grub2-x86_64-efi-2.12-150600.8.34.1<>,؉h{lp9||^Kp@\xwKQKTɐuJutT+Gqo,p[C]lyul_,*(7,0(B6_LRvj_hdnZ\nfA@9ߏwcG{PvwA]R(Ęjc;>@ d(Cw:ء5\oz29]# eh6CFXy@}݋Jƈ7X>}ޤeNMm䘰cWW>@n`?nPd & \lp| T&&  8&  & & Z& [t&` &e&kk&pDp` p q1 (q\8qdV9vV:V>HBHGH,&HL&IQ\&XRYRZR[R\R&]Wd&^eSbecfzdfeffglgug&vklmnnn nLCgrub2-x86_64-efi2.12150600.8.34.1Bootloader with support for Linux, Multiboot and moreThe GRand Unified Bootloader (GRUB) is a highly configurable and customizable bootloader with modular architecture. It supports rich variety of kernel formats, file systems, computer architectures and hardware devices. This subpackage provides support for EFI systems.h{lh04-ch1ddSUSE Linux Enterprise 15SUSE LLC GPL-3.0-or-laterhttps://www.suse.com/System/Boothttp://www.gnu.org/software/grub/linuxnoarch loader_type=`sed -n \ "/^[^#]*LOADER_TYPE=/{s@.*=\(.*\)@\1@;s@^[\"']@@;s@[\"']\\$@@;p;q}" \ /etc/sysconfig/bootloader \ 2>/dev/null || :` for bl in grub2-efi; do if test "x${bl}" == "x$loader_type"; then mkdir -p /run/update-bootloader/ touch /run/update-bootloader/reinit break fi done%<(!"0[`b.xx$ ' x 8 P @@88 8A hh 0ox 8 x ` J ( 3@ 'eP'H!$p'!j I8 #Pr9x.`B` x( O (=A(4YH#H"DH4")@x(/H&85%`+hPH 0"=E#h8&0  0\1H1 x hP&hx M H @`l0P)XDx?h P   o   0 P./ 8 0 ` ` 49k `(HIH H " ! 8* xyK  h20`7 !@ '? + 0 x('xsXHh . hN@?XA큤AA$A큤hzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzh{ghzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhzhz3c8650ddc9353227c98744051bbac05865f9217c4e64ab1f843e2ca2d337952fe3e557c4eae8c1103e94808a606172693233c05f1338f23e577829e4b7654dccc2d458ab8a75d0b1c6ccd99af19fd073080379f5c80f5d9c9466c04e4a48dcdf21c9976d41f4a14f44edd109399390afdc0243912b273ed6a53a42d1608cf4a52e603a2ec5244b312ff61ec376061d70467348271a680c31b82c2d7cb46ddaeab8c133e7661c06514330783d6e967494bca5537165c0762f5e38da0c280087eb78ffbfaea863c61b012687071f4ae04f61a9a337eefc7eb1648f75190cc56b3ff8c6093407a4dd7855a453966a2169d1855dcc428cf205e4749837cb9295ddba1a4e5295d9df3b4345e1e57a39ed94ede0ae5d2c3374da74f3914dc293832312f451beac012d0cb6b5e35aa84bcd69f0018bbf3db2dd1a401cade46bbc483c7f1af8c00f6853c4b4a444627e0c1218fdfafcb58ec6471549f9c35e6b87a3bfb48d3c652a9c8c72c3ed56b5396b8e7b6c9a59f08d785348b10632dee9a1350ba49ad048455190a14e42c0779ae3171d8565a024a1a130ca761579512df59998eabf09b89abb106146e2c36e159f771adb935d026eff3faf2799711ac4b6a7c54ed82346c6768496aeb761cbc787f009fe470bbe4eb21177c5531041a70460271ce0becac825cb2757cb58e24fc59755d6bfe7880e7bb49a4cb1ffb7f20745123b7aa79b5d04589ed20aee42327ed73af9d3f501c9f3c14fcf88869cb055c6eb14d0a52df6106508350738ef821c74ef8c0c4f54475f2017e8f7a9c55576ef75a86ea33077f470dedfe4ebd5613345f2f0e7d3b34ebfcadff45d90c0a7c9bc464c087fc6205ba698408028f50f412c8d1d2f51fd34b601afd0c61bc3768453f77819d0da8a7e6e60b775dd7f6a215ffd95ded17c8ff899aa06320ecc0f3bd34bf7223747fccc0d97a68362161520d145bb1bfe7fa0cb8ba1b4034f389f0b7e547504ee5008dec62286fd19bd7bf88305e529f1f8e5940016c23c5f567bb8ceaee5d6828ea91880b86245462b61f7707bf56a13785b191f1f169eea2ca5e6a51f2465a25921690f10a2e9a238322b015387cf480620ee1166a7519e6eec3f72ded8da11f9be801865f470ea16d145a4f3231436f5b867047b220ac932f742df608e838ff5f436850088d7549ff7850f8828210b13a2f7683f0b2c3d0b75256755ea40e3d45024c438fd886468e9a271ab792e44fb4a8fa1a5b9ecfd4fb341e4fbc81a6550bf4a9c58196000b9c4226b93c5109f138cf98de0c5422c93123505488d0eedb49ed73cd8c54f782eccd7abb2d8710038535dc2675b023b92fb932cf5e006617fd99f5d32cada6b7f3c0240ed623922b71631997d8506529cc1368cbb799562d29bef7dcca0db71d626990b0c99626b7c6908e1e5177bbbf63546b8f0ae16dd109238e23adfe3820eb6b53a05fcc3f548599c2868a3d19ad67e7cab56c91708d52ea65261ec9dadc241915192e97d5886cbbb10704ee65984d1ce72991c854b383d2091f43463cfdae7fd9f23f16f4dc6847b2ab95e652698943a52b0f30bf74eefa20ead99288779787edb27ec2b7e67cd3de5f0fe7b181e51d10754fa788bd0cff2d5429ef4c543ddccadbada725e6db921d14a7520ed8d6481e50f2c3d6f3865b2b6946cd03207c67cdbc5cb97187c12020281213bb0066f62671a807bf3d0557e4143afec51a33812e716b6ada331a16da704fb4b0ae8b5a9876e7f65c4a06fc92a08776b2cf27b9cba9cb8f94d56fbaaa8408c6acb252d2863b65935c299953503cf9f09c94a433379c44e92805e3b46b16735ae89f56191ae6dc67eaff6dac582dad2391871097137782ded398f37d6d62199a3a8d8ead3db3a18c13ecc59161906d73a1d85775fe0aae2c77db4c6462f7601956b9bba75a91650b7f871d00fa31b77752009ffd1019a3baeb0dd901b669b373105ff2fa029d4c8394eabd779c927d025f1748922f51eef6fa5b719b3767c3f4514ea09d24e9b451b766f38a94927fe9b7bc1e809f0363e778e14c601e800faea271a2e75d3fc436f7d6f03edc816f6ebc5811d30339968a4aee5042644cea41338231e207a40d69f9ea72377be1ed45c285e88be7e9fd808444d76c6ed11fd381af8bf3d11a22557d1c06c392c9c5e2e4d0a96f42eeac438f180cfb569e4bbbf44c288b40ebc336c985b4536aafc541e8fef4e9413469f0bf0a9b24dbe2b63fb402195fe4e91eec890bba88d81d28a36d3ebc1424fdaefd6a675d813d019a2181c412e6b0a0926d6a4063675c23ae7c847f68ef8c6dca885170d6ea58b1aec752322b7ab5ab3f23e3a883b92e431fda08494b5df9a78c5c6e5e97acc75ae9187a85a0e6df79e4b429316d8b9f42e13c10cc872747733c5b1b34e1ba0ca3d1170e5be149b0c747e7786405b5a58bba6a0905044114b442856cbece470fb4764908d9f9ebe19228674cb51089a80912673c9ae12faf2fbfd04ff4c6eab5c8d2232f934149b6e7fa385ff9c62c237b2f04ea2a392e6c72fda552afd18189425a390da62f8e859d9cbebc0c46cda1bfa737bb6f5f275b07f6f0f7ce3edef69c779066b86fa1dfa0697b1bf9251f7e626264000832f7788e0625067153c5beff1b9f8968c2f2587cf9d29ea6efa5db62fecd07be6c121b5b8b753ae50e4c3a620dc9ea485c6408cb32229ed5c12c2a8b98fd77a9d9ca67a42a7d0ac336f3b0e80c0ff19fa9c0fa0d2f6cb0ca0f45653fefccd86c9140eda1bff37e55a7046b9adab9bb9fb1c5df4dffaa576c55e676fbd2bde1587a64b5f73e26f83a5719d6721127622d869525875c0aac768513615802fa6c8e7cadb302a72fd36262105548e83f00b6337441ccf239115e02b6d31fb32a7265084535a1c29ba1a8293b75d04af4a74efe79862f7b542c1ae89aeddadacd918414b48ad78a2b51b75935aa5a77862766add7b75201d63ac5f7ec195f6bbd3d84d4ce853623ffb23f83a53b076e548de6cf8f7ae39ec2db2e5353da1562b10f55c623f8546d9bd11ca457ec737250cf5d7f575d3719030d78492aeaab5cebcc20693d5c590b050994dd8c47a23ef82ddd75c6aae841dc9f919cb93f489735b5c521011efefaa16c7855c99c1d116d8d9e438a4304199f997ccdbd1bf062b2b88d871f003270641bd49f847c5d3aea8d5925297cfd751ea184c7f9b83ec71822a67e88b1360ffe80493165d97aff1459c47898621747873b401495902a5e21232608490236ac06e282eae9d0a5d3a38d9d43a0ecbb09e861a1ce55f4345a7c28449af1e24a6b639ebca1dc8f2bf3d230a5f426b60d625e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b8551bfbdc73a95916f9ea104e66f0eda1465fe014bb3d8dc71a73c47d57ae386ddde6bc04bf9f79f44700214d8d17351d58a657751e1ad9b6cc16692de917afe88be81745a3f1a9cb48e886abe0586529b2967a7179cddef6ef7ea9cff5962f2dcf32fc7f5de8c0a5dc0b1e7eb609ca31a77eb3475539e1d97a4543dca1b9b26c57cb2f858fc583fc6889ec22b275d4a3f0b66fe1417d13cada85824c2dd5ef26a1505d77c0c7c583a9197fe7fcb02cc6498e14865cd0f340b6f49899851836853ed4e131db3d2ae328c11ae1f36517eb15c60ed8aa4c0b457966a5d0f2501fcb6c61e007bd959daf8b6c37bcec59fc8e015f4adf8939aaae419efe4e9670b61336cc664eef4bd97d22c536a7b7e5309372751cb1f9245fad74f6a8706959553b0e6892db152604291afb6f9eaa859e85c0f6652b69bc9fc7843d34e0609a367b4eabe83794ad11fcd700ae8b0f4bb7a85df47e09106ae3aa4ec086afb2fd03669e34b4ff4399e0704ad9d31d7691726693bfe0cb988832dbcd59e8ccc847c7707d8c0cc418f1706ded90d563ee3f7ed9121d75db3ca7b7928250aaf95fe6ee29852f48f765d72742d9da443fadf960ed46e55bc3eb63b7942e917ecece7d882075bd7a31a8bd8f2a6c9f49602f4d42db3a2464fcb6a0a8384ebb2667bc6feda8f352a982874f112da3487ce77a2a8e4a2551087bf3b432726809bd7a09e20a8b9dea4b318f15e4a66562bd28dead341eb3f8472f3762e3e4b9590aa6742a170f8009f174b1eb7f2ac1f360219b3eea34354ab73e9c6c2a7d2f573df61ead2246e4042a1bdea84a8ad177e0edbb75815e2d86215caf4ea3c127b81357f254d4db79534b9890403197f4a01b08ad2ba351ee49d7fa81d7120de798801404676c1d8052b976c521ef1ef2c26b628a157e26d6e93e0f5242c13e26eac3cd8c5124cd5f292883e12e0384fca4cc0a791a80fbb18379b97a7363b7ce4528b9d5d862d0a1fa0d074b4a6d6bfc00f8f95405d2084c4bf9641d2a3747eb584216e3a4ef48d5c176c8a8032953cdaba913e5dc9710d39ae3248c84d90e35e93b1ec90a28a7054bafdc9d68d8a62fb239560984a02e77195c0c131c6fb4cc44b420ff5d2e6a09aa8971f8e4bf814c9986eb58ed97f4a3b93f15a055744e527f8f9046a4d6c3a6651e6927ecf7a4610bbbcd63804ca1debbd7ba6c6b671dd21d0750732b15f5346c23e9e6bdbb0dca44c6fbd7c36c65a89436f892798203688228d70f09453e7f63ceacdbbfb750dd7f3f978b9180151280eaaa693e698f98d1dcc5a7a7c345173c2ac671ad34a60d21cea8f9255cc868afe24a61c470d0199ecbb93879405b6abb46a905dcfeaaa9a19ae7015a75dbf68f707e603e427a5cba2e7de289ae8064b5b31797daa851f018a5336102535545f557a041ebc86bff1dbb3d19042b6698fc463ea2412941cf8d8de7cb1b7a01ecc69af19feb135b6a2e6ca4e905defd1e5b46af4080ae81a5ea3f1c03eb6f063a2acfb1e815fb28fae231955b1ce968d60c8a992249ffff6f4e999e79ceff423a66df0af2294807dc4eebcb3f480bc1c92cbf6c5dec8320a283a0f0ff4434f8d0600a2086806b0239fb6a28cf9cc7b1b2081666f5d1512bb42b0d45258b480a668c2e1b208adb45d8cb8ef6ccf833586e82f5c755a9e7c5affa2b3350acfe037873bce34fd92d03e8be72ea1e10af7db61c7670395b508a19def6aa58e20ceafb37c232f79dad0ca22fa9a902a845fbf970424f3c60aa334d858eede4613febb7477232835c7183458bbc62c1b14ea9c4fb9f8d23837873da3297279508eae8aaed5bf32018f60fa7679dc2fc22f4cbba74a2b42669e14bb71e08b34886b2a852bf7a6b3c60f6bafbbd3cd420cfd47373bb84b02cee6b97dd7e4115db8446252c23c5e89a03dc040d3743d8f4785c8682c419ef70e6a50c5383d3648fa30619770659a22850e038d87c059bf86153f097c2a819a3925dd4694fdf7e46fe31b678428d8575d909747140eabe2b25980a50073795239aafd2e62876343990d9f70982147488bdb62e54ead3d0106bc099f845f1863238ed03f05724051afea08bbab89890b64355f1e09ec36dbaf6f8ef7f4f6edab25f23aa927d5f2520dd0e2720a09961e871c762d83f2a624982601572f95903ee230cfd188dca9bdc4ae3775f12cf1307239583f77c490eb47786681594b003fc3e592239263ec4497104191e64eea73c9348718077d8a9c4ea3f70eb2573f13a239fbc757e9397b75f408430c5b7ed6eb96d79e691b819d7003bf5415ea6c9e1b8c378dfd133edfaf11a9149dc53f2a9e5ff09d25dedc27f91097c92e647379d3752518908d92f0a6a179d203f67ef72aefb94033cd6af16d949dc92a06f16d3d7ded572cd6ab1cbe03bf0d565e9f66e244a309aba39fc82ef68e733144a975ff26ff0c9acf30979da9cb974f94ae5ef41eade9aacfa224774fb5cc0d145136bfec0f642eb895dab3a22b4168ebd79eb6d649cb27fce01a65b8b90bf60f7aea04ae018f6e90f976471569e6d9509f85ca85e10231c5ab7dde814e6e7f475a113c4f8fe19ab932585497ac046858febc1f282ef717e18f01ba435cd2822c96e78aa72f4b6b35c4acf72c2e766a81ff0bb8e3a691881778a3af7573e111b134d311ddd2534992b8f2f3c2a017df0f42531ff036099606893534cf4b4e3336128fe69adc5f226fe7174cdbc245b7c4ca450234e52fbd503d448b9f650e0f3e7251b55648223f469f86310a26e82da09874442a17a4809e7c20d929157992dee048b2eb0dba12c8450eeaba7a4a3bdbb57fbe9b0d5ec7d188220628ad09a6e4dcdac5765f504d775c451e37a422ca0ac7ebe8e18058bc4894d41f04ec04e21da459756e7209877c86eaea3b06a50575f8e769eaf0107740deaf8b90eda4470e510249f03fdf5e9239feebeb21166d1443e59546030bf084feba16039c5f929497ac74f75bf864a1ad8b2bfe1ce2a2c198e8ae8a3b0e5c17cbefb6c19f15cd73d390c15d1eea0fefdd36a2d9da9806fe291d21c2ffd4bb14f09e5ff35ce18a11685cabe1f42b49b081d83194a60230338217c3dcdd300c276d533d47248d382cc7c40af8d59e98e9d8444be4002c40ad1615d9a394a66d37054ec8061e930437ed79cd3ff804932726f2d7ad2dec8f3e13f74bd7ec928e89d951e36a64b44372af758bd6a9e9bf7fc5847dccf1a04d41ed1d0fef08d31fee814a55918951981817b40571a7c6f58cba218003b7987e0ae2e6df30e050717d92615da3b27fc2dc2a28ecf8c2c83147bfec89b2b2da9f280520c19b89c8da236a0e65aa7348af0cea7c51b373534970b332e02894326e0b9dfeba2ffa740187293817e3454251723ba1cbbb0395d960a1fa23b4bb1ac773a3aaba16b71a8823837547d7efa28d4ac953107d290b10ad2468dc21d8fc659e7e0b89229783d919f7d76cf00bd3a5077acc6d54b0647af732ea687ae84444de395144fa61aa726b63b59d059af6bda7653ddc3949573998fc40b357b7e43bbf33a21f147d997e86d6b0a6fea011d7fcfaf14bee932b6a2e9627fb1381efeaa4b8acf7005a4d4d4cdc17818b9f8dd70859b671253b22b260cde340e0bf4ac747511b7c361a2d8f1ff344082e929ce4549adf5470eee12798816f6521ec423371ef39e019cd31e9988f9d4ae6723fc872315d0a21637d734988b62ae8b5e6d5347b3610580e8f281bfb9d920173b030b19cfb34e62e55e81d1b40db26da37bf8ccc843efeb1984093bddd79d58822d78f4a328ed6e8e15425af3471dee233cc31bcfbaf3bf3dc80556518acd06a6c079920261a370a8c6e8b491bb4f573f8efa339ca6df83e2e174f18d8cc18dcc3df7a70e33f93b8bec9a0ab3bb25d4eb8327dd4cbddf5df4ce932cfe3c21bb866130f6954d91cc83fa4e05b36df28fea7bdc7ecb2bd1ec781b8f47a6229b6e4486762faa5148fe167c20096b659e9969b56f84627e060d4414cb7b872411cc566c715eed9b9c4f8f1211badcfa279fa62ef7099e8e894587b28f3048f33938e2007423ab91b74ab1c1e00e070aead24d3e9a03dc0bd32ffd0d79b47a98d0cc0c967ffafae5c93840117e41aefcb8aa95e7468502fd4f965ca037bf8aae86af276fae4eabebc2b143b01d982fcdbafa5a9f8fd62dacdb6ab2e184f28a99d4bfb97279cc4f8cae326dba230f4b1117ffb292d8594aaf3c5777bc8516982a51bf3ed386941bf126cf3828e4cdad16619f92c301fc5cde53398c1d8bc1410ba04c9d56e4d0c1662b0d1c6d62a73fee589fd9305f13fe2e5da69e5e335ad67d94191b324405a830308ba965aeae4b9bf02fe1307b2afe25f189a0a2e5f7766a4a3deb357c33a4b78dbfec6b26eb2485ecdb6405da66cbce6f6520c3501b498fc684ded513dd0391967355ff74902817cc48fa6f75efabe342e49e387f522e7660d4c971c191a695a3bf7d2ecd3926fbc4b3720c72a393089f3d494b46c65f9547abf5bb13b583980f3471e771a0caf278236fab03aee6e2fc6460a8609ec5018e8a37af8ff1b9d52754c8de7ef822367efa50635baf1d6bbf2d47b07b5826e13ff265b22bf40410bf36686dc01848de259cdd4ef8020fcbb64c581ba0b48899b0267dcc863faaf167beb9dbbc2db99bb4e378543e42a4aedef7f2bd0ec4e15c71e82e1c20372e2e85dd2f6ffd03d4ab15ab503582dcfb5613abe0bf43d6237e420121524aebfe41e77ee2f774d93cbabf6e110f99aa678abc11f0ad92b12292fb7a3f0d8d1bfa8457152094636899cd5f9434e0f48abb3583921413d9a66eb07842377f19baa79735eeac00b6d3137faa1ddb8b22a8356a16761ca4d11300524cc540175a01296f6e5869b3abb7a2d3aafdfa1ad2e8d0cb3bcf168b6fef771e7799c8c7a7d3bc79bd2c53c0a5a69b61abe3b05928368461c39db76f23f740a658f67d64b5f621faa0254c7724d6cd6c578d30149ee76cefb4e6b16f6a2474f35967a8d85625d88f4dd1cfc0ca4b70c75beac979e9d01607b07e9a1629cd07c1f0b194bcb6c4702a94bc2bec912d04db35c75d675465f7bdc290e036ce31a325fd54e76f84f694ce173953c3ed88723dba137588171ebdc65d3df129a73d503b7ebf884181f4d7f97cbe9c636a033094abf08db91444a4a87a99ce16171bd0abd7779e01d73fbc51f81ad7ccf9a33732669ffe8ef6f1f0e15b97a1fe806cc9651c380f1fec88be52dd0600e3ce18b90581d41e2958d4b76dd8a6fa5a42c40613e7fdadd843915456690552b762ebe4b12def7e94dcdb1630941559d95ca96fca9e874070522554dd422c5f6c6427cd97cd6d795ec48626cf0d64fbd81afe12af240dac9b812e7789a079b017327487bf15d7e951baecbaab34e9220c3d55255facf3ef83aa5b36ff04a6c040be593287fddd4269227247d3b65fd9f211d83bfb5464c1c885a3d5f84d20723a27c1442b861be44fbf58a4525eefe2ccbb2b5f7ceb21e8be6de6036ef0dc8a908e4cc248ef1d8aab87172e722d8c5bad9e137fd43994e0fe25e1c254af7c07f683ef22ffd08f2653db4eecab0a7b224bcb44e0682447b5a92f254ded1116e06dc057f380dd8386cbab247f1b102d42b3fa2315610c37c4ddea6b1aacf78c014acce23cdf62b1ff955c2277fa2bcf8af44a5cd3ec67cebb9b2f7a5f1cee23092e3516817807aed049a93ca3173cf944c747de70d0d6e99440664e5befd7356859236270c165d4d656baa6c47ef0ffa68e184065dea8b76b26d1d319ff38402de9318f4de96d02f8780b066de7c221217ca86d49518efec0f543b466388d4eaf4f2d80d8030b2e2cba762dd359d74b3c5c6d8e018fce449cbd42dd8b0a83a8a8def449cce05a3d0b81267c29edbc78b4c790599af9c251981dd8e09c99cdc6f40a289c96283a803fd1ee0090a2d248a5b7c32fb264c3e6acdd1fde4c60b32ab7754d68ca8fc99a7fa8dedb59b9274728198127c30962a18ca79bc334ca880e887d7c63bed3df3d0df6de21732c5a1b280e06bd7c759ea8b45d88975aec2669dfbd370925cbca8b4e2c91ccd58e3a0f5dc861ab7444dd64325e2975285cfc8a91748723eab358b0bb5426f432858cc2ef2cfbd871af1f7ed88d8c71ef190f93d41d5fd020cfd03cf46ea5cec39a0815dae003a64b914959189c7c38914f186af7acfb0152019228f411ba65e96c29bc35c824551ee7ff49f5b9e2fadb5e557f56fe0a297f813e9d508ba1000fc9a0b4e857703aa846cc392a98b9f095da29d1b1b26c588ecdc51028633fa675b8062e29b8499ea6bc28d038fa85502f3cf35fe4c7786566125c861c97e72b0bb71c97caa8bd2ddda5c6f9ef8543e456aa22d905282aebc2a4fc7aca81a061d28ab20c5ad7d1060ff465982ae9888cb6af3d0631c4d1675c3cc44c9613ce36e44baa1dc32b44c7011e89db64be71b691b965c38ed1a66e52d8e0cc1f41b81c8ca1798f805b18b5e5dd9f3d37208af85ffb95a51141a79c9033adccebb6611479f47b281f43322b2daf6e4d1d8584cddb8609bffabc61c50599a365c784aae248ae51d13a253f7e6136594e243790f204c623b7b38d9f0b6c82743d86f8669b9fba2428b21556f9e3e8fa7dd171efa23add952fb2ad7e0d3b670b13b6db87aea12a2d3f63bad5d64d8fe230e7104b2361e0e7c6f60e22be5a5a178622f51ce6132de6397ab33105dfed11ee7a96a616782dc9088e2a1ebd34451755f13c47f41063a072c47f6e8a3e25ec60bfe3d4ff4335ae3cc5a90ec71b3333babfd1eb286a41c7c4e620596bcfc7107fbf537bf41f80ba45616b98bdcb339755acb392f9fb91812a7b15b1d43f16a76efb91dd54091ff706f39d613ac5190b7ada5c8eed99886544e9c291728931e846ea31656e2c8ae294b8c5a25f504252596a5a2770d1d1a2f16f9d009a3e3a45cda7acaa29777197ed8f2c3f4ab9b3cf99097c77e68514e7a5dafb76f4ff6aff2fddabc8a472d750df6bc20436955256fc80a6d040f0d4db4ba0b528be8a4aa3066972e8174f4245f236aaccb34869dd1472bd07dd2206644e7e814c617ce4d0badea7842a3d27ae4b82107dc41eef6f37f59cd4013835da21b92503e936a2ba802f347cefd10bc0f4c41e6fa74c7a56b04a21e010b76aaf35997d8a9204e0637b307de5a9f6eeee83fa8e7fc2ad35bbeed40e7b763fdafd119a1e1f61fca556cb9f0c0fd1f1e45101adebd566b987a896a442487a3e9eb4ee9578122fe236746d5390e8d6d5afb1dff04ae3a7baf9319968fef6604fa8adcdd2afd002b9acd92a1eccf49839f3f64e6dfccef53f061863b7aa32fb4333933526781acf63483c61269299c9b593efc1e4101302f0cbe1650aea8e8fb2cb0ca6130b399dbd0d0741bb828fb72bf9ed50aca22241e1ba9f85defc0ed729bd4cd8c5d68ef6d5587c0fdf4316848c7dffab19610c23c81d18de23aa8a67f394a990adef3d5e833a299f3258240f29d70dba1f87ce410af69bfcd3b6413f71784206c16cfaa5bb3cd22cc7f03a3482700365863134dcd548fafc846edaa7abd473397f3eb17a4d8660e7c20e744cc513dec5ef499c1faa101ffbbfece3c524c712dc078093d2963595229f4246f888c52f36baf9b62d60bc8d06426a314aad5a0ff86a4362a91c2512a1df9ce49db11f81e2e23a585946c5d21dcd9e1213c03d81a3167e00fdb3bea7df60e8472e1bfa0edbde0b8ae5a3edf28a6a3752f000ecde320d1f4e954d5bfd34144b26869ec4f634862e99b3d20402ed3918ee31c6743d2e1df95cc21d03aabf2ef67bc88f3621f69794329bf1d6180f21dba21375b35295115973e94828033606000cb43de48e5d1f77facc5912887e70c37a1946dfad645e0d067337fdc850ead54e88d6e3f42f1ce0541aea35f08561786a6b626b890c88a0442300333e59dbe5336190c17bb29344508ca5ff29b6ef84b32ae596cfe9671b002e554ef3a36d04984d764c409edb0ad46522d58b598e962b752d10fe0313fd114a20847727e51e04dd8915b3bd24c872fbeed4a5c938859dfbe01faaeea4e8562ec0022c0b763504f613e96cdaddd16d338d2877d8968695269effa0d1220f351ddec15b2bc7893e89a0d421416be0a7742e2739c214f51e760f1f51f336cccef9e3534f2dd032387c12bd80c159ee030795cef269a641f65c07f36f2565412a1f548e04a4170795ee3125289c85018bb96d4e725c9f61265bc028a65f3031762e564c881f3eb1f06d65cf2c998356784442cb44769dd01e58994febb9c6fde8a723825d7c716f40953afa898eb25c9cfa209000bb65b0c204204e933d9b7f6720002b5b936ea714a8d84a51bf1267720757f6fdd0a7010bba3eafd47b3b051a7c78787283f9f88f5ff9cdab8697c2a738ba74bf956abaec4fedf571250956e626714f6ec9a1c986fb774987ee3ae7cd9dcbd1573ed22d3de31013daf86e32b285088e3246495b403eee3969eb47dfed1759e86a725afc0e0fe618f91333cc542922fd17546ea3d665cd56726308f686c96ecf10c4b6f214eaa94c86e2ec2bd6dc58979755a5e86550b522ec012149fbff711aaa80fba570b1970f2e130463c2c90d9d23f2f7c2e68b77da6520c5b81a9fb06d5b6f0280cc2d006545575db0f1a75443b6d87650b4ba406517a57a15c537f5b9b40babaaa376564adddc6a1ac6c13879403b210f63058712d533285cc420aa2153ce9c80aa43da385a8ce04bcdd246663042de94d55e80d5cc2da910479e7dcf1cf109598916ce9de5f78ca60b6d0cb9f9617abbe9ff02933b14d48d24b6edcc3332ddcf6ecc0c0e7fed1eda03462a66d4f915817e8680a2d54877de62bd119d2d0273109fda4a52fccfd17f56b8ab99e747ace27cd895e7ccab0d2906d573204b96c3bda73a1158452058be80e419b33d5c8f1b6c97f6c4e452634e8f83bf46f5fd3de4f99f618f580af36bc45c2a10b8b5861a357cff1177e9c119120ad92a4a40a58d1dbe3c94c610863103790c34c4eb6ab938336529043055eb1da667d16d51366729d0643ff35c3311dff7193aa0f898532869dd630d48033163b1d414b445434b84e06734de274f961ef55ef7e9d9c175ae922a1045cb4352d04763f389ab16651f903580ae8859fdfbdbdfd1cd760f9272e0e8161e4df6a2ddadfa745ef531fa264170e92a0ada6a8612f40be73d39d692813ee8f83b40f4cd0aa65805a1b6cc71fe9fbf1580f5d147f6f221357db40884efc697813a0895960e72501926023a514b01d92fa3b4bf7e0fcc6be958bef19e42dbf3d26626297470881957a8ee77600dfe7d9946573ffdd3dd00416d5e3e0425871a8f2550d26cf43978a9234dda31b9ac024647d0b62e133274878abf6be4bbb3c6dbdd1bead3501adec5822d05082a91641540422479f68bcaba2cae0f1382b2cafc12b5c93ab36ccacc1cda855f412f1e478485752fc226e3979ac2ab33b7553d41c7baf76402a7baa8e451d58aa5f8942fdc001d58de591ff6e2d8d5b7875f1d51e9cba0ff38a8fc49aae2777dd67b095b7122ac80fb033710989749../../share/grub2/x86_64-efi/grub.efi../../grub2/x86_64-efi/grub.efigrub.efirootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootgrub2-2.12-150600.8.34.1.src.rpmgrub2-efigrub2-x86_64-efi      /bin/sh/bin/shefibootmgrefibootmgrgrub2grub2perl-Bootloaderrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)2.122.123.0.4-14.6.0-14.0-15.2-14.14.3hh@hw@h@gggřg0@gg+Z@gfff@fJf@fU@f@f@f @ere7@eПepe@e@e@ee@eeL@ehy@e]@e\eV@eSa@e?e:Te9@e6`@e-%ee@eee@e@e e @d@ddܺ@d˖d\@d du@dS@dI@dBzdBzd>@d5Kd?@dJd@d@dd@c>@cc@c1c@cc=@cHccc@cR@c]c@c|c{h@ctcr-cr-c[@cV~@c>@c-c(Yc$e@c$e@c#c @b)b@b@b@b@bkb@baG@bT@b=b4t@b1@b+9b)@b)@b!@b b@aea@aq@aaa{a@a@aaqV@an@aKa7T@a/k@a.a @a @`]`ٹ`"@`@`@``@`q``}p`n@`P`J@`8`3`.V`U` l__t@_@__m_X_G@_A_?@_;_5+@__A@^x^U@^H^y@^t@^oj@^j$@^g@^Y^K^9\]e@]{@]@]@]W]]V]0_@]@]]@\ޢ@\ޢ@\-@\\\mA@\b@\N\J@\J@\I\HW@\@[@[@[[@[t[Q@[-[~[l,[j@[h8@[W[L[D[<[3|@[*A[#@[@Z@ZK@ZZJ@Z̧@Z@Z&ZZkZZ@Z@Zz@ZyZxG@Zg#Z*~ZOZ ZZNYeYA@YX@YY@YYYn@Yu@Y[@Y0YR@Y@X׭@Xg@X@XX~@XO@XZXXXX@XBX@XYXpXX@X|Xv@XlXfL@X=X @W@WiWWF@W@WWW@Wq@Wi,@WPW>@W=W'A@W!@WV@VՄ@VՄ@V@VT@VVvV$@VrVqR@VhVetVa@VV@VLh@V5V3[V2 @V#V @VV@UU@Uc@U@UUzUt2@Uq@Un@U]U[%UPUOH@U@U.RU/@UTTT[@T T@T@TT@T5TLTy@TeTR(@TR(@mchang@suse.comglin@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.combwiedemann@suse.commchang@suse.commchang@suse.commchang@suse.comgcomes.obs@gmail.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comglin@suse.commchang@suse.commchang@suse.comglin@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comfvogt@suse.comglin@suse.commchang@suse.comfvogt@suse.comglin@suse.commchang@suse.comglin@suse.comclin@suse.comschwab@suse.deglin@suse.comglin@suse.commchang@suse.commchang@suse.comdmueller@suse.commchang@suse.comglin@suse.comglin@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comhpj@urpla.netrw@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comglin@suse.comvalentin.lefebvre@suse.comglin@suse.commchang@suse.commchang@suse.commchang@suse.comglin@suse.commchang@suse.commchang@suse.commchang@suse.comglin@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comglin@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comlnussel@suse.demchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commsuchanek@suse.combjorn.lie@gmail.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commsuchanek@suse.commchang@suse.commchang@suse.commchang@suse.comfvogt@suse.comrw@suse.commchang@suse.commchang@suse.compvorel@suse.czseife+obs@b1-systems.comfvogt@suse.compvorel@suse.czmchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comnormand@linux.vnet.ibm.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comlnussel@suse.defvogt@suse.comlnussel@suse.derw@suse.commchang@suse.commchang@suse.comolaf@aepfle.demchang@suse.combwiedemann@suse.comschwab@suse.demchang@suse.comrw@suse.commchang@suse.commchang@suse.commsuchanek@suse.demchang@suse.commchang@suse.comrw@suse.comrw@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comguillaume.gardet@opensuse.orgjengelh@inai.demchang@suse.commchang@suse.comrw@suse.commchang@suse.commchang@suse.commchang@suse.comglin@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comdimstar@opensuse.orgjosef.moellers@suse.commchang@suse.commchang@suse.comjbohac@suse.czjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comkukuk@suse.deThomas.Blume@suse.comidonmez@suse.commchang@suse.commchang@suse.comjdelvare@suse.demchang@suse.commchang@suse.commsuchanek@suse.commchang@suse.commchang@suse.comiforster@suse.commchang@suse.commchang@suse.commchang@suse.comolaf@aepfle.demchang@suse.commchang@suse.commchang@suse.commchang@suse.comolaf@aepfle.dejmatejek@suse.commsuchanek@suse.commchang@suse.commlatimer@suse.commlatimer@suse.comagraf@suse.commchang@suse.commchang@suse.comrw@suse.combwiedemann@suse.comarvidjaar@gmail.commchang@suse.commchang@suse.comarvidjaar@gmail.comarvidjaar@gmail.comarvidjaar@gmail.commchang@suse.commchang@suse.comarvidjaar@gmail.