grub2-i386-xen-debug-2.12-150600.8.44.2<>,li@p9|XBHc&J޿0|SP烧ܘ(M^, YbȟN]}# },vG4x\ &Oi}>q(dBZe-_'0f<ȻmƁ)5\hN~_0|Ǐ3\Na'v.7t;@{bRn{9/`e#dz&c"'H*ȭZN.<ݡb uHٟUL۾o.^< xnQ%jv3xYV̺u)>;L?Ld * E .? Ua  @   A BFJJNxNQR R R(R8R[9X([:nf[F.G/H2hI5X6Y6\6]:^FbGcGdHDeHIfHLlHNuH`vKzLALTLXL^LCgrub2-i386-xen-debug2.12150600.8.44.2Debug symbols for i386-xenDebug symbols for grub2-i386-xen Information on how to debug grub can be found online: https://www.cnblogs.com/coryxie/archive/2013/03/12/2956807.htmli@h04-ch1dSUSE Linux Enterprise 15SUSE LLC GPL-3.0-or-laterhttps://www.suse.com/System/Boothttp://www.gnu.org/software/grub/linuxnoarch5 =pX ]@kDO<t QKdKq_BR[eZ]T.8p0_E,]0CT`4,^(BXEA =k|r0TLY1$_vL|b,8L`h{Ud 0ԸhRd?(pi\t8l4HcDL drT`@+$Pph4p%BD@T:=(m|o4uouhr+;C8_ j\Cl9 ixliAPNrHTLlDi[sbD*hhT(D3|$Ԭ`\|nZHo[dFxxȁi5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i5i517d9a6ba4c863eead5cb1fbdf77551d30fc505531d42a6bb02d1407566c7f5c5846f93434eb54274a84d58f41c35a0e314a35f7f32258c5923918af78e72e94150fd0e9cefd36ef2d3eb2272b7172117def64a263b0c0d4daf74ddb5a2ed74b57f300a3d8a8a17e78f015a66e105ad23f1e667d84cca3b821f7c2bef63b5c4c523552809c2eb14b472c6f3fcec15a0b59e41a7bdd1b112da5caa24d06ac0434351ff9ea40da51057bf7e87f6966b06f3e8a64e50c0b84a1b9ae10d32c9efddd3e8dcc0a1322cbef37790018003d3f0d2c1c383484fda485cf820a390bd10f7063951f4161660875367ae58193919a10a807868a1ad7d46734b600ef022cc562159fba9d53a2e384a0854547e43471a35f9615d8a0905af9b104ff921e2acccaa814e99cc576e26c77968f87f1ae2158f687e26de15e275769aa852c0a3ddd099b073e9c3146c0c4d661b20a41b1e16e57741f010b00b4f02e54adcc5f2f8ba255214827dbc7a5c76f47cb5e71fb91871ac0c149f2eef2a2503439c7627da1ae570d6ff52dfd0e83b4a9956ce31e4c664d15ce8339bbd29cec57648d83ac9c8f3b19e45fe32d5f3e96e0cc7efd3464cfb2212b1ec7390338cfd879947fe2bcf6374e21f82d820cbcbff0c477fb457d84a58ba39d9efcd2964cfb944007bcb64b9d98aa68d68ac249f6fcd34b4082fdecfd54a769d7e173ba7304973539be4842061bca84be0195c2e26259a05fff64d1bd7e4be6db112e5259c5f6408d3db8b0f8fe0ce4483124d05ec3ad1cf17cc8b4776750391b1c46f215a15bab7ed13796db147d54691ffb66d76f58e58f8f585445845439893e3140c50456fcdc52796ec614fbdf2172b777cf83bead85f69fc2e10d157b6fad3a36ccc250b29b62f60afb19e1bc9618be92be29393cc36a45c17461813512677d622ea993cf666e982edb5a8f18a82dbba821ab132b33a4fc84285d4eac53ad72cc60b51b0f1a732f1f408c005d51f5094e99fea60ada7812822232b22627759da3bff76ed95d3bf8dacc45dac20c62300858b41399111a5e055dfa0692b0a9383c2b353b76aeed85e8fdaca3d29d4167af995a42f87709535ed406dc9cbbd177788a193c9f726bc3c1d2162beb0dcedc32d654eb90a42ae4f3904f80f9420107a6b86105f8b6d665e0cce8ea90dec20d9c2b2c3392a21ff6699c0100e6725a96c4f065a8219afd37b825bf16f837b3dcb7c4c0090ed69ebd94f4e0aa9501662aa074aac76840803e7bff852ac354fb3321f4fe806aa48cc9f2aade3a83209333c9b373b076067dfacfcc07ce83a06dcc87c22f60a5e7efbf2c62c97cdd6d6be6b6752e4b88e3269481956e664fa8b0e223cb775f0941c19a57511da709194c2ad81265ac570bb55b48c3307fe059363fb59c621df7291c7cc1fb042108232b030c76730556ebe800eab5cb57ec7b423413be465cf2a769e19be8ec9e725e1e416407b33e568d448e3f3854c2eafc00086db12902b5674a542c5c4c5d9c96390714053e268dcb309f07ba32c682adfb396074a5a88700aa47122c931f4637eee59ae5d517998b6fdeab7704f1aba85fc21a718beca8a1f841b55eeddc9522cf317dab97ff70599841d10c32da0d8518d3bd0376c4b2e92a99563f787cf5fba55f061bc7bad6ce671bd795cbaca1cde9e9273a80466b32aa9ef429dae50ada159d7d43cd47bd80e92e0b308cb79b3d18362ee2fdc27ab1ebf3540e0f0cafade8a07921333497eea517f2386b03b6f8314a8768bd2d394e1ca1aff64896d7333b39e5e92605f07b539f07bac5382814a03ece225d52079092d95454e92e3ff88ecaacb0c908531949d92891143495d092cf2a95eb3dfafaf413506d34d389abdf9355cacd3326050c488539a152f0cd5b7d641d859d988191e9b9a397e2c7124c341345dce7e0d7402a23d1261dd24d8d85bb79dd5f8e24e777b1ba195d18776b8e839ac79e8406b3529f6ae377f9f3ab2353765837687ba2a49822e9d51b16f399e0eebdfbc2f5d5818ceb04d5645d58b9f8d6b00831d01197687769b4fbd95f72bf74c2719497dbdd411cc7d1f4098a316e20542d8c768367b4c4e47f0c27094c6f0ed68125e1b176586463bc27a79418756fd550f562248147fa500458904fb2567e3f4497f480392809bc5ca2efe1840d54ed8959d4075336700ce58ff03cd6d11aa7e15a34a3d685328a57a008b8f680127888bdada27754df48424af0909ead0464eb21ecaa6caaf2044108de04fe7a73ccf4f484f08e9440663042e64400ec74523f46ed30b41d9d8855523032f9b255e4eed1fc53ad683899866e75ef891cb4ea5d24d186984b380ffde626724698d5a8b8327d8be5306efed395cd9ce88e69f029e4dc8bf9980efda4e35c57e857ce54cd8c02229e8ec1cad9f0b00e7807c85fbaacf03d86cda9098285ceb7cc46516b945210163abc8115addd2093ff9b23add3bf2b661c1f5eeacfa050447d7f6bf629a156049074f7e72a62950839e0c78da4c20e79626841d85a9518bfdb87a882b5a5532ebb62fddc0c7c703a18e09caebca52d90ab67b342af77b4602b06d47d64f610613b7a3cfe392e14f3b25e75330d2409ed6389d324829968abb875d1598dc57194427fdf75cb08ae841129395a79dbfa18bcf83d95a1947e94aa6a30b4915880d79974fbda21ebc567d3fb94ef0dd85abdd5a83cd4922e6f0924c81c3118e1ede3f9d7b6a7ce7081853b8d4bc0b5ffc1464a87e66042eafb8fb62e5e96d3dc5e0bf523cfcb2b1f7f2e49a0e4d4c629f77b18d108c6143fe4da2efebab15ab6fb03c374f987ab2841e9e3ceef0eedc654bf904eb5e51ff0fc1b653999aa9ded443bda1c79fb73f2f3340024f3aeac0f1f539b7a09cbde3f1eee827c85f2c6cb2e1ce8141d37e1ab829c8b39533530c647b0ec5e46a58a12337c0c9bf9a094730d550a25e9e1d72c8ab0e6ce564407acee86eec05bdebf1f8ae6aef62f1fbb312ba29b072a8244b0cd404ff6206ff1797b160b095b575fe0ff608d191c73fed342b5c588aa8c5d781c5da6f1d7cdb6d7c2904340470daf47f21222139ffa6f2b83ca7005b6993e73201892ddcce64ab4c7e99bc34cb2f79453c875e99704b71848426ca26c80194bcf37339ac8e68d62250395d86870feb6592bfdbbbabe3de014dc461509d66808d2488c9ce5f34f5ed6790aa5b207de01f9cb45945271799472777ccba6f00d0e65a19c1612be0bb52aebb86e1db6bc3d7f9e0933619ac45dff0c680c47e09cf54d3804e6263c4ffb4e1f28960541fdf6973cbaf577246454abbc135839c3e50b7a5b3c4b3b356b90ccfc327ad9abc5190d2a4beb421054bc6f19323cd460d900daff810470e9f4ed221f74b61c2dc0f57489e049eff49b21442fcc98bd88323b156b26abbd9bb23aad58934ef2db06c43ca487818efb75de6fc02571e98999c0986762f80e0890e6ed7b4f6fc93c5e1fb7432677cbee1ab64ee260343b135bc2fab2e75c13dc41200e2ad8ef0ad904daf8be9df528c18f4dbe7790a860152510047ffe17727da2c11e5625af064477c8bfe6c4a0eca6253e7fdc4e6c1dc02b6e492cb563e38cede7b5d79bd2cf399bc221298611cd259bd390052fcacc19eab898c2a818792336bc08fbf53f84f5dd1a9703a88f8d6d4c6636885e1e9ce93ad3cbb9efa252f3cf3ee0d0b9f5d722a6a96e50609da928723d8f424b6030bc379cc8330fd7897c017a5fe4d9da7c80f044767db85810925f5f393b21aa4ddf93d243e26891f9f8bb5e16b100ffd760526142330e30ceede56057161a639d21e6617416d47b4b3890f86f006ae5b82e87d56dda3ea8cae54ac408ef35f061b532754e61e3b9db1ab7bdb1f82c607b7056edcf197bb6e1fbbf26ea30c95012d9dac68de80890f5e6c971e71dbb0fe6bf07159ed9ee53eef6e9f7592c7ac0c6adb286e40ca207861c35f8ec682197eac81c501e98688464ef2f0c1187c3bf1010f27df9ea6a2b774441114b2ca974a7da48719302d2eabea3fa4e7d2d39a7e9d34cca9085923df993ecd1aa3d37a70f465e187625448a95fdbf57296d0c6c00a3393372e8f6e74adc617c6d9d899bf9f7db280cf85b0a362ab61cdc90016db950f405118c38eef45e328b29f19e4a91cfbd8ee4de9c27ab24f0e48ec084075359840f76c9d1fb61f4ddc61998c6420b80d9d3b398bfe675b8a49b38b6f92a8e190060d39b2f84a1b04f0f0261f16f01ab2073cfa0ccb3c7d3a22a4368fb332b29ab68d5251271a4bf79e5b9cc309507cf311a0d3f284eae2c34ae337ad2617ece769f29771d772dc8a61ac388459882d3872c87c034c07850a780291e03364d0648ad52031bf6cdbe6ff43393d3fa935ba7edb2b1ef4f2a2ea3cb14d2b2df074ca5e717e76b1f09bf69385dbe5059a6a54ce7c20005e4ae76d351c01a591d6e2a7bd10445e7ee01f5f6388ce65d680374573980b4896c6743288849d241a5da37fa8eb835da8b1e3c41459eac79cefca7699038b366fb945711409fa6fa67f66f6c412604c4aad0f187242ce16a08b403e01767900825fb2147dd2951672ff656920627ae0d0d92befdf4ceacc1c7a8711540045fb4eb945482ab58e730f6683785c11c04e3a657290e1a573a126664235ddfeebcee0d5b278daf43b4cf9f91ccced70a43d7735de56eb8cd3c4a6eaf375f023de0428618d7321af129ea49028d169e9cb2ab18c32e0df21f32588e377265d23e39db0870e20a358f73eb80e3f3d99169a60d8a0c6484c8baadc4c7120204d094dc388f045c2c4f7f82e88e710293f8638c113b4c5c34e5b56cce384f9efed34af8c3ea4664496a2510a40572f869d497ec1d4636032e36499d0509bf5484fa5846ab1e4e97e2fb4b73c4f93ffbd621e4133d9728f71e292b2176d960ca4f0f834cd1195e2c8ad8f54f84c67a361b502b3ef4c6b80b1a67d09f9312a348c3a9ca2f47d5e283047bae39ee02d556fc03fc0ef5048b706c17f71c2ed3d720c9466d8fea6b02ee53516fab3a2f66f94f57a6f6967b2153137d3c240ed124d5b370d318391e93120ba3326acbee4f366dc633cae22b8558e6139e53b443e2c97025f1a306d406c8e1d950f02fb0f9638df0697d255374522126cb5a8159ab5f2d3d79c73bb6593dff675cae6fa00d11ca5cd2398de8dc63e7fa8337a4d1410b95097b9ac42d6adf57c41b8f6be1faec59e2fb3721eb702e58eb071183e0d8a615a385aa3e264f1c2f18db626dd04549d48143dd092b7f2b114a5a5f31540ea634714dea6fbf0366f11f5e46bcf83df05a71a5149661d457ddc9efc4a6bdf01da06411cd7aaef20ca361c5246f4f279fc518831137b29a67874118c2a52f20c528e87eefb0000bb15b86193b2aef8aececca95eb2c781404714b77d8248e538dfa51dc7d3abd38d81ccfe4855b454460c1c30b2738e8ab19690625be4b954648e5da5aa8dee060e53e7286b2552aded973ca8aae2dcbdc69ebf63fa1c5fd0573a5a691b81132309b18a5f9cb6f7fba12f519e8c6f075abd0482bc1e32c264b20bd6a8479fbb6a3e341d15590d2d8300273ab518758e00857e1a417617dc6940dae7f807371aff2772390b41cf54649b6d67f614d305e1d6c7a378adfcbe7ace7f7b3731b79dde9680bbd26a2e5d9fe154ab26d42244f1183113d240a871dace0a3026e77c2f51bc3790164910cd627486c70d55dd5b508477a92cfb1e9ea74c26b2d2ce4d602684960ef18d52d53ce09f66e69b29edd7dcbf6fb32d467212d61a2846254968159b5b82fd84adf0f244274b6b4128fc2515bbbb9699c818137f2cd207e577ac8725077a47238b5141f9b96b100c0b462549905fb6d8e7df301888dfa4c7dcd4cb7239da3dde095c80f23d671f50f940bf018df42a30ec67e918ea799a7003b2790526e280b5601684b2ee6a6663abc3d0bf4ed4c7b4acf2b539c99897a39cd86261f90696464e64aff4282012ef8ddbe5368cfb2f37cc5423d0854f74281bfba08c4aeb1934db9d0a7763e911ec8635495283d5b0eb1d3911b24ff8d6da325d35d49834cfd6b3e1671c841548cc4f3ab41c6ec647e653b2d6de44a10bfb27a3693ba33ae65a7fba70024e1f3b9138772108307e254b0c667fbe54f0d4ddcb4523f804794874c72d6e66ef5bd940614c8110920fc144d8dd868fec0a6e852d5d791a22664dcc20bed9c10ba87488d0725b28aa3350401b54457156ac212182fcd9bd37c56574106d178ccaa26d1e2fda610f2d37cc4a0ec12e9e2cf8e6085d78a38fc6c77bf311581daa436c9db075d130756295cde4d3c27a62922fd52800ba727da4e81724e4a8d8838ed34398c47da10ed6e4de5c97c3a97dbc7dd3983d771b3c8d3445e11bb06bff39f1c6c9f5a63609c0cc45d36a10eda8b2a9e9b9395830c5639a6869e0a9c849b870269905662bb86a0145aa5e55337625102cdd6df7729a3e9bdbb025f32e3aefd1aa155b5eaef64eb416970af177cf27045d659fc3a825facd444eca77b946bfbb513750199fe72324d54b42d2d8048a571e58730805d47d1b0398ff8174da062f3d4062c700c03ae708847f53b3d4c90514ca4c9fa1a21d8a2693fecd240b3a70544adbea9bf7986050b097ea0cf1d3f80e99314b909834cda0f31c719bd859c25e00af5c66f03fe5ff63c79d6529f6ba8c662feddef481c785966880685f7f1e4d7937d4d7aaee82e7a11bff189e1779bcba821dd06fff29b925756c035658ac49cf320ac12dd079942e986c7ac702da98670fb28fbad7be699e7fd7122b323a958850204ec1dbe3648f913463e6bc8d131e83e87a8b0a467bc62e11d19c0499142561b859a908b773f131eb89f8ac48081962e66f9017157a961fe123bfd8d77d28684d468b608084568079acfa28bfbdea0a992e05dd741852467cf0031aa7b93510d5d558682ebdc2d8674f80391ede4fa36f8b5b1931a40d13367daca7d30b0a260f3a2069422fc613c0e3747e44522ad7655c31fb31bd27abeb3bbba0142b7201e4b654822d9c2e459fff1a8b73e2a750b32e40970b298189e477845be2c975fdd7216ca5ce6784afee045cc1a5877ab73e1bad46437163ff8ab0fbe27b4ac58e4cd242cdf3e0dc60747179c6458a50f376164973ff487a808cc9748a7b94c341efdcec53d1c4106e4fd755bae9f2995e450773789f066290a252b2a0b316ce48149e315e39572d867cb59701ea061d73250595b2ce56a8190d7c163ffd1bbc41dabaa678d863fc670fb934368596b3b2b1c4d08aed5af43c75907999a9225c758a8d6ba8ab3bfa101e141a9f4957e1322dfb641b0818f6c9ce18a0dfdd9ce637a286733307b6fea7965c4763ee57ca4f56dfb099015db1bba5f4f9f5224a59c0e2a59e7ada4ddcb67d09000d56d08c3658b9b4a0ff3512ddff0a7c571ffda1d131676253c83ca9a6845c2bc13b8fb3e56467e15d3286b6b2c57160c53cbcf95acb1e121035bb15d098eff70c17f8e2d5c935a4cb5b31b9aefc46e4ffa458f85acec717a718234b339b1edfe84ec73d85218d4b20fb47861f60aa1b551e5f7216526fa47c41277f5d7a485dc3b937014a2ec3087a02b3e33426c520f8ea7cf7b2d41450c577e13b24cea66f8eceb65c27871dbbb85374fd2e4cc0801dfc6df115049793447a1131a5898f62bf0931c03e9665007afa0d3470fa2df4fafdc31bd7fc64bc92e906c590466c922f2513089b31b6e92c357890610e60176083b1738337bc4254882b63ff049c498536f09ed33c6f1a9a777444b284d1d03c403ab3fcccbeae6dd92c886bb5e4f3a5ce9df4cd7041b3dd1f5937e6e68229c5bbed1f6c5e96e82eb3dfa1c640193dd715859be7d282d19fa1db0eef81dc33449645286bf46706afa3c31d00f33666b9f4e9a7ca3bd2e91b6d35f9b3d3ab95c51b95bcc4f6fefa5b98dc3d575f1341015edfcc2c033e55a97bd84b00bf23007835b73259160ba8ddfb40be03229978c11f3e689dba859cf1ed1fedc33a693fbf8e450c0c9c433a7a9f57d4aa5bc5c3d2fffbb8185772ee66a37ec8efa750aa9fb9a0b0ea41f36b49d53f541b10b7639c9b44e25903daea8282ec84ae4efa0eb1b8525857b6c200eb91ee25163eb76c3ebbf49398120b3a0078e4cdd303656167d959610dbe12133add49faf9157b365dd1591b34cfb0a9de250f912d2d1214e10ace52611bd97f35ba2daee6a9fbd6471bfe53a856ec29373fce7037680284810b26d43cd82edf002ad7dddd5219c09b24ab6be801ff0eea6148f6d9cd7795cc0a18eae8ba3afbda1483fb33b9d3bb742085cea7988e137a9273e60369bba66b617594df1eb551c88dd679e49e65d5db878026ccfcbee8453ef80b71a87eb0218edd1f1988142075afaa5345ad97dc78a741f9669e722edd80d679d888bb9ceba1d6bd6ff718b2180cbe495be83e3bdd3f34447b206a9a2d4c590997fe8eb6b924dd1799cd9173bda0cd91c4f9f67d3e8188802c510b2fbbbf07e93df64a3faad833f9f055255bb9f833e27c1be33c3f94cb310054700996ac6b4bdfefe70225515f6b61a0acf180f780b8935b08c8f8796f8c2b2dbc20bafc06e389ba99da81c4c1cf2bd7483c7cac73ed3ff3f460a4bf7d1ea5c107c1d5aaae5b5bcfb84866f802e71f85d17d87ae13741747bbec809e1dc41c316ed27ab1da6de7ab41775174ec6cd228d2a39c2be9c0bbd236f0867f3a97f2322d66b604214d9ca5a2bf89109e5e92fd7dbcd5f65fc5bae60bb5396100f88becc94e5213c21438b536113d285195f45c2424a70844d8e8216f40431be699eaa3ff710b0c31592aea05d78a8606ca9d76e9ffebc641eb28c0c1699dc9229e352fd927c228b1ed3b34098d254fd2d9bea512cbc76222dac7ad491d02202435a9373e5164ab65d4267ef15584786a0b77a749143ee6d575466766ea04e5b0841eb17539d47b07b7abcd24aec600a667fbfc095cc7bab3caffaebc5c0dfab899057f0ba397585b298ea289172123edd24d2fffb77324820105ce49cc99dace2fda4b75b9719342bd6406657e4e0751c20d37e1178d781a065dd3a7e7022439349ee2b7d755f283226f1e14136db90dddd3b6cfab7faf4e78c40f51e0abb5eb9e43a54a08570410a62ddeaf89c108a2963a7821c264e7e5c7f856ce94ef8fbf31b07490055a819e120dbebc6ff8d1075ae26f60d048a9a51974514d9e45f2d6e8e6729b03ac1e6553601e68b3a661bde9737c20c42be3ceda584f4d08a3bc0a5cb0162c90c4fe6751886467a8af1a8528aef0a8870e01d8f1312c2c44251d8d3af82f8697011f2d4d9dd72fa9c09a3ee0de01a0e85b8f5993c5d98eb13c1a1a647c5526adfc96e870743cf90ccb4dd4670a92d30af508b340a691b492f2641b432522cd71e2984428784304e94f2435295270ff7dc1d6f20584eb4cc9a17faa72b28216bb1dc93c3a75ccb0d1d0a71d1578b0aa0a72e2fe274bb0b217b9e17fc7a09e56d7fed4253f2deaf0f3bdf5314cafe9a37177c6096902f65dcc9c4d5903b447e432639776b7916898caa11b2080f1c061e9de7172f5dcc8d0fbd5c696840daee854f8415444cbc161c8af10fb5070804b1407a75270248a8155413d504421847a6288028e7cd70652bc8d815cccbe10a21fa13a8c212dd570rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootgrub2-2.12-150600.8.44.2.src.rpmgrub2-i386-xen-debug    grub2-i386-xenrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)2.123.0.4-14.6.0-14.0-15.2-14.14.3ivhuhuhuh:@hh@hw@h@gggřg0@gg+Z@gfff@fJf@fU@f@f@f @ere7@eПepe@e@e@ee@eeL@ehy@e]@e\eV@eSa@e?e:Te9@e6`@e-%ee@eee@e@e e @d@ddܺ@d˖d\@d du@dS@dI@dBzdBzd>@d5Kd?@dJd@d@dd@c>@cc@c1c@cc=@cHccc@cR@c]c@c|c{h@ctcr-cr-c[@cV~@c>@c-c(Yc$e@c$e@c#c @b)b@b@b@b@bkb@baG@bT@b=b4t@b1@b+9b)@b)@b!@b b@aea@aq@aaa{a@a@aaqV@an@aKa7T@a/k@a.a @a @`]`ٹ`"@`@`@``@`q``}p`n@`P`J@`8`3`.V`U` l__t@_@__m_X_G@_A_?@_;_5+@__A@^x^U@^H^y@^t@^oj@^j$@^g@^Y^K^9\]e@]{@]@]@]W]]V]0_@]@]]@\ޢ@\ޢ@\-@\\\mA@\b@\N\J@\J@\I\HW@\@[@[@[[@[t[Q@[-[~[l,[j@[h8@[W[L[D[<[3|@[*A[#@[@Z@ZK@ZZJ@Z̧@Z@Z&ZZkZZ@Z@Zz@ZyZxG@Zg#Z*~ZOZ ZZNYeYA@YX@YY@YYYn@Yu@Y[@Y0YR@Y@X׭@Xg@X@XX~@XO@XZXXXX@XBX@XYXpXX@X|Xv@XlXfL@X=X @W@WiWWF@W@WWW@Wq@Wi,@WPW>@W=W'A@W!@WV@VՄ@VՄ@V@VT@VVvV$@VrVqR@VhVetVa@VV@VLh@V5V3[V2 @V#V @VV@UU@Uc@U@UUzUt2@Uq@Un@U]U[%UPUOH@U@U.RU/@UTTT[@T T@T@TT@T5TLTy@TeTR(@TR(@mchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comglin@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.combwiedemann@suse.commchang@suse.commchang@suse.commchang@suse.comgcomes.obs@gmail.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comglin@suse.commchang@suse.commchang@suse.comglin@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comfvogt@suse.comglin@suse.commchang@suse.comfvogt@suse.comglin@suse.commchang@suse.comglin@suse.comclin@suse.comschwab@suse.deglin@suse.comglin@suse.commchang@suse.commchang@suse.comdmueller@suse.commchang@suse.comglin@suse.comglin@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comhpj@urpla.netrw@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comglin@suse.comvalentin.lefebvre@suse.comglin@suse.commchang@suse.commchang@suse.commchang@suse.comglin@suse.commchang@suse.commchang@suse.commchang@suse.comglin@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comglin@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comlnussel@suse.demchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commsuchanek@suse.combjorn.lie@gmail.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commsuchanek@suse.commchang@suse.commchang@suse.commchang@suse.comfvogt@suse.comrw@suse.commchang@suse.commchang@suse.compvorel@suse.czseife+obs@b1-systems.comfvogt@suse.compvorel@suse.czmchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comnormand@linux.vnet.ibm.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comlnussel@suse.defvogt@suse.comlnussel@suse.derw@suse.commchang@suse.commchang@suse.comolaf@aepfle.demchang@suse.combwiedemann@suse.comschwab@suse.demchang@suse.comrw@suse.commchang@suse.commchang@suse.commsuchanek@suse.demchang@suse.commchang@suse.comrw@suse.comrw@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comguillaume.gardet@opensuse.orgjengelh@inai.demchang@suse.commchang@suse.comrw@suse.commchang@suse.commchang@suse.commchang@suse.comglin@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comdimstar@opensuse.orgjosef.moellers@suse.commchang@suse.commchang@suse.comjbohac@suse.czjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comkukuk@suse.deThomas.Blume@suse.comidonmez@suse.commchang@suse.commchang@suse.comjdelvare@suse.demchang@suse.commchang@suse.commsuchanek@suse.commchang@suse.commchang@suse.comiforster@suse.commchang@suse.commchang@suse.commchang@suse.comolaf@aepfle.demchang@suse.commchang@suse.commchang@suse.commchang@suse.comolaf@aepfle.dejmatejek@suse.commsuchanek@suse.commchang@suse.commlatimer@suse.commlatimer@suse.comagraf@suse.commchang@suse.commchang@suse.comrw@suse.combwiedemann@suse.comarvidjaar@gmail.commchang@suse.commchang@suse.comarvidjaar@gmail.comarvidjaar@gmail.comarvidjaar@gmail.commchang@suse.commchang@suse.comarvidjaar@gmail.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commsuchanek@suse.commchang@suse.comarvidjaar@gmail.commchang@suse.commchang@suse.comagraf@suse.comschwab@linux-m68k.orgmatwey.kornilov@gmail.commchang@suse.commchang@suse.comsor.alexei@meowr.rumchang@suse.commchang@suse.comdmueller@suse.commchang@suse.commatz@suse.comarvidjaar@gmail.