Releases: erlang/otp
OTP 27.2
OTP 27.2
Erlang/OTP 27.2 is the second maintenance patch package for OTP 27, with mostly bug fixes as well as improvements.
Potential incompatibilities:
- The HTTP client now correctly takes into account the
full_resultrequest option
when returning an asynchronous request.
For details about bugfixes and potential incompatibilities see the Erlang 27.2 README
The Erlang/OTP source can also be found at GitHub on the official Erlang repository, https://github.com/erlang/otp
Download links for this and previous versions are found here
OTP 27.1.3
Patch Package: OTP 27.1.3
Git Tag: OTP-27.1.3
Date: 2024-12-05
Trouble Report Id: OTP-19240, OTP-19293, OTP-19311, OTP-19325,
OTP-19326, OTP-19328, OTP-19332, OTP-19340,
OTP-19350, OTP-19352, OTP-19357, OTP-19365,
OTP-19366, OTP-19374
Seq num: #8989, CVE-2024-53846, ERIERL-1134,
ERIERL-1139, ERIERL-1147, ERIERL-1157,
GH-8929, GH-9009, GH-9014, GH-9100,
OTP-19061, OTP-19240, OTP-19532, PR-8840,
PR-8924, PR-8931, PR-8980, PR-8995, PR-9001,
PR-9024, PR-9053, PR-9080, PR-9111, PR-9130
System: OTP
Release: 27
Application: common_test-1.27.4, compiler-8.5.3,
erts-15.1.3, kernel-10.1.2,
public_key-1.16.4, ssh-5.2.4, ssl-11.2.5
Predecessor: OTP 27.1.2
Check out the git tag OTP-27.1.3, and build a full OTP system including
documentation. Apply one or more applications from this build as patches to your
installation using the 'otp_patch_apply' tool. For information on install
requirements, see descriptions for each application version below.
common_test-1.27.4
The common_test-1.27.4 application can be applied independently of other
applications on a full OTP 27 installation.
Fixed Bugs and Malfunctions
-
With this change, cth_surefire hook module handles group path reduction for a
skipped group. This fixes a bug manifesting with improper group path for a
group executed after a group which was skipped.Own Id: OTP-19365
Related Id(s): ERIERL-1157, PR-9080
Improvements and New Features
-
With this change, prefix option can be specified in cth_conn_log option list.
Option allows to specify how much of additional information is added in raw
log output.Own Id: OTP-19293
Related Id(s): ERIERL-1139, PR-8924, PR-8931
Full runtime dependencies of common_test-1.27.4
compiler-6.0, crypto-4.5, debugger-4.1, erts-7.0, ftp-1.0, inets-6.0,
kernel-8.4, observer-2.1, runtime_tools-1.8.16, sasl-2.5, snmp-5.1.2, ssh-4.0,
stdlib-4.0, syntax_tools-1.7, tools-3.2, xmerl-1.3.8
compiler-8.5.3
The compiler-8.5.3 application can be applied independently of other
applications on a full OTP 27 installation.
Fixed Bugs and Malfunctions
-
In rare circumstances, the destructive tuple update optimization could be
applied when it was unsafe. -
In rare circumstances involving appending to multiple binaries, the compile
could emit unsafe code that would crash the runtime system.
Full runtime dependencies of compiler-8.5.3
crypto-5.1, erts-13.0, kernel-8.4, stdlib-6.0
erts-15.1.3
The erts-15.1.3 application can be applied independently of other applications
on a full OTP 27 installation.
Fixed Bugs and Malfunctions
-
gen_udp:send on domain local can leak inet_reply messages.
Own Id: OTP-19332
Related Id(s): #8989 -
net:getifaddrs does not properly report the running flag on windows.
Own Id: OTP-19366
Related Id(s): ERIERL-1134, OTP-19061
Full runtime dependencies of erts-15.1.3
kernel-9.0, sasl-3.3, stdlib-4.1
kernel-10.1.2
Note! The kernel-10.1.2 application cannot be applied independently of other
applications on an arbitrary OTP 27 installation.
On a full OTP 27 installation, also the following runtime
dependency has to be satisfied:
-- erts-15.1 (first satisfied in OTP 27.1)
Fixed Bugs and Malfunctions
-
On windows the socket:recv could return with success ({ok, Data}) even though
not all data had been read.Own Id: OTP-19328
-
gen_udp:send on domain local can leak inet_reply messages.
Own Id: OTP-19332
Related Id(s): #8989 -
Failure to create an UDP IPv6 socket when inet_backend = socket with certain
IPv6 socket options.Own Id: OTP-19357
-
net:getifaddrs does not properly report the running flag on windows.
Own Id: OTP-19366
Related Id(s): ERIERL-1134, OTP-19061
Full runtime dependencies of kernel-10.1.2
crypto-5.0, erts-15.1, sasl-3.0, stdlib-6.0
public_key-1.16.4
The public_key-1.16.4 application can be applied independently of other
applications on a full OTP 27 installation.
Fixed Bugs and Malfunctions
-
If both
ext-key-usageandkey-usageare defined for a certificate it
should be checked that these usages are consistent with each other. This will
have the affect that such certificates where theext-key-usagesis marked as
critical and the usages is consistent with thekey-useit can be considered
valid without mandatory application specific checks for theext-key-useage
extension.Own Id: OTP-19240
Related Id(s): PR-8840, OTP-19532 -
Handle decoding of EDDSA key properly, when decoding a PEM file that contains
only the public EDDSA key.
Full runtime dependencies of public_key-1.16.4
asn1-3.0, crypto-4.6, erts-6.0, kernel-3.0, stdlib-3.5
ssh-5.2.4
The ssh-5.2.4 application can be applied independently of other applications on
a full OTP 27 installation.
Fixed Bugs and Malfunctions
-
With this change, ssh connection does not crash upon receiving exit-signal
message for an already terminated channel.
Full runtime dependencies of ssh-5.2.4
crypto-5.0, erts-14.0, kernel-9.0, public_key-1.6.1, runtime_tools-1.15.1,
stdlib-5.0, stdlib-6.0
ssl-11.2.5
Note! The ssl-11.2.5 application cannot be applied independently of other
applications on an arbitrary OTP 27 installation.
On a full OTP 27 installation, also the following runtime
dependency has to be satisfied:
-- public_key-1.16.4 (first satisfied in OTP 27.1.3)
Fixed Bugs and Malfunctions
-
Avoid generating an internal alert for case that should have been an orderly
shutdown by the supervisor.Own Id: OTP-19311
Related Id(s): PR-8980 -
If present, extended key-usage TLS (SSL) role check (
pk-clientAuth,
pk-serverAuth) should always be performed for peer-cert. An intermediate CA
cert may relax the requirement ifAnyExtendedKeyUsagepurpose is present.In OTP-25.3.2.8, OTP-26.2 and OTP-27.0 these requirements became too relaxed.
There where two problems, firstly the peer cert extension was only checked if
it was marked critical, and secondly the CA cert check did not assert the
relaxedAnyExtendedKeyUsagepurpose.This could result in that certificates might be misused for purposes not
intended by the certificate authority.Thanks to Bryan Paxton for reporting the issue.
