xen-libs-debuginfo-4.13.2_08-lp152.2.24.1 4>$  Ap`l/=„1 m˻XD ȩC(f)VA/AUo#s/}5-w;o`mY{?!ې`bvP&ƍohRU{u6DbT =ctM zcgSQHXʾwz 8rӝT]h)KKqA&LI^gyNv02 j*D۽I(q]qKe.BƏRVc&K&rGqc6e51f6ad29927b697edd480d13cac676462b2ba65e9dac47a72846d3e8f6e5fd86013f0e52c47b9fbdd6b9976d5323536eb3bb2L`l/=„ JR:'rZ qm]dO9y gϫuNWD (4[A d3R ז9FlƏzC *g],_AΏlYәy_O,дQZ4V/^HpJ˒d\`QH dmJ@S?X(&{ib\( V *X7 ptǙ.]j;gl/h aVj[ݴjO`*X#4M/^0/XhP>p@? * Q #,9 Rdd4d d d Td  8d dddd D","<"("8"o9(o:ApoFGdHdI dXY\d](d^Ț#bcsdefl udvϬwݤdx4dyz,0H`djxen-libs-debuginfo4.13.2_08lp152.2.24.1Debug information for package xen-libsThis package provides debug information for package xen-libs. Debug information is useful when developing applications that use this package or when debugging this package.`llamb12hopenSUSE Leap 15.2openSUSEGPL-2.0-onlyhttp://bugs.opensuse.orgDevelopment/Debughttp://www.cl.cam.ac.uk/Research/SRG/netos/xen/linuxx86_64,^2d.`-_7i2d-_2d*\0b2d1c.`.`-_.`6h-_,^5g,^3ePMwxP @^"*,8mPdIKzxMX5AAAAAAAAAAAAAAAAAAAAAAAAAA큤AA큤A큤A큤A큤A큤A큤A큤`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l`l81b278ed590209983e09e459f1d19ea6e090d08382dbd39a20c47d5e22b2c8cc877dc630d5294a66d6a03dbad3511518454a9ff9c75bf36d27762dbff1779f9684f97fcb78df6f3befc0523b06e94a779dd9bb3b58d2c456bfdae45dacad41eeb4d99f97c54473ca1221a63760fced257be3e9eeb92ee5a7ffb925022ccd6deac09162f2855bd7a8ad8be24bfbd30ae4fd23ffd129d197f81b095e67cf1174c0749c37662716e619591a9b09e398edf94f0028d462095e70f22df12727cd7efc8b3a6fd282ab9968b8d3eefdb77a336943a35c0d7248b161fd10b97f81a88842563ee4ede0d23c4f12218787916005cefb1a1e0fc99f125fad294878c41b5800f9b404749ed9bf1af004cf9e97a156e544aab5d631193a69b28664833c169b0d732172c5e26a00b8b14b7ed876af759e182b95985e200a9beaacd9492fc951049305f0ffda85c1613eb057d9f4bccb430e3d155dbcf00fcc0db327d9e3c9c97c9df80887bac4388bfa0d29e9902cce6a817dc73f7c8aa0b9a5f8953d678d28175fdc886093d0a4fee96074a37d5dd221712fca5eada04b250545258d1c3f3bd808b2d97f9727c9aab98708f5444c801cec59db8188ca803634c66f585101d32611f08b7c77f34a45f20b0bf4fbd03b4e4a9814fafa256244b89e5d182a931a98dadf87845cba81f77b8cd6da5ea751f0a87d90d398fea6fa5db653194696e87a2e899eb3a89008efda245b63ec937d84e8136207762e0e1dde4d2d842f91750ad4855ee73f7af2043e978bb2b1f36b3075cdc3d40c8c430fa3a310788d6c0a0399c3ee70bd8ea432ebf676c8ab8f5389020ecea62a779d6fa9b91f631b95229fb9a9a6c338d82e52c8c25633ef052c8c6c7a07aa14cd32751fd9c63e5c5766a5b11583b58f2a8ad03183c809fdc0f8b33232e7a899fc3b9e932b1718ce6c4120957646a010d4529c0de2d4b2a97a5c57a5dae3e68b8a91c7545115272300c607../../../../../usr/lib64/libxenevtchn.so.1.1../../../../../usr/lib/debug/usr/lib64/libxenevtchn.so.1.1-4.13.2_08-lp152.2.24.1.x86_64.debug../../../../../usr/lib64/xenfsimage/ufs/fsimage.so../../../../../usr/lib/debug/usr/lib64/xenfsimage/ufs/fsimage.so-4.13.2_08-lp152.2.24.1.x86_64.debug../../../../../usr/lib64/libxenguest.so.4.13.0../../../../../usr/lib/debug/usr/lib64/libxenguest.so.4.13.0-4.13.2_08-lp152.2.24.1.x86_64.debug../../../../../usr/lib64/libxenstat.so.4.13.0../../../../../usr/lib/debug/usr/lib64/libxenstat.so.4.13.0-4.13.2_08-lp152.2.24.1.x86_64.debug../../../../../usr/lib64/xenfsimage/reiserfs/fsimage.so../../../../../usr/lib/debug/usr/lib64/xenfsimage/reiserfs/fsimage.so-4.13.2_08-lp152.2.24.1.x86_64.debug../../../../../usr/lib64/xenfsimage/fat/fsimage.so../../../../../usr/lib/debug/usr/lib64/xenfsimage/fat/fsimage.so-4.13.2_08-lp152.2.24.1.x86_64.debug../../../../../usr/lib64/libxenctrl.so.4.13.0../../../../../usr/lib/debug/usr/lib64/libxenctrl.so.4.13.0-4.13.2_08-lp152.2.24.1.x86_64.debug../../../../../usr/lib64/xenfsimage/zfs/fsimage.so../../../../../usr/lib/debug/usr/lib64/xenfsimage/zfs/fsimage.so-4.13.2_08-lp152.2.24.1.x86_64.debug../../../../../usr/lib64/libxencall.so.1.2../../../../../usr/lib/debug/usr/lib64/libxencall.so.1.2-4.13.2_08-lp152.2.24.1.x86_64.debug../../../../../usr/lib64/libxenfsimage.so.4.13.0../../../../../usr/lib/debug/usr/lib64/libxenfsimage.so.4.13.0-4.13.2_08-lp152.2.24.1.x86_64.debug../../../../../usr/lib64/xenfsimage/xfs/fsimage.so../../../../../usr/lib/debug/usr/lib64/xenfsimage/xfs/fsimage.so-4.13.2_08-lp152.2.24.1.x86_64.debug../../../../../usr/lib64/libxendevicemodel.so.1.3../../../../../usr/lib/debug/usr/lib64/libxendevicemodel.so.1.3-4.13.2_08-lp152.2.24.1.x86_64.debug../../../../../usr/lib64/libxenvchan.so.4.13.0../../../../../usr/lib/debug/usr/lib64/libxenvchan.so.4.13.0-4.13.2_08-lp152.2.24.1.x86_64.debug../../../../../usr/lib64/libxentoolcore.so.1.0../../../../../usr/lib/debug/usr/lib64/libxentoolcore.so.1.0-4.13.2_08-lp152.2.24.1.x86_64.debug../../../../../usr/lib64/libxentoollog.so.1.0../../../../../usr/lib/debug/usr/lib64/libxentoollog.so.1.0-4.13.2_08-lp152.2.24.1.x86_64.debug../../../../../usr/lib64/libxenlight.so.4.13.0../../../../../usr/lib/debug/usr/lib64/libxenlight.so.4.13.0-4.13.2_08-lp152.2.24.1.x86_64.debug../../../../../usr/lib64/xenfsimage/iso9660/fsimage.so../../../../../usr/lib/debug/usr/lib64/xenfsimage/iso9660/fsimage.so-4.13.2_08-lp152.2.24.1.x86_64.debug../../../../../usr/lib64/libxenstore.so.3.0.3../../../../../usr/lib/debug/usr/lib64/libxenstore.so.3.0.3-4.13.2_08-lp152.2.24.1.x86_64.debug../../../../../usr/lib64/libxlutil.so.4.13.0../../../../../usr/lib/debug/usr/lib64/libxlutil.so.4.13.0-4.13.2_08-lp152.2.24.1.x86_64.debug../../../../../usr/lib64/xenfsimage/ext2fs/fsimage.so../../../../../usr/lib/debug/usr/lib64/xenfsimage/ext2fs/fsimage.so-4.13.2_08-lp152.2.24.1.x86_64.debug../../../../../usr/lib64/libxengnttab.so.1.2../../../../../usr/lib/debug/usr/lib64/libxengnttab.so.1.2-4.13.2_08-lp152.2.24.1.x86_64.debug../../../../../usr/lib64/libxenforeignmemory.so.1.3../../../../../usr/lib/debug/usr/lib64/libxenforeignmemory.so.1.3-4.13.2_08-lp152.2.24.1.x86_64.debugrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootxen-4.13.2_08-lp152.2.24.1.src.rpmdebuginfo(build-id)debuginfo(build-id)debuginfo(build-id)debuginfo(build-id)debuginfo(build-id)debuginfo(build-id)debuginfo(build-id)debuginfo(build-id)debuginfo(build-id)debuginfo(build-id)debuginfo(build-id)debuginfo(build-id)debuginfo(build-id)debuginfo(build-id)debuginfo(build-id)debuginfo(build-id)debuginfo(build-id)debuginfo(build-id)debuginfo(build-id)debuginfo(build-id)debuginfo(build-id)debuginfo(build-id)xen-libs-debuginfoxen-libs-debuginfo(x86-64)    rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.1`OL@`B@`4@`@` l__$_ǁ______@__[f_X_Wr@_'@_{_^)@^^@^3^ϧ^x^@^@^^^{G^r @^j$@^g@^_@^Nt^K^=Q@^:@^0"@^@^@]]]N@]@]ʞ])]c@]@]@]@]]fl]fl]M`@]B@]/ ],j] ]@]@] ] ] #]]@\\ޢ@\ڭ\\@\@\@\,@\7\\N\@\\+@\\M\M\\\@\}@\k\X)@\J@\I\A\?\=@\9\73\4\$\l@[H[k@[@[^[^[ā@[@[@[9@[v[W[CN@[<[6@[0@[0@['[!@[5@Z@ZnZ@ZZZ@ZmZԐ@ZZZ@ZZ}@Z}@Z}@Z}@Zz@Zz@Zo Zk@ZV@ZS]@ZOhZ:PZ1@Z.s@Z&@ZOZOZ Z Z Z@Z@Z }ZC@ZYYYY|Y@Y{Y*@Y5YA@Y4YYYbYY@Y3Y@YJYJY@YYV@Y@Ym@Yw2Yp@YlYh@Yh@YS@YJ_YI@Y5GY0Y-^Y(Y"YY;@YYY@YtY.X@XQ@X@XۡXg@X@X@X@X @X@X@X@X@XXX@XXXwoXs{@XlXWXRXQ4@XEVX43@X.@X*X lX&X@XX@W@W֘W֘W^@WiW:Wt@W.@W9WW@Wk@Wi,@WbWZWZWZWYZ@WV@WEWBW=W;W3W1@W1@W,@W(W(W(W(W(W#LWVbV(@V3VJVxV'@VV2V͛@VŲ@V`VwVVV=@VV@VHV@VvV%@VV<@V@VS@VV@V^VwVqR@Vn@VXEVUVTQ@VMVMVMVA@V;DV9@V7P@V0V*!@V V@VCVVVf@VqV@UYU@U@UUݪ@U@UnU4@UUK@UU@UU>U@Ux&Un@U\w@U[%UUUPUKSU>$U6;U%@UU@UUU.@TgT-@TT@TZ@TZ@T@TT@T5T@TLTLT~@Tl@Ti@Ta@THT?@T=@carnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comCallum Farmer carnold@suse.comcarnold@suse.comJames Fehlig carnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.deohering@suse.deohering@suse.decarnold@suse.comDominique Leuenberger carnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comMatej Cepl carnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comohering@suse.decarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.deohering@suse.deohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comJim Fehlig ohering@suse.deMartin Liška ohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comJan Engelhardt Guillaume GARDET Guillaume GARDET Bernhard Wiedemann carnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.deBernhard Wiedemann ohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comtrenn@suse.decarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.deohering@suse.deohering@suse.dejfehlig@suse.comohering@suse.decarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comohering@suse.deohering@suse.deohering@suse.derbrown@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.deohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comjfehlig@suse.comohering@suse.decarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comjfehlig@suse.comohering@suse.decarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comjfehlig@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comjfehlig@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.dejfehlig@suse.comcarnold@suse.comohering@suse.deohering@suse.deohering@suse.decarnold@suse.comohering@suse.dejfehlig@suse.comcarnold@suse.comjfehlig@suse.comjfehlig@suse.comcarnold@suse.comcarnold@suse.comjfehlig@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comjfehlig@suse.comcarnold@suse.comcarnold@suse.commlatimer@suse.comcarnold@suse.comcyliu@suse.comjfehlig@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comohering@suse.decarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comjfehlig@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.derguenther@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comrguenther@suse.comcarnold@suse.commeissner@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.deohering@suse.decarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comohering@suse.deohering@suse.deohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.com- bsc#1177204 - L3-Question: conring size for XEN HV's with huge memory to small. Inital Xen logs cut 5ffc58c4-ACPI-reduce-verbosity-by-default.patch - Upstream bug fixes (bsc#1027519) 601d4396-x86-EFI-suppress-ld-2-36-debug-info.patch 602bd768-page_alloc-only-flush-after-scrubbing.patch 602cfe3d-IOMMU-check-if-initialized-before-teardown.patch 602e5a8c-gnttab-never-permit-mapping-transitive-grants.patch 602e5abb-gnttab-bypass-IOMMU-when-mapping-own-grant.patch 6037b02e-x86-EFI-suppress-ld-2-36-base-relocs.patch 60410127-gcc11-adjust-rijndaelEncrypt.patch 60422428-x86-shadow-avoid-fast-fault-path.patch- bsc#1183072 - VUL-0: xen: HVM soft-reset crashes toolstack (XSA-368) Also resolves, bsc#1179148 - kdump of HVM fails, soft-reset not handled by libxl bsc#1181989 - openQA job causes libvirtd to dump core when running kdump inside domain xsa368.patch- bsc#1182576 - L3: XEN domU crashed on resume when using the xl unpause command 602ffae9-tools-libs-light-fix-xl-save--c-handling.patch- Upstream bug fixes (bsc#1027519) 5fd8aebb-x86-replace-reset_stack_and_jump_nolp.patch (Replaces xsa348-1.patch) 5fd8aee5-x86-fold-guest_idle_loop.patch (Replaces xsa348-2.patch 5fd8aef3-x86-avoid-calling-do_resume.patch (Replaces xsa348-3.patch) 5fd8af4b-evtchn-FIFO-add-2nd-smp_rmb.patch (Replaces xsa359.patch) 5fd8b02d-evtchn-FIFO-reorder-and-synchronize.patch (Replaces xsa358.patch) 5ff458f2-x86-vPCI-tolerate-disabled-MSI-X-entry.patch 5ff71655-x86-dpci-EOI-regardless-of-masking.patch 5ffc58e8-x86-ACPI-dont-overwrite-FADT.patch 600999ad-x86-dpci-do-not-remove-pirqs-from.patch (Replaces xsa360.patch) 600ab341-x86-vioapic-EOI-check-IRR-before-inject.patch 6013e4bd-memory-bail-from-page-scrub-when-CPU-offline.patch 6013e546-x86-HVM-reorder-domain-init-error-path.patch- bsc#1181254 - VUL-0: xen: IRQ vector leak on x86 (XSA-360) xsa360.patch- bsc#1180690 - L3-Question: xen: no needsreboot flag set Add Provides: installhint(reboot-needed) in xen.spec for libzypp- bsc#1176782 - L3: xl dump-core shows missing nr_pages during core. If maxmem and current are the same the issue doesn't happen 5fca3b32-tools-libs-ctrl-fix-dumping-of-ballooned-guest.patch- bsc#1179496 - VUL-0: CVE-2020-29480: xen: xenstore: watch notifications lacking permission checks (XSA-115) xsa115-1.patch xsa115-2.patch xsa115-3.patch xsa115-4.patch xsa115-5.patch xsa115-6.patch xsa115-7.patch xsa115-8.patch xsa115-9.patch xsa115-10.patch - bsc#1179498 - VUL-0: CVE-2020-29481: xen: xenstore: new domains inheriting existing node permissions (XSA-322) xsa322.patch - bsc#1179501 - VUL-0: CVE-2020-29484: xen: xenstore: guests can crash xenstored via watchs (XSA-324) xsa324.patch - bsc#1179502 - VUL-0: CVE-2020-29483: xen: xenstore: guests can disturb domain cleanup (XSA-325) xsa325.patch - bsc#1179506 - VUL-0: CVE-2020-29566: xen: undue recursion in x86 HVM context switch code (XSA-348) xsa348-1.patch xsa348-2.patch xsa348-3.patch - bsc#1179514 - VUL-0: CVE-2020-29570: xen: FIFO event channels control block related ordering (XSA-358) xsa358.patch - bsc#1179516 - VUL-0: CVE-2020-29571: xen: FIFO event channels control structure ordering (XSA-359) xsa359.patch - Upstream bug fixes (bsc#1027519) 5faa974f-evtchn-rework-per-channel-lock.patch 5faa978b-evtchn-revert-52e1fc47abc3a0123.patch 5faac497-xen-arm-Always-trap-AMU-system-registers.patch (Replaces xsa351-3.patch) 5fbcdf2e-evtchn-FIFO-access-last.patch 5fbcdf99-x86-DMI-fix-SMBIOS-pointer-check.patch 5fbd042b-memory-off-by-one-in-XSA-346.patch (Replaces xsa355.patch) 5fc4ee23-evtchn-FIFO-queue-locking.patch- bsc#1178963 - VUL-0: xen: stack corruption from XSA-346 change (XSA-355) xsa355.patch- Enhance libxc.migrate_tracking.patch Hide SUSEINFO messages from pause/unpause/resume from xl command. They are intended for libvirt logging, but lacked info about execution context.- bsc#1178591 - VUL-0: CVE-2020-28368: xen: Intel RAPL sidechannel attack aka PLATYPUS attack aka XSA-351 xsa351-1.patch xsa351-2.patch xsa351-3.patch- Upstream bug fix (bsc#1027519) 5f92909a-PCI-cleanup-MSI-before-removing-device.patch- bsc#1177950 - adjust help for --max_iters, default is 5 libxl.set-migration-constraints-from-cmdline.patch- Update to Xen 4.13.2 bug fix release (bsc#1027519) xen-4.13.2-testing-src.tar.bz2 - Drop patches contained in new tarball 5eb51be6-cpupool-fix-removing-cpu-from-pool.patch 5eb51caa-sched-vcpu-pause-flags-atomic.patch 5ec2a760-x86-determine-MXCSR-mask-always.patch 5ec50b05-x86-idle-rework-C6-EOI-workaround.patch 5ec7dcaa-x86-dont-enter-C6-with-in-service-intr.patch 5ec7dcf6-x86-dont-enter-C3-C6-with-errata.patch 5ec82237-x86-extend-ISR-C6-workaround-to-Haswell.patch 5ece1b91-x86-clear-RDRAND-CPUID-bit-on-AMD-fam-15-16.patch 5ece8ac4-x86-load_system_tables-NMI-MC-safe.patch 5ed69804-x86-ucode-fix-start-end-update.patch 5eda60cb-SVM-split-recalc-NPT-fault-handling.patch 5edf6ad8-ioreq-pending-emulation-server-destruction-race.patch 5edfbbea-x86-spec-ctrl-CPUID-MSR-defs-for-SRBDS.patch 5edfbbea-x86-spec-ctrl-mitigate-SRBDS.patch 5ee24d0e-x86-spec-ctrl-document-SRBDS-workaround.patch 5ef44e0d-x86-PMTMR-use-FADT-flags.patch 5ef6156a-x86-disallow-access-to-PT-MSRs.patch 5efcb354-x86-protect-CALL-JMP-straight-line-speculation.patch 5f046c18-evtchn-dont-ignore-error-in-get_free_port.patch 5f046c48-x86-shadow-dirty-VRAM-inverted-conditional.patch 5f046c64-EPT-set_middle_entry-adjustments.patch 5f046c78-EPT-atomically-modify-ents-in-ept_next_level.patch 5f046c9a-VT-d-improve-IOMMU-TLB-flush.patch 5f046cb5-VT-d-prune-rename-cache-flush-funcs.patch 5f046cca-x86-IOMMU-introduce-cache-sync-hook.patch 5f046ce9-VT-d-sync_cache-misaligned-addresses.patch 5f046cfd-x86-introduce-alternative_2.patch 5f046d1a-VT-d-optimize-CPU-cache-sync.patch 5f046d2b-EPT-flush-cache-when-modifying-PTEs.patch 5f046d5c-check-VCPUOP_register_vcpu_info-alignment.patch 5f1a9916-x86-S3-put-data-sregs-into-known-state.patch 5f21b9fd-x86-cpuid-APIC-bit-clearing.patch 5f479d9e-x86-begin-to-support-MSR_ARCH_CAPS.patch 5f4cf06e-x86-Dom0-expose-MSR_ARCH_CAPS.patch 5f4cf96a-x86-PV-fix-SEGBASE_GS_USER_SEL.patch 5f560c42-x86-PV-64bit-segbase-consistency.patch xsa286-1.patch xsa286-2.patch xsa286-3.patch xsa286-4.patch xsa286-5.patch xsa286-6.patch xsa333.patch xsa334.patch xsa336.patch xsa337-1.patch xsa337-2.patch xsa338.patch xsa339.patch xsa340.patch xsa342.patch xsa343-1.patch xsa343-2.patch xsa343-3.patch xsa344-1.patch xsa344-2.patch xsa345-1.patch xsa345-2.patch xsa345-3.patch xsa346-1.patch xsa346-2.patch xsa347-1.patch xsa347-2.patch xsa347-3.patch- bsc#1177409 - VUL-0: CVE-2020-27674: xen: x86 PV guest INVLPG-like flushes may leave stale TLB entries (XSA-286) xsa286-1.patch xsa286-2.patch xsa286-3.patch xsa286-4.patch xsa286-5.patch xsa286-6.patch - bsc#1177412 - VUL-0: CVE-2020-27672: xen: Race condition in Xen mapping code (XSA-345) xsa345-1.patch xsa345-2.patch xsa345-3.patch - bsc#1177413 - VUL-0: CVE-2020-27671: xen: undue deferral of IOMMU TLB flushes (XSA-346) xsa346-1.patch xsa346-2.patch - bsc#1177414 - VUL-0: CVE-2020-27670: xen: unsafe AMD IOMMU page table updates (XSA-347) xsa347-1.patch xsa347-2.patch xsa347-3.patch- Escape some % chars in xen.spec, they have to appear verbatim- Enhance libxc.migrate_tracking.patch Print number of allocated pages on sending side, this is more accurate than p2m_size.- bsc#1176339 - VUL-0: CVE-2020-25602: xen: x86 pv: Crash when handling guest access to MSR_MISC_ENABLE (XSA-333) xsa333.patch - bsc#1176341 - VUL-0: CVE-2020-25598: xen: Missing unlock in XENMEM_acquire_resource error path (XSA-334) xsa334.patch - bsc#1176343 - VUL-0: CVE-2020-25604: xen: race when migrating timers between x86 HVM vCPU-s (XSA-336) xsa336.patch - bsc#1176344 - VUL-0: CVE-2020-25595: xen: PCI passthrough code reading back hardware registers (XSA-337) xsa337-1.patch xsa337-2.patch - bsc#1176346 - VUL-0: CVE-2020-25597: xen: once valid event channels may not turn invalid (XSA-338) xsa338.patch - bsc#1176345 - VUL-0: CVE-2020-25596: xen: x86 pv guest kernel DoS via SYSENTER (XSA-339) xsa339.patch - bsc#1176347 - VUL-0: CVE-2020-25603: xen: Missing barrier barriers when accessing/allocating an event channel (XSA-340) xsa340.patch - bsc#1176348 - VUL-0: CVE-2020-25600: xen: out of bounds event channels available to 32-bit x86 domains (XSA-342) xsa342.patch - bsc#1176349 - VUL-0: CVE-2020-25599: xen: races with evtchn_reset() (XSA-343) xsa343-1.patch xsa343-2.patch xsa343-3.patch - bsc#1176350 - VUL-0: CVE-2020-25601: xen: lack of preemption in evtchn_reset() / evtchn_destroy() (XSA-344) xsa344-1.patch xsa344-2.patch - Upstream bug fixes (bsc#1027519) 5f479d9e-x86-begin-to-support-MSR_ARCH_CAPS.patch 5f4cf06e-x86-Dom0-expose-MSR_ARCH_CAPS.patch 5f4cf96a-x86-PV-fix-SEGBASE_GS_USER_SEL.patch 5f560c42-x86-PV-64bit-segbase-consistency.patch- Upstream bug fixes (bsc#1027519) 5ef44e0d-x86-PMTMR-use-FADT-flags.patch 5ef6156a-x86-disallow-access-to-PT-MSRs.patch 5efcb354-x86-protect-CALL-JMP-straight-line-speculation.patch 5f046c18-evtchn-dont-ignore-error-in-get_free_port.patch (Replaces xsa317.patch) 5f046c48-x86-shadow-dirty-VRAM-inverted-conditional.patch (Replaces xsa319.patch) 5f046c64-EPT-set_middle_entry-adjustments.patch (Replaces xsa328-1.patch) 5f046c78-EPT-atomically-modify-ents-in-ept_next_level.patch (Replaces xsa328-2.patch) 5f046c9a-VT-d-improve-IOMMU-TLB-flush.patch (Replaces xsa321-1.patch) 5f046cb5-VT-d-prune-rename-cache-flush-funcs.patch (Replaces xsa321-2.patch) 5f046cca-x86-IOMMU-introduce-cache-sync-hook.patch (Replaces xsa321-3.patch) 5f046ce9-VT-d-sync_cache-misaligned-addresses.patch (Replaces xsa32141.patch) 5f046cfd-x86-introduce-alternative_2.patch (Replaces xsa321-5.patch) 5f046d1a-VT-d-optimize-CPU-cache-sync.patch (Replaces xsa321-6.patch) 5f046d2b-EPT-flush-cache-when-modifying-PTEs.patch (Replaces xsa321-7.patch) 5f046d5c-check-VCPUOP_register_vcpu_info-alignment.patch (Replaces xsa327.patch) 5f1a9916-x86-S3-put-data-sregs-into-known-state.patch 5f21b9fd-x86-cpuid-APIC-bit-clearing.patch- bsc#1172356 - Not able to hot-plug NIC via virt-manager, asks to attach on next reboot while it should be live attached ignore-ip-command-script-errors.patch- Enhance libxc.migrate_tracking.patch After transfer of domU memory, the target host has to assemble the backend devices. Track the time prior xc_domain_unpause.- Add libxc.migrate_tracking.patch to track live migrations unconditionally in logfiles, especially in libvirt. This will track how long a domU was suspended during transit.- bsc#1173376 - VUL-0: CVE-2020-15566: xen: XSA-317 - Incorrect error handling in event channel port allocation xsa317.patch - bsc#1173377 - VUL-0: CVE-2020-15563: xen: XSA-319 - inverted code paths in x86 dirty VRAM tracking xsa319.patch - bsc#1173378 - VUL-0: CVE-2020-15565: xen: XSA-321 - insufficient cache write- back under VT-d xsa321-1.patch xsa321-2.patch xsa321-3.patch xsa321-4.patch xsa321-5.patch xsa321-6.patch xsa321-7.patch - bsc#1173380 - VUL-0: CVE-2020-15567: xen: XSA-328 - non-atomic modification of live EPT PTE xsa328-1.patch xsa328-2.patch- bsc#1172205 - VUL-0: CVE-2020-0543: xen: Special Register Buffer Data Sampling (SRBDS) aka "CrossTalk" (XSA-320) 5ee24d0e-x86-spec-ctrl-document-SRBDS-workaround.patch 5edfbbea-x86-spec-ctrl-CPUID-MSR-defs-for-SRBDS.patch (Replaces xsa320-1.patch) 5edfbbea-x86-spec-ctrl-mitigate-SRBDS.patch (Replaces xsa320-2.patch) - Upstream bug fixes (bsc#1027519) 5ec50b05-x86-idle-rework-C6-EOI-workaround.patch 5ec7dcaa-x86-dont-enter-C6-with-in-service-intr.patch 5ec7dcf6-x86-dont-enter-C3-C6-with-errata.patch 5ec82237-x86-extend-ISR-C6-workaround-to-Haswell.patch 5ece1b91-x86-clear-RDRAND-CPUID-bit-on-AMD-fam-15-16.patch 5ece8ac4-x86-load_system_tables-NMI-MC-safe.patch 5ed69804-x86-ucode-fix-start-end-update.patch 5eda60cb-SVM-split-recalc-NPT-fault-handling.patch 5edf6ad8-ioreq-pending-emulation-server-destruction-race.patch- Fixes for %_libexecdir changing to /usr/libexec- bsc#1172205 - VUL-0: CVE-2020-0543: xen: Special Register Buffer Data Sampling (SRBDS) aka "CrossTalk" (XSA-320) xsa320-1.patch xsa320-2.patch- Update to Xen 4.13.1 bug fix release (bsc#1027519) xen-4.13.1-testing-src.tar.bz2 5eb51be6-cpupool-fix-removing-cpu-from-pool.patch 5eb51caa-sched-vcpu-pause-flags-atomic.patch 5ec2a760-x86-determine-MXCSR-mask-always.patch - Drop patches contained in new tarball 5de65f84-gnttab-map-always-do-IOMMU-part.patch 5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch 5e15e03d-sched-fix-S3-resume-with-smt=0.patch 5e16fb6a-x86-clear-per-cpu-stub-page-info.patch 5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch 5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch 5e21ce98-x86-time-update-TSC-stamp-after-deep-C-state.patch 5e286cce-VT-d-dont-pass-bridges-to-domain_context_mapping_one.patch 5e318cd4-x86-apic-fix-disabling-LVT0.patch 5e344c11-x86-HVM-relinquish-resources-from-domain_destroy.patch 5e3bd385-EFI-recheck-variable-name-strings.patch 5e3bd3d1-EFI-dont-leak-heap-VIA-XEN_EFI_get_next_variable_name.patch 5e3bd3f8-xmalloc-guard-against-overflow.patch 5e46e090-x86-smp-reset-x2apic_enabled-in-smp_send_stop.patch 5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch 5e4d4f5b-sched-fix-get_cpu_idle_time-with-core-sched.patch 5e4e614d-x86-spec-ctrl-no-xen-also-disables-branch-hardening.patch 5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch 5e5e7188-fix-error-path-in-cpupool_unassign_cpu_start.patch 5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch 5e7a371c-sched-fix-cpu-onlining-with-core-sched.patch 5e7c90cf-sched-fix-cpu-offlining-with-core-sched.patch 5e7cfb29-x86-ucode-AMD-fix-assert-in-compare_patch.patch 5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch 5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch 5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch 5e846cce-x86-HVM-fix-AMD-ECS-handling-for-Fam10.patch 5e84905c-x86-ucode-AMD-fix-more-potential-buffer-overruns.patch 5e86f7b7-credit2-avoid-vCPUs-with-lower-creds-than-idle.patch 5e86f7fd-credit2-fix-credit-too-few-resets.patch 5e876b0f-tools-xenstore-fix-use-after-free-in-xenstored.patch 5e95ad61-xenoprof-clear-buffer-intended-to-be-shared-with-guests.patch 5e95ad8f-xenoprof-limit-consumption-of-shared-buffer-data.patch 5e95ae77-Add-missing-memory-barrier-in-the-unlock-path-of-rwlock.patch 5e95af5e-xen-gnttab-Fix-error-path-in-map_grant_ref.patch 5e95afb8-gnttab-fix-GNTTABOP_copy-continuation-handling.patch- spec: Remove invocation of autogen.sh - spec: Recommend qemu-ovmf-x86_64 to provide UEFI firmwares- bsc#1170968 - GCC 10: xen build fails on i586 gcc10-fixes.patch- bsc#1169392 - VUL-0: CVE-2020-11742: xen: Bad continuation handling in GNTTABOP_copy (XSA-318) 5e95afb8-gnttab-fix-GNTTABOP_copy-continuation-handling.patch- bsc#1168140 - VUL-0: CVE-2020-11740, CVE-2020-11741: xen: XSA-313 multiple xenoprof issues 5e95ad61-xenoprof-clear-buffer-intended-to-be-shared-with-guests.patch 5e95ad8f-xenoprof-limit-consumption-of-shared-buffer-data.patch - bsc#1168142 - VUL-0: CVE-2020-11739: xen: XSA-314 - Missing memory barriers in read-write unlock paths 5e95ae77-Add-missing-memory-barrier-in-the-unlock-path-of-rwlock.patch - bsc#1168143 - VUL-0: CVE-2020-11743: xen: XSA-316 - Bad error path in GNTTABOP_map_grant 5e95af5e-xen-gnttab-Fix-error-path-in-map_grant_ref.patch - bsc#1167152 - L3: Xenstored Crashed during VM install Need Core analyzed 5e876b0f-tools-xenstore-fix-use-after-free-in-xenstored.patch - bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog bug soft lockup CPU #0 stuck under high load / upstream with workaround. See also bsc#1134506 5e86f7b7-credit2-avoid-vCPUs-with-lower-creds-than-idle.patch 5e86f7fd-credit2-fix-credit-too-few-resets.patch - Drop for upstream solution (bsc#1165206) 01-xen-credit2-avoid-vcpus-to.patch default-to-credit1-scheduler.patch - Upstream bug fixes (bsc#1027519) 5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch 5e5e7188-fix-error-path-in-cpupool_unassign_cpu_start.patch 5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch 5e7a371c-sched-fix-cpu-onlining-with-core-sched.patch 5e7c90cf-sched-fix-cpu-offlining-with-core-sched.patch 5e7cfb29-x86-ucode-AMD-fix-assert-in-compare_patch.patch 5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch 5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch 5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch 5e846cce-x86-HVM-fix-AMD-ECS-handling-for-Fam10.patch 5e84905c-x86-ucode-AMD-fix-more-potential-buffer-overruns.patch- bsc#1167608 - unbound limit for max_event_channels domUs with many vcpus and/or resources fail to start libxl.max_event_channels.patch- bsc#1161480 - Fix xl shutdown for HVM without PV drivers add libxl.libxl__domain_pvcontrol.patch- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog bug soft lockup CPU #0 stuck under high load / upstream with workaround. See also bsc#1134506 01-xen-credit2-avoid-vcpus-to.patch- bsc#1158414 - GCC 10: xen build fails gcc10-fixes.patch- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog bug soft lockup CPU #0 stuck under high load / upstream with workaround. See also bsc#1134506 default-to-credit1-scheduler.patch- bsc#1160932 - VUL-0: xen: XSA-312 v1: arm: a CPU may speculate past the ERET instruction 5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch - bsc#1164425 - x86: "spec-ctrl=no-xen" should also disable branch hardening 5e4e614d-x86-spec-ctrl-no-xen-also-disables-branch-hardening.patch - Upstream bug fixes (bsc#1027519) 5e21ce98-x86-time-update-TSC-stamp-after-deep-C-state.patch 5e286cce-VT-d-dont-pass-bridges-to-domain_context_mapping_one.patch 5e318cd4-x86-apic-fix-disabling-LVT0.patch 5e344c11-x86-HVM-relinquish-resources-from-domain_destroy.patch 5e3bd385-EFI-recheck-variable-name-strings.patch 5e3bd3d1-EFI-dont-leak-heap-VIA-XEN_EFI_get_next_variable_name.patch 5e3bd3f8-xmalloc-guard-against-overflow.patch 5e46e090-x86-smp-reset-x2apic_enabled-in-smp_send_stop.patch 5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch 5e4d4f5b-sched-fix-get_cpu_idle_time-with-core-sched.patch- bsc#1159755 - use fixed qemu-3.1 machine type for HVM This must be done in qemu to preserve PCI layout remove libxl.lock-qemu-machine-for-hvm.patch- jsc#SLE-10183 - script to calculate cpuid= mask add helper script from https://github.com/twizted/xen_maskcalc domUs may be migrated between different cpus from the same vendor if their visible cpuid value has incompatible feature bits masked.