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comro@suse.demchang@suse.comarvidjaar@gmail.comjengelh@inai.deagraf@suse.comolaf@aepfle.deagraf@suse.commchang@suse.commchang@suse.comarvidjaar@gmail.comagraf@suse.comagraf@suse.commchang@suse.comdvaleev@suse.commchang@suse.comarvidjaar@gmail.comolaf@aepfle.dearvidjaar@gmail.comarvidjaar@gmail.comolaf@aepfle.deolaf@aepfle.demchang@suse.comarvidjaar@gmail.comarvidjaar@gmail.commchang@suse.commchang@suse.comeich@suse.commchang@suse.commchang@suse.comdmueller@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comarvidjaar@gmail.commchang@suse.comagraf@suse.commchang@suse.comarvidjaar@gmail.commchang@suse.comarvidjaar@gmail.comdmueller@suse.commchang@suse.commchang@suse.comschwab@suse.demchang@suse.comarvidjaar@gmail.commchang@suse.commchang@suse.commchang@suse.commpluskal@suse.comschwab@suse.deschwab@suse.deschwab@suse.deagraf@suse.comledest@gmail.comledest@gmail.comjdelvare@suse.demchang@suse.com- Fix CVE-2025-54771 (bsc#1252931) * 0001-kern-file-Call-grub_dl_unref-after-fs-fs_close.patch - Fix CVE-2025-54770 (bsc#1252930) * 0002-net-net-Unregister-net_set_vlan-command-on-unload.patch - Fix CVE-2025-61662 (bsc#1252933) * 0003-gettext-gettext-Unregister-gettext-command-on-module.patch - Fix CVE-2025-61663 (bsc#1252934) - Fix CVE-2025-61664 (bsc#1252935) * 0004-normal-main-Unregister-commands-on-module-unload.patch * 0005-tests-lib-functional_test-Unregister-commands-on-mod.patch - Fix CVE-2025-61661 (bsc#1252932) * 0006-commands-usbtest-Use-correct-string-length-field.patch * 0007-commands-usbtest-Ensure-string-length-is-sufficient-.patch - Bump upstream SBAT generation to 6- Fix timeout when loading initrd via http after PPC CAS reboot (bsc#1245953) * 0001-tcp-Fix-TCP-port-number-reused-on-reboot.patch- Fix PPC CAS reboot failure work when initiated via submenu (bsc#1241132) * 0001-Fix-PowerPC-CAS-reboot-to-evaluate-menu-context.patch- Fix out of memory issue on PowerPC by increasing RMA size (bsc#1236744) (bsc#1252269) * 0001-powerpc-increase-MIN-RMA-size-for-CAS-negotiation.patch- Fix boot hangs in setting up serial console when ACPI SPCR table is present and redirection is disabled (bsc#1249088) * 0001-term-ns8250-spcr-Return-if-redirection-is-disabled.patch- Skip mount point in grub_find_device function (bsc#1246231) * 0001-getroot-Skip-mount-points-in-grub_find_device.patch- Fix CVE-2024-56738: side-channel attack due to not constant-time algorithm in grub_crypto_memcmp (bsc#1234959) * grub2-constant-time-grub_crypto_memcmp.patch- Fix test -f and -s do not work properly over the network files served via tftp and http (bsc#1246157) (bsc#1246237) * 0001-test-Fix-f-test-on-files-over-network.patch * 0002-http-Return-HTTP-status-code-in-http_establish.patch * 0003-docs-Clarify-test-for-files-on-TFTP-and-HTTP.patch * 0004-tftp-Fix-hang-when-file-is-a-directory.patch- Fix CVE-2025-4382: TPM auto-decryption data exposure (bsc#1242971) * 0001-kern-rescue_reader-Block-the-rescue-mode-until-the-C.patch * 0002-commands-search-Introduce-the-cryptodisk-only-argume.patch * 0003-disk-diskfilter-Introduce-the-cryptocheck-command.patch * 0004-commands-search-Add-the-diskfilter-support.patch * 0005-docs-Document-available-crypto-disks-checks.patch * 0006-disk-cryptodisk-Add-the-erase-secrets-function.patch * 0007-disk-cryptodisk-Wipe-the-passphrase-from-memory.patch * 0008-cryptocheck-Add-quiet-option.patch - patch rebased * 0001-Improve-TPM-key-protection-on-boot-interruptions.patch * 0004-Key-revocation-on-out-of-bound-file-access.patch - patch refrehed * 0002-Requiring-authentication-after-tpm-unlock-for-CLI-ac.patch- Refresh PPC NVMEoF ofpath related patches to newer revision * 0002-ieee1275-ofpath-enable-NVMeoF-logical-device-transla.patch - Patch refreshed * 0001-grub2-Set-multiple-device-path-for-a-nvmf-boot-devic.patch - Patch obsoleted * 0004-ofpath-controller-name-update.patch * 0001-squash-ieee1275-ofpath-enable-NVMeoF-logical-device-.patch - Fix segmentation fault error in grub2-probe with target=hints_string (bsc#1235971) (bsc#1235958) (bsc#1239651) * 0001-ofpath-Add-error-check-in-NVMEoF-device-translation.patch- Fix zfs.mo not found message when booting on legacy BIOS (bsc#1237865) * 0001-autofs-Ignore-zfs-not-found.patch- Cherry-pick upstream XFS fixes * 0001-fs-xfs-Add-new-superblock-features-added-in-Linux-6..patch * 0002-fs-xfs-Fix-grub_xfs_iterate_dir-return-value-in-case.patch - Fix "attempt to read of write outside of partition" error message (bsc#1237844) * 0003-fs-xfs-fix-large-extent-counters-incompat-feature-su.patch- Security fixes for 2024 * 0001-misc-Implement-grub_strlcpy.patch - Fix CVE-2024-45781 (bsc#1233617) * 0002-fs-ufs-Fix-a-heap-OOB-write.patch - Fix CVE-2024-56737 (bsc#1234958) - Fix CVE-2024-45782 (bsc#1233615) * 0003-fs-hfs-Fix-stack-OOB-write-with-grub_strcpy.patch - Fix CVE-2024-45780 (bsc#1233614) * 0004-fs-tar-Integer-overflow-leads-to-heap-OOB-write.patch - Fix CVE-2024-45783 (bsc#1233616) * 0005-fs-hfsplus-Set-a-grub_errno-if-mount-fails.patch * 0006-kern-file-Ensure-file-data-is-set.patch * 0007-kern-file-Implement-filesystem-reference-counting.patch - Fix CVE-2025-0624 (bsc#1236316) * 0008-net-Fix-OOB-write-in-grub_net_search_config_file.patch - Fix CVE-2024-45774 (bsc#1233609) * 0009-video-readers-jpeg-Do-not-permit-duplicate-SOF0-mark.patch - Fix CVE-2024-45775 (bsc#1233610) * 0010-commands-extcmd-Missing-check-for-failed-allocation.patch - Fix CVE-2025-0622 (bsc#1236317) * 0011-commands-pgp-Unregister-the-check_signatures-hooks-o.patch - Fix CVE-2025-0622 (bsc#1236317) * 0012-normal-Remove-variables-hooks-on-module-unload.patch - Fix CVE-2025-0622 (bsc#1236317) * 0013-gettext-Remove-variables-hooks-on-module-unload.patch - Fix CVE-2024-45776 (bsc#1233612) * 0014-gettext-Integer-overflow-leads-to-heap-OOB-write-or-.patch - Fix CVE-2024-45777 (bsc#1233613) * 0015-gettext-Integer-overflow-leads-to-heap-OOB-write.patch - Fix CVE-2025-0690 (bsc#1237012) * 0016-commands-read-Fix-an-integer-overflow-when-supplying.patch - Fix CVE-2025-1118 (bsc#1237013) * 0017-commands-minicmd-Block-the-dump-command-in-lockdown-.patch - Fix CVE-2024-45778 (bsc#1233606) - Fix CVE-2024-45779 (bsc#1233608) * 0018-fs-bfs-Disable-under-lockdown.patch - Fix CVE-2025-0677 (bsc#1237002) - Fix CVE-2025-0684 (bsc#1237008) - Fix CVE-2025-0685 (bsc#1237009) - Fix CVE-2025-0686 (bsc#1237010) - Fix CVE-2025-0689 (bsc#1237011) * 0019-fs-Disable-many-filesystems-under-lockdown.patch - Fix CVE-2025-1125 (bsc#1237014) - Fix CVE-2025-0678 (bsc#1237006) * 0020-fs-Prevent-overflows-when-allocating-memory-for-arra.patch - Bump upstream SBAT generation to 5- Fix CVE-2024-49504 (bsc#1229163) (bsc#1229164) - Restrict CLI access if the encrypted root device is automatically unlocked by the TPM. LUKS password authentication is required for access to be granted * 0001-cli_lock-Add-build-option-to-block-command-line-inte.patch * 0002-Requiring-authentication-after-tpm-unlock-for-CLI-ac.patch - Obsolete, as CLI access is now locked and granted access no longer requires the previous restrictions * 0002-Restrict-file-access-on-cryptodisk-print.patch * 0003-Restrict-ls-and-auto-file-completion-on-cryptodisk-p.patch - Rediff * 0004-Key-revocation-on-out-of-bound-file-access.patch- Fix xen package contains debug_info files with the .module suffix by moving them to a separate xen-debug subpackage (bsc#1232573)- Fix not a directory error from the minix filesystem, as leftover data on disk may contain its magic header so it gets misdetected (bsc#1231604) * grub2-install-fix-not-a-directory-error.patch- Fix OOM error in loading loopback file (bsc#1230840) * 0001-tpm-Skip-loopback-image-measurement.patch- Fix UEFI PXE boot failure on tagged VLAN network (bsc#1230263) * 0001-efinet-Skip-virtual-VLAN-devices-during-card-enumera.patch- Fix grub screen is filled with artifects from earlier post menu (bsc#1224465) * grub2-SUSE-Add-the-t-hotkey.patch * 0001-fix-grub-screen-filled-with-post-screen-artifects.patch- Fix crash in bli module (bsc#1226497) * 0001-bli-Fix-crash-in-get_part_uuid.patch- Fix btrfs subvolume for platform modules not mounting at runtime when the default subvolume is the topmost root tree (bsc#1228124) * grub2-btrfs-06-subvol-mount.patch - Rediff * 0001-Unify-the-check-to-enable-btrfs-relative-path.patch- Fix error in grub-install when root is on tmpfs (bsc#1226100) * 0001-grub-install-bailout-root-device-probing.patch- Fix input handling in ppc64le grub2 has high latency (bsc#1223535) * 0001-net-drivers-ieee1275-ofnet-Remove-200-ms-timeout-in-.patch- Fix os name is used for root file system mount (bsc#1220949) * 0001-10_linux-Ensure-persistence-of-root-file-system-moun.patch- Fix LPAR falls into grub shell after installation with lvm (bsc#1221866) * 0001-ofdisk-Enhance-canonical-path-handling-for-bootpath.patch- Fix memdisk becomes the default boot entry, resolving no graphic display device error in guest vnc console (bsc#1221779) * grub2-xen-pv-firmware.cfg- Fix grub.xen memdisk script doesn't look for /boot/grub/grub.cfg (bsc#1219248) (bsc#1181762) * grub2-xen-pv-firmware.cfg * 0001-disk-Optimize-disk-iteration-by-moving-memdisk-to-th.patch- Fix PowerPC grub loads 5 to 10 minutes slower on SLE-15-SP5 compared to SLE-15-SP2 (bsc#1217102) * add 0001-ofdisk-enhance-boot-time-by-focusing-on-boot-disk-re.patch * add 0002-ofdisk-add-early_log-support.patch- Sort tar file order for reproducible builds- Fix build error on gcc-14 (bsc#1218949) * 0001-squash-ieee1275-ofpath-enable-NVMeoF-logical-device-.patch- Remove magic number header field check on arm64 (bsc#1218783) * 0001-loader-arm64-efi-linux-Remove-magic-number-header-fi.patch- Reinstate the verification for a non-zero total entry count to skip unmapped data blocks (bsc#1218864) * 0001-fs-xfs-always-verify-the-total-number-of-entries-is-.patch - Removed temporary fix as reverting it will cause a different XFS parser bug * 0001-Revert-fs-xfs-Fix-XFS-directory-extent-parsing.patch- allow to boot memtest86 if stored in /usr/lib/memtest86+ * SR#1071109 can then work- Resolved XFS regression leading to the "not a correct XFS inode" error by temporarily reverting the problematic commit (bsc#1218864) * 0001-Revert-fs-xfs-Fix-XFS-directory-extent-parsing.patch- Version bump to 2.12 (PED-5589) * Added: - grub-2.12.tar.xz - fix_no_extra_deps_in_release_tarball.patch * Removed: - grub-2.12~rc1.tar.xz * Patch dropped as it merged into new version: - 0001-disk-cryptodisk-Fix-missing-change-when-updating-to-.patch - 0001-fs-btrfs-Zero-file-data-not-backed-by-extents.patch - 0001-fs-ntfs-Fix-an-OOB-write-when-parsing-the-ATTRIBUTE_.patch - 0002-fs-ntfs-Fix-an-OOB-read-when-reading-data-from-the-r.patch - 0003-fs-ntfs-Fix-an-OOB-read-when-parsing-directory-entri.patch - 0004-fs-ntfs-Fix-an-OOB-read-when-parsing-bitmaps-for-ind.patch - 0005-fs-ntfs-Fix-an-OOB-read-when-parsing-a-volume-label.patch - 0006-fs-ntfs-Make-code-more-readable.patch - 0001-kern-ieee1275-init-Restrict-high-memory-in-presence-.patch - 0001-fs-xfs-Incorrect-short-form-directory-data-boundary-.patch - 0002-fs-xfs-Fix-XFS-directory-extent-parsing.patch - 0003-fs-xfs-add-large-extent-counters-incompat-feature-su.patch - 0001-mkstandalone-ensure-stable-timestamps-for-generated-.patch - 0002-mkstandalone-ensure-deterministic-tar-file-creation-.patch * Patch adjusted for the updated base version: - use-grub2-as-a-package-name.patch - grub2-s390x-04-grub2-install.patch - grub2-btrfs-04-grub2-install.patch - grub2-ppc64le-disable-video.patch - 0002-AUDIT-0-http-boot-tracker-bug.patch - 0001-Unify-the-check-to-enable-btrfs-relative-path.patch - 0003-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch - 0004-Add-suport-for-signing-grub-with-an-appended-signatu.patch - 0016-grub-install-support-embedding-x509-certificates.patch - 0021-appended-signatures-documentation.patch - 0022-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch - safe_tpm_pcr_snapshot.patch- grub2.spec: Add ofnet to signed grub.elf to support powerpc net boot installation when secure boot is enabled (bsc#1217761) - Improved check for disk device when looking for PReP partition * 0004-Introduce-prep_load_env-command.patch- Fix reproducible build for grub.xen (bsc#1217619) * 0001-mkstandalone-ensure-stable-timestamps-for-generated-.patch * 0002-mkstandalone-ensure-deterministic-tar-file-creation-.patch- Fix unattended boot with TPM2 allows downgrading kernel and rootfs, also enhancing the overall security posture (bsc#1216680) * 0001-Improve-TPM-key-protection-on-boot-interruptions.patch * 0002-Restrict-file-access-on-cryptodisk-print.patch * 0003-Restrict-ls-and-auto-file-completion-on-cryptodisk-p.patch * 0004-Key-revocation-on-out-of-bound-file-access.patch- grub2.spec: Fix openQA test failure in SLE-15-SP6 due to missing font in memdisk- Update the TPM2 patches to skip the persistent SRK handle if not specified and improve the error messages + 0003-protectors-Add-TPM2-Key-Protector.patch + 0005-util-grub-protect-Add-new-tool.patch + 0004-tpm2-Support-authorized-policy.patch- Fix XFS regression in 2.12~rc1 and support large extent counters * 0001-fs-xfs-Incorrect-short-form-directory-data-boundary-.patch * 0002-fs-xfs-Fix-XFS-directory-extent-parsing.patch * 0003-fs-xfs-add-large-extent-counters-incompat-feature-su.patch- Fix fadump not working with 1GB/2GB/4GB LMB[P10] (bsc#1216253) * 0001-kern-ieee1275-init-Restrict-high-memory-in-presence-.patch- Fix a potential error when appending multiple keys into the synthesized initrd * Fix-the-size-calculation-for-the-synthesized-initrd.patch- Fix Xen chainloding error of no matching file path found (bsc#1216081) * grub2-efi-chainload-harder.patch- Use grub-tpm2 token to unlock keyslots to make the unsealing process more efficient and secure. * 0001-luks2-Use-grub-tpm2-token-for-TPM2-protected-volume-.patch- Fix detection of encrypted disk's uuid in powerpc to cope with logical disks when signed image installation is specified (bsc#1216075) * 0003-grub-install-support-prep-environment-block.patch - grub2.spec: Add support to unlocking multiple encrypted disks in signed grub.elf image for logical disks- Fix CVE-2023-4692 (bsc#1215935) - Fix CVE-2023-4693 (bsc#1215936) * 0001-fs-ntfs-Fix-an-OOB-write-when-parsing-the-ATTRIBUTE_.patch * 0002-fs-ntfs-Fix-an-OOB-read-when-reading-data-from-the-r.patch * 0003-fs-ntfs-Fix-an-OOB-read-when-parsing-directory-entri.patch * 0004-fs-ntfs-Fix-an-OOB-read-when-parsing-bitmaps-for-ind.patch * 0005-fs-ntfs-Fix-an-OOB-read-when-parsing-a-volume-label.patch * 0006-fs-ntfs-Make-code-more-readable.patch - Bump upstream SBAT generation to 4- Add patch to fix reading files from btrfs with "implicit" holes: * 0001-fs-btrfs-Zero-file-data-not-backed-by-extents.patch- Update the TPM 2.0 patches to support more RSA and ECC algorithms * 0002-tpm2-Add-TPM-Software-Stack-TSS.patch * 0003-protectors-Add-TPM2-Key-Protector.patch * 0005-util-grub-protect-Add-new-tool.patch- Remove build require for gcc-32bit, target platform didn't rely on libgcc function shipped with compiler but rather using functions supplied in grub directly.- Add BuildIgnore to break cycle with the branding package- Only build with fde-tpm-helper-rpm-macros for the architectures supporting the newer UEFI and TPM 2.0. * Also correct the location of %fde_tpm_update_requires- Fix a boot delay regression in PowerPC PXE boot (bsc#1201300) * 0001-ieee1275-ofdisk-retry-on-open-and-read-failure.patch- Add the new BuildRequires for EFI builds for the better FDE support: fde-tpm-helper-rpm-macros + Also add the the macros to %post and %posttrans- Correct the type of allocated EFI pages for ARM64 kernel (bsc#1215151) * arm64-Use-proper-memory-type-for-kernel-allocation.patch- grub2-mkconfig-riscv64.patch: Handle riscv64 in mkconfig- Implement NV index mode for TPM 2.0 key protector 0001-protectors-Implement-NV-index.patch - Fall back to passphrase mode when the key protector fails to unlock the disk 0002-cryptodisk-Fallback-to-passphrase.patch - Wipe out the cached key cleanly 0003-cryptodisk-wipe-out-the-cached-keys-from-protectors.patch - Make diskfiler to look up cryptodisk devices first 0004-diskfilter-look-up-cryptodisk-devices-first.patch- Change the bash-completion directory (bsc#1213855) * grub2-change-bash-completion-dir.patch- Version bump to 2.12~rc1 (PED-5589) * Added: - grub-2.12~rc1.tar.xz * Removed: - grub-2.06.tar.xz * Patch dropped merged by new version: - grub2-GRUB_CMDLINE_LINUX_RECOVERY-for-recovery-mode.patch - grub2-s390x-02-kexec-module-added-to-emu.patch - grub2-efi-chainloader-root.patch - grub2-Fix-incorrect-netmask-on-ppc64.patch - 0001-osdep-Introduce-include-grub-osdep-major.h-and-use-i.patch - 0002-osdep-linux-hostdisk-Use-stat-instead-of-udevadm-for.patch - 0002-net-read-bracketed-ipv6-addrs-and-port-numbers.patch - grub2-s390x-10-keep-network-at-kexec.patch - 0001-Fix-build-error-in-binutils-2.36.patch - 0001-emu-fix-executable-stack-marking.patch - 0046-squash-verifiers-Move-verifiers-API-to-kernel-image.patch - 0001-30_uefi-firmware-fix-printf-format-with-null-byte.patch - 0001-tpm-Pass-unknown-error-as-non-fatal-but-debug-print-.patch - 0001-Filter-out-POSIX-locale-for-translation.patch - 0001-disk-diskfilter-Use-nodes-in-logical-volume-s-segmen.patch - 0001-fs-xfs-Fix-unreadable-filesystem-with-v4-superblock.patch - 0001-fs-btrfs-Make-extent-item-iteration-to-handle-gaps.patch - 0001-grub-mkconfig-restore-umask-for-grub.cfg.patch - 0001-ieee1275-Drop-HEAP_MAX_ADDR-and-HEAP_MIN_SIZE-consta.patch - 0002-ieee1275-claim-more-memory.patch - 0003-ieee1275-request-memory-with-ibm-client-architecture.patch - 0001-RISC-V-Adjust-march-flags-for-binutils-2.38.patch - 0001-mkimage-Fix-dangling-pointer-may-be-used-error.patch - 0002-Fix-Werror-array-bounds-array-subscript-0-is-outside.patch - 0003-reed_solomon-Fix-array-subscript-0-is-outside-array-.patch - 0001-powerpc-do-CAS-in-a-more-compatible-way.patch - 0001-libc-config-merge-from-glibc.patch - 0001-video-Remove-trailing-whitespaces.patch - 0002-loader-efi-chainloader-Simplify-the-loader-state.patch - 0003-commands-boot-Add-API-to-pass-context-to-loader.patch - 0004-loader-efi-chainloader-Use-grub_loader_set_ex.patch - 0005-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch - 0006-kern-file-Do-not-leak-device_name-on-error-in-grub_f.patch - 0007-video-readers-png-Abort-sooner-if-a-read-operation-f.patch - 0008-video-readers-png-Refuse-to-handle-multiple-image-he.patch - 0009-video-readers-png-Drop-greyscale-support-to-fix-heap.patch - 0010-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch - 0011-video-readers-png-Sanity-check-some-huffman-codes.patch - 0012-video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch - 0013-video-readers-jpeg-Do-not-reallocate-a-given-huff-ta.patch - 0014-video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch - 0015-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch - 0016-normal-charset-Fix-array-out-of-bounds-formatting-un.patch - 0017-net-ip-Do-IP-fragment-maths-safely.patch - 0018-net-netbuff-Block-overly-large-netbuff-allocs.patch - 0019-net-dns-Fix-double-free-addresses-on-corrupt-DNS-res.patch - 0020-net-dns-Don-t-read-past-the-end-of-the-string-we-re-.patch - 0021-net-tftp-Prevent-a-UAF-and-double-free-from-a-failed.patch - 0022-net-tftp-Avoid-a-trivial-UAF.patch - 0023-net-http-Do-not-tear-down-socket-if-it-s-already-bee.patch - 0024-net-http-Fix-OOB-write-for-split-http-headers.patch - 0025-net-http-Error-out-on-headers-with-LF-without-CR.patch - 0026-fs-f2fs-Do-not-read-past-the-end-of-nat-journal-entr.patch - 0027-fs-f2fs-Do-not-read-past-the-end-of-nat-bitmap.patch - 0028-fs-f2fs-Do-not-copy-file-names-that-are-too-long.patch - 0029-fs-btrfs-Fix-several-fuzz-issues-with-invalid-dir-it.patch - 0030-fs-btrfs-Fix-more-ASAN-and-SEGV-issues-found-with-fu.patch - 0031-fs-btrfs-Fix-more-fuzz-issues-related-to-chunks.patch - 0032-Use-grub_loader_set_ex-for-secureboot-chainloader.patch - 0001-luks2-Add-debug-message-to-align-with-luks-and-geli-.patch - 0002-cryptodisk-Refactor-to-discard-have_it-global.patch - 0003-cryptodisk-Return-failure-in-cryptomount-when-no-cry.patch - 0004-cryptodisk-Improve-error-messaging-in-cryptomount-in.patch - 0005-cryptodisk-Improve-cryptomount-u-error-message.patch - 0006-cryptodisk-Add-infrastructure-to-pass-data-from-cryp.patch - 0007-cryptodisk-Refactor-password-input-out-of-crypto-dev.patch - 0008-cryptodisk-Move-global-variables-into-grub_cryptomou.patch - 0009-cryptodisk-Improve-handling-of-partition-name-in-cry.patch - 0001-crytodisk-fix-cryptodisk-module-looking-up.patch - 0001-devmapper-getroot-Have-devmapper-recognize-LUKS2.patch - 0002-devmapper-getroot-Set-up-cheated-LUKS2-cryptodisk-mo.patch - 0003-disk-cryptodisk-When-cheatmounting-use-the-sector-in.patch - 0004-normal-menu-Don-t-show-Booting-s-msg-when-auto-booti.patch - 0005-EFI-suppress-the-Welcome-to-GRUB-message-in-EFI-buil.patch - 0006-EFI-console-Do-not-set-colorstate-until-the-first-te.patch - 0007-EFI-console-Do-not-set-cursor-until-the-first-text-o.patch - efi-set-variable-with-attrs.patch - 0001-mm-Allow-dynamically-requesting-additional-memory-re.patch - 0002-kern-efi-mm-Always-request-a-fixed-number-of-pages-o.patch - 0003-kern-efi-mm-Extract-function-to-add-memory-regions.patch - 0004-kern-efi-mm-Pass-up-errors-from-add_memory_regions.patch - 0005-kern-efi-mm-Implement-runtime-addition-of-pages.patch - 0001-kern-efi-mm-Enlarge-the-default-heap-size.patch - 0002-mm-Defer-the-disk-cache-invalidation.patch - 0001-grub-install-set-point-of-no-return-for-powerpc-ieee1275.patch - 0001-commands-efi-tpm-Refine-the-status-of-log-event.patch - 0002-commands-efi-tpm-Use-grub_strcpy-instead-of-grub_mem.patch - 0003-efi-tpm-Add-EFI_CC_MEASUREMENT_PROTOCOL-support.patch - 0001-ibmvtpm-Add-support-for-trusted-boot-using-a-vTPM-2..patch - 0002-ieee1275-implement-vec5-for-cas-negotiation.patch - 0001-font-Reject-glyphs-exceeds-font-max_glyph_width-or-f.patch - 0002-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch - 0003-font-Fix-several-integer-overflows-in-grub_font_cons.patch - 0004-font-Remove-grub_font_dup_glyph.patch - 0005-font-Fix-integer-overflow-in-ensure_comb_space.patch - 0006-font-Fix-integer-overflow-in-BMP-index.patch - 0007-font-Fix-integer-underflow-in-binary-search-of-char-.patch - 0008-fbutil-Fix-integer-overflow.patch - 0009-font-Fix-an-integer-underflow-in-blit_comb.patch - 0010-font-Harden-grub_font_blit_glyph-and-grub_font_blit_.patch - 0011-font-Assign-null_font-to-glyphs-in-ascii_font_glyph.patch - 0012-normal-charset-Fix-an-integer-overflow-in-grub_unico.patch - 0001-fs-btrfs-Use-full-btrfs-bootloader-area.patch - 0001-ieee1275-Increase-initially-allocated-heap-from-1-4-.patch - 0001-grub-core-modify-sector-by-sysfs-as-disk-sector.patch - grub2-add-module-for-boot-loader-interface.patch - 0001-ieee1275-Further-increase-initially-allocated-heap-f.patch - 0002-tpm-Disable-tpm-verifier-if-tpm-is-not-present.patch - 0001-RISC-V-Handle-R_RISCV_CALL_PLT-reloc.patch - 0001-loader-linux-Ensure-the-newc-pathname-is-NULL-termin.patch - 0001-kern-ieee1275-init-Convert-plain-numbers-to-constant.patch - 0002-kern-ieee1275-init-Extended-support-in-Vec5.patch - 0001-fs-ext2-Ignore-checksum-seed-incompat-feature.patch - 0001-fs-ext2-Ignore-the-large_dir-incompat-feature.patch * Patch modified to new base version: - use-grub2-as-a-package-name.patch - grub2-fix-menu-in-xen-host-server.patch - grub2-secureboot-add-linuxefi.patch - grub2-secureboot-chainloader.patch - grub2-s390x-01-Changes-made-and-files-added-in-order-to-allow-s390x.patch - grub2-s390x-03-output-7-bit-ascii.patch - grub2-s390x-04-grub2-install.patch - grub2-use-rpmsort-for-version-sorting.patch - grub2-getroot-treat-mdadm-ddf-as-simple-device.patch - grub2-grubenv-in-btrfs-header.patch - grub2-commands-introduce-read_file-subcommand.patch - grub2-efi-chainload-harder.patch - grub2-emu-4-all.patch - grub2-util-30_os-prober-multiple-initrd.patch - grub2-install-fix-not-a-directory-error.patch - grub-install-force-journal-draining-to-ensure-data-i.patch - grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch - grub2-btrfs-04-grub2-install.patch - grub2-btrfs-05-grub2-mkconfig.patch - grub2-btrfs-06-subvol-mount.patch - grub2-efi-xen-chainload.patch - grub2-efi-xen-cmdline.patch - grub2-efi-xen-removable.patch - grub2-suse-remove-linux-root-param.patch - grub2-ppc64le-disable-video.patch - grub2-install-remove-useless-check-PReP-partition-is-empty.patch - 0004-efinet-UEFI-IPv6-PXE-support.patch - 0007-efinet-Setting-network-from-UEFI-device-path.patch - 0008-efinet-Setting-DNS-server-from-UEFI-protocol.patch - 0001-add-support-for-UEFI-network-protocols.patch - grub2-mkconfig-default-entry-correction.patch - grub2-s390x-11-secureboot.patch - grub2-secureboot-install-signed-grub.patch - grub2-gfxmenu-support-scrolling-menu-entry-s-text.patch - 0002-cmdline-Provide-cmdline-functions-as-module.patch - 0001-efi-linux-provide-linux-command.patch - 0001-Add-support-for-Linux-EFI-stub-loading-on-aarch64.patch - 0004-arm-arm64-loader-Better-memory-allocation-and-error-.patch - 0002-Arm-check-for-the-PE-magic-for-the-compiled-arch.patch - 0001-Factor-out-grub_efi_linux_boot.patch - 0003-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch - 0015-test_asn1-test-module-for-libtasn1.patch - 0021-appended-signatures-documentation.patch - 0022-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch - 0003-grub-install-support-prep-environment-block.patch - 0004-Introduce-prep_load_env-command.patch - 0001-grub-install-bailout-root-device-probing.patch - 0001-install-fix-software-raid1-on-esp.patch - 0001-ofdisk-improve-boot-time-by-lookup-boot-disk-first.patch - 0001-protectors-Add-key-protectors-framework.patch - 0002-tpm2-Add-TPM-Software-Stack-TSS.patch - 0004-cryptodisk-Support-key-protectors.patch - 0008-linuxefi-Use-common-grub_initrd_load.patch - 0009-Add-crypttab_entry-to-obviate-the-need-to-input-pass.patch - grub-read-pcr.patch - tpm-record-pcrs.patch - 0001-clean-up-crypttab-and-linux-modules-dependency.patch * Patch refreshed: - rename-grub-info-file-to-grub2.patch - grub2-linux.patch - grub2-simplefb.patch - grub2-ppc-terminfo.patch - grub2-pass-corret-root-for-nfsroot.patch - grub2-efi-HP-workaround.patch - grub2-secureboot-no-insmod-on-sb.patch - grub2-linuxefi-fix-boot-params.patch - grub2-s390x-05-grub2-mkconfig.patch - grub2-xen-linux16.patch - grub2-efi-disable-video-cirrus-and-bochus.patch - grub2-vbe-blacklist-preferred-1440x900x32.patch - grub2-mkconfig-aarch64.patch - grub2-menu-unrestricted.patch - grub2-mkconfig-arm.patch - grub2-s390x-06-loadparm.patch - grub2-s390x-07-add-image-param-for-zipl-setup.patch - grub2-s390x-08-workaround-part-to-disk.patch - grub2-diskfilter-support-pv-without-metadatacopies.patch - grub2-getroot-support-nvdimm.patch - grub2-s390x-skip-zfcpdump-image.patch - grub2-btrfs-02-export-subvolume-envvars.patch - grub2-btrfs-03-follow_default.patch - grub2-btrfs-07-subvol-fallback.patch - grub2-btrfs-08-workaround-snapshot-menu-default-entry.patch - grub2-btrfs-09-get-default-subvolume.patch - grub2-btrfs-10-config-directory.patch - grub2-efi-xen-cfg-unquote.patch - grub2-Add-hidden-menu-entries.patch - grub2-SUSE-Add-the-t-hotkey.patch - grub2-ppc64le-memory-map.patch - grub2-ppc64-cas-reboot-support.patch - grub2-ppc64-cas-new-scope.patch - grub2-ppc64-cas-fix-double-free.patch - 0003-bootp-New-net_bootp6-command.patch - 0005-grub.texi-Add-net_bootp6-doument.patch - 0006-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch - 0012-tpm-Build-tpm-as-module.patch - 0002-AUDIT-0-http-boot-tracker-bug.patch - grub2-btrfs-help-on-snapper-rollback.patch - grub2-video-limit-the-resolution-for-fixed-bimap-font.patch - 0001-kern-mm.c-Make-grub_calloc-inline.patch - 0001-Unify-the-check-to-enable-btrfs-relative-path.patch - 0002-arm64-make-sure-fdt-has-address-cells-and-size-cells.patch - 0003-Make-grub_error-more-verbose.patch - 0001-ieee1275-Avoiding-many-unecessary-open-close.patch - 0001-Workaround-volatile-efi-boot-variable.patch - 0001-templates-Follow-the-path-of-usr-merged-kernel-confi.patch - 0004-Try-to-pick-better-locations-for-kernel-and-initrd.patch - 0004-Add-suport-for-signing-grub-with-an-appended-signatu.patch - 0005-docs-grub-Document-signing-grub-under-UEFI.patch - 0006-docs-grub-Document-signing-grub-with-an-appended-sig.patch - 0007-dl-provide-a-fake-grub_dl_set_persistent-for-the-emu.patch - 0008-pgp-factor-out-rsa_pad.patch - 0010-posix_wrap-tweaks-in-preparation-for-libtasn1.patch - 0011-libtasn1-import-libtasn1-4.18.0.patch - 0014-libtasn1-compile-into-asn1-module.patch - 0016-grub-install-support-embedding-x509-certificates.patch - 0017-appended-signatures-import-GNUTLS-s-ASN.1-descriptio.patch - 0018-appended-signatures-parse-PKCS-7-signedData-and-X.50.patch - 0019-appended-signatures-support-verifying-appended-signa.patch - 0020-appended-signatures-verification-tests.patch - 0001-grub-install-Add-SUSE-signed-image-support-for-power.patch - 0002-Add-grub_disk_write_tail-helper-function.patch - 0005-export-environment-at-start-up.patch - 0001-Fix-infinite-boot-loop-on-headless-system-in-qemu.patch - 0003-protectors-Add-TPM2-Key-Protector.patch - 0005-util-grub-protect-Add-new-tool.patch - 0010-templates-import-etc-crypttab-to-grub.cfg.patch - grub-install-record-pcrs.patch - safe_tpm_pcr_snapshot.patch - 0002-Mark-environmet-blocks-as-used-for-image-embedding.patch - 0001-grub2-Set-multiple-device-path-for-a-nvmf-boot-devic.patch - 0002-discard-cached-key-before-entering-grub-shell-and-ed.patch - 0001-ieee1275-ofdisk-retry-on-open-and-read-failure.patch - 0002-Restrict-cryptsetup-key-file-permission-for-better-s.patch * New: - 0001-xen_boot-add-missing-grub_arch_efi_linux_load_image_.patch - 0001-font-Try-memdisk-fonts-with-the-same-name.patch - 0001-Make-grub.cfg-compatible-to-old-binaries.patch - 0001-disk-cryptodisk-Fix-missing-change-when-updating-to-.patch * Embedding fonts in the grub.efi to get signed for secure boot- Fix error message "unknown command tpm_record_pcrs" with encrypted boot and no tpm device present (bsc#1213547) * 0002-tpm-Disable-tpm-verifier-if-tpm-is-not-present.patch- add 0001-fs-ext2-Ignore-checksum-seed-incompat-feature.patch, 0001-fs-ext2-Ignore-the-large_dir-incompat-feature.patch: * support more featureful extX filesystems (backport from upstream git)- grub2-once: Fix 'sh: terminal_output: command not found' error (bsc#1204563)- Exclude the deprecated EFI location, /usr/lib64/efi/, from Tumbleweed and ALP- Update TPM 2.0 key unsealing patches * Add the new upstreaming patches 0001-protectors-Add-key-protectors-framework.patch 0002-tpm2-Add-TPM-Software-Stack-TSS.patch 0003-protectors-Add-TPM2-Key-Protector.patch 0004-cryptodisk-Support-key-protectors.patch 0005-util-grub-protect-Add-new-tool.patch * Add the authorized policy patches based on the upstreaming patches 0001-tpm2-Add-TPM2-types-structures-and-command-constants.patch 0002-tpm2-Add-more-marshal-unmarshal-functions.patch 0003-tpm2-Implement-more-TPM2-commands.patch 0004-tpm2-Support-authorized-policy.patch * Drop the old patches 0010-protectors-Add-key-protectors-framework.patch 0011-tpm2-Add-TPM-Software-Stack-TSS.patch 0012-protectors-Add-TPM2-Key-Protector.patch 0013-cryptodisk-Support-key-protectors.patch 0014-util-grub-protect-Add-new-tool.patch fix-tpm2-build.patch tpm-protector-dont-measure-sealed-key.patch tpm-protector-export-secret-key.patch grub-unseal-debug.patch 0001-tpm2-adjust-the-input-parameters-of-TPM2_EvictContro.patch 0002-tpm2-declare-the-input-arguments-of-TPM2-functions-a.patch 0003-tpm2-resend-the-command-on-TPM_RC_RETRY.patch 0004-tpm2-add-new-TPM2-types-structures-and-command-const.patch 0005-tpm2-add-more-marshal-unmarshal-functions.patch 0006-tpm2-check-the-command-parameters-of-TPM2-commands.patch 0007-tpm2-pack-the-missing-authorization-command-for-TPM2.patch 0008-tpm2-allow-some-command-parameters-to-be-NULL.patch 0009-tpm2-remove-the-unnecessary-variables.patch 0010-tpm2-add-TPM2-commands-to-support-authorized-policy.patch 0011-tpm2-make-the-file-reading-unmarshal-functions-gener.patch 0012-tpm2-initialize-the-PCR-selection-list-early.patch 0013-tpm2-support-unsealing-key-with-authorized-policy.patch * Refresh grub-read-pcr.patch * Introduce a new build requirement: libtasn1-devel - Only package grub2-protect for the architectures with EFI support- Fix PowerVS deployment fails to boot with 90 cores (bsc#1208581) * 0001-kern-ieee1275-init-Convert-plain-numbers-to-constant.patch * 0002-kern-ieee1275-init-Extended-support-in-Vec5.patch- Fix no prep partition error on non-PReP architectures by making the prep_loadenv module exclusive to powerpc_ieee1275 platform (bsc#1210489) * 0004-Introduce-prep_load_env-command.patch - Fix the issue of freeing an uninitialized pointer * 0002-prep_loadenv-Fix-regex-for-Open-Firmware-device-spec.patch - Rediff * 0005-export-environment-at-start-up.patch * 0009-Add-crypttab_entry-to-obviate-the-need-to-input-pass.patch- Resolve some issues with OS boot failure on PPC NVMe-oF disks and made enhancements to PPC secure boot's root device discovery config (bsc#1207230) - Ensure get_devargs and get_devname functions are consistent * 0001-openfw-Ensure-get_devargs-and-get_devname-functions-.patch - Fix regex for Open Firmware device specifier with encoded commas * 0002-prep_loadenv-Fix-regex-for-Open-Firmware-device-spec.patch - Fix regular expression in PPC secure boot config to prevent escaped commas from being treated as delimiters when retrieving partition substrings. - Use prep_load_env in PPC secure boot config to handle unset host-specific environment variables and ensure successful command execution. * 0004-Introduce-prep_load_env-command.patch - Refreshed * 0005-export-environment-at-start-up.patch- Fix aarch64 kiwi image's file not found due to '/@' prepended to path in btrfs filesystem. (bsc#1209165) * grub2-btrfs-05-grub2-mkconfig.patch- Restrict cryptsetup key file permission for better security (bsc#1207499) * 0001-loader-linux-Ensure-the-newc-pathname-is-NULL-termin.patch * 0002-Restrict-cryptsetup-key-file-permission-for-better-s.patch- Meanwhile, memtest86+ gained EFI support, but using the grub command line to run it manually is quite tedious... Adapt 20_memtest86+ to provide a proper menu entry. Executing memtest requires to turn security off in BIOS: (Boot Mode: Other OS).- Tolerate kernel moved out of /boot. (bsc#1184804) * grub2-s390x-12-zipl-setup-usrmerge.patch- Discard cached key from grub shell and editor mode * 0001-clean-up-crypttab-and-linux-modules-dependency.patch * 0002-discard-cached-key-before-entering-grub-shell-and-ed.patch- Make grub more robust against storage race condition causing system boot failures (bsc#1189036) * 0001-ieee1275-ofdisk-retry-on-open-and-read-failure.patch- Fix riscv64 error for relocation 0x13 is not implemented yet * 0001-RISC-V-Handle-R_RISCV_CALL_PLT-reloc.patch- Fix out of memory error on lpar installation from virtual cdrom (bsc#1208024) * 0001-ieee1275-Further-increase-initially-allocated-heap-f.patch * 0002-tpm-Disable-tpm-verifier-if-tpm-is-not-present.patch - Fix lpar got hung at grub after inactive migration (bsc#1207684) * 0002-ieee1275-implement-vec5-for-cas-negotiation.patch - Rediff * safe_tpm_pcr_snapshot.patch - Patch supersceded * 0001-tpm-Disable-tpm-verifier-if-tpm-is-not-present.patch- Refresh 0003-tpm2-resend-the-command-on-TPM_RC_RETRY.patch to handle the TPM2 responseCode correctly.