Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update dependency erlang to v27.2.4 #83

Merged
merged 1 commit into from
Feb 22, 2025
Merged

chore(deps): update dependency erlang to v27.2.4 #83

merged 1 commit into from
Feb 22, 2025

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Feb 22, 2025

This PR contains the following updates:

Package Update Change
erlang patch 27.2.2 -> 27.2.4

Release Notes

erlang/otp (erlang)

v27.2.4: OTP 27.2.4

Compare Source

Patch Package:           OTP 27.2.4
Git Tag:                 OTP-27.2.4
Date:                    2025-02-20
Trouble Report Id:       OTP-19438, OTP-19466
Seq num:                 CVE-2025-26618, ERIERL-1173, ERIERL-1180
System:                  OTP
Release:                 27
Application:             snmp-5.18.1, ssh-5.2.7
Predecessor:             OTP 27.2.3

Check out the git tag OTP-27.2.4, and build a full OTP system including
documentation. Apply one or more applications from this build as patches to your
installation using the 'otp_patch_apply' tool. For information on install
requirements, see descriptions for each application version below.

snmp-5.18.1

The snmp-5.18.1 application can be applied independently of other applications
on a full OTP 27 installation.

Fixed Bugs and Malfunctions

  • SNMP Agent transports type (intAgentTransports) was incorrectly not documented
    as a list of transports. Also add a couple of config file generation examples.

    Own Id: OTP-19438
    Related Id(s): ERIERL-1180

Full runtime dependencies of snmp-5.18.1

crypto-4.6, erts-12.0, kernel-8.0, mnesia-4.12, runtime_tools-1.8.14,
stdlib-5.0

ssh-5.2.7

The ssh-5.2.7 application can be applied independently of other applications on
a full OTP 27 installation.

Fixed Bugs and Malfunctions

  • SFTP packets exceeding max packet size are not processed and dropped.

    Own Id: OTP-19466
    Related Id(s): ERIERL-1173, CVE-2025-26618

Full runtime dependencies of ssh-5.2.7

crypto-5.0, erts-14.0, kernel-9.0, public_key-1.6.1, runtime_tools-1.15.1,
stdlib-5.0, stdlib-6.0

v27.2.3: OTP 27.2.3

Compare Source

Patch Package:           OTP 27.2.3
Git Tag:                 OTP-27.2.3
Date:                    2025-02-17
Trouble Report Id:       OTP-19457, OTP-19467, OTP-19486
Seq num:                 ERIERL-1189, ERIERL-1190, PR-9387, PR-9408,
                         PR-9418
System:                  OTP
Release:                 27
Application:             inets-9.3.2, ssl-11.2.8
Predecessor:             OTP 27.2.2

Check out the git tag OTP-27.2.3, and build a full OTP system including
documentation. Apply one or more applications from this build as patches to your
installation using the 'otp_patch_apply' tool. For information on install
requirements, see descriptions for each application version below.

inets-9.3.2

The inets-9.3.2 application can be applied independently of other applications
on a full OTP 27 installation.

Fixed Bugs and Malfunctions

  • Improved robustness of httpd startup procedure.

    Own Id: OTP-19486
    Related Id(s): ERIERL-1190, PR-9408

Full runtime dependencies of inets-9.3.2

erts-14.0, kernel-9.0, mnesia-4.12, public_key-1.13, runtime_tools-1.8.14,
ssl-9.0, stdlib-5.0, stdlib-6.0

ssl-11.2.8

Note! The ssl-11.2.8 application cannot be applied independently of other
applications on an arbitrary OTP 27 installation.

   On a full OTP 27 installation, also the following runtime
   dependency has to be satisfied:
   -- public_key-1.16.4 (first satisfied in OTP 27.1.3)

Fixed Bugs and Malfunctions

  • Setting protocol version to a lower value then supported by default in server
    API function called after ssl:listen/2 could result in wrong default values
    being used and connections failing with insufficient security.

    Own Id: OTP-19457
    Related Id(s): PR-9418

  • Improve error handling of server name indication fun. This implies that if the
    sni_fun returns undefined we will attempt connection with original option
    values, if it returns unrecognized we end the connection with
    UNRECOGNIZED_NAME alert and if provided options fail option verification we
    will end the connection with a HANDSHAKE_FAILURE and an error log.

    Own Id: OTP-19467
    Related Id(s): ERIERL-1189, PR-9387

Full runtime dependencies of ssl-11.2.8

crypto-5.0, erts-15.0, inets-5.10.7, kernel-9.0, public_key-1.16.4,
runtime_tools-1.15.1, stdlib-6.0

Configuration

📅 Schedule: Branch creation - "* * * * 0,6" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot enabled auto-merge February 22, 2025 02:22
@renovate renovate bot force-pushed the renovate/erlang-27.x branch from b372836 to a100d48 Compare February 22, 2025 06:34
@renovate renovate bot merged commit c5bdb6e into main Feb 22, 2025
2 checks passed
@renovate renovate bot deleted the renovate/erlang-27.x branch February 22, 2025 06:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants