Patch package OTP 18.3.4.6 released

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Patch package OTP 18.3.4.6 released

Hans Nilsson R (AL/EAB)
Patch Package:           OTP 18.3.4.6
Git Tag:                 OTP-18.3.4.6
Date:                    2017-11-16
Trouble Report Id:       OTP-14491, OTP-14514, OTP-14522, OTP-14548,
                         OTP-14590, OTP-14763, OTP-14765
Seq num:                 ERIERL-48, ERIERL-74, ERL-468, ERL-474
System:                  OTP
Release:                 18
Application:             compiler-6.0.3.1, eldap-1.2.1.1,
                         erts-7.3.1.4, ssh-4.2.2.4
Predecessor:             OTP 18.3.4.5

 Check out the git tag OTP-18.3.4.6, and build a full OTP system
 including documentation. Apply one or more applications from this
 build as patches to your installation using the 'otp_patch_apply'
 tool. For information on install requirements, see descriptions for
 each application version below.

 ---------------------------------------------------------------------
 --- compiler-6.0.3.1 ------------------------------------------------
 ---------------------------------------------------------------------

 The compiler-6.0.3.1 application can be applied independently of
 other applications on a full OTP 18 installation.

 --- Fixed Bugs and Malfunctions ---

  OTP-14522    Application(s): compiler
               Related Id(s): ERIERL-48

               Fail labels on guard BIFs weren't taken into account
               during an optimization pass, and a bug in the
               validation pass sometimes prevented this from being
               noticed when a fault occurred.


 Full runtime dependencies of compiler-6.0.3.1: crypto-3.6, erts-7.0,
 hipe-3.12, kernel-4.0, stdlib-2.5


 ---------------------------------------------------------------------
 --- eldap-1.2.1.1 ---------------------------------------------------
 ---------------------------------------------------------------------

 The eldap-1.2.1.1 application can be applied independently of other
 applications on a full OTP 18 installation.

 --- Improvements and New Features ---

  OTP-14765    Application(s): eldap, jinterface

               Misc building environment updates


 Full runtime dependencies of eldap-1.2.1.1: asn1-3.0, erts-6.0,
 kernel-3.0, ssl-5.3.4, stdlib-2.0


 ---------------------------------------------------------------------
 --- erts-7.3.1.4 ----------------------------------------------------
 ---------------------------------------------------------------------

 The erts-7.3.1.4 application can be applied independently of other
 applications on a full OTP 18 installation.

 --- Fixed Bugs and Malfunctions ---

  OTP-14491    Application(s): erts

               Fix performance bug in pre-allocators that could cause
               them to permanently fall back on normal more expensive
               memory allocation. Pre-allocators are used for quick
               allocation of short lived meta data used by messages
               and other scheduled tasks. Bug exists since OTP_R15B02.


  OTP-14514    Application(s): erts

               Fixed bug in operator bxor causing erroneuos result
               when one operand is a big *negative* integer with the
               lowest N*W bits as zero and the other operand not
               larger than N*W bits. N is an integer of 1 or larger
               and W is 32 or 64 depending on word size.


  OTP-14548    Application(s): erts
               Related Id(s): ERL-468, OTP-11997

               A timer internal bit-field used for storing scheduler
               id was too small. As a result, VM internal timer data
               structures could become inconsistent when using 1024
               schedulers on the system. Note that systems with less
               than 1024 schedulers are not effected by this bug.

               This bug was introduced in ERTS version 7.0 (OTP 18.0).


  OTP-14590    Application(s): erts
               Related Id(s): ERL-474

               Fixed bug in binary_to_term and binary_to_atom that
               could cause VM crash. Typically happens when the last
               character of an UTF8 string is in the range 128 to 255,
               but truncated to only one byte. Bug exists in
               binary_to_term since ERTS version 5.10.2 (OTP_R16B01)
               and binary_to_atom since ERTS version 9.0 (OTP-20.0).


 Full runtime dependencies of erts-7.3.1.4: kernel-4.0, sasl-2.4,
 stdlib-2.5


 ---------------------------------------------------------------------
 --- ssh-4.2.2.4 -----------------------------------------------------
 ---------------------------------------------------------------------

 Note! The ssh-4.2.2.4 application can *not* be applied independently
       of other applications on an arbitrary OTP 18 installation.