- Add module for boot loader interface. Needed for load Unified Kernel Image (UKI) * grub2-add-module-for-boot-loader-interface.patch- Amend the TPM2 stack and add authorized policy mode to tpm2_key_protector * 0001-tpm2-adjust-the-input-parameters-of-TPM2_EvictContro.patch * 0002-tpm2-declare-the-input-arguments-of-TPM2-functions-a.patch * 0003-tpm2-resend-the-command-on-TPM_RC_RETRY.patch * 0004-tpm2-add-new-TPM2-types-structures-and-command-const.patch * 0005-tpm2-add-more-marshal-unmarshal-functions.patch * 0006-tpm2-check-the-command-parameters-of-TPM2-commands.patch * 0007-tpm2-pack-the-missing-authorization-command-for-TPM2.patch * 0008-tpm2-allow-some-command-parameters-to-be-NULL.patch * 0009-tpm2-remove-the-unnecessary-variables.patch * 0010-tpm2-add-TPM2-commands-to-support-authorized-policy.patch * 0011-tpm2-make-the-file-reading-unmarshal-functions-gener.patch * 0012-tpm2-initialize-the-PCR-selection-list-early.patch * 0013-tpm2-support-unsealing-key-with-authorized-policy.patch- Fix nvmf boot device setup (bsc#1207811) * 0001-grub2-Can-t-setup-a-default-boot-device-correctly-on.patch- Fix unknown filesystem error on disks with 4096 sector size (bsc#1207064) * 0001-grub-core-modify-sector-by-sysfs-as-disk-sector.patch- Fix GCC 13 build failure (bsc#1201089) * 0002-AUDIT-0-http-boot-tracker-bug.patch- Move unsupported zfs modules into 'extras' packages (bsc#1205554) (PED-2947)- Fix inappropriately including commented lines in crypttab (bsc#1206279) * 0010-templates-import-etc-crypttab-to-grub.cfg.patch- Make grub.cfg invariant to efi and legacy platforms (bsc#1205200) - Removed patch linuxefi * grub2-secureboot-provide-linuxefi-config.patch * grub2-secureboot-use-linuxefi-on-uefi-in-os-prober.patch * grub2-secureboot-use-linuxefi-on-uefi.patch - Rediff * grub2-btrfs-05-grub2-mkconfig.patch * grub2-efi-xen-cmdline.patch * grub2-s390x-05-grub2-mkconfig.patch * grub2-suse-remove-linux-root-param.patch- Setup multiple device paths for a nvmf boot device (bsc#1205666) * 0001-grub2-Set-multiple-device-path-for-a-nvmf-boot-devic.patch- Increase the path buffer in the crypttab command for the long volume name (bsc#1206333) * grub2-increase-crypttab-path-buffer.patch- Add tpm to signed grub.elf image (PED-1990) (bsc#1205912) - Increase initial heap size from 1/4 to 1/3 * 0001-ieee1275-Increase-initially-allocated-heap-from-1-4-.patch- Make full utilization of btrfs bootloader area (bsc#1161823) * 0001-fs-btrfs-Use-full-btrfs-bootloader-area.patch * 0002-Mark-environmet-blocks-as-used-for-image-embedding.patch - Patch removed * 0001-i386-pc-build-btrfs-zstd-support-into-separate-modul.patch- Fix regression of reverting back to asking password twice when a keyfile is already used (bsc#1205309) * 0010-templates-import-etc-crypttab-to-grub.cfg.patch- Security fixes and hardenings * 0001-font-Reject-glyphs-exceeds-font-max_glyph_width-or-f.patch * 0002-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch - Fix CVE-2022-2601 (bsc#1205178) * 0003-font-Fix-several-integer-overflows-in-grub_font_cons.patch * 0004-font-Remove-grub_font_dup_glyph.patch * 0005-font-Fix-integer-overflow-in-ensure_comb_space.patch * 0006-font-Fix-integer-overflow-in-BMP-index.patch * 0007-font-Fix-integer-underflow-in-binary-search-of-char-.patch * 0008-fbutil-Fix-integer-overflow.patch - Fix CVE-2022-3775 (bsc#1205182) * 0009-font-Fix-an-integer-underflow-in-blit_comb.patch * 0010-font-Harden-grub_font_blit_glyph-and-grub_font_blit_.patch * 0011-font-Assign-null_font-to-glyphs-in-ascii_font_glyph.patch * 0012-normal-charset-Fix-an-integer-overflow-in-grub_unico.patch - Bump upstream SBAT generation to 3- Removed 0001-linux-fix-efi_relocate_kernel-failure.patch as reported regression in some hardware being stuck in initrd loading (bsc#1205380)- Fix password asked twice if third field in crypttab not present (bsc#1205312) * 0009-Add-crypttab_entry-to-obviate-the-need-to-input-pass.patch- NVMeoFC support on grub (jsc#PED-996) * 0001-ieee1275-add-support-for-NVMeoFC.patch * 0002-ieee1275-ofpath-enable-NVMeoF-logical-device-transla.patch * 0003-ieee1275-change-the-logic-of-ieee1275_get_devargs.patch * 0004-ofpath-controller-name-update.patch - TDX: Enhance grub2 measurement to TD RTMR (jsc#PED-1265) * 0001-commands-efi-tpm-Refine-the-status-of-log-event.patch * 0002-commands-efi-tpm-Use-grub_strcpy-instead-of-grub_mem.patch * 0003-efi-tpm-Add-EFI_CC_MEASUREMENT_PROTOCOL-support.patch - Measure the kernel on POWER10 and extend TPM PCRs (PED-1990) * 0001-ibmvtpm-Add-support-for-trusted-boot-using-a-vTPM-2..patch * 0002-ieee1275-implement-vec5-for-cas-negotiation.patch - Fix efi pcr snapshot related funtion is defined but not used on powerpc platform. * safe_tpm_pcr_snapshot.patch- Include loopback into signed grub2 image (jsc#PED-2150)- Fix firmware oops after disk decrypting failure (bsc#1204037) * 0009-Add-crypttab_entry-to-obviate-the-need-to-input-pass.patch- Add patch to fix kernel relocation error in low memory * 0001-linux-fix-efi_relocate_kernel-failure.patch- Add safety measure to pcr snapshot by checking platform and tpm status * safe_tpm_pcr_snapshot.patch- Fix installation failure due to unavailable nvram device on ppc64le (bsc#1201361) * 0001-grub-install-set-point-of-no-return-for-powerpc-ieee1275.patch- Add patches to dynamically allocate additional memory regions for EFI systems (bsc#1202438) * 0001-mm-Allow-dynamically-requesting-additional-memory-re.patch * 0002-kern-efi-mm-Always-request-a-fixed-number-of-pages-o.patch * 0003-kern-efi-mm-Extract-function-to-add-memory-regions.patch * 0004-kern-efi-mm-Pass-up-errors-from-add_memory_regions.patch * 0005-kern-efi-mm-Implement-runtime-addition-of-pages.patch - Enlarge the default heap size and defer the disk cache invalidation (bsc#1202438) * 0001-kern-efi-mm-Enlarge-the-default-heap-size.patch * 0002-mm-Defer-the-disk-cache-invalidation.patch- Add patches for ALP FDE support * 0001-devmapper-getroot-Have-devmapper-recognize-LUKS2.patch * 0002-devmapper-getroot-Set-up-cheated-LUKS2-cryptodisk-mo.patch * 0003-disk-cryptodisk-When-cheatmounting-use-the-sector-in.patch * 0004-normal-menu-Don-t-show-Booting-s-msg-when-auto-booti.patch * 0005-EFI-suppress-the-Welcome-to-GRUB-message-in-EFI-buil.patch * 0006-EFI-console-Do-not-set-colorstate-until-the-first-te.patch * 0007-EFI-console-Do-not-set-cursor-until-the-first-text-o.patch * 0008-linuxefi-Use-common-grub_initrd_load.patch * 0009-Add-crypttab_entry-to-obviate-the-need-to-input-pass.patch * 0010-templates-import-etc-crypttab-to-grub.cfg.patch * grub-read-pcr.patch * efi-set-variable-with-attrs.patch * tpm-record-pcrs.patch * tpm-protector-dont-measure-sealed-key.patch * tpm-protector-export-secret-key.patch * grub-install-record-pcrs.patch * grub-unseal-debug.patch- Fix out of memory error cannot be prevented via disabling tpm (bsc#1202438) * 0001-tpm-Disable-tpm-verifier-if-tpm-is-not-present.patch- Fix tpm error stop tumbleweed from booting (bsc#1202374) * 0001-tpm-Pass-unknown-error-as-non-fatal-but-debug-print-.patch - Patch Removed * 0001-tpm-Log-EFI_VOLUME_FULL-and-continue.patch- Add tpm, tpm2, luks2 and gcry_sha512 to default grub.efi (bsc#1197625) - Make grub-tpm.efi a symlink to grub.efi * grub2.spec - Log error when tpm event log is full and continue * 0001-tpm-Log-EFI_VOLUME_FULL-and-continue.patch - Patch superseded * 0001-tpm-Pass-unknown-error-as-non-fatal-but-debug-print-.patch- Add patches for automatic TPM disk unlock (jsc#SLE-24018) (bsc#1196668) (jsc#PED-1276) * 0001-luks2-Add-debug-message-to-align-with-luks-and-geli-.patch * 0002-cryptodisk-Refactor-to-discard-have_it-global.patch * 0003-cryptodisk-Return-failure-in-cryptomount-when-no-cry.patch * 0004-cryptodisk-Improve-error-messaging-in-cryptomount-in.patch * 0005-cryptodisk-Improve-cryptomount-u-error-message.patch * 0006-cryptodisk-Add-infrastructure-to-pass-data-from-cryp.patch * 0007-cryptodisk-Refactor-password-input-out-of-crypto-dev.patch * 0008-cryptodisk-Move-global-variables-into-grub_cryptomou.patch * 0009-cryptodisk-Improve-handling-of-partition-name-in-cry.patch * 0010-protectors-Add-key-protectors-framework.patch * 0011-tpm2-Add-TPM-Software-Stack-TSS.patch * 0012-protectors-Add-TPM2-Key-Protector.patch * 0013-cryptodisk-Support-key-protectors.patch * 0014-util-grub-protect-Add-new-tool.patch - Fix no disk unlocking happen (bsc#1196668) * 0001-crytodisk-fix-cryptodisk-module-looking-up.patch - Fix build error * fix-tpm2-build.patch- Security fixes and hardenings for boothole 3 / boothole 2022 (bsc#1198581) * 0001-video-Remove-trailing-whitespaces.patch * 0002-loader-efi-chainloader-Simplify-the-loader-state.patch * 0003-commands-boot-Add-API-to-pass-context-to-loader.patch - Fix CVE-2022-28736 (bsc#1198496) * 0004-loader-efi-chainloader-Use-grub_loader_set_ex.patch - Fix CVE-2022-28735 (bsc#1198495) * 0005-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch * 0006-kern-file-Do-not-leak-device_name-on-error-in-grub_f.patch * 0007-video-readers-png-Abort-sooner-if-a-read-operation-f.patch * 0008-video-readers-png-Refuse-to-handle-multiple-image-he.patch - Fix CVE-2021-3695 (bsc#1191184) * 0009-video-readers-png-Drop-greyscale-support-to-fix-heap.patch - Fix CVE-2021-3696 (bsc#1191185) * 0010-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch * 0011-video-readers-png-Sanity-check-some-huffman-codes.patch * 0012-video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch * 0013-video-readers-jpeg-Do-not-reallocate-a-given-huff-ta.patch * 0014-video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch - Fix CVE-2021-3697 (bsc#1191186) * 0015-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch * 0016-normal-charset-Fix-array-out-of-bounds-formatting-un.patch - Fix CVE-2022-28733 (bsc#1198460) * 0017-net-ip-Do-IP-fragment-maths-safely.patch * 0018-net-netbuff-Block-overly-large-netbuff-allocs.patch * 0019-net-dns-Fix-double-free-addresses-on-corrupt-DNS-res.patch * 0020-net-dns-Don-t-read-past-the-end-of-the-string-we-re-.patch * 0021-net-tftp-Prevent-a-UAF-and-double-free-from-a-failed.patch * 0022-net-tftp-Avoid-a-trivial-UAF.patch * 0023-net-http-Do-not-tear-down-socket-if-it-s-already-bee.patch - Fix CVE-2022-28734 (bsc#1198493) * 0024-net-http-Fix-OOB-write-for-split-http-headers.patch - Fix CVE-2022-28734 (bsc#1198493) * 0025-net-http-Error-out-on-headers-with-LF-without-CR.patch * 0026-fs-f2fs-Do-not-read-past-the-end-of-nat-journal-entr.patch * 0027-fs-f2fs-Do-not-read-past-the-end-of-nat-bitmap.patch * 0028-fs-f2fs-Do-not-copy-file-names-that-are-too-long.patch * 0029-fs-btrfs-Fix-several-fuzz-issues-with-invalid-dir-it.patch * 0030-fs-btrfs-Fix-more-ASAN-and-SEGV-issues-found-with-fu.patch * 0031-fs-btrfs-Fix-more-fuzz-issues-related-to-chunks.patch * 0032-Use-grub_loader_set_ex-for-secureboot-chainloader.patch - Bump grub's SBAT generation to 2- Use boot disks in OpenFirmware, fixing regression caused by 0001-ieee1275-implement-FCP-methods-for-WWPN-and-LUNs.patch, when the root LV is completely in the boot LUN (bsc#1197948) * 0001-ofdisk-improve-boot-time-by-lookup-boot-disk-first.patch- Fix error message in displaying help on bootable snapshot (bsc#1199609)- Fix installation over serial console ends up in infinite boot loop (bsc#1187810) (bsc#1209667) (bsc#1209372) * 0001-Fix-infinite-boot-loop-on-headless-system-in-qemu.patch - Fix ppc64le build error for new IEEE long double ABI * 0001-libc-config-merge-from-glibc.patch- Fix Power10 LPAR error "The partition fails to activate as partition went into invalid state" (bsc#1198714) * 0001-powerpc-do-CAS-in-a-more-compatible-way.patch- use common SBAT values (boo#1193282)- Fix wrong order in kernel sorting of listing rc before final release (bsc#1197376) * grub2-use-rpmsort-for-version-sorting.patch- Fix duplicated insmod part_gpt lines in grub.cfg (bsc#1197186) * 0001-grub-probe-Deduplicate-probed-partmap-output.patch- Fix GCC 12 build failure (bsc#1196546) * 0001-mkimage-Fix-dangling-pointer-may-be-used-error.patch * 0002-Fix-Werror-array-bounds-array-subscript-0-is-outside.patch * 0003-reed_solomon-Fix-array-subscript-0-is-outside-array-.patch - Revised * grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch * 0002-ieee1275-powerpc-enables-device-mapper-discovery.patch- Fix grub-install error when efi system partition is created as mdadm software raid1 device (bsc#1179981) (bsc#1195204) * 0001-install-fix-software-raid1-on-esp.patch- Fix riscv64 build error * 0001-RISC-V-Adjust-march-flags-for-binutils-2.38.patch- Fix error in grub-install when linux root device is on lvm thin volume (bsc#1192622) (bsc#1191974) * 0001-grub-install-bailout-root-device-probing.patch- Support saving grub environment for POWER signed grub images (jsc#SLE-23854) * 0001-Add-grub_envblk_buf-helper-function.patch * 0002-Add-grub_disk_write_tail-helper-function.patch * 0003-grub-install-support-prep-environment-block.patch * 0004-Introduce-prep_load_env-command.patch * 0005-export-environment-at-start-up.patch - Use enviroment variable in early boot config to looking up root device * grub2.spec- Remove obsolete openSUSE 12.2 conditionals in spec file - Clean up powerpc certificate handling.- Set grub2-check-default shebang to "#!/bin/bash", as the the code uses many instructions which are undefined for a POSIX sh. (boo#1195794).- Power guest secure boot with static keys: GRUB2 signing portion (jsc#SLE-18271) (bsc#1192764) * 0001-grub-install-Add-SUSE-signed-image-support-for-power.patch- Fix wrong default entry when booting snapshot (bsc#1159205) * grub2-btrfs-08-workaround-snapshot-menu-default-entry.patch- Power guest secure boot with static keys: GRUB2 signing portion (jsc#SLE-18271) (bsc#1192764) * grub2.spec - Power guest secure boot with static keys: GRUB2 portion (jsc#SLE-18144) (bsc#1192686) * 0001-ieee1275-Drop-HEAP_MAX_ADDR-and-HEAP_MIN_SIZE-consta.patch * 0002-ieee1275-claim-more-memory.patch * 0003-ieee1275-request-memory-with-ibm-client-architecture.patch * 0004-Add-suport-for-signing-grub-with-an-appended-signatu.patch * 0005-docs-grub-Document-signing-grub-under-UEFI.patch * 0006-docs-grub-Document-signing-grub-with-an-appended-sig.patch * 0007-dl-provide-a-fake-grub_dl_set_persistent-for-the-emu.patch * 0008-pgp-factor-out-rsa_pad.patch * 0009-crypto-move-storage-for-grub_crypto_pk_-to-crypto.c.patch * 0010-posix_wrap-tweaks-in-preparation-for-libtasn1.patch * 0011-libtasn1-import-libtasn1-4.18.0.patch * 0012-libtasn1-disable-code-not-needed-in-grub.patch * 0013-libtasn1-changes-for-grub-compatibility.patch * 0014-libtasn1-compile-into-asn1-module.patch * 0015-test_asn1-test-module-for-libtasn1.patch * 0016-grub-install-support-embedding-x509-certificates.patch * 0017-appended-signatures-import-GNUTLS-s-ASN.1-descriptio.patch * 0018-appended-signatures-parse-PKCS-7-signedData-and-X.50.patch * 0019-appended-signatures-support-verifying-appended-signa.patch * 0020-appended-signatures-verification-tests.patch * 0021-appended-signatures-documentation.patch * 0022-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch * 0023-x509-allow-Digitial-Signature-plus-other-Key-Usages.patch- Fix no menuentry is found if hibernation on btrfs RAID1 (bsc#1193090) * grub2-systemd-sleep-plugin- Fix CVE-2021-3981 (bsc#1189644) * 0001-grub-mkconfig-restore-umask-for-grub.cfg.patch- Fix can't allocate initrd error (bsc#1191378) * 0001-Factor-out-grub_efi_linux_boot.patch * 0002-Fix-race-in-EFI-validation.patch * 0003-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch * 0004-Try-to-pick-better-locations-for-kernel-and-initrd.patch * 0005-x86-efi-Use-bounce-buffers-for-reading-to-addresses-.patch * 0006-x86-efi-Re-arrange-grub_cmd_linux-a-little-bit.patch * 0007-x86-efi-Make-our-own-allocator-for-kernel-stuff.patch * 0008-x86-efi-Allow-initrd-params-cmdline-allocations-abov.patch * 0009-x86-efi-Reduce-maximum-bounce-buffer-size-to-16-MiB.patch * 0010-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch * 0011-Also-define-GRUB_EFI_MAX_ALLOCATION_ADDRESS-for-RISC.patch- Add support for simplefb (boo#1193532). + grub2-simplefb.patch- Fix extent not found when initramfs contains shared extents (bsc#1190982) * 0001-fs-btrfs-Make-extent-item-iteration-to-handle-gaps.patch- Fix arm64 kernel image not aligned on 64k boundary (bsc#1192522) * 0001-arm64-Fix-EFI-loader-kernel-image-allocation.patch * 0002-Arm-check-for-the-PE-magic-for-the-compiled-arch.patch- Remove openSUSE Tumbleweed specific handling for default grub distributor (bsc#1191198) - Use /usr/lib/os-release as fallback (bsc#1191196) * grub2-default-distributor.patch * grub2-check-default.sh - VUL-0: grub2: grub2-once uses fixed file name in /var/tmp (bsc#1190474) (CVE-2021-46705) * grub2-once * grub2-once.service - Fix unknown TPM error on buggy uefi firmware (bsc#1191504) * 0001-tpm-Pass-unknown-error-as-non-fatal-but-debug-print-.patch - Fix error /boot/grub2/locale/POSIX.gmo not found (bsc#1189769) * 0001-Filter-out-POSIX-locale-for-translation.patch - Fix error lvmid disk cannot be found after second disk added to the root volume group (bsc#1189874) (bsc#1071559) * 0001-ieee1275-implement-FCP-methods-for-WWPN-and-LUNs.patch - Fix error in grub installation due to unnecessary requirement to support excessive device for the root logical volume (bsc#1184135) * 0001-disk-diskfilter-Use-nodes-in-logical-volume-s-segmen.patch - Fix regression in reading xfs v4 * 0001-fs-xfs-Fix-unreadable-filesystem-with-v4-superblock.patch- Fix installation on usrmerged s390x- Improve support for SLE Micro 5.1 on s390x. (bsc#1190395) * amend grub2-s390x-04-grub2-install.patch * refresh grub2-s390x-11-secureboot.patch- Follow usr merge for looking up kernel config (bsc#1189782) (bsc#1190061) * 0001-templates-Follow-the-path-of-usr-merged-kernel-confi.patch- Add btrfs zstd compression on i386-pc and also make sure it won't break existing grub installations (bsc#1161823) * deleted 0001-btrfs-disable-zstd-support-for-i386-pc.patch * added 0001-i386-pc-build-btrfs-zstd-support-into-separate-modul.patch- Delete the author list from %description (the %description section is literally for package descriptions (only) these days, encoding was also problematic). - Add %doc AUTHORS to get packaged that info- update grub2-systemd-sleep.sh to fix hibernation by avoiding the error "no kernelfile matching the running kernel found" on usrmerged setup- Use %autosetup- Replace grub2-use-stat-instead-of-udevadm-for-partition-lookup.patch and fix-grub2-use-stat-instead-of-udevadm-for-partition-lookup-with-new-glibc.patch with upstream backport: 0001-osdep-Introduce-include-grub-osdep-major.h-and-use-i.patch and 0002-osdep-linux-hostdisk-Use-stat-instead-of-udevadm-for.patch.