aboutsummaryrefslogtreecommitdiffstats
path: root/release-notes/OTP-24.3.4.15.README.txt
diff options
context:
space:
mode:
Diffstat (limited to 'release-notes/OTP-24.3.4.15.README.txt')
-rw-r--r--release-notes/OTP-24.3.4.15.README.txt218
1 files changed, 218 insertions, 0 deletions
diff --git a/release-notes/OTP-24.3.4.15.README.txt b/release-notes/OTP-24.3.4.15.README.txt
new file mode 100644
index 0000000..8ef2b53
--- /dev/null
+++ b/release-notes/OTP-24.3.4.15.README.txt
@@ -0,0 +1,218 @@
+Patch Package: OTP 24.3.4.15
+Git Tag: OTP-24.3.4.15
+Date: 2023-12-18
+Trouble Report Id: OTP-18802, OTP-18830, OTP-18844, OTP-18850,
+ OTP-18869, OTP-18877, OTP-18885, OTP-18896,
+ OTP-18897, OTP-18899, OTP-18902
+Seq num: GH-7571, GH-7834, GH-7890
+System: OTP
+Release: 24
+Application: asn1-5.0.18.2, erl_interface-5.2.2.1,
+ erts-12.3.2.15, mnesia-4.20.4.4, ssh-4.13.2.4
+Predecessor: OTP 24.3.4.14
+
+ Check out the git tag OTP-24.3.4.15, and build a full OTP system
+ including documentation. Apply one or more applications from this
+ build as patches to your installation using the 'otp_patch_apply'
+ tool. For information on install requirements, see descriptions for
+ each application version below.
+
+ ---------------------------------------------------------------------
+ --- POTENTIAL INCOMPATIBILITIES -------------------------------------
+ ---------------------------------------------------------------------
+
+ OTP-18897 Application(s): ssh
+
+ With this change (being response to CVE-2023-48795),
+ ssh can negotiate "strict KEX" OpenSSH extension with
+ peers supporting it; also
+ '[email protected]' algorithm becomes a
+ less preferred cipher.
+
+ If strict KEX availability cannot be ensured on both
+ connection sides, affected encryption modes(CHACHA and
+ CBC) can be disabled with standard ssh configuration.
+ This will provide protection against vulnerability, but
+ at a cost of affecting interoperability. See
+ Configuring algorithms in SSH.
+
+
+ ---------------------------------------------------------------------
+ --- OTP-24.3.4.15 ---------------------------------------------------
+ ---------------------------------------------------------------------
+
+ --- Improvements and New Features ---
+
+ OTP-18896 Application(s): otp
+
+ Updated copyright and license information.
+
+
+ ---------------------------------------------------------------------
+ --- asn1-5.0.18.2 ---------------------------------------------------
+ ---------------------------------------------------------------------
+
+ The asn1-5.0.18.2 application can be applied independently of other
+ applications on a full OTP 24 installation.
+
+ --- Fixed Bugs and Malfunctions ---
+
+ OTP-18844 Application(s): asn1
+
+ Fix benign warning from gcc 11 about mismatching call
+ to free().
+
+
+ Full runtime dependencies of asn1-5.0.18.2: erts-11.0, kernel-7.0,
+ stdlib-3.13
+
+
+ ---------------------------------------------------------------------
+ --- erl_interface-5.2.2.1 -------------------------------------------
+ ---------------------------------------------------------------------
+
+ The erl_interface-5.2.2.1 application can be applied independently of
+ other applications on a full OTP 24 installation.
+
+ --- Improvements and New Features ---
+
+ OTP-18877 Application(s): erl_interface, erts
+
+ Replaced old md5 implementation with an implementation
+ from OpenSSL.
+
+
+ ---------------------------------------------------------------------
+ --- erts-12.3.2.15 --------------------------------------------------
+ ---------------------------------------------------------------------
+
+ Note! The erts-12.3.2.15 application *cannot* be applied
+ independently of other applications on an arbitrary OTP 24
+ installation.