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commsuchanek@suse.commchang@suse.comarvidjaar@gmail.commchang@suse.commchang@suse.comagraf@suse.comschwab@linux-m68k.orgmatwey.kornilov@gmail.commchang@suse.commchang@suse.comsor.alexei@meowr.rumchang@suse.commchang@suse.comdmueller@suse.commchang@suse.commatz@suse.comarvidjaar@gmail.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comro@suse.demchang@suse.comarvidjaar@gmail.comjengelh@inai.deagraf@suse.comolaf@aepfle.deagraf@suse.commchang@suse.commchang@suse.comarvidjaar@gmail.comagraf@suse.comagraf@suse.commchang@suse.comdvaleev@suse.commchang@suse.comarvidjaar@gmail.comolaf@aepfle.dearvidjaar@gmail.comarvidjaar@gmail.comolaf@aepfle.deolaf@aepfle.demchang@suse.comarvidjaar@gmail.comarvidjaar@gmail.commchang@suse.commchang@suse.comeich@suse.commchang@suse.commchang@suse.comdmueller@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comarvidjaar@gmail.commchang@suse.comagraf@suse.commchang@suse.comarvidjaar@gmail.commchang@suse.comarvidjaar@gmail.comdmueller@suse.commchang@suse.commchang@suse.comschwab@suse.demchang@suse.comarvidjaar@gmail.commchang@suse.commchang@suse.commchang@suse.commpluskal@suse.comschwab@suse.deschwab@suse.deschwab@suse.deagraf@suse.comledest@gmail.comledest@gmail.comjdelvare@suse.demchang@suse.com- Skip mount point in grub_find_device function (bsc#1246231) * 0001-getroot-Skip-mount-points-in-grub_find_device.patch- Fix CVE-2024-56738: side-channel attack due to not constant-time algorithm in grub_crypto_memcmp (bsc#1234959) * grub2-constant-time-grub_crypto_memcmp.patch- Fix test -f and -s do not work properly over the network files served via tftp and http (bsc#1246157) (bsc#1246237) * 0001-test-Fix-f-test-on-files-over-network.patch * 0002-http-Return-HTTP-status-code-in-http_establish.patch * 0003-docs-Clarify-test-for-files-on-TFTP-and-HTTP.patch * 0004-tftp-Fix-hang-when-file-is-a-directory.patch- Fix CVE-2025-4382: TPM auto-decryption data exposure (bsc#1242971) * 0001-kern-rescue_reader-Block-the-rescue-mode-until-the-C.patch * 0002-commands-search-Introduce-the-cryptodisk-only-argume.patch * 0003-disk-diskfilter-Introduce-the-cryptocheck-command.patch * 0004-commands-search-Add-the-diskfilter-support.patch * 0005-docs-Document-available-crypto-disks-checks.patch * 0006-disk-cryptodisk-Add-the-erase-secrets-function.patch * 0007-disk-cryptodisk-Wipe-the-passphrase-from-memory.patch * 0008-cryptocheck-Add-quiet-option.patch - patch rebased * 0001-Improve-TPM-key-protection-on-boot-interruptions.patch * 0004-Key-revocation-on-out-of-bound-file-access.patch - patch refrehed * 0002-Requiring-authentication-after-tpm-unlock-for-CLI-ac.patch- Refresh PPC NVMEoF ofpath related patches to newer revision * 0002-ieee1275-ofpath-enable-NVMeoF-logical-device-transla.patch - Patch refreshed * 0001-grub2-Set-multiple-device-path-for-a-nvmf-boot-devic.patch - Patch obsoleted * 0004-ofpath-controller-name-update.patch * 0001-squash-ieee1275-ofpath-enable-NVMeoF-logical-device-.patch - Fix segmentation fault error in grub2-probe with target=hints_string (bsc#1235971) (bsc#1235958) (bsc#1239651) * 0001-ofpath-Add-error-check-in-NVMEoF-device-translation.patch- Fix zfs.mo not found message when booting on legacy BIOS (bsc#1237865) * 0001-autofs-Ignore-zfs-not-found.patch- Cherry-pick upstream XFS fixes * 0001-fs-xfs-Add-new-superblock-features-added-in-Linux-6..patch * 0002-fs-xfs-Fix-grub_xfs_iterate_dir-return-value-in-case.patch - Fix "attempt to read of write outside of partition" error message (bsc#1237844) * 0003-fs-xfs-fix-large-extent-counters-incompat-feature-su.patch- Security fixes for 2024 * 0001-misc-Implement-grub_strlcpy.patch - Fix CVE-2024-45781 (bsc#1233617) * 0002-fs-ufs-Fix-a-heap-OOB-write.patch - Fix CVE-2024-56737 (bsc#1234958) - Fix CVE-2024-45782 (bsc#1233615) * 0003-fs-hfs-Fix-stack-OOB-write-with-grub_strcpy.patch - Fix CVE-2024-45780 (bsc#1233614) * 0004-fs-tar-Integer-overflow-leads-to-heap-OOB-write.patch - Fix CVE-2024-45783 (bsc#1233616) * 0005-fs-hfsplus-Set-a-grub_errno-if-mount-fails.patch * 0006-kern-file-Ensure-file-data-is-set.patch * 0007-kern-file-Implement-filesystem-reference-counting.patch - Fix CVE-2025-0624 (bsc#1236316) * 0008-net-Fix-OOB-write-in-grub_net_search_config_file.patch - Fix CVE-2024-45774 (bsc#1233609) * 0009-video-readers-jpeg-Do-not-permit-duplicate-SOF0-mark.patch - Fix CVE-2024-45775 (bsc#1233610) * 0010-commands-extcmd-Missing-check-for-failed-allocation.patch - Fix CVE-2025-0622 (bsc#1236317) * 0011-commands-pgp-Unregister-the-check_signatures-hooks-o.patch - Fix CVE-2025-0622 (bsc#1236317) * 0012-normal-Remove-variables-hooks-on-module-unload.patch - Fix CVE-2025-0622 (bsc#1236317) * 0013-gettext-Remove-variables-hooks-on-module-unload.patch - Fix CVE-2024-45776 (bsc#1233612) * 0014-gettext-Integer-overflow-leads-to-heap-OOB-write-or-.patch - Fix CVE-2024-45777 (bsc#1233613) * 0015-gettext-Integer-overflow-leads-to-heap-OOB-write.patch - Fix CVE-2025-0690 (bsc#1237012) * 0016-commands-read-Fix-an-integer-overflow-when-supplying.patch - Fix CVE-2025-1118 (bsc#1237013) * 0017-commands-minicmd-Block-the-dump-command-in-lockdown-.patch - Fix CVE-2024-45778 (bsc#1233606) - Fix CVE-2024-45779 (bsc#1233608) * 0018-fs-bfs-Disable-under-lockdown.patch - Fix CVE-2025-0677 (bsc#1237002) - Fix CVE-2025-0684 (bsc#1237008) - Fix CVE-2025-0685 (bsc#1237009) - Fix CVE-2025-0686 (bsc#1237010) - Fix CVE-2025-0689 (bsc#1237011) * 0019-fs-Disable-many-filesystems-under-lockdown.patch - Fix CVE-2025-1125 (bsc#1237014) - Fix CVE-2025-0678 (bsc#1237006) * 0020-fs-Prevent-overflows-when-allocating-memory-for-arra.patch - Bump upstream SBAT generation to 5- Fix CVE-2024-49504 (bsc#1229163) (bsc#1229164) - Restrict CLI access if the encrypted root device is automatically unlocked by the TPM. LUKS password authentication is required for access to be granted * 0001-cli_lock-Add-build-option-to-block-command-line-inte.patch * 0002-Requiring-authentication-after-tpm-unlock-for-CLI-ac.patch - Obsolete, as CLI access is now locked and granted access no longer requires the previous restrictions * 0002-Restrict-file-access-on-cryptodisk-print.patch * 0003-Restrict-ls-and-auto-file-completion-on-cryptodisk-p.patch - Rediff * 0004-Key-revocation-on-out-of-bound-file-access.patch- Fix xen package contains debug_info files with the .module suffix by moving them to a separate xen-debug subpackage (bsc#1232573)- Fix not a directory error from the minix filesystem, as leftover data on disk may contain its magic header so it gets misdetected (bsc#1231604) * grub2-install-fix-not-a-directory-error.patch- Fix OOM error in loading loopback file (bsc#1230840) * 0001-tpm-Skip-loopback-image-measurement.patch- Fix UEFI PXE boot failure on tagged VLAN network (bsc#1230263) * 0001-efinet-Skip-virtual-VLAN-devices-during-card-enumera.patch- Fix grub screen is filled with artifects from earlier post menu (bsc#1224465) * grub2-SUSE-Add-the-t-hotkey.patch * 0001-fix-grub-screen-filled-with-post-screen-artifects.patch- Fix crash in bli module (bsc#1226497) * 0001-bli-Fix-crash-in-get_part_uuid.patch- Fix btrfs subvolume for platform modules not mounting at runtime when the default subvolume is the topmost root tree (bsc#1228124) * grub2-btrfs-06-subvol-mount.patch - Rediff * 0001-Unify-the-check-to-enable-btrfs-relative-path.patch- Fix error in grub-install when root is on tmpfs (bsc#1226100) * 0001-grub-install-bailout-root-device-probing.patch- Fix input handling in ppc64le grub2 has high latency (bsc#1223535) * 0001-net-drivers-ieee1275-ofnet-Remove-200-ms-timeout-in-.patch- Fix os name is used for root file system mount (bsc#1220949) * 0001-10_linux-Ensure-persistence-of-root-file-system-moun.patch- Fix LPAR falls into grub shell after installation with lvm (bsc#1221866) * 0001-ofdisk-Enhance-canonical-path-handling-for-bootpath.patch- Fix memdisk becomes the default boot entry, resolving no graphic display device error in guest vnc console (bsc#1221779) * grub2-xen-pv-firmware.cfg- Fix grub.xen memdisk script doesn't look for /boot/grub/grub.cfg (bsc#1219248) (bsc#1181762) * grub2-xen-pv-firmware.cfg * 0001-disk-Optimize-disk-iteration-by-moving-memdisk-to-th.patch- Fix PowerPC grub loads 5 to 10 minutes slower on SLE-15-SP5 compared to SLE-15-SP2 (bsc#1217102) * add 0001-ofdisk-enhance-boot-time-by-focusing-on-boot-disk-re.patch * add 0002-ofdisk-add-early_log-support.patch- Sort tar file order for reproducible builds- Fix build error on gcc-14 (bsc#1218949) * 0001-squash-ieee1275-ofpath-enable-NVMeoF-logical-device-.patch- Remove magic number header field check on arm64 (bsc#1218783) * 0001-loader-arm64-efi-linux-Remove-magic-number-header-fi.patch- Reinstate the verification for a non-zero total entry count to skip unmapped data blocks (bsc#1218864) * 0001-fs-xfs-always-verify-the-total-number-of-entries-is-.patch - Removed temporary fix as reverting it will cause a different XFS parser bug * 0001-Revert-fs-xfs-Fix-XFS-directory-extent-parsing.patch- allow to boot memtest86 if stored in /usr/lib/memtest86+ * SR#1071109 can then work- Resolved XFS regression leading to the "not a correct XFS inode" error by temporarily reverting the problematic commit (bsc#1218864) * 0001-Revert-fs-xfs-Fix-XFS-directory-extent-parsing.patch- Version bump to 2.12 (PED-5589) * Added: - grub-2.12.tar.xz - fix_no_extra_deps_in_release_tarball.patch * Removed: - grub-2.12~rc1.tar.xz * Patch dropped as it merged into new version: - 0001-disk-cryptodisk-Fix-missing-change-when-updating-to-.patch - 0001-fs-btrfs-Zero-file-data-not-backed-by-extents.patch - 0001-fs-ntfs-Fix-an-OOB-write-when-parsing-the-ATTRIBUTE_.patch - 0002-fs-ntfs-Fix-an-OOB-read-when-reading-data-from-the-r.patch - 0003-fs-ntfs-Fix-an-OOB-read-when-parsing-directory-entri.patch - 0004-fs-ntfs-Fix-an-OOB-read-when-parsing-bitmaps-for-ind.patch - 0005-fs-ntfs-Fix-an-OOB-read-when-parsing-a-volume-label.patch - 0006-fs-ntfs-Make-code-more-readable.patch - 0001-kern-ieee1275-init-Restrict-high-memory-in-presence-.patch - 0001-fs-xfs-Incorrect-short-form-directory-data-boundary-.patch - 0002-fs-xfs-Fix-XFS-directory-extent-parsing.patch - 0003-fs-xfs-add-large-extent-counters-incompat-feature-su.patch - 0001-mkstandalone-ensure-stable-timestamps-for-generated-.patch - 0002-mkstandalone-ensure-deterministic-tar-file-creation-.patch * Patch adjusted for the updated base version: - use-grub2-as-a-package-name.patch - grub2-s390x-04-grub2-install.patch - grub2-btrfs-04-grub2-install.patch - grub2-ppc64le-disable-video.patch - 0002-AUDIT-0-http-boot-tracker-bug.patch - 0001-Unify-the-check-to-enable-btrfs-relative-path.patch - 0003-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch - 0004-Add-suport-for-signing-grub-with-an-appended-signatu.patch - 0016-grub-install-support-embedding-x509-certificates.patch - 0021-appended-signatures-documentation.patch - 0022-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch - safe_tpm_pcr_snapshot.patch- grub2.spec: Add ofnet to signed grub.elf to support powerpc net boot installation when secure boot is enabled (bsc#1217761) - Improved check for disk device when looking for PReP partition * 0004-Introduce-prep_load_env-command.patch- Fix reproducible build for grub.xen (bsc#1217619) * 0001-mkstandalone-ensure-stable-timestamps-for-generated-.patch * 0002-mkstandalone-ensure-deterministic-tar-file-creation-.patch- Fix unattended boot with TPM2 allows downgrading kernel and rootfs, also enhancing the overall security posture (bsc#1216680) * 0001-Improve-TPM-key-protection-on-boot-interruptions.patch * 0002-Restrict-file-access-on-cryptodisk-print.patch * 0003-Restrict-ls-and-auto-file-completion-on-cryptodisk-p.patch * 0004-Key-revocation-on-out-of-bound-file-access.patch- grub2.spec: Fix openQA test failure in SLE-15-SP6 due to missing font in memdisk- Update the TPM2 patches to skip the persistent SRK handle if not specified and improve the error messages + 0003-protectors-Add-TPM2-Key-Protector.patch + 0005-util-grub-protect-Add-new-tool.patch + 0004-tpm2-Support-authorized-policy.patch- Fix XFS regression in 2.12~rc1 and support large extent counters * 0001-fs-xfs-Incorrect-short-form-directory-data-boundary-.patch * 0002-fs-xfs-Fix-XFS-directory-extent-parsing.patch * 0003-fs-xfs-add-large-extent-counters-incompat-feature-su.patch- Fix fadump not working with 1GB/2GB/4GB LMB[P10] (bsc#1216253) * 0001-kern-ieee1275-init-Restrict-high-memory-in-presence-.patch- Fix a potential error when appending multiple keys into the synthesized initrd * Fix-the-size-calculation-for-the-synthesized-initrd.patch- Fix Xen chainloding error of no matching file path found (bsc#1216081) * grub2-efi-chainload-harder.patch- Use grub-tpm2 token to unlock keyslots to make the unsealing process more efficient and secure. * 0001-luks2-Use-grub-tpm2-token-for-TPM2-protected-volume-.patch- Fix detection of encrypted disk's uuid in powerpc to cope with logical disks when signed image installation is specified (bsc#1216075) * 0003-grub-install-support-prep-environment-block.patch - grub2.spec: Add support to unlocking multiple encrypted disks in signed grub.elf image for logical disks- Fix CVE-2023-4692 (bsc#1215935) - Fix CVE-2023-4693 (bsc#1215936) * 0001-fs-ntfs-Fix-an-OOB-write-when-parsing-the-ATTRIBUTE_.patch * 0002-fs-ntfs-Fix-an-OOB-read-when-reading-data-from-the-r.patch * 0003-fs-ntfs-Fix-an-OOB-read-when-parsing-directory-entri.patch * 0004-fs-ntfs-Fix-an-OOB-read-when-parsing-bitmaps-for-ind.patch * 0005-fs-ntfs-Fix-an-OOB-read-when-parsing-a-volume-label.patch * 0006-fs-ntfs-Make-code-more-readable.patch - Bump upstream SBAT generation to 4- Add patch to fix reading files from btrfs with "implicit" holes: * 0001-fs-btrfs-Zero-file-data-not-backed-by-extents.patch- Update the TPM 2.0 patches to support more RSA and ECC algorithms * 0002-tpm2-Add-TPM-Software-Stack-TSS.patch * 0003-protectors-Add-TPM2-Key-Protector.patch * 0005-util-grub-protect-Add-new-tool.patch- Remove build require for gcc-32bit, target platform didn't rely on libgcc function shipped with compiler but rather using functions supplied in grub directly.- Add BuildIgnore to break cycle with the branding package- Only build with fde-tpm-helper-rpm-macros for the architectures supporting the newer UEFI and TPM 2.0. * Also correct the location of %fde_tpm_update_requires- Fix a boot delay regression in PowerPC PXE boot (bsc#1201300) * 0001-ieee1275-ofdisk-retry-on-open-and-read-failure.patch- Add the new BuildRequires for EFI builds for the better FDE support: fde-tpm-helper-rpm-macros + Also add the the macros to %post and %posttrans- Correct the type of allocated EFI pages for ARM64 kernel (bsc#1215151) * arm64-Use-proper-memory-type-for-kernel-allocation.patch- grub2-mkconfig-riscv64.patch: Handle riscv64 in mkconfig- Implement NV index mode for TPM 2.0 key protector 0001-protectors-Implement-NV-index.patch - Fall back to passphrase mode when the key protector fails to unlock the disk 0002-cryptodisk-Fallback-to-passphrase.patch - Wipe out the cached key cleanly 0003-cryptodisk-wipe-out-the-cached-keys-from-protectors.patch - Make diskfiler to look up cryptodisk devices first 0004-diskfilter-look-up-cryptodisk-devices-first.patch- Change the bash-completion directory (bsc#1213855) * grub2-change-bash-completion-dir.patch- Version bump to 2.12~rc1 (PED-5589) * Added: - grub-2.12~rc1.tar.xz * Removed: - grub-2.06.tar.xz * Patch dropped merged by new version: - grub2-GRUB_CMDLINE_LINUX_RECOVERY-for-recovery-mode.patch - grub2-s390x-02-kexec-module-added-to-emu.patch - grub2-efi-chainloader-root.patch - grub2-Fix-incorrect-netmask-on-ppc64.patch - 0001-osdep-Introduce-include-grub-osdep-major.h-and-use-i.patch - 0002-osdep-linux-hostdisk-Use-stat-instead-of-udevadm-for.patch - 0002-net-read-bracketed-ipv6-addrs-and-port-numbers.patch - grub2-s390x-10-keep-network-at-kexec.patch - 0001-Fix-build-error-in-binutils-2.36.patch - 0001-emu-fix-executable-stack-marking.patch - 0046-squash-verifiers-Move-verifiers-API-to-kernel-image.patch - 0001-30_uefi-firmware-fix-printf-format-with-null-byte.patch - 0001-tpm-Pass-unknown-error-as-non-fatal-but-debug-print-.patch - 0001-Filter-out-POSIX-locale-for-translation.patch - 0001-disk-diskfilter-Use-nodes-in-logical-volume-s-segmen.patch - 0001-fs-xfs-Fix-unreadable-filesystem-with-v4-superblock.patch - 0001-fs-btrfs-Make-extent-item-iteration-to-handle-gaps.patch - 0001-grub-mkconfig-restore-umask-for-grub.cfg.patch - 0001-ieee1275-Drop-HEAP_MAX_ADDR-and-HEAP_MIN_SIZE-consta.patch - 0002-ieee1275-claim-more-memory.patch - 0003-ieee1275-request-memory-with-ibm-client-architecture.patch - 0001-RISC-V-Adjust-march-flags-for-binutils-2.38.patch - 0001-mkimage-Fix-dangling-pointer-may-be-used-error.patch - 0002-Fix-Werror-array-bounds-array-subscript-0-is-outside.patch - 0003-reed_solomon-Fix-array-subscript-0-is-outside-array-.patch - 0001-powerpc-do-CAS-in-a-more-compatible-way.patch - 0001-libc-config-merge-from-glibc.patch - 0001-video-Remove-trailing-whitespaces.patch - 0002-loader-efi-chainloader-Simplify-the-loader-state.patch - 0003-commands-boot-Add-API-to-pass-context-to-loader.patch - 0004-loader-efi-chainloader-Use-grub_loader_set_ex.patch - 0005-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch - 0006-kern-file-Do-not-leak-device_name-on-error-in-grub_f.patch - 0007-video-readers-png-Abort-sooner-if-a-read-operation-f.patch - 0008-video-readers-png-Refuse-to-handle-multiple-image-he.patch - 0009-video-readers-png-Drop-greyscale-support-to-fix-heap.patch - 0010-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch - 0011-video-readers-png-Sanity-check-some-huffman-codes.patch - 0012-video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch - 0013-video-readers-jpeg-Do-not-reallocate-a-given-huff-ta.patch - 0014-video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch - 0015-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch - 0016-normal-charset-Fix-array-out-of-bounds-formatting-un.patch - 0017-net-ip-Do-IP-fragment-maths-safely.patch - 0018-net-netbuff-Block-overly-large-netbuff-allocs.patch - 0019-net-dns-Fix-double-free-addresses-on-corrupt-DNS-res.patch - 0020-net-dns-Don-t-read-past-the-end-of-the-string-we-re-.patch - 0021-net-tftp-Prevent-a-UAF-and-double-free-from-a-failed.patch - 0022-net-tftp-Avoid-a-trivial-UAF.patch - 0023-net-http-Do-not-tear-down-socket-if-it-s-already-bee.patch - 0024-net-http-Fix-OOB-write-for-split-http-headers.patch - 0025-net-http-Error-out-on-headers-with-LF-without-CR.patch - 0026-fs-f2fs-Do-not-read-past-the-end-of-nat-journal-entr.patch - 0027-fs-f2fs-Do-not-read-past-the-end-of-nat-bitmap.patch - 0028-fs-f2fs-Do-not-copy-file-names-that-are-too-long.patch - 0029-fs-btrfs-Fix-several-fuzz-issues-with-invalid-dir-it.patch - 0030-fs-btrfs-Fix-more-ASAN-and-SEGV-issues-found-with-fu.patch - 0031-fs-btrfs-Fix-more-fuzz-issues-related-to-chunks.patch - 0032-Use-grub_loader_set_ex-for-secureboot-chainloader.patch - 0001-luks2-Add-debug-message-to-align-with-luks-and-geli-.patch - 0002-cryptodisk-Refactor-to-discard-have_it-global.patch - 0003-cryptodisk-Return-failure-in-cryptomount-when-no-cry.patch - 0004-cryptodisk-Improve-error-messaging-in-cryptomount-in.patch - 0005-cryptodisk-Improve-cryptomount-u-error-message.patch - 0006-cryptodisk-Add-infrastructure-to-pass-data-from-cryp.patch - 0007-cryptodisk-Refactor-password-input-out-of-crypto-dev.patch - 0008-cryptodisk-Move-global-variables-into-grub_cryptomou.patch - 0009-cryptodisk-Improve-handling-of-partition-name-in-cry.patch - 0001-crytodisk-fix-cryptodisk-module-looking-up.patch - 0001-devmapper-getroot-Have-devmapper-recognize-LUKS2.patch - 0002-devmapper-getroot-Set-up-cheated-LUKS2-cryptodisk-mo.patch - 0003-disk-cryptodisk-When-cheatmounting-use-the-sector-in.patch - 0004-normal-menu-Don-t-show-Booting-s-msg-when-auto-booti.patch - 0005-EFI-suppress-the-Welcome-to-GRUB-message-in-EFI-buil.patch - 0006-EFI-console-Do-not-set-colorstate-until-the-first-te.patch - 0007-EFI-console-Do-not-set-cursor-until-the-first-text-o.patch - efi-set-variable-with-attrs.patch - 0001-mm-Allow-dynamically-requesting-additional-memory-re.patch - 0002-kern-efi-mm-Always-request-a-fixed-number-of-pages-o.patch - 0003-kern-efi-mm-Extract-function-to-add-memory-regions.patch - 0004-kern-efi-mm-Pass-up-errors-from-add_memory_regions.patch - 0005-kern-efi-mm-Implement-runtime-addition-of-pages.patch - 0001-kern-efi-mm-Enlarge-the-default-heap-size.patch - 0002-mm-Defer-the-disk-cache-invalidation.patch - 0001-grub-install-set-point-of-no-return-for-powerpc-ieee1275.patch - 0001-commands-efi-tpm-Refine-the-status-of-log-event.patch - 0002-commands-efi-tpm-Use-grub_strcpy-instead-of-grub_mem.patch - 0003-efi-tpm-Add-EFI_CC_MEASUREMENT_PROTOCOL-support.patch - 0001-ibmvtpm-Add-support-for-trusted-boot-using-a-vTPM-2..patch - 0002-ieee1275-implement-vec5-for-cas-negotiation.patch - 0001-font-Reject-glyphs-exceeds-font-max_glyph_width-or-f.patch - 0002-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch - 0003-font-Fix-several-integer-overflows-in-grub_font_cons.patch - 0004-font-Remove-grub_font_dup_glyph.patch - 0005-font-Fix-integer-overflow-in-ensure_comb_space.patch - 0006-font-Fix-integer-overflow-in-BMP-index.patch - 0007-font-Fix-integer-underflow-in-binary-search-of-char-.patch - 0008-fbutil-Fix-integer-overflow.patch - 0009-font-Fix-an-integer-underflow-in-blit_comb.patch - 0010-font-Harden-grub_font_blit_glyph-and-grub_font_blit_.patch - 0011-font-Assign-null_font-to-glyphs-in-ascii_font_glyph.patch - 0012-normal-charset-Fix-an-integer-overflow-in-grub_unico.patch - 0001-fs-btrfs-Use-full-btrfs-bootloader-area.patch - 0001-ieee1275-Increase-initially-allocated-heap-from-1-4-.patch - 0001-grub-core-modify-sector-by-sysfs-as-disk-sector.patch - grub2-add-module-for-boot-loader-interface.patch - 0001-ieee1275-Further-increase-initially-allocated-heap-f.patch - 0002-tpm-Disable-tpm-verifier-if-tpm-is-not-present.patch - 0001-RISC-V-Handle-R_RISCV_CALL_PLT-reloc.patch - 0001-loader-linux-Ensure-the-newc-pathname-is-NULL-termin.patch - 0001-kern-ieee1275-init-Convert-plain-numbers-to-constant.patch - 0002-kern-ieee1275-init-Extended-support-in-Vec5.patch - 0001-fs-ext2-Ignore-checksum-seed-incompat-feature.patch - 0001-fs-ext2-Ignore-the-large_dir-incompat-feature.patch * Patch modified to new base version: - use-grub2-as-a-package-name.patch - grub2-fix-menu-in-xen-host-server.patch - grub2-secureboot-add-linuxefi.patch - grub2-secureboot-chainloader.patch - grub2-s390x-01-Changes-made-and-files-added-in-order-to-allow-s390x.patch - grub2-s390x-03-output-7-bit-ascii.patch - grub2-s390x-04-grub2-install.patch - grub2-use-rpmsort-for-version-sorting.patch - grub2-getroot-treat-mdadm-ddf-as-simple-device.patch - grub2-grubenv-in-btrfs-header.patch - grub2-commands-introduce-read_file-subcommand.patch - grub2-efi-chainload-harder.patch - grub2-emu-4-all.patch - grub2-util-30_os-prober-multiple-initrd.patch - grub2-install-fix-not-a-directory-error.patch - grub-install-force-journal-draining-to-ensure-data-i.patch - grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch - grub2-btrfs-04-grub2-install.patch - grub2-btrfs-05-grub2-mkconfig.patch - grub2-btrfs-06-subvol-mount.patch - grub2-efi-xen-chainload.patch - grub2-efi-xen-cmdline.patch - grub2-efi-xen-removable.patch - grub2-suse-remove-linux-root-param.patch - grub2-ppc64le-disable-video.patch - grub2-install-remove-useless-check-PReP-partition-is-empty.patch - 0004-efinet-UEFI-IPv6-PXE-support.patch - 0007-efinet-Setting-network-from-UEFI-device-path.patch - 0008-efinet-Setting-DNS-server-from-UEFI-protocol.patch - 0001-add-support-for-UEFI-network-protocols.patch - grub2-mkconfig-default-entry-correction.patch - grub2-s390x-11-secureboot.patch - grub2-secureboot-install-signed-grub.patch - grub2-gfxmenu-support-scrolling-menu-entry-s-text.patch - 0002-cmdline-Provide-cmdline-functions-as-module.patch - 0001-efi-linux-provide-linux-command.patch - 0001-Add-support-for-Linux-EFI-stub-loading-on-aarch64.patch - 0004-arm-arm64-loader-Better-memory-allocation-and-error-.patch - 0002-Arm-check-for-the-PE-magic-for-the-compiled-arch.patch - 0001-Factor-out-grub_efi_linux_boot.patch - 0003-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch - 0015-test_asn1-test-module-for-libtasn1.patch - 0021-appended-signatures-documentation.patch - 0022-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch - 0003-grub-install-support-prep-environment-block.patch - 0004-Introduce-prep_load_env-command.patch - 0001-grub-install-bailout-root-device-probing.patch - 0001-install-fix-software-raid1-on-esp.patch - 0001-ofdisk-improve-boot-time-by-lookup-boot-disk-first.patch - 0001-protectors-Add-key-protectors-framework.patch - 0002-tpm2-Add-TPM-Software-Stack-TSS.patch - 0004-cryptodisk-Support-key-protectors.patch - 0008-linuxefi-Use-common-grub_initrd_load.patch - 0009-Add-crypttab_entry-to-obviate-the-need-to-input-pass.patch - grub-read-pcr.patch - tpm-record-pcrs.patch - 0001-clean-up-crypttab-and-linux-modules-dependency.patch * Patch refreshed: - rename-grub-info-file-to-grub2.patch - grub2-linux.patch - grub2-simplefb.patch - grub2-ppc-terminfo.patch - grub2-pass-corret-root-for-nfsroot.patch - grub2-efi-HP-workaround.patch - grub2-secureboot-no-insmod-on-sb.patch - grub2-linuxefi-fix-boot-params.patch - grub2-s390x-05-grub2-mkconfig.patch - grub2-xen-linux16.patch - grub2-efi-disable-video-cirrus-and-bochus.patch - grub2-vbe-blacklist-preferred-1440x900x32.patch - grub2-mkconfig-aarch64.patch - grub2-menu-unrestricted.patch - grub2-mkconfig-arm.patch - grub2-s390x-06-loadparm.patch - grub2-s390x-07-add-image-param-for-zipl-setup.patch - grub2-s390x-08-workaround-part-to-disk.patch - grub2-diskfilter-support-pv-without-metadatacopies.patch - grub2-getroot-support-nvdimm.patch - grub2-s390x-skip-zfcpdump-image.patch - grub2-btrfs-02-export-subvolume-envvars.patch - grub2-btrfs-03-follow_default.patch - grub2-btrfs-07-subvol-fallback.patch - grub2-btrfs-08-workaround-snapshot-menu-default-entry.patch - grub2-btrfs-09-get-default-subvolume.patch - grub2-btrfs-10-config-directory.patch - grub2-efi-xen-cfg-unquote.patch - grub2-Add-hidden-menu-entries.patch - grub2-SUSE-Add-the-t-hotkey.patch - grub2-ppc64le-memory-map.patch - grub2-ppc64-cas-reboot-support.patch - grub2-ppc64-cas-new-scope.patch - grub2-ppc64-cas-fix-double-free.patch - 0003-bootp-New-net_bootp6-command.patch - 0005-grub.texi-Add-net_bootp6-doument.patch - 0006-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch - 0012-tpm-Build-tpm-as-module.patch - 0002-AUDIT-0-http-boot-tracker-bug.patch - grub2-btrfs-help-on-snapper-rollback.patch - grub2-video-limit-the-resolution-for-fixed-bimap-font.patch - 0001-kern-mm.c-Make-grub_calloc-inline.patch - 0001-Unify-the-check-to-enable-btrfs-relative-path.patch - 0002-arm64-make-sure-fdt-has-address-cells-and-size-cells.patch - 0003-Make-grub_error-more-verbose.patch - 0001-ieee1275-Avoiding-many-unecessary-open-close.patch - 0001-Workaround-volatile-efi-boot-variable.patch - 0001-templates-Follow-the-path-of-usr-merged-kernel-confi.patch - 0004-Try-to-pick-better-locations-for-kernel-and-initrd.patch - 0004-Add-suport-for-signing-grub-with-an-appended-signatu.patch - 0005-docs-grub-Document-signing-grub-under-UEFI.patch - 0006-docs-grub-Document-signing-grub-with-an-appended-sig.patch - 0007-dl-provide-a-fake-grub_dl_set_persistent-for-the-emu.patch - 0008-pgp-factor-out-rsa_pad.patch - 0010-posix_wrap-tweaks-in-preparation-for-libtasn1.patch - 0011-libtasn1-import-libtasn1-4.18.0.patch - 0014-libtasn1-compile-into-asn1-module.patch - 0016-grub-install-support-embedding-x509-certificates.patch - 0017-appended-signatures-import-GNUTLS-s-ASN.1-descriptio.patch - 0018-appended-signatures-parse-PKCS-7-signedData-and-X.50.patch - 0019-appended-signatures-support-verifying-appended-signa.patch - 0020-appended-signatures-verification-tests.patch - 0001-grub-install-Add-SUSE-signed-image-support-for-power.patch - 0002-Add-grub_disk_write_tail-helper-function.patch - 0005-export-environment-at-start-up.patch - 0001-Fix-infinite-boot-loop-on-headless-system-in-qemu.patch - 0003-protectors-Add-TPM2-Key-Protector.patch - 0005-util-grub-protect-Add-new-tool.patch - 0010-templates-import-etc-crypttab-to-grub.cfg.patch - grub-install-record-pcrs.patch - safe_tpm_pcr_snapshot.patch - 0002-Mark-environmet-blocks-as-used-for-image-embedding.patch - 0001-grub2-Set-multiple-device-path-for-a-nvmf-boot-devic.patch - 0002-discard-cached-key-before-entering-grub-shell-and-ed.patch - 0001-ieee1275-ofdisk-retry-on-open-and-read-failure.patch - 0002-Restrict-cryptsetup-key-file-permission-for-better-s.patch * New: - 0001-xen_boot-add-missing-grub_arch_efi_linux_load_image_.patch - 0001-font-Try-memdisk-fonts-with-the-same-name.patch - 0001-Make-grub.cfg-compatible-to-old-binaries.patch - 0001-disk-cryptodisk-Fix-missing-change-when-updating-to-.patch * Embedding fonts in the grub.efi to get signed for secure boot- Fix error message "unknown command tpm_record_pcrs" with encrypted boot and no tpm device present (bsc#1213547) * 0002-tpm-Disable-tpm-verifier-if-tpm-is-not-present.patch- add 0001-fs-ext2-Ignore-checksum-seed-incompat-feature.patch, 0001-fs-ext2-Ignore-the-large_dir-incompat-feature.patch: * support more featureful extX filesystems (backport from upstream git)- grub2-once: Fix 'sh: terminal_output: command not found' error (bsc#1204563)- Exclude the deprecated EFI location, /usr/lib64/efi/, from Tumbleweed and ALP- Update TPM 2.0 key unsealing patches * Add the new upstreaming patches 0001-protectors-Add-key-protectors-framework.patch 0002-tpm2-Add-TPM-Software-Stack-TSS.patch 0003-protectors-Add-TPM2-Key-Protector.patch 0004-cryptodisk-Support-key-protectors.patch 0005-util-grub-protect-Add-new-tool.patch * Add the authorized policy patches based on the upstreaming patches 0001-tpm2-Add-TPM2-types-structures-and-command-constants.patch 0002-tpm2-Add-more-marshal-unmarshal-functions.patch 0003-tpm2-Implement-more-TPM2-commands.patch 0004-tpm2-Support-authorized-policy.patch * Drop the old patches 0010-protectors-Add-key-protectors-framework.patch 0011-tpm2-Add-TPM-Software-Stack-TSS.patch 0012-protectors-Add-TPM2-Key-Protector.patch 0013-cryptodisk-Support-key-protectors.patch 0014-util-grub-protect-Add-new-tool.patch fix-tpm2-build.patch tpm-protector-dont-measure-sealed-key.patch tpm-protector-export-secret-key.patch grub-unseal-debug.patch 0001-tpm2-adjust-the-input-parameters-of-TPM2_EvictContro.patch 0002-tpm2-declare-the-input-arguments-of-TPM2-functions-a.patch 0003-tpm2-resend-the-command-on-TPM_RC_RETRY.patch 0004-tpm2-add-new-TPM2-types-structures-and-command-const.patch 0005-tpm2-add-more-marshal-unmarshal-functions.patch 0006-tpm2-check-the-command-parameters-of-TPM2-commands.patch 0007-tpm2-pack-the-missing-authorization-command-for-TPM2.patch 0008-tpm2-allow-some-command-parameters-to-be-NULL.patch 0009-tpm2-remove-the-unnecessary-variables.patch 0010-tpm2-add-TPM2-commands-to-support-authorized-policy.patch 0011-tpm2-make-the-file-reading-unmarshal-functions-gener.patch 0012-tpm2-initialize-the-PCR-selection-list-early.patch 0013-tpm2-support-unsealing-key-with-authorized-policy.patch * Refresh grub-read-pcr.patch * Introduce a new build requirement: libtasn1-devel - Only package grub2-protect for the architectures with EFI support- Fix PowerVS deployment fails to boot with 90 cores (bsc#1208581) * 0001-kern-ieee1275-init-Convert-plain-numbers-to-constant.patch * 0002-kern-ieee1275-init-Extended-support-in-Vec5.patch- Fix no prep partition error on non-PReP architectures by making the prep_loadenv module exclusive to powerpc_ieee1275 platform (bsc#1210489) * 0004-Introduce-prep_load_env-command.patch - Fix the issue of freeing an uninitialized pointer * 0002-prep_loadenv-Fix-regex-for-Open-Firmware-device-spec.patch - Rediff * 0005-export-environment-at-start-up.patch * 0009-Add-crypttab_entry-to-obviate-the-need-to-input-pass.patch- Resolve some issues with OS boot failure on PPC NVMe-oF disks and made enhancements to PPC secure boot's root device discovery config (bsc#1207230) - Ensure get_devargs and get_devname functions are consistent * 0001-openfw-Ensure-get_devargs-and-get_devname-functions-.patch - Fix regex for Open Firmware device specifier with encoded commas * 0002-prep_loadenv-Fix-regex-for-Open-Firmware-device-spec.patch - Fix regular expression in PPC secure boot config to prevent escaped commas from being treated as delimiters when retrieving partition substrings. - Use prep_load_env in PPC secure boot config to handle unset host-specific environment variables and ensure successful command execution. * 0004-Introduce-prep_load_env-command.patch - Refreshed * 0005-export-environment-at-start-up.patch- Fix aarch64 kiwi image's file not found due to '/@' prepended to path in btrfs filesystem. (bsc#1209165) * grub2-btrfs-05-grub2-mkconfig.patch- Restrict cryptsetup key file permission for better security (bsc#1207499) * 0001-loader-linux-Ensure-the-newc-pathname-is-NULL-termin.patch * 0002-Restrict-cryptsetup-key-file-permission-for-better-s.patch- Meanwhile, memtest86+ gained EFI support, but using the grub command line to run it manually is quite tedious... Adapt 20_memtest86+ to provide a proper menu entry. Executing memtest requires to turn security off in BIOS: (Boot Mode: Other OS).- Tolerate kernel moved out of /boot. (bsc#1184804) * grub2-s390x-12-zipl-setup-usrmerge.patch- Discard cached key from grub shell and editor mode * 0001-clean-up-crypttab-and-linux-modules-dependency.patch * 0002-discard-cached-key-before-entering-grub-shell-and-ed.patch- Make grub more robust against storage race condition causing system boot failures (bsc#1189036) * 0001-ieee1275-ofdisk-retry-on-open-and-read-failure.patch- Fix riscv64 error for relocation 0x13 is not implemented yet * 0001-RISC-V-Handle-R_RISCV_CALL_PLT-reloc.patch- Fix out of memory error on lpar installation from virtual cdrom (bsc#1208024) * 0001-ieee1275-Further-increase-initially-allocated-heap-f.patch * 0002-tpm-Disable-tpm-verifier-if-tpm-is-not-present.patch - Fix lpar got hung at grub after inactive migration (bsc#1207684) * 0002-ieee1275-implement-vec5-for-cas-negotiation.patch - Rediff * safe_tpm_pcr_snapshot.patch - Patch supersceded * 0001-tpm-Disable-tpm-verifier-if-tpm-is-not-present.patch- Refresh 0003-tpm2-resend-the-command-on-TPM_RC_RETRY.patch to handle the TPM2 responseCode correctly.- Add module for boot loader interface. Needed for load Unified Kernel Image (UKI) * grub2-add-module-for-boot-loader-interface.patch- Amend the TPM2 stack and add authorized policy mode to tpm2_key_protector * 0001-tpm2-adjust-the-input-parameters-of-TPM2_EvictContro.patch * 0002-tpm2-declare-the-input-arguments-of-TPM2-functions-a.patch * 0003-tpm2-resend-the-command-on-TPM_RC_RETRY.patch * 0004-tpm2-add-new-TPM2-types-structures-and-command-const.patch * 0005-tpm2-add-more-marshal-unmarshal-functions.patch * 0006-tpm2-check-the-command-parameters-of-TPM2-commands.patch * 0007-tpm2-pack-the-missing-authorization-command-for-TPM2.patch * 0008-tpm2-allow-some-command-parameters-to-be-NULL.patch * 0009-tpm2-remove-the-unnecessary-variables.patch * 0010-tpm2-add-TPM2-commands-to-support-authorized-policy.patch * 0011-tpm2-make-the-file-reading-unmarshal-functions-gener.patch * 0012-tpm2-initialize-the-PCR-selection-list-early.patch * 0013-tpm2-support-unsealing-key-with-authorized-policy.patch- Fix nvmf boot device setup (bsc#1207811) * 0001-grub2-Can-t-setup-a-default-boot-device-correctly-on.patch- Fix unknown filesystem error on disks with 4096 sector size (bsc#1207064) * 0001-grub-core-modify-sector-by-sysfs-as-disk-sector.patch- Fix GCC 13 build failure (bsc#1201089) * 0002-AUDIT-0-http-boot-tracker-bug.patch- Move unsupported zfs modules into 'extras' packages (bsc#1205554) (PED-2947)- Fix inappropriately including commented lines in crypttab (bsc#1206279) * 0010-templates-import-etc-crypttab-to-grub.cfg.patch- Make grub.cfg invariant to efi and legacy platforms (bsc#1205200) - Removed patch linuxefi * grub2-secureboot-provide-linuxefi-config.patch * grub2-secureboot-use-linuxefi-on-uefi-in-os-prober.patch * grub2-secureboot-use-linuxefi-on-uefi.patch - Rediff * grub2-btrfs-05-grub2-mkconfig.patch * grub2-efi-xen-cmdline.patch * grub2-s390x-05-grub2-mkconfig.patch * grub2-suse-remove-linux-root-param.patch- Setup multiple device paths for a nvmf boot device (bsc#1205666) * 0001-grub2-Set-multiple-device-path-for-a-nvmf-boot-devic.patch- Increase the path buffer in the crypttab command for the long volume name (bsc#1206333) * grub2-increase-crypttab-path-buffer.patch- Add tpm to signed grub.elf image (PED-1990) (bsc#1205912) - Increase initial heap size from 1/4 to 1/3 * 0001-ieee1275-Increase-initially-allocated-heap-from-1-4-.patch- Make full utilization of btrfs bootloader area (bsc#1161823) * 0001-fs-btrfs-Use-full-btrfs-bootloader-area.patch * 0002-Mark-environmet-blocks-as-used-for-image-embedding.patch - Patch removed * 0001-i386-pc-build-btrfs-zstd-support-into-separate-modul.patch- Fix regression of reverting back to asking password twice when a keyfile is already used (bsc#1205309) * 0010-templates-import-etc-crypttab-to-grub.cfg.patch- Security fixes and hardenings * 0001-font-Reject-glyphs-exceeds-font-max_glyph_width-or-f.patch * 0002-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch - Fix CVE-2022-2601 (bsc#1205178) * 0003-font-Fix-several-integer-overflows-in-grub_font_cons.patch * 0004-font-Remove-grub_font_dup_glyph.patch * 0005-font-Fix-integer-overflow-in-ensure_comb_space.patch * 0006-font-Fix-integer-overflow-in-BMP-index.patch * 0007-font-Fix-integer-underflow-in-binary-search-of-char-.patch * 0008-fbutil-Fix-integer-overflow.patch - Fix CVE-2022-3775 (bsc#1205182) * 0009-font-Fix-an-integer-underflow-in-blit_comb.patch * 0010-font-Harden-grub_font_blit_glyph-and-grub_font_blit_.patch * 0011-font-Assign-null_font-to-glyphs-in-ascii_font_glyph.patch * 0012-normal-charset-Fix-an-integer-overflow-in-grub_unico.patch - Bump upstream SBAT generation to 3- Removed 0001-linux-fix-efi_relocate_kernel-failure.patch as reported regression in some hardware being stuck in initrd loading (bsc#1205380)- Fix password asked twice if third field in crypttab not present (bsc#1205312) * 0009-Add-crypttab_entry-to-obviate-the-need-to-input-pass.patch- NVMeoFC support on grub (jsc#PED-996) * 0001-ieee1275-add-support-for-NVMeoFC.patch * 0002-ieee1275-ofpath-enable-NVMeoF-logical-device-transla.patch * 0003-ieee1275-change-the-logic-of-ieee1275_get_devargs.patch * 0004-ofpath-controller-name-update.patch - TDX: Enhance grub2 measurement to TD RTMR (jsc#PED-1265) * 0001-commands-efi-tpm-Refine-the-status-of-log-event.patch * 0002-commands-efi-tpm-Use-grub_strcpy-instead-of-grub_mem.patch * 0003-efi-tpm-Add-EFI_CC_MEASUREMENT_PROTOCOL-support.patch - Measure the kernel on POWER10 and extend TPM PCRs (PED-1990) * 0001-ibmvtpm-Add-support-for-trusted-boot-using-a-vTPM-2..patch * 0002-ieee1275-implement-vec5-for-cas-negotiation.patch - Fix efi pcr snapshot related funtion is defined but not used on powerpc platform. * safe_tpm_pcr_snapshot.patch- Include loopback into signed grub2 image (jsc#PED-2150)- Fix firmware oops after disk decrypting failure (bsc#1204037) * 0009-Add-crypttab_entry-to-obviate-the-need-to-input-pass.patch- Add patch to fix kernel relocation error in low memory * 0001-linux-fix-efi_relocate_kernel-failure.patch- Add safety measure to pcr snapshot by checking platform and tpm status * safe_tpm_pcr_snapshot.patch- Fix installation failure due to unavailable nvram device on ppc64le (bsc#1201361) * 0001-grub-install-set-point-of-no-return-for-powerpc-ieee1275.patch- Add patches to dynamically allocate additional memory regions for EFI systems (bsc#1202438) * 0001-mm-Allow-dynamically-requesting-additional-memory-re.patch * 0002-kern-efi-mm-Always-request-a-fixed-number-of-pages-o.patch * 0003-kern-efi-mm-Extract-function-to-add-memory-regions.patch * 0004-kern-efi-mm-Pass-up-errors-from-add_memory_regions.patch * 0005-kern-efi-mm-Implement-runtime-addition-of-pages.patch - Enlarge the default heap size and defer the disk cache invalidation (bsc#1202438) * 0001-kern-efi-mm-Enlarge-the-default-heap-size.patch * 0002-mm-Defer-the-disk-cache-invalidation.patch- Add patches for ALP FDE support * 0001-devmapper-getroot-Have-devmapper-recognize-LUKS2.patch * 0002-devmapper-getroot-Set-up-cheated-LUKS2-cryptodisk-mo.patch * 0003-disk-cryptodisk-When-cheatmounting-use-the-sector-in.patch * 0004-normal-menu-Don-t-show-Booting-s-msg-when-auto-booti.patch * 0005-EFI-suppress-the-Welcome-to-GRUB-message-in-EFI-buil.patch * 0006-EFI-console-Do-not-set-colorstate-until-the-first-te.patch * 0007-EFI-console-Do-not-set-cursor-until-the-first-text-o.patch * 0008-linuxefi-Use-common-grub_initrd_load.patch * 0009-Add-crypttab_entry-to-obviate-the-need-to-input-pass.patch * 0010-templates-import-etc-crypttab-to-grub.cfg.patch * grub-read-pcr.patch * efi-set-variable-with-attrs.patch * tpm-record-pcrs.patch * tpm-protector-dont-measure-sealed-key.patch * tpm-protector-export-secret-key.patch * grub-install-record-pcrs.patch * grub-unseal-debug.patch- Fix out of memory error cannot be prevented via disabling tpm (bsc#1202438) * 0001-tpm-Disable-tpm-verifier-if-tpm-is-not-present.patch- Fix tpm error stop tumbleweed from booting (bsc#1202374) * 0001-tpm-Pass-unknown-error-as-non-fatal-but-debug-print-.patch - Patch Removed * 0001-tpm-Log-EFI_VOLUME_FULL-and-continue.patch- Add tpm, tpm2, luks2 and gcry_sha512 to default grub.efi (bsc#1197625) - Make grub-tpm.efi a symlink to grub.efi * grub2.spec - Log error when tpm event log is full and continue * 0001-tpm-Log-EFI_VOLUME_FULL-and-continue.patch - Patch superseded * 0001-tpm-Pass-unknown-error-as-non-fatal-but-debug-print-.patch- Add patches for automatic TPM disk unlock (jsc#SLE-24018) (bsc#1196668) (jsc#PED-1276) * 0001-luks2-Add-debug-message-to-align-with-luks-and-geli-.patch * 0002-cryptodisk-Refactor-to-discard-have_it-global.patch * 0003-cryptodisk-Return-failure-in-cryptomount-when-no-cry.patch * 0004-cryptodisk-Improve-error-messaging-in-cryptomount-in.patch * 0005-cryptodisk-Improve-cryptomount-u-error-message.patch * 0006-cryptodisk-Add-infrastructure-to-pass-data-from-cryp.patch * 0007-cryptodisk-Refactor-password-input-out-of-crypto-dev.patch * 0008-cryptodisk-Move-global-variables-into-grub_cryptomou.patch * 0009-cryptodisk-Improve-handling-of-partition-name-in-cry.patch * 0010-protectors-Add-key-protectors-framework.patch * 0011-tpm2-Add-TPM-Software-Stack-TSS.patch * 0012-protectors-Add-TPM2-Key-Protector.patch * 0013-cryptodisk-Support-key-protectors.patch * 0014-util-grub-protect-Add-new-tool.patch - Fix no disk unlocking happen (bsc#1196668) * 0001-crytodisk-fix-cryptodisk-module-looking-up.patch - Fix build error * fix-tpm2-build.patch- Security fixes and hardenings for boothole 3 / boothole 2022 (bsc#1198581) * 0001-video-Remove-trailing-whitespaces.patch * 0002-loader-efi-chainloader-Simplify-the-loader-state.patch * 0003-commands-boot-Add-API-to-pass-context-to-loader.patch - Fix CVE-2022-28736 (bsc#1198496) * 0004-loader-efi-chainloader-Use-grub_loader_set_ex.patch - Fix CVE-2022-28735 (bsc#1198495) * 0005-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch * 0006-kern-file-Do-not-leak-device_name-on-error-in-grub_f.patch * 0007-video-readers-png-Abort-sooner-if-a-read-operation-f.patch * 0008-video-readers-png-Refuse-to-handle-multiple-image-he.patch - Fix CVE-2021-3695 (bsc#1191184) * 0009-video-readers-png-Drop-greyscale-support-to-fix-heap.patch - Fix CVE-2021-3696 (bsc#1191185) * 0010-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch * 0011-video-readers-png-Sanity-check-some-huffman-codes.patch * 0012-video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch * 0013-video-readers-jpeg-Do-not-reallocate-a-given-huff-ta.patch * 0014-video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch - Fix CVE-2021-3697 (bsc#1191186) * 0015-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch * 0016-normal-charset-Fix-array-out-of-bounds-formatting-un.patch - Fix CVE-2022-28733 (bsc#1198460) * 0017-net-ip-Do-IP-fragment-maths-safely.patch * 0018-net-netbuff-Block-overly-large-netbuff-allocs.patch * 0019-net-dns-Fix-double-free-addresses-on-corrupt-DNS-res.patch * 0020-net-dns-Don-t-read-past-the-end-of-the-string-we-re-.patch * 0021-net-tftp-Prevent-a-UAF-and-double-free-from-a-failed.patch * 0022-net-tftp-Avoid-a-trivial-UAF.patch * 0023-net-http-Do-not-tear-down-socket-if-it-s-already-bee.patch - Fix CVE-2022-28734 (bsc#1198493) * 0024-net-http-Fix-OOB-write-for-split-http-headers.patch - Fix CVE-2022-28734 (bsc#1198493) * 0025-net-http-Error-out-on-headers-with-LF-without-CR.patch * 0026-fs-f2fs-Do-not-read-past-the-end-of-nat-journal-entr.patch * 0027-fs-f2fs-Do-not-read-past-the-end-of-nat-bitmap.patch * 0028-fs-f2fs-Do-not-copy-file-names-that-are-too-long.patch * 0029-fs-btrfs-Fix-several-fuzz-issues-with-invalid-dir-it.patch * 0030-fs-btrfs-Fix-more-ASAN-and-SEGV-issues-found-with-fu.patch * 0031-fs-btrfs-Fix-more-fuzz-issues-related-to-chunks.patch * 0032-Use-grub_loader_set_ex-for-secureboot-chainloader.patch - Bump grub's SBAT generation to 2- Use boot disks in OpenFirmware, fixing regression caused by 0001-ieee1275-implement-FCP-methods-for-WWPN-and-LUNs.patch, when the root LV is completely in the boot LUN (bsc#1197948) * 0001-ofdisk-improve-boot-time-by-lookup-boot-disk-first.patch- Fix error message in displaying help on bootable snapshot (bsc#1199609)- Fix installation over serial console ends up in infinite boot loop (bsc#1187810) (bsc#1209667) (bsc#1209372) * 0001-Fix-infinite-boot-loop-on-headless-system-in-qemu.patch - Fix ppc64le build error for new IEEE long double ABI * 0001-libc-config-merge-from-glibc.patch- Fix Power10 LPAR error "The partition fails to activate as partition went into invalid state" (bsc#1198714) * 0001-powerpc-do-CAS-in-a-more-compatible-way.patch- use common SBAT values (boo#1193282)- Fix wrong order in kernel sorting of listing rc before final release (bsc#1197376) * grub2-use-rpmsort-for-version-sorting.patch- Fix duplicated insmod part_gpt lines in grub.cfg (bsc#1197186) * 0001-grub-probe-Deduplicate-probed-partmap-output.patch- Fix GCC 12 build failure (bsc#1196546) * 0001-mkimage-Fix-dangling-pointer-may-be-used-error.patch * 0002-Fix-Werror-array-bounds-array-subscript-0-is-outside.patch * 0003-reed_solomon-Fix-array-subscript-0-is-outside-array-.patch - Revised * grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch * 0002-ieee1275-powerpc-enables-device-mapper-discovery.patch- Fix grub-install error when efi system partition is created as mdadm software raid1 device (bsc#1179981) (bsc#1195204) * 0001-install-fix-software-raid1-on-esp.patch- Fix riscv64 build error * 0001-RISC-V-Adjust-march-flags-for-binutils-2.38.patch- Fix error in grub-install when linux root device is on lvm thin volume (bsc#1192622) (bsc#1191974) * 0001-grub-install-bailout-root-device-probing.patch- Support saving grub environment for POWER signed grub images (jsc#SLE-23854) * 0001-Add-grub_envblk_buf-helper-function.patch * 0002-Add-grub_disk_write_tail-helper-function.patch * 0003-grub-install-support-prep-environment-block.patch * 0004-Introduce-prep_load_env-command.patch * 0005-export-environment-at-start-up.patch - Use enviroment variable in early boot config to looking up root device * grub2.spec- Remove obsolete openSUSE 12.2 conditionals in spec file - Clean up powerpc certificate handling.