- jsc#SLE-10172, bsc#1055731 - handle degraded raid for xendomains add helper script and systemd service from https://github.com/luizluca/xen-tools-xendomains-wait-disk in new sub package xen-tools-xendomains-wait-disk See included README for usage instructions xendomains-wait-disks.LICENSE xendomains-wait-disks.README.md xendomains-wait-disks.sh- bsc#1159755 - use fixed qemu-3.1 machine type for HVM qemu4 introduced incompatible changes in pc-i440fx, which revealed a design bug in 'xenfv'. Live migration from domUs started with qemu versions prior qemu4 can not be received with qemu4+. libxl.lock-qemu-machine-for-hvm.patch- Upstream bug fixes (bsc#1027519) 5de65f84-gnttab-map-always-do-IOMMU-part.patch 5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch 5e15e03d-sched-fix-S3-resume-with-smt=0.patch 5e16fb6a-x86-clear-per-cpu-stub-page-info.patch 5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch- BuildRequire pkgconfig(libsystemd) instead of systemd-devel: Allow OBS to shortcut through the -mini flavors.- bsc#1159320 - Xen logrotate file needs updated logrotate.conf- Update to Xen 4.13.0 FCS release xen-4.13.0-testing-src.tar.bz2 * Core Scheduling (contributed by SUSE) * Branch hardening to mitigate against Spectre v1 (contributed by Citrix) * Late uCode loading (contributed by Intel) * Improved live-patching build tools (contributed by AWS) * OP-TEE support (contributed by EPAM) * Renesas R-CAR IPMMU-VMSA driver (contributed by EPAM) * Dom0-less passthrough and ImageBuilder (contributed by XILINX) * Support for new Hardware- Update to Xen 4.13.0 RC4 release xen-4.13.0-testing-src.tar.bz2 - Rebase libxl.pvscsi.patch- Update to Xen 4.13.0 RC3 release xen-4.13.0-testing-src.tar.bz2 - Drop python38-build.patch- Update to Xen 4.13.0 RC2 release xen-4.13.0-testing-src.tar.bz2- Add python38-build.patch fixing build with Python 3.8 (add - -embed to python-config call)- Update to Xen 4.13.0 RC1 release xen-4.13.0-testing-src.tar.bz2 - Drop patches contained in new tarball or invalid 5ca7660f-x86-entry-drop-unused-includes.patch 5cab2a6b-x86-ACPI-also-parse-AMD-tables-early.patch 5cab2ab7-x86-IOMMU-introduce-init-ops.patch 5cab2ae8-x86-IOMMU-abstract-iommu_supports_eim.patch 5cab2b4e-x86-IOMMU-abstract-iommu_enable_x2apic_IR.patch 5cab2b95-x86-IOMMU-initialize-iommu_ops-in.patch 5cac9a4b-x86-IOMMU-abstract-adjust_vtd_irq_affinities.patch 5cdeac7f-AMD-IOMMU-adjust-IOMMU-list-head-init.patch 5cf8da09-adjust-sysdom-creation-call-earlier-on-x86.patch 5d0cf4e4-AMD-IOMMU-initialize-IRQ-tasklet-once.patch 5d149bb0-AMD-IOMMU-dont-add-IOMMUs.patch 5d1b3fab-AMD-IOMMU-restrict-feature-logging.patch 5d358508-x86-IRQ-desc-affinity-represents-request.patch 5d358534-x86-IRQ-consolidate-arch-cpu_mask-use.patch 5d358a67-AMD-IOMMU-pass-IOMMU-to-iterate_ivrs_entries-cb.patch 5d358a92-AMD-IOMMU-pass-IOMMU-to-amd_iommu_alloc_intremap_table.patch 5d39811c-x86-IOMMU-dont-restrict-IRQ-affinities.patch 5d417813-AMD-IOMMU-bitfield-extended-features.patch 5d417838-AMD-IOMMU-bitfield-control-reg.patch 5d41785b-AMD-IOMMU-bitfield-IRTE.patch 5d41787e-AMD-IOMMU-pass-IOMMU-to-gfu-intremap-entry.patch 5d4178ad-AMD-IOMMU-128bit-non-guest-APIC-IRTE.patch 5d4178fc-AMD-IOMMU-split-amd_iommu_init_one.patch 5d41793f-AMD-IOMMU-allow-enabling-without-IRQ.patch 5d417a16-AMD-IOMMU-adjust-IRQ-setup-for-x2APIC.patch 5d417ab6-AMD-IOMMU-enable-x2APIC-mode.patch 5d417b38-AMD-IOMMU-correct-IRTE-updating.patch 5d417b6a-AMD-IOMMU-dont-needlessly-log-headers.patch 5d419d49-x86-spec-ctrl-report-proper-status.patch 5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch 5d4a9d25-AMD-IOMMU-drop-not-found-message.patch 5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch 5d4afa7a-credit2-fix-memory-leak.patch 5d4d850a-introduce-bss-percpu-page-aligned.patch 5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch 5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch 5d6524ca-x86-mm-correctly-init-M2P-entries.patch 5d67ceaf-x86-properly-gate-PKU-clearing.patch 5d70bfba-x86-shadow-dont-enable-with-too-small-allocation.patch 5d779811-x86-fix-CPUID7-0-eax-levelling-MSR.patch 5d77b40f-fix-hvm_all_ioreq_servers_add_vcpu-cleanup.patch 5d80e7c0-AMD-IOMMU-free-shared-IRT-once.patch 5d80e80d-AMD-IOMMU-valid-flag-for-IVRS-mappings.patch 5d80e82e-AMD-IOMMU-alloc_intremap_table-callers-handle-errors.patch 5d80e857-x86-PCI-read-MSI-X-table-entry-count-early.patch 5d80ea13-vpci-honor-read-only-devices.patch 5d89d8d9-libxc-x86-avoid-overflow-in-CPUID-APIC-ID.patch 5d8b715f-ACPI-cpuidle-bump-max-num-of-states.patch 5d8b72e5-AMD-IOMMU-dont-blindly-alloc-intremap-tables.patch 5d8b730e-AMD-IOMMU-phantom-funcs-share-intremap-tables.patch 5d8b733b-x86-PCI-read-max-MSI-vector-count-early.patch 5d8b736d-AMD-IOMMU-replace-INTREMAP_ENTRIES.patch 5d8b7393-AMD-IOMMU-restrict-intremap-table-sizes.patch 5d9ee2a8-AMD-IOMMU-alloc-1-devtab-per-PCI-seg.patch 5d9ee2f0-AMD-IOMMU-allocate_buffer-avoid-memset.patch 5d9ee312-AMD-IOMMU-prefill-all-DTEs.patch CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch blktap2-no-uninit.patch libxl.prepare-environment-for-domcreate_stream_done.patch pygrub-python3-conversion.patch fix-xenpvnetboot.patch- bsc#1135799 - Partner-L3: Xen crashes on AMD ROME based machines 5d9ee2a8-AMD-IOMMU-alloc-1-devtab-per-PCI-seg.patch 5d9ee2f0-AMD-IOMMU-allocate_buffer-avoid-memset.patch 5d9ee312-AMD-IOMMU-prefill-all-DTEs.patch- bsc#1120095 - add code to change LIBXL_HOTPLUG_TIMEOUT at runtime The included README has details about the impact of this change libxl.LIBXL_HOTPLUG_TIMEOUT.patch- bsc#1135799 - Partner-L3: Xen crashes on AMD ROME based machines 5ca7660f-x86-entry-drop-unused-includes.patch 5cf8da09-adjust-sysdom-creation-call-earlier-on-x86.patch 5cab2a6b-x86-ACPI-also-parse-AMD-tables-early.patch 5cab2ab7-x86-IOMMU-introduce-init-ops.patch 5cab2ae8-x86-IOMMU-abstract-iommu_supports_eim.patch 5cab2b4e-x86-IOMMU-abstract-iommu_enable_x2apic_IR.patch 5cab2b95-x86-IOMMU-initialize-iommu_ops-in.patch 5cac9a4b-x86-IOMMU-abstract-adjust_vtd_irq_affinities.patch 5cdeac7f-AMD-IOMMU-adjust-IOMMU-list-head-init.patch 5d0cf4e4-AMD-IOMMU-initialize-IRQ-tasklet-once.patch 5d149bb0-AMD-IOMMU-dont-add-IOMMUs.patch 5d1b3fab-AMD-IOMMU-restrict-feature-logging.patch 5d358508-x86-IRQ-desc-affinity-represents-request.patch 5d358534-x86-IRQ-consolidate-arch-cpu_mask-use.patch 5d358a67-AMD-IOMMU-pass-IOMMU-to-iterate_ivrs_entries-cb.patch 5d358a92-AMD-IOMMU-pass-IOMMU-to-amd_iommu_alloc_intremap_table.patch 5d39811c-x86-IOMMU-dont-restrict-IRQ-affinities.patch 5d417813-AMD-IOMMU-bitfield-extended-features.patch 5d417838-AMD-IOMMU-bitfield-control-reg.patch 5d41785b-AMD-IOMMU-bitfield-IRTE.patch 5d41787e-AMD-IOMMU-pass-IOMMU-to-gfu-intremap-entry.patch 5d4178ad-AMD-IOMMU-128bit-non-guest-APIC-IRTE.patch 5d4178fc-AMD-IOMMU-split-amd_iommu_init_one.patch 5d41793f-AMD-IOMMU-allow-enabling-without-IRQ.patch 5d417a16-AMD-IOMMU-adjust-IRQ-setup-for-x2APIC.patch 5d417ab6-AMD-IOMMU-enable-x2APIC-mode.patch 5d417b38-AMD-IOMMU-correct-IRTE-updating.patch 5d417b6a-AMD-IOMMU-dont-needlessly-log-headers.patch 5d4a9d25-AMD-IOMMU-drop-not-found-message.patch 5d80e7c0-AMD-IOMMU-free-shared-IRT-once.patch 5d80e80d-AMD-IOMMU-valid-flag-for-IVRS-mappings.patch 5d80e82e-AMD-IOMMU-alloc_intremap_table-callers-handle-errors.patch 5d80e857-x86-PCI-read-MSI-X-table-entry-count-early.patch 5d8b72e5-AMD-IOMMU-dont-blindly-alloc-intremap-tables.patch 5d8b730e-AMD-IOMMU-phantom-funcs-share-intremap-tables.patch 5d8b733b-x86-PCI-read-max-MSI-vector-count-early.patch 5d8b736d-AMD-IOMMU-replace-INTREMAP_ENTRIES.patch 5d8b7393-AMD-IOMMU-restrict-intremap-table-sizes.patch - bsc#1145240 - [Migration]Can't pre-allocate 1 shadow pages 5d70bfba-x86-shadow-dont-enable-with-too-small-allocation.patch - bsc#1137717 - [HPS Bug] Unable to install Windows Server 2016 with 2 CPUs setting (or above) under SLES12 SP4 Xen Server on AMD ROME platform 5d89d8d9-libxc-x86-avoid-overflow-in-CPUID-APIC-ID.patch - Upstream bug fixes (bsc#1027519) 5d67ceaf-x86-properly-gate-PKU-clearing.patch 5d779811-x86-fix-CPUID7-0-eax-levelling-MSR.patch 5d77b40f-fix-hvm_all_ioreq_servers_add_vcpu-cleanup.patch 5d80ea13-vpci-honor-read-only-devices.patch 5d8b715f-ACPI-cpuidle-bump-max-num-of-states.patch- bsc#1145774 - Libivrtd segfaults when trying to live migrate a VM Fix crash in an error path of libxl_domain_suspend with libxl.helper_done-crash.patch- Upstream bug fixes (bsc#1027519) 5d419d49-x86-spec-ctrl-report-proper-status.patch 5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch 5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch 5d4afa7a-credit2-fix-memory-leak.patch 5d4d850a-introduce-bss-percpu-page-aligned.patch 5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch 5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch 5d6524ca-x86-mm-correctly-init-M2P-entries.patch - Drop 5d419d49-x86-spec-ctrl-facilities-report-wrong-status.patch- Preserve modified files which used to be marked as %config, rename file.rpmsave to file- Update to Xen 4.12.1 bug fix release (bsc#1027519) xen-4.12.1-testing-src.tar.bz2 - Drop patches contained in new tarball 5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch 5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch 5c87b6c8-drop-arch_evtchn_inject.patch 5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch 5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch 5c8f752c-x86-e820-build-with-gcc9.patch 5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch 5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch 5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch 5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch 5c9e63c5-credit2-SMT-idle-handling.patch 5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch 5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch 5cd921fb-trace-fix-build-with-gcc9.patch 5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch 5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch 5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch 5cd926d0-bitmap_fill-zero-sized.patch 5cd92724-drivers-video-drop-constraints.patch 5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch 5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch 5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch 5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch 5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch 5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch 5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch 5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch 5cdeb9fd-sched-fix-csched2_deinit_pdata.patch 5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch 5cf0f6a4-x86-vhpet-resume-avoid-small-diff.patch 5cf16e51-x86-spec-ctrl-Knights-retpoline-safe.patch 5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch 5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch 5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch 5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch 5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch 5d03a0c4-6-Arm64-cmpxchg-simplify.patch 5d03a0c4-7-Arm32-cmpxchg-simplify.patch 5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch 5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch 5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch 5d03a0c4-B-bitops-guest-helpers.patch 5d03a0c4-C-cmpxchg-guest-helpers.patch 5d03a0c4-D-use-guest-atomics-helpers.patch 5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch 5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch - Refreshed patches libxl.pvscsi.patch- bsc#1143563 - Speculative mitigation facilities report wrong status 5d419d49-x86-spec-ctrl-facilities-report-wrong-status.patch- Update xen-dom0-modules.service (bsc#1137251) Map backend module names from pvops and xenlinux kernels to a module alias. This avoids errors from modprobe about unknown modules. Ignore a few xenlinux modules that lack aliases.- Gcc9 warnings seem to be cleared up with upstream fixes. Drop gcc9-ignore-warnings.patch- bsc#1138563 - L3: xenpvnetboot improperly ported to Python 3 fix-xenpvnetboot.patch- Move /etc/modprobe.d/xen_loop.conf to /lib/modprobe.d/xen_loop.conf- Remove /etc/xen/xenapiusers and /etc/pam.d/xen-api- Remove all upstream provided files in /etc/xen They are not required at runtime. The host admin is now responsible if he really needs anything in this subdirectory.- In our effort to make /etc fully admin controlled, move /etc/xen/scripts to libexec/xen/scripts with xen-tools.etc_pollution.patch- Move /etc/bash_completion.d/xl.sh to %{_datadir}/bash-completion/completions- bsc#1138294 - VUL-0: CVE-2019-17349: XSA-295: Unlimited Arm Atomics Operations 5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch 5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch 5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch 5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch 5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch 5d03a0c4-6-Arm64-cmpxchg-simplify.patch 5d03a0c4-7-Arm32-cmpxchg-simplify.patch 5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch 5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch 5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch 5d03a0c4-B-bitops-guest-helpers.patch 5d03a0c4-C-cmpxchg-guest-helpers.patch 5d03a0c4-D-use-guest-atomics-helpers.patch 5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch 5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch - Upstream bug fixes (bsc#1027519) 5c87b6c8-drop-arch_evtchn_inject.patch 5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch 5cd921fb-trace-fix-build-with-gcc9.patch 5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch 5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch 5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch 5cd926d0-bitmap_fill-zero-sized.patch 5cd92724-drivers-video-drop-constraints.patch 5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch (Replaces xsa297-0a.patch) 5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch (Replaces xsa297-0b.patch) 5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch (Replaces xsa297-0c.patch) 5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch (Replaces xsa297-0d.patch) 5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch (Replaces xsa297-1.patch) 5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch (Replaces xsa297-2.patch) 5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch (Replaces xsa297-3.patch) 5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch 5cdeb9fd-sched-fix-csched2_deinit_pdata.patch 5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch 5cf0f6a4-x86-vhpet-resume-avoid-small-diff.patch 5cf16e51-x86-spec-ctrl-Knights-retpoline-safe.patch- Fix some outdated information in the readme README.SUSE- spec: xen-tools: require matching version of xen package bsc#1137471- Remove two stale patches xen.build-compare.man.patch xenpaging.doc.patch- Disable LTO (boo#1133296).- Remove arm32 from ExclusiveArch to fix build- bsc#1111331 - VUL-0: CPU issues Q2 2019 aka "Group 4". CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 xsa297-0a.patch xsa297-0b.patch xsa297-0c.patch xsa297-0d.patch xsa297-1.patch xsa297-2.patch xsa297-3.patch - Update 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch and drop 5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch Refresh 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch- bsc#1131811 - [XEN] internal error: libxenlight failed to create new domain. This patch is a workaround for a systemd issue. See patch header for additional comments. xenstore-launch.patch- bsc#1125378 - [xen][pygrub] Can not restore sle11sp4 pv guest after upgrading host from sle11sp4 to sle15sp1 pygrub-python3-conversion.patch - Fix "TypeError: virDomainDefineXML() argument 2 must be str or None, not bytes" when converting VMs from using the xm/xend toolstack to the libxl/libvirt toolstack. (bsc#1123378) xen2libvirt.py- bsc#1124560 - Fully virtualized guests crash on boot 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch - bsc#1121391 - GCC 9: xen build fails 5c8f752c-x86-e820-build-with-gcc9.patch - Upstream bug fixes (bsc#1027519) 5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch 5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch 5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch 5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch 5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch 5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch 5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch 5c9e63c5-credit2-SMT-idle-handling.patch 5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch 5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch 5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch- Install pkgconfig files into libdir instead of datadir- Update to Xen 4.12.0 FCS release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2 * HVM/PVH and PV only Hypervisor: The Xen 4.12 release separates the HVM/PVH and PV code paths in Xen and provides KCONFIG options to build a PV only or HVM/PVH only hypervisor. * QEMU Deprivilege (DM_RESTRICT): In Xen 4.12, this feature has been vastly improved. * Argo - Hypervisor-Mediated data eXchange: Argo is a new inter- domain communication mechanism. * Improvements to Virtual Machine Introspection: The VMI subsystem which allows detection of 0-day vulnerabilities has seen many functional and performance improvements. * Credit 2 Scheduler: The Credit2 scheduler is now the Xen Project default scheduler. * PVH Support: Grub2 boot support has been added to Xen and Grub2. * PVH Dom0: PVH Dom0 support has now been upgraded from experimental to tech preview. * The Xen 4.12 upgrade also includes improved IOMMU mapping code, which is designed to significantly improve the startup times of AMD EPYC based systems. * The upgrade also features Automatic Dom0 Sizing which allows the setting of Dom0 memory size as a percentage of host memory (e.g. 10%) or with an offset (e.g. 1G+10%).- bsc#1130485 - Please drop Requires on multipath-tools in xen-tools. Now using Recommends multipath-tools. xen.spec- Update to Xen 4.12.0 RC7 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2- Update to Xen 4.12.0 RC6 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2- bsc#1026236 - add Xen cmdline option "suse_vtsc_tolerance" to avoid TSC emulation for HVM domUs if their expected frequency does not match exactly the frequency of the receiving host xen.bug1026236.suse_vtsc_tolerance.patch- Update to Xen 4.12.0 RC5 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2- jsc#SLE-3059 - Disable Xen auto-ballooning - Add CONFIG_DOM0_MEM to the spec file for managing dom0 memory. xen.spec - Disable autoballooning in xl.con xl-conf-disable-autoballoon.patch- Update gcc9-ignore-warnings.patch to fix build in SLE12- bsc#1126325 - fix crash in libxl in error path Setup of grant_tables and other variables may fail libxl.prepare-environment-for-domcreate_stream_done.patch- bsc#1127620 - Documentation for the xl configuration file allows for firmware=pvgrub64 but we don't ship pvgrub64. Create a link from grub.xen to pvgrub64 xen.spec- Update to Xen 4.12.0 RC4 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2 - Tarball also contains additional post RC4 security fixes for Xen Security Advisories 287, 288, and 290 through 294.- Update to Xen 4.12.0 RC3 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2- Update to Xen 4.12.0 RC2 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2- bsc#1121391 - GCC 9: xen build fails gcc9-ignore-warnings.patch- bsc#1122563 - Virtualization/xen: Bug no Xen on boot, missing /proc/xen, after 4.11 -> 4.12 upgrade on X86_64/efi. Keep xen.efi in /usr/lib64/efi for booting older distros. xen.spec- fate#326960: Package grub2 as noarch. As part of the effort to have a unified bootloader across architectures, modify the xen.spec file to move the Xen efi files to /usr/share/efi/$(uname -m) from /usr/lib64/efi.- Update to Xen 4.12.0 RC1 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2 - Drop 5b505d59-tools-xentop-replace-use-of-deprecated-vwprintw.patch 5b76ec82-libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch 5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch 5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch 5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch 5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch 5b9784d2-x86-HVM-add-known_gla-helper.patch 5b9784f2-x86-HVM-split-page-straddling-accesses.patch 5bdc31d5-VMX-fix-vmx_handle_eoi.patch gcc8-fix-array-warning-on-i586.patch gcc8-fix-format-warning-on-i586.patch gcc8-inlining-failed.patch xen.bug1079730.patch- bsc#1121960 - xen: sync with Factory xen.spec xen.changes- Replace old $RPM_* shell vars. - Run fdupes for all architectures, and not crossing subvolume boundaries.- Do not run %fdupes on aarch64 to avoid the hardlink-across-partition rpmlint error- Require qemu-seabios only on x86* as it is not available on non-x86 systems- Avoid creating dangling symlinks (bsc#1116524) This reverts the revert of tmp_build.patch- Update to Xen 4.11.1 bug fix release (bsc#1027519) xen-4.11.1-testing-src.tar.bz2 - 5b505d59-tools-xentop-replace-use-of-deprecated-vwprintw.patch replaces xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch - 5b76ec82-libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch replaces xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch - Drop the following patches contained in the new tarball 5b34b8fe-VMX-defer-vmx_vmcs_exit-as-long-as-possible.patch 5b3cab8e-1-VMX-MSR_DEBUGCTL-handling.patch 5b3cab8e-2-VMX-improve-MSR-load-save-API.patch 5b3cab8e-3-VMX-cleanup-MSR-load-save-infra.patch 5b3cab8f-1-VMX-factor-out-locate_msr_entry.patch 5b3cab8f-2-VMX-remote-access-to-MSR-lists.patch 5b3cab8f-3-VMX-improve-LBR-MSR-handling.patch 5b3cab8f-4-VMX-pass-MSR-value-into-vmx_msr_add.patch 5b3cab8f-5-VMX-load-only-guest-MSR-entries.patch 5b3f8fa5-port-array_index_nospec-from-Linux.patch 5b4321f6-x86-correctly-set-nonlazy_xstate_used-when-loading-full-state.patch 5b4488e7-x86-spec-ctrl-cmdline-handling.patch 5b471517-page_alloc-correct-first_dirty-calc-in-block-merging.patch 5b4c9a60-allow-cpu_down-to-be-called-earlier.patch 5b4db308-SVM-fix-cleanup-svm_inject_event.patch 5b5040c3-cpupools-fix-state-when-downing-a-CPU-failed.patch 5b5040f2-x86-AMD-distinguish-CU-from-HT.patch 5b505fe5-VMX-fix-find-msr-build.patch 5b508775-1-x86-distinguish-CPU-offlining-and-removal.patch 5b508775-2-x86-possibly-bring-up-all-CPUs.patch 5b508775-3-x86-cmdline-opt-to-avoid-use-of-secondary-HTs.patch 5b508ce8-VMX-dont-clobber-dr6-while-debug-state-is-lazy.patch 5b50df16-1-x86-xstate-use-guest-CPUID-policy.patch 5b50df16-2-x86-make-xstate-calculation-errors-more-obvious.patch 5b56feb1-hvm-Disallow-unknown-MSR_EFER-bits.patch 5b56feb2-spec-ctrl-Fix-the-parsing-of-xpti--on-fixed-Intel-hardware.patch 5b62ca93-VMX-avoid-hitting-BUG_ON.patch 5b6d84ac-x86-fix-improve-vlapic-read-write.patch 5b6d8ce2-x86-XPTI-parsing.patch 5b72fbbe-ARM-disable-grant-table-v2.patch 5b72fbbe-oxenstored-eval-order.patch 5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch 5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch 5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch 5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch 5b72fbbf-4-mm-Plumbing-to-allow-any-PTE-update-to-fail-with--ERESTART.patch 5b72fbbf-5-pv-Force-a-guest-into-shadow-mode-when-it-writes-an-L1TF-vulnerable-PTE.patch 5b72fbbf-6-spec-ctrl-CPUID-MSR-definitions-for-L1D_FLUSH.patch 5b72fbbf-7-msr-Virtualise-MSR_FLUSH_CMD-for-guests.patch 5b72fbbf-8-spec-ctrl-Introduce-an-option-to-control-L1D_FLUSH-for-HVM-HAP-guests.patch 5b72fbbf-x86-Make-spec-ctrl-no-a-global-disable-of-all-mitigations.patch 5b72fbbf-xl.conf-Add-global-affinity-masks.patch 5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch 5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch 5b75afef-x86-setup-avoid-OoB-E820-lookup.patch 5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch 5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch 5b8d5832-x86-assorted-array_index_nospec-insertions.patch 5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch 5bacae4b-x86-boot-allocate-extra-module-slot.patch 5bae44ce-x86-silence-false-log-messages.patch 5bb60c12-x86-split-opt_xpti.patch 5bb60c4f-x86-split-opt_pv_l1tf.patch 5bb60c74-x86-fix-xpti-and-pv-l1tf.patch 5bcf0722-x86-boot-enable-NMIs.patch 5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch 5bd076e9-x86-boot-init-debug-regs-correctly.patch 5bd076e9-x86-init-vcpu-debug-regs-correctly.patch 5bd0e0cf-vvmx-Disallow-the-use-of-VT-x-instructions-when-nested-virt-is-disabled.patch 5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch 5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch 5be2a308-x86-extend-get_platform_badpages.patch 5be2a354-x86-work-around-HLE-host-lockup-erratum.patch xsa275-1.patch xsa275-2.patch xsa276-1.patch xsa276-2.patch xsa277.patch xsa279.patch xsa280-1.patch xsa280-2.patch- bsc#1116524 - Package xen-tools-4.11.0_09-2.1.x86_64 broken: Missing /bin/domu-xenstore. This was broken because "make package build reproducible" change. (boo#1047218, boo#1062303) This fix reverses the change to this patch. tmp_build.patch- bsc#1115040 - VUL-0: CVE-2018-19961 CVE-2018-19962: xen: insufficient TLB flushing / improper large page mappings with AMD IOMMUs (XSA-275) xsa275-1.patch xsa275-2.patch - bsc#1115043 - VUL-0: CVE-2018-19963: xen: resource accounting issues in x86 IOREQ server handling (XSA-276) xsa276-1.patch xsa276-2.patch - bsc#1115044 - VUL-0: CVE-2018-19964: xen: x86: incorrect error handling for guest p2m page removals (XSA-277) xsa277.patch - bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even when disabled (XSA-278) 5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch - bsc#1115045 - VUL-0: xen: CVE-2018-19965: x86: DoS from attempting to use INVPCID with a non-canonical addresses (XSA-279) xsa279.patch - bsc#1115047 - VUL-0: CVE-2018-19966: xen: Fix for XSA-240 conflicts with shadow paging (XSA-280) xsa280-1.patch xsa280-2.patch - bsc#1114988 - VUL-0: CVE-2018-19967: xen: guest use of HLE constructs may lock up host (XSA-282) 5be2a308-x86-extend-get_platform_badpages.patch 5be2a354-x86-work-around-HLE-host-lockup-erratum.patch - bsc#1108940 - L3: XEN SLE12-SP1 domU hang on SLE12-SP3 HV 5bdc31d5-VMX-fix-vmx_handle_eoi.patch - Upstream bug fixes (bsc#1027519) 5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch 5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch 5bacae4b-x86-boot-allocate-extra-module-slot.patch 5bae44ce-x86-silence-false-log-messages.patch 5bb60c12-x86-split-opt_xpti.patch 5bb60c4f-x86-split-opt_pv_l1tf.patch 5bb60c74-x86-fix-xpti-and-pv-l1tf.patch 5bcf0722-x86-boot-enable-NMIs.patch 5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch 5bd076e9-x86-boot-init-debug-regs-correctly.patch 5bd076e9-x86-init-vcpu-debug-regs-correctly.patch 5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch- bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even when disabled (XSA-278) 5bd0e0cf-vvmx-Disallow-the-use-of-VT-x-instructions-when-nested-virt-is-disabled.patch- Use SMBIOS_REL_DATE instead of SMBIOS_DATE for reproducible binaries- make package build reproducible (boo#1047218, boo#1062303) * Set SMBIOS_REL_DATE * Update tmp_build.patch to use SHA instead of random build-id * Add reproducible.patch to use --no-insert-timestamp- Building with ncurses 6.1 will fail without xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch - Building libxl acpi support on aarch64 with gcc 8.2 will fail without xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch- bsc#1106263 - L3: The affinity reporting via 'xl vcpu-list' is apparently broken 5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch 5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch 5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch- bsc#1094508 - L3: Kernel oops in fs/dcache.c called by d_materialise_unique() 5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch 5b9784d2-x86-HVM-add-known_gla-helper.patch 5b9784f2-x86-HVM-split-page-straddling-accesses.patch - bsc#1103279 - (CVE-2018-15470) VUL-0: CVE-2018-15470: xen: oxenstored does not apply quota-maxentity (XSA-272) 5b72fbbe-oxenstored-eval-order.patch - bsc#1103275 - (CVE-2018-15469) VUL-0: CVE-2018-15469: xen: Use of v2 grant tables may cause crash on ARM (XSA-268) 