From e4c51b1798cd376408464d46613c325191ff26d0 Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Thu, 5 Dec 2024 12:26:01 +0100 Subject: [PATCH 1/3] Update copyright year --- lib/common_test/test/ct_surefire_SUITE.erl | 2 +- lib/ssl/test/ssl_trace_SUITE.erl | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/common_test/test/ct_surefire_SUITE.erl b/lib/common_test/test/ct_surefire_SUITE.erl index 326874a88a00..75a42011d962 100644 --- a/lib/common_test/test/ct_surefire_SUITE.erl +++ b/lib/common_test/test/ct_surefire_SUITE.erl @@ -1,7 +1,7 @@ %% %% %CopyrightBegin% %% -%% Copyright Ericsson AB 2012-2022. All Rights Reserved. +%% Copyright Ericsson AB 2012-2024. All Rights Reserved. %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/lib/ssl/test/ssl_trace_SUITE.erl b/lib/ssl/test/ssl_trace_SUITE.erl index 22155aee4020..af3b37ec2311 100644 --- a/lib/ssl/test/ssl_trace_SUITE.erl +++ b/lib/ssl/test/ssl_trace_SUITE.erl @@ -1,7 +1,7 @@ %% %% %CopyrightBegin% %% -%% Copyright Ericsson AB 2022-2023. All Rights Reserved. +%% Copyright Ericsson AB 2022-2024. All Rights Reserved. %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. From 4940c1c1329633ccca137295769217e9f56c30a7 Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Thu, 5 Dec 2024 12:26:20 +0100 Subject: [PATCH 2/3] Prepare release --- erts/doc/notes.md | 14 ++++++++++++++ erts/vsn.mk | 2 +- lib/common_test/doc/notes.md | 19 +++++++++++++++++++ lib/common_test/vsn.mk | 2 +- lib/compiler/doc/notes.md | 17 +++++++++++++++++ lib/compiler/vsn.mk | 2 +- lib/kernel/doc/notes.md | 22 ++++++++++++++++++++++ lib/kernel/src/kernel.appup.src | 2 ++ lib/kernel/vsn.mk | 2 +- lib/public_key/doc/notes.md | 16 ++++++++++++++++ lib/public_key/vsn.mk | 2 +- lib/ssh/doc/notes.md | 11 +++++++++++ lib/ssh/vsn.mk | 2 +- lib/ssl/doc/notes.md | 29 +++++++++++++++++++++++++++++ lib/ssl/vsn.mk | 2 +- make/otp_version_tickets | 28 ++++++++++++++-------------- 16 files changed, 151 insertions(+), 21 deletions(-) diff --git a/erts/doc/notes.md b/erts/doc/notes.md index a3cbad775ad3..d5ffff9ec540 100644 --- a/erts/doc/notes.md +++ b/erts/doc/notes.md @@ -21,6 +21,20 @@ limitations under the License. This document describes the changes made to the ERTS application. +## Erts 15.1.3 + +### Fixed Bugs and Malfunctions + +- gen_udp:send on domain local can leak inet_reply messages. + + Own Id: OTP-19332 Aux Id: [#8989] + +- net:getifaddrs does not properly report the running flag on windows. + + Own Id: OTP-19366 Aux Id: OTP-19061, ERIERL-1134 + +[#8989]: https://github.com/erlang/otp/issues/8989 + ## Erts 15.1.2 ### Fixed Bugs and Malfunctions diff --git a/erts/vsn.mk b/erts/vsn.mk index 0c3583360449..131f9922cf9d 100644 --- a/erts/vsn.mk +++ b/erts/vsn.mk @@ -18,7 +18,7 @@ # %CopyrightEnd% # -VSN = 15.1.2 +VSN = 15.1.3 # Port number 4365 in 4.2 # Port number 4366 in 4.3 diff --git a/lib/common_test/doc/notes.md b/lib/common_test/doc/notes.md index 6608c20a4505..e2c09838a424 