝ�Ta.)wb;{{C8p=2C2EaQƒΡ@#2??!��+Y�QE�Cm_YfgN,l%�}reFr]�_<|>ӿ��PӒ��q^c�m�ƎN�#A]��ꡦ��\��nS\�$�.�-{D;9S4xM'�D!|<$X浙BZIik�gQ/�> �ɞ2#8GvG5K�o<�`�zb�@$̠-Fp�H8?&�>H�Cxl4�>X��pTݨ@S|a4X�FxiMqv19Ud,|�bɽ�E݆z]%c_�CA
_
���eo/�)�!t�C�vh�юk�#F8��!EOAżP���1�lhq_�c�&qY9-;P�2uд�~X3�wѳj�
XNW�]̋*Ӹ'uG>)O|BA&�HoJ53H�2$HHTH�#�4��4#fF\�Sj�ѣVj
�䠂�|*t�&C
T#JfOZLF�L:�pE$�z�}ƃ[Ꮆ&ys: PA*�Hz &J[G\���iaz4D㡋Z'� F/˳_�40d�RuBpfwUZs5[.x@W�'5�)pd>]�n>
L$_l�?|[Lŭ+0ڼ,Oόt�-�~hR@[ҋ��F
!�7���h{Jpg9}
�̊hqE3Y_8�#'v8w�{�8�.R�V��>۫ycQd_QW>3[0NEh_ b�F�/d�M?�_1[W7gx6.m//& ㋪�
se�"EA:8JI<��DRiõۃ�_|JOmtә;Nk�RQ}4Mtn�osUq�NX��9;
M#��T_:M%ny>wa�{y�φ�V�C:Y��cf0�6u 2S|\ Z�M|Bv�|�R
Uc4�$�$_�~2d2��+36GG�2"35Uou_i*]F9cTɂ.l�wG��ïe_�AP�{�7�m0l�b4IeK74Ԓ~w|N�v5ē1�Z%Tױ;���)!PMT{
���k:!��bT׃�Rb�DZY2I8opu,"�g6b}/e1տ~ӎ�q`asIް��s��`ʠvro�J�%
SIUIa;Ŀŷ�W=6J: jNZ*UY/=%[�x�(R9:�sG�$89s֑�埸\%7~S��.2 & i-8(/��RGiQ�3
)hOw�*��Rqx<�yrݾ+y0nfO
.�r�)�*N\^Q
]*CDx+8�5)QX^%�[�HQTQ楕-��V�,�{eC�
[�4;tYQ!ߜ~˂9c[ďEX!0-ϩ���8Y�5m}�BUȢ2E�C N 7V$nNQBn *,~!�kX�tt"��P_-sn0AjH�n[rXzϚ>b+9R`�ֆMuG�o�85��3��ɷXBV�=5ly>dWHp&��adz5@W
;$ lcB#xUT��`T[�j1sl=E �x�ԭŞ�^4�ӟ�'�GƇ`?Fʠ�T(um2gqpdNB<$:U5^FL�r�(̤x7w�+v�(=��E|Ẕn�Q+<�ƀ\Sp$W81Y*�0kem�x[�M2{D!J^F�xܪ1w3ɻr��R�fs{�'�Z�hO�7{ArGx[gv-�KB}�e$��UfAiBז1 �K�GI!S �3!e6%vo�x!ϲ�ie/⼺9eUӥ�X467Yh3%Dc��hS�N1oE]j:z,5��?��&FVhݣnVV`PE��8G��cr)��P�GS+IMۍÝp>* wxYҸC{R5�;.
,e_�Ut:8 v]j>��tO��>Q�]8�M$QbDʗ?V�Vb�"7k,$rT��\kԔ�/ws3g~'AE�o/"وP7Sqraw�v)>%f:a�l!^���2#Y.8ЀDGwyba:j9\w<(�Z�^v��M0�0Y�e<�3�ݟ>'n'th�&�an�&v\[Q�Tz�So%gz���6C�i�A��;1fX^$/�*|.�A!~
o bk�9AZ]&(S`H]d�KfhӔ.w��tjAU)!*A7YZT?qYÒ{v!
ž�Į��)�6նh3d$�@D=(��
'fwΣ`2=R3]["3AV99rtƦh7~�vdݓ��Lm�T0#�AdICRRt{r<}cP�<�/;;�~Ҵ� [��}tcxҐ8joe哳+2G8FL��(\}< 8
WL519���M{1�p.�<]=� ZD7c�Tfqe3G��o�hqyN(r~j��?�q��`*Ui+��>kT�WT��'ub8��3�]�uMWk \p`�/+�3)3�Qd%Kye"H�*ίӂ烑]PP&_E�� �U:9s�ȇ�W�{4��nȠ_3rC|4�v�_aA5�*guNf'fL-�I ~B\�鼇�}
U
{[v�Qr�ח�ͱg�Ok /3�ˤz6C'd"�wHκե�,-4o !%�#o/��B�0.t1֯� F�{@VЧɹXC5�n&vs6o7} 鍊~5n$S?uG]|4v�+
~k:^�Q��p"^s"@��CU':i>��\�n�%:=I�Lf9K 4��+,�;܆DWqˑMrXi�U9-op9B+^
: 8&{�URς�o(3WE6�E\�v2/�aIOTS%0*EK�d�@Z4o,�`nm�'͖(A �J;e2)\� >u�<._��hL=�hhe9�nfg�:1.����Tlahk:&twv�P�=�)d)b]&�� qwc
.iq@>V@���ߊNhI?s�=
p/F�z�g��Gm�2`�{`9�r_!*�A�yG/Xn�BT#A31(*��#�J�!�M2�ٕ�!qFy��+z_}0P/�jC�K.|,��@p�eF�E9��>n�\\�gS)is>Q&Wx��!oZ�'_@$kg�^;#+ND/V3~�]43L��V܊WE7&Ǚn�jQR�K�I.O�w���]�#Xs}�jpR].0Z1Q:`h��(lqi�"� J�T�t˂М
��u�`:8�m0$�A|Y5�#%A-�UQx[�RU�A%)�m*vHca櫫�˵߰��okE~*sMc:iE4_PLJ=pUYZs~:�^C�|�yLaCg%ՙfU�B5v+�'Ol~S��w1�{/�)3I4y6��n(�;1<[yE{��a�Ca�bq�ϊg/DxQb���Qf/��?\M][�}ŚKptuBEBkh&xA`�Cs2u��.�.N3+�0(V-
X3Dn`UmrFqQ3C_l��6Z�{�ϲzͦ ?g$B�'T�!r�G�S\X5����1q讷8�E^J�@8d(@u��V,>Ev�eӺ$j_p��[� f�gqGT@�H��uZ ��y���^L!e{�� ��;Kf1x
&JPJ鋶F!U]r6)�H4�9,8�e4ml�_)?h�d9lF$�W;!6$O`a2;||M���Nh�idO"1kLY�!�_k�c`g7GS;B|AZ7$��9�U.Kqb���E{nJ�"g7ALVa.͛$:��ţF:wN�&H�BkNmo0�M O=5�0ܢ0 F7��4Y��t��*H+_IլTy>iuh3D�$Liea�}m�IrzT��M���VG0˪WO�/NJC[{6*�G~�
.b�ԅ0w��xWR�`-%o�3�ۮZ��r$}-�ѷaj\FB5`bx?~LFf^R��<�/yЫJvzrcF_WZ-UGn�ЏF*vm�J�Z0����j]�(f�1m$rcmCA2� h֨zN*d�O�*s�'�B
)a
Zi�}�l
�fބX:2`�7Up.m�/�j(n-�5pR[E=�d�HEB&3#60(�I6W��t��~HW`xikJ?Qo�Pe�>ɰbs6e>m<�&Ȋ{o3�npg;ڏ\*�Y��TD8n}-y.��X?"悬=\̰r�i.7�l�E]t;c{E'SJr�(}"yio<ʣ>LLi�5qD�f/NKAx�k8¼h
?=iՊ�5�]�~%t$~{���H�;E�>~[`^/�3E\=�=)m82C|Wu�dD_piZ.{eDfP4�J�ܧp��p��kݺ
d$c�Y1�I&6'-վߗ.h]>����_�VqGԼ?%nC?M8�wSzmʜП`'B#�^6m.~.�Ħm��ƿ�9yd�Ǜr4祄?�mV$v~�-Mbn̈́�qw W34 �VI+^�ߪыUduGQ"Z@1J|)�ʦ{*&�2B\95pFCKB�ͻ�7/mm?2�%��h�.(Gui;)U�A~T�9�j?lAi=ijĀ�|b!OY�@{|7I���^_Cb#r�Á�fk=l{?�K��h3�)�Z�ϰ�?9C�mmA�LG�'o�NR
*bb/�5#3�Z:s�o
'\I*Ŧh]amAЭ~m}òqd%9�ghD(JzԷt(DIv%9�)w$Ss�=#�[�IɸEa�щ!�4b�
`hN@A�Tvb~dKÛdhW��l��eAkaI|yé Z�BFI.(�Oy�ʟH�WsAev͢Ag?|-cK}�cKR,%�M@�>���gPQdbQ�ޡsv:r:�>&☢�53�Up�z$r;6wˁh?Է[Q8B�@ˡq#ߵ9�Oƛ�sTyRJqfP>�PM拨cv2��M�1�K |%!ӯ{��Ѡ {>̥ r%�]` c�9��t[ᖹ
Q
.�6V�F\��"Gu��a~}l�k�kTD.z�z^l��R��;YW^S+�l䉉%TK͊ոC3]Wn�R4�DP�q8xHuRT'W"�Z�p`Er��R�uO4@j8e?C��n])DH\f�b/J\F��{ۂHUb]+mT�F�G)�*u2svs/(4FBϛMDO�Q#S��lU�=T�
7RV)E4G�NkT/bl9&u8W[?K8�`z=j/DA�nMJ�.9Jv'E�AXq��uHWgbUFYyo�[C@��;���#c��!T� QqDJ�fMl�@"�YN5?# 5ؖ�J
ժm9,ҩ{eNT��\�IW10�>T�ݷ~�ޠ1Y}+�h�Fe=u^/`'s�gSHU=5�)�р�Q8�XA#�|9CΗۭ;0L70`aޜoh;xV�ӡ�[P�K�u�o-�cL�%/vWv 7~2֢K_ lX0k�dI�L"�5aM
ZID;ĎH(oشDϪ�v(bף�<"b�8f1֢�NTÜw�T�r>ͪ6uTKfV�2Q*HxXu$� �@@bqI�7اgD\,� Qx^>8K�6D��'�]ؽB�#:}CsaQ45P�s�V%fDw +��y�B
]ə+@(�*^�ا�'"4'=T
H�mpGhVm;r�:a]
=y
`͉��D=J��RzRMa�?'
ӜF/.$�'_]{/K:�<@�)ݪ6�V{�:EAJmv{Wk*C;1
C?4s�v�.32,!s5l��4�ΰ_��J�x�=Nln4dډ�&�9�OH:^H�dK8b.�^/!(eϐȌI`q33q�y]n�)�1`ok=L/�r��Z;q&Ai1y{p���jl����˥~��pr7�h9
|�eD{,|�>swp��pZ+~a_���t��m.!
