qemu-2.9.1-62.1<>,f\/=„ jNmu}ۑmE{sO W^A 齔iq{d0q>7( ܧ{.M6q|:2ѕJVcJVJBj;;.}t!L`oSD"?"d   )TXdh{ %Cx?t? ? p? l? ? ,?(?c??(8Q9$Q:0Q=>>FFNGd?H`?I\?XY\?]?^ bqcdeflu?v w?x ?y!z!!!!" " " Cqemu2.9.162.1Universal CPU emulatorQEMU is an extremely well-performing CPU emulator that allows you to choose between simulating an entire system and running userspace binaries for different architectures under your native operating system. It currently emulates x86, ARM, PowerPC and SPARC CPUs as well as PC and PowerMac systems.\cloud128!openSUSE Leap 42.3openSUSEBSD-3-Clause and GPL-2.0-only and GPL-2.0-or-later and LGPL-2.1-or-later and MIThttp://bugs.opensuse.orgSystem/Emulators/PChttps://www.qemu.org/linuxx86_64/usr/bin/getent group kvm >/dev/null || /usr/sbin/groupadd -r kvm 2>/dev/null /usr/bin/getent group qemu >/dev/null || /usr/sbin/groupadd -r qemu 2>/dev/null /usr/bin/getent passwd qemu >/dev/null || \ /usr/sbin/useradd -r -g qemu -G kvm -d / -s /sbin/nologin \ -c "qemu user" qemu# Do not execute operations affecting host devices while running in a chroot if [ $(stat -L -c "%i" /proc/1/root/) = $(stat -L -c "%i" /) ]; then setfacl --remove-all /dev/kvm &> /dev/null || : [ -x /usr/bin/udevadm ] && /usr/bin/udevadm control --reload || : /usr/bin/udevadm trigger -y kvm || : fid(Znk$dyyVFHg:$Z,  a[ N   J \H  >%Q+  p J  3 YvxXA큤A큤A큤AA큤큤\\\\\\\~YsYsYs\D\D\D\D\D\D\~YsYs\\\D\D\D\\\E\E\E\E\E\E\E\E\E\E\E\E\E\E\E\E\E\E\E\E\E\E\E\E\E\E\E\E\E\E\E\E\E\E\E\E\E\E\E\\\E\E37ed888f2a3f5c0e0a3508b36473950ccd3c34ea213553f5d5a014e2890f1db01beade76b031a4dbd158e233f9f6f24bebd4d5e1d8b049edc3a995c0615ccde4ec739e7bd6e402bbd6fa4447a000fc516163313ba1e8e8382c2c110607368e86725ef6074f55ca224605ee78cbdfa406bddef3670d3ee13e0886a92ad0ba8f95bee0a21dd3a9d7f227ae6a1d1291967eb0b746d1bed83cdd70f91aae36ad70f13f652711de120eb1df14fb3081fc91f8441c28d2cf86e15a37fa47e15a72fbac79ffa0ec772fa86740948cb7327a0cc7852d09f0ddeca743e10c2e3c2bcc76ccc8cee28b95b74e43e7a6aa10cad17de567f4745460b114d7c7c559ee4fbfa0ec3f99a1335acff611f71390eefe1f70e2348102c7b22ab019db070bbe4782c058fae5f142db07561a3fb8c989fbc8efeb06d5a5455bf9aa6b0c2fb323718074ce10f7602d623151fdb72d2d5600053046bd8fce58db92e610e58f6db28e98380351a2b743c26719582d0e6a544d4406513dfbc3d8fae5d5b7732407eb5c84e0993b25265e9841f6496ecdf0e8de52dda6cfb9f43071f8043fabdcb510cc03823de3a53dc94314db592b2a58e3f0421219fd05ff9d2ebb757cca701ba6b8914422a37f7d6766ec348794bc805ce02768ad05e7657ad332d983e2b76324478e7eb646e33c9e811f755ea7656cc42ce704bc79037805c2cedecfa8b24718f6adc82ad7efb654d7716155a03f5ef7e3de8974f263af30b77214bd31075a8eab0c4d8a6c6e3d5ab3d790bbf69f7b45f128c82df7b983dfbea84fc572dd4d5b4b4761f605d9f94361e9401c374fe73ffc82d03901309cbea6c8a9f9e8b73b3ea6279693df912a48064c0f174fb51755fc96672c8ae26ec163397324edd9daf4ae0e3fc31def2f650c3907928c9f8b435ea773e02f32fb94d8d6152fd93cdf6a7beda64ede884c1abf4ab6be7475f8762eb244212638ec10f2569c74e352f4471d3fb2fab667baa4c0743fe1cadba6d090b2cd8301b3a19042cee7418ddf9d6a76d3e7a7afc7b8dfcc0a58352fb7cc0c741fdfe7992f51605dab5cfea7edebe70fe3e691b5f7190ba8b16d437447db719f2dc73f9bd3f792df6266c37c6d9a32687c4c76dc7d7dc1ecb55c119f61a5fd52b6de39dd1531d7d4c2aaf5c991a6019e28501a140fdef82ae4079d600136da3f8288df9d03bb64b58e924ed1baa22de63cbab79492fc182dcf9a722dc981049d8e9b7cb0a96009e84dc3845876a207eba26b66732c9ddda505fdccb8c0ae7899546f7c2722409b2dcff70573c1e7865da5cb2frootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootqemu-2.9.1-62.1.src.rpmqemuqemu(x86-64)@@   /bin/sh/bin/sh/bin/sh/usr/bin/pythonaclcoreutilsrpmlib(CompressedFileNames)rpmlib(PayloadFilesHavePrefix)shadowsystemdsystemdsystemdsystemdudevrpmlib(PayloadIsLzma)3.0.4-14.0-14.4.6-14.11.2\-@\N\\@\Q\P@@\=@\I\@\@[@[0[@[[R@[[@[j@[`O@[,[@[Zz@Zľ@Zw@ZZs@Zo ZX@Z;@ZOYYYéY@YY@YY3Y@Y@YV@Yw2Yw2Ym@YTYP@YI@Y6@Y"Y"YR@Y Y@XXXX@X@X@XP@XX@XXXXXBX@X@X@Xx@Xv@X<@X<@X43@X2X0>X0>X%X lW_@WWv@WWίWW:WQWWWWW@W~W~WWzOWZWZWQq@WN@WN@WF@WEW!@W!@W@Wo@VbVV@V@V@VVuV]VQ@VQ@VMVMV0V&,VVZVZVZU6@U5@U(U@U@UUlI@Ud`@UT@UQ@U@U7@U4@U.RU-@U-@U) U'@U&iU&iU%@U%@UUU@U ]@U T@TTD@TZ@T@T_SS0S@Sj@SS/SFSϣSi@S.SSg@SSsZSr @SnSQSO@SO@SKSG@S>S=M@S:@S9XS5d@S2@S2@S)SSz@S@SK@RVR@RRb@RRUR@R@RTR@RUE@RSRL R2@RC@ReReR@R RQ@QMQQQKQQV@QV@QV@QV@QQaQ@QQ@Q'@Q'@QQw@Qu&@Q @QtQP@P@P7@P7@PP@P@P@PpPuc@Puc@PtPS@PQPIPG>PG>PG>Plma@suse.comBruce Rogers Bruce Rogers Bruce Rogers Bruce Rogers Liang Yan lma@suse.comohering@suse.deolaf@aepfle.deLiang Yan Bruce Rogers Larry Dewey Larry Dewey Bruce Rogers Larry Dewey Bruce Rogers brogers@suse.comfli@suse.comfli@suse.combrogers@suse.combrogers@suse.combrogers@suse.comlyan@suse.combrogers@suse.comlyan@suse.comfli@suse.comlyan@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.comfli@suse.combrogers@suse.comlyan@suse.combrogers@suse.comschwab@suse.debrogers@suse.comschwab@suse.debrogers@suse.comlyan@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.comlyan@suse.combrogers@suse.combrogers@suse.comlyan@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.comafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.debrogers@suse.combrogers@suse.comohering@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.debrogers@suse.comafaerber@suse.deafaerber@suse.debrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.comagraf@suse.comafaerber@suse.debrogers@suse.comagraf@suse.combrogers@suse.comglin@suse.combrogers@suse.combrogers@suse.combrogers@suse.combrogers@suse.comagraf@suse.combrogers@suse.combrogers@suse.comafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deolaf@aepfle.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.destefan.bruens@rwth-aachen.deagraf@suse.comafaerber@suse.deafaerber@suse.deafaerber@suse.detampakrap@opensuse.orgafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deagraf@suse.comcrrodriguez@opensuse.orgagraf@suse.comjslaby@suse.comafaerber@suse.deagraf@suse.comafaerber@suse.deafaerber@suse.deafaerber@suse.deagraf@suse.comafaerber@suse.deagraf@suse.comafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.debrogers@suse.comafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.dempluskal@suse.comafaerber@suse.deagraf@suse.comafaerber@suse.deafaerber@suse.deafaerber@suse.deagraf@suse.comafaerber@suse.decoolo@suse.comcoolo@suse.comdimstar@opensuse.orgafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.debrogers@suse.comafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.debrogers@suse.comafaerber@suse.deafaerber@suse.despeilicke@suse.comafaerber@suse.deafaerber@suse.debrogers@suse.combrogers@suse.comafaerber@suse.debrogers@suse.combrogers@suse.comafaerber@suse.deafaerber@suse.deafaerber@suse.decoolo@suse.comafaerber@suse.deafaerber@suse.dedmueller@suse.comafaerber@suse.deafaerber@suse.debrogers@suse.comrob.verduijn@gmail.comafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.debrogers@suse.comafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deohering@suse.deafaerber@suse.deafaerber@suse.dedimstar@opensuse.orgafaerber@suse.deafaerber@suse.deafaerber@suse.deagraf@suse.comagraf@suse.comafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deagraf@suse.comagraf@suse.comafaerber@suse.deschwab@linux-m68k.orgidonmez@suse.comvuntz@suse.comafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deagraf@suse.comagraf@suse.comafaerber@suse.dedmueller@suse.comagraf@suse.comagraf@suse.comagraf@suse.comagraf@suse.comagraf@suse.comagraf@suse.comafaerber@suse.deafaerber@suse.deagraf@suse.comafaerber@suse.deafaerber@suse.dedvaleev@suse.comafaerber@suse.debrogers@suse.comagraf@suse.combrogers@suse.comafaerber@suse.deafaerber@suse.deafaerber@suse.deagraf@suse.comagraf@suse.deagraf@suse.comagraf@suse.comafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deafaerber@suse.deagraf@suse.comagraf@suse.comagraf@suse.comagraf@suse.comidonmez@suse.combrogers@suse.combrogers@suse.comagraf@suse.deagraf@suse.deagraf@suse.deagraf@suse.deagraf@suse.deagraf@suse.deagraf@suse.deagraf@suse.deagraf@suse.deagraf@suse.comagraf@suse.comagraf@suse.comagraf@suse.comagraf@suse.comagraf@suse.comagraf@suse.comagraf@suse.comadrian@suse.deadrian@suse.deadrian@suse.dejoop.boonen@opensuse.orgadrian@suse.deadrian@suse.deadrian@suse.deadrian@suse.deaj@suse.deandrea@opensuse.orgbrogers@novell.comandrea@opensuse.organdrea@opensuse.orgcoolo@novell.comuli@suse.deuli@suse.debrogers@novell.comcrrodriguez@opensuse.orguli@suse.deuli@suse.deuli@suse.deuli@suse.dero@suse.decrrodriguez@suse.deuli@suse.de- Add x86 cpu feature "md-clear" (CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 bsc#1111331) 0166-target-i386-define-md-clear-bit.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3- Fix information leak in slirp (CVE-2019-9824 bsc#1129622) 0161-slirp-check-sscanf-result-when-emul.patch - Add method to specify whether or not to expose certain ppc64 host information, which can be considered a security issue (CVE-2019-8934 bsc#1126455) 0162-ppc-add-host-serial-and-host-model-.patch - Fix OOB memory access and information leak in virtual monitor interface (CVE-2019-03812 bsc#1125721) 0163-i2c-ddc-fix-oob-read.patch - Fix DOS possibility in device tree processing (CVE-2018-20815 bsc#1130675) 0164-device_tree.c-Don-t-use-load_image.patch - Adjust fix for CVE-2019-8934 (bsc#1126455) to match the latest upstream adjustments for the same. Basically now the security fix is to provide a dummy host-model and host-serial value, which overrides getting that value from the host 0165-spapr-Simplify-handling-of-host-ser.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3- Add ability to set virtqueue size using virtqueue_size parameter. Using a smaller size allows for more disks. This feature request was for SLE12-SP2, but we want to be able to forward migrate VM's which use this parameter, so adding to SLE12-SP3 as well (FATE#327255) 0160-virtio-scsi-Add-virtqueue_size-para.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3- Backport Skylake-Server vcpu model support from qemu v2.11 We don't include post v2.11 additional feature tweaks so that we can easily forward migrate to our v2.11 based qemu in more recent SLE versions (FATE#327261 bsc#1131955) 0158-i386-add-Skylake-Server-cpu-model.patch 0159-i386-Add-new-IBRS-versions-of-Intel.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3- Address OOB and DoS vulnerabilities in vga subsystem 0145-bitmap-add-bitmap_copy_and_clear_at.patch 0146-memory-add-support-getting-and-usin.patch 0147-vga-add-vga_scanline_invalidated-he.patch 0148-vga-make-display-updates-thread-saf.patch 0149-vga-fix-display-update-region-calcu.patch 0150-vga-use-DIV_ROUND_UP.patch (CVE-2017-13673) 0151-vga-fix-display-update-region-calcu.patch 0152-vga-drop-line_offset-variable.patch (CVE-2017-13672 - follow on fix) 0153-vga-handle-cirrus-vbe-mode-wraparou.patch 0154-vga-add-ram_addr_t-cast.patch 0155-vga-fix-region-checks-in-wraparound.patch (CVE-2018-7858 bsc#1084604) 0156-vga-fix-region-calculation.patch 0157-vga-catch-depth-0.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3- Fix bad guest time after migration (bsc#1113231) 0137-kvmclock-update-system_time_msr-add.patch 0138-kvmclock-use-the-updated-system_tim.patch - Address various security/stability issues * Fix OOB access in slirp (CVE-2019-6778 bsc#1123156) 0139-slirp-check-data-length-while-emula.patch * Fix host security vulnerability related to handling symlinks in usb-mtp (CVE-2018-16872 bsc#1119493) 0140-usb-mtp-use-O_NOFOLLOW-and-O_CLOEXE.patch * Fix DoS in virtfs (CVE-2018-19489 bsc#1117275) 0141-9p-fix-QEMU-crash-when-renaming-fil.patch * Fix OOB issue (use-after-free) if virtfs interface is deliberately abused (CVE-2018-19364 bsc#1116717) 0142-9p-write-lock-path-in-v9fs_co_open2.patch 0143-9p-take-write-lock-on-fid-path-upda.patch * Fix OOB access performing PowerNV memory operations (CVE-2018-18954 bsc#1114957) 0144-ppc-pnv-check-size-before-data-buff.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3- Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3 * Patches added: 0135-linux-user-write-fd-NULL-0-parity-w.patch 0136-linux-user-make-pwrite64-pread64-fd.patch (bsc#1121600)- Use /bin/bash to echo value into sys fs for ksm control (bsc#1112646)- fix memory leak in xen_disk (bsc#1100408) - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3 * Patches added: 0134-xen_disk-Avoid-repeated-memory-allo.patch- building against xen-devel requires the XC_* compat macros to be set because this version of QEMU will be built against many versions of Xen. configure will decide on the appropriate function names it knows about today. To actually call these functions, future versions of Xen may require XC_* to be set. Furthermore, fix a bug in QEMU: xen_common.h undefines the XC_* macros unconditionally. (bsc#1100408)- Fix a condition when retry logic does not execute in case of data transmit failure or connection hungup (bsc#1108474) - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3 * Patches added: 0132-hw-char-serial-Only-retry-if-qemu_c.patch 0133-hw-char-serial-retry-write-if-EAGAI.patch- Address the following security vulnerability: * Avoid OOB access in restoring lsi53c895a emulated SCSI controller state (CVE-2018-18849 bsc#1114422) 0131-lsi53c895a-check-message-length-val.patch - Tweak spec file url's to match today's reality - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3* Pulling upstream security fixes for NE2000, RTL8139, pcnet, and packet size changes (CVE-2018-10839 CVE-2018-17958 CVE-2018-17962 CVE-2018-17963 bsc#1110910 bsc#1111006 bsc#1111010 bsc#1111013) - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3 * Patches added: 0127-ne2000-fix-possible-out-of-bound-ac.patch 0128-rtl8139-fix-possible-out-of-bound-a.patch 0129-pcnet-fix-possible-buffer-overflow.patch 0130-net-ignore-packet-size-greater-than.patch* Improving disk performance for qemu on xen (bsc#1100408) - Important notes about the following patches: 0114* - Combined changes from 8f25e7544 were included for convenience and simplification 0120* - Modification made as the Xen interface versioning was changed 0123* - Removed xen_9p* file as it does not exist - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3 * Patches added: 0112-xen-rename-xen_modified_memory-to-x.patch 0113-xen-make-use-of-xen_xc-implicit-in-.patch 0114-xen-use-libxendevicemodel-when-avai.patch 0115-xen-disk-only-advertize-feature-per.patch 0116-xen-disk-add-support-for-multi-page.patch 0117-xen-disk-use-g_new0-to-fix-build.patch 0118-xen-add-a-global-indicator-for-gran.patch 0119-xen-dont-try-setting-max-grants-mul.patch 0120-xen-add-a-meaningful-declaration-of.patch 0121-xen_backend-add-grant-table-helpers.patch 0122-xen_disk-remove-open-coded-use-of-l.patch 0123-xen-remove-other-open-coded-use-of-.patch 0124-xen_backend-add-an-emulation-of-gra.patch 0125-xen_disk-remove-use-of-grant-map-un.patch 0126-xen_disk-use-a-single-entry-iovec.patch- Change spec file http references to https- Adding patches to mitigate seccomp vulnerability (bsc#1106222 CVE-2018-15746) - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3 * Patches added: 0101-seccomp-changing-from-whitelist-to-.patch 0102-seccomp-add-obsolete-argument-to-co.patch 0103-seccomp-add-elevateprivileges-argum.patch 0104-seccomp-add-spawn-argument-to-comma.patch 0105-seccomp-add-resourcecontrol-argumen.patch 0106-seccomp-allow-sched_setscheduler-wi.patch 0107-seccomp-prefer-SCMP_ACT_KILL_PROCES.patch 0108-configure-require-libseccomp-2.2.0.patch 0109-seccomp-set-the-seccomp-filter-to-a.patch 0110-sandbox-disable-sandbox-if-CONFIG_S.patch 0111-seccomp-check-TSYNC-host-capability.patch- Correct some versioning as follows: * Accurately reflect the qemu-ipxe package version value by adding "+" at the end * Don't overwrite seabios .version file, since now (for quite some time actually) upstream tarball creation creates this file and the value we are writing to it is actually wrong- Update to upstream Spectre v4 vulnerability mitigation support, which includes exchanging our early patch with the upstream version (basically the same) and adding AMD related support. (CVE-2018-3639 bsc#1092885) * Patches renamed: 0094-i386-Add-bit-2-of-SPEC_CTRL-MSR-sup.patch - > 0094-i386-define-the-ssbd-CPUID-feature-.patch * Patches added: 0099-i386-Define-the-Virt-SSBD-MSR-and-h.patch 0100-i386-define-the-AMD-virt-ssbd-CPUID.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3- Fix integer overflow while allocating a large memory chunk in qemu-ga: qmp_guest_file_read (CVE-2018-12617 bsc#1098735) 0098-qga-check-bytes-count-read-by-guest.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3- Fix heap buffer overflow while reassembling fragmented datagrams in Slirp networking (CVE-2018-11806 bsc#1096223) 0097-slirp-correct-size-computation-whil.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3- Tweak patch file generation to be more git version agnostic. Also change update_git.sh to not reformat spec file by default.- Add support for block resize support for xen disks through the monitor. (fate#325467) 0096-xen-add-block-resize-support-for-xe.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3- Spectre v4 vulnerability mitigation support for KVM guests. High level description of vulnerability: Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This patch permits the new x86 cpu feature flag named "ssbd" to be presented to the guest, given that the host has this feature, and KVM exposes it to the guest as well. As this change also relies on the same MSR infrastructure used for the "spec-ctrl" feature now is a good time to remove the temporary patch used to help ensure a smooth transition to spec-ctrl support regardless of KVM support. For this feature to be enabled, via adding it to the qemu commandline (eg: -cpu ,+spec-ctrl,+ssbd), so the guest OS can take advantage of the feature, spec-ctrl and ssbd support is also required in the host. (CVE-2018-3639 bsc#1092885) * Patches dropped: 0094-i386-Compensate-for-KVM-SPEC_CTRL-f.patch * Patches added: 0094-i386-Add-bit-2-of-SPEC_CTRL-MSR-sup.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3- Add new look up path "sys/class/tpm" for tpm cancel path based on Linux 4.0 change (commit 313d21eeab9282e)(bsc#1070615) 0095-tpm-lookup-cancel-path-under-tpm-de.patch- This update has the next round of Spectre v2 related patches, which now integrates with corresponding changes in libvirt. A January 2018 release of qemu initially addressed the Spectre v2 vulnerability for KVM guests by exposing the spec-ctrl feature for all x86 vcpu types, which was the quick and dirty approach, but not the proper solution. We remove that initial patch and now rely on patches from upstream. This update defines spec_ctrl and ibpb cpu feature flags as well as new cpu models which are clones of existing models with either -IBRS or -IBPB added to the end of the model name. These new vcpu models explicitly include the new feature(s), whereas the feature flags can be added to the cpu parameter as with other features. In short, for continued Spectre v2 protection, ensure that either the appropriate cpu feature flag is added to the QEMU command-line, or one of the new cpu models is used. Although migration from older versions is supported, the new cpu features won't be properly exposed to the guest until it is restarted with the cpu features explicitly added. A reboot is insufficient. - A warning patch is added which attempts to detect a migration from a qemu version which had the quick and dirty fix (it only detects certain cases, but hopefully is helpful.) For additional information on Spectre v2 as it relates to QEMU, see: https://www.qemu.org/2018/02/14/qemu-2-11-1-and-spectre-update/ (CVE-2017-5715 bsc#1068032) - A patch is added to continue to detect Spectre v2 mitigation features (as shown by cpuid), and if found provide that feature to guests, even if running on older KVM (kernel) versions which do not yet expose that feature to QEMU. (bsc#1082276) These two patches will be removed when we can reasonably assume everyone is running with the appropriate updates. * Patches dropped: 0065-i386-kvm-MSR_IA32_SPEC_CTRL-and-MSR.patch * Patches added: 0065-i386-Add-support-for-SPEC_CTRL-MSR.patch 0088-x86-cpu-increase-model_id-array-siz.patch 0089-i386-Add-spec-ctrl-CPUID-bit.patch 0090-i386-Add-FEAT_8000_0008_EBX-CPUID-f.patch 0091-i386-Add-new-IBRS-versions-of-Intel.patch 0092-i386-Add-EPYC-IBPB-CPU-model.patch 0093-migration-warn-about-inconsistent-s.patch 0094-i386-Compensate-for-KVM-SPEC_CTRL-f.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3- Security fixes for the following CVE issues: (bsc#1071228 CVE-2017-17381) 0070-virtio-check-VirtQueue-Vring-object.patch (bsc#1068613 CVE-2017-16845) 0071-ps2-check-PS2Queue-pointers-in-post.patch (bsc#1070144 CVE-2017-15119) 0072-nbd-server-CVE-2017-15119-Reject-op.patch (bsc#1076775 CVE-2017-18043) 0073-osdep-Fix-ROUND_UP-64-bit-32-bit.patch (bsc#1076114 CVE-2018-5683) 0074-vga-check-the-validation-of-memory-.patch (bsc#1083291 CVE-2018-7550) 0075-multiboot-check-mh_load_end_addr-ad.patch (bsc#1073489 CVE-2017-15124) 0076-vnc-fix-debug-spelling.patch 0077-ui-remove-sync-parameter-from-vnc_u.patch 0078-ui-remove-unreachable-code-in-vnc_u.patch 0079-ui-remove-redundant-indentation-in-.patch 0080-ui-avoid-pointless-VNC-updates-if-f.patch 0081-ui-track-how-much-decoded-data-we-c.patch 0082-ui-introduce-enum-to-track-VNC-clie.patch 0083-ui-correctly-reset-framebuffer-upda.patch 0084-ui-refactor-code-for-determining-if.patch 0085-ui-fix-VNC-client-throttling-when-a.patch 0086-ui-fix-VNC-client-throttling-when-f.patch 0087-ui-place-a-hard-cap-on-VNC-server-o.