5b72fbbe-ARM-disable-grant-table-v2.patch - Upstream patches from Jan (bsc#1027519) 5b6d84ac-x86-fix-improve-vlapic-read-write.patch 5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch 5b75afef-x86-setup-avoid-OoB-E820-lookup.patch 5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch 5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch 5b8d5832-x86-assorted-array_index_nospec-insertions.patch - Drop 5b741962-x86-write-to-correct-variable-in-parse_pv_l1tf.patch- bsc#1078292 - rpmbuild -ba SPECS/xen.spec with xen-4.9.1 failed xen.spec- bsc#1091107 - VUL-0: CVE-2018-3646: xen: L1 Terminal Fault -VMM (XSA-273) 5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch 5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch 5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch 5b72fbbf-4-mm-Plumbing-to-allow-any-PTE-update-to-fail-with--ERESTART.patch 5b72fbbf-5-pv-Force-a-guest-into-shadow-mode-when-it-writes-an-L1TF-vulnerable-PTE.patch 5b72fbbf-6-spec-ctrl-CPUID-MSR-definitions-for-L1D_FLUSH.patch 5b72fbbf-7-msr-Virtualise-MSR_FLUSH_CMD-for-guests.patch 5b72fbbf-8-spec-ctrl-Introduce-an-option-to-control-L1D_FLUSH-for-HVM-HAP-guests.patch - bsc#1103276 - VUL-0: CVE-2018-15468: xen: x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS (XSA-269) 5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch - Upstream prereq patches for XSA-273 and other upstream fixes (bsc#1027519) 5b34b8fe-VMX-defer-vmx_vmcs_exit-as-long-as-possible.patch 5b3cab8e-1-VMX-MSR_DEBUGCTL-handling.patch 5b3cab8e-2-VMX-improve-MSR-load-save-API.patch 5b3cab8e-3-VMX-cleanup-MSR-load-save-infra.patch 5b3cab8f-1-VMX-factor-out-locate_msr_entry.patch 5b3cab8f-2-VMX-remote-access-to-MSR-lists.patch 5b3cab8f-3-VMX-improve-LBR-MSR-handling.patch 5b3cab8f-4-VMX-pass-MSR-value-into-vmx_msr_add.patch 5b3cab8f-5-VMX-load-only-guest-MSR-entries.patch 5b4321f6-x86-correctly-set-nonlazy_xstate_used-when-loading-full-state.patch 5b505fe5-VMX-fix-find-msr-build.patch 5b56feb1-hvm-Disallow-unknown-MSR_EFER-bits.patch 5b56feb2-spec-ctrl-Fix-the-parsing-of-xpti--on-fixed-Intel-hardware.patch 5b62ca93-VMX-avoid-hitting-BUG_ON.patch 5b6d8ce2-x86-XPTI-parsing.patch 5b72fbbf-x86-Make-spec-ctrl-no-a-global-disable-of-all-mitigations.patch 5b72fbbf-xl.conf-Add-global-affinity-masks.patch 5b741962-x86-write-to-correct-variable-in-parse_pv_l1tf.patch- Upstream patches from Jan (bsc#1027519) 5b3f8fa5-port-array_index_nospec-from-Linux.patch 5b4488e7-x86-spec-ctrl-cmdline-handling.patch 5b471517-page_alloc-correct-first_dirty-calc-in-block-merging.patch 5b4c9a60-allow-cpu_down-to-be-called-earlier.patch 5b4db308-SVM-fix-cleanup-svm_inject_event.patch 5b5040c3-cpupools-fix-state-when-downing-a-CPU-failed.patch 5b5040f2-x86-AMD-distinguish-CU-from-HT.patch 5b508775-1-x86-distinguish-CPU-offlining-and-removal.patch 5b508775-2-x86-possibly-bring-up-all-CPUs.patch 5b508775-3-x86-cmdline-opt-to-avoid-use-of-secondary-HTs.patch 5b508ce8-VMX-dont-clobber-dr6-while-debug-state-is-lazy.patch 5b50df16-1-x86-xstate-use-guest-CPUID-policy.patch 5b50df16-2-x86-make-xstate-calculation-errors-more-obvious.patch gcc8-fix-format-warning-on-i586.patch gcc8-fix-array-warning-on-i586.patch - Drop xen.fuzz-_FORTIFY_SOURCE.patch gcc8-fix-warning-on-i586.patch- Update to Xen 4.11.0 FCS (fate#325202, fate#325123) xen-4.11.0-testing-src.tar.bz2 disable-building-pv-shim.patch - Dropped patches 5a33a12f-domctl-improve-locking-during-domain-destruction.patch 5a6703cb-x86-move-invocations-of-hvm_flush_guest_tlbs.patch 5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch 5a9985bd-x86-invpcid-support.patch 5ac72a48-gcc8.patch 5ac72a5f-gcc8.patch 5ac72a64-gcc8.patch 5ac72a69-gcc8.patch 5ac72a6e-gcc8.patch 5ac72a74-gcc8.patch 5ac72a7b-gcc8.patch 5ad4923e-x86-correct-S3-resume-ordering.patch 5ad49293-x86-suppress-BTI-mitigations-around-S3.patch 5ad600d4-x86-pv-introduce-x86emul_read_dr.patch 5ad600d4-x86-pv-introduce-x86emul_write_dr.patch 5ad8c3a7-x86-spec_ctrl-update-retpoline-decision-making.patch 5adda097-x86-HPET-fix-race-triggering-ASSERT.patch 5adda0d5-x86-HVM-never-retain-emulated-insn-cache.patch 5adde9ed-xpti-fix-double-fault-handling.patch 5ae06fad-SVM-fix-intercepts-for-SYS-CALL-ENTER-MSRs.patch 5ae31917-x86-cpuidle-init-stats-lock-once.patch 5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch 5aeaeaf0-sched-fix-races-in-vcpu-migration.patch 5aeb2c57-x86-retval-checks-of-set-guest-trapbounce.patch 5aec7393-1-x86-xpti-avoid-copy.patch 5aec7393-2-x86-xpti-write-cr3.patch 5aec744a-3-x86-xpti-per-domain-flag.patch 5aec744a-4-x86-xpti-use-invpcid.patch 5aec744a-5-x86-xpti-no-global-pages.patch 5aec744a-6-x86-xpti-cr3-valid-flag.patch 5aec744a-7-x86-xpti-pv_guest_cr4_to_real_cr4.patch 5aec744b-8-x86-xpti-cr3-helpers.patch 5aec74a8-9-x86-xpti-use-pcid.patch 5af1daa9-1-x86-traps-fix-dr6-handing-in-DB-handler.patch 5af1daa9-2-x86-pv-move-exception-injection-into-test_all_events.patch 5af1daa9-3-x86-traps-use-IST-for-DB.patch 5af1daa9-4-x86-traps-fix-handling-of-DB-in-hypervisor-context.patch 5af1daa9-x86-HVM-guard-against-bogus-emulator-ioreq-state.patch 5af1daa9-x86-vpt-support-IO-APIC-routed-intr.patch 5af97999-viridian-cpuid-leaf-40000003.patch 5afc13ae-1-x86-read-MSR_ARCH_CAPABILITIES-once.patch 5afc13ae-2-x86-express-Xen-SPEC_CTRL-choice-as-variable.patch 5afc13ae-3-x86-merge-bti_ist_info-use_shadow_spec_ctrl.patch 5afc13ae-4-x86-fold-XEN_IBRS-ALTERNATIVES.patch 5afc13ae-5-x86-rename-bits-of-spec_ctrl-infrastructure.patch 5afc13ae-6-x86-elide-MSR_SPEC_CTRL-handling-in-idle.patch 5afc13ae-7-x86-split-X86_FEATURE_SC_MSR.patch 5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch 5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch 5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch 5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch 5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch 5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch 5b0bc9da-x86-XPTI-fix-S3-resume.patch 5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x80000008.patch 5b0d2d91-x86-suppress-sync-when-XPTI-off.patch 5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch 5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch 5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch 5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch 5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch 5b238b92-x86-HVM-account-for-fully-eager-FPU.patch 5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch 5b31e004-x86-HVM-emul-attempts-FPU-set-fpu_initialised.patch 5b323e3c-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch 5b34882d-x86-mm-dont-bypass-preemption-checks.patch 5b348874-x86-refine-checks-in-DB-handler.patch 5b348897-libxl-qemu_disk_scsi_drive_string-break-out-common.patch 5b3488a2-libxl-restore-passing-ro-to-qemu-for-SCSI-disks.patch 5b34891a-x86-HVM-dont-cause-NM-to-be-raised.patch 5b348954-x86-guard-against-NM.patch libxl.Add-a-version-check-of-QEMU-for-QMP-commands.patch libxl.LIBXL_DESTROY_TIMEOUT.patch libxl.qmp-Tell-QEMU-about-live-migration-or-snapshot.patch xen_fix_build_with_acpica_20180427_and_new_packages.patch- Submit upstream patch libacpi: fixes for iasl >= 20180427 git commit 858dbaaeda33b05c1ac80aea0ba9a03924e09005 xen_fix_build_with_acpica_20180427_and_new_packages.patch This is needed for acpica package to get updated in our build service- Upstream patches from Jan (bsc#1027519) 5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch (Replaces Spectre-v4-1.patch) 5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch (Replaces Spectre-v4-2.patch) 5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch (Replaces Spectre-v4-3.patch) 5b0bc9da-x86-XPTI-fix-S3-resume.patch 5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x80000008.patch 5b0d2d91-x86-suppress-sync-when-XPTI-off.patch 5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch 5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch 5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch 5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch (Replaces xsa267-1.patch) 5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch (Replaces xsa267-2.patch) 5b238b92-x86-HVM-account-for-fully-eager-FPU.patch 5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch 5b31e004-x86-HVM-emul-attempts-FPU-set-fpu_initialised.patch 5b323e3c-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch 5b34882d-x86-mm-dont-bypass-preemption-checks.patch (Replaces xsa264.patch) 5b348874-x86-refine-checks-in-DB-handler.patch (Replaces xsa265.patch) 5b348897-libxl-qemu_disk_scsi_drive_string-break-out-common.patch (Replaces xsa266-1-<>.patch) 5b3488a2-libxl-restore-passing-ro-to-qemu-for-SCSI-disks.patch (Replaces xsa266-2-<>.patch) 5b34891a-x86-HVM-dont-cause-NM-to-be-raised.patch 5b348954-x86-guard-against-NM.patch- Fix more build gcc8 related failures with xen.fuzz-_FORTIFY_SOURCE.patch- bsc#1098403 - fix regression introduced by changes for bsc#1079730 a PV domU without qcow2 and/or vfb has no qemu attached. Ignore QMP errors for PV domUs to handle PV domUs with and without an attached qemu-xen. xen.bug1079730.patch- bsc#1097521 - VUL-0: CVE-2018-12891: xen: preemption checks bypassed in x86 PV MM handling (XSA-264) xsa264.patch - bsc#1097522 - VUL-0: CVE-2018-12893: xen: x86: #DB exception safety check can be triggered by a guest (XSA-265) xsa265.patch - bsc#1097523 - VUL-0: CVE-2018-12892: xen: libxl fails to honour readonly flag on HVM emulated SCSI disks (XSA-266) xsa266-1-libxl-qemu_disk_scsi_drive_string-Break-out-common-p.patch xsa266-2-libxl-restore-passing-readonly-to-qemu-for-SCSI-disk.patch- bsc#1095242 - VUL-0: CVE-2018-3665: xen: Lazy FP Save/Restore (XSA-267) xsa267-1.patch xsa267-2.patch- bsc#1092543 - GCC 8: xen build fails gcc8-fix-warning-on-i586.patch- bsc#1092631 - VUL-0: CVE-2018-3639: xen: V4 – Speculative Store Bypass aka "Memory Disambiguation" (XSA-263) 5ad4923e-x86-correct-S3-resume-ordering.patch 5ad49293-x86-suppress-BTI-mitigations-around-S3.patch 5afc13ae-1-x86-read-MSR_ARCH_CAPABILITIES-once.patch 5afc13ae-2-x86-express-Xen-SPEC_CTRL-choice-as-variable.patch 5afc13ae-3-x86-merge-bti_ist_info-use_shadow_spec_ctrl.patch 5afc13ae-4-x86-fold-XEN_IBRS-ALTERNATIVES.patch 5afc13ae-5-x86-rename-bits-of-spec_ctrl-infrastructure.patch 5afc13ae-6-x86-elide-MSR_SPEC_CTRL-handling-in-idle.patch 5afc13ae-7-x86-split-X86_FEATURE_SC_MSR.patch 5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch 5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch 5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch Spectre-v4-1.patch Spectre-v4-2.patch Spectre-v4-3.patch- Always call qemus xen-save-devices-state in suspend/resume to fix migration with qcow2 images (bsc#1079730) libxl.Add-a-version-check-of-QEMU-for-QMP-commands.patch libxl.qmp-Tell-QEMU-about-live-migration-or-snapshot.patch xen.bug1079730.patch- bsc#1087289 - L3: Xen BUG at sched_credit.c:1663 5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch 5aeaeaf0-sched-fix-races-in-vcpu-migration.patch - Upstream patches from Jan (bsc#1027519) 5ad600d4-x86-pv-introduce-x86emul_read_dr.patch 5ad600d4-x86-pv-introduce-x86emul_write_dr.patch 5ad8c3a7-x86-spec_ctrl-update-retpoline-decision-making.patch 5adda097-x86-HPET-fix-race-triggering-ASSERT.patch 5adda0d5-x86-HVM-never-retain-emulated-insn-cache.patch 5ae06fad-SVM-fix-intercepts-for-SYS-CALL-ENTER-MSRs.patch 5ae31917-x86-cpuidle-init-stats-lock-once.patch 5aeb2c57-x86-retval-checks-of-set-guest-trapbounce.patch 5af1daa9-1-x86-traps-fix-dr6-handing-in-DB-handler.patch (Replaces xsa260-1.patch) 5af1daa9-2-x86-pv-move-exception-injection-into-test_all_events.patch (Replaces xsa260-2.patch) 5af1daa9-3-x86-traps-use-IST-for-DB.patch (Replaces xsa260-3.patch) 5af1daa9-4-x86-traps-fix-handling-of-DB-in-hypervisor-context.patch (Replaces xsa260-4.patch) 5af1daa9-x86-HVM-guard-against-bogus-emulator-ioreq-state.patch (Replaces xsa262.patch) 5af1daa9-x86-vpt-support-IO-APIC-routed-intr.patch (Replaces xsa261.patch) 5af97999-viridian-cpuid-leaf-40000003.patch- Fixes related to Page Table Isolation (XPTI). bsc#1074562 XSA-254 5a6703cb-x86-move-invocations-of-hvm_flush_guest_tlbs.patch 5a9985bd-x86-invpcid-support.patch 5adde9ed-xpti-fix-double-fault-handling.patch 5aec7393-1-x86-xpti-avoid-copy.patch 5aec7393-2-x86-xpti-write-cr3.patch 5aec744a-3-x86-xpti-per-domain-flag.patch 5aec744a-4-x86-xpti-use-invpcid.patch 5aec744a-5-x86-xpti-no-global-pages.patch 5aec744a-6-x86-xpti-cr3-valid-flag.patch 5aec744a-7-x86-xpti-pv_guest_cr4_to_real_cr4.patch 5aec744b-8-x86-xpti-cr3-helpers.patch 5aec74a8-9-x86-xpti-use-pcid.patch- bsc#1092543 - GCC 8: xen build fails 5ac72a48-gcc8.patch 5ac72a5f-gcc8.patch 5ac72a64-gcc8.patch 5ac72a69-gcc8.patch 5ac72a6e-gcc8.patch 5ac72a74-gcc8.patch 5ac72a7b-gcc8.patch gcc8-inlining-failed.patch- Update to Xen 4.10.1 bug fix release (bsc#1027519) xen-4.10.1-testing-src.tar.bz2 disable-building-pv-shim.patch - Drop the following patches contained in the new tarball 5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch 5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch 5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch 5a313972-x86-microcode-add-support-for-AMD-Fam17.patch 5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch 5a4caa5e-x86-IRQ-conditionally-preserve-access-perm.patch 5a4caa8c-x86-E820-don-t-overrun-array.patch 5a4e2bca-x86-free-msr_vcpu_policy-during-destruction.patch 5a4e2c2c-x86-upcall-inject-spurious-event-after-setting-vector.patch 5a4fd893-1-x86-break-out-alternative-asm-into-separate-header.patch 5a4fd893-2-x86-introduce-ALTERNATIVE_2-macros.patch 5a4fd893-3-x86-hvm-rename-update_guest_vendor-to-cpuid_policy_changed.patch 5a4fd893-4-x86-introduce-cpuid_policy_updated.patch 5a4fd893-5-x86-entry-remove-partial-cpu_user_regs.patch 5a4fd894-1-x86-rearrange-RESTORE_ALL-to-restore-in-stack-order.patch 5a4fd894-2-x86-hvm-use-SAVE_ALL-after-VMExit.patch 5a4fd894-3-x86-erase-guest-GPRs-on-entry-to-Xen.patch 5a4fd894-4-clarifications-to-wait-infrastructure.patch 5a534c78-x86-dont-use-incorrect-CPUID-values-for-topology.patch 5a5cb24c-x86-mm-always-set-_PAGE_ACCESSED-on-L4-updates.patch 5a5e2cff-x86-Meltdown-band-aid.patch 5a5e2d73-x86-Meltdown-band-aid-conditional.patch 5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch 5a5e3a4e-2-x86-support-indirect-thunks-from-asm.patch 5a5e3a4e-3-x86-report-speculative-mitigation-details.patch 5a5e3a4e-4-x86-AMD-set-lfence-as-Dispatch-Serialising.patch 5a5e3a4e-5-x86-introduce-alternative-indirect-thunks.patch 5a5e3a4e-6-x86-definitions-for-Indirect-Branch-Controls.patch 5a5e3a4e-7-x86-cmdline-opt-to-disable-IBRS-IBPB-STIBP.patch 5a5e459c-1-x86-SVM-offer-CPUID-faulting-to-AMD-HVM-guests.patch 5a5e459c-2-x86-report-domain-id-on-CPUID.patch 5a68bc16-x86-acpi-process-softirqs-logging-Cx.patch 5a69c0b9-x86-fix-GET_STACK_END.patch 5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch 5a6b36cd-2-x86-msr-emulation-of-SPEC_CTRL-PRED_CMD.patch 5a6b36cd-3-x86-migrate-MSR_SPEC_CTRL.patch 5a6b36cd-4-x86-hvm-permit-direct-access-to-SPEC_CTRL-PRED_CMD.patch 5a6b36cd-5-x86-use-SPEC_CTRL-on-entry.patch 5a6b36cd-6-x86-clobber-RSB-RAS-on-entry.patch 5a6b36cd-7-x86-no-alternatives-in-NMI-MC-paths.patch 5a6b36cd-8-x86-boot-calculate-best-BTI-mitigation.patch 5a6b36cd-9-x86-issue-speculation-barrier.patch 5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch 5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch 5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch 5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch 5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch 5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch 5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch 5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch 5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch 5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch 5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch 5a955800-gnttab-dont-free-status-pages-on-ver-change.patch 5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch 5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch 5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch 5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch 5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch 5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch 5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch xsa258.patch xsa259.patch- bsc#1090820 - VUL-0: CVE-2018-8897: xen: x86: mishandling of debug exceptions (XSA-260) xsa260-1.patch xsa260-2.patch xsa260-3.patch xsa260-4.patch - bsc#1090822 - VUL-0: CVE-2018-10982: xen: x86 vHPET interrupt injection errors (XSA-261) xsa261.patch - bsc#1090823 - VUL-0: CVE-2018-10981: xen: qemu may drive Xen into unbounded loop (XSA-262) xsa262.patch- bsc#1089152 - VUL-0: CVE-2018-10472: xen: Information leak via crafted user-supplied CDROM (XSA-258) xsa258.patch - bsc#1089635 - VUL-0: CVE-2018-10471: xen: x86: PV guest may crash Xen with XPTI (XSA-259) xsa259.patch- Preserve xen-syms from xen-dbg.gz to allow processing vmcores with crash(1) (bsc#1087251)- Upstream patches from Jan (bsc#1027519) and fixes related to Page Table Isolation (XPTI). See also bsc#1074562 XSA-254 5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch 5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch 5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch 5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch 5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch 5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch- bsc#1072834 - Xen HVM: unchecked MSR access error: RDMSR from 0xc90 at rIP: 0xffffffff93061456 (native_read_msr+0x6/0x30) 5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch - Upstream patches from Jan (bsc#1027519) 5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch 5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch 5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch 5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch 5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch 5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch 5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch 5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch (Replaces xsa252.patch) 5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch (Replaces xsa255-1.patch) 5a955800-gnttab-dont-free-status-pages-on-ver-change.patch (Replaces xsa255-2.patch) 5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch (Replaces xsa256.patch) - Drop xsa252.patch xsa255-1.patch xsa255-2.patch xsa256.patch- bsc#1080635 - VUL-0: CVE-2018-7540: xen: DoS via non-preemptable L3/L4 pagetable freeing (XSA-252) xsa252.patch - bsc#1080662 - VUL-0: CVE-2018-7541: xen: grant table v2 -> v1 transition may crash Xen (XSA-255) xsa255-1.patch xsa255-2.patch - bsc#1080634 - VUL-0: CVE-2018-7542: xen: x86 PVH guest without LAPIC may DoS the host (XSA-256) xsa256.patch- Remove stale systemd presets code for 13.2 and older- fate#324965 - add script, udev rule and systemd service to watch for vcpu online/offline events in a HVM domU They are triggered via xl vcpu-set domU N- Replace hardcoded xen with Name tag when refering to subpkgs- Make sure tools and tools-domU require libs from the very same build- tools-domU: Add support for qemu guest agent. New files 80-xen-channel-setup.rules and xen-channel-setup.sh configure a xen-pv-channel for use by the guest agent FATE#324963- Remove outdated /etc/xen/README*- bsc#1073961 - VUL-0: CVE-2018-5244: xen: x86: memory leak with MSR emulation (XSA-253) 5a4e2bca-x86-free-msr_vcpu_policy-during-destruction.patch - bsc#1074562 - VUL-0: CVE-2017-5753,CVE-2017-5715,CVE-2017-5754 xen: Information leak via side effects of speculative execution (XSA-254). Includes Spectre v2 mitigation. 5a4caa5e-x86-IRQ-conditionally-preserve-access-perm.patch 5a4caa8c-x86-E820-don-t-overrun-array.patch 5a4e2c2c-x86-upcall-inject-spurious-event-after-setting-vector.patch 5a4fd893-1-x86-break-out-alternative-asm-into-separate-header.patch 5a4fd893-2-x86-introduce-ALTERNATIVE_2-macros.patch 5a4fd893-3-x86-hvm-rename-update_guest_vendor-to-cpuid_policy_changed.patch 5a4fd893-4-x86-introduce-cpuid_policy_updated.patch 5a4fd893-5-x86-entry-remove-partial-cpu_user_regs.patch 5a4fd894-1-x86-rearrange-RESTORE_ALL-to-restore-in-stack-order.patch 5a4fd894-2-x86-hvm-use-SAVE_ALL-after-VMExit.patch 5a4fd894-3-x86-erase-guest-GPRs-on-entry-to-Xen.patch 5a4fd894-4-clarifications-to-wait-infrastructure.patch 5a534c78-x86-dont-use-incorrect-CPUID-values-for-topology.patch 5a5cb24c-x86-mm-always-set-_PAGE_ACCESSED-on-L4-updates.patch 5a5e2cff-x86-Meltdown-band-aid.patch 5a5e2d73-x86-Meltdown-band-aid-conditional.patch 5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch 5a5e3a4e-2-x86-support-indirect-thunks-from-asm.patch 5a5e3a4e-3-x86-report-speculative-mitigation-details.patch 5a5e3a4e-4-x86-AMD-set-lfence-as-Dispatch-Serialising.patch 5a5e3a4e-5-x86-introduce-alternative-indirect-thunks.patch 5a5e3a4e-6-x86-definitions-for-Indirect-Branch-Controls.patch 5a5e3a4e-7-x86-cmdline-opt-to-disable-IBRS-IBPB-STIBP.patch 5a5e459c-1-x86-SVM-offer-CPUID-faulting-to-AMD-HVM-guests.patch 5a5e459c-2-x86-report-domain-id-on-CPUID.patch 5a68bc16-x86-acpi-process-softirqs-logging-Cx.patch 5a69c0b9-x86-fix-GET_STACK_END.patch 5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch 5a6b36cd-2-x86-msr-emulation-of-SPEC_CTRL-PRED_CMD.patch 5a6b36cd-3-x86-migrate-MSR_SPEC_CTRL.patch 5a6b36cd-4-x86-hvm-permit-direct-access-to-SPEC_CTRL-PRED_CMD.patch 5a6b36cd-5-x86-use-SPEC_CTRL-on-entry.patch 5a6b36cd-6-x86-clobber-RSB-RAS-on-entry.patch 5a6b36cd-7-x86-no-alternatives-in-NMI-MC-paths.patch 5a6b36cd-8-x86-boot-calculate-best-BTI-mitigation.patch 5a6b36cd-9-x86-issue-speculation-barrier.patch 5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch 5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch- Fix python3 deprecated atoi call (bsc#1067224) pygrub-python3-conversion.patch - Drop xenmon-python3-conversion.patch- bsc#1067317 - pass cache=writeback|unsafe|directsync to qemu, depending on the libxl disk settings libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch- Remove libxl.LIBXL_DESTROY_TIMEOUT.debug.patch- bsc#1067224 - xen-tools have hard dependency on Python 2 build-python3-conversion.patch bin-python3-conversion.patch- bsc#1070165 - xen crashes after aborted localhost migration 5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch - bsc#1035442 - L3: libxl: error: libxl.c:1676:devices_destroy_cb: libxl__devices_destroy failed 5a33a12f-domctl-improve-locking-during-domain-destruction.patch - Upstream patches from Jan (bsc#1027519) 5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch 5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch 5a313972-x86-microcode-add-support-for-AMD-Fam17.patch 5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch- Update to Xen 4.10.0 FCS (fate#321394, fate#322686) xen-4.10.0-testing-src.tar.bz2- Rebuild initrd if xen-tools-domU is updated- Update to Xen 4.10.0-rc8 (fate#321394, fate#322686) xen-4.10.0-testing-src.tar.bz2- Increase the value of LIBXL_DESTROY_TIMEOUT from 10 to 100 seconds If many domUs shutdown in parallel the backends can not keep up Add some debug output to track how long backend shutdown takes (bsc#1035442) libxl.LIBXL_DESTROY_TIMEOUT.patch libxl.LIBXL_DESTROY_TIMEOUT.debug.patch- Adjust xenstore-run-in-studomain.patch to change the defaults in the code instead of changing the sysconfig template, to also cover the upgrade case- Update to Xen 4.10.0-rc6 (fate#321394, fate#322686) xen-4.10.0-testing-src.tar.bz2- Since xen switched to Kconfig, building a debug hypervisor was done by default. Adjust make logic to build a non-debug hypervisor by default, and continue to provide one as xen-dbg.gz- fate#316614: set migration constraints from cmdline fix libxl.set-migration-constraints-from-cmdline.patch for xen-4.10- Document the suse-diskcache-disable-flush option in xl-disk-configuration(5) (bsc#879425,bsc#1067317)- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- Update to Xen 4.10.0-rc5 (fate#321394, fate#322686) xen-4.10.0-testing-src.tar.bz2 - fate#323663 - Run Xenstore in stubdomain xenstore-run-in-studomain.patch- bsc#1067224 - xen-tools have hard dependency on Python 2 pygrub-python3-conversion.patch xenmon-python3-conversion.patch migration-python3-conversion.patch xnloader.py xen2libvirt.py- Remove xendriverdomain.service (bsc#1065185) Driver domains must be configured manually with custom .service file- Update to Xen 4.10.0-rc3 (fate#321394, fate#322686) xen-4.10.0-testing-src.tar.bz2 - Drop 59f31268-libxc-remove-stale-error-check-for-domain-size.patch- Adjust xen-dom0-modules.service to ignore errors (bsc#1065187)- fate#324052 Support migration of Xen HVM domains larger than 1TB 59f31268-libxc-remove-stale-error-check-for-domain-size.patch- Update to Xen 4.10.0-rc2 (fate#321394, fate#322686) xen-4.10.0-testing-src.tar.bz2- Update to Xen 4.10.0-rc1 (fate#321394, fate#322686) xen-4.10.0-testing-src.tar.bz2 - Drop patches included in new tarball 592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch 596f257e-x86-fix-hvmemul_insn_fetch.patch 5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch 598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch 598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch 5992f1e5-x86-grant-disallow-misaligned-PTEs.patch 5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch 5992f233-gnttab-correct-pin-status-fixup-for-copy.patch 59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch 59958ebf-gnttab-fix-transitive-grant-handling.patch 59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch 599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch 59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch 59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch 59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch 59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch 59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch 59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch 59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch 59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch 59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch 59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch 59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch 59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch gcc7-arm.patch gcc7-mini-os.patch- bsc#1061084 - VUL-0: xen: page type reference leak on x86 (XSA-242) xsa242.patch - bsc#1061086 - VUL-0: xen: x86: Incorrect handling of self-linear shadow mappings with translated guests (XSA-243) xsa243.patch - bsc#1061087 - VUL-0: xen: x86: Incorrect handling of IST settings during CPU hotplug (XSA-244) xsa244.patch- bsc#1061077 - VUL-0: xen: DMOP map/unmap missing argument checks (XSA-238) xsa238.patch - bsc#1061080 - VUL-0: xen: hypervisor stack leak in x86 I/O intercept code (XSA-239) xsa239.patch - bsc#1061081 - VUL-0: xen: Unlimited recursion in linear pagetable de-typing (XSA-240) xsa240-1.patch xsa240-2.patch - bsc#1061082 - VUL-0: xen: Stale TLB entry due to page type release race (XSA-241) xsa241.patch- bsc#1061075 - VUL-0: xen: pin count / page reference race in grant table code (XSA-236) xsa236.patch - bsc#1061076 - VUL-0: xen: multiple MSI mapping issues on x86 (XSA-237) xsa237-1.patch xsa237-2.patch xsa237-3.patch xsa237-4.patch xsa237-5.patch- bsc#1056278 - VUL-0: xen: Missing NUMA node parameter verification (XSA-231) 59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch - bsc#1056280 - VUL-0: xen: Missing check for grant table (XSA-232) 59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch - bsc#1056281 - VUL-0: xen: cxenstored: Race in domain cleanup (XSA-233) 59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch - bsc#1056282 - VUL-0: xen: insufficient grant unmapping checks for x86 PV guests (XSA-234) 59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch - bsc#1055321 - VUL-0: xen: add-to-physmap error paths fail to release lock on ARM (XSA-235) 599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch - Upstream patches from Jan (bsc#1027519) 