Otp 26.0.1 - Erlang/OTP

Erlang/OTP 26.0.1

Patch Package	OTP 26.0.1
Git Tag	OTP-26.0.1
Date	2023-06-08
Issue Id	ERIERL-944 GH-7213 GH-7247 GH-7248 GH-7251 GH-7252 GH-7259 GH-7264 GH-7282 GH-7288 GH-7297 GH-7301 GH-7303 GH-7338 GH-7339
System	OTP
Release	26
Application	compiler-8.3.1 erts-14.0.1 inets-9.0.1 kernel-9.0.1 ssl-11.0.1 stdlib-5.0.1 xmerl-1.3.32

compiler-8.3.1 #

The compiler-8.3.1 application can be applied independently of other applications on a full OTP 26 installation.

OTP-18576

Application(s):: compiler

Fixed a bug where a failing bsl expression in a guard threw an exception instead of causing the guard to fail.

OTP-18581

Application(s):: compiler
Related Id(s):: GH-7251

Fixed a bug that would case the validator to reject legal code.

OTP-18583

Application(s):: compiler
Related Id(s):: GH-7259

The compiler could re-order clauses matching binaries so that the incorrect clause would match. That could only happen for code that used the option {error_location,line} or for code without line or column number information (e.g. generated by a parse transform).

OTP-18593

Application(s):: compiler
Related Id(s):: GH-7252

Complex guard expression using the or operator and guard BIFs that can fail could sometimes be miscompiled so that the guard would succeed even if a call to a guard BIF failed.

OTP-18600

Application(s):: compiler
Related Id(s):: GH-7248

With optimizations disabled, a try/catch construct could return an incorrect value.

OTP-18601

Application(s):: compiler

In rare circumstance, a combination of binary construction and binary_part/3 would cause the compiler to generate unsafe code that would crash the runtime system.

OTP-18617

Application(s):: compiler
Related Id(s):: GH-7338

The compiler could be very slow when compiling guards with multiple guard tests separated with 'or' or ';'.

OTP-18619

Application(s):: compiler
Related Id(s):: GH-7339

Complex guard expressions using 'or' and map updates could succeed even if the map update failed.

Full runtime dependencies of compiler-8.3.1: crypto-5.1, erts-13.0, kernel-8.4, stdlib-5.0

erts-14.0.1 #

The erts-14.0.1 application can be applied independently of other applications on a full OTP 26 installation.

OTP-18585

Application(s):: erts
Related Id(s):: OTP-18029

Build of the socket nif failed on Solaris 11.

OTP-18587

Application(s):: erts

Fixed two reduction-counting bugs relating to binaries.

OTP-18597

Application(s):: erts

Constructing a binary segment not aligned with a byte boundary, with a size not fitting in 31 bits, and with a value not fitting in a 64-bit word could crash the runtime system.

OTP-18602

Application(s):: erts
Related Id(s):: GH-7282

When a binary construction failed because of bad size for a segment, the error information was not always correct.

OTP-18621

Application(s):: erts
Related Id(s):: GH-7288

Fixed a crash when calling a fun that was defined in a module that had been upgraded.

Full runtime dependencies of erts-14.0.1: kernel-9.0, sasl-3.3, stdlib-4.1

inets-9.0.1 #

The inets-9.0.1 application can be applied independently of other applications on a full OTP 26 installation.

OTP-18604

Application(s):: inets
Related Id(s):: GH-7303 , PR-7306

Do not make the default ssl options by calling httpc:ssl_verify_host_options(true) if ssl options are supplied by the user.

Full runtime dependencies of inets-9.0.1: erts-14.0, kernel-9.0, mnesia-4.12, public_key-1.13, runtime_tools-1.8.14, ssl-9.0, stdlib-5.0, stdlib-5.0

kernel-9.0.1 #

The kernel-9.0.1 application can be applied independently of other applications on a full OTP 26 installation.

OTP-18578

Application(s):: kernel, stdlib
Related Id(s):: GH-7213

The POSIX error exdev was sometimes incorrectly described as "cross domain link" in some error messages.

OTP-18584

Application(s):: kernel
Related Id(s):: #7238

Corrected the socket send function description (send with Timeout = nowait). The send function(s) could not return {ok, {RestData, SelectInfo}}

Full runtime dependencies of kernel-9.0.1: crypto-5.0, erts-14.0, sasl-3.0, stdlib-5.0

ssl-11.0.1 #

The ssl-11.0.1 application can be applied independently of other applications on a full OTP 26 installation.

OTP-18588

Application(s):: ssl
Related Id(s):: GH-7264 , PR-7277

Make sure that selection of client certificates handle both TLS-1.3 and TLS-1.2 names correctly. Could cause valid client certificate to not be selected, and an empty client certificate message to be sent to server.

OTP-18596

Application(s):: ssl
Related Id(s):: GH-7247

Improved ssl:format_error/1 to handle more error tuples.

OTP-18603

Application(s):: ssl
Related Id(s):: GH-7297

Fixed hanging ssl:connect when ssl application is not started.

OTP-18632

Application(s):: ssl
Related Id(s):: GH-7301 , PR-7300

Correct handling of retransmission timers, current behavior could cause unwanted delays.

Full runtime dependencies of ssl-11.0.1: crypto-5.0, erts-14.0, inets-5.10.7, kernel-9.0, public_key-1.11.3, runtime_tools-1.15.1, stdlib-4.1

stdlib-5.0.1 #

The stdlib-5.0.1 application can be applied independently of other applications on a full OTP 26 installation.

OTP-18578

Application(s):: kernel, stdlib
Related Id(s):: GH-7213

The POSIX error exdev was sometimes incorrectly described as "cross domain link" in some error messages.

Full runtime dependencies of stdlib-5.0.1: compiler-5.0, crypto-4.5, erts-13.1, kernel-9.0, sasl-3.0

xmerl-1.3.32 #

The xmerl-1.3.32 application can be applied independently of other applications on a full OTP 26 installation.

OTP-18595

Application(s):: xmerl
Related Id(s):: ERIERL-944

New options to xmerl_scan and xmerl_sax_parser so one can limit the behaviour of the parsers to avoid some XML security issues.

xmerl_scan gets one new option:

-- {allow_entities, Boolean} -- Gives the possibility to disallow entities by setting this option to false (true is default)

xmerl_sax_parser gets the following options:

-- disallow_entities -- Don't allow entities in document

-- {entity_recurse_limit, N} -- Set a limit on entity recursion depth (default is 3)

-- {external_entities, AllowedType} -- Specify which types of external entities that are allowed, this also affect external DTD's. The types are all(default), file and none

-- {fail_undeclared_ref, Boolean} -- Sets the behavior for undeclared references due to an external file is not parsed (true is default)

The old option skip_external_dtd is still valid and the same as {external_entities, none} and {fail_undeclared_ref, false} but just affects DTD's and not other external references.

Full runtime dependencies of xmerl-1.3.32: erts-6.0, kernel-3.0, stdlib-2.5