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3- Fix pcihp for 1.6 and older machine types (bsc#1074572) 0069-pcihp-fix-pcihp-for-1.6-machine-typ.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3- Spectre fixes for s390x by providing more hw features to guests (bsc#1076813) 0066-header-sync.patch 0067-s390x-kvm-Handle-bpb-feature.patch 0068-s390x-kvm-provide-stfle.81.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3 * Patches added:- Fix packaging dependencies (coreutils) for qemu-ksm package (bsc#1040202)- Pass through to guest info related to x86 security vulnerability (CVE-2017-5715 bsc#1068032) 0065-i386-kvm-MSR_IA32_SPEC_CTRL-and-MSR.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3- Support EPYC vCPU type (bsc#1052825 fate#324038) 0064-target-i386-cpu-Add-new-EPYC-CPU-mo.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3- Add announcement in support docs about qed storage format no longer being supported in next major SLE release (SLE15) (fate#324200) - Address various security/stability issues * Fix DoS in I/O channel websockets (CVE-2017-15268 bsc#1062942) 0061-io-monitor-encoutput-buffer-size-fr.patch * Fix OOB access in cirrus vga device emulation (CVE-2017-15289 bsc#1063122) 0062-cirrus-fix-oob-access-in-mode4and5-.patch * Fix information leak in 9pfs interface (CVE-2017-15038 bsc#1062069) 0063-9pfs-use-g_malloc0-to-allocate-spac.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3- Address various security issues * Fix xen/blkif responses leak stack data (CVE-2017-10911 bsc#1057378) 0056-xen-disk-don-t-leak-stack-data-via-.patch * Fix crash when ide flushes empty CDROM drives (CVE-2017-12809 bsc#1054724) 0057-IDE-Do-not-flush-empty-CDROM-drives.patch 0058-IDE-test-flush-on-empty-CDROM.patch * Fix OOB access while loading kernel via multiboot image (CVE-2017-14167 bsc#1057585) 0059-multiboot-validate-multiboot-header.patch * Fix OOB read access during vga display update (CVE-2017-13672 bsc#1056334) 0060-vga-stop-passing-pointers-to-vga_dr.patch - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP3- Fix case of not being able to build from rpm sources due to undefined macro (boo#1057966) - Fix typo in supported.s390.txt- Updated to v2.9.1, a bug-fix-only release * Updated version carries fixes for the following reported issues: CVE-2017-13711 bsc#1056291 - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12- SP3 * Patches dropped: 0049-ACPI-don-t-call-acpi_pcihp_device_p.patch 0051-input-limit-kbd-queue-depth.patch 0052-audio-release-capture-buffers.patch 0053-scsi-avoid-an-off-by-one-error-in-m.patch 0054-vmw_pvscsi-check-message-ring-page-.patch 0055-9pfs-local-forbid-client-access-to-.patch 0059-Hacks-for-building-on-gcc-7-Fedora-.patch 0060-9pfs-local-fix-unlink-of-alien-file.patch 0061-megasas-do-not-read-DCMD-opcode-mor.patch 0063-nbd-Fully-initialize-client-in-case.patch 0064-9pfs-local-remove-use-correct-path-.patch 0065-hid-Reset-kbd-modifiers-on-reset.patch 0066-input-Decrement-queue-count-on-kbd-.patch 0067-xhci-only-update-dequeue-ptr-on-com.patch 0068-vnc-Set-default-kbd-delay-to-10ms.patch 0069-qemu-nbd-Ignore-SIGPIPE.patch 0070-usb-redir-fix-stack-overflow-in-usb.patch 0071-exec-use-qemu_ram_ptr_length-to-acc.patch 0073-xen-mapcache-store-dma-information-.patch 0074-exec-Add-lock-parameter-to-qemu_ram.patch * Patches renamed: 0050-i386-Allow-cpuid-bit-override.patch - > 0049-i386-Allow-cpuid-bit-override.patch 0056-jazz_led-fix-bad-snprintf.patch - > 0050-jazz_led-fix-bad-snprintf.patch 0057-slirp-smb-Replace-constant-strings-.patch - > 0051-slirp-smb-Replace-constant-strings-.patch 0058-altera_timer-fix-incorrect-memset.patch - > 0052-altera_timer-fix-incorrect-memset.patch 0062-megasas-always-store-SCSIRequest-in.patch - > 0053-megasas-always-store-SCSIRequest-in.patch 0072-slirp-check-len-against-dhcp-option.patch - > 0054-slirp-check-len-against-dhcp-option.patch 0075-Replace-struct-ucontext-with-uconte.patch - > 0055-Replace-struct-ucontext-with-uconte.patch- Fix package build failure as of glibc v2.26 update in Factory (boo#1055587) 0075-Replace-struct-ucontext-with-uconte.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Remove redundant prerequire for pwdutils- Postrequire acl for setfacl- Prerequire shadow for groupadd- The recent security fix for CVE-2017-11334 adversely affects Xen. Include two additional patches to make sure Xen is going to be OK. 0073-xen-mapcache-store-dma-information-.patch 0074-exec-Add-lock-parameter-to-qemu_ram.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Pre-add group kvm for qemu-tools (bsc#1011144)- Fixed a few more inaccuracies in the support docs.- Address various security/stability issues * Fix DOS vulnerability in qemu-nbd (bsc#1046636 CVE-2017-10664) 0069-qemu-nbd-Ignore-SIGPIPE.patch * Fix DOS from stack overflow in debug messages of usb redirection support (bsc#1047674 CVE-2017-10806) 0070-usb-redir-fix-stack-overflow-in-usb.patch * Fix OOB access during DMA operation (CVE-2017-11334 bsc#1048902) 0071-exec-use-qemu_ram_ptr_length-to-acc.patch * Fix OOB access parsing dhcp slirp options (CVE-2017-11434 bsc#1049381) 0072-slirp-check-len-against-dhcp-option.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Fix support docs to indicate ARM64 is now fully L3 supported in SLES 12 SP3. Apply a few additional clarifications in the support docs. (bsc#1050268) - Adjust to libvdeplug-devel package naming changes.- Fix migration with xhci (bsc#1048296) 0067-xhci-only-update-dequeue-ptr-on-com.patch - Increase VNC delay to fix missing keyboard input events (bsc#1031692) 0068-vnc-Set-default-kbd-delay-to-10ms.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Remove build dependency package iasl used for seabios- Fixed stuck state during usb keyboard reset (bsc#1044936) 0065-hid-Reset-kbd-modifiers-on-reset.patch - Fixed keyboard events getting lost (bsc#1044936) 0066-input-Decrement-queue-count-on-kbd-.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Use most recent compiler to build size-critical firmware, instead of hard-coding gcc6 for all target versions (bsc#1043390) * A few upstream ipxe patches were needed for gcc7 compatibility: ipxe-ath-Add-missing-break-statements.patch ipxe-mucurses-Fix-erroneous-__nonnull-attribute.patch - Add --no-renames to the git format-patch command in the git workflow script for better patch compatibility - Address various security/stability issues * Fix potential privilege escalation in virtfs (CVE-2016-9602 bsc#1020427) 0060-9pfs-local-fix-unlink-of-alien-file.patch * Fix DOS in megasas device emulation (CVE-2017-9503 bsc#1043296) 0061-megasas-do-not-read-DCMD-opcode-mor.patch 0062-megasas-always-store-SCSIRequest-in.patch * Fix DOS in qemu-nbd server (CVE-2017-9524 bsc#1043808) 0063-nbd-Fully-initialize-client-in-case.patch * Fix regression introduced by recent virtfs security fixes (bsc#1045035) 0064-9pfs-local-remove-use-correct-path-.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Backport ipxe to support FirstBurstLength (bsc#1040476) ipxe-iscsi-Always-send-FirstBurstLength-parameter.patch- Fixes for gcc7 compatability (bsc#1040228) (in behalf of Liang Yan) 0056-jazz_led-fix-bad-snprintf.patch 0057-slirp-smb-Replace-constant-strings-.patch 0058-altera_timer-fix-incorrect-memset.patch 0059-Hacks-for-building-on-gcc-7-Fedora-.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Protect access to metadata in virtio-9pfs (CVE-2017-7493 bsc#1039495) 0055-9pfs-local-forbid-client-access-to-.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Address various security/stability issues * Fix DOS potential in vnc interface (CVE-2017-8379 bsc#1037334) 0051-input-limit-kbd-queue-depth.patch * Fix DOS potential in vnc interface (CVE-2017-8309 bsc#1037242) 0052-audio-release-capture-buffers.patch * Fix OOB access in megasas device emulation (CVE-2017-8380 bsc#1037336) 0053-scsi-avoid-an-off-by-one-error-in-m.patch * Fix DOS in Vmware pv scsi emulation (CVE-2017-8112 bsc#1036211) 0054-vmw_pvscsi-check-message-ring-page-.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Fix building packages for some older distros. - Further refine our handling of building firmware (or not) for the various arch's and distro versions we build for. Note that if we don't build x86 firmware, (eg: x86 Leap 42.1) the upstream binary blobs are used, which may have migration incompatibilities with previous versions of qemu provided.- Fix issue in shipping qemu v2.9.0, where pci-passthrough for Xen HVM guests got broken (bsc#1034131) 0049-ACPI-don-t-call-acpi_pcihp_device_p.patch - Include experimental, unsupported feature to assist in some performance analysis work. 0050-i386-Allow-cpuid-bit-override.patch- Updated to v2.9.0: See http://wiki.qemu-project.org/ChangeLog/2.9 - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Updated to v2.9.0-rc5: See http://wiki.qemu-project.org/ChangeLog/2.9 * Includes fix for CVE-2017-7471, a virtfs security issue. - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Add empty keyboard queue tracepoint to help openQA testing work better (bsc#1031692) 0048-input-Add-trace-event-for-empty-key.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Updated to v2.9.0-rc4: See http://wiki.qemu-project.org/ChangeLog/2.9 - Enable ceph/rbd support for s390x (bsc#1030068) - Enable ceph/rbd support for ppc* as available - Update ARM in-kernel-timers patch (bsc#1033416) * Patches renamed: 0041-ARM-KVM-Enable-in-kernel-timers-wit.patch -> 0047-ARM-KVM-Enable-in-kernel-timers-wit.patch 0042-string-input-visitor-Fix-uint64-par.patch -> 0041-string-input-visitor-Fix-uint64-par.patch 0043-test-string-input-visitor-Add-int-t.patch -> 0042-test-string-input-visitor-Add-int-t.patch 0044-test-string-input-visitor-Add-uint6.patch -> 0043-test-string-input-visitor-Add-uint6.patch 0045-tests-Add-QOM-property-unit-tests.patch -> 0044-tests-Add-QOM-property-unit-tests.patch 0046-tests-Add-scsi-disk-test.patch -> 0045-tests-Add-scsi-disk-test.patch * Patches added (support patch): 0046-RFC-update-Linux-headers-from-irqs-.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Updated to v2.9.0-rc3: See http://wiki.qemu-project.org/ChangeLog/2.9 * Patches dropped (included in upstream source archive): 0047-hw-intc-arm_gicv3_kvm-Check-KVM_DEV.patch 0048-i386-Replace-uint32_t-with-FeatureW.patch 0049-i386-Don-t-override-cpu-options-on-.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9 - Added additional documentation provided with v2.9.0 - Fix build failure with gcc7 (bsc#1031340) ipxe-build-Avoid-implicit-fallthrough-warnings-on-GCC-7.patch - Made miscellaneous spec file refinements- The support documents included are now fairly accurate for the arm and s390 world, and the x86 version also received a few tweaks. Also included in those docs is a url reference to upstream qemu deprecation plans and discussions. (fate#321146) - Add post v2.9.0-rc2 upstream patches which fix -cpu host and -cpu max feature overrides for libvirt compatability. 0048-i386-Replace-uint32_t-with-FeatureW.patch 0049-i386-Don-t-override-cpu-options-on-.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Updated to v2.9.0-rc2: See http://wiki.qemu-project.org/ChangeLog/2.9 * Includes fix for in guest privilege escalation when using TCG (bsc#1030624) * Patches dropped (equivalent included in upstream source archive): 0047-linux-user-exclude-cpu-model-code-w.patch - Fix failure booting SLE12-SP2 Aarch64 guest (bsc#1031384) 0047-hw-intc-arm_gicv3_kvm-Check-KVM_DEV.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Updated to v2.9.0-rc1: See http://wiki.qemu-project.org/ChangeLog/2.9 * Patches dropped (no longer needed based on what we now build for): 0024-virtfs-proxy-helper-Provide-__u64-f.patch * Patches dropped (included in upstream source archive): 0034-dma-rc4030-limit-interval-timer-rel.patch * Patches renamed: 0025-configure-Enable-PIE-for-ppc-and-pp.patch -> 0024-configure-Enable-PIE-for-ppc-and-pp.patch 0026-AIO-Reduce-number-of-threads-for-32.patch -> 0025-AIO-Reduce-number-of-threads-for-32.patch 0027-dictzip-Fix-on-big-endian-systems.patch -> 0026-dictzip-Fix-on-big-endian-systems.patch 0028-xen_disk-Add-suse-specific-flush-di.patch -> 0027-xen_disk-Add-suse-specific-flush-di.patch 0029-qemu-bridge-helper-reduce-security-.patch -> 0028-qemu-bridge-helper-reduce-security-.patch 0030-qemu-binfmt-conf-use-qemu-ARCH-binf.patch -> 0029-qemu-binfmt-conf-use-qemu-ARCH-binf.patch 0031-configure-Fix-detection-of-seccomp-.patch -> 0030-configure-Fix-detection-of-seccomp-.patch 0032-linux-user-properly-test-for-infini.patch -> 0031-linux-user-properly-test-for-infini.patch 0033-linux-user-remove-all-traces-of-qem.patch -> 0032-linux-user-remove-all-traces-of-qem.patch 0035-roms-Makefile-pass-a-packaging-time.patch -> 0033-roms-Makefile-pass-a-packaging-time.patch 0036-Raise-soft-address-space-limit-to-h.patch -> 0034-Raise-soft-address-space-limit-to-h.patch 0037-increase-x86_64-physical-bits-to-42.patch -> 0035-increase-x86_64-physical-bits-to-42.patch 0038-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch -> 0036-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch 0039-i8254-Fix-migration-from-SLE11-SP2.patch -> 0037-i8254-Fix-migration-from-SLE11-SP2.patch 0040-acpi_piix4-Fix-migration-from-SLE11.patch -> 0038-acpi_piix4-Fix-migration-from-SLE11.patch 0041-Fix-tigervnc-long-press-issue.patch -> 0039-Fix-tigervnc-long-press-issue.patch 0042-fix-xen-hvm-direct-kernel-boot.patch -> 0040-fix-xen-hvm-direct-kernel-boot.patch 0043-ARM-KVM-Enable-in-kernel-timers-wit.patch -> 0041-ARM-KVM-Enable-in-kernel-timers-wit.patch 0044-string-input-visitor-Fix-uint64-par.patch -> 0042-string-input-visitor-Fix-uint64-par.patch 0045-test-string-input-visitor-Add-int-t.patch -> 0043-test-string-input-visitor-Add-int-t.patch 0046-test-string-input-visitor-Add-uint6.patch -> 0044-test-string-input-visitor-Add-uint6.patch 0047-tests-Add-QOM-property-unit-tests.patch -> 0045-tests-Add-QOM-property-unit-tests.patch 0048-tests-Add-scsi-disk-test.patch -> 0046-tests-Add-scsi-disk-test.patch 0049-linux-user-exclude-cpu-model-code-w.patch -> 0047-linux-user-exclude-cpu-model-code-w.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Updated to v2.9.0-rc0: See http://wiki.qemu-project.org/ChangeLog/2.9 * Updated version carries fixes for the following reported issues: CVE-2016-9602 bsc#1020427, CVE-2016-9923 bsc#1014703, CVE-2017-2630 bsc#1025396, CVE-2017-2633 bsc#1026612, CVE-2017-5579 bsc#1021741, CVE-2017-5931 bsc#1024114, CVE-2017-5973 bsc#1025109, CVE-2017-5987 bsc#1025311, CVE-2017-6058 bsc#1025837, CVE-2017-6505 bsc#1028184 * Patches dropped: seabios_128kb.patch (no longer required) * Patches dropped (included in upstream source archive): 0035-net-imx-limit-buffer-descriptor-cou.patch 0045-virtio-gpu-call-cleanup-mapping-fun.patch 0051-virtio-gpu-fix-information-leak-in-.patch 0052-display-cirrus-ignore-source-pitch-.patch 0053-s390x-kvm-fix-small-race-reboot-vs..patch 0054-target-s390x-use-qemu-cpu-model-in-.patch 0056-tests-check-path-to-avoid-a-failing.patch 0057-display-virtio-gpu-3d-check-virgl-c.patch 0058-watchdog-6300esb-add-exit-function.patch 0059-virtio-gpu-3d-fix-memory-leak-in-re.patch 0060-virtio-gpu-fix-memory-leak-in-resou.patch 0061-virtio-fix-vq-inuse-recalc-after-mi.patch 0062-audio-es1370-add-exit-function.patch 0063-audio-ac97-add-exit-function.patch 0064-megasas-fix-guest-triggered-memory-.patch 0065-cirrus-handle-negative-pitch-in-cir.patch 0066-cirrus-fix-blit-address-mask-handli.patch 0067-cirrus-fix-oob-access-issue-CVE-201.patch 0068-usb-ccid-check-ccid-apdu-length.patch 0069-sd-sdhci-check-data-length-during-d.patch 0070-virtio-gpu-fix-resource-leak-in-vir.patch 0071-cirrus-fix-patterncopy-checks.patch 0072-cirrus-add-blit_is_unsafe-call-to-c.patch * Patches renamed: 0036-roms-Makefile-pass-a-packaging-time.patch -> 0035-roms-Makefile-pass-a-packaging-time.patch 0037-Raise-soft-address-space-limit-to-h.patch -> 0036-Raise-soft-address-space-limit-to-h.patch 0038-increase-x86_64-physical-bits-to-42.patch -> 0037-increase-x86_64-physical-bits-to-42.patch 0039-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch -> 0038-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch 0040-i8254-Fix-migration-from-SLE11-SP2.patch -> 0039-i8254-Fix-migration-from-SLE11-SP2.patch 0041-acpi_piix4-Fix-migration-from-SLE11.patch -> 0040-acpi_piix4-Fix-migration-from-SLE11.patch 0042-Fix-tigervnc-long-press-issue.patch -> 0041-Fix-tigervnc-long-press-issue.patch 0043-fix-xen-hvm-direct-kernel-boot.patch -> 0042-fix-xen-hvm-direct-kernel-boot.patch 0044-ARM-KVM-Enable-in-kernel-timers-wit.patch -> 0043-ARM-KVM-Enable-in-kernel-timers-wit.patch 0046-string-input-visitor-Fix-uint64-par.patch -> 0044-string-input-visitor-Fix-uint64-par.patch 0047-test-string-input-visitor-Add-int-t.patch -> 0045-test-string-input-visitor-Add-int-t.patch 0048-test-string-input-visitor-Add-uint6.patch -> 0046-test-string-input-visitor-Add-uint6.patch 0049-tests-Add-QOM-property-unit-tests.patch -> 0047-tests-Add-QOM-property-unit-tests.patch 0050-tests-Add-scsi-disk-test.patch -> 0048-tests-Add-scsi-disk-test.patch 0055-linux-user-exclude-cpu-model-code-w.patch -> 0049-linux-user-exclude-cpu-model-code-w.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9- Buildignore for the global gcc-PIE, as this package enables PIE on its own and has troubles if all use it. (meissner@suse.com)- Address various security/stability issues * Fix OOB access in virito-gpu-3d (CVE-2016-10028 bsc#1017084 bsc#1016503) 0057-display-virtio-gpu-3d-check-virgl-c.patch * Fix DOS in Intel 6300ESB device emulation (CVE-2016-10155 bsc#1021129) 0058-watchdog-6300esb-add-exit-function.patch * Fix DOS in virtio-gpu-3d (CVE-2017-5552 bsc#1021195) 0059-virtio-gpu-3d-fix-memory-leak-in-re.patch * Fix DOS in virtio-gpu (CVE-2017-5578 bsc#1021481) 0060-virtio-gpu-fix-memory-leak-in-resou.patch * Fix cause of infrequent migration failures from bad virtio device state. (bsc#1020928) 0061-virtio-fix-vq-inuse-recalc-after-mi.patch * Fix DOS in es1370 emulated audio device (CVE-2017-5526 bsc#1020589) 0062-audio-es1370-add-exit-function.patch * Fix DOS in ac97 emulated audio device (CVE-2017-5525 bsc#1020491) 0063-audio-ac97-add-exit-function.patch * Fix DOS in megasas device emulation (CVE-2017-5856 bsc#1023053) 0064-megasas-fix-guest-triggered-memory-.patch * Fix various inaccuracies in cirrus vga device emulation 0065-cirrus-handle-negative-pitch-in-cir.patch 0066-cirrus-fix-blit-address-mask-handli.patch * Fix OOB access in cirrus vga emulation (CVE-2017-2615 bsc#1023004) 0067-cirrus-fix-oob-access-issue-CVE-201.patch * Fix DOS in usb CCID card device emulator (CVE-2017-5898 bsc#1023907) 0068-usb-ccid-check-ccid-apdu-length.patch * Fix OOB access in SDHCI device emulation (CVE-2017-5667 bsc#1022541) 0069-sd-sdhci-check-data-length-during-d.patch * Fix DOS in virtio-gpu-3d (CVE-2017-5857 bsc#1023073) 0070-virtio-gpu-fix-resource-leak-in-vir.patch * Fix cirrus patterncopy checks 0071-cirrus-fix-patterncopy-checks.patch * Fix OOB access in cirrus vga emulation (CVE-2017-2620 bsc#1024972) 0072-cirrus-add-blit_is_unsafe-call-to-c.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8- Fix name of s390x specific sysctl configuration file to end with .conf (bsc#1026583)- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8 * Check that sysfs path exists before running test which requires it. This allows qemu-testsuite to succeed in local build service chroot based package build. 0056-tests-check-path-to-avoid-a-failing.patch- Factory and SLE12-SP3 got a name change in the dtc devel package: libfdt1-devel -> libfdt-devel. Adjust our spec file accordingly.- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8 * Patches added: 0055-linux-user-exclude-cpu-model-code-w.patch- Make sure qemu guest agent is usable as soon as qemu-guest-agent package is installed. The previous post script was still not doing the job. - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8 * Fix potential hang/crash rebooting s390x guest 0053-s390x-kvm-fix-small-race-reboot-vs..patch * Fix s390x linux-user failure since v2.8.0 update 0054-target-s390x-use-qemu-cpu-model-in-.patch- Merge qemu packages from openSUSE and SUSE SLE releases together for the v2.8 qemu update. The qemu.changes file is the openSUSE version with this entry providing CVE, FATE, and bugzilla references from the SUSE SLE qemu package to date (see below) - Updated to v2.8.0: See http://wiki.qemu-project.org/ChangeLog/2.8 * For SUSE SLE-12-SP3, update relates to fate#319684, fate#321331, fate#321335, fate#321339, fate#321349, fate#321857 * For best compatibility, qemu-ifup and kvm_stat scripts now owned by qemu package * Build ipxe roms with gcc6 to maintain SLE legacy migration compatibility requirements * qmp-commands.txt file removed, to resurface in future doc reorganization * qemu-tech.html file merged into other existing doc * trace-events renamed to trace-events-all - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.8 * Patches dropped (upstream): 0013-linux-user-lock-tcg.patch 0014-linux-user-Run-multi-threaded-code-.patch 0015-linux-user-lock-tb-flushing-too.patch 0017-linux-user-implement-FS_IOC_GETFLAG.patch 0018-linux-user-implement-FS_IOC_SETFLAG.patch 0034-xen-SUSE-xenlinux-unplug-for-emulat.patch 0039-Fix-tlb_vaddr_to_host-with-CONFIG_U.patch 0041-vmsvga-correct-bitmap-and-pixmap-si.patch 0042-scsi-mptconfig-fix-an-assert-expres.patch 0043-scsi-mptconfig-fix-misuse-of-MPTSAS.patch 0044-scsi-pvscsi-limit-loop-to-fetch-SG-.patch 0045-usb-xhci-fix-memory-leak-in-usb_xhc.patch 0046-scsi-mptsas-use-g_new0-to-allocate-.patch 0047-scsi-pvscsi-limit-process-IO-loop-t.patch 0048-virtio-add-check-for-descriptor-s-m.patch 0049-net-mcf-limit-buffer-descriptor-cou.patch 0050-usb-ehci-fix-memory-leak-in-ehci_pr.patch 0051-xhci-limit-the-number-of-link-trbs-.patch 0052-9pfs-allocate-space-for-guest-origi.patch 0053-9pfs-fix-memory-leak-in-v9fs_link.patch 0054-9pfs-fix-potential-host-memory-leak.patch 0055-9pfs-fix-information-leak-in-xattr-.patch 0056-9pfs-fix-memory-leak-in-v9fs_xattrc.patch 0057-9pfs-fix-memory-leak-in-v9fs_write.patch 0058-char-serial-check-divider-value-aga.patch 0059-net-pcnet-check-rx-tx-descriptor-ri.patch 0060-net-eepro100-fix-memory-leak-in-dev.patch 0061-net-rocker-set-limit-to-DMA-buffer-.patch 0062-net-vmxnet-initialise-local-tx-desc.patch 0063-net-rtl8139-limit-processing-of-rin.patch 0064-audio-intel-hda-check-stream-entry-.patch 0065-virtio-gpu-fix-memory-leak-in-virti.patch 0066-9pfs-fix-integer-overflow-issue-in-.patch slof_xhci.patch * Patches renamed: 0016-linux-user-Fake-proc-cpuinfo.patch -> 0013-linux-user-Fake-proc-cpuinfo.patch 0019-linux-user-XXX-disable-fiemap.patch -> 0014-linux-user-XXX-disable-fiemap.patch 0020-slirp-nooutgoing.patch -> 0015-slirp-nooutgoing.patch 0021-vnc-password-file-and-incoming-conn.patch -> 0016-vnc-password-file-and-incoming-conn.patch 0022-linux-user-use-target_ulong.patch -> 0017-linux-user-use-target_ulong.patch 0023-block-Add-support-for-DictZip-enabl.patch -> 0018-block-Add-support-for-DictZip-enabl.patch 0024-block-Add-tar-container-format.patch -> 0019-block-Add-tar-container-format.patch 0025-Legacy-Patch-kvm-qemu-preXX-dictzip.patch -> 0020-Legacy-Patch-kvm-qemu-preXX-dictzip.patch 0026-console-add-question-mark-escape-op.patch -> 0021-console-add-question-mark-escape-op.patch 0027-Make-char-muxer-more-robust-wrt-sma.patch -> 0022-Make-char-muxer-more-robust-wrt-sma.patch 0028-linux-user-lseek-explicitly-cast-no.patch -> 0023-linux-user-lseek-explicitly-cast-no.patch 0029-virtfs-proxy-helper-Provide-__u64-f.patch -> 0024-virtfs-proxy-helper-Provide-__u64-f.patch 0030-configure-Enable-PIE-for-ppc-and-pp.patch -> 0025-configure-Enable-PIE-for-ppc-and-pp.patch 0031-AIO-Reduce-number-of-threads-for-32.patch -> 0026-AIO-Reduce-number-of-threads-for-32.patch 0032-dictzip-Fix-on-big-endian-systems.patch -> 0027-dictzip-Fix-on-big-endian-systems.patch 0033-xen_disk-Add-suse-specific-flush-di.patch -> 0028-xen_disk-Add-suse-specific-flush-di.patch 0035-qemu-bridge-helper-reduce-security-.patch -> 0029-qemu-bridge-helper-reduce-security-.patch 0036-qemu-binfmt-conf-use-qemu-ARCH-binf.patch -> 0030-qemu-binfmt-conf-use-qemu-ARCH-binf.patch 0037-configure-Fix-detection-of-seccomp-.patch -> 0031-configure-Fix-detection-of-seccomp-.patch 0038-linux-user-properly-test-for-infini.patch -> 0032-linux-user-properly-test-for-infini.patch 0040-linux-user-remove-all-traces-of-qem.patch -> 0033-linux-user-remove-all-traces-of-qem.patch 0067-dma-rc4030-limit-interval-timer-rel.patch -> 0034-dma-rc4030-limit-interval-timer-rel.patch 0068-net-imx-limit-buffer-descriptor-cou.patch -> 0035-net-imx-limit-buffer-descriptor-cou.patch 0069-roms-Makefile-pass-a-packaging-time.patch -> 0036-roms-Makefile-pass-a-packaging-time.patch * Patches added: 0037-Raise-soft-address-space-limit-to-h.patch 0038-increase-x86_64-physical-bits-to-42.patch 0039-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch 0040-i8254-Fix-migration-from-SLE11-SP2.patch 0041-acpi_piix4-Fix-migration-from-SLE11.patch 0042-Fix-tigervnc-long-press-issue.patch 0043-fix-xen-hvm-direct-kernel-boot.patch 0044-ARM-KVM-Enable-in-kernel-timers-wit.patch 0045-virtio-gpu-call-cleanup-mapping-fun.patch 0046-string-input-visitor-Fix-uint64-par.patch 0047-test-string-input-visitor-Add-int-t.patch 0048-test-string-input-visitor-Add-uint6.patch 0049-tests-Add-QOM-property-unit-tests.patch 0050-tests-Add-scsi-disk-test.patch 0051-virtio-gpu-fix-information-leak-in-.patch 0052-display-cirrus-ignore-source-pitch-.patch ipxe-use-gcc6-for-more-compact-code.patch * SLE patches dropped (accounted for in above listed changes): 0002-qemu-0.9.0.cvs-binfmt.patch 0009-block-vmdk-Support-creation-of-SCSI.patch 0010-linux-user-add-binfmt-wrapper-for-a.patch 0011-PPC-KVM-Disable-mmu-notifier-check.patch 0012-linux-user-fix-segfault-deadlock.patch 0013-linux-user-binfmt-support-host-bina.patch 0014-linux-user-Ignore-broken-loop-ioctl.patch 0015-linux-user-lock-tcg.patch 0016-linux-user-Run-multi-threaded-code-.patch 0017-linux-user-lock-tb-flushing-too.patch 0018-linux-user-Fake-proc-cpuinfo.patch 0019-linux-user-implement-FS_IOC_GETFLAG.patch 0020-linux-user-implement-FS_IOC_SETFLAG.patch 0021-linux-user-XXX-disable-fiemap.patch 0022-slirp-nooutgoing.patch 0023-vnc-password-file-and-incoming-conn.patch 0024-linux-user-add-more-blk-ioctls.patch 0025-linux-user-use-target_ulong.patch 0026-block-Add-support-for-DictZip-enabl.patch 0027-block-Add-tar-container-format.patch 0028-Legacy-Patch-kvm-qemu-preXX-dictzip.patch 0029-console-add-question-mark-escape-op.patch 0030-Make-char-muxer-more-robust-wrt-sma.patch 0031-linux-user-lseek-explicitly-cast-no.patch 0032-virtfs-proxy-helper-Provide-_u64-f.patch 0033-configure-Enable-PIE-for-ppc-and-pp.patch 0034-Raise-soft-address-space-limit-to-h.patch 0035-increase-x86_64-physical-bits-to-42.patch 0036-vnc-provide-fake-color-map.patch 0037-vga-Raise-VRAM-to-16-MiB-for-pc-0.1.patch 0038-i8254-Fix-migration-from-SLE11-SP2.patch 0039-acpi_piix4-Fix-migration-from-SLE11.patch 0040-qtest-Increase-socket-timeout-to-ac.patch 0041-dictzip-Fix-on-big-endian-systems.patch 0043-xen_disk-Add-suse-specific-flush-di.patch 0044-Split-large-discard-requests-from-b.patch 0045-fix-xen-hvm-direct-kernel-boot.patch 0046-xen-introduce-dummy-system-device.patch 0047-xen-write-information-about-support.patch 0048-xen-add-pvUSB-backend.patch 0049-xen-move-xen_sysdev-to-xen_backend..patch 0050-vnc-add-configurable-keyboard-delay.patch 0051-xen-SUSE-xenlinux-unplug-for-emulat.patch 0052-configure-add-echo_version-helper.patch 0053-configure-support-vte-2.91.patch 0054-scsi-esp-fix-migration.patch 0055-hw-arm-virt-mark-the-PCIe-host-cont.patch 0056-xen-when-removing-a-backend-don-t-r.patch 0057-xen-drain-submit-queue-in-xen-usb-b.patch 0058-qcow2-avoid-extra-flushes-in-qcow2.patch 0059-qemu-bridge-helper-reduce-security-.patch 0060-xen-use-a-common-function-for-pv-an.patch 0061-xen_platform-unplug-also-SCSI-disks.patch 0062-virtio-check-vring-descriptor-buffe.patch 0063-net-vmxnet3-check-for-device_active.patch 0064-net-vmxnet-initialise-local-tx-desc.patch 0065-scsi-pvscsi-avoid-infinite-loop-whi.patch 0066-ARM-KVM-Enable-in-kernel-timers-wit.patch 0067-hw-net-Fix-a-heap-overflow-in-xlnx..patch 0068-vmsvga-correct-bitmap-and-pixmap-si.patch 0069-usb-xhci-fix-memory-leak-in-usb_xhc.patch 0070-virtio-add-check-for-descriptor-s-m.patch 0071-net-mcf-limit-buffer-descriptor-cou.patch 0072-usb-ehci-fix-memory-leak-in-ehci_pr.patch 0073-xhci-limit-the-number-of-link-trbs-.patch 0074-9pfs-allocate-space-for-guest-origi.patch 0075-9pfs-fix-memory-leak-in-v9fs_link.patch 0076-9pfs-fix-potential-host-memory-leak.patch 0077-9pfs-fix-memory-leak-in-v9fs_write.patch 0078-char-serial-check-divider-value-aga.patch 0079-net-pcnet-check-rx-tx-descriptor-ri.patch 0080-net-eepro100-fix-memory-leak-in-dev.patch 0081-net-rocker-set-limit-to-DMA-buffer-.patch 0082-net-rtl8139-limit-processing-of-rin.patch 0083-audio-intel-hda-check-stream-entry-.patch 0084-virtio-gpu-fix-memory-leak-in-virti.patch 0085-9pfs-fix-integer-overflow-issue-in-.patch 0086-dma-rc4030-limit-interval-timer-rel.patch 0087-net-imx-limit-buffer-descriptor-cou.patch 0088-target-i386-Implement-CPUID-0xB-Ext.patch 0089-target-i386-present-virtual-L3-cach.patch 0090-migration-fix-inability-to-save-VM-.patch 0091-ui-gtk-Fix-a-runtime-warning-on-vte.patch 0092-gtk-don-t-leak-the-GtkBorder-with-V.patch 0093-xen-fix-ioreq-handling.patch 0094-macio-Use-blk_drain-instead-of-blk_.patch 0095-rbd-Switch-rbd_start_aio-to-byte-ba.patch 0096-virtio-blk-Release-s-rq-queue-at-sy.patch 0097-virtio-blk-Remove-stale-comment-abo.patch 0098-block-reintroduce-bdrv_flush_all.patch 0099-qemu-use-bdrv_flush_all-for-vm_stop.patch 0100-block-backend-remove-blkflush_all.patch 0101-char-fix-missing-return-in-error-pa.patch 0102-rbd-shift-byte-count-as-a-64-bit-va.patch 0103-mirror-use-bdrv_drained_begin-bdrv_.patch 0104-block-curl-Use-BDRV_SECTOR_SIZE.patch 0105-block-curl-Fix-return-value-from-cu.patch 0106-block-curl-Remember-all-sockets.patch 0107-block-curl-Do-not-wait-for-data-bey.patch 0108-virtio-allow-per-device-class-legac.patch 0109-virtio-net-mark-VIRTIO_NET_F_GSO-as.patch 0110-vhost-adapt-vhost_verify_ring_mappi.patch 0111-ivshmem-Fix-64-bit-memory-bar-confi.patch 0112-intel_iommu-fix-incorrect-device-in.patch 0113-9pfs-fix-information-leak-in-xattr-.patch 0114-9pfs-fix-memory-leak-in-v9fs_xattrc.patch 0115-net-mcf-check-receive-buffer-size-r.patch 0116-virtio-gpu-fix-memory-leak-in-updat.patch 0117-virtio-gpu-fix-information-leak-in-.patch 0118-9pfs-adjust-the-order-of-resource-c.patch 0119-9pfs-add-cleanup-operation-in-FileO.patch 0120-9pfs-add-cleanup-operation-for-hand.patch 0121-9pfs-add-cleanup-operation-for-prox.patch 0122-virtio-gpu-call-cleanup-mapping-fun.patch 0123-string-input-visitor-Fix-uint64-par.patch 0124-test-string-input-visitor-Add-int-t.patch 0125-test-string-input-visitor-Add-uint6.patch 0126-tests-Add-QOM-property-unit-tests.patch 0127-tests-Add-scsi-disk-test.patch 0128-usb-ehci-fix-memory-leak-in-ehci_in.patch 0129-usbredir-free-vm_change_state_handl.patch 0130-virtio-gpu-fix-information-leak-in-.patch ipxe-ath9k-Fix-buffer-overrun-for-ar9287.patch ipxe-ath-Fix-building-with-GCC-6.patch ipxe-efi-fix-garbage-bytes-in-device-path.patch ipxe-efi-fix-uninitialised-data-in-HII.patch ipxe-legacy-Fix-building-with-GCC-6.patch ipxe-mucurses-Fix-GCC-6-nonnull-compare-errors.patch ipxe-sis190-Fix-building-with-GCC-6.patch ipxe-skge-Fix-building-with-GCC-6.patch ipxe-util-v5.24-perl-errors-on-redeclare.patch - SLE CVE, FATE, and bugzilla references not otherwise listed in this changelog file. The intent of this list is to indicate that the fix or feature continues the line of inheritance in the development stream of this package. The list is intended to satisfy searches only - refer to the SLE-12-SP2 changelog file for additional details. * fate#314468 fate#314497 fate#315125 fate#315467 fate#317015 fate#317741 fate#317763 fate#318349 fate#319660 fate#319979 fate#321010 * bnc#812983 bnc#869026 bnc#869746 bnc#874413 bnc#875582 bnc#875870 bnc#877642 bnc#877645 bnc#878541 bsc#882405 bsc#886378 bnc#893339 bnc#893892 bnc#895369 bnc#896726 bnc#897654 bnc#905097 bnc#907805 bnc#908380 bnc#914521 bsc#924018 bsc#929339 bsc#932267 bsc#932770 bsc#933981 bsc#936537 bsc#937125 bsc#938344 bsc#940929 bsc#942845 bsc#943446 bsc#944697 bsc#945404 bsc#945987 bsc#945989 bsc#946020 bsc#947159 bnc#953518 bsc#954864 bsc#956829 bsc#957162 bsc#958491 bsc#958917 bsc#959005 bsc#959386 bsc#960334 bsc#960708 bsc#960725 bsc#960835 bsc#961333 bsc#961556 bsc#961691 bsc#962320 bsc#963782 bsc#964413 bsc#970791 bsc#974141 bsc#978158 bsc#979473 bsc#982365 bsc#989655 bsc#991466 bsc#994771 bsc#994774 bsc#996441 bsc#997858 bsc#999212 bsc#1001151 bsc#1002116 bsc#1005353 boo#1007263 bsc#1007769 bsc#1008519 bsc#1009109 bsc#1013285 bsc#1013341 bsc#1013764 bsc#1013767 bsc#1014109 bsc#1014110 bsc#1014111 bsc#1014112 bsc#1014256 bsc#1014514 bsc#1014702 bsc#1015169 bsc#1016779 * CVE-2014-0222 CVE-2014-0223 CVE-2014-3461 CVE-2014-3640 CVE-2014-7840 CVE-2014-8106 CVE-2015-1779 CVE-2015-3209 CVE-2015-4037 CVE-2015-5154 CVE-2015-5225 CVE-2015-5278 CVE-2015-5279 CVE-2015-5745 CVE-2015-6815 CVE-2015-6855 CVE-2015-7295 CVE-2015-7512 CVE-2015-7549 CVE-2015-8345 CVE-2015-8504 CVE-2015-8558 CVE-2015-8567 CVE-2015-8568 CVE-2015-8613 CVE-2015-8619 CVE-2015-8743 CVE-2015-8744 CVE-2015-8745 CVE-2016-1568 CVE-2016-1714 CVE-2016-1922 CVE-2016-1981 CVE-2016-2198 CVE-2016-3710 CVE-2016-6490 CVE-2016-6833 CVE-2016-6888 CVE-2016-7116 CVE-2016-7155 CVE-2016-7161 CVE-2016-9381 CVE-2016-9776 CVE-2016-9845 CVE-2016-9846 CVE-2016-9907 CVE-2016-9908 CVE-2016-9911 CVE-2016-9912 CVE-2016-9913 CVE-2016-9921 CVE-2016-9922- Despite the previous entry about re-enabling ceph on Nov 19, 2016 the change wasn't actually done. Do it now.- sgabios-stable-buildid.patch: Use geeko@buildhost- slof_xhci.patch: XHCI fixes (boo#977027)- Recommend x86 ROMs for emulated PCI cards on ppc, arm, others (bsc#1005869, michals)- Tidy SLOF patch boilerplate (michals)- Build with spice on all archs. (boo#1009438, michals)- Refine the approach to producing stable builds in our ROM based packages. All built roms which have hostname or date calls now produce consistent results build to build via patch changes, so remove the hostname and date call workarounds. (bsc#1011213) - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patches added: 0069-roms-Makefile-pass-a-packaging-time.patch sgabios-stable-buildid.patch- Re-enable ceph (rbd) functionality in OBS builds as we've been told the issues which prompted us to disable it are resolved - Address various security/stability issues * Fix OOB access in VMware SVGA emulation (CVE-2016-7170 bsc#998516) 0041-vmsvga-correct-bitmap-and-pixmap-si.patch * Fix DOS in LSI SAS1068 emulation (CVE-2016-7157 bsc#997860) 0042-scsi-mptconfig-fix-an-assert-expres.patch 0043-scsi-mptconfig-fix-misuse-of-MPTSAS.patch * Fix DOS in Vmware pv scsi interface (CVE-2016-7156 bsc#997859) 0044-scsi-pvscsi-limit-loop-to-fetch-SG-.patch * Fix DOS in USB xHCI emulation (CVE-2016-7466 bsc#1000345) 0045-usb-xhci-fix-memory-leak-in-usb_xhc.patch * Fix OOB access in LSI SAS1068 emulation (CVE-2016-7423 bsc#1000397) 0046-scsi-mptsas-use-g_new0-to-allocate-.patch * Fix DOS in Vmware pv scsi interface (CVE-2016-7421 bsc#999661) 0047-scsi-pvscsi-limit-process-IO-loop-t.patch * Fix NULL pointer dereference in virtio processing (CVE-2016-7422 bsc#1000346) 0048-virtio-add-check-for-descriptor-s-m.patch * Fix DOS in ColdFire Fast Ethernet Controller emulation (CVE-2016-7908 bsc#1002550) 0049-net-mcf-limit-buffer-descriptor-cou.patch * Fix DOS in USB EHCI emulation (CVE-2016-7995 bsc#1003612) 0050-usb-ehci-fix-memory-leak-in-ehci_pr.patch * Fix DOS in USB xHCI emulation (CVE-2016-8576 bsc#1003878) 0051-xhci-limit-the-number-of-link-trbs-.patch * Fix DOS in virtio-9pfs (CVE-2016-8578 bsc#1003894) 0052-9pfs-allocate-space-for-guest-origi.patch * Fix DOS in virtio-9pfs (CVE-2016-9105 bsc#1007494) 0053-9pfs-fix-memory-leak-in-v9fs_link.patch * Fix DOS in virtio-9pfs (CVE-2016-8577 bsc#1003893) 0054-9pfs-fix-potential-host-memory-leak.patch * Plug data leak in virtio-9pfs interface (CVE-2016-9103 bsc#1007454) 0055-9pfs-fix-information-leak-in-xattr-.patch * Fix DOS in virtio-9pfs interface (CVE-2016-9102 bsc#1007450) 0056-9pfs-fix-memory-leak-in-v9fs_xattrc.patch * Fix DOS in virtio-9pfs (CVE-2016-9106 bsc#1007495) 0057-9pfs-fix-memory-leak-in-v9fs_write.patch * Fix DOS in 16550A UART emulation (CVE-2016-8669 bsc#1004707) 0058-char-serial-check-divider-value-aga.patch * Fix DOS in PC-Net II emulation (CVE-2016-7909 bsc#1002557) 0059-net-pcnet-check-rx-tx-descriptor-ri.patch * Fix DOS in PRO100 emulation (CVE-2016-9101 bsc#1007391) 0060-net-eepro100-fix-memory-leak-in-dev.patch * Fix OOB access in Rocker switch emulation (CVE-2016-8668 bsc#1004706) 0061-net-rocker-set-limit-to-DMA-buffer-.patch * Plug data leak in vmxnet3 emulation (CVE-2016-6836 bsc#994760) 0062-net-vmxnet-initialise-local-tx-desc.patch * Fix DOS in RTL8139 emulation (CVE-2016-8910 bsc#1006538) 0063-net-rtl8139-limit-processing-of-rin.patch * Fix DOS in Intel HDA controller emulation (CVE-2016-8909 bsc#1006536) 0064-audio-intel-hda-check-stream-entry-.patch * Fix DOS in virtio-gpu (CVE-2016-7994 bsc#1003613) 0065-virtio-gpu-fix-memory-leak-in-virti.patch * Fix DOS in virtio-9pfs (CVE-2016-9104 bsc#1007493) 0066-9pfs-fix-integer-overflow-issue-in-.patch * Fix DOS in JAZZ RC4030 emulation (CVE-2016-8667 bsc#1004702) 0067-dma-rc4030-limit-interval-timer-rel.patch * Fix DOS in i.MX NIC emulation (CVE-2016-7907 bsc#1002549) 0068-net-imx-limit-buffer-descriptor-cou.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7- Use fixed timestamps and stable build_id in ipxe and other ROMs * Patches added: ipxe-stable-buildid.patch- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patch updated: 0040-linux-user-skip-0-flag-from-proc-se.patch -> 0040-linux-user-remove-all-traces-of-qem.patch- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patches added: 0040-linux-user-skip-0-flag-from-proc-se.patch- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patches added: 0039-Fix-tlb_vaddr_to_host-with-CONFIG_U.patch- Document two new options, but leave jemalloc disabled for now - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patches dropped: 0034-build-link-with-libatomic-on-powerp.patch * Patches renamed: 0035-xen-SUSE-xenlinux-unplug-for-emulat.patch -> 0034-xen-SUSE-xenlinux-unplug-for-emulat.patch 0036-qemu-bridge-helper-reduce-security-.patch -> 0035-qemu-bridge-helper-reduce-security-.patch 0037-qemu-binfmt-conf-use-qemu-ARCH-binf.patch -> 0036-qemu-binfmt-conf-use-qemu-ARCH-binf.patch 0038-configure-Fix-detection-of-seccomp-.patch -> 0037-configure-Fix-detection-of-seccomp-.patch 0039-linux-user-properly-test-for-infini.patch -> 0038-linux-user-properly-test-for-infini.patch- Updated to v2.7.0: See http://wiki.qemu-project.org/ChangeLog/2.7 - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patches added: 0039-linux-user-properly-test-for-infini.patch- Use new kvm_stat package where available, else provide updated kvm_stat script.