| Patch Package | OTP 28.5.0.3 |
| Git Tag | OTP-28.5.0.3 |
| Date | 2026-07-02 |
| Issue Id |
CVE-2026-53422
CVE-2026-54886
CVE-2026-54887
CVE-2026-54891
CVE-2026-55950
CVE-2026-55952
ERIERL-1333
GH-SA-7wp4-pc27-2vj9
GH-SA-h9pw-h5w4-h976
|
| System | OTP |
| Release | 28 |
| Application |
common_test-1.30.0.1 #
The common_test-1.30.0.1 application can be applied independently of other applications on a full OTP 28 installation.
- OTP-20191
-
- Related Id(s):
-
ERIERL-1333, PR-11230
Fixed a crash in ct_netconfc that occurred when the remote server closed the SSH connection during NETCONF subsystem negotiation.
Full runtime dependencies of common_test-1.30.0.1
compiler-6.0, crypto-4.5, debugger-4.1, erts-7.0, ftp-1.0, inets-6.0, kernel-8.4, observer-2.1, runtime_tools-1.8.16, sasl-2.5, snmp-5.1.2, ssh-4.0, stdlib-4.0, syntax_tools-1.7, tools-3.2, xmerl-1.3.8
crypto-5.8.3.1 #
The crypto-5.8.3.1 application can be applied independently of other applications on a full OTP 28 installation.
- OTP-20215
-
- Related Id(s):
crypto:compute_key/4foreddhandcrypto:generate_key/2,3foreddh/eddsanow raise anerror:{notsup, Info, Description}exception instead of returning the atomnotsupwhen the underlying cryptolib lacks support.
Full runtime dependencies of crypto-5.8.3.1
erts-9.0, kernel-6.0, stdlib-3.9
erts-16.4.0.3 #
The erts-16.4.0.3 application can be applied independently of other applications on a full OTP 28 installation.
- OTP-20185
-
- Related Id(s):
Fixed an undefined behavior in the internal
erts_qsort()function, which could have been the cause of a beam crash seen when updating large maps. - OTP-20208
-
- Related Id(s):
Calculating
bxorof the largest supported positive integer (erlang:system_info(max_integer)) and-1would return[]instead of a raising asystem_limitexception. - OTP-20217
-
- Related Id(s):
Fix possible race between
ets:delete/1and terminating process with a fixation on the same table. - OTP-20226
-
- Related Id(s):
A few code generation issues for the JIT on AArch64 (ARM64) have been fixed.
For all platforms, the loader will reject some invalid BEAM files earlier.
- OTP-20211
-
- Related Id(s):
Arithmetic operations on large integers will now increase the reduction count for the process, causing context switches to occur more frequently when doing arithmetic on large integers.
Full runtime dependencies of erts-16.4.0.3
kernel-9.0, sasl-3.3, stdlib-4.1
kernel-10.6.3.3 #
The kernel-10.6.3.3 application can be applied independently of other applications on a full OTP 28 installation.
- OTP-20173
-
inet:info/1 could crash when calling for a closing (port) socket.
- OTP-20199
-
- Related Id(s):
Handling of the truncation bit in
inet_reshas been fixed so it properly falls back to querying over TCP after a truncated UDP reply.This fixes a bug introduced in OTP-28.4.2 - kernel-10.6.2 making a truncated UDP answer fail to parse and never execute the fallback, instead the name resolve operation fails.
Full runtime dependencies of kernel-10.6.3.3
crypto-5.0, erts-15.2.5, sasl-3.0, stdlib-7.0
public_key-1.20.3.3 #
Note! The public_key-1.20.3.3 application cannot be applied independently of other applications on an arbitrary OTP 28 installation.
On a full OTP 28 installation, also the following runtime
dependency has to be satisfied:
-- crypto-5.8 (first satisfied in OTP 28.3)
- OTP-20197
-
- Related Id(s):
Hardened OCSP response verification by using constant-time hash comparisons and rejecting responses exceeding 100 KB before ASN.1 decoding.
