í«îÛ    xen-4.12.4_06-lp151.2.36.1                                                          Ž­è         <   >     ,     è            ê          ì         dÄ‰ _Ý P¸‹/Ô=½Â„äŠÿQ2ÿÞE„ó[g`âm]t€³%è©Hy	¯ÿhÖÇ¾´q\Ö¢3¯ù‰è«xuäÞ¾¥¶#ö××ºó (Ã+à7Ü1Lc}<¶;C4‘ÞAüÍ2CÇq5?­óÄa'+p¹ànZîKuÇ”sïŸè¨à”‰#t½ÐÕ ×%æÒþNæ!øØzX3¸xÎøê˜(œn÷‰LR©+î¼#n$&#»Þœj(Ot@±nsV§\FG:	`:±÷0H
Ýœ¥O9‡ß£hon-žãµ¾dõAfw¶¹¨LB*;:7>ÿ§dkRdþë)brÕŸ6Ä´çÝ½¯£–q‰™‹þ¾x%¾G   >   ÿÿÿÀ       Ž­è       = ™È   ?    ™¸      d            è           é           ê           ì   	        í   	   V     î     P     ï     T     ñ     `     ò     d     ó     w     ö     €     ÷          ø   	  ¦     ü     ´     ý     ä     þ     ê           ò          L          ˆ     	     ¦     
     Ä                     O          0          l          ·                    (          d          x          ¬          W     (     |     8     „  W  9     à  W  :     $  W  >    ”Ê     F    ”Ò     G    ”è     H    •$     I    •`     X    •p     Y    •x     \    •¨     ]    •ä     ^    –Ä     b    —     c    —Ä     d    ˜W     e    ˜\     f    ˜_     l    ˜a     u    ˜t     v    ˜°     z    ™X     “    ™h     Æ    ™l     ä    ™r     å    ™´   C xen 4.12.4_06 lp151.2.36.1 Xen Virtualization: Hypervisor (aka VMM aka Microkernel) Xen is a virtual machine monitor for x86 that supports execution of
multiple guest operating systems with unprecedented levels of
performance and resource isolation.

This package contains the Xen Hypervisor. (tm)

[Hypervisor is a trademark of IBM] _Ý Pobs-arm-8    ,XZopenSUSE Leap 15.1 openSUSE GPL-2.0-only http://bugs.opensuse.org System/Kernel http://www.cl.cam.ac.uk/Research/SRG/netos/xen/ linux aarch64 if [ -x /sbin/update-bootloader ]; then
    /sbin/update-bootloader --refresh; exit 0
fi            …P  ´ 1x Ž       4         …P         ¡ÿ¡ÿ¡ÿ¤¤¤¤Aí¡ÿAíAí¤¡ÿ¡ÿ¡ÿ                              _Ý (_Ý (_Ý (_Ý (_Ý _Ý (_Ý (_Ý C_Ý C_Ý (_Ý (_Ý (_Ý (_Ý (_Ý (   1d9e36d52ba55804be1230eba9b4e1c8878189a69fa56ad85e379a0c41147c2c 1f0d7bdb53979d31003097aa23e4b6189a332480509c0c6c40131736823b638a ac8fd4801d0040fb1db9e81354231a75d00d5f5291c562c4337a7d8800b350dd 9f5696114a5cb91646d4981c011b989e420012196e82e3a3ef1b256857fe7f3e     1d9e36d52ba55804be1230eba9b4e1c8878189a69fa56ad85e379a0c41147c2c    xen-4.12.4_06-lp151.2.36 xen-4.12.4_06-lp151.2.36 xen-4.12.4_06-lp151.2.36      ../../share/efi/aarch64/xen-4.12.4_06-lp151.2.36.efi    xen-4.12.4_06-lp151.2.36.efi xen-4.12.4_06-lp151.2.36.efi xen-4.12.4_06-lp151.2.36.efi                                                               root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root xen-4.12.4_06-lp151.2.36.1.src.rpm    ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿxen xen(aarch-64)        
   
   
   
   
  
  
  
            /bin/sh coreutils diffutils fillup grep rpmlib(CompressedFileNames) rpmlib(FileDigests) rpmlib(PayloadFilesHavePrefix) rpmlib(PayloadIsXz) systemd systemd systemd systemd      3.0.4-1 4.6.0-1 4.0-1 5.2-1     4.14.1  _Ê$À_ÇÀ_·¯À_·¯À_ª€À_¢—À_ŸôÀ_ŸôÀ_…–À_[fÀ_XÃÀ_Wr@_)MÀ_{À_’À^û)@^ù×À^ð@^Ï§À^ÂxÀ^»á@^•¥À^‹À^s^À^kuÀ^hÒÀ^V]À^M#@^0"@^­@^!@]êBÀ]Õ*À]ÅXÀ]Ád@]”‘@]‘î@]ùÀ]flÀ]M`@]BÔ@]»@]€À]Œ@\ÿ—À\Þ¢@\Ú­À\Ù\@\Æç@\·@\¯,@\«7À\¥ñÀ\£NÀ\š@\˜ÂÀ\’+@\‹“À\†MÀ\†MÀ\À\À\¶@\}@\kïÀ\X)@\Jú@\I¨À\A¿À\?À\=Ë@\9ÖÀ\73À\4À\$¾À\l@[õHÀ[ék@[á‚@[Ð^À[Ð^À[Ã/À[—®@[—®@[…9@[v¸À[WÀ[CN@[<¶À[6@[0Ù@[0Ù@['žÀ[!@[5@ZþÀ@ZýnÀZü@Zõ…ÀZòâÀZñ‘@ZàmÀZÔ@Z»ƒÀZ¸àÀZ—ë@ZÀZ}@Z}@Z}@Z}@Zzê@Zzê@ZoÀZk@ZV @ZS]@ZOhÀZ:PÀZ1@Z.s@Z&Š@ZOÀZOÀZ	ÀZ	ÀZ	ÀZ¸@Z¸@Z}ÀZC@ZñÀYûÀYûÀYóÀYð|ÀYäŸ@YÓ{ÀYÒ*@YÎ5ÀYÊA@Y±4ÀY®‘ÀY¤ÀY¡bÀYœÀYšË@Y”3ÀYœ@YŒJÀYŒJÀYŠù@Y‰§ÀYˆV@Yƒ@Y€m@Yw2ÀYp›@Yl¦ÀYh²@Yh²@YSš@YJ_ÀYI@Y5GÀY0ÀY-^ÀY(ÀY"ÒÀYŒÀY;@YéÀY ÀY¯@YtÀY.ÀXùô@X÷Q@XäÜ@XÛ¡ÀXÒg@XÏÄ@XÆ‰ÀX¿ò@X¸	@X¥”@X«@X›@X“@X‘ÍÀX‰äÀXˆ“@XXÀXwoÀXs{@XlãÀXWËÀXR…ÀXQ4@XEVÀX43@X.í@X*øÀX lÀX&ÀXÕ@XƒÀX½@Wôë@WÖ˜ÀWÖ˜ÀWÍ^@WÉiÀW¼:ÀW¨t@W£.@WŸ9ÀW™óÀW˜¢@WkÏ@Wi,@Wb”ÀWZ«ÀWZ«ÀWZ«ÀWYZ@WV·@WE“ÀWBðÀW=ªÀW;ÀW3ÀW1Í@W1Í@W,‡@W(’ÀW(’ÀW(’ÀW(’ÀW(’ÀW#LÀW×ÀVþbÀVõ(@Vñ3ÀVéJÀVÙxÀVØ'@VÖÕÀVÔ2ÀVÍ›@VÅ²@VÄ`ÀV¼wÀV´ŽÀV´ŽÀV³=@V±ëÀV°š@V¯HÀV¨±@VŸvÀVž%@VœÓÀV–<@V“™@VŽS@VÀV‹°@VŠ^ÀVwéÀVqR@Vn¯@VXEÀVU¢ÀVTQ@VM¹ÀVM¹ÀVM¹ÀVAÜ@V;DÀV9ó@V7P@V0¸ÀV*!@V æÀV•@VCÀV·ÀV·ÀVf@VqÀV”@UùYÀUø@Uð@UîÍÀUÝª@UÓ@U·nÀU®4@U§œÀU¦K@UÀU›¿@U’„ÀU>ÀU‹í@Ux&ÀUnì@U\w@U[%ÀUUßÀUP™ÀUKSÀU>$ÀU6;ÀU%@U€ÀUŒ@UÅÀUÀU .@TìgÀTã-@TÙòÀTÈÏ@T¶Z@T¶Z@T³·@TÀTŽÍ@Tˆ5ÀT†ä@T€LÀT€LÀT~û@Tl†@Tiã@Taú@THíÀT?³@T=@carnold@suse.com carnold@suse.com carnold@suse.com ohering@suse.de carnold@suse.com carnold@suse.com carnold@suse.com ohering@suse.de carnold@suse.com ohering@suse.de ohering@suse.de carnold@suse.com carnold@suse.com carnold@suse.com ohering@suse.de ohering@suse.de carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com James Fehlig <jfehlig@suse.com> carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com ohering@suse.de carnold@suse.com ohering@suse.de carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com Jim Fehlig <jfehlig@suse.com> ohering@suse.de Martin LiÅ¡ka <mliska@suse.cz> ohering@suse.de carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com ohering@suse.de carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com ohering@suse.de carnold@suse.com carnold@suse.com ohering@suse.de ohering@suse.de carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com Jan Engelhardt <jengelh@inai.de> Guillaume GARDET <guillaume.gardet@opensuse.org> Guillaume GARDET <guillaume.gardet@opensuse.org> Bernhard Wiedemann <bwiedemann@suse.com> carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com ohering@suse.de Bernhard Wiedemann <bwiedemann@suse.com> ohering@suse.de carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com trenn@suse.de carnold@suse.com ohering@suse.de ohering@suse.de carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com ohering@suse.de carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com ohering@suse.de carnold@suse.com carnold@suse.com carnold@suse.com ohering@suse.de ohering@suse.de ohering@suse.de ohering@suse.de jfehlig@suse.com ohering@suse.de carnold@suse.com carnold@suse.com ohering@suse.de ohering@suse.de carnold@suse.com carnold@suse.com carnold@suse.com ohering@suse.de carnold@suse.com ohering@suse.de ohering@suse.de carnold@suse.com ohering@suse.de ohering@suse.de ohering@suse.de rbrown@suse.com carnold@suse.com carnold@suse.com ohering@suse.de carnold@suse.com ohering@suse.de carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com ohering@suse.de ohering@suse.de ohering@suse.de ohering@suse.de carnold@suse.com carnold@suse.com carnold@suse.com jfehlig@suse.com ohering@suse.de carnold@suse.com carnold@suse.com ohering@suse.de carnold@suse.com jfehlig@suse.com ohering@suse.de carnold@suse.com carnold@suse.com ohering@suse.de ohering@suse.de carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com jfehlig@suse.com carnold@suse.com carnold@suse.com ohering@suse.de carnold@suse.com carnold@suse.com ohering@suse.de carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com ohering@suse.de carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com ohering@suse.de ohering@suse.de carnold@suse.com carnold@suse.com jfehlig@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com ohering@suse.de ohering@suse.de ohering@suse.de carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com ohering@suse.de jfehlig@suse.com carnold@suse.com ohering@suse.de ohering@suse.de ohering@suse.de carnold@suse.com ohering@suse.de jfehlig@suse.com carnold@suse.com jfehlig@suse.com jfehlig@suse.com carnold@suse.com carnold@suse.com jfehlig@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com ohering@suse.de carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com ohering@suse.de ohering@suse.de carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com jfehlig@suse.com carnold@suse.com carnold@suse.com mlatimer@suse.com carnold@suse.com cyliu@suse.com jfehlig@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com ohering@suse.de carnold@suse.com ohering@suse.de carnold@suse.com ohering@suse.de carnold@suse.com carnold@suse.com jfehlig@suse.com carnold@suse.com carnold@suse.com ohering@suse.de carnold@suse.com ohering@suse.de carnold@suse.com carnold@suse.com carnold@suse.com ohering@suse.de rguenther@suse.com carnold@suse.com carnold@suse.com carnold@suse.com rguenther@suse.com carnold@suse.com meissner@suse.com carnold@suse.com ohering@suse.de carnold@suse.com carnold@suse.com ohering@suse.de ohering@suse.de ohering@suse.de carnold@suse.com ohering@suse.de ohering@suse.de carnold@suse.com ohering@suse.de ohering@suse.de ohering@suse.de ohering@suse.de carnold@suse.com carnold@suse.com carnold@suse.com carnold@suse.com - bsc#1176782 - L3: xl dump-core shows missing nr_pages during
  core. If maxmem and current are the same the issue doesn't happen
  5fca3b32-tools-libs-ctrl-fix-dumping-of-ballooned-guest.patch - bsc#1179496 - VUL-0: CVE-2020-29480: xen: xenstore: watch
  notifications lacking permission checks (XSA-115)
  xsa115-1.patch
  xsa115-2.patch
  xsa115-3.patch
  xsa115-4.patch
  xsa115-5.patch
  xsa115-6.patch
  xsa115-7.patch
  xsa115-8.patch
  xsa115-9.patch
  xsa115-10.patch
- bsc#1179498 - VUL-0: CVE-2020-29481: xen: xenstore: new domains
  inheriting existing node permissions (XSA-322)
  xsa322.patch
- bsc#1179501 - VUL-0: CVE-2020-29484: xen: xenstore: guests can
  crash xenstored via watchs (XSA-324)
  xsa324.patch
- bsc#1179502 - VUL-0: CVE-2020-29483: xen: xenstore: guests can
  disturb domain cleanup (XSA-325)
  xsa325.patch
- bsc#1179506 - VUL-0: CVE-2020-29566: xen: undue recursion in x86
  HVM context switch code (XSA-348)
  xsa348.patch
- bsc#1179514 - VUL-0: CVE-2020-29570: xen: FIFO event channels
  control block related ordering (XSA-358)
  xsa358.patch
- bsc#1179516 - VUL-0: CVE-2020-29571: xen: FIFO event channels
  control structure ordering (XSA-359)
  xsa359.patch
- Upstream bug fixes (bsc#1027519)
  5faa974f-evtchn-rework-per-channel-lock.patch
  5faa978b-evtchn-revert-52e1fc47abc3a0123.patch
  5faac497-xen-arm-Always-trap-AMU-system-registers.patch (Replaces xsa351-3.patch)
  5fbcdf2e-evtchn-FIFO-access-last.patch
  5fbcdf99-x86-DMI-fix-SMBIOS-pointer-check.patch
  5fbd042b-memory-off-by-one-in-XSA-346.patch (Replaces xsa355.patch)
  5fc4ee23-evtchn-FIFO-queue-locking.patch - bsc#1178963 - VUL-0: xen: stack corruption from XSA-346 change
  (XSA-355)
  xsa355.patch - Enhance libxc.migrate_tracking.patch
  Hide SUSEINFO messages from pause/unpause/resume from xl command.
  They are intended for libvirt logging, but lacked info about
  execution context. - bsc#1178591 - VUL-0: CVE-2020-28368: xen: Intel RAPL sidechannel
  attack aka PLATYPUS attack aka XSA-351
  xsa351-1.patch
  xsa351-2.patch
  xsa351-3.patch - Upstream bug fix (bsc#1027519)
  5f92909a-PCI-cleanup-MSI-before-removing-device.patch - Update to Xen 4.12.4 bug fix release (bsc#1027519)
  xen-4.12.4-testing-src.tar.bz2
- Dropped patches contained in new tarball
  5c87be47-libx86-helper-to-deserialise-msr_policy.patch
  5d976da3-libxl-attach-PCI-device-to-qemu-only-after-setting-pciback-pcifront.patch
  5ec2a760-x86-determine-MXCSR-mask-always.patch
  5ec50b05-x86-idle-rework-C6-EOI-workaround.patch
  5ec7dcaa-x86-dont-enter-C6-with-in-service-intr.patch
  5ec7dcf6-x86-dont-enter-C3-C6-with-errata.patch
  5ec82237-x86-extend-ISR-C6-workaround-to-Haswell.patch
  5ece1b91-x86-clear-RDRAND-CPUID-bit-on-AMD-fam-15-16.patch
  5ece8ac4-x86-load_system_tables-NMI-MC-safe.patch
  5eda60cb-SVM-split-recalc-NPT-fault-handling.patch
  5edf6ad8-ioreq-pending-emulation-server-destruction-race.patch
  5edfbbea-x86-spec-ctrl-CPUID-MSR-defs-for-SRBDS.patch
  5edfbbea-x86-spec-ctrl-mitigate-SRBDS.patch
  5ee24d0e-x86-spec-ctrl-document-SRBDS-workaround.patch
  5ef44e0d-x86-PMTMR-use-FADT-flags.patch
  5ef6156a-x86-disallow-access-to-PT-MSRs.patch
  5efcb354-x86-protect-CALL-JMP-straight-line-speculation.patch
  5f046c18-evtchn-dont-ignore-error-in-get_free_port.patch
  5f046c48-x86-shadow-dirty-VRAM-inverted-conditional.patch
  5f046c64-EPT-set_middle_entry-adjustments.patch
  5f046c78-EPT-atomically-modify-ents-in-ept_next_level.patch
  5f046c9a-VT-d-improve-IOMMU-TLB-flush.patch
  5f046cb5-VT-d-prune-rename-cache-flush-funcs.patch
  5f046cca-x86-IOMMU-introduce-cache-sync-hook.patch
  5f046ce9-VT-d-sync_cache-misaligned-addresses.patch
  5f046cfd-x86-introduce-alternative_2.patch
  5f046d1a-VT-d-optimize-CPU-cache-sync.patch
  5f046d2b-EPT-flush-cache-when-modifying-PTEs.patch
  5f046d5c-check-VCPUOP_register_vcpu_info-alignment.patch
  5f1a9916-x86-S3-put-data-sregs-into-known-state.patch
  5f21b9fd-x86-cpuid-APIC-bit-clearing.patch
  5f479d9e-x86-begin-to-support-MSR_ARCH_CAPS.patch
  5f4cf06e-x86-Dom0-expose-MSR_ARCH_CAPS.patch
  5f4cf96a-x86-PV-fix-SEGBASE_GS_USER_SEL.patch
  5f560c42-x86-PV-64bit-segbase-consistency.patch
  5f560c42-x86-PV-rewrite-segment-ctxt-switch.patch
  xsa286-0.patch
  xsa286-1.patch
  xsa286-2.patch
  xsa286-3.patch
  xsa286-4.patch
  xsa286-5.patch
  xsa286-6.patch
  xsa333.patch
  xsa334.patch
  xsa336.patch
  xsa337-1.patch
  xsa337-2.patch
  xsa338.patch
  xsa339.patch
  xsa340.patch
  xsa342.patch
  xsa343-1.patch
  xsa343-2.patch
  xsa343-3.patch
  xsa344-1.patch
  xsa344-2.patch
  xsa345-1.patch
  xsa345-2.patch
  xsa345-3.patch
  xsa346-1.patch
  xsa346-2.patch
  xsa347-1.patch
  xsa347-2.patch - bsc#1177950 - adjust help for --max_iters, default is 5
  libxl.set-migration-constraints-from-cmdline.patch - bsc#1177409 - VUL-0: CVE-2020-27674: xen: x86 PV guest
  INVLPG-like flushes may leave stale TLB entries (XSA-286)
  xsa286-0.patch
  xsa286-1.patch
  xsa286-2.patch
  xsa286-3.patch
  xsa286-4.patch
  xsa286-5.patch
  xsa286-6.patch
- bsc#1177412 - VUL-0: CVE-2020-27672: xen: Race condition in Xen
  mapping code (XSA-345)
  xsa345-1.patch
  xsa345-2.patch
  xsa345-3.patch
- bsc#1177413 - VUL-0: CVE-2020-27671: xen: undue deferral of IOMMU
  TLB flushes (XSA-346)
  xsa346-1.patch
  xsa346-2.patch
- bsc#1177414 - VUL-0: CVE-2020-27670: xen: unsafe AMD IOMMU page
  table updates (XSA-347)
  xsa347-1.patch
  xsa347-2.patch - Escape some % chars in xen.spec, they have to appear verbatim - Enhance libxc.migrate_tracking.patch
  Print number of allocated pages on sending side, this is more
  accurate than p2m_size. - bsc#1176339 - VUL-0: CVE-2020-25602: xen: x86 pv: Crash when
  handling guest access to MSR_MISC_ENABLE (XSA-333)
  xsa333.patch
- bsc#1176341 - VUL-0: CVE-2020-25598: xen: Missing unlock in
  XENMEM_acquire_resource error path (XSA-334)
  xsa334.patch
- bsc#1176343 - VUL-0: CVE-2020-25604: xen: race when migrating
  timers between x86 HVM vCPU-s (XSA-336)
  xsa336.patch
- bsc#1176344 - VUL-0: CVE-2020-25595: xen: PCI passthrough code
  reading back hardware registers (XSA-337)
  xsa337-1.patch
  xsa337-2.patch
- bsc#1176346 - VUL-0: CVE-2020-25597: xen: once valid event
  channels may not turn invalid (XSA-338)
  xsa338.patch
- bsc#1176345 - VUL-0: CVE-2020-25596: xen: x86 pv guest kernel
  DoS via SYSENTER (XSA-339)
  xsa339.patch
- bsc#1176347 - VUL-0: CVE-2020-25603: xen: Missing barrier
  barriers when accessing/allocating an event channel (XSA-340)
  xsa340.patch
- bsc#1176348 - VUL-0: CVE-2020-25600: xen: out of bounds event
  channels available to 32-bit x86 domains (XSA-342)
  xsa342.patch
- bsc#1176349 - VUL-0: CVE-2020-25599: xen: races with
  evtchn_reset() (XSA-343)
  xsa343-1.patch
  xsa343-2.patch
  xsa343-3.patch
- bsc#1176350 - VUL-0: CVE-2020-25601: xen: lack of preemption in
  evtchn_reset() / evtchn_destroy() (XSA-344)
  xsa344-1.patch
  xsa344-2.patch
- Upstream bug fixes (bsc#1027519)
  5c87be47-libx86-helper-to-deserialise-msr_policy.patch
  5f479d9e-x86-begin-to-support-MSR_ARCH_CAPS.patch
  5f4cf06e-x86-Dom0-expose-MSR_ARCH_CAPS.patch
  5f4cf96a-x86-PV-fix-SEGBASE_GS_USER_SEL.patch
  5f560c42-x86-PV-64bit-segbase-consistency.patch
  5f560c42-x86-PV-rewrite-segment-ctxt-switch.patch - Upstream bug fixes (bsc#1027519)
  5ef44e0d-x86-PMTMR-use-FADT-flags.patch
  5ef6156a-x86-disallow-access-to-PT-MSRs.patch
  5efcb354-x86-protect-CALL-JMP-straight-line-speculation.patch
  5f046c18-evtchn-dont-ignore-error-in-get_free_port.patch (Replaces xsa317.patch)
  5f046c48-x86-shadow-dirty-VRAM-inverted-conditional.patch (Replaces xsa319.patch)
  5f046c64-EPT-set_middle_entry-adjustments.patch (Replaces xsa328-1.patch)
  5f046c78-EPT-atomically-modify-ents-in-ept_next_level.patch (Replaces xsa328-2.patch)
  5f046c9a-VT-d-improve-IOMMU-TLB-flush.patch (Replaces xsa321-1.patch)
  5f046cb5-VT-d-prune-rename-cache-flush-funcs.patch (Replaces xsa321-2.patch)
  5f046cca-x86-IOMMU-introduce-cache-sync-hook.patch (Replaces xsa321-3.patch)
  5f046ce9-VT-d-sync_cache-misaligned-addresses.patch (Replaces xsa32141.patch)
  5f046cfd-x86-introduce-alternative_2.patch (Replaces xsa321-5.patch)
  5f046d1a-VT-d-optimize-CPU-cache-sync.patch (Replaces xsa321-6.patch)
  5f046d2b-EPT-flush-cache-when-modifying-PTEs.patch (Replaces xsa321-7.patch)
  5f046d5c-check-VCPUOP_register_vcpu_info-alignment.patch (Replaces xsa327.patch)
  5f1a9916-x86-S3-put-data-sregs-into-known-state.patch
  5f21b9fd-x86-cpuid-APIC-bit-clearing.patch
  5cf8da09-adjust-sysdom-creation-call-earlier-on-x86.patch - bsc#1172356 - Not able to hot-plug NIC via virt-manager, asks to
  attach on next reboot while it should be live attached
  ignore-ip-command-script-errors.patch - Enhance libxc.migrate_tracking.patch
  After transfer of domU memory, the target host has to assemble
  the backend devices. Track the time prior xc_domain_unpause. - Add libxc.migrate_tracking.patch to track live migrations
  unconditionally in logfiles, especially in libvirt.
  This will track how long a domU was suspended during transit. - bsc#1173376 - VUL-0: CVE-2020-15566: xen: XSA-317 - Incorrect
  error handling in event channel port allocation
  xsa317.patch
- bsc#1173377 - VUL-0: CVE-2020-15563: xen: XSA-319 - inverted code
  paths in x86 dirty VRAM tracking
  xsa319.patch
- bsc#1173378 - VUL-0: CVE-2020-15565: xen: XSA-321 - insufficient
  cache write- back under VT-d
  xsa321-1.patch
  xsa321-2.patch
  xsa321-3.patch
  xsa321-4.patch
  xsa321-5.patch
  xsa321-6.patch
  xsa321-7.patch
- bsc#1173380 - VUL-0: CVE-2020-15567: xen: XSA-328 - non-atomic
  modification of live EPT PTE
  xsa328-1.patch
  xsa328-2.patch - bsc#1172205 - VUL-0: CVE-2020-0543: xen: Special Register Buffer
  Data Sampling (SRBDS) aka "CrossTalk" (XSA-320)
  5ee24d0e-x86-spec-ctrl-document-SRBDS-workaround.patch
  5edfbbea-x86-spec-ctrl-CPUID-MSR-defs-for-SRBDS.patch (Replaces xsa320-1.patch)
  5edfbbea-x86-spec-ctrl-mitigate-SRBDS.patch (Replaces xsa320-2.patch)
- Upstream bug fixes (bsc#1027519)
  5ec50b05-x86-idle-rework-C6-EOI-workaround.patch
  5ec7dcaa-x86-dont-enter-C6-with-in-service-intr.patch
  5ec7dcf6-x86-dont-enter-C3-C6-with-errata.patch
  5ec82237-x86-extend-ISR-C6-workaround-to-Haswell.patch
  5ece1b91-x86-clear-RDRAND-CPUID-bit-on-AMD-fam-15-16.patch
  5ece8ac4-x86-load_system_tables-NMI-MC-safe.patch
  5eda60cb-SVM-split-recalc-NPT-fault-handling.patch
  5edf6ad8-ioreq-pending-emulation-server-destruction-race.patch - bsc#1172205 - VUL-0: CVE-2020-0543: xen: Special Register Buffer
  Data Sampling (SRBDS) aka "CrossTalk" (XSA-320)
  xsa320-1.patch
  xsa320-2.patch - Update to Xen 4.12.3 bug fix release (bsc#1027519)
  xen-4.12.3-testing-src.tar.bz2
  5ec2a760-x86-determine-MXCSR-mask-always.patch
- Drop patches contained in new tarball
  5e16fb6a-x86-clear-per-cpu-stub-page-info.patch
  5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch
  5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch
  5e21ce98-x86-time-update-TSC-stamp-after-deep-C-state.patch
  5e286cce-VT-d-dont-pass-bridges-to-domain_context_mapping_one.patch
  5e318cd4-x86-apic-fix-disabling-LVT0.patch
  5e3bd385-EFI-recheck-variable-name-strings.patch
  5e3bd3d1-EFI-dont-leak-heap-VIA-XEN_EFI_get_next_variable_name.patch
  5e3bd3f8-xmalloc-guard-against-overflow.patch
  5e46e090-x86-smp-reset-x2apic_enabled-in-smp_send_stop.patch
  5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch
  5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch
  5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch
  5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch
  5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch
  5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch
  5e846cce-x86-HVM-fix-AMD-ECS-handling-for-Fam10.patch
  5e84905c-x86-ucode-AMD-fix-more-potential-buffer-overruns.patch
  5e86f7b7-credit2-avoid-vCPUs-with-lower-creds-than-idle.patch
  5e86f7fd-credit2-fix-credit-too-few-resets.patch
  5e876b0f-tools-xenstore-fix-use-after-free-in-xenstored.patch
  5e95ad61-xenoprof-clear-buffer-intended-to-be-shared-with-guests.patch
  5e95ad8f-xenoprof-limit-consumption-of-shared-buffer-data.patch
  5e95ae77-Add-missing-memory-barrier-in-the-unlock-path-of-rwlock.patch
  5e95af5e-xen-gnttab-Fix-error-path-in-map_grant_ref.patch
  5e95afb8-gnttab-fix-GNTTABOP_copy-continuation-handling.patch - Advertise support for new 64bit libxl memory APIs introduced by
  patch 5db1be79-libxl-Offer-API-versions-0x040700-and-0x040800.patch
  bsc#1167007 and bsc#1157490 - bsc#1169392 - VUL-0: CVE-2020-11742: xen: Bad continuation
  handling in GNTTABOP_copy (XSA-318)
  5e95afb8-gnttab-fix-GNTTABOP_copy-continuation-handling.patch - bsc#1168140 - VUL-0: CVE-2020-11740, CVE-2020-11741: xen: XSA-313
  multiple xenoprof issues
  5e95ad61-xenoprof-clear-buffer-intended-to-be-shared-with-guests.patch
  5e95ad8f-xenoprof-limit-consumption-of-shared-buffer-data.patch
- bsc#1168142 - VUL-0: CVE-2020-11739: xen: XSA-314 - Missing
  memory barriers in read-write unlock paths
  5e95ae77-Add-missing-memory-barrier-in-the-unlock-path-of-rwlock.patch
- bsc#1168143 - VUL-0: CVE-2020-11743: xen: XSA-316 - Bad error
  path in GNTTABOP_map_grant
  5e95af5e-xen-gnttab-Fix-error-path-in-map_grant_ref.patch
- bsc#1167152 - L3: Xenstored Crashed during VM install Need Core
  analyzed
  5e876b0f-tools-xenstore-fix-use-after-free-in-xenstored.patch
- bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog
  bug soft lockup CPU #0 stuck under high load / upstream with
  workaround. See also bsc#1134506
  5e86f7b7-credit2-avoid-vCPUs-with-lower-creds-than-idle.patch
  5e86f7fd-credit2-fix-credit-too-few-resets.patch
- Drop for upstream solution (bsc#1165206)
  01-xen-credit2-avoid-vcpus-to.patch
  02-xen-credit2-fix-runq-cand-skip.patch
- Upstream bug fixes (bsc#1027519)
  5e6f53dd-AMD-IOMMU-fix-off-by-one-get_paging_mode.patch
  5e7cfb29-x86-ucode-fix-error-paths-in-apply_microcode.patch
  5e7dd83b-libx86-CPUID-fix-not-just-leaf-7.patch
  5e7dfbf6-x86-ucode-AMD-potential-buffer-overrun-equiv-tab.patch
  5e846cce-x86-HVM-fix-AMD-ECS-handling-for-Fam10.patch
  5e84905c-x86-ucode-AMD-fix-more-potential-buffer-overruns.patch - Update API compatibility versions. Fixes issues for libvirt.
  See bsc#1167007 and bsc#1157490 - bsc#1155200 - L3: L3-Support: aacraid blocks xen commands - ref:
  _00D1igLOd._5001iIvV1f:ref
  5d976da3-libxl-attach-PCI-device-to-qemu-only-after-setting-pciback-pcifront.patch - bsc#1165206 - Xen 4.12 DomU hang / freeze / stall / NMI watchdog
  bug soft lockup CPU #0 stuck under high load / upstream with
  workaround. See also bsc#1134506
  01-xen-credit2-avoid-vcpus-to.patch
  02-xen-credit2-fix-runq-cand-skip.patch - bsc#1160932 - VUL-0: xen: XSA-312 v1: arm: a CPU may speculate
  past the ERET instruction
  5e1dcedd-Arm-place-speculation-barrier-after-ERET.patch
- Upstream bug fixes (bsc#1027519)
  5e21ce98-x86-time-update-TSC-stamp-after-deep-C-state.patch
  5e286cce-VT-d-dont-pass-bridges-to-domain_context_mapping_one.patch
  5e318cd4-x86-apic-fix-disabling-LVT0.patch
  5e3bd385-EFI-recheck-variable-name-strings.patch
  5e3bd3d1-EFI-dont-leak-heap-VIA-XEN_EFI_get_next_variable_name.patch
  5e3bd3f8-xmalloc-guard-against-overflow.patch
  5e46e090-x86-smp-reset-x2apic_enabled-in-smp_send_stop.patch
  5e4c00ef-VT-d-check-full-RMRR-for-E820-reserved.patch
  5e4ec20e-x86-virtualise-MSR_PLATFORM_ID-properly.patch
- Drop 5e1dd8f3-Arm-fix-build-after-892b9dcebdb7.patch - Fix broken ARM build
  5e1dd8f3-Arm-fix-build-after-892b9dcebdb7.patch - bsc#1162040 - L3: Problems Booting Fedora31 VM on sles15 sp1 Xen
  Dom0
  5d53ed45-pygrub-Failing-to-set-value-to-0-in-Grub2ConfigFile.patch - Upstream bug fixes (bsc#1027519)
  5e16fb6a-x86-clear-per-cpu-stub-page-info.patch
  5e1da013-IRQ-u16-is-too-narrow-for-evtchn.patch - Update to Xen 4.12.2 bug fix release (bsc#1027519)
  xen-4.12.2-testing-src.tar.bz2
- Drop patches contained in new tarball
  5d419d49-x86-spec-ctrl-report-proper-status.patch
  5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch
  5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch
  5d4afa7a-credit2-fix-memory-leak.patch
  5d4d850a-introduce-bss-percpu-page-aligned.patch
  5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch
  5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch
  5d6524ca-x86-mm-correctly-init-M2P-entries.patch
  5d67ceaf-x86-properly-gate-PKU-clearing.patch
  5d70bfba-x86-shadow-dont-enable-with-too-small-allocation.patch
  5d779811-x86-fix-CPUID7-0-eax-levelling-MSR.patch
  5d77b40f-fix-hvm_all_ioreq_servers_add_vcpu-cleanup.patch
  5d80ea13-vpci-honor-read-only-devices.patch
  5d89d8d9-libxc-x86-avoid-overflow-in-CPUID-APIC-ID.patch
  5d8b715f-ACPI-cpuidle-bump-max-num-of-states.patch
  5d8ce179-sched-dont-leak-XEN_RUNSTATE_UPDATE.patch
  5d947b01-x86-crash-force-unlock-console.patch
  5d948bdb-IOMMU-add-missing-HVM-check.patch
  5d9ef2a1-EFI-deref-pointer-in-set_color.patch
  5d9ef2c5-EFI-gfx-mode-for-MB2-boot.patch
  5d9ef2ef-PCI-clear-maskall-fields-on-assign.patch
  5d9f454a-x86-EFI-pixel-reserved-0.patch
  5db07974-x86-update-time-info-on-TSC-adjustments.patch
  5db2b4a2-x86-is_xen_fixed_mfn-off-by-1.patch
  5db892ac-VT-x-correct-BDF93-workaround.patch
  5db892ac-VT-x-fix-Haswell-Broadwell-LBR-TSX-errata.patch
  5dbaf89f-dont-use-BUG-for-parameter-checking.patch
  5dbaf8e0-x86-PV-check-GDT-LDT-limits-during-emulation.patch
  5dbaf990-x86-mm-L1TF-checks-dont-leave-partial-entry.patch
  5dbaf9b2-x86-mm-dont-re-set-PGT_pinned-on-partial-page.patch
  5dbaf9ce-x86-mm-split-partial_pte-tristate.patch
  5dbaf9f5-x86-mm-use-flags-for-_put_page_type.patch
  5dbafa13-x86-mm-rework-get_page_and_type_from_mfn-conditional.patch
  5dbafa46-x86-mm-alloc_lN_table-clear-partial_flags-when-preempting.patch
  5dbafa5c-x86-mm-always-retain-general-ref-on-partial.patch
  5dbafa7f-x86-mm-collapse-PTF_partial_.patch
  5dbafaa4-x86-mm-properly-handle-linear-pt-promotion-failure.patch
  5dbafabd-x86-mm-fix-nested-devalidation-on-error.patch
  5dbafad5-x86-mm-dont-drop-type-ref-unless.patch
  5dbafb0d-Arm-p2m-avoid-aliasing-guest-physical-frame.patch
  5dbafb4e-Arm-p2m-avoid-off-by-1-check-on-max_mapped_gfn.patch
  5dbafb72-Arm-p2m-dont-check-p2m_get_root_pointer-ret-with-BUG_ON.patch
  5dbafba5-passthrough-quarantine-PCI-devices.patch
  5dbafbda-Arm32-entry-Split-__DEFINE_ENTRY_TRAP.patch
  5dbafbfd-Arm32-entry-fold-SAVE_ALL-into-vector-macro.patch
  5dbafc3a-Arm32-dont-unmask-interrupts-on-trap-without-level-change.patch
  5dbafc4f-Arm64-dont-unmask-interrupts-on-trap-without-level-change.patch
  5dbc0d64-x86-fix-CONFIG_PV-build-following-XSA-299.patch
  5dca846c-x86-fix-clear_IO_APIC_pin-raw-writes.patch
  5dca84a2-AMD-IOMMU-dont-needlessly-trigger-errors-on-unmap.patch
  5dcae816-VT-d-hide-superpages-for-SandyBridge.patch
  5dcae816-VT-x-runtime-modification-of-exec-sp.patch
  5dcae816-VT-x-work-around-executable-EPT-superpages.patch
  5dcae816-x86-introduce-tsx-option.patch
  5dcae816-x86-spec-ctrl-mitigate-TAA.patch
  5dd6b229-add-va_end-to-hypercall_create_continuation.patch
  5dd8126b-x86-vLAPIC-allow-APIC_SPIV_FOCUS_DISABLED.patch
  5dd93ce0-vVMX-fix-livelock-with-XSA-304-fix.patch
  5ddbb3d3-x86-mm-adjust-linear-usage-accounting.patch
  5ddcff90-libxc-x86-dont-bump-ApicIdCoreSize-past-7.patch
  5ddd2555-IOMMU-always-quarantine-PCI-devs.patch
  5ddd25f9-EFI-fix-efi=attr-handling.patch
  5ddfa851-VMX-always-sync-PIR-to-IRR.patch
  5ddfd62b-x86-internal-IRQs-honor-PEOI-stack.patch
  5de0007e-SVM-always-intercept-ICEBP.patch
  5de0007e-SVM-write-correct-eip-into-outgoing-task.patch
  5de0007e-VMX-early-task-switch-failures-semantics.patch
  5de1632a-x86-IOMMU-scratch-page-in-quarantine-dom.patch
  5de19115-rationalize-max-grant_frames-maptrack_frames.patch
  5de52a86-x86-PSR-dont-write-out-of-range-COS.patch
  5de65f84-gnttab-map-always-do-IOMMU-part.patch
  5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch
  xsa307.patch
  xsa308.patch
  xsa309.patch
  xsa310-1.patch
  xsa310-2.patch
  xsa310-3.patch
  xsa311.patch - bsc#1158003 - VUL-0: CVE-2019-19581,CVE-2019-19582: xen: XSA-307
  - find_next_bit() issues
  xsa307.patch
- bsc#1158004 - VUL-0: CVE-2019-19583: xen: XSA-308 - VMX: VMentry
  failure with debug exceptions and blocked states
  xsa308.patch
- bsc#1158005 - VUL-0: CVE-2019-19578: xen: XSA-309 - Linear
  pagetable use / entry miscounts
  xsa309.patch
- bsc#1158006 - VUL-0: CVE-2019-19580: xen: XSA-310 - Further
  issues with restartable PV type change operations
  xsa310-1.patch
  xsa310-2.patch
  xsa310-3.patch
- bsc#1158007 - VUL-0: CVE-2019-19577: xen: XSA-311 - dynamic
  height for the IOMMU pagetables
  xsa311.patch
- Upstream bug fixes (bsc#1027519)
  5dd6b229-add-va_end-to-hypercall_create_continuation.patch
  5dd8126b-x86-vLAPIC-allow-APIC_SPIV_FOCUS_DISABLED.patch
  5dd93ce0-vVMX-fix-livelock-with-XSA-304-fix.patch
  5ddbb3d3-x86-mm-adjust-linear-usage-accounting.patch
  5ddcff90-libxc-x86-dont-bump-ApicIdCoreSize-past-7.patch
  5ddd2555-IOMMU-always-quarantine-PCI-devs.patch (Replaces xsa306.patch)
  5ddd25f9-EFI-fix-efi=attr-handling.patch
  5ddfa851-VMX-always-sync-PIR-to-IRR.patch
  5ddfd62b-x86-internal-IRQs-honor-PEOI-stack.patch
  5de0007e-VMX-early-task-switch-failures-semantics.patch
  5de0007e-SVM-always-intercept-ICEBP.patch
  5de0007e-SVM-write-correct-eip-into-outgoing-task.patch
  5de1632a-x86-IOMMU-scratch-page-in-quarantine-dom.patch
  5de19115-rationalize-max-grant_frames-maptrack_frames.patch
  5de52a86-x86-PSR-dont-write-out-of-range-COS.patch
  5de65f84-gnttab-map-always-do-IOMMU-part.patch
  5de65fc4-x86-avoid-HPET-use-on-certain-Intel.patch - bsc#1157047 - PCI passthrough failed on AMD machine xen host
  5dca846c-x86-fix-clear_IO_APIC_pin-raw-writes.patch
  5dca84a2-AMD-IOMMU-dont-needlessly-trigger-errors-on-unmap.patch
- bsc#1157888 - - VUL-0: xen: Device quarantine for alternate pci
  assignment methods
  xsa306.patch
- Upstream bug fixes (bsc#1027519)
  5dcae816-VT-x-runtime-modification-of-exec-sp.patch
  5dcae816-VT-d-hide-superpages-for-SandyBridge.patch (Replaces xsa304-1.patch)
  5dcae816-VT-x-work-around-executable-EPT-superpages.patch (Replaces xsa304-2.patch)
  5dcae816-x86-introduce-tsx-option.patch (Replaces xsa305-1.patch)
  5dcae816-x86-spec-ctrl-mitigate-TAA.patch (Replaces xsa305-2.patch) - Minor adjustments to these security patches for bsc#1155945 and
  bsc#1152497
  xsa304-1.patch
  xsa304-2.patch
  xsa305-1.patch
  xsa305-2.patch - bsc#1154448 - VUL-0: CVE-2019-18420: xen: XSA-296:
  VCPUOP_initialise DoS
  5dbaf89f-dont-use-BUG-for-parameter-checking.patch
- bsc#1154456 - VUL-0: CVE-2019-18425: xen: XSA-298: missing
  descriptor table limit checking in x86 PV emulation
  5dbaf8e0-x86-PV-check-GDT-LDT-limits-during-emulation.patch
- bsc#1154458 - VUL-0: CVE-2019-18421: xen: XSA-299: Issues with
  restartable PV type change operations
  5dbaf990-x86-mm-L1TF-checks-dont-leave-partial-entry.patch
  5dbaf9b2-x86-mm-dont-re-set-PGT_pinned-on-partial-page.patch
  5dbaf9ce-x86-mm-split-partial_pte-tristate.patch
  5dbaf9f5-x86-mm-use-flags-for-_put_page_type.patch
  5dbafa13-x86-mm-rework-get_page_and_type_from_mfn-conditional.patch
  5dbafa46-x86-mm-alloc_lN_table-clear-partial_flags-when-preempting.patch
  5dbafa5c-x86-mm-always-retain-general-ref-on-partial.patch
  5dbafaa4-x86-mm-properly-handle-linear-pt-promotion-failure.patch
  5dbafabd-x86-mm-fix-nested-devalidation-on-error.patch
  5dbafad5-x86-mm-dont-drop-type-ref-unless.patch
  5dbc0d64-x86-fix-CONFIG_PV-build-following-XSA-299.patch
- bsc#1154460 - VUL-0: CVE-2019-18423: xen: XSA-301: add-to-physmap
  can be abused to DoS Arm hosts
  5dbafb0d-Arm-p2m-avoid-aliasing-guest-physical-frame.patch
  5dbafb4e-Arm-p2m-avoid-off-by-1-check-on-max_mapped_gfn.patch
  5dbafb72-Arm-p2m-dont-check-p2m_get_root_pointer-ret-with-BUG_ON.patch
- bsc#1154461 - VUL-0: CVE-2019-18424: xen: XSA-302: passed through
  PCI devices may corrupt host memory after deassignment
  5dbafba5-passthrough-quarantine-PCI-devices.patch
- bsc#1154464 - VUL-0: CVE-2019-18422: xen: XSA-303: ARM:
  Interrupts are unconditionally unmasked in exception handlers
  5dbafbda-Arm32-entry-Split-__DEFINE_ENTRY_TRAP.patch
  5dbafbfd-Arm32-entry-fold-SAVE_ALL-into-vector-macro.patch
  5dbafc3a-Arm32-dont-unmask-interrupts-on-trap-without-level-change.patch
  5dbafc4f-Arm64-dont-unmask-interrupts-on-trap-without-level-change.patch
- bsc#1155945 - VUL-0: CVE-2018-12207: xen: Machine Check Error
  Avoidance on Page Size Change (aka IFU issue)
  xsa304-1.patch
  xsa304-2.patch
- bsc#1152497 - VUL-0: CVE-2019-11135: xen: XSA-305: TSX
  Asynchronous Abort (TAA) issue
  xsa305-1.patch
  xsa305-2.patch
- Upstream bug fixes (bsc#1027519)
  5d9ef2a1-EFI-deref-pointer-in-set_color.patch
  5d9f454a-x86-EFI-pixel-reserved-0.patch
  5db2b4a2-x86-is_xen_fixed_mfn-off-by-1.patch
  5d9ee2f0-AMD-IOMMU-allocate_buffer-avoid-memset.patch
  5db892ac-VT-x-fix-Haswell-Broadwell-LBR-TSX-errata.patch
  5d948bdb-IOMMU-add-missing-HVM-check.patch
  5d9ee312-AMD-IOMMU-prefill-all-DTEs.patch
  5d9ef2c5-EFI-gfx-mode-for-MB2-boot.patch
  5db892ac-VT-x-correct-BDF93-workaround.patch
  5d947b01-x86-crash-force-unlock-console.patch
  5d8ce179-sched-dont-leak-XEN_RUNSTATE_UPDATE.patch
  5d9ef2ef-PCI-clear-maskall-fields-on-assign.patch
  5d9ee2a8-AMD-IOMMU-alloc-1-devtab-per-PCI-seg.patch
  5db07974-x86-update-time-info-on-TSC-adjustments.patch
  5dbafa7f-x86-mm-collapse-PTF_partial_.patch - bsc#1120095 - add code to change LIBXL_HOTPLUG_TIMEOUT at runtime
  The included README has details about the impact of this change
  libxl.LIBXL_HOTPLUG_TIMEOUT.patch - bsc#1135799 - Partner-L3: Xen crashes on AMD ROME based machines
  5ca7660f-x86-entry-drop-unused-includes.patch
  5cf8da09-adjust-sysdom-creation-call-earlier-on-x86.patch
  5cab2a6b-x86-ACPI-also-parse-AMD-tables-early.patch
  5cab2ab7-x86-IOMMU-introduce-init-ops.patch
  5cab2ae8-x86-IOMMU-abstract-iommu_supports_eim.patch
  5cab2b4e-x86-IOMMU-abstract-iommu_enable_x2apic_IR.patch
  5cab2b95-x86-IOMMU-initialize-iommu_ops-in.patch
  5cac9a4b-x86-IOMMU-abstract-adjust_vtd_irq_affinities.patch
  5cdeac7f-AMD-IOMMU-adjust-IOMMU-list-head-init.patch
  5d0cf4e4-AMD-IOMMU-initialize-IRQ-tasklet-once.patch
  5d149bb0-AMD-IOMMU-dont-add-IOMMUs.patch
  5d1b3fab-AMD-IOMMU-restrict-feature-logging.patch
  5d358508-x86-IRQ-desc-affinity-represents-request.patch
  5d358534-x86-IRQ-consolidate-arch-cpu_mask-use.patch
  5d358a67-AMD-IOMMU-pass-IOMMU-to-iterate_ivrs_entries-cb.patch
  5d358a92-AMD-IOMMU-pass-IOMMU-to-amd_iommu_alloc_intremap_table.patch
  5d39811c-x86-IOMMU-dont-restrict-IRQ-affinities.patch
  5d417813-AMD-IOMMU-bitfield-extended-features.patch
  5d417838-AMD-IOMMU-bitfield-control-reg.patch
  5d41785b-AMD-IOMMU-bitfield-IRTE.patch
  5d41787e-AMD-IOMMU-pass-IOMMU-to-gfu-intremap-entry.patch
  5d4178ad-AMD-IOMMU-128bit-non-guest-APIC-IRTE.patch
  5d4178fc-AMD-IOMMU-split-amd_iommu_init_one.patch
  5d41793f-AMD-IOMMU-allow-enabling-without-IRQ.patch
  5d417a16-AMD-IOMMU-adjust-IRQ-setup-for-x2APIC.patch
  5d417ab6-AMD-IOMMU-enable-x2APIC-mode.patch
  5d417b38-AMD-IOMMU-correct-IRTE-updating.patch
  5d417b6a-AMD-IOMMU-dont-needlessly-log-headers.patch
  5d4a9d25-AMD-IOMMU-drop-not-found-message.patch
  5d80e7c0-AMD-IOMMU-free-shared-IRT-once.patch
  5d80e80d-AMD-IOMMU-valid-flag-for-IVRS-mappings.patch
  5d80e82e-AMD-IOMMU-alloc_intremap_table-callers-handle-errors.patch
  5d80e857-x86-PCI-read-MSI-X-table-entry-count-early.patch
  5d8b72e5-AMD-IOMMU-dont-blindly-alloc-intremap-tables.patch
  5d8b730e-AMD-IOMMU-phantom-funcs-share-intremap-tables.patch
  5d8b733b-x86-PCI-read-max-MSI-vector-count-early.patch
  5d8b736d-AMD-IOMMU-replace-INTREMAP_ENTRIES.patch
  5d8b7393-AMD-IOMMU-restrict-intremap-table-sizes.patch
- bsc#1145240 - [Migration]Can't pre-allocate 1 shadow pages
  5d70bfba-x86-shadow-dont-enable-with-too-small-allocation.patch
- bsc#1137717 - [HPS Bug] Unable to install Windows Server 2016
  with 2 CPUs setting (or above) under SLES12 SP4 Xen Server on AMD
  ROME platform
  5d89d8d9-libxc-x86-avoid-overflow-in-CPUID-APIC-ID.patch
- Upstream bug fixes (bsc#1027519)
  5d67ceaf-x86-properly-gate-PKU-clearing.patch
  5d779811-x86-fix-CPUID7-0-eax-levelling-MSR.patch
  5d77b40f-fix-hvm_all_ioreq_servers_add_vcpu-cleanup.patch
  5d80ea13-vpci-honor-read-only-devices.patch
  5d8b715f-ACPI-cpuidle-bump-max-num-of-states.patch - bsc#1145774 - Libivrtd segfaults when trying to live migrate a VM
  Fix crash in an error path of libxl_domain_suspend with
  libxl.helper_done-crash.patch - Upstream bug fixes (bsc#1027519)
  5d419d49-x86-spec-ctrl-report-proper-status.patch
  5d43253c-x86-ucode-always-collect_cpu_info-at-boot.patch
  5d4aa36f-x86-apic-enable-x2APIC-mode-earlier.patch
  5d4afa7a-credit2-fix-memory-leak.patch
  5d4d850a-introduce-bss-percpu-page-aligned.patch
  5d516531-x86-xpti-dont-leak-TSS-adjacent-data.patch
  5d5bf475-x86-PV-fix-handling-of-iommu-mappings.patch
  5d6524ca-x86-mm-correctly-init-M2P-entries.patch
- Drop 5d419d49-x86-spec-ctrl-facilities-report-wrong-status.patch - Update to Xen 4.12.1 bug fix release (bsc#1027519)
  xen-4.12.1-testing-src.tar.bz2
- Drop patches contained in new tarball
  5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch
  5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch
  5c87b6c8-drop-arch_evtchn_inject.patch
  5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch
  5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch
  5c8f752c-x86-e820-build-with-gcc9.patch
  5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch
  5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch
  5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch
  5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch
  5c9e63c5-credit2-SMT-idle-handling.patch
  5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch
  5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch
  5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch
  5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch
  5cd921fb-trace-fix-build-with-gcc9.patch
  5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch
  5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch
  5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch
  5cd926d0-bitmap_fill-zero-sized.patch
  5cd92724-drivers-video-drop-constraints.patch
  5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch
  5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch
  5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch
  5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch
  5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch
  5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch
  5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch
  5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch
  5cdeb9fd-sched-fix-csched2_deinit_pdata.patch
  5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch
  5cf0f6a4-x86-vhpet-resume-avoid-small-diff.patch
  5cf16e51-x86-spec-ctrl-Knights-retpoline-safe.patch
  5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch
  5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch
  5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch
  5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch
  5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch
  5d03a0c4-6-Arm64-cmpxchg-simplify.patch
  5d03a0c4-7-Arm32-cmpxchg-simplify.patch
  5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch
  5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch
  5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch
  5d03a0c4-B-bitops-guest-helpers.patch
  5d03a0c4-C-cmpxchg-guest-helpers.patch
  5d03a0c4-D-use-guest-atomics-helpers.patch
  5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch
  5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch
- Refreshed patches
  libxl.pvscsi.patch - bsc#1143563 - Speculative mitigation facilities report wrong status
  5d419d49-x86-spec-ctrl-facilities-report-wrong-status.patch - bsc#1138563 - L3: xenpvnetboot improperly ported to Python 3
  fix-xenpvnetboot.patch - bsc#1138294 - VUL-0: CVE-2019-17349: XSA-295: Unlimited Arm
  Atomics Operations
  5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch
  5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch
  5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch
  5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch
  5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch
  5d03a0c4-6-Arm64-cmpxchg-simplify.patch
  5d03a0c4-7-Arm32-cmpxchg-simplify.patch
  5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch
  5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch
  5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch
  5d03a0c4-B-bitops-guest-helpers.patch
  5d03a0c4-C-cmpxchg-guest-helpers.patch
  5d03a0c4-D-use-guest-atomics-helpers.patch
  5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch
  5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch
- Upstream bug fixes (bsc#1027519)
  5c87b6c8-drop-arch_evtchn_inject.patch
  5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch
  5cd921fb-trace-fix-build-with-gcc9.patch
  5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch
  5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch
  5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch
  5cd926d0-bitmap_fill-zero-sized.patch
  5cd92724-drivers-video-drop-constraints.patch
  5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch (Replaces xsa297-0a.patch)
  5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch (Replaces xsa297-0b.patch)
  5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch (Replaces xsa297-0c.patch)
  5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch (Replaces xsa297-0d.patch)
  5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch (Replaces xsa297-1.patch)
  5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch (Replaces xsa297-2.patch)
  5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch (Replaces xsa297-3.patch)
  5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch
  5cdeb9fd-sched-fix-csched2_deinit_pdata.patch
  5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch
  5cf0f6a4-x86-vhpet-resume-avoid-small-diff.patch
  5cf16e51-x86-spec-ctrl-Knights-retpoline-safe.patch - Fix some outdated information in the readme
  README.SUSE - spec: xen-tools: require matching version of xen package
  bsc#1137471 - Remove two stale patches
  xen.build-compare.man.patch
  xenpaging.doc.patch - Disable LTO (boo#1133296). - Remove arm32 from ExclusiveArch to fix build - bsc#1111331 - VUL-0: CPU issues Q2 2019 aka "Group 4".
  CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
  xsa297-0a.patch
  xsa297-0b.patch
  xsa297-0c.patch
  xsa297-0d.patch
  xsa297-1.patch
  xsa297-2.patch
  xsa297-3.patch
- Update 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch and
  drop 5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch
  Refresh 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch - bsc#1131811 - [XEN] internal error: libxenlight failed to create
  new domain. This patch is a workaround for a systemd issue. See
  patch header for additional comments.
  xenstore-launch.patch - bsc#1125378 - [xen][pygrub] Can not restore sle11sp4 pv guest
  after upgrading host from sle11sp4 to sle15sp1
  pygrub-python3-conversion.patch
- Fix "TypeError: virDomainDefineXML() argument 2 must be str or
  None, not bytes" when converting VMs from using the xm/xend
  toolstack to the libxl/libvirt toolstack. (bsc#1123378)
  xen2libvirt.py - bsc#1124560 - Fully virtualized guests crash on boot
  5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch
- bsc#1121391 - GCC 9: xen build fails
  5c8f752c-x86-e820-build-with-gcc9.patch
- Upstream bug fixes (bsc#1027519)
  5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch
  5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch
  5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch
  5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch
  5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch
  5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch
  5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch
  5c9e63c5-credit2-SMT-idle-handling.patch
  5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch
  5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch
  5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch
  5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch - Install pkgconfig files into libdir instead of datadir - Update to Xen 4.12.0 FCS release (fate#325107, fate#323901)
  xen-4.12.0-testing-src.tar.bz2
  * HVM/PVH and PV only Hypervisor: The Xen 4.12 release separates
    the HVM/PVH and PV code paths in Xen and provides KCONFIG
    options to build a PV only or HVM/PVH only hypervisor.
  * QEMU Deprivilege (DM_RESTRICT): In Xen 4.12, this feature has
    been vastly improved.
  * Argo - Hypervisor-Mediated data eXchange: Argo is a new inter-
    domain communication mechanism.
  * Improvements to Virtual Machine Introspection: The VMI subsystem
    which allows detection of 0-day vulnerabilities has seen many
    functional and performance improvements.
  * Credit 2 Scheduler: The Credit2 scheduler is now the Xen Project
    default scheduler.
  * PVH Support: Grub2 boot support has been added to Xen and Grub2.
  * PVH Dom0: PVH Dom0 support has now been upgraded from experimental
    to tech preview.
  * The Xen 4.12 upgrade also includes improved IOMMU mapping code,
    which is designed to significantly improve the startup times of
    AMD EPYC based systems.
  * The upgrade also features Automatic Dom0 Sizing which allows the
    setting of Dom0 memory size as a percentage of host memory (e.g.
    10%) or with an offset (e.g. 1G+10%). - bsc#1130485 - Please drop Requires on multipath-tools in
  xen-tools. Now using Recommends multipath-tools.
  xen.spec - Update to Xen 4.12.0 RC7 release (fate#325107, fate#323901)
  xen-4.12.0-testing-src.tar.bz2 - Update to Xen 4.12.0 RC6 release (fate#325107, fate#323901)
  xen-4.12.0-testing-src.tar.bz2 - bsc#1026236 - add Xen cmdline option "suse_vtsc_tolerance" to
  avoid TSC emulation for HVM domUs if their expected frequency
  does not match exactly the frequency of the receiving host
  xen.bug1026236.suse_vtsc_tolerance.patch - Update to Xen 4.12.0 RC5 release (fate#325107, fate#323901)
  xen-4.12.0-testing-src.tar.bz2 - jsc#SLE-3059 - Disable Xen auto-ballooning
- Add CONFIG_DOM0_MEM to the spec file for managing dom0 memory.
  xen.spec
- Disable autoballooning in xl.con
  xl-conf-disable-autoballoon.patch - Update gcc9-ignore-warnings.patch to fix build in SLE12 - bsc#1126325 - fix crash in libxl in error path
  Setup of grant_tables and other variables may fail
  libxl.prepare-environment-for-domcreate_stream_done.patch - bsc#1127620 - Documentation for the xl configuration file allows
  for firmware=pvgrub64 but we don't ship pvgrub64.
  Create a link from grub.xen to pvgrub64
  xen.spec - Update to Xen 4.12.0 RC4 release (fate#325107, fate#323901)
  xen-4.12.0-testing-src.tar.bz2
- Tarball also contains additional post RC4 security fixes for
  Xen Security Advisories 287, 288, and 290 through 294. - Update to Xen 4.12.0 RC3 release (fate#325107, fate#323901)
  xen-4.12.0-testing-src.tar.bz2 - Update to Xen 4.12.0 RC2 release (fate#325107, fate#323901)
  xen-4.12.0-testing-src.tar.bz2 - bsc#1121391 - GCC 9: xen build fails
  gcc9-ignore-warnings.patch - bsc#1122563 - Virtualization/xen: Bug no Xen on boot, missing
  /proc/xen, after 4.11 -> 4.12 upgrade on X86_64/efi.
  Keep xen.efi in /usr/lib64/efi for booting older distros.
  xen.spec - fate#326960: Package grub2 as noarch.
  As part of the effort to have a unified bootloader across
  architectures, modify the xen.spec file to move the Xen efi files
  to /usr/share/efi/$(uname -m) from /usr/lib64/efi. - Update to Xen 4.12.0 RC1 release (fate#325107, fate#323901)
  xen-4.12.0-testing-src.tar.bz2
- Drop
  5b505d59-tools-xentop-replace-use-of-deprecated-vwprintw.patch
  5b76ec82-libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch
  5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch
  5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch
  5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch
  5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch
  5b9784d2-x86-HVM-add-known_gla-helper.patch
  5b9784f2-x86-HVM-split-page-straddling-accesses.patch
  5bdc31d5-VMX-fix-vmx_handle_eoi.patch
  gcc8-fix-array-warning-on-i586.patch
  gcc8-fix-format-warning-on-i586.patch
  gcc8-inlining-failed.patch
  xen.bug1079730.patch - bsc#1121960 - xen: sync with Factory
  xen.spec
  xen.changes - Replace old $RPM_* shell vars.
- Run fdupes for all architectures, and not crossing
  subvolume boundaries. - Do not run %fdupes on aarch64 to avoid the hardlink-across-partition
  rpmlint error - Require qemu-seabios only on x86* as it is not available on non-x86
  systems - Avoid creating dangling symlinks (bsc#1116524)
  This reverts the revert of tmp_build.patch - Update to Xen 4.11.1 bug fix release (bsc#1027519)
  xen-4.11.1-testing-src.tar.bz2
- 5b505d59-tools-xentop-replace-use-of-deprecated-vwprintw.patch
  replaces xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch
- 5b76ec82-libxl-arm-Fix-build-on-arm64-acpi-w-gcc-8.2.patch
  replaces xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch
- Drop the following patches contained in the new tarball
  5b34b8fe-VMX-defer-vmx_vmcs_exit-as-long-as-possible.patch
  5b3cab8e-1-VMX-MSR_DEBUGCTL-handling.patch
  5b3cab8e-2-VMX-improve-MSR-load-save-API.patch
  5b3cab8e-3-VMX-cleanup-MSR-load-save-infra.patch
  5b3cab8f-1-VMX-factor-out-locate_msr_entry.patch
  5b3cab8f-2-VMX-remote-access-to-MSR-lists.patch
  5b3cab8f-3-VMX-improve-LBR-MSR-handling.patch
  5b3cab8f-4-VMX-pass-MSR-value-into-vmx_msr_add.patch
  5b3cab8f-5-VMX-load-only-guest-MSR-entries.patch
  5b3f8fa5-port-array_index_nospec-from-Linux.patch
  5b4321f6-x86-correctly-set-nonlazy_xstate_used-when-loading-full-state.patch
  5b4488e7-x86-spec-ctrl-cmdline-handling.patch
  5b471517-page_alloc-correct-first_dirty-calc-in-block-merging.patch
  5b4c9a60-allow-cpu_down-to-be-called-earlier.patch
  5b4db308-SVM-fix-cleanup-svm_inject_event.patch
  5b5040c3-cpupools-fix-state-when-downing-a-CPU-failed.patch
  5b5040f2-x86-AMD-distinguish-CU-from-HT.patch
  5b505fe5-VMX-fix-find-msr-build.patch
  5b508775-1-x86-distinguish-CPU-offlining-and-removal.patch
  5b508775-2-x86-possibly-bring-up-all-CPUs.patch
  5b508775-3-x86-cmdline-opt-to-avoid-use-of-secondary-HTs.patch
  5b508ce8-VMX-dont-clobber-dr6-while-debug-state-is-lazy.patch
  5b50df16-1-x86-xstate-use-guest-CPUID-policy.patch
  5b50df16-2-x86-make-xstate-calculation-errors-more-obvious.patch
  5b56feb1-hvm-Disallow-unknown-MSR_EFER-bits.patch
  5b56feb2-spec-ctrl-Fix-the-parsing-of-xpti--on-fixed-Intel-hardware.patch
  5b62ca93-VMX-avoid-hitting-BUG_ON.patch
  5b6d84ac-x86-fix-improve-vlapic-read-write.patch
  5b6d8ce2-x86-XPTI-parsing.patch
  5b72fbbe-ARM-disable-grant-table-v2.patch
  5b72fbbe-oxenstored-eval-order.patch
  5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch
  5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch
  5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch
  5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch
  5b72fbbf-4-mm-Plumbing-to-allow-any-PTE-update-to-fail-with--ERESTART.patch
  5b72fbbf-5-pv-Force-a-guest-into-shadow-mode-when-it-writes-an-L1TF-vulnerable-PTE.patch
  5b72fbbf-6-spec-ctrl-CPUID-MSR-definitions-for-L1D_FLUSH.patch
  5b72fbbf-7-msr-Virtualise-MSR_FLUSH_CMD-for-guests.patch
  5b72fbbf-8-spec-ctrl-Introduce-an-option-to-control-L1D_FLUSH-for-HVM-HAP-guests.patch
  5b72fbbf-x86-Make-spec-ctrl-no-a-global-disable-of-all-mitigations.patch
  5b72fbbf-xl.conf-Add-global-affinity-masks.patch
  5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch
  5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch
  5b75afef-x86-setup-avoid-OoB-E820-lookup.patch
  5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch
  5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch
  5b8d5832-x86-assorted-array_index_nospec-insertions.patch
  5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch
  5bacae4b-x86-boot-allocate-extra-module-slot.patch
  5bae44ce-x86-silence-false-log-messages.patch
  5bb60c12-x86-split-opt_xpti.patch
  5bb60c4f-x86-split-opt_pv_l1tf.patch
  5bb60c74-x86-fix-xpti-and-pv-l1tf.patch
  5bcf0722-x86-boot-enable-NMIs.patch
  5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch
  5bd076e9-x86-boot-init-debug-regs-correctly.patch
  5bd076e9-x86-init-vcpu-debug-regs-correctly.patch
  5bd0e0cf-vvmx-Disallow-the-use-of-VT-x-instructions-when-nested-virt-is-disabled.patch
  5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch
  5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch
  5be2a308-x86-extend-get_platform_badpages.patch
  5be2a354-x86-work-around-HLE-host-lockup-erratum.patch
  xsa275-1.patch
  xsa275-2.patch
  xsa276-1.patch
  xsa276-2.patch
  xsa277.patch
  xsa279.patch
  xsa280-1.patch
  xsa280-2.patch - bsc#1116524 - Package xen-tools-4.11.0_09-2.1.x86_64 broken:
  Missing /bin/domu-xenstore.  This was broken because "make
  package build reproducible" change. (boo#1047218, boo#1062303)
  This fix reverses the change to this patch.
  tmp_build.patch - bsc#1115040 - VUL-0: CVE-2018-19961 CVE-2018-19962: xen:
  insufficient TLB flushing / improper large page mappings with AMD
  IOMMUs (XSA-275)
  xsa275-1.patch
  xsa275-2.patch
- bsc#1115043 - VUL-0: CVE-2018-19963: xen: resource accounting
  issues in x86 IOREQ server handling (XSA-276)
  xsa276-1.patch
  xsa276-2.patch
- bsc#1115044 - VUL-0: CVE-2018-19964: xen: x86: incorrect error
  handling for guest p2m page removals (XSA-277)
  xsa277.patch
- bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even
  when disabled (XSA-278)
  5bd0e11b-x86-disallow-VT-x-insns-without-nested-virt.patch
- bsc#1115045 - VUL-0: xen: CVE-2018-19965: x86: DoS from attempting
  to use INVPCID with a non-canonical addresses (XSA-279)
  xsa279.patch
- bsc#1115047 - VUL-0: CVE-2018-19966: xen: Fix for XSA-240
  conflicts with shadow paging (XSA-280)
  xsa280-1.patch
  xsa280-2.patch
- bsc#1114988 - VUL-0: CVE-2018-19967: xen: guest use of HLE
  constructs may lock up host (XSA-282)
  5be2a308-x86-extend-get_platform_badpages.patch
  5be2a354-x86-work-around-HLE-host-lockup-erratum.patch
- bsc#1108940 - L3: XEN SLE12-SP1 domU hang on SLE12-SP3 HV
  5bdc31d5-VMX-fix-vmx_handle_eoi.patch
- Upstream bug fixes (bsc#1027519)
  5b752762-x86-hvm-emul-rep-IO-should-not-cross-GFN-boundaries.patch
  5ba11ed4-credit2-fix-moving-CPUs-between-cpupools.patch
  5bacae4b-x86-boot-allocate-extra-module-slot.patch
  5bae44ce-x86-silence-false-log-messages.patch
  5bb60c12-x86-split-opt_xpti.patch
  5bb60c4f-x86-split-opt_pv_l1tf.patch
  5bb60c74-x86-fix-xpti-and-pv-l1tf.patch
  5bcf0722-x86-boot-enable-NMIs.patch
  5bd076e9-dombuilder-init-vcpu-debug-regs-correctly.patch
  5bd076e9-x86-boot-init-debug-regs-correctly.patch
  5bd076e9-x86-init-vcpu-debug-regs-correctly.patch
  5bd85bfd-x86-fix-crash-on-xl-set-parameter-pcid.patch - bsc#1114405 - VUL-0: CVE-2018-18883: xen: Nested VT-x usable even
  when disabled (XSA-278)
  5bd0e0cf-vvmx-Disallow-the-use-of-VT-x-instructions-when-nested-virt-is-disabled.patch - Use SMBIOS_REL_DATE instead of SMBIOS_DATE for reproducible binaries - make package build reproducible (boo#1047218, boo#1062303)
  * Set SMBIOS_REL_DATE
  * Update tmp_build.patch to use SHA instead of random build-id
  * Add reproducible.patch to use --no-insert-timestamp - Building with ncurses 6.1 will fail without
  xen.2b50cdbc444c637575580dcfa6c9525a84d5cc62.patch
- Building libxl acpi support on aarch64 with gcc 8.2 will fail without
  xen.b8f33431f3dd23fb43a879f4bdb4283fdc9465ad.patch - bsc#1106263 - L3: The affinity reporting via 'xl vcpu-list' is
  apparently broken
  5b8fae26-tools-libxl-correct-vcpu-affinity-output-with-sparse-physical-cpu-map.patch
  5b8fae26-xen-fill-topology-info-for-all-present-cpus.patch
  5b8fb5af-tools-xl-refuse-to-set-number-of-vcpus-to-0-via-xl-vcpu-set.patch - bsc#1094508 - L3: Kernel oops in fs/dcache.c called by
  d_materialise_unique()
  5b9784ad-x86-HVM-drop-hvm_fetch_from_guest_linear.patch
  5b9784d2-x86-HVM-add-known_gla-helper.patch
  5b9784f2-x86-HVM-split-page-straddling-accesses.patch
- bsc#1103279 - (CVE-2018-15470) VUL-0: CVE-2018-15470: xen:
  oxenstored does not apply quota-maxentity (XSA-272)
  5b72fbbe-oxenstored-eval-order.patch
- bsc#1103275 - (CVE-2018-15469) VUL-0: CVE-2018-15469: xen: Use of
  v2 grant tables may cause crash on ARM (XSA-268)
  5b72fbbe-ARM-disable-grant-table-v2.patch
- Upstream patches from Jan (bsc#1027519)
  5b6d84ac-x86-fix-improve-vlapic-read-write.patch
  5b74190e-x86-hvm-ioreq-MMIO-range-check-honor-DF.patch
  5b75afef-x86-setup-avoid-OoB-E820-lookup.patch
  5b76b780-rangeset-inquiry-functions-tolerate-NULL.patch
  5b83c654-VT-d-dmar-iommu-mem-leak-fix.patch
  5b8d5832-x86-assorted-array_index_nospec-insertions.patch
- Drop 5b741962-x86-write-to-correct-variable-in-parse_pv_l1tf.patch - bsc#1078292 - rpmbuild -ba SPECS/xen.spec with xen-4.9.1 failed
  xen.spec - bsc#1091107 - VUL-0: CVE-2018-3646: xen: L1 Terminal Fault -VMM
  (XSA-273)
  5b72fbbf-1-spec-ctrl-Calculate-safe-PTE-addresses-for-L1TF-mitigations.patch
  5b72fbbf-2-spec-ctrl-Introduce-an-option-to-control-L1TF-mitigation-for-PV-guests.patch
  5b72fbbf-3-shadow-Infrastructure-to-force-a-PV-guest-into-shadow-mode.patch
  5b72fbbf-4-mm-Plumbing-to-allow-any-PTE-update-to-fail-with--ERESTART.patch
  5b72fbbf-5-pv-Force-a-guest-into-shadow-mode-when-it-writes-an-L1TF-vulnerable-PTE.patch
  5b72fbbf-6-spec-ctrl-CPUID-MSR-definitions-for-L1D_FLUSH.patch
  5b72fbbf-7-msr-Virtualise-MSR_FLUSH_CMD-for-guests.patch
  5b72fbbf-8-spec-ctrl-Introduce-an-option-to-control-L1D_FLUSH-for-HVM-HAP-guests.patch
- bsc#1103276 - VUL-0: CVE-2018-15468: xen: x86: Incorrect
  MSR_DEBUGCTL handling lets guests enable BTS (XSA-269)
  5b72fbbe-vtx-Fix-the-checking-for-unknown-invalid-MSR_DEBUGCTL-bits.patch
- Upstream prereq patches for XSA-273 and other upstream fixes
  (bsc#1027519)
  5b34b8fe-VMX-defer-vmx_vmcs_exit-as-long-as-possible.patch
  5b3cab8e-1-VMX-MSR_DEBUGCTL-handling.patch
  5b3cab8e-2-VMX-improve-MSR-load-save-API.patch
  5b3cab8e-3-VMX-cleanup-MSR-load-save-infra.patch
  5b3cab8f-1-VMX-factor-out-locate_msr_entry.patch
  5b3cab8f-2-VMX-remote-access-to-MSR-lists.patch
  5b3cab8f-3-VMX-improve-LBR-MSR-handling.patch
  5b3cab8f-4-VMX-pass-MSR-value-into-vmx_msr_add.patch
  5b3cab8f-5-VMX-load-only-guest-MSR-entries.patch
  5b4321f6-x86-correctly-set-nonlazy_xstate_used-when-loading-full-state.patch
  5b505fe5-VMX-fix-find-msr-build.patch
  5b56feb1-hvm-Disallow-unknown-MSR_EFER-bits.patch
  5b56feb2-spec-ctrl-Fix-the-parsing-of-xpti--on-fixed-Intel-hardware.patch
  5b62ca93-VMX-avoid-hitting-BUG_ON.patch
  5b6d8ce2-x86-XPTI-parsing.patch
  5b72fbbf-x86-Make-spec-ctrl-no-a-global-disable-of-all-mitigations.patch
  5b72fbbf-xl.conf-Add-global-affinity-masks.patch
  5b741962-x86-write-to-correct-variable-in-parse_pv_l1tf.patch - Upstream patches from Jan (bsc#1027519)
  5b3f8fa5-port-array_index_nospec-from-Linux.patch
  5b4488e7-x86-spec-ctrl-cmdline-handling.patch
  5b471517-page_alloc-correct-first_dirty-calc-in-block-merging.patch
  5b4c9a60-allow-cpu_down-to-be-called-earlier.patch
  5b4db308-SVM-fix-cleanup-svm_inject_event.patch
  5b5040c3-cpupools-fix-state-when-downing-a-CPU-failed.patch
  5b5040f2-x86-AMD-distinguish-CU-from-HT.patch
  5b508775-1-x86-distinguish-CPU-offlining-and-removal.patch
  5b508775-2-x86-possibly-bring-up-all-CPUs.patch
  5b508775-3-x86-cmdline-opt-to-avoid-use-of-secondary-HTs.patch
  5b508ce8-VMX-dont-clobber-dr6-while-debug-state-is-lazy.patch
  5b50df16-1-x86-xstate-use-guest-CPUID-policy.patch
  5b50df16-2-x86-make-xstate-calculation-errors-more-obvious.patch
  gcc8-fix-format-warning-on-i586.patch
  gcc8-fix-array-warning-on-i586.patch
- Drop xen.fuzz-_FORTIFY_SOURCE.patch
  gcc8-fix-warning-on-i586.patch - Update to Xen 4.11.0 FCS (fate#325202, fate#325123)
  xen-4.11.0-testing-src.tar.bz2
  disable-building-pv-shim.patch
- Dropped patches
  5a33a12f-domctl-improve-locking-during-domain-destruction.patch
  5a6703cb-x86-move-invocations-of-hvm_flush_guest_tlbs.patch
  5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch
  5a9985bd-x86-invpcid-support.patch
  5ac72a48-gcc8.patch
  5ac72a5f-gcc8.patch
  5ac72a64-gcc8.patch
  5ac72a69-gcc8.patch
  5ac72a6e-gcc8.patch
  5ac72a74-gcc8.patch
  5ac72a7b-gcc8.patch
  5ad4923e-x86-correct-S3-resume-ordering.patch
  5ad49293-x86-suppress-BTI-mitigations-around-S3.patch
  5ad600d4-x86-pv-introduce-x86emul_read_dr.patch
  5ad600d4-x86-pv-introduce-x86emul_write_dr.patch
  5ad8c3a7-x86-spec_ctrl-update-retpoline-decision-making.patch
  5adda097-x86-HPET-fix-race-triggering-ASSERT.patch
  5adda0d5-x86-HVM-never-retain-emulated-insn-cache.patch
  5adde9ed-xpti-fix-double-fault-handling.patch
  5ae06fad-SVM-fix-intercepts-for-SYS-CALL-ENTER-MSRs.patch
  5ae31917-x86-cpuidle-init-stats-lock-once.patch
  5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch
  5aeaeaf0-sched-fix-races-in-vcpu-migration.patch
  5aeb2c57-x86-retval-checks-of-set-guest-trapbounce.patch
  5aec7393-1-x86-xpti-avoid-copy.patch
  5aec7393-2-x86-xpti-write-cr3.patch
  5aec744a-3-x86-xpti-per-domain-flag.patch
  5aec744a-4-x86-xpti-use-invpcid.patch
  5aec744a-5-x86-xpti-no-global-pages.patch
  5aec744a-6-x86-xpti-cr3-valid-flag.patch
  5aec744a-7-x86-xpti-pv_guest_cr4_to_real_cr4.patch
  5aec744b-8-x86-xpti-cr3-helpers.patch
  5aec74a8-9-x86-xpti-use-pcid.patch
  5af1daa9-1-x86-traps-fix-dr6-handing-in-DB-handler.patch
  5af1daa9-2-x86-pv-move-exception-injection-into-test_all_events.patch
  5af1daa9-3-x86-traps-use-IST-for-DB.patch
  5af1daa9-4-x86-traps-fix-handling-of-DB-in-hypervisor-context.patch
  5af1daa9-x86-HVM-guard-against-bogus-emulator-ioreq-state.patch
  5af1daa9-x86-vpt-support-IO-APIC-routed-intr.patch
  5af97999-viridian-cpuid-leaf-40000003.patch
  5afc13ae-1-x86-read-MSR_ARCH_CAPABILITIES-once.patch
  5afc13ae-2-x86-express-Xen-SPEC_CTRL-choice-as-variable.patch
  5afc13ae-3-x86-merge-bti_ist_info-use_shadow_spec_ctrl.patch
  5afc13ae-4-x86-fold-XEN_IBRS-ALTERNATIVES.patch
  5afc13ae-5-x86-rename-bits-of-spec_ctrl-infrastructure.patch
  5afc13ae-6-x86-elide-MSR_SPEC_CTRL-handling-in-idle.patch
  5afc13ae-7-x86-split-X86_FEATURE_SC_MSR.patch
  5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch
  5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch
  5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch
  5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch
  5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch
  5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch
  5b0bc9da-x86-XPTI-fix-S3-resume.patch
  5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x80000008.patch
  5b0d2d91-x86-suppress-sync-when-XPTI-off.patch
  5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch
  5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch
  5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch
  5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch
  5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch
  5b238b92-x86-HVM-account-for-fully-eager-FPU.patch
  5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
  5b31e004-x86-HVM-emul-attempts-FPU-set-fpu_initialised.patch
  5b323e3c-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
  5b34882d-x86-mm-dont-bypass-preemption-checks.patch
  5b348874-x86-refine-checks-in-DB-handler.patch
  5b348897-libxl-qemu_disk_scsi_drive_string-break-out-common.patch
  5b3488a2-libxl-restore-passing-ro-to-qemu-for-SCSI-disks.patch
  5b34891a-x86-HVM-dont-cause-NM-to-be-raised.patch
  5b348954-x86-guard-against-NM.patch
  libxl.Add-a-version-check-of-QEMU-for-QMP-commands.patch
  libxl.LIBXL_DESTROY_TIMEOUT.patch
  libxl.qmp-Tell-QEMU-about-live-migration-or-snapshot.patch
  xen_fix_build_with_acpica_20180427_and_new_packages.patch - Submit upstream patch libacpi: fixes for iasl >= 20180427
  git commit 858dbaaeda33b05c1ac80aea0ba9a03924e09005
  xen_fix_build_with_acpica_20180427_and_new_packages.patch
  This is needed for acpica package to get updated in our build service - Upstream patches from Jan (bsc#1027519)
  5b02c786-x86-AMD-mitigations-for-GPZ-SP4.patch (Replaces Spectre-v4-1.patch)
  5b02c786-x86-Intel-mitigations-for-GPZ-SP4.patch (Replaces Spectre-v4-2.patch)
  5b02c786-x86-msr-virtualise-SPEC_CTRL-SSBD.patch (Replaces Spectre-v4-3.patch)
  5b0bc9da-x86-XPTI-fix-S3-resume.patch
  5b0d2286-libxc-x86-PV-dont-hand-through-CPUID-leaf-0x80000008.patch
  5b0d2d91-x86-suppress-sync-when-XPTI-off.patch
  5b0d2dbc-x86-correct-default_xen_spec_ctrl.patch
  5b0d2ddc-x86-CPUID-dont-override-tool-stack-hidden-STIBP.patch
  5b150ef9-x86-fix-error-handling-of-pv-dr7-shadow.patch
  5b21825d-1-x86-support-fully-eager-FPU-context-switching.patch (Replaces xsa267-1.patch)
  5b21825d-2-x86-spec-ctrl-mitigations-for-LazyFPU.patch (Replaces xsa267-2.patch)
  5b238b92-x86-HVM-account-for-fully-eager-FPU.patch
  5b2b7172-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
  5b31e004-x86-HVM-emul-attempts-FPU-set-fpu_initialised.patch
  5b323e3c-x86-EFI-fix-FPU-state-handling-around-runtime-calls.patch
  5b34882d-x86-mm-dont-bypass-preemption-checks.patch (Replaces xsa264.patch)
  5b348874-x86-refine-checks-in-DB-handler.patch (Replaces xsa265.patch)
  5b348897-libxl-qemu_disk_scsi_drive_string-break-out-common.patch (Replaces xsa266-1-<>.patch)
  5b3488a2-libxl-restore-passing-ro-to-qemu-for-SCSI-disks.patch (Replaces xsa266-2-<>.patch)
  5b34891a-x86-HVM-dont-cause-NM-to-be-raised.patch
  5b348954-x86-guard-against-NM.patch - Fix more build gcc8 related failures with xen.fuzz-_FORTIFY_SOURCE.patch - bsc#1098403 - fix regression introduced by changes for bsc#1079730
  a PV domU without qcow2 and/or vfb has no qemu attached.