100644 --- a/lib/common_test/doc/notes.md +++ b/lib/common_test/doc/notes.md @@ -19,6 +19,25 @@ limitations under the License. --> # Common Test Release Notes +## Common_Test 1.27.4 + +### Fixed Bugs and Malfunctions + +- With this change, cth_surefire hook module handles group path reduction for a skipped group. This fixes a bug manifesting with improper group path for a group executed after a group which was skipped. + + Own Id: OTP-19365 Aux Id: ERIERL-1157, [PR-9080] + +[PR-9080]: https://github.com/erlang/otp/pull/9080 + +### Improvements and New Features + +- With this change, prefix option can be specified in cth_conn_log option list. Option allows to specify how much of additional information is added in raw log output. + + Own Id: OTP-19293 Aux Id: ERIERL-1139, [PR-8924], [PR-8931] + +[PR-8924]: https://github.com/erlang/otp/pull/8924 +[PR-8931]: https://github.com/erlang/otp/pull/8931 + ## Common_Test 1.27.3 ### Fixed Bugs and Malfunctions diff --git a/lib/common_test/vsn.mk b/lib/common_test/vsn.mk index dc1873d19d09..3387a8548f0c 100644 --- a/lib/common_test/vsn.mk +++ b/lib/common_test/vsn.mk @@ -1 +1 @@ -COMMON_TEST_VSN = 1.27.3 +COMMON_TEST_VSN = 1.27.4 diff --git a/lib/compiler/doc/notes.md b/lib/compiler/doc/notes.md index f2c164ce2675..134a1aaa587e 100644 --- a/lib/compiler/doc/notes.md +++ b/lib/compiler/doc/notes.md @@ -21,6 +21,23 @@ limitations under the License. This document describes the changes made to the Compiler application. +## Compiler 8.5.3 + +### Fixed Bugs and Malfunctions + +- In rare circumstances, the destructive tuple update optimization could be applied when it was unsafe. + + Own Id: OTP-19340 Aux Id: [GH-9014], [PR-9024] + +- In rare circumstances involving appending to multiple binaries, the compile could emit unsafe code that would crash the runtime system. + + Own Id: OTP-19374 Aux Id: [GH-9100], [PR-9111] + +[GH-9014]: https://github.com/erlang/otp/issues/9014 +[PR-9024]: https://github.com/erlang/otp/pull/9024 +[GH-9100]: https://github.com/erlang/otp/issues/9100 +[PR-9111]: https://github.com/erlang/otp/pull/9111 + ## Compiler 8.5.2 ### Fixed Bugs and Malfunctions diff --git a/lib/compiler/vsn.mk b/lib/compiler/vsn.mk index 1d2029f42c9f..c9d6e4aeaa68 100644 --- a/lib/compiler/vsn.mk +++ b/lib/compiler/vsn.mk @@ -1 +1 @@ -COMPILER_VSN = 8.5.2 +COMPILER_VSN = 8.5.3 diff --git a/lib/kernel/doc/notes.md b/lib/kernel/doc/notes.md index 9f4cee42a5b2..d10b98b4cefa 100644 --- a/lib/kernel/doc/notes.md +++ b/lib/kernel/doc/notes.md @@ -21,6 +21,28 @@ limitations under the License. This document describes the changes made to the Kernel application. +## Kernel 10.1.2 + +### Fixed Bugs and Malfunctions + +- On windows the socket:recv could return with success ({ok, Data}) even though not all data had been read. + + Own Id: OTP-19328 + +- gen_udp:send on domain local can leak inet_reply messages. + + Own Id: OTP-19332 Aux Id: [#8989] + +- Failure to create an UDP