- Update to v2.7.0-rc5: See http://wiki.qemu-project.org/ChangeLog/2.7- Updated to v2.7.0-rc2: See http://wiki.qemu-project.org/ChangeLog/2.7 * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7 * Patches dropped: 0002-qemu-0.9.0.cvs-binfmt.patch (script rewritten upstream) 0009-block-vmdk-Support-creation-of-SCSI.patch (deprecated) 0014-linux-user-Ignore-broken-loop-ioctl.patch (implemented upstream) 0024-linux-user-add-more-blk-ioctls.patch (more implemented upstream) 0034-qtest-Increase-socket-timeout.patch (increased further upstream) 0036-configure-Enable-libseccomp-for-ppc.patch (enabled upstream) 0038-block-split-large-discard-requests-.patch 0041-xen-introduce-dummy-system-device.patch 0042-xen-write-information-about-support.patch 0043-xen-add-pvUSB-backend.patch 0044-xen-move-xen_sysdev-to-xen_backend..patch 0045-vnc-add-configurable-keyboard-delay.patch 0046-configure-add-echo_version-helper.patch 0047-configure-support-vte-2.91.patch 0048-hw-arm-virt-mark-the-PCIe-host-cont.patch 0050-scsi-esp-fix-migration.patch 0051-xen-when-removing-a-backend-don-t-r.patch 0052-xen-drain-submit-queue-in-xen-usb-b.patch 0053-qcow2-avoid-extra-flushes-in-qcow2.patch 0055-xen-use-a-common-function-for-pv-an.patch ipxe-ath9k-Fix-buffer-overrun-for-ar9287.patch ipxe-mucurses-Fix-GCC-6-nonnull-compare-errors.patch ipxe-sis190-Fix-building-with-GCC-6.patch ipxe-skge-Fix-building-with-GCC-6.patch ipxe-ath-Fix-building-with-GCC-6.patch ipxe-legacy-Fix-building-with-GCC-6.patch ipxe-util-v5.24-perl-errors-on-redeclare.patch ipxe-efi-fix-garbage-bytes-in-device-path.patch ipxe-efi-fix-uninitialised-data-in-HII.patch * Patches renamed: 0010-linux-user-add-binfmt-wrapper-for-a.patch -> 0009-linux-user-add-binfmt-wrapper-for-a.patch 0011-PPC-KVM-Disable-mmu-notifier-check.patch -> 0010-PPC-KVM-Disable-mmu-notifier-check.patch 0012-linux-user-fix-segfault-deadlock.patch -> 0011-linux-user-fix-segfault-deadlock.patch 0013-linux-user-binfmt-support-host-bina.patch -> 0012-linux-user-binfmt-support-host-bina.patch 0015-linux-user-lock-tcg.patch -> 0013-linux-user-lock-tcg.patch 0016-linux-user-Run-multi-threaded-code-.patch -> 0014-linux-user-Run-multi-threaded-code-.patch 0017-linux-user-lock-tb-flushing-too.patch -> 0015-linux-user-lock-tb-flushing-too.patch 0018-linux-user-Fake-proc-cpuinfo.patch -> 0016-linux-user-Fake-proc-cpuinfo.patch 0019-linux-user-implement-FS_IOC_GETFLAG.patch -> 0017-linux-user-implement-FS_IOC_GETFLAG.patch 0020-linux-user-implement-FS_IOC_SETFLAG.patch -> 0018-linux-user-implement-FS_IOC_SETFLAG.patch 0021-linux-user-XXX-disable-fiemap.patch -> 0019-linux-user-XXX-disable-fiemap.patch 0022-slirp-nooutgoing.patch -> 0020-slirp-nooutgoing.patch 0023-vnc-password-file-and-incoming-conn.patch -> 0021-vnc-password-file-and-incoming-conn.patch 0025-linux-user-use-target_ulong.patch -> 0022-linux-user-use-target_ulong.patch 0026-block-Add-support-for-DictZip-enabl.patch -> 0023-block-Add-support-for-DictZip-enabl.patch 0027-block-Add-tar-container-format.patch -> 0024-block-Add-tar-container-format.patch 0028-Legacy-Patch-kvm-qemu-preXX-dictzip.patch -> 0025-Legacy-Patch-kvm-qemu-preXX-dictzip.patch 0029-console-add-question-mark-escape-op.patch -> 0026-console-add-question-mark-escape-op.patch 0030-Make-char-muxer-more-robust-wrt-sma.patch -> 0027-Make-char-muxer-more-robust-wrt-sma.patch 0031-linux-user-lseek-explicitly-cast-no.patch -> 0028-linux-user-lseek-explicitly-cast-no.patch 0032-virtfs-proxy-helper-Provide-__u64-f.patch -> 0029-virtfs-proxy-helper-Provide-__u64-f.patch 0033-configure-Enable-PIE-for-ppc-and-pp.patch -> 0030-configure-Enable-PIE-for-ppc-and-pp.patch 0035-AIO-Reduce-number-of-threads-for-32.patch -> 0031-AIO-Reduce-number-of-threads-for-32.patch 0037-dictzip-Fix-on-big-endian-systems.patch -> 0032-dictzip-Fix-on-big-endian-systems.patch 0039-xen_disk-Add-suse-specific-flush-di.patch -> 0033-xen_disk-Add-suse-specific-flush-di.patch 0040-build-link-with-libatomic-on-powerp.patch -> 0034-build-link-with-libatomic-on-powerp.patch 0049-xen-SUSE-xenlinux-unplug-for-emulat.patch -> 0035-xen-SUSE-xenlinux-unplug-for-emulat.patch 0054-qemu-bridge-helper-reduce-security-.patch -> 0036-qemu-bridge-helper-reduce-security-.patch * Patches added: 0002-qemu-binfmt-conf-Modify-default-pat.patch 0037-qemu-binfmt-conf-use-qemu-ARCH-binf.patch * Package renamed trace-events-all file and linuxboot_dma.bin * Handle building and packaging roms for e1000e and vmxnet3 (Bruce) * Remove ipxe patches which are now enabled upstream (Bruce) * Enable seccomp for s390x (Mark Post): 0038-configure-Fix-detection-of-seccomp-.patch- Update to v2.6.1 a stable, bug-fix-only release (fate#316228) - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6 * Patches dropped (upstreamed): 0041-net-mipsnet-check-packet-length-aga.patch 0042-i386-kvmvapic-initialise-imm32-vari.patch 0043-esp-check-command-buffer-length-bef.patch 0044-esp-check-dma-length-before-reading.patch 0045-scsi-pvscsi-check-command-descripto.patch 0046-scsi-mptsas-infinite-loop-while-fet.patch 0047-vga-add-sr_vbe-register-set.patch 0048-scsi-megasas-use-appropriate-proper.patch 0049-scsi-megasas-check-read_queue_head-.patch 0050-scsi-megasas-null-terminate-bios-ve.patch 0051-vmsvga-move-fifo-sanity-checks-to-v.patch 0052-vmsvga-don-t-process-more-than-1024.patch 0053-block-iscsi-avoid-potential-overflo.patch 0054-scsi-esp-check-TI-buffer-index-befo.patch 0060-scsi-megasas-initialise-local-confi.patch 0065-scsi-esp-check-buffer-length-before.patch 0066-scsi-esp-respect-FIFO-invariant-aft.patch 0067-pci-assign-Move-Invalid-ROM-error-m.patch 0068-Xen-PCI-passthrough-fix-passthrough.patch 0069-scsi-esp-make-cmdbuf-big-enough-for.patch 0071-virtio-error-out-if-guest-exceeds-v.patch * Patches renamed: 0055-xen-introduce-dummy-system-device.patch - > 0041-xen-introduce-dummy-system-device.patch 0056-xen-write-information-about-support.patch - > 0042-xen-write-information-about-support.patch 0057-xen-add-pvUSB-backend.patch - > 0043-xen-add-pvUSB-backend.patch 0058-xen-move-xen_sysdev-to-xen_backend..patch - > 0044-xen-move-xen_sysdev-to-xen_backend..patch 0059-vnc-add-configurable-keyboard-delay.patch - > 0045-vnc-add-configurable-keyboard-delay.patch 0061-configure-add-echo_version-helper.patch - > 0046-configure-add-echo_version-helper.patch 0062-configure-support-vte-2.91.patch - > 0047-configure-support-vte-2.91.patch 0063-hw-arm-virt-mark-the-PCIe-host-cont.patch - > 0048-hw-arm-virt-mark-the-PCIe-host-cont.patch 0064-xen-SUSE-xenlinux-unplug-for-emulat.patch - > 0049-xen-SUSE-xenlinux-unplug-for-emulat.patch 0070-scsi-esp-fix-migration.patch - > 0050-scsi-esp-fix-migration.patch 0072-xen-when-removing-a-backend-don-t-r.patch - > 0051-xen-when-removing-a-backend-don-t-r.patch 0073-xen-drain-submit-queue-in-xen-usb-b.patch - > 0052-xen-drain-submit-queue-in-xen-usb-b.patch 0074-qcow2-avoid-extra-flushes-in-qcow2.patch - > 0053-qcow2-avoid-extra-flushes-in-qcow2.patch 0075-qemu-bridge-helper-reduce-security-.patch - > 0054-qemu-bridge-helper-reduce-security-.patch 0076-xen-use-a-common-function-for-pv-an.patch - > 0055-xen-use-a-common-function-for-pv-an.patch- Temporarily disable ceph (rbd) functionality in OBS due to staging issues.- use upstream solution for building xen-usb.c correctly - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6 * Patches dropped: 0058-usb-Fix-conditions-that-xen-usb.c-i.patch * Patches added: 0058-xen-move-xen_sysdev-to-xen_backend..patch- Incorporate patch carried in Xen's qemu to get same support as Xen switches to use the qemu package (bsc#953339, bsc#953362, bsc#953518, bsc#984981) 0064-xen-SUSE-xenlinux-unplug-for-emulat.patch - Fix more potential OOB accesses in 53C9X emulation (CVE-2016-5238 bsc#982959) 0065-scsi-esp-check-buffer-length-before.patch 0066-scsi-esp-respect-FIFO-invariant-aft.patch - Avoid "Invalid ROM" error message when it is not appropriate (bsc#982927) 0067-pci-assign-Move-Invalid-ROM-error-m.patch - Fix failure in Xen HVM PCI passthrough (bsc#981925, bsc#989250) 0068-Xen-PCI-passthrough-fix-passthrough.patch - Fix OOB access in 53C9X emulation (CVE-2016-6351 bsc#990835) 0069-scsi-esp-make-cmdbuf-big-enough-for.patch 0070-scsi-esp-fix-migration.patch - Avoid potential for guest initiated OOM condition in qemu through virtio interface (CVE-2016-5403 bsc#991080) 0071-virtio-error-out-if-guest-exceeds-v.patch - Fix potential crashes in qemu from pvusb bugs (bsc#986156) 0072-xen-when-removing-a-backend-don-t-r.patch 0073-xen-drain-submit-queue-in-xen-usb-b.patch - Avoid unneeded flushes in qcow2 which impact performance (bsc#991296) 0074-qcow2-avoid-extra-flushes-in-qcow2.patch - Finally get qemu-bridge-helper the permissions it needs for non- root usage. The kvm group is leveraged to control access. (boo#988279) 0075-qemu-bridge-helper-reduce-security-.patch - Fix pvusb not working for HVM guests (bsc#991785) 0076-xen-use-a-common-function-for-pv-an.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6 - Minor spec file formatting fixes- Fix ARM PCIe DMA coherency bug (bsc#991034) - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6 * Patches added: 0063-hw-arm-virt-mark-the-PCIe-host-cont.patch- Clean up the udev ifdeffery to cover systemd as well (boo#860275) - Trigger udev rules also under systemd (boo#989655) - Suppress s390x sysctl in chroot - Ignore s390x sysctl failures (agraf)- Build SLOF for SLE12 now that we have gcc fix (bsc#949000) - Add script for loading kvm module on s390x - Enable seccomp and iscsi support in more configurations - Enable more support for virtio-gpu - Fix /dev/kvm permissions problem with package install and no reboot (bnc#867867) - Remove libtool dependency - Disable more aggressive stack protector for performance reasons - Enable vte to be used again in more configurations (bsc#988855) - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6 * Patches added: 0061-configure-add-echo_version-helper.patch 0062-configure-support-vte-2.91.patch- Remove deprecated patch "work-around-SA_RESTART-race" (boo#982208) - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6 * Patches dropped: 0002-XXX-work-around-SA_RESTART-race-wit.patch 0003-qemu-0.9.0.cvs-binfmt.patch 0004-qemu-cvs-alsa_bitfield.patch 0005-qemu-cvs-alsa_ioctl.patch 0006-qemu-cvs-alsa_mmap.patch 0007-qemu-cvs-gettimeofday.patch 0008-qemu-cvs-ioctl_debug.patch 0009-qemu-cvs-ioctl_nodirection.patch 0010-block-vmdk-Support-creation-of-SCSI.patch 0011-linux-user-add-binfmt-wrapper-for-a.patch 0012-PPC-KVM-Disable-mmu-notifier-check.patch 0013-linux-user-fix-segfault-deadlock.patch 0014-linux-user-binfmt-support-host-bina.patch 0015-linux-user-Ignore-broken-loop-ioctl.patch 0016-linux-user-lock-tcg.patch 0017-linux-user-Run-multi-threaded-code-.patch 0018-linux-user-lock-tb-flushing-too.patch 0019-linux-user-Fake-proc-cpuinfo.patch 0020-linux-user-implement-FS_IOC_GETFLAG.patch 0021-linux-user-implement-FS_IOC_SETFLAG.patch 0022-linux-user-XXX-disable-fiemap.patch 0023-slirp-nooutgoing.patch 0024-vnc-password-file-and-incoming-conn.patch 0025-linux-user-add-more-blk-ioctls.patch 0026-linux-user-use-target_ulong.patch 0027-block-Add-support-for-DictZip-enabl.patch 0028-block-Add-tar-container-format.patch 0029-Legacy-Patch-kvm-qemu-preXX-dictzip.patch 0030-console-add-question-mark-escape-op.patch 0031-Make-char-muxer-more-robust-wrt-sma.patch 0032-linux-user-lseek-explicitly-cast-no.patch 0033-virtfs-proxy-helper-Provide-__u64-f.patch 0034-configure-Enable-PIE-for-ppc-and-pp.patch 0035-qtest-Increase-socket-timeout.patch 0036-AIO-Reduce-number-of-threads-for-32.patch 0037-configure-Enable-libseccomp-for-ppc.patch 0038-dictzip-Fix-on-big-endian-systems.patch 0039-block-split-large-discard-requests-.patch 0040-xen_disk-Add-suse-specific-flush-di.patch 0041-build-link-with-libatomic-on-powerp.patch 0042-net-mipsnet-check-packet-length-aga.patch 0043-i386-kvmvapic-initialise-imm32-vari.patch 0044-esp-check-command-buffer-length-bef.patch 0045-esp-check-dma-length-before-reading.patch 0046-scsi-pvscsi-check-command-descripto.patch 0047-scsi-mptsas-infinite-loop-while-fet.patch 0048-vga-add-sr_vbe-register-set.patch 0049-scsi-megasas-use-appropriate-proper.patch 0050-scsi-megasas-check-read_queue_head-.patch 0051-scsi-megasas-null-terminate-bios-ve.patch 0052-vmsvga-move-fifo-sanity-checks-to-v.patch 0053-vmsvga-don-t-process-more-than-1024.patch 0054-block-iscsi-avoid-potential-overflo.patch 0055-scsi-esp-check-TI-buffer-index-befo.patch 0056-xen-introduce-dummy-system-device.patch 0057-xen-write-information-about-support.patch 0058-xen-add-pvUSB-backend.patch 0059-usb-Fix-conditions-that-xen-usb.c-i.patch 0060-vnc-add-configurable-keyboard-delay.patch 0061-scsi-megasas-initialise-local-confi.patch * Patches added: 0002-qemu-0.9.0.cvs-binfmt.patch 0003-qemu-cvs-alsa_bitfield.patch 0004-qemu-cvs-alsa_ioctl.patch 0005-qemu-cvs-alsa_mmap.patch 0006-qemu-cvs-gettimeofday.patch 0007-qemu-cvs-ioctl_debug.patch 0008-qemu-cvs-ioctl_nodirection.patch 0009-block-vmdk-Support-creation-of-SCSI.patch 0010-linux-user-add-binfmt-wrapper-for-a.patch 0011-PPC-KVM-Disable-mmu-notifier-check.patch 0012-linux-user-fix-segfault-deadlock.patch 0013-linux-user-binfmt-support-host-bina.patch 0014-linux-user-Ignore-broken-loop-ioctl.patch 0015-linux-user-lock-tcg.patch 0016-linux-user-Run-multi-threaded-code-.patch 0017-linux-user-lock-tb-flushing-too.patch 0018-linux-user-Fake-proc-cpuinfo.patch 0019-linux-user-implement-FS_IOC_GETFLAG.patch 0020-linux-user-implement-FS_IOC_SETFLAG.patch 0021-linux-user-XXX-disable-fiemap.patch 0022-slirp-nooutgoing.patch 0023-vnc-password-file-and-incoming-conn.patch 0024-linux-user-add-more-blk-ioctls.patch 0025-linux-user-use-target_ulong.patch 0026-block-Add-support-for-DictZip-enabl.patch 0027-block-Add-tar-container-format.patch 0028-Legacy-Patch-kvm-qemu-preXX-dictzip.patch 0029-console-add-question-mark-escape-op.patch 0030-Make-char-muxer-more-robust-wrt-sma.patch 0031-linux-user-lseek-explicitly-cast-no.patch 0032-virtfs-proxy-helper-Provide-__u64-f.patch 0033-configure-Enable-PIE-for-ppc-and-pp.patch 0034-qtest-Increase-socket-timeout.patch 0035-AIO-Reduce-number-of-threads-for-32.patch 0036-configure-Enable-libseccomp-for-ppc.patch 0037-dictzip-Fix-on-big-endian-systems.patch 0038-block-split-large-discard-requests-.patch 0039-xen_disk-Add-suse-specific-flush-di.patch 0040-build-link-with-libatomic-on-powerp.patch 0041-net-mipsnet-check-packet-length-aga.patch 0042-i386-kvmvapic-initialise-imm32-vari.patch 0043-esp-check-command-buffer-length-bef.patch 0044-esp-check-dma-length-before-reading.patch 0045-scsi-pvscsi-check-command-descripto.patch 0046-scsi-mptsas-infinite-loop-while-fet.patch 0047-vga-add-sr_vbe-register-set.patch 0048-scsi-megasas-use-appropriate-proper.patch 0049-scsi-megasas-check-read_queue_head-.patch 0050-scsi-megasas-null-terminate-bios-ve.patch 0051-vmsvga-move-fifo-sanity-checks-to-v.patch 0052-vmsvga-don-t-process-more-than-1024.patch 0053-block-iscsi-avoid-potential-overflo.patch 0054-scsi-esp-check-TI-buffer-index-befo.patch 0055-xen-introduce-dummy-system-device.patch 0056-xen-write-information-about-support.patch 0057-xen-add-pvUSB-backend.patch 0058-usb-Fix-conditions-that-xen-usb.c-i.patch 0059-vnc-add-configurable-keyboard-delay.patch 0060-scsi-megasas-initialise-local-confi.patch - Enable ceph (rbd) support for aarch64- Enable ceph (rbd) support- Fix OVMF iPXE network menu (bsc#986033, boo#987488) ipxe-efi-fix-garbage-bytes-in-device-path.patch ipxe-efi-fix-uninitialised-data-in-HII.patch- Fix host information leak to guest in MegaRAID SAS 8708EM2 Host Bus AdapterMegaRAID SAS 8708EM2 Host Bus Adapter emulation support (CVE-2016-5105 bsc#982017) * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6 0061-scsi-megasas-initialise-local-confi.patch- Address various security/stability issues * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6 * Fix OOB access in megasas emulated device (CVE-2016-5106 bsc#982018) 0049-scsi-megasas-use-appropriate-proper.patch * Fix OOB access in megasas emulated device (CVE-2016-5107 bsc#982019) 0050-scsi-megasas-check-read_queue_head-.patch * Fix OOB access in megasas emulated device (CVE-2016-5337 bsc#983961) 0051-scsi-megasas-null-terminate-bios-ve.patch * Correct the vmvga fifo access checks (CVE-2016-4454 bsc#982222) 0052-vmsvga-move-fifo-sanity-checks-to-v.patch * Fix potential DoS issue in vmvga processing (CVE-2016-4453 bsc#982223) 0053-vmsvga-don-t-process-more-than-1024.patch * Fix heap buffer overflow flaw when iscsi protocol is used (CVE-2016-5126 bsc#982285) 0054-block-iscsi-avoid-potential-overflo.patch * Fix OOB access in 53C9X emulation (CVE-2016-5338 bsc#983982) 0055-scsi-esp-check-TI-buffer-index-befo.patch - Add support to qemu for pv-usb under Xen (fate#316612) 0056-xen-introduce-dummy-system-device.patch 0057-xen-write-information-about-support.patch 0058-xen-add-pvUSB-backend.patch 0059-usb-Fix-conditions-that-xen-usb.c-i.patch - Provide ability to rate limit keyboard events from the vnc server. This is part of the solution to an issue affecting openQA testing, where characters are lost, resulting in unexpected failures (bsc#974914) 0060-vnc-add-configurable-keyboard-delay.patch- Adjust to parallel changes in virglrenderer packages - no longer "BuildRequires" virglrenderer directly, just the devel package.- Fix build compatibility with gcc6 wrt ipxe rom where compiler warnings are treated as errors. ipxe-ath9k-Fix-buffer-overrun-for-ar9287.patch ipxe-mucurses-Fix-GCC-6-nonnull-compare-errors.patch ipxe-sis190-Fix-building-with-GCC-6.patch ipxe-skge-Fix-building-with-GCC-6.patch ipxe-ath-Fix-building-with-GCC-6.patch ipxe-legacy-Fix-building-with-GCC-6.patch - Fix ipxe build script which fails under perl v5.24 ipxe-util-v5.24-perl-errors-on-redeclare.patch - Specify build time disk space requirements for ppc64 and ppc64le- Add sysctl script and %post on s390x to allow kvm usage (bsc#975331)- Address various security/stability issues * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6 * Fix OOB access in MIPSnet emulated controller CVE-2016-4002 (bsc#975136) 0042-net-mipsnet-check-packet-length-aga.patch * Fix possible host data leakage to guest from TPR access CVE-2016-4020 (bsc#975700) 0043-i386-kvmvapic-initialise-imm32-vari.patch * Avoid OOB access in 53C9X emulation CVE-2016-4439 (bsc#980711) 0044-esp-check-command-buffer-length-bef.patch * Avoid OOB access in 53C9X emulation CVE-2016-4441 (bsc#980723) 0045-esp-check-dma-length-before-reading.patch * Avoid OOB access in Vmware PV SCSI emulation CVE-2016-4952 (bsc#981266) 0046-scsi-pvscsi-check-command-descripto.patch * Avoid potential DoS in LSI SAS1068 emulation CVE-2016-4964 (bsc#981399) 0047-scsi-mptsas-infinite-loop-while-fet.patch * Fix regression in vga behavior - introduced in v2.6.0 CVE-2016-3712 (bsc#978160) 0048-vga-add-sr_vbe-register-set.patch- Update to v2.6.0: See http://wiki.qemu-project.org/ChangeLog/2.6 - Enable SDL2, virglrenderer (for use with virtio-gpu), xfsctl, and tracing using default log backend - Build efi pxe roms on x86_64- Check modules for conflicting release versions - Suggest recently added block modules- Bump copyright in qemu.spec.in - Enable libiscsi for Factory - Enable seccomp for ppc64le as well- Update to v2.6.0-rc3: See http://wiki.qemu-project.org/ChangeLog/2.6 * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6 * Patches dropped (upstreamed): 0041-tests-Use-correct-config-param-for-.patch * Patches renamed: 0042-build-link-with-libatomic-on-powerp.patch -> 0041-build-link-with-libatomic-on-powerp.patch- Partially revert the last change's cleanup - Indicate SUSE version- Update to v2.6.0-rc0: See http://wiki.qemu-project.org/ChangeLog/2.6 * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6 * Accept every size in DISCARD request from a guest (bsc#964427) 0039-block-split-large-discard-requests-.patch * Recognize libxl flag to disable flush in block device (bsc#879425) 0040-xen_disk-Add-suse-specific-flush-di.patch * Use correct flag for crypto tests 0041-tests-Use-correct-config-param-for-.patch * Fix build on powerpc: 0042-build-link-with-libatomic-on-powerp.patch * Patches dropped (upstreamed): seabios_checkrom_typo.patch seabios_avoid_smbios_signature_string.patch- Disable vte for Leap, fixing build- Don't drop u-boot.e500 yet - breaks testsuite- Re-enable libcacard support - Clean up configured features- Clean up qemu-tools libcacard Provides/Obsoletes - separate again - Drop u-boot.e500 - being packaged as u-boot-ppce500- Update to v2.5.0: See http://wiki.qemu-project.org/ChangeLog/2.5 * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.5 * Patches dropped (upstreamed): 0039-tests-Fix-check-report-qtest-target.patch- Fix build on openSUSE 13.2- Fix testsuite on 32bit systems (bsc#957379)- Update to v2.5.0-rc1: See http://wiki.qemu-project.org/ChangeLog/2.5 * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.5 * Rebase libseccomp enablement: 0037-Revert-Revert-seccomp-tests-that-al.patch -> 0037-configure-Enable-libseccomp-for-ppc.patch * Provide qemu-ga and qemu-ipxe for qemu-testsuite - Clean up qemu-ksm recommendation- Fix SLE11 build by fixing systemd conditionalization (from olh)- Update to v2.5.0-rc0: See http://wiki.qemu-project.org/ChangeLog/2.5 * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.5 * Patches dropped (upstream): 0038-tcg-aarch64-Fix-tcg_out_qemu_-ld-st.patch 0039-tests-Unique-test-path-for-string-v.patch gcc5-ipxe-add-missing-const-qualifiers.patch gcc5-ipxe-ath9k-Remove-confusing-logic-inversion-in-an-ANI-var.patch SLOF_ppc64le.patch * Patch renamed: 0040-dictzip-Fix-on-big-endian-systems.patch -> 0038-dictzip-Fix-on-big-endian-systems.patch * --enable-smartcard-nss -> --enable-smartcard Needs an external libcacard, so drop it for now. * Drop --enable-vnc-tls * Require xz-devel for ipxe build * Package qemu-ga(8) man page * Package ivshmem-{client,server} * Patches added: 0039-tests-Fix-check-report-qtest-target.patch- Add systemd unit file and udev rules for qemu guest agent - taken from the SLE12 / Leap package, see boo#955707- Add _constraints file (based on work by kenljohnson)- Enable SLOF build for ppc64le, too, now (bsc#949000, bsc#949016)- Allow building SLOF on ppc64le (bsc#949016) SLOF_ppc64le.patch - Add two checks for DictZip and tar qemu-img behavior (bsc#945778) * Clean up qemu-testsuite build/installation- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.4 * Fix endianness issues in DictZip block driver (bsc#937572, bsc#945778) 0027-block-Add-support-for-DictZip-enabl.patch 0028-block-Add-tar-container-format.patch 0040-dictzip-Fix-on-big-endian-systems.patch- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.4 * Fix qemu-testsuite for glib2-2.46.0 by assuring uniqueness of paths 0039-tests-Unique-test-path-for-string-v.patch- Build SLOF on ppc64 (bsc#949016, thanks to k0da) * Simplify x86 fw logic while at it - No need to enable KVM for armv6hl - Add notice about pre_checkin.sh to update_git.sh- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.4 * Fix aarch64 TCG: 0038-tcg-aarch64-Fix-tcg_out_qemu_-ld-st.patch- Update to v2.4.0: See http://wiki.qemu-project.org/ChangeLog/2.4- Update to v2.4.0-rc2: See http://wiki.qemu-project.org/ChangeLog/2.4 * Provide qemu-img symlink instead of passing QTEST_QEMU_IMG- Update to v2.4.0-rc1: See http://wiki.qemu-project.org/ChangeLog/2.4 * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.4 * Patches dropped: 0037-linux-user-Allocate-thunk-size-dyna.patch 0039-s390x-Fix-stoc-direction.patch 0040-s390x-Add-interlocked-access-facili.patch 0041-fdc-force-the-fifo-access-to-be-in-.patch 0042-rules.mak-Force-CFLAGS-for-all-obje.patch 0043-qcow2-Set-MIN_L2_CACHE_SIZE-to-2.patch 0044-hw-arm-boot-Increase-fdt-alignment.patch * Patches renamed: 0038-Revert-Revert-seccomp-tests-that-al.patch -> 0037-Revert-Revert-seccomp-tests-that-al.patch * Package new vgabios-virtio.bin * target-x86_64.conf was dropped * Add qemu-block-dmg module sub-package * Set QTEST_QEMU_IMG variable for ahci-test * --enable-quorum and --enable-vnc-ws are no longer available- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 - Fix -kernel boot for AArch64 * Patches added: 0044-hw-arm-boot-Increase-fdt-alignment.patch- Use libusb-1_0-devel as buildrequires, not the old unused compatibility layer in libusb-devel- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 - Fix