From 4b96e002b23389593f0ce07d695b87ba2c09b417 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lo=C3=AFc=20Hoguin?= Date: Mon, 9 Jan 2023 13:56:07 +0100 Subject: OTP-25.1 --- early-plugins.mk | 2 +- release-notes/OTP-25.1.README.txt | 1364 +++++++++++++++++++++++++++++++++++++ 2 files changed, 1365 insertions(+), 1 deletion(-) create mode 100644 release-notes/OTP-25.1.README.txt diff --git a/early-plugins.mk b/early-plugins.mk index c8fef72..90bb449 100644 --- a/early-plugins.mk +++ b/early-plugins.mk @@ -19,7 +19,7 @@ OTP-21 := OTP-21.0.9 OTP-21.1.4 OTP-21.2.7 OTP-21.3.8.24 OTP-22 := OTP-22.0.7 OTP-22.1.8 OTP-22.2.8 OTP-22.3.4.26 OTP-23 := OTP-23.0.4 OTP-23.1.5 OTP-23.2.7.3 OTP-23.3.4.18 OTP-24 := OTP-24.0.6 OTP-24.1.7 OTP-24.2.2 OTP-24.3.4.7 -OTP-25 := OTP-25.0.4 +OTP-25 := OTP-25.0.4 OTP-25.1 OTP-18+ := $(OTP-18) $(OTP-19) $(OTP-20) $(OTP-21) $(OTP-22) $(OTP-23) $(OTP-24) $(OTP-25) OTP-19+ := $(OTP-19) $(OTP-20) $(OTP-21) $(OTP-22) $(OTP-23) $(OTP-24) $(OTP-25) diff --git a/release-notes/OTP-25.1.README.txt b/release-notes/OTP-25.1.README.txt new file mode 100644 index 0000000..efa5649 --- /dev/null +++ b/release-notes/OTP-25.1.README.txt @@ -0,0 +1,1364 @@ +Patch Package: OTP 25.1 +Git Tag: OTP-25.1 +Date: 2022-09-21 +Trouble Report Id: OTP-17115, OTP-17340, OTP-17934, OTP-18032, + OTP-18037, OTP-18044, OTP-18050, OTP-18091, + OTP-18093, OTP-18099, OTP-18102, OTP-18104, + OTP-18107, OTP-18109, OTP-18115, OTP-18118, + OTP-18121, OTP-18125, OTP-18127, OTP-18133, + OTP-18134, OTP-18138, OTP-18139, OTP-18142, + OTP-18144, OTP-18146, OTP-18147, OTP-18148, + OTP-18151, OTP-18152, OTP-18153, OTP-18154, + OTP-18160, OTP-18161, OTP-18162, OTP-18163, + OTP-18165, OTP-18166, OTP-18171, OTP-18172, + OTP-18178, OTP-18179, OTP-18180, OTP-18181, + OTP-18182, OTP-18183, OTP-18184, OTP-18186, + OTP-18187, OTP-18189, OTP-18191, OTP-18193, + OTP-18194, OTP-18195, OTP-18196, OTP-18199, + OTP-18200, OTP-18201, OTP-18202, OTP-18203, + OTP-18205, OTP-18207, OTP-18208, OTP-18214, + OTP-18215, OTP-18216, OTP-18217, OTP-18218, + OTP-18219, OTP-18220, OTP-18222, OTP-18229, + OTP-18232, OTP-18233, OTP-18234, OTP-18239, + OTP-18241, OTP-18243, OTP-18244 +Seq num: ERIERL-456, ERIERL-661, ERIERL-666, + ERIERL-817, ERIERL-826, ERIERL-829, + ERIERL-833, ERIERL-834, ERIERL-835, + ERIERL-836, ERIERL-837, ERIERL-852, + ERIERL-855, ERL-97, GH-3064, GH-5719, + GH-5981, GH-6021, GH-6024, GH-6026, GH-6105, + GH-6122, GH-6158, GH-6163, GH-6164, GH-6169, + GH-6184, GH-6219, GH-6222, GH-6239, GH-6241, + GH-6242, GH-6244, GH-6247, GH-6277 +System: OTP +Release: 25 +Application: asn1-5.0.20, common_test-1.23.1, + compiler-8.2.1, crypto-5.1.2, dialyzer-5.0.2, + diameter-2.2.7, erl_docgen-1.4, erts-13.1, + eunit-2.8, inets-8.1, jinterface-1.13.1, + kernel-8.5, megaco-4.4.1, observer-2.13, + parsetools-2.4.1, public_key-1.13.1, + snmp-5.13.1, ssh-4.15, ssl-10.8.4, + stdlib-4.1, xmerl-1.3.30 +Predecessor: OTP 25.0.4 + + Check out the git tag OTP-25.1, and build a full OTP system including + documentation. Apply one or more applications from this build as + patches to your installation using the 'otp_patch_apply' tool. For + information on install requirements, see descriptions for each + application version below. + + --------------------------------------------------------------------- + --- HIGHLIGHTS ------------------------------------------------------ + --------------------------------------------------------------------- + + OTP-18153 Application(s): crypto + + Crypto is now considered to be usable with the OpenSSL + 3.0 cryptolib for production code. + + ENGINE and FIPS are not yet fully functional. + + + OTP-18172 Application(s): crypto + Related Id(s): ERIERL-826 + + *** POTENTIAL INCOMPATIBILITY *** + + Changed the behaviour of the engine load/unload + functions + + The engine load/unload functions have got changed + semantics to get a more consistent behaviour and work + correct when variables are garbage collected. + + The load functions now don't register the methods for + the engine to replace. That will now be handled with + the new functions engine_register/engine_unregister if + needed. + + Some functions are removed from the documentation and + therefor the API, but they are left in the code for + compatibility. + + -- engine_load/4: is now the same as engine_load/3 + + -- engine_unload/2: is now the same as engine_unload/1 + + -- ensure_engine_loaded/3: is now the same as + ensure_engine_loaded/2 + + -- ensure_engine_unloaded/1, ensure_engine_unloaded/2: + is now the same as engine_unload/1 + + + OTP-18241 Application(s): ssl + + A vulnerability has been discovered and corrected. It + is registered as CVE-2022-37026 "Client Authentication + Bypass". Corrections have been released on the + supported tracks with patches 23.3.4.15, 24.3.4.2, and + 25.0.2. The vulnerability might also exist in older OTP + versions. We recommend that impacted users upgrade to + one of these versions or later on the respective + tracks. OTP 25.1 would be an even better choice. + Impacted are those who are running an ssl/tls/dtls + server using the ssl application either directly or + indirectly via other applications. For example via + inets (httpd), cowboy, etc. Note that the vulnerability + only affects servers that request client certification, + that is sets the option {verify, verify_peer}. + + + --------------------------------------------------------------------- + --- POTENTIAL INCOMPATIBILITIES ------------------------------------- + --------------------------------------------------------------------- + + OTP-18172 Application(s): crypto + Related Id(s): ERIERL-826 + + *** HIGHLIGHT *** + + Changed the behaviour of the engine load/unload + functions + + The engine load/unload functions have got changed + semantics to get a more consistent behaviour and work + correct when variables are garbage collected. + + The load functions now don't register the methods for + the engine to replace. That will now be handled with + the new functions engine_register/engine_unregister if + needed. + + Some functions are removed from the documentation and + therefor the API, but they are left in the code for + compatibility. + + -- engine_load/4: is now the same as engine_load/3 + + -- engine_unload/2: is now the same as engine_unload/1 + + -- ensure_engine_loaded/3: is now the same as + ensure_engine_loaded/2 + + -- ensure_engine_unloaded/1, ensure_engine_unloaded/2: + is now the same as engine_unload/1 + + + OTP-18239 Application(s): stdlib + + When changing callback module in gen_statem the + state_enter calls flag from the old module was used in + for the first event in the new module, which could + confuse the new module and cause malfunction. This bug + has been corrected. + + With this change some sys debug message formats have + been modified, which can be a problem for debug code + relying on the format. + + + --------------------------------------------------------------------- + --- OTP-25.1 -------------------------------------------------------- + --------------------------------------------------------------------- + + --- Improvements and New Features --- + + OTP-18165 Application(s): asn1, compiler, diameter, megaco, otp, + parsetools, stdlib, xmerl + Related Id(s): PR-5965 + + There is a new configure option, + --enable-deterministic-build, which will apply the + deterministic compiler option when building Erlang/OTP. + The deterministic option has been improved to eliminate + more sources of non-determinism in several + applications. + + + --------------------------------------------------------------------- + --- asn1-5.0.20 ----------------------------------------------------- + --------------------------------------------------------------------- + + The asn1-5.0.20 application can be applied independently of other + applications on a full OTP 25 installation. + + --- Improvements and New Features --- + + OTP-18165 Application(s): asn1, compiler, diameter, megaco, otp, + parsetools, stdlib, xmerl + Related Id(s): PR-5965 + + There is a new configure option, + --enable-deterministic-build, which will apply the + deterministic compiler option when building Erlang/OTP. + The deterministic option has been improved to eliminate + more sources of non-determinism in several + applications. + + + Full runtime dependencies of asn1-5.0.20: erts-11.0, kernel-7.0, + stdlib-3.13 + + + --------------------------------------------------------------------- + --- common_test-1.23.1 ---------------------------------------------- + --------------------------------------------------------------------- + + The common_test-1.23.1 application can be applied independently of + other applications on a full OTP 25 installation. + + --- Fixed Bugs and Malfunctions --- + + OTP-18208 Application(s): common_test + Related Id(s): ERIERL-852, PR-6229 + + Fix cth_surefire to handle when a suite is not compiled + with debug_info. This bug has been present since + Erlang/OTP 25.0. + + + --- Improvements and New Features --- + + OTP-18138 Application(s): common_test + Related Id(s): GH-5719, PR-6029 + + Common Test now preserves stack traces for throws. + + + Full runtime dependencies of common_test-1.23.1: compiler-6.0, + crypto-4.5, debugger-4.1, erts-7.0, ftp-1.0, inets-6.0, kernel-8.4, + observer-2.1, runtime_tools-1.8.16, sasl-2.5, snmp-5.1.2, ssh-4.0, + stdlib-4.0, syntax_tools-1.7, tools-3.2, xmerl-1.3.8 + + + --------------------------------------------------------------------- + --- compiler-8.2.1 -------------------------------------------------- + --------------------------------------------------------------------- + + The compiler-8.2.1 application can be applied independently of other + applications on a full OTP 25 installation. + + --- Fixed Bugs and Malfunctions --- + + OTP-18125 Application(s): compiler + Related Id(s): GH-6026 + + The compiler will now forbid using the empty atom '' as + module name. Also forbidden are modules names + containing control characters, and module names + containing only spaces and soft hyphens. + + + OTP-18162 Application(s): compiler + Related Id(s): PR-6102 + + The bin_opt_info and recv_opt_info options would cause + the compiler to crash when attempting to compile + generated code without location information. + + + OTP-18182 Application(s): compiler + Related Id(s): GH-6163 + + In rare circumstances involving floating point + operations, the compiler could terminate with an + internal consistency check failure. + + + OTP-18183 Application(s): compiler + Related Id(s): GH-6169 + + In rare circumstances when doing arithmetic + instructions on non-numbers, the compiler could crash. + + + OTP-18184 Application(s): compiler + Related Id(s): GH-6164 + + In