- Set grub2-check-default shebang to "#!/bin/bash", as the the code uses many instructions which are undefined for a POSIX sh. (boo#1195794).- Power guest secure boot with static keys: GRUB2 signing portion (jsc#SLE-18271) (bsc#1192764) * 0001-grub-install-Add-SUSE-signed-image-support-for-power.patch- Fix wrong default entry when booting snapshot (bsc#1159205) * grub2-btrfs-08-workaround-snapshot-menu-default-entry.patch- Power guest secure boot with static keys: GRUB2 signing portion (jsc#SLE-18271) (bsc#1192764) * grub2.spec - Power guest secure boot with static keys: GRUB2 portion (jsc#SLE-18144) (bsc#1192686) * 0001-ieee1275-Drop-HEAP_MAX_ADDR-and-HEAP_MIN_SIZE-consta.patch * 0002-ieee1275-claim-more-memory.patch * 0003-ieee1275-request-memory-with-ibm-client-architecture.patch * 0004-Add-suport-for-signing-grub-with-an-appended-signatu.patch * 0005-docs-grub-Document-signing-grub-under-UEFI.patch * 0006-docs-grub-Document-signing-grub-with-an-appended-sig.patch * 0007-dl-provide-a-fake-grub_dl_set_persistent-for-the-emu.patch * 0008-pgp-factor-out-rsa_pad.patch * 0009-crypto-move-storage-for-grub_crypto_pk_-to-crypto.c.patch * 0010-posix_wrap-tweaks-in-preparation-for-libtasn1.patch * 0011-libtasn1-import-libtasn1-4.18.0.patch * 0012-libtasn1-disable-code-not-needed-in-grub.patch * 0013-libtasn1-changes-for-grub-compatibility.patch * 0014-libtasn1-compile-into-asn1-module.patch * 0015-test_asn1-test-module-for-libtasn1.patch * 0016-grub-install-support-embedding-x509-certificates.patch * 0017-appended-signatures-import-GNUTLS-s-ASN.1-descriptio.patch * 0018-appended-signatures-parse-PKCS-7-signedData-and-X.50.patch * 0019-appended-signatures-support-verifying-appended-signa.patch * 0020-appended-signatures-verification-tests.patch * 0021-appended-signatures-documentation.patch * 0022-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch * 0023-x509-allow-Digitial-Signature-plus-other-Key-Usages.patch- Fix no menuentry is found if hibernation on btrfs RAID1 (bsc#1193090) * grub2-systemd-sleep-plugin- Fix CVE-2021-3981 (bsc#1189644) * 0001-grub-mkconfig-restore-umask-for-grub.cfg.patch- Fix can't allocate initrd error (bsc#1191378) * 0001-Factor-out-grub_efi_linux_boot.patch * 0002-Fix-race-in-EFI-validation.patch * 0003-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch * 0004-Try-to-pick-better-locations-for-kernel-and-initrd.patch * 0005-x86-efi-Use-bounce-buffers-for-reading-to-addresses-.patch * 0006-x86-efi-Re-arrange-grub_cmd_linux-a-little-bit.patch * 0007-x86-efi-Make-our-own-allocator-for-kernel-stuff.patch * 0008-x86-efi-Allow-initrd-params-cmdline-allocations-abov.patch * 0009-x86-efi-Reduce-maximum-bounce-buffer-size-to-16-MiB.patch * 0010-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch * 0011-Also-define-GRUB_EFI_MAX_ALLOCATION_ADDRESS-for-RISC.patch- Add support for simplefb (boo#1193532). + grub2-simplefb.patch- Fix extent not found when initramfs contains shared extents (bsc#1190982) * 0001-fs-btrfs-Make-extent-item-iteration-to-handle-gaps.patch- Fix arm64 kernel image not aligned on 64k boundary (bsc#1192522) * 0001-arm64-Fix-EFI-loader-kernel-image-allocation.patch * 0002-Arm-check-for-the-PE-magic-for-the-compiled-arch.patch- Remove openSUSE Tumbleweed specific handling for default grub distributor (bsc#1191198) - Use /usr/lib/os-release as fallback (bsc#1191196) * grub2-default-distributor.patch * grub2-check-default.sh - VUL-0: grub2: grub2-once uses fixed file name in /var/tmp (bsc#1190474) (CVE-2021-46705) * grub2-once * grub2-once.service - Fix unknown TPM error on buggy uefi firmware (bsc#1191504) * 0001-tpm-Pass-unknown-error-as-non-fatal-but-debug-print-.patch - Fix error /boot/grub2/locale/POSIX.gmo not found (bsc#1189769) * 0001-Filter-out-POSIX-locale-for-translation.patch - Fix error lvmid disk cannot be found after second disk added to the root volume group (bsc#1189874) (bsc#1071559) * 0001-ieee1275-implement-FCP-methods-for-WWPN-and-LUNs.patch - Fix error in grub installation due to unnecessary requirement to support excessive device for the root logical volume (bsc#1184135) * 0001-disk-diskfilter-Use-nodes-in-logical-volume-s-segmen.patch - Fix regression in reading xfs v4 * 0001-fs-xfs-Fix-unreadable-filesystem-with-v4-superblock.patch- Fix installation on usrmerged s390x- Improve support for SLE Micro 5.1 on s390x. (bsc#1190395) * amend grub2-s390x-04-grub2-install.patch * refresh grub2-s390x-11-secureboot.patch- Follow usr merge for looking up kernel config (bsc#1189782) (bsc#1190061) * 0001-templates-Follow-the-path-of-usr-merged-kernel-confi.patch- Add btrfs zstd compression on i386-pc and also make sure it won't break existing grub installations (bsc#1161823) * deleted 0001-btrfs-disable-zstd-support-for-i386-pc.patch * added 0001-i386-pc-build-btrfs-zstd-support-into-separate-modul.patch- Delete the author list from %description (the %description section is literally for package descriptions (only) these days, encoding was also problematic). - Add %doc AUTHORS to get packaged that info- update grub2-systemd-sleep.sh to fix hibernation by avoiding the error "no kernelfile matching the running kernel found" on usrmerged setup- Use %autosetup- Replace grub2-use-stat-instead-of-udevadm-for-partition-lookup.patch and fix-grub2-use-stat-instead-of-udevadm-for-partition-lookup-with-new-glibc.patch with upstream backport: 0001-osdep-Introduce-include-grub-osdep-major.h-and-use-i.patch and 0002-osdep-linux-hostdisk-Use-stat-instead-of-udevadm-for.patch.- Fix error not a btrfs filesystem on s390x (bsc#1187645) * 80_suse_btrfs_snapshot- Fix error gfxterm isn't found with multiple terminals (bsc#1187565) * grub2-fix-error-terminal-gfxterm-isn-t-found.patch- Fix boot failure after kdump due to the content of grub.cfg is not completed with pending modificaton in xfs journal (bsc#1186975) * grub-install-force-journal-draining-to-ensure-data-i.patch - Patch refreshed * grub2-mkconfig-default-entry-correction.patch- Version bump to 2.06 * rediff - 0001-add-support-for-UEFI-network-protocols.patch - 0002-net-read-bracketed-ipv6-addrs-and-port-numbers.patch - 0003-Make-grub_error-more-verbose.patch - 0003-bootp-New-net_bootp6-command.patch - 0005-grub.texi-Add-net_bootp6-doument.patch - 0006-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch - 0006-efi-Set-image-base-address-before-jumping-to-the-PE-.patch - 0008-efinet-Setting-DNS-server-from-UEFI-protocol.patch - 0046-squash-verifiers-Move-verifiers-API-to-kernel-image.patch - grub-install-force-journal-draining-to-ensure-data-i.patch - grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch - grub2-diskfilter-support-pv-without-metadatacopies.patch - grub2-efi-HP-workaround.patch - grub2-efi-xen-cfg-unquote.patch - grub2-efi-xen-chainload.patch - grub2-fix-menu-in-xen-host-server.patch - grub2-gfxmenu-support-scrolling-menu-entry-s-text.patch - grub2-install-remove-useless-check-PReP-partition-is-empty.patch - grub2-lvm-allocate-metadata-buffer-from-raw-contents.patch - grub2-mkconfig-default-entry-correction.patch - grub2-pass-corret-root-for-nfsroot.patch - grub2-s390x-03-output-7-bit-ascii.patch - grub2-s390x-04-grub2-install.patch - grub2-secureboot-install-signed-grub.patch - grub2-setup-try-fs-embed-if-mbr-gap-too-small.patch - use-grub2-as-a-package-name.patch * update by patch squashed: - 0001-Add-support-for-Linux-EFI-stub-loading-on-aarch64.patch - grub2-efi-chainload-harder.patch - grub2-secureboot-no-insmod-on-sb.patch - grub2-secureboot-chainloader.patch - grub2-secureboot-add-linuxefi.patch * remove squashed patches: - 0008-squash-Add-support-for-Linux-EFI-stub-loading-on-aar.patch - 0009-squash-Add-support-for-linuxefi.patch - 0041-squash-Add-secureboot-support-on-efi-chainloader.patch - 0042-squash-grub2-efi-chainload-harder.patch - 0043-squash-Don-t-allow-insmod-when-secure-boot-is-enable.patch - 0045-squash-Add-support-for-Linux-EFI-stub-loading-on-aar.patch * drop upstream patches: - 0001-Warn-if-MBR-gap-is-small-and-user-uses-advanced-modu.patch - 0001-include-grub-i386-linux.h-Include-missing-grub-types.patch - 0001-kern-efi-sb-Add-chainloaded-image-as-shim-s-verifiab.patch - 0001-mdraid1x_linux-Fix-gcc10-error-Werror-array-bounds.patch - 0001-normal-Move-common-datetime-functions-out-of-the-nor.patch - 0001-yylex-Make-lexer-fatal-errors-actually-be-fatal.patch - 0002-efi-Make-shim_lock-GUID-and-protocol-type-public.patch - 0002-grub-install-Avoid-incompleted-install-on-i386-pc.patch - 0002-kern-Add-X-option-to-printf-functions.patch - 0002-safemath-Add-some-arithmetic-primitives-that-check-f.patch - 0002-zfs-Fix-gcc10-error-Werror-zero-length-bounds.patch - 0003-calloc-Make-sure-we-always-have-an-overflow-checking.patch - 0003-efi-Return-grub_efi_status_t-from-grub_efi_get_varia.patch - 0003-normal-main-Search-for-specific-config-files-for-net.patch - 0004-calloc-Use-calloc-at-most-places.patch - 0004-datetime-Enable-the-datetime-module-for-the-emu-plat.patch - 0004-efi-Add-a-function-to-read-EFI-variables-with-attrib.patch - 0005-Make-linux_arm_kernel_header.hdr_offset-be-at-the-ri.patch - 0005-efi-Add-secure-boot-detection.patch - 0005-malloc-Use-overflow-checking-primitives-where-we-do-.patch - 0006-efi-Only-register-shim_lock-verifier-if-shim_lock-pr.patch - 0006-iso9660-Don-t-leak-memory-on-realloc-failures.patch - 0007-font-Do-not-load-more-than-one-NAME-section.patch - 0007-verifiers-Move-verifiers-API-to-kernel-image.patch - 0008-efi-Move-the-shim_lock-verifier-to-the-GRUB-core.patch - 0008-script-Remove-unused-fields-from-grub_script_functio.patch - 0009-kern-Add-lockdown-support.patch - 0009-script-Avoid-a-use-after-free-when-redefining-a-func.patch - 0010-kern-lockdown-Set-a-variable-if-the-GRUB-is-locked-d.patch - 0010-linux-Fix-integer-overflows-in-initrd-size-handling.patch - 0011-efi-Lockdown-the-GRUB-when-the-UEFI-Secure-Boot-is-e.patch - 0012-efi-Use-grub_is_lockdown-instead-of-hardcoding-a-dis.patch - 0013-acpi-Don-t-register-the-acpi-command-when-locked-dow.patch - 0014-mmap-Don-t-register-cutmem-and-badram-commands-when-.patch - 0015-commands-Restrict-commands-that-can-load-BIOS-or-DT-.patch - 0016-commands-setpci-Restrict-setpci-command-when-locked-.patch - 0017-commands-hdparm-Restrict-hdparm-command-when-locked-.patch - 0018-gdb-Restrict-GDB-access-when-locked-down.patch - 0019-loader-xnu-Don-t-allow-loading-extension-and-package.patch - 0020-dl-Only-allow-unloading-modules-that-are-not-depende.patch - 0021-usb-Avoid-possible-out-of-bound-accesses-caused-by-m.patch - 0022-lib-arg-Block-repeated-short-options-that-require-an.patch - 0023-commands-menuentry-Fix-quoting-in-setparams_prefix.patch - 0024-kern-parser-Fix-resource-leak-if-argc-0.patch - 0025-kern-parser-Fix-a-memory-leak.patch - 0026-kern-parser-Introduce-process_char-helper.patch - 0027-kern-parser-Introduce-terminate_arg-helper.patch - 0028-kern-parser-Refactor-grub_parser_split_cmdline-clean.patch - 0029-kern-buffer-Add-variable-sized-heap-buffer.patch - 0030-kern-parser-Fix-a-stack-buffer-overflow.patch - 0031-util-mkimage-Remove-unused-code-to-add-BSS-section.patch - 0032-util-mkimage-Use-grub_host_to_target32-instead-of-gr.patch - 0033-util-mkimage-Always-use-grub_host_to_target32-to-ini.patch - 0034-util-mkimage-Unify-more-of-the-PE32-and-PE32-header-.patch - 0035-util-mkimage-Reorder-PE-optional-header-fields-set-u.patch - 0036-util-mkimage-Improve-data_size-value-calculation.patch - 0037-util-mkimage-Refactor-section-setup-to-use-a-helper.patch - 0038-util-mkimage-Add-an-option-to-import-SBAT-metadata-i.patch - 0039-grub-install-common-Add-sbat-option.patch - 0040-shim_lock-Only-skip-loading-shim_lock-verifier-with-.patch - grub-install-define-default-platform-for-risc-v.patch - grub2-editenv-add-warning-message.patch - grub2-efi-gop-add-blt.patch - grub2-efi-uga-64bit-fb.patch - grub2-verifiers-fix-system-freeze-if-verify-failed.patch - risc-v-add-clzdi2-symbol.patch - risc-v-fix-computation-of-pc-relative-relocation-offset.patch - Add grub2-instdev-fixup.pl for correcting /etc/default/grub_installdevice to use disk devie if grub has been installed to it - Add 0001-30_uefi-firmware-fix-printf-format-with-null-byte.patch to fix detection of efi fwsetup support- Fix running grub2-once leads to failure of starting systemd service in the boot sequence (bsc#1169460) * grub2-once * grub2-once.service- Fix crash in launching gfxmenu without theme file (bsc#1186481) * grub2-gfxmenu-support-scrolling-menu-entry-s-text.patch- Fix plaintext password in grub config didn't work to unlock menu entry if enabling secure boot in UEFI (bsc#1181892)- Fix obsolete syslog in systemd unit file and updating to use journal as StandardOutput (bsc#1185149) * grub2-once.service- Fix build error on armv6/armv7 (bsc#1184712) * 0001-emu-fix-executable-stack-marking.patch- Fix error grub_file_filters not found in Azure virtual machine (bsc#1182012) * 0001-Workaround-volatile-efi-boot-variable.patch- Fix powerpc-ieee1275 lpar takes long time to boot with increasing number of nvme namespace (bsc#1177751) 0001-ieee1275-Avoiding-many-unecessary-open-close.patch- Fix chainloading windows on dual boot machine (bsc#1183073) * 0001-kern-efi-sb-Add-chainloaded-image-as-shim-s-verifiab.patch- VUL-0: grub2,shim: implement new SBAT method (bsc#1182057) * 0031-util-mkimage-Remove-unused-code-to-add-BSS-section.patch * 0032-util-mkimage-Use-grub_host_to_target32-instead-of-gr.patch * 0033-util-mkimage-Always-use-grub_host_to_target32-to-ini.patch * 0034-util-mkimage-Unify-more-of-the-PE32-and-PE32-header-.patch * 0035-util-mkimage-Reorder-PE-optional-header-fields-set-u.patch * 0036-util-mkimage-Improve-data_size-value-calculation.patch * 0037-util-mkimage-Refactor-section-setup-to-use-a-helper.patch * 0038-util-mkimage-Add-an-option-to-import-SBAT-metadata-i.patch * 0039-grub-install-common-Add-sbat-option.patch - Fix CVE-2021-20225 (bsc#1182262) * 0022-lib-arg-Block-repeated-short-options-that-require-an.patch - Fix CVE-2020-27749 (bsc#1179264) * 0024-kern-parser-Fix-resource-leak-if-argc-0.patch * 0025-kern-parser-Fix-a-memory-leak.patch * 0026-kern-parser-Introduce-process_char-helper.patch * 0027-kern-parser-Introduce-terminate_arg-helper.patch * 0028-kern-parser-Refactor-grub_parser_split_cmdline-clean.patch * 0029-kern-buffer-Add-variable-sized-heap-buffer.patch * 0030-kern-parser-Fix-a-stack-buffer-overflow.patch - Fix CVE-2021-20233 (bsc#1182263) * 0023-commands-menuentry-Fix-quoting-in-setparams_prefix.patch - Fix CVE-2020-25647 (bsc#1177883) * 0021-usb-Avoid-possible-out-of-bound-accesses-caused-by-m.patch - Fix CVE-2020-25632 (bsc#1176711) * 0020-dl-Only-allow-unloading-modules-that-are-not-depende.patch - Fix CVE-2020-27779, CVE-2020-14372 (bsc#1179265) (bsc#1175970) * 0001-include-grub-i386-linux.h-Include-missing-grub-types.patch * 0002-efi-Make-shim_lock-GUID-and-protocol-type-public.patch * 0003-efi-Return-grub_efi_status_t-from-grub_efi_get_varia.patch * 0004-efi-Add-a-function-to-read-EFI-variables-with-attrib.patch * 0005-efi-Add-secure-boot-detection.patch * 0006-efi-Only-register-shim_lock-verifier-if-shim_lock-pr.patch * 0007-verifiers-Move-verifiers-API-to-kernel-image.patch * 0008-efi-Move-the-shim_lock-verifier-to-the-GRUB-core.patch * 0009-kern-Add-lockdown-support.patch * 0010-kern-lockdown-Set-a-variable-if-the-GRUB-is-locked-d.patch * 0011-efi-Lockdown-the-GRUB-when-the-UEFI-Secure-Boot-is-e.patch * 0012-efi-Use-grub_is_lockdown-instead-of-hardcoding-a-dis.patch * 0013-acpi-Don-t-register-the-acpi-command-when-locked-dow.patch * 0014-mmap-Don-t-register-cutmem-and-badram-commands-when-.patch * 0015-commands-Restrict-commands-that-can-load-BIOS-or-DT-.patch * 0016-commands-setpci-Restrict-setpci-command-when-locked-.patch * 0017-commands-hdparm-Restrict-hdparm-command-when-locked-.patch * 0018-gdb-Restrict-GDB-access-when-locked-down.patch * 0019-loader-xnu-Don-t-allow-loading-extension-and-package.patch * 0040-shim_lock-Only-skip-loading-shim_lock-verifier-with-.patch * 0041-squash-Add-secureboot-support-on-efi-chainloader.patch * 0042-squash-grub2-efi-chainload-harder.patch * 0043-squash-Don-t-allow-insmod-when-secure-boot-is-enable.patch * 0044-squash-kern-Add-lockdown-support.patch * 0045-squash-Add-support-for-Linux-EFI-stub-loading-on-aar.patch * 0046-squash-verifiers-Move-verifiers-API-to-kernel-image.patch - Drop patch supersceded by the new backport * 0001-linuxefi-fail-kernel-validation-without-shim-protoco.patch * 0001-shim_lock-Disable-GRUB_VERIFY_FLAGS_DEFER_AUTH-if-se.patch * 0007-linuxefi-fail-kernel-validation-without-shim-protoco.patch - Add SBAT metadata section to grub.efi - Drop shim_lock module as it is part of core of grub.efi * grub2.spec- Fix build error in binutils 2.36 (bsc#1181741) * 0001-Fix-build-error-in-binutils-2.36.patch - Fix executable stack in grub-emu (bsc#1181696) * 0001-emu-fix-executable-stack-marking.patch- Restore compatibilty sym-links * grub2.spec - Use rpmlintrc to filter out rpmlint 2.0 error (bsc#1179044) * grub2.rpmlintrc- Complete Secure Boot support on aarch64 (jsc#SLE-15020) * 0001-Add-support-for-Linux-EFI-stub-loading-on-aarch64.patch * 0002-arm64-make-sure-fdt-has-address-cells-and-size-cells.patch * 0003-Make-grub_error-more-verbose.patch * 0004-arm-arm64-loader-Better-memory-allocation-and-error-.patch * 0005-Make-linux_arm_kernel_header.hdr_offset-be-at-the-ri.patch * 0006-efi-Set-image-base-address-before-jumping-to-the-PE-.patch * 0007-linuxefi-fail-kernel-validation-without-shim-protoco.patch * 0008-squash-Add-support-for-Linux-EFI-stub-loading-on-aar.patch * 0009-squash-Add-support-for-linuxefi.patch- Fix rpmlint 2.0 error for having arch specific path in noarch package aiming for compatibility with old package (bsc#1179044) * grub2.spec - Fix non POSIX sed argument which failed in sed from busybox (bsc#1181091) * grub2-check-default.sh- Fix boot failure in blocklist installation (bsc#1178278) * Modified 0002-grub-install-Avoid-incompleted-install-on-i386-pc.patch- Fix grub2-install error with "failed to get canonical path of `/boot/grub2/i386-pc'." (bsc#1177957) * Modified 0002-grub-install-Avoid-incompleted-install-on-i386-pc.patch- Fix https boot interrupted by unrecognised network address error message (bsc#1172952) * 0001-add-support-for-UEFI-network-protocols.patch- grub2.spec: Fix bare words used as string in expression which is no longer allowed in rpm 4.16- Improve the error handling when grub2-install fails with short mbr gap (bsc#1176062) * 0001-Warn-if-MBR-gap-is-small-and-user-uses-advanced-modu.patch * 0002-grub-install-Avoid-incompleted-install-on-i386-pc.patch- Make efi hand off the default entry point of the linux command (bsc#1176134) * 0001-efi-linux-provide-linux-command.patch- Fix verification requested but nobody cares error when loading external module in secure boot off (bsc#1175766) * 0001-shim_lock-Disable-GRUB_VERIFY_FLAGS_DEFER_AUTH-if-se.patch- Make consistent check to enable relative path on btrfs (bsc#1174567) * 0001-Unify-the-check-to-enable-btrfs-relative-path.patch- Add fibre channel device's ofpath support to grub-ofpathname and search hint to speed up root device discovery (bsc#1172745) * 0001-ieee1275-powerpc-implements-fibre-channel-discovery-.patch * 0002-ieee1275-powerpc-enables-device-mapper-discovery.patch- Fix for CVE-2020-15705 (bsc#1174421) * 0001-linuxefi-fail-kernel-validation-without-shim-protoco.patch * 0002-cmdline-Provide-cmdline-functions-as-module.patch- Make grub-calloc inline to avoid symbol not found error as the system may not use updated grub to boot the system (bsc#1174782) (bsc#1175060) (bsc#1175036) * 0001-kern-mm.c-Make-grub_calloc-inline.patch- Fix for CVE-2020-10713 (bsc#1168994) * 0001-yylex-Make-lexer-fatal-errors-actually-be-fatal.patch - Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 (bsc#1173812) * 0002-safemath-Add-some-arithmetic-primitives-that-check-f.patch * 0003-calloc-Make-sure-we-always-have-an-overflow-checking.patch * 0004-calloc-Use-calloc-at-most-places.patch * 0005-malloc-Use-overflow-checking-primitives-where-we-do-.patch * 0006-iso9660-Don-t-leak-memory-on-realloc-failures.patch * 0007-font-Do-not-load-more-than-one-NAME-section.patch - Fix CVE-2020-15706 (bsc#1174463) * 0008-script-Remove-unused-fields-from-grub_script_functio.patch * 0009-script-Avoid-a-use-after-free-when-redefining-a-func.patch - Fix CVE-2020-15707 (bsc#1174570) * 0010-linux-Fix-integer-overflows-in-initrd-size-handling.patch - Use overflow checking primitives where the arithmetic expression for buffer allocations may include unvalidated data - Use grub_calloc for overflow check and return NULL when it would occur * 0001-add-support-for-UEFI-network-protocols.patch * 0003-bootp-New-net_bootp6-command.patch * grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch * grub2-btrfs-09-get-default-subvolume.patch * grub2-gfxmenu-support-scrolling-menu-entry-s-text.patch * grub2-grubenv-in-btrfs-header.patch- No 95_textmode for PowerPC (boo#1174166)- Skip zfcpdump kernel from the grub boot menu (bsc#1166513) * grub2-s390x-skip-zfcpdump-image.patch- Fix boot failure as journaled data not get drained due to abrupt power off after grub-install (bsc#1167756) * grub-install-force-journal-draining-to-ensure-data-i.patch- Fix executable stack in grub-probe and other grub utility (bsc#1169137) * grub2-btrfs-06-subvol-mount.patch- Fix GCC 10 build fail (bsc#1158189) * 0001-mdraid1x_linux-Fix-gcc10-error-Werror-array-bounds.patch * 0002-zfs-Fix-gcc10-error-Werror-zero-length-bounds.patch- Backport to support searching for specific config files for netboot (bsc#1166409) * 0001-normal-Move-common-datetime-functions-out-of-the-nor.patch * 0002-kern-Add-X-option-to-printf-functions.patch * 0003-normal-main-Search-for-specific-config-files-for-net.patch * 0004-datetime-Enable-the-datetime-module-for-the-emu-plat.patch- move *.module files to separate -debug subpackage (boo#1166578)- Fix EFI console detection to make it a runtime decision (bsc#1164385) * grub2-SUSE-Add-the-t-hotkey.patch- Downgrade mtools to Suggests for consistency with xorriso (boo#1165839) - remove info requirements, file triggers are used now (boo#1152105)- Add secure boot support for s390x. (jsc#SLE-9425) * grub2-s390x-11-secureboot.patch- Fix grub hangs after loading rogue image without valid signature for uefi secure boot (bsc#1159102) * grub2-verifiers-fix-system-freeze-if-verify-failed.patch- From Stefan Seyfried : Fix grub2-install fails with "not a directory" error (boo#1161641, bsc#1162403) * grub2-install-fix-not-a-directory-error.patch- Correct awk pattern in 20_linux_xen (bsc#900418, bsc#1157912) - Correct linux and initrd handling in 20_linux_xen (bsc#1157912) M grub2-efi-xen-cfg-unquote.patch M grub2-efi-xen-chainload.patch M grub2-efi-xen-cmdline.patch M grub2-efi-xen-removable.patch- Disable btrfs zstd support for i386-pc to workaround core.img too large to be embedded in btrfs