xen-devel-4.12.4_06-lp151.2.36.1<>,qЉ_ϸ/=„Nn[Ү000.cq|˷Rm?gIe) mCֿu8Es`iCo +`˼A뎕ËE 5}=z3$SU(-YS>32=#ة/ Qb@/$MHq[&xh!52-:,2YuLtYl6vʜV>H?[nbG}aNq+k 4@\rq`g:28*~}k"k>>\?Ld  # ]  <BH   h   , .14L77:4;|;=D(=w8=W9BW:ZWFGHlIXРY\\]^Eb܆cDdefluv|wx\y@zHCxen-devel4.12.4_06lp151.2.36.1Xen Virtualization: Headers and libraries for developmentXen is a virtual machine monitor for x86 that supports execution of multiple guest operating systems with unprecedented levels of performance and resource isolation. This package contains the libraries and header files needed to create tools to control virtual machines. Authors: -------- Ian Pratt _build70openSUSE Leap 15.1openSUSEGPL-2.0-onlyhttp://bugs.opensuse.orgSystem/Kernelhttp://www.cl.cam.ac.uk/Research/SRG/netos/xen/linuxi586\? !i ! ?9>N<8 d""|21Mb?s 1p(u6`'Dax2 $b ,Yif ?&*+65<)&1PJ6~4&} m *jE-<IU' WZBeJ=f UF{n@ׁA큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤_____w_____w____w__________________________}_}_}_}_____________________________________w_______________________________w______w__w________________________~__~________________~_~__2bfb189d60bd07d63d611aed692cfec47b148c9fcda84867ac8390eef461c82ab04383cca0dbc10affe8a10a5ea9ac05be04f03002cb12716c95844dd67c905c60671a5c7e776330600d9731398e33b8bba215ad2de29a7ee7b43bdbebb430e4995b003268c78e90334db8b464ff9c274446ef39d3742b7a4741c97707e7e67d17c590ed323c73eb4e37701b6a8882b9a9678af72daf0d33294b059fa9eff6dbef19941ad6bae3e4ddf69ee881584677b10bd4197e4c688860f296b6004d80b8e47fe59982f2b80a1bc8979e335c043db7ce31eb50f76fcf844e4967c63fd7387fca1837773e47b844de859e4864c45b909fc31b5d252b2fe592584e9f971a7019839c4e77a2bf11dee4da6d3b2d1efc19739c1ef8feded28daaff1cebe4d0c8008f84ef6d0d7d296ff62228b6ad580a11ef423401773aaecaa54c9396fc664fed0cccc11399100736bd880047786131cbf2bf36e4cdfe82b9288d33911ba6ac3d38974b9ad4199bbb501520893bef4b01d8150ea673d46de677114fdcfcaada8abcec909612e5e47fc9bf39051728fd09629b2dd64fbe03aa4ed012e548cee2c5a98a6326a77f92360f860f29aabd00e4ea13cfb1b0356e1b3065c4c2a60187d403349f3afd7151eb792955db66012baee34100f93fb7a217097dea0d803d6b27ab977ee329336d6d2e1e1f588b9a965df694cb9695e699c944d705f23fc25acc983b219d461f2b4f2d8c56e2bd5813d0442a8105e17175d8cb2a596808833327421a74ba7022aee67c1c9183d60c6e61575d5a39bd5c8333b51e85074388752a96d6f6996d8f3d76e2cccc9cbf786764cbcc1ab6f6dc0621d81744f89b39ef4da6d705ee43debc0c45b9d57bd5a06251a34c472aaeb61dfb7489dc76d95a4714d394e97678b19c76975ff9071a331dbe805fd1f21d6b7a565684dc78b039859aca29ecdf94a511b229f6dc00d9029583a6308d8ef7279457d4456527ca7bf03eebd054883c13d0b06aceffc257dbb0f366b1afd7800b72b42712a8bada4b589a3154b4946b185f35434fa4562ffbdda13698cdfb5ed669e7c7c7f1ec4d33c2c60d39f25fae6067ecc12e44ee8d56f674c6238fda50c87281f20a0db0762b423da8c49abf7b30607d694c9c55d90d10d4f551cc3bf830b565127693dc33c91653b52fd51049ee437bfdf3c5e0fbe28727d453755e41c7b7a2a494cb4b61b7d018ab2ac1a6f5377bd805bcb78567d88c3021c0eb8049c402b37796e3e9cd5e455a7ca366b62c0b4efb37ae1109747f4211f82a86879e7b9bad8834f02a6e69e0e0b948452c19e7589142d878136d1257df2e48826651393a7bd435f90b2248a11cac9ab571c36120aa136fb15a88d58fae0b610e8625ba03a422c94643ec5ae5cd6e458fa89a73271b1ecada96f011cc8552143a5bef4b6949b4b992f34872b031d5c5b4e1c49e5cca271301beede9ac9569c8ea309e9ba65c19383fedb00dd3ada7d7731c14e85a4128ae7e0616bbbdd43c676247f824aac424c2043eeb22a30202ad83f95c0aeee6acdaee15e35754db90ae5ce8ab029c8eb7d7410ebe9aad6e5b2d1c65f6884973e29ad6ee6e4659d252d3c2c16e35f4f1dd76bc68d14c591176cf5ca8c545ba83a92b25668e36d4bca76064bdab92afc227bbdb9dd34f47cf5e8184e9a414363695342da8089ba1a7e873ffabc1f8761020d5d0861d6f99b7400899c6eaf73a6543c1ee53b933d583f4edc7ef3ad4e9c0e31857c218740f538d11d3ce72a2ddae36275decf79effb54e50aa662aad0c0ef700c6fcc50aaa6bc8706d674d178db9552917e80e04f8731b3b3ba7b50ed72cefeed311830d9a7ccd69d4a3f94bbc707ebe490d9b6ebe77b63b6039ea341475fb10ff188f845370b94b07275a8e93f20db09430c93c0ebeb877534c98523f20ce89a2c08815be3ce96b4e20eb2a3a108f59c1a8d36d89c32b134eda4079052d490714978a98e5cdf113b2e8b4e03bebc8850c912330cffbeea73f1ca5998e1f2089d19b4f7a102e61045847b2432311bc41213431a37cafcf7300658537cc16537243bd15f34790fe41637d95090e35992d7bd1affae8bc7ba81f1d75f77d01185bb79bcf21e9df49677b48c8dbaf26a1a8fd64279b653662dc8e7997c7efd578ee127958159bf156d2d444e1955502d40becea76eaa905b4b3bab90385aa18ca26fce8b93bccf1f3494729800d18a0e558472ca16fef95ee103d750d180d177f380df911db661defb0d28636a17b38f007e84167d28759c9a9350c45bc3edf4237fc3d65c397d5dd3b91901e122b5908d2d3a3073b3133e1c8d759377d5c9d07ad7b938a6ba0ef15e4d86388452082cd876711da5dc6e3fbdbae87e96181abd7dd0b45c312ae8e428387e79a2d234d52572321e9857ff1718fb7dc09985c00b66e302614b4d6e0d9214c4a420c11a08321d85622cc5d5fa7fd418996ad319cb74ee32113229cae5796fbf9bb31f7786ce324d00913fcd587a4cce29a8fac975a4e787c2e46811b8e76fbf6d3eec004a1554e43ef137d83ceea621e27ba3af98d6ccb49812fa97c8bd9b868843c4dc1da01012fa7206c7e360a14eef06076db628d7cc6724695fbff49c115bf9561f446f874393343d8fff7d9921e0de5e2980dfb80ef447a25333d9cb5f0772c3063b998608efc931de850c476933076493fa681f90a098a41746e7b818d9eb678feaa9cda7487fc704c498aba63c72408f2084c10e8512b8a2160a1937b855cddc483d5d035e7a6da3b9d69bbab534e4ba6f8adf29a5ad24d746e8edfa8685e572cfb5d43ccab49aaf20a901316f13c357d847da77aecabef798068789f6eb12f42cc35cb2d0c0a74db3d7a22800a60afa3a9424cc1f6fa8ac2b82182e3e58cc304d1640650d5603f8c30cf1ac5081fbfb5bb946a1041c31b68fad87d6003e0dab330baf2406b070eff1bcd828e2cc425a470f0e13d3357f44fc2b8106ee4fc8f185e31884516e33ebdba6239efeef11c542344521720f2c2cd75937a0164a571098894469967d34caf814826909b41807de4721d078d53b7e263375e77d8d8bb60db884ce627bbdf0de6fa4885f4785432181b4cf7ebec5ebe681bafc2ef5af7486fee0f6ef516212310d536116ac6b36eb8857043469fd22520823975d0c4d1027e82ee48f7201e49f1bbc16b8055e96040d471a5acc379472febc3f1af83280b11e2b69470b51d2c67d75f10585f85125b0901a8a1cb71ad26bc1be2fc76d6401065e306f888a30b4e25dc410294b17ff1d20b2b284ccdf404ad9d2c86e0cdb8535aec3dec856436fcd9b4ebc0815fbd188ffa95c4ff111bb4f864477f68b7dee4c377c2c51d47505360b2a9f290fc8e80f7d97760fd58528f026cc84597823dfd9afd672d09b10e71a303a4caab2dd35b2bc70f5acc0e42685ab8d6c9659adb84ef70f7721eb7b8555b886778980884b5fb33ae6ba97876d2e9fce18f61dfdd1a4efdac1fb594a8e3d9cd00420042ad7784f9a1f2670c61bcbdcd153e3765aac92b49f29bf1cf93bdd83ca82977b7306cbb2eb3a84340a95ccbfbd49ce376466aa70ed3fe0c10a7396bed218dceaa014059f46f3a194850d8acfdb20a36e9d7cd986a07206883e8f6e4e41b462c3bf45a2a5bb318d83766714eac91f66621b5d52564d742a39a8544066f567104aca412dbc462847c32eedf256c66013956a05a069427fe09d171b76b362fc41fe7030a573317e8e894fb50c9eed0c8628449a7a9dd87410428182d0a4602193d4a1dc2f4c09cc0a3ad1750809e27d80a5ae701eb06e438899d6f805554141bd771f3313cf99b1f387e9c4583e492a3067560066f7ec6a46478cc90a38304e212313d7287090a07aa0f04dafaf10c1e693085f50f12e55c3e0a026f0420fff38314bf3b6ea1c9f11938c99f338c6c29c207de57620cea765e9c7b4a2252eb1854ea814e75dddfffc2ba847f385f50ed61882df8db3bccbb45f5cfac942d1f93743ef68e9cf2ef773ffc0ed8a2ce8a44c39e37e5629d57793dcc46acdd8140e4c0330856b5de3ee2a51055b7de88bf7ead0feaaaee4dae2cde571c011bd30778ca4a869b25ed4ca46685c6f346a257c1f77e7ca9f25d9f435614340158f65580b98de39861efb99bdcfbef5dbad7d2c1d3723121e46f0155cbcf699a11e2a3b1acb338f0860beca4a25842a08f9fc04b88ee1607665b245c720efbf4683465ebf81fac12d4e9ca4b7016f688ee4632f054d91bc77679016266f406c598f2a79cf16a399afea2ee50bbe17540965ee92cbe52afcccdb173d510dd2b0c2f44bac18cf4edeabd80b73178128e0f347b1973946fbdb114edebdafb392429f79141bbc78ce6587a8397c0e69fcc18873d4b3067b329f9287f8ffbc7d4063c255cc5701f646bc723a8f225865ebe2e5f815d8a91d9c6700b46e41e72c5cc2882aa1cff59bf16f1f5506c6559e59eeadb0da58f73aa6f97bfb9546d4479bf91a3ce08237b015f430878d76de26c3e2a7cc75000e9b1dd5f8a9c705821983fb6d967dd1add0de7a872cbc0563e03dd5669c0ae6186ffb7a619f271a883e7f828d945424f0155b8d02c2d655023ac6f60bb4fc550a783b08b1d223a813fbd71b78f72b06e20e75e3c893af7b924fa98f8f52a20e2d96a01630d22163a70de3defc792e4b88a9b7929e444d517e2ec32bc93d5feab708182dd2d4e62e5bc2655b88315f39f5a0c48e12eea5ff44229fa458bdc42cb25ed6d41394e865ad41ffae7074acd193045b53e4251cfb8601f1a1b4787c81719f02ab91d1ff0d02de25a5aa17f314719259cdc5107e266d8306fa47aa82f743f436f153e3b675b7c4c3dac7497d80903e2144f1f6ed6d46d2cc2933a56a3350a9e465bd22fe52164f7fca76cea2f482b59f089318b86bd8fa7ebd47a203db70fe52cc50723eba13aa17fd55a8e463c11d642a04c7466ca4115fee42d03bda0b6c221fe11903b8c7906c0156ed739d74f0d656c54a91608b7970ecb866e4f1b7729bfe2bf322e63e012db8c15ee4dec90d8992278fcd9ba687c2b3687303e169a0d2bc13b33e957c8d29f4a0fdb524d24eb4e07c65868e0c459b0c895e973ef9b1d09c8f8e91f37f66892aaeaac03a39a607b3af8e80a0739bed8b1bff11d60c37f9358fd9c2b1c5ee570597802604ceec76674b3f1f085350181751f331ae5531ceff585577531d071eeddd992dbf375e9033720047f6ed40bb60aca13f9f5e4c4af82527984a1d3fd38c1a4c9322a5a2ff7d7efa9a280ae133e010df36dd2c9e9e70ed5bba02748123bd2ef7a559faebca3210d05a4ed264aab8cb9fda78ed0da99c70e568b70291e6a5b6141ed8d25bc47613953e20ad0b674337dbe185740b5e3dd7787dca4c347445f7568ef1db79277ba7e69834b7186710281ab17479b117bab7c2dab015ecc5f5a83243f5536ac032c7c0925bc9e44f03a72e9420f45b1e16359df05f0e9c75bb5b91661cecc93b3ac778052e4b6e4699c40e4e3aa9c1cad1e82fd4ace5f4fd0618be4c86e8e6f8006fc4a0376f0cd93ae52dfabdb092489717f7b7da735e1b6260cf224213797133c8ca050fca8f1ef84576cd0cdc302d97ee62051e826771b360ae18ad26ca58f2b083ad1262319fb09326903498404740c58ce49e6774d7d6107d8432dae69db48b1e6d5ba9c4299dc264f9fe87d8e86b365f44d3378f88ffc36490008289672b831d3493d9b5c70280af2859c6633163dad815369795f77823e66606e3b782ff00a80dc766c789a71b5d59ded1e6756e3c38a21db793fe599d1c4818e8e6913f78f9d02133c14b714039a2fa392dcb92dc2df107738c926d0d58ea7d157e5a495e9eb7aa81884776af399929074ea665a7f2df45f428eacbf31d5a19807613d8f0c6c1089a88fdd91bc3d0be40e4ee190b740c80facadac194a20560f0498961013206666e4bdc5d059594199361fb99135a3d6af59812cb5148212b831452da279ebdd83519a287cc2e3fd31f92a980b5fafe54a2bcb0cbf5baa869a60756338882df7100b565b9dce98a9047d89ab05633dfe1e300afe6c5d3d4d340f731b9ad1b9e5fc72ee3a896c6575bad279dbdd5531796ca21b465d81946655a4de3678f7a4e0f0f20cxenstore-compat/xs.hxenstore-compat/xs_lib.hlibxencall.so.1libxenctrl.so.4.12libxendevicemodel.so.1libxenevtchn.so.1libxenforeignmemory.so.1libxenfsimage.so.4.12libxengnttab.so.1libxenguest.so.4.12libxenlight.so.4.12libxenstat.so.4.12libxenstore.so.3.0libxentoolcore.so.1libxentoollog.so.1libxenvchan.so.4.12libxlutil.so.4.12rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootxen-4.12.4_06-lp151.2.36.1.src.rpmpkgconfig(xencall)pkgconfig(xencontrol)pkgconfig(xendevicemodel)pkgconfig(xenevtchn)pkgconfig(xenforeignmemory)pkgconfig(xengnttab)pkgconfig(xenguest)pkgconfig(xenlight)pkgconfig(xenstat)pkgconfig(xenstore)pkgconfig(xentoolcore)pkgconfig(xentoollog)pkgconfig(xenvchan)pkgconfig(xlutil)xen-develxen-devel(x86-32)@@@@@@@@@@@@    /usr/bin/pkg-configlibuuid-develpkgconfig(xencall)pkgconfig(xencontrol)pkgconfig(xendevicemodel)pkgconfig(xenevtchn)pkgconfig(xenforeignmemory)pkgconfig(xengnttab)pkgconfig(xenguest)pkgconfig(xenlight)pkgconfig(xenstore)pkgconfig(xentoolcore)pkgconfig(xentoollog)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)xen-libs3.0.4-14.6.0-14.0-15.2-14.12.4_064.14.1_$_ǁ________[f_X_Wr@_)M_{_^)@^^@^ϧ^x^@^^^s^^ku^h^V]^M#@^0"@^@^!@]B]*]X]d@]@]@]]fl]M`@]B@]@]]@\\ޢ@\ڭ\\@\@\@\,@\7\\N\@\\+@\\M\M\\\@\}@\k\X)@\J@\I\A\?\=@\9\73\4\$\l@[H[k@[@[^[^[/[@[@[9@[v[W[CN@[<[6@[0@[0@['[!@[5@Z@ZnZ@ZZZ@ZmZԐ@ZZZ@ZZ}@Z}@Z}@Z}@Zz@Zz@Zo Zk@ZV@ZS]@ZOhZ:PZ1@Z.s@Z&@ZOZOZ Z Z Z@Z@Z }ZC@ZYYYY|Y@Y{Y*@Y5YA@Y4YYYbYY@Y3Y@YJYJY@YYV@Y@Ym@Yw2Yp@YlYh@Yh@YS@YJ_YI@Y5GY0Y-^Y(Y"YY;@YYY@YtY.X@XQ@X@XۡXg@X@XƉX@X @X@X@X@X@XXX@XXXwoXs{@XlXWXRXQ4@XEVX43@X.@X*X lX&X@XX@W@W֘W֘W^@WiW:Wt@W.@W9WW@Wk@Wi,@WbWZWZWZWYZ@WV@WEWBW=W;W3W1@W1@W,@W(W(W(W(W(W#LWVbV(@V3VJVxV'@VV2V͛@VŲ@V`VwVVV=@VV@VHV@VvV%@VV<@V@VS@VV@V^VwVqR@Vn@VXEVUVTQ@VMVMVMVA@V;DV9@V7P@V0V*!@V V@VCVVVf@VqV@UYU@U@UUݪ@U@UnU4@UUK@UU@UU>U@Ux&Un@U\w@U[%UUUPUKSU>$U6;U%@UU@UUU.@TgT-@TT@TZ@TZ@T@TT@T5T@TLTLT~@Tl@Ti@Ta@THT?@T=@carnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comJames Fehlig carnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comJim Fehlig ohering@suse.deMartin Liška ohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comJan Engelhardt Guillaume GARDET Guillaume GARDET Bernhard Wiedemann carnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.deBernhard Wiedemann ohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comtrenn@suse.decarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.deohering@suse.deohering@suse.dejfehlig@suse.comohering@suse.decarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comohering@suse.deohering@suse.deohering@suse.derbrown@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.deohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comjfehlig@suse.comohering@suse.decarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comjfehlig@suse.comohering@suse.decarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comjfehlig@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comjfehlig@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.dejfehlig@suse.comcarnold@suse.comohering@suse.deohering@suse.deohering@suse.decarnold@suse.comohering@suse.dejfehlig@suse.comcarnold@suse.comjfehlig@suse.comjfehlig@suse.comcarnold@suse.comcarnold@suse.comjfehlig@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comjfehlig@suse.comcarnold@suse.comcarnold@suse.commlatimer@suse.comcarnold@suse.comcyliu@suse.comjfehlig@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comohering@suse.decarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comjfehlig@suse.comcarnold@suse.comcarnold@suse.comohering@suse.decarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comohering@suse.derguenther@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.comrguenther@suse.comcarnold@suse.commeissner@suse.comcarnold@suse.comohering@suse.decarnold@suse.comcarnold@suse.comohering@suse.deohering@suse.deohering@suse.decarnold@suse.comohering@suse.deohering@suse.decarnold@suse.comohering@suse.deohering@suse.deohering@suse.deohering@suse.decarnold@suse.comcarnold@suse.comcarnold@suse.comcarnold@suse.com- bsc#1176782 - L3: xl dump-core shows missing nr_pages during core. If maxmem and current are the same the issue doesn't happen 5fca3b32-tools-libs-ctrl-fix-dumping-of-ballooned-guest.patch- bsc#1179496 - VUL-0: CVE-2020-29480: xen: xenstore: watch notifications lacking permission checks (XSA-115) xsa115-1.patch xsa115-2.patch xsa115-3.patch xsa115-4.patch xsa115-5.patch xsa115-6.patch xsa115-7.patch xsa115-8.patch xsa115-9.patch xsa115-10.patch - bsc#1179498 - VUL-0: CVE-2020-29481: xen: xenstore: new domains inheriting existing node permissions (XSA-322) xsa322.patch - bsc#1179501 - VUL-0: CVE-2020-29484: xen: xenstore: guests can crash xenstored via watchs (XSA-324) xsa324.patch - bsc#1179502 - VUL-0: CVE-2020-29483: xen: xenstore: guests can disturb domain cleanup (XSA-325) xsa325.patch - bsc#1179506 - VUL-0: CVE-2020-29566: xen: undue recursion in x86 HVM context switch code (XSA-348) xsa348.patch - bsc#1179514 - VUL-0: CVE-2020-29570: xen: FIFO event channels control block related ordering (XSA-358) xsa358.patch - bsc#1179516 - VUL-0: CVE-2020-29571: xen: FIFO event channels control structure ordering (XSA-359) xsa359.patch - Upstream bug fixes (bsc#1027519) 5faa974f-evtchn-rework-per-channel-lock.patch 5faa978b-evtchn-revert-52e1fc47abc3a0123.patch 5faac497-xen-arm-Always-trap-AMU-system-registers.patch (Replaces xsa351-3.patch) 5fbcdf2e-evtchn-FIFO-access-last.patch 5fbcdf99-x86-DMI-fix-SMBIOS-pointer-check.patch 5fbd042b-memory-off-by-one-in-XSA-346.patch (Replaces xsa355.patch) 5fc4ee23-evtchn-FIFO-queue-locking.patch- bsc#1178963 - VUL-0: xen: stack corruption from XSA-346 change (XSA-355) xsa355.patch- Enhance libxc.migrate_tracking.patch Hide SUSEINFO messages from pause/unpause/resume from xl command. They are intended for libvirt logging, but lacked info about execution context.- bsc#1178591 - VUL-0: CVE-2020-28368: xen: Intel RAPL sidechannel attack aka PLATYPUS attack aka XSA-351 xsa351-1.patch xsa351-2.patch xsa351-3.patch- Upstream bug fix (bsc#1027519) 5f92909a-PCI-cleanup-MSI-before-removing-device.patch- Update to Xen 4.12.4 bug fix release (bsc#1027519) xen-4.12.4-testing-src.tar.bz2 - Dropped patches contained in new tarball 5c87be47-libx86-helper-to-deserialise-msr_policy.patch 5d976da3-libxl-attach-PCI-device-to-qemu-only-after-setting-pciback-pcifront.patch 5ec2a760-x86-determine-MXCSR-mask-always.patch 5ec50b05-x86-idle-rework-C6-EOI-workaround.patch 5ec7dcaa-x86-dont-enter-C6-with-in-service-intr.patch 5ec7dcf6-x86-dont-enter-C3-C6-with-errata.patch 5ec82237-x86-extend-ISR-C6-workaround-to-Haswell.patch 5ece1b91-x86-clear-RDRAND-CPUID-bit-on-AMD-fam-15-16.patch 5ece8ac4-x86-load_system_tables-NMI-MC-safe.patch 5eda60cb-SVM-split-recalc-NPT-fault-handling.patch 5edf6ad8-ioreq-pending-emulation-server-destruction-race.patch 5edfbbea-x86-spec-ctrl-CPUID-MSR-defs-for-SRBDS.patch 5edfbbea-x86-spec-ctrl-mitigate-SRBDS.patch 5ee24d0e-x86-spec-ctrl-document-SRBDS-workaround.patch 5ef44e0d-x86-PMTMR-use-FADT-flags.patch 5ef6156a-x86-disallow-access-to-PT-MSRs.patch 5efcb354-x86-protect-CALL-JMP-straight-line-speculation.patch 5f046c18-evtchn-dont-ignore-error-in-get_free_port.patch 5f046c48-x86-shadow-dirty-VRAM-inverted-conditional.patch 5f046c64-EPT-set_middle_entry-adjustments.patch 5f046c78-EPT-atomically-modify-ents-in-ept_next_level.patch 5f046c9a-VT-d-improve-IOMMU-TLB-flush.patch 5f046cb5-VT-d-prune-rename-cache-flush-funcs.patch 5f046cca-x86-IOMMU-introduce-cache-sync-hook.patch 5f046ce9-VT-d-sync_cache-misaligned-addresses.patch 5f046cfd-x86-introduce-alternative_2.patch 5f046d1a-VT-d-optimize-CPU-cache-sync.patch 5f046d2b-EPT-flush-cache-when-modifying-PTEs.patch 5f046d5c-check-VCPUOP_register_vcpu_info-alignment.patch 5f1a9916-x86-S3-put-data-sregs-into-known-state.patch 5f21b9fd-x86-cpuid-APIC-bit-clearing.patch 5f479d9e-x86-begin-to-support-MSR_ARCH_CAPS.patch 5f4cf06e-x86-Dom0-expose-MSR_ARCH_CAPS.patch 5f4cf96a-x86-PV-fix-SEGBASE_GS_USER_SEL.patch 5f560c42-x86-PV-64bit-segbase-consistency.patch 5f560c42-x86-PV-rewrite-segment-ctxt-switch.patch xsa286-0.patch xsa286-1.patch xsa286-2.patch xsa286-3.patch xsa286-4.patch xsa286-5.patch xsa286-6.patch xsa333.patch xsa334.patch xsa336.patch xsa337-1.patch xsa337-2.patch xsa338.patch xsa339.patch xsa340.patch xsa342.patch xsa343-1.patch xsa343-2.patch xsa343-3.patch xsa344-1.patch xsa344-2.patch xsa345-1.patch xsa345-2.patch xsa345-3.patch xsa346-1.patch xsa346-2.patch xsa347-1.patch xsa347-2.patch- bsc#1177950 - adjust help for --max_iters, default is 5 libxl.set-migration-constraints-from-cmdline.patch- bsc#1177409 - VUL-0: CVE-2020-27674: xen: x86 PV guest INVLPG-like flushes may leave stale TLB entries (XSA-286) xsa286-0.patch xsa286-1.patch xsa286-2.patch xsa286-3.patch xsa286-4.patch xsa286-5.patch xsa286-6.patch - bsc#1177412 - VUL-0: CVE-2020-27672: xen: Race condition in Xen mapping code (XSA-345) xsa345-1.patch xsa345-2.patch xsa345-3.patch - bsc#1177413 - VUL-0: CVE-2020-27671: xen: undue deferral of IOMMU TLB flushes (XSA-346) xsa346-1.patch xsa346-2.patch - bsc#1177414 - VUL-0: CVE-2020-27670: xen: unsafe AMD IOMMU page table updates (XSA-347) xsa347-1.patch xsa347-2.patch- Escape some % chars in xen.spec, they have to appear verbatim- Enhance libxc.migrate_tracking.patch Print number of allocated pages on sending side, this is more accurate than p2m_size.- bsc#1176339 - VUL-0: CVE-2020-25602: xen: x86 pv: Crash when handling guest access to MSR_MISC_ENABLE (XSA-333) xsa333.patch - bsc#1176341 - VUL-0: CVE-2020-25598: xen: Missing unlock in XENMEM_acquire_resource error path (XSA-334) xsa334.patch - bsc#1176343 - VUL-0: CVE-2020-25604: xen: race when migrating timers between x86 HVM vCPU-s (XSA-336) xsa336.patch - bsc#1176344 - VUL-0: CVE-2020-25595: xen: PCI passthrough code reading back hardware registers (XSA-337) xsa337-1.patch xsa337-2.patch - bsc#1176346 - VUL-0: CVE-2020-25597: xen: once valid event channels may not turn invalid (XSA-338) xsa338.patch - bsc#1176345 - VUL-0: CVE-2020-25596: xen: x86 pv guest kernel DoS via SYSENTER (XSA-339) xsa339.patch - bsc#1176347 - VUL-0: CVE-2020-25603: xen: Missing barrier barriers when accessing/allocating an event channel (XSA-340) xsa340.patch - bsc#1176348 - VUL-0: CVE-2020-25600: xen: out of bounds event channels available to 32-bit x86 domains (XSA-342) xsa342.patch - bsc#1176349 - VUL-0: CVE-2020-25599: xen: races with evtchn_reset() (XSA-343) xsa343-1.patch xsa343-2.patch xsa343-3.patch - bsc#1176350 - VUL-0: CVE-2020-25601: xen: lack of preemption in evtchn_reset() / evtchn_destroy() (XSA-344) xsa344-1.patch xsa344-2.patch - Upstream bug fixes (bsc#1027519) 5c87be47-libx86-helper-to-deserialise-msr_policy.patch 5f479d9e-x86-begin-to-support-MSR_ARCH_CAPS.patch 5f4cf06e-x86-Dom0-expose-MSR_ARCH_CAPS.patch 5f4cf96a-x86-PV-fix-SEGBASE_GS_USER_SEL.patch 5f560c42-x86-PV-64bit-segbase-consistency.patch 5f560c42-x86-PV-rewrite-segment-ctxt-switch.patch- Upstream bug fixes (bsc#1027519) 5ef44e0d-x86-PMTMR-use-FADT-flags.patch 5ef6156a-x86-disallow-access-to-PT-MSRs.patch 5efcb354-x86-protect-CALL-JMP-straight-line-speculation.patch 5f046c18-evtchn-dont-ignore-error-in-get_free_port.patch (Replaces xsa317.patch) 5f046c48-x86-shadow-dirty-VRAM-inverted-conditional.patch (Replaces xsa319.patch) 5f046c64-EPT-set_middle_entry-adjustments.patch (Replaces xsa328-1.patch) 5f046c78-EPT-atomically-modify-ents-in-ept_next_level.patch (Replaces xsa328-2.patch) 5f046c9a-VT-d-improve-IOMMU-TLB-flush.patch (Replaces xsa321-1.patch) 5f046cb5-VT-d-prune-rename-cache-flush-funcs.patch (Replaces xsa321-2.patch) 5f046cca-x86-IOMMU-introduce-cache-sync-hook.patch (Replaces xsa321-3.patch) 5f046ce9-VT-d-sync_cache-misaligned-addresses.patch (Replaces xsa32141.patch) 5f046cfd-x86-introduce-alternative_2.patch (Replaces xsa321-5.patch) 5f046d1a-VT-d-optimize-CPU-cache-sync.patch (Replaces xsa321-6.patch) 5f046d2b-EPT-flush-cache-when-modifying-PTEs.patch (Replaces xsa321-7.patch) 5f046d5c-check-VCPUOP_register_vcpu_info-alignment.patch (Replaces xsa327.patch) 5f1a9916-x86-S3-put-data-sregs-into-known-state.patch 5f21b9fd-x86-cpuid-APIC-bit-clearing.patch 5cf8da09-adjust-sysdom-creation-call-earlier-on-x86.patch- bsc#1172356 - Not able to hot-plug NIC via virt-manager, asks to attach on next reboot while it should be live attached ignore-ip-command-script-errors.patch- Enhance libxc.migrate_tracking.patch After transfer of domU memory, the target host has to assemble the backend devices. Track the time prior xc_domain_unpause.- Add libxc.migrate_tracking.patch to track live migrations unconditionally in logfiles, especially in libvirt. This will track how long a domU was suspended during transit.- bsc#1173376 - VUL-0: CVE-2020-15566: xen: XSA-317 - Incorrect error handling in event channel port allocation xsa317.patch - bsc#1173377 - VUL-0: CVE-2020-15563: xen: XSA-319 - inverted code paths in x86 dirty VRAM tracking xsa319.patch - bsc#1173378 - VUL-0: CVE-2020-15565: xen: XSA-321 - insufficient cache write- back under VT-d xsa321-1.patch xsa321-2.patch xsa321-3.patch xsa321-4.patch xsa321-5.patch xsa321-6.patch xsa321-7.patch - bsc#1173380 - VUL-0: CVE-2020-15567: xen: XSA-328 - non-atomic modification of live EPT PTE xsa328-1.patch xsa328-2.patch- bsc#1172205 - VUL-0: CVE-2020-0543: xen: Special Register Buffer Data Sampling (SRBDS) aka "CrossTalk" (XSA-320) 5ee24d0e-x86-spec-ctrl-document-SRBDS-workaround.patch 5edfbbea-x86-spec-ctrl-CPUID-MSR-defs-for-SRBDS.patch (Replaces xsa320-1.patch) 5edfbbea-x86-spec-ctrl-mitigate-SRBDS.patch (Replaces xsa320-2.patch) - Upstream bug fixes (bsc#1027519) 5ec50b05-x86-idle-rework-C6-EOI-workaround.patch 5ec7dcaa-x86-dont-enter-C6-with-in-service-intr.patch 5ec7dcf6-x86-dont-enter-C3-C6-with-errata.patch 5ec82237-x86-extend-ISR-C6-workaround-to-Haswell.patch 5ece1b91-x86-clear-RDRAND-CPUID-bit-on-AMD-fam-15-16.patch 5ece8ac4-x86-load_system_tables-NMI-MC-safe.patch 5eda60cb-SVM-split-recalc-NPT-fault-handling.patch 5edf6ad8-ioreq-pending-emulation-server-destruction-race.patch- bsc#1172205 - VUL-0: CVE-2020-0543: xen: Special Register Buffer Data Sampling (SRBDS) aka "CrossTalk" (XSA-320) xsa320-1.patch xsa320-2.patch- Update to Xen 4.12.3 bug fix release (bsc#1027519) xen-4.12.3-testing-src.tar.bz2 5ec2a760-x86-determine-MXCSR-mask-always.patch - Drop patches contained in new tarball 5e16fb6a-x86-clear-per-cpu-stub-page-info.patch 5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch 5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch 5e21ce98-x86-time-update-TSC-stamp-after-deep-C-state.patch 5e286cce-VT-d-dont-pass-bridges-to-domain_context_mapping_one.patch 5e318cd4-x86-apic-fix-disabling-LVT0.patch 5e3bd385-EFI-recheck-variable-name-strings.patch 5e3bd3d1-EFI-dont-leak-heap-VIA-XEN_EFI_get_next_variable_name.patch 5e3bd3f8-xmalloc-guard-against-overflow.patch 5e46e090-x86-smp-reset-x2apic_enabled-in-smp_send_stop.patch 5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch 5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch 5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch 5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch 5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch 5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch 5e846cce-x86-HVM-fix-AMD-ECS-handling-for-Fam10.patch 5e84905c-x86-ucode-AMD-fix-more-potential-buffer-overruns.patch 5e86f7b7-credit2-avoid-vCPUs-with-lower-creds-than-idle.patch 5e86f7fd-credit2-fix-credit-too-few-resets.patch 5e876b0f-tools-xenstore-fix-use-after-free-in-xenstored.patch 5e95ad61-xenoprof-clear-buffer-intended-to-be-shared-with-guests.patch 5e95ad8f-xenoprof-limit-consumption-of-shared-buffer-data.patch 5e95ae77-Add-missing-memory-barrier-in-the-unlock-path-of-rwlock.patch 5e95af5e-xen-gnttab-Fix-error-path-in-map_grant_ref.patch 5e95afb8-gnttab-fix-GNTTABOP_copy-continuation-handling.patch- Advertise support for new 64bit libxl memory APIs introduced by patch 5db1be79-libxl-Offer-API-versions-0x040700-and-0x040800.patch bsc#1167007 and bsc#1157490- bsc#1169392 - VUL-0: CVE-2020-11742: xen: Bad continuation handling in GNTTABOP_copy (XSA-318) 5e95afb8-gnttab-fix-GNTTABOP_copy-continuation-handling.patch- bsc#1168140 - VUL-0: CVE-2020-11740, CVE-2020-11741: xen: XSA-313 multiple xenoprof issues 5e95ad61-xenoprof-clear-buffer-intended-to-be-shared-with-guests.patch 5e95ad8f-xenoprof-limit-consumption-of-shared-buffer-data.patch - bsc#1168142 - VUL-0: CVE-2020-11739: xen: XSA-314 - Missing memory barriers in read-write unlock paths 5e95ae77-Add-missing-memory-barrier-in-the-unlock-path-of-rwlock.patch - bsc#1168143 - VUL-0: CVE-2020-11743: xen: XSA-316 - Bad error path in GNTTABOP_map_grant 5e95af5e-xen-gnttab-Fix-error-path-in-map_grant_ref.patch - bsc#1167152 - L3: Xenstored Crashed during VM install Need Core analyzed 5e876b0f-tools-xenstore-fix-use-after-free-in-xenstored.patch - bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog bug soft lockup CPU #0 stuck under high load / upstream with workaround. See also bsc#1134506 5e86f7b7-credit2-avoid-vCPUs-with-lower-creds-than-idle.patch 5e86f7fd-credit2-fix-credit-too-few-resets.patch - Drop for upstream solution (bsc#1165206) 01-xen-credit2-avoid-vcpus-to.patch 02-xen-credit2-fix-runq-cand-skip.patch - Upstream bug fixes (bsc#1027519) 5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch 5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch 5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch 5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch 5e846cce-x86-HVM-fix-AMD-ECS-handling-for-Fam10.patch 5e84905c-x86-ucode-AMD-fix-more-potential-buffer-overruns.patch- Update API compatibility versions. Fixes issues for libvirt. See bsc#1167007 and bsc#1157490- bsc#1155200 - L3: L3-Support: aacraid blocks xen commands - ref: _00D1igLOd._5001iIvV1f:ref 5d976da3-libxl-attach-PCI-device-to-qemu-only-after-setting-pciback-pcifront.patch- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog bug soft lockup CPU #0 stuck under high load / upstream with workaround. See also bsc#1134506 01-xen-credit2-avoid-vcpus-to.patch 02-xen-credit2-fix-runq-cand-skip.patch- bsc#1160932 - VUL-0: xen: XSA-312 v1: arm: a CPU may speculate past the ERET instruction 5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch - Upstream bug fixes (bsc#1027519) 5e21ce98-x86-time-update-TSC-stamp-after-deep-C-state.patch 5e286cce-VT-d-dont-pass-bridges-to-domain_context_mapping_one.patch 5e318cd4-x86-apic-fix-disabling-LVT0.patch 5e3bd385-EFI-recheck-variable-name-strings.patch 5e3bd3d1-EFI-dont-leak-heap-VIA-XEN_EFI_get_next_variable_name.patch 5e3bd3f8-xmalloc-guard-against-overflow.patch 5e46e090-x86-smp-reset-x2apic_enabled-in-smp_send_stop.patch 5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch 5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch - Drop 5e1dd8f3-Arm-fix-build-after-892b9dcebdb7.patch- Fix broken ARM build 5e1dd8f3-Arm-fix-build-after-892b9dcebdb7.patch- bsc#1162040 - L3: Problems Booting Fedora31 VM on sles15 sp1 Xen Dom0 5d53ed45-pygrub-Failing-to-set-value-to-0-in-Grub2ConfigFile.patch- Upstream bug fixes (bsc#1027519) 5e16fb6a-x86-clear-per-cpu-stub-page-info.patch 5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch- Update to Xen 4.12.2 bug fix release (bsc#1027519) xen-4.12.2-testing-src.tar.bz2 - Drop patches contained in