qemu2 cow caching (bsc#933132) * Patches added: 0043-qcow2-Set-MIN_L2_CACHE_SIZE-to-2.patch- Patch queue updated from git://github.com/jirislaby/qemu.git opensuse-2.3 * Patches added: 0042-rules.mak-Force-CFLAGS-for-all-obje.patch gcc5-ipxe-add-missing-const-qualifiers.patch gcc5-ipxe-ath9k-Remove-confusing-logic-inversion-in-an-ANI-var.patch- Fix CVE-2015-3456 (boo#929339) 0041-fdc-force-the-fifo-access-to-be-in-.patch - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 * Patches added: 0040-s390x-Add-interlocked-access-facili.patch - Disable dependency on libnuma for s390x (not available in SLE12)- Update to v2.3.0: See http://wiki.qemu-project.org/ChangeLog/2.3 - Disable iotests for now- Update to v2.3.0-rc4: See http://wiki.qemu-project.org/ChangeLog/2.3- Update seabios_avoid_smbios_signature_string.patch with version applied upstream- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 - Fix s390x stoc instructions 0039-s390x-Fix-stoc-direction.patch- Update to v2.3.0-rc3: See http://wiki.qemu-project.org/ChangeLog/2.3 * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 * Patches dropped (applied upstream): 0037-tcg-tcg-op.c-Fix-ld-st-of-64-bit-va.patch * Patches renamed: 0038-linux-user-Allocate-thunk-size-dyna.patch -> 0037-linux-user-Allocate-thunk-size-dyna.patch * Revert -rc3 change to disable seccomp on non-x86 architectures 0038-Revert-Revert-seccomp-tests-that-al.patch- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 - Fix qemu-linux-user on powerpc * Patches added: 0038-linux-user-Allocate-thunk-size-dyna.patch- Split off qemu-testsuite.spec * Package check-report.html and check-report.xml * Enable quick iotests - Dropped 0030-net-Warn-about-default-MAC-address.patch The warning is relevant only for bridged setups, not for the default SLIRP based -net user / -netdev user setup, and it breaks output expectations of some iotests. * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 * Patches renamed: 0031-console-add-question-mark-escape-op.patch -> 0030-console-add-question-mark-escape-op.patch 0032-Make-char-muxer-more-robust-wrt-sma.patch -> 0031-Make-char-muxer-more-robust-wrt-sma.patch 0033-linux-user-lseek-explicitly-cast-no.patch -> 0032-linux-user-lseek-explicitly-cast-no.patch 0034-virtfs-proxy-helper-Provide-__u64-f.patch -> 0033-virtfs-proxy-helper-Provide-__u64-f.patch 0035-configure-Enable-PIE-for-ppc-and-pp.patch -> 0034-configure-Enable-PIE-for-ppc-and-pp.patch 0036-qtest-Increase-socket-timeout.patch -> 0035-qtest-Increase-socket-timeout.patch 0037-AIO-Reduce-number-of-threads-for-32.patch -> 0036-AIO-Reduce-number-of-threads-for-32.patch 0038-tcg-tcg-op.c-Fix-ld-st-of-64-bit-va.patch -> 0037-tcg-tcg-op.c-Fix-ld-st-of-64-bit-va.patch - Re-enable glusterfs on Factory (updated from v3.6.1 to v3.6.2) - Re-enable seccomp for armv7l (libseccomp submission pending)- Suppress seccomp for Factory armv7l (broken in libseccomp v2.2.0) - Disable glusterfs explicitly on Factory, SLE12 and before 13.1- Enable glusterfs and package as qemu-block-gluster glusterfs post-v3.5.3 and v3.6.1/v3.6.2 have switched the glusterfs-api.pc version incompatibly, so only 13.1+13.2 for now - Use macro for module Conflicts- Tidy configure options: * Move --enable-modules to build options * Sort libusb alphabetically * Explicitly enable attr, bluez, fdt, lzo, tpm, vhdx, vhost-net, vnc, xen-pci-passthrough * Enable bzip2 * Enable libssh2 where possible and package as qemu-block-ssh * Enable numa where a compatible numactl is available * Enable quorum where a compatible gnutls is available * Enable snappy where possible * Prepare to enable glusterfs * Explicitly enable the nop tracing backend (to be revisited) * Explicitly disable Archipelago, as we don't have libxseg and it's incompatibly GPL-3.0+ * Explicitly disable libiscsi, libnfs, netmap and rbd as we don't have packages * Drop deprecated --enable-virtio-blk-data-plane (now default)- Fix 64-bit TCG stores on 32-bit Big Endian hosts (ppc) 0038-tcg-tcg-op.c-Fix-ld-st-of-64-bit-va.patch * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3- Update to v2.3.0-rc2: See http://wiki.qemu-project.org/ChangeLog/2.3 * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 * Patches dropped (upstreamed): 0038-fw_cfg-test-Fix-test-path-to-includ.patch 0039-rcu-tests-fix-compilation-on-32-bit.patch- make check was failing due to a bogus SMBIOS signature being encountered within SeaBIOS. Avoid having that signature stored randomly within the SeaBIOS image. * seabios_avoid_smbios_signature_string.patch- Build x86 firmware only from 13.1 on (11.4 was broken, surpassing 128 KB) - Update to v2.3.0-rc1: See http://wiki.qemu-project.org/ChangeLog/2.3 * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 * Patches dropped (upstreamed): 0038-linux-user-Fix-emulation-of-splice-.patch 0039-ide-fix-cmd_write_pio-when-nsectors.patch 0040-ide-fix-cmd_read_pio-when-nsectors-.patch 0041-ahci-Fix-sglist-offset-manipulation.patch 0042-ahci-test-improve-rw-buffer-pattern.patch 0045-linux-user-fix-broken-cpu_copy.patch * Patches renamed: 0043-fw_cfg-test-Fix-test-path-to-includ.patch -> 0038-fw_cfg-test-Fix-test-path-to-includ.patch 0044-rcu-tests-fix-compilation-on-32-bit.patch -> 0039-rcu-tests-fix-compilation-on-32-bit.patch- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 * Patches added: 0045-linux-user-fix-broken-cpu_copy.patch- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 * Make test path for fw_cfg-test unique (including architecture) 0043-fw_cfg-test-Fix-test-path-to-includ.patch * Fix rcu tests build on ppc (undefined reference to `__sync_fetch_and_add_8') 0044-rcu-tests-fix-compilation-on-32-bit.patch - Fix typo in SeaBIOS size check seabios_checkrom_typo.patch- Update to v2.3.0-rc0: See http://wiki.qemu-project.org/ChangeLog/2.3 * Updated update_git.sh accordingly * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.3 * seabios_128kb.patch: Added patch to squeeze SeaBIOS into 128 KB with our gcc 4.8.3 (brogers@suse.com) - Renamed 0030-Legacy-Patch-kvm-qemu-preXX-report-.patch to 0030-net-Warn-about-default-MAC-address.patch: Suppress warning for accel=qtest, to sanitize make check results. - Added patches to fix ahci-test: 0039-ide-fix-cmd_write_pio-when-nsectors.patch 0040-ide-fix-cmd_read_pio-when-nsectors-.patch 0041-ahci-Fix-sglist-offset-manipulation.patch 0042-ahci-test-improve-rw-buffer-pattern.patch- Update company name in spec file templates - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.2 * Patches added: 0038-linux-user-Fix-emulation-of-splice-.patch- Add user kvm when installing guest-agent. - Use macro to update udev_rules when available- Fix packaging of e500 U-Boot - Don't rely on wildcard with explicit excludes- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.2 * Patches added: 0037-AIO-Reduce-number-of-threads-for-32.patch- Update to v2.2.0: See http://wiki.qemu-project.org/ChangeLog/2.2 * Updated DictZip and Tar block backends accordingly - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.2 * Patches dropped: 0015-target-arm-linux-user-no-tb_flush-o.patch (tb_flush() not called) 0037-tests-Don-t-run-qom-test-twice.patch (superseded) 0039-linux-user-Cast-validity-checks-on-.patch (helper function introduced) 0040-linux-user-Convert-blkpg-to-use-a-s.patch (upstreamed) * Patched renumbered: 0016-linux-user-Ignore-broken-loop-ioctl.patch -> 0015-linux-user-Ignore-broken-loop-ioctl.patch 0017-linux-user-lock-tcg.patch -> 0016-linux-user-lock-tcg.patch 0018-linux-user-Run-multi-threaded-code-.patch -> 0017-linux-user-Run-multi-threaded-code-.patch 0019-linux-user-lock-tb-flushing-too.patch -> 0018-linux-user-lock-tb-flushing-too.patch 0020-linux-user-Fake-proc-cpuinfo.patch -> 0019-linux-user-Fake-proc-cpuinfo.patch 0021-linux-user-implement-FS_IOC_GETFLAG.patch -> 0020-linux-user-implement-FS_IOC_GETFLAG.patch 0022-linux-user-implement-FS_IOC_SETFLAG.patch -> 0021-linux-user-implement-FS_IOC_SETFLAG.patch 0023-linux-user-XXX-disable-fiemap.patch -> 0022-linux-user-XXX-disable-fiemap.patch 0024-slirp-nooutgoing.patch -> 0023-slirp-nooutgoing.patch 0025-vnc-password-file-and-incoming-conn.patch -> 0024-vnc-password-file-and-incoming-conn.patch 0026-linux-user-add-more-blk-ioctls.patch -> 0025-linux-user-add-more-blk-ioctls.patch 0027-linux-user-use-target_ulong.patch -> 0026-linux-user-use-target_ulong.patch 0028-block-Add-support-for-DictZip-enabl.patch -> 0027-block-Add-support-for-DictZip-enabl.patch 0029-block-Add-tar-container-format.patch -> 0028-block-Add-tar-container-format.patch 0030-Legacy-Patch-kvm-qemu-preXX-dictzip.patch -> 0029-Legacy-Patch-kvm-qemu-preXX-dictzip.patch 0031-Legacy-Patch-kvm-qemu-preXX-report-.patch -> 0030-Legacy-Patch-kvm-qemu-preXX-report-.patch 0032-console-add-question-mark-escape-op.patch -> 0031-console-add-question-mark-escape-op.patch 0033-Make-char-muxer-more-robust-wrt-sma.patch -> 0032-Make-char-muxer-more-robust-wrt-sma.patch 0034-linux-user-lseek-explicitly-cast-no.patch -> 0033-linux-user-lseek-explicitly-cast-no.patch 0035-virtfs-proxy-helper-Provide-__u64-f.patch -> 0034-virtfs-proxy-helper-Provide-__u64-f.patch 0036-configure-Enable-PIE-for-ppc-and-pp.patch -> 0035-configure-Enable-PIE-for-ppc-and-pp.patch 0038-qtest-Increase-socket-timeout.patch -> 0036-qtest-Increase-socket-timeout.patch- Enable RDMA support for SLE12 and later- Copy the freshly built s390-ccw.img over to the location from which it is installed (bnc#893535)- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.1 * Patches added: 0039-linux-user-Cast-validity-checks-on-.patch 0040-linux-user-Convert-blkpg-to-use-a-s.patch- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.1 - Revert use of %{version} in Source line as it breaks update_git.sh- build libcaca from a different spec file to avoid cycles with spice- update to v2.1.0: http://wiki.qemu-project.org/ChangeLog/2.1 - Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.1 * Patches dropped: 0039-fix-full-frame-updates-for-VNC-clie.patch 0040-vnc-update-fix.patch- Rename rpmlintrc to %{name}-rpmlintrc. Follow the packaging guidelines.- Backported VNC fixes for openQA (bnc#888142): * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.1 * Patches added: 0039-fix-full-frame-updates-for-VNC-clie.patch 0040-vnc-update-fix.patch- Update to v2.1.0-rc3: http://wiki.qemu-project.org/ChangeLog/2.1 * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.1 * Patches dropped: 0039-module-Simplify-module_load.patch 0040-module-Don-t-complain-when-a-module.patch * Updated update_git.sh script accordingly- Update to v2.1.0-rc2: http://wiki.qemu-project.org/ChangeLog/2.1 * Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.1 * Patches dropped: 0041-tests-Fix-unterminated-string-outpu.patch 0042-libqos-Fix-PC-PCI-endianness-glitch.patch 0043-qtest-fix-vhost-user-test-compilati.patch * Updated update_git.sh accordingly * Extended update_git.sh to add generated patch names to change log- Update to v2.1.0-rc0: http://wiki.qemu-project.org/ChangeLog/2.1 * xen_disk discard support now upstream 0037-xen_disk-add-discard-support.patch dropped * PowerPC ELF v2 support now upstream 0045-tcg-ppc64-Support-the-ELFv2-ABI.patch dropped * Patches renamed during rebase: 0015-linux-user-arm-no-tb_flush-on-reset.patch -> 0015-target-arm-linux-user-no-tb_flush-o.patch * Patches reordered due to rebase: 0038-tests-Don-t-run-qom-test-twice.patch -> 0037-tests-Don-t-run-qom-test-twice.patch 0041-qtest-Increase-socket-timeout.patch -> 0038-qtest-Increase-socket-timeout.patch 0071-module-Simplify-module_load.patch -> 0039-module-Simplify-module_load.patch 0072-module-Don-t-complain-when-a-module.patch -> 0040-module-Don-t-complain-when-a-module.patch * Patches automatically dropped on rebase: 0039-qtest-Assure-that-init_socket-s-lis.patch 0040-qtest-Add-error-reporting-to-socket.patch 0042-qtest-Be-paranoid-about-accept-addr.patch 0043-arm-translate.c-Fix-smlald-Instruct.patch 0044-target-arm-A64-fix-unallocated-test.patch 0046-vmstate-add-VMS_MUST_EXIST.patch 0047-vmstate-add-VMSTATE_VALIDATE.patch 0048-virtio-net-fix-buffer-overflow-on-i.patch 0049-virtio-net-out-of-bounds-buffer-wri.patch 0050-virtio-out-of-bounds-buffer-write-o.patch 0051-ahci-fix-buffer-overrun-on-invalid-.patch 0052-hpet-fix-buffer-overrun-on-invalid-.patch 0053-hw-pci-pcie_aer.c-fix-buffer-overru.patch 0054-pl022-fix-buffer-overun-on-invalid-.patch 0055-vmstate-fix-buffer-overflow-in-targ.patch 0056-virtio-avoid-buffer-overrun-on-inco.patch 0057-virtio-validate-num_sg-when-mapping.patch 0058-pxa2xx-avoid-buffer-overrun-on-inco.patch 0059-ssd0323-fix-buffer-overun-on-invali.patch 0060-tsc210x-fix-buffer-overrun-on-inval.patch 0061-zaurus-fix-buffer-overrun-on-invali.patch 0062-virtio-scsi-fix-buffer-overrun-on-i.patch 0063-vmstate-s-VMSTATE_INT32_LE-VMSTATE_.patch 0064-usb-sanity-check-setup_index-setup_.patch 0065-savevm-Ignore-minimum_version_id_ol.patch 0066-ssi-sd-fix-buffer-overrun-on-invali.patch 0067-openpic-avoid-buffer-overrun-on-inc.patch 0068-virtio-net-out-of-bounds-buffer-wri.patch 0069-virtio-validate-config_len-on-load.patch 0070-virtio-allow-mapping-up-to-max-queu.patch * iPXE fixes now included ipxe-build-Work-around-bug-in-gcc-4.8.patch dropped ipxe-build-Avoid-strict-aliasing-warning.patch dropped ipxe-zbin-Fix-size-used-for-memset-in-al.patch dropped * SeaVGABIOS fix now included vgabios-Make-sure-stdvga_list_modes-doesn-t-overrun-.patch dropped * Modified update_git.sh accordingly - Update to v2.1.0-rc1: http://wiki.qemu-project.org/ChangeLog/2.1 * 0041-tests-Fix-unterminated-string-outpu.patch: Test fix * 0042-libqos-Fix-PC-PCI-endianness-glitch.patch: Test fix for ppc * 0043-qtest-fix-vhost-user-test-compilati.patch: Test fix for SP3 * Modified update_git.sh accordingly- Move block-curl.so to new qemu-block-curl package, avoiding a dependency of qemu-tools on qemu for Xen (bnc#882008) * Avoid the reported error message about missing modules 0071-module-Simplify-module_load.patch 0072-module-Don-t-complain-when-a-module.patch - Improve update_git.sh performance (backport from SLE12)- only build the x86 firmware on x86, ensuring consistent binaries - remove un-needed pmtools BuildRequires - Fix vga related problem doing direct kernel boot for SLES 10 and SLES 11 guests (bnc#880625) vgabios-Make-sure-stdvga_list_modes-doesn-t-overrun-.patch - Probe vhost-net module on SLE11 (copied from SP3 package)- Fix CVE-2013-4148 (bnc#864812) 0048-virtio-net-fix-buffer-overflow-on-i.patch - Fix CVE-2013-4149 (bnc#864649) 0068-virtio-net-out-of-bounds-buffer-wri.patch - Fix CVE-2013-4150 (bnc#864650) 0049-virtio-net-out-of-bounds-buffer-wri.patch - Fix CVE-2013-4151 (bnc#864653) 0050-virtio-out-of-bounds-buffer-write-o.patch - Fix CVE-2013-4526 (bnc#864671) 0051-ahci-fix-buffer-overrun-on-invalid-.patch - Fix CVE-2013-4527 (bnc#864673) 0052-hpet-fix-buffer-overrun-on-invalid-.patch - Fix CVE-2013-4529 (bnc#864678) 0053-hw-pci-pcie_aer.c-fix-buffer-overru.patch - Fix CVE-2013-4530 (bnc#864682) 0054-pl022-fix-buffer-overun-on-invalid-.patch - Fix CVE-2013-4531 (bnc#864796) 0055-vmstate-fix-buffer-overflow-in-targ.patch - Fix CVE-2013-4533 (bnc#864655) 0058-pxa2xx-avoid-buffer-overrun-on-inco.patch - Fix CVE-2013-4534 (bnc#864811) 0067-openpic-avoid-buffer-overrun-on-inc.patch - Fix CVE-2013-4535 / CVE-2013-4536 (bnc#864665) 0057-virtio-validate-num_sg-when-mapping.patch - Fix CVE-2013-4537 (bnc#864391) 0066-ssi-sd-fix-buffer-overrun-on-invali.patch - Fix CVE-2013-4538 (bnc#864769) 0059-ssd0323-fix-buffer-overun-on-invali.patch - Fix CVE-2013-4539 (bnc#864805) 0060-tsc210x-fix-buffer-overrun-on-inval.patch - Fix CVE-2013-4540 (bnc#864801) 0061-zaurus-fix-buffer-overrun-on-invali.patch - Fix CVE-2013-4541 (bnc#864802) 0064-usb-sanity-check-setup_index-setup_.patch - Fix CVE-2013-4542 (bnc#864804) 0062-virtio-scsi-fix-buffer-overrun-on-i.patch - Fix CVE-2013-6399 (bnc#864814) 0067-virtio-avoid-buffer-overrun-on-inco.patch - Fix CVE-2014-0182 (bnc#874788) 0069-virtio-validate-config_len-on-load.patch - Backported patch from stable branch (brogers): 0070-virtio-allow-mapping-up-to-max-queu.patch- Fix conflict with libcacard 0.1.2 from project security * Adopt description and group for libcacard-devel from there - Drop libcacard.{a,la} from libcacard-devel If needed, libcacard.a should go into a libcacard-devel-static. - Change qemu-extra to explicitly list qemu-system-* binaries- ABI fixes for ppc64le TCG. Addresses acpi-test failures. 0045-tcg-ppc64-Support-the-ELFv2-ABI.patch- Split 60-kvm.rules into 60-kvm.rules and 60-kvm.x86.rules - Install udev rules on s390x, ppc and arm, too * Clean up KVM vs. qemu-kvm conditionals - Package qemu-system-ppcemb in qemu-ppc and qemu-system-aarch64 in qemu-arm- Fix aarch64 emulation issues: 0043-arm-translate.c-Fix-smlald-Instruct.patch 0044-target-arm-A64-fix-unallocated-test.patch- Attempt to solve or debug occasional qtest fd assertions 0039-qtest-Assure-that-init_socket-s-lis.patch 0040-qtest-Add-error-reporting-to-socket.patch 0041-qtest-Increase-socket-timeout.patch 0042-qtest-Be-paranoid-about-accept-addr.patch- Update to v2.0.0: cf. http://wiki.qemu-project.org/ChangeLog/2.0 * Update update_git.sh script accordingly- Update to v2.0.0-rc3: cf. http://wiki.qemu-project.org/ChangeLog/2.0 * Update update_git.sh script accordingly * Addresses CVE-2014-0150 (bnc#873235), CVE-2013-4544 (bnc#873613)- Update to v2.0.0-rc2: cf. http://wiki.qemu-project.org/ChangeLog/2.0 * Update update_git.sh script accordingly * Resolves Gtk mouse issues (bnc#849587) * Fixes endianness-test failures for prep machine on Big Endian host- Fix qemu-kvm script for s390x (bnc#869021) (bfrogers) - Fix ksm.service file permissions to not be executable w/o shebang - Re-enable Gtk build on 11.4 (fixes unpackaged qemu.mo files error) - Fix SLE11 SP3 build by making sub-package "noarch" conditional * Do not exclude qemu-ifup from qemu package when not installing - Speed up %check by not running qom-test twice for some targets 0038-tests-Don-t-run-qom-test-twice.patch- Updated to v2.0.0-rc1: cf. http://wiki.qemu-project.org/ChangeLog/2.0 * Update update_git.sh script accordingly * Resolves breakage of live migration (bnc#871302) * Addresses CVE-2014-0142, CVE-2014-0143, CVE-2014-0144, CVE-2014-0145, CVE-2014-0146, CVE-2014-0147 (bnc#870439) - Drop 0037-roms-Build-vgabios.bin.patch (unneeded)- Enhance update_git.sh script * Fix duplicate .patch for short filenames * Read SeaBIOS version from QEMU tarball- Re-create qemu-2.0.0-rc0.tar.bz2 to include SeaBIOS .version- Improve update_git.sh script to use a user-agnostic git symlink- Tidy up qemu.spec a bit: white space, line length, use macros as appropriate - Improve update_git.sh to not change files in OBS if the file remains unchanged- Fix library directory - Set default file attributes for qemu-ksm - Enable Smartcard emulation * Reorder package definitions to avoid %version troubles- Update to v2.0.0-rc0: Cf. http://wiki.qemu-project.org/ChangeLog/2.0 * Adapt update_git.sh script accordingly * Generate package version automatically from VERSION file * Switch from LGPL VGABIOS to SeaVGABIOS * Enable modules * Explicitly enable virtio-blk-data-plane (no functional change) * Package new firmware blobs- Add qemu-ksm subpackage providing a systemd service file for enabling / disabling Kernel Samepage Merging. It is independent of qemu (but recommended by it).- Move target-x86_64.conf to qemu-x86 sub-package- Split out KVM architectures to per-architecture subpackages - Suggest qemu-lang package- enable usb passthrough via --enable-libusb config option- Fix improperly formatted wrapper script (bnc#864094)- Enable make check- Use Provides/Obsoletes as means to transition kvm users to the qemu-kvm package- Migrate kvm package contents to a new qemu-kvm sub-package, and move the kvm related udev rules to the qemu package. (The kvm package is being retired). Add qemu-ifup Add qemu-kvm.1.gz Add kvm_stat Add 60-kvm.rules Add 80-kvm.rules- Implement discard support for xen_disk (olh) (fate#316071) 0042-xen_disk-add-discard-support.patch.patch- Simplified VMDK SCSI support handling (backport from 13.1/v1.6.2) * Increases the number of heads for SCSI from 16 to 255- Bump copyright in qemu.spec.in - Use vte-devel instead of vte2-devel and force using Gtk3, reported by Takashi and Dirk (bnc#840607, bnc#849587).- xen dropped support for i586, so don't buildrequire it- Update version number of SeaBIOS, spotted by BdMdesigN- Update to v1.7.0: See http://wiki.qemu-project.org/ChangeLog/1.7 * Adapted update_git.sh accordingly * Dropped --enable-mixemu (no longer available) * Added a work around for roms/Makefile issue * patch 0038-gdbstub-Fix-gdb_register_coprocesso.patch dropped- use --enable-pie to fix arm build- Undo workaround for sasl - fixed in Factory- Work around Factory sasl breakage by allowing build w/o vnc-sasl - Move build_and_copy_vgabios_bin.patch to Git patch queue * Clearly mark in-.spec patch queue as for roms/ipxe/ only - Synchronized qemu.spec.in from qemu.spec: * Added ipxe-build-Avoid-strict-aliasing-warning.patch * Modified SeaBIOS summary * Added Conflicts for firmware subpackages * Dropped %dir - Add patch enabling PIE support for ppc/ppc64 (k0da)- Build x86 firmware from tarball source. The firmware components produced are equivalent to the upstream provided binary blobs currently being used. They are delivered in noarch subpackages as follows (addresses bnc#830002): * qemu-seabios v1.7.2.2 * qemu-vgabios v0.6c * qemu-sgabios v8 (svn rev 8) * qemu-ipxe v1.0.0 - Add following patches to enable x86 firmware to build: ipxe-build-Work-around-bug-in-gcc-4.8.patch ipxe-zbin-Fix-size-used-for-memset-in-al.patch build_and_copy_vgabios_bin.patch ipxe-build-Avoid-strict-aliasing-warning.patch- Enabled usb-redirection * Fixes starting VMs in gnome-boxes (bnc#839703)- Enable Xen support to allow testing our QEMU in place of Xen's This prepares for consolidating QEMU packaging further.