grub2-i386-pc-2.12-150600.8.18.2<>,Ygep9|'<4TҤr")Faԛ(? (Q; ^Yc)9N*vȫu䓵ˢ[HqE{J1zމa1PL.յO3e떄v$PW 1g|M%OA܎fXܪq d F=(k{xtMEATh6O-6>[aא=;ɤ7 җp |-u|JiRct>@v?vd # Yhlx|  L33  ~3  3 3 _c3 `3ed3kc3qbq3vPv` v w% (wO8wXO9|O:O>D6GD@3HI 3IM3XO YO\O$3]S3^bbbccddedfdld!ud43vi wk3xph3yu4u8vKvTvXv^vCgrub2-i386-pc2.12150600.8.18.2Bootloader with support for Linux, Multiboot and moreThe GRand Unified Bootloader (GRUB) is a highly configurable and customizable bootloader with modular architecture. It supports rich variety of kernel formats, file systems, computer architectures and hardware devices. This subpackage provides support for pc systems.geh03-ch2c%SUSE Linux Enterprise 15SUSE LLC GPL-3.0-or-laterhttps://www.suse.com/System/Boothttp://www.gnu.org/software/grub/linuxnoarch loader_type=`sed -n \ "/^[^#]*LOADER_TYPE=/{s@.*=\(.*\)@\1@;s@^[\"']@@;s@[\"']\\$@@;p;q}" \ /etc/sysconfig/bootloader \ 2>/dev/null || :` for bl in grub2; do if test "x${bl}" == "x$loader_type"; then mkdir -p /run/update-bootloader/ touch /run/update-bootloader/reinit break fi done!*( >dK j$4<L $  y4 l    te <B4 @8lh T0D(hb&?4dlEt5l x TD, @@)J d ( K;B#0`bpd' <0(%@x  L!\  %$j<TX8Dw9,  lL=" @8 D | 4 8X" ,lT @tDT( l4- t )\pdd  < @ ho(` pH40 . \! D`  h0#p;x (th4 4 h\\F8/lh0  H<% *L $  'dp|!TDQ ! n\;LdA큤gdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgdgd071e41b030c59b3d9e2cbc50171645a3dd819fc2505938bd11af38433ad42efcbb71b1a958647e75ccd990c30e25c88b75f198c49c42944317a9bf952c06f2ec03843977c881f31ce7ff88e48db217a1c248404f198c7bdc9c5fe3aeff4b9ec47a900902dd5d6a014f256d394f2b5e87db507d542f37e5f847e78e61557eb4720edc86aa80e92a7d31a865ad5cce74cd4c43464bced3eb44794add582e506ce187e372ca4667ded88bf95ba48e0871f7e1c74c98205f9b9e0a8f59694b4410436c3a0a7c9628ce2102a07bc0966043ac773748d4b63c1ad494a1713084e5384ca8d901caa4a994c481feea58e47261e0ed6d32846e1184c506bf0885575f574fe9dc1c21ecfc359d349286377f8e53841e52b38f308feda0bd3205f4129cac3a2ab57da6d3add0a73c70e336c882c681cd5be93b6fed66422715326ad0734c22447f4fdc12e31248fb14483330a096fead352a1d2ca0fc0453a724c3c1a2760054071d6fcf124716b619886e695deed301513a46cc66a820b4c88a2077803ef98dbf19d287c91a771557f8f10220d756dbc30f1d60b06999672cf666c8ce472e10044eb7aa679cf77122af7831ec4fd4e5389f38fa5e47c815a0df89cf18bbb51d4b9dac2199b63b8f6a1349b89d0c3da44df95e8bc3971872acc2f5a7f5db274784fd714c2fb09b54927dc6605ec7c08356ee7811bdc4c9d79ee5ffe13294b117f047dd2e0598b264a0a0874dc8d63dceeee8482ce6f710910c18d0771b1c98354bb72b433c52ad0d5a2423303721398c177ee171ab3c1368391966d86bb09e21a8e21b3c4f53765e92c2034ca200518d64b11d6d66d7177d8122961cf6c5c60512fd2a51006d9e88f71260e4c6ed86c7eb7bc94a0dee2a61998dd60f229d914bf93098d09e0bc33cc7d1227ba87a781b923e4456bb03ed27cb80f80dd91f95396988f3baae5068a183d6ca85b9a13443ca531fd882a559023e56bd5a856a3e6343b7e9f06388566ea5b6e8a3535fbaec1f695a0b3793caee5386237d4d3450b0fa61321246f8d3509d4be85feebcae219f909a52ef7b0a7213c344a74f87b23566224ed6b9115ac26797d1cfd405bc229e4c5e99d6b18f12463cdf9ecbac672d3027be0a695db635d0bdccaf0a5184636956a0769bb634f26429908c9cfd1d1c9dce2e102959781563c7c1943172a950e206f5cc3c57995bc7540290009583724d6ec30826e0580e80172eaae6b583fd72b0be64f38e604a8af89febceeb041e1e48b2f739efbc84b7a4091ece30784b3aaa77f02de42b94f24f1e71a267bbf626640ab8de6cf5851dbb3932569d59c1932ed57db6b2be759b72111f3be14cb5944c5652ee2c85f0aa04bb8af1cb18fc65b611b04afb4f36336bc9eb3b33a67c6651daaec50e06a414f7d404d3ba696708b7cd1276049f87fed3f2f497b660353dd42c7ef5ea0ba1c489b8876c2de7a101e42a2bb9c40cb5c2c09ab0916d6c7d2b840f7c5f942f28409b8c710bb60f474ca53fa3ff26c7a0258d837a67d7ec501288484d9143c3f7a739b26b012eaa9ee0b41ca42011f7e97ee401e06e19d654c674c7050df60d24fef77ed631b28d90d81a882cdd9cb1f66dd3b44d96c43d319e2ab331b3a0f190a49d7e60896b96002134e0518ff17f5d63f26a8e81ba972b798d5797373b26ca852bbdf5bcea9a9e4ef20ffb57cb7aa41e05883695a255918f78f7942461a94696ad3d92b446482617a5f59983e7bd8833d1ade37f58d2bd3d0eda2fb5bca6174ee42958d92fc43d707333182f1543bd9f3b9ca3d0bf96132497bc1a4a1ee58495164a36892661f791aed93944b64856afd54b80035027678f5a66148f7b17f9f123c3f4961be984f1fea4284ae5b5f4528a2149baf5ef12b1315f43a02478e686e73bd19e52f12fba0d1b1e0c87c501d32831b1036be15adb837dcf6b6600e7efe665ccd66bfb98d14707105cdba79ecbb51ce933470fac9316ea294ff936a7c3ec1b8e955ed40cb28a17023ba8936eb7876f91c15c1d058e2a8e16bcdd73fd8788f0d9c3d9c053097d82dc5aea51b2df07ed4c988449bcee3c7047096d32040363112f65811002e2ced20bec6bfea577fd68f63e614463ac61dd7f5a2a3dec6ec20a0c007783a2ddf3083d7512291c9d8686db7c72113a1d1fa647bb2a64cd470b2fcb0e301db81860c49d23bbad90e58672f70a33d97e420d8e54cacf174bc643c6bd1d624abddab53b01a287f0ed1cf2f876f56009000a781b847b28d746d95cffec9cd883dbc776a01ae849a21406b05a5852f6751b766f38a94927fe9b7bc1e809f0363e778e14c601e800faea271a2e75d3fc43cc4c26c09ceeba35d2f801b141bb9bd35116d4954e4e4c1cee717570b92c285829f7652cd6f7c4ed003f6f3d3b35c6e2cedcae2f935186cfbf9e63835c650f6f592a9134e3bacbf501d690169cf7d382458061d087f078b40e35462107db6b8f849615d90ae413465075742c5603a7386795a922cbc7351b283554ea16e8529a8cc12d73856d1d65e713d644605f6d4d2ce1d1888e8c4b8d403a9232c288cd06329798ff7f0d85d60bb3a10f38aae561db53e9813fee38cdcbc633fedac6d71c24b2415d60e372d1dbeb9f3faeb88dabc520934fc1ac222ef190398621d48af0428aff3de457012cfdfbb2b06c44b3913ba2546972b8d1b5cbf79d5e86ffbabb6233428d37e90c21a40704829153c72b8041aba0dc61a3dafdfe298f2393bf7039e120d2970d77eba0194b7859b043f46844ee2fd5a20e9139c3e2082c84a337bb6f2bf1270918a15acfcf455ced938466c5ceca40c3d35c74f039d9a255df122619cbfc0840356d7885d575537caabfd92aa661335040cc7086a45984742c1e46be84f23b6e2027a682ea930adbff1298390d0b7f4130aef881c2b4f86dbd06a65d5f4c32c67af057984e8623e446323b7cccdb865380c3462ab2a1c0bdd581d12a1c10f0e794cfffa2a330b211976f5771fbd30219989da03690a16d4de0b3ab7a364410d17540bca434eb076f9c6d4c0317a4554c4571399d2387e3f000abe054f84f825ae4fba2760d07f65e087319d5c3ea4177205d141e5283c629b1273c73e12949211e6333c7f785b6daaf4e3c8e97c0e08fad9b4834361cb231ff69a1ee93630955a081201315ac5db4b6f76c9dc59b3ca162d59f7a8c59939072336a233543c65412575d4a644f73059b3f687a2bdfcb6a9e0fbbcfae369f74745423d3f162fdb7af7ed105861b701d946153029b3b689214ca9e01e3ec71c70256bd0f5b0f0dac24cad9a2a80e036710db226b58d5ba03d702c10e23360c6199627a0141dac383556a0fcee12da57d2ba37ff9876a0d58cb52ba53ffac2f57800c84691df0985d6e73bb666471bfde7a350a913785ef1081b3a1b3453bd5d6f2427bb8d2f1f30a3efe20807b6dc5b2693d5219d1ddc6fc10270fcaacae1349a32486857f6eb854e1639d0f06c98c94b975fbcb560a5bbccc6c863b2ab82ad49ab54c8d752a120999cfa71aac94c9773ff8cf7ddc28937f8ce2fe48fa1a13b00ef3832f70515e858b406de09aedc4b0f2e5b69e7ffffc302aee9ed997a9a563a90eac13f2e3b2ae6e2464b2c3ae6a471517788cf8562a24603e67f0eaa2e39113c3e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855c291c170c6a4ad1e2f039c8d5cbc8904ba2f1d4dc28cc5305c286a278f45307ebc4845be8cefcfe88a9fe57e683204f2c9427e9195fd71e3ad4d627c634633d5a81780a4c9dddde0bb88fdd1724b576b86e4e6fd3e3f12ab299066640653248d32fc7f5de8c0a5dc0b1e7eb609ca31a77eb3475539e1d97a4543dca1b9b26c5759e61ec581c157ff2c9a324c77acd960343e0eeb55a57b35ec488087ebfeaa0e2677a0609edba91ccf55f72b881d0240fefaf340f2e03b577f115b4924ab2a92436ac9e6353db9a765b85f4dd31214306d5d9efa84d6109a5953b196f3e91aa0efefc966e548ac66b632f7243ce0bd2df2655ccb011d807283b2bac956960ee659847c21d1bb01c7b2a86dd2d3d23fc6f4a7c90915dd7ce7c5ba0124809e1d0c742c50a396447edca6ef2cfbb687685716eb1bafaedc8725f2906c5f8707a91adadb05fab6fdddd7c90cfcc594fdf1ae61b8ce5409057e890f58130629f578839e08d5a81d829ddd10cf8d1a422faf5aab3b1d43e6f26d660de8b9c846239e384f8069aadb94be6e848b9e565ccdcc420fc423628bc96465a27cf614833134010b272bd38913169d8ab2bd99e3c32e6e3e30281abea601885ab2ec68b37de5f8a47ced3711df52b59adbf5cdbcf21ad070532ead14234e0a34cab4ee151ca0bcd53e0b42b70f00fee8441b8a16e1aa92ea8164346b4185c963793e7df90dc3672630e8a9375e56bc4840805e2d78c439716431a6a4f2183eb3d4a681b9a0bd29f287312966baf5ed850130b37c87e651732b6a779d03b8d76eb804cd2a59466bb37712f04bc8564737e7cc315fecd7e7e9b21a65d431b32627ec7ce11403d093bcbc808c2c3ee3f3b2733dad84f1c83c3badd7ba92ee8ed11485bb7bfb533cf5d5cb62f8a38d6de6548c6ddef60b21cf1df04b40f1ea8870690eee52df2d603cb54483a4371c4b058a0afc67da045b69a921f05410893d4715758d344a044ecc79aae3a31cf8778229537844dadbe6b0549d2ebf7aa5e55faa3887e72b2aee0568e793eeb846d6cdc6c9ecce8f1b61df0b53d73d1e869e050110e13daf644f05bbce49de4be20e1ec3b57915b61fcebc739fabcd611ff2586735af6232c2ca60049787b9ce430777274de4eed5ab824ff24f7c02c25a378f12a350f0820a3ae4d1b38f183ec2e1ebdc188e0979bb1be12c7bd1b9f2c49c0c528cfc61159ca14b4bbae720066c40a01215d6dde055cc379eb1fe8e867681e001cb90c47edd1578a3adf651cac306e156427a46364ae78a52b56beb37e7773af9c1a2fce3e52b3a7660fbb0570df9a221799c65fe66aac439e47f243fb11c7175292072150448d24e4d4d397728947754bece35e054bbba68197762e6014868d6a4a9d76afa829e96703ee0c687a9d799767326da81f1a18d17f36eea52d2e35190590dc64e1e1bf36509f3f79cb7e0f12279af9593fa65003628e3fe1f9990e115c2094504300ce0ecaa821edba962e1c1989b697a1addc6b194f0d3130165e445580977404240bcb376cef5a127a64f3f767b60959f165f95db17dfcc56d14d593e1705c96dfd761e5b7b0fe571621a39636bfe793f0a766d78d0f84eb012cfa872b9944e9f6bb7a2c942d4e4b4fff89c2e939a4ffe42b380544ebc74dcc9bdbc48671db650deef48f47d8ed87f5964f15762effeef3cd3963be889dddc8cb56f3421ccadfe44086f5468b76d26413fd0ba89008088549daf17a03c6e57ddf687a3a9246e5f165b56f6b3302af373c43717f07136fc6de8fee08833e571263b272493d271495a3afefd98952bdfa0b23f0930e64c9604e447e25a5f3b243805af5174b74eec012410e4e8fe1d620c40f497767511d2b2ac8c22374760fec9f5577028fc95e3b1469f399356fcfc66b7e981da9c343ce3ed548080b6e20fa4e2b1e2995e1733468b85be6819b1369e180b1902f1aa5c96d76352967119b7eaf3b5acc84f326798c2360c6323f6eaa47589ac32c4ce63c07df18bbc44e692632ead7456ab1504da734efdd0e267b2a91010f4469b9bef7074f3475977ac7964da03c47ab897c7b691db4c185cd0ad522fff0ddfa4b6a5560d8f312e8450f775e6cb5b106688377f6fdef6772d930fec0e5dc1fac8d42de40379ace505a069e984662fe4c5ce534cf4d0b3d6da60c512d265ef2e9d07e981fa0a7c05f9185c5d885cac2ed2f138f9220fc12a7d5ad23bbcd2ed1c3dd63daebe88ce12d9b2d0d8919ecdd1c14c06072e04524954dcf0ddec7703d6474840064a921dae7b0f3fd473a4cc6d9d7750b6d0a20f85624794afaefc32c26b8d057199e4c679bdc101049197a59c30175e758ba77fe6b5de8c1c4d4c509bb748e6a77da6cc50d4ebfefc30b2162106303257a9a870dd4880cdc419dce6c2ebaf1cb40a8dc33699744d3c0a01fd1a19a23d9fca0234bd4fc6e0e03811d81839089e2681878a6513df6dddf72af727baf29e0f477992b7823d074c3e36f9091f339af58a2cd1bee5fdaadd24abc23d155861a01a195da111050a5f057dd7032f850480ddb063430d33e24e968749aee3a245acd0f2b49b6bc33f5adb0437f96ad5602265c815c72c2c8633544663de10dfd166ead8a2e7dcb0437a40928d9d251e3fb701dad819085425a5278c02ec599223a902229a34a945ce35018420d5e77616149d820f3d5afa0a0355fbdd371e78a2fca0c1e5be96c7420337975e5ce2ba40efeb0a5de671e4ffcb077b64442a26c6de31c83306569a226bbc0301c7cbaed1d0c36cd1ebc54c14202e5d6d590a4eddc6d2caad9c22552342f8b8cee34f92bea574fb888ff6deae36eaefc457c264e28e81a217554bbe1dfaaf380a127ca33da1bd3e6fbc52c570d0d95cb3d0ad9c5ec65cdf8d4978082816b9be3cec14f0bb8a6ac32a1e5e44c6144fcfb2e2426bf9662a7ec828fedba791738104829f960b76efd941a0bc038bde88b1a9fd047683ccc1c586a76b6ea5b7604ab0a59c3cdd2f8af7e61f17ac2522e3037ee01d2e14c0045b3937c6c7c04ad8ad7f3930bdf2e19203672df0687eae22366ce17161bbfb94758e26a1c7b86ca5f13d6ff39a5c3badcd849ebcdb2aeb9a60a0da9c54fd55544598ebd7133c0ed1e3400a105f3a1e12fdd814b1396094e7e6a7689c52e5edf2573864d6516d4efede21deb573d357b05f631807955fcf94725565250d434c7d334d6a3d5724ddf3fa91a20f3695517483be3ef39de340e61a86c6b3281d63052bba16151dc1da0dc424ff19a88d6c72147d3874429ae7993f656524588e8cef4714b0034be3a8b09b2dc6e79e213dbe9f655ccb715cd3eef185c0dfb5be4c022fc64f2cd26b86558b0d13b58d8a4587909f1db707981155df5d1dbbd59be7870a016907a67ec411e61391e7ed7411ec4bded8956483154aeb2babba5841553b7996c70e5e34a96c965f368a34d537dfd8288e6e47b66b712184f9c192a91df7ff7b4bde9d74bdbf9ae687386c13644c2cfbdf30bc3fa91e51b85afadb92d276fbd3a1321f73f50a313c91395f5fe96bf88f09faf1a288e916ca8da131618ae68c47eab842265fafbb0d4af6b1fb4d00d088db4e554c9de34b398ce012db9eb44cee041035f91acd5f3d4c03c6466506329c6208dd2baa3ba48803dce684f08a9afb6458c8f8cc8a69b53e0e071475135126f3e4c45b86c3b449c7cc3542223306c9d68129b8141052edade071b22f3a8c0ddffe99752597589690f4e26716ffaa90a88a980607f7248c605dd653efbf87626ab1ba2ac0f342292237467ff2637e69a4db9f6bc7d23c5934496326aea0b9721903df35a99d6e475959870420cae71035def4c7c07a2820021df8d80033eba9256bda39b8b2b67d1aed5d8993ad546f653efb71c1aeef2a11e52d0de5c0c73de1cecb2a91d76e393c184903f63c3f5c4f63c562685e636ac6808828504f8607fbcb6f294c1432cbc4e09ef3a206791b9b3c3165a38040f0f11ced2a8b7c356f9e2a6d33c8d2aba436d1f69fbaab88f25f66a7137e43e395efa4970313d7804aef5abecadcb7c3d7fb10d27afbf99631ba6ad0a9405f74e36bcae376850dc97904cbcf106bbda84b0348c0be4fa1f6ae549128b4a9a1f863417a441b2e0dddaeb7bb09c86ea43add45e5d729d59d41f71ced9d61881affcea7c9b0e6e060df451fd1f09ff28bf2a5c615d7d36fbe18369119bc00da8085139b021de4966b7e20e96c38ce9921d30734c872a3f18d9bd64caa4b8c00c4f0bf07b4267d85fb58ab0904be4713664e7846faa70c2ec7a2032698fe0e9bd17e7bbf12f794f1fda9ad486070baec7a2f1759842c18e8ec232a6695fb6af921c077a3faed418eea1146dd07abe926e4bc479cef07d131acdf96ca77d49cec139f62e0f442fd1d0d3433d5ff360dc563acef00ffba29efc54cf8960dcfdf4a8d20b794a8b923f1f951403e0b95a28b60e52582810a0ab9da6432bedc584b6e1e923a05c84f48eee5fd92ae28a14f050735e9899a8c5f60d8fe33f1429c5de12a5dfff60e47288fcffe1139114c00dc5a1fb44abd5658cdd2ba4b6ecc4f03480629f3a480e5a9e9f1a8fcf7691166e6976f7280bd3acc234cd4682ef6d88265f61742d5f56590bfe2acbe3894345c3e88218078a15f8b2df3d1782cdcc56d04a2e6147544c0133c8e058c3ab996764348ba851c1f74f89dbdfbb20e1533d4bf7b198b7927434ef890a1c6eefe134e2cecf84bdea8ebafd962b96cb442fc41698d25682ab71e179f782cacd6139530f353c0b5a24acdefc70e8926c378ed84f883005198a0bae83dd4fad4eabc5422c87ef809e34ad6190cc3a76de0d1a459bf5fc6fab8ac7930d611a27916567e4b19cef69b3ebc06c2048cb62b0587c8be7b645db58182a87879c63ed3d455b48849e6b47122faadf06e633e87618e62229b91100f1346657b6ff18ace5b4065febf6048f16e7a2c32545200636cc9671adcd1a8078e27093c21d721bb41982dde9b77fb3bf665e10f94714ddc0440d72fd0c885aa40c0b6fc1d31c3b3c093c48a726c0ba9a7f8bfa28adcaa29f34cdaa28b7f14cd2d4be2d5f13c841dd255f2a2e4852a0e236ab31fb67b61ad7d6aec38910c354083b723d66ea2189b0cd017e28dc69de653df2e304ef2783ec71cc0a2b04a917916b527d15e0e0e62d8a0267d369d4b383e14183e2437ac4da33a65d8ca6758063dabf12a1cbf6f8aa69c916cfb3cb20647e4a8da92ec0e1349cd7819732d60e178039ab97dbd793e384630ea58e64efee556acc1e90005e28c94825c9e1564d4d9ac711b4ab3204db7af249ff1a27d1ff2813228f8d9448625e5885eeebf5b6a2d1fb0837cc3ee80bf271009af59af2cd16841e0c2a1c99004bac7f73febdca9d8590a528b3987d65da8e155dd2dad45e00f964faec0af1b457f7e242e8216f3c130647d98546ae154a2f1e55d34afda4cc9f6d97c67efedf8b11d48e2942012e28307005bb66ec6599b2b3fe7ab8e1c611ffec26685a3d5f84d20723a27c1442b861be44fbf58a4525eefe2ccbb2b5f7ceb21e8be6de6036ef0dc8a908e4cc248ef1d8aab87172e722d8c5bad9e137fd43994e0fe3d0fa16b1bf66cecf0cade9b655eaf1736a282ff588546472ee06147572f9dc8ceb83c4ea8afc4fa4f23da9f683a678d8fd1058decb9c7287014e19f0a5bc1f9f7cba3e2d3a8e43d4e86494587567bd3d7e0a3d4069370b4f8ccf0f5a401837d555dfd63192a0a599697f94a1dbc07ff3caa93dbe92ba6452cd529ad5a0199579dd8218e9def05a3462de730fd11790b91aeb538346c5a35e7001ac770a7b39b03349e8d59e87b77d2bf4d4a672d35a31a04b944af4342722d50a729e1672d0218eeee729c5127fbf1cd09c19563857f89c135ea3775901e7387376e47923a5767716667b170b95504a5ba4facfcd2196d03fba3b28fa787f870a0c9660dc56c85fb1cd4bcfea83625788c691fed9e21f7833f1224d718f5372511abf7ad1dcce850713fe5bdfb1ba00461a38a6789117f419eee5d2152fcbb2a8f2b98137a7ebb43742992a301e6d060336727032dd695f60a535db35c65d85826e9282634af376feb547b250d5ebf7135d2e9019007bd7c3013ea207f04edbdb2d26b4cab6dad5e6632d4c70009d2046af18595b372632330e714825b5c6b81bd24b5a9df785a45f25924ed92910eb80fe6d632c2751da82a0cd6fdacc70401d52816fc958fe47581ad7f4b4bd621b014c50560ac03ada9b0c2023518ff1d5d9f3fd80daa327c94ece0d7010e12ab8e55636d5d4ac72566269a41ac8afded87465ef02f23c92ce4f147f5eff2c12a7f22d2ab564b9b34160817a9eb2d416ccd6b27ccfd85182dc3ec8372e1ef2fd02644c46dc922ba5742f77ec893de112b2d5f801c830f612cbf0cf4c98c70f297d6d07e3f5f6deb2ba881df57ca2cb162047009cc4cb832ddafafb8abd59130f4d095a7fc9fe38e1e23be1fdd52ce77b0b1748fd536321f94276fa3cd97fcb1c6c50c1298a6e89f05b1259088a9934fabf075d49fb90d89b4fc921870b09dec376d59fb6ef90e7a174984bf8e889224681479f457d275cc1d8f4a7727c5eeddef5069593b4d3c94434f7879067c70eca310ac714e51ad8754f12132212efdea598e5c72d6980da1a13238dc711848a48c8df168a32bd39cc6bc643b95e3ba3944df0ef80202d747d503e44904d910ecdbf04380ce85ce9e0fb1197ce6f18322c1b2f57ffb31e985c43830d323cf7ed55d6e13e7fcc88a3a6af582ef0e4da0b59ceb569b22527c438e977c165910d201c6972965ad940cc79a4d297e160313482288c176f7e146415e7e165198f596d0548bc7eb6a6641b7778dc93a3d35bad6f5717f0c87dddb903ba85da65e0c89eefb7dc5b4a081ee1b10c98e13f7867d027e57d9360767b442523293dea595c84ecc9bcee011158bd210b59c5ed311a83a94e8f1367d7ce5ead3b0fae0719b4816a2b00e899302cf08461852e71d283eb1694f70a512214ebeb8cb88e8fc9e40e519d4b99f5fe85e65e99e97ba06702784515a2f6a14dd50d78056e78b56f7bfbd4b3beb9c19516cd8f3d4052a976e23320f40248a83e33dbe7f08a6354c019cca9f843bd132d58f382a2ff671fc73b8ed404c18e62d4100b31250e208322e6c9b8e7b9e61cbae7327d30dc3079c8224d83e5706f1508adfaf5e383310152af388a8811ab2097b81c1ccd45ec4733048eda4262cd0042415a47209a9a7f8a1d782136be9d16697f39c80fcf96c586e71926a52debfb0b613fd1a21016a5722bd75181373a8c759dd79026d52f1e01552c54f274ca3ee9d046c56fe58478d9f60d430736f25a6696bf098fa60cd657fce787ad7294c94c0f175a0a0198f8d724846024bdd0ba27d950567c04cb913356d6be6839851c9c6cc02a4a75b2863acbc56f104d604bac867b69c4eeb60fd2bafd43d16690e99e045eec9f622b4a44fb35328abfb8c3fca1b404918b2284fc23f4bfb6979d450b443ba47aaa7cd83ac5e6e3a3c117218431f64f2fedc5c1136f6b0bdcea1cb3bc74707703d178f6f6d261c4c2bac57f93c958991ea669c7d3a813c179273a0eb5ee2ab5349d85274ef58f6a05ae4ffe4122d8dd8d39d9360f8de77cd529e2c4f28f770b7ba63383d37e07fd86f673d1ecaac8fbaff853d85aefb1d608c315df54cb0eb506a67d118a9f9ea4fb09a21ac8c56f1aa9380d7a1be2fb2922a528e68fce5ae6a89c602b9db21293c7bc097538b1d256f7ebf67592b6b8f4f71f291b26a01277d84ec75b91b428760d15f7863b7064be3998a8ae7202959441e52c70a4408b2ccec3f9a4a39fad1f27e58cdc73903062809a384d310299de0fb678e5d3dc5fee78a2224cc3e329baca9bf4be8c6e0e5c5c0b510d91cccadaa991307eb110e3fcbbecf70a72e806a6f73bf690ad5ab805ded821972be9546bc550c5dfdfb76cf13430ca98332a246fc61279dd8e994d69c52240a53b4c310abd3532a41f46ffa229585bc85b1607b8b604e4ce242ade81a3bce3d48cde5a96dce33e96f046f204b012ac8fbc083cc1d503c7e9ab60e731097fcfcca22f9d5f948bc5f21ef1cceef0cbcba4827c2b850d885658316272db11cb4b3687e4334fb2a6a56d13b8a26669b60a7370b152915d07cd4917968c5d4e699e2bae73e1749ab16c5a4ea6a4e0f2c435266ecfeda60629ee58563cfdf91ea90f5bbe181d89fe739a9563b17c31b3e726e3fe3a23525c09720b212ef23b42362d7277c4f0396fb27eb3c6aec75895e9deef7ae9038caaa2d527909f129a5f7028ba723c0a2bdecb93208619925449e0a606dc6a94f32a73ac78584f83a8273e07a2956a2b5e87f507d618d59681ad0d5ef3f34ba061a651665e266b43a4c2b4e6ece096a28b9e4d0ca6f8a966270cd6e655b5217bd21bd91466963adad7a4e320f045d1f83add6a7dbe29a3b875152a9f2683ef69f07d954b761de31196581d01db845b96112f907f6e8771c734e1c50689a9775dd09720c493b5b482d60c3a084fbf82afa205ba7556dd4d10b3b11809c9e87c88911270cd697274da6afed8dd8547ac566925f3d140c2c5a407769c23f3eab860b8b9c9cd467a76abce3f7a77071e1dd778d60644d9524789e8b1f4a3d8762a2d0569c83dbd9e92a3492857d04b5dd22e78ff52f1fa1a1b07e779c5c7f163e70d9d8c3569b183bb62008803f2a3849aff097ed2aef5d0a08a89ac94927ea94a6d7ecb1545ad67d5ca6b8e51bf27c7a08aac9145e629bab60af4fff45704e339774ad6f002fbc22626f1091502fb1624ea72d0c4e7a58454a91045ea771071e9ecd89450dacec2774a6a45326979fc818b96ecffcac490d2ea79b86c3eec28c33851eb1dbfad5ab8a675cfdf04f93c53123b9047f7a81cf3976d14b38b178b435df661fa7714a808ea75db6dcfbddc10908bb13b83655ad3d0d5b8038166f8b98de99ba1ccd6ddb8f1e90e13bb53f7265f01e44d8b6aa88ea675627c210b975af9f58406a8eba1c1fef8603eeb89ce7a948c8c6069ede46a7305daa3c756a593196278e2ecaa7d0e1fc0897bba9f26e56ee8bccd29dbd2a72ed98a9aa52b5582002c2b7e18370e49a7a5e7329176f35d8544c2474796ea37bbcbed5ee2d2cdc9cf93235a520fa44ace34b05a54f4fcb95e37c4254bf51a909f9fda18ec8b4df74c6712adf90dd218be230581453eacbc95caac7c1ef5c4fd3968924679466889a75231698b8a7a2a2a5cd8f21ca45025cb83c786799564fc14fa8e71780fd7875ecfaf0d4cfe96880367bca3f62df73b146025f63ffcb080ad63134ea206eec2f8b4cba7e0e0ec71291e567ce5fdc996e9888c408e5fcdba6724a1de3040d1c576f1e8d32b9fdf02ea9e00d826bccbbb732a5d916c54f6c02bf9f15da704467e344330d0cf30230a7bf0ad36a23c7eb2976449b61bf93fe98841a93d6014711875868e81b60bf50ec06f9b67e4270a435da508801b48acb32edfb1c1cb630b17ed5bc594e2810a02360ac24c6dd0d79d9e06fe5163724e5587cb3524056df5e73c4c8d2bd31579c0635024be920b9947938b755511b09b13d4764035804a830559016cebd50b1c441707bf66733cdf1fbc0a493a81c9a06cb9ef93642205a36d3b7c266bd01e47dd37e79173a55a413ce04a84c264abf93d403e83fe3970edf9ec2b9a437e4b4b4e2fefcda0fd6b62106f3b3991e46e010a7da94d1410029d1d8c5e483810ebb05407545156959df822387e33bc255840600c4a72f9fced8518c5535793cd37b535420d4e5b176011b606f4f879d3215f3b3bd4a623840c61a068ff218761772590821b6d5c5eb596da4784e4634384ebb7034031fc769d73165c1e8920af2765806a1e5b15292700f7f5a6ec050c52f4fb99959d8995ccc6f10ca59a7554ecdf37cf635ac354b2a6b5c2addf38aad4361bf07495f6f3b1781fbd8ba29e4f0d6708897705fd642a34766c49d009dd85187dac51de3ed761aec00e4803b687039df33812b990dc2eaf8ff60e87b7a7741c29a90cfa95c32748da38bf9cbb49be8f71bfb59646132acb12a174f3786d82330ccabb52b2f1476e2178d6280c74f2f8d8df9rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootgrub2-2.12-150600.8.18.2.src.rpmgrub2-i386-pc @     /bin/sh/bin/sh/usr/bin/perlgrub2grub2perl-Bootloaderrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)2.122.123.0.4-14.6.0-14.0-15.2-14.14.3g0@gg+Z@gfff@fJf@fU@f@f@f @ere7@eПepe@e@e@ee@eeL@ehy@e]@e\eV@eSa@e?e:Te9@e6`@e-%ee@eee@e@e e @d@ddܺ@d˖d\@d du@dS@dI@dBzdBzd>@d5Kd?