new tarball 5d419d49-x86-spec-ctrl-report-proper-status.patch 5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch 5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch 5d4afa7a-credit2-fix-memory-leak.patch 5d4d850a-introduce-bss-percpu-page-aligned.patch 5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch 5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch 5d6524ca-x86-mm-correctly-init-M2P-entries.patch 5d67ceaf-x86-properly-gate-PKU-clearing.patch 5d70bfba-x86-shadow-dont-enable-with-too-small-allocation.patch 5d779811-x86-fix-CPUID7-0-eax-levelling-MSR.patch 5d77b40f-fix-hvm_all_ioreq_servers_add_vcpu-cleanup.patch 5d80ea13-vpci-honor-read-only-devices.patch 5d89d8d9-libxc-x86-avoid-overflow-in-CPUID-APIC-ID.patch 5d8b715f-ACPI-cpuidle-bump-max-num-of-states.patch 5d8ce179-sched-dont-leak-XEN_RUNSTATE_UPDATE.patch 5d947b01-x86-crash-force-unlock-console.patch 5d948bdb-IOMMU-add-missing-HVM-check.patch 5d9ef2a1-EFI-deref-pointer-in-set_color.patch 5d9ef2c5-EFI-gfx-mode-for-MB2-boot.patch 5d9ef2ef-PCI-clear-maskall-fields-on-assign.patch 5d9f454a-x86-EFI-pixel-reserved-0.patch 5db07974-x86-update-time-info-on-TSC-adjustments.patch 5db2b4a2-x86-is_xen_fixed_mfn-off-by-1.patch 5db892ac-VT-x-correct-BDF93-workaround.patch 5db892ac-VT-x-fix-Haswell-Broadwell-LBR-TSX-errata.patch 5dbaf89f-dont-use-BUG-for-parameter-checking.patch 5dbaf8e0-x86-PV-check-GDT-LDT-limits-during-emulation.patch 5dbaf990-x86-mm-L1TF-checks-dont-leave-partial-entry.patch 5dbaf9b2-x86-mm-dont-re-set-PGT_pinned-on-partial-page.patch 5dbaf9ce-x86-mm-split-partial_pte-tristate.patch 5dbaf9f5-x86-mm-use-flags-for-_put_page_type.patch 5dbafa13-x86-mm-rework-get_page_and_type_from_mfn-conditional.patch 5dbafa46-x86-mm-alloc_lN_table-clear-partial_flags-when-preempting.patch 5dbafa5c-x86-mm-always-retain-general-ref-on-partial.patch 5dbafa7f-x86-mm-collapse-PTF_partial_.patch 5dbafaa4-x86-mm-properly-handle-linear-pt-promotion-failure.patch 5dbafabd-x86-mm-fix-nested-devalidation-on-error.patch 5dbafad5-x86-mm-dont-drop-type-ref-unless.patch 5dbafb0d-Arm-p2m-avoid-aliasing-guest-physical-frame.patch 5dbafb4e-Arm-p2m-avoid-off-by-1-check-on-max_mapped_gfn.patch 5dbafb72-Arm-p2m-dont-check-p2m_get_root_pointer-ret-with-BUG_ON.patch 5dbafba5-passthrough-quarantine-PCI-devices.patch 5dbafbda-Arm32-entry-Split-__DEFINE_ENTRY_TRAP.patch 5dbafbfd-Arm32-entry-fold-SAVE_ALL-into-vector-macro.patch 5dbafc3a-Arm32-dont-unmask-interrupts-on-trap-without-level-change.patch 5dbafc4f-Arm64-dont-unmask-interrupts-on-trap-without-level-change.patch 5dbc0d64-x86-fix-CONFIG_PV-build-following-XSA-299.patch 5dca846c-x86-fix-clear_IO_APIC_pin-raw-writes.patch 5dca84a2-AMD-IOMMU-dont-needlessly-trigger-errors-on-unmap.patch 5dcae816-VT-d-hide-superpages-for-SandyBridge.patch 5dcae816-VT-x-runtime-modification-of-exec-sp.patch 5dcae816-VT-x-work-around-executable-EPT-superpages.patch 5dcae816-x86-introduce-tsx-option.patch 5dcae816-x86-spec-ctrl-mitigate-TAA.patch 5dd6b229-add-va_end-to-hypercall_create_continuation.patch 5dd8126b-x86-vLAPIC-allow-APIC_SPIV_FOCUS_DISABLED.patch 5dd93ce0-vVMX-fix-livelock-with-XSA-304-fix.patch 5ddbb3d3-x86-mm-adjust-linear-usage-accounting.patch 5ddcff90-libxc-x86-dont-bump-ApicIdCoreSize-past-7.patch 5ddd2555-IOMMU-always-quarantine-PCI-devs.patch 5ddd25f9-EFI-fix-efi=attr-handling.patch 5ddfa851-VMX-always-sync-PIR-to-IRR.patch 5ddfd62b-x86-internal-IRQs-honor-PEOI-stack.patch 5de0007e-SVM-always-intercept-ICEBP.patch 5de0007e-SVM-write-correct-eip-into-outgoing-task.patch 5de0007e-VMX-early-task-switch-failures-semantics.patch 5de1632a-x86-IOMMU-scratch-page-in-quarantine-dom.patch 5de19115-rationalize-max-grant_frames-maptrack_frames.patch 5de52a86-x86-PSR-dont-write-out-of-range-COS.patch 5de65f84-gnttab-map-always-do-IOMMU-part.patch 5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch xsa307.patch xsa308.patch xsa309.patch xsa310-1.patch xsa310-2.patch xsa310-3.patch xsa311.patch- bsc#1158003 - VUL-0: CVE-2019-19581,CVE-2019-19582: xen: XSA-307 - find_next_bit() issues xsa307.patch - bsc#1158004 - VUL-0: CVE-2019-19583: xen: XSA-308 - VMX: VMentry failure with debug exceptions and blocked states xsa308.patch - bsc#1158005 - VUL-0: CVE-2019-19578: xen: XSA-309 - Linear pagetable use / entry miscounts xsa309.patch - bsc#1158006 - VUL-0: CVE-2019-19580: xen: XSA-310 - Further issues with restartable PV type change operations xsa310-1.patch xsa310-2.patch xsa310-3.patch - bsc#1158007 - VUL-0: CVE-2019-19577: xen: XSA-311 - dynamic height for the IOMMU pagetables xsa311.patch - Upstream bug fixes (bsc#1027519) 5dd6b229-add-va_end-to-hypercall_create_continuation.patch 5dd8126b-x86-vLAPIC-allow-APIC_SPIV_FOCUS_DISABLED.patch 5dd93ce0-vVMX-fix-livelock-with-XSA-304-fix.patch 5ddbb3d3-x86-mm-adjust-linear-usage-accounting.patch 5ddcff90-libxc-x86-dont-bump-ApicIdCoreSize-past-7.patch 5ddd2555-IOMMU-always-quarantine-PCI-devs.patch (Replaces xsa306.patch) 5ddd25f9-EFI-fix-efi=attr-handling.patch 5ddfa851-VMX-always-sync-PIR-to-IRR.patch 5ddfd62b-x86-internal-IRQs-honor-PEOI-stack.patch 5de0007e-VMX-early-task-switch-failures-semantics.patch 5de0007e-SVM-always-intercept-ICEBP.patch 5de0007e-SVM-write-correct-eip-into-outgoing-task.patch 5de1632a-x86-IOMMU-scratch-page-in-quarantine-dom.patch 5de19115-rationalize-max-grant_frames-maptrack_frames.patch 5de52a86-x86-PSR-dont-write-out-of-range-COS.patch 5de65f84-gnttab-map-always-do-IOMMU-part.patch 5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch- bsc#1157047 - PCI passthrough failed on AMD machine xen host 5dca846c-x86-fix-clear_IO_APIC_pin-raw-writes.patch 5dca84a2-AMD-IOMMU-dont-needlessly-trigger-errors-on-unmap.patch - bsc#1157888 - - VUL-0: xen: Device quarantine for alternate pci assignment methods xsa306.patch - Upstream bug fixes (bsc#1027519) 5dcae816-VT-x-runtime-modification-of-exec-sp.patch 5dcae816-VT-d-hide-superpages-for-SandyBridge.patch (Replaces xsa304-1.patch) 5dcae816-VT-x-work-around-executable-EPT-superpages.patch (Replaces xsa304-2.patch) 5dcae816-x86-introduce-tsx-option.patch (Replaces xsa305-1.patch) 5dcae816-x86-spec-ctrl-mitigate-TAA.patch (Replaces xsa305-2.patch)- Minor adjustments to these security patches for bsc#1155945 and bsc#1152497 xsa304-1.patch xsa304-2.patch xsa305-1.patch xsa305-2.patch- bsc#1154448 - VUL-0: CVE-2019-18420: xen: XSA-296: VCPUOP_initialise DoS 5dbaf89f-dont-use-BUG-for-parameter-checking.patch - bsc#1154456 - VUL-0: CVE-2019-18425: xen: XSA-298: missing descriptor table limit checking in x86 PV emulation 5dbaf8e0-x86-PV-check-GDT-LDT-limits-during-emulation.patch - bsc#1154458 - VUL-0: CVE-2019-18421: xen: XSA-299: Issues with restartable PV type change operations 5dbaf990-x86-mm-L1TF-checks-dont-leave-partial-entry.patch 5dbaf9b2-x86-mm-dont-re-set-PGT_pinned-on-partial-page.patch 5dbaf9ce-x86-mm-split-partial_pte-tristate.patch 5dbaf9f5-x86-mm-use-flags-for-_put_page_type.patch 5dbafa13-x86-mm-rework-get_page_and_type_from_mfn-conditional.patch 5dbafa46-x86-mm-alloc_lN_table-clear-partial_flags-when-preempting.patch 5dbafa5c-x86-mm-always-retain-general-ref-on-partial.patch 5dbafaa4-x86-mm-properly-handle-linear-pt-promotion-failure.patch 5dbafabd-x86-mm-fix-nested-devalidation-on-error.patch 5dbafad5-x86-mm-dont-drop-type-ref-unless.patch 5dbc0d64-x86-fix-CONFIG_PV-build-following-XSA-299.patch - bsc#1154460 - VUL-0: CVE-2019-18423: xen: XSA-301: add-to-physmap can be abused to DoS Arm hosts 5dbafb0d-Arm-p2m-avoid-aliasing-guest-physical-frame.patch 5dbafb4e-Arm-p2m-avoid-off-by-1-check-on-max_mapped_gfn.patch 5dbafb72-Arm-p2m-dont-check-p2m_get_root_pointer-ret-with-BUG_ON.patch - bsc#1154461 - VUL-0: CVE-2019-18424: xen: XSA-302: passed through PCI devices may corrupt host memory after deassignment 5dbafba5-passthrough-quarantine-PCI-devices.patch - bsc#1154464 - VUL-0: CVE-2019-18422: xen: XSA-303: ARM: Interrupts are unconditionally unmasked in exception handlers 5dbafbda-Arm32-entry-Split-__DEFINE_ENTRY_TRAP.patch 5dbafbfd-Arm32-entry-fold-SAVE_ALL-into-vector-macro.patch 5dbafc3a-Arm32-dont-unmask-interrupts-on-trap-without-level-change.patch 5dbafc4f-Arm64-dont-unmask-interrupts-on-trap-without-level-change.patch - bsc#1155945 - VUL-0: CVE-2018-12207: xen: Machine Check Error Avoidance on Page Size Change (aka IFU issue) xsa304-1.patch xsa304-2.patch - bsc#1152497 - VUL-0: CVE-2019-11135: xen: XSA-305: TSX Asynchronous Abort (TAA) issue xsa305-1.patch xsa305-2.patch - Upstream bug fixes (bsc#1027519) 5d9ef2a1-EFI-deref-pointer-in-set_color.patch 5d9f454a-x86-EFI-pixel-reserved-0.patch 5db2b4a2-x86-is_xen_fixed_mfn-off-by-1.patch 5d9ee2f0-AMD-IOMMU-allocate_buffer-avoid-memset.patch 5db892ac-VT-x-fix-Haswell-Broadwell-LBR-TSX-errata.patch 5d948bdb-IOMMU-add-missing-HVM-check.patch 5d9ee312-AMD-IOMMU-prefill-all-DTEs.patch 5d9ef2c5-EFI-gfx-mode-for-MB2-boot.patch 5db892ac-VT-x-correct-BDF93-workaround.patch 5d947b01-x86-crash-force-unlock-console.patch 5d8ce179-sched-dont-leak-XEN_RUNSTATE_UPDATE.patch 5d9ef2ef-PCI-clear-maskall-fields-on-assign.patch 5d9ee2a8-AMD-IOMMU-alloc-1-devtab-per-PCI-seg.patch 5db07974-x86-update-time-info-on-TSC-adjustments.patch 5dbafa7f-x86-mm-collapse-PTF_partial_.patch- bsc#1120095 - add code to change LIBXL_HOTPLUG_TIMEOUT at runtime The included README has details about the impact of this change libxl.LIBXL_HOTPLUG_TIMEOUT.patch- bsc#1135799 - Partner-L3: Xen crashes on AMD ROME based machines 5ca7660f-x86-entry-drop-unused-includes.patch 5cf8da09-adjust-sysdom-creation-call-earlier-on-x86.patch 5cab2a6b-x86-ACPI-also-parse-AMD-tables-early.patch 5cab2ab7-x86-IOMMU-introduce-init-ops.patch 5cab2ae8-x86-IOMMU-abstract-iommu_supports_eim.patch 5cab2b4e-x86-IOMMU-abstract-iommu_enable_x2apic_IR.patch 5cab2b95-x86-IOMMU-initialize-iommu_ops-in.patch 5cac9a4b-x86-IOMMU-abstract-adjust_vtd_irq_affinities.patch 5cdeac7f-AMD-IOMMU-adjust-IOMMU-list-head-init.patch 5d0cf4e4-AMD-IOMMU-initialize-IRQ-tasklet-once.patch 5d149bb0-AMD-IOMMU-dont-add-IOMMUs.patch 5d1b3fab-AMD-IOMMU-restrict-feature-logging.patch 5d358508-x86-IRQ-desc-affinity-represents-request.patch 5d358534-x86-IRQ-consolidate-arch-cpu_mask-use.patch 5d358a67-AMD-IOMMU-pass-IOMMU-to-iterate_ivrs_entries-cb.patch 5d358a92-AMD-IOMMU-pass-IOMMU-to-amd_iommu_alloc_intremap_table.patch 5d39811c-x86-IOMMU-dont-restrict-IRQ-affinities.patch 5d417813-AMD-IOMMU-bitfield-extended-features.patch 5d417838-AMD-IOMMU-bitfield-control-reg.patch 5d41785b-AMD-IOMMU-bitfield-IRTE.patch 5d41787e-AMD-IOMMU-pass-IOMMU-to-gfu-intremap-entry.patch 5d4178ad-AMD-IOMMU-128bit-non-guest-APIC-IRTE.patch 5d4178fc-AMD-IOMMU-split-amd_iommu_init_one.patch 5d41793f-AMD-IOMMU-allow-enabling-without-IRQ.patch 5d417a16-AMD-IOMMU-adjust-IRQ-setup-for-x2APIC.patch 5d417ab6-AMD-IOMMU-enable-x2APIC-mode.patch 5d417b38-AMD-IOMMU-correct-IRTE-updating.patch 5d417b6a-AMD-IOMMU-dont-needlessly-log-headers.patch 5d4a9d25-AMD-IOMMU-drop-not-found-message.patch 5d80e7c0-AMD-IOMMU-free-shared-IRT-once.patch 5d80e80d-AMD-IOMMU-valid-flag-for-IVRS-mappings.patch 5d80e82e-AMD-IOMMU-alloc_intremap_table-callers-handle-errors.patch 5d80e857-x86-PCI-read-MSI-X-table-entry-count-early.patch 5d8b72e5-AMD-IOMMU-dont-blindly-alloc-intremap-tables.patch 5d8b730e-AMD-IOMMU-phantom-funcs-share-intremap-tables.patch 5d8b733b-x86-PCI-read-max-MSI-vector-count-early.patch 5d8b736d-AMD-IOMMU-replace-INTREMAP_ENTRIES.patch 5d8b7393-AMD-IOMMU-restrict-intremap-table-sizes.patch - bsc#1145240 - [Migration]Can't pre-allocate 1 shadow pages 5d70bfba-x86-shadow-dont-enable-with-too-small-allocation.patch - bsc#1137717 - [HPS Bug] Unable to install Windows Server 2016 with 2 CPUs setting (or above) under SLES12 SP4 Xen Server on AMD ROME platform 5d89d8d9-libxc-x86-avoid-overflow-in-CPUID-APIC-ID.patch - Upstream bug fixes (bsc#1027519) 5d67ceaf-x86-properly-gate-PKU-clearing.patch 5d779811-x86-fix-CPUID7-0-eax-levelling-MSR.patch 5d77b40f-fix-hvm_all_ioreq_servers_add_vcpu-cleanup.patch 5d80ea13-vpci-honor-read-only-devices.patch 5d8b715f-ACPI-cpuidle-bump-max-num-of-states.patch- bsc#1145774 - Libivrtd segfaults when trying to live migrate a VM Fix crash in an error path of libxl_domain_suspend with libxl.helper_done-crash.patch- Upstream bug fixes (bsc#1027519) 5d419d49-x86-spec-ctrl-report-proper-status.patch 5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch 5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch 5d4afa7a-credit2-fix-memory-leak.patch 5d4d850a-introduce-bss-percpu-page-aligned.patch 5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch 5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch 5d6524ca-x86-mm-correctly-init-M2P-entries.patch - Drop 5d419d49-x86-spec-ctrl-facilities-report-wrong-status.patch- Update to Xen 4.12.1 bug fix release (bsc#1027519) xen-4.12.1-testing-src.tar.bz2 - Drop patches contained in new tarball 5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch 5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch 5c87b6c8-drop-arch_evtchn_inject.patch 5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch 5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch 5c8f752c-x86-e820-build-with-gcc9.patch 5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch 5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch 5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch 5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch 5c9e63c5-credit2-SMT-idle-handling.patch 5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch 5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch 5cd921fb-trace-fix-build-with-gcc9.patch 5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch 5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch 5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch 5cd926d0-bitmap_fill-zero-sized.patch 5cd92724-drivers-video-drop-constraints.patch 5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch 5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch 5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch 5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch 5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch 5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch 5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch 5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch 5cdeb9fd-sched-fix-csched2_deinit_pdata.patch 5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch 5cf0f6a4-x86-vhpet-resume-avoid-small-diff.patch 5cf16e51-x86-spec-ctrl-Knights-retpoline-safe.patch 5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch 5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch 5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch 5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch 5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch 5d03a0c4-6-Arm64-cmpxchg-simplify.patch 5d03a0c4-7-Arm32-cmpxchg-simplify.patch 5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch 5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch 5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch 5d03a0c4-B-bitops-guest-helpers.patch 5d03a0c4-C-cmpxchg-guest-helpers.patch 5d03a0c4-D-use-guest-atomics-helpers.patch 5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch 5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch - Refreshed patches libxl.pvscsi.patch- bsc#1143563 - Speculative mitigation facilities report wrong status 5d419d49-x86-spec-ctrl-facilities-report-wrong-status.patch- bsc#1138563 - L3: xenpvnetboot improperly ported to Python 3 fix-xenpvnetboot.patch- bsc#1138294 - VUL-0: CVE-2019-17349: XSA-295: Unlimited Arm Atomics Operations 5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch 5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch 5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch 5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch 5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch 5d03a0c4-6-Arm64-cmpxchg-simplify.patch 5d03a0c4-7-Arm32-cmpxchg-simplify.patch 5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch 5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch 5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch 5d03a0c4-B-bitops-guest-helpers.patch 5d03a0c4-C-cmpxchg-guest-helpers.patch 5d03a0c4-D-use-guest-atomics-helpers.patch 5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch 5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch - Upstream bug fixes (bsc#1027519) 5c87b6c8-drop-arch_evtchn_inject.patch 5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch 5cd921fb-trace-fix-build-with-gcc9.patch 5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch 5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch 5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch 5cd926d0-bitmap_fill-zero-sized.patch 5cd92724-drivers-video-drop-constraints.patch 5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch (Replaces xsa297-0a.patch) 5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch (Replaces xsa297-0b.patch) 5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch (Replaces xsa297-0c.patch) 5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch (Replaces xsa297-0d.patch) 5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch (Replaces xsa297-1.patch) 5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch (Replaces xsa297-2.patch) 5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch (Replaces xsa297-3.patch) 5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch 5cdeb9fd-sched-fix-csched2_deinit_pdata.patch 5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch 5cf0f6a4-x86-vhpet-resume-avoid-small-diff.patch 5cf16e51-x86-spec-ctrl-Knights-retpoline-safe.patch- Fix some outdated information in the readme README.SUSE- spec: xen-tools: require matching version of xen package bsc#1137471- Remove two stale patches xen.build-compare.man.patch xenpaging.doc.patch- Disable LTO (boo#1133296).- Remove arm32 from ExclusiveArch to fix build- bsc#1111331 - VUL-0: CPU issues Q2 2019 aka "Group 4". CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 xsa297-0a.patch xsa297-0b.patch xsa297-0c.patch xsa297-0d.patch xsa297-1.patch xsa297-2.patch xsa297-3.patch - Update 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch and drop 5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch Refresh 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch- bsc#1131811 - [XEN] internal error: libxenlight failed to create new domain. This patch is a workaround for a systemd issue. See patch header for additional comments. xenstore-launch.patch- bsc#1125378 - [xen][pygrub] Can not restore sle11sp4 pv guest after upgrading host from sle11sp4 to sle15sp1 pygrub-python3-conversion.patch - Fix "TypeError: virDomainDefineXML() argument 2 must be str or None, not bytes" when converting VMs from using the xm/xend toolstack to the libxl/libvirt toolstack. (bsc#1123378) xen2libvirt.py- bsc#1124560 - Fully virtualized guests crash on boot 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch - bsc#1121391 - GCC 9: xen build fails 5c8f752c-x86-e820-build-with-gcc9.patch - Upstream bug fixes (bsc#1027519) 5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch 5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch 5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch 5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch 5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch 5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch 5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch 5c9e63c5-credit2-SMT-idle-handling.patch 5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch 5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch 5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch- Install pkgconfig files into libdir instead of datadir- Update to Xen 4.12.0 FCS release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2 * HVM/PVH and PV only Hypervisor: The Xen 4.12 release separates the HVM/PVH and PV code paths in Xen and provides KCONFIG options to build a PV only or HVM/PVH only hypervisor. * QEMU Deprivilege (DM_RESTRICT): In Xen 4.12, this feature has been vastly improved. * Argo - Hypervisor-Mediated data eXchange: Argo is a new inter- domain communication mechanism. * Improvements to Virtual Machine Introspection: The VMI subsystem which allows detection of 0-day vulnerabilities has seen many functional and performance improvements. * Credit 2 Scheduler: The Credit2 scheduler is now the Xen Project default scheduler. * PVH Support: Grub2 boot support has been added to Xen and Grub2. * PVH Dom0: PVH Dom0 support has now been upgraded from experimental to tech preview. * The Xen 4.12 upgrade also includes improved IOMMU mapping code, which is designed to significantly improve the startup times of AMD EPYC based systems. * The upgrade also features Automatic Dom0 Sizing which allows the setting of Dom0 memory size as a percentage of host memory (e.g. 10%) or with an offset (e.g. 1G+10%).- bsc#1130485 - Please drop Requires on multipath-tools in xen-tools. Now using Recommends multipath-tools. xen.spec- Update to Xen 4.12.0 RC7 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2- Update to Xen 4.12.0 RC6 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2- bsc#1026236 - add Xen cmdline option "suse_vtsc_tolerance" to avoid TSC emulation for HVM domUs if their expected frequency does not match exactly the frequency of the receiving host xen.bug1026236.suse_vtsc_tolerance.patch- Update to Xen 4.12.0 RC5 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2- jsc#SLE-3059 - Disable Xen auto-ballooning - Add CONFIG_DOM0_MEM to the spec file for managing dom0 memory. xen.spec - Disable autoballooning in xl.con xl-conf-disable-autoballoon.patch- Update gcc9-ignore-warnings.patch to fix build in SLE12- bsc#1126325 - fix crash in libxl in error path Setup of grant_tables and other variables may fail libxl.prepare-environment-for-domcreate_stream_done.patch- bsc#1127620 - Documentation for the xl configuration file allows for firmware=pvgrub64 but we don't ship pvgrub64. Create a link from grub.xen to pvgrub64 xen.spec- Update to Xen 4.12.0 RC4 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2 - Tarball also contains additional post RC4 security fixes for Xen Security Advisories 287, 288, and 290 through 294.- Update to Xen 4.12.0 RC3 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2- Update to Xen 4.12.0 RC2 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2- bsc#1121391 - GCC 9: xen build fails gcc9-ignore-warnings.patch- bsc#1122563 - Virtualization/xen: Bug no Xen on boot, missing /proc/xen, after 4.11 -> 4.12 upgrade on X86_64/efi. Keep xen.efi in /usr/lib64/efi for booting older distros. xen.spec- fate#326960: Package grub2 as noarch. As part of the effort to have a unified bootloader across architectures, modify the xen.spec file to move the Xen efi files to /usr/share/efi/$(uname -m) from /usr/lib64/efi.- Update to Xen 4.12.0 RC1 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2 - Drop 5b505d59-tools-xentop-replace-use-of-deprecated-vwprintw.patch 5b76ec82-libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch 5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch 5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch 5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch 5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch 5b9784d2-x86-HVM-add-known_gla-helper.patch 5b9784f2-x86-HVM-split-page-straddling-accesses.patch 5bdc31d5-VMX-fix-vmx_handle_eoi.patch gcc8-fix-array-warning-on-i586.patch gcc8-fix-format-warning-on-i586.patch gcc8-inlining-failed.patch xen.bug1079730.patch- bsc#1121960 - xen: sync with Factory xen.spec xen.changes- Replace old $RPM_* shell vars. - Run fdupes for all architectures, and not crossing subvolume boundaries.- Do not run %fdupes on aarch64 to avoid the hardlink-across-partition rpmlint error- Require qemu-seabios only on x86* as it is not available on non-x86 systems- Avoid creating dangling symlinks (bsc#1116524) This reverts the revert of tmp_build.patch- Update to Xen 4.11.1 bug fix release (bsc#1027519) xen-4.11.1-testing-src.tar.bz2 - 5b505d59-tools-xentop-replace-use-of-deprecated-vwprintw.patch replaces xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch - 5b76ec82-libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch replaces xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch - Drop the following patches contained in the new tarball 5b34b8fe-VMX-defer-vmx_vmcs_exit-as-long-as-possible.patch 5b3cab8e-1-VMX-MSR_DEBUGCTL-handling.patch 5b3cab8e-2-VMX-improve-MSR-load-save-API.patch 5b3cab8e-3-VMX-cleanup-MSR-load-save-infra.patch 5b3cab8f-1-VMX-factor-out-locate_msr_entry.patch 5b3cab8f-2-VMX-remote-access-to-MSR-lists.patch 5b3cab8f-3-VMX-improve-LBR-MSR-handling.patch 5b3cab8f-4-VMX-pass-MSR-value-into-vmx_msr_add.patch 5b3cab8f-5-VMX-load-only-guest-MSR-entries.patch 5b3f8fa5-port-array_index_nospec-from-Linux.patch 5b4321f6-x86-correctly-set-nonlazy_xstate_used-when-loading-full-state.patch 5b4488e7-x86-spec-ctrl-cmdline-handling.patch 5b471517-page_alloc-correct-first_dirty-calc-in-block-merging.patch 5b4c9a60-allow-cpu_down-to-be-called-earlier.patch 5b4db308-SVM-fix-cleanup-svm_inject_event.patch 5b5040c3-cpupools-fix-state-when-downing-a-CPU-failed.patch 5b5040f2-x86-AMD-distinguish-CU-from-HT.patch 5b505fe5-VMX-fix-find-msr-build.patch 5b508775-1-x86-distinguish-CPU-offlining-and-removal.patch 5b508775-2-x86-possibly-bring-up-all-CPUs.patch 5b508775-3-x86-cmdline-opt-to-avoid-use-of-secondary-HTs.patch 5b508ce8-VMX-dont-clobber-dr6-while-debug-state-is-lazy.patch 5b50df16-1-x86-xstate-use-guest-CPUID-policy.patch 5b50df16-2-x86-make-xstate-calculation-errors-more-obvious.patch 5b56feb1-hvm-Disallow-unknown-MSR_EFER-bits.patch 5b56feb2-spec-ctrl-Fix-the-parsing-of-xpti--on-fixed-Intel-hardware.patch 5b62ca93-VMX-avoid-hitting-BUG_ON.patch 5b6d84ac-x86-fix-improve-vlapic-read-write.patch 5b6d8ce2-x86-XPTI-parsing.patch 5b72fbbe-ARM-disable-grant-table-v2.patch 5b72fbbe-oxenstored-eval-order.patch 5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch 5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch 5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch 5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch 5b72fbbf-4-mm-Plumbing-to-allow-any-PTE-update-to-fail-with--ERESTART.patch 5b72fbbf-5-pv-Force-a-guest-into-shadow-mode-when-it-writes-an-L1TF-vulnerable-PTE.patch 5b72fbbf-6-spec-ctrl-CPUID-MSR-definitions-for-L1D_FLUSH.patch 5b72fbbf-7-msr-Virtualise-MSR_FLUSH_CMD-for-guests.patch 5b72fbbf-8-spec-ctrl-Introduce-an-option-to-control-L1D_FLUSH-for-HVM-HAP-guests.patch 5b72fbbf-x86-Make-spec-ctrl-no-a-global-disable-of-all-mitigations.patch 5b72fbbf-xl.conf-Add-global-affinity-masks.patch 5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch 5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch 5b75afef-x86-setup-avoid-OoB-E820-lookup.patch 5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch 5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch 5b8d5832-x86-assorted-array_index_nospec-insertions.patch 5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch 5bacae4b-x86-boot-allocate-extra-module-slot.patch 5bae44ce-x86-silence-false-log-messages.patch 5bb60c12-x86-split-opt_xpti.patch 5bb60c4f-x86-split-opt_pv_l1tf.patch 5bb60c74-x86-fix-xpti-and-pv-l1tf.patch 5bcf0722-x86-boot-enable-NMIs.patch 5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch 5bd076e9-x86-boot-init-debug-regs-correctly.patch 5bd076e9-x86-init-vcpu-debug-regs-correctly.patch 5bd0e0cf-vvmx-Disallow-the-use-of-VT-x-instructions-when-nested-virt-is-disabled.patch 5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch 5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch 5be2a308-x86-extend-get_platform_badpages.patch 5be2a354-x86-work-around-HLE-host-lockup-erratum.patch xsa275-1.patch xsa275-2.patch xsa276-1.patch xsa276-2.patch xsa277.patch xsa279.patch xsa280-1.patch xsa280-2.patch- bsc#1116524 - Package xen-tools-4.11.0_09-2.1.x86_64 broken: Missing /bin/domu-xenstore. This was broken because "make package build reproducible" change. (boo#1047218, boo#1062303) This fix reverses the change to this patch. tmp_build.patch- bsc#1115040 - VUL-0: CVE-2018-19961 CVE-2018-19962: xen: insufficient TLB flushing / improper large page mappings with AMD IOMMUs (XSA-275) xsa275-1.patch xsa275-2.patch - bsc#1115043 - VUL-0: CVE-2018-19963: xen: resource accounting issues in x86 IOREQ server handling (XSA-276) xsa276-1.patch xsa276-2.patch - bsc#1115044 - VUL-0: CVE-2018-19964: xen: x86: incorrect error handling for guest p2m page removals (XSA-277) xsa277.patch - bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even when disabled (XSA-278) 5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch - bsc#1115045 - VUL-0: xen: CVE-2018-19965: x86: DoS from attempting to use INVPCID with a non-canonical addresses (XSA-279) xsa279.patch - bsc#1115047 - VUL-0: CVE-2018-19966: xen: Fix for XSA-240 conflicts with shadow paging (XSA-280) xsa280-1.patch xsa280-2.patch - bsc#1114988 - VUL-0: CVE-2018-19967: xen: guest use of HLE constructs may lock up host (XSA-282) 