()+�5��tf�{]2E�^�p9yt%~㛱�jPy�;x�Rb�'�)nK5.Yg3�0˜W��qQ^6W�%-h[)"Wo�E]�~s�o֪�a&[/UY:&@oqis�c�X x�ST4g,d^xT{5��5_dti_J�iE~4ACX5�ެ��*�:Y8hTٲ�'�=DmlڒJ"�h
b}BJ�iUv���m3R�19�=ޏ�p�m���h`hO*�璳EKL%�D�@Q�ϨM_p}bаYN�L~B1#�E ~\�B*,|(&I!��S�nZ$LeQM�[(=wÔrxp�! Kd�$*B�>V:ވ�}+��;.Ydt8_)=n^�<%\z�Y5%fMݕZؙ�9LW#F�a8@ws'zzJ|eL��íY�Kތ0�[bx��e�K�jhރ=Bzh|ۏ6�VA] M:I)E|g4==/|PL%1h2yHF�`N�G�QDxR� �xX8�0k�Ɠg�N]�3-!k뺭ʑM;+x�1�T0Ď�7�K<�$F78L2%ܦcl
'zxy �%w[�9P`Kî^.�[2^xs]%PP���ȧ|ɴ{kzF�7PЕ��h�˸}ڧcc�fC$��e�Gx��JCĩ!ʳ{�܆$&ֻRG<�`�J�.�d�Vu5NRF~��<;W�Z��q�]Z�G*��`�k}���^b^�)hާYۧ�PoޑVX^RV�e�rnkSi�)�σ~y�
�xqa+�̱�7;v��u�9I)8d}k-]E6�wؐmo����Ю%��b}�FS7��,�s.=��m�ԛ0l<�(Lc]�a-�aˣ#��'hU'tin^*(N!�ɪiP sBV6�BZFKQA�49h�+)�I
GLt\F6ң;WhG_Ȋ�1t�Ű|�L_hC�(!rtUpQ�ɬ�2LTΰ8/N@�iKVEs3�@�jLnIB�Yi�@�g� .FZ(7�8umTbm3 Fw~�]�sVL:�tD%4̓4F"V&[�b[1�^���yH86�2w�&j�e:��p�h���Yo;ʸ*-�xRCMҞT5a ߁d:ٖ�tl'EL;k�#Ms2l #�'_X_H�MW?���g�473�qDU�3f�h
ݬ+ɒv�^A ZU�9x_MGhHӴ~(vY� ~HJf1HL/W��/�H䒅�@�@{�oa��L.bZ.:=�>=C����â��9Kl>��a
#;FzFkJWm��#s�C�+ �T�/ )-a�Lj�4�%Iw�ofR%#$ڈ0 :��&k��tE7�bVqሪ��Cf`62��.1=5p0JW�H�o7�;:�h��J��fe-rG7GpG�XIE
%
rK:c~ʎ����ǰ gR)t#nVxKX@Ih4aeGj(eYظ؝džj�y� bs�| m__�!XVjI{yM�.TO:>YoK��e����?E��gaj&y�jE�V\�GxižGWW c�YJ2EtXiV
L*k��cl�W;�rgyeM䞷&`�,!ګ�q̨�]D�5@�&q3bkb��CҶ�>q�`k�^`oXI�?caL�7yqe�5K(�<-�L.b�5�51��/�&ECOhu|lq�\8lw��JP-5ƥ�@UKi_֗2�$�*|x�vKW39٫�SO-i߭V]S_1mu:��HH q˟ɞuoc�O9#�m)�t^M�~b�G!?&&'[[k�ϫ�#nFb.Uzbe�@ ' �b?IW<ܱW476Ӂ�rwsac^U\NZ빑]M\jaK�GSS�4m6&5�Ã|ћ."<�9I87n+@λ�)O'_wFг)�`(��a�uo&0>~Kg�(�9NF7g]�8`k.Ͻ�y;e=9�7ʂ't.�̹
�Y+#�b�afJ4�=��M�Ҏ՚B.0�䱑cZh\N H�y{:Gy]ѺR�S<.Hd*N.ޓ4+���lmI[`s�B��DwA[Ƹ^�&ɶ���N7�^&|NInOx[�PL�UP<)^TL�O&�7Ih%G|P4Ck�6��jj�.,xV� 4nV��Cx�/>�lJd?.+6f&[dܦA�ƉG:HR3 �|�[mTFz�g_|2g'mvUkc�"� gM=z�ˍxX�"ϷN�yٝ|G�Ⱥ x�=¸+>n+l�g:yz*(뭳�
wl�̏�L�J�Sg0�X%xEH5��)Wf[�N&͂h
=�n$aT�ξ[�`
�㖚�X*!�uN��.QۇC#��)[hR�+֩�Y�?B.˱,I>[_EdLP9)�b�N� ��ܦ5.�}�Er�-.+�tE-D x�F<�;�W.M?S[�!Ѱ �ɍ�'tmM*0%Q,D)I&M8Hj�X�=۶�ujr�e;1�~[b�%�b�+]}S�/�
ݮl��tN}
~�]ʀí�ãU�lg0D$\+=zSc#fOm��88of���\(�4�`IA 5 Q�hm;!��@��/q�6/cmuq��6�~#zW�����y��`a I�\R�7�8p}�a`%+вCf,F9,-̶*3@�p\P&Y�VBbkuw�[!^�SvNu@eײŒ��@un]Z�:A�:\T�>Z}\B��gf�B>�*(`W�h�W*F�V
+5�t
~�Gdh�{`D�S߸Q˂U�~qw~V[/�+2]�!])tJϫqۇ{�Oa��hA!(tvsfUQ`Q�E��.٤:"(y�"K)3Zb|ů��*#T:e|0�~E;N<��'p|9?�+�c�M
o1}r:�s&V6.Y^�RX�>M;$�k
[ '|V5iD�`sqEuN07�( {���7ơwn�TKqqC/V��d{�u�Zta#�U<]>m��31p렚
�U�_�pxO]p
�%<�*Ḁ�W{'
�&�#\@�Pդ�iXhZ|\���4Rq='�7
���qVϾ�$7-a-Ղ�m�FR���yߍ�؏p3�/#RB�>ӈ�ͬT��7�DɵxSCK�wm�"CVΙ&ɩUu�ͷ3Xǽ9�v M�I9q8:�BO|�
;BXbN$�Viɋ~��GG4/#ڏ@&�kV6#Q4z��{cgVgMNg{l1w=�Tbl�kP�IT�LT"B g9ܣ_},��r1w+q�n磉s�C�8 1ƂN +We!]@ܘY&%��-|A�n`ߟ�Y�I|ɦh�2P�UטcD�Wk2(2�ksY 5aɣ�TT��]
5i�/�*3(�f�^9+cТ�� !mD,qΔ<,ՋZ㵛�[RSOTrYu@�!4@pEr6>j3u~�+-?|M�s
.�0-�4w`Db#|O*�Tr�n2N�'&S}�҆g&M֞0xBD<=�;�sٯvB�ֹtKσWg|AhK:&wZE�"ҦD�k:#1��FSҎ�L]&`_Jx3]U!yCU��^(�>m` m7hI{�7pZyR-ً0+o��7l�ɷ��sjj�np)ހ5lڗg�5�dXRe�ܹ�4�Xf~AZՠ)]C0�>Z�6BAX�!I
1�emI�``k�*P#�I0)}�%&�����fI<�.�&�wKCXcŋr5+9/o�ɺo՝Ϲ'8'C[hnIl�;gF n�qL@Qi2i{ϼOc8m�@�X /~��J9vQQUq fџp7�=��:��V���-�)(O\��8
a/43-O/C!Ԥ
\,+[a05_���sdvd��X[)�1Ձ}e�:>ҝ4d[OQ@��1Fb{X{%��x�! EWN�h[�
/y�.7�@�[RO5dwQ/|7��0�d��>'P�цb8`̉
Cz֦
d~qqEh�%pW�,^�/}ńzr2vp�S|RDΡ%y]f�Má�6c3q��?4�hۯ`B�1�$1Xԯ5A!�X(x:!�n8%.
iRt_[�مG�tgj@y�G�v�3V
.L�o-aA8�@,M�K`|gS%�-$]i9OWm9}uj:;�vQV�TV�(X�ܤyaOӡ�j-�� q o0KH%�Xv{͊!�&S?$D�1�y[Q��).,�HOK�n]�jS
�A@dbWa)�(&�:�\�^)ud@b2w�{*54E�ӻ�0I�c!l��C�H86
8�1wSn�pFq|U`?+%!H�7!^({�*$�ύ9%�I͏%�FQ2Flf/M�G�407 a[a.�(KX
',����ij ϱ�X�G�,q�z$�FW!Y*�mz EQ�rYʚL܈��b �\s�<=SfFA�#\P=�Ja�o/�8kʴ=�
,C#}UTD�8�+,D#�65�
�UF߄��I!25v<\%AN�;�)Du�~
�),��Ũu6
�N&��M̴4|A!d�0/1]m-p>S�
�*pY/\hn
p�U6u^�M 77ڭ��, ZT#"2ۯȡ��ɒUn
L_zKט(�AeˡKJ{PBl3�}T1�FlW�r_g-~�K��,�t�0!z�{ń!yu�WN/{�/�Ŧ·�n�wCF�$iJhɋ6s���f$MӇ4g^�k�T>)pwk�$97{#7{��~y��Ub�E
�6`ײ1&�N�'X^%X/)CjGC��GS?}f,O1�G)7
1̲�*6FcZ��5|:u�~�'ꔲ`�QCv�(S.Gf6�9�N*��wU!�����2>=`lhRL�UFؠOCUa�ȒK� "`6~.ԫw?+7+=
O�VMdWbau?΄��,\Dn65̻z"[%[b4xÄ=*Vp�e+UcV�_S/Lm3OE}oe4�ߗe^,!dN)R'NRa)&1� 1ӵ;{PV�n0]_f5m��7J=.ڭ�N�{
"%J�4�q�~yy�]LE5yAŴBS6,�=I�,\��ix1=6;%̻s
o
��R3B:E�2F>|�e<��^QA�sn%IK��D,㹫$[{D7a¦^xĢ!2p�靘I����yy E,ҼoW\�qpc�J5�y ;(ɪm�ד_7�-,�]n)�%j)y*'ow�eng{M˅�#wfj"w�~8D�ʜT&�+#K/w`vR|A[rLiG4v,=A'�&�:�1!`W}Ϲ�@}#�{�l�Ltb{Kg�:h�\pBYN�G/��Pu�q�N3-O2~_wzNbs!:��k=jJ�h�D*̴@||-J$o���vN+o= Ck:%�� �kRNt�X_T:rBYO;�D8id[`k5[1O6-hBͰ�2�Pb!(vP�O�>֡Z+)�[^�rCd0%�
`}��1x�@|-s//Q+G8mwkd.AMf�ͮ`�jh,�!H�=�^Ϟ/'01ԙ}�}`_7lϰ_Ky�O|MN,剶�s~G��aKOr+L�wv-i�ҎE1avlu1&iO���
���ްB�Z��$%8
P�
�{�RT�LhCBENG%WrE�$F�D-��b��m�ˬֲp_i~֒P.hooに'C�2#=#0�WJly4UXȑZ(ǔo`_�7oa?�
@ �U�HV�&;O(VU/ 4\w�L>q��ԡa_D�>�UU J�J�Qjz%�~.%ꮯd�D̔/�/Y�_8z2�5E_�OjNk�\?9廅��\87��c_&"0}�yR�*0yP;6r1]!Is\\Ht>&I+\/$�-.@#t(�%���Tp��?,e͜,�,<�
$K�?�u:�5GJ`W#"\^84B�mtƔ�R7Kv��PeQ�}#n5�$D�h�> 6衐��BB|�s5=�RB�a
'I|�Gb2_�vXMS j�s�/=�Ĩbg�xGN1DA9XE�#~�#Xo ])O!\�g98r 0�gn+Hb�ps�2N-�fd�zFPyu�C
k, �K
J0�]���-`%Il60C�0PvGwtZ�N�t1%�lgL{�|ႵE{Eh���aI�^/�9!vNYW-�$3W�N�41s@*FQS0mK0Ȧ�pf1k7�_AU!]KNLek�sԠmqB�m�CW]$A䇳#�ʜVIԷɨY8a=%I7fAj >���} �SO[Ra&]5zostlV6i�]�Vs7H)�!R�;\@2�K�}!79��M�?1^�Ǯo�!zACY��^M\�T�ac˪?�LT~fl�p`R&'/W��ϒ
ڣ5�N�}��3:�
/ʍҕuM}�!��C�c&)'2JM[.<,,p���SgW��hx5%@�TV뭤N�z}h4�{_x!P�|��(+��;7ny�<%�[i�64=�]
0c,ƺ�1
YRJ�bk1:h��Vq#[s�FL!;�-N8;t�]�d6)I|L$iAZ'qi2O�iQ_H�Q]N=3�|�;y˸3|p�&=rh�7 �h�2k.���fPΛ1yytP:ŋ85|P_�0Bl�p̴ Yp� r�z�dsgR/8MeGi1�Q>(%V3amwhMsv�֏9E:MdG:�bYγ.V�cq�$;__ IIJu/�1b�5fDB5i?;"w ʹ[jt!I&�r@S/�;iO|%GGnWB%ʴA0W=��3I|@t1wS
�a^�ۜ �t=8Ļ�|"K
yӣ�P17|7}7WQ(/{�
N` �jkjH�NB в�+,9}P2��>�|Iu�(\ؿꄳˈ
�j�\^s
*qLeV,M=O&�C
ݳ�O�]'aU.�,W��q=�~aށuTR~�^�}cBR��oN��l��"@�(&��.w�ބ\Mɻ҇���뽕j2JnA1��ڄLJ54'˺LrCrS,[vG2ˑey>qZdnm⍏�z.7Gɻ�MArx�N@ȡ�V)`Т&&%8,��V(�q?L/@�B��r^a��"Ke.l0ue�7��3$PL�تGIJ}G��6J
u?%\TOr�%=d�)PsR5^H�+GB�hQU:=ͨ�h3\"x(�d=o{pޙ -�)wD{a�-I+x���C+D]�p%�vNd�KZ}U::CƔ7E�H˼vSKZv V��νNGl@Sk\]�R/��7�5e1�lCu���
ՋM�ULA:b4OqҢ9�oP2 tA
v~h�Ҥ7�9{-J�Gy3:&zF+ޞ^5g=U:�C�%fz]�\EW./�w}�N#3lQ�cӸ$�DN@WfBy,*M+�fw-hh�\\ttT:��G��b$u˺2w},2fsQF�.o$7Kv@L\E4+-�Ž>�1@`=#xoz:au r*]w�I2\��<-8�}o�^x0��:A$g,$+"
嶅vY%md�aGê�\OC[JFPjW�N֕*�=J9�zog��`PGͺu&T�x5|9bϬv,PhBҭs��P�UsE���52_�|�뺺6<��)3�B"�6�j��x�BnuoWw�8�s_~�B�i��,2b/=l+F^}#lfT_f
Q!}p6ZO�1O{v0�5Wc�r1 L
\&~=�
x�ofZSxv�e+\Vtb'��E�Z�QʵWA�K;>@s8O�4o,ŞZϤ�a0R��|v'�jt_t+;D��mxhǛuEc�&�f2ԵlmD,EaDbcw6_X�MH5UI4$�^x,ڦC݀~���h*<�kT24A}x*NR�7�v#�uB)g-T$ o?