Own Id: OTP-19352
Related Id(s): PR-9130, CVE-2024-53846, OTP-19240
Improvements and New Features
-
Back port certificate_authorities option for TLS-1.3 servers to pre TLS-1.3
servers to enable them to disable the sending of certificate authorities in
their certificate request. This will have same affect as the the TLS-1.3
server option although it is handled by a different mechanism in these
versions, where the functionality is described to be more of a guidance,
although some pre TLS clients have proven to make it mandatory as in TLS-1.3
extension handling.Own Id: OTP-19325
Related Id(s): ERIERL-1147, PR-9001
Full runtime dependencies of ssl-11.2.5
crypto-5.0, erts-15.0, inets-5.10.7, kernel-9.0, public_key-1.16.4,
runtime_tools-1.15.1, stdlib-6.0
Thanks to
Frej Drejhammar, zmstone
OTP 26.2.5.6
Patch Package: OTP 26.2.5.6
Git Tag: OTP-26.2.5.6
Date: 2024-12-05
Trouble Report Id: OTP-19240, OTP-19330, OTP-19332, OTP-19350,
OTP-19352, OTP-19357, OTP-19365, OTP-19366,
OTP-19368, OTP-19379, OTP-19380
Seq num: #8989, CVE-2024-53846, ERIERL-1134,
ERIERL-1154, ERIERL-1157, GH-8755, GH-8829,
GH-8983, GH-9009, OTP-19061, OTP-19240,
OTP-19532, PR-8840, PR-8878, PR-9008,
PR-9053, PR-9080, PR-9093, PR-9130
System: OTP
Release: 26
Application: common_test-1.26.2.3, erts-14.2.5.5,
inets-9.1.0.2, kernel-9.2.4.4,
mnesia-4.23.1.1, public_key-1.15.1.4,
ssl-11.1.4.6, stdlib-5.2.3.3
Predecessor: OTP 26.2.5.5
Check out the git tag OTP-26.2.5.6, and build a full OTP system
including documentation. Apply one or more applications from this
build as patches to your installation using the 'otp_patch_apply'
tool. For information on install requirements, see descriptions for
each application version below.
---------------------------------------------------------------------
--- common_test-1.26.2.3 --------------------------------------------
---------------------------------------------------------------------
The common_test-1.26.2.3 application can be applied independently of
other applications on a full OTP 26 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19365 Application(s): common_test
Related Id(s): ERIERL-1157, PR-9080
With this change, cth_surefire hook module handles
group path reduction for a skipped group. This fixes a
bug manifesting with improper group path for a group
executed after a group which was skipped.
Full runtime dependencies of common_test-1.26.2.3: compiler-6.0,
crypto-4.5, debugger-4.1, erts-7.0, ftp-1.0, inets-6.0, kernel-8.4,
observer-2.1, runtime_tools-1.8.16, sasl-2.5, snmp-5.1.2, ssh-4.0,
stdlib-4.0, syntax_tools-1.7, tools-3.2, xmerl-1.3.8
---------------------------------------------------------------------
--- erts-14.2.5.5 ---------------------------------------------------
---------------------------------------------------------------------
The erts-14.2.5.5 application can be applied independently of other
applications on a full OTP 26 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19330 Application(s): erts
Related Id(s): GH-8983, PR-9008
Fix lock order violation if a NIF monitor down callback
calls enif_whereis_pid. Would cause debug emulator to
crash but could potentially lead to deadlocks in
optimized emulator.
OTP-19332 Application(s): erts, kernel
Related Id(s): #8989
gen_udp:send on domain local can leak inet_reply
messages.
OTP-19366 Application(s): erts, kernel
Related Id(s): ERIERL-1134, OTP-19061
net:getifaddrs does not properly report the running
flag on windows.
Full runtime dependencies of erts-14.2.5.5: kernel-9.0, sasl-3.3,
stdlib-4.1
---------------------------------------------------------------------
--- inets-9.1.0.2 ---------------------------------------------------
---------------------------------------------------------------------
The inets-9.1.0.2 application can be applied independently of other
applications on a full OTP 26 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19379 Application(s): inets
Related Id(s): GH-8829, PR-8878
Fixed a bug where calling httpc:set_options/2 when one
of keys: ipfamily or unix_socket, was not present,
would cause the other value to get overriden by the
default value. The validation of these options was also
improved.
Full runtime dependencies of inets-9.1.0.2: erts-14.0, kernel-9.0,
mnesia-4.12, public_key-1.13, runtime_tools-1.8.14, ssl-9.0,
stdlib-5.0, stdlib-5.0
---------------------------------------------------------------------
--- kernel-9.2.4.4 --------------------------------------------------
---------------------------------------------------------------------
The kernel-9.2.4.4 application can be applied independently of other
applications on a full OTP 26 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19332 Application(s): erts, kernel
Related Id(s): #8989
gen_udp:send on domain local can leak inet_reply
messages.
OTP-19357 Application(s): kernel
Failure to create an UDP IPv6 socket when inet_backend
= socket with certain IPv6 socket options.
OTP-19366 Application(s): erts, kernel
Related Id(s): ERIERL-1134, OTP-19061
net:getifaddrs does not properly report the running
flag on windows.
Full runtime dependencies of kernel-9.2.4.4: crypto-5.0, erts-14.0,
sasl-3.0, stdlib-5.0
---------------------------------------------------------------------
--- mnesia-4.23.1.1 -------------------------------------------------
---------------------------------------------------------------------
The mnesia-4.23.1.1 application can be applied independently of other
applications on a full OTP 26 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19368 Application(s): mnesia
Related Id(s): ERIERL-1154, PR-9093
Mnesia could crash if table was deleted during
checkpoint initialization.
Full runtime dependencies of mnesia-4.23.1.1: erts-9.0, kernel-5.3,
stdlib-5.0
---------------------------------------------------------------------
--- public_key-1.15.1.4 ---------------------------------------------
---------------------------------------------------------------------
The public_key-1.15.1.4 application can be applied independently of
other applications on a full OTP 26 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19240 Application(s): public_key
Related Id(s): PR-8840, OTP-19532
If both ext-key-usage and key-usage are defined for a
certificate it should be checked that these usages are
consistent with each other. This will have the affect
that such certificates where the ext-key-usages is
marked as critical and the usages is consistent with
the key-use it can be considered valid without
mandatory application specific checks for the
ext-key-useage extension.
OTP-19350 Application(s): public_key
Related Id(s): GH-9009, PR-9053
Handle decoding of EDDSA key properly, when decoding a
PEM file that contains only the public EDDSA key.
Full runtime dependencies of public_key-1.15.1.4: asn1-3.0,
crypto-4.6, erts-6.0, kernel-3.0, stdlib-3.5
---------------------------------------------------------------------
--- ssl-11.1.4.6 ----------------------------------------------------
---------------------------------------------------------------------
The ssl-11.1.4.6 application can be applied independently of other
applications on a full OTP 26 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19352 Application(s): ssl
Related Id(s): PR-9130, CVE-2024-53846, OTP-19240
If present, extended key-usage TLS (SSL) role check
(pk-clientAuth, pk-serverAuth) should always be
performed for peer-cert. An intermediate CA cert may
relax the requirement if AnyExtendedKeyUsage purpose is
present.
In OTP-25.3.2.8, OTP-26.2 and OTP-27.0 these
requirements became too relaxed. There where two
problems, firstly the peer cert extension was only
checked if it was marked critical, and secondly the CA
cert check did not assert the relaxed
AnyExtendedKeyUsage purpose.
This could result in that certificates might be misused
for purposes not intended by the certificate authority.
Thanks to Bryan Paxton for reporting the issue.
