Patch Package OTP 22.2.5 Released
Erlang/OTP
otp@REDACTED
Mon Feb 3 13:25:36 CET 2020
Patch Package: OTP 22.2.5
Git Tag: OTP-22.2.5
Date: 2020-02-03
Trouble Report Id: OTP-16358, OTP-16436, OTP-16441
Seq num: ERL-1152
System: OTP
Release: 22
Application: erts-10.6.3, stdlib-3.11.2
Predecessor: OTP 22.2.4
Check out the git tag OTP-22.2.5, and build a full OTP system
including documentation. Apply one or more applications from this
build as patches to your installation using the 'otp_patch_apply'
tool. For information on install requirements, see descriptions for
each application version below.
---------------------------------------------------------------------
--- erts-10.6.3 -----------------------------------------------------
---------------------------------------------------------------------
Note! The erts-10.6.3 application *cannot* be applied independently
of other applications on an arbitrary OTP 22 installation.
On a full OTP 22 installation, also the following runtime
dependency has to be satisfied:
-- kernel-6.5.1 (first satisfied in OTP 22.2)
--- Fixed Bugs and Malfunctions ---
OTP-16436 Application(s): erts
Related Id(s): ERL-1152
A process could end up in a state where it got
endlessly rescheduled without making any progress. This
occurred when a system task, such as check of process
code (part of a code purge), was scheduled on a high
priority process trying to execute on a dirty
scheduler.
--- Improvements and New Features ---
OTP-16358 Application(s): erts
Improved signal handling for processes executing dirty.
For example, avoid busy wait in dirty signal handler
process when process is doing garbage collection on
dirty scheduler.
Full runtime dependencies of erts-10.6.3: kernel-6.5.1, sasl-3.3,
stdlib-3.5
---------------------------------------------------------------------
--- stdlib-3.11.2 ---------------------------------------------------
---------------------------------------------------------------------
Note! The stdlib-3.11.2 application *cannot* be applied independently
of other applications on an arbitrary OTP 22 installation.
On a full OTP 22 installation, also the following runtime
dependency has to be satisfied:
-- erts-10.6.2 (first satisfied in OTP 22.2.2)
--- Fixed Bugs and Malfunctions ---
OTP-16441 Application(s): stdlib
A directory traversal vulnerability has been eliminated
in erl_tar. erl_tar will now refuse to extract symlinks
that points outside the targeted extraction directory
and will return {error,{Path,unsafe_symlink}}. (Thanks
to Eric Meadows-Jönsson for the bug report and for
suggesting a fix.)
Full runtime dependencies of stdlib-3.11.2: compiler-5.0, crypto-3.3,
erts-10.6.2, kernel-6.0, sasl-3.0
---------------------------------------------------------------------
---------------------------------------------------------------------
---------------------------------------------------------------------
More information about the erlang-announce
mailing list