  Ignore QMP errors for PV domUs to handle PV domUs with and without
  an attached qemu-xen.
  xen.bug1079730.patch - bsc#1097521 - VUL-0: CVE-2018-12891: xen: preemption checks
  bypassed in x86 PV MM handling (XSA-264)
  xsa264.patch
- bsc#1097522 - VUL-0: CVE-2018-12893: xen: x86: #DB exception
  safety check can be triggered by a guest (XSA-265)
  xsa265.patch
- bsc#1097523 - VUL-0: CVE-2018-12892: xen: libxl fails to honour
  readonly flag on HVM emulated SCSI disks (XSA-266)
  xsa266-1-libxl-qemu_disk_scsi_drive_string-Break-out-common-p.patch
  xsa266-2-libxl-restore-passing-readonly-to-qemu-for-SCSI-disk.patch - bsc#1095242 - VUL-0: CVE-2018-3665: xen: Lazy FP Save/Restore
  (XSA-267)
  xsa267-1.patch
  xsa267-2.patch - bsc#1092543 - GCC 8: xen build fails
  gcc8-fix-warning-on-i586.patch - bsc#1092631 - VUL-0: CVE-2018-3639: xen: V4 â€“ Speculative Store
  Bypass aka "Memory Disambiguation" (XSA-263)
  5ad4923e-x86-correct-S3-resume-ordering.patch
  5ad49293-x86-suppress-BTI-mitigations-around-S3.patch
  5afc13ae-1-x86-read-MSR_ARCH_CAPABILITIES-once.patch
  5afc13ae-2-x86-express-Xen-SPEC_CTRL-choice-as-variable.patch
  5afc13ae-3-x86-merge-bti_ist_info-use_shadow_spec_ctrl.patch
  5afc13ae-4-x86-fold-XEN_IBRS-ALTERNATIVES.patch
  5afc13ae-5-x86-rename-bits-of-spec_ctrl-infrastructure.patch
  5afc13ae-6-x86-elide-MSR_SPEC_CTRL-handling-in-idle.patch
  5afc13ae-7-x86-split-X86_FEATURE_SC_MSR.patch
  5afc13ae-8-x86-explicitly-set-Xen-default-SPEC_CTRL.patch
  5afc13ae-9-x86-cpuid-improve-guest-policies-for-speculative.patch
  5afc13ae-A-x86-introduce-spec-ctrl-cmdline-opt.patch
  Spectre-v4-1.patch
  Spectre-v4-2.patch
  Spectre-v4-3.patch - Always call qemus xen-save-devices-state in suspend/resume to
  fix migration with qcow2 images (bsc#1079730)
  libxl.Add-a-version-check-of-QEMU-for-QMP-commands.patch
  libxl.qmp-Tell-QEMU-about-live-migration-or-snapshot.patch
  xen.bug1079730.patch - bsc#1087289 - L3: Xen BUG at sched_credit.c:1663
  5aeaeae4-introduce-vcpu_sleep_nosync_locked.patch
  5aeaeaf0-sched-fix-races-in-vcpu-migration.patch
- Upstream patches from Jan (bsc#1027519)
  5ad600d4-x86-pv-introduce-x86emul_read_dr.patch
  5ad600d4-x86-pv-introduce-x86emul_write_dr.patch
  5ad8c3a7-x86-spec_ctrl-update-retpoline-decision-making.patch
  5adda097-x86-HPET-fix-race-triggering-ASSERT.patch
  5adda0d5-x86-HVM-never-retain-emulated-insn-cache.patch
  5ae06fad-SVM-fix-intercepts-for-SYS-CALL-ENTER-MSRs.patch
  5ae31917-x86-cpuidle-init-stats-lock-once.patch
  5aeb2c57-x86-retval-checks-of-set-guest-trapbounce.patch
  5af1daa9-1-x86-traps-fix-dr6-handing-in-DB-handler.patch (Replaces xsa260-1.patch)
  5af1daa9-2-x86-pv-move-exception-injection-into-test_all_events.patch (Replaces xsa260-2.patch)
  5af1daa9-3-x86-traps-use-IST-for-DB.patch (Replaces xsa260-3.patch)
  5af1daa9-4-x86-traps-fix-handling-of-DB-in-hypervisor-context.patch (Replaces xsa260-4.patch)
  5af1daa9-x86-HVM-guard-against-bogus-emulator-ioreq-state.patch (Replaces xsa262.patch)
  5af1daa9-x86-vpt-support-IO-APIC-routed-intr.patch (Replaces xsa261.patch)
  5af97999-viridian-cpuid-leaf-40000003.patch - Fixes related to Page Table Isolation (XPTI). bsc#1074562 XSA-254
  5a6703cb-x86-move-invocations-of-hvm_flush_guest_tlbs.patch
  5a9985bd-x86-invpcid-support.patch
  5adde9ed-xpti-fix-double-fault-handling.patch
  5aec7393-1-x86-xpti-avoid-copy.patch
  5aec7393-2-x86-xpti-write-cr3.patch
  5aec744a-3-x86-xpti-per-domain-flag.patch
  5aec744a-4-x86-xpti-use-invpcid.patch
  5aec744a-5-x86-xpti-no-global-pages.patch
  5aec744a-6-x86-xpti-cr3-valid-flag.patch
  5aec744a-7-x86-xpti-pv_guest_cr4_to_real_cr4.patch
  5aec744b-8-x86-xpti-cr3-helpers.patch
  5aec74a8-9-x86-xpti-use-pcid.patch - bsc#1092543 - GCC 8: xen build fails
  5ac72a48-gcc8.patch
  5ac72a5f-gcc8.patch
  5ac72a64-gcc8.patch
  5ac72a69-gcc8.patch
  5ac72a6e-gcc8.patch
  5ac72a74-gcc8.patch
  5ac72a7b-gcc8.patch
  gcc8-inlining-failed.patch - Update to Xen 4.10.1 bug fix release (bsc#1027519)
  xen-4.10.1-testing-src.tar.bz2
  disable-building-pv-shim.patch
- Drop the following patches contained in the new tarball
  5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch
  5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch
  5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch
  5a313972-x86-microcode-add-support-for-AMD-Fam17.patch
  5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch
  5a4caa5e-x86-IRQ-conditionally-preserve-access-perm.patch
  5a4caa8c-x86-E820-don-t-overrun-array.patch
  5a4e2bca-x86-free-msr_vcpu_policy-during-destruction.patch
  5a4e2c2c-x86-upcall-inject-spurious-event-after-setting-vector.patch
  5a4fd893-1-x86-break-out-alternative-asm-into-separate-header.patch
  5a4fd893-2-x86-introduce-ALTERNATIVE_2-macros.patch
  5a4fd893-3-x86-hvm-rename-update_guest_vendor-to-cpuid_policy_changed.patch
  5a4fd893-4-x86-introduce-cpuid_policy_updated.patch
  5a4fd893-5-x86-entry-remove-partial-cpu_user_regs.patch
  5a4fd894-1-x86-rearrange-RESTORE_ALL-to-restore-in-stack-order.patch
  5a4fd894-2-x86-hvm-use-SAVE_ALL-after-VMExit.patch
  5a4fd894-3-x86-erase-guest-GPRs-on-entry-to-Xen.patch
  5a4fd894-4-clarifications-to-wait-infrastructure.patch
  5a534c78-x86-dont-use-incorrect-CPUID-values-for-topology.patch
  5a5cb24c-x86-mm-always-set-_PAGE_ACCESSED-on-L4-updates.patch
  5a5e2cff-x86-Meltdown-band-aid.patch
  5a5e2d73-x86-Meltdown-band-aid-conditional.patch
  5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch
  5a5e3a4e-2-x86-support-indirect-thunks-from-asm.patch
  5a5e3a4e-3-x86-report-speculative-mitigation-details.patch
  5a5e3a4e-4-x86-AMD-set-lfence-as-Dispatch-Serialising.patch
  5a5e3a4e-5-x86-introduce-alternative-indirect-thunks.patch
  5a5e3a4e-6-x86-definitions-for-Indirect-Branch-Controls.patch
  5a5e3a4e-7-x86-cmdline-opt-to-disable-IBRS-IBPB-STIBP.patch
  5a5e459c-1-x86-SVM-offer-CPUID-faulting-to-AMD-HVM-guests.patch
  5a5e459c-2-x86-report-domain-id-on-CPUID.patch
  5a68bc16-x86-acpi-process-softirqs-logging-Cx.patch
  5a69c0b9-x86-fix-GET_STACK_END.patch
  5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch
  5a6b36cd-2-x86-msr-emulation-of-SPEC_CTRL-PRED_CMD.patch
  5a6b36cd-3-x86-migrate-MSR_SPEC_CTRL.patch
  5a6b36cd-4-x86-hvm-permit-direct-access-to-SPEC_CTRL-PRED_CMD.patch
  5a6b36cd-5-x86-use-SPEC_CTRL-on-entry.patch
  5a6b36cd-6-x86-clobber-RSB-RAS-on-entry.patch
  5a6b36cd-7-x86-no-alternatives-in-NMI-MC-paths.patch
  5a6b36cd-8-x86-boot-calculate-best-BTI-mitigation.patch
  5a6b36cd-9-x86-issue-speculation-barrier.patch
  5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch
  5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch
  5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch
  5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch
  5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch
  5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch
  5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch
  5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch
  5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch
  5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch
  5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch
  5a955800-gnttab-dont-free-status-pages-on-ver-change.patch
  5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch
  5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch
  5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch
  5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch
  5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch
  5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch
  5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch
  xsa258.patch
  xsa259.patch - bsc#1090820 - VUL-0: CVE-2018-8897: xen: x86: mishandling of
  debug exceptions (XSA-260)
  xsa260-1.patch
  xsa260-2.patch
  xsa260-3.patch
  xsa260-4.patch
- bsc#1090822 - VUL-0: CVE-2018-10982: xen: x86 vHPET interrupt
  injection errors (XSA-261)
  xsa261.patch
- bsc#1090823 - VUL-0: CVE-2018-10981: xen: qemu may drive Xen into
  unbounded loop (XSA-262)
  xsa262.patch - bsc#1089152 - VUL-0: CVE-2018-10472: xen: Information leak via
  crafted user-supplied CDROM (XSA-258)
  xsa258.patch
- bsc#1089635 - VUL-0: CVE-2018-10471: xen: x86: PV guest may crash
  Xen with XPTI (XSA-259)
  xsa259.patch - Preserve xen-syms from xen-dbg.gz to allow processing vmcores
  with crash(1) (bsc#1087251) - Upstream patches from Jan (bsc#1027519) and fixes related to
  Page Table Isolation (XPTI). See also bsc#1074562 XSA-254
  5a856a2b-x86-xpti-hide-almost-all-of-Xen-image-mappings.patch
  5a9eb7f1-x86-xpti-dont-map-stack-guard-pages.patch
  5a9eb85c-x86-slightly-reduce-XPTI-overhead.patch
  5a9eb890-x86-remove-CR-reads-from-exit-to-guest-path.patch
  5aa2b6b9-cpufreq-ondemand-CPU-offlining-race.patch
  5aaa9878-x86-vlapic-clear-TMR-bit-for-edge-triggered-intr.patch - bsc#1072834 - Xen HVM: unchecked MSR access error: RDMSR from
  0xc90 at rIP: 0xffffffff93061456 (native_read_msr+0x6/0x30)
  5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch
- Upstream patches from Jan (bsc#1027519)
  5a79d7ed-libxc-packed-initrd-dont-fail-domain-creation.patch
  5a7b1bdd-x86-reduce-Meltdown-band-aid-IPI-overhead.patch
  5a843807-x86-spec_ctrl-fix-bugs-in-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch
  5a856a2b-x86-emul-fix-64bit-decoding-of-segment-overrides.patch
  5a856a2b-x86-use-32bit-xors-for-clearing-GPRs.patch
  5a8be788-x86-nmi-start-NMI-watchdog-on-CPU0-after-SMP.patch
  5a95373b-x86-PV-avoid-leaking-other-guests-MSR_TSC_AUX.patch
  5a95571f-memory-dont-implicitly-unpin-in-decrease-res.patch (Replaces xsa252.patch)
  5a95576c-gnttab-ARM-dont-corrupt-shared-GFN-array.patch (Replaces xsa255-1.patch)
  5a955800-gnttab-dont-free-status-pages-on-ver-change.patch (Replaces xsa255-2.patch)
  5a955854-x86-disallow-HVM-creation-without-LAPIC-emul.patch (Replaces xsa256.patch)
- Drop
  xsa252.patch
  xsa255-1.patch
  xsa255-2.patch
  xsa256.patch - bsc#1080635 - VUL-0: CVE-2018-7540: xen: DoS via non-preemptable
  L3/L4 pagetable freeing (XSA-252)
  xsa252.patch
- bsc#1080662 - VUL-0: CVE-2018-7541: xen: grant table v2 -> v1
  transition may crash Xen (XSA-255)
  xsa255-1.patch
  xsa255-2.patch
- bsc#1080634 - VUL-0: CVE-2018-7542: xen: x86 PVH guest without
  LAPIC may DoS the host (XSA-256)
  xsa256.patch - Remove stale systemd presets code for 13.2 and older - fate#324965 - add script, udev rule and systemd service to watch
  for vcpu online/offline events in a HVM domU
  They are triggered via xl vcpu-set domU N - Replace hardcoded xen with Name tag when refering to subpkgs - Make sure tools and tools-domU require libs from the very same build - tools-domU: Add support for qemu guest agent. New files
  80-xen-channel-setup.rules and xen-channel-setup.sh configure a
  xen-pv-channel for use by the guest agent
  FATE#324963 - Remove outdated /etc/xen/README* - bsc#1073961 - VUL-0: CVE-2018-5244: xen: x86: memory leak with
  MSR emulation (XSA-253)
  5a4e2bca-x86-free-msr_vcpu_policy-during-destruction.patch
- bsc#1074562 - VUL-0: CVE-2017-5753,CVE-2017-5715,CVE-2017-5754
  xen: Information leak via side effects of speculative execution
  (XSA-254). Includes Spectre v2 mitigation.
  5a4caa5e-x86-IRQ-conditionally-preserve-access-perm.patch
  5a4caa8c-x86-E820-don-t-overrun-array.patch
  5a4e2c2c-x86-upcall-inject-spurious-event-after-setting-vector.patch
  5a4fd893-1-x86-break-out-alternative-asm-into-separate-header.patch
  5a4fd893-2-x86-introduce-ALTERNATIVE_2-macros.patch
  5a4fd893-3-x86-hvm-rename-update_guest_vendor-to-cpuid_policy_changed.patch
  5a4fd893-4-x86-introduce-cpuid_policy_updated.patch
  5a4fd893-5-x86-entry-remove-partial-cpu_user_regs.patch
  5a4fd894-1-x86-rearrange-RESTORE_ALL-to-restore-in-stack-order.patch
  5a4fd894-2-x86-hvm-use-SAVE_ALL-after-VMExit.patch
  5a4fd894-3-x86-erase-guest-GPRs-on-entry-to-Xen.patch
  5a4fd894-4-clarifications-to-wait-infrastructure.patch
  5a534c78-x86-dont-use-incorrect-CPUID-values-for-topology.patch
  5a5cb24c-x86-mm-always-set-_PAGE_ACCESSED-on-L4-updates.patch
  5a5e2cff-x86-Meltdown-band-aid.patch
  5a5e2d73-x86-Meltdown-band-aid-conditional.patch
  5a5e3a4e-1-x86-support-compiling-with-indirect-branch-thunks.patch
  5a5e3a4e-2-x86-support-indirect-thunks-from-asm.patch
  5a5e3a4e-3-x86-report-speculative-mitigation-details.patch
  5a5e3a4e-4-x86-AMD-set-lfence-as-Dispatch-Serialising.patch
  5a5e3a4e-5-x86-introduce-alternative-indirect-thunks.patch
  5a5e3a4e-6-x86-definitions-for-Indirect-Branch-Controls.patch
  5a5e3a4e-7-x86-cmdline-opt-to-disable-IBRS-IBPB-STIBP.patch
  5a5e459c-1-x86-SVM-offer-CPUID-faulting-to-AMD-HVM-guests.patch
  5a5e459c-2-x86-report-domain-id-on-CPUID.patch
  5a68bc16-x86-acpi-process-softirqs-logging-Cx.patch
  5a69c0b9-x86-fix-GET_STACK_END.patch
  5a6b36cd-1-x86-cpuid-handling-of-IBRS-IBPB-STIBP-and-IBRS-for-guests.patch
  5a6b36cd-2-x86-msr-emulation-of-SPEC_CTRL-PRED_CMD.patch
  5a6b36cd-3-x86-migrate-MSR_SPEC_CTRL.patch
  5a6b36cd-4-x86-hvm-permit-direct-access-to-SPEC_CTRL-PRED_CMD.patch
  5a6b36cd-5-x86-use-SPEC_CTRL-on-entry.patch
  5a6b36cd-6-x86-clobber-RSB-RAS-on-entry.patch
  5a6b36cd-7-x86-no-alternatives-in-NMI-MC-paths.patch
  5a6b36cd-8-x86-boot-calculate-best-BTI-mitigation.patch
  5a6b36cd-9-x86-issue-speculation-barrier.patch
  5a6b36cd-A-x86-offer-Indirect-Branch-Controls-to-guests.patch
  5a6b36cd-B-x86-clear-SPEC_CTRL-while-idle.patch - Fix python3 deprecated atoi call (bsc#1067224)
  pygrub-python3-conversion.patch
- Drop xenmon-python3-conversion.patch - bsc#1067317 - pass cache=writeback|unsafe|directsync to qemu,
  depending on the libxl disk settings
  libxl.add-option-to-disable-disk-cache-flushes-in-qdisk.patch - Remove libxl.LIBXL_DESTROY_TIMEOUT.debug.patch - bsc#1067224 - xen-tools have hard dependency on Python 2
  build-python3-conversion.patch
  bin-python3-conversion.patch - bsc#1070165 - xen crashes after aborted localhost migration
  5a2ffc1f-x86-mm-drop-bogus-paging-mode-assertion.patch
- bsc#1035442 - L3: libxl: error: libxl.c:1676:devices_destroy_cb:
  libxl__devices_destroy failed
  5a33a12f-domctl-improve-locking-during-domain-destruction.patch
- Upstream patches from Jan (bsc#1027519)
  5a21a77e-x86-pv-construct-d0v0s-GDT-properly.patch
  5a2fda0d-x86-mb2-avoid-Xen-when-looking-for-module-crashkernel-pos.patch
  5a313972-x86-microcode-add-support-for-AMD-Fam17.patch
  5a32bd79-x86-vmx-dont-use-hvm_inject_hw_exception-in-.patch - Update to Xen 4.10.0 FCS (fate#321394, fate#322686)
  xen-4.10.0-testing-src.tar.bz2 - Rebuild initrd if xen-tools-domU is updated - Update to Xen 4.10.0-rc8 (fate#321394, fate#322686)
  xen-4.10.0-testing-src.tar.bz2 - Increase the value of LIBXL_DESTROY_TIMEOUT from 10 to 100 seconds
  If many domUs shutdown in parallel the backends can not keep up
  Add some debug output to track how long backend shutdown takes (bsc#1035442)
  libxl.LIBXL_DESTROY_TIMEOUT.patch
  libxl.LIBXL_DESTROY_TIMEOUT.debug.patch - Adjust xenstore-run-in-studomain.patch to change the defaults
  in the code instead of changing the sysconfig template, to also
  cover the upgrade case - Update to Xen 4.10.0-rc6 (fate#321394, fate#322686)
  xen-4.10.0-testing-src.tar.bz2 - Since xen switched to Kconfig, building a debug hypervisor
  was done by default. Adjust make logic to build a non-debug
  hypervisor by default, and continue to provide one as xen-dbg.gz - fate#316614: set migration constraints from cmdline
  fix libxl.set-migration-constraints-from-cmdline.patch for xen-4.10 - Document the suse-diskcache-disable-flush option in
  xl-disk-configuration(5) (bsc#879425,bsc#1067317) - Replace references to /var/adm/fillup-templates with new
  %_fillupdir macro (boo#1069468) - Update to Xen 4.10.0-rc5 (fate#321394, fate#322686)
  xen-4.10.0-testing-src.tar.bz2
- fate#323663 - Run Xenstore in stubdomain
  xenstore-run-in-studomain.patch - bsc#1067224 - xen-tools have hard dependency on Python 2
  pygrub-python3-conversion.patch
  xenmon-python3-conversion.patch
  migration-python3-conversion.patch
  xnloader.py
  xen2libvirt.py - Remove xendriverdomain.service (bsc#1065185)
  Driver domains must be configured manually with custom .service file - Update to Xen 4.10.0-rc3 (fate#321394, fate#322686)
  xen-4.10.0-testing-src.tar.bz2
- Drop 59f31268-libxc-remove-stale-error-check-for-domain-size.patch - Adjust xen-dom0-modules.service to ignore errors (bsc#1065187) - fate#324052 Support migration of Xen HVM domains larger than 1TB
  59f31268-libxc-remove-stale-error-check-for-domain-size.patch - Update to Xen 4.10.0-rc2 (fate#321394, fate#322686)
  xen-4.10.0-testing-src.tar.bz2 - Update to Xen 4.10.0-rc1 (fate#321394, fate#322686)
  xen-4.10.0-testing-src.tar.bz2
- Drop patches included in new tarball
  592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch
  596f257e-x86-fix-hvmemul_insn_fetch.patch
  5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch
  598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch
  598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch
  5992f1e5-x86-grant-disallow-misaligned-PTEs.patch
  5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch
  5992f233-gnttab-correct-pin-status-fixup-for-copy.patch
  59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch
  59958ebf-gnttab-fix-transitive-grant-handling.patch
  59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch
  599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch
  59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch
  59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch
  59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch
  59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch
  59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch
  59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch
  59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch
  59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch
  59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch
  59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch
  59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch
  59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch
  gcc7-arm.patch
  gcc7-mini-os.patch - bsc#1061084 - VUL-0: xen: page type reference leak on x86
  (XSA-242)
  xsa242.patch
- bsc#1061086 - VUL-0: xen: x86: Incorrect handling of self-linear
  shadow mappings with translated guests (XSA-243)
  xsa243.patch
- bsc#1061087 - VUL-0: xen: x86: Incorrect handling of IST settings
  during CPU hotplug (XSA-244)
  xsa244.patch - bsc#1061077 - VUL-0: xen: DMOP map/unmap missing argument checks
  (XSA-238)
  xsa238.patch
- bsc#1061080 - VUL-0: xen: hypervisor stack leak in x86 I/O
  intercept code (XSA-239)
  xsa239.patch
- bsc#1061081 - VUL-0: xen: Unlimited recursion in linear pagetable
  de-typing (XSA-240)
  xsa240-1.patch
  xsa240-2.patch
- bsc#1061082 - VUL-0: xen: Stale TLB entry due to page type
  release race (XSA-241)
  xsa241.patch - bsc#1061075 - VUL-0: xen: pin count / page reference race in
  grant table code (XSA-236)
  xsa236.patch
- bsc#1061076 - VUL-0: xen: multiple MSI mapping issues on x86
  (XSA-237)
  xsa237-1.patch
  xsa237-2.patch
  xsa237-3.patch
  xsa237-4.patch
  xsa237-5.patch - bsc#1056278 - VUL-0: xen: Missing NUMA node parameter
  verification (XSA-231)
  59b7d664-mm-make-sure-node-is-less-than-MAX_NUMNODES.patch
- bsc#1056280 - VUL-0: xen: Missing check for grant table (XSA-232)
  59b7d69b-grant_table-fix-GNTTABOP_cache_flush-handling.patch
- bsc#1056281 - VUL-0: xen: cxenstored: Race in domain cleanup
  (XSA-233)
  59b7d6c8-xenstore-dont-unlink-connection-object-twice.patch
- bsc#1056282 - VUL-0: xen: insufficient grant unmapping checks for
  x86 PV guests (XSA-234)
  59b7d6d9-gnttab-also-validate-PTE-perms-upon-destroy-replace.patch
- bsc#1055321 - VUL-0: xen: add-to-physmap error paths fail to
  release lock on ARM (XSA-235)
  599da329-arm-mm-release-grant-lock-on-xatp1-error-paths.patch
- Upstream patches from Jan (bsc#1027519)
  59a01223-x86-check-for-alloc-errors-in-modify_xen_mappings.patch
  59a0130c-x86-efi-dont-write-relocs-in-efi_arch_relocate_image-1st-pass.patch
  59a9221f-VT-d-use-correct-BDF-for-VF-to-search-VT-d-unit.patch
  59ae9177-x86-emul-fix-handling-of-unimplemented-Grp7-insns.patch
  59aec335-x86emul-correct-VEX-W-handling-for-VPINSRD.patch
  59aec375-x86emul-correct-VEX-L-handling-for-VCVTx2SI.patch
  59afcea0-x86-introduce-and-use-setup_force_cpu_cap.patch
  59b2a7f2-x86-HVM-correct-repeat-count-update-linear-phys.patch
- Dropped gcc7-xen.patch - bsc#1057358 - Cannot Boot into SLES12.3 with Xen hypervisor when
  Secure Boot is Enabled
  xen.spec - bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored
  update from v6 to v9 to cover more cases for ballooned domUs
  libxc.sr.superpage.patch - bsc#1026236 - remove suse_vtsc_tolerance= cmdline option for Xen
  drop the patch because it is not upstream acceptable
  remove xen.suse_vtsc_tolerance.patch - bsc#1055695 - XEN: 11SP4 and 12SP3 HVM guests can not be restored
  after the save using xl stack
  libxc.sr.superpage.patch - Unignore gcc-PIE
  the toolstack disables PIE for firmware builds as needed - Upstream patches from Jan (bsc#1027519)
  592fd5f0-stop_machine-fill-result-only-in-case-of-error.patch
  596f257e-x86-fix-hvmemul_insn_fetch.patch
  5982fd99-VT-d-don-t-panic-warn-on-iommu-no-igfx.patch
  598c3630-VT-d-PI-disable-when-CPU-side-PI-is-off.patch
  598c3706-cpufreq-only-stop-ondemand-governor-if-started.patch
  5992f1e5-x86-grant-disallow-misaligned-PTEs.patch (Replaces xsa227.patch)
  5992f20d-gnttab-split-maptrack-lock-to-make-it-useful-again.patch (Replaces xsa228.patch)
  5992f233-gnttab-correct-pin-status-fixup-for-copy.patch (Replaces xsa230.patch)
  59958e76-gnttab-dont-use-possibly-unbounded-tail-calls.patch (Replaces xsa226-1.patch)
  59958ebf-gnttab-fix-transitive-grant-handling.patch (Replaces xsa226-2.patch)
  59958edd-gnttab-avoid-spurious-maptrack-handle-alloc-failures.patch - bsc#1044974 - xen-tools require python-pam
  xen.spec - Clean up spec file errors and a few warnings. (bsc#1027519)
- Removed conditional 'with_systemd' and some old deprecated
  'sles_version' checks.
  xen.spec - Remove use of brctl utiltiy from supportconfig plugin
  FATE#323639 - Use upstream variant of mini-os __udivmoddi4 change
  gcc7-mini-os.patch - fate#323639 Move bridge-utils to legacy
  replace-obsolete-network-configuration-commands-in-s.patch - bsc#1052686 - VUL-0: xen: grant_table: possibly premature
  clearing of GTF_writing / GTF_reading (XSA-230)
  xsa230.patch - bsc#1035231 - migration of HVM domU does not use superpages
  on destination dom0
  libxc.sr.superpage.patch - bsc#1051787 - VUL-0: CVE-2017-12135: xen: possibly unbounded
  recursion in grant table code (XSA-226)
  xsa226-1.patch
  xsa226-2.patch
- bsc#1051788 - VUL-0: CVE-2017-12137: xen: x86: PV privilege
  escalation via map_grant_ref (XSA-227)
  xsa227.patch
- bsc#1051789 - VUL-0: CVE-2017-12136: xen: grant_table: Race
  conditions with maptrack free list handling (XSA-228)
  xsa228.patch - Add a supportconfig plugin
  xen-supportconfig
  FATE#323661 - bsc#1026236 - add suse_vtsc_tolerance= cmdline option for Xen
  To avoid emulation of TSC access from a domU after live migration
  add a global tolerance for the measured host kHz
  xen.suse_vtsc_tolerance.patch - fate#323662 Drop qemu-dm from xen-tools package
  The following tarball and patches have been removed
  qemu-xen-traditional-dir-remote.tar.bz2
  VNC-Support-for-ExtendedKeyEvent-client-message.patch
  0001-net-move-the-tap-buffer-into-TAPState.patch
  0002-net-increase-tap-buffer-size.patch
  0003-e1000-fix-access-4-bytes-beyond-buffer-end.patch
  0004-e1000-secrc-support.patch
  0005-e1000-multi-buffer-packet-support.patch
  0006-e1000-clear-EOP-for-multi-buffer-descriptors.patch
  0007-e1000-verify-we-have-buffers-upfront.patch
  0008-e1000-check-buffer-availability.patch
  CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch
  CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch
  CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch
  CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch
  CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch
  CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch
  CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch
  CVE-2015-4037-qemut-smb-config-dir-name.patch
  CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch
  CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch
  CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch
  CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
  CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch
  CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch
  CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch
  CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
  CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch
  CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch
  CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch
  CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch
  CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch
  CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch
  CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch
  CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch
  CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch
  CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch
  CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch
  CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch
  CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch
  CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch
  CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch
  CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch
  blktap.patch
  cdrom-removable.patch
  xen-qemu-iscsi-fix.patch
  qemu-security-etch1.patch
  xen-disable-qemu-monitor.patch
  xen-hvm-default-bridge.patch
  qemu-ifup-set-mtu.patch
  ioemu-vnc-resize.patch
  capslock_enable.patch
  altgr_2.patch
  log-guest-console.patch
  bdrv_open2_fix_flags.patch
  bdrv_open2_flags_2.patch
  ioemu-7615-qcow2-fix-alloc_cluster_link_l2.patch
  qemu-dm-segfault.patch
  bdrv_default_rwflag.patch
  kernel-boot-hvm.patch
  ioemu-watchdog-support.patch
  ioemu-watchdog-linkage.patch
  ioemu-watchdog-ib700-timer.patch
  ioemu-hvm-pv-support.patch
  pvdrv_emulation_control.patch
  ioemu-disable-scsi.patch
  ioemu-disable-emulated-ide-if-pv.patch
  xenpaging.qemu.flush-cache.patch
  ioemu-devicemodel-include.patch
- Cleanup spec file and remove unused KMP patches
  kmp_filelist
  supported_module.patch
  xen_pvonhvm.xen_emul_unplug.patch - bsc#1002573 - Optimize LVM functions in block-dmmd
  block-dmmd - Record initial Xen dmesg in /var/log/xen/xen-boot.log for
  supportconfig. Keep previous log in /var/log/xen/xen-boot.prev.log - Remove storytelling from description in xen.rpm - Update to Xen 4.9.0 FCS (fate#321394, fate#323108)
  xen-4.9.0-testing-src.tar.bz2 - Update block-dmmd script (bsc#1002573)
  block-dmmd - Update to Xen 4.9.0-rc8+ (fate#321394, fate#323108)
  xen-4.9.0-testing-src.tar.bz2
  gcc7-arm.patch
- Drop gcc7-error-xenpmd.patch - Update to Xen 4.9.0-rc8 (fate#321394, fate#323108)
  xen-4.9.0-testing-src.tar.bz2 - bsc#1042160 - VUL-1: CVE-2017-9330: xen: usb: ohci: infinite loop
  due to incorrect return value
  CVE-2017-9330-qemut-usb-ohci-infinite-loop-due-to-incorrect-return-value.patch - bsc#1037243 - VUL-1: CVE-2017-8309: xen: audio: host memory
  leakage via capture buffer
  CVE-2017-8309-qemut-audio-host-memory-leakage-via-capture-buffer.patch - Update to Xen 4.9.0-rc7 (fate#321394, fate#323108)
  xen-4.9.0-testing-src.tar.bz2 - Update to Xen 4.9.0-rc6 (fate#321394, fate#323108)
  xen-4.9.0-testing-src.tar.bz2 - bsc#1031343 - xen fails to build with GCC 7
  gcc7-mini-os.patch
  gcc7-xen.patch - bsc#1031343 - xen fails to build with GCC 7
  gcc7-error-xenpmd.patch - Update to Xen 4.9.0-rc5 (fate#321394, fate#323108)
  xen-4.9.0-testing-src.tar.bz2
- Drop xen-tools-pkgconfig-xenlight.patch - bsc#1037779 - xen breaks kexec-tools build
  xen-tools-pkgconfig-xenlight.patch - Update to Xen 4.9.0-rc4 (fate#321394, fate#323108)
  xen-4.9.0-testing-src.tar.bz2 - bsc#1036146 - sles12sp2 xen VM dumps core to wrong path
  xen.spec - Update to Xen 4.9.0-rc3 (fate#321394, fate#323108)
  xen-4.9.0-testing-src.tar.bz2
  aarch64-maybe-uninitialized.patch - Update to Xen 4.9.0-rc2 (fate#321394, fate#323108)
  xen-4.9.0-testing-src.tar.bz2 - Update to Xen 4.9.0-rc1 (fate#321394, fate#323108)
  xen-4.9.0-testing-src.tar.bz2
  ioemu-devicemodel-include.patch
- Dropped patches contained in new tarball
  xen-4.8.0-testing-src.tar.bz2
  0001-xenstore-let-write_node-and-some-callers-return-errn.patch
  0002-xenstore-undo-function-rename.patch
  0003-xenstore-rework-of-transaction-handling.patch
  584806ce-x86emul-correct-PUSHF-POPF.patch
  584fc649-fix-determining-when-domain-creation-is-complete.patch
  58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch
  58510cac-x86emul-MOVNTI-no-REP-prefixes.patch
  58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch
  5853ed37-VT-d-correct-dma_msi_set_affinity.patch
  5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch
  58580060-x86-emul-correct-SYSCALL-eflags-handling.patch
  585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch
  585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch
  585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch
  586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch
  587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch
  587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch
  5882129d-x86emul-LOCK-check-adjustments.patch
  58821300-x86-segment-attribute-handling.patch
  58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch
  58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch
  5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch
  5887888f-credit2-never-consider-CPUs-outside-of-pool.patch
  5887888f-credit2-use-the-correct-scratch-cpumask.patch
  5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch
  5899cbd9-EPT-allow-wrcomb-MMIO-mappings-again.patch
  589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch
  58a44771-IOMMU-always-call-teardown-callback.patch
  58a48ccc-x86-fix-p2m_flush_table-for-non-nested.patch
  58a59f4b-libxl-correct-xenstore-entry-for-empty-cdrom.patch
  58a70d94-VMX-fix-VMCS-race-on-cswitch-paths.patch
  58ac1f3f-VMX-dont-leak-host-syscall-MSRs.patch
  58b5a2de-x86-correct-Xens-idea-of-its-memory-layout.patch
  58b6fd42-credit2-always-mark-a-tickled-pCPU-as-tickled.patch
  58b6fd42-credit2-dont-miss-accounting-during-credit-reset.patch
  58cbf682-x86-EFI-avoid-overrunning-mb_modules.patch
  58cf9200-x86-EFI-avoid-IOMMU-faults-on-tail-gap.patch
  58cf9260-x86-EFI-avoid-Xen-when-looking-for-mod-kexec-pos.patch
  58cf9277-x86-time-dont-use-vTSC-if-host-guest-freqs-match.patch
  58d25ea2-xenstore-add-missing-checks-for-allocation-failure.patch
  58d91365-sched-dont-call-wrong-hook-via-VCPU2OP.patch
  CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch
  CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch
  glibc-2.25-compatibility-fix.patch
  xs-09-add_change_node-params.patch
  xs-10-call-add_change_node.patch
  xs-11-tdb-record-header.patch
  xs-12-node-gen-count.patch
  xs-13-read-directory-part-support.patch
  xs-14-command-array.patch
  xs-15-command-return-val.patch
  xs-16-function-static.patch
  xs-17-arg-parsing.patch
  xs-18-default-buffer.patch
  xs-19-handle-alloc-failures.patch
  xs-20-tdb-version.patch
  xs-21-empty-tdb-database.patch
  xs-22-reopen_log-fix.patch
  xs-23-XS_DEBUG-rename.patch
  xs-24-xenstored_control.patch
  xs-25-control-enhance.patch
  xs-26-log-control.patch
  xs-27-memory-report.patch
  xs-28-remove-talloc-report.patch
  xs-29-define-off_t.patch
  xsa206-0001-xenstored-apply-a-write-transaction-rate-limit.patch
  xsa206-0002-xenstored-Log-when-the-write-transaction-rate-limit.patch - bsc#1022703 - Xen HVM guest with OVMF hangs with unattached CDRom
  58a59f4b-libxl-correct-xenstore-entry-for-empty-cdrom.patch - bsc#1015348 - L3: libvirtd does not start during boot
  suse-xendomains-service.patch - bsc#1014136 - Partner-L3: kdump can't dump a kernel on SLES12-SP2
  with Xen hypervisor.
  58cf9260-x86-EFI-avoid-Xen-when-looking-for-mod-kexec-pos.patch
- bsc#1026236 - L3: Paravirtualized vs. fully virtualized migration
  - latter one much faster
  58cf9277-x86-time-dont-use-vTSC-if-host-guest-freqs-match.patch
- Upstream patch from Jan
  58cbf682-x86-EFI-avoid-overrunning-mb_modules.patch
  58cf9200-x86-EFI-avoid-IOMMU-faults-on-tail-gap.patch
  58d91365-sched-dont-call-wrong-hook-via-VCPU2OP.patch - bsc#1022555 - L3: Timeout in "execution of /etc/xen/scripts/block
  add"
  58d25ea2-xenstore-add-missing-checks-for-allocation-failure.patch
  0001-xenstore-let-write_node-and-some-callers-return-errn.patch
  0002-xenstore-undo-function-rename.patch
  0003-xenstore-rework-of-transaction-handling.patch
- bsc#1030144 - VUL-0: xen: xenstore denial of service via repeated
  update (XSA-206)
  xsa206-0001-xenstored-apply-a-write-transaction-rate-limit.patch
  xsa206-0002-xenstored-Log-when-the-write-transaction-rate-limit.patch
- bsc#1029827 - Forward port xenstored
  xs-09-add_change_node-params.patch
  xs-10-call-add_change_node.patch
  xs-11-tdb-record-header.patch
  xs-12-node-gen-count.patch
  xs-13-read-directory-part-support.patch
  xs-14-command-array.patch
  xs-15-command-return-val.patch
  xs-16-function-static.patch
  xs-17-arg-parsing.patch
  xs-18-default-buffer.patch
  xs-19-handle-alloc-failures.patch
  xs-20-tdb-version.patch
  xs-21-empty-tdb-database.patch
  xs-22-reopen_log-fix.patch
  xs-23-XS_DEBUG-rename.patch
  xs-24-xenstored_control.patch
  xs-25-control-enhance.patch
  xs-26-log-control.patch
  xs-27-memory-report.patch
  xs-28-remove-talloc-report.patch
  xs-29-define-off_t.patch - bsc#1029128 - fix make xen to really produce xen.efi with gcc48 - bsc#1028235 - VUL-0: CVE-2017-6505: xen: qemu: usb: an infinite
  loop issue in ohci_service_ed_list
  CVE-2017-6505-qemut-usb-an-infinite-loop-issue-in-ohci_service_ed_list.patch
- Upstream patches from Jan (bsc#1027519)
  5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch
  5887888f-credit2-use-the-correct-scratch-cpumask.patch
  5899cbd9-EPT-allow-wrcomb-MMIO-mappings-again.patch
  589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch
  58a44771-IOMMU-always-call-teardown-callback.patch
  58a48ccc-x86-fix-p2m_flush_table-for-non-nested.patch
  58a70d94-VMX-fix-VMCS-race-on-cswitch-paths.patch
  58ac1f3f-VMX-dont-leak-host-syscall-MSRs.patch
  58b5a2de-x86-correct-Xens-idea-of-its-memory-layout.patch
  58b6fd42-credit2-always-mark-a-tickled-pCPU-as-tickled.patch
  58b6fd42-credit2-dont-miss-accounting-during-credit-reset.patch - bsc#1027654 - XEN fails to build against glibc 2.25
  glibc-2.25-compatibility-fix.patch
  libxl.pvscsi.patch - fate#316613: Refresh and enable libxl.pvscsi.patch - bsc#1024834 - VUL-0: CVE-2017-2620: xen: cirrus_bitblt_cputovideo
  does not check if memory region is safe (XSA-209)
  CVE-2017-2620-xsa209-qemut-cirrus_bitblt_cputovideo-does-not-check-if-memory-region-safe.patch - bsc#1023948 - [pvusb][sles12sp3][openqa] Segmentation fault
  happened when adding usbctrl devices via xl
  589b3272-libxl-dont-segfault-when-creating-domain-with-invalid-pvusb-device.patch - Upstream patches from Jan (bsc#1027519)
  587d04d6-x86-xstate-fix-array-overrun-with-LWP.patch
  587de4a9-x86emul-VEX-B-ignored-in-compat-mode.patch
  5882129d-x86emul-LOCK-check-adjustments.patch
  58821300-x86-segment-attribute-handling.patch
  58873c1f-x86emul-correct-FPU-stub-asm-constraints.patch
  58873c80-x86-hvm-do-not-set-msr_tsc_adjust-on-.patch
  5887888f-credit2-use-the-correct-scratch-cpumask.patch
  5887888f-credit2-never-consider-CPUs-outside-of-pool.patch
  5887888f-credit2-fix-shutdown-suspend-with-cpupools.patch
  5888b1b3-x86-emulate-dont-assume-addr_size-32-implies-protmode.patch - bsc#1023004 - VUL-0: CVE-2017-2615: qemu: display: cirrus: oob
  access while doing bitblt copy backward mode
  CVE-2017-2615-qemut-display-cirrus-oob-access-while-doing-bitblt-copy-backward-mode.patch - fate#322313 and fate#322150 require the acpica package ported to
  aarch64 which Xen 4.8 needs to build. Temporarily disable aarch64
  until these fates are complete.