bootloader area or MBR gap (boo#1154809) * 0001-btrfs-disable-zstd-support-for-i386-pc.patch- Fix grub2.sleep to load old kernel after hibernation (boo#1154783)- Enable support for riscv64 - Backports from upstream: * risc-v-fix-computation-of-pc-relative-relocation-offset.patch * risc-v-add-clzdi2-symbol.patch * grub-install-define-default-platform-for-risc-v.patch- Version bump to 2.04 * removed - translations-20170427.tar.xz * grub2.spec - Make signed grub-tpm.efi specific to x86_64-efi build, the platform currently shipped with tpm module from upstream codebase - Add shim_lock to signed grub.efi in x86_64-efi build - x86_64: linuxefi now depends on linux, both will verify kernel via shim_lock - Remove translation tarball and po file hacks as it's been included in upstream tarball * rediff - grub2-setup-try-fs-embed-if-mbr-gap-too-small.patch - grub2-commands-introduce-read_file-subcommand.patch - grub2-secureboot-add-linuxefi.patch - 0001-add-support-for-UEFI-network-protocols.patch - grub2-efi-HP-workaround.patch - grub2-secureboot-install-signed-grub.patch - grub2-linux.patch - use-grub2-as-a-package-name.patch - grub2-pass-corret-root-for-nfsroot.patch - grub2-secureboot-use-linuxefi-on-uefi.patch - grub2-secureboot-no-insmod-on-sb.patch - grub2-secureboot-provide-linuxefi-config.patch - grub2-secureboot-chainloader.patch - grub2-s390x-01-Changes-made-and-files-added-in-order-to-allow-s390x.patch - grub2-s390x-02-kexec-module-added-to-emu.patch - grub2-s390x-04-grub2-install.patch - grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch - grub2-efi-chainloader-root.patch - grub2-ppc64le-disable-video.patch - grub2-ppc64-cas-reboot-support.patch - grub2-Fix-incorrect-netmask-on-ppc64.patch - 0003-bootp-New-net_bootp6-command.patch - 0006-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch - 0012-tpm-Build-tpm-as-module.patch - grub2-emu-4-all.patch - grub2-btrfs-09-get-default-subvolume.patch - grub2-ppc64le-memory-map.patch - grub2-ppc64-cas-fix-double-free.patch - 0008-efinet-Setting-DNS-server-from-UEFI-protocol.patch * drop upstream patches - grub2-fix-locale-en.mo.gz-not-found-error-message.patch - grub2-fix-build-with-flex-2.6.4.patch - grub2-accept-empty-module.patch - 0001-Fix-packed-not-aligned-error-on-GCC-8.patch - 0001-Fix-PCIe-LER-when-GRUB2-accesses-non-enabled-MMIO-da.patch - unix-exec-avoid-atexit-handlers-when-child-exits.patch - 0001-xfs-Accept-filesystem-with-sparse-inodes.patch - grub2-binutils2.31.patch - grub2-msdos-fix-overflow.patch - 0001-tsc-Change-default-tsc-calibration-method-to-pmtimer.patch - grub2-efi-Move-grub_reboot-into-kernel.patch - grub2-efi-Free-malloc-regions-on-exit.patch - grub2-move-initrd-upper.patch - 0002-Add-Virtual-LAN-support.patch - 0001-ofnet-Initialize-structs-in-bootpath-parser.patch - 0001-misc-fix-invalid-character-recongition-in-strto-l.patch - 0001-tpm-Core-TPM-support.patch - 0002-tpm-Measure-kernel-initrd.patch - 0003-tpm-Add-BIOS-boot-measurement.patch - 0004-tpm-Rework-linux-command.patch - 0005-tpm-Rework-linux16-command.patch - 0006-tpm-Measure-kernel-and-initrd-on-BIOS-systems.patch - 0007-tpm-Measure-the-kernel-commandline.patch - 0008-tpm-Measure-commands.patch - 0009-tpm-Measure-multiboot-images-and-modules.patch - 0010-tpm-Fix-boot-when-there-s-no-TPM.patch - 0011-tpm-Fix-build-error.patch - 0013-tpm-i386-pc-diskboot-img.patch - grub2-freetype-pkgconfig.patch - 0001-cpio-Disable-gcc9-Waddress-of-packed-member.patch - 0002-jfs-Disable-gcc9-Waddress-of-packed-member.patch - 0003-hfs-Fix-gcc9-error-Waddress-of-packed-member.patch - 0004-hfsplus-Fix-gcc9-error-with-Waddress-of-packed-membe.patch - 0005-acpi-Fix-gcc9-error-Waddress-of-packed-member.patch - 0006-usbtest-Disable-gcc9-Waddress-of-packed-member.patch - 0007-chainloader-Fix-gcc9-error-Waddress-of-packed-member.patch - 0008-efi-Fix-gcc9-error-Waddress-of-packed-member.patch- Consistently find btrfs snapshots on s390x. (bsc#1136970) * grub2-s390x-04-grub2-install.patch- Fix fallback embed doesn't work when no post mbr gap at all (boo#1142229) * Refresh grub2-setup-try-fs-embed-if-mbr-gap-too-small.patch- Revert grub2-ieee1275-FCP-methods-for-WWPN-and-LUNs.patch until merged by upstream (bsc#1134287, bsc#1139345, LTC#177836, LTC#174229).- Fix iteration of FCP LUNs (bsc#1134287, bsc#1139345, LTC#177836, LTC#174229). * Refresh grub2-ieee1275-FCP-methods-for-WWPN-and-LUNs.patch- Use grub2-install to handle signed grub installation for UEFI secure boot and also provide options to override default (bsc#1136601) * grub2-secureboot-install-signed-grub.patch - Remove arm64 linuxefi patches as it's not needed for secure boot * 0001-efi-refactor-grub_efi_allocate_pages.patch * 0002-Remove-grub_efi_allocate_pages.patch * 0003-arm64-efi-move-EFI_PAGE-definitions-to-efi-memory.h.patch * 0004-efi-Add-central-copy-of-grub_efi_find_mmap_size.patch * 0005-efi-Add-grub_efi_get_ram_base-function-for-arm64.patch * 0006-Add-support-for-EFI-handover-on-ARM64.patch- Avoid high resolution when trying to keep current mode (bsc#1133842) * grub2-video-limit-the-resolution-for-fixed-bimap-font.patch - Make GRUB_SAVEDEFAULT working with btrfs (bsc#1128592) * grub2-grubenv-in-btrfs-header.patch- Check/refresh zipl-kernel before hibernate on s390x. (bsc#940457) (Getting rid of hardcoded 'vmlinuz', which failed on PPC as well.) * grub2-systemd-sleep.sh- Try to refresh zipl-kernel on failed kexec. (bsc#1127293) * grub2-s390x-04-grub2-install.patch - Fully support "previous" zipl-kernel, with 'mem=1G' being available on dedicated entries. (bsc#928131) * grub2-s390x-09-improve-zipl-setup.patch - Refresh * grub2-zipl-setup-fix-btrfs-multipledev.patch- Fix GCC 9 build failure (bsc#1121208) * 0001-cpio-Disable-gcc9-Waddress-of-packed-member.patch * 0002-jfs-Disable-gcc9-Waddress-of-packed-member.patch * 0003-hfs-Fix-gcc9-error-Waddress-of-packed-member.patch * 0004-hfsplus-Fix-gcc9-error-with-Waddress-of-packed-membe.patch * 0005-acpi-Fix-gcc9-error-Waddress-of-packed-member.patch * 0006-usbtest-Disable-gcc9-Waddress-of-packed-member.patch * 0007-chainloader-Fix-gcc9-error-Waddress-of-packed-member.patch * 0008-efi-Fix-gcc9-error-Waddress-of-packed-member.patch- Use %doc for older products for compatibility, or may end up with unsuccessful build result * grub2.spec- Revert grub2-ieee1275-open-raw-mode.patch for regression of crashing lvm on multipath SAN (bsc#1113702) * deleted grub2-ieee1275-open-raw-mode.patch - Add exception handling to FCP lun enumeration (bsc#1113702) * grub2-ieee1275-FCP-methods-for-WWPN-and-LUNs.patch- Fix LOADER_TYPE parsing in grub2-once (boo#1122569)- Create compatibility sym-link of grub.xen in the old location to which old VM definition is pointing (bsc#1123942)- Add patch to fix ARM boot, when kernel become too big: * grub2-move-initrd-upper.patch (boo#1123350)- Replace old $RPM_* shell vars.- Support long menu entry by scrolling its text left and right through the key stroke ctrl+l and ctrl+r (FATE#325760) * grub2-gfxmenu-support-scrolling-menu-entry-s-text.patch- Improved hiDPI device support (FATE#326680) * grub2-video-limit-the-resolution-for-fixed-bimap-font.patch- Build platform-packages 'noarch' and move to '/usr/share/efi' for SUSE Manager. (FATE#326960) * grub2-efi-xen-chainload.patch (bsc#1122563) * grub2-efi-xen-removable.patch (refresh)- Support for UEFI Secure Boot on AArch64 (FATE#326541) * 0001-efi-refactor-grub_efi_allocate_pages.patch * 0002-Remove-grub_efi_allocate_pages.patch * 0003-arm64-efi-move-EFI_PAGE-definitions-to-efi-memory.h.patch * 0004-efi-Add-central-copy-of-grub_efi_find_mmap_size.patch * 0005-efi-Add-grub_efi_get_ram_base-function-for-arm64.patch * 0006-Add-support-for-EFI-handover-on-ARM64.patch- Change default tsc calibration method to pmtimer on EFI (bsc#1114754) * 0001-tsc-Change-default-tsc-calibration-method-to-pmtimer.patch- ieee1275: Fix double free in CAS reboot (bsc#1111955) * grub2-ppc64-cas-fix-double-free.patch- Support NVDIMM device names (bsc#1110073) * grub2-getroot-support-nvdimm.patch- Translate caret back to space as the initrd stanza could use space to delimit multiple files loaded (bsc#1101942) * grub2-util-30_os-prober-multiple-initrd.patch- ieee1275: implement FCP methods for WWPN and LUNs (bsc#1093145) * grub2-ieee1275-FCP-methods-for-WWPN-and-LUNs.patch- Fix broken network interface with random address and same name (bsc#1084508) * 0001-ofnet-Initialize-structs-in-bootpath-parser.patch- Fix outputting invalid btrfs subvol path on non btrfs filesystem due to bogus return code handling. (bsc#1106381) * modified grub2-btrfs-10-config-directory.patch- Fix overflow in sector count calculation (bsc#1105163) * grub2-msdos-fix-overflow.patch- Downgrade libburnia-tools to suggest as minimal system can't afford pulling in tcl/tk and half of the x11 stack (bsc#1102515) * modified grub2.spec- Add grub2-binutils2.31.patch: x86-64: Treat R_X86_64_PLT32 as R_X86_64_PC32. Starting from binutils commit bd7ab16b x86-64 assembler generates R_X86_64_PLT32, instead of R_X86_64_PC32, for 32-bit PC-relative branches. Grub2 should treat R_X86_64_PLT32 as R_X86_64_PC32.- The grubxenarch packages are now architecture-independent. [bsc#953297, grub2.spec, grub2-rpmlintrc]- Fix config_directory on btrfs to follow path scheme (bsc#1063443) * grub2-btrfs-10-config-directory.patch - Fix grub2-install --root-directory does not work for /boot/grub2/ on separate btrfs subvolume (boo#1098420) * grub2-btrfs-06-subvol-mount.patch - Fix setparams doesn't work as expected from boot-last-label NVRAM var, after inital CAS reboot on ieee1275 (bsc#1088830) * grub2-ppc64-cas-new-scope.patch- Fix install on xfs error (bsc#1101283) * 0001-xfs-Accept-filesystem-with-sparse-inodes.patch- grub2.spec: change %config to %config(noreplace) Don't overwrite user changes to config files on upgrades.- Marked %{_sysconfdir}/grub.d/40_custom as (noreplace) [bsc#1079332, grub2.spec]- Replace "GRUB_DISABLE_LINUX_RECOVERY" by "GRUB_DISABLE_RECOVERY" in /etc/default/grub and remove test from s390x install section in upec file. [bsc#1042433, grub.default, grub2.spec]- Added "# needssslcertforbuild", which got lost somewhere, to spec file [grub2.spec]- Replace confusing menu on btrfs "snapper rollback" by help text. [bsc#1027588, grub2-btrfs-help-on-snapper-rollback.patch]- Use %license instead of %doc [bsc#1082318]- grub2-emu on s390 keep network during kexec boot (bsc#1089493) * grub2-s390x-10-keep-network-at-kexec.patch- Add grub2-freetype-pkgconfig.patch to fix build with new freetype use pkgconfig to find Freetype libraries.- Fallback to raw mode if Open Firmware returns invalid ihandler (bsc#1071559) * grub2-ieee1275-open-raw-mode.patch- Fix error of essential directory not found on UEFI Xen host (bsc#1085842) * add grub2-efi-xen-removable.patch * rediff grub2-suse-remove-linux-root-param.patch- Fix corruption of "grub2-install --help" and grub2-install manual page (bsc#1086670) * unix-exec-avoid-atexit-handlers-when-child-exits.patch- Fix Nvidia GPU in legacy I/O slot 2 disappears during system startup (bsc#1082914) * 0001-Fix-PCIe-LER-when-GRUB2-accesses-non-enabled-MMIO-da.patch- Fix packed-not-aligned error on GCC 8 (bsc#1084632) * 0001-Fix-packed-not-aligned-error-on-GCC-8.patch- Fix incorrect netmask on ppc64 (bsc#1085419) * grub2-Fix-incorrect-netmask-on-ppc64.patch- Fix UEFI HTTPS Boot from ISO installation image (bsc#1076132) * 0001-add-support-for-UEFI-network-protocols.patch- fix wrong command output when default subvolume is toplevel tree with id 5 (bsc#1078775) * grub2-btrfs-09-get-default-subvolume.patch - insert mdraid modules to support software RAID (bsc#1078775) * grub2-xen-pv-firmware.cfg- Rename grub2-btrfs-workaround-grub2-once.patch to grub2-grubenv-in-btrfs-header.patch - Store GRUB environment variable health_checker_flag in Btrfs header- Fix incorrect check preventing the script from running (bsc#1078481) * 80_suse_btrfs_snapshot- Fix disappeared snapshot menu entry (bsc#1078481) * 80_suse_btrfs_snapshot- Fix unquoted string error and add some more checks (bsc#1079330) * grub2-check-default.sh- The %prep section applies patches, the %build section builds. Remove mixup of patching and building from %prep for quilt setup Related to bsc#1065703- Check if default entry need to be corrected for updated distributor version and/or use fallback entry if default kernel entry removed (bsc#1065349) * grub2-check-default.sh * grub2-mkconfig-default-entry-correction.patch - Fix grub2-mkconfig warning when disk is LVM PV (bsc#1071239) * grub2-getroot-scan-disk-pv.patch- Filter out autofs and securityfs from /proc/self/mountinfo to speed up nfsroot test in large number of autofs mounts (bsc#1069094) * modified grub2-pass-corret-root-for-nfsroot.patch- Fix http(s) boot security review (bsc#1058090) * 0002-AUDIT-0-http-boot-tracker-bug.patch- 0001-add-support-for-UEFI-network-protocols.patch: * Workaround http data access in firmware * Fix DNS device path parsing for efinet device * Relaxed UEFI Protocol requirement * Support Intel OPA (Omni-Path Architecture) PXE Boot (bsc#1015589)- grub2-xen-pv-firmware.cfg: remove linemode=1 from cmdline for SUSE installer. openQA expects ncurses interface. (bsc#1066919)- use python3 for autogen.sh (fate#323526)- Do not check that PReP partition does not contain an ELF during installation (bsc#1065738). * grub2-install-remove-useless-check-PReP-partition-is-empty.patch- Build diskboot_tpm.img as separate image to diskboot.img to prevent failure in booting on some bogus firmware. To use the TPM image you have to use suse-enable-tpm option of grub2-install (bsc#1052401) * 0013-tpm-i386-pc-diskboot-img.patch- Use /boot//loader/linux to determine if install media is SUSE instead of /contents file (bsc#1054453)- Use the pvops-enabled default kernel if the traditional xen pv kernel and initrd are not found (bsc#1054453)- Fix reboot in UEFI environments (bsc#1047331) * Add grub2-efi-Move-grub_reboot-into-kernel.patch * Refresh grub2-efi-Free-malloc-regions-on-exit.patch- Add preliminary patch for UEFI HTTPS and related network protocol support (fate#320130) * 0001-add-support-for-UEFI-network-protocols.patch- grub2-s390x-04-grub2-install.patch : remove arybase dependency in grub2-zipl-setup by not referencing to $[ (bsc#1055280)- Fix minor oversights in and the exit value of the grub2-install helper on s390x. (bsc#1055343, fate#323298) * grub2-s390x-09-improve-zipl-setup.patch- Make grub2.info build reproducible (boo#1047218)- add grub2-fix-build-with-flex-2.6.4.patch - fix build with flex 2.6.4+ that removed explicit (void) cast from fprintf call in yy_fatal_error.- Support LVM physical volume created without metadatacopies (bsc#1027526) * grub2-diskfilter-support-pv-without-metadatacopies.patch - Fix page fault exception when grub loads with Nvidia cards (bsc#1038533) * grub2-efi-uga-64bit-fb.patch - Require 'kexec-tools' for System z. (bsc#944358) * modified grub2.spec- grub2-xen-pv-firmware.cfg: insmod lvm module as it's not auto-loaded to support booting from lvm volume (bsc#1004324) - Grub not working correctly with xen and btrfs snapshots (bsc#1026511) * Add grub2-btrfs-09-get-default-subvolume.patch * grub2-xen-pv-firmware.cfg : search path in default subvolume- new upstream version 2.02 * rediff - use-grub2-as-a-package-name.patch * drop upstream patches - grub2-fix-uninitialized-variable-in-btrfs-with-GCC7.patch - grub2-add-FALLTHROUGH-annotations.patch - update translations- update grub2-btrfs-workaround-grub2-once.patch to also store saved_entry in additional environment block (boo#1031025)- fix building with GCC (bsc#1030247) * add grub2-fix-uninitialized-variable-in-btrfs-with-GCC7.patch * grub2-add-FALLTHROUGH-annotations.patch- Fix out of memory error on lvm detection (bsc#1016536) (bsc#1027401) * grub2-lvm-allocate-metadata-buffer-from-raw-contents.patch - Fix boot failure if /boot is separate btrfs partition (bsc#1023160) * grub2-btrfs-06-subvol-mount.patch- 0004-tpm-Rework-linux-command.patch : Fix out of bound memory copy (bsc#1029187)- new upstream version 2.02~rc2 * rediff - use-grub2-as-a-package-name.patch - grub2-linguas.sh-no-rsync.patch * drop upstream patches - 0001-efi-strip-off-final-NULL-from-File-Path-in-grub_efi_.patch- TPM Support (FATE#315831) * 0001-tpm-Core-TPM-support.patch * 0002-tpm-Measure-kernel-initrd.patch * 0003-tpm-Add-BIOS-boot-measurement.patch * 0004-tpm-Rework-linux-command.patch * 0005-tpm-Rework-linux16-command.patch * 0006-tpm-Measure-kernel-and-initrd-on-BIOS-systems.patch * 0007-tpm-Measure-the-kernel-commandline.patch * 0008-tpm-Measure-commands.patch * 0009-tpm-Measure-multiboot-images-and-modules.patch * 0010-tpm-Fix-boot-when-there-s-no-TPM.patch * 0011-tpm-Fix-build-error.patch * 0012-tpm-Build-tpm-as-module.patch - grub2.spec : Add grub-tpm.efi for Secure Boot- Fix invalid Xen EFI config files if xen_args include GRUB2 quoting (bsc#900418) (bsc#951748) * grub2-efi-xen-cfg-unquote.patch - Fix linuxefi erroneously initialize linux's boot_params with non-zero values. (bsc#1025563) * grub2-linuxefi-fix-boot-params.patch - Removed grub2-fix-multi-device-root-kernel-argument.patch as it has regression on how GRUB_DISABLE_LINUX_UUID=true interpreted (bsc#1015138)- Fix for openQA UEFI USB Boot failure with upstream patch (bsc#1026344) * added 0001-efi-strip-off-final-NULL-from-File-Path-in-grub_efi_.patch * removed 0001-Revert-efi-properly-terminate-filepath-with-NULL-in-.patch- Temporary fix for openQA UEFI USB Boot failure (bsc#1026344) * 0001-Revert-efi-properly-terminate-filepath-with-NULL-in-.patch- grub2.spec: fix s390x file list.- require efibootmgr in efi package (boo#1025520)- Merge changes from SLE12 - add grub2-emu-4-all.patch * Build 'grub2-emu' wherever possible, to allow a better implementation of that feature. - add grub2-s390x-06-loadparm.patch, - add grub2-commands-introduce-read_file-subcommand.patch: * allow s390x to telecontrol grub2. (bsc#891946, bsc#892852) - add grub2-s390x-06-loadparm.patch: * ignore case and fix transliteration of parameter. (bsc#891946) - add grub2-s390x-07-add-image-param-for-zipl-setup.patch * Add --image switch to force zipl update to specific kernel (bsc#928131) - add grub2-s390x-08-workaround-part-to-disk.patch * Ignore partition tables on s390x. (bsc#935127) - add grub2-efi-chainload-harder.patch: * allow XEN to be chain-loaded despite firmware flaws. (bnc#887793) * Do not use shim lock protocol for reading pe header, it won't be available when secure boot disabled (bsc#943380) * Make firmware flaw condition be more precisely detected and add debug message for the case * Check msdos header to find PE file header (bsc#954126) - grub2-s390x-04-grub2-install.patch: * streamline boot to grub menu. (bsc#898198) * Force '/usr' to read-only before calling kexec. (bsc#932951) - grub2-once: * add '--enum' option to enumerate boot-entries in a way actually understood by 'grub2'. (bsc#892852, bsc#892811) * Examine variables from grub environment in 'grub2-once'. (fate#319632)- new upstream version 2.02~rc1 * rediff - use-grub2-as-a-package-name.patch - grub2-s390x-04-grub2-install.patch - grub2-accept-empty-module.patch - grub2-btrfs-04-grub2-install.patch - grub2-btrfs-06-subvol-mount.patch * drop upstream patches - 0001-dns-fix-buffer-overflow-for-data-addresses-in-recv_h.patch - 0001-build-Use-AC_HEADER_MAJOR-to-find-device-macros.patch - 0002-configure-fix-check-for-sys-sysmacros.h-under-glibc-.patch - 0001-Fix-fwpath-in-efi-netboot.patch - 0001-arm64-Move-firmware-fdt-search-into-global-function.patch - 0002-arm-efi-Use-fdt-from-firmware-when-available.patch - grub2-arm64-mknetdir-add-suport-for-arm64-efi.patch - 0001-10_linux-Fix-grouping-of-tests-for-GRUB_DEVICE.patch - 0002-20_linux_xen-fix-test-for-GRUB_DEVICE.patch - 0001-xen-make-xen-loader-callable-multiple-times.patch - 0002-xen-avoid-memleaks-on-error.patch - 0003-xen-reduce-number-of-global-variables-in-xen-loader.patch - 0004-xen-add-elfnote.h-to-avoid-using-numbers-instead-of-.patch - 0005-xen-synchronize-xen-header.patch - 0006-xen-factor-out-p2m-list-allocation-into-separate-fun.patch - 0007-xen-factor-out-allocation-of-special-pages-into-sepa.patch - 0008-xen-factor-out-allocation-of-page-tables-into-separa.patch - 0009-xen-add-capability-to-load-initrd-outside-of-initial.patch - 0010-xen-modify-page-table-construction.patch - 0011-xen-add-capability-to-load-p2m-list-outside-of-kerne.patch * add - fix-grub2-use-stat-instead-of-udevadm-for-partition-lookup-with-new-glibc.patch fix compilation with new glibc- Fix build error on glibc-2.25 * 0001-build-Use-AC_HEADER_MAJOR-to-find-device-macros.patch * 0002-configure-fix-check-for-sys-sysmacros.h-under-glibc-.patch - Fix fwpath in efi netboot (fate#321993) (bsc#1022294) * 0001-Fix-fwpath-in-efi-netboot.patch- grub2-systemd-sleep.sh: Fix prematurely abort by commands error return code and skip the offending menu entry (bsc#1022880)- Add support for BLT only EFI GOP adapters (FATE#322332) * grub2-efi-gop-add-blt.patch- info-dir-entry.patch: Update info dir entry to follow renaming to grub2- Add serial module to efi image. Serial terminal is still useful even with EFI Secure Boot- Support %posttrans with marcos provided by update-bootloader-rpm-macros package (bsc#997317)- Remove outdated README.openSUSE (bsc#907693)- 20_memtest86+: avoid adding memtest86+ to the list with UEFI booting.- Fix new line character in distributor (bsc#1007212) * modified grub2-default-distributor.patch- From Juergen Gross : grub-xen: support booting huge pv-domains (bsc#1004398) (bsc#899465) * 0001-xen-make-xen-loader-callable-multiple-times.patch * 0002-xen-avoid-memleaks-on-error.patch * 0003-xen-reduce-number-of-global-variables-in-xen-loader.patch * 0004-xen-add-elfnote.h-to-avoid-using-numbers-instead-of-.patch * 0005-xen-synchronize-xen-header.patch * 0006-xen-factor-out-p2m-list-allocation-into-separate-fun.patch * 0007-xen-factor-out-allocation-of-special-pages-into-sepa.patch * 0008-xen-factor-out-allocation-of-page-tables-into-separa.patch * 0009-xen-add-capability-to-load-initrd-outside-of-initial.patch * 0010-xen-modify-page-table-construction.patch * 0011-xen-add-capability-to-load-p2m-list-outside-of-kerne.patch- add support for netboot on arm64-efi platforms (bsc#998097) * grub2-arm64-mknetdir-add-suport-for-arm64-efi.patch- use $PRETTY_NAME instead of $NAME $VERSION for $GRUB_DISTRIBUTOR in openSUSE Tumbleweed (bsc#995549) * modified grub2-default-distributor.patch - grub2.spec: add http module to grub.efi (fate#320129)- binutils 2.27 creates empty modules without a symtab. Add patch grub2-accept-empty-module.patch to not reject them.- since version 1.7 cryptsetup defaults to SHA256 for LUKS - include gcry_sha256 in signed EFI image- Workaround default entry in snapshot menu (bsc#956046) * grub2-btrfs-08-workaround-snapshot-menu-default-entry.patch - grub2.spec: Add true command to grub.efi (bsc#993274)- grub.default: Empty GRUB_CMDLINE_LINUX_DEFAULT, the value will be fully taken from YaST settings. (bsc#989803)- Add patches from Roberto Sassu - Fix grub2-10_linux-avoid-multi-device-root-kernel-argument.patch, device path is not tested if GRUB_DISABLE_LINUX_UUID="true" - added grub2-fix-multi-device-root-kernel-argument.patch (bsc#960776) - grub2-zipl-setup: avoid multi-device root= kernel argument * added grub2-zipl-setup-fix-btrfs-multipledev.patch (bsc#960776) - Add SUSE_REMOVE_LINUX_ROOT_PARAM configuration option to /etc/default/grub, to remove root= and rootflags= from the kernel command line in /boot/grub2/grub.cfg and /boot/zipl/config - added grub2-suse-remove-linux-root-param.patch (bsc#962585)- Support HTTP Boot IPv4 and IPv6 (fate#320129) * 0001-misc-fix-invalid-character-recongition-in-strto-l.patch * 0002-net-read-bracketed-ipv6-addrs-and-port-numbers.patch * 0003-bootp-New-net_bootp6-command.patch * 0004-efinet-UEFI-IPv6-PXE-support.patch * 0005-grub.texi-Add-net_bootp6-doument.patch * 0006-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch * 0007-efinet-Setting-network-from-UEFI-device-path.patch * 0008-efinet-Setting-DNS-server-from-UEFI-protocol.patch - Fix heap corruption after dns lookup * 0001-dns-fix-buffer-overflow-for-data-addresses-in-recv_h.patch- fix filelist for s390x- Fix grub2-editenv error on encrypted lvm installation (bsc#981621) * modified grub2-btrfs-workaround-grub2-once.patch - Add missing closing bracket in 'grub2-snapper-plugin.sh'. - Fix snapshot booting on s390x (bsc#955115) * modified grub2-snapper-plugin.sh - Fallback to old subvol name scheme to support old snapshot config (bsc#953538) * added grub2-btrfs-07-subvol-fallback.patch- update grub2-once with patch from Björn Voigt - skip comments in /etc/sysconfig/bootloader (boo#963610)- Make sure all systemd unit files are passed to %service_ macros.- Add patch to free memory on exit in efi environments (bsc#980739) * grub2-efi-Free-malloc-regions-on-exit.patch- Remove xen-devel from BuildRequires required headers are included in grub-2.0.2- Add support for "t" hotkey to switch to text mode (bsc#976836) * added grub2-SUSE-Add-the-t-hotkey.patch - Add support for hidden menu entries (bsc#976836) * added grub2-Add-hidden-menu-entries.patch- Correct show user defined comments in menu for snapshots (bsc#956698) * modified grub2-snapper-plugin.sh- Fix GRUB_DISABLE_LINUX_UUID to be ignore and also fallback kernel device won't be used if fs uuid not detected (bsc#971867) * added 0001-10_linux-Fix-grouping-of-tests-for-GRUB_DEVICE.patch * added 0002-20_linux_xen-fix-test-for-GRUB_DEVICE.patch- new upstream version 2.02~beta3 * highlights of user visible changes not yet present in openSUSE package - arm-uboot now generates position independent self relocating image, so single binary should run on all supported systems - loader for Xen on aarch64. grub-mkconfig support was not in time for beta3 yet. - improved ZFS support (extensible_dataset, large_blocks, embedded_data, hole_birth features) - support for IPv6 Router Advertisements - support for persistent memory (we do not overwrite it and pass correct information to OS) - try to display more specific icons for os-prober generated menu entries - grub-install detects EFI bit size and selects correct platform (x86_64-efi or i386-efi) independent of OS bit size; needs kernel 4.0 or higher. - LVM RAID1 support - xnu loader fixes which should make OS X menu entry generated by os-prober work again - key modifiers (Ctrl-X etc) should work on EFI too - ... and lot of fixes over entire tree * rediff - rename-grub-info-file-to-grub2.patch - use-grub2-as-a-package-name.patch - grub2-GRUB_CMDLINE_LINUX_RECOVERY-for-recovery-mode.patch - grub2-fix-menu-in-xen-host-server.patch - grub2-efi-HP-workaround.patch - grub2-secureboot-chainloader.patch - grub2-s390x-02-kexec-module-added-to-emu.patch - grub2-s390x-04-grub2-install.patch - grub2-s390x-05-grub2-mkconfig.patch - grub2-efi-xen-chainload.patch - grub2-mkconfig-aarch64.patch - grub2-btrfs-04-grub2-install.patch - grub2-ppc64-cas-reboot-support.patch - 0002-Add-Virtual-LAN-support.patch * fix grub2-secureboot-add-linuxefi.patch - use grub_memset and grub_memcpy instead of memset and memcpy (caused errors due to compiler warning) * drop upstream patches - 0001-grub-core-kern-efi-efi.c-Ensure-that-the-result-star.patch - 0001-look-for-DejaVu-also-in-usr-share-fonts-truetype.patch - 0001-efidisk-move-device-path-helpers-in-core-for-efinet.patch - 0002-efinet-skip-virtual-IPv4-and-IPv6-devices-when-enume.patch - 0003-efinet-open-Simple-Network-Protocol-exclusively.patch - 0001-efinet-Check-for-immediate-completition.patch - 0001-efinet-enable-hardware-filters-when-opening-interfac.patch - grub2-xen-legacy-config-device-name.patch - grub2-getroot-support-NVMe-device-names.patch - grub2-netboot-hang.patch - grub2-btrfs-fix-incorrect-address-reference.patch - aarch64-reloc.patch - grub2-glibc-2.20.patch (related code dropped upstream) - grub2-Initialized-initrd_ctx-so-we-don-t-free-a-random-poi.patch - grub2-btrfs-fix-get_root-key-comparison-failures-due-to-en.patch - grub2-getroot-fix-get-btrfs-fs-prefix-big-endian.patch - grub2-ppc64-qemu.patch - grub2-xfs-Add-helper-for-inode-size.patch - grub2-xfs-Fix-termination-loop-for-directory-iteration.patch - grub2-xfs-Convert-inode-numbers-to-cpu-endianity-immediate.patch - grub2-xfs-V5-filesystem-format-support.patch - 0001-Add-bootargs-parser-for-open-firmware.patch - grub2-arm64-set-correct-length.patch - grub2-arm64-setjmp-Add-missing-license-macro.patch - grub2-arm64-efinet-handle-get_status-on-buggy-firmware-properly.patch - 0001-unix-password-Fix-file-descriptor-leak.patch - 0002-linux-getroot-fix-descriptor-leak.patch - 0003-util-grub-mount-fix-descriptor-leak.patch - 0004-linux-ofpath-fix-descriptor-leak.patch - 0005-grub-fstest-fix-descriptor-leak.patch - ppc64le.patch - libgcc-prereq.patch - libgcc.patch - 0001-Fix-security-issue-when-reading-username-and-passwor.patch - 0001-menu-fix-line-count-calculation-for-long-lines.patch - grub2-arm64-Reduce-timer-event-frequency-by-10.patch - 0001-unix-do-not-close-stdin-in-grub_passwd_get.patch - 0001-grub-core-kern-i386-tsc.c-calibrate_tsc-Ensure-that.patch - 0002-i386-tsc-Fix-unused-function-warning-on-xen.patch - 0003-acpi-do-not-skip-BIOS-scan-if-EBDA-length-is-zero.patch - 0004-tsc-Use-alternative-delay-sources-whenever-appropria.patch - 0005-i386-fix-TSC-calibration-using-PIT.patch - biendian.patch - ppc64_opt.patch * drop workarounds for gdb_grub and grub.chrp, they are now installed under fixed name * do not patch docs/Makefile.in, it is regenerated anyway- Make mkconfig search for zImage on arm * grub2-mkconfig-arm.patch- Add support to directly pass an EFI FDT table to a kernel on 32bit arm * 0001-arm64-Move-firmware-fdt-search-into-global-function.patch * 0002-arm-efi-Use-fdt-from-firmware-when-available.patch- Add config option to set efi xen loader command line option (bsc#957383) * added grub2-efi-xen-cmdline.patch- Drop ppc64le patches. Build stage1 as BE for Power Droped patches: - grub2-ppc64le-01-Add-Little-Endian-support-for-Power64-to-the-build.patch - grub2-ppc64le-02-Build-grub-as-O1-until-we-add-savegpr-and-restgpr-ro.patch - grub2-ppc64le-03-disable-creation-of-vsx-and-altivec-instructions.patch - grub2-ppc64le-04-powerpc64-LE-s-linker-knows-how-to-handle-the-undefi.patch - grub2-ppc64le-05-grub-install-can-now-recognize-and-install-a-LE-grub.patch - grub2-ppc64le-06-set-the-ABI-version-to-0x02-in-the-e_flag-of-the-PPC.patch - grub2-ppc64le-07-Add-IEEE1275_ADDR-helper.patch - grub2-ppc64le-08-Fix-some-more-warnings-when-casting.patch - grub2-ppc64le-09-Add-powerpc64-types.patch - grub2-ppc64le-10-powerpc64-is-not-necessarily-BigEndian-anymore.patch - grub2-ppc64le-11-Fix-warnings-when-building-powerpc-linux-loader-64bi.patch - grub2-ppc64le-12-GRUB_ELF_R_PPC_-processing-is-applicable-only-for-32.patch - grub2-ppc64le-13-Fix-powerpc-setjmp-longjmp-64bit-issues.patch - grub2-ppc64le-14-Add-powerpc64-ieee1275-trampoline.patch - grub2-ppc64le-15-Add-64bit-support-to-powerpc-startup-code.patch - grub2-ppc64le-16-Add-grub_dl_find_section_addr.patch - grub2-ppc64le-17-Add-ppc64-relocations.patch - grub2-ppc64le-18-ppc64-doesn-t-need-libgcc-routines.patch - grub2-ppc64le-19-Use-FUNC_START-FUNC_END-for-powerpc-function-definit.patch - grub2-ppc64le-20-.TOC.-symbol-is-special-in-ppc64le-.-It-maps-to-the-.patch - grub2-ppc64le-21-the-.toc-section-in-powerpc64le-modules-are-sometime.patch - grub2-ppc64le-22-all-parameter-to-firmware-calls-should-to-be-BigEndi.patch - grub2-ppc64le-fix-64bit-trampoline-in-dyn-linker.patch - grub2-ppc64le-timeout.patch - grub2-ppc64-build-ppc64-32bit.patch - Added patches: - biendian.patch - grub2-ppc64-cas-reboot-support.patch - libgcc-prereq.patch - libgcc.patch - ppc64_opt.patch - ppc64le.patch- Backport upstream patches for HyperV gen2 TSC timer calbration without RTC (bsc#904647) * added 0001-grub-core-kern-i386-tsc.c-calibrate_tsc-Ensure-that.patch * added 0002-i386-tsc-Fix-unused-function-warning-on-xen.patch * added 0003-acpi-do-not-skip-BIOS-scan-if-EBDA-length-is-zero.patch * added 0004-tsc-Use-alternative-delay-sources-whenever-appropria.patch * added 0005-i386-fix-TSC-calibration-using-PIT.patch- Add 0001-menu-fix-line-count-calculation-for-long-lines.patch (bsc#943585)- grub2-xen-pv-firmware.cfg: fix hd boot (boo#926795)- Add 0001-Fix-security-issue-when-reading-username-and-passwor.patch Fix for CVE-2015-8370 [boo#956631]- Update grub2-efi-xen-chainload.patch - fix copying of Linux kernel and initrd to ESP (boo#958193)- Rename grub2-xen.cfg to grub2-xen-pv-firmware.cfg (boo#926795)- grub2-xen.cfg: to handle grub1 menu.lst in PV guest (boo#926795)- Expand list of grub.cfg search path in PV Xen guest for systems installed to btrfs snapshot. (bsc#946148) (bsc#952539) * modified grub2-xen.cfg - drop grub2-fix-Grub2-with-SUSE-Xen-package-install.patch (bsc#774666)- Add 0001-unix-do-not-close-stdin-in-grub_passwd_get.patch Fix reading password by grub2-mkpasswd-pbdk2 without controlling tty, e.g. when called from Xfce menu (boo#954519)- Modify grub2-linguas.sh-no-rsync.patch to re-enable en@quot catalog (boo#953022). Other autogenerated catalogs still fail to build due to missing C.UTF-8 locale.- Allow to execute menuentry unrestricted as default (fate#318574) * added grub2-menu-unrestricted.patch- Add missing quoting for linuxefi (bsc#951962) * modified grub2-secureboot-use-linuxefi-on-uefi.patch * refreshed grub2-secureboot-provide-linuxefi-config.patch- Include custom.cfg into the files scanned by grub2-once. Allows to chose manually added entries as well (FATE#319632).- Upstream patches for fixing file descriptor leakage (bsc#943784) * added 0001-unix-password-Fix-file-descriptor-leak.patch * added 0002-linux-getroot-fix-descriptor-leak.patch * added 0003-util-grub-mount-fix-descriptor-leak.patch * added 0004-linux-ofpath-fix-descriptor-leak.patch * added 0005-grub-fstest-fix-descriptor-leak.patch- Do not force ro option in linuxefi patch (bsc#948555) * modified grub2-secureboot-use-linuxefi-on-uefi.patch * refrehed grub2-secureboot-provide-linuxefi-config.patch- add 0001-efinet-Check-for-immediate-completition.patch, 0001-efinet-enable-hardware-filters-when-opening-interfac.patch, grub2-arm64-efinet-handle-get_status-on-buggy-firmware-properly.patch (bsc#947203)- Set default GRUB_DISTRIBUTOR from /etc/os-release if it is empty or not set by user (bsc#942519) * added grub2-default-distributor.patch * modified grub.default- add systemd-sleep-plugin subpackage (bsc#941758) - evaluate the menu entry's title string by printf * modified grub2-once * added grub2-systemd-sleep.sh- fix for 'rollback' hint (bsc#901487) * modified grub2-btrfs-05-grub2-mkconfig.patch:- Replace 12.1 with 12 SP1 for the list of snapshots (bsc#934252) * modified grub2-snapper-plugin.sh- Fix btrfs subvol detection on BigEndian systems (bsc#933541) * modified grub2-btrfs-06-subvol-mount.patch - Fix grub2-mkrelpath outputs wrong path on BigEndian system * added grub2-getroot-fix-get-btrfs-fs-prefix-big-endian.patch- If we have a post entry and the description field is empty, we should use the "Pre" number and add that description to the post entry. (fate#317972) - Show user defined comments in grub2 menu for snapshots (fate#318101) * modified grub2-snapper-plugin.sh- add 0001-grub-core-kern-efi-efi.c-Ensure-that-the-result-star.patch make sure firmware path starts with '/' (boo#902982)- Fix btrfs patch on BigEndian systems (bsc#933541) * modified grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch * modified grub2-btrfs-06-subvol-mount.patch- Fix license for setjmp module * added grub2-arm64-setjmp-Add-missing-license-macro.patch- Fix install into snapper controlled btrfs subvolume and can't load grub modules from separate subvolume (fate#318392) * added grub2-btrfs-06-subvol-mount.patch * grub2-snapper-plugin.sh: use absolute subvol name- also Recommends mtools for grub2-mkrescue (used to create EFI boot image) in addition to libburnia-tools.- Support booting opensuse installer as PV DomU (boo#926795) * added grub2-xen.cfg for tracking default pvgrub2 xen configs rather than generating it from spec file * grub2-xen.cfg: from Olaf Hering - replace grub2-efinet-reopen-SNP-protocol-for-exclusive-use-by-grub.patch with upstream version: * 0001-efidisk-move-device-path-helpers-in-core-for-efinet.patch * 0002-efinet-skip-virtual-IPv4-and-IPv6-devices-when-enume.patch * 0003-efinet-open-Simple-Network-Protocol-exclusively.patch Fixes EFI network boot in some QEMU configurations.- fix grub2-mkconfig-aarch64.patch: fix arch detection broken by malformed patch rediffing- Cleanup patch not applied * remove grub2-enable-theme-for-terminal-window.patch * grub2.rpmlintrc: remove addFilter("patch-not-applied")- Merge changes from SLE12 - Do not pass root= when root is on nfs (bnc#894374) * modified grub2-pass-corret-root-for-nfsroot.patch * modified grub2-secureboot-provide-linuxefi-config.patch * modified grub2-secureboot-use-linuxefi-on-uefi.patch - Fix xen pvops kernel not appear on menu (bnc#895286) * modified grub2-fix-menu-in-xen-host-server.patch - Workaround grub2-once (bnc#892358) * added grub2-btrfs-workaround-grub2-once.patch * added grub2-once.service * modified grub2-once - Fix busy-loop and hang while network booting (bnc#870613) * added grub2-netboot-hang.patch - Add warning in grubenv file about editing it directly (bnc#887008) * added grub2-editenv-add-warning-message.patch - Fix broken graphics with efifb on QEMU/KVM and nomodeset (bnc#884558) * added grub2-efi-disable-video-cirrus-and-bochus.patch - Disable video support on Power (bnc#877142) * added grub2-ppc64le-disable-video.patch - Track occupied memory so it can be released on exit (bnc#885026) * added grub2-ppc64le-memory-map.patch - Fix grub.xen config searching path on boot partition (bnc#884828) - Add linux16 and initrd16 to grub.xen (bnc#884830) * added grub2-xen-linux16.patch - VLAN tag support (fate#315753) * added 0001-Add-bootargs-parser-for-open-firmware.patch * added 0002-Add-Virtual-LAN-support.patch - Use chainloader to boot xen.efi under UEFI (bnc#871857) * added grub2-efi-xen-chainload.patch - Use device part of chainloader target, if present (bnc#871857) * added grub2-efi-chainloader-root.patch - Create only hypervisor pointed by /boot/xen.gz symlink (bnc#877040) * modified grub2-fix-Grub2-with-SUSE-Xen-package-install.patch - Fix xen and native entries differ in grub.cfg (bnc#872014) * modified grub2-linux.patch - Fix install error on ddf md device (bnc#872360) * added grub2-getroot-treat-mdadm-ddf-as-simple-device.patch - Fix booting from NVMe device (bnc#873132) * added grub2-getroot-support-NVMe-device-names.patch - Document peculiarities of s390 terminals * added README.ibm3215 - Grub2 for System z (fate#314213) * added grub2-s390x-02-kexec-module-added-to-emu.patch * added grub2-s390x-03-output-7-bit-ascii.patch * added grub2-s390x-04-grub2-install.patch * added grub2-s390x-05-grub2-mkconfig.patch- grub2-arm64-set-correct-length.patch: arm64: set correct length of device path end entry- grub2-efi-HP-workaround.patch: * try to read config from all-uppercase prefix as last resort. (bnc#872503) (boo#902982)- add luks, gcry_rijndael, gcry_sha1 to signed EFI image to support LUKS partition in default setup (boo#917427)- enable i386-xen (boo#891043)- Downgrade os-prober dependency to Recommends (boo#898610)- grub2-snapper-plugin.sh: cleanup grub-snapshot.cfg not referring to any snapshot (boo#909359)- Require efibootmgr also on i586- Require efibootmgr also on aarch64- grub2-snapper-plugin.sh: fix use of printf without format string; fix quoting- grub2-arm64-Reduce-timer-event-frequency-by-10.patch: fix periodic timer on arm64- enable 32bit arm targets for uboot and efi- Replace 'echo -e' command in grub2-snapper-plugin.sh script to 'printf' command. '-e' option of 'echo' command may be unsupported in some POSIX-complete shells.- fix bashism in post script- grub2.spec: Fix conditional construct which wasn't supported by older versions of rpmbuild (caused error message "parseExpressionBoolean returns -1".)- fix errors when boot is btrfs with Windows partition scheme. The first partition is created on cylinder boundary that can't offer enough room for core.img and also the installation has to be in logical paritition which made MBR the only location to install. (bnc#841247) * add grub2-setup-try-fs-embed-if-mbr-gap-too-small.patch/bin/shgrub2-efi  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&2.12-150600.8.34.12.12-150600.8.34.12.12-150600.8.34.1efiDEPRECATEDgrub.efiefix86_64grub.dergrub.efix86_64-efiacpi.modadler32.modaffs.modafs.modafsplitter.modahci.modall_video.modaout.modappended_signature_test.modappendedsig.modappleldr.modarchelp.modasn1.modat_keyboard.modata.modbacktrace.modbfs.modbitmap.modbitmap_scale.modbli.modblocklist.modboot.modbsd.modbswap_test.modbtrfs.modbufio.modcat.modcbfs.modcbls.modcbmemc.modcbtable.modcbtime.modchain.modcmdline.modcmdline_cat_test.modcmp.modcmp_test.modcommand.lstconfigfile.modcpio.modcpio_be.modcpuid.modcrc64.modcrypto.lstcrypto.modcryptodisk.modcrypttab.modcs5536.modctz_test.moddate.moddatehook.moddatetime.moddisk.moddiskfilter.moddiv.moddiv_test.moddm_nv.modecho.modefi_gop.modefi_uga.modefifwsetup.modefinet.modefitextmode.modehci.modelf.modeval.modexfat.modexfctest.modext2.modextcmd.modf2fs.modfat.modfdt.lstfile.modfixvideo.modfont.modfs.lstfshelp.modfunctional_test.modgcry_arcfour.modgcry_blowfish.modgcry_camellia.modgcry_cast5.modgcry_crc.modgcry_des.modgcry_dsa.modgcry_idea.modgcry_md4.modgcry_md5.modgcry_rfc2268.modgcry_rijndael.modgcry_rmd160.modgcry_rsa.modgcry_seed.modgcry_serpent.modgcry_sha1.modgcry_sha256.modgcry_sha512.modgcry_tiger.modgcry_twofish.modgcry_whirlpool.modgeli.modgettext.modgfxmenu.modgfxterm.modgfxterm_background.modgfxterm_menu.modgptsync.modgrub-tpm.efigrub.efigzio.modhalt.modhashsum.modhdparm.modhello.modhelp.modhexdump.modhfs.modhfsplus.modhfspluscomp.modhttp.modiorw.modiso9660.modjfs.modjpeg.modjson.modkernel.execkernel.imgkeylayouts.modkeystatus.modldm.modlegacy_password_test.modlegacycfg.modlinux.modlinux16.modlinuxefi.modloadbios.modloadenv.modloopback.modls.modlsacpi.modlsefi.modlsefimmap.modlsefisystab.modlsmmap.modlspci.modlssal.modluks.modluks2.modlvm.modlzopio.modmacbless.modmacho.modmdraid09.modmdraid09_be.modmdraid1x.modmemdisk.modmemrw.modminicmd.modminix.modminix2.modminix2_be.modminix3.modminix3_be.modminix_be.modmmap.modmoddep.lstmodinfo.shmorse.modmpi.modmsdospart.modmul_test.modmultiboot.modmultiboot2.modnativedisk.modnet.modnewc.modnilfs2.modnormal.modntfs.modntfscomp.mododc.modoffsetio.modohci.modpart_acorn.modpart_amiga.modpart_apple.modpart_bsd.modpart_dfly.modpart_dvh.modpart_gpt.modpart_msdos.modpart_plan.modpart_sun.modpart_sunpc.modpartmap.lstparttool.lstparttool.modpassword.modpassword_pbkdf2.modpata.modpbkdf2.modpbkdf2_test.modpcidump.modpgp.modpkcs1_v15.modplainmount.modplay.modpng.modpriority_queue.modprobe.modprocfs.modprogress.modraid5rec.modraid6rec.modrandom.modrdmsr.modread.modreboot.modregexp.modreiserfs.modrelocator.modromfs.modscsi.modsearch.modsearch_fs_file.modsearch_fs_uuid.modsearch_label.modserial.modsetjmp.modsetjmp_test.modsetpci.modsfs.modshift_test.modsignature_test.modsleep.modsleep_test.modsmbios.modspkmodem.modsquash4.modstrtoull_test.modsyslinuxcfg.modtar.modterminal.lstterminal.modterminfo.modtest.modtest_asn1.modtest_blockarg.modtestload.modtestspeed.modtftp.modtga.modtime.modtpm.modtpm2.modtr.modtrig.modtrue.modudf.modufs1.modufs1_be.modufs2.moduhci.modusb.modusb_keyboard.modusbms.modusbserial_common.modusbserial_ftdi.modusbserial_pl2303.modusbserial_usbdebug.modusbtest.modvideo.lstvideo.modvideo_colors.modvideo_fb.modvideoinfo.modvideotest.modvideotest_checksum.modwrmsr.modxfs.modxnu.modxnu_uuid.modxnu_uuid_test.modxzio.modzstd.mod/usr/lib64//usr/lib64/efi//usr/share//usr/share/efi//usr/share/efi/x86_64//usr/share/grub2//usr/share/grub2/x86_64-efi/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:39730/SUSE_SLE-15-SP6_Update/7f0f9772fdece6572f500c443f20e4ef-grub2.SUSE_SLE-15-SP6_Updatedrpmxz5x86_64-suse-linuxdirectoryASCII textELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not strippedELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), strippedemptyELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), with debug_info, not strippedPOSIX shell script, ASCII text executable, with very long lines if test -f /run/update-bootloader/reinit; then rm -f /run/update-bootloader/{reinit,refresh} /sbin/update-bootloader --reinit || : elif test -f /run/update-bootloader/refresh; then rm -f /run/update-bootloader/refresh /sbin/update-bootloader --refresh || : fi/bin/shutf-8cd5e17e701738592e3c7e1c2a797218b428f4eafa64f425fc6f8dc1ad2d8921d?7zXZ !t/]"k%C !Aabg 2-kc$qt1XsD Dm.<5ϣaݺՐP0k_6Vʿ8qܓ#" CXËr$)VVe#(Sm+ #3 xlApeQ-:ao|'"j/P˿xG]w BZ tNM`/HiZE3In_P &_jC,w*H%<ɡa4}p*RjafCZg?%6Uk5/ӓ ; lҟvQHgT4?]bzjҔqZd̛^(`:6R(G)~9z#ou7RXAf\dq"I=Q@HL8x.* eFUm]l? JnZ2"GkDAZR!{Ҏ̴O ׫@ Ek7(9d ښ. M!1/Q1q`}83R CJsͬI.彆|B|(pVwec;|4S(dMؑBki܈e_'5%f@A d6 ѶZzt8 phy]S)-|6G4Sx) *X d#%ѐ?>Qi{/aБ-`i5FtI22Q `/3w?# : ?]}q{U3ċZ/˻УJ(|Y:s[g ԁk"‘Kak-eaVXKuf:8SD/|deZzg|'9ŀf-atyDx s;a& }=?ZNȥ|SƝ zڜ_ }cuE M%fh)\-r_rggaZG|JGb׶Z(>A Is ƑV(c2/'mUK]6=J0`$vRv# C>a%y}TșGsDƬ5F<Lg\O%W[@]Oooژ\YZMYCbJJ{8 h\8/"Rƺw:c"/40=~Yp@6`$k3V1үIVm/c ㉑%jVAi 1T&Kh!Z6`Rp& ѕ^Q5ǎ[Fs$_zjI 4*I\}3\YU~jE]NPFV] hqwv> !'t\k @9`#" :pQ='>L:)2',*-çQW\cȦj2E春-ߐB?X4 HX*ƈ Dkajӻ}&G̞ ۡRpuL3@ڼ$rΑpS5SH;X Xpt "I]+{SRPW0 ;MeF1㐽_޴A-v O|aӬLtѼӌ[nᡧ2_BkQ;I9g?"?LQ _@gwi 1Q+zgl%'ܣR^<ԇ.uu9ε8\'Nq۪@=Eb3}^["k >bQ!4?m {5^AC"O.)?ɔUHyҌ9l3q.[i7[Fk}"q6(e =FkUcBogZ+m\{#'H6N2Ƴ<8ۥv ڻA9MhUwhHWbEϛ ocV YXm6jUOАO^]ɸ0ZMuvN,4-qNKvBKYdf&{¼.u+ס*x•u5zX>5<~xSqWHt!7Q׎I.F@af'P_ \i7HF9'Ni_5vqmqa"0p J 08V I;J6s@[?vB7 HDG~SҒ5UT=dLSyᦨbCWƕz~|GΏ<:X\U>' o>LkZ]jQ^=*W3ݸ?c69Qt hIW'FVt8YB+hÞnꢢfQB;Of?W#'īyҟ\lᏓ 8.x?9~S}ۉ:xXP_X8׽tsFHٝ]t5;+ tYQAn /uI\ @}`g@I)_c #ixX^7TkoJD:X%h64TN;$=3 *Iu'GFf=b>lN?sopPBPxP+ӪjνvʵG6O-R;vzJĹq0ZtrXĄ-W1U|mDeR98hR.!t|wXÏ`]Lz#C&t J^ H:t^^T5z~>_+?(*Uy}B-l({YW@,IN˼^YĄ|Ut^*;%7tKMO/mi^ ڈja(bsmHQ g&as_H0ֿ7{G{KXs3R4Z8iBoI:w~UCͦ:/o*.+r:: mލF@ͨK`6CYJCܫS^ G.3w+ FJKέ9/Mh qhfoo=7q*v{kLZ4uQҧEyͨw^\n8[S/3Kz1|a e@j5Xapt9:)]TkXn1pfN,ݍ0pew͔a7d0\-a J{rM)P :r/@w}}rŠ$wi1kFk LE G/܏GU0Oː΃urfX4 &XO1EZ㻇_KPzW%ywoRL"O?u+O+QHᡥެ'*O3T}|Va&a 1=81ǴswDr _evCWBr/3Oն8M:#Q?ip%b̈j׻ݿ)Ӓk:61(HP7TS^'Pw52"LfVZA0,}~u|J!`Lvlw*^7/A: A|hmVv6D闈%}7H*N#ec V+m-G2 x4' qU:!Nrͤ 4[  fPBy{^16bkޗufT_XO$)yLw_^IA2s|RPdcG.ֹ%ʷݾojU_Š5o5l$ _ČR`gpTR\Y^^$F~Ѻnj,iȝ j9ͩ^V븙Sh8 Y_C"b4A{: Euc¦Nʼn{E!*bykiv&Mc]Vw/X>^q`Xޖ־w0fǙ>sڼ!εLP3o-(A=oHH68 JM3lE"3ʺD:4kv7d5i,lp6<.Dң{ kM)8.4G dQ'6aHi1@&q@4iDQ8A TR#H9d"q5 O~HQ'tCt-ƙm Q'`鍅ͺtXSq.ȪēչEpK|kHOV5X#}5 |$?|H F5{s8 [WH' $-8:FFAҮ;#ncS\J$ϭ΅~qSdLﻇ (80/T;{&oעލާ;K^>:C=u[ 3z|>9G=KΊ qY_sZg<nV*C|&#IB۲C2f#id, ƛtSƖ1q t =%3 K% s- :j@jp{n[iFIxE8Vd!Pw2M֑kSΏ(lNG߯n6=cG1{G܌MIi”L>뭕@C0yȡlN zBDL;4SH:1KI?h C=p9O/ɿ-Y:w=DUi^+2hjMQ/( 1IfZ:di c7ڂ)t݅<Ԡ&לGo!_*/ݕozkJt7;?2L{::c\YAw6C!QȲcQAC!edi4*ߛ}eO# (߽Q:bAA/Z9~[6)_ h\68\ h:~,)6pz; -w` 02C| H%QpD\f]a1aaطs)#GyMKX }l LP ڲ;mjɳd5*L>:Aɿ-OY#v.R}D:[[EA^]ؔ2ZPQ-JM{?}"| ޺s~rVqP[ !wGžub=C믫 GncVN' ףHج(hv +8DB, m]OlWlZ< J G8Eaݶkt(/9 [NyoI F fk;,zBD#~P5z+ưAkLʶ} I+OQċ~t J >n;%b$]K fH C݂p.d8\L$>wP_'~(&@h1 5&VBVuECon_xRQ&EN'I=4a}D_ʺ6[2; "/`ߗ,>T@4c~LY-I&x!5G#S`$ p?