OTP-28.0HEADmaster

2 files changed, 234 insertions, 2 deletions

diff --git a/early-plugins.mk b/early-plugins.mk
index 44569c9..846544b 100644
--- a/early-plugins.mk
+++ b/early-plugins.mk
@@ -22,7 +22,7 @@ OTP-24 := OTP-24.0.6 OTP-24.1.7 OTP-24.2.2 OTP-24.3.4.17
 OTP-25 := OTP-25.0.4 OTP-25.1.2.1 OTP-25.2.3 OTP-25.3.2.21
 OTP-26 := OTP-26.0.2 OTP-26.1.2 OTP-26.2.5.13
 OTP-27 := OTP-27.0.1 OTP-27.1.3 OTP-27.2.4 OTP-27.3.4.1
-OTP-28 := OTP-28.0
+OTP-28 := OTP-28.0.1
 
 OTP-18+ := $(OTP-18) $(OTP-19) $(OTP-20) $(OTP-21) $(OTP-22) $(OTP-23) $(OTP-24) $(OTP-25) $(OTP-26) $(OTP-27) $(OTP-28)
 OTP-19+ := $(OTP-19) $(OTP-20) $(OTP-21) $(OTP-22) $(OTP-23) $(OTP-24) $(OTP-25) $(OTP-26) $(OTP-27) $(OTP-28)
@@ -128,7 +128,8 @@ OTP-26-DROPPED := OTP-26.0-rc3 \
 	OTP-26.0 OTP-26.0.1 OTP-26.1 OTP-26.1.1 OTP-26.2 OTP-26.2.1 OTP-26.2.2 OTP-26.2.3 OTP-26.2.4 OTP-26.2.5 OTP-26.2.5.1 OTP-26.2.5.2 OTP-26.2.5.3 OTP-26.2.5.4 OTP-26.2.5.5 OTP-26.2.5.6 OTP-26.2.5.7 OTP-26.2.5.8 OTP-26.2.5.9 OTP-26.2.5.10 OTP-26.2.5.11 OTP-26.2.5.12
 OTP-27-DROPPED := OTP-27.0-rc1 OTP-27.0-rc2 \
 	OTP-27.1.2 OTP-27.2 OTP-27.2.1 OTP-27.2.2 OTP-27.2.3 OTP-27.3 OTP-27.3.1 OTP-27.3.2 OTP-27.3.3 OTP-27.3.4
-OTP-28-DROPPED := OTP-28.0-rc1 OTP-28.0-rc2 OTP-28.0-rc3 OTP-28.0-rc4
+OTP-28-DROPPED := OTP-28.0-rc1 OTP-28.0-rc2 OTP-28.0-rc3 OTP-28.0-rc4 \
+	OTP-28.0
 
 OTP-DROPPED := $(OTP-18-DROPPED) $(OTP-19-DROPPED) $(OTP-20-DROPPED) \
 	$(OTP-21-DROPPED) $(OTP-22-DROPPED) $(OTP-23-DROPPED) $(OTP-24-DROPPED) \
diff --git a/release-notes/OTP-28.0.1.README.txt b/release-notes/OTP-28.0.1.README.txt
new file mode 100644
index 0000000..7bd2ef0
--- /dev/null
+++ b/release-notes/OTP-28.0.1.README.txt
@@ -0,0 +1,231 @@
+Patch Package:           OTP 28.0.1
+Git Tag:                 OTP-28.0.1
+Date:                    2025-06-16
+Trouble Report Id:       OTP-19634, OTP-19635, OTP-19637, OTP-19638,
+                         OTP-19641, OTP-19644, OTP-19645, OTP-19650,
+                         OTP-19653, OTP-19658, OTP-19662, OTP-19665,
+                         OTP-19675, OTP-19676
+Seq num:                 CVE-2025-4748, ERIERL-1225, ERIERL-1235,
+                         GH-6463, GH-9102, GH-9841, GH-9858, GH-9863,
+                         GH-9872, PR-9103, PR-9691, PR-9838, PR-9846,
+                         PR-9849, PR-9859, PR-9861, PR-9870, PR-9878,
+                         PR-9880, PR-9892, PR-9905, PR-9926, PR-9941
+System:                  OTP
+Release:                 28
+Application:             asn1-5.4.1, debugger-6.0.1, eldap-1.2.16,
+                         erts-16.0.1, kernel-10.3.1,
+                         public_key-1.18.1, ssh-5.3.1, ssl-11.3.1,
+                         stdlib-7.0.1, xmerl-2.1.5
+Predecessor:             OTP 28.0
+
+Check out the git tag OTP-28.0.1, and build a full OTP system including
+documentation. Apply one or more applications from this build as patches to your
+installation using the 'otp_patch_apply' tool. For information on install
+requirements, see descriptions for each application version below.
+
+# asn1-5.4.1
+
+The asn1-5.4.1 application can be applied independently of other applications on
+a full OTP 28 installation.
+
+## Fixed Bugs and Malfunctions
+
+- The ASN.1 compiler could generate code that would cause Dialyzer with the
+  `unmatched_returns` option to emit warnings.
+
+  Own Id: OTP-19638
+  Related Id(s): GH-9841, PR-9846
+
+> #### Full runtime dependencies of asn1-5.4.1
+>
+> erts-14.0, kernel-9.0, stdlib-5.0
+
+# debugger-6.0.1
+
+The debugger-6.0.1 application can be applied independently of other
+applications on a full OTP 28 installation.
+
+## Fixed Bugs and Malfunctions
+
+- Restore deleted icon so that debugger does not crash on startup.
+
+  Own Id: OTP-19641
+  Related Id(s): GH-9858, PR-9861
+
+> #### Full runtime dependencies of debugger-6.0.1
+>
+> compiler-8.0, erts-15.0, kernel-10.0, stdlib-7.0, wx-2.0
+
+# eldap-1.2.16
+
+The eldap-1.2.16 application can be applied independently of other applications
+on a full OTP 28 installation.
+
+## Fixed Bugs and Malfunctions
+
+- With this change eldap's 'not' function will have specs fixed.
+
+  Own Id: OTP-19658
+  Related Id(s): PR-9859
+
+> #### Full runtime dependencies of eldap-1.2.16
+>
+> asn1-3.0, erts-6.0, kernel-3.0, ssl-5.3.4, stdlib-3.4
+
+# erts-16.0.1
+
+The erts-16.0.1 application can be applied independently of other applications
+on a full OTP 28 installation.
+
+## Fixed Bugs and Malfunctions
+
+- Fix Erlang to not crash when io:standard_error/0 is a terminal but
+  io:standard_io/0 is not. This bug has existed since Erlang/OTP 28.0 and only
+  effects Windows.
+
+  Own Id: OTP-19650
+  Related Id(s): GH-9872, PR-9878
+
+- In a debug build, the BIFs for the native debugger could cause a lock order
+  violation diagnostic from the lock checker.
+
+  Own Id: OTP-19665
+  Related Id(s): PR-9926
+
+- When building ERTS make sure correct `pcre2.h` file is included even if CFLAGS
+  contains extra include paths.
+
+  Own Id: OTP-19675
+  Related Id(s): PR-9892
+
+> #### Full runtime dependencies of erts-16.0.1
+>
+> kernel-9.0, sasl-3.3, stdlib-4.1
+
+# kernel-10.3.1
+
+The kernel-10.3.1 application can be applied independently of other applications
+on a full OTP 28 installation.
+
+## Fixed Bugs and Malfunctions
+
+- Fix bug where calling io:setopts/1 in a shell without the `line_history`
+  option would always disable `line_history`. This bug was introduced in
+  Erlang/OTP 28.0.
