From 294eb77db8a37d5929cca0a0aa0eca10e7c4c61e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lo=C3=AFc=20Hoguin?= Date: Mon, 6 Apr 2020 15:23:55 +0200 Subject: OTP-22.3.1 --- early-plugins.mk | 4 +- release-notes/OTP-22.3.1.README.txt | 214 ++++++++++++++++++++++++++++++++++++ 2 files changed, 216 insertions(+), 2 deletions(-) create mode 100644 release-notes/OTP-22.3.1.README.txt diff --git a/early-plugins.mk b/early-plugins.mk index 6e2ada1..cd840b8 100644 --- a/early-plugins.mk +++ b/early-plugins.mk @@ -27,7 +27,7 @@ OTP-18 := OTP-18.0.3 OTP-18.1.5 OTP-18.2.4 OTP-18.3.4.11 OTP-19 := OTP-19.0.7 OTP-19.1.6 OTP-19.2.3 OTP-19.3.6.13 OTP-20 := OTP-20.0.5 OTP-20.1.7 OTP-20.2.4 OTP-20.3.8.26 OTP-21 := OTP-21.0.9 OTP-21.1.4 OTP-21.2.7 OTP-21.3.8.14 -OTP-22 := OTP-22.0.7 OTP-22.1.8 OTP-22.2.8 OTP-22.3 +OTP-22 := OTP-22.0.7 OTP-22.1.8 OTP-22.2.8 OTP-22.3.1 OTP-23 := OTP-23.0-rc2 OTP-18+ := $(OTP-18) $(OTP-19) $(OTP-20) $(OTP-21) $(OTP-22) $(OTP-23) @@ -82,7 +82,7 @@ OTP-22-DROPPED := OTP-22.0-rc1 OTP-22.0-rc2 OTP-22.0-rc3 OTP-22.0 \ OTP-22.0.1 OTP-22.0.2 OTP-22.0.3 OTP-22.0.4 OTP-22.0.5 OTP-22.0.6 \ OTP-22.1 OTP-22.1.1 OTP-22.1.2 OTP-22.1.3 OTP-22.1.4 OTP-22.1.5 \ OTP-22.1.6 OTP-22.1.7 OTP-22.2 OTP-22.2.1 OTP-22.2.2 OTP-22.2.3 \ - OTP-22.2.4 OTP-22.2.6 OTP-22.2.7 + OTP-22.2.4 OTP-22.2.6 OTP-22.2.7 OTP-22.3 OTP-23-DROPPED := OTP-23.0-rc1 OTP-DROPPED := $(OTP-18-DROPPED) $(OTP-19-DROPPED) $(OTP-20-DROPPED) \ diff --git a/release-notes/OTP-22.3.1.README.txt b/release-notes/OTP-22.3.1.README.txt new file mode 100644 index 0000000..887c630 --- /dev/null +++ b/release-notes/OTP-22.3.1.README.txt @@ -0,0 +1,214 @@ +Patch Package: OTP 22.3.1 +Git Tag: OTP-22.3.1 +Date: 2020-04-06 +Trouble Report Id: OTP-16553, OTP-16555, OTP-16556, OTP-16567, + OTP-16572, OTP-16574, OTP-16578, OTP-16580 +Seq num: ERIERL-481, ERIERL-482, ERL-1188, ERL-1199, + ERL-1205, ERL-1212 +System: OTP +Release: 22 +Application: compiler-7.5.4, erts-10.7.1, inets-7.1.3, + ssl-9.6.1, stdlib-3.12.1, xmerl-1.3.24 +Predecessor: OTP 22.3 + + Check out the git tag OTP-22.3.1, and build a full OTP system + including documentation. Apply one or more applications from this + build as patches to your installation using the 'otp_patch_apply' + tool. For information on install requirements, see descriptions for + each application version below. + + --------------------------------------------------------------------- + --- POTENTIAL INCOMPATIBILITIES ------------------------------------- + --------------------------------------------------------------------- + + OTP-16556 Application(s): inets + + Remove use of http_uri and mod_esi eval API. + + This is a backport from OTP 23 that improves the check + of URIs to ensure that invalid URIs does not cause + vulnerabilities. This will render the deprecated + mod_esi eval API unusable as it used URI that does not + conform to valid URI syntax. + + + --------------------------------------------------------------------- + --- OTP-22.3.1 ------------------------------------------------------ + --------------------------------------------------------------------- + + --- Fixed Bugs and Malfunctions --- + + OTP-16574 Application(s): otp + Related Id(s): ERL-1205 + + OTP would not build with Xcode 11.4 on macOS Catalina + (10.15). + + + --------------------------------------------------------------------- + --- compiler-7.5.4 -------------------------------------------------- + --------------------------------------------------------------------- + + The compiler-7.5.4 application can be applied independently of other + applications on a full OTP 22 installation. + + --- Fixed Bugs and Malfunctions --- + + OTP-16580 Application(s): compiler + Related Id(s): ERL-1212 + + Fixed a bug in the validator that could cause it to + reject valid code. + + + Full runtime dependencies of compiler-7.5.4: crypto-3.6, erts-9.0, + hipe-3.12, kernel-4.0, stdlib-2.5 + + + --------------------------------------------------------------------- + --- erts-10.7.1 ----------------------------------------------------- + --------------------------------------------------------------------- + + Note! The erts-10.7.1 application *cannot* be applied independently + of other applications on an arbitrary OTP 22 installation. + + On a full OTP 22 installation, also the following runtime + dependency has to be satisfied: + -- kernel-6.5.1 (first satisfied in OTP 22.2) + + + --- Fixed Bugs and Malfunctions --- + + OTP-16553 