IPv6 socket when inet_backend = socket with certain IPv6 socket options. + + Own Id: OTP-19357 + +- net:getifaddrs does not properly report the running flag on windows. + + Own Id: OTP-19366 Aux Id: OTP-19061, ERIERL-1134 + +[#8989]: https://github.com/erlang/otp/issues/8989 + ## Kernel 10.1.1 ### Fixed Bugs and Malfunctions diff --git a/lib/kernel/src/kernel.appup.src b/lib/kernel/src/kernel.appup.src index 8a880ba66113..d4ca3a5e939a 100644 --- a/lib/kernel/src/kernel.appup.src +++ b/lib/kernel/src/kernel.appup.src @@ -33,6 +33,7 @@ {<<"^10\\.0\\.1(?:\\.[0-9]+)*$">>,[restart_new_emulator]}, {<<"^10\\.1$">>,[restart_new_emulator]}, {<<"^10\\.1\\.0(?:\\.[0-9]+)+$">>,[restart_new_emulator]}, + {<<"^10\\.1\\.1(?:\\.[0-9]+)*$">>,[restart_new_emulator]}, {<<"^8\\.4$">>,[restart_new_emulator]}, {<<"^8\\.4\\.0(?:\\.[0-9]+)+$">>,[restart_new_emulator]}, {<<"^8\\.4\\.1(?:\\.[0-9]+)*$">>,[restart_new_emulator]}, @@ -60,6 +61,7 @@ {<<"^10\\.0\\.1(?:\\.[0-9]+)*$">>,[restart_new_emulator]}, {<<"^10\\.1$">>,[restart_new_emulator]}, {<<"^10\\.1\\.0(?:\\.[0-9]+)+$">>,[restart_new_emulator]}, + {<<"^10\\.1\\.1(?:\\.[0-9]+)*$">>,[restart_new_emulator]}, {<<"^8\\.4$">>,[restart_new_emulator]}, {<<"^8\\.4\\.0(?:\\.[0-9]+)+$">>,[restart_new_emulator]}, {<<"^8\\.4\\.1(?:\\.[0-9]+)*$">>,[restart_new_emulator]}, diff --git a/lib/kernel/vsn.mk b/lib/kernel/vsn.mk index 8554446bc628..0847d6085c77 100644 --- a/lib/kernel/vsn.mk +++ b/lib/kernel/vsn.mk @@ -1 +1 @@ -KERNEL_VSN = 10.1.1 +KERNEL_VSN = 10.1.2 diff --git a/lib/public_key/doc/notes.md b/lib/public_key/doc/notes.md index 4a02110905d2..45a38171d1f3 100644 --- a/lib/public_key/doc/notes.md +++ b/lib/public_key/doc/notes.md @@ -19,6 +19,22 @@ limitations under the License. --> # Public_Key Release Notes +## Public_Key 1.16.4 + +### Fixed Bugs and Malfunctions + +- If both `ext-key-usage` and `key-usage` are defined for a certificate it should be checked that these usages are consistent with each other. This will have the affect that such certificates where the `ext-key-usages` is marked as critical and the usages is consistent with the `key-use` it can be considered valid without mandatory application specific checks for the `ext-key-useage` extension. + + Own Id: OTP-19240 Aux Id: [PR-8840], OTP-19532 + +- Handle decoding of EDDSA key properly, when decoding a PEM file that contains only the public EDDSA key. + + Own Id: OTP-19350 Aux Id: [GH-9009], [PR-9053] + +[PR-8840]: https://github.com/erlang/otp/pull/8840 +[GH-9009]: https://github.com/erlang/otp/issues/9009 +[PR-9053]: https://github.com/erlang/otp/pull/9053 + ## Public_Key 1.16.3 ### Fixed Bugs and Malfunctions diff --git a/lib/public_key/vsn.mk b/lib/public_key/vsn.mk index 7900b9ae2800..b40235334e82 100644 --- a/lib/public_key/vsn.mk +++ b/lib/public_key/vsn.mk @@ -1 +1 @@ -PUBLIC_KEY_VSN = 1.16.3 +PUBLIC_KEY_VSN = 1.16.4 diff --git a/lib/ssh/doc/notes.md b/lib/ssh/doc/notes.md index 076c85f0244f..da658fd8994f 