- Fix gdbstub for arm/m68k/ppc guests (from pending upstream pull)- Update to v1.6.0: cf. http://wiki.qemu.org/ChangeLog/1.6 * Adapt update_git.sh script accordingly- Update to v1.6.0-rc3: cf. http://wiki.qemu.org/ChangeLog/1.6 * Adapt update_git.sh script accordingly - Changed back versioning scheme to 1.6.0rcX (saschpe, brogers).- Update to v1.6.0-rc2: cf. http://wiki.qemu.org/ChangeLog/1.6 * Adapt update_git.sh script accordingly - Changed version from 1.6.0rcX to 1.5.9X (reported by lnussel)- Update to v1.6.0-rc1: cf. http://wiki.qemu.org/ChangeLog/1.6 * Adapt update_git.sh script accordingly- Use libfdt build dependency not just for ppc. QEMU 1.6 needs it for ppc, arm and microblaze guests and uses a bundled copy if one of those targets is built and the system does not have a compatible libfdt.- Update to v1.6.0-rc0: cf. http://wiki.qemu.org/ChangeLog/1.6 * Fixes build against recent dtc (SLE_11_SP2 ppc64 w/ Base:System) * Includes Gtk patches for bnc#830459 * Adapt update_git.sh script accordingly- Fix segfault that occurs from using -vga qxl (bnc#830459)- Clarify through spec file comments that the patch queue is auto-generated through update_git.sh. Please do not submit SRs that bypass our patch handling.- Really enable pulseaudio and oss support (bnc#737070) - Amend licenses list with GPL-2.0 (adopted from kvm package) - Be explicit in enabling features our packaging relies on - Disable stripping at QEMU level - Use %optflags rather than $QEMU_OPT_FLAGS- Move /emul/ia32-linux to qemu-linux-user- Drop dependency on bison * Reorder BuildRequires alphabetically - Fix summary of qemu-lang sub-package - Drop post-build-checks suppression (qemu-linux-user only)- Enable brlapi as done for kvm package- Use %{?_smp_mflags} rather than %{?jobs:-j%jobs}- Extend virtfs typedef workaround to ppc64 for SLE_11_SP2- Split off qemu-linux-user package into separate .spec file. * Simplified %build and %install sections * Dropped *-static dependencies- Update to v1.5.0 final: Cf. http://wiki.qemu.org/ChangeLog/1.5 * Adapt update_git.sh accordingly * Add BuildRequires for gtk2/3 and vte2 to enable new frontend * Place translations into new qemu-lang package * Really enable SPICE support from 11.4 in configure, too- Add BuildRequires for pixman, to avoid using internal version that fails to build on ppc- Update to v1.5.0-rc2: Cf. http://wiki.qemu.org/ChangeLog/1.5 * Adapt update_git.sh accordingly - Add patch by brogers to fix SLE 11 SP2 build (from kvm package)- Update to v1.5.0-rc1: Cf. http://wiki.qemu.org/ChangeLog/1.5 * Adapt update_git.sh accordingly * TODO file no longer exists, don't try to package it * Package qemu-mips64{,el}- Enable spice support starting from 11.4- Update to v1.5.0-rc0: Cf. http://wiki.qemu.org/ChangeLog/1.5 * Adapt update_git.sh script * Audio cards are now all enabled by default- Enable pa and oss audio drivers, as in kvm package (bnc#737070) - Enable hda audio card, as done in kvm package (bnc#801794)- Add explicit alsa-devel BuildRequires: this used to (wrongly) be pulled in by libSDL-devel.- Update licenses from new format_spec_file- Update to v1.4.0: See http://wiki.qemu.org/ChangeLog/1.4 * Adapt update_git.sh accordingly- Update to v1.4.0-rc1: See http://wiki.qemu.org/ChangeLog/1.4 * Adapt update_git.sh accordingly - Update update_git.sh to reference github.com/openSUSE/qemu.git- linux-user: fix lseek with SEEK_END- Cherry pick patches from qemu-kvm into the qemu package: - 0033-Add-support-for-DictZip-enabled-gzi.patch - 0034-Add-tar-container-format.patch.patch - 0035-Legacy-Patch-kvm-qemu-preXX-dictzip.patch - 0036-Legacy-Patch-kvm-qemu-preXX-report-.patch - 0037-console-add-question-mark-escape-op.patch - 0038-Make-char-muxer-more-robust-wrt-sma.patch- Revert memory size constraint, the workaround patch got applied- Update to v1.3.0: see http://wiki.qemu.org/ChangeLog/1.3 * Update update_git.sh script accordingly- Replace -fno-gcse patch with v3- Add patch to workaround GCC PR55489 via -fno-gcse, another step to avoid builds failing with out-of-memory- Add _constraints to request adequate memory to succeed building- Update to v1.3.0-rc1: see http://wiki.qemu.org/ChangeLog/1.3 * Update update_git.sh accordingly- Update to v1.3.0-rc0: see http://wiki.qemu.org/ChangeLog/1.3 * Update update_git.sh accordingly * Disable SPICE for 11.4 since it can no longer be built lacking pyparsing- use ulong for syscall parameters. fixes lseek with big files- Add more block ioctl handlers for kiwi- Sync qemu.spec.in file, please don't forget!- Don't strip binaries- Add explicit dependency on makeinfo for manpage/doc generation- Add libcap-devel BuildRequires since it's needed to enable VirtFS support. - Add libcap-ng-devel BuildRequires to be able to drop privileges in qemu-bridge-helper. - Add libjpeg-devel and libpng-devel BuildRequires to enable VNC jpeg and png support. - Pass --enable-virtfs to configure to detect changes that will cause VirtFS support to not be built.- update to v1.2.0: see http://wiki.qemu.org/ChangeLog/1.2 * adapt update_git.sh script * this includes the fix for CVE-2012-3515- add bounds checks in console VT100 emulation (bnc#777084, CVE-2012-3515)- update to v1.2.0-rc3: http://wiki.qemu.org/ChangeLog/1.2 * adapt update_git.sh script - add two patches from kvm for SUSE Studio, forwarded by Dinar: * add -nooutgoing option for slirp networking * add allowed-connections= and password-file= options for VNC- update to v1.2.0-rc1: http://wiki.qemu.org/ChangeLog/1.2 * adapt update_git.sh script- fix getdent in linux-user - fix statfs in linux-user - disable FIEMAP support in linux-user- add support for FS_IOC_[G|S]ETFLAG ioctls- update to v1.2.0-rc0: http://wiki.qemu.org/ChangeLog/1.2 * adapt update_git.sh script * package new qemu-or32 executable into linux-user- avoid installing qemu on a qemu build- add hijack for /proc/cpuinfo - add compatibility patch for glibc 2.16 (Thanks AJ!)- fix segfault even better- linux-user: improve locking even across tb flushes- linux-user: pin multi-threaded applications to a single host cpu- linux-user: improve lock- linux-user: add tcg lock for multi-threaded guest programs- include qemu-img and qemu-nbd in qemu-tools package- add qemu-guest-agent package- add fix for segv in linux-user (fixes java)- revert LIBRARY_PATH patch by Alex- add patch by Alex to force gcc being emulated for LIBRARY_PATH- add libfdt1 to buildrequires on ppc- revert qemu-bridge-helper mode change (cf. BNC#765948)- don't use permissions.d- Add fix for bogus losetup ioctl to not warn us about it- Set up bridge helper as a setuid executable- Add patch for specifying --libexecdir * Fixes having to specify the path to qemu-bridge-helper manually - Drop superfluous `make qemu-img` - Move qemu-bridge-helper to its own subpackage, to share with KVM- Update to v1.1.0: see http://wiki.qemu.org/ChangeLog/1.1 * Adapt update_git.sh script to new tag- Update to v1.1.0-rc4: see http://wiki.qemu.org/ChangeLog/1.1 * Adapt update_git.sh script to new tag- fix /proc/self/maps faking with secondary threads- revert commit a84fac1426 to fix automoc4 for arm- remove manual interp prefix, which made all linux-user binaries point to an i386 LD_PREFIX path- add patch to fix building of go (swi in thumb ignores imm)- Update to v1.1.0-rc3; see http://wiki.qemu.org/ChangeLog/1.1 * Adapt update_git.sh script to new tag- Update to v1.1.0-rc2; see http://wiki.qemu.org/ChangeLog/1.1 * Adapt update_git.sh script to new tag- Remove workaround for forcing cURL detection- Update to v1.1-rc1: see http://wiki.qemu.org/ChangeLog/1.1 * Add workaround for 11.4: add -lrt after -lglib-2.0 - Adapt update_git.sh script to new tag- Update to v1.1-rc0; see http://wiki.qemu.org/ChangeLog/1.1 * Do not try to mv qemu, the executable is gone, there's a dir now * Do not try to mv */qemu-*, there's a pc-bios/qemu-icon.bmp * Be more specific in temporary copying of files to dynamic/ * Drop duplicate %_bindir/qemu_binfmt_misc.sh, only in sbin now * Use dynamic version of new executable qemu-bridge-helper - Update update_git.sh script to pull patches from suse-1.1 branch- Update URL to project homepage- compile fixes for ppc64abi32 - fix update_fit.sh script if wc -c is 40 - fix stale tbs after mmap- cut off patch file names after 40 bytes, support older git versions for update_git.sh- resolve VMAs downwards, fixes arm git build for real- update update_git.sh for 1.0.1 - add fixes for reserved_va mmap(NULL) case, fixes git build on arm- Enable spice support- update to latest stable release: 1.0.1. For changes see: http://wiki.qemu.org/ChangeLog/1.0- avoid buffer overflow in e1000 device emulation (bnc#740165)- qemu-user: fix fallocate- qemu-user: fix previous patch- qemu-user: add host binary support for binfmt- qemu-user: add fix for /proc/self/maps to only show mappable regions- qemu-user: add wrapper for BLKBSZGET- qemu-user: add fix for deadloop with ulimit constraints - qemu-user: add device mapper and loopback ioctls, enabling kpatkx- backport all ppc-1.0 stable patches to our package - add fix for PPC HV KVM on 3.1- add fix for PPC in HV KVM mode- add workaround for KVM on PPC to support hugetlbfs - add upstream patches to fake $0 in /proc/self/maps (fixes ps)- add update_git.sh to simplify maintenance of the tree - use -R automatically in linux-user to gain more address space - drop MAP_32BIT patch (deprecated by the one above)- add linker patch for ppc hosts- remove exclusivearch - we should be able to build everywhere!- fix compilation for 11.4- fix compilation on sle11 - add %fdupes for duplicate file checking- update to 1.0 from upstream. for changelogs please see: - 0.14 -> 0.15: http://wiki.qemu.org/ChangeLog/0.15 - 0.15 -> 1.0: http://wiki.qemu.org/ChangeLog/1.0 - the binary "qemu" is now called qemu-system-i386- only ignore specific timer_create syscall, no all of them- don't print out unsupported syscalls but rather silently ignore them - some programs catch stderr and get confused- add a number of patches to fake /proc entries (from Alex)- split linux-user binaries into qemu-linux-user package (this static package can be used in cross build in OBS)- add xattr support for openSUSE 12.1 - added syscall numbers to fix prlimit64 support (from upstream)- Fixed glibc arm build issue according to https://bugs.meego.com/show_bug.cgi?format=multiple&id=20418 added a reverse patch- add binfmt misc handler binary patch from alex. This is a handler which calls qemu with -0 argument and right parameters to avoid broken runs due to different set $0 as on real hardware - move arch specific patches at the end to avoid arch dep conflicts with other patches - enable linux-user build to get binfmt handler- add 0021-implement-prlimit64-syscall.patch from upstream to avoid output and confused configure scripts when testing gcc on armv7hl - add 0022-fixing-smp-races.patch from alex to fix some SMP races- add 0020-linux-user-implement-reboot-syscall.patch from alex - extend 0010 mmap patch for files- add fix from alex for openat file permission handling- Add BuildRequires: glibc-devel-static- removed un-required vde buildrequires- build correctly for SLE11 - reset revision to zero after version change- added 0018-qemu-0.14.1-mcast-udp.patch to enable multicast and udp tunneling support- New Upstream version 0.14.1 See http://wiki.qemu.org/Changelog/0.14 for changes in 0.14 - removed 0014-qemu-0.11-git-ioctl_mount.patch not required anymore - enabled vde support - some spec clean up- disable parallel build for a while, it takes too much memory for our workers- update -> 0.14.0-rc1 See http://wiki.qemu.org/Changelog/0.14 for changes in 0.14. (There is no such page for the 0.13 tree. The ChangeLog file ends at 0.12.0, http://wiki.qemu.org/ChangeLog at 0.12.5 and suggests to look at the git log. High-level information of what has changed in 0.13 is apparently not available.)- update -> 0.12.4 see http://wiki.qemu.org/ChangeLog for changes- co-exist with virt-utils, which provides some qemu components (bnc#586115)- requires timezone- update -> 0.11.0 final - mips: fix conditional move off fp conditions codes (Nath Froyd) - fix migration to obey -S (Paolo Bonzini) - remove pc-0-10 machine type (Mark McLoughlin) - vnc: fix copyrect screen corruption (Gerd Hoffman) - fix vm state change handlers running order (Markus Armbruster) - e1000: fix eerc and ics emulation (Bill Paul) - fix sdl zooming with pl110 (Blue Swirl) - sparc64: flush pending conditional evaluations (Igor Kovalenko) - esp: fix interrupt register read (Blue Swirl) - option rom makefile fixes (Paul Brook) - fix sparse warnings (Blue Swirl) - fix symfind (Laurent Desnogues) - win32: fix default prefix (Stefan Weil) - fix checksum writing in signboot (Alex Graf) - fix sdl window resize (Stefano Stabellini) - do not resize the screen on hw_invalidate (Stefano Stabellini) - Add checks for -smbios option (Beth Kon) - fix do_set_link (Luiz Capitulino) - fix do_commit behavior (Luiz Capitulino) - make windows notice media change (Gleb Natapov) - check for PR_SET_NAME being defined (Nathan Froyd) - fix migration for ide devices (Anthony Liguori) - Use correct depth in vmware vga (Reimar Doffiner) - support 32bpp cursors in sdl (Reimar Doffinger) - fix device name completion for eject (Blue Swirl) - make screendump use DisplayState properly (Stefano Stabellini) - fix autostart with live migration (Avi Kivity) - fix detached migration with exec (Chris Lalancette) - fix segv when changing vnc password in sdl (Zach Amsden) - fix vnc password clearing with stdio monitor (Zach Amsden) - clean up VGA type selection (Zach Amsden) - add missing linefeed in error message (Stefan Weil) - fix rtc polling mode (Bernhard Kauer) - qcow2: order concurrent aio requests (Kevin Wolf) - qemu-io: port to win32 (Stefan Weil) - alpha: fix extlh instruction (Vince Weaver) - tcg: fix size of local variables in tcg_gen_bswap64_i64 (Stefan Weil) - net: fix send ordering (Jan Kiszka) - escc: fix IRQ routing (Aurelien Jarno) - versatile: fix Linux task preemption (Aurelien Jarno) - curses: reduce memory usage by 250MB (Aurelien Jarno) - disabled ppc64 host, seems to be very broken- package missing tools (qemu-nbd, qemu-io)- disable S/390 target on 32-bit platforms- update -> 0.11.0 RC1 - add machine aliasing support (Mark McLoughlin) - add getfd/closefd monitor commands (Mark McLoughlin) - fix live migration (various) - HPET fixes (various) - slirp: fix guestfwd for incoming data (Jan Kiszka) - fix qemu-img convert to copy unallocated parts of the image (Akkarit Sangpetch) - vmdk: fix backing file handling (Kevin Wolf) - scsi: add save/restore support (Nolan Leake) - e1000: ignore reset command (Kevin Wolf) - allow monitor interaction when using -incoming exec: (Chris Lalancette) - fix -net socket,listen (Jan Kiszka) - serial: fix lost characters after sysrq (Jason Wessel) - lsi53c895a: Implement additional registers (Sebastian Herbszt) - i386: fix cpu reset (Nitin Kamble) - Prevent CD-ROM eject while device is locked (Mark McLoughlin) - Fix memory leaks (various) - Reset PS2 keyboard/mouse on reset (Dinesh Subraveti) - Fix -initrd with > 4GB guests (Glauber Costa) - qcow2 fixes (various) - Enable power button event generation (Gleb Natapov) - fix serial option in -drive - Fix non-ACPI timer interrupt routing (Beth Kon) - Fix keyboard mapping on newer Xords with non-default keymaps (balrog) - Make PCI config status register read-only (Anthony Liguori) - Fix crash on resolution change -> screen dump -> vga redraw (Avi Kivity) - fix savevm/loadvm (various) - virtio: fix guest oops with 2.6.25 kernels (Rusty Russell) - SH4: add support for -kernel (Takashi Yoshii, Aurelien Jarno) - hotplug: fix closing of char devices (Jan Kiszka) - hotplug: remove incorrect check for device name (Eduardo Habkost) - fix VGA regression (malc) - added S/390 host and target - maintaining patches in git - several linux-user improvements for compatibility and speed - enabled curl block driver, VNC TLS and SASL, AIO, and Bluetooth- buildfix: refresh patches- BuildRequire zlib-devel-static- update -> release (0.10.1) - fixes bnc #435135 (CVE-2008-4539, SWAMP #22179), #362956 (CVE-2008-1945, CVE-2008-0928), #461565 (CVE-2008-2382) - Kernel Virtual Machine acceleration support - GDB XML register description support - Intel e1000 emulation - HPET emulation - VirtIO paravirtual device support - Marvell 88w8618 / MusicPal emulation - Nokia N-series tablet emulation / OMAP2 processor emulation - PCI hotplug support - Curses display support - qemu-nbd utility to mount supported block formats - Altivec support in PPC emulation and new firmware (OpenBIOS) - Multiple VNC clients are now supported - TLS encryption is now supported in VNC - MIPS Magnum R4000 machine (Hervé Poussineau) - Braille support (Samuel Thibault) - Freecom MusicPal system emulation (Jan Kiszka) - OMAP242x and Nokia N800, N810 machines (Andrzej Zaborowski) - EsounD audio driver (Frederick Reeve) - Gravis Ultrasound GF1 sound card (Tibor "TS" Schütz) - Many, many, bug fixes and new features - virtio-net: allow masking of notifications on empty queue (Alex Williamson) - e1000: fix rx descriptor low threshold logic (Alex Willaimson) - x86 tcg: add NULL checks to lsl instruction (Jan Kiszka) - kvm vga: fix screen corruption with -std-vga and Windows (Avi Kivity) - kvm vga: fix screen corruption with Ubuntu installations (Glauber Costa) - virtio-net: check right return size on sg list (Alex Williamson) - Make qemu_announce_self handle holes (live migration after hotplug) (Marcelo Tosatti) - Revert r6804-r6808 (qcow2 allocation info). This series of changes added a high cost to startup for large qcow2 images (Anthony Liguori) - qemu-img: fix help message (Aurelien Jarno) - Fix build for non-default installs of SDL (Anthony Liguori) - Fix race condition in env->interrupt_request. When using TCG and a dynticks host timer, this condition could cause TCG to get stuck in an infinite loop (Aurelien Jarno) - Fix reading encrypted hard disk passwords during early startup (Jan Kiszka) - Fix encrypted disk reporting in 'info block' (Jan Kiszka) - Fix console size with tiny displays (MusicPal) (Jan Kiszka) - Improve error handling in bdrv_open2 (Jan Kiszka) - Avoid leaking data in mux'ed character devices (Jan Kiszka) - Fix initial character device reset (no banner in monitor) (Jan Kiszka) - Fix cpuid KVM crash on i386 host (Lubomir Rintel) - Fix SLES10sp2 installation by adding ISTAT1 register to LSI SCSI emulation (Ryan Harper) - s390x TCG backend - i386-linux-user NPTL support/bin/sh/bin/shcloud128 1557856644  !"#$%&'()*+,-./0123456789:;<=>?@ABCDE2.9.1-62.12.9.1-62.1 qemukvm_stat80-kvm.rulesqemuChangelogREADMEVERSIONqemu-doc.htmlqemu-doc.txtqemu-ga-ref.htmlqemu-ga-ref.txtqemu-qmp-ref.htmlqemu-qmp-ref.txtqemuCOPYINGCOPYING.LIBkvm_stat.1.gzqemu.1.gzqemu-ga-ref.7.gzqemu-qmp-ref.7.gzqemukeymapsarbepocommonczdadede-chen-gben-usesetfifofrfr-befr-cafr-chhrhuisitjaltlvmkmodifiersnlnl-benoplptpt-brruslsvthtrqemu-icon.bmpqemu-ifupqemu_logo_no_text.svgtrace-events-all/etc//usr/bin//usr/lib/udev/rules.d//usr/share/doc/packages//usr/share/doc/packages/qemu//usr/share/licenses//usr/share/licenses/qemu//usr/share/man/man1//usr/share/man/man7//usr/share//usr/share/qemu//usr/share/qemu/keymaps/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:10216/openSUSE_Leap_42.3_Update/b414eca91a1e39fa1bdd3afeac3f1362-qemu.openSUSE_Leap_42.3_Updatedrpmlzma5x86_64-suse-linux directoryPython script, ASCII text executableASCII textUTF-8 Unicode textHTML document, UTF-8 Unicode text, with very long linesHTML document, ASCII texttroff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)troff or preprocessor input, UTF-8 Unicode text (gzip compressed data, max compression, from Unix)FORTRAN program, ASCII textPOSIX shell script, ASCII text executableSVG Scalable Vector Graphics imageASCII text, with very long linesRRHis3S7蚝Jpython-cursesqemu-block-curlqemu-toolsqemu-x86qemu-ksm2.9.1qemu-ppcqemu-s390qemu-armqemu-block-dmgqemu-block-iscsiqemu-block-rbdqemu-block-sshqemu-extraqemu-lang?]"k%HݬRF}Xc}S$㝳t0B0'ӵ"o|۫RD?|zn[A+ht@l~7#z?`$/b ,QƑ@![ZX~0;iWg;ݩnϬۛ=Yl >8$RԪ 5P$Y0a|]g@ $?B@8jVpIͯؑA6opuQ]>ɻ᧣m + XLVǃy(XV\בR@6p 9@F²z@N4h5ppMV R*TNK'X"Hu|y`Nڡn@k#1O"G{BYrzR?Ni[h\R_8- έ"?A"b6UV?Fg@27CCyX?CX$뉯CarͽRRGa&##( Xo-#M]8 T\#Upef[ڵʷצ0sȎTM# yg= [YUR#ӻـ t 9>%Ӷ~g;;ZNVϾY+-M쎙H';v L $31g^C,h]m;6޶|y~%IQJ"[tmsETEr\2oa@fÞ)VɤĬIa /bĐ8S:N'N/:P+O6jc[QV.95iGdb8GtG}6 Φ3{+1TAXxćtpfV[Jkː4 El^ΏGH dg4T+\QP1V'E754ip]#CKqy_{ţLeo2aBD FJUW@n1K]b'ǎ5R8x])lXv(|!N`۾WQ 1p&Y!F>&%y𐨎5OC=WTRbuǝIr!kɌnoQ\O*(|=O0|CoD$?*}TfT2stoh/|(ա,M/YFu_&  i@dfu6 EQ40 Oݟ//2h%b3N; pɴ]5pOMm\)aV.