  xen.spec - bsc#1021952 - Virutalization/xen: Bug xen-tools missing
  /usr/bin/domu-xenstore; guests fail to launch
  tmp_build.patch
  xen.spec - No systemd presets for 42.3+ and SLE12SP3+ (bsc#1012842) - bsc#1007224 - broken symlinks in /usr/share/doc/packages/xen/misc/
  xen.spec - 585aa3c5-x86-force-EFLAGS-IF-on-upon-exit-to-PV.patch
  Replaces xsa202.patch (bsc#1014298)
- 585aa407-x86-HVM-NULL-check-before-using-VMFUNC-hook.patch
  Replaces xsa203.patch (bsc#1014300)
- 58580060-x86-emul-correct-SYSCALL-eflags-handling.patch
  Replaces xsa204.patch (bsc#1016340)
- Upstream patches from Jan
  58526ccc-x86emul-64bit-ignore-most-segment-bases-in-align-check.patch
  5853ed37-VT-d-correct-dma_msi_set_affinity.patch
  5853ee07-x86emul-CMPXCHG16B-aligned-operand.patch
  585bd5fe-x86-emul-correct-VMFUNC-return-value-handling.patch
  586ba81c-x86-cpu-dont-update-this_cpu-for-guest-get_cpu_vendor.patch - bsc#1015169 - VUL-0: CVE-2016-9921, CVE-2016-9922: xen: qemu:
  display: cirrus_vga: a divide by zero in cirrus_do_copy
  CVE-2016-9921-qemut-display-cirrus_vga-divide-by-zero-in-cirrus_do_copy.patch - bsc#1016340 - VUL-0: CVE-2016-10013: xen: x86: Mishandling of
  SYSCALL singlestep during emulation (XSA-204)
  xsa204.patch - bsc#1012651 - VUL-0: CVE-2016-9932: xen: x86 CMPXCHG8B emulation
  fails to ignore operand size override (XSA-200)
  58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch - bsc#1014298 - VUL-0: CVE-2016-10024: xen: x86 PV guests may be
  able to mask interrupts (XSA-202)
  xsa202.patch
- bsc#1014300 - VUL-0: CVE-2016-10025: xen: x86: missing NULL
  pointer check in VMFUNC emulation (XSA-203)
  xsa203.patch
- Upstream patches from Jan
  584806ce-x86emul-correct-PUSHF-POPF.patch
  584fc649-fix-determining-when-domain-creation-is-complete.patch
  58510c06-x86emul-CMPXCHGnB-ignore-prefixes.patch
  58510cac-x86emul-MOVNTI-no-REP-prefixes.patch - Update to Xen 4.8 FCS
  xen-4.8.0-testing-src.tar.bz2
- Dropped
  xen-4.7.1-testing-src.tar.bz2
  0001-libxc-Rework-extra-module-initialisation.patch
  0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch
  0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch
  0004-firmware-makefile-install-BIOS-blob.patch
  0005-libxl-Load-guest-BIOS-from-file.patch
  0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch
  0007-hvmloader-Grab-the-hvm_start_info-pointer.patch
  0008-hvmloader-Locate-the-BIOS-blob.patch
  0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch
  0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch
  0011-hvmloader-Load-OVMF-from-modules.patch
  0012-hvmloader-Specific-bios_load-function-required.patch
  0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch
  0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch
  57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch
  576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch
  5769106e-x86-generate-assembler-equates-for-synthesized.patch
  57a1e603-x86-time-adjust-local-system-time-initialization.patch
  57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch
  57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch
  57a30261-x86-support-newer-Intel-CPU-models.patch
  5810a9cc-x86-emul-Correct-decoding-of-SReg3-operands.patch
  581b2c3b-x86-emul-reject-LGDT-LIDT-with-non-canonical-addresses.patch
  581b647a-x86emul-L-S-G-I-DT-ignore-opsz-overrides-in-64-bit-mode.patch
  58249392-x86-svm-dont-clobber-eax-edx-if-RDMSR-intercept-fails.patch
  582c35d6-x86-vmx-correct-long-mode-check-in-vmx_cpuid_intercept.patch
  582c35ee-x86-traps-dont-call-hvm_hypervisor_cpuid_leaf-for-PV.patch
  58343dc2-x86-hvm-Fix-the-handling-of-non-present-segments.patch
  58343df8-x86-HVM-dont-load-LDTR-with-VM86-mode-attrs-during-task-switch.patch
  58343e24-x86-PV-writes-of-fs-and-gs-base-MSRs-require-canonical-addresses.patch
  58343e9e-libelf-fix-stack-memory-leak-when-loading-32-bit-symbol-tables.patch
  58343ec2-x86emul-fix-huge-bit-offset-handling.patch
  58343f29-x86-emul-correct-the-IDT-entry-calculation-in-inject_swint.patch
  58343f44-x86-svm-fix-injection-of-software-interrupts.patch
  58343f79-pygrub-Properly-quote-results-when-returning-them-to-the-caller.patch
  CVE-2016-9381-xsa197-qemut.patch
  CVE-2016-9637-xsa199-qemut.patch - bsc#1011652 - VUL-0: xen: qemu ioport array overflow
  CVE-2016-9637-xsa199-qemut.patch - bsc#1009100 - VUL-0: CVE-2016-9386: XSA-191: xen: x86 null
  segments not always treated as unusable
  58343dc2-x86-hvm-Fix-the-handling-of-non-present-segments.patch
- bsc#1009103 - VUL-0: CVE-2016-9382: XSA-192: xen: x86 task switch
  to VM86 mode mis-handled
  58343df8-x86-HVM-dont-load-LDTR-with-VM86-mode-attrs-during-task-switch.patch
- bsc#1009104 - VUL-0: CVE-2016-9385: XSA-193: xen: x86 segment base
  write emulation lacking canonical address checks
  58343e24-x86-PV-writes-of-fs-and-gs-base-MSRs-require-canonical-addresses.patch
- bsc#1009105 - VUL-0: CVE-2016-9384: XSA-194: xen: guest 32-bit
  ELF symbol table load leaking host data
  58343e9e-libelf-fix-stack-memory-leak-when-loading-32-bit-symbol-tables.patch
- bsc#1009107 - VUL-0: CVE-2016-9383: XSA-195: xen: x86 64-bit bit
  test instruction emulation broken
  58343ec2-x86emul-fix-huge-bit-offset-handling.patch
- bsc#1009108 - VUL-0: CVE-2016-9377,CVE-2016-9378: XSA-196: xen:
  x86 software interrupt injection mis-handled
  58343f29-x86-emul-correct-the-IDT-entry-calculation-in-inject_swint.patch
  58343f44-x86-svm-fix-injection-of-software-interrupts.patch
- bsc#1009109 - VUL-0: CVE-2016-9381: XSA-197: xen: qemu incautious
  about shared ring processing
  CVE-2016-9381-xsa197-qemut.patch
- bsc#1009111 - VUL-0: CVE-2016-9379,CVE-2016-9380: XSA-198: xen:
  delimiter injection vulnerabilities in pygrub
  58343f79-pygrub-Properly-quote-results-when-returning-them-to-the-caller.patch
- Upstream patches from Jan
  581b2c3b-x86-emul-reject-LGDT-LIDT-with-non-canonical-addresses.patch
  581b647a-x86emul-L-S-G-I-DT-ignore-opsz-overrides-in-64-bit-mode.patch
  58249392-x86-svm-dont-clobber-eax-edx-if-RDMSR-intercept-fails.patch
  582c35d6-x86-vmx-correct-long-mode-check-in-vmx_cpuid_intercept.patch
  582c35ee-x86-traps-dont-call-hvm_hypervisor_cpuid_leaf-for-PV.patch - Update to Xen Version 4.7.1
  xen-4.7.1-testing-src.tar.bz2
- Dropped patches contained in new tarball
  xen-4.7.0-testing-src.tar.bz2
  575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch
  57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch
  57973099-have-schedulers-revise-initial-placement.patch
  579730e6-remove-buggy-initial-placement-algorithm.patch
  57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch
  57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch
  57ac6316-don-t-restrict-DMA-heap-to-node-0.patch
  57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch
  57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch
  57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch
  57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch
  57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch
  57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch
  57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch
  57c82be2-x86-32on64-adjust-call-gate-emulation.patch
  57c93e52-fix-error-in-libxl_device_usbdev_list.patch
  57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch
  57c96e2c-x86-correct-PT_NOTE-file-position.patch
  57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch
  57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch
  57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch
  57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch
  57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch
  57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch
  57d7ca5f-x86-domctl-fix-TOCTOU-race-in-XEN_DOMCTL_getvcpuextstate.patch
  57d7ca64-x86-domctl-fix-migration-of-guests-not-using-xsave.patch
  57da8883-credit1-fix-mask-to-be-used-for-tickling.patch
  57da8883-credit2-properly-schedule-migration-of-running-vcpu.patch
  57dfb1c5-x86-Intel-hide-CPUID-faulting-capability-from-guests.patch
  57e93e1d-x86emul-correct-loading-of-ss.patch
  57e93e4a-x86emul-don-t-allow-null-selector-for-LTR.patch
  57e93e89-x86-AMD-apply-erratum-665-workaround.patch
  57ee6cbc-credit1-return-time-remaining-to-limit-as-next-timeslice.patch
  57f3a8ee-x86emul-honor-guest-CR0-TS-and-CR0-EM.patch
  57fb6a91-x86-defer-not-present-segment-checks.patch
  5800c51d-x86-hvm-Clobber-cs-L-when-LME-becomes-set.patch
  5800caec-x86emul-fix-pushing-of-selector-registers.patch
  5800cb06-x86-Viridian-don-t-depend-on-undefined-register-state.patch
  580e29f9-x86-MISALIGNSSE-feature-depends-on-SSE.patch
  57dfb2ff-x86-Intel-Broadwell-no-PKG_C8-10_RESIDENCY-MSRs.patch - bsc#1004981 - Xen RPM doesn't contain debug hypervisor for EFI
  systems
  xen.spec - bsc#1000106 - VUL-0: CVE-2016-7777: xen: CR0.TS and CR0.EM not
  always honored for x86 HVM guests (XSA-190)
  57f3a8ee-x86emul-honor-guest-CR0-TS-and-CR0-EM.patch
- bsc#996191 - [XEN][acpi]residency -n 88 -c will cause xen panic
  on broadwell-ep
  57dfb2ff-x86-Intel-Broadwell-no-PKG_C8-10_RESIDENCY-MSRs.patch
- Upstream patches from Jan
  57d7ca5f-x86-domctl-fix-TOCTOU-race-in-XEN_DOMCTL_getvcpuextstate.patch
  57d7ca64-x86-domctl-fix-migration-of-guests-not-using-xsave.patch
  57da8883-credit1-fix-mask-to-be-used-for-tickling.patch
  57da8883-credit2-properly-schedule-migration-of-running-vcpu.patch
  57dfb1c5-x86-Intel-hide-CPUID-faulting-capability-from-guests.patch
  57e93e1d-x86emul-correct-loading-of-ss.patch
  57e93e4a-x86emul-don-t-allow-null-selector-for-LTR.patch
  57e93e89-x86-AMD-apply-erratum-665-workaround.patch
  57ee6cbc-credit1-return-time-remaining-to-limit-as-next-timeslice.patch
  57fb6a91-x86-defer-not-present-segment-checks.patch
  5800c51d-x86-hvm-Clobber-cs-L-when-LME-becomes-set.patch
  5800caec-x86emul-fix-pushing-of-selector-registers.patch
  5800cb06-x86-Viridian-don-t-depend-on-undefined-register-state.patch
  580e29f9-x86-MISALIGNSSE-feature-depends-on-SSE.patch
  5810a9cc-x86-emul-Correct-decoding-of-SReg3-operands.patch - bsc#1007941 - Xen tools limit the number of vcpus to 256 when the
  system has 384
  xen-arch-kconfig-nr_cpus.patch - bsc#1007157 - VUL-0: CVE-2016-8910: xen: net: rtl8139: infinite
  loop while transmit in C+ mode
  CVE-2016-8910-qemut-net-rtl8139-infinite-loop-while-transmit-in-Cplus-mode.patch - bsc#1005004 - CVE-2016-8667: xen: dma: rc4030 divide by zero
  error in set_next_tick
  CVE-2016-8667-qemut-dma-rc4030-divide-by-zero-error-in-set_next_tick.patch
- bsc#1005005 - VUL-0: CVE-2016-8669: xen: char: divide by zero
  error in serial_update_parameters
  CVE-2016-8669-qemut-char-divide-by-zero-error-in-serial_update_parameters.patch - bsc#1003030 - VUL-0: CVE-2016-7908: xen: net: Infinite loop in
  mcf_fec_do_tx
  CVE-2016-7908-qemut-net-Infinite-loop-in-mcf_fec_do_tx.patch
- bsc#1003032 - VUL-0: CVE-2016-7909: xen: net: pcnet: infinite
  loop in pcnet_rdra_addr
  CVE-2016-7909-qemut-net-pcnet-infinite-loop-in-pcnet_rdra_addr.patch - bsc#995785 - VUL-0: CVE-2016-7092: xen: x86: Disallow L3
  recursive pagetable for 32-bit PV guests (XSA-185)
  57d1563d-x86-32on64-don-t-allow-recursive-page-tables-from-L3.patch
- bsc#995789 - VUL-0: CVE-2016-7093: xen: x86: Mishandling of
  instruction pointer truncation during emulation (XSA-186)
  57d15679-x86-emulate-Correct-boundary-interactions-of-emulated-insns.patch
  57d18642-hvm-fep-Allow-test-insns-crossing-1-0-boundary.patch
- bsc#995792 - VUL-0: CVE-2016-7094: xen: x86 HVM: Overflow of
  sh_ctxt->seg_reg[] (XSA-187)
  57d1569a-x86-shadow-Avoid-overflowing-sh_ctxt-seg_reg.patch
  57d18642-x86-segment-Bounds-check-accesses-to-emulation-ctxt-seg_reg.patch
- bsc#991934 - xen hypervisor crash in csched_acct
  57c96df3-credit1-fix-a-race-when-picking-initial-pCPU.patch
- Upstream patches from Jan
  57c4412b-x86-HVM-add-guarding-logic-for-VMX-specific-code.patch
  57c57f73-libxc-correct-max_pfn-calculation-for-saving-domain.patch
  57c805bf-x86-levelling-restrict-non-architectural-OSXSAVE-handling.patch
  57c805c1-x86-levelling-pass-vcpu-to-ctxt_switch_levelling.patch
  57c805c3-x86-levelling-provide-architectural-OSXSAVE-handling.patch
  57c82be2-x86-32on64-adjust-call-gate-emulation.patch
  57c96e2c-x86-correct-PT_NOTE-file-position.patch
  57cfed43-VMX-correct-feature-checks-for-MPX-and-XSAVES.patch - bsc#979002 - add 60-persistent-xvd.rules and helper script
  also to initrd, add the relevant dracut helper - bnc#953518 - unplug also SCSI disks in qemu-xen-traditional for
  upstream unplug protocol - bsc#989679 - [pvusb feature] USB device not found when
  'virsh detach-device guest usb.xml'
  57c93e52-fix-error-in-libxl_device_usbdev_list.patch - bsc#992224 - [HPS Bug] During boot of Xen Hypervisor, Failed to
  get contiguous memory for DMA from Xen
  57ac6316-don-t-restrict-DMA-heap-to-node-0.patch
- bsc#978755 - xen uefi systems fail to boot
- bsc#983697 - SLES12 SP2 Xen UEFI mode cannot boot
  57b71fc5-x86-EFI-don-t-apply-relocations-to-l-2-3-_bootmap.patch
- Upstream patch from Jan
  57b7447b-dont-permit-guest-to-populate-PoD-pages-for-itself.patch - spec: to stay compatible with the in-tree qemu-xen binary, use
  /usr/bin/qemu-system-i386 instead of /usr/bin/qemu-system-x86_64
  bsc#986164 - bsc#970135 - new virtualization project clock test randomly fails
  on Xen
  576001df-x86-time-use-local-stamp-in-TSC-calibration-fast-path.patch
  5769106e-x86-generate-assembler-equates-for-synthesized.patch
  57a1e603-x86-time-adjust-local-system-time-initialization.patch
  57a1e64c-x86-time-introduce-and-use-rdtsc_ordered.patch
  57a2f6ac-x86-time-calibrate-TSC-against-platform-timer.patch
- bsc#991934 - xen hypervisor crash in csched_acct
  57973099-have-schedulers-revise-initial-placement.patch
  579730e6-remove-buggy-initial-placement-algorithm.patch
- bsc#988675 - VUL-0: CVE-2016-6258: xen: x86: Privilege escalation
  in PV guests (XSA-182)
  57976073-x86-remove-unsafe-bits-from-mod_lN_entry-fastpath.patch
- bsc#988676 - VUL-0: CVE-2016-6259: xen: x86: Missing SMAP
  whitelisting in 32-bit exception / event delivery (XSA-183)
  57976078-x86-avoid-SMAP-violation-in-compat_create_bounce_frame.patch
- Upstream patches from Jan
  57a30261-x86-support-newer-Intel-CPU-models.patch - bsc#985503 - vif-route broken
  vif-route.patch - bsc#978413 - PV guest upgrade from sles11sp4 to sles12sp2 alpha3
  failed on sles11sp4 xen host.
  pygrub-handle-one-line-menu-entries.patch - bsc#990843 - VUL-1: CVE-2016-6351: xen: qemu: scsi: esp: OOB
  write access in esp_do_dma
  CVE-2016-6351-qemut-scsi-esp-make-cmdbuf-big-enough-for-maximum-CDB-size.patch - bsc#900418 - Dump cannot be performed on SLES12 XEN
  57580bbd-kexec-allow-relaxed-placement-via-cmdline.patch
- Upstream patches from Jan
  575e9ca0-nested-vmx-Validate-host-VMX-MSRs-before-accessing-them.patch
  57640448-xen-sched-use-default-scheduler-upon-an-invalid-sched.patch - fate#319989 - Update to Xen 4.7 FCS
  xen-4.7.0-testing-src.tar.bz2
- Drop CVE-2014-3672-qemut-xsa180.patch - bsc#954872 - script block-dmmd not working as expected - libxl:
  error: libxl_dm.c (Additional fixes)
  block-dmmd - Convert with_stubdom into build_conditional to allow adjusting
  via prjconf
- Convert with_debug into build_conditional to allow adjusting
  via prjconf - bsc#979002 - add 60-persistent-xvd.rules and helper script to
  xen-tools-domU to simplify transition to pvops based kernels - Convert with_oxenstored into build_conditional to allow
  adjusting via prjconf (fate#320836) - bsc#983984 - VUL-0: CVE-2016-5338: xen: qemu: scsi: esp: OOB r/w
  access while processing ESP_FIFO
  CVE-2016-5338-qemut-scsi-esp-OOB-rw-access-while-processing-ESP_FIFO.patch
- bsc#982960 - VUL-0: CVE-2016-5238: xen: qemu: scsi: esp: OOB
  write when using non-DMA mode in get_cmd
  CVE-2016-5238-qemut-scsi-esp-OOB-write-when-using-non-DMA-mode-in-get_cmd.patch - fate#319989 - Update to Xen 4.7 RC5
  xen-4.7.0-testing-src.tar.bz2 - fate#319989 - Update to Xen 4.7 RC4
  xen-4.7.0-testing-src.tar.bz2
- Dropped
  xen.pkgconfig-4.7.patch
  xsa164.patch - bsc#981264 - VUL-0: CVE-2014-3672: xen: Unrestricted qemu logging
  (XSA-180)
  CVE-2014-3672-qemut-xsa180.patch - bsc#980724 - VUL-0: CVE-2016-4441: Qemu: scsi: esp: OOB write
  while writing to 's->cmdbuf' in get_cmd
  CVE-2016-4441-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-get_cmd.patch
- bsc#980716 - VUL-0: CVE-2016-4439: xen: scsi: esp: OOB write
  while writing to 's->cmdbuf' in esp_reg_write
  CVE-2016-4439-qemut-scsi-esp-OOB-write-while-writing-to-cmdbuf-in-esp_reg_write.patch - fate#319989 - Update to Xen 4.7 RC3
  xen-4.7.0-testing-src.tar.bz2
- Dropped
  libxl-remove-cdrom-cachemode.patch
  x86-PoD-only-reclaim-if-needed.patch
  gcc6-warnings-as-errors.patch - bsc#954872 - script block-dmmd not working as expected - libxl:
  error: libxl_dm.c (another modification)
  block-dmmd - fate#319989 - Update to Xen 4.7 RC2
  xen-4.7.0-testing-src.tar.bz2 - bsc#961600 - L3: poor performance when Xen HVM domU configured
  with max memory > current memory
  x86-PoD-only-reclaim-if-needed.patch - Mark SONAMEs and pkgconfig as xen 4.7
  xen.pkgconfig-4.7.patch - bsc#977329 - Xen: Cannot boot HVM guests with empty cdrom
  libxl-remove-cdrom-cachemode.patch - fate#319989 - Update to Xen 4.7 RC1
  xen-4.7.0-testing-src.tar.bz2 - fate#316614: set migration constraints from cmdline
  restore libxl.set-migration-constraints-from-cmdline.patch - Remove obsolete patch for xen-kmp
  magic_ioport_compat.patch - fate#316613: update to v12
  libxl.pvscsi.patch - Update to the latest Xen 4.7 pre-release c2994f86
  Drop libxl.migrate-legacy-stream-read.patch - bnc#972756 - Can't migrate HVM guest from SLES12SP1 Xen host
  to SLES12SP2 Alpha 1 host using xl migrate
  libxl.migrate-legacy-stream-read.patch - Add patches from proposed upstream series to load BIOS's from
  the toolstack instead of embedding in hvmloader
  http://lists.xenproject.org/archives/html/xen-devel/2016-03/msg01626.html
  0001-libxc-Rework-extra-module-initialisation.patch,
  0002-libxc-Prepare-a-start-info-structure-for-hvmloader.patch,
  0003-configure-define-SEABIOS_PATH-and-OVMF_PATH.patch,
  0004-firmware-makefile-install-BIOS-blob.patch,
  0005-libxl-Load-guest-BIOS-from-file.patch,
  0006-xen-Move-the-hvm_start_info-C-representation-from-li.patch,
  0007-hvmloader-Grab-the-hvm_start_info-pointer.patch,
  0008-hvmloader-Locate-the-BIOS-blob.patch,
  0009-hvmloader-Check-modules-whereabouts-in-perform_tests.patch,
  0010-hvmloader-Load-SeaBIOS-from-hvm_start_info-modules.patch,
  0011-hvmloader-Load-OVMF-from-modules.patch,
  0012-hvmloader-Specific-bios_load-function-required.patch,
  0013-hvmloader-Always-build-in-SeaBIOS-and-OVMF-loader.patch,
  0014-configure-do-not-depend-on-SEABIOS_PATH-or-OVMF_PATH.patch
- Enable support for UEFI on x86_64 using the ovmf-x86_64-ms.bin
  firmware from qemu-ovmf-x86_64. The firmware is preloaded with
  Microsoft keys to more closely resemble firmware on real hardware
  FATE#320490 - fate#319989: Update to Xen 4.7 (pre-release)
  xen-4.7.0-testing-src.tar.bz2
- Dropped:
  xen-4.6.1-testing-src.tar.bz2
  55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch
  5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch
  5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch
  5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch
  hotplug-Linux-block-performance-fix.patch
  set-mtu-from-bridge-for-tap-interface.patch
  xendomains-libvirtd-conflict.patch
  xsa154.patch
  xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch
  xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch
  xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch
  xsa170.patch - Use system SeaBIOS instead of building/installing another one
  FATE#320638
  Dropped files:
  seabios-dir-remote.tar.bz2
  xen-c99-fix.patch
  xen.build-compare.seabios.patch - spec: drop BuildRequires that were only needed for qemu-xen - bsc#969377 - xen does not build with GCC 6
  ipxe-use-rpm-opt-flags.patch
  gcc6-warnings-as-errors.patch - bsc#969351 - VUL-0: CVE-2016-2841: xen: net: ne2000: infinite
  loop in ne2000_receive
  CVE-2016-2841-qemut-ne2000-infinite-loop-in-ne2000_receive.patch
- Drop xsa154-fix.patch - Use system qemu instead of building/installing yet another qemu
  FATE#320638
- Dropped files
  qemu-xen-dir-remote.tar.bz2
  CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch
  CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch
  CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch
  CVE-2015-4037-qemuu-smb-config-dir-name.patch
  CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
  CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch
  CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch
  CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch
  CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch
  CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch
  CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch
  CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch
  CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch
  CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch
  CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch
  CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch
  CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch
  CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
  CVE-2016-2538-qemuu-usb-integer-overflow-in-remote-NDIS-message-handling.patch
  CVE-2015-8619-qemuu-stack-based-OOB-write-in-hmp_sendkey-routine.patch
  qemu-xen-enable-spice-support.patch
  qemu-xen-upstream-qdisk-cache-unsafe.patch
  tigervnc-long-press.patch
  xsa162-qemuu.patch - bsc#962321 - VUL-0: CVE-2016-1922: xen: i386: null pointer
  dereference in vapic_write()
  CVE-2016-1922-qemuu-i386-null-pointer-dereference-in-vapic_write.patch - bsc#968004 - VUL-0: CVE-2016-2538: xen: usb: integer overflow in
  remote NDIS control message handling
  CVE-2016-2538-qemuu-usb-integer-overflow-in-remote-NDIS-message-handling.patch - bsc#954872 - L3: script block-dmmd not working as expected -
  libxl: error: libxl_dm.c
  block-dmmd
- Update libxl to recognize dmmd and npiv prefix in disk spec
  xen.libxl.dmmd.patch - bsc#967101 - VUL-0: CVE-2016-2391: xen: usb: multiple eof_timers
  in ohci module leads to null pointer dereference
  CVE-2016-2391-qemuu-usb-null-pointer-dereference-in-ohci-module.patch
  CVE-2016-2391-qemut-usb-null-pointer-dereference-in-ohci-module.patch
- bsc#967090 - VUL-0: CVE-2016-2392: xen: usb: null pointer
  dereference in remote NDIS control message handling
  CVE-2016-2392-qemuu-usb-null-pointer-dereference-in-NDIS-message-handling.patch - Update to Xen Version 4.6.1
  xen-4.6.1-testing-src.tar.bz2
- Dropped patches now contained in tarball or unnecessary
  xen-4.6.0-testing-src.tar.bz2
  5604f239-x86-PV-properly-populate-descriptor-tables.patch
  561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-it-is-zero.patch
  561d2046-VT-d-use-proper-error-codes-in-iommu_enable_x2apic_IR.patch
  561d20a0-x86-hide-MWAITX-from-PV-domains.patch
  561e3283-x86-NUMA-fix-SRAT-table-processor-entry-parsing-and-consumption.patch
  5632118e-arm-Support-hypercall_create_continuation-for-multicall.patch
  56321222-arm-rate-limit-logging-from-unimplemented-PHYSDEVOP-and-HVMOP.patch
  56321249-arm-handle-races-between-relinquish_memory-and-free_domheap_pages.patch
  5632127b-x86-guard-against-undue-super-page-PTE-creation.patch
  5632129c-free-domain-s-vcpu-array.patch
  563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
  563212e4-xenoprof-free-domain-s-vcpu-array.patch
  563212ff-x86-rate-limit-logging-in-do_xen-oprof-pmu-_op.patch
  56323737-libxl-adjust-PoD-target-by-memory-fudge-too.patch
  56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch
  5641ceec-x86-HVM-always-intercept-AC-and-DB.patch
  56549f24-x86-vPMU-document-as-unsupported.patch
  5677f350-x86-make-debug-output-consistent-in-hvm_set_callback_via.patch
  xsa155-qemut-qdisk-double-access.patch
  xsa155-qemut-xenfb.patch
  xsa155-qemuu-qdisk-double-access.patch
  xsa155-qemuu-xenfb.patch
  xsa159.patch
  xsa160.patch
  xsa162-qemut.patch
  xsa165.patch
  xsa166.patch
  xsa167.patch
  xsa168.patch - bsc#965315 - VUL-0: CVE-2016-2270: xen: x86: inconsistent
  cachability flags on guest mappings (XSA-154)
  xsa154.patch
- bsc#965317 - VUL-0: CVE-2016-2271: xen: VMX: guest user mode may
  crash guest with non-canonical RIP (XSA-170)
  xsa170.patch - bsc#965269 - VUL-1: CVE-2015-8619: xen: stack based OOB write in
  hmp_sendkey routine
  CVE-2015-8619-qemuu-stack-based-OOB-write-in-hmp_sendkey-routine.patch - bsc#965156 - VUL-0: CVE-2015-6855: xen: ide: divide by zero issue
  CVE-2015-6855-qemuu-ide-divide-by-zero-issue.patch
- bsc#965112 - VUL-0: CVE-2014-3640: xen: slirp: NULL pointer deref
  in sosendto()
  CVE-2014-3640-qemut-slirp-NULL-pointer-deref-in-sosendto.patch - bsc#964947 - VUL-0: CVE-2015-5278: xen: Infinite loop in
  ne2000_receive() function
  CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch
- bsc#956832 - VUL-0: CVE-2015-8345: xen: qemu: net: eepro100:
  infinite loop in processing command block list
  CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch
  CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch - bsc#964644 - VUL-0: CVE-2013-4533: xen pxa2xx: buffer overrun on
  incoming migration
  CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch
- bsc#964925 - VUL-0: CVE-2014-0222: xen: qcow1: validate L2 table
  size to avoid integer overflows
  CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch
- Dropped CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch - bsc#964415 - VUL-1: CVE-2016-2198: xen: usb: ehci null pointer
  dereference in ehci_caps_write
  CVE-2016-2198-qemuu-usb-ehci-null-pointer-dereference-in-ehci_caps_write.patch
- bsc#964452 - VUL-0: CVE-2013-4534: xen: openpic: buffer overrun
  on incoming migration
  CVE-2013-4534-qemut-openpic-buffer-overrun-on-incoming-migration.patch - bsc#963783 - VUL-1: CVE-2016-1981: xen: net: e1000 infinite loop
  in start_xmit and e1000_receive_iov routines
  CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
  CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch - bsc#962758 - VUL-0: CVE-2013-4539: xen: tsc210x: buffer overrun
  on invalid state load
  CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch - bsc#962632 - VUL-0: CVE-2015-1779: xen: vnc: insufficient
  resource limiting in VNC websockets decoder
  CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-clients.patch
  CVE-2015-1779-qemuu-incrementally-decode-websocket-frames.patch
- bsc#962642 - VUL-0: CVE-2013-4537: xen: ssi-sd: buffer overrun on
  invalid state load
  CVE-2013-4537-qemut-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch
- bsc#962627 - VUL-0: CVE-2014-7815: xen: vnc: insufficient
  bits_per_pixel from the client sanitization
  CVE-2014-7815-qemut-vnc-sanitize-bits_per_pixel-from-the-client.patch - bsc#962335 - VUL-0: CVE-2013-4538: xen: ssd0323: fix buffer
  overun on invalid state
  CVE-2013-4538-qemut-ssd0323-fix-buffer-overun-on-invalid-state.patch
- bsc#962360 - VUL-0: CVE-2015-7512: xen: net: pcnet: buffer
  overflow in non-loopback mode
  CVE-2015-7512-qemuu-net-pcnet-buffer-overflow-in-non-loopback-mode.patch
  CVE-2015-7512-qemut-net-pcnet-buffer-overflow-in-non-loopback-mode.patch - bsc#961692 - VUL-0: CVE-2016-1714: xen: nvram: OOB r/w access in
  processing firmware configurations
  CVE-2016-1714-qemuu-fw_cfg-add-check-to-validate-current-entry-value.patch
  CVE-2016-1714-qemut-fw_cfg-add-check-to-validate-current-entry-value.patch - bsc#961358 - VUL-0: CVE-2015-8613: xen: qemu: scsi: stack based
  buffer overflow in megasas_ctrl_get_info
  CVE-2015-8613-qemuu-scsi-initialise-info-object-with-appropriate-size.patch
- bsc#961332 - VUL-0: CVE-2016-1568: xen: Qemu: ide: ahci
  use-after-free vulnerability in aio port commands
  CVE-2016-1568-qemuu-ide-ahci-reset-ncq-object-to-unused-on-error.patch - bsc#959695 - missing docs for xen
  xen.spec - bsc#960862 - VUL-0: CVE-2016-1571: xen: VMX: intercept issue with
  INVLPG on non-canonical address (XSA-168)
  xsa168.patch
- bsc#960861 - VUL-0: CVE-2016-1570: xen: PV superpage
  functionality missing sanity checks (XSA-167)
  xsa167.patch
- bsc#960836 - VUL-0: CVE-2015-8744: xen: net: vmxnet3: incorrect
  l2 header validation leads to a crash via assert(2) call
  CVE-2015-8744-qemuu-net-vmxnet3-incorrect-l2-header-validation-leads-to-crash.patch - bsc#960707 - VUL-0: CVE-2015-8745: xen: reading IMR registers
  leads to a crash via assert(2) call
  CVE-2015-8745-qemuu-net-vmxnet3-read-IMR-registers-instead-of-assert.patch
- bsc#960726 - VUL-0: CVE-2015-8743: xen: ne2000: OOB memory access
  in ioport r/w functions
  CVE-2015-8743-qemuu-ne2000-OOB-memory-access-in-ioport-rw-functions.patch - bsc#960093 - VUL-0: CVE-2015-8615: xen: x86: unintentional
  logging upon guest changing callback method (XSA-169)
  5677f350-x86-make-debug-output-consistent-in-hvm_set_callback_via.patch - Adjust xen-dom0-modules.service to run Before xenstored.service
  instead of proc-xen.mount to workaround a bug in systemd "design"
  (bnc#959845) - bsc#959387 - VUL-0: CVE-2015-8568 CVE-2015-8567: xen: qemu: net:
  vmxnet3: host memory leakage
  CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch - bsc#957988 - VUL-0: CVE-2015-8550: xen: paravirtualized drivers
  incautious about shared memory contents (XSA-155)
  xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch
  xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch
  xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch
  xsa155-qemuu-qdisk-double-access.patch
  xsa155-qemut-qdisk-double-access.patch
  xsa155-qemuu-xenfb.patch
  xsa155-qemut-xenfb.patch
- bsc#959006 - VUL-0: CVE-2015-8558: xen: qemu: usb: infinite loop
  in ehci_advance_state results in DoS
  CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch
- bsc#958918 - VUL-0: CVE-2015-7549: xen: qemu pci: null pointer
  dereference issue
  CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch
- bsc#958493 - VUL-0: CVE-2015-8504: xen: qemu: ui: vnc: avoid
  floating point exception
  CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch
  CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch
- bsc#958007 - VUL-0: CVE-2015-8554: xen: qemu-dm buffer overrun in
  MSI-X handling (XSA-164)
  xsa164.patch
- bsc#958009 - VUL-0: CVE-2015-8555: xen: information leak in
  legacy x86 FPU/XMM initialization (XSA-165)
  xsa165.patch
- bsc#958523 - VUL-0: xen: ioreq handling possibly susceptible to
  multiple read issue (XSA-166)
  xsa166.patch - bsc#956832 - VUL-0: CVE-2015-8345: xen: qemu: net: eepro100:
  infinite loop in processing command block list
  CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch
  CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch
- Upstream patches from Jan
  56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch
  5641ceec-x86-HVM-always-intercept-AC-and-DB.patch (Replaces CVE-2015-5307-xsa156.patch)
  5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch
  56544a57-VMX-fix-adjust-trap-injection.patch
  56546ab2-sched-fix-insert_vcpu-locking.patch - bsc#956592 - VUL-0: xen: virtual PMU is unsupported (XSA-163)
  56549f24-x86-vPMU-document-as-unsupported.patch
- bsc#956408 - VUL-0: CVE-2015-8339, CVE-2015-8340: xen:
  XENMEM_exchange error handling issues (XSA-159)
  xsa159.patch
- bsc#956409 - VUL-0: CVE-2015-8341: xen: libxl leak of pv kernel
  and initrd on error (XSA-160)
  xsa160.patch
- bsc#956411 - VUL-0: CVE-2015-7504: xen: heap buffer overflow
  vulnerability in pcnet emulator (XSA-162)
  xsa162-qemuu.patch
  xsa162-qemut.patch
- bsc#947165 - VUL-0: CVE-2015-7311: xen: libxl fails to honour
  readonly flag on disks with qemu-xen (xsa-142)
  5628fc67-libxl-No-emulated-disk-driver-for-xvdX-disk.patch
  5649bcbe-libxl-relax-readonly-check-introduced-by-XSA-142-fix.patch - fate#315712: XEN: Use the PVOPS kernel
  Turn off building the KMPs now that we are using the pvops kernel
  xen.spec - Upstream patches from Jan
  561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-it-is-zero.patch
  561d20a0-x86-hide-MWAITX-from-PV-domains.patch
  561e3283-x86-NUMA-fix-SRAT-table-processor-entry-parsing-and-consumption.patch
  5632118e-arm-Support-hypercall_create_continuation-for-multicall.patch
  56321222-arm-rate-limit-logging-from-unimplemented-PHYSDEVOP-and-HVMOP.patch
  56321249-arm-handle-races-between-relinquish_memory-and-free_domheap_pages.patch
  5632127b-x86-guard-against-undue-super-page-PTE-creation.patch
  5632129c-free-domain-s-vcpu-array.patch (Replaces CVE-2015-7969-xsa149.patch)
  563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
  563212e4-xenoprof-free-domain-s-vcpu-array.patch
  563212ff-x86-rate-limit-logging-in-do_xen-oprof-pmu-_op.patch
  56323737-libxl-adjust-PoD-target-by-memory-fudge-too.patch
  56377442-x86-PoD-Make-p2m_pod_empty_cache-restartable.patch
  5641ceec-x86-HVM-always-intercept-AC-and-DB.patch (Replaces CVE-2015-5307-xsa156.patch)
  5644b756-x86-HVM-don-t-inject-DB-with-error-code.patch
- Dropped 55b0a2db-x86-MSI-track-guest-masking.patch - Use upstream variants of block-iscsi and block-nbd - Remove xenalyze.hg, its part of xen-4.6 - Update to Xen Version 4.6.0
  xen-4.6.0-testing-src.tar.bz2
  mini-os.tar.bz2
  blktap2-no-uninit.patch
  stubdom-have-iovec.patch
- Renamed
  xsa149.patch to CVE-2015-7969-xsa149.patch
- Dropped patches now contained in tarball or unnecessary
  xen-4.5.2-testing-src.tar.bz2
  54c2553c-grant-table-use-uint16_t-consistently-for-offset-and-length.patch
  54ca33bc-grant-table-refactor-grant-copy-to-reduce-duplicate-code.patch
  54ca340e-grant-table-defer-releasing-pages-acquired-in-a-grant-copy.patch
  54f4985f-libxl-fix-libvirtd-double-free.patch
  55103616-vm-assist-prepare-for-discontiguous-used-bit-numbers.patch
  551ac326-xentop-add-support-for-qdisk.patch
  552d0fd2-x86-hvm-don-t-include-asm-spinlock-h.patch
  552d0fe8-x86-mtrr-include-asm-atomic.h.patch
  552d293b-x86-vMSI-X-honor-all-mask-requests.patch
  552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch
  5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch
  5548e903-domctl-don-t-truncate-XEN_DOMCTL_max_mem-requests.patch
  5548e95d-x86-allow-to-suppress-M2P-user-mode-exposure.patch
  554c7aee-x86-provide-arch_fetch_and_add.patch
  554c7b00-arm-provide-arch_fetch_and_add.patch
  554cc211-libxl-add-qxl.patch 55534b0a-x86-provide-add_sized.patch
  55534b25-arm-provide-add_sized.patch
  5555a4f8-use-ticket-locks-for-spin-locks.patch
  5555a5b9-x86-arm-remove-asm-spinlock-h.patch
  5555a8ec-introduce-non-contiguous-allocation.patch
  556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch
  5576f143-x86-adjust-PV-I-O-emulation-functions-types.patch
  55795a52-x86-vMSI-X-support-qword-MMIO-access.patch
  557eb55f-gnttab-per-active-entry-locking.patch
  557eb5b6-gnttab-introduce-maptrack-lock.patch
  557eb620-gnttab-make-the-grant-table-lock-a-read-write-lock.patch
  557ffab8-evtchn-factor-out-freeing-an-event-channel.patch
  5582bf43-evtchn-simplify-port_is_valid.patch
  5582bf81-evtchn-remove-the-locking-when-unmasking-an-event-channel.patch
  5583d9c5-x86-MSI-X-cleanup.patch
  5583da09-x86-MSI-track-host-and-guest-masking-separately.patch
  5583da64-gnttab-use-per-VCPU-maptrack-free-lists.patch
  5583da8c-gnttab-steal-maptrack-entries-from-other-VCPUs.patch
  5587d711-evtchn-clear-xen_consumer-when-clearing-state.patch
  5587d779-evtchn-defer-freeing-struct-evtchn-s-until-evtchn_destroy_final.patch
  5587d7b7-evtchn-use-a-per-event-channel-lock-for-sending-events.patch
  5587d7e2-evtchn-pad-struct-evtchn-to-64-bytes.patch
  55b0a218-x86-PCI-CFG-write-intercept.patch
  55b0a255-x86-MSI-X-maskall.patch 55b0a283-x86-MSI-X-teardown.patch
  55b0a2ab-x86-MSI-X-enable.patch blktapctrl-close-fifos.patch
  blktapctrl-default-to-ioemu.patch blktapctrl-disable-debug-printf.patch
  blktap-no-uninit.patch blktap-pv-cdrom.patch build-tapdisk-ioemu.patch
  ioemu-bdrv-open-CACHE_WB.patch ioemu-blktap-barriers.patch
  ioemu-blktap-fv-init.patch ioemu-blktap-image-format.patch
  ioemu-blktap-zero-size.patch libxl.set-migration-constraints-from-cmdline.patch
  local_attach_support_for_phy.patch pci-attach-fix.patch
  qemu-xen-upstream-megasas-buildtime.patch tapdisk-ioemu-logfile.patch
  tapdisk-ioemu-shutdown-fix.patch udev-rules.patch xen.build-compare.ipxe.patch
  xen.build-compare.mini-os.patch xen.build-compare.smbiosdate.patch
  xen.build-compare.vgabios.patch xen.build-compare.xen_compile_h.patch
  xl-coredump-file-location.patch - bsc#954405 - VUL-0: CVE-2015-8104: Xen: guest to host DoS by
  triggering an infinite loop in microcode via #DB exception
- bsc#954018 - VUL-0: CVE-2015-5307: xen: x86: CPU lockup during
  fault delivery (XSA-156)
  CVE-2015-5307-xsa156.patch - Update to Xen 4.5.2
  xen-4.5.2-testing-src.tar.bz2
- Drop the following
  xen-4.5.1-testing-src.tar.bz2
  552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch
  5576f178-kexec-add-more-pages-to-v1-environment.patch
  55780be1-x86-EFI-adjust-EFI_MEMORY_WP-handling-for-spec-version-2.5.patch
  558bfaa0-x86-traps-avoid-using-current-too-early.patch
  5592a116-nested-EPT-fix-the-handling-of-nested-EPT.patch
  559b9dd6-x86-p2m-ept-don-t-unmap-in-use-EPT-pagetable.patch
  559bc633-x86-cpupool-clear-proper-cpu_valid-bit-on-CPU-teardown.patch
  559bc64e-credit1-properly-deal-with-CPUs-not-in-any-pool.patch
  559bc87f-x86-hvmloader-avoid-data-corruption-with-xenstore-rw.patch
  559bdde5-pull-in-latest-linux-earlycpio.patch
  55a62eb0-xl-correct-handling-of-extra_config-in-main_cpupoolcreate.patch
  55a66a1e-make-rangeset_report_ranges-report-all-ranges.patch
  55a77e4f-dmar-device-scope-mem-leak-fix.patch
  55c1d83d-x86-gdt-Drop-write-only-xalloc-d-array.patch
  55c3232b-x86-mm-Make-hap-shadow-teardown-preemptible.patch
  55dc78e9-x86-amd_ucode-skip-updates-for-final-levels.patch
  55df2f76-IOMMU-skip-domains-without-page-tables-when-dumping.patch
  55e43fd8-x86-NUMA-fix-setup_node.patch
  55e43ff8-x86-NUMA-don-t-account-hotplug-regions.patch
  55e593f1-x86-NUMA-make-init_node_heap-respect-Xen-heap-limit.patch
  55f2e438-x86-hvm-fix-saved-pmtimer-and-hpet-values.patch
  55f9345b-x86-MSI-fail-if-no-hardware-support.patch
  5604f2e6-vt-d-fix-IM-bit-mask-and-unmask-of-FECTL_REG.patch
  560a4af9-x86-EPT-tighten-conditions-of-IOMMU-mapping-updates.patch
  560a7c36-x86-p2m-pt-delay-freeing-of-intermediate-page-tables.patch
  560a7c53-x86-p2m-pt-ignore-pt-share-flag-for-shadow-mode-guests.patch
  560bd926-credit1-fix-tickling-when-it-happens-from-a-remote-pCPU.patch
  560e6d34-x86-p2m-pt-tighten-conditions-of-IOMMU-mapping-updates.patch
  561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-0.patch
  561d20a0-x86-hide-MWAITX-from-PV-domains.patch
  561e3283-x86-NUMA-fix-SRAT-table-processor-entry-handling.patch
  563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch
  CVE-2015-4106-xsa131-9.patch CVE-2015-3259-xsa137.patch
  CVE-2015-7311-xsa142.patch CVE-2015-7835-xsa148.patch
  xsa139-qemuu.patch xsa140-qemuu-1.patch xsa140-qemuu-2.patch
  xsa140-qemuu-3.patch xsa140-qemuu-4.patch xsa140-qemuu-5.patch
  xsa140-qemuu-6.patch xsa140-qemuu-7.patch xsa140-qemut-1.patch
  xsa140-qemut-2.patch xsa140-qemut-3.patch xsa140-qemut-4.patch
  xsa140-qemut-5.patch xsa140-qemut-6.patch xsa140-qemut-7.patch
  xsa151.patch xsa152.patch xsa153-libxl.patch
  CVE-2015-5154-qemuu-check-array-bounds-before-writing-to-io_buffer.patch
  CVE-2015-5154-qemuu-fix-START-STOP-UNIT-command-completion.patch
  CVE-2015-5154-qemuu-clear-DRQ-after-handling-all-expected-accesses.patch
  CVE-2015-5154-qemut-check-array-bounds-before-writing-to-io_buffer.patch
  CVE-2015-5154-qemut-clear-DRQ-after-handling-all-expected-accesses.patch
  CVE-2015-6815-qemuu-e1000-fix-infinite-loop.patch
  CVE-2015-5239-qemuu-limit-client_cut_text-msg-payload-size.patch
  CVE-2015-5239-qemut-limit-client_cut_text-msg-payload-size.patch" - bsc#950704 - CVE-2015-7970 VUL-1: xen: x86: Long latency
  populate-on-demand operation is not preemptible (XSA-150)
  563212c9-x86-PoD-Eager-sweep-for-zeroed-pages.patch - Upstream patches from Jan
  5604f239-x86-PV-properly-populate-descriptor-tables.patch
  561bbc8b-VT-d-don-t-suppress-invalidation-address-write-when-0.patch
  561d2046-VT-d-use-proper-error-codes-in-iommu_enable_x2apic_IR.patch
  561d20a0-x86-hide-MWAITX-from-PV-domains.patch
  561e3283-x86-NUMA-fix-SRAT-table-processor-entry-handling.patch - bsc#951845 - VUL-0: CVE-2015-7972: xen: x86: populate-on-demand
  balloon size inaccuracy can crash guests (XSA-153)
  xsa153-libxl.patch - bsc#950703 - VUL-1: CVE-2015-7969: xen: leak of main per-domain
  vcpu pointer array (DoS) (XSA-149)
  xsa149.patch
- bsc#950705 - VUL-1: CVE-2015-7969: xen: x86: leak of per-domain
  profiling-related vcpu pointer array (DoS) (XSA-151)
  xsa151.patch
- bsc#950706 - VUL-0: CVE-2015-7971: xen: x86: some pmu and
  profiling hypercalls log without rate limiting (XSA-152)
  xsa152.patch
- Dropped
  55dc7937-x86-IO-APIC-don-t-create-pIRQ-mapping-from-masked-RTE.patch
  5604f239-x86-PV-properly-populate-descriptor-tables.patch - bsc#932267 - VUL-1: CVE-2015-4037: qemu,kvm,xen: insecure
  temporary file use in /net/slirp.c
  CVE-2015-4037-qemuu-smb-config-dir-name.patch
  CVE-2015-4037-qemut-smb-config-dir-name.patch
- bsc#877642 - VUL-0: CVE-2014-0222: qemu: qcow1: validate L2 table
  size to avoid integer overflows
  CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch
  CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch - bsc#950367 - VUL-0: CVE-2015-7835: xen: x86: Uncontrolled
  creation of large page mappings by PV guests (XSA-148)
  CVE-2015-7835-xsa148.patch - bsc#949138 - Setting vcpu affinity under Xen causes libvirtd
  abort
  54f4985f-libxl-fix-libvirtd-double-free.patch - bsc#949046 - Increase %suse_version in SP1 to 1316
  xen.spec
- Update README.SUSE detailing dom0 ballooning recommendations - bsc#945167 - Running command â€™ xl pci-assignable-add 03:10.1â€™
  secondly show errors
  55f7f9d2-libxl-slightly-refine-pci-assignable-add-remove-handling.patch
- Upstream patches from Jan
  55f2e438-x86-hvm-fix-saved-pmtimer-and-hpet-values.patch
  55f9345b-x86-MSI-fail-if-no-hardware-support.patch
  5604f239-x86-PV-properly-populate-descriptor-tables.patch
  5604f2e6-vt-d-fix-IM-bit-mask-and-unmask-of-FECTL_REG.patch
  560a4af9-x86-EPT-tighten-conditions-of-IOMMU-mapping-updates.patch
  560a7c36-x86-p2m-pt-delay-freeing-of-intermediate-page-tables.patch
  560a7c53-x86-p2m-pt-ignore-pt-share-flag-for-shadow-mode-guests.patch
  560bd926-credit1-fix-tickling-when-it-happens-from-a-remote-pCPU.patch
  560e6d34-x86-p2m-pt-tighten-conditions-of-IOMMU-mapping-updates.patch - bsc#941074 - VmError: Device 51728 (vbd) could not be connected.