100644 --- a/lib/ssh/doc/notes.md +++ b/lib/ssh/doc/notes.md @@ -19,6 +19,17 @@ limitations under the License. --> # SSH Release Notes +## Ssh 5.2.4 + +### Fixed Bugs and Malfunctions + +- With this change, ssh connection does not crash upon receiving exit-signal message for an already terminated channel. + + Own Id: OTP-19326 Aux Id: [PR-8995], [GH-8929] + +[PR-8995]: https://github.com/erlang/otp/pull/8995 +[GH-8929]: https://github.com/erlang/otp/issues/8929 + ## Ssh 5.2.3 ### Fixed Bugs and Malfunctions diff --git a/lib/ssh/vsn.mk b/lib/ssh/vsn.mk index 4531c4840c28..4a9a6f779600 100644 --- a/lib/ssh/vsn.mk +++ b/lib/ssh/vsn.mk @@ -1,4 +1,4 @@ #-*-makefile-*- ; force emacs to enter makefile-mode -SSH_VSN = 5.2.3 +SSH_VSN = 5.2.4 APP_VSN = "ssh-$(SSH_VSN)" diff --git a/lib/ssl/doc/notes.md b/lib/ssl/doc/notes.md index 0004417ec35b..ff34bbe9d4c6 100644 --- a/lib/ssl/doc/notes.md +++ b/lib/ssl/doc/notes.md @@ -21,6 +21,35 @@ limitations under the License. This document describes the changes made to the SSL application. +## SSL 11.2.5 + +### Fixed Bugs and Malfunctions + +- Avoid generating an internal alert for case that should have been an orderly shutdown by the supervisor. + + Own Id: OTP-19311 Aux Id: [PR-8980] + +- If present, extended key-usage TLS (SSL) role check (`pk-clientAuth`, `pk-serverAuth`) should always be performed for peer-cert. An intermediate CA cert may relax the requirement if `AnyExtendedKeyUsage` purpose is present. + + In OTP-25.3.2.8, OTP-26.2 and OTP-27.0 these requirements became too relaxed. There where two problems, firstly the peer cert extension was only checked if it was marked critical, and secondly the CA cert check did not assert the relaxed `AnyExtendedKeyUsage` purpose. + + This could result in that certificates might be misused for purposes not intended by the certificate authority. + + Thanks to Bryan Paxton for reporting the issue. + + Own Id: OTP-19352 Aux Id: [PR-9130], CVE-2024-53846, OTP-19240 + +[PR-8980]: https://github.com/erlang/otp/pull/8980 +[PR-9130]: https://github.com/erlang/otp/pull/9130 + +### Improvements and New Features + +- Back port certificate_authorities option for TLS-1.3 servers to pre TLS-1.3 servers to enable them to disable the sending of certificate authorities in their certificate request. This will have same affect as the the TLS-1.3 server option although it is handled by a different mechanism in these versions, where the functionality is described to be more of a guidance, although some pre TLS clients have proven to make it mandatory as in TLS-1.3 extension handling. + + Own Id: OTP-19325 Aux Id: [PR-9001], ERIERL-1147 + +[PR-9001]: https://github.com/erlang/otp/pull/9001 + ## SSL 11.2.4 ### Fixed Bugs and Malfunctions diff --git a/lib/ssl/vsn.mk b/lib/ssl/vsn.mk index a93a55b2c31e..e1f8663b3bbd 100644 --- a/lib/ssl/vsn.mk +++ b/lib/ssl/vsn.mk @@ -1 +1 @@ -SSL_VSN = 11.2.4 +SSL_VSN = 11.2.5 diff --git a/make/otp_version_tickets