rare circumstances, complex boolean expressions in + nested cases could cause the compiler to crash. + + + OTP-18186 Application(s): compiler + + Expression similar to #{assoc:=V} = #key=>self()}, V + would return the empty map instead of raising an + exception. + + + OTP-18187 Application(s): compiler + Related Id(s): GH-6184 + + Eliminated a crash in the beam_ssa_bool pass of the + compiler when compiling a complex guard expression. + + + OTP-18202 Application(s): compiler + Related Id(s): GH-6222 + + In rare circumstances, the compiler could crash with an + internal consistency check failure. + + + OTP-18214 Application(s): compiler + Related Id(s): GH-6158 + + When compiling with the option inline_list_funcs, the + compiler could produce a nonsensical warning. + + + OTP-18234 Application(s): compiler + Related Id(s): GH-6277 + + When given the no_ssa_opt option, the compiler could + terminate with an internal consistency failure + diagnostic when compiling map matching. + + + --- Improvements and New Features --- + + OTP-18050 Application(s): compiler + + Made warnings for existing atoms being keywords in + experimental features more precise, by not warning + about quoted atoms. + + + OTP-18165 Application(s): asn1, compiler, diameter, megaco, otp, + parsetools, stdlib, xmerl + Related Id(s): PR-5965 + + There is a new configure option, + --enable-deterministic-build, which will apply the + deterministic compiler option when building Erlang/OTP. + The deterministic option has been improved to eliminate + more sources of non-determinism in several + applications. + + + Full runtime dependencies of compiler-8.2.1: crypto-5.1, erts-13.0, + kernel-8.4, stdlib-4.0 + + + --------------------------------------------------------------------- + --- crypto-5.1.2 ---------------------------------------------------- + --------------------------------------------------------------------- + + The crypto-5.1.2 application can be applied independently of other + applications on a full OTP 25 installation. + + --- Fixed Bugs and Malfunctions --- + + OTP-18147 Application(s): crypto + Related Id(s): GH-6024, PR-6056 + + Fix configure with --with-ssl and + --disable-dynamic-ssl-lib on Windows. + + + OTP-18152 Application(s): crypto + + Remove all references correctly in the garbage + collection if an engine handle was not explicit + unloaded. + + + OTP-18172 Application(s): crypto + Related Id(s): ERIERL-826 + + *** HIGHLIGHT *** + + *** POTENTIAL INCOMPATIBILITY *** + + Changed the behaviour of the engine load/unload + functions + + The engine load/unload functions have got changed + semantics to get a more consistent behaviour and work + correct when variables are garbage collected. + + The load functions now don't register the methods for + the engine to replace. That will now be handled with + the new functions engine_register/engine_unregister if + needed. + + Some functions are removed from the documentation and + therefor the API, but they are left in the code for + compatibility. + + -- engine_load/4: is now the same as engine_load/3 + + -- engine_unload/2: is now the same as engine_unload/1 + + -- ensure_engine_loaded/3: is now the same as + ensure_engine_loaded/2 + + -- ensure_engine_unloaded/1, ensure_engine_unloaded/2: + is now the same as engine_unload/1 + + + OTP-18200 Application(s): crypto + + Fixed a naming bug for AES-CFB and Blowfish-CFB/OFB + when linked with OpenSSL 3.0 cryptolib. + + + OTP-18205 Application(s): crypto, public_key + Related Id(s): GH-6219 + + Sign/verify does now behave as in OTP-24 and earlier + for eddsa. + + + --- Improvements and New Features --- + + OTP-18037 Application(s): crypto + + Pass elliptic curve names from crypto.erl to crypto's + nif. + + + OTP-18133 Application(s): crypto + + The configure option --disable-deprecated-warnings is + removed. It was used for some releases when the support + for OpenSSL 3.0 was not completed. It is not needed in + OTP 25. + + + OTP-18153 Application(s): crypto + + *** HIGHLIGHT *** + + Crypto is now considered to be usable with the OpenSSL + 3.0 cryptolib for production code. + + ENGINE and FIPS are not yet fully functional. + + + OTP-18217 Application(s): crypto + + Do not exit if the legacy provider is missing in + libcrypto 3.0. + + + Full runtime dependencies of crypto-5.1.2: erts-9.0, kernel-5.3, + stdlib-3.9 + + + --------------------------------------------------------------------- + --- dialyzer-5.0.2 -------------------------------------------------- + --------------------------------------------------------------------- + + The dialyzer-5.0.2 application can be applied independently of other + applications on a full OTP 25 installation. + + --- Fixed Bugs and Malfunctions --- + + OTP-18127 Application(s): dialyzer + Related Id(s): ERIERL-817 + + Two bugs have been fixed in Dialyzer's checking of + behaviors: + + When a *mandatory* callback function is present but not + exported, Dialyzer would not complain about a missing + callback. + + When an *optional* callback function was not exported + and had incompatible arguments and/or the return values + were incompatible, Dialyzer would complain. This has + been changed to suppress the warning, because the + function might not be intended to be a callback + function, for instance if a release added a new + optional callback function (such as