#L.rF$TD7܅lܽBM Uꈴ|B|W;GQJZ6V=)jh3-oXn; EAsO̽3CL!;f,2{f?|΁pWK?}^ LK젔Ɍ^^*sŰ{7ozևAӲXZ~Ťe FsО-G)=L\߇ RBYCof4xHj8!Gcz*pYHEy뵝f0ܹ4~Ļ<Z Fq$ݍ" 89Yn:u5ӿ7 B&X-z|6mtKE4{(j[ D|Ď<a୧K܃(k|Yf;] ި]3yR˥wMh*DN`/ꅊ=NDli t+q ]GZ aogۅe3'z1'VA8, iJUmD%)sCm&qʋ1j8Po}>L܆-5D<-`E[pw{'3D zs D?@6)؊OLհ?Y<mgrC]gLϘJ0v;QL8c˜y5Ⱛq9} խgsHY{y8;a 7|1d:IZgBh|ΖN+I2ASW %v \~cuѝ="0( QPX9^BgXZ[첾tR" 9$f۸Z:]N&L=n0Q3ѷriqfe h:G^ ȒrC@S (ݿkjђ;ۖ(ݿ`;rI.b;a5O,p--bK E4W耚P~:ܛ[5_ ݽ cC{5#{p?C-E ;}љ@N@f]jaݜhZzMpa2rHSGj^N]Jl]C)~b"*cIl XpŪg+ti/5=5,sog۪{.jfeւwQ%6k|LR%WO.+9lqaVhHvL)kVW \Š~5չ$ ')U)Ri(=;ToalnӁ, _b<(2 hJ1+ ǩ[*G9}nQD Hb;i$XZĹ 5 7. ;8`C m#LF#m:<L*O*nr. 㟂5skf$H(ݿ#LàKq+,ǟ$Ջt2N-mO b/s(i6z lԫ{1"Fv?&9D *Rw=ۉ2Ew$&R,l N +5 LB 0 ):iS]`ˏ5_=ʱWM4R, ~oERΈV?1U~؁C1;{tVe^@4(+&{Lѧ&923}Egmf7G5fGeu6U1my@NagڥEE~1ۺoAOA#`. Ł_{*6gTc]K(. sRhjFĩ6ub-JfR/b(0?Y9u-rku=ԅ!7nK!y ¿;G=Du6Ep(.@58wgl^\>JSCz1mL9Hܛ7Ki% O*CtrW+0t;؅b>Qgu&hƊu{\Sg#8kv$/zTu2F5xp+i RC#v|mvVՎ/nV3P- . q!Sajbw2A^O]`L8 =yyRid ai?8(8tXG=4#jT {pŽR3 G$ȣxZdQUQ)Ю+`yU_:eI~=nfe6uҊꍏ3_jNcyW\&yVx…WwI&ƞg9QR4 '45<nm:YA"oԾP+ˀ[I,>+u&Hz l̯ q>~DIW'@m{!"IIc/eOl!SH8l|Wp;pI.>"zo&H;4^=l]uC෦:0geq&Eۨ-]+ՠLo_aի.;VZ?{0 C{bd/d\ }ŹvSolZZ5Ef3L)[`#g d&Ka!3=eaI2ގsI q856]odldqaqHr!Ӡ5elh]G>=-ܘ/JJ>+MѢ'LJfзAU \|wِBIԽ_jBĥHkE@"!ޞC?dK3xhk#-gP:YyO0z2y1BlҋV+mnh_ {8aԮ%k>Դ`*9@3nȃ"O5g3SUi"/-8cT`.ۆ&]jXΓJ KO@1t[2)igD c.7ħtkL 334 Brk ޛU=UR(]~~t0ƜqE)u_oکU,ٞ69T JK 3_odpT39+X&ϸ>( :TFwz%B9$1j3"W{dѷr&Qe2ۑii/燒Ei,m_]!+d8V8&K5OܛbFe{GisVmRbJjR?Dqڶzϵ5«$9Y_=y|˸CM+ūSLt{;XpRq#~ LsGv /Th4Wk~Z7ML[=BJ+UǙM=mTeƪ~d~(hL☸u[^^Ȝ^|;"  |IƜn#U#o=0#b.SMe0*:Z YH`~\fG %"gJy :1 21@3 #$@<>K~]D!RA5K[RIIw=c-|cǪEQ\ydHv]x1tq$hšy~`,|wo7a@3_\?8G[K$5T;3eSCH.d%:~,/:fMI%;Fs\s &n| !vʼI^Y h C pwQe)_@u87ùf6w`Ԕ|7v,N2  $ÁF)[³'('v)Uب )gUT>ƓwCr$϶`9~}ctjg4 o +fz׹wVhxr}1~*VxZ; ".}m-oӄ2$A:"9cLUrxQ]s-iPK|ͣiE|UaШ:vH ŴH Ԣ,!CM2* 7tcB'@B`|;HvvH6"2Ý[f_x$3~keed'%7dWkTwL_ dw}OsmH*!+Pc@]3N1N}.μCdF)5y/yΟP'* ݡ.($tFw>E]DoqUYU\Eơ"GoQ)^9M8:MZx^>=|4;;f7B{O%RFstF*5 t,LͮCC݇hJK `YyU@sS zծgi[N伄zWpzAm*eLԇ!h!Ua*K%{N{@g0Ia7*-qE)c'cQtb{G:$zԷ'z8+:bH@z'{8#/i# gLnVUa٥pstÊAHZ?q| o6o/?* ne\B6v9'fI6ή;~԰(Ŭ-yEZ-0Z$>١l@Y_o.EB=6 K/ϔeؖh;Œg\S-A$!*([,)v& oқ횩ԟ0X`-Å$'.֝K}zIqȡһv%Z /Oygbыu¯-+&1Ӧd"X(`|JZQI iuЌ&* -_o1"i1 V\zrP>vDTtyُC7ːۭt!tBX8OY̝H ؄̰8O3iAͧ/vD]*=jN 7x]BـէqgS4)|m{`{z8lYv>1]r15t=_q+s1ejJm3 *s;- 7;<`OƦfed Q3Wm[#ԣub_f!GIJ[z/-@[J3sb5_4&?x~]؇3Y<|QSi9"exVДz)2E;:D\@E? ٰү`.- ^ AYTX}yH%KEرV;l!ޣz.[!I&HyG{x.\.a4IxL֬^L[.K$c.̪?Ȧauֱ'wGG<Nj"1\AS&c? [<ٔXaif~MLE@XXݔ=7" 9M=7!cXqfĔk:\ShҚJ#HsZ@&ZneT9*èl2ƹ ^uXT0ǰG|{_m(@ aHMM%W9a!Ԛo,<bȺ)H IcbJ'Ve2u[4x[7MNr B OE۝3N*sQ|Ӥ$-@@.0+K9 ~T'Ї[f$EC ؃xܦL|?$^9HxrG|+=Mo/R:M]}4\ylPسPҵun-{Ք"s@zjkňF*88Ev)cWʝ/}YC-`-xďgO᮴`ihޅ_ -ݒ<3(PI W^1+,vV (*E͇AStH)shۇHhj( nai6%AI$ЁO㙖I9v磤=_@Օ,OJMS] +iAUg$fdhmwy-r["Il>v4Qfٙ֎:6Ms01bdz&Wa͋)Pg]]C]4 K ǀȸL`f+}wbD1ڥׇp~3gM")Y6vK)Ӭ U mOL.[DGPv}9@ee_a.>m%H }'1U7-> =-xR޾B{CiqiA'`uc'2G"5i3سi8'\@Bճ$b"z[82jIo8~٣׌dixIF+8ǬnIL%FVlj.'K?6X٣_Z6E |$1qnǿ~`vD}W9>AEd^*3""L|5  bU]gT'ߟ܂C0$%hprl:5邼9X.Vܡ/5[(3K6"sD| }32 ЌGq[ӹ ;#0hu"!š(Kw<~,T]I= jr;#FG /':6˳:Gl/4$xOw)ҭ4.5p]Np0~hТQQ#쓏 m)[!֦@ и/S6[_o9ٻbD3jAm0mT|€qzL=~5^+ Nko6{\6.+gT:)B^RlRu&_6ihdgE ?WDlQ?RTg˧qGGؐj'`2lo48kPx 6AGMsR2(אڼw#MsCj\W7JL8[ dx|گQ\Twm?yLxoz R YWYoaNDq,x|B{W?dF?xJ9%˛ -#y$i^׎+(W~\o:7ڽs0RìH7g(W ktEt<=]ZM=l0K u00"~ ] w"AQSx-QY \}=߸/.DIcHx.h8*ǁ_aO{[#N9%e$H'`yfйӀ;?9Z@Y@1]?D+`6HLĐ7IoaH[)i wWvڲo7eZm#R2H`](!*.I &|*`XN in g.+#{/RB,f F8klFw΋uٸrZRrFG&Z;/LUC'#,PuݻrfPù~ik3+P6&g=)\;$l%~8rӫf]t+ɀ }1(_3؋aHX$w@֝{H[3V 2xg_)94Ea0mk}atpzx+dus+ԨVʬ]0Z0]\DP:Oz}%PK(Yj5KshHx?KEJVz-8uX H.)._uJqبJ( LG:uCMQ, bRx?ϧm9}!\*K;y|4M'>YyY2bIXT"襷ev"#!xs:DM>fp9kt!dW|p_@"fncC{sq@B~&OǴ3aHEWBj fL?qa'L#tGt)0w(׉u`TkqB-g'ͺ=gAT %E82lo/ˢ5F :X,~Q6&bLV7Wِk#2#']}w?& ]ݝQ2(,XMqk| hTaCQҎe,>^yEv%_,4|nVm]U ,~U~\GNNߘv1 Z?p"*GZ\ l\"qdgr:)ZV(N cs'fH 4bǫlQˊ d œkdD#qN TH}]O"C.#Uzt 2iɽxa-ݵ38O{LhJzǷ5=v3ˬ}|;1]ċQy讯 fn'lu: cJ/̰ЂE7HgKC:|6p|f>eXNfC8r;Nː00Е FHKv!$+{*o7ŷmYkD: bi\X)A(kGh䴮W⸽&PD,Uy#+R W^AMGD-%T|.}vnO͠xd>"Z}1f!F9lK7g))- Ew.T+l6+Ht6fn*Hͷ*JܹqV"pOje9uPhrLp?7m7|!AܙLpt; 'ZGaԱ[Ͼr~b֨jvz1-ӐzD L@\LEAРBߺr1zi?HB>NαqhP+( $)Y驘XE޾9H o+ҽuFb^‡X؂̐ggjSP*5QgWLɪ.vo#Z'2|fa=`՟u ŝq/>7=~'>Q T=9qVy쇒ZvEvCoeDd }6dU&[>2;G4dbՓ~C$.4˃Qlw( Vqt?4޸HÙ_ua^PpnaAJk@#N>2uT0O=+F ZBPñGҧ%1D[HRIPؾ_;`^6 xw/AD!y~oj0DS"MjIӦ)Pv>4UQBtT`vjXzr="ĭ g0]Xe ˌaͳ{^ \|f0K6f47s,%מk}"{j~"YKr6zQNy(qlKS@6-Z,y`8X3>ںEX ǃ0%HO X+}R/oF&ãSE D:s<uؚhsXpѭ\^񂪥[T:&ƣKxZ50|^̦i.u݁(ZwUߴ83B @7ta_f9g߯M) ߚGY U 9\3Liyjc\m"P}kp4ʁaWŔUNơ;**JOM.CKD;pq3Dr0^^lp 9DrpՖbIC ^ iD:,+F5}Ŵ%U)ʊdcp aCtv~T}E!3Ίr9=?ҵ}=`ԶvK9,LZt]O2|mLVÇV,>2?+Pͧ+c}iނ˨Hl3w~t6cy-a4sKo01lهSjX6lo[^H#r^8:Bh= YM'@Ye96Z7V-׆TDB9(b]b=$]ԝydb8s%UػH&W/0me۰M,`o!=Eg\HbYkWr&Gn#*j.jh!hӸw UߓY#ʈl'vQqnrDn'lx&2."k0=iCgR@pƍhjUÄ3(LV-"TĢJ+zxv R%1}2HP~R/*| O#Dnj% Q"LF';zҏ3iK?M$`)ޭw!6T &RM8時ucsýM+lOZJ(&B P#s]ugvcb4-BLD.FrCGP"rz-aO&_l.}or7/^4y2sɴõ]v$ a&:wc!mX&-d4lcD/vv`g<aY0XO`^vꞒ GSrp f>'9aPW/Dh_͏"Qzݩ84 ø..s!xѶ7l>ܘZϳXI^``֢&"5TfJS>lSGYA/0N\:g$U`GJXPPYj+dlU.+v t,]G*hW5"*mX[vs2v#ggdxGy#dmt4a&a}ˍ{tVF9:8uSΊ]N " <*DqF(n]eG!pv.m; !tt&K0pf5_lnhKNz=~_  ~%я߭} nF*o`HɭYH a 7nIEY"asU$2\ u \zn0dƅDtyKɠ+v#s$6k6FׯjTM}NO2%~3PP9hXAe]H~9PUޫW@`b\²!g:&PH1u~N&S!!vn 5xKA"e2js$ ;0Z|`aXN0Pڣ.'KТު2`bCDV#sY䞥; IJ[;Ӫ3_: QU @뗧ӣڒhG8߻]uȡ)SZN; _">Sǡ(:M?Z;K] +n`D|DQglQI\]$މPCn/nYֹ̊8ڨmưkN*%mY>S +@1xyEPzhi]7Kodh)չ7BJ&w t18Ko鄎iv ڍ'OD0evMǟZgE~-edGil~V^SY1 Ḑ㠫KEZ7?L^ jxmÏJZ3-=b#l~D>)X {Q|,xAt'nu}$5$ȍDٸ9.X9نtR7K#\G@Cv uӘ)9 s힯g04BEE;W4:h\qc{[!k6?zB4#D+19܎N޵A0O|=>i;:` C\-ϫj|▮W1l!P}?8'H.mb^D# V|+2WWf`A.3 (YE+:LtdVa?^ 7H儗L'B1ޔ8LBU1a<_ci2kOFRQk%ͫ(uIIWƋpMb@𸨿Y%5Mܾ/Ukܞ&|`{Rjq_>sbb9&EU6,a+4ädq.-n54ԺtD#1Xfa&K 7'uWVB7 6YaY=2A,h| ) OffphvMS3^>prfn.֔t; (H+Iwׇōۻ. ʫ=521 }w%s52=>Y{fxf˖Q6e5r0jlp ,ْ%ѧ 㵥 PGZƺ6rA%8!]B5mmwY/@aPZzG`+{A欒 sc@,6*G8 `xip"_4'{_twGlJ83 }KyHoxsh2gLD8b*gӳ6PC5I /Vz҈虬)@\2y4|)hѩvgI 'JɶWOVuM O{f~l`hWys |rsQPqK$-WmC/U!!K^|E=J9)1TWѣq5h"Q]_y%V_OޒZ"rXRP˃qłotꞁJ M3;{6s08_88kY5y|*?:{P1WP}K3ȫMj/R*&n))#xW{t:?]gd[]ax+,JE5t}|2;cweMF}OFaG;b jbJδ0s3W(v"!Ț9sWtWY[\ƜXG{@ x3Hi:zgGz<\o +D3 `q .#ݬyqF\%Er2 fawIP 3zLKK3 Y^FMĝkv ^Gc*u = :#K~@RaG\R[|( kb1\]% PV8N=d Zzx~&^JKmi9fOۉB"6OyzcmjSM rs FlKo rfKGS?=e2-vx#'3]C"ǛU%@{."'6YhBlw!PU0gXX: D#F(2ngn2'(<|J!ݛ 3Qk|p@2U 1?8≏naMZ9voGSthH!Jİpl*(Wb0/Y*xs>%({n} T/ߠH@ C\"Ȁ A 2QKD9;~ c|+E=YӀq OZ+i`iΞ%x!/fN, @e_a#sL' 38M1ȷR0 NT)"lNdMr=AR$ݨh^ݻfCz@ Bu+":^V$ǜ`%RT÷GĝnɃj+%R cM>hi(Fk`+x?ͷqBL.f9a?"ո,j%#.Tj1H\sƯ8!ZbN"JaYе_kTsm4^+XҠn#m<`G Z~Q8e9MMݤckï Pdj9hr)JP>[ʙꕘ}D4DE-jh7SZvk$YXd%$_yhsj6B|yɝ0/QҐOlkmQ(E[76 CXm2QGسELEȄh7B\٣k hL|q}2߃@}[齢l` 鏻ɿNȮ }Y\r-)".59`JaJѠuP~˔QQ&1lUk\ %@[jʁ`@9x49 3eXm-[g]bC2]P]'A\nIJBWI&5T1c5$ݢ*kP7ruEQŬek$i:b |@*d?z ^Ε9t?xrEߦ. \gD鏻Z1߸M؍%>+RWA =8%.vBGCp0*!'_GITCmDu& KmgL~jKxQfKp&֩ȘYͨ )ۤ#9uJ>粣KE>/ AoFq TϕNOfX zҿjzOwb2XW"-Tm$M7'#䆃?tju$|_³+1|zKXD w:>=^ZOAdc"r0%J3sm:JWgH/ĺ9]͢ d!9]m[/=m<*h?h8.d5&ݣn Y/DĵҶ||УpW$3[tI>x CszeSaN-=#/SS9OyxKz4, W[Ԇěd#m: xYU\csqCu3Z v>nCN㫴ϹW]"?3\my ~T:D 1p0pSrBG%d[JN]^S|FTIxUh ,'wLiăto{QznrӰ o:#GMn קLn]ٍ쌞4ݟНL\b7Tʚ*K02w¶VpLJ-ƕj-gEft30g~%1hdYQ_&4{x ,w\fU:УzT} Vl :$| 0{:2xгu/P=Xaw2qX̱2X S&D'}v ޔ |#ku<;</ye|#yZC.vK(0+9$D|\JZbC5WZCrP{5ƫvihgV>80ݒ, |R*twSe7@em6p5Xx}h1(f ǝ=VMDƤK,Vv@8$]QeL.LxnN?,MŮ.< ~dL2m߉nP dE?ee`oᡯ@M* ?XmguhGL6ܺ[?sQFNFo3ђ3pt6 Fq``=: Rr7IZ7Fϕ܄'#as},,IFPvHRSìv`0auhR~C~㞓aϋhdO~TX$Q^GV㈟%U2m bkSup3t$g% K6Ŀֹ9y"s2 {To_漳Xs]s0H(@f+/=HX aMY55"R8T^xiN0UY*"Srx;=-cq: [r FKպsK9yiql]Vd->ZBMB:ʍ_|#ZN9LIq]-r0П5+@ Dơ.O'v2H0J}û;,7-8v oǪ8Jvg: /&u.sf<%ʬW[1WS[5K jGDui; z{PMRoI3s d/w*u5?~blgVk]/ ^旄BN7/ius2opDz\Df&ja|3g×("Q/e< y|y6i!dzPr};Y5ntg0w o5y i(s4Qo-PYyRږ+ܱ1諨+?](]"3{c \7Piv{2c%gn\!نLâWj0Hi )+ߓ33L0X]T&2)KߛY?z#ܩOy&IN OnGIS! չDRj(Fm~6ci`$' vE6ʐ`wVS.ru*OBڶ{&X_|wS}e I!"\m1}3L.79eJVlK,H&]>n-v^&_\}4ă>+X/>ۇ7PwN3r`4ӂ~`3X]{Qj MiNKPC %Lq 7mB;*_(N{s3ޯv,߄\Kmpq~ J Pa3^AԄ!"yyBF0S i`%BiArU4OE P{I< :7-+FW߃@x>Z>ݒʓ~:QOF$\?OOrp8(G6'0}PC˳RP igmfB3!eԸ1Qv:wJ m5fT2}_Y*(e16t*8-yI=[6hX&ľeBQWu ?YS()]-oI6|;."Քm1't_fpgROa9H]k!P s4mDGCtL-FrBтi۹/ <0Z]=57|kbE_WwVdjG;ИGɽj&q>dgMTdEZh@p~ɽ=rw2{(5_ʮnH脃WoD4 TӎpMY`4) PY 39Sx; H^aYe~(^IWEI:̟L2Lwܼ,o~ QdYʷ&Q nr3ڥ?e@P R6P%[gw7_*dTR>B|p+SJC2ul+fOi ka=#aQaҰwБR3O-5t,2:_ [po>'RPϥ,pȿߴ9juk9. `9-y_ƒ8˵Ё!sXFf\tNIMMEP郎w岒E Ok^FIZGBjstQ]Kn0 h~]Y 4Ll$IwUJ7ձ}ZcI"ٱNE_ۜĂ^CBF$<{YF?ڃ1bSV݊=;()u:xU@\y5CCJ-xQG|1H5 b"Wx.$N.:w-}sE2hxNI􅬀`Q:俒'0'naǒ U3;V锑 N?I{;'; i-f&}xGx,eD?vs"N_Bs8ţՄ|\{< !|UznjF$Q@J{l@1 F.p mZ7(^8а" Gsϵ+l濰}2da @YۤYn' #g0ID1$Ad\4X%T`5  ,KrpD2UȯORrWs.p*c+HWyBCTv~8暍>P>< 5hu Wokv}!ufn|i嵘O_s'%#+9mrο8c_A\g*S}ʂ[YOЗjdE~_+^9xX yv\Bh&kWy6)/(5{{ wн$N 30Ǘ}e_s__ ? !JuGEb=U9ʠM':б_tYtv8aGIY1ޑ7)BTm='noňO w;EdS0oI}K\Bn*;̖ [yUQ2P:8BH:K;Pʞ.\,3 $ж.z 7τ!sgrӯ7^r+HIe]0wr)EpŀDH3nk*B..PP#{u]5d]hLRƺb}j%1?Q<#-  X#ܞ'sV8uC'%=b5QŗUZP)z:܉kvRk)8B[/L?M}95%e'i+ECn\֞Pck!Upg4foA58ľ3鶄 km¼BO*j'1n+Ox.Z$-z[)FU s7Y_Fi(!r$"-Wxlo]NwgL/{؁}7#'$ rD]oiDk!4%Dd[y]9aT 근]Q%* ] 71&?|3bN~U $bBt|$`ჱ j[k^LϸV#Ж$)Ӱ/(@=q'G|ʟlp=l\@G0 M:: ;\󌌈n}P HՎGj~sp cGTU]:67+d@"L[ ץ^Ȣ;?%#tb{|XL^ ;"WR\Ǯ0F=zm\PWD+rY6.74X::i0# L 5sOGÂzD 8yl~pZx !QQ@ 3fU0@uV׋#}J+Wd]ylW6 w57ϾaQqcJWu nf(kgڜ7W7 WTRRJ[Uw FȰ8`(EI y"|}ۺLü&,";<+Pȉֽ@W=1u &uf{+Q'LdlbZZÓ*bYXɢ^FpńRhRFUCq"p/=|:@{(5a4,zEe|"!HT?W@pU~GbwIJ{~ [qAzø[GvJZ1ܴR7[D.A,UY6#i `nX0&>5UTBu Ͷ{O>H˪cMMX|Zpn4B6 |g/za2Մ DVOPk:+tRswNFp\hqK4zĭ t[ ׾iesufM,( i$x1] j"9Ybfy}r8ٳzd2$%~f #65fs{)iJlceg-`XCqhJq3Fsuc,2)aX%}I1>\I߯*CXk\K/H#Y8 E,,DTgefw>qׁ%OXzH뛷3}e(47M_53u:;+bҖbP`/ITW1pă[!/0 u~I#&&4nfQ *6xC#zhAT=@:^cG{erG7EnAuݟ\1ѴA3^s\t]Px#'QB,JZg"&X1)'qt򕗈93ʙJ{x Gz=AIXn/\ɶV@xMݔ~KYvRk?Ԟ^ǪF+kKkyuq؇Z256R=- 0I;p}TZ0rȫ/|`·Uiw91g6a\Qx W!;լc} hޟUKLQkv:T 1vfc' Oߎ|xb8{r\5fMwWD̬jè*LN.I' P BҀNO6hǙ,iႁ ,S|݅[rNNg›!Σ-te\(#\jipx1okE5_?v?HqI/2fY01k4$չow7czpba/َKShol6~} G>>502&p Ji1Hv09pCVo[X$kPh VdEaL#=5ުre\U; - |kk~L?8:xCE'13VkrҊ9F4JZ NVm11 D?~0/T -J8NY<$n 1.f;NT 67w"- [j ҿ" =C`q{3_)tU0C> '{hF4C: +F9=(w'8pƯ?uTثJen}w[D7mQ\_#bK\ߣckc`𺬱d74;]ꉬH(9*b+5,Y!":cPQ >ۉMI16r.ӶDRq#AJcЂBBe/$S]DfJFWU50ݪ_sYDOvX={s5?]m0e[R%x z W6÷:fu`Rh܍$5k Z<J+MU[HT9I8 @;( *eںT! &BCh@q?H@,̣`)ǨdY"˰hpw8+"^76_uJE1&cFIsX[D)ż޷Ȣ/ͱ-ԁLD89`wD`[TVZ3gMk'0MFWq3V!A&LwbFUXiPy)#5*=$0]_xLL@x&<7Ϊʙ_Kۄt;Lޝ)gi Տ0GU&0vi(CLl].@ghx ѐgA.GLdm^tU6"b`8|$ }O#$Vb:@uq]8)"nD8dI` wU%B% ,e,یB}C'3i(*aR(WL :jErjZ"PXdGk, \;% f3UI~k)2/"F,fps }?=ӥm ksɧ@ʈEkYPLܱ6cX1Kcbz :؇ETv*l7>LL  g*ƶv#7>v SJT'7%ۍ-Ք "[!vLKL"E 3TIo>|d!% ua5i %OZ*4FyXlJDI~E&Hثj4w%En>瓇qFkJ%?֜7.0% !PDx)K a(B rk 8@:~pwNdFT)ް ء%_>sε_`ߺ񔇂IjkO5^_YsIJST! ͨ}SlxxbSy 0K*Qq q ?j!K]OR3~<=//QYYO9Ejq o**DLҕW<}ga Um؎,&GPCY?Ej5e 'isXFKphKҋW0Adž08$W$.gϞK,~9ڝ{2 ]eC`hds:~GxhLi"KxL$E`DSxVXz="w uCqc8;t/9;8La خ9oHR > v j}٣ 멕f?UYP UW_]SbQ?5LFٝb_%Ӎݤ Ú8D7³nȹA9CG؊͞.%@}-)"xqp揇i^6߶&)&/} t65>L.CScr)i4kf^h W -_y|?3)Zh9o*X~0`^rVB˿XAH.¼R- i]THqE۱t7oώe>F`׽&/LY?GתɈT}*wѧj]L^\1y"g_fU;grLJ'w&3FRrEPYY5 UQ]f_hz*?k,p2<Õ4O$h ty]0}mj{UzaTwD dNZ=j)l 2'y!`x^N2*|^umݛVT-`Cv$2BxXvmDE _,hYYuzΰ꤀W+agN!Krg\pcA@7з(XdvliMhŞR= c5ԑ;k5`$!j$@6𧻓% <1ڗI k:~8hV|E&/$RHf`,26/ ܣzaGP6z,?hS/Lqק:ǻh$l8:tI{ ; `&JJ(n(cnW3";jBd|V)R)4gsҘu%s>FW[0Z|E2_Lu $y7n^'8BÆ 46?,Ba'ݓaKط%f5D1r J@H馠үݧ^^ߦZnv'v2~M h>éQJhc AvkpWiAuͥw6Uov^| Zeș̓M@ O9:)q %qM99 10 w,tTm.2v9 mgbܦL׸iBdpi˿iS 5Gط)S%,c tL% oB&.x`[(CY)KȄcetE/:~{y,Hy,kk|37^XYmǾ9^oEGl& ]/*G5^ !$Ke"<|t=/CS )%Ml+ (.=4Tu98<ʠ, )sS`SG1@_Zv^e}T\6}27dd =ִv3)ք~$SO:dؘib,$揠l4 @{cT'*s(tfdoȾ.&fBZD;DM#M(X|%Aqc2n%h T88-Z*<)?ӿ[GG`6uS؟,홽~r^K܀ fNaUUPpB3 |" <^8ʍD7[̾P^Od 6KAךYtQ SRv1p:)mDW+B@e@1Y7T.gcIii;KAC7HoĖ:/h2)a qꮏqx &*br9 "\tPCMf-$.3G96ON>|xPy4r j'>RONiDtC!ő@6^ BfmQgAhX^[89&a{^V0%oaO&( 6t1dsla OxW3FW&%T8<9EH$kz:/!lUz n'yU }q퀼·qż.p 曩R~t aZփ$ѣ QbD tHy`I %Ue8O3'D`AVg^8cFj=@ߧ{8>ln\vFc{C˞MS 9lUu8Ѣ1MJLX}V,,v0, 6;G)B̢qQ t7Y6fZM"7m[ѣ2.0ZLŐilwKAC/$,,"S}K`09}Q__1C=Us 5۠4 zc~3ż8lTZI՗,{JL- i?A,N94p :.R P2T(/:v@{\Dʹ =z,|bКNw5vJ'RpPQ7}:$?~艷UTGלE BhݪT^-,,I#?;-ViлcP4z?MفU #}na䷈OMAzoM6{2Dh+ĥ4H73/x/*a0JLDЬ龒u1(,{<}p2^x2~pExoÁ]kt ;S O5OkZ?0ftG3>A p;ܾ0(w N s!ȚPqu[M1MlDq9KZS;Vk{|XD`kE,*fh7lH|EmqE;bFz\ $qtY6O*&~lib=$)}=4W Q (ZLo}x)\EYwG}x0#hMo<ң~%~J.L83]EVΘŦeUԳFU}>PYͣ 8ws/nU 5Hjj tt~b,an\Q'q;OEǙ( mpktݺ~ FXE4ew"} `saŗI_W#'1Q2 *`S*N| Wp;~_32iTD.gX~,خWv:=gm\NUG KjBEÖH8ޘydLWm`xK4ĉ^y4yp4w?fkqwF!ҎؐI©+e05F<ԉZQlԤ1"- 5BP3˘p@C1*1נ٦=7၆jަu2/޴~fv\0d*]f:P]Imm]Gi#ty~U3ު4#6z|3ڋi=73 6"覼c˧},3sbWjHn30a{e8ǘ:Kr=%k#- hT=X/FqDudU [M)pZzQ^!KA)J4"MkxPlP(H{wz ܋Io DTn'1/Le:R1DOYð[ sZ3,(؉ dx%oyļtZwec؝ك{QfQ"+.*D0:`~Zh.YƓ`Q%ATYÌE Wm݄i_%8PjT@g[cf"d,ֱl/ %Dh5_V/dfIԑGܖ9c0QslbyW=fs$>*))?X/rcI؊Sϵ|W>6TBT,OAU5&r9kʝXpdsiuMOщ ([sg?`?e.21R\/B{ auBvj&Omqh&RxS{#a}KSvQz'~<|./Ҭv-'˕X Do7lL}(R7K͒"(yɘ1i\}{KJ-ńO2:겆vY-"ARn,o!rИ'Q cf2HFZtB{nЦK̓|}s_qޥŹH%U}}?%* ͯuG"~6)1K5juvB"%"h4nO:Ғde`W__kDxM OJzˏxUnUO}xiA̢X (4pxlkWd-{anyxtĥAP[Hќ%?ǤW}CH!#,'aj&o{ALZ9}{}?/>q4[.3ctO<#%Yȥ?e WO2:7ʤ:b(^rJ%ĤoBcC 1P m8@6IB2hBUcN՘9m2"i_@v׵*娗s%0lj_R<럶:571~z .yxe-QJaZ^b@Ţ6\ٸj2DT'?ILF"5 Qpa6YlragՊ r8L@䱮OzXg -BR Ê-v~jUd7Ӭyb'jQh^&Jr`ɞcƈ5<P(" @G#]܎ꡃ@aq۳ݎ_ƨsM@^TYK~GV2Wޠۧ B/*:lvk ]"We(G+Q0iR,*MoI=/)Ҧ<)ñg5i %I`#vH Aۏ;B"pN,]zǻrN$rMÂe`Num>KVOⲀ%4$Lwg=bbcH} 4#:f"C (|2׭h;#j5 F CF"rCsyl]s]̖JYWr?ؾ~muGekf"b sv:A=# |6#5?$MȖSxi"Ɣ@4 "HYh 4V;d󾱷]\5[XGSίdx3#/ۏg?M@.`I<ݵ<`dԽ*"RxJ&{6y:7nYYS4 \W˄r#YSS Uʊ}6X04f)Y,kb.o]1KFKԜH.2P,#U0T6).2su`Auj7kll`df]!/4ٝefˠYqaaH}|lT]XhiM ~9P x)9u$++1n޵ -qW9"8 W(1-7n^4T;" 875OCu$kVgYw5r͓frL&s /~yQ/9Œ{2=-7}Ōv=ϱ\ _mÞ;7ޥ؟F#T㻾X5H}2( vrM|"\ /3Lܕ6|kfE%Apk1YG—XUcc sv(EVG)])C~`$U2.p$CHHPO6~Sktqգ;IK͍=|ƲU2rw`# )o>i /tz񪩉Emoャ`Go\a5f%i82XĀd`(rDn|pW8XlX/M&YsAlk EϾ%F{b˰T<U2@n;3|$J왗!#(MCk 8mĉ ,X&w<ۧW! 7L3 $5=mŮ,)fSR7~{q ,! ]m_ۓ(KP”+3vtbAlw-D}GvUl8Yt#\=<ҽռb`˲j0my;BJE⽫%0*A9\)siL|NbK@ִ~10z&6;эݽpz!pmmַukQ1}ٴ'-]3K*>oHߢ*s͓^͒e Nߓ[{dm*.iΪ\1%XF暐vu5=aJyKA k۩ps+Tmoz ͖iB: Qyj\PF\fn5TCfZO ­pwi1ϚŕU< d 9l٢TͰH +6Y΍펴xb䛅spR]2 tJ'rIVzBn eHUQ h=8q3yT&" L`m(jX-pCq6ƅajgߘ,r6͠쒦@F!uUӔ$T}Ŝr_E]{f@uW8BWcEn+?Q_Rܾ3ͪQJ!ȘZZfL8:*D"ƖAd۴n{{G㽏K)X'Qt<=ga-tHx@tP)~?~E_JXH]ֺ@yuq0ѡׂ~PE9Boc5c#X=1/ Uqa<{;VX+ߨf^'1~vga?6Tx6=#p+|\^w,%8,? {DCu{2F]]3nsMj8㷷'wNE.ӯv"+vdc`XAK|y8,l@‡G3rVcDs>P_ bgI-DUU**+Tg8˧Tf24Mjy><V:H &58#=( .`v`K WbTT}ӼnaE]0?ڱdM1%?V1՚)~%[D׾8216]H, vm=dnE!a9l筁Et˜?z7KZd]!gpE@\[ {dT#6ORz+8W #wS~Ъ7|)!{AL}{W>lbIZST,}Eg+XMTW~gj<- |ܱzJTޟ\^-$(|)/0 Z`Hfc$+C֭?Fj 3ryFcJ\LOhCB0D2kVcQ=59[M$<,₂ع/pr tÆl_5p:gq34fy݅;"`@ 21F$!RAեU-ROpr wO`NC7`r2C`h(t~@Tnn2y\5jV8K3[Zߑ@b]HcݶjJ$;cLrD+ہ]/{_}ѨvH4Rn\Ӏmy1xhMußT Ǵ N /wؐj,u=]@W{eA%lZ5`&31堉I|~rԓv4|LgVt+^x[6a3tCCa$+@̍qa 7het!g^&B-zWqDIJP&fQr@yδꁚq|Fl4u3n!2|h0 ݽ:vm2UN4%6cʃIMCۃi^7EMuH%7B.kB_ꏚ4]-h0J1]_}1t07 woq !ue*TLRO"BmoaTFY9ց;*o/{ӟd;ﯻT$~z\ s T7jՕVL56nZAHJo1{,)ʒ(ktEV{NH61x9i{1RǩT}?fYzګI3`>,onpή:`P/@oXw1g/ﵚir!^Ꮪe;ASaJnŀYUݖupCd@&e<$<]JO`eӠW"wa(0`mD\ S%)\*S=u-JO^{9"lK ئiW#B8`CX[>z d OZ(sCgqwNr͇lt3v`["Y6fĝUmx#thЖ+**rzi5{=fLuP" bV Gݬ ^Ӆ0\=<2u`ݫkKo_駁#{3luyyȟ0ot}A_F@⏇m``T򽲰0 ʣKN׾`dldIGs?[1sn*Xr\MC@E\R\biaY?3`Ue9M^R&Y(QgDf@N cxa [9YuFcT8kcD,!zŲ(d}+'&#3 JAy󎝙 J >F+/N eHdtד%Xmb+%]EM&e+f82X[Ր.Q<"8H?fE$q'H~dw1Tbho 6Z_巌إ 2Ǜ?alz/3ʄPP?C81%tTzE6YkPӏO 'Y>vMrhm δ"#EZ%.Z爥%4Yɾ4Քp띟[زXp3?m6>a}vd8q=ո=T 3!D;(+&# WhGޔ_i4Y0߂n}ڍ4aO!)KfKAː|2>Zܴ!>ֿ=i d٬KȢOYDg^H4!uPMrieeNJ 7>+ڧh [FB{f)fW\ ~*I7`Jq7r*o7CaQ?KPG,8݅9$T3*18lDLJqs^[zc8 s=M kb `d$p|[ V@Zs{i稁?w|q n ى@_-5iN ˊJ4"Wxb0[h-#fyҝ/vz^%/toZe.oYv[Ć]߅l=}iYA*]yI=_i&# յɮi0y hb߳ʝBdo 9҇30XF+~ňQ=gGd.$'B* q_y?.X\mM qbTHxVĦ3g'al,J{}'/Q7l|2n]=?(p& 0X]*MsIqؼڲ ԃu=LToFw.ȮG6eK¤ {H~qAY\AᄤB+ETUciЖVHO,[#m}s]ҾfXRK=7W+'eе2!MYt*-@Vj(Oِ8BQkcejp>FE.lei d^j'~= ra7rSEZULq'KB \/ Չ .tvjyS?񯉚ߜ]uuĉTHCTsHY!kxڢVc`Ҋ6 S:-AD."cM{OR| ZV)H'ɇ ʒ6V-۩T@Y{o3&WGn+)*B򟋿uXuJ{{Ct柜3#:d т1!nbbl"p@}rprFZ[e0c9UE:.l, }+;ARy%LLm/dتq"Y1!;,rCusԍ_aJG^{5 1\-[g0b <83{,t!yu_dXDoL>Qs/~vM;8mI @rT?G*_bJ'T<`Yk<\ysVUu} 7OdcYğBEП#T|ڣ \T$YDm4XM"yB{eIw^k =s"JPDQ=Fh>OjR0U)*]]9)Mӹ3g/d@E<>}a밲sȠBr޷L)Sϵ(sy8r}g_Ͷo?6 ٟtl6ѱ(b{+nc3$ٮ5}PA Cd ByڎOI@2SRr)y:L3 ?PJn7 +>WDO#սOu\"Ʀd/}QzWN>8o֨9Y-wSZ]e>Mv,KM1g}*iD0:32NL|乽-fh :}z`7BgGYS 2sC@hW!E?;0Il3O)ቭʐk}yմafvÇd-f9ҙTv5E!;ΥBη3Zw|7A#9 717nJQ}^P">,"AzU&Vm_DEߢ(C`菻;ґEq)1>]/RL5'}(G!$-:PDw!(Ej$^ 4}/?D٠L6ld'bHP油^oJ"%Ud T–5xNJO6"cKJsrDŽ75.f=%mTr }E~7i5ohK4ǽ)-ࡥECp9OuUct⋨$;kngA!8ud"Bd[[6B&/xm|s r~ޤCTl>ϥP=,vCq3{kId@B-}7 濿cZ;q2;\hI oϦa_- {g,so {+[mkѩ墪fb] +$`9[V3bbUJI 4:ƼVIi0Q7<̭" S$^Fא rHE=A[aA<>$(IOUV;wH0>1 8vꡰ[=P'GLAa4+4=<^7^?ITxJ[3R_ ^?@F-)F#?Pcs?͐MdO$^gFء0MÓ‹x7S g02Ckw9o[m}k2 cX 'IWu@4UZi#ynA, bgʱXGjF ew\˄aXbX4X_Mxmm=7igs_wWɪ+et:[92a䳟{y6^ZELO-fѰa &onR?=X"HQq[Py~6slKu(b5IVipn"(&mv* {7cq9^OV.33؅sv%]NYSU*z܁^';Ǹ-F 1+[EizYIsy䎭N'X *4<NnVw1E?5M)N$TPGRxȣ (k텼ʀz=Qp3qjy 47@tcLΩjh#]ȱP 9`"⪵%hyS~{rɭXU۴Tэe4:>SK7Y-DIχ\a>Y C " 0;laJYX:q}rQ K6b&?OD5s9cGBjo~3Y޿= ܜ#[W9vxݚSa" Mգ)a*e+*D %K{"N_[Ozk|.#'(!.swkC0J0žPj2I8jݴ͔ VO;R!IZ`{CqAnwճs.gK^ o:`)Rrh^sI"Bqr=Tr+j3餠>X&M7n۵.„xZa']{9fJH9kYrx`tfr]lE_H|},dž JҲh\h>Mvoe-8tL"z00ŨAve>ۧh@,<|FV^z\P̲3+btD^'y3&VJ2_&ǖ4(UZ ڱdu7 #W>9Zib*Djy2C/fhe0y# T^PΉptk&5 >=}d;4ԯB[m3Z 9ۭ2f5ߪfRRk G}<(Ujf'pP K-aqZ*#pu#iW𭯱DR yg^2Dg׋ |top5eG2i"Ґk 0e(_vU>qKz4grLW|_6RP2lylN-:!L i0*8BD RmFdLJΥ;0)Џ^aDL!Њt,Dk#ݩZ۟1[g%V,HI +Vh7ncTyhsӒu&<;O4sz/؍ɛ-zԧ;Z)gn54&K2f YVƿj1 xʭ]] {t[nyKx[~L\!%th(J'a/A)rC*C4~FkNHo8ހ4B kAU BAP1o} {a[F=T:R9$fH|`CZ|/?n |RJ15;UROgU L/)U~/4YƛI[褘o,i, ^+.4RM7e1um[+$9h8oVOigUwT̹,1Dn_HG  /%[uYSee8oQ+HsC ʭQYU;`+KC4 |`Q$sPg?sƀ*N˟%TĔ~8nKӼ`煱χHn1G|ȥؽ~$A gL2ac`:,P,#4N~QIFEu-5#KFHxZ4'>-Y%$JxFF{ p2)pْ^=Zdy9 -T-Mάr`l^N3|=y4-܎PD8sQA'בS^*,v=HҐmxiKkDZxitXncpt⬪ۘyAE& YOo iSc`仴^R>{7btP{is(Ɣ3Y/K3r&V/k 5T+ T<0n\!\Hz4ny~hl4жmӋ&i6*18̓Z 2wɊJ2܋j_s3+`Q `a,D-DN#Ry 4EYߘI8;eW@XRᯮ֒LxwIuLp-z\HXU(qM%-3J6L59J^pP [H Mk ],WtZZ|{~C0W$_-0_"ְM3.w[W2Ѣ^% lBjlSܬ5ɓ_#T9osP6zf|d?[E{SbɆmcժ;w2\W~՚ Ct슥fy)nd|X4%ʖj$ N/`s]hTV; LRNoSXZ܉7Q*YHA uc1*v"3qfOcqY RdQG5WSy8Ő(c(ma`ڄ.q"g! eO4?WӖ<J|+KfI]Z5IrٌNS r}o $AWQiz\Bnɪ 2+#ÉAbi&WQJL9*˹Kn9) MR>z-01fxҵ5~acrg1:&-^2a.zAfnWz+k/k:B&WWKf^v/uovl\%Y׶ l "w㱟XW.y7OhU nkܚ<(w"T,_n:<.-u_^wqyl8ԅ9 a]-v,Aax-RW^V,\,D6TIԳdf2g_`uZA)+zԣ{F$`mB|wisH?<|8VuE{p$ERra2Ax=3mQOIb1ucT֛$u2HIۚRΑH }aí+_Ҟv`~<&}`WfwR5KD엽3']Uk8}3 a w'pv ~/J ̒{4Ԑz ᇪrGTY_Cp;idS{rՑo(3e9NIJwSO 6JX70ZIJV(!"u$\, ZkpI`x%Hn5MAAzLi cqx؊:X|= ZlQ 1άVz_'`a)bÁh[eVP/A`n?'9ʩ&\w]vO7P1=/Ex0BFruS_%DTL˄",da*~c9a3+H!( YHKާړGRU71>/ODԬTeg@tQL9SW2; 9WaZތD IzB*Qsh-Nnײ+e aK&Fn01*9F̴3`,u-epe\i8*!܉G!WwsT*FA466V/4(>uRm`w *]&6 o?vPTI[ \Jxr'uֳYU*?~Dsʠ{7o4%"=ZUVX%_u;Ծ=9}i@9*hx8=k 5-yy|k{ω̊q)*=Uw7$\p]Z 7d5`!LZ[?{EV{t!Oj4 Gj3 / 2%y Y>B*Nb,(5)"L5]l_pIa6Fo~mD~ip8p1DǡWӫ2n`l6K]HmV<&c3Q-ÿ#O@ csP>bىi☑sȯ>^{ z@e /] yi8@2JZ]]ܟg@mʫBLО<:m@͕)5oπVdH҅ z[R̽7%LM4uLIg|PHa9.J%/j|h5lI~%!L-`)G)ywd/it,Aӭ5T2( kFҌ:-!14sn) vU]i2 ~d#УČu'wtwI"ݕܐ.F[C#vom~#k)&pʼn9Gb/RN '3NL)ם0$ DFUoy6^*l]ʝwTU@NL??0h\Pt'uٙ^´Y GA> MT[+ Msip6Qluu`hQ8KJ4{q5,mLvi_&`]/^| TE%[Q|MvQv22*)*mu4e&8}ΫK .:9qp(lAn0Fq3~A1Ӛ|Rz6rצ^S%p[uq~mi2j|Lih@ 1t~ʂsLwΡa]Ρ5ML6+SBS$g׉ [Vvֺ#;J"\T=!P EK!~yki{#q ɨTxDYf!*OdW} !\w1@oy~k<-vTLcFBƒ.򤕉En atϐbqW":p8(JOȗWjA:IP¶U1hj %0KmHT=^S|4 H!9M29j5 5x3R9'@+7B;^ ^1:_($]uOi*I,X*kdf9ptP\='b< sO&wW-Kc^/Fn,aw)-3 H`kaSVނ{Q$:OXjqP4v˭g%9>a]w0K}X:\&9梛B;Ư Щ[uq#}Pqĕ;r#)\'!Qqu@ ZIN<`.b+0u7f5?(BU=H>g`p e*';xlvโ')t/vR˞oĴ%d͝σZEE$N[(0*Xr!=?rx"E(; uwu,adNM[ פ]?cIQ#B}WɐhFr2rՌ(}:z_W(T@K(9n/yz'!5fG 3f|m'0-FgNjܼ!x&\SdHL`#,֮ "U:ߥ߬HHJ|5q4 o/B$R_41;*m_'(L?Bhȝ1^/xE̊|eH-:K" b é:i B7D-oה:n7Do åw&-]AMɒ^75TX)Tдe#d:`lrM Oī 5?fAQg6mrYH5(`0#mVmS*^"EBfv~Qs\Kn &f bSh&4/[LZ u]h0%ǃ[z +i=a#&A*:F[SrOPqz*5nOb!_xVt/f/$~~bHL+"Tf5ȍ_.~Sۏߟk)u-%/*j k5L~.]器j2~aw6fRK?7{?Qz*zg *BӂZZUc~/#=Ec'9}Qc VC_"ȕn1ì%7a`6NvBSddXSVUZ})b֖fy=_|I)$q+6VqΉ -ˮ0 <,0=u{=> bo_/2da9 P4?:1#9Y쒗a*%JJ% p!9ԕĞA*!{C=TfXgrUfPxck{kV05 6}w4GNOv(V¨ўld."h wSUn,C+rlݪQk!:8?Iv\E4qP\ϩQ6yI~-?j6;d#zɘ?.A{[@*(\O4_ZM&&J2nM$G ;q i j)~i&D$vSjv0{s kf)poV>I=2X"$dae;.HddDli^dkM vZ| 󮘐[5mQ7G (D&TFkf_PƣMpʨvon~Hp{N|A9bm>RC"&1pBwo#yX]/,×ٺb aHΞ jab : GR[U_-RԓbRe{F-A qOΉukM6ú{ooWu=e1.bHjӄ=^i_VTx+ ąe:۳" kwkib xU@xd3$FFk1T6&BH^c j4 /W\xt T|[C3[۽9vZiM-QUؘ̻m+(1L*~Oo0 RC9*uD~:>0ki;.R{@u-6ԄG!P4d5 "/O[7U48+smBlf4d.m$z iyX䷁[qj.vf2jI‰#e(8/;ƻ)uL5,&&`O/̠GoJ1+Z`b#[cGN+nd#I&Ay ¡ɗA|kc )QiFiq[뫮m [d)RtFo dKj$`uUMƀx2侂 1AG16:/豸 {E<+rf KBנ,(f"h3쭀I!}C|e3MPIiAeDJWy*?kk׀^i1i|dޞ2ޅZpXo6val:y5;|{\i5#W!طD|SaY'&`j̤&)yӏ5v}`lhC e"iHsUXd$ dbtddUFk- t%cPI2ʼwNj%>-S(o?5T qկ`a߅bfBDO1ϒ1MauϸT ; KD&-旵Zy3տll?c=cY&Ĉ&) ʛܮI*PI搢*%0R(qH~#sGH2k9ߧYfm ̢}obv{^햆XǛ0^gLN?tfCUO*N3/̂Ior~|f1y8+mZg9m,,=[܋ cqVl@7 )]UY Ҽ{=xQ-J""\(N83%qUF\[$} ^`awu yFT诣f~OA :F= E '|ƟGf1EA4(]3x 魺 IwB⼾?'qa]݇. 6y R*oMr[l PUʫ~5 _?b^ģ>38=ILfAeA* {M'Pj  VEvOeG)Jz: 1W| b["_!w3k+H˦vֽ"H\h8{Ʒ; ;-ZgxQGީʞMl|i4:3rl\Tl_16F3trDy5GA`SYy_MJDЀy.EZjǰm^{ j$}.tÃ[ Wj$:kLSJ{Яio%i]] #w4S>;+(lyܺX>ZvȜ bcf 5 @Ԧ|BW)>R]Fp]y`3cn]# ɐj9;Vj-_v374 c l0 p#ųS VмтNj ]}UySA׼Ѻ6-.V}oJlxiS$lZQi]LǦkJ$J{j(w9P/é%2vm@Ga){V0#-vi,Dx Z SK'jb\qD8?[7Glf9<=2ʖ"NbEi5y&u2;:+wfĻs@>OMS` g^7/Ń@O+GQN;[ j$}V,@*_OꓽYd86(~+zU# bP8 uu\9vz8櫦+tu ]-'ܕ]j죀RI0 R\ĽSkt&EÔ xv ~~Lh45սkl?fj.Оyg,'*d ;ndp?],NDë|CIH?U }'TCجeѝd}'B^47,uRyӋ[ 3 kLF./SɸED 8' y:wuHkf|E C-iGBց:g `BP.ǚE _c_P.̆yʪByw#*Wq;!y@qKROqP/6 q> 9$X<?g:2|'Jz0_ Z>=]k"/^ZX[{B&}0S.p!łoSteŒa;hfwWbC|ٍ?`Q{MGS:5W(%@p5Uzܳ;p߲o4rUh eǿYWqt7/57]kP U\P&b 71RI."3 4∡-'*fк"ft{`;8)|shIi lbF44 Ox_H|8Pn.O٤)@3K&F֝ov G/EE@ċRI@㍟j\ȉK`S"17(?@aV~[jWW]VcU A7WtNY gkbĆT@x99x CJ&mn+c&V\،EGٔ ^ry&ú(*S#U#33sVt@PV(Lo/Vi Sm&H3nvw0vm1\G a׋X2ǟx-o)GtL\Lgç`q_'MxpD0w% CrDNtWfeޝFcÕt~|_Ƕэ\6/gilx>bncCs’cJ;PΙ3޾fӍ7epHߊ0O0Gb9?9o1>(0r_F-倛86oaQK}nwWbl$buݨ-%/G"=(IzmȪcHk]z'}GO-f-P#J/c1$=|14Y* ] 7'ހƸIr>2O:W+*(y-^In]122>ң J#6 'yx8-vF1; ֩6d阪NPJXR9>QZʒ@S |n@D0w,y#RB$/pqs2J٤9f;G.)ȂO`9!{\;l9bY9M8ɤ~Rj\q#"/) w"-tABY*($},DZXP$$jt$ A<&^. zS'3ʅ+`F}@ȗOWGtҾÊ$+%6c2D^9Ns=\,#.S]sccM+/ñlyTD:)29قg7y~ƗuYg vWOG,TĘ308IW/taHD,[N$xTOfR_Rڛu+k}Awu ⭕An=F荶"! ;j9΃p!dm!^]z4Ws]5H*S=Qr~ v:*|ߨ$KHt7&C,7̿[iK:ȩ9m kf3:ɐ!lusN=xѰamhh '4Eq`a720"}TM#475 洞Mie ]0Tg>p&!8~d?*BGc:p n3I2j]{*EN'L;ZK|j-kW8]խ썗."_zXցUQW0}`O!0P!ڒ,d+ JyRǹEBgM͢?p1CsjMd≻YǙ*j݈8Pg2k=̈́=E=ijBϐt/ $&6-}.jPvhD'h7Z‚2d¿J0(ޏm*; P8\}Ս WV bB@)nFZ?Vfm~j`!|03b eƈ&Ā+I1c 3ٲ{/@DA77dvkk,7n3l-f4~fY1MnX)<S/}jI|-l_L(GLT!EIcphivFq֢7MĂ9Mz&w]ޒ_\tQ=`BB y-M-EΠ}oq p}z6Ta~Gt׾/*H]KU@ب@udH<#^TrH)Z0]*N& ɴ5Mub8zpk_C6OcEhwl '\ Ms*yq(Fq Yѻs97w$$3TTۙ vh y_W_,ᇾj|޸b̷84dA1 A#"J Kw:Hap@M+-s$څ/G XYyobeH%TBǑIX] )a&K!Z$rrd-(LׇhO}n@vu PyP禒O<Ƹd<q {grͧ_%DK )u}!~AfJy7Y\L՜V{iW3OHޙfYjA3loYo$l\WD%%)e?@!}zQ`ns҂أ*@c'^ݫ?ԇlҔ {?L\/!b1GܰDChV-G%^3(Ţʓ)I*<1   |-ylk 2{BhgU pct<[Z{X0Sx}f5rd hC~|1|N7."RygҦp PoO8Yx7qyjX̊>Sr*vFhwذE6Mt).z}E^h'<^S9ʽϚ6,͇(=+~Г\-IUq f=47 ƥsl 4. !G+!Rw'VNٽ= KMjMF~}Ye%kF7H00ru_~x0!F~̭yFpYdy# ɢ>[_5!(folPêAu;EbNyesx+"3iV'ѭD/ЗPZ0f P 0s/&9X ,6W'ޙ1kϦaԛMS베Uc[FV(_D8맏JבY8pß̄ín4^h>#r|Uhf~NFNc%*"?P@ے7)p ]ܞ/FM!&?Qf>#,)>LXEPh-Ŭ5' *H.|M~{L1]1lܦiH6ղ$߳DuMŽ$wYUf,d永=Z$UŒ~DK5΃ ghQiR,-y`vL+"Ŵ=Gk~t$k3>>$l1^46J"6◉l=0oEd:>il/ȼsx~g"B ORp*-*Ą3SBHDu_"2]f# xɘ7oL,y]CKCzzKqȓq85Zn[ZE HuZB:驃d&idY*QtȆ^ yIT3Rm>ސs:s\p0?cen[il !.tM@ʲG?X= Nǀ,ڳ \tRsyL]f2R[_y78Z@gۑLAb9<.8%rεBS'D ٸ]=s|{ki&vPbUx;{!