Patch Package OTP 25.3.2.1 Released

Erlang/OTP otp@REDACTED
Tue May 30 16:18:56 CEST 2023


Patch Package:           OTP 25.3.2.1
Git Tag:                 OTP-25.3.2.1
Date:                    2023-05-30
Trouble Report Id:       OTP-18556, OTP-18561, OTP-18569, OTP-18576,
                         OTP-18593, OTP-18595, OTP-18597
Seq num:                 ERIERL-944, GH-7252
System:                  OTP
Release:                 25
Application:             compiler-8.2.6.1, erts-13.2.2.1,
                         stdlib-4.3.1.1, xmerl-1.3.31.1
Predecessor:             OTP 25.3.2

 Check out the git tag OTP-25.3.2.1, and build a full OTP system
 including documentation. Apply one or more applications from this
 build as patches to your installation using the 'otp_patch_apply'
 tool. For information on install requirements, see descriptions for
 each application version below.

 ---------------------------------------------------------------------
 --- compiler-8.2.6.1 ------------------------------------------------
 ---------------------------------------------------------------------

 The compiler-8.2.6.1 application can be applied independently of
 other applications on a full OTP 25 installation.

 --- Fixed Bugs and Malfunctions ---

  OTP-18576    Application(s): compiler

               Fixed a bug where a failing bsl expression in a guard
               threw an exception instead of causing the guard to
               fail.


  OTP-18593    Application(s): compiler
               Related Id(s): GH-7252

               Complex guard expression using the or operator and
               guard BIFs that can fail could sometimes be miscompiled
               so that the guard would succeed even if a call to a
               guard BIF failed.


 Full runtime dependencies of compiler-8.2.6.1: crypto-5.1, erts-13.0,
 kernel-8.4, stdlib-4.0


 ---------------------------------------------------------------------
 --- erts-13.2.2.1 ---------------------------------------------------
 ---------------------------------------------------------------------

 Note! The erts-13.2.2.1 application *cannot* be applied independently
       of other applications on an arbitrary OTP 25 installation.

       On a full OTP 25 installation, also the following runtime
       dependencies have to be satisfied:
       -- kernel-8.5 (first satisfied in OTP 25.1)
       -- stdlib-4.1 (first satisfied in OTP 25.1)


 --- Fixed Bugs and Malfunctions ---

  OTP-18561    Application(s): erts

               Fixed a crash during tracing on certain platforms that
               cannot use the machine stack for Erlang code (mainly
               OpenBSD and Linux with musl).


  OTP-18597    Application(s): erts

               Constructing a binary segment not aligned with a byte
               boundary, with a size not fitting in 31 bits, and with
               a value not fitting in a 64-bit word could crash the
               runtime system.


 --- Improvements and New Features ---

  OTP-18569    Application(s): erts

               Further robustify implementation of large maps (> 32
               keys). Keys that happen to have same internal 32-bit
               hash values are now put in collision nodes which are
               traversed with linear search. This removes the demand
               for the internal hash function when salted to
               eventually produce different hashes for all possible
               pairs of unequal terms.


 Full runtime dependencies of erts-13.2.2.1: kernel-8.5, sasl-3.3,
 stdlib-4.1


 ---------------------------------------------------------------------
 --- stdlib-4.3.1.1 --------------------------------------------------
 ---------------------------------------------------------------------

 Note! The stdlib-4.3.1.1 application *cannot* be applied
       independently of other applications on an arbitrary OTP 25
       installation.

       On a full OTP 25 installation, also the following runtime
       dependencies have to be satisfied:
       -- erts-13.1 (first satisfied in OTP 25.1)
       -- kernel-8.5.1 (first satisfied in OTP 25.1.1)


 --- Improvements and New Features ---

  OTP-18556    Application(s): stdlib

               Static supervisors are very idle processes after they
               have started so they will now be hibernated after start
               to improve resource management.


 Full runtime dependencies of stdlib-4.3.1.1: compiler-5.0,
 crypto-4.5, erts-13.1, kernel-8.5.1, sasl-3.0


 ---------------------------------------------------------------------
 --- xmerl-1.3.31.1 --------------------------------------------------
 ---------------------------------------------------------------------

 The xmerl-1.3.31.1 application can be applied independently of other
 applications on a full OTP 25 installation.

 --- Fixed Bugs and Malfunctions ---

  OTP-18595    Application(s): xmerl
               Related Id(s): ERIERL-944

               New options to xmerl_scan and xmerl_sax_parser so one
               can limit the behaviour of the parsers to avoid some
               XML security issues.

               xmerl_scan gets one new option:

               -- {allow_entities, Boolean} -- Gives the possibility
               to disallow entities by setting this option to false
               (true is default)

               xmerl_sax_parser gets the following options:

               -- disallow_entities -- Don't allow entities in
               document

               -- {entity_recurse_limit, N} -- Set a limit on entity
               recursion depth (default is 3)

               -- {external_entities, AllowedType} -- Specify which
               types of external entities that are allowed, this also
               affect external DTD's. The types are all(default), file
               and none

               -- {fail_undeclared_ref, Boolean} -- Sets the behavior
               for undeclared references due to an external file is
               not parsed (true is default)

               The old option skip_external_dtd is still valid and the
               same as {external_entities, none} and
               {fail_undeclared_ref, false} but just affects DTD's and
               not other external references.


 Full runtime dependencies of xmerl-1.3.31.1: erts-6.0, kernel-3.0,
 stdlib-2.5


 ---------------------------------------------------------------------
 ---------------------------------------------------------------------
 ---------------------------------------------------------------------



More information about the erlang-announce mailing list