format_status/1 for + the gen_server behaviour added in OTP 25). + + + OTP-18148 Application(s): dialyzer + Related Id(s): PR-6068 + + The no_extra_return and no_missing_return warnings can + now be suppressed through -dialyzer directives in + source code. + + + Full runtime dependencies of dialyzer-5.0.2: compiler-8.0, erts-12.0, + kernel-8.0, stdlib-3.15, syntax_tools-2.0, wx-2.0 + + + --------------------------------------------------------------------- + --- diameter-2.2.7 -------------------------------------------------- + --------------------------------------------------------------------- + + The diameter-2.2.7 application can be applied independently of other + applications on a full OTP 25 installation. + + --- Improvements and New Features --- + + OTP-18165 Application(s): asn1, compiler, diameter, megaco, otp, + parsetools, stdlib, xmerl + Related Id(s): PR-5965 + + There is a new configure option, + --enable-deterministic-build, which will apply the + deterministic compiler option when building Erlang/OTP. + The deterministic option has been improved to eliminate + more sources of non-determinism in several + applications. + + + Full runtime dependencies of diameter-2.2.7: erts-10.0, kernel-3.2, + ssl-9.0, stdlib-3.0 + + + --------------------------------------------------------------------- + --- erl_docgen-1.4 -------------------------------------------------- + --------------------------------------------------------------------- + + The erl_docgen-1.4 application can be applied independently of other + applications on a full OTP 25 installation. + + --- Improvements and New Features --- + + OTP-18244 Application(s): erl_docgen + + Update DTD to allow XML tag em under pre. + + + Full runtime dependencies of erl_docgen-1.4: edoc-1.0, erts-11.0, + kernel-8.0, stdlib-3.15, xmerl-1.3.7 + + + --------------------------------------------------------------------- + --- erts-13.1 ------------------------------------------------------- + --------------------------------------------------------------------- + + Note! The erts-13.1 application *cannot* be applied independently of + other applications on an arbitrary OTP 25 installation. + + On a full OTP 25 installation, also the following runtime + dependencies have to be satisfied: + -- kernel-8.5 (first satisfied in OTP 25.1) + -- stdlib-4.1 (first satisfied in OTP 25.1) + + + --- Fixed Bugs and Malfunctions --- + + OTP-17934 Application(s): erts, kernel, stdlib + Related Id(s): PR-6007 + + Fixed inconsistency bugs in global due to + nodeup/nodedown messages not being delivered + before/after traffic over connections. Also fixed + various other inconsistency bugs and deadlocks in both + global_group and global. + + As building blocks for these fixes, a new BIF + erlang:nodes/2 has been introduced and + net_kernel:monitor_nodes/2 has been extended. + + The -hidden and -connect_all command line arguments did + not work if multiple instances were present on the + command line which has been fixed. The new kernel + parameter connect_all has also been introduced in order + to replace the -connect_all command line argument. + + + OTP-18091 Application(s): erts, kernel + Related Id(s): #5789 + + Fixed IPv6 multicast_if and membership socket options. + + + OTP-18093 Application(s): erts + Related Id(s): OTP-18104, PR-5987 + + Accept funs (NEW_FUN_EXT) with incorrectly encoded size + field. This is a workaround for a bug (OTP-18104) + existing in OTP 23 and 24 that could cause incorrect + size fields in certain cases. The emulator does not use + the decoded size field, but erl_interface still does + and is not helped by this workaround. + + + OTP-18102 Application(s): erts, kernel + Related Id(s): #5904 + + Fixed issue with inet:getifaddrs hanging on pure IPv6 + Windows + + + OTP-18104 Application(s): erts + Related Id(s): OTP-18093 + + Fix faulty distribution encoding of terms with either + + -- a fun with bit-string or export-fun in its + environment when encoded toward a not yet established + (pending) connection + + -- or a fun with a binary/bitstring, in its + environment, referring to an off-heap binary (larger + than 64 bytes). + + The symptom could be failed decoding on the receiving + side leading to aborted connection. Fix OTP-18093 is a + workaround for theses bugs that makes the VM accepts + such faulty encoded funs. + + The first encoding bug toward pending connection exists + only in OTP 23 and 24, but the second one exists also + on OTP 25. + + + OTP-18144 Application(s): erts + Related Id(s): GH-5981 + + Fixed emulator crash that could happen during crashdump + generation of ETS tables with options ordered_set and + {write_concurrency,true}. + + + OTP-18160 Application(s): erts + Related Id(s): PR-6103 + + Retrieval of monotonic and system clock resolution on + MacOS could cause a crash and/or erroneous results. + + + OTP-18161 Application(s): erts + Related Id(s): PR-6081 + + Fix bug where the max allowed size of erl +hmax was + lower than what was allowed by process_flag. + + + OTP-18201 Application(s): erts + + On computers with ARM64 (AArch64) processors, the JIT + could generate incorrect code when more than 4095 bits + were skipped at the tail end of a binary match. + + + OTP-18216 Application(s): erts + Related Id(s): GH-6239, PR-6240 + + In rare circumstances, an is_binary/1 guard test could + succeed