5be2a308-x86-extend-get_platform_badpages.patch 5be2a354-x86-work-around-HLE-host-lockup-erratum.patch - bsc#1108940 - L3: XEN SLE12-SP1 domU hang on SLE12-SP3 HV 5bdc31d5-VMX-fix-vmx_handle_eoi.patch - Upstream bug fixes (bsc#1027519) 5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch 5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch 5bacae4b-x86-boot-allocate-extra-module-slot.patch 5bae44ce-x86-silence-false-log-messages.patch 5bb60c12-x86-split-opt_xpti.patch 5bb60c4f-x86-split-opt_pv_l1tf.patch 5bb60c74-x86-fix-xpti-and-pv-l1tf.patch 5bcf0722-x86-boot-enable-NMIs.patch 5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch 5bd076e9-x86-boot-init-debug-regs-correctly.patch 5bd076e9-x86-init-vcpu-debug-regs-correctly.patch 5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch- bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even when disabled (XSA-278) 5bd0e0cf-vvmx-Disallow-the-use-of-VT-x-instructions-when-nested-virt-is-disabled.patch- Use SMBIOS_REL_DATE instead of SMBIOS_DATE for reproducible binaries- make package build reproducible (boo#1047218, boo#1062303) * Set SMBIOS_REL_DATE * Update tmp_build.patch to use SHA instead of random build-id * Add reproducible.patch to use --no-insert-timestamp- Building with ncurses 6.1 will fail without xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch - Building libxl acpi support on aarch64 with gcc 8.2 will fail without xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch- bsc#1106263 - L3: The affinity reporting via 'xl vcpu-list' is apparently broken 5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch 5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch 5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch- bsc#1094508 - L3: Kernel oops in fs/dcache.c called by d_materialise_unique() 5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch 5b9784d2-x86-HVM-add-known_gla-helper.patch 5b9784f2-x86-HVM-split-page-straddling-accesses.patch - bsc#1103279 - (CVE-2018-15470) VUL-0: CVE-2018-15470: xen: oxenstored does not apply quota-maxentity (XSA-272) 5b72fbbe-oxenstored-eval-order.patch - bsc#1103275 - (CVE-2018-15469) VUL-0: CVE-2018-15469: xen: Use of v2 grant tables may cause crash on ARM (XSA-268) 5b72fbbe-ARM-disable-grant-table-v2.patch - Upstream patches from Jan (bsc#1027519) 5b6d84ac-x86-fix-improve-vlapic-read-write.patch 5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch 5b75afef-x86-setup-avoid-OoB-E820-lookup.patch 5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch 5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch 5b8d5832-x86-assorted-array_index_nospec-insertions.patch - Drop 5b741962-x86-write-to-correct-variable-in-parse_pv_l1tf.patch- bsc#1078292 - rpmbuild -ba SPECS/xen.spec with xen-4.9.1 failed xen.spec- bsc#1091107 - VUL-0: CVE-2018-3646: xen: L1 Terminal Fault -VMM (XSA-273) 5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch 5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch 5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch 5b72fbbf-4-mm-Plumbing-to-allow-any-PTE-update-to-fail-with--ERESTART.patch 5b72fbbf-5-pv-Force-a-guest-into-shadow-mode-when-it-writes-an-L1TF-vulnerable-PTE.patch 5b72fbbf-6-spec-ctrl-CPUID-MSR-definitions-for-L1D_FLUSH.patch 5b72fbbf-7-msr-Virtualise-MSR_FLUSH_CMD-for-guests.patch 5b72fbbf-8-spec-ctrl-Introduce-an-option-to-control-L1D_FLUSH-for-HVM-HAP-guests.patch - bsc#1103276 - VUL-0: CVE-2018-15468: xen: x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS (XSA-269) 5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch - Upstream prereq patches for XSA-273 and other upstream fixes (bsc#1027519) 5b34b8fe-VMX-defer-vmx_vmcs_exit-as-long-as-possible.patch 5b3cab8e-1-VMX-MSR_DEBUGCTL-handling.patch 5b3cab8e-2-VMX-improve-MSR-load-save-API.patch 5b3cab8e-3-VMX-cleanup-MSR-load-save-infra.patch 5b3cab8f-1-VMX-factor-out-locate_msr_entry.patch 5b3cab8f-2-VMX-remote-access-to-MSR-lists.patch 5b3cab8f-3-VMX-improve-LBR-MSR-handling.patch 5b3cab8f-4-VMX-pass-MSR-value-into-vmx_msr_add.patch 5b3cab8f-5-VMX-load-only-guest-MSR-entries.patch 5b4321f6-x86-correctly-set-nonlazy_xstate_used-when-loading-full-state.patch 5b505fe5-VMX-fix-find-msr-build.patch 5b56feb1-hvm-Disallow-unknown-MSR_EFER-bits.patch 5b56feb2-spec-ctrl-Fix-the-parsing-of-xpti--on-fixed-Intel-hardware.patch 5b62ca93-VMX-avoid-hitting-BUG_ON.patch 5b6d8ce2-x86-XPTI-parsing.patch 5b72fbbf-x86-Make-spec-ctrl-no-a-global-disable-of-all-mitigations.patch 5b72fbbf-xl.conf-Add-global-affinity-masks.patch 5b741962-x86-write-to-correct-variable-in-parse_pv_l1tf.patch- Upstream patches from Jan (bsc#1027519) 5b3f8fa5-port-array_index_nospec-from-Linux.patch 5b4488e7-x86-spec-ctrl-cmdline-handling.patch 5b471517-page_alloc-correct-first_dirty-calc-in-block-merging.patch 5b4c9a60-allow-cpu_down-to-be-called-earlier.patch 5b4db308-SVM-fix-cleanup-svm_inject_event.patch 5b5040c3-cpupools-fix-state-when-downing-a-CPU-failed.patch 5b5040f2-x86-AMD-distinguish-CU-from-HT.patch 5b508775-1-x86-distinguish-CPU-offlining-and-removal.patch 5b508775-2-x86-possibly-bring-up-all-CPUs.patch 5b508775-3-x86-cmdline-opt-to-avoid-use-of-secondary-HTs.patch 5b508ce8-VMX-dont-clobber-dr6-while-debug-state-is-lazy.patch 5b50df16-1-x86-xstate-use-guest-CPUID-policy.patch 5b50df16-2-x86-make-xstate-calculation-errors-more-obvious.patch gcc8-fix-format-warning-on-i586.patch gcc8-fix-array-warning-on-i586.patch - Drop xen.fuzz-_FORTIFY_SOURCE.patch gcc8-fix-warning-on-i586.patch- Update to Xen 4.11.0 FCS (fate#325202, fate#325123) xen-4.11.0-testing-src.tar.bz2 disable-building-pv-shim.patch - Dropped patches 5a33a12f-domctl-improve-locking-during-domain-destruction.patch 5a6703cb-x86-move-invocations-of-hvm_flush_guest_tlbs.patch 5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch 5a9985bd-x86-invpcid-support.patch 5ac72a48-gcc8.patch 5ac72a5f-gcc8.patch 5ac72a64-gcc8.patch 5ac72a69-gcc8.patch 5ac72a6e-gcc8.patch 5ac72a74-gcc8.patch 5ac72a7b-gcc8.patch 5ad4923e-x86-correct-S3-resume-ordering.patch 5ad49293-x86-suppress-BTI-mitigations-around-S3.patch 5ad600d4-x86-pv-introduce-x86emul_read_dr.patch 5ad600d4-x86-pv-introduce-x86emul_write_dr.patch 5ad8c3a7-x86-spec_ctrl-update-retpoline-decision-making.patch 5adda097-x86-HPET-fix-race-triggering-ASSERT.patch 5adda0d5-x86-HVM-never-retain-emulated-insn-cache.patch 5adde9ed-xpti-fix-double-fault-handling.patch 5ae06fad-SVM-fix-intercepts-for-SYS-CALL-ENTER-MSRs.patch 5ae31917-x86-cpuidle-init-stats-lock-once.patch 5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch 5aeaeaf0-sched-fix-races-in-vcpu-migration.patch 5aeb2c57-x86-retval-checks-of-set-guest-trapbounce.patch 5aec7393-1-x86-xpti-avoid-copy.patch 5aec7393-2-x86-xpti-write-cr3.patch 5aec744a-3-x86-xpti-per-domain-flag.patch 5aec744a-4-x86-xpti-use-invpcid.patch 5aec744a-5-x86-xpti-no-global-pages.patch 5aec744a-6-x86-xpti-cr3-valid-flag.patch 5aec744a-7-x86-xpti-pv_guest_cr4_to_real_cr4.patch 5aec744b-8-x86-xpti-cr3-helpers.patch 5aec74a8-9-x86-xpti-use-pcid.patch 5af1daa9-1-x86-traps-fix-dr6-handing-in-DB-handler.patch 5af1daa9-2-x86-pv-move-exception-injection-into-test_all_events.patch 5af1daa9-3-x86-traps-use-IST-for-DB.patch 5af1daa9-4-x86-traps-fix-handling-of-DB-in-hypervisor-context.patch 5af1daa9-x86-HVM-guard-against-bogus-emulator-ioreq-state.patch 5af1daa9-x86-vpt-support-IO-APIC-routed-intr.patch 5af97999-viridian-cpuid-leaf-40000003.patch 5afc13ae-1-x86-read-MSR_ARCH_CAPABILITIES-once.patch 5afc13ae-2-x86-express-Xen-SPEC_CTRL-choice-as-variable.patch 5afc13ae-3-x86-merge-bti_ist_info-use_shadow_spec_ctrl.patch 5afc13ae-4-x86-fold-XEN_IBRS-ALTERNATIVES.patch 5afc13ae-5-x86-rename-bits-of-spec_ctrl-infrastructure.patch 5afc13ae-6-x86-elide-MSR_SPEC_CTRL-handling-in-idle.patch 5afc13ae-7-x86-split-X86_FEATURE_SC_MSR.patch 5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch 5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch 5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch 5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch 5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch 5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch 5b0bc9da-x86-XPTI-fix-S3-resume.patch 5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x80000008.patch 5b0d2d91-x86-suppress-sync-when-XPTI-off.patch 5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch 5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch 5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch 5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch 5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch 5b238b92-x86-HVM-account-for-fully-eager-FPU.patch 5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch 5b31e004-x86-HVM-emul-attempts-FPU-set-fpu_initialised.patch 5b323e3c-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch 5b34882d-x86-mm-dont-bypass-preemption-checks.patch 5b348874-x86-refine-checks-in-DB-handler.patch 5b348897-libxl-qemu_disk_scsi_drive_string-break-out-common.patch 5b3488a2-libxl-restore-passing-ro-to-qemu-for-SCSI-disks.patch 5b34891a-x86-HVM-dont-cause-NM-to-be-raised.patch 5b348954-x86-guard-against-NM.patch libxl.Add-a-version-check-of-QEMU-for-QMP-commands.patch libxl.LIBXL_DESTROY_TIMEOUT.patch libxl.qmp-Tell-QEMU-about-live-migration-or-snapshot.patch xen_fix_build_with_acpica_20180427_and_new_packages.patch- Submit upstream patch libacpi: fixes for iasl >= 20180427 git commit 858dbaaeda33b05c1ac80aea0ba9a03924e09005 xen_fix_build_with_acpica_20180427_and_new_packages.patch This is needed for acpica package to get updated in our build service- Upstream patches from Jan (bsc#1027519) 5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch (Replaces Spectre-v4-1.patch) 5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch (Replaces Spectre-v4-2.patch) 5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch (Replaces Spectre-v4-3.patch) 5b0bc9da-x86-XPTI-fix-S3-resume.patch 5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x80000008.patch 5b0d2d91-x86-suppress-sync-when-XPTI-off.patch 5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch 5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch 5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch 5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch (Replaces xsa267-1.patch) 5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch (Replaces xsa267-2.patch) 5b238b92-x86-HVM-account-for-fully-eager-FPU.patch 5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch 5b31e004-x86-HVM-emul-attempts-FPU-set-fpu_initialised.patch 5b323e3c-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch 5b34882d-x86-mm-dont-bypass-preemption-checks.patch (Replaces xsa264.patch) 5b348874-x86-refine-checks-in-DB-handler.patch (Replaces xsa265.patch) 5b348897-libxl-qemu_disk_scsi_drive_string-break-out-common.patch (Replaces xsa266-1-<>.patch) 5b3488a2-libxl-restore-passing-ro-to-qemu-for-SCSI-disks.patch (Replaces xsa266-2-<>.patch) 5b34891a-x86-HVM-dont-cause-NM-to-be-raised.patch 5b348954-x86-guard-against-NM.patch- Fix more build gcc8 related failures with xen.fuzz-_FORTIFY_SOURCE.patch- bsc#1098403 - fix regression introduced by changes for bsc#1079730 a PV domU without qcow2 and/or vfb has no qemu attached. Ignore QMP errors for PV domUs to handle PV domUs with and without an attached qemu-xen. xen.bug1079730.patch- bsc#1097521 - VUL-0: CVE-2018-12891: xen: preemption checks bypassed in x86 PV MM handling (XSA-264) xsa264.patch - bsc#1097522 - VUL-0: CVE-2018-12893: xen: x86: #DB exception safety check can be triggered by a guest (XSA-265) xsa265.patch - bsc#1097523 - VUL-0: CVE-2018-12892: xen: libxl fails to honour readonly flag on HVM emulated SCSI disks (XSA-266) xsa266-1-libxl-qemu_disk_scsi_drive_string-Break-out-common-p.patch xsa266-2-libxl-restore-passing-readonly-to-qemu-for-SCSI-disk.patch- bsc#1095242 - VUL-0: CVE-2018-3665: xen: Lazy FP Save/Restore (XSA-267) xsa267-1.patch xsa267-2.patch- bsc#1092543 - GCC 8: xen build fails gcc8-fix-warning-on-i586.patch- bsc#1092631 - VUL-0: CVE-2018-3639: xen: V4 – Speculative Store Bypass aka "Memory Disambiguation" (XSA-263) 5ad4923e-x86-correct-S3-resume-ordering.patch 5ad49293-x86-suppress-BTI-mitigations-around-S3.patch 5afc13ae-1-x86-read-MSR_ARCH_CAPABILITIES-once.patch 5afc13ae-2-x86-express-Xen-SPEC_CTRL-choice-as-variable.patch 5afc13ae-3-x86-merge-bti_ist_info-use_shadow_spec_ctrl.patch 5afc13ae-4-x86-fold-XEN_IBRS-ALTERNATIVES.patch 5afc13ae-5-x86-rename-bits-of-spec_ctrl-infrastructure.patch 5afc13ae-6-x86-elide-MSR_SPEC_CTRL-handling-in-idle.patch 5afc13ae-7-x86-split-X86_FEATURE_SC_MSR.patch 5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch 5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch 5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch Spectre-v4-1.patch Spectre-v4-2.patch Spectre-v4-3.patch- Always call qemus xen-save-devices-state in suspend/resume to fix migration with qcow2 images (bsc#1079730) libxl.Add-a-version-check-of-QEMU-for-QMP-commands.patch libxl.qmp-Tell-QEMU-about-live-migration-or-snapshot.patch xen.bug1079730.patch- bsc#1087289 - L3: Xen BUG at sched_credit.c:1663 5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch 5aeaeaf0-sched-fix-races-in-vcpu-migration.patch - Upstream patches from Jan (bsc#1027519) 5ad600d4-x86-pv-introduce-x86emul_read_dr.patch 5ad600d4-x86-pv-introduce-x86emul_write_dr.patch 5ad8c3a7-x86-spec_ctrl-update-retpoline-decision-making.patch 5adda097-x86-HPET-fix-race-triggering-ASSERT.patch 5adda0d5-x86-HVM-never-retain-emulated-insn-cache.patch 5ae06fad-SVM-fix-intercepts-for-SYS-CALL-ENTER-MSRs.patch 5ae31917-x86-cpuidle-init-stats-lock-once.patch 5aeb2c57-x86-retval-checks-of-set-guest-trapbounce.patch 5af1daa9-1-x86-traps-fix-dr6-handing-in-DB-handler.patch (Replaces xsa260-1.patch) 5af1daa9-2-x86-pv-move-exception-injection-into-test_all_events.patch (Replaces xsa260-2.patch) 5af1daa9-3-x86-traps-use-IST-for-DB.patch (Replaces xsa260-3.patch) 5af1daa9-4-x86-traps-fix-handling-of-DB-in-hypervisor-context.patch (Replaces xsa260-4.patch) 5af1daa9-x86-HVM-guard-against-bogus-emulator-ioreq-state.patch (Replaces xsa262.patch) 5af1daa9-x86-vpt-support-IO-APIC-routed-intr.patch (Replaces xsa261.patch) 5af97999-viridian-cpuid-leaf-40000003.patch- Fixes related to Page Table Isolation (XPTI). bsc#1074562 XSA-254 5a6703cb-x86-move-invocations-of-hvm_flush_guest_tlbs.patch 5a9985bd-x86-invpcid-support.patch 5adde9ed-xpti-fix-double-fault-handling.patch 5aec7393-1-x86-xpti-avoid-copy.patch 5aec7393-2-x86-xpti-write-cr3.patch 5aec744a-3-x86-xpti-per-domain-flag.patch 5aec744a-4-x86-xpti-use-invpcid.patch 5aec744a-5-x86-xpti-no-global-pages.patch 5aec744a-6-x86-xpti-cr3-valid-flag.patch 5aec744a-7-x86-xpti-pv_guest_cr4_to_real_cr4.patch 5aec744b-8-x86-xpti-cr3-helpers.patch 5aec74a8-9-x86-xpti-use-pcid.patch- bsc#1092543 - GCC 8: xen build fails 5ac72a48-gcc8.patch 5ac72a5f-gcc8.patch 5ac72a64-gcc8.patch 5ac72a69-gcc8.patch 5ac72a6e-gcc8.patch 5ac72a74-gcc8.patch 5ac72a7b-gcc8.patch gcc8-inlining-failed.patch- Update to Xen 4.10.1 bug fix release (bsc#1027519) xen-4.10.1-testing-src.tar.bz2 disable-building-pv-shim.patch - Drop the following patches contained in the new tarball 5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch 5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch 5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch 5a313972-x86-microcode-add-support-for-AMD-Fam17.patch 5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch 5a4caa5e-x86-IRQ-conditionally-preserve-access-perm.patch 5a4caa8c-x86-E820-don-t-overrun-array.patch 5a4e2bca-x86-free-msr_vcpu_policy-during-destruction.patch 5a4e2c2c-x86-upcall-inject-spurious-event-after-setting-vector.patch 5a4fd893-1-x86-break-out-alternative-asm-into-separate-header.patch 5a4fd893-2-x86-introduce-ALTERNATIVE_2-macros.patch 5a4fd893-3-x86-hvm-rename-update_guest_vendor-to-cpuid_policy_changed.patch 5a4fd893-4-x86-introduce-cpuid_policy_updated.patch 5a4fd893-5-x86-entry-remove-partial-cpu_user_regs.patch 5a4fd894-1-x86-rearrange-RESTORE_ALL-to-restore-in-stack-order.patch 5a4fd894-2-x86-hvm-use-SAVE_ALL-after-VMExit.patch 5a4fd894-3-x86-erase-guest-GPRs-on-entry-to-Xen.patch 5a4fd894-4-clarifications-to-wait-infrastructure.patch 5a534c78-x86-dont-use-incorrect-CPUID-values-for-topology.patch 5a5cb24c-x86-mm-always-set-_PAGE_ACCESSED-on-L4-updates.patch 5a5e2cff-x86-Meltdown-band-aid.patch 5a5e2d73-x86-Meltdown-band-aid-conditional.patch 5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch 5a5e3a4e-2-x86-support-indirect-thunks-from-asm.patch 5a5e3a4e-3-x86-report-speculative-mitigation-details.patch 5a5e3a4e-4-x86-AMD-set-lfence-as-Dispatch-Serialising.patch 5a5e3a4e-5-x86-introduce-alternative-indirect-thunks.patch 5a5e3a4e-6-x86-definitions-for-Indirect-Branch-Controls.patch 5a5e3a4e-7-x86-cmdline-opt-to-disable-IBRS-IBPB-STIBP.patch 5a5e459c-1-x86-SVM-offer-CPUID-faulting-to-AMD-HVM-guests.patch 5a5e459c-2-x86-report-domain-id-on-CPUID.patch 5a68bc16-x86-acpi-process-softirqs-logging-Cx.patch 5a69c0b9-x86-fix-GET_STACK_END.patch 5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch 5a6b36cd-2-x86-msr-emulation-of-SPEC_CTRL-PRED_CMD.patch 5a6b36cd-3-x86-migrate-MSR_SPEC_CTRL.patch 5a6b36cd-4-x86-hvm-permit-direct-access-to-SPEC_CTRL-PRED_CMD.patch 5a6b36cd-5-x86-use-SPEC_CTRL-on-entry.patch 5a6b36cd-6-x86-clobber-RSB-RAS-on-entry.patch 5a6b36cd-7-x86-no-alternatives-in-NMI-MC-paths.patch 5a6b36cd-8-x86-boot-calculate-best-BTI-mitigation.patch 5a6b36cd-9-x86-issue-speculation-barrier.patch 5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch 5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch 5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch 5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch 5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch 5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch 5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch 5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch 5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch 5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch 5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch 5a955800-gnttab-dont-free-status-pages-on-ver-change.patch 5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch 5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch 5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch 5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch 5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch 5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch 5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch xsa258.patch xsa259.patch- bsc#1090820 - VUL-0: CVE-2018-8897: xen: x86: mishandling of debug exceptions (XSA-260) xsa260-1.patch xsa260-2.patch xsa260-3.patch xsa260-4.patch - bsc#1090822 - VUL-0: CVE-2018-10982: xen: x86 vHPET interrupt injection errors (XSA-261) xsa261.patch - bsc#1090823 - VUL-0: CVE-2018-10981: xen: qemu may drive Xen into unbounded loop (XSA-262) xsa262.patch- bsc#1089152 - VUL-0: CVE-2018-10472: xen: Information leak via crafted user-supplied CDROM (XSA-258) xsa258.patch - bsc#1089635 - VUL-0: CVE-2018-10471: xen: x86: PV guest may crash Xen with XPTI (XSA-259) xsa259.patch- Preserve xen-syms from xen-dbg.gz to allow processing vmcores with crash(1) (bsc#1087251)- Upstream patches from Jan (bsc#1027519) and fixes related to Page Table Isolation (XPTI). See also bsc#1074562 XSA-254 5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch 5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch 5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch 5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch 5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch 5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch- bsc#1072834 - Xen HVM: unchecked MSR access error: RDMSR from 0xc90 at rIP: 0xffffffff93061456 (native_read_msr+0x6/0x30) 5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch - Upstream patches from Jan (bsc#1027519) 5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch 5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch 5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch 5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch 5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch 5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch 5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch 5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch (Replaces xsa252.patch) 5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch (Replaces xsa255-1.patch) 5a955800-gnttab-dont-free-status-pages-on-ver-change.patch (Replaces xsa255-2.patch) 5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch (Replaces xsa256.patch) - Drop xsa252.patch xsa255-1.patch xsa255-2.patch xsa256.patch- bsc#1080635 - VUL-0: CVE-2018-7540: xen: DoS via non-preemptable L3/L4 pagetable freeing (XSA-252) xsa252.patch - bsc#1080662 - VUL-0: CVE-2018-7541: xen: grant table v2 -> v1 transition may crash Xen (XSA-255) xsa255-1.patch xsa255-2.patch - bsc#1080634 - VUL-0: CVE-2018-7542: xen: x86 PVH guest without LAPIC may DoS the host (XSA-256) xsa256.patch- Remove stale systemd presets code for 13.2 and older- fate#324965 - add script, udev rule and systemd service to watch for vcpu online/offline events in a HVM domU They are triggered via xl vcpu-set domU N- Replace hardcoded xen with Name tag when refering to subpkgs- Make sure tools and tools-domU require libs from the very same build- tools-domU: Add support for qemu guest agent. New files 80-xen-channel-setup.rules and xen-channel-setup.sh configure a xen-pv-channel for use by the guest agent FATE#324963- Remove outdated /etc/xen/README*- bsc#1073961 - VUL-0: CVE-2018-5244: xen: x86: memory leak with MSR emulation (XSA-253) 5a4e2bca-x86-free-msr_vcpu_policy-during-destruction.patch - bsc#1074562 - VUL-0: CVE-2017-5753,CVE-2017-5715,CVE-2017-5754 xen: Information leak via side effects of speculative execution (XSA-254). Includes Spectre v2 mitigation. 5a4caa5e-x86-IRQ-conditionally-preserve-access-perm.patch 5a4caa8c-x86-E820-don-t-overrun-array.patch 5a4e2c2c-x86-upcall-inject-spurious-event-after-setting-vector.patch 5a4fd893-1-x86-break-out-alternative-asm-into-separate-header.patch 5a4fd893-2-x86-introduce-ALTERNATIVE_2-macros.patch 5a4fd893-3-x86-hvm-rename-update_guest_vendor-to-cpuid_policy_changed.patch 5a4fd893-4-x86-introduce-cpuid_policy_updated.patch 5a4fd893-5-x86-entry-remove-partial-cpu_user_regs.patch 5a4fd894-1-x86-rearrange-RESTORE_ALL-to-restore-in-stack-order.patch 5a4fd894-2-x86-hvm-use-SAVE_ALL-after-VMExit.patch 5a4fd894-3-x86-erase-guest-GPRs-on-entry-to-Xen.patch 5a4fd894-4-clarifications-to-wait-infrastructure.patch 5a534c78-x86-dont-use-incorrect-CPUID-values-for-topology.patch 5a5cb24c-x86-mm-always-set-_PAGE_ACCESSED-on-L4-updates.patch 5a5e2cff-x86-Meltdown-band-aid.patch 5a5e2d73-x86-Meltdown-band-aid-conditional.patch 5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch 5a5e3a4e-2-x86-support-indirect-thunks-from-asm.patch 5a5e3a4e-3-x86-report-speculative-mitigation-details.patch 5a5e3a4e-4-x86-AMD-set-lfence-as-Dispatch-Serialising.patch 5a5e3a4e-5-x86-introduce-alternative-indirect-thunks.patch 5a5e3a4e-6-x86-definitions-for-Indirect-Branch-Controls.patch 5a5e3a4e-7-x86-cmdline-opt-to-disable-IBRS-IBPB-STIBP.patch 5a5e459c-1-x86-SVM-offer-CPUID-faulting-to-AMD-HVM-guests.patch 5a5e459c-2-x86-report-domain-id-on-CPUID.patch 5a68bc16-x86-acpi-process-softirqs-logging-Cx.patch 5a69c0b9-x86-fix-GET_STACK_END.patch 5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch 5a6b36cd-2-x86-msr-emulation-of-SPEC_CTRL-PRED_CMD.patch 5a6b36cd-3-x86-migrate-MSR_SPEC_CTRL.patch 5a6b36cd-4-x86-hvm-permit-direct-access-to-SPEC_CTRL-PRED_CMD.patch 5a6b36cd-5-x86-use-SPEC_CTRL-on-entry.patch 5a6b36cd-6-x86-clobber-RSB-RAS-on-entry.patch 5a6b36cd-7-x86-no-alternatives-in-NMI-MC-paths.patch 5a6b36cd-8-x86-boot-calculate-best-BTI-mitigation.patch 5a6b36cd-9-x86-issue-speculation-barrier.patch 5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch 5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch- Fix python3 deprecated atoi call (bsc#1067224) pygrub-python3-conversion.patch - Drop xenmon-python3-conversion.patch- bsc#1067317 - pass cache=writeback|unsafe|directsync to qemu, depending on the libxl disk settings libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch- Remove libxl.LIBXL_DESTROY_TIMEOUT.debug.patch- bsc#1067224 - xen-tools have hard dependency on Python 2 build-python3-conversion.patch bin-python3-conversion.patch- bsc#1070165 - xen crashes after aborted localhost migration 5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch - bsc#1035442 - L3: libxl: error: libxl.c:1676:devices_destroy_cb: libxl__devices_destroy failed 5a33a12f-domctl-improve-locking-during-domain-destruction.patch - Upstream patches from Jan (bsc#1027519) 5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch 5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch 5a313972-x86-microcode-add-support-for-AMD-Fam17.patch 5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch- Update to Xen 4.10.0 FCS (fate#321394, fate#322686) xen-4.10.0-testing-src.tar.bz2- Rebuild initrd if xen-tools-domU is updated- Update to Xen 4.10.0-rc8 (fate#321394, fate#322686) xen-4.10.0-testing-src.tar.bz2- Increase the value of LIBXL_DESTROY_TIMEOUT from 10 to 100 seconds If many domUs shutdown in parallel the backends can not keep up Add some debug output to track how long backend shutdown takes (bsc#1035442) libxl.LIBXL_DESTROY_TIMEOUT.patch libxl.LIBXL_DESTROY_TIMEOUT.debug.patch- Adjust xenstore-run-in-studomain.patch to change the defaults in the code instead of changing the sysconfig template, to also cover the upgrade case- Update to Xen 4.10.0-rc6 (fate#321394, fate#322686) xen-4.10.0-testing-src.tar.bz2- Since xen switched to Kconfig, building a debug hypervisor was done by default. Adjust make logic to build a non-debug hypervisor by default, and continue to provide one as xen-dbg.gz- fate#316614: set migration constraints from cmdline fix libxl.set-migration-constraints-from-cmdline.patch for xen-4.10- Document the suse-diskcache-disable-flush option in xl-disk-configuration(5) (bsc#879425,bsc#1067317)- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- Update to Xen 4.10.0-rc5 (fate#321394, fate#322686) xen-4.10.0-testing-src.tar.bz2 - fate#323663 - Run Xenstore in stubdomain xenstore-run-in-studomain.patch- bsc#1067224 - xen-tools have hard dependency on Python 2 pygrub-python3-conversion.patch xenmon-python3-conversion.patch migration-python3-conversion.patch xnloader.py xen2libvirt.py- Remove xendriverdomain.service (bsc#1065185) Driver domains must be configured manually with custom .service file- Update to Xen 4.10.0-rc3 (fate#321394, fate#322686) xen-4.10.0-testing-src.tar.bz2 - Drop 59f31268-libxc-remove-stale-error-check-for-domain-size.patch- Adjust xen-dom0-modules.service to ignore errors (bsc#1065187)- fate#324052 Support migration of Xen HVM domains larger than 1TB 59f31268-libxc-remove-stale-error-check-for-domain-size.patch- Update to Xen 4.10.0-rc2 (fate#321394, fate#322686) xen-4.10.0-testing-src.tar.bz2- Update to Xen 4.10.0-rc1 (fate#321394, fate#322686) xen-4.10.0-testing-src.tar.bz2 - Drop patches included in new tarball 592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch 596f257e-x86-fix-hvmemul_insn_fetch.patch 5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch 598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch 598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch 5992f1e5-x86-grant-disallow-misaligned-PTEs.patch 5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch 5992f233-gnttab-correct-pin-status-fixup-for-copy.patch 59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch 59958ebf-gnttab-fix-transitive-grant-handling.patch 59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch 599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch 59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch 59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch 59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch 59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch 59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch 59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch 59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch 59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch 59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch 59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch 59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch 59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch gcc7-arm.patch gcc7-mini-os.patch- bsc#1061084 - VUL-0: xen: page type reference leak on x86 (XSA-242) xsa242.patch - bsc#1061086 - VUL-0: xen: x86: Incorrect handling of self-linear shadow mappings with translated guests (XSA-243) xsa243.patch - bsc#1061087 - VUL-0: xen: x86: Incorrect handling of IST settings during CPU hotplug (XSA-244) xsa244.patch- bsc#1061077 - VUL-0: xen: DMOP map/unmap missing argument checks (XSA-238) xsa238.patch - bsc#1061080 - VUL-0: xen: hypervisor