From 0e8eacdedd5c290c0571ba06042df01866f506e4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lo=C3=AFc=20Hoguin?= Date: Mon, 9 Jan 2023 13:51:22 +0100 Subject: OTP-24.3.4.1 --- release-notes/OTP-24.3.4.1.README.txt | 188 ++++++++++++++++++++++++++++++++++ 1 file changed, 188 insertions(+) create mode 100644 release-notes/OTP-24.3.4.1.README.txt (limited to 'release-notes') diff --git a/release-notes/OTP-24.3.4.1.README.txt b/release-notes/OTP-24.3.4.1.README.txt new file mode 100644 index 0000000..22a204c --- /dev/null +++ b/release-notes/OTP-24.3.4.1.README.txt @@ -0,0 +1,188 @@ +Patch Package: OTP 24.3.4.1 +Git Tag: OTP-24.3.4.1 +Date: 2022-06-08 +Trouble Report Id: OTP-17858, OTP-18085, OTP-18087, OTP-18092, + OTP-18093, OTP-18094, OTP-18100, OTP-18123, + OTP-18128, OTP-18129 +Seq num: ERIERL-728, GH-5950, GH-5961, GH-5985, + GH-5994 +System: OTP +Release: 24 +Application: crypto-5.0.6.1, erts-12.3.2.1, + mnesia-4.20.4.1, ssh-4.13.2.1, ssl-10.7.3.1 +Predecessor: OTP 24.3.4 + + Check out the git tag OTP-24.3.4.1, and build a full OTP system + including documentation. Apply one or more applications from this + build as patches to your installation using the 'otp_patch_apply' + tool. For information on install requirements, see descriptions for + each application version below. + + --------------------------------------------------------------------- + --- crypto-5.0.6.1 -------------------------------------------------- + --------------------------------------------------------------------- + + The crypto-5.0.6.1 application can be applied independently of other + applications on a full OTP 24 installation. + + --- Fixed Bugs and Malfunctions --- + + OTP-17858 Application(s): crypto + Related Id(s): ERIERL-728 + + Fix timing bug in ensure_engine_loaded + + When two ensure_engine_loaded() calls were done in + parallel there was a possibility that a crypto lib + function was called by both instead of just one of them + which resulted in an error. This is solved by moving + the implementation from erlang down into a NIF function + that uses a mutex to protect the sensitive part. + + + Full runtime dependencies of crypto-5.0.6.1: erts-9.0, kernel-5.3, + stdlib-3.4 + + + --------------------------------------------------------------------- + --- erts-12.3.2.1 --------------------------------------------------- + --------------------------------------------------------------------- + + Note! The erts-12.3.2.1 application *cannot* be applied independently + of other applications on an arbitrary OTP 24 installation. + + On a full OTP 24 installation, also the following runtime + dependency has to be satisfied: + -- kernel-8.3 (first satisfied in OTP 24.3) + + + --- Fixed Bugs and Malfunctions --- + + OTP-18093 Application(s): erts + Related Id(s): OTP-18104, PR-5987 + + Accept funs (NEW_FUN_EXT) with incorrectly encoded size + field. This is a workaround for a bug (OTP-18104) + existing in OTP 23 and 24 that could cause incorrect + size fields in certain cases. The emulator does not use + the decoded size field, but erl_interface still does + and is not helped by this workaround. + + + OTP-18123 Application(s): erts + Related Id(s): GH-5994 + + The zlib built in to the runtime system has been + updated to version 1.2.12. (Note that on most + platforms, the platform's own zlib is used.) + + + Full runtime dependencies of erts-12.3.2.1: kernel-8.3, sasl-3.3, + stdlib-3.13 + + + --------------------------------------------------------------------- + --- mnesia-4.20.4.1 ------------------------------------------------- + --------------------------------------------------------------------- + + The mnesia-4.20.4.1 application can be applied independently of other + applications on a full OTP 24 installation. + + --- Fixed Bugs and Malfunctions --- + + OTP-18128 Application(s): mnesia + Related Id(s): PR-6013 + + Fixed add_table_copy which could leave a table lock if + the receiving node went down during the operation. + + + Full runtime dependencies of mnesia-4.20.4.1: erts-9.0, kernel-5.3, + stdlib-3.4 + + + --------------------------------------------------------------------- + --- ssh-4.13.2.1 ---------------------------------------------------- + --------------------------------------------------------------------- + + The ssh-4.13.2.1 application can be applied independently of other + applications on a full OTP 24 installation. + + --- Fixed Bugs and Malfunctions --- + + OTP-18094 Application(s): ssh + + Binaries can be limited in logs with the parameter + max_log_item_len. The default value is 500 bytes. + + + Full runtime dependencies of ssh-4.13.2.1: crypto-5.0, erts-9.0, + kernel-5.3, public_key-1.6.1, runtime_tools-1.15.1, stdlib-3.15 + + + --------------------------------------------------------------------- + --- ssl-10.7.3.1 ---------------------------------------------------- + --------------------------------------------------------------------- + + Note! The ssl-10.7.3.1 application *cannot* be applied independently + of other applications on an arbitrary OTP 24 installation. + + On a full OTP 24 installation, also the following runtime + dependency has to be satisfied: + -- public_key-1.11.3 (first satisfied in OTP 24.1.2) + + + --- Fixed Bugs and Malfunctions --- + + OTP-18087 Application(s): ssl + Related Id(s): GH-5961 + + When a TLS-1.3 enabled client tried to talk to a + TLS-1.2 server that coalesces TLS-1.2 handshake message + over one TLS record, the connection could fail due to + some message being handled in the wrong state, this has + been fixed. + + + OTP-18092 Application(s): ssl + Related Id(s): PR-5959 + + Fixed tls-1.3 session ticket lifetime which was + discarded to quickly before. + + + OTP-18100 Application(s): ssl + Related Id(s): GH-5985 + + Correctly handles supported protocol version change + from default to something else by sni_fun supplied to + ssl:handshake/[2,3] together with a TCP-socket (so + called upgrade). + + + OTP-18129 Application(s): ssl + Related Id(s): GH-5950 + + Also, TLS-1.3 should respond with a protocol version + alert if previous versions, that are supported but not + configured, are attempted. + + + --- Improvements and New Features --- + + OTP-18085 Application(s): ssl + + Enhance handling of handshake decoding errors, + especially for certificate authorities extension to + ensure graceful termination. + + + Full runtime dependencies of ssl-10.7.3.1: crypto-5.0, erts-10.0, + inets-5.10.7, kernel-8.0, public_key-1.11.3, runtime_tools-1.15.1, + stdlib-3.12 + + + --------------------------------------------------------------------- + --------------------------------------------------------------------- + --------------------------------------------------------------------- + -- cgit v1.2.3