Patch Package OTP 23.3.4.19 Released

Erlang/OTP otp@REDACTED
Thu Jun 8 15:24:00 CEST 2023


Patch Package:           OTP 23.3.4.19
Git Tag:                 OTP-23.3.4.19
Date:                    2023-06-08
Trouble Report Id:       OTP-18321, OTP-18325, OTP-18365, OTP-18388,
                         OTP-18421, OTP-18463, OTP-18470, OTP-18525,
                         OTP-18570, OTP-18595
Seq num:                 ERIERL-944, GH-6465, GH-6466, GH-6873
System:                  OTP
Release:                 23
Application:             compiler-7.6.9.3, erts-11.2.2.18,
                         stdlib-3.14.2.3, xmerl-1.3.27.1
Predecessor:             OTP 23.3.4.18

 Check out the git tag OTP-23.3.4.19, and build a full OTP system
 including documentation. Apply one or more applications from this
 build as patches to your installation using the 'otp_patch_apply'
 tool. For information on install requirements, see descriptions for
 each application version below.

 ---------------------------------------------------------------------
 --- compiler-7.6.9.3 ------------------------------------------------
 ---------------------------------------------------------------------

 The compiler-7.6.9.3 application can be applied independently of
 other applications on a full OTP 23 installation.

 --- Fixed Bugs and Malfunctions ---

  OTP-18325    Application(s): compiler, stdlib
               Related Id(s): GH-6465, GH-6466

               It is not allowed to call functions from guards. The
               compiler failed to reject a call in a guard when done
               by constructing a record with a default initialization
               expression that called a function.


  OTP-18365    Application(s): compiler

               Fixed a bug that could cause legal code to fail
               validation.


  OTP-18470    Application(s): compiler
               Related Id(s): GH-6873, PR-6877

               The compiler would generate incorrect code for the
               following type of expression:

               Pattern = BoundVar1 = . . . = BoundVarN = Expression

               An exception should be raised if any of the bound
               variables have different values than Expression. The
               compiler would generate code that would cause the bound
               variables to be bound to the value of Expressionwhether
               the value matched or not.


 Full runtime dependencies of compiler-7.6.9.3: crypto-3.6, erts-11.0,
 hipe-3.12, kernel-7.0, stdlib-3.13


 ---------------------------------------------------------------------
 --- erts-11.2.2.18 --------------------------------------------------
 ---------------------------------------------------------------------

 Note! The erts-11.2.2.18 application *cannot* be applied
       independently of other applications on an arbitrary OTP 23
       installation.

       On a full OTP 23 installation, also the following runtime
       dependency has to be satisfied:
       -- kernel-7.3.1.5 (first satisfied in OTP 23.3.4.12)


 --- Fixed Bugs and Malfunctions ---

  OTP-18321    Application(s): erts

               Fix list_to_atom/1 for negative code points. Could
               either return with a positive code point or fail with
               an incorrect exception.


  OTP-18388    Application(s): erts
               Related Id(s): OTP-17462, PR-6662

               A race condition which was very rarely triggered could
               cause the signal queue of a process to become
               inconsistent causing the runtime system to crash.


  OTP-18421    Application(s): erts
               Related Id(s): PR-6806

               process_info(Pid, status) when Pid /= self() could
               return an erroneous result.


  OTP-18463    Application(s): erts
               Related Id(s): PR-6858

               In rare circumstances, when a process exceeded its
               allowed heap size set by option max_heap_size, it would
               not be killed as it should be, but instead enter a kind
               of zombie state it would never get out of.


  OTP-18525    Application(s): erts
               Related Id(s): PR-7049

               Implementations of the call() driver callback that
               returned a faulty encoded result could cause a memory
               leak and could cause invalid data on the heap of the
               processes calling erlang:port_call/3.


  OTP-18570    Application(s): erts
               Related Id(s): PR-7190

               If a runtime system which was starting the distribution
               already had existing pids, ports, or references
               referring to a node with the same nodename/creation
               pair that the runtime system was about to use, these
               already existing pids, ports, or references would not
               work as expected in various situations after the node
               had gone alive. This could only occur if the runtime
               system was communicated such pids, ports, or references
               prior to the distribution was started. That is, it was
               extremely unlikely to happen unless the distribution
               was started dynamically and was even then very unlikely
               to happen. The runtime system now checks for already
               existing pids, ports, and references with the same
               nodename/creation pair that it is about to use. If such
               are found another creation will be chosen in order to
               avoid these issues.


 Full runtime dependencies of erts-11.2.2.18: kernel-7.3.1.5,
 sasl-3.3, stdlib-3.13


 ---------------------------------------------------------------------
 --- stdlib-3.14.2.3 -------------------------------------------------
 ---------------------------------------------------------------------

 The stdlib-3.14.2.3 application can be applied independently of other
 applications on a full OTP 23 installation.

 --- Fixed Bugs and Malfunctions ---

  OTP-18325    Application(s): compiler, stdlib
               Related Id(s): GH-6465, GH-6466

               It is not allowed to call functions from guards. The
               compiler failed to reject a call in a guard when done
               by constructing a record with a default initialization
               expression that called a function.


 Full runtime dependencies of stdlib-3.14.2.3: compiler-5.0,
 crypto-3.3, erts-11.0, kernel-7.0, sasl-3.0


 ---------------------------------------------------------------------
 --- xmerl-1.3.27.1 --------------------------------------------------
 ---------------------------------------------------------------------

 The xmerl-1.3.27.1 application can be applied independently of other
 applications on a full OTP 23 installation.

 --- Fixed Bugs and Malfunctions ---

  OTP-18595    Application(s): xmerl
               Related Id(s): ERIERL-944

               New options to xmerl_scan and xmerl_sax_parser so one
               can limit the behaviour of the parsers to avoid some
               XML security issues.

               xmerl_scan gets one new option:

               -- {allow_entities, Boolean} -- Gives the possibility
               to disallow entities by setting this option to false
               (true is default)

               xmerl_sax_parser gets the following options:

               -- disallow_entities -- Don't allow entities in
               document

               -- {entity_recurse_limit, N} -- Set a limit on entity
               recursion depth (default is 3)

               -- {external_entities, AllowedType} -- Specify which
               types of external entities that are allowed, this also
               affect external DTD's. The types are all(default), file
               and none

               -- {fail_undeclared_ref, Boolean} -- Sets the behavior
               for undeclared references due to an external file is
               not parsed (true is default)

               The old option skip_external_dtd is still valid and the
               same as {external_entities, none} and
               {fail_undeclared_ref, false} but just affects DTD's and
               not other external references.


 Full runtime dependencies of xmerl-1.3.27.1: erts-6.0, kernel-3.0,
 stdlib-2.5


 ---------------------------------------------------------------------
 ---------------------------------------------------------------------
 ---------------------------------------------------------------------



More information about the erlang-announce mailing list