@dJd@d@dd@c>@cc@c1c@cc=@cHccc@cR@c]c@c|c{h@ctcr-cr-c[@cV~@c>@c-c(Yc$e@c$e@c#c @b)b@b@b@b@bkb@baG@bT@b=b4t@b1@b+9b)@b)@b!@b b@aea@aq@aaa{a@a@aaqV@an@aKa7T@a/k@a.a @a @`]`ٹ`"@`@`@``@`q``}p`n@`P`J@`8`3`.V`U` l__t@_@__m_X_G@_A_?@_;_5+@__A@^x^U@^H^y@^t@^oj@^j$@^g@^Y^K^9\]e@]{@]@]@]W]]V]0_@]@]]@\ޢ@\ޢ@\-@\\\mA@\b@\N\J@\J@\I\HW@\@[@[@[[@[t[Q@[-[~[l,[j@[h8@[W[L[D[<[3|@[*A[#@[@Z@ZK@ZZJ@Z̧@Z@Z&ZZkZZ@Z@Zz@ZyZxG@Zg#Z*~ZOZ ZZNYeYA@YX@YY@YYYn@Yu@Y[@Y0YR@Y@X׭@Xg@X@XX~@XO@XZXXXX@XBX@XYXpXX@X|Xv@XlXfL@X=X @W@WiWWF@W@WWW@Wq@Wi,@WPW>@W=W'A@W!@WV@VՄ@VՄ@V@VT@VVvV$@VrVqR@VhVetVa@VV@VLh@V5V3[V2 @V#V @VV@UU@Uc@U@UUzUt2@Uq@Un@U]U[%UPUOH@U@U.RU/@UTTT[@T T@T@TT@T5TLTy@TeTR(@TR(@mchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.combwiedemann@suse.commchang@suse.commchang@suse.commchang@suse.comgcomes.obs@gmail.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comglin@suse.commchang@suse.commchang@suse.comglin@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comfvogt@suse.comglin@suse.commchang@suse.comfvogt@suse.comglin@suse.commchang@suse.comglin@suse.comclin@suse.comschwab@suse.deglin@suse.comglin@suse.commchang@suse.commchang@suse.comdmueller@suse.commchang@suse.comglin@suse.comglin@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comhpj@urpla.netrw@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comglin@suse.comvalentin.lefebvre@suse.comglin@suse.commchang@suse.commchang@suse.commchang@suse.comglin@suse.commchang@suse.commchang@suse.commchang@suse.comglin@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comglin@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comlnussel@suse.demchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commsuchanek@suse.combjorn.lie@gmail.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commsuchanek@suse.commchang@suse.commchang@suse.commchang@suse.comfvogt@suse.comrw@suse.commchang@suse.commchang@suse.compvorel@suse.czseife+obs@b1-systems.comfvogt@suse.compvorel@suse.czmchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comnormand@linux.vnet.ibm.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comlnussel@suse.defvogt@suse.comlnussel@suse.derw@suse.commchang@suse.commchang@suse.comolaf@aepfle.demchang@suse.combwiedemann@suse.comschwab@suse.demchang@suse.comrw@suse.commchang@suse.commchang@suse.commsuchanek@suse.demchang@suse.commchang@suse.comrw@suse.comrw@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comguillaume.gardet@opensuse.orgjengelh@inai.demchang@suse.commchang@suse.comrw@suse.commchang@suse.commchang@suse.commchang@suse.comglin@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comdimstar@opensuse.orgjosef.moellers@suse.commchang@suse.commchang@suse.comjbohac@suse.czjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comkukuk@suse.deThomas.Blume@suse.comidonmez@suse.commchang@suse.commchang@suse.comjdelvare@suse.demchang@suse.commchang@suse.commsuchanek@suse.commchang@suse.commchang@suse.comiforster@suse.commchang@suse.commchang@suse.commchang@suse.comolaf@aepfle.demchang@suse.commchang@suse.commchang@suse.commchang@suse.comolaf@aepfle.dejmatejek@suse.commsuchanek@suse.commchang@suse.commlatimer@suse.commlatimer@suse.comagraf@suse.commchang@suse.commchang@suse.comrw@suse.combwiedemann@suse.comarvidjaar@gmail.commchang@suse.commchang@suse.comarvidjaar@gmail.comarvidjaar@gmail.comarvidjaar@gmail.commchang@suse.commchang@suse.comarvidjaar@gmail.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commsuchanek@suse.commchang@suse.comarvidjaar@gmail.commchang@suse.commchang@suse.comagraf@suse.comschwab@linux-m68k.orgmatwey.kornilov@gmail.commchang@suse.commchang@suse.comsor.alexei@meowr.rumchang@suse.commchang@suse.comdmueller@suse.commchang@suse.commatz@suse.comarvidjaar@gmail.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comro@suse.demchang@suse.comarvidjaar@gmail.comjengelh@inai.deagraf@suse.comolaf@aepfle.deagraf@suse.commchang@suse.commchang@suse.comarvidjaar@gmail.comagraf@suse.comagraf@suse.commchang@suse.comdvaleev@suse.commchang@suse.comarvidjaar@gmail.comolaf@aepfle.dearvidjaar@gmail.comarvidjaar@gmail.comolaf@aepfle.deolaf@aepfle.demchang@suse.comarvidjaar@gmail.comarvidjaar@gmail.commchang@suse.commchang@suse.comeich@suse.commchang@suse.commchang@suse.comdmueller@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.commchang@suse.comarvidjaar@gmail.commchang@suse.comagraf@suse.commchang@suse.comarvidjaar@gmail.commchang@suse.comarvidjaar@gmail.comdmueller@suse.commchang@suse.commchang@suse.comschwab@suse.demchang@suse.comarvidjaar@gmail.commchang@suse.commchang@suse.commchang@suse.commpluskal@suse.comschwab@suse.deschwab@suse.deschwab@suse.deagraf@suse.comledest@gmail.comledest@gmail.comjdelvare@suse.demchang@suse.com- Security fixes for 2024 * 0001-misc-Implement-grub_strlcpy.patch - Fix CVE-2024-45781 (bsc#1233617) * 0002-fs-ufs-Fix-a-heap-OOB-write.patch - Fix CVE-2024-56737 (bsc#1234958) - Fix CVE-2024-45782 (bsc#1233615) * 0003-fs-hfs-Fix-stack-OOB-write-with-grub_strcpy.patch - Fix CVE-2024-45780 (bsc#1233614) * 0004-fs-tar-Integer-overflow-leads-to-heap-OOB-write.patch - Fix CVE-2024-45783 (bsc#1233616) * 0005-fs-hfsplus-Set-a-grub_errno-if-mount-fails.patch * 0006-kern-file-Ensure-file-data-is-set.patch * 0007-kern-file-Implement-filesystem-reference-counting.patch - Fix CVE-2025-0624 (bsc#1236316) * 0008-net-Fix-OOB-write-in-grub_net_search_config_file.patch - Fix CVE-2024-45774 (bsc#1233609) * 0009-video-readers-jpeg-Do-not-permit-duplicate-SOF0-mark.patch - Fix CVE-2024-45775 (bsc#1233610) * 0010-commands-extcmd-Missing-check-for-failed-allocation.patch - Fix CVE-2025-0622 (bsc#1236317) * 0011-commands-pgp-Unregister-the-check_signatures-hooks-o.patch - Fix CVE-2025-0622 (bsc#1236317) * 0012-normal-Remove-variables-hooks-on-module-unload.patch - Fix CVE-2025-0622 (bsc#1236317) * 0013-gettext-Remove-variables-hooks-on-module-unload.patch - Fix CVE-2024-45776 (bsc#1233612) * 0014-gettext-Integer-overflow-leads-to-heap-OOB-write-or-.patch - Fix CVE-2024-45777 (bsc#1233613) * 0015-gettext-Integer-overflow-leads-to-heap-OOB-write.patch - Fix CVE-2025-0690 (bsc#1237012) * 0016-commands-read-Fix-an-integer-overflow-when-supplying.patch - Fix CVE-2025-1118 (bsc#1237013) * 0017-commands-minicmd-Block-the-dump-command-in-lockdown-.patch - Fix CVE-2024-45778 (bsc#1233606) - Fix CVE-2024-45779 (bsc#1233608) * 0018-fs-bfs-Disable-under-lockdown.patch - Fix CVE-2025-0677 (bsc#1237002) - Fix CVE-2025-0684 (bsc#1237008) - Fix CVE-2025-0685 (bsc#1237009) - Fix CVE-2025-0686 (bsc#1237010) - Fix CVE-2025-0689 (bsc#1237011) * 0019-fs-Disable-many-filesystems-under-lockdown.patch - Fix CVE-2025-1125 (bsc#1237014) - Fix CVE-2025-0678 (bsc#1237006) * 0020-fs-Prevent-overflows-when-allocating-memory-for-arra.patch - Bump upstream SBAT generation to 5- Fix CVE-2024-49504 (bsc#1229163) (bsc#1229164) - Restrict CLI access if the encrypted root device is automatically unlocked by the TPM. LUKS password authentication is required for access to be granted * 0001-cli_lock-Add-build-option-to-block-command-line-inte.patch * 0002-Requiring-authentication-after-tpm-unlock-for-CLI-ac.patch - Obsolete, as CLI access is now locked and granted access no longer requires the previous restrictions * 0002-Restrict-file-access-on-cryptodisk-print.patch * 0003-Restrict-ls-and-auto-file-completion-on-cryptodisk-p.patch - Rediff * 0004-Key-revocation-on-out-of-bound-file-access.patch- Fix xen package contains debug_info files with the .module suffix by moving them to a separate xen-debug subpackage (bsc#1232573)- Fix not a directory error from the minix filesystem, as leftover data on disk may contain its magic header so it gets misdetected (bsc#1231604) * grub2-install-fix-not-a-directory-error.patch- Fix OOM error in loading loopback file (bsc#1230840) * 0001-tpm-Skip-loopback-image-measurement.patch- Fix UEFI PXE boot failure on tagged VLAN network (bsc#1230263) * 0001-efinet-Skip-virtual-VLAN-devices-during-card-enumera.patch- Fix grub screen is filled with artifects from earlier post menu (bsc#1224465) * grub2-SUSE-Add-the-t-hotkey.patch * 0001-fix-grub-screen-filled-with-post-screen-artifects.patch- Fix crash in bli module (bsc#1226497) * 0001-bli-Fix-crash-in-get_part_uuid.patch- Fix btrfs subvolume for platform modules not mounting at runtime when the default subvolume is the topmost root tree (bsc#1228124) * grub2-btrfs-06-subvol-mount.patch - Rediff * 0001-Unify-the-check-to-enable-btrfs-relative-path.patch- Fix error in grub-install when root is on tmpfs (bsc#1226100) * 0001-grub-install-bailout-root-device-probing.patch- Fix input handling in ppc64le grub2 has high latency (bsc#1223535) * 0001-net-drivers-ieee1275-ofnet-Remove-200-ms-timeout-in-.patch- Fix os name is used for root file system mount (bsc#1220949) * 0001-10_linux-Ensure-persistence-of-root-file-system-moun.patch- Fix LPAR falls into grub shell after installation with lvm (bsc#1221866) * 0001-ofdisk-Enhance-canonical-path-handling-for-bootpath.patch- Fix memdisk becomes the default boot entry, resolving no graphic display device error in guest vnc console (bsc#1221779) * grub2-xen-pv-firmware.cfg- Fix grub.xen memdisk script doesn't look for /boot/grub/grub.cfg (bsc#1219248) (bsc#1181762) * grub2-xen-pv-firmware.cfg * 0001-disk-Optimize-disk-iteration-by-moving-memdisk-to-th.patch- Fix PowerPC grub loads 5 to 10 minutes slower on SLE-15-SP5 compared to SLE-15-SP2 (bsc#1217102) * add 0001-ofdisk-enhance-boot-time-by-focusing-on-boot-disk-re.patch * add 0002-ofdisk-add-early_log-support.patch- Sort tar file order for reproducible builds- Fix build error on gcc-14 (bsc#1218949) * 0001-squash-ieee1275-ofpath-enable-NVMeoF-logical-device-.patch- Remove magic number header field check on arm64 (bsc#1218783) * 0001-loader-arm64-efi-linux-Remove-magic-number-header-fi.patch- Reinstate the verification for a non-zero total entry count to skip unmapped data blocks (bsc#1218864) * 0001-fs-xfs-always-verify-the-total-number-of-entries-is-.patch - Removed temporary fix as reverting it will cause a different XFS parser bug * 0001-Revert-fs-xfs-Fix-XFS-directory-extent-parsing.patch- allow to boot memtest86 if stored in /usr/lib/memtest86+ * SR#1071109 can then work- Resolved XFS regression leading to the "not a correct XFS inode" error by temporarily reverting the problematic commit (bsc#1218864) * 0001-Revert-fs-xfs-Fix-XFS-directory-extent-parsing.patch- Version bump to 2.12 (PED-5589) * Added: - grub-2.12.tar.xz - fix_no_extra_deps_in_release_tarball.patch * Removed: - grub-2.12~rc1.tar.xz * Patch dropped as it merged into new version: - 0001-disk-cryptodisk-Fix-missing-change-when-updating-to-.patch - 0001-fs-btrfs-Zero-file-data-not-backed-by-extents.patch - 0001-fs-ntfs-Fix-an-OOB-write-when-parsing-the-ATTRIBUTE_.patch - 0002-fs-ntfs-Fix-an-OOB-read-when-reading-data-from-the-r.patch - 0003-fs-ntfs-Fix-an-OOB-read-when-parsing-directory-entri.patch - 0004-fs-ntfs-Fix-an-OOB-read-when-parsing-bitmaps-for-ind.patch - 0005-fs-ntfs-Fix-an-OOB-read-when-parsing-a-volume-label.patch - 0006-fs-ntfs-Make-code-more-readable.patch - 0001-kern-ieee1275-init-Restrict-high-memory-in-presence-.patch - 0001-fs-xfs-Incorrect-short-form-directory-data-boundary-.patch - 0002-fs-xfs-Fix-XFS-directory-extent-parsing.patch - 0003-fs-xfs-add-large-extent-counters-incompat-feature-su.patch - 0001-mkstandalone-ensure-stable-timestamps-for-generated-.patch - 0002-mkstandalone-ensure-deterministic-tar-file-creation-.patch * Patch adjusted for the updated base version: - use-grub2-as-a-package-name.patch - grub2-s390x-04-grub2-install.patch - grub2-btrfs-04-grub2-install.patch - grub2-ppc64le-disable-video.patch - 0002-AUDIT-0-http-boot-tracker-bug.patch - 0001-Unify-the-check-to-enable-btrfs-relative-path.patch - 0003-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch - 0004-Add-suport-for-signing-grub-with-an-appended-signatu.patch - 0016-grub-install-support-embedding-x509-certificates.patch - 0021-appended-signatures-documentation.patch - 0022-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch - safe_tpm_pcr_snapshot.patch- grub2.spec: Add ofnet to signed grub.elf to support powerpc net boot installation when secure boot is enabled (bsc#1217761) - Improved check for disk device when looking for PReP partition * 0004-Introduce-prep_load_env-command.patch- Fix reproducible build for grub.xen (bsc#1217619) * 0001-mkstandalone-ensure-stable-timestamps-for-generated-.patch * 0002-mkstandalone-ensure-deterministic-tar-file-creation-.patch- Fix unattended boot with TPM2 allows downgrading kernel and rootfs, also enhancing the overall security posture (bsc#1216680) * 0001-Improve-TPM-key-protection-on-boot-interruptions.patch * 0002-Restrict-file-access-on-cryptodisk-print.patch * 0003-Restrict-ls-and-auto-file-completion-on-cryptodisk-p.patch * 0004-Key-revocation-on-out-of-bound-file-access.patch- grub2.spec: Fix openQA test failure in SLE-15-SP6 due to missing font in memdisk- Update the TPM2 patches to skip the persistent SRK handle if not specified and improve the error messages + 0003-protectors-Add-TPM2-Key-Protector.patch + 0005-util-grub-protect-Add-new-tool.patch + 0004-tpm2-Support-authorized-policy.patch- Fix XFS regression in 2.12~rc1 and support large extent counters * 0001-fs-xfs-Incorrect-short-form-directory-data-boundary-.patch * 0002-fs-xfs-Fix-XFS-directory-extent-parsing.patch * 0003-fs-xfs-add-large-extent-counters-incompat-feature-su.patch- Fix fadump not working with 1GB/2GB/4GB LMB[P10] (bsc#1216253) * 0001-kern-ieee1275-init-Restrict-high-memory-in-presence-.patch- Fix a potential error when appending multiple keys into the synthesized initrd * Fix-the-size-calculation-for-the-synthesized-initrd.patch- Fix Xen chainloding error of no matching file path found (bsc#1216081) * grub2-efi-chainload-harder.patch- Use grub-tpm2 token to unlock keyslots to make the unsealing process more efficient and secure. * 0001-luks2-Use-grub-tpm2-token-for-TPM2-protected-volume-.patch- Fix detection of encrypted disk's uuid in powerpc to cope with logical disks when signed image installation is specified (bsc#1216075) * 0003-grub-install-support-prep-environment-block.patch - grub2.spec: Add support to unlocking multiple encrypted disks in signed grub.elf image for logical disks- Fix CVE-2023-4692 (bsc#1215935) - Fix CVE-2023-4693 (bsc#1215936) * 0001-fs-ntfs-Fix-an-OOB-write-when-parsing-the-ATTRIBUTE_.patch * 0002-fs-ntfs-Fix-an-OOB-read-when-reading-data-from-the-r.patch * 0003-fs-ntfs-Fix-an-OOB-read-when-parsing-directory-entri.patch * 0004-fs-ntfs-Fix-an-OOB-read-when-parsing-bitmaps-for-ind.patch * 0005-fs-ntfs-Fix-an-OOB-read-when-parsing-a-volume-label.patch * 0006-fs-ntfs-Make-code-more-readable.patch - Bump upstream SBAT generation to 4- Add patch to fix reading files from btrfs with "implicit" holes: * 0001-fs-btrfs-Zero-file-data-not-backed-by-extents.patch- Update the TPM 2.0 patches to support more RSA and ECC algorithms * 0002-tpm2-Add-TPM-Software-Stack-TSS.patch * 0003-protectors-Add-TPM2-Key-Protector.patch * 0005-util-grub-protect-Add-new-tool.patch- Remove build require for gcc-32bit, target platform didn't rely on libgcc function shipped with compiler but rather using functions supplied in grub directly.