1 files changed, 77 insertions, 0 deletions

diff --git a/release-notes/OTP-26.2.5.11.README.txt b/release-notes/OTP-26.2.5.11.README.txt
new file mode 100644
index 0000000..3b799fe
--- /dev/null
+++ b/release-notes/OTP-26.2.5.11.README.txt
@@ -0,0 +1,77 @@
+Patch Package:           OTP 26.2.5.11
+Git Tag:                 OTP-26.2.5.11
+Date:                    2025-04-16
+Trouble Report Id:       OTP-19496, OTP-19582, OTP-19595
+Seq num:                 CVE-2025-32433, GH-9190, PR-9463, PR-9679
+System:                  OTP
+Release:                 26
+Application:             ssh-5.1.4.8, xmerl-1.3.34.2
+Predecessor:             OTP 26.2.5.10
+
+ Check out the git tag OTP-26.2.5.11, and build a full OTP system
+ including documentation. Apply one or more applications from this
+ build as patches to your installation using the 'otp_patch_apply'
+ tool. For information on install requirements, see descriptions for
+ each application version below.
+
+ ---------------------------------------------------------------------
+ --- ssh-5.1.4.8 -----------------------------------------------------
+ ---------------------------------------------------------------------
+
+ The ssh-5.1.4.8 application can be applied independently of other
+ applications on a full OTP 26 installation.
+
+ --- Fixed Bugs and Malfunctions ---
+
+  OTP-19582    Application(s): ssh
+               Related Id(s): PR-9679
+
+               Reception of wrong Unicode does not cause unnecessary
+               processing. US-ASCII fields are not decoded as Unicode.
+
+
+  OTP-19595    Application(s): ssh
+               Related Id(s): CVE-2025-32433
+
+               SSH daemon disconnects upon receiving connection
+               protocol message for unauthenticated used.
+
+               Thanks to Fabian Bäumer, Marcel Maehren, Marcus
+               Brinkmann, Nurullah Erinola, Jörg Schwenk (Ruhr
+               University Bochum).
+
+
+ Full runtime dependencies of ssh-5.1.4.8: crypto-5.0, erts-14.0,
+ kernel-9.0, public_key-1.6.1, runtime_tools-1.15.1, stdlib-5.0,
+ stdlib-5.0
+
+
+ ---------------------------------------------------------------------
+ --- xmerl-1.3.34.2 --------------------------------------------------
+ ---------------------------------------------------------------------
+
+ The xmerl-1.3.34.2 application can be applied independently of other
+ applications on a full OTP 26 installation.
+
+ --- Fixed Bugs and Malfunctions ---
+
+  OTP-19496    Application(s): xmerl
+               Related Id(s): GH-9190, PR-9463
+
+               Some old-style catch expressions in the
+               xmerl_sax_parser when the continuation fun was called
+               caused the stack to grow until all free memory was
+               exhausted. These parts have been rewritten so that the
+               parser now runs correctly without growing the stack. At
+               the same time all old-style catch expressions in xmerl
+               were replaced with try/catch.
+
+
+ Full runtime dependencies of xmerl-1.3.34.2: erts-6.0, kernel-8.4,
+ stdlib-2.5
+
+
+ ---------------------------------------------------------------------
+ ---------------------------------------------------------------------
+ ---------------------------------------------------------------------
+