+ Pr1gD|;xlV^?ގ9D-l ;;?R\uVc!Qz uiͮo`s.1~$EEt1h츱 qr}O7|E{z$~vЅ+|ZPkIýxdh|? IChq(W`9P Z8ԔȜz3^2\l;YnqpP[!%׽柲BUJuB/Z{"[OA"|J*?9X5N \kSs8v {4Ov{U pO|{An54#c^ѹ3vD\A˾by#>՞)܎2m,tڵ(6Aܩ] )_7PbM=ie'}a Jײ|5f\3i5D` ʁW51MvmuFm g$%5 WS@L;7DJu'H.,:B.qU;9j'E(XQœt^[˘N$cj#+=Ub )4QES'J'!c=j9 (D/:w!WN"} ʍR,l(}DxIKxP\R{zlh.` i}&.k$`OϬCH#_B4Ve iA$Sq6E KVϑ0]@ 9}ivO#=llD5(㟩w 'i^ᨧ|\<:;&ZƑOߦX8֭F! Re_ٞ^0%ڄ7|@.Ѕ);g?EmD@OѴqLZ K`Pd82 ^[\5'$ R۞ (cP?no)t,/IZlA6R\6FЄ4n?7(619kU25Um8Bq@t( sfxp+Bs?4Bkuнa<>3H($I)Q/dgE3`6!MOg9H4gdgX-T{ℷ{}Ld>6Ą:j {zOZ9w.*7~JcF Xʘ.x24%~z5v\.+C<]JX } +g %znSb8&X?u0-Z৸GƝ6:7?S0(}©""DK9 Éwa 7w)d6)!,Jp34p7\j?Vn9"ou"L 9LwAQ4\.I6n_x~2)eݕ -'e"Ȣޱ-5|z Bpr>^/Jk&޺й-Uk,\9:.i8^"ʂѤ7OMd#N^7TrΓk2WD|O sj>ĤDEċ]Ԇt#EHwi a2txMZ;;r8.^C5waЕ~ϢOC`3H:|qo5L`֫ir:4(rn?@Q^ǢsvI/e)X3b* Wn/Oc`NLg nt4@T~^H(L&%ˬ 7V^a7S. ^0ߔ3#(m l \D>a{ڦm{7 ymy"!7ʮ$?eo?`xB>R27Bsfo\g3>/2sp۔/a{( qz?p@y=FP]R=`ٰ;O|Gwu{[ptI` ^-*$T|T9l;tKݑ0>B4yJd,9Е"۹fs0ՎS3[ӿG`Toщyol!7tCk@0vwl&VK@ [4.vU`\縝LլlL5; 8w6׭ oũ(t)b@&g"'Ht:x;^9$\lDg՘Ad)(5{&A Yueƍ]1K.K+7ꋽ60F 2.Y(w0.S`v<}Y҉ǘ `7B_^dKeYSS$DŽ{a@e!G#ny([ݟ2e"ho;Q]hyQ*Q{1;Nϣ9p/6SP%2Ӝ`D} kmVyȧ~cR {lq,RJ4MTeiۢ/;hFKc*惥C_A!헴p-bn 5`3;G+z^вS@bC^ޞȐ.MWs.{*nr@s"|z_0o צ:{$vMljL p+Q+"7uGwVĿtER7PyN؂2X6S+Ά3 u"<_/$h Evc՝`_z?ROkC#JZnGBlU}Q}zlNb Ts]-_÷v[3Hqui9\|a8PQ+YE(?IW^~5:&dwSY]{#:Kl:k̴C$*.Uk-y e*r>v|5~sau8 WZ ñE6,le>I~jrZdԨ+.>ʤР8$-za0:ds-wIQ_:7!G P8(4-?#ctZ:5qIkvDV2H˿ 񝉂93]8; WjHPt%/;$Y1H, @Lk8¾E'Y5ƖV&dB ,nUёv}/Z+;x 7ZYO4}CgSXz_O9nt6qh;#$ ̰Nlݼ7Ӫrbc@\BwxQj^[ŋIؠȝAS&B8悸F",iFۍ3]:B,5yf>=f4NF] %[UmbMػ$*2㮻ߌ<+M0Ie>|S [wQΧYɦx]˦U P dMvLb̴A镘H\uϞdbۦ4A;4r7 q$z4_46T2Ƽ컕8e +S*I-L& 'ם>Bsm{,hpxj 9FA}L)ۇ*~ӛMa44RGhyxiE.߫Wx$+'DU!nkɉfibNѺz_PڨkqnȼILPR{h 8to#}z*tRS:JG|[%Ҝ k'8x*G/kG'qW26>4'm, S,~ OsO"1jl0Pt8"z ` #r+0Fy"]S fyc/zލ)ЖyEL2 X(BFybBrx׷>$)1NaifgcK^8;LtFS^t(6Ïr̕t1 /lxZ@bUFUIdXJQ;Fr?m\M*vp.9f[?~[wASl=655P:GmD!\(Qo^' naBй] Q;˂se^7:%=l\x`yERjrJ|)hHU4gGq}C0Yw;sA+"n#gxwb+ ϩ٢{]ti߇Lmv[VQE cٟ aAa{9k@wl}J%^W1nPwH`y)~f5M6g[{%g6KinI 5gws(D]!uDl۹5's/O6@?EU$X_5^1!;`aEb!ʎ~.yK x^3;}\$Kܐӧjek`DEm2*]ahB櫍2JsVSVb3`gaGRn"@l;qNwDwB<Iִh$7Pƍ/rl\$1beH]Ȼ5̌Ǧgj0T"-`uU#n*PDW5|= {2.j%)&G~Xgɿ̤gH2!oV+C~iܗq"iz\d^D=Ã2CQ] D%3wlpVQu!^)n~Y椻O@IY؆ |50Lo_Ɲ+ݧ{7ڙUyb.BkH6< |C̙L4 ՑD2z/䙏 khDŽWŊx$$ﵻF@yow HvG b<0 Q{IV<>preZw/B8_G!X,m2HwTLz '|@0Iq|3< = A\ |ty;gSVou3N5J"UjWvw{%@yGˍH%`-tɴ'ɑ^S#M Fa@QU |Zdid _-2 =>Kesipe oWuz`-z6k_;a3jTzgVtDȨv%&@Y-0~a\oi@U_;'*ApV=~ڞ!XmjKO\ڲN؆]bLڲƬ돇ـ÷i[Z.oCXRo,J6&v}cΥ 'i嘝x"+e-'`v1v89z\vw'tܢ3'&C€mnA>| zT B'*9r0{FE!j.v`4ew>M(O2eƕoWoXu'T,?  Brv7_Dm ]9@Fǿ#Lj@?f22QSY/}*кl-аyUkE'ug?X%I?bSJwZtrV(J[d;f7+Ki !qI}\FD&2")bn~ СJ(W+ź ;"-0I r&toLjg']AtM 7U[W9T"'lIqm{ `nF/ZY*גGL۔U' ied,JAƑ<5\F· t ziUwtucj2T^aJsoӮ y[j-sʨQ\2l]@~{ ErAB/%ݭx,~E?`;MBUA) AL7>W klzE]^w r5z PG9 nt1KT*ٞYy%FeP?jMʎDr-r:|3y!pfz1^ C[ha(߿ dʳ ֗V)=-s=wfn[9xR:!bZ젬K7Ҡ댐gT ֭?7v^|pMbG,wS/sB&nڭӉ@Zέ.C3q`}ip!:U`_РI|2# me*e0Xoa@Oxa s.6uO`΀ _ 'w;¥'ߩvWW'`8rZZ^KL omm>_/-^xgbV61`PmAqe XӛUs L||/OZ^nULZTEEHX!oįsf*!Ұ Fxid{$d:@E=G#b w@c 㖸e7ҾFL'_V,3Ez{ {<H3rrFIs^һTpоL a=T$KlDv1}PWJoxonzso\G)P`} -M3% - kϵK6 $ڸomOa1?wk*f:'V@| 1[oKzL*qʙQ^Z~{@hS ߔmSU)?0 5 đ7=֪8:y]`-]qgzyJy8[o?;ulɀ>Z`ȺQGuZ=hJPx"C/O7e,O8@gv{o({t~?"˳RD밒B/x82 ZGxA.m!gӊ*ؕ(QjZϕY Z NC+&7Y(c4ؑN+ 2ی^ZHTi.Pq]P\4S%w#r$*b-|"9`iS.N'BB͈>3hDz ThɐUKj!sye^W$E'HKb# <8kЌ=܅&jt,ԛ阉S˞ &>eP U[iTwGJc@Hy^z\j;JG_:$}[yc`l-<Η=|Uo]z{-1@FELӯ\լ Ae |Ư*_"O;{ l\76IVjٷx>?f@ͭW]j` #9jCk)jSS #U:=A[6Pʚi\3%U\b=_e74+j(z5t0ԅЇO (VH VB> .*a|&~5 !̷nL|VIQ"O|X\H<1ZQ/ a1]D=V#O~S PԸ1t?[>R_wތA!(Wv#'F_1ɞ y(x36v(Y70/+aL}DG33٬\jZ@wYC enrԎ\Y5jN'olSRpp9Lwc&%B P}äcfdFo&|JI[Ӻ|7bY":n6Ã?b M$ *gCˆ*t3/Itʚ߄v#<xaIy&D>FUt讖+XSV|=j*= &(,S Rs 1hbݵs<>%H=E_}H2mR/næ%·UDE=j*reMHvjʹFqV@FhziJm e=0 C;6-/3n:wkO\Z]Q#!N)(suxnN\U= >ieO:'$9AJ?||*YMPRVm,Cڤ}rx`0.%ѸVh' b͝1"W>BFKx{{=[ÕH_IϹŕ:Tf-b7IluqEɀ܅*eЈi2Uj)`Mؠ_*08힠cjSMiMXvX$)x 1[678DT&€-`aՠ䥦#;f l)jr0(B ":" L`\lIJ@.Pދ| Hhn&bZTd @4v٦s;W9rBR 0iOfu抮ED3}6ߗgǂ MJ3oP؈a}m'7e[jfSc]FD)Zkm6,(H1Be ,ޚRH4.S*SB^.:ղ 8c88qޣmȿG Uolkl~M |\^4c+ú С:"fLD^\iIN&$"Z1*iFjccZ8kEѐSڗ]+\LKD; 'ъjEڝ1 d- sfd^؏,v$a^&dX6Nrx2D5ۏ؛u~Xl (Ful7{XJ9wä$F'򍷒0]-;cMb1O /:Ȣ&rӋu{M1\u, ٨(CDAuQh'b n!ZMim}CPB>~4֧~&"O8BMc $)/i/BFr+\ .vWX b^XhlbG.<#Z}{[߅Vw?#)@Yd]S,vtnS/_K @ț.&ZM˱r58' `~PÍJ+慂!lD5m0}.X0RzTTJ;m%e*RPK2v_,j_AWoVyJ7p.-jz9ڄ`6bE>E>!DQÒufHTV?ZT>& QAwS!k}@HunGok#kg77ghcrZ؈ WNOUAvs칰 Xk,6%go>v`F;t_jQ!y{j>,R9}jXU# 7Ǧ>V3XݕnM7Q؞fmybߧC@LFB²"``I7qI5A(g层N?f%AxCwZ=*$6>-˺1]}Ͷjۙ Kyu;nuJ{y2թi.m[3ܷQamy}/P vY{0>YS9կUկ6#]tKXQGBa?Ӆtyq71 [ufbN_;Қϻ]/yԨw`UehZꄄ&+..tzI1v'!be,Z+t/Xi 8ȖSpLJ@#_H*qbq'Oq <{ޔҚFXp'?jbC!sH>{8.D3a2V4 gCZMﵗ6-,1AmT7 X40º˰8NU@>"o@e鏮Åa]J.$]Hr)Ce-qت̱; u?WUy?܄z*Q (6a)^wA3^)7kǤ`ܼ'DLbxy3"]j>%%Zj=GTSsau3d\F /`BG7J2ii_V&ַUpJK}{3(/эP Jxa;O*5攊 EJcylk'D6xƊyLq{nnct}S](=S!_NK c9FSiJQV{k敬aHŰ=Ƅ6cnʚ#yMTkzdh2VXsnu@_@gV Z.gr{?0 .쮮oWs(Ɍ7֗TmQ ey=~{݆V'Nu0LKD g vdڧ<=vI!snCp ɾ6C#M%@.^b>䰔wbW*꼕zv9Qs(k^y<BA]98O""᠇ڞ f\8ͶElNPm,A=-66fKus`{tA[4+Q(_K]&Ms3w%Oݟ 2ۢIUmiQ/Si1;r%8:L؅P +E6Y՟ltM5HXkb ک,jD?!MUsn/GHZ.UlDY?xO YX{Vߜx߇kT"sޞN] ,HBKY]yf,GKҫ=tgu;XrQ{kj5%f^u}Fk7~KJ;TػO:W݆sUo>Rz>pW8$SN}) ƒ]^XSi?^AE$ŇL7|la)EhqX;Hħ(2ei[඄GR\N ̴5bKZEgB5H]!K^bsY-x%SU)^KdӕQ.*hyٚkdִ$Vxe޴x7?\C@W ᢭ܗLf64-Ko@<`B:ޫN =-<"fq0'M ]ԐGp"lTt2[#\q%+]OăJؖ|4}k CZ-T/ {lx,9{QZ ,Zc@K]Rii Uw;n|_?~KPT#U)E_HR?d@oCTSMb>90(W7Cb%ɋ=|[`/F=LsTh:hPMW¢߹,cYiN\Qd@/w` ڽ {Xn^l } }٨nP}Y& qid+ #J$GB?v3ُE6Øxrr 6 $ckȫCqLZ#C֒Ϟx*5DkUN{;VOrTo g˦MܻF ~zF5z>fKg9b! +y$+\Q!="%Y6*\jE@ $} _un#=Qdk뱘9<ńҀ?𪶕q]PeD1)'8ټu3|70('BG9(_E6#Hh_Fpi X,p: ‹w=\j؛sf&j`JKmӸ-щ?t5x#/>TKh9h~ C3]!w.p+xfY.zl>r.8WO}:Z"zPXJO&<^bV[3`]Kq$πDR.bU4_=qbO0J:7XT ,MceR. R{ p.,N'Y/xc uoŕ6 DW#Y&TIdSJG{Fkd W%݄Eʫuj?$gtNf_] BA!1( H;Qwm75;X "ߠߪ҃aW_͈͡*dodxv"K'}2XjU +aRuaq.#V 0Z&#j0ůV g>ŹVs;hL) ŏdusnʹ0&}UdܗLoK\#8CR}.ױ E? t:&h/G$k4I8mrEٺ-ӪfNPx;7Cϯ>vTP+Qo$fY7*AQ ɶN!3܆vO>k m* ͭBYݻTw%pZ)~ܕ 9[A^-P3p*mF` fֻUb{e:;xVf NmmZ~mezWösr (t+ |bG~l'9|8s-ܣS:6ZBKަHƶ97 Ih̓=/^)6HфF .ݜEH,v EА.]h1趕24:MgdlXC=ք㎩IVZ*Fj'Ӊ!?~$KP>1#5`lLrlP#QƯFd)"(mWf(jMp#qͻhO`<'`d+;^l0)sHb:Kaeѫx)&sȂЇ~!X>v@z3N/I+ /ΕXk} %d5&D<}`Xhdr 240CM,!6R|,eLbIUhk>rEP =7֫ޭqӥ9HjFjqܹ1#ɢdP,ڹD Gm]>Q}i% \tefI'(Y4.5z%HZ>z~&ɥꩩu`[18h*\{!DB *]h`1k`_5t/ MJfaLJgMN{҄csiQ f*[4)٤ :-y E<* ThA28%.zrXGZWAx0˲k iinz*,A3s>[vOO?h>%{?& 1b"PY+;&aOa E*G,Q_JrN &T%Tl uW'xX0 .6IwS=QhӍ:* 7bE{ ꇭ&X_Q/  @'% Z$=. cQ(a>mee&Ǚ!uBrP0t}ER nLfsi*/FG,Qq t0›eSQt]>E4-χ9s PuS*ΒT2deƊy>%fh(;Q+dz?vawmku&tKB-O:""*,?bRo^0>ϡz ͙*RTk]͉ {,B퓨@,KG. '| "*[E!M ϸsK R{qaZu9ԁ6Z# Opz|ʈAs`<)tx D!nS>5 D(@4*Jƺ}Cʈ} K`F]tV}.4zr׈j,Iެch.41熨>XW8n,iG=(:=qKBsY MC t}WC!qd,wÿiɇ} =~-hAG@o'@ \X ̊-s_m*4uY%|Ac,FFe@]n ;ZB{~^b}___'쐁t4LW@;ð( 5yە,hiJ>WW|idP@o蚺FD?nzj>oq*tlfk wk)J}}~@%L;h?sZ[iX?$p3-6)݇Y.քӈ!kZ"`eW?'%dT6? GG=-ւ1! !8q4b}}J< c4,t(HRZiZO, 5r5!sl%RS^b$lQ5(ۮС36>0'SzehR¬?HsfQfjafof eO-kPMh ͼ6k\\H''5d9[tX=ZV c16OSO?X ;ZW#U{$_ M0[(5ocS\|-AU&l0)U(p)ai,Du(K(& BڂƷ<<un"DŸ׏fLmlIk"dUcl&ZsԷBͮCc"ܘ֘t?yɰe/)frd? ,ԛpIRogirZqyAQ(?UĶ.й|O9]7J1Ҧ ]O? Owq؞@Wå5t & xȼ^o;qz7T]ex.8}1W`7*9[;тwD"@tү\"9냲O/`'ZB P;Ϊ[Fw_ogƖ/(;Vs y>"Et*Tx&_Y(R`O'XU9t+-n sJq+QMRuj5Iqi@:o7x0]Cs擮oXb?H2%jnx(fzu](O. 3>Rf~^BټZƣ"ȴT"",lqKmNo1UtUmY=T3)s٣WeӢR\̦^Xf};Q9:=MﰿB]V8 BZfxyAOH\gs '/wBMZ7񋙀+>ms w>jcА~ȇ 2gFud7+ ƚ8TGm(VR~J x aPFoAAGv ՙR'6 =R3JׁN_ںV*?c,p5?)RPr[(`6 ?OyU> 8W+Q?- z Y%X'eyRDMjW/\!_R1b7apмZ?OMƝأUvZ*ClJ_^&hG.\O|x}GA~lP$'W7cjt>+-t8 /ȯ9RiWmgPVG&\BĽYX%%Q]jk,9"E L$35IML.z|diOcw"!͒d}S9@3y>Lys_[HߢL awE@l}YZ+U ̶7rA$`1?x[SKm'0V-)S9@:o\ 7<ݠ.%c.Fh HXy ~ +ӅCzTtNb]1c!^qn,a3Y8^QJo;tBLZDڬ.m8Y&'#Az$(ɥ"XbZ9٠uB?&"VЀ̶vyĚyNPGmםΨ[x\jZ ,yl/X`g4O0_D#!KkQ &R[Vy&jd# JȦ;Eˤtc/ 6T~ Y9Tpםe7 9q[bL,sNZtKG"~v[{ 4r^c^s\x+-Ē #FFvbdaֺnŇ1`*__Ūf+@Y;ex 'Vi \O]N:uXR=aX(bEN7PZYs+ɨQÕAEwZ҄y`ZY /rrK:;ݮtvhO6'~ Dz+4~?êo@3;2Ax(Yrn=b}Ņ]Bǹ;Xc8}^Ł"j`$;8“cl(y+%EwA-iӭ^jïm= 217;fĴhL*0SRŬ sjL𧼩kk:wYrX&1Q]vXvbԓuɞ:˸t3fb 3 Vu; -!v+3%R$K Z}bv !u=lqHh9 )pe{4zN@qwPylnzW8"Oda-.L[JQ_vR&M"%?fJ^]: JdM G߃Rfy;t*bRԱԲV){`cdXQ'g*kХ4 ݢYƪ'9+^T~2s;&_\e`Om#OZp޶.=M3yPb O_ 8is,A>vaDu9A>Qe =6ZM3eߺ(떌W-m*OYg_zK:Yj X7lu#CtǤHaUپm HM{> c&v9!~\=ٲw:sc+ o>N'i!4۾=MQJiTĠ~xKZ<DFnln/z+F4:`).,盥'.2צ=O(kϔ3fI05+j#SilM"3e]Wp :5i*]MxVdW9J$GBQ-Z,N$w HF$Z3p+HGh0`ka9==T6Ѐy!IoS`o 0. <"@H^ qQZHU =ˀ%` C_! l:+Hy7mmErH]ZXSd?p5q,".@oR%5\tenɍJJv%{(Wk'sg1K#,&;FK;ޝ .6L-H|Wq7Xq^?m.j&m-LJ'ʱ`;Kxљ&Kӂt<WE,ROV8̀T [}Z+8NedF\]fH&ׇA T[jte74!@o XOש`~B,l}G.!uG~^a5QAi%Oo(eWc.,0`w"i+wZ]>X AǼ%(~;^h7YB0Jk,'ތ;6n.v"_axI/|G^μ6f`W`YV,O LvMy*yass1>C3yyNۏC/o60o*ؐeTK)qPcmK`1rnŻqĸe" »s*wRg /""b j -un7;b1'6q򫃨xuJp6 O}S\Yq'vV:+90 Z+ܤ'PgWʔ rf;וIXZyzXyf`%2~kAD+1Lv'i4G M;.0h-i~PDrE;υ\úKד(΁r C*ɹExY 0ӱ4Г (kl;Mp{ye\0]^CLA KYqj!z8MR#1gaf Y]N*\5MZmd'NPBO=5ҍ_~&~Wbakڈ^ˁrp!u˸tA$HAY_5Y n]S7:D9Hߑ0:V`X] @x1p.* qt D6?9Nzk Hڄ23xrb-m|}نզgΚsm62C~>d55zfxb{ 8[54x1Ews7 a97:tv98U%> FmV]M+,̭˸H'hqk&!^ JidX1mٵ<'u<Эj0Y(b MGt3ђQlhZ60Q4A*Qj 1, 5jIej⡓ZR]Uu"8wkD ŭ_%R=[O08G i0=n}=lj)<|5>ϱV3W588.])l S8Ken Tivi1C|AhN& yRNkz ȣRˀ` >y88Ƀ XuSG3|kB{[6;aVlέ~N/&Q%y"Ϧej- O`ʣM'Qmo^IhZN>͙)Fh}áK )><܊p!3 nL\m\^ e XӃ$(7{3/ ,d0` 4ܥ,HZH[8u C %hb{o4c#ɚ^賭Y7#~0ԌWw}[C]w9hdsEQ `l鲜2C`"W^{6<&2)5ܧ87 #6Ohn<`aDv\v\ƛt/,(y2`1ۛ/M;J&8n1k3J%|^.|6-Ff Cyߋ8q );kI#F*uN$"_/<݁SJD&U{c֋ Kx ̀.\J/f V `%@?&ĐRüBfXb 43hU"}lgtRm~M\OGjbdW%U!iq mdbr1hnE\FRv3YҟeҭH0kQA=> uB;>H ӰFf ¿#(_TQh&|̓yc~\ 4h?OKqسYEbąiЏ*=Cn>g֚ܞs$ϒV HgSܫ؁K":%2}t6)SNxܪM BrCYn n$Vj 1B>>i\+ϐMƝ$ѝƟ|YjKz#q]Pagt)\*Khfܜ3DVpُ ,uƽ2FI/#~uƄr*a5S嫅"]fH .5@&;<[0֣.L_)AmH ,f@[kg#Xt\˷ 8yt@Aqj>n Pk̗@-L*'.y,g铟R q2Ɣ?9'qHf9|>zB<5_GE*ۊx:sv B#>La QMK-͢N?/!1-R@ Wb)rlµ4 %Cˬ-c GtvԬ=x@H%uL~ٵx8 SֲFRh%^[Y*볨X%Ok(rjR6L+V~wQ*ȍu\R.(G0EDf_+"XE≞=z]o+uFvo0iMmuHYA+sr5.eAl-<c/Hn6MGxG<^g?qVzhx %[G ̊e]r|7/A4".cN[?,)]OvPJRz a7@+61@T/,6WRVc2u̠vQAۧ8XϬH|3sF/N1 y@rNAMSoMU*;QMLۓthbxR)OѼLtV:q+<4]Oψ/uAlK6B֙ _ެt!Q$ 58L[S#m LvSq+&Ч ǹg6F|`|xK.JMgǫ B`Iu`0%W 5_8#6Ħ~HQ0xw2k"NѪM;ݔrPQ QM]6`ś$KQ~팹EYH6l_جh6zgD{6LҖm۷(禿1H/M%/H7B+hdP<8zϔϲo6CKbI&iăy)ͫuh)nV#dY+6/mGj 8HwLzpRM帺rkk2w@% C sce{m2q}P7!\ uSWrFos R-A1%\Zǘ۟|?D%CJ<-"x|BM8P3 zL׼{UZFIW-M;0I йMYs_jB(:l=K"NjH2:F`*>W^_VLӊ86;e4KA;NI3%k_ И/j*.q zkWUmTSZכx^!1Ie|K0d(}ɷFj,`{S%>ª]]5zߚr8_4 mD7k_cx RS0D2]UdTI0:\1}ғ#Se ;n( BUscJST C6G l7W}̘fmi>jWcy:KiW%?/'b Iڐl9\k-2v0Q h1{n,]ophHy3B/j7̪<CPu ; !"̾RFi޾Rg?n'x=,㩙>f]JbmII:ɐbM[TOJI6#0@33,UL+^/T- H^2y?[]vx3kȓr}K![o`P[ ma!&_%LI)_okޝwJMWD,|;6 ux\JRb~Ne? 2ʼ5DJhw?h!tU3o5իSϥtu3|hI]oM7-뀉VV{SC6Ic 19hMk6 {\89 -ç6gq7&"E(寘ENM5Z hx!>&dU˝D|ϵɸͳ!oY#=Kw;"ib1},NruItUT ϛ7-nߴ!FJFi5iت%&b*] @pS6?"Dtjsa!LkcS/3pƌ]G&8$,,cޣ8Kf>TQVf[xvr{ ZŵO$-HDoU1qpί5GxRr6a>kO *63rE^=`~S>f$ i,u54 {ְz1Eؑ823QlQ*w]98 XG90ӻ}ɚ2hڽx.R錄YF1ǀOaKfnbF 2+_HH& {[%7msxo++0:-!r</i76-5vIgFuԅu{y@R8ZG`yl'/') &+zwc1Id]vj1iv<0?gY;k 1 (Ƴ[&%^6%4Ra Xj/>Z"]sqڻԹi`Gd(䨹QRĬ2赒w ^p~Ig(@Hw촡G*H~WϙF`4XضE^5Vh6hN-dZ,X:;7/*Gb3^A(LaU? !D/D!sh.to,`ZaQbK`НGy :)l4KdEG7Ɣ;% & {/czD/[3Q%J撒4VsGMBuxT+#}7͗y{`WEUs,ma l|$4Y$Y{|m$YM~>Vrkh)waVq~'#v}Π1b"7DK71(@ ü#1 eT{Z0HU`D+TW?_jC@E  Qgm5jj4eY?Mz/iȈ aEiAnQürB%eJS5;~ @gxgXETHF  =D曺6BfjZb+; #gSK`GT#`rï?ګNhc6wo=Ev6~=* WܸfeOJG{BZnoʦZ˶ G2s.-@DL=wh!BVCuZ\?0ɭZV/{-&su:{/s1uf-7 [Tms1pY>MN봹(Y-2r@e]avarAlmfwd n{//:EǥAaJN̕P<;k2* c8 }":ae [8n DnyIW"*ӇhMD 4s^'( GhbʉN7'qi7Χ]#T佈u>{YkpRgrPV@ RkEl\DTW~(:J ąr;zO,()nv#yCz6NO\Ȩ_\FD6x+P.Bwyw<(uI9YAJsC,FN7mT6L-#퀈yx%/!ȱ)rܶj xrȳ<<]0wY1^5KT9X)E>, \NfS5UAc).Nkh\6ܞ?xI,RfY8$9ΡrBA5ތŗk&ϋV {Z j^GhRi7)SWS&=lfmL|f;,GѻeecG3 ͼCB(jaN1ܡ;дPEo+G n{xd0@(EݜJ/Nyr쫧.ͦ2ެ^7C{lWa MB32#8T԰jHwCbM~';@ŗ8"O.9* Qsbj3# ="YТ2SZRh$ W ^JNboa!WP+C2%|O-bbգ蝷QK d8ᛪecuk'T^ǀ-T4_zDNIhn.t}J,qY> uX+@ɹAY7ɼN '⿮m$iN֥9!UVޑm02b@rܧYq]ky1B@mcoe;?_ϔ}oa]ʿ}`ct񍝹l, ~N9u(,}ո#7e|]ɃAri fN+k ˕r)Ly^ `#L6 =v6.2}:hfsl; \-Ʊ7&=J:8\ m{B_$ 0hubtfbg',KJ2'2QN8(6i-xwřhɄfʾUq(֮V0a[3N,;Pٺx]Qh7}lI<xWP&D 5f*QvWMrx !|k%29 _LG Obؙ17}CE6ƻFp[xx6R{ D@?0ܔ) ğmn |-o/d؂]c`\"6sYeGy̭;.| )cĺ)2~w'_l0F!X4YG:]y 0|YU)+h3!Tdߤ%yV4@%'nK) ;2,_ 5)C@:;΃l/_,Ъ5`{IƧ)Ԥ]cѹV/gknn%y':j_b|(/tq, 9$BL!x \c:Cy,qv>fBAKر\RA,'OJ`PNfbJ3򚾄`g'-]CfbJ!]`n) +:S6KvkLp%]Uoppi 0WpEnt .tt/ 82 Ǚ}e-ofpV o'X*5fYT𬂨t }lL'R %#}Va =aˁk& lgĔՙ'ABKiZB VԧF(dG2`ϖU~-|yUeYxv!lRAr,ʝf!R2\sp6^Ż}wĤ@c(0DȺ+BaZJg/ n6 [}VDG1WTˆY%Lx 0 tQSč]/!䦸9oDT !rGQvlJJ3{b^؋dSƇ.R3s. 5_3xukO.Zp-wY~N,1̸+vgQl Ϛ99q8NLU4U]JUȶN⊹W} dledޣvrT]ЖCfڡE|m:OQX`&#wTOVR&!bKS{@=l'B4;Kۖ( )n]qL*I3lW `pSfb-ϼm袵${s s9BXw$s +BP !J[OfR0ⶋƬ*xݫ3/J ou٣m!y,FU+S\B%vj)oV}P"V_9T8/ƴT:`sDbNѸaAYS1d-XOMp[vE-3C߷CKs3e2%Êeesq^ڇD M2"p㵺Uھf;0=:Qq=rLZVkh_1}P7>c2 EyyCPVWgϩ!v^bdzA6%|C{V«6\ϋׄaOܓxYdf̪^w lJN{Ol!F4xt}F)͙"XQ~ZvKbÍ/;`a 2ނΨQZ7.,w~?)H%Z.ȜNR:ʂ̥Lh>U Il*ID7X_33CEx _)FEoKajh*K>IZh`Ty,P9Ժ_2@.#F-p4'ԁ,&GsK3@g0Bq09X;H#j{Uݘ dgy` (`&d&Y?(5@`'i;6M70K!v'x{ZS=op绘wG*-zLSM\ٱ n4N[Y?UN%-=傌 Eiɉ@]^qH9ȺQi)I2 "&< B/ˣr_c-;.='KZ"i!g%& ;'@U&D ,fS5P/6t!`ֆQׇ*9Gynt [ +c-u#f.#-D0:!:qT0FileQMo0Ro nCzvpP臕Pbg$ &8-^Dz#9zhjs:e\.DEG!S)6a h|^gBITO@O PDa|Z9G%%b;..y5'ߌ&g:n*ƶ6ήQDJ-ѷ}L GA!%pC96͋Om~j3q1zhkr-+2Ro"z4r%(L X0øTt*x+Pyc9P \`FNs>ΞH,=o`O9hSj{VDOpNHEC;`Уh%M]SA_W,^An;^Qq8S4>M}PдJ_ZEw. ئ-pt/RiV -qp|t0tݺD&筻;;JFS{=yZm#SD"s _iP\c[(P8WaHe<_*[O&y5>dTl),A0TjEH],e`i޵TғSAwMp{-*i.WDC69 noYY 5D>fmaƎPiYJ@U]$IӴ2T7嫏2s_H-i^ hˉgšlؘ^/TG3 vMD)1'Jg*\n4}4Jj ^8YegF&XSU3)V4~nȾΒ@qA83O l VsoȘXDazR)ƴ ;&LJVP3.Q8[3?ڨYM 'n.enuN9z3<;J`:$&rI`|I^vP 4PCE ]' ,w::8χs&fhy-+p9I5^/Yr0KWFLI-JFs: 1]B'QZ&+pS1I}楕\(ü*1PeGňvρDIx߮jSq.j-GE ,k~.ᲊWETפf: 򾓕Qmf"4'd2lݡcT32|B`k{%}![HeH̷C)pJ"r'~ o:Q^4=᪄SHlM='@ %xeCġD(*{V&R]gP0./`R2:엛9M܉~6QwF^{gY Ȥ#FRl(w>ogU&Y:_D]Z_l.8Y?AǪVH$q1n io%\x_^>@Mj8Į{8IIJN  ss|f=-ȥP [$MtoB!#^@Th+ߎS^,j\Dom*rH$*Vz4m.ϙ^)10 t Ӫqݑ )Ogdts#T?ԏi-{spRe~9 K56f%׬:)UT`Pdxs\< j3썈%2,^JEӪww.2QѽXd%-u)-DfhwP9zZ]~η#|{nZ; )<-2J[_ 5o8xV"i6+k^ɍuYLv2'cH`H? hbvhv 'Ě TĠΜL˴) lL/G!t[.mf.tFruSvآ8QCCZ%.Ίdb[ aCӄ4/E{bL[lk;.%**^z?undﻙFWƏ`Q myrUZ羜v웬2\CKgp0$ `LGE:̑U(ϧC᥊!2f!!=e9>O͏<؃>~z%ijFG=R-|FS Q*P+XN}5T(t/8 {|ɜGL,Tj,qڊ8{LT$SE'̼mtHȰk-cͱgyzoXxb s+ʜ_]Դ&uձf Prk֟f({pfk=L[Gm 虿8G~ m{À.ԓsjKL"e͡=x[93سT@G0%z ꈯ^13s]<|td$(^m'HoY )Ji$ʭ n޲9_}b<۾(eL Ɔtq#J(ft8}_;G(.*ذ| c`GwӒm{4MŽ~$62X`HߦʌJNG*~:*(S-ThTѤe._sJMw4=dIwDɋX&\6M?r,~]S4V;녊dgS@_ мDCJ^pe[ FEN{XIK6M-_=cי>V88v w[ߙ)v0NP^:_skKZXzҙ 7`K.i>1J'TG*ӒuTIbXiWoVӘMҔ 9?@nv;'ZP=[gBbt߉>]M3$;|LTG]FG] ϯKc[֑gfxьQ5bFhBO˥rlc{thE7xFklXoV79*[PƟ Nb_-d^w`W"k)c" .O: 3m29aT}6ҚW<j5e>y,ˎ0AP$װ,[)W&BH[zY/RJI.Nn{DT@io7^FjqzjKy+h(Z>4l?H GGƒ,[ֽA :2ǬH.gx'0Ge1&KuO{Z3 ӥ HQʥhAek]^[B<(bVN=/E+!ծ[s5'BC Ķq T%'c]3Ԭ7djҕڅt! pax`vchG(Z 6GXO*<[rO guxA2[zclG7 8x{‚ÄfADh'X ݍB=Rt*Ril[$]~}QJFd SQRw`=r{&pK a ag>̉-"MU粍e6̧{MfBԏNng 8k[: lΞ|A&q@d!n @`(Rk{|. |`T5Uvd)5 $EUIi_J@(֪TF $wozL R/pMkQjʴ~ʊ K{%p=EcvYee7)Da *T?Y׮1nEsF>jnswҢפ~tS X۰N7b>GFW# V.w-ZIH -X (wڢ&67Gˉpn6KxYmҶ<ϥOH#I V`Iߡ8y(XT8gs =[,M_,$$á_O%"R0;tCf(CO7f>L}"'hX]q\żA! H.dI08]Aҙ~OQxT7qܐyޖn> y=zα죟.櫤S=VYt|xYht.Hjkr_K^*]pҬe.k  .nO2)6ژez'yNmA#_C u;\:V*ú{*/e> ?i _$t-SeZpCp"1␕P#KҝUdApOTn-R'WzmR#[Sqsl{n.,ЦœIf_C,#!tP?%e߈&+5عv{ް(*PoL{Sjr 2{ZL2 k+uVo9(\K &%yϑȇn |/ohAZS`0 .`DMR)Ô=j EU6f_.t$w"@؆)kTB̭1ke.N7r_ gyxƯ~{p_TaY8NnMUOPIvdwA*䒉8_9h3!W1R!hh[w!vt}oRCf^gvVQU{67H2 Y޹[%e cN7ojKxgmdVi `YbTd`qyuy ˂lhfԡ<+$@Mp[o]=ih| 3aިyq>V&V )%+w|OA/"3?ɍfD_XiP:>;@94= (#XvgKF>]?&6wsTraA;/>l8WhLzobih`}ŗ}j`HC7Jw_{/Q-@qZAuO C8zI|"`S~5 Dz~6 Mov[RL+R^foX s[,tmІ:)7ti"Ӈ \T*۰P1ɗ?Z8Sʣm?#ؗ gtW[9:ge';]B^a]|^9qff ƚb:E:78]y?2Kp1^D]0ME7Ae~@B2=`ne1)2 #;+~,ظg5SP !!(*$MFL؀{m(Mޫέu˞VԞ@+Vܩ_y5_ʉf,.Ï8bCx͂)o2@}hV$pk&,]rv"#H,&ݟf%K -ΆX9~Z8`]8"vv޳\-W3d2Fp/e@Y6g]UQ}R|T 4so#ItP.[V9üDz|6a ʝKPDVXlq ^`v+ӄQcVgR6yUlgy*ptS@p"Yxn" v~{;t aܹܨ\t{.;?Vf]RHіȡǐ؝Iu_طsѴ?m][gB+XB!!QnRb"&GA%sV:sߘ]itmpJ*+M^z54hΕt`YY[Yv &d9/Ca'XLm+fR%2͋b6k;M}O2m=OՕ)0Ek mہj@v(u49D@)8J!̷iHY:KȌ;-Dߥ;/c}$P8bssCfÓ{MH(9R[Gto[ؕwTlf=]9'o(N,*ׂj5D95C9Qy!ebOB Z5E.ڎ%ؐ2㾥nx:Y_ٕB祫ҫtM@^5A ӻ,P@k-cq PVZ)4Cug7]؊]#gȐws8pB狭c~Su!wPܟX/v 5cB뛥="Fh|qWb FxV}EjkJtnKB\1ؔ}<9 KwyͺV憋x,Peľ|k@5ka㏆wzaS)Z6Ջ&C Vq@?35목]҅- hJ5+ 4R4¬(e)^ْU40lsx 6Ȃ!vkLaxF("C M)-`p@]}D|A5齳&G'Su8T"{LIy=̰]j7Y{Vt i~-b yD>c +j;4X \BZ姯ѳ8iMRU娱k'xz1$#8Tjo7\ps J̬[e|[w_wrr^e!+xBdӄϕSWr omSEPm؉ya_>>5U}?5%,1FV6>!gcBYossuI0a{Fp|v!VUѝR+G48'!X7q`=q. t8L:iL%fINq\3D)&M'/ԫ>|%?iHRAڊ .2 'v: tέ)1بۛn`esIy=,=Xv0''|?νS _mSCi+4SQe[LC{;&J*goWەQ Fϰ)^hLen/Em{L6 1}}2pG] LvW4R/\],0Xlh5<즎FFRѿ] B$uwVo[ȷDiQR(~d4S?31:%ۇT-H7OVNGGjӽ`'dִe ߄mT/s\\h ̳u(HrԵ9-yDwt?:=2k4#e#Y:j"E&_!iPK(oF{ V/ ߾e~Y>ZM0(oC*Q1*hV4m!FBE‘U \0ԯ!^8x$ F!?wt1rt ޫcđ5OZW&}P*`!#bJ<2Ҏjwg֠;INOly3J:LLטZ0ci.ZӯBW#aX^6^)cƜ[izNeL gO$3#^Uę%:',5ulBCaW*H@x+ 'K'zDmq $W U*  Q|ۘ.jiIP-"R6( &i}P_i4\;R2b.x'ёfd⁄0zč'n!qjg9)͏8en:YuEn4`]ӂ6{b"҈?/D$`%`Θe2^h:o0NƖMK.L :]r +4ˊ2W mkvh>-kW(U V9p|c,+pwE'WpWEG(!w}֮gľCZ!sgC@Ck2JQf$ mG&UVySp2W'5Cuki~} SPv7'V$QA~BS!ެYk eYHD|At_{>;HjZo/3ETYp/O]pҠ:M|7-%at}+d$`f>RA_LÐRc};f.#Bv^aa7痟z241WNBFEW֥&0 f2vUU*7I`f"Қi |v@Ck*K*WnSq- im:tۀg25jy ;^$bg7H[ͼbK;:cw23M:8 /_nx821I Yv /qSF90D:,˗+' ֥RXM]7v7pH--'B5t: n}GϚod:s"uÁ3l1oho1.i1g11Z1Ɛ-d>{+h?Qzn> FeMCypG S ɐLI= t\̠iЃ)++t u)S }.j?ݡLJ&EྥTn1t ~.=|)!I;5"춱6!;bD?AǧͩB#aSIUud]p1Yv4+2!$aI BPv: c1ff&ecY}頤*smLړdiveeT$@LPifE4l¢Di%]5[#as(6j-̪sU64s"收&sU͵,[T['5M5.f[*ݜH]5\fMq8F6UͶNm6s6f[SæIke6m]5R[BG--mKmBYͶٶsj*F\mV棘X@*XJ)*Kf'3iMئ99'2[Q͑VDCRAT@6Vm'5SesC\6`99h9ڦѵ2mmSj[+_ҸMpîS!P?IP1"6s'0S]5tÌ+9til :1ML Ӗ$ڶI>.`ڻʼ5R̜[2E̶zzG3kNe\ml6mDMesƶmf9sFNazjKn KVUM5bc*Űٚ6hՋk-+z14!& PUQ̓MKc_.|[ mK~,U{]Jrm/̨F*W4],mP.&ѵOkٓŝUժveѮs9mUN]*Q" E tU]56ڎejzOqdoiE1gL0h6A̒qsM(Ȩޗ+/kՉAx^~)z_(qRĂI"!, DA|A1Xҷ% D Af'~V9 *) OriTDA% &B:R;'& X!f566e x6Y:Qj*TݱTyJ/t.wrH'2*UTUJs$ۉ2qLƐ\WꍡI>IU'{B켝n}BۼFM $uHEadkuTO7I~{Kw<\̛d~qꄮ6> QIyQSjF.ߛqxVWqAJ9j\Ǚ;asUC)c)B/{g*^6jRB{ #Ĕ~* ڪ=)~d&\iSjWF+QƿI'ܳ;ڶzGҼlFC= IߩOG]/AOC?!;?Ǘ./cdCHmW뫙GmG02Yh>Se.TOi^ 2ř-e-kf1V0̫k;\KFe}Jw5tdasƳE߂w75sT[>$jnEdk@9V6&oTN'w̖ha^l^`Lؕ͜+FSĀK֭O"I$%~bJŶ'8׬n*u94[)z^>{GO '1y_]Kִ2qbJ $4v>mb߷vF Cַ;F _H%~8bZ4..{>I7MWǴiT2A{9.3'IN42>Y3Ƅ T 891c=Dl&LeWkVt5Yee'gw9Fl4Y0`2v, D |gZv۲<@KPx6g8wQN.`|mD~'X_3?WEtUJ;=vh] 穹ii:^Ғtյ n&.܊+.mtqnaç@S4muY);* r;y4(S&^O ˴{7=v_A dt}:r)P Ock-qD߷RjXs󭻲ЖLّ'i}K>f?SYCnY sK.x{xr(M$Òs#-)!q:Q.Niʙ&xMPozNcua!fLta:]U:@0Gr ѴE Hɶ+<0]ݟwNGcw/]nW}|=[]A?fҕy9{,6>sK=cڿZM*,ZB1F/E*Q88CZ?xUe2k9Ty8}^>&togegߵA8!ͫ!7 S:$ܿe#F!WM&uCїX [&HBoIXskzdގpux,/=9SYi3@OwI OW'!zyQ$l-פKMIaz(05*hFCVH2itcDT0owz[mS 0ye{EĪ}(yιp挜j9 S'z+}ҝ_ArI Cz^k,ܘ3₣s31 Y,< Q uiɇ؎pQ=NYq: +$Bt)ji<5b"V/M2ڥsjtSϿ/5ƿbm-f6 9y0S(}d7̭(Sf.6&Ţbw>=\cz׵O{^uڬug?٨aIԞOIsO-!᩷$vCŚҭCyh>6 .~Q9;%m{i>~6?ZuܲqfVekq~y,WM|+ޮ*b\?}6zCL̅H;I蚣dS6H㞫 gw-{ؒ6ɼ`eȩyQRuz׿)f-[y J#:vh9zTۺ~UqS'_3v-9gVo h-\;nd2kvDِXKZrz6`lޮacQ&z4.E/kp_1낙.l;OJ\ cR .ŞQ݅=865SH=Lq].Kc='+&<$J]֩F4imcrxN =}tPV ?EAw!%$"h8"Ka߯x<\4ݱambZ8B&K ; \D)1K4 8(Nul$:=^I?m:bhqYa' $Ē'2$P쬳-a v ;3yS(ʱ! р`KrLx\.c5Ty1zqpxds:o=u͗w*^녈vq<;F9$$D:U+}lg۟m<ڈo3r]tFخ&U&cyjj)*.?[܍ע.xY:f?zKOeav!Q{u۾Tf@8vwJKTLA/8:]JT͚JYk[Vܩa+vޝѶcاGFr;K]b|źGn};_%wv "9*+vrysfWw{}Z֍6Xb|}A$Q *c3럿)r=Ibʲ2ߗ .`/)IiNЊP3za'kUHPݱ'3ʩVפ^Zd-bFMI-3˸-Ǯ{qw/ T}ڳ;kWޱ >`bxw /7kn'xE8fx^"`ĦĔ" oe1FؽT}^:˸sY6rwŹ`han*1Y;Bknu#̩< ճ\^/Ka:~,>JAg@$C zQ9Ku._QGӾGX3p\RZk]^&y5Zik:c2u<%丞}Wۯp'x$sP+PҾ%=]ɞ͆oGoo&gFSx(k8]Zާ#\, صu/)&1Q oh"i#'h#SUY1I!j/MbG;-*(?;6L`\:BIz~+;ܸ./˻םycmͮN@ϸzf+5_VM]HfL 4MRRH ~C q(P98~HI . $I0 ⅰpڂJ#*dQ͏Ř{{SFyG@ NDɟp8ċ/@MHg'T6^[LSI/HY\w%0ve;d/4_dYCeIak47)ՐœIRY+* 6ʠG#G J?7.YK?}/ \Ae=aqI+qƖc!y} CQOrm|~Gd(~巔>Ýp68؄^-Th=O4ޞ}f=)T߻CiXlcVvzΓCi.Ko  Lf_ UcQ Jm^SLµfmYӦX~Nf2Vb fYf&1 c)BiP)pHJ~9?p?˰~Eb*"+Ģrg+g'i gᡀW,X$Iq?pτkCnV0 > Pә叟'7;s%a?`_G9M4MKvdkOUyqV2ܪ;?fhj}!AzuE) ضEi=N {ꜱK>:=#+;&󮁓R+ʫ!7Ez SPZoM1[>3"uxN47$ Rc?h9* .ou5^젟dbcOMF\]~(U1W(Rpθ?&yGy5M;p"+ga_C9eՠ&SU.pN =ӯ's2^ǽ"g3=<`^čzoNӁ)AtǞpp/ 2;F),)fz *QnNM !n4'z ۷I#LwK|.:hOpy?ҋp:z)Ȑ$GUU)B *"B, ,uAjK@ i=k}TOť`M8񺻅 6vJO_ϭ2v:-$9nwBL ֠ފ+|VfJKN}Ro, c臘@_ן8%ܗ^սjUC]jHQ&^U3mnvl0ꅧ^L6ƒc8aM6*]#5}8;y(9yKE(@0* 9yz/7kEڪW\i`|^ʑ̽#Y_.-x8='hXz`uQ"5P%5=ҍA!y))LTmQ~"-1 wTS' z-~B .Ev@﫺~/K3aץsz{&KqNy>H6O:TY nR*M0w]M|y~TM6]By_ÓhTy! {й/_=R>}iMS W\i^Udμ|o69lG$H޴m ?eUW k?:,^F⏯ih {tzj9"=Eb>Ţ U(ߟO ~Knwl?%j S~6I(^Tm)Cf+Ex;C߸μ,P!YUp2?v԰j0uYٖa׋?qf %ǗWC*/Qօ+nڎ6)7P( ^uixo ɒ&M>Ì7LfKE3ɖ<RjI JNͪ(iѝS9Ԭ!ld=&7w<+Φ? (@ct(y'ƙM<ד7CsDsjkn}fD~NF1'&Z>' -"tHew]N%e3=3|m!&:/NyCJ{Ʉ0[7s9O >]ʲ?1,&Eb _M\),Ý/1uSO_"xT: ƺ_m7^Hw{ךzLǙ <ĮۙtiݛMQI_swC+좷lTvrP[g]Ud`CFꄹ_#Ck}b7}W c i6qKdrzti|{,WZ(D'҈1rjKcOyJNnc FGT\t/A,b]8 ̓DܖO;ne`|ur3(=֡gPR@-@+~gi(#<|#U/G2[q_=]XUnr*AR10;c,+WR(g1瑮>͇w:qn Mdm}nr".εٽ_ dΏEfE!DZ~a(g- nce H{VDIFֳM>q*]-4xbocq /*fޮBg.jyW _5mE(aFX0!ݟ2KJܿQ-bUl%JASz ,)F(Kr&rQ'\zya7C2u"O|]P֞Yl?iٛ?;0/ٙ R,eV#Dg9/si+nYMdNKfH~NӚ~~gZG3tpiݎu(tYN:c;ܷ-hJS*p=Yu#';V{iIX.6]Y}3N^BVZr[6)uu:J66;0SȂ燚|'6,52G2'5w~pd{-Ͳ꾻\ȉvteuL95<;$*9¶&BlE ΂u׺0b4}arFǺBZ$S'LӺ)hJCɗ|- 9~.Q7CiEȃ)v.$*1f9u1q%E9Q ix$dJ=Τp5 6LF%+/S~]'#cBp9XQ5f#qW( ѯ=Kn&7=QoVtAdپd8.|Y[T#(T8lzDmziasktg٢[W*[Nk+Ű7hO)-a܈~bɋB`(U0_П#}8j}l<1,Kg5)}r%o])%#;E>9ńσV͓8wLSiJ+~_)5)9pxy\BPq槐|~Oa*|XHW9uq?!j;O76q9$풻/yx1Y啘a=V|CG% ؊ɂu&tСU5ki*3n $FGut?^_ZDZn SX8%SpQ}m.9ʃe ү33lQ'J-2#%Xӭ4muֆҀ9@=ٍО۱1] UԘ`V?MW`EKUUS^hMn337piڶxS Y,5?^Gdzwf<2^R>R}sDphgjڙ`eZRpʟ:y:c]H75zšO2cdF:6:ť3ɱ6Ӎ;V.5?(5U?A:qkާIHlʀ*Qm@LVzn{t9[fҶ m 3p5> U'޸jyyIi)kqϿE;oK )sQCb(A,u+SE`443m%6_jk⌻{M.0 fsǻK,)4AקWG;h `3WA\w&,ވؑ ՘n2[<_GS0x;K&AoNP?Gv|98lvf8iYnIU.pviev2wtrfכWbn6)SUEשrZG.56{y'H\5?5붒]~"{k_ǃ7p;JO}v bv יO *!G+1624h2aF~bm?!9>O(.T)w>Վ6Xn Pg _)UW57ϱĊ  YDǠێu/ŸE}=n~U經TZ?]3U'uknf:D)y~FL}bm<>E6B( ݆$(³DaQ4E>ϼRghlY%_i^k`I}X e2`  E 6tw59w PzOHYq1%!kdYr ݽL4[4!%!F}e*C`1\.OHcrK.14VpIvălZ|f%8tJȪ*/yj929 rT?9(qh D: D/H2_㍆{س0;Oc)NЅ|{+L#wi3>-: C3FInء!((B־ y@ ړA f6aG5JFD&A'_ o@@vr=^:s. g=yԟr 1dta(FȩKEe {aDK Z|9c lfI>eHBBꕕ%P_@x30" l1"0B(RBLH)?Ck)(=ʄUR 0+Nf$PT+ 0e>TaXMRan2aXR"%/cbA~_0N#adelT%T;~d 0au6vR &cpnu"YmFWV-/]rc[ʃ8À1Tyf9cg$ƢQ;HI )7o!㪴dv}b" jU)Xn/x{uF>s&mEP\%#5?C#0ѓ:&!j%d[ͧĆ)%Tx;*/V:lkMr&C27:pڑ3s4zk&S8W'( Es^k1 C^VA^@]TQE#a`eЯNO6O}K7,:)ׄ؍*FÍXJ^%cPM:Q (` 7v{iȜoK<ÑjF]݈VCu)Y6@l`0` `k}N= .HH,zK| c~oq5"u5HVNDәl!$MOOd4ҫ/[ӧfځ[ .J^.`:hڹ }vQ A:qlhHl*4%h_/zPaxfUصWwNWԝ2?joy^b-kvth~]+Y*g78[īqDוղuY^u߹~_úf.M{ܘ#b$DaBw\LppRyg{29iI|jmև֔s12oj)D'"I KnݒH6rK81Hfbl jmDk2uvܢj4=/;bhڧFQ45}>/z;1e>+܋h~("wR7-6G5a fNd()B6'J5~R ,2";f|\QW!wOx#<}N.r-Qi IppvV]tYshYBgx=#=eG^#w Q?R-mkz(AS%.+zL?E C*҈oU)0B T)R5 ;ߑ1g}(ӯMIH"#jo|z?1t` _W. ig/sV6֓^S gSLM4p'j:dqכXk(x* D @Z>j:EMLCErr~~RWn!S ;s/w$!ѩNfy i H$Uueؿ9@'4;F6/l[pt*5mLu^h]wc("h8 ~ϗ<%%߹GTܑ>TEYGL~Wåt?fPh;QU}FO6:ש҃2W}s~G{J%K~T;{ V|=6|SxH|E|{ʝ\̌|Z~Nu"~}R.s |4ho֝,:i/qӭ C27B@ Y ,p76X=nQj۵BPZ GbbuKD4eC=2\#S.9fN"u塲ǎ :y ]9Q^f +C~T3%!ڬ~ɦӿһWޟBTPRP"_z. |_̒NN /\+ o_u\vc]'}eLKpvxT>X"ܬ2y&`ImwoѨl~gyfwKCiD4}ߊ4<:X~( | RSd[擔ݎ?,'kPHK m }̏3t9I`cYBHy33Rmy$6?/ Wc؏Tᇬ\wY"b:QD@i)ʛ`t|T/ͱlyh5n VLj !ʶ< !3 ZIٰq4Y؞mFkRiX^(e!ˠn1,` \}>l"?*6 ,ț `AҝaʳYN1Y#ʞhv'#M!ujoe903^hBͽn1ڷ>dJS #uىs~fc ̝yA*N~Q]Aq:.U{N=-DkmؼKdn}  kWE_]g9\$&ʢe9ǿybU<hșu޻o_ɯ隘B%Fe'h Au?m8I ]M%#Ҟ㹸HtD# *#7vq!4Tc]|Nd\'E؁ ux6GDtȇPmw2^j.zgJd\cjc+CIߦfq|ux5kf-lUiz7ui}GH&Ӯp7qu1 mP$3=^=H!S'Ꝁ&h[4G[MINK+_|mR/h1Q{'k+x\mz`B{NN7SٿKm} @`[8M> F_j8v XkVbƗnw %y|q ?~ޚR1c\C>#˵U'?x]}1{:*I G!d,剘26a ퟼;dBC\ކ*4H}'ZE4=ML4BP^< FǬgzy+ 6lD2;䍀L=A1tNg1uT =yP4Fȶ%R,uӈg~)9pd >-s\V4.Ǫ>>./ 5TTЛ'rXX 4VKyژG!]~'")qEWo;t|/]EepܑIY96ثs['#_ސlOR),GPQt4@B44: %玷s&;0XIA3fzj[¡jX*rV dOco87ZR?I/]ϓkzv{ #kUB5 N]&\+B6Iۺ|G>ɟeBq:@S"gEmn[{>3XL=% %r]I09"kkk}6rnj4l1]~LoW2LG4o0C UL [^o/ị.m]]"˹K߾Q~kM6yKiڜ=Tj7H M"O& qOqr=z?j<陫ݦL@ՎXBL?˨2u'Z)MyhʫPNyG;I۾x,Mk!Δ'L:uqEyYB^u`c>κ r?7B**J\ W9KTksԦת+wN@):׿ut2McmݥP%cN#7^UBA0(Mbh9N2CX]s?v9ҎJf1~KۺsTyԚwIk*xdwܲObdN$aӱQn*QYQק/pa5'BzwnZլL"9Ӕe*sm>3bշIzw)cOWSQY_6+gCLlUk\z[U9PӣDNS*nѽ;x>;(ns{+Q/XC/hٷ$`&ZxKs豢XcA */]yxwxjWX75ڨ7];u]mSHVp5wnNiaMUTkv wcZJpa\T+0i?z T>7UefhP `CQ3HjueSzȉ'qKYcK}sxmM ::5M`35 ֝Ä|6s=9XI.m<%Jz0C7$8*S8rZ(}"!6N+zɫɥ'qI6*Y.WQJU\Vo-hTí:B0MSrdt-Ļz'I|+oW7M4㡽,y4oY-f]XMDZ5U=iɫ8ةD9GH϶GjWcܤvߌijSC]#eЗe u1qCoSW9w):+DC>*͗Q>/{̜yKuZz~*ngQlV6yY_s ڝtYx6Ŀm&ͯ |ss P(^oc'T; {U&;7{p;õsV*$2,mՐA[ʺhѣDE;f$Z 㘛,~NOb].u toŋbHFP!/AHCâ@55&%|t~"WDNBQ],QIS WŗQJTzz^C5C t|M -.ٷpDap;۩=N}+hvkw.˦{:=iR}4K-0~{=默\8;14Jsi e p4AfCk5RA5P({5Pf~^S;ii' ~u0m১Z^ZI֭5S$*)4f%# vUar{H =p C*NS8.Ufm\ei> ~!dSLqWs&'崼TKp- qF1:q8/ҟ?x[3ϦX-^G^[ $?XQ 1/mO J^s`(MZ1T VCƺ ' .NiW*s\%NL!⩼o ?\X`opkCG|@QP[VC$J-T!N:HLI>^ }*jB;@>VHN6fa2L$!TN~4ir_Ċz;5T<5.`} U:j@*ءm)=R}^y7*<1|ޒ'x+S1)ZH ?7'*}J^}'^UCjZH0BˠF7vN.nx*H?3LA:9ߣ 7a?.yR E mOӸfD-!uFdΌ9TS{9mp|T*ϳ?4aHjo7}dXtN9Oڳ)6[9Rh*^V[)[7I@M8]Щ$wLp=mf4#~uƱղAXItf9ԙ vC|Ο *Xn T'f2wqY-l5Pl:=BfAPVw"ގ+ô6dT C"8Ŷ5E`T}8 $X>=*hx'i:T8]̹9Q1s7924pj_D"&D^\ᇾx({ VFVbq*}7!zvT4U~^ХO i 0E׈?lø ltEn(sKOcoY~8JA+Xv%!Bma!mo0d%SÞN1z nL(U)2 4ƉAs8,ʳ+2^'Fi;&3'/|ɍrAƪ2RU:RͮhgTPt} bH: ]2; ĈiG$rp~7xjց4jڦpC 囧mNo` 'ax\<~:vwu</y9גFJEd(aV%I)e0j놁")n"I9-Ң¦MxuT#'꟠9'˒W-qj!Y؎Y)vgi9'0a<Ė,?*hѣFc;ID=NȕZ3]H,CV/ 0 !t-y<_zPUPA2wL8]6U*H@*fkE FI Rp1ԧs۩Tn~`HS簈7, R4í`fFl ߋ&B7V)TV-޵# ~0W8P\pZZwE[5V h-;?ǥ]"/R8o!I7*IVX.՞pjV3cK'c#a`d0a7{}cpMȢPR׸4ҨM[2\(i9Q) U ZF")JL(-4oIE,*;^oЅ>J/[%pAkB8BP`NUǗklо  RI1"SjfK\6F2-OKaKkȇ #SQy*CR \h5>OS``=Fn^qz=r3 NqQAAVD$`QE@Yvupцb߫ 5U!OPwb X@cٔH.2bKhfnʬϋ}=> \fw<$bet|!`m.kX~]Y%w Cwߠ_&7kt -+Cɢ{H^ י]^1Ouէl>a;{WEbf0>cӸф!kXcm:;SG>0?e'dwxTȅ&G9Bi Suچ28!wjsUOS,N \๑nhFEY\3A%A^?g}3Xܟ4%jtiBFwwz5*uҌ.Մ##6@T™x]mY`t\hOv>d?l<ٓ?{ dX!Y}{wqey\/~tF`Q,+gNO54kr$ 7_GӻstFW'uΣ,w&3ro~EUU 8~*MY}]2RN\]9?~M'u,_hC2s?c<G۾?RCi;`"HXaȱK? Q2uD8ad!Ca焘y&6iLNs)@DD5I$CP* @H.B{#1 08o31&S.Ojbi$qdKdh%aL"I+n5e<26lce:D$9OXs25}++Mm"ۂ'ao۰!