diff --git a/erts/doc/notes.md b/erts/doc/notes.md index b6f3db9bd88f..d31e8f7549df 100644 --- a/erts/doc/notes.md +++ b/erts/doc/notes.md @@ -494,6 +494,20 @@ This document describes the changes made to the ERTS application. [PR-7809]: https://github.com/erlang/otp/pull/7809 [PR-7977]: https://github.com/erlang/otp/pull/7977 +## Erts 14.2.5.5 + +### Fixed Bugs and Malfunctions + +* Fix lock order violation if a NIF monitor `down` callback calls `enif_whereis_pid`. Would cause debug emulator to crash but could potentially lead to deadlocks in optimized emulator. + + Own Id: OTP-19330 Aux Id: GH-8983, PR-9008 +* gen_udp:send on domain local can leak inet_reply messages. + + Own Id: OTP-19332 Aux Id: #8989 +* net:getifaddrs does not properly report the running flag on windows. + + Own Id: OTP-19366 Aux Id: OTP-19061, ERIERL-1134 + ## Erts 14.2.5.4 ### Fixed Bugs and Malfunctions diff --git a/erts/emulator/test/nif_SUITE_data/nif_SUITE.c b/erts/emulator/test/nif_SUITE_data/nif_SUITE.c index 772c0eb3e13d..9e77ff94ee46 100644 --- a/erts/emulator/test/nif_SUITE_data/nif_SUITE.c +++ b/erts/emulator/test/nif_SUITE_data/nif_SUITE.c @@ -1,7 +1,7 @@ /* * %CopyrightBegin% * - * Copyright Ericsson AB 2009-2023. All Rights Reserved. + * Copyright Ericsson AB 2009-2024. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/lib/common_test/doc/notes.md b/lib/common_test/doc/notes.md index f9dae6badac8..8255e49fe2d6 100644 --- a/lib/common_test/doc/notes.md +++ b/lib/common_test/doc/notes.md @@ -122,6 +122,14 @@ limitations under the License. [GH-7972]: https://github.com/erlang/otp/issues/7972 [PR-8112]: https://github.com/erlang/otp/pull/8112 +## Common_Test 1.26.2.3 + +### Fixed Bugs and Malfunctions + +* With this change, cth_surefire hook module handles group path reduction for a skipped group. This fixes a bug manifesting with improper group path for a group executed after a group which was skipped. + + Own Id: OTP-19365 Aux Id: ERIERL-1157, PR-9080 + ## Common_Test 1.26.2.2 ### Improvements and New Features diff --git a/lib/common_test/test/ct_surefire_SUITE.erl b/lib/common_test/test/ct_surefire_SUITE.erl index 326874a88a00..75a42011d962 100644 --- a/lib/common_test/test/ct_surefire_SUITE.erl +++ b/lib/common_test/test/ct_surefire_SUITE.erl @@ -1,7 +1,7 @@ %% %% %CopyrightBegin% %% -%% Copyright Ericsson AB 2012-2022. All Rights Reserved. +%% Copyright Ericsson AB 2012-2024. All Rights Reserved. %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/lib/inets/doc/notes.md b/lib/inets/doc/notes.md index 440d273d2a6e..ba5b738c12f6 100644 --- a/lib/inets/doc/notes.md +++ b/lib/inets/doc/notes.md @@ -92,6 +92,14 @@ limitations under the License. [PR-8029]: https://github.com/erlang/otp/pull/8029 [PR-8026]: https://github.com/erlang/otp/pull/8026 +## Inets 9.1.0.2 + +### Fixed Bugs and Malfunctions + +* Fixed a bug where calling httpc:set_options/2 when one of keys: *ipfamily* or *unix_socket*, was not present, would cause the other value to get overriden by the default value. The validation of these options was also improved. + + Own Id: OTP-19379 Aux Id: PR-8878, GH-8829 + ## Inets 9.1.0.1 ### Fixed Bugs and Malfunctions diff --git a/lib/kernel/doc/notes.md b/lib/kernel/doc/notes.md index 525b715aec44..d67dba93d387 100644 --- a/lib/kernel/doc/notes.md +++ b/lib/kernel/doc/notes.md @@ -310,6 +310,20 @@ This document describes the changes made to the Kernel application. [#6724]: https://github.com/erlang/otp/issues/6724 [PR-8396]: https://github.com/erlang/otp/pull/8396 +## Kernel 9.2.4.4 + +### Fixed Bugs and Malfunctions + +* gen_udp:send on domain local can leak inet_reply messages. + + Own Id: OTP-19332 Aux Id: #8989 +* Failure to create an UDP IPv6 socket when inet_backend = socket with certain IPv6 socket options. + + Own Id: OTP-19357 +* net:getifaddrs does not properly report the running flag on windows. + + Own Id: OTP-19366 Aux Id: OTP-19061, ERIERL-1134 + ## Kernel 9.2.4.3 ### Fixed Bugs and Malfunctions diff --git a/lib/mnesia/doc/notes.md b/lib/mnesia/doc/notes.md index 6bc41bc3a894..38f16cb23886 100644 --- a/lib/mnesia/doc/notes.md +++ b/lib/mnesia/doc/notes.md @@ -41,6 +41,14 @@ is the version number of Mnesia. [PR-8026]: https://github.com/erlang/otp/pull/8026 +## Mnesia 4.23.1.1 + +### Fixed Bugs and Malfunctions + +* Mnesia could crash if table was deleted during checkpoint initialization. + + Own Id: OTP-19368 Aux Id: ERIERL-1154, PR-9093 + ## Mnesia 4.23.1 ### Fixed Bugs and Malfunctions diff --git a/lib/mnesia/test/mnesia_evil_coverage_test.erl b/lib/mnesia/test/mnesia_evil_coverage_test.erl index 3d99ebdf7a8e..db2903d77746 100644 --- a/lib/mnesia/test/mnesia_evil_coverage_test.erl +++ b/lib/mnesia/test/mnesia_evil_coverage_test.erl @@ -1,7 +1,7 @@ %% %% %CopyrightBegin% %% -%% Copyright Ericsson AB 1996-2022. All Rights Reserved. +%% Copyright Ericsson AB 1996-2024. All Rights Reserved. %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/lib/public_key/doc/notes.md b/lib/public_key/doc/notes.md index e9c1de1be5dd..68f8b67a7776 100644 --- a/lib/public_key/doc/notes.md +++ b/lib/public_key/doc/notes.md @@ -131,6 +131,17 @@ limitations under the License. [PR-8026]: https://github.com/erlang/otp/pull/8026 [PR-8233]: https://github.com/erlang/otp/pull/8233 +## Public_Key 1.15.1.4 + +### Fixed Bugs and Malfunctions + +* If both `ext-key-usage` and `key-usage` are defined for a certificate it should be checked that these usages are consistent with each other. This will have the affect that such certificates where the `ext-key-usages` is marked as critical and the usages is consistent with the `key-use` it can be considered valid without mandatory application specific checks for the `ext-key-useage` extension. + + Own Id: OTP-19240 Aux Id: PR-8840, OTP-19532 +* Handle decoding of EDDSA key properly, when decoding a PEM file that contains only the public EDDSA key. + + Own Id: OTP-19350 Aux Id: GH-9009, PR-9053 + ## Public_Key 1.15.1.3 ### Improvements and New Features diff --git a/lib/ssl/doc/notes.md b/lib/ssl/doc/notes.md index 3d978d6bbb09..362c65fa650f 100644 --- a/lib/ssl/doc/notes.md +++ b/lib/ssl/doc/notes.md @@ -207,6 +207,20 @@ This document describes the changes made to the SSL application. [PR-8250]: https://github.com/erlang/otp/pull/8250 [PR-8255]: https://github.com/erlang/otp/pull/8255 +## SSL 11.1.4.6 + +### Fixed Bugs and Malfunctions + +* If present, extended key-usage TLS (SSL) role check (`pk-clientAuth`, `pk-serverAuth`) should always be performed for peer-cert. An intermediate CA cert may relax the requirement if `AnyExtendedKeyUsage` purpose is present. + + In OTP-25.3.2.8, OTP-26.2 and OTP-27.0 these requirements became too relaxed. There where two problems, firstly the peer cert extension was only checked if it was marked critical, and secondly the CA cert check did not assert the relaxed `AnyExtendedKeyUsage` purpose. + + This could result in that certificates might be misused for purposes not intended by the certificate authority. + + Thanks to Bryan Paxton for reporting the issue. + + Own Id: OTP-19352 Aux Id: PR-9130, CVE-2024-53846, OTP-19240 + ## SSL 11.1.4.5 ### Fixed Bugs and Malfunctions diff --git a/lib/stdlib/doc/notes.md b/lib/stdlib/doc/notes.md index 6d56f7030820..c3a937179504 100644 --- a/lib/stdlib/doc/notes.md +++ b/lib/stdlib/doc/notes.md @@ -521,6 +521,14 @@ This document describes the changes made to the STDLIB application. [PR-8205]: https://github.com/erlang/otp/pull/8205 [PR-8111]: https://github.com/erlang/otp/pull/8111 +## STDLIB 5.2.3.3 + +### Fixed Bugs and Malfunctions + +* Fixed an error in uri_string:percent_decode spec + + Own Id: OTP-19380 Aux Id: GH-8755 + ## STDLIB 5.2.3.2 ### Fixed Bugs and Malfunctions diff --git a/otp_versions.table b/otp_versions.table index 0cbff5a9bf29..1d1f9897721c 100644 --- a/otp_versions.table +++ b/otp_versions.table @@ -3,6 +3,7 @@ OTP-27.1.1 : common_test-1.27.2 erts-15.1.1 public_key-1.16.3 ssl-11.2.3 stdlib- OTP-27.1 : asn1-5.3.1 common_test-1.27.1 compiler-8.5.2 crypto-5.5.1 dialyzer-5.2.1 diameter-2.4.1 edoc-1.3.2 erts-15.1 ftp-1.2.3 inets-9.3 kernel-10.1 odbc-2.15 public_key-1.16.2 runtime_tools-2.1.1 snmp-5.17 ssh-5.2.2 ssl-11.2.2 stdlib-6.1 syntax_tools-3.2.1 tftp-1.2.1 tools-4.1 wx-2.4.3 xmerl-2.1 # debugger-5.4 eldap-1.2.13 erl_interface-5.5.2 et-1.7.1 eunit-2.9.1 jinterface-1.14.1 megaco-4.6 mnesia-4.23.2 observer-2.16 os_mon-2.10 parsetools-2.6 reltool-1.0.1 sasl-4.2.2 : OTP-27.0.1 : compiler-8.5.1 edoc-1.3.1 erts-15.0.1 kernel-10.0.1 public_key-1.16.1 ssh-5.2.1 ssl-11.2.1 stdlib-6.0.1 # asn1-5.3 common_test-1.27 crypto-5.5 debugger-5.4 dialyzer-5.2 diameter-2.4 eldap-1.2.13 erl_interface-5.5.2 et-1.7.1 eunit-2.9.1 ftp-1.2.2 inets-9.2 jinterface-1.14.1 megaco-4.6 mnesia-4.23.2 observer-2.16 odbc-2.14.3 os_mon-2.10 parsetools-2.6 reltool-1.0.1 runtime_tools-2.1 sasl-4.2.2 snmp-5.16 syntax_tools-3.2 tftp-1.2 tools-4.0 wx-2.4.2 xmerl-2.0 : OTP-27.0 : asn1-5.3 common_test-1.27 compiler-8.5 crypto-5.5 debugger-5.4 dialyzer-5.2 diameter-2.4 edoc-1.3 eldap-1.2.13 erl_interface-5.5.2 erts-15.0 et-1.7.1 eunit-2.9.1 ftp-1.2.2 inets-9.2 jinterface-1.14.1 kernel-10.0 megaco-4.6 mnesia-4.23.2 observer-2.16 odbc-2.14.3 os_mon-2.10 parsetools-2.6 public_key-1.16 reltool-1.0.1 runtime_tools-2.1 sasl-4.2.2 snmp-5.16 ssh-5.2 ssl-11.2 stdlib-6.0 syntax_tools-3.2 tftp-1.2 tools-4.0 wx-2.4.2 xmerl-2.0 # : +OTP-26.2.5.6 : common_test-1.26.2.3 erts-14.2.5.5 inets-9.1.0.2 kernel-9.2.4.4 mnesia-4.23.1.1 public_key-1.15.1.4 ssl-11.1.4.6 stdlib-5.2.3.3 # asn1-5.2.2 compiler-8.4.3.2 crypto-5.4.2.3 debugger-5.3.4 dialyzer-5.1.3 diameter-2.3.2.2 edoc-1.2.1 eldap-1.2.12 erl_docgen-1.5.2 erl_interface-5.5.1 et-1.7 eunit-2.9 ftp-1.2.1.1 jinterface-1.14 megaco-4.5 observer-2.15.1 odbc-2.14.2 os_mon-2.9.1 parsetools-2.5 reltool-1.0 runtime_tools-2.0.1 sasl-4.2.1 snmp-5.15 ssh-5.1.4.4 syntax_tools-3.1 tftp-1.1.1 tools-3.6 wx-2.4.1 xmerl-1.3.34.1 : OTP-26.2.5.5 : common_test-1.26.2.2 crypto-5.4.2.3 ssh-5.1.4.4 ssl-11.1.4.5 # asn1-5.2.2 compiler-8.4.3.2 debugger-5.3.4 dialyzer-5.1.3 diameter-2.3.2.2 edoc-1.2.1 eldap-1.2.12 erl_docgen-1.5.2 erl_interface-5.5.1 erts-14.2.5.4 et-1.7 eunit-2.9 ftp-1.2.1.1 inets-9.1.0.1 jinterface-1.14 kernel-9.2.4.3 megaco-4.5 mnesia-4.23.1 observer-2.15.1 odbc-2.14.2 os_mon-2.9.1 parsetools-2.5 public_key-1.15.1.3 reltool-1.0 runtime_tools-2.0.1 sasl-4.2.1 snmp-5.15 stdlib-5.2.3.2 syntax_tools-3.1 tftp-1.1.1 tools-3.6 wx-2.4.1 xmerl-1.3.34.1 : OTP-26.2.5.4 : common_test-1.26.2.1 compiler-8.4.3.2 crypto-5.4.2.2 erts-14.2.5.4 inets-9.1.0.1 kernel-9.2.4.3 public_key-1.15.1.3 ssh-5.1.4.3 ssl-11.1.4.4 stdlib-5.2.3.2 xmerl-1.3.34.1 # asn1-5.2.2 debugger-5.3.4 dialyzer-5.1.3 diameter-2.3.2.2 edoc-1.2.1 eldap-1.2.12 erl_docgen-1.5.2 erl_interface-5.5.1 et-1.7 eunit-2.9 ftp-1.2.1.1 jinterface-1.14 megaco-4.5 mnesia-4.23.1 observer-2.15.1 odbc-2.14.2 os_mon-2.9.1 parsetools-2.5 reltool-1.0 runtime_tools-2.0.1 sasl-4.2.1 snmp-5.15 syntax_tools-3.1 tftp-1.1.1 tools-3.6 wx-2.4.1 : OTP-26.2.5.3 : compiler-8.4.3.1 diameter-2.3.2.2 erts-14.2.5.3 ftp-1.2.1.1 kernel-9.2.4.2 public_key-1.15.1.2 ssh-5.1.4.2 ssl-11.1.4.3 # asn1-5.2.2 common_test-1.26.2 crypto-5.4.2.1 debugger-5.3.4 dialyzer-5.1.3 edoc-1.2.1 eldap-1.2.12 erl_docgen-1.5.2 erl_interface-5.5.1 et-1.7 eunit-2.9 inets-9.1 jinterface-1.14 megaco-4.5 mnesia-4.23.1 observer-2.15.1 odbc-2.14.2 os_mon-2.9.1 parsetools-2.5 reltool-1.0 runtime_tools-2.0.1 sasl-4.2.1 snmp-5.15 stdlib-5.2.3.1 syntax_tools-3.1 tftp-1.1.1 tools-3.6 wx-2.4.1 xmerl-1.3.34 :