diff options
Diffstat (limited to 'release-notes')
-rw-r--r-- | release-notes/OTP-28.0.1.README.txt | 231 |
1 files changed, 231 insertions, 0 deletions
diff --git a/release-notes/OTP-28.0.1.README.txt b/release-notes/OTP-28.0.1.README.txt new file mode 100644 index 0000000..7bd2ef0 --- /dev/null +++ b/release-notes/OTP-28.0.1.README.txt @@ -0,0 +1,231 @@ +Patch Package: OTP 28.0.1 +Git Tag: OTP-28.0.1 +Date: 2025-06-16 +Trouble Report Id: OTP-19634, OTP-19635, OTP-19637, OTP-19638, + OTP-19641, OTP-19644, OTP-19645, OTP-19650, + OTP-19653, OTP-19658, OTP-19662, OTP-19665, + OTP-19675, OTP-19676 +Seq num: CVE-2025-4748, ERIERL-1225, ERIERL-1235, + GH-6463, GH-9102, GH-9841, GH-9858, GH-9863, + GH-9872, PR-9103, PR-9691, PR-9838, PR-9846, + PR-9849, PR-9859, PR-9861, PR-9870, PR-9878, + PR-9880, PR-9892, PR-9905, PR-9926, PR-9941 +System: OTP +Release: 28 +Application: asn1-5.4.1, debugger-6.0.1, eldap-1.2.16, + erts-16.0.1, kernel-10.3.1, + public_key-1.18.1, ssh-5.3.1, ssl-11.3.1, + stdlib-7.0.1, xmerl-2.1.5 +Predecessor: OTP 28.0 + +Check out the git tag OTP-28.0.1, and build a full OTP system including +documentation. Apply one or more applications from this build as patches to your +installation using the 'otp_patch_apply' tool. For information on install +requirements, see descriptions for each application version below. + +# asn1-5.4.1 + +The asn1-5.4.1 application can be applied independently of other applications on +a full OTP 28 installation. + +## Fixed Bugs and Malfunctions + +- The ASN.1 compiler could generate code that would cause Dialyzer with the + `unmatched_returns` option to emit warnings. + + Own Id: OTP-19638 + Related Id(s): GH-9841, PR-9846 + +> #### Full runtime dependencies of asn1-5.4.1 +> +> erts-14.0, kernel-9.0, stdlib-5.0 + +# debugger-6.0.1 + +The debugger-6.0.1 application can be applied independently of other +applications on a full OTP 28 installation. + +## Fixed Bugs and Malfunctions + +- Restore deleted icon so that debugger does not crash on startup. + + Own Id: OTP-19641 + Related Id(s): GH-9858, PR-9861 + +> #### Full runtime dependencies of debugger-6.0.1 +> +> compiler-8.0, erts-15.0, kernel-10.0, stdlib-7.0, wx-2.0 + +# eldap-1.2.16 + +The eldap-1.2.16 application can be applied independently of other applications +on a full OTP 28 installation. + +## Fixed Bugs and Malfunctions + +- With this change eldap's 'not' function will have specs fixed. + + Own Id: OTP-19658 + Related Id(s): PR-9859 + +> #### Full runtime dependencies of eldap-1.2.16 +> +> asn1-3.0, erts-6.0, kernel-3.0, ssl-5.3.4, stdlib-3.4 + +# erts-16.0.1 + +The erts-16.0.1 application can be applied independently of other applications +on a full OTP 28 installation. + +## Fixed Bugs and Malfunctions + +- Fix Erlang to not crash when io:standard_error/0 is a terminal but + io:standard_io/0 is not. This bug has existed since Erlang/OTP 28.0 and only + effects Windows. + + Own Id: OTP-19650 + Related Id(s): GH-9872, PR-9878 + +- In a debug build, the BIFs for the native debugger could cause a lock order + violation diagnostic from the lock checker. + + Own Id: OTP-19665 + Related Id(s): PR-9926 + +- When building ERTS make sure correct `pcre2.h` file is included even if CFLAGS + contains extra include paths. + + Own Id: OTP-19675 + Related Id(s): PR-9892 + +> #### Full runtime dependencies of erts-16.0.1 +> +> kernel-9.0, sasl-3.3, stdlib-4.1 + +# kernel-10.3.1 + +The kernel-10.3.1 application can be applied independently of other applications +on a full OTP 28 