- Add BuildIgnore to break cycle with the branding package- Only build with fde-tpm-helper-rpm-macros for the architectures supporting the newer UEFI and TPM 2.0. * Also correct the location of %fde_tpm_update_requires- Fix a boot delay regression in PowerPC PXE boot (bsc#1201300) * 0001-ieee1275-ofdisk-retry-on-open-and-read-failure.patch- Add the new BuildRequires for EFI builds for the better FDE support: fde-tpm-helper-rpm-macros + Also add the the macros to %post and %posttrans- Correct the type of allocated EFI pages for ARM64 kernel (bsc#1215151) * arm64-Use-proper-memory-type-for-kernel-allocation.patch- grub2-mkconfig-riscv64.patch: Handle riscv64 in mkconfig- Implement NV index mode for TPM 2.0 key protector 0001-protectors-Implement-NV-index.patch - Fall back to passphrase mode when the key protector fails to unlock the disk 0002-cryptodisk-Fallback-to-passphrase.patch - Wipe out the cached key cleanly 0003-cryptodisk-wipe-out-the-cached-keys-from-protectors.patch - Make diskfiler to look up cryptodisk devices first 0004-diskfilter-look-up-cryptodisk-devices-first.patch- Change the bash-completion directory (bsc#1213855) * grub2-change-bash-completion-dir.patch- Version bump to 2.12~rc1 (PED-5589) * Added: - grub-2.12~rc1.tar.xz * Removed: - grub-2.06.tar.xz * Patch dropped merged by new version: - grub2-GRUB_CMDLINE_LINUX_RECOVERY-for-recovery-mode.patch - grub2-s390x-02-kexec-module-added-to-emu.patch - grub2-efi-chainloader-root.patch - grub2-Fix-incorrect-netmask-on-ppc64.patch - 0001-osdep-Introduce-include-grub-osdep-major.h-and-use-i.patch - 0002-osdep-linux-hostdisk-Use-stat-instead-of-udevadm-for.patch - 0002-net-read-bracketed-ipv6-addrs-and-port-numbers.patch - grub2-s390x-10-keep-network-at-kexec.patch - 0001-Fix-build-error-in-binutils-2.36.patch - 0001-emu-fix-executable-stack-marking.patch - 0046-squash-verifiers-Move-verifiers-API-to-kernel-image.patch - 0001-30_uefi-firmware-fix-printf-format-with-null-byte.patch - 0001-tpm-Pass-unknown-error-as-non-fatal-but-debug-print-.patch - 0001-Filter-out-POSIX-locale-for-translation.patch - 0001-disk-diskfilter-Use-nodes-in-logical-volume-s-segmen.patch - 0001-fs-xfs-Fix-unreadable-filesystem-with-v4-superblock.patch - 0001-fs-btrfs-Make-extent-item-iteration-to-handle-gaps.patch - 0001-grub-mkconfig-restore-umask-for-grub.cfg.patch - 0001-ieee1275-Drop-HEAP_MAX_ADDR-and-HEAP_MIN_SIZE-consta.patch - 0002-ieee1275-claim-more-memory.patch - 0003-ieee1275-request-memory-with-ibm-client-architecture.patch - 0001-RISC-V-Adjust-march-flags-for-binutils-2.38.patch - 0001-mkimage-Fix-dangling-pointer-may-be-used-error.patch - 0002-Fix-Werror-array-bounds-array-subscript-0-is-outside.patch - 0003-reed_solomon-Fix-array-subscript-0-is-outside-array-.patch - 0001-powerpc-do-CAS-in-a-more-compatible-way.patch - 0001-libc-config-merge-from-glibc.patch - 0001-video-Remove-trailing-whitespaces.patch - 0002-loader-efi-chainloader-Simplify-the-loader-state.patch - 0003-commands-boot-Add-API-to-pass-context-to-loader.patch - 0004-loader-efi-chainloader-Use-grub_loader_set_ex.patch - 0005-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch - 0006-kern-file-Do-not-leak-device_name-on-error-in-grub_f.patch - 0007-video-readers-png-Abort-sooner-if-a-read-operation-f.patch - 0008-video-readers-png-Refuse-to-handle-multiple-image-he.patch - 0009-video-readers-png-Drop-greyscale-support-to-fix-heap.patch - 0010-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch - 0011-video-readers-png-Sanity-check-some-huffman-codes.patch - 0012-video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch - 0013-video-readers-jpeg-Do-not-reallocate-a-given-huff-ta.patch - 0014-video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch - 0015-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch - 0016-normal-charset-Fix-array-out-of-bounds-formatting-un.patch - 0017-net-ip-Do-IP-fragment-maths-safely.patch - 0018-net-netbuff-Block-overly-large-netbuff-allocs.patch - 0019-net-dns-Fix-double-free-addresses-on-corrupt-DNS-res.patch - 0020-net-dns-Don-t-read-past-the-end-of-the-string-we-re-.patch - 0021-net-tftp-Prevent-a-UAF-and-double-free-from-a-failed.patch - 0022-net-tftp-Avoid-a-trivial-UAF.patch - 0023-net-http-Do-not-tear-down-socket-if-it-s-already-bee.patch - 0024-net-http-Fix-OOB-write-for-split-http-headers.patch - 0025-net-http-Error-out-on-headers-with-LF-without-CR.patch - 0026-fs-f2fs-Do-not-read-past-the-end-of-nat-journal-entr.patch - 0027-fs-f2fs-Do-not-read-past-the-end-of-nat-bitmap.patch - 0028-fs-f2fs-Do-not-copy-file-names-that-are-too-long.patch - 0029-fs-btrfs-Fix-several-fuzz-issues-with-invalid-dir-it.patch - 0030-fs-btrfs-Fix-more-ASAN-and-SEGV-issues-found-with-fu.patch - 0031-fs-btrfs-Fix-more-fuzz-issues-related-to-chunks.patch - 0032-Use-grub_loader_set_ex-for-secureboot-chainloader.patch - 0001-luks2-Add-debug-message-to-align-with-luks-and-geli-.patch - 0002-cryptodisk-Refactor-to-discard-have_it-global.patch - 0003-cryptodisk-Return-failure-in-cryptomount-when-no-cry.patch - 0004-cryptodisk-Improve-error-messaging-in-cryptomount-in.patch - 0005-cryptodisk-Improve-cryptomount-u-error-message.patch - 0006-cryptodisk-Add-infrastructure-to-pass-data-from-cryp.patch - 0007-cryptodisk-Refactor-password-input-out-of-crypto-dev.patch - 0008-cryptodisk-Move-global-variables-into-grub_cryptomou.patch - 0009-cryptodisk-Improve-handling-of-partition-name-in-cry.patch - 0001-crytodisk-fix-cryptodisk-module-looking-up.patch - 0001-devmapper-getroot-Have-devmapper-recognize-LUKS2.patch - 0002-devmapper-getroot-Set-up-cheated-LUKS2-cryptodisk-mo.patch - 0003-disk-cryptodisk-When-cheatmounting-use-the-sector-in.patch - 0004-normal-menu-Don-t-show-Booting-s-msg-when-auto-booti.patch - 0005-EFI-suppress-the-Welcome-to-GRUB-message-in-EFI-buil.patch - 0006-EFI-console-Do-not-set-colorstate-until-the-first-te.patch - 0007-EFI-console-Do-not-set-cursor-until-the-first-text-o.patch - efi-set-variable-with-attrs.patch - 0001-mm-Allow-dynamically-requesting-additional-memory-re.patch - 0002-kern-efi-mm-Always-request-a-fixed-number-of-pages-o.patch - 0003-kern-efi-mm-Extract-function-to-add-memory-regions.patch - 0004-kern-efi-mm-Pass-up-errors-from-add_memory_regions.patch - 0005-kern-efi-mm-Implement-runtime-addition-of-pages.patch - 0001-kern-efi-mm-Enlarge-the-default-heap-size.patch - 0002-mm-Defer-the-disk-cache-invalidation.patch - 0001-grub-install-set-point-of-no-return-for-powerpc-ieee1275.patch - 0001-commands-efi-tpm-Refine-the-status-of-log-event.patch - 0002-commands-efi-tpm-Use-grub_strcpy-instead-of-grub_mem.patch - 0003-efi-tpm-Add-EFI_CC_MEASUREMENT_PROTOCOL-support.patch - 0001-ibmvtpm-Add-support-for-trusted-boot-using-a-vTPM-2..patch - 0002-ieee1275-implement-vec5-for-cas-negotiation.patch - 0001-font-Reject-glyphs-exceeds-font-max_glyph_width-or-f.patch - 0002-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch - 0003-font-Fix-several-integer-overflows-in-grub_font_cons.patch - 0004-font-Remove-grub_font_dup_glyph.patch - 0005-font-Fix-integer-overflow-in-ensure_comb_space.patch - 0006-font-Fix-integer-overflow-in-BMP-index.patch - 0007-font-Fix-integer-underflow-in-binary-search-of-char-.patch - 0008-fbutil-Fix-integer-overflow.patch - 0009-font-Fix-an-integer-underflow-in-blit_comb.patch - 0010-font-Harden-grub_font_blit_glyph-and-grub_font_blit_.patch - 0011-font-Assign-null_font-to-glyphs-in-ascii_font_glyph.patch - 0012-normal-charset-Fix-an-integer-overflow-in-grub_unico.patch - 0001-fs-btrfs-Use-full-btrfs-bootloader-area.patch - 0001-ieee1275-Increase-initially-allocated-heap-from-1-4-.patch - 0001-grub-core-modify-sector-by-sysfs-as-disk-sector.patch - grub2-add-module-for-boot-loader-interface.patch - 0001-ieee1275-Further-increase-initially-allocated-heap-f.patch - 0002-tpm-Disable-tpm-verifier-if-tpm-is-not-present.patch - 0001-RISC-V-Handle-R_RISCV_CALL_PLT-reloc.patch - 0001-loader-linux-Ensure-the-newc-pathname-is-NULL-termin.patch - 0001-kern-ieee1275-init-Convert-plain-numbers-to-constant.patch - 0002-kern-ieee1275-init-Extended-support-in-Vec5.patch - 0001-fs-ext2-Ignore-checksum-seed-incompat-feature.patch - 0001-fs-ext2-Ignore-the-large_dir-incompat-feature.patch * Patch modified to new base version: - use-grub2-as-a-package-name.patch - grub2-fix-menu-in-xen-host-server.patch - grub2-secureboot-add-linuxefi.patch - grub2-secureboot-chainloader.patch - grub2-s390x-01-Changes-made-and-files-added-in-order-to-allow-s390x.patch - grub2-s390x-03-output-7-bit-ascii.patch - grub2-s390x-04-grub2-install.patch - grub2-use-rpmsort-for-version-sorting.patch - grub2-getroot-treat-mdadm-ddf-as-simple-device.patch - grub2-grubenv-in-btrfs-header.patch - grub2-commands-introduce-read_file-subcommand.patch - grub2-efi-chainload-harder.patch - grub2-emu-4-all.patch - grub2-util-30_os-prober-multiple-initrd.patch - grub2-install-fix-not-a-directory-error.patch - grub-install-force-journal-draining-to-ensure-data-i.patch - grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch - grub2-btrfs-04-grub2-install.patch - grub2-btrfs-05-grub2-mkconfig.patch - grub2-btrfs-06-subvol-mount.patch - grub2-efi-xen-chainload.patch - grub2-efi-xen-cmdline.patch - grub2-efi-xen-removable.patch - grub2-suse-remove-linux-root-param.patch - grub2-ppc64le-disable-video.patch - grub2-install-remove-useless-check-PReP-partition-is-empty.patch - 0004-efinet-UEFI-IPv6-PXE-support.patch - 0007-efinet-Setting-network-from-UEFI-device-path.patch - 0008-efinet-Setting-DNS-server-from-UEFI-protocol.patch - 0001-add-support-for-UEFI-network-protocols.patch - grub2-mkconfig-default-entry-correction.patch - grub2-s390x-11-secureboot.patch - grub2-secureboot-install-signed-grub.patch - grub2-gfxmenu-support-scrolling-menu-entry-s-text.patch - 0002-cmdline-Provide-cmdline-functions-as-module.patch - 0001-efi-linux-provide-linux-command.patch - 0001-Add-support-for-Linux-EFI-stub-loading-on-aarch64.patch - 0004-arm-arm64-loader-Better-memory-allocation-and-error-.patch - 0002-Arm-check-for-the-PE-magic-for-the-compiled-arch.patch - 0001-Factor-out-grub_efi_linux_boot.patch - 0003-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch - 0015-test_asn1-test-module-for-libtasn1.patch - 0021-appended-signatures-documentation.patch - 0022-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch - 0003-grub-install-support-prep-environment-block.patch - 0004-Introduce-prep_load_env-command.patch - 0001-grub-install-bailout-root-device-probing.patch - 0001-install-fix-software-raid1-on-esp.patch - 0001-ofdisk-improve-boot-time-by-lookup-boot-disk-first.patch - 0001-protectors-Add-key-protectors-framework.patch - 0002-tpm2-Add-TPM-Software-Stack-TSS.patch - 0004-cryptodisk-Support-key-protectors.patch - 0008-linuxefi-Use-common-grub_initrd_load.patch - 0009-Add-crypttab_entry-to-obviate-the-need-to-input-pass.patch - grub-read-pcr.patch - tpm-record-pcrs.patch - 0001-clean-up-crypttab-and-linux-modules-dependency.patch * Patch refreshed: - rename-grub-info-file-to-grub2.patch - grub2-linux.patch - grub2-simplefb.patch - grub2-ppc-terminfo.patch - grub2-pass-corret-root-for-nfsroot.patch - grub2-efi-HP-workaround.patch - grub2-secureboot-no-insmod-on-sb.patch - grub2-linuxefi-fix-boot-params.patch - grub2-s390x-05-grub2-mkconfig.patch - grub2-xen-linux16.patch - grub2-efi-disable-video-cirrus-and-bochus.patch - grub2-vbe-blacklist-preferred-1440x900x32.patch - grub2-mkconfig-aarch64.patch - grub2-menu-unrestricted.patch - grub2-mkconfig-arm.patch - grub2-s390x-06-loadparm.patch - grub2-s390x-07-add-image-param-for-zipl-setup.patch - grub2-s390x-08-workaround-part-to-disk.patch - grub2-diskfilter-support-pv-without-metadatacopies.patch - grub2-getroot-support-nvdimm.patch - grub2-s390x-skip-zfcpdump-image.patch - grub2-btrfs-02-export-subvolume-envvars.patch - grub2-btrfs-03-follow_default.patch - grub2-btrfs-07-subvol-fallback.patch - grub2-btrfs-08-workaround-snapshot-menu-default-entry.patch - grub2-btrfs-09-get-default-subvolume.patch - grub2-btrfs-10-config-directory.patch - grub2-efi-xen-cfg-unquote.patch - grub2-Add-hidden-menu-entries.patch - grub2-SUSE-Add-the-t-hotkey.patch - grub2-ppc64le-memory-map.patch - grub2-ppc64-cas-reboot-support.patch - grub2-ppc64-cas-new-scope.patch - grub2-ppc64-cas-fix-double-free.patch - 0003-bootp-New-net_bootp6-command.patch - 0005-grub.texi-Add-net_bootp6-doument.patch - 0006-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch - 0012-tpm-Build-tpm-as-module.patch - 0002-AUDIT-0-http-boot-tracker-bug.patch - grub2-btrfs-help-on-snapper-rollback.patch - grub2-video-limit-the-resolution-for-fixed-bimap-font.patch - 0001-kern-mm.c-Make-grub_calloc-inline.patch - 0001-Unify-the-check-to-enable-btrfs-relative-path.patch - 0002-arm64-make-sure-fdt-has-address-cells-and-size-cells.patch - 0003-Make-grub_error-more-verbose.patch - 0001-ieee1275-Avoiding-many-unecessary-open-close.patch - 0001-Workaround-volatile-efi-boot-variable.patch - 0001-templates-Follow-the-path-of-usr-merged-kernel-confi.patch - 0004-Try-to-pick-better-locations-for-kernel-and-initrd.patch - 0004-Add-suport-for-signing-grub-with-an-appended-signatu.patch - 0005-docs-grub-Document-signing-grub-under-UEFI.patch - 0006-docs-grub-Document-signing-grub-with-an-appended-sig.patch - 0007-dl-provide-a-fake-grub_dl_set_persistent-for-the-emu.patch - 0008-pgp-factor-out-rsa_pad.patch - 0010-posix_wrap-tweaks-in-preparation-for-libtasn1.patch - 0011-libtasn1-import-libtasn1-4.18.0.patch - 0014-libtasn1-compile-into-asn1-module.patch - 0016-grub-install-support-embedding-x509-certificates.patch - 0017-appended-signatures-import-GNUTLS-s-ASN.1-descriptio.patch - 0018-appended-signatures-parse-PKCS-7-signedData-and-X.50.patch - 0019-appended-signatures-support-verifying-appended-signa.patch - 0020-appended-signatures-verification-tests.patch - 0001-grub-install-Add-SUSE-signed-image-support-for-power.patch - 0002-Add-grub_disk_write_tail-helper-function.patch - 0005-export-environment-at-start-up.patch - 0001-Fix-infinite-boot-loop-on-headless-system-in-qemu.patch - 0003-protectors-Add-TPM2-Key-Protector.patch - 0005-util-grub-protect-Add-new-tool.patch - 0010-templates-import-etc-crypttab-to-grub.cfg.patch - grub-install-record-pcrs.patch - safe_tpm_pcr_snapshot.patch - 0002-Mark-environmet-blocks-as-used-for-image-embedding.patch - 0001-grub2-Set-multiple-device-path-for-a-nvmf-boot-devic.patch - 0002-discard-cached-key-before-entering-grub-shell-and-ed.patch - 0001-ieee1275-ofdisk-retry-on-open-and-read-failure.patch - 0002-Restrict-cryptsetup-key-file-permission-for-better-s.patch * New: - 0001-xen_boot-add-missing-grub_arch_efi_linux_load_image_.patch - 0001-font-Try-memdisk-fonts-with-the-same-name.patch - 0001-Make-grub.cfg-compatible-to-old-binaries.patch - 0001-disk-cryptodisk-Fix-missing-change-when-updating-to-.patch * Embedding fonts in the grub.efi to get signed for secure boot- Fix error message "unknown command tpm_record_pcrs" with encrypted boot and no tpm device present (bsc#1213547) * 0002-tpm-Disable-tpm-verifier-if-tpm-is-not-present.patch- add 0001-fs-ext2-Ignore-checksum-seed-incompat-feature.patch, 0001-fs-ext2-Ignore-the-large_dir-incompat-feature.patch: * support more featureful extX filesystems (backport from upstream git)- grub2-once: Fix 'sh: terminal_output: command not found' error (bsc#1204563)- Exclude the deprecated EFI location, /usr/lib64/efi/, from Tumbleweed and ALP- Update TPM 2.0 key unsealing patches * Add the new upstreaming patches 0001-protectors-Add-key-protectors-framework.patch 0002-tpm2-Add-TPM-Software-Stack-TSS.patch 0003-protectors-Add-TPM2-Key-Protector.patch 0004-cryptodisk-Support-key-protectors.patch 0005-util-grub-protect-Add-new-tool.patch * Add the authorized policy patches based on the upstreaming patches 0001-tpm2-Add-TPM2-types-structures-and-command-constants.patch 0002-tpm2-Add-more-marshal-unmarshal-functions.patch 0003-tpm2-Implement-more-TPM2-commands.patch 0004-tpm2-Support-authorized-policy.patch * Drop the old patches 0010-protectors-Add-key-protectors-framework.patch 0011-tpm2-Add-TPM-Software-Stack-TSS.patch 0012-protectors-Add-TPM2-Key-Protector.patch 0013-cryptodisk-Support-key-protectors.patch 0014-util-grub-protect-Add-new-tool.patch fix-tpm2-build.patch tpm-protector-dont-measure-sealed-key.patch tpm-protector-export-secret-key.patch grub-unseal-debug.patch 0001-tpm2-adjust-the-input-parameters-of-TPM2_EvictContro.patch 0002-tpm2-declare-the-input-arguments-of-TPM2-functions-a.patch 0003-tpm2-resend-the-command-on-TPM_RC_RETRY.patch 0004-tpm2-add-new-TPM2-types-structures-and-command-const.patch 0005-tpm2-add-more-marshal-unmarshal-functions.patch 0006-tpm2-check-the-command-parameters-of-TPM2-commands.patch 0007-tpm2-pack-the-missing-authorization-command-for-TPM2.patch 0008-tpm2-allow-some-command-parameters-to-be-NULL.patch 0009-tpm2-remove-the-unnecessary-variables.patch 0010-tpm2-add-TPM2-commands-to-support-authorized-policy.patch 0011-tpm2-make-the-file-reading-unmarshal-functions-gener.patch 0012-tpm2-initialize-the-PCR-selection-list-early.patch 0013-tpm2-support-unsealing-key-with-authorized-policy.patch * Refresh grub-read-pcr.patch * Introduce a new build requirement: libtasn1-devel - Only package grub2-protect for the architectures with EFI support- Fix PowerVS deployment fails to boot with 90 cores (bsc#1208581) * 0001-kern-ieee1275-init-Convert-plain-numbers-to-constant.patch * 0002-kern-ieee1275-init-Extended-support-in-Vec5.patch- Fix no prep partition error on non-PReP architectures by making the prep_loadenv module exclusive to powerpc_ieee1275 platform (bsc#1210489) * 0004-Introduce-prep_load_env-command.patch - Fix the issue of freeing an uninitialized pointer * 0002-prep_loadenv-Fix-regex-for-Open-Firmware-device-spec.patch - Rediff * 0005-export-environment-at-start-up.patch * 0009-Add-crypttab_entry-to-obviate-the-need-to-input-pass.patch- Resolve some issues with OS boot failure on PPC NVMe-oF disks and made enhancements to PPC secure boot's root device discovery config (bsc#1207230) - Ensure get_devargs and get_devname functions are consistent * 0001-openfw-Ensure-get_devargs-and-get_devname-functions-.patch - Fix regex for Open Firmware device specifier with encoded commas * 0002-prep_loadenv-Fix-regex-for-Open-Firmware-device-spec.patch - Fix regular expression in PPC secure boot config to prevent escaped commas from being treated as delimiters when retrieving partition substrings. - Use prep_load_env in PPC secure boot config to handle unset host-specific environment variables and ensure successful command execution. * 0004-Introduce-prep_load_env-command.patch - Refreshed * 0005-export-environment-at-start-up.patch- Fix aarch64 kiwi image's file not found due to '/@' prepended to path in btrfs filesystem. (bsc#1209165) * grub2-btrfs-05-grub2-mkconfig.patch- Restrict cryptsetup key file permission for better security (bsc#1207499) * 0001-loader-linux-Ensure-the-newc-pathname-is-NULL-termin.patch * 0002-Restrict-cryptsetup-key-file-permission-for-better-s.patch- Meanwhile, memtest86+ gained EFI support, but using the grub command line to run it manually is quite tedious... Adapt 20_memtest86+ to provide a proper menu entry. Executing memtest requires to turn security off in BIOS: (Boot Mode: Other OS).- Tolerate kernel moved out of /boot. (bsc#1184804) * grub2-s390x-12-zipl-setup-usrmerge.patch- Discard cached key from grub shell and editor mode * 0001-clean-up-crypttab-and-linux-modules-dependency.patch * 0002-discard-cached-key-before-entering-grub-shell-and-ed.patch- Make grub more robust against storage race condition causing system boot failures (bsc#1189036) * 0001-ieee1275-ofdisk-retry-on-open-and-read-failure.patch- Fix riscv64 error for relocation 0x13 is not implemented yet * 0001-RISC-V-Handle-R_RISCV_CALL_PLT-reloc.patch- Fix out of memory error on lpar installation from virtual cdrom (bsc#1208024) * 0001-ieee1275-Further-increase-initially-allocated-heap-f.patch * 0002-tpm-Disable-tpm-verifier-if-tpm-is-not-present.patch - Fix lpar got hung at grub after inactive migration (bsc#1207684) * 0002-ieee1275-implement-vec5-for-cas-negotiation.patch - Rediff * safe_tpm_pcr_snapshot.patch - Patch supersceded * 0001-tpm-Disable-tpm-verifier-if-tpm-is-not-present.patch- Refresh 0003-tpm2-resend-the-command-on-TPM_RC_RETRY.patch to handle the TPM2 responseCode correctly.