+
+ On a full OTP 24 installation, also the following runtime
+ dependency has to be satisfied:
+ -- kernel-8.3 (first satisfied in OTP 24.3)
+
+
+ --- Fixed Bugs and Malfunctions ---
+
+ OTP-18802 Application(s): erts
+
+ Fix faulty debug assert when page size is larger than
+ 16kb, like on PowerPC. Did crash debug VM directly at
+ start.
+
+
+ OTP-18885 Application(s): erts
+ Related Id(s): GH-7834, GH-7890, PR-7915
+
+ On OTP 24 and OTP 25, incoming distributed messages
+ larger than 64 KiB sent using an alias leaked memory if
+ the alias had been removed prior to entering the node.
+ This issue was not present on OTP 26.
+
+ Incoming distributed messages larger than 64 KiB sent
+ using an alias which had been removed on the receiving
+ node could crash the node. This crash was quite
+ unlikely on OTP 24 and OTP 25, but very likely on OTP
+ 26.
+
+ 'DOWN' signals with exit reason larger than 64 KiB
+ directed towards a process on a node with a not
+ matching creation leaked memory on the receiving node.
+ Such signals should however be very rare.
+
+
+ OTP-18902 Application(s): erts
+
+ Removed unnecessary PCRE source tar-ball.
+
+
+ --- Improvements and New Features ---
+
+ OTP-18830 Application(s): erts
+ Related Id(s): PR-7823
+
+ Removed unnecessary regexp library used when generating
+ yielding BIFs.
+
+
+ OTP-18877 Application(s): erl_interface, erts
+
+ Replaced old md5 implementation with an implementation
+ from OpenSSL.
+
+
+ OTP-18899 Application(s): erts
+
+ Removed unused makewhatis script.
+
+
+ Full runtime dependencies of erts-12.3.2.15: kernel-8.3, sasl-3.3,
+ stdlib-3.13
+
+
+ ---------------------------------------------------------------------
+ --- mnesia-4.20.4.4 -------------------------------------------------
+ ---------------------------------------------------------------------
+
+ The mnesia-4.20.4.4 application can be applied independently of other
+ applications on a full OTP 24 installation.
+
+ --- Fixed Bugs and Malfunctions ---
+
+ OTP-18850 Application(s): mnesia
+
+ mnesia:add_table_copy/3 no longer fails with reason
+ system_limit when the node is starting.
+
+
+ Full runtime dependencies of mnesia-4.20.4.4: erts-9.0, kernel-5.3,
+ stdlib-3.4
+
+
+ ---------------------------------------------------------------------
+ --- ssh-4.13.2.4 ----------------------------------------------------
+ ---------------------------------------------------------------------
+
+ The ssh-4.13.2.4 application can be applied independently of other
+ applications on a full OTP 24 installation.
+
+ --- Fixed Bugs and Malfunctions ---
+
+ OTP-18869 Application(s): ssh
+ Related Id(s): GH-7571, PR-7849
+
+ With this change, connection handler does not execute
+ socket operations until it becomes socket owner.
+ Previously errors could occur if connection handler
+ tried to work with socket whose owner exited.
+
+
+ OTP-18897 Application(s): ssh
+
+ *** POTENTIAL INCOMPATIBILITY ***
+
+ With this change (being response to CVE-2023-48795),
+ ssh can negotiate "strict KEX" OpenSSH extension with
+ peers supporting it; also
+ '[email protected]' algorithm becomes a
+ less preferred cipher.
+
+ If strict KEX availability cannot be ensured on both
+ connection sides, affected encryption modes(CHACHA and
+ CBC) can be disabled with standard ssh configuration.
+ This will provide protection against vulnerability, but
+ at a cost of affecting interoperability. See
+ Configuring algorithms in SSH.
+
+
+ Full runtime dependencies of ssh-4.13.2.4: crypto-5.0, erts-9.0,
+ kernel-5.3, public_key-1.6.1, runtime_tools-1.15.1, stdlib-3.15
+
+
+ ---------------------------------------------------------------------
+ ---------------------------------------------------------------------
+ ---------------------------------------------------------------------
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-01 05:08:42 +0000