Full runtime dependencies of ssl-11.1.4.6: crypto-5.0, erts-14.0,
inets-5.10.7, kernel-9.0, public_key-1.11.3, runtime_tools-1.15.1,
stdlib-4.1
---------------------------------------------------------------------
--- stdlib-5.2.3.3 --------------------------------------------------
---------------------------------------------------------------------
The stdlib-5.2.3.3 application can be applied independently of other
applications on a full OTP 26 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19380 Application(s): stdlib
Related Id(s): GH-8755
Fixed an error in uri_string:percent_decode spec
Full runtime dependencies of stdlib-5.2.3.3: compiler-5.0,
crypto-4.5, erts-13.1, kernel-9.0, sasl-3.0
---------------------------------------------------------------------
--- Thanks to -------------------------------------------------------
---------------------------------------------------------------------
Marko Mindek
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
OTP 25.3.2.16
Patch Package: OTP 25.3.2.16
Git Tag: OTP-25.3.2.16
Date: 2024-12-05
Trouble Report Id: OTP-19240, OTP-19311, OTP-19326, OTP-19330,
OTP-19350, OTP-19352, OTP-19365, OTP-19379,
OTP-19380
Seq num: CVE-2024-53846, ERIERL-1157, GH-8755,
GH-8829, GH-8929, GH-8983, GH-9009,
OTP-19240, OTP-19532, PR-8840, PR-8878,
PR-8980, PR-8995, PR-9008, PR-9053, PR-9080,
PR-9130
System: OTP
Release: 25
Application: common_test-1.24.0.5, erts-13.2.2.12,
inets-8.3.1.5, public_key-1.13.3.5,
ssh-4.15.3.8, ssl-10.9.1.7, stdlib-4.3.1.6
Predecessor: OTP 25.3.2.15
Check out the git tag OTP-25.3.2.16, and build a full OTP system
including documentation. Apply one or more applications from this
build as patches to your installation using the 'otp_patch_apply'
tool. For information on install requirements, see descriptions for
each application version below.
---------------------------------------------------------------------
--- common_test-1.24.0.5 --------------------------------------------
---------------------------------------------------------------------
The common_test-1.24.0.5 application can be applied independently of
other applications on a full OTP 25 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19365 Application(s): common_test
Related Id(s): ERIERL-1157, PR-9080
With this change, cth_surefire hook module handles
group path reduction for a skipped group. This fixes a
bug manifesting with improper group path for a group
executed after a group which was skipped.
Full runtime dependencies of common_test-1.24.0.5: compiler-6.0,
crypto-4.5, debugger-4.1, erts-7.0, ftp-1.0, inets-6.0, kernel-8.4,
observer-2.1, runtime_tools-1.8.16, sasl-2.5, snmp-5.1.2, ssh-4.0,
stdlib-4.0, syntax_tools-1.7, tools-3.2, xmerl-1.3.8
---------------------------------------------------------------------
--- erts-13.2.2.12 --------------------------------------------------
---------------------------------------------------------------------
Note! The erts-13.2.2.12 application *cannot* be applied
independently of other applications on an arbitrary OTP 25
installation.
On a full OTP 25 installation, also the following runtime
dependencies have to be satisfied:
-- kernel-8.5 (first satisfied in OTP 25.1)
-- stdlib-4.1 (first satisfied in OTP 25.1)
--- Fixed Bugs and Malfunctions ---
OTP-19330 Application(s): erts
Related Id(s): GH-8983, PR-9008
Fix lock order violation if a NIF monitor down callback
calls enif_whereis_pid. Would cause debug emulator to
crash but could potentially lead to deadlocks in
optimized emulator.
Full runtime dependencies of erts-13.2.2.12: kernel-8.5, sasl-3.3,
stdlib-4.1
---------------------------------------------------------------------
--- inets-8.3.1.5 ---------------------------------------------------
---------------------------------------------------------------------
The inets-8.3.1.5 application can be applied independently of other
applications on a full OTP 25 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19379 Application(s): inets
Related Id(s): GH-8829, PR-8878
Fixed a bug where calling httpc:set_options/2 when one
of keys: ipfamily or unix_socket, was not present,
would cause the other value to get overriden by the
default value. The validation of these options was also
improved.
Full runtime dependencies of inets-8.3.1.5: erts-13.0, kernel-6.0,
mnesia-4.12, public_key-1.13, runtime_tools-1.8.14, ssl-9.0,
stdlib-4.0
---------------------------------------------------------------------
--- public_key-1.13.3.5 ---------------------------------------------
---------------------------------------------------------------------
The public_key-1.13.3.5 application can be applied independently of
other applications on a full OTP 25 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19240 Application(s): public_key
Related Id(s): PR-8840, OTP-19532
If both ext-key-usage and key-usage are defined for a
certificate it should be checked that these usages are
consistent with each other. This will have the affect
that such certificates where the ext-key-usages is
marked as critical and the usages is consistent with
the key-use it can be considered valid without
mandatory application specific checks for the
ext-key-useage extension.
OTP-19350 Application(s): public_key
Related Id(s): GH-9009, PR-9053
Handle decoding of EDDSA key properly, when decoding a
PEM file that contains only the public EDDSA key.
Full runtime dependencies of public_key-1.13.3.5: asn1-3.0,
crypto-4.6, erts-6.0, kernel-3.0, stdlib-3.5
---------------------------------------------------------------------
--- ssh-4.15.3.8 ----------------------------------------------------
---------------------------------------------------------------------
The ssh-4.15.3.8 application can be applied independently of other
applications on a full OTP 25 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19326 Application(s): ssh
Related Id(s): GH-8929, PR-8995
With this change, ssh connection does not crash upon
receiving exit-signal message for an already terminated
channel.
Full runtime dependencies of ssh-4.15.3.8: crypto-5.0, erts-11.0,
kernel-6.0, public_key-1.6.1, runtime_tools-1.15.1, stdlib-3.15
---------------------------------------------------------------------
--- ssl-10.9.1.7 ----------------------------------------------------
---------------------------------------------------------------------
Note! The ssl-10.9.1.7 application *cannot* be applied independently
of other applications on an arbitrary OTP 25 installation.
On a full OTP 25 installation, also the following runtime
dependency has to be satisfied:
-- stdlib-4.1 (first satisfied in OTP 25.1)
--- Fixed Bugs and Malfunctions ---
OTP-19311 Application(s): ssl
Related Id(s): PR-8980
Avoid generating an internal alert for case that should
have been an orderly shutdown by the supervisor.
OTP-19352 Application(s): ssl
Related Id(s): PR-9130, CVE-2024-53846, OTP-19240
If present, extended key-usage TLS (SSL) role check
(pk-clientAuth, pk-serverAuth) should always be
performed for peer-cert. An intermediate CA cert may
relax the requirement if AnyExtendedKeyUsage purpose is
present.
In OTP-25.3.2.8, OTP-26.2 and OTP-27.0 these
requirements became too relaxed. There where two
problems, firstly the peer cert extension was only
checked if it was marked critical, and secondly the CA
cert check did not assert the relaxed
AnyExtendedKeyUsage purpose.
This could result in that certificates might be misused
for purposes not intended by the certificate authority.
Thanks to Bryan Paxton for reporting the issue.
Full runtime dependencies of ssl-10.9.1.7: crypto-5.0, erts-10.0,
inets-5.10.7, kernel-8.4, public_key-1.11.3, runtime_tools-1.15.1,
stdlib-4.1
---------------------------------------------------------------------
--- stdlib-4.3.1.6 --------------------------------------------------
---------------------------------------------------------------------
Note! The stdlib-4.3.1.6 application *cannot* be applied
independently of other applications on an arbitrary OTP 25
installation.