  Hotplug scripts not working.
  hotplug-Linux-block-performance-fix.patch - bsc#947165 - VUL-0: CVE-2015-7311: xen: libxl fails to honour
  readonly flag on disks with qemu-xen (xsa-142)
  CVE-2015-7311-xsa142.patch - bsc#945165 - Xl pci-attach show error with kernel of SLES 12 sp1
  pci-attach-fix.patch - bsc#945164 - Xl destroy show error with kernel of SLES 12 sp1
  5537a4d8-libxl-use-DEBUG-log-level-instead-of-INFO.patch - Upstream patches from Jan
  55dc78e9-x86-amd_ucode-skip-updates-for-final-levels.patch
  55dc7937-x86-IO-APIC-don-t-create-pIRQ-mapping-from-masked-RTE.patch
  55df2f76-IOMMU-skip-domains-without-page-tables-when-dumping.patch
  55e43fd8-x86-NUMA-fix-setup_node.patch
  55e43ff8-x86-NUMA-don-t-account-hotplug-regions.patch
  55e593f1-x86-NUMA-make-init_node_heap-respect-Xen-heap-limit.patch
  54c2553c-grant-table-use-uint16_t-consistently-for-offset-and-length.patch
  54ca33bc-grant-table-refactor-grant-copy-to-reduce-duplicate-code.patch
  54ca340e-grant-table-defer-releasing-pages-acquired-in-a-grant-copy.patch - bsc#944463 - VUL-0: CVE-2015-5239: qemu-kvm: Integer overflow in
  vnc_client_read() and protocol_client_msg()
  CVE-2015-5239-qemuu-limit-client_cut_text-msg-payload-size.patch
  CVE-2015-5239-qemut-limit-client_cut_text-msg-payload-size.patch
- bsc#944697 - VUL-1: CVE-2015-6815: qemu: net: e1000: infinite
  loop issue
  CVE-2015-6815-qemuu-e1000-fix-infinite-loop.patch
  CVE-2015-6815-qemut-e1000-fix-infinite-loop.patch - bnc#935634 - VUL-0: CVE-2015-3259: xen: XSA-137: xl command line
  config handling stack overflow
  55a62eb0-xl-correct-handling-of-extra_config-in-main_cpupoolcreate.patch - bsc#907514 - Bus fatal error & sles12 sudden reboot has been
  observed
- bsc#910258 - SLES12 Xen host crashes with FATAL NMI after
  shutdown of guest with VT-d NIC
- bsc#918984 - Bus fatal error & sles11-SP4 sudden reboot has been
  observed
- bsc#923967 - Partner-L3: Bus fatal error & sles11-SP3 sudden
  reboot has been observed
  552d293b-x86-vMSI-X-honor-all-mask-requests.patch
  552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch
  5576f143-x86-adjust-PV-I-O-emulation-functions-types.patch
  55795a52-x86-vMSI-X-support-qword-MMIO-access.patch
  5583d9c5-x86-MSI-X-cleanup.patch
  5583da09-x86-MSI-track-host-and-guest-masking-separately.patch
  55b0a218-x86-PCI-CFG-write-intercept.patch
  55b0a255-x86-MSI-X-maskall.patch
  55b0a283-x86-MSI-X-teardown.patch
  55b0a2ab-x86-MSI-X-enable.patch
  55b0a2db-x86-MSI-track-guest-masking.patch
- Upstream patches from Jan
  552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch
  559bc633-x86-cpupool-clear-proper-cpu_valid-bit-on-CPU-teardown.patch
  559bc64e-credit1-properly-deal-with-CPUs-not-in-any-pool.patch
  559bc87f-x86-hvmloader-avoid-data-corruption-with-xenstore-rw.patch
  55a66a1e-make-rangeset_report_ranges-report-all-ranges.patch
  55a77e4f-dmar-device-scope-mem-leak-fix.patch
  55c1d83d-x86-gdt-Drop-write-only-xalloc-d-array.patch
  55c3232b-x86-mm-Make-hap-shadow-teardown-preemptible.patch
- Dropped for upstream version
  x86-MSI-mask.patch
  x86-MSI-pv-unmask.patch
  x86-MSI-X-enable.patch
  x86-MSI-X-maskall.patch
  x86-MSI-X-teardown.patch
  x86-pci_cfg_okay.patch
  x86-PCI-CFG-write-intercept.patch - bsc#939712 - VUL-0: XSA-140: QEMU leak of uninitialized heap
  memory in rtl8139 device model
  xsa140-qemuu-1.patch
  xsa140-qemuu-2.patch
  xsa140-qemuu-3.patch
  xsa140-qemuu-4.patch
  xsa140-qemuu-5.patch
  xsa140-qemuu-6.patch
  xsa140-qemuu-7.patch
  xsa140-qemut-1.patch
  xsa140-qemut-2.patch
  xsa140-qemut-3.patch
  xsa140-qemut-4.patch
  xsa140-qemut-5.patch
  xsa140-qemut-6.patch
  xsa140-qemut-7.patch
- bsc#939709 - VUL-0: XSA-139: xen: Use after free in QEMU/Xen
  block unplug protocol
  xsa139-qemuu.patch - bsc#937371 - xen vm's running after reboot
  xendomains-libvirtd-conflict.patch - bsc#938344 - VUL-0: CVE-2015-5154: qemu,kvm,xen: host code
  execution via IDE subsystem CD-ROM
  CVE-2015-5154-qemuu-check-array-bounds-before-writing-to-io_buffer.patch
  CVE-2015-5154-qemut-check-array-bounds-before-writing-to-io_buffer.patch
  CVE-2015-5154-qemuu-fix-START-STOP-UNIT-command-completion.patch
  CVE-2015-5154-qemut-fix-START-STOP-UNIT-command-completion.patch
  CVE-2015-5154-qemuu-clear-DRQ-after-handling-all-expected-accesses.patch
  CVE-2015-5154-qemut-clear-DRQ-after-handling-all-expected-accesses.patch - Remove xendomains.service from systemd preset file because it
  conflicts with libvirt-guests.service (bnc#937371)
  Its up to the admin to run systemctl enable xendomains.service - bnc#935634 - VUL-0: CVE-2015-3259: xen: XSA-137: xl command line
  config handling stack overflow
  CVE-2015-3259-xsa137.patch
- Upstream patches from Jan
  558bfaa0-x86-traps-avoid-using-current-too-early.patch
  5592a116-nested-EPT-fix-the-handling-of-nested-EPT.patch
  559b9dd6-x86-p2m-ept-don-t-unmap-in-use-EPT-pagetable.patch
  559bdde5-pull-in-latest-linux-earlycpio.patch
- Upstream patches from Jan pending review
  552d0fd2-x86-hvm-don-t-include-asm-spinlock-h.patch
  552d0fe8-x86-mtrr-include-asm-atomic.h.patch
  552d293b-x86-vMSI-X-honor-all-mask-requests.patch
  552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch
  554c7aee-x86-provide-arch_fetch_and_add.patch
  554c7b00-arm-provide-arch_fetch_and_add.patch
  55534b0a-x86-provide-add_sized.patch
  55534b25-arm-provide-add_sized.patch
  5555a4f8-use-ticket-locks-for-spin-locks.patch
  5555a5b9-x86-arm-remove-asm-spinlock-h.patch
  5555a8ec-introduce-non-contiguous-allocation.patch
  55795a52-x86-vMSI-X-support-qword-MMIO-access.patch
  557eb55f-gnttab-per-active-entry-locking.patch
  557eb5b6-gnttab-introduce-maptrack-lock.patch
  557eb620-gnttab-make-the-grant-table-lock-a-read-write-lock.patch
  557ffab8-evtchn-factor-out-freeing-an-event-channel.patch
  5582bf43-evtchn-simplify-port_is_valid.patch
  5582bf81-evtchn-remove-the-locking-when-unmasking-an-event-channel.patch
  5583d9c5-x86-MSI-X-cleanup.patch
  5583da09-x86-MSI-track-host-and-guest-masking-separately.patch
  5583da64-gnttab-use-per-VCPU-maptrack-free-lists.patch
  5583da8c-gnttab-steal-maptrack-entries-from-other-VCPUs.patch
  5587d711-evtchn-clear-xen_consumer-when-clearing-state.patch
  5587d779-evtchn-defer-freeing-struct-evtchn-s-until-evtchn_destroy_final.patch
  5587d7b7-evtchn-use-a-per-event-channel-lock-for-sending-events.patch
  5587d7e2-evtchn-pad-struct-evtchn-to-64-bytes.patch
  x86-MSI-pv-unmask.patch
  x86-pci_cfg_okay.patch
  x86-PCI-CFG-write-intercept.patch
  x86-MSI-X-maskall.patch
  x86-MSI-X-teardown.patch
  x86-MSI-X-enable.patch
  x86-MSI-mask.patch - Adjust more places to use br0 instead of xenbr0 - bnc#936516 - xen fails to build with kernel update(4.1.0 from
  stable)
  556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch - Update to Xen Version 4.5.1 FCS (fate#315675)
  xen-4.5.1-testing-src.tar.bz2
- Dropped patches now contained in tarball
  556c2cf2-x86-don-t-crash-mapping-a-page-using-EFI-rt-page-tables.patch
  556d9718-efi-fix-allocation-problems-if-ExitBootServices-fails.patch
  556eabf7-x86-apic-Disable-the-LAPIC-later-in-smp_send_stop.patch
  556eac15-x86-crash-don-t-use-set_fixmap-in-the-crash-path.patch
  55780aaa-efi-avoid-calling-boot-services-after-ExitBootServices.patch
  55780aff-x86-EFI-fix-EFI_MEMORY_WP-handling.patch
  55780b43-EFI-early-add-mapbs-to-map-EfiBootServices-Code-Data.patch
  55780b97-EFI-support-default-attributes-to-map-Runtime-service-areas.patch
  5513b458-allow-reboot-overrides-when-running-under-EFI.patch
  5513b4d1-dont-apply-reboot-quirks-if-reboot-set-by-user.patch
  5576f178-kexec-add-more-pages-to-v1-environment.patch
  5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch
  CVE-2015-3456-xsa133-qemuu.patch
  CVE-2015-3456-xsa133-qemut.patch
  qemu-MSI-X-enable-maskall.patch
  qemu-MSI-X-latch-writes.patch
  x86-MSI-X-guest-mask.patch - Replace 5124efbe-add-qxl-support.patch with the variant that
  finally made it upstream, 554cc211-libxl-add-qxl.patch - bsc#931627 - VUL-0: CVE-2015-4105: XSA-130: xen: Guest triggerable
  qemu MSI-X pass-through error messages
  qemu-MSI-X-latch-writes.patch
- bsc#907514 - Bus fatal error & sles12 sudden reboot has been observed
- bsc#910258 - SLES12 Xen host crashes with FATAL NMI after shutdown
  of guest with VT-d NIC
- bsc#918984 - Bus fatal error & sles11-SP4 sudden reboot has been
  observed
- bsc#923967 - Partner-L3: Bus fatal error & sles11-SP3 sudden reboot
  has been observed
  x86-MSI-X-teardown.patch
  x86-MSI-X-enable.patch
  x86-MSI-X-guest-mask.patch
  x86-MSI-X-maskall.patch
  qemu-MSI-X-enable-maskall.patch
- Upstream patches from Jan
  55780aaa-efi-avoid-calling-boot-services-after-ExitBootServices.patch
  55780aff-x86-EFI-fix-EFI_MEMORY_WP-handling.patch
  55780b43-EFI-early-add-mapbs-to-map-EfiBootServices-Code-Data.patch
  55780b97-EFI-support-default-attributes-to-map-Runtime-service-areas.patch
  55780be1-x86-EFI-adjust-EFI_MEMORY_WP-handling-for-spec-version-2.5.patch
  55103616-vm-assist-prepare-for-discontiguous-used-bit-numbers.patch
  5548e95d-x86-allow-to-suppress-M2P-user-mode-exposure.patch
- Dropped the following patches now contained in the tarball
  xen-no-array-bounds.patch CVE-2015-4103-xsa128.patch
  CVE-2015-4104-xsa129.patch CVE-2015-4105-xsa130.patch
  CVE-2015-4106-xsa131-1.patch CVE-2015-4106-xsa131-2.patch
  CVE-2015-4106-xsa131-3.patch CVE-2015-4106-xsa131-4.patch
  CVE-2015-4106-xsa131-5.patch CVE-2015-4106-xsa131-6.patch
  CVE-2015-4106-xsa131-7.patch CVE-2015-4106-xsa131-8.patch - Update to Xen 4.5.1 RC2
- bsc#931628 - VUL-0: CVE-2015-4106: XSA-131: xen: Unmediated PCI
  register access in qemu
  CVE-2015-4106-xsa131-1.patch
  CVE-2015-4106-xsa131-2.patch
  CVE-2015-4106-xsa131-3.patch
  CVE-2015-4106-xsa131-4.patch
  CVE-2015-4106-xsa131-5.patch
  CVE-2015-4106-xsa131-6.patch
  CVE-2015-4106-xsa131-7.patch
  CVE-2015-4106-xsa131-8.patch
  CVE-2015-4106-xsa131-9.patch
- bsc#931627 - VUL-0: CVE-2015-4105: XSA-130: xen: Guest triggerable
  qemu MSI-X pass-through error messages
  CVE-2015-4105-xsa130.patch
- bsc#931626 - VUL-0: CVE-2015-4104: XSA-129: xen: PCI MSI mask
  bits inadvertently exposed to guests
  CVE-2015-4104-xsa129.patch
- bsc#931625 - VUL-0: CVE-2015-4103: XSA-128: xen: Potential
  unintended writes to host MSI message data field via qemu
  CVE-2015-4103-xsa128.patch
- Upstream patches from Jan
  5548e903-domctl-don-t-truncate-XEN_DOMCTL_max_mem-requests.patch
  556c2cf2-x86-don-t-crash-mapping-a-page-using-EFI-rt-page-tables.patch
  556d9718-efi-fix-allocation-problems-if-ExitBootServices-fails.patch
  556d973f-unmodified-drivers-tolerate-IRQF_DISABLED-being-undefined.patch
  556eabf7-x86-apic-Disable-the-LAPIC-later-in-smp_send_stop.patch
  556eac15-x86-crash-don-t-use-set_fixmap-in-the-crash-path.patch - Add DefaultDependencies=no to xen-dom0-modules.service because
  it has to run before proc-xen.mount - Update to Xen 4.5.1 RC1 - Update blktap-no-uninit.patch to work with gcc-4.5 - bsc#927967 - VUL-0: CVE-2015-3340: xen: Information leak through
  XEN_DOMCTL_gettscinfo (XSA-132)
  5535f633-dont-leak-hypervisor-stack-to-toolstacks.patch - bnc#929339 - VUL-0: CVE-2015-3456: qemu kvm xen: VENOM qemu
  floppy driver host code execution
  CVE-2015-3456-xsa133-qemuu.patch
  CVE-2015-3456-xsa133-qemut.patch - bsc#928783 - Reboot failure; Request backport of upstream Xen
  patch to 4.5.0, or update pkgs to 4.5.1
  5513b458-allow-reboot-overrides-when-running-under-EFI.patch
  5513b4d1-dont-apply-reboot-quirks-if-reboot-set-by-user.patch - bnc#927750 - Avoid errors reported by system-modules-load.service - Add xen-no-array-bounds.patch and blktap-no-uninit.patch to selectively
  turn errors back to warnings to fix build with GCC 5.
- Amend xen.stubdom.newlib.patch to pull in declaration of strcmp to
  avoid implicit-fortify-decl rpmlint error.
- Fix quoting of __SMBIOS_DATE__ in xen.build-compare.smbiosdate.patch. - xentop: Fix memory leak on read failure
  551ac326-xentop-add-support-for-qdisk.patch - Dropped xentop-add-support-for-qdisk.patch in favor of upstream
  version
  551ac326-xentop-add-support-for-qdisk.patch - Enable spice support in qemu for x86_64
  5124efbe-add-qxl-support.patch
  qemu-xen-enable-spice-support.patch - Add xen-c99-fix.patch to remove pointless inline specifier on
  function declarations which break build with a C99 compiler which
  GCC 5 is by default. (bsc#921994)
- Add ipxe-no-error-logical-not-parentheses.patch to supply
  - Wno-logical-not-parentheses to the ipxe build to fix
  breakage with GCC 5. (bsc#921994) - bnc#921842 - Xentop doesn't display disk statistics for VMs using
  qdisks
  xentop-add-support-for-qdisk.patch - Disable the PIE enablement done for Factory, as the XEN code
  is not buildable with PIE and it does not make much sense
  to build the hypervisor code with it. - bnc#918169 - XEN fixes required to work with Kernel 3.19.0
  xen.spec - Package xen.changes because its referenced in xen.spec - Update seabios to rel-1.7.5 which is the correct version for
  Xen 4.5 - Update to Xen 4.5.0 FCS - Include systemd presets in 13.2 and older - bnc#897352 - Enable xencommons/xendomains only during fresh install
- disable restart on upgrade because the toolstack is not restartable - adjust seabios, vgabios, stubdom and hvmloader build to reduce
  build-compare noise
  xen.build-compare.mini-os.patch
  xen.build-compare.smbiosdate.patch
  xen.build-compare.ipxe.patch
  xen.build-compare.vgabios.patch
  xen.build-compare.seabios.patch
  xen.build-compare.man.patch - Update to Xen 4.5.0 RC4 - Remove xend specific if-up scripts
  Recording bridge slaves is a generic task which should be handled
  by generic network code - Use systemd features from upstream
  requires updated systemd-presets-branding package - Update to Xen 4.5.0 RC3 - Set GIT, WGET and FTP to /bin/false - Use new configure features instead of make variables
  xen.stubdom.newlib.patch - adjust docs and xen build to reduce build-compare noise
  xen.build-compare.doc_html.patch
  xen.build-compare.xen_compile_h.patch - Drop trailing B_CNT from XEN_EXTRAVERSION to reduce build-compare noise - Update to Xen 4.5.0 RC2 - Update to Xen 4.5.0 RC1
  xen-4.5.0-testing-src.tar.bz2
- Remove all patches now contained in the new tarball
  xen-4.4.1-testing-src.tar.bz2
  5315a3bb-x86-don-t-propagate-acpi_skip_timer_override-do-Dom0.patch
  5315a43a-x86-ACPI-also-print-address-space-for-PM1x-fields.patch
  53299d8f-xenconsole-reset-tty-on-failure.patch
  53299d8f-xenconsole-tolerate-tty-errors.patch
  5346a7a0-x86-AMD-support-further-feature-masking-MSRs.patch
  53563ea4-x86-MSI-drop-workaround-for-insecure-Dom0-kernels.patch
  537c9c77-libxc-check-return-values-on-mmap-and-madvise.patch
  537cd0b0-hvmloader-also-cover-PCI-MMIO-ranges-above-4G-with-UC-MTRR-ranges.patch
  537cd0cc-hvmloader-PA-range-0xfc000000-0xffffffff-should-be-UC.patch
  539ebe62-x86-EFI-improve-boot-time-diagnostics.patch
  53aac342-x86-HVM-consolidate-and-sanitize-CR4-guest-reserved-bit-determination.patch
  53c9151b-Fix-xl-vncviewer-accesses-port-0-by-any-invalid-domid.patch
  53d124e7-fix-list_domain_details-check-config-data-length-0.patch
  53dba447-x86-ACPI-allow-CMOS-RTC-use-even-when-ACPI-says-there-is-none.patch
  53df727b-x86-HVM-extend-LAPIC-shortcuts-around-P2M-lookups.patch
  53e8be5f-x86-vHPET-use-rwlock-instead-of-simple-one.patch
  53f737b1-VMX-fix-DebugCtl-MSR-clearing.patch
  53f7386d-x86-irq-process-softirqs-in-irq-keyhandlers.patch
  53fcebab-xen-pass-kernel-initrd-to-qemu.patch
  53ff3659-x86-consolidate-boolean-inputs-in-hvm-and-p2m.patch
  53ff36ae-x86-hvm-treat-non-insn-fetch-NPF-also-as-read-violations.patch
  53ff36d5-x86-mem_event-deliver-gla-fault-EPT-violation-information.patch
  53ff3716-x86-ats-Disable-Address-Translation-Services-by-default.patch
  53ff3899-x86-NMI-allow-processing-unknown-NMIs-with-watchdog.patch
  54005472-EPT-utilize-GLA-GPA-translation-known-for-certain-faults.patch
  540effe6-evtchn-check-control-block-exists-when-using-FIFO-based-events.patch
  540f2624-x86-idle-add-barriers-to-CLFLUSH-workaround.patch
  541825dc-VMX-don-t-leave-x2APIC-MSR-intercepts-disabled.patch
  541ad385-x86-suppress-event-check-IPI-to-MWAITing-CPUs.patch
  541ad3ca-x86-HVM-batch-vCPU-wakeups.patch
  541ad81a-VT-d-suppress-UR-signaling-for-further-desktop-chipsets.patch
  54216833-x86-shadow-fix-race-when-sampling-dirty-vram-state.patch
  54216882-x86-emulate-check-cpl-for-all-privileged-instructions.patch
  542168ae-x86emul-only-emulate-swint-injection-for-real-mode.patch
  54228a37-x86-EFI-fix-freeing-of-uninitialized-pointer.patch
  5423e61c-x86emul-fix-SYSCALL-SYSENTER-SYSEXIT-emulation.patch
  5424057f-x86-HVM-fix-miscellaneous-aspects-of-x2APIC-emulation.patch
  542405b4-x86-HVM-fix-ID-handling-of-x2APIC-emulation.patch
  542bf997-x86-HVM-properly-bound-x2APIC-MSR-range.patch
  54325cc0-x86-MSI-fix-MSI-X-case-of-freeing-IRQ.patch
  54325d2f-x86-restore-reserving-of-IO-APIC-pages-in-XENMEM_machine_memory_map-output.patch
  54325d95-don-t-allow-Dom0-access-to-IOMMUs-MMIO-pages.patch
  54325ecc-AMD-guest_iommu-properly-disable-guest-iommu-support.patch
  54325f3c-x86-paging-make-log-dirty-operations-preemptible.patch
  54379e6d-x86-vlapic-don-t-silently-accept-bad-vectors.patch
  CVE-2013-4540-qemu.patch qemu-support-xen-hvm-direct-kernel-boot.patch
  qemu-xen-upstream-blkif-discard.patch change-vnc-passwd.patch
  libxc-pass-errno-to-callers-of-xc_domain_save.patch
  libxl.honor-more-top-level-vfb-options.patch
  libxl.add-option-for-discard-support-to-xl-disk-conf.patch
  libxl.introduce-an-option-to-disable-the-non-O_DIRECT-workaround.patch
  x86-dom-print.patch x86-extra-trap-info.patch tmp_build.patch
  xl-check-for-libvirt-managed-domain.patch disable-wget-check.patch
- Xend/xm is no longer supported and is not part of the upstream code. Remove
  all xend/xm specific patches, configs, and scripts
  xen-xmexample.patch bridge-opensuse.patch xmexample.disks xmclone.sh
  init.xend xend-relocation.sh xend.service xend-relocation-server.fw
  domUloader.py xmexample.domUloader xmexample.disks
  bridge-vlan.patch bridge-bonding.patch bridge-record-creation.patch
  network-nat-open-SuSEfirewall2-FORWARD.patch
  xend-set-migration-constraints-from-cmdline.patch
  xen.migrate.tools-xend_move_assert_to_exception_block.patch
  xend-pvscsi-recognize-also-SCSI-CDROM-devices.patch
  xend-config.patch xend-max-free-mem.patch xend-hvm-default-pae.patch
  xend-vif-route-ifup.patch xend-xenapi-console-protocol.patch xend-core-dump-loc.patch
  xend-xen-api-auth.patch xend-checkpoint-rename.patch xend-xm-save-check-file.patch
  xend-xm-create-xflag.patch xend-domu-usb-controller.patch xend-devid-or-name.patch
  xend-migration-domname-fix.patch xend-del_usb_xend_entry.patch xend-xen-domUloader.patch
  xend-multi-xvdp.patch xend-check_device_status.patch xend-change_home_server.patch
  xend-minimum-restart-time.patch xend-disable-internal-logrotate.patch xend-config-enable-dump-comment.patch
  xend-tools-watchdog-support.patch xend-console-port-restore.patch xend-vcpu-affinity-fix.patch
  xend-migration-bridge-check.patch xend-managed-pci-device.patch xend-hvm-firmware-passthrough.patch
  xend-cpuinfo-model-name.patch xend-xm-reboot-fix.patch xend-domain-lock.patch
  xend-domain-lock-sfex.patch xend-32on64-extra-mem.patch xend-hv_extid_compatibility.patch
  xend-xenpaging.autostart.patch xend-remove-xm-deprecation-warning.patch libxen_permissive.patch
  tmp-initscript-modprobe.patch init.xendomains xendomains.service
  xen-watchdog.service xen-updown.sh - bnc#901317 - L3: increase limit domUloader to 32MB
  domUloader.py - bnc#898772 - SLES 12 RC3 - XEN Host crashes when assigning non-VF
  device (SR-IOV) to guest
  54325cc0-x86-MSI-fix-MSI-X-case-of-freeing-IRQ.patch
- bnc#882089 - Windows 2012 R2 fails to boot up with greater than
  60 vcpus
  54325ecc-AMD-guest_iommu-properly-disable-guest-iommu-support.patch
- bnc#826717 - VUL-0: CVE-2013-3495: XSA-59: xen: Intel VT-d
  Interrupt Remapping engines can be evaded by native NMI interrupts
  541ad81a-VT-d-suppress-UR-signaling-for-further-desktop-chipsets.patch
- Upstream patches from Jan
  540effe6-evtchn-check-control-block-exists-when-using-FIFO-based-events.patch (Replaces xsa107.patch)
  54216833-x86-shadow-fix-race-when-sampling-dirty-vram-state.patch (Replaces xsa104.patch)
  54216882-x86-emulate-check-cpl-for-all-privileged-instructions.patch (Replaces xsa105.patch)
  542168ae-x86emul-only-emulate-swint-injection-for-real-mode.patch (Replaces xsa106.patch)
  54228a37-x86-EFI-fix-freeing-of-uninitialized-pointer.patch
  5423e61c-x86emul-fix-SYSCALL-SYSENTER-SYSEXIT-emulation.patch
  5424057f-x86-HVM-fix-miscellaneous-aspects-of-x2APIC-emulation.patch
  542405b4-x86-HVM-fix-ID-handling-of-x2APIC-emulation.patch
  542bf997-x86-HVM-properly-bound-x2APIC-MSR-range.patch (Replaces xsa108.patch)
  54325d2f-x86-restore-reserving-of-IO-APIC-pages-in-XENMEM_machine_memory_map-output.patch
  54325d95-don-t-allow-Dom0-access-to-IOMMUs-MMIO-pages.patch
  54325f3c-x86-paging-make-log-dirty-operations-preemptible.patch (Replaces xsa97.patch)
  54379e6d-x86-vlapic-don-t-silently-accept-bad-vectors.patch /bin/sh obs-arm-8 1608319056                                                                          	   
                                     4.12.4_06-lp151.2.36.1 4.12.4_06-lp151.2.36.1                                                       xen xen-4 xen-4.12 xen-4.12.4_06-lp151.2.36 xen-4.12.4_06-lp151.2.36.config xen-syms-4.12.4_06-lp151.2.36 xen-syms-4.12.4_06-lp151.2.36.map efi xen.efi efi aarch64 xen-4.12.4_06-lp151.2.36.efi xen-4.12.efi xen-4.efi xen.efi /boot/ /usr/lib64/ /usr/lib64/efi/ /usr/share/ /usr/share/efi/ /usr/share/efi/aarch64/ -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -g obs://build.opensuse.org/openSUSE:Maintenance:15362/openSUSE_Leap_15.1_Update_ports/5e8464af35353787e8947a82616108b3-xen.openSUSE_Leap_15.1_Update drpm xz 5 aarch64-suse-linux                                                        ASCII text ELF 64-bit LSB executable, ARM aarch64, version 1 (SYSV), statically linked, BuildID[sha1]=572e584c478192a89eda1441d47bbe496f39bab2, not stripped directory ‘ë£}þ„8Õõñ»A‹êºö   utf-8 0c8c9f5c51204c0afcbaccd5669de57e2aaea408bf29800e0fb980d6aa7822ee        ?   ÿÿü0   ý7zXZ  
áû¡ !   t/å£á>˜ÆÃ] "ÌkÀ%w4ý¹!âØº]áwuTôl´½áž1ãùI~¬œ%,ù[]°{¨ûGºUADs¬£K$š:ºi¬˜¢Jq `yÆQJÎxg÷)0è&ÿ%™õ:EøùÿêWõ!wêò¶!>A£ƒqxàÈàå%hØ§-ÈðgÂ­¶ÆÎã’ÄË¢)—
¥š=Ž¦¶„RþÞÙ‰c@ë™¬Êfnæ‡de Ô¶ýÃ	ÛÍ˜æý
YdðL¿Õ/¶>	®Îß˜ü%Mùj…]Õ|{áÝÅ§×BX_G­«<Éo´ag?KÚ_ àª˜+¶’ðhA%÷uu(Û~"WEúQ¶žTké`”ÁÌé*’ª‡·p™Ê²sÂ ¤õ><0—I!¡§ÀcQ“—e·zˆ&kË,ýÕBü‘0¯™<èoH™M…®ÕŸ#ð˜¯§èR¨—¾oîU6Éa
çU}?ôà ©"Â2Á‡Æ­ÊýJ|>z_ˆ>º“uÊ®ë -œ<íuŸ DLÒ1´a #²aH|2IFGB‘Ó¸&þ¨šÐDeCŠÒ:Ë:crÞºZ:]Ùí’½6ä0ŸiþíìÚ"xÚ5™ÌD²à8—?*`bîj‡ƒe˜:×šƒ”$óÛ£jñˆÇ~ÿVtÎ§>ë«*ù¥¯pœo±]zËÐ<Í‚wŽ	?>Ÿì™æV¯/ AðÊ+ÿ¸ˆª?£6Â³’ãH©È‰¯¾_?ÕûJá£oK
k~ÝM•¨CYK®U‚õº“hbò–BÔÍ’À‡‹ÇåG®ð·‚ê_‘w4.©M«^u/
/y›	'™‚otGðìp%U^Â'ìÂ?‡­óê°Þ ¯ìøô³yt/Ì–¤
‡7k"%áÆ0é«ÛbwæX}¶ØM•‰Xô0š|@-í4q»ÒÙ-À|ŠÅ?òªúS<“–0.5áÖïY)¢?žƒÊ–LTË²ßó ?½RÁ2ó×;KÛ"nñÊd*Uò¥7peŠ´Þýp½¢Ñ®¹Wm"S~Ñ]^é÷|á¦e5˜!=õlH_¶|,OÂðÖ!OãäÍŸÊqæ„ÞR_êN‰_u\U¿MÉ‚Î ¥ÇQ¿¿çDW3kbø!!<ùÂù Eéä–ÝÍ]vèrNºÏ£oKªsi÷ÕšdB¦#/bú³–æ‰Þ³¬¶ñ2¸Hpkž€G_`Ûà‰ßa‘‚5ˆí¤j²y*W¡‰ÙÖà_EC ßûÑÂ­É7ØS—F–Êƒ.lê²ø~5¡î/y${æ­´ç±Üu³Á–GŒp@'»;{íí0*ˆÒ&gÊdéoÄßŸ÷P®¬•Ç-XïP³	Ãå{ÿ±™ÇêœËÕàœ-P£Qã<ÃœÌÕP>h«m¢$2vá‹Â—¾Î™SÐyXõÆ] 
Z5ó$¬ÝWâ1Ü”6@Ÿ³#*gŒnÊ´;sº>´O~ê’ž†­P[§ýdÛ¶ñT,ÈîlzÏ#1¸±¡6¯ë¿O Åoù!ÐÂ¿"e¨ˆá¨„fð “¤ýt¦×‰×dâévßÑÄÁÒ;•tàÓ§P·|%6¹Ár€<0¸‰ÊB?.s|GÄëeµÈ,ØŒå¶ãõ]Z|” ‹—’¼7:Õ|×sLÌFŠc#ÇŸËrÉ'Š0ÿÚƒÅ?Ü¢¹›É$Ç™ÜËØér€µU|í'óŸ¿uCÖgZ^
È$ æð,h’;xšg}ªHÐù4Ø0»ã-,7eqÂœ‘Ð0µù5}b*$4ÒG¦{µ=RÐ]Â^V,ë•cªÞSß¾nÛ9Z(±rÓð¨T÷Qü‚|­'bË5ñþþ]Š’FoPg•Auö¯ß¼Ðv¼v¢ÂIè6ŽÒ­pú'âGÕpSÑ«Ì¿¦KR¬ßC˜Yoƒ6€ µTÒèW‹øMz.n8		@¾ÜC—×šÛoé"ø÷—oBS#XíëÛ·îÆO¬Tõ¯S¡,	b¢X~ënãÇ(Ý<I·dd¯ÊÚßº«À0Õ;¤¤ÏD5!ñBÿéòóO Mšt$ ?B§$V±Õjsía}åçvËpÛ*É"¨\
Kú(7þð‰èT5ayôTÆH.Sh¡é*[©©Ö×hª	ZôäÖ—_¯§Bšâö.4V5iù&ÿ7øm&mêB—€MZO¾¾pîßVHÞZïŸ†¨!X“écˆºû –˜&/…‡çÏ¯{°äça@Q—U¯¿’âü †UÌrzÑ3yK_»Feß¬zY[ø[¬9€æB=9ZójÃä°:—ü‘QWyvwþ&Î›0)rDÒÚÜ™¾¹¥Më`pGl½‡‰-#?…4M/à Y¹O¡G6×w,UÛsâ‚¼0$ãlÆSfÖªÏxDuYëA£¢[M¹R ágbyÉ1"íåk:²ïþš”lu:°ƒžMsÊûêi6¢Üà@ý¸Á}Å4ñq3 R7ãAD<v
íŠ1Üd 6ÉÝaÍáj0èðÓ4‡$„ž_`W9UØ@uGrVÖ~Žv¦,\˜ÂkW/:Î-•¼jÐ9ÆŽN™=ýÑ&Î
íLN¾øÕÙ{E–¼n)áGyô÷•øz¾}êÛŸ¾¡Ü¶Ö÷P¿rÁ·^ÕYÁt0Ó1ƒÜK$­3Çƒ ‚±àk6±‰'Ù—BÞáƒaÑ¬—PˆŠb›Ý÷HMÆfÂ¿]à0M…ÿqÓk™Ð©,à|± å=zBu¥ ¨ýgf¿$¢â;’2ÆO-àýÍ9-9tjxù|ý² …¶+,5¶§¼ M¨·(åq¡„ŽQ;°+(
Äsà"d‚ýi.]«þøúÈÔ/!†ô‘Ö!ŠÛÛ.\Óyö.žç`/Ôß{D^¿<÷ƒQy9Tq¿š-|¢èÎ²±L«°Z°C0]R@†ƒº¶C¤™Fjb“¯˜ú’"oŸÞæRó½ðÏJ\NPMe¬0÷ÞûåwSwß,£÷e7_ˆ:«®°ÔF%¯±‚ó!œMš1ô±;Dò¼£$æ$çÚA•ÛAÕ|g¤)¾ÏAšÄ%8bbcüÒT„ƒ{Žêc?Õ§Ëÿº·¸Ò©lvéd¯,n/ÅáHä˜Ý‹‰tæ‹C7Ô</:§ð:ÊRÖÃù¿=P,qðËŠ.
C²¾Xo)»S·Q‹úÔ·zó÷£¼|fÍ G@gù¿vàå!
