Erlang/OTP 24.3.4.1

This release of Erlang/OTP can be built from source or installed using pre-built packages for your OS or third-party tools (such as kerl or asdf).

docker run -it erlang:24.3.4.1
Patch Package OTP 24.3.4.1
Git Tag OTP-24.3.4.1
Date 2022-06-08
Issue Id
System OTP
Release 24
Application

crypto-5.0.6.1 #

The crypto-5.0.6.1 application can be applied independently of other applications on a full OTP 24 installation.

OTP-17858
Application(s):
crypto
Related Id(s):
ERIERL-728

Fix timing bug in ensure_engine_loaded

When two ensure_engine_loaded() calls were done in parallel there was a possibility that a crypto lib function was called by both instead of just one of them which resulted in an error. This is solved by moving the implementation from erlang down into a NIF function that uses a mutex to protect the sensitive part.

Full runtime dependencies of crypto-5.0.6.1: erts-9.0, kernel-5.3, stdlib-3.4

erts-12.3.2.1 #

Note! The erts-12.3.2.1 application *cannot* be applied independently of other applications on an arbitrary OTP 24 installation. On a full OTP 24 installation, also the following runtime dependency has to be satisfied: -- kernel-8.3 (first satisfied in OTP 24.3)

OTP-18093
Application(s):
erts
Related Id(s):
OTP-18104 , PR-5987

Accept funs (NEW_FUN_EXT) with incorrectly encoded size field. This is a workaround for a bug (OTP-18104) existing in OTP 23 and 24 that could cause incorrect size fields in certain cases. The emulator does not use the decoded size field, but erl_interface still does and is not helped by this workaround.

OTP-18123
Application(s):
erts
Related Id(s):
GH-5994

The zlib built in to the runtime system has been updated to version 1.2.12. (Note that on most platforms, the platform's own zlib is used.)

Full runtime dependencies of erts-12.3.2.1: kernel-8.3, sasl-3.3, stdlib-3.13

mnesia-4.20.4.1 #

The mnesia-4.20.4.1 application can be applied independently of other applications on a full OTP 24 installation.

OTP-18128
Application(s):
mnesia
Related Id(s):
PR-6013

Fixed add_table_copy which could leave a table lock if the receiving node went down during the operation.

Full runtime dependencies of mnesia-4.20.4.1: erts-9.0, kernel-5.3, stdlib-3.4

ssh-4.13.2.1 #

The ssh-4.13.2.1 application can be applied independently of other applications on a full OTP 24 installation.

OTP-18094
Application(s):
ssh

Binaries can be limited in logs with the parameter max_log_item_len. The default value is 500 bytes.

Full runtime dependencies of ssh-4.13.2.1: crypto-5.0, erts-9.0, kernel-5.3, public_key-1.6.1, runtime_tools-1.15.1, stdlib-3.15

ssl-10.7.3.1 #

Note! The ssl-10.7.3.1 application *cannot* be applied independently of other applications on an arbitrary OTP 24 installation. On a full OTP 24 installation, also the following runtime dependency has to be satisfied: -- public_key-1.11.3 (first satisfied in OTP 24.1.2)

OTP-18087
Application(s):
ssl
Related Id(s):
GH-5961

When a TLS-1.3 enabled client tried to talk to a TLS-1.2 server that coalesces TLS-1.2 handshake message over one TLS record, the connection could fail due to some message being handled in the wrong state, this has been fixed.

OTP-18092
Application(s):
ssl
Related Id(s):
PR-5959

Fixed tls-1.3 session ticket lifetime which was discarded to quickly before.

OTP-18100
Application(s):
ssl
Related Id(s):
GH-5985

Correctly handles supported protocol version change from default to something else by sni_fun supplied to ssl:handshake/[2,3] together with a TCP-socket (so called upgrade).

OTP-18129
Application(s):
ssl
Related Id(s):
GH-5950

Also, TLS-1.3 should respond with a protocol version alert if previous versions, that are supported but not configured, are attempted.

OTP-18085
Application(s):
ssl

Enhance handling of handshake decoding errors, especially for certificate authorities extension to ensure graceful termination.

Full runtime dependencies of ssl-10.7.3.1: crypto-5.0, erts-10.0, inets-5.10.7, kernel-8.0, public_key-1.11.3, runtime_tools-1.15.1, stdlib-3.12