- Add module for boot loader interface. Needed for load Unified Kernel Image (UKI) * grub2-add-module-for-boot-loader-interface.patch- Amend the TPM2 stack and add authorized policy mode to tpm2_key_protector * 0001-tpm2-adjust-the-input-parameters-of-TPM2_EvictContro.patch * 0002-tpm2-declare-the-input-arguments-of-TPM2-functions-a.patch * 0003-tpm2-resend-the-command-on-TPM_RC_RETRY.patch * 0004-tpm2-add-new-TPM2-types-structures-and-command-const.patch * 0005-tpm2-add-more-marshal-unmarshal-functions.patch * 0006-tpm2-check-the-command-parameters-of-TPM2-commands.patch * 0007-tpm2-pack-the-missing-authorization-command-for-TPM2.patch * 0008-tpm2-allow-some-command-parameters-to-be-NULL.patch * 0009-tpm2-remove-the-unnecessary-variables.patch * 0010-tpm2-add-TPM2-commands-to-support-authorized-policy.patch * 0011-tpm2-make-the-file-reading-unmarshal-functions-gener.patch * 0012-tpm2-initialize-the-PCR-selection-list-early.patch * 0013-tpm2-support-unsealing-key-with-authorized-policy.patch- Fix nvmf boot device setup (bsc#1207811) * 0001-grub2-Can-t-setup-a-default-boot-device-correctly-on.patch- Fix unknown filesystem error on disks with 4096 sector size (bsc#1207064) * 0001-grub-core-modify-sector-by-sysfs-as-disk-sector.patch- Fix GCC 13 build failure (bsc#1201089) * 0002-AUDIT-0-http-boot-tracker-bug.patch- Move unsupported zfs modules into 'extras' packages (bsc#1205554) (PED-2947)- Fix inappropriately including commented lines in crypttab (bsc#1206279) * 0010-templates-import-etc-crypttab-to-grub.cfg.patch- Make grub.cfg invariant to efi and legacy platforms (bsc#1205200) - Removed patch linuxefi * grub2-secureboot-provide-linuxefi-config.patch * grub2-secureboot-use-linuxefi-on-uefi-in-os-prober.patch * grub2-secureboot-use-linuxefi-on-uefi.patch - Rediff * grub2-btrfs-05-grub2-mkconfig.patch * grub2-efi-xen-cmdline.patch * grub2-s390x-05-grub2-mkconfig.patch * grub2-suse-remove-linux-root-param.patch- Setup multiple device paths for a nvmf boot device (bsc#1205666) * 0001-grub2-Set-multiple-device-path-for-a-nvmf-boot-devic.patch- Increase the path buffer in the crypttab command for the long volume name (bsc#1206333) * grub2-increase-crypttab-path-buffer.patch- Add tpm to signed grub.elf image (PED-1990) (bsc#1205912) - Increase initial heap size from 1/4 to 1/3 * 0001-ieee1275-Increase-initially-allocated-heap-from-1-4-.patch- Make full utilization of btrfs bootloader area (bsc#1161823) * 0001-fs-btrfs-Use-full-btrfs-bootloader-area.patch * 0002-Mark-environmet-blocks-as-used-for-image-embedding.patch - Patch removed * 0001-i386-pc-build-btrfs-zstd-support-into-separate-modul.patch- Fix regression of reverting back to asking password twice when a keyfile is already used (bsc#1205309) * 0010-templates-import-etc-crypttab-to-grub.cfg.patch- Security fixes and hardenings * 0001-font-Reject-glyphs-exceeds-font-max_glyph_width-or-f.patch * 0002-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch - Fix CVE-2022-2601 (bsc#1205178) * 0003-font-Fix-several-integer-overflows-in-grub_font_cons.patch * 0004-font-Remove-grub_font_dup_glyph.patch * 0005-font-Fix-integer-overflow-in-ensure_comb_space.patch * 0006-font-Fix-integer-overflow-in-BMP-index.patch * 0007-font-Fix-integer-underflow-in-binary-search-of-char-.patch * 0008-fbutil-Fix-integer-overflow.patch - Fix CVE-2022-3775 (bsc#1205182) * 0009-font-Fix-an-integer-underflow-in-blit_comb.patch * 0010-font-Harden-grub_font_blit_glyph-and-grub_font_blit_.patch * 0011-font-Assign-null_font-to-glyphs-in-ascii_font_glyph.patch * 0012-normal-charset-Fix-an-integer-overflow-in-grub_unico.patch - Bump upstream SBAT generation to 3- Removed 0001-linux-fix-efi_relocate_kernel-failure.patch as reported regression in some hardware being stuck in initrd loading (bsc#1205380)- Fix password asked twice if third field in crypttab not present (bsc#1205312) * 0009-Add-crypttab_entry-to-obviate-the-need-to-input-pass.patch- NVMeoFC support on grub (jsc#PED-996) * 0001-ieee1275-add-support-for-NVMeoFC.patch * 0002-ieee1275-ofpath-enable-NVMeoF-logical-device-transla.patch * 0003-ieee1275-change-the-logic-of-ieee1275_get_devargs.patch * 0004-ofpath-controller-name-update.patch - TDX: Enhance grub2 measurement to TD RTMR (jsc#PED-1265) * 0001-commands-efi-tpm-Refine-the-status-of-log-event.patch * 0002-commands-efi-tpm-Use-grub_strcpy-instead-of-grub_mem.patch * 0003-efi-tpm-Add-EFI_CC_MEASUREMENT_PROTOCOL-support.patch - Measure the kernel on POWER10 and extend TPM PCRs (PED-1990) * 0001-ibmvtpm-Add-support-for-trusted-boot-using-a-vTPM-2..patch * 0002-ieee1275-implement-vec5-for-cas-negotiation.patch - Fix efi pcr snapshot related funtion is defined but not used on powerpc platform. * safe_tpm_pcr_snapshot.patch- Include loopback into signed grub2 image (jsc#PED-2150)- Fix firmware oops after disk decrypting failure (bsc#1204037) * 0009-Add-crypttab_entry-to-obviate-the-need-to-input-pass.patch- Add patch to fix kernel relocation error in low memory * 0001-linux-fix-efi_relocate_kernel-failure.patch- Add safety measure to pcr snapshot by checking platform and tpm status * safe_tpm_pcr_snapshot.patch- Fix installation failure due to unavailable nvram device on ppc64le (bsc#1201361) * 0001-grub-install-set-point-of-no-return-for-powerpc-ieee1275.patch- Add patches to dynamically allocate additional memory regions for EFI systems (bsc#1202438) * 0001-mm-Allow-dynamically-requesting-additional-memory-re.patch * 0002-kern-efi-mm-Always-request-a-fixed-number-of-pages-o.patch * 0003-kern-efi-mm-Extract-function-to-add-memory-regions.patch * 0004-kern-efi-mm-Pass-up-errors-from-add_memory_regions.patch * 0005-kern-efi-mm-Implement-runtime-addition-of-pages.patch - Enlarge the default heap size and defer the disk cache invalidation (bsc#1202438) * 0001-kern-efi-mm-Enlarge-the-default-heap-size.patch * 0002-mm-Defer-the-disk-cache-invalidation.patch- Add patches for ALP FDE support * 0001-devmapper-getroot-Have-devmapper-recognize-LUKS2.patch * 0002-devmapper-getroot-Set-up-cheated-LUKS2-cryptodisk-mo.patch * 0003-disk-cryptodisk-When-cheatmounting-use-the-sector-in.patch * 0004-normal-menu-Don-t-show-Booting-s-msg-when-auto-booti.patch * 0005-EFI-suppress-the-Welcome-to-GRUB-message-in-EFI-buil.patch * 0006-EFI-console-Do-not-set-colorstate-until-the-first-te.patch * 0007-EFI-console-Do-not-set-cursor-until-the-first-text-o.patch * 0008-linuxefi-Use-common-grub_initrd_load.patch * 0009-Add-crypttab_entry-to-obviate-the-need-to-input-pass.patch * 0010-templates-import-etc-crypttab-to-grub.cfg.patch * grub-read-pcr.patch * efi-set-variable-with-attrs.patch * tpm-record-pcrs.patch * tpm-protector-dont-measure-sealed-key.patch * tpm-protector-export-secret-key.patch * grub-install-record-pcrs.patch * grub-unseal-debug.patch- Fix out of memory error cannot be prevented via disabling tpm (bsc#1202438) * 0001-tpm-Disable-tpm-verifier-if-tpm-is-not-present.patch- Fix tpm error stop tumbleweed from booting (bsc#1202374) * 0001-tpm-Pass-unknown-error-as-non-fatal-but-debug-print-.patch - Patch Removed * 0001-tpm-Log-EFI_VOLUME_FULL-and-continue.patch- Add tpm, tpm2, luks2 and gcry_sha512 to default grub.efi (bsc#1197625) - Make grub-tpm.efi a symlink to grub.efi * grub2.spec - Log error when tpm event log is full and continue * 0001-tpm-Log-EFI_VOLUME_FULL-and-continue.patch - Patch superseded * 0001-tpm-Pass-unknown-error-as-non-fatal-but-debug-print-.patch- Add patches for automatic TPM disk unlock (jsc#SLE-24018) (bsc#1196668) (jsc#PED-1276) * 0001-luks2-Add-debug-message-to-align-with-luks-and-geli-.patch * 0002-cryptodisk-Refactor-to-discard-have_it-global.patch * 0003-cryptodisk-Return-failure-in-cryptomount-when-no-cry.patch * 0004-cryptodisk-Improve-error-messaging-in-cryptomount-in.patch * 0005-cryptodisk-Improve-cryptomount-u-error-message.patch * 0006-cryptodisk-Add-infrastructure-to-pass-data-from-cryp.patch * 0007-cryptodisk-Refactor-password-input-out-of-crypto-dev.patch * 0008-cryptodisk-Move-global-variables-into-grub_cryptomou.patch * 0009-cryptodisk-Improve-handling-of-partition-name-in-cry.patch * 0010-protectors-Add-key-protectors-framework.patch * 0011-tpm2-Add-TPM-Software-Stack-TSS.patch * 0012-protectors-Add-TPM2-Key-Protector.patch * 0013-cryptodisk-Support-key-protectors.patch * 0014-util-grub-protect-Add-new-tool.patch - Fix no disk unlocking happen (bsc#1196668) * 0001-crytodisk-fix-cryptodisk-module-looking-up.patch - Fix build error * fix-tpm2-build.patch- Security fixes and hardenings for boothole 3 / boothole 2022 (bsc#1198581) * 0001-video-Remove-trailing-whitespaces.patch * 0002-loader-efi-chainloader-Simplify-the-loader-state.patch * 0003-commands-boot-Add-API-to-pass-context-to-loader.patch - Fix CVE-2022-28736 (bsc#1198496) * 0004-loader-efi-chainloader-Use-grub_loader_set_ex.patch - Fix CVE-2022-28735 (bsc#1198495) * 0005-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch * 0006-kern-file-Do-not-leak-device_name-on-error-in-grub_f.patch * 0007-video-readers-png-Abort-sooner-if-a-read-operation-f.patch * 0008-video-readers-png-Refuse-to-handle-multiple-image-he.patch - Fix CVE-2021-3695 (bsc#1191184) * 0009-video-readers-png-Drop-greyscale-support-to-fix-heap.patch - Fix CVE-2021-3696 (bsc#1191185) * 0010-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch * 0011-video-readers-png-Sanity-check-some-huffman-codes.patch * 0012-video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch * 0013-video-readers-jpeg-Do-not-reallocate-a-given-huff-ta.patch * 0014-video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch - Fix CVE-2021-3697 (bsc#1191186) * 0015-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch * 0016-normal-charset-Fix-array-out-of-bounds-formatting-un.patch - Fix CVE-2022-28733 (bsc#1198460) * 0017-net-ip-Do-IP-fragment-maths-safely.patch * 0018-net-netbuff-Block-overly-large-netbuff-allocs.patch * 0019-net-dns-Fix-double-free-addresses-on-corrupt-DNS-res.patch * 0020-net-dns-Don-t-read-past-the-end-of-the-string-we-re-.patch * 0021-net-tftp-Prevent-a-UAF-and-double-free-from-a-failed.patch * 0022-net-tftp-Avoid-a-trivial-UAF.patch * 0023-net-http-Do-not-tear-down-socket-if-it-s-already-bee.patch - Fix CVE-2022-28734 (bsc#1198493) * 0024-net-http-Fix-OOB-write-for-split-http-headers.patch - Fix CVE-2022-28734 (bsc#1198493) * 0025-net-http-Error-out-on-headers-with-LF-without-CR.patch * 0026-fs-f2fs-Do-not-read-past-the-end-of-nat-journal-entr.patch * 0027-fs-f2fs-Do-not-read-past-the-end-of-nat-bitmap.patch * 0028-fs-f2fs-Do-not-copy-file-names-that-are-too-long.patch * 0029-fs-btrfs-Fix-several-fuzz-issues-with-invalid-dir-it.patch * 0030-fs-btrfs-Fix-more-ASAN-and-SEGV-issues-found-with-fu.patch * 0031-fs-btrfs-Fix-more-fuzz-issues-related-to-chunks.patch * 0032-Use-grub_loader_set_ex-for-secureboot-chainloader.patch - Bump grub's SBAT generation to 2- Use boot disks in OpenFirmware, fixing regression caused by 0001-ieee1275-implement-FCP-methods-for-WWPN-and-LUNs.patch, when the root LV is completely in the boot LUN (bsc#1197948) * 0001-ofdisk-improve-boot-time-by-lookup-boot-disk-first.patch- Fix error message in displaying help on bootable snapshot (bsc#1199609)- Fix installation over serial console ends up in infinite boot loop (bsc#1187810) (bsc#1209667) (bsc#1209372) * 0001-Fix-infinite-boot-loop-on-headless-system-in-qemu.patch - Fix ppc64le build error for new IEEE long double ABI * 0001-libc-config-merge-from-glibc.patch- Fix Power10 LPAR error "The partition fails to activate as partition went into invalid state" (bsc#1198714) * 0001-powerpc-do-CAS-in-a-more-compatible-way.patch- use common SBAT values (boo#1193282)- Fix wrong order in kernel sorting of listing rc before final release (bsc#1197376) * grub2-use-rpmsort-for-version-sorting.patch- Fix duplicated insmod part_gpt lines in grub.cfg (bsc#1197186) * 0001-grub-probe-Deduplicate-probed-partmap-output.patch- Fix GCC 12 build failure (bsc#1196546) * 0001-mkimage-Fix-dangling-pointer-may-be-used-error.patch * 0002-Fix-Werror-array-bounds-array-subscript-0-is-outside.patch * 0003-reed_solomon-Fix-array-subscript-0-is-outside-array-.patch - Revised * grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch * 0002-ieee1275-powerpc-enables-device-mapper-discovery.patch- Fix grub-install error when efi system partition is created as mdadm software raid1 device (bsc#1179981) (bsc#1195204) * 0001-install-fix-software-raid1-on-esp.patch- Fix riscv64 build error * 0001-RISC-V-Adjust-march-flags-for-binutils-2.38.patch- Fix error in grub-install when linux root device is on lvm thin volume (bsc#1192622) (bsc#1191974) * 0001-grub-install-bailout-root-device-probing.patch- Support saving grub environment for POWER signed grub images (jsc#SLE-23854) * 0001-Add-grub_envblk_buf-helper-function.patch * 0002-Add-grub_disk_write_tail-helper-function.patch * 0003-grub-install-support-prep-environment-block.patch * 0004-Introduce-prep_load_env-command.patch * 0005-export-environment-at-start-up.patch - Use enviroment variable in early boot config to looking up root device * grub2.spec- Remove obsolete openSUSE 12.2 conditionals in spec file - Clean up powerpc certificate handling.- Set grub2-check-default shebang to "#!/bin/bash", as the the code uses many instructions which are undefined for a POSIX sh. (boo#1195794).- Power guest secure boot with static keys: GRUB2 signing portion (jsc#SLE-18271) (bsc#1192764) * 0001-grub-install-Add-SUSE-signed-image-support-for-power.patch- Fix wrong default entry when booting snapshot (bsc#1159205) * grub2-btrfs-08-workaround-snapshot-menu-default-entry.patch- Power guest secure boot with static keys: GRUB2 signing portion (jsc#SLE-18271) (bsc#1192764) * grub2.spec - Power guest secure boot with static keys: GRUB2 portion (jsc#SLE-18144) (bsc#1192686) * 0001-ieee1275-Drop-HEAP_MAX_ADDR-and-HEAP_MIN_SIZE-consta.patch * 0002-ieee1275-claim-more-memory.patch * 0003-ieee1275-request-memory-with-ibm-client-architecture.patch * 0004-Add-suport-for-signing-grub-with-an-appended-signatu.patch * 0005-docs-grub-Document-signing-grub-under-UEFI.patch * 0006-docs-grub-Document-signing-grub-with-an-appended-sig.patch * 0007-dl-provide-a-fake-grub_dl_set_persistent-for-the-emu.patch * 0008-pgp-factor-out-rsa_pad.patch * 0009-crypto-move-storage-for-grub_crypto_pk_-to-crypto.c.patch * 0010-posix_wrap-tweaks-in-preparation-for-libtasn1.patch * 0011-libtasn1-import-libtasn1-4.18.0.patch * 0012-libtasn1-disable-code-not-needed-in-grub.patch * 0013-libtasn1-changes-for-grub-compatibility.patch * 0014-libtasn1-compile-into-asn1-module.patch * 0015-test_asn1-test-module-for-libtasn1.patch * 0016-grub-install-support-embedding-x509-certificates.patch * 0017-appended-signatures-import-GNUTLS-s-ASN.1-descriptio.patch * 0018-appended-signatures-parse-PKCS-7-signedData-and-X.50.patch * 0019-appended-signatures-support-verifying-appended-signa.patch * 0020-appended-signatures-verification-tests.patch * 0021-appended-signatures-documentation.patch * 0022-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch * 0023-x509-allow-Digitial-Signature-plus-other-Key-Usages.patch- Fix no menuentry is found if hibernation on btrfs RAID1 (bsc#1193090) * grub2-systemd-sleep-plugin- Fix CVE-2021-3981 (bsc#1189644) * 0001-grub-mkconfig-restore-umask-for-grub.cfg.patch- Fix can't allocate initrd error (bsc#1191378) * 0001-Factor-out-grub_efi_linux_boot.patch * 0002-Fix-race-in-EFI-validation.patch * 0003-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch * 0004-Try-to-pick-better-locations-for-kernel-and-initrd.patch * 0005-x86-efi-Use-bounce-buffers-for-reading-to-addresses-.patch * 0006-x86-efi-Re-arrange-grub_cmd_linux-a-little-bit.patch * 0007-x86-efi-Make-our-own-allocator-for-kernel-stuff.patch * 0008-x86-efi-Allow-initrd-params-cmdline-allocations-abov.patch * 0009-x86-efi-Reduce-maximum-bounce-buffer-size-to-16-MiB.patch * 0010-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch * 0011-Also-define-GRUB_EFI_MAX_ALLOCATION_ADDRESS-for-RISC.patch- Add support for simplefb (boo#1193532). + grub2-simplefb.patch- Fix extent not found when initramfs contains shared extents (bsc#1190982) * 0001-fs-btrfs-Make-extent-item-iteration-to-handle-gaps.patch- Fix arm64 kernel image not aligned on 64k boundary (bsc#1192522) * 0001-arm64-Fix-EFI-loader-kernel-image-allocation.patch * 0002-Arm-check-for-the-PE-magic-for-the-compiled-arch.patch- Remove openSUSE Tumbleweed specific handling for default grub distributor (bsc#1191198) - Use /usr/lib/os-release as fallback (bsc#1191196) * grub2-default-distributor.patch * grub2-check-default.sh - VUL-0: grub2: grub2-once uses fixed file name in /var/tmp (bsc#1190474) (CVE-2021-46705) * grub2-once * grub2-once.service - Fix unknown TPM error on buggy uefi firmware (bsc#1191504) * 0001-tpm-Pass-unknown-error-as-non-fatal-but-debug-print-.patch - Fix error /boot/grub2/locale/POSIX.gmo not found (bsc#1189769) * 0001-Filter-out-POSIX-locale-for-translation.patch - Fix error lvmid disk cannot be found after second disk added to the root volume group (bsc#1189874) (bsc#1071559) * 0001-ieee1275-implement-FCP-methods-for-WWPN-and-LUNs.patch - Fix error in grub installation due to unnecessary requirement to support excessive device for the root logical volume (bsc#1184135) * 0001-disk-diskfilter-Use-nodes-in-logical-volume-s-segmen.patch - Fix regression in reading xfs v4 * 0001-fs-xfs-Fix-unreadable-filesystem-with-v4-superblock.patch- Fix installation on usrmerged s390x- Improve support for SLE Micro 5.1 on s390x. (bsc#1190395) * amend grub2-s390x-04-grub2-install.patch * refresh grub2-s390x-11-secureboot.patch- Follow usr merge for looking up kernel config (bsc#1189782) (bsc#1190061) * 0001-templates-Follow-the-path-of-usr-merged-kernel-confi.patch- Add btrfs zstd compression on i386-pc and also make sure it won't break existing grub installations (bsc#1161823) * deleted 0001-btrfs-disable-zstd-support-for-i386-pc.patch * added 0001-i386-pc-build-btrfs-zstd-support-into-separate-modul.patch- Delete the author list from %description (the %description section is literally for package descriptions (only) these days, encoding was also problematic). - Add %doc AUTHORS to get packaged that info- update grub2-systemd-sleep.sh to fix hibernation by avoiding the error "no kernelfile matching the running kernel found" on usrmerged setup- Use %autosetup- Replace grub2-use-stat-instead-of-udevadm-for-partition-lookup.patch and fix-grub2-use-stat-instead-of-udevadm-for-partition-lookup-with-new-glibc.patch with upstream backport: 0001-osdep-Introduce-include-grub-osdep-major.h-and-use-i.patch and 0002-osdep-linux-hostdisk-Use-stat-instead-of-udevadm-for.patch.