stack leak in x86 I/O intercept code (XSA-239) xsa239.patch - bsc#1061081 - VUL-0: xen: Unlimited recursion in linear pagetable de-typing (XSA-240) xsa240-1.patch xsa240-2.patch - bsc#1061082 - VUL-0: xen: Stale TLB entry due to page type release race (XSA-241) xsa241.patch- bsc#1061075 - VUL-0: xen: pin count / page reference race in grant table code (XSA-236) xsa236.patch - bsc#1061076 - VUL-0: xen: multiple MSI mapping issues on x86 (XSA-237) xsa237-1.patch xsa237-2.patch xsa237-3.patch xsa237-4.patch xsa237-5.patch- bsc#1056278 - VUL-0: xen: Missing NUMA node parameter verification (XSA-231) 59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch - bsc#1056280 - VUL-0: xen: Missing check for grant table (XSA-232) 59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch - bsc#1056281 - VUL-0: xen: cxenstored: Race in domain cleanup (XSA-233) 59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch - bsc#1056282 - VUL-0: xen: insufficient grant unmapping checks for x86 PV guests (XSA-234) 59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch - bsc#1055321 - VUL-0: xen: add-to-physmap error paths fail to release lock on ARM (XSA-235) 599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch - Upstream patches from Jan (bsc#1027519) 59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch 59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch 59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch 59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch 59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch 59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch 59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch 59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch - Dropped gcc7-xen.patch- bsc#1057358 - Cannot Boot into SLES12.3 with Xen hypervisor when Secure Boot is Enabled xen.spec- bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored update from v6 to v9 to cover more cases for ballooned domUs libxc.sr.superpage.patch- bsc#1026236 - remove suse_vtsc_tolerance= cmdline option for Xen drop the patch because it is not upstream acceptable remove xen.suse_vtsc_tolerance.patch- bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored after the save using xl stack libxc.sr.superpage.patch- Unignore gcc-PIE the toolstack disables PIE for firmware builds as needed- Upstream patches from Jan (bsc#1027519) 592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch 596f257e-x86-fix-hvmemul_insn_fetch.patch 5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch 598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch 598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch 5992f1e5-x86-grant-disallow-misaligned-PTEs.patch (Replaces xsa227.patch) 5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch (Replaces xsa228.patch) 5992f233-gnttab-correct-pin-status-fixup-for-copy.patch (Replaces xsa230.patch) 59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch (Replaces xsa226-1.patch) 59958ebf-gnttab-fix-transitive-grant-handling.patch (Replaces xsa226-2.patch) 59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch- bsc#1044974 - xen-tools require python-pam xen.spec- Clean up spec file errors and a few warnings. (bsc#1027519) - Removed conditional 'with_systemd' and some old deprecated 'sles_version' checks. xen.spec- Remove use of brctl utiltiy from supportconfig plugin FATE#323639- Use upstream variant of mini-os __udivmoddi4 change gcc7-mini-os.patch- fate#323639 Move bridge-utils to legacy replace-obsolete-network-configuration-commands-in-s.patch- bsc#1052686 - VUL-0: xen: grant_table: possibly premature clearing of GTF_writing / GTF_reading (XSA-230) xsa230.patch- bsc#1035231 - migration of HVM domU does not use superpages on destination dom0 libxc.sr.superpage.patch- bsc#1051787 - VUL-0: CVE-2017-12135: xen: possibly unbounded recursion in grant table code (XSA-226) xsa226-1.patch xsa226-2.patch - bsc#1051788 - VUL-0: CVE-2017-12137: xen: x86: PV privilege escalation via map_grant_ref (XSA-227) xsa227.patch - bsc#1051789 - VUL-0: CVE-2017-12136: xen: grant_table: Race conditions with maptrack free list handling (XSA-228) xsa228.patch- Add a supportconfig plugin xen-supportconfig FATE#323661- bsc#1026236 - add suse_vtsc_tolerance= cmdline option for Xen To avoid emulation of TSC access from a domU after live migration add a global tolerance for the measured host kHz xen.suse_vtsc_tolerance.patch- fate#323662 Drop qemu-dm from xen-tools package The following tarball and patches have been removed qemu-xen-traditional-dir-remote.tar.bz2 VNC-Support-for-ExtendedKeyEvent-client-message.patch 0001-net-move-the-tap-buffer-into-TAPState.patch 0002-net-increase-tap-buffer-size.patch 0003-e1000-fix-access-4-bytes-beyond-buffer-end.patch 0004-e1000-secrc-support.patch 0005-e1000-multi-buffer-packet-support.patch 0006-e1000-clear-EOP-for-multi-buffer-descriptors.patch 0007-e1000-verify-we-have-buffers-upfront.patch 0008-e1000-check-buffer-availability.patch CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch CVE-2015-4037-qemut-smb-config-dir-name.patch CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch blktap.patch cdrom-removable.patch xen-qemu-iscsi-fix.patch qemu-security-etch1.patch xen-disable-qemu-monitor.patch xen-hvm-default-bridge.patch qemu-ifup-set-mtu.patch ioemu-vnc-resize.patch capslock_enable.patch altgr_2.patch log-guest-console.patch bdrv_open2_fix_flags.patch bdrv_open2_flags_2.patch ioemu-7615-qcow2-fix-alloc_cluster_link_l2.patch qemu-dm-segfault.patch bdrv_default_rwflag.patch kernel-boot-hvm.patch ioemu-watchdog-support.patch ioemu-watchdog-linkage.patch ioemu-watchdog-ib700-timer.patch ioemu-hvm-pv-support.patch pvdrv_emulation_control.patch ioemu-disable-scsi.patch ioemu-disable-emulated-ide-if-pv.patch xenpaging.qemu.flush-cache.patch ioemu-devicemodel-include.patch - Cleanup spec file and remove unused KMP patches kmp_filelist supported_module.patch xen_pvonhvm.xen_emul_unplug.patch- bsc#1002573 - Optimize LVM functions in block-dmmd block-dmmd- Record initial Xen dmesg in /var/log/xen/xen-boot.log for supportconfig. Keep previous log in /var/log/xen/xen-boot.prev.log- Remove storytelling from description in xen.rpm- Update to Xen 4.9.0 FCS (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2- Update block-dmmd script (bsc#1002573) block-dmmd- Update to Xen 4.9.0-rc8+ (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2 gcc7-arm.patch - Drop gcc7-error-xenpmd.patch- Update to Xen 4.9.0-rc8 (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2- bsc#1042160 - VUL-1: CVE-2017-9330: xen: usb: ohci: infinite loop due to incorrect return value CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch- bsc#1037243 - VUL-1: CVE-2017-8309: xen: audio: host memory leakage via capture buffer CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch- Update to Xen 4.9.0-rc7 (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2- Update to Xen 4.9.0-rc6 (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2- bsc#1031343 - xen fails to build with GCC 7 gcc7-mini-os.patch gcc7-xen.patch- bsc#1031343 - xen fails to build with GCC 7 gcc7-error-xenpmd.patch- Update to Xen 4.9.0-rc5 (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2 - Drop xen-tools-pkgconfig-xenlight.patch- bsc#1037779 - xen breaks kexec-tools build xen-tools-pkgconfig-xenlight.patch- Update to Xen 4.9.0-rc4 (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2- bsc#1036146 - sles12sp2 xen VM dumps core to wrong path xen.spec- Update to Xen 4.9.0-rc3 (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2 aarch64-maybe-uninitialized.patch- Update to Xen 4.9.0-rc2 (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2- Update to Xen 4.9.0-rc1 (fate#321394, fate#323108) xen-4.9.0-testing-src.tar.bz2 ioemu-devicemodel-include.patch - Dropped patches contained in new tarball xen-4.8.0-testing-src.tar.bz2 0001-xenstore-let-write_node-and-some-callers-return-errn.patch 0002-xenstore-undo-function-rename.patch 0003-xenstore-rework-of-transaction-handling.patch 584806ce-x86emul-correct-PUSHF-POPF.patch 584fc649-fix-determining-when-domain-creation-is-complete.patch 58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch 58510cac-x86emul-MOVNTI-no-REP-prefixes.patch 58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch 5853ed37-VT-d-correct-dma_msi_set_affinity.patch 5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch 58580060-x86-emul-correct-SYSCALL-eflags-handling.patch 585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch 585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch 585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch 586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch 587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch 587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch 5882129d-x86emul-LOCK-check-adjustments.patch 58821300-x86-segment-attribute-handling.patch 58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch 58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch 5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch 5887888f-credit2-never-consider-CPUs-outside-of-pool.patch 5887888f-credit2-use-the-correct-scratch-cpumask.patch 5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch 5899cbd9-EPT-allow-wrcomb-MMIO-mappings-again.patch 589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch 58a44771-IOMMU-always-call-teardown-callback.patch 58a48ccc-x86-fix-p2m_flush_table-for-non-nested.patch 58a59f4b-libxl-correct-xenstore-entry-for-empty-cdrom.patch 58a70d94-VMX-fix-VMCS-race-on-cswitch-paths.patch 58ac1f3f-VMX-dont-leak-host-syscall-MSRs.patch 58b5a2de-x86-correct-Xens-idea-of-its-memory-layout.patch 58b6fd42-credit2-always-mark-a-tickled-pCPU-as-tickled.patch 58b6fd42-credit2-dont-miss-accounting-during-credit-reset.patch 58cbf682-x86-EFI-avoid-overrunning-mb_modules.patch 58cf9200-x86-EFI-avoid-IOMMU-faults-on-tail-gap.patch 58cf9260-x86-EFI-avoid-Xen-when-looking-for-mod-kexec-pos.patch 58cf9277-x86-time-dont-use-vTSC-if-host-guest-freqs-match.patch 58d25ea2-xenstore-add-missing-checks-for-allocation-failure.patch 58d91365-sched-dont-call-wrong-hook-via-VCPU2OP.patch CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch glibc-2.25-compatibility-fix.patch xs-09-add_change_node-params.patch xs-10-call-add_change_node.patch xs-11-tdb-record-header.patch xs-12-node-gen-count.patch xs-13-read-directory-part-support.patch xs-14-command-array.patch xs-15-command-return-val.patch xs-16-function-static.patch xs-17-arg-parsing.patch xs-18-default-buffer.patch xs-19-handle-alloc-failures.patch xs-20-tdb-version.patch xs-21-empty-tdb-database.patch xs-22-reopen_log-fix.patch xs-23-XS_DEBUG-rename.patch xs-24-xenstored_control.patch xs-25-control-enhance.patch xs-26-log-control.patch xs-27-memory-report.patch xs-28-remove-talloc-report.patch xs-29-define-off_t.patch xsa206-0001-xenstored-apply-a-write-transaction-rate-limit.patch xsa206-0002-xenstored-Log-when-the-write-transaction-rate-limit.patch- bsc#1022703 - Xen HVM guest with OVMF hangs with unattached CDRom 58a59f4b-libxl-correct-xenstore-entry-for-empty-cdrom.patch- bsc#1015348 - L3: libvirtd does not start during boot suse-xendomains-service.patch- bsc#1014136 - Partner-L3: kdump can't dump a kernel on SLES12-SP2 with Xen hypervisor. 58cf9260-x86-EFI-avoid-Xen-when-looking-for-mod-kexec-pos.patch - bsc#1026236 - L3: Paravirtualized vs. fully virtualized migration - latter one much faster 58cf9277-x86-time-dont-use-vTSC-if-host-guest-freqs-match.patch - Upstream patch from Jan 58cbf682-x86-EFI-avoid-overrunning-mb_modules.patch 58cf9200-x86-EFI-avoid-IOMMU-faults-on-tail-gap.patch 58d91365-sched-dont-call-wrong-hook-via-VCPU2OP.patch- bsc#1022555 - L3: Timeout in "execution of /etc/xen/scripts/block add" 58d25ea2-xenstore-add-missing-checks-for-allocation-failure.patch 0001-xenstore-let-write_node-and-some-callers-return-errn.patch 0002-xenstore-undo-function-rename.patch 0003-xenstore-rework-of-transaction-handling.patch - bsc#1030144 - VUL-0: xen: xenstore denial of service via repeated update (XSA-206) xsa206-0001-xenstored-apply-a-write-transaction-rate-limit.patch xsa206-0002-xenstored-Log-when-the-write-transaction-rate-limit.patch - bsc#1029827 - Forward port xenstored xs-09-add_change_node-params.patch xs-10-call-add_change_node.patch xs-11-tdb-record-header.patch xs-12-node-gen-count.patch xs-13-read-directory-part-support.patch xs-14-command-array.patch xs-15-command-return-val.patch xs-16-function-static.patch xs-17-arg-parsing.patch xs-18-default-buffer.patch xs-19-handle-alloc-failures.patch xs-20-tdb-version.patch xs-21-empty-tdb-database.patch xs-22-reopen_log-fix.patch xs-23-XS_DEBUG-rename.patch xs-24-xenstored_control.patch xs-25-control-enhance.patch xs-26-log-control.patch xs-27-memory-report.patch xs-28-remove-talloc-report.patch xs-29-define-off_t.patch- bsc#1029128 - fix make xen to really produce xen.efi with gcc48- bsc#1028235 - VUL-0: CVE-2017-6505: xen: qemu: usb: an infinite loop issue in ohci_service_ed_list CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch - Upstream patches from Jan (bsc#1027519) 5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch 5887888f-credit2-use-the-correct-scratch-cpumask.patch 5899cbd9-EPT-allow-wrcomb-MMIO-mappings-again.patch 589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch 58a44771-IOMMU-always-call-teardown-callback.patch 58a48ccc-x86-fix-p2m_flush_table-for-non-nested.patch 58a70d94-VMX-fix-VMCS-race-on-cswitch-paths.patch 58ac1f3f-VMX-dont-leak-host-syscall-MSRs.patch 58b5a2de-x86-correct-Xens-idea-of-its-memory-layout.patch 58b6fd42-credit2-always-mark-a-tickled-pCPU-as-tickled.patch 58b6fd42-credit2-dont-miss-accounting-during-credit-reset.patch- bsc#1027654 - XEN fails to build against glibc 2.25 glibc-2.25-compatibility-fix.patch libxl.pvscsi.patch- fate#316613: Refresh and enable libxl.pvscsi.patch- bsc#1024834 - VUL-0: CVE-2017-2620: xen: cirrus_bitblt_cputovideo does not check if memory region is safe (XSA-209) CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch- bsc#1023948 - [pvusb][sles12sp3][openqa] Segmentation fault happened when adding usbctrl devices via xl 589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch- Upstream patches from Jan (bsc#1027519) 587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch 587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch 5882129d-x86emul-LOCK-check-adjustments.patch 58821300-x86-segment-attribute-handling.patch 58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch 58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch 5887888f-credit2-use-the-correct-scratch-cpumask.patch 5887888f-credit2-never-consider-CPUs-outside-of-pool.patch 5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch 5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch- bsc#1023004 - VUL-0: CVE-2017-2615: qemu: display: cirrus: oob access while doing bitblt copy backward mode CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch- fate#322313 and fate#322150 require the acpica package ported to aarch64 which Xen 4.8 needs to build. Temporarily disable aarch64 until these fates are complete. xen.spec- bsc#1021952 - Virutalization/xen: Bug xen-tools missing /usr/bin/domu-xenstore; guests fail to launch tmp_build.patch xen.spec- No systemd presets for 42.3+ and SLE12SP3+ (bsc#1012842)- bsc#1007224 - broken symlinks in /usr/share/doc/packages/xen/misc/ xen.spec- 585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch Replaces xsa202.patch (bsc#1014298) - 585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch Replaces xsa203.patch (bsc#1014300) - 58580060-x86-emul-correct-SYSCALL-eflags-handling.patch Replaces xsa204.patch (bsc#1016340) - Upstream patches from Jan 58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch 5853ed37-VT-d-correct-dma_msi_set_affinity.patch 5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch 585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch 586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch- bsc#1015169 - VUL-0: CVE-2016-9921, CVE-2016-9922: xen: qemu: display: cirrus_vga: a divide by zero in cirrus_do_copy CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch- bsc#1016340 - VUL-0: CVE-2016-10013: xen: x86: Mishandling of SYSCALL singlestep during emulation (XSA-204) xsa204.patch- bsc#1012651 - VUL-0: CVE-2016-9932: xen: x86 CMPXCHG8B emulation fails to ignore operand size override (XSA-200) 58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch- bsc#1014298 - VUL-0: CVE-2016-10024: xen: x86 PV guests may be able to mask interrupts (XSA-202) xsa202.patch - bsc#1014300 - VUL-0: CVE-2016-10025: xen: x86: missing NULL pointer check in VMFUNC emulation (XSA-203) xsa203.patch - Upstream patches from Jan 584806ce-x86emul-correct-PUSHF-POPF.patch 584fc649-fix-determining-when-domain-creation-is-complete.patch 58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch 58510cac-x86emul-MOVNTI-no-REP-prefixes.patch- Update to Xen 4.8 FCS xen-4.8.0-testing-src.tar.bz2 - Dropped xen-4.7.1-testing-src.tar.bz2 0001-libxc-Rework-extra-module-initialisation.patch 0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch 0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch 0004-firmware-makefile-install-BIOS-blob.patch 0005-libxl-Load-guest-BIOS-from-file.patch 0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch 0007-hvmloader-Grab-the-hvm_start_info-pointer.patch 0008-hvmloader-Locate-the-BIOS-blob.patch 0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch 0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch 0011-hvmloader-Load-OVMF-from-modules.patch 0012-hvmloader-Specific-bios_load-function-required.patch 0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch 0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch 57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch 576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch 5769106e-x86-generate-assembler-equates-for-synthesized.patch 57a1e603-x86-time-adjust-local-system-time-initialization.patch 57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch 57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch 57a30261-x86-support-newer-Intel-CPU-models.patch 5810a9cc-x86-emul-Correct-decoding-of-SReg3-operands.patch 581b2c3b-x86-emul-reject-LGDT-LIDT-with-non-canonical-addresses.patch 581b647a-x86emul-L-S-G-I-DT-ignore-opsz-overrides-in-64-bit-mode.patch 58249392-x86-svm-dont-clobber-eax-edx-if-RDMSR-intercept-fails.patch 582c35d6-x86-vmx-correct-long-mode-check-in-vmx_cpuid_intercept.patch 582c35ee-x86-traps-dont-call-hvm_hypervisor_cpuid_leaf-for-PV.patch 58343dc2-x86-hvm-Fix-the-handling-of-non-present-segments.patch 58343df8-x86-HVM-dont-load-LDTR-with-VM86-mode-attrs-during-task-switch.patch 58343e24-x86-PV-writes-of-fs-and-gs-base-MSRs-require-canonical-addresses.patch 58343e9e-libelf-fix-stack-memory-leak-when-loading-32-bit-symbol-tables.patch 58343ec2-x86emul-fix-huge-bit-offset-handling.patch 58343f29-x86-emul-correct-the-IDT-entry-calculation-in-inject_swint.patch 58343f44-x86-svm-fix-injection-of-software-interrupts.patch 58343f79-pygrub-Properly-quote-results-when-returning-them-to-the-caller.patch CVE-2016-9381-xsa197-qemut.patch CVE-2016-9637-xsa199-qemut.patch- bsc#1011652 - VUL-0: xen: qemu ioport array overflow CVE-2016-9637-xsa199-qemut.patch- bsc#1009100 - VUL-0: CVE-2016-9386: XSA-191: xen: x86 null segments not always treated as unusable 58343dc2-x86-hvm-Fix-the-handling-of-non-present-segments.patch - bsc#1009103 - VUL-0: CVE-2016-9382: XSA-192: xen: x86 task switch to VM86 mode mis-handled 58343df8-x86-HVM-dont-load-LDTR-with-VM86-mode-attrs-during-task-switch.patch - bsc#1009104 - VUL-0: CVE-2016-9385: XSA-193: xen: x86 segment base write emulation lacking canonical address checks 58343e24-x86-PV-writes-of-fs-and-gs-base-MSRs-require-canonical-addresses.patch - bsc#1009105 - VUL-0: CVE-2016-9384: XSA-194: xen: guest 32-bit ELF symbol table load leaking host data 58343e9e-libelf-fix-stack-memory-leak-when-loading-32-bit-symbol-tables.patch - bsc#1009107 - VUL-0: CVE-2016-9383: XSA-195: xen: x86 64-bit bit test instruction emulation broken 58343ec2-x86emul-fix-huge-bit-offset-handling.patch - bsc#1009108 - VUL-0: CVE-2016-9377,CVE-2016-9378: XSA-196: xen: x86 software interrupt injection mis-handled 58343f29-x86-emul-correct-the-IDT-entry-calculation-in-inject_swint.patch 58343f44-x86-svm-fix-injection-of-software-interrupts.patch - bsc#1009109 - VUL-0: CVE-2016-9381: XSA-197: xen: qemu incautious about shared ring processing CVE-2016-9381-xsa197-qemut.patch - bsc#1009111 - VUL-0: CVE-2016-9379,CVE-2016-9380: XSA-198: xen: delimiter injection vulnerabilities in pygrub 58343f79-pygrub-Properly-quote-results-when-returning-them-to-the-caller.patch - Upstream patches from Jan 581b2c3b-x86-emul-reject-LGDT-LIDT-with-non-canonical-addresses.patch 581b647a-x86emul-L-S-G-I-DT-ignore-opsz-overrides-in-64-bit-mode.patch 58249392-x86-svm-dont-clobber-eax-edx-if-RDMSR-intercept-fails.patch 582c35d6-x86-vmx-correct-long-mode-check-in-vmx_cpuid_intercept.patch 582c35ee-x86-traps-dont-call-hvm_hypervisor_cpuid_leaf-for-PV.patch- Update to Xen Version 4.7.1 xen-4.7.1-testing-src.tar.bz2 - Dropped patches contained in new tarball xen-4.7.0-testing-src.tar.bz2 575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch 57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch 57973099-have-schedulers-revise-initial-placement.patch 579730e6-remove-buggy-initial-placement-algorithm.patch 57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch 57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch 57ac6316-don-t-restrict-DMA-heap-to-node-0.patch 57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch 57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch 57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch 57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch 57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch 57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch 57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch 57c82be2-x86-32on64-adjust-call-gate-emulation.patch 57c93e52-fix-error-in-libxl_device_usbdev_list.patch 57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch 57c96e2c-x86-correct-PT_NOTE-file-position.patch 57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch 57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch 57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch 57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch 57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch 57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch 57d7ca5f-x86-domctl-fix-TOCTOU-race-in-XEN_DOMCTL_getvcpuextstate.patch 57d7ca64-x86-domctl-fix-migration-of-guests-not-using-xsave.patch 57da8883-credit1-fix-mask-to-be-used-for-tickling.patch 57da8883-credit2-properly-schedule-migration-of-running-vcpu.patch 57dfb1c5-x86-Intel-hide-CPUID-faulting-capability-from-guests.patch 57e93e1d-x86emul-correct-loading-of-ss.patch 57e93e4a-x86emul-don-t-allow-null-selector-for-LTR.patch 57e93e89-x86-AMD-apply-erratum-665-workaround.patch 57ee6cbc-credit1-return-time-remaining-to-limit-as-next-timeslice.patch 57f3a8ee-x86emul-honor-guest-CR0-TS-and-CR0-EM.patch 57fb6a91-x86-defer-not-present-segment-checks.patch 5800c51d-x86-hvm-Clobber-cs-L-when-LME-becomes-set.patch 5800caec-x86emul-fix-pushing-of-selector-registers.patch 5800cb06-x86-Viridian-don-t-depend-on-undefined-register-state.patch 580e29f9-x86-MISALIGNSSE-feature-depends-on-SSE.patch 57dfb2ff-x86-Intel-Broadwell-no-PKG_C8-10_RESIDENCY-MSRs.patch- bsc#1004981 - Xen RPM doesn't contain debug hypervisor for EFI systems xen.spec- bsc#1000106 - VUL-0: CVE-2016-7777: xen: CR0.TS and CR0.EM not always honored for x86 HVM guests (XSA-190) 57f3a8ee-x86emul-honor-guest-CR0-TS-and-CR0-EM.patch - bsc#996191 - [XEN][acpi]residency -n 88 -c will cause xen panic on broadwell-ep 57dfb2ff-x86-Intel-Broadwell-no-PKG_C8-10_RESIDENCY-MSRs.patch - Upstream patches from Jan 57d7ca5f-x86-domctl-fix-TOCTOU-race-in-XEN_DOMCTL_getvcpuextstate.patch 57d7ca64-x86-domctl-fix-migration-of-guests-not-using-xsave.patch 57da8883-credit1-fix-mask-to-be-used-for-tickling.patch 57da8883-credit2-properly-schedule-migration-of-running-vcpu.patch 57dfb1c5-x86-Intel-hide-CPUID-faulting-capability-from-guests.patch 57e93e1d-x86emul-correct-loading-of-ss.patch 57e93e4a-x86emul-don-t-allow-null-selector-for-LTR.patch 57e93e89-x86-AMD-apply-erratum-665-workaround.patch 57ee6cbc-credit1-return-time-remaining-to-limit-as-next-timeslice.patch 57fb6a91-x86-defer-not-present-segment-checks.patch 5800c51d-x86-hvm-Clobber-cs-L-when-LME-becomes-set.patch 5800caec-x86emul-fix-pushing-of-selector-registers.patch 5800cb06-x86-Viridian-don-t-depend-on-undefined-register-state.patch 580e29f9-x86-MISALIGNSSE-feature-depends-on-SSE.patch 5810a9cc-x86-emul-Correct-decoding-of-SReg3-operands.patch- bsc#1007941 - Xen tools limit the number of vcpus to 256 when the system has 384 xen-arch-kconfig-nr_cpus.patch- bsc#1007157 - VUL-0: CVE-2016-8910: xen: net: rtl8139: infinite loop while transmit in C+ mode CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch- bsc#1005004 - CVE-2016-8667: xen: dma: rc4030 divide by zero error in set_next_tick CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch - bsc#1005005 - VUL-0: CVE-2016-8669: xen: char: divide by zero error in serial_update_parameters CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch- bsc#1003030 - VUL-0: CVE-2016-7908: xen: net: Infinite loop in mcf_fec_do_tx CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch - bsc#1003032 - VUL-0: CVE-2016-7909: xen: net: pcnet: infinite loop in pcnet_rdra_addr CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch- bsc#995785 - VUL-0: CVE-2016-7092: xen: x86: Disallow L3 recursive pagetable for 32-bit PV guests (XSA-185) 57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch - bsc#995789 - VUL-0: CVE-2016-7093: xen: x86: Mishandling of instruction pointer truncation during emulation (XSA-186) 57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch 57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch - bsc#995792 - VUL-0: CVE-2016-7094: xen: x86 HVM: Overflow of sh_ctxt->seg_reg[] (XSA-187) 57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch 57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch - bsc#991934 - xen hypervisor crash in csched_acct 57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch - Upstream patches from Jan 57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch 57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch 57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch 57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch 57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch 57c82be2-x86-32on64-adjust-call-gate-emulation.patch 57c96e2c-x86-correct-PT_NOTE-file-position.patch 57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch- bsc#979002 - add 60-persistent-xvd.rules and helper script also to initrd, add the relevant dracut helper- bnc#953518 - unplug also SCSI disks in qemu-xen-traditional for upstream unplug protocol- bsc#989679 - [pvusb feature] USB device not found when 'virsh detach-device guest usb.xml' 57c93e52-fix-error-in-libxl_device_usbdev_list.patch- bsc#992224 - [HPS Bug] During boot of Xen Hypervisor, Failed to get contiguous memory for DMA from Xen 57ac6316-don-t-restrict-DMA-heap-to-node-0.patch - bsc#978755 - xen uefi systems fail to boot - bsc#983697 - SLES12 SP2 Xen UEFI mode cannot boot 57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch - Upstream patch from Jan 57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch- spec: to stay compatible with the in-tree qemu-xen binary, use /usr/bin/qemu-system-i386 instead of /usr/bin/qemu-system-x86_64 bsc#986164- bsc#970135 - new virtualization project clock test randomly fails on Xen 576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch 5769106e-x86-generate-assembler-equates-for-synthesized.patch 57a1e603-x86-time-adjust-local-system-time-initialization.patch 57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch 57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch - bsc#991934 - xen hypervisor crash in csched_acct 57973099-have-schedulers-revise-initial-placement.patch 579730e6-remove-buggy-initial-placement-algorithm.patch - bsc#988675 - VUL-0: CVE-2016-6258: xen: x86: Privilege escalation in PV guests (XSA-182) 57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch - bsc#988676 - VUL-0: CVE-2016-6259: xen: x86: Missing SMAP whitelisting in 32-bit exception / event delivery (XSA-183) 57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch - Upstream patches from Jan 57a30261-x86-support-newer-Intel-CPU-models.patch- bsc#985503 - vif-route broken vif-route.patch- bsc#978413 - PV guest upgrade from sles11sp4 to sles12sp2 alpha3 failed on sles11sp4 xen host. pygrub-handle-one-line-menu-entries.patch- bsc#990843 - VUL-1: CVE-2016-6351: xen: qemu: scsi: esp: OOB write access in esp_do_dma CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch- bsc#900418 - Dump cannot