Patch Package: OTP 27.2.2 Git Tag: OTP-27.2.2 Date: 2025-02-06 Trouble Report Id: OTP-19240, OTP-19381, OTP-19411, OTP-19445, OTP-19455, OTP-19462 Seq num: ERIERL-1174, ERIERL-1177, GH-9112, GH-9117, GH-9177, GH-9208, PR-9273, PR-9286, PR-9322, PR-9356, PR-9372, PR-9377 System: OTP Release: 27 Application: compiler-8.5.5, erts-15.2.2, kernel-10.2.2, public_key-1.17.1, ssl-11.2.7 Predecessor: OTP 27.2.1 Check out the git tag OTP-27.2.2, and build a full OTP system including documentation. Apply one or more applications from this build as patches to your installation using the 'otp_patch_apply' tool. For information on install requirements, see descriptions for each application version below. # compiler-8.5.5 The compiler-8.5.5 application can be applied independently of other applications on a full OTP 27 installation. ## Fixed Bugs and Malfunctions - Eliminated a bug in the alias analysis pass that could potentially cause unsafe optimizations of binary construction or record updates. Own Id: OTP-19455 Related Id(s): PR-9356 > #### Full runtime dependencies of compiler-8.5.5 > > crypto-5.1, erts-13.0, kernel-8.4, stdlib-6.0 # erts-15.2.2 The erts-15.2.2 application can be applied independently of other applications on a full OTP 27 installation. ## Fixed Bugs and Malfunctions - Disabled an unsafe runtime optimization in binary construction that caused silent memory corruption. Own Id: OTP-19462 Related Id(s): ERIERL-1177, PR-9372 > #### Full runtime dependencies of erts-15.2.2 > > kernel-9.0, sasl-3.3, stdlib-4.1 # kernel-10.2.2 Note! The kernel-10.2.2 application _cannot_ be applied independently of other applications on an arbitrary OTP 27 installation. On a full OTP 27 installation, also the following runtime dependency has to be satisfied: -- erts-15.1 (first satisfied in OTP 27.1) ## Fixed Bugs and Malfunctions - Fixed a couple of bugs that could make `global`'s internal state inconsistent when a connection was reconnected. Own Id: OTP-19381 Related Id(s): GH-9112, GH-9117, PR-9377 > #### Full runtime dependencies of kernel-10.2.2 > > crypto-5.0, erts-15.1, sasl-3.0, stdlib-6.0 # public_key-1.17.1 The public_key-1.17.1 application can be applied independently of other applications on a full OTP 27 installation. ## Fixed Bugs and Malfunctions - Consider keyCertSign to compatible with extended key usage for TLS client/server auth in CAs, adhere to wide spread implementations Own Id: OTP-19240 Related Id(s): GH-9208, PR-9286 > #### Full runtime dependencies of public_key-1.17.1 > > asn1-5.0, crypto-5.0, erts-13.0, kernel-8.0, stdlib-4.0 # ssl-11.2.7 Note! The ssl-11.2.7 application _cannot_ be applied independently of other applications on an arbitrary OTP 27 installation. On a full OTP 27 installation, also the following runtime dependency has to be satisfied: -- public_key-1.16.4 (first satisfied in OTP 27.1.3) ## Fixed Bugs and Malfunctions - An initiated handshake should always be closed with an alert, some corner cases have been fixed so that this should always be the case. Own Id: OTP-19411 Related Id(s): ERIERL-1174, PR-9273 - Correct option handling to work properly for paused handshaking. Could result in unwanted alerts or or error messages. Own Id: OTP-19445 Related Id(s): GH-9177, PR-9322 > #### Full runtime dependencies of ssl-11.2.7 > > crypto-5.0, erts-15.0, inets-5.10.7, kernel-9.0, public_key-1.16.4, > runtime_tools-1.15.1, stdlib-6.0 # Thanks to Frej Drejhammar