ِhӞL G!vxe|Vk\:4#9< SԉqҘOAѭd;sm&[#r 2ݫ6*dcޣ'GnపhF!ncAKx"k&11CQf<^ٹ8w!M콀wyF3JɭeظqHJ\&)vX9`PҠ^oSztB@5B8`Is`ݸ͹Sk۹9CQLΛyPVq/aK ->|9t>iyʑ?R/LNPD]D:(p%&C!fW.Mb?$TU~|<¤Bd:Ήr1h/7] nRkf_0ݾF/`Ý3"9fOpzD0eljBl%eNpgD|t7c@r_6fyy/Xޅ4,V!;C GρPn Gp@c]8o,.^\ض{TӃf^9.Yq~-aQk̎$"+ }n575FH@u W0Khf[䤀dN0eMNCg@zVǂ5,f`k5wu|LP//~uT@>TAЅ w`7-`o+ zPPW3Nj8q|Kz͇3  VB+Oxjp4lk}C\]t+n="2`[bIVDzqkWa)(u1Q/L5 nSh69&D98獽WP `cQΎ6R~C @?^͇Nw?'94ŦYXˋ)]o[+o5=S^tӸ? zMH $u kEpʔG@b ?^ͽCrŇo (Ȼg ]%|zvH/?ѡJҘ O9zfR3\G4dVC$, ~h$ߓW? $)q3(TQU\Fr/]ZǪ$)@4,'[DD ]֐Q M: q#4<ʆ#4ӿ?@׈Ӣ_1^쳮uU԰n_=( ڭi=PfUmv 3eiEi{P|] Ё:fwumrrj ”zU'Ł~{[#p#19h bX\p~ZL<*\ϒTXH zrF[+G&×A( Ed2@c34#ڢ8T bȀT<lRW-{jf+cSMUtv֠f7Z@JNȃs"7TD|zaM-nӯs=x#ee>VCbL(,֠CѶ=@\JAaܵ5L2^22x_]UPAK7J\ąNeoeg<}UߎH?P8oH'R!U_ "'q0jz}[lv衶j\oj 2kmSf ,R_)0UcA-ɫ"~f?)CR1蟹ik?`<Ӽ*QG(`R;ŰU]ZtĪ,*kIz&S!Ywh[7Hʸ*&n*$OR/I%:<>#opy %;5*ynHTM5gVa4Kjj_ sIP4, voB/׀wKշp4Zh XnUEUU{L x0l7N @-E.2@[Vi ~0DB~WH HkVr!]THFxӠVS)u%1Ǘ EB 03@?XI*F6~M xޫ JZ.&y ]8Q!s2332W%uƶD[|> 9`Ůh0M( {R4\K%~styc ڢo>s2W| J:"AMi 4$TdP^O^:8&gq1 =;Q%jgVP^;؀2hQHg`NdSr+g-?znX{QKCXJpB8BvA}c2yZՆ/C@'?wp.XStNgiP*[ZxwBTkO.EgSnJl7ցLGDOJ|%!//3jUp;׷ yPiF,h_ ݻg-vIǡ7u۟jOk@dt1 4͋*`J/Mbmߩ[NL729d8AhCpu,!\a"O|dM\bKjo׊@&5䥥m҂|LmT=r)MB-dh7PK(KKߕ+st\hȡaJp\ dž9.ڡeOHj֮ Xwi'[OVc|cα"Nhʸב}p"OLHŽ{B͕GgJqU; F2PL]&Qi?en/4`ٜ{Q_XoVup ,qKj wڂ3m[4]/ҜIݕݟԸ _XId0^lqJ &|T)&K);4rf+USfnѹRur7ИqQ>R3ooDbS)MUfiu̒AyT6}h| cryU]G uG1.q3R 0wU(賳fQկFxaBòa\r%Qs"s-w QUB5&" NMvi~tBC)K[{_]`gn|s+qdPYޭ<lwOZ+{xX=/+TЄt.n<;`{ d̈́T 4}/ S uߖ# Pz2.gKIc P651 FYU*z4i="_#>&YUPw+/.IQ|zۿ4k_Cc] aO|E5;*] k̀Ey)XC;Lzl6څr$żAG50 wEpfai p'eC;tFx{]I/9y're (c?d4k8K]`BoÊLU9z=WqC="K%UqtP# #Vfrz˛:qY6NW|o4RSFf0#L6 6jGmͽW K'K~[!I2PPhe(œ:UI~q ]b@k 0;@XUU4xAoT% >'1I(۞X8 xeF)S^ UcjLJB"ƅB TOm)orN(`Dnf[BG0Mi? _=#z7w.ԇ"T* |>K0L~;w#$"nDh>#ǹˊ{'*I "%v5Km\#[dhX3g7E!+ iSn](l_gjkuú=Wa,QA`v )m:lOX%R[4--צ2* &ʉ.nc@n( qlzt FP "%;h/ J$2ԡy]^YBx1ivGq(&HU)mSI6WDz.X3|Jn=BRH*F_zC. $d+N$p&yYJs ûOV1xalɹ8%"hfIz?݂^^ 됋4D'?CPh@~_Ŋi4jo";jZ.u[9 |DX 7N7m.s[ȿ*ѸЬJ4ϷSlRGC`Qgl8T77U,0u?3΀w츁^Nv\_~OlۧU?3ϯ^w+u ۼLH}?B!srS'D)J:A04),+|dE (^v\J\7y4AxB ̬ȅz!C߾:cv}q(.utL"6]} +/Uo%oJT8Qm(.1mٙС}:Pv,M9R /=i@gphSv!z( ![&:?5dt;COOZP"-_pgD(' Ecër)7rXd | Ӯ~X#cr;I!ӞFֵ0: Xq@X<և{w?RܓRW3^$4Y1n`vuR3a0,f$ĬHG1LѲMeEN*K:%|X:Cz: ̶Bx H<H7ADeQ8ia5ʠom?O6.zcFyZF੄zh=I%1r,/FzCjrxzDC#kX?cÏWеJhF=ٙX;ƙZ v-At /C"(R=gѿByKSo[3EiImt;?BC`bBR ߌ7\k+TŁ ꞧ+;dŽ! ":) mSŖ:+~+skͺ)@vk͸Jdʼg/YwM2oi-<1,>Rq)=E++ORUg3w\GZxB,9"cRaD_fz8j\V#iv@gx" v_o[?5GE|G:XyL$z)8Q? ʜvA; nv_xW2FaJ vƬBip._%^oP3Wj[-;". fي;apFgtNȧ*= ۪/fK/~e#C5K|T{藈1 ~v|k5!U^N ˟USa/(#)Іd9j1I< f5y! _ v<_I} z.EPZ.pq+b)ުsE"'[S_Fw66]}> 章}7Y0ѽCvh%HUHzT^R~[3nievj73Bn\*i0BuhrgZ$~VteP^ >dZ}OF>Rmr4fD! v)p:ιmV(e1!xpK%=gP.¿PӲe'ؔ~Gʨ%I^6CB'*vطͼ46cv&JqL"{44褞Xkl3GOC[-7!Ƴ23i u8T"rZG*.&ORLnccH#7`j[/hWN~.$7AUK4B"#T;௖msSjBdeFq”E|8j׳'YD Y6W&(V $/7}qs?x6Q!Vߣ>(B#T𙠯B? w$F6{/|jº =b\pʟexف>By T]"=9S%}:xPA ~( p,ũϳ w:>AtMD`DbS7Hsp.H+֐ L49*BBD}[ϩXiwJh)uؿ Gz fLē'֐'5D]Ӝա>Ari֠v468|Gƅ N7r\5FbF33[XƘС`/ ز7BC,$^X`/%6mv9 ğCӲgSAX0s/J/H{uz W+alJRͻ4ƌCaR1/ ә9% 6t!9wApÝ61vX.^iz"j#vBQ헀 x 33 wWH2cKJ*#go`۹IĤAhN[dQp+cc2ܮIJ`Wv vGxݶΧeH(U}LFҫ#p֜GnQ#}Xj`gպTi|Qz6r9isϚ`\&NyjF-`yV{w6/hO"9fYƫSxfi_ݢŻTβFQN?Z$в­}C1wvkmX_']~$0*wd̂X\=n9rUןs To%ZEh 8B[d\lJ#8k<98thc ۽ˁ5ޠL߮+IN,HyK)x=SsllBT{ݛ5V/̃\/w3T+vV _0~"yḤuf;kmͶAstwt'"GY%14̺r\Q9l$_ʸAJ(Jl4N6< 0+r; @_zt G2"?Xg7[bMc\t.XUi݄ћTPso3{I:*+밼qR7Yi)YOԣAўposJPWmm[|bqBOMB 7ྟħpre.S-ŸXM/PlUNju,Ƞ:`yAbJEۆV&ptYs4 ް[գ1Ǔ$a2E00]1@EJ I6.d2͞/c# Zrsp FP35Lx`>9N6v?#{6= ;|2n5Ht朗 [.2$ɏp:6 >ܰL% K{=e8 ?%#GF>ii9l=]GcZf u|V<3YWPaY,OϘ;psvUHV*=`{ cH@F^ʢ܍*fKՇ"Rst-maا<{.>7sb#΁r\`| Ծ$>&9~f NԔ YY >+]rov8T(g0^r]|ʦ4?hp"Zӆ(&& 3|^ 0pnhMaadgY-KtjeiTh$@\JaN-PV&?YX2 7 xS@T5T!F!010 _6q&)c-s' hNL`xk٪IպV\&&=#8Т@UjhoT!;!P~EP#;mzp=6,Di;H>]Mx ib, jK|EE%w(E gK`Q(m䵁YulXpp\'ұ%,fckEl%WH%۲7~ J|'1ll|#g*MC1⾥sdqC[eL-p+^3M^uöD = S .dObe'aøFoe[SHo`H|͞'aR9Z%,R)^d/!YOk> 47PЅtj/}\&*0 \fd33E/.<ɩ/Eu+^,>ҡq37`  Qm"tDۆM7Ox_b'3Xa܇7B~Z[+mZ]"=*Au6(V}ݷOzKNufS˨nb h#D0EoEҤ:/׫ ?Ӌ,ժjPFC(3클'̵E mRH gv}mαtaoGGK[zɯf-$pi+Wܢ[?|hT)mjZOOɬRuAS_F3NI(k–Q2l:/XuU}{Smb\ITޔ`^IdԊi{]R'#\?rf8$lHd~OËovl٭Nx }Cރ:+8awot,8tr}e %;2Yr FY#|066xPfտnr#mg2ɨu(JћD3-maF_r{AŇ E1iVNYnvH|#yOLWHΰ ʪy  E2~\œ;L;}I9;)&fe{>>Jf[7'҅@}?_%#p lCHoSZ +b]A\k*o@N-8Wix4ﱉׂ<\(mE4@'>M8,.qxNBr{'Cӛ! -[xK1Uk[YŕX\? &%,ݸV@õȮWhsY :0nkj-)pvSZr0a)3&R-GxբbH)9s&jcG^ۻ } V} ZO齿Tűʋc#Ucw>^*ާT7a~]-c1B 1FwoJѩ~FӨ`UQ6N鬧%ӿ<0E{v`bL]t>I>McjDT?/Ӓ8ܪ\ȦVoTmòz# /8d3Ba/Xbm"C:&B9pnN%]!L҄]f@spfdR 45&`J!ڙ5ah2.:RM߲b??[ۯ'4UX ZL H%߱ EҎfNs3qJU8r[DMr씸_jkv%;7 T`4.ŹKQ݀ MCQ {^Ze}_ތ)P20|N>ꎲYnu% L6֥_`tGX7v c)axl{5+A^1ޒ/T"7L.`ֱ .|GR qw q6@3}֕%j௽^b>+KZ NfچlJb]oxL=I#xuGkPI`;=:t\=ze$j &R $%"e"!>h/..ʲ4sfat~݇ ڗ=@`PH-dHʘVI@A=t G!_lq"/uf;LaSbl`)\@~P(:֚?za([˦ª 3GU$_m H(mEn(Fa$k>UϯPJ 蛯ryx!VJ}USG|ėv}#M_QgM#̦uG ewf:y"&kP^g؄3M@~}=@k!fG-2BB{ЯV"Eb5^GUr| ɶik+֜[^ľhqtUÝ(eDμsLQe!X =Y"8茢`omUg[QSA Su !*-ńc6ltU4*'l ::Б͆RLץ@3ʠ,!=g JH<[tP+ q7}|VބwI,%y+i&1wO:KqIt01^ UD'čW ISUl`9c]Q{un\Ӈx6'H a36\f,k6D.ԸTk#w^[.YA-~n-IN|"EKR̬_.f( ߠ#{l;=Gsz:yV FzW`q\#w#3S?J{t_+¯}0E=Z!PHL#ak,wѻ}=/ZuTom?LMfRԹe"aΒɢńw\[~* d=B%s9>B^ B[\Iڿ!w`}(A #4]D"#|3q6 4,`n}wַS8B.v k 12}h:@\} TtNw4h˲iϻJA}j?*&nh[- V#szתukuΟ#5ٖ qȾ1\ " KeBRzެ;ZVDLQ0^F q{K)10S=b?aNA"378FB6{j@k ^07?7&WT:ߜyAީ$Kne67>X$b7 u 'ͷVD{p| rD|vbL0 T[(믃sp^]n&1un;Z&5kL{rU#-m(9#*Y0Aߙ CΑ% Uoa :I㓏\S$̮r$xo'qshuZ!q6,O*w32lāqWq[,VU@*8jٶ"a}3w%q;cN1ܿd"zJPt1sxܮz㝴%J32< *yFY<:za*lz~fg,^=J hoǧ,n)b59Kkox)g2}DFgϝ: <i,1dt`1`R|X_{%I:tԅl.ݶ\壞&G\̲&@xzf?dj Q<8Z]"@ r'i-ljBe8Xv4bpL"i|TLɰ {߮l4S|%Jq#z=ǵ*s W;Q3rs&6pNL5!j8*Ӎ{Tm bl|K5Wv[Rāli C zlw [0T#]H_Amˮ8Y|v?)H/D*QQB3owKAU9TP]+@(H+O"~6_ 0"uI2;8Y|0u tTs9aIf+;'?jIk"o r6K,ٍ+[Q*0+,@O{f[ڦb/mۛÙfC6\8ճ.HR^ ŏKj2- ruY=HS?nS`u3 W$j]@ .n9jsc@Ӄ ?u8n]>9YAx&^%Ku-/rwm4Gb!ܧ*5u&+cvҴ}Q#JL >e˥ 5مޝ+V+'KuX D\x^"bꂋ%_î+}DVG-mA *LфؿFC\𔜩ު{m +W>O{< N{yi^OmM~{`.$@'j yrS*iX%РzD5;inf,%?𡸆VFhT&/jrhޱPpA`[-qAU2~.8ZZ/Q 'L9]1@([k@V@>t!NA].IˀRBp#A0gl_9ċߙXlsx p/*#h׸?8k7[+WoCׁ~ 7#z{W'mg{K[{6 K#)mNN ~(!9s*p!Zm#6=+I>oqr4\ s5Ie1gp !}!ajn=(qA_lih(s$֥)iZ 밢ĕ_2ªhхzF=) >BT,wjBWj8zĴD!y !2ձ%9qj/ [Im\޷? 'r< 9 | ?uF3;&dp$v ^vT.)+3QđPb0JSw+e2qFjw2R QnO 8p*3jd Dc.۝cDnT ՗ᅶ+B&PQ>áB%ʤzYTwxSjiϹW~1?}m`RQ'AIzEN{' t*8Ь*練~{Demq8uݸj S4G:g ?=CE Op,Ts.6@F #~W7j=FnXjcq.GzvS,VDžSx"TGz*/ 21T.c3W>wwC(ƅᆨ[$_D~Oh',9= %v)EBmЪ>2 WW8q&(ru-d ŷyY%eݜH(M\")3TRo[5e\ PYSXPb)qKO72|C@ߴ[x0s`FGi5nN5`{qE a=AfcWjv)&s.ȥCJfJ g2Oh&߿J" m)af/pjF )f{3NFVM WK!!Fv;ǧsBd)c6,05( GSb.SoR>Qr[A0 ˣʎ9-#Ig )'jFk"|*&N;yHV9:{歽_8Ӣn1ow#Fto|y_N;71@pvnPlxUM]6~kg \ _50'Yǟ;29s~~z/&|r鈐(hB*'Ja' כ iiy!Ja5uǩQ_u\G6]=ѫI^$KpwR=?TLC$ɳlD*WYߘQq'?΃ I%IAZ^5N#q|ܜ絆a{ k NN*:Ѹe]_ėcZ+tGz?TPv "z2h$Au1LOLeY $wyFΉl]Z.K-6G{]<=|ƺTWNdd+@#cYFdYU㴪.DK" A=rNbO@!cV6=HgKil9E|]ee)ʰNppF ^f~"E4F8YsQAğ<%RɯE_X'pD} M6)9@&ǃKξZ] 7{f`m0gnʢCyU/z)vgQ,7^hQ[ n*[ WUc@/>shYBSB\uӧQ`t`>4n_[|ErnוRD |;7}`Z0 LT &wҊj8R.6$m[a W쳏f/]C)l YWF[icI4r~Q!ol|IiS.XHKG mQo f-R`OmEH'P+t_4w ̑)u;nJSA:<])u6ұ9su2ĺm^}meFY#L kwuW|[K\s>d̋D4W5taYִh SA$[\ |r[Z0S[럣/,~}Bࢁ!3-#mUoj%0Y'e7z<䘫Y }+/˫:&/H!ރzX6Ws3ruzp%b(t_fn9t ﻈ#9`>F 0z9Y%5jmYLLbX~V5[8v|j^} U(1rT/Y\XVL!vM6*=Aߴy>wn_9SD5#f6aM2˺؀x"TP4╠T͒f //jBKz!OUuoa8ǚ0ܣY?牾-a%Em=B #4+qnh-Xe|tI;VD')y/<i0~Գz1O龗cWt|Q![Z%+d6M`D qۅY7i){%xv,6U-mmm_%&Ls-Smvю{cSʎbKN d`z63=e|:#p\k$K[k>SYBM` *l&桇X^}]*.h% Z&JZ>=ߕD01szL睯WRvvr\%fHpkG97W9v7\X[>{f ;ނHφwxx@횄1軲C'e>zsxm)+ҩ 趞%:1i+,}#js+ Gſ8$1^t4%p9@a59}D-^$~^@#=KfJ0+wiqBa;=&`HNM':6,}w$/?UpDK9q[IM.:Q]/ ._(t!~WRS``YwfC;DR[VHYY~;1+ٰ(ëpcTYhz<3¾U!~trGm @-;nڿޒZEl &1q~g2z<'3ϰ-_JaXq4n} !:)a_h6~:zZ̓xQ{ےՓUzA[Fj4򱭊d³@]=ы3}*=^ԛz{Cg(+Y5YY|uh~MÎ'W/ArKpyn7WOR5A*?x?ģ{kl L5G?1$;S35/BNAaǚoF+lt8(9eAp<yEvjRVlka]*$ #PۖF[N{e0(u.7PRyʅ-fzY6\.4J̭gg)+\ - o޴3?0w} ?Za1b[NÞq{0YzK@/m#>Z*]YxPw^H4#EAy1X{ pe=q{9]ȼG"Jl)<%qZ !]ȎP&Ĕ9$_B)PY5a2N%Po#>pVQSU}\C}#{.!ۉ\Nfش fɇJyK(s&TZb+h*G2ie#Ecy@)R0Ѯ#uLj\|go5FGniVN=ί n60q2.3f>q3myr҅Z>?nCl7`Rd\oo'Gʅ@_ Nz d֝B;aK07&"*y[, O~DP1=v~2:sMp[/k5jOۺX />t[[ B lmAbYS#8j{>q,"vθWz2e'I Y\VJg-^2:oU*avL"$*v1C ^W 4X.A8YÞXUꦵW@>+7XdKIdW6A3"C ўJ;& 2KFvDznvcur^>uwa+CKK~O!bWUfӂ7ZW0&Wqmc ELۤRw?h<5XQӄuز&κB°|{ ħXVxK7@eu.D-n <6'ӌoY@ n8VL9v 3CJ$9\)W͝hb:gZ ?|~}m/4?;9S701ի87zt@DvmN~inIQ%G'$q,f^z [s =dVf}@]VekA2B33= CL%brΈ/N zz ls0?/C@謀?͒)zv+ exjpPJEرONGRk2XjI-LMyr-4,ǒh TPem 5SVU`Otӽr[\a`o(Jb6^pV|9E'w亽xZzvz5"Vī'd8v=Jl\pdV7 5bֲW/: -O^a˰qT!>^\*ᢒ5͍Id;':àVZTVST;]`֛CSH\ 2,]}{\C Y{ bTm. "Vͻv6i"mT*QXRpͽ:֊)'tg3%;q$~+Z];Vw#h1a`صC-O\l~PY3i}XGGQ@OX:ro3nEg:) Ciͅ;ttJchUT="*WVCUbtؼ2|ϻC]ǐlyGIr:з']*qu=ͧ(ZmDKb@!eҢdX1W@̃6f"biXm.|#`Y}55!6miu{F6}ԣ>M>›YĔ>jy']͞ [ByW[vA+"`cY(k YL>!N#S Z}@?0}m 6³<6%/oKψ%{VvzJ|c|{xt{ d~ћ|.( *p7 ۤ-O˹99ܕ]FW D*!稃੨dZ8c`ٞfGo1GIHDРh@՜ }B tFd-!W,}XX;ݶE4{]mh0(s`5[ڵ.|㠐̣3Zaoؚy_H}tV=Vzӻ g\vҲ;PZjW\A(JyR8gCd4)`U5Hۧ)˜!oyLJ}Lufx}H@ΟpleM.,^5!ng]Z;3L]|9N6ZCQ +EUdU^p|OS4;!($aX% i^=-݄6O"ۀXƃ;bj830݅T0nED3؜ZCXG9kAEƲOƨCw gjުj},3JCoF4O -`"ҧ)~Jݐ/xtJQ@(&cl ؘV:#`rٯ"_,׏C鋩:NF## &B-9IĬ2zEѫ۷Ύ  3 沢p&S'%J4I>%b-l9P|,|˱`k%.ó U~]9oˮq!)Ԙq("=I틠` bw|F1$sY*~c `9"2w$d$'Ht{̖^~$݀"@X[]0|FE`?LA.5v( ,f9JIĊ ?"x:lZ"tm,eߛs@+0hRQ cb@i<1-P*"B̛"iY;XQ b+@ +$Ӄ'.gqq ^+w*9@pv5õIǛhJ@&)̓-QvyߤxTHB]3Ϣ5@,:㶉uƨo-"vOz\;< ~9c摔 M],; pm\Dt{UQM݄^K.IX\-T!H67e!> 7'l'}\2o2T[0ue on:|+ 鑃sɂ;\m&ǣ<19=O9^?f`Ѩeؐ$(ߡ[\Jp?$ %=9L|a}tW?ZRQ-&2?l\ ҏ#M\yAeCuSA[+D>\0Mm+eZ!,]^ƺ]$VB#헄dnF]r)hIKUK彖p\.I=a5zNůGdڬYZs *3*u{1EmU=C# 9=U?5_4xṱωRd(Qg vOMl jGCٺrgW+'@KRW_Bȵw@҈Aߍv[qpCpp\WvG[DDñaNOh~x_f)ߧ3;(~DӲGSh9oFeYV8ڰ|3(AO::8Eo3N-jw]:97R-S/ND^+~0fhiG $DbxnӺ,bdDdk$~Yh xKv!{?Fw%24*34.$b?;Tڢv@;!2c> b[. nnȌ6 1\?Щ"G?@:*ے ̔5Ֆ3v.̋>2tCK!,;t|+j'Zna}]1~)P?&nCtjd-V6Rdd!bBj-jBzZh_%fW&.F7O6 }>?5")z+ٜVQ&(K 5{MXΰ@Q\>ikݞN#CȚݘ;Yn4F~Xg8N(gjn-uxzՠZ'r QbT$z٤`!UxT͝ r컡3`Zql*VK ݿ읡јN"9z 1Ls+kn<̰Φ8f/;EeYhtZ\]\?k>=|{̛%_i0j 2zӄ[Ls8Pjv +HJM节 "`,Ē\H"ec'KKsŦ9:[akVvQGL9ku|ƯLR4nvp8gi~Z} ;I Eǒl^Ul[@206(?R Auن:JϷG9ۙq&] &q񽁝ZK9܂jWh2̪:]dۈLݒ:>Og Ѹrkudm esAyϫд%m<+rJV:Vo)MA-c",}WdtFˤ s,iW9Ji7{u9&d=Uov0e T!zת5,Gӗjo準XOeN[͘]r宛e"KH UC,1u&'퓀+vpB=IԁJػ@ƥC5{LҌܡf`|=d6ՎqTRNnsRl9#q^D! KnơL7 bP=@m n/ǝQ зkY%=Z(`3]&&A6^y'm'xW!k4$ʋ.)*=  ԅouKF@8,p-xO~elo 5*%͠c1|0Uj۷Egl1 !Vةxm`Pf;[Toƿ;%Il 1lGV'G̶G 7ʈ|cg܏KVdJW0ʼ$y0붕t! be XʒH9DOoNJRߊ^ا>sA V> 2.$]€k[vޗ3b ?VU1_.&R8p\pi) zF|݃a5c YGV)/C{LN2hGߎ /$F P~7JiȺFᶺeŢf6;# VE٤-o8_ݲk̇C̦J>3َD\eYBXhhIo\pD` :G3Ag{#KW9eF4JSnC.Ղ7K")j*.\b&uaOd`=)A~tjʆ+ Pҟ]ϓ$yg0ݵwRǠ2ZEn: ȋMՙWa/WK4t[f3v}LvA٧Aq'ՑO˚Pݓm6Ȩ@\on({*h8F3!u ^cPqoV f._G\;IB$_TA-0'yIdys}Cg-|ڰby `?y*V&J+!₸X4-A%v;-\/4"$aO: }ۅՑ o}L~?(--}^i jme28:Zj$!|r?JpߙƤmt%tx>t5N;oR۶v3Hh9)C -x'i3b{u5r+U=`Sʀ46,5BӁ5$zaHYiN6lC-YRab] fjHujN?&͟Z eLLWpZęb])ij!A;Wlθ jt5T" D>V7 mO )WܹZPEDHx~e{]s  5Er]Q[uҞnȖdB}9 @XHK9mX ɡ+޽j3kKU-TWE'uLA[q|/{ND,4MI_n@{\Wӫ2om1@ձ+7?S>o*X:C؎^ha?mv: g `.$›2wl<2Q 2H2@!1rgK? %tw4I 3{̜] ԧt; xRj¦K #پvI y ,1F=|$iS5ggp' L a >` z3oV}ߵa=\?>68ro%= 93%:e7w4[GTvmKnFYJ.{%am22ďnNFm='%Y ^wC /<`]I$SjvkS +̳߫F /I^lqM#=Xa˰hM!)Hqɵikz ګf/8P "6nhјwYym3F@OefE{ʑQ _Dzc #b/i)SG]_ eyX-!%xgypof,k)ցgeuiI%\io+|Ҹ!F\EW`i'aq@ݭxN<-~Q{MGZ8w2.XE1aKˉbe8dd|"[W)+8=5Ζ+l~VY"R~ tՔy`@Ѕ> j!f+omH*s\P@2f,Jޔt Yx=PP~EjFFTN Iz)Wh»F'À A];Zqܔv1M2yv {jo#J?kؚWd+4QRxk^[J5F3({xO/)By xp @Y֔xF Vv&0 Kbs+hNFkqɖΐ( *ϼ>%BژL~9R$,) 2|X>T4pƺf#kHzXx5 (G}W֣iz6`Sqw2L%BG̖ϗnο%TTjY9cWtT6gQ{V/^ܴjMe?Rο*egG߈&91'%o\Y]Ѷ&FٶU_*e@U-钘WQ$cϕ1eze1S nM ( nB?auV: [}\_xyf yܱ0 f9RvZvGw z, rY(C) mruZlt.r18\Aa3­cr8ӽ*Asiq>`Ed\">֓Ptb3s8bKܡ,'+E`|ҸmsmyyY1(:v8B؟)I14ua#M6EȚ&2Xv%B{Z+KL+Z `YkXiKSqs2v:W_/q2csb|'] 脨Uu$I\e9&EƇ?"9d_,%0 ? j&`QfdOR'WJtK ' G>(]u @F'GʼfmFg{f"߫%Y@hݳ:SS7Fd?+NĹκo0ivY6p8%W#hGB9*$\P╛"nY%ZL` [d` n[?7{KlBqI& iP>}A3;D{#ݼOj3k6}gNbsO&B׈46om,7pZ1 nn@Cf́0<XvLx1ػ՘a9aEI_;^R0}:ٚ㘞if?.#.KnPq@kcKNXT8q۪\zǢjנ8.LuV336蓹ŨUb ]R2ဦ 3dJ6N)tVs*A WQ#njo< tYkcV|Sy9q  L&bc/9xkewRCb؜ܚ3_Y!,Np V?DSh!2NMQ oOj?i\nTcok7F &/XMa&)jSY'frt )%4-8ۖۆ=ks9r^ Hms;DL.C)T5QB>|bI9 86뤔38dX!,H~[Ap&BHW5݊j޴ȜOC=RlymHrT&1I8l= j7SK}|2գߩ 6U=g"[<** iQ)0JdmZ"< =tKQcBeVHѼO )q ZE (!Fp۬ig<5i[~ {a-SvQ {gK_z+-^y2F/\qɘ\gYvȉ6o~"[UtӓGDnyEߟ PVEg@7$ܸN@TψKrtCOTUfP׈Xl_ycF=+h?(g3SH;ٕMMVrJztO@u1!DRW)Po1"hYWan*0YILЗϜˆ'F )|w VexC"&ⓋXx(I}, ~yV@ ,R,5.㠿tzXRUg`$]:d<] NW@H,YD1W3E^b@+}d}[f)DASP#^/q*ouJV[3]Gsrߐ5A'pϚ@elCMKyHy;Rͪ2L{YVY mu䤳$\S`.:U :%6PR=?9Rk[t&e\cbi4w&N.4<TFU|X _j|KK$MkW qˆ^β}%`f6#:_k=;rti^+aĕ R֗< 57glK=E_3+pJ]V YfF[ $W'_ڕGɆ[-j$Kn ?3>Uʂ'9}iLK^.c;Po8_~^5 aҿ!Lõ`P6Mam_KE[q9KYQ7CٴC>7amHlee^aMVX.d uЬٳbB&rw H&Dl9Nvɿyߢ+-G_HYu f󪏏C|=F_[{ݖhWDx%׿($\HB`ۖp%$ϯxK/°ԣzXV>8yRբвNMIU;F2؛OAyd|(%>8Qy͋=cdOz2Nb]o=7#8])9-n 9?Ğ]ĆxJZRdϒtZM#& ˊi}o>Ԇm1k8NtVl̏/Y,V]ղW^>hiwB `;42.6{;_@`sg/^$u{!zyYV9hX\ ZK>G$ % ڨۗٺ[e_`u)[OˬD%osV~=pj.RHpx ?G/Q01$#8`! oJnH ˪SS.;˓GkhSOo7W'zyCOAa4_$UM cU4낢:$8Q_(Vb}0ߝ;:P{?- '$BF%5VW\1xuu=L!UF2#)EVޒ1Vz-t.WMȮc! ; jw!6`Z-ɓi9AџBA{X; (t6+^p3Bt!gzr;ƅ8f߭GgXxsH y9WUzc$˗1FҗnݽX2EYu~sS4SuLeT?[> (Jv0 =nogDW @}L, 3&莾T7;> R< {0zx L'kg݇}-F =CikcXDlT{XaD-0 8ʢ fra DJ&6ᾨ@.aΜd(ږF?[\q45$sA8(.<kF!P@9rMozYHwH̰75ߓuL/.Je0^'ۣ~wbJ8؇6ϧ}8^E+2;s2E1M"EQYQY!_`ZB,LHIrYP|$]UŽ=͊!Jgb}#_RZIƗ"7p#X`=-bQ`bH3R18Ʒ!?۬ou:G^7xiD 8ߣv{9];$|#̈45Jfsx9,Lj}q]֠#dһF yO?+ٴHԧGa2FꕮNCҞ/ؿiR g͕<^с̧HwKxD8Tnkό7I ହMW[TVfimkZ7DRX41ʵ"ZņoThDT֗Z{+xN!yO6ҾB6$&\ֺ &lkۢŠ)|tIʾJ0dȲi_=;$vƾ46SB~8}h1 }g e!*9ѯk;zex]~+2GTd.{F 8OkkBR'W9lV_0FiZdTPQn]>U):AUi&ȇWJZ%꿉?>a1(Laic#`W[U TPA cJoQV&Q3R)vLb  "+mi2Dhx۫϶ Y!U/\{7 <+ђj"$}ga 6L>05 hXFHE>c0+KSP Q&r72OŝQ ڼF B!T %dquElH:-k_bxn5 Eh UkSgx'eʦsɷC.# CGW=W6Vg{t}Or@=m"@k[C)q=@X˨U<εZ7¶׉Kn2A-׭F6Y|3V2EuO_~Ik:wjE2ZՎ# ?^%j;r Y sh+ͭ-X OBk@S6P\"d4?FCW 5smo}`9!_6ú圉PQ6 @&d<7ydV>ސyQ4F\:DsD,n&)7EּbcZO"P.1 $h`4ӷ}gc"kFe4C1~Z |X{Xg"Xlℸ$yxq{"s%^(|j+PAw}'\4ɨZaRruK2'1j9Y Yw;b'k& \F[m߸ e^1t5kZqsS3k!Y\?^=iw1AD#?sJ/*㋳AZid"Lj= LHa˜P5K>Ce '*-V'w*pFXubYw8[A[0.VX#ߜ˝HE"BCr.^N!-*` 9jQ405X&~bAӋG.-lfEKX3\Y+S[膤(_A2;'E1 Ddߓ+rW}HξW,#gM@y)bNl3%UюS&FYe(v_ydw{RPz (VEtxVB]X]~tn <g4d,@X*FS@fe\NbɎW />ƉJR]ezǔa&=3.f 9C 7'>[04XbwZxP`f, E4_qS(SS5r;^lΛ?>}gY^; @5bA:jCHd+ _^D\VMԣDOPUGDvf9H]n)2%o= B͎B;܂|!\ uka2sFQR8Uif ߄r۳Q [q$Jævi cLW䞠牞v(Q&(]73=\th)sNVXkkhOy302ƅy.:u$zuUbɠ_^SKpFӕH,Ƌ<+r:V}GW,]w(6>WTŗX(CC#rgvA!|;?cCfAvL{ nq5&ic5zuGгQ \$oLt讪p;R E͘0r1GxIuFyBY%{@>vT)Bž?=kA"As}3.`2Eao{Z2C(Gp+㙏fDڑ rA$c#m=N$+ħe3YM/;`\#󎫻T<Rdܔ%Jr{esg ~*OCwvL`Moz?E~U=G Z6`_XڕN(G88pW7avDB\Hf:ǜ āX^.sm佔uRq{h9VWe {B?MzFak/RY`yWAtIO+@6'5Yw}s,yZRU(7lb( VѺm@Z6I(%* "I=P#i3Nݓ@\8ՕꅚDg^4@`a P7Rx)5L@+NXQT@j^Ksl6ð/ϯO9WKGN7+/5O֛dioj+Z.~fMn zڞJbyJYv}/`t 9*h2!; F],gtC=s+YRj )rl}nR][)qI +K4pZ T_J$C.J2t© ([{ñ hۥoRA;7󷌈-Y(1A6ߩm{&.A&'8(wb7i*iLbw87:z^βX4b戓:cCVT3Kм9'8ihxP`|@ctD ߌIsOnX%b ̴ص'AEOf`)-rՂk9ފ8JbrWC>\)UE==6eD$˃N7b~nސNN`ߒsIpB&٠o/yɯ+؝+*Kf/kKE3W44n}qQzz){ * Bksט3}0@pncT|>A\(~nq^?1zGv7f'e-䎩{ᢌ{FN&5)E=@U>&F/F镸zfY2<4e쩊'HIEwgf}cav'>E5t ~.i&LGB=uyes[ec{ sٴ4|킩I#X9KoK'FrL Sϴڽ^keW5w+:;R)R@@w˺0S ByLݳWt2 _VaDl0V>4!<6[7_l<3eHHDk.Q*"' +n ~@=Q|-q%GxȶxY1Hhpġ7,ۙZc9(FsCMɫt^1$?Ht&+V'RC)#mڀ&Ѣ P&2]ysho";eҬO+h˙1ܽT5`GޭvUu?d U08=XmtnL/ wxP>,^RI<8# ~/? e6a&Y~C^ċ s<"?[$'vb' ۂq D~?bQ݇@M}qwb~ ;]2~ֳ/ LZXe9 5UW B!}sFnZXcW񴐮X(;~6>M\Dxk.Kh jq`z-ވ@L /9Gԫ ]@"]nIŋF5g;N!{T܎\wy!./h)LP'iwۄQO fԮ KFn+C59[a+ѯ(^N8^$ND6j\t#%g*-yOs5o עeBJ.%$-]m)߅ezmH:utԔX+rCw'ЌC xײ2myD?l[Gطk#_-8RE~\Z3GfgΗLM)Iэdb,~3;EPuoȮ+ m,j | V-&y$A|7,}X@DLC~}x<;c#yut-Dڒ[lu\o]! 6cS )`}*6Og74ѷ,)0=ЌYo0X}F;74w{] z(bL?Ɋ6M-J3}(%5- =7F c(~ V@u:)ʚI֣ >̩rheŒɁ0 FGzBV?ةz@aFRKuZɱx=q}ʲtt^Oţ,|HE$c,IYitYSlIrb5 QsBcHv\)AgZ4bm#\":*&^ڋCƀGlH `!n~zZSxΔlHQkt!2|-~Hw(m((g;no֘LbXXV_n~.@ޮ7Z9 #f+=ų ~=7`y0X_2R6oƱՇcwUpk{9 ?ĔGM0Ͳ>'pPK/S+X"Ļz׳WsC2MQchȖ?xXI-YfWng*6P:Өet8IbRvB/iޜy`g$HeG Z" 0Q~מoDLh1g-dnqN>(X7.2QEmI/t%ak9^a&G&rj iO | ?FᦦH>H3 %z|}ꈕco}BF'|MJu$3wWaf#6 ++ՀCY'0 !a_u>1:CX:.RutDБ#vŲ/ )]'q+wѥB3Fż;@~h#YcqC9 &pexyW}>Wo(DѢMo\3;6ttdH$R'H`bH]y&(u-˟()IBvwW4K zWJ0'rm+`+=z#ZM*?mɼp125ۗoDZӱJiq],zO>FB2.;94eiB>1Jdm0/. Y/^坑\6|!tQ:QQwx0d9TτWXDŽA~˴FTy$gKx:[n++ _b{Y931goW!ؗ JShj A[& 0*lŢ+1r"\ӟ7K1vFMVd[08o+*E`xJBys\S*-Vt w盬Œɟj̒cfƮdTo#:|'.`|=NW.[=kW=NzRn `7l{yUi~XG'O}CPA |dMaU,ߗU_'*eδ8wSWb(A fagY&xyd*{: #ARFw*RR|^zk0l UpY,̓Bg14V35mk ~1`ޒhZHy i[gFڛsN`ʈʶMFKp$OKKKIݱ !rOTձ>p]{AT 怡vч)RimHiq4jlZ/lӦWp(B!뻐 P{|"flH2'\IffYAL[H³Zx_vp [ ,N󭙧Ӈ#0О0ZR]S& ]{QKw VUj~%+,RYAU]q;ɍbJ W]=lizDDL KuUE `[ }u. #2(ren2QE_PL%keџ.VpЧ<`>^qE =䩊SXAS<Ǣ])u9LmQ9㝭6v0AMҏ^ Tk} \6jlL _IO梇,G29u_IT[fB简[1}]t)+=!]ׄCu&EE%SWL%h p9ziN/:US㓼lщ-6OP¸xAWY/0cwn5ŭA/dmIM=ya׌ L6|ˁe YG5I}cl!Émbޣ]jɞ$1w5uMhwͣW/OP ~dJo`-Pwdk`[lQdSC  >0XvHJ6NPгiF5rY$0d N6'%`}RԞɠ(NH}֐tK)svWJ Zq6^? W2+g%zIYv&A#IdL4[šuiyz,T ,uO;ń^F~F ć%g}G㫉>#EDAF$YG}@&|I<ʒDla!KFK{+*긿uNqf9ȉHӹ0=yxH-8ʇ̞f? yf r,3DVI:9&mi%.TZwl­-REDNLG8p[ O;rĠYMͷ CGrTͲ*pMP}9`sx 7i*t~ ;ԐAW7NuN޾%81RQi)C^ʓ#Րi)g@-V"e]@{^i)X@DS率8v{}cڴiiv|D#,@|%._C٨Ǐߢ)5$[8>k{(*S" ,VH|ȕ# .e.U61ִ`]o kHD;ؗ!"c#sj30 h3b@->A]̝4\MV5rXxEl;Z<9S^:\v] ^ݡlH$7]|)Oڳ$$C(| 񟯼|Nb,zT.;f}ijP:3 TQ|,A0 )v.~`AOqG ^+ItyR~3sv/»Թń 2ZԔ/֏QCf[9(S'p(/ٹg}HZbQȟ"d0l=%fIkk_[*,sɦWIzO/i- ҇Pzhka)p+gka"RNXy-MP2`}C' ^ރin*ܙaGJdgt^E+5FO tKknLj#Lq=k4V6uMGVi$vHeڥ2~ORqt~~L͜Ctּ_n=?\ykR%b]U7|]W$%Tƶ-mlf̎}߰{lH=RK/յ۩r}txTgq<=a{Bd[3'}< Tܘt3z1nktS]M0$ڶ ĘDI,ˡE q]U ISVQI]ըXbb#Ԋ@Kvs~)edȔ"NEY?!N؎8T.Cw]j_B2E^/S>Bn[ŞP轤U4:I1xbWtHKkT:>%۔?Lp8;\)":X"M™ʺ!0&{]H.붮kiO+~mn7&3?'tN,={\;y"Ub%/>t6dCq3AGW6MBH=Gs&/eZph,Yr+a0/oǞN ^41`BqF-lKy kZ{k?) sPw!ϋiO~D>z%ɊQ|ft"$A]ԁ#d$7 `˖MLrGTd2}p"gyU< UTp bEt}tep,l۔ZHO֛%|мî ٓEV.Ur_Tf| e*| 3z^_YbM .3T5dož!HX?Gu|%S9ya烴6HsZRTx1V2 ‹vwӐ ü9< .dȰ. ]GX2WVf$b\Aد%\rMYv8~ы~7q&+v*13qB4ZS}mc3KJPڇq&hdMo_pcaϬJ}ʾ69+o[{nvqpʴ>ƒkR8F=jwLSnХwB*ύV~2Rvl(n#񐽎IGuɄ7Z"o΢`9[95f- ُ 5n#=mngK*(uDv~U@9>QkvsMS܈!y Q$LNC7a ~̢%|3u[XyD|)vAr4oݛh{fU15h~, a. oL\Cz!N(vXu#<#qS2-fN9c3c.|_ *z4$>XֵQ߱*'8W&E}~1Qa40&eoT5~V*˜$]cmm_-N)IӃߤK vһ*SX ;a0cL,/"г@j9Oԟd;ğ:IK{P'Y\7hq"ҞdcfjfdkxHв*A5Q{o~ $P !NI[P:azT UYjJCoLpZOM !FyQpl*,2§A20ȓ4A%O 1TsdQd61sۏ-Ƽ0G(YEN 5Pv/|+sAo SkP',/ _ VQt! -A^&W]٥ACz  bb\lWMw7y!G>^NL/XO `je56%W8%ά T#[g!oGΠtǂO],jU$JxldCt<%#5;!-G.rd\ƶS$-==?  $;Z2j6 ^]/?ς451Sr-< rmB'Kn6cMH lVzczj&(cFSAtpG[HA-bo`[R\xy U~rjYjydp{S|)4`cq.0GшӣnHҽLm{tV=(JDcj]:3u )b^/Htӏ8Y4mJ[gt{) lSCL93̞*OQiz{UZ{lHr 0L=Vdl!n$FTe.:'ȓtb8X^\)4 uaa)X,jV9CN~eˠ_& =ĉI歟_bzN8|dJGI8X@ cZ'T,`rsik 12k xHfv׼A$=s]K֕VC"?*PL.%3d4Oϥ57(TXGHerͺR'$uWrSWHaP}eϖ)+2Y#kJ;Ljj( \ڧ,n-zNʲhA*_RY2Z8v}]yڇPSi<龾QaakWC12Ϯ0|)%#yQlj"3E+S O'ȑ rzxI@%Q )wSkɒ&O,bEF33GW7x.Sq2O1]qUqy%LZc.ffLC&%əNC,B P/4Zh16<t9y; JUn(qHJOrJ͵Ae{ Uˬ& :x 0"NG6"^zƂ vYZ kBRX=ki& qȋ?uþRp|S33Zۆc ͺv C2 #סM'آ!mUn9fdqt.]PN)-!Va߸JH{l-و:$Ѣ~_]p)E`̝SIGaBG X DYo$%cfˏ(#Q"c7tK2nf~q*u 6r T8Qlk!'"m^47i7* ӱ~l_r9FNkHS^"w%Ϻ$qП?3Uy=Nthً 'Y*&_Vf̮*gfۦY-"797?}j?/y"e-s,7TX6āϩA*[an>YklMLj>P89LJN\`tyqgIVv%BD Pe^O,xp׷%LLQʃpQY٠ELHC/P 0DW( gKqLmf/]93R6x`ᦾ8Ltÿp4N%6B`Ǽlj2__"^-^r])9wᣅ&(){Gm@R\$(\2s[6L\P?Ӗ)LټvNS.4ߐo9*9+4t1 6ntDc[?zs-(⎞[7[fU~#4WvV}h4/O4rC P>fQ(l]]u|Yg[/g+հ8c@3ԥVTuOGOIVl/q)ĸP=̿ e`$=ܫrS(0Fx6I\4ea6/&,ocp(?BWg)?${wi7A?H Dj8nb=tV䏥5g͞O-E㣽 @Bn g,{Dvapq*< VMG Cq1u /}T5wsIpV?,qDv7̽kM=eD.4iZ}|[Ҡ9,}}!kJP%'x%}vB8dhlP<#I3pX%t}Dz3"(g k -bG-7!v?>i*\Wv1r VjB. 8ueF;zXÒɒ|RC$s |vC}%Z3+jT.DÐ%6Z}yˇ pSRtIL92j)1#r9u2xr .$Q|NsO鿅F6p˔"SC]eJ[v N҉ދ}'^`pǒRLU-)YhW.@Fԕ%N^Χ׀pfvpDgqֲ0vD/=Ex 6R(]2CW !9&ɕdfY hYzqG-U aGwx-\*Yy.x@70kXO%4Bê^¼c}Qiʰ F"\늠ҍqi6R` 1wL Ux8\ 8Lj255̘\~aZ\. Q4򤙝2qD[mP,I6{ڈPxd[.$.milU:q+-+ krwI-nzpHfȟ-v!AYX3ȱƹFmg7]0~8K$VS1:lfRMQQ S9|÷IGKBPF@itGFL" )OBUϸkWSEDՀ ;EX l` za-&J<囈 -JΎ ځPp}jVČ}`[XϙfV(Du߅=M2yX{ӫ/)_? LC.$U&c!jB3תTs_̣X 6y~eQ>>>^(0O{Cp z g@e9|s'GZ̹-OW9[9j<\1F|d|@X[H%|ZcQzP_6`[K!4j9⻮w d9*n[O$3If,`mz^mOs \蘭Dh3q+Ѡډ]  ,E'H[VoG#zjo,{ZTG헾/rUzn T Bg4X\FUZ%O#^- QrX™HRr!<2?gi 7]vtC56 yX[4'F 8Vȅ.r -}"H[IUdap>idL#x 3&c`L JAybFXWKWV_|sњ"`uDD6̉V{#[@W9v1 $dpcvXFi >}aʊVCj-Cw={ _ˇs|Vq8 ZS:4Wv[loH_`r^>6#- =/ 4u{!ݒNI;EP&]70QhX1I=g@s=s*\OtB,ZσDxs  o<ʗ߇ RPE YIfo6'Ğ晟bMӦ؜!rHQ?H׻R؀%g9Mdv*69^+ˑ 5䛫65ub)ir9wҬ}Sk .U4ij]:0X0$&Lfrx =E:QT~sm @ Kjh,XH-Cw>}*}L(.IrNgM"`ym4C5CeQLTwO/ cH3L} V`)6z3Xw#tCC w eWTQLNbUƜʷkMcv*X?0]͚Df8tWM{Q2Q4(oFC z:XYKn<~)]og^x=BK?}+t]H!BۆXtZMI"3CKﺩg>̅G^j@8af4m\dEFpu !8>иq+NXJC{0/i " (ѤmIh@vR~Ӆ)/ozZ*iQ#|W\d^ Z)C uLyyA1ہR"2WtOuc]SɜMXF|_#7ix4i1e`G+`֚ dApU|aEN x' [4Æm! VЇ@>}U~f[\Zo lJ>犖4^]`g"򲳃.e', q|dw.u:6җ3^wU#x\e-R:?V+@"nBDFpφ4ĚgטHFd ~(;=1CVb8X(r2ɘV?yŦ)&.f : 7]{|EOtBlCWIiZv8{7 垉gb ^}Z7fT3=IWС<0:_lI nq9zx2o[m1n"td_z|&<: ݅ I%.p9OAuy Hϧ'H-S@ӡZEf"s!c~O)'Dek0S˜(:7pڅHրI4.dv u-j1rO 3X,Zuc Sf?ܞ>"P\`1r*s GQ{k=fy}j)]|$L/9HhR}lcQ6J5]v guT^gm . Gd}_u_Y]dvW~+Q`>k#~c!d@&|c&ZxM֒Ms0 2uXz`(s}\b2B '/9N(CVݥ)cLʛ9.D2EdS \чki%"KKk b䞫0gqܡ^^D4B_a1 v6@&z#TO)quRGGig^W0Mն ="{ bsa;ulD|ֈ-XPɮYF[:4fy7,pwˁ\-3ah:*HMBٵiҴe/qJu8M3Vd9n~[1 X[tU( 6hT*|G-@ 1+-׃7NjViPbe\|9]v]V޴[kyO,=,`)c6ݥ;=ȆII^MBhRYL)>Ao *Rx0BZw?al}D.`u#oY'm39߆*j_ΡFh qkm!AM|Wd|e>-m_߻<ʔ[[GF@B&ɀ/?b/& !pL<vٮ{c+䥏'74D2 yaѹDT&C^y2!D9,i+8iK+g/2d)5ٖ<5mL5K{';c%%JdS10(@Q; v*lˊAW-7~])Q7[\ B$Og1!l.XoHV,*W Fc ۓ5FaT-u; ݘ[rZ2JK0y}@㩉)@u k5LPђa+gLSA KﻻL9݄K0ѯLj7"ndh=ln&.Ra\ݭſSD`9! ."I$ hY~tv?:u/f_8Er Z~u;e@.q-W.^v;:b86#JvaX);c)2PМ*ӸTb$>7v)>e0mV7el:VFa];4/Xn6Ac!afyukԵ`|uW:Xꐻ+fD0[KO(cɘw!kX8@$ĹwuqkêP- ËJ?e<>b_DNry؂!"-tVPeD(Q:5c%hI*}#'&G]'{5yURux|p&yq)h5è=!$ЃU9F'1nYjBQhMߢI_֞".iڛ ޹y =D |V1'^D0ksҗsSl 1s2aϷhն R#%Dj8~}p#`DLs TnfE5/zPOE{jSޓq}.\#)sqZ2 -}gY@NeU)aʺt[C&P9QApKl[颟b> &v'k4gpO͌PUfFlՈ mu M bY`߱#O\Kڭ`K&˺#[5͑0毲%Ԑ9O|G 51v(0Rgp䤛;ۼĹWe!#I͕ ãx? e4U26{^a3~&tg<ۨĂ\ $e3k-ĸbpa4:tsG (P E w9i~%˷_SlfN!QXBFf|!OPm(2>=րJ4JZwk̍yމTyQXjb-EC$5 } 2KIHS| 0C+{J'R q0Rm&/s6jR1r s|dqaEꦀ<˸gS^ tD =yWXhS- 1[{mD^q+oҊ+#6vz ESO^d#u'>:= ,mq^+p,v?{Cq#c*,me.7BU8|i}ẘǫV.SzhDyt'$޿E.StgXpt=xuJ! kiHI?Cuɔ𝖲}i>%|0%=4rCퟨK;Sƭ=']x%.H 0.VmlAߘICrr eXgJLBgߚ#y TLqCMì&h zy}B=@u{_a}:::pXYÆ$^7jl"g ;MxED"gg nD9(h& v//߉^-ڗ^|B_L;~Zvn^v9WTWI17'F:ŕȴA:'mlt7NH^>"cb:<njx\K v&Uqkɿ할b^ak X2fwOR$k|<=DIRMeAe|Sl;jG񪉠=(Ȅv)[jD4+L\eX?vt?#[:iW7! j0OF3x' 8G:)Y .IlsY/1L5n}}]=u{YV8!j3[V`JW\Z&E,  Sǃ41˖-L6J"2mܤ>A9",0" ;H% x6xOӮDm=õaHJ7XR$TR& Q YO#IkmCkwj 9p+3[Uޓ\01[|rv8NuJ,i"Y[ 'vױVO!|ۮJ XQ GWe2}3XeVZXTVܮv'Lm'g&)q1}QDH3iH9c]^Rk?@AdO'$Ð @ͧ=%}\ZN8D\kxjp!je5e PrX= [O7 f \#+p b>D8DM/GhDEJtvԷ@^:7rN84hPޣsο,hgꋽN |qP 9;Zۘ5#`=iwG"tp$¾dП26Juʋ`>c~)amיNȟB>%Z5Kax4&X1:8ApCl ;ت&>61 %sĚos0> 6nH;Â]'S=^HrP^WMf@"(q۠(Q|؋'u*BQw;F>"pZ (_߀^l`adP#­7^<9~ \D5ύS1U7/\u2] 0'(A )}kJF oE)d/d`(Cuw+Umk II1YIfƹn.xA0u`9`@ИRnRONǁB6ȍ ,^zȋ{jVhtJi<OHp& PΓٜUkl=f| `tѡR|1: _5F8}3PmF*Ky6B:Z12x^j7j¦J[I#u2/А& irv+u81 Ġ Yf$)iOA͵H]v3`z,˪)ׄQ-oؘ8T:71I8fԡ*}ϫIi1 F B5D f/loM-^m2cIP~: %*͂ya@6kNQ+ JVAe{;^"ٶI,~J>hض% LXS+P0v҆ Ϣq朒gTub92gb{WwI2^ՈC 7X7֜p+7"DZR"0ݦ+.fW%K6-ŠlaWBN`܊_WWtF.X|Ā{iaz$E!kw2m"VBGEysw3 t|Eƭ!3ߟȘi1]F?xƈx,R.@0X!ͧp'*}(&s :a<4.K]B),B0+aKPf@8dhu'=#nbCc։ T +z 5TBZM~`Ks Ey& Ҁ&[8RġREGkhsCK)6ph wc1/P}S%$nm0z;MG%x"2h`&Ku(ys KQҔb˥N4\/C 3x;Iypу#I|Ν|ջx;i|8α u)Do(0j~!*TØ]^<$<_(t>BO.B0%ZwmJ :w<οyw3 1O$0q Fhz1<[1#OtƧU2..*'QfOZ&-JĔ3s( 4+1°?64{%}X>Z