be performed on SLES12 XEN 57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch - Upstream patches from Jan 575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch 57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch- fate#319989 - Update to Xen 4.7 FCS xen-4.7.0-testing-src.tar.bz2 - Drop CVE-2014-3672-qemut-xsa180.patch- bsc#954872 - script block-dmmd not working as expected - libxl: error: libxl_dm.c (Additional fixes) block-dmmd- Convert with_stubdom into build_conditional to allow adjusting via prjconf - Convert with_debug into build_conditional to allow adjusting via prjconf- bsc#979002 - add 60-persistent-xvd.rules and helper script to xen-tools-domU to simplify transition to pvops based kernels- Convert with_oxenstored into build_conditional to allow adjusting via prjconf (fate#320836)- bsc#983984 - VUL-0: CVE-2016-5338: xen: qemu: scsi: esp: OOB r/w access while processing ESP_FIFO CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch - bsc#982960 - VUL-0: CVE-2016-5238: xen: qemu: scsi: esp: OOB write when using non-DMA mode in get_cmd CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch- fate#319989 - Update to Xen 4.7 RC5 xen-4.7.0-testing-src.tar.bz2- fate#319989 - Update to Xen 4.7 RC4 xen-4.7.0-testing-src.tar.bz2 - Dropped xen.pkgconfig-4.7.patch xsa164.patch- bsc#981264 - VUL-0: CVE-2014-3672: xen: Unrestricted qemu logging (XSA-180) CVE-2014-3672-qemut-xsa180.patch- bsc#980724 - VUL-0: CVE-2016-4441: Qemu: scsi: esp: OOB write while writing to 's->cmdbuf' in get_cmd CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch - bsc#980716 - VUL-0: CVE-2016-4439: xen: scsi: esp: OOB write while writing to 's->cmdbuf' in esp_reg_write CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch- fate#319989 - Update to Xen 4.7 RC3 xen-4.7.0-testing-src.tar.bz2 - Dropped libxl-remove-cdrom-cachemode.patch x86-PoD-only-reclaim-if-needed.patch gcc6-warnings-as-errors.patch- bsc#954872 - script block-dmmd not working as expected - libxl: error: libxl_dm.c (another modification) block-dmmd- fate#319989 - Update to Xen 4.7 RC2 xen-4.7.0-testing-src.tar.bz2- bsc#961600 - L3: poor performance when Xen HVM domU configured with max memory > current memory x86-PoD-only-reclaim-if-needed.patch- Mark SONAMEs and pkgconfig as xen 4.7 xen.pkgconfig-4.7.patch- bsc#977329 - Xen: Cannot boot HVM guests with empty cdrom libxl-remove-cdrom-cachemode.patch- fate#319989 - Update to Xen 4.7 RC1 xen-4.7.0-testing-src.tar.bz2- fate#316614: set migration constraints from cmdline restore libxl.set-migration-constraints-from-cmdline.patch- Remove obsolete patch for xen-kmp magic_ioport_compat.patch- fate#316613: update to v12 libxl.pvscsi.patch- Update to the latest Xen 4.7 pre-release c2994f86 Drop libxl.migrate-legacy-stream-read.patch- bnc#972756 - Can't migrate HVM guest from SLES12SP1 Xen host to SLES12SP2 Alpha 1 host using xl migrate libxl.migrate-legacy-stream-read.patch- Add patches from proposed upstream series to load BIOS's from the toolstack instead of embedding in hvmloader http://lists.xenproject.org/archives/html/xen-devel/2016-03/msg01626.html 0001-libxc-Rework-extra-module-initialisation.patch, 0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch, 0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch, 0004-firmware-makefile-install-BIOS-blob.patch, 0005-libxl-Load-guest-BIOS-from-file.patch, 0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch, 0007-hvmloader-Grab-the-hvm_start_info-pointer.patch, 0008-hvmloader-Locate-the-BIOS-blob.patch, 0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch, 0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch, 0011-hvmloader-Load-OVMF-from-modules.patch, 0012-hvmloader-Specific-bios_load-function-required.patch, 0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch, 0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch - Enable support for UEFI on x86_64 using the ovmf-x86_64-ms.bin firmware from qemu-ovmf-x86_64. The firmware is preloaded with Microsoft keys to more closely resemble firmware on real hardware FATE#320490- fate#319989: Update to Xen 4.7 (pre-release) xen-4.7.0-testing-src.tar.bz2 - Dropped: xen-4.6.1-testing-src.tar.bz2 55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch 5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch 5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch 5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch hotplug-Linux-block-performance-fix.patch set-mtu-from-bridge-for-tap-interface.patch xendomains-libvirtd-conflict.patch xsa154.patch xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch xsa170.patch- Use system SeaBIOS instead of building/installing another one FATE#320638 Dropped files: seabios-dir-remote.tar.bz2 xen-c99-fix.patch xen.build-compare.seabios.patch- spec: drop BuildRequires that were only needed for qemu-xen- bsc#969377 - xen does not build with GCC 6 ipxe-use-rpm-opt-flags.patch gcc6-warnings-as-errors.patch- bsc#969351 - VUL-0: CVE-2016-2841: xen: net: ne2000: infinite loop in ne2000_receive CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch - Drop xsa154-fix.patch- Use system qemu instead of building/installing yet another qemu FATE#320638 - Dropped files qemu-xen-dir-remote.tar.bz2 CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch CVE-2015-4037-qemuu-smb-config-dir-name.patch CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch CVE-2016-2538-qemuu-usb-integer-overflow-in-remote-NDIS-message-handling.patch CVE-2015-8619-qemuu-stack-based-OOB-write-in-hmp_sendkey-routine.patch qemu-xen-enable-spice-support.patch qemu-xen-upstream-qdisk-cache-unsafe.patch tigervnc-long-press.patch xsa162-qemuu.patch- bsc#962321 - VUL-0: CVE-2016-1922: xen: i386: null pointer dereference in vapic_write() CVE-2016-1922-qemuu-i386-null-pointer-dereference-in-vapic_write.patch- bsc#968004 - VUL-0: CVE-2016-2538: xen: usb: integer overflow in remote NDIS control message handling CVE-2016-2538-qemuu-usb-integer-overflow-in-remote-NDIS-message-handling.patch- bsc#954872 - L3: script block-dmmd not working as expected - libxl: error: libxl_dm.c block-dmmd - Update libxl to recognize dmmd and npiv prefix in disk spec xen.libxl.dmmd.patch- bsc#967101 - VUL-0: CVE-2016-2391: xen: usb: multiple eof_timers in ohci module leads to null pointer dereference CVE-2016-2391-qemuu-usb-null-pointer-dereference-in-ohci-module.patch CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch - bsc#967090 - VUL-0: CVE-2016-2392: xen: usb: null pointer dereference in remote NDIS control message handling CVE-2016-2392-qemuu-usb-null-pointer-dereference-in-NDIS-message-handling.patch- Update to Xen Version 4.6.1 xen-4.6.1-testing-src.tar.bz2 - Dropped patches now contained in tarball or unnecessary xen-4.6.0-testing-src.tar.bz2 5604f239-x86-PV-properly-populate-descriptor-tables.patch 561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-it-is-zero.patch 561d2046-VT-d-use-proper-error-codes-in-iommu_enable_x2apic_IR.patch 561d20a0-x86-hide-MWAITX-from-PV-domains.patch 561e3283-x86-NUMA-fix-SRAT-table-processor-entry-parsing-and-consumption.patch 5632118e-arm-Support-hypercall_create_continuation-for-multicall.patch 56321222-arm-rate-limit-logging-from-unimplemented-PHYSDEVOP-and-HVMOP.patch 56321249-arm-handle-races-between-relinquish_memory-and-free_domheap_pages.patch 5632127b-x86-guard-against-undue-super-page-PTE-creation.patch 5632129c-free-domain-s-vcpu-array.patch 563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch 563212e4-xenoprof-free-domain-s-vcpu-array.patch 563212ff-x86-rate-limit-logging-in-do_xen-oprof-pmu-_op.patch 56323737-libxl-adjust-PoD-target-by-memory-fudge-too.patch 56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch 5641ceec-x86-HVM-always-intercept-AC-and-DB.patch 56549f24-x86-vPMU-document-as-unsupported.patch 5677f350-x86-make-debug-output-consistent-in-hvm_set_callback_via.patch xsa155-qemut-qdisk-double-access.patch xsa155-qemut-xenfb.patch xsa155-qemuu-qdisk-double-access.patch xsa155-qemuu-xenfb.patch xsa159.patch xsa160.patch xsa162-qemut.patch xsa165.patch xsa166.patch xsa167.patch xsa168.patch- bsc#965315 - VUL-0: CVE-2016-2270: xen: x86: inconsistent cachability flags on guest mappings (XSA-154) xsa154.patch - bsc#965317 - VUL-0: CVE-2016-2271: xen: VMX: guest user mode may crash guest with non-canonical RIP (XSA-170) xsa170.patch- bsc#965269 - VUL-1: CVE-2015-8619: xen: stack based OOB write in hmp_sendkey routine CVE-2015-8619-qemuu-stack-based-OOB-write-in-hmp_sendkey-routine.patch- bsc#965156 - VUL-0: CVE-2015-6855: xen: ide: divide by zero issue CVE-2015-6855-qemuu-ide-divide-by-zero-issue.patch - bsc#965112 - VUL-0: CVE-2014-3640: xen: slirp: NULL pointer deref in sosendto() CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch- bsc#964947 - VUL-0: CVE-2015-5278: xen: Infinite loop in ne2000_receive() function CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch - bsc#956832 - VUL-0: CVE-2015-8345: xen: qemu: net: eepro100: infinite loop in processing command block list CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch- bsc#964644 - VUL-0: CVE-2013-4533: xen pxa2xx: buffer overrun on incoming migration CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch - bsc#964925 - VUL-0: CVE-2014-0222: xen: qcow1: validate L2 table size to avoid integer overflows CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch - Dropped CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch- bsc#964415 - VUL-1: CVE-2016-2198: xen: usb: ehci null pointer dereference in ehci_caps_write CVE-2016-2198-qemuu-usb-ehci-null-pointer-dereference-in-ehci_caps_write.patch - bsc#964452 - VUL-0: CVE-2013-4534: xen: openpic: buffer overrun on incoming migration CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch- bsc#963783 - VUL-1: CVE-2016-1981: xen: net: e1000 infinite loop in start_xmit and e1000_receive_iov routines CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch- bsc#962758 - VUL-0: CVE-2013-4539: xen: tsc210x: buffer overrun on invalid state load CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch- bsc#962632 - VUL-0: CVE-2015-1779: xen: vnc: insufficient resource limiting in VNC websockets decoder CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch - bsc#962642 - VUL-0: CVE-2013-4537: xen: ssi-sd: buffer overrun on invalid state load CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch - bsc#962627 - VUL-0: CVE-2014-7815: xen: vnc: insufficient bits_per_pixel from the client sanitization CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch- bsc#962335 - VUL-0: CVE-2013-4538: xen: ssd0323: fix buffer overun on invalid state CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch - bsc#962360 - VUL-0: CVE-2015-7512: xen: net: pcnet: buffer overflow in non-loopback mode CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch- bsc#961692 - VUL-0: CVE-2016-1714: xen: nvram: OOB r/w access in processing firmware configurations CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch- bsc#961358 - VUL-0: CVE-2015-8613: xen: qemu: scsi: stack based buffer overflow in megasas_ctrl_get_info CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch - bsc#961332 - VUL-0: CVE-2016-1568: xen: Qemu: ide: ahci use-after-free vulnerability in aio port commands CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch- bsc#959695 - missing docs for xen xen.spec- bsc#960862 - VUL-0: CVE-2016-1571: xen: VMX: intercept issue with INVLPG on non-canonical address (XSA-168) xsa168.patch - bsc#960861 - VUL-0: CVE-2016-1570: xen: PV superpage functionality missing sanity checks (XSA-167) xsa167.patch - bsc#960836 - VUL-0: CVE-2015-8744: xen: net: vmxnet3: incorrect l2 header validation leads to a crash via assert(2) call CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch- bsc#960707 - VUL-0: CVE-2015-8745: xen: reading IMR registers leads to a crash via assert(2) call CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch - bsc#960726 - VUL-0: CVE-2015-8743: xen: ne2000: OOB memory access in ioport r/w functions CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch- bsc#960093 - VUL-0: CVE-2015-8615: xen: x86: unintentional logging upon guest changing callback method (XSA-169) 5677f350-x86-make-debug-output-consistent-in-hvm_set_callback_via.patch- Adjust xen-dom0-modules.service to run Before xenstored.service instead of proc-xen.mount to workaround a bug in systemd "design" (bnc#959845)- bsc#959387 - VUL-0: CVE-2015-8568 CVE-2015-8567: xen: qemu: net: vmxnet3: host memory leakage CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch- bsc#957988 - VUL-0: CVE-2015-8550: xen: paravirtualized drivers incautious about shared memory contents (XSA-155) xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch xsa155-qemuu-qdisk-double-access.patch xsa155-qemut-qdisk-double-access.patch xsa155-qemuu-xenfb.patch xsa155-qemut-xenfb.patch - bsc#959006 - VUL-0: CVE-2015-8558: xen: qemu: usb: infinite loop in ehci_advance_state results in DoS CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch - bsc#958918 - VUL-0: CVE-2015-7549: xen: qemu pci: null pointer dereference issue CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch - bsc#958493 - VUL-0: CVE-2015-8504: xen: qemu: ui: vnc: avoid floating point exception CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch - bsc#958007 - VUL-0: CVE-2015-8554: xen: qemu-dm buffer overrun in MSI-X handling (XSA-164) xsa164.patch - bsc#958009 - VUL-0: CVE-2015-8555: xen: information leak in legacy x86 FPU/XMM initialization (XSA-165) xsa165.patch - bsc#958523 - VUL-0: xen: ioreq handling possibly susceptible to multiple read issue (XSA-166) xsa166.patch- bsc#956832 - VUL-0: CVE-2015-8345: xen: qemu: net: eepro100: infinite loop in processing command block list CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch - Upstream patches from Jan 56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch 5641ceec-x86-HVM-always-intercept-AC-and-DB.patch (Replaces CVE-2015-5307-xsa156.patch) 5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch 56544a57-VMX-fix-adjust-trap-injection.patch 56546ab2-sched-fix-insert_vcpu-locking.patch- bsc#956592 - VUL-0: xen: virtual PMU is unsupported (XSA-163) 56549f24-x86-vPMU-document-as-unsupported.patch - bsc#956408 - VUL-0: CVE-2015-8339, CVE-2015-8340: xen: XENMEM_exchange error handling issues (XSA-159) xsa159.patch - bsc#956409 - VUL-0: CVE-2015-8341: xen: libxl leak of pv kernel and initrd on error (XSA-160) xsa160.patch - bsc#956411 - VUL-0: CVE-2015-7504: xen: heap buffer overflow vulnerability in pcnet emulator (XSA-162) xsa162-qemuu.patch xsa162-qemut.patch - bsc#947165 - VUL-0: CVE-2015-7311: xen: libxl fails to honour readonly flag on disks with qemu-xen (xsa-142) 5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch 5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch- fate#315712: XEN: Use the PVOPS kernel Turn off building the KMPs now that we are using the pvops kernel xen.spec- Upstream patches from Jan 561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-it-is-zero.patch 561d20a0-x86-hide-MWAITX-from-PV-domains.patch 561e3283-x86-NUMA-fix-SRAT-table-processor-entry-parsing-and-consumption.patch 5632118e-arm-Support-hypercall_create_continuation-for-multicall.patch 56321222-arm-rate-limit-logging-from-unimplemented-PHYSDEVOP-and-HVMOP.patch 56321249-arm-handle-races-between-relinquish_memory-and-free_domheap_pages.patch 5632127b-x86-guard-against-undue-super-page-PTE-creation.patch 5632129c-free-domain-s-vcpu-array.patch (Replaces CVE-2015-7969-xsa149.patch) 563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch 563212e4-xenoprof-free-domain-s-vcpu-array.patch 563212ff-x86-rate-limit-logging-in-do_xen-oprof-pmu-_op.patch 56323737-libxl-adjust-PoD-target-by-memory-fudge-too.patch 56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch 5641ceec-x86-HVM-always-intercept-AC-and-DB.patch (Replaces CVE-2015-5307-xsa156.patch) 5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch - Dropped 55b0a2db-x86-MSI-track-guest-masking.patch- Use upstream variants of block-iscsi and block-nbd- Remove xenalyze.hg, its part of xen-4.6- Update to Xen Version 4.6.0 xen-4.6.0-testing-src.tar.bz2 mini-os.tar.bz2 blktap2-no-uninit.patch stubdom-have-iovec.patch - Renamed xsa149.patch to CVE-2015-7969-xsa149.patch - Dropped patches now contained in tarball or unnecessary xen-4.5.2-testing-src.tar.bz2 54c2553c-grant-table-use-uint16_t-consistently-for-offset-and-length.patch 54ca33bc-grant-table-refactor-grant-copy-to-reduce-duplicate-code.patch 54ca340e-grant-table-defer-releasing-pages-acquired-in-a-grant-copy.patch 54f4985f-libxl-fix-libvirtd-double-free.patch 55103616-vm-assist-prepare-for-discontiguous-used-bit-numbers.patch 551ac326-xentop-add-support-for-qdisk.patch 552d0fd2-x86-hvm-don-t-include-asm-spinlock-h.patch 552d0fe8-x86-mtrr-include-asm-atomic.h.patch 552d293b-x86-vMSI-X-honor-all-mask-requests.patch 552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch 5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch 5548e903-domctl-don-t-truncate-XEN_DOMCTL_max_mem-requests.patch 5548e95d-x86-allow-to-suppress-M2P-user-mode-exposure.patch 554c7aee-x86-provide-arch_fetch_and_add.patch 554c7b00-arm-provide-arch_fetch_and_add.patch 554cc211-libxl-add-qxl.patch 55534b0a-x86-provide-add_sized.patch 55534b25-arm-provide-add_sized.patch 5555a4f8-use-ticket-locks-for-spin-locks.patch 5555a5b9-x86-arm-remove-asm-spinlock-h.patch 5555a8ec-introduce-non-contiguous-allocation.patch 556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch 5576f143-x86-adjust-PV-I-O-emulation-functions-types.patch 55795a52-x86-vMSI-X-support-qword-MMIO-access.patch 557eb55f-gnttab-per-active-entry-locking.patch 557eb5b6-gnttab-introduce-maptrack-lock.patch 557eb620-gnttab-make-the-grant-table-lock-a-read-write-lock.patch 557ffab8-evtchn-factor-out-freeing-an-event-channel.patch 5582bf43-evtchn-simplify-port_is_valid.patch 5582bf81-evtchn-remove-the-locking-when-unmasking-an-event-channel.patch 5583d9c5-x86-MSI-X-cleanup.patch 5583da09-x86-MSI-track-host-and-guest-masking-separately.patch 5583da64-gnttab-use-per-VCPU-maptrack-free-lists.patch 5583da8c-gnttab-steal-maptrack-entries-from-other-VCPUs.patch 5587d711-evtchn-clear-xen_consumer-when-clearing-state.patch 5587d779-evtchn-defer-freeing-struct-evtchn-s-until-evtchn_destroy_final.patch 5587d7b7-evtchn-use-a-per-event-channel-lock-for-sending-events.patch 5587d7e2-evtchn-pad-struct-evtchn-to-64-bytes.patch 55b0a218-x86-PCI-CFG-write-intercept.patch 55b0a255-x86-MSI-X-maskall.patch 55b0a283-x86-MSI-X-teardown.patch 55b0a2ab-x86-MSI-X-enable.patch blktapctrl-close-fifos.patch blktapctrl-default-to-ioemu.patch blktapctrl-disable-debug-printf.patch blktap-no-uninit.patch blktap-pv-cdrom.patch build-tapdisk-ioemu.patch ioemu-bdrv-open-CACHE_WB.patch ioemu-blktap-barriers.patch ioemu-blktap-fv-init.patch ioemu-blktap-image-format.patch ioemu-blktap-zero-size.patch libxl.set-migration-constraints-from-cmdline.patch local_attach_support_for_phy.patch pci-attach-fix.patch qemu-xen-upstream-megasas-buildtime.patch tapdisk-ioemu-logfile.patch tapdisk-ioemu-shutdown-fix.patch udev-rules.patch xen.build-compare.ipxe.patch xen.build-compare.mini-os.patch xen.build-compare.smbiosdate.patch xen.build-compare.vgabios.patch xen.build-compare.xen_compile_h.patch xl-coredump-file-location.patch- bsc#954405 - VUL-0: CVE-2015-8104: Xen: guest to host DoS by triggering an infinite loop in microcode via #DB exception - bsc#954018 - VUL-0: CVE-2015-5307: xen: x86: CPU lockup during fault delivery (XSA-156) CVE-2015-5307-xsa156.patch- Update to Xen 4.5.2 xen-4.5.2-testing-src.tar.bz2 - Drop the following xen-4.5.1-testing-src.tar.bz2 552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch 5576f178-kexec-add-more-pages-to-v1-environment.patch 55780be1-x86-EFI-adjust-EFI_MEMORY_WP-handling-for-spec-version-2.5.patch 558bfaa0-x86-traps-avoid-using-current-too-early.patch 5592a116-nested-EPT-fix-the-handling-of-nested-EPT.patch 559b9dd6-x86-p2m-ept-don-t-unmap-in-use-EPT-pagetable.patch 559bc633-x86-cpupool-clear-proper-cpu_valid-bit-on-CPU-teardown.patch 559bc64e-credit1-properly-deal-with-CPUs-not-in-any-pool.patch 559bc87f-x86-hvmloader-avoid-data-corruption-with-xenstore-rw.patch 559bdde5-pull-in-latest-linux-earlycpio.patch 55a62eb0-xl-correct-handling-of-extra_config-in-main_cpupoolcreate.patch 55a66a1e-make-rangeset_report_ranges-report-all-ranges.patch 55a77e4f-dmar-device-scope-mem-leak-fix.patch 55c1d83d-x86-gdt-Drop-write-only-xalloc-d-array.patch 55c3232b-x86-mm-Make-hap-shadow-teardown-preemptible.patch 55dc78e9-x86-amd_ucode-skip-updates-for-final-levels.patch 55df2f76-IOMMU-skip-domains-without-page-tables-when-dumping.patch 55e43fd8-x86-NUMA-fix-setup_node.patch 55e43ff8-x86-NUMA-don-t-account-hotplug-regions.patch 55e593f1-x86-NUMA-make-init_node_heap-respect-Xen-heap-limit.patch 55f2e438-x86-hvm-fix-saved-pmtimer-and-hpet-values.patch 55f9345b-x86-MSI-fail-if-no-hardware-support.patch 5604f2e6-vt-d-fix-IM-bit-mask-and-unmask-of-FECTL_REG.patch 560a4af9-x86-EPT-tighten-conditions-of-IOMMU-mapping-updates.patch 560a7c36-x86-p2m-pt-delay-freeing-of-intermediate-page-tables.patch 560a7c53-x86-p2m-pt-ignore-pt-share-flag-for-shadow-mode-guests.patch 560bd926-credit1-fix-tickling-when-it-happens-from-a-remote-pCPU.patch 560e6d34-x86-p2m-pt-tighten-conditions-of-IOMMU-mapping-updates.patch 561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-0.patch 561d20a0-x86-hide-MWAITX-from-PV-domains.patch 561e3283-x86-NUMA-fix-SRAT-table-processor-entry-handling.patch 563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch CVE-2015-4106-xsa131-9.patch CVE-2015-3259-xsa137.patch CVE-2015-7311-xsa142.patch CVE-2015-7835-xsa148.patch xsa139-qemuu.patch xsa140-qemuu-1.patch xsa140-qemuu-2.patch xsa140-qemuu-3.patch xsa140-qemuu-4.patch xsa140-qemuu-5.patch xsa140-qemuu-6.patch xsa140-qemuu-7.patch xsa140-qemut-1.patch xsa140-qemut-2.patch xsa140-qemut-3.patch xsa140-qemut-4.patch xsa140-qemut-5.patch xsa140-qemut-6.patch xsa140-qemut-7.patch xsa151.patch xsa152.patch xsa153-libxl.patch CVE-2015-5154-qemuu-check-array-bounds-before-writing-to-io_buffer.patch CVE-2015-5154-qemuu-fix-START-STOP-UNIT-command-completion.patch CVE-2015-5154-qemuu-clear-DRQ-after-handling-all-expected-accesses.patch CVE-2015-5154-qemut-check-array-bounds-before-writing-to-io_buffer.patch CVE-2015-5154-qemut-clear-DRQ-after-handling-all-expected-accesses.patch CVE-2015-6815-qemuu-e1000-fix-infinite-loop.patch CVE-2015-5239-qemuu-limit-client_cut_text-msg-payload-size.patch CVE-2015-5239-qemut-limit-client_cut_text-msg-payload-size.patch"- bsc#950704 - CVE-2015-7970 VUL-1: xen: x86: Long latency populate-on-demand operation is not preemptible (XSA-150) 563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch- Upstream patches from Jan 5604f239-x86-PV-properly-populate-descriptor-tables.patch 561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-0.patch 561d2046-VT-d-use-proper-error-codes-in-iommu_enable_x2apic_IR.patch 561d20a0-x86-hide-MWAITX-from-PV-domains.patch 561e3283-x86-NUMA-fix-SRAT-table-processor-entry-handling.patch- bsc#951845 - VUL-0: CVE-2015-7972: xen: x86: populate-on-demand balloon size inaccuracy can crash guests (XSA-153) xsa153-libxl.patch- bsc#950703 - VUL-1: CVE-2015-7969: xen: leak of main per-domain vcpu pointer array (DoS) (XSA-149) xsa149.patch - bsc#950705 - VUL-1: CVE-2015-7969: xen: x86: leak of per-domain profiling-related vcpu pointer array (DoS) (XSA-151) xsa151.patch - bsc#950706 - VUL-0: CVE-2015-7971: xen: x86: some pmu and profiling hypercalls log without rate limiting (XSA-152) xsa152.patch - Dropped 55dc7937-x86-IO-APIC-don-t-create-pIRQ-mapping-from-masked-RTE.patch 5604f239-x86-PV-properly-populate-descriptor-tables.patch- bsc#932267 - VUL-1: CVE-2015-4037: qemu,kvm,xen: insecure temporary file use in /net/slirp.c CVE-2015-4037-qemuu-smb-config-dir-name.patch CVE-2015-4037-qemut-smb-config-dir-name.patch - bsc#877642 - VUL-0: CVE-2014-0222: qemu: qcow1: validate L2 table size to avoid integer overflows CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch- bsc#950367 - VUL-0: CVE-2015-7835: xen: x86: Uncontrolled creation of large page mappings by PV guests (XSA-148) CVE-2015-7835-xsa148.patch- bsc#949138 - Setting vcpu affinity under Xen causes libvirtd abort 54f4985f-libxl-fix-libvirtd-double-free.patch- bsc#949046 - Increase %suse_version in SP1 to 1316 xen.spec - Update README.SUSE detailing dom0 ballooning recommendations- bsc#945167 - Running command ’ xl pci-assignable-add 03:10.1’ secondly show errors 55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch - Upstream patches from Jan 55f2e438-x86-hvm-fix-saved-pmtimer-and-hpet-values.patch 55f9345b-x86-MSI-fail-if-no-hardware-support.patch 5604f239-x86-PV-properly-populate-descriptor-tables.patch 5604f2e6-vt-d-fix-IM-bit-mask-and-unmask-of-FECTL_REG.patch 560a4af9-x86-EPT-tighten-conditions-of-IOMMU-mapping-updates.patch 560a7c36-x86-p2m-pt-delay-freeing-of-intermediate-page-tables.patch 560a7c53-x86-p2m-pt-ignore-pt-share-flag-for-shadow-mode-guests.patch 560bd926-credit1-fix-tickling-when-it-happens-from-a-remote-pCPU.patch 560e6d34-x86-p2m-pt-tighten-conditions-of-IOMMU-mapping-updates.patch- bsc#941074 - VmError: Device 51728 (vbd) could not be connected. Hotplug scripts not working. hotplug-Linux-block-performance-fix.patch- bsc#947165 - VUL-0: CVE-2015-7311: xen: libxl fails to honour readonly flag on disks with qemu-xen (xsa-142) CVE-2015-7311-xsa142.patch- bsc#945165 - Xl pci-attach show error with kernel of SLES 12 sp1 pci-attach-fix.patch- bsc#945164 - Xl destroy show error with kernel of SLES 12 sp1 5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch- Upstream patches from Jan 55dc78e9-x86-amd_ucode-skip-updates-for-final-levels.patch 55dc7937-x86-IO-APIC-don-t-create-pIRQ-mapping-from-masked-RTE.patch 55df2f76-IOMMU-skip-domains-without-page-tables-when-dumping.patch 55e43fd8-x86-NUMA-fix-setup_node.patch 55e43ff8-x86-NUMA-don-t-account-hotplug-regions.patch 55e593f1-x86-NUMA-make-init_node_heap-respect-Xen-heap-limit.patch 54c2553c-grant-table-use-uint16_t-consistently-for-offset-and-length.patch 54ca33bc-grant-table-refactor-grant-copy-to-reduce-duplicate-code.patch 54ca340e-grant-table-defer-releasing-pages-acquired-in-a-grant-copy.patch- bsc#944463 - VUL-0: CVE-2015-5239: qemu-kvm: Integer overflow in vnc_client_read() and protocol_client_msg() CVE-2015-5239-qemuu-limit-client_cut_text-msg-payload-size.patch CVE-2015-5239-qemut-limit-client_cut_text-msg-payload-size.patch - bsc#944697 - VUL-1: CVE-2015-6815: qemu: net: e1000: infinite loop issue CVE-2015-6815-qemuu-e1000-fix-infinite-loop.patch CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch- bnc#935634 - VUL-0: CVE-2015-3259: xen: XSA-137: xl command line config handling stack overflow 55a62eb0-xl-correct-handling-of-extra_config-in-main_cpupoolcreate.patch- bsc#907514 - Bus fatal error & sles12 sudden reboot has been observed - bsc#910258 - SLES12 Xen host crashes with FATAL NMI after shutdown of guest with VT-d NIC - bsc#918984 - Bus fatal error & sles11-SP4 sudden reboot has been observed - bsc#923967 - Partner-L3: Bus fatal error & sles11-SP3 sudden reboot has been observed 552d293b-x86-vMSI-X-honor-all-mask-requests.patch 552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch 5576f143-x86-adjust-PV-I-O-emulation-functions-types.patch 55795a52-x86-vMSI-X-support-qword-MMIO-access.patch 5583d9c5-x86-MSI-X-cleanup.patch 5583da09-x86-MSI-track-host-and-guest-masking-separately.patch 55b0a218-x86-PCI-CFG-write-intercept.patch 55b0a255-x86-MSI-X-maskall.patch 55b0a283-x86-MSI-X-teardown.patch 55b0a2ab-x86-MSI-X-enable.patch 55b0a2db-x86-MSI-track-guest-masking.patch - Upstream patches from Jan 552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch 559bc633-x86-cpupool-clear-proper-cpu_valid-bit-on-CPU-teardown.patch 559bc64e-credit1-properly-deal-with-CPUs-not-in-any-pool.patch 559bc87f-x86-hvmloader-avoid-data-corruption-with-xenstore-rw.patch 55a66a1e-make-rangeset_report_ranges-report-all-ranges.patch 55a77e4f-dmar-device-scope-mem-leak-fix.patch 55c1d83d-x86-gdt-Drop-write-only-xalloc-d-array.patch 55c3232b-x86-mm-Make-hap-shadow-teardown-preemptible.patch - Dropped for upstream version x86-MSI-mask.patch x86-MSI-pv-unmask.patch x86-MSI-X-enable.patch x86-MSI-X-maskall.patch x86-MSI-X-teardown.patch x86-pci_cfg_okay.patch x86-PCI-CFG-write-intercept.patch- bsc#939712 - VUL-0: XSA-140: QEMU leak of uninitialized heap memory in rtl8139 device model xsa140-qemuu-1.patch xsa140-qemuu-2.patch xsa140-qemuu-3.patch xsa140-qemuu-4.patch xsa140-qemuu-5.patch xsa140-qemuu-6.patch xsa140-qemuu-7.patch xsa140-qemut-1.patch xsa140-qemut-2.patch xsa140-qemut-3.patch xsa140-qemut-4.patch xsa140-qemut-5.patch xsa140-qemut-6.patch xsa140-qemut-7.patch - bsc#939709 - VUL-0: XSA-139: xen: Use after free in QEMU/Xen block unplug protocol xsa139-qemuu.patch- bsc#937371 - xen vm's running after reboot xendomains-libvirtd-conflict.patch- bsc#938344 - VUL-0: CVE-2015-5154: qemu,kvm,xen: host code execution via IDE subsystem CD-ROM CVE-2015-5154-qemuu-check-array-bounds-before-writing-to-io_buffer.patch CVE-2015-5154-qemut-check-array-bounds-before-writing-to-io_buffer.patch CVE-2015-5154-qemuu-fix-START-STOP-UNIT-command-completion.patch CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch CVE-2015-5154-qemuu-clear-DRQ-after-handling-all-expected-accesses.patch CVE-2015-5154-qemut-clear-DRQ-after-handling-all-expected-accesses.patch- Remove xendomains.service from systemd preset file because it conflicts with libvirt-guests.service (bnc#937371) Its up to the admin to run systemctl enable xendomains.service- bnc#935634 - VUL-0: CVE-2015-3259: xen: XSA-137: xl command line config handling stack overflow CVE-2015-3259-xsa137.patch - Upstream patches from Jan 558bfaa0-x86-traps-avoid-using-current-too-early.patch 5592a116-nested-EPT-fix-the-handling-of-nested-EPT.patch 559b9dd6-x86-p2m-ept-don-t-unmap-in-use-EPT-pagetable.patch 559bdde5-pull-in-latest-linux-earlycpio.patch - Upstream patches from Jan pending review 552d0fd2-x86-hvm-don-t-include-asm-spinlock-h.patch 552d0fe8-x86-mtrr-include-asm-atomic.h.patch 552d293b-x86-vMSI-X-honor-all-mask-requests.patch 552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch 554c7aee-x86-provide-arch_fetch_and_add.patch 554c7b00-arm-provide-arch_fetch_and_add.patch 55534b0a-x86-provide-add_sized.patch 55534b25-arm-provide-add_sized.patch 5555a4f8-use-ticket-locks-for-spin-locks.patch 5555a5b9-x86-arm-remove-asm-spinlock-h.patch 5555a8ec-introduce-non-contiguous-allocation.patch 55795a52-x86-vMSI-X-support-qword-MMIO-access.patch 557eb55f-gnttab-per-active-entry-locking.patch 557eb5b6-gnttab-introduce-maptrack-lock.patch 557eb620-gnttab-make-the-grant-table-lock-a-read-write-lock.patch 557ffab8-evtchn-factor-out-freeing-an-event-channel.patch 5582bf43-evtchn-simplify-port_is_valid.patch 5582bf81-evtchn-remove-the-locking-when-unmasking-an-event-channel.patch 5583d9c5-x86-MSI-X-cleanup.patch 5583da09-x86-MSI-track-host-and-guest-masking-separately.patch 5583da64-gnttab-use-per-VCPU-maptrack-free-lists.patch 5583da8c-gnttab-steal-maptrack-entries-from-other-VCPUs.patch 5587d711-evtchn-clear-xen_consumer-when-clearing-state.patch 5587d779-evtchn-defer-freeing-struct-evtchn-s-until-evtchn_destroy_final.patch 5587d7b7-evtchn-use-a-per-event-channel-lock-for-sending-events.patch 5587d7e2-evtchn-pad-struct-evtchn-to-64-bytes.patch x86-MSI-pv-unmask.patch x86-pci_cfg_okay.patch x86-PCI-CFG-write-intercept.patch x86-MSI-X-maskall.patch x86-MSI-X-teardown.patch x86-MSI-X-enable.patch x86-MSI-mask.patch- Adjust more places to use br0 instead of xenbr0- bnc#936516 - xen fails to build with kernel update(4.1.0 from stable) 556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch- Update to Xen Version 4.5.1 FCS (fate#315675) xen-4.5.1-testing-src.tar.bz2 - Dropped patches now contained in tarball 556c2cf2-x86-don-t-crash-mapping-a-page-using-EFI-rt-page-tables.patch 556d9718-efi-fix-allocation-problems-if-ExitBootServices-fails.patch 556eabf7-x86-apic-Disable-the-LAPIC-later-in-smp_send_stop.patch 556eac15-x86-crash-don-t-use-set_fixmap-in-the-crash-path.patch 55780aaa-efi-avoid-calling-boot-services-after-ExitBootServices.patch 55780aff-x86-EFI-fix-EFI_MEMORY_WP-handling.patch 55780b43-EFI-early-add-mapbs-to-map-EfiBootServices-Code-Data.patch 55780b97-EFI-support-default-attributes-to-map-Runtime-service-areas.patch 5513b458-allow-reboot-overrides-when-running-under-EFI.patch 5513b4d1-dont-apply-reboot-quirks-if-reboot-set-by-user.patch 5576f178-kexec-add-more-pages-to-v1-environment.patch 5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch CVE-2015-3456-xsa133-qemuu.patch CVE-2015-3456-xsa133-qemut.patch qemu-MSI-X-enable-maskall.patch qemu-MSI-X-latch-writes.patch x86-MSI-X-guest-mask.patch- Replace 5124efbe-add-qxl-support.patch with the variant that finally made it upstream, 554cc211-libxl-add-qxl.patch- bsc#931627 - VUL-0: CVE-2015-4105: XSA-130: xen: Guest triggerable qemu MSI-X pass-through error messages qemu-MSI-X-latch-writes.patch - bsc#907514 - Bus fatal error & sles12 sudden reboot has been observed - bsc#910258 - SLES12 Xen host crashes with FATAL NMI after shutdown of guest with VT-d NIC - bsc#918984 - Bus fatal error & sles11-SP4 sudden reboot has been observed - bsc#923967 - Partner-L3: Bus fatal error & sles11-SP3 sudden reboot has been observed x86-MSI-X-teardown.patch x86-MSI-X-enable.patch x86-MSI-X-guest-mask.patch x86-MSI-X-maskall.patch qemu-MSI-X-enable-maskall.patch - Upstream patches from Jan 55780aaa-efi-avoid-calling-boot-services-after-ExitBootServices.patch 55780aff-x86-EFI-fix-EFI_MEMORY_WP-handling.patch 55780b43-EFI-early-add-mapbs-to-map-EfiBootServices-Code-Data.patch 55780b97-EFI-support-default-attributes-to-map-Runtime-service-areas.patch 55780be1-x86-EFI-adjust-EFI_MEMORY_WP-handling-for-spec-version-2.5.patch 55103616-vm-assist-prepare-for-discontiguous-used-bit-numbers.patch 5548e95d-x86-allow-to-suppress-M2P-user-mode-exposure.patch - Dropped the following patches now contained in the tarball xen-no-array-bounds.patch CVE-2015-4103-xsa128.patch CVE-2015-4104-xsa129.patch CVE-2015-4105-xsa130.patch CVE-2015-4106-xsa131-1.patch CVE-2015-4106-xsa131-2.patch CVE-2015-4106-xsa131-3.patch CVE-2015-4106-xsa131-4.patch CVE-2015-4106-xsa131-5.patch CVE-2015-4106-xsa131-6.patch CVE-2015-4106-xsa131-7.patch CVE-2015-4106-xsa131-8.patch- Update to Xen 4.5.1 RC2 - bsc#931628 - VUL-0: CVE-2015-4106: XSA-131: xen: Unmediated PCI register access in qemu CVE-2015-4106-xsa131-1.patch CVE-2015-4106-xsa131-2.patch CVE-2015-4106-xsa131-3.patch CVE-2015-4106-xsa131-4.patch CVE-2015-4106-xsa131-5.patch CVE-2015-4106-xsa131-6.patch CVE-2015-4106-xsa131-7.patch CVE-2015-4106-xsa131-8.patch CVE-2015-4106-xsa131-9.patch - bsc#931627 - VUL-0: CVE-2015-4105: XSA-130: xen: Guest triggerable qemu MSI-X pass-through error messages CVE-2015-4105-xsa130.patch - bsc#931626 - VUL-0: CVE-2015-4104: XSA-129: xen: PCI MSI mask bits inadvertently exposed to guests CVE-2015-4104-xsa129.patch - bsc#931625 - VUL-0: CVE-2015-4103: XSA-128: xen: Potential unintended writes to host MSI message data field via qemu CVE-2015-4103-xsa128.patch - Upstream patches from Jan 5548e903-domctl-don-t-truncate-XEN_DOMCTL_max_mem-requests.patch 556c2cf2-x86-don-t-crash-mapping-a-page-using-EFI-rt-page-tables.patch 556d9718-efi-fix-allocation-problems-if-ExitBootServices-fails.patch 556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch 556eabf7-x86-apic-Disable-the-LAPIC-later-in-smp_send_stop.patch 556eac15-x86-crash-don-t-use-set_fixmap-in-the-crash-path.patch- Add DefaultDependencies=no to xen-dom0-modules.service because it has to run before proc-xen.mount- Update to Xen 4.5.1 RC1- Update blktap-no-uninit.patch to work with gcc-4.5- bsc#927967 - VUL-0: CVE-2015-3340: xen: Information leak through XEN_DOMCTL_gettscinfo (XSA-132) 5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch- bnc#929339 - VUL-0: CVE-2015-3456: qemu kvm xen: VENOM qemu floppy driver host code execution CVE-2015-3456-xsa133-qemuu.patch CVE-2015-3456-xsa133-qemut.patch- bsc#928783 - Reboot failure; Request backport of upstream Xen patch to 4.5.0, or update pkgs to 4.5.1 5513b458-allow-reboot-overrides-when-running-under-EFI.patch 5513b4d1-dont-apply-reboot-quirks-if-reboot-set-by-user.patch- bnc#927750 - Avoid errors reported by system-modules-load.service- Add xen-no-array-bounds.patch and blktap-no-uninit.patch to selectively turn errors back to warnings to fix build with GCC 5. - Amend xen.stubdom.newlib.patch to pull in declaration of strcmp to avoid implicit-fortify-decl rpmlint error. - Fix quoting of __SMBIOS_DATE__ in xen.build-compare.smbiosdate.patch.- xentop: Fix memory leak on read failure 551ac326-xentop-add-support-for-qdisk.patch- Dropped xentop-add-support-for-qdisk.patch in favor of upstream version 551ac326-xentop-add-support-for-qdisk.patch- Enable spice support in qemu for x86_64 5124efbe-add-qxl-support.patch qemu-xen-enable-spice-support.patch- Add xen-c99-fix.patch to remove pointless inline specifier on function declarations which break build with a C99 compiler which GCC 5 is by default. (bsc#921994) - Add ipxe-no-error-logical-not-parentheses.patch to supply - Wno-logical-not-parentheses to the ipxe build to fix breakage with GCC 5. (bsc#921994)- bnc#921842 - Xentop doesn't display disk statistics for VMs using qdisks xentop-add-support-for-qdisk.patch- Disable the PIE enablement done for Factory, as the XEN code is not buildable with PIE and it does not make much sense to build the hypervisor code with it.- bnc#918169 - XEN fixes required to work with Kernel 3.19.0 xen.spec- Package xen.changes because its referenced in xen.spec- Update seabios to rel-1.7.5 which is the correct version for Xen 4.5- Update to Xen 4.5.0 FCS- Include systemd presets in 13.2 and older- bnc#897352 - Enable xencommons/xendomains only during fresh install - disable restart on upgrade because the toolstack is not restartable- adjust seabios, vgabios, stubdom and hvmloader build to reduce build-compare noise xen.build-compare.mini-os.patch xen.build-compare.smbiosdate.patch xen.build-compare.ipxe.patch xen.build-compare.vgabios.patch xen.build-compare.seabios.patch xen.build-compare.man.patch- Update to Xen 4.5.0 RC4- Remove xend specific if-up scripts Recording bridge slaves is a generic task which should be handled by generic network code- Use systemd features from upstream requires updated systemd-presets-branding package- Update to Xen 4.5.0 RC3- Set GIT, WGET and FTP to /bin/false- Use new configure features instead of make variables xen.stubdom.newlib.patch- adjust docs and xen build to reduce build-compare noise xen.build-compare.doc_html.patch xen.build-compare.xen_compile_h.patch- Drop trailing B_CNT from XEN_EXTRAVERSION to reduce build-compare noise- Update to Xen 4.5.0 RC2- Update to Xen 4.5.0 RC1 xen-4.5.0-testing-src.tar.bz2 - Remove all patches now contained in the new tarball xen-4.4.1-testing-src.tar.bz2 5315a3bb-x86-don-t-propagate-acpi_skip_timer_override-do-Dom0.patch 5315a43a-x86-ACPI-also-print-address-space-for-PM1x-fields.patch 53299d8f-xenconsole-reset-tty-on-failure.patch 53299d8f-xenconsole-tolerate-tty-errors.patch 5346a7a0-x86-AMD-support-further-feature-masking-MSRs.patch 53563ea4-x86-MSI-drop-workaround-for-insecure-Dom0-kernels.patch 537c9c77-libxc-check-return-values-on-mmap-and-madvise.patch 537cd0b0-hvmloader-also-cover-PCI-MMIO-ranges-above-4G-with-UC-MTRR-ranges.patch 537cd0cc-hvmloader-PA-range-0xfc000000-0xffffffff-should-be-UC.patch 539ebe62-x86-EFI-improve-boot-time-diagnostics.patch 53aac342-x86-HVM-consolidate-and-sanitize-CR4-guest-reserved-bit-determination.patch 53c9151b-Fix-xl-vncviewer-accesses-port-0-by-any-invalid-domid.patch 53d124e7-fix-list_domain_details-check-config-data-length-0.patch 53dba447-x86-ACPI-allow-CMOS-RTC-use-even-when-ACPI-says-there-is-none.patch 53df727b-x86-HVM-extend-LAPIC-shortcuts-around-P2M-lookups.patch 53e8be5f-x86-vHPET-use-rwlock-instead-of-simple-one.patch 53f737b1-VMX-fix-DebugCtl-MSR-clearing.patch 53f7386d-x86-irq-process-softirqs-in-irq-keyhandlers.patch 53fcebab-xen-pass-kernel-initrd-to-qemu.patch 53ff3659-x86-consolidate-boolean-inputs-in-hvm-and-p2m.patch 53ff36ae-x86-hvm-treat-non-insn-fetch-NPF-also-as-read-violations.patch 53ff36d5-x86-mem_event-deliver-gla-fault-EPT-violation-information.patch 53ff3716-x86-ats-Disable-Address-Translation-Services-by-default.patch 53ff3899-x86-NMI-allow-processing-unknown-NMIs-with-watchdog.patch 54005472-EPT-utilize-GLA-GPA-translation-known-for-certain-faults.patch 540effe6-evtchn-check-control-block-exists-when-using-FIFO-based-events.patch 540f2624-x86-idle-add-barriers-to-CLFLUSH-workaround.patch 541825dc-VMX-don-t-leave-x2APIC-MSR-intercepts-disabled.patch 541ad385-x86-suppress-event-check-IPI-to-MWAITing-CPUs.patch 541ad3ca-x86-HVM-batch-vCPU-wakeups.patch 541ad81a-VT-d-suppress-UR-signaling-for-further-desktop-chipsets.patch 54216833-x86-shadow-fix-race-when-sampling-dirty-vram-state.patch 54216882-x86-emulate-check-cpl-for-all-privileged-instructions.patch 542168ae-x86emul-only-emulate-swint-injection-for-real-mode.patch 54228a37-x86-EFI-fix-freeing-of-uninitialized-pointer.patch 5423e61c-x86emul-fix-SYSCALL-SYSENTER-SYSEXIT-emulation.patch 5424057f-x86-HVM-fix-miscellaneous-aspects-of-x2APIC-emulation.patch 542405b4-x86-HVM-fix-ID-handling-of-x2APIC-emulation.patch 542bf997-x86-HVM-properly-bound-x2APIC-MSR-range.patch 54325cc0-x86-MSI-fix-MSI-X-case-of-freeing-IRQ.patch 54325d2f-x86-restore-reserving-of-IO-APIC-pages-in-XENMEM_machine_memory_map-output.patch 54325d95-don-t-allow-Dom0-access-to-IOMMUs-MMIO-pages.patch 54325ecc-AMD-guest_iommu-properly-disable-guest-iommu-support.patch 54325f3c-x86-paging-make-log-dirty-operations-preemptible.patch 54379e6d-x86-vlapic-don-t-silently-accept-bad-vectors.patch CVE-2013-4540-qemu.patch qemu-support-xen-hvm-direct-kernel-boot.patch qemu-xen-upstream-blkif-discard.patch change-vnc-passwd.patch libxc-pass-errno-to-callers-of-xc_domain_save.patch libxl.honor-more-top-level-vfb-options.patch libxl.add-option-for-discard-support-to-xl-disk-conf.patch libxl.introduce-an-option-to-disable-the-non-O_DIRECT-workaround.patch x86-dom-print.patch x86-extra-trap-info.patch tmp_build.patch xl-check-for-libvirt-managed-domain.patch disable-wget-check.patch - Xend/xm is no longer supported and is not part of the upstream code. Remove all xend/xm specific patches, configs, and scripts xen-xmexample.patch bridge-opensuse.patch xmexample.disks xmclone.sh init.xend xend-relocation.sh xend.service xend-relocation-server.fw domUloader.py xmexample.domUloader xmexample.disks bridge-vlan.patch bridge-bonding.patch bridge-record-creation.patch network-nat-open-SuSEfirewall2-FORWARD.patch xend-set-migration-constraints-from-cmdline.patch xen.migrate.tools-xend_move_assert_to_exception_block.patch xend-pvscsi-recognize-also-SCSI-CDROM-devices.patch xend-config.patch xend-max-free-mem.patch xend-hvm-default-pae.patch xend-vif-route-ifup.patch xend-xenapi-console-protocol.patch xend-core-dump-loc.patch xend-xen-api-auth.patch xend-checkpoint-rename.patch xend-xm-save-check-file.patch xend-xm-create-xflag.patch xend-domu-usb-controller.patch xend-devid-or-name.patch xend-migration-domname-fix.patch xend-del_usb_xend_entry.patch xend-xen-domUloader.patch xend-multi-xvdp.patch xend-check_device_status.patch xend-change_home_server.patch xend-minimum-restart-time.patch xend-disable-internal-logrotate.patch xend-config-enable-dump-comment.patch xend-tools-watchdog-support.patch xend-console-port-restore.patch xend-vcpu-affinity-fix.patch xend-migration-bridge-check.patch xend-managed-pci-device.patch xend-hvm-firmware-passthrough.patch xend-cpuinfo-model-name.patch xend-xm-reboot-fix.patch xend-domain-lock.patch xend-domain-lock-sfex.patch xend-32on64-extra-mem.patch xend-hv_extid_compatibility.patch xend-xenpaging.autostart.patch xend-remove-xm-deprecation-warning.patch libxen_permissive.patch tmp-initscript-modprobe.patch init.xendomains xendomains.service xen-watchdog.service xen-updown.sh- bnc#901317 - L3: increase limit domUloader to 32MB domUloader.py- bnc#898772 - SLES 12 RC3 - XEN Host crashes when assigning non-VF device (SR-IOV) to guest 54325cc0-x86-MSI-fix-MSI-X-case-of-freeing-IRQ.patch - bnc#882089 - Windows 2012 R2 fails to boot up with greater than 60 vcpus 54325ecc-AMD-guest_iommu-properly-disable-guest-iommu-support.patch - bnc#826717 - VUL-0: CVE-2013-3495: XSA-59: xen: Intel VT-d Interrupt Remapping engines can be evaded by native NMI interrupts 541ad81a-VT-d-suppress-UR-signaling-for-further-desktop-chipsets.patch - Upstream patches from Jan 540effe6-evtchn-check-control-block-exists-when-using-FIFO-based-events.patch (Replaces xsa107.patch) 54216833-x86-shadow-fix-race-when-sampling-dirty-vram-state.patch (Replaces xsa104.patch) 54216882-x86-emulate-check-cpl-for-all-privileged-instructions.patch (Replaces xsa105.patch) 542168ae-x86emul-only-emulate-swint-injection-for-real-mode.patch (Replaces xsa106.patch) 54228a37-x86-EFI-fix-freeing-of-uninitialized-pointer.patch 5423e61c-x86emul-fix-SYSCALL-SYSENTER-SYSEXIT-emulation.patch 5424057f-x86-HVM-fix-miscellaneous-aspects-of-x2APIC-emulation.patch 542405b4-x86-HVM-fix-ID-handling-of-x2APIC-emulation.patch 542bf997-x86-HVM-properly-bound-x2APIC-MSR-range.patch (Replaces xsa108.patch) 54325d2f-x86-restore-reserving-of-IO-APIC-pages-in-XENMEM_machine_memory_map-output.patch 54325d95-don-t-allow-Dom0-access-to-IOMMUs-MMIO-pages.patch 54325f3c-x86-paging-make-log-dirty-operations-preemptible.patch (Replaces xsa97.patch) 54379e6d-x86-vlapic-don-t-silently-accept-bad-vectors.patchbuild70 1608318927  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~1.24.12.01.31.11.31.24.12.04.12.04.12.03.0.31.01.04.12.04.12.04.12.4_06-lp151.2.36.14.12.4_06-lp151.2.36.1  _libxl_list.h_libxl_types.h_libxl_types_json.hlibxenvchan.hlibxl.hlibxl_event.hlibxl_json.hlibxl_utils.hlibxl_uuid.hlibxlutil.hxenCOPYINGarch-armarch-arm.hhvmsave.harch-x86cpufeatureset.hcpuid.hhvmsave.hstart_info.hpmu.hxen-mca.hxen-x86_32.hxen-x86_64.hxen.harch-x86_32.harch-x86_64.hargo.hcallback.hdevice_tree_defs.hdom0_ops.hdomctl.helfnote.herrno.hevent_channel.hfeatures.hforeignarm32.harm64.hx86_32.hx86_64.hgrant_table.hhvmdm_op.he820.hhvm_info_table.hhvm_op.hhvm_vcpu.hhvm_xs_strings.hioreq.hparams.hpvdrivers.hsave.hio9pfs.hblkif.hconsole.hdisplif.hfbif.hfsif.hkbdif.hlibxenvchan.hnetif.hpciif.hprotocols.hpvcalls.hring.hsndif.htpmif.husbif.hvscsiif.hxenbus.hxs_wire.hkexec.hmemory.hnmi.hphysdev.hplatform.hpmu.hsched.hsysevtchn.hgntalloc.hgntdev.hprivcmd.hxenbus_dev.hsysctl.htmem.htrace.hvcpu.hversion.hvm_event.hxen-compat.hxen.hxencomm.hxenoprof.hxsmflask_op.hxencall.hxenctrl.hxenctrl_compat.hxendevicemodel.hxenevtchn.hxenforeignmemory.hxenfsimage.hxenfsimage_grub.hxenfsimage_plugin.hxengnttab.hxenguest.hxenstat.hxenstore-compatxs.hxs_lib.hxenstore.hxenstore_lib.hxentoolcore.hxentoollog.hxs.hxs_lib.hlibxencall.alibxencall.solibxenctrl.alibxenctrl.solibxendevicemodel.alibxendevicemodel.solibxenevtchn.alibxenevtchn.solibxenforeignmemory.alibxenforeignmemory.solibxenfsimage.solibxengnttab.alibxengnttab.solibxenguest.alibxenguest.solibxenlight.alibxenlight.solibxenstat.alibxenstat.solibxenstore.alibxenstore.solibxentoolcore.alibxentoolcore.solibxentoollog.alibxentoollog.solibxenvchan.alibxenvchan.solibxlutil.alibxlutil.soxencall.pcxencontrol.pcxendevicemodel.pcxenevtchn.pcxenforeignmemory.pcxengnttab.pcxenguest.pcxenlight.pcxenstat.pcxenstore.pcxentoolcore.pcxentoollog.pcxenvchan.pcxlutil.pc/usr/include//usr/include/xen//usr/include/xen/arch-arm//usr/include/xen/arch-arm/hvm//usr/include/xen/arch-x86//usr/include/xen/arch-x86/hvm//usr/include/xen/foreign//usr/include/xen/hvm//usr/include/xen/io//usr/include/xen/sys//usr/include/xen/xsm//usr/include/xenstore-compat//usr/lib//usr/lib/pkgconfig/-fomit-frame-pointer -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:15362/openSUSE_Leap_15.1_Update/5e8464af35353787e8947a82616108b3-xen.openSUSE_Leap_15.1_Updatedrpmxz5i586-suse-linuxC source, ASCII textASCII textdirectorycurrent ar archivepkgconfig file ")-357=PRR R PRRRRRRR PRR R RPRR PRR R PRR R PRR RRRPRR RRRR PRRR P RRRRR P RP RP RR R RRP RR JK)a`~putf-891cc09004a2786239de3fe065f3f4c524e070218b8ad679c443811bd1aa142a8? 7zXZ !t/]"k%A9d xXވnWԣBͱ?#RS 0 c E (qU(Y$᨞*W+O[ژ\|iA{ [+2X/4+(bBٻ>v="U[ϔnS^\Z2Lt]/yԛۙPoL[6?<.|~*wS5BƢϕ7~$~wă~n`T&Ľa׏.d%l18\f]:Mdp67xqau-ԯY}\,k3 ;#6(J1ؼo^Z$ AUז(a':0!n 3ן )o8;OTO{N':2"iˌ :)UV<)ez5]'շ^/[rDi@WwsQ]2 d6/)d.kŴ9ٰҢtxLKR,!y5h'i(+SƜJY>.O2(KoʫP$\ueCm  &U\8g"ʓ+o߃[ K C]Da+:%Œl}K8uNMd7=3i5ǟ~RU_4t@j`d!<--q+دg D"Z;Ir~ 2IfY:n6dG`/%<tIjY;<a~tהvvFbpI T}*[Ƥ11S; (Elq4 Xζ! c)ha -;J|$.#@ajy"1D4M3ii>MBEYc-_߃1M|%U-̊|#oRv1xH=D@JJ:3|Ĉ=Cbqm>t嶾gژ犵vNyNVHA+̀εlj0S!\7k?sFxXgV;_'9p/Ċ~_&cx{3]g3r'.]2!gfNx[MIA7]);L:d&Ij(y"-^D!:Xiy7-1{yT!4A-!L:cwá;-/0% ~ 8)6NC`>- d$d9Mi 衔! Xds^B-Hw'MP}|V7YXa^kc| ,B3N;YT7bonl!K8%ǽ9h.X? G@?%m,6c*ăT,{rYV;}#pEy8C(ҍRii7_%˷I>|5$"hYYot8K0^L/Νw76sn1RIVX`AŔCäzݺk:q=*sb:,]םwIdcIUnŘY-QN^m/6a??MR[wJ](< ., S:bAz(E 5?\+D_PH@􃂀%ai,l|La6J!CrKoB"T[LY \ b/fI$9d4E3hl`uLۊfisQ1~N1lv8MS#.eF=KSPp]9vAD4&_;>[-?daBP%(OԇVkY7"x^/%E=8WCx[@nLRc]H5?e8\\ 7GgLW'+{d[h d\]GQ$%U/ bfZ 5;Ɲi}_l'J8pPߟZI$cR.G{ Rِ0otOQ0T=4 7e>rhΙ2pH 9u>(6'*Ù#(?3Ǚ{s)뭀q:T\ Qx5„8{[Ur?ͻ4jɌ޶8 çx8swdkCҟH4R!k!;ͺ%|m}OM{6wFHTvzCQM˃+sԫlv#/jqKBΡi Yez+yu.sQPyzokHT5B50jMEJ:ld{X- ES [@kُYڟOrK?K7=]:Dު7샙?aoURyئ?)so6@{\`Ti9|:8"jND%2Kt֘SCsr5LQ䊇[X-'KC,t=T/ך{Ln!mX8TCZX j`~ |iq,Ԋڌs'ץBqu]#=E6В;RE|XI_֛fāVmn(QvL6Nj{;Yϻ1D]+:!/KjY')h?0YsDzN[L#g 0XYS7yҙs{8)]]n1sܐnAWR*lWyky @ޑ:?C8~8ތ;zd#Ivvp0Lv |( C Wbn| Xjf]yϬx\FLL[/c͂x >m~?s+8pMXrIߜϊH)}3N։fT1e.*zd`]=/ ؒ\BFu܇ɠwSnc*ЌiPm7%W +g4,9ɗ*4jí`J1LƬJJ riRevws.:)F)~)ϲ%@lUszqꟈ̢%='{\]]͠ '-䢚XKd:JUF7GG'MmT~w('l#N XB<*~g`oq;MXG֟A ?_i&₻-j:+׎*[5Ѝ$S(* ܻ݂c;UG-#NYc# bΡQ*t͟7,l]E4RJf0؆șG~IG!5{վȞn<`Ҙ ]zzkt$2B͋F$+Z\+|GHrUE6]+XԇyOJ&^ǎ#rXcrx0NFN!o3е<5<᥹;2ׄN(DfaJ'͐E{<-0/ZP`r[C'ʽZuRf(%\5>z qZͬ+bGÎJkޕ |[XEVrq9CXmu&/ac5FbT6Gl'q-/T]lk{!YFVItwqzիBFC %C~tu 8'•ɝ僞XATYXuj(߻y}mn~u|r!FcSJ_w.*E XZiv";s\6Z)ojm1A~Vr &D A#O[r--rQޟ&eߣ{ 6 'tOt]Ol(r( qG 1ap];W(#܄6yjmVڿ/+^9Fàoo((ū_ *|܌enSɳH796YF:ֽ(WW ^#MIx%U*CAgجx?iiBWV$Δ& o$@MHv9*XhuiȖ؇M1 FE+Puԧ;*ۜK kaS9.ė,ɅDLw?1f|67^ތ'5 'hgsZVu83WN{ʽ=좄|N7l394nЗx< ϧvX8;DQq…%f+$'Y0vH|[X\W̩lZM+>}#qNʡZQ218cEH~w?7njwHrÙfHekMwC)'kF+7 C=I]/^4&{cIVetSEx6֐9F*jC%  Yvcjc=+ \Ԋlag vE i2tUVGgJحUXEdDm?K ZWE`.ĥF课>L!P Z@vcTىTGGl|*¾9ϙ$畩uhW8>cew1" g/'h tڑh>fNz5eyWΪhyii )TwcAm_:" &0:|FRUbQd,Ms֠h5L85vd?ȕѬ\'#8[6gߙ(=?D^MB&@$M.:QA n #Rɓ-}4in'F%hl- ur'(gE¼B-PKu/ &-G=9M."yWQy¹%"W8LFWsRS EY,>B8_YvB}.V;?zu^-k8UQs|Fs n@;3d1PG{Bywn-fryIxWLy=2?U2̶ְƤn$tF7.~fe u٫VK-傩0ؽY!:$Kb~j@[cT: ],k1p* ~Mt1ɬ ?csTVPяM5h|ROCuĶj#cVNM:ᚯF1@fqnɣ!ۖ!bfW&fQh9tHe?^R(рjً},NI/S,muxCҟc)TJ ,X禕%CóPU9ꅗDf8s$[}j&. zhNV>كX PMa.BTBzKR*Rnv)0[-nIKSu$dFSmiv/U 8VJWxrl“eQet 4\vQxh8d<]qn<&R8/]hy"tܗQ W<4*ڹCnRkH+eLm0tf 7Xͫ qݸH/"X{YX6e5SD,{Ц&OYۚFH1dݞȁ!e3—}P:M]fAlna8-m|$Bavҏv E+5bq/v =<@u7sz-hhL@o!̆Bk8{)ai>R̖PL |,nDl }4vg7zΎ/{Xybu3hΑhVf-GwPaP< ~T_evQd8ee5X@jw sZl~2f#(k;:\E4UC\?0b.+wjR"` 6G>"(.OyNST†hB@:ay5/sv)MEҴ tEo( 'Qe//Z*qd!u,AQV6X*H+!#ع>ˬ ȧœ NnjAlŻ\-)F0X_n"ƒc?.I TSibQC!C.61r1n1rQxf7]ԩxFmcJ@l(% ؛N#`Oi[bä<쇲VUV -N3(( 溃~ M7ޥ ܆Y2d_,v炐0ѣZDs8NWc0jQ,oy^l]P_@wBŅAMQB\ l5ӇI-P. h3$#/j+$cCvWw@Ʃr0l4<SJ&!N6߈l9 8EnDק"A8dҡ?f(fAx?NmC&g%cH#dWX:MpӶ,&C /uʻezw]Z+@ @#Cb/m?ް~]1~JNgZyT̼k?m %?P3%%U$]ί]ue O?TҿݙeI`[@qi]dE[pq%:,0,p$ Q1M"F_Nҕ1(FglqT&cT~#RtPWe%!1osb\e}qPAq7@vܖ4~tLjcanGc`Fp/G$ܨ81umSQB7;fuJ//3 _+T&tl^F8z6nG#:qGOOi,a,Fc`AQdɃǃgxY[>u}±FŒ.~Q} -ؤ kowwWՆ*\:t}- 6ĸQETqaprrpk lo3OO?E29G }}Ň>fp |ޅM7̶ h{>Y;[uy { m:3Ӄd9gw`bqN*i >U`M B:Zk;,LΉκ,ͺp#?^%Vԗ_L0O띳ܥSq80OY̴2p^&#öD6C/f UⶽyPS"+l5K_6 ~!V\(:D)A8g8H;7H{>&K!K}q8$0.jgfL7uڑF퇖=f;^S#p~&QuR5kmEwFXD@mAY=yO 7>Qf*2Ǵ%m(^!Zp`(@Ouۙ8 ܊^Fw$6Onć*(PϘ3 2UX(F}֬/١ZOs U-TRoϨJ5CˋR䃢ma ϣܳ,5%/ >!I#cӵsFvIhqxmdP$)Hd;#ʧ{1jYe}\ac D`&FX;(BGaf̽]dN7t3s+=_25U3Vaj$A!t n"%{J!{|O՜Ka0|0s? 8A@.!ˌR, WPtO o.{:]9]u0q7:i=~m>CtXk2"t9 Rɨ .4 `{fBvBnu&SP,/nJ&`WcݟIд 3:HCR.7Ed-}m-rSoxwM:贓'qmB_8|.yݝnœ.0bڮAyͩmVϠusG?l%[=81pq!VnI4gݙiLfO̷'7}3e? '\[9<$u?<`B…6CJk82ѶQU^&A?ne7Rk)U7/멗QL*vލr4sf}N@s1>[?FcǢ71Ϊ$L ͈r==@BJ3,n)v:2*+/ B< Qԡ&+F%1ARD[싙RT>Xٺ#03{@I~xԳyc٫]n6XjaO:VzOm[%VMҢJwpS.?3=Sz##x9|e)KXkCSi[L\ @3lmUw5 SqA6l뮶DRQolS<:HLgV6`)Q킧g SroP4r,BD\hO|d< Zڢ0-tqRS;$@yNA Ln\m͈Ao Etdq9sTtg $@Z,K, ^G|>˱5T\ſpcmر, x,_4Jsbؽj9FtoFNJLrd&&VTmo&_dtt.4׏t:gZY @ n!|;1nPp ʦ/gjH&&I;ZvEYQ )a@Aepǀ0{^lNYѹvt\p683znl`%FK?I]kv:#bpJ|JWKܵp((}(_7$?hLV桍fmkB#M0-Є.ƽ\z+ T ܄OX/HI߱wϯVؿoby{-᧩r?RS7H_Tn_F F3+!a5m ]b%mq ښd+ J =0$XPgn?m剳֎MW .Ȼ/SRR/|aw/3߫!66o6ͱM.B5vnItrx>#pC5G21!RD6VїDֱ0~i."MˠFbgQ?wUTZO+xfZ<|O`ݐp8u~ zʧj~՟K_'4Pt W_Λ&J(E>哋otdӹdeY}_>I'Ix8soH -8ƒvmØdi&b]i g+N!\?yx5JBDd@ʼv*WL̸!%A-sG<1|+ܦT-_@[^-됼/ Ȍ?Iw(}yz5ܔKBup$i^f5Vjˎ ti{T`ٛm(Y,0PK{8ƕAz%SҝpE4ނf5x1PUR8~9EG]| /䜀liY^idl;\Ԙ#>O^MF{ƺ UJ֏&9|[80rR9_,:r&,11nt ywS4N$3`xM;'~yWR%deNtC؏=BvVdN 5SŽa?:3  NhUy0e%AhJPMgVj|_pȨ_Yɒ;8&$w 79T$#o)Et>z@Q4# %̤dCCKB ;P16v5W8#N LJV|LG}H#orRI0G^uѳBK;MfZ OY?>l*/tbV.?x$3ٜ !? 6RnKa%JF{SKd}'lQMm_- Sva4c쪎.dG˻K>b/ jmK7W`~E2AC-,y~oMޕ嘢o;}PW b9'2F+'xor< I0<92E݁(!?RDwș.UP{ @5X7B%&?vbRCnd2|E| ,P_ 9N-H=U襻Nb4:N2[p}NqnjЦ)c .\B8p\6!):~L:әyPCDmɁ1V&8 3ʔݞXi87cD(Y>!)Pgha(h!²-[8ѣN C crfLB6G} J'6 ~t!LPy,3Tv2p(%xsי6Ճdo7x8S….*ĹIUq.aFnSu~XY%7orgC0HM/jbX&J 7Onsuҟ [G-C`xԴ0чUBPJEsLL!g*u֪?Z(/Ōw_${49E0,G dZvGbWzg]jDKCeT9w9?; ˶u06w7 @-W DSJjuϐUi/t9]bx($pIK6D`I21*t]{p l(>l a=WyAs|d!ㅾmR`aOz#5 }z¨ӴDeX⛴Avˣ.U==AJ?zi eo!6ϔLG\G:S-;fE-Mds'ܡHSѣ=05)PVbwv0;M؋~eIJ˖[? :Fz]$>{kR4FqQ%;u-ڸJF*_GحS8ĽϴTˋʔ% %㇚pcrwcDwlJV%YU3I`UWgsgKPΙ$nLc:{Ek:M `dZNTo߬_uЛ"l12_++W8}Jcr5G|6&ϭɛG"e;{X%yH6*Pr|)숷%? Ž=no|k/{b+SO|S{~Wr;]^mB(@|g7"{hug(-d_mHBFiF]%i/8Z.4efVSa ]:nc⁥𛂞 B+>JJ䬦wlb]*Y,7N'7 3z''.tw:^0}]*)k]DP!Խ=B[Aw )+ vXd;k5c1뮫h$ƂO&(<*Qǥ*ݳ.Sͣs߈F-HԮF)bD*kQ]B6 wtVʺA>D#UdG1/ҟk^!y& I6?2'w͊4 ʹoTB~uF!t8nEZDž63v"âY,Yۣ:T*m+^m 6\á (R`RP5G53Ӊj3N U}uUDB,|o4oKfC®3R?!^Y}LSdW=?f۱I|.poH]ώH/u\v9=&f9/ jrn +Z5IZ6&릞% i:v)XRdR \c5)f 3arq0}?47`qS8BbeZ{AH!UyKGXS"AdIKcYv"Ymmд[bMƐ>6N60E S}2q CEoѪLb!23(ب|%6 D:M6&V8Ccy|Pr>=jmרp5jJ;fK-Ċ,BY/G\ ğ%W`IsjL#>iK ︁{H?o hK᤹4f"w@UQeh$ $OV"@;咤o!O-Y}E XU KGiyE,XНH($  骘ű $<@j :5<#-vO&hE :n+*@D<#;``S?M[k{Vu{m+`81Fvb.ڗŻ3#)v Fگs-OǙ/Fo'q mNΓGahK!Is|y F-=;Q0np0fzUcJ Va KD[&s6bhF<>Gxb.MEÝWzB;oX`M)# Hka/QtҐ!Y ;[_L{ojf'[}mKz3]9ɷ\fP3Мa ݷJL{*sB© bEz:=KٴŰ7^:ˡGbr2%/t|w `;j'Ԛ/AK(l# nJk*Lu_W~I@c>rˉ(5!?+c+Dz'uA@XHp k˫L% W[ٓΡ1E(BG!cvG#rA{ uTD>efް|rKj|B>v4ў;3NZ+qO䜕^DL)G}'K[Xe;DUPIN6 L&biGj/ʐ(:z Wlkp_U;gA"De-6^Nъ~0Ƹ?+fATjVm_P)c b[XOxq;QsV 11B12`Rt+seE,vj,2^qO|0X{mƲz[ Fsn3z΢¬AbɅ ;S !f0荚(,ҋ(1X%~oUIdʴ=-c oȉX$k"z'UY=6|>ȍԅ`RHRO0 v–|;]#ā% /p*QřqytZU4,bj:vL/= UaY5 1+M f.)BOHm]s= "+$hNY3q<Hx,E+C@>"gpW&Y6`v|~0qTٝ!ͲI.Ol#8GM4z;HK $0MHr9-DGy~^:8U Fe=X)pnP(7k,e@|[+sn pqFV0o&R""A,UrEt[ȥt<>tųg,oAvL%L{(uۿ~rȍ4DjVU!`*vV l@ y쎣"Ì$prc H#8C} ~ Nt XPA|uaɑnkv$D)Q)4Lja// 9_K:umYTF6 VsDh"+4dꤩ. >=/C9GyfLZgP)kgdtDjJ‹ %Q ;K{uIr@ܑ{PP&{ G\N><,Wuq( q͍boj"7Ӡ]B dGC#!mlƪLt4 H(قZ+ReJ0~&XU.Ef!X"~݄[;|U̶6n$|mbOSJTw#*EE8;P"%U3gSBz "2p#l/]Tߌ_ک_g9uqځX~8&2yF SWϔxek#ua̱]"-¤CFyzjAo{LR, TNjrS #@ iMԴ1*@пi+#Bdtv(Ř_"RuW+KvGd7\kԟX T)(d}ᒶ.!΀U^L%el^a_>]IXo5?fv6>#Gl(y׌,!ۢ9j!;W\I[>{lhD-zMś, TaJW\PUTѴ^ Sሴ"4[k\[([41(г /4Q,'J`OͷD+i%bf:5^MS%v`;Vht!G O,|jZ=-sc2=SyDcHx,(`<7ce?^ ⵀ8"_)OOo)7dCx7p"^I_̀Z ]VӞOncm|:L`H =?놪Q=pDj*WK Y_sG4P]{ ^hoVw)e1/)|nx>ڵJa qDE @9XW9pTf=ZCU,J,?L[f7 'RT*Bgg6ek™zHp. nLP$r Eepc^JfMn;HYՏK|O(8!)HAEԱ0٪qXIE1u >=w(r Zg*oyp]{Úb4 SnJtߕ2Y~雝؃VsGCj ⶞z"3\xF}'ʬf iFokUK7w]9xT817`< ;jWPUeYW]#<2"rn՛ B+F޹T aҮ5¿_عʥ~Bt&eDu;AR@Fdj~~)z,ocTfa{ԋ{LẂ XZkiyNa!{6Dd6`" мKLB 8L#6  3񯑶NqƂ\ŨU{7} 7o0,%WRX,IDڡ^Ф7T 3:U#slڷ~]l~1|q{D 3qb "ύ,E  R[OuCa(֬/ u! .j7 !H8,H|dS_#FqB!^F ^faz&b𥀪E;.Dԙ(roI@/wQ0rJJVQ/$UϺ|9bU*0–Mq,~ eĉ@k&o>ZJK˩nOдT8ʿ&=Ui!7]] 1q}VM=vyiCu#\*Ÿ¼ J=_ Ϩ0, {1@0g[A[05AsEGniE}yXBR<6ᆡ p_]͆{OlWXJF֎ϐ"{|pU'hFckg `C^&_K R~.sr:dX ==K 'MeKzb1BY);G|y4I{jcլ2d]%?W#mXpI}cQي|/g;| +wQZ kRn.ӹR5I%V؝(]?~]٢#d&nCE|32o[&dOh~%z?zš2*=Ȟ,J΢h5KhLl"Qzav+ ȋÓkƪ4qfN¶ 3Z>ybu˂5[Z#CmDeT6Cm*jI fp|gc dԯC*%H}I%:﭅S4OwȊhtB,O)#Lv߫933JP&'|2ڊEM$hIU4$XO,|k9gDM` _]\4gp! RۿtQΜץVM.î [D]ΨLݪ2_notLĪ!gdi"&V%vB]r3 vzkPeDeJI s@^TJ5#[-{WدiEH ]]KXg{NI_ x/ɋQd+YQ?PnPCwU`OGwBl{5l|/ڒ5DY^/Rk0E YtP ;H"Ƀ;۰d paXul[z/A0 B+e͉FԲJRd]B~"m 机$NU䎤#tVMT0`6ԖŜS ޣ/w %WyJcGc@0(K4ce= bVőu[E+6٠,@ɹ.zA$nK;1Rv8Vp^+!@Ð:֟*)w1ANk3(eK`HN'n[:3~"yHaɹU^gZ;2s+b˲ԿNWAAʓoem~7ד N|ެ"$S>*(ȎS]ӯnjtl8Z, J\W[sK"X ?Vbө*$w3]2`EkcRg,/DKwEGH}.[m !.HgQjѐr}s%ă/W⃚0` U0NЏ ::DzR%T$cR)aJi^Ӟ]) m!.k^&[_-1|RZLR"vXnJ NU'K3$A¥zըء'+Qf;}lDZm5{3(! K ]퇵Jc+ l%'ҽw J/D1p-!8VwM"&Th'Fn7#.lL[M*~ la[V]:q^7Ov Y`edg@ {~f)cea~_X.C{R~ߩ)ʳ(:*!.1gC&3$$t֩UC״ 5Tt*T$)y? wC<_ۑt d<*'o8bDŽ ۀS 2to2&/o0㰬]\PnX2HXq<MU@,5ZE_OL? ++3${[qXߊ,2٫pԥKv3J*)S_T.ʽo>&Vi=]TfW31(=BK $3{F*,Wśl̮--$b{c57߭|<=1 j'pA( ~5.xjry8Rm7 iR&&eMqN-&FPOϙ3M Zȋ&D$;M YBl1فϹ w-m",s _$)cj-x[6(5I,-LcM_`vr+*6,A#7%ZܾS::2@ķ(ٗHLլo½8+AzcsBqFEOPjRBϒ4SAC3¨WO3 ? 0a>H*1nJzƳ$i) &\` 1)42J8dYUl+0l5Z` F#F3"X}!ј>9x=ns7H6y[IU4_@LOQ*y-hgb /`f\JYpKZ^B'BG§Wo;M')'?mjꗖ>Dz$ip5q-Û+Yg^Mc3 mxmwHJոWl-|y|R&+=l4%e8\\w@`%vXU̠lv.;S]6cÿ6EESl䐺FsW EjFx#fS/n(6">T<qvN, 1}.x%!:3CKsdRDLp<3FQZ(8Bx8LX$ZL'n yf7͋^0?1;`1E% _(np њ` DvFb0/%O7d{B?7xԆ~tCrS?4%gM Pt47onv &z I]d>/hA{جxؑ#,kb3{zA@p aT=أnphW-y7F>k;,r|%*A9|YLVɁ3daٯh[^Rc}t pݪuL{7` t-M5} D1$ӆs?iR*3o.0g K01,R1fͫ %LM~|_^~8 f KmoPK6IͬXcWp~Gb?^t`|9!sv}wʅHC#`( ڴH֒B+ gt&SQyVA.k%rNau zmtSNjN\#C7B8"&?Ϧϋ83}''1hر*ΣF37G2?s˅Ւ(8@8эF|*ŽC|=?֧Ip m G,!h9U;Vv ew!A/|v>LJ3-^_W+Cs.U4 I&(`H)b,򗬃J:DxMk"&lR.AIjˇ`;o <>O*{v@Pi 'QO`[pY;Ykaeʵf@4-϶R(2Z"p3Mɰhyy_xq_`|,}nSMQM& soޑN3OG1L2ttHlX_6coX.M1.%܍W CDŽpbդVAްUFry ?*'m3Y!m^8U~1c@Bz6klh9X4~TZDz݋pQyx >~^9=O pF׼<,hoִ}u6p7KiHYwmIϷW+c<c@@Zv5a.Qkba LAyC[U5 c=8K>rQ_ziou%`}\wZն)Ք^#gH_)HB!=GALԇ,z0FHdo8$2ByP(;B /uC ,OLs5Sx Ty %P;yt]4?o!AaOOdV/FxBO՘PGmp6+b/nQv~~?vUdd10M)l>&̼ũM.s0}yGxQ4A5$Aиzrc}X>"L9c99vXl8QNfWŤP(-|]-˛i|)ugȬdؔ{eU@+.F j~W/~].:}kM?Q̢aMdXD%gJe;tNTS3q$ HwnyЛ+V|(sf['~CuTE`oPKLJU"s}3^s*iOtФ+l(Lvc ij 8C7Y|unMpM>IeW)K gk_"hH8hpÆy#}zJhQiut@k?@ *3*plθԾv_b?+1 N}Tp){&=鹴϶n ZJԚP@H5"53@#G) ,zw E#&5tTc9mKHݟC"kY[v`'U9 ֋k$ M]oje B>@ bƆvq0فt0UaGk)–i&PY :Hm*Dn6D"09~yAgqo kJ N~;@wb>{@1ZX+o*oDնYM"9 M*RH"6IyL&Y=p' Į1+V[|ݸsjcCRM0M'mt n! ]ƥwQ$ _b d1Byk4Sf+glE)!Mz,,Lk}R0؝na'‰(Jӽ|y!\ 3L{)Ҽ^:Л \ζ`1-mWd"gD}?&CWV̑rd@mA`۱zWIXФ&-Bd2^T;kyFE:;cTl4W6;QJ\SB]!l^MYN>RnCR._utsB8&;pɦ>@K7G"tC ~*E iY.)z)z8c]252Iv̯aCr UK:Qς{@qT~sJ.DHǞFI]]lj mem͐y3:m,N;O|\<:݋1@4ro̸ R 1V}$:MpdL0pCjb.#D nv{o_$$)RuɎɚN 樭ܽY+8=m~簜L`XDsGsRF%Ѧ}2ןq:(FahDAED0Vy%A@ ),Y̭&q|hPw2$ B48Pnз<)C; ڐe}m`>5-sV󥼾Cl6U$h ~iª zK@0r1d4O's{}j4;Qi#KHt>Xc.|?U:p*,<<`N ghbfwP~F]K\"U v<-1atw / /x] >}0NZLHK=!IL.NL]SeIpT#*Θf?)?