OTP-25.3.2.18

2 files changed, 100 insertions, 2 deletions

diff --git a/early-plugins.mk b/early-plugins.mk
index 99af037..e82dc45 100644
--- a/early-plugins.mk
+++ b/early-plugins.mk
@@ -19,7 +19,7 @@ OTP-21 := OTP-21.0.9 OTP-21.1.4 OTP-21.2.7 OTP-21.3.8.24
 OTP-22 := OTP-22.0.7 OTP-22.1.8 OTP-22.2.8 OTP-22.3.4.27
 OTP-23 := OTP-23.0.4 OTP-23.1.5 OTP-23.2.7.3 OTP-23.3.4.20
 OTP-24 := OTP-24.0.6 OTP-24.1.7 OTP-24.2.2 OTP-24.3.4.17
-OTP-25 := OTP-25.0.4 OTP-25.1.2.1 OTP-25.2.3 OTP-25.3.2.17
+OTP-25 := OTP-25.0.4 OTP-25.1.2.1 OTP-25.2.3 OTP-25.3.2.18
 OTP-26 := OTP-26.0.2 OTP-26.1.2 OTP-26.2.5.9
 OTP-27 := OTP-27.0.1 OTP-27.1.3 OTP-27.2.4
 OTP-28 := OTP-28.0-rc1
@@ -123,7 +123,7 @@ OTP-24-DROPPED := OTP-24.0-rc2 OTP-24.0-rc3 OTP-24.0 OTP-24.0.1 OTP-24.0.5 \
 OTP-25-DROPPED := OTP-25.0-rc1 OTP-25.0-rc2 OTP-25.0-rc3 OTP-25.0 \
 	OTP-25.0.1 OTP-25.0.2 OTP-25.0.3 OTP-25.1 OTP-25.1.1 OTP-25.1.2 OTP-25.2 \
 	OTP-25.2.1 OTP-25.2.2 OTP-25.3 OTP-25.3.1 OTP-25.3.2 OTP-25.3.2.1 OTP-25.3.2.2 \
-	OTP-25.3.2.3 OTP-25.3.2.4 OTP-25.3.2.5 OTP-25.3.2.6 OTP-25.3.2.7 OTP-25.3.2.8 OTP-25.3.2.9 OTP-25.3.2.10 OTP-25.3.2.11 OTP-25.3.2.12 OTP-25.3.2.13 OTP-25.3.2.14 OTP-25.3.2.15 OTP-25.3.2.16
+	OTP-25.3.2.3 OTP-25.3.2.4 OTP-25.3.2.5 OTP-25.3.2.6 OTP-25.3.2.7 OTP-25.3.2.8 OTP-25.3.2.9 OTP-25.3.2.10 OTP-25.3.2.11 OTP-25.3.2.12 OTP-25.3.2.13 OTP-25.3.2.14 OTP-25.3.2.15 OTP-25.3.2.16 OTP-25.3.2.17
 OTP-26-DROPPED := OTP-26.0-rc3 \
 	OTP-26.0 OTP-26.0.1 OTP-26.1 OTP-26.1.1 OTP-26.2 OTP-26.2.1 OTP-26.2.2 OTP-26.2.3 OTP-26.2.4 OTP-26.2.5 OTP-26.2.5.1 OTP-26.2.5.2 OTP-26.2.5.3 OTP-26.2.5.4 OTP-26.2.5.5 OTP-26.2.5.6 OTP-26.2.5.7 OTP-26.2.5.8
 OTP-27-DROPPED := OTP-27.0-rc1 OTP-27.0-rc2 \
diff --git a/release-notes/OTP-25.3.2.18.README.txt b/release-notes/OTP-25.3.2.18.README.txt
new file mode 100644
index 0000000..a1818a7
--- /dev/null
+++ b/release-notes/OTP-25.3.2.18.README.txt
@@ -0,0 +1,98 @@
+Patch Package:           OTP 25.3.2.18
+Git Tag:                 OTP-25.3.2.18
+Date:                    2025-02-20
+Trouble Report Id:       OTP-19240, OTP-19466, OTP-19495
+Seq num:                 CVE-2025-26618, ERIERL-1173, GH-8208,
+                         GH-9208, PR-8209, PR-9286
+System:                  OTP
+Release:                 25
+Application:             erts-13.2.2.14, public_key-1.13.3.6,
+                         ssh-4.15.3.10
+Predecessor:             OTP 25.3.2.17
+
+ Check out the git tag OTP-25.3.2.18, and build a full OTP system
+ including documentation. Apply one or more applications from this
+ build as patches to your installation using the 'otp_patch_apply'
+ tool. For information on install requirements, see descriptions for
+ each application version below.
+
+ ---------------------------------------------------------------------
+ --- erts-13.2.2.14 --------------------------------------------------
+ ---------------------------------------------------------------------
+
+ Note! The erts-13.2.2.14 application *cannot* be applied
+       independently of other applications on an arbitrary OTP 25
+       installation.
+
+       On a full OTP 25 installation, also the following runtime
+       dependencies have to be satisfied:
+       -- kernel-8.5 (first satisfied in OTP 25.1)
+       -- stdlib-4.1 (first satisfied in OTP 25.1)
+
+
+ --- Fixed Bugs and Malfunctions ---
+
+  OTP-19495    Application(s): erts
+               Related Id(s): GH-8208, PR-8209
+
+               Fixed BEAM crash when a custom thread sends a large map
+               (>128 keys) externally encoded with for example
+               erl_drv_send_term().
+
+
+ Full runtime dependencies of erts-13.2.2.14: kernel-8.5, sasl-3.3,
+ stdlib-4.1
+
+
+ ---------------------------------------------------------------------
+ --- public_key-1.13.3.6 ---------------------------------------------
+ ---------------------------------------------------------------------
+
+ The public_key-1.13.3.6 application can be applied independently of
+ other applications on a full OTP 25 installation.
+
+ --- Fixed Bugs and Malfunctions ---
+
+  OTP-19240    Application(s): public_key
+               Related Id(s): GH-9208, PR-9286
+
+               Consider keyCertSign to compatible with extended key
+               usage for TLS client/server auth in CAs, adhere to wide
+               spread implementations
+
+
+ Full runtime dependencies of public_key-1.13.3.6: asn1-3.0,
+ crypto-4.6, erts-6.0, kernel-3.0, stdlib-3.5
+
+
+ ---------------------------------------------------------------------
+ --- ssh-4.15.3.10 ---------------------------------------------------
+ ---------------------------------------------------------------------
+
+ The ssh-4.15.3.10 application can be applied independently of other
+ applications on a full OTP 25 installation.
+
+ --- Fixed Bugs and Malfunctions ---
+
+  OTP-19466    Application(s): ssh
+               Related Id(s): ERIERL-1173, CVE-2025-26618
+
+               SFTP packets exceeding max packet size are not
+               processed and dropped.
+
+
+ Full runtime dependencies of ssh-4.15.3.10: crypto-5.0, erts-11.0,
+ kernel-6.0, public_key-1.6.1, runtime_tools-1.15.1, stdlib-3.15
+
+
+ ---------------------------------------------------------------------
+ --- Thanks to -------------------------------------------------------
+ ---------------------------------------------------------------------
+
+ Simon Cornish
+
+
+ ---------------------------------------------------------------------
+ ---------------------------------------------------------------------
+ ---------------------------------------------------------------------
+