�OWe�2��02zAȔ5Kʱ��7~3��F<�O7j̀-<Ԫ+rIQ܊mL:�X=0 `Ǜt),7"<Î+���Op带�s#k[z�'@Hm{ٓ&liO��܁շ<-�PE@�dw#gPr�m$�̣k
$4`T�cy�VzoPpèNGuQV6t�O�S�rgBBeG?@ǞO!��"*/[m@9]u;P��p`W�ӕv~
X�u�2\_)7b T(��A=kʁ��\,y��Ǐ��ȥ �\e �)�B�LD[4u��ޑrjAXZ�� UihYB7�XstmlQb�R&�V�h�L�+-*XB�vqsbF�G�*A�&B$Z/ņE:WV1�'
�Q7u�$�cIqya4NzxBfM��Ag]*4�Jqҳq'�X͋7kJf̯�e�#n�BwrRX)Bh8�!F�xT%70P�wЂ>j�LEGB^�_"n@tspf�Z�9.kMȿ-(A.�_w�wWx�_�9U1Rf#.
o���!�કSJ��2PTA{Tw>�ÂZZT"
Ͼu�FQK]�4Q![�+k|�Otk�e3_X����mYYt&<�O$&S�?m-]ɲm(T'@fu�dۙcy%�}InkjXQ�Ƕ�j]X�Mw6-?�~L0!�,ֶ��tvATʖ7cq�KC_3pe5ީ
S��נr��_ҽ��|��,�͖R�>5lbQyN�(,���s�%HX��נ͔^Y{$8�|zC/qTa�YfQ&doͰdRho/�*E
eF�E)5H#~e��,Ih@i5O�hG5*�&Bp7TLSKPFʩ�R[A/!�1%k`7l~|^�N!DʠƁ<�O5Y��0&�T�c4O��m���%p.n^��H6>scA13s/u/�
Y:'C ],��D&01`~@/�zGuU0�z߃m
�A#EZWa��sؐ 轴i�Mg(S�-LN}�BZy'}a
W}k�N ρ~)曳?}me7첽ƝM3|�ESn}?ޞG�j�}�0kX�c!o̤^V�˰Kb;@Ț#�?�y�rq��SZ���j�=L?ǝ���OzߧU˵;:ԕ�02?⠏lJZt"dy
t&'�tvR(�B"*떺3�d�5З�j(hZo��K/AJNŎHxXA�I9:|��$�d�bT
H箐��⦀cޭⳅ cfPsӜom"ZY}%�~��ֺ�Y-ᑤ�W��C�O'Vhb���GCO:HdE!$ڰR[�OuqvC5M(U\=q�ۘw��5hQP.Y�iGY�tS�L1V� �kk1R�
A�PDpt-9d4#u ²^I��E畍�[U?~^fѲ�֜�8͆sѥ
\�J�mf���Ҵӭ^x={�Un JA�h�>:r�ӯ?M}�b�9<}�MS,sQ(2 �M꒖�n�2X8
�~�v�oOSEu�ԝ6={$ a�9�E[|%)�i9q8]��mF8b�ގO)C�i˂DV�L$ĸ'M__I.-�/~apMfGk�5l'�}3�L��;NR5⾶֓�
A@Ekwr���ߨKLp�R:�NF9vN�_ih�Tdݖ\�N'��)'7 e٢�ss1�Lk5�ֆ�n"#Kn�q�B;J()�hQKTH�4Xos�$Rʟ_zzo- gz�6>�%Cܣd��0D�NꠑLz�M��?({m�G'j6:]�9ߡ�@|x]HCOr�X7yp�zd+�#'':�NZ�~xJ�ao/sz��g�̓qwYq1~=R'nj7aZ�U��u 'E=;ťJoN�ĭT�75uwDZ{w� �D�T�V41b}ȼ�=#
vf H(k�I`0~AМ,A':%-("I�Oh�)Zwp*z~N
vЮel�+JNT_$�
_F�Va"
vm|bw{((7&ɷ�Wҙrq�4G�|~EFؿ3@Uރm
r�F)i{̞�l�6e7���7���]5w VBl�).9Y5D:Zm<`iJ&
[ܽ+9�얡Ȫ��w5j4oeQ��`U��6ƫoL/[O1F
�]ㆠDy
Tn%�h[ E|?̃CVdy7H<�;t5�kӿU�v�5Ki�BqogJ.FxJ]#�L0}��o��ܹ�3Y)*,�@�V~!�X��ay:Qc�G3�Te8"]Yۜ�Y�p:YB�,�.ٜ�e�$/aߣ4\�/�Z��<:!\kKZ┰ kiQz#oSՓ8=-H�8$�+v�"P).W�3IŴ
X�íaDD^Fj�n,Is�g[wePt4SsvD�/@!/^%l*_bVa5I*bWs0)
x"kd
W �T̞�XZbs=�m>/(lR%�T.3S^`HxȰY=YC|cF6Q�S��9��\E�|{F̼&�uW.?:̉*g9(�2�RO|QqI"dH�o),�QʔDZaU�d�7�؊D#2
�]c~Qcؾ�zRQ`�"����W6�p/D*�64} "D�oq5
]kA
()�`;C6ґ"����
R�3�^I;�ԏK�ma2_8;Ye��J��.KBʨ�ba|
]*$l�vF҉WGh_ca7B#"F20�O
tT*-Nlb'ś��[�q#d1uo
|R&pn+�(a��B�g3�c膱HQI>t97Tj(�Gu~�Ƃq'BHnNmauz}^En_v(ʤ�w��xb�ZKUi{!]@7
RQ,v6H`%�|�Q�s2\?ϫ
}iBLyYPADW̢6=c>xM1�T%ʨVὛ��Y(!ol2f�)yffǶ?<�k[�oYvdY {�z�%�vap�-&B0$��->B$�%EJ���=?uo}9�J}Ő\5T�Q.s>F{&��0ߍG@M�5]�F+]r٧<(iWB��V��$�
F��:Ku�%�2�uG��.9Hn�4B�ӊl#)XmYE"1a9CrTg�
#�a燓<+
b^t1
EjН�.Jkij:KJ�mws<�T}so_lmZ_��HFϰw�?J��ax:c.�m��6r��3�5�|y$�H�
�8DB�T"qoa A�aݑ'/�ש6bw��mq���L&�Jl(iCC.P,LDujUb�my�:#'P
^z
-Y-&6+xG7)p�wk|���vvr�%�D}_di4IG�9��eȾ/2\`jkFZ�Zϩ#P;bVL`�S�DM3쁫]#*Q_[�e
sf�VOX�w@g'/a{�YNNݖfTK�'Ww
f,[%uLО�(�Ab].(V&-)ak�qٙ�$αd���΄tG^]-
�fv9eX�̘r-OP8rr�{�24J/{�(1D[MW~tCMw7g^��/Ć>Đ�?(�c$~?yv�HԮ/>XFn^��*�;v&�K)V6&EA��G �{f*D'["Q%!�N�i��J2\dqc �v�*qV�(y5vY%-�rFU:O9��E��ޚ*71Yځ[dS$_A2`LUmv��>$c
l9yV��MB*p�p@b`妡DX-va��*��a
W0TGSp�_(� {z�R�֣N;P#r/hldGr?"!ZGy{]#�H7%duc�2C7~w
m�M�|[Co�4ޜ=P��IV1v('Ag5�^"}�inВ˘�aJ�٧G�p=9^�>.�]ӯ,�SIk0m)'[&hp�6Nõ1A%�PքZ^>g~@\[~l�И3V,1�H>U%܁vj&�*-�:wxH2|\Ǩ�,:gz;~p·je*M�N*�_˖�Q��\jE|+WP!d,�>^ioK�{�t]sG�b�m
cP`l��n4^ܰ2}L��h��`�B#Z�"���,S�H�7% �)lO��h�$�Y�[] �K?�Jt/纁^P^l`s5Rf{}.G_{m{+�L˘�N:HJUfEN$F�GOy"�d.~bf)ۙ$��&�BZuNn8!���&1�Y�$� j_Sd/���LZ��Rc7/Rm��\�H�FyR+Ex,�m�(3 S}JS41[!�\_D߯AO&�g-*"�ڢ!Sb�w�OXgW��@h�jY%z;)�7���t1%5:"ڿܘRKDNĜ��Q5{Ph04��b2@Xz~�n%�z+ԤBX~z7~Ć��gb�v�G`#o㣥=6TE>1Qިbt93�,y��uu�d�?Uہa� Ar;7�u[�i%Y�,b!\`FNn�wsiW+�]~p�~#"�0��I߶�Q�c'�ߥ[�*9M�],1M!O �r�i~*Kvv�`� <:V!ejbr۽
_@oD:v hX:�!FGŰtkg�C-7>$Ɯ]��6Yu٦G9~7[K
+ܱ?LpxKI7�Q�3�#$Q%G}OH1\��my%�LzA38e�/���¼b +*Ӱ1mY\ �QZ)^sD|&}i8'x
RΡ2y,C]i?ȷ?3{p9\m(TYU#YȒ_.�|)S�Z&eU�B>w)�u_>n� ~#{!��0yQ1\~c�{݃!]r?��*xp
.66m�^�'ܥǿӬ�@�婱DRdR+�{�TKaK<+|A
S��C=�zPO��(#lQ�p|vbp�2M�}-k�}GO.Wjڀ�Q�o�!k�6v
h�R=?FX�W��]սu-_]y%e*|K�(sNj�lcPɬyM�E<2�ܠu.SXR`��([��<&\=O��+�"=1/�o/Mz�I&l�g�9
'ꨤ'�A(Ba�ś�Lt[ZC�o#ElZ:WosߚU$kq2�\9��H�|VY
��
{
.иs_.Ƅ�I���K)М>�D$7A�&QO㕟dIq����1gX'�Ӵ��V,�X+REc�5sN�#C9֢�,�0;Bw�44aYl
6>,My�a�٬Jc��/hJ3&P�"�+<>�Lwkw*�* #w�Jw'TêW\y[2j<�H֩�5�)_I6d`=rF-SWz-CG�űp~pdj3B!0$G;kSA3(�^ucj{�&=�c�[ـ,
ٸ<��FbHa�?F8�4;gům�L�1323^/�qq*]ˬXy&&�ݾXE��x`atBia�O}\,r�г�6t*��=F�m�q�5Y� gMj e8{sCGS��]No29QlZ�J�b �U0C�T�'E�8it(w��s'��w`\�@�Ne���b&t���]At�Y�_~z~M�OO/J^|e�'�V݀�H9u�!lq!s^9:Pb VCܜnaƉ�a�.;�DI>Σ
�噵�p8�|��49* c46#9ң+Yn��,)@]jJdw='^�"q<`�|hf-N�0BDzq�R�`�Jog 7C�MLj� ?xHݾ(
ԁ*plR((�Zʕe�t3A?{
5StI' �%�uw5�
+aXZ]oF0@˦s7
]k3)#�C09��3fUb��O�c@}<#HP�<㱷�?DZ��BpO'Xd5���c�6����>yRq9n~)#/Ҝ$�I-XgX��H8E�Ւ8Y%2^�a�W1ǡQJzg fv��,ςu̶s0-:<5r~a��mJ]~e4):q��S�sQ}j9]�*WV4T7Je!BdH?TGY�O[
ܓp/W?bثA��x+cQKU/b<$
7F�" �|wn;V�_s�Q0T(kq�yE�3�(�]�~Aeu%�Y\aAqy2B�9 pf�{$<�k!c�eDѮʃ��P(w�ha8)
v$R�B�ۦ|v]д�F~>s
P�Q��1%<'g|~���O�K��G�<��
ە�G5�N?{Wx;BD#�jh?0u@Ɯ.H��yȺh(��w�0r1l(�B D<;D|OAU�<�;Pv-H/;
0N�`�pp 0Jyų<=t�E6#5?Dveb^Po7g�� }ZCxlBYl�W�:(PYC+��
;m@' E���Z�|%�n{ԣ=ts?u@%!�4x�rEA}g�p,�R=g�@RPѦk"E�~\>+r�V(Kyw]Hx//�F*{ͩ�X¹9J4G:#�2tRCOI)yMeNs�xzT�jH��U;P(Ef�[[s̸�b?h�%Uif��& @jh历)`
�h49߽��'���4�� #͌n�
CZoV}$d!έ%>P�ؕ?,q я�é; 嘪3
�:cauc�;C_Ցc�� T�2B1|(Q�);Iy3
8h X_$)}L-i.?;<�
ܔ��88:Btb6ax9$eJt$3�:xO xM##d�gl3NO����bfJ,�ϥp#{VFgPpB���у�b)쎝Þ��D/ڗZ���< �[%觀j&�{d0W+�wS� :վdA�O��,ݴLS�D/)R
Oٳu4OXWA�2Z5�yݓɇ&&L㬼Tsc��>jBW{] o">e ��t.~�ܴsH��9L�3$B�_F9�RM�=}��./_�T,�aZ_!f
�ޟO(��!�&%��0�07,<Ǘ{��Ue+[/ap0:z�k4ǽ�Lk��tWT%�{�'m��B
G��w'";
d�3��!i#"i3�p�8DZdR�y2ɔ-wh6Rrg8B;/M�YÑc&�Xw79%dﵞ_ t�k�jߕ!D8,Mhn�7ֽHE7_7,A��)H:7<�� �d0�Ĺ�=6�}��g>�a0rQS�n�ֈ
)��'Ls
�#>z[�3�I(OVnr#u,f�#%�5>��*RW57CHBh7>ˍQg9̪>�i%˱;6OsmJrA��vrژ줨4ݿ/v<(w�\��ߗ}1
{qՅxİ}�)�
9���gjg.!̺v#:}2"Cя�$�_�X�D�:&ܻ0&�gA�v%�]ADfΐuK{p-c=_�F'���'�:(˜w{ d.],���xX1DO�}5kktGa.%�:0"K{9g@42c�l�](��2����CeT,pvSԟәd���~ Sa�lPB��y^QpFž5�\3vtu|�z|ʾV|]~�@>E;,B/�0���DD�,@OG.#ٝ~ֈ��eJ[n�䛅E,� Ay4/-�Zt)RqAYd9�eN�I?Ǘ$e
j��z�iֹ�ݤw�Ѓ(?ܵYkX�1vcST\tuxHة�K;���H�>�U�L[PU{eV-�CM$��i~j��1+ݫ�CBHycc�݈r\�H`h^FWm�]_%c7FB�A J��|�pqmd8/:ƥ�@Nx[Ɨ�WY�Df2�*�;)B�O��%T cgkM0!-[7���>*0]}tPD˹��4� K�S#mȒ�$f@01�CD(JB�K�e^@vp0ؘ�غd�:Ƌ��GDiܣHTla6�5�J6pg`��K{�O߱�`�>e.��o�Ay3<�ٹl6uP>
$QNjBb*΄*%H?Wpk)�6y3dgΣ-᳤(+2SٵVo��5r)gPz�- PsA�aL`HUV�}s9�Wa��8�q6�=7�ED_,@�[��S(��Pγ8ڝ�_GH
zdBϝ2G%@�W&}1��AԝꅴUKW/_Q!v<'�ϿzkV#BN��$$-[ .nb+A�5�_%?x3Hx�ti3svdI�k�7e]ikF�Ϥ֠ϯn7<$|�3Fў&A&sx�£�hm篷1�9�<~6LGBbo:sl\nߵAa;R%�_M3ȶ%cܸ�fDU�
`ڈ-}u��֟m[�*ϒضVp�x��0y
pԵ)E
X
�2l�[7�LL7j;5��r1qm��1�,!]@M}j�5?U1i/{K[��vsbw+�ƨR$pjky�͞dg��hyC��kDXR�sHE"j��{�9^�sM�
CCE乧F��H�kAO�`o2�u�+UJ4iU⿋!�
6lfr5z�`&�I==�).y�]Y2ul_V0n��;k#q:+J:yi~O>�%TGel{OK�LNN%.��&;2vmr., �~⤻�� X+?yx>v$7�V#9=Q�pQjѣ]Q��\�-M�Z�4�t�/yS2 z|*�JBqv~Z�_Rmdt�*K"v#pZyE)�#�#�x�y߶ImBЖf�ytT̂��H؏t�|2.[j
-;i�tvEm�;�##s쭲/T=L6^�_2=l��SOU'2�Ǜ�z>�_�e
~jr�HHu;�7j�Uƨq&Y�xӢ/Α<�=x9k}&<�7f�FKTU�|3aL�7x�tޛh�Цu
���f^A,�1�o1VB!
