1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
|
Patch Package: OTP 25.3.2.21
Git Tag: OTP-25.3.2.21
Date: 2025-05-08
Trouble Report Id: OTP-19577, OTP-19599, OTP-19605, OTP-19608,
OTP-19625
Seq num: CVE-2025-46712, ERIERL-1220, GH-9707,
GH-9720, PR-9696, PR-9724, PR-9765, PR-9767
System: OTP
Release: 25
Application: erts-13.2.2.16, kernel-8.5.4.6, ssh-4.15.3.13
Predecessor: OTP 25.3.2.20
Check out the git tag OTP-25.3.2.21, and build a full OTP system
including documentation. Apply one or more applications from this
build as patches to your installation using the 'otp_patch_apply'
tool. For information on install requirements, see descriptions for
each application version below.
---------------------------------------------------------------------
--- erts-13.2.2.16 --------------------------------------------------
---------------------------------------------------------------------
Note! The erts-13.2.2.16 application *cannot* be applied
independently of other applications on an arbitrary OTP 25
installation.
On a full OTP 25 installation, also the following runtime
dependencies have to be satisfied:
-- kernel-8.5 (first satisfied in OTP 25.1)
-- stdlib-4.1 (first satisfied in OTP 25.1)
--- Fixed Bugs and Malfunctions ---
OTP-19577 Application(s): erts
Related Id(s): ERIERL-1220, PR-9696
Fixed an emulator crash when setting an error_handler
module that was not yet loaded.
OTP-19599 Application(s): erts
Related Id(s): PR-9724
Fixed a rare bug that could cause an emulator crash
after unloading a module or erasing a persistent_term.
Full runtime dependencies of erts-13.2.2.16: kernel-8.5, sasl-3.3,
stdlib-4.1
---------------------------------------------------------------------
--- kernel-8.5.4.6 --------------------------------------------------
---------------------------------------------------------------------
Note! The kernel-8.5.4.6 application *cannot* be applied
independently of other applications on an arbitrary OTP 25
installation.
On a full OTP 25 installation, also the following runtime
dependencies have to be satisfied:
-- erts-13.1.3 (first satisfied in OTP 25.2)
-- stdlib-4.1.1 (first satisfied in OTP 25.1.1)
--- Fixed Bugs and Malfunctions ---
OTP-19605 Application(s): kernel
Related Id(s): GH-9720, PR-9765
With this change, disk_log will not crash when using
chunk_step/3 after log size was decreased.
OTP-19608 Application(s): kernel
Related Id(s): GH-9707, PR-9767
With this change, disk_log will not run into infinite
loop when using chunk/2,3 after log size was decreased.
Full runtime dependencies of kernel-8.5.4.6: crypto-5.0, erts-13.1.3,
sasl-3.0, stdlib-4.1.1
---------------------------------------------------------------------
--- ssh-4.15.3.13 ---------------------------------------------------
---------------------------------------------------------------------
The ssh-4.15.3.13 application can be applied independently of other
applications on a full OTP 25 installation.
--- Fixed Bugs and Malfunctions ---
OTP-19625 Application(s): ssh
Related Id(s): CVE-2025-46712
Fix KEX strict implementation according to
draft-miller-sshm-strict-kex-01 document.
Full runtime dependencies of ssh-4.15.3.13: crypto-5.0, erts-11.0,
kernel-6.0, public_key-1.6.1, runtime_tools-1.15.1, stdlib-3.15
---------------------------------------------------------------------
--- Thanks to -------------------------------------------------------
---------------------------------------------------------------------
João Henrique Ferreira de Freitas, Lý Nhật Tâm
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
|