- Fix error not a btrfs filesystem on s390x (bsc#1187645) * 80_suse_btrfs_snapshot- Fix error gfxterm isn't found with multiple terminals (bsc#1187565) * grub2-fix-error-terminal-gfxterm-isn-t-found.patch- Fix boot failure after kdump due to the content of grub.cfg is not completed with pending modificaton in xfs journal (bsc#1186975) * grub-install-force-journal-draining-to-ensure-data-i.patch - Patch refreshed * grub2-mkconfig-default-entry-correction.patch- Version bump to 2.06 * rediff - 0001-add-support-for-UEFI-network-protocols.patch - 0002-net-read-bracketed-ipv6-addrs-and-port-numbers.patch - 0003-Make-grub_error-more-verbose.patch - 0003-bootp-New-net_bootp6-command.patch - 0005-grub.texi-Add-net_bootp6-doument.patch - 0006-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch - 0006-efi-Set-image-base-address-before-jumping-to-the-PE-.patch - 0008-efinet-Setting-DNS-server-from-UEFI-protocol.patch - 0046-squash-verifiers-Move-verifiers-API-to-kernel-image.patch - grub-install-force-journal-draining-to-ensure-data-i.patch - grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch - grub2-diskfilter-support-pv-without-metadatacopies.patch - grub2-efi-HP-workaround.patch - grub2-efi-xen-cfg-unquote.patch - grub2-efi-xen-chainload.patch - grub2-fix-menu-in-xen-host-server.patch - grub2-gfxmenu-support-scrolling-menu-entry-s-text.patch - grub2-install-remove-useless-check-PReP-partition-is-empty.patch - grub2-lvm-allocate-metadata-buffer-from-raw-contents.patch - grub2-mkconfig-default-entry-correction.patch - grub2-pass-corret-root-for-nfsroot.patch - grub2-s390x-03-output-7-bit-ascii.patch - grub2-s390x-04-grub2-install.patch - grub2-secureboot-install-signed-grub.patch - grub2-setup-try-fs-embed-if-mbr-gap-too-small.patch - use-grub2-as-a-package-name.patch * update by patch squashed: - 0001-Add-support-for-Linux-EFI-stub-loading-on-aarch64.patch - grub2-efi-chainload-harder.patch - grub2-secureboot-no-insmod-on-sb.patch - grub2-secureboot-chainloader.patch - grub2-secureboot-add-linuxefi.patch * remove squashed patches: - 0008-squash-Add-support-for-Linux-EFI-stub-loading-on-aar.patch - 0009-squash-Add-support-for-linuxefi.patch - 0041-squash-Add-secureboot-support-on-efi-chainloader.patch - 0042-squash-grub2-efi-chainload-harder.patch - 0043-squash-Don-t-allow-insmod-when-secure-boot-is-enable.patch - 0045-squash-Add-support-for-Linux-EFI-stub-loading-on-aar.patch * drop upstream patches: - 0001-Warn-if-MBR-gap-is-small-and-user-uses-advanced-modu.patch - 0001-include-grub-i386-linux.h-Include-missing-grub-types.patch - 0001-kern-efi-sb-Add-chainloaded-image-as-shim-s-verifiab.patch - 0001-mdraid1x_linux-Fix-gcc10-error-Werror-array-bounds.patch - 0001-normal-Move-common-datetime-functions-out-of-the-nor.patch - 0001-yylex-Make-lexer-fatal-errors-actually-be-fatal.patch - 0002-efi-Make-shim_lock-GUID-and-protocol-type-public.patch - 0002-grub-install-Avoid-incompleted-install-on-i386-pc.patch - 0002-kern-Add-X-option-to-printf-functions.patch - 0002-safemath-Add-some-arithmetic-primitives-that-check-f.patch - 0002-zfs-Fix-gcc10-error-Werror-zero-length-bounds.patch - 0003-calloc-Make-sure-we-always-have-an-overflow-checking.patch - 0003-efi-Return-grub_efi_status_t-from-grub_efi_get_varia.patch - 0003-normal-main-Search-for-specific-config-files-for-net.patch - 0004-calloc-Use-calloc-at-most-places.patch - 0004-datetime-Enable-the-datetime-module-for-the-emu-plat.patch - 0004-efi-Add-a-function-to-read-EFI-variables-with-attrib.patch - 0005-Make-linux_arm_kernel_header.hdr_offset-be-at-the-ri.patch - 0005-efi-Add-secure-boot-detection.patch - 0005-malloc-Use-overflow-checking-primitives-where-we-do-.patch - 0006-efi-Only-register-shim_lock-verifier-if-shim_lock-pr.patch - 0006-iso9660-Don-t-leak-memory-on-realloc-failures.patch - 0007-font-Do-not-load-more-than-one-NAME-section.patch - 0007-verifiers-Move-verifiers-API-to-kernel-image.patch - 0008-efi-Move-the-shim_lock-verifier-to-the-GRUB-core.patch - 0008-script-Remove-unused-fields-from-grub_script_functio.patch - 0009-kern-Add-lockdown-support.patch - 0009-script-Avoid-a-use-after-free-when-redefining-a-func.patch - 0010-kern-lockdown-Set-a-variable-if-the-GRUB-is-locked-d.patch - 0010-linux-Fix-integer-overflows-in-initrd-size-handling.patch - 0011-efi-Lockdown-the-GRUB-when-the-UEFI-Secure-Boot-is-e.patch - 0012-efi-Use-grub_is_lockdown-instead-of-hardcoding-a-dis.patch - 0013-acpi-Don-t-register-the-acpi-command-when-locked-dow.patch - 0014-mmap-Don-t-register-cutmem-and-badram-commands-when-.patch - 0015-commands-Restrict-commands-that-can-load-BIOS-or-DT-.patch - 0016-commands-setpci-Restrict-setpci-command-when-locked-.patch - 0017-commands-hdparm-Restrict-hdparm-command-when-locked-.patch - 0018-gdb-Restrict-GDB-access-when-locked-down.patch - 0019-loader-xnu-Don-t-allow-loading-extension-and-package.patch - 0020-dl-Only-allow-unloading-modules-that-are-not-depende.patch - 0021-usb-Avoid-possible-out-of-bound-accesses-caused-by-m.patch - 0022-lib-arg-Block-repeated-short-options-that-require-an.patch - 0023-commands-menuentry-Fix-quoting-in-setparams_prefix.patch - 0024-kern-parser-Fix-resource-leak-if-argc-0.patch - 0025-kern-parser-Fix-a-memory-leak.patch - 0026-kern-parser-Introduce-process_char-helper.patch - 0027-kern-parser-Introduce-terminate_arg-helper.patch - 0028-kern-parser-Refactor-grub_parser_split_cmdline-clean.patch - 0029-kern-buffer-Add-variable-sized-heap-buffer.patch - 0030-kern-parser-Fix-a-stack-buffer-overflow.patch - 0031-util-mkimage-Remove-unused-code-to-add-BSS-section.patch - 0032-util-mkimage-Use-grub_host_to_target32-instead-of-gr.patch - 0033-util-mkimage-Always-use-grub_host_to_target32-to-ini.patch - 0034-util-mkimage-Unify-more-of-the-PE32-and-PE32-header-.patch - 0035-util-mkimage-Reorder-PE-optional-header-fields-set-u.patch - 0036-util-mkimage-Improve-data_size-value-calculation.patch - 0037-util-mkimage-Refactor-section-setup-to-use-a-helper.patch - 0038-util-mkimage-Add-an-option-to-import-SBAT-metadata-i.patch - 0039-grub-install-common-Add-sbat-option.patch - 0040-shim_lock-Only-skip-loading-shim_lock-verifier-with-.patch - grub-install-define-default-platform-for-risc-v.patch - grub2-editenv-add-warning-message.patch - grub2-efi-gop-add-blt.patch - grub2-efi-uga-64bit-fb.patch - grub2-verifiers-fix-system-freeze-if-verify-failed.patch - risc-v-add-clzdi2-symbol.patch - risc-v-fix-computation-of-pc-relative-relocation-offset.patch - Add grub2-instdev-fixup.pl for correcting /etc/default/grub_installdevice to use disk devie if grub has been installed to it - Add 0001-30_uefi-firmware-fix-printf-format-with-null-byte.patch to fix detection of efi fwsetup support- Fix running grub2-once leads to failure of starting systemd service in the boot sequence (bsc#1169460) * grub2-once * grub2-once.service- Fix crash in launching gfxmenu without theme file (bsc#1186481) * grub2-gfxmenu-support-scrolling-menu-entry-s-text.patch- Fix plaintext password in grub config didn't work to unlock menu entry if enabling secure boot in UEFI (bsc#1181892)- Fix obsolete syslog in systemd unit file and updating to use journal as StandardOutput (bsc#1185149) * grub2-once.service- Fix build error on armv6/armv7 (bsc#1184712) * 0001-emu-fix-executable-stack-marking.patch- Fix error grub_file_filters not found in Azure virtual machine (bsc#1182012) * 0001-Workaround-volatile-efi-boot-variable.patch- Fix powerpc-ieee1275 lpar takes long time to boot with increasing number of nvme namespace (bsc#1177751) 0001-ieee1275-Avoiding-many-unecessary-open-close.patch- Fix chainloading windows on dual boot machine (bsc#1183073) * 0001-kern-efi-sb-Add-chainloaded-image-as-shim-s-verifiab.patch- VUL-0: grub2,shim: implement new SBAT method (bsc#1182057) * 0031-util-mkimage-Remove-unused-code-to-add-BSS-section.patch * 0032-util-mkimage-Use-grub_host_to_target32-instead-of-gr.patch * 0033-util-mkimage-Always-use-grub_host_to_target32-to-ini.patch * 0034-util-mkimage-Unify-more-of-the-PE32-and-PE32-header-.patch * 0035-util-mkimage-Reorder-PE-optional-header-fields-set-u.patch * 0036-util-mkimage-Improve-data_size-value-calculation.patch * 0037-util-mkimage-Refactor-section-setup-to-use-a-helper.patch * 0038-util-mkimage-Add-an-option-to-import-SBAT-metadata-i.patch * 0039-grub-install-common-Add-sbat-option.patch - Fix CVE-2021-20225 (bsc#1182262) * 0022-lib-arg-Block-repeated-short-options-that-require-an.patch - Fix CVE-2020-27749 (bsc#1179264) * 0024-kern-parser-Fix-resource-leak-if-argc-0.patch * 0025-kern-parser-Fix-a-memory-leak.patch * 0026-kern-parser-Introduce-process_char-helper.patch * 0027-kern-parser-Introduce-terminate_arg-helper.patch * 0028-kern-parser-Refactor-grub_parser_split_cmdline-clean.patch * 0029-kern-buffer-Add-variable-sized-heap-buffer.patch * 0030-kern-parser-Fix-a-stack-buffer-overflow.patch - Fix CVE-2021-20233 (bsc#1182263) * 0023-commands-menuentry-Fix-quoting-in-setparams_prefix.patch - Fix CVE-2020-25647 (bsc#1177883) * 0021-usb-Avoid-possible-out-of-bound-accesses-caused-by-m.patch - Fix CVE-2020-25632 (bsc#1176711) * 0020-dl-Only-allow-unloading-modules-that-are-not-depende.patch - Fix CVE-2020-27779, CVE-2020-14372 (bsc#1179265) (bsc#1175970) * 0001-include-grub-i386-linux.h-Include-missing-grub-types.patch * 0002-efi-Make-shim_lock-GUID-and-protocol-type-public.patch * 0003-efi-Return-grub_efi_status_t-from-grub_efi_get_varia.patch * 0004-efi-Add-a-function-to-read-EFI-variables-with-attrib.patch * 0005-efi-Add-secure-boot-detection.patch * 0006-efi-Only-register-shim_lock-verifier-if-shim_lock-pr.patch * 0007-verifiers-Move-verifiers-API-to-kernel-image.patch * 0008-efi-Move-the-shim_lock-verifier-to-the-GRUB-core.patch * 0009-kern-Add-lockdown-support.patch * 0010-kern-lockdown-Set-a-variable-if-the-GRUB-is-locked-d.patch * 0011-efi-Lockdown-the-GRUB-when-the-UEFI-Secure-Boot-is-e.patch * 0012-efi-Use-grub_is_lockdown-instead-of-hardcoding-a-dis.patch * 0013-acpi-Don-t-register-the-acpi-command-when-locked-dow.patch * 0014-mmap-Don-t-register-cutmem-and-badram-commands-when-.patch * 0015-commands-Restrict-commands-that-can-load-BIOS-or-DT-.patch * 0016-commands-setpci-Restrict-setpci-command-when-locked-.patch * 0017-commands-hdparm-Restrict-hdparm-command-when-locked-.patch * 0018-gdb-Restrict-GDB-access-when-locked-down.patch * 0019-loader-xnu-Don-t-allow-loading-extension-and-package.patch * 0040-shim_lock-Only-skip-loading-shim_lock-verifier-with-.patch * 0041-squash-Add-secureboot-support-on-efi-chainloader.patch * 0042-squash-grub2-efi-chainload-harder.patch * 0043-squash-Don-t-allow-insmod-when-secure-boot-is-enable.patch * 0044-squash-kern-Add-lockdown-support.patch * 0045-squash-Add-support-for-Linux-EFI-stub-loading-on-aar.patch * 0046-squash-verifiers-Move-verifiers-API-to-kernel-image.patch - Drop patch supersceded by the new backport * 0001-linuxefi-fail-kernel-validation-without-shim-protoco.patch * 0001-shim_lock-Disable-GRUB_VERIFY_FLAGS_DEFER_AUTH-if-se.patch * 0007-linuxefi-fail-kernel-validation-without-shim-protoco.patch - Add SBAT metadata section to grub.efi - Drop shim_lock module as it is part of core of grub.efi * grub2.spec- Fix build error in binutils 2.36 (bsc#1181741) * 0001-Fix-build-error-in-binutils-2.36.patch - Fix executable stack in grub-emu (bsc#1181696) * 0001-emu-fix-executable-stack-marking.patch- Restore compatibilty sym-links * grub2.spec - Use rpmlintrc to filter out rpmlint 2.0 error (bsc#1179044) * grub2.rpmlintrc- Complete Secure Boot support on aarch64 (jsc#SLE-15020) * 0001-Add-support-for-Linux-EFI-stub-loading-on-aarch64.patch * 0002-arm64-make-sure-fdt-has-address-cells-and-size-cells.patch * 0003-Make-grub_error-more-verbose.patch * 0004-arm-arm64-loader-Better-memory-allocation-and-error-.patch * 0005-Make-linux_arm_kernel_header.hdr_offset-be-at-the-ri.patch * 0006-efi-Set-image-base-address-before-jumping-to-the-PE-.patch * 0007-linuxefi-fail-kernel-validation-without-shim-protoco.patch * 0008-squash-Add-support-for-Linux-EFI-stub-loading-on-aar.patch * 0009-squash-Add-support-for-linuxefi.patch- Fix rpmlint 2.0 error for having arch specific path in noarch package aiming for compatibility with old package (bsc#1179044) * grub2.spec - Fix non POSIX sed argument which failed in sed from busybox (bsc#1181091) * grub2-check-default.sh- Fix boot failure in blocklist installation (bsc#1178278) * Modified 0002-grub-install-Avoid-incompleted-install-on-i386-pc.patch- Fix grub2-install error with "failed to get canonical path of `/boot/grub2/i386-pc'." (bsc#1177957) * Modified 0002-grub-install-Avoid-incompleted-install-on-i386-pc.patch- Fix https boot interrupted by unrecognised network address error message (bsc#1172952) * 0001-add-support-for-UEFI-network-protocols.patch- grub2.spec: Fix bare words used as string in expression which is no longer allowed in rpm 4.16- Improve the error handling when grub2-install fails with short mbr gap (bsc#1176062) * 0001-Warn-if-MBR-gap-is-small-and-user-uses-advanced-modu.patch * 0002-grub-install-Avoid-incompleted-install-on-i386-pc.patch- Make efi hand off the default entry point of the linux command (bsc#1176134) * 0001-efi-linux-provide-linux-command.patch- Fix verification requested but nobody cares error when loading external module in secure boot off (bsc#1175766) * 0001-shim_lock-Disable-GRUB_VERIFY_FLAGS_DEFER_AUTH-if-se.patch- Make consistent check to enable relative path on btrfs (bsc#1174567) * 0001-Unify-the-check-to-enable-btrfs-relative-path.patch- Add fibre channel device's ofpath support to grub-ofpathname and search hint to speed up root device discovery (bsc#1172745) * 0001-ieee1275-powerpc-implements-fibre-channel-discovery-.patch * 0002-ieee1275-powerpc-enables-device-mapper-discovery.patch- Fix for CVE-2020-15705 (bsc#1174421) * 0001-linuxefi-fail-kernel-validation-without-shim-protoco.patch * 0002-cmdline-Provide-cmdline-functions-as-module.patch- Make grub-calloc inline to avoid symbol not found error as the system may not use updated grub to boot the system (bsc#1174782) (bsc#1175060) (bsc#1175036) * 0001-kern-mm.c-Make-grub_calloc-inline.patch- Fix for CVE-2020-10713 (bsc#1168994) * 0001-yylex-Make-lexer-fatal-errors-actually-be-fatal.patch - Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 (bsc#1173812) * 0002-safemath-Add-some-arithmetic-primitives-that-check-f.patch * 0003-calloc-Make-sure-we-always-have-an-overflow-checking.patch * 0004-calloc-Use-calloc-at-most-places.patch * 0005-malloc-Use-overflow-checking-primitives-where-we-do-.patch * 0006-iso9660-Don-t-leak-memory-on-realloc-failures.patch * 0007-font-Do-not-load-more-than-one-NAME-section.patch - Fix CVE-2020-15706 (bsc#1174463) * 0008-script-Remove-unused-fields-from-grub_script_functio.patch * 0009-script-Avoid-a-use-after-free-when-redefining-a-func.patch - Fix CVE-2020-15707 (bsc#1174570) * 0010-linux-Fix-integer-overflows-in-initrd-size-handling.patch - Use overflow checking primitives where the arithmetic expression for buffer allocations may include unvalidated data - Use grub_calloc for overflow check and return NULL when it would occur * 0001-add-support-for-UEFI-network-protocols.patch * 0003-bootp-New-net_bootp6-command.patch * grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch * grub2-btrfs-09-get-default-subvolume.patch * grub2-gfxmenu-support-scrolling-menu-entry-s-text.patch * grub2-grubenv-in-btrfs-header.patch- No 95_textmode for PowerPC (boo#1174166)- Skip zfcpdump kernel from the grub boot menu (bsc#1166513) * grub2-s390x-skip-zfcpdump-image.patch- Fix boot failure as journaled data not get drained due to abrupt power off after grub-install (bsc#1167756) * grub-install-force-journal-draining-to-ensure-data-i.patch- Fix executable stack in grub-probe and other grub utility (bsc#1169137) * grub2-btrfs-06-subvol-mount.patch- Fix GCC 10 build fail (bsc#1158189) * 0001-mdraid1x_linux-Fix-gcc10-error-Werror-array-bounds.patch * 0002-zfs-Fix-gcc10-error-Werror-zero-length-bounds.patch- Backport to support searching for specific config files for netboot (bsc#1166409) * 0001-normal-Move-common-datetime-functions-out-of-the-nor.patch * 0002-kern-Add-X-option-to-printf-functions.patch * 0003-normal-main-Search-for-specific-config-files-for-net.patch * 0004-datetime-Enable-the-datetime-module-for-the-emu-plat.patch- move *.module files to separate -debug subpackage (boo#1166578)- Fix EFI console detection to make it a runtime decision (bsc#1164385) * grub2-SUSE-Add-the-t-hotkey.patch- Downgrade mtools to Suggests for consistency with xorriso (boo#1165839) - remove info requirements, file triggers are used now (boo#1152105)- Add secure boot support for s390x. (jsc#SLE-9425) * grub2-s390x-11-secureboot.patch- Fix grub hangs after loading rogue image without valid signature for uefi secure boot (bsc#1159102) * grub2-verifiers-fix-system-freeze-if-verify-failed.patch- From Stefan Seyfried : Fix grub2-install fails with "not a directory" error (boo#1161641, bsc#1162403) * grub2-install-fix-not-a-directory-error.patch- Correct awk pattern in 20_linux_xen (bsc#900418, bsc#1157912) - Correct linux and initrd handling in 20_linux_xen (bsc#1157912) M grub2-efi-xen-cfg-unquote.patch M grub2-efi-xen-chainload.patch M grub2-efi-xen-cmdline.patch M grub2-efi-xen-removable.patch- Disable btrfs zstd support for i386-pc to workaround core.img too large to be embedded in btrfs bootloader area or MBR gap (boo#1154809) * 0001-btrfs-disable-zstd-support-for-i386-pc.patch- Fix grub2.sleep to load old kernel after hibernation (boo#1154783)- Enable support for riscv64 - Backports from upstream: * risc-v-fix-computation-of-pc-relative-relocation-offset.patch * risc-v-add-clzdi2-symbol.patch * grub-install-define-default-platform-for-risc-v.patch- Version bump to 2.04 * removed - translations-20170427.tar.xz * grub2.spec - Make signed grub-tpm.efi specific to x86_64-efi build, the platform currently shipped with tpm module from upstream codebase - Add shim_lock to signed grub.efi in x86_64-efi build - x86_64: linuxefi now depends on linux, both will verify kernel via shim_lock - Remove translation tarball and po file hacks as it's been included in upstream tarball * rediff - grub2-setup-try-fs-embed-if-mbr-gap-too-small.patch - grub2-commands-introduce-read_file-subcommand.patch - grub2-secureboot-add-linuxefi.patch - 0001-add-support-for-UEFI-network-protocols.patch - grub2-efi-HP-workaround.patch - grub2-secureboot-install-signed-grub.patch - grub2-linux.patch - use-grub2-as-a-package-name.patch - grub2-pass-corret-root-for-nfsroot.patch - grub2-secureboot-use-linuxefi-on-uefi.patch - grub2-secureboot-no-insmod-on-sb.patch - grub2-secureboot-provide-linuxefi-config.patch - grub2-secureboot-chainloader.patch - grub2-s390x-01-Changes-made-and-files-added-in-order-to-allow-s390x.patch - grub2-s390x-02-kexec-module-added-to-emu.patch - grub2-s390x-04-grub2-install.patch - grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch - grub2-efi-chainloader-root.patch - grub2-ppc64le-disable-video.patch - grub2-ppc64-cas-reboot-support.patch - grub2-Fix-incorrect-netmask-on-ppc64.patch - 0003-bootp-New-net_bootp6-command.patch - 0006-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch - 0012-tpm-Build-tpm-as-module.patch - grub2-emu-4-all.patch - grub2-btrfs-09-get-default-subvolume.patch - grub2-ppc64le-memory-map.patch - grub2-ppc64-cas-fix-double-free.patch - 0008-efinet-Setting-DNS-server-from-UEFI-protocol.patch * drop upstream patches - grub2-fix-locale-en.mo.gz-not-found-error-message.patch - grub2-fix-build-with-flex-2.6.4.patch - grub2-accept-empty-module.patch - 0001-Fix-packed-not-aligned-error-on-GCC-8.patch - 0001-Fix-PCIe-LER-when-GRUB2-accesses-non-enabled-MMIO-da.patch - unix-exec-avoid-atexit-handlers-when-child-exits.patch - 0001-xfs-Accept-filesystem-with-sparse-inodes.patch - grub2-binutils2.31.patch - grub2-msdos-fix-overflow.patch - 0001-tsc-Change-default-tsc-calibration-method-to-pmtimer.patch - grub2-efi-Move-grub_reboot-into-kernel.patch - grub2-efi-Free-malloc-regions-on-exit.patch - grub2-move-initrd-upper.patch - 0002-Add-Virtual-LAN-support.patch - 0001-ofnet-Initialize-structs-in-bootpath-parser.patch - 0001-misc-fix-invalid-character-recongition-in-strto-l.patch - 0001-tpm-Core-TPM-support.patch - 0002-tpm-Measure-kernel-initrd.patch - 0003-tpm-Add-BIOS-boot-measurement.patch - 0004-tpm-Rework-linux-command.patch - 0005-tpm-Rework-linux16-command.patch - 0006-tpm-Measure-kernel-and-initrd-on-BIOS-systems.patch - 0007-tpm-Measure-the-kernel-commandline.patch - 0008-tpm-Measure-commands.patch - 0009-tpm-Measure-multiboot-images-and-modules.patch - 0010-tpm-Fix-boot-when-there-s-no-TPM.patch - 0011-tpm-Fix-build-error.patch - 0013-tpm-i386-pc-diskboot-img.patch - grub2-freetype-pkgconfig.patch - 0001-cpio-Disable-gcc9-Waddress-of-packed-member.patch - 0002-jfs-Disable-gcc9-Waddress-of-packed-member.patch - 0003-hfs-Fix-gcc9-error-Waddress-of-packed-member.patch - 0004-hfsplus-Fix-gcc9-error-with-Waddress-of-packed-membe.patch - 0005-acpi-Fix-gcc9-error-Waddress-of-packed-member.patch - 0006-usbtest-Disable-gcc9-Waddress-of-packed-member.patch - 0007-chainloader-Fix-gcc9-error-Waddress-of-packed-member.patch - 0008-efi-Fix-gcc9-error-Waddress-of-packed-member.patch- Consistently find btrfs snapshots on s390x. (bsc#1136970) * grub2-s390x-04-grub2-install.patch- Fix fallback embed doesn't work when no post mbr gap at all (boo#1142229) * Refresh grub2-setup-try-fs-embed-if-mbr-gap-too-small.patch- Revert grub2-ieee1275-FCP-methods-for-WWPN-and-LUNs.patch until merged by upstream (bsc#1134287, bsc#1139345, LTC#177836, LTC#174229).