From e833332a0df355a4c203af419c742ca0093328c0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lo=C3=AFc=20Hoguin?= Date: Wed, 22 Jul 2020 15:20:34 +0200 Subject: OTP-22.3.4.4 and OTP-21.3.8.17 --- early-plugins.mk | 9 +-- release-notes/OTP-21.3.8.17.README.txt | 83 +++++++++++++++++++++++ release-notes/OTP-22.3.4.4.README.txt | 119 +++++++++++++++++++++++++++++++++ 3 files changed, 207 insertions(+), 4 deletions(-) create mode 100644 release-notes/OTP-21.3.8.17.README.txt create mode 100644 release-notes/OTP-22.3.4.4.README.txt diff --git a/early-plugins.mk b/early-plugins.mk index f2bedf3..978ae70 100644 --- a/early-plugins.mk +++ b/early-plugins.mk @@ -26,8 +26,8 @@ OTP-18 := OTP-18.0.3 OTP-18.1.5 OTP-18.2.4 OTP-18.3.4.11 OTP-19 := OTP-19.0.7 OTP-19.1.6 OTP-19.2.3 OTP-19.3.6.13 OTP-20 := OTP-20.0.5 OTP-20.1.7 OTP-20.2.4 OTP-20.3.8.26 -OTP-21 := OTP-21.0.9 OTP-21.1.4 OTP-21.2.7 OTP-21.3.8.16 -OTP-22 := OTP-22.0.7 OTP-22.1.8 OTP-22.2.8 OTP-22.3.4.3 +OTP-21 := OTP-21.0.9 OTP-21.1.4 OTP-21.2.7 OTP-21.3.8.17 +OTP-22 := OTP-22.0.7 OTP-22.1.8 OTP-22.2.8 OTP-22.3.4.4 OTP-23 := OTP-23.0.3 OTP-18+ := $(OTP-18) $(OTP-19) $(OTP-20) $(OTP-21) $(OTP-22) $(OTP-23) @@ -77,13 +77,14 @@ OTP-21-DROPPED := OTP-21.0-rc1 OTP-21.0-rc2 OTP-21.0 OTP-21.0.1 OTP-21.0.2 \ OTP-21.3.1 OTP-21.3.2 OTP-21.3.3 OTP-21.3.4 OTP-21.3.5 OTP-21.3.6 \ OTP-21.3.7 OTP-21.3.8 OTP-21.3.8.1 OTP-21.3.8.2 OTP-21.3.8.3 OTP-21.3.8.4 \ OTP-21.3.8.5 OTP-21.3.8.6 OTP-21.3.8.7 OTP-21.3.8.8 OTP-21.3.8.10 \ - OTP-21.3.8.11 OTP-21.3.8.12 OTP-21.3.8.13 OTP-21.3.8.14 OTP-21.3.8.15 + OTP-21.3.8.11 OTP-21.3.8.12 OTP-21.3.8.13 OTP-21.3.8.14 OTP-21.3.8.15 \ + OTP-21.3.8.16 OTP-22-DROPPED := OTP-22.0-rc1 OTP-22.0-rc2 OTP-22.0-rc3 OTP-22.0 \ OTP-22.0.1 OTP-22.0.2 OTP-22.0.3 OTP-22.0.4 OTP-22.0.5 OTP-22.0.6 \ OTP-22.1 OTP-22.1.1 OTP-22.1.2 OTP-22.1.3 OTP-22.1.4 OTP-22.1.5 \ OTP-22.1.6 OTP-22.1.7 OTP-22.2 OTP-22.2.1 OTP-22.2.2 OTP-22.2.3 \ OTP-22.2.4 OTP-22.2.6 OTP-22.2.7 OTP-22.3 OTP-22.3.1 OTP-22.3.2 \ - OTP-22.3.3 OTP-22.3.4 OTP-22.3.4.1 OTP-22.3.4.2 + OTP-22.3.3 OTP-22.3.4 OTP-22.3.4.1 OTP-22.3.4.2 OTP-22.3.4.3 OTP-23-DROPPED := OTP-23.0-rc1 OTP-23.0-rc2 OTP-23.0-rc3 OTP-23.0 OTP-23.0.1 \ OTP-23.0.2 diff --git a/release-notes/OTP-21.3.8.17.README.txt b/release-notes/OTP-21.3.8.17.README.txt new file mode 100644 index 0000000..7fdc9a6 --- /dev/null +++ b/release-notes/OTP-21.3.8.17.README.txt @@ -0,0 +1,83 @@ +Patch Package: OTP 21.3.8.17 +Git Tag: OTP-21.3.8.17 +Date: 2020-07-22 +Trouble Report Id: OTP-16764, OTP-16766, OTP-16772 +Seq num: ERL-1304 +System: OTP +Release: 21 +Application: erts-10.3.5.13, ssl-9.2.3.7 +Predecessor: OTP 21.3.8.16 + + Check out the git tag OTP-21.3.8.17, and build a full OTP system + including documentation. Apply one or more applications from this + build as patches to your installation using the 'otp_patch_apply' + tool. For information on install requirements, see descriptions for + each application version below. + + --------------------------------------------------------------------- + --- erts-10.3.5.13 -------------------------------------------------- + --------------------------------------------------------------------- + + Note! The erts-10.3.5.13 application *cannot* be applied + independently of other applications on an arbitrary OTP 21 + installation. + + On a full OTP 21 installation, also the following runtime + dependencies have to be satisfied: + -- kernel-6.1 (first satisfied in OTP 21.1) + -- sasl-3.3 (first satisfied in OTP 21.2) + + + --- Fixed Bugs and Malfunctions --- + + OTP-16766 Application(s): erts + Related Id(s): ERL-1304 + + An unintentional reuse of an already used emulator + internal event object could cause a wakeup signal to a + thread to be lost. In worst case this could cause the + runtime system to hang. This hang was however quite + rare. + + + OTP-16772 Application(s): erts + Related Id(s): ERL-1304 + + NIF threads and driver threads on non-Linux systems + leaked internal resources when terminating. On Windows + these resources were one event per thread. On most + other systems one mutex and one condition variable per + thread. On these other systems that also lacked + pthread_cond_timedwait() also a pipe with its file + descriptors was leaked. + + + Full runtime dependencies of erts-10.3.5.13: kernel-6.1, sasl-3.3, + stdlib-3.5 + + + --------------------------------------------------------------------- + --- ssl-9.2.3.7 ----------------------------------------------------- + --------------------------------------------------------------------- + + The ssl-9.2.3.7 application can be applied independently of other + applications on a full OTP 21 installation. + + --- Fixed Bugs and Malfunctions --- + + OTP-16764 Application(s): ssl + + Data deliver with