- Fix error not a btrfs filesystem on s390x (bsc#1187645) * 80_suse_btrfs_snapshot- Fix error gfxterm isn't found with multiple terminals (bsc#1187565) * grub2-fix-error-terminal-gfxterm-isn-t-found.patch- Fix boot failure after kdump due to the content of grub.cfg is not completed with pending modificaton in xfs journal (bsc#1186975) * grub-install-force-journal-draining-to-ensure-data-i.patch - Patch refreshed * grub2-mkconfig-default-entry-correction.patch- Version bump to 2.06 * rediff - 0001-add-support-for-UEFI-network-protocols.patch - 0002-net-read-bracketed-ipv6-addrs-and-port-numbers.patch - 0003-Make-grub_error-more-verbose.patch - 0003-bootp-New-net_bootp6-command.patch - 0005-grub.texi-Add-net_bootp6-doument.patch - 0006-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch - 0006-efi-Set-image-base-address-before-jumping-to-the-PE-.patch - 0008-efinet-Setting-DNS-server-from-UEFI-protocol.patch - 0046-squash-verifiers-Move-verifiers-API-to-kernel-image.patch - grub-install-force-journal-draining-to-ensure-data-i.patch - grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch - grub2-diskfilter-support-pv-without-metadatacopies.patch - grub2-efi-HP-workaround.patch - grub2-efi-xen-cfg-unquote.patch - grub2-efi-xen-chainload.patch - grub2-fix-menu-in-xen-host-server.patch - grub2-gfxmenu-support-scrolling-menu-entry-s-text.patch - grub2-install-remove-useless-check-PReP-partition-is-empty.patch - grub2-lvm-allocate-metadata-buffer-from-raw-contents.patch - grub2-mkconfig-default-entry-correction.patch - grub2-pass-corret-root-for-nfsroot.patch - grub2-s390x-03-output-7-bit-ascii.patch - grub2-s390x-04-grub2-install.patch - grub2-secureboot-install-signed-grub.patch - grub2-setup-try-fs-embed-if-mbr-gap-too-small.patch - use-grub2-as-a-package-name.patch * update by patch squashed: - 0001-Add-support-for-Linux-EFI-stub-loading-on-aarch64.patch - grub2-efi-chainload-harder.patch - grub2-secureboot-no-insmod-on-sb.patch - grub2-secureboot-chainloader.patch - grub2-secureboot-add-linuxefi.patch * remove squashed patches: - 0008-squash-Add-support-for-Linux-EFI-stub-loading-on-aar.patch - 0009-squash-Add-support-for-linuxefi.patch - 0041-squash-Add-secureboot-support-on-efi-chainloader.patch - 0042-squash-grub2-efi-chainload-harder.patch - 0043-squash-Don-t-allow-insmod-when-secure-boot-is-enable.patch - 0045-squash-Add-support-for-Linux-EFI-stub-loading-on-aar.patch * drop upstream patches: - 0001-Warn-if-MBR-gap-is-small-and-user-uses-advanced-modu.patch - 0001-include-grub-i386-linux.h-Include-missing-grub-types.patch - 0001-kern-efi-sb-Add-chainloaded-image-as-shim-s-verifiab.patch - 0001-mdraid1x_linux-Fix-gcc10-error-Werror-array-bounds.patch - 0001-normal-Move-common-datetime-functions-out-of-the-nor.patch - 0001-yylex-Make-lexer-fatal-errors-actually-be-fatal.patch - 0002-efi-Make-shim_lock-GUID-and-protocol-type-public.patch - 0002-grub-install-Avoid-incompleted-install-on-i386-pc.patch - 0002-kern-Add-X-option-to-printf-functions.patch - 0002-safemath-Add-some-arithmetic-primitives-that-check-f.patch - 0002-zfs-Fix-gcc10-error-Werror-zero-length-bounds.patch - 0003-calloc-Make-sure-we-always-have-an-overflow-checking.patch - 0003-efi-Return-grub_efi_status_t-from-grub_efi_get_varia.patch - 0003-normal-main-Search-for-specific-config-files-for-net.patch - 0004-calloc-Use-calloc-at-most-places.patch - 0004-datetime-Enable-the-datetime-module-for-the-emu-plat.patch - 0004-efi-Add-a-function-to-read-EFI-variables-with-attrib.patch - 0005-Make-linux_arm_kernel_header.hdr_offset-be-at-the-ri.patch - 0005-efi-Add-secure-boot-detection.patch - 0005-malloc-Use-overflow-checking-primitives-where-we-do-.patch - 0006-efi-Only-register-shim_lock-verifier-if-shim_lock-pr.patch - 0006-iso9660-Don-t-leak-memory-on-realloc-failures.patch - 0007-font-Do-not-load-more-than-one-NAME-section.patch - 0007-verifiers-Move-verifiers-API-to-kernel-image.patch - 0008-efi-Move-the-shim_lock-verifier-to-the-GRUB-core.patch - 0008-script-Remove-unused-fields-from-grub_script_functio.patch - 0009-kern-Add-lockdown-support.patch - 0009-script-Avoid-a-use-after-free-when-redefining-a-func.patch - 0010-kern-lockdown-Set-a-variable-if-the-GRUB-is-locked-d.patch - 0010-linux-Fix-integer-overflows-in-initrd-size-handling.patch - 0011-efi-Lockdown-the-GRUB-when-the-UEFI-Secure-Boot-is-e.patch - 0012-efi-Use-grub_is_lockdown-instead-of-hardcoding-a-dis.patch - 0013-acpi-Don-t-register-the-acpi-command-when-locked-dow.patch - 0014-mmap-Don-t-register-cutmem-and-badram-commands-when-.patch - 0015-commands-Restrict-commands-that-can-load-BIOS-or-DT-.patch - 0016-commands-setpci-Restrict-setpci-command-when-locked-.patch - 0017-commands-hdparm-Restrict-hdparm-command-when-locked-.patch - 0018-gdb-Restrict-GDB-access-when-locked-down.patch - 0019-loader-xnu-Don-t-allow-loading-extension-and-package.patch - 0020-dl-Only-allow-unloading-modules-that-are-not-depende.patch - 0021-usb-Avoid-possible-out-of-bound-accesses-caused-by-m.patch - 0022-lib-arg-Block-repeated-short-options-that-require-an.patch - 0023-commands-menuentry-Fix-quoting-in-setparams_prefix.patch - 0024-kern-parser-Fix-resource-leak-if-argc-0.patch - 0025-kern-parser-Fix-a-memory-leak.patch - 0026-kern-parser-Introduce-process_char-helper.patch - 0027-kern-parser-Introduce-terminate_arg-helper.patch - 0028-kern-parser-Refactor-grub_parser_split_cmdline-clean.patch - 0029-kern-buffer-Add-variable-sized-heap-buffer.patch - 0030-kern-parser-Fix-a-stack-buffer-overflow.patch - 0031-util-mkimage-Remove-unused-code-to-add-BSS-section.patch - 0032-util-mkimage-Use-grub_host_to_target32-instead-of-gr.patch - 0033-util-mkimage-Always-use-grub_host_to_target32-to-ini.patch - 0034-util-mkimage-Unify-more-of-the-PE32-and-PE32-header-.patch - 0035-util-mkimage-Reorder-PE-optional-header-fields-set-u.patch - 0036-util-mkimage-Improve-data_size-value-calculation.patch - 0037-util-mkimage-Refactor-section-setup-to-use-a-helper.patch - 0038-util-mkimage-Add-an-option-to-import-SBAT-metadata-i.patch - 0039-grub-install-common-Add-sbat-option.patch - 0040-shim_lock-Only-skip-loading-shim_lock-verifier-with-.patch - grub-install-define-default-platform-for-risc-v.patch - grub2-editenv-add-warning-message.patch - grub2-efi-gop-add-blt.patch - grub2-efi-uga-64bit-fb.patch - grub2-verifiers-fix-system-freeze-if-verify-failed.patch - risc-v-add-clzdi2-symbol.patch - risc-v-fix-computation-of-pc-relative-relocation-offset.patch - Add grub2-instdev-fixup.pl for correcting /etc/default/grub_installdevice to use disk devie if grub has been installed to it - Add 0001-30_uefi-firmware-fix-printf-format-with-null-byte.patch to fix detection of efi fwsetup support- Fix running grub2-once leads to failure of starting systemd service in the boot sequence (bsc#1169460) * grub2-once * grub2-once.service- Fix crash in launching gfxmenu without theme file (bsc#1186481) * grub2-gfxmenu-support-scrolling-menu-entry-s-text.patch- Fix plaintext password in grub config didn't work to unlock menu entry if enabling secure boot in UEFI (bsc#1181892)- Fix obsolete syslog in systemd unit file and updating to use journal as StandardOutput (bsc#1185149) * grub2-once.service- Fix build error on armv6/armv7 (bsc#1184712) * 0001-emu-fix-executable-stack-marking.patch- Fix error grub_file_filters not found in Azure virtual machine (bsc#1182012) * 0001-Workaround-volatile-efi-boot-variable.patch- Fix powerpc-ieee1275 lpar takes long time to boot with increasing number of nvme namespace (bsc#1177751) 0001-ieee1275-Avoiding-many-unecessary-open-close.patch- Fix chainloading windows on dual boot machine (bsc#1183073) * 0001-kern-efi-sb-Add-chainloaded-image-as-shim-s-verifiab.patch- VUL-0: grub2,shim: implement new SBAT method (bsc#1182057) * 0031-util-mkimage-Remove-unused-code-to-add-BSS-section.patch * 0032-util-mkimage-Use-grub_host_to_target32-instead-of-gr.patch * 0033-util-mkimage-Always-use-grub_host_to_target32-to-ini.patch * 0034-util-mkimage-Unify-more-of-the-PE32-and-PE32-header-.patch * 0035-util-mkimage-Reorder-PE-optional-header-fields-set-u.patch * 0036-util-mkimage-Improve-data_size-value-calculation.patch * 0037-util-mkimage-Refactor-section-setup-to-use-a-helper.patch * 0038-util-mkimage-Add-an-option-to-import-SBAT-metadata-i.patch * 0039-grub-install-common-Add-sbat-option.patch - Fix CVE-2021-20225 (bsc#1182262) * 0022-lib-arg-Block-repeated-short-options-that-require-an.patch - Fix CVE-2020-27749 (bsc#1179264) * 0024-kern-parser-Fix-resource-leak-if-argc-0.patch * 0025-kern-parser-Fix-a-memory-leak.patch * 0026-kern-parser-Introduce-process_char-helper.patch * 0027-kern-parser-Introduce-terminate_arg-helper.patch * 0028-kern-parser-Refactor-grub_parser_split_cmdline-clean.patch * 0029-kern-buffer-Add-variable-sized-heap-buffer.patch * 0030-kern-parser-Fix-a-stack-buffer-overflow.patch - Fix CVE-2021-20233 (bsc#1182263) * 0023-commands-menuentry-Fix-quoting-in-setparams_prefix.patch - Fix CVE-2020-25647 (bsc#1177883) * 0021-usb-Avoid-possible-out-of-bound-accesses-caused-by-m.patch - Fix CVE-2020-25632 (bsc#1176711) * 0020-dl-Only-allow-unloading-modules-that-are-not-depende.patch - Fix CVE-2020-27779, CVE-2020-14372 (bsc#1179265) (bsc#1175970) * 0001-include-grub-i386-linux.h-Include-missing-grub-types.patch * 0002-efi-Make-shim_lock-GUID-and-protocol-type-public.patch * 0003-efi-Return-grub_efi_status_t-from-grub_efi_get_varia.patch * 0004-efi-Add-a-function-to-read-EFI-variables-with-attrib.patch * 0005-efi-Add-secure-boot-detection.patch * 0006-efi-Only-register-shim_lock-verifier-if-shim_lock-pr.patch * 0007-verifiers-Move-verifiers-API-to-kernel-image.patch * 0008-efi-Move-the-shim_lock-verifier-to-the-GRUB-core.patch * 0009-kern-Add-lockdown-support.patch * 0010-kern-lockdown-Set-a-variable-if-the-GRUB-is-locked-d.patch * 0011-efi-Lockdown-the-GRUB-when-the-UEFI-Secure-Boot-is-e.patch * 0012-efi-Use-grub_is_lockdown-instead-of-hardcoding-a-dis.patch * 0013-acpi-Don-t-register-the-acpi-command-when-locked-dow.patch * 0014-mmap-Don-t-register-cutmem-and-badram-commands-when-.patch * 0015-commands-Restrict-commands-that-can-load-BIOS-or-DT-.patch * 0016-commands-setpci-Restrict-setpci-command-when-locked-.patch * 0017-commands-hdparm-Restrict-hdparm-command-when-locked-.patch * 0018-gdb-Restrict-GDB-access-when-locked-down.patch * 0019-loader-xnu-Don-t-allow-loading-extension-and-package.patch * 0040-shim_lock-Only-skip-loading-shim_lock-verifier-with-.patch * 0041-squash-Add-secureboot-support-on-efi-chainloader.patch * 0042-squash-grub2-efi-chainload-harder.patch * 0043-squash-Don-t-allow-insmod-when-secure-boot-is-enable.patch * 0044-squash-kern-Add-lockdown-support.patch * 0045-squash-Add-support-for-Linux-EFI-stub-loading-on-aar.patch * 0046-squash-verifiers-Move-verifiers-API-to-kernel-image.patch - Drop patch supersceded by the new backport * 0001-linuxefi-fail-kernel-validation-without-shim-protoco.patch * 0001-shim_lock-Disable-GRUB_VERIFY_FLAGS_DEFER_AUTH-if-se.patch * 0007-linuxefi-fail-kernel-validation-without-shim-protoco.patch - Add SBAT metadata section to grub.efi - Drop shim_lock module as it is part of core of grub.efi * grub2.spec- Fix build error in binutils 2.36 (bsc#1181741) * 0001-Fix-build-error-in-binutils-2.36.patch - Fix executable stack in grub-emu (bsc#1181696) * 0001-emu-fix-executable-stack-marking.patch- Restore compatibilty sym-links * grub2.spec - Use rpmlintrc to filter out rpmlint 2.0 error (bsc#1179044) * grub2.rpmlintrc- Complete Secure Boot support on aarch64 (jsc#SLE-15020) * 0001-Add-support-for-Linux-EFI-stub-loading-on-aarch64.patch * 0002-arm64-make-sure-fdt-has-address-cells-and-size-cells.patch * 0003-Make-grub_error-more-verbose.patch * 0004-arm-arm64-loader-Better-memory-allocation-and-error-.patch * 0005-Make-linux_arm_kernel_header.hdr_offset-be-at-the-ri.patch * 0006-efi-Set-image-base-address-before-jumping-to-the-PE-.patch * 0007-linuxefi-fail-kernel-validation-without-shim-protoco.patch * 0008-squash-Add-support-for-Linux-EFI-stub-loading-on-aar.patch * 0009-squash-Add-support-for-linuxefi.patch- Fix rpmlint 2.0 error for having arch specific path in noarch package aiming for compatibility with old package (bsc#1179044) * grub2.spec - Fix non POSIX sed argument which failed in sed from busybox (bsc#1181091) * grub2-check-default.sh- Fix boot failure in blocklist installation (bsc#1178278) * Modified 0002-grub-install-Avoid-incompleted-install-on-i386-pc.patch- Fix grub2-install error with "failed to get canonical path of `/boot/grub2/i386-pc'." (bsc#1177957) * Modified 0002-grub-install-Avoid-incompleted-install-on-i386-pc.patch- Fix https boot interrupted by unrecognised network address error message (bsc#1172952) * 0001-add-support-for-UEFI-network-protocols.patch- grub2.spec: Fix bare words used as string in expression which is no longer allowed in rpm 4.16- Improve the error handling when grub2-install fails with short mbr gap (bsc#1176062) * 0001-Warn-if-MBR-gap-is-small-and-user-uses-advanced-modu.patch * 0002-grub-install-Avoid-incompleted-install-on-i386-pc.patch- Make efi hand off the default entry point of the linux command (bsc#1176134) * 0001-efi-linux-provide-linux-command.patch- Fix verification requested but nobody cares error when loading external module in secure boot off (bsc#1175766) * 0001-shim_lock-Disable-GRUB_VERIFY_FLAGS_DEFER_AUTH-if-se.patch- Make consistent check to enable relative path on btrfs (bsc#1174567) * 0001-Unify-the-check-to-enable-btrfs-relative-path.patch- Add fibre channel device's ofpath support to grub-ofpathname and search hint to speed up root device discovery (bsc#1172745) * 0001-ieee1275-powerpc-implements-fibre-channel-discovery-.patch * 0002-ieee1275-powerpc-enables-device-mapper-discovery.patch- Fix for CVE-2020-15705 (bsc#1174421) * 0001-linuxefi-fail-kernel-validation-without-shim-protoco.patch * 0002-cmdline-Provide-cmdline-functions-as-module.patch- Make grub-calloc inline to avoid symbol not found error as the system may not use updated grub to boot the system (bsc#1174782) (bsc#1175060) (bsc#1175036) * 0001-kern-mm.c-Make-grub_calloc-inline.patch- Fix for CVE-2020-10713 (bsc#1168994) * 0001-yylex-Make-lexer-fatal-errors-actually-be-fatal.patch - Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 (bsc#1173812) * 0002-safemath-Add-some-arithmetic-primitives-that-check-f.patch * 0003-calloc-Make-sure-we-always-have-an-overflow-checking.patch * 0004-calloc-Use-calloc-at-most-places.patch * 0005-malloc-Use-overflow-checking-primitives-where-we-do-.patch * 0006-iso9660-Don-t-leak-memory-on-realloc-failures.patch * 0007-font-Do-not-load-more-than-one-NAME-section.patch - Fix CVE-2020-15706 (bsc#1174463) * 0008-script-Remove-unused-fields-from-grub_script_functio.patch * 0009-script-Avoid-a-use-after-free-when-redefining-a-func.patch - Fix CVE-2020-15707 (bsc#1174570) * 0010-linux-Fix-integer-overflows-in-initrd-size-handling.patch - Use overflow checking primitives where the arithmetic expression for buffer allocations may include unvalidated data - Use grub_calloc for overflow check and return NULL when it would occur * 0001-add-support-for-UEFI-network-protocols.patch * 0003-bootp-New-net_bootp6-command.patch * grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch * grub2-btrfs-09-get-default-subvolume.patch * grub2-gfxmenu-support-scrolling-menu-entry-s-text.patch * grub2-grubenv-in-btrfs-header.patch- No 95_textmode for PowerPC (boo#1174166)- Skip zfcpdump kernel from the grub boot menu (bsc#1166513) * grub2-s390x-skip-zfcpdump-image.patch- Fix boot failure as journaled data not get drained due to abrupt power off after grub-install (bsc#1167756) * grub-install-force-journal-draining-to-ensure-data-i.patch- Fix executable stack in grub-probe and other grub utility (bsc#1169137) * grub2-btrfs-06-subvol-mount.patch- Fix GCC 10 build fail (bsc#1158189) * 0001-mdraid1x_linux-Fix-gcc10-error-Werror-array-bounds.patch * 0002-zfs-Fix-gcc10-error-Werror-zero-length-bounds.patch- Backport to support searching for specific config files for netboot (bsc#1166409) * 0001-normal-Move-common-datetime-functions-out-of-the-nor.patch * 0002-kern-Add-X-option-to-printf-functions.patch * 0003-normal-main-Search-for-specific-config-files-for-net.patch * 0004-datetime-Enable-the-datetime-module-for-the-emu-plat.patch- move *.module files to separate -debug subpackage (boo#1166578)- Fix EFI console detection to make it a runtime decision (bsc#1164385) * grub2-SUSE-Add-the-t-hotkey.patch- Downgrade mtools to Suggests for consistency with xorriso (boo#1165839) - remove info requirements, file triggers are used now (boo#1152105)- Add secure boot support for s390x. (jsc#SLE-9425) * grub2-s390x-11-secureboot.patch- Fix grub hangs after loading rogue image without valid signature for uefi secure boot (bsc#1159102) * grub2-verifiers-fix-system-freeze-if-verify-failed.patch- From Stefan Seyfried : Fix grub2-install fails with "not a directory" error (boo#1161641, bsc#1162403) * grub2-install-fix-not-a-directory-error.patch- Correct awk pattern in 20_linux_xen (bsc#900418, bsc#1157912) - Correct linux and initrd handling in 20_linux_xen (bsc#1157912) M grub2-efi-xen-cfg-unquote.patch M grub2-efi-xen-chainload.patch M grub2-efi-xen-cmdline.patch M grub2-efi-xen-removable.patch- Disable btrfs zstd support for i386-pc to workaround core.img too large to be embedded in btrfs bootloader area or MBR gap (boo#1154809) * 0001-btrfs-disable-zstd-support-for-i386-pc.patch- Fix grub2.sleep to load old kernel after hibernation (boo#1154783)- Enable support for riscv64 - Backports from upstream: * risc-v-fix-computation-of-pc-relative-relocation-offset.patch * risc-v-add-clzdi2-symbol.patch * grub-install-define-default-platform-for-risc-v.patch- Version bump to 2.04 * removed - translations-20170427.tar.xz * grub2.spec - Make signed grub-tpm.efi specific to x86_64-efi build, the platform currently shipped with tpm module from upstream codebase - Add shim_lock to signed grub.efi in x86_64-efi build - x86_64: linuxefi now depends on linux, both will verify kernel via shim_lock - Remove translation tarball and po file hacks as it's been included in upstream tarball * rediff - grub2-setup-try-fs-embed-if-mbr-gap-too-small.patch - grub2-commands-introduce-read_file-subcommand.patch - grub2-secureboot-add-linuxefi.patch - 0001-add-support-for-UEFI-network-protocols.patch - grub2-efi-HP-workaround.patch - grub2-secureboot-install-signed-grub.patch - grub2-linux.patch - use-grub2-as-a-package-name.patch - grub2-pass-corret-root-for-nfsroot.patch - grub2-secureboot-use-linuxefi-on-uefi.patch - grub2-secureboot-no-insmod-on-sb.patch - grub2-secureboot-provide-linuxefi-config.patch - grub2-secureboot-chainloader.patch - grub2-s390x-01-Changes-made-and-files-added-in-order-to-allow-s390x.patch - grub2-s390x-02-kexec-module-added-to-emu.patch - grub2-s390x-04-grub2-install.patch - grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch - grub2-efi-chainloader-root.patch - grub2-ppc64le-disable-video.patch - grub2-ppc64-cas-reboot-support.patch - grub2-Fix-incorrect-netmask-on-ppc64.patch - 0003-bootp-New-net_bootp6-command.patch - 0006-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch - 0012-tpm-Build-tpm-as-module.patch - grub2-emu-4-all.patch - grub2-btrfs-09-get-default-subvolume.patch - grub2-ppc64le-memory-map.patch - grub2-ppc64-cas-fix-double-free.patch - 0008-efinet-Setting-DNS-server-from-UEFI-protocol.patch * drop upstream patches - grub2-fix-locale-en.mo.gz-not-found-error-message.patch - grub2-fix-build-with-flex-2.6.4.patch - grub2-accept-empty-module.patch - 0001-Fix-packed-not-aligned-error-on-GCC-8.patch - 0001-Fix-PCIe-LER-when-GRUB2-accesses-non-enabled-MMIO-da.patch - unix-exec-avoid-atexit-handlers-when-child-exits.patch - 0001-xfs-Accept-filesystem-with-sparse-inodes.patch - grub2-binutils2.31.patch - grub2-msdos-fix-overflow.patch - 0001-tsc-Change-default-tsc-calibration-method-to-pmtimer.patch - grub2-efi-Move-grub_reboot-into-kernel.patch - grub2-efi-Free-malloc-regions-on-exit.patch - grub2-move-initrd-upper.patch - 0002-Add-Virtual-LAN-support.patch - 0001-ofnet-Initialize-structs-in-bootpath-parser.patch - 0001-misc-fix-invalid-character-recongition-in-strto-l.patch - 0001-tpm-Core-TPM-support.patch - 0002-tpm-Measure-kernel-initrd.patch - 0003-tpm-Add-BIOS-boot-measurement.patch - 0004-tpm-Rework-linux-command.patch - 0005-tpm-Rework-linux16-command.patch - 0006-tpm-Measure-kernel-and-initrd-on-BIOS-systems.patch - 0007-tpm-Measure-the-kernel-commandline.patch - 0008-tpm-Measure-commands.patch - 0009-tpm-Measure-multiboot-images-and-modules.patch - 0010-tpm-Fix-boot-when-there-s-no-TPM.patch - 0011-tpm-Fix-build-error.patch - 0013-tpm-i386-pc-diskboot-img.patch - grub2-freetype-pkgconfig.patch - 0001-cpio-Disable-gcc9-Waddress-of-packed-member.patch - 0002-jfs-Disable-gcc9-Waddress-of-packed-member.patch - 0003-hfs-Fix-gcc9-error-Waddress-of-packed-member.patch - 0004-hfsplus-Fix-gcc9-error-with-Waddress-of-packed-membe.patch - 0005-acpi-Fix-gcc9-error-Waddress-of-packed-member.patch - 0006-usbtest-Disable-gcc9-Waddress-of-packed-member.patch - 0007-chainloader-Fix-gcc9-error-Waddress-of-packed-member.patch - 0008-efi-Fix-gcc9-error-Waddress-of-packed-member.patch- Consistently find btrfs snapshots on s390x. (bsc#1136970) * grub2-s390x-04-grub2-install.patch- Fix fallback embed doesn't work when no post mbr gap at all (boo#1142229) * Refresh grub2-setup-try-fs-embed-if-mbr-gap-too-small.patch- Revert grub2-ieee1275-FCP-methods-for-WWPN-and-LUNs.patch until merged by upstream (bsc#1134287, bsc#1139345, LTC#177836, LTC#174229).