OTP-22.3.4.27

2 files changed, 147 insertions, 2 deletions

diff --git a/early-plugins.mk b/early-plugins.mk
index d331328..008285b 100644
--- a/early-plugins.mk
+++ b/early-plugins.mk
@@ -16,7 +16,7 @@ OTP-18 := OTP-18.0.3 OTP-18.1.5 OTP-18.2.4 OTP-18.3.4.11
 OTP-19 := OTP-19.0.7 OTP-19.1.6 OTP-19.2.3 OTP-19.3.6.13
 OTP-20 := OTP-20.0.5 OTP-20.1.7 OTP-20.2.4 OTP-20.3.8.26
 OTP-21 := OTP-21.0.9 OTP-21.1.4 OTP-21.2.7 OTP-21.3.8.24
-OTP-22 := OTP-22.0.7 OTP-22.1.8 OTP-22.2.8 OTP-22.3.4.26
+OTP-22 := OTP-22.0.7 OTP-22.1.8 OTP-22.2.8 OTP-22.3.4.27
 OTP-23 := OTP-23.0.4 OTP-23.1.5 OTP-23.2.7.3 OTP-23.3.4.20
 OTP-24 := OTP-24.0.6 OTP-24.1.7 OTP-24.2.2 OTP-24.3.4.16
 OTP-25 := OTP-25.0.4 OTP-25.1.2.1 OTP-25.2.3 OTP-25.3.2.10
@@ -101,7 +101,7 @@ OTP-22-DROPPED := OTP-22.0-rc1 OTP-22.0-rc2 OTP-22.0-rc3 OTP-22.0 \
 	OTP-22.3.4.4 OTP-22.3.4.5 OTP-22.3.4.8 OTP-22.3.4.9 OTP-22.3.4.10 \
 	OTP-22.3.4.11 OTP-22.3.4.12 OTP-22.3.4.13 OTP-22.3.4.15 OTP-22.3.4.17 \
 	OTP-22.3.4.18 OTP-22.3.4.19 OTP-22.3.4.20 OTP-22.3.4.21 OTP-22.3.4.22 \
-	OTP-22.3.4.23 OTP-22.3.4.24 OTP-22.3.4.25
+	OTP-22.3.4.23 OTP-22.3.4.24 OTP-22.3.4.25 OTP-22.3.4.26
 OTP-23-DROPPED := OTP-23.0-rc1 OTP-23.0-rc2 OTP-23.0-rc3 OTP-23.0 OTP-23.0.1 \
 	OTP-23.0.2 OTP-23.0.3 OTP-23.1 OTP-23.1.1 OTP-23.1.2 OTP-23.1.3 OTP-23.1.4 \
 	OTP-23.2 OTP-23.2.1 OTP-23.2.3 OTP-23.2.4 OTP-23.3.1 OTP-23.3.2 OTP-23.2.7.2 \
diff --git a/release-notes/OTP-22.3.4.27.README.txt b/release-notes/OTP-22.3.4.27.README.txt
new file mode 100644
index 0000000..3fc578b
--- /dev/null
+++ b/release-notes/OTP-22.3.4.27.README.txt
@@ -0,0 +1,145 @@
+Patch Package:           OTP 22.3.4.27
+Git Tag:                 OTP-22.3.4.27
+Date:                    2024-03-18
+Trouble Report Id:       OTP-18169, OTP-18170, OTP-18175, OTP-18197,
+                         OTP-18258, OTP-18897, OTP-19002
+Seq num:                 ERIERL-1041, GH-6165, GH-6309, PR-6134,
+                         PR-6135, PR-6142, PR-6213, PR-6324
+System:                  OTP
+Release:                 22
+Application:             erts-10.7.2.19, ssh-4.9.1.5
+Predecessor:             OTP 22.3.4.26
+
+ Check out the git tag OTP-22.3.4.27, and build a full OTP system
+ including documentation. Apply one or more applications from this
+ build as patches to your installation using the 'otp_patch_apply'
+ tool. For information on install requirements, see descriptions for
+ each application version below.