ssl:recv/2,3 could fail for when + using packet mode. This has been fixed by correcting + the flow control handling of passive sockets when + packet mode is used. + + + Full runtime dependencies of ssl-9.2.3.7: crypto-4.2, erts-10.0, + inets-5.10.7, kernel-6.0, public_key-1.5, stdlib-3.5 + + + --------------------------------------------------------------------- + --------------------------------------------------------------------- + --------------------------------------------------------------------- + diff --git a/release-notes/OTP-22.3.4.4.README.txt b/release-notes/OTP-22.3.4.4.README.txt new file mode 100644 index 0000000..ed4f43b --- /dev/null +++ b/release-notes/OTP-22.3.4.4.README.txt @@ -0,0 +1,119 @@ +Patch Package: OTP 22.3.4.4 +Git Tag: OTP-22.3.4.4 +Date: 2020-07-22 +Trouble Report Id: OTP-16764, OTP-16766, OTP-16767, OTP-16771, + OTP-16772 +Seq num: ERIERL-509, ERIERL-512, ERL-1304 +System: OTP +Release: 22 +Application: crypto-4.6.5.1, erts-10.7.2.2, ssl-9.6.2.2 +Predecessor: OTP 22.3.4.3 + + Check out the git tag OTP-22.3.4.4, and build a full OTP system + including documentation. Apply one or more applications from this + build as patches to your installation using the 'otp_patch_apply' + tool. For information on install requirements, see descriptions for + each application version below. + + --------------------------------------------------------------------- + --- crypto-4.6.5.1 -------------------------------------------------- + --------------------------------------------------------------------- + + The crypto-4.6.5.1 application can be applied independently of other + applications on a full OTP 22 installation. + + --- Improvements and New Features --- + + OTP-16771 Application(s): crypto + Related Id(s): ERIERL-509 + + Implemented a workaround to allow fallback from using + the EVP API for Diffie-Hellman key generation + + + Full runtime dependencies of crypto-4.6.5.1: erts-9.0, kernel-5.3, + stdlib-3.4 + + + --------------------------------------------------------------------- + --- erts-10.7.2.2 --------------------------------------------------- + --------------------------------------------------------------------- + + Note! The erts-10.7.2.2 application *cannot* be applied independently + of other applications on an arbitrary OTP 22 installation. + + On a full OTP 22 installation, also the following runtime + dependency has to be satisfied: + -- kernel-6.5.1 (first satisfied in OTP 22.2) + + + --- Fixed Bugs and Malfunctions --- + + OTP-16766 Application(s): erts + Related Id(s): ERL-1304 + + An unintentional reuse of an already used emulator + internal event object could cause a wakeup signal to a + thread to be lost. In worst case this could cause the + runtime system to hang. This hang was however quite + rare. + + + OTP-16772 Application(s): erts + Related Id(s): ERL-1304 + + NIF threads and driver threads on non-Linux systems + leaked internal resources when terminating. On Windows + these resources were one event per thread. On most + other systems one mutex and one condition variable per + thread. On these other systems that also lacked + pthread_cond_timedwait() also a pipe with its file + descriptors was leaked. + + + Full runtime dependencies of erts-10.7.2.2: kernel-6.5.1, sasl-3.3, + stdlib-3.5 + + + --------------------------------------------------------------------- + --- ssl-9.6.2.2 ----------------------------------------------------- + --------------------------------------------------------------------- + + Note! The ssl-9.6.2.2 application *cannot* be applied independently + of other applications on an arbitrary OTP 22 installation. + + On a full OTP 22 installation, also the following runtime + dependency has to be satisfied: + -- public_key-1.7.2 (first satisfied in OTP 22.3) + + + --- Fixed Bugs and Malfunctions --- + + OTP-16764 Application(s): ssl + + Data deliver with ssl:recv/2,3 could fail for when + using packet mode. This has been fixed by correcting + the flow control handling of passive sockets when + packet mode is used. + + + OTP-16767 Application(s): ssl + Related Id(s): ERIERL-512 + + Fix the internal handling of options 'verify' and + 'verify_fun'. + + This change fixes a vulnerability when setting the ssl + option 'verify' to verify_peer in a continued handshake + won't take any effect resulting in the acceptance of + expired peer certificates. + + + Full runtime dependencies of ssl-9.6.2.2: crypto-4.2, erts-10.0, + inets-5.10.7, kernel-6.0, public_key-1.7.2, stdlib-3.5 + + + --------------------------------------------------------------------- + --------------------------------------------------------------------- + --------------------------------------------------------------------- + -- cgit v1.2.3