Full runtime dependencies of public_key-1.20.3.3
asn1-5.0, crypto-5.8, erts-13.0, kernel-8.0, stdlib-4.0
ssh-5.5.2.2 #
Note! The ssh-5.5.2.2 application cannot be applied independently of other applications on an arbitrary OTP 28 installation.
On a full OTP 28 installation, also the following runtime
dependency has to be satisfied:
-- crypto-5.7 (first satisfied in OTP 28.1)
- OTP-20183
-
- Related Id(s):
Fixed a path-existence oracle in the SFTP server where
SSH_FXP_REALPATHrequests with..components could bypass the configured root directory isolation, allowing an authenticated client to determine whether arbitrary paths exist on the host filesystem. - OTP-20186
-
- Related Id(s):
Fixed an infinite loop in the SFTP server triggered when receiving
SSH_MSG_CHANNEL_EXTENDED_DATAon an SFTP channel, which caused the channel process to spin indefinitely on CPU without consuming its message queue. - OTP-20196
-
- Related Id(s):
Fixed mlkem768x25519 hybrid key exchange failing intermittently with “incorrect signature” when the X25519 shared secret had a leading zero byte. The shared secret is now encoded as a fixed-width 32-byte string per the specification.
- OTP-20200
-
- Related Id(s):
The SFTP server now caps the read length in
SSH_FXP_READrequests to 255 KiB (matching OpenSSH’sSFTP_MAX_READ_LENGTH), preventing excessive memory allocation when clients request large reads. - OTP-20206
-
- Related Id(s):
Removed a server-side workaround (OTP-14827, introduced in OTP 20) that accepted SHA-1 user-auth signatures from clients identifying as OpenSSH 7.x when rsa-sha2-* was negotiated. The workaround addressed a distro-specific build issue in 2017 that no longer exists. Clients affected by this removal (extremely unlikely — requires a 10-year-old unpatched OpenSSH build) will see authentication failures and must upgrade.
Full runtime dependencies of ssh-5.5.2.2
crypto-5.7, erts-14.0, kernel-10.3, public_key-1.6.1, runtime_tools-1.15.1, stdlib-5.0, stdlib-6.0
ssl-11.6.0.3 #
Note! The ssl-11.6.0.3 application cannot be applied independently of other applications on an arbitrary OTP 28 installation.
On a full OTP 28 installation, also the following runtime
dependencies have to be satisfied:
-- crypto-5.8 (first satisfied in OTP 28.3)
-- public_key-1.20.3.1 (first satisfied in OTP 28.5.0.1)
- OTP-20190
-
- Related Id(s):
Correct small behavior bugs that occasionally could cause DTLS connection errors, unwanted behavior for legacy DHE_DSS, hiding of a distribution config error, and possible unorderly process tree shutdown.
- OTP-20194
-
- Related Id(s):
Initialize DTLS cookie to random value to avoid DoS attack with forged cookie during startup window.
- OTP-20207
-
- Related Id(s):
Guard TLS client for MITM injection of application data during “plain-text-window” during handshake.
- OTP-20216
-
- Related Id(s):
Improve error handling of TLS PSK sending ILLIGAL_PARMETER alert if binders and PSK-identities are not matched. Also mend recovery mechanism of ticket and session stores to be as resilient as possible to intermediate bugs.
- OTP-20220
-
- Related Id(s):
Fix race condition that could be used to DoS attack DTLS servers.
- OTP-20230
-
- Related Id(s):
A TLS-1.3 stateless session ticket with obfuscated_ticket_age set to zero was incorrectly accepted without checking the server-side ticket lifetime or the RFC 8446 Section 8.3 freshness window. The server now always validates ticket age using its own timestamp regardless of the client-reported age value.
- OTP-20231
-
- Related Id(s):
TLS-1.3 client rejects a second HelloRetryRequest as requiered in RFC 8446 Section 4.1.4
- OTP-20232
-
- Related Id(s):
A busy client node could self-trigger a ticket store crash if unlucky with scheduling if auto mode is used.
Full runtime dependencies of ssl-11.6.0.3
crypto-5.8, erts-16.0, inets-5.10.7, kernel-10.3, public_key-1.20.3.1, runtime_tools-1.15.1, stdlib-7.0
Thanks To #
Cole Christensen, Nick Krichevsky