Rdno�SѺDE/i^Єe:�8N}d��%p���
5�*��@%f*$/.>m�\7�!.R7;dq(�9Ǽ�"ۭ;JvETlc
ˣqdq��lT=�Sn�0'y6DA�'FgnT�bA0o+�mIM,p3[�|�AGhm�e0*35'0�)Z�TC�]}S:�NV �1 S SVH��?
n�A,w~H ^@|J"c.{6K>c\z{)E�i{�H��*.c�D\0_`᧐��{\jEy�iaI}C҅B�Em+\t�%ZR#HD|�n.ݎ�CIqY.'� �]J�a�Nx6W
OL�@Ʈ�&�ݮM
WbB��]m�̉b)�5n�m4
w2qa<%vD B;�F�"�'߯9^3QF+�}�dM6��ۦ�ΐE&x}.ހԯ�s4_#teYY"1)U+s�1ziM00j/a���
6�-�s���ٝ
%#�9\.�T\@(�K�D?X5PX�Y!
.�(q{Ko��,ZΆ[ ��a.̍h�_�mDc0�Ό�~eX&E�Yl6?J�ìgL|�%ۊ)uZz`=�!mz"$tW[<��]���Lw\̃�UR
��Hw-R?#^���`7^�* %unp\Y7Vz~M��x (}��z�dNwWIyX -ɷy]0)_��m���@2#���1ii|0h�bO.tӅDпoPE:XcױI�Q)|[��+R��
؉��W{"iINUm_A�� �hMvK�F�c;hb�ͣ,VpJ�
Q湴,�h��D�-"Q-陿ės8K! & gdpT�]yp{|L��?[��cp%��v�kfAa�7o m��Gjbq5iąN?`LŹZ�D�,)4߸Q�0A۩B�E�2hSC{݆37\Qр�NHpqJ�;NϤ^u"�(B0I�Ѝ�t�S"�~!D��9=ٜYrCyV,aqW~��G�/.pX�H�l
NV=N�_1cλH���.c9K�UU~x`�A>)s!z�Z2!ԅ K�4XL^�g>SQ16Zi�~QGz�^Z140X&��>g��M�z+t>H#H'�?��>⎄/J�(`fq�O�$�Dt1!v|_@�4#Z~�O=xܢ�pR�N�of}M݃]Ta,y۠:"��e{&)M;k*R��\?@��c
YN��c,#2(${K7_F>]�8{n�eRk �ZJ�ՏtXD��@Pٖʊq+qԻDtYiJ�D8�J�
Qˈj0B�4�(j$b[`_Qȍ?]8�
czx!@@rCoG�!:}7�= J\ud2L{i>%u�&�+?<(/I�
� "!�GxWt�::e�O3c��eN��e㬚c�;N�/�`QA�OW��2c�?e_�j-zfC[_�#d@=O�v-o_*忒cfV�V��bB�%1-~@].��
��$P.�("�[P��7J�!8õDى��n�t��,u�-��g��
x~89#�X,�W�'Pw2{_]+t3@=�13���0C!�MR��̵Qh9&�,�ZB
C6P�d/�%"��t WN9dͿ\U0ZY�P!�65GquC�R��O��l1DF;Ux�=2k{zGNfW֣Lь�um����<�o^�3TJ�FX�+X�DkE:pBr�hF��(��K2�LP�e��r,�d��E F2��
�Uu)o�'ޓ�0<]m1Iߡ"@�;Cy(�G(Rq�r)�I6@���
-ԓB3�":9%l_?dR:t �Kj�fRXV7�b̢0٘�"%ߔ!!ًs?Aw��
JiRD!.MA.�O|cݼ`{vĹLJ�VRHCɧkQ)"BbT9ybʜPCۛR�DS3�*ᵈɏ%@]aGZ$$,bm�~It�wg� Ap�nX1%�`g���z/bɒ�S$i
tG`+�"�ݨ+]79%R)y*+�o<�O1�ze��WV�&ܶ)1�]�Ū\jNշ0�i�;�
+MU)�b�eԩؒ|fyȂ= �GN~X^b'��<�INE p{ߠ`F+~4��31T�P�(�WX�y70�$�?!{3hR�a&h;^�BlG~�*gUwiff����`:=k�z@ �\)�7?xk?�2�E➆A�~���|Kn2^Z%D~F>XQw�
ΆCTGl�¢tQ�K*x:P&w( �Dh-CJ@T3cUj�u�h~:�):
�xΦȊF}b+jg�È饋Pq.=F<W� _PӍ�~FUS�5>=S51KXϯ��!b�U
�-]�{�0�Wgw���?v�U�7-Zs1^1܉2n@r(�V|J0*hrԞ/B��W�O@8�$]cVK���?�i�JDνPJG[�:7x$!ӓ9e�%�FH�tODKMFe4LVz�JWΉyhL]gX%=JE�T��%-�o�m5�3ˆ9mJZ�?)nȆJ8tAVL�l^%~~QTG�d'j7��X<�/~�%��(L
Z(k^2T H�-+P`�iɀu~]IJQ�%۵X�8�+h�ěɴ��+'LC&
44DH#��r%�QIϹ^w��¾|h3+E�OC1�\�rҟWT.Gq
Y�z>ސ�{yp3�) M
%jB�T#[u^�-0Yq3M%sZ0U&?�Mb{^͜`i&Kv[x֠2aؤ�>Յs0, ].ב_�SdUbs+Ʌ(S-�@ :>֗bt{*)ņb4w
љ�Ss#yS=k� q�{KGdJC�*w�H�4`~�q:s̟���q�8�`WGUW62,&"ť
�F%:4{i֬;r�S�cs�b:�n��m_C33 a2i.�U�@�{bϡ�Az5sN94�uF$8y]̀tZ$ę!�(��|^fLՄx�}�Z�۞i<�uuD�W!�Dͭѝ���QA]ߠ+"3WP"ɾ5a
hԿpR{pB���2wB�*@�{&[uR�K
VfB?mT֙HR�40aMQ"+e�&s(J�O%zXҴ|F2�j?y1O�犜 z�o�9O>7\ĒtIw\KI��HB:Ku�D�}:﵁��QsH<@�^�xO7��MG�V]'?yJ"[9nD-��ÕD~0ua"�ŴP�=G�V�RA5
}&){k_Tډ|S$�jg]^�pg߄7N]`�O2ZT�6P}7l!!ѿrB�<FȅwQ
�!{)��dM}0�E$Y4V�!ȚZ�G?ք) \aC韨ljr
�F#JK<=7JV\q:�_�:�-�)aj�Rr�"åE�݅GF[�%�Zyoc`�A9��x3}YI=�r�¢ZRnfhm
kFbC�c,sIhc�.
*14�1_BwS_�Z"c'O>�N��2rTQl{5z"nU�ah�B�U,SexL�}:�J1R�3c�Nk۹FW�]rO'wnNiOd$+g ɸ!�""*kS¼иKg<|,��n=����!4V1~<�oN�H@u
v2�!�?�s9]qAYɎN7*+�̡tS� �6U�K&wS|yaw&�eѝ�as,
��*E �pt;|q洭�b/sQxU�~ƷXU�h \phL^80o�Ŧ�pP8 �1tB��M'U!#�`ܝ:a�@[[f*M�ɝvtFBT7I_�qM�G����q�R�m
Ttό�89=t AӨZ](���i|=+J�N�<$gAK��"�y:���0dg<݅_�2�p�(X$s|yG
ކ^.on- Μ{r@ai'9Կ1`�X2?+F�aC驎�0��6�6��&],$>GO}x�`mVJ�\deءA[Lpgt96tj$}Q/Y1Ra@�䂣�%x#�l�5IeK$9?-0KAʹjV긶>4/3qm4\d
)�/�BX#�Ƈsrhk+XGM4q>c
v,~��B3�<,;Yl�$
�r~YP[_|:^I�96E܀6��Kok� ~��y/s3Bśm#���}1DSù1İ��~6P�P�`&���$ܰ��
Fr�H
3)%@;ݱCs@&vM�_(�6.lfp��/Y�O&v�|80.V;��Ϙ:%vr����)`yU14gF0�ЭuhTL��k@p��o-?G2e\F%`%>qC�U�!"5?r?�Pa@g~OA�9T%E-$Jۣ��g`U:6��(m[0hfR`t^xfxvGEY���:^{�TYtڷ[�9Cw�Nf��)0wV�zB,Ff�ʵC7&u1t`I/pdHm+PwN?2�6lZ�-u��b~w�g>0�}S2W9�Tk�;:�:6ueVs*з|L[}�9۞Sf���Z5Xy@m_,OߚO,m�&NN����}d].V�re#KePTl8\�G#�ϒ(L�X3;@�
XLjDy'P�;~_�CC!�qz6ű\/$ņw��ǶT4f
iɲ0E�74V��x�]"}\9D3��N(�jy*s0;dr_9,;JX^˩5xG�s�
i�l>��?� 5
d+;ranƇ�A\�ك]|r���[ify`M^^u>ʅ',18!E;jM>��:cvjb2�ф!HϔK"�0Kb�SH �'AB))sǗ+.r�}��U̔vsN
Av�E渲x2a%�'k>^n��qR+$fe�h=S~�HPrs���G>+09gN/vÌ%5�?h0]kL-z�(;M1�D_Y0(uڵAF�ϱ'Pr�^)?�eL%�ۄg*Zsx�Yv<.<ݰ}Ս.��鵷k�qDq$�x!D7:h*u�>E�t/Pl�^~y*�=k>AL{�) i0&;�7�Sv��}�^#�ו�T3�h��ѵ gJ�eb)-�l3�U97`���/P6b&�NT��1rgJE4&'�\o;�<�e�Է -{0DFT+@z#��˄HSQ^�3�{e|�,��&�D�R.Np:zGq6H6�F;o�kRүf~�s`|͏����2��Af^AY�A��jHBf2ŭ[=�=^@=uoC�jvW
���0qDr\M��d�7��a�y;-��M6��s 1,��Phgw�!~[]~@hlCD=qS[r�CO�i$ͻ/2LmDyHO%�h�Z��hPp@u�mU��h��R|6
ۇJ|��'����-x�iWWv#�[ɾ죎q�ebj,1�oݛ�2{[Eof"\e[`J�םmw�1;�Ǿ�ʣ=1[Bc�"XE$+!p�b#:`}ۗ�j1@8[\mrOa.N��Y$��N�X0H�Z��Y=��p�Ӿ1#M��
@z^�ww6eΏA"H���(�"�$a<1eSl2DLa9�Bo]c3U3լn�Z�-$p��src8% *τS}u<�#l�*Juڋk1�ɦ���^}jO[{�`F]4�K��K,2C-OeV3hsc#CIOBnD�s��[`�q멉^�PB�3t[�8/� ln):s$`�2Ʈ(%3
5�KJRd˅�[<
`diuWT|d,�p>gfʳΥUL�}��kyW2fPL3]Q`rP}rR3f*#�siyjp� oSj�MTQGбÇOt�35h9Ƿ߫�N�&UK{з,7\N��s_=Zf4$y:;!*'q=yi@ğ��V��)I�-*EwC�?y1�Z�ò^"SMhb)!jvGsR�8u�7Ŏ#�KuW$lCihf8r7U6SjD:bVy�N'R�Ycr!S÷q�j;i�g'�Ep�0m��Tx5G�a
XJ[�ht2'/�J܆eH2�ΖI�\xkI�wQ^箂:82d�▎�{3!�%9�L�W3B�D�0�}t�P|jOe��C(u`WV�Yɪ*!�'+�]+W]ŧ^'0/\�b��Kn~t\En?N]�\��<�T.ʱ����'k�K6:R/K?>*��|Ӕ#bȱ'ps24wNFN.6$:f�;���NyTK%5����e;5|n�a#�nѝ!�/3燋
!�KV#$� jqB&)냀�^C<$t79¶O4�]v@#pUĖ�N1��.( ]pGo.�F�4_ ɔ\.w,h+�1 RYyD�~q:HŴ\�^�K'#���&7)D6q'�o.e3x�J*X�>:� MåҩQL�؎UWD3M24�DSO[�\�{_2���-���yH77b�NK^$Tϋv&T"O&r~8Ց�?�Ap_� �a.{X.K5|aߓh]; F9�ib�U��C>țkk=7!D|UْpKO.M!o��"}:=��УS����Gh��NPZ$ _�C. v�&��TA<��BD�wg !�`FEEGmh`j�`A�Gߒ;zS�.1�њ%��`^��SK�NQ
/�aRK'hW�T�F�?}
\9W��HKٖ31wn�)H���-\x�(+Z�st,%oC8+�¨s�ԎGb�3XI�vM8=W�%�NAѧ���߱2yn��ᦇ
lb u#KDP6Iy<)��gJ�e�=Y9pˊ-��*L�k�rxBȯR��"wט�4P)�MT�a�#�
H�l}�jT��k� �1�'ʹ/���V�`�b�͂M�2.:=T�%BqcGӟ�"F�j~'g's7244yTVQ�!XtgN�h�}�X��'Ѐ�"INl
�{�BSW(P2/~cr~����
��Y�T��M�l_w50e� Zmn.�1E0Cs~BkT ��6
�j�ާ"4�rK-�=Ӕ�5扸M5�e%/z,�"xd\E�XNTH<�c8�xX_
%mO_0j"7bMhʹ.OW�ϐ5kQdRJC6��a~x'I�WeBcSh͇}yܪ̈́ZQZ�O�qJuٸ\ }d]��Βő���3
�dMJS0]Q]䅣�zr:\0o�S�O !t_H�C�O�>Z�1wd������d
0]e-}� (oBX�+K`Oa5�+F�7� :O>uͧLm�γ\.Au�\{p-L"ⷥ�86B�~YqIyq#*�O5"&%IwO
cx;H,~DH /^?yEs><�ݧc$]ٮ�W^\x+�C�y A�nbZԑϽ{]�-�\�5J9zA
F
Ѣ�v�:ɮO,kؐe<(LǟҥjoJ*<8<^l�R۵м=o���w֛yy'} Lm`V[y�,D�V+W (ZFbXgv.E��u}F8�Ao.v�rؼ
A?%~8IEmAGZS~Y�L2<3,/�s� O�y�B|-1�"��*Rm�蕻 h+Co7;I WlB?��XDyV1�Φ. r�m3HOQDȍ\J<��w3x=�뺺pqc5�PƧ1�֧vB{�mMn��"�!lVQE(Ϟ={d�@ɜ�5 5
� n�$�tEGz}E=���aB)r
;��:i@.cVJ`�g��F8$uK69-T�1�[�~a�Xs��t[�*ɳN+F�w�:�&�Lร^P2