\(w]8.zBu|t{L?V|p3a\JS~^,7^ Omy쑣8{!YƆ^~z.?91Lm5dv& 7mpp$f$A2'nB'sN_q#ᒿhg^)Wy[yaj$2W ,Yt:n8h5~~n9I!pvl:C +}q'2Nf.R!.RbXuQiq!,?L掺9;hcԊqy.lDT1x\qG3с'g&`8 &(%`x2h(~#!0JPN \*cT"ې;ʽaK܉ŕ >@(s|@;}$0; B!6dL-%14ǵ)f<,I  >_n3c7m-Sbd Rj0$lnn'I?q O[7(*CY!|6z6YL5t'vQ8-S@Υ[W%w[/ɟμG,W1C\wL?I~ )/3i6Gϓ^,Fe1Dܠ, xu}$%R.?aXbJ$]o#(E>ָ/gOm;El%39}u4e<>wA`53a۟#N*8o R@q{ Hq&ӡe)1C֢2Sb0?쫓LɈ@c>?~_Tc]@yGfdNXD(*1}#Sqz,9aI D* PKyBfs\i,Ȟ/ %I)`S3 u8~veM!F=6+vd/Ó"C>3tQ@|EzҔާ;qt))` Wt4m4|Il6RX_JDR#gC}W1J{/ٜPÑaQbҨLI"chcn&2deAc[BŻ0i)@"l_$Nܧzx`.?w!Z]?EUu?G[Od>OQUw~ZFRÚM[FlѲ6_d_Hu3*^+}Vjip 4=ER~7TcC˗ `C$ujtŰwi;p9npfRYOަ?. ĹsB8!oݝ$Hl4aɿelxߐA.UѼa+{m-YPG}x~sMەy97ﵵ5$<ݶSpޡy]x4$x N>urL|de7J}8tܜcV^^@*tH_Kk F)M }̨*?Ã[Cڜ>'Dd_ 沎fiO7J}T/C.aO˥WYA}(<|TG|SPP^[QsJ6(6CJ̥sSu⥵'oy_$}.%;C>}{7e~Zֆ%c2dHS{0(iB`4 (U2y=/}gg]{#n7Gr$xbmdEXtÂjf؃4ߗL3 W D'CkA2Uqmh.UQ( r`E2`-u~dcQ?0#IujJK(7JóRڕlU )~?z9=g6TDQI?r?e?ws$w'G8(alw48(URk´F:hsSډҖ:ۯwV2NWuM2|͘s]k)ԥ{ _s"L|V;t3xɻ;hNr_1\rf1uk߂&d nNz LKaOϦ³FKn b*L0uHb $,">,}󀠜|YONmuӜ6H;N% `1&ɚ(棙WC! ili1aM7_z}P ~fVO;9AN#DfCFgEBg_p7"Ea}z|Syn0{̎!5䉩*= pQ5ag7w+^X?,Uo=xX{^x?9zOQ/m;#vVƙΜ_|No6̐,C=E*2HCmO&[=Psܞ1|qWŒq+d38 I8D4_‚&J9f-@|>]/zcCˠUs,\ 4K;;.[x\dօ~h0:e*ctb(wG( ~Mg0 CaI$XM*-ٱBG,T&H&M׿yF+2/+s>Z|8Ϳz+Z6G+Zx8<"w6{_hXj\cS,Lu-)M }nE#J/txbe&a&b(8 +_0:RQ#YD,@RvnȈss3||5tK&۟pq7KHO5hOޙh{MOIݝJ*l`|rB?F946xԮD'[ aJ4 $+;!t(.v~wx*,s{NYl}4 -ݖ3ֱ+oW7q_7p1<Ҡr;ڞӟRe k2/sҵ;~88M꾿3[!*r3ÓB}4`YBQDtEEV1Q7ҦP [9̟?I}qR'E ̒wfsFjܳr56c! &[mCqILY~7mj5m~Ea8EcLIK :3Aä!Afs))%HNk QZ@y1Ʈ5-nw6/3Yݗx_>Tti#^Z>ݫ7[IskwxؠrיӕA5+~^//YqokH~Ep׽Py+ -P.d% RY7v؍wera4@:bFyGre(2W6፼MBDFN(l Xbc$$~3,G<0UBӮg9opEE", Dy˾3 AS<xb?Db Y cmM@00i^d2WPj b5[g_n[# uJoxdžŸ4jcJ=fXw!JaXvm2̼;2BZ-YDc^~ vDpoXm3Г6v@̊Ibqs oup|k]ѤK/}}U^XzS}Ud{U.p,r'o%wdeVS6gJ4Evi6ya=<ei]6qi"o:tx}C>sh`)V$&%'g6Ә}GIUh -ʣJ{8{EP\&xw] 31X$fgy-[ 9 ԈE)?hhUjɼ>`oq}?<1.:1* 8``?Iǔ{:P$\GVP0@}l[LB֧Mٌm~͈lS)=7)ͥǂwnOoo}LRN_p2mXnT'3uF}V}g=_5':0alz c`lQ1(yܔ5?Sl;-qVkCKVS̴yN؇Pz#iˇ}(V! Du~\ODt2,P ,$Ydr87s.OݔU*s3=$GE21,}d@c| NVN JD҄p|`lWmUyEUJܿE*Pq9۳<2׏z9{7mzX7ʝwۿrdPGSRL~NBxANDdb1,(A/տkۏ;p&|iڦ̄lLYF(6`Ц|ytqIgYSGN0\ q塚 $I2Z @_RG9;7ϻJr/FYt2WܪX3|j]qeT75Uw X_b+*[oͰiS2 (aBka1d@d'cRDa"k*i&0`*ݵ>ϝ᭎c{O)أYjgM$3$)hLMIfaPSOڜв5{4'@gV3Q}S h0a!It?6ۏ܄. UfeG#cv0HyGv27-<,ql ͚e!N`ou}TSr/F` wpoS<゙Zb5 1,a#Il=h? ׿+j,fd[)}إ4S}%$4:+ߜII|?cRl9~%!M!{$b>sY;dI>c!7'Sjd"#kbr$l[Pdtͪ}g ye\ #,AaQ#qoе *1vGMvOe+߷8D]}+Jkی%_%ݽyjqAŚxFe'p ( {4-%RdH ln2(64B [߲qx;KgXӭ9uFh.Lj\LӢ^ӆho=4 4t̔JKh?J{?*"f2 5nmU[nxd6f;7}QrYbJ$\ Y3vv MN&+x:׾\Ynaޣ^)8I: 8e,J&DC03"ȞIRNHM9fTƆ=j;]AGZf̅wa[vB$Rs hxo^ sz<>W|g)ff]kglʞBih7:'L] j<<칂ly䱵RH/Xp/) l:=Nr/\%H-?^A+K4;{󹆉yHv3X}ɿRO}߷IU pR RH,GwxK_9ǐlb$Y1|&j]}Βb 5ZDM垂GLP>ڠ^ $=z?1GKE)`ؑ 띿+;.9~w&_^P Sz1li.~}w6?R7RL]BL׍Zsl6@2JW{ d]Ťq ІEID鋩xʨкq*!?}41߶rB=򚥿}mEf#nz YP'l&ZlÞe1 !.ERT>;_DXiڦ34+,U|V}7:B.q1/>lhYK=7zۚ\o ysˣTPUpU]MW[O~>ϳ qX[W{l.p!LA#`&c!Ah&i̝.oTM"4z]ZȲ @MQ%7N}ad"[m%ب,/)DVW\`ђljc'I,ؤLn׎a.&́BB~ά5ZqgN.GhVXN߼;js5=()0iJ$' `%=B" `1%dXI=CalM0MY|Ėe^&h\\^^Om/j2m<ؚ}ۏ-Xe>c [JߵXY_~h>$Ƭf8`˔0C]yEL7OwZ5cu|H|~{Nws`o.ý!+Q^_$rIx;d 0)E)TloiȔBwLFl&q@,,[ݞNHtPKqB>hj_<6:0rJ6-3ς2G7ATs+, xZTF1?~.LA˓0f0{I%$sսsO7:D0+Fط鹽՞jgt @@&ZbTqރ$DJ%>E)J6ځhhFSM#[jw8ͷY3nXi|5]BFȳ+,gf_SoaC5$;PhF"'8dl20ydt~CqG$NoyY"DRp#aw]њ@XIFu C|w=̇g6gsޟc?gPb $ APL>YsBh<"hBDM 4R!DD\3=G?<9~^c bN!AFoA:$:@˔rlܓ% )anIa4Y@^4J kD8;0}Z Xs?yԔ9ۦvL%VZ""B 8}y6-V8tƾA"C$kBy<hM '&Xh A@ *]%cu^zڐҶ I6XHrbWZ7d*/7nDwh"WY1>@Hn?bP9EA*SHS9nïs<+?]/?'/Irܞl˗XPi4wJ`0DD)!bmBnd#Lid?NKV]BM@M547oтb–3 ¶+f )+Z~ .m?>X6~E s oôxpf;4["wZ~w{+_GX4[Fj%IƯ·8!R&f wdfʧ0~%F zUdK't ΓEU@C0Mvmĵm2l?R_"2#B0wL `LLٔwZ-m-G|ێPr΂?d\}x Fz_A#Ý;#l"Tb;PsN5@fW"0!RT)n5yaూCdL:Kd(a90E,jPLt=d0r 4>kf_̞lڛ/[;Sd7ȾUp}wMԆ&0l@"di' c!9|ߝ7;Bifdcʓi_g`B"y x~ {Dq/q hn 12$[MNH쉹nԬ:V6;IҗGM[Fm.y_]s'f#M#vnK}Rngx1Θgi3ZS:,:5wlTPTE,bw\`=O,˜+]YaFS ղ5M4Q\Gq̖ª̥"e(2@;D &n&\\\Qûz1ٿ:A۠9ӫJ5 UGCL 5Ϛu_\8.ؾ7?wp Gn%̚TX~M> KY! ;u͇U${LOwXVh6%V(OS$,|xstڭN7磩y?\/ȁ݄"no.ۅΣ_߉:l`ӵɭk4dAj@HC $ <q|~ׁǑrfǺnnG<-=׫6.F4V'@ֈ\qUt?t8VNR+Ч5e-Pܢӎ'?m۴DFE!Xjڄ쓦18&xl0tֿ,Yxz#h[VU- " , 1É⸮3OaÇopSAS5ۿ1FѐuS^ћ#W5s%M'b*_m"Znm}NB~"jtmu 2dj3}w^$ilҾ'P_NهY?ME 28I?(Kx:ڿORX[.~T!(J@(2sS0fTk*i%A"Z)uްBN;UڏdSJ`'NCn?|L^Vm+J4R=B.řSz/%?V?wDHsF%l{+{} {5٦o7o(*@eE)kg%4ɉ??^  "L~N!&xo3-^lriID"N:$Cωm]یpaxe2/&HCC摔6.AC2M\*k%C2̉[S 8R7 CX)d:_x}!0>My[O qm)DI;ŎN".H˔tjW(yk>>VzL2-Fj^$ViP2TLR.SCPA=`N|.Opb,a!;K&׮aO4| \w}0m_kLKf-RJ`^3'ʲBLR%m* R6ԕQk9]i2σ#a#7-ȑ`W *uF|md}V*&h|r\&vPJE%E+(øHnūiu緇C,νIfS$9ɗn5CzAE"Jlhli6haK)b(X k- a6dO9¤Ɠs)9g,M)3K<9e4/r/Dj,k3]40 Bc;s~sԺ{7k05KY )7`00Jʓa` IJ !Y@b@fE&-e?iI^@|g t葃2A!/u?}U}Ⅸ826D-d vMLL5eeS(! PWVi**IDY\2D^cG0\ khYp-c0~| 'Lc<3DHD,Zw D*¶c{g ׽Ǘ*HDL8n8@jn6`8$Dݟ"V V(1 +:IWvlT"zHh/ih *D4BBbU1s _4OAUZ=oh/KĔʥat ۾|0Œ1 hf;ͷJ!RSFJ:E&5*&bVmioR}gt*N<rQs^bP9]I_~O|?ڷk5h1lbIm﯋bݱ; ~'n5FFsv9sC4xZlѼǎ1y[ǢlT-%5C4`C|3V4g!9Ϳ?xvd6[a*1\H"@EQE  l% %EX1XU",Y1QDAUATF EbE@X$Xb(w|w' ,pX*AH1dU*DCީ]PJnfb]2L 1 *2Le}d@xÆwCsNUNqƀqh#Д{{jdF܇H}F+!b .^6*&&$ƥP+څPgR~whp݄&NHd4~TGzmP,(R,-XF, $۫*dSC8(~n1 y[EY((b{#0̙Q^nP;r~%D$#ry-p)Ttn0ґZޱ{3u:O캌=ᆇbQ;i-9 퓗3xp"ѠG@&0Ie?=4f> gvXM #빌ĥ*jD[|_L~ɕ-*g>tƅg`ޫxK `&/i4rqZfPX3-*%N<-/tedžB9丹SONY$f$^n"FީC28#,dP7w|;\`^b۟;9:=px lE!XJ,"[iC67 hD3&gE'ɉ=Qh5bűE#,oYQF*9~(f:g4̻p6A$[pVbŅ`bēH('K*ltq1c((,1T) ?#.^n{5U~>8NeEfQ(PsDm}z_'NX[v-qF$MOt7CdH,D Uc'X`TQYDX(X#;(` ,UDQV@ETM'19N!EC 8 h^?GH(b"+c!([hzBQA6qnòFLZsm"gհ,?yUe?m_9nR? 7Ƕ xT/\Ǖ$yO W+)' @*@gA14?0MxWP?a9baNbCF rJ2 Hb@M][TUW1|yi1@ҘP&[7G\Asp\$L}^Ksg6Ж)M\eUk+ sOc`ᱏv2xn 4wa8}/vd8z#di؎h`}(#q}fp DQqmˋ,`ѶT~w1iއm_RĆX=ϙ7Dםrc՟!F*awhC=cֻ(N$i%,^8XpV)m̧|k?|ʈ|0㇬ƂaKD (Ov[lM綝G{%U]԰ HŰc0fܙ!_'6+K!+-f pf HUUDPieJ\Ѣb),p99V$$ Lo&9m؉5bBxsP7()@*n fwπ?Y*X]  3g3*7ϒ /0T6Bt3kH?fs5- 9M[++%w6";ݯڪWs vO_Xz3t4:iA).sGmMAj)ljg FE-@(J]!w`ꢡPeD@r8)M[7DPu.{3fZ3ȡU&)/!< Fizf\R*V$L@]xQ%~Nln[64IC0%OdF Eѭӆ |Iڔ[K?`I){&#: FS=_E6LpxOoJb--RlxJx! aMxh7x}ڻ4d ghw,=CP(l ,yC҉XfѲG'Fx dUUG[+?'ذ/8R 7D8>R;Y(;yEWC^Ã0w1@"$Cc1,U&!VIZ]x0PXX?|@^IvhCCMz<DtP_?xfSCWפqW& h%|[U/hla`RӜ-66m#cch[lQF1ղl-[6EEoUPv-/@4|'ҏPHμ{ggA4IײD b/μ*媨7ԩ]*"6JS6 g 4@Yq6ǐQ%Zwx{g?fyCIXZr[ ?d3\ƿPewsu:0DW1:V CH9Z"1fnjsEc<7Rl&9!^!)=d8d̯ߥ?Pھ`Ŭ).aby[pJ'cQ>sl+62S_C!" .X,ʈiUi+'$ϜeC$G3^Od)RaI÷7Z! q3'$\>zN\uǓSE#@r, 4S7`c5MfcXWpJ%G,نԾɓTBmS2a 9ҤX֟7}N0sz[1![Le%f(mL!]=׊BvI`k|&NԠhM  8NrֈlL 2Th"М+ &H/;Lű,lmz5 IDMF:2ԥ)LaLB("QR&O;KRM]iɂBfIPVCLAdIPY (p͟F_wO|rNiNZ)2ԡ:kF"qCow""[.wC4ꙩe!iC1G_.'o'>b* B9~h67 FDB)s$};8aS%oUHOl]G"&qI CCi\ozȟ7Nc8Oۋ)XPcY9!jg-Koc-]X;תHV l@)WE$ |+ATvd;p4Xaf> Β#9?!x.V:gqoqgc(0le3JRA&Hy ǎsi+M?dF}hLx{]E2 2{Ǥ}މmխ :smuc/FlDjI]烼hN5]h462Œ&s2{|3md+M$61,ԫBG_ۑ/ K[o8"P\32,VmF5:C{Ι!Åyݻb$שL<"Sl~˂{CWHlR+`'8(rѪaRIY,) &E>x}hSisXlQoL)'`hCF%-ݦc?U>mw4P'16bGG&~g}An[F+ܗc~IBIk"qs[;hn-vQ=gL>_}+:E:)ӝBD Jrd{QuD=C|gb1b+dM(qv=w ѭ,O_ʊ0|RRmA!hH>g#~|#[":lywH~uvՈkwBjTU!^5 E.}-mOlnϨbRQ?_Zu~w'ku"\9LLh/|J]3s.:8MZ8<,;(Qj vtɛ,X|v> I^,DKl%eeI*-۫4t݅BĬETfo #F|՟fg₿VL A!BHbbp?"fD 6ǁSK4_{̦Q20z(:mAs bʱ^ߛ% "V'~7.BULP%Ph"ADzm؝> sݙ# _֜RC$ R"!lpHp8X LW44`NfM{)1ZrwAg+T.Knò.fZ]l |Ou% ;QV & v4͕$mR#im|iƮLȨ2$mȈ*Rڝ z.>~ζK4|,Z2vv3.`fCfa:,[My\2 ʋtP٦L766i8$zA~T;(k͌@hwvx;ȥzhhQlXk./*}.sSG !\,ahf ,(GYXB,OI375e?o&}u̇Ly q4$(%^ ܃|. 3S z mW'e1-!1ƅϻI o]H ܬM,*&HBGЊlc?Ct 6CiIGDy,-xMӪ3g69ha*bjgI3BhE>W6rnHwdam"Y"P.xæJyNjdLT`(tm[ 3p G'+2I 40Ǣ$!X3JLܞ&M}Ycb+6ȓCӷ?n)JNEFwm=-ra3&&2 $n3\W\+<,~W~{k '6[x>_nR7ZwXay{wA6#$d rED2t}EEkG%ƭ+GNAcHB=2qq5#1Z0eNݖmUo}˅6'˖Ѭ⟆Q(Ddk2M0mK )ȗ y5 .hY jX+Ѣ׺xV*+|;Eqmjycsk_>OsBUC* +}?7fwgx7!-ٓ4 POҁNA$k=9>hC}m8מe<;hsőT( !,:o7 Ox,w1ۻv MZH!~h[iJ팘`rH}o}] äϑŞ|Y=|áteG,>vJEX<'MOs2a*`.[c{)PT@%&%2RzqFBj$ܿ?~Hÿ>:qMDy|Rt'/_sҜ'>xuE41A=ظiiϐJ1mV``<)J L6M&%%ע`/Q,ꎤE~Yւpsj;o@x'|ϛ9L sxA E<p1B w%)D0 C݄*%7Eł'$S,@0$Tk EVh) '#j (( ɢ*B!㍭sVV$;^_r+@qsRkm1F"}6p JTy >C~gg BkJ9D*'b(m aPn:BeXvx~fƎy7?(Ӧqz C?1Ox4!!qBCׯu۽!yDXIe|%jo<@ԆR0ND_\7rya)FI XC, 8:]ޜžm,̸ ^6blȸ71r U8ӵX鐱 B'bL{}Nۈ+3F&{Q#.'XKs ь轜ga\dmEpSll$S˂{{|8Td'7+*TWh$ȑ#gÕ#}"c?7Oa8ǹuU(m(cKZ(<1F(-DS^d3$ GWF#]iď-H Ĩ|Q#uuDG\:#Sŝ#p[eLg{m7\WrM?tGi ڨ1Q" 2< Gh0)W;=J=Z0;J5Hvlv<,48@3'O= Ϯg2.Z_6If(^}^n;{G>iO9,Ll CQc芒*C 9ĶNO zfx:6aeLDA4Κ8N ?FGoDUmbZCsₐΔYc9˅! gF~  T^Ď9$^/~ʣ[FEi5}&xZHi,q`$Flzq .UIg4PRԤbzHD V&I#@]=XGׄt9;tS hD:RNd#D;97I[T0ae,t7QUjsK h!aQog/A}-TkPͫ9Nn{_}7܅} )Fi 4٣G>7sSm7,nCd%#;8V&B$W{V$lꂢvpLT8R΂GKi 1bZ! eI`4椃~D){;;-KC6,=W [vb#>#l)[JCc$Ž-'XoSaŏ(Azo3;P7oZSP=JyDUjyMdAbՠBT1REZTMСh+j+XeDm(C\8%G3ԝTt?&\3.Iv~&P~m)y;Ϳjw>G|ͭƋ އ,VEm>rz83! #z+Ȋ J* 2&@>RNx! qvm^u=GzMWTGKHWt^PO)]hvMiyI70jlj\ROrw;k[mv-=$΂b~%}7)Oy_5~O=NvjĿc"g突i mQ\@\yk; iRhGɹB^wRKNfTd( 9vnpOj'T/Þln??E zK}_G pt&ǻ( C"hօ G" :v/)&PɎHVJDc[uyp.Qa~3Čd˜&b` DQa}fB=pmm^6Ͻu'0o] v$ZH"$lHIvm ;U@[vw*J=xك213 (40 ]IŪ\Hw|EAX; yYUb%?=ׅb{E2iƞޘ( '" ~ . =qXR<|K;zR,)gS'1Ն5oE<󅧼0!NYTB bdxʲWPtYDHG%4XaOPq}n8ll [ hR( N'X d&4dhb1L 5 Hz)SEFikªT|DeVP]-EnL8nxZU5. ?gZP&)%q)L5Șa*,ݑ8#kl_(_ gW)c:42 2l)T1DT݅/41 ڌ'ӟ}nN-~E:Zrx4Lf}$"n~E컊5*"=[6%T,,͹AeglM9|RLUT=Pļ?vܧꬼIvt,kks<; #(F#߀a4nQ(n>_ tu|;a8`3j6 t؛Paޅҙt?o,Jb WFiy‹Cd0bW!L|'dd✐w 䡶NM󆴻S[2{Wm\t =nع.cCiQ'|_U 4cUtb^{.M:y{BØIO{/ipd{V@;H!Щ[?[p(X`xM;>_8.f@LE꾅+z69!9wǙ %IS݆OyʊuhC`N/ :L}8M\\;WD o%j^Q]9R`m5{O`gzX4Q]F!hZ>M TMVs0oR9swl^5M`\[i[y,\]& Ѝu@0Ф53qG;=8`UJF8 9Y/+/wbl%99HYi͓-Ortϋ>.{aRm<'C.VjoӨBV117 >SY +AqKȮ0=6.O:ȳ>kkӬ+n̋o͒r,L;Б$@D1kh=~ t=PPý#4-zLA Pax[x(qKTc2ٺf؃8,c 7("BuѫD1Ol'G>cNQxZ(. Ο oMgFAQaDo{ r~.w{޻=WZ[] y@a:W9&9yL+O:ʀVsrd嬻YaQ3kCdg4k@EL[{+)pg=~M%ﺵ 2W,eP2d*-a8y Zr"-:&CQ CjD i ڝ6/$`w$@E"顳nt奩Vb*4 ;{PuJ^v('xWeZ|滳"*-s*R u(هpӂތI'x';cu L:ɐё%1ϻ6{G|5pzu?3KcbdcLѐ!U@?6iM5˪Rgϑ^Mk[ֵ7/rO>H![l0dPg鹞/m_1;`[Z0h82;2-l"q>Vw'3EʈZ)zE'Ow/P$: !WCL.k!)0Z{鿵OÇ~}o4Shhǐja [M-g Ox{W ۦMsJswR!JGjKL>3qur J$H!;wgs#K@E}w6aqލlv&KReDq 3:Vc Y#m7;p pBvuD;JлmUN+Vjv1)8b0DywqXלL2e[y{6YRشOX%jA s;צiCaxM $U2iɓBIc=[Xb,Y Zʃ^f[Hisҹ ^FZ`  %f@RqXL,߾_xOUR\^{ @\]&B:ɉ2|%jǏT:_-K 9qܱjcXrbd"gfo+vuRB[SBLeFj5oSށ)/>xW+&Ð $CrZo'_t"XΜ;qiSӵGT&c. *+D ?{!÷^-Y||gs'usXbƇs,X`r@h _0AЪR {ll]`2o.b}k'Eu!N4(IBaSA qv?gk؜X"@Y Nr{oN{mwߚU\dnr? dbwJ02:(5Q:r8t_V:@X2Zcz1=P/ u8dB;%U)H!۔*2k/ "&J:M]TO !e41ܿ3i{9s;~3Q HhEu SkmS' b QL75)%CfCXnY 5 '"H;_ol~OфG}^< >Bd 3\k9m(woi0x9]S4W=G͞ y )C`R2߻>'fʇi,~ S C\f s5n8,m!1>=ᗕXQ 85҆'K5~tk勮Fp!L3Gͬ2f.D9IA0ҙǦ\JVq`.R>((CT;"v=m]AL9v/Xޮ'-Zk닧t\0 i)^16h4"w{t,ZjdS ԸpBL+f}-vu͎[7xzgLICT "(y=?3:`' Z;#)n""0q)oͷ 3}T4(Ë́;!QJ\.eB|L] r9f=W( B!sF!afLZwLSD8Ɉ Vi~!^/=f}$w;M%2Bq2q{'M+g ec'mGL2CwwL,?O0k<}P4AT"U!6~qp,:'ƛuW@yLV11GrnqvP?L;"Al}ܴ6A*_qA"^$GLH^7G=YI2ٿu쩦tR-~y*%N1Kl ,NCM] 1F7{7f(nqk]7g[J+ I2:q'CA틈.\)z`}3q06gVn ddl`ky #3t`'& cgz8½g[vjðssW"H =0_jϵ EL8EK_N?=|)&A?hq#[Dt1Ԍj.}=$cnU]lQ\+"mY*ZpC?=QSns*RTs@x NLtRA z>Mt`J AxmH Tp\,-ȋӄɶ L[tNB91I3~Ŵ@%[zvQoxj:>=m⪌NEM2EOvKRs(HNrϦYpy^D윎y W$’A2:\3b!oD6h𙰘*C,t10 J*ۥ=q._K{Y.3^D FLmEiX~[,1VvVhAbFpMh)8"}5*ίzM=_hAHG][y38/~F':盃Ɏvn^iu3}:{HuoLv{!&5^?™4JpC8P+Mo>e`SiÒXn%Gr_VQ}d5f<"$ -,ɢkVGr ѻ8٢AMvm3zcdKemKแJq" 0=x_l qÍpw**3S$#Cz$#Bv 6U"92ځj?"+`+O D׺M NK!1BdH-JPqlO'/ȓL4!'C?}2E43 p #GU:vpk1cd27 6DDTN18UoG&;ZI8yyߥF;gsյ5L7e\`.(!4\QbM,2։8ŠǢ,ҽ.]I^x%}F0Q2,u6Ȁզ8X5,4#6Pc^iH򠻷-7.jh|= VV4n\Eԓ 4Iٛ^ar'/ WFL~Q~d)x v5;bc3ȞPl~츯Em".Hf[o$[[F!S5sDcqhz6cЀ)0bDm?5 kJm1Vs{7 lD^m( +i^_^h?URCօڤFH$/܁|ςJVCMVϑQP\c°מri 8 @]N1r5YMu((8w 2LM!ݍPbÌ+p?k"Z N|u@f9>GQj|ˏ, Uhω(ڝn$r2O8G}6ibb,#Y s*5:i#s^h |ٴ . Hm_mb_L9 c1,$P^+@#Z|j LFTlDKyqZ@1 ;;^s{肒>w^`;v)QW! ) dlJՔœ14Ij)*jˆQ#݊)W z 얖wALD$YHW2]~>B|כּu~Oҍh3 3&^'jVV%G[ -ţz;|0;ӧE*^iJVj~Ɏ qTMAw+ Z|z e|ҟ ANAğ@ %$uo>u׀t83u<3?}hayդwg`= JLM"ɑ|t%eȦRfA&hS._u9JŪr.vvc7nRpv0gt]p?tf'.WϙM̯M ,^]Eh㈔ ̒ͪzZ86ߧuXkܼ5/֛hх7ֈ/TGo$|)F&ʞU[vT't t \rz+q ̴W_QC:U5Q(\NsVT`IvX%u((.M>ܬ!Sa0aYG 0~3}5I"R,xX<(Ҳ&s^yנux٩pgG)e0I8,i|_σ>L\&@kWk`^:ٰ)ZU&N`hMW^ԁ 6;H8 jÐ'J̰CHjS@[t:iqf0;Κ2?5_BՆ7SSĀLOԹwbּ9T@q۞^9X1 eM%U+nrdpvijg"y%hwB:6M}5[T};S$ȆYq5 Vٍ]?IXsC1yg`-#,5]`#YmWnjT,!]௱}&`;.av@MZ7-Bs;l͘߀tS1 Οu@Bpp! v{ />4͘x}񟼨r"`X|9OiE~Fve VԗzBuU. 5 0 )bz‹l85+QʨxZy>xTzb{ҿDs1gM=`<5!oEځXrУ' *fKE1'w-7E x[N?̰9|4]* ymfl.(E/{ _%/h6PS Eec֭]\])>DJ$lߍ/ۀ$+u(8C<kHY;,桏,%9zz__$3V+ȋAB- _͕D6*{dNʸpz/U ?3~\5cpfzq ;$a2@cc{ yaU>Jtq0j_HqPEUYQ6H:܎TB]*_KD0A]xcl|||=5ZC Tdhʗ4'CT pMi9$957@-)ku@wx@jRp(Ak2f8egKVp0$ PCg&1!ND<)NQ,~FwC6cj@ |HKҎ/4z!L!WZtVSbhd8L@€Mi'kq'!CS•ƸjkmUp8 3M T;|~ AE268+qfyDQc #JK h1քv93S7'Bdf`S R&7R1e|%j;Ű9ÜUAso2iVܝ3x'-<tݧ/-Nz%bW[`/"Zʙ2Hi%Wjp}j Ձ:b4(%*HрB; W8dStuQ=>ڞXJ&a7iK@Sq(FN] N5Sʌ5 TC\C 6)Wx| p؊ 6(0w%=YPs1uRd&_p=]6fWXe&s-v0z  F2RM>\C vk ~v\JjjR6%ʻy2r!eNZY]A1]lr,Dh@2YV%/@[U8Cwq0<^"n'&_ռ&yC&WE6cײY|!evPma8@lg6[(Aef:8CvFY'OX5 tRh8g3#ڗ<ӿZ;[PwHMXnEpŁcD'śqM9,_&-d I?@EIcPU'p03IT'Z~7]UD ݜ/ڥẴ$tXڋ3k aM 2/<&}1} Y"84Q]K %v'N Y%}bJ܀@:=>i?OEfz_Zew7hTB$杔/UxVHẓ{5W ,%S٨U2  Hd!k`ƂU:bE{R#վ*[Sz=ӡHv㗰T9OQ=.'W$4jEGi Z={8)XVh`вdMVʐh!ظ:ؿ>`pL$@WklY !BŖ SÁ7q)5% MS[^5p)ؒ2 ܘk]P,cp/]dPvH}c qSU#ta|݀Gn|\6 DvgW+ D !dch "bnv+{Bx3|.se&1E@_YDVN/Dy6jŏd@mΆ;祸3h9KߧjPw X6wz]:G(O; LVB 2XL'宾U#SyƐ0\̽])*zձ%z3lqgW.(?ҏi~Otr,hn9뜌JF&HDL= I]h-3@ `yt'31Thk(PƸNgO@Ў3J8 ,#A:O>:S>v QN!Qz;ъ:FXWN wN' A^ܿ.N7޻GuKcW1LGLYjڐ.C4)Ցf,' R˄,N '?w9it"1v}+ nwޠ?s[!:l Ea'!w9*-ࣶsbg[L1M;x9]@/S/^k$7hwEhT.s6 G Xp ZQ[L8QaQMUbdBG00qmӶ)r۔MĺbnJ"4|})(G0L|oFS-O iM6(`!!hxUɮVq0QǴ/h3j; ~T'LewnpKs$vptf8elPcM05_%V(Fc`+q$WF?{I>S=?Qa?\ښ+LlZdRfA2) p۹{ꢢiijXVcڒTΜj&0Z\B+Nnh#2c?|%WpP>+NY)<p} Ws6硨S*dy DS D!oWP)8"GՏk F/6~`xY ٿnRK5I'K羬/~H[?ekz> r>1R]OPq6Tiv OaoT#8Q.UPB 23<#c99씷f @A\С{xwP:<7yݐSNEo `;:aibә^ߢM6jfu6TYc1G?4X?dUF \+zRލ"RvE"~\\|KEY`K!)hWbmY{i+K#ndMk2+%ɫd3ݳwrtk.qj-e:FׅV<3Qc ;My+9CCѹB-6j?3/e6M?|4ًRF]VeRʇhv**Yh_!Օ?Oᝍ$Q/kZ tU`9$Q|q L>B %Oj1PzZyH~Ԏy{?b"DVR7P-WW;OaP6׿O8 %vDKӜTioʐ8F8."bA գdš-ukG5ndFU}=. V v}W'#gҍFTD?(pqכJI6^` @QGp=q'3r h&cD>խhaR0w6x2n7lJfos٩= w4zCrǡ<V<)@QW~M p ԈjYH392D0$B_%l{_LtOyn6)]]}'ؖkϬYSWh[rS >E! yQT>?҄l㡢J;V`Hx}'6j(;֪ pvm% rBy,9F:ϗroRjojhyaQNXtȥ݄'h!H/K"_[8Ph$ed #Nw-fpċ3 xpjo8 H̷|_71NU9b27dfq5{*NTWRjڵwy^t$d{Oe p|#OǘVquNKl Z<~CKeBSOdLY\6!lhE9Rƍn:9_U7X.e xP]@% =|P =$u@Jv{uLT2kj4zMapZӉڀLaI9Р]eTJ9S}5 | ˩1μ䃺ݧ+jo )=,&,:fetFۛU ]SQH@ OVU=qyڎծy:5 !%nHM;6;9[觛ѥ_PR~<˻_[ć;Kb9m#]9YGzS TD~Bm`gZ^hՙj.6vEtѐqw/d|HeDP\ m@xs;AQ_ `<6ɴc"&3X\˧FswJ*/9?@O-I3{`ޫ'Q?wmިN>6DTs,1\p{0OS%E(U:w tjFK;wgs;?$̔0*q IAn W3ӄjr ti; QJ)_A]e12E"-\ 8 v%G͍Lpx(W?9qCOT'4a",Q5ݪi}3pv#s<%٣ p<+_s`F'|@3qi^r;pDDHVM6r=7?.R{o:9.efaRCSJ`Eŷ+Cnl1ꓩ3=ϸc`4j(f!Q{=)~~892vb?QWE&>: h[p$EZ\Ae ?bLS4%1e#񿖅lxr7O^&z?(B?@[q%ƩFG%m[#!SlĶeF,`wna'ԛ y_@^4 s~>&֬_8yooРBd$ XYN(cxcV}nnޥb;~M-"exX}kq▏#8GO Rx[oN4 xogTe(lj={XT7-@ ,')bl|m57tM8RЇb!!83rn?ʌI?0'-)njT9ʇu/e} h(r@k0j,׽^N6^$3!MW4vO'JK6v59 i3򇳚%df f9/KɨS"ڤ)XaS33J^R=6!}ZKtßpKg3hVٯSATrf+cNcՓ}G$k% s?,KRJKjf}H$`ȧ|t\!LʶQb"(¾w;Cvvzc2z -Xj?DŽC_Գ>0ZVKKẗTw3/+q*o42]-պ![0VPpUo={+@jRD P":̥>ZV;Ut;gkޅHgBX{~ˤ J N )lȠX\tAz%Kn!?,]8pY>׉ X8P兵\zA5X(ȫfѣv o}O OXW`Ç7N-?z`7>6à3kORKV4 z!uKw/"IRMi1!(0g+373Wo?=5P?^B dg܎!aUΤUiq)4"N}Vtd#g(5@~|_rdefP >' ;&<:X\Oh͖\]MY~5m Z?D右ivr $'|f1aPxxx6L0Li(#ƚ\5U)Y8 OYpk :ܹ "Ywc15ӱɍ,4F<ћ2^1{ ?p\%:z8cF}rycNtaIcl>i, T7M{;B21x+oP )"Z fu}Fw2 8Dƺ|yf镺@Q&x"ᘫW ziiT\̕s{DV?S58@αfZF躐!OߍW~/ |ߝkB^1b1/=xl2/cy9惆糋Ju~ (f]H%o7_OepJ߃à^INb{`aߦٗL 6b3DEgYOMɣ pb۽za@6{U$ca#62OOJ:j[]d 43I|A{0H20-~kC#sɽNpzlVn**%P!^- ;W(kOmzZN£F9o:k>K z BƾEEZ!Hi!]{_AeU%k{g9Yu>{Sf'6 (R.FMyLI( 1y.Ccldwj,M[xRvh''R?+>@QK-*+ήŊ@HjHklYH?9)> r4uZ}} y4lO=XY@wjټ~&&l)Y90=p_D3{ E<"b=ԅ^CnbmDAS3kx;ߗЀTVbNPkX+#a4d!p۳ؿj.U;CdltjFvQ6\|cq'j'rQq:J ܭd"SOރPA>yA7@B).;X_1 ]ckӱ)m#ŧl )E5FO'Wx/5,:&7h@=ƨn 4U@+w)`қQ}즀KF>"f7̯xFRӰ-&u τ.\ @!01QvBv'3Wx%p(b 8ykAwB7f 2C1 @LŁ̪'*\kvGJḳJS^`TA ƣ^ۀꖍ QrCUfAM҇O=5,3Rȓ ~k4@XdW߹̆6 l<mèut`7)T$6(xp%T{;Z"HS=e4m#aQݞ@E{4rS>jA۶bWvK hR")ߑ?Q)3xVlJL=B *9Uo{\ѢFс{ [p =A=sNʣ-wcp}T؃ox7%r٭GN.Tg/-Olxw>48RQ~lVu,WΈZN/*}qϨM I|uShD^y`GF2LJ_M߲< )=L@-S {K-قp͖Gm[yK[9ֺyU ,ס#;"6 {1i$&JiӔQ=՘LG.67Y -S@1P9'6k;[5VbAy997z5ED*Rx"b.; "M ݏ0PNPh8ҵ^=!s]MsH lBCvd[jx1P,68 IȎힼ\|>Mm=NOަ2jxB M2Jrr6/f/=b<>^6bj Z '`u&$tD 'z7?4f,_fvlj]v0UnIz[RNt0v##ŵ=PX8M0i6| 0%qL\_Έ R{E[) fN>x ͦHj9bcդs!F, ¦al51lD&PFqv '+i<)G|c1=paz{AR*:D ހCyN%VN ۡyݥSoHߨ04tp-V,py~QʐT.&7uIU辔jGm/㲌ͦ{"$VۜJZŲ.ZZ'lZwPgӕx#>uOW_۸M?W-/QSҏ9Đn #l1ƣ/;t:S;!ͷmd~CL eF06L&E:Z ]HI "p੨Ix'wr{zX- \mkةzB6IŀKeU֑PPa-qC!@Xd a75sɐ*{ Aew+m X;2O{0boc^\wlÙJmR~i}QZAMu7&ֲ[fyOs! %i/҈-}W˳sYL@+f!yrUΉ.CsrVwYKX-9cOWj=%'{PĺV/`LFXN,@ )#D-]rq_=Ot8B2e4 a=*oHε[={mr>gZLW38y?PY`j0FQJZ*g/ `dH4qq/&)UI) r VfƢ~-%l0d2elO|MQZăxk}Asgz\ A򆬓$Z-&ÓuQLSKw.0E{4\P2 t Y Lg$_-#Ksl@{莭v* 2&[J٠$_-r]yNȾO(}{FQdq^C''B1ULYKQz(F'UHꐡ2 U i4(MS.ݠBp [|G&AW݊xaN ~jN}XI\;t))qnqd5jwM&]OЄ f( `ȱ Yz?-q_kl dN]$\a- ޥe* GR9!oCn7naprݺt1N%X jhHaKEm޲MH.>HZdz[پ3ClyPG9H7$T=뽼? n) pૹHKvt~d'.a qc4[̣ hJ dt.[Ja@H|ҙ UCk53{]# $fDǃ~7 X"R~zlpj {965a,Lv[szI_15!;Zu[ES1/9 ndĽ|j/ QTdHiDM9Oju3DI\\:nx ocd=\/?h+-vqM GlBW€6Mpϑ!מ,s{M3 0|^r*Es3eŏ(9ێWVBZ9N;ΈqBpQ\_ˀL&wvR0<ҴWӵrҰ8t/V~WJmGVY] \su^02 րi1쐄;AφzU#hV%B-Mλ1?#7)#6w> eR/~#v',`)Ȗ825uc8zI^nQKg,Kp~(@ura҆X7C3_$4Q-:l+=s{34X60IəB~CuVMt/{sq|`9N@8|n0]'jlcsXsKWP K~4 ՐIf<4ak6N*\r`o`CQB4N tѱ6~ͯZ7w , .Ce]wI~K:4Po,{>T;oEjggA5 Qvrw,R lc3+M̟52u; )%#eYB!+s؅k;;%[q֜yQ(!]\C]W))con]sPv. r+)< 腪s5/& ,Um+*)SBAt5 G9d:V'96ڽ`8f9 G=δ;9p,jQ+I\E1kdninm{lBJƳDk3mA\_uHf)7|+BD;JYfm$0MCb4LzIףK4[J:"Y_~j  D `M#51\^zo/kx rt=Kf 4cwjkM@_T]^sņ]k5:>†e0+fRK3u&^R XNA1z200N 'Ԋzm)["j!뵉 l6iiY+ fGḱvٲ0K19ŭv##G9#'.IrqwN&{ӯ~f*D[V¦7h0IÓ7<)-w#RNœr w,?O׃[(' LMz^*xcː5@ĚDw*.Ӂ#FMԠLZ*'LvȊaQwOrtyJO"w1 ҇qoW)Boa9x8oFM⪃;@Zs2.@q{r@]/20;Q'HXu(@S̷ϯ20B 'M*RnX(9n_Quc+0SOx5E@MМ[.fpd0n-:]۫!Cl9?b </*,4;`Kk/ GEQ熏c0r sʣ`h Y5QAّGjO* rUҢڽ-.mV^K&8Z0܊6l1]!tŝ20QMV]tֈS Ă++>1ʠr@2%)Wݱad?#Zc8:Bo+Wck\`ߡRS> urAQӴ_6)L7B&p Nh9^&㤘iH}&/&+Q e; \>ߛ `#MlZLQ:.QtCb.dԀsQԞUՂMQ';XyGKvӡWSimpaXT|ɟQ/]O4"q>iY%5%}"5<`/AIIowoKҙhg[_>rGqotB(30F2ԻMo۬R5J&N9y>6s1 1F,ғJ"1^k#_G\3m,<';,OZX#~&9CE ʲ~n ԏ~rl9C[fzF@5ڑ1rJ̹{ʲzh 1NHHH:"gOݖXh4{|~&mLo2jm?DE'y:MӸ Un! E(Ј#75F9μԨ+ITڝEX''Jlvt4vY;+og.xE31C%V/D*ڍ#Յ sO)bbxّw+∧uNڈ*w-A0\*@w> ^dNڇ~9*7/]MU[ԮDrM1-?.1iK[+a%뮲ʿ]r)n{Ei8% EԘxxgh澴EEiNVf|$( LL;Fz`㊫(<#DKyz:`F+dm)7hyH[BGM6FeO@m]Jz&E:%9ޕscp;:tѕ'Pˆ+= c#txz.jݹ8TBnmf1R%Z%;aACԜW~>b&O $쳶6?wlw%nlkqP4p8 RzZـeKj1C?bh <+᝘ ǜp|i?s |eJ%IboUb6^x&SDSy<5c V04;ٳyt]Z"}olO {5Jo\|Y\|! k PC>eҟT#]n=4q'IDOBd3~-ULYg4⑧RePo50{$Ҕ 3^8L(Bq(m&>p_5;ӳvӼawEF,A_RŒ}\>ݴJ,rM o\bP;1q} uٖ>adhlcO6|.K%X-K*sU b_Vg3I#S @Ys9[^)Ά :$89plȏ]0⹫q:eJcBHq dk#q먹{ua,3KA(,b+"QEKoòm: /~Q*,XN+0a85Z`, +sR~,='J y!JacHS$znO9p>P7x)#a S!{ -Sw\Iw0usF6ݛ{AZs^RI}jbr0 %jx HdX2c':%y1yzHzo<"PE=dt2h=,v:oDWY|=SRۿpi@r{sUY0\ė~P޹)Yo~`D+’GԇV pڱFv]Ĕqi' }=M #SVTMȚf(91oI羈{ K9I[;-t TsD^[ǤQ!gd\vʡD9\Bt;yxBlyܪ z^QH'P~v42;JZڭ\r"T>FZ\M s33iYfVd,j74UaeXdpH7Zr90h;+{D9 *IN^k?JVq9lhd>2~bD1?v%z`D[]I]VnG+"ϜՔ-^klJHc#u1>cT (}iaqy& ă;!2m̥V2IIszHjqzBu[+'b?o?d Q_\G|ՉƯj,.[vk1fw}OW}ӏ[K6#_d} y~8ܣnnh>ZGc*d3f"|~W9_]Ȯ K00,ڤnm!gӡ,@U0'mPw(>^jfz|G#m[~$iQϞ~<"6u>i'鮒yԱ4\Oe/wֺH:F 6j~hHܔn81ZchsqWO@QSn S3-[/QTK>W$z].An@WZ3ct21k(Ҝ]WXn6 Rˀmo>N&W6qd*4NGxuX]4}%,ʹ21c; {cxgQ;[ŬދH*zJ䥌Ug. 8;"h_`dA>s)ٟ26bd[ ݁0=:^f _ڙxrYD ` k+cqa4gJF\}ϷI[Vو^rs|&3f?2=.`ؠjƗaݓ_ XqgzBex#j1įSk>[zrM5r}v۰6s^~0Zִ5ۥ@sC~Y}lZ`d&OkP.PK}s\>gLCI~5j)OCpɥL+-b;8*ѳmԆ.W?u}r=uԳ:L G>7<vCi.>la∧4Aۑ݂2ڞBڝCeHT8k|zu[%OP?Q'#.O3i.p ??ʜxt IV {S1AU?L@ʂ> 8uap?tAOyNH(zC7F?۽tEt㻮CΑ?dAeXXtckQiidlV@:M$$M"U Url!'NFIƓm1V`?('iG#:L vq}z[ќ)z_y| &|%sI7ԣiEb[:~tz|owc51\C#Q^ ž}OVCWl7Dw0z|YgAڭsh %P뽂Z_ɻtD4=f|mTS7j> 3H7>ᷮGW9ӫoMǦx2*/ӐaGfua^0xghۖV7 :iR?Sle!@U2R?[t_< G+<ѸC Hbs;Z֭xfk%Y\|˅OdztHӅŐ)kxvm],`H M߼tsx%P0x SGo?AzKʔ.HnSr vU X_oՍFOehA;&Ф <>瘫-QPh4WzV,^g&뜽Z$;!ͨc-E_mwwKWvL%qAK-1xmHA/eG-j>*!FxURf(OB]|q3{PMbR#C&NeI `(0ܦtTK@+ +dh:m{tx߼&Y 0A,z]ÑcKE$*KiCGqd эBDq |Qfq% x۳5~-1^F/ {'j8>u:5uEFoK(>gMآ48t"(mO=,4؋ja D=9epClKyo^ƅB<,^٭b2)H**հCǂ eHzP6#q%gƍ\|}[}/ae@|7>&.LEM8v6oGG}e+y oQnU?jn% G/q)W$ۢU:Z0o OOܛ9x"=|hl@(&qlt.B@pT}=Hoi@ԜDoLE#L]%Ԧy챛Q8㫜f܄ dk@ P1;KM!@pH1~gJlu ' cZ.[XC48G?M{Ճo3n "hGӇ dnF<{U ѥtru<r9&Rf bqz"d8 PPߡiiv^rq %39Tou2#NRnBeG]4TYw(K+Ѡ8l7hYP͌K]=]jр93,),0eNQA)Oɰ]؏|Df.tyu56WT )wgk"VwLƚׅ*yܵADުٿzá N'h7PѮ[_^ 5X[=tj"-Hxaۨ (-hS(߆pZ;hM.\IS#g`7V$elTu~\N@*?1Ѡ/¦vVBHգAƖ JPXZU0jAVaOú´+hQr? _MkP!8iD89 8UKGػ+k'0:O4<`Vn&/wwy%zBŹ$ jXD/'0oJygwFxWu%DtP0[{_1ց,RTϵnXy 㢋CL55k]}*S$-Ky'Ɖ`3&! dt"܏g9~ Y3,"53CRG0h>6T-Ձxi x 'T@ho9.me(%,yuNDF2vuӢie>\W ϺE ;$#[SݣC|5=R2@ig|tZXVfq\!q/LM3GAa= IW~: 0џGoW=cu4vf6탐X. f!Cz|^XQ%zEoHO%xLdQ ?&m$8Şn  y& Lx@ª S_2($֢7tw#~LGymLԋ3g\z!*$Drķ2+-g6 B^3%p6D%([gq[}Pxǔo2x'"e7UUW1ۑz?:{O-se-GT\4T5o3r_,J]7MЉ@x8s[݊V=gWytUw_&h`N7Ӄgb xg_4X;G)>%KJҹz~w&ОS-I}OfaxzL9 SJKC H9UP&DZ0.yR+=pgXVBf I¹LVToK>70`,ڻ6(&F&n{1(VT GX>ꝼ@jӿ٧uf$S") T/b!M\ @}K3Y%@<6p8ɋkɪ^Sn7 ޛQfu]@P:~؄Ekaie% {sgB]2Rnb$H|u_W(pL?3Cud]`,B:{b* ҖŶs)jܾ7ǯ> Ɗ$jnj0 oKB @ @+]_̆K( Zt{ "hX}uxIx%Pzf+ L<" c䙧Qx!N .# Gnʹ<#PH. T׬C94FCn,@[ ݐizAa6J0y/fԶ2*f-0Z.fWhsNq/NsΜO]\빽 ;; :/t^r"#8O30@u:7y'pE;Ȑ0\SU[z @ДmuW!sE ymb`)Joz &P1qSai[&9ܸ#G2쥚=o(g,P~|tҶ\@Il:2V~Vu`Enb Nv8)NHq?\[&(%>`^KKܤTb-hxy8s+[v ^Ȥo, F2;$EJU5xK^?AGsrhx_zpSk{Vli*'A"ukC(Vή.UEqS޶"DdC8YbRqaF<[E-Pq-lG]'N*\2|աSz82y</a[ُcb{Kk=`pٱf6%oME49_kNFbUTDC'wѮ㥾sV !.XEv=%b^\UnY9s8ʵ & IH=jў`Dg}DqyӦ=6Pt?؀~;HR;ڭL Ic2uN^xEeqDqa`F3u;%Pg>w-r{i0IP5z`W^qD2d9;CeĖDGLN r.$%-1 T. }hCI?Ru,AhLK`;SSZ7ޔ7Cl;LOB!LPXkZ*<zlIiO4,+(Z# s%h* jԾY|Mk~Tfk0 G Xdz[Ϳ[Zׅͭ`ZE`j!κZ|QB{7YW bu&0:9jOl}J*G ZAZBlC@3ҋ)꼓OJXD@k j>ۀWx*|e Ag`]:e^Q9u17[hv=SŐ*anZ`Lemh %cZ;ǍԊ+X3x^DB'fq飖M2iv;yLxz)J5 Rp0<[,M1ú|_du|0Ϳ  "p!3]uuFտ ΢ CIGU\_rSOP<`x*gQeB6ڝoϪNЖ Է0WrET P)0R/X.T"{ed' gs}[V>3}^Th4~g]oq`1LҨg)FgCV2538 0Ċգw:K@mPAn&-ZDyT~сG4cX\ ])>Lѐ?ەwBV73dx= rP[#q>c]-u 'hh~? T,c&Ӄ(3e#8˚QQ_Y7!365z;ɤ|Ԫ4.P7\o(G u]ґ56=(}d*O#ȧ_bz0 IQpt["u}Iv Z)MGܳ+cCYsi EFh36:1urfMSy1T>qM\7憵5/Y֍1Bïӡ{Ot̴f$Lz|pc[M°Q!n9p Ka+^B\pVp1xDuU9S1 6J%ZwʃN6BScfNݡDX[an>̢(g9tVN"&6 m.'e1dfpbtePum|Yspm_$s9APhӄ12b Rf3Ž9[&6$YIfHo4{_D͆`L׻6fw]Ti{ &x(~{.->jF\Ҏ^j17!R{ŰMc']{@? ]CeLZGuj'zf]5/Koqqt @%MgMQR;t%e[ C7,) \`o$9I2H)褩]Լ *_W_grddJݛ__! Io0bl<+PC$ _m]ħk7SsksO ^#n6~)1MWFFj5%ACK$d{Y_A*x`|q,+̅8vѤ:*G&ݧlv>pxF'q\ Α<6Ig]0$;Qj;p%p{$aK<2(V'_PM%m O~luZށ%=N:ݑk¿W>AyXVScxV/I1r孫{oXr? jRc{yA (B`,g ? 1]UH(R1$g}ݮ(C9^.LZϢ6 1P- +SLD fOQ4mϻS/:'ܖ?haVEu*&Z#/u֘qR啪t21V.6AcJkRqw)}DKd9O8S)Y:sssPIP S$[ +C*n\X nи<~e]e<C^*x7 6S RnJ6Ѳ\iJ3L.y;f~$_c)6LN7Z;==N]V2eG&h& r闳ЙTxeao<nc)!kcGoWJ $(떕%L)HZِ<9&XCZ/FN$*ag*a c[AH1 DYcRq2"gx)N p_N[8< 2}1ӻaIˮ g\Xy,Z“+#A8,t"q^>]3@܆ےK`/[ aZVl>$?"/kgЪe;.N[.!F Ař%f)+ < O2[F,sU$ U-/H) XC;ZdoH:M I6QMg،0*1Wivtc:u+`Q=RTFDqM=w#F?:6M w}n]O#عZTXo@OQkxIEO'ǃLXW /-=%T;9HG[$Y`yq8].$vT*r 5oFUD^W =43Iie?:эdX|vp/b}UQV&A!&%SRD~8rg{Y3ꔦx_eժ kpb̽O[|ٸPj6djIg\+,w7?ڳrh2܌/n (xVn Ԫ7@9b5(6)ٻ_jȢ+FZ!2{Gt= kX&T*4-[$cNm c0nΖq{dﴗ8"˗1X1`:0塰28\.m9^^T9hq!Sbʣ4%SϢNDNtmS.9Wyy ,"Sٻ9[h%唚K#*#uP0a@("7(hK\xRXh3uu Ϯ?=[LFπRGLD.!KoZ^SA%2r˗tgH`00<1p<{xkߥ@7%iY!Bbw.Y؂%tk`Xw kN*b]@W=F39(@;s}ѽz\ҤcNqe>^ 4D,BCݔ|X,#'~r8gh2 (sC9蓌? ψzx[\Zx}O :Vi1qa.:j;OqއanmFQ9oVThDKU(Zm\:i)`ˆ 0@0kM_:X\e ǻM -Cg;:&s@ eІ V֜Oa/ @M\cH~($^5.y\hOٶfD>@$iyJMlNlv2}6e83k>%+jAۯ,n+ w,6 5= ( 0-N5?"0h-|g x=:/]fb0PufV"<čT4>{ww6R>s2N.]{#n+=?BB E`#D+<Δا(ÿYh|IAc2k g#S^0؃UΗKΪ2^ e_ G9fPFfR<ܢH2+Zѓ7h9)AG,;#@מhc湂`[hRPGr[=a*ZjAg!~~>U3ب D䰂q0"t"cX&ѐM8VR5շ\<rl̠_Gyc: $7u!U4 &d[|]`9}!hspXIe폊YaҤ0 ^uӪVO%|<"MT3YWsnT&*OA!TP$/agBF9v69KsKsL;1HCp<[l[>g\n4g3N^nGj7Rf7+ <|HiđɅH]B(ʑ`鰻/fyĆW ҔܯRrV/?WQp!3*SNwiZ_gcStDF!Ftm)c*ZLoQWسԿTs?آv"\: Ml;*^ȩ%ֻw 6IdLڧTLxޘ b&4XN?dltPDddӺ,0u}J]Ȏ22 {LZAE*28j5 WP`51iT7FʷXܬ>TLY`UU\>ڎS(+ꧼI~pVꇮlYH,2:hR,o ugvFJw\ʐ^iA"Pw)$#ldޯ{?F,@N"ψ7@~V45ogW1:sRsTlreMH5T>Y£qx7m0"vDU z`~ȹX!Ulg[2c:8j56*ٖ;bMaVyMfs`v0p0 &*6@lw)fPAIړ6#] qJO̓'kyŃXT$Y]% ]AKzßHG@8~W^rHc- b״Xe>\R]ijgr_Z}\)_LbC- Ze7%1|6)pHwGtϚ!#;:lpR=f">E PNZo ˝(maUB'a !n,{ {c%Ĭ5~h3P4&g^A7r{Dϣ xmq C vpmZ $HQXtN^צ w輬8sr`>ӕ74~IԈ j2e`"SXFm]rcZa;?͒ }]}xgyVZj4?KE*7~u&(L{!B/G$>.W{aL<DZ;/RZ /XsWێ1'Җv%U R]) "rMsԑz3Ʊr>˭a wru5ܞt4NaN+:l#̳]33$נ7I$,*=a3Yi.aߍUSIP%Asxcc/Y )&~ࢶ!N{vRO wRށ,?czdɏYE},^2HV\\_迏1;(y5y~bewd'P"En#i <=คF ^רB%l ];Сg* yx"XRbaH2.?*w6D69<(B E }j6J%Wؿhr}[&%bȔ ֽWi`j]UƑ*xVk~Ux٬d?sx͙$_5<2䀮H3EPQ$ޫ&AB}Xf)-$VFKCH[&0A' SfK!x`P:'wJ@j?hW8viW5 D ' =Y('xYRGf:X m8Q#0.40~2VLd`o`kr{Pˡ =M:$r{L<$ Rɕ@"o;dx_}H@h'uvC$!cN-ԝabzBrÈz(4Hφ/"߁gl%V5C$fI)ZsOWFjTkIġT-pG3b>R %c0 wI7C3,X-Y" ^K6e ׳Τ ll8~4WtFZbޠg)| dœ>"kEӉo® _碠٣7oM3~t.lǞMSg #H u 9x[/*1 2·лȠgsW^l5dX6ѠEf3f&ƿ d|Eٽ#B G r{%\2hs:GOrt)7=oy<5u*l{G5<6,ő]"c?D+PR /y&e?~8CR)ȱ@eL{ҝ)OH9?I}@F1eU >[MkZubpE0"W\HjzVKJZk9|,u& 7c-x  Hۆ9o8C`\o{/ o߿x<ҫ*Whl&[`aK);wrݐ2$ps7?DK- ϡr_ nrN_/J-NNJ{uFg9ڇQ I?YФ~4Co!v`1CjsH,d?vh{%~ 0l~L4ު۽!kU]ʾQk3vS Зg l/q kwXbH}aycޫZ3_AgCkGgh,? .:D)kCEX5Y;EW;&|#Yv=6Jsn#AoİlBT,>^GU.nZs1QAѓܧtNiArB^zɪvO Nl&կ߇ZV]=}M'tأ=1LAAy;7TjKZFE- @@qt"U\+\TCl 4tl,;glg"Gt@=m W 8+w%*OxߎW>l׿Б3?SyjJ",3\=KW 9L4}2}gl.W!_u} #DZ&?{8t%DB P8A(c0G֦Z~Hv;V ͯA fv"434d6 ]g5srkt$lXO.xoW.?^S<Q%@|;XX) *JG7:#mQ&O! )LR{MZL|`җoMʡ4GZ+P.I =gNoH'Ue~l_ xW}Raʿ̽7ߐilԀ*do}pAqǦv%6mtsq!z]MV18഼Y^ A>LA`q~q'z1U FVT_k.XXK!$|m[odhwI;MXik>hdpAQ$$ԉ=̬y~YR(BJ;hi{"e۔_k֠ št+) ^/ОhC.De b%H` .2ЙN!8png`H;K( Vg̀cc_#NK-Q8E4WKF Ѹ)~СY#Pw٥Qyλ(P Jb/W»$Ef>B=Gt]}? s LpR 8`Š&׳+.!8/K88ӽ9G$VSG& kjNp*9Cb*tGZ@0ˆYc*@ ~^3[\3`~a4idϔ7 ?T =hjv?q.L }uuݭG}3-}=%6eu9Z77N(Ǭᷤ=7ŝ;~lY&ހL#"\ġaRmmS%7y=k^RWm-hk=7ߚ 4} =/ +`[֕0x8;l(}t0H$gWھ 0;fP]{O "BQʤ<1ܶ. ">lnu{u*ϐ71y (y#;4}`_W wN&D"W^a3=̐" ]|*u" I? kr< p q #bGo` eQaz,=y [0xV>g ~B <%telHeL ˴*&r.W݄AȮ}{J&uz^3@,1 `7br/p)#{I0zUm?+1}`5oNvu 3`Ԑw˶^0fP|KRɹ}Nr?IBZ61鼍*oR4B=h+w$hUx6f,X݁YI$c ]-F?‰X XO `v]fWUmO PT 14Ibi<3{e,F3ݭ\n 0M2ۯb8_bi_kCIwizY?Dx[l& k'2`,5X:ҋ8[YS!wX(C&G O|A˚ T^