- Fix iteration of FCP LUNs (bsc#1134287, bsc#1139345, LTC#177836, LTC#174229). * Refresh grub2-ieee1275-FCP-methods-for-WWPN-and-LUNs.patch- Use grub2-install to handle signed grub installation for UEFI secure boot and also provide options to override default (bsc#1136601) * grub2-secureboot-install-signed-grub.patch - Remove arm64 linuxefi patches as it's not needed for secure boot * 0001-efi-refactor-grub_efi_allocate_pages.patch * 0002-Remove-grub_efi_allocate_pages.patch * 0003-arm64-efi-move-EFI_PAGE-definitions-to-efi-memory.h.patch * 0004-efi-Add-central-copy-of-grub_efi_find_mmap_size.patch * 0005-efi-Add-grub_efi_get_ram_base-function-for-arm64.patch * 0006-Add-support-for-EFI-handover-on-ARM64.patch- Avoid high resolution when trying to keep current mode (bsc#1133842) * grub2-video-limit-the-resolution-for-fixed-bimap-font.patch - Make GRUB_SAVEDEFAULT working with btrfs (bsc#1128592) * grub2-grubenv-in-btrfs-header.patch- Check/refresh zipl-kernel before hibernate on s390x. (bsc#940457) (Getting rid of hardcoded 'vmlinuz', which failed on PPC as well.) * grub2-systemd-sleep.sh- Try to refresh zipl-kernel on failed kexec. (bsc#1127293) * grub2-s390x-04-grub2-install.patch - Fully support "previous" zipl-kernel, with 'mem=1G' being available on dedicated entries. (bsc#928131) * grub2-s390x-09-improve-zipl-setup.patch - Refresh * grub2-zipl-setup-fix-btrfs-multipledev.patch- Fix GCC 9 build failure (bsc#1121208) * 0001-cpio-Disable-gcc9-Waddress-of-packed-member.patch * 0002-jfs-Disable-gcc9-Waddress-of-packed-member.patch * 0003-hfs-Fix-gcc9-error-Waddress-of-packed-member.patch * 0004-hfsplus-Fix-gcc9-error-with-Waddress-of-packed-membe.patch * 0005-acpi-Fix-gcc9-error-Waddress-of-packed-member.patch * 0006-usbtest-Disable-gcc9-Waddress-of-packed-member.patch * 0007-chainloader-Fix-gcc9-error-Waddress-of-packed-member.patch * 0008-efi-Fix-gcc9-error-Waddress-of-packed-member.patch- Use %doc for older products for compatibility, or may end up with unsuccessful build result * grub2.spec- Revert grub2-ieee1275-open-raw-mode.patch for regression of crashing lvm on multipath SAN (bsc#1113702) * deleted grub2-ieee1275-open-raw-mode.patch - Add exception handling to FCP lun enumeration (bsc#1113702) * grub2-ieee1275-FCP-methods-for-WWPN-and-LUNs.patch- Fix LOADER_TYPE parsing in grub2-once (boo#1122569)- Create compatibility sym-link of grub.xen in the old location to which old VM definition is pointing (bsc#1123942)- Add patch to fix ARM boot, when kernel become too big: * grub2-move-initrd-upper.patch (boo#1123350)- Replace old $RPM_* shell vars.- Support long menu entry by scrolling its text left and right through the key stroke ctrl+l and ctrl+r (FATE#325760) * grub2-gfxmenu-support-scrolling-menu-entry-s-text.patch- Improved hiDPI device support (FATE#326680) * grub2-video-limit-the-resolution-for-fixed-bimap-font.patch- Build platform-packages 'noarch' and move to '/usr/share/efi' for SUSE Manager. (FATE#326960) * grub2-efi-xen-chainload.patch (bsc#1122563) * grub2-efi-xen-removable.patch (refresh)- Support for UEFI Secure Boot on AArch64 (FATE#326541) * 0001-efi-refactor-grub_efi_allocate_pages.patch * 0002-Remove-grub_efi_allocate_pages.patch * 0003-arm64-efi-move-EFI_PAGE-definitions-to-efi-memory.h.patch * 0004-efi-Add-central-copy-of-grub_efi_find_mmap_size.patch * 0005-efi-Add-grub_efi_get_ram_base-function-for-arm64.patch * 0006-Add-support-for-EFI-handover-on-ARM64.patch- Change default tsc calibration method to pmtimer on EFI (bsc#1114754) * 0001-tsc-Change-default-tsc-calibration-method-to-pmtimer.patch- ieee1275: Fix double free in CAS reboot (bsc#1111955) * grub2-ppc64-cas-fix-double-free.patch- Support NVDIMM device names (bsc#1110073) * grub2-getroot-support-nvdimm.patch- Translate caret back to space as the initrd stanza could use space to delimit multiple files loaded (bsc#1101942) * grub2-util-30_os-prober-multiple-initrd.patch- ieee1275: implement FCP methods for WWPN and LUNs (bsc#1093145) * grub2-ieee1275-FCP-methods-for-WWPN-and-LUNs.patch- Fix broken network interface with random address and same name (bsc#1084508) * 0001-ofnet-Initialize-structs-in-bootpath-parser.patch- Fix outputting invalid btrfs subvol path on non btrfs filesystem due to bogus return code handling. (bsc#1106381) * modified grub2-btrfs-10-config-directory.patch- Fix overflow in sector count calculation (bsc#1105163) * grub2-msdos-fix-overflow.patch- Downgrade libburnia-tools to suggest as minimal system can't afford pulling in tcl/tk and half of the x11 stack (bsc#1102515) * modified grub2.spec- Add grub2-binutils2.31.patch: x86-64: Treat R_X86_64_PLT32 as R_X86_64_PC32. Starting from binutils commit bd7ab16b x86-64 assembler generates R_X86_64_PLT32, instead of R_X86_64_PC32, for 32-bit PC-relative branches. Grub2 should treat R_X86_64_PLT32 as R_X86_64_PC32.- The grubxenarch packages are now architecture-independent. [bsc#953297, grub2.spec, grub2-rpmlintrc]- Fix config_directory on btrfs to follow path scheme (bsc#1063443) * grub2-btrfs-10-config-directory.patch - Fix grub2-install --root-directory does not work for /boot/grub2/ on separate btrfs subvolume (boo#1098420) * grub2-btrfs-06-subvol-mount.patch - Fix setparams doesn't work as expected from boot-last-label NVRAM var, after inital CAS reboot on ieee1275 (bsc#1088830) * grub2-ppc64-cas-new-scope.patch- Fix install on xfs error (bsc#1101283) * 0001-xfs-Accept-filesystem-with-sparse-inodes.patch- grub2.spec: change %config to %config(noreplace) Don't overwrite user changes to config files on upgrades.- Marked %{_sysconfdir}/grub.d/40_custom as (noreplace) [bsc#1079332, grub2.spec]- Replace "GRUB_DISABLE_LINUX_RECOVERY" by "GRUB_DISABLE_RECOVERY" in /etc/default/grub and remove test from s390x install section in upec file. [bsc#1042433, grub.default, grub2.spec]- Added "# needssslcertforbuild", which got lost somewhere, to spec file [grub2.spec]- Replace confusing menu on btrfs "snapper rollback" by help text. [bsc#1027588, grub2-btrfs-help-on-snapper-rollback.patch]- Use %license instead of %doc [bsc#1082318]- grub2-emu on s390 keep network during kexec boot (bsc#1089493) * grub2-s390x-10-keep-network-at-kexec.patch- Add grub2-freetype-pkgconfig.patch to fix build with new freetype use pkgconfig to find Freetype libraries.- Fallback to raw mode if Open Firmware returns invalid ihandler (bsc#1071559) * grub2-ieee1275-open-raw-mode.patch- Fix error of essential directory not found on UEFI Xen host (bsc#1085842) * add grub2-efi-xen-removable.patch * rediff grub2-suse-remove-linux-root-param.patch- Fix corruption of "grub2-install --help" and grub2-install manual page (bsc#1086670) * unix-exec-avoid-atexit-handlers-when-child-exits.patch- Fix Nvidia GPU in legacy I/O slot 2 disappears during system startup (bsc#1082914) * 0001-Fix-PCIe-LER-when-GRUB2-accesses-non-enabled-MMIO-da.patch- Fix packed-not-aligned error on GCC 8 (bsc#1084632) * 0001-Fix-packed-not-aligned-error-on-GCC-8.patch- Fix incorrect netmask on ppc64 (bsc#1085419) * grub2-Fix-incorrect-netmask-on-ppc64.patch- Fix UEFI HTTPS Boot from ISO installation image (bsc#1076132) * 0001-add-support-for-UEFI-network-protocols.patch- fix wrong command output when default subvolume is toplevel tree with id 5 (bsc#1078775) * grub2-btrfs-09-get-default-subvolume.patch - insert mdraid modules to support software RAID (bsc#1078775) * grub2-xen-pv-firmware.cfg- Rename grub2-btrfs-workaround-grub2-once.patch to grub2-grubenv-in-btrfs-header.patch - Store GRUB environment variable health_checker_flag in Btrfs header- Fix incorrect check preventing the script from running (bsc#1078481) * 80_suse_btrfs_snapshot- Fix disappeared snapshot menu entry (bsc#1078481) * 80_suse_btrfs_snapshot- Fix unquoted string error and add some more checks (bsc#1079330) * grub2-check-default.sh- The %prep section applies patches, the %build section builds. Remove mixup of patching and building from %prep for quilt setup Related to bsc#1065703- Check if default entry need to be corrected for updated distributor version and/or use fallback entry if default kernel entry removed (bsc#1065349) * grub2-check-default.sh * grub2-mkconfig-default-entry-correction.patch - Fix grub2-mkconfig warning when disk is LVM PV (bsc#1071239) * grub2-getroot-scan-disk-pv.patch- Filter out autofs and securityfs from /proc/self/mountinfo to speed up nfsroot test in large number of autofs mounts (bsc#1069094) * modified grub2-pass-corret-root-for-nfsroot.patch- Fix http(s) boot security review (bsc#1058090) * 0002-AUDIT-0-http-boot-tracker-bug.patch- 0001-add-support-for-UEFI-network-protocols.patch: * Workaround http data access in firmware * Fix DNS device path parsing for efinet device * Relaxed UEFI Protocol requirement * Support Intel OPA (Omni-Path Architecture) PXE Boot (bsc#1015589)- grub2-xen-pv-firmware.cfg: remove linemode=1 from cmdline for SUSE installer. openQA expects ncurses interface. (bsc#1066919)- use python3 for autogen.sh (fate#323526)- Do not check that PReP partition does not contain an ELF during installation (bsc#1065738). * grub2-install-remove-useless-check-PReP-partition-is-empty.patch- Build diskboot_tpm.img as separate image to diskboot.img to prevent failure in booting on some bogus firmware. To use the TPM image you have to use suse-enable-tpm option of grub2-install (bsc#1052401) * 0013-tpm-i386-pc-diskboot-img.patch- Use /boot//loader/linux to determine if install media is SUSE instead of /contents file (bsc#1054453)- Use the pvops-enabled default kernel if the traditional xen pv kernel and initrd are not found (bsc#1054453)- Fix reboot in UEFI environments (bsc#1047331) * Add grub2-efi-Move-grub_reboot-into-kernel.patch * Refresh grub2-efi-Free-malloc-regions-on-exit.patch- Add preliminary patch for UEFI HTTPS and related network protocol support (fate#320130) * 0001-add-support-for-UEFI-network-protocols.patch- grub2-s390x-04-grub2-install.patch : remove arybase dependency in grub2-zipl-setup by not referencing to $[ (bsc#1055280)- Fix minor oversights in and the exit value of the grub2-install helper on s390x. (bsc#1055343, fate#323298) * grub2-s390x-09-improve-zipl-setup.patch- Make grub2.info build reproducible (boo#1047218)- add grub2-fix-build-with-flex-2.6.4.patch - fix build with flex 2.6.4+ that removed explicit (void) cast from fprintf call in yy_fatal_error.- Support LVM physical volume created without metadatacopies (bsc#1027526) * grub2-diskfilter-support-pv-without-metadatacopies.patch - Fix page fault exception when grub loads with Nvidia cards (bsc#1038533) * grub2-efi-uga-64bit-fb.patch - Require 'kexec-tools' for System z. (bsc#944358) * modified grub2.spec- grub2-xen-pv-firmware.cfg: insmod lvm module as it's not auto-loaded to support booting from lvm volume (bsc#1004324) - Grub not working correctly with xen and btrfs snapshots (bsc#1026511) * Add grub2-btrfs-09-get-default-subvolume.patch * grub2-xen-pv-firmware.cfg : search path in default subvolume- new upstream version 2.02 * rediff - use-grub2-as-a-package-name.patch * drop upstream patches - grub2-fix-uninitialized-variable-in-btrfs-with-GCC7.patch - grub2-add-FALLTHROUGH-annotations.patch - update translations- update grub2-btrfs-workaround-grub2-once.patch to also store saved_entry in additional environment block (boo#1031025)- fix building with GCC (bsc#1030247) * add grub2-fix-uninitialized-variable-in-btrfs-with-GCC7.patch * grub2-add-FALLTHROUGH-annotations.patch- Fix out of memory error on lvm detection (bsc#1016536) (bsc#1027401) * grub2-lvm-allocate-metadata-buffer-from-raw-contents.patch - Fix boot failure if /boot is separate btrfs partition (bsc#1023160) * grub2-btrfs-06-subvol-mount.patch- 0004-tpm-Rework-linux-command.patch : Fix out of bound memory copy (bsc#1029187)- new upstream version 2.02~rc2 * rediff - use-grub2-as-a-package-name.patch - grub2-linguas.sh-no-rsync.patch * drop upstream patches - 0001-efi-strip-off-final-NULL-from-File-Path-in-grub_efi_.patch- TPM Support (FATE#315831) * 0001-tpm-Core-TPM-support.patch * 0002-tpm-Measure-kernel-initrd.patch * 0003-tpm-Add-BIOS-boot-measurement.patch * 0004-tpm-Rework-linux-command.patch * 0005-tpm-Rework-linux16-command.patch * 0006-tpm-Measure-kernel-and-initrd-on-BIOS-systems.patch * 0007-tpm-Measure-the-kernel-commandline.patch * 0008-tpm-Measure-commands.patch * 0009-tpm-Measure-multiboot-images-and-modules.patch * 0010-tpm-Fix-boot-when-there-s-no-TPM.patch * 0011-tpm-Fix-build-error.patch * 0012-tpm-Build-tpm-as-module.patch - grub2.spec : Add grub-tpm.efi for Secure Boot- Fix invalid Xen EFI config files if xen_args include GRUB2 quoting (bsc#900418) (bsc#951748) * grub2-efi-xen-cfg-unquote.patch - Fix linuxefi erroneously initialize linux's boot_params with non-zero values. (bsc#1025563) * grub2-linuxefi-fix-boot-params.patch - Removed grub2-fix-multi-device-root-kernel-argument.patch as it has regression on how GRUB_DISABLE_LINUX_UUID=true interpreted (bsc#1015138)- Fix for openQA UEFI USB Boot failure with upstream patch (bsc#1026344) * added 0001-efi-strip-off-final-NULL-from-File-Path-in-grub_efi_.patch * removed 0001-Revert-efi-properly-terminate-filepath-with-NULL-in-.patch- Temporary fix for openQA UEFI USB Boot failure (bsc#1026344) * 0001-Revert-efi-properly-terminate-filepath-with-NULL-in-.patch- grub2.spec: fix s390x file list.- require efibootmgr in efi package (boo#1025520)- Merge changes from SLE12 - add grub2-emu-4-all.patch * Build 'grub2-emu' wherever possible, to allow a better implementation of that feature. - add grub2-s390x-06-loadparm.patch, - add grub2-commands-introduce-read_file-subcommand.patch: * allow s390x to telecontrol grub2. (bsc#891946, bsc#892852) - add grub2-s390x-06-loadparm.patch: * ignore case and fix transliteration of parameter. (bsc#891946) - add grub2-s390x-07-add-image-param-for-zipl-setup.patch * Add --image switch to force zipl update to specific kernel (bsc#928131) - add grub2-s390x-08-workaround-part-to-disk.patch * Ignore partition tables on s390x. (bsc#935127) - add grub2-efi-chainload-harder.patch: * allow XEN to be chain-loaded despite firmware flaws. (bnc#887793) * Do not use shim lock protocol for reading pe header, it won't be available when secure boot disabled (bsc#943380) * Make firmware flaw condition be more precisely detected and add debug message for the case * Check msdos header to find PE file header (bsc#954126) - grub2-s390x-04-grub2-install.patch: * streamline boot to grub menu. (bsc#898198) * Force '/usr' to read-only before calling kexec. (bsc#932951) - grub2-once: * add '--enum' option to enumerate boot-entries in a way actually understood by 'grub2'. (bsc#892852, bsc#892811) * Examine variables from grub environment in 'grub2-once'. (fate#319632)- new upstream version 2.02~rc1 * rediff - use-grub2-as-a-package-name.patch - grub2-s390x-04-grub2-install.patch - grub2-accept-empty-module.patch - grub2-btrfs-04-grub2-install.patch - grub2-btrfs-06-subvol-mount.patch * drop upstream patches - 0001-dns-fix-buffer-overflow-for-data-addresses-in-recv_h.patch - 0001-build-Use-AC_HEADER_MAJOR-to-find-device-macros.patch - 0002-configure-fix-check-for-sys-sysmacros.h-under-glibc-.patch - 0001-Fix-fwpath-in-efi-netboot.patch - 0001-arm64-Move-firmware-fdt-search-into-global-function.patch - 0002-arm-efi-Use-fdt-from-firmware-when-available.patch - grub2-arm64-mknetdir-add-suport-for-arm64-efi.patch - 0001-10_linux-Fix-grouping-of-tests-for-GRUB_DEVICE.patch - 0002-20_linux_xen-fix-test-for-GRUB_DEVICE.patch - 0001-xen-make-xen-loader-callable-multiple-times.patch - 0002-xen-avoid-memleaks-on-error.patch - 0003-xen-reduce-number-of-global-variables-in-xen-loader.patch - 0004-xen-add-elfnote.h-to-avoid-using-numbers-instead-of-.patch - 0005-xen-synchronize-xen-header.patch - 0006-xen-factor-out-p2m-list-allocation-into-separate-fun.patch - 0007-xen-factor-out-allocation-of-special-pages-into-sepa.patch - 0008-xen-factor-out-allocation-of-page-tables-into-separa.patch - 0009-xen-add-capability-to-load-initrd-outside-of-initial.patch - 0010-xen-modify-page-table-construction.patch - 0011-xen-add-capability-to-load-p2m-list-outside-of-kerne.patch * add - fix-grub2-use-stat-instead-of-udevadm-for-partition-lookup-with-new-glibc.patch fix compilation with new glibc- Fix build error on glibc-2.25 * 0001-build-Use-AC_HEADER_MAJOR-to-find-device-macros.patch * 0002-configure-fix-check-for-sys-sysmacros.h-under-glibc-.patch - Fix fwpath in efi netboot (fate#321993) (bsc#1022294) * 0001-Fix-fwpath-in-efi-netboot.patch- grub2-systemd-sleep.sh: Fix prematurely abort by commands error return code and skip the offending menu entry (bsc#1022880)- Add support for BLT only EFI GOP adapters (FATE#322332) * grub2-efi-gop-add-blt.patch- info-dir-entry.patch: Update info dir entry to follow renaming to grub2- Add serial module to efi image. Serial terminal is still useful even with EFI Secure Boot- Support %posttrans with marcos provided by update-bootloader-rpm-macros package (bsc#997317)- Remove outdated README.openSUSE (bsc#907693)- 20_memtest86+: avoid adding memtest86+ to the list with UEFI booting.