installation. + +## Fixed Bugs and Malfunctions + +- Fix bug where calling io:setopts/1 in a shell without the `line_history` + option would always disable `line_history`. This bug was introduced in + Erlang/OTP 28.0. + + Own Id: OTP-19645 + Related Id(s): GH-9863, PR-9870 + +> #### Full runtime dependencies of kernel-10.3.1 +> +> crypto-5.0, erts-15.2.5, sasl-3.0, stdlib-6.0 + +# public_key-1.18.1 + +The public_key-1.18.1 application can be applied independently of other +applications on a full OTP 28 installation. + +## Fixed Bugs and Malfunctions + +- Add back some ASN-1 macros and definitions that should be included in API. + + Own Id: OTP-19644 + Related Id(s): PR-9880 + +> #### Full runtime dependencies of public_key-1.18.1 +> +> asn1-5.0, crypto-5.0, erts-13.0, kernel-8.0, stdlib-4.0 + +# ssh-5.3.1 + +The ssh-5.3.1 application can be applied independently of other applications on +a full OTP 28 installation. + +## Fixed Bugs and Malfunctions + +- Various channel closing robustness improvements. Avoid crashes when channel + handling process closes channel and immediately exits. Avoid breaking the + protocol by sending duplicated channel-close messages. Cleanup channels which + timeout during closing procedure. + + Own Id: OTP-19634 + Related Id(s): GH-9102, PR-9103 + +- Improved interoperability with clients acting as Paramiko. + + Own Id: OTP-19637 + Related Id(s): GH-6463, PR-9838 + +> #### Full runtime dependencies of ssh-5.3.1 +> +> crypto-5.0, erts-14.0, kernel-10.3, public_key-1.6.1, runtime_tools-1.15.1, +> stdlib-5.0, stdlib-6.0 + +# ssl-11.3.1 + +The ssl-11.3.1 application can be applied independently of other applications on +a full OTP 28 installation. + +## Fixed Bugs and Malfunctions + +- hs_keylog callback properly handle alert in initial states, where encryption + is not yet used. Also add keylog callback invocation for corner-case where + server alert is encrypted with application secrets as client is already in + connection state. + + Own Id: OTP-19635 + Related Id(s): ERIERL-1235, PR-9849 + +## Improvements and New Features + +- The documentation for SSL option `verify_fun` has been improved. + + Own Id: OTP-19676 + Related Id(s): PR-9691 + +> #### Full runtime dependencies of ssl-11.3.1 +> +> crypto-5.6, erts-16.0, inets-5.10.7, kernel-10.3, public_key-1.16.4, +> runtime_tools-1.15.1, stdlib-7.0 + +# stdlib-7.0.1 + +The stdlib-7.0.1 application can be applied independently of other applications +on a full OTP 28 installation. + +## Fixed Bugs and Malfunctions + +- Properly strip the leading `/` and drive letter from filepaths when zipping + and unzipping archives. + + Thanks to Wander Nauta for finding and responsibly disclosing this + vulnerability to the Erlang/OTP project. + + Own Id: OTP-19653 + Related Id(s): PR-9941, CVE-2025-4748 + +> #### Full runtime dependencies of stdlib-7.0.1 +> +> compiler-5.0, crypto-4.5, erts-16.0, kernel-10.0, sasl-3.0, syntax_tools-3.2.1 + +# xmerl-2.1.5 + +The xmerl-2.1.5 application can be applied independently of other applications +on a full OTP 28 installation. + +## Fixed Bugs and Malfunctions + +- The type specs of xmerl_scan:file/2 and xmerl_scan:string/2 has been + updated to return `dynamic/0`. Due to hook functions they can return any user + defined term. + + Own Id: OTP-19662 + Related Id(s): ERIERL-1225, PR-9905 + +> #### Full runtime dependencies of xmerl-2.1.5 +> +> erts-6.0, kernel-8.4, stdlib-2.5 + +# Thanks to + +Dan Janowski, Ilya Averyanov, Mikael Pettersson, Yaroslav Maslennikov
\ No newline at end of file |