/zda37+IXAgA&WeG}ob :ʚ)/\`S7^K#ָS~;;5ְ}4O"+S*|8.YQّ^{ qr -|Mh6B58 + J ĂBjq8EKK 벤߿QMB@pN"W$th>'V^.JXQI4C/G]oy9SF4]+`N0Qig4ë lƕ~{pH2*IAT- Ks'M{E6Y=T.m0s~!_0ZhGeS|n(WLl 9d:9~-Bw$A#'&-q ˋ 5.WÐLNA,{p# 2)sۆdKIQi:Oi(sm? T4?jݚjYĿ'ndp)@҂2DTb^G5?/ DxxV]6M ^Z8<'.~6Tjw| q+&’!19jr~F;h(0+hE!cZGW,oF/bKB˙Mt5[/2-ttmzuk>ղ*٩kp뵐-}hlBJ>J|QBsגp*u3(b$6ܕ#0v 5lb `y#d1ތ{ w{~/+QqmۻƎkozs0_6OJIqpԹak%a]󀷜ݡ1/0bS?n[÷w_ȝwƼa-D+5$q &+P"x"_a^>ꢖ"5E6<4ڮ$9HuxvSD>5D~/"HK: 斋 5cf|5/GZۡ-2orѪXQ/mka EyGJBŚitg2*1 RofkU !fs Gp^^=5;[糴~qTHĬ#T &=(q4EX *f@ηYof]l=\&0> FvxIm#5݌1Xs+?b\Ö 0vM{v3RV[ɂ[=}P>_!scN*m_ܖK7lWYjm$mAZD0OI.>pDhVl%=ީaa4:3? `q-H1_#ܾ+jz5Efɹ2N| ` mUHf|z'7C #`F:\^Iolnʑ5HM$lTba t#XݲG̸H̔.ə>x}Yc'X"XU2@~?D*xh}^FiAk+W/g&͈'=A{sN'bp+p^]{hviBQ:Z~z%m Gmm@tp%̤$CIB I{:^0 f6t7o2we4wϪJS R)/S5!l|V0`o14&}OٱuIˋǵȄFXf>)C oV Owփc1c^T2ׅ"Uf'v]MΫ#HEBj|x=pGRN.uB~p"Y88{߳C4ڂSGIr, ~"ᆜ~2۰a89<>e8M27o.K,W/mղhn3{l6?XcMDڹ`S2-2_ق/ |f:28UOqkw`ld^k>᪭ү>* J5%FUEg!e ڶI+%|cT*Rt0thB~=` tI!XS7e6ڐfzG%IӍb(E;¦_g{ i?ϻqxK_nGPs4z)N荡g2UeV#a*xYl8!'="eFL-UyǙa?t$IJ-TD.Je0B飩`tx;hS$#D@`fgyUL{??FDPXr3VŮ$UP +0?cS]oFhߣpj/w° /Ø9haL7՘Sd'k| d hϠB"Tm)yƪ9Ga2VWPGadg+NLrܱHdzې ãnռhY y^Ɩ@jnYH84仉h-3%3cԞ{*[=SC3)dbyP(gZE1k֋Wn(,aL$!䷆FAe>C_"u?j@tqO8v_`%y€_؆% 7/1k6Fy:P[vA5t`n$86w Ci\sM LZP8eCC62>KHإte=6n1h^HN#`y){ܺAS; yuїםQ^ЍLJ&VtjMii@_2>% X(+C"f F}4BLtvW6Mw=S!$ѨArǓ86Z.Χb K@fl1-4Zg+5R8Șpm,CukzW2eN6ǖ5g3HW <Q:A FRd$'Nr'nFH8'ȄEܱI c7zZBnC'Ts;nF04Pr|Iq@@ :f$ Z*A{vK-x8ꉆfIp*,J@5*>—+~R3{l^U<ra xGutQ|>twTLoMhn9{z )LHNf5;Π섣hQAa |=ҽ3v?:ׇ[|Юl;bT&dP[좉9ށH¹A*t3 | Ф7 nF_~nYV"PJdxn q'Ē,U Wmƞ?˾pX.y#@sSIjT̈.LR+b#cp$c#4h*ۖ'XfU7Cg2R 2YBgWЉ}.D? wwӃ˪uTL+W7Fsw\Jqퟠ- I`1~I^?o~ .lӻ)Wi]rÊwjxR{r,`صȵ48櫥WpɾG/C4sW }"6y/k9_ B{$ڲ "zI3}:>XzuYí|UDCuf7[{ 5 Z_Q_+LUvtbha^X  \ B Qkiر\2?$0`aD&s;˕exh$7_h 8,,X1|˺@tt`8 of54Y%f>> <2^2c|NuञKhQdl0cXi-JsZ憇</ G jSXWʋErNїk8 W.V)tؙXd˨f_NXtjdcy)4_R2c>L<>()8SKءhL:LMLs"FbsN1?Mx0W(p.B9sGj)RB2wiYFZZR+g~}tz84a. O vzԹ75-5ʔi‡^= %W?]g,/Ѣ10Cw̄˓vGo9ԦfЉg}vEHv̒lo2MГ*1f_W Ʈwuh1unOmMЬ莖=B ]GVa4km98itc6L6hD:ELO *YjOpr4w]S3&pXJ/ }ubpXBԓ_=Ƞa7>y:d]>;FVNa7ˠiKz7ݿNZRzf#&_ο`tPuYdkVv6ucWv$bZx$a !\y-^'/>X,j^bG+CZT]c\".kSGcs.R44KyyWe\.>_7AId*o;4KNcxn2ӗ\ UǭڔM{-mt"5x{tEoҾ5c`>8(/Kd4'wE^"Hf@V hA^XN@TZi5O> $>ՄOY(Ȩb!(s6PcP.bj5*kT:uOW~mW$28 +.1ַw7DpV 7𣅅H#LJ .VsZmeֶfsR&WĶ8I*_VMspcOɃ]5X01cU@045BWuY)WpjLt۩nˑF!1wjd`ng9»X/\ݑdžQI ZX8_Ol_ OT*Ņ4LxujJZbT`(T*nS+>5QW*}SaF (zFoS[-RV;0_ `ʩAUǚ[Bxiv\">خ\ٟA}a^qjg9GDK嫇ZޠNbKbq_kbYF6F)]+ =n4ƴ0 KШ?N&b J∶Ll.u_6;] rQ,{b'~槦<\j}ZL}:o-z M ϊҁC7I*Ϳ tdl[4[f^ï+hokTvTK``h̴\Ûoun tf/74})'1l)t)V'26Dç0a7>d& \%N'P )q5+bRг P w`鞱L_>6:AEHW%R}ia>SD}%IzΨ2y1*6513WA9f 6j,)TOcks2̘O4qxKâ1?dH.+NGxܣoH@q5 kt{O8uID[ uwL#BSJV'3.2u¦ /R<8~v(s.5Y9cƒZٖ\9`99pNcܕlng}`Âj5 s@Q-TءvUba͵h> _Pp 3ߊgP6_HK1>L)?Gh,`|в=WGz#KeYP ˙[|7֟^T?TW|s*RHEE(}O0L=* K%_}:(sP9M;L ֹ)MU+q]Oʼn“+Cԏ.W'\˝& ]Ic҄T >^pl9=FE=%g={zR#rwSeK w $!_upeRcࣉLz{Tgծ1?ླYx$MQ8peF1 :^#j׀ Xe/]3'C}|YBCw˂6MrrR[p-(5㗁:X `QWs>YBHZSd*aO I'/%ڸ&FBY#ՙSU62lCʢν5U?("ܝq1fww;ͻVnW.WJ!X$|07#˱ZcQwP5/;D'=kZ{JP apC1g (cd }aBkZʚ#+W :$i[Q]1I4HMkb|BR DFb$K"{;WbEG ZƬ39ㅽ _!,alXɻ+uB`v*ӊ4FbhvDwvmw|S U& H;ԝ:nW&>OKd3KBbfԥpxI Dlg E?Z\|/9Ղ\% s?d/\{nTCk|_x-_\lzI(!j ntIFVr[_RZYOwpU{9?O=N$Cy%';UB` [M_M%((h%yr,ȟ;v3sQq0vDVNn?bwfNG!vt~N0]zcd< P@q!y!ors$[S%D9JQAկNA/]J+ ( G+[p>/XVԧ;\+ܛղq`&r$G1~ 1; (3exZ}%}`W``0ƛeʴać++%s8f<5Qe(DMf䫰İЕLPл :B"}1eO mkYf[qdVqҡzlw9Ĺ`f/وZM;#xJ@,]ڦsp߼VM01b$}¾,̕Gԉ|*+|9V>TJ5-d$G >ioD2clrԪ^:3u>  ~K qv(QGh\Jޟvũp|q GCԝt8#*vHfY)q/+$ 3W`UR5r10fZn;=rY5 }j'I;myyGrR\?Ql17x@wYDݓm^os}+jG4%[a}']eJ+XyEa$e Zi/a#ב@i5+|1O`Jn>}疾]ymu$/ iHld;A:%j+c\ՏaeۖAGȠ ӌÞ_.) Eu"A7|mI'헀9{%be m'!hAVãjfWcP A7HwD&tSݞX'b-@1ZR5ج4^wd?A2jx"3_9uGƱN^a7})Vuܱ8kk/嚳zyPwltV޾>U_ V(we#[8G:1?#ҫL`dMkc:烅rM ;V" I)~ )bmnf)J|AfȇH -9LCA!-L}2`}P,H3Ol@7G}!G]'81 ƚxEZd<`%Jb[2z|*IUF{zL Ԡlz)5/ 考r"%i\0'Y1|1ܪ?8"@Ӧi#[D *|YC e>Hfr43<+WrtZOqVUO]BLc 5/ |9WB]tX# VkGUtʊroS1qDC <<3OFnʷ-䎘!Y)PEY%+X9Z 6OrA?P f E/!Mܺ#F/ߗ`1(j5xH8_ΐ5gs1;M[l J(t2rt^95u[(64K8NӷiGLH|j4՚v=Ů!Hh#+9%+0Yy5KtH0=t&"m{[;P:J|[5V$ SyD f.z ǜW:x1ڗɂ]ppL4I!fG᳔oWFզV; g/HgXdȻJBk,n`l(5$!^MwX~k 6K%t(@c4:D(nR]:DӠ0vLNj{PW&^@Ne8w敼9f iC#ti?#{c'ٮ φ<$uNTA:b-"* jVUܯ-PEMѝs948`'Q)l ?ЅL)=NY.z4̪UJW}couP-gL&‰AYLF/gՠkО Lq17oSblP\ʗC8-e>JSo"WpRQbRH"+Λ9f235 px"o?z}++Cf!@UK( _ktO8PrxuUG9 NI&ԛr$)nƲJ`lqAWsU=: #)2)~x^N9ddeS˫;,$:|j/yn .07D41Y.}?oytIH2"~(G%X!@d!hh%r>IP^o#l"i{_ԯx3;z{Ljn]!p2*(5^vI!]E2=[go_ e=]46>Jf҂(wD3CA/~7Tb9#BSub }Ec+4'[QI?+@K|`Zʢp5'Ll9"AJT:&aGw*@݀ɡO,$:oN>Z1C# gh "]=|wIyK"I bsh`GwWi-0p.׺48FQo*whٹ3I6a#K F}Pd4 V沍C$5d=H ^_ /Ab@}[Kbh.^C" JeO#97 z N!"v >HSRѿU2r-%n6L[ĹZ^J,~Z svNןPɍe'bsgD 7X(|y1hj~ʨC=qdZ%(ndtX6no?B~G C5 /zl-]k1,6LF8JښY i{1LsU@"|a]7Mt&§Fk&cPu=  l90 <番[K :;+`Z]-~a*.";8..|HOA\Gk8܉'+F\!u/D3xGԾ}_c+cɪZ̑rׁ?y雷Ǡ vS?9If\MQPC۫[xLq/6A}7s-$RV:_O'[`SDᇒROY9Nvb7[^M u%l)ٝ01ߒY9OK\vy&rMܒv5 QbUV8n  ج2ݺގx:EN`} `3&/GMΥCXaU34aƚh3@>ybxd{,w/]hhpT5{ʉɱ޴W+2 ;^Gׯ 3&+7#L\nk#4iNA 1Z0Jx;*X}unJ\ў؜EU0Ԡ{&ShPOgz&ۄI?ÿM dK1#*Py!{I-}D@+_0۵&#) ^f k͞({EmwC#:yU +I#FAE{RG$nolc z׀nB>:7tLq9jJWh.IMٟY:I7e_ 8vY"[_x{RIw`+d/엩mx3 ghJ~zQӪF̗pjZ+]k?b bJ]jzqӣM߀zp~۸&>Uqy-Q ?*zw>BOOV4T0%.`t?E}T9+YhyFEf2&D1 ,k}Ԃ~mL eIzͥfN_OJ$h>բ,KաlǐW jIsi߉nC|!mЂ!SBpfz;;)3҄ys]F~ R'T's%Hy VD@4/e&pxnq-^ |=H%fwX}{P>6 8IPЏ=+fw5j2Ƚj@Jb.G &ptYN349Vs鲾!`٘FnqWNRbl5x'O@"MY)D6sq lI`1~w )(%$*# {LV'%֐nHOI@mnjY8D%eY@!wj{ժEKel%䩊}VZhE>fx ve/tR+lA+ 3Hap*IC;doo#9GҾMR} Dg12ݝYBJVufBf9us*tZ!kz\ b4JOzNs4FŒ @C`ܢvU t{TZBnO=ާce@^Hʳ0LQ&XƢo >DCWъ?6Z!S' tEy彁>q*o3Gb}%S~53`w4r(gn:rIsv #ddž!:i67OzĽsAkHfNiډa]T?^̞SۄIL=󒾡z=Z]߸-4ES}g q+qdge% G0"*O{d_NWr;.RxҢ4hRsB0fOoJ^g4N$BBqxCMI("[rh+Y b*OX !’2l_J7mi!WDA[ Zce7A7?GWN , Q⌦4O}Y ܏~;Dq[2]bNnG\o7\~;u!ݪ̦v#ARPJ3Sxٷϼ_Swi^ 1320<İ NcJ7dD1Xyn~R2/?4tߢӇ$O)H8ƴ ,2IG`餦5hO F p jUR%Qi{n#%ccPm<kNKr9+Duu1i _ lN\8zO{53Lm6fk/ A2b6Y3Bкch m8 oj)T<"z>dP]NI/Ivj.~Tip|ݕuܑX"iE~?2d";$k^sd(Hh6M++X+MAL@*| X' iۺ("p= ng-FXs߇O;5B;6{>o%4DZبdPs #hFȗ-'T4bNVB2EEXdL+f2L'NИ","qi^(o\]x+Co!i"UOJ""b J=s3vBѷ\mxC |2ˍOS<0%UuqP7{-B"⨾Jm Car ŧHj-8qR\{D505+ +6;Μg|a8N_HT>D "7hR؈O|7a6#0PUۻZJ ݕ j'fZ"<|F-" h>5:og. (nk %jlD-m Uc_6h!,ؘSvٔ $K- m D1>y_ecj:>Fe4WOBae 딂c  lYE졠r CTOV 5,w6:"dsOy*5|H9ʳU87=Iuc&%As/‘ċh NJɘ$@5{կJL\7pQ'iE3>fW1%?bdWՎV7#\rވQ&;BcɶkJ; *ǰbK﷭T[q&*_ku| ioA 5[cY"Nd0=fHo'[/aר60h1A"[%(KgcCAp%E|.]A{̍p$\3(1Њ Po3ͶD6|:#]Z7Sˡ>?%r7B^80嗳rj&$NPaF Ĵ!y ȗ0#b.WKNWEu@.*y+YA Zplj#"TC_gNOc{zi7d/ Gurc[Uefko`YUƙҼcHY`D#'@w4L VWPu%%&8S X -mш Ql&գ"ʮ|!4dDpA03Sb3\=e=zVLFjdIMcyVr(aTB=L4s!!ȴA6un˩rrIfP(ט2tw/5~~ld"y5Ux X),] khn ߺvMл3k=tQ-Eb,"Tے4:qeӼ&ّ8O[e·RЩ22'ɧԦcqOPlb%r[pcQm4c Ou*6R \%'(ڐ'/#ŕCB/ y E:GӶ>k1Аָ9]+ c/sb `Oc e8S niH뵅=ot%*I'%wGw-:KS=)R*-X$D*fZ.N; I 82!bرVo~t$mސ ﵑJ|MUChż"zuTN#-ۭm@w/P;?کܔĽzl+m?кېuzNݔE'h6$$%RY.S[$py1 .L.ѷ m/l{zޣh߈7ez*)H eT|ypt^VrX ,hHJ1jbq#8,]U+*OBzJOzA`ڿ$PU,?%J;uD|M<|&&Kxgpi>Ly29 SIe}S;>l6Eiĺ/w %C3wFNC#Cń\+lY)Xk%&5)SF{r[mx2DreF҆rF16ʬL"\N'rtRKn"ȢPLBD).V&$F曏W%)c["ZOf8NpU]qDb{;[$}G SNFWA GF7,22ƴҝ)VBĵGXTw0I;: ^gx9hKڳO%qD bT=:rDǽuJe?&كA_6Z~sÇ+&'db(XؑW@ĩiΎ S4,( 'q i,#"U$@.?^C2Xp:S*ǝܛ6)I,gK_Q ٖ[$:rO?\R]j~ڼHU7p3ݘ 1s&$_-Xdw[ 1-Wֻ)PM:iQ7Nb5[΄(A ):V`E2J&6( ҹvϑx=&81m[6b~MCrPrpe3qz$raW cXRJZ/,sޭZ|Fsedg >ۧlllU/KM~훸̞9NLe1**VH拞^Te/"@YNL/>v܀y ԻN+D4KO \mw.z$ PwY _5f@mb$BH(PQ45"<ٱc`U$5U&+_,֨':3=]]3VV!"?f8)^(`x m>)' Q!kBANesԘw`x4ވcM#2Цa1r=kM/64jH~WwUr^?D}F-#]OQ1D3r{#{yނY3{{\sTH4H2zw&a9BFLs„$T &<[52 P2yqj,SJ]̄B حGVf! ŴuZ,0Gy ueZ8CN("*BTkݗBK3}+9&m K|VU#Ȯi 5vv{PF_ݰtuuA=:}N;QQ4[yFZٔ5q8&I&̡\b"_{ \ćQK4nب)b|b[٪tb4>N>m)!I %P9.tqW`,ձu0|r9JC&Bm],U8aݓCǛK6eDd:3(}>wvI[_T> A?a4s伞%iƂUD}ߧFcV*  TMCD)nۻbX 5DF%ڇ ?Zh 3ɠ#zz=#+t ڥ ]5hӏeb`zQauVy5n1>:C#pOFFoҰAÁj,77~%3CHDZo+m/\ ͠CSfNX׃ tױQTPT$XH>)2r(;|O c5t'da59Qq@^gπJr\֚%Os'a0Q6 x;{75l 'g%A4g&]?\%Eނ.똉&Td^42%_6ƣmܱC_e'dщշ^l{^pa|C/B]zio+s&R׳1Y%%K~Y0nǐ-*rPf` |*9_viG=ϖSZ8ֱ: d 'k9KjS`0F鎺Fsk. BX&,jy[?MrlMY}X.ҚT=f +ZWx u-զIv 29CBF\y)sO1 ߋ藸iFZ=(n">qlVC_Ŷ'op v4A/oyk/I 9S^bV&8yhJ="w)i%:q=+n$_.Zeޡaގ{|3@qu(j"`*FK?8Rro䨛 F踞Dvͨ)uivmG2)P OfU ,9z!喁=n]+2R%pؒ725> uc7]&YĥQlZ%h"FAF%,E y^ T^_:V :o3yP>)h\LDB X]*Ʌmv|hL B.>#N-17TD\e N;A`8b3\ .IrQJCy5IeEgPQJúũقRAL*93{5Ta0UE~[WGnT!&e,r6(|q'vvb@GvPvpah7udC瞖47 Zp\xJ.c"$ՅoyLҫA"o{/E>P?mK?v&fF&$3qM-̰ynyh"|h>9+UMབ>:^5n1˵1/жDJYY#(F72ƖJHEؕ9M8#k5Cɝf:%Dg8MBuU\T '0ꕔ=2,lw}~& )_^2dO5rgJC).)O1k$D!QDД/4PajؙR%sFX6|4=Ly~.{ݏug0U~1v3Q) \Թ5|`uJ(d֒15O?!7]鶉ܔpylq7WY._OT3AȂzGQPl)f{%cshܭKO^ưwjvWe^z#7%׎%5NK[@]Փ?qK" 9Ջtס4賸/Ƽ;BP6eBR WRs7 ^Nz>*uzwpi(bB]$@㰃[FX!{m};Q,,1uZvIV'EQ9>YT6EP`G{P*#;%;~YѧB9*[PT>O)D,Qٮn>`[\ `#t6Eo6QIrk }~׽a;lC9IB_:˞ O/nMZJDh-6%Kbw)Oܝ 1+[Db ɟWȽ?qe_4כkx6@駣@ z*_f2u@X}M)Fe`Zآy9jx#*̭wva]@),blOuZQmgٮNt/'{K\5?OY|h]H=yv^5΍֜om"'>RUvW1k)_smJV@JklmۢX-wWIS6_6kQm͢o[Es)2+iǮkúHKRӃ@,ތ"}< ^JhVinPT2t0wͲ-M+o@RnԖoE?1^C,;ӢD=hO|K1W@ؠ49{?`@_vI#U,[_S thEyUi0`om59"&tQ }ӹ O>LdE ,}_9hkV xu0͙{r:GM I<ƿmJzn*%ymUM'y#'Y4cp]1>va@yETJeca>zn>FZmFBE/#h k>)^y0Gp+OTːU1ʁH6P>j-Lܭ R`(aM"vf/hVT/Nj eZ49j 켥nT.2ז%eS,ګi>*gxm&S DKK1=WLAh)5Ԭ0y (P ՐC?|l=DS!n[޹>?[_ >r N;qǔȕwRG ``6d;@dDlXtq]On 3 $ ,ExX{n_ f+Գʯ. GҢ笵5:Yr8%e\2"N~bZ=97haLjq|!šeDI X ^F\[e`=UhNzd08~D^p1`QkO# +Gj񠠀BHv?xwyXHI7p۝׎c>5#Ƥ痔r/?{7r\^B]QUG7<V9%4m_sclm {c€GoH QޏkIN˯2NRxa>*`0*LBep ;Ѡ: pgTde3B0ͧ @'Cxݰ1i)vߟjnrSA 3whhjR@X n)ļ7sth].C3-l^k1^Ny#sϪ,停É5]kF ȽnQi8]2z$*dw&Ŷ)RלذC,^4eKثA+nQ1z92߿}aoa)F qT}. lcщ1d/O5wfytpQy/S T ŹUjˆ.ʥ` ?)\n1jdz/^lT>؏;kr xw|.ְãGC3T<:L3#o70LM %atj'D_q_:%խZbHs@ď&=Ih5Z^,)#,J| i@ikJޔJ\!ZFq^ m!eݮIM!ϱ-ײ{K!N,Q{$xs="iYI^';:yYM%an&>vf%˥{;cviZJrHw-"] Rs9Tē;3;,LIV4Tyr8# x:|'~;v33ViC~yCʜǧrXpA㗹w/#_"Z4uy ꏟO /to{Ն9#?R ~mf \=X>U{;jwva\INyO=Bҟ[ETsHLͭ7m='Pk(K<jY{Esm?!Ar[P.g^'D!M)zOfܸ3zp焙bSA(?e&g<w؋sK֌m&τ xؐ(' }{Jl-I6·Aa:~h ~~ b-Pv1 +k D ;r+*9tgҩ^f!ՖӤs6' wG[G؟+ErCǬ2E~)D,vnƘC Ui=:Wv;ls{7pCtZ*o$VQ <,#Ӡݍ:TH(%%BḤ Q񠧭AYw ewOTİj>,Cߋ]xɸPly.tֺH 0pBChǰ#)zTzHTC|`O`@UU2w*e|qw2&]dy&ݼ0 khz`'MW; 8>pR'v]= +ƔA@ˉct̕Ae?t+ޠ j篃f1މU.<@txdhн@.TP~>Ԕ<_=656q53\4 p4w}1 [)(=E^[ԽVJΞH):„7ܪ|F`=YQ} > !o \:@y\rD!":5@NNuHwOF[ΗiHWTpprzckϿ.6 jk `]nð1":O t~|x,Xm?YxQKBdP;p=:aF+1(tV501_sΫ\7>0 `!3D[“%V>3jX 2N$zX<d ,?,)vG24k;<@ W]ӌ6FH~QXOxf$1kJD6~ϻ<,.owXq||"uls3iס:16&^D:{d{pڛ˚MX cKEq}?6Cs_Gk聁]s}0w" DH@ ?MϟBٿ}U++ 0?]~Z] AWͫ("eܾ*:6qhǾ0ے?+Ut|uNi|ެ:s5|nZፇŴ?jxlDHi^RF ;o&.6:tBL'xN. v(B`6ἛX,b9eň'x$=#hCT{6'8gMX@X@ Q7{<+392rC~؄/z gFh-Tf,]ʂ~.C/9CWA+]Fh=N"X,C&pR#՘i1(."U>S.Gk/j3w#jK\oO "DzMpA͵6?q-?զdt۔&8"LeJf!S&i+y{KVX;TxQ? (JhZI(h[dt!p0M7H\1̣&MF<k IVnnWZ8Ob֦yrad_۹nAZ<y;S]{ȑ2D7BWx(҉VC>Aթqj+st^!;H8$|'*I&mD=M&t`| Y$ '0N4^ݫy'7Դȸn@Α2#+ m? `T ؘE4߹'ZxW+1xtuFwM"I 7q@L>GUaRg'@͢s hZx /u 8a(&価Oyը0e)suHl{HdkWdv"z'`-{_]{| pjcr]!]Ãa&:TJ"!:#i¤+i"b~ī+2 qAb6hc݌4ђ/@;DpamשvhDH.4"$N&G^/~:$Gl-KIg 6#x  Ӏѻ?"jl&6J%kmb16#G 7`uF/Zi/<րRL%Kkjd 1c(OJ~6$9ÉiCHq J.#n.R}3Ԩ3mѴ{TnpPP)>E91 uT.N"h}wiuٍlN?Fj!XIB8CK<\撳3uZN9Eʓ$m ,sTWhhȼvd ֲnMq$wJe%&û3OZ3AY2fg<ִ9i*+Iw$Bc_(dy!}Ny|ƲTVy_&kR|+DJҮi٭cWitkd\+IiiAَl!96F}|,&}T6ai&=&wRrf hf 0:m2~/ț<)Դ~2i4RWӞUi.v..n&FK:yAK(k|f%4|+2򪌢yMz(N'ד./6ȡ74/!t|zK Ϥ_$-ݴO4gd_O9M;/n/e~II/~4˲ WdvUKOcsح"8zJf4)Yzk|Ě8{Sb0f1pq˨\ w'Mw\\l+U=ceDwD(CbiRFZt\ɐyj(GP C@yJ{If Bl)֢K-=x\ͭ"tknA+("]p+"yj>H4klX{|t5w#jA"DAԪrHXStڄnƆzWg|p¡YtZ<. 77|Z.RkF"'ԪS VXUhlc$r' X ~ILoPqVT $}.Pdrlt7@6ٝ ( 'hU9+UZ> ڞLXC>(.T5=]Us"S< -5hIl]|F!i@b}i5u-e䭚kﵯCsIKUfyi[H4Ό ҆u.y[2b[){^p5Κf!Eu=SDwJFUJJ~3V똔&EjkteT 1_ Q(3Jg0!f&R`xk7S3אɗdPG:&q$pU6`IDзdO\{?@f2TwAs@ , !mF&sA6 /?BuaDK60{_ A)0ȧ ~)SiS`~ S~ :*!t&m,h@1= 0dF  ֲN3!0Dd_v1h=gQPxH6 ܶka/6v؎!4~8%Ox ˺3Hÿ|[i޸kZ(-lΆ&Ms`'r W`>x o8 @ÿFb1 E.:ϐO2x E׶R?cw(8Ґ0|h(E#k BfSx qn?ςpG- )c| d!ð+ l w|GMDpۻh?rL#'Jpm7 Wb;0_Qhj ԌEh)n+&]# #XPE R+ Ю)JIquhOEy@סO%U:wh.!޾ϲZ,'=TԢ#/ >/^ڂ ,'ځWDpQ ?2 N4{Q9F, 8᮴uxߘ.z#0j x6 Q7aaEN#S4I?H P%X)Y"wblh&3|z0@!f`fZ`8y8.eamgE=IN_,1I XgF<,PZVi!njVsu#>D#@`i]E!M5Z*ς>ddnTL'f Y5)44FLчh8 pNk:! ΚE XFQYך'Ϸ 0)׾SA!u/wi[)J\-F`KX5 Wb$QԡZHvHk NߑZK&j-S fBRk>Cڨȶ}Z}bHlGPfcD*m mmT0/0%mm t81#"ŅDK` W`R$tz;?`H6*m/SQKKj٧Ė!kQ?ZRV|M$ˆ):[jAp 2a9"8QL;Xi8EdC7s+>)a^hÝ6s(N4LmD;:G$f5XDSQoiaP-2iGZ e%*(jHxrXmI̓_ȣ#%'ZqHE=o}Ц!xnV^:d.] LzVgWB]i mqIJ6mo]5HE vWrEwj'aY*·FP@g?0u:UElM5Q "yp+d#?)N9nںo>[/Vc!ռȈ[b+%FE5 eIF}E4UDkִYXi#uEEk$NADCXivl’ 2o2Y0b8H6'fdu#Cŧ1ZECw(ߔ4=?7(O"2wf71f}(􈀿[' 1Z BX0#bӧ|MFMA~/6 OѬ_yu8$^/e\h9ovIZӅFQ5C]Gϟɶ-E%lqqyXܳo_@ s 2d᧤Һ[u3foפ3[ úbg(g/.d"{D<}+ h w:T<%|q [2SQ/Ȗs1" !$8X+iBPBmbdXAZ +vSb~[[kB1nDZ5+z:}Mn%>zq3QoXE R >*YXmD'İx8"cE>5h k3X >V尕Sj9lc71 vs?.\Uk皇5Î=*G{C:vqMx[YuWOw»Q3k:|x!;$kúʫ(&*D`l'41ya5| . : [a-V cbvpp5K.\|-,  䍰(ßc1k:EHȇ5BkHDmd5B1RW\1I6#`l`B L^:hH{̈́&FQ=>`V+㭆A.sƶ*j}cյ3pt+@BLP!=d +u6p!FŘauo+Ol# i&pc?{m=E&łVOF:\E@z3KLLC=.6} {ggHK(1r{a ) bdx`F'0IC)r(#sE Y 7+?  Q`\rEXD#Y' d#Y/L,QlS2YԆԣ&1ve9D_^q?q*Spo3_ 3rH#a d"#8dOTTȗ'B2rLdmN3TxP0m K<%0P(~vXk(NCن%ag+ȺX@)(JHa"?/~Ftɔ.fDo`K lߎ}l):WeTIrv>,DtFsp[+ HA8k NZ6oD#Qc. XOQE"Ǻa'-9qbv|ժOnrc$h VTX`^QDZ5X%ܵ\k좤CgBm>n?8qx.I9mao ?n}`@[%}fP!5Zkao|A4M7}dNi1puN e0k23;f 3ęme)LTYը&*ƒ&A'~޸lO4_֡T|θv4 oҰSlr %; N/sbd<17 st?,%.YjD#KH)rY>ٯiP3RibZ6wp7,[Dܪ7uTAQ BxÄo8[eԖ\)Q:iSPe%fHu$Q3J}EYSo3Jn)Kmw#ʐglzf˹p؊低HpyEW_fЂ=a鈵T9 }g9>nΨwz㝭xgwxg룆xgYl`)ixgkz_Uo(3l]+Af^I3!Mp&$*ȧl^GW=UwXSKa["C2-~$ kDw`jqtW |ۏ](:U$N$GBZdۂRl[{񊕘xgӜ-2aQgHitymEXk̀6RAH0Kг.6Xз >ِ q |[V-n|TKXrD]}Tx㍷eM6^Z.\CB:]+9~%)kDCO ۰>4 Mre ND} oTj&jL-| 8XO\bm{i,mM̓=s]|D[;i2n2u*1~9Т+}ZVnLs*ʋ̞fM7&r0~@% N +UrEM&G鐬EUQ+j}I_a4XqJiFsۓG6/ST&z> ΙmXGexP&ᇌYmKqsg,-؊庅3Xiq[!<#8^szA׭rzjOpF?)rzn O+eļSrN"k |r^TWi <É߸nx szL>|â]qc9}=!9uGg2'ѯGCtc.; <^u66a-g8Қ\wJx "{ uHK0?9=d ֟\wUxEj˰\xp-؄fL?a4<0댹 ul@:$bgD/ġCH!k%\~;8f o\!0GKw|ImcFu慜LuS#kՄ{^K\Ga[76HnQ_088j%l|m0\Y5lVPѷa%MU:j֒J"lv4wԴ4fkEV0\J b%<<<7ff Jp!:5FI\f+_^sg6w<-Lőy6𞓵֎6;' rD˅9O/s#m]#qRpܽ[K6ȝ!;4`dV$ %uZM&uRVk`\d܃6poi]d]_4M*=x?}*/؆LQC·#3~ns?gmbqaCzlx)Ӻ3Nz?ЊO$Wj܎mp7}뀧u\;;Ѕ71DBb#iZ­[`VӼdUk$ɸAcvUM_;h; |9VoT+[ J qHoA Nljg7Ksfѿi UٍcPQVk?f *ϑ thf}C57?aYeǓ-qKMT(!j$5Zz $h>,2Ǟ$ J)֫&J=z1XNBezqoիk[)8Lj?k d&QC`{q L_}q y/Uv z9=膳㦒?-..l _܀?:ڽ'] HH@VAc'$ wB Hh$ +:#y{-o%.3;=t[+z ׂ҄i|} K<.Wٍ&MS(Yr!nA AUvsdٷ '[p7[rBf݊!\He[QE9q?#CuD dP%@i|SЋ3L<T"j,{ D+H(}"%0y|PCZ5R0*SSqP -Er~ZRxӁʲͰD 6 ş%9&YI省xž7ݫV5փ'Kt66D.ޢfiQjY}T  (QT0X+dp%o>l8x%6}S4cV=nm~]]VQMu$pOC]"Q}4lP5w`r0|`|VE$f~G r=)㌳':/w%w%m[aD.. ּUgMJ'KЁ n19p#^q)Ѹjek:F172x e{Wu]l:ԮC迃(_4L9}]X-}ɣ'$yoHA.HLjt{RU@̽,&VZ)! /$2(uj:Ok&f_b k髺~ zNYݵu;Ñ3t)n5(0ki4Z %mvBCB`3K>S#3nQ_W/+޼FȾXWBX10~GDܰ[P^BmStcއ{nG6nKl/qs5ķto?w컱~_t NzԤ dȠFOw,+BQmz7Ú\c75 7A`f6x9DD)1TE#OO|PnZFs(aPO",yYnpX B  PGr! Y5BAڡpG^{|ݫط ޟyɾٻTow˃y[/Q@b^ryGM5|PwQfHKq 7]blCF:SpqXڟ07vHLWӱ;| ѿA'_1CWXg:H \ͷ"| h".&Xo"r}]s*.tn۸dZcHWl 4'u= \?oz0Yp=(ض6=RJ1MqgW>=a !ē=)y@|fbE=[Mq[*ޞ0$~) G$V-qSIiH*‚(*髄-! ؄; z>8Z3(y 5qa4#gl($ОT/ 4UFq~GMwBꮫP^*=65(cNe}3ŷ`7ڙ* #Q3@솻(Pajj>Lx$UGe EJ 9q*w8{ zN z?asyJfI{r378*z:@byV܆P[&/OiO"8Exu{ޤG(Օ?q %U,Cόd)XQ_i/2YK"N@z n\x cĂx۸_*#K*|QFQ]gH=Q(|jҾ,?P@̈)mq( 'm<"o[o"@(GJUgc+%ݎxA%Q 8pS.}PQ?7P,(Fˎ8HvȐu}_XPհG^gl adR0ħ”z>`ĭttp>>j,+)g]@3Ljvmj= R9|4XD%/!H^ hiՍa|X'0I`Ge6$sit13IMB}XQ{CpL-KfUe}Su7˕pdrS)/ l2G3 |ȍ+[+Sj{]30iWnb+oR9iBzt52!Ntn o IYLQΈu2sNe*l*?a{l82QE'v} rɉ7)2-2#j]u1?Xcb0_NX@6kt>w+ s7{ `a9$70pWsӍ*ʃ%Ța##~d_Wj.#xh΂h2i.uZ݃&}mVeX8((Stԟ󼁝.3P0u5ۅ^{X9 \PB]3sZY8ȵ`PЅNJ0#IE1ٵqocI8]+_Dn>9XoVBp?c]h LӭT~gBܵc0.~`$a¸lObP`~ ݮm#op}pS>_ 9TA8_uzXf.lM{jszSv|kp̍cr3&jOk3t|8g2g7;^Pf`ާpQkҌf❕wc*ͣw(Q\q,Mk]!C? m Yn)2hʌxpM M-EPtǏ2 }nݘ0dA?B^013 GGzySV|o/͉y MN ɐ-r @ X8$$23X݁ c)JSW3sY_Ŧ=c!^0J&8*YVvdmzCuA;Cl)J\F(,'7x fH7TƢm#y},bcj jӠ^;3F~Vh7IÌYl3l]f&O:x96quИ7S1ISnսIuߕ3JdUq+ވ~MNc|7*#OpZ<AO;XiZ' {y@t7%/:GFU.Nb(X^_Ų<ҖeU٩XX\5p31 ;`R__&l=~D>&5`; -y^&;~״cp6A q?@T T֠*~b~a"tȲ^ҏbyjNQuXEb*O84_Dv980FrW<}+9Zt7A[jYƉY t#?Hz%hll7\%7q!n94!?:_z=B=G{:iu|9 sA湕0f .y\.mç36JRE$͉ĹA 7NzC[YԆ_NN#71\6fq߆-d>owI?JnEJ.qt[ 7J-{;i.MFA 7G%[ {ܲ1{LWSybB\/3\C@D@A3FPN_jP;MEy5<ߺYO {ױɹv~DjmCfbDjb\ESOXiiVSˋf0TMUKTNw/YUTƓJpZiwL/vwY."aBq^J tq-m<1""ּ>#1:fbjen(U-Y[L([fǷ!Q(ۉ0hF%,)#@[;2d6Yd/!Hd-H3J͡qYJOۅC-J!a vRn1*w)j;P+*(AQҋ||PT]zp'OԘIcׂWuۧ\ilooߌ ܿ0 vl'pkYJ8^*z54\ruwp^)@ql|;M wx{gǞ}k螇|,J/2N۔TR.h|sgU M g](&p XeQ'LyB+M_;q+cN<'_пqB&[篃4b4'&Qbqq'b0[8~I%s 19؏|(ynv #xX,Xdv,m'+e<u_xsb00~V;YT};7JVi|W{SY҉>';٘gQqvdr?썂y;#a729YrmSMA+/c+ |+iZ]F",=4nvnRXs>'5 .)br!U]:C Js*z4#r7jNES(]=;\ÕL-vrbe2j^h|﵅TOk!6f@dl͸7_ ›X-qT*6]dn}K]zJJzHfH_MV ~[TN1`c8%^eī~SSM͕{RMMN[}f0|.-},ķvxi F9<ʩ:3KAIeS[C y$&\><ə#+Si}]T7xg<9wML]-1Γ>XOjvF,.H,T&8 lTl%K0jڥ-bjRmU|{"ropff#!A?97i9۽-[rqTsK9!sL߲M[2sk%6/g~ހs1u\uڇ/&ۇ?!&XJD> UjA\Oi͉`jL<X){qeZ踫peΉ6`ҏuJzp|l sei(o yEӜyjF2WAw妆uP@ >wѵ"]M(K0'CO]vU9z<ٚ޲, MDDrt-) 8Dciýޠ(\#ʴ;֌#4ܵ2Km +7"KOp-,> &ޒͤ-Z]V6^P vxF)uO/)g5n `S=QVz52mw2v͠VRnͲ.4Rl/WGE_Y* YCX gJ;VfO(cqP-+o(">Zj5c`P'fO,5cJCe~.?GL+> ~VAb}Oz ^ _'J)!oqJ)ڠwx@Z[Inlғ3ko%i/nLV*:RQ]>N:>M+._{yDv'8sաƒBE~_=m/Oֹ4Y$WːV+9SE>g]pUDnL"Us)(Y]|T.wG ' P  tAz HG:#MD_P"AED AKSDMwvݻK>۝mvyr>GŨR|KI.EYQPyc|{ܵiؓ83,qK"7[&y8(; to] -62 ri4m3^zYo*mc?mZGw]HXG\ȣcUMB݉5:qaM3q_|q]7E#U]rxsTM|n9ٺ#r9ٍגCxEĜ\b4,}NE/D(}#܃މm2KQ&^k]lt)<jjkj3qL# LvLȯP%҈ 6=ٞYebS& s ؇1SӪPz_;0SR Ei)lP],,imP!$n4&%JWAlgpgC3JuXQ٭fs`-O䟩_") kfd*Ne_ŇY5lt\$\x>CG#oϐ#]M{3S* .ߵP ӦϜk՟״tT*4&էF }6 C^>Њu ՞(l\a>>=Ê%sCY?#e+)=ҏÕL=_HXsj 7#{  B &lY-?9lYm1ąe* `jvuFu&Zq_ ߭M5Kj\>[daow"_ƩQjs8ŲemO~ c,xmT! 6iB=ӓBb{۾UT 9;ĸE x @ Pm$H }~.W+įJ4,' +~n_G^Ez"CdH/+a9`PWN%qk?yȬ$W% |¯)sr5ZTU%NI3(I0+ӗ^A%Aç!d:ĦsKM,襦yQ裝%%]蝀aȤWhjB:_MQ}ɫ>e{K<-<{y,q2VsǁXy/OU&vkAT>xJ} B5J&>%K]F C7ɻ՛ 2hSwse˱ !U;ݸن+Tzȭ%k F .o?' |}7M~Tm|(!x.&;01P^\WFHL:r~·o>Lgg-kXOa*UN uc5;{ˉ˂V! 1G)#8&bZjM>2JR]Ij7s,>ޑ£]R/[(uxoyB6!jbӒ>^-e oeН* al~(.#R.ؘB٪LXu C6$ " ӹu9+ky(_gn پZ-̇V xN-SEXNj;PFElj旸@%sdLFmCsq}JZYH@H# Ш;' Q,oҋ(L_KI 8 }~' OCUtTEKrkJ~64~$HQ$&,OdYsmDd9Zz3y5=n$hd:.lF2x=OQKsRqH%O a1h$,-HRDԁLP #mr2 /4\o|G PC~L+Os:ZQ#6vZh[]Uj 4Hz_[@C>n27023e9(g1 i(}D>=yf!=_d'ߐ "[,*7L% 0[$UvI`>uhTzJwxU6GwAamU<R[Ö3"4#_CA<_qܠjn-^Wgz 0nK Yk)k)/%M~K/fc~]ga7F!ѱ2Zl̝A*l\ƽڐ@MQh3W9"Xɇ#sӬ{J,ŤĦ |-\+DVwj*SZWTMu@ R/3qrf-H[gLFj]۔g Wbim. z`n,I .[KKy@[+?b߹Ymݎz GpOPhK(pbtکOn;}\!bx,[l ] 62Ml@<drh.RVD~r+CmzзB/;K J@2BC?q(4;A.UM jvm-@)ryz^*wɪȯ9ԮTH[r3V6}LDmiG\u|A;_YWMl)-u qNDvg% j'd]!4z^j[=$ ,:t7@nt2|| £D878T'zǜ).,5W1g3X|.?bq1VT1%3*[.U_z8([AҾU KEy=OO|ʳ'fZ(@@F4-p0HֈU;ы*_hhoDYy&n{PD'UD]!s5ZJY*o[Jge\b~NceJz^̓yJ+ub^_||Ӽ| 7̷+Ey2I1@*>̣[K{y2oZ2 -'*bB1?s6(>VykYUD-?72W<|fhΩQ?5s5mF7QF-#x&DDy>AQM?Cj[;2w4Ѵ6ÎN&߳~&2;rY0'4ϝ&(?ıvSyquϱ,zI=Er 6V,<ǚ PW}4$FvSjǐfVaJ0Vs[CG*s="/>%LaB%@َ_MPO!dhiԐBGl[XM5fAsv,EZpڮR>(6D1J񎢸R+&Ϩի-Iw@RݹSjoL$֘gLQGֹ snJ#PU_2 JE- x^ו-*+,uZel*L[큀퟇(̞Al)1˕SuUKX$@PKgպZlM6kV%ҳ\;$5:5efCw+M<æזyTZ= -rU6-4^\ȃ`"m%XZI?$4 y jM@Gf!O%.L@ԉgT*`,'`c'@ ]^ :/Lv\,(GB.qO@j]{eM%)C-{`ePMs]iqwjң؇B{1INUCU+:z1ZAߪXև $r07*s3huLt%8ԲT{4Z!~1mf ,6 5micwQ:-woFgi-n(˷WGHPȣ<2vu,RjhSlo9qUo}R!~K,ېG[FA,ŝ56_0BDنO(]zl]%D)|[%Ɣ0!М XYMNtTHG>ʪ.jp g_ Ȋ me{1[sUFz5I {*Pю۾;6^b fYڴԇZԴ~+8^&$DP9ʍ;FJ',ޯ \uh5*UU"ߔk2dA.<T6^k[q=q-{ 2?{ٌwqj}{9g /3"otAx9j`e @ZL`3=e5}@ffM~HtTEV|bYM4ͬC+H=8YpՈ ̓EnpE}2G'Yg\QF͏3dPS*m|Igey_y!{+~JA q%ESTi)Kx=erGUY/OUsWJdsrS !kj6V/ܵ;[p4V8~NKjy6 ~'{ +JHGyNWR/>mJc-1G4'?nv5s#pʕъ"8~5UYfbΩ]8~W8z%-g4ykG䁶vV V8iǬ޳U_`ڎ ٲ8[/~!Mعc:l^piz]7po?$*V}#[Mv>2/mㅡ0~mH8SWAV;^S>_9=23v⊋p9Tz<h^z?@hX}[8sd#GS2zZ {;a3qqyJy"6^qC>-ŠR6Y5]^ 1$>lKp4 Bt(mQCLio}SH4Kb!2U=}i$߿ W1Q"Fokvwfٲ^`K 3Yv<#S}\u݀b$RT|%b+i<)O6],?W4sc@ I*8_FW 'cw F≠KM,itBQ"yS@ϔ=*|Me ׊K<_q@پfum\V\gEYnw b ް;yN6t RgM+ uM̷ɲŃ\Xhw [9>1&jR_ Y _b4ܗ'S4طmRcQU+}Fu;ta|#|`u =d:nv [j3$FKfqΘɌ9JƥhξhGa6uZ&#GV[PCDr[>`"ͯդ#5v}~zB~~@9b%T:\j?6hz_@{}G^j(,.|{ 㦂mh5(gWY[H?8jx:-{N M[:߹BCiq+#)G Y3J>2m,BPe\DO_ղHVw9ɢۦITgSMD?xb&⭁T.v*Rb'%xQV)=J`(T >E DZS)TpgE21j+E H֗XKլ 7Zna n-NMlL{&aEX桫2 frm&y送Qyy߆LK*!̓ގFVczo M(pzjT]GRYLe`*kHnbӸ ErRpdي \tx䁎xGӄd 7 kUtfL_5uE:ՃBjWzk*c6}WbсUƇ]UFGVPl1:O{ Xu-+9ڪLS&xزƀkHFMc! ̴z]ȒR|ԫa7#|cN 5?k4Kw鵨b{k;uz-C5fKP.+Z5ҵWӹqMUj"ƓC:~0`4TDYwU1 vHhœ ŒhT{&R^fY$'m19< LD$ JIQ&ؓ3&0)HE RXLcGQ=Sj`ɴf@j#RԇgwΒe@X=ƬUұ|.uF\;d Ƹ5k Ed5 y,I>:"T6S&x2ꭥ+`qlUܴeXQ=JID~%6 qԾ eЉ27_f|>G|E"o5XOa)Zq M@ܴ-7u';9C'DjdjK6y?Q2-픡E\raSjMfDM2g:2?m79ڄʮvg@ G7U[I@.i#q4SIfP7#'š70*XoXA[$sч&|E߾eOx7V^ ArLM/.ƄpǁT /_u#ys,CxƂxcila}& Żp4Y\|ƌ-ǺSUTaՐ6csA֮EX|̲8E='IOAx¾A+R+Sa5rua, -uA!zԶJHE0m \AtQxr0!yN58;!w)^1 ^&ozzX_C̖x4?<=d9[<D3\Z'\WxPB& ]KF'6Cۅ@0=Fh*JdFId\yT- )Xѐp8qSwq8*J*r[9@"Ҟp{j&\D^]*Yr5+i\6Rp#5)'T 0aJvOEK蘜Xh '^&L.7:50r)> cʆAc+聺ql6!F3poی  ] ӨK.0ζ/4ĘJfx-'՚elyDl1Z?b!xDkͅ1䆋e3SÅ!+ih5hՖڽx2`c)w8y8B 9QEx?G^r'\FRdpu=ptp0J&ЄQrNUdbşR?n'ѽIm056r)h}n,\/1. (1&RЍ ' É5 ppIBTZpbXMN.d!~pbT pbD!o(No$Sazc9= hRŠzQm+SIZQ]9\$ſg,o7SK)Ju^r"N.\=aȥPINrdÉ1' Q14h4RNcjjp"i.B\oiN /NJ9KÉi75*8QaipJĐPc484 N!N i81=$krTR+nhx])Fu9oR%TsxQN՘g,gی}ɉ#n\xmU[A}pY ق0EQ.ޱo~~^]>7N@Z2.ވuj BE>PO{u e"g) mm`9r1Peo nX0E!3в-iA'<_d=)yIFjY32V ֫))4)BcJLf i\@V(1_DuV0RҁI+1p]G\-h.uB}Kaα^l6H?t~OD-6% TBÿ-I*I_ eXhO6TpqWmw,kG\CQy,;B9&\c1 `yMVcՂ"[Nܭ3KFTȸ4>I}MD֢p 4byuX=81:mq3z/kD9,ߏJ6]0JNYUt&,TP:5d9>r \{HLR_.-97']>c%TI 7`W𭨽ۦHw]Tؙ{)}{L̑syx=Fo&{jc^sdO }Ef0%/":0R+obء݈yAX`Q Asx} xUյlBAV^VGag썂">5<d5џ>A)gOA0lۻDMu 6^Wo ?݆PK 8vi~v O>EktZrmUB.nUF'EH7K`F`F'aFgNRQt\:۹.܏&:;cF!F딪јUdD!X-9w9:Zcw-N txPFHY07]0q(+H&Hd9>E"9---.dGaS^COy F<*'r{؟I`F-cFbFmbF bF,gd.\12v=GP,MDiD1{xgO~" F8Uь}U,#+k/pcBa5^I=+yE+Y;zGa xj\/Y,6S>8MqG-'|'5m ECU`c2&pϑLe2q?!$O^9a,zo)zG]J1_ʉj3Rx˙|`HN>߲ 8hmn ạԶXċ8~,b2 \lo !-/B;y/?)r{|A!¿:'pcUCn z>\ Ap}aȧ riDg\:rٹP> κY&feyi'buq= sMt).wf'bǨQɛŨfoTu_;Q;٨\رfc;;;;#v̿33"Wq3`k8 fC3p 5 p snfrn)f : \.̀% DDN< 0^_ CJ}X>iO\7di@  v:=MD<\}h>lSYxD{Tඉ?{]>eZ^>L}>25cU~ =}LjLʴ~ 2"/. ^hb^cb^fc^4B (9 [kcnw.vE} SWgRsW;F̠Eذ1T7tbd#B,%E܈ɖV1 æ[^YKϾK;X``%j(w ^DUg GgFܠnwdHMύr&[d)CrBc-,R!_Cx ˣbUD4ZtYqsk#|9w?k"{$:"[}W@v0wMƵPGS(J9J ]v"n*xzcӴ/r _S- ;c( )jxv.t xMA6;ƮP% ׼CUwHn0Ur%7;CC['6jwL/ݫ}M} [>nt`꾅&v*> Ū@sl|1 ^ `2%&mI7jދDw[ &*أ3|%Djw{ٶ$`lwfX|ph0kˎu@O' _T0?;bsc\Jv6{c@x&_WI Ac듰\'G+sQqʆ+8^}qĎڼd UHnBwg BI޺AJV€""PU|t@㾻UwdJnu i7]U9bMoDv6PB_D&#Qh-l^D^~^7 JYȝHA쪞)v>S8&;1r,z@% VҺ;TLmsq!$A!YK,#C֊1k]|x6>UgOՙĀjDh7ցZ@O4Ƥ0u6-ݽ< #fw)-%x:j-)dϡ0 ʂ`} _L/=VE PRf1 ?}#!%s$kh ar2G2SOTIU"EZ50*pU x9TuVK'Wt"d~guJ:kxgtI㖮 Zzͩ_t =*j`%WeAO.U ]T?j:{%)^'|s f0"+UWU檕ssU)X.H M]CK}|8r {s'/ҸsWSW.ξw_ ;@'4)jQוYqޟs2VYq-tKnO9eV^r';kկHӫ%9&J[fM֐plƯ Դ5-pp0":[Ҕ V')C'|/ĔrW|mՑ\j3]n@%u LV8ӫ`m.}_:V^|l2_ְ PVV8{e @]i̖p<+SfyP0[x_O#Wm~.Ìߕ:8'18rxD7Ɖ@|o@XMjRSDTjD 6AE6D N9OEqdzl*Ng@};D %TuZ"P+JĐ@t"@}"G^t8',9@sܾ;4IDZy0`jL2 NrP| x2 8FL!HrI$9Ex9z${KEx(XpE `Hҵ{J4nlwpMz$ϟGҡ|@zunuZ4 ~Br?t+oZϠAkłFL 5 EX\*7hZd|-2׸5n|_׸5n|_׸5n|_׸5n|_׸5n|k3ƌ1k3ƌ1k3ƌ1k3ƌ1k3Ƭ6L٣Q Ҭ!p, /fBP&T UP ;Ch3g ~$x.u\8p4Ò}Sx pr4qKT`DpIC},93}nZh&\+3f4 hњI]2Uˌ-3f4h2s=v4h ;xz{'/R{Kf5wd^ӒY{3Kf5HiA]rwd^Y{Jf%+հ gRɬN8\΀Eǭ8ztM%tm}6zJDFu_~mT}Ԇ*:mP%{$=3æn;t,Պ/!tÔg0ΐ8&g|*nU^y *[h5.+uUOߪT\궫RzEJuV^waJ:P^7e+3*FZ3k(u3f\S\@l;nvvݴ3Z̘;}-U=z2D2&vwƬ愙8|po#kc\LwLp=7nwۍ;sÍ~t >wr(s e e e e eGoَfĨƨƨƨ't1p23pʕ111 ct6bhj#45555;B#4;B-f{Ghwf{Ghwf{Ghaiwf[:6,eZxGH\^DDDDNo]xvuڅi^-N[T:mQuڅi^]x6z:m:m:mQ7v%R^_k6z6z6z6z6zߝmXmX9,?}>F6FvZ[91? ƨƨ.vvopI0`(JJ؃c]]]]]G_,&r6r6r6r6r6r6r6r6r6r6r1#.Oc?K+gP4ǀϏ^K!j|(,ǃ#ަ>^S&v`Po7zևXfXo7zz%\o\o70 /% Qe]e+:ewY绬].|u:ewY绬]y#,G =}Weዏ19zt>8FؔGy5x5HʿI{55e"f#t$'{gK3M pnؙ21DLXA&;YMR/S3ESyfwھ  =҄=ݵQZ6C6md֕8)Tv;~*>;+A v4KdՄH3`t?e^Dt'$` 4vyQQ/s )C4\X~5&ʝIo`"_Vhًai_tȩ>SɧpƇ|F$9I=0itm6i MS~.S_ښ5GMtj8[V&Ӏ>z)5,Klh^w5{XqdO7 & .u+.?5 6l+C-Ĥj IHoå83YFa-jJ4ÊV~ZdcCm۽R;/u]zQf*SFyQƆ}eυi:J' r GSܽM/}hOmϓ)۪)oǻco;ZKAejj(("U *~{?D~ o/Tp) z11|4&r%v\)j5v;ENQco ,xrq5Yh2Of5Yo'h˹^ L`doӕ`6𚴾Ԑ,O"Ql,n#u s_2 ')_D>R3%M=_g/g©©©©©xIkz/u_8_8 @~ʬDچIlMlM&4"3#w1""-Lbk2S[7&\{dj^5YWM֫&Uzdj^5YWM֫&USղ\7m֑6vdXŒ:ҖmHu:ҖmH-V2Rl ʹ_Niw!, bB3~=~YaeͻIL×q:Ƅ/g×lr6|9 _Ά/g%[l==ލV[֍VFuպjhnZ7Z֍VF;}O;S/9=Z}X1>tooՓ򉚺ԝ\~R.!s=?SSLMs4|<* , ,L+VNuFSoQo7zzd۽&-63s-Dx7BYC+VSAkـha/O6k9_O* ,ӎ̓b;`=IqRXy嫺-"v_W?oiv+VeA&D'K@<,r38/DaOjr/3\sՎHC׭7\?[XR~ cLJ]1e'P\-WzlI!?P* <]C)?& `fy :".!` EY [LhxfXah>:Kb}Dj8>ܽ "`.5 K3p!q!O𾶃ڡN?ه:oxP00i+NmW$&0haM02Ӕ&g_@$krlX[jٰw!y6;n'x {ǕChWÈM1Njwqğ#O\c?V8?9Rgh4?zi0r芚~#Gš̓'Hs!I5L#qs"1`$])1cds"va|}KiLi4=l@â +RA0wBvTO.㌁T` m̷}:ll*,,O;Fgm1;`)y$1-M ~zKS/dN/jp1,< Xp!:yڱ7BE~!bE퐿ŏsGwIIq`V>o}"G!ÒH`F rp%2t-G^Hx m )@lZ A*Ur$lĈx%5P9b<{P>HƕFЀ2Ze:^1L!\m4%v!OۢȞ`X_f0[!}:ij=Sb}#Cr?pR,k[+rAep@xd>PWpPK-({Ʉ/ݧ -m1#mo:0zTH|S y+n[䯻Eh ¨[Ȭ$(#aCٞw 6%3'7@@* o5c*)7<r3Wt+rڮD]-eIX@| bEe!b>{i o>Q Ȉzجv[H/J+eHfj 1;M[a-l^SZOЀ!h?}XTE 68auJ#?dHY/vQpfo)Ǜ(;19OFYnP,}* )!־(i Bb}h-n[ߘ dٮiM6p cBT{7ƉQx'2gVopu $FjqyL]ړ=r78g`9 c m 1Yq۝EGGݩy(E2^ R$ CY' $8AnM$0iE>{y,Ki 08ɸ<6T{{tDZEZWm`9@"mP!l?D9WlY@{!d@#M<ǐ =K/EY)\i|9Jy@Fta UgEK3It;̧Hn|%iR9`M{@@`za o͌=ڑcSэ׼$R"I&jG;%viggGI H"F.~3Gq.GªB*=)H')U99ytB_DdqњK QRV-amU l 9>,S/^r砚s%yB !NހJ9| L/H g I xzN~]҂"HY: +;=J^V`R~rѯc *jM#v=Ow~ٰyͨ|}XBZ`)|Uz7AAO1 e`FT A½9)ƕ5GG® 4r;>w@^DMQ[K#E"aΛY%!*l;4AB3v^28&_w>OƴM׶>G5d!sN/,lgtJ;m?ނc^OOt.pIxG) %×`ZpGudi9`4q3Zrj6}L'\9ůM 1.@Ny8QKS v>cwPVNElf ){  ,mbk9WswB\7;4YxPnazDGH()KeasR+QbL)&2LN 4ų t8aymhb~'Ə:?^wSKWu+ٸhOJ6<5gٹK9o`ows4jA){v#k rf+,ź[ft> 3#*: aミs%XarZa)A ՊS 4T Idd)?&s!cv֞ӲQAZl͙6xm. /# |5hlz,6uNMɺf10aM/C,)Lb;r3B"Qa $f))*A4]LVWw(o#GhbY0Snӊj ȈfVս?pR.,6 v,Kz][\|I`R;°9- `7=Wkm`A%2UFIt4rX͉56%Y DvU3UKP,G]:"(:: +j 8x.,oT yrSolj>LLXrc/-cmeb7âgFXY;ĺVBho)#وGMkSWEʪ8SZ[  +Muۍ dlqRŲZ5 @6F}J;5*D'0̃  d#x&FʜQYЛdlezYƨ4Pu ] G%d 3O}ZUD5Xz āYN@$T=Ka;:-u yTQ!+n(Z +EwNP2N8Kz!b)JBKqۥ=b;L&/SmX#:s$Fs8"@%鯘ҫ)n"b~B[[;D ł[$IDŽH7͒⪈Qh_mƗgymikjPo0f ,8lQ%t:8)F$MmNl征{Auߐp,9ϷHfu%yAL3ɽBEP:=Vf3aSva2ܲ}Cz<)C.T o+.Nu}JZ/%CO} hNO<MыFUح]:g}:+??rpIJjbItTJL$"sthAkWT(9R!\Gp;ˡz%;C -*F _W:)t)ٸs/{Ab.:;)o?mB>D˸1).v| : ~siN68KmB|֠Ryc0j鐷n)wɌлj ovE}wTr!wa#:rt*# shJ(Mߏw-U%>0y5hvw.iݸߤHWVTk!E? )VW=$'mI*:.$*>6)9&ZR Һ#$wi=}DBkQfm$!6(i*?mpa3Z%yRAesƆ |'OVL1߆ oXZa8̦2N]QsFhKv쫧Ž-HHұ1UGl~/bCvA@@Pm3N^e?YE L}G5]l7O>C"]Uq7#1iM\WBq  L6RV%;0YN7 mr' 8M^侗eUg2@2/f]ϓh9~;+DF(z{N^t}Q&A"?xs U9AÝIn1* }#Z2Sӈ1a,ܻhts}LbъCzq[Uv™U'8\Mmr93jt!mXc;p4v `dV˰xJf*`ʏuġ̢l.*4yJi!6AJi"X( l,ݚ*4QnƃjJ;lF؃#~O1` bˆ.7+ac_Lj/%;,xY 9NaN833L־.ߜN VW9crx< 4w? E=H ;%Q":j,HbZbDEesvX>0{[X$f֕ꞘI):;bneu$ynQg8oAl`Isٮr' CsRan6>N4?b󌔘T%+;n#FPitSozXxubjtm'GpœƽȕX$Njwl !5 \^JjP̱'>ݍq ]ׁ^Lu$i0R;nM!}aAs2|e㭎R!]%<~/gj%&DZTvy<L$CXV#@?3mPv-̐^{X{pߝsA`cD5ffsȢn2V$mz*-nMRsZz3(qCl]nyv(b=^@{JzhnKoSڄk,o4;u3QT%Sm<fqcFJ&(8Dx(9fjnGZ{8}La#}|;ectGmشi,hsJ'(˘6H#аG|!*xc:ߓ^P•h 44hixjƔ) `=`]UTmӤ=to|Ihdk6qyt#VJB^VYʝ [άWؔzMFf`#Ѵ5L-j蕸_*d;%2=k~@9쯄k+5 &nWIv!//W=-|ٷR2o+%=y48;1mz>[K!0n(\?whܢ5RDaXM}Χ7Gq vJb4aNza^4@C$]J@%Jz6V2KS|AgVjw>l٫ʢ & !><9=V.JQX*'W ޳lQ_d*v{Wߖ0h5bwtN\FJh(`Q*|j(,yq ' |txzCLu?\OkFnV0e. N.F:JheՂj FAZ[3Bux꾮uj̿`bVrHˡ4(ҏZpn`ךQVEth^]@d9*i{q4;Sq|HDywuB⑂0]NZv׺ׂy==tih]55DwbwqE(Bd)ddN8:άt($K6)F{vBQ&Tyí6ُ_b v L֎􊉯z[n) R[Hmp[ӛ2&̎xX~/럿ˇ%_>ÿC5`}h:94|8au=p4$^,@E[ ^I,dN%\~`C ;saG {?i&|N"qQX&&4x?E׎VĦ4;" }j_1@栩gmܫuI-@* DPȃ!o8EF>X# =@~8nn.&󰂁L)Ggu^/k:zsִz#߳o[I/xI^l%G h$<\[4!͑55oK5$͑g0{݄2Lr8 15t4HD]ҝ<+*jX*<~MS-of‹24as *ctHXd͠{_y%fL̛Z]qǫV) PY bv$/S &C+0`wOYUmSk!aLE+j`eX]SdFui RA4# ,u6X^+[aIeWeʑyJÏfI3lSܨO] _5^MOs MbLo6JaFr])/dTCmO ^#Ǟqck`gD̃-1+ʐRdtlѺz&w7 @@ RH zI E)(vTDE"bCD6T|PP *Ho =swI>|>ٝ39gNs!b(3v⽻DQ~k5Jx_BŊ }/W|:ݙWQӄs{SoA=I0kHfxԠ(;=+{Pz{<}| "Ylw FK,剟 qU~*v;QS[p{I,NW2ԟBҔCH],"q'5i4u*:.QGZt~mOjw/g"_ Pq9wGT"a,* j578קR]r18 T8Os('{Ԥ5S= *r?Q6G"5L1C@@oybB|9bZ,-JPe _> 鈭$p6%b^|J꫄N@.eK)>Aݺ_NU,@oq@+20XY "p#LZ&LhQB#4 k4㗀IOcs(*&p)5<_ſ&Hzpnfm@-kwFj)R9q61ZE}mЇLx$g⇤ b+=j:O)}Bąo#tb{'&4-RRL*W&'TmIQtHjLqGPJmKڞ\6=9EJ L_zX Jf.ykX8M׾[kɨ&u1 >髇ʳd|T@vuJ|z2D̕U"ޗrr5=AДӒ4Wʙ}k5)g7{9Br!IJngd d%di)NB!?%Tp*|!$)&GqKĸw"ZPDwv0* r:&\O_+Tup%>}P٘kW7 _K9!տn'S% U[L7q1Ϲ\Q.B\|WÅb>.vDoF.A)WﲕVVpդN+]<*<ϐkHUJjZ1PuIIRjw˜4b=ǖ:oMȏvT_12g @^InY'S%wT{NYu¤@ :G۞_p;e.'DfSC$=mADJ Iɤ!H ϣP_Cnªf#dSH8 0ZHE7^PsuHa#70NPs2d7Rt@44 (dxP^z^FϬHORYLbɁo ϴq cQm1fEV N;)a/( A172@ ز4ހV=KLL NbOք{O/UeQMǵPtk3_wo7|W--#݅N cAc£S8B'}6wR|譚ɗF)f*cNL@ֵNi:Qi6f!5]H&Z9h 4-7iH-Mq5 %,$S1 N f6`f;FP&Ӳ /Pjiqzm@ooj7;jEQov Z#ni̮Z~rZaV^\ czh(&=JA>imJ~,װ³Ib<*gpx~S4fXNan/Yg:ls)*C "6̛XT "WKPj^p9*$a`,Αn6~M͑<` (M1^55hO V1Z*%D9VsPF*^_?IAXi:+$ѠBٙ8[EJ`?D s-?IlRw˙pZ9 WC'* KҷG1_g+}aҐЖ "Ӱ2? G*cMH%H P6}>#>;q/OH_Xj;IgϣS  重IGNVl$G4f|:CLnAdr[91AjA{{71NKʍH S]6*f27@9*#S2e1%^j|.$Et//j7u=~ԒV"t(nFqp ‚$=+ 3ÙdNw8O#^E ==5N S×HVJLB1)|?=C=2v $T·<LJ/, Lb5;B4Ϡ00*#ãH4p2>A Cgh-/rF9)Jl.twk5cŖ:zZ-Q ؆VD)Vou1sv9K,̹#[H Rx.;L{2,kj@ߗ-m!< #<=<}0lȄ$zO"LǶO1XR9*R87s]yYucaD1>IBR ?zZIP1ysKcI\[R<>sXAؓz핵"0iV5wc!f =끪=km+ң?$ e@oӟV|*UӘնЪMX nBC̼όެdl!rA233V1?m*zZ'a|ߚƿmcp*~Մ(4@ιr!F.EX:`\H6n]ċCE9==V-"WZ3: qd1J(="JV'& -hRvIa 6DѪ(P4dZ@.%,ZPvyLR;Lgu~EuQ[ 4bXZsnD ӇewZ;A,tWS}Ug T˩[OJj U7`g|Xc34GX#) *ԇ-~q !壠&k1- jgIsi| e)tex|KY1DYw3)}uz!>uK!`)Pva=xE:!ZR0[/sKx n4Q(H#C2z>mϓmtwS;[I}B85B360,b2-UPŒj% ֳBB)(NģӶ p`곶 9|b-S zЪ ֱdU8_f 74KDn٢!T 9Jd[Wn`m,M,pjk۔Rh ļ3p`|+XMOMAX. )Xڎ8P,+elF#l+'m)jW i Duh-2S+_TkS*b-Qj-a?{jRɃ#,U3,v[;RŻҔZ%PP4$ꢽ @]5iίaL7{`ݵq,`=m؊!kO KK2%F]m/9C6}f+thk9S4vMq:b$v5АSl!Y"ׄ~(&ĉ=+. &RV]ɚmBxںjm --^NE,0m!ġP?A02@:h&B8{dQ !H3'LW t $62O"nbf R73-b-LZKql%A>dP,Řm%bv @1nܭVE L?Te' "th"Q&#mN5Tvhp̩+N .|H>gGS/49Ǹ. x},R)aԐYX_1]M8= 1LX1>E"{Q~1pT,&FvWq }@C&pFCzwPB!ַPM1^:`#MJtJU+l%[VCpG!p?jҹ~| 13±I=q ;4"563nj'5)ZZNi2tC9I߮]+d4Z1YT:A 'ymZP̋ڟ|wLPMTlKwj2ɺm,^{-/-}5LuG4|/d,qV~ 9xA`?v2/r!llv]d;-VG/>O~Զsy[qc 4Pߣu^\ct8WSXC-~ꔋ48^By|UI:OGcЅd]OM5u"&C*!6"2"lj1*jhCu0E]40@-!+]i!%b՛#ի\\m[uDlK>sC>5,%K9GxH. iK V u>Eڔ98[I^i-Ҍl19W9$zs]m|>Z-K-(a(#q{E$R\U".wV+IKuk~^.9~()\YA92]wB:tyYH8xiuK9·ty e7Ȱ{lςOi=@/ɶX5-gx:ڛb> An}uK@]::| }ҁD1fn730]<3EO,- "t.&x #Х_TB'g$)(7b4&81 ,շ2Be`q xVlg-Al.66Oq6- lA$>ydvJ]&u;0G{~HЦ1pP\DZ0]I]&0&s.cC#h /@3uR лtDbfG0 63r\D;:EN (&D`1Xx@U HC~OHﴑ!BG7r: &vU޶{Iև \>קaeH+(&c]rS4q(-c>wb}0O(3{̳lJ㭯q|  JShLԏ "ǪYGIJBB.\x+VvNb3+Rv|d.%ȑ&p*3#˻^^^ѝ0njX1, CM y.Ks `KärLn76RgcUxa:`|K.08AaL` yhPm6W .B^==3`|BmOiHs"--т`Gm h^ւCG?q -z*-hq5D (;n@moi\/ܶ^ nq6h\x_ml qڶkkx6}>MlEi<Ђ ҂@Jgߩm4q>-x7Zp7}EAtT Cx~ւ]6< U#ڮiq\sSqE~ICdȩ_1Ճ*@N{OiO$=NGNNl|"q+"wVwс" @-1fբ%Ղgqwu+Ļ /La wIòck,j0UkPۼNijǼj61_F6|!|7ǜDyAeYmXu$  xM,fJׅ\I}UW@gp3юԿK酎}4ᷤgEhy8*"c6GJ/vs@w~͡'.!xMoXmQtN'^%i_;l쐈tI>JޤPQx$*͋4n|k30Tַ9O*FS^ M>\DJԤ󰋘v0໑pr;#yqʯF_؋C|:3EDn#mqB,}W_h,=G'u^.<ߵyڂü׭wu7tU TD7!M.Dܕ#|{ fўj mES}A5$s^>,EEO a$wxkk?:[gƖPdAc%ًu5X/xz%yp_Khlu,\|:7IO&B;s!˕xaRHoG}ܡ?aw{5d!o8S{f¼ Q 'H,MBqM %(f:CkF׎Tv:dnb7/h+Mp1mO+ܧOh袈0,k^љ4|R7jE>b<5 Q " G~f#3o#w**ʮY٠} 13{}/%k|P>oA&@37ڗ MZy;x56k`Lsms`ï}W _̕_0vm^;Xqv~Zj[;w~<40–9D QYǐMW!mGs 2R_ qaެ$(WA-.E+6̂l38R@2xD%4Gu]ADmdVqOuiptYg9lHӿ^r,:0 =ʊ(k5XYg_ ]y Jо)DĻ5IZHX h%ut~${aKe٦أ-.b?P g@ "o 4g,`2QYfe29;=k=9]7M>OMOC{+A2f2xN*{?~uGqz #r"akw䔃57<`M C5Trd(W-8"1r mƣФ 2ebD/Jz /՜mKegJf&qdN+S[P6iH||ל@x /.3Oj#xRH B62,"=e@ =69 4QH\jg\F*&\D7iˀ`3'$RmXmҨvm]tvd'q5޻,Ґʃe;R'a'/3oÙ␶xrG_u-9c}́&"Z@bYst~I%%NIH>AY^|1V ج='U02̞nfYk63B,)82but/ĽϽFY8ۗ~n"Ȕɿ툮 ]9_H؏@r\.wm:zW~X-Q# _7T$;]PB"b[~c`/V |Zވiz=_ ̡#(]7!nwZn/clތN" jV\ j""qXLq"e[NaaxX9e؛/Fb^~*_ G Q(ƩÆ8ȻD<1-S\Tb>&8H U!|,JiY ?#w곲{sn,/^,e9, hYQ_ ƛTd.VɬJr5 m] ?Р7U(6yӄa'USY([Q9x׆D7VLڣmd#ivNqT-nBdڟ;W]hJE/CQr,j$ m TEi5-w7p[TDɭA\QW~}y]h&qrw>WnYL1 (k %tI]%j)u-շqVHS!?6tD)r;J 6R)P\X֛m4c#Ve:$TUJ*R+i8bک6UZ'@k dY/NU/x (W:4k;IRUJIڀ&ijSj CEcMS\@R)yV"#]Dp!^By1ԠkfmN4mqc8nˮ;h2[ViΝ]&Dyږ!}.nf7Yq|}*Pҵ a| Mp!o%reG"ڼ>n ӈOG_ɽ*S"+mÜ^tހ#U9Qa czG\(⽺ O%dDU]axZ;:HO ??N)ʢ꿱6o7mouވQ8ΏɎW1^w5]o#{Iv'b$毪iaJ S*.^4►Дk{LmjU:YQ7ans~lP^t)< 7hRfmjȄ])eϲHY YJ!BQGH)z<[K)aqgRM#ɸJq{eTIF%JdTJZUJ(* $2Tya^Wp{D,p0)-ٕAQeaxڐXd pd -9q%|aYxGv62rW>DX]\NV]5f%^ǩN{-͗lznmv]6D i^|wEڃOߛQ~{1ͷ{Aiqڕ_lOzM$j!;zeQƿ˗%?meyR?O+8GO~~:B?!