On a full OTP 25 installation, also the following runtime
dependencies have to be satisfied:
-- erts-13.1 (first satisfied in OTP 25.1)
-- kernel-8.5.1 (first satisfied in OTP 25.1.1)
--- Fixed Bugs and Malfunctions ---
OTP-19380 Application(s): stdlib
Related Id(s): GH-8755
Fixed an error in uri_string:percent_decode spec
Full runtime dependencies of stdlib-4.3.1.6: compiler-5.0,
crypto-4.5, erts-13.1, kernel-8.5.1, sasl-3.0
---------------------------------------------------------------------
--- Thanks to -------------------------------------------------------
---------------------------------------------------------------------
Marko Mindek, zmstone
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
OTP 26.2.5.5
Patch Package: OTP 26.2.5.5
Git Tag: OTP-26.2.5.5
Date: 2024-11-01
Trouble Report Id: OTP-19293, OTP-19311, OTP-19316, OTP-19325,
OTP-19326, OTP-19329
Seq num: ERIERL-1139, ERIERL-1147, GH-8929, GH-8971,
GH-8997, PR-8924, PR-8931, PR-8979, PR-8980,
PR-8995, PR-9001, PR-9002
System: OTP
Release: 26
Application: common_test-1.26.2.2, crypto-5.4.2.3,
ssh-5.1.4.4, ssl-11.1.4.5
Predecessor: OTP 26.2.5.4
Check out the git tag OTP-26.2.5.5, and build a full OTP system
including documentation. Apply one or more applications from this
build as patches to your installation using the 'otp_patch_apply'
tool. For information on install requirements, see descriptions for
each application version below.
---------------------------------------------------------------------
--- common_test-1.26.2.2 --------------------------------------------
---------------------------------------------------------------------
The common_test-1.26.2.2 application can be applied independently of
other applications on a full OTP 26 installation.
--- Improvements and New Features ---
OTP-19293 Application(s): common_test
Related Id(s): ERIERL-1139, PR-8924, PR-8931
With this change, prefix option can be specified in
cth_conn_log option list. Option allows to specify how
much of additional information is added in raw log
output.
Full runtime dependencies of common_test-1.26.2.2: compiler-6.0,
crypto-4.5, debugger-4.1, erts-7.0, ftp-1.0, inets-6.0, kernel-8.4,
observer-2.1, runtime_tools-1.8.16, sasl-2.5, snmp-5.1.2, ssh-4.0,
stdlib-4.0, syntax_tools-1.7, tools-3.2, xmerl-1.3.8
---------------------------------------------------------------------
--- crypto-5.4.2.3 --------------------------------------------------
---------------------------------------------------------------------
The crypto-5.4.2.3 application can be applied independently of other
applications on a full OTP 26 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19316 Application(s): crypto
Related Id(s): GH-8971, PR-8979
Fixed bug that could cause blocking scheduler threads
in crypto:supports(curves) if called the first time by
more than one Erlang process. Bug exists only in
OTP-26.2.5.4.
OTP-19329 Application(s): crypto
Related Id(s): GH-8997, PR-9002
Fixed crypto:hash_final/1 for digest types shake128 and
shake256 when using OpenSSL 3.4 or newer.
Full runtime dependencies of crypto-5.4.2.3: erts-9.0, kernel-5.3,
stdlib-3.9
---------------------------------------------------------------------
--- ssh-5.1.4.4 -----------------------------------------------------
---------------------------------------------------------------------
The ssh-5.1.4.4 application can be applied independently of other
applications on a full OTP 26 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19326 Application(s): ssh
Related Id(s): GH-8929, PR-8995
With this change, ssh connection does not crash upon
receiving exit-signal message for an already terminated
channel.
Full runtime dependencies of ssh-5.1.4.4: crypto-5.0, erts-14.0,
kernel-9.0, public_key-1.6.1, runtime_tools-1.15.1, stdlib-5.0,
stdlib-5.0
---------------------------------------------------------------------
--- ssl-11.1.4.5 ----------------------------------------------------
---------------------------------------------------------------------
The ssl-11.1.4.5 application can be applied independently of other
applications on a full OTP 26 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19311 Application(s): ssl
Related Id(s): PR-8980
Avoid generating an internal alert for case that should
have been an orderly shutdown by the supervisor.
--- Improvements and New Features ---
OTP-19325 Application(s): ssl
Related Id(s): ERIERL-1147, PR-9001
Back port certificate_authorities option for TLS-1.3
servers to pre TLS-1.3 servers to enable them to
disable the sending of certificate authorities in their
certificate request. This will have same affect as the
the TLS-1.3 server option although it is handled by a
different mechanism in these versions, where the
functionality is described to be more of a guidance,
although some pre TLS clients have proven to make it
mandatory as in TLS-1.3 extension handling.
Full runtime dependencies of ssl-11.1.4.5: crypto-5.0, erts-14.0,
inets-5.10.7, kernel-9.0, public_key-1.11.3, runtime_tools-1.15.1,
stdlib-4.1
---------------------------------------------------------------------
--- Thanks to -------------------------------------------------------
---------------------------------------------------------------------
zmstone
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
OTP 27.1.2
Patch Package: OTP 27.1.2
Git Tag: OTP-27.1.2
Date: 2024-10-17
Trouble Report Id: OTP-19124, OTP-19235, OTP-19246, OTP-19247,
OTP-19249, OTP-19258, OTP-19265, OTP-19266,
OTP-19267, OTP-19268, OTP-19269, OTP-19274,
OTP-19286, OTP-19288
Seq num: ERIERL-1127, ERIERL-1133, ERIERL-1134,
ERIERL-1137, ERIERL-1138, GH-6455, GH-7550,
GH-8223, GH-8835, GH-8875, GH-8880, GH-8908,
OTP-18520, OTP-19061, PR-8226, PR-8766,
PR-8837, PR-8854, PR-8866, PR-8876, PR-8890,
PR-8892, PR-8895, PR-8897, PR-8901, PR-8914,
PR-8916
System: OTP
Release: 27
Application: common_test-1.27.3, erts-15.1.2,
kernel-10.1.1, ssh-5.2.3, ssl-11.2.4,
stdlib-6.1.2
Predecessor: OTP 27.1.1
Check out the git tag OTP-27.1.2, and build a full OTP system including
documentation. Apply one or more applications from this build as patches to your
installation using the 'otp_patch_apply' tool. For information on install
requirements, see descriptions for each application version below.
common_test-1.27.3
The common_test-1.27.3 application can be applied independently of other
applications on a full OTP 27 installation.
Fixed Bugs and Malfunctions
-
With this change, jquery and tablesorter licenses are added to COPYRIGHT file.
Also tablesorter is updated to version 2.32.Own Id: OTP-19265
Related Id(s): PR-8876
Full runtime dependencies of common_test-1.27.3
compiler-6.0, crypto-4.5, debugger-4.1, erts-7.0, ftp-1.0, inets-6.0,
kernel-8.4, observer-2.1, runtime_tools-1.8.16, sasl-2.5, snmp-5.1.2, ssh-4.0,
stdlib-4.0, syntax_tools-1.7, tools-3.2, xmerl-1.3.8
erts-15.1.2
The erts-15.1.2 application can be applied independently of other applications
on a full OTP 27 installation.