- Fix iteration of FCP LUNs (bsc#1134287, bsc#1139345, LTC#177836, LTC#174229). * Refresh grub2-ieee1275-FCP-methods-for-WWPN-and-LUNs.patch- Use grub2-install to handle signed grub installation for UEFI secure boot and also provide options to override default (bsc#1136601) * grub2-secureboot-install-signed-grub.patch - Remove arm64 linuxefi patches as it's not needed for secure boot * 0001-efi-refactor-grub_efi_allocate_pages.patch * 0002-Remove-grub_efi_allocate_pages.patch * 0003-arm64-efi-move-EFI_PAGE-definitions-to-efi-memory.h.patch * 0004-efi-Add-central-copy-of-grub_efi_find_mmap_size.patch * 0005-efi-Add-grub_efi_get_ram_base-function-for-arm64.patch * 0006-Add-support-for-EFI-handover-on-ARM64.patch- Avoid high resolution when trying to keep current mode (bsc#1133842) * grub2-video-limit-the-resolution-for-fixed-bimap-font.patch - Make GRUB_SAVEDEFAULT working with btrfs (bsc#1128592) * grub2-grubenv-in-btrfs-header.patch- Check/refresh zipl-kernel before hibernate on s390x. (bsc#940457) (Getting rid of hardcoded 'vmlinuz', which failed on PPC as well.) * grub2-systemd-sleep.sh- Try to refresh zipl-kernel on failed kexec. (bsc#1127293) * grub2-s390x-04-grub2-install.patch - Fully support "previous" zipl-kernel, with 'mem=1G' being available on dedicated entries. (bsc#928131) * grub2-s390x-09-improve-zipl-setup.patch - Refresh * grub2-zipl-setup-fix-btrfs-multipledev.patch- Fix GCC 9 build failure (bsc#1121208) * 0001-cpio-Disable-gcc9-Waddress-of-packed-member.patch * 0002-jfs-Disable-gcc9-Waddress-of-packed-member.patch * 0003-hfs-Fix-gcc9-error-Waddress-of-packed-member.patch * 0004-hfsplus-Fix-gcc9-error-with-Waddress-of-packed-membe.patch * 0005-acpi-Fix-gcc9-error-Waddress-of-packed-member.patch * 0006-usbtest-Disable-gcc9-Waddress-of-packed-member.patch * 0007-chainloader-Fix-gcc9-error-Waddress-of-packed-member.patch * 0008-efi-Fix-gcc9-error-Waddress-of-packed-member.patch- Use %doc for older products for compatibility, or may end up with unsuccessful build result * grub2.spec- Revert grub2-ieee1275-open-raw-mode.patch for regression of crashing lvm on multipath SAN (bsc#1113702) * deleted grub2-ieee1275-open-raw-mode.patch - Add exception handling to FCP lun enumeration (bsc#1113702) * grub2-ieee1275-FCP-methods-for-WWPN-and-LUNs.patch- Fix LOADER_TYPE parsing in grub2-once (boo#1122569)- Create compatibility sym-link of grub.xen in the old location to which old VM definition is pointing (bsc#1123942)- Add patch to fix ARM boot, when kernel become too big: * grub2-move-initrd-upper.patch (boo#1123350)- Replace old $RPM_* shell vars.- Support long menu entry by scrolling its text left and right through the key stroke ctrl+l and ctrl+r (FATE#325760) * grub2-gfxmenu-support-scrolling-menu-entry-s-text.patch- Improved hiDPI device support (FATE#326680) * grub2-video-limit-the-resolution-for-fixed-bimap-font.patch- Build platform-packages 'noarch' and move to '/usr/share/efi' for SUSE Manager. (FATE#326960) * grub2-efi-xen-chainload.patch (bsc#1122563) * grub2-efi-xen-removable.patch (refresh)- Support for UEFI Secure Boot on AArch64 (FATE#326541) * 0001-efi-refactor-grub_efi_allocate_pages.patch * 0002-Remove-grub_efi_allocate_pages.patch * 0003-arm64-efi-move-EFI_PAGE-definitions-to-efi-memory.h.patch * 0004-efi-Add-central-copy-of-grub_efi_find_mmap_size.patch * 0005-efi-Add-grub_efi_get_ram_base-function-for-arm64.patch * 0006-Add-support-for-EFI-handover-on-ARM64.patch- Change default tsc calibration method to pmtimer on EFI (bsc#1114754) * 0001-tsc-Change-default-tsc-calibration-method-to-pmtimer.patch- ieee1275: Fix double free in CAS reboot (bsc#1111955) * grub2-ppc64-cas-fix-double-free.patch- Support NVDIMM device names (bsc#1110073) * grub2-getroot-support-nvdimm.patch- Translate caret back to space as the initrd stanza could use space to delimit multiple files loaded (bsc#1101942) * grub2-util-30_os-prober-multiple-initrd.patch- ieee1275: implement FCP methods for WWPN and LUNs (bsc#1093145) * grub2-ieee1275-FCP-methods-for-WWPN-and-LUNs.patch- Fix broken network interface with random address and same name (bsc#1084508) * 0001-ofnet-Initialize-structs-in-bootpath-parser.patch- Fix outputting invalid btrfs subvol path on non btrfs filesystem due to bogus return code handling. (bsc#1106381) * modified grub2-btrfs-10-config-directory.patch- Fix overflow in sector count calculation (bsc#1105163) * grub2-msdos-fix-overflow.patch- Downgrade libburnia-tools to suggest as minimal system can't afford pulling in tcl/tk and half of the x11 stack (bsc#1102515) * modified grub2.spec- Add grub2-binutils2.31.patch: x86-64: Treat R_X86_64_PLT32 as R_X86_64_PC32. Starting from binutils commit bd7ab16b x86-64 assembler generates R_X86_64_PLT32, instead of R_X86_64_PC32, for 32-bit PC-relative branches. Grub2 should treat R_X86_64_PLT32 as R_X86_64_PC32.- The grubxenarch packages are now architecture-independent. [bsc#953297, grub2.spec, grub2-rpmlintrc]- Fix config_directory on btrfs to follow path scheme (bsc#1063443) * grub2-btrfs-10-config-directory.patch - Fix grub2-install --root-directory does not work for /boot/grub2/ on separate btrfs subvolume (boo#1098420) * grub2-btrfs-06-subvol-mount.patch - Fix setparams doesn't work as expected from boot-last-label NVRAM var, after inital CAS reboot on ieee1275 (bsc#1088830) * grub2-ppc64-cas-new-scope.patch- Fix install on xfs error (bsc#1101283) * 0001-xfs-Accept-filesystem-with-sparse-inodes.patch- grub2.spec: change %config to %config(noreplace) Don't overwrite user changes to config files on upgrades.- Marked %{_sysconfdir}/grub.d/40_custom as (noreplace) [bsc#1079332, grub2.spec]- Replace "GRUB_DISABLE_LINUX_RECOVERY" by "GRUB_DISABLE_RECOVERY" in /etc/default/grub and remove test from s390x install section in upec file. [bsc#1042433, grub.default, grub2.spec]- Added "# needssslcertforbuild", which got lost somewhere, to spec file [grub2.spec]- Replace confusing menu on btrfs "snapper rollback" by help text. [bsc#1027588, grub2-btrfs-help-on-snapper-rollback.patch]- Use %license instead of %doc [bsc#1082318]- grub2-emu on s390 keep network during kexec boot (bsc#1089493) * grub2-s390x-10-keep-network-at-kexec.patch- Add grub2-freetype-pkgconfig.patch to fix build with new freetype use pkgconfig to find Freetype libraries.- Fallback to raw mode if Open Firmware returns invalid ihandler (bsc#1071559) * grub2-ieee1275-open-raw-mode.patch- Fix error of essential directory not found on UEFI Xen host (bsc#1085842) * add grub2-efi-xen-removable.patch * rediff grub2-suse-remove-linux-root-param.patch- Fix corruption of "grub2-install --help" and grub2-install manual page (bsc#1086670) * unix-exec-avoid-atexit-handlers-when-child-exits.patch- Fix Nvidia GPU in legacy I/O slot 2 disappears during system startup (bsc#1082914) * 0001-Fix-PCIe-LER-when-GRUB2-accesses-non-enabled-MMIO-da.patch- Fix packed-not-aligned error on GCC 8 (bsc#1084632) * 0001-Fix-packed-not-aligned-error-on-GCC-8.patch- Fix incorrect netmask on ppc64 (bsc#1085419) * grub2-Fix-incorrect-netmask-on-ppc64.patch- Fix UEFI HTTPS Boot from ISO installation image (bsc#1076132) * 0001-add-support-for-UEFI-network-protocols.patch- fix wrong command output when default subvolume is toplevel tree with id 5 (bsc#1078775) * grub2-btrfs-09-get-default-subvolume.patch - insert mdraid modules to support software RAID (bsc#1078775) * grub2-xen-pv-firmware.cfg- Rename grub2-btrfs-workaround-grub2-once.patch to grub2-grubenv-in-btrfs-header.patch - Store GRUB environment variable health_checker_flag in Btrfs header- Fix incorrect check preventing the script from running (bsc#1078481) * 80_suse_btrfs_snapshot- Fix disappeared snapshot menu entry (bsc#1078481) * 80_suse_btrfs_snapshot- Fix unquoted string error and add some more checks (bsc#1079330) * grub2-check-default.sh- The %prep section applies patches, the %build section builds. Remove mixup of patching and building from %prep for quilt setup Related to bsc#1065703- Check if default entry need to be corrected for updated distributor version and/or use fallback entry if default kernel entry removed (bsc#1065349) * grub2-check-default.sh * grub2-mkconfig-default-entry-correction.patch - Fix grub2-mkconfig warning when disk is LVM PV (bsc#1071239) * grub2-getroot-scan-disk-pv.patch- Filter out autofs and securityfs from /proc/self/mountinfo to speed up nfsroot test in large number of autofs mounts (bsc#1069094) * modified grub2-pass-corret-root-for-nfsroot.patch- Fix http(s) boot security review (bsc#1058090) * 0002-AUDIT-0-http-boot-tracker-bug.patch- 0001-add-support-for-UEFI-network-protocols.patch: * Workaround http data access in firmware * Fix DNS device path parsing for efinet device * Relaxed UEFI Protocol requirement * Support Intel OPA (Omni-Path Architecture) PXE Boot (bsc#1015589)- grub2-xen-pv-firmware.cfg: remove linemode=1 from cmdline for SUSE installer. openQA expects ncurses interface. (bsc#1066919)- use python3 for autogen.sh (fate#323526)- Do not check that PReP partition does not contain an ELF during installation (bsc#1065738). * grub2-install-remove-useless-check-PReP-partition-is-empty.patch- Build diskboot_tpm.img as separate image to diskboot.img to prevent failure in booting on some bogus firmware. To use the TPM image you have to use suse-enable-tpm option of grub2-install (bsc#1052401) * 0013-tpm-i386-pc-diskboot-img.patch- Use /boot//loader/linux to determine if install media is SUSE instead of /contents file (bsc#1054453)- Use the pvops-enabled default kernel if the traditional xen pv kernel and initrd are not found (bsc#1054453)- Fix reboot in UEFI environments (bsc#1047331) * Add grub2-efi-Move-grub_reboot-into-kernel.patch * Refresh grub2-efi-Free-malloc-regions-on-exit.patch- Add preliminary patch for UEFI HTTPS and related network protocol support (fate#320130) * 0001-add-support-for-UEFI-network-protocols.patch- grub2-s390x-04-grub2-install.patch : remove arybase dependency in grub2-zipl-setup by not referencing to $[ (bsc#1055280)- Fix minor oversights in and the exit value of the grub2-install helper on s390x. (bsc#1055343, fate#323298) * grub2-s390x-09-improve-zipl-setup.patch- Make grub2.info build reproducible (boo#1047218)- add grub2-fix-build-with-flex-2.6.4.patch - fix build with flex 2.6.4+ that removed explicit (void) cast from fprintf call in yy_fatal_error.- Support LVM physical volume created without metadatacopies (bsc#1027526) * grub2-diskfilter-support-pv-without-metadatacopies.patch - Fix page fault exception when grub loads with Nvidia cards (bsc#1038533) * grub2-efi-uga-64bit-fb.patch - Require 'kexec-tools' for System z. (bsc#944358) * modified grub2.spec- grub2-xen-pv-firmware.cfg: insmod lvm module as it's not auto-loaded to support booting from lvm volume (bsc#1004324) - Grub not working correctly with xen and btrfs snapshots (bsc#1026511) * Add grub2-btrfs-09-get-default-subvolume.patch * grub2-xen-pv-firmware.cfg : search path in default subvolume- new upstream version 2.02 * rediff - use-grub2-as-a-package-name.patch * drop upstream patches - grub2-fix-uninitialized-variable-in-btrfs-with-GCC7.patch - grub2-add-FALLTHROUGH-annotations.patch - update translations- update grub2-btrfs-workaround-grub2-once.patch to also store saved_entry in additional environment block (boo#1031025)- fix building with GCC (bsc#1030247) * add grub2-fix-uninitialized-variable-in-btrfs-with-GCC7.patch * grub2-add-FALLTHROUGH-annotations.patch- Fix out of memory error on lvm detection (bsc#1016536) (bsc#1027401) * grub2-lvm-allocate-metadata-buffer-from-raw-contents.patch - Fix boot failure if /boot is separate btrfs partition (bsc#1023160) * grub2-btrfs-06-subvol-mount.patch- 0004-tpm-Rework-linux-command.patch : Fix out of bound memory copy (bsc#1029187)- new upstream version 2.02~rc2 * rediff - use-grub2-as-a-package-name.patch - grub2-linguas.sh-no-rsync.patch * drop upstream patches - 0001-efi-strip-off-final-NULL-from-File-Path-in-grub_efi_.patch- TPM Support (FATE#315831) * 0001-tpm-Core-TPM-support.patch * 0002-tpm-Measure-kernel-initrd.patch * 0003-tpm-Add-BIOS-boot-measurement.patch * 0004-tpm-Rework-linux-command.patch * 0005-tpm-Rework-linux16-command.patch * 0006-tpm-Measure-kernel-and-initrd-on-BIOS-systems.patch * 0007-tpm-Measure-the-kernel-commandline.patch * 0008-tpm-Measure-commands.patch * 0009-tpm-Measure-multiboot-images-and-modules.patch * 0010-tpm-Fix-boot-when-there-s-no-TPM.patch * 0011-tpm-Fix-build-error.patch * 0012-tpm-Build-tpm-as-module.patch - grub2.spec : Add grub-tpm.efi for Secure Boot- Fix invalid Xen EFI config files if xen_args include GRUB2 quoting (bsc#900418) (bsc#951748) * grub2-efi-xen-cfg-unquote.patch - Fix linuxefi erroneously initialize linux's boot_params with non-zero values. (bsc#1025563) * grub2-linuxefi-fix-boot-params.patch - Removed grub2-fix-multi-device-root-kernel-argument.patch as it has regression on how GRUB_DISABLE_LINUX_UUID=true interpreted (bsc#1015138)- Fix for openQA UEFI USB Boot failure with upstream patch (bsc#1026344) * added 0001-efi-strip-off-final-NULL-from-File-Path-in-grub_efi_.patch * removed 0001-Revert-efi-properly-terminate-filepath-with-NULL-in-.patch- Temporary fix for openQA UEFI USB Boot failure (bsc#1026344) * 0001-Revert-efi-properly-terminate-filepath-with-NULL-in-.patch- grub2.spec: fix s390x file list.- require efibootmgr in efi package (boo#1025520)- Merge changes from SLE12 - add grub2-emu-4-all.patch * Build 'grub2-emu' wherever possible, to allow a better implementation of that feature. - add grub2-s390x-06-loadparm.patch, - add grub2-commands-introduce-read_file-subcommand.patch: * allow s390x to telecontrol grub2. (bsc#891946, bsc#892852) - add grub2-s390x-06-loadparm.patch: * ignore case and fix transliteration of parameter. (bsc#891946) - add grub2-s390x-07-add-image-param-for-zipl-setup.patch * Add --image switch to force zipl update to specific kernel (bsc#928131) - add grub2-s390x-08-workaround-part-to-disk.patch * Ignore partition tables on s390x. (bsc#935127) - add grub2-efi-chainload-harder.patch: * allow XEN to be chain-loaded despite firmware flaws. (bnc#887793) * Do not use shim lock protocol for reading pe header, it won't be available when secure boot disabled (bsc#943380) * Make firmware flaw condition be more precisely detected and add debug message for the case * Check msdos header to find PE file header (bsc#954126) - grub2-s390x-04-grub2-install.patch: * streamline boot to grub menu. (bsc#898198) * Force '/usr' to read-only before calling kexec. (bsc#932951) - grub2-once: * add '--enum' option to enumerate boot-entries in a way actually understood by 'grub2'. (bsc#892852, bsc#892811) * Examine variables from grub environment in 'grub2-once'. (fate#319632)- new upstream version 2.02~rc1 * rediff - use-grub2-as-a-package-name.patch - grub2-s390x-04-grub2-install.patch - grub2-accept-empty-module.patch - grub2-btrfs-04-grub2-install.patch - grub2-btrfs-06-subvol-mount.patch * drop upstream patches - 0001-dns-fix-buffer-overflow-for-data-addresses-in-recv_h.patch - 0001-build-Use-AC_HEADER_MAJOR-to-find-device-macros.patch - 0002-configure-fix-check-for-sys-sysmacros.h-under-glibc-.patch - 0001-Fix-fwpath-in-efi-netboot.patch - 0001-arm64-Move-firmware-fdt-search-into-global-function.patch - 0002-arm-efi-Use-fdt-from-firmware-when-available.patch - grub2-arm64-mknetdir-add-suport-for-arm64-efi.patch - 0001-10_linux-Fix-grouping-of-tests-for-GRUB_DEVICE.patch - 0002-20_linux_xen-fix-test-for-GRUB_DEVICE.patch - 0001-xen-make-xen-loader-callable-multiple-times.patch - 0002-xen-avoid-memleaks-on-error.patch - 0003-xen-reduce-number-of-global-variables-in-xen-loader.patch - 0004-xen-add-elfnote.h-to-avoid-using-numbers-instead-of-.patch - 0005-xen-synchronize-xen-header.patch - 0006-xen-factor-out-p2m-list-allocation-into-separate-fun.patch - 0007-xen-factor-out-allocation-of-special-pages-into-sepa.patch - 0008-xen-factor-out-allocation-of-page-tables-into-separa.patch - 0009-xen-add-capability-to-load-initrd-outside-of-initial.patch - 0010-xen-modify-page-table-construction.patch - 0011-xen-add-capability-to-load-p2m-list-outside-of-kerne.patch * add - fix-grub2-use-stat-instead-of-udevadm-for-partition-lookup-with-new-glibc.patch fix compilation with new glibc- Fix build error on glibc-2.25 * 0001-build-Use-AC_HEADER_MAJOR-to-find-device-macros.patch * 0002-configure-fix-check-for-sys-sysmacros.h-under-glibc-.patch - Fix fwpath in efi netboot (fate#321993) (bsc#1022294) * 0001-Fix-fwpath-in-efi-netboot.patch- grub2-systemd-sleep.sh: Fix prematurely abort by commands error return code and skip the offending menu entry (bsc#1022880)- Add support for BLT only EFI GOP adapters (FATE#322332) * grub2-efi-gop-add-blt.patch- info-dir-entry.patch: Update info dir entry to follow renaming to grub2- Add serial module to efi image. Serial terminal is still useful even with EFI Secure Boot- Support %posttrans with marcos provided by update-bootloader-rpm-macros package (bsc#997317)- Remove outdated README.openSUSE (bsc#907693)- 20_memtest86+: avoid adding memtest86+ to the list with UEFI booting.- Fix new line character in distributor (bsc#1007212) * modified grub2-default-distributor.patch- From Juergen Gross : grub-xen: support booting huge pv-domains (bsc#1004398) (bsc#899465) * 0001-xen-make-xen-loader-callable-multiple-times.patch * 0002-xen-avoid-memleaks-on-error.patch * 0003-xen-reduce-number-of-global-variables-in-xen-loader.patch * 0004-xen-add-elfnote.h-to-avoid-using-numbers-instead-of-.patch * 0005-xen-synchronize-xen-header.patch * 0006-xen-factor-out-p2m-list-allocation-into-separate-fun.patch * 0007-xen-factor-out-allocation-of-special-pages-into-sepa.patch * 0008-xen-factor-out-allocation-of-page-tables-into-separa.patch * 0009-xen-add-capability-to-load-initrd-outside-of-initial.patch * 0010-xen-modify-page-table-construction.patch * 0011-xen-add-capability-to-load-p2m-list-outside-of-kerne.patch- add support for netboot on arm64-efi platforms (bsc#998097) * grub2-arm64-mknetdir-add-suport-for-arm64-efi.patch- use $PRETTY_NAME instead of $NAME $VERSION for $GRUB_DISTRIBUTOR in openSUSE Tumbleweed (bsc#995549) * modified grub2-default-distributor.patch - grub2.spec: add http module to grub.efi (fate#320129)- binutils 2.27 creates empty modules without a symtab. Add patch grub2-accept-empty-module.patch to not reject them.