59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch 59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch 59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch 59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch 59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch 59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch 59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch 59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch - Dropped gcc7-xen.patch- bsc#1057358 - Cannot Boot into SLES12.3 with Xen hypervisor when Secure Boot is Enabled xen.spec- bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored update from v6 to v9 to cover more cases for ballooned domUs libxc.sr.superpage.patch- bsc#1026236 - remove suse_vtsc_tolerance= cmdline option for Xen drop the patch because it is not upstream acceptable remove xen.suse_vtsc_tolerance.patch- bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored after the save using xl stack libxc.sr.superpage.patch- Unignore gcc-PIE the toolstack disables PIE for firmware builds as needed- Upstream patches from Jan (bsc#1027519) 592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch 596f257e-x86-fix-hvmemul_insn_fetch.patch 5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch 598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch 598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch 5992f1e5-x86-grant-disallow-misaligned-PTEs.patch (Replaces xsa227.patch) 5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch (Replaces xsa228.patch) 5992f233-gnttab-correct-pin-status-fixup-for-copy.patch (Replaces xsa230.patch) 59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch (Replaces xsa226-1.patch) 59958ebf-gnttab-fix-transitive-grant-handling.patch (Replaces xsa226-2.patch) 59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch- bsc#1044974 - xen-tools require python-pam xen.spec- Clean up spec file errors and a few warnings. (bsc#1027519) - Removed conditional 'with_systemd' and some old deprecated 'sles_version' checks. xen.spec- Remove use of brctl utiltiy from supportconfig plugin FATE#323639- Use upstream variant of mini-os __udivmoddi4 change gcc7-mini-os.patch- fate#323639 Move bridge-utils to legacy replace-obsolete-network-configuration-commands-in-s.patch- bsc#1052686 - VUL-0: xen: grant_table: possibly premature clearing of GTF_writing / GTF_reading (XSA-230) xsa230.patch- bsc#1035231 - migration of HVM domU does not use superpages on destination dom0 libxc.sr.superpage.patch- bsc#1051787 - VUL-0: CVE-2017-12135: xen: possibly unbounded recursion in grant table code (XSA-226) xsa226-1.patch xsa226-2.patch - bsc#1051788 - VUL-0: CVE-2017-12137: xen: x86: PV privilege escalation via map_grant_ref (XSA-227) xsa227.patch - bsc#1051789 - VUL-0: CVE-2017-12136: xen: grant_table: Race conditions with maptrack free list handling (XSA-228) xsa228.patch- Add a supportconfig plugin xen-supportconfig FATE#323661- bsc#1026236 - add suse_vtsc_tolerance= cmdline option for Xen To avoid emulation of TSC access from a domU after live migration add a global tolerance for the measured host kHz xen.suse_vtsc_tolerance.patch- fate#323662 Drop qemu-dm from xen-tools package The following tarball and patches have been removed qemu-xen-traditional-dir-remote.tar.bz2 VNC-Support-for-ExtendedKeyEvent-client-message.patch 0001-net-move-the-tap-buffer-into-TAPState.patch 0002-net-increase-tap-buffer-size.patch 0003-e1000-fix-access-4-bytes-beyond-buffer-end.patch 0004-e1000-secrc-support.patch 0005-e1000-multi-buffer-packet-support.patch 0006-e1000-clear-EOP-for-multi-buffer-descriptors.patch 0007-e1000-verify-we-have-buffers-upfront.patch 0008-e1000-check-buffer-availability.patch CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch CVE-2015-4037-qemut-smb-config-dir-name.patch CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch blktap.patch cdrom-removable.patch xen-qemu-iscsi-fix.patch qemu-security-etch1.patch xen-disable-qemu-monitor.patch xen-hvm-default-bridge.patch qemu-ifup-set-mtu.patch ioemu-vnc-resize.patch capslock_enable.patch altgr_2.patch log-guest-console.patch bdrv_open2_fix_flags.patch bdrv_open2_flags_2.patch ioemu-7615-qcow2-fix-alloc_cluster_link_l2.patch qemu-dm-segfault.patch bdrv_default_rwflag.patch kernel-boot-hvm.patch ioemu-watchdog-support.patch ioemu-watchdog-linkage.patch ioemu-watchdog-ib700-timer.patch ioemu-hvm-pv-support.patch pvdrv_emulation_control.patch ioemu-disable-scsi.patch ioemu-disable-emulated-ide-if-pv.patch xenpaging.qemu.flush-cache.patch ioemu-devicemodel-include.patch - Cleanup spec file and remove unused KMP patches kmp_filelist supported_module.patch xen_pvonhvm.xen_emul_unplug.patch- bsc#1002573 - Optimize LVM functions in block-dmmd block-dmmd- Record initial Xen dmesg in /var/log/xen/xen-boot.log for supportconfig. Keep previous log in /var/log/xen/xen-boot.prev.log- Remove storytelling from description in xen.rpm- Update to Xen 4.9.0 FCS (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2- Update block-dmmd script (bsc#1002573) block-dmmd- Update to Xen 4.9.0-rc8+ (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2 gcc7-arm.patch - Drop gcc7-error-xenpmd.patch- Update to Xen 4.9.0-rc8 (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2- bsc#1042160 - VUL-1: CVE-2017-9330: xen: usb: ohci: infinite loop due to incorrect return value CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch- bsc#1037243 - VUL-1: CVE-2017-8309: xen: audio: host memory leakage via capture buffer CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch- Update to Xen 4.9.0-rc7 (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2- Update to Xen 4.9.0-rc6 (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2- bsc#1031343 - xen fails to build with GCC 7 gcc7-mini-os.patch gcc7-xen.patch- bsc#1031343 - xen fails to build with GCC 7 gcc7-error-xenpmd.patch- Update to Xen 4.9.0-rc5 (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2 - Drop xen-tools-pkgconfig-xenlight.patch- bsc#1037779 - xen breaks kexec-tools build xen-tools-pkgconfig-xenlight.patch- Update to Xen 4.9.0-rc4 (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2- bsc#1036146 - sles12sp2 xen VM dumps core to wrong path xen.spec- Update to Xen 4.9.0-rc3 (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2 aarch64-maybe-uninitialized.patch- Update to Xen 4.9.0-rc2 (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2- Update to Xen 4.9.0-rc1 (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2 ioemu-devicemodel-include.patch - Dropped patches contained in new tarball xen-4.8.0-testing-src.tar.bz2 0001-xenstore-let-write_node-and-some-callers-return-errn.patch 0002-xenstore-undo-function-rename.patch 0003-xenstore-rework-of-transaction-handling.patch 584806ce-x86emul-correct-PUSHF-POPF.patch 584fc649-fix-determining-when-domain-creation-is-complete.patch 58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch 58510cac-x86emul-MOVNTI-no-REP-prefixes.patch 58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch 5853ed37-VT-d-correct-dma_msi_set_affinity.patch 5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch 58580060-x86-emul-correct-SYSCALL-eflags-handling.patch 585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch 585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch 585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch 586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch 587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch 587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch 5882129d-x86emul-LOCK-check-adjustments.patch 58821300-x86-segment-attribute-handling.patch 58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch 58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch 5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch 5887888f-credit2-never-consider-CPUs-outside-of-pool.patch 5887888f-credit2-use-the-correct-scratch-cpumask.patch 5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch 5899cbd9-EPT-allow-wrcomb-MMIO-mappings-again.patch 589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch 58a44771-IOMMU-always-call-teardown-callback.patch 58a48ccc-x86-fix-p2m_flush_table-for-non-nested.patch 58a59f4b-libxl-correct-xenstore-entry-for-empty-cdrom.patch 58a70d94-VMX-fix-VMCS-race-on-cswitch-paths.patch 58ac1f3f-VMX-dont-leak-host-syscall-MSRs.patch 58b5a2de-x86-correct-Xens-idea-of-its-memory-layout.patch 58b6fd42-credit2-always-mark-a-tickled-pCPU-as-tickled.patch 58b6fd42-credit2-dont-miss-accounting-during-credit-reset.patch 58cbf682-x86-EFI-avoid-overrunning-mb_modules.patch 58cf9200-x86-EFI-avoid-IOMMU-faults-on-tail-gap.patch 58cf9260-x86-EFI-avoid-Xen-when-looking-for-mod-kexec-pos.patch 58cf9277-x86-time-dont-use-vTSC-if-host-guest-freqs-match.patch 58d25ea2-xenstore-add-missing-checks-for-allocation-failure.patch 58d91365-sched-dont-call-wrong-hook-via-VCPU2OP.patch CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch glibc-2.25-compatibility-fix.patch xs-09-add_change_node-params.patch xs-10-call-add_change_node.patch xs-11-tdb-record-header.patch xs-12-node-gen-count.patch xs-13-read-directory-part-support.patch xs-14-command-array.patch xs-15-command-return-val.patch xs-16-function-static.patch xs-17-arg-parsing.patch xs-18-default-buffer.patch xs-19-handle-alloc-failures.patch xs-20-tdb-version.patch xs-21-empty-tdb-database.patch xs-22-reopen_log-fix.patch xs-23-XS_DEBUG-rename.patch xs-24-xenstored_control.patch xs-25-control-enhance.patch xs-26-log-control.patch xs-27-memory-report.patch xs-28-remove-talloc-report.patch xs-29-define-off_t.patch xsa206-0001-xenstored-apply-a-write-transaction-rate-limit.patch xsa206-0002-xenstored-Log-when-the-write-transaction-rate-limit.patch- bsc#1022703 - Xen HVM guest with OVMF hangs with unattached CDRom 58a59f4b-libxl-correct-xenstore-entry-for-empty-cdrom.patch- bsc#1015348 - L3: libvirtd does not start during boot suse-xendomains-service.patch- bsc#1014136 - Partner-L3: kdump can't dump a kernel on SLES12-SP2 with Xen hypervisor. 58cf9260-x86-EFI-avoid-Xen-when-looking-for-mod-kexec-pos.patch - bsc#1026236 - L3: Paravirtualized vs. fully virtualized migration - latter one much faster 58cf9277-x86-time-dont-use-vTSC-if-host-guest-freqs-match.patch - Upstream patch from Jan 58cbf682-x86-EFI-avoid-overrunning-mb_modules.patch 58cf9200-x86-EFI-avoid-IOMMU-faults-on-tail-gap.patch 58d91365-sched-dont-call-wrong-hook-via-VCPU2OP.patch- bsc#1022555 - L3: Timeout in "execution of /etc/xen/scripts/block add" 58d25ea2-xenstore-add-missing-checks-for-allocation-failure.patch 0001-xenstore-let-write_node-and-some-callers-return-errn.patch 0002-xenstore-undo-function-rename.patch 0003-xenstore-rework-of-transaction-handling.patch - bsc#1030144 - VUL-0: xen: xenstore denial of service via repeated update (XSA-206) xsa206-0001-xenstored-apply-a-write-transaction-rate-limit.patch xsa206-0002-xenstored-Log-when-the-write-transaction-rate-limit.patch - bsc#1029827 - Forward port xenstored xs-09-add_change_node-params.patch xs-10-call-add_change_node.patch xs-11-tdb-record-header.patch xs-12-node-gen-count.patch xs-13-read-directory-part-support.patch xs-14-command-array.patch xs-15-command-return-val.patch xs-16-function-static.patch xs-17-arg-parsing.patch xs-18-default-buffer.patch xs-19-handle-alloc-failures.patch xs-20-tdb-version.patch xs-21-empty-tdb-database.patch xs-22-reopen_log-fix.patch xs-23-XS_DEBUG-rename.patch xs-24-xenstored_control.patch xs-25-control-enhance.patch xs-26-log-control.patch xs-27-memory-report.patch xs-28-remove-talloc-report.patch xs-29-define-off_t.patch- bsc#1029128 - fix make xen to really produce xen.efi with gcc48- bsc#1028235 - VUL-0: CVE-2017-6505: xen: qemu: usb: an infinite loop issue in ohci_service_ed_list CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch - Upstream patches from Jan (bsc#1027519) 5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch 5887888f-credit2-use-the-correct-scratch-cpumask.patch 5899cbd9-EPT-allow-wrcomb-MMIO-mappings-again.patch 589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch 58a44771-IOMMU-always-call-teardown-callback.patch 58a48ccc-x86-fix-p2m_flush_table-for-non-nested.patch 58a70d94-VMX-fix-VMCS-race-on-cswitch-paths.patch 58ac1f3f-VMX-dont-leak-host-syscall-MSRs.patch 58b5a2de-x86-correct-Xens-idea-of-its-memory-layout.patch 58b6fd42-credit2-always-mark-a-tickled-pCPU-as-tickled.patch 58b6fd42-credit2-dont-miss-accounting-during-credit-reset.patch- bsc#1027654 - XEN fails to build against glibc 2.25 glibc-2.25-compatibility-fix.patch libxl.pvscsi.patch- fate#316613: Refresh and enable libxl.pvscsi.patch- bsc#1024834 - VUL-0: CVE-2017-2620: xen: cirrus_bitblt_cputovideo does not check if memory region is safe (XSA-209) CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch- bsc#1023948 - [pvusb][sles12sp3][openqa] Segmentation fault happened when adding usbctrl devices via xl 589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch- Upstream patches from Jan (bsc#1027519) 587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch 587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch 5882129d-x86emul-LOCK-check-adjustments.patch 58821300-x86-segment-attribute-handling.patch 58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch 58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch 5887888f-credit2-use-the-correct-scratch-cpumask.patch 5887888f-credit2-never-consider-CPUs-outside-of-pool.patch 5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch 5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch- bsc#1023004 - VUL-0: CVE-2017-2615: qemu: display: cirrus: oob access while doing bitblt copy backward mode CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch- fate#322313 and fate#322150 require the acpica package ported to aarch64 which Xen 4.8 needs to build. Temporarily disable aarch64 until these fates are complete. xen.spec- bsc#1021952 - Virutalization/xen: Bug xen-tools missing /usr/bin/domu-xenstore; guests fail to launch tmp_build.patch xen.spec- No systemd presets for 42.3+ and SLE12SP3+ (bsc#1012842)- bsc#1007224 - broken symlinks in /usr/share/doc/packages/xen/misc/ xen.spec- 585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch Replaces xsa202.patch (bsc#1014298) - 585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch Replaces xsa203.patch (bsc#1014300) - 58580060-x86-emul-correct-SYSCALL-eflags-handling.patch Replaces xsa204.patch (bsc#1016340) - Upstream patches from Jan 58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch 5853ed37-VT-d-correct-dma_msi_set_affinity.patch 5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch 585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch 586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch- bsc#1015169 - VUL-0: CVE-2016-9921, CVE-2016-9922: xen: qemu: display: cirrus_vga: a divide by zero in cirrus_do_copy CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch- bsc#1016340 - VUL-0: CVE-2016-10013: xen: x86: Mishandling of SYSCALL singlestep during emulation (XSA-204) xsa204.patch- bsc#1012651 - VUL-0: CVE-2016-9932: xen: x86 CMPXCHG8B emulation fails to ignore operand size override (XSA-200) 58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch- bsc#1014298 - VUL-0: CVE-2016-10024: xen: x86 PV guests may be able to mask interrupts (XSA-202) xsa202.patch - bsc#1014300 - VUL-0: CVE-2016-10025: xen: x86: missing NULL pointer check in VMFUNC emulation (XSA-203) xsa203.patch - Upstream patches from Jan 584806ce-x86emul-correct-PUSHF-POPF.patch 584fc649-fix-determining-when-domain-creation-is-complete.patch 58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch 58510cac-x86emul-MOVNTI-no-REP-prefixes.patch- Update to Xen 4.8 FCS xen-4.8.0-testing-src.tar.bz2 - Dropped xen-4.7.1-testing-src.tar.bz2 0001-libxc-Rework-extra-module-initialisation.patch 0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch 0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch 0004-firmware-makefile-install-BIOS-blob.patch 0005-libxl-Load-guest-BIOS-from-file.patch 0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch 0007-hvmloader-Grab-the-hvm_start_info-pointer.patch 0008-hvmloader-Locate-the-BIOS-blob.patch 0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch 0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch 0011-hvmloader-Load-OVMF-from-modules.patch 0012-hvmloader-Specific-bios_load-function-required.patch 0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch 0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch 57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch 576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch 5769106e-x86-generate-assembler-equates-for-synthesized.patch 57a1e603-x86-time-adjust-local-system-time-initialization.patch 57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch 57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch 57a30261-x86-support-newer-Intel-CPU-models.patch 5810a9cc-x86-emul-Correct-decoding-of-SReg3-operands.patch 581b2c3b-x86-emul-reject-LGDT-LIDT-with-non-canonical-addresses.patch 581b647a-x86emul-L-S-G-I-DT-ignore-opsz-overrides-in-64-bit-mode.patch 58249392-x86-svm-dont-clobber-eax-edx-if-RDMSR-intercept-fails.patch 582c35d6-x86-vmx-correct-long-mode-check-in-vmx_cpuid_intercept.patch 582c35ee-x86-traps-dont-call-hvm_hypervisor_cpuid_leaf-for-PV.patch 58343dc2-x86-hvm-Fix-the-handling-of-non-present-segments.patch 58343df8-x86-HVM-dont-load-LDTR-with-VM86-mode-attrs-during-task-switch.patch 58343e24-x86-PV-writes-of-fs-and-gs-base-MSRs-require-canonical-addresses.patch 58343e9e-libelf-fix-stack-memory-leak-when-loading-32-bit-symbol-tables.patch 58343ec2-x86emul-fix-huge-bit-offset-handling.patch 58343f29-x86-emul-correct-the-IDT-entry-calculation-in-inject_swint.patch 58343f44-x86-svm-fix-injection-of-software-interrupts.patch 58343f79-pygrub-Properly-quote-results-when-returning-them-to-the-caller.patch CVE-2016-9381-xsa197-qemut.patch CVE-2016-9637-xsa199-qemut.patch- bsc#1011652 - VUL-0: xen: qemu ioport array overflow CVE-2016-9637-xsa199-qemut.patch- bsc#1009100 - VUL-0: CVE-2016-9386: XSA-191: xen: x86 null segments not always treated as unusable 58343dc2-x86-hvm-Fix-the-handling-of-non-present-segments.patch - bsc#1009103 - VUL-0: CVE-2016-9382: XSA-192: xen: x86 task switch to VM86 mode mis-handled 58343df8-x86-HVM-dont-load-LDTR-with-VM86-mode-attrs-during-task-switch.patch - bsc#1009104 - VUL-0: CVE-2016-9385: XSA-193: xen: x86 segment base write emulation lacking canonical address checks 58343e24-x86-PV-writes-of-fs-and-gs-base-MSRs-require-canonical-addresses.patch - bsc#1009105 - VUL-0: CVE-2016-9384: XSA-194: xen: guest 32-bit ELF symbol table load leaking host data 58343e9e-libelf-fix-stack-memory-leak-when-loading-32-bit-symbol-tables.patch - bsc#1009107 - VUL-0: CVE-2016-9383: XSA-195: xen: x86 64-bit bit test instruction emulation broken 58343ec2-x86emul-fix-huge-bit-offset-handling.patch - bsc#1009108 - VUL-0: CVE-2016-9377,CVE-2016-9378: XSA-196: xen: x86 software interrupt injection mis-handled 58343f29-x86-emul-correct-the-IDT-entry-calculation-in-inject_swint.patch 58343f44-x86-svm-fix-injection-of-software-interrupts.patch - bsc#1009109 - VUL-0: CVE-2016-9381: XSA-197: xen: qemu incautious about shared ring processing CVE-2016-9381-xsa197-qemut.patch - bsc#1009111 - VUL-0: CVE-2016-9379,CVE-2016-9380: XSA-198: xen: delimiter injection vulnerabilities in pygrub 58343f79-pygrub-Properly-quote-results-when-returning-them-to-the-caller.patch - Upstream patches from Jan 581b2c3b-x86-emul-reject-LGDT-LIDT-with-non-canonical-addresses.patch 581b647a-x86emul-L-S-G-I-DT-ignore-opsz-overrides-in-64-bit-mode.patch 58249392-x86-svm-dont-clobber-eax-edx-if-RDMSR-intercept-fails.patch 582c35d6-x86-vmx-correct-long-mode-check-in-vmx_cpuid_intercept.patch 582c35ee-x86-traps-dont-call-hvm_hypervisor_cpuid_leaf-for-PV.patch- Update to Xen Version 4.7.1 xen-4.7.1-testing-src.tar.bz2 - Dropped patches contained in new tarball xen-4.7.0-testing-src.tar.bz2 575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch 57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch 57973099-have-schedulers-revise-initial-placement.patch 579730e6-remove-buggy-initial-placement-algorithm.patch 57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch 57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch 57ac6316-don-t-restrict-DMA-heap-to-node-0.patch 57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch 57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch 57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch 57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch 57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch 57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch 57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch 57c82be2-x86-32on64-adjust-call-gate-emulation.patch 57c93e52-fix-error-in-libxl_device_usbdev_list.patch 57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch 57c96e2c-x86-correct-PT_NOTE-file-position.patch 57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch 57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch 57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch 57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch 57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch 57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch 57d7ca5f-x86-domctl-fix-TOCTOU-race-in-XEN_DOMCTL_getvcpuextstate.patch 57d7ca64-x86-domctl-fix-migration-of-guests-not-using-xsave.patch 57da8883-credit1-fix-mask-to-be-used-for-tickling.patch 57da8883-credit2-properly-schedule-migration-of-running-vcpu.patch 57dfb1c5-x86-Intel-hide-CPUID-faulting-capability-from-guests.patch 57e93e1d-x86emul-correct-loading-of-ss.patch 57e93e4a-x86emul-don-t-allow-null-selector-for-LTR.patch 57e93e89-x86-AMD-apply-erratum-665-workaround.patch 57ee6cbc-credit1-return-time-remaining-to-limit-as-next-timeslice.patch 57f3a8ee-x86emul-honor-guest-CR0-TS-and-CR0-EM.patch 57fb6a91-x86-defer-not-present-segment-checks.patch 5800c51d-x86-hvm-Clobber-cs-L-when-LME-becomes-set.patch 5800caec-x86emul-fix-pushing-of-selector-registers.patch 5800cb06-x86-Viridian-don-t-depend-on-undefined-register-state.patch 580e29f9-x86-MISALIGNSSE-feature-depends-on-SSE.patch 57dfb2ff-x86-Intel-Broadwell-no-PKG_C8-10_RESIDENCY-MSRs.patch- bsc#1004981 - Xen RPM doesn't contain debug hypervisor for EFI systems xen.spec- bsc#1000106 - VUL-0: CVE-2016-7777: xen: CR0.TS and CR0.EM not always honored for x86 HVM guests (XSA-190) 57f3a8ee-x86emul-honor-guest-CR0-TS-and-CR0-EM.patch - bsc#996191 - [XEN][acpi]residency -n 88 -c will cause xen panic on broadwell-ep 57dfb2ff-x86-Intel-Broadwell-no-PKG_C8-10_RESIDENCY-MSRs.patch - Upstream patches from Jan 57d7ca5f-x86-domctl-fix-TOCTOU-race-in-XEN_DOMCTL_getvcpuextstate.patch 57d7ca64-x86-domctl-fix-migration-of-guests-not-using-xsave.patch 57da8883-credit1-fix-mask-to-be-used-for-tickling.patch 57da8883-credit2-properly-schedule-migration-of-running-vcpu.patch 57dfb1c5-x86-Intel-hide-CPUID-faulting-capability-from-guests.patch 57e93e1d-x86emul-correct-loading-of-ss.patch 57e93e4a-x86emul-don-t-allow-null-selector-for-LTR.patch 57e93e89-x86-AMD-apply-erratum-665-workaround.patch 57ee6cbc-credit1-return-time-remaining-to-limit-as-next-timeslice.patch 57fb6a91-x86-defer-not-present-segment-checks.patch 5800c51d-x86-hvm-Clobber-cs-L-when-LME-becomes-set.patch 5800caec-x86emul-fix-pushing-of-selector-registers.patch 5800cb06-x86-Viridian-don-t-depend-on-undefined-register-state.patch 580e29f9-x86-MISALIGNSSE-feature-depends-on-SSE.patch 5810a9cc-x86-emul-Correct-decoding-of-SReg3-operands.patch- bsc#1007941 - Xen tools limit the number of vcpus to 256 when the system has 384 xen-arch-kconfig-nr_cpus.patch- bsc#1007157 - VUL-0: CVE-2016-8910: xen: net: rtl8139: infinite loop while transmit in C+ mode CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch- bsc#1005004 - CVE-2016-8667: xen: dma: rc4030 divide by zero error in set_next_tick CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch - bsc#1005005 - VUL-0: CVE-2016-8669: xen: char: divide by zero error in serial_update_parameters CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch- bsc#1003030 - VUL-0: CVE-2016-7908: xen: net: Infinite loop in mcf_fec_do_tx CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch - bsc#1003032 - VUL-0: CVE-2016-7909: xen: net: pcnet: infinite loop in pcnet_rdra_addr CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch- bsc#995785 - VUL-0: CVE-2016-7092: xen: x86: Disallow L3 recursive pagetable for 32-bit PV guests (XSA-185) 57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch - bsc#995789 - VUL-0: CVE-2016-7093: xen: x86: Mishandling of instruction pointer truncation during emulation (XSA-186) 57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch 57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch - bsc#995792 - VUL-0: CVE-2016-7094: xen: x86 HVM: Overflow of sh_ctxt->seg_reg[] (XSA-187) 57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch 57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch - bsc#991934 - xen hypervisor crash in csched_acct 57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch - Upstream patches from Jan 57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch 57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch 57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch 57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch 57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch 57c82be2-x86-32on64-adjust-call-gate-emulation.patch 57c96e2c-x86-correct-PT_NOTE-file-position.patch 57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch- bsc#979002 - add 60-persistent-xvd.rules and helper script also to initrd, add the relevant dracut helper- bnc#953518 - unplug also SCSI disks in qemu-xen-traditional for upstream unplug protocol- bsc#989679 - [pvusb feature] USB device not found when 'virsh detach-device guest usb.xml' 57c93e52-fix-error-in-libxl_device_usbdev_list.patch- bsc#992224 - [HPS Bug] During boot of Xen Hypervisor, Failed to get contiguous memory for DMA from Xen 57ac6316-don-t-restrict-DMA-heap-to-node-0.patch - bsc#978755 - xen uefi systems fail to boot - bsc#983697 - SLES12 SP2 Xen UEFI mode cannot boot 57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch - Upstream patch from Jan 57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch- spec: to stay compatible with the in-tree qemu-xen binary, use /usr/bin/qemu-system-i386 instead of /usr/bin/qemu-system-x86_64 bsc#986164- bsc#970135 - new virtualization project clock test randomly fails on Xen 576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch 5769106e-x86-generate-assembler-equates-for-synthesized.patch 57a1e603-x86-time-adjust-local-system-time-initialization.patch 57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch 57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch - bsc#991934 - xen hypervisor crash in csched_acct 57973099-have-schedulers-revise-initial-placement.patch 579730e6-remove-buggy-initial-placement-algorithm.patch - bsc#988675 - VUL-0: CVE-2016-6258: xen: x86: Privilege escalation in PV guests (XSA-182) 57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch - bsc#988676 - VUL-0: CVE-2016-6259: xen: x86: Missing SMAP whitelisting in 32-bit exception / event delivery (XSA-183) 57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch - Upstream patches from Jan 57a30261-x86-support-newer-Intel-CPU-models.patch- bsc#985503 - vif-route broken vif-route.patch- bsc#978413 - PV guest upgrade from sles11sp4 to sles12sp2 alpha3 failed on sles11sp4 xen host. pygrub-handle-one-line-menu-entries.patch- bsc#990843 - VUL-1: CVE-2016-6351: xen: qemu: scsi: esp: OOB write access in esp_do_dma CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch- bsc#900418 - Dump cannot be performed on SLES12 XEN 57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch - Upstream patches from Jan 575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch 57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch- fate#319989 - Update to Xen 4.7 FCS xen-4.7.0-testing-src.tar.bz2 - Drop