Fixed Bugs and Malfunctions
-
A bug has been fixed where receiving an SCTP message with
gen_sctpcould
waste the first fragments of a message and only deliver the last fragment.This happened with low probability when the OS signaled that the socket was
ready for reading in combination with an internal time-out retry.A bug has been fixed with a lingering time-out from after an SCTP connect that
could stop the flow of incoming messages on an activegen_tcpsocket.Own Id: OTP-19235
Related Id(s): ERIERL-1133, PR-8837 -
An boolean option
non_block_sendfor SCTP, has ben added to be able to
achieve the old behaviour to avoid blocking send operations by passing the OS
network stack error message ({error,eagain}through.Own Id: OTP-19258
Related Id(s): ERIERL-1134, OTP-19061 -
The call
gen_tcp:send/2could hang indefinitely despite having set the
send_timeoutoption for the following unfortunate combination of
circumstances:- The socket has to be in passive mode.
- All output buffers had to be filled util the
high_watermarkwas hit,
causing thegen_tcp:send/2operation to block. - While the send operation was blocked, a
gen_tcp:recv/2,3call had to be
done from a different process. It had to block, waiting for data for a while
before completing the operation, and the received packet had to fill at
least 75% of the receive buffer.
Under these circumstances he information that a send operation was waiting got
lost, so the send operation that blocked in the first placed would never
return. The data it had would be sent, though, and send operations from other
processes, still work.This bug has been fixed.
Own Id: OTP-19267
Related Id(s): ERIERL-1138, GH-6455, PR-8892, OTP-18520 -
In rare circumstances, in code that matches multiple tuples, the JIT could
generate code that would raise abadmatchexception even if the given tuples
were correct. -
Fixed beam crash that could happen if resetting
call_timeorcall_memory
trace counters of a function while it is called. Bug exists since OTP R16.
Full runtime dependencies of erts-15.1.2
kernel-9.0, sasl-3.3, stdlib-4.1
kernel-10.1.1
Note! The kernel-10.1.1 application cannot be applied independently of other
applications on an arbitrary OTP 27 installation.
On a full OTP 27 installation, also the following runtime
dependency has to be satisfied:
-- erts-15.1 (first satisfied in OTP 27.1)
Fixed Bugs and Malfunctions
-
A bug has been fixed where receiving an SCTP message with
gen_sctpcould
waste the first fragments of a message and only deliver the last fragment.This happened with low probability when the OS signaled that the socket was
ready for reading in combination with an internal time-out retry.A bug has been fixed with a lingering time-out from after an SCTP connect that
could stop the flow of incoming messages on an activegen_tcpsocket.Own Id: OTP-19235
Related Id(s): ERIERL-1133, PR-8837 -
An boolean option
non_block_sendfor SCTP, has ben added to be able to
achieve the old behaviour to avoid blocking send operations by passing the OS
network stack error message ({error,eagain}through.Own Id: OTP-19258
Related Id(s): ERIERL-1134, OTP-19061
Full runtime dependencies of kernel-10.1.1
crypto-5.0, erts-15.1, sasl-3.0, stdlib-6.0
ssh-5.2.3
The ssh-5.2.3 application can be applied independently of other applications on
a full OTP 27 installation.
Fixed Bugs and Malfunctions
-
With this change, a race condition is removed from ssh client connection setup
procedure. -
With this change, ssh:connect is not affected by presence of EXIT message in
queue. -
With this change, ssh appends {active, false} option after socket options
received from user - so that false value is always used.Own Id: OTP-19247
Related Id(s): PR-8226
Full runtime dependencies of ssh-5.2.3
crypto-5.0, erts-14.0, kernel-9.0, public_key-1.6.1, runtime_tools-1.15.1,
stdlib-5.0, stdlib-6.0
ssl-11.2.4
Note! The ssl-11.2.4 application cannot be applied independently of other
applications on an arbitrary OTP 27 installation.
On a full OTP 27 installation, also the following runtime
dependency has to be satisfied:
-- public_key-1.16.2 (first satisfied in OTP 27.1)
Fixed Bugs and Malfunctions
-
Refactor trying to also make some optimizations introduced a bug in signature
algorithms checks in OTP-26.2.1. This could manifest itself in not being able
to negotiate connections using certificates needing to use some TLS-1.2
compatibility legacy signature schemes.Own Id: OTP-19249
Related Id(s): ERIERL-1137, PR-8866 -
Correct timeout handling for termination code run for own alerts, so that
intended timeout is used instead of falling back to OS TCP-stack timeout that
is unreasonably long on some platforms.Own Id: OTP-19274
Related Id(s): PR-8901 -
Fix assertion so that works as intended. This could result in that some
TLS-1.2 clients would fail to connect to the the erlang server. Bug introduced
in OTP-27.1.1
Full runtime dependencies of ssl-11.2.4
crypto-5.0, erts-15.0, inets-5.10.7, kernel-9.0, public_key-1.16.2,
runtime_tools-1.15.1, stdlib-6.0
stdlib-6.1.2
The stdlib-6.1.2 application can be applied independently of other applications
on a full OTP 27 installation.
Fixed Bugs and Malfunctions
-
With this change, uri_string:normalize assumes empty path (do not crash) when
no path is provided in the URI map.Own Id: OTP-19266
Related Id(s): ERIERL-1127, PR-8890 -
Fixed spec for
json:format/3.
Full runtime dependencies of stdlib-6.1.2
compiler-5.0, crypto-4.5, erts-15.0, kernel-10.0, sasl-3.0
Thanks to
Jakub Witczak
OTP 25.3.2.15
Patch Package: OTP 25.3.2.15
Git Tag: OTP-25.3.2.15
Date: 2024-10-14
Trouble Report Id: OTP-19124, OTP-19158, OTP-19221, OTP-19236,
OTP-19238, OTP-19246, OTP-19247, OTP-19252,
OTP-19256, OTP-19257, OTP-19265, OTP-19266,
OTP-19269, OTP-19274, OTP-19284
Seq num: ERIERL-1091, ERIERL-1093, ERIERL-1127,
ERIERL-1131, GH-7550, GH-8223, GH-8835,
PR-8226, PR-8261, PR-8766, PR-8780, PR-8788,
PR-8801, PR-8831, PR-8854, PR-8858, PR-8876,
PR-8890, PR-8897, PR-8901, PR-8909
System: OTP
Release: 25
Application: common_test-1.24.0.4, erts-13.2.2.11,
inets-8.3.1.4, public_key-1.13.3.4,
ssh-4.15.3.7, ssl-10.9.1.6, stdlib-4.3.1.5
Predecessor: OTP 25.3.2.14
Check out the git tag OTP-25.3.2.15, and build a full OTP system
including documentation. Apply one or more applications from this
build as patches to your installation using the 'otp_patch_apply'
tool. For information on install requirements, see descriptions for
each application version below.
---------------------------------------------------------------------
--- POTENTIAL INCOMPATIBILITIES -------------------------------------
---------------------------------------------------------------------
OTP-19158 Application(s): inets
With this change, HTTP client, when returning an
asynchronous request, now correctly takes into account
`OptionRequest - full_result`
---------------------------------------------------------------------
--- common_test-1.24.0.4 --------------------------------------------
---------------------------------------------------------------------
The common_test-1.24.0.4 application can be applied independently of
other applications on a full OTP 25 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19252 Application(s): common_test
Related Id(s): PR-8858
With this change, HTML reports include jQuery version
3.7.1.
OTP-19265 Application(s): common_test
Related Id(s): PR-8876
With this change, jquery and tablesorter licenses are
added to COPYRIGHT file. Also tablesorter is updated to
version 2.32.