- since version 1.7 cryptsetup defaults to SHA256 for LUKS - include gcry_sha256 in signed EFI image- Workaround default entry in snapshot menu (bsc#956046) * grub2-btrfs-08-workaround-snapshot-menu-default-entry.patch - grub2.spec: Add true command to grub.efi (bsc#993274)- grub.default: Empty GRUB_CMDLINE_LINUX_DEFAULT, the value will be fully taken from YaST settings. (bsc#989803)- Add patches from Roberto Sassu - Fix grub2-10_linux-avoid-multi-device-root-kernel-argument.patch, device path is not tested if GRUB_DISABLE_LINUX_UUID="true" - added grub2-fix-multi-device-root-kernel-argument.patch (bsc#960776) - grub2-zipl-setup: avoid multi-device root= kernel argument * added grub2-zipl-setup-fix-btrfs-multipledev.patch (bsc#960776) - Add SUSE_REMOVE_LINUX_ROOT_PARAM configuration option to /etc/default/grub, to remove root= and rootflags= from the kernel command line in /boot/grub2/grub.cfg and /boot/zipl/config - added grub2-suse-remove-linux-root-param.patch (bsc#962585)- Support HTTP Boot IPv4 and IPv6 (fate#320129) * 0001-misc-fix-invalid-character-recongition-in-strto-l.patch * 0002-net-read-bracketed-ipv6-addrs-and-port-numbers.patch * 0003-bootp-New-net_bootp6-command.patch * 0004-efinet-UEFI-IPv6-PXE-support.patch * 0005-grub.texi-Add-net_bootp6-doument.patch * 0006-bootp-Add-processing-DHCPACK-packet-from-HTTP-Boot.patch * 0007-efinet-Setting-network-from-UEFI-device-path.patch * 0008-efinet-Setting-DNS-server-from-UEFI-protocol.patch - Fix heap corruption after dns lookup * 0001-dns-fix-buffer-overflow-for-data-addresses-in-recv_h.patch- fix filelist for s390x- Fix grub2-editenv error on encrypted lvm installation (bsc#981621) * modified grub2-btrfs-workaround-grub2-once.patch - Add missing closing bracket in 'grub2-snapper-plugin.sh'. - Fix snapshot booting on s390x (bsc#955115) * modified grub2-snapper-plugin.sh - Fallback to old subvol name scheme to support old snapshot config (bsc#953538) * added grub2-btrfs-07-subvol-fallback.patch- update grub2-once with patch from Björn Voigt - skip comments in /etc/sysconfig/bootloader (boo#963610)- Make sure all systemd unit files are passed to %service_ macros.- Add patch to free memory on exit in efi environments (bsc#980739) * grub2-efi-Free-malloc-regions-on-exit.patch- Remove xen-devel from BuildRequires required headers are included in grub-2.0.2- Add support for "t" hotkey to switch to text mode (bsc#976836) * added grub2-SUSE-Add-the-t-hotkey.patch - Add support for hidden menu entries (bsc#976836) * added grub2-Add-hidden-menu-entries.patch- Correct show user defined comments in menu for snapshots (bsc#956698) * modified grub2-snapper-plugin.sh- Fix GRUB_DISABLE_LINUX_UUID to be ignore and also fallback kernel device won't be used if fs uuid not detected (bsc#971867) * added 0001-10_linux-Fix-grouping-of-tests-for-GRUB_DEVICE.patch * added 0002-20_linux_xen-fix-test-for-GRUB_DEVICE.patch- new upstream version 2.02~beta3 * highlights of user visible changes not yet present in openSUSE package - arm-uboot now generates position independent self relocating image, so single binary should run on all supported systems - loader for Xen on aarch64. grub-mkconfig support was not in time for beta3 yet. - improved ZFS support (extensible_dataset, large_blocks, embedded_data, hole_birth features) - support for IPv6 Router Advertisements - support for persistent memory (we do not overwrite it and pass correct information to OS) - try to display more specific icons for os-prober generated menu entries - grub-install detects EFI bit size and selects correct platform (x86_64-efi or i386-efi) independent of OS bit size; needs kernel 4.0 or higher. - LVM RAID1 support - xnu loader fixes which should make OS X menu entry generated by os-prober work again - key modifiers (Ctrl-X etc) should work on EFI too - ... and lot of fixes over entire tree * rediff - rename-grub-info-file-to-grub2.patch - use-grub2-as-a-package-name.patch - grub2-GRUB_CMDLINE_LINUX_RECOVERY-for-recovery-mode.patch - grub2-fix-menu-in-xen-host-server.patch - grub2-efi-HP-workaround.patch - grub2-secureboot-chainloader.patch - grub2-s390x-02-kexec-module-added-to-emu.patch - grub2-s390x-04-grub2-install.patch - grub2-s390x-05-grub2-mkconfig.patch - grub2-efi-xen-chainload.patch - grub2-mkconfig-aarch64.patch - grub2-btrfs-04-grub2-install.patch - grub2-ppc64-cas-reboot-support.patch - 0002-Add-Virtual-LAN-support.patch * fix grub2-secureboot-add-linuxefi.patch - use grub_memset and grub_memcpy instead of memset and memcpy (caused errors due to compiler warning) * drop upstream patches - 0001-grub-core-kern-efi-efi.c-Ensure-that-the-result-star.patch - 0001-look-for-DejaVu-also-in-usr-share-fonts-truetype.patch - 0001-efidisk-move-device-path-helpers-in-core-for-efinet.patch - 0002-efinet-skip-virtual-IPv4-and-IPv6-devices-when-enume.patch - 0003-efinet-open-Simple-Network-Protocol-exclusively.patch - 0001-efinet-Check-for-immediate-completition.patch - 0001-efinet-enable-hardware-filters-when-opening-interfac.patch - grub2-xen-legacy-config-device-name.patch - grub2-getroot-support-NVMe-device-names.patch - grub2-netboot-hang.patch - grub2-btrfs-fix-incorrect-address-reference.patch - aarch64-reloc.patch - grub2-glibc-2.20.patch (related code dropped upstream) - grub2-Initialized-initrd_ctx-so-we-don-t-free-a-random-poi.patch - grub2-btrfs-fix-get_root-key-comparison-failures-due-to-en.patch - grub2-getroot-fix-get-btrfs-fs-prefix-big-endian.patch - grub2-ppc64-qemu.patch - grub2-xfs-Add-helper-for-inode-size.patch - grub2-xfs-Fix-termination-loop-for-directory-iteration.patch - grub2-xfs-Convert-inode-numbers-to-cpu-endianity-immediate.patch - grub2-xfs-V5-filesystem-format-support.patch - 0001-Add-bootargs-parser-for-open-firmware.patch - grub2-arm64-set-correct-length.patch - grub2-arm64-setjmp-Add-missing-license-macro.patch - grub2-arm64-efinet-handle-get_status-on-buggy-firmware-properly.patch - 0001-unix-password-Fix-file-descriptor-leak.patch - 0002-linux-getroot-fix-descriptor-leak.patch - 0003-util-grub-mount-fix-descriptor-leak.patch - 0004-linux-ofpath-fix-descriptor-leak.patch - 0005-grub-fstest-fix-descriptor-leak.patch - ppc64le.patch - libgcc-prereq.patch - libgcc.patch - 0001-Fix-security-issue-when-reading-username-and-passwor.patch - 0001-menu-fix-line-count-calculation-for-long-lines.patch - grub2-arm64-Reduce-timer-event-frequency-by-10.patch - 0001-unix-do-not-close-stdin-in-grub_passwd_get.patch - 0001-grub-core-kern-i386-tsc.c-calibrate_tsc-Ensure-that.patch - 0002-i386-tsc-Fix-unused-function-warning-on-xen.patch - 0003-acpi-do-not-skip-BIOS-scan-if-EBDA-length-is-zero.patch - 0004-tsc-Use-alternative-delay-sources-whenever-appropria.patch - 0005-i386-fix-TSC-calibration-using-PIT.patch - biendian.patch - ppc64_opt.patch * drop workarounds for gdb_grub and grub.chrp, they are now installed under fixed name * do not patch docs/Makefile.in, it is regenerated anyway- Make mkconfig search for zImage on arm * grub2-mkconfig-arm.patch- Add support to directly pass an EFI FDT table to a kernel on 32bit arm * 0001-arm64-Move-firmware-fdt-search-into-global-function.patch * 0002-arm-efi-Use-fdt-from-firmware-when-available.patch- Add config option to set efi xen loader command line option (bsc#957383) * added grub2-efi-xen-cmdline.patch- Drop ppc64le patches. Build stage1 as BE for Power Droped patches: - grub2-ppc64le-01-Add-Little-Endian-support-for-Power64-to-the-build.patch - grub2-ppc64le-02-Build-grub-as-O1-until-we-add-savegpr-and-restgpr-ro.patch - grub2-ppc64le-03-disable-creation-of-vsx-and-altivec-instructions.patch - grub2-ppc64le-04-powerpc64-LE-s-linker-knows-how-to-handle-the-undefi.patch - grub2-ppc64le-05-grub-install-can-now-recognize-and-install-a-LE-grub.patch - grub2-ppc64le-06-set-the-ABI-version-to-0x02-in-the-e_flag-of-the-PPC.patch - grub2-ppc64le-07-Add-IEEE1275_ADDR-helper.patch - grub2-ppc64le-08-Fix-some-more-warnings-when-casting.patch - grub2-ppc64le-09-Add-powerpc64-types.patch - grub2-ppc64le-10-powerpc64-is-not-necessarily-BigEndian-anymore.patch - grub2-ppc64le-11-Fix-warnings-when-building-powerpc-linux-loader-64bi.patch - grub2-ppc64le-12-GRUB_ELF_R_PPC_-processing-is-applicable-only-for-32.patch - grub2-ppc64le-13-Fix-powerpc-setjmp-longjmp-64bit-issues.patch - grub2-ppc64le-14-Add-powerpc64-ieee1275-trampoline.patch - grub2-ppc64le-15-Add-64bit-support-to-powerpc-startup-code.patch - grub2-ppc64le-16-Add-grub_dl_find_section_addr.patch - grub2-ppc64le-17-Add-ppc64-relocations.patch - grub2-ppc64le-18-ppc64-doesn-t-need-libgcc-routines.patch - grub2-ppc64le-19-Use-FUNC_START-FUNC_END-for-powerpc-function-definit.patch - grub2-ppc64le-20-.TOC.-symbol-is-special-in-ppc64le-.-It-maps-to-the-.patch - grub2-ppc64le-21-the-.toc-section-in-powerpc64le-modules-are-sometime.patch - grub2-ppc64le-22-all-parameter-to-firmware-calls-should-to-be-BigEndi.patch - grub2-ppc64le-fix-64bit-trampoline-in-dyn-linker.patch - grub2-ppc64le-timeout.patch - grub2-ppc64-build-ppc64-32bit.patch - Added patches: - biendian.patch - grub2-ppc64-cas-reboot-support.patch - libgcc-prereq.patch - libgcc.patch - ppc64_opt.patch - ppc64le.patch- Backport upstream patches for HyperV gen2 TSC timer calbration without RTC (bsc#904647) * added 0001-grub-core-kern-i386-tsc.c-calibrate_tsc-Ensure-that.patch * added 0002-i386-tsc-Fix-unused-function-warning-on-xen.patch * added 0003-acpi-do-not-skip-BIOS-scan-if-EBDA-length-is-zero.patch * added 0004-tsc-Use-alternative-delay-sources-whenever-appropria.patch * added 0005-i386-fix-TSC-calibration-using-PIT.patch- Add 0001-menu-fix-line-count-calculation-for-long-lines.patch (bsc#943585)- grub2-xen-pv-firmware.cfg: fix hd boot (boo#926795)- Add 0001-Fix-security-issue-when-reading-username-and-passwor.patch Fix for CVE-2015-8370 [boo#956631]- Update grub2-efi-xen-chainload.patch - fix copying of Linux kernel and initrd to ESP (boo#958193)- Rename grub2-xen.cfg to grub2-xen-pv-firmware.cfg (boo#926795)- grub2-xen.cfg: to handle grub1 menu.lst in PV guest (boo#926795)- Expand list of grub.cfg search path in PV Xen guest for systems installed to btrfs snapshot. (bsc#946148) (bsc#952539) * modified grub2-xen.cfg - drop grub2-fix-Grub2-with-SUSE-Xen-package-install.patch (bsc#774666)- Add 0001-unix-do-not-close-stdin-in-grub_passwd_get.patch Fix reading password by grub2-mkpasswd-pbdk2 without controlling tty, e.g. when called from Xfce menu (boo#954519)- Modify grub2-linguas.sh-no-rsync.patch to re-enable en@quot catalog (boo#953022). Other autogenerated catalogs still fail to build due to missing C.UTF-8 locale.- Allow to execute menuentry unrestricted as default (fate#318574) * added grub2-menu-unrestricted.patch- Add missing quoting for linuxefi (bsc#951962) * modified grub2-secureboot-use-linuxefi-on-uefi.patch * refreshed grub2-secureboot-provide-linuxefi-config.patch- Include custom.cfg into the files scanned by grub2-once. Allows to chose manually added entries as well (FATE#319632).- Upstream patches for fixing file descriptor leakage (bsc#943784) * added 0001-unix-password-Fix-file-descriptor-leak.patch * added 0002-linux-getroot-fix-descriptor-leak.patch * added 0003-util-grub-mount-fix-descriptor-leak.patch * added 0004-linux-ofpath-fix-descriptor-leak.patch * added 0005-grub-fstest-fix-descriptor-leak.patch- Do not force ro option in linuxefi patch (bsc#948555) * modified grub2-secureboot-use-linuxefi-on-uefi.patch * refrehed grub2-secureboot-provide-linuxefi-config.patch- add 0001-efinet-Check-for-immediate-completition.patch, 0001-efinet-enable-hardware-filters-when-opening-interfac.patch, grub2-arm64-efinet-handle-get_status-on-buggy-firmware-properly.patch (bsc#947203)- Set default GRUB_DISTRIBUTOR from /etc/os-release if it is empty or not set by user (bsc#942519) * added grub2-default-distributor.patch * modified grub.default- add systemd-sleep-plugin subpackage (bsc#941758) - evaluate the menu entry's title string by printf * modified grub2-once * added grub2-systemd-sleep.sh- fix for 'rollback' hint (bsc#901487) * modified grub2-btrfs-05-grub2-mkconfig.patch:- Replace 12.1 with 12 SP1 for the list of snapshots (bsc#934252) * modified grub2-snapper-plugin.sh- Fix btrfs subvol detection on BigEndian systems (bsc#933541) * modified grub2-btrfs-06-subvol-mount.patch - Fix grub2-mkrelpath outputs wrong path on BigEndian system * added grub2-getroot-fix-get-btrfs-fs-prefix-big-endian.patch- If we have a post entry and the description field is empty, we should use the "Pre" number and add that description to the post entry. (fate#317972) - Show user defined comments in grub2 menu for snapshots (fate#318101) * modified grub2-snapper-plugin.sh- add 0001-grub-core-kern-efi-efi.c-Ensure-that-the-result-star.patch make sure firmware path starts with '/' (boo#902982)- Fix btrfs patch on BigEndian systems (bsc#933541) * modified grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch * modified grub2-btrfs-06-subvol-mount.patch- Fix license for setjmp module * added grub2-arm64-setjmp-Add-missing-license-macro.patch- Fix install into snapper controlled btrfs subvolume and can't load grub modules from separate subvolume (fate#318392) * added grub2-btrfs-06-subvol-mount.patch * grub2-snapper-plugin.sh: use absolute subvol name- also Recommends mtools for grub2-mkrescue (used to create EFI boot image) in addition to libburnia-tools.- Support booting opensuse installer as PV DomU (boo#926795) * added grub2-xen.cfg for tracking default pvgrub2 xen configs rather than generating it from spec file * grub2-xen.cfg: from Olaf Hering - replace grub2-efinet-reopen-SNP-protocol-for-exclusive-use-by-grub.patch with upstream version: * 0001-efidisk-move-device-path-helpers-in-core-for-efinet.patch * 0002-efinet-skip-virtual-IPv4-and-IPv6-devices-when-enume.patch * 0003-efinet-open-Simple-Network-Protocol-exclusively.patch Fixes EFI network boot in some QEMU configurations.- fix grub2-mkconfig-aarch64.patch: fix arch detection broken by malformed patch rediffing- Cleanup patch not applied * remove grub2-enable-theme-for-terminal-window.patch * grub2.rpmlintrc: remove addFilter("patch-not-applied")- Merge changes from SLE12 - Do not pass root= when root is on nfs (bnc#894374) * modified grub2-pass-corret-root-for-nfsroot.patch * modified grub2-secureboot-provide-linuxefi-config.patch * modified grub2-secureboot-use-linuxefi-on-uefi.patch - Fix xen pvops kernel not appear on menu (bnc#895286) * modified grub2-fix-menu-in-xen-host-server.patch - Workaround grub2-once (bnc#892358) * added grub2-btrfs-workaround-grub2-once.patch * added grub2-once.service * modified grub2-once - Fix busy-loop and hang while network booting (bnc#870613) * added grub2-netboot-hang.patch - Add warning in grubenv file about editing it directly (bnc#887008) * added grub2-editenv-add-warning-message.patch - Fix broken graphics with efifb on QEMU/KVM and nomodeset (bnc#884558) * added grub2-efi-disable-video-cirrus-and-bochus.patch - Disable video support on Power (bnc#877142) * added grub2-ppc64le-disable-video.patch - Track occupied memory so it can be released on exit (bnc#885026) * added grub2-ppc64le-memory-map.patch - Fix grub.xen config searching path on boot partition (bnc#884828) - Add linux16 and initrd16 to grub.xen (bnc#884830) * added grub2-xen-linux16.patch - VLAN tag support (fate#315753) * added 0001-Add-bootargs-parser-for-open-firmware.patch * added 0002-Add-Virtual-LAN-support.patch - Use chainloader to boot xen.efi under UEFI (bnc#871857) * added grub2-efi-xen-chainload.patch - Use device part of chainloader target, if present (bnc#871857) * added grub2-efi-chainloader-root.patch - Create only hypervisor pointed by /boot/xen.gz symlink (bnc#877040) * modified grub2-fix-Grub2-with-SUSE-Xen-package-install.patch - Fix xen and native entries differ in grub.cfg (bnc#872014) * modified grub2-linux.patch - Fix install error on ddf md device (bnc#872360) * added grub2-getroot-treat-mdadm-ddf-as-simple-device.patch - Fix booting from NVMe device (bnc#873132) * added grub2-getroot-support-NVMe-device-names.patch - Document peculiarities of s390 terminals * added README.ibm3215 - Grub2 for System z (fate#314213) * added grub2-s390x-02-kexec-module-added-to-emu.patch * added grub2-s390x-03-output-7-bit-ascii.patch * added grub2-s390x-04-grub2-install.patch * added grub2-s390x-05-grub2-mkconfig.patch- grub2-arm64-set-correct-length.patch: arm64: set correct length of device path end entry- grub2-efi-HP-workaround.patch: * try to read config from all-uppercase prefix as last resort. (bnc#872503) (boo#902982)- add luks, gcry_rijndael, gcry_sha1 to signed EFI image to support LUKS partition in default setup (boo#917427)- enable i386-xen (boo#891043)- Downgrade os-prober dependency to Recommends (boo#898610)- grub2-snapper-plugin.sh: cleanup grub-snapshot.cfg not referring to any snapshot (boo#909359)- Require efibootmgr also on i586- Require efibootmgr also on aarch64- grub2-snapper-plugin.sh: fix use of printf without format string; fix quoting- grub2-arm64-Reduce-timer-event-frequency-by-10.patch: fix periodic timer on arm64- enable 32bit arm targets for uboot and efi- Replace 'echo -e' command in grub2-snapper-plugin.sh script to 'printf' command. '-e' option of 'echo' command may be unsupported in some POSIX-complete shells.- fix bashism in post script- grub2.spec: Fix conditional construct which wasn't supported by older versions of rpmbuild (caused error message "parseExpressionBoolean returns -1".)- fix errors when boot is btrfs with Windows partition scheme. The first partition is created on cylinder boundary that can't offer enough room for core.img and also the installation has to be in logical paritition which made MBR the only location to install. (bnc#841247) * add grub2-setup-try-fs-embed-if-mbr-gap-too-small.patch/bin/sh  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./01232.12-150600.8.18.2grub2-instdev-fixup.pli386-pcacpi.modadler32.modaffs.modafs.modafsplitter.modahci.modall_video.modaout.modappended_signature_test.modappendedsig.modarchelp.modasn1.modat_keyboard.modata.modbacktrace.modbfs.modbiosdisk.modbitmap.modbitmap_scale.modblocklist.modboot.imageboot.imgboot.modboot_hybrid.imageboot_hybrid.imgbsd.modbswap_test.modbtrfs.modbufio.modcat.modcbfs.modcbls.modcbmemc.modcbtable.modcbtime.modcdboot.imagecdboot.imgchain.modcmdline.modcmdline_cat_test.modcmosdump.modcmostest.modcmp.modcmp_test.modcommand.lstconfigfile.modcpio.modcpio_be.modcpuid.modcrc64.modcrypto.lstcrypto.modcryptodisk.modcrypttab.modcs5536.modctz_test.moddate.moddatehook.moddatetime.moddisk.moddiskboot.imagediskboot.imgdiskfilter.moddiv.moddiv_test.moddm_nv.moddrivemap.modecho.modefiemu.modefiemu32.oefiemu64.oehci.modelf.modeval.modexfat.modexfctest.modext2.modextcmd.modf2fs.modfat.modfdt.lstfile.modfont.modfreedos.modfs.lstfshelp.modfunctional_test.modgcry_arcfour.modgcry_blowfish.modgcry_camellia.modgcry_cast5.modgcry_crc.modgcry_des.modgcry_dsa.modgcry_idea.modgcry_md4.modgcry_md5.modgcry_rfc2268.modgcry_rijndael.modgcry_rmd160.modgcry_rsa.modgcry_seed.modgcry_serpent.modgcry_sha1.modgcry_sha256.modgcry_sha512.modgcry_tiger.modgcry_twofish.modgcry_whirlpool.modgdb.modgeli.modgettext.modgfxmenu.modgfxterm.modgfxterm_background.modgfxterm_menu.modgptsync.modgzio.modhalt.modhashsum.modhdparm.modhello.modhelp.modhexdump.modhfs.modhfsplus.modhfspluscomp.modhttp.modiorw.modiso9660.modjfs.modjpeg.modjson.modkernel.execkernel.imgkeylayouts.modkeystatus.modldm.modlegacy_password_test.modlegacycfg.modlinux.modlinux16.modlnxboot.imagelnxboot.imgloadenv.modloopback.modls.modlsacpi.modlsapm.modlsmmap.modlspci.modluks.modluks2.modlvm.modlzma_decompress.imagelzma_decompress.imglzopio.modmacbless.modmacho.modmda_text.modmdraid09.modmdraid09_be.modmdraid1x.modmemdisk.modmemrw.modminicmd.modminix.modminix2.modminix2_be.modminix3.modminix3_be.modminix_be.modmmap.modmoddep.lstmodinfo.shmorse.modmpi.modmsdospart.modmul_test.modmultiboot.modmultiboot2.modnativedisk.modnet.modnewc.modnilfs2.modnormal.modntfs.modntfscomp.modntldr.mododc.modoffsetio.modohci.modpart_acorn.modpart_amiga.modpart_apple.modpart_bsd.modpart_dfly.modpart_dvh.modpart_gpt.modpart_msdos.modpart_plan.modpart_sun.modpart_sunpc.modpartmap.lstparttool.lstparttool.modpassword.modpassword_pbkdf2.modpata.modpbkdf2.modpbkdf2_test.modpci.modpcidump.modpgp.modpkcs1_v15.modplainmount.modplan9.modplay.modpng.modpriority_queue.modprobe.modprocfs.modprogress.modpxe.modpxeboot.imagepxeboot.imgpxechain.modraid5rec.modraid6rec.modrandom.modrdmsr.modread.modreboot.modregexp.modreiserfs.modrelocator.modromfs.modscsi.modsearch.modsearch_fs_file.modsearch_fs_uuid.modsearch_label.modsendkey.modserial.modsetjmp.modsetjmp_test.modsetpci.modsfs.modshift_test.modsignature_test.modsleep.modsleep_test.modsmbios.modspkmodem.modsquash4.modstrtoull_test.modsyslinuxcfg.modtar.modterminal.lstterminal.modterminfo.modtest.modtest_asn1.modtest_blockarg.modtestload.modtestspeed.modtftp.modtga.modtime.modtr.modtrig.modtrue.modtruecrypt.modudf.modufs1.modufs1_be.modufs2.moduhci.modusb.modusb_keyboard.modusbms.modusbserial_common.modusbserial_ftdi.modusbserial_pl2303.modusbserial_usbdebug.modusbtest.modvbe.modvga.modvga_text.modvideo.lstvideo.modvideo_bochs.modvideo_cirrus.modvideo_colors.modvideo_fb.modvideoinfo.modvideotest.modvideotest_checksum.modwrmsr.modxfs.modxnu.modxnu_uuid.modxnu_uuid_test.modxzio.modzstd.mod/usr/lib//usr/share/grub2//usr/share/grub2/i386-pc/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:37155/SUSE_SLE-15-SP6_Update/efca4f83ad0038e123688e55e638bbc3-grub2.SUSE_SLE-15-SP6_Updatedrpmxz5x86_64-suse-linux  Perl script text executabledirectoryELF 32-bit LSB relocatable, Intel 80386, version 1 (SYSV), not strippedELF 32-bit LSB relocatable, Intel 80386, version 1 (SYSV), strippedELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, not strippedASCII textELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), BuildID[sha1]=cb4194538e8b7d2c15ed213af4434deff1456122, not strippedemptyELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, with debug_info, not strippedELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, strippedPOSIX shell script, ASCII text executable, with very long linesR if test -f /run/update-bootloader/reinit; then rm -f /run/update-bootloader/{reinit,refresh} /sbin/update-bootloader --reinit || : elif test -f /run/update-bootloader/refresh; then rm -f /run/update-bootloader/refresh /sbin/update-bootloader --refresh || : fi/bin/shutf-84de1a713ce33100024f1455f0aa371147047cdb0ba30f470b445776a7218d5fa?7zXZ !t/q=r]"k%N=r/n "f"%srYܝ$Zl_ݩ}ΙԷXQˬ)X'>8N,=͢G-}aa*g8z׻?QME5΍Y fc ;ibvVC߰FK 9~>N1_tWT\%| i6‡ij}|5O%ue2;/Y-wą  5^~#xai,fuHJ'<0Cq Vk9 9ʌ +yTc:y?o0\5/}^SVM_/EW7@>ǔT;X<< t@̘ٛ O9h L4$rO 3>k'd{ EWK9 1ԋWJ&5庘TafF3u@ӇXz-Ro|/O'(õ"aq <G7`t}VW|CPaZ=owćtv|9V1kLkۗ#y t ھEܾ:of ^[9iw g :8AA n5v-}l~"͖bqFn?d G@ܤ}1g-PwhOsgGѻĢ7Idc@3컳NS̙戇L~4|~A~lPF 16*۫*] YYSb.cW))fՎ*l?