       On a full OTP 18 installation, also the following runtime
       dependency has to be satisfied:
       -- crypto-3.6.3.1 (first satisfied in OTP 18.3.4.5)


 --- Fixed Bugs and Malfunctions ---

  OTP-14763    Application(s): ssh
               Related Id(s): ERIERL-74

               Trailing white space was removed at end of the
               hello-string. This caused interoperability problems
               with some other ssh-implementations (e.g OpenSSH 7.3p1
               on Solaris 11)


 Full runtime dependencies of ssh-4.2.2.4: crypto-3.6.3.1, erts-6.0,
 kernel-3.0, public_key-0.22, stdlib-2.3


 ---------------------------------------------------------------------
 ---------------------------------------------------------------------
 ---------------------------------------------------------------------



Mailto: [hidden email]

Subject: Patch package OTP 18.3.4.6 released

Body: The OTP 18.3.4.6_open_src.README text



*
* Verify that the git tag OTP-18.3.4.6 has been pushed.
*


NOTE: YOU WILL HAVE TO EXPORT THE WEBPAGES:
   exit the otp user shell
   cd /usr/local/otp/releases/PATCHES/ && gmake
   cd ~erlang/www/erlang.se/scripts && ./update_erlang.se PATCHES
   (you need passwd for user 'otpwww')


_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions

smime.p7s (5K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Patch package OTP 18.3.4.6 released

Loïc Hoguin-3
Hello,

On 11/16/2017 12:29 PM, Hans Nilsson R wrote:
> Patch Package:           OTP 18.3.4.6
> Git Tag:                 OTP-18.3.4.6

I thought these tags were not supposed to be announced (that 18.3.4
would, but not 18.3.4.6). Did I miss something?

Asking because I'm tracking patch releases in the ci.erlang.mk plugin[1]
but if you're going to announce these the same way as patch releases
then I probably should track those instead.

[1] https://git.ninenines.eu/ci.erlang.mk.git/tree/early-plugins.mk

>   ---------------------------------------------------------------------
>   ---------------------------------------------------------------------
>   ---------------------------------------------------------------------
>
>
>
> Mailto: [hidden email]
>
> Subject: Patch package OTP 18.3.4.6 released
>
> Body: The OTP 18.3.4.6_open_src.README text
>
>
>
> *
> * Verify that the git tag OTP-18.3.4.6 has been pushed.
> *
>
>
> NOTE: YOU WILL HAVE TO EXPORT THE WEBPAGES:
>     exit the otp user shell
>     cd /usr/local/otp/releases/PATCHES/ && gmake
>     cd ~erlang/www/erlang.se/scripts && ./update_erlang.se PATCHES
>     (you need passwd for user 'otpwww')

What's the password for 'otpwww'? ;-)

Cheers,

--
Loïc Hoguin
https://ninenines.eu
_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions
Reply | Threaded
Open this post in threaded view
|

Re: Patch package OTP 18.3.4.6 released

Lukas Larsson-8
Hello,

On Thu, Nov 16, 2017 at 8:18 PM, Loïc Hoguin <[hidden email]> wrote:
Hello,

On 11/16/2017 12:29 PM, Hans Nilsson R wrote:
Patch Package:           OTP 18.3.4.6
Git Tag:                 OTP-18.3.4.6

I thought these tags were not supposed to be announced (that 18.3.4 would, but not 18.3.4.6). Did I miss something?

When the next major release is released we branch the patch version in order to show that what is being patched in the previous version is not implicitly part of the next version.

So in this case as long as OTP-19.0 was not released we patched OTP-18.3 by adding a third patch numeral and all patches were merged to be part of OTP-19.0.
But when OTP-19.0 was released, all patches released to OTP-18.3 are not implicitly part of OTP-19.0 so we branch the version by adding a fourth numeral.

So for all practical purposes 18.3.4.6 can be seen as 18.3.10, but because we branched the versioning it is possible to deduce which patches on OTP-18.3 that are part of 19.0 and which will be part of later versions of OTP-19.x.