when given a large integer. + + + OTP-18218 Application(s): erts + Related Id(s): ERIERL-855 + + Fix bug causing ets:info (and sometimes ets:whereis) to + return 'undefined' for an existing table if a + concurrent process were doing ets:insert with a long + list on the same table. + + + OTP-18222 Application(s): erts + Related Id(s): GH-6242, PR-6248 + + Fix writing and reading of more than 2 GB in a single + read/write operation on macOS. Before this fix + attempting to read/write more than 2GB would result in + {error,einval}. + + + OTP-18243 Application(s): erts + Related Id(s): GH-6247, PR-6258 + + Fix bug sometimes causing emulator crash at node + shutdown when there are pending connections. Only seen + when running duel distribution protocols, inet_drv and + inet_tls_dist. + + + --- Improvements and New Features --- + + OTP-17340 Application(s): erts + Related Id(s): PR-6133 + + Yield when adjusting large process message queues due + to + + -- copying terms from a literal area prior to removing + the literal area. + + -- changing the message_queue_data state from on_heap + to off_heap. + + The message queue adjustment work will now be + interleaved with all other types of work that processes + have to do, even other message queue adjustment work. + + + OTP-18032 Application(s): erts, kernel + + Add rudimentary debug feature (option) for the + inet-driver based sockets, such as gen_tcp and gen_udp. + + + OTP-18107 Application(s): erts, kernel + Related Id(s): PR-6009 + + Introduced the hidden and dist_listen options to + net_kernel:start/2. + + Also documented the -dist_listen command line argument + which was erroneously documented as a kernel parameter + and not as a command line argument. + + + OTP-18109 Application(s): erts + + New documentation chapter "Debugging NIFs and Port + Drivers" under Interoperability Tutorial. + + + OTP-18199 Application(s): erts, stdlib + Related Id(s): PR-5790 + + Add new API function erl_features:configurable/0 + + + Full runtime dependencies of erts-13.1: kernel-8.5, sasl-3.3, + stdlib-4.1 + + + --------------------------------------------------------------------- + --- eunit-2.8 ------------------------------------------------------- + --------------------------------------------------------------------- + + The eunit-2.8 application can be applied independently of other + applications on a full OTP 25 installation. + + --- Improvements and New Features --- + + OTP-18181 Application(s): eunit + Related Id(s): ERL-97, GH-3064, PR-5461 + + With this change, Eunit can optionally not try to + execute related module with "_tests" suffix. This might + be used for avoiding duplicated executions when source + and test modules are located in the same folder. + + + Full runtime dependencies of eunit-2.8: erts-9.0, kernel-5.3, + stdlib-3.4 + + + --------------------------------------------------------------------- + --- inets-8.1 ------------------------------------------------------- + --------------------------------------------------------------------- + + The inets-8.1 application can be applied independently of other + applications on a full OTP 25 installation. + + --- Improvements and New Features --- + + OTP-18118 Application(s): inets + + Add httpc:ssl_verify_host_options/1 to help setting + default ssl options for the https client. + + + OTP-18178 Application(s): inets, ssh + Related Id(s): ERIERL-833, ERIERL-834, ERIERL-835 + + This change fixes dialyzer warnings generated for + inets/httpd examples (includes needed adjustment of + spec for ssh_sftp module). + + + OTP-18193 Application(s): inets + Related Id(s): GH-6122 + + Remove documentation of no longer supported callback. + + + Full runtime dependencies of inets-8.1: erts-6.0, kernel-6.0, + mnesia-4.12, public_key-1.13, runtime_tools-1.8.14, ssl-9.0, + stdlib-4.0 + + + --------------------------------------------------------------------- + --- jinterface-1.13.1 ----------------------------------------------- + --------------------------------------------------------------------- + + The jinterface-1.13.1 application can be applied independently of + other applications on a full OTP 25 installation. + + --- Fixed Bugs and Malfunctions --- + + OTP-18215 Application(s): jinterface + Related Id(s): PR-6154 + + Fix javadoc build error by adding option -encoding + UTF-8. + + + --------------------------------------------------------------------- + --- kernel-8.5 ------------------------------------------------------ + --------------------------------------------------------------------- + + Note! The kernel-8.5 application *cannot* be applied independently of + other applications on an arbitrary OTP 25 installation. + + On a full OTP 25 installation, also the following runtime + dependency has to be satisfied: + -- erts-13.1 (first satisfied in OTP 25.1) + + + --- Fixed Bugs and Malfunctions --- + + OTP-17934 Application(s): erts, kernel, stdlib + Related Id(s): PR-6007 + + Fixed inconsistency bugs in global due to + nodeup/nodedown messages not being delivered + before/after traffic over connections. Also fixed + various other inconsistency bugs and deadlocks in both + global_group and global. + + As building blocks for these fixes, a new BIF + erlang:nodes/2 has been introduced and + net_kernel:monitor_nodes/2 has been extended. + + The -hidden and -connect_all command line arguments