- Fix new line character in distributor (bsc#1007212) * modified grub2-default-distributor.patch- From Juergen Gross : grub-xen: support booting huge pv-domains (bsc#1004398) (bsc#899465) * 0001-xen-make-xen-loader-callable-multiple-times.patch * 0002-xen-avoid-memleaks-on-error.patch * 0003-xen-reduce-number-of-global-variables-in-xen-loader.patch * 0004-xen-add-elfnote.h-to-avoid-using-numbers-instead-of-.patch * 0005-xen-synchronize-xen-header.patch * 0006-xen-factor-out-p2m-list-allocation-into-separate-fun.patch * 0007-xen-factor-out-allocation-of-special-pages-into-sepa.patch * 0008-xen-factor-out-allocation-of-page-tables-into-separa.patch * 0009-xen-add-capability-to-load-initrd-outside-of-initial.patch * 0010-xen-modify-page-table-construction.patch * 0011-xen-add-capability-to-load-p2m-list-outside-of-kerne.patch- add support for netboot on arm64-efi platforms (bsc#998097) * grub2-arm64-mknetdir-add-suport-for-arm64-efi.patch- use $PRETTY_NAME instead of $NAME $VERSION for $GRUB_DISTRIBUTOR in openSUSE Tumbleweed (bsc#995549) * modified grub2-default-distributor.patch - grub2.spec: add http module to grub.efi (fate#320129)- binutils 2.27 creates empty modules without a symtab. Add patch grub2-accept-empty-module.patch to not reject them.- since version 1.7 cryptsetup defaults to SHA256 for LUKS - include gcry_sha256 in signed EFI image- Workaround default entry in snapshot menu (bsc#956046) * grub2-btrfs-08-workaround-snapshot-menu-default-entry.patch - grub2.spec: Add true command to grub.efi (bsc#993274)- grub.default: Empty GRUB_CMDLINE_LINUX_DEFAULT, the value will be fully taken from YaST settings. (bsc#989803)- Add patches from Roberto Sassu - Fix grub2-10_linux-avoid-multi-device-root-kernel-argument.patch, device path is not tested if GRUB_DISABLE_LINUX_UUID="true" - added grub2-fix-multi-device-root-kernel-argument.patch (bsc#960776) - grub2-zipl-setup: avoid multi-device root= kernel argument * added grub2-zipl-setup-fix-btrfs-multipledev.patch (bsc#960776) - Add SUSE_REMOVE_LINUX_ROOT_PARAM configuration option to /etc/default/grub, to remove root= and rootflags= from the kernel command line in /boot/grub2/grub.cfg and /boot/zipl/config - added grub2-suse-remove-linux-root-param.patch (bsc#962585)- Support HTTP Boot IPv4 and IPv6 (fate#320129) * 0001-misc-fix-invalid-character-recongition-in-strto-l.patch * 0002-net-read-bracketed-ipv6-addrs-and-port-numbers.patch * 0003-bootp-New-net_bootp6-command.patch * 0004-efinet-UEFI-IPv6-PXE-support.patch * 0005-grub.texi-Add-net_bootp6-doument.patch * 0006-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch * 0007-efinet-Setting-network-from-UEFI-device-path.patch * 0008-efinet-Setting-DNS-server-from-UEFI-protocol.patch - Fix heap corruption after dns lookup * 0001-dns-fix-buffer-overflow-for-data-addresses-in-recv_h.patch- fix filelist for s390x- Fix grub2-editenv error on encrypted lvm installation (bsc#981621) * modified grub2-btrfs-workaround-grub2-once.patch - Add missing closing bracket in 'grub2-snapper-plugin.sh'. - Fix snapshot booting on s390x (bsc#955115) * modified grub2-snapper-plugin.sh - Fallback to old subvol name scheme to support old snapshot config (bsc#953538) * added grub2-btrfs-07-subvol-fallback.patch- update grub2-once with patch from Björn Voigt - skip comments in /etc/sysconfig/bootloader (boo#963610)- Make sure all systemd unit files are passed to %service_ macros.- Add patch to free memory on exit in efi environments (bsc#980739) * grub2-efi-Free-malloc-regions-on-exit.patch- Remove xen-devel from BuildRequires required headers are included in grub-2.0.2- Add support for "t" hotkey to switch to text mode (bsc#976836) * added grub2-SUSE-Add-the-t-hotkey.patch - Add support for hidden menu entries (bsc#976836) * added grub2-Add-hidden-menu-entries.patch- Correct show user defined comments in menu for snapshots (bsc#956698) * modified grub2-snapper-plugin.sh- Fix GRUB_DISABLE_LINUX_UUID to be ignore and also fallback kernel device won't be used if fs uuid not detected (bsc#971867) * added 0001-10_linux-Fix-grouping-of-tests-for-GRUB_DEVICE.patch * added 0002-20_linux_xen-fix-test-for-GRUB_DEVICE.patch- new upstream version 2.02~beta3 * highlights of user visible changes not yet present in openSUSE package - arm-uboot now generates position independent self relocating image, so single binary should run on all supported systems - loader for Xen on aarch64. grub-mkconfig support was not in time for beta3 yet. - improved ZFS support (extensible_dataset, large_blocks, embedded_data, hole_birth features) - support for IPv6 Router Advertisements - support for persistent memory (we do not overwrite it and pass correct information to OS) - try to display more specific icons for os-prober generated menu entries - grub-install detects EFI bit size and selects correct platform (x86_64-efi or i386-efi) independent of OS bit size; needs kernel 4.0 or higher. - LVM RAID1 support - xnu loader fixes which should make OS X menu entry generated by os-prober work again - key modifiers (Ctrl-X etc) should work on EFI too - ... and lot of fixes over entire tree * rediff - rename-grub-info-file-to-grub2.patch - use-grub2-as-a-package-name.patch - grub2-GRUB_CMDLINE_LINUX_RECOVERY-for-recovery-mode.patch - grub2-fix-menu-in-xen-host-server.patch - grub2-efi-HP-workaround.patch - grub2-secureboot-chainloader.patch - grub2-s390x-02-kexec-module-added-to-emu.patch - grub2-s390x-04-grub2-install.patch - grub2-s390x-05-grub2-mkconfig.patch - grub2-efi-xen-chainload.patch - grub2-mkconfig-aarch64.patch - grub2-btrfs-04-grub2-install.patch - grub2-ppc64-cas-reboot-support.patch - 0002-Add-Virtual-LAN-support.patch * fix grub2-secureboot-add-linuxefi.patch - use grub_memset and grub_memcpy instead of memset and memcpy (caused errors due to compiler warning) * drop upstream patches - 0001-grub-core-kern-efi-efi.c-Ensure-that-the-result-star.patch - 0001-look-for-DejaVu-also-in-usr-share-fonts-truetype.patch - 0001-efidisk-move-device-path-helpers-in-core-for-efinet.patch - 0002-efinet-skip-virtual-IPv4-and-IPv6-devices-when-enume.patch - 0003-efinet-open-Simple-Network-Protocol-exclusively.patch - 0001-efinet-Check-for-immediate-completition.patch - 0001-efinet-enable-hardware-filters-when-opening-interfac.patch - grub2-xen-legacy-config-device-name.patch - grub2-getroot-support-NVMe-device-names.patch - grub2-netboot-hang.patch - grub2-btrfs-fix-incorrect-address-reference.patch - aarch64-reloc.patch - grub2-glibc-2.20.patch (related code dropped upstream) - grub2-Initialized-initrd_ctx-so-we-don-t-free-a-random-poi.patch - grub2-btrfs-fix-get_root-key-comparison-failures-due-to-en.patch - grub2-getroot-fix-get-btrfs-fs-prefix-big-endian.patch - grub2-ppc64-qemu.patch - grub2-xfs-Add-helper-for-inode-size.patch - grub2-xfs-Fix-termination-loop-for-directory-iteration.patch - grub2-xfs-Convert-inode-numbers-to-cpu-endianity-immediate.patch - grub2-xfs-V5-filesystem-format-support.patch - 0001-Add-bootargs-parser-for-open-firmware.patch - grub2-arm64-set-correct-length.patch - grub2-arm64-setjmp-Add-missing-license-macro.patch - grub2-arm64-efinet-handle-get_status-on-buggy-firmware-properly.patch - 0001-unix-password-Fix-file-descriptor-leak.patch - 0002-linux-getroot-fix-descriptor-leak.patch - 0003-util-grub-mount-fix-descriptor-leak.patch - 0004-linux-ofpath-fix-descriptor-leak.patch - 0005-grub-fstest-fix-descriptor-leak.patch - ppc64le.patch - libgcc-prereq.patch - libgcc.patch - 0001-Fix-security-issue-when-reading-username-and-passwor.patch - 0001-menu-fix-line-count-calculation-for-long-lines.patch - grub2-arm64-Reduce-timer-event-frequency-by-10.patch - 0001-unix-do-not-close-stdin-in-grub_passwd_get.patch - 0001-grub-core-kern-i386-tsc.c-calibrate_tsc-Ensure-that.patch - 0002-i386-tsc-Fix-unused-function-warning-on-xen.patch - 0003-acpi-do-not-skip-BIOS-scan-if-EBDA-length-is-zero.patch - 0004-tsc-Use-alternative-delay-sources-whenever-appropria.patch - 0005-i386-fix-TSC-calibration-using-PIT.patch - biendian.patch - ppc64_opt.patch * drop workarounds for gdb_grub and grub.chrp, they are now installed under fixed name * do not patch docs/Makefile.in, it is regenerated anyway- Make mkconfig search for zImage on arm * grub2-mkconfig-arm.patch- Add support to directly pass an EFI FDT table to a kernel on 32bit arm * 0001-arm64-Move-firmware-fdt-search-into-global-function.patch * 0002-arm-efi-Use-fdt-from-firmware-when-available.patch- Add config option to set efi xen loader command line option (bsc#957383) * added grub2-efi-xen-cmdline.patch- Drop ppc64le patches. Build stage1 as BE for Power Droped patches: - grub2-ppc64le-01-Add-Little-Endian-support-for-Power64-to-the-build.patch - grub2-ppc64le-02-Build-grub-as-O1-until-we-add-savegpr-and-restgpr-ro.patch - grub2-ppc64le-03-disable-creation-of-vsx-and-altivec-instructions.patch - grub2-ppc64le-04-powerpc64-LE-s-linker-knows-how-to-handle-the-undefi.patch - grub2-ppc64le-05-grub-install-can-now-recognize-and-install-a-LE-grub.patch - grub2-ppc64le-06-set-the-ABI-version-to-0x02-in-the-e_flag-of-the-PPC.patch - grub2-ppc64le-07-Add-IEEE1275_ADDR-helper.patch - grub2-ppc64le-08-Fix-some-more-warnings-when-casting.patch - grub2-ppc64le-09-Add-powerpc64-types.patch - grub2-ppc64le-10-powerpc64-is-not-necessarily-BigEndian-anymore.patch - grub2-ppc64le-11-Fix-warnings-when-building-powerpc-linux-loader-64bi.patch - grub2-ppc64le-12-GRUB_ELF_R_PPC_-processing-is-applicable-only-for-32.patch - grub2-ppc64le-13-Fix-powerpc-setjmp-longjmp-64bit-issues.patch - grub2-ppc64le-14-Add-powerpc64-ieee1275-trampoline.patch - grub2-ppc64le-15-Add-64bit-support-to-powerpc-startup-code.patch - grub2-ppc64le-16-Add-grub_dl_find_section_addr.patch - grub2-ppc64le-17-Add-ppc64-relocations.patch - grub2-ppc64le-18-ppc64-doesn-t-need-libgcc-routines.patch - grub2-ppc64le-19-Use-FUNC_START-FUNC_END-for-powerpc-function-definit.patch - grub2-ppc64le-20-.TOC.-symbol-is-special-in-ppc64le-.-It-maps-to-the-.patch - grub2-ppc64le-21-the-.toc-section-in-powerpc64le-modules-are-sometime.patch - grub2-ppc64le-22-all-parameter-to-firmware-calls-should-to-be-BigEndi.patch - grub2-ppc64le-fix-64bit-trampoline-in-dyn-linker.patch - grub2-ppc64le-timeout.patch - grub2-ppc64-build-ppc64-32bit.patch - Added patches: - biendian.patch - grub2-ppc64-cas-reboot-support.patch - libgcc-prereq.patch - libgcc.patch - ppc64_opt.patch - ppc64le.patch- Backport upstream patches for HyperV gen2 TSC timer calbration without RTC (bsc#904647) * added 0001-grub-core-kern-i386-tsc.c-calibrate_tsc-Ensure-that.patch * added 0002-i386-tsc-Fix-unused-function-warning-on-xen.patch * added 0003-acpi-do-not-skip-BIOS-scan-if-EBDA-length-is-zero.patch * added 0004-tsc-Use-alternative-delay-sources-whenever-appropria.patch * added 0005-i386-fix-TSC-calibration-using-PIT.patch- Add 0001-menu-fix-line-count-calculation-for-long-lines.patch (bsc#943585)- grub2-xen-pv-firmware.cfg: fix hd boot (boo#926795)- Add 0001-Fix-security-issue-when-reading-username-and-passwor.patch Fix for CVE-2015-8370 [boo#956631]- Update grub2-efi-xen-chainload.patch - fix copying of Linux kernel and initrd to ESP (boo#958193)- Rename grub2-xen.cfg to grub2-xen-pv-firmware.cfg (boo#926795)- grub2-xen.cfg: to handle grub1 menu.lst in PV guest (boo#926795)- Expand list of grub.cfg search path in PV Xen guest for systems installed to btrfs snapshot. (bsc#946148) (bsc#952539) * modified grub2-xen.cfg - drop grub2-fix-Grub2-with-SUSE-Xen-package-install.patch (bsc#774666)- Add 0001-unix-do-not-close-stdin-in-grub_passwd_get.patch Fix reading password by grub2-mkpasswd-pbdk2 without controlling tty, e.g. when called from Xfce menu (boo#954519)- Modify grub2-linguas.sh-no-rsync.patch to re-enable en@quot catalog (boo#953022). Other autogenerated catalogs still fail to build due to missing C.UTF-8 locale.- Allow to execute menuentry unrestricted as default (fate#318574) * added grub2-menu-unrestricted.patch- Add missing quoting for linuxefi (bsc#951962) * modified grub2-secureboot-use-linuxefi-on-uefi.patch * refreshed grub2-secureboot-provide-linuxefi-config.patch- Include custom.cfg into the files scanned by grub2-once. Allows to chose manually added entries as well (FATE#319632).- Upstream patches for fixing file descriptor leakage (bsc#943784) * added 0001-unix-password-Fix-file-descriptor-leak.patch * added 0002-linux-getroot-fix-descriptor-leak.patch * added 0003-util-grub-mount-fix-descriptor-leak.patch * added 0004-linux-ofpath-fix-descriptor-leak.patch * added 0005-grub-fstest-fix-descriptor-leak.patch- Do not force ro option in linuxefi patch (bsc#948555) * modified grub2-secureboot-use-linuxefi-on-uefi.patch * refrehed grub2-secureboot-provide-linuxefi-config.patch- add 0001-efinet-Check-for-immediate-completition.patch, 0001-efinet-enable-hardware-filters-when-opening-interfac.patch, grub2-arm64-efinet-handle-get_status-on-buggy-firmware-properly.patch (bsc#947203)- Set default GRUB_DISTRIBUTOR from /etc/os-release if it is empty or not set by user (bsc#942519) * added grub2-default-distributor.patch * modified grub.default- add systemd-sleep-plugin subpackage (bsc#941758) - evaluate the menu entry's title string by printf * modified grub2-once * added grub2-systemd-sleep.sh- fix for 'rollback' hint (bsc#901487) * modified grub2-btrfs-05-grub2-mkconfig.patch:- Replace 12.1 with 12 SP1 for the list of snapshots (bsc#934252) * modified grub2-snapper-plugin.sh- Fix btrfs subvol detection on BigEndian systems (bsc#933541) * modified grub2-btrfs-06-subvol-mount.patch - Fix grub2-mkrelpath outputs wrong path on BigEndian system * added grub2-getroot-fix-get-btrfs-fs-prefix-big-endian.patch- If we have a post entry and the description field is empty, we should use the "Pre" number and add that description to the post entry. (fate#317972) - Show user defined comments in grub2 menu for snapshots (fate#318101) * modified grub2-snapper-plugin.sh- add 0001-grub-core-kern-efi-efi.c-Ensure-that-the-result-star.patch make sure firmware path starts with '/' (boo#902982)- Fix btrfs patch on BigEndian systems (bsc#933541) * modified grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch * modified grub2-btrfs-06-subvol-mount.patch- Fix license for setjmp module * added grub2-arm64-setjmp-Add-missing-license-macro.patch- Fix install into snapper controlled btrfs subvolume and can't load grub modules from separate subvolume (fate#318392) * added grub2-btrfs-06-subvol-mount.patch * grub2-snapper-plugin.sh: use absolute subvol name- also Recommends mtools for grub2-mkrescue (used to create EFI boot image) in addition to libburnia-tools.- Support booting opensuse installer as PV DomU (boo#926795) * added grub2-xen.cfg for tracking default pvgrub2 xen configs rather than generating it from spec file * grub2-xen.cfg: from Olaf Hering - replace grub2-efinet-reopen-SNP-protocol-for-exclusive-use-by-grub.patch with upstream version: * 0001-efidisk-move-device-path-helpers-in-core-for-efinet.patch * 0002-efinet-skip-virtual-IPv4-and-IPv6-devices-when-enume.patch * 0003-efinet-open-Simple-Network-Protocol-exclusively.patch Fixes EFI network boot in some QEMU configurations.- fix grub2-mkconfig-aarch64.patch: fix arch detection broken by malformed patch rediffing- Cleanup patch not applied * remove grub2-enable-theme-for-terminal-window.patch * grub2.rpmlintrc: remove addFilter("patch-not-applied")- Merge changes from SLE12 - Do not pass root= when root is on nfs (bnc#894374) * modified grub2-pass-corret-root-for-nfsroot.patch * modified grub2-secureboot-provide-linuxefi-config.patch * modified grub2-secureboot-use-linuxefi-on-uefi.patch - Fix xen pvops kernel not appear on menu (bnc#895286) * modified grub2-fix-menu-in-xen-host-server.patch - Workaround grub2-once (bnc#892358) * added grub2-btrfs-workaround-grub2-once.patch * added grub2-once.service * modified grub2-once - Fix busy-loop and hang while network booting (bnc#870613) * added grub2-netboot-hang.patch - Add warning in grubenv file about editing it directly (bnc#887008) * added grub2-editenv-add-warning-message.patch - Fix broken graphics with efifb on QEMU/KVM and nomodeset (bnc#884558) * added grub2-efi-disable-video-cirrus-and-bochus.patch - Disable video support on Power (bnc#877142) * added grub2-ppc64le-disable-video.patch - Track occupied memory so it can be released on exit (bnc#885026) * added grub2-ppc64le-memory-map.patch - Fix grub.xen config searching path on boot partition (bnc#884828) - Add linux16 and initrd16 to grub.xen (bnc#884830) * added grub2-xen-linux16.patch - VLAN tag support (fate#315753) * added 0001-Add-bootargs-parser-for-open-firmware.patch * added 0002-Add-Virtual-LAN-support.patch - Use chainloader to boot xen.efi under UEFI (bnc#871857) * added grub2-efi-xen-chainload.patch - Use device part of chainloader target, if present (bnc#871857) * added grub2-efi-chainloader-root.patch - Create only hypervisor pointed by /boot/xen.gz symlink (bnc#877040) * modified grub2-fix-Grub2-with-SUSE-Xen-package-install.patch - Fix xen and native entries differ in grub.cfg (bnc#872014) * modified grub2-linux.patch - Fix install error on ddf md device (bnc#872360) * added grub2-getroot-treat-mdadm-ddf-as-simple-device.patch - Fix booting from NVMe device (bnc#873132) * added grub2-getroot-support-NVMe-device-names.patch - Document peculiarities of s390 terminals * added README.ibm3215 - Grub2 for System z (fate#314213) * added grub2-s390x-02-kexec-module-added-to-emu.patch * added grub2-s390x-03-output-7-bit-ascii.patch * added grub2-s390x-04-grub2-install.patch * added grub2-s390x-05-grub2-mkconfig.patch- grub2-arm64-set-correct-length.patch: arm64: set correct length of device path end entry- grub2-efi-HP-workaround.patch: * try to read config from all-uppercase prefix as last resort. (bnc#872503) (boo#902982)- add luks, gcry_rijndael, gcry_sha1 to signed EFI image to support LUKS partition in default setup (boo#917427)- enable i386-xen (boo#891043)- Downgrade os-prober dependency to Recommends (boo#898610)- grub2-snapper-plugin.sh: cleanup grub-snapshot.cfg not referring to any snapshot (boo#909359)- Require efibootmgr also on i586- Require efibootmgr also on aarch64- grub2-snapper-plugin.sh: fix use of printf without format string; fix quoting- grub2-arm64-Reduce-timer-event-frequency-by-10.patch: fix periodic timer on arm64- enable 32bit arm targets for uboot and efi- Replace 'echo -e' command in grub2-snapper-plugin.sh script to 'printf' command. '-e' option of 'echo' command may be unsupported in some POSIX-complete shells.- fix bashism in post script- grub2.spec: Fix conditional construct which wasn't supported by older versions of rpmbuild (caused error message "parseExpressionBoolean returns -1".)