This is a bit confusing at first (at least it was for me...), but it embeds more information into the version numbers which can be useful. There is a description of the versioning scheme here: http://erlang.org/doc/system_principles/versions.html

And then to answer your question, yes we do announce these patches.

We also sometimes do patches on not the tip of a previous major release, i.e. 18.2.3, this would then we 18.2.3.1 or some such. These patches we most likely will not announce. 
 

Asking because I'm tracking patch releases in the ci.erlang.mk plugin[1] but if you're going to announce these the same way as patch releases then I probably should track those instead.

You should definitely track the 18.3.4.x patches, but not the 18.2.x.y patches. The same goes for 19.3.6.x patches, and whatever 20.x.y.z we will end up at.

Lukas

_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions
Reply | Threaded
Open this post in threaded view
|

Re: Patch package OTP 18.3.4.6 released

Loïc Hoguin-3
On 11/17/2017 09:32 AM, Lukas Larsson wrote:>     Asking because I'm
tracking patch releases in the ci.erlang.mk
>     <http://ci.erlang.mk> plugin[1] but if you're going to announce
>     these the same way as patch releases then I probably should track
>     those instead.
>
>
> You should definitely track the 18.3.4.x patches, but not the 18.2.x.y
> patches. The same goes for 19.3.6.x patches, and whatever 20.x.y.z we
> will end up at.

Will do! Thanks.

--
Loïc Hoguin
https://ninenines.eu
_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions
Reply | Threaded
Open this post in threaded view
|

Re: Patch package OTP 18.3.4.6 released

Matwey V. Kornilov-2
In reply to this post by Hans Nilsson R (AL/EAB)
Hi,

By the way, whats about
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10253

I haven't found any mentions that it is fixed in 18.x.


On 16.11.2017 14:29, Hans Nilsson R wrote:

> Patch Package:           OTP 18.3.4.6
> Git Tag:                 OTP-18.3.4.6
> Date:                    2017-11-16
> Trouble Report Id:       OTP-14491, OTP-14514, OTP-14522, OTP-14548,
>                          OTP-14590, OTP-14763, OTP-14765
> Seq num:                 ERIERL-48, ERIERL-74, ERL-468, ERL-474
> System:                  OTP
> Release:                 18
> Application:             compiler-6.0.3.1, eldap-1.2.1.1,
>                          erts-7.3.1.4, ssh-4.2.2.4
> Predecessor:             OTP 18.3.4.5
>
>  Check out the git tag OTP-18.3.4.6, and build a full OTP system
>  including documentation. Apply one or more applications from this
>  build as patches to your installation using the 'otp_patch_apply'
>  tool. For information on install requirements, see descriptions for
>  each application version below.
>
>  ---------------------------------------------------------------------
>  --- compiler-6.0.3.1 ------------------------------------------------
>  ---------------------------------------------------------------------
>
>  The compiler-6.0.3.1 application can be applied independently of
>  other applications on a full OTP 18 installation.
>
>  --- Fixed Bugs and Malfunctions ---
>
>   OTP-14522    Application(s): compiler
>                Related Id(s): ERIERL-48
>
>                Fail labels on guard BIFs weren't taken into account
>                during an optimization pass, and a bug in the
>                validation pass sometimes prevented this from being
>                noticed when a fault occurred.
>
>
>  Full runtime dependencies of compiler-6.0.3.1: crypto-3.6, erts-7.0,
>  hipe-3.12, kernel-4.0, stdlib-2.5
>
>
>  ---------------------------------------------------------------------
>  --- eldap-1.2.1.1 ---------------------------------------------------
>  ---------------------------------------------------------------------
>
>  The eldap-1.2.1.1 application can be applied independently of other
>  applications on a full OTP 18 installation.
>
>  --- Improvements and New Features ---
>
>   OTP-14765    Application(s): eldap, jinterface
>
>                Misc building environment updates
>
>
>  Full runtime dependencies of eldap-1.2.1.1: asn1-3.0, erts-6.0,
>  kernel-3.0, ssl-5.3.4, stdlib-2.0
>
>
>  ---------------------------------------------------------------------
>  --- erts-7.3.1.4 ----------------------------------------------------
>  ---------------------------------------------------------------------
>
>  The erts-7.3.1.4 application can be applied independently of other
>  applications on a full OTP 18 installation.
>
>  --- Fixed Bugs and Malfunctions ---
>
>   OTP-14491    Application(s): erts
>
>                Fix performance bug in pre-allocators that could cause
>                them to permanently fall back on normal more expensive
>                memory allocation. Pre-allocators are used for quick
>                allocation of short lived meta data used by messages
>                and other scheduled tasks. Bug exists since OTP_R15B02.
>
>
>   OTP-14514    Application(s): erts
>
>                Fixed bug in operator bxor causing erroneuos result
>                when one operand is a big *negative* integer with the
>                lowest N*W bits as zero and the other operand not
>                larger than N*W bits. N is an integer of 1 or larger
>                and W is 32 or 64 depending on word size.
>
>
>   OTP-14548    Application(s): erts
>                Related Id(s): ERL-468, OTP-11997
>
>                A timer internal bit-field used for storing scheduler
>                id was too small. As a result, VM internal timer data
>                structures could become inconsistent when using 1024
>                schedulers on the system. Note that systems with less
>                than 1024 schedulers are not effected by this bug.
>
>                This bug was introduced in ERTS version 7.0 (OTP 18.0).
>
>
>   OTP-14590    Application(s): erts
>                Related Id(s): ERL-474
>
>                Fixed bug in binary_to_term and binary_to_atom that
>                could cause VM crash. Typically happens when the last
>                character of an UTF8 string is in the range 128 to 255,
>                but truncated to only one byte. Bug exists in
>                binary_to_term since ERTS version 5.10.2 (OTP_R16B01)
>                and binary_to_atom since ERTS version 9.0 (OTP-20.0).
>
>
>  Full runtime dependencies of erts-7.3.1.4: kernel-4.0, sasl-2.4,
>  stdlib-2.5
>
>
>  ---------------------------------------------------------------------
>  --- ssh-4.2.2.4 -----------------------------------------------------
>  ---------------------------------------------------------------------
>
>  Note! The ssh-4.2.2.4 application can *not* be applied independently
>        of other applications on an arbitrary OTP 18 installation.
>
>        On a full OTP 18 installation, also the following runtime
>        dependency has to be satisfied:
>        -- crypto-3.6.3.1 (first satisfied in OTP 18.3.4.5)
>
>
>  --- Fixed Bugs and Malfunctions ---
>
>   OTP-14763    Application(s): ssh
>                Related Id(s): ERIERL-74
>
>                Trailing white space was removed at end of the
>                hello-string. This caused interoperability problems
>                with some other ssh-implementations (e.g OpenSSH 7.3p1
>                on Solaris 11)
>
>
>  Full runtime dependencies of ssh-4.2.2.4: crypto-3.6.3.1, erts-6.0,
>  kernel-3.0, public_key-0.22, stdlib-2.3
>
>
>  ---------------------------------------------------------------------
>  ---------------------------------------------------------------------
>  ---------------------------------------------------------------------
>
>
>
> Mailto: [hidden email]
>
> Subject: Patch package OTP 18.3.4.6 released
>
> Body: The OTP 18.3.4.6_open_src.README text
>
>
>
> *
> * Verify that the git tag OTP-18.3.4.6 has been pushed.
> *
>
>
> NOTE: YOU WILL HAVE TO EXPORT THE WEBPAGES:
>    exit the otp user shell
>    cd /usr/local/otp/releases/PATCHES/ && gmake
>    cd ~erlang/www/erlang.se/scripts && ./update_erlang.se PATCHES
>    (you need passwd for user 'otpwww')
>
>
>


_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions
Reply | Threaded
Open this post in threaded view
|

Re: Patch package OTP 18.3.4.6 released

Lukas Larsson-8
Hello,

On Tue, Nov 21, 2017 at 2:02 PM, Matwey V. Kornilov <[hidden email]> wrote:
Hi,

By the way, whats about
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10253

I haven't found any mentions that it is fixed in 18.x.


It is fixed in OTP 20.0 as the change required backwards-incompatible changes to the re library.

Lukas

_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions