Skip to content

OTP 27.3.3

Latest
Latest
Compare
Choose a tag to compare
@github-actions github-actions released this 16 Apr 14:17
· 2349 commits to master since this release
OTP-27.3.3
10e20b1 
Patch Package:           OTP 27.3.3
Git Tag:                 OTP-27.3.3
Date:                    2025-04-16
Trouble Report Id:       OTP-19581, OTP-19582, OTP-19585, OTP-19592,
                         OTP-19595
Seq num:                 CVE-2025-32433, ERIERL-1219, ERIERL-1222,
                         PR-9566, PR-9679, PR-9706
System:                  OTP
Release:                 27
Application:             erts-15.2.6, kernel-10.2.6, megaco-4.7.2,
                         ssh-5.2.10, ssl-11.2.12
Predecessor:             OTP 27.3.2

Check out the git tag OTP-27.3.3, and build a full OTP system including
documentation. Apply one or more applications from this build as patches to your
installation using the 'otp_patch_apply' tool. For information on install
requirements, see descriptions for each application version below.

erts-15.2.6

The erts-15.2.6 application can be applied independently of other applications
on a full OTP 27 installation.

Fixed Bugs and Malfunctions

  • Fixed bug in call_memory tracing that could cause wildly incorrect reported
    memory values. Bug exists since OTP 27.1.

    Also fixed return type spec of trace:info/3.

    Own Id: OTP-19581
    Related Id(s): ERIERL-1219, PR-9706

Full runtime dependencies of erts-15.2.6

kernel-9.0, sasl-3.3, stdlib-4.1

kernel-10.2.6

Note! The kernel-10.2.6 application cannot be applied independently of other
applications on an arbitrary OTP 27 installation.

   On a full OTP 27 installation, also the following runtime
   dependency has to be satisfied:
   -- erts-15.2.5 (first satisfied in OTP 27.3.2)

Fixed Bugs and Malfunctions

  • Fixed bug in call_memory tracing that could cause wildly incorrect reported
    memory values. Bug exists since OTP 27.1.

    Also fixed return type spec of trace:info/3.

    Own Id: OTP-19581
    Related Id(s): ERIERL-1219, PR-9706

Full runtime dependencies of kernel-10.2.6

crypto-5.0, erts-15.2.5, sasl-3.0, stdlib-6.0

megaco-4.7.2

The megaco-4.7.2 application can be applied independently of other applications
on a full OTP 27 installation.

Fixed Bugs and Malfunctions

  • Corrected type spec for type mid().

    Own Id: OTP-19585
    Related Id(s): ERIERL-1222

Full runtime dependencies of megaco-4.7.2

asn1-3.0, debugger-4.0, erts-12.0, et-1.5, kernel-8.0, runtime_tools-1.8.14,
stdlib-2.5

ssh-5.2.10

The ssh-5.2.10 application can be applied independently of other applications on
a full OTP 27 installation.

Fixed Bugs and Malfunctions

  • Reception of wrong Unicode does not cause unnecessary processing. US-ASCII
    fields are not decoded as Unicode.

    Own Id: OTP-19582
    Related Id(s): PR-9679

  • SSH daemon disconnects upon receiving connection protocol message for
    unauthenticated used.

    Thanks to Fabian Bäumer, Marcel Maehren, Marcus Brinkmann, Nurullah Erinola,
    Jörg Schwenk (Ruhr University Bochum).

    Own Id: OTP-19595
    Related Id(s): CVE-2025-32433

Full runtime dependencies of ssh-5.2.10

crypto-5.0, erts-14.0, kernel-9.0, public_key-1.6.1, runtime_tools-1.15.1,
stdlib-5.0, stdlib-6.0

ssl-11.2.12

Note! The ssl-11.2.12 application cannot be applied independently of other
applications on an arbitrary OTP 27 installation.

   On a full OTP 27 installation, also the following runtime
   dependency has to be satisfied:
   -- public_key-1.16.4 (first satisfied in OTP 27.1.3)

Improvements and New Features

  • Lower log level for user cancelation as this is not an error case. Also handle
    possible undecrypted close alert during TLS-1.3 handshake.

    Own Id: OTP-19592
    Related Id(s): PR-9566

Full runtime dependencies of ssl-11.2.12

crypto-5.0, erts-15.0, inets-5.10.7, kernel-9.0, public_key-1.16.4,
runtime_tools-1.15.1, stdlib-6.0

Thanks to

Simon Cornish

Assets 13
Loading