Erlang/OTP 22.3.4.4

This release of Erlang/OTP can be built from source or installed using pre-built packages for your OS or third-party tools (such as kerl or asdf).

docker run -it erlang:22.3.4.4
Patch Package OTP 22.3.4.4
Git Tag OTP-22.3.4.4
Date 2020-07-22
Issue Id
ERIERL-509
ERIERL-512
System OTP
Release 22
Application

crypto-4.6.5.1 #

The crypto-4.6.5.1 application can be applied independently of other applications on a full OTP 22 installation.

OTP-16771
Application(s):
crypto
Related Id(s):
ERIERL-509

Implemented a workaround to allow fallback from using the EVP API for Diffie-Hellman key generation

Full runtime dependencies of crypto-4.6.5.1: erts-9.0, kernel-5.3, stdlib-3.4

erts-10.7.2.2 #

Note! The erts-10.7.2.2 application *cannot* be applied independently of other applications on an arbitrary OTP 22 installation. On a full OTP 22 installation, also the following runtime dependency has to be satisfied: -- kernel-6.5.1 (first satisfied in OTP 22.2)

OTP-16766
Application(s):
erts
Related Id(s):
ERL-1304

An unintentional reuse of an already used emulator internal event object could cause a wakeup signal to a thread to be lost. In worst case this could cause the runtime system to hang. This hang was however quite rare.

OTP-16772
Application(s):
erts
Related Id(s):
ERL-1304

NIF threads and driver threads on non-Linux systems leaked internal resources when terminating. On Windows these resources were one event per thread. On most other systems one mutex and one condition variable per thread. On these other systems that also lacked pthread_cond_timedwait() also a pipe with its file descriptors was leaked.

Full runtime dependencies of erts-10.7.2.2: kernel-6.5.1, sasl-3.3, stdlib-3.5

ssl-9.6.2.2 #

Note! The ssl-9.6.2.2 application *cannot* be applied independently of other applications on an arbitrary OTP 22 installation. On a full OTP 22 installation, also the following runtime dependency has to be satisfied: -- public_key-1.7.2 (first satisfied in OTP 22.3)

OTP-16764
Application(s):
ssl

Data deliver with ssl:recv/2,3 could fail for when using packet mode. This has been fixed by correcting the flow control handling of passive sockets when packet mode is used.

OTP-16767
Application(s):
ssl
Related Id(s):
ERIERL-512

Fix the internal handling of options 'verify' and 'verify_fun'.

This change fixes a vulnerability when setting the ssl option 'verify' to verify_peer in a continued handshake won't take any effect resulting in the acceptance of expired peer certificates.

Full runtime dependencies of ssl-9.6.2.2: crypto-4.2, erts-10.0, inets-5.10.7, kernel-6.0, public_key-1.7.2, stdlib-3.5