OTP-24.3.4.15

2 files changed, 220 insertions, 2 deletions

diff --git a/early-plugins.mk b/early-plugins.mk
index c8a9457..5e760e9 100644
--- a/early-plugins.mk
+++ b/early-plugins.mk
@@ -18,7 +18,7 @@ OTP-20 := OTP-20.0.5 OTP-20.1.7 OTP-20.2.4 OTP-20.3.8.26
 OTP-21 := OTP-21.0.9 OTP-21.1.4 OTP-21.2.7 OTP-21.3.8.24
 OTP-22 := OTP-22.0.7 OTP-22.1.8 OTP-22.2.8 OTP-22.3.4.26
 OTP-23 := OTP-23.0.4 OTP-23.1.5 OTP-23.2.7.3 OTP-23.3.4.19
-OTP-24 := OTP-24.0.6 OTP-24.1.7 OTP-24.2.2 OTP-24.3.4.14
+OTP-24 := OTP-24.0.6 OTP-24.1.7 OTP-24.2.2 OTP-24.3.4.15
 OTP-25 := OTP-25.0.4 OTP-25.1.2.1 OTP-25.2.3 OTP-25.3.2.7
 OTP-26 := OTP-26.0.2 OTP-26.1.2 OTP-26.2
 
@@ -106,7 +106,7 @@ OTP-24-DROPPED := OTP-24.0-rc2 OTP-24.0-rc3 OTP-24.0 OTP-24.0.1 OTP-24.0.5 \
 	OTP-24.2 OTP-24.2.1 OTP-24.3 OTP-24.3.1 OTP-24.3.2 OTP-24.3.3 OTP-24.3.4 \
 	OTP-24.3.4.1 OTP-24.3.4.2 OTP-24.3.4.3 OTP-24.3.4.4 OTP-24.3.4.5 OTP-24.3.4.6 \
 	OTP-24.3.4.7 OTP-24.3.4.8 OTP-24.3.4.9 OTP-24.3.4.10 OTP-24.3.4.11 OTP-24.3.4.12 \
-	OTP-24.3.4.13
+	OTP-24.3.4.13 OTP-24.3.4.14
 OTP-25-DROPPED := OTP-25.0-rc1 OTP-25.0-rc2 OTP-25.0-rc3 OTP-25.0 \
 	OTP-25.0.1 OTP-25.0.2 OTP-25.0.3 OTP-25.1 OTP-25.1.1 OTP-25.1.2 OTP-25.2 \
 	OTP-25.2.1 OTP-25.2.2 OTP-25.3 OTP-25.3.1 OTP-25.3.2 OTP-25.3.2.1 OTP-25.3.2.2 \
diff --git a/release-notes/OTP-24.3.4.15.README.txt b/release-notes/OTP-24.3.4.15.README.txt
new file mode 100644
index 0000000..8ef2b53
--- /dev/null
+++ b/release-notes/OTP-24.3.4.15.README.txt
@@ -0,0 +1,218 @@
+Patch Package:           OTP 24.3.4.15
+Git Tag:                 OTP-24.3.4.15
+Date:                    2023-12-18
+Trouble Report Id:       OTP-18802, OTP-18830, OTP-18844, OTP-18850,
+                         OTP-18869, OTP-18877, OTP-18885, OTP-18896,
+                         OTP-18897, OTP-18899, OTP-18902
+Seq num:                 GH-7571, GH-7834, GH-7890
+System:                  OTP
+Release:                 24
+Application:             asn1-5.0.18.2, erl_interface-5.2.2.1,
+                         erts-12.3.2.15, mnesia-4.20.4.4, ssh-4.13.2.4
+Predecessor:             OTP 24.3.4.14
+
+ Check out the git tag OTP-24.3.4.15, and build a full OTP system
+ including documentation. Apply one or more applications from this
+ build as patches to your installation using the 'otp_patch_apply'
+ tool. For information on install requirements, see descriptions for
+ each application version below.
+
+ ---------------------------------------------------------------------
+ --- POTENTIAL INCOMPATIBILITIES -------------------------------------
+ ---------------------------------------------------------------------
+
+  OTP-18897    Application(s): ssh
+
+               With this change (being response to CVE-2023-48795),
+               ssh can negotiate "strict KEX" OpenSSH extension with
+               peers supporting it; also
+               '[email protected]' algorithm becomes a
+               less preferred cipher.
+
+               If strict KEX availability cannot be ensured on both
+               connection sides, affected encryption modes(CHACHA and
+               CBC) can be disabled with standard ssh configuration.
+               This will provide protection against vulnerability, but
+               at a cost of affecting interoperability. See
+               Configuring algorithms in SSH.
+
+
+ ---------------------------------------------------------------------
+ --- OTP-24.3.4.15 ---------------------------------------------------
+ ---------------------------------------------------------------------
+
+ --- Improvements and New Features ---
+
+  OTP-18896    Application(s): otp
+
+               Updated copyright and license information.
+
+
+ ---------------------------------------------------------------------
+ --- asn1-5.0.18.2 ---------------------------------------------------
+ ---------------------------------------------------------------------
+
+ The asn1-5.0.18.2 application can be applied independently of other
+ applications on a full OTP 24 installation.
+
+ --- Fixed Bugs and Malfunctions ---
+
+  OTP-18844    Application(s): asn1
+
+               Fix benign warning from gcc 11 about mismatching call
+               to free().
+
+
+ Full runtime dependencies of asn1-5.0.18.2: erts-11.0, kernel-7.0,
+ stdlib-3.13
+
+
+ ---------------------------------------------------------------------
+ --- erl_interface-5.2.2.1 -------------------------------------------
+ ---------------------------------------------------------------------
+
+ The erl_interface-5.2.2.1 application can be applied independently of
+ other applications on a full OTP 24 installation.
+
+ --- Improvements and New Features ---
+
+  OTP-18877    Application(s): erl_interface, erts
+
+               Replaced old md5 implementation with an implementation
+               from OpenSSL.
+
+