CVE-2014-3672-qemut-xsa180.patch- bsc#954872 - script block-dmmd not working as expected - libxl: error: libxl_dm.c (Additional fixes) block-dmmd- Convert with_stubdom into build_conditional to allow adjusting via prjconf - Convert with_debug into build_conditional to allow adjusting via prjconf- bsc#979002 - add 60-persistent-xvd.rules and helper script to xen-tools-domU to simplify transition to pvops based kernels- Convert with_oxenstored into build_conditional to allow adjusting via prjconf (fate#320836)- bsc#983984 - VUL-0: CVE-2016-5338: xen: qemu: scsi: esp: OOB r/w access while processing ESP_FIFO CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch - bsc#982960 - VUL-0: CVE-2016-5238: xen: qemu: scsi: esp: OOB write when using non-DMA mode in get_cmd CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch- fate#319989 - Update to Xen 4.7 RC5 xen-4.7.0-testing-src.tar.bz2- fate#319989 - Update to Xen 4.7 RC4 xen-4.7.0-testing-src.tar.bz2 - Dropped xen.pkgconfig-4.7.patch xsa164.patch- bsc#981264 - VUL-0: CVE-2014-3672: xen: Unrestricted qemu logging (XSA-180) CVE-2014-3672-qemut-xsa180.patch- bsc#980724 - VUL-0: CVE-2016-4441: Qemu: scsi: esp: OOB write while writing to 's->cmdbuf' in get_cmd CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch - bsc#980716 - VUL-0: CVE-2016-4439: xen: scsi: esp: OOB write while writing to 's->cmdbuf' in esp_reg_write CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch- fate#319989 - Update to Xen 4.7 RC3 xen-4.7.0-testing-src.tar.bz2 - Dropped libxl-remove-cdrom-cachemode.patch x86-PoD-only-reclaim-if-needed.patch gcc6-warnings-as-errors.patch- bsc#954872 - script block-dmmd not working as expected - libxl: error: libxl_dm.c (another modification) block-dmmd- fate#319989 - Update to Xen 4.7 RC2 xen-4.7.0-testing-src.tar.bz2- bsc#961600 - L3: poor performance when Xen HVM domU configured with max memory > current memory x86-PoD-only-reclaim-if-needed.patch- Mark SONAMEs and pkgconfig as xen 4.7 xen.pkgconfig-4.7.patch- bsc#977329 - Xen: Cannot boot HVM guests with empty cdrom libxl-remove-cdrom-cachemode.patch- fate#319989 - Update to Xen 4.7 RC1 xen-4.7.0-testing-src.tar.bz2- fate#316614: set migration constraints from cmdline restore libxl.set-migration-constraints-from-cmdline.patch- Remove obsolete patch for xen-kmp magic_ioport_compat.patch- fate#316613: update to v12 libxl.pvscsi.patch- Update to the latest Xen 4.7 pre-release c2994f86 Drop libxl.migrate-legacy-stream-read.patch- bnc#972756 - Can't migrate HVM guest from SLES12SP1 Xen host to SLES12SP2 Alpha 1 host using xl migrate libxl.migrate-legacy-stream-read.patch- Add patches from proposed upstream series to load BIOS's from the toolstack instead of embedding in hvmloader http://lists.xenproject.org/archives/html/xen-devel/2016-03/msg01626.html 0001-libxc-Rework-extra-module-initialisation.patch, 0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch, 0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch, 0004-firmware-makefile-install-BIOS-blob.patch, 0005-libxl-Load-guest-BIOS-from-file.patch, 0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch, 0007-hvmloader-Grab-the-hvm_start_info-pointer.patch, 0008-hvmloader-Locate-the-BIOS-blob.patch, 0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch, 0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch, 0011-hvmloader-Load-OVMF-from-modules.patch, 0012-hvmloader-Specific-bios_load-function-required.patch, 0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch, 0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch - Enable support for UEFI on x86_64 using the ovmf-x86_64-ms.bin firmware from qemu-ovmf-x86_64. The firmware is preloaded with Microsoft keys to more closely resemble firmware on real hardware FATE#320490- fate#319989: Update to Xen 4.7 (pre-release) xen-4.7.0-testing-src.tar.bz2 - Dropped: xen-4.6.1-testing-src.tar.bz2 55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch 5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch 5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch 5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch hotplug-Linux-block-performance-fix.patch set-mtu-from-bridge-for-tap-interface.patch xendomains-libvirtd-conflict.patch xsa154.patch xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch xsa170.patch- Use system SeaBIOS instead of building/installing another one FATE#320638 Dropped files: seabios-dir-remote.tar.bz2 xen-c99-fix.patch xen.build-compare.seabios.patch- spec: drop BuildRequires that were only needed for qemu-xen- bsc#969377 - xen does not build with GCC 6 ipxe-use-rpm-opt-flags.patch gcc6-warnings-as-errors.patch- bsc#969351 - VUL-0: CVE-2016-2841: xen: net: ne2000: infinite loop in ne2000_receive CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch - Drop xsa154-fix.patch- Use system qemu instead of building/installing yet another qemu FATE#320638 - Dropped files qemu-xen-dir-remote.tar.bz2 CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch CVE-2015-4037-qemuu-smb-config-dir-name.patch CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch CVE-2016-2538-qemuu-usb-integer-overflow-in-remote-NDIS-message-handling.patch CVE-2015-8619-qemuu-stack-based-OOB-write-in-hmp_sendkey-routine.patch qemu-xen-enable-spice-support.patch qemu-xen-upstream-qdisk-cache-unsafe.patch tigervnc-long-press.patch xsa162-qemuu.patch- bsc#962321 - VUL-0: CVE-2016-1922: xen: i386: null pointer dereference in vapic_write() CVE-2016-1922-qemuu-i386-null-pointer-dereference-in-vapic_write.patch- bsc#968004 - VUL-0: CVE-2016-2538: xen: usb: integer overflow in remote NDIS control message handling CVE-2016-2538-qemuu-usb-integer-overflow-in-remote-NDIS-message-handling.patch- bsc#954872 - L3: script block-dmmd not working as expected - libxl: error: libxl_dm.c block-dmmd - Update libxl to recognize dmmd and npiv prefix in disk spec xen.libxl.dmmd.patch- bsc#967101 - VUL-0: CVE-2016-2391: xen: usb: multiple eof_timers in ohci module leads to null pointer dereference CVE-2016-2391-qemuu-usb-null-pointer-dereference-in-ohci-module.patch CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch - bsc#967090 - VUL-0: CVE-2016-2392: xen: usb: null pointer dereference in remote NDIS control message handling CVE-2016-2392-qemuu-usb-null-pointer-dereference-in-NDIS-message-handling.patch- Update to Xen Version 4.6.1 xen-4.6.1-testing-src.tar.bz2 - Dropped patches now contained in tarball or unnecessary xen-4.6.0-testing-src.tar.bz2 5604f239-x86-PV-properly-populate-descriptor-tables.patch 561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-it-is-zero.patch 561d2046-VT-d-use-proper-error-codes-in-iommu_enable_x2apic_IR.patch 561d20a0-x86-hide-MWAITX-from-PV-domains.patch 561e3283-x86-NUMA-fix-SRAT-table-processor-entry-parsing-and-consumption.patch 5632118e-arm-Support-hypercall_create_continuation-for-multicall.patch 56321222-arm-rate-limit-logging-from-unimplemented-PHYSDEVOP-and-HVMOP.patch 56321249-arm-handle-races-between-relinquish_memory-and-free_domheap_pages.patch 5632127b-x86-guard-against-undue-super-page-PTE-creation.patch 5632129c-free-domain-s-vcpu-array.patch 563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch 563212e4-xenoprof-free-domain-s-vcpu-array.patch 563212ff-x86-rate-limit-logging-in-do_xen-oprof-pmu-_op.patch 56323737-libxl-adjust-PoD-target-by-memory-fudge-too.patch 56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch 5641ceec-x86-HVM-always-intercept-AC-and-DB.patch 56549f24-x86-vPMU-document-as-unsupported.patch 5677f350-x86-make-debug-output-consistent-in-hvm_set_callback_via.patch xsa155-qemut-qdisk-double-access.patch xsa155-qemut-xenfb.patch xsa155-qemuu-qdisk-double-access.patch xsa155-qemuu-xenfb.patch xsa159.patch xsa160.patch xsa162-qemut.patch xsa165.patch xsa166.patch xsa167.patch xsa168.patch- bsc#965315 - VUL-0: CVE-2016-2270: xen: x86: inconsistent cachability flags on guest mappings (XSA-154) xsa154.patch - bsc#965317 - VUL-0: CVE-2016-2271: xen: VMX: guest user mode may crash guest with non-canonical RIP (XSA-170) xsa170.patch- bsc#965269 - VUL-1: CVE-2015-8619: xen: stack based OOB write in hmp_sendkey routine CVE-2015-8619-qemuu-stack-based-OOB-write-in-hmp_sendkey-routine.patch- bsc#965156 - VUL-0: CVE-2015-6855: xen: ide: divide by zero issue CVE-2015-6855-qemuu-ide-divide-by-zero-issue.patch - bsc#965112 - VUL-0: CVE-2014-3640: xen: slirp: NULL pointer deref in sosendto() CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch- bsc#964947 - VUL-0: CVE-2015-5278: xen: Infinite loop in ne2000_receive() function CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch - bsc#956832 - VUL-0: CVE-2015-8345: xen: qemu: net: eepro100: infinite loop in processing command block list CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch- bsc#964644 - VUL-0: CVE-2013-4533: xen pxa2xx: buffer overrun on incoming migration CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch - bsc#964925 - VUL-0: CVE-2014-0222: xen: qcow1: validate L2 table size to avoid integer overflows CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch - Dropped CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch- bsc#964415 - VUL-1: CVE-2016-2198: xen: usb: ehci null pointer dereference in ehci_caps_write CVE-2016-2198-qemuu-usb-ehci-null-pointer-dereference-in-ehci_caps_write.patch - bsc#964452 - VUL-0: CVE-2013-4534: xen: openpic: buffer overrun on incoming migration CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch- bsc#963783 - VUL-1: CVE-2016-1981: xen: net: e1000 infinite loop in start_xmit and e1000_receive_iov routines CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch- bsc#962758 - VUL-0: CVE-2013-4539: xen: tsc210x: buffer overrun on invalid state load CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch- bsc#962632 - VUL-0: CVE-2015-1779: xen: vnc: insufficient resource limiting in VNC websockets decoder CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch - bsc#962642 - VUL-0: CVE-2013-4537: xen: ssi-sd: buffer overrun on invalid state load CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch - bsc#962627 - VUL-0: CVE-2014-7815: xen: vnc: insufficient bits_per_pixel from the client sanitization CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch- bsc#962335 - VUL-0: CVE-2013-4538: xen: ssd0323: fix buffer overun on invalid state CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch - bsc#962360 - VUL-0: CVE-2015-7512: xen: net: pcnet: buffer overflow in non-loopback mode CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch- bsc#961692 - VUL-0: CVE-2016-1714: xen: nvram: OOB r/w access in processing firmware configurations CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch- bsc#961358 - VUL-0: CVE-2015-8613: xen: qemu: scsi: stack based buffer overflow in megasas_ctrl_get_info CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch - bsc#961332 - VUL-0: CVE-2016-1568: xen: Qemu: ide: ahci use-after-free vulnerability in aio port commands CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch- bsc#959695 - missing docs for xen xen.spec- bsc#960862 - VUL-0: CVE-2016-1571: xen: VMX: intercept issue with INVLPG on non-canonical address (XSA-168) xsa168.patch - bsc#960861 - VUL-0: CVE-2016-1570: xen: PV superpage functionality missing sanity checks (XSA-167) xsa167.patch - bsc#960836 - VUL-0: CVE-2015-8744: xen: net: vmxnet3: incorrect l2 header validation leads to a crash via assert(2) call CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch- bsc#960707 - VUL-0: CVE-2015-8745: xen: reading IMR registers leads to a crash via assert(2) call CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch - bsc#960726 - VUL-0: CVE-2015-8743: xen: ne2000: OOB memory access in ioport r/w functions CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch- bsc#960093 - VUL-0: CVE-2015-8615: xen: x86: unintentional logging upon guest changing callback method (XSA-169) 5677f350-x86-make-debug-output-consistent-in-hvm_set_callback_via.patch- Adjust xen-dom0-modules.service to run Before xenstored.service instead of proc-xen.mount to workaround a bug in systemd "design" (bnc#959845)- bsc#959387 - VUL-0: CVE-2015-8568 CVE-2015-8567: xen: qemu: net: vmxnet3: host memory leakage CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch- bsc#957988 - VUL-0: CVE-2015-8550: xen: paravirtualized drivers incautious about shared memory contents (XSA-155) xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch xsa155-qemuu-qdisk-double-access.patch xsa155-qemut-qdisk-double-access.patch xsa155-qemuu-xenfb.patch xsa155-qemut-xenfb.patch - bsc#959006 - VUL-0: CVE-2015-8558: xen: qemu: usb: infinite loop in ehci_advance_state results in DoS CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch - bsc#958918 - VUL-0: CVE-2015-7549: xen: qemu pci: null pointer dereference issue CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch - bsc#958493 - VUL-0: CVE-2015-8504: xen: qemu: ui: vnc: avoid floating point exception CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch - bsc#958007 - VUL-0: CVE-2015-8554: xen: qemu-dm buffer overrun in MSI-X handling (XSA-164) xsa164.patch - bsc#958009 - VUL-0: CVE-2015-8555: xen: information leak in legacy x86 FPU/XMM initialization (XSA-165) xsa165.patch - bsc#958523 - VUL-0: xen: ioreq handling possibly susceptible to multiple read issue (XSA-166) xsa166.patch- bsc#956832 - VUL-0: CVE-2015-8345: xen: qemu: net: eepro100: infinite loop in processing command block list CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch - Upstream patches from Jan 56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch 5641ceec-x86-HVM-always-intercept-AC-and-DB.patch (Replaces CVE-2015-5307-xsa156.patch) 5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch 56544a57-VMX-fix-adjust-trap-injection.patch 56546ab2-sched-fix-insert_vcpu-locking.patch- bsc#956592 - VUL-0: xen: virtual PMU is unsupported (XSA-163) 56549f24-x86-vPMU-document-as-unsupported.patch - bsc#956408 - VUL-0: CVE-2015-8339, CVE-2015-8340: xen: XENMEM_exchange error handling issues (XSA-159) xsa159.patch - bsc#956409 - VUL-0: CVE-2015-8341: xen: libxl leak of pv kernel and initrd on error (XSA-160) xsa160.patch - bsc#956411 - VUL-0: CVE-2015-7504: xen: heap buffer overflow vulnerability in pcnet emulator (XSA-162) xsa162-qemuu.patch xsa162-qemut.patch - bsc#947165 - VUL-0: CVE-2015-7311: xen: libxl fails to honour readonly flag on disks with qemu-xen (xsa-142) 5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch 5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch- fate#315712: XEN: Use the PVOPS kernel Turn off building the KMPs now that we are using the pvops kernel xen.spec- Upstream patches from Jan 561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-it-is-zero.patch 561d20a0-x86-hide-MWAITX-from-PV-domains.patch 561e3283-x86-NUMA-fix-SRAT-table-processor-entry-parsing-and-consumption.patch 5632118e-arm-Support-hypercall_create_continuation-for-multicall.patch 56321222-arm-rate-limit-logging-from-unimplemented-PHYSDEVOP-and-HVMOP.patch 56321249-arm-handle-races-between-relinquish_memory-and-free_domheap_pages.patch 5632127b-x86-guard-against-undue-super-page-PTE-creation.patch 5632129c-free-domain-s-vcpu-array.patch (Replaces CVE-2015-7969-xsa149.patch) 563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch 563212e4-xenoprof-free-domain-s-vcpu-array.patch 563212ff-x86-rate-limit-logging-in-do_xen-oprof-pmu-_op.patch 56323737-libxl-adjust-PoD-target-by-memory-fudge-too.patch 56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch 5641ceec-x86-HVM-always-intercept-AC-and-DB.patch (Replaces CVE-2015-5307-xsa156.patch) 5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch - Dropped 55b0a2db-x86-MSI-track-guest-masking.patch- Use upstream variants of block-iscsi and block-nbd- Remove xenalyze.hg, its part of xen-4.6- Update to Xen Version 4.6.0 xen-4.6.0-testing-src.tar.bz2 mini-os.tar.bz2 blktap2-no-uninit.patch stubdom-have-iovec.patch - Renamed xsa149.patch to CVE-2015-7969-xsa149.patch - Dropped patches now contained in tarball or unnecessary xen-4.5.2-testing-src.tar.bz2 54c2553c-grant-table-use-uint16_t-consistently-for-offset-and-length.patch 54ca33bc-grant-table-refactor-grant-copy-to-reduce-duplicate-code.patch 54ca340e-grant-table-defer-releasing-pages-acquired-in-a-grant-copy.patch 54f4985f-libxl-fix-libvirtd-double-free.patch 55103616-vm-assist-prepare-for-discontiguous-used-bit-numbers.patch 551ac326-xentop-add-support-for-qdisk.patch 552d0fd2-x86-hvm-don-t-include-asm-spinlock-h.patch 552d0fe8-x86-mtrr-include-asm-atomic.h.patch 552d293b-x86-vMSI-X-honor-all-mask-requests.patch 552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch 5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch 5548e903-domctl-don-t-truncate-XEN_DOMCTL_max_mem-requests.patch 5548e95d-x86-allow-to-suppress-M2P-user-mode-exposure.patch 554c7aee-x86-provide-arch_fetch_and_add.patch 554c7b00-arm-provide-arch_fetch_and_add.patch 554cc211-libxl-add-qxl.patch 55534b0a-x86-provide-add_sized.patch 55534b25-arm-provide-add_sized.patch 5555a4f8-use-ticket-locks-for-spin-locks.patch 5555a5b9-x86-arm-remove-asm-spinlock-h.patch 5555a8ec-introduce-non-contiguous-allocation.patch 556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch 5576f143-x86-adjust-PV-I-O-emulation-functions-types.patch 55795a52-x86-vMSI-X-support-qword-MMIO-access.patch 557eb55f-gnttab-per-active-entry-locking.patch 557eb5b6-gnttab-introduce-maptrack-lock.patch 557eb620-gnttab-make-the-grant-table-lock-a-read-write-lock.patch 557ffab8-evtchn-factor-out-freeing-an-event-channel.patch 5582bf43-evtchn-simplify-port_is_valid.patch 5582bf81-evtchn-remove-the-locking-when-unmasking-an-event-channel.patch 5583d9c5-x86-MSI-X-cleanup.patch 5583da09-x86-MSI-track-host-and-guest-masking-separately.patch 5583da64-gnttab-use-per-VCPU-maptrack-free-lists.patch 5583da8c-gnttab-steal-maptrack-entries-from-other-VCPUs.patch 5587d711-evtchn-clear-xen_consumer-when-clearing-state.patch 5587d779-evtchn-defer-freeing-struct-evtchn-s-until-evtchn_destroy_final.patch 5587d7b7-evtchn-use-a-per-event-channel-lock-for-sending-events.patch 5587d7e2-evtchn-pad-struct-evtchn-to-64-bytes.patch 55b0a218-x86-PCI-CFG-write-intercept.patch 55b0a255-x86-MSI-X-maskall.patch 55b0a283-x86-MSI-X-teardown.patch 55b0a2ab-x86-MSI-X-enable.patch blktapctrl-close-fifos.patch blktapctrl-default-to-ioemu.patch blktapctrl-disable-debug-printf.patch blktap-no-uninit.patch blktap-pv-cdrom.patch build-tapdisk-ioemu.patch ioemu-bdrv-open-CACHE_WB.patch ioemu-blktap-barriers.patch ioemu-blktap-fv-init.patch ioemu-blktap-image-format.patch ioemu-blktap-zero-size.patch libxl.set-migration-constraints-from-cmdline.patch local_attach_support_for_phy.patch pci-attach-fix.patch qemu-xen-upstream-megasas-buildtime.patch tapdisk-ioemu-logfile.patch tapdisk-ioemu-shutdown-fix.patch udev-rules.patch xen.build-compare.ipxe.patch xen.build-compare.mini-os.patch xen.build-compare.smbiosdate.patch xen.build-compare.vgabios.patch xen.build-compare.xen_compile_h.patch xl-coredump-file-location.patch- bsc#954405 - VUL-0: CVE-2015-8104: Xen: guest to host DoS by triggering an infinite loop in microcode via #DB exception - bsc#954018 - VUL-0: CVE-2015-5307: xen: x86: CPU lockup during fault delivery (XSA-156) CVE-2015-5307-xsa156.patch- Update to Xen 4.5.2 xen-4.5.2-testing-src.tar.bz2 - Drop the following xen-4.5.1-testing-src.tar.bz2 552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch 5576f178-kexec-add-more-pages-to-v1-environment.patch 55780be1-x86-EFI-adjust-EFI_MEMORY_WP-handling-for-spec-version-2.5.patch 558bfaa0-x86-traps-avoid-using-current-too-early.patch 5592a116-nested-EPT-fix-the-handling-of-nested-EPT.patch 559b9dd6-x86-p2m-ept-don-t-unmap-in-use-EPT-pagetable.patch 559bc633-x86-cpupool-clear-proper-cpu_valid-bit-on-CPU-teardown.patch 559bc64e-credit1-properly-deal-with-CPUs-not-in-any-pool.patch 559bc87f-x86-hvmloader-avoid-data-corruption-with-xenstore-rw.patch 559bdde5-pull-in-latest-linux-earlycpio.patch 55a62eb0-xl-correct-handling-of-extra_config-in-main_cpupoolcreate.patch 55a66a1e-make-rangeset_report_ranges-report-all-ranges.patch 55a77e4f-dmar-device-scope-mem-leak-fix.patch 55c1d83d-x86-gdt-Drop-write-only-xalloc-d-array.patch 55c3232b-x86-mm-Make-hap-shadow-teardown-preemptible.patch 55dc78e9-x86-amd_ucode-skip-updates-for-final-levels.patch 55df2f76-IOMMU-skip-domains-without-page-tables-when-dumping.patch 55e43fd8-x86-NUMA-fix-setup_node.patch 55e43ff8-x86-NUMA-don-t-account-hotplug-regions.patch 55e593f1-x86-NUMA-make-init_node_heap-respect-Xen-heap-limit.patch 55f2e438-x86-hvm-fix-saved-pmtimer-and-hpet-values.patch 55f9345b-x86-MSI-fail-if-no-hardware-support.patch 5604f2e6-vt-d-fix-IM-bit-mask-and-unmask-of-FECTL_REG.patch 560a4af9-x86-EPT-tighten-conditions-of-IOMMU-mapping-updates.patch 560a7c36-x86-p2m-pt-delay-freeing-of-intermediate-page-tables.patch 560a7c53-x86-p2m-pt-ignore-pt-share-flag-for-shadow-mode-guests.patch 560bd926-credit1-fix-tickling-when-it-happens-from-a-remote-pCPU.patch 560e6d34-x86-p2m-pt-tighten-conditions-of-IOMMU-mapping-updates.patch 561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-0.patch 561d20a0-x86-hide-MWAITX-from-PV-domains.patch 561e3283-x86-NUMA-fix-SRAT-table-processor-entry-handling.patch 563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch CVE-2015-4106-xsa131-9.patch CVE-2015-3259-xsa137.patch CVE-2015-7311-xsa142.patch CVE-2015-7835-xsa148.patch xsa139-qemuu.patch xsa140-qemuu-1.patch xsa140-qemuu-2.patch xsa140-qemuu-3.patch xsa140-qemuu-4.patch xsa140-qemuu-5.patch xsa140-qemuu-6.patch xsa140-qemuu-7.patch xsa140-qemut-1.patch xsa140-qemut-2.patch xsa140-qemut-3.patch xsa140-qemut-4.patch xsa140-qemut-5.patch xsa140-qemut-6.patch xsa140-qemut-7.patch xsa151.patch xsa152.patch xsa153-libxl.patch CVE-2015-5154-qemuu-check-array-bounds-before-writing-to-io_buffer.patch CVE-2015-5154-qemuu-fix-START-STOP-UNIT-command-completion.patch CVE-2015-5154-qemuu-clear-DRQ-after-handling-all-expected-accesses.patch CVE-2015-5154-qemut-check-array-bounds-before-writing-to-io_buffer.patch CVE-2015-5154-qemut-clear-DRQ-after-handling-all-expected-accesses.patch CVE-2015-6815-qemuu-e1000-fix-infinite-loop.patch CVE-2015-5239-qemuu-limit-client_cut_text-msg-payload-size.patch CVE-2015-5239-qemut-limit-client_cut_text-msg-payload-size.patch"- bsc#950704 - CVE-2015-7970 VUL-1: xen: x86: Long latency populate-on-demand operation is not preemptible (XSA-150) 563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch- Upstream patches from Jan 5604f239-x86-PV-properly-populate-descriptor-tables.patch 561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-0.patch 561d2046-VT-d-use-proper-error-codes-in-iommu_enable_x2apic_IR.patch 561d20a0-x86-hide-MWAITX-from-PV-domains.patch 561e3283-x86-NUMA-fix-SRAT-table-processor-entry-handling.patch- bsc#951845 - VUL-0: CVE-2015-7972: xen: x86: populate-on-demand balloon size inaccuracy can crash guests (XSA-153) xsa153-libxl.patch- bsc#950703 - VUL-1: CVE-2015-7969: xen: leak of main per-domain vcpu pointer array (DoS) (XSA-149) xsa149.patch - bsc#950705 - VUL-1: CVE-2015-7969: xen: x86: leak of per-domain profiling-related vcpu pointer array (DoS) (XSA-151) xsa151.patch - bsc#950706 - VUL-0: CVE-2015-7971: xen: x86: some pmu and profiling hypercalls log without rate limiting (XSA-152) xsa152.patch - Dropped 55dc7937-x86-IO-APIC-don-t-create-pIRQ-mapping-from-masked-RTE.patch 5604f239-x86-PV-properly-populate-descriptor-tables.patch- bsc#932267 - VUL-1: CVE-2015-4037: qemu,kvm,xen: insecure temporary file use in /net/slirp.c CVE-2015-4037-qemuu-smb-config-dir-name.patch CVE-2015-4037-qemut-smb-config-dir-name.patch - bsc#877642 - VUL-0: CVE-2014-0222: qemu: qcow1: validate L2 table size to avoid integer overflows CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch- bsc#950367 - VUL-0: CVE-2015-7835: xen: x86: Uncontrolled creation of large page mappings by PV guests (XSA-148) CVE-2015-7835-xsa148.patch- bsc#949138 - Setting vcpu affinity under Xen causes libvirtd abort 54f4985f-libxl-fix-libvirtd-double-free.patch- bsc#949046 - Increase %suse_version in SP1 to 1316 xen.spec - Update README.SUSE detailing dom0 ballooning recommendations- bsc#945167 - Running command ’ xl pci-assignable-add 03:10.1’ secondly show errors 55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch - Upstream patches from Jan 55f2e438-x86-hvm-fix-saved-pmtimer-and-hpet-values.patch 55f9345b-x86-MSI-fail-if-no-hardware-support.patch 5604f239-x86-PV-properly-populate-descriptor-tables.patch 5604f2e6-vt-d-fix-IM-bit-mask-and-unmask-of-FECTL_REG.patch 560a4af9-x86-EPT-tighten-conditions-of-IOMMU-mapping-updates.patch 560a7c36-x86-p2m-pt-delay-freeing-of-intermediate-page-tables.patch 560a7c53-x86-p2m-pt-ignore-pt-share-flag-for-shadow-mode-guests.patch 560bd926-credit1-fix-tickling-when-it-happens-from-a-remote-pCPU.patch 560e6d34-x86-p2m-pt-tighten-conditions-of-IOMMU-mapping-updates.patch- bsc#941074 - VmError: Device 51728 (vbd) could not be connected. Hotplug scripts not working. hotplug-Linux-block-performance-fix.patch- bsc#947165 - VUL-0: CVE-2015-7311: xen: libxl fails to honour readonly flag on disks with qemu-xen (xsa-142) CVE-2015-7311-xsa142.patch- bsc#945165 - Xl pci-attach show error with kernel of SLES 12 sp1 pci-attach-fix.patch- bsc#945164 - Xl destroy show error with kernel of SLES 12 sp1 5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch- Upstream patches from Jan 55dc78e9-x86-amd_ucode-skip-updates-for-final-levels.patch 55dc7937-x86-IO-APIC-don-t-create-pIRQ-mapping-from-masked-RTE.patch 55df2f76-IOMMU-skip-domains-without-page-tables-when-dumping.patch 55e43fd8-x86-NUMA-fix-setup_node.patch 55e43ff8-x86-NUMA-don-t-account-hotplug-regions.patch 55e593f1-x86-NUMA-make-init_node_heap-respect-Xen-heap-limit.patch 54c2553c-grant-table-use-uint16_t-consistently-for-offset-and-length.patch 54ca33bc-grant-table-refactor-grant-copy-to-reduce-duplicate-code.patch 54ca340e-grant-table-defer-releasing-pages-acquired-in-a-grant-copy.patch- bsc#944463 - VUL-0: CVE-2015-5239: qemu-kvm: Integer overflow in vnc_client_read() and protocol_client_msg() CVE-2015-5239-qemuu-limit-client_cut_text-msg-payload-size.patch CVE-2015-5239-qemut-limit-client_cut_text-msg-payload-size.patch - bsc#944697 - VUL-1: CVE-2015-6815: qemu: net: e1000: infinite loop issue CVE-2015-6815-qemuu-e1000-fix-infinite-loop.patch CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch- bnc#935634 - VUL-0: CVE-2015-3259: xen: XSA-137: xl command line config handling stack overflow 55a62eb0-xl-correct-handling-of-extra_config-in-main_cpupoolcreate.patch- bsc#907514 - Bus fatal error & sles12 sudden reboot has been observed - bsc#910258 - SLES12 Xen host crashes with FATAL NMI after shutdown of guest with VT-d NIC - bsc#918984 - Bus fatal error & sles11-SP4 sudden reboot has been observed - bsc#923967 - Partner-L3: Bus fatal error & sles11-SP3 sudden reboot has been observed 552d293b-x86-vMSI-X-honor-all-mask-requests.patch 552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch 5576f143-x86-adjust-PV-I-O-emulation-functions-types.patch 55795a52-x86-vMSI-X-support-qword-MMIO-access.patch 5583d9c5-x86-MSI-X-cleanup.patch 5583da09-x86-MSI-track-host-and-guest-masking-separately.patch 55b0a218-x86-PCI-CFG-write-intercept.patch 55b0a255-x86-MSI-X-maskall.patch 55b0a283-x86-MSI-X-teardown.patch 55b0a2ab-x86-MSI-X-enable.patch 55b0a2db-x86-MSI-track-guest-masking.patch - Upstream patches from Jan 552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch 559bc633-x86-cpupool-clear-proper-cpu_valid-bit-on-CPU-teardown.patch 559bc64e-credit1-properly-deal-with-CPUs-not-in-any-pool.patch 559bc87f-x86-hvmloader-avoid-data-corruption-with-xenstore-rw.patch 55a66a1e-make-rangeset_report_ranges-report-all-ranges.patch 55a77e4f-dmar-device-scope-mem-leak-fix.patch 55c1d83d-x86-gdt-Drop-write-only-xalloc-d-array.patch 55c3232b-x86-mm-Make-hap-shadow-teardown-preemptible.patch - Dropped for upstream version x86-MSI-mask.patch x86-MSI-pv-unmask.patch x86-MSI-X-enable.patch x86-MSI-X-maskall.patch x86-MSI-X-teardown.patch x86-pci_cfg_okay.patch x86-PCI-CFG-write-intercept.patch- bsc#939712 - VUL-0: XSA-140: QEMU