ÂÑ~ÒæcZVŽÒN+ÆL ¦µ¦&ûW1P®8)¨Ú’,·‹vªùVäÔÝØŸz³7?Ÿ³CÇ•ð‚Äk°72%<Ðß•Ã4è&»â6ýÿðaÐš3‹–°¨Œ6žîÝ÷°³ýôMi;%¹?jbî”szRúJâ†žQjO(^qd‘îÑŽÖV8ïÒPæ)ÉîË±KøðH—kšáý6Z^G°ë¯ØTk€hüÒ²)TÙ½´úê7ÄˆgÆ~¦$@EæÄ	ËI¿ÏPÏBô;»Ã<BLê!„YåÇyeïKôóµÅèº89æÕ±y‡ùˆ/tÄ™Úd¾"wW9ýKÆ^PÎ§îÄ%L*4K«^8w²]Çì<=ÎD1>×kÌ¸¸ÿmÇãÓ<µ¤"¹#®L´q4×Â.Ï9Õ›©ÁõéY|:]7¸ùs@ôIÅ¶sïÕ¦Rá\¿%þÞÿ=`]¿-7zo¾ÞØNKú™ÿyùøZì¬Ñy^îÕ“ÀÜ?ÂhihÐÍà~Í†ÔþgŒ¬XÚ}ÿ.§# ‘NV=öÚZDõtI¥¿»“è×sÑ?|ÈÛ=™KÄ–ZPÍö2Ù'3€œÚ–ás†¥¡˜uYŽ¼&!ËícÜ¿èääë‡šcðG¼½Ü'Âœ(zŒ­'´”ng?ÿš…n@z'i0®‰(¾ÚÀÐIYïÌG |®…è„¸ÝöFüŠoÁŠgÏ¸C	+ØòÜ0´V·K§Ý’þ/ŒÚ]Ð×IDîTüß¨ó¨p¹Ê¬‚µó«ê 4±Á_Coâ«s|‰šaE°;NåTª2ÖìñÅ„@QûÎ@(SŠ5&F0újs2×§ò‹ù1ˆRøè¬¢_ð‘~¥+«àY<ÂáÏf%[Y@"#šgÆ5	GbÚ·Š¡è4chVœ¬°Âw¬MçõK´!ŒA¨‡%áSÊý£u@/wÆ)x°¸îßRZPU‚aRnn~wª†»9YoR@vô`-¾yNI‘…×ÉO²Õud\)Ú"+²Lˆ_2*”zclNl•™÷æ~õAVqì¨í%ÈâxÀ{L¨{ÆwXìM“¬°Ùf=æ š¶™Ò&23¹ŽÞŽ.(ßÅjEùÌÙc~G&=P87#³F5a«ÿ{wYìô¶HàEW@„[‡†IemïWoóü¤ŽQ‰xàÄgñê–yÒw”oàï~s@Ü27*è¼^8dÊ ,ª\‘Ä²4©úìCòÙç·éLj«ZWé«KöÈ´­>"ë©¢x¯“³^Œ^jÚý#£‹U~‡ÊÓµÞ.:/ê¹Æž,D~(!úßl·Úè_¢Úàí–*ŽÛÍÃàèÑU#êÆMS4,·4!aª×¯·¦¡µÍ0¬	n§|y¥Ru\?!Æ®µ¶ù1ªˆ=áú¢Ï|¹‘ês#ETE­ýÒtKc36Ûäo;d•É×£xYÈ|£¦{…þŒvÅŒÌÎ9,ò‡*¢'Ósw—ÔÐ¦Òë“ÅKªll–l½Fu*6öy~ÉÑ`:„–Òã1kÆË9Îâ·Ö8$÷àê¹®ƒ9zâS]†¼±WZ{8Þ}Ä×½Ce­¤ëü@ãgñÂÙF-A¢¾–¤!¾÷é4Ô+µè¤#ÂKP7\”o¡ šrwXé•qV÷Pœy3QÂŒö«>3tåëÀÖò<BI-{$Ë²¡VŠœµèê^P&Áõ¥Ý@ƒKÜžøÎ._y¹,úIPP1„0, VQY	)BXñÀyb`‰»&Fèe@‚îs©tm%Ü‡Ç¸ÏW/ ZR¸úýÒjÁìÝæÌ¸Jc:(O' †x&¯¡«N¬½+Ÿ/pÆ;û›>#Ú³J @E°;H‹>6«{kkÃ„ùùJù ÿƒ‰ çÙ,']²+ycè5l˜ÒØ	@é*ÄZÔYžJõ,·S
ÏQ¯œxÁ^ÔKZUTÿ-¥òiÔð†ÍI7uXš†'Ô¶Êƒ™Às•ûBæà¤úÉÛf<&]Ó“eÝ,×8ªæ§ÀjhR+×1>mÎc…û§r“šå1‹ ÷åô“ðÝL€5Ù²{˜ÖíAÝÙ;¦¿4ésöÄ3Äû¥õÓ­%«¾’f 6ëÑhãƒ¥mè"š±Y«ŽPáVÄkØÎpçþ`^´DˆâáB[ÔÅÖoû.<,³ù‰úÃêß¹R:/×Ì˜_£×£”8ÝKëMj€fŸÂ"p(–¾S%>9‡?‚}¼@Ï2ù¾3W%»«ø.ƒþ÷+j•8·ˆyðåNk§®®à¶ÑJÐAÞ¿ /kÂd¸Îz<Ã÷­„Uã*$°c®È
ãøû|óïÂåÖnEž‘ÙÕT3·0½²3#•­cÏÜ„–.Å’R&ïO¦W¥Öl¾õHOvN(M#
’áëêâ=èð×of¯ùš²¯µeÊì¨	†dÎ§,âÌ®<üÖ?Mº"X+ÝÖ±-ëŠ›«’ª™d
¡ì¶´á+[(XJß{2©ƒ”b<þð)­Xtí1ïÕÂ£‚R{6Õ[ÚÒ7ÒxŠs„HN	ãL<ÀTI®;t†i—š_¼Ž”
*kÍÕ¥+! '§µ”°8û¸¶Ì¢b!A°C2²jóxó_‚*§4[>¿®8Íò¶ü°?’‘v“ø	à^´ø ¸(Þƒê¦s§ž
)+ EÂ'Œ%Ò<$8"a•µ•¨™«kÑ„F¾už‹cYÑ•bfÆžÞuE¾0g¹Òõ ajfe[ÓCTÑ0E$Aäxëzy~Ä$ñopïV,¬RF©›fÚ[Ë´]©.&æ|lb%…]a"Ï“¥z°!?ØO6Iÿ~aWúãûz.ºRäïÑ§§0T6ÓnöÏÎyÍ¥"ŠÓ„ó·Z…ýQ¬â›ó$ÕÁä_{†4î‡C£aŒîàõd“)BòçúxAìv/–ÈÄØ¸?v"û•rÖí‹¥×7} 9Ó3»uÁéÞ!Ãé0×¦,;º½:¢EHÑÝ‹½_ÕÅ;>†¾¯4~4jËwì¢Þ%bGqÇìËSø”Ôá(¸aö„ŒC”ÁzwU¨=•–2Ú§Í¥îåªî–QüuVìYT1m;t)iŒ¤ÙVÐ«»dÿB8ª¨GíÇ'+Yªú“´¯7‹š÷š09M·t7ÚÝõ–Mõ‘„	‘G~äÉ™PiEé*&ttæDGªÕY³ù[žæã÷*—*ºK†-ŒYG'/O(‡©à}j¸ôWd³;?Ö@ôfƒ‘âÅ%F?Ò´C®(•z…AÁÔfX)L‘.¸ºð7Æ¤W–ÿ»IHüw¬Žª)¯U¸K¤ÁË®Ñ¼åJ‚»0Ó–ó]4Õ¤%Z6_±ÑïÐúÅÆÝmæÈBDÆÁ|jpŸG¹>Šõô^ÄÂ»#Y	Ðo•EÉ°B¶H˜uÔ™:êÌ1…G@Ýl[&Â9{ÌW¤µ¡9DÊ	º·ZÞŽÞ­æ¸¼Mph`,	h4ú»Ô’îš!]9ý§(Pã[`7á™1‡õ¼¼JfLü¼Ý<CQËTï¿Ì¤äYïSd Ò!´¾]Ù¨-ÙŽY?4¤ÊŒi8&ïƒ4 l¿ß‡glG—Ö3É=ßïëO¬ýZQO²æKÁg¨ü&5‡Û’ž?“ãÿ3Á¿1ê]l‚êýñÿ!W~nX’øÈ<TmˆWh7ya}-+½ÄÄØ‡k0ÎìcI‰“ŸrŠWŠ-lŠã1³µï¦E4’Î²vÔ,B’ÑU ä!ò }±d;ç¿É2öŸÉ·¤~SIÁ“hdÝžâåÌ7x­Ê”²¡ÉlÅv¥$¿¾§;9€áSR›“=‘ƒëÉóð³ˆE@ã~1Â]'CFM ‡¹®ŒJ‹Õ‘i½2×»‘ÇÌÓŠ–Åhñ…”æ˜.0¼Ù@‹—}/0AQ7wšhÃ•+Ê(ÎûøôÌ=úÜNM7"Ð	jú+S \?à›èÍzQ–.ùšFÀÓF}ê¯ƒŸ‰¬C¤ ·špüM7«ÌÄ¡ÌU€ž+¬5*›zÂ9kx“BM!ª~zvœ”¤ÀrÁ…Œ	˜Âþ	Ö¯	^ WïóF˜eÖÅ»ûØ»bsˆpæ¦Lñ]-?s$U,p“ù‹ºÉy)4²XHgœ˜@l6¸Îi+ÅqM5ÜÍ8*Ò+@„B‚&Gÿ9õØÝ·)Ãš¡½Yvà&¼lµS•0ÞÂ û—:	¼di¢2Ù¢Ö@8ä-pR¸õb5Û£“Éúó+´Êö`9êìÕ$6I’]˜a¦3,±¸É‰ óÀ¦Nf¾üÿmíüŒEÌŸGgS÷vµ^£ói¤Úw&Ú¬
ým¦às)ŠM1?+Ü)à-ÁÂ¤\jØÊ)v&_’žÛ‹¤¢NmÝW¼€WsS)îtôµ×“œûã÷9aåmOs	±ƒ»LR2ÓU@O\ë$Ë•:Þ¬®i!?@K‹Ç¯™@VðÎ¸p;X$'aöñ¥0 ­EPºž·‚|§D(ÌÒ›´¸§º×ÖÝ¡+tÒB†ÅçDXq¢IUy	d+îÐ £3žäîÔè¶˜ãßz«œ'œîˆ%ƒFÔ÷+Áõ›ŒýQ*\ÖIŠjï©´ÒL×B»&QS9vß[,|9Ò©ŒESLbM¤#ðVÑ>E{K,ÿ`õŠ~}CÕø-‰«T)ò¾où¥ØÑéO>–úF®ä°ô+Äµäá0Òùvóôm\N>jtÌ€uÑ²õwËÌÎP8Ò³òˆkÌ*	à_[e˜ŒEqø½VT!#N0òÃJÆá²¹LWô%¥èG l"¥²E*óéišBIÎ³—5ý’WCÇLžæŠZx,Æ?lh–e­ßå–Ð®›Dø3ÎS‹„ òE]Ü’á§C»‰ÚCµ¼":%£NE<–©t»ØqSôî?³Œ…Í9Év©ƒ°ôðì<^¡×±KÑšézi³m:èÎüý7„•8"ÐŠÉ G¢x,o›ì<	°à¼oÉ•µÊ}Éw`mfOv¯ìûßé:ï"1öBv>oNž…vÊªý9‡%–TÏêT&¤YµÜúPÂú•œA´4ñWÑ€ç~TóI-˜­73ì¡„ß†¨¹-¾ÓGÁˆF;!A[ÅýÍC:÷’|›™®*ôK:Î`-«K½gSô9×Ìs€z’õxïG¸JÐAš˜çw€QˆªIYMÑhŽ‡Ç2\zó:CMÞI*’`LI8³O¼Þ¿Í†Ÿ†ŸÊäy^5)GŠOOHç’:_à‚$šn*Ç6*á¥•É*pªvëÿS×ïŸÓ’br•·q  
œÖ§9³Šj‘ÚY÷}­ZêÝèn§vå%²C›Ëö
^
ÁoÚGî¥{Z‚!qICµ‡äjò§¨…MdJLO’ž+ÔŸ†ÀyK/Œ¿Þ¼ä£a%_®Å½äå˜¾è%Ð‡Ò·/i5!'ŸÏü÷n>‰¤gur–¸°º¹‡ôHÙ$Ð-aÖgÖõÜcvQÅ–à½¤öAØâãWh\"*‘:
cß7‡hª1™°š’DÝtÓ/€î\Õ<Ä_7Þ5—×˜2bîD¸Ô½`2åqòÄ¹Ž97È/þºèD$ŽÓ¼ÓvÄ—“Š[1+ð{§åíç[«ªŒ¸ûÐÝtXcd«'³`•çÈÌÝbŠŠ$h)ër¡1]²°oÛHõ5ûï½O‰$¯[vRÊO?=£š¤±D\Sws/?ð”Lx™€Ë˜9Ä>Þå+€åH21,gdÅkØª0mès¹Tk”0ˆ-¼é`õ·y$–+»¼ÌÐ$Y=5	¢RW1•J½Îó{,I@c’D	ªÒ
™Ú_Ûà“ÁmÛ‡€Ñi—Ã?âr^ž“v0 à;Ž¤ÿw•DT’â
êÂEQ·õºƒ@ß¦ðt×¤\`Ôâž!•%fyk(!€D9YN’²SWt/Âõ–õîp¤ÿm»æe~á·@Q$·R‰ÂG·<µ\m7Ív&¯-·
(AÄ@S¼èó³CKyÛ£÷[“‹’§Vº}¾~šm]ÏD‘€Û~æú$IJç·ö!¬<ÂÊ‰×‡,ZcÅÞ€ŽELŸ¶ìÚÕÃäp¨ì©hÓ~OFÔM†¥œ§œíëÿIÄ,{;k^ã°Ã%	°_ä×»R·€¿{P,€'±§œOÅ”É„Rîò—/Ö® £VºŒ›½buè’?Ÿæ¦—u	aúú**¥b¼¬\ïn„ÛR•ª
CºÖù·1ÒÈú¤êÜ »t±Ï0…¾1¦l\2c(Û"Ò¼Öû/¹{™ýè*LJþu/L¼C;ëœ:1¤Ó	1I„ %PŠ›BÊËs‡X€1}^3¤|O•µ‰‚lÍ¾¹F®3T‹Á^¶Z-VOiA¾o‡°¾+
¯k[ae²†ÑôÒÕÂD¾„#ØŸÃz{§^Ä¦c:8½Wû©L®®é1'½”Ò’øD,R+Ø efÀå’tj>™aª˜›±Â¬)7óåxÝŸóz
¶žÍ¢œÔ)è3É’"þG‚dY½ÇQ„þWC¨„‘B=½a°{–íÈ žÁò_¤"0ÐÒ)¡_g%'ÉF,"’SÔ¾t\íFáæ(’í&¯&„çxËÑR«ùÓÊ!A‹ïòZT*¬³uŽÉ:Å©'å‘s¡ð¥Zct	ŽyéT3°iuþúPNœl®ôìå]’³õ´ÈáR×ûoÑÄO÷ÛûX¯…DP•þ*–)mejÿuè)[´_…Ä	ô‰{`t¤—
©‚¶ñ#kÐû’vÇ-Xfžip/Núf@YÐ>Ö¹‡gé‡‡C­#2Ü©Ë¿š|«‘N‹0ÝGsìôò‘út³ƒÒå&PŒ‘ëš)‰Ñ±¡.­0ïÔšõ¦ÆûŒX‚¤‡<ã4Èœÿ¤âJåäQá=oË²±—ý'ˆÒ*ÜN³.Áª)lŸÕÞy´¤Ç‹{fŽ£QHÒšU#š`vˆ»æïx4V8+Pø6ç·j3ÚG€„Ý7yW=ø$	”.î²èyy%Q²ÒÂ0„ƒ¢x“ÚˆñP~<èçÊ©H'Š›Vk.Õ(7R—¶¢æQïq¥tÈwøÄ.Aˆw„z‚i[alŒ×1|(èªE½p\,=ëŸT†ñ™1’ä´7
á“mmš"Xa¥I}$èž§ß7ÿåJÁsýíï€&_¯ ×ƒàBQýœ#»«yF+»•:ë²ÐÚXµ	øDÀ„P;‰ZÀ5….Â‘ÒeÛv÷Ý¬:£(!=¹Ó¦œ×y«;íú†aùñbÜn¿ÈÓ…—z19ìóæÐîï'¼ûô¿‰¶"­9{ù´;•_g.©.|šeââS­‰ÍñŒhÜô»Ê´ù]RB|8yO÷wýÀÄ"D ›V&8¾)zo1aÎSäé‡™ì5oXºÚá ¨æ `Ê]±Šp™ŽðÎ;Ì{^Z:[ÕÌÁ¶}Ð¸%*±c.þ ™¢Ë½¶-F+qç•?±û"f?±L=n×¦Ÿ1…ýªcOãb"9ÒÔÛº|%Ì¡Õêsy°ËÁýç­äóš&ÏõúzÂþ5D*fQ•z¢mº3ƒ+á\žˆDNU>2ž£›pJ›©ËË>öENì“ÀS;ÄóKâ÷Éžò F™Ðš†Œ’¸?4Ð“Å²{‚'7BÂ&õ=Ó‰%À{'­>gH;~÷j”‰—¾)‰Vl
W%ŒªéÍ–(¢IÎv L£*¿¸c4N`Š˜
IŸgv8œŒ‚´@õý¶/ïoÈß¥‘¿¿Ô+Wt6Ý¾Æ²°b´«Ëèð7ýY@ìu5tUô$JµNuÃ>Âí„µ_ºÇ¸TÁ+/bo±ãŸè´;Áy®9åtÑ÷{àGæ:Âµ‚iÊš	ÅÏ¶¢Æ©Ïp­2ÛW_·u_á%Î<§ÎÕ±&•3€ù*xÉå`ùH(3æÙ4ÃÏ¹|Õa±·¥VÓ7÷’®qö¯1°_þDc7%):¨àR¶ÐGN…R’2û@®ÐùÀUÚ<ç¡2”uß­‘©ûÆN§#±t¼xé$4W®sæÕàîˆ•âZ3øD)ú^¶¿"ûbé\—ô›úWüÎÒ9Ýoáç+xWëÊ!(å7è}#¨³n1yÞ±ÅFK(ÍíB+A(P¡‹ÒmV¹ØÂn‹¦R.ÓµƒòKûq3”ÕÄ'Môâ<ùÿª0&>K¢°è‚DŒµÉ¬—zëUpãRüYA Ä²´^ä‹€ïãÄ¢7[29ˆ‹œ®ößL·!iR]5—Q!Ñmœï.ùÌïoöªC·æ³Q3‰e…Ý#1t‰ºåô+•òtm!@AK‹kç—ÒÿÁx‘æ=Gƒâÿ gG/LnŸCa2¾®s¬ÈÄµýuâ)t§Jjˆ/TÑ÷Ó-ÍZ«×ˆJ_¢DEŒÀÄšL¤¾Ÿ4,O*UMpÁƒš$MØ¢°w?¸<XÏ«¦››Þ©L6;H®f)}ZýÞ7þqƒ LÑP+Át×‡æ™"ÅLzÉ¾¿²…¤'Q,7À¯Ä|<
&¤ãz<!ÔË¬Å@Ø7xý ¸»kˆFupí3A|š×Ó²§£_&Æ}{=š¼ŒïhRÿA¦íeýp'
Iu¬d¶£kÇ¥z/`/{”Cd‡jË1ä¥¼Ê=úZ½öß3ž%k—j—öôÞ®¡i§ã‡ˆâ…1Y~g!nÐUj4V¨áêö9à¿¦þ#®ÈgÌ9RïñÚ”†×O“`4$[é–´Wò¸ê
§0G91@‡Q]Ù§á‹Ù RÖO’5`ŽÖr¦ndDÑ%ú ¤ e÷áv¢…ã’d²°%\PóÎõdás¢fÜEä›ãZä,ìÏQ˜¥³8„	ÃlÑÀ‚ŒîÌ% t–¸õJáByR-´Ôuî@º°hdãé?Þ>ÑD–$QõÓµbÖÔèƒb©j£Ï£§+ýúB¹>üÏXžÜ[ß»Ñ=- ¿®ØÚRûÐÚê¥‹õ4Av7¢XKeG]â £Þ¦›»%±(€ˆ~[.z6pk8åÚ\2¦¾Ôp‘/æäxEê)A°(À™x¸ÞmQW«/_­É^#Èß#Ô…årõvºU¿B½gXÀc=ä'ª1¨ü‹È	@”kÂ:@åvÊ§”ýM'¿%6E(ó†7tæu]ðoâýF“Hy5ÿèŽ=mÖnáâ¶6ø>qLðCùÐôî•Çý½‰k7¯ú©ÎN¯¥µ¼u„
€±ð“~4~"VÆèðäž’‡HIËù.àbö²Ját7b—Ëä±zv_žÉÛ
x³ëwã[eìÀ/`fÊ×:[A6¨Û¦ÙÊ·–êš“Ú*ä¬zl¼ZÌaŒ¯©4V¹‰ã	(¦ïÖÏšO2r_î¶Ç#yˆòJîã¼2pojá‰\|FÃÌ&k°ö+Í=×Gôo©>dHn:z;ã¤ß¸àœÌ´µ32Åe’‡${Í»ÊvŸ4˜oÂ[OaÄ7r~2çX¹tw]yQn‡§¼ÓYÂsÕf…î¢aM=‰âËÎ>Ê»˜õQyÙÄ0}öšÃ€ªžÀyz¾M$‹ª4‰ä{³uR«ß¶£‡TÌôç|yæòfÑ³Ò()Êv<žzzh”ä‘èJ<ElÀZ!ÆÈ¥Ûj¯½ OMð17+p‡'š\’QR)kD]Þs£%Otvcï%'i:Ô]B¸ÐXåéTà$…ï-lD	—mîKd­v…¥hPçÜÁ*xÃNÑ8¨ôùè¥H
7Ü©«DžüùO¸—3_Ó©¾[]Cví.çQõpÂ‹=³–ž]7S¸3bóS¹¼\ÀÍçÜ£9å`oá˜,‰²Þ:nd‚ šÄŽòvÜpôþÐÔ0­/Ÿ7Y-ôEhÙy9WZ"_ªÏ•y+Û¥½•Æ£à
IýîdF@j‘¥.Ööž5ÀÚáI"vd/L<¥±F€0ñÕE
¤(‡[vÕÜl¦€Ie¥ŒÿëÈCÆâÄ'[ZªªõÔÅõ¥žƒÔGW>ñëFö]8ÞâÄíz3¹%êÛ`ss¦8|S}†;IJË¡‰ÓsÁd9v¬Ô|í²¿ñ¡W8œÃ°ïAÀ;~€Â<pW)½¢YXcÒî…ØuDËŒ1zm“WX?jMöP³Žÿè<®ò°ñ×ÝÇw¿s¶EèKæ†»vI“^ü¹öáI³˜™!`UÇ»þô¹òÙš,†¦áeÁ_éëD(Zÿˆ<	ÒŸÂšÒÊãEd‡RU‡^‰?“~M4m+^HZ`¦´½ãÊÖÖ_þ4u´äü	^ô Ò)²k„Ñó )R±*†)šÌÊ³LèÔ u	¥(é>‡+’x±þuŠêþ¿ÆTÁ¹	àËap…§†£¡I?Lð¾/øoat,3HÅ4È“œÃ—ïA ¸Å2ì+Ù“$°ÃÏšËL­+ÃX+‘£mµ_f=ÅtžYÔhH
šåýÌ?c-¸þ>9KÖ²¸™ù’5’ÓnƒZ4Êá¾óÿt™æ+·ÅS$z­Ûì@;öû?ïþ9·]µ/æ5Óy·Ê´DYˆsÈÅ¿ºzp÷4‘(1'•“ã›‡'ÚÜoD¶¥xhù‰RØK´àîmVO”5¯úòõ·ÏÒ-«ºÚ|çxŠhŽA¯Z(‡-çâ:ÏuG‰¶§ã6üOÕ·`§·âT~ôÅ_R0ÐÅš1A—ÿT“pAi3ôºýÃ–è•»)>e„n
''¹öbÅ}¬4á¿ì¾kÂõSyôS,À¥í¨°îô÷³(€°/Ÿ<‚?6É´¤ú/Š*þ¬ë	ýTŸíü€ÀR±òlFšà†Í@©ÈÔ/c‹,s¥KÎÙýW=šé?¿ßv+W²Óò§ß(ë.vàqÉÂãÄ ‰9ûà¥U\ž8ôbpNƒFŒøRk÷ºJ}œÜˆÛ±°²vRY¿‹>ç1\£öY¬"Õð¡&q‚'[œ¿:’‡ßP#óvñÆi	ô|µW§‡´ßÔ_ßóÈäAwØ@é2wûTÿ*uŠ»!šFýÉˆ({Ôz§¨€äîÐÔDüÉ
 Ø²òã
bß»1 t/6:ÖqGÔÊ,KÈÄƒœåLoM%)&J{ÜOÜ£+ÞCß¹yá´_|Š{$'S’‘Ÿí/‡™x^•b9”ÎÄÑ«“û!¢±¨¥¾ .V¦^3bâg¬}JåÑzps„–îÄÅ¿ël¿“‡—Hã<½x£íŸ°¹\sªªì†ôí‡ôk0½äSšì\Uop{—¯UN×uÌ»§7_æ›«o üªÙëX,ùæŽ3Â£He3…vâZ(–Cç5n?åI¤4Fo <Aã&•j íñ/àÏUX‹…Äýc_èv4'&.`ƒßÄŠì¹L<jû¢ûØ'TIô€€gÿ4ù©GÐpƒ„~îÈHH:ígÐÝ½…Ý¥¿Œ/î”Rðþ)Ý®«ŠêyW¦º~y¢jÜß!Üü| Ž¾áŒƒO¤¹Ôù@'“ª€Œ•i³/¬ÍÒuÚrRr; æŸQþêpäCfî?ÓžG[õ‘¾³QÁ!eî3Ã`é¶ö˜Bû°î¤ŸÂÆ©c&}Ãhâ‡¡$ÐœyWÆ±þû'i:ºrõµŠw¿wkŠ7×¦]Øá#ªÊ*–ín¹‹Àè¾u/7€§ÕÍ¿ž´4{©ehýÛ(¾PC¡iºƒ#—ðwMîý¾I;€U.G'¯·¦âÕ—ÞíÞG•9ü¡¡N´K¸Y¹ð}×æ–üƒrŒHæ8½]Þ	oFÜÑO°ÐÃ^Íq¸ôÌ9ƒG„=©Õ=Øä#µb2n¾–¿ç‰¤ï]/6‘XèŠ°uä#p¹ÚÏ¸ó÷ æ•êo•z‹-eœÎñŒ3[&Éú¸x0ÅKùüæûD…Fæ'ÔeLï§ˆ
÷ú¬ìWì"Mo•o½PžfwÖÅ›Þ]„^h´¯õ~²–`Ÿ?p?ÛFâšÞ?Ïœ¹˜¢.Ñ€£{…|ÆÄc2"r/
_Ð{°p§ºÈ$ì¨GRwƒ¢–×©ˆ³÷[ÃbªsŽÆ?ôV:o¨
ŽK)KòýKòð‹[Ý~1Ýyjòöè§$õ…È&€#x—…åÀ†èºòó•ëÈ·yÿKû£,ÍôÁË€ãñ@e´/ÓqöVÍbî´ŽŒ-%¿0Hþ×‹ý6VnF¡$¿—µ·¾DïgíÌÎÞ.˜WþU;?øt5µ¡•\nl°@yQÉÏ£?~ 
ÚVôt²b“¡tT÷â;_ž>tT²Ì{úù¿î`h¶+ÃÕG°§½¨¼lW)·ý—’¸ü¢•2?,Éo>´ç	wnø6šr&ýŠOÃ\àŠwØë(7¤/9ê!£ó°ÄÒ<ó²A ÍÓòX|,Ž¨òwÞ\‡P<ƒK:V½³R‘­ù;LUó³æ0ê>;D$ƒÀ„”·?´Ý©gÞéTýpék=(DÙpïzÑû§•¼Ày`²¥Õ”ÇŒ3Y’äD&)NmS]¯IÅäq–«Sç¬Z+¢®^²ñÌÐ^-ý²X*|BžžµŽÆõ=iöAíÜj;¶‹Ê:Ð²Kåç“€l3#9ù¥E<# Rð>¼‡J‰÷ô‰)z4>ÕB»@lóÿ‚4{\ø/Þ‘ù¯ñôn±¡¥;¿ÆŒ-"º˜âT]`Z=¨ä¥Zev91*§U›Yáþ&´è‚ÿ	@Í}úkg—Âm.\{OŽˆZ)£“K¨hŒ¬m÷%–Ä/E
¢®}¯?ÝyÒ1÷x÷Þ¦»+HŸôÎ†(Ç7XÚ5Š™ŽUnÿ"àñ4ô¿v_(‚2ËGò‰ßÜèoPáƒ¤i¨$P¥‡þ¡™V÷£¢`£3šA"†·?¢¬9*<z*ã‰vÂèZä“§6°ÿ:91eAqJGFÛÈOŠÔ­¤T³ž©˜cï¡|£#bfQXõÚŠ‘ýT¥¶ñÿR¬Ÿ·ÁÏ= ¨¬œ&ŸDÓ¡yÁÍy%0°Þ­³ÿDžœ°<üêƒ¡qã¹;Õ^<§À*	g­²zu]¬¨º#¼¤Á²z ²gÄ.Ò×6º?žw £H´å	ÂâdÂ5_YèŸ1ßŒê˜JtÅR‹„*Í(‘´žÏØ‚æçYÃË"8Eû»¬PV=ÊS0å^ö®TZ›ÇªÏ Ü/ß¨ßãúÐP«té#wB/éð÷1JÐÙ4µOî3Ð°ïd‰/ïh	WÕZÐuÂ}½Ø›ËPrÖ%l-ßK{,N)þ†qÿ£õñƒòm=ôzë%Ñ»öÙ[0IÃÊ_›ð>Qb&Pÿ¦¢TÉaç;›êƒI +ËòlÊ’•ÿ©GQ2/wÕ:Ï¶†Œê	ŠßjyÐ
Ø%ÉwÖÔ$,»¢¬cXeH~CqK“­Fåâ ìf¹´‹ á1róy÷½·!œkât5™.¹AW'ßæ_=]´}œXzOc|¥ÜÅ²A¶[=È«àM†qH¿ÏU{‰Bk)çŠ{Fšº]7¥™ê]rÖ»($í)”¦ûlV½gñ†‹Uq*IÃq.l‡®/Ô˜k·o£)8(u?:Õ‘÷ÕÙ›—×z.zˆ´³0²õ{¢Å>ÊØm/ÐN,ÎÇ¾™^PKßÌÑ.NOWøÆBH`ÀÝ‘kà]¸]--ë|ÇŸèø]p˜ío+:ÿQ‘é¾œ?]æöÆ’‡Û§ZJYéFÒÏ®¿šbC»+ÍÚ®?måp3ñ±*ÓžÆ©ú¸÷xµwÎí¼ÞÇe¶l%WÍz+sbI³v#Ý'½Ðµû.ÆÏ´;²Y×é~yM:“ÝNšêéðúL€oõ¨p­˜¸ë­®ùÎ3	CŒŠ¶Zs`~m­ÓŒ€h«¥ dGd|ó—+ÇêJjƒåFÛô«®PŽ@¶Ï¥É	Ùuægh´kB=NŠH,ÚÕ¥Ë¿n_m©>†/TËî¾|Gˆ×:j|=]MÎÒX¦Š·Fì(NÄ\v…=‹b÷*Ñ±[­\kÓ?h–¦ã!¾&fýƒ¸÷ƒ®
hô+·vÆÇ…§Îg§Órˆ˜Fœ@Hü1¿T7·àð^\ÃK9û]Ðð­B8–<ÜTK|Cy`j»¸µ§lð±ìÅïdãQÿGíy½•$G¯×ÞÇŒ<Gf@(Žg†«oæé"iA9)$<·ì¶Ÿ"”(REÎ:ŸNG]V±¹Š3õcÂêjÿ“0
ß,>v‚àdÔ¡P!ÑgÜ=d‰1"³^k…Ç]Öu–@²×‡¿·4ÊQ¬<Ë³Ðæ`”ˆcáüpÝÖ¼^¼„úòÃ—L2A½–©Ö»ß©_|D9G¿öŠçÕâb·]cø#C[SîAU¥Óz'*½~Pº])…L•üóã.öeÂÂc+·¸Êëßfâpõe'ìî&ó¡éÅˆ$NmŠã.Úø¿º¬/Ìöª·×¡"¦KÑµ¯	X­/‰#Wó€”^N´,Ñ1gèDœ·UÐ±ä¡¦~ÈóNŽ³ò+q7¶Ø ìŒÇI*ÀÆé+3¸½p¥üÁuY‚8z¾Ì™ªÞ‚ÿÅ‘UN˜JU>ˆ®€¿e†`;LïÍ O¤ˆJØL „ÃµCM¼ékS%hõ°”$wqÝ‘‚i¬80£þª’Ú¹Ê€‘Ç¹~fS‘é‡/}¶ Öå*ù‡Ê’,dé<;’‡‡„qA7çye‰àhL—{¹-ÖCÀ3ú>þá#¦÷ñçGÐJ­MèCÃã3_ªô˜
„i½Ôq7ÅSÝùPLNËÞ£õ'Ÿ£t1„o{;¼µÒHÌ<n/?¢•H/§¬îõÞþ’ŒJï©”!¤aË×sø‹úŸxúx{ÄoHb7­ìb^9Â^È%ô½»‹bå­m~Šý–ñëXfõšæµÊSL\m"DuP÷„ho‹csŠvIêˆ ©Œ¿WaãÆ°	ÊçBËRgúØìKü°=vÄÅ_NDU3=íŒ=1Ê«ú, ¦|XÐ:Ö½špYµ²¦™²và
h ã6ÃV—Ç@N3š;läÿ‹áPÆò?7mÖïÂ€]÷R%í1oxþ£v…t:~Ò¼þÒœí¶é$žâ	#mæ}„F|(›qá3ÃÑ[BØùžh¥~yºUâ"y:LGÁÔa«š…hµhü`v/žpèúç–Ö!ì½ pƒ«Í7&ôovv8.†v´sL\ üÏ‰%–•„ÎßÈÚÐ7n£×ÃòºÓb«­eÇ(1Þ0ö5ÚØ.Þ`VÛþEXìºØ<£2Åß>I7©j±„éRbˆä—/¸gW"á"µe¶òŸ "û!AáR…¼Þ¾àü³;‡gñ.”|Â‹÷ŠØ ·ìÄº2„³}Gø™W¤Ëæµ.t×íÞ³ˆhŽš}mfä»Ñ…4Ìúñ9k+ëjó‘BÐ`Ø]³lö‘ã”)ŸU bÑŒÖõ-úÐ   ‚õ(ŽðÊ£u€âdèŒ3Ó£øQ·tŸÜJ$’©®¦€{v”sITn’]Êª(ìíAÆ9UºÀ}k•œý17`wôG	·4ÝtÈƒ²Ÿ¸#:=Ÿ¨ê´e"“+)NÕ¸ÐÁU÷*=%OÏD¾" Ã×0h¾¯L‰]ÒõVf°‚£c³¥z¬€âs%)±ÛÜ¡N˜9ºdšÖ‡¥Êî3¸‹-‡Äs	¡K–™³‹ÿ1ïÿíÍÏŠ¯YvÁ^°ÛjÀÉ(çäÌˆfÁ5¿¡ä®¯Êø2ž†àXÒÉ?×äµq½.qC{úÊZB?c“u³†¨^ç8ùÕö;†åT¸ùæœ-ç…Tgˆ9ê9ä£™e)„0ZCåRÊ~ÍA§yä4_Âãôzý
l}šPÇÈ€3Næºê•Ón>ö»‰X‹€oƒ8Æ¼kz5¥WÑU½Hx²€Ù{=n•åÅÒlme"¶ûÑà{&ê²Z¤£Á*ÜòÔS+{Nªf{y´ÿ-së¢m#je€	êÒ+ÛPÞ€äÎ.kÌrZ“:T”µ[üÞõ*Äh ’Ä,ŠŒE
èUß-#@Û,‰ö;éÁÅ«„rzŠ@1º-iî·óüSŒwh]{»ÌÚ_Èy¨(ÄI¶WsÒN}
Žc2Öow¾)–V õ…,tR*Ø…ŒÚÔ„õ|çFhEv²˜-ã$¤û¸¡(ÖCàW÷¼ƒÌóÛM4³æéÚL>»7<ÈErÖ¾£ŒÈ7ŸAÐ~¾é:"ÝKÖu¬·z„Ã6\mhxƒÒ¼1þôžÊËËPúI{¹„B80W¼?[üGZàév“]Â8Î=(yôË!=7ä¤ZuYz£ùœHu}æ•ÿêH¸(Âtûù¦„#tee>Î&Ç¥¬Ió+Š0Lû^Q±_Ø1:¼›îÓ9L¡/þpÎ®½ífô“œÀÙhqÛCVãìØ‚#ˆV?=‚r”òÄÝž²R	iö±Zú~ 9ŠnñëÔfAÑå@í!\n¥;¦8ˆ`ÖÙã¬ ŽrØ5ïº›¾Ø¯Þ½0u†k_0D¥ïG Nf½x	4•%
/ô§1ŸØý¦ìÍEìë`Æ+à½š†W´ƒÎX¬Üð@Ð6¾3=“:ÙÑ×Yº‰&ŸêÁ;‘§ ÚéÃšo–Ud")VåCšC4ÚËÅ’…zÅF¾¦"‡ä¢^½v{	wßîþqÈl©·'íÅØ1¥àkK@axK?Ì…•U”)QÁa&$œ‰í¨[ÍÜ]†á/G0Pñí(‡¨±õä,·ºjY1ìßù†8C~í”2ýjÕ6Â·YbæÝ@<W€.Ž+va–P¢ÁØ¡­ôÙ6MÕÛMÎ³OŽ—bêõÎÔŠH	Líˆæ`í`I+¥\vi5á:ŠÑbäF#ÙBü¡ë Á°üšŽ!~Ssù[~P,åûz„ûý3q2žÃwÉUžàŽkn#³\0É¤l/>­œ\±×ƒiÌ¾‹%À²¸ÚOOË´ÆÑ{ð1õéBûV3Á»¤Éð¿Ÿ,àÃñÑÞ+R4–fØxð‹¶}W{Êø(ërÊ,eÊÐºõ‡>8sZ…Áæ\·•P"ÇÂ5ñÀ»e¬
yV¸h
­F&»”Ýë,õŒòî¼ëäþ½Õ…D³·üßÃ]ûÆ¯=íAlÊ']d@p³Ì.¶ÖcÃå^é×ý¾[G@3•ûèéG‡ø8(›ä4ŽÊ2;Ó£ÀÈ2u¬“¼òH#µ-¶,é®á|l±ñ?môÏá:ëÎÈÿñ„¼ ¥O(ýâà—ÿ )»E¨—N6ü¢kâ¥Q	‘¤—P¬×í©‡Æ™w!Ïv’ÚIþµ*˜ÃÔbdK‘]¥˜NOâ rQ›‰ÿ›Ëš¹uÛQa*¬ê („ ±ÂðÅÊ±eôGƒsŸ_gàÖæ;ôÌ1„Ìª¿ä-×Ójþ–¿zÊ]²¬•á£ÌWÇL@	o	yWa´]y@W”²Xý–7/$Ü¦¥€Ûƒ‘ÈéR|ÅiqøÆR!ñFb¿Ÿ]Áª >`´XY9}…ê¶IÑ¾Ö*Œ’8ãÒR6¬äÜ&zÉyÀöÅñt»ÊÇa-_¹°YžU‰= õQT!ýz>nV÷êW?