*(I 2"SH^1dnS> kHIeƊ^DLU nXAb}ֱ`*YD9/)gn>l]J5=ָySp=8|;5S"G5Zr #Sbcޥoz36aS2$fr ﯩ =LSCM ZՐ S1 tEsϏvvn ܑ^hB>@4> &&xe1$` vҡ$O,k!3bn٠U# z5VT`eҔ"%h qPBi)'y<#R3[8Ey:==-nAdLeC0> <]QQRvu'JX-M s 8G۽d/0 -A025EY âYxi7h$9 !fLp܅js N1Q/ >ZP&͒bTm0΅Jp|~1{&.u5wQRnwX A~uUpUu0aGC* E )ALJqu5m_D?c)[L:󮾪 :]Sr$!^ƒD<s<ƹv, N$M*M4bbއMRnUwĂj =~xh|]H8?OF…krj!caAo@b kݐĜAC\px㫢jEe(kp&! t4 # gloYθF6kge}/vBQ YC˘#5&,OYa$CX8Td]?gݯ0UXg&Ӽg &͓ "l1@pԇdw$V۸(To?yRX>czc2(u%UȸIe&*˗+Vc]ވ&bm:=&o0nx[{ Nlv~Y"{qL 1D 7RbZ,Mip12D*WE&otY~!%@?zEe`2ypVm{lxL\5.Ghl !-af,:i"5J7'ri A.zZ<*U!®h. C@qm~1ӵ` jLrh5LFUI2N_T*֢%FWZ0oEc[{dc/I`zl\sۨuOTh`QIߠ#l^@pCCȚA=D7u%rr}hoŲcFf6&(ɣ e\L'bF"|j۩k# afF)wd)@2O ;G@eajE? e%.$̶_m}CB# ~ȥ&++TjQ!t0a(rJnq f]`4x" @RQr7f5Eoߪ ih  ár4yR¢a~ L;~B=ςWGzߙvEewI~-rZUTdMJc;oƌݖǛ ^`y׮ " {VNz3VCbgѝ; 8}e:m%ONuYn]&tBwݸz6O>H`=Hu0& ux* TJ69NwIJ'Sҵ~F9+w{Aa^0Hdq:MRq9:6@휋iu G~A{\DdG8ui::u '$,y:v!rN[:KVx5Vw?ʩ]?B}Pʌr|~7_|c^jfjxPb_߾Ы{I4p21 aXmk(G[7Ro_qW^I߂LNC@2f曆WAt6˙*vM7I,!T|@sMe إǚAgY[P9QoMeG*eq ЛYm&AnИN,(!oB'9N(Ut?-g=Ys +Ϭ[̃V[jRG3Z̖S2Sr\ب\uGLµCu3:^oI`t{lW>6Ks0QJҎ<2#!1<;_*tfxPfCyrxN'8yZ!YaxEzͪ95bDB*4ҫVPpN` d,3ҋpͪH=J`~p7Dtm"/g#v K%D/}9*ʓ6V̓Zs\r(ZK8mejcICsN=[gʼn.8[C"ƶy3hƤ_Ućf~oOR8,Mo)9cb)'"k\&l=;:8~;(X9h/6wsꓮ1uXtrf8_1Yo֘M:r.Nm=c6FԖrDEKeRt}yM!Cg[up,D$и Os. 콜 Jvu1molANmcRE ŧDX ֲPh eA>fM`^TAXƃc '<`}8q p" YYqFpU,MsWd ZT%۬iPt}akLfi;Ǣ|ID=7vɟ#x|1żZb3c_7bIٞb;Gwy\l/sܔ3Q0{J@ gFcLч UX8S9D֤ӑFnO 7z.۔ty5pQ=\ cY2$}@:dj j׶8?N}{wIHI8 @  jBH HQ@A!tT)X)J ;oyʼy3f+<(z)g[Qδ%X(\.GwHT.*&gFtvTЊR> lʙ[rj6Q1r%dJaĆAB?D9u#CBXJfrɗQAݘH" r|<%⺑(+|׈sA:%F\KYG9pj.%C x$*hzz INQ۾܋\]OX %zPڋxNRʩf)zJ]v A_ҡ*#(]U[ J~G:A$ aI:څE, E2_{ jN(*N P*k~2c\ޜggE "iUH[V.S:0uQ!VE~nn*q:2褚d$I9$2Ic#Nc~<٥%6՚fOH{\ߵH{]4AcB:qlWOBڡMHOPKݨ52b a#G[y{/BTbrD2rSk`]"3&e.L@|gF%O6'OѐJ r.щ" 41@"*9'q6Q|A,#*J\ma5JpxTcdc1$U}uDeobGAm{SbB_J"hJ<yd|Q;V7y-5F1aV3H~Yh$aM˻_ӣ|Ky)$_f?%ѯ??MIMF.;}O!1YDyLBgٛQ{ &}z:x?Μɇ'ʫ4款*'+HIZG$o>{A=@Zn:Q?:lzaTnw4zbLw a^=El=b- 'b h8K~/=U1[:r8>= JO*Q2Te Ds79Ę &NvgY 'TR-TfhoJ>K6nv;+V{sf}lEbdgI(A\ScIQV#c>9 bQ͉žNul,"1gɆ}TsT92 0"vIvxc*䡱 kdF ]JgPJ+JH0~rYê g"aQ&; 6EM3s| 2)ٔۧ%^lxv(3wPj؊6f[n@zvN={R}ۓ[[C3[zz+ȉD?qh,.**cP̻e@32Z~[u!=rMVsZ)$EI@W2fn䴇[-hkZ})42ƝzI80l`G2pcuA<,1K*nhfZ>mV'k`"0#i0^gF{~\y k-:i<,4 Tin_?9jƩ~MJw XռV}0bOC4GˮakFa =I#`9~X59&"vOlQf6Ϧb~W / \r&q ik.bzF!J(ښW#gcQ/0;c?qeIZWCV?TXښfѧe iKKΩRVgt86h`SQuњH= :ʮ/$Dfߒ12Yo3Yx{zl|@'4*P4(Ҙlj7PkTlSAfQ%S O]fy4~jodrdvQLٝ#q=@%6^ \+N3Q $sh-6Cp x'C3@P81j&L%јcY|4x* >6RV JN2nqX^Lc%&PXaN-z3@gT[u+Rv6>4E.c%ɼr?M&Ĝ/QK pIxn!.ca<̀_ m.bԉb')l[lT\ջI Տ[T2d@IJ֩Ŋi6i"%OD l0Ϫ>`b/=@\ʢ1 -"g٢6$ǡ/$g 62! dPmad*s(ƿ@?nBC{̽S`@:EE0-.;Xr!\{ ʀW Rȼ,vܛ^YrǓ(6߹J&dO'6RO_R"5GHM]ǏLH)zCCr;!#t[Br t}`AƝfI8Yd^QLM,.0 i*q7:t½l!A-͔Vh_vH1 Z2#~h@fWП 4%+zp1E t8NNǵ8 Y>b'œ.xj0uv8q @ܡ' J3Ry=0XLBe>"*iBOs1%2(*7_e&S!D>9̤e 5\":٢o4[P#W &W"cV@B%mFK̀9@?r~)XwBqvp wѸ! Fí`'Qq~ V?dlGE hGqqC$#@a:)Ƀcnq|z{Ftib<1p^8p Ѻ\`ࢨ }B h"@pg|#H/vT8V1b u',s۫=rEEc" zQ/o`v=mX䒥b& ,EWʭU@jֈm HX6I:ȇ]/V16pqQ%l\rJAD꘸}*l!G0fY5qy:<r:7e E E]uPtk';ϢotSLyF\h\bC} ӵئ`i=Ҹ:4W4NnCM6PÊ!\{ݏt?"4<0t.RZ0$JC)ja;QBGI4De71 D l߀o6fhĀ_61(6#Rg Iד-,0 !גyf mgM{p5K.p4iP[&%d {?^JѰ)b>4c0mR5iju`U&5ĭuyIi*E!HKs3.a 4Ф痡ɻס $[Bэ@+1L0k/vJN9lsEi,-VZBZZmcµնf{$wc4R&0:hrI< [c)c&CN'iۙdaw]\rb @H*`;"|P)4d5@ Uq@_MNЃ~ L/q@g Ɓ b=X2,GjҀPx& <̟a Gц3Fd`^``cUiE h 9#R@yQc!4?aMD0g.mŎjd{gk&w82j/1D#sڤzFJŅcQu>U_7E/h7q Mm(vh݀bs s.1eEGh+ܯbp׊N: tUMP"/%(c?)A2'{Z9SQ2}MoW w(k%e8م3;D{$# /)pFDB2R?nBi]iyO'0?js,N]-W=epL5?Fb]?wz;%yS;~f҄򘷵с~)ݏZՙjʼnF3RqjhzGRmtə\ 7Qvcߝ !, a0Q$442')uR$3@:Bm6؇h^]-7$XзxX4[ Z7-(uYZW8Zcr3H1/f:)>ݤ/m._tڤNmA<ʱd,*vT R%g/Q?ZZҺ1d8ZKʹ2J6ɹ3JKd|F4?XrM-.mo"m]FEOQ&ĻVwh\`Keèa$q412V}h> 5]zf0*3^]Q`R# XF~-xY16=pbft|9|5`T@=(v=&f֛Y6xE/l_cDg97]|mnp_q{JxVo0Wu9.[*|"8Zo@7\Rw@{6A3.qQiB#/3p;tUN&ψN7}vB_ Nq9჋52hnp7M :+g '.|_T/q*%|b斎['7C6C.8C͗Hu=u}3?']Vc#BqFs>]-ulZ/rC]G:kDyj02Ѳ*KO{?N./ȣxF@4 Nylkp#*廘Yz !gz7ΡZM=$T"ZC1CmޓjlU>tsaQR:r Ӂbnw::G]_EVwûRQ(4ߩ1Ɨԩ#ue~WWiez1V_jw-J-C(lOɚZYmLl+5)|;f(un!DJG=DxN7@U}~!Uq*N4D]'Hub0 ToJW[`o+ r@+/k]0WY A| :|?=b݊xMQkli#"CkB.b~['^ۅA)v)b7ӹ|#ԺY8yໆv:_p ekA;syyas:^t7:ŵcPon@MP}1vW۶RbM7]$@ul͌<]_O0;mЎdYvUۥB}"aη\RRZlYGWs\lfNY8I Ў4S) @&2I#z 9 @pD5ՉU::=e$rSXKm4x"jyqNV1sRT83pӯF`cSsJ)ucT-.P6Ʒ 0(d:v@ZQR:iɱvDU [beZfE#h{z7@z9xz&,:G:R4SV@9'OeiR{3+- û._zo [T.B2I[`}.zP(CŋPJ3(W墇ZHiDOn꜊`.4ÑjMv413Kx\jЖaj㖼t/^:~pڿ=@8L-l)x"]%plQt8҅b:5v[ӏ-רKraf>.e+lky[lGCUa!b*^yGewh1-aBʓS؍>/aЉa?T[2fG\R a$c'WǪozC$M71U*C,o జcD5պ6kmOp&Uk)_Z&S՚_VǵA-}Nc(rNnV"ᦊוJ[~">w@ìK?_x-gdİ6noeň/aD @c*{XI8]X-CE6\GO`BdG_m`R1b9pqkή\uO[8I!ߴuQ+{Cv;~Nf+쎂=!Hį: iNBZijoɨA1פYoI=1ddvVh_cWdzCq V.`xx#Ѷ6Grn]g* Z>VS(Я^D׫kI3C8YF(yЁE1UȳLHE ۣ ~/_Ttq-LεLH2BldRG2m|Tlj"puQuʩΪSs] Dr*9qH*9z"9z"ٝp'G:&G+>;e>n:MfԊc :q9ޞ#N[d:B˗eh%y^ w.Fȫϗ9e!V(q`Y&!%8gEh@ >qrⴎ6Ӹ3Y#D&W` :@STx{@_1;Bp!>˨ yZ*}~ ˌg1 Y N@7A\`E8]#riWL` d$ VxYqH+d=03gC  ◐,-RJKH-a]")DzY^ +C"ha|!o)b _!P~%1s cr_-Nܳ惯;>MzN JEz*8rd0墊F:Uݺ`dVsK{LtHq[[BH\= OvcĦ|@jy7| 84FU; Jzn #RCnp9 T1 (3>]mN&$.X& Nb mS !$9o]f=#v^u xnq8"W?lm ;ε>)P O7eF87 Kg[oUm 0pmSX;ٮ:6*Τ-ӰkLt?ۮ쿩p.<#b7ڲ{!lb 6#&MQM /IƗVAd -FST NLKpK;0_,ZwWX0RÖ';lDWXK{ 4 seoتf}a`Ye"D l1Ӂ0𻕘 cx0 UgfDDL2=/2=!%&]鿠Wd:T_pӿfd)\i:]ݐs&+"XFMu,^DpSDB /Q%\l\6RlXøxE>$Lj Dz7ppʲ5 D%0EK[=> _ysxo8"=q,9YؒX)Bts[z{_8@-/x?7x@qD_‹poYK8ev ":}(v(?BU.*J*eQuE[5*( /ue8-VUT/U\Q E[kXIʓDdsE0BN`s4b s" LaAnxnOø1‰%(#r.ƞ"M)&x 3pg{J33t,O Ks+Z A;ԊN4E0)ӱ !>{g}'aqüĚpc(:%m$1^?&ΣzK^::!t΂LE(;NeWJKajhњz)7L#ӕTX7M>,XhZ9a~%ke&!q>X\8]A\  :?cŻU! +\,]Yekt*MٌxkFq}W{|NWi2c/1 ¹uWi0|t+3*R6}JB+5ǢT[VEƌp2V7lc6X$쵐TR$!2$k7ԋDZm@5D_*s$C_Y5&wy2C`SeK7tUk (}²ɑ,G¼~z6+vʪRY;ȉSTXZ@ΜŅgm5\ٖ؞ MrZ* V d@?ZdC C1TͽˉJLKqv =G;X:]R{蝆]qCLLCF]bРQrGˢ_.؊-$wSTťܻ<:8~*#6+y߂\ki1)Z(6f5T_ގ}yAٙyc['VX9_a2;rn7F.'gjVnS9QٖndQU:JRd{JU$")&Gڋ^X()vpIIggc mPVG_8%tsj-W }:]G[8,z=uĎTwp$~Krv S ={T RV$ǹ\\BQ5d4`WW{ϝNQU[-ւ8+~v]B"A[V>q](uZ ױ8os4;jX)xl/akfC#n2ʆ.mCI!v\9jɪ gt(a؂ i̧"AXILEyE":RN% ~LQάqh=r֎q*2ʣ ^շ.SVQ흭D(ݖa44Ni"hت_Q 053ҭ57Z;Py9<.`q8T*lu19@oGk0 d4!M,LN蒾"ޯ(H+V6WP_#$ҥ7!as6 on?4җd Uw>΃1GF[ZI&bwveLHd =|8|4#6>-8*+q՘WQ۱cʨ ֥b~^:cKQ[B!ܲ@^w[/;{rO*/t߱eH5h[(k7J"wԩ'Qu-Ly;::,Tڊ{`{ BU|8^ي`?eGQiT:Yկx+[PS{c δ6*)Qᔮ?V[nu'͛Sm-|%н~O؟OEl@v4!ET>=K0;6v:Ӛ=dW-(<^*H8)c7\?f'|?I1B8F7%@!#f+|%폖'j W33h%ajuxTBlv'{6W8M:8ߩM) ;R9 m.P^[jS*%p5&h#C:JFT~GSj+彋V)moƭ.o)5Gr~-O$%F#B ~ o~ )IWDgJlĔ>Lk<%9`Gr#jLi;hjO=E6͠?)J҅Rru#|V^oi)7EڙM6 ϯ%7;ўJQ*8`^\vqbO866R"ߊF,$6QMPIVT+JlA'JC%!")ӒZH dG/D5k((U-\O5z R,&E{KUs_ʭT*PbrCGů"\J*XYZiO.+-:j5)5\I H{wreC܉IR7TZ3P*uQdN~fSJV4(ؠf 3Ƃ3\Nf68|i_YL10}qgLH%/;^hLc\mFajB{L[o!i>Vmϛ-UkZYiVDVs$6ES:5ԓ91ۖߍwwzX~>]v%SJO8:d^]DvUb'Mbg6Y;Tv?L X#i܃\.=h wH~KQF72>LYZ.$6 JlP & Ӑa21LZ* F,|$7ޘdH1qn% 4@ .5Ρ>S_]J&$, kT XHjVoOؽ)Qe4ԘC xp-Q2PIuOe0qVV25B f4|c(܇8#0#þ20A=MC܃_wZ!Ӂ949a5h|j(s]r H> )BYBG۴ɴ oHI.}}ʦ3P*,VhCӭQIĩMChgۢ0f56@H˕w"aF.˕&|P\TZ\lKDUWA{*29>a̡֏7,oδ#OzDWC,,[—GwY}bhO^l#ъ6r m,hV*3-!]CV5*ֹq<;&N5p޹menKX{OۺGꔀ>'f5RYu❻YFNZm.0\ɹVa/`kE5D{l?g+Z%›Q(~i56<Ӟ2Fpi۴d[)-;pkq <2x2veqotd̽1<>:FdH)vs oANe m;Q,7 |E;J2UUJ`xCw.ʒ P !Z{ׯG~ӋQӛ^ݨh v;^l`)<+9Pv4EH$vv 6"8`(ENA϶%o剔!ކ=YIl|wT/7~+U:;b ]すQ!r s[D4sl`UMɄqNCv3- D\4&zɲ3"*](+mP-,ǒ)&jtsm6G+Uxe8ʺ1G;da(bYzfY; V"BMhb86sr|lx$ 7PpF}mޗtx%[ #YFA/Q)PJ5y娏~ *'Q,"-tb%͢jd}\MMS'R+rg-e2E*RXJUsst?~E,gRUsU K~%uH2+P:dM-uʐEIKU)b\>[KwՋhG?} ۗ#)0}0lzNo{{4 ŷ+ⴵFD,Pne-եɵK!Tϓgr'A 9cewswE{mOw']*њSz-'徠D`?C5[^МB5P5հ0$QΔJ&%lgys +`hq9cuou*rӁ7y>Me4zE4,){%,86j='nixp?m$iV|Rn^kn ՛@ï6vP=ʴՒ̜44aGELFB &J+ڥ*e+ZtmHGK)i]RpJ})QiA)_R$fc쾡EZܿ X{dLE|VIauDdٟ4z{V9(ۦagV7C/ fU66lo= >S]aTfS]/N׫1O݊yGZvvؠN):>?ݰ[!і`UH8:d~<|W@pEu^Wrc(шgtOe&+G7P܅w`,oٛBɒp2Ȼ嵲N__ffY+e0ݾkw;L^%S@= =/AA㒻 vrIިT(YzR(5YQ-#a& MMtq\ZGrjS|6ɬ6U&զ|S7_L1QnmsטH/H zciXZd[ 5jK-YG CD:w::vJh@Eb)T {ZЧKtk*o%l9A q8@)_Ggh=HWܩKPT}`SK{S.I{ufq!,2&IԒ&g!o4{,x6|9Ղ6i7kPqbנ[0,W> '^ <'FaM8+a=_ZY 30^}+<J8$Jz!3ΏBVt tWқ7tZ=K K$>Gֿ՚ung,}?iՕaI)M'Ui;hz@WZ/[k@Zs/=~ԓ%e,EVOjA.Έ/АIuLAwIK:--Cgg./q+P/Ŵ`SxfU~] 韠2%Ҫ;\WfߠNoxl<-<ИZ*CIloSMoV93h*aJ"I)88q  'jf }o;*tNs$ZVt\|@:09.BtHpBխ>GZC|>Αc{; YiW%p5TI~νzIǚ2yˈHucz`zW|Lw9h~EժXU&ъr di =t)?Z֯ii"Y+U/3ii/3iuky}(K\k FfbIf@˷-3}ە\C;//nmYRгV)ř-Π2_VUŹV/ĭ叓J[4  o34eEK{#35(:? ORHek)j\XVK(VhFvJҤb$#PCvrx|@5ȋL.-w$QKܓ=ڃ au4՞\x×'LRMRMCa?+S|C.Q"hјZًf9=[x:SlW(kk45q//R"b)mHu;'lbH~2sW"nQ!f]}) (b؞8GĿZ U#yK}B|ϒN  JBȟ[-qa  ߣ.緔mL<Z+ @br쎗);~]hzzF$mECĀ{1W@'5Z/go `$8Áaa-`RV` tU1ma$7b=B1ƐY8 #qQWޡzLY߅KAVn㭁*G`DD9˷VB{*%AoK>ùL=P(/y<| |z2xʚ%`9o-k9.@-Qe0T'Fzеp*)<>Lx| =H$oӃlߛ09(йL5%d1qԺQh>n$V*MX@Qh>>R.VRs_t"JW kKĖm($}c"h$)#C oNZ7Aq+J3QS5~n-U#6@2:Q(&(]b#џK 5Uu ("PmדN&x"jE Hs݀&ctLRF-x}68 HFJMZd')0^)ÈYt[ɭH-Vk5KiƟ,V(Je4 Ǔ:*co6Q ,Rswot.a4V,|cDl&&zuHŠэJUua6HSCRߋǜRR^TѧT`SUEtyEVf,eOy, %OM?:K4MeTE0LӾ%NnJ:$L$'ŊSlP/:»汄9@W3p0k3y"z} `'3Fu4,}|R ƙIYC0#STÔߥ:zw$O6Uw]欋SQUSM]Zw 8CuOX~YU0HhΫiti'wO Rk0#=wSG|U3Sgfj#KGx#v"nt̪}4kS"Sl"7}+ 4joe1jf"47ݙi&t7!-$VIC^JEH(#E_5i_kjfGU9_/"2Eʉo/8?1c%"{(V|lss Q% j*0 Fb1Q( EIl(Jb32H/ 4pH; $~Knm"YWVDHnH"z^a556/X>c]Vp.^k@L3 -@wl,Zhpz'bREKD< C i5 TՍxHBxb9ҐʢT7~!ιHc³po!D`9D 2:N؟"g}*}>&q13D8"*»PauF'7?utarQa%'~x"弆x(w6;:6$"pic9Y݇_,"aU„kVG9!ٟ5a2d1a3U^K[؟'2}xN:N {3XF*)m/DL!,΄ѣH"d[`!21d2@É217)gw1$́15-!xBQ {р6Ѿ(1AιSVzgjqiÀ`K|+5kȑDXVC*SQ;?5pqf.ʣ_mJ$cF Ƥ,ʻB-}1!K_^i<s09d6|^u"bSZ%},;jΐQY"಄7&njm?Ut>zhGJ*7 W0166 \3qb;(6qzA)7 p[`%_Gtk~ظ({Iا ;+8ĿcCjćS^Au~,U/FQ c-TbHJA\H(/P9hd <.[ %} ΒH{9j`v$`_3I  м`_C @8'XJ: {E.hop5q]<-?- S3.G(@V`rCllFV/zx MZtKv&Zwi\E1 e%W w՗$/Z>DƞrMZ;صnKrC.985"@V%R_tdETj}@$B#|ݤx 3Zo% ENj!rmn6M/ҖԆn.& ȭJ% 4XGWfcg+YOoY 䫷 ȼ쒓]B."yW;j]{#4;7Fl v"H; #iԍ@ZuWWIis4N @s `dɨJWI\B#!8u%P @ x%|FҌ&{yE\G3=8b73ifH8N+d9mI|)0?%jQ֘}^lAWB2&4BIi,T 3ZKC\mV IS^Ǐ"W q6` 8!o+9 i9fQf`1=B+[%A%@-/Øz fy£"Gn.CDm P0"@,37Iɧ/!0 c\ ;m_lIfX6][\ڰߴ J*@:c25c|ӡ>H5i+ |Z@X$nU†%9xP$PBwZNAQY9Ñc8o_uhȉH9#JuMaP'w*mDmtanIAo+u@vWY) Mr(avJ DC"W1- WϨAXL`=ɽZ)(?WCAItBaf}Ey L'\ ]Z&l)[%AfY\/4MZp}ORv͐&%C|zS!fӱcLAc:14Kv6Ҿtg2(It)ߚf -[YC{NV6wݒvg/jWԪKOfi) 9WU㯬Gd,Lo +ale4ۮn!PM@uoHyjB2 L!ZWb<ki#q 1%C^942j^um ̀(uߟfww 3,7**7΃d &-]',B#[Ab v )dZ;УvGumwKRĘo9μuJH _;NLb`<sՠqDJƭ }j/) qN"3/j:SV-ZJ:d2aDrS&-=;:+7;T~KchaX,Е6+˪k"l3x[A*!;AC!Q^tX,!]iΏp\zi:W&U#`ޮwbj Ui?('r}z hxe׸aIkĉnޥu62{FЄr F)R?$YQf8}26 aӢ/(4*!(9X(qJB|7qy,djQ2JSM8?M4q_5+i<@D 93@ X4 R*zrQ/IW+#zPtEFpLAHiv)aNGª⸓֮ɤGF mj~ Kl5lzx3++a}P_)`WR U ؀tp6p+8ԉӚ11H'.dk܂2+ t;#_N1NÌx!%F#!HʟmSVdW QD,ziusI**L^N9V'pdxt)j\졫]k:ȶ"e$7,.=PUĚӶ"hfqX~ [0Rv-7<GKsNɬcž-bqBkEQ%er_E1O hl:a[RףRpe` x]]~6iKFQ1LM zl#jZP@m?7ؘ4eR , !֬>vp܄kغʃ_a Wi 9pa |M@=`yUQGb *͊e]FN"\ .X\hbQz%6]ۀЗޅwo,Q% #¾Ncš `%0lp+|bTbbnz=7 >Jlm^t>jzgɻJRlj=y7{8iP7^IG 3.e!J@;pV!m4,RI|ataiNU]J1SxNިyuaIyMn'O˘\cw}14(t#k0_mX1SOH ᬆM H6qiAIc`AҘ3V¸&4U.bTO:XYRJx}g`TuGFDsSdԺ٥5׻өş+v=O{85츬^舽~_:p3Qʡp&PdB1" dOH1tu"3µ[)'9"S 4W aLdjᖴx*&< FGI6HdFb47Qh]ci˩5l 5z6]쾓w((%gϘ|s9ŗkČ-ͩN+X B:C?T)\M\Z7,s3[u} ę.7!QR`N Pj7m^>\m\LU !UtIyW' ˧}?zcK85DBisQQҵ;]]ŢFeKN勠*8Of'N{RAKHCWhRZ4v-*vXtc',Vڵ7%M!fưݯaPYlvr,9Gvaiq 583rߝA3t+< WDςRL ʃIP3h!,쐕ax*u zxl4f|Yoj׿3/UfFԺ4<\Ԙam³ }eJ4:bJHF; ؚFSbeV ^o`$:N_0v'&se/RL8]ZQ1>꛾6)A04 nP$sB<3eH{ !"Au@rF)t6;`";O5!4u_؆!o㥞[r,s8|3ހu:Ŗ>LTsPS`3)6.s[(S]sk#-HOe [8c/Z;zm=}i46$j7m~V2vd}Íz6+Au[jagq܉)11W!@A KPrGh.m 3Dͻ0!^~U/^M H:Lh)\1]/hĤW>l0tIB@F$Zaj:x;_~+yO<uJf`b>$a/Tf:mR'aiۋd=*se.(kpmI ]:Rޱ;8|q9%}RcnWLy=ΰZ-ē݂EiaaAmP71`shu#=U* үkGG"t79.h;FDb܂zQӗˢ^Hyvj~`^oφ[aGwhil󝜍?N} jq@|_lnT?tȣ[|=(AR':ld~Tz{/JgO,3l40z>]$a)"W)$CBvL y/0_!jFkfl`at=Ͷkqt͋N%wD>g:#PU9cuhC{Z'V8G:@T0;3|vةK4!Irt6Pۡ?~6oKgg4G=v<صr)t gݢ43UV9 Ң` =ff0)t-2/Ie"$} lфJ *U'5JpW$ q `D1^W1GnT̗ؤnnsz@iync&?iNӒ{)XN1PjEsn*(J V9;];#LHOذ{"Q/ 32"d]P2rJPyh6ete1qOrC~rĶlɩ1ؕ~| ҺݻqӮtY65u!VPEz c~5v{?!ξwnG 3IUt܇`CLhf? sQ5}ԔhG]Lw,+f碛Cٷ6'Fĺ]yU9}fAh2}q(_o$ pq}` i8!͡JcK *לt ;HoeEm,۵Aj0qd(^G9LH!X?~׶BAچ w*82+N6N, .Œ5AxGcD`m(rˆ Vi$NU7IE' "Њ'58f<%g^o,\P[H7=QPS|ϛԁXoZ|{8Cur7 vP@+i:cHÙu ijY9:t x)ls8mlE:P++t=o/_~nI?}.ʛ&S77*9Avsfy5?pHjᏰ} ջot8?jмplN/?P 8 a^ 7 G'xlMEJ&v2ׂuVqwOuy>+:^vBҧ^| Eȯ`c9|y߲Mj0ffᕎh|<"cQjE9 aOBL WY7FL )f>^U8EZ $4ۀV3,U)w(ŀь;3VxԠ=˟u5΁Joxd ruDQ/ʖl/UT|^q,סR5;cJLCVhM"tZn9Sj>5\=As[}R&3m s:F7O2Z)wnQie9i+I% v-\6M Uj69;9jTKtdZ%gkK}.4Ҵ~j:D<_B?jngsj9_Fu7}ݍVdܪ|CEٿgrz4ɕ^/Nqvn$w8<Gx*%3tf<^z_uw_bAY?-rGYuM N?~:?cf1f03f\6̸awJȥDD"VI7B%RTR)}_xt}^=ڗ^{]O59Mh_Evʩkoi1Q&׳J#iҴ樮9p͈j\S.L0#MrM< :w@MYoz@j\pMOh>x.4捞\sz4׍bE|'a] $tҀ+QhV5;pN D4fZAlg6~xw$3VC-Q>.+_QʤidT~}[ڎw\^t}&:Jpdi2MX.G;)߆S4.B$IY@[Zޙ_?N6V:RM4-i2wj8Ji۹f*+pO F,,#1:D.n3ҹt8ŭD?I..&BbQbأ\^zBgB[c@`DoJb{PlYCuji&\Q\>P)FSo-dSyi(,/1\4t.Dig=yX_r&26p bb2ӆ06[q ƶfՌ$dz3}I(Zb+7>п=\nQG}6\$@Mүpqh~\9J 04mM|ꮵ?al&; ;[Kܭe0tl@1-@oj C~@@ SFCxW㳄t[gx#`?0ܰ2~V)Z;PԼ#A:c3CLV vPmMJtl訏5U3̣_3+.chvb YKb'p*TBM"OISx*U.Љ_R$c&0]MR {Ӗ,ix\aeZJ=,k!۔(;@8MKN@5XeksĻM\myEp1^|j~c-:[*g2oq413ŕH%~ZSΟaoe}s\ lS4&cz%vgnz!UZZ1>+ɃJVxbJFr-oo4o8fT:es\oު]5jELBՔ^ٕ2SS^@GRj'QE#QԼ(F'P EZU)k2 ņRbk)ނbg).CA|!Rq^[B48jـŪZan8-;\;شpVq#~ ĠS16.qՓ},u+CWIѝsهUa jvWOoSzm1$hV8#; "~ 2R Zut)$suWt3[H$8SiY kn! 5M+ wz4}@zD%}lOv31O . 3HhOYv̗[nwmC,ϰߊiZzKr[\ =c\M`K>XC/ mz: ,|QV6OaNBҽ*,44pxV(3h]-=dT-=(j[.1_!YϻL,< # -!-EPNC^d2/GzVmY+e-7V\$89 !x1f'A-B?E?(ri:3Z’ڋڟw ^Ek˻76^+JoiFwy;K}4 ~z0@闂=_rrEW1kh.uE8qQm1dFt+x1LiHE9S%6DEM%%$BBcX^jE$kSkj^3j# #o8ЬΈ*R!@U/S B윩loN "7u.Sj!L.i LTMhB00Swft؁KKYѨdz0߆jԋ x=ki_Dxz2zKyJ>nK9DP,ҋMdR:-7 Ό4ʄogkf 8G64L&Y֚w{U "{a#Ic|q ~4*%K;ARzhfeu9ck9;WQj́r3&DW&SB2^6a#oYki͟$rgo~~ccqL!u!z]0KC\0ͨ2zt1c1j&Lz%oejN˸{qʄӴ/UVf322'HoW0y6\N Ģ=VVmvGr5V=goLF;h?`i5p;IjIsOլ6Nٝ:^-̹T tqI. X2~2s%.qAh^W9zrK+:d |' s%234Og%7au%"ܜ<3yFen܋<-ɍXP$|ONN`{NL3!6>.q 8'|sLr!6:=VQOrϑ0 #p=<l0&˒+1!,xs&[ ^3YO⧼B.US 3w1ى0ǹ6m=0}Ks?V}\Eq(G{hZ1@(HKQk'_ԗLcwy.G|ƸÆy0Vi->SQRGx6K?`|Z3YXWėed׊kȓ0*\x.؀91BEDc0|gY-Mqsi3^2hZxA3 l:&LZmH4M_ s }z^/d~J7bw#0>+"Vf\8zOƜ-q|. 3_qn%3ul"l}&X⚄gKx ƿ_Gc|2=vciuFƏN .܆ҹ8lsdvzOuCлѣ0ֺ0`Sa*7 BƘC:օҜc2@WF?@kQp̴14==Ё3uuo1f/o`􇀨2L~BF;XCh V-Mef%ɰ+ BxElخ ( V^Qö䇇5bXվY ?djZ%< zI:gg h1Njq]:1LUήNV~h)‹[7V"f[}QB?Dwp7xTh`1CtlqU&@Psa5To75FgU:doFy8_DwQo/6 5]FMaM8f)@n1LY:#lkx6jK@@ P7]Ⱥ]S#6W `1*@ DZZo%Ө<"ؽ{/v#a?AuUZ_SʦeHjLŃlD>\`џe|V#zʐϣ:$;~ڨ#~ 2|18[d:"$ѭ'Lm>%@j\6\ E^i$NCַgȦigy.@Kjn PH8@wzS S~c kh>mkXLs=]f>kw_#"ճ1f/7:# l9X[1hؾKU$@`ʬm9;úloGZD W]=` MF14^.ݲ)Cz d[W2,{XE{'I"t'd)y_Ɍ>rZ0C`b5x`9ly(RҌH5bk5Ԧ{ӂBRzF@#[ G t+_$ͅYǓ3'YuZguHcL{pL]B8"Yi<a:;P>(|Hf)DqIy#'q͞;Y<7ǧZ &q&o3)AWPBrFk!$gg~pr7pLZ_]ϸ՚Lc,2min=G)[hA%PtBd'eEsBjor)K+{^8R$Iq34k/)C> i.B}tz idSCWCɃ5#s#{8&r{fCr>nHe sr*k}J89GCٟw_xȟK7SϚT6V u`IvPl(AҬ^HI׶TMe:-L[ )SM2QV!9c۹0SgI2?$-.h#<1ZI!ЖI;aY/65E56Y1%͋l1af XdMZ12?"ѧ0OS9"iLoF|m8.t%Z-@9!Tƌ2LL0LU' <3\+`]` j ̥_8+yPGD+" Z%cjYer< ڇI[M%`R'HZS2'MC6R0dPv?LkBqweM@AaؖGCz c&5_!(K8Aw էqpK& LҚ(~hG*?Uii'tN< cq3 %pdl(/*p0~D2z ӬنWss+ϠAmӬMO3pXπ#w%pl(K݃rND"\2T> .nr7=Pn5,h؋ 2QO$9X Ka3q:Upi91>BGmk ᑞHzN5YyLpz0Y SH.!D+t6أm/F (LasU2"}Y'tbW֔uzIIij3T*mļb'1o62szSzsAA:9 z׸MʃGWANm4#EP݃B}B!Yt~ͅ?wό5 %s MF76A~ؖDo#gYC]j.`3Ӹbd]4C.EbIasO)Y?NRhl;s_@&U&e 29fFPB ̴l<2gʙ3mMzSC`U\x61/r6M(LVL< bben^0[q2{ܒL %$RLN$"  5L$V$m2 s0~ZL*T@Y,% Vsg _}V爪7/y .9o7oÛ }f.^;+dҏlX}Ήrp|v6b% :,\6%y?Xl_2V*8'L[8yEB=Qx)( <´Sg7'Jۼ"^%c*sP(!~6 IgwS]4;.Lg 0Gp9'̻&;WC4[#̯k~$Yc98Mƛ]sC2I'L2? kM[7H-63KƘ:caeH.}h%nV;"nQiKJmET*/t%tŦ-tdS\=2M=ܟZj>\w+~9)8x5<]%z.t/ɩCNu V3)6ښ3 \P_NnW`|0q S"g-jlj1S͜vT䢹SD浥ܲqOYK"+y36#&Ϋҿ激 7ك*6XT']]5>!#vȕl-89f\՟aɮԨ1u9X\uN:aVv:uJ0XG7p%ڼ36s9ewe4h gx"V,ʦwP(q,~o;,wX#Ǒ1)0G<[ DL1]ttA5)6DY>ec<d8ɮޅ*KrX @{ÇhىVKs*HP4T 3_iعdW/雷'ŪQ\\Nu0ngJW>\wfYJC_VoICz+5-у7@'![5VIXy.j0O,[ہs캍„upq>5$|-ֺluDdѥ0&/q\݄.7h4 ".#v?!ˮ0M2P,'h;v2<MaSŠ=#fpdˬ}})I2*E&{0{MxwzɾֳNonPwR++k*u֣`_LZ*,.,iZsxYե`Jz=,Cij TH5AF֐IYFb[Gڝ5x KIL}Zr 8˚aEǞ2 v,|AgϺ؍(f]㐟WCF^44ٹ >に(&45f^޲V@9Eȑ㑜B9=Ά3=qZ~]Fy3(V ,vxKMtXvNwӣ`P,ތbu #.KT ;veۛ@5@tː [@guAPᏘT sb`bT0g$M^HP|ēqk$gP;`|@V4FzM!RIx.90+dOi^z ս33Lh=gʙe13l-> &%pz0%vYĎ5tWį1eO7h8ڳ>93v=JQz\݇ ǿ;x]Nqԙ&3M@=<ZթHڲ[u]i!?`(-XL]eBCU &e5T5 n Ӽ-D3OksO1NtdR5mB&T))(WrlJDSQ }ҕ`틩Ba-}I!lo`z 3t;^ULr=/C)P;0)-,KB>Ë9B ^(T&vUq9Aѣ"5P}]ezXp^y}R#]}Ul=k"ZJwlRi\]\< P=CS?m!fg76ok/WFL?%e{aRaҦv^5I4MgR/7[K"奞ҡttw$C]o!Pgs_[ ҇20s~e"3L_AH™ '2ChYR G<1,/pChl/pb@b;M׵ 2zNld6{j^;}U ^k [N9f"F4-yn0ɕlSZdhջN=J!eB&A\qDWWCuJK1=c'#]]q(@xuL<#3bc):9ڄ6z\,psμ =;_ -mׯ"K7Ͼ~t-&1|#fEd~;mi~ ZL<~SH(T a{LM0W+.QΤ/KQ3Ӗty}9<U:C=x:V^N d2- yX"bbU)ѼΊcB4qd!DOhwq1YIxD-"pXȬ5h@%[ByjP͆nέ;DEVu!ee.5./[PI^Vxo"e.7UuXa?yE[MُȔH /RYApy[U%E!LjPi]l4"p-pZa,6hm7tLV<͡)KxCSI4~OLtBhqk lLUȾ>bĽGdR}( Te}+R=~U($R/.}*m!xY;їm҄/ۤq`xvd'9*KyūPS/՛㄃:(gnC0Uqo:d>卡OL1tç#MuHO-5_js*3ݣ8%hT _.]G<[;m?} VFÛgG@j?OZa>al>Uw@/zis1MuN|]n#4(,O"{#X8~% G%(2lM#x̡)|=G"FqO8w^DɁ0VL)bNw/rlƮܙ$x#104Ak5y1r߷B^SP#=]7@1J*Y( {&:\@5(gi!|S}~J%u!w!U;` O\Pr<: l @\@GUAЁjz9ަMΈmzʩAfڦ~P-՞=T>o%t`3'NqV= msV=KÁvgn MvJ9=.'»L9כj%iF.8b;:ı3rԚ>,7%W&XqG2Bx,:vcW'<4X,z2N=&!l3P Ddy3j"Q#qoNN 9q.Èx tB.$Zi,3&`7n!^~5 ()p%~qvsV(O%l)%%" <*Eɳd61GZA#1)Jx',u`@3 ta'RL3#X6Գ+'R4L/Ÿo W,ūV7\ՋC_SvR5/^umPT2S4ofo 4Q&rt:Zޜ;0> ÐBáƖ\< )?-zVPNsXFYy t0Yk oa)q^\QN酬u$ށ<8^ޢ0zSzK`IC< CRO^,6M0U3֛1}c>Ig`qдMrwM{WڧH|Q}kV&V$FjsL;Ұ&Lz&T" P'<%/_4Vo]?ĖgΝyl> %W"sl0=ONߋ;|X=,Xߵ^.['錰U< RNѹC~< 1ſOx, T?*[\Lo 1LA%OY'psY~):wy(R`'D`f<"2k2~V"j?@޴oǍe<$ԏ{z+|4دC|Xv<[sFc T?C8VI8уHB7Tn/9Og>  B?b*L6ܿj'%[&H (i JWi?> `!_%.zЯhޣC7>@(FCҭf=Ĕli6k%'x̃rSz`-[l9perӍ'-կ_Y!~DvU$"VE)w%b?bl/pTorAPxXQ.RwďGmGʝ=|WWכF/g=c@=>>a -~/3!;~ )'`bʏma25q6kD$N3 ,>=(14W|9cfO"lYPޥ{@|tomD\Grȁc#8Gb$>@,t[ *`kFʣ.|ȃ7Ol W=R[CP:yq{>fg 7D;.Sw1  p=y6 q}) -baD|NΩr;8GU&]P奐\T_Rp*>Ր]Va1~Qe!@oR;V $kp{T:׹v'XX-OMu舨ut!@W#Dj61lgheρAG|P͕P{iY@+rtVhX˚k8[VFPC=ٔՏA$e _qEo&A%/k_iL+ 2ǰ,W dTnvXTshWS4- HN|bwU-|ND/蓝H0 9%.R`}sdX4m:7E}gpc`=`-.G! u/kV}ٍ\gy&J  ݸp/ ,o chݷ#g^ɡoտuTj6f+HjO`r+<ʾS)0̚ag]6Hѫwn8nkO$xጛ#ӡ KT2|OF pQLOC|+P\샱`>5#ݸ9bυ\֖`rܻfsV 2VcN2(̯, &@(OrbP-9JVHM?!ߨtiԱ!+|W ;4Όuf eb3"8З P(B%˴'6Uøn5V˅*EYxq%dkA!_ TxUп VA?iEK:v@ ie҄mS?LџWGXyߊ0Ei YLY%9{r^0 `$.|ιst(> ]3Ml5S+S70z]ֿZW>ɂt s$os\Wp;&8]f\shK?L[*6Ӌoqa8eL<%j8XWgq3lĢ-̼{5#ĭ͔m\]~f5nwug!V{Yv3#\y+@Ffthw?c:G7 o #"X78%߄jS<gQz@7UBxDoh&Uqz$Ib8Mhuq\hQ)]~P{Nj J?5ئs^9 ݥNN\iyot{[;g(8R=w|cg=[9NܽcdsxLebY^\o~HȟxA ?ax!w0bԤL_5%*ms+Ѝ;+u15csgq0Z+olֳ5{ο%7%MҮo[o.Jׯ](u *99>&yjasS` jhQ PGmbssB΍Nhs*8I / 5|v񾽓E`'BJqqO=c<\ ߽D.TEk eȘܪ4o˺in=\>Oӏ 7S<["Qm̓בi>/&. žNjq7KeDÈ>!:+>(Gegc_9<~lkו]R?F r 6y팅qH>( j~aa&&-qCx} [?[ɁP&7DD-BwcZ[^\} O)A1_Uȫsqɮ<>HLծv*F$({bUP O>ۻvXZsmmڮ@U ­2awzm7,̃}3\Gq!ZZq^UwìګYUܶۺWIsq͋T3 {lrϲ0뾁PU br! 1GsMC)? 7pf {0t%bL.P,Oʍ`pmO8`/S<qH2dhlL'~qm{X_%%A{sV|톎nv}ʠa !ؽrm { LpMn|WY*(iDd1:i#ʚ>F3^oAmk(9࿬<[pCp^Ļ>ը UjkJM)!mFf7?QsCeW94 r5mW=tGQWDqu;н޽;#UwInVBpY"< s6uh*j1|sE{"D]^uy5PWK"ϦYٚ9As4"cLơU˝6S:pZkyCx^iBx5ʏh|Pզ//S9ӳ&LdCB_WgBX~qvC?/m5yMNbtَm`4,DK[TlpgJ֚u+wJ74yu7b3^t!~[s5$@76鹚Qh93 غ3#u+Yt pYzXeQ^\JN3ڵG"k}6J],||;o;#Np`,WS9|[M*Dk1\ yc6ot#hڃ`HejƇbTɯ|\Qn/kGmMi ?-'2<`hJD_mi{*bh6"޴80[Z\є[ -ӌi-Uvj ^@S/f]/E&Ճ-R0 _"-/!bn0Q0n]B;^U=<6 W&R 'iLdoxN2H*7Gwo[uFO\O{C j#>7+qjܸQ^E|-r͇Īz}-.è2VK2vo5e~d-D{.y9m m A0E4h4%EԭCwfvc8) i_;`y٣ٸ[ Ϟ1& 습9^?fxaD •#^bxQI"}˺8],o)7.z>71xlaڻrܽtvN3qĘ(:4_iL=SԌ ئM3S|pc7#ܔ\;R԰6=lqO'U5Ixfr(JKmJed=rjau_fm]ҶءNq_'d~AZ#Nb`RkwBb8 Eʔ$ol7@ _iq(mN@MX ¨ e*{]gq\Ywg/2ޗb=IrZ y5B8Sk-ko?ě8ͦ X}v{d߅V_AVx1 (&ik]L(h{mc3|Je#=95GG/Xd'SBF^ёʾvFZ"ʶUѸGkDyxX_(1_]oÉ\[4 -WH.!zp;WBj IYXHl!y 5#g|8LB_3EVIQHD7`O HʥOa_~+-2 &Ӻq<,^R{fBH.P|Qi$+ֈ hz22߾ռVlQ* jn1j N \ȅ2.tH2iZjz RrG Sev;3?2{5m CHF3 3>h3ca0aFj͌O CT8ᄵ?3H̙UxU9*4gs?V.>,tkc޸}v9}R#  FU?ͪy`^|!z hL?1+K.7kWƃ+F= 71Qr0J73b%ɛѱrYa*q$+%9ӡ0{V:z@lqBr_ZJ=TjQ ;ʣ5Es}(19O[Kl00̂pP=UlX`2ww~Kbd+ap9h$V|&**e23 ʘ Od*(?_E8YMxl+2,>+uoJU$ekwi7"k=ʯ{sUVɵ&sujyѫs"[V; lӸ -mPW82a7S d`"_֪`qng|@q9/ȭ᭚Yg18bf2wP/8D9󴮳u*\{mN\^f᧷PJ BLZ 4L$FoNPLJr)Oeg>W˵)-:gC̫oc߆g=rOSIIXt8џ!iT,Ǔ !&ZL& L #}lDw w:8y/Sh̚Iﻛ1,Xj#H2kmM81{EMQH"Mj% ++2pi8L{zEGR .xnl*xi_I`,32D8&?܉:iA>b6,e9R]YiMX5~̥ΊYY!E 6\ٱa@nwJ߹~0x~<)>)jX^ɪO2r"!oV5<^DyEJys8Җ71Kɘ6=6*zN:9紓3{3Nғ=S$=7ѳTѓ?c$vI_Q T_J&!o U<$ҹC+4/pDwu&yӐ3#}XZ. q vs0- ؄a\mqIx8\I?Ld`iSTl( ̬nbZƘm_S}5o&6}zv?d,bc^rKT8-Q=/Lk~AD_Ym؃\zϑb. U_䣄Ţ_*}8s8[#1x-s7ߗr?keAa}4Da5~.!M[ E6as 20JSo_p'[injd;-Ÿ{'[p'TkhlqdH Dz.PD3(rIu($aZlg'W9Ձ?hȨ]l|G/0yx%QٶUu`g Vb!rʆ {G=b?:Q2V61p#r1Qy g~K,T5gs3m2UL0 \4 3*&*{)緬рYP;^V <*vP V (mrk΄hYtY 0Q[4_>F id'F^3QY[E H#vj<ؚ]zs(!Sp4RLժj]([uĉF:g #EV #8mxp'l1Usr" ېAq䌺Ąҭ3ʮqdFl-WC F< ZS(GB\; @65 s@51!pkJlxW8&MS#Bv ڦ6wi%')Og=*oF.Sɘ!XvF?sE;| T1|t MJws4rRI^a#-pU 2wg(r_ +4 +N@.ا\7LpM0gMpgE1IMP5 U XiZ+w*:k8Lĭ`q<[}R$q4ĬErS$dzH~q:py O&^-myὙƒ6r*B3z\KGە YqZ{)MYFv%U$KszivەV,SiwdC^w眹Tv!ۍzfԬZli=[(rVjC#Hg9.slj[z5ĝKQztA@'/@HfDm&lGPȨgu؛Ol3 MiEoVIz?F:0"M 9;랽6̖-ʀ:Njޠڥ5taߞ\#q)%J\ӦP-&.JT;  bs~ Lyop5t<$S<I\NfS0yr8vwĢMx +}iC,;:U3$%>k4{c Ds]2MȖ/t![\LߗEɎ2[|;d˗:?,eW\Sd%uȒn)Jx8~)[Pc`-wyd5Edf`ElQH3%K BZ,jR0!jqLkWzhaٗ5j5Č&B|L僶fDAJ [dQ?P}쭅} \+MSPH >*EUR\ _ K:W~i ij7_|/sn?͹Hi(UN 7S0H"VH;ͤJʦJ2iR\<ˤ\/H.(<~-dD$_sҩJk1 u$vE[WE)TR<k#\,d$[B4rEN!Ym$̈4)4pMҔ|Sij>S IT6CHj+@8qbb5%$U$ϰ4(Aa-$N^SBRE?GݓSBr'\upX>h!w:TMr_H׃d͓-$MB򄾫BJD_%0]-TR.d|B Ҕ:=xMCw/d*M*} Z9-Y+~cc%*E^r/җ S I,'WRv' Ay|C۪:dQHrjҚ %~. Tf~C3^W\wsvRLr7_QG392r#BNI!^cQ=k;9и#qJ33f nw֎:>ls_(,cvlrEHȸ1k432ޭKk4 Tna:;ջ{t(8QUB7NJ~B,=_ ](fNHwJN {i&:vTe9`SbG;q/]PFޝlixk%|_6W[}[mn W>jEM{ﭺy(L7 i髫Aj?v#ΥVi%.N!Zj=vH3LjVwR2ء1+:Yummd۔C/XQGXeV0w%kCI6ur<gPbƷ :/T΍4pSO){${U|rnPQ󮖢K?IKbZ9wZZGtWHq9#x/ʎ?d'R[Y+3+kfd+HDk%jQ+UFG_$*L\ ]UJ55s/Κ_n8iF>Z˸-iwE:= գݣ<+LGԘ3: r)=Ԁ?kO@|C>^VG~fg3Hysiw}C;MyOge |M0o9iw0U<%UҔǃ yqwPV9>ϾT#1Ћxrͅ\__q Q%AdxNjwG5|#Υ`_~o)4o^GN{SuعB̶b҆AcIJ (f%E\@dVD]Vu@E ܕvN'\ze6J79j+!NB>B#?'hw NŶ\?)m7Z5RZirAA3q8iE?<\!P^4_{h툣Ѣ"y[-p1\[l{{1{g=2z3v_jo/HmE#cC&blPjgWic2mW)4ZdMyn{rl.e-ߎC#yTvH}9 NxRnQBls iV;Ԕm4cd5}GG +iQۓx4Z=ҞcG&GűҾBmrΆQ}yOcNu>:E < QDlѕ$P|9>ZAWی1;qx1~_Tm$4).0o])`>֛e.:U.bzܹVls>LvUTx.;dXtgШ赦^1O>Oɳk&֓_"W ֢e^m+:)Iu|}:IpN"/涒Ȋ9S_w-*6Ϩ?Ii.f~}&)^=vSr"[|&o~2jn^P <?Qe?XaA{p'3E 8'T%^DLNLd pU4@Ze m}R('8Cs ?Bvyӎ=ƚI[6|iEw& @ǞV{*pUVgE6h`Z0ޣfH#bXH!ȡhc2`!7 IKi kY7Ҧyޢi11ėdaj#)Ⱦj?&Ӻm | b\OY 0θoH;ZEz}x?="OQh΍F&q6X.LM#pBAzDѧhM0% [/>}GE`lq #fuq4%c nkA;υf+s?F!aYEZEt=gؔ|vx{ Ͼ|LCG( z|9эC6c0Z΅ &PP^yz09G鯶:EzVZ_V6- 1`@V@'_w` ߇  ,.lSW+Ek~h1LR7˟@r_"^\GAQ#'r[؈wNmK^j'a}+q fŭBFa2)lc s^)~kX~K5BnD'+˂G$/!#RUpj |o~>sAhlTbd k86eN%1<܏IW(ٜؔ6?£ f{`yڡ(]M"Ϸ;\'\Q@xz$|tޏ bǡ A f-A)S۸hp:`f&:C=4$+~m,q<7~Z džx[֞ ao 4' 3Qk.HQܵ@ 6ټr) T_H#t*@y^yHyFh`& {\xÔ^ ,~/Bn+Jl{BuY k#)zkKo{\4HƮ9NjfC S.yvʦ;L/<g}|\3}db AMb h"͂ %~3Pm5t SC=$qq& NW# AAL&-p V8Ч"_zx}G =>beo\I,M $07%Tf͌Gհ..- .Z0r==\sD"bsѮ$8v&r[tuXCU<Ψ̱e&]=jdyYVq[1>tA>P}rȻyL2Cyӻ]f\t;&L 8Qz|(:14g-if-dYN=vn#AГbx(̥}껍Ė櫯JT$Xv&cZ l׋b(RRq Go۩r)UpwT.%o73M [I)T9zfHNud2Ӕ}X¤E8b,haͷ.~D24y{'Πu ,!pꄺg48fE+^q|=(]Ѡvm6ĬA:`ApIr*2&|`K>`sך&4lc9[/Ե˵t a eS9*PtYhLqdAբIQN(ucV4nE-/5FN=d@Zpyp+wƉЭf.փ-ƧGΨX@測/qbH:7m'&I;(ĥk6l'5b^fm0iFYk8[ǐ%ʹ6QA!|W0;آ8/PZNkBGy}Զل)8ɺNFbBup6 =, Ep>e8w -#F 3:YJDB<,XϨ,G0H TǵxJ2aSl}\9Jq3!mɍG'q&$bT5+!{}vJ-T'ݜb~PẒ#]'ؒd4LWu\҈=5s/tӤ,Op7luXQr*iܛRY w! g|IzArͶmI3ej{^,}\9e5mda3ΰWb1gλQJ)?>ƮxFW,󅵌^c5E~w, yEmP,^4L"7L,S,4%xJRiۆLJFEQ*O\}jpۈ?,NF_n?{&)Lc7#~M;jGљZpKnGkZUdN}K:zk@7la;*LYy;8UYcEa=(~(T ԣ50|VG]E\llEc>raK8"YF:nJ#4jul \;7gW}OD^{d(9!!\!(@zP#4 xV=4-'z1L eYF9ilˆ9At3 ,D%]CQm`iqgQ٘Dʗh/"Z tc/}@x"X{X"+]Wr*7^SʺWHĐ}(Ç X _Z?6k}P:Zy1PC>;U<@s6߆ PV "]NIoh(Ahv.+֔g՝L MmA"`6kL|o Rl2mks')($ː.%|XG-%zāJzhKv@.7 f,/_xFFኧiԙL(<_N %K>}!l]Ydj 8ZL/zs=r)lAy,g> Z"뿄jmƄ4+yq+*Z͹iNɳkh}nUr(KL)\??vP? vN/toj$:ħzgQN Y}`T"a=c^FA1ۛ Z;gH {RYwirjQ$5 ˓oZbj{^`lojE{ePOf;}jV9N3܀yÕ+LUʉp+g`CQ.Υy q,`++-@IO8nm,'pq?XF 7aɣ&N]/@l.O`yY5Ύтg{(;Rr#~_p’OZ]ꍻ4nN79WZ g Ќ|up$_or$T}CeaiC,zvL '5$rY4>#9"5ِeHxR {J͐l nv.ئ\{|Nz|?p=<>@(j@_[|`:~Y|lh~gQ nu~Z TՉ) ߬*+V[ nHg%v.d Trt#jD\ C)`xLѭW@CIəhZW8L]{Ce lP TfxMBw'WhQX4rOFL-< {%n*Q(eտڅ_񬳛'U2:oZnĞhl35Yz;w6ӗ΋J9}j >TQ|I: ݧi1u~<Dk@ug9L2;}|zOg0#Hv [ZO s 8+9#4Z, ThnGÑD)yzăEJm6uhĈvmS`%[WًbFN|,gA)H INNt]b,{=aaYݕ*+zvWy#Pfc4L*=t]TĴޚ_g{#rr3Yf2U&+ c^: h0 WU|@𥈀I5l/ lEi'h=8%sI5=QFI{QR:yJ$F7[LP2VMS)KudlWJV%,\F4k=ڱ:QXl04͎I.j0lvhΘmXwZ=ֿ.|,pp7=| T{zi\>՝q֪Ppe9D9ިBZ45۶)ljZ" oF}FQjB.u/lSbE,=eS/8ӂ2 ΔhtTDlO~p_ʼ"!<ߟ_%~Rz4%!)RZy-*oTf{"roZJ͆Ny@ԀF-APN;{x]F/b2[W\jL%vl0c8hwZ@?T"]$ o6[}kEcj@W~N+R^֎KDuQY) L%@Z]./$xGMc志mL̈́Lj,R[|@,xp\} ^"^;hnt87YkLJ@|7~|p2'W Bs)$)|K3h }Jklv{DИ11}o@^8.9ͻ@ϻ ݤߒ~"#M&NK9箃j$\ܒnBRB!#5ބ~Ӝe^~Ȍ}qˁ4>aj/Elb?U`^ĺ Od=Iݮmf UhHG܈4Y;âK{b w]R+]sD+߁^Ih7$#% L[)s" dU 5뢾>Δ[h/o6§W=e٣@ur4ao90 !YHAo!m5'ۈ4?T'O#;xZg nx//BԱ="̯w?ZsxIZ_"sSn ɺ ŽA-QsQM$\Fqq'O; d:G5JU,vT!ύbhNg6VK[-߶ȷ8^Om.iLu3#VVa3k%;8,LCȏN8iNV/UHz/Ojic73< !& r͐(k85>7Z"/n1Tgg'lEOSK ݡ{DLV ue$F";CwNQHޣ),׵& JQkWqSdK-qS4 ecN>sޜ#MIC_U77_BA6S41gOr>$5e㏜F)ĵE_kVɵeI'l.r9g@Lؾj8=MYm 4,t6 @B!@M a_paqQ q\PqpEqDg|.f/θ:΂;U}}}sT9NsTݺ϶r+(u0Y0jL7eywyǕ;yOLOa][",^^ }l!l{#h`)9/{£$.`{zx[ˁO%}+h0Oi|@CdVbt>C% BD gC~GtYL9Yx|#@k3cUH[!}0)3|_,_%o8] 8CIз4fo;یpxTAj{\A{poG:4c}>KfJ ~ GE ?"S rIPsF`=V`4 i8{'PljƇTWu8䓿)#JkrzwCPZStX ^b:LnۈzOG|z&0YAO4wɧ#"& A=JX2I|z :R;D#2*H>̃jRɧw(Ա; 61ղ;{D-Hi3U|zw Hzp++H<(W0H'#vM@@ -113 PB# l3]@fK34^p*X+Z*nDGH<)Ŗ죕y麗ώ"g@;A<_}7 |H1{dvτ}ڳ!\d+L)#BT̶yWFIP|By-J[R?>,!o}BCihѣtٙ &,Ԇ?!*Fiŀ2:ݢO 2dKaR7,D05R| A)Z) ڔҺ|N_oN ]<{NFP#9\GɲwM(bp:fJ1b9`),j">35@଍xדgV4A\(.xNMc#zNyd1NnDNabC[1gvݎ$E rdAT?iNZZyC5K{ [Gu\l <Kh3@64&Bn^6Fjgl?xi:+4xn#M-1O M!BlsKf ocKY7xd66KtM;pR3Akr^E񡭊tMNxީqFcUM[E%P#9* H a[̅ʚbdw"Az>/g9\0LlQ54wpށ,PzfBU_W*uPmUR^:Zـ^u8Tt _gh5TIZ-[++GKerZK<*2Vp3-<zdhwjZGŶ>}i_؞z*&b"^j-4F R}CjtKڔ잊ä=g`p hfT.b֛6{IҳhE3xB!{C] -ߌrOqeS;SҾQِ#)߉rCxXaO5/tOPPC&XEBQ9?BԖlVQQ."{SjrmelmjR YӸ(II*2e,hK\R <+~1&U"|t%FX5kQ&V5;"ګCk]zEDi3Ѡ uynaIaXKٚ?ٞS?/UYؤjtB َr$ HofTbhDmS% Vzb=<ژ?t#׸) BHjfèOa՚gq)g)MmLg]2(w5 +.Q Y)]!P9a`Z k;GF:cTpO)ƾZ*1e#'uG[; U*DN) 0(Qfa4 8id/RQ]iAx 4>d~8f~M,hد-B2",Y2#6[d͹X;APoH *aq[!/1Mj˨}E=\yfDy!WKi$!JbOx3={xeݫN˾XF@h֎!bGGpf;WmΗ[V5n< `>X Vҙs;:igxݴAgZU6u!mQ+iY@ (9(n HUopz[dRApvpK8 G 1fcwhH0aJ8͆c=a},װ~Y^r>?A-A: /L&d9?Tá@D+%1'wL.j9ΏAE3@QzATp2Dk/54Pd4>د4:mQbk4}ƍDY n{zmBG}|#g&OwN=/@fI5sؙ9S^O]h?c?xl !;<^ qWg2a>F;-l_tּ1c>әvUS$cڝfx8aQ{ ,U0`aG:,fX{"g6SX̱ĤY$\@U#5&ay !HYiwїq$bmh\]e-4P :Z`ƺ ͞ 9W'u>&.oHwW D!')*Ғg9GP i<@ Iz]bcD80F}le4:*Ɯm7u3|)-nǫ%)-̄W;z31Z^|3Fs3gDܰl6wgw@#KB)=:P}=)2.8'9!>V6 U^\DM-75FT;b6?yԽؘ ;WT}Jt_f|Y|(4v{~]T Xzb-•  Ӷpû0}iҎ(>Օl6z@XjXc"']xn^$ZdovFW``(m{ o+)2Ϭ5`轫P+xnvP`-qN:[wɽHdL™J}q˦Rm;mq"͹ꀷ4K :NJrzFh6!M6'gB9^'N#y.YdX~PɵREo qƞ%FA/.RЛh>Yt)h#Fnn;'nW;'j /Qh{>wn~>} }'2; GhW(FEXC*y>^R~]M/y"`<<.`<@r ^8QT?HU7߄Zx$|pMS ;+D]IUNFTm`LwU;G^o}9g&N'aDѦOdiyiZAߖc&+\Iv1*ˍy<@c,y=~J?t9AZţ.Feo˱'.*MASa$:Z1ʯk9ʏ}K(* zcz u*dʖM(<)5U;uutKoXr.l\=lBiX|p#n Bl-ѸrQA827GHmgn$6!䏮Wzۼ)UdǏODH2r}pH'ˑj}ԼHj{^k'ա,#F],GOTO%22W"O)cR=^]Hѧ_gQUq Ω8ɏ'j[ 'j bЇzv9^;p ORD=_KhyKr{;Z#Ju.@[^nj\b6a"qтZWZrkdB9/V43y=ˊj5/qhг5\~bMT,'KG9#iї Mnu8jjcIsPQ\wU…eΑh_+Za˳:Q;+wY;DcUO(o?Aj )תj qjufѡZsSVO܀4bQD?֕3u,$XD4c\h_`:Do[ ?z FMZT %S#.7oŎ!\Eaʥ5V5anƁJO-8S T^ ۮ[3 aOP7]TiR^LY nPEZMܰ]lgD\&j*Gu+[5x@l.L@3['^JE.~%t u <G<ϫ;跤9D7݄7NoUqy~7-x]}R7kF~`Îy P]PB[2S)ԫhT}%vÜ [c yhq'@̞ȟUv4 έ?麟cTU[gpOxwQ ׾Ѽ˻XE>v|}Bۤ NpSk>]š}mo 9(<]CmVأ] 虶YLqQrN+`&c˩YrNNE͗$;lCׂgY\.`?˂C#i|0%Fc][/{ڦ /U8%b8G.wTsKz~-[_q0YXxj[qCRNlp&PE֕~n;OsLq)BIbD\wx?,mf4D4v-~g͏,Kߟuy6K[5,›ܼ,l"Y٤L&<[ ^ XIɵLdś&B:i0> 9yv/Gp1@Fk#[Ms|u.?Ļºݢ~ @8hvdY jDSyn426gb&-)Z)k*7ON~0G0\?${\7b1DIE_V\u.o&Yl&Fkup Khp(a <#|EќIUj  ֯d&4ޗ)0-ҥ' ]x5)|h0`_~= /#Ub|c\k)R~0}|0||HN#3 dZw](#%X-F!%FsJ":HRt}EI{[nRprib$?WL;œ{+Rf8W2&aɃSȃO΃P&>G`oc ق+~/w9?]C/x _3OoBǃ.C<}Z^?=VkƯ~~w>e^h- o:#k[.8wpƋ":к뺡{TW81tݭq hN 0lZ'ZA._CwlZw+z+oW8p {ENBB-x%bjN5~NuuWZrtr^/s8:jmxuTI[1}aiZi(8.޹̓תSޫ%iQcQJ`T}]5cJ-Pf՜Jc3û)D ºFƓ CN{->ǍbpΖJA:C)X":\PC=0DTA}1 ֖TbV]X@cZP!wR jVy= ; fviя& 6\u`ĥN/F1soz /jm4J2! 6wkABTŔcCM;Ɓ:`3djҗJmUI>(|rM@3‰[? GdP gʙYfse8UB?f Nعy-joKnZrfV)мJ=⌗BUUDl~nыfq<<.WUB-c k Xm bণ ڂ_ ,Wҽ.^q3{O=3CG2`|,D{_3_ȋb:REr~(oB҆0\wnWl(Ei!}UO֣I}v%.5o!:e#x}Y pn6K $@$!HQln:(5RZu$QkZBSk[TJ[2⫾i*R'N =9"3ϽwOWSkJB_>f1`,`&Yzv uOS,)l hd1,V/RC\C s&1%¢qJmE%3B6P߆7kHmx26 ^aJX,,]d  |vCBYp\xt˙v4i^)"i?,UA̖ܔ-f{eBFI?c&Tl)-C̬];/֨AKzji-c|P1W - I0OrG@S9XJqߒLzQ%R> @UK~(.9Oz)Zne6BՁv%ų+i,eBi 5jz?B0|3Q OL8 J̀?hIj:l& _Þyh+\-,+'eoN@2+́ pt ]xTitRڏ͍''`{,v tڠ̠cjе};/wwYN Tu 9I b4z[B|ݜuDY-JMo')ud?w$|\h+I !`o)? X-rODdfrPq-^sa$1Lmԛ'*e"{MN --Չ^ɇOSu"n;:×u7nmt`R vt6p:O:2ޣi9B(Π4Ym{zՀf>g4sgW<`x &^Zfd^bxM,^I>Oޓ 5C6[T錯 cOM!^G6*$; ox*2>g;8n.n^_vN3\c-rɣv&olflۉ{FqJmvy!`ۈ} <+.]ۥY Hs v,'U!*DZ INjXu8npT{}ϫ:JsQt eEY)VRZite 'qNf "&]Yr^\iDY*:cuw,֋\Dw"Oѧ}~e/uYFyK7eՋ k`E B/a: !t _&hoT~N?ԝ}}дc b[/uށz?S+eŅ=M _,檨:m,u޹~{c0W'?[Q1'Ě&aٰi+ h9WZlQO.uvRhyOth쓄ݣE^[T_۸cwlElmұMM9)~(!;3A|͘M-}3MC;|k8#>:$,| kku{qb&%`f/Ų8@#̭Fsu6BkNIpd o$1 dы–5$`i!RTݤ /2ڰ)tPD:TKh c'5̳#W~5^aƒY) slIAȰZgE9=^V`U$٥e6 }{d_ȃpU@:_ۏեR8pE5" N"e>9ӯ$9-,$OR_Q{$eOj`sot[k]m^*U3m13?~_2eOۤ 6}!t9réc2pL7__LJނP`N'xu+dq< 똱ٲN)WV"76%VlfgRԖrMlmj…ݸQBߓrUy;;ʔVq3IJ<>KeKNpHoQ&c!  =g%ro{=\sFx:yUOzog&_j mHzax׽#~|ֿѦOw?@'o3 `}P8fp 'sbEpYH*>z Ilz47 &C&pRh}qhXz7EZЎ~ c4l2R4.pKKKӘb1GWpa=EEGy?Α^'}esw3%6Oa&暻d= xW}lS9I) 15|:m],$yAQvm`Ռ@eJ0MeԄuІnl0k;d;{ι%HH'AdieޡjրUWj.c2D@[[[UmctSZЌ+vZՈ{IתjڲmjG,SuKը7h{XR^Ђ~:?ЍPWU2PBrP+O佖J9t4BӼm*'h11I@Uk5IڴPU^#LȲ 6Euͯ{f@b dK-X>hX7q!CKj#abvwT ]$5/v m͖I~{qG~ݕ! 䗍u1: 0ᄧ0GrN, t؀~cd⟰Q ֲ92c +$cyr ۭi(Ka }0׿~sGVvZfo"WdX8[ b ZI6vjMJ+ #7BQ —?+vvl c{)mb) +Z#.) L֍ߪ=wUxbT?u֋2IUo]L"^ C0͔]~US7tSs ,ed2Jrcפnfx7" \!= ^gJF =?+T^-$Eb5졳0Ltmr{:yn2E$"k]~Pģcn&woޏK0Y>o7 Vbee?كXu3ɻ}نK Q[|B7*x$ߵ*K_ĪMIaL];$4b1vҗ\J;$j!j2Д"w: ҥuI6}0Nvd7lB> _I )6;܎2q8z1f?7CW6u>> GTpLqi8Ot=٠Ά6s4N!;e9)9% ~a/fHB?9M-uM,!UQ Φ >~taaF6q1͋k1nZ#O`GN=;U9z 7k{d1buF,MCoXqYC](>\FE8<+X ڇk+p/8Ԣ0{A1VWv^ [I@!9mcKNR{-)æNDC j-H3Cケ ,9J2vtqF`E`,EN><48SUg"/}Dmx[&bQb5Hq~Reb@.'2E"t&1b w+Q&ժNxF-oΖs]_j"n=xmXr8ħd_wE&*ےO7 "A%b_eg6+Y$LOw߽d궋Ǡ=26-~ƥX=rQdk;϶U{UU^6+w>Wmst^Ku)ew)M}4m1{\A翱2|ccCM"NǍ~/ C8+[geE;\{5w*ӪSϖjZݖQ;<# %y9wAIP^Z A"ER"֪ޥb-O׳o37Qˍ z<'Ẉ'[JwȻѸY+ II;Uj.>`rgzRGjjV>7TxGT [>Mqึ^Mz\ti8 LmkaX'c$S /8YH\Ir'(aZex28⽉BEפ:!dW}eZHmC]Jvl$ Z#f9LCA #hzӪX?_ 2tv_wU1[/W?:#ŲX^ȍm [ͶC=$kRǁu׬̈́iU 2̑7&ޱ)!;ѡC2dZpphtH4J["ǼkC 箆6gQLRޡ;Nڕ$.Q??ܾp'v#u9RBR"3 Qmıt) Mp}ق!G^! j WÑGEm(IPѩv˴|V0zqsRTwmepwI\~Dpֺ" tVdaN8|=W>FL=/v Y_З9ˬCjxEbڵclTH!MZYe[%i2\0]8iRo"YUzP %z}<$ &m@;3c!taz(υ0IN:\1BL y0*jE\[oY䲮/|!?wvqL؈$mVe#Kz{:|a~7"zZvH66!50 ߮‰cqrHΥ3P0NY T~@Arjd-@,8X,QXnjmkUf=Y5_f|p Y?SH獿'2{&쉦>3dc8ւ.+퍀o%HlnW6b<;NBB&AȾ%zزݣ*"*ahSgՇq>> 7Sv` m$ Ɩ/ޤdya;A{%45=Zikb5ŬQ2ue@ݶN[&-"MImOHܚ%;W:Q42 > L; 8hR7?MfRT;j$3$!j'=pI#b)/2]AAoފԱU#O9L 钚 쐆$ ɽAh!+*12΍j%XrU߾+p@GoI@>Pp}$~k݉G> | 3`$Yh]~JڄYe@UJFHKv2-Cx4"s:n4zB+/2D_cgan5l,~37L5Y7+di̚ɮ=<NOtLuԭI)8Sdn#ǜAgB乫"IL#nmO(D`>sbרIòShl/IYD  ]MdRIzBcU(z1b*DnϓSZSS&ƹQ ZFQh8PHBŅdXxGS쁆 ooV4:=M?2gK#^3$Lp?XY<'t-DYWsxQǤdMw`MYQ^jhUt~~TtGt&uVbBL$$D$D$D$ D$8HD$([wvu n볍(1[Ír됍&t&T$1L$9s:B9uÍt&UYlTU>nsg^:B-S:]@kRZJYdT-PPP *< UD @"4ѸP@I11hF^LL#D\; 4|9s\HCϐ_cuBhJ#~,B5-v:n B@lF KA 0W8vhL2`R5|m*\*X} lt &#7 Z)Eyk"a1,Ba4KFp%p9 ǁ1'L*G_8c&uhSFcN q8BRHL*] &,-6i $w%45L0BpY ŽuF)ZApᮠ[T~mVlsܩ3FНEa (T(aT*]JKXZq[h<UbQ^ @ؤ~BጤAk8C8.=)ׁ#ufZRie=7QR&YYa8VzpXw".Fl5Pcb2EhV6|7ŻmKi: "g }ePh6c pWy`yXd:2}Ny NtUra W_g'/BYFUs MB Bn:]\r؆@k݊;RkD 0.:_@nTڠ6Y8kʉvn[/Uئ^QO2`e)ZYN m7[/kD'濏P, `s*lFf??bCfA" /*+V_@yxAAԠ*_U P<sIgݛyym6!!1(DDŊD#RDXT|TcE:v: Zi}e4bQg)y~߹{;s~s9'&.!^!nF.ol] ˧$=ӇK_k0酥y{>*:!^n;VNůyݤ@ \<=dX uޯ'C-4G=5%+3̩q9ޓ?E<2΢M\|@6s~Fx.VOLox)x +#\5 &302#0RGX{ǁh"|՜d Nɺ3)-vOF CEs:Ws2*ЯYn03c݀9VMR5(Pl8#H>QBF옷J#ē<;8bVO̥QӅlC3ս8E|5C?~}KhCt 71ؼ(k Td"CX#/ª%%VFUTF,h)Gn]nQ \ZWje꼚VRCYW*ɚHf%E.,˺ECiMAR[2I8@< x&wНRBel=9q7Ɏ|9Ʒ7㹪œVK++= nvw֮\Σ|ӟV1nvQrk#iʲweZ8NfƳdC&Қ o<@co*H@8P$_p;z)`/[{#95`a t.~JoxQIfdJFU^˩)!YB,x9ੱ=ƎsYva[ȓ˫-LP=TX$k&bi(K\S3OۘGz16wUd {LzG73=dQ8?zƪt*j3؟+| RR* CO>Y:ɑաT)NNv٩}πdZ N3!}þ'f(ʢnv3=ۅ>,QW!)tqBZ0F_JؖQ)uP6{f E,g:[pZq|i;0?DPIS.#V|aC<2:I͉|bSJdU/2nj q{e]غ nr,X"A |l-kx/iJ) ;/}?A>۠qqMԏrg/x2QĖ"o~@g 3%3J[T zFBtaa2E_0a# ΅D:(C^љPMt$ 8N