leak of uninitialized heap memory in rtl8139 device model xsa140-qemuu-1.patch xsa140-qemuu-2.patch xsa140-qemuu-3.patch xsa140-qemuu-4.patch xsa140-qemuu-5.patch xsa140-qemuu-6.patch xsa140-qemuu-7.patch xsa140-qemut-1.patch xsa140-qemut-2.patch xsa140-qemut-3.patch xsa140-qemut-4.patch xsa140-qemut-5.patch xsa140-qemut-6.patch xsa140-qemut-7.patch - bsc#939709 - VUL-0: XSA-139: xen: Use after free in QEMU/Xen block unplug protocol xsa139-qemuu.patch- bsc#937371 - xen vm's running after reboot xendomains-libvirtd-conflict.patch- bsc#938344 - VUL-0: CVE-2015-5154: qemu,kvm,xen: host code execution via IDE subsystem CD-ROM CVE-2015-5154-qemuu-check-array-bounds-before-writing-to-io_buffer.patch CVE-2015-5154-qemut-check-array-bounds-before-writing-to-io_buffer.patch CVE-2015-5154-qemuu-fix-START-STOP-UNIT-command-completion.patch CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch CVE-2015-5154-qemuu-clear-DRQ-after-handling-all-expected-accesses.patch CVE-2015-5154-qemut-clear-DRQ-after-handling-all-expected-accesses.patch- Remove xendomains.service from systemd preset file because it conflicts with libvirt-guests.service (bnc#937371) Its up to the admin to run systemctl enable xendomains.service- bnc#935634 - VUL-0: CVE-2015-3259: xen: XSA-137: xl command line config handling stack overflow CVE-2015-3259-xsa137.patch - Upstream patches from Jan 558bfaa0-x86-traps-avoid-using-current-too-early.patch 5592a116-nested-EPT-fix-the-handling-of-nested-EPT.patch 559b9dd6-x86-p2m-ept-don-t-unmap-in-use-EPT-pagetable.patch 559bdde5-pull-in-latest-linux-earlycpio.patch - Upstream patches from Jan pending review 552d0fd2-x86-hvm-don-t-include-asm-spinlock-h.patch 552d0fe8-x86-mtrr-include-asm-atomic.h.patch 552d293b-x86-vMSI-X-honor-all-mask-requests.patch 552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch 554c7aee-x86-provide-arch_fetch_and_add.patch 554c7b00-arm-provide-arch_fetch_and_add.patch 55534b0a-x86-provide-add_sized.patch 55534b25-arm-provide-add_sized.patch 5555a4f8-use-ticket-locks-for-spin-locks.patch 5555a5b9-x86-arm-remove-asm-spinlock-h.patch 5555a8ec-introduce-non-contiguous-allocation.patch 55795a52-x86-vMSI-X-support-qword-MMIO-access.patch 557eb55f-gnttab-per-active-entry-locking.patch 557eb5b6-gnttab-introduce-maptrack-lock.patch 557eb620-gnttab-make-the-grant-table-lock-a-read-write-lock.patch 557ffab8-evtchn-factor-out-freeing-an-event-channel.patch 5582bf43-evtchn-simplify-port_is_valid.patch 5582bf81-evtchn-remove-the-locking-when-unmasking-an-event-channel.patch 5583d9c5-x86-MSI-X-cleanup.patch 5583da09-x86-MSI-track-host-and-guest-masking-separately.patch 5583da64-gnttab-use-per-VCPU-maptrack-free-lists.patch 5583da8c-gnttab-steal-maptrack-entries-from-other-VCPUs.patch 5587d711-evtchn-clear-xen_consumer-when-clearing-state.patch 5587d779-evtchn-defer-freeing-struct-evtchn-s-until-evtchn_destroy_final.patch 5587d7b7-evtchn-use-a-per-event-channel-lock-for-sending-events.patch 5587d7e2-evtchn-pad-struct-evtchn-to-64-bytes.patch x86-MSI-pv-unmask.patch x86-pci_cfg_okay.patch x86-PCI-CFG-write-intercept.patch x86-MSI-X-maskall.patch x86-MSI-X-teardown.patch x86-MSI-X-enable.patch x86-MSI-mask.patch- Adjust more places to use br0 instead of xenbr0- bnc#936516 - xen fails to build with kernel update(4.1.0 from stable) 556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch- Update to Xen Version 4.5.1 FCS (fate#315675) xen-4.5.1-testing-src.tar.bz2 - Dropped patches now contained in tarball 556c2cf2-x86-don-t-crash-mapping-a-page-using-EFI-rt-page-tables.patch 556d9718-efi-fix-allocation-problems-if-ExitBootServices-fails.patch 556eabf7-x86-apic-Disable-the-LAPIC-later-in-smp_send_stop.patch 556eac15-x86-crash-don-t-use-set_fixmap-in-the-crash-path.patch 55780aaa-efi-avoid-calling-boot-services-after-ExitBootServices.patch 55780aff-x86-EFI-fix-EFI_MEMORY_WP-handling.patch 55780b43-EFI-early-add-mapbs-to-map-EfiBootServices-Code-Data.patch 55780b97-EFI-support-default-attributes-to-map-Runtime-service-areas.patch 5513b458-allow-reboot-overrides-when-running-under-EFI.patch 5513b4d1-dont-apply-reboot-quirks-if-reboot-set-by-user.patch 5576f178-kexec-add-more-pages-to-v1-environment.patch 5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch CVE-2015-3456-xsa133-qemuu.patch CVE-2015-3456-xsa133-qemut.patch qemu-MSI-X-enable-maskall.patch qemu-MSI-X-latch-writes.patch x86-MSI-X-guest-mask.patch- Replace 5124efbe-add-qxl-support.patch with the variant that finally made it upstream, 554cc211-libxl-add-qxl.patch- bsc#931627 - VUL-0: CVE-2015-4105: XSA-130: xen: Guest triggerable qemu MSI-X pass-through error messages qemu-MSI-X-latch-writes.patch - bsc#907514 - Bus fatal error & sles12 sudden reboot has been observed - bsc#910258 - SLES12 Xen host crashes with FATAL NMI after shutdown of guest with VT-d NIC - bsc#918984 - Bus fatal error & sles11-SP4 sudden reboot has been observed - bsc#923967 - Partner-L3: Bus fatal error & sles11-SP3 sudden reboot has been observed x86-MSI-X-teardown.patch x86-MSI-X-enable.patch x86-MSI-X-guest-mask.patch x86-MSI-X-maskall.patch qemu-MSI-X-enable-maskall.patch - Upstream patches from Jan 55780aaa-efi-avoid-calling-boot-services-after-ExitBootServices.patch 55780aff-x86-EFI-fix-EFI_MEMORY_WP-handling.patch 55780b43-EFI-early-add-mapbs-to-map-EfiBootServices-Code-Data.patch 55780b97-EFI-support-default-attributes-to-map-Runtime-service-areas.patch 55780be1-x86-EFI-adjust-EFI_MEMORY_WP-handling-for-spec-version-2.5.patch 55103616-vm-assist-prepare-for-discontiguous-used-bit-numbers.patch 5548e95d-x86-allow-to-suppress-M2P-user-mode-exposure.patch - Dropped the following patches now contained in the tarball xen-no-array-bounds.patch CVE-2015-4103-xsa128.patch CVE-2015-4104-xsa129.patch CVE-2015-4105-xsa130.patch CVE-2015-4106-xsa131-1.patch CVE-2015-4106-xsa131-2.patch CVE-2015-4106-xsa131-3.patch CVE-2015-4106-xsa131-4.patch CVE-2015-4106-xsa131-5.patch CVE-2015-4106-xsa131-6.patch CVE-2015-4106-xsa131-7.patch CVE-2015-4106-xsa131-8.patch- Update to Xen 4.5.1 RC2 - bsc#931628 - VUL-0: CVE-2015-4106: XSA-131: xen: Unmediated PCI register access in qemu CVE-2015-4106-xsa131-1.patch CVE-2015-4106-xsa131-2.patch CVE-2015-4106-xsa131-3.patch CVE-2015-4106-xsa131-4.patch CVE-2015-4106-xsa131-5.patch CVE-2015-4106-xsa131-6.patch CVE-2015-4106-xsa131-7.patch CVE-2015-4106-xsa131-8.patch CVE-2015-4106-xsa131-9.patch - bsc#931627 - VUL-0: CVE-2015-4105: XSA-130: xen: Guest triggerable qemu MSI-X pass-through error messages CVE-2015-4105-xsa130.patch - bsc#931626 - VUL-0: CVE-2015-4104: XSA-129: xen: PCI MSI mask bits inadvertently exposed to guests CVE-2015-4104-xsa129.patch - bsc#931625 - VUL-0: CVE-2015-4103: XSA-128: xen: Potential unintended writes to host MSI message data field via qemu CVE-2015-4103-xsa128.patch - Upstream patches from Jan 5548e903-domctl-don-t-truncate-XEN_DOMCTL_max_mem-requests.patch 556c2cf2-x86-don-t-crash-mapping-a-page-using-EFI-rt-page-tables.patch 556d9718-efi-fix-allocation-problems-if-ExitBootServices-fails.patch 556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch 556eabf7-x86-apic-Disable-the-LAPIC-later-in-smp_send_stop.patch 556eac15-x86-crash-don-t-use-set_fixmap-in-the-crash-path.patch- Add DefaultDependencies=no to xen-dom0-modules.service because it has to run before proc-xen.mount- Update to Xen 4.5.1 RC1- Update blktap-no-uninit.patch to work with gcc-4.5- bsc#927967 - VUL-0: CVE-2015-3340: xen: Information leak through XEN_DOMCTL_gettscinfo (XSA-132) 5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch- bnc#929339 - VUL-0: CVE-2015-3456: qemu kvm xen: VENOM qemu floppy driver host code execution CVE-2015-3456-xsa133-qemuu.patch CVE-2015-3456-xsa133-qemut.patch- bsc#928783 - Reboot failure; Request backport of upstream Xen patch to 4.5.0, or update pkgs to 4.5.1 5513b458-allow-reboot-overrides-when-running-under-EFI.patch 5513b4d1-dont-apply-reboot-quirks-if-reboot-set-by-user.patch- bnc#927750 - Avoid errors reported by system-modules-load.service- Add xen-no-array-bounds.patch and blktap-no-uninit.patch to selectively turn errors back to warnings to fix build with GCC 5. - Amend xen.stubdom.newlib.patch to pull in declaration of strcmp to avoid implicit-fortify-decl rpmlint error. - Fix quoting of __SMBIOS_DATE__ in xen.build-compare.smbiosdate.patch.- xentop: Fix memory leak on read failure 551ac326-xentop-add-support-for-qdisk.patch- Dropped xentop-add-support-for-qdisk.patch in favor of upstream version 551ac326-xentop-add-support-for-qdisk.patch- Enable spice support in qemu for x86_64 5124efbe-add-qxl-support.patch qemu-xen-enable-spice-support.patch- Add xen-c99-fix.patch to remove pointless inline specifier on function declarations which break build with a C99 compiler which GCC 5 is by default. (bsc#921994) - Add ipxe-no-error-logical-not-parentheses.patch to supply - Wno-logical-not-parentheses to the ipxe build to fix breakage with GCC 5. (bsc#921994)- bnc#921842 - Xentop doesn't display disk statistics for VMs using qdisks xentop-add-support-for-qdisk.patch- Disable the PIE enablement done for Factory, as the XEN code is not buildable with PIE and it does not make much sense to build the hypervisor code with it.- bnc#918169 - XEN fixes required to work with Kernel 3.19.0 xen.spec- Package xen.changes because its referenced in xen.spec- Update seabios to rel-1.7.5 which is the correct version for Xen 4.5- Update to Xen 4.5.0 FCS- Include systemd presets in 13.2 and older- bnc#897352 - Enable xencommons/xendomains only during fresh install - disable restart on upgrade because the toolstack is not restartable- adjust seabios, vgabios, stubdom and hvmloader build to reduce build-compare noise xen.build-compare.mini-os.patch xen.build-compare.smbiosdate.patch xen.build-compare.ipxe.patch xen.build-compare.vgabios.patch xen.build-compare.seabios.patch xen.build-compare.man.patch- Update to Xen 4.5.0 RC4- Remove xend specific if-up scripts Recording bridge slaves is a generic task which should be handled by generic network code- Use systemd features from upstream requires updated systemd-presets-branding package- Update to Xen 4.5.0 RC3- Set GIT, WGET and FTP to /bin/false- Use new configure features instead of make variables xen.stubdom.newlib.patch- adjust docs and xen build to reduce build-compare noise xen.build-compare.doc_html.patch xen.build-compare.xen_compile_h.patch- Drop trailing B_CNT from XEN_EXTRAVERSION to reduce build-compare noise- Update to Xen 4.5.0 RC2- Update to Xen 4.5.0 RC1 xen-4.5.0-testing-src.tar.bz2 - Remove all patches now contained in the new tarball xen-4.4.1-testing-src.tar.bz2 5315a3bb-x86-don-t-propagate-acpi_skip_timer_override-do-Dom0.patch 5315a43a-x86-ACPI-also-print-address-space-for-PM1x-fields.patch 53299d8f-xenconsole-reset-tty-on-failure.patch 53299d8f-xenconsole-tolerate-tty-errors.patch 5346a7a0-x86-AMD-support-further-feature-masking-MSRs.patch 53563ea4-x86-MSI-drop-workaround-for-insecure-Dom0-kernels.patch 537c9c77-libxc-check-return-values-on-mmap-and-madvise.patch 537cd0b0-hvmloader-also-cover-PCI-MMIO-ranges-above-4G-with-UC-MTRR-ranges.patch 537cd0cc-hvmloader-PA-range-0xfc000000-0xffffffff-should-be-UC.patch 539ebe62-x86-EFI-improve-boot-time-diagnostics.patch 53aac342-x86-HVM-consolidate-and-sanitize-CR4-guest-reserved-bit-determination.patch 53c9151b-Fix-xl-vncviewer-accesses-port-0-by-any-invalid-domid.patch 53d124e7-fix-list_domain_details-check-config-data-length-0.patch 53dba447-x86-ACPI-allow-CMOS-RTC-use-even-when-ACPI-says-there-is-none.patch 53df727b-x86-HVM-extend-LAPIC-shortcuts-around-P2M-lookups.patch 53e8be5f-x86-vHPET-use-rwlock-instead-of-simple-one.patch 53f737b1-VMX-fix-DebugCtl-MSR-clearing.patch 53f7386d-x86-irq-process-softirqs-in-irq-keyhandlers.patch 53fcebab-xen-pass-kernel-initrd-to-qemu.patch 53ff3659-x86-consolidate-boolean-inputs-in-hvm-and-p2m.patch 53ff36ae-x86-hvm-treat-non-insn-fetch-NPF-also-as-read-violations.patch 53ff36d5-x86-mem_event-deliver-gla-fault-EPT-violation-information.patch 53ff3716-x86-ats-Disable-Address-Translation-Services-by-default.patch 53ff3899-x86-NMI-allow-processing-unknown-NMIs-with-watchdog.patch 54005472-EPT-utilize-GLA-GPA-translation-known-for-certain-faults.patch 540effe6-evtchn-check-control-block-exists-when-using-FIFO-based-events.patch 540f2624-x86-idle-add-barriers-to-CLFLUSH-workaround.patch 541825dc-VMX-don-t-leave-x2APIC-MSR-intercepts-disabled.patch 541ad385-x86-suppress-event-check-IPI-to-MWAITing-CPUs.patch 541ad3ca-x86-HVM-batch-vCPU-wakeups.patch 541ad81a-VT-d-suppress-UR-signaling-for-further-desktop-chipsets.patch 54216833-x86-shadow-fix-race-when-sampling-dirty-vram-state.patch 54216882-x86-emulate-check-cpl-for-all-privileged-instructions.patch 542168ae-x86emul-only-emulate-swint-injection-for-real-mode.patch 54228a37-x86-EFI-fix-freeing-of-uninitialized-pointer.patch 5423e61c-x86emul-fix-SYSCALL-SYSENTER-SYSEXIT-emulation.patch 5424057f-x86-HVM-fix-miscellaneous-aspects-of-x2APIC-emulation.patch 542405b4-x86-HVM-fix-ID-handling-of-x2APIC-emulation.patch 542bf997-x86-HVM-properly-bound-x2APIC-MSR-range.patch 54325cc0-x86-MSI-fix-MSI-X-case-of-freeing-IRQ.patch 54325d2f-x86-restore-reserving-of-IO-APIC-pages-in-XENMEM_machine_memory_map-output.patch 54325d95-don-t-allow-Dom0-access-to-IOMMUs-MMIO-pages.patch 54325ecc-AMD-guest_iommu-properly-disable-guest-iommu-support.patch 54325f3c-x86-paging-make-log-dirty-operations-preemptible.patch 54379e6d-x86-vlapic-don-t-silently-accept-bad-vectors.patch CVE-2013-4540-qemu.patch qemu-support-xen-hvm-direct-kernel-boot.patch qemu-xen-upstream-blkif-discard.patch change-vnc-passwd.patch libxc-pass-errno-to-callers-of-xc_domain_save.patch libxl.honor-more-top-level-vfb-options.patch libxl.add-option-for-discard-support-to-xl-disk-conf.patch libxl.introduce-an-option-to-disable-the-non-O_DIRECT-workaround.patch x86-dom-print.patch x86-extra-trap-info.patch tmp_build.patch xl-check-for-libvirt-managed-domain.patch disable-wget-check.patch - Xend/xm is no longer supported and is not part of the upstream code. Remove all xend/xm specific patches, configs, and scripts xen-xmexample.patch bridge-opensuse.patch xmexample.disks xmclone.sh init.xend xend-relocation.sh xend.service xend-relocation-server.fw domUloader.py xmexample.domUloader xmexample.disks bridge-vlan.patch bridge-bonding.patch bridge-record-creation.patch network-nat-open-SuSEfirewall2-FORWARD.patch xend-set-migration-constraints-from-cmdline.patch xen.migrate.tools-xend_move_assert_to_exception_block.patch xend-pvscsi-recognize-also-SCSI-CDROM-devices.patch xend-config.patch xend-max-free-mem.patch xend-hvm-default-pae.patch xend-vif-route-ifup.patch xend-xenapi-console-protocol.patch xend-core-dump-loc.patch xend-xen-api-auth.patch xend-checkpoint-rename.patch xend-xm-save-check-file.patch xend-xm-create-xflag.patch xend-domu-usb-controller.patch xend-devid-or-name.patch xend-migration-domname-fix.patch xend-del_usb_xend_entry.patch xend-xen-domUloader.patch xend-multi-xvdp.patch xend-check_device_status.patch xend-change_home_server.patch xend-minimum-restart-time.patch xend-disable-internal-logrotate.patch xend-config-enable-dump-comment.patch xend-tools-watchdog-support.patch xend-console-port-restore.patch xend-vcpu-affinity-fix.patch xend-migration-bridge-check.patch xend-managed-pci-device.patch xend-hvm-firmware-passthrough.patch xend-cpuinfo-model-name.patch xend-xm-reboot-fix.patch xend-domain-lock.patch xend-domain-lock-sfex.patch xend-32on64-extra-mem.patch xend-hv_extid_compatibility.patch xend-xenpaging.autostart.patch xend-remove-xm-deprecation-warning.patch libxen_permissive.patch tmp-initscript-modprobe.patch init.xendomains xendomains.service xen-watchdog.service xen-updown.sh- bnc#901317 - L3: increase limit domUloader to 32MB domUloader.py- bnc#898772 - SLES 12 RC3 - XEN Host crashes when assigning non-VF device (SR-IOV) to guest 54325cc0-x86-MSI-fix-MSI-X-case-of-freeing-IRQ.patch - bnc#882089 - Windows 2012 R2 fails to boot up with greater than 60 vcpus 54325ecc-AMD-guest_iommu-properly-disable-guest-iommu-support.patch - bnc#826717 - VUL-0: CVE-2013-3495: XSA-59: xen: Intel VT-d Interrupt Remapping engines can be evaded by native NMI interrupts 541ad81a-VT-d-suppress-UR-signaling-for-further-desktop-chipsets.patch - Upstream patches from Jan 540effe6-evtchn-check-control-block-exists-when-using-FIFO-based-events.patch (Replaces xsa107.patch) 54216833-x86-shadow-fix-race-when-sampling-dirty-vram-state.patch (Replaces xsa104.patch) 54216882-x86-emulate-check-cpl-for-all-privileged-instructions.patch (Replaces xsa105.patch) 542168ae-x86emul-only-emulate-swint-injection-for-real-mode.patch (Replaces xsa106.patch) 54228a37-x86-EFI-fix-freeing-of-uninitialized-pointer.patch 5423e61c-x86emul-fix-SYSCALL-SYSENTER-SYSEXIT-emulation.patch 5424057f-x86-HVM-fix-miscellaneous-aspects-of-x2APIC-emulation.patch 542405b4-x86-HVM-fix-ID-handling-of-x2APIC-emulation.patch 542bf997-x86-HVM-properly-bound-x2APIC-MSR-range.patch (Replaces xsa108.patch) 54325d2f-x86-restore-reserving-of-IO-APIC-pages-in-XENMEM_machine_memory_map-output.patch 54325d95-don-t-allow-Dom0-access-to-IOMMUs-MMIO-pages.patch 54325f3c-x86-paging-make-log-dirty-operations-preemptible.patch (Replaces xsa97.patch) 54379e6d-x86-vlapic-don-t-silently-accept-bad-vectors.patchlamb12 1617726452  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcd08c04e688cac8370b06c146ef67a02401567ab5314b93a9b10bc5b8e4b3660129dd10a663a1eca1118e483eae9321c3053e198d1920c3fc5aa9dde591de51d52b6a3524569d6cdc94f6792ff9b06ed8c27ffe6c4039f1e78911435e3f32d0c45a80521462c56bcea3cb416a09c4139decbb082366414d1cb441204753151760acc70c6697ca63a45935a25c949df8cfea50d5ddabb9c71418f9b96ddf156b7625637620bdb5a12dbec4d5c9f5fab3953fe36eb405a186d5b70b6da7d6e0a562bb4c91cec874c3d8565a8d1c2fbc8f5102561e402c56fe962d44eae376deaa3e38d0af145753e9ed10514c077fc89c75878a8eefbaef6fb2480772ac2e538eba2ef80266b797b47f66e392f738cab4d198bec01ca5bb2fd588ade55786b9f5a9fac549b529eb7d415df522048965f2c0eabbf84221d2495aa5a367964c515e2829c252d679b0f0d813c3dc7c776c3a55784029f74b2491b5111bdf76eb28424c59cc869718f98d3bab763a36b439ffb3929bd5c04a05d1c1697e1f24fc03c00080318aa80d4db699f95a7428b399428e0cde59783662c91060c0d27adc1adc605aee6c700f1739c71322be0cf5f470330e67b866b6a3ec8394.13.2_08-lp152.2.24.14.13.2_08-lp152.2.24.1      !"debug.build-id08c04e688cac8370b06c146ef67a02401567ab53c04e688cac8370b06c146ef67a02401567ab53.debug14b93a9b10bc5b8e4b3660129dd10a663a1eca11b93a9b10bc5b8e4b3660129dd10a663a1eca11.debug18e483eae9321c3053e198d1920c3fc5aa9dde59e483eae9321c3053e198d1920c3fc5aa9dde59.debug1de51d52b6a3524569d6cdc94f6792ff9b06ed8ce51d52b6a3524569d6cdc94f6792ff9b06ed8c.debug27ffe6c4039f1e78911435e3f32d0c45a8052146ffe6c4039f1e78911435e3f32d0c45a8052146.debug2c56bcea3cb416a09c4139decbb082366414d1cb56bcea3cb416a09c4139decbb082366414d1cb.debug441204753151760acc70c6697ca63a45935a25c91204753151760acc70c6697ca63a45935a25c9.debug49df8cfea50d5ddabb9c71418f9b96ddf156b762df8cfea50d5ddabb9c71418f9b96ddf156b762.debug5637620bdb5a12dbec4d5c9f5fab3953fe36eb4037620bdb5a12dbec4d5c9f5fab3953fe36eb40.debug5a186d5b70b6da7d6e0a562bb4c91cec874c3d85186d5b70b6da7d6e0a562bb4c91cec874c3d85.debug65a8d1c2fbc8f5102561e402c56fe962d44eae37a8d1c2fbc8f5102561e402c56fe962d44eae37.debug6deaa3e38d0af145753e9ed10514c077fc89c758eaa3e38d0af145753e9ed10514c077fc89c758.debug78a8eefbaef6fb2480772ac2e538eba2ef80266ba8eefbaef6fb2480772ac2e538eba2ef80266b.debug797b47f66e392f738cab4d198bec01ca5bb2fd587b47f66e392f738cab4d198bec01ca5bb2fd58.debug8ade55786b9f5a9fac549b529eb7d415df522048de55786b9f5a9fac549b529eb7d415df522048.debug965f2c0eabbf84221d2495aa5a367964c515e2825f2c0eabbf84221d2495aa5a367964c515e282.debug9c252d679b0f0d813c3dc7c776c3a55784029f74252d679b0f0d813c3dc7c776c3a55784029f74.debugb2491b5111bdf76eb28424c59cc869718f98d3ba491b5111bdf76eb28424c59cc869718f98d3ba.debugb763a36b439ffb3929bd5c04a05d1c1697e1f24f63a36b439ffb3929bd5c04a05d1c1697e1f24f.debugc03c00080318aa80d4db699f95a7428b399428e03c00080318aa80d4db699f95a7428b399428e0.debugcde59783662c91060c0d27adc1adc605aee6c700e59783662c91060c0d27adc1adc605aee6c700.debugf1739c71322be0cf5f470330e67b866b6a3ec839739c71322be0cf5f470330e67b866b6a3ec839.debugusrlib64libxencall.so.1.2-4.13.2_08-lp152.2.24.1.x86_64.debuglibxenctrl.so.4.13.0-4.13.2_08-lp152.2.24.1.x86_64.debuglibxendevicemodel.so.1.3-4.13.2_08-lp152.2.24.1.x86_64.debuglibxenevtchn.so.1.1-4.13.2_08-lp152.2.24.1.x86_64.debuglibxenforeignmemory.so.1.3-4.13.2_08-lp152.2.24.1.x86_64.debuglibxenfsimage.so.4.13.0-4.13.2_08-lp152.2.24.1.x86_64.debuglibxengnttab.so.1.2-4.13.2_08-lp152.2.24.1.x86_64.debuglibxenguest.so.4.13.0-4.13.2_08-lp152.2.24.1.x86_64.debuglibxenlight.so.4.13.0-4.13.2_08-lp152.2.24.1.x86_64.debuglibxenstat.so.4.13.0-4.13.2_08-lp152.2.24.1.x86_64.debuglibxenstore.so.3.0.3-4.13.2_08-lp152.2.24.1.x86_64.debuglibxentoolcore.so.1.0-4.13.2_08-lp152.2.24.1.x86_64.debuglibxentoollog.so.1.0-4.13.2_08-lp152.2.24.1.x86_64.debuglibxenvchan.so.4.13.0-4.13.2_08-lp152.2.24.1.x86_64.debuglibxlutil.so.4.13.0-4.13.2_08-lp152.2.24.1.x86_64.debugxenfsimageext2fsfsimage.so-4.13.2_08-lp152.2.24.1.x86_64.debugfatfsimage.so-4.13.2_08-lp152.2.24.1.x86_64.debugiso9660fsimage.so-4.13.2_08-lp152.2.24.1.x86_64.debugreiserfsfsimage.so-4.13.2_08-lp152.2.24.1.x86_64.debugufsfsimage.so-4.13.2_08-lp152.2.24.1.x86_64.debugxfsfsimage.so-4.13.2_08-lp152.2.24.1.x86_64.debugzfsfsimage.so-4.13.2_08-lp152.2.24.1.x86_64.debug/usr/lib//usr/lib/debug//usr/lib/debug/.build-id//usr/lib/debug/.build-id/08//usr/lib/debug/.build-id/14//usr/lib/debug/.build-id/18//usr/lib/debug/.build-id/1d//usr/lib/debug/.build-id/27//usr/lib/debug/.build-id/2c//usr/lib/debug/.build-id/44//usr/lib/debug/.build-id/49//usr/lib/debug/.build-id/56//usr/lib/debug/.build-id/5a//usr/lib/debug/.build-id/65//usr/lib/debug/.build-id/6d//usr/lib/debug/.build-id/78//usr/lib/debug/.build-id/79//usr/lib/debug/.build-id/8a//usr/lib/debug/.build-id/96//usr/lib/debug/.build-id/9c//usr/lib/debug/.build-id/b2//usr/lib/debug/.build-id/b7//usr/lib/debug/.build-id/c0//usr/lib/debug/.build-id/cd//usr/lib/debug/.build-id/f1//usr/lib/debug/usr//usr/lib/debug/usr/lib64//usr/lib/debug/usr/lib64/xenfsimage//usr/lib/debug/usr/lib64/xenfsimage/ext2fs//usr/lib/debug/usr/lib64/xenfsimage/fat//usr/lib/debug/usr/lib64/xenfsimage/iso9660//usr/lib/debug/usr/lib64/xenfsimage/reiserfs//usr/lib/debug/usr/lib64/xenfsimage/ufs//usr/lib/debug/usr/lib64/xenfsimage/xfs//usr/lib/debug/usr/lib64/xenfsimage/zfs/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:16038/openSUSE_Leap_15.2_Update/1e32c375ce78eda5d4d86aee09c866f8-xen.openSUSE_Leap_15.2_Updatecpioxz5x86_64-suse-linux directoryELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=5637620bdb5a12dbec4d5c9f5fab3953fe36eb40, with debug_info, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=441204753151760acc70c6697ca63a45935a25c9, with debug_info, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=6deaa3e38d0af145753e9ed10514c077fc89c758, with debug_info, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=08c04e688cac8370b06c146ef67a02401567ab53, with debug_info, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=f1739c71322be0cf5f470330e67b866b6a3ec839, with debug_info, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=5a186d5b70b6da7d6e0a562bb4c91cec874c3d85, with debug_info, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=cde59783662c91060c0d27adc1adc605aee6c700, with debug_info, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=18e483eae9321c3053e198d1920c3fc5aa9dde59, with debug_info, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=965f2c0eabbf84221d2495aa5a367964c515e282, with debug_info, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=1de51d52b6a3524569d6cdc94f6792ff9b06ed8c, with debug_info, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=b2491b5111bdf76eb28424c59cc869718f98d3ba, with debug_info, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=797b47f66e392f738cab4d198bec01ca5bb2fd58, with debug_info, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=8ade55786b9f5a9fac549b529eb7d415df522048, with debug_info, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=78a8eefbaef6fb2480772ac2e538eba2ef80266b, with debug_info, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=b763a36b439ffb3929bd5c04a05d1c1697e1f24f, with debug_info, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=c03c00080318aa80d4db699f95a7428b399428e0, with debug_info, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=2c56bcea3cb416a09c4139decbb082366414d1cb, with debug_info, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=9c252d679b0f0d813c3dc7c776c3a55784029f74, with debug_info, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=27ffe6c4039f1e78911435e3f32d0c45a8052146, with debug_info, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=14b93a9b10bc5b8e4b3660129dd10a663a1eca11, with debug_info, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=65a8d1c2fbc8f5102561e402c56fe962d44eae37, with debug_info, not strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=49df8cfea50d5ddabb9c71418f9b96ddf156b762, with debug_info, not stripped PPPPPPPPPP P P P P PPPPPPPPeᖴHrlxen-debugsource(x86-64)4.13.2_08-lp152.2.24.1utf-8c5eeca95232d3b23858d0d50402662d1a21672ccf211a6b8a3b3899bf244b2ff?7zXZ !t/] crt:bLL 䣓ӘFRRg'6="hGˤKiV-&;_g<$>^NSth}V쿃 f 4@][!c)K I\Iۅkj:zFp[P9rQ)tPVa2~ W"z(ҼYi&9o+Z=;+zo\{ʜ^gT;R%fffNWtV4Un_ - n'aCx0<鬺Έ9oT}}р}ޝc YEpl֨ɸ w Yz(8A -yDnI@쥮+H2m`r6" Q&V!Yؤ@jh9`ߨxsܧ+ &*doo p=x0cjOrlj4zW?Kc, GBzp-/:GG_3(t(39ջWųw _MYiɐ:skcU@0Q=?XH+iT}2`ݸ7`WP.$)>.xސt~7w*~_QˁXɕi  K vt92ZT'"< % C:@KmoOUkghO.~ lݒ~VB[J*{F^Gl(`}X76 mh̳in  2R n]c]̭]RF6"j*(.8i`N 2|=:8kZw`Y c$T)e uINsQ +%vWig6" @ tQ7~?$e \4 *;n+N`iaLX9G]L( վTϖx6 7f1eޛ%6т,a];DȤ f)0^mߔReM LwI;B_z`>N}"9anm:/MΉ<&u tb"}*޻drq]{*L֥MbKzhˉtUG>{Xr$V"SxkGS-GʼnK%G#Krq`QF@xf'e84NxƗ;tn Ym~ W8(<&yLmA2"jXJe~y$Jr!]U]6l@u|KB?ܚNlSC0PXzuSH :+Ϊ3p:>V%VcCA̻uۈk72jEɾe3pfjÆW9wM- [zCNɘwK!G2,*R}a;s̮~]jE&qFt*\y*Fuq>ٓtMG ץc"С mZ)紴Q(@J+ϪEkp*pw!SeW\ ye P2q:\0IW[TZTS$*b{f+,Zy/G!pϰcTȴq wƊ2XGzE04S0sC džMGT z1Vz3(5QjvϓeprnŇPw+\+:3 3ϣ(Yo)vnp@,6$LIJ g/\NҜ;Scf C]x-#EAuXd]syŸ),SBr=W2P*}5HCV8 f/Q"y!~?ȣPjadVlDQr#ִP"KDN$ RjV f.iX|nɒ! .˼pIӂT{lpӺ^c$Y0ruvz+~mY[7y這ocHD#`6n&cMK)]lX ?,K{>Vbq~B@JyM+R"z=ֻ5j1w"UQ]vC,f)@Xzb׈YK#p|1?CYt܍Fz@ 6uc?\"zmęu,vR2;nXhƘfH܍9ɭ1X"/;z;ʄ77`]տ'1&yNk)#5ܺuaOQDp4y"&|_D+Xas"=>Zp|A&I6 xU}f 0 m<|#I4V% %~5٧Y\ DcƋIݚʪ"NTP8Е t Er4qGp -9dZ" Cza6aM8FUI|Е;]| Ѻ9h 9Z=q֑6 TQ^HFt \R $<@0<s23cy4,=0]hMtPL, yZ\D ڛS2䤜_-RuAjd ^b@F X`Z@o gۡ,1UCq1L * };`8ȵv0 s~(\33FZ4F+`!gpq'lw/^sgpg~iXīzP+ t!WyNh(]ZqzGI .h[o߳P%S:nY)/}̩ӢK#5M߰6+g8XrY;ؿÌɅVsEɦsl9G,fK˨:фVWL-U`. I- C?j:Rs4y#*OxEf@ 'lM䷶Ӟ.LNonIrOX՝0fB25>nR=qh&kB@F(8SdY]DY YwGs! n3^4ēp@A}9 }Ⱥ_P pd&tU0JqVQUa͡?DL:GƂ<=krcƽ9"y"7r=#q:D,OK8_#ISc6zL9k6RIJ E\o3tdʎ->% 1ɘ:鬛,Cap SIfj])o?Ԗ0tHYtBUJ.aBŒN#MUհyM6g/ܼ8e^xU*Fy+ _+s .;dڱ1V&*))ľ/b;تj#^/VTDC=HcUjܦ %YQrB~DR؈Lez т۠aaa$if پ4!* cje-ѽF^HjCv! +ɩ<]92m ݬ[fQ003?#i$U>H)bdѮ83,P2$ZR8o@pڟA>lȕ !1S ^~)10)Q XJ.c(VZ$8,B6ZA MXX pcܸL)篷Fz+i {`5<H,HWqHxϳUApת1}5Z cQ\ߙ8dg^<ȾvM׶@KL}#Sd&Ѷ ц qpkȊWPO̻/oߌ,u쎲DW-|w *_Wu ?P2SY}(,ٔWRZgO.BmFcI[ag`ثipVf,>NRw>qLbU`/J*ord :υ'װ ϲ$A \LYAj:iP^I Q&W;P^$ɛ6X"}ܦ%dԤ!bA'}Q7UKAX*l]ʌg>kyXI|zc u8OYY6^-|дQŐĀ1˜Wa`-闳R5iJϱFfΡ\j7͈1!0}u T ^f1~BOMy<YWW|O=}ho;j+p㹘/]o8DzM'A_`ڥ2VFW>S_r=!.hwHa+c{LY:CR)i F +l%8ހ: Ն 驇џv"IX(G1Ыp]C f ۧ)5<M;{ʽDQ(T,8>}80`ObWr vϜ63AC2DP ʢQ}m+Ұ~I=CQ|0ۋè`-]IQ?&㢢ص> Ao8"6uxm^{Aߺ6D쨡&srt\8~iR=y#ZK2öW)VSEl$0p)/FEr Nfjh1݈͓j]:|薺dR|%Mk֮bgk7ԗ}tPp*weE`A&YV⬉ϟÐۯVn|B8d̚)M2>C ͿFIP# YM>Qz"UVbR1@ clB_RJϠvn4[ 3%NB)|M5~x Ek[# ĺT9N~LN&\lbfgWH]hz,(lƣ`< "صU:i{CZN8 RxKVF2=~U?d~$p&rF^x 1vXIۂ pTkf @hN@pKه| \U4#$x;Eo3`ѠFN@m]FS)Ti˖EC .tW  Ul1V|pV36' ɮgs^;ܥ6O^GTK#i5uM>g3vΠwJfS<i[Ma*9cԇ0Q͈p,OF8zgfPaݜPtA }}_>=~JG=: ~!4?IEˀ^唫JD ?š'3?`PƲ h\s^|g-jؒ)RGۚ tm^o&<M W<Yy.K~i[u_S=r8+ϝW V[$=p-PMmTtblkw4eih% L-̊jV,W,]h lj/Jtd{N6Pnefl܄Rucy$sk ;v=N ե >.@`8H]ל@^LXhowU.aN ޒ=aۉ6vfD W݌c0em AjF5ɯd(LfĺXKN!QRZɏTݠn;$mO8ҳ6P ff@!pbS)+ :n|rZbZ3v~M Nc0;ª 8NxM /qT'h(Ȫ# OQ&'KK1njj/pc-C" S= Fi88\~FCM `L<ѨX~u,OHz9H`Vx(G0!e3C*.wEqٯFhOY'eXy8B9AuѨ 멨:tn* |#wp5%kl=ݸDVRoAEOgg%ga[O9y*RR<CmF #YrcV^H 1HI"ߤN:ʺ/D ҧ_i)@# 'Oh "-PCS9HI1}6hpkY <.dh6OCsor`A2/+BpnSySz{]=LRn\e~S*(~9-N8c_!H"q<"ƍ584W+[PY 8`∇uPb&e Od{A݅;mS!H4AuH~U5ĨiE3I&Ȝ޶l[}cB-|[.#lfH'4_3,}߸S #<1 "PʶhtFs!kߺ57_*m+1$blI]ϑ Nq~ NBd&.M 1t-DЙ ʰ'\AP7'e}k޿y֫KW&&}Po2$daQQߚD!