%lSM0O-N7CdR._e.MJQʒg}h6ݝw 3zp^vzјD8J ʘ881}L} "YN*knmMC)9 9[ ,Dn `x:LƛOG5`ThYbd:)!&F MCu7zvеyBpwG& y' OVyf6EzUg-T oB鍬fkO{y 6-Ł]@ʔX7Dh라Yۤte색 jPewЀGTV1\`T#'[ͧ+Ϲy+uQ>s5>l|Gr2 H>]r :{BҨ| iv牢I/,4Y?5;*_&R4!Pz<P?=)6nK"h T"9 bbkrCAWyjvVȞB7snn; :b vZ^`09( G|$mNimX<D\ꌉ&XJ "ELԛ Ev%* "K4}0%?ĥM Ɍ׼BLez>Cs f>}dω`^ QΖT5HW~t|o9|@'9)~k9>mr[79Fp&]3evNJd'kO!29\iqAj][ Ϻ f@]~O+3%jMlV%BU5,}; sSs;gMtچ1b3d[W}҅Lhoo`mEg:!=^=iQ"e}~왚4-z2nD>"lYG%e5s-l 겒ea4 -`vgg[ r!6f;aFYO>;h.1dxG)QYk-<% o|U n{Kh^m!P: bhzɽ[H7=WwSvY{$C$WW;C[o]$_ l~3W3Scp=XoV*`xRGKD}5c Ehv(aobEu+6x26M8 :F!KƧQg㮅";'5`K1y0$fd#γg>,(2T\bj¿tثҿ\lWkYUg=?bwkX<1 VèV "aeݯƒz!=/ιw_YSN:hy<+U~v:Y̿BҒw/OlvXTbc<#5ƽD;kbTĞWKɫl r,7.KLN?eWK1j(pB_Eu_&>oa.yC=18~ w^x@+9ښ1Sϵ㧤&>MF"Ax,AI^DOlc2O" ITFo侢~vk"C*|Y)hU#w]`x|M+\Uc$J*=akoS%|e)IѐoGѰvXq $˵kj!8 OT-Z‡>`^:ekd0~xG6si)ͼi X햵=ǩ> Jv7{Y}1|O|W4 hl(rK |J;Qy;EՓSJszD+Jj˛$CJXNNHix-by?te'D'JI0exnrG6 CDr۱f ,&[Ϋ;π܄Q vTհ&F`/2t)Z4E\._ud)d=l\I\%ӫ'7)#9Amx*~ZO.GmQ(k `1!O vis;㘑Jhp3e 6p?KT$nVd;u 0IڙR_sI9'E*eɳUɑюc0eȼȅG|B{{uE2gx21Ѣ\ǣԑ5~ړ̖8Q}cue/7x{^ICŲnULˢ)$!jئO_0lQElfObyEvpU w9N%JBxpޛ$R[{l Qe> l!T5Eg3v:墥Z29Ә9,7(\(e=3ӂڏ3^[,ޖS}}&V>ݐ\ˬXu?*;H RݭT8a[uUUPa'rfkDh֗d;U[+ ;Xxۆ$73]r3uY^dcqiPR@P #Հո}pP$0q=ȊZONe# HsQ}<űY 4;!\G n5 w 6Q]ITc v^)P\!k\BH ^!NϻM91XWS"% ~V$?(o~P/k.&gW/xt^;X27B7X` {Jg,S⦢ a=K4Q'(q; .ɫ]H{ߠ΋;cPr&δ#uf|0g@0$Q>׏$-STPf7 a@:&h2Ȇ`=ð)0UCA 5iu\Mĥp7BӱXYC&r#Rh^y N2tT,",5we'ls4;n(d %COVX%RaAz&ttc16jhQt坪ߡ4[ lUHX57.1"o@PIx 8_ͫ{ӯc"GA+RK]C޸gWxBI93 |b(sړ_T<#n+A)֚%&1qFNy IX[WN3tТh|n1öWn'kH xf+4W|Alw0<oGD]ػp[m4mʢv'ETÙ6h7`` ktd7jvWtNc~).lƽϋ5x IXge;Z;:{D+s{?q) iƧȐ|sk%HI@`m`>3~aGNVAӴvϕXE]Ѣn+5i,3k.іhm.q]Ȱ*s6DȹZ6?Tox**$*a-LumԹyUWnQMfWCx<5z͎? N6,,%\ԜoBC_7\NF`5t'{&o/{}AhCtJM0[Y~*π@rltr1IjwiSLP8?!"HЭ_jB8Lj/w:`2[\p.>qU<@S=c[`(<툧ǭ-m!8|8}h# hUB^4|w>|W*ȲPyDRھ{ ūocb/{A$h^@7WC / KA 2-WMY ќH2&dNٯs`,wJjh2t\7$ۀ?bML.HIv K =Pd k9 jbI5G;qd33hGF"SMdՎJ=xV ?wL)(4x8Ya1HUBލw~C|te<Ѭ=m^Cn9]HDuaW 2*xvM_=d=)6ǎQ(Pްh%o(Y8+6#'>fd#M0TclCD¥0N-MJ Dי7˟aGЕwܭꏚR9aGDExr!ĸPHރg Xt:8 :LhPp! ,Fbgl4*V~z\ϔK;ut8x*J!J|Ioˁ{ك2zIc6})Y1|9'&$j)kgx,p$EX~One_"+-+2ag>*-_t^G(X|j?/弤k ӔNQ +WFSEr 'z]$ l9dڗ(]=OK:l 8 ^ePJu~Xa7KzMnVZr5FS5˲70\1~f{.儰I!b;l$KP ǘ^&{B CJSߩ .]6m]u@r./}vLp{\z](սʽ܀O JXмzG#[g2y1iNk!CYHyտَY2+BI31dtW=UO+;iQe(V_œڵ>)&R=Y,NN]֠Wn+1 ޫV %&J3ў?OO8%?C눮4b\ x𧻓k^[L`;8ݞi?t1џ­Φ!c:G?phqico"A'~n/Eͭ -j$OCKLOEN<xwOaQgb'R&%\ `L`#h]Y#R&r4q!X| <%ށJ$>r,&Uy&͔:t$J0) ś DѨbaM+.ȇ\5!gR&~9eYvߞRn9/:Z-:1٫%lؤ ^G=XYhLImC8"^F o˹yp#S@U#X7>hGySfil66lǵ8q==>"P"|ULTJ'TXl)ȶeB&O ăAVYC{ٶǨpޙ'(aĘSrF`hgE&b/+}-=轳2gMc m*!s:: ^݊7| `fGGbvv3@`~=`G)<:e2 `&xQ`En@#//=]-\?x ʡqfY 'JL([G׊`:xŽr^5Myx3#o ehε 9)n9W2k/m/v`!\5m4 4-ʹksʫ}hb㑊k˭BHG1Y));"Do3@15*`|zƨ뗉"&MOᛠC.@8,.e LwsP.q>LA8>Ą5CBWt]攊Kpg|@!? sOT?_mMТMֵ=9ؒn-,oK:} \ع9ZE5`YIA"%q1VuI#r7)_" RyAg0-=" >FiQ{j(08 ThZΟ Zw﬉^ΜneK$_HW\*5i +PqSNңg9LQF"F9~' 5EɣAA|α.vlN\.σu߾DP}s&ƳۼW GSpehoEcL t2.UEcy4e;=]9> @8<5UqB {zV=|a Ц>`2RxtqheQUgy| u|ZRsy4cacb \֊3<*򊤻ғ08&/^)l3+~g}oLh[LcUyGQ<tIK;NyN=yeTno+ō )Q}Bx^ZhkK~SC mlχb`%XÐ6ADG]B!$Stb$(2= D,lE+^9A6;qNx:%=wdXNA%O.jvO5ے xfW@;E[٥ͽ)*8V,WSh83#V0kdN54Ť} ۝ +%nHj=T88F`.6z=|w:A\9;'GMû"u4Fi}~ňu:JN홊,'/?Ao{6ŏyFY7"Ġ"am)b`a/tߘ\GCD^q@ꩡSjUI;JQU#y1n"Bƪn.`*scثv[hP9L_Wr/"33`ma@ č3;7̎hXdRФd\BNosb֌cFhr05(؛\vنIo>'M)s{\$X]ǀ7oeHE']M,y{ydAFM03}P9B]b`ÀRNDPV%j5G$D/ϸMy@>Xד6/&1gq/jLvD@Q[c*y:zL :DqٹLTZ5cMTz|/6]Eύo1,~1 PbU{ 0z ˄]?X{gAlWģlt?Mk o4XwN>FnTQ,jYchDcxPjJzA`L.)^?Dj..q/(N7 Ï/X`2օ +6z|kf }O[6aM|evHFX;r 뾫Xc 5JL ŒK !.cd|rހuU΋P*=tOid52X^\S:Ao]F3Ϭ#25/'t4*0ȿ[l;ة)71tEaٜpq /☎_xV-L7E_Zm571?ZO!E Xk4'@]ԑ`yzٓ&-*]=Gڶ!{Z,+&+l!| : Pz0)"]|\g>W/\X3J$hUe}ZU;Bs'a5>  93bzmCc7Wwk)2d/xW͏0BY`&ب+'f/<"WTTPjJF]XY8K K(zЬqϒؐyjipWo):ioG{@+,,s\Ltp-< Eb}_%]jwlRʝRǂ< LnːUl7-NŪeٖqTM%tvgMǡ_ܫ, k@Yi| C|X:@ca˕YIϛPKs;K*yw']@9'xq~{w't=;ܒhw H E5u,nl6Ǣ[z`Fq q%n> UYɭ^[y"Co8tjXCji8=4q0Y冏0-f,OaR,/)nasmkMPʋs9U ŖN+c~UNxTW#-fiI.XE3b4A5.Hdn[mPQ8OOkѕ+(݇ zH>$t#݁"O)G횢H6+V7~GKYO!&*qG%ϊ\Qq7aETf[>w/b[ f>\ 5HSLtV٧~2 .&`_XMk` SPȟ]iv'109?.7xO^_pKY8Eavrn=als{;8W6uz *[ (Gb`5Ytj^:E~l^-)wm*{l@bJa,s"̃p @N*w$ddjKd}H܉ 5F1H H 5BL=`.Z^χ?Jm~! mL\&Rx5#,[Gg ˕6[1k~fnD#O?T eؒ\կN¾+ړrGwbJPƕg6dV' Em-]eI.mDj2ɞ]}HRQUZlgl0%SuNRK^:f~AxB>Fwc"N:8DB 8si}l>P8ݾ T ɏfgA[Zad* gOU7-J^dODUTkji:)"\6,BuxZ&:|WPmg&zY̹@'C"Xt%R;Aء`zp^nڞx)}Bs&6^+ݯ6J B[K为l%jֈ:vܒ_mԟJZ2Mܦe4`\F(r.+1V&f?Sv/ҁսFC5zk^؅TG!H)~ ӹ -gvlXЀ di=6aք2$Jyo/z椉( ZgI`1~y՘3AjQ0)WD4%E㥆kR3#δ.`Xq#hy!qڣ2 q~AޠOOFrJiSo΀<=JPh=uqK=tj@ؓPӤ$>cpꫩIOG $+W%MH\g`3Iho'*K6s*K퍮]>yxB$*0Z n^"2%7%G UT%|I%s)y tjn~(oOUfr”TWR-Aisz\:0MXai$uh&j)BF<0b:pgl9+Xo4ZHE`}\]oi`*U:?z`"ty{~Lr9JƖZP S|x%ml!NLG$,y^}Rl1ԠQ iؾXv5Ө$q"$ H@;a;ʑz2(9E0 (t$t[hIo&V󷠐 (65BpdwnIgu8 c% */m$rΈ0xgoݞ2l^ڜY%+r;%`3ĺGl|f:nVaI z<6|YJwE@َ~Su\QW 3#^98$.03OFkȿѮ[`DC%”^#Gt9L!~!g#աN#`XĄ+\/ ew'ZAL@?-ϧP5dIhm5BV8=CSI n0Z6VNSTAvsuu ㇰP*@cX]-s %P/OeoC$V2Lf՘ w+%@0Z0y ֪'2iӭ^KIՖ60H._ ;DͶO ~ceaT3Jd-)B{*pf C##8s 9%l-(S\b'Qtda,{pȚd^S1b\񏄧ϕ:ޗ(kEtڃrLME$xL^0n[X_JKIJGTKk95۴O|%ᶣG2X!f"e44fP|W;\2T?,jCsS8Yy=XhbS~KkMa1$Rz{]?v]d|`,Zbbum73@_I/ AleXNzX^gW 5^]LzsܥFx>1y1۝U񻰷5x9+[VrI[PO壢h,sZ E7Q$^Iu|dee˾?Xy'~7,cʛQgGQ 9P>J?I%}q';G ] {MkK NE^ ,]TEa^ZN7oh?f߾z璲|۔@!WͅĒi(WSߖ$0H)6\GTOvZZfdEnC~sP:qt &Mh6jhQD!0oj= Cķ!03"ntݡGAa}qTڃ}ٞl<.ڵ*8fk$kuO4Ɔ;Y7AՔt&;5[ >x3_9B"`.3kBJLKn7ھjR,xX%l$uKoĚyB?$ߓx5&ƕmUV;T'JhZBܿsaj\اbP 9 v `x-=r_*H E^XBѺb ] UwsMd㓏``G|eSkUmÓՀ'&E-ڋB Hdf | fO}*x .xYBhT$WΤ|\2染BO\~+;Kdf6Js70S7V ABA;['Pk]J޳7 =BAGREt˨qp[y(m/ͣΐo^~ RyA`]~ǽ{v-|RDZ{ƳFp.]z# y w[Dl(#erq|#,\`$V]1e=h.'P[P:FNTcLÿ0SAN$x)!M:=(dmGKDcs&ypF8MV/C !%4JO']T؇l 6D$#'afS>1sDJ P"*C9+7-ܢJ: x )T NoT@='$?EW:jkaˇo$bX`Qm+aoW5yZ^Uj ¤,Bn[xG2 ~ToAZn((T G%kI#.q;M b] ȅI*r! !I7Iزb*/j>yUڒ>e\2%3N8 sQK!]'֨ $=qzRPQB _:ZڟH)q6āCyC(=HcBM@'ČкE|$w_q'#LH6tP-=î&ajۄ]%.2H,,\+mEV$֯э<~7?%f4\Xm]" Mqu,c<m%VD h^)j&V%DMo4SZld;K'{ϘN/2` H򅳟k\~) b 4.+`DU/UEh7NkJjU94sxL)(o{L<W]MOCrrK$w  R,q:\pt I72u7NUgytY_=an->n17kk*s ZKY(o#vgb~Tc5pV'1YOl Ak̄TA^_K RA\…6@UW#ݵ'Vb~[b5%My!YAì'נ4RC%x )O?kle/qY3h<*::/nHsT>v33913_^ӎ%d4Uf;ņQMMڙ 80s-s-*jP0N/ӘgP۷U?oˈ Уn+ !Y .޶Tu\є%t:)CMQXڇsV3 ,M9}ߗ'y$Xuăǔ"w PĈXb9pʅG!Bd)_(NV9-MgnωܡݝN#lP 2NG5f9@iX r_؀zsI$&}|Ke%5,&ya0)Bg_y:ZP+3D钝7AmAPRq{nOiESbN#U n}A **@V¼5!<owHIKLڊ]~w~V[-"i 곱/% Ev:JNh %)|C>uy 7ю hU: #>s8 !IeGKSs0vY _s3΃=mxzGG.I*bZ0pu]{e2iuX֧V_8!m Fkg MdNųw Ӈn XGtד0ms3(%#LzSibE 8@PXzdI>/UZD[j_ʝ(j:^C dwR;/'ʵzC{>ܤĭr(PhY= ʼ9'XJjRG&rxV*\ʎ51"m]Y0fG5cSyסXMg} Ż+'2/Q]SՆ-Ue+ȬՍYDpsNx*LYEsJSVg^I킿Nݙu naZq^;!m<~޻CF?S_ kL,$y/K@d-Ԡ4Zl:X;J#8ޣ67ڳ$w/|@^0 tzjtz<Ɖ'L qj8Vb)b;H/7]'Y` Dk/GZgk˹S^S\yT&\Jt\$6qVRNmX˜*svBBi&6WZl6ZR(b\+9QRKxOD%"Q`¢ s46b<z6蔽Jx&OY .x@}BPձ)frn ¢m'$N1mkA'8V/ D`!t?WZA):sItZuZ2 Q䂋})Ј2@ZuPJ&#k 4OAAu - yl9[:TP3J.ՄS(|HIԻ,g+/}bNmFű5VlBޏGy/|vKP0Htut@E5bO UR1ȔKǯ* jCʼ3gȃ Oue= yaPlDLö)ŲbFd/K 8:B6Vdש0Jـ* Z-pb#den$ߛ+86Jdr .k6|Dy6W~VBq\[K!0 S-18MA Q ]K46.։y\IBvkz5s[N *m$Zp KCA,t`<"S QX阃5:Gf4S&SyBTA)&2D;jw2M0KB+$M;蚣E͸lʻ&I>YwSW_) eÒ ߵ:07 Ǿv[سku Ue/V;]:ۿ@qiŕٱ8dLژQ> )nb;ږ<,Aa%DRH֝ s~7RЉ5ڧwC:L{;Cd]uRiЄ6Usov|%|dQ>h%efOoz#2Q1S(QVߧhE`a:V[ɖ9Q/X_m[&`Q29]^+a5a8g>-sGY!?&chQ u1A\|ƞKp*wlr 7]vK' (d☣Je1jنy~ t=>hWҏY_] >&n vYS,֕(/.H7B"Cl"k&*mRug^ϻs/WTvVQ:>S8CF襦KYXxCIA|e`:e8زV$o9o"W֞~rftܔd%t1['vt\@bBW8:6-RXa)|fV/|cXh5Ȋpq yzl04=x(|ys씯̼U`.ԃYUnY4HLuZP΃4)~??%59#L{ƅnbv#WػsOFszD%皝);, AKǩ]``LkGR_6+O U;S{S %NCaxE{ 䶹rB>( >V,3+6(ΊQ "JO|.m[옫^I‘NHaƤ?6~?@’d+>+]2b1{m B4Cz2AӇL~IT E[8l1vj:Mܼ*fZĶw.jc=rBĈJ.]t {lmCmmj5 Fm@|v[Bf(a;yajVߦQ4w&[Eiybwq8C\gq6L1"_k>M@HAwr8p5Z(,VKs'( |"%6{ǖ"C%۞xg̈́_8F@/,,oz x'%\r"fn-'xGQ:+?sť^MQ35} >b*?9k_>Գ dqm cu`&EiV~/h$Fs翪(&Ϟ GW(zGi>֣ч Гm 2kvoQsuFIh Z$w^]6Mow@ L1]eaQ3PpB/_Y[vŹ$NSq䛍&_<8QҜ6`We4ƅ(Gm^]F=J};xޙC#zuyhS\I@%vs(aLc0@fR엵P,]П~lJ@Ş&cN7uNv,PNjG5 {7g,KF  DsyfgNFQqKETX9+uVσ{@Pmq~ezwbe4tC7I}BUu[-[Yk LjN$ $Y?⢻Jcw 2D R›PЮjhʿ@ \uS;;LuUgYジm.LWFO<5'$ͤg 9ՕBs]Ϛ`bV]s]ED1|q Ã[TI<(ԶKL[?kyYM1|daSWo&Kpa}3M+y,w:fAėFZl"w|4sξ.G ٥c& $"7N{C'4%VWc9bTܴPM;l8~ۡ4 :pYuSE&?QAJ ]TbIpe 0Yͅo3G Hf=C_;{0poz)QD!9L3" mYӅDkuwm1̟)LYP_-0Aʄv|S=e2=J]>ǥVuJ3!.DW2hEmC[E-RFT1֕)C)+O۸t4[m_gpcD$q 6ѡ&i8nuD۴JnDFIպhMMpY&F6Ժ]}m:tRIf~&%= V_$w:{~B,\J%/X=7hXԘP4ĥ߿7L?)Ȇ+ygP BFmObF+pRY ozN .y)flœ{U 9tX@ ֈSJ@揔멈_u LMD7d{^o ^ǝ u5WpOSUPKÈ: wa!|ji!3d!c6kK|+ B>Xi) {cW2pɹf~fE}aSWe$ 7r| ; #ioE^V, S4~5rg%"rί$KD-3b=V/4GD׋?muDУK o[XCyQKvyAU@K'e C+nm)'\lV$ ԔFbؘk|nɆP`q%)1kWNR ^ @$mo!X٬S2o@oyxÿAQհ=;lPZ 1vGQ2@S]bvT-oR$t}V<v4Օ}T 4Zk<@ `Cg~ O#/^͠*QfvBO:@QVM+Vk)wnM+/BoLH|Ld(RaW/n]}yPAuep\Ga[ XQmI-o /T0cC?NccVGZGF;U$fch:F{MxO/^/.`trJyñ:*ME(M;6ڲc3K-@8.PnKq/M!Rz ^3!1 b~\< !;%;!w/ѬI!*c̿˕!ԹK2ʘڭA֥&3  eu7{+uGTxxPWz>e[-SuՔ_9g~(!'KeECXG,>pF= {}_J|Ip *;'Jd.LS#4:H0ѷԎ9:z1ܹ[v8E,&?!f%vX$-o4V IF@m<"YQlb$q)':퓛RWrH-Ӥ`/<mONPTO90ʝj `&"5n|+W3gJe)u˜:4k&%c4LGAKq;RseG*s N7"!-)C$fq*A!(ꊗvlyɤ Jq{ziVEc'-Y05=}!H&- C=FϦʶ 7.[V֔xJ7Z;݉_pF\J*з E׾OKNjL,$KmY8 {\F9%cSdwaOH!6\Ue719̀QHʲI= jk;Gp'vi"?)AT<(U͕&%!Iz9梥4@)w4BR7\ÑÌqKt'8qNyU=2xl$+!Ŋê~NH֍<;Gbk9Mّ_j5K-\ [h&=~_=~:)\%e}|a@7׭O82AzdW#~OZ>yA%vc`E~= ~l({)*yq!|qFRrF4't<T"n\>f'@,UlGoP`ѐe x2Cx9\T!) ُmSVyk4U8D F۬g.g0cwF8v\V-x`Y _i89x%*{Fto0A2- KS ēYXɺ爯*?Xځ$iMo#8b:ږ<21Y)wL<Ɛu$RR%#}\l1Z_jȩpѽ_zPP[-Eɓ:#YXibȟ;ėMuP.YD"", A( zQ5$Lb14Ǔ{,ٲRoaɘ>Oc@Za\gy!`8Qn|?\'fAEr=)!hȒ=%#fd V~E23}F<)S6T>p*ಌRk65 K_/jO\ZԺz`VX%_pa"`ӣ_8em ̌aw bGl#=&hi4GI%#Z!$q7Q~(,N:?jTEA0r׽'2eߩA*yt6a5(}?pS2yΐYHz`! Gg0؀$w{]g.'p Al ZG:sq@"5ܺk;0BiKBW)YK[#}^ :|\3\c3 P1M;A 1YD;(5`W(JZ]keºF<㳤kÓr΂D5^[Yd%`f"b''HW)'T]Ĥ[QncYX.i/ӌڹ'Ŵ8wSX]?)3kAK"|E1G Brb1cKrՏ%Poqx;-,[E z_=͚ٛ!|]Ea}h ƶBzL 30yO4!~]o.IjCp{3l-:3oB\SJ`v4E4蹟Ӈv%C{ARI?Q}5UVa[ g1bUPvlZ9Td [>I WC.=vt!!<-XO\ MtN* 1 r,hC7T(ӧ{3;2=oULHg@XEA"o_;8TA ʹШv~O6OR8=/)Ȩvni^JUB= Ln b$;V>[wf#Ϯ1'dbs@i!TRT3ЀF]y.+4_HL464 fշI Ni!YQak +Z"~P |@($N!rSUKXIA9a3l\i,Y7o) sA^Xh%=~p.J@YЩ[]l@kYqmw5sI6Anj`IlK[2Me?dU)P qf)5LBKIIad&VBEeLw3~6~$*J#u7eU^n7yK-hwHWw' Zu{F;YTЫ #AYngkR3h&O|8DG3FOu& LR)JC1qtҾGxqS܅ )Eݖ"蚮mOiJgYHrÓf1!t'`ܧǖC,<{?t?;t,(y˄hm/}~@|nb #1Nݧn&0䧕GiVO/ ܊ s5tB.*,Tx'lS{ c:7(|?[Y|?XƤh噂ڴlNn&K^YF0Hղ'搼B[g.h0E%޷٦CTVMӃ [2$gn-Ӿ۴Tv CBխGO |݅X_ "|pn D4Hiʷֻto+1ePg}J\Yߊx$Xz&EMAchƋt6etk$(|OA/Bkr`{m'zFpi't|i).Gh 3yE;Lj&1aXy,?r V^5B1mD4>):[v-{+ECƹƟPݮ_ƅw 3`jk>$Uc=σ(l6;6 P̠2VeGF- ϫaĩf QA yt; 0h;)$M<+9\0:8M[uZO(Ҷ㳋m4`6$yo~c<3wSFRR@?q.-v_]5іLGeq7r>4ǜe !NqPuSAFtH^#jNOy,,^b3 l?_E`^&KO%\N*6WtG(8h|XT*5*~W:>97;>m5kì蛷PxtbO& ԙTq!TϤ >88 >04Fl_ݲ?;&_׸fNAřS".n0Х 9`M +~I7tτ,sJm4;/0{i xDwB{8wtDFYr Wo%cw444DžC@ ~i{eræFiwx%G EѿѿB[BZ!MXg+!_ fpTꝝ;ʍ]#Y^F]!y2 IPlNJ)=+*h%| rлTPnUI!XfPSv6$GoX,m/?u8q ѡH*r(lN@[E{@W`|R#q~D:u/i$xyNΡWԝ:Sn5榉)\αS.`wEQ0)y&ؔe)l%/ DiJ2jifh~6|CrCh|Ř{#[y''p`S=Ȝ!`ߗnq_W9A_uݿU#iwUgw;HF-熛z`:+uԬ#Gv@.[uǣ ,P^p&rzO@:VL9Bhjw;Fa6e 0k`XH"ضm%NnuJ/nrjL1:*͚>7R2FYSjgjq2\<)Mؤ}tZ§}~ +pĝWdUUJHpkj!`{)Z`O.XU;QdO+H eO(5:426SQF+^&y)NK)mڼi5O-bKc1ߙa.C͛+O∧Axq }{b=P3ۆDz/xy VT5kYx5֟FW7 a"f>#٧4&zU m^z(:99 Nmq+9`M(bu[(U}Enҩ `I ՔBdZa*dꮞBV!Bؚ$>c#k84ҲN(vLwlR֚BP:Idpm_H:mYh+6>e(rv*SX**< @jn^Ɠ*;@w̬[F _6ȢB⪌H|},?ұL~xzRBAU*bX rZ/N];ٳU照ub2_A0 Q6,čjG,C'Wah{g9]/ H!ۅ<Y29Z|U",1Muޞn]3>!;ArIb81ɖ[*.6!8!~vױ0]/$5Ik^ { GQyA՚y;{0L xt#p߸K?D"<ɬb@.1sfhiGzt[`(\㪙ȧ]QIfpk,( pF&H~ ڹ"+5&:cb^ei}bd,[rIRF!jϵE^qЊх!+QjB\CK5p# 伧 X Q*(X{of5ZErs\RTx*J-L&Ȏ+i-G| ^q*#(XPps؎2^QW &""V"MwLT!]e& f /0pf~R‰Ox.q֙S/ 2]lx(Ο}Ur?tzYnCm.\3DK{ x*~"ş@"8K`{[-w̴#rpN7ӻyTΆ՝8SYG̱26uVmX7x%o}o[t&DA(:x$ôo/iO7pEiܓAB} F}(>my!lS8LӍ z6SǓ,F彡w*ZF'yžY+-A:HtәzFT#sFÖJvo{iZ<L$,MDZ8Mp8c Pk}* ,:]ڂ78kC)ҠHd_!>-b@yYV$zUtq'q'Y-PlZ9Gk ,]4IkB[ wR~ʡɌ'5nY{|Y$=Ș7$ `nhYGK??;>!|\jK az܅ҥGJ󍌾/4yFjY.;Mh$ҘFܛe L_Ւ/rrfdpL$8OzMZM.6Hi8toϮ,H|%nEmq2O$Be"CCNNZ<*ޢ7R xޒKn! L&(0{6;fR,KҢx@QhœK"v3jؖ5_H)n\d-s)(}0U\LI菀iE^Líe݂oۗ5hG㦒?I~_} C:R0!ϲC9'NFqu|{<^[ 4^X')o 85ܶO-7w"OD@B Z\y>1H߰ Wk1z)Ce;z1,O&e6=/]l!$HVYgcY klRN"ww!Ң_S UH0n,V k_6~Cv0/%5Ddį˙meMvE':*Ra N,(T&YE' J/8߭o[Z>Qv͌(^$d.2D^ZՕxwg/>56\? h ,̙e0 iɇ3j5ͻ$ 0Pe=ͫdW8Ϥ ou }(G!Ĥa2J(b2 xd~X%p`J9SN5[ˢ4)֒vPZADlK/"6ŧ-#5TRMKף\Ic Mh :BK:{H9 %@ F"qaa4N Y+R?t[i.pG_DF*ZTKQO$./͢PV-wL]YwCB \eg`ڿPFPEQʳ.[(+V9XS* Nշ~cZo<Y)uB5wJt`iB=LR}簟4b+Ihaho?oj\IVH2ӣta6Y &#ZUKA;k5_)J/OD^tN㿉؈#EfR>lO6]])估E).DpfshwHPLφ-$8AJ:`rf'&ef z-fq:o}]0{eWJ)ߏl=6r"B<|DUQVQ[8A;td|(s5)v'irgÙN O m/۷;[>Mi5%J6*Uvby'n/UUF$uL  n SP<#&҂蓛$v⡌4 G5t{~Qhnz-Jz D-[L:5" ՛X6JRa]:(q)#O;?W7 ̽ zw/`7M{$[ǎN3ltWj|d;ؼ^!w Z~(I$2[Q3?uX&]?6r?ld^y# !]5*AʺP\O񥿃yzY4-.aEq(}o*4IARvAԽ!/LKQ7mYq^8󖶒 {@RhEfΚm*uoƉIm3=);LR5KK䞸O?Er"Ӛ{ "TX y:v*ԥ{,;AB9RjP44k^BHr{j흇Л3F}u=qUĞޏoVa@6&/ƅHmPS %v<8xل9I7ь>Pe/&2?j{*ATփj XG>톘"<\Ʊ"|'(6+q_k'8LYV]ɣY~u'?ZOR4RD%&sIjЗm['I8+"]=WIcӸ'gvp.u %kXƲJf$Y)|5Y>f%gqʆ bcG:Q=Z}vӵ;#}thTڂF6/^s1oL2S5b`iOӰMM<$Bsx;rY0/aRe $)¢KGɼ/=2F6(h/ fnRf[ʁwW7Ӕ0AHyMV;>MCf^jwa=ԂkKK ;rM4g߮W;B9e~3'o zWv-DuOp8RM!nj?3+A[UsƔ=0O n@T{*CҬH.OSdwhN"sp_ ( )F.gڥ5&BDatrD_1)<\btTC3K/{?zZs,5fM;QMYmx9 ԺnvglB1jIg{FהXRPY"1>|Z<=A`;KYI}0-T/LPsΨYv$`  !Th;fU~)}c\ փֆS[ݎ5v.rm.v{@2Yt%\^7@`eAdV{8mж4,"zpI$߱ kT=uX!o%?V2B j%4VIay$IR{xLhDFVPBX;؇ QVÒ4eW[~Ԭ)6Oh7.~Bd(gڼOG;]]TLCOL3r鴮sd6~^XoLe"`r[3sLiWV: b,vFqlen#\EĬLm~a%w7*7[x/l8g9Ju_QӒۦ\yb$i w#9}aC[_CVV;#Qw k)5wu}I nm  \8&NRӋhy2"؊ JhiGmWsfݡH@TjM_,0ё 'yNld)˖-2 ͹,$)#JxjZl,˦!coc]0Meưnkq1}xrgG7泃4Cni6`+^|`bR2~nbߕՑ?w"?Ōy%mR郜PUz!$9c^)-4!3R⋣BR-c7$;Z~7ns W(!vwd*2Q|Wmr cU[ !=WgyqA$&Zuq "g~kTHŽ%zv:> zˡ)7Ҭ1_@ {_/RS2(srl;nY./ {RS~,JЊiX%۷,}`e -+dW~d˖[VPu- -?J6yv3{>L6@%rcXݱxJhWk!QMPyYze~,n_#Ɠܷ(M'#0k7wNFlgf\ I-?q< ƶxӲ5oAILQp|\ɖ6[lY?h)Ϭ;Kh5-P[%+^IUZJSPzAV4t0ƨ!] 8 w|K,'y& f#GlY#Dяywae7G$/&=%oQQIBuFFh`2G>j& M+Ramu׭n06{dU?Jr.๚}tW_ 8ۓ9l] ?bju ܧyE ]$[шiftTX,b#Ia%ÍAKo ['d$_ $6џut7S4-}?I%V.){8GU=dk&TJ8t)PsxHG۾3Ir?`Μ[WE<4̈́iMUDkӐ=~~?Zqqayt@"4D~7Z4E٧fG~Ånq ;$~lb+Y]fq>erl蠫.DZVhM oP{N25͆,"w$T䪤XּӔl`CNkbDIW+[O:y״0>KhTI!:p@6TiZI.-נR\Waqd*}g蜻v;(}=U'}bFhB4k,OC[)p…|rk96 MIJU2yADY3o()}S\ç&GH׫]qIeq`=Rr)=({8YmK#CR69k櫛MrI)O YۚcFݻ(Gg+35+Aׇ"/4Vfr-g/bwC?Q O"R2ݬe 7QAk)-_"4z|\{Dܹ#]ZbS~tRw[i+ܿϴZuQ<=bdhsk;YYYda:06*%[k7WQI6bZULcHg(ןq_s BWĮGYӋWS!a;}gT_*/(Cz놓]aNWѮPxRoٺFNLiCӲ(u-[}/6ivE4΃؋c d'IŸ1s"A׽2;td&[يʵ,I0SZReҗ5jM\g9K y1.0F{  5 Lzy݂7!/,Y#׈LG\fWcCVXS0cՎ'o( "?5Lw<ʪЄB~wWƏ*bk% sV$Z$>h&JO 1>7bwvV^/Pʟ5H+yNYm2\:N)\CB6S?Sx}*SٗdgaڐEŘ;e'z5A9\gdIABHJ%R{kw R?}~{#nk{eiaK#zGx҉JՃ\z8Լ,o^/jo- 3AiR!VCd5v2fvXzPlX=zkYW~}N0Wچ09K6q۾6le`P͉q %P'FFDWWy]Ii``mAB t!W!䬰Yy+PE"Eqo1Xf"34A;E&*Elt^ $ǝɊ٥buͱņVuE i99.k%>~mJf'OCKQOh4U9]kJߖGR,6߿O_H|q'dWnAZ&!Ec׻{n:}8iJ0fLqs-/u?˺B@IdNH9h.aip6 6L@H$߰Z ADp+Gxbh;J}>TBiQoX^<4D=u% 7;kR[hi[pP=N ]kNcCvsG6,K+kLe:j&[86޲!,:h;|"Il2ED9eȗUDlٖ& Xb)DtĹvyʼnI&@-/x4vKNK>"@h"[>%*ݧ+/9{Z Day"'@ScqYD/Ac"f @n0"$f_' c}'aT!*hAe-Kܔ0s}*vTpW2lUݠon,)X"܀(>6SrhlAYVTa \sֵLYz݋u.V*z7jHRK@2uI֚k'}UG̝aȟ=VltGLą]OAx ѕүCƦ.dy >s/ʉb<+@iN?HnvP+X G[$#_KgبimFV%FN\i6OOBկbKj`Y=ZTC2\x\'}51 ;U$oJ)e$# 0P,ȯ/ćA;XQ~0o$7»XyQ`meOmbR̔ctpe9X_2~0R"؀GYeqɊn# GYZlIMG/Wdܺ|2SCY9GCT5yڵb{r> B-K~6: }^fѦ<uΛ_obps}.75U v\'?~4bVO;(a6jKntO$ ol ;& ^)S\ZwOx-/g v]_r_2LAdj7c r  xb fӏ GF ;w \- VfZo]jG|yWJeFx?J٫[}ӳ~ɮX8 H֐a!ݹ?B .;: V'30*Y%{K<)C %Rb!!PQhUǪ^ƼP1Fp6vd傦b껑&W5}%?DV}ZI~6s' 5qiљE|3KšΛk + _TQYMkH@`pEbO8YX׉gWGL3wW!gyoTޢO.lnkEfqB m 4"MNgJЙО'DTTnj Vf@W2"Kv@=$UE<#c.a@ĕDT)u;sQ@uD }}EGHg \-{JX:HـykV"hUQ/27SKWP:>wQJ|>ͻTgaEoEw\c 8Y^O#٧p>ĀSpMi^C㕊(b9끦Y@j yr_|ۑ^v[8(+0 N,r! RE)g!7a([=;0*ɴsc P :2{}ToO>GGb:|ق: neӈخo,w;[<T ݐSF .VLtDŽ88![JFDRJv'e]:Tٖ8)~hB ϗ5Zgm7f @hQP&V'PHAG뿄1K>{vnK)o#؞"ڣsP}+?QBl#F(g .b5n#Pt2oC\H - 'YFK5Rn/CEp~oAR\';*h9'4i"=8%{{H !iQIؠ'g*n^& oƺp3‚lWSI܏V#Z׏P5-™dvbt;xe&W0/aE3TQN'XjΈ!ݞ Õ,H PGб !WCyZB#-C\ϰh_D .rCbZBӻ 7P2n/;p_{)# TRV=p$~%DDߗ;I1BQؽUso-ŠGaLCIB.e*Y8.g ½&fKɝJF$B 7Eba47}d UM浪 I_ Ur_ߊf|O=hKxp9c;?A08~S|ȟ9j,K2>=w5a0},^$~U]Mq̅ja&שz>·$FNZʋ(񭯆+XͰfqw/Z8 fD;r!2ߴr|=yE-nUYdc+Υ֫yE1Tx$ VF0[o^ ̱=>?{0ы;}5%{S߳m?& j$hʳ30Fgv* Pn}3wHUVl k*#hGpdxajwi7]]x(2&57O" :B%u='5O7]oEDkl*o9 IEN*bΖxE~$z-2(| (﬜>U;r&X@\3e񨾎V`Wi]wT&xK/\gkc 4߯fP}0(^DIzM,6C4~? cS|@}*b[*tcWr8tnV(w }HI"mx\A{Ŗ &ʟӵ vwԁ˯b|pH9"rRF=SqoS#rx"uheƼ5zEK$^@@ xvc8|nXo6g>hLTX+L1!lVf3\e5z {y6^q#M"g'CAXXjXYqQ؄o8k K7\|*Ѕ{G)rWpHy\Y,ӕEхFJf!yYo#Q/t=XXQBe;qW_'JwhU rvgvJoւpO1$cryRѣ\ºv`]r;ͶEqJ֊JܯT&.tZL=# yk{t.yCcF L!xY됰YY#vZs![ jhZFL!9G4S]6Gv N'nje\f|a}z1P 0jS>1,2+^]dk@/hIyoѠT~9E^4t'h`j1 ,k1 K/Z-W8Xl~0&%̩Q e{eB~emyI cX;j`c j+>Fcyt"(}_3;έ&v'͏<-iNu v i ѹ6ݳ!t q, 'uɦz0pHFՆ̐3xTcIމ-2 E_[d>1ۄly !X/M`=+$7tBSCL:i&X _ 2xTUuSSaE9G!2Cpal0:0IVX;)U/Z s=aM r'nU!kU 䠫g9DŽ&3UNȡ@<`D}NHM}iJI9\`Q16;V2#3?|*M- BRGΙUnT5 BSVQ$"bo%G%Ut7<&"R82Y/o#=1 AtBr`qZPG]nͲ+ԱqsϮb+#|y.W}˛>WTI \۫==nĜP ~~ߞ'Nį0aK΅$W 2O p60”YĚOH ư8PŠJQxTݭGVlVHy@UMk M~Po'g5l'+%'̌ |& (&^5 GL|2ĕH p+5~t6hU,n Es=gӻ 㻺|HvRT̡],hp/>FTwzoD,]UHR-*U_#ZN}Irc/9H>jT3PfD+}Ȯnbzm׶Nl] JPnRM4$m ̊$x-Kĸ:۞wEيc ŀ/S T-RU5=VjDI'UDIEgtXq`r~ 롶uaoÞS l)D!9fݸ\[ Z Z~J:T| `]_E_ќB!m:-^ȆhQsXzWU$xL(9|`#xNhZ]'NuUj[<1Y")tG lWl8Ak,"jub?IAȦ E-Uwy"YG)kqC-+=Eqx>\{6޸{t3aු&1+dNN7\֒RǞ,7uC &^ JkX#pCkGӁ k1sb{R<$ :r(E˛Qu"y8(ɜچ.:TJJP»/qW!pnHNj]*8 7, dp{tGRҠ Pb?4;X m=B-b,2!FOiXmMpr D#|Nj:0X_ Us'3˨8!{\"c1x*z lx\>Ob,h<6#oH>"4;ǟʱj]А!F_8*7Ov h iئ.I ^> _* RHD$|}/X=[}FYURh|CƬY }%9 i;q6 $>[sp扈=uو޵i{ᦡ lOGpA SZL Ĥ7GQB2 ƙHFaiV6#d+KOP~O+:ͦQutpKղ9Ք)nkaj:QkK{¡Ջ 6tg'ɔe4dw^` E (?fC8K8XU{):CSZOCr(`67\|F/wWj(x&~ i%HSWka1(ċw P&tENï<)տYtjy~] T҉Ŗ9:wYyER%1 \ 6a Pl(?e9 n R$B޾l]F6T=ё.2hK1yu!/N Vv/&mHKWg|0n`g ?Ǐswt:$Z073>)1julc8}ZXz ϐ$P0njLuΊdk?LQ:3gVSr3QUKm{n%H4%:5Ay0W]obLQ\ː6 kO3h SdZVCV\dJ)q¾*Q ;E vCJ9Wjaygcy7:2)ns[Kz`|TIUi=V%j)JǗQA52)4:ȳzrU2" ҉"sx/nTWO,Ɍ2KFD0Lu6=ve`;WNM{H8}K09m 9hSx OĊab~Rn~A1 gU:]P+z&\<ۑʇӑN;][[[ޞci;}u#E[Y,z_7cw91 ȝa jfiuv #9gQ?qRv`X`@Dv'gXւ?]BZA{7&ƫ-HXwBT!ZEe"oL%8%QY!o NVKR_@x,kN.8ˬL$cjd)jQtluK^/a%C &(@=S:FDG"vѥK{wH)lKd&r"tx,x+YNqLf\X=Ϣ}y{\jºM!lS2wYὋ^3; {/1&= `Z;eP_ن^993@ھ:vcr*d HzDӭһ`>Y7{ݮ%G4hGO[}̾4S)Ӄ~6ӆK2VX3V VvHp(IaP/! ,/GA,ZSg%Vwz(/}C)_U--R{.Ӽ;.soQLhW@\4y1=݆Du8é`VxirjB0#YHOޒs5`($|ԜO*E񿋌me˥S1)Vl/8KC,e2nwlۛ.}0䟕2WRM˻Lc1zAc$~w|:L/ڳ1 hK~EȡIѡZVMXΞ$x&o X#x/3b_3R(hb?&i{6D/:ٴd ~M}$~z 7N 'R!MR>8 7SZX CCnj+g]@ma]0罝O?  ovYҽQ&L^bwe΢&G4Szpv) 2 юͻQ$4/f#FըP6J[>a^6_byhd;gE1IqP 1\+HD]"UʚȘ%J')`+"q>lMmD\o1a;3Y@U Ą"P[H\Ea|!gR Eٴjo =u&>Xm nT+#QHk0=OQ:9n w 0C% YZ