<„Í„Øç‘®_ÚêwÇ^˜Z@ûKÈ±\:)íS¼Û:ÛM<ÃÐùtÀ^4‡õƒðB }NÅçwÑ6é¯ qî	ë”™rí‰¥ÓÖtTJviHðŠN
Æ¢ûøscØ‘ƒy+j¿vÝXðøALVÕ§/>“{]êúôSrní5[	(-´À¨¿#ì…¿ä„%§’Ø8òüªl}Â•ˆé”Å…SªÚøæÍP¯;ìËb[èÅ´×÷©ó¡Â/icŸõ2À<‹sWm-ÜÞE3@NÚ#IóÏP’xïN0¶Zia75<‘‚9¾çØ Ó0¤W wíÉ³CßP{eø„JšØÞ(ŽõI°Ë ÷®u›ECtMÖÂ˜tyRBã+z¡a›ˆËêd¬U ¸×/yaå«z¯êœúYÏzv¾
zHè¦sUáy’<Dð/8ƒ+þ³‚Ç¨€éVç ¦ã¤Ñ¾w4:Î_aù1„[H”¦¨5˜Q§9ßtQ­Åì µwbvÃwWfIóþXßÈE²*Éà“à±°±ÔÂ©ˆxÃÜÁÎHÐL¼Ž¾Ô±òÛôÞ––+åM®sètâL[_Y«ªÞ!W$H'«Û”iÒØÿõåÂå–1ÎþäßÐ³Ø2ƒ}Ï¬4qc—èßCÑp³}§íÀµ+uJú-¢/ƒ™—BÃ´dd5|ó‚‘kø+õë£÷×|ÙQ¢´Y³ô)"=b€„žÄÒ`Û¦]ñ6ì_R£'z´õ³‚µ'ÇÏ›G3V»ÂËo:$œÉŸô!Íßß•èTsk”‡WÇ
\î;‘\º%(I(ŒÃÍ1²2›gÙÉÇÿn'
»¶ZpoÑÂ"ß^KS¥~µ§›©GNO¥)ö8ÐŒ'•žÈÑŒ’ÅŸE®^£Kx¤ññªsÏŠ°wwŒMãg’Ò[sÿ’$ª–(­~#Š'»§x`Ï6×SµÐ(]5¬2	µ£‘OáØ«Ã?Ìji‡Ðƒví×F‡ázkG·ÄÄò‹19H?¸eì}<A7,Ñ³
gOR\nÆñ¥¶Acw|ÜQÐìO¸d`(dÁnåz6˜ƒXâU?!–jcªÖ×éŠÌXƒhîILÑ>)ÔÁ –ú8ñ¼‚¹+àŠX1Ä×Á”÷¹âÚ¿¤îª¹ÔÇyc¼?Ë‰
9O%»‰«\aàßÊjoÀ‹ N?'kÒu’¨Æ)RÜ"…²ºaWÞyêl–â6´‘büì<‚ËúñÀµåÐÃ›È¸ä¦QõXâ­ò‡œ*­K@6ƒã5Âý„òÜxbÑ9‘-rLžh=“;ô–KýÊ°GArÔžþ…TÓ¾<a/±~à¢Àð‡Í1ØNe"\›g£™fÓãÑç¡ík¯”é9ei^'$1ctˆ lÇX7b˜Äç£­Èþ˜gŸ{p¦òòHOÅª%þ:ëï»AËW‡J‡<l	’Þä´Z ¿ñ¶IvS—|Ýœâ6…SIí.ˆuQiÚ0ÂqIÐ¨¢ãÐ.¼ï •CˆüD{û?‰Á¢µ
i,f1F¢ÔTW(+f€xˆ£,Ú{˜”o8¦0ü7dbYÍ Èz¨Ç\{[ÅóSó)ß±8ÁÐIŸd)È9qª‡Ê 1²\ÇÔÞ…”ôcÁì?ø]“ž%µ³¤È×É¿”/±mïœ‰1´z9uör7µ›À~b
Íô´Þ£_µ1˜™ðDÊ3ŽSE–¾8Ó‰—Â‰y@£ÞƒrP¶´*cÔ¾)–ÂJ2’¼æÙ\@|Ð¢I¢{‹4·W£Ö¼”?ícõB=éºvyÍm¾ŠY¦Ÿ°*öá‚ÇÁÙùabÃ‚”A~Ðv—ÅPýT´ŸË^Ê¥}v­„‘ÁZÐaï{;Ô–fLG˜½ñ.œÿùô®4}zÆ@#¸Ög°oç&ùƒ¤5$¬'Y!¥E]ÅÖM9ý;qüÅ¼œ1ökâ½·“‘ ø¶•M^â~Õ} v€N¬¤&ìêœ¯õë
a{VÿÎ•~,¸ Zi±ö;Òqt‹8’Bm…SÅ5ØL{Úw'k¬äŒ¢{#ÚÊ}#ÒìŸâàé®Víš`Àžj’O³èä~1€:k ºß0½5C-tÊ‘ª×Æ\q(½µOñ]‰•3ûÚe(òCY•0§	‡xr@iZ¾”1[5òRv
]]´réoºÌ†G¹~Ò¤²:úµ\"__‡ÿKÄ¾´òki£¢_5@ð­CºäL[¦¡ë;°xcŽ¢™Æ5¹¤[ÿ×‰@Éº]¿¹,Z—"£›˜¢‡Y )˜OP·ª¦À½j‘^ìßÓ€l}†¿SùÅvªÓ–%éÖü)&(È®·Å–“òYâ[­ƒn0Ÿå?H˜Ê˜¤0#±ôÅ§„nüçZxxË%Ý¶$òóUÀAkM{³[sÃ˜o|…³YÇ†Fc×7ƒ…8ñBŸ$Wè+!üøS¢ØßúT`j\ßÄSþ¯·0Sð Ô=¤@•o¶ŽY<»Ynû8R)JCüp`€ÿŠB†BQß|ÅŸŸæTf¨5¤rÆ?N8|©-3 /þ!Ã./Y$ a^¶ïïEåâÝpÙq‡7LÒN‹pë	¶N6ñåñ"q‹!«ýi@¹l„‡sÅC&»"—,ð¾æÛ`@½-U~+Êà×TÎê6›7²‰ÊrtBÀá¬3(éã”±$v²DXyh˜UÖÑÓp=[0±]€ŒË¡AŽð}°úð›ÐH67E½Î4Jt£û½²á!”P•ŸñÓ6YÝœÖÚÒã$„n˜ÉÑFØÓùO”«'Ür»`L1\‹£—GîM‹ ÝìI‡~©úy‹Îõý®«JˆêÝgqCîÝêØ!¹+‰±¥-o; ·—¿Ùc&£„×dÍ­^‡¼åCµ‚B6N	Îv—¤`|âÚµ	Lx3šØN„!@Š·ë†pyŸÑ„o?–50i>êˆ“¥A)õxsm"MS£‹x*X¤ÄÍHÜE² Ê“ÌÍ^Ç‘xRÙ	)êª+Âiyì/oØALAš[[Šµÿ‚råšJ€C¡Šß–6•'ÐsE·Ïè'²PÓ¨ô\Ø;U×z°ß,Û*Ùm‘«Ð×¢Þ3ÛÜb¾ôDúŒ Ð.ºR³ŸQ@Ö~wC vW’%@e7À¢€­æ´à{2º)¾a¹„¬7¼Žð9·¬ù€ÇeÿÀW,‚óXð°t^·}ïvÆÞ46VÝzu¼`WOå°í¼{x©Žn[Ó[½…éiFÌ9¢^kbÄ½#_¸=ÔúÕA_Å2ÇËßOm!‹hw©µgð[ÅYJ³Z‹úÌ68¢vB6ŸÀ‘øjøÊž·¹ËÁ§ð—ÌeI° Ìp!Y¢·ü›ëñàoFUP£ÁZl½˜ž‡CðÌÙýÞbŽ0«ëIoqmPP¡÷§ŠlwI²Ùþ?v	¯q:S®›’˜*¢áZßØ€Ë€ñK°‚µ^|ŠÅÈðÈYcƒð;˜g„¾…Ãêœn*‰†lü'®™ûñ«·³Ÿ(©“Sú­ö5¦úÚãU­GÛi>é‹v©.ElXhß˜É+¢s›‡éú¾Á×Ø-@Ç--ÀÌ»žXÏÁ3¾¶bò'´ž­<%wlÿr§Ùƒ/«Æ´B—ìZ±þ­ð»—1~-òÉ{p&iøÈŒ­Âw. bçË)€¬,ÖQ¯”ænC›ÊÖ–ŠŽ jeÛPÿÍØæcÄ&ï®=Áîoü¦²–Ö/&1ÂÌ¶zASt)CŠA( í/Í×à90{9g‡¬IÒ†m1­X¦ªÂt4„&/v€@Ð»Hz$·ôÄ•ÅÔ•28–ÿz ×™Û»ÜÊ…}1!éÃ1ÑöjOÆ'v<k»ÛxnŠnK0<òfúy{öl­[è6$@÷1v)Y#-i¢4L$X`P½ÉT{²V¢‘ágóÂí ,ÂË*`ï`‘¾æãôJ·*ánò(m…--Ñ{‡?Ÿ„ä‡þ.Q—¿;Ðe}ªÈÍi‘ÍogžÏ¬UØ°²æÀêƒˆÐÕ ¼°!ÏgfÉÐh¢ùAof¸ùö™”pUs“{Aaús‰âêŽ•¾ÌøºN
«[›î
PƒçPQiE¶Ž7f‘âRŠ—m£‡Ý-8¡²V"]*Ä[NW&÷ÊÆ”¨r!d)Ì
3ŽÜÉÍŸÌ³þ6þÔ¼éK4SŽ‰á±ã¸¸1IË‰6þûHv$œ«ÂãÚÖp–ñR£Ûv‡ÞÑñäE#8ñ~µýÍ-5xîíÆpÀ}2éUô×–”=ó$U#p¢€Ö©YEúñÅJ¹¢m§ï‹šƒ0É³úˆJcs‚™ZF	øZ*ó,Ç@³2Ï]RÉP6a=#ÄªU«Ë¢ÝÔ5É´PRCuxu–¹”ªN|DRI¼+4”E·¥òIò-{–ãã#™âDE|0Œ“|·UÈŠy]ÏöÂÃÐaÖJIãVŒŸæÃ­ºØS¬tw¿ÁÝhõéùzâCaXµb®¨ÔPO—åoNÒrP’_§'"NVeV
XñÛÀ’?è9ÚÿƒÄvê‹£þ%ÎŽ;×ÚÍ@×3Sï­ßeó¦Î‚<frä¸áŠÄ§ŽjÈ7HñWTS‰1}_@ÛLH'Pú¡jÃ) —³f¹FƒÇp$„aømÉ˜GþÒ¤H&Õ'On‘·S‹Â£O[Í¾h(Ð'Y&Ð¾g¸¥iÐ¤S_òüÅ~ñw÷?áw†=x‚äD`vÖlJ<ÃÉ–uKh¡S-¯Þxpÿ¢­{ß›2°=¹­P‹ÞZó¨±€çPJ/%ÒdØk’wn¬ç/+r0¶	àª^qá¢³sÈÎ+Û1(¢è0ÜÔ©Ä9GÀ„Aø»ËÙ)x#ýðIÖNAã%bžCi/Jþú|â&ìsx‚Ç‘©øÔÊ]2Ûä¿ÖêH=K­‹éZ)|Uñ¢Ì™ùv8©V 4ö”‚¨nÚj`ÐÂ¹uM
dÑ_¡xf²Ë¥YõGûy‚r…‰¥ÌpKt›»Ú#0ñŒo@ÆcýëèÔS¯&@"{àU}‰_^q5T­ã°É Œ~¡š¿#£ØBÓ¸°5¾ZyO|'žòž3ç !ÒÖSïmGTù÷jí€Pk#ÚÍÅ¾”5ò#%®¨€\Óï>«•`/ˆE@uµñö—`0´RXŒ»¢R²ØlSX‚N©ní ë…Á·Çiºaò‘ð}Ö¨°*=ÙžàQm;&‹š&Iö¨_¨h·~üFo8jw£ñhÄÙŒ%¶ÈgdÙ¬ù'×´/„GRIP>·ºžGƒ×‹”åÚ½“sÓ¶!)t+VÔ;
wßw¢ŒŽ=ÐædLvRù¾ØmAòò¹›6{Hé%óO–ýe¸aìîM/²´ß9J+½b’­ýS~ï7)^¡»›ÞG¸ÊLÂiû¶Øj:¸a¦†Åß–`˜¶Mcøƒ÷2ì3¸äíÛ:Á·b†ìÚ‰ê.“!Tá\«ØÕÑm*N×1p¨¡$4
'ašþ °;¢í:é:ÒNÃ*í™Z4„'Š2‹Ÿˆç°ÙY‹°á‚Éší™Û•mE&óÏîbÏ¾4ÄÂ¶˜,ìFæÂ„£¼îSìBe…¿Kô¾j.Kè[œ7‘wüÂÑ{h!¿—4G!Mé_¹¤|³N6²â|å.N1¾×›©2"_]¾uÖ;ÔQÈ^ÆG6—ù˜Èª>|áì0ÿÎŽôÖ¡/)%“Ø:®ÎyK¯ûÒÙ]ÑoQSs{ù2Þ\Îª-DPª€Qû.uŽìˆµm%ˆUçdt>-©›¦zÈ£Øeì¨…ã´ûÛÐ¢}‹•MqÔa‹K‹üáC[à¡6N”J’¥Ÿ“|‡ä'Ÿ£C¿]¡­xMaEK£Q\ó¶‘ÇÆJKLÝÊÊ—´A z_¸5ÛƒuvÇ×ôÝÓ<ˆä[}>ô‚`!2+‹i”C,ìÑÝïK†š5–žÞ¼Âcdm¶å¯×ú:€•Ù$FyKL£vZÙVÊÆ§ßŽjåV²Ý"lwOzÀ¾BÈÒ«e87ÝN}ò/aÏo7È«8LÃd>¹–<Åšóç’Í:uwø™ZZñø²ñ”Œzßü-è^w€‚–IÞ²VY8ëù„yº-ØAÑced®¯•IÒ”·µ«TH˜ë`X0½Û÷ 7ªPá+Ëž'‘àP%­(ÎÞþžP¨aPËt'ˆ“é5pÇ C6ƒsîóAˆú/—·ƒŽÙBœU¦‹¨OÚ^W%ˆiÇ`8^®§lÄÎjùXë×3BDszšóz9Q¬èLŽÈ‹!kÝ{›<‰Êª&¡ôOqÆUºüñà¾RU´d€Ö%òxñ3fe71Ç©éÎ¹K;ZwHîgUÂãBezL<®»5—#d~B,#2»ûÿ•!ä«s€ú¥L©¥j×ÎÏn±™·=Á¹"åé‡ª6Q¸rPå‡a´[Z' 	¿§Ô&›F@Òíã$^Ï;Í×R*û™C–ftþÄç7ÓØÚ\g[‡ßL‘j—M§nú€8s™ÀÑ?ÇÖž¿!£_ahQ7¡u/üØ1‚‚¦¡x]š8•ùŽ±’µ¥sK€bøÁš¸¬ÝÂÛ $;¨ŸC§+†0$JK^•ê¨óð¸îý=În"‹½VµCø›<çƒy‡òòÀ·cûc6Ø§¥å÷ËcUÿIÍëiŽô³õ	¹/lTŒöÇ‡ÞQn,[™üO„#G:Œ¯D«[³—5œ½cXüÞr²Æ{,ûyV@£§œÄ¾g(w'8§fªO=éNÇAe¸ö‹=×žÈõ6êìÎÉ81BéäŽg¯‹j+±fØ3r@š‰uƒ“ÉÃ:€ô;µû•éƒaiõÕÃºîÓ£\ÿ«Špoéhœ·a®µÜbd®]pìîÂ'ÇƒØ^B.¯­™ž¢UÔ†A¾ñŽh7wEÞÎ@ÆóˆDæç 0drÒþ3fò®sçS¼Ú¥ÓöÍùKÝWÁÂÝ	^Ýjh±rHkñJØ$ ÇoæTH§rà²äOÄ+C ¿§¤6‘‡>´à‹`åªºÅ_©4Äï:âãl™ÃÎTj1‡»µŠÇ­Ïï¬ï€k^&T[É–Óä’c©…@ý_ÕŽš´sÎ„šhÎ„‰ãØyògÀL=š²GhµÈVH±N*Óa]ÇŠ(³§6‰k–h›‡ ‹Pë[¸uŒÐ¢#÷“c¼r'D«óòÐÌ,Á-ËrzžW#ˆØ¸—ªÜT¸DNÚˆÑ7-§“E%]Í¯3[Cwãç·o‹nÔ4E®…!ãÄ®`—Bü…´©8vˆPRÈ¦~X;¯ªu$ƒ:Ïãê³iå Q0dÜdWv¤\™òÿBâN½œ`­ƒ~îÈ_†²þªÑ3ÿ !\ü$™°Ig.ÒUœÿKøš[.ÕŒ¾¼UYþþˆXg¸=ÀøäyR&'ã‹fž7žIàk§CX Tã¿ö=§wÝë…Ášˆ“\RC×gÙ<ÝÊÓ±ÝA¼Äw$^]^]¼lõ·¾þx®Ï‡°:åÖþ	ïü’TýQ»%~Ebh“l]ÝÖäQêí`äÄªyfAæoðÐ¢ÊPV'²ìïjæ¶ÌÞ5 ¼{VÅºÑÒ­>">[1BGacÙrŠÞ6…’µ!ªIEÌ!éËìàYx0Ì-~Ÿuý™’7ÐR¬`—½“}!g»ô®7žäÐ’ˆÜEÅ|òÔë›~-¢ úqÉ¹çRjE4GzÀþKMŠ*_Feº%žÎÏà— Öe¸»°©’ƒ†Ó’°äMöWætàh{M@K€2â$›,äI‰À'Ðj‹«7¿°Á¶å‘†Àµ/A`º.ÍÇòŸ10áf˜œ˜ÄXö@-³ñ]˜2'k2¡Ä•,¸gÏÐcòÐ4iYø~­Ž;<Ÿ¸šcwY˜¬
:íæ©Úz%`ŠŒ/®FÖÍòú}T[ù?æ Mä˜&ÐÀUãS®~!¼¿â»c¸ÅÞ`~€`_šÕ¯·íÝ#Po)h–@ØÕ^Œß@×ç)[·IÊqžp(R,A-vk^Y;†!ùÊZZCä\TW¬Û!QÖŠrÙ¾ŒÕ9Ú¾’…€-‰o°+Q®Ÿ%S§ºU"Ÿ^ÑŒYÕE=•±×¶èDånEòBDßÉw!9¤oˆB#¨D.®c;ª`½¶!²•–O)Õž½,"¤Ha•¦ÇÝ(øÔÒÉDØ´^(æQÁíUÌUªNÕ§s˜öèÅªwÁÎðh’§D
”†È²=Q<Ë‹< ¤ SosºïNie˜è¸»µVkã2Þ¼.?ÝfÇT×Ñdú´V’0MQÎÐ>´¤4M	_nìŒ*á‚æ‹xEZFµ¨ôˆäã_‡ÜkyÙéÜ^Â¬•Üf^as	­ëÜ<ÂTHb‚P¬1‡&¹¦ëíˆð‘£BŒæ€8M—¾í¹>¼ÊÂG+œ/üêw.b–ZPÿ¢siBïèÂ;#ÆcsŒŸÎÊ"åš‰DRÖÚ”µÔ­¸7\`¿ÍFê“g…Ý,ÇõÜè†Õ‡áë{ít$Ò+á™-%œ—£I'WØèuAOxU£²ÏS—¤åUôVn¥*£û?êÝˆ–§×q"®>âžä3UÛ$ý:RŒ©^_‚d`c
«Ç‘“T9¶©9¦dŸg4)Ü+ŸãÅqDƒ¢¨sÑÊY3­é)èÚ¿‘ÙÂÕäí³‰jÇ\Ôbß>›Ð8›Wˆî¿»’h¾Õ[ôÎàµ}éfÆ‹vöz_“§q'ÞåÐkáç°þÒù¬k})æR/ß$ã]gìH¼p›äÙ›IT£1YŒ
Ý·‰M4PO¡+ôK¾MV‰AÀƒb)êe¢·ê¼	`M—òÍ]\Ú¸ÑÑ2˜~RWLJ‹E6­ù„ÉÂC”Š‘@M4‹·]E€ê¬víÅŸ»¬W%çÌ_:<º¸ëÒš»ñfå#Ï¤! ^ú2)ðr|û•™Qd^µÃö1OÖÒ&«É¼¾ŸFó6§Ì¯ïî1êt/ý™‡ísïí8 žè\À-!Á´.¿ïî3§&M0ìøËh+¿ö7©û|u5®†¡XìÞA²ää”-Ì?8 2½.Ó]NC¯äÆó#F&È(äýÿòkoåÞFçkœðÕÞ©÷ŠÁt+95ƒŸÏ–à>ícÒï¢”&˜_íÀpSº›‹KD{“ž…ëCxæu¼[uSÏ›þR¿™«Á*Å§öÏƒŒœ‡u¥=ºWõêJX¦äu•Ÿñ‹©A
SÚ‡:$yiãœHçfÃ½M›ÿ—ÿˆ?–ž¾`bxC’»!_äChÇÌ›-Td°n¦n£9Ž÷¹€h´¨NÄòhÌõª¬:·[%tæ|'ñÞ²^ÞÁÎ0ý?ñ1íh5#ùB{wzœº#¥¢Âñ§€ãØOµéê{öà(rþ"Tv€¨ö˜àO¢ÇÑ?k)Ó	E€Ý$2ÐH 9½‰¹8ï%!ù8J›'`ÎÊÖ‰zùžz‰²«št,SèþÇ
Ú~‘w34†¡Žr å^­I ¢ä¼|¾.Ü ×âñ´LKk‡ñ7 /µÅHÓy›˜§5½t­ÂMsÊ!á/’o´(ø‡B»Ê~ÿ­®—2~IéË‘&+—n/( ¬PÞx »u™ÊR×9†úoâ3¤žâð@ëEpð¿UŒY%iÒd½S[ƒü3ô(tÂc–Ýt°(Å1‡³6¥1WhEÔ6”jþ `k½A¾
6·ûg¢ðóLÂ=%§Ý‰lÂÈåîÕç¡NP×Rµ‚\/NÂ‰¯,#òóÞ”¤0Qp¥	\’ê04åu]Å 6øé°£0÷¯s3:ŠD÷‘(PO®ÛRª4,Öj> ÙBúº"mqÛƒÇ
6)7ì06ðí-äaÂF3h·yËÒáz—–4ùeyÂÑ5º:_.WŠºªN†Õlù[ÖRDµò³º?!Ã-zHKÃ€Ct—å&žzQÿ¨KìûŸQÿš"kÂê¡õÇÈu
;­Öîi‡Û~—6àR²YS¬B:ÊmÐ'm"$Âò¬E!FYØ?2ô ×!YáyÜåEÜ Ù'NŽ´ˆµ!–êù-3øü·$—ÙZ^.‘´e~¿<5ÍW&°8Ç˜cV?;Ï@¨ø°EÃÇ…±Ï(+JW¹¥q˜ÒÖ•P<QÁ¦‰ô<5uÁ0 Ö½qï¤%ËÊ:Óg@¿µÊžI]u…¦DœˆÖó“µ¦éâÂ¹¿%=qÍ$ÒâÞ+Y1½Oxó^	¶—lšÙ”dJÂ‘‰Ô‚öAR¶&#_°Ã>^zýÎdÜ£œ¯ïQXóp€*½>ô ·a3,Éì?qûÆ
6 À!ÃuIÄ0ýÁ‡¼:>ïáÄ´§*@ ŠÒw4íyfüRH)H1žÕ
uJÑ1É3­)Ôü¥B’M¿a5“`!ÂÂLÿúÌˆRµæ(ÔµøÈØRµ¸ÝvÞ| ñÕ£ÂMÏ/…Jx8YÑ!®òÕ9„?¤Õ Q„¼<(«›ù›—ð%H¬Î¹­Îõ
lû‹ÀC`ÇM(DRJžq!ª,!O]ÔR°M3žˆ­*õmä÷¨+¢N,®_‘6¾òâÌ]&`Q™ƒÄ1õ›Wýâ¦:%IX p*ÐÁ_åù¶Ätg;H”ËºHrœ‡CƒHo)ÆçÃpr!Ø®GòèÁ&ýãáå¥¦Åþr)OÓgM;¬	4óä²ê¾Âó§‰_ ¸K{éo/	MÏ(¸£+æ¦k<|å ‘Ô?ó¥€÷KÙû9ðQS‹Ë¹æÚ<²É\Äé-4Â½E"ÖYACwÕ‹ZI¦~Â¯;;Zóª"‚Ã•—3ÉLÖ…ª§C÷‡Ú:K˜a¤a£kR /BbgÚQa_hŠYjˆ3:ÓÏ`¨¹Š ß!Ðà?©ðªËÐšVo;þ•ò¢^:qê$ÈD=–DÖW“rrD~+y&…æ‡6Ñ¼8Ó'TFöMn[þ»Œ2Ûâ*»ª×I¥³+GÇo²)ºËß	7þÉUI†ù/<_í.’ÞkîbÝ:)K	ƒ°éËZ®!Xš„ÂýhXô½:ê£xì–¥¼ÀveE…éï…¼ E à*`³4[6‡ëve‹TWzY#­ÐQÇúù<=;—ÙP §KÎcU£Îýó£6LE?ÜßðäZyÉ3î:fD‰¾«mÙ'ïê´ÇÝmOµå?¦®(É”±MëÖ4/Õ“ßŒÉ°¾ð¯æmqÛôYÝ(kÆ…ðòëà¡Wõ€lk”ÓºM?i†VËMf¦Õ=ÞF? ©Ÿ’J	‡øa®+*^„“º*ôcÔÁGƒ¨íÄ¶¼‚FYÞ‘g2 ‹PÕOHeÛfžn¸ˆÿÛfå7ÌCÜ>çÏ‚ÈûMÔŠ´a§åü*®vn¤
pWýî6VÍ† MÙBZ°Ëè¤¸‰6À€©qH9ÿ‘C½·`Ï…X_‘x£dòµ™Ý¾±ªÝ_ü+¡L3!	+éH ÏDX-ÅânG—t!g²1ÖZôÃáŠ|K®Ú$ˆÖ{Vý)Co{Å†ãÊ‹8œ‚rˆ:@ö#>²Ì9qÆ(ï‰$>,¸»Þd67fßô&˜³ÐAš%0 ßl;’cœ©›/Ãq»"öúŸ{˜qñFrÊ~y?÷…é±Zÿýë¸ÕVjh‘ M¶^k–-=6q{_i	Ðùž'†¼OY Å¯R³	¬¾»­zã0_";>úØ¹¥w¥*nb¼n/œ}9O¨hdØÄÃ’øðÑ0-·¯Ì2V¯Âäþ:VG·ëz¨¸f^—û3ú‚§0vl‰ÞAþT¯÷wD:†EÃÅrHÒ)¦:ß–	0|"is^J0Í\ÆyTb>Q÷Ðg`H2®eðõ5{^#9ztÑu7,·0¹€·9z3Yz:‡8ÉDXdÍÈQXJ“i%¶¿…Ò*²¶>²žAšeZò;ÔÁÿh”ŽŠàZå891QyÏ|”î àÔ<@Uvacª •E³´…¥Ï6f3ZÒô/üd
9~i¼!EÜðÖÎ.¹ÇÅstp€2ßË¿sÜSç>ÇRÄühr<§—d._´©ZA»8õ’åMì[Ì0ì‹ ÓÙ‘Ë-Î™&ÿ¡P—"öb¿}5M¥~ÿÄ˜x•TûÖ%ëÌ®Ì‡JzÀ3Ì7‰úN_Qëp$*F¬»ßœV<J–ôÔÎjýåu¦œIZ§p*çß²H„(pÑISŒB³ö“ ;ÿâª’Kâcµá,ý¢#Zê“o¤Pâ Û{"ýw”»ê°:M‰c'ÆÜv©±á?ØA@AÜ >öŠ&b(msmY;ä¥CäT[ApøN#ã»YhSª ƒ§3Ðã>…8ÉÐ´WT†sÚP²!­Û(Ó¿j Eï£TÇ3;Ç‹.|€J1¸„óÙhÌ.°ËlÎ¡;GDUˆ$9Óf âíI?åÌÉq€lùsT0µkÕbÖT.ëæÎÌ:7¯ÜSà!ð3³š?RSÁåÉ§9ÜL¤"Ó=©hAð"ºÓÅ‚ÍX-ÂÔ²O¯–lÐ¶
55^æÎk·XÒR%W›nè²_B®UW^ÿ%tâkE×¯R£öì"M|6Ð©zJÜ©P™R‹üb{–\4­8ˆ@Ÿb_,áC!† J§'_õ¨]D÷HJÜá˜¤Çª”uõì¥ß¯Q…Lf±&2§Ž_É˜ØyS¦´,6-(“Ö.°v…7ÙÞÿ½‚Ïjlö€jOìƒŒ“î&¹Œôm|ñBìÕî*öó&švía÷ÐI²êÅâEaüLŽf·D"7‹°fêÉ
ÈÃ1ÂÖkßÿÊ™XÜìa³ÿç¨Fq4}ºà½ü„,~_0m3Žþá 3¯×lø¯±¬\Àj¯z+Ö:K<ùfFö*‘Ð×ÊáD¾:8»L˜~ ˆsaø0ÊÑ\iº‡æ,Z|×kª²¯ÞL’—ToÚbÂí²C0éd•dßD&ˆl]ÃñãPÇØÏ|ë¥‹0°ØÜÿOW<¸`#‡á-°LŒ™Í>€£P¶—]è?û¸#
ùþÚÂçµRj²€÷…«JS og°Gù²ïêÐJÐùÀC¼)²üR0šü¼)E{ÉJ®} ßU¬$Wf®u¢œp†Ä‘íÉs*Üò¾âk ù7¡<v ÛlÃôqRüÖ$Œµf¥ëàœ§ñ"~™Y¼£,ð QÑ í›´'È^vú²ñƒÆnœoyåÔe2rGI^qx´V1’dÀ c¿?˜!¿×yPl®ÅÁÆT…ës’;úƒÈ
ácWò4D¡„îJJR¿CV"kò½•€Ù–´Ÿ‡öÏ•	[/:ŽÜ	~¡ù¶²ú³öilS0-^ºCŽ´šph"ìõ]—¼µáá3t[`ŒÆ×öåX[ÓdqåÙ¶ÖÑP¢Žˆš”—%w#Þ‚UCkÁ‰‚Mù–!þ÷xNó~L3—G>+×uÝâ÷ëO¡>5rîø=¸NëÜ†¹+V¤›‘£ÅÚoŒøÁ>V‹ï|£‚-WcùIËOÌUßª0µå?bM±Ðû”H?ô˜\Hgã†Ñ}"¯±?½&æ
p\ÌàLXæ±ßýunð|•¤/èªÑ;\­ÁÏÅ´½€÷Ý¥ûï¨øy-¦|—M­Ki‘NSˆé‰¿õýi‰_Yô¹Ù8z#èõÅŽÁ°Wœ[‡öj÷å¥ú¹J-à'é³7ûêåÎZ‡ !”üK€348Š†ÑzûpM±XZÕáƒ/ÛdQgjÒò[¢–lF/0˜¬âD¼,hùÓ¢kÕooìÂÁÿ •…·^¯ÞQžŸcM*ˆŒ<’èØ¡|˜ó—µcïlæúGâ	¶0.„¯C&lÌ‘–WøQaŠìê­–¨®½˜ÿ})3Ë÷sAÀC`ŒÅd°Š¼IýŸ| ¦C~ÔÍÏÍqÎá1Iýx¡ExµHfs<3˜)ëO(³t}!HÍß8f®»™Oª‚é2õ!ŒOkšˆÔ#½¥¸àú6â¦á:Éíú²Pk@d½r]†2l©ÄAf
¤qã¿7÷ïùÓ79 þH ¶ ÒL ðJYgâ•òB¦<ôÍ‡u–ÛÏÏH@èÓË®3ç¿åÐw3Ó>ùnXf$^\¶P¯&®­hÑòi[	KúD‚2øÒÔÛrVÁÎR°”5øÓ+–R®5-êlõ¬X9ž&qoQsêZ¬âo„“×=¢8JK}“Æ5íÂ72Í¤$°¾;Ã³?¤q+CžEÒ.—=ˆ;ºVd˜|p1§b®ò]ûBÆ3¼‚ÄYôT=ú[Í<å‹ˆ?(ü!=ß­}ÆšäAaŽŒmó²I.%ªHOÊÜÝ5Mµ‚_6ãÙ•í‘‡Ý¡%ÿ>ñ@OÞGÀbý¨^‚8ë”ªt±_ö)Ã(Sä/=Uèy=ØiÅ¡eú æòstœ6v‚$ž¦¹]ÞÝ£Ø%$¨Úß?=“Õ T·y†sÄ $bŸw—p9’~çõï]çx¯;ëµÔ…Ro›>ÌAŽ±Sˆ°fkD'¹ù•.ç26J	íÄ1‰8F¿DL¨0™™;zw~«éô7Ð)g£û‹8íRsðƒâNˆ­|L£Z‚æ[ý™Î3â¼2Ý †=“ˆF«ÔÃ8o€áñRv˜Š˜î‡S‚åÈ
¡€#6O‚%B£îÆCRT–4‘÷ñíÞs‰çO°ÒßvG½9ü>Ó—LtØ"ÈÑá‘Å¸ŸòÜŒLåÜdð.áÌ2ÈÐ‰*£x¾§1æ&t4Ê+Á',õ¸ã„Û©p%õÛzü 5vi3d’kF™ý<Q_óq¯ã(ªšÎ…÷¿P»ÖùÑ‹’½ÚÆúü„¬PyNÌ¾E#ÆßÕä•íHä³M5áÞk³©EØ^˜6Úqö¦‰²á	XàPá?³EB±l¨©¿TÝ×†ý
õÿáë=g¥ñ­=¨æ½‹œ<‚Ô’~Ãã©ÊyÓ"1“^KŒg3ûöÙƒñ}ñU'¼éåpÆ¶ï¦ºUw}èËG)8¦úàÞ«r¥> ^'Þ¡Mt\»HSÏ4xðÜîFZD3¹[…ƒÈÉ{ã*›P‚gOqø2H¯ÂÖN¶Ø¾“Éôë¾dúû¨Èí˜¡²æ5W›M©ohöºôN(õ›ºu+(-nJS‹ÞzòXT«¾À„þU¾äÖ’v/ÝHÐg-mô½ÜSLªÎXÈ’Îb¯ÖÔJ˜$q"ÿ"…œ²'>…^0-(Ð[^J.þgÊîtnXq»oRé®>¦ˆrÉK‘÷lþßµæ· y!ž®é_ŠítVÀÊowS¢zØ‹tÊ}¡ºò14¾Äú‰µÜA2Ÿ§¹ÜL#¦nÒO8PŽ5iÔê‰;¬^ßÎ
ÿÝÈY#-7m“z2Qžwžœ›·–Ñ®#eô_‡¼Ø†AœrŒFÏT˜w>‹™Õ†‚‹’aøõƒ"9mA(%)?/­@;Áâ6Æ®Ômã´R½öQOŠRìÓ'ÀËxÃ;MÏhÆýlÑÃh!Î½ó;Ûbobb¿æ†.·±Il‡˜l‰@¨ýÅ˜KNÏY}Ìr«Dõ%gnãåà§¤‘”N‘ñ¾†X6R2ß/ÜYýÀîž¨„OPØêË?Æ¾:´8ô³Où+æ‰_y‰X€<`×ÉdÍ‹¾áý9½‡Fç×X)ýöëøUtRêûŠäk…¥¾²¡8çw0³Þwìï~DHÖ„ÿg4%jPÞ…F Š0	+ëù!ïj]>ûFØ"EÇ¡ØiB¤¼ßËwÐ5œ¯ó­DÍ/ª…`_uW€1›ÁÐ¨;Å.¡.æ‹ƒfª<nÒø··§‰ƒó=œ€(Sv¶!À@=
zvœ#&ô4ðÆÍÈð`·õŽ°*­3ˆšžzg)v….'uÜäÍÞúÀòøA5îìM£‚Ž¬ÖÝ7ÚÀÛŽZ±[P¸}âiîŒ¢|Çïø˜¡ç˜…ý\„2€†òe»(ï„b·å›A¿ã¢»d„_#9|Âª–]¹õ“Å'ZWþ\J”‡ÚÆìx’pÕ33¨hyŸrÑ “èÜÁ0¦]_ª^ ¥ý-Û¦ÂT>æŽê˜,Èôú:yõ@I˜òÚOFÊ°Ôû&¹È2ý2L_¤¬ ÑH*@Ã&ÔÂø¹X7Á×tsòkžNµ…U)Ë+Õlã'sE(µ¨Üp ý¿Ú¿hñÐÀ8Á¤¶3aE% ûœÓ«ºh;qÛ+]	}{Tóæ’5{VØ}ùÒò%g#‹´ÄÍ;~,«”CÌý™)Ì8àx¶–«†SiÈ.P_Ž—ÐV¯kÕ{ý_dL»Á
AÚâØèDº7_QUŽÂœlQD£¿þF±¯¶Q’UÙÖ$ç[…6GJ8ý-–*²!¢þêf_XÈÐør´ÈÔˆÓæ3õ‘!YM#­˜ežcƒüQyà¿dUò üšêáÏ¼×©ÎÊl†ƒzÊEB™n-RHÿiù¶>±:’C~.¤Ç;ã&¸I£ÄøÝK’M¯.Ä¤¶B(µ½4¬Êyé-¢åñ½X‡¿M#[÷EkÄØäa(I¥bb¯ßÊsŸ(;_§7Š«n¥LNŒÝzC.Ïáî§M˜Ö#oQ°mƒT6ÑÜ—TÞÁ"ïÖíÚŠJ¬å¤•Äæ1@U¯ÍÚzv	)2ó5”¿:cÜß¯/j·¯Ó‘çÏ˜¨ÒòÜàçÈç?
±Mn¸EÅp£NVDÅ[šUõèuóV+ŒaÚ‹ÂÕ$ÉæÁxÉÞXyù­frX¹­xYµ`zlöö çY®Þµ¯½óIrd
 $À˜ô·ô€wR˜8ÃùK–¾£¶a¡ç\qùÑ¶ý+7vÂÛ8œBÉ# pi/íoÄÝ?‰XÓª‰­lbWoÑÕ8&mžÃwÉ§HƒÚ9B×!/ï8¼×Ì“¶”ç0W“¶&CL‹ÃÏ–V\éJ[‡Œ‚LäKe´—» ( ´M&c”5õÆ­Ão=õ‚ˆ+ødÅ0Âí±K{Ò)QN¸<¨0$±M€”)U×b1Ð¬½·"@Oõ]z“ke³¢<]+î9/µÞ¨ìÄ7xR™¢¥(*xQ2×Ý	Kø­$¨ƒ÷cGñ÷]eK«ôIGYˆ~Bê£G<ŽÅz7)€S°Ã®ðÈMªíÜ_ï•·Æ{c»Ð$# ö7Wž¦Ënˆû îcÒ3í€Ô1ÍÒžƒÁîø0H!W'sÅ < Š¦ñJ=µTã€eØn¸VÚý@¦’°Á›áFYl¥T“@—0	5$Å~£%©œ*ÿ:ý’´{O¿Rê‹ÛÝÆ2E& Xæ3±ŽðkÞîE@šùMcëoÊ¨ˆæ»˜Ã@yO+Ý§-îf¤LâkfƒàFÂ†’ÓY=7¸ÿ*ÐV™tP*yÉ*p_2ïá¢$6•^^âÖîYìuÚÜé¶FlSæl-€
	õZ$¼*çVÐü8º«Jw+Áƒ¤ËUÐº¤˜¹®ýI©L@…ÑÐþRÇ¡÷ªðÝ/‡Xø‡M'àâHÁ“£oÖsÜq°ÜÚÖ*ÛWB#ß:ùÖÞ~mQiƒÅfŸ)Ž~ÈgÝóÝá 3¹„Ï¶EjûàäyDWvFtq¿Š©¡å,ª¯­sÅ0‰uÂ±Z¬¿®x–È¹ŠDFzÀ”P5ŸØ¾’ôå5s¶bêVDn£#*aXW45ÅßË
2½ÛØULÚ
 %¼¥5ŽîÜL‹Ê‹õ1÷’Dýx5®6]¢
¹÷l—+°ž‹m¥Óò´òYFó?2ƒø?ýkÝ‘ŸÃyVáB»0ënEõ©{ñ–F/mÕ^:èï8hb¡8œâ™MHä@è¹šÄÁ+çsØ¸Õ.¹ÅîîÊÖÕ,†ÑQj1ËšÂñŽÞ}ï‹ò5@Sûñç†ò—®ýX%ûl€‘Kv›TpÆUWÒ‰¦á—£hHév­(X)Š	5¶¡
$škóÙçù\ÁŒºtF
–-rc%)S{ýæ'OÉY"1,ärù8ñT¿s’„DÇÐsBã lÞïÛÖU¨²,FÇv,þ4ÒEƒÒÛÆîáwÛT rÎ•FAnÎQkîž[²rå/^¶‰ó×;ÕŽ#*÷¼Ü'2ôÍÝ–þiîäÿÖUx`JöbÝSóÞ‡ÿ$ÎKéHO±0d
Sü\Vû\¥jû}‘YaV{&ˆ|¯Œ\ß—ûà`n»íHjrèGq_áÞ"ÙX.;÷%ZÌØ|—)WjuÉåý…¢Þ«ô;µº±@+Oûs£g”	ÖÑüQà5°Æ£ê¨WõŠ´¯<sN¸#£H¹{M,—õÀÜuÌÿî¼íxyŠäfZ›Ò#ØG÷êo¿ë‡V•ólœï+³]úk*@F†®|g¥"Cex,ÞŒqÎû¿Àé-™ÞÜþû€÷²`j`’”¶Eqûî5˜\i•»yOîXÐopxýmM D¸ŠWkøÔ2¸ýlî
¶¨’aDóJI¢Ëíiõ7{¼ïFsc¬'Å9Îze@L*#‡ü‡II9¹0ø7ãÀ@·7–f[ÝÔþ	›ñ†‚¾3F%C¥Û„°£.Š*¸·0c§9½}"$ïã<Ä¶eã+íª3I=žNÝ¨!›˜í¡Äº¸4;ôwpS«‡RªN€þ©Ï¯3a>ýÕ::WµíDˆ›WyF7ˆÙŠ“4r¬ÃOÆõ:É÷«úäQÝx¿u«7ÞPÛÅ¼0H@8p”UŒNc~¬À«zü2G<‘èíŸ¤ÓG2´Ë f@ûí¢é©Z^’S’nÖLnžÀàÒhJ?ìL*˜@Œ®ó˜îå¼tß¼!ùwo§áƒ[-±8ôßÊÁèÓöŸœ€z§‚Ý6Y©©^lö$¡0ó‹'og½1‡Ôðývç¸G³#ˆn†ÄNlZhJ L~oÌƒPxTU¹82ŠÖÇoŸÅžŽè[žqªfº´/6Áó†8oÂY#Í³LE)ýÇQo~ÍJ"TíWw÷£`d{É]kFN‰á¶¶’­ÕgésØ“Ò^@¦dHXÝs½ë%E¡"eSÍôÖ5=XE)¬¦-Ž‚ÃÚNËzäC‰Œ
b=h¯ÁÛ6kÕ}{FW{D•Ù>ÓÙâ¿ò7%§›÷”ç>€<U
ž={˜ çÔl ì<ÉVËÒÙ~îi/×ùv¥ØÏ6ÛOxÛ2½¨ŽPlèKÜ_n.Ù¤0»DY—UÝ»ÁgIPŠÂQåóƒ,¹½bÄ…nHœbâ}!ô-?•Á[b#3OO&d,n¿x»;aÈõDÄpAaêë{š! %úQ»Œ¨Mgõ&ìæYª;&›.<ÐU×E5Ú‘p…ðd°“;C´Cã¥4_¦†¥0˜ ­%¥­ÊSSæùû%ây­;e¤e^+t˜‰/±í=ØŽZÛMÓÝŸé	L°ƒ>1ŒC¿:‘É`—+ÞEA)=¨"½é4Vav:o[•äÓß	^f»²Î§%îaågQÍ#pãaRï|÷Ê…7£“õí è˜`Kø©Áñþ	ãb‰²¾ÛÉfez«R€$Uï1zl¥¥>H5`ÆA££Œu…ãß+Q‰¥³½ü P˜¯úš¦g¡³Æ‡0ÇÐÞþU$¨yÛ©ökµÜeñÔåöâ~óu]hL§Ö,Üãy>aõéF¿×÷™Æ­žÅÔð6â&œ7SÂïžâuq%ˆó á:l1ÿOÙ&ô%<ün/4y&ÒCÞÃ ü"Ù1•‚íl¾Ä¤_äXÞw¹NÒ=½iý¨#²€Ë‹½R!§4ÁéÐöðY¡}E¼”Kz´gÎíÖ6ôW4›WœQP:-m¢¿w¾|‰*+×"Å<‰÷ô5ÎñM±”GˆÎ/¥£—œÒšÜ@/wlÈ²«9øk7ø¤;ŒéÐ{´Ð&=/÷É÷–Í|[£ƒÖ2åô™tlýœù-™¼ ;ÈÊšgÁ•À-“S1ÁMÇzÉTÔ½/e¶øàØï²x6f‹®¹VÆfóGoè=Þ¡Çr†a‹¡çîƒ	P“`3Ùën=]i|iìtLB,­Â6úJYn#dÃÉf£ …CÌ{xÒvsÕìÕ'6t€Y„~uƒšpáüê3³WúàbÓ>Øê›Ïa“ÙpeƒÅ'¬+Kæb€ia2bËYÓÐ]9ö®€î{WeaúLûìð/áÙXÒ+Œ«âý3¾vm =U À×½¼nf%â½†ñ?1œ*0XÍÌdG¸}™ƒ8c&`©¹TÀ ;5øpFa´Åq&¡4Ýf§f2@¶_ì`{öþXßÏ˜²K×Á½UM&Qiº ›8VoÜ/â÷Û¾É‘[lõd¬e;¸ºËV_)!€h<,£Rˆ…½•Îy)	ÎÎ~Þ~W¤o{ç½Êr=SÇ]½ü&V}6øÎRjUæï£§~5·ÑöE\°ÝÖê©‚ú©`†W%þtz~kP1QÓˆ©ÇF®„¹A°®j*èb¼ÜÔù
æ<îÙ-÷˜£„Í`
ÎŽ<¥%È×ÑUü¨¨D$XZn¬Å
7òeÂq²<—ƒ Í²@z£"³rðŠ¹qbŒO‹ÃY<yœPZ(ð|I:H¯Ò×r(E–ÕyY*õèÅáÒï#&¡`zðM…VÚSÐ'°J½Kåc„¿½Ü!ÊZáÛ;sŸù„êw¥%²s„…þlÙÐúä}/l¿­ßI£Úq˜Ã¾Ö¯ny›,V“N“zÙUÛô P¿’viÔ}ÑŸE²O°•Á·ù‹á§ü‚ËüôôÂÏÈ'>þí”OÃ)Pez¢oÝî:îô‘2+¾ð£T‚Ào´0J.A:gVs}+•¨¼G*K9UŒÑLŒj/eæ“ s&¼æð?7 ? 0£ÙQcWx²MÑa˜G<‘ûö,cäæ'_ í‚¹Ë+››äÎû^[&ºM5Ï7¹Õö°=›)â÷ ­·B4íòd£Û€„équ¿>ðq~pÿˆÀ<ø”£çþ.çyèCÊH"zà±^QkT~N9õ«C*ýÅÝëD3*7‘~šGßÄ[ÁÒœ(É&W-õˆÌöëÈØ†ž¬À?>bÈÞq›2™·Ä®NþXù £rÍB«v{§ôý èYNÉ¤jt³CQ´Ôï§kÒtc¨sDîBàjÛ8ü|€>£ŒÀ†C5AihWd[²Ã¹åå>Y½±¥t0ÇX–ösoý@äÙŠ§p·ù„½õ“QÍÝ^;7Yº“Új_Æª.Ç	9Ÿ‹«(7ÒtX­ÖDûtýŒ¶0¶ *û£#ÍÚ¨¶uâ¡“x­f-ReÈvP2ÑÞi2Œù„ÆÔ9ï«AQñ4¼5´rÁh:üßxzËì	64x àòRÉÆB$'h¬>£yÅ¼j¥>››D0bvu‘4DWãpä¶•³óqò³$~–°p\‹¬ù…âbìíN•x.™v$ïŸ+Vµ8ßí–T³¾–g(äÉ¥û¡˜\‹6Ä@N¹Ý
"ì+‚i˜²K
Ø­àžá…‚"ûœºneÖ“®ñmt:ËIPÌ6Tè%0M2?$D(VÖØ˜vò«ám±Ämš	w“úE¾’ÿÆ3ß )X"=$¹ê·¥n¿;KYcvê}©ÅOÝP¦Àïç±DžfßµV¶¤á~ñMÜ9^…Ž±¡®÷KÔ‘hð3²d"úÎSŠ*zûûŸ‚}!zó|Œwb×ÄzL¾"V›ÂkQm0¤ýÃ™N4LÇ·¦¯
µëØ è5¸ª¤S‘O ¬Ã]0«î2ž2%?ºª"1Ò
GEEØxY‘õQëç^JêplCÿÊ]Ë%Åö=cº_ïRåÌìÜ°RTÚá}…"2± â%`€
±.úÐ‘hº-ˆn[ÃáUð2•cJgíF-çû¬Yâ