OTP-19284 Application(s): common_test
Related Id(s): ERIERL-1093, PR-8909
Fixed a bug where the sum of testcases' execution time
in HTML logs was sometimes miscalculated, and the table
was not fully printed.
Full runtime dependencies of common_test-1.24.0.4: compiler-6.0,
crypto-4.5, debugger-4.1, erts-7.0, ftp-1.0, inets-6.0, kernel-8.4,
observer-2.1, runtime_tools-1.8.16, sasl-2.5, snmp-5.1.2, ssh-4.0,
stdlib-4.0, syntax_tools-1.7, tools-3.2, xmerl-1.3.8
---------------------------------------------------------------------
--- erts-13.2.2.11 --------------------------------------------------
---------------------------------------------------------------------
Note! The erts-13.2.2.11 application *cannot* be applied
independently of other applications on an arbitrary OTP 25
installation.
On a full OTP 25 installation, also the following runtime
dependencies have to be satisfied:
-- kernel-8.5 (first satisfied in OTP 25.1)
-- stdlib-4.1 (first satisfied in OTP 25.1)
--- Fixed Bugs and Malfunctions ---
OTP-19269 Application(s): erts
Related Id(s): GH-8835, PR-8897
Fixed beam crash that could happen if resetting
call_time or call_memory trace counters of a function
while it is called. Bug exists since OTP R16.
Full runtime dependencies of erts-13.2.2.11: kernel-8.5, sasl-3.3,
stdlib-4.1
---------------------------------------------------------------------
--- inets-8.3.1.4 ---------------------------------------------------
---------------------------------------------------------------------
The inets-8.3.1.4 application can be applied independently of other
applications on a full OTP 25 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19158 Application(s): inets
*** POTENTIAL INCOMPATIBILITY ***
With this change, HTTP client, when returning an
asynchronous request, now correctly takes into account
`OptionRequest - full_result`
OTP-19221 Application(s): inets
Related Id(s): ERIERL-1091, PR-8788, PR-8801
With this change, synchronous httpc:request now
timeouts after `Timeout` specified in `HttpOption
{timeout, Timeout}`
Full runtime dependencies of inets-8.3.1.4: erts-13.0, kernel-6.0,
mnesia-4.12, public_key-1.13, runtime_tools-1.8.14, ssl-9.0,
stdlib-4.0
---------------------------------------------------------------------
--- public_key-1.13.3.4 ---------------------------------------------
---------------------------------------------------------------------
The public_key-1.13.3.4 application can be applied independently of
other applications on a full OTP 25 installation.
--- Improvements and New Features ---
OTP-19238 Application(s): public_key
Related Id(s): PR-8831
Do not hide crypto badarg reason, this error handling
enhancement facilitates debugging. These kind of
runtime errors are not documented and should never be
relied on for matching, they are intended for catching
input errors early.
Full runtime dependencies of public_key-1.13.3.4: asn1-3.0,
crypto-4.6, erts-6.0, kernel-3.0, stdlib-3.5
---------------------------------------------------------------------
--- ssh-4.15.3.7 ----------------------------------------------------
---------------------------------------------------------------------
The ssh-4.15.3.7 application can be applied independently of other
applications on a full OTP 25 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19124 Application(s): ssh
Related Id(s): GH-7550, PR-8766
With this change, a race condition is removed from ssh
client connection setup procedure.
OTP-19246 Application(s): ssh
Related Id(s): GH-8223, PR-8854
With this change, ssh:connect is not affected by
presence of EXIT message in queue.
OTP-19247 Application(s): ssh
Related Id(s): PR-8226
With this change, ssh appends {active, false} option
after socket options received from user - so that false
value is always used.
Full runtime dependencies of ssh-4.15.3.7: crypto-5.0, erts-11.0,
kernel-6.0, public_key-1.6.1, runtime_tools-1.15.1, stdlib-3.15
---------------------------------------------------------------------
--- ssl-10.9.1.6 ----------------------------------------------------
---------------------------------------------------------------------
Note! The ssl-10.9.1.6 application *cannot* be applied independently
of other applications on an arbitrary OTP 25 installation.
On a full OTP 25 installation, also the following runtime
dependency has to be satisfied:
-- stdlib-4.1 (first satisfied in OTP 25.1)
--- Fixed Bugs and Malfunctions ---
OTP-19236 Application(s): ssl
Related Id(s): PR-8261
Starting from TLS-1.3 some server handshake alerts
might arrive after ssl:connection/2,3,4 has returned.
If the socket is in active mode the controlling process
will get the alert message, but passive sockets would
only get {error, closed} on next call to ssl:recv/2,3
or ssl/setopts/2. Passive sockets calls will now return
{error, error_alert()} instead.
OTP-19257 Application(s): ssl
Related Id(s): ERIERL-1131
Servers configured to support only version (pre
TLS-1.2) should ignore hello version extension, as it
is an unknown extension to them, this will result in
that new clients that do not support the old server
version will get an insufficient security alert from
the server and not a protocol version alert, this is
consistent with how old servers not able to support
higher protocol versions work.
OTP-19274 Application(s): ssl
Related Id(s): PR-8901
Correct timeout handling for termination code run for
own alerts, so that intended timeout is used instead of
falling back to OS TCP-stack timeout that is
unreasonably long on some platforms.
Full runtime dependencies of ssl-10.9.1.6: crypto-5.0, erts-10.0,
inets-5.10.7, kernel-8.4, public_key-1.11.3, runtime_tools-1.15.1,
stdlib-4.1
---------------------------------------------------------------------
--- stdlib-4.3.1.5 --------------------------------------------------
---------------------------------------------------------------------
Note! The stdlib-4.3.1.5 application *cannot* be applied
independently of other applications on an arbitrary OTP 25
installation.
On a full OTP 25 installation, also the following runtime
dependencies have to be satisfied:
-- erts-13.1 (first satisfied in OTP 25.1)
-- kernel-8.5.1 (first satisfied in OTP 25.1.1)
--- Fixed Bugs and Malfunctions ---
OTP-19256 Application(s): stdlib
Related Id(s): PR-8780
With this change, sh...
OTP 26.2.5.4
Patch Package: OTP 26.2.5.4
Git Tag: OTP-26.2.5.4
Date: 2024-10-09
Trouble Report Id: OTP-19124, OTP-19158, OTP-19212, OTP-19217,
OTP-19221, OTP-19223, OTP-19235, OTP-19236,
OTP-19238, OTP-19246, OTP-19247, OTP-19249,
OTP-19251, OTP-19252, OTP-19254, OTP-19256,
OTP-19257, OTP-19258, OTP-19265, OTP-19266,
OTP-19267, OTP-19269, OTP-19270, OTP-19274,
OTP-19284
Seq num: ERIERL-1091, ERIERL-1093, ERIERL-1104,
ERIERL-1127, ERIERL-1131, ERIERL-1133,
ERIERL-1134, ERIERL-1137, ERIERL-1138,
GH-6455, GH-7550, GH-8223, GH-8562, GH-8769,
GH-8783, GH-8835, GH-8848, GH-8853,
OTP-18520, OTP-19061, PR-8226, PR-8261,
PR-8762, PR-8766, PR-8780, PR-8788, PR-8800,
PR-8801, PR-8831, PR-8837, PR-8854, PR-8858,
PR-8866, PR-8876, PR-8890, PR-8892, PR-8897,
PR-8898, PR-8901, PR-8909
System: OTP
Release: 26
Application: common_test-1.26.2.1, compiler-8.4.3.2,
crypto-5.4.2.2, erts-14.2.5.4, inets-9.1.0.1,
kernel-9.2.4.3, public_key-1.15.1.3,
ssh-5.1.4.3, ssl-11.1.4.4, stdlib-5.2.3.2,
xmerl-1.3.34.1
Predecessor: OTP 26.2.5.3
Check out the git tag OTP-26.2.5.4, and build a full OTP system
including documentation. Apply one or more applications from this
build as patches to your installation using the 'otp_patch_apply'
tool. For information on install requirements, see descriptions for
each application version below.