did + not work if multiple instances were present on the + command line which has been fixed. The new kernel + parameter connect_all has also been introduced in order + to replace the -connect_all command line argument. + + + OTP-18091 Application(s): erts, kernel + Related Id(s): #5789 + + Fixed IPv6 multicast_if and membership socket options. + + + OTP-18102 Application(s): erts, kernel + Related Id(s): #5904 + + Fixed issue with inet:getifaddrs hanging on pure IPv6 + Windows + + + OTP-18115 Application(s): kernel + Related Id(s): PR-5939 + + The type specifications for inet:getopts/2 and + inet:setopts/2 have been corrected regarding SCTP + options. + + + OTP-18121 Application(s): kernel + Related Id(s): PR-5972 + + The type specifications for inet:parse_* have been + tightened. + + + OTP-18171 Application(s): kernel + Related Id(s): PR-6131 + + Fix gen_tcp:connect/3 spec to include the inet_backend + option. + + + OTP-18229 Application(s): kernel + Related Id(s): PR-6212 + + Fix bug where using a binary as the format when calling + logger:log(Level, Format, Args) (or any other logging + function) would cause a crash or incorrect logging. + + + --- Improvements and New Features --- + + OTP-18032 Application(s): erts, kernel + + Add rudimentary debug feature (option) for the + inet-driver based sockets, such as gen_tcp and gen_udp. + + + OTP-18107 Application(s): erts, kernel + Related Id(s): PR-6009 + + Introduced the hidden and dist_listen options to + net_kernel:start/2. + + Also documented the -dist_listen command line argument + which was erroneously documented as a kernel parameter + and not as a command line argument. + + + OTP-18163 Application(s): kernel + Related Id(s): PR-6058, PR-6275 + + Scope and group monitoring have been introduced in pg. + For more information see the documentation of + pg:monitor_scope(), pg:monitor(), and pg:demonitor(). + + + OTP-18232 Application(s): kernel + Related Id(s): OTP-17843, PR-6264 + + A new function global:disconnect/0 has been introduced + with which one can cleanly disconnect a node from all + other nodes in a cluster of global nodes. + + + Full runtime dependencies of kernel-8.5: crypto-5.0, erts-13.1, + sasl-3.0, stdlib-4.0 + + + --------------------------------------------------------------------- + --- megaco-4.4.1 ---------------------------------------------------- + --------------------------------------------------------------------- + + The megaco-4.4.1 application can be applied independently of other + applications on a full OTP 25 installation. + + --- Fixed Bugs and Malfunctions --- + + OTP-18179 Application(s): megaco + Related Id(s): ERIERL-836 + + Fixed various dialyzer related issues in the examples + and the application proper. + + + --- Improvements and New Features --- + + OTP-18165 Application(s): asn1, compiler, diameter, megaco, otp, + parsetools, stdlib, xmerl + Related Id(s): PR-5965 + + There is a new configure option, + --enable-deterministic-build, which will apply the + deterministic compiler option when building Erlang/OTP. + The deterministic option has been improved to eliminate + more sources of non-determinism in several + applications. + + + Full runtime dependencies of megaco-4.4.1: asn1-3.0, debugger-4.0, + erts-12.0, et-1.5, kernel-8.0, runtime_tools-1.8.14, stdlib-2.5 + + + --------------------------------------------------------------------- + --- observer-2.13 --------------------------------------------------- + --------------------------------------------------------------------- + + The observer-2.13 application can be applied independently of other + applications on a full OTP 25 installation. + + --- Improvements and New Features --- + + OTP-18151 Application(s): observer + Related Id(s): PR-6063 + + Fixed units in gui. + + + Full runtime dependencies of observer-2.13: erts-11.0, et-1.5, + kernel-8.1, runtime_tools-1.19, stdlib-3.13, wx-1.2 + + + --------------------------------------------------------------------- + --- parsetools-2.4.1 ------------------------------------------------ + --------------------------------------------------------------------- + + The parsetools-2.4.1 application can be applied independently of + other applications on a full OTP 25 installation. + + --- Improvements and New Features --- + + OTP-18165 Application(s): asn1, compiler, diameter, megaco, otp, + parsetools, stdlib, xmerl + Related Id(s): PR-5965 + + There is a new configure option, + --enable-deterministic-build, which will apply the + deterministic compiler option when building Erlang/OTP. + The deterministic option has been improved to eliminate + more sources of non-determinism in several + applications. + + + Full runtime dependencies of parsetools-2.4.1: erts-6.0, kernel-3.0, + stdlib-3.4 + + + --------------------------------------------------------------------- + --- public_key-1.13.1 ----------------------------------------------- + --------------------------------------------------------------------- + + The public_key-1.13.1 application can be applied independently of + other applications on a full OTP 25 installation. + + --- Fixed Bugs and Malfunctions --- + + OTP-18154 Application(s): public_key + Related Id(s): PR-6002 + + Support more Linux distributions in cacerts_load/0. + + + OTP-18189 Application(s): public_key + Related Id(s): ERIERL-829 + + Correct asn1 