(Im^b2T?Ok:g{E~
lQL]X�yʣI@d,�ѮA�064&�eBs@q!U�ok�MN�(OTX^8��>�.#S岢²�
��}]r_@@�ݱf�~VOM.iM
@�t�K�u2Ґ)��fJ"S�q���*Hg�2FGl.x�E٧_$+Zs0mÀPdS:�J]�I&0�Fg 7hwn�zо{�iNK�I2�I {��:"A.J*?�Yj�,Tcl*�2ho}6w0,�ۊ�(0p�*ykHJܜIbrG9y�BmS${땇2唇�ЏW�0�,/0eŻC�%:�zk=I��b/�?d��U��4,HHA(Af8�bX�ŋ,�#hs$�J�r{Wo:2F3�H�Qs˧O(�CV
SZŬ%L[�7J�o8i��sj��{`9ZMes �B{y6]$qd.TQ�GϦIfF�ŀaDFf7�"�A����]5't]#eqBμ�o[9�'�YM�T�Є�-D
XrHLyĮ4�}Ys�&t`fB-BAf5�P$W`�0e���\ԩ%�=�%2�7�v8¥!��7mE�ZRba� Ny�6AGL+s+6FG$>$MiiPaR��E^�y�p�~)cxN*zV�qE,H5߁O- +6j�.3�5DRw��LpXu{$n�x�Y#�|ӨQmQ�D'gM�v/�l_w%[ZG @@*K036nV �֍|V%殆rD�/\/2vC�o��7�KR;��m;�,K%ݘ�xxFXJ�g�9!w6&"�IAUi%IXw�/.G
1�p����#.M$7ǬLL#
͏mb��:ؙBDʯEFnH�6M]�h�%H��*8j[l�м؆�G#:DvrZp4gd@g�*Kӌ(�96/bG&]R9U�#�R;t
ڱO=�Hq
S�o !⑧Ѩ @�ٺE9=�fr�T^Ho4(�ryȉ�Gp'�@���\0:%:oDN�Q��p y)T�#
/5rV>Q$�qzF-O&ʈ{Ԡhө];p{IS�Z5
'8R~Bb�^��
WG�9D��H�~yS��5]^eE�(Ǭ7ycV0Mc6zX8p"Vv@}�)�T4M{�,�A=A7^eA"��ufqg幏F)\au��eS:
j߯ԹL��µ!˃�U�
(ww�w�=^_q?�` �e�/J#J'H?+�Ͻ&�~��ylقLk�\fr���;ḑ�M\l��ax5Һ^�Ry/ksXG>���q�ؖT���{O�Nb�(��-ڡupU$Ϊ>�/W�
_'Ҡ�R>^syw�$�20ԃj%�Cqcf\E�1o�Vn@�Bu�bGNsrꏣR�h�uz��)^4'kf[wDR#(˓Sl�T%ἓRY0(SFs+ҘΖ(E`Xx�ǟُq}+D;߱˛~_oFx%|%56W3�1}ZvCB-F"t7�1Rǀ�xma:�U2eHK_\q�Q��Jb&@#9+A�B WZ8a۱v�;�3ܜp!�T
v�3)�20
ȬԊcܗ���[?�=,1C�Z>9h80i�u^[��zWkŬ69͠� �ҥׁ\�74u[�>vP�7&o�
j��NrɊr佟l1f"RgiS.}�1.){}U�mv*z9�`�
M#�0M~;�ᕶO_gI5]��*�2l��--8ɠ�|�e] 1P0l>r��<% Ǝ"]x�g[5i�D�Ҡy�� ��C 3*%x)p�[pT}O�^O�\6I+��:se'!/o
� �_eoS/�kEI�mW4�K�_^�L&JD)-*W52ZA\�a��d�G�ah#J\}q��tA
"��+^}
�/]�u_<²
�ISm�$ΖSArj�`S��i(b%�Rc;%Q��d��XJ?�>+4$o(ϕ!pt�B&
^}Dϒn))���,rx�}J�"豈�H"<2���F�)�n~~f*-Tlt��L5�Dj5�*s� ?�wO[(ĭP9J,q_r@:L/i&�HŮe-r.�3~8DZ2+U�Ԟ,�#ʥ[[�ǹ9f5]Y/h�T%�~9.�D�.�R�S��%OMq̭W״�EfS�A.$!��Bb�0PQo#�~�BdB�aejcyzFwsDh?Q�A܉K�ϰ5OQ#gw�A%L; k4)oo=4�ъ"2b@ Q S�E;�WO^�##F=�Kk)�M}��-T/xQZ
t"�e`L:+q��aquRy1�*��u�aG�ljY��¹/~It
�\`fsK�
N*�hWRb�5�<$2Zy��ʔpkeP�"J&jL/A�Dit r�m��٤�r[+$�<�6`{N^�ZV2B`�ވ'��E ɴBـf_F��jl%rT�`aUnOZ�È!҈�(9 o}/h3m6t*d ]�!]v$O2&�뇳
ii0B Xk�s2K�U)՜TGiXdN7KH%/Pwlg殹e%tJӘ�@)Џw4k>Ȕ3t?U�*^WaMJw=E�$�zȵj�C�Js��h�#)Wb2z|<]�͈ߘ6$w&\<�@>2��x* V>;ם5ӏ�ɬGO6�B!%ꕾ��S �ȃ4���".�'�>+;u{=Y6㣙A2Č1*`grEa|R�2s�4�[{�w�Lxm��^P8���,K*IT��=��Ԃ�D��\@_�m�*kn[j��<\@d.1lABf}�d Ѱ�k_g�Jh/k}{u8P��YbgǠ 7c�p�o�ۤDx8ht^@(�&)�aއpK=y&Ij騖cpn2Nea�L��m'Lxpp��a+� ػhR(q6)Uni &d`Œ�;ۙ#yX-kB�sZ�i,�>8P�DŽMYv?l5�ytM\��N�ES~6*ClFr�}FO��T`ӭ�S�Q�S8۽U,fnڲ��u�PDZ+E�>��*'/���k~=1��cG9uQ$Gm�]�G��M-e>\D$�nD�I�b9�To�DS�iț0k
J2�X븣l{OyfN&vMtaڷKM �7"njl�jfҤ\$�uҝE+��IN��0S���
=r4{|Xc�{Zl�bw��;DԨkl7t�ϼ%�K�(:iaJ� {uH%?z"DHZmbiw!rc~"Lf�6shОV/MU�3�K\ �
@-mӫ̲v��4U\ZS*S �"K单�b�V~-ͬ��+z;=�kfҤ�wY1ks<�)_Ks.ᷯrI%}$JL�ci�|W�\E"R��9�$r��P;Gs&ͰP*@oHm��� rQ^dC�ڔ+Udj")��8$y�PD��1^P�߹p@?- MptuO�4apH��wt,ͷk>\!Y�GeZLr��F�x;:fV>�K,?G���نÇ9zK~D\_fe5�T\߳���3�4~j4?�E2%>`B?e�8U�sx!QH~`b�V
OOu���IU�C�-Wu��F
m�x�~oϊ�=q��#�nC.Ɇ[ߥq�qH�
/�FMZ�]��g2�a{WxtBMaξoġ�(F3MGkP�� ��cO8Wq̨�ǵ3T1d#s4WJ2}WʮXHS |��0=�Q /dKFbת��I#�X(�讪Èe�Ԍ*S�Cmbb�o7u#!�.�}}��Z�Tx.5�2X��/�_۾}a�Jq`?I
��Z�`Wx ]^ҡNޫ"pt!_�J22JQPwj��?7SF Wo�AX
V�t˗$i`W&ћc �Z*[RṈ]9?٘.@֬-_@�$g�|K�U[�Z((�Hx�G�Y}aK K:dvQJ\yhYjZKO�s7�Xǭ!~bvD##5*5m�;2ܽ�Zx
.3BwTǘ3��(`bl*>2�l�{(pM�3K�"1!#r�O_�58#GV�),<
=+1 #mS/h�<`s |�bq+w\^|MyEk�zN'gN[@!y?5�w�sO#�]`�UE鄈d?Nfs~7�C-6 B>՟)ɔ��ޣ�O1M+*ګzOviL<��?܁C1駌t�IۢYǩ�ӛG+XRM;�
A�k8��%}P] /�O^B/$52}p1j3�00�1o�r�x7״K}�WVCfεA?klM�`ၖ(Osrux�ڝ t�2Y�PDepޕ#'�4�4[�14'0=TW�L�e��y�ݷE$rw$'�)P"�C]#T�fJ*9ۋ�cp.QF.CI�GT&F=� MmC�U�|/?ro��k�sm�tt��#Z�q'X"=���Q^DKU;O@�bP_�8
u˗eyh73m歓�r��_bj�X3%�tVV٩nrm_ �g6s88qhţ�EQ}LN_�u�m��¼o(�'��z8rbZn̹ҤX2*wrj]Gp��WpX�J8i5&հC|^ejueL4�)�D,po=:WB�dmNQ
l�A��@��/�iءQ[Zƍ_J݂q8j��CKepu:%=&gJ_wHpܞ3O�סL�R9l9�aq%S +
$ǯ�?�};bۿw
E*TL;cdnB?dFgaO,٣�M3>�6jJ���
6�SWy�Lԁ`.�z>���j[I]%�/C[{v{ic7`JAM =,�8tz �ʐJ�J?|�t�"V�T ]&CδRTT'&5ZH5��'�ڷy"B�&��AËD?ȭ}^5L^
n��x
8@n|GG�N�@�
��g�rQ)eO)aB�l㙋Ȃ*)=�kͬ'[�VtäE$2IJ�F�R }W�&i�v�x'/%'K#R씵v.~&呍xKS>�֊&hLck��Ȉ+l/KS��gn�E�SScdjb媪Txڼ,MmZxE7?DqI&~`_A=Ká>GؘŐ��0R��w6fSYڴu1�ǧ.Y$�\F(S�[bŻ���T)�:i9}"sрy7fdX�_ �xy)�]�Y4�nWeo(Qjc�_ �³�d �K[5V�K���C[O*~z6Q"B7ӿmm�?C2|Zb)8,o*y?+OBl�dbTӨQ!G�Jgd�y-��wqums&+�WTOc0k-̮RKa�x�W+��c)rwB$o.t�T/(Mߩؘ�nq�kxiTqxA>r�(ŭ礛,>A2Di!�i{!"Zb_0
k�N7Y.ׄ��ʃHPbN/L+Аo�T�h<|7g�E��D�o>�PqZR뎉?-
Rg�nNI0I��]��ްfMe�ұNлVI�7�т�1yESȯm\�mXL3�+9�_C�U�C�4Y(>Ӵ"+q=��%�g?8>L
UISfΖ]�)1Rsoe0�R)R�X��c�ĥ�"�yk<�(�4)`B�$����NQlȦr�[�ڲ��@|1*}��ˮ@o{]�N5�Fxa�ŚyK�,��insۊE?nwc�8%jsl�g}�
�b�~�
l8ղ�&4a^�7��/��*9uX9ݢq�g/u<��Ndj�],|�O%#m9�6�cGbeRX,t0�$���F?N��ai˿#ԵIEg8�fPR_J)����~2{\VJ��'��1%B%:ֻU{:j�kph%g
2,FG��7,=�| }lU-A'EO�
gլZˍ�8eM`FKhw��$pBB��~<.�=��=kY�5�]�q^6�@7Z_+<�;q/&
]רfoƿeD�? IV�XԸx'z[d��: i$�el�t&=|}i'zA15O7<�Zb�fŚXdUy�x�D
iq]aeU+�ߖoh��Aa-1�,E<=�H�a*B�Kg�:T�#���R*`fוYU��:դ9Ăx���#LM{�2<�(@�oAO�_A��X�_~W�ҳ?�E�_�q�Cd1'� �r��Z}�a(ׂQj�i�Ml�k�
ASg!s"�N�
Y. ۙW3R�d0�n@1�%/'P��YȊ\(۶�jdVx�-�&h�H�tPo�Lr^ߵ:Zoǁ1c
4ͺ-a�TI{ wx]�U둥�}4
%l%LO0�Q{�5مB#-@�=)O�&[�ؠ0TG[ׄs�Dip酺j"�C-2˪ 71ˢͯ�n�t~w������R h)�K^~[S{V/NKT*y[H�)aCjޞ5yn1߸G�?zLF�ݯur�!9bwn0$`}�$_%y�ӣ6D�Qғlm�(�x8rL
r\1Ц�DHr
<�@h6�XuϲqVެ_tR��l��zg,WR�y�zoڰXj*0m:�s*5|��+c�^Aq+|[E."�AgKl=G@�{ȩ.?_K�p:
$*��6hԚC2x/S~F|�m7Y9Mj�ht:�?�Q�nG�&*1��@TT.W�̕|@N\2 F=.L���~7B l!RB�̠#o�R
�vԕ0'�CHۼ� $ιԼ/K}KĭM 'xw)Pj*E$�c"�;X�S8y�6�&xԻ�3�)_xQ�K_gGA|\��3/N%Mt
Q�-5Q+*�Irga,�ޖ�"~���;c']h1Gn4'`�H�)b�mD��br]��1�*"0
?[6Fg�|O��'!o~o�j˝_F�{��ўWjN@3 �(Wt�X&!'�
K�RLr�l1\txT(��uA �9�ؚ�D�p̟k/.[u]ufU\G:�8QC3\~|}4'}_Hu7V�jT9(��oFq՛ �%m{'в<�2{C�{V4��=X7$�*�RT^kȫh�ϗ1� e6ҤxW$JA-@T6�}Ĵ>zx#{u�q24c0P�p5Ipp��WM!Ғ7&�S��}�5�I'g|]C�_LK>s O-&ɬ[���|e蒆s;�#zP�9J3w>]%^M#e3SG&ú;QF^6��],x$yETԶEf¥Z>&�Z�o5K4a*i�j�jߙS�d' U�=yJ �ʥQ+��jo/)>�N07n��ATJ(=aʠķ�Џ7XO�zY�EҐ�V�Gd�j {V|!pHEq4̫�0N~\ei}�9*.��TbԮ�t's���z�qA
H;U�Dz]6wW<"҅95ƛ�:)|`�;(~�5j)&3�JC�j�پ
�M[H�cIx�w���$T6H�ӡL^*Uף�*�MtS��z_%FN5�{JӪ�ԋV
rP�Uqz� ++L%ԍ,�ٯUY+4P6׀NQ�%ѣDn"�HpE"˽.A ��$[X G,uL-JLxD{>ݳր��+B?GXgpښEH视x�TBXKÂI{R�=|u}Yq#Hr�/dy5��L96+���#ZK�J�tIףj8,Se$.wE@5�mk>XhO�6�5�o}unߪ:JI,Y�]f;7�f�MzU�͕���@�,d"��-njE}?l�Oj�ܸy�"z�O_���p`7�(=Fx��T�j�K)׃q�E�Ǭ57�T�SL�ӫYJv:kC^Ŏݻ�
H�7ip%:v�Vku��R��
iGjMJؒO|mlI0iӜ�Uk���ӄvrp?�'y{LS"dc>[v��$K�
**H{uwn=_lҥ�;��ѹ(�=ci<?
a*��l6[-(H2]T,�i�hū
! =ʇ,CYM
L(-n_o"��A�D|A[эA*qٽ*�H]Aرrv)V ZdtK��N\q�%Ic콡`��[2/�GWl�}C(
ϡڞMJP_^y?sz�Z%RnR�`3����2�����ib5x^�:�,�,��oKmaҵ2}*X t&LyU�R//4�k��j҆H'�62N����o1SN?j;jP+#�N�3C�lkЫ4qJ\>�/e}Q{7
�vOB1%ZV/4�09�˦Y`X= �쮇P~1D�[lj�fyڹL�p&MX�@hʟq~BP�-���_B2Bɒ~fA ,DJ��W�`82>y){1�=�^��3Z+d�eY�'c�7rl3�y�7M��m 57ТDWHqhC!cs@�D&"(*{O�f�Ax7�b>�Αչpx�ye4|�,Lf�9Dڠ�Hq[w%TCu-B(%��^<�uv�q0�tD0�x/xoW,<�����SiuPx~&SMAXQQdE�7�`&�~S{c!��_f�H�:_sǔ�\eϖڥ14
ܝ�Ec@
��|M�
89Y{ɠt�Cb'�3}m=hi9Ps�
#����-ʁ�s�`|V*e$w{�scuK6Q3c��E>
J�mP)6�#}�hIǠ85���:7n=tBi|{3�9$g/ʱ�i͵�t�0\v��c xY7uŇ��D?C�a]%oc(ʍ��k�;>8$ضhw*��r88i#�H�"�
~Q8�}2HeLZڱ�$�=�Y\T]#[2ILUJ�(sk@F!J]��,^*^RoA)�@f�*ZuEO P$��)(.Gޘǰ�~n.�{)�>�pD���ϼ�pM3XZWZB"kCl:q>��͍��&|���h.pu(M�to��vBw ե�}?S��:x)ª,^=H*L/�/C�vK�ʔtGznPet�Jؔ�DCKO(�Y(6-ٓSU3�6�g���2sJdɶ`�Hbl�e3еB"�۳Z�70JL�FD,NӊQENCYG�us]vs��A_n�aD]�TM9���,P��u�@�sH��i'S�cjWtI'$qF��hv�fہ2~FA�i� x(m)űFP龯�见1 ][y�}":15F�2*Hm�%'i�ذF{C�ȣ?
2
n�4ID��v8�=yW(n
6p!aWd.oP%�5Rw�WlXKYy:BOQ!]u�@ &#˓D7�)DT`ͯƍ?Dp�hE՛%�ԅ4�f��q�m/KgOɏ?TloE͉J�'s��S.$DUV��+z8�۫y["QϬ:�ml���Zw=�=g�,�뷹%/g<ݪ@n��vZEDw]c[6|M-u�o?G�̏ԭ�yqO�vK@vҜa,C�fԝE18S~InnB�
Ce۔@<;��c?)�Nf">i�� �� _4sw�&:hE:�8"ql�>Ho)�◑ldд_f*|��3:2U4\c
1ԯùY/@dВKs:X�r+�Io|{D6�y���o)#@(ذw5"Z1�[;co9cv�)mU\w"~s��-C=��T2Cg�>�oT=GC"@� �VzǑD43k3~X��HL�WcC[}ƖQCqG;v< V*b��>�#aK��S�g5B"LP��7>M�Zc�?kFq���(G�ϜU",PU#u#^�9��
HR
+ԉ◈FwS2\Z N6 a#:&oǮ-)�?i*˯ĜEW|�
/8~($��XsK/۱5]�쭰:|GAo
Dت;R@�rMzL��*��%�>ޏn�C5~Icy
Y�+_q|rGZ'K��K&'=`|6V:T mgh_xoz'�+m Ytc��%
8S5�S#1u�I8Ob̘s@)v*6hw����Y]y,6pZ#�fGZ'T+"!�o�5~Ywt�EV8�ZG]x5Y"<럔Rbg\g�T++h�Ԩ�zk蚞 A(rTPӽPB�B�(L_�g�a�5wl/J+>�HpV>Ol$�oЌTS*L+�}:S>ߒ %QF_ ꚋ�*T�JT9i�Y.g]P�uD,wmZw0W?�v(!�M-Vr!�N"�z2�pE�ޯl�6�/�
0���R*M�<���Bp9ExJ@��̘�WQ��\�Z4�89��
'wHEnFF?s)q�0�re4^"eM8� wŲ+%�/gg?�qn|l=K�AgK�S�XNy�|��<'m�?ΑM\�Q/�(zt��^��9�/�3���7~:C"M#Q
�lN(E b;�B�p�\$XZ�<,ĩ��Xgw�u?1ro �DF;�sS�?ߗ/ڨ/`.I5Q�7�:
-?5�dC VPT: m>6q˶�XC�V%5�C2�vL2�d[p(F-2Qed�E}@dyjϠ:!!mIp$gGY
?ބ�~�PU��nuq�Iέ
%�Jܱ*b*�4W�Ej2�,Q�R;�'<">%Sc�^&f̫��� �kEH6H-%"OߌzMGɵ먉
X+]�$fI�-~x?�{%A\Nw�១N"ˮ>naRX
jqzNʓD-JR��_ڣ2`�T8�q{Qsܖ�6��nWW~(yh7�L�7lEKP旝ryG$^UxW7
>r?�uo^56WǤ(qu�*e��+"D^80ʎ6j�p_�F�*ꆄ@X6�3�֭ҏNnh�.4nU�*�&KFo- ��1>(/�K.g&uf;˘k!Q
K0g
縋Ë�`&�T�V���ʰ9`-�:Ix�'��v$_�( �}\(i�]5Nuum�qo�q#˝?V3�#jj2Iw�ܺUg[G�2��
k/vs=u���zGn��c~�\2>wb;\1!4opkz �x�3TbLOL�Uٟ;�ƽ�S?cvl�C�
;U�j m؇֟t*
;4���~\W�Y. S�+ #9�{&�+% �OGב2F^t;gQcRY_ם&jRr~6o�G�t/Xko+�R~vÐ�ʘT�.٭s,հg��v�J�'dW��/!|eT]�+�&h9d���d.b�&dtKruP�Pm�)0�w-t+�يR�&EVT�V9{/snzMl�/^Z��߹n3^F$^��:B�aZLr>j*�x7W�)n~} SV�)O�w/t4z@C2��m߷(qgEs_2]~MIJLܓd^*�V��pTǦ@Վ1^xhw8צYR��
2prA�QV�\k]s�7a�XڽFE;N_mQU2�D=�,V5i]aEi%G,z=bMٲWN�u��m[b|z2Rx&�n:�=\�7qѼ;0J�`8+�rTW^��TŀA#$mfEպm>`"�Hȋ��g*a\`l"pmy4OW%_�$N,sȻ*܊+m,v6�SH8
9CU4�9a�R�~č+J6��2@wԠ1z��buM_7 c�o�H�!5v=G�G+�+ݴfe<9�P{�DK�rTr��{6KҸGzJbyVBn*tY3]�d� &\XMf�_;z:IoSEgx\~o"L{(z&>sK�YH{9�]yJ:%s-}
nU(�b*f,@ AxcOv,N��Q0%-inF8g)��{]$�Q�Ђ8BT bPR��2l��Τy�i�ac[@vb��.C|M�YEajcw@jP�+/�2[db�E� �d�JS�.D$"3=�,v:dN�
y�4Ʉ%5͖{eJ��LQc#_q�m{9:�v,,
H��'~ (߁�xSp%�̛N��?���0
#�VT$>+ۼ5;s=VZ8>beohiM�yw�砖ol<kH06xUVl0p8:MBD)5��zi�m�'ui�u3ZA�@1�å�AgЊOJ9Y1?q�,<3[)ˮ6R}j>Mvؠ�m�a�&N�
|�wxl#p�x�rѐuR1�s��Iw�K@M.U��[,~G3<[۱%bљ�_OfT*מ9+EN��>q�;U)C:VP06Fr�Oa_h;Q�&ʟujZ
ޮ:R
F�8�pދ�o0֊{ҧ
�_u`j"+�'!S{-`�Yk9!kTF[Ȟ�=� ��Sn 2G^^8ڄת:�[>-Moզ�:�03lR%v��.<
�c!~U5iN2o$i]�)?�ڬrp�g`⼰Y8jp12-Eze#�;2 0+WA:崡�Pa:=6�V�a=ߣ2YR*>(B'>CMaxCp|Ŧ�ڵ4dxz+���P|?YO{�ch?��" �O;'=+'3colzI��?m]!9vVS�D�F��{ݜ����:
+�Qnt"#�TiDw��KOIzxvM2ʢ�?��m�C.Y0Q_F'v��7T�_4Q[�2PUGrJ�PK0Lފpe}!�u\.{
rL�nSiIM0!�~�z=du�p
n%7��6Q�V �d�K"(eɮvS0 kf#i 4�"M?�R�D�{D;|6L>C̟�l�6�3�]Kݴtfv"}{Њ�L�.oR.1/_9[�A}e�fK>�(JiT��2`|t�QOwlB:Y4J躂28�Gsif2==+H}�fؘ^04�LpF�;EQӗO2+��Q[Q�}=:(숢�^��_͔c9!4(
�ղw�)n7QM7Y
="Q���O�aڰpr��ѥ6fGG}Xt$&*�Gu�ᯄP���
"��zP�
��P4 aً%Uʣ�`�"�:�lqR9 o;$0xswg7a�9� 0�My"C7Z~S`�{Z*9iz.�8�? ��[B/NS�Ю�.L(d3/��L]o�-b:ӹ�Cӎ�[:-�j$̀�W[Nd9ӠG�)mF?�0
�k{/�`/L{]Y;_elܻ~�
7�q�V}rʘֶzaAThAy�Qq}��>
�$v1A�qEQ[�2w��T�~�����}L�^e+;%zK�;̶�Tq@%r+i:+f/na�7Rά �/W�w�� `�i@x>l1��'m8H���ӲMxU2@ +&a;��Bn\�g{Ub�xȑ`ğk:*A/~F9��b�pM��R~
9�v6�$Êխ)��['�c'حi�W9 RA9~�Xpx�}K`{=upŏ�ڵn9!>Nk�S/c��|�n6�|fh�跿�j3�fBDJ�kX]dq[ X,غH4g�둣[TGs7L,*[�4䚞>�7��#D#"Nb$;I 7n�jwg#@ 0��I+D#/E��=45H�FOgZ�É/yQsޱ�}o�z\Y{=�fz��L_H"��OkTSbzᏎjSh2y�D9��aXi݆*prf}C:
� ⦔�Gg�JCb!��4A+ĶC*P�aPS{ᰑdK,K<���'xg5*Þa�
uL~�v a o_ˈ-`2�^=�ӉN%g G�6*4���ˤ��~mX8�I�"I|c<1D��,�w� �ɦ
(SR�Ieԡ}N6J#@m
38�L7u!�_�&6['
+bM8@G'�;�WUTtuN>ƺ�3UN.�zՋc�S7�O�7>�FZ*z}�q
�V:E�.Q�
;TOi��è�Zue 7�
�PD��C�b~H�C�di�GrشK~&Ax�]86h@k]!k�>O16 ��`m���x5��\E,$(:K\IVF7(!hA2S�|l,\IέWS�Z�MF
�~O�P�
*o�j[e�y�M%tφLhleI��H駻]uMs&{9iZE9�\�&��Щ`p!vD^K'Z,'8|k�q
9"uacc\י�^�h]���Jy�{�ˬ(],NX |pٛΆfۑ.-5�8_�=�){3.j�x�t$u3u,t@�M<ϠÒ��Bk Bd�m� ~`�ϧB/��<�ySOʥ�A\ؒ診O31� q��X>"W�q=/�EoY�9L+n
3$�1S�Z
f-C)$)�
l`��}seē�m JZ�4o۔z4l�TϛT/�O>_rR��?C-6te(:w2�,�j�aՂ0 O�Wg�[�xq~a�>b�8i3ZTJv L[ET:�OW"Z\q7Gmtg7h39�iDyZ`z)\�+HEDv�e ,V�e4b�ħ�佚�ޡΠ7F�72,zcZˎ1< Fp�_7622~�Su�5���Xl�
N\#$G.�Y%k:푀9a#3r}Tt����j-iP�Sl�VK hǙ7vM]sJ�k|6!F�w/_dZy({OAcz33�#[~f& ]_��,
6�I'wd�7fa,+�m#H NJ
":C�Ԝ~*&,!�&\�EZ|=ɔb�v'|]״{Utwde�s-�N�"�E?�w}gSWEDܢU@�!wZ�S�";qWA⠻J>>Ѱ$q`檟@_Y~}0ŀh/=οn61&^ޝEK9Vе)Q!<9�ݐevX���1�zu�.14$�;6k_u'@|71-Ox Ұ��E�!Ce�\E�+PXvDXB�Fc"5,G�{9�=ȬQ�=+܇3o�5(���J�j? Z�
�w]zs1m^@ F|#MZP)D�9SW;��8-l 4ͮ-�.FW,i[;Bm 2i�f��
1w�(q_'��
gss�v(nri�ܽIQ`S6�OR�₁1{�1D�"�g7_W`$<]\*>�5K�x8ɐ|�
јʶ�c'_�
i� 5묵Ȱ9�cVȇ>!