---------------------------------------------------------------------
--- POTENTIAL INCOMPATIBILITIES -------------------------------------
---------------------------------------------------------------------
OTP-19158 Application(s): inets
With this change, HTTP client, when returning an
asynchronous request, now correctly takes into account
`OptionRequest - full_result`
---------------------------------------------------------------------
--- common_test-1.26.2.1 --------------------------------------------
---------------------------------------------------------------------
The common_test-1.26.2.1 application can be applied independently of
other applications on a full OTP 26 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19252 Application(s): common_test
Related Id(s): PR-8858
With this change, HTML reports include jQuery version
3.7.1.
OTP-19265 Application(s): common_test
Related Id(s): PR-8876
With this change, jquery and tablesorter licenses are
added to COPYRIGHT file. Also tablesorter is updated to
version 2.32.
OTP-19284 Application(s): common_test
Related Id(s): ERIERL-1093, PR-8909
Fixed a bug where the sum of testcases' execution time
in HTML logs was sometimes miscalculated, and the table
was not fully printed.
Full runtime dependencies of common_test-1.26.2.1: compiler-6.0,
crypto-4.5, debugger-4.1, erts-7.0, ftp-1.0, inets-6.0, kernel-8.4,
observer-2.1, runtime_tools-1.8.16, sasl-2.5, snmp-5.1.2, ssh-4.0,
stdlib-4.0, syntax_tools-1.7, tools-3.2, xmerl-1.3.8
---------------------------------------------------------------------
--- compiler-8.4.3.2 ------------------------------------------------
---------------------------------------------------------------------
The compiler-8.4.3.2 application can be applied independently of
other applications on a full OTP 26 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19270 Application(s): compiler
Related Id(s): GH-8783, PR-8898
Fixed a bug where bogus code was generated for
consecutive calls to erlang:setelement/2, potentially
crashing the emulator.
Full runtime dependencies of compiler-8.4.3.2: crypto-5.1, erts-13.0,
kernel-8.4, stdlib-5.0
---------------------------------------------------------------------
--- crypto-5.4.2.2 --------------------------------------------------
---------------------------------------------------------------------
The crypto-5.4.2.2 application can be applied independently of other
applications on a full OTP 26 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19212 Application(s): crypto
Related Id(s): GH-8562, PR-8762
crypto built with --enable-fips will now accept an
OpenSSL 3 lib without fips provider as long as fips
mode is not enabled.
OTP-19223 Application(s): crypto
Related Id(s): GH-8769, PR-8800
crypto:strong_rand_bytes/2 fixed to work on Ubuntu pro
with installed FIPS support.
Full runtime dependencies of crypto-5.4.2.2: erts-9.0, kernel-5.3,
stdlib-3.9
---------------------------------------------------------------------
--- erts-14.2.5.4 ---------------------------------------------------
---------------------------------------------------------------------
The erts-14.2.5.4 application can be applied independently of other
applications on a full OTP 26 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19235 Application(s): erts, kernel
Related Id(s): ERIERL-1133, PR-8837
A bug has been fixed where receiving an SCTP message
with `gen_sctp` could waste the first fragments of a
message and only deliver the last fragment.
This happened with low probability when the OS signaled
that the socket was ready for reading in combination
with an internal time-out retry.
A bug has been fixed with a lingering time-out from
after an SCTP connect that could stop the flow of
incoming messages on an active `gen_tcp` socket.
OTP-19251 Application(s): erts
Related Id(s): GH-8853
On Windows, successive failed socket calls caused
socket to become "uninitialized".
OTP-19254 Application(s): erts
Related Id(s): GH-8848
The socket framework fails to start on a IPv6-only
Windows machine.
OTP-19258 Application(s): erts, kernel
Related Id(s): ERIERL-1134, OTP-19061
An boolean option `non_block_send` for SCTP, has ben
added to be able to achieve the old behaviour to avoid
blocking send operations by passing the OS network
stack error message (`{error,eagain}` through.
OTP-19267 Application(s): erts
Related Id(s): ERIERL-1138, GH-6455, PR-8892, OTP-18520
The call `gen_tcp:send/2` could hang indefinitely
despite having set the `send_timeout` option for the
following unfortunate combination of circumstances:
* The socket has to be in passive mode. * All output
buffers had to be filled util the `high_watermark` was
hit, causing the `gen_tcp:send/2` operation to block. *
While the send operation was blocked, a
`gen_tcp:recv/2,3` call had to be done from a different
process. It had to block, waiting for data for a while
before completing the operation, and the received
packet had to fill at least 75% of the receive buffer.
Under these circumstances he information that a send
operation was waiting got lost, so the send operation
that blocked in the first placed would never return.
The data it had would be sent, though, and send
operations from other processes, still work.
This bug has been fixed.
OTP-19269 Application(s): erts
Related Id(s): GH-8835, PR-8897
Fixed beam crash that could happen if resetting
call_time or call_memory trace counters of a function
while it is called. Bug exists since OTP R16.
Full runtime dependencies of erts-14.2.5.4: kernel-9.0, sasl-3.3,
stdlib-4.1
---------------------------------------------------------------------
--- inets-9.1.0.1 ---------------------------------------------------
---------------------------------------------------------------------
The inets-9.1.0.1 application can be applied independently of other
applications on a full OTP 26 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19158 Application(s): inets
*** POTENTIAL INCOMPATIBILITY ***
With this change, HTTP client, when returning an
asynchronous request, now correctly takes into account
`OptionRequest - full_result`
OTP-19221 Application(s): inets
Related Id(s): ERIERL-1091, PR-8788, PR-8801
With this change, synchronous httpc:request now
timeouts after `Timeout` specified in `HttpOption
{timeout, Timeout}`
Full runtime dependencies of inets-9.1.0.1: erts-14.0, kernel-9.0,
mnesia-4.12, public_key-1.13, runtime_tools-1.8.14, ssl-9.0,
stdlib-5.0, stdlib-5.0
---------------------------------------------------------------------
--- kernel-9.2.4.3 --------------------------------------------------
---------------------------------------------------------------------
The kernel-9.2.4.3 application can be applied ...
OTP 27.1.1
Patch Package: OTP 27.1.1
Git Tag: OTP-27.1.1
Date: 2024-09-30
Trouble Report Id: OTP-19227, OTP-19236, OTP-19238, OTP-19241,
OTP-19245, OTP-19251, OTP-19252, OTP-19254,
OTP-19256, OTP-19257
Seq num: #8848, #8853, ERIERL-1130, GH-8832, PR-8261,
PR-8780, PR-8809, PR-8836, PR-8858
System: OTP
Release: 27
Application: common_test-1.27.2, erts-15.1.1,
public_key-1.16.3, ssl-11.2.3, stdlib-6.1.1
Predecessor: OTP 27.1
Check out the git tag OTP-27.1.1, and build a full OTP system including
documentation. Apply one or more applications from this build as patches to your
installation using the 'otp_patch_apply' tool. For information on install
requirements, see descriptions for each application version below.
common_test-1.27.2
The common_test-1.27.2 application can be applied independently of other
applications on a full OTP 27 installation.