+
+ ---------------------------------------------------------------------
+ --- POTENTIAL INCOMPATIBILITIES -------------------------------------
+ ---------------------------------------------------------------------
+
+  OTP-18897    Application(s): ssh
+
+               With this change (being response to CVE-2023-48795),
+               ssh can negotiate "strict KEX" OpenSSH extension with
+               peers supporting it; also
+               '[email protected]' algorithm becomes a
+               less preferred cipher.
+
+               If strict KEX availability cannot be ensured on both
+               connection sides, affected encryption modes(CHACHA and
+               CBC) can be disabled with standard ssh configuration.
+               This will provide protection against vulnerability, but
+               at a cost of affecting interoperability. See
+               Configuring algorithms in SSH User's Guide.
+
+
+ ---------------------------------------------------------------------
+ --- erts-10.7.2.19 --------------------------------------------------
+ ---------------------------------------------------------------------
+
+ Note! The erts-10.7.2.19 application *cannot* be applied
+       independently of other applications on an arbitrary OTP 22
+       installation.
+
+       On a full OTP 22 installation, also the following runtime
+       dependency has to be satisfied:
+       -- kernel-6.5.2.5 (first satisfied in OTP 22.3.4.25)
+
+
+ --- Fixed Bugs and Malfunctions ---
+
+  OTP-18169    Application(s): erts
+               Related Id(s): PR-6134
+
+               A race could cause process_info(Pid, message_queue_len)
+               on other processes to return invalid results.
+
+
+  OTP-18170    Application(s): erts
+               Related Id(s): PR-6135
+
+               Fixed reduction counting for handling process system
+               tasks.
+
+
+  OTP-18175    Application(s): erts
+               Related Id(s): PR-6142
+
+               Priority elevation of terminating processes did not
+               work which could cause execution of such processes to
+               be delayed.
+
+
+  OTP-18197    Application(s): erts
+               Related Id(s): GH-6165, PR-6213
+
+               The erlang:monotonic_time/1, erlang:system_time/1,
+               erlang:time_offset/1, and os:system_time/1 BIFs
+               erroneously failed when passed the argument native.
+
+
+  OTP-18258    Application(s): erts
+               Related Id(s): GH-6309, PR-6324
+
+               Notifications about available distribution data sent to
+               distribution controller processes could be lost.
+               Distribution controller processes can be used when
+               implementing an alternative distribution carrier. The
+               default distribution over tcp was not effected and the
+               bug was also not present on x86/x86_64 platforms.
+
+
+ Full runtime dependencies of erts-10.7.2.19: kernel-6.5.2.5,
+ sasl-3.3, stdlib-3.5
+
+
+ ---------------------------------------------------------------------
+ --- ssh-4.9.1.5 -----------------------------------------------------
+ ---------------------------------------------------------------------
+
+ Note! The ssh-4.9.1.5 application *cannot* be applied independently
+       of other applications on an arbitrary OTP 22 installation.
+
+       On a full OTP 22 installation, also the following runtime
+       dependency has to be satisfied:
+       -- crypto-4.6.4 (first satisfied in OTP 22.2.2)
+
+
+ --- Fixed Bugs and Malfunctions ---
+
+  OTP-18897    Application(s): ssh
+
+               *** POTENTIAL INCOMPATIBILITY ***
+
+               With this change (being response to CVE-2023-48795),
+               ssh can negotiate "strict KEX" OpenSSH extension with
+               peers supporting it; also
+               '[email protected]' algorithm becomes a
+               less preferred cipher.
+
+               If strict KEX availability cannot be ensured on both
+               connection sides, affected encryption modes(CHACHA and
+               CBC) can be disabled with standard ssh configuration.
+               This will provide protection against vulnerability, but
+               at a cost of affecting interoperability. See
+               Configuring algorithms in SSH User's Guide.
+
+
+  OTP-19002    Application(s): ssh
+               Related Id(s): ERIERL-1041
+
+               With this change, KEX strict terminal message is
+               emitted with debug verbosity.
+
+
+ Full runtime dependencies of ssh-4.9.1.5: crypto-4.6.4, erts-9.0,
+ kernel-5.3, public_key-1.6.1, stdlib-3.4.1
+
+
+ ---------------------------------------------------------------------
+ ---------------------------------------------------------------------
+ ---------------------------------------------------------------------
+