+
+  Own Id: OTP-19645
+  Related Id(s): GH-9863, PR-9870
+
+> #### Full runtime dependencies of kernel-10.3.1
+>
+> crypto-5.0, erts-15.2.5, sasl-3.0, stdlib-6.0
+
+# public_key-1.18.1
+
+The public_key-1.18.1 application can be applied independently of other
+applications on a full OTP 28 installation.
+
+## Fixed Bugs and Malfunctions
+
+- Add back some ASN-1 macros and definitions that should be included in API.
+
+  Own Id: OTP-19644
+  Related Id(s): PR-9880
+
+> #### Full runtime dependencies of public_key-1.18.1
+>
+> asn1-5.0, crypto-5.0, erts-13.0, kernel-8.0, stdlib-4.0
+
+# ssh-5.3.1
+
+The ssh-5.3.1 application can be applied independently of other applications on
+a full OTP 28 installation.
+
+## Fixed Bugs and Malfunctions
+
+- Various channel closing robustness improvements. Avoid crashes when channel
+  handling process closes channel and immediately exits. Avoid breaking the
+  protocol by sending duplicated channel-close messages. Cleanup channels which
+  timeout during closing procedure.
+
+  Own Id: OTP-19634
+  Related Id(s): GH-9102, PR-9103
+
+- Improved interoperability with clients acting as Paramiko.
+
+  Own Id: OTP-19637
+  Related Id(s): GH-6463, PR-9838
+
+> #### Full runtime dependencies of ssh-5.3.1
+>
+> crypto-5.0, erts-14.0, kernel-10.3, public_key-1.6.1, runtime_tools-1.15.1,
+> stdlib-5.0, stdlib-6.0
+
+# ssl-11.3.1
+
+The ssl-11.3.1 application can be applied independently of other applications on
+a full OTP 28 installation.
+
+## Fixed Bugs and Malfunctions
+
+- hs_keylog callback properly handle alert in initial states, where encryption
+  is not yet used. Also add keylog callback invocation for corner-case where
+  server alert is encrypted with application secrets as client is already in
+  connection state.
+
+  Own Id: OTP-19635
+  Related Id(s): ERIERL-1235, PR-9849
+
+## Improvements and New Features
+
+- The documentation for SSL option `verify_fun` has been improved.
+
+  Own Id: OTP-19676
+  Related Id(s): PR-9691
+
+> #### Full runtime dependencies of ssl-11.3.1
+>
+> crypto-5.6, erts-16.0, inets-5.10.7, kernel-10.3, public_key-1.16.4,
+> runtime_tools-1.15.1, stdlib-7.0
+
+# stdlib-7.0.1
+
+The stdlib-7.0.1 application can be applied independently of other applications
+on a full OTP 28 installation.
+
+## Fixed Bugs and Malfunctions
+
+- Properly strip the leading `/` and drive letter from filepaths when zipping
+  and unzipping archives.
+
+  Thanks to Wander Nauta for finding and responsibly disclosing this
+  vulnerability to the Erlang/OTP project.
+
+  Own Id: OTP-19653
+  Related Id(s): PR-9941, CVE-2025-4748
+
+> #### Full runtime dependencies of stdlib-7.0.1
+>
+> compiler-5.0, crypto-4.5, erts-16.0, kernel-10.0, sasl-3.0, syntax_tools-3.2.1
+
+# xmerl-2.1.5
+
+The xmerl-2.1.5 application can be applied independently of other applications
+on a full OTP 28 installation.
+
+## Fixed Bugs and Malfunctions
+
+- The type specs of xmerl_scan:file/2 and xmerl_scan:string/2 has been
+  updated to return `dynamic/0`. Due to hook functions they can return any user
+  defined term.
+
+  Own Id: OTP-19662
+  Related Id(s): ERIERL-1225, PR-9905
+
+> #### Full runtime dependencies of xmerl-2.1.5
+>
+> erts-6.0, kernel-8.4, stdlib-2.5
+
+# Thanks to
+
+Dan Janowski, Ilya Averyanov, Mikael Pettersson, Yaroslav Maslennikov
\ No newline at end of file