%[cHJCvѐc WU$EJ IP P w;Y?9L!,SKfX٩<xdS35?KeĒizp,QD^+{P01$fqv_!W@:۝Hg$H`ANOZ/R*c^ #!OVG[xΏ Fƥ\.[tYGLٮq[qinmd$jU@_=Y{5;3tcޚ%9ӹa1Qc*{TmC E*Qp¦{8Weȕ XYatDbabYDuHOe u`T D]?`$R:0VCڌL潉Vȴ2¡,PFO&yK^(1jS6hu,XP8 jh?% eg:&C$6律rVާ,5G#܊F0l^eGwb~P+dhO/J ϣMʹ~Zg^eyxV b.?J>7{@)  ]\6&GdҪ{;QTȇيYvl'žͻ5-P'k+w7QBR,FF>HP˄}h͹Q%63t*Iʲj,79t`tM4'-(Q).n1v %橚epwe5/!\J4b5(W8F< 9 Pb7xsŧBtc53gqhNYQ@Gm3Ldn9:@^04})GL{mkI1^7`_eܿW5^-D5mM&F&-LPP{M]ű5+O6iЏo=Ck$ 6z¦& b{湒d(,z;R!\2{2=S6ӬYza${m-p~|V =,;6\߅ôCAXJW ↖ڽ)8etKrWWLgOꦒJֲV 8D $KoaH}ϼ_Ґ+h .[kb3W-=x3b">r5:ZE6:KL! ) GI3ֹmS)L}|$yzŦ|t?rS6vLݩy$!ilFіѨ@`ui-@.KP&/]?7@5[q$.@䡅9f$@+s)yٷP,Px 1|HѴ'Sv n=Uf¤k(xU]Fj݆&jxf-z|(Ng0z5 SKNYߚH<_=߿ ޘσǧ5*w̒_6cc׶c=+Qqe,T\7ϸbԙX \xjz\T[gSOgGi|L7\> cL.(Bi_GNCc,+K&`D2BX@"J(a6rI;ݼR|w0-o e(>it:K"+R9qR7$ wXF-°xqvS<ׁ̢M>rs~n,mKK]]:uqvOj(E9i;MG)Ӿڛ;J&rH\z&MDk<OB@a+$`Qi˃zTd8:#AZ'~l J0!8Y2]M@ZLm,>9-sJp0ͤ/Ut^},Bs1X[S_iAЄL!C'3]G7 Q&ZJ'A`!(Eݡ-&˜e\ӻrr4ADS ?j1N_nkhA,YĔx5We9_NEa9߫#U#9dlű JIxF>{ݎdO} 4܇L x`6'TwI=M7 `z$T+S]2D Ox:Ϩtf`)^=[Pכcm8l ;1bKC #!w 77 2.yi]O_9u|M!Bh6'wgu::oggiP]"%LX,>e{  rxZ vae˥E~",w0k|@XDEBe'o]nH>j0H{Zg2|_>mTځzێ@$Ⱥp?F𕐒HjONr59IwS*YBL˯oM_Sjݴwnu /1zW䁔aΞWw\94sN<އ9M눫Bz CܷZ |/n[eֵ>9K#K%#HÒ:# [?12 7カ:lȔʔ;쨛qԯځ3o옦r0e'˓C7Q0_E !߳cn+3o3Ws'? 1!] ̴A&^CS򭪭x̓eȉS//DJ@}E;?F\X洑s'.h|̳oWES 9#ɛ W7)ɣ:GkQ`ؗxBsUV$8DOiˈ-j~3XM6_o*S <<ܖc =Cm&btV+tMY"[.Y9k*: gErvI0ΌbV*~-bCKm>m0,NZ)˹QAs8h1DzWoY@&gOXXOfF5h.:>b bkEN, 5.`qM9rک05"sa$dBJIf aDD$Xd7`QFGH>fIҹj9paMru}iV]m䗟y v rSE쯥FO9+ScQh*9M|>8[➾1Z˛&V250VZȐMg)ЕqsMƓ$|ڍZg`uDh߿*h`tGIwY`iKʈ,3ҤSTc|Tq@¾&"/k*;jYV`՗?}8-qGfH~ BijnPv` f@>pt; ><ظMT' ه"I,"4ޗt,}yzwŶx LH"KE[\"=53E菺 )QV ]Zm%E'ct%wQS|yG|"v"B"37bfO֯ wj|кc჈QC P&2 ecs镴"Nwx]H9{n4vGzwQKZCYDғ1=b)Nw=ά\F dpT$v$ łʼnc:D$'qmWri1”N=]eYVΕ(2zAYUL k~nj0d}=h&i7:GTж״˩|B#ߑwΠzြ~'L9 E^2̿ !n<4rE}QS L7('auΰ{M;$dǚʉWУD$#H0Z 97+yBH2E ](S/=ckx3~ydaŸ!bLPܜB;n&g5Ѫ#[CeBorUjx&\ijP"ʩbo:/1CAi"`!1J ~7֬OTݠbߥc\s,[HHJ>|hf dW}D94PC#l?1$ u#G]{&"KrVԉ'F5l;3)i&Gf"Ϣ̃lS,[5 "&"kfQw٫c8^ A)y8_ÏX:Vq ž#zlŻNVa',JQ 4Msb8T/g[cY-szхBʄ]I9sX@AxB(ܱh 1z;=k̀"Fk/,eLE]t:E#P7pxMMyփ1tW(NV'1V-T ukJ0)GJMf Y`*&[JSN }sF 9%B[ϷАYyI{XUR5phG[.f KtʙQ B;T ='^9DAꂀBҿd_Y<`N{(K?fqUf<L29% *+LG͹=腆~M'&)D3v"DYyȢh-ksb.P5>a R2sd`,S@,Ԧr>)B0*NWa(KThI+]6Bl-`uV1\e3Zmd9]eN$3G[O'߹I j8+|Vae&㭏O,_lLmx4@N-I1?\Tv..2@`3ͭaYšO#$ky|hkȮ|ntP<>j}nIzވbJra5Oo}Y;? ur_S"ƟwK[(cɎIiP1Y&ռ`O׎8Oo:!t?om%鈚BF]@ll=v \"ACAޑU9ZgW+ɨ;w|´Nre}?9"{+ʆx24mk,yc:FNMUzu wjV?8O(ozSh0g{͉[ގ&)Z|AdY lfB׎>2%o0HC'/fǀM2d07EvcPuI&Τa~ nOu-"Y+i:3RĜt;F,m%_3 g-O̅sy4bѯK>@j83h/!M̩ xO"LE!fީ%w9}u;uϋGuM5ZNbv4䭅|ý#8IUlzݑpM@(\h*͘p/xW þ3MM khAr%TΨc%gﹹi :ߦi‰TiKX =a*VW?=+cax1Hߗ2Y%bMS@l~%$vf%|]0d/ݷb2eMUoˉ_\/a]U.QY`"=%͢ ZR#q࡫ۖ`[XMz%cT0ȇ@GBc6QEQhfo=V<7!<=GaEFt#} u'yj*oZcF4c yq[a1~־5ػdW/Sp Нd0 K.b%69[̠ W]cQP;٧-"r?$rUDK j\fIS |EH+eؑ׿jWwN~Ys]z\*rE4[t~=(&R7L趰-T?w40Lf$&Wup"]'m7HP7 [n0F>W:2NTTTɒ@ϲNRO{!ŸV|d3GP9U}5u;m/(MٽDI!p~A2-[xSD;I_#wxJ}`Z])=Un4 a]rHUj FC7Cց 9b)wWs$:IYMs̟ ٣0pS(%'xp(^m%>FA;H)"ߜj<<վPd!hK A8{y6\t--j:La꣸kB=>W¿3 ?hIcPS,;c EW=|zd>0!UND fr+a X>[t"!z}XF΄.DKChs?+ϓy|tnU 9P#^|* %Ec0ÃWT%@F9yO` ~>\gB>1`7fC.4{y&Z8eOG ܧ#%$*[tݧM-f=J%ٓD!pTG4)mƩL|%?]63hDFJ-.\h=L Cb-IK C2ġZE%0{6DXALlÀBΥcgDY.p4]v:”Lb G _$_fPSGϭ+>E9gM͖X^ހAmHUv(Xb4mÈS`ݣB^[&#w.LJzi09Ơ4=>$EF&)Zo+##zK5F/lcZq2CBm8ykC|_t_˒ҌG/ }»seHtX xdYV&L|lj b}8(#ouU|CIR 5 #zl1T%jn&ZIo{ q`*-on~UZ#cjAy27Ur,?"3o&L T.mȏԑoE a G0fe;U_D:6 NGY4ra|^:="8IZ]YtWm8OXrh`DO~G J8.6ʘl:?K,+~Ю-X|7b:yRQ>'x?S<"낶 ͻz2bTNog?9c]4=z}IsJݐqV WyÐs +W컑N@{ MgwnU"BxT%yD{eMwZx9Hq¯a@|faWT)ոzRLͳ/Za҆ˠ2p>DwHԐi-\[Lx^Ϡ]ᇅ1N_zN8US8YgK&?L+m$2oN}A%J謟dF>fl⟉->CŠ'kۊUR%f\6H[ф&}ǡ(n[M ~ Z,KtA:0;* Nuƣ|ɄK=輽Y4(&8WF]drp2zA_jӆeaЌ.VGR Mul 6$w.@H XxBa<%'ư<4Ic'JNge"l[8` Q[l׳}.9m{ Ã/٥7(uL|Q>!+^sV~ H/EeȐ$v_ciԵ'ԫ-(>1w]cZ ;XL\0~z΅Ig7_a1.ڏY"uMYU~^g@w(2wLc ^ {; UȂ&|\GHDf:@ձ̀G;KN!v1g4p ݡ\Df,=&b>k0' :hn ޺*X:0 nCM>'#m>~\A;xy=_0BWu^0Z}z}$ƛW-o #MyB 9AQzSQ|Pa~KqAlV[}0 CɟnLw(z`AԅU` ,E H-h%cL=ɺ|}Qdw؋MJ7YHZ ӊ6M⚗NL i/I!onˑ; Ggi yt;=R\ 0] l4̱cma hcY+>ws'H< 6BAs3ٲ͑'Qxn%^6rFN7S:VXDš#%7*/j2_I!d ,CW"n"&{gWˏ~.n1#EhUu͖>y& Hi [dRĭϟ>>ZF/W1(Ws,;.V*@+۰: "≎l' -߷G(=\X˖c!uwCcc#pui}ˎՋQM+Wf^D?hnz]:(1MaoaI,In&uU{0T{@M9\]sq;nsX(C.zս-AW7؜ `D1A ^/ay)#4B;si7  0G_)Qj@roi7.HP,v㈶7LPR8PTpGǤCDRKKF\aye^'+Q-05:;MMYr"UQzi[NT~jOj"*αK L7q>/|p ?#uk5h}q<!5yrWKX;,z5g)cj bkmfrېS?oª[) }hx%/ P0qSga!/RF#Zz-˝e 'np%N7ثޅ]x5DJCgkƬKb:]RJ(͌e720L ׈߼P}^L8Y_ {__g-ϓbn+lmic.3;+6rXXo =&a%5X#܂kՙMWt@@b NK6Ba҃s0G7ƛN&TuDڋxGL|lxF&0~ j' k 䮅=z-о}[u!ܕ=v^(8 <>0ϸ~Wk)-Yee? >37 5\Wi$zِˮ]a)9[jř8ȣX~JdV~h%;&G]@ )(3Ѡ-L]3OTfZnJZ\< 3>WsZVn4P:tDYՙx\Oъ([DX{) |/Z[{<,IYȝzOzIrFoNGO0w `db&+\o\佄 C}s=^ ^K/c0b>E@!/( ɾbp' kh kyw6L|qurdY"9Z$@÷}zMܓhMnaҵb&# Y>q0:<$m[1 :|3I=L=c625=E0r#{Ӛ 4}#.۾*iB (`n5*pPj_٫MfA1?C>&d&|BI([O ez]tǦ9([`xH󉭻Z6\ŷTbZH"Hqcd,HQm7o aFӄ[Gȹ3J]))GAudD!$N*BZ4IPJpͨ@Nu&dTmci/vj\mVֵj^>E\OAl9`[U_俤˕ ѥE Ɣ3ZXbJKdXZ-Mձ]wKK{n$[1['x(:79tZJAc2J^R5t'1͓4[*v|{@ wEcyIpɌXyS%zF45rtq0)~d΃R87H$ umnEMK0jDkF}?1jUN&+P|..P7SĒx`fe.V5{-tÿWuHcM)@/4tPsyc j5"V_?;ܝ0 m[<Ө %<'#"Lt Ս܂5b] :0M-wZz`_ o:z\ꊳ b^cӏ*ג57H޿T79wk9UCm) zdIʻ1  `U:=7̧eY<+5bq'ϳG=G w4#jT3~V%|=E< ' Ͱ(o(>e4Mmlz)ηщz*1kȗ8*J];tbvuS=9}{<1f)M ر8:ZjJolO/ح3JnHSJ86?; AԞpٚ+Y4BսgP>Ut)oB@\^I JJA2/OD=5 b14JP]ylgwgĬnh@*!5AO%^2 #cx%޶mQ{~KH1n0U b$St=2_M /m,p3: r1h , ,,~0IVDv{!Y#4SNgn7P}piu{/nu$ ;YcHf\m1}ۧ$'Z]|J_7[> $o@yNrUlR޴,M;(ˊf I.<{ۦTR;! !q0ob9C*^ES^,CtqH. ]{_$IRu-ʤ%b$Y$-)pyT#UXR{'b,䦢ulʡZ"kLYddCdEHo9{@X/QӮrx |!/@lֹZ$~jzKuxЅnz6F nsM/6/|* t?/툰a ш Z-Po鞮r~{* OyWt v94Cw/RT*Ѓ%X$+?oն+0;A?7 xQp]+f?)`*T`?(*pjݸ m?HY5@3ƛ1 򽪅vȯ&P; 'o?l GĞt4QwdN8L3/%rJ3iQl{i棁]h]J.j:4`=DE >;,1xUBH$ khT ֍tϑ"r'tct#2Υ*3~zh Eu|60K[ /:pYԍ';ʙ#L#C6$5Lej#L1)ePOg^gb-@"U<:u,rZ=-@GWƤ!0`4# ⵓNb_CL0voZqiJi5 (="TQ@H/> ϯ+=Q,J̞~!fXg*\~R4^pMn|`o(/a,[oiqd0_ʚ.ru$yjE9bV%Zh|(lH94P%w(`NpOfU krD2_IMtr`*K>K`En΂ 0m\!U]>ci vd-}4ʶp測 NI_ YIꓧZ%pH`dh6(ONCAmea9i+j8'&"F> #Ŝeq1"WVhv"j/ \w`Ҁ=ZdQvwXY҃S~VfXKKrqa^ R-\nat)r]5D({Mjf}7e0и 8]K]&Hyp36q3d7x/dt@wku k:h{5͙Cl I`W̏G7.~YGq9׊ǎ|Hv[:d1鐪iSӟzVT+dz_}O/KfLHHk_vΧϱiΤݝTU-+:%$B#0KotƘЬڄ@o@hSPi, FJ:!5\%-|@\/i[y``!h~XOS+W`C$DwX+2z!*ϦHg4x\WA$ÁGb*(kb,=Op69/u4@ B,̀APW]lĸu~aXk;AqU+s~ʔ߀Y_C[=NM9fqoNw/Ȭ>䔋  u (x'?J/qaIdÂ!=*5Q _a(AV{:WViZ{yZ jR_: a,'H Ҧ.\lو$]&_* 2.37D@k<(-;u(47[Am2X8ڛi|\}E" He8t4nTd!w,iid\B> TE%Q, @[f0$I߱ڮHxwdj_D꤂ۖO^F}'jх kEL*OkH~9:,u;fO0wc 9竳{^-o% r/?lSg0i8k23M07]nTm?ϴHZ۩خF/gVKD\5e:P*C!MSǫ?;l31> ')t_(|"ToyKi F-v֢п4A;&N<=o^tZu:I7rZu˚kyZM'4#gM0WP8Dt+UCm~x/Ľy[P(߻【 Q}3egz.Ss.W&VAc}#) րr@%Ƶ"dÈIf(r2A}tQg2֘to t:N?Dۯ!j\mۂ2F$ޔsFOT-%#^[Qc B13$)vQLYom?P eFYԑ?>+@˪@"x@ PE;! w?Kj 5 #vǬmιOwx+$T"jG*9i޲d)Ե#(b.F2O ގ@zRc *Z䴟iSlՁ_^h:Ts8͌:P-,~vn#5HgV3iD|AP+?w>7H,liu)Zk&Uu騄9jSp<,5|9b>iAF]TeTU0V|w-a@pد%Ŋ jwA?Vx^dSeqXab*}f3n(h5 do7mo/Rb<{P!jd -o_Omx1Hʓƌ5 _4(d=Zu'pn /|4#gE [9`Ԍu;*t6C#CJ+5,ϟJBI񹬔YL6l&iA6mԇw&]fF>b/{Yđ*?1y|LIW ~Qn{[ooJEXOK ȣ<"̘d']{hyd`jNbpJ_Y9kB1eTXV@~'N_(5?A>{H {zא2oYWu;Cc+eR w}`X mO Lɰl?b7KB+ (s7" GKid(5/+g$Ck^VLUpm/C8Ѻb4m|]˖OSˏG=ˇygzz6arT4sH`F7'A6vU6c_}%# Bs 4ЉUxAݩk f߄ʸ_uY1Ag#C订`4Z/'lȴsCO}4Jq% zFp'8)waӾyP՞?`*ȸ}"dGIW=pC1pv@6z yhtQmdMr:Qr:iOfh̘fzt`}Nj MP52 J0p!tAk-~hQ{6׀sb"\'4"74ӑh-o" qJ ;HbɣJ{ '5ᢉMc׹rlWp\$&fu\Xm\7qFHKT:kgR[`UZ#q _y{cT 4Pdϗ1/Tc?l|A{T4Gw,n2,W?]Tqfr8Dw}&?t:HwG] 3($WzEǎP C& 8Є`n+=-[ q6aѣc s9mU9 C|5jT0a+*ҪN8}?Ӹ2AfZ ,n} Y?)2etRaaPݟOVV/R75:9ҙ\JJ d0̌Q>c<9i!+(PfѸh.6i7_D\bivWUTV^}IZZ0w(}@< #%2Dɪ/O؉Y҈g ăߺ10\"K<ې?=AכjTZ JKses&l:wAʐ5@ isUM5*ү͏;/ I-edU`I( n'R[8N=AQ !&;nRtOj()ఝ^iZ.t&qinL)!. 7|xЋ6W!bb"#3Qʁ Zqi_aV N)pj0.:T,P(AsK]Z5FY a]ڱ]HejKCGP}Лǣp:0_9Зs(x\ ښ["_x%̲t "G\Bdcĕʇ> Sr&}[ 2n۬7W*dCVQ2EᘸP/B؁miw|+8!{f2.0S,tRTiNtb@{#0FZ\?  =*PGS~79M 6X )?Bzg2?з \:DEXb1D&v_,FT} -37,kѕ{*3Z.e/Yu ;W̒7N.QI:Ƚ!r:sa[684EqRr+~6 A[Ȱ&:[h>nd`#F'',=a)~cR{9x/LhgDi"q_qGZw"cM>ja/iUb5wnlHPghV.x ;?.&z]5Ξ3mZDD 6Է\N4u췋Wwtѕj)k&.(^`ES f%0( -A1NWCXB;·W ac2Gb:}ѳkʃ$M+~Ǒp@ tB[zL[Zi|_=٭KD*o\S٪drG <"8OzV!$> U ++˕^Xx@ۅvLYmZvS2ގ[ᓂ~ͼviJQ UJyӡwAV ՟"3!xn͜OaqY׸p,W(zH]fa$sElSc!]~mm!tGǯXX t \=w4ԩIRg(yS@P[2F4:rD^r&wq2$2D~w@ J:I[z5#GΡ&Jkʩ)[DŽRY4KChO 5[fqWs |)#э bkgMH|$P4{JgElv}aCB}kUpi4tߌ3߬#bkaQG QN)"8׏O*jօ7gF%9^z&W/n|  i?4rOAu*HJ-*k{n 8< DJIE7SjHnc}19t&ϭNNDsR[!bswP6ҷ'cj$3hjPV,7kB܆a<ɁmuљYDlqWUbv\2ó?puXLz߫nЕp? XQ 8>AyUD^Hg+g=*قDD*AyL>3Zvz_O')T$͏c@yc\=;U?upVHMiL97M*}~7U$)%FX|t,/<:9[c[U*^ښRySG[\cf1fBh5Qd 9Է*2g`iRU/5uƟ/*3<PdZsy:j5V𳉵z e^:k(.Rp.s[j /$YpNa@U'rA(Ga"M/t`TPXRXiV{L";U\Gc83 "ލ& c/%䟭 G9<2w+ГÕG.r&3|l5dQo᝛.U|fi#X_Tqe눹9R_AkaAfD3kD?;̓RCW,Pf0&52?.CȅGHz)*Dp0k/V|}'D2Y\W?+`O@ěF.I|C UZ7RM)M.ܾ9L=h\wrLEJ'HxU~u '@T0ʝd*cx&F:]c t1)4]ǹ n!/HeUԹp@d|}Kd4DUNg<2Sd"s [H1ιCQն=sѝa1P]r -+ޫ`lQU B:.ą`m!{=n &< @LNN6muP>d)`٠_TB*I7 4olz0.\v<9gXTUCPytUud2PJRdPCsWPk[Xҍf?Sm&ڹ8l(,'Ğ\$Th [F7B' ,4n-+U"ӟ~l8R"pk^lJ'W : DtCuifB@ߘCd~|3~)WΆ :6fTxkBɱk!?씮zTp<7(X9<#Z0+7<] zmbHc+ yڈ)0]fA䖻q :αѭhnzc`0=V:"-i/nH`A/)k2 کAmrQtYu+NSu"ӭBmc7w/bV';A.*g WZiLhWNLD:̈~d":9|j/w <ӏS?\QEԀpCrk.RFeOohבKiYwW*+gұ}4oLX{L囟r|s}O0ۏ6"Ko64Zrj8#84@a*՗lUI6@: W"M-6Dw?PO k3t@nLOy>)&Z>zr2$suf\S[Ƹ@k6|f $9#YҚ*kvҍ(=Ps,7$wYO)\C|1Y963cK:wƬ@OAC%Nӊ7`DrX \UFdu3}76.-L>o| x=Ǘj[˕aеS?$BD3\NP';5=8z }T&:fT+WW|WQ` Lp'& *Qhs!;B3?Q r-ܓsHmV,3ewJa'u =vTz[JHi V+*sЂm|W3xF{d'p&Gtt=i%%)$c^ל\<.gq,a4LFE?mx_JO[ #*Wz@ar)' b FZtO 4w҅崣=Vӣ.Å1]YF֍X35-ăfawgmEq䈎_ #᭎AؕA#eh=b+e$|;4"@Zu͆W KPjƀHwQafm v3dj)Bby1vy]7HWZo ɢމ1O<=_I]X'D,J0$g],y=!xaҪץ$R>TxSp 6O sNtį~sv WH=粔Q5n##=KՁɂ-+M cɬp҃dqv}wE̟?ru ̓mӃaGsݔMhʻ QQuxULiŵ5"HԆcDk]S)\Y7"ֲ4TZ=*(]2m>I84t?GH;TNx ѲswAuH?xvj~}r[qԦhF˱3E%+ǔh&a7*Vac#|ȣDJO5[xupZH>wv*!vmS`6[Ze·䑗URu^Ad̦p~O,/{z,C)^QZ)9a"~?"1ӘvS_w^9`kuMMܵA4դ`uQo~3'5O p ۳J5oձvĕy"08515Z_Rry~ +Y˴Q?N ^h{e2ί'_O?#[M<Į\c|и1t`3[rɍr^-gQQ'|zb' f`m:3kI gΝr^:7QSta5p)5[xv^R+p>$(;#6<ӻEø:qsͣG0.yH|l lI<{DQjF)⩠RnZ ϝ*-/<7ꊮ@h;)+K G<$HvUqVLq͔qx] N4z dbܱA, 0ń"h@Hø ziʴJ%_n L2-aǟ]MeO:Zٖ@@l#85g`'ɲGO 3n0~L{w_ߚf~.S SV%V-PPWأW'):^"C[\7+z^SWWyBV@ "W׎G%Bln{yD0R#YGW)T :&&C/XxdfH}S^C\P1T{~{?kZՙQ)VRdO T"J$a+o֎uCLN^,M|xW#M jKx~}NYơX-8w*r.7l`EB M:9/\,=BrݑSP?pNXN40ylɝˇ 6JxaÚ,oAOn3"*ΠqTg4wa]R"}A'#<ԃoH~c V>7oqq!:z٬ͤ<926YKf'E &r2#Ѷ]§O\B$H:5-R)(A89B`.^xn*A 3A?2m) !0m Z`'+#5ɘ* 0b2M#@Wks rj(y-׺P {Zt t)5'/o@U YŤuXפ06];Ԗ-=*bgxA$*];Z }ؼ+Ɓ5ݿP2]Ļi -D=N!kRz:TUjK!8$-1:6s/#j$ $n ќ˝ _V?0LgA{ސ&D!4=ߥq &c2Q"^8,!n^$evܫL]0$#\ي$染Du6y;S#e#N{) AI؉M/F1J6*oq>gas2G\Wϐ6k?ٟYWfVrGr{a42 Ͻ=б;B/OW$nZ /; ;ZH&+(&golqsVIw߿sQ)}@wnAobg4}F騙B SOvĉkǴ\"oV15ֳ*l_E@Cx&mp=d~5]G>zIQM^_m=Qohfv_nPaq_M SF#mOd].,҇lMSZE!..Rk5^PAwkJ`>?+X;q&b\i$HfA<'7C83l ?j:`y wg}3,ZaӰۚm佚G>]`O$4,L" L>^0kYm!>n%ksOE`0*v۸El&X!))%1ܰP(ܻ=Jjkw$pyirR_q)?}iO܀-rPۯݒQ0n wRf3|rue[9Ȅx+PD M>nEpc.kmi` <=)s_oK(/.JϪ145Xj^greQq^1;r 7fXÏ-4} W!Z])g①akcFP%5 0lqpՌ_sbZ=꩞'H)$3e)f< ̛%y#ﵲCR;uG,qgN0~k-㶲}w-v oD9x6FT9MۚI2H8_u/Yo8N?:lNkZj6XBE0߮[qcLW9rb")nF]1׀* |ؽGfT0áIJXmj|Z5]N[a³p;;؊xgK7ducp7Va1Q@;c uɆ֬ϓBo6G2(']_ qe%^k| -R9TY܆h8cchZd\"Kg%m:eP52BȃPanMϪ?:¸{ CfˋgD˓gFIpIq%h@ \*ޏж A W1탰[S3*^T?#qfvUPs^c9_Ir eZjU jU>KQNp}&qCZL I7~EK$~]iRk]iͼ))vGƢ^^QL4a,'IǏ p)2Njlk7a?f*HAn_P`wHT!WerR5 (G՜uw`V9 0e.~G5?KdP-:xCo+xԥVB?:yMkNJC2zX"V;eWbtH* Px(O?04+>uG&K]f^W `Y{kȗR=prbHs[߄f+&V r #C>1GO<>d%גSqnȫP\j,CO˓ ZKO䰆4!mXgE9寞+lZ YE4m954|{QIJl_ 0pv+O5NB2*LzSwDh7CDliaVMƕ/auE4kJN8YnU:\@Uq^R;t4EjqqpWHǃ_d}-'OWbE3 5Q2SK *qǦ @Iq8pB(*<j?$KjXfkPXJ')EeP&!"FrQb) GqV[v\mIߝDGu, J3oHpµ_3Φ 0Q*\\Rr{f -n-ၜ9P<>8Z,CsVa;W+T۬%&>hw4BZ8 wU @GoY6%hH}h!V1]!\`w]砨cI>% b%l5"Ms_BR vḰLNAE"'ǰU Rg|^,yH1m1fkti N_]{8ܷmr5;bJ:5;8۹2xzR .bYqL4UvԿ_Q TtjbrF\R 0 hzHAW^ Qi73@X&٠Mý cHdVy[RWi DכU~5u()D*]ϙd@ z-EpH`:v[Uy~#ή^J|k GmT!t)Xɰ%@>Yliqfs_93C6*^6 S[/_$_>R{؎ LG]kT;y|0cVɖso6c^~U>* %Cr#Y3AɂĂՒ"㺎Z0)Hv^ E׼2{0(!;ypgm7{=v׀LpzECrӎǦN,Cfd) i h0g=8<ڟ1)$Ў. ERSrd u׹R^nuYSrLzN XWׇWXT,[AAkCpw"B`jTksz"a}"r ݾRc~%J#b6x${N N_6*KX=󕴣$HDa, }*'_ Z>d֬RݗSf~=)uEzAוԳKD9ٗ2+Q[Nk6mrlAI5ƨXRՏ - SVVڍ/#^&filPE( *_I(Lo. -̈́^W&22 $5ׄZ=Nn& trGek-N{$/Y־y m단Eٌ^`a=ΪWY>L@x.1.#^a1 %#^?f>@a\KTja%X- ۔_I9 4*rgVY duR@G_x.2i3DnT*av(N5',VzʼCC vIcs""taUn؞C \E$ {XQ NLN0;º+VЖgpSTvt1Bu݂ auzQH? Zϵ5i~6ǃ ۰Dêc5l3\r.)P$ 31*%-SZrUb%]#nąaEї}^u26N :7>mf,@i9zh_(v*CF\m_ڐ&Fg)$I4 3aCH.-d7ҭf6WgݹލFZET"^, cw-r>G/ڝieUs#f0GIpIw>+ ?,/eKm?+IFglm2B sPrI\<${ee y39ɗr̖7ڨ70K[nvv{Ztw+njU X=@uGn۰#rpúcq t_cl bً{1OWi`l6%?en7)ENbXy%_C ,pf&cPPuC@_,҃3 ֮V}N+:('~v㣉I~p@ 74R#*o+trr%EmRdt,|T%rA*¤z}pp5fm7Kϴ}u1@~W31bD u~QzYVCTZ6|+[twT:JsA+"?Z=N$KXv]!F3X?w}Vذ#>eAasU&{-V<zxB{nJ7#hUkP0pnE`h/4Le() o5 uf7 o2&"%˲#!gsu,.xs,S\?Z%Bn74el N )K `c>^E8zض{֚$@:kcD~S {7K|,r sqYk\V"ƃ8F]*X*_ߧ(ayGYj'D,U ՞e4[WRxbG.G8Yci7ɟ3#WߪF_fE* %KlIIJt?{AYC4]pŰ"0#G3J%D^MK.)] 픖>ǚ$%(hzh6OWw%Yo26S?HȐXX?&6-~cBd'Se%mo8FнbO7k _h!^H.nS ^}sDn62 sg"WeƮx#=Ud9GY14%k'}2o2U>69 o/HW<00virV 'U{؞Ut*I„v?R,/U?%ҘVIL#Gu߇V.*~XfL|\h'=xgPX(Rf.yyetX[l"}|՛Ui'ΩУ"?3DI 2AO,gg*h9ZsJyBˉ<6l%IJ:'E; Dy~F`p+˝zސB0BUVYAcxׅYW"th !R) TDB"鼍lS ? 57zv][kH)+\Ɇ3|6" ,二Å.].,u-VQR ̤$Z2Zh gZB2˶'JCg0N:!,KA`J-f磽@:3Ց d8IMn>,ڢ$z ynU}No9@_s=3Gnfz/ 6@DQ j/ؼg,KG3yձe*̑곉չE2gSejĐx(1g~ˀ"e(dPlD3N@=i˕*F"4-r2Z:; \H'-F5L?Qbtf>!gS?MۦV BغNlh bt ѭ sE=; )_<=v19}9v# Ѵ^R±"\ʽѕ"Lv pASFa}qѾ X5F + e2y, F(bkpQkhI ]dM0 G0=AG*<К'l(Ti_,U S+_P"F9[툕L̫nL[@E3.D:Én+\ߙ:|J;C\?O}Jy@fֹ>4 Ԫi({}uf$H+W!Mk_ ܦɘ G47?wR?p"7ޙ$KQzrMn\ܗk61UHEHvdWWArg-UWgpp>V.6:娡^}퓢M,GeŲ>R\>)' .\[\LBҺGFbZΐmzP%Dq z-ypVUO؄pR|;̘4qe5lTAQl P,^[sؕN trSt8Em /#%f> a0Zqȕת`KxMGtn(i,/J_q9#yFh fN'lٞn '߈|E  =3-8`?yu쾮T1 wNN[M Ki`D CM}b'cfۉ}rc%LJԸS_~c(\Q# dpk%EeՓYUk,0͏k/e' clC jUq5?bpQB95h37> Ave1/ Y]%wk\~>w?rd*7>NDJ,O-KAI i . րsUF,P:`*B~+֎Tn}a] Pqt%ok3녅͏d;ʐᶰA!_MA*'j}3۠."s:*DhS p}|u.L8xq dhZbȁKNR9 Z[TLHڟYMb^44Na0.{E"9wgOUU6 `".<3Uof0IWX@B:{Es>cB"ORz1N#)9յ(`y:~˾wހr;ZZ+r@ L+r&0X40ڶ gHJoeȣ hе,0C6UbQU^iKX5MS Cos UJnNnI dBAeB+ ^0p!L:~6wJڋq{%ti=]la(LX`plJbտ, = J(Z(QxcSLl;QFE`]f]eR$rAgSwHB*oU_p71ayl $ѢU,[T޶mHg3U=!kUɨ^I wQJ=o.\Qqq2H=lqs/=>."pz[8aRffL hI;ԫ̾4s-G*r\ @Ԉ׌[){QM2-k2yYK.{ͥK%\ aL~{,m;y )>'ڰF/:vtX³)xc6W?몼ZZ157gM7$ )̘oQ2@pn7eXx֪6m^,VX >inSն/ qI^<$6$1eZ"5`Rg "=:M/|F?ı5P?# 俳ZhLJo ѷWD`󆔮~tQIė%T ䷈|ō/ :"aks?I/\]W7 `EW"b"|%Utʕ^42PΕ {Ln ^f ; >feU 7PЪ.qEĥ=k@1|]D\|f6V Gҏ-M;D3<gq7R`VYq}_Wޤ;S<#K9UDYPwUl`G,5ssxo۞)HjgL(ONx}J/~)ۮ)Hd&q(K=˭F$csp$w?n^cH(a1Ѥѵk]](ܙ8;)l ۂ!ne^M9W[7p^ u.0KcFvgQE IExłқ~_mQz\.I`HCY$R| vv/LNf)Dc4F~&<{(tJkw쨥u*蠬1o >kQH- b ;e 1Ln7PcÔۮ(/咅g7d'Y!0Ⱥ$Sq^ gDZS6kUQ~]6H>ŒfVx 8L"MWӧzb>nm*ȦNRm̲pN=eBh0 w{ {TJ'Z7 r-= *5[Qڰ w7d5HdԛK jOs_>aB6 b5ނ re#๼1ZWcWqQ)bQ(ݪ?Hpj8Y* puli[H&zuWF&r͸4iDW=~Ǟ wZu" R]L*| d v%drN?Oo*?]Ȥl@v#"G33;M%W)'b֢!yKbp}etAÆJ |y"b %<Ö=O$ݶGsTs>jn%粏z%9)w /@5:džoxYnYG 93p[H,܉3^geڗ7SiU - q>pU}Gbu,QW:]_qjW;.E;@&ǂ}QKZkgϦ-Ei w+K~5.}kO_':iRM3+B6xo7<U[@iIs>8*^C/ElgxjW֔u 􏐽ZOn=-|^֮WꨘçBC];\N[LKjB{8ir|rpQIH^t %{ﯲ\**G$qk;L'0q4"HEJ^d0V|wNա_WOl\m}8(q@dxҝ1Wie+OX&MۣۑěOCf1nu@DKlm о>G-)^C z $ٲʲiD$z`^- \<&]WS3j^X.sy)Ƌő+JT?RkI {Hm/E>2%.4DQ:`}>P@Ҽ3ڭOz?/) Z,;}gt`V*?o_OҚz׼\5G_3Jux&)MJ8+ٝZCjά? ݜ 7>CZ:&0Kq>H.{xBRyFm(WqӭXlHCQøF~`LGR&txmMA Jz4'yFeͩ^ W/`ӼsP`,DRZ%~n56ؿ7._3epkeSu@w-+pz)'<JwS;;8xűMnwHk]G)E-GY9#cIS*Ը6n+< d*7:,Y174^ҮNim{(C$ b ؐtÍȈ_ǯ$x`7lr -m_ۜ.=˸@6^}?F:J`#ϛe\;ubGth,mGNwB2P&3 3H* Gzd9dM5R>~7(?;ސC)_,/5ߪ+:a *IrŇe!?5 bea52%56,E^T 1NfP_&y*$ Pig_ _;< s( 'p_ލ}C 폹;$prݖ L J93*Yy9<آuOw#'v֌8* |1[}T?ӣ"C;kقX5`+$6(έm_I ʞ9yot6.PT4~P.ηT;ld򲦺ϡ3O:dɣ扖7:%LA4;sB5#_<ڣH%:7<GYO1^kij(^#) ~"9^Y<ԷՐ5mq MCd>- G?Rͥf6GtY#PYU!ݞ35N'e7Aؙ 'q$WNc(<̍j9qДsʩy5^ Bf F=f)ҳ]lja!AĴ79`AMgUNJ'>AHʶzo5ʩ " ]}B5Vc@ܺjGgə_%dR=Ȭ>XY_?+hۃ^!bB%y$f v8/5S/]}ˍ׃)i@>H 0;5zMRdl.RىGב=3NNh -:"^If#ſnl4 QȢ^)0BUM$v1E97`{:/OIvʲ3Ezt ܟ T-9 T&kW{xs5oc'DMVKHM{{Z=ezc)EC׵J׀c~\=kb- Zt/]*@jOV.]3l4fRX[<yPkR(娌rXK4:c$;ԔJI糷 Y< #xztZpEaHP`"&):FRmB]iN23owJPйV9N^(Љ kCQKs+pmH]w'h}U9;@We_U,lƍ6/HSeOR]ׂ ch;qmK0?ZG$ok(vYux '̖T6:E-d>`'~'&VF(Wf,<.ϛ$\KtV1 w45>A W7 ۜ 2ؽgěF3mepP _3xffSdp3?c<'%_BH^RedNI^S%#:eQ:P X'jK:rg >zASu}Z ڻ)_kkk*SB.9t~A/3awH 6+exa74å8Q q|k6Iڸ DiC+A3}`\fUDy20~GdՈ_(LJ<-zXQ>:frG]%KC@Vy`l]ALvRb00'1梀k^d3%PR@jUږ/OL;kFaq 4+ (P xzh~hBa_9pgGaHwkG3)vvL[ v/8 !Y^2hdD렡#z_FTҁU+_(fH~ %aw''\:hݳK=IKPx 7-$~W\o{E$!1% yu5 _%3y K) [*ūdMHq 0&x#, VWT.fߠ`3vuC(?1%xDrAHLB=ߔ9@9u'-U6E*uA`?~r00W'Ž0rܙ8@v\c/$ACu x(Ԑ`M VzY3Ŕ=qˣP8ĔҔfE If53S_V_qKɢd{@B2Njz˿ᷡ2ADxx^/ǎ;Cgr{ܧj-X DxGE75vjR3YA/T 2NWd*[ !+d6 l^%=M8U@'[G}A`Ɇ:Ұ~ jl[P޳=qL_xBL1Wpybj_nk ,^g VZy+<̈sȭiJ«K*U7!DY+67L݉p`fذ.DἏ)sd1՚x/F2GQ7*Ɩ ~AvAY=xO47$q`Iq Diio[E' S c5 wa(L.zi>CI~ 0l"AN/!$Zg^jo!ne(x0]||1fՌ&֯Κ0b_YR$~5'w{R?,A .@6[YԦ'‰5-l"$цDx^?[s?s\C%5QM+>Qڦ)xb'$Q"wЇnaM݆QK@H-Frm`Ӎ Y;P)]ɚV}BkA8Akm.φ`^4O CX9edG?_;F:=ʞ~\5^Z C;rv;M)tKT[CS+R {ƌ~K(UGHP0~rc< O: `qhn-IL&6'覦~xUոv>ŶJta-=q+%>(Qmu{guj2vJkoOjk<ķf~Pm`#Nygk~[ZLKFa/`oY `RoB¿(]RO2?J<ȄӳП0Ơ@#넼H`ЇUFнؙOJ22OB`sU,}˝6.:.q'#yf7^gp"dF}1qELg'GK5&8Wc :f+=i'LKrBgW{Q> u{K(sIΈqr*[ Z;$ ݦy%Uen2εg]?[}ʝTYc%pv-]+(rx ZnE&^ρ#{ȯďfV)E %(Sǝrnvd0y=!w@G %n9w;=1 yVO_sUWjޒZj3g7|ڻm)'yeG6ջ?W69ݐ?}%&qcL5  s!zM*;Ш9c!2߃ wNcQ;KK"h~57ׇ.qƵm9dxmI_f/c*-Tv9*qJ;9cՈ.r%!_Tmy/VR91 /1As,}C[ʶyj0]]]46[lWwJhd^WiWB|]ukҢv7T)v$xl4V|*+#5M [.o JV_Y~6F:6l YM"=bSecxLVB0/mꁹW$oK2er@s2 fGiu 3XŹ|ՐU(ֈh.WcQ0;ݷܫR]h}l1ڑŻ!Xƥ[𥏴=/Zq\=Mj1ſ\DP <;Ls/rjN!#+qbս۲ (ۈ|#iJ .`鮺/$nrZPS~qOJAkF[w/$,!IH!C!BCrau 3Z:`|T ʡbw_Pj{(s׽zt[ ,k[O<C% ?fCV4:RS@+,mLhvF 4˟ ;/2l7 D{1rcj9ST =f|i@{7 <Ʋl갫"~˽^^Y.NKh^YF4 $`ݖ3.N'EU026AULc%yz& ,ex#թCkTVO ƣwiƈF6A7-u|.@6R9Q5\}M]DA  ;f_ #cTc~Kë%[w@KY9 JRab%IrYh\,-2D p *cPxY^}b(;:; Hufקw2.%PGԀΪ*Z8&DC~׳cYslpmu*sFy''8͜b"Bw\-5QqjʐB_+ht=nˬERc͒ɢIDt\5)t| f:NwJ`Z4(  1b5Tف*qr EB/6"/U]uƑ #a5!З{nnUcƄn~tjqe}P;4ř.s\DA4_Cha7d"u.>}mğIϕ.rv?p^ g!t]VȨ-}c2xax4 1GJ!<#*# ubkߐZٍrōu鑓[oӦ}!X B-lyɺqks2Fז2^"u@e1HfV`ft l}e̴>jk$Ll}x2-!f#=U](HOsȥC u$&L]:n1i1BGH:PK_\)&&I!dJSVD j (7 GjNFd_%+^dFb_D]JwC&B )R۰ϏP3\2(VUޢ B 6pҏ{j"!S,?>N(H;b]\xB AF)qܧ):{K*T7S06I$*`_ o>{SonΗ~`fn[A40vTm00#<cO>~Vz58a99X- NOj0 \o*U"J9@ic*n +\5k"~t; MI _z,7=xf*bDg% AV^VwYحYRAyJjžJZHU¸*|qE9(0!MjQT1[&R´aDgC{l{Hq/! ~xZxܱhmLbb,}z5̧xL-gp^^ L͡5 $V{ C{&C_QH h0vAO5K#ybWBSl:" ]P':gs(R{5+67%J^p'W~<~{1"SY|3lYܞ!4gl=\34;CJ>r,.7 \-|P[?5(= O =,Tnxɉ/пF'nLe暜S\zKX`Ǝ qJVfFwhKZRM$zjhT4HZy3ddBz 9{\h'7tr.IHƑ[d>v)>f AF*n[QެTyh4H0hT$8җd8 Ieq.IVׄts ,- m2b#X=[SsaJvBQ4|rls3(ѕD+;`фwIT0&#~_}݂gz[h ( ?BVQ ŗZҕ*mr,Wf)(ҩ7NJ>Zb]Yx(ꑙ`2X]}gaaʓ4\ @C7g[iБagOlf'7cU 2]&zFum (tZSP.i>Qb,SAVh[K~hտȑ-n؟Zx`g)[ f 7ˌb-^8D \r #V^.6?NpN4|'v \gh"pp42\$>yƀ7@ =lC|'wbp-P]*I8tmkj@MM[[eBjKw,` ֶ-2.ckrU8/yg诬:PU;r8*Qެĥ7ŧ;O=KpJ蜖"8'Iv'/؃4 Gr*L>&BC̰ 3Gb,(,A4Gе[ukg !9r0H8 !-HM6w[rDz~'*teztH>]Z-y970O»q cW[ԃonamFt v\miFSrmC}n"uGQjSFm5b}u%Gpͻ̊ϪWf /BrTO -VRUtn)f?mhr^m"1Sƭ+'nHn1I@`rd\NV%-U/?(t8bؐ;$"hi%CvM kPoMG[)HoFଅtN`pH~4L^#a[ uշ=C G\29:(۰La6Ȁ,J?;o9.Mt:j&!h0ĉZU5& !;F]:l*|EMcmGke0TԩIA?Okou }Zp0bv8tmY  Y.)\tG8)qeբ{>6?vY$ . 8iA_YUߓ' Q#5f4C@J%Q:pyjb86q%"I ̨Kg0]M9=g^#.dά\;?+[c:"RK7_ޣt 7$ DmɸfsX/1iT}+ |:tux0>oȮx˺p޶4\V#7U{[A S)£5s)edv# S˦kǿE&8|_ՒDojc)$,)~')t*~Ԅtx;~m`(r #;Ո' /n86isI֠l0[Kײv:)`d¡j&S'1ߵ$2 /;>m[Qw?hhp}JK8'%LV5n/E/fc* OiE9BG4+<^:V%S V_`U@%D@Q ~2i#U>  )}{jl,XɒGi4jDdp$dMNwmMZ{W|=2s;3:c~>SR2M')P\#!]j36鵼Sn#>oGvR/KHwJ$E*m_Pn|5JvU75`6b}xByL먆>h4Ug幊!uf+~x|$(S}0W&m=^Kflx PBABU`x +d{o+|_M_;P[,)v؆FkR5k) nC0!T`m a 47uC'KEEa|QoA2O)V#}i\hp̭-!$}DemV]hNbϧgaY7 W N5t@y`hc'`--[T$>7{o"t C. $*b45+c136v %o 8j4_ܲŒ j+q߄c1JXi!t&UmuTTgr׭/ {[KGrUXr5u{@5fDjj/M.u=WY:?GOuPJlixK"7LSM3Z՛՟e@SAF^@Q)A!M l: ~ؼiGgY9h1`W+TЁ^ 9vI`:x\(J%BpX IwUhSYHqCs*#(ӳ _HfP)쾅v[é7`KnCLd7Eh't()ls=ۼ+ إ $ܑ9-tSZ=)1 eÍՖ1,UTǿT7˭H)Tڳе$~#PZd&K۫IJ_/>IW9ɦ:F! 516 km;G(Jq?p{VH >'|3qpnhLpGJj.dU 5h/6I= iz쒲O˜~gݣo|=[~rr/qU zt\EtiqGvt~BPXFLm+ rg7%i׍3f7=CV1<8k`J]=c$CDG4wBs?P\?wJdm3$-8%Xm X9Y7 ʋÿ%%ڇx^ph'r7Z˛"UW&N7߃Ê9zڽtzj іrAͧ+N)iPNWnlcZ^Gga y*Wuυg-8j+47zjeAVe}S,*MbN/RŠb w(2*)넢V?uo!~6ʩAeBQ?x@@){A C/vcaZ^&%Nƨ+M yT_4z|g+ZPf%/h [P L3y 4S.#s`(a"#wX XrŁ-ǩ5Y& <~9&:aC:<ݪێ^It[@K( kGV"e[9U]sauJ9pE dM&3'򗼘O%1C]YVc>*Fwo87p֕j;F{FFn$dS J2KQ hT HVչP @ ]űl"Olm]]F b`=m(>gpt#r+~|~&VK|+֩MBF ?K>}f2 պOU*]Iڞm(m? XoݿmKh~i.N.';1ע}ͿC6[*_XŚ\ŞXs!8b)AkN#1K3Qz?5XqU}$J<,)k)83|dS^@KC(hwibs@/5ܼ5d呇_trgǀ:`BD{$+ǬJ1{pq^@ z8u0=u|$SgRH#ʠa=B3!vcܜtI¶xPm}E a|,%18vOV^<^:B9.PS-Zbàs-L{<@9tw~ 8mm/vd@T"I86~_]Gё=քѻTTtp!8Gb7"3FdʢB}^Tc.~6IC;Aė7C`?%&͂b)÷/< vTk^9@oneqktGvhM5%W_wV~ @zEpt vMM?M1V(mWnld6_-ay4v E:$#˻{jVEmիe9\@6ˋ Cб%G|RH[p[F&CfP=5ߋl+pr[I=g肓-&4t"ϭ#- rFhRO_=FSavm!"@1eW+ΩN!YHi @|k<2v" njL&Ő/,y=EEBFl\˂NLӸԒ@0X.h ldV*& <@2b~lV{aP1t#/fK\t-Óh=8aA7sܨ6k?92D5N[,qV/W6Y 03(FDGzg`p!/>]LלӚ=H`9 ƫ q @dշmAލTۖpKs yt,`ȫ3^hiO쫼X[1w 𡇡#?mSp r_|~LJAPӾ!! 7 el$.!OKf >ϯ̫>fЫKx2*oӗpzLCwK.)|DEȫjb+3!$<)Z: M!|İBd2n\w2"&i廫CRu!Bzz!XC,ݣrN*ʕ}d*M"0>pv2a. Kdѫ fι?D8V EG yk9y$01pCڪWR'rlL9 h0c`n W{CŸ"Vmo9}:Xڍ0rO,|{;fH|.ps@)Ҝ/jz AU~CBGZ8nN.MqT>MuQ3ףe+#$ '?ä4G7}C>HDN Sʁ$oֻ!E*+J99:_ރ9ƷY)HqDod( ;)bJNU=c-mR,v6[}핀ju7*Bj F[[ϼGaBq-)Od̀:e~:"Eno ]kT33`<=̶9zЛ8Iq= SQt͠*m|̜ž?!q=Ђִߩ҂[{WC( T7^0$67Њ< ai$# /\&w34=_V!|EjqneyW9ডF g2O)Ki6AN!DyUi!3?(ރ+0Z=}C٨1`$3 8fwWҹc>W!OSGKb8?#H2G }&IQ t;M,G%A7cs0 I]ر|{.`! !'|Vb㐎ڙeZ|*OII_fJX uR2_ڏʭSAIcHq?~^|a:ď (^a~6*vR+^뵅-3!@brO{G)PK;͉1֝mtV#eʫ)Nl=<ŀnzݮ$v:c%Y(|70@1WK⏎H p 2\PƘH,I+\u>($4!:)^m>b390'Dfy,ŝyz ~W ܳ9;`0GBPPȻɼbvfN3˒~<˔/O6ѰMKҞC δ˗Ȩ Ef*/H`@ӗnٶi$>Ŕ BgUsD6c7Xc9qiE],n$`8gEpʅ1Jrr%}K?n`z^3v#CYeŽzʩ TԶ֨ $ 7?wne h-o#JfSGN'e:d98z ԫu㛭UJ䩜{/}CD2:$wa8<,tW{SYk.b-GhtRʇZ9숗,vo˜2sqtVZvAx49MUY f<sļI\ԿqéUԲs] 5Ę=9, 'FvsG7Kh ui9> °Ph O >85Tڵ8]42 HyH۬si9j^%;9 'iW-R$(&N f*,A!eɼ3Z/J[=~k=鳔{ّ0ɰcƫ'OeCQ~qCn+䣊&# _ڐ w%'D K+@璉0Eh]1 (e?Y)ڕ3 ?Ez/RT i@ms$ U"Gĕ/Aj!"ߧ @}{02O|<[Uƻ_U~e{2%Y$_rsIE2YoV*uk hY +ia)T^ R$ A \H*ɯҵM7 gJ`/N#.f 6) 0Y TJd&{GMܖ]SK1$ ep&VE^KGL$xS ۧNNN58"י2c\RH7Ղ.4C`L+, 28=FJ3W^lLpbMl:u颔T2$0\zz d$P߯fWw:xga" Q?IklpѴXFfv Bb3oos=vl~$&>yp坨vFI]yO9燎'N>(߆ y'|K!'w-8+!Ƚ4+Ϟ$|zy{`DzV7y$n울''4nV ]E㝐JZTfBI'+,Zb&F,vϻF kӡ^790rLHET:b|P2pz5,ezRuIPg&iS /ꚆÍʲw+ڦ+BCH] V/ST=7u)I4;pzNUldN&&$g:y0꺀 Z w˧g[gG 7 ŸZFDhMU=^}=;Ez4o,UQMg;աv^qk>wn2dԧhe&67k>JQ^ﳆȴ:9+5U1FNט.J52z8\bB`rIc1HEp|bj O}l) *U "ZZK(%!-H\[pPklu#_Y/XVdC8ȑt%^ג/\Osm#Pxcmke['k`ngFd_9@&ei#w' f An*FxaPd"b%cR* C/4(~M*]f}L/kA),Ӝh|xġ0VZya8/>Cm4v] +Z#RgY' ]*V yF_01rX0QVGQg1j%vBM>hbtŇ )hOVkf G= fh PD+d mQ>kLvH)K O|/C)﫹`Mi߭v2B)~;[|$uJ4Q\P !@Z-/w~ o\[,scСKzIقq+"q Źk PSƘb4Œ1z63W1L6P=f E99$V7? @-*po{jL:$#֫eɨs^SSVCk;ax(g8Gb ;-M|.}A5fę퉇[y A:$',%gc|;Vcbdn"שYC!tE 3Cg1I{E8~:),x#+I:x_6t6m[zEm=0GIz7/i;F\LX=^z#I{0ۉ23{F^ Nr(oL]wz}03)Muq:Vwx1&4ie2̦.khq }͇E8_ѱ{kJ H-VhA!/V.IMuޅp mc)6qD`g91:v+JŊXَHz vO&..@!Fga5wv͖˕y70˷V.*V_q6|Tì+T[_'(Xe܌_ˈ1bL5<8響<# 4GXbpqsl?d VEzH֘urх^]SIQcp$3H%Nkzn]f9J(|< 8[@_ b_Az9yFte8pHЂެToGFj|?6ῂtd!5`!>Qu &><9s ˭R>ZΪ68w+ ~8bxF%!Ei挜˨` K3m|ey(hMW>]70E̝GO+25 3m,\p[^9jP wa=h_8sJ^wzmC4|u)t y:/.[zQS<274V`*2UV>K}ӻ&uDY#\*EyY%!#!KDKHibSYtx0w^+%4 LE>%+ȤU,Q@+TlGnRLletYhnnw>ESYvF (@Z?>fQfO ҳ/̔mO%S4|~ʍlD(AZ}y+,4炭S opqCKܪBְue-jt3TI"PhIY< OIԨ3 _dl2Tr":Xf:Fh)CנrJZCjZ)x)b@׀2Ћ]>gIw#}H18 Q9CH6땾_h?!<4X=Y>T# 3,H;XqmuԺu$Z8ҫ*hw GO"' m$3!R'i "栚cPnт9 y>o˵"N (Ѕ+Dv}t)3kwsaӪ4d !PAXltV'AT;̫qVn㖝S?Ԏ@(lďȠO[oE Uɜ|P t̐&u Ea'4;ۮ6e`f?莺jԆl|7(Wt {==BГxH`9T¯j # hW^,mWH?)i\lJ^2vjzS2\)}uBGHAH: clE wD}(MߥSb`3\w7B !ﻧP 2KX etlAj2kX~fW %'&^#dHzS&a\(F1Os6۪ܲIt&ŝhGXnHW v52Zm Vl*)gV;-226vreg<#`Ti"0qswKqmwŁQK1,D5[al(:<~"l 9Pz:R0p Oϕ"+ŧFj!JK04=;"@H$SqapexD*>1X^=>l bja9NQ =!qEkYLXXan^t岿 _pZqs~ܲ$vpMKAxۭMԺO0"[MxŊb>m'@:E&NZ4g\3~ Es@@#B}t3~Tmr-YJSXԮG|!PUb*3bkq؃G@n$¼ܣA"+󍹑c6<@8eg(BCx:=] oh"?h\|6pd g(+0437 9񌠱L !g@KM^%{Qkcƒ3k\+3cUDTq cDGtQrAD3ЄL$5ډ'F&eqg:UYQ:7 e%u-kx 5mP.aӎlj-LC G B'5aSFVD߅ȳonTdd&Iuno!iNEa$Sמ hzCpĻMx=g/G ȱ$ߥrNN>mN\?D'M_Tp޽v6m@JD@]kѶ}ɉh3)D Sy :dpA3ART UVS9h?}^^cV945LUkK0 bI6'Ir,/'5Y8H54zOWi8"-zER<F,#7Rz|H3d7J|ډYK"u_SV*G{xxҖg)R?ѯHNMPӣ ]WС :6w=$LHڠvc o&]%J)l`luȦ8<#~ t~U +OYa ]}}% c?M%HW8F $gMF%sB]TIwKEzʟofXoW[%sqM=3{7ޞ_WFm =&N#9mQJ2;1׍}n- -8@T.= ߩZ[f^66P﯇wv_>l3q: ݵŠ9_EcpIĽsre2,LOQ4X%IjŽRpn'ht/oxDؕuTȜnК(_ܐ{>cbvUf>O##aw%.~9!hmd$}I- SIQ"-^hmGcC?uh;T,ru5ţ/#cv%@\ڻ|/͊3vx]"|wp?=J'IqJ^9GZʘ*Ҹ$h'ڳZHm|ztY%c --Cyo7A#{Qp@%32&Dmw>^S3׶fsl >Hy*bYlGٮRfsTe&f3KGPs@٥|7V)cIFBP*(|eW|r3mL7Kۂ 2[bp4{s33D%-ZmSY,R-`gˮ\KuMQ/%d3d< {;y+8>)̋O䒬 !*Q*>1 \=PiCu5ԙH վw2Y"=[oQJPγ\␯:|LRl Vb']%,gʊ#SdXN:]48&Q,%PLM<sg&HҜs.V;Yn#ok$R W ¯Ϥ$;onbSF+S|gVZ TaySo ^$c9z s*i A%dQC=3I2ʣ3$T9k7Xegbu5uo.%Rl5#Fi'QocV>WMu(c>cHVq];gc]Rk0u]\"&Mvnᱷ)K*ᒙFR3N@y7M&aoďip7dclֶlH 2h[؋1O8[h)%Aa:L U۟gz՗FzE+ %Rny,8( @A*oݔ$ң 'R̽[m>{n]j%#rX(SPto`z}erV#Mmqbڢ`1&ewFL*pk\e %۠hMM;SZvQTUO_h I=,Y$xEmO;ROizY-j/:Gscx6~ȳk<9 &IB˄+i"̘{FjZyN. BEƨݞ>NSX~CFK&ͧߥ欕8]sr[b1ޑ"Z;5o Y1%hD*?61t' gS::@i[d&|3~/X wDtFl`^Pnk>mqcŸr@޵kYBGпlci]\`yS(1_*7W@k>l2`{6TzmwҖ ަ>ӄB8@Xk(9-–fwpQk"U̫`-d?m &);t.U'|a=y RkTjwbC: .p-b)Ӆ%e_/ϣJda i{ yIUVBiY1h쫔CZY6Ѻ#7F(P|\γSɛT2ՐkO6Y]nV^<[,MM:3/RҨNjb9n!۾AJ5J%d"," {wZ&ؽ @=Dp#.YF( (|^=6_첐w`3P]VzH0 fi ?uw<Ҵ\?@Dm!a̎ C&2q@v p9"-Ѧl]A'wfQV!<- >Y$NzAߧv-,x$9ڢ 5G<=z#I t{""|E%}Sӏvttc.=dʼ %7_nyʎH݌iW@ 5)(%:`rYoۭZx[9tVof3Sre\"[R+!L[}7j`EN1 s<y"Թd[Z` XckE]-7ZI])#LD`b__)7CQpcѨ<`3,hbd_qr%ʀtϬdyOr&$QZ87H1G( <6G> &JƁiZSwp (#ӳQ6W_ݡTorrSno H8Ge7(ܙ 1""N K|1][lJo~Ň gAU{z^GG:5+ 3H3A:GW"^.𣛿o쁽.S ^g}7`,ĔK/3B0ԁ63I}LU\݋B—!ۍ !W ,Ejy/`3eaC:V֖oeЗxd/2 iK9n۫aAȔjVQD kVSuLF;Z.![r&2SʺkCrmޮnY+l q] Vy=~Ym@TLҊ"!F(veKm"\(j~B1p+͞#6uT-){6Q1sƂIW-9fmش. 랤5 KnȇڄۤEGtT;80~TʼnavRIٯZP>sQT#jKH=|60wZ~ْ0l"*(.@#Iޒ*tVZxʬg0 hӭiND]'KtV~uxG{OI/!Snetܡ݃H~+zYCVݵv ByM,N2l`1Ѷ,jC._2~San{ >c\i<%@w\6$"UR īJ}w/I>J['RME5?\R9qTx꽪#N%^ǶuWJ;㗽K4@y m&b\g50GN|Szz :~S|UZgf{mfa=% jrk*kg1u\)X]Fd+Ź9,PhtGÑ^!٫:HyRywEFvT4 z鮞pz1wL-R k뽗X<4)È.x.MlJB"a(r!&3%YnTlP ܓOSE3oyC *Pc)Ct8aS\dCT&sɆ-%V R +`w`لoej+ qҧ:$}R3o ׬M9!w;T ԂJd,̎,06 V 6!4H, P^.ԛs@]=9+1נ*ɫ[,`9]&)uK]J яaRbN`E @^Ac6Ya;n|/d^y%_[#$8Znxp8n}ۮ_0@]S+luG/ԩ0y_|_Z{k^GǸoM2~ #j9bƝ-tR2#Ɏg{g+SbK+xKa&~B!3 B%_~O0WnI(?dvtȩe` 뺬GU4UuN^mm#9KL<] o@nn(K[$O 2򇋐)c}ϰ*]C(vx䗥5w;1)"XS k;!pHg!G˴pT"7`4 ܐ mKZ/?B./7,Z9)1``x@ć&[_qGO5q.#.(>m6(61 3'GQˎ.;={5€3{6a8d>:#$iFz_[ߴ)>I/SbnI5ʬPR}&D0E!cnM-7pcٹJf΍2S,#Tlzoq/t rS*g<#Ps;b⼈. l&T)2u=0BQղVdŚ_=4(y}x|wڒE5"|v4Ţa's}(KGY}BHh=%Ou"[Ay ^p o(=R{2ҹ_q*9iOt]KՁg"qG=\㸌e7Z!E;kz,a}7NnIH}< i(0%?n~H\c,['ԗrO7V}Ⱥ$JR [6)[/@@1@r64KX!4=G7M>Ͱ@h"+J9b66Gn?hֳʵr5-|Zۧts94\f w5" 掀mhq&l-F>qZ'Wܔ8d;K8>|;{LMN@cR ;ێ2F&CJ`[n?R^K&scfOޯl$G&y=؂ 8*t⧧%Nƒ뻳ȯT雓E0/Addau'8M5Sv~rEH$(J]?ؠ~4B{os9w $a~|#N 4ok^u[ f1ci2#&gKϏHբecxhDqvGsr VgOwכP+Fd}gpHdfOyjqmtq<[+p:䷑8/QnWvu^:!".(Ir~ǯ{}?bk $ s2Th\=~3M@!E>Xb{@ca6IޞrT(dXL-hadMUO P(,#'P'T ^ tLqv2"f Y p\ X Ѵ54h x[hN|cw U)ݙ$cdq=,GȽ?fw0PӖn%Rz:Ux=w04>T'14.-y&P :qU̍uA9A oC1eC`%~*j5~R[|Ư8\f;]8w0XAκ!eD;Z7Xp/:0ւ-[HnV;sŖ۪&&m Vj.jq\B@TΪ\!nCODͻ'{:ak[ٷ"~WiT |MA#);%#`Vu2|;Kp])R{I$\ :ݎbðMKIn}'9"Hk5~o]oK]oF ZXNϛKm:AOĵmmUEM"X|[==)'okAe<!^{΁wj`UҊs:ܲI/r;'TaڒQS>cXHq13׍~λucZLsaR,2[_)A :8nKgo6yp'( [PЫr&co'AT_gnK,z+~u\/l*J!}A_HepaE ze j}Uj2E :71K>on, RvE;fr=#UqTi7.le+ :,{g8 jO LY[G 8Mj;$A$YM`;02Ѡ}Z_ >Ƽ¨rϖICH&xx!E&0ybR7}&r#]徛5Tch_AˮQ#PR27Cr6)ؙ`H=pf}.ZpqԠ`~gpCub%u=wƩ|~}~yyK]H#uKՠG MSoI:qmhDeʛG,祩p.p[8"%?Yzλqpߧ]iC$vשٗwę#o?l3ΑP;W6[Zq zGe@TmbEWy_3 +,¾^QDfƺR|&o}g)ܭ~.X5&!voAs'ko Jzs䇥vj7l.}_j:?V.4˽arsU[>+1-[v\)u2[)vqf.ۼAuB_/`]GsQuO5Ts6êHJpr=pt cXprb5qw̹.3TLbh X 4"jh)}9p%W,3`yNM*v7ᙹLI<(%= .?s,e- k(nh$Qg5c%gwZ7TP>NF?NH>Se|O&1>N#a>'Aw$`7+v ָH`--p prhk)2p#0,j\tM(XvJ'N1&TЬrQ+?t*$zhmd +>x_y'_FzO/a4ad zދǪOGJǮW.mWdǴ!Y66 O ; fC=ZyƆla^H4,vy@b2~9J%F|^d$Ylz=6sqI%.1杺*Rէ|>}!'^dpYYJg+$I(x92HlJutT jG–X4kO8+xU%^owg(Xg((f&.U) YtR[tjcBQo8H":%&Tvw cx[R㫋b_2. Qbl\&LA@J-\/BVVTEԏxѧQ2 Ft6z$~*~ͅe4QYλgvp}y̐]ZDG# {:)wijWm6cLTbp5EI !xB=X'ZrRJq{i*)s/f#4HݟTz@!mWr[~4ׂk&[o~eUu@WaÓzI|ٟ ]IQH/&MȷfVB~Ln -2e䵼2h MݶB=x.^={OR,~ ,S>+@lcn2ݡJn\}]3OLzvy$wơۡqy '*b$X%,NC@ǞhUTcgFM.уYnt"O)Vj`W2 6丘rkMS6% (rLo߉]Ϩ=n' k }6$YyF8sgExt>Y|Ik#[K_ $\^y E!:N=<犐gSɴA4#;MM_v/Z;F+c-L8Bb38bJ#¸155f/gᅻiQiWJ7֍ڥ .8ŠFIԇBI8F驗$V!ɹE@2&yDžW+2#u[p՛4]z"Vk\7N" {G7E֩Ҍ"iZ\/>Ç.l/jxz ^H*3J ]]uI#@V߮9Sfgި oOη uuNk B[|qᐤac|~ i-e]oZEŠHuPKsc (E!'< aGygw1g)KcҴ]4JS+ca}-#Ͽv䔋k˳ڛ 68@:tR)&δFBq@mDu<npU ȏLSƌ6%X'N"/LiKkŀ7F3/QDL[rYzKD}*ɏsY_Ⱐގ k)Ao];W4jNjCV ýe[i('`5f>_pLlWYxuo*w]". h=H4IxӄǺn^}ɳø ;EfݐpgR@zy>I:t&m|#h+U66)e@U)c^%@;FSiR&@:Κ Νc 9Q [c7+~ kҽnh\=7K̚Nkn* G=_ȩJreSkZoT{}y.76sBrJI`xk=6XJd7 7C7%t~+D yLIL^;Ǭ1C2_"xU*8X w+Ѐ&Tcɝ6 3>63 uc9xgo7<1'.ca}M\7[/)UCC3c ;~['/G"Ԗy~ mNw `J됸|}MQefz@ dUhE=\۽ɏ@}X,V{E7eMXict%OEy;Cw/i;ϊŸ"缩`(~;a[N!g!(ГeI)fno Sb=D-B$Pi-e* c2\*C-:l8_*n*HNDId[ 7'S!C]{pl1ٰ®6"_*l:'QϋEǮMX9ʾlQ ǭA:ryN>הx*"qF!:jy^v+up8W?,+rٴId۽o#Lp1tksfn\3'3Q?_UÜ[LC\(K("5,;orZ};[{%$J{2:spddcr;V >+d\2a gW4L@iI,b,YjxwZ$7a쑝ss-! V58 *-&h F UY&f`Ѥ;w֧mΖ݇tX6vt;ֶ?JSQW&T{1J"O *+S.ʯ#nؒJ0`6-srJgw]R \6לq@ qc|*Uߒ&)V8 z ᲾX#RobW^wJϲy. (y M'} X- P+=at2{gqC\RKYB @8 /{Oy-VO$lΫc\ן ;%8TwB9T!¼?^| ~Yv 9ك58Py,Rxdݗ$K6IB6>طDG= z'c#Z@j ]BL!H7*>TIv}̖(%;dfg`t-%kEon\Ԁ+S"n?N*'YcXP6JI~ WL5x`ʦ˫ EQӉI\cuH3;7fx2sNuVO:EH .,Kgyוfcp:L9ʽl{ndåN9hFa۳F8m-`5n3=Q#(>%YtJ}12{oIQ~/1s0-d:u'aG4Ў'S pMI.UH"ж\u dV5 )`Gtٰ[^S$ ރs`MZ$TxBKC}E ?Cؿ}5{f*ʎg*`..?Z@ 1G9{/;h3(Zwߑ7(ꀄ7؞w$Ao v;\兛"=L&jGN ܣgG_qW)x̋53@Y7j\_a3W Qy?F~jh~~фLpM@|vć=,4l9{ t=tsOcO K>'un@ext=GAH{@ƶ.Sum8c yu6 z*)Op%ec Zr=U 1q΍ Ml739bZPF͂=iJG3~qR]#{A'Q s"kX$]CU]c/\ӷћf@5i6O/Rb$8?KWG(8VPoY}3OY@LP)UE|}qgrSvSY}2NZy}m?~(̔8c@4g_k#Ja-賫7Hmyާ͙q9*STU`;. C9.mވ$rވŝt_KoT_CeQhۓ#fO)CnWV[xH5M8h ;en]?%O|HK׏JRJ v&z|oORa㟿XZѢR'.&`LAk^ ;W,h\I`H4I ؁?mba@ӚX R FFay_y;YG̋reRW0{ W?SHѱg2[T%Me/ .Rr0">>gquQGuLJlR0_JvEܽTPf[Gb #jFW _Po xLn\̹]89 U 3&%g8wtY= cg;iyZ;BxwslRbbLjW6 KGӻo)Wiw>'ei$G`';tDCy![rm_\q!+2at#p**F&ًhdRNY×jw+=:++Kv a-<\ !V`4ifӭZ,Iu~a<Ǭ)w#]|5*ePQ ׅ\ r1쇑^ܔM4jc5onǺC2gn`<`&Qc eeIג{LW-)B}oN8W&i$K\FU}lai)p$Q=gBea6 Y~ @JҡwWg$&GՅs$'mgPa;3b#Q_<_#,+!jtIe+'NJovWg=LEkyDXMFh 1w4S",T֦a8K i$6ۏHWeN<4rH%/XnjpfοB:B"@9+Q)5|thAuvqҮAMYbY,Nw70yTϳaA?42QRJw -@Nΐ 8jl&ykGkO aUJU˄ K:wIqZ2O+>jHZ .Z?@bSO?Rykm{9"Ɵ՚F>D˅&V"60 槧9T]t1o,s7GG8 샲}Xr(A;ǼׅOw`ӬM GF4[BILs;P wZ}{=hWu;):@k! zK>p׃E`oP2{i_RL,~k+5S ;^l + I[l*USzTI%6!RsˤY}Iز9,F. ~ Pю9I=Z`~9 >Y>aa\YG*> bh^O 2QOd⏛2x V(ZcyWYD^.fLW6y".!P̐TGEͩA'Ӈ\@2Lu`eƁ/<<^uD^_ʷ8HAbS1wR^ݎCU9ڻ4Qƥj/~Oe߂ Yb{FɘJ/وՀ5CƓ,LqԂV`!fȋ䕃U);W1VF_t1 %fcUMIxʉ}*ѱTut` \&~/5%59z&ĊSvA]X={ψA5->u"KC(1]de ={<-<]| z:!q;2YfD;&ʴ06o G%xui7E%i='ݕSz[tGH.."t7ʑ+oqd,6?TV&q](^(ΐw|c*O;E yvT/U7 J@\Rңq[:ѢMgR:+㢿~iql7 &GӘ>|u/KfEL6VQn{jaݑׇY5_1xiF :q7Sm\pحuC$m|Ǔx`I^%!7]E; `Ч} Gߧ/ʛ-:YN]ggr#{=[?5 k]wQ+`OW hAl~খu}O u4p2=,oLhip@͓߉(1`fR96")߽t Oz@' 2i̓LN)H+7>;Ś!7>)~BtɩyI `Z9# zv>t&q0J@EEb}}w WF$W;K~j;xpaw "0Rtv;ЁNxKbQdɡ{W;SՌ6oHpN*م*C:e5*̢֙%ժhNﺘP-*/_L&nvdVq$ G <6߮OPDpŒ$MaaӵYJ-D) yh÷WjB0j\dP؀  M`ꬾƭD2ʮP4(.\ĭ&Ҏ;pP"!