+ ---------------------------------------------------------------------
+ --- erts-12.3.2.15 --------------------------------------------------
+ ---------------------------------------------------------------------
+
+ Note! The erts-12.3.2.15 application *cannot* be applied
+       independently of other applications on an arbitrary OTP 24
+       installation.
+
+       On a full OTP 24 installation, also the following runtime
+       dependency has to be satisfied:
+       -- kernel-8.3 (first satisfied in OTP 24.3)
+
+
+ --- Fixed Bugs and Malfunctions ---
+
+  OTP-18802    Application(s): erts
+
+               Fix faulty debug assert when page size is larger than
+               16kb, like on PowerPC. Did crash debug VM directly at
+               start.
+
+
+  OTP-18885    Application(s): erts
+               Related Id(s): GH-7834, GH-7890, PR-7915
+
+               On OTP 24 and OTP 25, incoming distributed messages
+               larger than 64 KiB sent using an alias leaked memory if
+               the alias had been removed prior to entering the node.
+               This issue was not present on OTP 26.
+
+               Incoming distributed messages larger than 64 KiB sent
+               using an alias which had been removed on the receiving
+               node could crash the node. This crash was quite
+               unlikely on OTP 24 and OTP 25, but very likely on OTP
+               26.
+
+               'DOWN' signals with exit reason larger than 64 KiB
+               directed towards a process on a node with a not
+               matching creation leaked memory on the receiving node.
+               Such signals should however be very rare.
+
+
+  OTP-18902    Application(s): erts
+
+               Removed unnecessary PCRE source tar-ball.
+
+
+ --- Improvements and New Features ---
+
+  OTP-18830    Application(s): erts
+               Related Id(s): PR-7823
+
+               Removed unnecessary regexp library used when generating
+               yielding BIFs.
+
+
+  OTP-18877    Application(s): erl_interface, erts
+
+               Replaced old md5 implementation with an implementation
+               from OpenSSL.
+
+
+  OTP-18899    Application(s): erts
+
+               Removed unused makewhatis script.
+
+
+ Full runtime dependencies of erts-12.3.2.15: kernel-8.3, sasl-3.3,
+ stdlib-3.13
+
+
+ ---------------------------------------------------------------------
+ --- mnesia-4.20.4.4 -------------------------------------------------
+ ---------------------------------------------------------------------
+
+ The mnesia-4.20.4.4 application can be applied independently of other
+ applications on a full OTP 24 installation.
+
+ --- Fixed Bugs and Malfunctions ---
+
+  OTP-18850    Application(s): mnesia
+
+               mnesia:add_table_copy/3 no longer fails with reason
+               system_limit when the node is starting.
+
+
+ Full runtime dependencies of mnesia-4.20.4.4: erts-9.0, kernel-5.3,
+ stdlib-3.4
+
+
+ ---------------------------------------------------------------------
+ --- ssh-4.13.2.4 ----------------------------------------------------
+ ---------------------------------------------------------------------
+
+ The ssh-4.13.2.4 application can be applied independently of other
+ applications on a full OTP 24 installation.
+
+ --- Fixed Bugs and Malfunctions ---
+
+  OTP-18869    Application(s): ssh
+               Related Id(s): GH-7571, PR-7849
+
+               With this change, connection handler does not execute
+               socket operations until it becomes socket owner.
+               Previously errors could occur if connection handler
+               tried to work with socket whose owner exited.
+
+
+  OTP-18897    Application(s): ssh
+
+               *** POTENTIAL INCOMPATIBILITY ***
+
+               With this change (being response to CVE-2023-48795),
+               ssh can negotiate "strict KEX" OpenSSH extension with
+               peers supporting it; also
+               '[email protected]' algorithm becomes a
+               less preferred cipher.
+
+               If strict KEX availability cannot be ensured on both
+               connection sides, affected encryption modes(CHACHA and
+               CBC) can be disabled with standard ssh configuration.
+               This will provide protection against vulnerability, but
+               at a cost of affecting interoperability. See
+               Configuring algorithms in SSH.
+
+
+ Full runtime dependencies of ssh-4.13.2.4: crypto-5.0, erts-9.0,
+ kernel-5.3, public_key-1.6.1, runtime_tools-1.15.1, stdlib-3.15
+
+
+ ---------------------------------------------------------------------
+ ---------------------------------------------------------------------
+ ---------------------------------------------------------------------
+