- fix errors when boot is btrfs with Windows partition scheme. The first partition is created on cylinder boundary that can't offer enough room for core.img and also the installation has to be in logical paritition which made MBR the only location to install. (bnc#841247) * add grub2-setup-try-fs-embed-if-mbr-gap-too-small.patchh04-ch1d 1763489856  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~2.12-150600.8.44.2adler32.moduleaffs.moduleafs.moduleafsplitter.moduleall_video.moduleappended_signature_test.moduleappendedsig.modulearchelp.moduleasn1.modulebacktrace.modulebfs.modulebitmap.modulebitmap_scale.moduleblocklist.modulebswap_test.modulebtrfs.modulebufio.modulecat.modulecbfs.modulecmdline.modulecmdline_cat_test.modulecmp.modulecmp_test.moduleconfigfile.modulecpio.modulecpio_be.modulecpuid.modulecrc64.modulecrypto.modulecryptodisk.modulecrypttab.modulectz_test.moduledate.moduledatehook.moduledatetime.moduledisk.modulediskfilter.modulediv.modulediv_test.moduledm_nv.moduleecho.moduleelf.moduleeval.moduleexfat.moduleexfctest.moduleext2.modulef2fs.modulefat.modulefile.modulefont.modulefshelp.modulefunctional_test.modulegcry_arcfour.modulegcry_blowfish.modulegcry_camellia.modulegcry_cast5.modulegcry_crc.modulegcry_des.modulegcry_dsa.modulegcry_idea.modulegcry_md4.modulegcry_md5.modulegcry_rfc2268.modulegcry_rijndael.modulegcry_rmd160.modulegcry_rsa.modulegcry_seed.modulegcry_serpent.modulegcry_sha1.modulegcry_sha256.modulegcry_sha512.modulegcry_tiger.modulegcry_twofish.modulegcry_whirlpool.modulegdb_grubgdb_helper.pygeli.modulegettext.modulegfxmenu.modulegfxterm.modulegfxterm_background.modulegfxterm_menu.modulegptsync.modulegzio.modulehalt.modulehashsum.modulehello.modulehelp.modulehexdump.modulehfs.modulehfsplus.modulehfspluscomp.modulehttp.moduleiso9660.modulejfs.modulejpeg.modulejson.modulekeystatus.moduleldm.modulelegacy_password_test.modulelegacycfg.modulelinux.moduleloadenv.moduleloopback.modulels.modulelsmmap.modulelsxen.moduleluks.moduleluks2.modulelvm.modulelzopio.modulemacbless.modulemacho.modulemdraid09.modulemdraid09_be.modulemdraid1x.modulememdisk.modulememrw.moduleminicmd.moduleminix.moduleminix2.moduleminix2_be.moduleminix3.moduleminix3_be.moduleminix_be.modulempi.modulemsdospart.modulemul_test.modulenet.modulenewc.modulenilfs2.modulenormal.modulentfs.modulentfscomp.moduleodc.moduleoffsetio.modulepart_acorn.modulepart_amiga.modulepart_apple.modulepart_bsd.modulepart_dfly.modulepart_dvh.modulepart_gpt.modulepart_msdos.modulepart_plan.modulepart_sun.modulepart_sunpc.moduleparttool.modulepassword.modulepassword_pbkdf2.modulepbkdf2.modulepbkdf2_test.modulepgp.modulepkcs1_v15.moduleplainmount.modulepng.modulepriority_queue.moduleprobe.moduleprocfs.moduleprogress.moduleraid5rec.moduleraid6rec.moduleread.modulereboot.moduleregexp.modulereiserfs.modulerelocator.moduleromfs.modulescsi.modulesearch.modulesearch_fs_file.modulesearch_fs_uuid.modulesearch_label.modulesetjmp.modulesetjmp_test.modulesfs.moduleshift_test.modulesignature_test.modulesleep.modulesleep_test.modulesquash4.modulestrtoull_test.modulesyslinuxcfg.moduletar.moduleterminal.moduletest.moduletest_asn1.moduletest_blockarg.moduletestload.moduletestspeed.moduletftp.moduletga.moduletime.moduletr.moduletrig.moduletrue.moduleudf.moduleufs1.moduleufs1_be.moduleufs2.modulevideo.modulevideo_colors.modulevideo_fb.modulevideoinfo.modulevideotest.modulevideotest_checksum.modulexfs.modulexnu_uuid.modulexnu_uuid_test.modulexzio.modulezfs.modulezfscrypt.modulezfsinfo.modulezstd.module/usr/share/grub2/i386-xen/-fomit-frame-pointer -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:41493/SUSE_SLE-15-SP6_Update/e6dc3b29ce8ffa747795fc83b17b4cef-grub2.SUSE_SLE-15-SP6_Updatedrpmxz5i586-suse-linuxELF 32-bit LSB relocatable, Intel 80386, version 1 (SYSV), with debug_info, not strippedASCII textPython script, ASCII text executable%u4Q=utf-8e9ad4e379613118459ed7a9c1dd09a5931ee1b91d45b518f0f33d5f27e7a516f?P7zXZ !t/˶]"k% C¿De]Ui aY4󱮐gT1s/KХ0˥Hg0#I$f|6@C 7J=kΙR]ᴕr4ȾQجK RݬzI=>v0??eYIq*̰AnG>ǷFineI7\]3skʡ 1BfCcv ؆ͥ >vF0Vœ̀>Aat|QN(َj//-/4t? }}Qd$ >,+/ e:>n2&M灃z Fډ {tKLrfSڧtHN$کCfQ l5u@JguJzT>F4JᛌcߗZ$ V7qlˬEǧ;z`IjuYzFVI~O! O%|J8mi LFB.Czw{ԍ\A(Br0|Es>62fs'ɂ7^@@wmq;ښbN+.ӿ}疾-}9+4U0 0inwY?/-J֑j-I3[8.oG/,ҧ(a51.eaTn"߅d,Ts%D2t)ɂ]f[.p Icjx05Ms2eI:x{#EJiR5rxV.KFԘ`턙{98 qoS<%>+L& K5nO},op,ʒ7k伃e.ЋB(cNUytȢod=_z^Z@5W!jk Mi1 k1OVt<\)KxOl .]J+Ds>@ޅڣZISJK w" >^>rJM|Wb_.B;) \P ~fC/h]5; St4k>J{d{:1]M+K89a$eмdsٮK% ~O`uL'wAY8&*1Ѕ<֭ptً{2:PT=)Gdw|O9ci+.U -7IdKLyZJkݕP'W1,5&JSE#!7TgUάu>hgW/Oҿ$3ŗ2?y6I$]}`W 6v+ $(h h8v*y ́5՗/4`ToP7ݚ qQT&wC|d^=ZX4QhE wdK]JA3<.¦=Zeo8aO/BU^G*kjJi?W$ME m9}{gU,ݢ̡x'MirkR,:dִ[o F@\ijPFZx,x Įm$ћ!($S">Yp/(U֢nIXE=CRs|xq>EJ{Ś HӭOҹNIp}bD/[O8Ǽ&fVެ& :K|AUV)ˇ)#eKlT+g](`q$e*c5&1(D$F1y`I9ܩ2vH|6! X ]͐Bw2?]"KW r(hqL/Lp (-z{g{Qe.EprV$_g Qլv2+EGLV 8D7Q T(3(ߩ.Knvیn\Ugu:(8|ZW96YЩ*2 LwR2aqKB!V:ds z@em[O0BzvO s8AfG5_ӭ x>]0lb`+wymi[?Z-A,sF T Op=[LoƸT%X1B<{a*N8cY.IMDeX\i/exe:DZ'gʳߧe)Yk Í/Xx8O U~u_{B8N)w-|0iW57dzh.C +YU4s؎ h dY5kjyfSY,*dض9~AԒko*/!>IMkC'D)^6ᧂc#r ڃݑη;~'KՍfz(\F?D#$I(EssJQ1R٬zh&;XN0^"|"3>^L#@@XD5 Vo>95[Ŗ7s;bh,[ 䑘[ut={+$VOlj:=.3_ utЂ ZQQg )O{ -6ı/xb:.\j{y6@_=0ҩ߃*7d~r!o#?'7E^Q})/&ku%|,Aj8:50 "l ޹&8.f~}Qֺ>c5akTxCZa<*j9'ov\0 N@Rƺy3VGPYl^4֡SHl 4.[k?NϓWL |MZm/l*,Le4$)g.]ZU*ڱ9M*d؉@([Ce _Bd)ЍDLzK(יl/lMG%Q ̬ut-h",S~>} "LpuT4B19fpt0 DD;pWYbמ_-thG#{oé Uf >E'"*h3GߴeBYw;lZB4H˾$:նi|bo k='S&4w>wZY_vwK̑vc &1F{ξ>72vƬBb`Q.GaV6>8\D#}43RԳrΧ|ψÛPK։Qs!:c! pv</0`mT"*s65 vUP^4 yd2#};s^͸ 5|3(h0X|>{{0Uv+YLߛ@/:|f YQ`ui(H#1F?LJ?t@<$z~%R N!Mܥ֝!v̊J,njq=Ţw&g}30v_;W`ykxsn'ǜଠ)ulX#eƎ!z4-m[d ?=I_LI﹌oI'[E dPxI Gܫ4MQGg$ R4 [5`N-n&m~o˸< ك2 /@ZIh>R+E9?k'k>G#v̎Xq wU2LkwzrB}*f=CtcU'a);a A-A7I`  px?@bX,6mU̬Ͼi:@CxTʬ`mF<01& `V;.Xj(,BI!F ݭ kݸW-}B5zdoEbO$xOK+2Mu_BDiM\W[bf$,TTG& MYfpG]r"9=?}ݞ@$`'Nb>i{C:#e[}ʅ cZdL>Ω暚_$^KK~41؈r|wo87 >jeXBTBK&k7Z%GMyQ y@Aa'|IxDQ5 c?0Ӳ_5#τt<-|\A{Hb@?v f{K%Ti*> 6_f;З6Bn!DQMVwo,n? >a#h;8R`|ݞol@ @3 '768(vJPe6ו 0^ \0g)Tfk9wÉǠ"L#Zz30f"oQI* K1ȧ)S`AZmcjlqud:RE[F=()ɅęFG<{6~g/fzPIB8瑈wu:nq0i׳>e'f01޾s(%cP)Ȣ<7P":zZ)>\WΖ/F/{_<4`țs0(׊ ]y(6vx(H񱡬t )T8x0Ap|h*w[-#9hV Fsy34!}[R~pP<t0WFBt ~ .c:u<9SV4=h psXB 펛TI7 kL %%^J}(T N&3;G@l)c 3_\_Myب{θB\QvKuAl6;|?l#=(+(Pr_lQHd>V&/:p#*wgt7}u >~gingC.G^%p4_w=+h2 jaA6NQuz'n׷?}\9x8"7DN3>R =XO4N=ߧM5zۉ_*C`u zP=^2SJ%T9:nW_Ζ6wp|sEu.DVO ;hE0gOc%o=*iwDDF.C=*)&ꅛǧ*_n%tnfuN3wGzi@Lݿ ֶ0bapV`;K䴧cкN3ĆՌh­$mJAN JgԼ V%/yt@ Fi q"p.lZ;E?裈sەwAì3Oof1P#[h,Y/ vRtn8=?:o >ll*0_sipqH5ם]RvѰnc-XGiY\ip]@KԒuF:MzB ycef?yAK_%c\<ʫ4C@άHj)dUa| )b-.Ul3d*ɝt @/ 0p/G|VL^1D*$$ $v˜xN*H1IPxԒuCMcߟ \@MHvʱam2r/Kq.aE$x-:/sSb GNޖ*iZK&RQ &) (Efl eCpfV}^<\!y_x򔞲(KR^";&E~XDӴI <(eUˬ F9; @Qꚑ=Hr$r!9q?PዚÊ~ M3XlݒPMގDd:{V (ZDg}ӟofl5i㯎 dJ>lt)g+B$>:B`] #6nnFL4QQ JdW8NH="4ƸLBTY$]gڽpUg ְx,,_/@zaV 6 ,GcXT4'*36ƪJR. p/w-iKb> lYcho @R"GX!ث M;ߒDZb;vlVnBC*b<ܾߊ+?cd`{*pd#@܎#CH9|`<S:3:H1Atyth~Ie13k[;Gۍ^[_g*@bpGf?tդ8[s8$-`VU{$zWϛrʧ.&=+"WI&@,ėv&n2qu }afdLGK݉'Fsojhrwb d&kI&^d-4;Z޸ja!h*Bkp(Ra^GG54ػهdI9 H!=lYź; ՟)uW}+D~QōU6uL\aV t!}A-'ʚSG&L pr!ZOAթEL s8~xM+RSf3pBHtNr|+{<qdA˗])McbLۄ/9GaI"}_ ehȚ~(yJh{HţmBK3_ ] R&V/ h`c0+oLH8SXvB)9؈kYߊ<i S)|zʁJ<•uOc◩4;I_XRæEJm@|˼S qPcmnIEO7ٯWRKhܫ0f6I%V![Gh&Ph=1#t$ 9@ 8^`S~yu!$?ӆmI噾f6Gu8/H-6]vtqB?7:?'sfv{pҒSx:5;tJ _<W(50K,'}ͼjҘU;TjF ?RbKxG/8]05&K]g|C7z*I/Ձaȫ;PGu+/a+ *gt>?ք!ZppPyГR*vc dG9oF q`9ő5`@G[}z0܅J m:N $W|"eXfSsDq3ve3![56KH8vX`S\Ec94u'NCl{Ɠ ^b*ho\1kPr E6AMt{R.ȐXԑ|95h֓y$uz0t{ f_ 7l8^sf>jeHҸ"rÇ G -Y~>0 *e|3ebo0;dl\{~hkv;\P~,B%pz^Bt19O`mLПU>XsOyוƊn'; {/?vStIʓ>~Ma nH_77^ t*l[N4_dk)J 6JA ƅTkE]']QE{Ȓ;܇fTpn9$( Ox}9IqpK'8XngW`+"℘HҿTTY|&J|R4+ T۾%+FGbJWnհ%A(1sn~`':Z z3ys/ #A@T\jKޞ6+޽|cr+&WТѰy'`:5+MvC7WciI*8zVe9J6Wp 6eDjւ M$5 ΕS}I }Tb%r倒 rq8),Yqe7mlGN1c-_½g_3;gl 9,{PU>9ee Ɯ5ǴH>% š^F|>Wl>"=ߝT붆%ΎL)D &CI˹ӞBr } .bR&?ǒ']1~i5^%Yz,Prdzg qr#K|A/z~"&gLE8MpCp o'|3K,  qPF 6KiO % xP;vaW#&uP ]JBXWq9B&}k ΤD5%n$Vi:y(-.F9|L{Pe[}nI %aG肆N3{YMQq *#$]; a]N9a@:h~laoW:hBs|BZ4V^ : $~DDbQ3#5硕Aa'N}m#li,Ȗ©zJ$oFrʅ9$)+'-[ \=l~mudpb_2b?Z_ڃERjz0a~)O\u8~9/s+Eb6 ںމ?R܎fOwj~m1>*W m׸نjYڭx= p. E>PRjp@JxDNLin&ƅ'U)I_pϸA`h:Q>=ɛgO$倕ۍwhSE{(`+B*2?"ȁ׿%0 srxlZ-ARU) js\-ҁ{$6:W<{LD2N^ $:>W 9I'GŰD."5tGF-+9) *ZTSg$fHj2ʯ>>*ec3oz6zs=1>]%^i)*d$mK CD$ACyV ~P2+}(s3]kՀ5fCK`\P4 |+23[YANҥE[f˫Z VURx3K_]$ɢǢk;(r29_5>p=ÖA]{=XcOUƔ<鎯 øzSP JjW-T _6yDU׻_ǵ 1?#C ߣl;2r,1#"߸21ݵKFA5ǧf+6| ٸO`+< Ć e ^E▼oqCzƗ).(#&uT6 @IayYizRӜ6h<|bOB_$,qDye=okܐb=䒌ɫ/ ]+AD0&y[+U=]3dnf)/:ai$-NR\b0CdK5cjSL5W*nP$}#NؘO`T;]:Z=yC? a\@h3*vtǾT rdWjZk 4Hf % =VAY 1nDiE8z6lICgQ _- KAbyqUb-eέfsk3=؆Xz%֬z1pHhKϼ}a]$y/=*MEJмAL4ć5:tx].阗t Id(>=A C<'ԫ}ιrrZ?<_ZQ>';߁x5WaI`/ec.Z܁Gj"H.L_=ʣ /`;,30TsKQ$u`PDT }nL[F> $~Re!g),>M@8$sÏ>;XAi,4В'm7XHakƻi\ ^U$ xJ [|zO8%:h0N*Bq;wI[-ALqz4*j쩕HjGTK(bZ[vF\0HwM!Q8M :[u:aضW㶙ۑKNr>4^X.ZMw00|0_.\FiT|yF0;ŋW:B 3{,N藌)f_R0mt6DM;4+"B'OiU9[u {>G%ZÒr[RK׆h:T0&"QoTK-5qO粑sIV@E]穸tW1;"}K2",{yNLM9ƊhXLAu_<\fJ#⎫T? )6 wa?IRŤn)d(b)V.\l`D:a/kt0n㌓EoW&<MtKY|]y(фZM|:k뎌E]'\qIMoGX2s^ҢMelWXm3ө9ɎI$.jҳM,kAX$ȷX,#ZҘp ffUh;Zk\/\faIGญE/w_yP|lL!{% .K[+sŏkIں\ V.i$@d@MʽIy.!eJoFXtPN؇xjZM Z7VdZZ,Xrwywt 'Od`Hڰ;݊txsݕF^_sZj i,` (렫K3˝tt,&I%l4jw;sGGi+tF)uշ#+ },rlTՂiT/\iR3ٳ9XQ\ú\0U=[a̩I{dVxFQ 6GfPI^(,C jVA!gYp$W9a0'NBҌ\8"ol/a2^J!yLc'ZHmFl@ X!+2$w8:ՙ5eiޖ>ږZ?o M+L߄ 0%Xwe`[al|)g KKl`2 a{+uAG`Zn27 Ρ`&?.k~zXbբ3UWe&c{Rv989xZY0Pij."}|]_uC .sJ|ڕnjE@zbqEݩA>Sz* 0={]_Jer*s_K2ά 0P] ȌtĔ Lq1G">կ峏dߘcnx/7_n)-jQ!M0Cu{WpۦB9μ0GC=sa)˲e1 I잍VSϽ$V:S OQCRW],? 0MpV1P E( aNOr5=@BByQcnބtfN E2<:Grځs, ttȒMA Ru>MZSBK%D歵`Dv%IPjR7aMf59̣J޸o>VNV 80A*VTvro<9|@Y|nٌ'E 9vKWl `̉r8H? o+w;k/TJubvufû [y c'pFtم{Qg$r8Q "WteLԱ`WWQ}_o%`w57eo\X -crc,g,iP?"KMh_,S"WL&f|pv& ) ;S %X,\voZ[!'<:@-Nk^d&ŧ3&^y)T{~hݡhk{Tv#˾JJ-[Qޖjd0_r⅑ qŝAŪHo?_@vJdMe~8+UIgkx;`o-VJ>f\$RP#\xֽ7VQ8do5QF;ҠSC3Kp%BuQ&-I6- dnS9^0)0ƣ.4> "Sh_ h8}¹puNm,.\F]NsL8$#;-PIHF-8^nz"3*AJ=Vz|}g*"•}=C3Nx[\2 HhA K/*^Q"^ԍxƊaOD3\sEzK͕]oƁGpwW%W4X*3q&@Y9;ᣠ\koم ^)dE+#DȇO[ &YxȒ0]ߴ{A)ө [Қ-BI { k3_ dSd iFkj&lpE!рPM0IA^@mSEB콩]OK%!9|u+n [uCG _$i+պX`<Q-;? ջeCU~vb|3u.yzhF\~8."ʄG+Kt…R @Pc#fGt.DtRjLb3 X[?kckJ\Ծ>"y$UluWa GE#%kys3 8X Yt,4{>"Udf Uu1[`&TMdwU~A}g8q̘=$uA2ƜuRU3aƇUKeH{}Py^oPY|`R+ߘ8Ho1ѭ Qw(0$HiЎ|Âdv8*h"J& YXCr:h*LOvumR_Q iQAB- ?siLA?OP@BaA7߂vU#Β*RyH*ýUG 3eQ$&'NC>ρ4]^As >09iq6yC[m׎],px]Zgyވ _Nlo],QY˂h O$GOb-4o`^,H51ۅ(&(xҲymY(kG磎UNkm%Y9~́{V`PB ":XuF]s(X8: y(XŭÊ09= {{ wOv?_ۨ;GPqԚ́i"U MaQS?o5cHC \$D;1g QwI[K9W$9DLdia&sQ\$m|7%4D8*Ѷ/A&;j `qj@?SNשF% 5MF߲ɝFF_ǢU3w%(H_V5KL` IlaHc],Cx'Z׍6>R7, P{ =s6JNjkrLAk%D p0πs^կr|9̾g ،Œ7ҜZe#fG xTMW}KS@FԨZϛ\c% \DPMV6C? `ڃ:߱͊HASEi:F;X_w ci_l]9ˀv^̱fԕj4PTJXm; #NAdX3SvlITIu?8Ρqfi7rSAANW]ьN l{B*#0USԸH&<[ PF# Ք$Ug'~:>9jSZb %s XrDiWv*XV %b2^pǙOm4XThG)D} @6]dЛ &VNM!@/srl+: 55kGC@ϙ5lu_^K~Č4*nA8z_qk]g+{IFl[=ƶ)/F6g@@I"+wç*гԎ4׶ѝ2+")+Ls )"م~N[6~y8iբLeD{(^`$\9ɫmczZm q| x4ry̬I*̒$B僇ܛU"aU %F<CDz:`]55C۱5N1di u~tJ(ͷ?/~5T!Iq4ǹ.»bz7(Avc ^bƯ4V;gp"y0:mk\*Q"X}ո3c(4'n}Z;euH3=Lt&$z [4DϞ@/QIL ĆD'.[QuD(eRN|V`3tl\K, wڲ'Uk%PV\oU]((;g"qa3RDZ542HvZ’X߫\p趺J԰RrF[2YÄiGnia;g/ebݢvUc~3o?(s>D7HP0M\3Γ_OT2:hSMpoYe,'UD`E_0xU(;"[zۣ9,wZݷ@un.C߰ XM ̟A\A߬&:,.]s @-REb`%B7eg/y)$&:a SQl>fHc??Ä XYOZ5m3= =& k74#W@jI䂍jls~\uVI?'U:,]1j|0__ҧVvaߋ+.:+9h aNL0P*hՀ%Tl7ݙ) kVX@3K+t)RgTivAdm :nlcxuA'2H.s/P4Z) Y(r&Y> NNiI,'gkEIb %cel'/N)vf=2LZqADDFC=kHxRWYgq5gg/IUc3q=oOi []'?v:DS]~"E qO?h]E.Yp8]X?+% ǴRހLsU'5ghyBXvEpum!ý~Ƞ:C{% s0x}ħn6 ƨCo{P>/`VeutZ -#7>,G>K3=MInۼ}<2m C)* 6w*2# >yĐ;"]fY9?DCUAzIs0b1uabbs+Ĩ@+qt&vqAB';_]D֍Pxf99zhAYa_(K/19:i:d}fUAHe#D6 }ĹLsaDD4S!J|=ʹdY7Nn;Y㆒eؗi*0OD}aT}ӐjZ姁}yiaYq<wJ0ŤH'}3/mB)]PJ PhpKf7} ݣi|/#y]d#`! M =Q?\UǺsZ)YȓǨ](uH XpA~!b+M" [@r(`9 \ gY :l;}S]Rxe͑Ux$ _᳈4% V"CfֈG~i89\Z1_ԶU)N(l(kVNRk| > sti]:mV P/&f!J/>(pCl5Fy2Ęy6`K[PV`q~s0?WHm'1 XCe1ElcB&Ud$G4T]HXr!]LAu9⥡-oGOA+e;v.nA7;ŵq8'Ecl$N{KNiڐCx1Ȼs+FGc.u4܌/e]S' _JZݿ9}_#ܞ( [vay"jT nCNN',D&_ZSxUt *bXla=U5A70G\] %̟_! [?`WR:{Pi] lHA=~*jЅ&pp\$8_!|zd~SLHe E)2FUm@kZ%2<@;8 GX}Q h n˜K1ʢvc(coJlʃ p78R5˧-Ni%bt,"CiAhhc8ǹ"OYl~l<0ROzJ?'BJھ[r̫gM*Z`kn`UOޡnEd#,tKVa)*1Dewy= $Yɗ݊j)+6P}S}fc ٜYE,ly ,sب̢xcNtAuqq2 #Ծ(W,zm޾f Ǻg]m윭> '>(a8P[wͿD2?@4ENmJn0nxv)#!Z‹e̘g˴h۽gvHR%wc;N )V5K^G^|q+-kW jݦBA׋=d{U Ũl}Tn |A,9ylak Pʚj~a[xwW] <-̈́R}!LիdIaMs9d룓@mDv|@w{z  b χ)L0 ݉S ]5 uUjŇ: cӄi N<)PQ8lo*3ۘ|?>s[nBEB]tP9uLkgH.P-LM?D󪮢vAxA<$>=7 ScU~M HP-M XIr-gJhBZ\Б8C{>9$0mw!H1Ɓ"ST,Qq+@t-/UvBa zTFy1Vp|bqE,^qOwCwުMgzT1'RYK;w.a3[ >d9NSU]FS.yq1D {?=:j.~Qa$vc{Jt'D+lP%Dw?L"I>v]Hn"-?M .<({ܵ9N` 5(A2 qΦ{>h wZ[C4w!0+!:8̟mUHgڷ;yCa/ZVB &z IaKԄGs'LN)dgg.=>h>5i{SC\uڳ y|#Y|\A U~s0xuhNfS :䖧\VLwۀIv S*~pMRbV>EsGч31N A2Ɛeә5hYN#DQ`P'T ,~UBG96V^s$xorgkl ?K~! `_mI0Op*c۠442y ܃}*tqZt;aHWSӀVlռlx5 Gvq|_Rw퉦*)m AtX״`YE&s%"SY-ZR [Wa.FD]{%&ٖYꢙڔԯɛ}LT%Y:v8;aZ*Wj[DGhi'h -"nđ5ۮF,y6>\/4ݖj?1A"Hչ4i/:zBƉz> T-*:"'] VO l9Vo:Oe-;Ho rO.Hi(@koe d]gψ~D*sˇ}P8;уב@o?5!mwN3߲@Wjӄ~k{KinÜTot,حZ>d"'jCfU߰84&M=P([?Ő9[g`ό+G Kpw=AsNx&]AtYȄWѭ6H%ޭnɤD#88Ig?B:-.;c71#"'d9t }`;gn2hѕxvtgX >1\o쒗\d _}Ư+C//0O=bkW{~B3Gz-^+ZS .-II(R3?j{J5P&9_&K D8Lp/"r# n`ϣVgD!U]|^nZ WpQyT;9&y2˓;XčUԮttIreyŽD>b>?wt- w{UIא^?4@0gg~kayhj,RTJ:^)tL[ey c WAŠZMXÐ0F >m)8'b/rʜsFNˍlc7!UsZbaabJoqs"Uϛ$liKWӝ^BwkHlxrk!iey&lUFt\-JHu >Rw?A Q/!5١' 9iW ! xHS?d{QnU`MԅYgbcՎn˽^\QQ#[}#~BߥGI3=C*'8WC6gX%wKĞmgsrLQ`]seLU5wJ E/W!Ln?ĦA,Las:hBL&Sӱ=c/jp[P-[p%XeSWY5Gs}JixCVoe(bZ\1/nsȉE` 5T4V3S6(0*}W ~2RaEoTvp޷=X+-8o-xmd+oz:(@27--J3vY3 i^6e$٦9~=oWJ$'\>MTD9~12n>o O_J~ϝVOc8x@8m\?9p^M\T38t՝G6gE4qV#e(~~&mq8 &@W7i-X%hxB!YVB8D''|+3WW>+(EQn8UpX7T ˚3}:3f {`q( ?+8b=*0t"(;+yd{\`G|ei.zJ1:Ab)i`֬5I>y Yr&hpey 4A_vA~ng~ބҦLDzT;xPuE!]7Gq.($0!+RͦN ޡyw.)h̿cx_>|8]7@YPtzB#g;5Snԗn0uK f˩ ҫTƶ=m0 L#hn_(x.zpiWE۾zP\פ"  ;] Hd%8{C}gzWݚmng0hYycUp1WnohҾ*> :%飃 b 8|JԂ u [NFEA?斱Џq^%!(xUJ8<(1{׭wZ8A*Y?׊ePt}@0LcOn.=A0gEHFSveަfn/6r)/lOJȰ51!w#ܳa}v#?2 sqww8FK.J<5 ωK+*2 fR(xI>yϑ9?\kte)o|>})>EGǜ fU%"# MHxe$W.QFlNSiNbEn{9QxOGeAm?h选9WX}(#vfV&-~Alʴ$J7~L85w.do1-W > #&gQX tv>F[V&0۲*Zac+1gQ݂azѰLZfQ1@$VqJvȷ9h0{Dڇ3Ȁ`G ݷtR~דQT(8L l!&xx/S䆾DxB*FxVX%^64bB`[J5I% osDwְ[*MVN=e0M|@%vOm+*4?Os !}yNw8p~'EoI0֟!V.[#ʴY 9~VD`p"pgͳhUWArH@Ȉs_'n_fSQ=~j%{V5O+"y}Xܷ]jTaN4U025/ |`d& v3DұD' y=o xѽ@!zYԐjQɗ'6׌Ca$]mKs>üVSŸZRjk*5\nQPj_EȧҨaZȠ |;Yf`W%(H*IXbS7fdT 3doYEs. !M 2E$4z ƀB"/d3@Z^#XU򻲻fuwX1PO~ВA$@[?xW6Oem2.ޛO`ѿк]| ̸m)?l<㎫f1_ @A5ɜn}Qg= d|(qF塚3yde`*?$M222+S{ϙYt͘sb6**ԐW@jdbY|Pux eu]wy XcZq1kƅ? i:,_I*,Jɂu :_ho?QrFh/wJ0I[sC4rQ6mD捛&6zmñ^ hrjEURx>KҴ 4FT4Tjx9(Zr#Hd[:'{1,umVi>--u߯#ILA! am22⩊ \< 9 k[`Ý@ñFӮnjH){?a:gZ@๡4Ӊ0ED[T8 ddIQF(R$!^4'.)v|?}dIQ{򼆡ޫWFnPPfݬDxI=tuLI>͟)tx*x"īpt>nkCm(ސBʻF~]@őp"B[Y#2 NC+dQ|rat X'%#M/#\ęp:R C Mw tVγNj橱[s Ox V_YgB[#[mˏ_VdR"-??!.9]"Sp i55ˍNd>1Y> F-.*XB ϳ yQv(WcWKe?g)EYj;c ' F$ 6OPHByՔnċ86.2<-8*$Ѿk͉<r - hx]M :rƓ,]A`sRdS7}&-pUO۟)F\P"]^|7U+/W,,VvZTPa֧ooŊ4ToA.cx١&e41n-h8zgj;.8WnB>TK,pɴSαFfAj}3_چ1 UScBYc/L9xěX#k#5`έ!;2'vs8Ղc*m0X^x1k#g7<["R8_]/Ƞ5UM|K駷KIԖ.Lo+Z6tNU׍8GX,4_N('m1u*V dHAJ*@L 95֞˕{@k+BJNф+v6 hؕtgu‡T=R8ou#ɶoF=c.$tңݚ8[(bB)$j.]&5p`TK{.'䴑z@)|khIρ륭0r{jџX@H6y'κCQ{;Qw +RW Cg:?b>[6ke l#ŗiSW$fe P >Y&?ߦb|^:poNI`ztv t~xc~ y_i?QoZG%WFKi8~' 2v$/ۡu ˎ).HJ Zn~"欧EOCll7/{Ѹ }V{%=8nW/ϴmz_ǩ+_ H `u_~P#o8ioD^Pج˅Qu!cc ?<_}BtPLT 8!6Œx )MNJisNzEk}&飼#@vG  pb=Tcْv=l@ ӧsÌz&SF&۝!e`5m (-vȨ3la!5fksh[Y(+fl 2mR.q?rTRXV^Rp.7B 5nm[/3¸;ɅOrWgIU+ʫma`5>jjLdhxj424P 1ZkhC3ͫ4;'=.mj=斢4ж 0é'7E^n5̇kޱ`ʷ;'Q{gcV^%JRK,*]J!Ɗ}[!ch2)[0" ,wz` 62c^o5S`!#ʓ2D[ȅ,|^Zbi=1p$OrmScd [Mxo WwH4ݎNk $Mwb%*cBH珒y>`9Z`o=L7oy%VPIRpdk4*o3p@6$ O|?=wo`m66g-j%uPOYc@;%,8a un3Jgu! n7qVJFzsM([.e{ M\aqr8Qr9|ˎ"!24r2]49+Zѣ5#p=[o|anko>0i| 1{N GiG~V> g췴贑5m%BaTqKʰ ?Id+9B椽8 ;fˢЬmx V )1TgsvmlcÜdKXJP&2O\]͸[<^U6n^,F邼5&c:!GeNE0*4|O) 4&7\h@{_,3J$=n9w,|0 b(M^쐠c#I:b?wmʠ!, CN t(~* w hvEXBlU%1ZP YryEjE9Nf肦gBH>]^!D\۶:`]Z %:\ crGV,ˎr :/ŎLJs^'2A I-'a+ ;IJvMbWJ'B bg Մ܇@2]Rn7ڛy;aqqF }&̹ۧL7az'Q64j<邽G.My Q UYEF\#lMwI\) 2 xD(msGRh:xq1"s,`f::2:̷~]w15.@'Uu`,duN `[BJK#r$47qkOTiv]z'0;-fbE(QuKɌU(h* X/__]E`0|F'⌬˵fL:R ni!'Ƴ&͈X kF*]$167lOg6hZl%ִ.<;7-9@f})69[' \|^]#ͅ_cjEd82N6{:n0ڏE؞1Eb潟ԊdٌFf!Р6-| d֏FICd1r;D>md,(dX|4jkl l< Sjy^|t&>l #x&WPu7ɐ/+v*oZX;0l vi%ҙ6 g /;?XIƚO"bcP7`KSƐV8|t̢pPDyE"} >Iҍ;08o-Yiz^1HXɺ-11qC}b4EmLUݬ,M/Y H9&uN1@4̎|(-61Qq7 Vmqr^{Yc3 r%KEVir{}^#ۙiy}r~3]=RCޯ"/YSe[!TB 9tXI< &pwcfL,96xiiD$Mt*?Ы8UǮJO}ڡDH򪹸! G;dË=++v+&z,%L <9f!lLS !*3N1P(tZg-dKTKg~6dyKme7T׮U\e-ķ08t.e' B/l5-]+ex~ȚQ01ؤ2'AEh,':Wܨ%gܘ Xk~ȶ 49"UoyDs=SjN Tӱ<+> \?6R6TF^1]?G{td@8EIK~y6औ %ڄ2,f>EMl%:qAvSO4y [ָ;mOs=|;S{lUL*e:3<ĕ}ѤBuz~ݖ{޾%״4y v]Lp tD$+f42LS[8Zo5?@5>2ֶ8MYrl(vP/@+M0i>T pI-^n Эkeyphw) vnw^kzS3 ziTE `[4տĚGp\rSD(7~ rdwA,t@} 'zJ[$]Hr EyLf*Hf6=0/@^ V>r!b/0w+{φNByE:ik-\ 8CS݀1[><.TD wY2:GR+Fi-UQWP~kb{(>ho.R>9sIjvye`(64:5OX }"ڠNjSv] Ԅ)vifyfyQ͓tvCfX5T|G@sr#ßYei&VgtJG2 ,>mz)*a6ةp/+j QVm~{7sz>__;aaf s_䅁Dy/w *8y D,pklq=z`\_kVœŵ\۰̾SnHVEB _Eg.W!!Q t⍥0&Y;;jV^KtW))ׇ!:չI%/ $R ?>R.7WC ޮQI8F=}z򽅅OY; a@omM|{KƯN~zAO\95,PݯvĬ[.<\q!u,YB|$dl E 4ߓ?Rm寣V ?;hJ$8h2wm28$X@r/[5&gp _a %kYIM}vRkev/Ja5-F#۲ xEhۋh"րq* ɀx%DHYLEyrӬ0F`iWom5`3e;j+$_]D>UUn>xz "M?~dRtE=g5PTA_2KJWx7;91SPQ8I4ygI/[f_7:ȥH> ^̬~yI=~(vd([TeM,^2Qnɤ 5<OV[BM"j\r_٣y4|VP, Vs)ޮ~ {K7b~S0`3R}Uʓ0 Erܹ+L*|vϷ=l1z sLO/k)6g0yڭǚvy_0JZQ,]e ~",S 1>%a@ʷz=^]#dPp(_6X0%d%lrvY\;'$Nm%0b{~<.mŢ];f[ ء"5lE;rTGV*#idX \PX0S+,e>$-L2.7dK3+["FKB!JBD;a_mOʶS:ҾW[.x9͠R6eá8ԉ0!֕μ|s/O89s#(*|G[?c2:5(aS?t8 mYb)W(CnO],wUxYaD׺ҝ=@.̂pBWf`oץ2B%{ګ68#b`DN(';![++5mFT ilZݵW2y5dp+ta=Ducȕ-!LG*[ϧ84nZK;l2A1n k`ӕ#1õv>PK/na +)ZCr{Z,ByOUIU@WΎ:/h8o3B}W_%QK.==6r5l0|s: xjE#wFa-59?},ye+2.5:F-x1vvB4vyyk<\130{p!ny]aJyfgs59,&YYf @u-󒭡!߿hgQ6,|o$Kxb,x1jUa`{ .a6N@v GkhbGbPmNJcck :λTGډ%L8r=3u>ްdcm:$YQqYiwv5M `O9&>=,}nAE!DCVV\{oU̗_ETөń`8؟o+DՎol ٍ f~-,àP^Y:y[iEx $<O]P_1Z9Hשp+>M{*9d STLX)w{Fni䩛Ij]x/S-4^&ca,"ew zzƒ!Y"L7D%V-gV kAtrE_'P۪ց鎻l\4&0yPx/ :HϩF2?xZ}bqsXMX!! ha듨KAG3lǝ7$|u1jsh(<!\$ /6Ŭt9" |`%GNHu~u6{ia'YGx2'S^2raŃKGJDѕP!lƣq9pu~52ê(#iCXJ.CA|lZyðw+A6yRLŮm2Nw+S7hY2,+yW^/Eo2=ڧWVhVLQtdlwBլEPRAOy c|$X}+N(]&"N#} A#3UÀÅgH'Wgx4FU_ 2CmML wFӊzb`k09HwdFŷN+U]y ɓ8B<6G'ڃt̆h=ُVﶺ}`qqP8e[gD.rmw"c䟋ЪGX 1&t)w$I[5ydI_7v҄j 8jGowRnpP+k^jǿ8 :+֢N\/QlX~YxӇ'L *!,w{=kRYU\6'>v ԩM^T竦oP?r'O֝,!5է4:ӻcu&fK(#8+*G\Ԙ rB UrJ\K{)̩PwWAkF::r3~ А.bYkOųڄtWiOfjF(p|5 dӺhsVU}|Bث:7ÿlu raӘSTu<@3Nb  ܽ) ,aN,fi1k }*u'Hbu#[@fz2,JՓVm ,Ir=n$hC.@83}`cYUϻm/eS5[v%JNƛU%E8 OT]fb ʧJKͺ؀]2S+aܩ=ݪGq_HX%^d5_{6JP|!nG_i-$Ɠk6G]W*8:T)KtDwQWp(2w C5%BŇE%+ZX+XP0 oҡS8gEt֚]M"ͣO$1 NY+c˓A!L-ڦLnsDHs"'߆ȳ݂ z]?2sg.L FףՄ%hXJRvbt#4N6]1)s.q~$0)B͊€ n~^MNP!h5S^~PG}yyj\KdHS5_pNI5vgIhi-"5?h|uGI{f u ?[3]C͡L$&VރL`O>h׃!y2q޺N־|dbV{fV(|olI;_U+da:f4R5ETxՓs.JUx{\uE!Cf.aaabO+<4 <-H;7 VI}i[ǨݗaOJRE 墦h ũac \֚x1G]I)s+oH ِfVX8ɷu~χ ny%6s|z%|gQx?{\nq̃"`c_5ul!EҤnp:sǮ%*/=|דBI@XHk[r9ڿBPn[k]O^>x+9)i1

6y+c t$*S==2;'Ț8.+pPFy0'37 6 Ĥ%>GǛlU>"Eֻ9[= _(hLQ̓$')8(/4b/ ?)Qyf;! ٰG9ʴ Q5pҝ6S"PGU*S\\Y 2]v"΀[K`7+@8# DցAE9҃kl PAuNTʝ^ G8vuJ^mtɈI|Ǩf'! S ՐaD6WJ) 0_m>.`EU'[!ߤ=.V!}a'&Zc!jb+.HM2&s62ϗ/\ᓳuY-Pr{[a5a'/]{4.lT'N(}Eٸp QSjL[xb'-ي-n(ǝxb7A=d,3Ѓa~y|AXn=&}%ό{dGl{=VE^y(ӽS=M:DOEI3aŷvN\W,W2&[ ch,[o*e$c*ef߯2Ї"y\W*TD)_"YI \Gh4+:+urŋuҐ5l{ A?7ztSHƃW@e|ѪUK"Z2zӐ2w!گ)wu$%B>h-6Iǹ> ŃqQrΗc:·ٍC:T3'w6S 7f_\8QmmSIEkJ\ 9nYa v+Z& à*Nsr6d_At|jXW!3 "pd VqA>UD FT鳰aN5.NnRRyT0jR\sܨ^LMƘ_-BRםӖtG\9ƬF?^VaV"LqoLi5dxʑ? FQVղx@U̫7E,Uކ+_U.`Lhq&:0#yf~b G3=ҵI594@K3*xb yJ&)> ( u j29}dcY˓ `0d~U$B4<烡VƜEy\eD!U$B'ޞx,Z< "G$7Ѥ<]>@ٕ qPUtWp/"oR7)n%gP-{:pZj ?,'A`Ih{\Hv6`zF >g *W"*cl}p Ꝕ*6gGf0$Bub9oˁIGCĄ7y>`h{ %_I1|tmw>\yz`g@%Qcb%v*d[3֭|E1*CF%x"N¨xZJNj?rky5 d Z&cOZ566po=z_<2*KU7k--.E]"#У}#6';OYe0;^%!vLVPs^YGc<: Aw4;@&!sM߿֒B 37ٙ. *l`r-dٍeqٴC,Q\Lm5n"Lh;x HDtX4!K\ Rayƞ%7Mu g7 rޒN^^s5s '{Jtש@wGlI:#ؾ I<" { xޒa"D.j*,( K|O)|q%E#n9|M|ihzpd]uөb07%:ɢة.{ HDA> u,6 zP ⤔mM;$ T\Q(Z≫=6=DU;3A} CbkTyoLNԫ#I6ԏNȐfä X\#desvgHrpo1VI@'IfC+^n>gGvHښ.Jx =GB J}S|qx-7PdT-z*4pjA9.hjf|ع޵%΂Gk!ʕ=)BSD3D,z 0p&~ƃ3o.itK ZBt A\1Yh=2CxyPX 6N 4F٧Og4qb ڇeJ1n>#\uڎo"ZmC%`HlDo^Y`P7o,cFY >@# aBB.N7[,ȄTeWb Np򉟸\xsuN(2m.+\Wyҳ߷>E(J8r6 w.κZyt678=}l>_vZw-'W.ѨnKVն(9t̽Wc+GҪb$<;\ŰE[`2*n lfMKZYNzfMx! PUcqG#-jDԾ=1 W3Gcԇ?0O<*xM[F@·C5K_/뇻#1;S!ND)icP(Od zH)@˙\}FԐHz;r:h7SqlU*+W 35[j衅Ta].'?GbPQ1EQ`~\ }ȕ@4ͿhEmpPJ)%ؿzϣ1mg-'7ș>mXGT;|dސUw?.5V"t!I ξieC՞<\pB# =)g[HPq2iQ,?N"|ZGR0]EXjfVm\ݛ+sf5 bD7O}S[~TkL*lR d[!q7}S5 Hfl{O]@:f.k%u YZ