TÎy;]»š¬_®]í”ñl™AC·å=íÁ.À-7£Í Jz]XìÅC“¯E MO«ñÕV\ÂêÑ›YìÁ¬‘Ñó½ñDðêý…Ÿ›°@›;–•¿mbþ²¿'8eÞéÖ71¢G#ƒuËýSå‰ñ#ƒÞ…35{–iM\wS¯kÎVJÀþ_Tã2xn!¿$ ei½ùÑmjåPº­—<2€c,òáÐ‡ ÔÎ)¯påÆç‡eÿå}àUÓÜ;'}0öxpxÝ©våð¯­­áÿkÇ’ª"Å¯{­Í5[Þ®åõx‚b¯ÙEr¢5Öñ±¦ñ…¾þBº×ŸWÝ¹™JLß*™O.Ê”zîhï4øl†þy’uP Bè t[*`¾Ÿ×ø{·øë’{•­N„\Œ'd¬^õ hºBÅ/;³ÜŒñBƒjêÑ½aŸÁWØ¯TÂî‡°ÜÒó#ÀÔ•˜Ül]µë¿y~'ýmÐIÅ½Æ}í{Þ—1¸x` y«,h!Â€À)*Ä–¿Ø®Ï ú…ýÈ•ó¢¾Ê»a¶%vSŽBœÈŠ†ìUþýŸÁ°pÂºŽ¶šìå‡ð§4ãF—À|ZÐ‚ëî4GšÿÍÐ:z8_ê$ú­œmÄs§êÓß]yÃV	l|ÎÊØáPQNAªKë&ÓÎÿô…½Œe²˜ ½[›‰¢xl¥R‘BÉÌ"‡`Y>+"Ä‰²ïòE¤Ôb”zD|”hm+;ÜŠÑ[-€&5ÎÏ¿/Ž>#øZdG@cøRï_2|[@@Ú'`ó%ZÔáñMô¼ï"ìbÐàv.’&h8³„]SÅ|¥è_¾æEu€tRvúoaâ<—u$!`	Âíß|gEmä:PôªJFåû)|æ©VŸ;¹–‹&^øWSî—E÷šSÅxÝë;¦"[0ò¹¹äpêççZ{~‡ ª?Œû¸(îak¬¥ß\¿ŽÌ²6×ÆŽNÊMdçËm±+ºÊRµxÇûsj¾”&	¦á¡×X${~ï2ýxó;’ì/¡sÈ~ìq³™Üs¼Ž‹æuE‚I,Áé¶r Á%	«·)ŽZÚöm½3'´# $sá†á”fÃ§3©vÊé#dlP˜ö56š¦Ô£;…ËeE"H¡åø´N­h{ôN÷S¸	¸-K"ð½Ì£=+¢ýtœ@&[ï¼çè@ÉPyŽYØÉyýëbæJkrŸ6Tü¯—‚FÑ@óÉ‰+€@>¨Ø„¯XëùÅÙPaÐ0©ˆqIÞ?Eg¯âc¸*V{±¨6¦fš\Ò=Ñ¨Oqô…çcÉ0uC¹Ë¦à(®‚Ð|{`„^Jä:frSƒÛ~Q8Tmcµ™Doÿ–ÜípˆÇªGt¤YW/›ak£ÑýîŠà5º!­6“SÖZ¯Ëlu:ÐöT—ýëç¶YM4s†)sd0Y5
ùŸa¦ÓàbBhú]ÔC—4ÑRŒFpÑX| ¨3ÕYhÿ%`æüŸšÖ¢üûø$Ü#á^k+ÑPèRßIfyÇ¾œŸâøµ€“ÝI§pÇ›-yÇí6Rª776ÅÏÅ*)iëíØ*¥Œ º˜3Ü„0mpÍî£Ù$é³çP'2Ö¦J:âÌ…•n¼\–Yt ùke¨6€VÑÿ?ÉËÔ‘?ì¿µ)_:Ufc	}îÁÒ$¦&«çv"a¬~Ó|WÅ­ÌÍO›V«p6Úœ•ð¼vå1Âzoh¬¸ç2^ ü«·‚+îÞ¬I/°Á£D€WJ-Û²Ìªö/Nv";IúBªÿGfå±¨D®¦Ï¢È{Kñqé_#sOÞDfÿ”Ûú»¡‰–Ž™E| ­=ÐÐSÁ©u…î™ ³B™Ñ,>½[6	³“:K0Á>™B’’Í;Ô?O-Ö/`ôÓý~õ½Ý³ñs—öŒk}ïÁ©>!Ã'"zCÇ%~ë¾0MLóP#/eA¦sŽ¥ÉÚÜs‘l|ƒ#g%*á‹ýŽøgF³dÜ¦Ádâ„1µ£Dâ"Ù,¾}öÙk¬ß5wÐÙÝ&–ÿhC&È Õ%¼4è)÷Á5DäÒ­›°”Õ$‹8,ªÖ//9\â7q¾ÇfÂ•XUý‘´8qß²a<xÃÈÎùKÇàÅwtà»ÑUýfõ m81ÏúInñAØÆ†^Âßõ½nï‚e5Êf]Eð½µFöÆ}„âá½rž›nñœ{ÞÅ	)jW2QUa‡™<Öo0®›»;_{pÓ·Øà7fx;ØÈÂµ`IéÇÁWÎá;U9bœÏtixo#ìN¾#-Ë»k€ì¶ÌõÁ~j\Æ7ôx¹³ñWö¥A¢>¤(¼Fß3_È¨@%bIn}7@<›…PÞ˜Ó}Rfè7nÖÀæ|mÖŒ¨¿^Î¼E‘Âô34«^©xôµ£!Gþ¢ *¸%Fæ¬Ÿ;‰ub’£!œ8»ÿá$·}-†n¿¶¯ÊÑ³$QÎÙSþ	ù-ò-ëEªžþë†È­qúÇESñY7dÀZ‹mÿ¤0”8,étŽÿvVmÏk´ÕS—ÌòßPèëI7Û¸àÓ¡U7GŠ¸çwShžåfµ[xì zcš7EH†¬„ ¹ÍÇ¦¤¯^±›~–qz“hL9œ;¬¸Ðø¸(ö"VSp·:Svþmñ‚ý€"DÈ¬¿Åê–Ý:re,Y}–¢.È?Y#ëãŸÚ_áT„tA¸LX61Î7U‡…âhû`w‡'–Œ^Â‡	M6»y±UÓo‚È¶…“«V“i^+(ÙÁ,îéf4úë`b’Ì¾F§Py}Wÿs²;Töö­¬‹æïÞjèEc"_WoÓ€)NŒ2ëÎ¸‚*Å& ­^B°o"—ÎSûpÅé9v/dÑ:‹­€ˆSÑñ-¤ZÔèŽÃnê”ÏUM`QúÊ%À¤ÊÈÀ­ˆLÂFtVþbâe„€‹Ç1#»³èþ8-o‚_o«Àî6]&5 ¥ƒ¸ÆI(0ÂËxåˆ*UO1ù7eÓô–à•ŸüG'™FJÄÀÐ(þm'ôS?pD¥µ®<Ø¨<Í=^â5=(>ÝƒØ2l¼ÌñHå³¿PbbÞþIŽ›™«v ó}øŸ¡àrO@myÙç0äµvh9óòã•­>œÅ»æHÝ¢Ÿº,é›—É´­Ä—…‰80×oO,Á,ÖaìžÃUúÁá#ß®ªÝÞS«?ü_å†pÞvõ©¬,T®ãLñKñ<ÐöÚ‡6âÊæ
îÝ#ÿçë¨ê¡íøFVEö¢ŸÄb|}iuSº4>köÓV×™s0ê‡y£s,¯‹ÚsÆæ¿ä4¢«_¸/eûš
¸ÙÕ¶Û¥h)GŽU•”¢Tr$Zyæc4-^†Ó,˜øaG,¿–	wOJ:ÖìÏ[SY‰&­0S–ÚQô)¬hàsRÚÿlÇO[þÃO`î§ e¥ászn3Ü1,#ú\ÔäÜ—qQ´Q€Œ&þãÿ¤ÝÁ_Ö3±˜ë!NÐã~Ä=ðãÄÙòÝÊ~Àf'º`+Lç\´§%¥*±ú„¹˜DúÒl‹'ãÀ0.M?ÖæÌÅ”TF†G´tâeÊïñ¬Q’«hE|óo”é®þr§0Oût"i¢“JºENuä±@O[~@ÿrÐp…0 ûB4;3Uœêj}Æ=¦Î_4Ø‹RÎˆ"mÓ+ì*ŸïrÜÖ88gI—¨óÒ'Õ‘@‰—Á5¹î:Ù¾¹¥xLæNT›AxüÔ9£ÒV¿y‘gD>Á9s…q Pô…ËÕñðPUŠ1a^™'J.ø«ô2Õ‘Zœ˜-"	®—}¨êã^Á:®Z£¦¼Öxrr*?íWÅŸÂm-OUÆe¾^©|^
0ÿÀœ-œ®íd®w§í“î%”öV°µ2)/[®(RËFþíV (ù.þMnø	N&Ý1Çkí•SøˆFˆ°tìøRÐcê5ñNÈn—B%]˜¬{¹ÉÀl Psb†|áÈ(òÆJ¶Ëàp6ÿGbé~Ôq£ñæçæœð8pƒ í›ó?×Ì“AÖs/ .»éK¢eù—¬F®Á9:èW)ÃQezŒÎ´¿ §DByñx-638§Ä÷x3Ø`Ø¢ø&*¸¯y—Ë*Z	eÛ³ FàÄoºàGœxŸðÐEj‡ j1¥ …oõÏ…ª¿Câc&•œa3Úo–Àº÷¥6v™ë*ÇQ¸øAn¬±÷Œ×VßnuÑ«\j‰ÉÒ9®3…ÊQÚ¶%8rð_˜R~5$v—D!€!”çc…®e½'e?CöÊD0Š…NjúìßŠQdMÀºÑÖ|÷\³¸>ì”Ôù’‰N*±tZÆ79K‡–…ìø(ZqX¯hx@t—&”o5Ô°$d^ÁÀ-ã‹~^wªÛøN–H°´Á†ŽAY•ŒL€]†Ùo6µºOXE½I*Ì/ŠcÛ@=ìÏ$¤ï®¦\õ ­Ò€ŠFrÚí)Ó†ú=ƒš>Ìq7‰žI#ð1>©Ue®ú!¶Oõwu¡Ñ_äÆ¥·‚…#h—à¨»R”ÜÐ§¾6žÈlôwv[äíxìÄ ¾.Þ.|×*#L±g˜GŠóA$+°¸´Œ3Ð†¶U2òBeížÏŠ›Ån¯æE÷¢Caq¼»F°¬Æ'Èî“ël ¨9RÍÃ„¶ÎwOªÁGÎ¯ë@3ýÃ…lË Ls¢Úÿ§oˆM^ û,ùƒÊòõ\íEa+°Ä}ãý ‡GÆÁËbã±·-P3h7Âi|ŒÒŸÂfü|)úèÞÁÓ‘=qm¶y<h^Q.Úˆ6ewÊ«Ç±¿ëëÕ0evHü?‚R={0Ø*gF	E—mTP3‘wKÑÅ ÄžFåú‘„·ì	¥ZàYÅÓÙ•wC
bðéw¿óuÖÇþž¦>_o]T{Báï±vºJ¯6T‰h >Ò·tÛÑ-m–Äß×«LQÐ—øk:Àx~	¡à`#ÉÅeqýã%3æV%Â+`²îvÇë”šT0ióÔAªÐ$Ê2ÀjÔ_·jçî€_aÍ­2ÛeRy8:vREÒÖb–ÅˆÁØï7› 2‰Û¿j¹-ä2Å<yÚÿ³C©} õzyÈÒxf°»Ä¿É"öxµ¶-Q¯¨jzXJ{€pžç¸¦Ë&¢'þõØM‘âëìoR/Ì'—æÅ,Ì-¤ÏŒ2ÄjšóŽ
,Ë£z©Ÿ¡‡ÞRtÔ,œÒ%¯è@•v¤}3¸;?Œƒ…Ý_ÛÌ#yœñé`¼ázUÀž^?œEnéÀ‘Š²ˆÍäJäJ½FÀóªk/ è¤h·Hãû6|±ç6–©Ò+rz„Ï6¢IÕvi¹P-œvö*­LÄ†âjB$ÚZo!õ/[5—n"–º|þ<’%¼bb:Ö†ómÓ"ýw¥Œ¾p™¨ëŠ!3È+gÏ>ßá…Ð¾´TØ–h±ŠE&	(JÇj™lÛyñhWšæ{.>ñãÕìuOôbÕË _D¸´½>«!UÛ;ŒZXÃVº7LâkFÐâÊž×Ê;7ÇÜ<¹¼·€—ØMÁ§°*ƒ=þ-¬7iRQØ‚ÐÖ‡wÓ DZi’ÐØŸkGûiQå5'žÀþ§Yw…¹¾þ…ÄÌå7ÕcíZf[ÆsJ˜Lo0½¥öîïÅ!Ù¿V]DMÓtb2ñ“ÂìÃÜdö”ð)¬¨MÚyç–Øk¤ÂÉ¹w§8U½n¤¤Û²ˆc €Ïtæ°Úñè77rWlâaáSš3ú@´pc-÷7š1Æ´°ï2…×5¯ÙSs³þóZq¸¯ÌrTzÉC@HÑÜ«ži~ä¢êÎöÊ:±j§²Ž,_lók›#æúÞºŽñþîúHsbâ13q4†O»ßzÖJV"„ø¹ÝÈH¼·³-²\>Â:b˜ñ)VÃå#¼Ì(ö5Í:œuœažÿ¨Ž¾Ø²¨%–hÉyR×7@c`4Dë­·^•«¢ñÿÂü°ó
¡­JÖ2³ ËãPÓx…Žîz¨éwK·Ê,ï«ÌêéÆÓ3×Óêè²%˜«¶¡;§ 2ü­XÕ˜§±ðÐùië)1ñMòD(¾k¹´<:6–ŒŽÑN )¢LˆLX¦Ï?ÛaX\š;ä·Ö>š,ÄéØ=Q“G rgšƒIº]ÂóX÷ÃÊ‘½RÅMÌÇâÚ‰~!»2òÄx`Òó½·¶Zrˆtë¬W„¬ÝŸX¿ •¬î#Dõ’™µÒ‘j^Õg£ÐWú]3ã×nó³Í*ÔrOÞX¿yóp¨ ´W,—Çn¸~ßl§ÒhÿÒ°Q´|6&päÐVEó¬š^ J
Šß4çt4ûrg‹œGxC§0Ü9¸ÒhVÇ=Z¶Vle$-²ü;Rd›«GÞ¬\«7\`ÂÍëˆ’óh#ãEÅE£kMSô_Øñ†}Ù5†f•E1Ä :ËiŸTöZmÌCeåM(“qÜ‘3OK’¬
$âäŠ)qJ›ÏHÉ½JŽë)	Ø	M$©§½°ÛéH‹6¬éî ÆÃ¬âèÜÂ@ÂrNûTIt2CÙhà°ÕÖìEš6QZÕæZ(î”°“*ßGoÍG²]þð†’>ÇWÁt1\«ºd[Å…t¸€Š„Æ\Ø Ú¶®t¬Wlƒë½Â|4U ÷Ó5±ê ìñGÂ ?/ã'ÅuÕ¼Ö[Ì
ØÔ¿2“QtIc‰<ŒQãÁã2jt"ù+xÅLöì|Cì¿]F˜âÅG&îwcÖ_KÃØùCH7·«|àUj^þ ¦žWÞÔ ‹ÕŸìÑÅÀG÷'ÛÐÍ}(%‚¯¡D^#Õô –nYÔZ‹ƒR€÷	û°ÞAàDcÏ±ñ 	<^9æ£­pš+ØWp	,Ëx|'1F?xZÄÚ$˜iŸö	e'½žÒÎÝ"£"–g<ü™:üv¼«ßwz¢€NOV{qIsÙ´Ì¥½ä¼]ÉÏ ŒÜ¾­jÜ,z[Ü«„Æa&){éË¬ÿ¥’)‡Íaå‚jNzJe
ooaª¾¾ã±GçD„Ï,74Q\ÞSW–ðmyrÓ=9=ûE“L‡a¶·MÏ&ƒ©«O6<¬_"|…É‚ICî²aã¥B^b±m¸DÍ³ dE,þP=äšÕ ž#ÒYÝ#+¡ÅI'óÓGŸ±ù2ÍKE­~ÒŠ#E§1Ð"Ž˜˜ég–Å Ý^ËªŒ‚ UT‚’ öyò`‰âã„hC‡!%wÝð*þî“Òµ–ZÐ’Ö€"Ê=Ó¸Pšëµ­#gâÆ SúD¬d8ÇCr‘ëÊmšÄ7ß6ÿ eEÉ²‰òJ¨Ðò‹æÝcSý¬ÿ>«8ðQ3ÓÝoyˆ¥B£uœ5íÌŠ¬QSâÐ‡UÈUSbƒoð*ä&3Þ…H4
¿=L9Ÿ¸EÂF¬†±ÝØkAÛ´ Wù#ÒÅxãú5Á¬bR¿„NK$a·j	÷ù„%4Åô(½_èŸÍ«i	Ô0C÷‚›ª§rT¦ÂâìøR«’àCƒòTYÌMÂ„&þ‚ò§ïI>ñ8ˆNôÄf¯CÒÈ®ëZš…	˜ÜæEƒØ.ÓXdœ4/¼5³•_—h5 ì £JÔ°ÀJ+Ó8É¬˜û²è*ìXU‚‹Å¨0½jVs¸Á@ÅÃ!U=t„" Ùc:}7€!}r8ò"yUJåÒ]ÍIø¨DŸÊuA_ÅckBÁ0Ñ\ÿàÔ´Œ°"{Ú}ÿFÖ‚'(ör›lðzº¯ŽJn¶Cˆ›pé¯ü7j{¿Ÿ«cÕQ=h-PO(t…{ì:TÙ¹TN6’ðhvs•wüMeþS©ƒù 6ýyHÓ*B­+)¦ßAŽjŠòZð‘j&ƒj¯gè"Oö4-Öåðcõƒ$…9Œ
LØp°VÆ<cáålÑó¨Ñü6ùD/¶ajõÏÏ´‰Êk|1ÒïÞcÉtÑHHåkJ€­4[çoˆ>O”áŒUÍ,B+úëSø1g¹ ¹ºÅÀWˆ§èàòÉES„)‘þP˜˜àMÊj+Ÿ•Ÿ>t9ƒ\Ì]é³ã†ÇÐ…Þ #ÄÑEçè§ð4WÈ!1ä^Jø“I¢µßaðÍø¨U§¦˜ƒ²zŸ6¬G¾Ê¯BN­p'tHV†oÃ<®A§*®~›)m¤Q•Éƒ-Ç
€uŠ¨ :@±ø‹’¯Ÿñ-¤°Ú
ŠA6p:Ü”“P;§ÿ9ï"J†)^•ýšT,¢K<hã¾iœLÌ¤H&:—žÁA/†!¥—Ã]jÒ}‚<C…hn§L×‘|éê¦‹±víf/µnõïíž~³2,sÛ0¦tŠŒÌCØC\eÃãŸ™'š_ø¿q¹Þ·Ùy6áTëŒ@ø‚—Åõ¯GÛ0z¯¿$Äî.°D#…¥æG,ù«æå/áa×_X~ Ä±=sÅ ppU$¦ä@ûÁÂõl@ðÃîY>S•(Uù BƒîJ™×¨ãpPž”ÙcÛº¥Ži˜l/’ù¸\ÓÔ¦	ðOE«s¿Ÿ'“>	 -‡¦ÚýA<²5â z¢²q~úhw
+V*Q½×ÞøP×ÖôêŸæÜF	xNŠ_V¶y¬âZd·£MúìÜ0öéXø”n·ñ/ÝÔ_=È`8q ƒ„›ñKìõÈeîÖéÓM]LÈcs°mu‰x¶q6d¦ÕeæI2fCš^Íâ{ñ9™“ÓÏÒ/òQc-“"3ÝYã(Í3U°ÞoaKú
ñ7!Prp•òÄ‘&¼ÎOoC×ºÈí¬ïz0Å÷ÐB“ëìžÜÝMŸ»²B'èÎ§nƒ*—ð=Ï½'W7ì™0’Šsuw*[Ö'¨¡vwçüùàµŽòu•€5ü˜0~‹m9§ÉÅ¨ð:,—$)ƒó¿tÚß(7"å«ÅG`Z£0naÉÂ_'0óÇÁx—ŠšÔá¹×¾ÛñØxµúdS›­õ…„ßC1xa>*?æQ+ÂÛÍ[ç¤GñãûïA¿`zž¡¤±s=S»¨›A]Îd¨’ô”@&Ë–¿"Rå·5´uñ
'!Þïl™5›“\@ìP±ýÀ¨&»}4.Í“š.¿>°€"†ä}MÒšâ¼7áˆîˆâ‡kAý<—G£Š*ØÄŒAšÑû‘Pa#G9)³3…µ:¢@‹7Uå!2C#>¯és^‹¬qJwaÉAM™v¿?L”&©iFëEîD^,Ê`Îˆ9Ë]+˜¯Æád½}©[¾î)RH÷z_Avq`Oc,,zYH×â¬ËÍüäáùXÆŸ"Ö‹¸åŠÜÐŽ[aò¬ÀBð×uEA÷±²î‡T„éµFòÓÞpÎsú‚9J5¯	ç‡«^/ò«¬q=™To€)b2zwlíï\7È¨õ…\&"ƒ=ƒö–¢Íý‡TjŸ‚zWo¦ë^Û=EÿpÒSD%%²ìà¤æD€~Ö¨·"ÛÛCEÉéƒìh9ÊSy[˜‰~AÇ€Ñþ¡r¬ÔÓÿ·&]ÁÐÀ¤æ]ñ[¬Saß–‡0U¢cæ“:†lá(ƒÉ¦Ð"¨Ó3;\‹‚™`Ošêäøõ$¬@©³ÈúD²qU‡‹Îóa³‘/eÁÏàÚ2»eiâ×eÎ%œ…ÞGg© ží¬øèl¯¿ÚÈË‰¨"–»uBL3­§¯ÞyüÒf¸7Šq&îr,IÎ8ÙtìÆUoŸ£øïŽ¤„²"¨þ#*ÖTæ–—”Pï‘,ÿÀvè§žþÔ£‡£·àÜ<dÍ#züaXEÂ‘)$I{jMP=LdëçG¨KŽ¨V¿¿²‚ÈÜôTÕhs ó)éÜ‰÷kVOé…‹Eø:C¦™‚XX*÷¼ƒÞtÝ“Ç3n	â¬Ü·NDñdÙEdw^Ð×•&ôåew§Raí,Q“SÚ±$'³*äÎa^âBÒ(>LU¼/‡##£E¿¦‹$¼AÈ}tB²$ÏÍo÷Ð8ÛMx«{\ÔÈ'¥¸ø?ê¬uá×!‡Gã™§KÅjfþé¯9bzôGz·ŠÃf2aÄ^å­vãÈ³·
! .à7'a­ë\BÁÓý¾3TZùã¼$÷AGñÜ¬Ó×~w{—ïv0ÃeU÷Í—rðOŸ—]Û½Ûø!fô<Ð¼D+\[½¥,=#gÄü¿b Q	×®¨VëáÅ…iº‹[ã!€å¸/rÍ÷þ} }ß‚5«ëÑY†Î¶Dv8JÞ±p!ÐÍáy'ípàÃ+F>Ò[“£ºØ0ä@chùÙ¶`šX—SÖ9BÓcT…w,Û£|Â+Íç‡ZQÊ7F“%”D•m}t‘”vQd|'hcg8|eî4¨,úÒ¹¢„erê¿W„V£`
¨Ì¶«M“»ÊÙ{çYñBŒ³®(ü	}"¸¤+chO¬´µ`ð,ì65ö¸”n¦k=Äó©$ÛÒHE
žaÊz¨Þ©U›k¾¶\ÚÕ&ßð·{çmœž³ ^uB2m´•Y=Égé%[r ¯´oÍÀ‘Éó¸¹ö¥ýdõ2ýäÜ£|ÌôLå'?›ygŠãŽÁUÍÙ¹7caî˜¦Æ1×îV½­©k5­`ÜüV,ëiX¿M½oÒjË{b¨SŽoà/vkÅ1säøÅQÒ¾(8où¬Ý®D*þ\mådwÜ³I¹*Ó"°Ä(î‚0ÔøO¨3ÓÐµ|þé•é7NÖz©q L“šŸÙ™F¡õÞ2U&ª¤;ì­BÏ­#R²¢…=Cá°3ÄÂ”8šÈ3jâÎ]³³òxvVì›•BPO¶6=		´e¸Hï^åacjg]lV¤Ñ6™þxµ8€…€íœßî(‘×ÝÈ"™ËŸ):™R­h¡×E>/Ú<û³uP2¨×%×«Oø!8'‹Ý¶h]‡¤L±Ïy“}³jzÈ»{É„‚´;ÙY¢‹¼-Ã‘ãùÕ'+ƒ^=¬´¼Ø	Kî‘;BX#¤‰ÿÀÍ2«5{’®ºxf°S5ý|žð÷_–œgAÎÎJæue7%U²8˜0Ä´KŽßåÏsÒ³î„ù´D7-“ˆ[Ääˆn‹öØj"{ö‚üàÇGù0»é$j]ÒR™cF‹ojxç¨’l)’d®~ûçž¤xØ</a¶Ó.FÀ…˜qð¸ÇÝ†T@š@LÍøä›ç^
YJã$ö¤ÈõDµÌÉ³^­ÓÅÓÒ"#øN=°LÊtntnCM²+Ï•«PV {|\ÿ‘|› 6Äª]–J7IrÆ8\Ë,	D-*’“ÏMçV=Õ‡S?¬™kµÊ—š´=ZÊŒ8Ã#”‰¬–®ë©rràCþZF—Éòpð¯„(ßxŸ)†wy=ûnÔy38ùS 'XO}lÙæ€‘(\&C'Pè`ááõG5ÅÊ/Ë´…îr¯|´l–ðq=/g}v£Ö(4ìë`ssù·QïÅ9¶È.Ç„ñÅîHþ±DµDŒŽÇÍ8ÕØµs“ ’ˆt§µ8§,¦“hõµAbõ6RQ8ŽŽZhþ§ê\¢ä‹WM•mŸlÃLº‘ïÀƒÂe(ea]öShˆ¿ùó–]™“£„ce÷Y^|ól-È"\sP–ÚQ¡É"»
š×˜ý°fG«'=,‡ïÙ¬AX8a‚;¢ÙT—U öUãM«\–@©Yƒ0ÉB³¶ù±ÌWâòG—˜Ñ¶‹RöQ©yÄ3¹^T 9¯­C¦!w|RÁIáÿy‰ŸuFþWzÌîü¦!Z!©`hŒò
~ë,J3Dm›‹·A9é"…‚¾Öâ'¯(–µ}ÙäQ–æÐ¡ÏPÛpe41À³PoÂûáÓ¿Ÿñ“Yl+«3wå(.ú~t! 6Œ‡«×ÐÆsáuÒD¼ÚNÝh$QI¿8fY*&ó¶‚Ÿä¿¿¼W«ÄT]Àå§ED[5E¤ì~[ —,8~qDÌŽÿÿ™q©ƒ ’Wí¾²b•Ÿ,l{6paTAÕc¢íwÓÂOŒb¬cïªc¢‚‡¶ä§fƒc4l5ýfiØáÿX’Ô±#MS,çŽGn¸—'.›!¨…µB9?Èìð	
[/©ê¢á·á”“«°å-Ö—x¸&`„°rý˜Rß£2 Î:ÊlÕ´ùB°ô©Û[mª,‚YŸ\Ÿ5§¿Ø(îú£îAú·8š9fÃ†×0p©D› ;ÄD1ì}¾wé—ž‡ösH7UÕÕX]»¶ýóžãèq@¼0òy©–dk?C|€Öcj½¾!0ÅðÕ`€˜X‹­¡ós!úáîð`*zR¸,|DÓñ(²ÿ¡•©;*é‰Ã@1C÷õa)³D+×i–@“¡Á«ë»cÊ),O¨¼#¤¯¨Qk×-Å}/Æ/®XÂƒwÁ% ¢Ò]l‹%ºuÄ˜ÌCkVNòžT'-çžu:’TºOçÝã²*°õw‰ÕYó^‚´ÕxO(ó:»v…j-¸|ßE+½e³íˆªé–ëTäîZ‰r(1—£`Am( ïŽãò:dð&g5C¼ßNè3È»Â€˜­à–K2êO|qÂéF%•«ÂÜÉ»¯ÖÉ—[gî?MÝ^¨s+ó÷SÙ”»jÉËqò›ˆBí0¦aÿÐÖjo8ÀO’7 äo ÿÅÂ>›ƒÃ%§©IÖÀ³oGTngZø.Ož[:!“.	d?z¶ûEheQ*TÈÞ*ãuÈOº¾ö~4ÂŒ~Q6ù­B9"ü´žO/ì^ò¦OÉ…È‚J½^k°$ñ‚-QÇñø²)ýWAŸ):Eþpàÿø‹DêhçŸêõ]×#Cãüaöc­iMÐ¨¿€›†}ŽÜ6p‰6ƒ×ön`Ï[vÐ[ª‚vW…Ñ/Ç²0Û)o«|þ={£ÞÓÎÉÙ®±*¿è
"”ºÖcT8TÙ¼Pë¢ëìé9eœCíÏø`‹R-àZ]èÁ™Lu†Ù€dkÑls²bZ)É@ä"Ü~‡o£3§bíŒ!âE@½adTñ7€ÆPû‚¢ëLÓô½„ÄÞHô7?3¿°(ù_ëu›ñ¥•ã>®þ‹%RdÌ7žå2Võ†ÀŒšçóÝ18Uß`]Æ¥çˆ¦Š¯¯´½ÝŸßPzM32¾o
¢’	íy¬sD¨‚4î«­g~ëUî#‰FÍX‹‹Ž³‡ïng_ˆø¾/€¹Z7+èíÏ&ÀOSÓ™p—E;n9¶VÂ¦Õ2Ç ð“o*ZÒÍ5·nÓh·hél	ÑÃÆˆ\ç—_>ÒõTô©_ -îò³_2¤¼Ýx‹‡||Lg»):¡È.¢\v‘
 ‹:{ãy`‹‰üZæ÷nÅD¡XTr¥EONX­YPfé¸¹)þå h,8wÙx­U6Uâ¨q²Úä%ó¹dK/÷;êq£L	ëq”÷À\æ@5;Æôªá4&a7¸ööY ÁV3‰,©þœ›b49ézï÷`¹k;/÷Ãkd4­½V·R¸œôña¢ %ý6Væb±_ú{w’ŠO5¶(ë0ó^uƒ¯ä‹_ý2%Äî…ÍËK_©G#püï‘ðš	­Œ–U0VæB!ãå—Áe·(”>ðAÏH³Q`Ýnvî×VÃm_jïV{ê¸Ê$‰àôS”¬bÍÈ¤éP?czÒR!ð¸D¾_ÁS[Í¯›á·ÚExzMM–ööxè±Å.Äo,Àÿ›LÒ3f.+û“½¬Ty¾`Y÷Wq‚Wy¢lï)ýrÿ³yô˜Å<X×£ô½mÑ~ÛSÁ3ô$Á:jªYŠfÖ‘{L ¡Z¥Ã"öŸî¨ûÅEÙ «"Û¹Œãè«‘'~’qÆÐeSÃÃîUó:…£ŸZ+sS‹,ábÄ>«[Õ,oP'§Î>‹ÂpßsXæ äxNÐ@ðeaXLÝÂ¬D aañ!|™ÞØ{7àu	NÒÈ±|:úŒ·qÇkºu“n¢fNºù$z²áb;î§þ0£$©mŠb÷12bWn¤ù(R¶ìé_3¾úVõ‚ÍûåT®È‡„ÆyòAÕ™š^·Ø†RøB\Vˆ'0p²þC¿5LèÁBRsÌøºq˜"~ä9Žƒ&°ïÁªvY~c‰12be¬,©³£\8ç_3÷Ô[l{m.L 1Ä¢5;Šk&†ÙxþÝ§+ÊÈñuñ°¤^MBY§,Øg9l×ÄqÜ3ƒéÚÄ{¿nþýT¹ªß6HwÖ¦™‰aC	÷¸›Üp£Md@ªÃ.üiù0I3DlCþ8ž6#&ÿ|ìgý÷S>G5ÿlŒ±&…÷ˆÂ¦r´¢Óþ‰2¡¸,ª:™xÿ÷*,ó =xHíP—õ žb:C^Ìn&:=Iº¸{eç¯ÊI±aæWAÖRkO°l> Ç¡4Ý—Eßƒï&½3µ)Û‘æLœrñÕÛKðgÙ_÷$ÿ¶ß,Mì«Ø=¯ê‚ÙÞËC#â¬Ò=+QíGüéšêäà8˜ÞCâS%<‡ˆ…è*fPóÅà\I!]%=GÓC¶X”£œ¬EE(Q¶/ê+¨à¦Bgé-†—*g]\«´„ê…ÅT'„‘—ù{¦\/FÉ¼Ì¹æd`Q¶ïN‘ð¿†ò{Ú˜2P¬ëz*òêÙÎ¥ËÉˆ^‹f“ôÃÙñI¡ŒÉÓ~*\bß§‚ßG·B_I°?5š5cä'{­ÖZ„ú3þ¢¯àäKjD{zôÛI£ÿˆi‹i¸c[c=“A„‚,³6˜+|Q‰É>:œ¯åÉj‡%ŒVKŒxú½­j˜w3Þü™ÿ%N8©Q‰‹â0Ï¿‡Ø‡êÒ¶íÐ_÷xÕi/ëëmJLÝ-xßiþñ:Ù¥zh@n‡“+‹¥Õ¨×¶9ÅÒ!Uü5ÌÈU›)Kï’è2°9¶ÅýŸdYk|;qÂ;>ÿ°a$öÒæ9ùN«7§€Ï8‚†…N?íª²°þS1Ò¥"¤o-šË(2Ô@O¤N”»F/9Œh¿ ó^9ÿÐÄ¬ÇÜð[š ¸ó%)Q^kvóFBD{µ/Ogf}©+r.C3B«’,‹–âÔ'RyDív¸¾ƒÕjìÖçBrïëº†ºHÁ‡NÚÙá$ò£/”b%ÂŒº•E8í;ÎÁ9wå¾ˆø‘®BÝ°™G!~å9w2¨~PJ^„›À¶­E”Ž…¿¶Û='ðp:müÁ‚8g„l`Lú„©mÕëuÓcý.èélrhXH@÷^G)é?lŽrcÑžÉšòUjÒð3’27áÀŸKFSÆ7V¬	æÖIœ»­ÛXÿ½Èï±"‘2¤Lt1M35mÛ2Î-ƒ“(ñÃÛûL}„pL"—bEéÔe0“½Ië˜ñz:jzCÆLÿ¶†ùæók—´~£#üfT™/šiúãšCÚ°#ä 6ØÌóŽtÚ@jZ‹Ö“¿Oáè)ÏýºEÊY±lîÿ.;: ?³Æ©à¶ØEJZZc1uÇ¼ 6<ƒL%á6š!¶«çtÎäá¬ÞBø:Ÿ¶ø&‘X-cN½[P‚!ž&EC	ØƒÄ5rO4¾Ñv7ñ5mô–Ø&|V¹\—$‰~ç·¡=£Ä'$’Ÿa”÷à{½iØí{®Mãi®—_õØþðEA>¥VíÑUøÆq2]£Š°öë[¡gQP³AÙÏïŽV«ðlyö#=ÔÐÎI%=æe*c1J‘Hh„GÝìgä@OÍl"×Ô¦ÓµB³øAØ¨ƒáé’Æ“‚à«Ç„¦Ô±¢D_¿»PÃ{êëÃî áÕ}åŒ	@3¹H#ð\áý565k0ÙÌTB/ºž¢ê•æºêTA,
 l„=
nq|›Öíö÷±·ZÉ *.¿ëíÊ3Ëšq!¢¸+miVNH
Mºï·ù¸€o‹@ÉîÎšm!~\ÊjžAÀ•Œë(.ÜeÙ€:mœÉ”¦‡ZB¬7t[Î]q°¿
ì›ù4‡Ëª“ù`¦Ì«Ý†nqù ê§Z5*ì–G¤æO¢I0¾ŽÞrJ¾ó¾±öDê  6YÒÕxÞ{ó_;¸×i®ÆÓùêðLŽ¡jæ´‹9ùÈU¢N’¹Ab)WgerÉÂîâ>¨ÿ«ÚóR·¬@hƒ…7à:“\¹ØeÔx‰(­û_£N\q—2j¬6?ûˆköïí`³@ž—²ùT­Šõ‰±4à¿u>)„Ó½aWpÛÕ—[BCIåçé9îÈ$)æ”pêßâÜ“ZªÅ¹Ù¨MÃ~4žþoî™fûSýSÎÇ&NüË"3Öà%AÃZ÷¼ª_Pú=&=”þ ãŽ>+ÃÕ!Ú¼ÉFqÛhAåqˆ3p @¼_¯4\8²@³h‡ç±zR»Ä‡¸ ÂÒS(™>…ögÓM•QLÌB^cÚê“ëü‚éS	 äû#"oÝÊƒäB¤=·‡‡½GRCûî•ù‹;IËb*Fùq½M_º‘'Žtú¾‰€éÑ¥ÝD‹Øã÷6õyá’×æê…îÏ‚Þ|NÅó<Ê¥
ptâŸ(9¾)ˆü’¿†ç6óˆ»ú#x’Ò´èþ9×â º7ÿP•¼%RÕ·)VÎ‘fw|OºS¶f4;¸¬¢œ¨åñ~Zp€H5l~1X‚dœœ•tÂS£ùû“l¦·sÈ0%g)MÅò É"×ò¾»Êi;›>Í¨‹¢kkün æ6.è  6ÆŸQ×¸ñë:ÉhsØ™â£òwDÐ…XXRGãHH:»¡j=,ð1À(•b™@U‚D]#òæ*É€ÌW˜R7€‰Qÿ=Wò91î¦¯ÑV_·9§wÉª•¯’'£w
U· A.¢IA€â>O>A 8wŽóä†ÔûoÓL×à÷%®Æ@à÷Óæ+mÕàc·I0Å.¤»>ÊÌV^›¼É‡¨¸’>ÕÑ–§7ZíítEYäÉ9?„ºrÌFº$øðK“<^™™"¥*­¿fg\ý3™ˆ	¤Ö›tòÝÇ67EÀ¸>ÖYÞ~«6Ô¥;¤›‰IhÛï…‚$_PÔæÃ •ƒ[Á@ètVÝ>t%CMXT$“øoÝ”‰]ú|yCw6'HnŒÖZ ­;Æñ¢*³oOBÃã¾âÍúýP6Á¨²Ç¤§ á©œnD2[ó¾ü¹¾¼lG?âÞ{F¿z25zG?¾­ÑÁ–l@¸2³ÏZÔ'
Y
P)l§ŒöbWû¡S&/` £tg+BÆšå™¦‰õIjqóëKäzžK~ÃpÅMŠÝ­§]Ã•­_ò·ôª!Q×™ýÕøéö¼¡[vuw–ÖÆŠãß/ÞÔî<s·œ`#ûÿçX„ý}ãï‹ÆÃF×q˜»_¤c=þÓf*‘tkBYV„«ÏHÇÿž†¢¯óµñ5 jµ$ðé“ë;ï¹B¯¦–³“LNóÕÊå•§wF|Ð:æzÂÃÖB>O[V-‘á6-£¦úô:sYÚÔ­ª‘Â"æ®W[Gÿ	s—”n7nlÔ¿µsš»Þa9§T]ßˆ(Ì‹«š¨b×H@¤ãG]uìÂ-+?Ü™uYQN»SÚ6í­pŸ»†××sM™+«/‡Ý¬ù³"r#¾ìtcd‡ò%X^í±Wôßþ{ß¿mõ&GÊY˜aiê9wêúØøc(]dü¦Ê:‰è¼Vy©¨ââAçÌÄÝ÷Û¡c'Osè¢tõûõýgì?Æàó}þ%UL»*$Ã&-kÆ…6f÷€äX41¿ÖlõÍ{²ð‡ÓÎ§Jó`B8È˜jk@y	_´,§#‡½£Ü&:©m– 9hÿB¿:D~Kîª“Û°ãÏXÖ<F˜cW‚Ã‚Ñ|}¶’o“Ï““¤!ÿÿYì»…‰^Bízƒ‚ËslùñtbµÞ* ¦ßoÉdT¤ŠPï³Ê˜õq’"ÑBkU`Š>Ñà·ào¾šcLì}6žËÒN#—8q	†{÷Í©`Ü÷À¯ÊSÈÛ2»ÞG ±þEøÓmÜ²É¦qàÐ—øY5äÝõŸ0kÏÑ`'‚ðeó¯«“z¿Y‚]Œã¿Y7BµÍIÅ÷/~mŒ£,ï”kæEñ;“½÷îÎÛÌšn,VK8û‰6KÞÊ¬|‹íüƒÅLq
ðð ÁÌ¦'ÔDÄOìÔ`ƒsØí¹ÎÓ^4­Œs²†Ô¸ºÉK8½'&Mtm	ÿÔ<ùšÇBò6h‰â•/æ¦ÊHÒ^Œ÷§”I‹¶1¨`Þâ?3%¼ÖÃ“Êp¯N}Y(
ûÞ@ÑE®EÓæÒŽ&œNèjÊY/È·½¿ýB1è:’à3Y œ^-±Uè-àB©ž¢,8ß\ %MØ»î¶½™t˜6–”‘*íÆ5]LSCÂv'›$ldªžk¾”Tž"Íh¦/HZì¨ý/brIÓ2“Gòb8xœ[Œ¥ ©áŒB"‰èóëÏû­|tär'¦mì­=‰ÚÓGÓCˆµÝ.Ç¨…HÅ,¸ ëJ]@ÅÒ¼ÅúØØ!ZºŠ”¹nE½€Šô4ûƒ¯ÝÖ¿waýÙÎ—ñƒ#èÚÀæxY5(ðHjkéßÔÕàzö$»½¡¼¬`•Mj&e¯ÄÕpóÐÜå—TÕï´ÈäE•$ÏëÌS`œ‡ÒvŽ¾~–Uó!`8RxØ}ÐK/«ó®d€Gr,æ*[ô5"b°hzá-‹¦‰eDi€BMVKÚÀ{k¶;°#KºTµ$×m Ç[	ÿð©|”ÎîË0¯±:œßc ³³±:5Ð‚.õý¸¿Wå@q[ã?ÒœŸ¢ˆ‡É´/~£Ä'ãRRþV‰?Ÿ=ÒÊoúˆ§m9á¤½ÓåÞW--¯ýOÆé÷’Hpäˆí•uYì]‡S€†ÂÙª•F|ÐV|x_M.¡Ou6vÔèCÛŠ¸êÓwQ2%ˆýèX\Fù4Ý×¢52œp‰DÝ]—Nú<->¯2È£Y*Ø&	…~ÚÓRDùij4ÄÚ¥Çƒ[«fB(™~cëÓÙ*âm`XbÏÓÀ@iÆÖ§l~Q Ö¼¼e½ññ»ú'¼`IeìûBRÿÙíêX–rCŒ_‹:O7¹‡´xÝätREÓewUÜ÷Þ(µí•ˆ„Qc©H¦3BX
.‘o	îýÝ¶=†¼Ó2
½¦c:Z5.`k“&Iò…cq…!ö-Õ\ø‚¾9Pž±Ë±øsŽfPþÇì­o?|ñÈæc»Û8Ï9wò‡«÷×r ]‚oÂ£E«»àõÎ\òdò¿—Ç¥Éÿ…ºÐjœd#ç< Ç7+Xõ >1ëÇ±Ô,UOŒ»Ø† ^ËSNÅµó8Âx7”¯©¨ëc+§Q³D6C‘\‹\ d0újŠxœPY²~‘êyªô'6êÆô‹UÚdÇbÔëñyzpÑi‘ŠOµÛž[Äu‚Ù´áÃÓ>Ú¸wÉ\{ÿ¢ŽY?È‡Qµ@µÑâ,uZ¶>¶-)ŸsÝeMn‘°‚hFqþ±‚•ajñ§*	Î]êõüxÕ3e=à,6w!îÄéDÄÒØíicçÒ,Ì:þÚƒî<«#|H.%Ï=ç[« Ç‚»:,f¦´°ÆºÀ£]Yã¨„Iº÷ätÒÊr¸*pÝ§äÅ Šô:’ëWê‘K’|È­Réá©lÐÏQqŠH È]T¥ifë,èÿ“3«§wC¦'‘f˜Ñ‚=hÏ”à€ˆš§&Ýí¨]R_]_Nm'£É¼œ@ß»­µ¬l^ÒCqAj˜fKåóÆ|‹_Rë—Ž÷Þ/±¯Ù¯F,búÕ›˜*¦ãªo­ŠwAŒþ™XÝ;|W¸rÎÃz£›éºl®i27’ ÇoI8•\’dŒÿý¥ðt¥ìª9_DäÇâÝ}P€ù>‡"ÀÑ”Ž1ŽÔ÷dt ú½pémV@·*¥£Dò!“ûad4…õ›+gg~éz5O­_»R/tï`;ì1,õ>„ðcút¼WâH9X×‹XF„ tõ]j›ú@ˆ<>Ò„ˆD©í_“¡ÀÖ¥×wu_M‡Ía—»[o:'t˜Ò7GË32 Ÿ­·€ÊØck[¾å0‰°Ÿp³Yq¥+ž'áy‰9¿wÞýá,“ÏM®¢Hº&MïƒŒÀ†M~Ë§…×ÿ<6Xf§bôÑÅƒH‘çaí¦yÕäD„iÐj÷Ê‡ïÑ—¥ýáÞ’ÂJ”°_P´¿ÃæÛP·>ýˆ ;ÈÈCØ)èÆÐJ,J¥mÙƒãŸ­y|õG6ÞBì1âmxñT«¹’ðˆ˜ì97èÏ¦Ó	Aíý F…&I½Ÿ(ß%wý G¢]Þ2zH–9Ðø§`õþUs 7÷F#Ñ÷I”èÕ)Î¥Ñh<-eùì’©UÓþ$ùÑ•xáçik%p&Œ¤7ÿ¡•o¡®(ÆHI0Û"ð}žþ ¦ö¦¢Yó¤ì™jÛàŒ,ŽQä}I¶Äd&S¨5µž%¨/y Eqxá3¡%/r¢B}¥´ú v»'z¡½ž%ï!	cY}D#2ËFuúß ÚMž/@ž¹âHRxøGFSSrH¨><qúFOŽ¿¢7ô»;»I5b¸«´°àõ
÷UíYÜEÌÉé6åë£(o#²ÝN„iCÎ¤e"³£Ôè¿ûÏKû‚zsÌ5¿Ça—"Î% ª=zg‡éÈê¬6Àú_Âð‡ã\Ã’û}%#ßê„{•þzgL=o4˜ÕT¾Q±’Ë´1÷<:úêý )Ìì«_ñAŒ«K™1"]†¥#$ÎDÕPRnù$·êb¦=§TižMÂj+þÀö×:“|†6-M¡•JHƒ»”94YK†Ûê¯¸_"êü¥QGeñ&µÔß_tÎF{2‰…²&V	6W9Qƒ´:Â;e¬ÊWï—>·|ÞLeÛH—?û½ªŸÈŠOÙ>“gyL{ëJà×•ßéÝ¶pQ?Þ§«îíÏ\XÙTRå´B(´á4ãIvˆWÐ}ükì´(’–íX<3$ÛÜ_üm>ÒqµˆÚTO¼Kú‡¼×›Ë}`øM:	#ÆüCXlÈé­Ô>˜¯ ¸0
’¼aÞÿÄB¯!¾;E#ê¶‹Ë÷˜‡¹Éÿä:@€…9ž˜}ÿÍµ·GA‹	>6#ò!3ÐÇ‰K.«éÈÖ/¬NgÛé1™^}'Y;Ò˜«û1YkëÆÑ]™ƒiD†Nó=<hº¹ëèŠ„sï˜Uœlèè£âù`ìTs}HˆåŒì·S0ßÑþž¿|k{•bØœÖÌÀ„‚mvQ\MæAž­±ZaÛ_™`R[ò8gGÎ5êÕd¼z©	®âeVB<" ÐoðUëÝ÷.Àle‰¦<þ'Œ"cØå
Áiñó7O;@®#w¡yñàhÏŽ Ë"YnwK¿¨Ì6A-¥.«I
½©+òâùæKËÞF[£çôÍžQË‘¯ÞÀ5J8’Ãù¤f5þ'9I¯š²wi?!è¢”Sés„Ã$Š˜H‹GDŽ¬`Ì·ï³Y™—àGL†Vn˜‚L÷¯q/ƒM&Ú&gßÝ«·Ký Þ°ý“.‹ÆÑö,4w1zR.M¡øe¾Aúœug‘TŽò¨×lÊaæÈ•}÷œÅt‡s¹£‹†=¶ué‰„5åbÄŸÛvw“©_™¶Sâ²ù"‚Éˆ®þÆ!xÜ%\ø™“ZÏ«)hcJb‘LTfÁ$ ¦B:‘â±‹N²"¬e(ÀØ\P·„Pz+ž—`„ˆlÄ¢,Kú‡uþ
ýèŽ©Ýr?’çN—cvéêª!zR÷r—Ò[¤ÕX¢ ß¦Ã›;æ™†ß™ŠÝè7V*\ü@0¢ÈËŸÓœãKwÁ}G…-éœtØË¼ŽT*ö‰|ò0ùF”(ÛD°¦BÎaÓ(
6H"ªò3Ž@%¦:Ø¹ð¨ÜR:s†‹{~©-Ø…÷…áb¥ãc¤|<·»&0@¼Èô°rÇw?³¹I)–²¬kDöûØ´è£ï€Ö€·®åÝ$÷™þÀòËòI–‹JðŒ¤·øÅÔE†Miåûý¼|ñûˆŒ÷ö¶rÁCQuÓb†˜¸N>Þù²¡ìZÞtW&¢@‰—#BUï/Õ‡ÁSÒ¬NÄO½u‡`»úÕ'I¦xBú&¤Ü<‹ö=qs”Í|ÕOwC~ŒŠ7
zîúZáZtfç/Æ
AHÉ±ÍŸ<ÛX°tÜQï0Ó!áÀ¢“¥È6PÑn2jäÅ+5ö›°fäVþ+Ïµ SaÈ÷<üî8 —eÀeÌ­DøÇM%
[eÃ(…ió&)c¨O€ßß³o/îàhæ‡µ“üi9 ~Ó®ŠÝVcË£vhÕ¿œ~©Æ¦æ?®`çÖ[Y>=
à±%”Ç¼ë²`uä§Í\}íëÍDP TìI´?Íb5$.ð[¹Ü.]Ò˜Ï¿M[yêý´¥þ‘iÒ¡§Ï¸û§ØÁá²ÈEªduòA…Ž‘´-¢*›Õ±(+B;è@ö–î© p8Ý‘Ÿ'!6ÌIª_|ÇØpHys©Ž}Í,"d¯ã~L4×„»¡Î¯ì´Êdœá%B
)5´™bíœsK$–:±A-h™þ<7–½ëžÍ.¬Š
ûfÄe3›ÕqmfŒ±Œ¤u£Í’ ¸  ª>š¿Œ@ö'ÙDä¯^‡(H)o¡óh¾©¶C¿ ÷™ý'þ¼Ä¶éß    
YZ