Fixed Bugs and Malfunctions
-
With this change, HTML reports include jQuery version 3.7.1.
Own Id: OTP-19252
Related Id(s): PR-8858
Full runtime dependencies of common_test-1.27.2
compiler-6.0, crypto-4.5, debugger-4.1, erts-7.0, ftp-1.0, inets-6.0,
kernel-8.4, observer-2.1, runtime_tools-1.8.16, sasl-2.5, snmp-5.1.2, ssh-4.0,
stdlib-4.0, syntax_tools-1.7, tools-3.2, xmerl-1.3.8
erts-15.1.1
The erts-15.1.1 application can be applied independently of other applications
on a full OTP 27 installation.
Fixed Bugs and Malfunctions
-
On Windows, successive failed socket calls caused socket to become
"uninitialized".Own Id: OTP-19251
Related Id(s): #8853 -
The socket framework fails to start on a IPv6-only Windows machine.
Own Id: OTP-19254
Related Id(s): #8848
Full runtime dependencies of erts-15.1.1
kernel-9.0, sasl-3.3, stdlib-4.1
public_key-1.16.3
The public_key-1.16.3 application can be applied independently of other
applications on a full OTP 27 installation.
Fixed Bugs and Malfunctions
-
Introduction of verify_fun/4 unfortunately introduced an argument switch for
some specific path validation errors so that verify_fun/3 could under these
circumstances be called with a DER cert instead of a decod cert, also in this
situation the verify_fun/4 would have the certificates in reverse order.Own Id: OTP-19245
Related Id(s): GH-8832
Improvements and New Features
-
Do not hide crypto badarg reason, this error handling enhancement facilitates
debugging. These kind of runtime errors are not documented and should never be
relied on for matching, they are intended for catching input errors early.Own Id: OTP-19238
Full runtime dependencies of public_key-1.16.3
asn1-3.0, crypto-4.6, erts-6.0, kernel-3.0, stdlib-3.5
ssl-11.2.3
Note! The ssl-11.2.3 application cannot be applied independently of other
applications on an arbitrary OTP 27 installation.
On a full OTP 27 installation, also the following runtime
dependency has to be satisfied:
-- public_key-1.16.2 (first satisfied in OTP 27.1)
Fixed Bugs and Malfunctions
-
Starting from TLS-1.3 some server handshake alerts might arrive after
ssl:connection/2,3,4 has returned. If the socket is in active mode the
controlling process will get the alert message, but passive sockets would only
get {error, closed} on next call to ssl:recv/2,3 or ssl/setopts/2. Passive
sockets calls will now return {error, error_alert()} instead.Own Id: OTP-19236
Related Id(s): PR-8261 -
Servers configured to support only version (pre TLS-1.2) should ignore hello
version extension, as it is an unknown extension to them, this will result in
that new clients that do not support the old server version will get an
insufficient security alert from the server and not a protocol version alert,
this is consistent with how old servers not able to support higher protocol
versions work.Own Id: OTP-19257
Full runtime dependencies of ssl-11.2.3
crypto-5.0, erts-15.0, inets-5.10.7, kernel-9.0, public_key-1.16.2,
runtime_tools-1.15.1, stdlib-6.0
stdlib-6.1.1
The stdlib-6.1.1 application can be applied independently of other applications
on a full OTP 27 installation.
Fixed Bugs and Malfunctions
-
Remove whitespace stripping of returned binaries in
json:decode/3.Own Id: OTP-19227
Related Id(s): ERIERL-1130, PR-8809 -
Fix
zip:unzip/2to not crash when extracting zip files with garbage in the
Zip64 extra header. This bug was introduced in Erlang 27.1 and has so far only
been seen on some archives creates by MS Excel.Own Id: OTP-19241
Related Id(s): PR-8836 -
With this change, shutdown procedure handles a race condition between
supervisor executing a shutdown and child process termination from other
reason.Own Id: OTP-19256
Related Id(s): PR-8780
Full runtime dependencies of stdlib-6.1.1
compiler-5.0, crypto-4.5, erts-15.0, kernel-10.0, sasl-3.0
Thanks to
Jakub Witczak
OTP 25.3.2.14
Patch Package: OTP 25.3.2.14
Git Tag: OTP-25.3.2.14
Date: 2024-09-19
Trouble Report Id: OTP-19170, OTP-19173, OTP-19179, OTP-19206,
OTP-19217
Seq num: ERIERL-1102, ERIERL-1104, GH-7746, PR-8310
System: OTP
Release: 25
Application: diameter-2.2.7.2, public_key-1.13.3.3,
ssh-4.15.3.6, xmerl-1.3.31.2
Predecessor: OTP 25.3.2.13
Check out the git tag OTP-25.3.2.14, and build a full OTP system
including documentation. Apply one or more applications from this
build as patches to your installation using the 'otp_patch_apply'
tool. For information on install requirements, see descriptions for
each application version below.
---------------------------------------------------------------------
--- diameter-2.2.7.2 ------------------------------------------------
---------------------------------------------------------------------
The diameter-2.2.7.2 application can be applied independently of
other applications on a full OTP 25 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19206 Application(s): diameter
Related Id(s): ERIERL-1102
`diameter:stop_service/1` has been made more
synchronous.
Full runtime dependencies of diameter-2.2.7.2: erts-10.0, kernel-3.2,
ssl-9.0, stdlib-3.0
---------------------------------------------------------------------
--- public_key-1.13.3.3 ---------------------------------------------
---------------------------------------------------------------------
The public_key-1.13.3.3 application can be applied independently of
other applications on a full OTP 25 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19179 Application(s): public_key
For completeness handle rsa_pss implicit default value,
although this will probably not be commonly used as it
provides very weak security.
Full runtime dependencies of public_key-1.13.3.3: asn1-3.0,
crypto-4.6, erts-6.0, kernel-3.0, stdlib-3.5
---------------------------------------------------------------------
--- ssh-4.15.3.6 ----------------------------------------------------
---------------------------------------------------------------------
The ssh-4.15.3.6 application can be applied independently of other
applications on a full OTP 25 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19170 Application(s): ssh
Related Id(s): GH-7746
The SSh daemon started with a TCP port number argument
will now re-try obtaining a listen socket before
returning an error to the user.
OTP-19173 Application(s): ssh
Related Id(s): PR-8310
Robustness has been improved by monitoring the
connection handler process before casting the socket
control notification.
Full runtime dependencies of ssh-4.15.3.6: crypto-5.0, erts-11.0,
kernel-6.0, public_key-1.6.1, runtime_tools-1.15.1, stdlib-3.15
---------------------------------------------------------------------
--- xmerl-1.3.31.2 --------------------------------------------------
---------------------------------------------------------------------
The xmerl-1.3.31.2 application can be applied independently of other
applications on a full OTP 25 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19217 Application(s): xmerl
Related Id(s): ERIERL-1104
Corrected export functions from internal structure to
XML so xmlText items of type cdata are handled
correctly. They were just exported as normal text
instead of output in a CDATA section.
Full runtime dependencies of xmerl-1.3.31.2: erts-6.0, kernel-3.0,
stdlib-2.5
---------------------------------------------------------------------
--- Thanks to -------------------------------------------------------
---------------------------------------------------------------------
jakob svenningsson
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------