O1`�I;a!�L\ݮŨIq!+!8H�C%s}`K�}1h!�[Z�\I�ߙ\�Vo�-,M�h(صo\X9�˦%-92YP�|z�>1~۩ib+.Qm* Cn9}m�r"'SBuC�?6=oJn7JBi~WÃ'��i;\{5�{ |;caH3�1�wE`B*�I�U ��ۼZ�@R=-�^�}-P�vM*V�42"$)d4dڄ%VMB쬥UK&1T�i��/wP�c3_�Q;X}�{KnMRQ6F�jD@t}�{�cbk,{3��l:fMD:�O꺸{@:P@D`HFTuoYgc��ⶰ�I8,sKhDt,PRB�@B&
߲�Jqcڒ�c~\$=Txhl�Cl�rq,�x+�̡��Ri>"a��]DK0fx!�Υ �\�lS�8Mܚ0#H
4D�}z(e8��Q�{aQ �CM� 'D>�`��/�Hy�HY�^���(s8*9;fdDYSg|��K���P'2U+Z}ZPr��M.&ws@�_;vFOF��pض�&?\�L.�r(W�>uTK~�?MUx �Ƌu;�{>��Zo"a�Y+NL�wMޜ!`ĭ=/͙�Ow�B�L�
,QBj
qK�{A�W Wي(�+f\@s^�$�t[�YrC9d4��\'c͖
�'aa4Bp*0.�M���si�cOG]V�
)I'1�/~p:�Gcb@r�+�qwޓ�:䬰6ua�c:��~�Ƶ;��
�|Cl>j��n`�?G�
�D�ܟ`̝f��WH��d�}N��̂$69$~jv�'�95,mJ!�"შIDmzU�7
4�uf#Ok7;���`�Cxa_0�5Z�f"Fqh=l,���>;PZS-0K�s,9�dK���_,ɽ{sʾ�\-cJa�8x�d�qcW9v>D4N
)gG��os
4Any7Å
ס ~R�};ZCBÛy1�]M���c+`j#o�@WzFmHаs2@/?�,�1>�j�Z^͆B�u� +�f[LI�0�~ ȣL34K�'!'BL�pv8^^˴NwQ8�0� SV�]5�_nd�9܃t ͯ׃-Qd�.^!���Q~H�:�~F�:Y#BQ!�)/.`BܲI:Kk6Wl5]
ä�W6"(w掸Tb4Cg�K
5o�aH�4DE�6_9�m\VWD�iqvYVf �ih�"sӼR5���^`
VQ�Sɚ:cG�X{Vq?juPpk�mj^�6ãf{̓ \Kos
y�.X`r��q8r��+�i�O��7�ҵYĪ[54$PH���qH3A7�=>~ib �nj%�r�� Vvx/,}\&���%Yc�DWPK^��Xc 6f���@L5�ޗ.k6l#�SGk)A�/=ߘҠ>=h:Z~+??5K$-1�CP��{o81g�VnU�s}Y:�ػ93&4f�(}(H�d8�w��$g�j=�[T�2]*%j�D "QwTsLb�NH"N¤�(14�[PFi5�
�0<��fWP`�YX�gv���K�B�LCy�3e�4�FV#Z�̘Z=#F�+�
vqƁni��%2VlmԤwh6"
5wt�m2^nx5OG쯈]<��I��#4CUYK@*͡G?|\�,V;%pbu6h&,�L�Yhgq�@>�qx>7K� sSw>�W3
f�:ώ7:sV)ܲl�vɲ`�.�ǝ�ޠ/8)4v;Jx�~
#v�7È :t^,S,R@s|#K��/Q15�yK�Ytщ��Gkk�pZyf�<08�%`�_ě C?�Z !
atׂK�_p㌍Do�"mݣ<Ɔ��?�u^�r^ƅq�7ދ�lШV{���d�l��)g>NP���zDJ�h
ƦP'S
7]W;��Uo6Y�>)m3@Kϑuo i0�u���=2�'x7]�qx,O~�zaRvŲ�e�rUYtBfQ�10Is@07EZ�pye!Xj<.z[/@[�Bn
e#]!�2.2?�͛�0J.S�\�"�em�Z�bc�^m /�& ��� bQރ7 I:Qs�4UO�*8�Qu{#Pι�\�K�7É�auo[yb�=d�v� M^}��n��"�m�ä%?LicF,�b5D>~EG4q gYbǏ�PI(k�8u��1.iϬK;
v��j�x'RIT
i2-gvScO,
��|eS]2"idn�� �LY�Q�S"&�xe=oetT0t<,$-Rec�?g�ODeZ�j]ȿr&~W�=:m,\]�W^��NˠDڽ�F��Q3)&>GI�-�4QqR*S4Y2Rsu�|(G�9�WG"Z�5�;2CQI��8�YX�W]Ijs~�o6t;TEϒ���1�)F<
ẶWrhn+kͶ"M�5;�~Na)d�0 ʓ�#鶨L��'lm:�ƕ@�E�^��Wì$>q({��?Am�$�3!{ @Oo 7]ДWb~�WOxJJ��SK!��&9GQa�.��j<^tu h~7q�2qzn�7u�
Bu;k e)q-D~ T߅1p�$ǁ%dA=&?DSV�hU�2TF9(@`�6ir�}r�� 4At� �bG.�
[�@~kBV*�WN陠���8H?ݰf>wfE`-�GR4rq{#U MJ?r�
!C4{�g>[��弫��a�reL2mU�l䉻H�:w: ZWѮ m
3xx��*t��p͆�HClf�xM!od|v�)3K&bi&kϻZ,u-VVcA3�ð��;v�Y� NV/l�m�}{(�z�>ff�ZO*r8Xc)2A)F&Uk1{�wi) ��k)RCHvC#?ˡ.�.��m9�S4ӞN!S�M'��Y![V~�<1�T$�s�r~Ɓ ��?';�{p�98�KY��
|-z�G
P"�f Ѡ<=VXFy>Y(օ���E^U�IK�^m%w)�̨��N�
7�r�n\gZg֪�cQr%up^ܩ]a��`Z ^M8Ly�́�絶0 z":PS.qiOlN[ݽs�uh3�o�7x˳AUG��g%}�*~qW�$σg>��6�rЍ6}�S-ڶ-Tϓ_W6j<}.&f~7n��z~,�dJ>�C�{�s�ǯ&?a`�r.�1-gh��-!OXh\)uaʛEP�Մˊp{�^3 W@:FJ/lV}/8�7�?닠%Fk;�ɘ�9)�,�urCz#0��x�xB�楂�'B {#A*H%l~D/G1q�D���)'U�Bvu�տ@~P>����N�;c�L3Wr"��;>j3)�J节i#�Q/ނY�6kԚb[|o�k��0�EOk)u�lv�S�&W;z,�Y
�?3�pظ�WyQ
e\}6���T58o0
c)0'�Cs
w}';�0i_9j{:y2�g�(.3.+X�gQS��S}0IVim%!fy>^�}4.��^꾱?+�V_~FL�Dtք&�_pǖS�
#s{cS�xf9SeK6@ 4�.�{~$FS*emC,:�kJUDϚ1�-b��nʂQ)tfc��Z@2ftڟw ?]|DA:^X!49�KM�w�BS�<0|E��{)*X/�+�u�P KgSU/Wc�Oq!%�eLg{ﯶ6�z1N*(-- vڷ���DS�%f\pn�sD�2+
�AR�vNa^t�%6T>��2M /�BL�C5�?��.6�G:
c8-@�OA깸TłwJjٜvʦ+2V%l7�ù�k2ib|8#L�[R>nX��ȟWa�1����g;oc5Blm�د���I!��@\~2c�?g댘˘Cbl^5J��P=@Cӈŕvř�>j(;�
j,lS�"$A}Z{6�CQz
iirT?z(pZ8�H"]
6CINܮUUK�WxQI*Gr~ 1_�8R�~^ /חmןo'DHT�d[eY7IUj�8�_�cO~ZC�xy�"6֮�jpCħ�A;Uv!2DƮ_ +S �BFwGpF�Y_vB̭@,܌0oL㰓ɱ�ߍ��t&WVFA�>Y�xד�5p{/&?$ڞk�05�>Aʞ(D�Jd@4wߗi;R*j,� ? ;,TOՓCם2OylǀυK^̡�q4X�nWf|}g�
����L0@v/MKz̽Mk�&ڷ
:o�V=TQѣf?�IB�7�EIy]$}�{NU��B�5ʷ�/!|KO��M�'L�{dͻ�__�
](DS&�`<0�>X[svߔTE/F#7ǧ�!o�~q7]�FKxJ
y~ƺ&tpBԌ"%�>�V����n'YJBӂz|�BuMԯy#W@zN#v�b�cVr
ȉG�%D��ev\d_�O3לVt�~e1,aɮ�62] "�ݐ�MHƜ}DI_Sbd�Nbng��2*�Y��¬uIaemVd"`R�6�/bG|1˄Z7��Q��|{��"4�n2l6o�v�#
�/=�|k��l>Kz
�$g+z\[ (SEW6�8�_J8�%)f���
�Jw#7O�ͽ��F
i≻`��1s!k`^�yd- %7Q�\�ּ@IbWvG#KoDtg8eNrEH\ښo& %bMprSXqt_�&HΨ\3N'2d>4S"X��h���r�VD�)T?�QA}?��pSa.bv(9a�k:�q��mwTמmo�e6^,)-+)Ԑ�Koֆ��v!^Qf<�K'1uː�faॢiCRHXi[ռKu%�o0*Ş6ҐU4#UU�h/L?w.4Xyk(c=p/kf�*�fV[Zgك��-@)Fޔe�+Q��Ec�5w˗?NE��;�t6D?�7R]JQ
~8,�rJ|$~\�"t:DO1Լ3LS3CM�HR�%
�]yfR##S��n5�:�9<�rz,�ܧN�L|f�kJA�&ӿs3.{TO�Wk�
vNBFH}wpy$6%ӱ7@{6>W:k@
S_t0�1=q7W۪0���F
?6zk07*LSCkJt|Na�)�O'�&�6塵ؘ<�2�b=z_�@;;'iĄT!ID4QG�`\^k�p3�J@s7".�-C��iA4d�x�>/�61{TeJ+]*3�ɪ^D�r*@DSű��}im���߳j6��(gIV�0C=-"Fv%]@|,�ArHY"XK5B,hU_p�U�Ȗ2��FHM_͞L6+dUVx2$%�feaBdBF#>T[N�k"a9��ZO-;זIp~b¥�|�mVљ�'PdfƏ�][UzP�I�rLY!8:'}~�0ׄb�Sm�/$czZR�}*\iQ��\�F1=J0&nTY7X/2^��uW">Zw7�]#P`H_ﻝ,;b>s�>�(ڑ\8�|@��&8{U٤#=�@)xW2�F�@[O0"jum�igZBi���R�R!EKwi33=ޖ<^���O�a�y.VL6^G�
ZHQkMH+t͋&.�-X1%�0Iԅ�~3#o)،wi{6ha@�jƪ ܧu���a\[R)P )q=gLV4�ҾD$U�S3��}�6
5I٣fiPqPfKz7�ϫ�o $83�;�A̯Os9��H�E-W�Y�rc�=~ʇHˡ���~7�~<�FO4�+|ȟ4*2�ښZ[]1v#[x99F!!`�dPW+@� )�l0�QS�&��{ky D�BK�?/i}Fծv�OsR$(E���w���s)<=ޙ|5���SV�߀gCc�XBFfOO� mlyP��R͌:P3};J�͆�=?\L?�ғͥޤ*.(�ަ='3K?cI?Kz%5&8�81#?$T\q�,lJ"\�Գ~_i�0RL(ţjtBwߐmg_�D!T]N~~Sbax��nW�)�v��|A@؋rkt�Bt
�H��z@pNe�2()!/ߓQj n?n$="L��2�$iI�MmqL/FOA`3�i\ZB /~#>7ɨZj]̭R2߿j�Zv_KJ\G�W,8��@cmuD0
L.3n_�V3'�,𤉠pÒ(Dヤ�H!O�3s�;�& D/�I3)<$�GƉ 1Ζ~k"4!yI����Fo]I �O8.1�nTʤ�rgE}\I��xSl.4،|�@� -K;�
>a@иD��W-'|�$TK|?p"MlsjG[yb�XZLvbN(�c��nyj@Ѧn
�ْAh9Ꜵ,@v^-?.Ģ�l�`%�"w,a{e\
�>z]d].M_ �2QESybp5vr^�x�ueg4�(=$=RnJ=���8|����B�t��^ݭh4lV��a4}�`5ɹ��T�%4&,Zu�/6�ʔZ$bfc_c<�?'11l Oei}x6|qqA�[!)i;$�}$"�x1@ֹ�1Gt�*(���F 5̦,a-��h>Wk{�"|W{jk���n���tXe�'i�W\Ve����b�i{U�玏@R��\鄴RUa��D�_3x�DK,Ը7'%�@sN��MI�XԻ|j?�B�>_a [ph�E�B�ȯ+-psuZOTc(2x�6[ﲇ���,q?��
H�捿���xƚW?8�[(Ī�'! bG'c8{*$O_w\�E8]Z�qe,�'ٵO�>_{$W���3z2\&nҫYZ6O�g*x.R݉UӬ܈�ZײPSbQJqtY�
m~˼��e
�YJ;>&O�A<^��*�,CA �!�_~�"�VL�mn�@�lir��1.$QFՀo�4p3?,>dD@��Zt�d�XmA@>Sfo���{ˊȈ؟[O5߀�t0�ai��.i O1)ɥ��?Q+D�
!�L%Sh+gHv�±<~C
|/ּd�V<�_>ӯ�,:E�(uG`PV(F!Sڽarf :�=�.^�
/�zQ#=9t�c &�p�ol}3�:^f}MjW^>&K
,w
kW(
Oȇ��`6��c>�mhBì�Q-P�$45¤ym~
�^m�L<�co�{~pwd��$pdUOī%^��Ue{�eSex�Y/�@ư=3r ��YQr8
A�8y>�h:ӯQKe
P0 _WjbwJB;9"��e%`�� cM�ݠ^@bŔ^I-�x�䛕(1�uzKo�ٻ1ʔ}=K�,��z-uXHyvfy/.U{u<0qթ1�\9Y�HUsցinr
�46�O�@a[wh.0.G3|NI�A��&�l�×gedOM,�j9933ٶ[>PI0H�yЇCw��H�}[
a3 DP)ؕt #�iΖ�9kv�5�SjKm=%�][i|��(�*}<ɗ
r,Me=w[S̩$]/Mrہ%�[bXnY ,ǿd�C
<��n�51{�y4
Xk[T�_߃_�o'l�"~�W�l�V�@w�<*zb0?�4/&4�|Sso�M\�IZ;A�?Mmb\�'�Td4kn*|�IhL:ߛ6#%Z�ӥȬW1���0eh���ܽQ�W�X|!�0�xB� h%��@\-PŶ3b>$�֏p�6WWF@B{IRq �~�՜TR>�f՛�D�T>Qj'*ĻWvAĵмtzTG)~@}s�mK�9X8:�75.�B(d+;@rg2�@0}y(>�yG#ӮRq졗<�#yWG�.];',��f=�ןWa1o|P+Derp�6\܆;�$|�|.^�+zϺ
�kUMN���4@TcM\5Oj9oYı
Fy٣�b7��\��T�8f!�}ة��mP`F ;�ަ)|X}�<:G!<勢�ľ�!̚s°#B1��>�8!XW�zO!l76/;S�.v�$|�?{Y��ҚK�q{�w�&`b��j)z �g��-�JBwn
!