Application(s): erts, stdlib + + re:run(Subject, RE, [unicode]) returned nomatch instead + of failing with a badarg error exception when Subject + contained illegal utf8 and RE was passed as a binary. + This has been corrected along with corrections of + reduction counting in re:run() error cases. + + + OTP-16555 Application(s): erts + Related Id(s): ERL-1188 + + Fixed a bug that could cause the emulator to crash when + purging modules or persistent terms. + + + OTP-16572 Application(s): erts + Related Id(s): ERL-1199, OTP-16269 + + Fixed a bug in a receive optimization. This could cause + a receive not to match even though a matching message + was present in the message queue. This bug was + introduced in ERTS version 10.6 (OTP 22.2). + + + Full runtime dependencies of erts-10.7.1: kernel-6.5.1, sasl-3.3, + stdlib-3.5 + + + --------------------------------------------------------------------- + --- inets-7.1.3 ----------------------------------------------------- + --------------------------------------------------------------------- + + The inets-7.1.3 application can be applied independently of other + applications on a full OTP 22 installation. + + --- Fixed Bugs and Malfunctions --- + + OTP-16556 Application(s): inets + + *** POTENTIAL INCOMPATIBILITY *** + + Remove use of http_uri and mod_esi eval API. + + This is a backport from OTP 23 that improves the check + of URIs to ensure that invalid URIs does not cause + vulnerabilities. This will render the deprecated + mod_esi eval API unusable as it used URI that does not + conform to valid URI syntax. + + + Full runtime dependencies of inets-7.1.3: erts-6.0, kernel-3.0, + mnesia-4.12, runtime_tools-1.8.14, ssl-5.3.4, stdlib-3.5 + + + --------------------------------------------------------------------- + --- ssl-9.6.1 ------------------------------------------------------- + --------------------------------------------------------------------- + + Note! The ssl-9.6.1 application *cannot* be applied independently of + other applications on an arbitrary OTP 22 installation. + + On a full OTP 22 installation, also the following runtime + dependency has to be satisfied: + -- public_key-1.7.2 (first satisfied in OTP 22.3) + + + --- Fixed Bugs and Malfunctions --- + + OTP-16567 Application(s): ssl + Related Id(s): ERIERL-481 + + Correct error handling when the partial_chain fun + claims a certificate to be the trusted cert that is not + part of the chain. This bug would hide the appropriate + alert generating an "INTERNAL_ERROR" alert instead. + + + Full runtime dependencies of ssl-9.6.1: crypto-4.2, erts-10.0, + inets-5.10.7, kernel-6.0, public_key-1.7.2, stdlib-3.5 + + + --------------------------------------------------------------------- + --- stdlib-3.12.1 --------------------------------------------------- + --------------------------------------------------------------------- + + Note! The stdlib-3.12.1 application *cannot* be applied independently + of other applications on an arbitrary OTP 22 installation. + + On a full OTP 22 installation, also the following runtime + dependency has to be satisfied: + -- erts-10.7.1 (first satisfied in OTP 22.3.1) + + + --- Fixed Bugs and Malfunctions --- + + OTP-16553 Application(s): erts, stdlib + + re:run(Subject, RE, [unicode]) returned nomatch instead + of failing with a badarg error exception when Subject + contained illegal utf8 and RE was passed as a binary. + This has been corrected along with corrections of + reduction counting in re:run() error cases. + + + Full runtime dependencies of stdlib-3.12.1: compiler-5.0, crypto-3.3, + erts-10.7.1, kernel-6.0, sasl-3.0 + + + --------------------------------------------------------------------- + --- xmerl-1.3.24 ---------------------------------------------------- + --------------------------------------------------------------------- + + The xmerl-1.3.24 application can be applied independently of other + applications on a full OTP 22 installation. + + --- Fixed Bugs and Malfunctions --- + + OTP-16578 Application(s): xmerl + Related Id(s): ERIERL-482 + + Fix a performance problem when using internal general + references in XML content. + + + Full runtime dependencies of xmerl-1.3.24: erts-6.0, kernel-3.0, + stdlib-2.5 + + + --------------------------------------------------------------------- + --------------------------------------------------------------------- + --------------------------------------------------------------------- + -- cgit v1.2.3