b/make/otp_version_tickets index da68204bb657..72be3386052f 100644 --- a/make/otp_version_tickets +++ b/make/otp_version_tickets @@ -1,14 +1,14 @@ -OTP-19124 -OTP-19235 -OTP-19246 -OTP-19247 -OTP-19249 -OTP-19258 -OTP-19265 -OTP-19266 -OTP-19267 -OTP-19268 -OTP-19269 -OTP-19274 -OTP-19286 -OTP-19288 +OTP-19240 +OTP-19293 +OTP-19311 +OTP-19325 +OTP-19326 +OTP-19328 +OTP-19332 +OTP-19340 +OTP-19350 +OTP-19352 +OTP-19357 +OTP-19365 +OTP-19366 +OTP-19374 From 800613cca84970750658b294ddd7977843b3bc5d Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Thu, 5 Dec 2024 12:26:22 +0100 Subject: [PATCH 3/3] Updated OTP version --- OTP_VERSION | 2 +- otp_versions.table | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/OTP_VERSION b/OTP_VERSION index c859fa17d6c9..3512630d4254 100644 --- a/OTP_VERSION +++ b/OTP_VERSION @@ -1 +1 @@ -27.1.2 +27.1.3 diff --git a/otp_versions.table b/otp_versions.table index 07f0445b971c..2dcf1695ff86 100644 --- a/otp_versions.table +++ b/otp_versions.table @@ -1,3 +1,4 @@ +OTP-27.1.3 : common_test-1.27.4 compiler-8.5.3 erts-15.1.3 kernel-10.1.2 public_key-1.16.4 ssh-5.2.4 ssl-11.2.5 # asn1-5.3.1 crypto-5.5.1 debugger-5.4 dialyzer-5.2.1 diameter-2.4.1 edoc-1.3.2 eldap-1.2.13 erl_interface-5.5.2 et-1.7.1 eunit-2.9.1 ftp-1.2.3 inets-9.3 jinterface-1.14.1 megaco-4.6 mnesia-4.23.2 observer-2.16 odbc-2.15 os_mon-2.10 parsetools-2.6 reltool-1.0.1 runtime_tools-2.1.1 sasl-4.2.2 snmp-5.17 stdlib-6.1.2 syntax_tools-3.2.1 tftp-1.2.1 tools-4.1 wx-2.4.3 xmerl-2.1 : OTP-27.1.2 : common_test-1.27.3 erts-15.1.2 kernel-10.1.1 ssh-5.2.3 ssl-11.2.4 stdlib-6.1.2 # asn1-5.3.1 compiler-8.5.2 crypto-5.5.1 debugger-5.4 dialyzer-5.2.1 diameter-2.4.1 edoc-1.3.2 eldap-1.2.13 erl_interface-5.5.2 et-1.7.1 eunit-2.9.1 ftp-1.2.3 inets-9.3 jinterface-1.14.1 megaco-4.6 mnesia-4.23.2 observer-2.16 odbc-2.15 os_mon-2.10 parsetools-2.6 public_key-1.16.3 reltool-1.0.1 runtime_tools-2.1.1 sasl-4.2.2 snmp-5.17 syntax_tools-3.2.1 tftp-1.2.1 tools-4.1 wx-2.4.3 xmerl-2.1 : OTP-27.1.1 : common_test-1.27.2 erts-15.1.1 public_key-1.16.3 ssl-11.2.3 stdlib-6.1.1 # asn1-5.3.1 compiler-8.5.2 crypto-5.5.1 debugger-5.4 dialyzer-5.2.1 diameter-2.4.1 edoc-1.3.2 eldap-1.2.13 erl_interface-5.5.2 et-1.7.1 eunit-2.9.1 ftp-1.2.3 inets-9.3 jinterface-1.14.1 kernel-10.1 megaco-4.6 mnesia-4.23.2 observer-2.16 odbc-2.15 os_mon-2.10 parsetools-2.6 reltool-1.0.1 runtime_tools-2.1.1 sasl-4.2.2 snmp-5.17 ssh-5.2.2 syntax_tools-3.2.1 tftp-1.2.1 tools-4.1 wx-2.4.3 xmerl-2.1 : OTP-27.1 : asn1-5.3.1 common_test-1.27.1 compiler-8.5.2 crypto-5.5.1 dialyzer-5.2.1 diameter-2.4.1 edoc-1.3.2 erts-15.1 ftp-1.2.3 inets-9.3 kernel-10.1 odbc-2.15 public_key-1.16.2 runtime_tools-2.1.1 snmp-5.17 ssh-5.2.2 ssl-11.2.2 stdlib-6.1 syntax_tools-3.2.1 tftp-1.2.1 tools-4.1 wx-2.4.3 xmerl-2.1 # debugger-5.4 eldap-1.2.13 erl_interface-5.5.2 et-1.7.1 eunit-2.9.1 jinterface-1.14.1 megaco-4.6 mnesia-4.23.2 observer-2.16 os_mon-2.10 parsetools-2.6 reltool-1.0.1 sasl-4.2.2 :