Navigation:
Browse pkgsrc
(this page)
New packages:Log Message:
erlang: Update to 23.2.6
upstream changes:
-----------------
Patch Package: OTP 23.2.6
Git Tag: OTP-23.2.6
Date: 2021-02-25
Trouble Report Id: OTP-17173, OTP-17205, OTP-17220
Seq num: ERIERL-581, ERIERL-608
System: OTP
Release: 23
Application: inets-7.3.2, ssh-4.10.8
Predecessor: OTP 23.2.5
Check out the git tag OTP-23.2.6, and build a full OTP system
including documentation. Apply one or more applications from this
build as patches to your installation using the 'otp_patch_apply'
tool. For information on install requirements, see descriptions for
each application version below.
---------------------------------------------------------------------
--- inets-7.3.2 -----------------------------------------------------
---------------------------------------------------------------------
The inets-7.3.2 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17205 Application(s): inets
Related Id(s): ERIERL-608
Solves CVE-2021-27563, that is make sure no form of
relative path can be used to go outside webservers
directory.
OTP-17220 Application(s): inets
Make sure HEAD requests rejects directory links
Full runtime dependencies of inets-7.3.2: erts-6.0, kernel-3.0,
mnesia-4.12, runtime_tools-1.8.14, ssl-5.3.4, stdlib-3.5
---------------------------------------------------------------------
--- ssh-4.10.8 ------------------------------------------------------
---------------------------------------------------------------------
The ssh-4.10.8 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17173 Application(s): ssh
Related Id(s): ERIERL-581
Don't timeout slow connection setups and tear-downs. A
rare crash risk for the controller is also removed.
Full runtime dependencies of ssh-4.10.8: crypto-4.6.4, erts-9.0,
kernel-5.3, public_key-1.6.1, stdlib-3.4.1
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
Patch Package: OTP 23.2.5
Git Tag: OTP-23.2.5
Date: 2021-02-16
Trouble Report Id: OTP-17185, OTP-17190, OTP-17191
Seq num: ERIERL-606, ERL-1476, GH-4192
System: OTP
Release: 23
Application: erts-11.1.8, ssl-10.2.3, tools-3.4.3
Predecessor: OTP 23.2.4
Check out the git tag OTP-23.2.5, and build a full OTP system
including documentation. Apply one or more applications from this
build as patches to your installation using the 'otp_patch_apply'
tool. For information on install requirements, see descriptions for
each application version below.
---------------------------------------------------------------------
--- erts-11.1.8 -----------------------------------------------------
---------------------------------------------------------------------
The erts-11.1.8 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17185 Application(s): erts
Fixed a bug that could cause some work scheduled for
execution on scheduler threads to be delayed until
other similar work appeared. Beside delaying various
cleanup of internal data structures also the following
could be delayed:
-- Termination of a distribution controller process
-- Disabling of the distribution on a node
-- Gathering of memory allocator information using the
instrument module
-- Enabling, disabling, and gathering of msacc
information
-- Delivery of 'CHANGE' messages when time offset is
monitored
-- A call to erlang:cancel_timer()
-- A call to erlang:read_timer()
-- A call to erlang:statistics(io | garbage_collection
| scheduler_wall_time)
-- A call to ets:all()
-- A call to erlang:memory()
-- A call to erlang:system_info({allocator |
allocator_sizes, _})
-- A call to erlang:trace_delivered()
The bug existed on runtime systems running on all types
of hardware except for x86/x86_64.
Full runtime dependencies of erts-11.1.8: kernel-7.0, sasl-3.3,
stdlib-3.13
---------------------------------------------------------------------
--- ssl-10.2.3 ------------------------------------------------------
---------------------------------------------------------------------
The ssl-10.2.3 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17190 Application(s): ssl
Related Id(s): ERIERL-606
Avoid race when the first two upgrade server handshakes
(that is servers that use a gen_tcp socket as input to
ssl:handshake/2,3) start close to each other. Could
lead to that one of the handshakes would fail.
Full runtime dependencies of ssl-10.2.3: crypto-4.2, erts-10.0,
inets-5.10.7, kernel-6.0, public_key-1.8, stdlib-3.12
---------------------------------------------------------------------
--- tools-3.4.3 -----------------------------------------------------
---------------------------------------------------------------------
The tools-3.4.3 application can be applied independently of other
applications on a full OTP 23 installation.
--- Fixed Bugs and Malfunctions ---
OTP-17191 Application(s): tools
Related Id(s): ERL-1476, GH-4192, OTP-16922
Correct the Xref analysis undefined_functions to not
report internally generated behaviour_info/1.
Full runtime dependencies of tools-3.4.3: compiler-5.0, erts-11.0,
erts-9.1, kernel-5.4, runtime_tools-1.8.14, stdlib-3.4
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
| Revision | Action | file |
| 1.104 | modify | pkgsrc/lang/erlang/Makefile |
| 1.53 | modify | pkgsrc/lang/erlang/Makefile.versions |
| 1.85 | modify | pkgsrc/lang/erlang/distinfo |
| 1.21 | modify | pkgsrc/lang/erlang/versions.mk |