m
6[@KZ?��qi�ީtȅ�iI�%O���KM`bQxpGC2-ǭ�h>,�Vk9=D(�b �T_?*M�e��
Q�
x�gn;R��S��8�莖Ċⴵ8V9]Q-,OM_|�wT�udbHȻ�'E8|V�I�l�P]�I�0��7,�uP4^�^��ko�,�-Գ=̓pMMb%NBpVo�%[L#p$�J�T*þvveU�R{��lu2cf1FCu
}A!A�=�=�v�e�t�e�e8�5: �W�̨u̾�P�c�{K^m�pA%vaԪ~�<5n}[c�7��A9l�QJFI_�X�YBuѨkF�+)W@�{ (��,:����Y)^2/X�R���ē�5�Ԏ1/v潓QA@Z(;jɮG{H�8Tby5�!}�Jj}oiO �%eU{yi+fݗN �i2Dכ�@Fw Ke{o�
\w��e�*lm��PH*+*(}�zE7��2'@_�#i`M@Q9�O
m,;X ��WrTмB^
Rm�B9��i!�"gN\51TVz���^ci|�G�
�/ÖX^@jF��!�*&Z N��y�b�4�8 z\ ;hj}>?fM��Px[ocJ�C��ԢI2?wE?�
^OqqU4:g���t<+�='j+L�TR後|}W:ԍ�}
ӯS9"��3���+3Dhz�f?�)_��b�B`$�Nv㏿o"Dv:o쫻ǭXj`8_*p|�:b9Z5�vF~T5dv�LJ#�)_#@8�R]� �fbG�8I#� ʙXHKH�:C�>H��`gF29))^/�=JX�yArU
�c&S�Al#2�Ab�:A]`&s!DBV�=AnT�sS0�WVip�H%K16Oi�:p:S`v}�zxn�>0#2�2( Q:�ڒR;^4(%4Fm�blwGx1ꝧs+� 6砍z��urqh]Ŋ$ Q[oJ[fȄgi9`4up+]U��Ǐ�@ޟk�}��"�ba�_�.
�NQ�qx8�p6zo�#Q20_U�7? �y7� :��y�ܮdgGf�EPם|Xpv)|�ڪ�Hsg TU 7A
UtH@̸�V!zA&;`T4Z4g5�G�3x3is4��<2�Ҙ$5P9K�]rۿx#
�+HV-!r{E�Om�(r;J�%~yhv�\ziݞ+
ܙtсXsw[ch0Mv��+~?!��a{#G8>.uʂX9V;)fV!4vV
l�!�B����FpOlŠ$+n@B4dIӐ�mOjҋ;Wڶ�V5Je,
ԕÕ_:}'T[r
�vJHg�P ~t�|K(��l_�*�Mn>U07J8r2�v>�?إ2%ҠU
Y����h̘�1bBy|N�{fnPCc��ǴY;��8lIfh����6
�31L QH�Ŵ!(�ZU�$!d�})
[��)^*
�խ�<�겪~#Ƹ�3&�v<�-�L�q�II� ;Nrv�!M0�3#C���%!����V�p�v&XnU�Fs�
�\
G�ie �ebu�Eh+'uV�(F/ʲ�`+;E걡�SN8ۺU�ncerٚ��敨�h=Jqt�V=dX6�Ay*�V6x�à�ɴy�;G�ֿ4Hb#;U:ݻ@�/Ȱމ(6+7x�M<5ֽ
,�%+k}b�՟ ux�-L�9n*['LOA_y�0,zD.�_~ÈD���LX\Dɨ�Kr7uuR茕��ӳη�^Ǭ[Ih0y�XG}v;8sqDP'O'�\GIH )�,4f��ڇu+f�Aw\5p"g]|QݧZ(t��gEE6�H�j(>lz�e
jhO��K�aNл"6��C�kۿk{~�'y�--w�5D�XGotMeV7"8J\=
�kB�%5�mZFn6-�jFk46�_Gg��AIqxr&3& R-,ˎ#�y}( ?E|�*�6:-l!a;~7 !5i?�� CZ
c�>�!�=/�e>ė~Uc\�!_"�O'ܠ�K܌::GVU6XMG�=E�:�P+tX�C�
.]�v���[De@ͳPez5M}9G�|5[�N�҆�u@_yף���شъY�-.#G���n�p_y8Et��9i`)
aN��Lmt\fh^a�nH�~\t>@��XZ.",b+Y�qKnde^:�Z&O㎥�DW�
Ƶr�jh2>\7(#fM6X
L| E�We�%r$qmߣ?h>"u;/ˠ�Pz_ʄm� �#�qrgBL7H� Y�fWyw~kG�s�Q:pRf�yhڻW.N�X$Vw#ĽDc\'�XLs�A�uV-B�sofOyc־weȳ;Uޚޓ?W*�'Fr]X]4#��mȽ(o�βo &kIH/�_wLG��qM��òp-�gZf\=-9�Ҳ99�DCa[C}eV(��X}Lɽp�"9:("����@>F�!� ;5~��&O5�Ɲuڹi�Ph�im�!cr~$L֦�q�9�|�~?5U%V׃w¼\�ǍI`(2�4382
�
R��nR�|wG�(/.o#4f
zwDߎ��0
QHoeeEplU:��I7�.FNE�&q̗ۜoլ�liA�eqkLr uU>;LڐO%xP�,
2$u Pi���uy6łg��_�8/6b�t�}ṳ�%ǮҀ:sL,l��&Sã�mZS�y',)"+�=�KuC�rZ�>B��E�Z9�6-N�l
oHBJB��(8i"F�O+<ʘ`c=[=OF窩`!h.;Q웍ȁ!{��^�+~h�ύN]~�PaHZlP�j�ӧa;l�r?mկI�5ml�:}�>jx`I/�UϨ7w�z�Ǭ|����I�$�sk�Uh)we��M�@sM�s"�We9KH1 _6ɾ30�8g��ƌRYg�w[\!`$�ʥec���l��[��o�]k�u^�1D�Jj�Il;���L�iZO59K�06�NC I��H?*�k��
L|#U�9#8'l��=y"GNcI|$p�4<�)�ę [ܻ^DGɐo*��Δ2e�&{v.MI<ϟ(,$Y<�_J$a ElZI@.�I1�A-[�̰ޠ�9wyhj;@\H^�Z݃mGq*ڱa(�~w~�m^89S`n˼�g|٤=怬0�/eDתh�E,9~nhz>%�C
LS��eVp!ekbqk
}�Έ:lAщցa]E6Ω�%A`;*�$\�N�4^4pQ]?�> @+O�Ȝ/m?��̨+,F�eXF0~S*vyV�c����IGsXH$�i�h�^*%%IYr�' ��W�u3v� F]���Į0`?-�p~ɲsڈN�;:kFG�&uF�\d\csauQhƈ\MH揍 M\i D�X6]qHC96��@;�6ܴIxsFANJKI&V2[aʀi�|k�H[ED�6`L㯾��a$Ѧ|=eg)c0/iS y+�A9��߷a�AeW�&]Pv07Z ف�*p���@*3�`^�o{+X NFOBC9[UsœVﬡrݍVBBj}i9tu!L wv�^5]*c}p0Ś*Ln:ZWS]�VQ�l��4�x��H8ܦ],ZT9�u�;֔a#ʸX}#g:|ZD`�հ0exVޞ
?��1o�u�J�.Wi�܊l�<�GB� ̌C�,�2$2�UQφ"�H%힑�/ԥ:�!�RFK�ڗ>t`/B$?69�Ud�R�Y�S3m|ӓ���#݁Gj�w`ҝշGK?�3[؆c`'�I3Yj6zb!Mm4�W30o��Mک{C|u+< yb^Kqgc�;~Kߖ.¹�U�j]vDm.^ܯ�?_TFG:1=�}6�AA/z���2suN^UG0JdDM]WyسVfw�-M!}Já�6Z�_4D%����i]0FǰW�vb,tӸ�g@2+Pzb1?z6CjRXa]�$A
��^�|R+=h�ulff`��i5K9/K9�5`#o`�`g�~\w�`U;SP��tQ�Zb�-(ٶ��Gv#SN^+%TM7M% u?\DP_aCɪPrc�FUI+�27g5�L�W��+Eqgn� 4��ٚf;t6�Jg<��_IH�KSz�`�^MfఔEXB��QL�[�K�
@vsGt��hh%kaGl��i~
O(Bv]{*D/v\+`ZTZ5�hz�i,m'O���'m�[;]80W@0̹,#���O�T�E�P6NB4$�Qjc��qN�q�
�°�u�
vTAOg"�1&��cBU|
Aoi�U[`�p{m �cRH?wqeV R�H`n
?b;�F(|х-^b
Wâi�1��ل8�
ɕt���|9'ڵFĿi<�0��-AP�c��BR`dzRj(_��OI}<�3Z5*Y~^Y9GӌM�쟂4a4+�Gkl�6֬%` �Kț|
�
Ulr�H�!��8hu�Jd7?D�=3FYz&
_nrh({#;`ehKy,�K,�ctDٞ�9ꦂQl*Q�FhN4!U�@�V�4W�ID,��ki�L�T��^.BK(���<�ת2`VW`.+) ݼ2���Ug�15Oyѽ+en:Z�ix[�6+C��;l"NnRlk�"đYo o��M1� VS}7��Y*3?��#){osկ�W�z�rՏ\�O�}lMc6xQsD��}�;�6%q��M 7x�P IB91܂Fsƽh?�0UЋ'"3�}^F]jIRYXq�z"vfc�6K�$j;�l�R/U�gDX+]+�D*z,_0�
8^궎y��l
FB4u\�ώ+8=+8���(��m]�vĕ�Z�![@-�fp�Ȟ`I=?J0��b]*'�Z
�eK^Ts{�}Tj}e|�@\o:o3{:{�:,FDԹ~ryeɨ?v
kqV�Gw�ۻ!2"6rtx6w/㼑i�K^r-1�Mkf&om�{�dY$b?�Cj~5�Xj�v�|7]Ԉ�-4Sɬg$�V?N,L3��ⷲNg 2=�&ẍPʄkt"m#ڔb\���
1b;kO%f
үk=r^;H+3I:td(D3!~`�Vshk�H��z[~�w̞�V�HZ$3y�k�hljLt�M{��SN_�k;�Q?c;zӇZ
ฃD�f!i,s0b�S��=��U�G"瓪Tҟr
��
L{�,~"c9Y`2ߟtdbBG��pb.�D/��{�6ͅ2W�Pն1訳=t�\i��5
��^Vs+���nŤ.;4>xca�"N-qQE�F(G22�!�Nlm1[����
cwKH
{d�Гwqo]O�d��NG�FGjCv}q!jZ2B´9Q:6""N1g�J34:w̦NR!&flbGLhQH�_@8z9JƷI��an WnZd;"HBy(
�G:�սD'(6�dg�FtBQ N5�Ѧ�d�5�XRI(6nK�1�4
V r/710qnvX��K�uA1Ssc(uɲ�F��+�<�_�N.�
ǔld?aZRƁiuA=�a>�ݕ҅k]�3aYYVJm+;�y�fmW`e{d@$s:0�L#+�iW�S)SѱmG����U�
�L4 ^kӷ�a�v- 仑�4頴E*4^�>A5N�^*JH�"G+�"O6!qI\T�����̷3 (��^9iU�}gmh�sٷrδ*f�O<�0fu�r@mZ5%?>Hr\xU��QI"K@xF0
�-2V+�f\gD��TٱBĿy1\R&IU��rx)F-i��_Uy5 ;��gW�nX,`;fa]AP�y+_йԿu� *j;�YdD�>_5c^2'�{�c�¢���W?_X+Vr?y�,tC�� ' =������
YZ