@gB|q~41}BjY(*6L߀-3 : W x/N~@bYH04r"PM#*f{1IQf"Ma4mZn6\T xpׁϾDzʦy* m'1ƾ]?3Ry~ZGK=i^7lͷYC^ET ^!;A6 Bg67FƆnrܥeu?.a*^t;JpF*#0$RS=hV!k7x܀W:0֚ H+L@;ag=D2pGU.oe`M9@ y[, u63~w?~p5HlŠb e%VgTo=.QoXS+nѹ(HӼ`35ܷq[|ؑewY~%OMckV#?߿vU:S?q+g$1s.b>$ U.| %4S0ljFMSI"dFw239Ig%b$(_.aR TiWJO+F? <ԧV,g+LO oCm?H*#v8mu#Xti7OO&IXfOV 'H"\b{e`u~*X c* ?Ϙ;5/(րaP?/&>S nEQCN4&ou%F"-GK EW D쩍EL.2ý\h] 3$*%pמ=]>!q j++ hq֑謺*s3vnll^[jp7pT{fV4˓1qKxUkZ,O˙(k&CQg̭y9ϕ')ŐFCelc)[(iu<)=!{\ckUKelXc}UFBom7<feJDf?p6DR^Otcq.>IbbЂbQ0o 2 YombfՖQ@ KMRXs8 g`w@gڍ"LFa7 [o{>-VGR2xTE, IAcHl-{1ft3(ق`<^:v BiPqiE,CK_anK-?Fr5",wyRb3H&^ƍ;d%;9/#_ISZu2Y'D'>@KW9M:nfTM;φr` _>,n0?4YMmK9:YT Q5f^[JGAOankN>>`5{e&)*Yusȷ \?Ύ=7'T ;pѓ sYcʗ;og(@ xdKSF'*vl N׉ZhR3/{Ta ћh׏ sb9ﮪp2':BQ׶2,i#plCm^}쬢(9aoV;YF:;$}塚HK=f`٧ LP@LyE)9̶O{nd$/ߐ- OVQ:2\ g%`TSv|qΡVĬP ظ wEu:acn[q*T#Mib_'z!a tnk]9tC7jXqf0wMcQ|PĞp[o3Jbd9|*Eon3cRRCT6C8u^whxdȜ|Yy@8rX3}*Umt«tj> _F}m7sy_s"M[̾C!FQ0NJWNֵW|V(d' &o T'u_jGS1KpSuf)Xx֝z8IWe4)٥݆Ӆ~C_5X6ʇ CJ},ݲo&qJ@ng~d޶tZ׸:pH [[ډj+헑r6a)D7n&[8|lT '2%ޞHcDn _13:6;¢ʡl)ebؖqծ O#r80(.9O7E s@hQ3SWBxqBǹ`x_y.A:])JZ0/^}3T(!'Qٍ0/SdT擃eŲ=aHdևӪ EбZd`1׼JkJ(8v %d.e^ehG6o]F> :*~R2MbG̸٪}J{a4W'8&[1i*'Y jۇi6f'l72.ua:zM57^>uP. 3㒣1/ݪ"XZu?(1c`yߏK"Ƽϵ@F6Vvѿk}`P%h8IYrc@ tEUj [>_ո>t y\:.f+ ;cKsx\FN}fN:Ǹ[fϒPIpGceR֞hazF!Pb' [PZeL_e}%I"&C5z+p%QF%C-Z=BYUh@`cKpN_SK^a0 d/\i. sfLWh6ˤC9$<~hHs\`Kv?M&)5;;knXi=`*DC?/9WJ)˦xYʳ}@aJs&(ZN2sAHq_ ݦ+Jr(n^${dM_a`J7t$A4XLcoNvi" Fr?7ZH8#k<ʰ^jT[*,JK㵂̔oI._ڤY7\\ytï[u[^A(&*{93KYSAKBCwwFpJLA28 Sx_?p05zvUFAmw 9Jfa\^dME=Db47{z6)AiCEnXɉ!c cZ>CV/J23Hy2JvѴ, >s޶-) UzW6i [R ~51`k@ L`ه"D2(C C ^dg2 ш}@f (Pe{::igzőf$E9ʶS_!@}4ެ8U&% 6>v'1'3mr^G <%dp1_HfH=ob߅V(Z]@{u3E|^]2(5t:0> ^:6;4YRjBAv Yͫ j|m#'V2R_/7-:JXYȤq;Z;N'NT&ӖiV?bCyj\@FY/>ZQ-Wb0;F(l'/_%%BYW,X;Or7'$7 rT-AOU1J}v&+*-/ (J2@R lLT=mޏG9Q9)NLz09hnD>cMX!cOc&,Ua#~Y-ހW8bPE΢\OWpBb;cY\W 77@# p;hT<-R${&.-u*nwOIr1CꞠWHz$=ehR7$nP$1 2i=FYt8S`F~i-[qؐf .CHŮ|N5p\}qo vŋ@b:-jVsU*0&g /G}+ UPb5k,n&n%r-'zmC~?,cfž)u* aMFew7jPۻpHX>2W,iuC}/''.؏ar$yְX|u(sgJ2nCb7ޣ~iW,PJ# a࿷y;ޠ ư6tbpL3?fK.1 &}W00`ᥟiq1U-șT"0J9MVf pf@4ea/CQ&;?WR0 lG hQ)S ?:5Ҷ)AdzH$R^"7H84kTeR䑁m4r?5ӘՌkO)96 _L~mp.-0isF̰w x(u ?: ׵=6p0Tۮq/Ѵs3[B&D>#r,HG1Ek%'oک܉%j8>2 q {q7&rL>u6Q^ij  tϽ6&vHRK8ӂMc5\siQmr,_0@]E6 WSF%~ʢTYs*Ti(s1 { 2)B\+3q7'qt4o㟷e{kֵu ?KP <Al(X7Z?30 {UXb;qAt(ϻB`t"l|{uW+Fm) BO`"sLb4V|wժqNCvR >HD9R88³ZPf*LYȁ|& (;~ udFRh-ݦpl@Mr>p6S7 Nh! [c_NT7y] 57WNoΆveamo: 7ky#|l+#(6v bP1>Y9g!mr(%ߛb@4@Da` L3 qO$*&7]9T`53qҎq/AI:4`caT+֫uoobM#e孆xƩ??ֽk:c;:`hh}'8l~Ӫ 2ޚg|X2}LYUCT|A~K];{o>=^ZT UJLg ? LAp.֫fk.QR=)N:(v>M8:PPC_%UH;39.aFtAZMeX ַa;;.p4(pMd'̩h0bXDZejM= E jL\d{̶esh+;^kZ$rעnUE48>Ĺew4ef xY#;8`(e-%1÷kQ"g%Y 9F2#&+Z(p«ߒ,& }T<^ !|s̢EָhS%[aNcR`Ny!Z|y}:]= * p0%o l﷕;8[N>$ AT(DFDrx fb[O0ǧ7`ⱈ}kYo6S(ܟSK˜> c} X0ꪟRV,`SbҲy>g84d3R.۽A+mVJΘ'e!7bA)+0;DV <q4,gT& r= Eno8n 8ve9"8F}=!iSc~ᩋ V+ю.wؙO*-O^+MjyO3].$VZ.4~}O%uRnT}y2nWkJ9,fxb˱V6|ŽUxd"]a'ՀDD,UU]aoM[g]' u.*7̦=}WuRV`V됱{VP((€HNRNc X]>a沨i\k KކB4ʉa½ { g/Z hDɖKz{jR_wKq[EF0rHKy8D"V?\&^7g8Z$z0rƌod$6$mxێ=c*vuy8/gDl lHp5nN,ͦ!ֽC1j;`a]7^+jj;` ~ YK.gmFӶc-B{ԿHQ-!Gc `WVD 9u}[أWjA,p0q*4df?8!\j `_X̡E[ηfO4ߨX0 2v~Tڿ+jrwl06dw!tܙfxgߘPSX9#8H?4$5մiNyӘo %ۂ,ɦMta6\NG@zRr?݅xOiTMICcŞBAԱ;Y,_7b&5^&p . @=M~P8vyz,Zԩ~M˂6V_:hD-\oe\ETEu]%%7 nh4eݵ T'hQ*] ߰Ƥ k-.g kY_]'| -ǾUS7@촄lXUdIG%TS8JCW'gBuM-!AzסFdHx<@]L-Wc݄< (r톢??&sZb^|qE WE.9Q{S9Л#3_V;4>\ߦƷdv 5Fsב#NV_7s ,evYw$Lj@lgPqf JDpl`A g{Dsth6`m2c qi5-+P !0~fK}aTF[sDn Pn&;bF1 8ǚl]/i Ёcy:P\EWfj s$X9p1gMVV8 1c4}0^ 9 uSvg&(d7…O7ԓtف$K]woLG1IC` 3^hNΛ ӣ8;j&J1`'8 X5p͹W҂Jof^ŀlkE쳄x5yءO\%tc>uޥzy"m)f15=)!}5jAVo0qcJi%_HȚ}StdlܭrjaEfԂ&0fzlnl3-z$ðq=ddc`Vau4;{ X]J&ܑNI}v'y}b "vL;pXkE>Uu.CUJmM dw طV~|TD#jy-z#`[Y{#):*d/=v&#Ssh$FaG$*~dg߀àkȲ뎧 Ѵ;0wZ%%(qiȺ;0 =l 9'16A7{܇pK'ʀNmcTLHr,P $aw_6&'4 >*Nͮ}Cc> dD [8`/ T⿯@1Uvze \I\i -eCF{c`㒬쒩fV-5-Pv|n.ỳLFHP6g_d:h;`0 Sݬ'YI ,XC=uH߄M (Sҥgx"p9cl׏ħ^8"좎`82OkQ˭j-4OYĔ-MHP MFCEDkB-(ӗ(ng-rcit2|ƯO|jQDŽB}r '\9 Gp0ǶQ h ;L#DULqp6yuSڝ|Kb~R*ƀscn|s+CtYF=řL>+8ӣ<"`A>>Se! oM p׌;rNʔih;'З\XIp9R:ګ}ݓ Ʈ>™Zy t᥈G7CrE{s*-=DG5Ƒa/ R|S^^{X?\ m51%[94S3fD ~c+m֙MTћԪHS*F~>QB5ά $*s%m=kwBrΧ᳒Q;~3O ur;q!oG-_)@Dyoųso}̂cDUꗪ6aNq]8 3d۳/Uje\Nh{q-9 \5feWn@;ˑ oȢU茴|# ~i@d[bwuU,=E <'Ce WݦrL/!P(AJ0݁R3{eMm`щQQEe .G}:x"! |%7OCqY$uOX@lqz܁KS 'ʈ=LY~}``me-Ez"V okHT(!.zm: 97ptFw8;`P^{g$}䙊R-$^C QEX">}?obc!+Qr~IegWy|y39.wcEэ ~po>f/m5U}Tc Z\`tm\NEWXw`TO. iȾE @8|c͡we]!i֝sJWe+eRcf!De'g\Hx+҆N! LsX±8z"#coD3צTߥ#<븱Ǡ&39x2X*qvh(018yODZ=1@v 2F/W9g$ 졵XwMs11rug֯vNXyL{ig1o1G{*0.t5͉/ TF=N+ ڼhë́Pki\""|Rt1:m3apHo)) xrTB,laؕ 0$ql'w"ݡyj'O(耒?}ŜzxR~:Qc٨6A5*fQ<!Zm I%g;Fš0 vY bϼ(',) z|tT=TÄA6/51ɓ\t jv-*rrp Du/M%|Btu?.k:JAT\xbn#a CUg0tqR>:! dgfΓH@>߫uZX_WAI?"$%"e䞕48& 2%O>{2*fԠ;8BUvL]9C\IVdde  ӳ>@Mf) !G˺z'`K@cwA\LD=(k2F'Օ,jF Gܼ4v`z!.ӥBrCڽT s_Bj>$cݙ( ^nYs^ϼa*KwQiV yߦkP-%Zk~ ) "+k5^76xWaڗAN7Zs*CX>:qׂ`cWI א qTiGIO wlXT{jǂG&Hu|v| 㳼ԗS]]_7Ik2[+u7'ao=ZAIyqVyi#M=~exZoFri94Հ|<{uaקP\a_͍L(<161a=k/5L*۸Ab䞔J:k];kMnRgƿgǧ\rS$8KI.]wGh2rix.57|# Bk=rJJL\!#4ש-7yxX5sfwK`j [njD}Xg&}ǴW֍[l}r7s/M\/Kihy- ~TXFA;w$T|и DORێL'"$NpVtMD Bg:/2FU d yܪ!P1=A VxQtcGJ4ko V}S\lhƢu =ķDDK잮-QL(}f<1#o-BVr*8_ɟ! qݦB ^_<1qneA*y]>bRliLӮ!N`t=d>^[3EBTVXAfxVj 96]>o1u_MfA(Qj3[P{7 :OO,yŹњժbR3Wǟ힝wu Y/gZBYGLJR{t' NzMS)'{-ExI*VԝJox$SBz[JNf2f'qd^^-9GyNΊ $"ʂBN((>}NA͜;Jd3+{wcF#{=`g݂Jt@[W$^m-,+{ivz;X:ꪷ|afGpKazNV¸͟jX,ԡqM0ɣ&vV?{TaOasKM@p؛YY]~B3"DbV? ETDcM oR؞7/& 3,Z׆p4sR2rk[ J#Lԏ⼦olL  (~F8Ѩ?DqS40p _D!t w86XHO.hJƳ@,Z; eg JtʘU޵-z>^Q[7_w4ۋ+b%0Ϫڡ÷ yeXbUFaեjIPNŎ6-,aQZ&G"+kjJۅ`7͙kY^dܿۼi# Rx]1!ոS7H5P,鞉ɼvmcc79KBNޜ!(`cфs? k.Z_Ԭ}+YݙUK ўP+L\8M7O đڃKk-[%+~8@ )&ў梎 4g7h8rEhӵ҂<:}d [\f@]eq+㈣9jKJ0(%\S83Qٰ%0EVd}ZMGzr ڒXn]R N£|=Ӈ|!|ǩlț$%/q%T g8~siYO4IԎk{L6^d}jZ<4[:XSpt^-pcO!~TEwtKJ ط!J }{jhӵR;x|Χq^FATzaw9qPx5,ID"{&WxR[e(wgZƽpӀTc0v%x&$,Ӟ\ _upZRkV?R]? wy t5;nJ,cnj!Ÿӑ$߻UtZ{KFI3,{gv,]A^1^zY-f3Dz+qȈgޛ`RuބF07ըbr=cս V"`.oLkEFhǂT;R~BhJPsC '9RRWz%ssFz=Q_LZ.N VG{g@^hYJ#L G̍k12/LLԴa'Se:It }lO{fGfAlam+YA. )Je.Zg;[<&n?CVP0G"HwbZpvRʊ @1db.sIoArFViG~xk)_dd:q-48HJSɪlò̟dg4A Vr Q($N~'G 1*UK:7nCj7Z%/TnH"\=,Pe_h(Cqci;ExEYFSE @fvb-x?)5IOǔ66:]D8)]5uo5fsnN{e;Ic_ ?)϶N" AO5e+';\"N+UYqk-Q_=#/lRIph#Fu4  ^ĪrV) 5KOqռ[ rs8#GZ09 R؏g?Qt#%G`eY|7;Z >y=dTǭ[ **8K:aL2t=S{eR9 ubl,A"Op*Qr%W6B]-EcMVt;f\pG뚔(Kdq L8=[ GSVKd<(O(92`zbE8,4`jC|޸bsPdnש/}F,A+%Fn`$$3 SW:w O uŠ' 꺹$?+% ]7n8عQul\FxsR"6\]0 r 9V4;Ìzк :)J:Yvzt"OLXZ}T΀{Ng58!Ku' hd@<3<'(s<|hsYoŒSA>*u y2Dݭ0,1goPISDŽ.o<ܧyh8EfC C_@`|]JYp̺ugIԳ ,9ѧ7:ek e*ރ3X?ZB1Dj}. ZNFNdddw 9eq [] f[:x-wer0ՋUN m,s kM.E]V%E%ϙ޿8%swj!{Z̬VPX-JnIIOmfUsU1Ya03h \߮v~w= s}f mb*9J䈫gcG t-Lle 2t`$$gKiGHPun ;T,˺oŠ{f8"ӝan-IN[{V_ah3j' vqT%$vE R8@ ;Mqq3TuFl1Nq5+B_6kҥ$+|Zb-PFWۃR/V2 B\l}0h\iQ5(ξ "p|Jz4(8ӳJ$}r:S;5 :2mᡓ%%X )l%(^<ϑ!r~_nz\Ύr lu])͢ `{>bs*{DWL?# |o u:eXuۻbQ@a޺뫓ڲ$B"%Qegr=8'6<ShKc {_SI8.ngMWZ)p~ ?GF&>lf۪i虍-1u_ɨҬAI~nvn֔XQ7QsVT aBҵzHL9uw;vDm Ґq8s6i5΅@L^9rSk!C}:)2}wbbܹ"x t{PiYVe Go~QӨ.d`W4q%]>}Lrd\jh Qz7})B ˓/ۅ $4ԿL&T񶥊Rr[j7"nA EYJ3>]&T# XLf&upG<:j0yvywܣ\l 6uh ^wGnmV}48**}*> T$(}m:"9bziRMSkjM|II_xLK&FgFgfKRabLǏ+T[/=Z .A]sp4\c'p!zfeiԼZcsX|>N~1C7n n*0AJAt}xΈ[::6EfazD>Q#kPGu "Hlk8NYT;I1bP~a.ṓy3D. {o2O-)OV첉R O+0xQYѪiwMZŰ Ej(`/M`H4S4c7ޭ*oTw>  ݸytI'Mwx^?S(s]FlMRc!LH"giBL/u^ڋ MWGT*)[|Z-D5}26ʕX܈^WKk&o6$ڎ"7n*KG][Ց%/3>F/?&.Ag`fƣ1 (S/fƶl-¥_v-*zld`#b+p4`.T[ұJ^QYΔCy֗l8Բ):]z8-r5̫ _*mڑ p[BC%}E!v̻ rVͨ& e3c5FfLږ TI5m!(> Rei UKbׄ2H/2DUSϖd*i[OhV!w] h;r'vӟycBJ:a0![vMH5 U}`В\Z8rLi'xPxl3Pb(}G0o2ƪELI|z,26,6"087IԱI (׃I:ޯt*%6>@b)TJ#ķ@i=gx'2f<3оz0|Lag@:0a'Rc$YEzpgJIZ_ I׽##G/{*lJęЖoHyCEA` 3T"HM}o!e^bOQV _ h3mhRUelZtNrs*_"-ԱuArSmJ&Ro|Mx}nP,y9Q^XH#PB/5I[]xP2vJZ"ڸQmV_]GxĉEt:Ke'^vHбG P;ޤa~Gv&()l|M50UͧԔS:@(Jd Ћc6)?E&24ռY ?@B2@Or+M|XٲYR}Q~ US]SpnP<}~BY`u`mJCSݜc1T,RЫܕ]q:uݫ$zsa$Vk4z /o&9uh?0 '/Qt&EVpųaA!ڕ0g M =(ƽܮQ<掁eZn 67gR]4&3AX{,}թkMl%pyœ/]筹 SV0F }$yuJ5*++m^rE.r+-_Sַ$`3ɮ+p";{-\rP]=` (6n.jnKQSVv: PfA(y)p(ܰ",E< %?TNlRz>v6%7hGYj?2og{؜o*$"h混;#$,㺌Xg-Ifp?@"g mR*ۆȈ{1A~]o$/Ϧh GJ-V9yY 8W~/ҷ} ǹmbI$0O=ݜ% T0+B/Ձu`p =a.[q隄ՙNՕvNl,eY^y8\tgLH+"3=RUa @J[:v/I|\7¥}(#"EW X^{FcνQyާ/@HJÎ~NoL|OV ҩ$+ˬdvf)tc=.,;7S"P ՟w> Qʒ`kOK[.##L&AiD.[DA9䟑r4rZwR{ F - Q$UA  mC0XTj2gH˯䊪 Go6'p&ū,[L3׎Ţqe#,cI#l|jт"CX]fާM֣Jq }G6TBd,ɋDPޘ/e]8vʡ3=~{~>iYJvDxڽϤV@V`΂m|^ͯ !/tȀ|;g. EwsR{l :hvkfsH/h̍am~Xטv@Xt!+'foOD&` y2xk0?(͟@T9VIo/1Mm#5䤰[o@ndma!UT6O:"{gESCX5\^Et W`BZeӵ/fC)t,xɉ' zXW2Cbv^XC%%hOR@*XFpz<.ʿ.c8:Lۏ9!>׳B4 ם av114?V mYMt}KX< GzjfmmO>ld@SK6Д-u'{+LZi5 p,D&,Y;<c{*[G4̨LΈ$ H԰=;Δ9ɐ-Ace'r ?ZOݳx)ѢQLM OhL$0CDoK ydaj* ns2!jڜ@ E$n&T1 |93eEjWQ1 /"|]N1 Ν2YK`lD@.OLܭ2tTdʜG4oB|4{Ⱦ}*ǜX-l޵]Uk.urƓ7?s?g/^=~xY`GL]!<&Skk|(O&|nr5*"^䯚&g bīv>]$efL1-YpT:v$8."05П(S#(Loր? Z̼-9_jmk^)^;qW9_u.Iya1[%\擳p({lu ,3 VxfBnrf m3&nͱ@5$ج1J)EuqT&XO(SBI_;׻әb;uN |)h9y' u3zu*CW_81ur Ξ_b%"E*Ub U%ӤC D-> _|jGdf.uHs sfh(4yiզ5S4քAs&}| G+&.p}'ӹ͙NԴGh\ K\2Z |H\w`=4k32dWZLbTMyxWrĔ \uD|u7RX|0IP攛s@$ Ӿ-Aup 28W/Lt$GLx3܈%UQY^ynjA+ɹ,b,~o+,Z.P8 znQ/HS@.4EM)ԪB([Ug>e됮T uG-J=QP$h('zHD:ɡH3,wUpd㌱H/ tw+Y1> S)%f*7p?ҩ6ZstJWnu{7ڨ&[ XnCW ?'/Zc!ʷxČ-9<̇G0Pn3 : f0m1Ŋ,/8oÊ6CBup(ȏeԿT]?,#*p_ÿf>yiC/F&wUb~klkJ**R,1 9fAt/,' O,g;&߫"v*nerkh99ţk"0S*aN^3 NW)VJ|jSك_EmfuTς)L21\ѹwgDģ=6!m8b3Ұg"VHɞkq a9(/8Ցʀl!Pu>ؐȍPzENҰ.s~# ˁ`!u8/g3p8 X[.VG=G [P煃VI1t|D5jszQQgv8CDOk@x]z11(8qL\Z"!wF<20g+yr8NTCPj֯}K Rkd}rg%ڇZJ0 m&dϒ4<loPҺ-uw94f bVc̡/3:5j]TMĺг΋s/iМ: zgu|Ҿ^w2i^E)j$bw\`s{+C7[^D/o文sٚ`^/SjV(< 9p wnlOƇ)g 8JiYʸN)Hk\t#)#N% j:5U`O洙|7.g-1ͶbT-(@¸pq=i `ʥ~KޫEoG `5Fle'f,t}phsPm?FD6ǍK`e? 1x E-B|-5aȈ[qfS`yMDgmyEX߰'﮵u]' {Lġ;\جAoq/^dAuR:T|TKVrR f\'3/-'DEg{E*Y;?@c7YzҶ?2v!**܇9R] KL%кj Nw1ŤOcfi7:$nAO^%Õ9}$-V6eu~Mj.2?&_mSmi늖\$' +^Gj>Ҭ$Wtqr.4]J M))n kU86wq@O y>??Ù WL\jEM6$\S 9gB_; 31Sb \22 PkYQx-︰c mWkAoVS>fjUIg)]}r0ErXY $`KY`f,yΛ6R&]GT8Qybr<*:t? VdØ5qmpV& ¾l/LHFŪA=: -LTo ֓5p_ɀz'h34jK5nMϢyKDs J%~E[]˺(*26 J66;TJ8e2vCn2w T9}} 6} 5S_.)wy+^Sћ#1G mڞɇF9-n?jEjdZUG^.dEa`7W 龎.AM J.*+wasu) \On^Hj ?!(Z4ca>PFq&0^(mqA!iB;՟xMw6( 2ƅ*n ۧ]ca^eTqG$EܗěV.M`s];]P)em@khANjh!bsuЇ:/)2K6>?՜tittE0'% eW$5p!w~ڗkKZiwkYo6!ƻFSfd)~_<䜾j-:}Sk'"z9O):Dw`ѫy/ӖPTn$ZqHۜz]0݇֘O#6AcVmĂ-KRfd;%q MM\7 D80k8&|8GgfuBgzLqE~sv]gSu"V呣g[KM֚H4xC?i&<߫d07٣Pa>ނ6@ӣ?'|U.Z~+Xo>?$T:3u&ꉡhXC| 6 !YǪs^>S7NT{gq0 Wa[I˓bVVv<1;%?3,8#Nkx Ѩ0xͦ/)ˣB-?s~ Zq=v*I,rjpOdkLZ*oD:QJy2_5~gKTsn=Y?x']Vg\3M=m *SN9>5$+Isϼ!i55O HO#}xiaӀ.[4jڔq` {S1St 9㶟84A4\o$Ҁ!;0*{}nǗkMͭPfk?6:sT|'S ]:}|J &`9Sz5!Tss{z}{ELcg !NV&zO;Yi:F1QP6 B0HV8Oyj+m{IX8 n0Ax=͓[Td[Jws'ƀ޹etlU|քg.1-6x*"¦h "%?sk4rBVt ?rlJ2*GI݃ )抵%?|=u@%]QX{r?.滕 kѱ>謨P̕=0+o-U'FjB첗00Rdu\k R!8d83jT jO.#qq ##S}HZ'\$rWή@z5"y(Vc{@5ÜʳN4 W y lu%oDY_BP }{&@{Sp6C\ezW;=w1hD EjB6=L#mMJ,ErWV=mX=2^]r{g3Jg_yͪdNLCq2u܍DݯMZM:8 8hmx:$ڧN!I4 -q{-JJ_A,e=ٖWs5 cm9uy~]DҀw؞jGe0grCx^K۲7i~F^h_ġAVIIE\AS li;SZl%2kr4"癪%ljfdsM6sffC t1# 7s2S3cihBOY2.˟؀*Y\-mb)Z¢O(:czy-,OA-gA/[rY8YR1ECL,n} _}.J2Fe/9㾾ҍa/ Ҹ`:pjʧFa+Wf6#mn'{ҢxB\4m-qPا`¦ƣ Dk2Faӽؓ 3-+E p\UA3xJ<4wP5uЇe,1XUSD׼27"dݙaw$/U8ˉL870Lwp)B DAs GO`;#}4AI!Ķ83'btx}+4K;HfMa N")uV3܀X,EX³(p@x`W y&O8:ƸW[ :^f`NoywsO/-jq1e?GQTs ڸ=in  Kv]If: E~tQBN2IGn NeA+SۺU!": Ͻ7vH_[]{Qh" ߽ 7ץ.A.lV@xHS=ʐхQ! iJaSg8Vh4_NB7~H,?ge3`B.?OW]r;jVU b?'Wh|I3.Z*" \eJFQW֒ڔHdBo _<Se>(YhYoi7q=ݟOf7)D:#^]oHϚ]ش6( k >#T l @Dhq\U%%`t;t; 3zO%ݱ9arlp+gŏ8VqTE { LO~D'A@_nL[H8qMG>'"#va;]|b|4OdͰ24?eQ<mF2ϟh٦]]w^C\a `^x<7hHKqLA\hF@;;&zhQ\}$ P>M~Q5xtsVc~4D;p㘌B]Iw-A W9EYQ66AP[7 ,;(W 7ή-5/f<@g(cs~ D,Np-kpc1]qRcX ~nY/0)ܾ%qFJJp֑|᡼'cb֯;@ugo.W@O/Ն36GuI|wq[`zxuw8T8/o੏wj0:?<2k{#,$agh[YL4(B'˾OEx6$R6'9pLRMgMxt>xT&xIoQeA2̓68A 9sByn^ov0xNϐ?1' ʬ #;z>fN5 4ӻ$ }RI|zVJ>"⬜^|aRW٪2lzI6_ lA<-b_d_n(}ٍKT!Ehdx \ V\Ef|'(= K-ɚuREvraV P|w ,xЊ],Bl05UƣMG`"c`,iJBQNޙ̷,'Lk8T~v!I!㛵ט"3N-cM{YQ_UoGVN\o"RZBr-ͥ pZSH$>aC<.(Ęj.=8IqRvmeu)eYɳxFCaF61B7N-4IW,iAv5D-My4A*/ Q >(oEp@A61[W =H2㧾֨#;f  Rcs`b_j?̇+|Gb_Rg mjGDuB[ѽpc]@{䆧DJ2:)BR 6 ⬐Voy:lWl^s;^S@:,Lτ+VHHdLGˉ9E.m4J,|)ŗdijvZ.=L;xuK مqPυB3/ V| /،lAIPFڂn]@g\1;B< +E`V\H;{TLI{MʿT 1kZDjqje\iyUꪕo\s1 Fq4 vNf,$PEcJlmdj%d-]'@"댊a bpo"qA^; MX"viB +e=S,/WS׊:BL/Nؐk|OVLf@-p@6י34Sfgm Ǽe`GRyi 9+Є'$pFdU`zpSaf.~jKBRJˤ G} ckJX&0L194$k{.No/AܓjHc/y@D,<Qz? IEJ{qY4FCCcpAdzD46%^ 'j@%Ȉy5~,A?R^%QEi=K'bK.6_AR`OF_Id4ڧK\?,{,k:,rVDCG ZSM oʖeٲ97/%6T"dt| <'K,yHu5? JlB0+qVAJTYwt;!$-KuO[ Ej-w8uL|Lu#.ljiՀk,2llY#ڮ 遜O)j5̝D};;Xd囱ݛmD@Ŀ=JD xH :r,Kއ#oڹ42Dq}Ȩ5(i eVcy]cvt;!|Ml9SQxA=zI: (#dt]oBnA7 z&!Kތ!8]Aw ^q6/^6+𢷄ݽq;BIzUXB#Ŋ>}CH ĕ ѣ=-`amTHwj 1rc& 2 >A/A²6-mEt[7?/9H , y Pow@,t[e(?[~e/AGxCQjAM[!l8~%7aub r! ӳil)$=Ѐҏ1"+45IflOا6gW U95gȾr =Y 6+)4`*̥@]'<&P?nLZ.ŸSད iYq ʵ_\M.v`zOfQ]$ws=TPJ|iH6 Hn,p^G 7/63ݑPzsUe%D}B8px?!6~ sL~2R8GҬ$E0lС9mM0(njpE[l !m))̳  HQ'S6D6۶ps#jp-$K%lAﲑK۔k:1!6VT@}ŜoJL+m!N&I ;hj!|iv\_r. KYaRuAOѦPqV!bi&ch dޮ仠n unae\Z/>Z~(|:`^').0pKBK}*ѺeH#:gٰSІB#>$CsTh*~F6^L˪ProPZWתQv9rZe ,ڶwb@3v `!geLqi?sL?x19UE\5<~UӓVS};P 6*ؗClNۘ ԩGvOJ!`n +-#\0~zU,,Ѧ`+,9]rf#[He>QίnV9ΨF)75#龿܁ 5^YrEs%iEjƊ4r~^>1: ߭GY|f6ĺW![5Ѯfn b?=^[",ь&i+`  S)AS{/Og#3##h`_.́ēJ$&o514(. ֝ XmsW,K+Sp}U;)v3Eߎ~2|% ;.cv,KU_:t!Z>`O$z}Kzx.d76kokGAϑ; $ )U(BSGZKOkhˈ_ƃ(p is%&-9^l CxZh~=qU]sEb')8Ų"2S5uv5Р &S#,ܼ>~2DMad+VBY w?3~K I%5JA' ś [#ϝ&.oQ'?{!. hԶ|_QN5ȳUVXXc%4c^k`(6ܡZy|[X!0@\KV)fYDe/ PPUQ xxudYI jɣjP,'tpptmDM 3L˅翐b4i~l"C0p!م>3|u4eklPSԆˤV*S-BYJ&68>)5]8]iEx9sEp'PXO7O8; [QU2ƾ*SjK-z04 wHz&(h#j ,5^l\ڏo,"xqIGiJlE\c*M$ΗG_4a-gɠZ 6*rt3&U7Ae!Vip_͗ a<4b߬BZȐUp<,9D?qˏc>j 3"ɌX!w t]\yUC(kWهHv.[ckV\=v`éZtf-RISGT7%Wwq?e#@\ôs6T*73=hb5O]YiwDm׀q[ÖVs97YNtc?:RԚUU_FRcg9= @ܠ@̬NozmR#ED%mӤ;P v<{=7}r~nCKR@7Ґ-fbl",ysGj*,Ugt_MûLtG75AJ%#TU|`A$j8"mqx 9viNsoTVKo]9vpv<`qcی{J/@TZ\٤y1CH`Vэfzo~Υ2A>ӳǚߤw:}9zbk{yvǑ ;巗-zGr%x!=,t`pB@t2&Eى/TA$9bF JK4y3aK@]*i̩w $nAao& O4?拪 g~<~-wa`_$FKG~kϒqb:.`ǸudL8' 8t_p&l'^]nph Ǵ+ҴGBNRmqHk#bõkN'"32ٟÍ>ؖ ^*8ֆ $ݽ 40U+ 1[E+"s[lTzucI|͘_FT'jorNk zOLhbU/$Ulβ[p|R?w(%Vy^=a4t@qr40ܫ[͍w-']aUd~dynT_ 4H ~W3V8qq|aDŽy_Y1X&T]8⮴RYnW`mD1l9,"įkȘd Ѿ=#Vjh]|m?o PcO*ru$T^NЦ aRik+= s37qRya7oڇ,4-Sݸkk /G3!i5.|G'#V?ȍli‹s槑L*wD;;߇Js7%X a@1Rbb՛ΘC,cֱ|fU٘0 PMfl|oz%J_.٘8qʿ;겯 qȁ&Nn~Q)f ~#g۞l u jE4<՝Z>2/3UKBЭrsa㶪(0c:[Ir%$QM/CU\|bUvh&FGo/]\ '~->޻ ΘnlgJ٠"u)}w0>*^f[q3/M/YܑGz#?3K2vKMMSkGS OfWǽ& .ӥ[գe b$}0^nÔS#Jqڽ"!c]_1%Ȁhsv#- ysڎoV22pr_kEQw_3ꤣc2 J'T/R [ c#LWe=x(z!Q=эv/cgka'5? hBsK:wmT=6m{L&Y3nmg{ Rnla) bm0 0 Im74.Ree@_Nևv>bC_2M;T!h|B6BX^ÖGmQu61QXRu!~p5%5?ٚ(D=b1pr64^0ҤQC̘zXG)/CSz(|s&sC0u[K )uNQrIwt/;saT]4Xj,4@rB-#>,"F .\B/ ~hu99F)ecvnCƣ4&ǚZc9cB<ˠG ݰu[NkK:#Ng5x@I`sWDŽiЮlHp"7^q}ܺ1蓤[}fe6 -Π!PU]ϺDBЕ $K=$rvZc%%NTlzp*>x[ Ztdy*OxAӕ΢]siC?9T (?ތ꼿+U@i  a u@Nv6Z8/|.(tTE\3iͫ)3J1IWMTf-al`̾=ڋn:hNWe2/Znq͆ PExOբ]#z:%T&֤g}u#|Gn {CK Yl㌩:t^E?M`VsS`(w7h%A^w 7t>6>ҹӃUռBC5>g=v+%cl@q>eWv:쫌BMmc08@8 3x9rl #}Vzi˞Pَdo8ъbqfЂK7Kn+8(n!pߛhAOۏ(cXsP\a%>is 0KY0B*p f O0;hE4Re/+Bza"œw3Qry4Aj%TRjTe]5'þ(o㊭Idz*ESjP](WU,]TX/޲薪f粤YlDyC߰Bw=L5 I 5S fv~7`&(c$xK,숇D6?iHo}"APg.SAG9BG@YWRrC1ʜ:)iŽECqK(?k-{|Tb)Fg *I?r.Ou/nCe1_"3O{ɛg3Ű0}S(۱qߚ D&3_^jn{g4Zѯkl;h9H+LMo5zM,iW@!q1fUr}?eh« Z+4yt2iF8ä) W~3mIq A7KJc"3/P^W`6<;g=3^5v̮pLμ ?b{/exJƫ Ū vZ7CNVHf21aV]?!91:Dm ZrEmtVDGӂl\Хi`}đoYMGZX:vp908ofXwٳs*W*wt L V&=ksD|ysȘ Б%5(a3&[r٫v|V [t!(m?Bj!GB&UVٔ5@x.J󟺃DڄW r-[J40ԫ[u{ÏN8DNf;wҤϺ|}u>g AE(t3X!֤хXk R&s%KaC1{N׈I9_nwό$$ET1S3yPϒsB8 |BIf>[ |$d'cAcZ2T2gO&ɸ&"~wzsh]%i~jn@0Rwr(;xOz4HkLK +Sf`e9@qt%fۗ;~)y\EEյ",ZbWd19 & =\phgc=chﭼ|:DI {yo7Ix{瓼df;xK;gP| YP%|n01 Z`6>?Oo"(%!Na`rp} -1?2Eh)}>q7bo^Is?ʛoh?VǹJYbbl 2lXgo)=* ԀueYMnV6x’|OKx,ډ0h%Ù\&kk'' OIJYP^SFZ|w?|-8^,'3|1ɬW>/◧hwRHIθcI۱otᛷeᏨ3p:j|RlE4$ɫ<qQy@S9GK5}QuuFIIca #M4 f04'%}FЙlbsNEżߤx3S yA[`TƴU$k>JZꈢt@1QrQEU7\796*.!}Q-'5ldO,"{,+řh |ԓE(}?#8j'q,eXҐ?jx@]ỽ C&m'u1gKK~rO'>Q!?U=hD>c[@hgQ~O(ZK|$14S+}Ul7sU;".ɾzɪtimT.M 1_ACuMn7"wd懰)xG6o{Kw 7l'oA#UTVKoHd9̒TӋ,8k-W _w+K(No\3陼0AK}Mb>rAZkSjBL}AҊ1>7D?95R[P^sO6k<O6Zo?#Va[9w=_ Q%L/׈{1GX,F㞅 'V'@ϓ w;H<Ɛ(iK8 lj&9PU<=bJ쿞Pɒ⼒^\wv#r $nuiό0RIEshh!R*S-`pnjAV0ٻv{'E?hjq{OhJtBRϵqX%0, 1aw$yO,ϗ5]k~ID9P{츅]."4f@k!gǑ0vΣ^ASe,z*p:jWD-Xb"D6 uZ Vɞt:z5a{~q?s¬ Rl/q͉F ^z]멉M539a$Fo:8㫥5 cQABFe2-|2ĚͿKa/[m͐9=RUp,)ip/VgJ?o gWDuL;;Qw45v7ȷhUн`TAo$R깧䫌Z5({/?8r O~8›7bMߟ*]雔vLWnV;aq?4ҬiỴZInII6$XCMBo!Ei'ͭmu˳ mZe“J`8X:}Dة?G@ !Sy6s3ɟsbs(,I';Y+TQuYؖLզZ4oNzP$v# -mk#/-g@(uqDq5p|umvFrE}MK]̨.1zw|[n\Eyz B"jŶ|c^K=ѷ<^?ٽ+=5 &8Nuޚ(b=t0Dv80蓃C>Џd[~ıs1ruJFmJk*6H g/κoKĕq-bQ*nޖ~ة`d& iCVHFF*"Y*֞-t:04K4u:7V<&בH Gv?c]rv(|)ӂQMh. FvHݟ&ZXo| \X{P>?iD6bҩ?3,1ITQjBmoE8rFK0ȩJhRv߷(TUrWc ەIT[P8915VQIc=ĝ <١OЁf!g6 ğ( 3.3NEQf\RGlW!rgאu50P{A:` )MYG@? ;1'-~|֑tf!.2h:S|8d+X;ܴf $֏Bq2 쁭÷_#}t^ e*ȂJjS jai6 o@Mo +Oh*'KYTO2q\lKJ}0WvIʦLƾ;n_KI{7$)tzs OHmƧ7w,2OG%_(8`b_pxٹqS|j8ZbZ|lU6A&yLح` z*w@[GHz*QTf`QD_lC%sWxʓl iݏƶ?#?w;D=~!qX3{*pYmA"!854P WbYDR-IGGeuҨ':NZ|EC%KsdZ*+{6h'HMtWjGC-\s杚!ʩm2z2-5I^åcYn.L%FFhP7o!#Xao?V7T(rwѺ2Gpx 9(~gE,O% KVD;4z(&ihW#BZ89G{?6uX%y^k8! M}kFdv/UH_s}qSN(1qàdjxJjonVSi;-[^ Ru>J6L97w՚  bZ&pr~h$1`YΚ^mC~uGIB\*F<$ |vWJpGX] 1sboWztkRv?Mr %#n\5lMȌ ۆuL8'8%,fԀP幅+*Lnx@p9wᢌ ?tR{ζ惾VqQK4*#?? Oħ˞cL *cb{j[ћ OwesI[öM~p]5%Q{+6Ot[!DERgm`NFY,H ԆxTA[2URA=[ެlOA. 헒{/ɟY0ilq;Tče;\l5P|c)H2Tc\>SVJÁW/܉ғʾ3 Z~ʰEt9}# $T4C)BgpZ".$^$]†"{;5aMR:(wsC\77K|9) &`o=6\*L ~@h:؇l5$:1{H| ]E?f֊R*wL] i*o_g;3B(էSB"̗!w\ |/ݺI&Ә"9n [ J"xԟ;e0׉`p*T~EU9sբj4֖Bj6:PCU ԛdbW!R3lS_?L-lx'2ݎ?CJ< nݴ(*Iy_F( EhVlhv[\/L ??أwoa2OvTx?] 4{M)NVg5J03$5-̰ bymƥ JI? VA7}Zw C5V4#Ƭ#T DZuHGLHw `@ {[v'j#ZJp(W.z|u?11dM|q6'د;1ik@Y":?L]М#`0!'RiGh_c_XI%c]ʓ1ERjQ6 zoTƑaƁE6%3=5~+ELKP=LWNl,_QnnO8ai%t68ݹ-J?j92z+aP ڧM͡`D#f]8 3~-W[[Fp]Dh/_]MUbhTı7j<YʾNvwq'<+o$)3FޔOo  <<Ö_Ո!0?Ie~$Ps]1[ J .\$;v*k^"vf]9X0'WU ua<蓑 ֚1f:mqݰ:QvXR!9i_ݥ]Y[NZ8!Q2A!wzs84v>a@'X ܚj<$|㹰,r&ȠMj+<1xD{'6DB󗪣m:b֘p(>-M{FK.Ds>qPhb+7]._T=EiQ^ r/!UO{, L]Z?n&; ΅tO@[ q ,(8;O+tI\$@;-&E~ G zLu$^3Jwr7:aoKo*/;wY*dZ{WGC>oB3QfBĉW/%Xm+HI|׾rbiŨ%BwA(h+۶L.$ֆu5ڏ\%Yӏʺa|rkm$ufr7S.R^=⫤u4,wҳ݉W\] G)*K(pY&4͘q(o "GpcUP bTި]bhb2eR|*ENP\ɹ&@1 Χp!L)BծNHh!jQ[?*n5>9 gZxOlBݛ<8Hf_G`2,MDLedO[gA7׸VY jՙ82p(^r}pc1_ -S>}!(m)ұղ@Wj$pGk"*[m%JCBCȱZ v=F*}OɔYbKvm+'HvGNퟭlwn^p|KT6yjQF`}4^/eSbѝx|.%=__Vv@+`z@iR#Ncy|?x!԰)c|9n%Wf_@9j\tOOX&m B )fk (08sPH3ֲ~1gE6&Rs_֋_y,2m]1*ki =MED? ͅL£#!O_{@Ө}#4:7-HXD ffQvN9^&%*e2F: ڀyJ̦6D\Ė/jdE<+;"9񅛩&s "߼)l`/ B#P2a~%-2E Z 0ɨ곹."𩺪nuWg,= IʍuY I51A{c:.l ?{j{E\%V ߡjG#+ナoz^#T0 SMlsPdWl$W7 Yc5=W}2ՄL>e͒[DVTBޚ?<slo.!m &h$ Y&_:t V5H س0lۚg(2lk|OIz+!_JpzVN}Tl{1bMotH2Q'P oE Xl[+`qA9x%IL1 (uu[ Jﰘ@.3LT՝CScX֏5BtjRhX &/'H[gb @3?|dz}uvJmz:T?3BBj9z!33T0 /Hx"h@ux#kacX5O5b"$OQ Miu1Th' QM4[Z'Wzp4-`ת׽;TtT_؟ZN脟o"Z~jn-9_{~ F#\6 [wYcN!/8T ̅_'0'/VKj24֋bLݚ^cЈL̤z pP[rНFu!보ZLx mtM6կUp~L`$C(|]fQ 22|e|Pc)3QF Dm~>"Y;$xRGЕS/i^{~Ror iv'b\Xs î+ DŅ!4°ϡY&Y^9S?Li|IgW4f JZ&6ph6kf5'qj݂MPɯ.p[RɻŠfvmc&Xsh5)XcGɡD~47À+ׇv+#z3fNa'$kHQIB2PE9bqc:3Zx?✉Q6[d"̄D'4e<^UYL>Qgz2JQhX0iDvAWF;H/% .|i :*˿iL6/^Q).[#dS[NBԘua38΀N ]ȺEغv~4KFrt~AK@7 ]L/9C?GH =9+CopG]P : Ԙ *@<&6ui#` hTʑ"@>́}<'f_jE5. vNF<Ā !L}XkUC4[[&$w쏭$S\簪~nʲ8@K^*4ddvcÝpGs7KޠW> `x]{MgEOmC8 ZGI-c~qh!q1j{xOށ['СW+p r$;_<%Q6\KC qw <ّ' % rE0XnQxІL/WGS~O(] 苆K@qq<#BoqՇK9 ԧ9\q~ݿ@`< OP̓ 4-#+ YzS glK5{[IOa*Dvxµfq[-ߞ6=n--,߹QhBh01>An%TOl'~d ssV<W}%q%B)$P=.+5ɺV+&V9Dw n.STzj'IK] z^YiRzmqQ⼒R6%P0'fb7l*槰f x]k ֟]~5o'dJz+!41ԾE7B X9mLWH Gt`.7s+ f'x1J˥ӌrQ8ivGL1eHsװW2u~u\,y]*7/[P=dIRL:2CTӯ.*؏)g}Kڜ5#a!&~3M·R hI10쬫z}t^:`^ ?bM;8sՌDׅ9?NqDtM{@YG0pU1#UHBqw IOvLqk'৭\DJ@vGxcYI+BTk=\QU朣D7k|8BR2J`O/WKs9{zmTN+# "dAiFyjMSݺ_)|9ϲ)`ZEPټG9v&J>B(Z u?mT#C{Layoj~=`"5˦H;c,3]nZǫ˄< 6aONf͏gSWэMg0=./V5ƹ`rؽWU7D0Wu?퀰+ `Vn2)W|h;1o @imB4*T(@Gvc A1]u4uUtgS8,͊J'S3 50Ro?sJL#̭LT[w{2_s;Y D jPœzzUtGFKa瀱 em1侥}rݨlVjxOŧiN[8Jqp=fqmPN7;k^wTCч`%zNWFL+E!};dFZ<ǖ^Q;n8vJygɬ 4ST$0F/歸c<2uz7U@v#f5[ %JW,ǝIQrfh[R%^I#,\y#\= >(BQTwA1>z\+u$h4b[N'RPOAX$n'CާE'"_t[ّwZIQ23pطA<8w:AapՃZg| )g YH^K* zo;thCm$m"[e~SYjU]TyrFX>il/950WZsa$:$-."vdI㵰1_)X8jpe} :~Jx1:^~HZ6 lk!WIfG~f0gH*t: 3" 5 ?$Od#nG5?v֢L5&e#P;Jn}dHMI鉟dU. ֦>􃛼=ZVUEnDGa3B {ߪo/~a6Z|-4 2/$sDE4(A䯏88z؟W-Hm/Z C{" |}@iLH\ᲲҕGde1PUuc.SDM.$ɉ}T(J~&`B V$Ɉ6Bw۟0.&n*52 Y扭cs,GF/7bZ:@wa\DFm)%t(6zl ұ{_o幩OCP1RL"5nf48^"xR:}$wsH-DR,HCwE Npa0Zy-qM ̏Ǻ-ؚT1a:ZVH9DCfX=Y [}9@8lcey)/(%{# äկp0hЃ^phφZjɫ[Mʚձ$pO 1!~hd+ޫtV:J[.&GaSai)\]f9Yʪ>= ߺp?Ѩ0w-Mrd>5<~q-緈@ i ^ѻW/>}JL2S!RP.BJk=׺o-l4ia$Bл);]vG1wUrtuFC"nׯpfR45Ժ\[})AbHua>]}xe ݰW$=x雽\LH叛fn61-8!Z!XeN^AU -;/[a[AJSdb@>rz8.jCB__mY1uo4q(FV"$ix+[u-_[>aƭ1 MK{wRf'B5$ tQp?Ip{K;P]C6Ԣ==ϊذ!xbTJh%XPQX,ԇ'KbnS͆ەɀZogl6j}8A m1Q9 8%^1Ͼ=9T~ib68,n~X^tܶw2flDE9;C.!Pc|+!ÄEjwNPuE`5Db“_UO`aTK QU(<( +&ZiZcHUnn`Yə{>43!管? {Z)uiŗ=.kTuUB ]]&%,X96=QgÈV[UU#VUߩ[goS#/LbGPTQtGTݺ4rh60.wƠD%Q F:[:P:A]:Ik/33'NofMe+TÆ/$FB9$7nٴϚ.J(AY"N=jԧJˢ[wSڄAv5{ٌ@+q]%(BIN]Ӽ"`MkD`xX= Ȁ61DϒȸFtdסye[C1E>:H.h!Gƃy<+l $H&>C.N" ,6ЮJA:;;YS܁Ns.eҗzY ղm/l" šBܲ jǭ ȋ;}1AQQc{ŸQcoqnzob ϕ|Al%{70Z[BD u7(eE˷-Td5n; aK$~qWSD]_Јm.Vp *ide˒φgg7,-asͷσ;#GiI_!PJ q_w$ _œW2bNIS92Xz Y>o7#eq̥p8ڜsO(h*Q>A~LӇikXT^g}/j*V"X^6eҞFMqs7DHnvu=_q(\ƃW+azüs7≠SegZc&9 /Y'>y펄[P?ΩdFsH"a1"t1D" Ita\ߐ C}sOWTc< ^HCxT6Dvxu1-] lxN/GX??]Z"\/ХXT鋉W7e'_ ɀ9ࣈX-֗z'[kiQ,ԝwv!)6K~çPC'4+2\@ NEn!FN!r9` }𙌁g] {05^zB6 [gqBD=2ꠎ.Ɵ?g&;v/]+"KG_B0#wa0r:^ BJDdQfl:MQn[)L`ufјGB7`ũd! |T8Pbd fiifs 53^)[8fx-@iizmbceE]O*Xx}$DHHJ A5R8mLJz8$c(5X)xF5_z[k3oEpa$A}ܧdZq8ћ~A?Li,Yb*| ŧ*+:Y$7g~4+DxDU'hXRUU|ь#7<hk)vy2Hen/JSͨX6lF.{J;tj'YٟmAGݣe'q:,Qlǎ+c"l2!A"4aRu+M༔R}gMx -8qV{Z 虤86݉vXE3'D=9 K& ȺT1)!(-JОJXq-vPV!8p*PMd( `Hv;T'X@vns0j<) yh1_t=**X I/RE @ HMs߂:-MCW8FXף;$7Hi嶔߲~]m ¹0 l.U/|k#fU`W8>?k9dB;tEԹAf2܊U-}*NNt[@H]XA$ґXg)_c\8Ri$3voV-tE o 9_e?9vZj33,%r+LBSw7/NmPY.iqn֐Ey`6OoHT#l xI߀W%>vL|Ȟȍ\L͗}v+[H=x1WAvknw) WҠU,l52lHlЯonؖĸw^ s/m;Iqe#Is; 0CR7kSȅOYB&3L^8 cwlYlNR)K%t$5QQ39ZzSGdžFY$"5u|tu>F 9bYL K'j\$&֖gIXW!nL1e| 3j0JwEfTrn!:1r,`TBj[ASw,mXjH~0_:@jkVs޶鵍Fb)ale &V.f# 5n00yG*[iT$1BRZ|8&dG `}f|~E)݃Q !oleFJO"!: З,z0?Y3 j`uswjO^5[UuKMjCRiD:r泜wBղ(01}_ j`%[n2|GYϱK-B0qv*QijuJb~#:"Yګ^NJC͗zx1δnx%>QeT}u@u`MBkӺI:5D;uWOaEAFBkp(˗M^u.eFmd!vǷ3;bAX!1BTO{&)ЕBu `Hn_9 ^Gc mz j*'}%/{gw(eAνrgkrXV )iYg0M7r r{g# ػ`F|٤4!O3q'[WIo>xu?)H^+XC?z!e"t!5݆&(11G mY"Y$s\w1" ]߿6Q%AS* m}ܷ!D\s^rPaMZQq]BlpfU'4bCy,varMvʇ}7bc,=, {٘Kzdq0pIaW$3m]@潖Gͧu~]j֜!ũ~$s*WpB@DmB%ɰO(׋^(a5is)>Y¸uyB~Q@P?KoǷ'<(4: %Tf@Wo% EK>/ Ym` בfɗxmBG >{|J2!\N؂F@l;=Q"#4Z 3y@ 5'5yYPڼkc8hXfWRq7~')(I.r/G1L]4ۺ,⥬"Ax %ǣr6Hl֬=UvL#EDe/qWқ %z0lx}!,*͓ahyOxlL/aq3N©F%033"+qcẝ >/!;O|F9[L돢8|%fnr*sT)_o> 2lr> ?&/ ڴ#OI_Y}c$*DjO)E '3\ .~wSUɣ~?玴OV1 Sp0]L!ؐ#aŗXVMZcbz b@ }t;U]n:Dw%/z>œ(A(b)=i("MJZ (NH= #GrT*LMTVezZ;0#%Q|y/&CAp>KvoH7*5Ωn, =˗d_@戬[|!nηlpueG_cx$cb-vECuXSGe,, D߬%Py;(SNYvw(R +F)ڶ~:J in5ߧ&p "|+@m%6݊OʆJ3C(Ey擈E^E?)ؤ+TCѰW,MnPGDR}# {#{S"7/ձHU*8 g~=$V.܃=QoO`+5LYʅ_0&䥘&Y<aXV#\^:]h:>?KחZDawgxiǛ:?x.)&t+>$a`Ir\ *l@ VҾ{-bqտJC0TrUG-B`u0IGRaF{7$.D ‡ICK*mad\/}kOS"FN> v뷫\f|եaVI2Bn\ܪ 33f߻E>sJj6- O^GQR}xjœ-)GC1]-P ᪃3'{ш Pw _7Bc_]Nѿy*;UG>*:#'.K.r>9)KSҸ bܖԄΕ|Rm;{Z nl /#xxBnvC~X<̓%AoU0fata5=&[[bL1IL>bҷ7l+bzZ85D0٘04"ƌ0JvY>Bu{Ule:~y{ X%Y$*eKts#l&@~PeTӪb$)P&Mlrrq]DH-ytyZfi$S~\k  ?j~Se]84Q[8-tߨ0ƅeHv&҈Exz|?V^Ɲ4ɂW(yv^ Q*%g3K Sg9&A+"aE3|׫>ḑw~3Ƞt1tCy|B@] oW@ÝumQ,T.p*a7ʂo} (Ug^BПHU9ijeviU֍zdY?sAwjyU.̊p!|Dx 1+E6]D'RB&7M9ŦUKsz^0A5X1F!8Q `=ږky5L~=L9[Ú=E9k-k&ztEo-Ml lVjxҍKdo/B4ح4&U̎f(›*}~3;㲶]y $I9+}Aa ¡mW(oP&lgvDp-ךc8 ۗ$N-OihO\m|`+z/tM9Qc+j| r\.1UmR-Ba@-.ifREˤqHYPw={DS |ěO#QsI|i0ܫqA{ ]Ι6lA7l?@z¨w 09F&!\iRmLԌN=8[SbЇnz1Td},`1TTJyTr;y-iȞץ+xG#;˕A_R>@DXOu@M9jFaY !AY "J#Vcؠ!>/l.*c1^_ueu-O08UBD~}#Ey@kq5vc\ƴ} %}wEۃg+Yxg$5bўRD@mqy0J t|8).Bʋ?>>*B?WNH\W BHџ$]jdtI&ѹ(Bq|H9?D=;f+phzĂE8/cUo>|f>k: 20dw  A9Xv=GaOM!q3%QXX1!5m4OJGչ) ymԡF|4 7tcM5aF("ZLqmI3SYGAS047y-9~pl'4QhC2:9Tq0>,f _#K`~B?W R hk2 '.V=_Jw\z)Yt'o̍HaLM]{b mQB))QlXJ5 m.tY4%ͥ_z!biRNFvm,M"Qwݟ;zW6M M)t\Jj?|odѫ\?JޣH*л_h(-(?(&9W) `!xIE?8VaDV},w8#VڋQT -Gh5CZQvsڒqBm̩/SEzInBI}*O 񒪹V++ZGUm-5RիvK{PE&2˟@gERZ"pí.[d~PH1@ƒ?査0V~8GM{d~;᥆H!J/,an [Lޓ(𿬫1r#q}_#9a!Rekj39T-`1)mZYy-`7!sl Z5[aJSkx9ߕgmgC xU0Sel@Y-n5F~2,jpp͕:fO2el.1\Ⱥ AMla~e?`tPT=L8!F|J \pipwOќLix.[[i7/̟Ȕ⋞ͮ!n׮ +gtBd>nE{FkRt՜Ƒ4^AIWL0nmt_O<ڬI; -ֻ^I&%/ɦ޹"j9,%g.ܥa7q 9%Kwô2+4+Ete,@#ي,T vP[h[}:inlg;{eڪLԛ!y}#3~ i$ƀ]IBT4 32vE_d_n(1GGv_B[.Ȭ/Xa'V.B f@bRO n-ZOMk3EK=.uPqo٧;#6sjs-Ǹ}X_M ]F'L0]+T>^I*nQt(^X#X\^A9'{0 #s1Rt <=` yʔAho;1u68Z <:ߛ:{Abы״`鐟'g8פPE!Q"#`3y1 v&,[[zZA1IMO/V^[q[X{19iu,Po' #ZֈS0 rƽ%cIڲat~q1 YE7]!| 2gV|ϤV貸&2 <+ܲ@Ǜ:59wWz[i;mUBtMjHtLZ!h^V˃&Z|o{ +,m=GrhAΞ&J[~$"]Z>}7#Q{yQc|;aW2[N sπf@A.ZΓy F*4fðTQjӄ9I^*˶QݖC5b—XϾ!SwVkC10DfUrA/apeC~ب# )1ن7Et hw?*9E 31uZMsS{ڐߙIX"|}z%sTT^l)G#;. Qw+":0q+zFp-z>,߮ Tp*6:hN,,VRѽ90=ùck_?21/uR`h5o/{dl\m#[i) ޮhH бzKk̩|]uvrl0ŋsf~'7wcS`Ѹ)1XENNh(P,._; Z"V3X5ׂdz`7^0v/ >z>W; $ SqOsxʐok ޼Lݎ8G5#` ^uJq r;!őX3K6d?w 3Uĉrk>B`R@-%H C}DvK 1>辯A2Qn~=hiZaɠrNp:~vpA]nH0:`= ۚXMg;4CdG&]Hԯ3_ȨYU&lw$(GCBX[4Bt6ռ~<*}>Q[yݶ &b?n*o^)$H;`oF1ZoN37U C<|G $OҤ&&VDeba?k-tnu.U PB~"e='f􆄞hŵ3J]˔g:ɓQ\z+U2g%|=p4/"nv8lFI!~8/Ѱ'{RbZb ?AlkHv ݆\XU6"NI%\P>Rk$ټ w:x0mEw8[\FDR\|ԡ}X~ݞ,. y$ ~/cF_4s[g`ҜaT Vfdwj`<`[sǰ S{a7`He15[Äڽ+kd*S0i_v!Qc?*%qU \fׇoNDc CЊv$vZS /xsC 6d?I?7{al1 7.3$V h.ʾm[BiW0u]$jj7:ƫ!E%>"Mժ$#DZR{1 b9Bo4:#Ԣw%C<EhlZhs\6%bKbk:V~Ӳo=56e7|rם<`6/|4&Txte(Yv (""hW$&,di 801R3G06É*GXyS6G{(VuS^}ͤ^1sg~?(1BeuӹٵouR"c,.yc3j!F_s dR ՟?y0#̇.e#buFaV?7l}GXϙ nFh!e} |/H9z:ʔ# x:l)&]MW5Xq8~IA6tբ;4(Hmx3F4{𙥕9#f;pEBgFF8B# 2}#[a9XϿݝf=IA^D%VRj 7o}?wz]*pgԊJ'=ab#"Ojby{r=*? G=qvBx 0'4c!k6[J UfVBC!ᆵUq@u) MrA|sK#S%6>#@JD=:qpKa'+ْfJy.w0Ltÿ:yzHE;ݧi叟K/Ϥ>zM_'&NMiRB-Ѱ{Zw? pQ-; WOM˚u{|b+,ԪlM5bV!~d[4[ %B5.!ҝ(rӾcO,󾕶 _ȣbOwlTМӑ:T%m$/$vNSuXs6;G"K\]78^@שǜ%O1}n=Q$w`sM]S qG^[8t@~CE PD2leS uQ!H H 6)KX$g< ha;LJCz5tHBܡ^q*gFUPLQX$鼲v=G§! 򰇀^_p)=igaYl} rí6U ˵`-YBlJ|pMtl' MzU rcg$g߸pO ׬QU"q=;Z\֒б%,.Xѱ [z(zK*37CЃr=eL`G؊ug#Ca A8($7;Ur!jܣ"ֱ̳{j <1:tYu!`:#VHF^InZġa@}#a7*V 9E=N}$*e)ky2 QKp\3+z3PMJ M^ #UR9EɶjkMjXF[ҹ61Ƿ`(^kk챾cX{H’j;M1S0f7+ht9WvT4dl7@u0) v 믘wIzd]yoS$\^d]gm CkwI,Zk (kk`^Rk+P_%&rqAho̖4947ʤmpetg߬mdt!!ަ5l=ej72C8@𒢁 ; `e -z2A-)5LP 1O0  +WRZ _o.eME_bw$yEs 4LGFo'/SWa9u>hCJH| 8z%F}a0'3WCL |$5p߾.ދt+كEV#x7ծ3`Qlׁr$.${ RֿjkQL+BBt|96< [sٌv٬0K:Xxxe8-:."qB ^tC2P㙊7HJpWA~)xǑXuщo'%gi8JmmR)qd>t(ϥNe~j K$" Ncz3_g ],ž ejCz!T\`I8^ЅvsM6 G]r+3|[waܾ9?|dȪgk;jᕐɑ<'uh 'mEe!=D2:0<1&}@ bwfM1̈'BD$pYTO&vؕM Δ9'd E&u`t }&RԺ=^{V`U[s2(zaFktΨ*tg6m͋P$;U"B5S}&ְ29zwX+^89ÍT)2e Ѣ,aHjҴg{Ry=)/fC*X?]-[BftN8 IjvuV4v hǜE^ ,lKqpPAveSEE`M!_;=&x=|E:%n%D3L֙2``rI aui+PCnz]3u] /Jd@!VڨSu<ҭ$lEX,$ Uf;QY67JNL 0x=sK/(9}Zj-oLbeN4fLM ,D 1E=V \(k_Hv)GS^bUͶfA' qbswQ¦E[ֶT46׋zyʵ #"Ovc }y%aU0Qxwƫ J^ooN] ezG//+dV!6>`0w'16k]E_BOWD@K3RE>qes6ZpQ%ޞxX9^-v=q;͍0Z{y\:"~YEk^UXLeѻQhQoBxyi'sݮ/N|qnPKku(&4ACX3t.s6X,?.Wt-y?sXK[|8ۓiףQ Kc;mCj CNQyÑLѧM6QOlcS=ӹ[::S YJ:ǻ,~ NUq(=~h?N쉰>.z=Gn_͎!C}%PD'M 3db KDͯ_zkϼѣWgz~ϙEPiYpSC>$A~H2g_?u]2EI@$'4N( {.!pc"˥(Ij*=яIj& )52v~ᠫckxe$7PWg(ԑڀf ]fi. *bMa4.脦+e$WI1h' r>GsU =iv2{'FҨ_ ~. ZI]TY,k޿4GkNlpC6@ur5eZm%/z*I֫`';|x 19ZfV#P_ZFrɰ>-Mu4ⸯ6r8xZ-\AYݷe,A#BVH,4T3SǐثDMXBx /jc??4kr_x1z>,4zPҦ_pk} %4䬖c~w!Tb[˕/گ}vfw-+ܡ&//h񏿆&nH 2ZtBX/* ' J.]cG&ff?Wĥ5SQs!LZ%됆{^'o~Z+W~ry$ z#U[25HBҥݱ x@?u3;L!i1Z[hN՗ZO%寇%})g Na4Yx ɽ==(QcdL?a קYvAaߍ̐3΄ql%bAp #LzDLgp|/(iDEeң,_mM%ɭ{tY( ҂0)EB2r7>D xٌ(1ūvC7έ֫UԭCmY_AM5uXK)z5˜L=XL8b2.܋1y/+k=!˽%SH*XT.FYh_^+l!kn#J' +n:䒬HXD#lB> DUI67_:(f[ɼ`}9gUݼ֠=Pco%7̚R%&yC{ULGLEԽpL};Nm MՈ{YT~&RIWgbD~=mV+%e]+DNB{п j2X.N2r;&JO)pF_Fb{*tH/>W|]R0^ pb_*Ux$z!̆Xue|c5>9E%qh\hۊ2L4[ͨDI=;RBWtVl*U5bɶު u ѬNT0DmatMQ:sœi?,UHCTɣ1!KY, Baw_ q:;,x nC}lB6>X\o^:g34NvMwӓiw"L^Gn%ܥρug-FRLAfM&K$)6Ycr &˵~<` _<31&q!JW\U0< wRLJYQ_:0<@ۑ7?ȓ}b|ti%7/˨x"X]~*zT~j7lE/GqH; S5mC)ԉh L3Jy%Rh;:r1H΁&F@~ku46t!WY-- d6Jڝ{=|ny<(n8 qM&v W`_F֕V.<|e_so㿋#n|e [& %K*.7AB1Gh`ɏh@jIZ3xNgD{`MoK{Q=*v NJgM ?}hiJ4`t!yc:xuQC8` :KH@?"o{wug񰦈ަº'vj~ غaJɪ|j`\gNpШy+3rwSPMͽG0z.FU*MX 㝯y3z09~3x !p(cFDQ5/gdm!FϓN*ۨLIVmjgYI7p$ܑJwݨ G,f/B[S}_`u50 b:2 sX˅wg붋ټ?KdC>2\ƨ? ihJ-Pm!ZjOszS6i&'Ch?\T7`YSt [C >>r}:SSW d+j$8Z&fĖPiݮ{CkS87usYG|oLuNs1D6`ፓ%z  k/8r *YwhiUpͱ=ەS.\>iQ%w`.ݪzo Ȼ wR8jJww&ݼ;XyWelݼ. 6^-zJ"vQkpUP$;Ir/tTj `VId^Yp(jǃU*KB,ISP٩̆KlLsyNfژ'{ATi'9'$gBKNTkV Xu;I-l#Tê$.%/ʜހ!z ((rfN< ]_j*16QV }B*YnpLJ,5Co{HUr|#J_f/x%G~lCUֽG0&M{,z*?]v) 3Yn)jD!xD4E'ǎ_vL# cZ;ŷ{T%{j/}C0t&yAEѴga@-[IpX8uOSGHtⅎ~Hp 36l1k}#ir7&\,jZ.-9}%B (|5`K;Il:>~RJC"`LƗ"<_%h=rN 9P0|zqfSH$8+Ds3n&j #f_lcxKТٴH;,-'[`4KxzH+^#Pϟb!_Y]I O.+n>CXmP REc烙$<1ea0~/9Sjs\i)IPT,[< JVlH3*vC,懎UD/IL@Hxue1;tvHLl( C ɴ{n@S5%p!1!ЁQG@B'+·ǵ𧅆55 ^сb8?U%ݯ5fZkHB, ۻar/',br F^=LTìvD x5 ^oR;^ ٿ7Prjˍ0vSc\OD6z&ҸſƂQ&Al%Fs,2wWlLlwdbi\Ӎ}tŷUEX(Y,I{9U;{   x"YXo'vCL[*J(Iod/6oEZcʆ5GM$v%Bgc-o=gZdPPP,A1~X:a 4%hOQ| x'Z*&T8L+ԥ@e ƣvP#QYd ڙ6ʳ3BQReȽ%dC] GK^)x_/`! 4rl$Ѭ_<{Tky1eZC;?`hfZ\/;Tz=Br{rfqEGx!j3ͯGxe_hF <ټy0-h@]3hv" >)L5*oPc |rc.Tp0@pJÜD6ӫ (UF:Qqra9_AEco 8!n*Y?UMz8Bb% >R!73,QG\%;Rw<SMT3coh,`JTW &k7esi`~̕C![\Cɝ鿶yy9vk`p??KڪrLjV;UxTFAɴP6}F:oVܥ^!|E% $Edž^֙stwI궾:#M5dV3DZޜ 6l'jceTruZ󻅊% FF :Tȑ8-pi[gWj0Pm4r@c99uTиSo9RYDř=4=ѣX0.[EI*Rzs.{۶:Ɍ /B,:B,a$B=H8,F% "ҵUಈH'rфG'zk2 ~ukN:K.>* |vĊz1U:q]@3 *dƒ+g0r-f}wAcŇ,7{n(m\d^VJؚ:}(XePb}o\ _)jŽyv{P3-"׳}¶d1 X:^d-O7kf't|ˍfR e3`CS~1ş̥3HEy20w¸F>k^ӔҴNLQV'=1Tx"o,3*^0AѺτj<MjMLfB^ɀڮx SO3|kӅ;M_P5k,}0KRJ玾&g}9$) E_q,;<ؾ'^0TS w0!=1 ZъPm+hUdfKMA<DR9k. ,o **Ykq`}=#6t`kK7!7nZLY4z(734։:Qj'qMʕba ?Nes 8gОLӭ0?'@"{̔lYH@?_t[R(kgEU:?!1Iִ$LIEeoz:aBHB/M8.r-lmVypı*!G=苏?ߺ-*#\;mo>>*ӥh܁ +M_Zd0mK]S'ڳtM4b=p&cf'sihy/m.GPa bFGP t1 Zֿ0GHW<^ b0LCAeEiN ~1GŠ~q @T#-HbKdOxLǒ^"7.[ xNF/B|.۟awZ ܶh;AvGB!LTI۷u~; 6NeN9i[`Pφû}(몌 D=UG)'K{q|jYn?(A"op2e=rɟ^H+.*j3)O[BD{1R<_'_DdǕ1&:db&l'go2p]4à*U?ițz<!qA* LL:]–n?2LgƢ _.(Hg /zs](K!obyb5 gaAfV,V^7sHN2"k5qޑ>ĝѧˡրL*{\kӂ(Dvi>㩈.wq6ªϻܳ^Z~# i_@I@S,=^3{qlw3ψp 6,+0 `A(ŦݔtO"c~pMd}oxxO5߶]bxX@zc@ g0& p޺z?|umćRwJs'fV7"Zd8s3̥jJɛEېrw_!I ai҅Q<3_ƪr?N>t\NK{nbZOv㊷vs@ W ]=ޫ;qÊۋ.*YeZ[ 1|$ȣCʵaZT ?Ygر@UDxe?UΝ$i/'˲rɸ*z}qG "?`/mS-A?F5a5Yt L-˶̡ev;_3DAdYu-tnMu5{f?n ŧ$o/9E^!a*=64zOE#gP߰gU݁9V'`gpa*ՐR{Uǹ#}Dz*q}z[F+k>H[xvNOo:ZS:ؕVkZIYݦf( 40 dh3X{v\jqAdxB}CPsU>C nh5NaneBT!$txp\[ 0IEҼOYIB[˝R^"M)Ꟈ?j -F%Y!\*/vuJ;fˍC]gSĀQ +r M2ڼYah: w9g@Y8/s![}J0ez#4c,Z'MMeSy뽮abޑ|) {*BT"m`cȵ.Ks הs1CӐu!c\/ YUynK-gۙU(rt>AP*YEq?:o#q LZdgZWnABr0QC'X"]a+÷VU^Ɯ9z%*rT(ej@ |xQ/Җ,iFZC Oz3-TuF~U.N,&6{ )`kh3+<=MZyTn5 Gh"Q˾cu)1Ho@?tN:uߎp܋wڛJ$NNoM!e95j|ZQƣSKXqh<8-07^7c-26vM8v![xѹ==[)wz|Mearh V4˩TpAstWo*N5ϔZ6I~B\Ed=9+.8U(;>MQ[mZ;%;ٸmVz_yzK i. ď6NOD ۨ^b툯hth#@ǐիz#1\ִxXYDJEֲȨ/:YC~KBqœ3_,AαdQʿb!.f\Sы7bw\:ˢfT]82֫5(D; 1oOqMMRx; P[).4[ 0EJV*b@k̔;"!E˖/;Ew)Tj> ܸeUt5 eEE|t"bݴʀeݴ7Ѱ6n[{fS,ct/iW3~mh2GU&"K|o?9)enQէt3:^TKhƧÒ $Gop:ȓfk7eٙa)n g̵HU(J0 n#caxqۋFlekj \|,Hbh6!ߗFtOBw:T_/ߣ\,UX9(\¡FYw=5a:CY9Perխ ׈