Patch Package: OTP 24.1.2 Git Tag: OTP-24.1.2 Date: 2021-10-05 Trouble Report Id: OTP-17393, OTP-17657, OTP-17658, OTP-17659, OTP-17666, OTP-17668, OTP-17670, OTP-17672 Seq num: ERIERL-702, GH-5224, GH-5239 System: OTP Release: 24 Application: crypto-5.0.4, erts-12.1.2, kernel-8.1.2, public_key-1.11.3, ssl-10.5.1 Predecessor: OTP 24.1.1 Check out the git tag OTP-24.1.2, and build a full OTP system including documentation. Apply one or more applications from this build as patches to your installation using the 'otp_patch_apply' tool. For information on install requirements, see descriptions for each application version below. --------------------------------------------------------------------- --- crypto-5.0.4 ---------------------------------------------------- --------------------------------------------------------------------- The crypto-5.0.4 application can be applied independently of other applications on a full OTP 24 installation. --- Fixed Bugs and Malfunctions --- OTP-17668 Application(s): crypto Related Id(s): PR-5245 Fixed minor memory leak at crypto module purge. OTP-17672 Application(s): crypto Fix possible inconsistency in fips mode when linking with some cryptolibs. Full runtime dependencies of crypto-5.0.4: erts-9.0, kernel-5.3, stdlib-3.4 --------------------------------------------------------------------- --- erts-12.1.2 ----------------------------------------------------- --------------------------------------------------------------------- The erts-12.1.2 application can be applied independently of other applications on a full OTP 24 installation. --- Improvements and New Features --- OTP-17658 Application(s): erts The python scripts that existed in erts/lib_src/yielding_c_fun/lib/tiny_regex_c/scripts had a license that was incompatible with Erlang/OTP's license. This ticket removes these scripts that were not used by us. Full runtime dependencies of erts-12.1.2: kernel-8.0, sasl-3.3, stdlib-3.13 --------------------------------------------------------------------- --- kernel-8.1.2 ---------------------------------------------------- --------------------------------------------------------------------- The kernel-8.1.2 application can be applied independently of other applications on a full OTP 24 installation. --- Fixed Bugs and Malfunctions --- OTP-17659 Application(s): kernel Related Id(s): ERIERL-702 The undocumented DNS encode/decode module inet_dns has been cleaned up to handle the difference between "symbolic" and "raw" records in a more consistent manner. PR-5145/OTP-17584 introduced a change that contributed to an already existing confusion, which this correction should remedy. Full runtime dependencies of kernel-8.1.2: crypto-5.0, erts-12.0, sasl-3.0, stdlib-3.13 --------------------------------------------------------------------- --- public_key-1.11.3 ----------------------------------------------- --------------------------------------------------------------------- The public_key-1.11.3 application can be applied independently of other applications on a full OTP 24 installation. --- Fixed Bugs and Malfunctions --- OTP-17657 Application(s): public_key, ssl Avoid re-encoding of decoded certificates. This could cause unexpected failures as some subtle encoding errors can be tolerated when decoding but hence creating another sequence of bytes if the decoded value is re-encoded. Full runtime dependencies of public_key-1.11.3: asn1-3.0, crypto-3.8, erts-6.0, kernel-3.0, stdlib-3.5 --------------------------------------------------------------------- --- ssl-10.5.1 ------------------------------------------------------ --------------------------------------------------------------------- Note! The ssl-10.5.1 application *cannot* be applied independently of other applications on an arbitrary OTP 24 installation. On a full OTP 24 installation, also the following runtime dependency has to be satisfied: -- public_key-1.11.3 (first satisfied in OTP 24.1.2) --- Fixed Bugs and Malfunctions --- OTP-17393 Application(s): ssl Before that change, TLS downgrade could occasionally fail when data intended for downgraded socket were delivered together with CLOSE_NOTIFY alert to ssl app. OTP-17657 Application(s): public_key, ssl Avoid re-encoding of decoded certificates. This could cause unexpected failures as some subtle encoding errors can be tolerated when decoding but hence creating another sequence of bytes if the decoded value is re-encoded. OTP-17666 Application(s): ssl Related Id(s): GH-5239 Fix possible process leak when the process doing ssl:transport_accept dies before initiating the TLS handshake. OTP-17670 Application(s): ssl Related Id(s): GH-5224 Fix dtls memory leak, the replay window code was broken. Full runtime dependencies of ssl-10.5.1: crypto-5.0, erts-10.0, inets-5.10.7, kernel-8.0, public_key-1.11.3, runtime_tools-1.15.1, stdlib-3.12 --------------------------------------------------------------------- --------------------------------------------------------------------- ---------------------------------------------------------------------