diff options
Diffstat (limited to 'release-notes/OTP-26.2.5.13.README.txt')
| -rw-r--r-- | release-notes/OTP-26.2.5.13.README.txt | 143 |
1 files changed, 143 insertions, 0 deletions
diff --git a/release-notes/OTP-26.2.5.13.README.txt b/release-notes/OTP-26.2.5.13.README.txt new file mode 100644 index 0000000..a3ed17b --- /dev/null +++ b/release-notes/OTP-26.2.5.13.README.txt @@ -0,0 +1,143 @@ +Patch Package: OTP 26.2.5.13 +Git Tag: OTP-26.2.5.13 +Date: 2025-06-16 +Trouble Report Id: OTP-19634, OTP-19637, OTP-19638, OTP-19649, + OTP-19653, OTP-19667 +Seq num: CVE-2025-4748, GH-6463, GH-9102, GH-9771, + GH-9841, PR-9103, PR-9838, PR-9846, PR-9898, + PR-9912, PR-9941 +System: OTP +Release: 26 +Application: asn1-5.2.2.1, kernel-9.2.4.9, ssh-5.1.4.10, + stdlib-5.2.3.4 +Predecessor: OTP 26.2.5.12 + + Check out the git tag OTP-26.2.5.13, and build a full OTP system + including documentation. Apply one or more applications from this + build as patches to your installation using the 'otp_patch_apply' + tool. For information on install requirements, see descriptions for + each application version below. + + --------------------------------------------------------------------- + --- asn1-5.2.2.1 ---------------------------------------------------- + --------------------------------------------------------------------- + + The asn1-5.2.2.1 application can be applied independently of other + applications on a full OTP 26 installation. + + --- Fixed Bugs and Malfunctions --- + + OTP-19638 Application(s): asn1 + Related Id(s): GH-9841, PR-9846 + + The ASN.1 compiler could generate code that would cause + Dialyzer with the unmatched_returns option to emit + warnings. + + + Full runtime dependencies of asn1-5.2.2.1: erts-11.0, kernel-7.0, + stdlib-3.13 + + + --------------------------------------------------------------------- + --- kernel-9.2.4.9 -------------------------------------------------- + --------------------------------------------------------------------- + + The kernel-9.2.4.9 application can be applied independently of other + applications on a full OTP 26 installation. + + --- Fixed Bugs and Malfunctions --- + + OTP-19667 Application(s): kernel, stdlib + Related Id(s): PR-9912 + + A remote shell can now exit by closing the input + stream, without terminating the remote node. + + + Full runtime dependencies of kernel-9.2.4.9: crypto-5.0, erts-14.0, + sasl-3.0, stdlib-5.0 + + + --------------------------------------------------------------------- + --- ssh-5.1.4.10 ---------------------------------------------------- + --------------------------------------------------------------------- + + The ssh-5.1.4.10 application can be applied independently of other + applications on a full OTP 26 installation. + + --- Fixed Bugs and Malfunctions --- + + OTP-19634 Application(s): ssh + Related Id(s): GH-9102, PR-9103 + + Various channel closing robustness improvements. Avoid + crashes when channel handling process closes channel + and immediately exits. Avoid breaking the protocol by + sending duplicated channel-close messages. Cleanup + channels which timeout during closing procedure. + + + OTP-19637 Application(s): ssh + Related Id(s): GH-6463, PR-9838 + + Improved interoperability with clients acting as + Paramiko. + + + Full runtime dependencies of ssh-5.1.4.10: crypto-5.0, erts-14.0, + kernel-9.0, public_key-1.6.1, runtime_tools-1.15.1, stdlib-5.0, + stdlib-5.0 + + + --------------------------------------------------------------------- + --- stdlib-5.2.3.4 -------------------------------------------------- + --------------------------------------------------------------------- + + The stdlib-5.2.3.4 application can be applied independently of other + applications on a full OTP 26 installation. + + --- Fixed Bugs and Malfunctions --- + + OTP-19649 Application(s): stdlib + Related Id(s): GH-9771, PR-9898 + + It's now possible to write lists:map(fun is_atom/1, []) + or lists:map(fun my_func/1, []), in the shell, instead + of lists:map(fun erlang:is_atom/1, []) or lists:map(fun + shell_default:my_func/1, []). + + + OTP-19653 Application(s): stdlib + Related Id(s): PR-9941, CVE-2025-4748 + + Properly strip the leading / and drive letter from + filepaths when zipping and unzipping archives. + + Thanks to Wander Nauta for finding and responsibly + disclosing this vulnerability to the Erlang/OTP + project. + + + OTP-19667 Application(s): kernel, stdlib + Related Id(s): PR-9912 + + A remote shell can now exit by closing the input + stream, without terminating the remote node. + + + Full runtime dependencies of stdlib-5.2.3.4: compiler-5.0, + crypto-4.5, erts-13.1, kernel-9.0, sasl-3.0 + + + --------------------------------------------------------------------- + --- Thanks to ------------------------------------------------------- + --------------------------------------------------------------------- + + Yaroslav Maslennikov + + + --------------------------------------------------------------------- + --------------------------------------------------------------------- + --------------------------------------------------------------------- + |