typenames available in type + pki_asn1_type() + + + OTP-18205 Application(s): crypto, public_key + Related Id(s): GH-6219 + + Sign/verify does now behave as in OTP-24 and earlier + for eddsa. + + + Full runtime dependencies of public_key-1.13.1: asn1-3.0, crypto-4.6, + erts-6.0, kernel-3.0, stdlib-3.5 + + + --------------------------------------------------------------------- + --- snmp-5.13.1 ----------------------------------------------------- + --------------------------------------------------------------------- + + The snmp-5.13.1 application can be applied independently of other + applications on a full OTP 25 installation. + + --- Fixed Bugs and Malfunctions --- + + OTP-17115 Application(s): snmp + Related Id(s): ERIERL-456 + + Improved the get-bulk response max size calculation. + Its now possible to configure 'empty pdu size', see + appendix c for more info. + + + OTP-18180 Application(s): snmp + Related Id(s): ERIERL-837 + + Fix various example dialyzer issues + + + Full runtime dependencies of snmp-5.13.1: crypto-4.6, erts-12.0, + kernel-8.0, mnesia-4.12, runtime_tools-1.8.14, stdlib-2.5 + + + --------------------------------------------------------------------- + --- ssh-4.15 -------------------------------------------------------- + --------------------------------------------------------------------- + + The ssh-4.15 application can be applied independently of other + applications on a full OTP 25 installation. + + --- Fixed Bugs and Malfunctions --- + + OTP-18220 Application(s): ssh + Related Id(s): ERIERL-661, ERIERL-666 + + Handling rare race condition at channel close. + + + --- Improvements and New Features --- + + OTP-18134 Application(s): ssh + Related Id(s): GH-6021 + + New ssh option no_auth_needed to skip the ssh + authentication. Use with caution! + + + OTP-18178 Application(s): inets, ssh + Related Id(s): ERIERL-833, ERIERL-834, ERIERL-835 + + This change fixes dialyzer warnings generated for + inets/httpd examples (includes needed adjustment of + spec for ssh_sftp module). + + + OTP-18196 Application(s): ssh + + The new function ssh:daemon_replace_options/2 makes it + possible to change the Options in a running SSH server. + + Established connections are not affected, only those + created after the call to this new function. + + + OTP-18207 Application(s): ssh + Related Id(s): PR-6231 + + Add a timeout as option max_initial_idle_time. It + closes a connection that does not allocate a channel + within the timeout time. + + For more information about timeouts, see the Timeouts + section in the User's Guide Hardening chapter. + + + Full runtime dependencies of ssh-4.15: crypto-5.0, erts-11.0, + kernel-6.0, public_key-1.6.1, runtime_tools-1.15.1, stdlib-3.15 + + + --------------------------------------------------------------------- + --- ssl-10.8.4 ------------------------------------------------------ + --------------------------------------------------------------------- + + Note! The ssl-10.8.4 application *cannot* be applied independently of + other applications on an arbitrary OTP 25 installation. + + On a full OTP 25 installation, also the following runtime + dependency has to be satisfied: + -- stdlib-4.1 (first satisfied in OTP 25.1) + + + --- Fixed Bugs and Malfunctions --- + + OTP-18044 Application(s): ssl + + Reject unexpected application data in all relevant + places for all TLS versions. Also, handle TLS-1.3 + middlebox compatibility with more care. This will make + malicious connections fail early and further, mitigate + possible DoS attacks, that would be caught by the + handshake timeout. + + Thanks to Aina Toky Rasoamanana and Olivier Levillain + from Télécom SudParis for alerting us of the issues in + our implementation. + + + OTP-18099 Application(s): ssl + Related Id(s): PR-6287 + + With this change, value of cacertfile option will be + adjusted before loading certs from the file. + Adjustments include converting relative paths to + absolute and converting symlinks to actual file path. + + Thanks to Marcus Johansson + + + OTP-18191 Application(s): ssl + Related Id(s): GH-6105 + + In TLS-1.3, if chain certs are missing (so server auth + domain adherence can not be determined) send peer cert + and hope the server is able to recreate a chain in its + auth domain. + + + OTP-18195 Application(s): ssl + + Make sure periodical refresh of CA certificate files + repopulates cache properly. + + + OTP-18203 Application(s): ssl + Related Id(s): PR-5996 + + Correct internal CRL cache functions to use internal + format consistently. + + + OTP-18219 Application(s): ssl + Related Id(s): GH-6241, PR-6249 + + Incorrect handling of client middlebox negotiation for + TLS-1.3 could result in that a TLS-1.3 server would not + use middlebox mode although the client was expecting it + too and failing the negotiation with unexpected + message. + + + OTP-18233 Application(s): ssl + Related Id(s): GH-6244, PR-6270 + + If the "User" process, the process starting the TLS + connection, gets killed in the middle of spawning the + dynamic connection tree make sure we do not leave any + processes behind. + + + --- Improvements and New Features --- + + OTP-18241 Application(s): ssl + + *** HIGHLIGHT *** + + A vulnerability has been discovered and corrected. It + is registered as CVE-2022-37026 "Client Authentication + Bypass". Corrections have been released on the + supported tracks with patches 23.3.4.15, 24.3.4.2, and + 25.0.2. The vulnerability might also exist in older OTP + versions. We recommend that impacted users upgrade to + one of these versions or later on the respective + tracks. OTP 25.1 would be an even better choice. + Impacted are those who are running an ssl/tls/dtls + server using the ssl application either directly or + indirectly via other applications. For example via + inets (httpd), cowboy, etc. Note that the vulnerability + only affects servers that request client certification, + that is sets the option {verify, verify_peer}. + + + Full runtime dependencies of ssl-10.8.4: crypto-5.0, erts-10.0, + inets-5.10.7, kernel-8.4, public_key-1.11.3, runtime_tools-1.15.1, + stdlib-4.1 + + + --------------------------------------------------------------------- + --- stdlib-4.1 ------------------------------------------------------ + --------------------------------------------------------------------- + + Note! The stdlib-4.1 application *cannot* be applied independently of + other applications on an arbitrary OTP 25 installation. + + On a full OTP 25 installation, also the following runtime + dependency has to be satisfied: + -- erts-13.1 (first satisfied in OTP 25.1) + + + --- Fixed Bugs and Malfunctions --- + + OTP-17934 Application(s): erts, kernel, stdlib + Related Id(s): PR-6007 + + Fixed inconsistency bugs in global due to + nodeup/nodedown messages not being delivered + before/after traffic over connections. Also fixed + various other inconsistency bugs and deadlocks in both + global_group and global. + + As building blocks for these fixes, a new BIF + erlang:nodes/2 has been introduced and + net_kernel:monitor_nodes/2 has been extended. + + The -hidden and -connect_all command line arguments did + not work if multiple instances were present on the + command line which has been fixed. The new kernel + parameter connect_all has also been introduced in order + to replace the -connect_all command line argument. + + + OTP-18139 Application(s): stdlib + Related Id(s): PR-6060 + + Fix the public_key:ssh* functions to be listed under + the correct release in the Removed Functionality User's + Guide. + + + OTP-18142 Application(s): stdlib + Related Id(s): PR-6078 + + The type spec for format_status/1 in gen_statem, + gen_server and gen_event has been corrected to state + that the return value is of the same type as the + argument (instead of the same value as the argument). + + + OTP-18146 Application(s): stdlib + Related Id(s): PR-5983 + + If the timer server child spec was already present in + kernel_sup but it was not started, the timer server + would fail to start with an {error, already_present} + error instead of restarting the server. + + + OTP-18239 Application(s): stdlib + + *** POTENTIAL INCOMPATIBILITY *** + + When changing callback module in gen_statem the + state_enter calls flag from the old module was used in + for the first event in the new module, which could + confuse the new module and cause malfunction. This bug + has been corrected. + + With this change some sys debug message formats have + been modified, which can be a problem for debug code + relying on the format. + + + --- Improvements and New Features --- + + OTP-18165 Application(s): asn1, compiler, diameter, megaco, otp, + parsetools, stdlib, xmerl + Related Id(s): PR-5965 + + There is a new configure option, + --enable-deterministic-build, which will apply the + deterministic compiler option when building Erlang/OTP. + The deterministic option has been improved to eliminate + more sources of non-determinism in several + applications. + + + OTP-18166 Application(s): stdlib + Related Id(s): PR-6108 + + The rfc339_to_system_time/1,2 functions now allows the + minutes part to be omitted from the time zone. + + + OTP-18194 Application(s): stdlib + Related Id(s): PR-6199 + + The receive statement in gen_event has been optimized + to not use selective receive (which was never needed, + and could cause severe performance degradation under + heavy load). + + + OTP-18199 Application(s): erts, stdlib + Related Id(s): PR-5790 + + Add new API function erl_features:configurable/0 + + + Full runtime dependencies of stdlib-4.1: compiler-5.0, crypto-4.5, + erts-13.1, kernel-8.4, sasl-3.0 + + + --------------------------------------------------------------------- + --- xmerl-1.3.30 ---------------------------------------------------- + --------------------------------------------------------------------- + + The xmerl-1.3.30 application can be applied independently of other + applications on a full OTP 25 installation. + + --- Improvements and New Features --- + + OTP-18165 Application(s): asn1, compiler, diameter, megaco, otp, + parsetools, stdlib, xmerl + Related Id(s): PR-5965 + + There is a new configure option, + --enable-deterministic-build, which will apply the + deterministic compiler option when building Erlang/OTP. + The deterministic option has been improved to eliminate + more sources of non-determinism in several + applications. + + + Full runtime dependencies of xmerl-1.3.30: erts-6.0, kernel-3.0, + stdlib-2.5 + + + --------------------------------------------------------------------- + --------------------------------------------------------------------- + --------------------------------------------------------------------- + -- cgit v1.2.3